public function showProfileForm($szUsername) { $userData = core::$sql->fetchArray("select * from srcms_userprofiles where JID='" . user::accountJIDbyUsername($szUsername) . "'"); $genderSelector = null; $publicProfileSelector = null; if ($userData['gender'] == '0') { $genderSelector = "<option value='0' selected>Male</option>\r\n\t<option value='1'>Female</option>"; } else { $genderSelector = "<option value='0'>Male</option>\r\n\t<option value='1' selected>Female</option>"; } if ($userData['ispublic'] == '1') { $publicProfileSelector = "<option value='1' selected>Yes</option>\r\n\t<option value='0'>No</option>"; } else { $publicProfileSelector = "<option value='1'>Yes</option>\r\n\t<option value='0' selected>No</option>"; } echo "\r\n\t<table id='table-3' border='0' cellpadding='0' cellspacing='0'>\r\n\t<form method='post'>\r\n\t<td>Username</td><td>{$_SESSION['username']}</td><tr/>\r\n\t<td>Gender</td>\r\n\t<td>\r\n\t<select name='gender'>\r\n\t{$genderSelector}\r\n\t</select>\r\n\t</td>\r\n\t<tr/>\r\n\t<td>Avatar url</td><td><input type='text' name='avatar' value='{$userData['avatar']}'></td><tr/>\r\n\t<td>Avatar</td><td><img src='{$userData['avatar']}'></img></td><tr/>\r\n\t<td>Skype</td><td><input type='text' name='skype' value='{$userData['skype']}'></td><tr/>\r\n\t<td>MSN</td><td><input type='text' name='msn' value='{$userData['msn']}'></td><tr/>\r\n\t<td>Show profile to public</td><td>\r\n\t<select name='ispublic'>\r\n\t{$publicProfileSelector}\r\n\t</select>\r\n\t</td>\r\n\t"; if ($core->aConfig['allowRefferals'] == 1) { echo "<tr/><td>Refferal link</td><td>\r\n\t<a href='" . $core->aConfig['url'] . "?pg=reg&ref={$_SESSION['username']}'>" . $core->aConfig['url'] . "?pg=reg&ref={$_SESSION['username']}</a></td>"; } echo "\r\n\t<tr/>\r\n\t<td></td><td><input type='submit' name='submit' value='Save'></td>\r\n\r\n\t</form>\r\n\r\n\t</table>\r\n\t"; }
<?php $userRank = core::$sql->getRow("select whois from srcms_userprofiles where JID='" . user::accountJIDbyUsername($_SESSION[username]) . "'"); if ($userRank != "admin") { echo "NOT ADMIN"; return; } switch ($_GET['act']) { case 'news': if (!isset($_GET['subact'])) { echo "<a href='?pg=admin&act=news&subact=add'><b>Add</b></a><br/>\r\n\t\t\t\t <a href='?pg=admin&act=news&subact=del'><b>Delete</b></a><br/>\r\n\t\t\t\t <a href='?pg=admin&act=news&subact=edit'><b>Edit</b></a><br/>"; } else { switch ($_GET['subact']) { case 'add': if (!isset($_POST['submit']) && !isset($_POST['title'])) { echo "<table id='table-3' border='1' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t\t\t<td>Title</td><td><input type='text' name='title'></td><tr/>\r\n\t\t\t\t\t\t\t\t\t<td>Text</td><td><textarea id = 'textBox' name='textBox' rows='5' cols='100'>Type your message here</textarea></td><tr/>\r\n\t\t\t\t\t\t\t\t\t<td></td><td><input type='submit' name='submit' value='Add'></td>\r\n\t\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t\t </table><br/>\r\n\t\t\t\t\t\t\t \r\n\t\t\t\t\t\t\t <script>CKEDITOR.replace( 'textBox' );</script>\r\n\t\t\t\t\t\t\t \r\n\t\t\t\t\t\t\t "; } else { $szTitle = security::toHTML($_POST['title']); //$szText = misc::applyAttributesToText($_POST['textBox']); $szText = stripslashes(security::toHTML($_POST['textBox'])); core::$sql->exec("insert into srcms_news(title,content,author,time) values('{$szTitle}','{$szText}','{$_SESSION['username']}','" . misc::getDateTime() . "')"); echo "News article added.<br/>"; misc::redirect('?pg=admin&act=news', 1); } break; case 'del': if (isset($_GET['id'])) { $nID = (int) $_GET['id']; if (core::$sql->numRows("select * from srcms_news where id='{$nID}'") > 0) { core::$sql->exec("delete from srcms_news where id='{$nID}'"); core::$sql->exec("delete from srcms_newscomments where newsID='{$nID}'");
