function add_tags($tags, $gameid)
{
foreach ($tags as $tag_name) {
$tag_count = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_tags WHERE tag_name = '{$tag_name}'"), 0);
if ($tag_count == 0) {
$seo_url = seoname($tag_name, 0, 'tag');
mysql_query("INSERT INTO ava_tags (tag_name, seo_url) VALUES ('{$tag_name}', '{$seo_url}')") or die(mysql_error());
}
$mysql_tag = mysql_fetch_array(mysql_query("SELECT * FROM ava_tags WHERE tag_name = '{$tag_name}'"));
mysql_query("INSERT INTO ava_tag_relations (game_id, tag_id) VALUES ({$gameid}, {$mysql_tag['id']})");
}
}
function generate_seonames($table, $column, $type)
{
$sql = mysql_query("SELECT * FROM {$table} ORDER BY id ASC");
while ($row = mysql_fetch_array($sql)) {
$seo_name = seoname($row[$column]);
$seo_name_exists = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_seonames WHERE seo_name = '{$seo_name}' AND type = '{$type}'"), 0);
if ($seo_name_exists >= 1) {
$seo_name_count = mysql_fetch_array(mysql_query("SELECT uses FROM ava_seonames WHERE seo_name = '{$seo_name}' AND type = '{$type}'"));
$number = $seo_name_count['uses'] + 1;
$final_seo_name = $seo_name . '-' . $number;
mysql_query("UPDATE {$table} SET seo_url = '{$final_seo_name}' WHERE id = {$row['id']}");
mysql_query("UPDATE ava_seonames SET uses = uses + 1 WHERE seo_name = '{$seo_name}'");
} else {
mysql_query("UPDATE {$table} SET seo_url = '{$seo_name}' WHERE id = {$row['id']}");
mysql_query("INSERT INTO ava_seonames (seo_name, type, uses) VALUES ('{$seo_name}', '{$type}', 1)");
}
}
}
<?php
$ct = 0;
$sql = mysql_query("SELECT * FROM ava_users WHERE id != '1' ORDER BY 0+points desc LIMIT 5");
while ($row = mysql_fetch_array($sql)) {
$ct = $ct + 1;
$seo_name = seoname($row['username']);
if (strlen($row['username']) > $template['player_module_max_chars']) {
$name = substr($row['username'], 0, $template['player_module_max_chars']);
//."...";
} else {
$name = $row['username'];
}
$username = htmlspecialchars($name);
$avatar = 'uploads/avatars/' . $row['avatar'] . '';
if ($setting['module_thumbs'] == 1) {
$avatar = '<img class="sidebar_memberIMG" src="' . AvatarUrl($row['avatar'], $row['facebook'], $row['facebook_id']) . '" />';
} else {
$avatar = '';
}
if ($setting['seo_on'] == 0) {
$url = 'index.php?task=profile&id=' . $row['id'];
} else {
$url = $setting['site_url'] . '/profile/' . $row['id'] . '/' . $seo_name . $setting['seo_extension'];
}
//show trophy for the top 3 players of the site and numbers for the 4th to the 10th.
if ($ct == 1) {
//first position
echo '<li class="top_medals"><a href="' . $url . '">' . $avatar . '</a>';
echo '<div class="medalbox"><img class="medal_gold" src="' . $setting['site_url'] . '/templates/macaw/images/medal_gold.png" alt="" /></div>';
echo '<a href="' . $url . '">' . $username . '</a><br />';
<?php
echo '<ul>';
if ($setting['seo_on'] == 0) {
echo '<li><a href="' . $setting['site_url'] . '">Home</a></li>
<li><a href="' . $setting['site_url'] . '/index.php?task=news">' . NEWS . '</a></li>
<li><a href="' . $setting['site_url'] . '/rss.php">Subscribe</a></li>
<li><a href="' . $setting['site_url'] . '/index.php?task=member_list">' . MEMBER_LIST . '</a></li>
<li><a href="' . $setting['site_url'] . '/index.php?task=links">' . LINKS . '</a></li>';
} else {
echo '<li><a href="' . $setting['site_url'] . '">Home</a></li>
<li><a href="' . $setting['site_url'] . '/news">' . NEWS . '</a></li>
<li><a href="' . $setting['site_url'] . '/rss.php">Subscribe</a></li>
<li><a href="' . $setting['site_url'] . '/members">' . MEMBER_LIST . '</a></li>
<li><a href="' . $setting['site_url'] . '/links/">' . LINKS . '</a></li>';
}
$sql = mysql_query("SELECT * FROM ava_pages ORDER BY id desc LIMIT 10");
