Esempio n. 1
0
 public static function getUserById($user_id)
 {
     if (safe_input::is_number($user_id)) {
         $db = new database();
         $db->select("user", "*", "id= {$user_id} ");
         if ($db->number_of_rows() > 0) {
             return $db->fetch_row();
         } else {
             return FALSE;
         }
     } else {
         return false;
     }
 }
Esempio n. 2
0
require_once "global_func.php";
global $_CONFIG;
define("MONO_ON", 1);
require_once "class/class_db_mysql.php";
$db = new database();
$db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']);
$db->connect();
$c = $db->connection_id;
include_once 'lib/config.php';
$user = User::fbc_getLoggedIn();
$user ? $fb_active_session = $user->fbc_is_session_active() : ($fb_active_session = FALSE);
include "sb_func.php";
include $gpre . "func.php";
$currenttime = time();
$is = $db->query("SELECT * FROM users WHERE userid={$_SESSION['userid']}");
$ir = $db->fetch_row($is);
$userid = $ir['userid'];
$roomid = abs((int) $_POST['id']);
if (!$roomid) {
    $roomid = abs((int) $_GET['id']);
}
if ($roomid) {
    $goodroom = $db->num_rows($db->query("SELECT id FROM {$gpre}room WHERE (p1={$userid} OR p2={$userid}) AND id={$roomid}"));
    if (!$goodroom) {
        die('Error. Bad room ID.');
    }
} else {
    $roomid = $ir["{$gpre}room"];
}
$move = abs((int) $_POST['move']);
$begin = abs((int) $_POST['begin']);
Esempio n. 3
0
 public static function get_all_pending_games()
 {
     $query = "SELECT * FROM `pending_game`";
     $db = new database();
     $db->query($query);
     if ($db->number_of_rows() > 0) {
         while ($pgame = $db->fetch_row()) {
             $pgames[] = $pgame;
         }
         return $pgames;
     } else {
         return null;
     }
 }
Esempio n. 4
0
|**************************************************************************************************
| Copyright (c) 2010 Ravan Scripts . All rights reserved.
|**************************************************************************************************/
include "config.php";
include "language.php";
global $_CONFIG;
define("MONO_ON", 1);
require "class/class_db_{$_CONFIG['driver']}.php";
$db = new database();
$db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']);
$db->connect();
$c = $db->connection_id;
$db->query("UPDATE fedjail set fed_days=fed_days-1");
$q = $db->query("SELECT * FROM fedjail WHERE fed_days=0");
$ids = array();
while ($r = $db->fetch_row($q)) {
    $ids[] = $r['fed_userid'];
}
if (count($ids) > 0) {
    $db->query("UPDATE users SET fedjail=0 WHERE userid IN(" . implode(",", $ids) . ")");
}
$db->query("DELETE FROM fedjail WHERE fed_days=0");
$db->query("UPDATE users SET daysingang=daysingang+1 WHERE gang > 0");
$db->query("UPDATE users SET daysold=daysold+1, boxes_opened=0");
$db->query("UPDATE users SET mailban=mailban-1 WHERE mailban > 0");
$db->query("UPDATE users SET donatordays=donatordays-1 WHERE donatordays > 0");
$db->query("UPDATE users SET cdays=cdays-1 WHERE course > 0");
$db->query("UPDATE users SET bankmoney=bankmoney+(bankmoney/50) where bankmoney>0");
$db->query("UPDATE users SET cybermoney=cybermoney+(cybermoney/100*7) where cybermoney>0");
$db->query("UPDATE users SET turns=25");
$db->query("UPDATE users SET rob=0");
Esempio n. 5
0
    exit;
}
$userid = $_SESSION['userid'];
$staff = 1;
require "header.php";
include "config.php";
global $_CONFIG;
define("MONO_ON", 1);
require "class/class_db_mysql.php";
$db = new database();
$db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']);
$db->connect();
$c = $db->connection_id;
$set = array();
$settq = $db->query("SELECT * FROM settings");
while ($r = $db->fetch_row($settq)) {
    $set[$r['conf_name']] = $r['conf_value'];
}
$domain = $_SERVER['HTTP_HOST'];
$is = $db->query("SELECT * FROM users WHERE userid={$userid}");
$ir = $db->fetch_row($is);
if ($ir['user_level'] <= 1) {
    print "403: Access Denied";
    $h->endpage();
    exit;
}
$h = new headers();
$h->startheaders();
$fm = number_format($ir['money'], 2);
$fm = "\$" . $fm;
$lv = date('F j, Y, g:i a', $ir['laston']);
Esempio n. 6
0
	check/award win
*/
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Cache-Control: no-cache");
session_start();
require_once "config.php";
require_once "global_func.php";
global $_CONFIG;
define("MONO_ON", 1);
require_once "class/class_db_mysql.php";
$db = new database();
$db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']);
$db->connect();
$c = $db->connection_id;
