Beispiel #1
0
<?php

if (basename($_SERVER["PHP_SELF"]) == "banner.php") {
    die("403 - Access Forbidden");
}
if ($_SESSION['admin']) {
    if (!isset($_POST['url'])) {
        echo "<h2 class=\"text-left\">Site Banner</h2><hr/>\n\t\t<p>Many sites have a banner at the top of the page to make the website more personalized. There is not a default image size, but you may want to play around with some sizes to see what you like.</p>\n\t\t<p>To upload an image, please go to <a href=\"http://www.imgur.com\">imgur.com</a>, and then enter in the image url below. The URL will look like this: i.imgur.com/abcdefghi.jpg. Of course, you may use any other website to host your image.</p><hr/>\n\t\t<form method=\"post\">\n\t\t\t<div class=\"form-group\">\n\t\t\t\t<label for=\"inputURL\">Banner URL</label>\n\t\t\t\t<input type=\"text\" class=\"form-control\" name=\"url\" id=\"inputURL\" placeholder=\"Enter image URL\" value=\"" . $banner . "\">\n\t\t\t</div>\n\t\t\t<hr/>\n\t\t\t<button type=\"submit\" class=\"btn btn-primary\" required>Submit &raquo;</button>\n\t\t</form>\n\t\t";
    } else {
        $url = mysql_escape($_POST["url"]);
        $mysqli->query("UPDATE " . $prefix . "properties SET banner='{$url}'");
        echo "<div class=\"alert alert-success\">Successfully updated banner.</div>";
        redirect_wait5("?base=admin");
    }
} else {
    redirect("?base");
}
Beispiel #2
0
<?php

if (basename($_SERVER["PHP_SELF"]) == "character.php") {
    die("403 - Access Forbidden");
}
if (isset($_GET['n'])) {
    $getchar = $mysqli->real_escape_string($_GET['n']);
    $getchar = preg_replace("/[^A-Za-z0-9_]/", '', $getchar);
    # Escape and Strip
    $checkchar = $mysqli->query("SELECT * from characters WHERE name = '" . $getchar . "'");
    $countchar = $checkchar->num_rows;
    if ($countchar == 1) {
        $c = $checkchar->fetch_assoc();
        echo "<h2 class=\"text-left\">Character Info</h2><hr/>";
        echo "\n\t\t<div class=\"row\">\n\t\t<div class=\"col-md-6 col-md-offset-3\">\n\t\t\t<div class=\"well\">\n\t\t\t\t<h3 class=\"text-center\"> " . $c['name'] . "</h3>\n\t\t\t\t<hr/>\n\t\t\t\t<img src=\"" . $siteurl . "assets/img/GD/create.php?name=" . $c['name'] . "\" alt=\"" . $c['name'] . "\" class=\"avatar img-responsive\" style=\"margin: 0 auto;\">\n\t\t\t\t<hr/>\n\t\t\t\t<b>Job:</b> " . $c['job'] . "<br/>";
        if ($servertype == 1) {
            echo "<b>Rebirths:</b> " . $c['reborns'] . "<br/>";
        }
        echo "\t<b>Level:</b> " . $c['level'] . "<br/>\n\t\t\t\t<b>EXP:</b> " . $c['exp'] . "<br/>\n\t\t\t</div>\n\t\t</div>\n\t\t</div>";
    } else {
        echo "<div class=\"alert alert-danger\">This character doesn't exist!</div>";
        redirect_wait5("?base=main");
    }
} else {
    echo "<div class=\"alert alert-danger\">This character doesn't exist!</div>";
    redirect_wait5("?base=main");
}
Beispiel #3
0
    if (!isset($_POST['url'])) {
        if ($bgfixed == 1) {
            $bgfixedcheck = "checked";
        } else {
            $bgfixedcheck = "";
        }
        if ($bgcenter == "center") {
            $bgcentercheck = "checked";
        } else {
            $bgcentercheck = "";
        }
        if ($bgcover == 1) {
            $bgcovercheck = "checked";
        } else {
            $bgcovercheck = "";
        }
