setlocale(LC_CTYPE, 'fr_FR.UTF-8'); mb_internal_encoding('UTF-8'); session_start(); include_once '../api/config.php'; include_once '../api/dev.php'; include_once '../api/fonctions.php'; include_once '../api/app.php'; $dev = new dev($mysql_hostname, $mysql_username, $mysql_password, $mysql_database); $json = new jsonapi($json_hostname, $json_port, $json_username, $json_password, $json_salt); $verbinding = @fsockopen($dev->getDvar('game_ip'), $dev->getDvar('game_port'), $errno, $errstr, 1); if (isset($_SESSION['user'])) { if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) { //var_dump($_FILES['avatar_upload']); if ($_FILES['avatar_upload']['type'] == 'image/png' || $_FILES['avatar_upload']['type'] == 'image/jpeg') { if (file_exists('../uploads/avatars/' . $dev->getId($_SESSION['user']['username']) . '.png')) { unlink('../uploads/avatars/' . $dev->getId($_SESSION['user']['username']) . '.png'); } move_uploaded_file($_FILES['avatar_upload']['tmp_name'], '../uploads/avatars/' . $dev->getId($_SESSION['user']['username']) . '.png'); header('Location:./index.php?code=1'); } else { header('Location:./index.php?code=2'); //non-png } } else { unset($_SESSION['user']); header('Location:./'); } } else { header('Location:./'); }
<noscript><meta http-equiv="Refresh" content="0;URL=https://ws.youpass.com/error"></noscript> <script language="Javascript" src="https://ws.youpass.com/access_check/iGIxh7obW2/8yhKOyOzVw"></script> <?php setlocale(LC_CTYPE, 'fr_FR.UTF-8'); mb_internal_encoding('UTF-8'); session_start(); include_once '../api/config.php'; include_once '../api/dev.php'; include_once '../api/fonctions.php'; include_once '../api/app.php'; $dev = new dev($mysql_hostname, $mysql_username, $mysql_password, $mysql_database); if (isset($_SESSION['user'])) { if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) { $dev->setBalance($dev->getId($_SESSION['user']['username']), $dev->getAccountInfo($dev->getId($_SESSION['user']['username']))['balance'] + 1); $dev->addShopHistory($dev->getId($_SESSION['user']['username']), "1", "money_add_shop_1"); echo '<script type="text/javascript">window.location.href="shop_thankyou.php";</script>'; } else { unset($_SESSION['user']); echo '<script type="text/javascript">window.location.href="shop_error.php";</script>'; } } else { echo '<script type="text/javascript">window.location.href="shop_error.php";</script>'; }
<?php session_start(); setlocale(LC_CTYPE, 'fr_FR.UTF-8'); mb_internal_encoding('UTF-8'); include_once '../api/config.php'; include_once '../api/dev.php'; include_once '../api/fonctions.php'; include_once '../api/app.php'; $dev = new dev($mysql_hostname, $mysql_username, $mysql_password, $mysql_database); $admin = false; if (isset($_SESSION['user'])) { if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) { if ($dev->getAdminLevel($dev->getId($_SESSION['user']['username'])) > 6) { $admin = true; } } } if (!$admin) { header('Location: ../index.php'); } ?> <!doctype html> <html> <head> <meta charset="utf-8" /> <link rel="stylesheet" href="./css/style.css" /> <link rel="stylesheet" href="./css/icons.css" /> <script type="text/javascript" src="./js/jquery-2.1.4.js"></script> <script type="text/javascript" src="./js/main.js"/></script> <script>
<?php session_start(); setlocale(LC_CTYPE, 'fr_FR.UTF-8'); mb_internal_encoding('UTF-8'); include_once '../api/config.php'; include_once '../api/dev.php'; include_once '../api/fonctions.php'; include_once '../api/app.php'; $dev = new dev($mysql_hostname, $mysql_username, $mysql_password, $mysql_database); $admin = false; if (isset($_SESSION['user'])) { if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) { if ($dev->getAdminLevel($dev->getId($_SESSION['user']['username'])) > 6) { $admin = true; } } } if (!$admin) { header('Location: ../index.php'); } ?> <!doctype html> <html> <head> <script type="text/javascript" src="./js/jquery-2.1.4.js"></script> <script type="text/javascript" src="./js/codemirror.js"></script> <link rel="stylesheet" href="./css/admin.css" /> <link rel="stylesheet" href="./css/icons.css" /> <link rel="stylesheet" href="./css/codemirror.css" /> <meta charset="utf-8"/>