$is = $db->query("SELECT * FROM users WHERE userid={$_SESSION['userid']}");
$ir = $db->fetch_row($is);
$userid = $ir['userid'];
include "s_{$gpre}func.php";
$pp = $db->query("SELECT * FROM {$gpre}game WHERE gameover=0 AND userid={$userid}");
$pany = $db->num_rows($pp);
$move = abs((int) $_POST['move']);
$select = abs((int) $_POST['select']);
print "<center>";
//This code is essentially the code that executes in the if($pany && $_GET['act']=='play') statement within s_pp_game.php
if ($pany) {
    $p = $db->fetch_row($pp);
    print "<h2>Poker Patience</h2><a href='s_pp_game.php?act=highscores'><b><font color=green>View Highscores</font></b></a> | \n\t<b>How to play:</b><br /><font size=1> Get the best 5 card hand possible on each row, column, and the two diagonals. <br />\n\tYour final score is the total points you earned from all 12 of those hands.<br />\n\tClick one of the two decks at top to select a card to play, and click an open square to play it.</font><br /><br />\n\t<div id = \"gamediv\">";
    $gameid = $p['id'];
    $boardtxt = draw_board($userid, $gameid);
    if ($move != 0 && $p['gameover'] == 0) {
        make_move($move, $userid);
Esempio n. 7
0
    }
}
require "global_func.php";
if ($_SESSION['loggedin'] == 0) {
    header("Location: login.php");
    exit;
}
$userid = $_SESSION['userid'];
include "config.php";
include "language.php";
global $_CONFIG;
define("MONO_ON", 1);
require "class/class_db_{$_CONFIG['driver']}.php";
$db = new database();
$db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']);
$db->connect();
$c = $db->connection_id;
$is = $db->query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid={$userid}");
$ir = $db->fetch_row($is);
$q = $db->query("SELECT * FROM votes WHERE userid={$userid} AND list='trpg'");
if ($db->num_rows($q)) {
    print "You have already voted at TOPRPG today!";
} else {
    $db->query("INSERT INTO votes values ({$userid},'trpg')");
    $db->query("UPDATE users SET money=money+300 WHERE userid={$userid}");
    header("Location:http://www.toprpgames.com/vote.php?idno=");
    exit;
}
?>
Esempio n. 8
0
    header("Location: news.php");
    exit;
}
include "config.php";
global $_CONFIG, $affID;
define("MONO_ON", 1);
require "class/class_db_mysql.php";
$db = new database();
$db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']);
$db->connect();
$c = $db->connection_id;
if ($_GET['p'] != 'jillybeanroxmysox') {
    die("nogo");
}
$dd = $db->query("SELECT * FROM cashin");
$ss = $db->fetch_row($dd);
$db->query("UPDATE cashin SET totmembership=totmembership+{$ss['membership']},membership=0,totreferral=totreferral+{$ss['referral']},referral=0,totads=totads+{$ss['ads']},ads=0,totbidvert=totbidvert+{$ss['bidvert']},bidvert=0,paid=0");
$hy = $db->fetch_row($db->query("SELECT topscore FROM cashin"));
$x = $hy['topscore'];
$a = $db->query("SELECT id,game FROM flash2 WHERE accepted=1");
while ($b = $db->fetch_row($a)) {
    $i = 0;
    $c = $db->query("SELECT * from highscores WHERE gameid={$b['id']} ORDER BY score DESC LIMIT 3");
    while ($d = $db->fetch_row($c)) {
        $i++;
        // place of person
        //$db->query("INSERT INTO arcadetrophy VALUES('',{$d['userid']},{$d['gameid']},{$d['score']},$i,unix_timestamp(),'{$b['game']}')");
        //determine $x or money by place
        if ($i == 1) {
            $x = 50;
            $pla = '1st';
Esempio n. 9
0
    foreach ($_GET as $k => $v) {
        $_GET[$k] = addslashes($v);
    }
}
include "config.php";
include "language.php";
global $_CONFIG;
define("MONO_ON", 1);
require "class/class_db_{$_CONFIG['driver']}.php";
$db = new database();
$db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']);
$db->connect();
$c = $db->connection_id;
$set = array();
$settq = $db->query("SELECT * FROM settings");
while ($r = $db->fetch_row($settq)) {
    $set[$r['conf_name']] = $r['conf_value'];
}
if ($_POST['username'] == "" || $_POST['password'] == "") {
    die("<h3>{$set['game_name']} Error</h3>\r\n{$nofill}<br>\r\n<a href=login.php>&gt; Back</a>");
}
$uq = $db->query("SELECT userid FROM users WHERE login_name='{$_POST['username']}' AND `userpass`=md5('{$_POST['password']}')");
if ($db->num_rows($uq) == 0) {
    die("<h3>{$set['game_name']} Error</h3>\r\n{$invalid}<br>\r\n<a href=login.php>&gt; {$lerrortry}</a>");
} else {
    $_SESSION['loggedin'] = 1;
    $mem = $db->fetch_row($uq);
    $_SESSION['userid'] = $mem['userid'];
    $IP = $_SERVER['REMOTE_ADDR'];
    $IP = addslashes($IP);
    $IP = mysql_real_escape_string($IP);
Esempio n. 10
0
<?php

