<?php require_once('Connections/DO.php'); ?> <?php if (!

isset($_SESSION)) { @session_start(); } $MM_authorizedUsers = ""; $MM_donotCheckaccess = "true"; // *** Restrict Access To Page: Grant or deny access to this page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { // For security, start by assuming the visitor is NOT authorized. $isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. // Therefore, we know that a user is NOT logged in if that Session variable is blank. if (!empty($UserName)) { // Besides being logged in, you may restrict access to only certain users ba sed on an ID established when they login. // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { $isValid = true; } // Or, you may restrict access to only certain users based on their username . if (in_array($UserGroup, $arrGroups)) { $isValid = true; } if (($strUsers == "") && true) { $isValid = true; } } return $isValid; } $MM_restrictGoTo = "index.php"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_POST']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) $MM_referrer .= "?" . $QUERY_STRING; $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($ MM_referrer); header("Location: ". $MM_restrictGoTo); exit; } ?> <?php $colname_Cuenta = "-1"; if (isset($_SESSION['MM_Username'])) { $colname_Cuenta = (get_magic_quotes_gpc()) ? $_SESSION['MM_Username'] : addsla shes($_SESSION['MM_Username']); } mysql_select_db($database_DO, $DO); $query_Cuenta = sprintf("SELECT * FROM cuentas WHERE usuario = '%s'", $colname_C

uenta); $Cuenta = mysql_query($query_Cuenta, $DO) or die(mysql_error()); $row_Cuenta = mysql_fetch_assoc($Cuenta); $totalRows_Cuenta = mysql_num_rows($Cuenta); // Variables de sesion $_SESSION['MM_servidor'] = $row_Cuenta['servidor']; $_SESSION['MM_rango'] = $row_Cuenta['rango']; $colname_Servidores = "-1"; if (isset($row_Cuenta['servidor'])) { $colname_Servidores = (get_magic_quotes_gpc()) ? $row_Cuenta['servidor'] : add slashes($row_Cuenta['servidor']); } mysql_select_db($database_DO, $DO); $query_Servidores = sprintf("SELECT * FROM servidores WHERE id = %s", $colname_S ervidores); $Servidores = mysql_query($query_Servidores, $DO) or die(mysql_error()); $row_Servidores = mysql_fetch_assoc($Servidores); $totalRows_Servidores = mysql_num_rows($Servidores); $colname_Rangos = "-1"; if (isset($row_Cuenta['rango'])) { $colname_Rangos = (get_magic_quotes_gpc()) ? $row_Cuenta['rango'] : addslashes ($row_Cuenta['rango']); } mysql_select_db($database_DO, $DO); $query_Rangos = sprintf("SELECT * FROM rangos WHERE id = %s", $colname_Rangos); $Rangos = mysql_query($query_Rangos, $DO) or die(mysql_error()); $row_Rangos = mysql_fetch_assoc($Rangos); $totalRows_Rangos = mysql_num_rows($Rangos); $colname_Mapas = "-1"; if (isset($row_Cuenta['mapa'])) { $colname_Mapas = (get_magic_quotes_gpc()) ? $row_Cuenta['mapa'] : addslashes($ row_Cuenta['mapa']); } mysql_select_db($database_DO, $DO); $query_Mapas = sprintf("SELECT * FROM mapas WHERE mapid = %s", $colname_Mapas); $Mapas = mysql_query($query_Mapas, $DO) or die(mysql_error()); $row_Mapa = mysql_fetch_assoc($Mapas); $totalRows_Mapas = mysql_num_rows($Mapas); $ip = $_SERVER['REMOTE_ADDR']; $fechaActual = date('Y-m-d'); $updateSQL = sprintf("UPDATE cuentas SET lastIP=%s,ultimaConexion=%s WHERE id=%s ", GetSQLValueString($ip, "text"), GetSQLValueString($fechaActual, "text"), GetSQLValueString($row_Cuenta['id'], "int")); mysql_select_db($database_DO, $DO); $Result1 = mysql_query($updateSQL, $DO) or die(mysql_error()); //Sistema de TOP 10 Ranking mysql_select_db($database_DO, $DO); function mostrarRanking() { $result = mysql_query("SELECT * FROM cuentas ORDER BY honor DESC LIMIT 0, 10 "); $nombre = "undefined"; $honor = 0; $pos = 0;

while($rs = mysql_fetch_array($result)) { if($rs[32] == 21)continue; $pos += 1; if($rs[1] != null)$nombre = $rs[1]; if($rs[33] != null)$honor = $rs[33]; echo "<tr>"; echo "<td>$pos.</td>"; echo "<td class='table_ranking_center fliess10px-gelb'><b>$nombre</b></t d>"; echo "<td class='table_ranking_right'>$honor </td>"; echo "</tr>"; } } ?> <?php //Otras variables if($row_Cuenta['premium'] == 0){ $premium = "No"; }else{ $premium = "Si"; } //EMPRESAS if($row_Cuenta['empresa']) $titulo_empresa = ""; switch($row_Cuenta['empresa']) { case 1: $titulo_empresa = "MMO"; break; case 2: $titulo_empresa = "EIC"; break; case 3: $titulo_empresa = "VRU"; break; } ?> <?php if (!isset($_GET['action'])) { $_GET['action'] = null; } switch($_GET['action']) { case 'internalDock': include("internalDock.php"); break; case 'internalMapRevolution': include("internalMapRevolution.php"); break; case 'internalDockEquipment': include("internalDockEquipment.php"); break; case 'internalPilotSheet': include("internalPilotSheet.php"); break; case 'internalHandel': include("internalHandel.php"); break; case 'internalClan':

