die("The reCAPTCHA wasn't entered correctly. Go back and try it again." . "(reCAPTCHA said: " . $resp->error . ")");
}
} elseif ($settings['userecaptcha'] == "no" && $_POST['security'] != 'ten') {
die('You did not pass the security check. Go back and try again.');
}
$comment_timestamp = trim($_POST['timestamp']);
$submitted_timestamp = time();
if (isset($_POST['addcomment'])) {
if (empty($_POST['userid'])) {
echo 'Sorry, the blog you were commenting seems to be invalid.';
} elseif (empty($_POST['comment']) || empty($_POST['name'])) {
echo 'Please go back and try again, it seems the comment or name was left empty.';
} else {
$comment = yasDB_clean($_POST['comment']);
$name = yasDB_clean($_POST['name']);
$ipaddress = yasDB_clean($_SERVER['REMOTE_ADDR']);
yasDB_insert("INSERT INTO `newsblog` (id, comment, ipaddress, username) values ('', '{$comment}', '{$ipaddress}', '{$name}')", false);
echo '<script>alert("Comment added!");</script>';
}
} else {
echo 'Unexpected error!';
}
if (empty($_POST['userid'])) {
echo '<META http-equiv="refresh" content="2; URL=' . $setting['siteurl'] . '">';
} else {
if ($setting['seo'] == 'yes') {
echo '<META http-equiv="refresh" content="2; URL=' . $setting['siteurl'] . 'shownews/' . intval($_POST['userid']) . '/.html">';
} elseif ($setting['seo'] == 'no') {
echo '<META http-equiv="refresh" content="2; URL=' . $setting['siteurl'] . 'index.php?act=shownews&id=' . intval($_POST['userid']) . '">';
}
}
function install_playtomic($gameid)
{
$table = '';
$pre = 'ptomic';
global $mysqli;
$categories = array('Action' => 2, 'Adventure' => 3, 'Strategy' => 10, 'Multiplayer' => 2, 'Puzzle' => 1, 'Rhythm' => 7, 'Shooter' => 5, 'Sports' => 4, 'Other' => 7, 'RPG' => 3, 'Arcade' => 9, 'Driving' => 4, 'Defense' => 10, 'Rhythm' => 7, 'Education' => 7, 'Gadgets' => 1, 'Fighting' => 2, 'Dress Up' => 8, 'Board Game' => 7, 'Pimp & Customize' => 8, 'Pimp & Customize' => 8);
$query = yasDB_select("SELECT * FROM `playtomicfeed` WHERE `id` = '{$gameid}'", false);
$result = $query->fetch_array(MYSQLI_ASSOC);
$gamename = $result['name'];
$thumburl = $result['thumburl'];
$thumburl_200 = $result['thumbnail_200x200'];
$screen1_thumb = '';
$screen2_thumb = '';
$screen3_thumb = '';
$screen4_thumb = '';
$gameurl = $result['gameurl'];
$c = explode(",", $result['categories']);
// Remove comma delimiter and seperate categories into array in order to insert single category.
$category = $categories[$c[0]];
$slug = str_replace(array('-', '_'), '', $result['slug']);
// Download and save game file
$game_file = $pre . "_" . $slug . "." . GetFileExtension($result['gameurl']);
$game_url = '../swf/' . $game_file;
download_file($gameurl, $game_url);
$gamefile = 'swf/' . $game_file;
// Download and save 100x100 thumbnail pic
$smallthumb = $pre . "_" . $slug . "." . GetFileExtension($result['thumburl']);
$sm_thumb = '../img/' . $smallthumb;
download_file($thumburl, $sm_thumb);
$gamethumb = 'img/' . $smallthumb;
// Download and save 200x200 thumbnail pic
$gamethumb200 = '';
/*if(!empty($result['thumbnail_200x200']) || $type == 0) {
$t_url = str_replace("..", "", $result['thumbnail_200x200']);
$mediumthumb = $pre."_200_" . $slug . "." . GetFileExtension($result['thumbnail_200x200']);
$med_thumb = '../img/' . $mediumthumb;
download_file($t_url, $med_thumb);
$gamethumb200 = 'img/' . $mediumthumb;
} else {
$gamethumb200 = '';
}*/
/////////////////////////////////////////////////////////////////////////////////////////////////
// Remove code comment to download the game screen images - depends on availabilty in the feed //
/////////////////////////////////////////////////////////////////////////////////////////////////
/*
// Download and save screen 1 pic
if($result['screenthumburl1']) {
$t_url = str_replace("..", "", $result['screenthumburl1']);
$largethumb = $pre."_screen1_" . $slug . "." . GetFileExtension($result['screenthumburl1']);
$screen1_thumb = '../img/' . $largethumb;
download_file($t_url, $screen1_thumb);
}
// Download and save screen 2 pic
if($result['screenthumburl2']) {
$t_url = str_replace("..", "", $result['screenthumburl2']);
$largethumb = $pre."_screen2_" . $slug . "." . GetFileExtension($result['screenthumburl2']);
$screen2_thumb = '../img/' . $largethumb;
download_file($t_url, $screen2_thumb);
}
// Download and save screen 3 pic
if($result['screenthumburl3']) {
$t_url = str_replace("..", "", $result['screenthumburl3']);
$largethumb = $pre."_screen3_" . $slug . "." . GetFileExtension($result['screenthumburl3']);
$screen3_thumb = '../img/' . $largethumb;
download_file($t_url, $screen3_thumb);
}
// Download and save screen 4 pic
if($result['screenthumburl2']) {
$t_url = str_replace("..", "", $result['screenthumburl4']);
$largethumb = $pre."_screen4_" . $slug . "." . GetFileExtension($result['screenthumburl4']);
$screen4_thumb = '../img/' . $largethumb;
download_file($t_url, $screen4_thumb);
}
*/
$desc = yasDB_clean($result['description']);
// Prep for DB insert
$instructions = yasDB_clean($result['instructions']);
$keywords = $result['keywords'];
$keywords = yasDB_clean($keywords);
$gamename = yasDB_clean($gamename);
$gamefile = yasDB_clean($gamefile);
$gamethumb = yasDB_clean($gamethumb);
$height = $result['height'];
$width = $result['width'];
$query->close();
$query = yasDB_insert("INSERT INTO `games` (`id`, `title`, `description`, `instructions`, `keywords`, `file`, `height`, `width`, `category`, `plays`, `code`, `type`, `source`, `sourceid`, `thumbnail`, `thumbnail_200`, `screen1`, `screen2`, `screen3`, `screen4`) VALUES (NULL, '{$gamename}', '{$desc}', '{$instructions}', '{$keywords}', '{$gamefile}', '{$height}', '{$width}', {$category}, 0, '', 'SWF', 'PLAYTOMIC', {$gameid}, '{$gamethumb}', '{$gamethumb200}', '{$screen1_thumb}', '{$screen2_thumb}','{$screen3_thumb}','{$screen4_thumb}')", false);
if (!$query) {
echo 'Error updating Games database';
return false;
}
