<?php
defined('_VALID') or die('Restricted Access!');
if ($config['photo_module'] == '0') {
die;
}
require $config['BASE_DIR'] . '/classes/filter.class.php';
require $config['BASE_DIR'] . '/include/adodb/adodb.inc.php';
require $config['BASE_DIR'] . '/include/dbconn.php';
require $config['BASE_DIR'] . '/include/compat/json.php';
$data = array('status' => 0, 'msg' => '');
if (isset($_POST['photo_id'])) {
if (isset($_SESSION['uid'])) {
$filter = new VFilter();
$pid = $filter->get('photo_id', 'INTEGER');
$uid = intval($_SESSION['uid']);
$sql = "DELETE FROM photo_favorites WHERE UID = " . $uid . " AND PID = " . $pid . " LIMIT 1";
$conn->execute($sql);
$data['status'] = 1;
$data['msg'] = show_msg_mb($lang['ajax.remove_fav_photo_success']);
} else {
$response = show_err_mb($lang['ajax.remove_fav_photo_login']);
}
} else {
$data['msg'] = 'Invalid request!?';
}
echo json_encode($data);
die;
$code[] = '<div class="m-b--15">';
$code[] = '<div class="row">';
foreach ($videos as $video) {
$code[] = '<div class="col-xs-6 col-sm-3 m-b-15">';
$code[] = '<a href="#attach_my_video_' . $video['VID'] . '" id="attach_media_video_' . $video['VID'] . '"><img src="' . get_thumb_url($video['VID']) . '/1.jpg" alt="' . htmlspecialchars($video['title'], ENT_QUOTES, 'UTF-8') . '" class="img-responsive" /></a>';
$code[] = '</div>';
}
$code[] = '</div>';
$code[] = '</div>';
if ($page_link) {
$code[] = '<div class="visible-xs center m-b--15">';
$code[] = '<ul class="pagination pagination-lg">' . $page_link . '</ul>';
$code[] = '</div>';
$code[] = '<div class="hidden-xs center m-b--15">';
$code[] = '<ul class="pagination">' . $page_link . '</ul>';
$code[] = '</div>';
}
} else {
$code[] = '<div class="no_items">' . $lang['ajax.see_none'] . '</div>';
}
$code[] = '</div>';
$data['status'] = 1;
$data['code'] = implode("\n", $code);
} else {
$data['msg'] = show_err_mb($lang['ajax.video_login']);
}
} else {
$data['msg'] = show_err_mb('Invalid request!');
}
echo json_encode($data);
die;
require $config['BASE_DIR'] . '/include/compat/json.php';
require $config['BASE_DIR'] . '/include/adodb/adodb.inc.php';
require $config['BASE_DIR'] . '/include/dbconn.php';
$data = array('status' => 0, 'msg' => '', 'debug' => '');
if (isset($_POST['item_id']) && isset($_POST['flag_id']) && isset($_POST['message'])) {
$filter = new VFilter();
$game_id = $filter->get('item_id', 'INTEGER');
$flag_id = $filter->get('flag_id');
$flag_message = $filter->get('message');
if (isset($_SESSION['uid'])) {
$uid = intval($_SESSION['uid']);
if ($flag_id == '' or strlen($flag_id) > 14) {
$data['msg'] = show_err_mb($lang['ajax.flag_invalid']);
} else {
$sql = "SELECT GID FROM game_flags WHERE GID = " . $game_id . " AND UID = " . $uid . " LIMIT 1";
$conn->execute($sql);
if ($conn->Affected_Rows() == 1) {
$data['msg'] = show_err_mb($lang['ajax.flag_game_exists']);
} else {
$sql = "INSERT INTO game_flags (GID, UID, reason, message, add_date)\n VALUES (" . $game_id . ", " . $uid . ", '" . mysql_real_escape_string($flag_id) . "',\n '" . mysql_real_escape_string($flag_message) . "', '" . date('Y-m-d') . "')";
$conn->execute($sql);
$data['status'] = 1;
$data['msg'] = show_msg_mb($lang['ajax.flag_game_success']);
