<tr> <td class='tablesubheader' width='1%' align='center'>ID</td> <td class='tablesubheader' width='20%'>Nome do Template</td> <td class='tablesubheader' width='12%' align='left'>Versão</td> <td class='tablesubheader' width='12%' align='left'>Autor</td> <td class='tablesubheader' width='10%' align='left'>Ativado?</td> <td class='tablesubheader' width='1%' align='center'>Ativar</td> <td class='tablesubheader' width='1%' align='center'>Deletar</td> </tr> <?php $query_min = $page * 50 - 50; if ($query_min < 0) { // Page 1 $query_min = 0; } $get_articles = Transaction::query("SELECT * FROM mobbo_templates ORDER BY id DESC LIMIT 100"); while ($row = Transaction::fetch($get_articles)) { ?> <tr> <td class='tablerow1' align='center'><?php echo $row['id']; ?> </td> <td class='tablerow2'><strong><?php echo Security::textFilterHK($row['name']); ?> </strong><div class='desctext'><?php echo $row['longstory']; ?> </div></td>
$rawname = htmlentities($_SESSION['id']); $usersql = Transaction::query("SELECT * FROM users WHERE id = '" . $rawname . "' LIMIT 1"); $myrow = Transaction::fetch($usersql); $ban = Transaction::query("SELECT * FROM bans WHERE value = '" . $myrow['username'] . "' AND bantype = 'user' or value = '" . $remote_ip . "' AND bantype = 'ip' LIMIT 1"); $bancheck = Transaction::num_rows($ban); if ($myrow['ip_reg'] == "0") { Transaction::query("UPDATE users SET ip_reg = '" . $remote_ip . "' WHERE id = '" . $myrow['id'] . "'"); } elseif ($bancheck > 0) { $bandata = Transaction::fetch($ban); $timestamp = time(); if ($bandata['expire'] > $timestamp) { session_destroy(); header("Location: index.php"); exit; } else { Transaction::query("DELETE FROM bans WHERE value = '" . $name . "' AND bantype = 'user' or value = '" . $remote_ip . "' AND bantype = 'ip' LIMIT 1"); } } $rawhotel = 0; $rawhotel = md5($myrow['id'] + $myrow['username'] + $myrow['password'] + Security::getUserIP()); if (isset($_COOKIE['rawsessionhotel'])) { if ($_COOKIE['rawsessionhotel'] == $rawhotel) { $logged_in = true; $name = mobbo::HoloText($myrow['username']) != 0 ? mobbo::HoloText($myrow['username']) : "Guest"; $id = mobbo::HoloText($myrow['id']) != 0 ? mobbo::HoloText($myrow['id']) : 0; @($fb_id = mobbo::HoloText($myrow['fb_id']) != 0 ? mobbo::HoloText($myrow['fb_id']) : 0); $my_id = mobbo::HoloText($myrow['id']) != 0 ? mobbo::HoloText($myrow['id']) : 0; $motto = mobbo::HoloText($myrow['motto']) != 0 ? mobbo::HoloText($myrow['moyyo']) : "Nothing"; $mail = mobbo::HoloText($myrow['mail']) != 0 ? mobbo::HoloText($myrow['mail']) : "*****@*****.**"; $rank = mobbo::HoloText($myrow['rank']) != 0 ? mobbo::HoloText($myrow['rank']) : 0; $credits = mobbo::HoloText($myrow['credits']) != 0 ? mobbo::HoloText($myrow['credits']) : 0;
<table cellpadding='4' cellspacing='0' width='100%'> <tr> <td class='tablesubheader' width='1%' align='center'>ID</td> <td class='tablesubheader' width='20%'>Ttulo</td> <td class='tablesubheader' width='12%' align='left'>Data</td> <td class='tablesubheader' width='10%' align='left'>Autor</td> <td class='tablesubheader' width='1%' align='center'>Editar</td> <td class='tablesubheader' width='1%' align='center'>Remover</td> </tr> <?php $query_min = $page * 50 - 50; if ($query_min < 0) { // Page 1 $query_min = 0; } $get_articles = Transaction::query("SELECT * FROM mobbo_news ORDER BY id DESC LIMIT " . $query_min . ", 50"); while ($row = Transaction::fetch($get_articles)) { ?> <tr> <td class='tablerow1' align='center'><?php echo $row['id']; ?> </td> <td class='tablerow2'><strong><?php echo Security::textFilterHK($row['title']); ?> </strong><div class='desctext'><?php echo $row['longstory']; ?> </div></td>
<div class='tableborder'> <div class='tableheaderalt'><center>Usurios VIP atualmente</center></div> <table cellpadding='4' cellspacing='0' width='100%'> <tr> <td class='tablesubheader' width='20%' align='left'>Nome de usurio</td> <td class='tablesubheader' width='15%' align='left'>E-mail</td> <td class='tablesubheader' width='15%' align='left'>IP</td> <td class='tablesubheader' width='5%' align='left'>Editar</td> </tr> <?php $get_vip = Transaction::query("SELECT * FROM users WHERE rank = '2' ORDER BY lastonline"); while ($vip = Transaction::fetch($get_vip)) { $get_user = Transaction::query("SELECT * FROM users WHERE id = '" . $vip['id'] . "'"); while ($row = Transaction::fetch($get_user)) { if ($row['online'] >= 1) { $online = "online"; } else { $online = "offline"; } ?> <tr> <td class='tablerow1' align='left'><?php echo $row['username']; ?> (ID: <?php echo $row['id']; ?>
private function getdefault() { $query = Transaction::query("SELECT * FROM mobbo_templates WHERE active = '1' LIMIT 1;"); $row = Transaction::fetch($query); $this->path = $row['path']; }
