$sql = mysql_query("SELECT * FROM ava_news ORDER BY id DESC LIMIT {$from}, {$npp}"); } else { if (isset($_GET['id'])) { $sql = mysql_query("SELECT * FROM ava_news WHERE id=" . $id . " LIMIT 1"); } else { $name = mysql_secure($_GET['name']); $sql = mysql_query("SELECT * FROM ava_news WHERE seo_url= '{$name}' LIMIT 1"); } } while ($row = mysql_fetch_array($sql)) { $id = $row['id']; $sql2 = mysql_query("SELECT * FROM ava_users WHERE id='" . $row['user'] . "' LIMIT 1"); while ($row2 = mysql_fetch_array($sql2)) { // Assign items to 'news' array for use in the template $news = array('title' => $row['title'], 'author' => $row2['username'], 'date' => FormatDate($row['date'], 'time'), 'main' => $row['content']); $news['user_url'] = ProfileUrl($row2['id'], $row2['seo_url']); $news['news_url'] = NewsUrl($row['id'], $row['seo_url']); $news['comments'] = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_news_comments WHERE link_id={$row['id']}"), 0); $news['image_url'] = $setting['site_url'] . '/uploads/news_icons/' . $row['image']; // Include the template for news items include '.' . $setting['template_url'] . '/' . $template['news_item']; } } if (!isset($_GET['id']) && !isset($_GET['name'])) { $total_results = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_news"), 0); $total_pages = ceil($total_results / $npp); if ($total_pages > 1) { echo '<div class="category_pages">'; if ($page > 1) { $prev = $page - 1; $url = NewsPagesUrl($prev);
if (mysql_num_rows($requests_q)) { echo '<div class="friend_requests_header">Friend Requests</div> <div class="friend_requests_container">'; while ($friend = mysql_fetch_array($requests_q)) { $friend['url'] = ProfileUrl($friend['id'], $friend['seo_url']); $friend['avatar_url'] = AvatarUrl($friend['avatar'], $friend['facebook'], $friend['facebook_id']); $friend['last_activity'] = FormatDate($friend['last_activity'], 'time'); $friend['buttons'] = '<a href="#" onclick="ManageFriend(' . $friend['id'] . ', \'accept_request\', \'friends_page\');return false"><img src="images/add_friend.png" /></a> <a href="#" onclick="ManageFriend(' . $friend['id'] . ', \'delete_request\', \'friends_page\');return false"><img src="images/delete_friend.png" /></a>'; include '.' . $setting['template_url'] . '/' . $template['friend']; } echo '</div>'; } echo '<div class="friends_header">Friends</div> <div class="friends_container">'; // Mutual friends $friends_q = mysql_query("SELECT ava_users.*\n\tFROM ava_friends\n\tLEFT JOIN ava_users \n\tON ava_friends.user2 = ava_users.id\n\tWHERE ava_friends.user1 = {$user['id']}"); if (mysql_num_rows($friends_q)) { while ($friend = mysql_fetch_array($friends_q)) { $friend['url'] = ProfileUrl($friend['id'], $friend['seo_url']); $friend['avatar_url'] = AvatarUrl($friend['avatar'], $friend['facebook'], $friend['facebook_id']); $friend['last_activity'] = FormatDate($friend['last_activity'], 'time'); $friend['buttons'] = '<a href="index.php?task=send_message&id=' . $friend['id'] . '"><img src="images/friend_message.png" /></a> <a href="#" onclick="ManageFriend(' . $friend['id'] . ', \'delete_friend\', \'friends_page\');return false"><img src="images/delete_friend.png" /></a>'; include '.' . $setting['template_url'] . '/' . $template['friend']; } } else { echo '<div class="no_friends">' . NO_FRIENDS . '</div>'; } echo '</div>'; } else { echo FRIENDS_LOGIN; }