while ($row = mysql_fetch_array($sql)) {
$seo_name = seoname($row['name']);
if ($setting['seo_on'] == 0) {
$url = 'index.php?task=page&id=' . $row['id'];
} else {
$url = 'page/' . $row['id'] . '/' . $seo_name;
}
echo '<li><a href="' . $setting['site_url'] . '/' . $url . '">' . $row['name'] . '</a></li>';
}
echo '</ul>';
<?php
// VIEW A PRIVATE MESSAGE
defined('AVARCADE_') or die('');
if (isset($_COOKIE["ava_username"])) {
$sql = mysql_query("SELECT * FROM ava_messages WHERE id= {$id}");
$row = mysql_fetch_array($sql);
if ($user['id'] == $row['user_id']) {
// Display the PM and the options
echo '<div class="pm_header">
<div class="pm_subject">' . $row['title'] . '</div>
<div class="pm_details"><strong>' . PM_FROM . ':</strong> <a href="' . $setting['site_url'] . '/index.php?task=profile&id=' . $row['sender_id'] . '">' . $row['sender_name'] . '</a> <strong>' . PM_DATE . ':</strong> ' . FormatDate($row['date'], 'time') . '</div></div>
<div class="pm_message">' . $row['message'] . '</div>';
$profile_url = ProfileUrl($row['sender_id'], seoname($row['sender_name']));
echo ' <div class="pm_footer">
<p class="sub_button"><a href="' . $setting['site_url'] . '/index.php?task=send_message&id=' . $row['sender_id'] . '&re=' . $row['id'] . '">' . PM_REPLY . '</a></p>
<p class="sub_button"><a href="' . $setting['site_url'] . '/index.php?task=messages&pm_task=delete&id=' . $row['id'] . '">' . PM_DELETE_MESSAGE . '</a></p>
<p class="sub_button"><a href="' . $profile_url . '">' . PM_SENDER_PROFILE . '</a></p>
<p class="sub_button"><a href="' . $setting['site_url'] . '/index.php?task=messages&pm_task=unread&id=' . $row['id'] . '">' . PM_MARK_UNREAD . '</a></p>';
if ($row['highscore_game_id'] == 0) {
echo ' <p class="sub_button"><a href="#" onclick="ShowPopup(\'ava-popup\', \'' . $setting['site_url'] . '/includes/forms/pm_report_form.php?id=' . $row['id'] . '\', \'' . PM_REPORT . '\');return false">' . PM_REPORT . '</a></p>';
}
echo '</div>';
if ($row['read'] == 0) {
mysql_query("UPDATE ava_messages SET `read` = 1 WHERE id = {$row['id']} LIMIT 1");
// Update user messages counter
$msg_count = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_messages WHERE user_id={$user['id']} AND `read`=0"), 0);
$update = mysql_query("UPDATE ava_users SET messages={$msg_count} WHERE id='{$user['id']}'") or die(mysql_error());
}
} else {
include '../../language/' . $setting['language'] . '.php';
$the_comment = mysql_secure($_POST['comment']);
$id = intval($_POST['id']);
if (isset($_COOKIE["ava_username"])) {
$cookie_id = intval($_COOKIE["ava_userid"]);
$code = preg_replace("/[^a-z,A-Z,0-9]/", "", $_COOKIE['ava_code']);
$last_comment = mysql_query("SELECT last_comment FROM tbl_users WHERE id = {$cookie_id} AND last_comment > NOW() - INTERVAL 1 MINUTE");
if (mysql_num_rows($last_comment) == '0') {
$user = mysql_query("SELECT * FROM tbl_users WHERE id=" . $cookie_id . "");
$user2 = mysql_fetch_array($user);
if ($user2['password'] == $code) {
$date = date("Y-m-d H:i:s");
mysql_query("INSERT INTO tbl_comments (user, comment, link_id, date, ip) VALUES ('{$cookie_id}', '{$the_comment}', '{$id}', '{$date}', '{$_SERVER['REMOTE_ADDR']}')");
$comment = array('username' => $user2['username'], 'content' => stripslashes(nl2br(strip_tags($_POST['comment']))), 'user_points' => $user2['points'], 'date' => FormatDate($date, 'time'));
$comment['delete'] = '';
$seo_username = seoname($user2['username']);
$comment['user_url'] = ProfileUrl($user2['id'], $user2['seo_url']);
if ($user2['admin'] == 1) {
$comment['delete'] = '<a href="#" onclick="DeleteNewsComment(' . mysql_insert_id() . ', ' . "'" . $setting['site_url'] . "'" . '); return false">Delete</a>';