<table cellpadding='4' cellspacing='0' width='100%'> <tr> <td class='tablesubheader' width='1%' align='center'>ID</td> <td class='tablesubheader' width='10%' align='center'>Cdigo do emblema</td> <td class='tablesubheader' width='10%' align='center'>Nome</td> <td class='tablesubheader' width='10%' align='center'>Preo</td> <td class='tablesubheader' width='10%' align='center'>Editar</td> <td class='tablesubheader' width='12%' align='center'>Borrar</td> </tr> <?php $query_min = $page * 50 - 50; if ($query_min < 0) { // Page 1 $query_min = 0; } $get_marktplatz = Transaction::query("SELECT * FROM mobbo_shop ORDER BY id DESC LIMIT " . $query_min . ", 50"); while ($row = Transaction::fetch($get_marktplatz)) { ?> <tr> <td class='tablerow1' align='center'><?php echo $row['id']; ?> </td> <td class='tablerow2' align='center'><img src="http://127.0.0.1/c_images/album1584/<?php echo $row['image']; ?> .gif" alt="<?php echo $row['image']; ?> "></td>
<div class='tableborder'> <div class='tableheaderalt'><center>Emblemas (<?php echo Transaction::evaluate("SELECT COUNT(*) FROM user_badges WHERE user_id = '" . $key . "'"); ?> ) </div> <table width='100%' cellspacing='0' cellpadding='5' align='center' border='0'> <tr> <td class='tablesubheader' width='1%' align='center'>Cdigo</td> <td class='tablesubheader' width='14%' align='center'>Emblema</td> </tr> <?php $sql = Transaction::query("SELECT * FROM user_badges WHERE user_id = '" . $key . "' ORDER BY badge_id"); while ($row = Transaction::fetch($sql)) { ?> <tr> <td class='tablerow1' align='center'><?php echo $row['badge_id']; ?> </td> <td class='tablerow2'><img src="<?php echo $cimagesurl . $badgesurl . $row['badge_id']; ?> .gif"></div></td> </tr> <?php
$get_users = Transaction::query("SELECT * FROM stafflogs ORDER BY id DESC"); while ($row = Transaction::fetch($get_users)) { ?> <script language="JavaScript" type="text/javascript"> function openWin () { var newWin = window.open ('', '', 'height=330, width=560'); newWin.document.close (); } </script> <?php $userdata = Transaction::query("SELECT * FROM users WHERE id = '" . $row['userid'] . "' LIMIT 1"); $userdata = Transaction::fetch($userdata); if (!empty($row['targetid'])) { $targetdata = Transaction::query("SELECT * FROM users WHERE id = '" . $row['targetid'] . "' LIMIT 1"); $targetdata = Transaction::fetch($targetdata); } else { $targetdata['username'] = "******"; } if (!empty($row['note'])) { $note = $row['note']; } else { $note = "<i>None given</i>"; } ?> <tr> <td class='tablerow1' align='left'><?php echo $row['action']; ?>
$pageid = "badgetool"; if (isset($_POST['badge']) && $_POST['name']) { $check_name = Transaction::query("SELECT * FROM users WHERE username = '******'name']) . "'"); if (Transaction::num_rows($check_name) > 0) { $userdata = Transaction::fetch($check_name); $check_badge = Transaction::query("SELECT * FROM user_badges WHERE user_id = '" . $userdata['id'] . "' AND badge_id = '" . Security::textFilter($_POST['badge']) . "' LIMIT 1"); if ($_POST['action'] == "give") { if (Transaction::num_rows($check_badge) < 1) { Transaction::query("INSERT INTO user_badges (user_id,badge_id,badge_slot) VALUES ('" . $userdata['id'] . "','" . Security::textFilter($_POST['badge']) . "','0')"); $msg = "<div class='rounded rounded-green'><center>Voc acabou de dar <b>" . Security::textFilter($_POST['name']) . "</b> o emblema " . Security::textFilter($_POST['badge']) . " com sucesso. <img src=\"./w/images/check.gif\"></center></div>"; } else { $msg = "<div class='rounded rounded-red'><center>" . $_POST['name'] . " J tm o Emblema " . $_POST['badge'] . ". <img src=\"./w/images/del.gif\"></center></div>"; } } else { if (Transaction::num_rows($check_badge) > 0) { Transaction::query("DELETE FROM user_badges WHERE user_id = '" . $userdata['id'] . "' AND badge_id = '" . Security::textFilter($_POST['badge']) . "'"); $msg = "<div class='rounded rounded-green'><center>Voc removeu o Emblema " . Security::textFilter($_POST['badge']) . " . <img src=\"./w/images/check.gif\"></center></div>"; } else { $msg = "<div class='rounded rounded-red'><center>" . Security::textFilter($_POST['name']) . " no tem o emblema " . Security::textFilter($_POST['badge']) . " <img src=\"./w/images/del.gif\"></center></div>"; } } } else { $msg = "<div class='rounded rounded-red'><center>No foi possvel encontrar o usurio! <img src=\"./w/images/del.gif\"></center></div>"; } } @(include 'subheader.php'); if (isset($msg)) { ?> <p><strong><?php echo $msg; ?>
<?php /* Hooks System 0.1a - mobbo 6.0 :: NAME :: Reffers of a User :: VERSION :: 1.0 :: AUTHOR :: bi0s */ $query = Transaction::query("SELECT * FROM users_referidos WHERE usuario = '" . mobbo::users_info('username') . "'"); $rows = Transaction::num_rows($query); if ($rows == NULL or $rows == 0) { $rows = "Nenhum"; } ?> <h5 align="center">você tem <span style="font-size:x-large;"><?php echo $rows; ?> </span> Referido(s)</h5> <?php if ($rows > 0) { ?> <a href="#" class="button tiny success radius alert" data-dropdown="drop2">Trocar Referidos por Doláres</a> <div id="drop2" class="f-dropdown content medium" data-dropdown-content> <h4>Compras</h4> <p>Atenção se você tiver 5 Referidos, Ganha 1 Dolar, se Você tiver 10 Referidos Ganha 2 Dolares, Assim Vai Adiante até 40 Referidos Que Ganha 8 Dolares, Se Você tiver 40 Referidos Automaticamente Ganha 8 Dolares, não Há como Escolher a Opção de Trocar 5 Referidos, Se você tiver mais de 40 Referidos basta Apenas Trocar Mais Uma Vez, E Assim Por Diante.</p> <p>Grato, A Direção.</p> <a class="button tiny success radius" href="/loja?buy=dolares">Trocar Os Seus Referidos por Doláre(s)</a> </div> <?php }