<?php // VIEW A PRIVATE MESSAGE defined('AVARCADE_') or die(''); if (isset($_COOKIE["ava_username"])) { $sql = mysql_query("SELECT * FROM ava_messages WHERE id= {$id}"); $row = mysql_fetch_array($sql); if ($user['id'] == $row['user_id']) { // Display the PM and the options echo '<div class="pm_header"> <div class="pm_subject">' . $row['title'] . '</div> <div class="pm_details"><strong>' . PM_FROM . ':</strong> <a href="' . $setting['site_url'] . '/index.php?task=profile&id=' . $row['sender_id'] . '">' . $row['sender_name'] . '</a> <strong>' . PM_DATE . ':</strong> ' . FormatDate($row['date'], 'time') . '</div></div> <div class="pm_message">' . $row['message'] . '</div>'; $profile_url = ProfileUrl($row['sender_id'], seoname($row['sender_name'])); echo ' <div class="pm_footer"> <p class="sub_button"><a href="' . $setting['site_url'] . '/index.php?task=send_message&id=' . $row['sender_id'] . '&re=' . $row['id'] . '">' . PM_REPLY . '</a></p> <p class="sub_button"><a href="' . $setting['site_url'] . '/index.php?task=messages&pm_task=delete&id=' . $row['id'] . '">' . PM_DELETE_MESSAGE . '</a></p> <p class="sub_button"><a href="' . $profile_url . '">' . PM_SENDER_PROFILE . '</a></p> <p class="sub_button"><a href="' . $setting['site_url'] . '/index.php?task=messages&pm_task=unread&id=' . $row['id'] . '">' . PM_MARK_UNREAD . '</a></p>'; if ($row['highscore_game_id'] == 0) { echo ' <p class="sub_button"><a href="#" onclick="ShowPopup(\'ava-popup\', \'' . $setting['site_url'] . '/includes/forms/pm_report_form.php?id=' . $row['id'] . '\', \'' . PM_REPORT . '\');return false">' . PM_REPORT . '</a></p>'; } echo '</div>'; if ($row['read'] == 0) { mysql_query("UPDATE ava_messages SET `read` = 1 WHERE id = {$row['id']} LIMIT 1"); // Update user messages counter $msg_count = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_messages WHERE user_id={$user['id']} AND `read`=0"), 0); $update = mysql_query("UPDATE ava_users SET messages={$msg_count} WHERE id='{$user['id']}'") or die(mysql_error()); } } else {
$date = date("F j Y"); if (isset($_COOKIE['ava_ref'])) { $referrer = intval($_COOKIE['ava_ref']); } else { $referrer = 0; } $seo_url = seoname($username); // If email validation is off, instantly activate the account if ($setting['email_on'] == 0) { $sql = mysql_query("INSERT INTO ava_users (username, password, email, activate, joined, referrer, seo_url)\n \t\tVALUES('{$username}', '{$passwordpro}', '{$email}', '1', '{$date}', {$referrer}, '{$seo_url}')") or die(mysql_error()); $new_user = mysql_insert_id(); // If user was referred, give the referrer points if (isset($_COOKIE['ava_ref'])) { mysql_query("UPDATE ava_users SET points = points + {$setting['points_refer']} WHERE id= {$referrer}"); $date = date("F j Y, G:i"); $profile_url = ProfileUrl($new_user, seoname($username)); mysql_query("INSERT INTO ava_messages (user_id, sender_id, sender_name, title, message, date) \n\t\t\t\t\tVALUES ('{$referrer}', '{$new_user}', '{$username}', '{$username} " . REF_PM_TITLE . " {$setting['site_name']}', '{$username} " . REF_PM_MESSAGE . ": <a href=\"{$profile_url}\">{$profile_url}</a>', '{$date}')"); } echo VALIDATED; } else { $sql = mysql_query("INSERT INTO ava_users (username, password, email, joined, referrer, seo_url)\n \t\t\tVALUES('{$username}', '{$passwordpro}', '{$email}', '{$date}', {$referrer}, '{$seo_url}')") or die(mysql_error()); $userid = mysql_insert_id(); $data = array('email_address' => $email, 'to_username' => $username, 'subject' => EMAIL_REGISTER_HEADER . ' ' . $username, 'send_email' => 1); $data['validate_url'] = $setting['site_url'] . '/index.php?task=validate&id=' . $userid . '&code=' . $passwordpro; SendEmail($data, 'validate_email'); echo EMAIL4; // Email sent message } } } } else {
<?php echo '<ul>'; $sql = mysql_query("SELECT * FROM ava_users ORDER BY id desc LIMIT 10"); while ($row = mysql_fetch_array($sql)) { $url = ProfileUrl($row['id'], $row['seo_url']); echo '<li><a href="' . $setting['site_url'] . '/' . $url . '">' . $row['username'] . '</a></li>'; } echo '</ul>';