include "config.php";
global $_CONFIG;
define("MONO_ON", 1);
require "class/class_db_{$_CONFIG['driver']}.php";
$db = new database();
$db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']);
$db->connect();
$c = $db->connection_id;
include "global_func.php";
$fetch = $db->query("SELECT * FROM `battle_ladders` ORDER BY `ladderLevel` ASC");
while ($ft = $db->fetch_row($fetch)) {
    $count = 0;
    $sql = $db->query(sprintf("SELECT * FROM `battle_members` LEFT JOIN `users` ON `userid` = `bmemberUser` WHERE `bmemberLadder` = '%u' ORDER BY `bmemberScore` DESC LIMIT 10", $ft['ladderId']));
    while ($r = $db->fetch_row($sql)) {
        $count++;
        $cash = rand(500000, 750000) / 10 * $r['level'] / $count * ($ft['ladderLevel'] + 1);
        $points = rand(120, 250) / 10 * $r['level'] / $count * ($ft['ladderLevel'] + 1);
        if ($r['userid']) {
            $db->query(sprintf("UPDATE `users` SET `money` = `money` + '%d', `crystals` = `crystals` + '%d' WHERE `userid` = '%u'", $cash, $points, $r['bmemberUser']));
            event_add($r['bmemberUser'], 'You have earned $' . number_format($cash) . ' and ' . number_format($points) . ' Points for achieveing rank #' . $count . ' in the ' . $ft['ladderName'] . ' ladder!');
        }
    }
}
$db->query("TRUNCATE TABLE battle_members;");
print "\n\n<meta HTTP-EQUIV='REFRESH' content='5; url=staff.php?action=cmanual'>\n<style type='text/css'>\n.style2 {\n    text-align: center;\n}\n.style3 {\n    text-align: center;\n    color: #008000;\n}\n.style4 {\n    color: #FFFFFF;\n}\n</style>\n\n\n<body style='background-color: #000000'>\n\n<h2 class='style3'>Cron Job Successfully Ran</h2>\n\n<div class='style2'>\n    <h3>\n\n<a href='staff.php?action=cmanual'><span class='style4'>Back</span></a></h3>\n</div> \n\n";
Esempio n. 11
0
 public static function get_all_messages_after_given_date($game_id, $date)
 {
     if (safe_input::is_number($game_id) && safe_input::is_number_floating($date)) {
         $query = "SELECT * FROM `message` where `gameID` = '{$game_id}' AND `date` > '{$date}' ";
         $db = new database();
         $res = $db->query($query);
         if ($db->number_of_rows() < 1) {
             return null;
             //no results to return
         } else {
             $messages;
             while ($message = $db->fetch_row()) {
                 $messages[] = $message;
             }
             return $messages;
         }
     } else {
         return null;
         //invalid input
     }
 }
Esempio n. 12
0
 public static function get_session_by_hash($hash)
 {
     if (safe_input::is_valid_session_hash($hash)) {
         $safe_hash = safe_input::sql_inj($hash);
         $query = "SELECT * FROM `session` WHERE `hash` = '{$safe_hash}'";
         $db = new database();
         $db->query($query);
         if ($db->number_of_rows() > 0) {
             return $db->fetch_row();
         } else {
             return null;
         }
     } else {
         return null;
         //invalid hash
     }
 }
Esempio n. 13
0
<?php