$query = yasDB_update("UPDATE `playtomicfeed` SET isinstalled = 1 WHERE id = '{$result['id']}'", false);
if (!query) {
echo 'Error updating $table database';
return false;
}
return true;
}
} elseif (strlen($post_text) > 30) {
$errormsg = 'Your text cannot be greater then 30 characters.';
} elseif (strlen($post_url) > 65) {
$errormsg = 'Your url cannot be greater then 65 characters.';
} elseif (strlen($post_reciprocal) > 65) {
$errormsg = 'Your Reciprocal link cannot be greater then 65 characters.';
} elseif ($passed) {
$checklink = new checkLink();
$response = $checklink->validateLink($post_reciprocal, $setting['siteurl']);
switch ($response) {
case LINKFOUND:
if ($setting['approvelinks'] == 'no') {
yasDB_insert("INSERT INTO links(`url`, `text`, `description`, `reciprocal`, `approved`, `email`)\r\r\n\t\t\t\t\t\t\tVALUES('{$post_url}', '{$post_text}', '{$post_desc}', '{$post_reciprocal}', 'no', '{$post_linkemail}')");
$successmsg = "Your link has been added. It will not show up until an admin approves the link. </br>An email will be sent on approval.";
} else {
yasDB_insert("INSERT INTO links(`url`, `text`, `description`, `reciprocal`, `approved`, `email`)\r\r\n\t\t\t\t\t\t\tVALUES('{$post_url}', '{$post_text}', '{$post_desc}', '{$post_reciprocal}', 'yes', '{$post_linkemail}')");
$successmsg = 'Your link has been added and approved pending a manual review by an admin.';
}
break;
case LINKNOTFOUND:
$errormsg = "We did not find our link on your web page " . $post_reciprocal . ". </br>Please make sure you have added it and it is a hard link and then resubmit the request.";
break;
case LINKFOUNDNOFOLLOW:
$errormsg = 'Our link was found but you have added a rel="nofollow" attribute. Please remove this and resubmit the request. </br>We use a scheduled back link checker. Please respect our link exchange.';
break;
case LINKDATAERROR:
$errormsg = 'We received an error while checking for our link on your web page ' . $post_reciprocal . '. </br>Please check that you typed the reciprocal link correctly and resubmit the request';
break;
}
// send email to admin notifying of the link request
$message = 'Link exchange request through ' . $setting['siteurl'] . "\r\n";
function install_mgfgame($gameid)
{
global $mysqli;
$query = yasDB_select("SELECT * FROM `mgffeed` WHERE `id` = '{$gameid}'", false);
$result = $query->fetch_array(MYSQLI_ASSOC);
// Download and save game file
if ($result['file']) {
$g_url = str_replace("..", "", $result['file']);
$game_file = basename($g_url);
$game_file = "mgf_" . $result['title'] . "." . GetFileExtension($result['file']);
$game_url = '../swf/' . $game_file;
download_file($g_url, $game_url);
} else {
return false;
}
// Download and save thumbnail pic
if ($result['thumbnail']) {
$t_url = str_replace("..", "", $result['thumbnail']);
$smallthumb = "mgf_" . $result['title'] . "." . GetFileExtension($result['thumbnail']);
$sm_thumb = '../img/' . $smallthumb;
download_file($t_url, $sm_thumb);
}
$desc = yasDB_clean($result['description']);
// Prep for DB insert
$gamename = yasDB_clean($result['title']);
$keywords = yasDB_clean($result['keywords']);
$gamefile = yasDB_clean(str_replace("../", "", $game_url));
$gamethumb = yasDB_clean(str_replace("../", "", $sm_thumb));
$gamethumb200 = yasDB_clean(str_replace("../", "", $med_thumb));
$height = intval($result['height']);
$width = intval($result['width']);
$instructions = yasDB_clean($result['instructions']);
$keywords = yasDB_clean($result['keywords']);
$category = $result['category'];
$review = yasDB_clean($result['review']);
$query->close();
$query = yasDB_insert("INSERT INTO `games` (`id`, `title`, `description`, `instructions`, `keywords`, `file`, `height`, `width`, `category`, `plays`, `code`, `type`, `source`, `sourceid`, `thumbnail`, `ismochi`, `thumbnail_200`, `screen1`, `screen2`, `screen3`, `screen4`, `review`, `active`) VALUES (NULL, '{$gamename}', '{$desc}', '{$instructions}', '{$keywords}', '{$gamefile}', {$height}, {$width}, {$category}, 0, '', 'SWF', 'OTHER', {$gameid}, '{$gamethumb}', 0, '{$gamethumb200}', '', '','','', '{$review}', 1)", false);
if (!$query) {
echo 'Error updating Games database';
return false;
}
$query = yasDB_update("UPDATE mgffeed SET installed = '1' WHERE id = {$result['id']}", false);
if (!$query) {
echo 'Error updating mgffeed database';
return false;
}
return true;
}
<div id="center-column">
<div class="top-bar">
<h1>Cpanel - Ads</h1>
<div class="breadcrumbs"><a href="index.php?act=ads" title="Manage Ads">Manage Ads</a></div>
</div><br />
<div class="select-bar">
<label>
<h3>Add Ads</h3>
</label>
</div>
<?php
if (isset($_POST['add_ads'])) {
$name = yasDB_clean($_POST['name']);
$code = stripslashes($_POST['code']);
yasDB_insert("INSERT INTO `ads` ( `id` , `name` , `code`) VALUES ('', '" . $name . "', '" . $code . "')", false);
echo 'Ad added!';
} else {
?>
<div class="table">
<img src="img/bg-th-left.gif" width="8" height="7" alt="" class="left" />
<img src="img/bg-th-right.gif" width="7" height="7" alt="" class="right" />
<form name="add_ads" method="post" action="index.php?act=addads">
<table class="listing form" cellpadding="0" cellspacing="0">
<tr>
<th class="full" colspan="2">Ads</th>
</tr>
<tr>
<td class="first" width="172"><strong>Name</strong></td>
<td class="last"><input type="text" name="name" maxlength="255" /></td>
</tr>
<tr class="bg">
$name = yasDB_clean($_POST['name']);
} else {
if (isset($_SESSION['user'])) {
$name = $_SESSION['user'];
} else {
$name = '';
}
}
if (remoteFileExists($tn) === true) {
$thumb = 'img/' . preg_replace('#\\W#', '', $title) . rand(0, pow(10, 5)) . '.' . get_file_extension($tn);
download_file($tn, $setting['sitepath'] . '/' . $thumb);
} else {
$thumb = '';
}
}
yasDB_insert("INSERT INTO games (title, description, category, thumbnail, keywords, file, height, width, type, active) values ('{$title}', '{$desc}', " . intval($_POST['category']) . ", '{$thumb}', '{$keywords}', '{$file}', {$height}, {$width}, '" . yasDB_clean($_POST['type']) . "', 1)", false);