<?php if (isset($_GET['username']) && security::isSecureString($_GET['username'], 3)) { $userData = core::$sql->fetchArray("select * from srcms_userprofiles where JID='" . user::accountJIDbyUsername($_GET['username']) . "'"); if ($userData['ispublic'] == '1') { user::viewProfile($_GET['username']); //send msg there too } else { user::viewProfile($_GET['username']); //send msg there too } } else { echo "No username specified, or username contains forbidden symbols.<br/>"; }
if ($core->aConfig['allowEpinSystem'] == 0) { echo "This module is currently disabled.<br/>"; break; } else { if (!isset($_POST['code']) && !isset($_POST['sure'])) { echo "<table id='table-3' border='1' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t\t\t\t<td><input type='text' name='code' value='type your EPIN code here'></td><tr/>\r\n\t\t\t\t\t\t\t\t\t\t<td><center><input type='submit' name='submit' value='Use'></center></td>\r\n\t\t\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t\t\t\t</table>"; } else { $nCodeNumber = (int) $_POST['code']; if (core::$sql->numRows("select * from srcms_epin where code='{$nCodeNumber}'") > 0) { $aPinData = core::$sql->exec("select * from srcms_epin where code='{$nCodeNumber}'"); $aPinData = mssql_fetch_array($aPinData); if (!isset($_POST['sure'])) { echo "Do you really want to use this code ? It will give you [{$aPinData['silkAmount']}] silk.<br/>\r\n\t\t\t\t\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t\t\t\t\t<input type='hidden' name='code' value='{$nCodeNumber}'>\r\n\t\t\t\t\t\t\t\t\t\t\t<input type='submit' name='sure' value='Yes'>\r\n\t\t\t\t\t\t\t\t\t\t\t</form><br/>"; misc::back(); } else { core::$sql->exec("update SK_Silk set silk_own=(silk_own + {$aPinData['silkAmount']}) where JID='" . user::accountJIDbyUsername($_SESSION['username']) . "'"); //delete used code core::$sql->exec("delete from srcms_epin where code='{$nCodeNumber}'"); echo "You got your [{$aPinData['silkAmount']}] silk."; misc::redirect('?pg=ucp&act=epin', 1); } } else { echo "Invalid EPIN code ! Please, try again.<br/>"; misc::back(); } } } break; default: echo "Invalid module name specified.<br/>"; break;
} echo "\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t"; if ($core->aConfig['allowMyProfile'] == 1) { echo "<td><a href='./?pg=ucp&act=myprofile'>My profile</a></td>"; } if ($core->aConfig['allowRefferals'] == 1) { echo "<td><a href='./?pg=ucp&act=refferals'>My refferals</a></td>"; } echo "\r\n\t\t</tr>\r\n\t\t<tr>\r\n\t\t"; if ($core->aConfig['allowEpinSystem'] == 1) { echo "<td><a href='./?pg=ucp&act=epin'>Use EPIN</a><br></td>"; } echo "<td><a href='./?pg=emailreplace'>Change Email</a></td>"; if ($core->aConfig['allowMailbox'] == 1) { echo "<a href='./?pg=ucp&act=mailbox'>Mailbox "; $myJID = user::accountJIDbyUsername($_SESSION['username']); $nMsgCountUnread = core::$sql->numRows("select * from srcms_privatemessages where receiver='{$myJID}' and viewed='0'"); $nMsgCountRead = core::$sql->numRows("select * from srcms_privatemessages where receiver='{$myJID}' and viewed='1'"); $nMsgCount = core::$sql->numRows("select * from srcms_privatemessages where receiver='{$myJID}'"); $msgText = ""; if ($nMsgCountUnread > 0) { $msgText = "[<b>{$nMsgCount} / " . $core->aConfig['maxPrivMsg'] . "]</a></b>"; } else { $msgText = "[{$nMsgCount} / " . $core->aConfig['maxPrivMsg'] . "]</a>"; } } echo "{$msgText}\r\n\t<br />\t<td><a href='./?pg=ucp&act=logout'>Logout</a></td>\r\n\t\t</tr>\r\n</table>\r\n\t"; } else { if ($_POST['submit'] != 'login') { ucp::showLoginForm(); } else {
} } else { if (user::accountExists($_POST['username']) == 1) { echo "This username is already taken."; } else { core::$sql->exec("insert into TB_User(StrUserID,password,sec_content,sec_primary, email) values('{$_POST['username']}','" . md5($_POST['pass1']) . "','3','3','{$_POST['email']}')"); $nJID = user::accountJIDbyUsername($_POST['username']); $szAvatarDefault = $core->aConfig['url'] . "img/noavatar.png"; core::$sql->exec("insert into srcms_userprofiles(JID,gender,skype,msn,avatar,whois, ispublic) values('{$nJID}','0','None','None','{$szAvatarDefault}','user','1')"); core::$sql->exec("insert into SK_Silk(JID,silk_own,silk_gift,silk_point) values('{$nJID}','" . $core->aConfig['startSilk'] . "','0','0')"); if (isset($_SESSION['ref'])) { if ($_SESSION['ref'] == $_SESSION['username']) { echo "<br/>You can't be refferer for your own account (but account created).<br/>"; return; } $reffererJID = user::accountJIDbyUsername($_SESSION['ref']); if ($reffererJID > 0) { $nRefIPs = core::$sql->numRows("select * from srcms_refferals where IP='" . $_SERVER[REMOTE_ADDR] . "'"); if ($nRefIPs < $core->aConfig['maxRefAccIP']) { $datetime = gmDate('Y-m-d H:i:s'); core::$sql->exec("insert into srcms_refferals(reffererJID,invitedUserJID,time,ip) values('{$reffererJID}','{$nJID}','{$datetime}','{$_SERVER['REMOTE_ADDR']}')"); unset($_SESSION['ref']); } } } $sName = $core->aConfig['serverName']; mail($_POST['email'], "Thanks for registering at {$sName}", "Thanks for registering at {$sName}, we really hope you will have a great fun playing here.", "From:noreply {$sName}"); echo "Account successfully registered."; misc::redirect("?pg=news", 2); } }
public static function viewProfile($szUsername) { $userData = core::$sql->fetchArray("select * from srcms_userprofiles where JID='" . user::accountJIDbyUsername($szUsername) . "'"); $gender = null; if ($userData['gender'] == '0') { $gender = "Male"; } else { $gender = "Female"; } $szRank = core::$sql->getRow("select whois from srcms_userprofiles where JID='" . user::accountJIDbyUsername($szUsername) . "'"); $szRank = user::getRankText($szRank); echo "\r\n\t\t\t\t<table id='table-3' border='1' cellpadding='0' cellspacing='0'>\r\n\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t<td>Username</td><td>{$szUsername}</td><tr/>\r\n\t\t\t\t\t<td>Rank</td><td>{$szRank}</td><tr/>\r\n\t\t\t\t\t<td>Gender</td><td>{$gender}</td><tr/>\r\n\t\t\t\t\t<td>Avatar</td><td><img src='{$userData['avatar']}'></img></td><tr/>\r\n\t\t\t\t\t<td>Skype</td><td>{$userData['skype']}</td><tr/>\r\n\t\t\t\t\t<td>MSN</td><td>{$userData['msn']}</td><tr/>\t\t\t\r\n\t\t\t\t\t</form>\r\n\t\t\t\t</table>\r\n\t\t\t\t"; global $core; if ($core->aConfig['allowShowCharOwner'] == 1) { //list characters $nChars = char::getCharCount($szUsername); if ($nChars > 0) { $naChars = user::charIDsByUsername($szUsername); $naCharNames = char::charNamesByIDs($naChars); echo "<br/><br/><b>Characters on account</b><table id='table-3' border='1'><td>Char name</td><tr/>"; foreach ($naCharNames as $nElem) { echo "<td><a href='?pg=rank&type=char&name={$nElem}'>{$nElem}</a></td><tr/>"; } echo "</table>"; } else { echo "<br/>This user has no characters.