static function Init()
{
//&$con
parent::Init();
if (!isset($install)) {
$result = Query::query('SELECT * FROM tbl_settings');
while ($get_setting = $result->fetch_array()) {
Settings::Set($get_setting['key'], $get_setting['value']);
}
Settings::Set($get_setting['table_prefix'], 'tbl_');
}
//Template Settings
$template = array();
$template['homepage_game_limit'] = 3;
// Number of games to show per caregory on the homepage
$template['homepage_order'] = 'newest';
// Rating stars
$template['rating_star'] = 'star.png';
$template['rating_half_star'] = 'half_star.png';
$template['rating_empty_star'] = 'empty_star.png';
// Highscore image
$template['highscore_image'] = '<img src="' . '' . '/images/trophy_smaller.png" />';
//$setting['site_url']
// Display settings
$template['new_game_columns'] = 2;
$template['new_game_number'] = 6;
$template['category_columns'] = 2;
// Number of game columns on the category page
$template['homepage_columns'] = 2;
// Number of category columns on the homepage
$template['random_game_limit'] = 5;
// Number of games to show in the random games section
$template['games_per_page'] = 30;
// Number of games to show per page in categories
$template['category_game_chars'] = 25;
// The character limit for game names in categories
$template['category_game_desc_chars'] = 55;
// The character limit for game descriptions in categories
$template['home_game_chars'] = 25;
// The character limit for game names in categories
$template['home_game_desc_chars'] = 145;
// The character limit for game descriptions in categories
$template['random_game_chars'] = 25;
// The character limit for the random game names
$template['random_game_desc_chars'] = 110;
// The character limit for the random game descriptions
$template['module_max_chars'] = 25;
// The character limit modules (game names, news)
$template['player_module_max_chars'] = 20;
// The character limit modules (game names, news)
// Module Settings
$template['categories_menu_seperator'] = ' ';
$template['user_menu_seperator'] = ' ';
$template['pages_menu_seperator'] = ' | ';
foreach ($template as $key => $value) {
Settings::Set($key, $value);
$template = NULL;
}
}
static function Init()
{
if (User::login_check(Query::$mysqli) == true) {
$u = Query::query('SELECT * FROM Players WHERE PlayerID=' . $_SESSION['user_id'])->fetch_assoc();
User::Set('id', $u['PlayerID']);
User::Set('AvatarType', $u['AvatarType']);
User::Set('Username', $u['Username']);
}
}
public function main($user)
{
//loadLanguageFile('play');
include '../lang/English.php';
include '../lang/sk/play.php';
if ($user['login_status'] == 1) {
$friends_q = Query::query("SELECT tbl_users.*\r\n\t FROM tbl_friends\r\n\t LEFT JOIN tbl_users \r\n\t ON tbl_friends.user2 = tbl_users.id\r\n\t WHERE tbl_friends.user1 = {$user['id']}");
$f = [];
$this->set('friend_num', $friends_q->num_rows);
//echo '<div class="friend_con" id="fcf"><div id="title">Friends</div>';
if ($friends_q->num_rows) {
while ($friends = $friends_q->fetch_assoc()) {
$friends['url'] = Utils::ProfileUrl($friends['id'], $friends['seo_url']);
//$friend['avatar_url'] = AvatarUrl($friend['avatar'], $friend['facebook'], $friend['facebook_id']);
$friends['avatar'] = Utils::getAvatar($friends['id'], $friends['usrAvatarType']);
//$friend['last_activity'] = FormatDate($friend['last_activity'], 'time');
$friends['buttons'] = '<a href="message/send/' . $friends['id'] . '"><img src="img/friend_message.png" /></a>
<a href="friends#" onclick="ManageFriend(' . $friends['id'] . ', \'delete_friend\', \'friends_page\');return false"><img src="img/friend_delete.png" /></a>';
//include($setting['template'] . '/' . $template['sec_friend']);
array_push($f, $friends);
}
$this->set('friends', $f);
} else {
echo '<div class="no_friends">NO_FRIENDS</div>';
}
//echo '</div>';
$requests_q = Query::query("SELECT tbl_users.*\r\n\t FROM tbl_friend_requests\r\n\t LEFT JOIN tbl_users \r\n\t ON tbl_friend_requests.from_user = tbl_users.id\r\n\t WHERE tbl_friend_requests.to_user = {$user['id']}");
$r = [];
$this->set('friend_requests_num', $requests_q->num_rows);
//echo '<div class="friend_con" id="fcfr"><div id="title">Friend Requests</div>';
if ($requests_q->num_rows) {
while ($friend_requests = $requests_q->fetch_assoc()) {
$friend_requests['url'] = Utils::ProfileUrl($friend_requests['id'], $friend_requests['seo_url']);
//$friend['avatar_url'] = AvatarUrl($friend['avatar'], $friend['facebook'], $friend['facebook_id']);
$friend_requests['avatar'] = Utils::getAvatar($friend_requests['id'], $friend_requests['usrAvatarType']);
//$friend['last_activity'] = FormatDate($friend['last_activity'], 'time');
$friend_requests['buttons'] = '<a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ManageFriend(' . $friend_requests['id'] . ', \'accept_request\', \'friends_page\');return false"><img src="img/friend_add.png" /></a>
<a href="friends#" onclick="ManageFriend(' . $friend_requests['id'] . ', \'delete_request\', \'friends_page\');return false"><img src="img/friend_delete.png" /></a>';
//include($setting['template'] . '/' . $template['sec_friend']);
array_push($r, $friend_requests);
}
$this->set('friend_requests', $r);
} else {
//echo '<div class="no_friends">NO_FRIENDS</div>';
}
//echo '</div>';
} else {
echo FRIENDS_LOGIN;
}
$this->render('Friends');