$json = new jsonapi($json_hostname, $json_port, $json_username, $json_password, $json_salt); if (isset($_GET['from']) && !isset($_POST['from'])) { $from = $_GET['from']; } else { if (!isset($_GET['from']) && isset($_POST['from'])) { $from = $_POST['from']; } else { echo 'error'; header('Location: ./index.php'); } } if ($from == "add") { if ($_POST['send']) { if (isset($_SESSION['user'])) { if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) { if ($dev->getForumAdminLevel($_POST['forum']) <= $dev->getAdminLevel($dev->getId($_SESSION['user']['username']))) { $sql = "INSERT INTO `web_threads`(`id`, `forum_id`, `title`, `uuid_author`, `stucked`, `valid`) VALUES ('" . ($dev->getLastThreadID() + 1) . "','" . $_POST['forum'] . "', '" . utf8_decode(addslashes($_POST['title'])) . "', '" . $dev->getId($_SESSION['user']['username']) . "','0','1');"; $sql2 = "INSERT INTO `web_messages`(`uuid_author`, `content`, `thread_id`) VALUES ('" . $dev->getId($_SESSION['user']['username']) . "', '" . addslashes(utf8_decode($_POST['bbcode_field'])) . "','" . ($dev->getLastThreadID() + 1) . "')"; $db2 = new PDO('mysql:host=' . $mysql_hostname . ';dbname=' . $mysql_database, $mysql_username, $mysql_password); $req2 = $db2->prepare($sql . $sql2); $req2->execute(); //var_dump($req2->errorInfo()); Header(sprintf('Location: ./forum_thread.php?id=%d', $dev->getLastThreadID())); } } else { unset($_SESSION['user']); header('Location: ./index.php'); } } else { header('Location: ./index.php'); }
$verbinding = @fsockopen($dev->getDvar('game_ip'), $dev->getDvar('game_port'), $errno, $errstr, 1); if (isset($_GET['id']) && is_numeric($_GET['id'])) { } else { die('Internal Error'); } if (isset($_SESSION['user'])) { if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) { if ($verbinding) { $db = new PDO('mysql:host=' . $mysql_hostname . ';dbname=' . $mysql_database, $mysql_username, $mysql_password); $sql_req = "SELECT * FROM `web_shop` WHERE `id`=" . $_GET['id'] . ";"; $req = $db->prepare($sql_req); $req->execute(); $req->setFetchMode(PDO::FETCH_ASSOC); if ($req->rowCount() > 0) { $row = $req->fetch(); if ($row['price'] <= $dev->getAccountInfo($dev->getId($_SESSION['user']['username']))['balance']) { if ($json->call('players.name', array($_SESSION['user']['username']))[0]['success']['ip'] != 'offline') { $command = $row['command']; $command = str_replace('[playername]', $_SESSION['user']['username'], $command); $json->call('server.run_command', array($command)); if ($row['command2'] != '') { $cmd2 = str_replace('[playername]', $_SESSION['user']['username'], $row['command2']); $json->call('server.run_command', array($cmd2)); } $dev->setBalance($dev->getId($_SESSION['user']['username']), $dev->getAccountInfo($dev->getId($_SESSION['user']['username']))['balance'] - $row['price']); $dev->addShopHistory($dev->getId($_SESSION['user']['username']), $row['price'], $row['name']); //echo $command; //die('Action effectuée!'); Header('Location: ./shop_thankyou.php?id=' . $row['id']); } else { die('Vous n\'ètes pas connecté au serveur!');