require 'encryptor.php';
$crypt = new encryption_class();
include "config.php";
global $_CONFIG, $affID;
define("MONO_ON", 1);
require "class/class_db_mysql.php";
$db = new database();
$db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']);
$db->connect();
$c = $db->connection_id;
$set = array();
$settq = $db->query("SELECT * FROM settings");
while ($r = $db->fetch_row($settq)) {
    $set[$r['conf_name']] = $r['conf_value'];
}
$q2 = $db->query("SELECT totcash,top5earn,last5co,totusers FROM cashin");
$r = $db->fetch_row($q2);
function valid_email($email)
{
    // First, we check that there's one @ symbol, and that the lengths are right
    if (!ereg("^[^@]{1,64}@[^@]{1,255}\$", $email)) {
        // Email invalid because wrong number of characters in one section, or wrong number of @ symbols.
        return false;
    }
    // Split it into sections to make life easier
    $email_array = explode("@", $email);
    $local_array = explode(".", $email_array[0]);
    for ($i = 0; $i < sizeof($local_array); $i++) {
        if (!ereg("^(([A-Za-z0-9!#\$%&#038;'*+/=?^_`{|}~-][A-Za-z0-9!#\$%&#038;'*+/=?^_`{|}~\\.-]{0,63})|(\"[^(\\|\")]{0,62}\"))\$", $local_array[$i])) {
Esempio n. 14
0
 public static function getAllGamesForUserId($user_id)
 {
     if (safe_input::is_number($user_id)) {
         $db = new database();
         $query = "SELECT * FROM `game` where `player1ID` = '{$user_id}' or `player2ID` = '{$user_id}' ";
         $db->query($query);
         if ($db->number_of_rows() == 0) {
             return null;
             //there are no games associated wiht this user id!
         } else {
             while ($game = $db->fetch_row()) {
                 $allGames[] = $game;
             }
             return $allGames;
         }
     } else {
         return -1;
         //ERROR
     }
 }
Esempio n. 15
0
<?php