//$this->set('messages', $pm['messages']);
//$this->render($page);
}
public function main()
{
$vars = array();
$result = Query::query("SELECT * FROM News ORDER BY id DESC LIMIT 1");
while ($row = $result->fetch_assoc()) {
$content = strip_tags($row['content']);
if (strlen($content) > 65) {
$content = substr($content, 0, 65) . "...";
}
$news_url = Utils::NewsUrl($row['id'], $row['seo_url']);
$date = $row['date'];
$news_item['url'] = $news_url;
$news_item['title'] = $row['title'];
$news_item['date'] = $date;
$news_item['content'] = $content;
array_push($vars, $news_item);
}
$this->set('newses', $vars);
$this->render("NewsSmall");
}
public function main()
{
$result = Query::query('SELECT * FROM favorites f, tbl_games g WHERE g.game_id = f.game_id AND f.user_id=' . $this->request['id'] . ' LIMIT 16');
$favs = $result->num_rows;
$vars = array();
if ($favs == 0) {
echo PROFILE_NO_FAVS;
} else {
while ($rows = $result->fetch_assoc()) {
$file = Utils::TitleToFile($rows['title']);
$game['gameTitle'] = $rows['title'];
$game['gameDesc'] = $rows['desc'];
$game['url'] = 'view/' . $rows['game_id'];
$game['image_url'] = Utils::FileToGameImageURL($file, "png");
array_push($vars, $game);
}
}
$this->set('games', $vars);
$this->render("ProfileTile");
}
public function main()
{
$vars = array();
$report_permissions = Settings::Get('report_permissions');
$site_url = Settings::Get('site_url');
$id = $this->request['id'];
$result = Query::query('SELECT * FROM NewsComments WHERE link_id=' . $id . ' ORDER BY id desc');
while ($row = $result->fetch_assoc()) {
$user2 = Query::query('SELECT * FROM tbl_users WHERE id=' . $row['user'] . ' LIMIT 1')->fetch_assoc();
$comment = array('username' => $user2['username'], 'content' => nl2br($row['comment']), 'user_points' => $user2['points']);
//$seo_username = seoname($user2['username']);
$this->set('username', $user2['username']);
$this->set('content', nl2br($row['comment']));
$this->set('user_points', $user2['points']);
$this->set('user_url', Utils::ProfileUrl($user2['id'], $user2['seo_url']));
$this->set('id', $row['id']);
$admin = 1;
if ($admin == 1) {
$this->set('delete', '<a href="#" onclick="DeleteNewsComment(' . $row['id'] . ', ' . "'" . $site_url . "'" . '); return false">Delete</a>');
$this->set('report_button', '<a href="admin/?task=manage_users#page=1&ip=' . $row['ip'] . '"><img src="img/report.png" title="' . $row['ip'] . '" style="vertical-align:middle;"/></a>');
} else {
$this->set('delete', '');
if ($report_permissions == "1" || $report_permissions == "2" && $user['login_status'] == 1) {
$this->set('report_button', '<a href="#" onclick="ShowPopup(\'ava-popup\', \'' . $site_url . '/includes/forms/comment_report_form.php?id=' . $row['id'] . '&type=2\', \'Report comment\'); return false"><img src="img/report.png" title="' . REPORT . '" style="vertical-align:middle;"/></a>');
} else {
$this->set('report_button', '');
}
}
if ($user2['usrAvatarType'] == '') {
$this->set('avatar_url', $site_url . '/uploads/avatars/default.png');
} else {
$this->set('avatar_url', $site_url . '/uploads/avatars/' . $user2['id'] . $user2['usrAvatarType']);
}
if ($row['date'] != '0000-00-00 00:00:00') {
$this->set('date', Utils::FormatDate($row['date'], 'time'));
} else {
$this->set('date', '');
}
$this->render("NewsComments");
}
}
public function main()
{
$vars = array();
$result = Query::query("SELECT * FROM Players ORDER BY Points DESC LIMIT 10");
while ($row = $result->fetch_assoc()) {
$name = Utils::shortenStr($row['Username'], Settings::Get('module_max_chars'));
$player['username'] = htmlspecialchars($name);
$player['url'] = Utils::ProfileUrl($row['PlayerID'], $row['Username']);
if ($row['AvatarType'] == '') {
$player['avatar_url'] = 'uploads/avatars/default.png';
} else {
$player['avatar_url'] = 'uploads/avatars/' . $row['PlayerID'] . $row['AvatarType'];
}
if ($row['Points'] != '') {
$player['points'] = ' (' . $row['Points'] . ' ' . __HOME_MISC_POINTS . ')';
} else {
$player['points'] = ' (0 ' . __HOME_MISC_POINTS . ')';
}
array_push($vars, $player);
}
$this->set('players', $vars);
$this->render("TopPlayers");
}
public function main()
{
//loadLanguageFile('play');
include '../lang/English.php';
include '../lang/sk/play.php';
/*if (isset($_GET['name'])) {
$seo_url = mysql_secure($_GET['name']);
$result = $mysqli->query('SELECT * FROM tbl_games WHERE seo_url ='.$seo_url);// AND published=1
} else {
$result = $mysqli->query('SELECT * FROM tbl_games WHERE game_id ='.$id);// AND published=1
}*/
$result = Query::query('SELECT * FROM Games WHERE GameID =' . $this->request[0]);
// AND published=1
$game_exists = $result->num_rows;
if ($game_exists != 0) {
if (isset($_COOKIE['ava_username'])) {
$show = 1;
}
} else {
// Game not found
header("HTTP/1.0 404 Not Found");
include 'includes/misc/404.php';
exit;
}
Query::query('UPDATE Games SET Plays = Plays+1 WHERE GameID = ' . $this->request[0]);
Query::query('UPDATE Games SET PlaysM = PlaysM+1 WHERE GameID = ' . $this->request[0]);
Query::query('UPDATE Games SET PlaysW = PlaysW+1 WHERE GameID = ' . $this->request[0]);
$row2 = $result->fetch_assoc();
$id = $row2['GameID'];
//$game = $row2;
$this->set('id', $row2['GameID']);
$this->set('site_url', Settings::Get('site_url'));
$this->set('game_id', $row2['GameID']);
$this->set('plays', $row2['Plays']);
