Ejemplo n.º 1
0
 public function showProfileForm($szUsername)
 {
     $userData = core::$sql->fetchArray("select * from srcms_userprofiles where JID='" . user::accountJIDbyUsername($szUsername) . "'");
     $genderSelector = null;
     $publicProfileSelector = null;
     if ($userData['gender'] == '0') {
         $genderSelector = "<option value='0' selected>Male</option>\r\n\t<option value='1'>Female</option>";
     } else {
         $genderSelector = "<option value='0'>Male</option>\r\n\t<option value='1' selected>Female</option>";
     }
     if ($userData['ispublic'] == '1') {
         $publicProfileSelector = "<option value='1' selected>Yes</option>\r\n\t<option value='0'>No</option>";
     } else {
         $publicProfileSelector = "<option value='1'>Yes</option>\r\n\t<option value='0' selected>No</option>";
     }
     echo "\r\n\t<table id='table-3' border='0' cellpadding='0' cellspacing='0'>\r\n\t<form method='post'>\r\n\t<td>Username</td><td>{$_SESSION['username']}</td><tr/>\r\n\t<td>Gender</td>\r\n\t<td>\r\n\t<select name='gender'>\r\n\t{$genderSelector}\r\n\t</select>\r\n\t</td>\r\n\t<tr/>\r\n\t<td>Avatar url</td><td><input type='text' name='avatar' value='{$userData['avatar']}'></td><tr/>\r\n\t<td>Avatar</td><td><img src='{$userData['avatar']}'></img></td><tr/>\r\n\t<td>Skype</td><td><input type='text' name='skype' value='{$userData['skype']}'></td><tr/>\r\n\t<td>MSN</td><td><input type='text' name='msn' value='{$userData['msn']}'></td><tr/>\r\n\t<td>Show profile to public</td><td>\r\n\t<select name='ispublic'>\r\n\t{$publicProfileSelector}\r\n\t</select>\r\n\t</td>\r\n\t";
     if ($core->aConfig['allowRefferals'] == 1) {
         echo "<tr/><td>Refferal link</td><td>\r\n\t<a href='" . $core->aConfig['url'] . "?pg=reg&ref={$_SESSION['username']}'>" . $core->aConfig['url'] . "?pg=reg&ref={$_SESSION['username']}</a></td>";
     }
     echo "\r\n\t<tr/>\r\n\t<td></td><td><input type='submit' name='submit' value='Save'></td>\r\n\r\n\t</form>\r\n\r\n\t</table>\r\n\t";
 }
Ejemplo n.º 2
0
<?php

$userRank = core::$sql->getRow("select whois from srcms_userprofiles where JID='" . user::accountJIDbyUsername($_SESSION[username]) . "'");
if ($userRank != "admin") {
    echo "NOT ADMIN";
    return;
}
switch ($_GET['act']) {
    case 'news':
        if (!isset($_GET['subact'])) {
            echo "<a href='?pg=admin&act=news&subact=add'><b>Add</b></a><br/>\r\n\t\t\t\t  <a href='?pg=admin&act=news&subact=del'><b>Delete</b></a><br/>\r\n\t\t\t\t  <a href='?pg=admin&act=news&subact=edit'><b>Edit</b></a><br/>";
        } else {
            switch ($_GET['subact']) {
                case 'add':
                    if (!isset($_POST['submit']) && !isset($_POST['title'])) {
                        echo "<table id='table-3' border='1' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t\t\t<td>Title</td><td><input type='text' name='title'></td><tr/>\r\n\t\t\t\t\t\t\t\t\t<td>Text</td><td><textarea id = 'textBox' name='textBox' rows='5' cols='100'>Type your message here</textarea></td><tr/>\r\n\t\t\t\t\t\t\t\t\t<td></td><td><input type='submit' name='submit' value='Add'></td>\r\n\t\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t\t  </table><br/>\r\n\t\t\t\t\t\t\t  \r\n\t\t\t\t\t\t\t <script>CKEDITOR.replace( 'textBox' );</script>\r\n\t\t\t\t\t\t\t  \r\n\t\t\t\t\t\t\t  ";
                    } else {
                        $szTitle = security::toHTML($_POST['title']);
                        //$szText = misc::applyAttributesToText($_POST['textBox']);
                        $szText = stripslashes(security::toHTML($_POST['textBox']));
                        core::$sql->exec("insert into srcms_news(title,content,author,time) values('{$szTitle}','{$szText}','{$_SESSION['username']}','" . misc::getDateTime() . "')");
                        echo "News article added.<br/>";
                        misc::redirect('?pg=admin&act=news', 1);
                    }
                    break;