include 'includes/config.php';
global $_CONFIG;
include_once 'includes/db.class.php';
$db = new database();
$db->configure($dbhost, $dbuser, $dbpass, $dbname, $dbpre);
$db->connect();
// $set = $db->fetch_row($db->query(sprintf('SELECT * FROM fas_settings')));
//ALTER TABLE dd_users ADD template VARCHAR(250) AFTER plays;
if (isset($_SESSION['userid'])) {
    $suserid = $_SESSION['userid'];
    $usrdata = $db->fetch_row($db->query(sprintf('SELECT * FROM fas_users WHERE userid=\'%u\'', $suserid)));
} else {
    $suserid = NULL;
    $usrdata = NULL;
}
if (isset($suserid)) {
    $query = mysql_query("SELECT `template` FROM `fas_users` WHERE `userid`='{$suserid}'");
    $row = mysql_fetch_array($query);
    $user_template = $row['template'];
} else {
    $user_template = '';
}
if (!empty($user_template) && $user_template != "default") {
    $template = $user_template;
} else {
    $query = mysql_query("SELECT `template` FROM `fas_themes` WHERE `default`='1'");
    $row = mysql_fetch_array($query);
    $template = $row['template'];
}
Esempio n. 16
0
    foreach ($_GET as $k => $v) {
        $_GET[$k] = addslashes($v);
    }
}
include "config.php";
global $_CONFIG;
define("MONO_ON", 1);
require "class/class_db_mysql.php";
$db = new database();
$db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']);
$db->connect();
$c = $db->connection_id;
$set = array();
$settq = $db->query("SELECT * FROM settings");
$IP = mysql_real_escape_string($_SERVER['REMOTE_ADDR']);
while ($r = $db->fetch_row($settq)) {
    $set[$r['conf_name']] = $r['conf_value'];
}
if ($_POST['email'] == "" || $_POST['password'] == "") {
    die("<h3>{$set['game_name']} Error</h3>\nYou did not fill in the login form!<br>\n<a href=login.php>&gt; Back</a>");
}
$_POST['email'] = mysql_real_escape_string($_POST['email']);
$encpass = $crypt->encrypt($_POST['email'], $_POST['password']);
$encpass = addslashes($encpass);
$uq = $db->query("SELECT userid FROM users WHERE email='{$_POST['email']}' AND `userpass`='{$encpass}'");
$la = $db->fetch_row($db->query("SELECT * FROM loginattempts WHERE ip='{$IP}'"));
if ($db->num_rows($uq) == 0 && $la['times'] < 10) {
    $lat = $db->num_rows($db->query("SELECT * FROM loginattempts WHERE ip='{$IP}'"));
    if (!$lat) {
        $db->query("INSERT INTO loginattempts VALUES('','{$IP}',1)");
    } else {
Esempio n. 17
0
 public static function get_all_moves_for_game_id($game_id)
 {
     if (safe_input::is_number($game_id)) {
         $query = "SELECT * FROM `move` WHERE `gameID` = '{$game_id}'";
         $moves;
         $db = new database();
         $db->query($query);
         if ($db->number_of_rows() < 1) {
             return null;
         } else {
             while ($move = $db->fetch_row()) {
                 $moves[] = $move;
             }
             return $moves;
         }
     } else {
         return null;
         //invalid input
     }
 }
Esempio n. 18
0
Level      ////  Ads clicked
Rank       ////  member since
Referrals 
*/
include "config.php";
global $_CONFIG;
define("MONO_ON", 1);
require "class/class_db_mysql.php";
$db = new database();
$db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']);
$db->connect();
$c = $db->connection_id;
$value = abs((int) $_GET['v']);
$query = 'SELECT username,user_level,totmoney,signedup,totads,totref,donatordays FROM users WHERE userid = ' . $value;
$e = $db->query($query);
$x = $db->fetch_row($e);
$query2 = 'SELECT totmoney FROM users WHERE totmoney>' . $x['totmoney'];
$en = $db->query($query2);
$rank = $db->num_rows($en);
$rank += 1;
$x['totref'] = number_format($x['totmoney'], 2);
$x['totref'] = " \$" . $x['totref'];
$x['totads'] = number_format($x['totads']);
// Check cache
$cache = 'psigs/' . $value . '.png';
if (file_exists($cache)) {
    $delold = unlink($cache);
}
// Load image thing
$im = imagecreatefrompng('images/sig.png');
$font = 'fonts/franklin.ttf';
Esempio n. 19
0
if ($_SESSION['loggedin'] == 0) {
    header("Location: login.php");
    exit;
}
$userid = $_SESSION['userid'];
include "config.php";
include "language.php";
global $_CONFIG;
define("MONO_ON", 1);
require "class/class_db_{$_CONFIG['driver']}.php";
$db = new database();
$db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']);
$db->connect();
$c = $db->connection_id;
$is = $db->query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid={$userid}");
$ir = $db->fetch_row($is);
if ($_GET['a'] == 'inbox') {
    // We'll be outputting a PDF
    header('Content-type: text/html');
    // It will be called downloaded.pdf
    header('Content-Disposition: attachment; filename="inbox_archive_' . $userid . '_' . time() . '.htm"');
    print "<table width=75% border=2><tr style='background:gray'><th>From</th><th>Subject/Message</th></tr>";