$this->set('content', $row2['Content']);
$this->set('scores', $row2['Scores']);
$this->set('width', $row2['Width']);
$this->set('height', $row2['Height']);
$this->set('type', $row2['Type']);
$this->set('title', $row2['Title']);
$this->set('name', Utils::getTranslation($row2['Key'], "TITLE", $row2['Title']));
$this->set('description', Utils::getTranslation($row2['Key'], "DESC", $row2['Desc']));
$this->set('instruction', Utils::getTranslation($row2['Key'], "INSTR", $row2['Instr']));
if ($row2['Type'] == 'swf' && Settings::Get('fullscreen_mode') == 1) {
$this->set('full_screen_url', '<a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ResizeFlash(' . $row2['Height'] . ', ' . $row2['Width'] . '); return false"><img src="/boxarcade/img/tool_fullscreen.jpg"/></a>');
} else {
$this->set('full_screen_url', '<a href="' . Settings::Get('site_url') . '/full_screen.php?id=' . $id . '"><img src="/boxarcade/img/tool_fullscreen.jpg"/></a>');
}
//if ($user['login_status'] != 0) {
if (1 == 0) {
$this->set('rating', round(Query::query('SELECT rating FROM tbl_games WHERE game_id = ' . $id)->fetch_row()[0]));
$this->set('user_rated', Query::query('SELECT COUNT(*) as Num FROM tbl_votes WHERE user_id=' . $user['id'] . ' AND game_id=' . $id)->fetch_row()[0]);
} else {
$this->set('rating', 0);
$this->set('user_rated', 0);
}
$row_cat = Query::query('SELECT catName FROM tbl_game_categories WHERE catID=' . $row2['CatID'])->fetch_assoc();
$this->set('catID', $row2['CatID']);
$this->set('category', $row_cat['catName']);
$this->set('date_added', Utils::FormatDate($row2['DateAdded'], 'date'));
$this->set('image_url', Utils::GameImageUrl(Utils::TitleToFile($row2['Title']) . "." . $row2['Type'], 1, Utils::TitleToFile($row2['Title'])));
// Favorite game button
$this->set('login_status', 1);
//if ($user['login_status'] == 1) {
//if(1==0) {
if (User::login_check(Query::$mysqli) == true) {
$user_id = $_SESSION['user_id'];
$user_fav_yet = Query::query('SELECT COUNT(user_id) FROM favorites WHERE user_id=' . $user_id . ' AND game_id=' . $id)->fetch_row()[0];
if ($user_fav_yet >= 1) {
$this->set('fav_game', '<a id="favo" href="' . $_SERVER['REQUEST_URI'] . '#" onclick="EditFav(' . $row2['GameID'] . ', 1,\'' . Settings::Get('site_url') . '\', \'<img src="/boxarcade/img/tool-unfavorite.jpg" />\', \'<img src="/boxarcade/img/tool-favorite.jpg" />\', ' . $user_id . ' ); return false"><img src="/boxarcade/img/tool-unfavorite.jpg"/></a>');
} else {
$this->set('fav_game', '<a id="favo" href="' . $_SERVER['REQUEST_URI'] . '#" onclick="EditFav(' . $row2['GameID'] . ', 0,\'' . Settings::Get('site_url') . '\', \'<img src="/boxarcade/img/tool-unfavorite.jpg" />\', \'<img src="/boxarcade/img/tool-favorite.jpg" />\', ' . $user_id . ' ); return false"><img src="/boxarcade/img/tool-favorite.jpg"/></a>');
}
} else {
$this->set('fav_game', '<a href="' . Settings::Get('site_url') . '/index.php?task=login"><img src="/boxarcade/img/tool-favorite.jpg"/></a>');
}
// Report game button
if (Settings::Get('report_permissions') == "1" || Settings::Get('report_permissions') == "2") {
//&& $user['login_status'] == 1) {
$this->set('report_game', '<a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ShowPopup(\'ava-popup\', \'' . Settings::Get('site_url') . '/includes/overlays/report.php?id=' . $row2['GameID'] . '\', \'' . GAME_REPORT . '\'); return false"><img src="/boxarcade/img/tool-report.png"/></a>');
}
$this->set('report_bug', '<a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ShowPopup(\'ava-popup\', \'' . Settings::Get('site_url') . '/includes/overlays/report.php?id=' . $row2['GameID'] . '\', \'Bug Report\'); return false"><img src="/boxarcade/img/tool-bug.jpg"/></a>');
$this->set('send', '<a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ShowPopup(\'ava-popup\', \'' . Settings::Get('site_url') . '/includes/overlays/send_game.php?id=' . $row2['GameID'] . '\', \'Send Game\'); return false"><img src="/boxarcade/img/tool-send.jpg"/></a>');
// Define the overall rating for use in the template
$this->set('rating_image', '');
//GenerateRating(3); //$row2['rating']);
// Define the 'new rating' section for the template
if (isset($_COOKIE["ava_username"]) || 42 == 42) {
} else {
$this->set('new_rating_form', GAME_LOGIN_TO_RATE);
}
// If admin is logged in, show admin options
//if ($user['admin'] == 1) {
if (1 == 0) {
$this->set('admin_options', '<a href="' . $setting['site_url'] . '/admin/?task=manage_games#id=' . $id . '"><img src=".' . $setting['template_url'] . '/images/edit.gif"/></a>');
} else {
$this->set('admin_options', '');
}
$did = $row2['DevID'];
$usr = Query::query('SELECT username, id, usrAvatarType, seo_url FROM tbl_users WHERE id=' . $did . ' LIMIT 1')->fetch_assoc();
$this->set('user_avatar', Utils::getAvatar($usr['id'], $usr['usrAvatarType']));
//'uploads/avatars/' . $usr['id'] . $usr['usrAvatarType'];
$this->set('user_name', $usr['username']);
$this->set('profile', Utils::ProfileUrl($usr['id'], $usr['seo_url']));
$this->set('show', '$show');
$this->set('admin', '');
//$user['admin'];
$this->set('login_status', '');
//$user['login_status'];
//EmbedGame
// Does this game have an advert set?
/*if (/* $row2['advert_id'] *42 == 1)
$ad_id = $setting['default_ad'];
else
$ad_id = 2; //$row2['advert_id'];*/
$ad_id = 2;
// Is the user supposed to see the ad?