if (isset($_SESSION['user'])) {
$user = yasDB_clean($_SESSION['user']);
//yasDB_update("UPDATE `user` set videos = videos +1 WHERE username = '******'"); // add a video to users profile
}
echo '<center>Media successfully added!</font><br/>';
echo '<a href="index.php?">Click here to proceed</a></center>';
} else {
?>
<div class="table">
<form enctype="multipart/form-data" action="" method="post">
<table class="listing form" cellpadding="0" cellspacing="0">
<tr>
<th class="full" colspan="2">ADD YOUTUBE VIDEOS TO ALL PET HUMOR</th>
</tr>
<tr>
function install_vascogame($gameid)
{
global $mysqli;
$query = yasDB_select("SELECT * FROM `vascogames` WHERE `id` = '{$gameid}'", false);
$result = $query->fetch_array(MYSQLI_ASSOC);
$categories = array('action games' => 2, 'adventure games' => 3, 'strategy games' => 10, 'skill games' => 10, 'puzzle games' => 1, 'arcade games' => 9, 'shooting games' => 5, 'sports games' => 4, 'misc games' => 7, 'car games' => 4);
//Strategy
// Download and save game file
if ($result['file']) {
$g_url = str_replace("..", "", $result['file']);
$game_file = basename($g_url);
$game_file = "vasco_" . preg_replace('#\\W#', '', $result['title']) . "." . GetFileExtension($result['file']);
$game_url = '../swf/' . $game_file;
download_file($g_url, $game_url);
} else {
return false;
}
// Download and save thumbnail pic
if ($result['thumbnail']) {
$t_url = str_replace("..", "", $result['thumbnail']);
$smallthumb = "vasco_" . preg_replace('#\\W#', '', $result['title']) . "." . GetFileExtension($result['thumbnail']);
$thumb = '../img/' . $smallthumb;
download_file($t_url, $thumb);
}
$desc = yasDB_clean($result['description']);
// Prep for DB insert
$gamename = yasDB_clean($result['title']);
$gamefile = yasDB_clean(str_replace("../", "", $game_url));
$gamethumb = yasDB_clean(str_replace("../", "", $thumb));
$height = $result['height'];
$width = $result['width'];
$c = $result['category'];
$category = $categories[$c];
$query->close();
if ($category == null || $category == '' || $category == 0) {
$category == 7;
}
$query = yasDB_insert("INSERT INTO `games` (`id`, `title`, `description`, `instructions`, `keywords`, `file`, `height`, `width`, `category`, `plays`, `code`, `type`, `source`, `sourceid`, `thumbnail`, `thumbnail_200`, `screen1`, `screen2`, `screen3`, `screen4`) VALUES (NULL, '{$gamename}', '{$desc}', '', '', '{$gamefile}', {$height}, {$width}, {$category}, 0, '', 'SWF', 'VASCOGAMES', {$gameid}, '{$gamethumb}', '', '', '','','')", false);
if (!$query) {
echo 'Error updating Games database';
return false;
}
$query = yasDB_update("UPDATE `vascogames` SET `installed` = 1 WHERE `id` = {$result['id']}", false);
if (!query) {
echo 'Error updating vascogames database';
return false;
}
return true;
}
">
<?php
exit;
}
if ($passed) {
$username = yasDB_clean($_POST["username2"]);
$password = md5(yasDB_clean($_POST["password"]));
$name = yasDB_clean($_POST["name"]);
$email = yasDB_clean($_POST["email"]);
$website = yasDB_clean($_POST["website"]);
$date = time() + 0 * 24 * 60 * 60;
$plays = 0;
$points = 0;
$stmt = yasDB_select("SELECT * FROM user WHERE username LIKE '{$username}'");
if ($stmt->num_rows == 0) {
$stmt = yasDB_insert("INSERT INTO `user` (username, password, name, email, website, plays, points, date) VALUES ('{$username}','{$password}','{$name}','{$email}','{$website}','{$plays}','{$points}', '{$date}')", false);
if ($stmt) {
?>
<script>alert("Registered: You can now log in");</script>
<META HTTP-EQUIV="Refresh" CONTENT="0; URL=<?php
echo $setting['siteurl'];
?>
">
<?php
exit;
} else {
$stmt->close();
?>
<script>alert("Action Failed");</script>
<META HTTP-EQUIV="Refresh" CONTENT="0; URL=<?php
echo $setting['siteurl'];
<div class="top-bar">
<h1>Cpanel - Insert Code</h1>
<div class="breadcrumbs"><a href="index.php?act=addmedia" title="Ad Media">Add Media</a> / <a href="index.php?act=managegames" title="Manage Games">Manage Games</a> / <a href="index.php?act=uploadgames" title="Upload Games">Upload Games</a> / <a href="index.php?act=brokenfiles" title="Broken Files">Broken Files</a></div>
</div><br />
<div class="select-bar">
<label>
<h3>Add Embed Code</h3>
</label>
</div>
<?php
if (isset($_POST['add'])) {
$title = yasDB_admin($_POST['title']);
$desc = yasDB_admin($_POST['description']);
$thumb = yasDB_admin($_POST['thumbnail']);
$code = yasDB_admin($_POST['code']);
yasDB_insert("INSERT INTO games (title, description, category, thumbnail, code, height, width, type) values ('{$title}', '{$desc}', '{$_POST['category']}', '{$thumb}', '{$code}', '', '', 'CustomCode')", false);
echo '<center>Embed Code successfully added!<br/><br/>';
echo '<a href="index.php?act=addmedia">Click here to proceed</a><center>';
} else {
?>
<div class="table">
<img src="img/bg-th-left.gif" width="8" height="7" alt="" class="left" />
<img src="img/bg-th-right.gif" width="7" height="7" alt="" class="right" />
<form enctype="multipart/form-data" action="" method="post">
<table class="listing form" cellpadding="0" cellspacing="0">
<tr>
<th class="full" colspan="2">Add Code</th>
</tr>
<tr>
<td class="first" width="172"><strong>Title</strong></td>
<td class="last"><input type="text" name="title" style="width:275px;"/></td>
print '<div id="status">error</div><div id="message"> No file was uploaded</div>';
break;
}
} else {
print '<div id="status">success</div><div id="message">Your Avatar has been updated.';
$avatarfile = 'useruploads/' . $filename;
$settings = array('w' => 100, 'h' => 100);
$image = new SimpleImage();
$image->load($setting['siteurl'] . 'avatars/' . $avatarfile);
if ($image->getHeight() > $image->getWidth()) {
$image->resizeToHeight(100);
} else {
$image->resizeToWidth(100);
}
$image->save($setting['sitepath'] . '/avatars/' . $avatarfile);
$avatar = 1;
$userid = yasDB_clean($_POST['userid']);
yasDB_update("UPDATE `user` SET useavatar='{$avatar}', avatarfile='{$avatarfile}' WHERE id='{$userid}'");