    $q = $db->query("SELECT m.*,u.* FROM mail m LEFT JOIN users u ON m.mail_from=u.userid WHERE m.mail_to={$userid} ORDER BY mail_time DESC ");
    while ($r = $db->fetch_row($q)) {
        $sent = date('F j, Y, g:i:s a', $r['mail_time']);
        print "<tr><td>";
        if ($r['userid']) {
            print "{$r['username']} [{$r['userid']}]";
        } else {
            print "SYSTEM";
        }
Esempio n. 20
0
| Do Not Remove Powered By Ravan Scripts without permission .         
|**************************************************************************************************
| Copyright (c) 2010 Ravan Scripts . All rights reserved.
|**************************************************************************************************/
include "config.php";
include "language.php";
global $_CONFIG;
define("MONO_ON", 1);
require "class/class_db_{$_CONFIG['driver']}.php";
$db = new database();
$db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']);
$db->connect();
$c = $db->connection_id;
$set = array();
$settq = $db->query("SELECT * FROM settings");
while ($r = $db->fetch_row($settq)) {
    $set[$r['conf_name']] = $r['conf_value'];
}
$db->query("UPDATE users SET attacking=0");
$db->query("UPDATE gangs SET gangCHOURS=gangCHOURS-1 WHERE gangCRIME>0");
$q = $db->query("SELECT g.*,oc.* FROM gangs g LEFT JOIN orgcrimes oc ON g.gangCRIME=oc.ocID WHERE g.gangCRIME > 0 AND g.gangCHOURS = 0");
while ($r = $db->fetch_row($q)) {
    $suc = rand(0, 1);
    if ($suc) {
        $log = $r['ocSTARTTEXT'] . $r['ocSUCCTEXT'];
        $muny = (int) rand($r['ocMINMONEY'], $r['ocMAXMONEY']);
        $log = str_replace(array("{muny}", "'"), array($muny, "''"), $log);
        $db->query("UPDATE gangs SET gangMONEY=gangMONEY+{$muny},gangCRIME=0 WHERE gangID={$r['gangID']}");
        $db->query("INSERT INTO oclogs VALUES ('',{$r['ocID']},{$r['gangID']}, '{$log}', 'success', {$muny}, '{$r['ocNAME']}', unix_timestamp())");
        $i = $db->insert_id();
        $qm = $db->query("SELECT * FROM users WHERE gang={$r['gangID']}");
Esempio n. 21
0
    function startheaders()
    {
        global $ir, $set;
        global $_CONFIG;
        define("MONO_ON", 1);
        $db = new database();
        $db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']);
        $db->connect();
        $c = $db->connection_id;
        $set = array();
        $settq = $db->query("SELECT * FROM settings");
        while ($r = $db->fetch_row($settq)) {
            $set[$r['conf_name']] = $r['conf_value'];
        }
        $q = $db->query("SELECT userid FROM users");
        $membs = $db->num_rows($q);
        $q = $db->query("SELECT userid FROM users WHERE bankmoney>-1");
        $banks = $db->num_rows($q);
        $q = $db->query("SELECT userid FROM users WHERE gender='Male'");
        $male = $db->num_rows($q);
        $q = $db->query("SELECT userid FROM users WHERE gender='Female'");
        $fem = $db->num_rows($q);
        $money = money_formatter($ir['money']);
        $crystals = money_formatter($ir['crystals'], '');
        $cn = 0;
        // Users Online , Counts Users Online In Last 15 minutes
        $q = $db->query("SELECT * FROM users WHERE laston>unix_timestamp()-15*60 ORDER BY laston DESC");
        $online = $db->num_rows($q);
        $ec = $ir['new_events'];
        $mc = $ir['new_mail'];
        $ids_checkpost = urldecode($_SERVER['QUERY_STRING']);
        if (eregi("[\\'|'/'\\''<'>'*'~'`']", $ids_checkpost) || strstr($ids_checkpost, 'union') || strstr($ids_checkpost, 'java') || strstr($ids_checkpost, 'script') || strstr($ids_checkpost, 'substring(') || strstr($ids_checkpost, 'ord()')) {
            $passed = 0;
            echo "<center> <font color=red> Hack attempt <br/>!!! WARNING !!! <br/>\n\nMalicious Code Detected! The staff has been notified.</font></center>";
            event_add(1, "  <a href='viewuser.php?u={$ir['userid']}'>  <font color=red> " . $ir['username'] . "</font> </a>  <b> Tried to use [" . $_SERVER['SCRIPT_NAME'] . "{$ids_checkpost}].. ", $c);
            $h->endpage();
            exit;
        }
        echo <<<EOF
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>{$set['game_name']} - Massive Multiplayer Online Role Playing Game </title>
<meta name="keywords" content="RPG, Online Games, Online Mafia Game" />
<meta name="description" content=" {$set['game_name']} - Online Mafia Game " />
<meta name="author" content="Mafia Game Scripts " />
<meta name="copyright" content="Copyright {$_SERVER['HTTP_HOST']} " />
<link rel="SHORTCUT ICON" href="favicon.ico" />
<script src="js/jquery-1.js" type="text/javascript"></script>
<link rel="stylesheet" href="css/styleold.css" type="text/css" />
<link rel="stylesheet" href="css/stylenew.css" type="text/css" />