if (Settings::Get('user_ads') == 1) {
if ($user['login_status'] == 1) {
$user_show_ad = 0;
} else {
$user_show_ad = 1;
}
} else {
if (Settings::Get('user_ads') == 2) {
if ($user['admin'] == 1) {
$user_show_ad = 0;
} else {
$user_show_ad = 1;
}
} else {
$user_show_ad = 1;
}
}
if (defined("PRELOAD_INFO")) {
$plm = PRELOAD_INFO;
$cts = CLICK_TO_SKIP;
} else {
$plm = 'Advertisement: Your game is loading';
$cts = 'click here to skip';
}
$this->set('ad_id', $ad_id);
$this->set('skip_ads', Settings::Get('skip_ads'));
$this->set('user_show_ad', $user_show_ad);
$this->set('plm', $plm);
$this->set('cts', $cts);
// Resize flash if required
if (isset($template['max_game_width']) && $width > $template['max_game_width']) {
$gWidth = $row2['Width'];
$gHeight = $row2['Height'];
$h1 = $template['max_game_width'] / $gWidth;
$h2 = $gHeight * $h1;
$width = $template['max_game_width'];
$height = $h2;
} else {
$width = $row2['Width'];
$height = $row2['Height'];
}
$this->set('width', $width);
$this->set('height', $height);
//$this->set('type', $this->request['type']);
//$this->set('title', $this->request['title']);
$this->set('relgames', Game::getRelatedGames($id));
$this->set('comments', Comment::getComments($id));
$this->render("Pages/View");
}
/**
* Helper function for calling $this->query->query()
*
* @see Query->query()
*
* @param array Query args
*
* @return array Stream Records
*/
function query($args)
{
return $this->query->query($args);
}
static function getAd($ad)
{
$get_ad = Query::query("SELECT ad_content FROM tbl_ads WHERE ad_name = '{$ad}'")->fetch_array();
echo $get_ad['ad_content'];
}
<?php
include '../../../lib/sqlquery.class.php';
include '../../../lib/newmodel.class.php';
include '../../../app/models/Query.php';
include '../../../app/models/Settings.php';
include '../../../app/models/User.php';
include '../../../app/models/Utils.php';
$query = new SQLQuery();
$query->connect('localhost', 'root', '', 'boxarcade');
Settings::Init();
include '../../../lang/' . Settings::Get('language') . '.php';
User::sec_session_start();
User::Init();
$userid = intval($_SESSION['user_id']);
if (User::login_check(Query::$mysqli) == true) {
//$get_comment = Query::query("SELECT * FROM tbl_comments WHERE id='" . $_POST['id'] . "'")->fetch_assoc();
//Query::query("UPDATE tbl_users SET comments = comments - 1, points = points - $setting[points_comment] WHERE id='" . $get_comment['user'] . "'")->fetch_assoc();
$result = Query::query("DELETE FROM tbl_comments WHERE id='" . $_POST['id'] . "'");
echo $_POST['id'];
echo 'Success';
} else {
exit;
}
public function main()
{
//loadLanguageFile('play');
include '../lang/English.php';
$utils = $this->factory->create('Utils');
$setting = $this->factory->create('Settings');
if (isset($_REQUEST['prevpage'])) {
$prevpage = secure($_REQUEST['prevpage']);
$pos = strpos($prevpage, 'register');
if ($pos !== false || $prevpage == '') {
$prevpage = $setting->get('site_url');
}
} else {
$prevpage = $setting->get('site_url');
}
if (isset($this->request[0]) && $this->request[0] == 1) {
session_start();
if (!$_POST['username'] || !$_POST['password']) {
header("Location: index.php?task=login&em=1&prevpage={$prevpage}");
} else {
$username = $_POST['username'];
$password = md5($_POST['password']);
$sql = Query::query("SELECT * FROM tbl_users WHERE username='******' AND password='******' AND activate='1'");
$login_check = $sql->num_rows;
if ($login_check > 0) {
$row = $sql->fetch_assoc();
$user_id = $row['id'];
if (isset($_POST['remember'])) {
$time = time() + 60 * 60 * 24 * 100;
setcookie("ava_username", $username, $time, '/boxarcade');
setcookie("ava_code", $password, $time, '/boxarcade');
setcookie("ava_userid", $user_id, $time, '/boxarcade');
} else {
setcookie("ava_username", $username, '/boxarcade');
setcookie("ava_code", $password, '/boxarcade');
setcookie("ava_userid", $user_id, '/boxarcade');
}
setcookie("inu", $username, $time, '/boxarcade');
setcookie("isp", $password, $time, '/boxarcade');
$_SESSION['inu'] = $username;
$_SESSION['isp'] = $password;
Query::query("INSERT INTO tbl_sessions(userName, userToken) VALUES('{$username}', '{$password}')") or die(mysql_error());
if (isset($_GET['action']) && $_GET['action'] == 'admin') {
header("Location: admin");
} else {
if (isset($_GET['nexttask'])) {
if ($_GET['nexttask'] == 'login') {
header("Location: index.php");
} else {
header("Location: index.php?task=" . $_GET['nexttask'] . "&id=" . $_GET['nextid'] . "");
}
} else {
header("Location: " . urldecode($prevpage));
}
}
} else {
header("Location: index.php?task=login&em=2&prevpage={$prevpage}");
}
}
} else {
if (isset($_GET['action']) && $_GET['action'] == 'logout') {
$pastdate = mktime(0, 0, 0, 1, 1, 1970);
setcookie("ava_username", "", $pastdate);
setcookie("ava_userid", "", $pastdate);
setcookie("ava_code", "", $pastdate);
setcookie("ava_iptrack", "", $pastdate);
header("Location: index.php");
} else {
// No info was submitted - user is requesting login form
if (isset($_GET['em'])) {
if ($_GET['em'] == 1) {
$error_message = LOGIN_ERROR1;
} else {
$error_message = LOGIN_ERROR2;
}
}
}
}
$this->render("Login");
}
public function main($user)
{
//loadLanguageFile('play');
include '../lang/English.php';
include '../lang/sk/play.php';
$news_item = array();
$news['newses'] = array();
//if (isset($_GET['id']) || isset($_GET['name'])) {
if (isset($this->request[0])) {
/*if (isset($_GET['id'])) {
$id = intval($_GET['id']);
$sql = mysql_query("SELECT * FROM news WHERE id=".$id." LIMIT 1");
}
else {
$name = mysql_secure($_GET['name']);
$sql = mysql_query("SELECT * FROM news WHERE seo_url= '$name'");
}*/
$id = intval($this->request[0]);
$count = Query::query("SELECT * FROM news WHERE id=" . $id . " LIMIT 1")->num_rows;
if (!$count) {
header("HTTP/1.0 404 Not Found");
include 'includes/misc/404.php';
exit;
}
$this->set('id', $id);
}
$news['rss_icon'] = '<a href="rss.php"><img valign="middle" src="img/rss_small.png" /></a>';
// If id isn't set, get the 10 newest news items.