}
}
} else {
$data['msg'] = show_err_mb($lang['ajax.flag_game_login']);
}
}
echo json_encode($data);
die;
require $config['BASE_DIR'] . '/classes/filter.class.php';
require $config['BASE_DIR'] . '/include/compat/json.php';
require $config['BASE_DIR'] . '/include/adodb/adodb.inc.php';
require $config['BASE_DIR'] . '/include/dbconn.php';
require $config['BASE_DIR'] . '/include/function_user.php';
$response = array('status' => 0, 'msg' => '', 'debug' => '');
if (isset($_POST['game_id'])) {
if (isset($_SESSION['uid'])) {
$filter = new VFilter();
$gid = $filter->get('game_id', 'INTEGER');
$uid = intval($_SESSION['uid']);
$sql = "SELECT UID FROM game WHERE GID = " . $gid . " LIMIT 1";
$rs = $conn->execute($sql);
if ($conn->Affected_Rows() === 1) {
$game = $rs->getrows();
if ($uid == $game[0][0]) {
deleteGame($gid);
$response['status'] = 1;
$response['msg'] = show_msg_mb($lang['ajax.delete_game_success']);
} else {
$response['msg'] = show_err_mb($lang['ajax.delete_game_failed']);
}
} else {
$response['msg'] = show_err_mb($lang['ajax.delete_game_failed']);
}
} else {
$response['msg'] = show_err_mb($lang['ajax.delete_game_login']);
}
}
echo json_encode($response);
die;
require $config['BASE_DIR'] . '/include/adodb/adodb.inc.php';
require $config['BASE_DIR'] . '/include/dbconn.php';
$data = array('status' => 0, 'msg' => '', 'debug' => '');
if (isset($_POST['item_id']) && isset($_POST['flag_id']) && isset($_POST['message'])) {
$filter = new VFilter();
$photo_id = $filter->get('item_id', 'INTEGER');
$flag_id = $filter->get('flag_id');
$flag_message = $filter->get('message');
if (isset($_SESSION['uid'])) {
$uid = intval($_SESSION['uid']);
if (strlen($flag_id) > 14) {
$data['msg'] = show_err_mb($lang['ajax.flag_invalid']);
} else {
$sql = "SELECT PID FROM photo_flags WHERE PID = " . $photo_id . " AND UID = " . $uid . " LIMIT 1";
$conn->execute($sql);
if ($conn->Affected_Rows() == 1) {
$data['msg'] = show_err_mb($lang['ajax.flag_photo_exists']);
} else {
$sql = "INSERT INTO photo_flags (PID, UID, reason, message, add_date)\n VALUES (" . $photo_id . ", " . $uid . ", '" . mysql_real_escape_string($flag_id) . "',\n '" . mysql_real_escape_string($flag_message) . "', '" . date('Y-m-d') . "')";
$data['debug'] = $sql;
$conn->execute($sql);
$data['status'] = 1;
$data['msg'] = show_msg_mb($lang['ajax.flag_photo_success']);
}
}
} else {
$data['msg'] = show_err_mb($lang['ajax.flag_photo_login']);
}
}
echo json_encode($data);
die;
$sql_add[] = "'" . mysql_real_escape_string($user) . "'";
}
$sql = "SELECT email FROM signup WHERE username in (" . implode(',', $sql_add) . ")";
$rs = $conn->execute($sql);
$users_emails = $rs->getrows();
foreach ($users_emails as $user) {
$emails[] = $user['email'];
}
}
if (!$emails) {
$data['msg'] = show_err_mb($lang['ajax.share_recipient_valid']);
} else {
$sql = "SELECT title FROM game WHERE GID = " . $game_id . " LIMIT 1";
$rs = $conn->execute($sql);
if ($conn->Affected_Rows() == 1) {
$title = $rs->fields['title'];
$url = '<a href="' . $config['BASE_URL'] . '/game/' . $game_id . '/' . prepare_string($title) . '">' . $config['BASE_URL'] . '/game/' . $game_id . '/' . prepare_string($title) . '</a>';