include("internalClan2.php"); break; default: ?> <?php include("includes/head.tpl"); ?> <?php include("includes/variables.php"); ?> <style type="text/css" media="screen"> le> <link rel="stylesheet" media="all" href="css/internalStart.css" /> <link rel="stylesheet" media="all" href="css/window.css" /> <link rel="stylesheet" media="all" href="css/window_alert.css" /> <script language="javascript"> var CDN = "<?php echo $SERVIDOR; ?>"; </script> <script type="text/javascript" src="js/prototype.js"></script> <script type="text/javascript" src="js/scriptaculous.js"></script> <script type="text/javascript" src="js/do_extensions.js"></script> <script type="text/javascript" src="js/window.js"></script> <script type="text/javascript" src="js/tooltip.js"></script> <script type="text/javascript" src="js/tooltipPilotSheet.js"></script> <script type="text/javascript" src="js/livepipe.js"></script> <script type="text/javascript" src="js/scrollbar.js"></script> <script type="text/javascript" src="js/scroller.js"></script> <script type="text/javascript" src="js/customSelect.js"></script> <script type="text/javascript" src="http://code.jquery.com/jquery-1.4.4.min. js"></script> <script type="text/javascript" src="js/jquery.mousewheel.js"></script> <script type="text/javascript" src="js/jquery.jscrollpane.min.js"></script> <script type="text/javascript" src="js/custom-form-elements.js"></script> <script type="text/javascript" src="js/jquery.flashembed.js"></script> <script type="text/javascript" src="js/doExtensions.js"></script> <script src="js/function.js" type="text/javascript"></script> <script type="text/javascript">jQuery.noConflict();</script> @import "css/darkorbit.css"; </sty

<script type="text/javascript"> // remote scripting library // (c) copyright 2005 modernmethod, inc var sajax_debug_mode = false; var sajax_request_type = "POST"; var sajax_target_id = ""; var sajax_failure_redirect = ""; function sajax_debug(text) { if (sajax_debug_mode) alert(text); } function sajax_init_object() { sajax_debug("sajax_init_object() called..") var A; var msxmlhttp = new Array( 'Msxml2.XMLHTTP.5.0', 'Msxml2.XMLHTTP.4.0', 'Msxml2.XMLHTTP.3.0', 'Msxml2.XMLHTTP',

'Microsoft.XMLHTTP'); for (var i = 0; i < msxmlhttp.length; i++) { try { A = new ActiveXObject(msxmlhttp[i]); } catch (e) { A = null; } } if(!A && typeof XMLHttpRequest != "undefined") A = new XMLHttpRequest(); if (!A) sajax_debug("Could not create connection object."); return A; } var sajax_requests = new Array(); function sajax_cancel() { for (var i = 0; i < sajax_requests.length; i++) sajax_requests[i].abort(); } function sajax_do_call(func_name, args) { var i, x, n; var uri; var post_data; var target_id; sajax_debug("in sajax_do_call().." + sajax_request_type + "/" + saja x_target_id); target_id = sajax_target_id; if (typeof(sajax_request_type) == "undefined" || sajax_request_type == "") sajax_request_type = "GET"; uri = "/sajaxAPI.php?sid=<?php echo session_id(); ?>"; if (sajax_request_type == "GET") { if (uri.indexOf("?") == -1) uri += "?rs=" + escape(func_name); else uri += "&rs=" + escape(func_name); uri += "&rst=" + escape(sajax_target_id); uri += "&rsrnd=" + new Date().getTime(); for (i = 0; i < args.length-1; i++) uri += "&rsargs[]=" + escape(args[i]); post_data = null; } else if (sajax_request_type == "POST") { post_data = "rs=" + escape(func_name); post_data += "&rst=" + escape(sajax_target_id); post_data += "&rsrnd=" + new Date().getTime(); for (i = 0; i < args.length-1; i++) post_data = post_data + "&rsargs[]=" + escape(args[i]); } else {

alert("Illegal request type: " + sajax_request_type); } x = sajax_init_object(); if (x == null) { if (sajax_failure_redirect != "") { location.href = sajax_failure_redirect; return false; } else { sajax_debug("NULL sajax object for user agent:\n" + navigato r.userAgent); return false; } } else { x.open(sajax_request_type, uri, true); // window.open(uri); sajax_requests[sajax_requests.length] = x; if (sajax_request_type == "POST") { x.setRequestHeader("Method", "POST " + uri + " HTTP/1.1"); x.setRequestHeader("Content-Type", "application/x-www-form-u rlencoded"); } x.onreadystatechange = function() { if (x.readyState != 4) return; sajax_debug("received " + x.responseText); var status; var data; var txt = x.responseText.replace(/^\s*|\s*$/g,""); status = txt.charAt(0); data = txt.substring(2);