public function showProfileForm($szUsername)
{
$userData = core::$sql->fetchArray("select * from srcms_userprofiles where JID='" . user::accountJIDbyUsername($szUsername) . "'");
$genderSelector = null;
$publicProfileSelector = null;
if ($userData['gender'] == '0') {
$genderSelector = "<option value='0' selected>Male</option>\r\n\t<option value='1'>Female</option>";
} else {
$genderSelector = "<option value='0'>Male</option>\r\n\t<option value='1' selected>Female</option>";
}
if ($userData['ispublic'] == '1') {
$publicProfileSelector = "<option value='1' selected>Yes</option>\r\n\t<option value='0'>No</option>";
} else {
$publicProfileSelector = "<option value='1'>Yes</option>\r\n\t<option value='0' selected>No</option>";
}
echo "\r\n\t<table id='table-3' border='0' cellpadding='0' cellspacing='0'>\r\n\t<form method='post'>\r\n\t<td>Username</td><td>{$_SESSION['username']}</td><tr/>\r\n\t<td>Gender</td>\r\n\t<td>\r\n\t<select name='gender'>\r\n\t{$genderSelector}\r\n\t</select>\r\n\t</td>\r\n\t<tr/>\r\n\t<td>Avatar url</td><td><input type='text' name='avatar' value='{$userData['avatar']}'></td><tr/>\r\n\t<td>Avatar</td><td><img src='{$userData['avatar']}'></img></td><tr/>\r\n\t<td>Skype</td><td><input type='text' name='skype' value='{$userData['skype']}'></td><tr/>\r\n\t<td>MSN</td><td><input type='text' name='msn' value='{$userData['msn']}'></td><tr/>\r\n\t<td>Show profile to public</td><td>\r\n\t<select name='ispublic'>\r\n\t{$publicProfileSelector}\r\n\t</select>\r\n\t</td>\r\n\t";
if ($core->aConfig['allowRefferals'] == 1) {
echo "<tr/><td>Refferal link</td><td>\r\n\t<a href='" . $core->aConfig['url'] . "?pg=reg&ref={$_SESSION['username']}'>" . $core->aConfig['url'] . "?pg=reg&ref={$_SESSION['username']}</a></td>";
}
echo "\r\n\t<tr/>\r\n\t<td></td><td><input type='submit' name='submit' value='Save'></td>\r\n\r\n\t</form>\r\n\r\n\t</table>\r\n\t";
}
<?php
$userRank = core::$sql->getRow("select whois from srcms_userprofiles where JID='" . user::accountJIDbyUsername($_SESSION[username]) . "'");
if ($userRank != "admin") {
echo "NOT ADMIN";
return;
}
switch ($_GET['act']) {
case 'news':
if (!isset($_GET['subact'])) {
echo "<a href='?pg=admin&act=news&subact=add'><b>Add</b></a><br/>\r\n\t\t\t\t <a href='?pg=admin&act=news&subact=del'><b>Delete</b></a><br/>\r\n\t\t\t\t <a href='?pg=admin&act=news&subact=edit'><b>Edit</b></a><br/>";
} else {
switch ($_GET['subact']) {
case 'add':
if (!isset($_POST['submit']) && !isset($_POST['title'])) {
echo "<table id='table-3' border='1' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t\t\t<td>Title</td><td><input type='text' name='title'></td><tr/>\r\n\t\t\t\t\t\t\t\t\t<td>Text</td><td><textarea id = 'textBox' name='textBox' rows='5' cols='100'>Type your message here</textarea></td><tr/>\r\n\t\t\t\t\t\t\t\t\t<td></td><td><input type='submit' name='submit' value='Add'></td>\r\n\t\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t\t </table><br/>\r\n\t\t\t\t\t\t\t \r\n\t\t\t\t\t\t\t <script>CKEDITOR.replace( 'textBox' );</script>\r\n\t\t\t\t\t\t\t \r\n\t\t\t\t\t\t\t ";
} else {
$szTitle = security::toHTML($_POST['title']);
//$szText = misc::applyAttributesToText($_POST['textBox']);
$szText = stripslashes(security::toHTML($_POST['textBox']));
core::$sql->exec("insert into srcms_news(title,content,author,time) values('{$szTitle}','{$szText}','{$_SESSION['username']}','" . misc::getDateTime() . "')");