$comment['report_button'] = '<a href="' . $setting['site_url'] . '/admin/?task=manage_users#page=1&ip=' . $_SERVER['REMOTE_ADDR'] . '"><img src="' . $setting['site_url'] . '/images/report.png" title="' . $_SERVER['REMOTE_ADDR'] . '" style="vertical-align:middle;"/></a>';
} else {
if ($setting['report_permissions'] == "1" || $setting['report_permissions'] == "2" && $user['login_status'] == 1) {
$comment['report_button'] = '<a href="#" onclick="ShowPopup(\'ava-popup\', \'' . $setting['site_url'] . '/includes/forms/comment_report_form.php?id=' . mysql_insert_id() . '&type=2\', \'Report comment\'); return false"><img src="' . $setting['site_url'] . '/images/report.png" title="' . REPORT . '" style="vertical-align:middle;"/></a>';
} else {
$comment['report_button'] = '';
}
$comment['delete'] = '';
//'<a href="#" onclick="DeleteComment(' . $row['id'] . ', ' . "'" . $setting['site_url'] . "'" . '); return false"><img src="' . $setting['site_url'] . '/images/report.png" title="' . $_SERVER[REMOTE_ADDR] . '" style="vertical-align:middle;"/></a>';
}
if ($user2['usrAvatarType'] == '') {
$comment['avatar_url'] = $setting['site_url'] . '/uploads/avatars/default.png';
$date = date("F j Y");
if (isset($_COOKIE['ava_ref'])) {
$referrer = intval($_COOKIE['ava_ref']);
} else {
$referrer = 0;
}
$seo_url = seoname($username);
// If email validation is off, instantly activate the account
if ($setting['email_on'] == 0) {
$sql = mysql_query("INSERT INTO ava_users (username, password, email, activate, joined, referrer, seo_url)\n \t\tVALUES('{$username}', '{$passwordpro}', '{$email}', '1', '{$date}', {$referrer}, '{$seo_url}')") or die(mysql_error());
$new_user = mysql_insert_id();
// If user was referred, give the referrer points
if (isset($_COOKIE['ava_ref'])) {
mysql_query("UPDATE ava_users SET points = points + {$setting['points_refer']} WHERE id= {$referrer}");
$date = date("F j Y, G:i");
$profile_url = ProfileUrl($new_user, seoname($username));
mysql_query("INSERT INTO ava_messages (user_id, sender_id, sender_name, title, message, date) \n\t\t\t\t\tVALUES ('{$referrer}', '{$new_user}', '{$username}', '{$username} " . REF_PM_TITLE . " {$setting['site_name']}', '{$username} " . REF_PM_MESSAGE . ": <a href=\"{$profile_url}\">{$profile_url}</a>', '{$date}')");
}
echo VALIDATED;
} else {
$sql = mysql_query("INSERT INTO ava_users (username, password, email, joined, referrer, seo_url)\n \t\t\tVALUES('{$username}', '{$passwordpro}', '{$email}', '{$date}', {$referrer}, '{$seo_url}')") or die(mysql_error());
$userid = mysql_insert_id();
$data = array('email_address' => $email, 'to_username' => $username, 'subject' => EMAIL_REGISTER_HEADER . ' ' . $username, 'send_email' => 1);
$data['validate_url'] = $setting['site_url'] . '/index.php?task=validate&id=' . $userid . '&code=' . $passwordpro;
SendEmail($data, 'validate_email');
echo EMAIL4;
// Email sent message
}
}
}
} else {
<?php
if (isset($_COOKIE["ava_username"])) {
$abcd = seoname($_COOKIE["ava_username"]);
if ($setting['seo_on'] == 0) {
$url = 'index.php?task=profile&id=' . $_COOKIE['ava_userid'] . '';
$message_url = 'index.php?task=messages';
} else {
$url = 'profile/' . $_COOKIE['ava_userid'] . '/' . $abcd . '';
$message_url = 'messages';
}
$new_messages = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_messages WHERE `read` = 0 AND user_id=" . $userid . ""), 0);