$search = array('{$site_name}', '{$site_title}', '{$sender_name}', '{$message}', '{$baseurl}', '{$game_link}');
$replace = array($config['site_name'], $config['site_title'], $from, $message, $config['BASE_URL'], $url);
$mail = new VMail();
$mail->sendPredefined($emails, 'share_game', $search, $replace);
$data['status'] = 1;
$data['msg'] = show_msg_mb($lang['ajax.share_success']);
} else {
$data['msg'] = show_err_mb($lang['ajax.share_game_failed']);
}
}
}
}
echo json_encode($data);
die;
$caption = $rs->fields['caption'];
$url = $config['BASE_URL'] . '/photo/' . $photo_id . '/' . clean($caption);
$sql = "SELECT email_subject, email_path FROM emailinfo\n WHERE email_id = 'share_photo' LIMIT 1";
$rs = $conn->execute($sql);
$email_subject = str_replace('{$sender_name}', $from, $rs->fields['email_subject']);
$email_path = $config['BASE_DIR'] . '/templates/' . $rs->fields['email_path'];
$body = VFile::read($email_path);
$body = str_replace('{$site_name}', $config['site_name'], $body);
$body = str_replace('{$photo_link}', $url, $body);
$body = str_replace('{$sender_name}', $from, $body);
$body = str_replace('{$message}', $message, $body);
$mail = new VMail();
$mail->setNoReply();
$mail->Subject = $email_subject;
$mail->AltBody = $body;
$mail->Body = nl2br($body);
foreach ($emails as $email) {
$mail->AddAddress($email);
$mail->Send();
$mail->ClearAddresses();
}
$data['status'] = 1;
$data['msg'] = show_msg_mb($lang['ajax.share_success']);
} else {
$data['msg'] = show_err_mb($lang['ajax.share_photo_failed']);
}
}
}
}
echo json_encode($data);
die;
<?php
defined('_VALID') or die('Restricted Access!');
require $config['BASE_DIR'] . '/classes/filter.class.php';
require $config['BASE_DIR'] . '/include/adodb/adodb.inc.php';
require $config['BASE_DIR'] . '/include/dbconn.php';
require $config['BASE_DIR'] . '/include/compat/json.php';
$data = array('status' => 0, 'msg' => '');
if (isset($_POST['game_id'])) {
if (isset($_SESSION['uid'])) {
$filter = new VFilter();
$gid = $filter->get('game_id', 'INTEGER');
$uid = intval($_SESSION['uid']);
$sql = "DELETE FROM game_favorites WHERE UID = " . $uid . " AND GID = " . $gid . " LIMIT 1";
$conn->execute($sql);
$data['status'] = 1;
$data['msg'] = show_msg_mb($lang['ajax.remove_fav_game_success']);
} else {
$data['msg'] = show_err_mb($lang['ajax.remove_fav_game_login']);
}
}
echo json_encode($data);
die;
<?php
defined('_VALID') or die('Restricted Access!');
require $config['BASE_DIR'] . '/classes/filter.class.php';
require $config['BASE_DIR'] . '/include/adodb/adodb.inc.php';
require $config['BASE_DIR'] . '/include/dbconn.php';
require $config['BASE_DIR'] . '/include/compat/json.php';
$data = array('status' => 0, 'msg' => '');
if (isset($_POST['video_id'])) {
if (isset($_SESSION['uid'])) {
$filter = new VFilter();
$vid = $filter->get('video_id', 'INTEGER');
$uid = intval($_SESSION['uid']);
$sql = "DELETE FROM playlist WHERE UID = " . $uid . " AND VID = " . $vid . " LIMIT 1";
$conn->execute($sql);
$data['status'] = 1;
$data['msg'] = show_msg_mb($lang['ajax.remove_playlist_success']);
} else {
$data['msg'] = show_err_mb($lang['ajax.remove_playlist_login']);
}
}
echo json_encode($data);
die;