<?php
require_once '../config.php';
require_once '../functions.php';
require_once 'admin_functions.php';
if (!isAdmin()) {
die('Only admins can access this page.');
}
include '_header.php';
echoHeader('Edit Pokemon Shop');
if (isset($_POST['addPoke'])) {
$errors = array();
$price = (int) str_replace(array(',', '.', '$'), '', $_POST['price']);
if ($price < 0) {
$errors[] = 'Price can not be negative.';
}
$name = str_replace(array(chr(0), '.', '/', '\\', '?', '<', '>'), '', $_POST['name']);
if (!file_exists('../images/pokemon/' . $name . '.png')) {
$errors[] = 'Could not find a picture for that pokemon.';
}
$newCat = (bool) $_POST['newCat'];
$catName = $newCat == true ? $_POST['newCatName'] : $_POST['oldCatName'];
$catName = preg_replace('/[^A-Za-z0-9]/', '', $catName);
if ($catName == '') {
$errors[] = 'Invalid character in category name.';
}
if (count($errors) >= 1) {
echo '<div class="error">' . implode('</div><div class="error">', $errors) . '</div>';
} else {
$name = cleanSql($name);
$price = cleanSql($price);
<?php
require_once '../config.php';
require_once '../functions.php';
require_once 'admin_functions.php';
if (!isAdmin()) {
die('Only admins can access this page.');
}
include '_header.php';
echoHeader('Pokedex Long View');
echo '
<script type="text/javascript" src="js/jquery-1.11.0.min.js"></script>
<script type="text/javascript" src="js/__jquery.tablesorter.min.js"></script>
<script>
$(document).ready(function() {
$("#myTable").tablesorter();
$("input:checkbox:not(:checked)").each(function() {
var column = "table ." + $(this).attr("name");
$(column).hide();
});
$("input:checkbox").click(function(){
var column = "table ." + $(this).attr("name");
$(column).toggle();
});
});
</script>
';
$query = mysql_query("SELECT * FROM `pokedex` ORDER BY `num` ASC");
echo '
<?php
require_once '../config.php';
require_once '../functions.php';
require_once 'admin_functions.php';
if (!isAdmin()) {
die('Only admins can access this page.');
}
$handle = fopen('edit_snow_machine_log.txt', 'a+');
fwrite($handle, "{$_SESSION['username']} accessed edit_snow_machine.php" . PHP_EOL);
fclose($handle);
include '_header.php';
echoHeader('Edit Snow Machine');
if (isset($_POST['save'])) {
$errors = array();
$name = str_replace(array(chr(0), '.', '/', '\\', '?', '<', '>'), '', $_POST['name']);
if (!file_exists('../images/pokemon/' . $name . '.png')) {
$errors[] = 'Could not find a picture for that pokemon.';
}
$price = (int) str_replace(array(',', ' ', '$'), '', $_POST['price']);
if ($price <= 0) {
$errors[] = 'Price can not be negative.';
}
$level = (int) $_POST['level'];
if ($level <= 0 || $level > 100) {
$errors[] = 'Level needs to be between 1 and 100.';
}
$chance = (int) $_POST['chance'];
if ($chance <= 0 || $chance > 100) {
$errors[] = 'Chance needs to be between 1 and 100.';
}
<?php
require_once '../config.php';
require_once '../functions.php';
require_once 'admin_functions.php';
if (!isAdmin()) {
die;
}
include '_header.php';
echoHeader('News List');
$query = mysql_query("SELECT * FROM `news` ORDER BY `id` DESC");
echo '
<table class="pretty-table" style="margin-left: 10px; margin-right: 10px;">
<tr>
<th>ID</th>
<th>Title</th>
<th>News</th>
<th>Date</th>
<th>By Who</th>
</tr>
';
while ($row = mysql_fetch_assoc($query)) {
$row = cleanHtml($row);