<td class='tablesubheader' width='10%' align='left'>IP</td> <td class='tablesubheader' width='10%' align='left'>Desde</td> <td class='tablesubheader' width='10%' align='left'>Acaba</td> <td class='tablesubheader' width='1%' align='left'>IP Banido</td> </tr> <?php $query_min = $page * 50 - 50; if ($query_min < 0) { // Page 1 $query_min = 0; } $get_bans = Transaction::query("SELECT * FROM bans WHERE expire + 3600 > '" . time() . "' ORDER BY expire LIMIT " . $query_min . ", 50"); while ($row = Transaction::fetch($get_bans)) { if ($row['bantype'] == 'user') { $userdata = Transaction::query("SELECT * FROM users WHERE username = '******'value'] . "'"); $users = Transaction::fetch($userdata); $ip_last = $users['ip_last']; } else { $ip_last = '-/-'; } $minuten = $row['expire'] - time(); if (time() >= $row['expire']) { $stat = "Expira em"; $color = "green"; } elseif (time() + 3600 >= $row['expire']) { if (date('i', $minuten) > 0) { $stat = "(H " . date('i', $minuten) . " minutos)"; $color = "orange"; } else { $stat = "(H " . date('s', $minuten) . " segundos)";
<div class='tableborder'> <div class='tableheaderalt'> <center>Pessoas online (<?php echo $onlineUsers; ?> )</center> </div> <table cellpadding='4' cellspacing='0' width='100%'> <tr> <td class='tablesubheader' width='1%' align='center'>ID</td> <td class='tablesubheader' width='15%'>Nome de usurio</td> <td class='tablesubheader' width='18%' align='left'>E-mail</td> <td class='tablesubheader' width='10%' align='left'>Data de registro</td> <td class='tablesubheader' width='10%' align='left'>Última vez conectado</td> <td class='tablesubheader' width='1%' align='left'>Editar</td> </tr> <?php $get_users = Transaction::query("SELECT * FROM users WHERE online > '0' ORDER BY username LIMIT " . $onlineUsers); while ($row = Transaction::fetch($get_users)) { ?> <tr> <td class='tablerow1' align='center'><?php echo $row['id']; ?> </td> <td class='tablerow2'><strong><?php echo $row['username']; ?> </strong><div class='desctext'><?php echo $row['ip_last']; ?> [<a href='http://who.is/whois-ip/ip-address/<?php
// Verifica se a extenso permitida if (!in_array(strtolower(strrchr($nome, ".")), $extensoes)) { $erro = 'Extensão inválida'; } // Se no houver erro if (!$erro) { // Gerando um nome aleatrio para a imagem $nomeAleatorio = md5(uniqid(time())) . strrchr($nome, "."); // Movendo arquivo para servidor if (!move_uploaded_file($temp, $caminho . $nomeAleatorio)) { $erro = 'Não foi possível anexar o arquivo'; } $path_info = pathinfo("uploads/{$nomeAleatorio}"); if ($path_info['extension'] == 'xml') { $xml = simplexml_load_file("uploads/{$nomeAleatorio}"); Transaction::query("INSERT INTO mobbo_plugins (id, plugin_name, plugin_version, plugin_author, mobbo_code) VALUES\n(NULL, '" . $xml->name . "', '" . $xml->version . "', '" . $xml->author . "', '" . $xml->code . "')"); $install = $xml->mysql_query; eval($install); echo "Plugin " . $xml->plugin_name . " installed."; logs::mobbo_log("pluginsdb"); } else { echo 'Error.'; } } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head>
<?php /* Hooks System 0.1a - mobbo 6.0 :: NAME :: Badges of Home :: VERSION :: 1.0 :: AUTHOR :: bi0s */ $query = Transaction::query("SELECT * FROM users WHERE username = '******' LIMIT 1"); $fetch = Transaction::fetch($query); $id = $fetch['id']; $query1 = Transaction::query("SELECT * FROM user_badges WHERE user_id = '" . $id . "' ORDER BY id DESC LIMIT 5"); while ($row = Transaction::fetch($query1)) { if (preg_match('/ACH/', $row['badge_id'])) { echo '<a class="th"><img data-tooltip class="has-tip" title="' . $row['badge_id'] . '" src="http://images.habbo.com/c_images/album1584/' . $row['badge_id'] . '.gif"></a>   '; } else { echo '<a class="th"><img data-tooltip class="has-tip" title="' . $row['badge_id'] . '" src="http://images.habbo.com/c_images/album1584/' . $row['badge_id'] . '.gif"></a>   '; } }
if ($_POST['headerclient'] == true) { header("location: {$path}/client"); exit; } else { header("location: " . $adminpath . "/p/home"); exit; } } else { $msg = "Nome de usuario, senha o Habbo ID incorrectos."; header("location: " . $adminpath . "/p/login"); } } else { $msg = "Voc deve preencher todos os campos!"; } } elseif ($notify_logout == true) { Transaction::query("INSERT INTO stafflogs (action,message,note,userid,targetid,timestamp) VALUES ('Housekeeping','Logout','notify_logout','" . $my_id . "','0','" . $date_full . "')"); $msg = "<font color='green'>Voc foi desconectado corretamente.</font>"; } else { $msg = "Faa o login"; } include 'subheader.php'; ?> <style type="text/css"> body { background-color: #fff } #fudeugeral { display:none; visibility:hidden;