<?php setlocale(LC_CTYPE, 'fr_FR.UTF-8'); mb_internal_encoding('UTF-8'); include_once '../../api/config.php'; include_once '../../api/dev.php'; include_once '../../api/fonctions.php'; $dev = new dev($mysql_hostname, $mysql_username, $mysql_password, $mysql_database); $json = new jsonapi($json_hostname, $json_port, $json_username, $json_password, $json_salt); $source = $_GET['source']; $uuid = $source == 'game' ? $dev->getId($_GET['uuid']) : $_GET['uuid']; $db = new PDO('mysql:host=' . $mysql_hostname . ';dbname=' . $mysql_database, $mysql_username, $mysql_password); $sql_req = "SELECT * FROM `web_friends` WHERE `uuid1`='" . $uuid . "' ORDER BY `status`;"; $req = $db->prepare($sql_req); $req->execute(); $req->setFetchMode(PDO::FETCH_ASSOC); //var_dump($req->errorInfo()); $friends = array(); $asked = array(); $array_default = array(); if ($req->rowCount() > 0) { while ($row = $req->fetch()) { array_push($array_default, $row); if ($row['status'] == 2) { array_push($asked, $row); } else { array_push($friends, $row); } } } switch ($source) {
<li><a href="../register.php" style="float:right;">S\'INSCRIRE</a></li>'; } ?> <div class="clearfix"></div> </ul> </div> <div id="fastlinks"> <a id="link" href="../rules.php">Règlement</a> </div> <div id="nav"> <div style="font-size: 22pt; color: rgb(44, 44, 44);">Bienvenue sur le Shop du serveur!</div> <?php if (isset($_SESSION['user'])) { ?> <div style="font-size: 14pt; color: rgb(44, 44, 44);">Solde actuelle : <?php echo $dev->getAccountInfo($dev->getId($_SESSION['user']['username']))['balance']; ?> €</div> <button id="button" style="padding:2px; font-size:1.1em;border:0;height:inherit;margin-top:5px;" onClick="money_popup();">Ajouter des fonds</button> <?php } $db = new PDO('mysql:host=' . $mysql_hostname . ';dbname=' . $mysql_database, $mysql_username, $mysql_password); $sql_req = "SELECT * FROM `web_shop` ORDER BY length(desc_) DESC;"; $req = $db->prepare($sql_req); $req->execute(); $req->setFetchMode(PDO::FETCH_ASSOC); if ($req->rowCount() > 0) { $array_ret = array(); while ($row = $req->fetch()) { array_push($array_ret, $row); }
if (isset($_POST['id']) && is_numeric($_POST['id'])) { } else { die('Internal Error'); } if (isset($_SESSION['user'])) { if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) { $db = new PDO('mysql:host=' . $mysql_hostname . ';dbname=' . $mysql_database, $mysql_username, $mysql_password); $sql_req = "SELECT * FROM `web_shop` WHERE `id`=" . $_POST['id'] . ";"; $req = $db->prepare($sql_req); $req->execute(); $req->setFetchMode(PDO::FETCH_ASSOC); if ($req->rowCount() > 0) { $row = $req->fetch(); echo '<div id="name" style="margin-left:5px;">Article : ' . $row['name'] . '</div>'; echo '<div id="price" style="margin-left:5px;">Prix : ' . $row['price'] . '€</div>'; echo '</br>'; if ($row['price'] <= $dev->getAccountInfo($dev->getId($_SESSION['user']['username']))['balance']) { echo '<button id="button" style="border:0; font-size:14pt;position:absolute; right:5px; bottom:5px;" onClick="window.location.href=`./shop_process.php?id=' . $row['id'] . '`;">Valider cet achat.</button>'; } else { echo '<div id="error">Votre solde est trop faible pour cet achat !</div>'; } } else { die('Internal Error'); } } else { unset($_SESSION['user']); die('vous devez etre connecté pour effectuer ceci!'); } } else { die('vous devez etre connecté pour effectuer ceci!'); }