//if ((!isset($_GET['id'])) && (!isset($_GET['name']))) {
if (!isset($this->request[0])) {
if (!isset($_GET['page'])) {
$page = 1;
} else {
$page = $_GET['page'];
}
$npp = 5;
$from = $page * $npp - $npp;
$sql = Query::query("SELECT * FROM news ORDER BY id DESC LIMIT {$from}, {$npp}");
} else {
/*if (isset($_GET['id'])) {
$sql = Query::query("SELECT * FROM news WHERE id=" . $id . " LIMIT 1");
} else {
$name = Utils::secure($_GET['name']);
$sql = Query::query("SELECT * FROM news WHERE seo_url= '$name' LIMIT 1");
}*/
$id = intval($this->request[0]);
$sql = Query::query("SELECT * FROM news WHERE id=" . $id . " LIMIT 1");
}
while ($row = $sql->fetch_assoc()) {
$id = $row['id'];
$sql2 = Query::query("SELECT * FROM tbl_users WHERE id='" . $row['user'] . "' LIMIT 1");
while ($row2 = $sql2->fetch_assoc()) {
// Assign items to 'news' array for use in the template
$news_item = array('title' => $row['title'], 'author' => $row2['username'], 'date' => $row['date'], 'main' => $row['content']);
$news_item['user_url'] = Utils::ProfileUrl($row2['id'], $row2['seo_url']);
$news_item['news_url'] = Utils::NewsUrl($row['id'], $row['seo_url']);
$news_item['comments'] = Query::query("SELECT COUNT(*) as Num FROM NewsComments WHERE link_id={$row['id']}")->fetch_assoc()['Num'];
$news_item['image_url'] = 'uploads/news_icons/' . $row['image'];
// Include the template for news items
//include $setting['template'] . '/' . $template['news_item'];
array_push($news['newses'], $news_item);
//$this->set('newses', $news_item);
}
}
$this->set('newses', $news['newses']);
//if ((!isset($_GET['id'])) && (!isset($_GET['name']))) {
if (!isset($this->request[0])) {
$total_results = Query::query("SELECT COUNT(*) as Num FROM news")->fetch_assoc()['Num'];
$total_pages = ceil($total_results / $npp);
if ($total_pages > 1) {
echo '<div class="category_pages">';
if ($page > 1) {
$prev = $page - 1;
$url = NewsPagesUrl($prev);
echo '<a href="' . $url . '"><< ' . PREVIOUS . '</a> ';
}
for ($i = 1; $i <= $total_pages; $i++) {
$url = NewsPagesUrl($i);
if ($page == $i) {
echo '<b><a href="#">' . $i . '</a></b>';
} else {
echo '<a href="' . $url . '">' . $i . '</a> ';
}
}
if ($page < $total_pages) {
$next = $page + 1;
$url = NewsPagesUrl($next);
echo '<a href="' . $url . '">' . NEXT . ' >></a> ';
}
echo '</div>';
}
}
$this->set('game_id', $id);
$this->set('admin', $user['admin']);
$this->set('login_status', $user['login_status']);
$this->render('News');
}
function &save()
{
// This version creates the query on a per-call basis.
// This is useful if some entries of an object to "update" haven't been loaded.
// TODO: Implement a version that caches the prepared statement in other cases.
$update = false;
$sql = "";
$types = '';
$params = array();
/* Build up sql prepared statement and type string in parallel */
foreach ($this->columns() as $column) {
$name = $column->name();
$value =& $this->values[$name];
if ($value === null) {
continue;
}
if ($column->ignored()) {
continue;
}
if ($name == 'id') {
$update = $value ? $value : false;
} else {
$params[] =& $column->toDB($value);
$sql .= " `{$name}`=?,";
$types .= $column->prepareCode();
}
}
$sql = trim($sql, ',');
$table = $this->table()->name();
if (!$sql && $update !== false) {
trigger_error("NO DATA IN DBRow update, table={$table},", E_USER_NOTICE);
return;
}
if ($sql) {
$sql = "set {$sql}";
} else {
$sql = "() values()";
}
if ($update === false) {
$sql = "insert into `{$table}` {$sql}";
$query = new Query($sql, $types);
$id = $query->insert($params);
$this->values['id'] = $id;
return $id;
} else {
$sql = "update `{$table}` {$sql} where id=?";
$params[] = $update;
$types .= 'i';
$query = new Query($sql, $types);
$query->query($params);
}
return $this;
}
public function main()
{
//loadLanguageFile('play');
//include '../lang/English.php';
include '../lang/English.php';
$username = $this->request[0];
if (isset($this->request[1]) && $this->request[1] == 'update') {
if (!empty($_FILES['img_file']) && $_FILES['img_file']['error'] == 0) {
include 'includes/code/upload_avatar.php';
}
$location = Utils::secure($_POST['usr']['loc']);
$about = Utils::secure($_POST['usr']['bio']);
$website = Utils::secure($_POST['usr']['site']);
$pass = str_replace(' ', '', $_POST['usr']["pas"]);
$id = $_SESSION['user_id'];
Query::query("UPDATE Players SET Location='{$location}', About='{$about}', Website='{$website}' WHERE PlayerID='{$id}'") or die(mysql_error());
if ($pass != '') {
echo 'PW Changes';
$password = md5($_POST['new_password']);
setcookie("ava_code", $password);
Query::query("UPDATE tbl_users SET password='******' WHERE id='{$id}'") or die(mysql_error());
}
echo '<div id="error_message">' . PROFILE_UPDATED . "</div>";
$this->request[1] = 'edit';
}
if (isset($this->request[1]) && $this->request[1] == 'edit') {
if (User::login_check(Query::$mysqli) == true) {
$row = Query::query('SELECT * FROM Players WHERE Username=\'' . $username . '\' LIMIT 1')->fetch_assoc();
$email = $row['Email'];
$location2 = $row['Location'];
$about2 = $row['About'];
$website2 = $row['Website'];
if ($row['AvatarType'] != '') {
$avatar = $row['AvatarType'];
} else {
$avatar = 'default.png';
}
} else {
echo "You can only edit your own profile!";
}
$this->set('id', $row['PlayerID']);
$this->set('email', $email);
$this->set('website2', $website2);
$this->set('location2', $location2);
$this->set('about2', $about2);
$this->set('username', $username);
if ($row['AvatarType'] == '') {
$this->set('avatar', 'uploads/avatars/default.png');
} else {
$this->set('avatar', 'uploads/avatars/' . $row['PlayerID'] . $row['AvatarType']);