<div class='tableborder'> <div class='tableheaderalt'>Alertas Activas</div> <table cellpadding='4' cellspacing='0' width='100%'> <tr> <td class='tablesubheader' width='1%' align='center'>ID</td> <td class='tablesubheader' width='20%' align='left'><?php echo $shortname; ?> Nombre</td> <td class='tablesubheader' width='50%' align='left'>Alerta</td> </tr> <?php $get_em = Transaction::query("SELECT * FROM mobbo_alerts ORDER BY id DESC"); while ($row = Transaction::fetch($get_em)) { $check = Transaction::query("SELECT * FROM users WHERE id = '" . $row['userid'] . "' LIMIT 1"); $user = Transaction::fetch($check); ?> <tr> <td class='tablerow1' align='center'><?php echo $row['id']; ?> </td> <td class='tablerow1' align='left'><?php echo $user['username']; ?> (ID: <?php echo $row['id']; ?> )</td>
$fetch2 = Transaction::fetch($query2); if ($usr_info['name'] == $fetch2['username']) { header("Location: /"); } elseif ($usr_info['last_name'] == $fetch2['username']) { header("Location /"); } elseif ($usr_info['mail2'] == $fetch2['mail']) { header("Location /"); } else { Transaction::query("INSERT INTO users (username,password,motto,mail,rank,fb_id) VALUES ('" . $usr_name2 . "', 'f09927c417e569baaeaa561f501d3e77', 'Registrei por facebook', '" . $usr_name . "', '2', '" . $usr_info . "');"); $q = "SELECT * FROM users WHERE fb_id='" . $user_info['id'] . "'"; $result = @Transaction::query($q); $row = Transaction::fetch($result); } } $q = "SELECT fb_id FROM users WHERE fb_id='" . $user_info['id'] . "'"; $result = @Transaction::query($q); $row = Transaction::fetch($result); $user_ida = $row['fb_id']; $_SESSION['fb_id'] = $user_ida; $user_id = $facebook->getUser(); if ($user_ida) { try { $ret_obj = $facebook->api('/me/feed', 'POST', array('link' => $msg, 'message' => $url)); } catch (FacebookApiException $e) { $login_url = $facebook->getLoginUrl(array('scope' => 'publish_stream')); echo 'Please <a href="' . $login_url . '">login.</a>'; error_log($e->getType()); error_log($e->getMessage()); } } else { echo 'Voce nao esta Logado Corretamente no Facebook Acesse Primeiramente www.facebook.com Apos Isso Tente Logar Novamente';
public static function show($actions = array()) { $action = htmlspecialchars($actions); switch ($action) { case "login": if (isset($_POST['username'])) { if (isset($_POST['password'])) { $email = Security::textFilter($_POST['username']); $password = md5(Security::textFilter($_POST['password'])); $find_user2 = Transaction::query("SELECT * FROM `users` WHERE `username` = '" . $email . "'"); $user_info2 = Transaction::fetch($find_user2); $find_user = Transaction::query("SELECT * FROM `users` WHERE `mail` = '" . $email . "'"); $user_info = Transaction::fetch($find_user); if ($user_info['password'] == $password or $user_info2['password'] == $password) { $queryban = Transaction::query("SELECT * FROM `bans` WHERE `value` = '" . $user_info['username'] . "' OR `value` = '" . $user_info2['username'] . "' LIMIT 1"); if (Transaction::num_rows($queryban) > 0) { $fetchban = Transaction::fetch($queryban); header("location: ../index.php?ban=" . $fetchban['value'] . "&reason=" . $fetchban['reason'] . "&time=" . $fetchban['expire'] . "&true=1"); exit; } if (!empty($user_info)) { $_SESSION['id'] = $user_info['id']; $_SESSION['userid'] = $user_info['id']; $rawhotel = md5($user_info['id'] + $user_info['username'] + $user_info['password'] + Security::getUserIP()); setcookie('rawsessionhotel', $rawhotel); } elseif (!empty($user_info2)) { $_SESSION['id'] = $user_info2['id']; $_SESSION['userid'] = $user_info2['id']; $rawhotel = md5($user_info2['id'] + $user_info2['username'] + $user_info2['password'] + Security::getUserIP()); setcookie('rawsessionhotel', $rawhotel); } header("location: me"); if ($_SESSION['login_try'] > 0) { $_SESSION['login_try'] = 0; } exit; } else { $_SESSION['login_try'] = $_SESSION['login_try'] + 1; header("location: ../index.php?erroro=" . $_POST['username'] . "&type=1"); exit; } } else { $_SESSION['login_try'] = $_SESSION['login_try'] + 1; header("location: ../index.php?erroro=" . $_POST['username'] . "&type=1"); exit; } } else { $_SESSION['login_try'] = $_SESSION['login_try'] + 1; header("location: ../index.php?erroro=" . $_POST['username'] . "&type=2"); exit; } break; case "logout": session_destroy(); setcookie('rawsessionhotel', '0'); header("location: ../index.php"); break; case "404": $ok = <<<PAGE <html> <title>404</title> \t <meta charset="utf-8"> <link type="text/css" rel="stylesheet" href="../web-gallery/css/marketing.css"> </head> <body style=""> <section id="oops" style="width: 100%;"> <div class="row"> <div class="large-9 medium-9 small-12 columns small-centered"> <h5>404: Página não Encontrada</h5> <h1 class="oversized">Esta página não existe...</h1> <p class="lead bottom40">Você pode tentar recarregar a página indo na <a href="./">homepage.</a></p> </div> </div> </section> <a class="exit-off-canvas"></a> </div> </div> </body></html> PAGE; echo $ok; break; case "405": $maintenance_text = mobbo::mobbo_settings('maintenance_text'); $ok = <<<PAGE <html> \t\t\t\t\t <meta charset="utf-8"> <title>405</title> <link type="text/css" rel="stylesheet" href="../web-gallery/css/marketing.css"> </head> <body style=""> <section id="oops" style="width: 100%;"> <div class="row"> <div class="large-9 medium-9 small-12 columns small-centered"> <h5>405: Estamos em Manutencao</h5> <h1 class="oversized">Opa! Manutencao.