echo "News article added.<br/>";
misc::redirect('?pg=admin&act=news', 1);
}
break;
case 'del':
if (isset($_GET['id'])) {
$nID = (int) $_GET['id'];
if (core::$sql->numRows("select * from srcms_news where id='{$nID}'") > 0) {
core::$sql->exec("delete from srcms_news where id='{$nID}'");
core::$sql->exec("delete from srcms_newscomments where newsID='{$nID}'");
<?php
if (isset($_GET['username']) && security::isSecureString($_GET['username'], 3)) {
$userData = core::$sql->fetchArray("select * from srcms_userprofiles where JID='" . user::accountJIDbyUsername($_GET['username']) . "'");
if ($userData['ispublic'] == '1') {
user::viewProfile($_GET['username']);
//send msg there too
} else {
user::viewProfile($_GET['username']);
//send msg there too
}
} else {
echo "No username specified, or username contains forbidden symbols.<br/>";
}
if ($core->aConfig['allowEpinSystem'] == 0) {
echo "This module is currently disabled.<br/>";
break;
} else {
if (!isset($_POST['code']) && !isset($_POST['sure'])) {
echo "<table id='table-3' border='1' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t\t\t\t<td><input type='text' name='code' value='type your EPIN code here'></td><tr/>\r\n\t\t\t\t\t\t\t\t\t\t<td><center><input type='submit' name='submit' value='Use'></center></td>\r\n\t\t\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t\t\t\t</table>";
} else {
$nCodeNumber = (int) $_POST['code'];
if (core::$sql->numRows("select * from srcms_epin where code='{$nCodeNumber}'") > 0) {
$aPinData = core::$sql->exec("select * from srcms_epin where code='{$nCodeNumber}'");
$aPinData = mssql_fetch_array($aPinData);
if (!isset($_POST['sure'])) {
echo "Do you really want to use this code ? It will give you [{$aPinData['silkAmount']}] silk.<br/>\r\n\t\t\t\t\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t\t\t\t\t<input type='hidden' name='code' value='{$nCodeNumber}'>\r\n\t\t\t\t\t\t\t\t\t\t\t<input type='submit' name='sure' value='Yes'>\r\n\t\t\t\t\t\t\t\t\t\t\t</form><br/>";
misc::back();
} else {
core::$sql->exec("update SK_Silk set silk_own=(silk_own + {$aPinData['silkAmount']}) where JID='" . user::accountJIDbyUsername($_SESSION['username']) . "'");
//delete used code
core::$sql->exec("delete from srcms_epin where code='{$nCodeNumber}'");
echo "You got your [{$aPinData['silkAmount']}] silk.";
misc::redirect('?pg=ucp&act=epin', 1);
}
} else {
echo "Invalid EPIN code ! Please, try again.<br/>";
misc::back();
}
}
}
break;
default:
echo "Invalid module name specified.<br/>";
break;
}
echo "\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t";
if ($core->aConfig['allowMyProfile'] == 1) {
echo "<td><a href='./?pg=ucp&act=myprofile'>My profile</a></td>";
}
if ($core->aConfig['allowRefferals'] == 1) {
echo "<td><a href='./?pg=ucp&act=refferals'>My refferals</a></td>";
}
echo "\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t";
if ($core->aConfig['allowEpinSystem'] == 1) {
echo "<td><a href='./?pg=ucp&act=epin'>Use EPIN</a><br></td>";
}
echo "<td><a href='./?pg=emailreplace'>Change Email</a></td>";
if ($core->aConfig['allowMailbox'] == 1) {
echo "<a href='./?pg=ucp&act=mailbox'>Mailbox ";
$myJID = user::accountJIDbyUsername($_SESSION['username']);
$nMsgCountUnread = core::$sql->numRows("select * from srcms_privatemessages where receiver='{$myJID}' and viewed='0'");