echo '
<tr>
<td>' . $row['id'] . '</td>
<td>' . $row['title'] . '</td>
<td>' . $row['news'] . '</td>
<td>' . $row['date'] . '</td>
<td>' . $row['bywho'] . '</td>
</tr>
<?php
require_once '../config.php';
require_once '../functions.php';
require_once 'admin_functions.php';
if (!isAdmin()) {
die('Only admins can access this page.');
}
include '_header.php';
echoHeader('Staff Panel');
$filename = 'admin_messages_nkjdngksndfgermekmrz.txt';
if (isset($_POST['message'])) {
$fh = fopen($filename, 'w');
fwrite($fh, $_POST['message']);
fclose($fh);
echo '<div class="notice">Message has been saved.</div>';
}
echo '
<div class="center-text">
Admin List: ' . getAdminProfileList() . '<br /><br />
<form method="post">
<textarea name="message" cols="50" rows="10">' . file_get_contents($filename) . '</textarea><br /><br />
<input type="submit" value="Save" />
</form>
</div>
';
include '_footer.php';
<?php
require_once '../config.php';
require_once '../functions.php';
require_once 'mod_functions.php';
if (!isMod()) {
die('Only mods can access this page.');
}
include '_header.php';
echoHeader('Mod Panel');
$filename = 'mod_messages_fsdfadfasdfa.txt';
if (isset($_POST['message'])) {
$fh = fopen($filename, 'w');
fwrite($fh, $_POST['message']);
fclose($fh);
echo '<div class="notice">Message has been saved.</div>';
}
echo '
<div class="center-text">
Mod List: ' . getModProfileList() . '<br /><br />
<form method="post">
<textarea name="message" cols="50" rows="10">' . file_get_contents($filename) . '</textarea><br /><br />
<input type="submit" value="Save" />
</form>
</div>
';
include '_footer.php';
<?php
require_once '../config.php';
require_once '../functions.php';
require_once 'admin_functions.php';
if (!isAdmin()) {
die('Only admins can access this page.');
}
include '_header.php';
echoHeader('Sprites Awaiting Approval');
if (isset($_GET['id'])) {
$id = (int) $_GET['id'];
$query = mysql_query("SELECT * FROM `new_images` WHERE `id`='{$id}' LIMIT 1");
if (mysql_num_rows($query) == 1) {
$imgRow = mysql_fetch_assoc($query);
if (isset($_GET['accept'])) {
$fname = '../images/pokemon/' . $imgRow['image_name'] . '.png';
if (file_exists($fname) && false) {
$i = 1;
while (true) {
$bfname = '../images/pokemon/' . $imgRow['image_name'] . '_backup' . $i . '.png';
if (!file_exists($bfname)) {
rename($fname, $bfname);
break;
}
$i++;
}
}
file_put_contents($fname, base64_decode($imgRow['image_data']));
echo '<div class="notice">Image has been added/updated!</div>';
} else {
<?php
require_once '../config.php';
require_once '../functions.php';
require_once 'admin_functions.php';
if (!isAdmin()) {
die('Only admins can access this page.');
}
$handle = fopen('edit_user_log.txt', 'a+');
fwrite($handle, "{$_SESSION['username']} accessed edit_user.php" . PHP_EOL);
fclose($handle);
include '_header.php';
echoHeader('Edit User');
if (isset($_GET['id'])) {
$_POST['useUsername'] = false;
$_POST['userid'] = $_GET['id'];
$_POST['find'] = 'Find User';
}
$userid = (int) $_POST['userid'];
$username = $_POST['username'];
$usernameSql = cleanSql($username);
$usernameHtml = cleanHtml($username);
$foundUser = false;
if (isset($_POST['find'])) {
$useUsername = (bool) $_POST['useUsername'];
if ($_POST['useUsername'] == true) {
$whereSql = "WHERE `username`='{$usernameSql}'";
$userid = 0;