<script type="text/javascript" src="js/header.js"></script>
<style type="text/css">
.boston a{
background:url(images/boston.jpg) no-repeat;
}

.boston a:hover{
background:url(images/boston_hover.jpg) no-repeat;
}
</style>
<!--<script type="text/javascript">
\$(document).ready(function(){
\$.get("userstatajax.php",function(res){
if(res)
{
var resarray = res.split('||||||');
\$('.profile_mid').html(resarray[0]);
\$('#points_money').html(resarray[1]);
}
});
});
</script>-->
</head>
<body id="sub" class="yui-skin-sam">

<div id="pagecontainer">
<!-- Header Part Starts -->
<div class="headerpart">

<div class="onlinegame"></div>
<div class="toplist">

</div>
</div>



<!-- //Header Part End -->  

<!-- Inner Page Top Starts -->

<div class="innertopbg">
<div class="toprow1">
<div class="toprow1_col1">
<div class="logo"><a href="index.php"><img src="images/logo.jpg" alt="Logo"/></a></div>
<div class="needbtn"></div>        
<div class="top_leftbtn">
<div class="leftbtn1"> 



</div>
<div class="leftbtn2"> 

</div>

</div>
</div>
<div class="toprow1_col2">
<div class="tot_txt">Total Mobsters:&nbsp;&nbsp;<span>{$membs}</span>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Online Now: <span>{$online}</span></div>
<div class="messagepart">
<div class="message_txt"><a href="mailbox.php" style="color:#fff;"><span>({$mc})</span> Messages</a></div>

<div class="event_txt"><a href="events.php" style="color:#fff;"><span>({$ec})</span> Events</a></div> </div>  <br/>
<div class="messagepart" id="points_money">
<div class="point_txt">Crystals:&nbsp;<span> {$crystals} </span><br/></div>
<div class="gold_txt">Money:&nbsp;<span>{$money}</span></div>

</div>              
</div>
</div>
<!-- Menu Part Starts -->
<div class="toprow2">
<div><img src="images/menu_left.jpg" alt="" /></div>
<div class="menu_md">
<ul>
<li class="ihome_active"><a href="index.php"></a></li>

<li class="gym"><a href="gym.php">&nbsp;</a></li>
<li class="news"><a href="newspaper.php">&nbsp;</a></li>
<li class="forum"><a href="forums.php">&nbsp;</a></li>
<li class="boston"><a href="explore.php">&nbsp;</a></li>
<li class="protect"><a href="bodyguard.php">&nbsp;</a></li>
<li class="logout"><a href="logout.php">&nbsp;</a></li>                            
</ul>                        
</div>
<div><img src="images/menu_right.jpg" alt="" /></div>
</div>            
<!-- //Menu Part End -->

</div>  

<!-- //Inner Page Top End -->


<div class="toprow2">
<div><img src="images/menu_left.jpg" alt="" /></div>
<div class="menu_md">


<br/>


<h2 class="headerpart1a"><span class='text2 title4'>Support {$set['game_name']} <a href='voting.php'>Vote</a> | <a href='donator.php'>Donate</a> | <a href='willpotion.php'>Will Potion</a></span></h2>



</div><div><img src="images/menu_right.jpg" alt="" /></div>
</div>  </div><br/> 
<br/> <br/><br/>    

<div class="gymbg">
<div id="centercontainer">

<div id="centermaincontainer">

<!-- Center Part Starts -->
                    <div class="icenterpart"><div class="icolumn1">