$get_game = mysql_fetch_array(mysql_query("SELECT * FROM ava_games WHERE id=" . $report['link_id'])); $game_url = GameUrl($get_game['id'], $get_game['seo_url'], $get_game['category_id']); } elseif ($report['type'] == 2 || $report['type'] == 3) { if ($report['type'] == 2) { $get_comment = mysql_fetch_array(mysql_query("SELECT * FROM ava_comments WHERE id=" . $report['link_id'])); $get_game = mysql_fetch_array(mysql_query("SELECT * FROM ava_games WHERE id=" . $get_comment['link_id'])); $name = '<a href="' . GameUrl($get_game['id'], $get_game['seo_url'], $get_game['category_id']) . '#comment' . $get_comment['id'] . '"/>' . $get_game['name'] . '</a>'; } else { $get_comment = mysql_fetch_array(mysql_query("SELECT * FROM ava_news_comments WHERE id=" . $report['link_id'])); $get_news = mysql_fetch_array(mysql_query("SELECT * FROM ava_news WHERE id=" . $get_comment['link_id'])); $name = '<a href="' . NewsUrl($get_news['id'], $get_news['seo_url']) . '#comment' . $get_comment['id'] . '"/>' . $get_news['title'] . '</a>'; } $get_comment_user = mysql_fetch_array(mysql_query("SELECT * FROM ava_users WHERE id=" . $get_comment['user'])); } elseif ($report['type'] == 5) { $get_reported_user = mysql_fetch_array(mysql_query("SELECT * FROM ava_users WHERE id=" . $report['link_id'])); $reported_user_url = ProfileUrl($get_reported_user['id'], $get_reported_user['seo_url']); } elseif ($report['type'] == 6) { $get_pm = mysql_fetch_array(mysql_query("SELECT * FROM ava_messages WHERE id=" . $report['link_id'])); $get_pm_user = mysql_fetch_array(mysql_query("SELECT * FROM ava_users WHERE id=" . $get_pm['sender_id'])); } include 'report_item.php'; } if (isset($_GET['id'])) { $total_results = mysql_num_rows(mysql_query("SELECT * FROM ava_reported {$type} AND id <= {$_GET['id']}")); } else { $total_results = mysql_num_rows(mysql_query("SELECT * FROM ava_reported {$type}")); } $total_pages = ceil($total_results / $max_results); if ($total_pages > 1) { echo '<form id="form1" name="form1" method="get" action="manage_reported_ajax.php"> <label>
} else { if (isset($_GET['id'])) { $query = mysql_query("SELECT * FROM ava_users WHERE id <= " . $_GET['id'] . " ORDER BY id DESC LIMIT 30"); } else { $query = mysql_query("SELECT * FROM ava_users ORDER BY id DESC LIMIT {$from}, {$max_results}"); } } } } while ($go = mysql_fetch_array($query)) { if (isset($_GET['id']) && $_GET['id'] == $go['id']) { $class = 'manage_user_extended'; } else { $class = 'manage_item'; } $profile_url = ProfileUrl($go['id'], $go['seo_url']); $user_online = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_usersonline WHERE user_id = {$go['id']}"), 0); if ($user_online == 1) { $user_online_icon = '<img src="images/online.png" style="vertical-align: middle;" title="Online now" />'; } else { $user_online_icon = '<img src="images/offline.png" style="vertical-align: middle;" title="Offline" />'; } echo ' <div id="user-' . $go['id'] . '" class="' . $class . '"><div class="manage_column0">' . $go['id'] . '</div><div class="manage_column">' . $user_online_icon . ' <span id="tuser_name' . $go['id'] . '"> <a href="' . $profile_url . '" class="manage_user">' . $go['username'] . '</a></span></div> <div class="manage_column_useractivity">' . FormatDate($go['last_activity'], 'admin_datetime') . '</div> <div class="manage_column2"><a href="#page=1&ip=' . $go['lastip'] . '">' . $go['lastip'] . '</a></div>'; if ($go['admin'] != 1) { if ($go['banned'] == 0) { echo '<div class="manage_column3" id="banned-image-' . $go['id'] . '"><img src="images/published.png" width="24" height="24" onclick="ToggleBanned(' . $go['id'] . ', 1);"></div>'; } else { echo '<div class="manage_column3" id="banned-image-' . $go['id'] . '"><img src="images/unpublished.png" width="24" height="24" onclick="ToggleBanned(' . $go['id'] . ', 0);"></div>';