yasDB_insert("INSERT INTO `avatars` (userid, avatar) VALUES ('{$userid}', '{$avatarfile}')");
?>
<script type="text/javascript">
$('#avatarimage').attr("src", "<?php
echo $setting['siteurl'];
?>
/avatars/" + "<?php
echo $avatarfile;
?>
");
</script>
<?php
}
$message->setSubject('Contact message from ' . $username . ' through ' . $setting['sitename']);
// Set the From address with an associative array
$message->setFrom(array($email => $username));
// Set the To addresses with an associative array
$message->setTo(array($setting['email'] => 'Admin'));
$body = "<br/><b>Name:</b> " . $username . "<br/><br/><b>Return email:</b> " . $email . "<br/><br/><b>Reason:</b> Sent from Career Opportunities Form<br/><br/><b>Message:</b> " . $usermessage;
$message->setBody($body, 'text/html', 'iso-8859-2');
$message->attach(Swift_Attachment::fromPath($target)->setFilename($filename));
if ($mailer->send($message)) {
echo "Message sent, Thank You.";
} else {
echo "Message failed to send.";
}
}
} else {
yasDB_insert("INSERT INTO contact (name,email,message,created_date) VALUES('{$name}','{$email}','{$usermessage}','{$time}')");
echo "<h2>Thank You !</h2>";
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= 'To: Admin <' . $setting['email'] . '>' . "\r\n";
$headers .= 'From: ' . $username . ' <' . $username . '>' . "\r\n";
$subject = 'Contact message from ' . $username . ' through ' . $setting['sitename'];
$reason = yasDB_clean($_POST['reason']);
$message = "<br/><b>Name:</b> " . $username . "<br/><br/><b>Return email:</b> " . $email . "<br/><br/><b>Reason:</b> " . $reason . "<br/><br/><b>Message:</b> " . $usermessage;
if (@mail($setting['email'], $subject, stripslashes($message), $headers)) {
echo '<span style="color:red;">Message sent</span><br/><br/>';
} else {
echo '<span style="color:red;">Error sending message</span><br/><br/>';
}
}
} else {
</tr>
</table>
</div>
</form>
<?php
}
} elseif (isset($_POST['edit'])) {
if (empty($_POST['subject']) || empty($_POST['text'])) {
echo '<center>One or more fields was left empty.<br />';
echo '<a href="index.php?act=managetopics&edit=' . $_POST['id'] . '">Click here to go back</a></center>';
} else {
yasDB_update("UPDATE forumtopics SET subject = '" . yasDB_clean($_POST['subject']) . "', views = '{$_POST['views']}', date = '{$_POST['date']}', name = '{$_POST['name']}', text = '{$_POST['text']}', cat = '" . yasDB_clean($_POST['cat']) . "' where id = {$_POST['id']}", false);
$result = yasDB_select("SELECT id FROM forumtopics WHERE id = {$_POST['id']}");
if ($_POST['featured'] == 'yes') {
if ($result->num_rows == 0) {
yasDB_insert("INSERT INTO forumtopics (id) VALUES({$_POST['id']})");
}
} elseif ($_POST['featured'] == 'no') {
yasDB_delete("DELETE FROM forumtopics WHERE id = {$_POST['id']}");
}
echo '<p align="center">Topic Successfully edited!<br />';
if (!empty($_POST['m'])) {
echo '<center><a href="index.php?act=managetopics">Click here to proceed</a></p></center>';
} else {
echo '<center><a href="index.php?act=brokenfiles">Click here to proceed</a></p></center>';
}
}
} elseif (!empty($_GET['delete'])) {
$query = yasDB_select("SELECT id,name FROM forumtopics WHERE id = '{$_GET['delete']}'", false);
if ($query->num_rows == 0) {
echo '<center>You cannot delete a Topic that does not exist!<br />';
</table>
</div>
</form>
<?php
}
} elseif (isset($_POST['edit'])) {
if (empty($_POST['title']) || empty($_POST['thumbnail'])) {
echo '<center>One or more fields was left empty.<br />';
echo '<a href="index.php?act=managegames&edit=' . intval($_POST['id']) . '">Click here to go back</a></center>';
} else {
$pid = intval($_POST['id']);
yasDB_update("UPDATE games SET title = '" . yasDB_clean($_POST['title']) . "', description = '" . yasDB_clean($_POST['description']) . "', instructions = '" . yasDB_clean($_POST['instructions']) . "', code = '" . yasDB_clean($_POST['gamecode']) . "',keywords = '" . yasDB_clean($_POST['keywords']) . "', category = " . intval($_POST['category']) . ", height = " . intval($_POST['gameheight']) . ", width = " . intval($_POST['gamewidth']) . ", type = '" . yasDB_clean($_POST['type']) . "', thumbnail = '" . yasDB_clean($_POST['thumbnail']) . "', file = '" . yasDB_clean($_POST['file']) . "', active=" . intval($_POST['active']) . ", review='" . yasDB_clean($_POST['review']) . "' where id = {$pid}", false);
$result = yasDB_select("SELECT gameid FROM featuredgames WHERE gameid = {$pid}");
if ($_POST['featured'] == 'yes') {
if ($result->num_rows == 0) {
yasDB_insert("INSERT INTO featuredgames (gameid) VALUES({$pid})");
}
} elseif ($_POST['featured'] == 'no') {
yasDB_delete("DELETE FROM featuredgames WHERE gameid = {$pid}");
}
echo '<p align="center">File Successfully edited!<br />';
if (!empty($_POST['m'])) {
if (isset($_SESSION['editurl']) && $_SESSION['editurl'] != '') {
$eurl = $_SESSION['editurl'];
} else {
$eurl = 'index.php?act=managegames';
}
echo '<center><a href="' . $eurl . '">Click here to proceed</a></p></center>';
$_SESSION['editurl'] = '';
} else {
echo '<center><a href="index.php?act=brokenfiles">Click here to proceed</a></p></center>';
<h1>Cpanel - Links Exchange</h1>
<div class="breadcrumbs"><a href="index.php?act=links">Links</a></div>
</div><br />
<div class="select-bar">
<label>
<h3>Add Link</h3>
</label>
</div>
<?php
if (isset($_POST['add_link'])) {
$url = yasDB_clean($_POST['url']);
$des = yasDB_clean($_POST['description']);
$text = yasDB_clean($_POST['text']);
$reciprocal = yasDB_clean($_POST['reciprocal']);
$email = yasDB_clean($_POST['email']);
yasDB_insert("INSERT INTO links ( `id` , `url` , `text`, `description`, `email`, `in`, `out`, `reciprocal`, `approved`) VALUES ('', '" . $url . "', '" . $text . "', '" . $des . "', '" . $email . "', '0', '0', '" . $reciprocal . "', 'yes')");
echo '<center>Link added!<br>
<a href="index.php?act=addlink" />Continue</a></center>';
} else {
?>
<div class="table">