$nMsgCountRead = core::$sql->numRows("select * from srcms_privatemessages where receiver='{$myJID}' and viewed='1'");
$nMsgCount = core::$sql->numRows("select * from srcms_privatemessages where receiver='{$myJID}'");
$msgText = "";
if ($nMsgCountUnread > 0) {
$msgText = "[<b>{$nMsgCount} / " . $core->aConfig['maxPrivMsg'] . "]</a></b>";
} else {
$msgText = "[{$nMsgCount} / " . $core->aConfig['maxPrivMsg'] . "]</a>";
}
}
echo "{$msgText}\r\n\t<br />\t<td><a href='./?pg=ucp&act=logout'>Logout</a></td>\r\n\t\t</tr>\r\n</table>\r\n\t";
} else {
if ($_POST['submit'] != 'login') {
ucp::showLoginForm();
} else {
}
} else {
if (user::accountExists($_POST['username']) == 1) {
echo "This username is already taken.";
} else {
core::$sql->exec("insert into TB_User(StrUserID,password,sec_content,sec_primary, email) values('{$_POST['username']}','" . md5($_POST['pass1']) . "','3','3','{$_POST['email']}')");
$nJID = user::accountJIDbyUsername($_POST['username']);
$szAvatarDefault = $core->aConfig['url'] . "img/noavatar.png";
core::$sql->exec("insert into srcms_userprofiles(JID,gender,skype,msn,avatar,whois, ispublic) values('{$nJID}','0','None','None','{$szAvatarDefault}','user','1')");
core::$sql->exec("insert into SK_Silk(JID,silk_own,silk_gift,silk_point) values('{$nJID}','" . $core->aConfig['startSilk'] . "','0','0')");
if (isset($_SESSION['ref'])) {
if ($_SESSION['ref'] == $_SESSION['username']) {
echo "<br/>You can't be refferer for your own account (but account created).<br/>";
return;
}
$reffererJID = user::accountJIDbyUsername($_SESSION['ref']);
if ($reffererJID > 0) {
$nRefIPs = core::$sql->numRows("select * from srcms_refferals where IP='" . $_SERVER[REMOTE_ADDR] . "'");
if ($nRefIPs < $core->aConfig['maxRefAccIP']) {
$datetime = gmDate('Y-m-d H:i:s');
core::$sql->exec("insert into srcms_refferals(reffererJID,invitedUserJID,time,ip) values('{$reffererJID}','{$nJID}','{$datetime}','{$_SERVER['REMOTE_ADDR']}')");
unset($_SESSION['ref']);
}
}
}
$sName = $core->aConfig['serverName'];
mail($_POST['email'], "Thanks for registering at {$sName}", "Thanks for registering at {$sName}, we really hope you will have a great fun playing here.", "From:noreply {$sName}");
echo "Account successfully registered.";
misc::redirect("?pg=news", 2);
}
}
public static function viewProfile($szUsername)
{
$userData = core::$sql->fetchArray("select * from srcms_userprofiles where JID='" . user::accountJIDbyUsername($szUsername) . "'");
$gender = null;
if ($userData['gender'] == '0') {
$gender = "Male";
} else {
$gender = "Female";
}
$szRank = core::$sql->getRow("select whois from srcms_userprofiles where JID='" . user::accountJIDbyUsername($szUsername) . "'");
$szRank = user::getRankText($szRank);
echo "\r\n\t\t\t\t<table id='table-3' border='1' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t<td>Username</td><td>{$szUsername}</td><tr/>\r\n\t\t\t\t\t<td>Rank</td><td>{$szRank}</td><tr/>\r\n\t\t\t\t\t<td>Gender</td><td>{$gender}</td><tr/>\r\n\t\t\t\t\t<td>Avatar</td><td><img src='{$userData['avatar']}'></img></td><tr/>\r\n\t\t\t\t\t<td>Skype</td><td>{$userData['skype']}</td><tr/>\r\n\t\t\t\t\t<td>MSN</td><td>{$userData['msn']}</td><tr/>\t\t\t\r\n\t\t\t\t\t</form>\r\n\t\t\t\t</table>\r\n\t\t\t\t";
global $core;
if ($core->aConfig['allowShowCharOwner'] == 1) {
//list characters
$nChars = char::getCharCount($szUsername);