echo '<b>' . $_COOKIE['ava_username'] . '</b> logged in' . $template['user_menu_seperator'] . '<img src="' . $setting['site_url'] . '/content/images/key.png"align="texttop" /> <a href="' . $setting['site_url'] . '/login.php?action=logout">' . LOGOUT . '</a>' . $template['user_menu_seperator'] . '<img src="' . $setting['site_url'] . '/content/images/newmessage.png" align="texttop" /> <a href="' . $setting['site_url'] . '/' . $message_url . '">' . MESSAGES . '</a> (' . $new_messages . ')' . $template['user_menu_seperator'] . '<img src="' . $setting['site_url'] . '/content/images/profile.png" align="texttop" /> <a href="' . $setting['site_url'] . '/' . $url . '">' . MY_PROFILE . '</a>';
$sql = mysql_query("SELECT * FROM ava_users WHERE id=" . $userid . "");
while ($row = mysql_fetch_array($sql)) {
if ($row['admin'] == 1) {
echo $template['user_menu_seperator'] . '<img src="' . $setting['site_url'] . '/content/images/admin.png"align="texttop" /> <a href=' . $setting['site_url'] . '/admin/>' . ADMIN . '</a>';
}
}
} else {
if ($setting['play_limit'] == 1) {
if ($setting['plays'] <= $_COOKIE["ava_plays"]) {
echo '' . REGISTER_NOW . ' - ';
} else {
$left = $setting['plays'] - $_COOKIE["ava_plays"];
echo '' . YOU_HAVE . ' ' . $left . ' ' . YOU_HAVE2 . ' - ';
}
}
echo '<strong><a href="' . $setting['site_url'] . '/index.php?task=login">' . LOGIN . '</a> | <a href="' . $setting['site_url'] . '/index.php?task=register">' . REGISTER . '</a></strong>';
}
function create_seoname($name, $id, $type)
{
$seo_name = seoname($name);
// Game exists before now, has the name changed?
if ($id != 0) {
if ($type == 'game') {
$game_info = mysql_fetch_array(mysql_query("SELECT name,seo_url FROM ava_games WHERE id = {$id}"));
// If the name hasnt changed, return the current seo_url value
if ($game_info['name'] == $name) {
$seo_name = $game_info['seo_url'];
return $seo_name;
}
} else {
if ($type == 'category') {
$cat_info = mysql_fetch_array(mysql_query("SELECT name,seo_url FROM ava_cats WHERE id = {$id}"));
// If the name hasnt changed, return the current seo_url value
if ($cat_info['name'] == $name) {
$seo_name = $cat_info['seo_url'];
return $seo_name;
}
} else {
if ($type == 'news') {
$news_info = mysql_fetch_array(mysql_query("SELECT title,seo_url FROM ava_news WHERE id = {$id}"));
// If the name hasnt changed, return the current seo_url value
if ($news_info['title'] == $name) {
$seo_name = $news_info['seo_url'];
return $seo_name;
}
} else {
if ($type == 'page') {
$page_info = mysql_fetch_array(mysql_query("SELECT name,seo_url FROM ava_pages WHERE id = {$id}"));
// If the name hasnt changed, return the current seo_url value
if ($page_info['name'] == $name) {
$seo_name = $page_info['seo_url'];
return $seo_name;
}
} else {
if ($type == 'topic') {
$topic_info = mysql_fetch_array(mysql_query("SELECT title,seo_url FROM ava_topics WHERE id = {$id}"));
// If the name hasnt changed, return the current seo_url value
if ($topic_info['title'] == $name) {
$seo_name = $page_info['seo_url'];
return $seo_name;
}
} else {
if ($type == 'forum') {
$forum_info = mysql_fetch_array(mysql_query("SELECT name,seo_url FROM ava_forums WHERE id = {$id}"));
// If the name hasnt changed, return the current seo_url value
if ($forum_info['name'] == $name) {
$seo_name = $forum_info['seo_url'];
return $seo_name;
}
}
}
}
}
}
}
}
$seo_name_exists = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_seonames WHERE seo_name = '{$seo_name}' AND type = '{$type}'"), 0);
if ($seo_name_exists >= 1) {
$seo_name_count = mysql_fetch_array(mysql_query("SELECT uses FROM ava_seonames WHERE seo_name = '{$seo_name}' AND type = '{$type}'"));
mysql_query("UPDATE ava_seonames SET uses = uses + 1 WHERE seo_name = '{$seo_name}' AND type = '{$type}'");
$number = $seo_name_count['uses'] + 1;
$seo_name = $seo_name . '-' . $number;
} else {
mysql_query("INSERT INTO ava_seonames (seo_name, type, uses) VALUES ('{$seo_name}', '{$type}', 1)");