<img src="img/bg-th-left.gif" width="8" height="7" alt="" class="left" />
<img src="img/bg-th-right.gif" width="7" height="7" alt="" class="right" />
<form name="add_link" method="post" action="index.php?act=addlink">
<table class="listing form" cellpadding="0" cellspacing="0">
<tr>
<th class="full" colspan="2">Add A Link</th>
</tr>
<tr>
<td class="first" width="172"><strong>Title</strong></td>
<td class="last"><input type="text" name="text" maxlength="255" /></td>
<?php
session_start();
include "db_functions.inc.php";
if (isset($_SESSION['userid'])) {
$gameid = yasDB_clean($_GET['gid']);
$userid = yasDB_clean($_SESSION['userid']);
$query = yasDB_select("SELECT `gameid` FROM `favourite` WHERE `userid` = {$userid} && `gameid` = {$gameid}");
if ($query->num_rows == 0) {
yasDB_insert("INSERT INTO `favourite` (userid, gameid) VALUES ({$userid}, {$gameid})");
}
}
<?php
session_start();
include "db_functions.inc.php";
if (isset($_GET['gid'])) {
$gameid = yasDB_clean($_GET['gid']);
$userid = yasDB_clean($_SESSION['userid']);
yasDB_insert("DELETE FROM `favourite` WHERE userid = {$userid} and gameid = {$gameid}") or die("Could not delete favorite from the database.");
}
$desc = yasDB_clean($_POST['description']);
$title = yasDB_clean($_POST['title']);
$instructions = yasDB_clean($_POST['instructions']);
$keywords = yasDB_clean($_POST['keywords']);
$height = intval($_POST['height']);
$width = intval($_POST['width']);
$category = intval($_POST['category']);
$type = yasDB_clean($_POST['type']);
if ($height > 0 && $width > 0) {
$query = yasDB_insert("INSERT INTO games (title, description, instructions, keywords, category, thumbnail, file, height, width, type, active) VALUES ('{$title}', '{$desc}', '{$instructions}', '{$keywords}', {$category}, '{$img}', '{$file}', '{$height}', '{$width}'', '{$type}', '0')", false);
if ($query) {
echo '<center><span style="display:block;text-align:center;font-size:24px;padding:10px 0 50px 0;">Game successfully added!</span></center>';
}
} else {
list($width, $height, $type, $attributes) = getimagesize($setting['sitepath'] . '/' . $file);
$query = yasDB_insert("INSERT INTO games (title, description, instructions, keywords, category, thumbnail, file, height, width, type, active) VALUES ('{$title}', '{$desc}', '{$instructions}', '{$keywords}', {$category}, '{$img}', '{$file}', '{$height}', '{$width}', '{$type}', '0')", false);
if ($query) {
echo '<center><span style="display:block;text-align:center;font-size:24px;padding:10px 0 50px 0;">Game successfully added!</span></center>';
}
}
}
} else {
echo '<center>File or thumbnail type not supported</center>';
exit;
}
}
?>
</div><div class="clear"></div></div>
<div class="container_box1">
<div id="headergames2"> Submit Game</div>
<div class="containbox">
} else {
$passed = true;
}
} elseif ($_POST['recaptcha'] == 'no') {
$answer = array('10', 'ten');
if (!in_array(strtolower($_POST['security']), $answer)) {
$passed = false;
} else {
$passed = true;
}
}
if ($passed && !$missing) {
$userid = yasDB_clean($_POST['userid']);
$comment = yasDB_clean($_POST['comment']);
$ipaddress = yasDB_clean($_SERVER['REMOTE_ADDR']);
yasDB_insert("INSERT INTO `newsblog` (userid, comment, ipaddress) values ('{$userid}', '{$comment}', '{$ipaddress}')", false);
echo '<script>alert("Comment added!");</script>';
} elseif (!$passes && !$missing) {
echo '<span style="color:red;">The security question was answered incorrectly. Please try again.</span><br/><br/>';
}
}
$query = yasDB_select("SELECT * FROM `news` WHERE id = '{$id}'", false);
$row = $query->fetch_array(MYSQLI_ASSOC);
$query->close();
$news = $row['news_text'];
if ($setting['seo'] == 'yes') {
echo '<div class="news_box">
<div class="news_box1">
<div class="news_link"><a href="' . $setting['siteurl'] . 'news.html">Go Back</a></div>
<div class="news_image">
<img src="' . $setting['siteurl'] . '/templates/' . $setting['theme'] . '/skins/' . $setting['skin'] . '/images/news.png" height="60" width="60">
$cat = yasDB_clean($_POST['cat']);
$subject = yasDB_clean($_POST['subject']);
$text = yasDB_clean($_POST['text']);
if (isset($_POST['name'])) {
$name = yasDB_clean($_POST['name']);
} else {
if (isset($_SESSION['user'])) {
$name = $_SESSION['user'];
} else {
$name = '';
}
}
$date = date("F j, Y, g:i a");
//create date time
$sql = "INSERT INTO `forumtopics` (id, subject, cat, date, name, text,lastupdate) VALUES ('', '{$subject}', {$cat}, '{$date}', '{$name}', '{$text}'," . time() . ")";
$result = yasDB_insert($sql);
if (isset($_SESSION['user'])) {
$user = yasDB_clean($_SESSION['user']);
yasDB_update("UPDATE `user` set topics = topics +1 WHERE username = '******'");
// add a post to the user
yasDB_update("UPDATE `user` set totalposts = totalposts +1 WHERE username = '******'");
// add a post to user total
yasDB_update("UPDATE `stats` set numbers = numbers +1 WHERE id = '3'");
// adds a post to Forum Total Posts
yasDB_update("UPDATE `stats` set numbers = numbers +1 WHERE id = '4'");
// adds a post to Post Today
}
if ($result) {
?>
<center>Successful<br/></center>
<?php
function install_fgdgame($gameid)
{
global $mysqli;
$query = yasDB_select("SELECT * FROM `fgdfeed` WHERE `id` = '{$gameid}'", false);
$result = $query->fetch_array(MYSQLI_ASSOC);
$categories = array('Action' => 2, 'Adventure' => 3, 'Arcade' => 9, 'Defense' => 10, 'Casino' => 6, 'Driving' => 2, 'Fighting' => 2, 'Gadgets' => 10, 'Multiplayer' => 2, 'Puzzle' => 1, 'Rhythm' => 7, 'RPG' => 3, 'Shooter' => 5, 'Sports' => 4, 'Strategy' => 10, 'Other' => 7);
//Other
// Download and save game file
if ($result['gamefile']) {
$g_url = str_replace("..", "", $result['gamefile']);
$game_file = basename($g_url);
$game_file = "fgd_" . $result['uuid'] . "." . GetFileExtension($result['gamefile']);
$game_url = '../swf/' . $game_file;
download_file($g_url, $game_url);
} else {
return false;
}
// Download and save thumbnail pic
if ($result['thumbfile']) {