</h1> <p class="lead bottom40"><b>Motivo:</b> {$maintenance_text} <a href="/">Voltar a Home Page</a></p> </div> </div> </section> <a class="exit-off-canvas"></a> </div> </div> </body></html> PAGE; echo $ok; break; case 'referidos': echo ' <link type="text/css" rel="stylesheet" href="./web-gallery/css/marketing.css">'; if (!isset($_SESSION['id'])) { $ip = $_SERVER['REMOTE_ADDR']; $usuario = htmlentities($_GET['referido']); $query1 = Transaction::query("SELECT ip_referida FROM users_referidos WHERE ip_referida = '" . $ip . "' LIMIT 1"); if (Transaction::num_rows($query1) > 0) { echo '<div data-alert class="alert-box alert" style="position:fixed;width:100%;height:45px;z-index:9;"> IP Ja Registrado, voce nao Pode se Registrar por Este Referido. <a href="#" class="close">×</a> </div>'; } else { $_SESSION['referido'] = $ip; $_SESSION['referiduser'] = $usuario; header("Location: /registro"); } } break; case 'erroro': echo ' <link type="text/css" rel="stylesheet" href="./web-gallery/css/marketing.css">'; $erroro = htmlentities(addslashes($_GET['erroro'])); if ($_GET['type'] == 1) { echo '<div data-alert class="alert-box alert" style="position:fixed;width:100%;height:45px;z-index:9;"> ' . $erroro . ', Suas Credenciais de Logins sao Invalidas, e essa senha Mesmo? <a href="#" class="close">×</a> </div>'; } if ($_GET['type'] == 2) { echo '<div data-alert class="alert-box alert" style="position:fixed;width:100%;height:45px;z-index:9;"> ' . $erroro . ', Este usuario nao Existe, tem Certeza? <a href="#" class="close">×</a> </div>'; } break; case 'ban': echo ' <link type="text/css" rel="stylesheet" href="./web-gallery/css/marketing.css">'; $user = htmlentities(addslashes($_GET['ban'])); $reason = htmlentities(addslashes($_GET['reason'])); $reason = htmlentities(addslashes($_GET['expire'])); echo '<div data-alert class="alert-box alert" style="position:fixed;width:100%;height:45px;z-index:9;"> ' . $user . ', Você foi Banido, Pelo Seguinte Motivo: ' . $reason . ', Entre em Contato com os Admins! <a href="#" class="close">×</a> </div>'; break; case 'registro': if (isset($_POST['username']) && isset($_POST['mail']) && isset($_POST['pass'])) { $usuario = Security::textFilter(htmlentities($_POST['username'])); $mail = Security::textFilter(htmlentities($_POST['mail'])); $pass = Security::textFilter(htmlentities(md5($_POST['pass']))); $firstn = Security::textFilter(htmlentities($_POST['firstname'])); $lastn = Security::textFilter(htmlentities($_POST['lastname'])); $query = Transaction::query("SELECT `id` FROM `users` WHERE `mail` = '" . $mail . "'"); if (Transaction::num_rows($query) == 0) { $query = Transaction::query("SELECT `id` FROM `users` WHERE `username` = '" . $usuario . "'"); if (Transaction::num_rows($query) == 0) { if (strlen($_POST['pass']) > 5) { if (preg_match('`[a-z]`', $_POST['pass'])) { if (preg_match('`[0-9]`', $_POST['pass'])) { if (count(explode(' ', $usuario)) > 1) { echo 'Sem Espaço Em Branco Pls'; } else { if (mb_strlen($usuario) <= 25) { Transaction::query("INSERT INTO `users` (`username`, `password`, `mail`) VALUES ('" . $usuario . "', '" . $pass . "', '" . $mail . "');"); $get_id = Transaction::query("SELECT id FROM `users` WHERE `username` = '" . $usuario . "';"); $get_id_result = Transaction::fetch($get_id); $_SESSION['id'] = $get_id_result['id']; $_SESSION['userid'] = $get_id_result['id']; $_SESSION['step'] = 0; if (isset($_SESSION['referido'])) { $ip = htmlentities($_SESSION['referido']); $userne = htmlentities($_SESSION['referiduser']); Transaction::query("INSERT INTO users_referidos (usuario, ip_referida) VALUES ('" . $userne . "', '" . $ip . "');"); $_SESSION['referido'] = NULL; } echo 'OKAY'; } else { echo 'Menos Caracteres Pls'; } } } else { echo 'Esta senha a muito curta e/ou invalida'; } } else { echo 'Esta senha a muito curta e/ou invalida'; } } else { echo 'Esta senha a muito curta e/ou invalida'; } } else { echo 'Esse Usuario ja Existe'; } } else { echo 'Este e-mail esta em uso'; } } else { echo 'Erro...'; } break; case 'editarhome': if (isset($_POST['texto'])) { $username = htmlentities($_POST['username']); $texto = htmlentities(addslashes($_POST['texto'])); $fundo = htmlentities(addslashes($_POST['fundo'])); $cores = htmlentities($_POST['cor']); $video = htmlentities($_POST['video']); if (!empty($texto)) { Transaction::query("UPDATE users_homes SET texto = '" . $texto . "' WHERE username = '******'"); } if (!empty($video)) { Transaction::query("UPDATE users_homes SET video = '" . $video . "' WHERE username = '******'"); } if (!empty($cores)) { Transaction::query("UPDATE users_homes SET cores = '" . $cores . "' WHERE username = '******'"); } if (!empty($fundo)) { Transaction::query("UPDATE users_homes SET fundo = '" . $fundo . "' WHERE username = '******'"); } } break; case 'editarfundo': $fundo = htmlentities($_POST['fundo']); $words = array('http://', 'www.'); if (strpos($fundo, $words[0]) !== false or strpos($fundo, $words[1]) !