<br/>"; } if ($_SESSION['username'] == $szUsername) { return; } } if ($core->aConfig['allowMailbox'] == 1) { if (isset($_SESSION['username'])) { if (!isset($_POST['submit'])) { echo "<br/><b>Send private message</b><br/>\r\n\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\tTo: <b>{$_GET['username']}</b><br/><br/>\r\n\t\t\t\t\t\t\t<input type='text' name='msgTitle' value='Message title'><br/>"; echo "\r\n\t\t\t\t\t\t\t<br/><textarea id='sendUserPrivMsgTextBox' name='msgText' rows='2' cols='100'>Type your message here</textarea><br/>\r\n\t\t\t\t\t\t\t<input type='submit' name='submit' value='Send'>\r\n\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t\t<script>CKEDITOR.replace( 'msgText' );</script>\r\n\t\t\t\t\t\t\t\t "; } else { user::sendWebPrivMsg($szUsername, $_SESSION['username'], $_POST['msgTitle'], $_POST['msgText']); } } else { echo "You must be logged in in order to send private messages.<br/>"; } } }
public static function getCharCount($szUsername) { $nJID = user::accountJIDbyUsername($szUsername); core::$sql->changeDB("shard"); return core::$sql->getRow("select count(*) from _User where UserJID='{$nJID}'"); }
echo "</table></td></table>"; core::$sql->changeDB('shard'); } misc::back(); } else { echo "Owner of account on which this character is created didn't want you to view he's (her) data.<br/>"; } } } else { core::$sql->changeDB("shard"); $hQuery = core::$sql->exec("select top 50 * from _Char where CharName16 not like '%[GM]%' order by CurLevel desc"); echo "<table id='table-3' width='100%' border='0' cellpadding='0' cellspacing='0'>\r\n\t\t\t<td width='5%' align='center' class='thead'>Rank</td>\r\n\t\t\t<td width='5%' align='center' class='thead'>Race</td>\r\n\t\t\t<td width='30%' align='center' class='thead'>Nick</td>\r\n\t\t\t<td width='15%' align='center' class='thead'>Level</td>\r\n\t\t\t<td width='15%' align='center' class='thead'>SP</td>\r\n\t\t\t<td width='15%' align='center' class='thead'>Strength</td>\r\n\t\t\t<td width='15%' align='center' class='thead'>Intellect</td><tr/>"; $n = 1; while ($row = mssql_fetch_array($hQuery)) { $szUsername = user::usernameByCharname($row['CharName16']); $bCanView = core::$sql->getRow("select ispublic from srcms_userprofiles where JID='" . user::accountJIDbyUsername($szUsername) . "'"); if ($bCanView > 0) { $icon = ""; if ($row['RefObjID'] < 3000) { $icon = "<img src='img/Character/race_china.png'>"; } else { $icon = "<img src='img/Character/race_euro.png'>"; } echo "<td align='center'>{$n}</td>\r\n\t\t\t\t\t<td align='center'>{$icon}</td>\r\n\t\t\t\t\t<td align='center'><a href='?pg=rank&type=char&name={$row['CharName16']}'>{$row['CharName16']}</a></td>\r\n\t\t\t\t\t<td align='center'>{$row['CurLevel']}</td>\r\n\t\t\t\t\t<td align='center'>{$row['RemainSkillPoint']}</td>\r\n\t\t\t\t\t<td align='center'>{$row['Strength']}</td>\r\n\t\t\t\t\t<td align='center'>{$row['Intellect']}</td><tr/>"; $n++; } } echo "</table>"; } break; //Search Character Script.