} else {
$whereSql = "WHERE `id`='{$userid}'";
$username = '';
<?php
require_once '../config.php';
require_once '../functions.php';
require_once 'admin_functions.php';
if (!isAdmin()) {
die('Only admins can access this page.');
}
include '_header.php';
$text = isset($_GET['add']) ? 'Add Pokemon To Pokedex' : 'Edit Pokedex';
echoHeader($text);
$pid = (int) $_GET['id'];
define('MAX_STAT', 255);
if (!isset($_GET['add'])) {
$query = mysql_query("SELECT * FROM `pokedex` ORDER BY `num` ASC");
echo '<form method="get" class="center-text bottom-padded"><select name="id" style="font-family:Consolas,Monaco,Lucida Console,Liberation Mono,DejaVu Sans Mono,Bitstream Vera Sans Mono,Courier New, monospace;">';
while ($row = mysql_fetch_assoc($query)) {
$opttext = ' ' . str_pad($row['name'], 30, ' ', STR_PAD_RIGHT) . str_pad('#' . $row['num'], 7, ' ', STR_PAD_LEFT) . ' ';
$opttext = str_replace(' ', ' ', $opttext);
$attr = $pid == $row['id'] ? ' selected="selected" ' : '';
echo '<option value="' . $row['id'] . '" ' . $attr . ' style="font-family:Consolas,Monaco,Lucida Console,Liberation Mono,DejaVu Sans Mono,Bitstream Vera Sans Mono,Courier New, monospace;">' . $opttext . '</option>';
}
echo '</select> <input type="submit" value="Edit Pokedex" /></form>';
$query = mysql_query("SELECT * FROM `pokedex` WHERE `id`='{$pid}' LIMIT 1");
if (mysql_num_rows($query) == 0) {
include '_footer.php';
die;
}
$pokeInfo = mysql_fetch_assoc($query);
} else {
$pokeInfo = array('name' => '', 'num' => '', 'attack' => '100', 'spattack' => '100', 'def' => '100', 'spdef' => '100', 'hp' => '100', 'speed' => '100', 'type1' => 'Normal', 'type2' => '', 'move1' => 'Fire Blast', 'move2' => 'Scratch', 'move3' => 'Bubble', 'move4' => 'Razor Leaf');
<?php
require_once '../config.php';
require_once '../functions.php';
require_once 'mod_functions.php';
if (!isMod()) {
die('Only mods can access this page.');
}
include '_header.php';
echoHeader('Add New Sprite');
if (isset($_POST['submit'], $_POST['img_name'], $_POST['comment'])) {
if ($_FILES['file']['error'] > 0) {
// echo $_FILES["file"]["error"] . '<br />';
echo '<div class="error">There was an error!</div>';
} else {
if ($_FILES['file']['size'] > 1048576) {
echo '<div class="error">The file size it too large!</div>';
} else {
$imageData = file_get_contents($_FILES['file']['tmp_name']);
$im = imagecreatefromstring($imageData);
if ($im == false) {
echo '<div class="error">There was an error creating the image!</div>';
} else {
$base64Image = cleanSql(base64_encode($imageData));
$imgName = cleanSql(trim(str_replace(array(chr(0), '<', '>', '.', '/', '\\'), '', $_POST['img_name'])));
$comment = cleanSql($_POST['comment']);
$uid = (int) $_SESSION['userid'];
if (empty($imgName)) {
echo '<div class="error">Image name was empty!</div>';
} else {
mysql_query("\n\t\t\t\t\tINSERT INTO `new_images` (\n\t\t\t\t\t\t`uid`, `image_data`, `image_name`, `comment`\n\t\t\t\t\t) VALUES (\n\t\t\t\t\t\t'{$uid}', '{$base64Image}', '{$imgName}', '{$comment}'\n\t\t\t\t\t)\n\t\t\t\t");
<?php
require_once '../config.php';
require_once '../functions.php';
require_once 'admin_functions.php';
if (!isAdmin()) {
die('Only admins can access this page.');
}
$handle = fopen('edit_pokemon_log.txt', 'a+');
fwrite($handle, "{$_SESSION['username']} accessed edit_pokemon.php" . PHP_EOL);