== false) { $fundo = 'url(' . $fundo . ')'; } $username = htmlentities($_POST['username']); $user = mobbo::users_info('username'); if ($username == $user) { Transaction::query("UPDATE users SET fundom = '" . $fundo . "' WHERE username = '******'"); } break; case 'colocarmanutencao': if (mobbo::users_info("rank") >= 6) { if (mobbo::mobbo_settings("maintenance") == 0) { Transaction::query("UPDATE mobbo_settings SET value = '1' WHERE variable = 'maintenance'"); } elseif (mobbo::mobbo_settings("maintenance") == 1) { Transaction::query("UPDATE mobbo_settings SET value = '0' WHERE variable = 'maintenance'"); } header("Location: /me"); } else { header("Location: /me"); } break; case 'compraritem': $fetch = 0; $cat = 0; $query = 0; if (isset($_POST['cat'])) { $cat = htmlentities(addslashes($_POST['cat'])); $query = Transaction::query("SELECT * FROM mobbo_marktplatzvip WHERE id = '" . $cat . "' LIMIT 1"); $fetch = Transaction::fetch($query); $dolares = $fetch['dolares']; if (mobbo::users_info('dolares') >= $dolares) { $queryCheck = Transaction::query("SELECT * FROM user_badges WHERE user_id = '" . mobbo::users_info('id') . "' AND badge_id = '" . $cat . "' LIMIT 1"); if (Transaction::num_rows($queryCheck) < 1) { Transaction::query("UPDATE users SET dolares = dolares-'" . $fetch['dolares'] . "' WHERE id = '" . mobbo::users_info('id') . "' LIMIT 1"); Transaction::query("INSERT INTO user_badges (user_id, badge_id) VALUES ('" . mobbo::users_info('id') . "','" . $cat . "')"); $dolares = mobbo::users_info('dolares'); echo "Item Comprado com Sucesso, Seu Balanço de Dolares agora é de {$dolares}"; } else { echo "Você já Possui este Emblema"; } } else { echo "Você Não Possui Dolares Suficientes"; } } else { echo "Você é um Hacker ?"; } break; case 'wallupdate': if (isset($_POST['update'])) { //insert into wall table $message = Security::textFilter($_POST['update']); if ($message != "") { $image = ''; $time = time(); $video = ''; $userid = mobbo::users_info('id'); $query = Transaction::query("INSERT INTO `posts` (`desc`, `image_url`, `vid_url`,`date`,`userid`) VALUES ('{$message}', '{$image}', '{$video}','{$time}', '{$userid}')"); $ins_id = mysql_insert_id(); echo 'sucess'; } } break; default: die('This Action Does Not Exists'); break; } }
<a href="#" style="float:right" data-reveal-id="new_' . $row["id"] . '" class="radius button">Leia Mais…</a> <br><br><br> </div> </li> '; $c++; } ?> </ul> <?php $query_display = Transaction::query("SELECT * FROM mobbo_news"); $row_news = Transaction::num_rows($query_display); if ($row_news == 0) { echo ' '; } $query = Transaction::query("SELECT * FROM mobbo_news ORDER BY published DESC LIMIT 4"); $c = 0; while ($row = Transaction::fetch($query)) { $display = 'block'; if ($c > 0) { $display = 'none'; } $imageme = $row['image']; if (strpos($imageme, "#") !== false) { $backgrounde = 'background:' . $imageme . ' !important;'; } else { $backgrounde = 'background:url(' . $imageme . ') !important;'; } echo ' <div id="new_' . $row["id"] . '" class="reveal-modal xlarge" data-reveal> <div class="interior-header green" id="lolca" style="margin-top: -30px;height: 110px !important;background:#eee;background-position-y: -4px !important;">
function parsePlugins() { $types = array(); $result = Transaction::query("SELECT * FROM mobbo_plugins"); while ($row = Transaction::fetch($result)) { $name = $row['plugin_name']; $code = $row['mobbo_code']; $types[$name] = $code; } if (count($types) > 0) { foreach ($types as $tag => $data) { $query2 = Transaction::query("SELECT * FROM mobbo_plugins WHERE plugin_name = '{$tag}' LIMIT 1"); $string = '{{' . $tag . '}}'; if (strpos($this->output, $string)) { $PluginCode = Transaction::fetch($query2); $text = $PluginCode['mobbo_code']; $text = eval('?>' . $text . '<?php '); $this->output = str_replace('{{' . $tag . '}}', $text, $this->output); } } } else { $this->output = $this->output; } }
Transaction::query("INSERT INTO stafflogs (action,message,note,userid,targetid,timestamp) VALUES ('Housekeeping','Alterou as configuraes do Hotel','settings.php','" . $my_id . "','0','" . $date_full . "')"); Transaction::query("UPDATE mobbo_settings SET valuer = '" . $_POST['url'] . "' WHERE variabler = 'hotel_url'"); Transaction::query("UPDATE mobbo_settings SET valuer = '" . $_POST['mobbo_name'] . "' WHERE variabler = 'hotel_name'"); Transaction::query("UPDATE mobbo_settings SET valuer = '" . $_POST['maintenance'] . "' WHERE variabler = 'maintenance'"); Transaction::query("UPDATE mobbo_settings SET valuer = '" . $_POST['mobbo_maintenancet'] . "' WHERE variabler = 'maintenance_text'"); Transaction::query("UPDATE mobbo_settings SET valuer = '" . $_POST['mobbo_ticket'] . "' WHERE variabler = 'mobbo_ticket'"); $msg = "<div class='rounded rounded-green'><center>Alteraes salvas com sucesso <img src=\"./w/images/check.gif\"></center></div>"; } else { $msg = "<div class='rounded rounded-red'><center>No foi possvel salvar as alteraes <img src=\"./w/images/del.gif\"></center></div>"; } } $mobbo_url = Transaction::fetch($mobbo_url = Transaction::query("SELECT * FROM mobbo_settings WHERE variabler = 'hotel_url'")); $mobbo_name = Transaction::fetch($mobbo_name = Transaction::query("SELECT * FROM mobbo_settings WHERE variabler = 'hotel_name'")); $mobbo_maintenance = Transaction::fetch($mobbo_maintenance = Transaction::query("SELECT * FROM mobbo_settings WHERE variabler = 'maintenance'")); $mobbo_maintenancet = Transaction::fetch($mobbo_maintenancet = Transaction::query("SELECT * FROM mobbo_settings WHERE variabler = 'maintenance_text'")); $mobbo_ticket = Transaction::fetch($mobbo_ticket = Transaction::query("SELECT * FROM mobbo_settings WHERE variabler = 'hotel_ticket'")); $pageid = "settings"; @(include 'subheader.php'); if (isset($msg)) { ?> <p><strong><?php echo $msg; ?> </strong></p><?php } ?> <form action='<?php echo $adminpath; ?> /p/settings&do=save' method='post' name='theAdminForm' id='theAdminForm'>