                case 'del':
                    if (isset($_GET['id'])) {
                        $nID = (int) $_GET['id'];
                        if (core::$sql->numRows("select * from srcms_news where id='{$nID}'") > 0) {
                            core::$sql->exec("delete from srcms_news where id='{$nID}'");
                            core::$sql->exec("delete from srcms_newscomments where newsID='{$nID}'");
Ejemplo n.º 3
0
<?php

if (isset($_GET['username']) && security::isSecureString($_GET['username'], 3)) {
    $userData = core::$sql->fetchArray("select * from srcms_userprofiles where JID='" . user::accountJIDbyUsername($_GET['username']) . "'");
    if ($userData['ispublic'] == '1') {
        user::viewProfile($_GET['username']);
        //send msg there too
    } else {
        user::viewProfile($_GET['username']);
        //send msg there too
    }
} else {
    echo "No username specified, or username contains forbidden symbols.<br/>";
}
Ejemplo n.º 4
0
     if ($core->aConfig['allowEpinSystem'] == 0) {
         echo "This module is currently disabled.<br/>";
         break;
     } else {
         if (!isset($_POST['code']) && !isset($_POST['sure'])) {
             echo "<table id='table-3' border='1' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t\t\t\t<td><input type='text' name='code' value='type your EPIN code here'></td><tr/>\r\n\t\t\t\t\t\t\t\t\t\t<td><center><input type='submit' name='submit' value='Use'></center></td>\r\n\t\t\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t\t\t\t</table>";
         } else {
             $nCodeNumber = (int) $_POST['code'];
             if (core::$sql->numRows("select * from srcms_epin where code='{$nCodeNumber}'") > 0) {
                 $aPinData = core::$sql->exec("select * from srcms_epin where code='{$nCodeNumber}'");
                 $aPinData = mssql_fetch_array($aPinData);
                 if (!isset($_POST['sure'])) {
                     echo "Do you really want to use this code ? It will give you [{$aPinData['silkAmount']}] silk.<br/>\r\n\t\t\t\t\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t\t\t\t\t<input type='hidden' name='code' value='{$nCodeNumber}'>\r\n\t\t\t\t\t\t\t\t\t\t\t<input type='submit' name='sure' value='Yes'>\r\n\t\t\t\t\t\t\t\t\t\t\t</form><br/>";
                     misc::back();
                 } else {
                     core::$sql->exec("update SK_Silk set silk_own=(silk_own + {$aPinData['silkAmount']}) where JID='" . user::accountJIDbyUsername($_SESSION['username']) . "'");
                     //delete used code
                     core::$sql->exec("delete from srcms_epin where code='{$nCodeNumber}'");
                     echo "You got your [{$aPinData['silkAmount']}] silk.";
                     misc::redirect('?pg=ucp&act=epin', 1);
                 }
             } else {
                 echo "Invalid EPIN code ! Please, try again.<br/>";
                 misc::back();
             }
         }
     }
     break;
 default:
     echo "Invalid module name specified.<br/>";
     break;
Ejemplo n.º 5
0
    }
    echo "\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t";
    if ($core->aConfig['allowMyProfile'] == 1) {
        echo "<td><a href='./?pg=ucp&act=myprofile'>My profile</a></td>";
    }
    if ($core->aConfig['allowRefferals'] == 1) {
        echo "<td><a href='./?pg=ucp&act=refferals'>My refferals</a></td>";
    }
    echo "\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t";
    if ($core->aConfig['allowEpinSystem'] == 1) {
        echo "<td><a href='./?pg=ucp&act=epin'>Use EPIN</a><br></td>";
    }
    echo "<td><a href='./?pg=emailreplace'>Change Email</a></td>";
    if ($core->aConfig['allowMailbox'] == 1) {
        echo "<a href='./?pg=ucp&act=mailbox'>Mailbox ";
        $myJID = user::accountJIDbyUsername($_SESSION['username']);
        $nMsgCountUnread = core::$sql->numRows("select * from srcms_privatemessages where receiver='{$myJID}' and viewed='0'");