$t_url = str_replace("..", "", $result['thumbfile']);
$smallthumb = "fgd_" . $result['uuid'] . "." . GetFileExtension($result['thumbfile']);
$thumb = '../img/' . $smallthumb;
download_file($t_url, $thumb);
}
$desc = yasDB_clean($result['description']);
// Prep for DB insert
$gamename = yasDB_clean($result['title']);
$gamefile = yasDB_clean(str_replace("../", "", $game_url));
$gamethumb = yasDB_clean(str_replace("../", "", $thumb));
$tags = yasDB_clean($result['tags']);
$height = $result['height'];
$width = $result['width'];
$c = explode(",", $result['categories']);
if ($c[0] == "Other" || $c[0] == "Gadgets" || $c[0] == "Rhythm" || $c[0] == "Arcade") {
$category = getCategory(wordsArray($result['title'] . ' ' . $result['description'] . ' ' . $result['tags']));
} else {
$category = $categories[$c[0]];
}
$query->close();
$query = yasDB_insert("INSERT INTO `games` (`id`, `title`, `description`, `instructions`, `keywords`, `file`, `height`, `width`, `category`, `plays`, `code`, `type`, `source`, `sourceid`, `thumbnail`, `thumbnail_200`, `screen1`, `screen2`, `screen3`, `screen4`) VALUES (NULL, '{$gamename}', '{$desc}', '', '{$tags}', '{$gamefile}', {$height}, {$width}, {$category}, 0, '', 'SWF', 'FGD', {$gameid}, '{$gamethumb}', '', '', '','','')", false);
if (!$query) {
echo 'Error updating Games database';
return false;
}
$query = yasDB_update("UPDATE fgdfeed SET installed = 1 WHERE id = {$result['id']}", false);
if (!query) {
echo 'Error updating fgdfeed database';
return false;
}
return true;
}
$user = null;
}
if (!empty($user_profile)) {
$username = $user_profile['name'];
$uid = $user_profile['id'];
$email = $user_profile['email'];
$user = new User();
$userdata = $user->checkUser($uid, 'facebook', $username, $email);
if (!empty($userdata)) {
$_SESSION['userid'] = $userdata['id'];
$_SESSION['oauth_id'] = $uid;
$_SESSION['user'] = $userdata['username'];
$_SESSION['email'] = $email;
$_SESSION['oauth_provider'] = $userdata['oauth_provider'];
$now = time();
$query = yasDB_select("SELECT `id` FROM `membersonline` WHERE `memberid` = '{$userdata['id']}'");
if ($query->num_rows == 0) {
yasDB_insert("INSERT INTO `membersonline` (id, memberid, timeactive) VALUES ('', '{$userdata['id']}', '{$now}')", false);
} else {
yasDB_update("UPDATE `membersonline` SET timeactive='{$now}' WHERE `memberid`='{$userdata['id']}'");
}
header("Location: " . $setting['siteurl']);
exit;
}
} else {
die("There was an error.");
}
} else {
$login_url = $facebook->getLoginUrl(array('scope' => 'email'));
header("Location: " . $login_url);
}
<div id="headergames2">Profile</div>
<?php
if (!isset($_SESSION["user"])) {
echo '<center><span style="font-size:150%;text-align:center;">You must Register or log in to view member profiles.</span></center></div>';
} else {
if (isset($_POST['addcomment'])) {
if (empty($_POST['userid'])) {
echo 'Sorry, the member you were commenting seems to be invalid.';
} elseif (empty($_POST['comment']) || empty($_POST['name'])) {
echo 'Please go back and try again, it seems the comment or name was left empty.';
} else {
$userid = yasDB_clean($_POST['userid']);
$comment = yasDB_clean($_POST['comment'], true);
$name = yasDB_clean($_POST['name']);
$ipaddress = $_SERVER['REMOTE_ADDR'];
yasDB_insert("INSERT INTO `memberscomments` (id,userid, comment, ipaddress, name) values ('', '{$userid}', '{$comment}', '{$ipaddress}', '{$name}')", false);
echo '<div class="container_box3"><span style="color:red;">Comment added!</span></div>';
}
}
$id = yasDB_clean($_GET['id']);
$query = yasDB_select("SELECT * FROM `user` WHERE id = '{$id}'");
$row = $query->fetch_array(MYSQLI_ASSOC);
$query->close();
$joined = date('m/d/y', $row['date']);
$points = $row['plays'] * 50;
if ($row['website'] != '') {
$website = '<a href="' . $row['website'] . '" style="color:#000;text-decoration:none;" target="_blank">Website</a><br>';
} else {
$website = 'No Website';
}
if ($row['useavatar'] == '1') {
$name = $_SESSION['user'];
$ipaddress = $_SERVER['REMOTE_ADDR'];
yasDB_insert("INSERT INTO `memberscomments` (userid, ipaddress, comment, name) VALUES ({$userid}, '{$ipaddress}', '{$comment}', '{$name}')");
echo "<h3>Comment added!</h3>";
}
} elseif (isset($_POST['newsid'])) {
$id = yasDB_clean($_POST['newsid']);
$comment = yasDB_clean($_POST['comment']);
$ipaddress = yasDB_clean($_SERVER['REMOTE_ADDR']);
yasDB_insert("INSERT INTO `newsblog` (username, newsid, comment, ipaddress) values ('{$_SESSION['user']}', {$id}, '{$comment}', '{$ipaddress}')", false);
echo "<h3>Comment added!</h3>";
} elseif (empty($_POST['gameid'])) {
echo "<h3>Sorry, the game you were commenting seems to be invalid.</h3>";
exit;
} elseif (empty($_POST['comment']) || empty($_POST['name'])) {
echo "<h3>All fields must filled in.</h3>";
exit;
} else {
$gameid = yasDB_clean($_POST['gameid']);
$comment = yasDB_clean(strip_tags($_POST['comment']), true);
$name = yasDB_clean($_POST['name']);
$ipaddress = yasDB_clean($_SERVER['REMOTE_ADDR']);
yasDB_insert("INSERT INTO `comments` (gameid, comment, ipaddress, name) VALUES ('{$gameid}', '{$comment}', '{$ipaddress}', '{$name}')", false);
echo "<h3>Comment added!</h3>";
}
//}
} else {
?>
<h3>The security question was answered incorrectly</h3>
<?php
}
function rating_bar($id, $units = '', $static = '')
{
//set some variables
global $mysqli;
global $setting;
$rating_tableName = 'ratingsbar';
$rating_unitwidth = 30;
$ip = $_SERVER['REMOTE_ADDR'];
if (!$units) {
$units = 10;
}
if (!$static) {
$static = FALSE;
}
// get votes, values, ips for the current rating bar
$query = yasDB_select("SELECT total_votes, total_value, used_ips FROM ratingsbar WHERE id='{$id}' ") or die(" Error");
// insert the id in the DB if it doesn't exist already
// see: http://www.masugadesign.com/the-lab/scripts/unobtrusive-ajax-star-rating-bar/#comment-121
if ($query->num_rows == 0) {
$sql = "INSERT INTO ratingsbar (`id`,`total_votes`, `total_value`, `used_ips`) VALUES ('{$id}', '0', '0', '')";