<?php session_start(); setlocale(LC_CTYPE, 'fr_FR.UTF-8'); mb_internal_encoding('UTF-8'); include_once '../api/config.php'; include_once '../api/dev.php'; include_once '../api/fonctions.php'; include_once '../api/app.php'; $dev = new dev($mysql_hostname, $mysql_username, $mysql_password, $mysql_database); $admin = false; if (isset($_SESSION['user'])) { if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) { if ($dev->getAdminLevel($dev->getId($_SESSION['user']['username'])) > 6) { $admin = true; if (isset($_POST['bbcode_field'])) { $db = new PDO('mysql:host=' . $mysql_hostname . ';dbname=' . $mysql_database, $mysql_username, $mysql_password); $sql = "INSERT INTO `web_news` (`id`, `title`, `content`, `uuid_author`) VALUES ('', '" . addslashes($_POST['title']) . "', '" . addslashes($_POST['bbcode_field']) . "', '" . $dev->getId($_SESSION['user']['username']) . "');"; $req = $db->prepare($sql); if ($req->execute()) { echo '<div style="z-index:20; position:fixed; top:0; left:0; right:0; bottom:0; background-color: rgba(0,0,0, 0.6);"></div>'; echo '<div style="z-index:999; position:fixed; top:35%;left:35%; right:35%;background-color:#ccc;border:1px solid 1px solid #9da3a6; border-radius:3px; padding:15px;"> <center><h3>News ajoutée</h3></center></br> </br> <center><a href="admin-news.php" class="btn">Retour</a></center> </div>'; } else { echo '<div style="z-index:20; position:fixed; top:0; left:0; right:0; bottom:0; background-color: rgba(0,0,0, 0.6);"></div>'; echo '<div style="z-index:999; position:fixed; top:35%;left:35%; right:35%;background-color:#ccc;border:1px solid 1px solid #9da3a6; border-radius:3px; padding:15px;"> <center><h3>Erreur...</h3></center></br> </br>
$req->setFetchMode(PDO::FETCH_ASSOC); var_dump($req->errorInfo()); if ($req->rowCount() > 0) { $row = $req->fetch(); $sql_confirm = "DELETE FROM `lunar`.`web_friends` WHERE `friendshipID` = '" . $row['friendshipID'] . "';"; $req_confirm = $db->prepare($sql_confirm); $req_confirm->execute(); var_dump($req_confirm->errorInfo()); } break; case 'delete': break; case 'add': //echo $uuid2 . '</br>'; //echo $dev->getID($uuid2) . '</br>'; if ($dev->getId($uuid2) != 'noIDguy') { $uuid2 = $dev->getId($uuid2); if ($uuid1 != $uuid2) { $db = new PDO('mysql:host=' . $mysql_hostname . ';dbname=' . $mysql_database, $mysql_username, $mysql_password); $sql_req = "SELECT * FROM `web_friends` WHERE `uuid2`='" . $uuid2 . "' AND `uuid1`='" . $uuid1 . "';"; $req = $db->prepare($sql_req); $req->execute(); $req->setFetchMode(PDO::FETCH_ASSOC); if (!$req->rowcount() > 0) { // 2 = request // 3 = asked $sql_add = ' INSERT INTO `web_friends`(`uuid1`, `uuid2`, `status`) VALUES (' . $uuid2 . ',' . $uuid1 . ', 2); INSERT INTO `web_friends`(`uuid1`, `uuid2`, `status`) VALUES (' . $uuid1 . ',' . $uuid2 . ', 3);'; $req_add = $db->prepare($sql_add); $req_add->execute();
} else { echo '<div id="forum"> <span class="icon-bubble" id="ico"></span> <span id="title">Aucun sujet épinglé</span></br> <span id="threads">Aucun sujet épinglé</span> </div>'; } ?> </div> </br> <div id="limiter"> Liste des sujets <?php if (isset($_SESSION['user'])) { if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) { if ($dev->getForumAdminLevel($_GET['id']) <= $dev->getAdminLevel($dev->getId($_SESSION['user']['username']))) { echo '<div style="float:right;height:20px;font-size:12px;width:100px;" id="button" onClick="window.location.href=\'./forum_addthread.php?id=' . $_GET['id'] . '\'">Creer un sujet</div>'; } } else { unset($_SESSION['user']); } } ?> </div> <div id="cat"> <?php $db = new PDO('mysql:host=' . $mysql_hostname . ';dbname=' . $mysql_database, $mysql_username, $mysql_password); if (isset($_GET['start']) && is_numeric($_GET['start']) && $_GET['start'] != '0') { $sql_req = "SELECT * FROM `web_threads` WHERE `forum_id`='" . $_GET['id'] . "' AND `stucked` = '0' ORDER BY `date_modified` ASC LIMIT 30 OFFSET %d;"; $sql_req = sprintf($sql_req, $_GET['start'] - 1); } else {