if ($nChars > 0) {
$naChars = user::charIDsByUsername($szUsername);
$naCharNames = char::charNamesByIDs($naChars);
echo "<br/><br/><b>Characters on account</b><table id='table-3' border='1'><td>Char name</td><tr/>";
foreach ($naCharNames as $nElem) {
echo "<td><a href='?pg=rank&type=char&name={$nElem}'>{$nElem}</a></td><tr/>";
}
echo "</table>";
} else {
echo "<br/>This user has no characters.<br/>";
}
if ($_SESSION['username'] == $szUsername) {
return;
}
}
if ($core->aConfig['allowMailbox'] == 1) {
if (isset($_SESSION['username'])) {
if (!isset($_POST['submit'])) {
echo "<br/><b>Send private message</b><br/>\r\n\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\tTo: <b>{$_GET['username']}</b><br/><br/>\r\n\t\t\t\t\t\t\t<input type='text' name='msgTitle' value='Message title'><br/>";
echo "\r\n\t\t\t\t\t\t\t<br/><textarea id='sendUserPrivMsgTextBox' name='msgText' rows='2' cols='100'>Type your message here</textarea><br/>\r\n\t\t\t\t\t\t\t<input type='submit' name='submit' value='Send'>\r\n\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t\t<script>CKEDITOR.replace( 'msgText' );</script>\r\n\t\t\t\t\t\t\t\t ";
} else {
user::sendWebPrivMsg($szUsername, $_SESSION['username'], $_POST['msgTitle'], $_POST['msgText']);
}
} else {
echo "You must be logged in in order to send private messages.<br/>";
}
}
}
public static function getCharCount($szUsername)
{
$nJID = user::accountJIDbyUsername($szUsername);
core::$sql->changeDB("shard");
return core::$sql->getRow("select count(*) from _User where UserJID='{$nJID}'");
}
echo "</table></td></table>";
core::$sql->changeDB('shard');
}
misc::back();
} else {
echo "Owner of account on which this character is created didn't want you to view he's (her) data.<br/>";
}
}
} else {
core::$sql->changeDB("shard");
$hQuery = core::$sql->exec("select top 50 * from _Char where CharName16 not like '%[GM]%' order by CurLevel desc");
echo "<table id='table-3' width='100%' border='0' cellpadding='0' cellspacing='0'>\r\n\t\t\t<td width='5%' align='center' class='thead'>Rank</td>\r\n\t\t\t<td width='5%' align='center' class='thead'>Race</td>\r\n\t\t\t<td width='30%' align='center' class='thead'>Nick</td>\r\n\t\t\t<td width='15%' align='center' class='thead'>Level</td>\r\n\t\t\t<td width='15%' align='center' class='thead'>SP</td>\r\n\t\t\t<td width='15%' align='center' class='thead'>Strength</td>\r\n\t\t\t<td width='15%' align='center' class='thead'>Intellect</td><tr/>";
$n = 1;
while ($row = mssql_fetch_array($hQuery)) {
$szUsername = user::usernameByCharname($row['CharName16']);
$bCanView = core::$sql->getRow("select ispublic from srcms_userprofiles where JID='" . user::accountJIDbyUsername($szUsername) . "'");
if ($bCanView > 0) {
$icon = "";
if ($row['RefObjID'] < 3000) {
$icon = "<img src='img/Character/race_china.png'>";
} else {
$icon = "<img src='img/Character/race_euro.png'>";
}
echo "<td align='center'>{$n}</td>\r\n\t\t\t\t\t<td align='center'>{$icon}</td>\r\n\t\t\t\t\t<td align='center'><a href='?pg=rank&type=char&name={$row['CharName16']}'>{$row['CharName16']}</a></td>\r\n\t\t\t\t\t<td align='center'>{$row['CurLevel']}</td>\r\n\t\t\t\t\t<td align='center'>{$row['RemainSkillPoint']}</td>\r\n\t\t\t\t\t<td align='center'>{$row['Strength']}</td>\r\n\t\t\t\t\t<td align='center'>{$row['Intellect']}</td><tr/>";
$n++;
}
}
echo "</table>";
}
break;
//Search Character Script.