        echo "<h2 class=\"text-left\">Site Background</h2><hr/>\n\t\t<p>Many sites have a background to make the website more personalized. There is not a default image size, but you may want to play around with some sizes to see what you like.</p>\n\t\t<p>To upload an image, please go to <a href=\"http://www.imgur.com\">imgur.com</a>, and then enter in the image url below. The URL will look like this: i.imgur.com/abcdefghi.jpg. Of course, you may use any other website to host your image.</p><hr/>\n\t\t<form method=\"post\">\n\t\t\t<div class=\"form-group\">\n\t\t\t\t<label for=\"inputURL\">Background URL</label>\n\t\t\t\t<input type=\"text\" class=\"form-control\" name=\"url\" id=\"inputURL\" placeholder=\"Enter image URL\" value=\"" . $background . "\">\n\t\t\t</div>\n\t\t\t<div class=\"form-group\">\n\t\t\t\t<label for=\"inputURL\">Background Color (Hex)</label>\n\t\t\t\t<input type=\"text\" class=\"form-control color\" name=\"bgcolor\" id=\"inputURL\" placeholder=\"Enter Background Color\" value=\"" . $bgcolor . "\">\n\t\t\t\t<span class=\"help-block\">Your background color must look like this: 000000<br/>To look up hex colors, click the input box above.</span>\n\t\t\t</div>\n\t\t\t<div class=\"form-group\">\n\t\t\t\t<label for=\"repeatStyle\">Background Repeat</label>\n\t\t\t\t<select class=\"form-control\" name=\"bgrepeat\" id=\"repeatStyle\">\n\t\t\t\t\t<option value=\"no-repeat\">No Repeat</option>\n\t\t\t\t\t<option value=\"repeat\">Repeat Both Directions</option>\n\t\t\t\t\t<option value=\"repeat-x\">Repeat Horizontally</option>\n\t\t\t\t\t<option value=\"repeat-y\">Repeat Vertically</option>\n\t\t\t\t</select>\n\t\t\t\t<span class=\"help-block\">Background images can repeat horizontally, vertically, both, or none.</span>\n\t\t\t</div>\n\t\t\t<div class=\"checkbox\">\n\t\t\t\t<label>\n\t\t\t\t\t<input type=\"checkbox\" name=\"bgcenter\" value=\"1\" {$bgcentercheck}>Center Background (Yes)\n\t\t\t\t</label>\n\t\t\t</div>\n\t\t\t<span class=\"help-block\">Background images can be centered.</span>\n\t\t\t<div class=\"checkbox\">\n\t\t\t\t<label>\n\t\t\t\t\t<input type=\"checkbox\" name=\"bgfixed\" value=\"1\" {$bgfixedcheck}>Fixed Background (Yes)\n\t\t\t\t</label>\n\t\t\t</div>\t\t\t\t\n\t\t\t<span class=\"help-block\">Background images can be fixed (won&#39;t scroll).</span>\n\t\t\t<div class=\"checkbox\">\n\t\t\t\t<label>\n\t\t\t\t\t<input type=\"checkbox\" name=\"bgcover\" value=\"1\" {$bgcovercheck}>Fit Background to Screen (Yes)\n\t\t\t\t</label>\n\t\t\t</div>\t\t\t\t\n\t\t\t<span class=\"help-block\">Background images can be resized to fit the browser window.</span>\n\t\t\t<hr/>\n\t\t\t<button type=\"submit\" class=\"btn btn-primary\" required>Submit &raquo;</button>\n\t\t</form>\n\t\t";
    } else {
        $url = mysql_escape($_POST["url"]);
        $bgcolor = mysql_escape($_POST["bgcolor"]);
        $bgrepeat = mysql_escape($_POST["bgrepeat"]);
        $bgcenter = mysql_escape(isset($_POST["bgcenter"]));
        $bgfixed = mysql_escape(isset($_POST["bgfixed"]));
        $bgcover = mysql_escape(isset($_POST["bgcover"]));
        $mysqli->query("UPDATE " . $prefix . "properties SET background = '{$url}', bgcolor = '{$bgcolor}', bgrepeat = '{$bgrepeat}', bgcenter = '{$bgcenter}', bgfixed = '{$bgfixed}', bgcover = '{$bgcover}'");