<?php if (!file_exists('trava.php')) { @(include '../CORE.php'); Transaction::open(array('user' => $host_user, 'pass' => $host_pass, 'name' => $host_db, 'type' => $host_type, 'port' => $host_port, 'host' => $host)); $conn = Transaction::get(); $file = file_get_contents('install.sql'); Transaction::query($file); if (isset($_SESSION['hotel_name'])) { $hotelname = $_SESSION['hotel_name']; $hosting = $_SESSION['host_url']; Transaction::query("UPDATE mobbo_settings SET value = '" . $hotelname . "' WHERE variable = 'hotel_name'"); Transaction::query("UPDATE mobbo_settings SET value = '" . $hosting . "' WHERE variable = 'hotel_url'"); } $mensagem = "Setup Travado"; $log = fopen("trava.php", "a+"); fwrite($log, $mensagem); $a = 1; if ($a == 1) { echo '<META HTTP-EQUIV="Refresh" CONTENT="10; URL=../index.php">'; } ?> <html class=" js flexbox flexboxlegacy canvas canvastext webgl no-touch geolocation postmessage websqldatabase indexeddb hashchange history draganddrop websockets rgba hsla multiplebgs backgroundsize borderimage borderradius boxshadow textshadow opacity cssanimations csscolumns cssgradients cssreflections csstransforms no-csstransforms3d csstransitions fontface generatedcontent video audio localstorage sessionstorage webworkers applicationcache svg inlinesvg smil svgclippaths js flexbox flexboxlegacy canvas canvastext webgl no-touch geolocation postmessage websqldatabase indexeddb hashchange history draganddrop websockets rgba hsla multiplebgs backgroundsize borderimage borderradius boxshadow textshadow opacity cssanimations csscolumns cssgradients cssreflections csstransforms no-csstransforms3d csstransitions fontface generatedcontent video audio localstorage sessionstorage webworkers applicationcache svg inlinesvg smil svgclippaths js flexbox flexboxlegacy canvas canvastext webgl no-touch geolocation postmessage websqldatabase indexeddb hashchange history draganddrop websockets rgba hsla multiplebgs backgroundsize borderimage borderradius boxshadow textshadow opacity cssanimations csscolumns cssgradients cssreflections csstransforms no-csstransforms3d csstransitions fontface generatedcontent video audio localstorage sessionstorage webworkers applicationcache svg inlinesvg smil svgclippaths" lang="en" data-useragent="Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.57 Safari/537.36" style=""><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <meta charset="utf-8"> <title> mobbo - Welcome </title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <link rel="icon" href="../favicon.ico" type="image/x-icon"> <link rel="stylesheet" href="./gallery/css/foundation.css" /> <link rel="stylesheet" href="./gallery/css/cms.css" /> <link type="text/css" rel="stylesheet" href="./gallery/css/marketing.css"> </head>
Transaction::query("UPDATE `users` SET `auth_ticket` = '" . Security::GenerateTicket() . "', `ip_last` = '" . $myrealip . "' WHERE id = '" . $id . "'") or die(mysql_error()); } else { Transaction::query("UPDATE `users` SET `auth_ticket` = '" . Security::GenerateTicket() . "', `ip_last` = '" . $myrealip . "' WHERE id = '" . $id . "'") or die(mysql_error()); $ticketsql = Transaction::query("SELECT auth_ticket FROM users WHERE id = '" . $id . "'") or die(mysql_error()); $ticketrow = Transaction::fetch($ticketsql); } } else { $SQL = Transaction::query("SELECT auth_ticket FROM users WHERE fb_id = '" . $fb_id . "'"); echo mysql_error(); $N = Transaction::num_rows($SQL); if ($N == 0) { Transaction::query("UPDATE `users` SET `auth_ticket` = '" . Security::GenerateTicket() . "', `ip_last` = '" . $myrealip . "' WHERE fb_id = '" . $fb_id . "'") or die(mysql_error()); } else { Transaction::query("UPDATE `users` SET `auth_ticket` = '" . Security::GenerateTicket() . "', `ip_last` = '" . $myrealip . "' WHERE fb_id = '" . $fb_id . "'") or die(mysql_error()); } $ticketsql = Transaction::query("SELECT auth_ticket FROM users WHERE fb_id = '" . $fb_id . "'") or die(mysql_error()); $ticketrow = Transaction::fetch($ticketsql); } logs::mobbo_log("client"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb="http://www.facebook.com/2008/fbml"> <head> <meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" /> <title><?php echo $sitename; ?> </title> <script type="text/javascript">
