static function Init() { if (User::login_check(Query::$mysqli) == true) { $u = Query::query('SELECT * FROM Players WHERE PlayerID=' . $_SESSION['user_id'])->fetch_assoc(); User::Set('id', $u['PlayerID']); User::Set('AvatarType', $u['AvatarType']); User::Set('Username', $u['Username']); } }
public function main() { //loadLanguageFile('play'); include '../lang/English.php'; include '../lang/sk/play.php'; /*if (isset($_GET['name'])) { $seo_url = mysql_secure($_GET['name']); $result = $mysqli->query('SELECT * FROM tbl_games WHERE seo_url ='.$seo_url);// AND published=1 } else { $result = $mysqli->query('SELECT * FROM tbl_games WHERE game_id ='.$id);// AND published=1 }*/ $result = Query::query('SELECT * FROM Games WHERE GameID =' . $this->request[0]); // AND published=1 $game_exists = $result->num_rows; if ($game_exists != 0) { if (isset($_COOKIE['ava_username'])) { $show = 1; } } else { // Game not found header("HTTP/1.0 404 Not Found"); include 'includes/misc/404.php'; exit; } Query::query('UPDATE Games SET Plays = Plays+1 WHERE GameID = ' . $this->request[0]); Query::query('UPDATE Games SET PlaysM = PlaysM+1 WHERE GameID = ' . $this->request[0]); Query::query('UPDATE Games SET PlaysW = PlaysW+1 WHERE GameID = ' . $this->request[0]); $row2 = $result->fetch_assoc(); $id = $row2['GameID']; //$game = $row2; $this->set('id', $row2['GameID']); $this->set('site_url', Settings::Get('site_url')); $this->set('game_id', $row2['GameID']); $this->set('plays', $row2['Plays']); $this->set('content', $row2['Content']); $this->set('scores', $row2['Scores']); $this->set('width', $row2['Width']); $this->set('height', $row2['Height']); $this->set('type', $row2['Type']); $this->set('title', $row2['Title']); $this->set('name', Utils::getTranslation($row2['Key'], "TITLE", $row2['Title'])); $this->set('description', Utils::getTranslation($row2['Key'], "DESC", $row2['Desc'])); $this->set('instruction', Utils::getTranslation($row2['Key'], "INSTR", $row2['Instr'])); if ($row2['Type'] == 'swf' && Settings::Get('fullscreen_mode') == 1) { $this->set('full_screen_url', '<a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ResizeFlash(' . $row2['Height'] . ', ' . $row2['Width'] . '); return false"><img src="/boxarcade/img/tool_fullscreen.jpg"/></a>'); } else { $this->set('full_screen_url', '<a href="' . Settings::Get('site_url') . '/full_screen.php?id=' . $id . '"><img src="/boxarcade/img/tool_fullscreen.jpg"/></a>'); } //if ($user['login_status'] != 0) { if (1 == 0) { $this->set('rating', round(Query::query('SELECT rating FROM tbl_games WHERE game_id = ' . $id)->fetch_row()[0])); $this->set('user_rated', Query::query('SELECT COUNT(*) as Num FROM tbl_votes WHERE user_id=' . $user['id'] . ' AND game_id=' . $id)->fetch_row()[0]); } else { $this->set('rating', 0); $this->set('user_rated', 0); } $row_cat = Query::query('SELECT catName FROM tbl_game_categories WHERE catID=' . $row2['CatID'])->fetch_assoc(); $this->set('catID', $row2['CatID']); $this->set('category', $row_cat['catName']); $this->set('date_added', Utils::FormatDate($row2['DateAdded'], 'date')); $this->set('image_url', Utils::GameImageUrl(Utils::TitleToFile($row2['Title']) . "." . $row2['Type'], 1, Utils::TitleToFile($row2['Title']))); // Favorite game button $this->set('login_status', 1); //if ($user['login_status'] == 1) { //if(1==0) { if (User::login_check(Query::$mysqli) == true) { $user_id = $_SESSION['user_id']; $user_fav_yet = Query::query('SELECT COUNT(user_id) FROM favorites WHERE user_id=' . $user_id . ' AND game_id=' . $id)->fetch_row()[0]; if ($user_fav_yet >= 1) { $this->set('fav_game', '<a id="favo" href="' . $_SERVER['REQUEST_URI'] . '#" onclick="EditFav(' . $row2['GameID'] . ', 1,\'' . Settings::Get('site_url') . '\', \'<img src="/boxarcade/img/tool-unfavorite.jpg" />\', \'<img src="/boxarcade/img/tool-favorite.jpg" />\', ' . $user_id . ' ); return false"><img src="/boxarcade/img/tool-unfavorite.jpg"/></a>'); } else { $this->set('fav_game', '<a