fclose($handle);
include '_header.php';
echoHeader('Edit Pokemon');
$pid = (int) $_GET['id'];
echo '
<form method="get" class="center-text bottom-padded">
Pokemon ID: <input type="text" name="id" value="' . $pid . '" />
<input type="submit" value="Find Pokemon" />
</form>
';
if ($pid == 0) {
// echo 'Please enter the id of the pokemon you want to edit.';
include '_footer.php';
die;
}
$query = mysql_query("SELECT * FROM `user_pokemon` WHERE `id`='{$pid}' LIMIT 1");
if (mysql_num_rows($query) == 0) {
echo 'This pokemon does not exist!';
include '_footer.php';
die;
}
<?php
require_once '../config.php';
require_once '../functions.php';
require_once 'admin_functions.php';
if (!isAdmin()) {
die('Only admins can access this page.');
}
include '_header.php';
echoHeader('Find Users With The Same IP.');
$ip = $_GET['ip'];
$ipHtml = cleanHtml($ip);
$ipSql = cleanSql($ip);
echo '
<form method="get" class="center-text bottom-padded">
IP: <input type="text" name="ip" value="' . $ipHtml . '" />
<input type="submit" value="Search For IP" />
</form>
';
if (isset($_GET['ip'])) {
$query = mysql_query("SELECT * FROM `users` WHERE `ip`='{$ipSql}'");
if (mysql_num_rows($query) == 0) {
echo '
<div class="error">
Could not find any users with the ip address of <strong>' . $ipHtml . '</strong>!
</div>
';
} else {
echo '
<table class="center pretty-table" style="width: 50%;">
<tr>
<?php
require_once '../config.php';
require_once '../functions.php';
require_once 'admin_functions.php';
if (!isAdmin()) {
die('Only admins can access this page.');
}
include '_header.php';
echoHeader('Edit Token Pokemon Shop');
if (isset($_POST['addPoke'])) {
$errors = array();
$price = (int) str_replace(array(',', '.', '$'), '', $_POST['price']);
if ($price < 0) {
$errors[] = 'Price can not be negative.';
}
$name = str_replace(array(chr(0), '.', '/', '\\', '?', '<', '>'), '', $_POST['name']);
if (!file_exists('../images/pokemon/' . $name . '.png')) {
$errors[] = 'Could not find a picture for that pokemon.';
}
if (count($errors) >= 1) {
echo '<div class="error">' . implode('</div><div class="error">', $errors) . '</div>';
} else {
$name = cleanSql($name);
$price = cleanSql($price);
$query = mysql_query("\n INSERT INTO `token_shop_pokemon` (\n \t`name`, `price`\n ) VALUES (\n '{$name}', '{$price}'\n )\n ");
if ($query) {
echo '<div class="notice">The pokemon has been added to the shop.</div>';
} else {
echo '<div class="error">There was an error.</div>';
}
<?php
require_once '../config.php';
require_once '../functions.php';
require_once 'admin_functions.php';
if (!isAdmin()) {
die('Only admins can access this page.');
}
include '_header.php';
echoHeader('Edit Promo');
if (isset($_POST['save'])) {
$errors = array();
$name = str_replace(array(chr(0), '.', '/', '\\', '?', '<', '>'), '', $_POST['name']);
if (!file_exists('../images/pokemon/' . $name . '.png')) {
$errors[] = 'Could not find a picture for that pokemon.';
}
$money = (int) str_replace(array(',', ' ', '$'), '', $_POST['money']);
if ($money < 0) {
$errors[] = 'Money can not be negative.';
}
$tokens = (int) str_replace(array(',', ' ', '$'), '', $_POST['tokens']);
if ($tokens < 0) {
$errors[] = 'Tokens can not be negative.';
}
$level = (int) $_POST['level'];
if ($level <= 0 || $level > 100) {