$from = $page * $max_results - $max_results; $lb_count = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_leaderboards WHERE game_id = {$id} LIMIT 1"), 0); if ($lb_count != 0) { if (isset($_GET['leaderboard']) && $_GET['leaderboard'] != 'default') { $lb_id = $_GET['leaderboard']; $leaderboard = mysql_query("SELECT * FROM ava_leaderboards WHERE game_id = {$id} AND leaderboard_id = '{$lb_id}'"); } else { $leaderboard = mysql_query("SELECT * FROM ava_leaderboards WHERE game_id = {$id} LIMIT 1"); } $get_leaderboard = mysql_fetch_array($leaderboard); $lb_id = $get_leaderboard['leaderboard_id']; $query = mysql_query("SELECT * FROM ava_highscores WHERE game = {$id} AND leaderboard = '{$get_leaderboard['leaderboard_id']}' ORDER BY score {$get_leaderboard['order_by']} LIMIT {$from}, {$max_results}"); while ($go = mysql_fetch_array($query)) { $hs_user = mysql_fetch_array(mysql_query("SELECT * FROM ava_users WHERE id= {$go['user']}")); $date = FormatDate($go['date'], 'admin_date'); $url = ProfileUrl($hs_user['id'], $hs_user['seo_url']); echo ' <div id="score-' . $go['id'] . '" class="manage_item"><div class="manage_column0">' . $go['id'] . '</div><div id="tgame_name' . $go['id'] . '" class="manage_hs_column_username"><a href="' . $url . '" class="manage_link">' . $hs_user['username'] . '</a></div><div id="tcategory_name' . $go['id'] . '" class="manage_hs_column2">' . $go['score'] . '</div> <div id="tdate' . $go['id'] . '" class="manage_hs_column_date">' . $date . '</div> <div class="manage_column3" id="delete-image-' . $go['id'] . '"><img src="images/delete.png" width="24" height="24" onclick="DeleteScore(' . $go['id'] . ');"></div>'; echo '<div id="edit-score-' . $go['id'] . '" class="edit_game_container">'; echo '</div> </div>'; } $total_results = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_highscores WHERE game = {$id} AND leaderboard = '{$get_leaderboard['leaderboard_id']}'"), 0); $total_pages = ceil($total_results / $max_results); echo '<form id="form1" name="form1" method="get" action="manage_games_ajax.php">'; if ($total_pages > 1) { echo '<label>
if (isset($_GET['scope']) && $_GET['scope'] == 'friends') { $query = mysql_query("SELECT ava_users.*, ava_highscores.score, ava_highscores.date, ava_highscores.id as score_id \n\t\t\tFROM ava_users\n\t\t\tLEFT JOIN ava_friends\n\t\t\tON ava_users.id = ava_friends.user1 AND ava_friends.user2 = {$user_id}\n\t\t\tRIGHT JOIN ava_highscores\n\t\t\tON ava_highscores.user = ava_users.id\n\t\t\tWHERE game = {$id} AND leaderboard = '{$get_leaderboard['leaderboard_id']}' AND (user2 = {$user_id} OR ava_users.id = {$user_id})\n\t\t\tORDER BY score {$get_leaderboard['order_by']} LIMIT {$from}, {$max_results}") or die(mysql_error()); } else { $query = mysql_query("SELECT ava_users.*, ava_highscores.score, ava_highscores.date, ava_highscores.id as score_id \n\t\t\tFROM ava_highscores \n\t\t\tLEFT JOIN ava_users\n\t\t\tON ava_users.id = ava_highscores.user\n\t\t\tWHERE game = {$id} AND leaderboard = '{$get_leaderboard['leaderboard_id']}'\n\t\t\tORDER BY score {$get_leaderboard['order_by']} LIMIT {$from}, {$max_results}"); } echo '<ul class="game_highscore_list"> <li> <div id="game_highscore_header"> <div class="game_highscore_name">' . HIGHSCORE_USER . '</div> <div class="game_highscore_score">' . $get_leaderboard['label'] . '</div> <div class="game_highscore_date">' . HIGHSCORE_DATE . '</div> </div> </li>'; while ($highscore = mysql_fetch_array($query)) { $date = FormatDate($highscore['date'], 