id="favo" href="' . $_SERVER['REQUEST_URI'] . '#" onclick="EditFav(' . $row2['GameID'] . ', 0,\'' . Settings::Get('site_url') . '\', \'<img src="/boxarcade/img/tool-unfavorite.jpg" />\', \'<img src="/boxarcade/img/tool-favorite.jpg" />\', ' . $user_id . ' ); return false"><img src="/boxarcade/img/tool-favorite.jpg"/></a>'); } } else { $this->set('fav_game', '<a href="' . Settings::Get('site_url') . '/index.php?task=login"><img src="/boxarcade/img/tool-favorite.jpg"/></a>'); } // Report game button if (Settings::Get('report_permissions') == "1" || Settings::Get('report_permissions') == "2") { //&& $user['login_status'] == 1) { $this->set('report_game', '<a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ShowPopup(\'ava-popup\', \'' . Settings::Get('site_url') . '/includes/overlays/report.php?id=' . $row2['GameID'] . '\', \'' . GAME_REPORT . '\'); return false"><img src="/boxarcade/img/tool-report.png"/></a>'); } $this->set('report_bug', '<a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ShowPopup(\'ava-popup\', \'' . Settings::Get('site_url') . '/includes/overlays/report.php?id=' . $row2['GameID'] . '\', \'Bug Report\'); return false"><img src="/boxarcade/img/tool-bug.jpg"/></a>'); $this->set('send', '<a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ShowPopup(\'ava-popup\', \'' . Settings::Get('site_url') . '/includes/overlays/send_game.php?id=' . $row2['GameID'] . '\', \'Send Game\'); return false"><img src="/boxarcade/img/tool-send.jpg"/></a>'); // Define the overall rating for use in the template $this->set('rating_image', ''); //GenerateRating(3); //$row2['rating']); // Define the 'new rating' section for the template if (isset($_COOKIE["ava_username"]) || 42 == 42) { } else { $this->set('new_rating_form', GAME_LOGIN_TO_RATE); } // If admin is logged in, show admin options //if ($user['admin'] == 1) { if (1 == 0) { $this->set('admin_options', '<a href="' . $setting['site_url'] . '/admin/?task=manage_games#id=' . $id . '"><img src=".' . $setting['template_url'] . '/images/edit.gif"/></a>'); } else { $this->set('admin_options', ''); } $did = $row2['DevID']; $usr = Query::query('SELECT username, id, usrAvatarType, seo_url FROM tbl_users WHERE id=' . $did . ' LIMIT 1')->fetch_assoc(); $this->set('user_avatar', Utils::getAvatar($usr['id'], $usr['usrAvatarType'])); //'uploads/avatars/' . $usr['id'] . $usr['usrAvatarType']; $this->set('user_name', $usr['username']); $this->set('profile', Utils::ProfileUrl($usr['id'], $usr['seo_url'])); $this->set('show', '$show'); $this->set('admin', ''); //$user['admin']; $this->set('login_status', ''); //$user['login_status']; //EmbedGame // Does this game have an advert set? /*if (/* $row2['advert_id'] *42 == 1) $ad_id = $setting['default_ad']; else $ad_id = 2; //$row2['advert_id'];*/ $ad_id = 2; // Is the user supposed to see the ad? if (Settings::Get('user_ads') == 1) { if ($user['login_status'] == 1) { $user_show_ad = 0; } else { $user_show_ad = 1; } } else { if (Settings::Get('user_ads') == 2) { if ($user['admin'] == 1) { $user_show_ad = 0; } else { $user_show_ad = 1; } } else { $user_show_ad = 1; } } if (defined("PRELOAD_INFO")) { $plm = PRELOAD_INFO; $cts = CLICK_TO_SKIP; } else { $plm = 'Advertisement: Your game is loading'; $cts = 'click here to skip'; } $this->set('ad_id', $ad_id); $this->set('skip_ads', Settings::Get('skip_ads')); $this->set('user_show_ad', $user_show_ad); $this->set('plm', $plm); $this->set('cts', $cts); // Resize flash if required if (isset($template['max_game_width']) && $width > $template['max_game_width']) { $gWidth = $row2['Width']; $gHeight = $row2['Height']; $h1 = $template['max_game_width'] / $gWidth; $h2 = $gHeight * $h1; $width = $template['max_game_width']; $height = $h2; } else { $width = $row2['Width']; $height = $row2['Height']; } $this->set('width', $width); $this->set('height', $height); //$this->set('type', $this->request['type']); //$this->set('title', $this->request['title']); $this->set('relgames', Game::getRelatedGames($id)); $this->set('comments', Comment::getComments($id)); $this->render("Pages/View"); }