}
$this->render("Pages/ProfileEdit");
} else {
//id, comments, plays, ratings
/*if (isset($_GET['name'])) {
$seo_url = mysql_secure($_GET['name']);
$sql = Query::query('SELECT * FROM tbl_users WHERE seo_url='.$seo_url.' LIMIT 1');
} else {
$sql = Query::query('SELECT * FROM tbl_users WHERE id='.$id.' LIMIT 1');
}*/
$sql = Query::query('SELECT * FROM Players WHERE Username=\'' . $username . '\' LIMIT 1');
$user_exists = $sql->num_rows;
if ($user_exists != 1) {
header("HTTP/1.0 404 Not Found");
include 'includes/misc/404.php';
exit;
}
$row = $sql->fetch_assoc();
$profile = array();
$this->set('name', $row['Username']);
$id = $row['PlayerID'];
if ($row['Location'] == '') {
$this->set('location', PROFILE_NO_INFO);
} else {
$this->set('location', $row['Location']);
}
if ($row['Website'] == '') {
$this->set('website', PROFILE_NO_INFO);
} else {
$this->set('website', $row['Website']);
}
if ($row['Website'] == '') {
$this->set('website_link', PROFILE_NO_INFO);
} else {
$this->set('website_link', '<a href="' . $row['Website'] . '">' . $row['Website'] . '</a>');
}
if ($row['About'] == '') {
$this->set('about', PROFILE_NO_INFO);
} else {
$this->set('about', $row['About']);
}
if ($row['Interests'] == '') {
$this->set('interests', PROFILE_NO_INFO);
} else {
$this->set('interests', $row['Interests']);
}
if ($row['AvatarType'] == '') {
$this->set('avatar', 'uploads/avatars/default.png');
} else {
$this->set('avatar', 'uploads/avatars/' . $row['PlayerID'] . $row['AvatarType']);
}
//$profile['comments'] = $mysqli->query('SELECT COUNT(*) FROM '.$tp.'comments WHERE user='******'utils', '');
$this->set('id', $row['PlayerID']);
$this->set('plays', $row['Plays']);
$this->set('comment_count', $row['Comments']);
$this->set('ratings', $row['Ratings']);
if ($row['Points'] == '') {
$this->set('points', 0);
} else {
$this->set('points', $row['Points']);
}
$this->set('admin', $row['Admin']);
$this->set('join_date', $row['Joined']);
$this->set('isdev', $row['Developer']);
if (isset($_SESSION['user_id']) && $id == $_SESSION['user_id']) {
$this->set('button1', '<a href="profile/' . $username . '/edit">' . PROFILE_EDIT . '</a>');
} else {
$this->set('button1', '<a href="boxarcade/?task=send_message&id=' . $id . '">' . PROFILE_SEND_MESSAGE . '</a>');
}
// Check if user is friend
//if (($user['login_status'] == 1) && ($id != $user['id'])) {
if (1 == 0) {
$is_friend = $mysqli->query('SELECT * FROM ' . $tp . 'friends WHERE user1 = ' . $user['id'] . ' AND user2 =' . $id);
if ($is_friend->num_rows) {
$profile['button2'] = '<div id="friend_button"><a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ManageFriend(' . $row['id'] . ', \'delete_friend\', \'profile\');return false">UNFRIEND</a></div>';
} else {
$request_pending = $mysqli->query('SELECT * FROM ' . $tp . 'friend_requests WHERE from_user ='******' AND to_user ='******'button2'] = '<div id="friend_button"><a href="' . $_SERVER['REQUEST_URI'] . '#">REQUEST_SENT</a></div>';
} else {
$profile['button2'] = '<div id="friend_button"><a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ManageFriend(' . $row['id'] . ', \'send_request\', \'profile\');return false">ADD_FRIEND</a></div>';
}
}
} else {
$this->set('button2', '');
}
// If admin is logged in, show admin options
//if ($user['admin'] == 1) {
if (1 == 1) {
$this->set('admin_edit', '<a href="admin/?task=manage_users#id=' . $id . '">Edit user</a>');
} else {
$this->set('admin_edit', '');
}
$result = Query::query('SELECT * FROM favorites f, Games g WHERE GameID=f.game_id AND f.user_id=' . $row['PlayerID'] . ' LIMIT 16');
$favs = $result->num_rows;
$vars = array();
if ($favs == 0) {
echo PROFILE_NO_FAVS;
} else {
while ($rows = $result->fetch_assoc()) {
$file = Utils::TitleToFile($rows['Title']);
$game['gameTitle'] = $rows['Title'];
$game['gameDesc'] = $rows['Desc'];
$game['url'] = 'view/' . $rows['GameID'];
$game['image_url'] = "games/img/" . $file . ".png";
//Utils::FileToGameImageURL($file, "png");
array_push($vars, $game);
}
}
$this->set('games', $vars);
$result = Utils::query('SELECT * FROM tbl_badges as b, tbl_badge_relations as br WHERE b.badge_id=br.badge_id AND user_id=' . $row['PlayerID'] . ' LIMIT 6');
$favs = $result->num_rows;
$vars = array();
if ($favs == 0) {
echo PROFILE_NO_FAVS;
} else {
while ($rows = $result->fetch_assoc()) {
$g = Utils::query('SELECT * from tbl_games WHERE game_id=' . $rows['game_id'])->fetch_assoc();
$file = Utils::TitleToFile($g['title']);
$game['gameTitle'] = $g['title'];
$game['title'] = $rows['name'];
$game['game'] = $g['title'];
$game['score'] = $rows['points'];
$game['gameDesc'] = $rows['desc'];
$game['url'] = Utils::GameUrl($g['game_id']);
$game['image_url'] = $rows['image'];
array_push($vars, $game);
}
}
$this->set('badges', $vars);
$vars = array();
/*if ($_GET['task'] == 'profile') {
$result = $this->request['utils']->con->query('SELECT * FROM tbl_comments WHERE user='******' ORDER BY id DESC LIMIT 8');
} else {
$result = $this->request['utils']->con->query('SELECT * FROM tbl_comments WHERE user='******' ORDER BY id DESC');
}*/
$result = Utils::query('SELECT * FROM tbl_comments WHERE user='******'PlayerID'] . ' ORDER BY id DESC LIMIT 8');
$total_results = $result->num_rows;
if ($total_results == 0) {
echo $row['Username'] . ' ' . PROFILE_NO_COMMENTS;
} else {
while ($row = $result->fetch_assoc()) {
$game = Utils::query('SELECT * FROM Games WHERE GameID=' . $row['link_id'] . ' LIMIT 1')->fetch_assoc();
$comment['the_comment'] = nl2br($row['comment']);
$comment['game_name'] = $game['Title'];
$comment['date'] = $row['date'];