$result = yasDB_insert($sql);
}
$numbers = $query->fetch_array(MYSQLI_ASSOC);
if ($numbers['total_votes'] < 1) {
$count = 0;
} else {
$count = $numbers['total_votes'];
//how many votes total
}
$current_rating = $numbers['total_value'];
//total number of rating added together and stored
$tense = $count == 1 ? "vote" : "votes";
//plural form votes/vote
// determine whether the user has voted, so we know how to draw the ul/li
$result = yasDB_select("SELECT used_ips FROM ratingsbar WHERE used_ips LIKE '%" . $ip . "%' AND id='" . $id . "' ");
$voted = $result->num_rows;
// now draw the rating bar
$rating_width = @number_format($current_rating / $count, 2) * $rating_unitwidth;
$rating1 = @number_format($current_rating / $count, 1);
$rating2 = @number_format($current_rating / $count, 2);
if ($static == 'static') {
/* $static_rater = array();
$static_rater[] .= "\n".'<div class="ratingblock">';
$static_rater[] .= '<div id="unit_long'.$id.'">';
$static_rater[] .= '<ul id="unit_ul'.$id.'" class="unit-rating" style="width:'.$rating_unitwidth*$units.'px;">';
$static_rater[] .= '<li class="current-rating" style="width:'.$rating_width.'px;">Currently '.$rating2.'/'.$units.'</li>';
$static_rater[] .= '</ul>';
$static_rater[] .= '<p class="static">'.$id.'. Rating: <strong> '.$rating1.'</strong>/'.$units.' ('.$count.' '.$tense.' cast) <em>This is \'static\'.</em></p>';
$static_rater[] .= '</div>';
$static_rater[] .= '</div>'."\n\n";
return join("\n", $static_rater); */
$rater = '';
$rater .= '<div class="ratingblock">';
$rater .= '<div id="unit_long' . $id . '">';
$rater .= ' <ul id="unit_ul' . $id . '" class="unit-rating" style="width:' . $rating_unitwidth * $units . 'px;">';
$rater .= ' <li class="current-rating" style="width:' . $rating_width . 'px;"></li>';
$rater .= ' </ul>';
$rater .= ' <p class="voted" >';
$rater .= ' </p>';
$rater .= '</div>';
$rater .= '</div>';
return $rater;
} else {
$rater = '';
$rater .= '<div class="ratingblock">';
$rater .= '<div id="unit_long' . $id . '">';
$rater .= ' <ul id="unit_ul' . $id . '" class="unit-rating" style="width:' . $rating_unitwidth * $units . 'px;">';
$rater .= ' <li class="current-rating" style="width:' . $rating_width . 'px;"></li>';
for ($ncount = 1; $ncount <= $units; $ncount++) {
// loop from 1 to the number of units
if (!$voted) {
// if the user hasn't yet voted, draw the voting stars
// YAS arcade url for rating bar db.php
$rater .= '<li><a href="' . $setting['siteurl'] . 'includes/ratingbar/db.php?j=' . $ncount . '&q=' . $id . '&t=' . $ip . '&c=' . $units . '" title="' . $ncount . ' out of ' . $units . '" class="r' . $ncount . '-unit rater" rel="nofollow"></a></li>';
}
}
$ncount = 0;
// resets the count
$rater .= ' </ul>';
$rater .= ' <p';
if ($voted) {
$rater .= ' class="voted"';
}
//$rater.='> <strong> '.$rating1.'</strong>/'.$units.' ('.$count.' '.$tense.' cast)';
$rater .= ' </p>';
$rater .= '</div>';
$rater .= '</div>';
return $rater;
}
}
}
}
}
} elseif (isset($_POST['add'])) {
$query = yasDB_select("SELECT id FROM `forumcats` where name = '{$_POST['name']}'", false);
if ($query->num_rows != 0) {
$query->close();
echo '<center>Sorry, that category already exists.<br/>';
echo '<a href="index.php?act=manageforumcats">Click here to go back</a></center>';
} else {
$query->close();
$query = yasDB_select("SELECT `order`*1 AS `neworder` FROM `forumcats` ORDER BY `neworder` DESC LIMIT 1");
$order = $query->fetch_array(MYSQLI_NUM);
$neworder = $order[0];
$neworder++;
yasDB_insert("INSERT INTO forumcats (`id`,`name`,`active`,`order`) VALUES ('', '{$_POST['name']}', 'yes', '{$neworder}')");
echo '<center>Category Successfully added!<br />';
echo '<a href="index.php?act=manageforumcats">Click here to proceed!</a></center>';
}
} else {
if (isset($_GET['page'])) {
$pageno = $_GET['page'];
} else {
$pageno = 1;
}
$result = yasDB_select("SELECT count(id) FROM forumcats", false);
$query_data = $result->fetch_array(MYSQLI_NUM);
$numrows = $query_data[0];
$result->close();
$rows_per_page = 15;
$lastpage = ceil($numrows / $rows_per_page);
function install_konggame($gameid)
{
global $mysqli;
$query = yasDB_select("SELECT * FROM `kongregate` WHERE `id` = '{$gameid}'", false);
$result = $query->fetch_array(MYSQLI_ASSOC);
$categories = array('Action' => 2, 'Adventure & RPG' => 3, 'Strategy & Defense' => 10, 'Multiplayer' => 2, 'Puzzle' => 1, 'Rhythm' => 7, 'Shooter' => 5, 'Sports & Racing' => 4, 'Music & More' => 7);
//Other
// Download and save game file
if ($result['file']) {
$g_url = str_replace("..", "", $result['file']);
$game_file = basename($g_url);
$game_file = "kong_" . preg_replace('#\\W#', '', $result['title']) . "." . GetFileExtension($result['file']);
$game_url = '../swf/' . $game_file;
download_file($g_url, $game_url);
} else {
return false;
}
// Download and save thumbnail pic
if ($result['thumbnail']) {
$t_url = str_replace("..", "", $result['thumbnail']);
$smallthumb = "kong_" . preg_replace('#\\W#', '', $result['title']) . "." . GetFileExtension($result['thumbnail']);
$thumb = '../img/' . $smallthumb;
download_file($t_url, $thumb);
}
$desc = yasDB_clean($result['description']);
// Prep for DB insert
$gamename = yasDB_clean($result['title']);
$gamefile = yasDB_clean(str_replace("../", "", $game_url));
$gamethumb = yasDB_clean(str_replace("../", "", $thumb));
$height = $result['height'];
$width = $result['width'];
$c = $result['category'];
$category = $categories[$c];
$query->close();
$query = yasDB_insert("INSERT INTO `games` (`id`, `title`, `description`, `instructions`, `keywords`, `file`, `height`, `width`, `category`, `plays`, `code`, `type`, `source`, `sourceid`, `thumbnail`, `thumbnail_200`, `screen1`, `screen2`, `screen3`, `screen4`) VALUES (NULL, '{$gamename}', '{$desc}', '', '', '{$gamefile}', {$height}, {$width}, {$category}, 0, '', 'SWF', 'KONGREGATE', {$gameid}, '{$gamethumb}', '', '', '','','')", false);
if (!$query) {
echo 'Error updating Games database';