<?php include_once "./api/config.php"; include_once './api/dev.php'; $dev = new dev($mysql_hostname, $mysql_username, $mysql_password, $mysql_database); session_start(); $username = $_POST['register_username']; $password = $_POST['register_pwd2']; $password2 = $_POST['register_pwd']; $email = $_POST['register_email']; if ($dev->getId($username) == "noIDguy") { if ($username != null and $password != null) { if ($password == $password2) { if ($email != null) { $alphabet = "abcdefghijklmnopqrstuwxyzABCDEFGHIJKLMNOPQRSTUWXYZ0123456789"; $sessionID = array(); $alphaLength = strlen($alphabet) - 1; for ($i = 0; $i < 25; $i++) { $n = rand(0, $alphaLength); $sessionID[] = $alphabet[$n]; } $sessionIDimp = implode($sessionID); try { $db = new PDO("mysql:host=" . $mysql_hostname . ";dbname=" . $mysql_database . "", $mysql_username, $mysql_password); $sql = "INSERT INTO `web_accounts` VALUES('', '" . $sessionIDimp . "', '" . $username . "', '" . sha1(md5($password)) . "', '" . $email . "', 'Unknown','0', '0');"; //echo $sql; $req = $db->prepare($sql); $req->execute(); $user = array("username" => $username, "password" => sha1(md5($password)), "session_id" => $sessionIDimp); $_SESSION['user'] = $user; echo "<script type='text/javascript'>document.location.replace('index.php');</script>"; } catch (Exception $e) {
</tr> </table> </div>'; } } if (isset($_SESSION['user'])) { if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) { if ($dev->getForumAdminLevel($dev->getThreadByIDv2($_GET['id'])['forum_id']) <= $dev->getAdminLevel($dev->getID($_SESSION['user']['username']))) { echo '<div id="news"> <div style="font-size: 18pt; color: rgb(44, 44, 44); margin: 5px;">Répondre a ce sujet.</div> <table style="width:100%; margin:5px; margin-bottom:10px;"> <tr> <td style="width:12%; vertical-align:top;"> <div id="profileholder"> <div id="avatar">'; if (file_exists('../uploads/avatars/' . $dev->getId($_SESSION['user']['username']) . '.png')) { echo '<img src="../uploads/avatars/' . $dev->getId($_SESSION['user']['username']) . '.png" style="width:90%; margin:2.5%;"/>'; } else { echo '<img src="../uploads/avatars/default.png" style="width:90%; margin:2.5%;"/>'; } echo ' </div> </div> </td> <td style="vertical-align:top; padding:10px;padding-top:0;"> <form action="forum_process.php" method="POST"> <input type="hidden" name="from" value="add_msg" /> <input type="hidden" name="thread_id" value="' . $_GET['id'] . '" /> <textarea name="bbcode_field" style="height:300px;width:600px;width: 100%;-webkit-box-sizing: border-box;-moz-box-sizing: border-box; box-sizing: border-box; padding:5px; border:1px solid #ccc; border-radius:3px;" placeholder="Contenu du post (bbcode activé !)"></textarea> <input type="submit" id="button" Value="Envoyer" style="border:none;" />
<?php if (isset($_SESSION['user'])) { if ($dev->isConnected($_SESSION['user']['username'], $_SESSION['user']['password'], $_SESSION['user']['session_id'])) { ?> <div id="friend_add" style="position:fixed;bottom:30px;padding:5px;background-color:rgba(255,0,0,0.5); right:10px;height:25px;width:170px;z-index:999;display:none;"> <input type="text" id="friend_add_text" placheHolder="Joueur" style="border:1px solid #ccc;border-radius:2px;width:120px;float:left;padding:5px;"/> <button id="button" style="border:0;height:27px;width:30px;float:left;margin-left:2px;font-size:0.8em;" onClick="addFriendShip(<?php echo $dev->getID($_SESSION['user']['username']) + 1457; ?> )">Ok</button> </div> <div id="friends"> Liste d'amis <div id="buttonadd" onClick="add_friend()"></div> <div id="button" onClick="friends(<?php echo $dev->getId($_SESSION['user']['username']); ?> )"></div> </div> <div id="friendslist"> <div style="font-size:1em;color:#333;margin-top:20px;text-align:center;font-weight:bold;">Chargement</div> <span class="icon-dice" style=" font-size:4em; color:#333; position:absolute; top:15%; left:35%; -webkit-animation:spin 1.25s ease-in-out; -moz-animation:spin 1.25s ease-in-out; animation:spin 1.25s ease-in-out;" ></span>