        $nMsgCountRead = core::$sql->numRows("select * from srcms_privatemessages where receiver='{$myJID}' and viewed='1'");
        $nMsgCount = core::$sql->numRows("select * from srcms_privatemessages where receiver='{$myJID}'");
        $msgText = "";
        if ($nMsgCountUnread > 0) {
            $msgText = "[<b>{$nMsgCount} / " . $core->aConfig['maxPrivMsg'] . "]</a></b>";
        } else {
            $msgText = "[{$nMsgCount} / " . $core->aConfig['maxPrivMsg'] . "]</a>";
        }
    }
    echo "{$msgText}\r\n\t<br />\t<td><a href='./?pg=ucp&act=logout'>Logout</a></td>\r\n\t\t</tr>\r\n</table>\r\n\t";
} else {
    if ($_POST['submit'] != 'login') {
        ucp::showLoginForm();
    } else {
Ejemplo n.º 6
0
     }
 } else {
     if (user::accountExists($_POST['username']) == 1) {
         echo "This username is already taken.";
     } else {
         core::$sql->exec("insert into TB_User(StrUserID,password,sec_content,sec_primary, email) values('{$_POST['username']}','" . md5($_POST['pass1']) . "','3','3','{$_POST['email']}')");
         $nJID = user::accountJIDbyUsername($_POST['username']);
         $szAvatarDefault = $core->aConfig['url'] . "img/noavatar.png";
         core::$sql->exec("insert into srcms_userprofiles(JID,gender,skype,msn,avatar,whois, ispublic) values('{$nJID}','0','None','None','{$szAvatarDefault}','user','1')");
         core::$sql->exec("insert into SK_Silk(JID,silk_own,silk_gift,silk_point) values('{$nJID}','" . $core->aConfig['startSilk'] . "','0','0')");
         if (isset($_SESSION['ref'])) {
             if ($_SESSION['ref'] == $_SESSION['username']) {
                 echo "<br/>You can't be refferer for your own account (but account created).<br/>";
                 return;
             }
             $reffererJID = user::accountJIDbyUsername($_SESSION['ref']);
             if ($reffererJID > 0) {
                 $nRefIPs = core::$sql->numRows("select * from srcms_refferals where IP='" . $_SERVER[REMOTE_ADDR] . "'");
                 if ($nRefIPs < $core->aConfig['maxRefAccIP']) {
                     $datetime = gmDate('Y-m-d H:i:s');
                     core::$sql->exec("insert into srcms_refferals(reffererJID,invitedUserJID,time,ip) values('{$reffererJID}','{$nJID}','{$datetime}','{$_SERVER['REMOTE_ADDR']}')");
                     unset($_SESSION['ref']);
                 }
             }
         }
         $sName = $core->aConfig['serverName'];
         mail($_POST['email'], "Thanks for registering at {$sName}", "Thanks for registering at {$sName}, we really hope you will have a great fun playing here.", "From:noreply {$sName}");
         echo "Account successfully registered.";
         misc::redirect("?pg=news", 2);
     }
 }
Ejemplo n.º 7
0
 public static function viewProfile($szUsername)
 {
     $userData = core::$sql->fetchArray("select * from srcms_userprofiles where JID='" . user::accountJIDbyUsername($szUsername) . "'");
     $gender = null;
     if ($userData['gender'] == '0') {
         $gender = "Male";
     } else {
         $gender = "Female";
     }
     $szRank = core::$sql->getRow("select whois from srcms_userprofiles where JID='" . user::accountJIDbyUsername($szUsername) . "'");
     $szRank = user::getRankText($szRank);
     echo "\r\n\t\t\t\t<table id='table-3' border='1' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t<td>Username</td><td>{$szUsername}</td><tr/>\r\n\t\t\t\t\t<td>Rank</td><td>{$szRank}</td><tr/>\r\n\t\t\t\t\t<td>Gender</td><td>{$gender}</td><tr/>\r\n\t\t\t\t\t<td>Avatar</td><td><img src='{$userData['avatar']}'></img></td><tr/>\r\n\t\t\t\t\t<td>Skype</td><td>{$userData['skype']}</td><tr/>\r\n\t\t\t\t\t<td>MSN</td><td>{$userData['msn']}</td><tr/>\t\t\t\r\n\t\t\t\t\t</form>\r\n\t\t\t\t</table>\r\n\t\t\t\t";
     global $core;
     if ($core->aConfig['allowShowCharOwner'] == 1) {
         //list characters
         $nChars = char::getCharCount($szUsername);
         if ($nChars > 0) {