return false;
}
$query = yasDB_update("UPDATE kongregate SET installed = 1 WHERE id = {$result['id']}", false);
if (!query) {
echo 'Error updating kongergate database';
return false;
}
return true;
}
move_uploaded_file($_FILES["thumbnail"]["tmp_name"], $setting['sitepath'] . "/img/" . $num . preg_replace('/[^a-zA-Z0-9.-_]/', '', $_FILES["thumbnail"]["name"]));
move_uploaded_file($_FILES["file"]["tmp_name"], $setting['sitepath'] . "/swf/" . $num . preg_replace('/[^a-zA-Z0-9.-_]/', '', $_FILES["file"]["name"]));
$img = yasDB_admin("img/" . $num . preg_replace('/[^a-zA-Z0-9.-_]/', '', $_FILES["thumbnail"]["name"]));
$file = yasDB_admin("swf/" . $num . preg_replace('/[^a-zA-Z0-9.-_]/', '', $_FILES["file"]["name"]));
$desc = yasDB_admin(trim($_POST['description']));
$title = yasDB_admin($_POST['title']);
$height = intval($_POST['height']);
$width = intval($_POST['width']);
$instr = yasDB_admin(trim($_POST['instructions']));
$keywords = yasDB_admin($_POST['keywords']);
if ($file_ext == 'swf') {
if ($_POST['height'] or $_POST['width'] <= 0) {
list($width, $height, $type, $attributes) = getimagesize($setting['sitepath'] . '/' . $file);
}
}
$query = yasDB_insert("INSERT INTO games (title, description, instructions, keywords, category, thumbnail, file, height, width, type) VALUES ('{$title}', '{$desc}', '{$instr}', '{$keywords}', " . intval($_POST['category']) . ", '{$img}', '{$file}', {$height}, {$width}, '" . yasDB_admin($_POST['type']) . "')", false);
if ($query) {
echo '<center><p align="center"><b>Game successfully added!</b></p></center>';
} else {
echo '<center><p align="center"><b>Error updating game database!</b></p></center>';
}
}
} else {
echo '<center>File or thumbnail type not supported</center>';
exit;
}
}
?>
<div class="table">
<img src="img/bg-th-left.gif" width="8" height="7" alt="" class="left" />
<img src="img/bg-th-right.gif" width="7" height="7" alt="" class="right" />
} else {
?>
<script type="text/javascript">
var yasurl = "<?php
echo $setting['siteurl'] . 'includes/ratingbar/rpc.php';
?>
";
</script>
<?php
require './includes/ratingbar/_drawrating.php';
// processes game votes and displays stars
$gid = $id;
$displayed = 'no';
$file = 'meep';
if (isset($_POST['Favourites_x'])) {
yasDB_insert("INSERT INTO favourite (userid, gameid) VALUES({$_SESSION['userid']}, " . intval($_POST['gamesave']) . ")") or die("Error updating favourites");
}
$row = $query->fetch_array(MYSQLI_ASSOC);
if ($row['type'] == 'SWF' || $row['type'] == 'UNITY') {
if ($row['height'] < 350 || $row['width'] < 350) {
// games are not likely less than 350px so lets double check the actual game size
list($width, $height, $type, $attributes) = getimagesize($setting['sitepath'] . '/' . $row['file']);
$row['height'] = $height;
$row['width'] = $width;
}
$ratio = $row['height'] / $row['width'];
$new_width = 720;
$new_height = ceil($new_width * $ratio);
}
if (file_exists($row['thumbnail'])) {
$thumbnail = $setting['siteurl'] . $row['thumbnail'];
<div id="center">
<?php
include_once $setting['sitepath'] . '/includes/pagination.class.php';
$setting['gperpage'] = $setting['gperpage'] < 1 ? 15 : $setting['gperpage'];
?>
<div class="container_box1">
<div id="headergames2">Download Games</div>
<?php
ini_set("display_errors", 0);
if ($_POST['upload'] == "1") {
include_once $setting['siteurl'] . "/includes/db_functions.inc.php";
$email = yasDB_clean($_POST['email']);
$query = yasDB_insert("INSERT INTO notifydown (email) VALUES ('{$email}')", false);
if (!$query) {
echo "Database Error!";
} else {
echo "<center>Email Submited!<br />We will send you email when we add new game.</center>";
}
} else {
echo '
<center>
<form method="post">
<input type="hidden" name="upload" value="1" />
Enter your email to be notified about our new addition of downloadable games:
<br />
<input type="text" name="email" maxlength="30" width="300" />
<input type="submit" value="Submit" />
</form>
</center>';
$result = yasDB_select("SELECT count(id) FROM `downgames` ");
if ($compress === true) {
$zip->addFile($_FILES['file']['tmp_name'][0], $num . $_FILES['file']['name'][0]);
$zip->addFile($_FILES['file']['tmp_name'][1], $num . $_FILES['file']['name'][1]);
$zip->addFromString('description.txt', $file_desc);
$zip->close();
echo "Zipped successfully";
} else {
echo "Zip failed";
}
copy($_FILES['file']['tmp_name'][0], $setting['sitepath'] . "/ourgames/img/" . $_FILES['file']['name'][0]);
$gamename = yasDB_admin($_POST["gamename"]);
$gamedescript = yasDB_admin($_POST["description"]);
$thumbpath = yasDB_admin("../ourgames/img/" . $_FILES['file']['name'][0]);
$gamefilepath = yasDB_admin('../ourgames/games/' . $num . str_replace(GetFileExtension($_FILES['file']['name'][1]), 'zip', $_FILES['file']['name'][1]));
$mochilink = yasDB_admin($_POST['mochigame']);
$query = yasDB_insert("INSERT INTO downgames (title, description, thumbnail, file, mochi) VALUES ('{$gamename}', '{$gamedescript}', '{$thumbpath}', '{$gamefilepath}', '{$mochilink}')", false);
if (!$query) {
echo "Database Error!";
} else {
echo "<center>Files uploaded succesfuly!</center>";
echo '<br/><center><a href="index.php?act=managedowngame">Click here to to go back</a></center>';
}
if (isset($_POST['notify'])) {
$select_emails = yasDB_select("SELECT * FROM notifydown ORDER BY `id` ", false);
while ($emails = $select_emails->fetch_array(MYSQLI_ASSOC)) {
$message = 'New game for your website available for download at ' . $setting['siteurl'] . "\r\n";
$message .= 'Click here to go to the download section: ' . $setting['siteurl'] . '/index.php?act=download' . "\r\n";
$message .= 'Name of the game: ' . $gamename . "\r\n";
$message .= 'Description: ' . $gamedescript . "\r\n";
$message .= 'To unsubscribe from the notification list please visit this link: ' . $setting['siteurl'] . 'index.php?act=unsubscribe&id=' . $emails['email'];
$headers = 'From: ' . $setting['sitename'] . ' <' . $setting['sitename'] . '>';