function create_user($nick, $password) { global $settings; $user = new User(); $tmp = $user->login_check($nick, $password); if (!$tmp) { return false; } setcookie($settings->cookie, base64_encode(sprintf('%d!%s', $user->id, $tmp)), time() + 86400, '/'); return true; }
<?php include '../../../lib/sqlquery.class.php'; include '../../../lib/newmodel.class.php'; include '../../../app/models/Query.php'; include '../../../app/models/Settings.php'; include '../../../app/models/User.php'; include '../../../app/models/Utils.php'; $query = new SQLQuery(); $query->connect('localhost', 'root', '', 'boxarcade'); Settings::Init(); include '../../../lang/' . Settings::Get('language') . '.php'; User::sec_session_start(); User::Init(); $userid = intval($_SESSION['user_id']); if (User::login_check(Query::$mysqli) == true) { //$get_comment = Query::query("SELECT * FROM tbl_comments WHERE id='" . $_POST['id'] . "'")->fetch_assoc(); //Query::query("UPDATE tbl_users SET comments = comments - 1, points = points - $setting[points_comment] WHERE id='" . $get_comment['user'] . "'")->fetch_assoc(); $result = Query::query("DELETE FROM tbl_comments WHERE id='" . $_POST['id'] . "'"); echo $_POST['id']; echo 'Success'; } else { exit; }
public function main() { //loadLanguageFile('play'); //include '../lang/English.php'; include '../lang/English.php'; $username = $this->request[0]; if (isset($this->request[1]) && $this->request[1] == 'update') { if (!empty($_FILES['img_file']) && $_FILES['img_file']['error'] == 0) { include 'includes/code/upload_avatar.php'; } $location = Utils::secure($_POST['usr']['loc']); $about = Utils::secure($_POST['usr']['bio']); $website = Utils::secure($_POST['usr']['site']); $pass = str_replace(' ', '', $_POST['usr']["pas"]); $id = $_SESSION['user_id']; Query::query("UPDATE Players SET Location='{$location}', About='{$about}', Website='{$website}' WHERE PlayerID='{$id}'") or die(mysql_error()); if ($pass != '') { echo 'PW Changes'; $password = md5($_POST['new_password']); setcookie("ava_code", $password); Query::query("UPDATE tbl_users SET password='******' WHERE id='{$id}'") or die(mysql_error()); } echo '<div id="error_message">' . PROFILE_UPDATED . "</div>"; $this->request[1] = 'edit'; } if (isset($this->request[1]) && $this->request[1] == 'edit') { if (User::login_check(Query::$mysqli) == true) { $row = Query::query('SELECT * FROM Players WHERE Username=\'' . $username . '\' LIMIT 1')->fetch_assoc(); $email = $row['Email']; $location2 = $row['Location']; $about2 = $row['About']; $website2 = $row['Website']; if ($row['AvatarType'] != '') { $avatar = $row['AvatarType']; } else { $avatar = 'default.png'; } } else { echo "You can only edit your own profile!"; } $this->set('id', $row['PlayerID']); $this->set('email', $email); $this->set('website2', $website2); $this->set('location2', $location2); $this->set('about2', $about2); $this->set('username', $username); if ($row['AvatarType'] == '') { $this->set('avatar', 'uploads/avatars/default.png'); } else { $this->set('avatar', 'uploads/avatars/' . $row['PlayerID'] . $row['AvatarType']); } $this->render("Pages/ProfileEdit"); } else { //id, comments, plays, ratings /*if (isset($_GET['name'])) { $seo_url = mysql_secure($_GET['name']); $sql = Query::query('SELECT * FROM tbl_users WHERE seo_url='.$seo_url.' LIMIT 1'); } else { $sql = Query::query('SELECT * FROM tbl_users WHERE id='.