$comment['game_url'] = 'view/' . $game['GameID'];
//Utils::GameUrl($game['game_id']);
///$comment['game_img'] = Utils::FileToGameImageURL(Utils::TitleToFile($game['Title']), "png");
$file = Utils::TitleToFile($game['Title']);
$comment['game_img'] = "games/img/" . $file . ".png";
if (1 == 1) {
$comment['admin_options'] = ' <a href="admin/index.php?action=delete_comment&id=' . $row['id'] . '&link_id=' . $game['GameID'] . '"><img src="admin/images/delete.png" align="absmiddle" /></a>';
}
array_push($vars, $comment);
}
}
$this->set('comments', $vars);
$this->render("Pages/Profile");
}
}
/** Main Call Function **/
function callHook()
{
if (isset($_GET['url'])) {
$url = $_GET['url'];
} else {
$url = "index";
}
// Create the model factory
$query = new SQLQuery();
$query->connect('localhost', 'root', '', 'boxarcade');
//$modelFactory = new ModelFactory($query);
$settings = new Settings();
$login_check = 99;
User::sec_session_start();
User::Init();
if (User::login_check(Query::$mysqli) == true) {
$xuserid = intval($_SESSION['user_id']);
$sql = Query::query("SELECT * FROM Players WHERE PlayerID={$xuserid}");
$get_user_info = $sql->fetch_assoc();
$user = array('usrLang' => $get_user_info['Language'], 'username' => $get_user_info['Username'], 'id' => intval($_SESSION['user_id']), 'points' => $get_user_info['Points'], 'login_status' => 1, 'messages' => $get_user_info['Messages'], 'seo_url' => $get_user_info['Username']);
$user['ip'] = User::secure($_SERVER['REMOTE_ADDR']);
// If not avatar, try to get one from fb or set a default
if ($get_user_info['AvatarType'] == '') {
$user['avatar'] = 'uploads/avatars/default.png';
} else {
$user['avatar'] = 'uploads/avatars/' . $get_user_info['PlayerID'] . $get_user_info['AvatarType'];
}
$user['url'] = '/boxarcade/profile/' . $get_user_info['Username'];
$user['message_url'] = 'messages';
$user['admin'] = $get_user_info['Admin'];
$login_check = 1;
// Update the user IP if this is a new session
if (!isset($_COOKIE['ava_iptrack'])) {
Query::query("UPDATE Players SET LastIP = '{$user['ip']}' WHERE PlayerID = {$user['id']}") or die(mysql_error());
setcookie("iptrack", '1');
}
} else {
$user['login_status'] = 0;
$user['admin'] = 0;
}
// Prep the controller name and the query string
$urlArray = explode("/", $url);
$controller = ucwords($urlArray[0]);
array_shift($urlArray);
$queryString = array_merge($urlArray, $_POST, $_GET);
// Call the header controller
$h = new Header($modelFactory, [], true);
call_user_func_array(array($h, 'main'), [$login_check, $user]);
// Call the page controller
$dispatch = new $controller($modelFactory, $queryString, false);
call_user_func_array(array($dispatch, 'main'), [$user]);
// If an action was sent, call the appropriate function in the controller
if (isset($queryString['action']) && !empty($queryString['action'])) {
if (is_string($queryString['action'])) {
$method = $queryString['action'];
} else {
if (is_array($queryString['action'])) {
list($a_key, $a_val) = each($_POST['action']);
$method = 'btn' . ucwords($a_key) . '_Clicked';
}
}
if (method_exists($dispatch, $method) && is_callable(array($dispatch, $method))) {
call_user_func_array(array($dispatch, $method), []);
} else {
header("HTTP/1.0 404 Not Found");
}
}
// Call the footer controller
$f = new Footer($modelFactory, [], true);
call_user_func_array(array($f, 'main'), []);
}
public function main($user)
{
//loadLanguageFile('play');
include '../lang/English.php';
include '../lang/sk/play.php';
$msg = array();
$pm['messages'] = array();
$page = 'Pages/Messages';
// was 151
// If logged in
if ($user['login_status'] == 1) {
// TASK = VIEW
if (isset($this->request[0]) && $this->request[0] == 'view') {
$id = $this->request[1];
$sql = Query::query('SELECT * FROM messages WHERE id=' . $id . ' LIMIT 1');
if ($row = $sql->fetch_array()) {
$this->set('reply', '<a href="' . 'messages/send/&id=' . $row['sender_id'] . '&re=' . $row['id'] . '">' . PM_REPLY . '</a>');
$this->set('delete', '<a href="' . 'messages/delete/' . $row['id'] . '">' . PM_DELETE_MESSAGE . '</a>');
$this->set('unread', '<a href="' . 'messages/unread/' . $row['id'] . '">' . PM_MARK_UNREAD . '</a>');
$this->set('subject', $row['title']);
$this->set('img', 'uploads/avatars/' . $row['sender_id'] . '.jpg');
$this->set('date', $row['date']);
$this->set('profile', 'profile&id=' . $row['sender_id']);
$this->set('username', $row['sender_name']);
$this->set('message', str_replace("\n", "<br>", $row['message']));
if ($row['opened'] == 0) {
Query::query('UPDATE messages SET opened=1 WHERE messages.id=' . $id . ' LIMIT 1');
// Update user messages counter
$msg_count = Query::query('SELECT COUNT(*) as Num FROM messages WHERE user_id=' . $user['id'] . ' AND opened=0')->fetch_assoc()['Num'];
$update = Query::query('UPDATE tbl_users SET messages=' . $msg_count . ' WHERE id=' . $user['id']) or die(mysql_error());
}
}
$page .= 'Pages/View';
}
// TASK = SEND
if (isset($this->request[0]) && $this->request[0] == 'send') {
$id = $this->request[1];
if (isset($this->request[2])) {
$re = intval($this->request[2]);
$re2 = Query::query("SELECT * FROM messages WHERE id={$re} AND user_id={$user['id']}")->fetch_assoc();
$this->set('subject', 'Re: ' . $re2['title']);
$this->set('msg', "\n\n\n" . $re2['sender_name'] . " wrote:\n> " . str_replace("<br />", "\n>", preg_replace('/\\s+/', ' ', nl2br($re2['message']))));
} else {
$this->set('subject', '');
$this->set('msg', '');
}
$this->set('action', 'messages/sent/' . $id);
$page .= 'Pages/Send';
}
// TASK = SENT
if (isset($this->request[0]) && $this->request[0] == 'sent') {