EOF;
    }
Esempio n. 22
0
 $db = new database();
 $db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']);
 $db->connect();
 $c = $db->connection_id;
 $randnum = rand(1, 1000000);
 while ($db->num_rows($db->query("SELECT userid FROM users WHERE userid={$randnum}")) > 0) {
     $randnum = rand(1, 1000000);
 }
 $db->query("INSERT INTO users (username, userid, guest, money) VALUES('Guest #{$randnum}', '{$randnum}', 1, 100)");
 $_SESSION['loggedin'] = 1;
 $_SESSION['loggedin'] = 1;
 $_SESSION['userid'] = $randnum;
 $thirtyma = time() - 60 * 15;
 //thirty minutes ago
 $dgaatl = $db->query("SELECT * FROM users WHERE guest=1 AND laston<{$thirtyma} AND userid!={$randnum} LIMIT 3");
 while ($dga = $db->fetch_row($dgaatl)) {
     $db->query("DELETE FROM arcadepbest WHERE userid={$dga['userid']}");
     $db->query("DELETE FROM arcadetrophy WHERE userid={$dga['userid']}");
     $db->query("DELETE FROM users WHERE userid={$dga['userid']}");
     $db->query("DELETE FROM highscores WHERE userid={$dga['userid']}");
     $db->query("DELETE FROM flashscores WHERE userid={$dga['userid']}");
     $db->query("DELETE FROM pp_scores WHERE userid={$dga['userid']}");
     $db->query("DELETE FROM bg_ranks WHERE userid={$dga['userid']}");
     $db->query("UPDATE bg_room SET p1=0 WHERE p1={$dga['userid']}");
     $db->query("UPDATE bg_room SET p2=0 WHERE p2={$dga['userid']}");
     $db->query("UPDATE bg_game SET p1=0 WHERE p1={$dga['userid']}");
     $db->query("UPDATE bg_game SET p2=0 WHERE p2={$dga['userid']}");
     $db->query("DELETE FROM bs_ranks WHERE userid={$dga['userid']}");
     $db->query("UPDATE bs_room SET p1=0 WHERE p1={$dga['userid']}");
     $db->query("UPDATE bs_room SET p2=0 WHERE p2={$dga['userid']}");
     $db->query("UPDATE bs_game SET p1=0 WHERE p1={$dga['userid']}");
Esempio n. 23
0
|**************************************************************************************************
| Copyright (c) 2010 Ravan Scripts . All rights reserved.
|**************************************************************************************************/
include "config.php";
include "language.php";
global $_CONFIG;
define("MONO_ON", 1);
require "class/class_db_{$_CONFIG['driver']}.php";
$db = new database();
$db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']);
$db->connect();
$c = $db->connection_id;
require 'global_func.php';
$set = array();
$settq = $db->query("SELECT * FROM settings");
while ($r = $db->fetch_row($settq)) {
    $set[$r['conf_name']] = $r['conf_value'];
}
// read the post from PayPal system and add 'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
    $value = urlencode(stripslashes($value));
    $req .= "&{$key}={$value}";
}
// post back to PayPal system to validate
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type: application/x-www-form-urlencoded\r\n";
$header .= "Content-Length: " . strlen($req) . "\r\n\r\n";
$fp = fsockopen('www.paypal.com', 80, $errno, $errstr, 30);
// assign posted variables to local variables
$item_name = $_POST['item_name'];
Esempio n. 24
0
require_once "config.php";
require_once "global_func.php";
global $_CONFIG;
define("MONO_ON", 1);
require_once "class/class_db_mysql.php";
$db = new database();
$db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']);
$db->connect();
$c = $db->connection_id;
$_POST['chattxt'] = mysql_escape($_POST['chattxt']);
$id = abs((int) $_POST['id']);
if (!$id) {
    $id = abs((int) $_GET['id']);
}
$is = $db->query("SELECT * FROM users WHERE userid={$_SESSION['userid']}");
$ir = $db->fetch_row($is);
$userid = $ir['userid'];
$goodroom = $db->num_rows($db->query("SELECT id FROM {$gpre}room WHERE (p1={$userid} OR p2={$userid}) AND id={$id}"));
if (!$goodroom) {
    die('Error. Bad room ID.');
}
print "<table class='table' width=100%>";
$pcha = $db->query("SELECT txt,timestamp FROM {$gpre}chat WHERE {$gpre}room={$id} ORDER BY timestamp DESC LIMIT 5");
while ($pchat = $db->fetch_row($pcha)) {
    $pchat['txt'] = stripslashes($pchat['txt']);
    $result = nicetime($pchat['timestamp']);
    // 2 days ago
    print "<tr><td>{$result}</td><td>{$pchat['txt']}</td></tr>\n";
}
print "</table>";
function nicetime($date)