'short'); $profile_url = ProfileUrl($highscore['id'], $highscore['seo_url']); $avatar_url = AvatarUrl($highscore['avatar'], $highscore['facebook'], $highscore['facebook_id']); echo '<li> <div class="game_highscore_container" id="game_highscore' . $highscore['score_id'] . '"> <div class="game_highscore_avatar"> <a href="' . $profile_url . '"><img src="' . $avatar_url . '" width="30" height="30"/></a> </div> <div class="game_highscore_name"><a href="' . $profile_url . '">' . $highscore['username'] . '</a></div> <div class="game_highscore_score">' . $highscore['score']; if ($user['admin'] == 1) { echo ' <img src="' . $setting['site_url'] . '/images/smallx.png" title="Delete score" onclick="DeleteHighscore(' . $highscore['score_id'] . ', \'' . $setting['site_url'] . '\');"/>'; } echo '</div> <div class="game_highscore_date">' . $date . '</div> </div> </li>';
<?php if ($user['login_status'] == 1) { $q = mysql_query("SELECT favourites from ava_users WHERE id={$user['id']}"); $favs = mysql_fetch_array($q); if ($favs['favourites'] == '') { echo '<p class="sb_error">' . PROFILE_NO_FAVS . '</p>'; } else { $favourites = substr($favs['favourites'], 2); $sql = mysql_query("SELECT * from ava_games WHERE id IN ({$favourites}) AND published = 1 LIMIT 10"); while ($row = mysql_fetch_array($sql)) { $url = GameUrl($row['id'], $row['seo_url'], $row['category_id']); $name = shortenStr($row['name'], $template['module_max_chars']); if ($setting['module_thumbs'] == 1) { $image_url = GameImageUrl($row['image'], $row['import'], $row['url']); $image = '<img class="sidebar_gamesIMG_list" src="' . $image_url . '" alt="" /> '; } else { $image = ''; } echo '<li><a href="' . $url . '">' . $image . '<span style="float:left; margin: 10px 0 0 0;">' . $name . '</span></a></li>'; } echo '<li class="moreview"><a href="' . ProfileUrl($user['id'], $user['seo_url']) . '">' . FAVOURITES_VIEW_ALL . ' »</a></li>'; } } else { echo '<p class="sb_error">' . FAVOURITES_LOG_IN . '</p>'; }
$page = $_GET['page']; } } $max_results = 30; $from = $page * $max_results - $max_results; $limit = "{$from}, {$max_results}"; $query = mysql_query("\n\tSELECT ava_submissions.*, ava_users.username, ava_users.seo_url FROM ava_submissions \n\tINNER JOIN ava_users\n\tON ava_submissions.user=ava_users.id\n\tORDER BY ava_submissions.id DESC\n\tLIMIT {$limit};"); while ($go = mysql_fetch_array($query)) { $category = mysql_query("SELECT * FROM ava_cats WHERE id=" . $go['category'] . ""); $categorya = mysql_fetch_array($category); if (isset($_GET['id']) && $_GET['id'] == $go['id']) { $class = 'manage_item_extended'; } else { $class = 'mochi_item'; } $user_url = ProfileUrl($go['user'], $go['seo_url']); $height = $go['height'] + 100; echo ' <div id="game-' . $go['id'] . '" class="' . $class . '"> <div class="manage_column0"><a href="' . $go['thumbnail'] . '"><img src="' . $go['thumbnail'] . '" width="40" height="40" /></a></div> <div id="tgame_name' . $go['id'] . '" class="submission_info"> ' . $go['name'] . ' <span class="submittedby">submitted by</span> <a href="' . $user_url . '" class="manage_link">' . $go['username'] . '</a><br /> ' . $go['description'] . ' </div> <div class="mochi_column3" id="edit-image-' . $go['id'] . '"><img src="images/dl.png" width="24" height="24" onclick="Reviewgame(' . $go['id'] . ');"></div> <div class="mochi_column3" id="delete-image-' . $go['id'] . '"><img src="images/delete.png" width="24" height="24" onclick="DeleteAsk(' . $go['id'] . ');"></div>'; if ($go['file'] != '') { echo '<div class="mochi_column3" id="play-icon-' . $go['id'] . '"><img src="images/go.png" width="24" height="24" onclick="PlayGame(' . $go['id'] . ', ' . $height . ');" /></div>'; } else { echo '<div class="mochi_column3" id="play-icon-' . $go['id'] . '"><img src="images/no_go.png" width="24" height="24" title="No game file uploaded" /></div>';