$id = $this->request[1];
// Give it a title if it lacks one
if ($_POST['message_title'] == "") {
$title = 'Untitled';
} else {
$title = Query::secure($_POST['message_title']);
}
$message = Query::secure($_POST['message']);
$date = date("F j Y, G:i");
$read = 0;
Query::query("INSERT INTO messages (user_id, sender_id, sender_name, title, message, date, ip) \r\n\t\t\t\t VALUES ('{$id}', '{$user['id']}', '{$user['username']}', '{$title}', '{$message}', '{$date}', '{$_SERVER['REMOTE_ADDR']}')");
echo 'Message sent!<br><br>
<a href="profile/' . $id . '">Return to user profile</a><br>
<a href="messages">Go to inbox</a>';
// Update user messages counter
$msg_count = Query::query('SELECT COUNT(opened) as Num FROM messages WHERE user_id=' . $user['id'] . ' AND opened=0')->fetch_assoc()['Num'];
$update = Query::query("UPDATE tbl_users SET messages={$msg_count} WHERE id='{$user['id']}'") or die(mysql_error());
}
// TASK = DELETE
if (isset($this->request[0]) && $this->request[0] == 'delete') {
$id = $this->request[1];
$result = Query::query('DELETE FROM messages WHERE id=' . $id . ' AND user_id=' . $user['id']);
// Update user messages counter
$msg_count = Query::query('SELECT COUNT(opened) as Num FROM messages WHERE user_id=' . $user['id'] . ' AND opened=0')->fetch_assoc()['Num'];
$update = Query::query("UPDATE tbl_users SET messages={$msg_count} WHERE id='{$user['id']}'") or die(mysql_error());
echo '<div id="pm_task_complete">' . PM_DELETED . '</div>';
}
// TASK = UNREAD
if (isset($this->request[0]) && $this->request[0] == 'unread') {
$id = $this->request[1];
$read = Query::query('SELECT opened FROM messages WHERE id=' . $id . ' LIMIT 1')->fetch_assoc()['opened'];
if ($read == 1) {
Query::query('UPDATE messages SET opened = 0 WHERE messages.id = ' . $id . ' LIMIT 1');
// Update user messages counter
$msg_count = Query::query('SELECT COUNT(opened) as Num FROM messages WHERE user_id=' . $user['id'] . ' AND opened=0')->fetch_assoc()['Num'];
$update = Query::query("UPDATE tbl_users SET messages={$msg_count} WHERE id='{$user['id']}'") or die(mysql_error());
echo '<div id="pm_task_complete">' . PM_MAU . '</div>';
}
}
// TASK = READ
if (isset($this->request[0]) && $this->request[0] == 'read') {
$id = $this->request[1];
$read = Query::query('SELECT opened FROM messages WHERE id=' . $id . ' LIMIT 1')->fetch_assoc()['opened'];
if ($read == 0) {
Query::query('UPDATE messages SET opened = 1 WHERE messages.id = ' . $id . ' LIMIT 1');
// Update user messages counter
$msg_count = Query::query('SELECT COUNT(opened) as Num FROM messages WHERE user_id=' . $user['id'] . ' AND opened=0')->fetch_assoc()['Num'];
$update = Query::query("UPDATE tbl_users SET messages={$msg_count} WHERE id='{$user['id']}'") or die(mysql_error());
echo '<div id="pm_task_complete">' . PM_MAU . ' read</div>';
}
}
// Get all messages
$msgs = Query::query("SELECT COUNT(opened) as Num FROM messages WHERE user_id={$user['id']}")->fetch_assoc()['Num'];
if ($msgs >= 1) {
$sql = Query::query("SELECT * FROM messages WHERE user_id={$user['id']} ORDER BY id desc");
while ($row = $sql->fetch_assoc()) {
if ($row['opened'] == 0) {
$link_class = 'unread_pm_link';
} else {
$link_class = 'read_pm_link';
}
$profile_url = Utils::ProfileUrl($row['sender_id'], $row['sender_name']);
$msg['profile_url'] = $profile_url;
$msg['url'] = 'messages/view/' . $row['id'];
$msg['title'] = $row['title'];
$msg['date'] = $row['date'];
$msg['sender_name'] = $row['sender_name'];
$msg['link_class'] = $link_class;
$msg['reply'] = 'messages/reply/re=' . $row['id'] . '&id=' . $row['sender_id'];
$msg['unread'] = 'messages/unread/' . $row['id'];
$msg['read'] = 'messages/read/' . $row['id'];
$msg['delete'] = 'messages/delete/' . $row['id'];
$msg['reply_img'] = 'img/msg-reply.png';
$msg['unread_img'] = 'img/msg-unread.png';
$msg['read_img'] = 'img/msg-read.png';
$msg['delete_img'] = 'img/msg-delete.png';
array_push($pm['messages'], $msg);
}
}
} else {
header("Location: login");
}
$this->set('messages', $pm['messages']);
$this->render($page);
}
include '../../../app/models/Query.php';
include '../../../app/models/Settings.php';
include '../../../app/models/User.php';
include '../../../app/models/Utils.php';
$query = new SQLQuery();
$query->connect('localhost', 'root', '', 'boxarcade');
Settings::Init();
include '../../../lang/' . Settings::Get('language') . '.php';
User::sec_session_start();
User::Init();
$userid = intval($_SESSION['user_id']);
$the_comment = Utils::secure($_POST['comment']);
$id = intval($_POST['id']);
if (User::login_check(Query::$mysqli) == true) {
$date = date("Y-m-d H:i:s");
Query::query("INSERT INTO tbl_comments (user, comment, link_id, date, ip) VALUES ('{$userid}', '{$the_comment}', '{$id}', '{$date}', '{$_SERVER['REMOTE_ADDR']}')");
$user_url = '';
//'uploads/avatars/' . User::Get('id') . User::Get('AvatarType');//ProfileUrl($user2['id'], $user2['seo_url']);
$content = stripslashes(nl2br(strip_tags($_POST['comment'])));
$username = User::Get('Username');
$report_button = '';
$delete = '';
if (User::Get('AvatarType') == '') {
$avatar_url = '/uploads/avatars/default.png';
} else {
$avatar_url = 'uploads/avatars/' . User::Get('id') . User::Get('AvatarType');
}
//$this->set('user_avatar', 'uploads/avatars/' . User::Get('id') . User::Get('AvatarType'));
include '../../../app/templates/sections/CommentsAJAX.tpl';
//$comment = array('username' => $user2['username'], 'content' => stripslashes(nl2br(strip_tags($_POST['comment']))), 'user_points' => $user2['points'], 'date' => FormatDate($date, 'time'));
//$comment['delete'] = '';