$id.' LIMIT 1'); }*/ $sql = Query::query('SELECT * FROM Players WHERE Username=\'' . $username . '\' LIMIT 1'); $user_exists = $sql->num_rows; if ($user_exists != 1) { header("HTTP/1.0 404 Not Found"); include 'includes/misc/404.php'; exit; } $row = $sql->fetch_assoc(); $profile = array(); $this->set('name', $row['Username']); $id = $row['PlayerID']; if ($row['Location'] == '') { $this->set('location', PROFILE_NO_INFO); } else { $this->set('location', $row['Location']); } if ($row['Website'] == '') { $this->set('website', PROFILE_NO_INFO); } else { $this->set('website', $row['Website']); } if ($row['Website'] == '') { $this->set('website_link', PROFILE_NO_INFO); } else { $this->set('website_link', '<a href="' . $row['Website'] . '">' . $row['Website'] . '</a>'); } if ($row['About'] == '') { $this->set('about', PROFILE_NO_INFO); } else { $this->set('about', $row['About']); } if ($row['Interests'] == '') { $this->set('interests', PROFILE_NO_INFO); } else { $this->set('interests', $row['Interests']); } if ($row['AvatarType'] == '') { $this->set('avatar', 'uploads/avatars/default.png'); } else { $this->set('avatar', 'uploads/avatars/' . $row['PlayerID'] . $row['AvatarType']); } //$profile['comments'] = $mysqli->query('SELECT COUNT(*) FROM '.$tp.'comments WHERE user='******'utils', ''); $this->set('id', $row['PlayerID']); $this->set('plays', $row['Plays']); $this->set('comment_count', $row['Comments']); $this->set('ratings', $row['Ratings']); if ($row['Points'] == '') { $this->set('points', 0); } else { $this->set('points', $row['Points']); } $this->set('admin', $row['Admin']); $this->set('join_date', $row['Joined']); $this->set('isdev', $row['Developer']); if (isset($_SESSION['user_id']) && $id == $_SESSION['user_id']) { $this->set('button1', '<a href="profile/' . $username . '/edit">' . PROFILE_EDIT . '</a>'); } else { $this->set('button1', '<a href="boxarcade/?task=send_message&id=' . $id . '">' . PROFILE_SEND_MESSAGE . '</a>'); } // Check if user is friend //if (($user['login_status'] == 1) && ($id != $user['id'])) { if (1 == 0) { $is_friend = $mysqli->query('SELECT * FROM ' . $tp . 'friends WHERE user1 = ' . $user['id'] . ' AND user2 =' . $id); if ($is_friend->num_rows) { $profile['button2'] = '<div id="friend_button"><a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ManageFriend(' . $row['id'] . ', \'delete_friend\', \'profile\');return false">UNFRIEND</a></div>'; } else { $request_pending = $mysqli->query('SELECT * FROM ' . $tp . 'friend_requests WHERE from_user ='******' AND to_user ='******'button2'] = '<div id="friend_button"><a href="' . $_SERVER['REQUEST_URI'] . '#">REQUEST_SENT</a></div>'; } else { $profile['button2'] = '<div id="friend_button"><a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ManageFriend(' . $row['id'] . ', \'send_request\', \'profile\');return false">ADD_FRIEND</a></div>'; } } } else { $this->set('button2', ''); } // If admin is logged in, show admin options //if ($user['admin'] == 1) { if (1 == 1) { $this->set('admin_edit', '<a href="admin/?task=manage_users#id=' . $id . '">Edit user</a>'); } else { $this->set('admin_edit', ''); } $result = Query::query('SELECT * FROM favorites f, Games g WHERE GameID=f.game_id AND f.user_id=' . $row['PlayerID'] . ' LIMIT 16'); $favs = $result->num_rows; $vars = array(); if ($favs == 0) { echo PROFILE_NO_FAVS; } else { while ($rows = $result->fetch_assoc()) { $file = Utils::TitleToFile($rows['Title']); $game['gameTitle'] = $rows['Title']; $game['gameDesc'] = $rows['Desc']; $game['url'] = 'view/' . $rows['GameID']; $game['image_url'] = "games/img/" . $file . ".png"; //Utils::FileToGameImageURL($file, "png"); array_push($vars, $game); } } $this->set('games', $vars); $result = Utils::query('SELECT * FROM tbl_badges as b, tbl_badge_relations as br WHERE b.badge_id=br.badge_id AND user_id=' . $row['PlayerID'] . ' LIMIT 6'); $favs = $result->num_rows; $vars = array(); if ($favs == 0) { echo PROFILE_NO_FAVS; } else { while ($rows = $result->fetch_assoc()) { $g = Utils::query('SELECT * from tbl_games WHERE game_id=' . $rows['game_id'])->fetch_assoc(); $file = Utils::TitleToFile($g['title']); $game['gameTitle'] = $g['title']; $game['title'] = $rows['name']; $game['game'] = $g['title']; $game['score'] = $rows['points']; $game['gameDesc'] = $rows['desc']; $game['url'] = Utils::GameUrl($g['game_id']); $game['image_url'] = $rows['image']; array_push($vars, $game); } } $this->set('badges', $vars); $vars = array(); /*if ($_GET['task'] == 'profile') { $result = $this->request['utils']->con->query('SELECT * FROM tbl_comments WHERE user='******' ORDER