             $naChars = user::charIDsByUsername($szUsername);
             $naCharNames = char::charNamesByIDs($naChars);
             echo "<br/><br/><b>Characters on account</b><table id='table-3' border='1'><td>Char name</td><tr/>";
             foreach ($naCharNames as $nElem) {
                 echo "<td><a href='?pg=rank&type=char&name={$nElem}'>{$nElem}</a></td><tr/>";
             }
             echo "</table>";
         } else {
             echo "<br/>This user has no characters.<br/>";
         }
         if ($_SESSION['username'] == $szUsername) {
             return;
         }
     }
     if ($core->aConfig['allowMailbox'] == 1) {
         if (isset($_SESSION['username'])) {
             if (!isset($_POST['submit'])) {
                 echo "<br/><b>Send private message</b><br/>\r\n\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\tTo: <b>{$_GET['username']}</b><br/><br/>\r\n\t\t\t\t\t\t\t<input type='text' name='msgTitle' value='Message title'><br/>";
                 echo "\r\n\t\t\t\t\t\t\t<br/><textarea id='sendUserPrivMsgTextBox' name='msgText' rows='2' cols='100'>Type your message here</textarea><br/>\r\n\t\t\t\t\t\t\t<input type='submit' name='submit' value='Send'>\r\n\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t\t<script>CKEDITOR.replace( 'msgText' );</script>\r\n\t\t\t\t\t\t\t\t ";
             } else {
                 user::sendWebPrivMsg($szUsername, $_SESSION['username'], $_POST['msgTitle'], $_POST['msgText']);
             }
         } else {
             echo "You must be logged in in order to send private messages.<br/>";
         }
     }
 }
Ejemplo n.º 8
0
 public static function getCharCount($szUsername)
 {
     $nJID = user::accountJIDbyUsername($szUsername);
     core::$sql->changeDB("shard");
     return core::$sql->getRow("select count(*) from _User where UserJID='{$nJID}'");
 }
Ejemplo n.º 9
0
                 echo "</table></td></table>";
                 core::$sql->changeDB('shard');
             }
             misc::back();
         } else {
             echo "Owner of account on which this character is created didn't want you to view he's (her) data.<br/>";
         }
     }
 } else {
     core::$sql->changeDB("shard");
     $hQuery = core::$sql->exec("select top 50 * from _Char where CharName16 not like '%[GM]%' order by CurLevel desc");
     echo "<table id='table-3' width='100%' border='0' cellpadding='0' cellspacing='0'>\r\n\t\t\t<td width='5%' align='center' class='thead'>Rank</td>\r\n\t\t\t<td width='5%' align='center' class='thead'>Race</td>\r\n\t\t\t<td width='30%' align='center' class='thead'>Nick</td>\r\n\t\t\t<td width='15%' align='center' class='thead'>Level</td>\r\n\t\t\t<td width='15%' align='center' class='thead'>SP</td>\r\n\t\t\t<td width='15%' align='center' class='thead'>Strength</td>\r\n\t\t\t<td width='15%' align='center' class='thead'>Intellect</td><tr/>";
     $n = 1;
     while ($row = mssql_fetch_array($hQuery)) {
         $szUsername = user::usernameByCharname($row['CharName16']);
         $bCanView = core::$sql->getRow("select ispublic from srcms_userprofiles where JID='" . user::accountJIDbyUsername($szUsername) . "'");
         if ($bCanView > 0) {
             $icon = "";
             if ($row['RefObjID'] < 3000) {
                 $icon = "<img src='img/Character/race_china.png'>";
             } else {
                 $icon = "<img src='img/Character/race_euro.png'>";
             }
             echo "<td align='center'>{$n}</td>\r\n\t\t\t\t\t<td align='center'>{$icon}</td>\r\n\t\t\t\t\t<td align='center'><a href='?pg=rank&type=char&name={$row['CharName16']}'>{$row['CharName16']}</a></td>\r\n\t\t\t\t\t<td align='center'>{$row['CurLevel']}</td>\r\n\t\t\t\t\t<td align='center'>{$row['RemainSkillPoint']}</td>\r\n\t\t\t\t\t<td align='center'>{$row['Strength']}</td>\r\n\t\t\t\t\t<td align='center'>{$row['Intellect']}</td><tr/>";
             $n++;
         }
     }
     echo "</table>";
 }
 break;
 //Search Character Script.