        echo "<div class=\"alert alert-success\">Successfully updated background.</div>";
        redirect_wait5("?base=admin&page=background");
    }
} else {
    redirect("?base");
}
Beispiel #4
0
                        }
                        if (isset($_POST['mute'])) {
                            $muted = 1;
                        } else {
                            $muted = 0;
                        }
                        if (isset($err)) {
                            echo "<hr/><button onclick=\"goBack()\" class=\"btn btn-primary\">&laquo; Go Back</button>";
                        }
                        if ($_POST['password'] == "" && !isset($err)) {
                            $mysqli->query("UPDATE accounts SET email = '" . $email . "', " . $colnx . " = '" . $nx . "', " . $colvp . " = '" . $vp . "', gm = '" . $gm . "', webadmin = '" . $webadmin . "', mute = '" . $muted . "' WHERE name = '" . $user . "'");
                            echo "<div class=\"alert alert-success\">" . $user . " successfully edited</div>";
                            redirect_wait5("?base=admin&page=manageaccounts&action=view&user="******"");
                        } elseif (!isset($err)) {
                            $mysqli->query("UPDATE accounts SET password = '******', email = '" . $email . "', " . $colnx . " = '" . $nx . "', " . $colvp . " = '" . $vp . "', gm = '" . $gm . "', webadmin = '" . $webadmin . "', mute = '" . $muted . "' WHERE name = '" . $user . "'");
                            echo "<div class=\"alert alert-success\">" . $user . " successfully edited</div>";
                            redirect_wait5("?base=admin&page=manageaccounts&action=view&user="******"");
                        }
                    }
                } else {
                    echo "\n\t\t\t\t\t<h2 class=\"text-left\">Error</h2><hr/>\n\t\t\t\t\t<div class=\"alert alert-danger\">This user doesn't exist!</div>";
                    redirect_wait5("?base=admin&page=manageaccounts");
                }
            }
        } else {
            redirect("?base=admin");
        }
    }
} else {
    redirect("?base=main");
}
Beispiel #5
0
                echo "Please provide more information.";
            } else {
                $insertComment = $mysqli->query("INSERT INTO " . $prefix . "tcomments (ticketid, user, content, date_com)\n\t\t\t\t\t\t\tVALUES " . "('" . $_GET['a'] . "', '" . $_SESSION['pname'] . "', '" . $postComment . "', '" . date('F d - g:i A') . "')") or die(mysql_error());
                $insertComment = $mysqli->query("UPDATE " . $prefix . "tickets SET date = '" . date('F d - g:i A') . "' WHERE ticketid = '" . sql_sanitize($_GET['a']) . "'") or die(mysql_error());
                if ($insertComment) {
                    echo "<meta http-equiv=\"refresh\" content=\"0; url=\"/>";
                } else {
                    echo "There was an error processing your update. Please notify the admin.";
                }
            }
        }
        if (isset($_POST['close'])) {
            $closeTicket = $mysqli->query("UPDATE " . $prefix . "tickets SET status = 0 WHERE ticketid = '" . sql_sanitize($_GET['a']) . "'");
            if ($closeTicket) {
                echo "<br/><div class=\"alert alert-success\">This ticket was successfully closed! You will be redirected in five seconds.</div>";