<?php if ($user['login_status'] == 1) { $q = mysql_query("SELECT favourites from ava_users WHERE id={$user['id']}"); $favs = mysql_fetch_array($q); if ($favs['favourites'] == '') { echo '<div class="module_notice">' . PROFILE_NO_FAVS . '</div>'; } else { echo '<ul>'; $favourites = substr($favs['favourites'], 2); $sql = mysql_query("SELECT * from ava_games WHERE id IN ({$favourites}) AND published = 1 LIMIT 10"); while ($row = mysql_fetch_array($sql)) { $url = GameUrl($row['id'], $row['seo_url'], $row['category_id']); $name = shortenStr($row['name'], $template['module_max_chars']); if ($setting['module_thumbs'] == 1) { $image_url = GameImageUrl($row['image'], $row['import'], $row['url']); $image = '<img src="' . $image_url . '" width= 25 height= 25 style="vertical-align: middle;" /> '; } else { $image = ''; } echo '<li>' . $image . '<a href="' . $url . '">' . $name . '</a></li>'; } echo '</ul>'; echo '<div class="more_links"><a href="' . ProfileUrl($user['id'], $user['seo_url']) . '">' . FAVOURITES_VIEW_ALL . ' »</a></div>'; } } else { echo '<div class="module_notice">' . FAVOURITES_LOG_IN . '</div>'; }
</div> <div class="form_element_container"> <div class="form_lable"> <label>Submitter ID</label></div> <div class="form_element"><input class="text_box_id" name="submitter" type="text" id="submitter<?php echo $_POST['id']; ?> " value="<?php echo $values['submitter']; ?> "/> <?php if ($values['submitter'] != 0) { $link_submitter = mysql_fetch_array(mysql_query("SELECT * FROM ava_users WHERE id = {$values['submitter']} LIMIT 1")); echo ' Registered user: <a href="' . ProfileUrl($link_submitter['id'], $link_submitter['seo_url']) . '">' . $link_submitter['username'] . '</a>'; } else { if ($values['submitter'] == 0 && $values['submitter_email'] != '') { echo ' Unregistered user email: <a href="mailto:' . $values['submitter_email'] . '">' . $values['submitter_email'] . '</a>'; } } ?> </div> </div> <input name="id" type="hidden" value="0" id="id<?php echo $_POST['id']; ?> " /> <div class="button_container"><input class="button" name="Submit" type="button" value="Submit" id="submit<?php
function getUser() { global $setting; // Check for login & valid cookie if (isset($_COOKIE["ava_username"])) { $cookie_id = intval($_COOKIE['ava_userid']); $cookie_password = preg_replace("/[^a-z,A-Z,0-9]/", "", $_COOKIE['ava_code']); $sql = mysql_query("SELECT * FROM ava_users WHERE id='{$cookie_id}' AND password='******' LIMIT 1"); $user = mysql_fetch_array($sql); //$login_check = mysql_num_rows($sql); if (!isset($user['username'])) { $info = INVALID_LOGIN1 . ' <a href=' . $setting['site_url'] . '/login.php?action=logout>' . UA_LOGOUT . '</a> ' . INVALID_LOGIN2; if (defined('AVARCADE_')) { include 'includes/misc/login_fail.php'; } exit; } else { if ($user['banned'] == 1) { $info = BANNED_MSG; //if (defined( 'AVARCADE_' )) include 'includes/misc/login_fail.php'; exit; } else { $user['ip'] = secure($_SERVER['REMOTE_ADDR']); $user['login_status'] = 1; if ($user['avatar'] == '') { if ($user['facebook'] == 1) { $user['avatar'] = 'http://graph.facebook.com/' . $user['facebook_id'] . '/picture'; } else { $user['avatar'] = $setting['site_url'] . '/uploads/avatars/default.png'; } } else { $user['avatar'] = $setting['site_url'] . '/uploads/avatars/' . $user['avatar']; } $user['url'] = ProfileUrl($user['id'], $user['seo_url']); } } } else { $user['login_status'] = 0; $user['admin'] = 0; $user['login_link'] = $setting['site_url'] . '/index.php?task=login'; } return $user; }