<table cellpadding='4' cellspacing='0' width='100%'> <tr> <td class='tablesubheader' width='1%' align='center'>ID</td> <td class='tablesubheader' width='10%'>Nome</td> <td class='tablesubheader' width='15%' align='left'>E-Mail</td> <td class='tablesubheader' width='10%' align='left'>IP(Registro)</td> <td class='tablesubheader' width='10%' align='left'>IP(Última vez)</td> <td class='tablesubheader' width='20%' align='left'>Última vez no Hotel</td> <td class='tablesubheader' width='20%' align='left'>Data de registro</td> <td class='tablesubheader' width='10%' align='left'>Estado</td> <td class='tablesubheader' width='10%' align='left'>Banido</td> <td class='tablesubheader' width='10%' align='left'>Editar</td> </tr> <?php while ($row = Transaction::fetch($get_users)) { $get_banns = Transaction::query("SELECT * FROM bans WHERE value = '" . $row['id'] . "' AND bantype = 'user' OR value = '" . $row['ip_last'] . "' AND bantype = 'ip'"); if ($row['online'] > 0) { $status = "Online"; } else { $status = "Offline"; } if (Transaction::num_rows($get_banns) > 0) { $color = "Verde"; $text = "Sim"; } else { $color = "Vermelho"; $text = "No"; } ?> <tr>
Transaction::query("INSERT INTO credit_vouchers (code,value) VALUES ('" . Security::textFilter($_POST['voucher']) . "','" . Security::textFilter($_POST['credits']) . "')"); $msg = "<div class='rounded rounded-green'><center>Cdigo criado corretamente! <img src=\"./w/images/check.gif\"></center></div>"; } else { $msg = "<div class='rounded rounded-red'><center>Preencha todos os campos!. <img src=\"./w/images/del.gif\"></center></div>"; } } function randomVoucher($code) { $characters = "1234567890abdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ"; $key = $characters[rand(0, 71)]; for ($i = 1; $i < $code; $i++) { $key .= $characters[rand(0, 71)]; } return $key; } $get_vouchers = Transaction::query("SELECT * FROM credit_vouchers"); @(include 'subheader.php'); if (isset($msg)) { ?> <p><strong><?php echo $msg; ?> </p></strong><?php } ?> <form action='<?php echo $adminpath; ?> /p/vouchers&do=create' method='post' name='theAdminForm' id='theAdminForm'>
<?php /* Hooks System 0.1a - mobbo 6.0 :: NAME :: Users With More Duckets :: VERSION :: 1.0 :: AUTHOR :: bi0s */ $query1 = Transaction::query("SELECT * FROM users ORDER BY activity_points DESC LIMIT 4"); while ($row = Transaction::fetch($query1)) { $query2 = Transaction::query("SELECT * FROM users WHERE id = '" . $row['id'] . "' ORDER BY username ASC LIMIT 4"); while ($row2 = Transaction::fetch($query2)) { echo '<a class="th" style="border-radius: 50px;margin-right:6px;height: 92px;width: 90px;overflow: hidden;"><img style="margin-left:9px" data-tooltip class="has-tip" title="' . $row2['username'] . ', com ' . $row2['activity_points'] . ' duckets" src="http://habbo.de/habbo-imaging/avatarimage?figure=' . $row2['look'] . '" data-reveal-id="homeswall" onclick=\'loadHomes("' . $row2['username'] . '")\'></a>   '; } }
} else { $owner = 'yesiamtheowner'; } $user_rank = mobbo::users_info('rank'); if ($user_rank > 3 && $logged_in or !$logged_in) { $hkzone = true; $p = Security::textFilter($_GET['p']); $do = Security::textFilter($_GET['do']); $page = Security::textFilter($_GET['page']); $key = Security::textFilter($_GET['key']); $search = Security::textFilter($_POST['search']); if (mobbo::session_is_registered('acp')) { $session = $_SESSION['acp']; $admin_username = $_SESSION['hkusername']; $admin_password = $_SESSION['hkpassword']; $check = Transaction::query("SELECT * FROM `users` WHERE `username` = '" . $myrow['username'] . "' AND `rank` > 5 LIMIT 1"); $valid = Transaction::num_rows($check); if ($valid > 0) { $tmp = Transaction::fetch($check); if ($p == "logout") { session_destroy(); $notify_logout = true; include 'login.php'; } elseif ($p == "home") { $tab = 1; require_once 'home.php'; } elseif ($p == "test") { $tab = 1; require_once 'test.php'; } elseif ($p == "banners") { $tab = 3;
public static function Delete($template) { $path = TEMPLATES . $template . '/'; if (Files::del_dir($path)) { Transaction::query("DELETE FROM mobbo_templates WHERE path = '" . $template . "'"); return 1; } else { return 0; } }
public static function query($query) { $ip = $_SERVER['REMOTE_ADDR']; Transaction::log("A Seguinte Query Fo Feita: {$query} ;", "sql"); return Transaction::query($query); }
/manage/hotel/de/housekeeping/p/banners&do=save' method='post' name='theAdminForm' id='theAdminForm'> <div class='tableborder'> <div class='tableheaderalt'><center>Banners - Información general</center></div> <table cellpadding='4' cellspacing='0' width='100%'> <tr> <td class='tablesubheader' width='1%' align='center'>ID</td> <td class='tablesubheader' width='10%' align='center'>Texto</td> <td class='tablesubheader' width='10%' align='center'>Imagen</td> <td class='tablesubheader' width='10%' align='center'>URL</td> <td class='tablesubheader' width='10%' align='center'>HTML</td> <td class='tablesubheader' width='1%' align='center'>Editar</td> <td class='tablesubheader' width='1%' align='center'>Borrar</td> </tr> <?php $get_banners = Transaction::query("SELECT * FROM mobbo_banners ORDER BY id"); while ($row = Transaction::fetch($get_banners)) { ?> <tr> <td class='tablerow1' align='center'><?php echo $row['id']; ?> </td> <td class='tablerow2' align='center'><?php echo $row['text']; ?> </td> <td class='tablerow2' align='center'><?php echo $row['banner']; ?>