                redirect_wait5("?base=admin&amp;page=ticket");
            }
        }
    }
} else {
    redirect("?base");
}
?>
<script>
<?php 
if (isset($_SESSION['id'])) {
    ?>
CKEDITOR.replace( 'ticketDetails', {
    allowedContent: 'b i u li ol ul blockquote anchor hr small'
});
$(function() {
Beispiel #6
0
            if (empty($spcap)) {
                echo '<div class="alert alert-danger">Enter a player cap.</div>';
                $stop = "true";
                redirect_wait5("?base=admin&page=properties");
            }
        }
        if ($stop == "false") {
            if (empty($sgmlevel)) {
                echo '<div class="alert alert-danger">Enter a level for GMs.</div>';
                $stop = "true";
                redirect_wait5("?base=admin&page=properties");
            }
        }
        if ($stop == "false") {
            $mquery = "UPDATE " . $prefix . "properties SET name='{$sservername}', type = '{$sservertype}', client='{$sclient}', server = '{$sserver}', forumurl='{$sforumurl}', siteurl = '{$ssiteurl}', exprate='{$sexp}', mesorate='{$smeso}', droprate='{$sdrop}', version='{$sversion}', flood='{$floodp}', floodint='{$floodi}', pcap='{$spcap}', gmlevel='{$sgmlevel}'";
            $exec = $mysqli->query($mquery);
            echo "<h2 class=\"text-left\">Success</h2><hr/><div class=\"alert alert-success\">Configuration Updated</div>";
            redirect_wait5("?base=admin&page=properties");
        }
    } elseif ($do == "") {
        include 'assets/config/properties.php';
        $flooddefault = "\n\t\t\t<option value=\"0\">Off</option>\n\t\t\t<option value=\"1\" selected>On</option>";
        if ($baseflood == 0) {
            $flooddefault = "\n\t\t\t<option value=\"0\" selected>Off</option>\n\t\t\t<option value=\"1\">On</option>";
        }
        $sadefault = "\n\t\t\t<option value=\"0\" selected>Yes</option>\n\t\t\t<option value=\"1\">No</option>";
        echo "\n\t\t<script>\n\$('#myTab a').click(function (e) {\n  e.preventDefault();\n  \$(this).tab('show');\n})\n</script>\n<h2 class=\"text-left\">Site Configuration</h2><hr/>\n<ul id=\"myTab\" class=\"nav nav-tabs\">\n\t<li class=\"active\"><a href=\"#mainconfig\" data-toggle=\"tab\">Site</a></li>\n\t<li><a href=\"#links\" data-toggle=\"tab\">Links</a></li>\n\t<li><a href=\"#info\" data-toggle=\"tab\">Game Info</a></li>\n\t<li><a href=\"#comment\" data-toggle=\"tab\">Comments</a></li>\n</ul>\n<form method='post' action='?base=admin&amp;page=properties&amp;do=submit'>\n<div id=\"myTabContent\" class=\"tab-content\">\n<div class=\"tab-pane fade in active\" id=\"mainconfig\">\n<br/>\n\t<div class=\"form-group\">\n\t\t<label for=\"serverName\">Server Name</label>\n\t\t<input name=\"servername\" type=\"text\" maxlength=\"100\" class='form-control' id=\"serverName\" value=\"" . $servername . "\" required/>\n\t</div>\n\t<div class=\"form-group\">\n\t\t<label for=\"gmLevel\">GM Level for Panel Access</label>\n\t\t<input name=\"gmlevel\" type=\"text\" maxlength=\"100\" class='form-control' id=\"gmLevel\" value=\"" . $gmlevel . "\" required/>\n\t</div>\n\t<div class=\"form-group\">\n\t\t<label for=\"siteURL\">Site Path <span class=\"label label-danger\">IMPORTANT. NEEDS TRAILING SLASH</span></label>\n\t\t<input name=\"siteurl\" type=\"text\" maxlength=\"100\" class='form-control' id=\"siteURL\" value=\"" . $siteurl . "\" required/>\n\t\t<span class=\"help-block\">/ indicates the root directory. /base/ indicates that base has been installed in a folder called base. You <b>must</b> use a trailing slash</span>\t\t\t\n\t</div>\t\n</div>\n\n<div class=\"tab-pane fade\" id=\"links\">\n\t<br/>\n\t<div class=\"form-group\">\n\t\t<label for=\"forumURL\">Forum URL</label>\n\t\t<input name=\"forumurl\" type=\"text\" maxlength=\"100\" class='form-control' id=\"forumURL\" value=\"" . $forumurl . "\" required/>\n\t</div>\t\n\t<div class=\"form-group\">\n\t\t<label for=\"clientLink\">Client Link</label>\n\t\t<input name=\"client\" type=\"text\" maxlength=\"100\" class='form-control' id=\"clientLink\" value=\"" . $client . "\" required/>\n\t</div>\n\t<div class=\"form-group\">\n\t\t<label for=\"setupLink\">Setup Link</label>\n\t\t<input name=\"server\" type=\"text\" maxlength=\"100\" class='form-control' id=\"setupLink\" value=\"" . $server . "\" required/>\n\t</div>\n</div>\n\n<div class=\"tab-pane fade\" id=\"info\">\n\t<br/>\n\t<div class=\"form-group\">\n\t<label for=\"serverVersion\">Server Version</label>\n\t\t<input name=\"version\" type=\"text\" maxlength=\"6\" class='form-control' id=\"serverVersion\" value=\"" . $version . "\" required/>\n\t</div>\n\t<div class=\"form-group\">\n\t\t<label for=\"serverType\">Server Type</label>\n\t\t\t<select name=\"servertype\" class=\"form-control\">\n\t\t\t\t<option value=\"1\" " . $rebirths . ">Rebirth</option>\n\t\t\t\t<option value=\"0\" " . $levels . ">Level</option>\n\t\t\t</select>\n\t</div>\n\t<div class=\"form-group\">\n\t\t<label for=\"expRate\">Experience Rate</label>\n\t\t<input name=\"exprate\" type=\"text\" maxlength=\"10\" class='form-control' id=\"expRate\" value=\"" . $exprate . "\" required/>\n\t</div>\t\n\t<div class=\"form-group\">\n\t\t<label for=\"mesoRate\">Meso Rate</label>\n\t\t<input name=\"mesorate\" type=\"text\" maxlength=\"10\" class='form-control' id=\"mesoRate\" value=\"" . $mesorate . "\" required/>\n\t</div>\t\n\t<div class=\"form-group\">\n\t\t<label for=\"dropRate\">Drop Rate</label>\n\t\t<input name=\"droprate\" type=\"text\" maxlength=\"10\" class='form-control' id=\"dropRate\" value=\"" . $droprate . "\" required/>\n\t</div>\n\t<div class=\"form-group\">\n\t\t<label for=\"playerCap\">Player Cap</label>\n\t\t<input name=\"pcap\" type=\"text\" maxlength=\"20\" class='form-control' id=\"playerCap\" value=\"" . $pcap . "\" required/>\n\t</div>\n</div>\n<div class=\"tab-pane fade\" id=\"comment\">\n\t<br/>\n\t<div class=\"form-group\">\n\t<label for=\"floodPrevention\">Comment Flood Prevention</label> <small>Forces users to wait an interval inbetween comments.</small>\n\t\t<select name=\"floodp\" class=\"form-control\" id=\"floodPrevention\">\n\t\t\t\t" . $flooddefault . "\n\t\t</select>\n\t</div>\n\t<div class=\"form-group\">\n\t\t<label for=\"postingInterval\">Posting Interval</label> <small>Amount of time in <b>minutes</b> between comments</small>\n\t\t<input name=\"floodi\" type=\"text\" maxlength=\"10\" class='form-control' id=\"postingInterval\" value=\"" . $basefloodint . "\" required/>\n\t</div>\n</div>\n</div>\n<input type='submit' name='submit' value='Update &raquo;' class=\"btn btn-primary btn-large\"/>\n</form>";
    }
} else {
    redirect("?base");
}