</div> </div> </div> </div> <!-- end of content left --> <?php if ($user['login_status'] == 1) { ?> <div class="favgamesBOX"> <p class="favgame_title">Your Favorite Games <?php echo '<span style="float:right; font: 12px arial;"> <a href="' . ProfileUrl($user['id'], $user['seo_url']) . '" style="color: #ffffff; text-transform: lowercase; text-decoration:none; background-color: #007293; padding: 5px 10px 5px 10px; -webkit-border-radius: 5px;-moz-border-radius: 5px; border-radius: 5px;">' . FAVOURITES_VIEW_ALL . ' »</a></span></p> '; ?> <?php include './includes/modules/favourites.php'; ?> </div> <?php } ?> <?php include 'footer.php';
echo '<br /><span style="font-size:12px;">The reccommended forum version for AV Arcade ' . $version_no . ' is AV Arcade Forums ' . $forum_rec_version . '</span>'; } } ?> </div> <div class="users_online"> <div class="users_online_title">Registered users online: <strong><?php echo $registered_online; ?> </strong></div> <?php $query = mysql_query("\n\tSELECT ava_users.*\n\tFROM ava_users\n\tINNER JOIN ava_usersonline\n\tON ava_users.id=ava_usersonline.user_id\n\tORDER BY ava_usersonline.time DESC"); while ($online_user = mysql_fetch_array($query)) { $url = ProfileUrl($online_user['id'], $online_user['seo_url']); echo '<a href="' . $url . '">' . $online_user['username'] . '</a> '; } ?> </div> </div><div class="main_column2"> <div class="quick_add_container"> <div class="quick_add_title"> Add a game </div> <?php include 'includes/quick_add_game_form.php'; ?> </div>
$the_comment = mysql_secure($_POST['comment'], 0); $id = intval($_POST['id']); if (isset($_COOKIE["ava_username"])) { $cookie_id = intval($_COOKIE["ava_userid"]); $code = preg_replace("/[^a-z,A-Z,0-9]/", "", $_COOKIE['ava_code']); $last_comment = mysql_query("SELECT last_comment FROM ava_users WHERE id = {$cookie_id} AND last_comment > NOW() - INTERVAL 1 MINUTE"); if (mysql_num_rows($last_comment) == '0') { $user = mysql_query("SELECT * FROM ava_users WHERE id=" . $cookie_id . ""); $user2 = mysql_fetch_array($user); if ($user2['password'] == $code && $user2['banned'] == 0) { $date = date("Y-m-d H:i:s"); mysql_query("INSERT INTO ava_news_comments (user, comment, link_id, date, ip) VALUES ('{$cookie_id}', '{$the_comment}', '{$id}', '{$date}', '{$_SERVER['REMOTE_ADDR']}')"); $comment = array('username' => $user2['username'], 'content' => stripslashes(nl2br(htmlspecialchars($_POST['comment']))), 'user_points' => $user2['points'], 'date' => FormatDate($date, 'time')); $comment['delete'] = ''; $comment['report_button'] = ''; $comment['user_url'] = ProfileUrl($user2['id'], $user2['seo_url']); if ($user2['avatar'] == '') { if ($user2['facebook'] == 1) { $comment['avatar_url'] = 'http://graph.facebook.com/' . $user2['facebook_id'] . '/picture'; } else { $comment['avatar_url'] = $setting['site_url'] . '/uploads/avatars/default.png'; } } else { $comment['avatar_url'] = $setting['site_url'] . '/uploads/avatars/' . $user2['avatar']; } echo '<a name="1"></a>'; include '../../..' . $setting['template_url'] . '/' . $template['news_comment']; mysql_query("UPDATE ava_users SET comments = comments + 1, points = points + {$setting['points_comment']}, last_comment = '{$date}' WHERE id='" . $cookie_id . "'") or die(mysql_error()); } } else { echo '<e1>';