BY id DESC LIMIT 8'); } else { $result = $this->request['utils']->con->query('SELECT * FROM tbl_comments WHERE user='******' ORDER BY id DESC'); }*/ $result = Utils::query('SELECT * FROM tbl_comments WHERE user='******'PlayerID'] . ' ORDER BY id DESC LIMIT 8'); $total_results = $result->num_rows; if ($total_results == 0) { echo $row['Username'] . ' ' . PROFILE_NO_COMMENTS; } else { while ($row = $result->fetch_assoc()) { $game = Utils::query('SELECT * FROM Games WHERE GameID=' . $row['link_id'] . ' LIMIT 1')->fetch_assoc(); $comment['the_comment'] = nl2br($row['comment']); $comment['game_name'] = $game['Title']; $comment['date'] = $row['date']; $comment['game_url'] = 'view/' . $game['GameID']; //Utils::GameUrl($game['game_id']); ///$comment['game_img'] = Utils::FileToGameImageURL(Utils::TitleToFile($game['Title']), "png"); $file = Utils::TitleToFile($game['Title']); $comment['game_img'] = "games/img/" . $file . ".png"; if (1 == 1) { $comment['admin_options'] = ' <a href="admin/index.php?action=delete_comment&id=' . $row['id'] . '&link_id=' . $game['GameID'] . '"><img src="admin/images/delete.png" align="absmiddle" /></a>'; } array_push($vars, $comment); } } $this->set('comments', $vars); $this->render("Pages/Profile"); } }
/** Main Call Function **/ function callHook() { if (isset($_GET['url'])) { $url = $_GET['url']; } else { $url = "index"; } // Create the model factory $query = new SQLQuery(); $query->connect('localhost', 'root', '', 'boxarcade'); //$modelFactory = new ModelFactory($query); $settings = new Settings(); $login_check = 99; User::sec_session_start(); User::Init(); if (User::login_check(Query::$mysqli) == true) { $xuserid = intval($_SESSION['user_id']); $sql = Query::query("SELECT * FROM Players WHERE PlayerID={$xuserid}"); $get_user_info = $sql->fetch_assoc(); $user = array('usrLang' => $get_user_info['Language'], 'username' => $get_user_info['Username'], 'id' => intval($_SESSION['user_id']), 'points' => $get_user_info['Points'], 'login_status' => 1, 'messages' => $get_user_info['Messages'], 'seo_url' => $get_user_info['Username']); $user['ip'] = User::secure($_SERVER['REMOTE_ADDR']); // If not avatar, try to get one from fb or set a default if ($get_user_info['AvatarType'] == '') { $user['avatar'] = 'uploads/avatars/default.png'; } else { $user['avatar'] = 'uploads/avatars/' . $get_user_info['PlayerID'] . $get_user_info['AvatarType']; } $user['url'] = '/boxarcade/profile/' . $get_user_info['Username']; $user['message_url'] = 'messages'; $user['admin'] = $get_user_info['Admin']; $login_check = 1; // Update the user IP if this is a new session if (!isset($_COOKIE['ava_iptrack'])) { Query::query("UPDATE Players SET LastIP = '{$user['ip']}' WHERE PlayerID = {$user['id']}") or die(mysql_error()); setcookie("iptrack", '1'); } } else { $user['login_status'] = 0; $user['admin'] = 0; } // Prep the controller name and the query string $urlArray = explode("/", $url); $controller = ucwords($urlArray[0]); array_shift($urlArray); $queryString = array_merge($urlArray, $_POST, $_GET); // Call the header controller $h = new Header($modelFactory, [], true); call_user_func_array(array($h, 'main'), [$login_check, $user]); // Call the page controller $dispatch = new $controller($modelFactory, $queryString, false); call_user_func_array(array($dispatch, 'main'), [$user]); // If an action was sent, call the appropriate function in the controller if (isset($queryString['action']) && !empty($queryString['action'])) { if (is_string($queryString['action'])) { $method = $queryString['action']; } else { if (is_array($queryString['action'])) { list($a_key, $a_val) = each($_POST['action']); $method = 'btn' . ucwords($a_key) . '_Clicked'; } } if (method_exists($dispatch, $method) && is_callable(array($dispatch, $method))) { call_user_func_array(array($dispatch, $method), []); } else { header("HTTP/1.0 404 Not Found"); } } // Call the footer controller $f = new Footer($modelFactory, [], true); call_user_func_array(array($f, 'main'), []); }