$errors[] = 'Level needs to be between 1 and 100.';
}
if (count($errors) >= 1) {
echo '<div class="error">' . implode('</div><div class="error">', $errors) . '</div>';
} else {
echo "<br />";
}
}
echo "</div>";
} else {
}
}
?>
</head>
<body style="background:#DDD">
<div class="site">
<?php
echoHeader();
?>
<div id="top" class="site_content">
<div class="principal" id="principal"><br />
<div class="p">
<font size="+3" style="margin-left:4%; color:#FFF;"><b> Notícias</b></font>
</div>
<div class="destaques-center">
<br /><br />
<center>
<div class="divCentro" id="galeria" >
<?php
require_once '../config.php';
require_once '../functions.php';
require_once 'admin_functions.php';
if (!isAdmin()) {
die('Only admins can access this page.');
}
include '_header.php';
echoHeader('Edit Referral Shop');
if (isset($_POST['addPoke'])) {
$errors = array();
$price = (int) str_replace(array(',', '.', '$'), '', $_POST['price']);
if ($price < 0) {
$errors[] = 'Price can not be negative.';
}
$name = str_replace(array(chr(0), '.', '/', '\\', '?', '<', '>'), '', $_POST['name']);
if (!file_exists('../images/pokemon/' . $name . '.png')) {
$errors[] = 'Could not find a picture for that pokemon.';
}
if (count($errors) >= 1) {
echo '<div class="error">' . implode('</div><div class="error">', $errors) . '</div>';
} else {
$name = cleanSql($name);
$price = cleanSql($price);
$query = mysql_query("\n INSERT INTO `shop_ref` (\n \t`name`, `price`\n ) VALUES (\n '{$name}', '{$price}'\n )\n ");
if ($query) {
echo '<div class="notice">The pokemon has been added to the shop.</div>';
} else {
echo '<div class="error">There was an error.</div>';
}
<?php
require_once '../config.php';
require_once '../functions.php';
require_once 'admin_functions.php';
if (!isAdmin()) {
die;
}
include '_header.php';
echoHeader('Edit News');
if (isset($_POST['save'])) {
$errors = array();
$title = trim($_POST['title']);
if (empty($title)) {
$errors[] = 'Title can not be empty.';
}
$content = trim($_POST['content']);
if (empty($content)) {
$errors[] = 'Content can not be empty.';
}
$sqlPoster = cleanSql($_POST['poster']);
$query = mysql_query("SELECT * FROM `users` WHERE `username`='{$sqlPoster}' AND `admin`='1'");
if (mysql_num_rows($query) == 0) {
$errors[] = 'Invalid poster.';
}
if (count($errors) >= 1) {
echo '<div class="error">' . implode('</div><div class="error">', $errors) . '</div>';
} else {
echo '<div class="notice">The news has been edited!</div>';
$sqlTitle = cleanSql($title);
$sqlContent = cleanSql($content);
<?php
require_once '../config.php';
require_once '../functions.php';
require_once 'admin_functions.php';
if (!isAdmin()) {
die('Only admins can access this page.');
}
include '_header.php';
echoHeader('Ban List');
echo '
<table class="center pretty-table center-text" style="width: 750px;">
<tr>
<th>ID</th>
<th>Username</th>
<th>Reason For Ban</th>
<th>Options</th>
</tr>
';
$query = mysql_query("SELECT * FROM `users` WHERE `banned`='1' ORDER BY `id` ASC");
while ($banRow = mysql_fetch_assoc($query)) {
$banRow = cleanHtml($banRow);
echo '
<tr>
<td>' . $banRow['id'] . '</td>
<td><a href="../profile.php?id=' . $banRow['id'] . '">' . $banRow['username'] . '</a></td>
<td>' . $banRow['ban_reason'] . '</td>
<td>[<a href="edit_user.php?id=' . $banRow['id'] . '">Edit User</a>]</td>
</tr>
';
}