}
return $seo_name;
}
$user_exists = mysql_result(mysql_query("SELECT COUNT(*) FROM ava_users WHERE username = '******'"), 0);
$username_valid = preg_match('/^[A-Za-z ][A-Za-z0-9 ]*(?:_[A-Za-z0-9 ]+)*$/', $_POST['username']);
if ($user_exists == 1) {
header("Location: {$setting['site_url']}/?task=facebook_register&e=1");
} else {
if ($username_valid == false) {
header("Location: {$setting['site_url']}/?task=facebook_register&e=3");
} else {
// insert
//echo 'nice username, shall use!';
$date = date("F j Y");
$random_pass = md5(uniqid(rand(), true));
$email = mysql_secure($fb_user['email']);
$about = mysql_secure($fb_user['about']);
$fbid = mysql_secure($fb_user['id']);
$seo_url = seoname($username);
mysql_query("INSERT INTO ava_users (username, password, email, activate, about, joined, facebook, facebook_id, seo_url)\n \t\tVALUES('{$username}', '{$random_pass}', '{$email}', '1', '{$about}', '{$date}', 1, '{$fbid}', '{$seo_url}')") or die(mysql_error());
$new_id = mysql_insert_id();
setcookie("ava_username", $username, time() + 60 * 60 * 24 * 100);
setcookie("ava_code", $random_pass, time() + 60 * 60 * 24 * 100);
setcookie("ava_userid", $new_id, time() + 60 * 60 * 24 * 100);
header("Location: {$setting['site_url']}");
}
}
} else {
header("Location: {$setting['site_url']}/?task=facebook_register&e=2");
}
}
} else {
echo 'Could not get the Facebook session. Your server may not be able to connect to Facebook securely to retrieve the user information.';
}
<?php
include '../../config.php';
include '../../includes/core.php';
include '../secure.php';
if ($login_status != 1) {
exit;
}
$id = $_POST['id'];
$old_details = mysql_fetch_array(mysql_query("SELECT * FROM ava_users WHERE id = {$id}"));
$pass = str_replace(' ', '', $_POST['password']);
if ($pass != '') {
$password = md5($_POST['password']);
mysql_query("UPDATE ava_users SET password = '******' WHERE id = {$id}") or die(mysql_error());
}
$seo_url = seoname($_POST['username']);
if ($setting['forums_installed'] == 1) {
$fs = ", forum_signature = '" . mysql_real_escape_string($_POST['forum_signature']) . "'";
} else {
$fs = '';
}
mysql_query("UPDATE ava_users SET username='******'username']) . "', activate='" . mysql_secure($_POST['active']) . "', email='" . mysql_secure($_POST['email']) . "', location='" . mysql_secure($_POST['location']) . "', about='" . mysql_secure($_POST['about']) . "', website='" . mysql_secure($_POST['website']) . "', admin='" . mysql_secure($_POST['admin']) . "', avatar='" . mysql_secure($_POST['avatar']) . "', points='" . mysql_secure($_POST['points']) . "', seo_url='{$seo_url}' {$fs} WHERE id='" . mysql_secure($_POST['id']) . "'") or die(mysql_error());
if ($old_details['username'] != $_POST['username']) {
mysql_query("UPDATE ava_posts SET username='******'username']) . "' WHERE username = '******'username']) . "'");
mysql_query("UPDATE ava_topics SET topic_starter='" . mysql_secure($_POST['username']) . "' WHERE topic_starter = '" . mysql_secure($old_details['username']) . "'");
mysql_query("UPDATE ava_topics SET last_post_user='******'username']) . "' WHERE last_post_user = '******'username']) . "'");
}
function TagUrl($tag, $page, $sort)
{
global $setting;
if (!isset($sort)) {
$sort = 'newest';
}
$tag = seoname($tag);
if ($page == 1 && $sort == 'newest') {
if ($setting['seo_on'] == 0) {
$tag_link = '/index.php?task=tag&t=' . $tag;
} else {
$tag_link = '/tag/' . $tag;
}
} else {
if ($setting['seo_on'] == 0) {
$tag_link = '/index.php?task=tag&t=' . $tag . '&sortby=' . $sort . '&page=' . $page;
} else {
$tag_link = '/tag/' . $tag . '/' . $sort . '/' . $page;
}
}
return $setting['site_url'] . $tag_link;
}