<?php if ($setting['seo_on'] == 0) { $message_url = 'index.php?task=messages'; } else { $message_url = 'messages'; } $url = ProfileUrl($_COOKIE['ava_userid'], seourl($_COOKIE['ava_username'])); if (isset($_COOKIE["ava_username"])) { $new_messages = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_messages WHERE `read` = 0 AND user_id=" . $userid . ""), 0); echo '<b>' . $_COOKIE['ava_username'] . ' logged in</b><br /><a href=' . $setting['site_url'] . '/login.php?action=logout>' . LOGOUT . '</a><br /><a href="' . $setting['site_url'] . '/' . $message_url . '">' . MESSAGES . '</a> (' . $new_messages . ')<br><a href=' . $setting['site_url'] . '/' . $url . '>' . MY_PROFILE . '</a>'; $sql = mysql_query("SELECT * FROM ava_users WHERE id=" . $userid . ""); while ($row = mysql_fetch_array($sql)) { if ($row['admin'] == 1) { echo "<br /><a href=" . $setting['site_url'] . "/admin/>Administration</a>"; } } } else { echo '<div align="center">'; if ($setting['play_limit'] == 1) { if ($setting['plays'] <= $_COOKIE["ava_plays"]) { echo '<strong>' . REGISTER_NOW . '</strong>'; } else { $left = $setting['plays'] - $_COOKIE["ava_plays"]; echo '<strong>' . YOU_HAVE . ' ' . $left . ' ' . YOU_HAVE2 . '</strong>'; } } include 'content/login.php'; }
$page = 1; } else { $page = $_GET['page']; } } $max_results = 40; $from = $page * $max_results - $max_results; if (isset($_GET['s'])) { $query = mysql_query("SELECT * FROM ava_links WHERE description like \"%" . $_GET['s'] . "%\" OR name like \"%" . $_GET['s'] . "%\" OR id like \"%" . $_GET['s'] . "%\" ORDER BY id DESC LIMIT {$from}, {$max_results}"); } else { $query = mysql_query("SELECT * FROM ava_links ORDER BY id DESC LIMIT {$from}, {$max_results}"); } while ($go = mysql_fetch_array($query)) { if ($go['submitter'] != 0) { $link_submitter = mysql_fetch_array(mysql_query("SELECT * FROM ava_users WHERE id = {$go['submitter']} LIMIT 1")); $submitter_link = '<a href="' . ProfileUrl($link_submitter['id'], $link_submitter['seo_url']) . '">' . $link_submitter['username'] . '</a>'; } else { if ($go['submitter_email'] != '') { $submitter_link = '<a href="mailto:' . $go['submitter_email'] . '">' . $go['submitter_email'] . '</a>'; } else { $submitter_link = ''; } } echo ' <div id="link-' . $go['id'] . '" class="manage_item"><div class="manage_column0">' . $go['id'] . '</div><div id="tlink_name' . $go['id'] . '" class="manage_column"><a href="' . $go['url'] . '" class="manage_link">' . $go['name'] . '</a></div><div id="tcategory_name' . $go['id'] . '" class="manage_column2"></div> <div class="manage_column2fixed">' . $go['inbound'] . '</div> <div class="manage_column2fixed">' . $go['outbound'] . '</div> <div class="manage_column_linksubmitter">' . $submitter_link . '</div>
<div align="left"> <div id="treported_name' . $report['id'] . '" class="manage_user_column"> ' . $report['report'] . ' </div> </div> </div>'; } elseif ($report['type'] == 6) { echo ' <div id="reported-' . $report['id'] . '" class="manage_user_item"> <div id="treported_name' . $report['id'] . '" class="username_column"></div> <div id="tcategory_name' . $report['id'] . '" class="manage_column2"></div> <div class="manage_column3" id="bad-report-' . $report['id'] . '"> <img src="images/no.png" width="24" height="24" onclick="DeleteReported(' . $report['id'] . ', 0, ' . $user_id . ');"> </div> <div class="manage_column3" id="good-report-' . $report['id'] . '"> <img src="images/yes.png" width="24" height="24" onclick="DeleteReported(' . $report['id'] . ', 1, ' . $user_id . ');"> </div> <div align="left"> <div id="treported_name' . $report['id'] . '" class="manage_user_column"> <div class="the_report"> <span class="report_title">Report by ' . $report_user . ' (<a href="?task=manage_users#page=1&ip=' . $report['ip'] . '">' . $report['ip'] . '</a>):</span> ' . $report['report'] . ' </div> <div class="the_report_comment"> <span class="report_title">Message from <a href="' . ProfileUrl($get_pm_user['id'], $get_pm_user['seo_url']) . '">' . $get_pm_user['username'] . '</a>:</span> ' . htmlspecialchars($get_pm['message']) . ' </div> </div> </div> </div>'; }