Esempio n. 1
0
function getTurns($username)
{
    $waitTimePerTurn = 100;
    $turns = array('time' => null, 'total' => null, 'used' => null, 'remaining' => null);
    if ($username == \libAllure\Session::getUser()->getUsername()) {
        $registerd = \libAllure\Session::getUser()->getData('registered');
    } else {
        global $db;
        $sql = 'SELECT `usedturns`, `registerd` FROM `pfrog_users` WHERE "' . $username . '" LIMIT 1 ';
        $result = $db->query($sql);
        $result = $result->fetchRow();
        $registerd = $result['registerd'];
        $turns['used'] = $result['usedTurns'];
    }
    $now = time();
    $timelapse = $now - $registerd;
    $blocks = $timelapse / $waitTimePerTurn;
    $temp = explode('.', $blocks);
    if (strlen($temp[1]) == 1) {
        $temp[1] = $temp[1] . 0;
    }
    $time_left = $waitTimePerTurn - $temp[1];
    $temp[0] = $temp[0] - $turns['used'];
    $turns['time'] = $time_left;
    $turns['total'] = $blocks;
    $turns['total_turns'] = $blocks;
    $turns['remaining'] = $temp[0];
    return $turns;
}
Esempio n. 2
0
 public static function isEmpty()
 {
     $sql = 'SELECT bi.id FROM basket_items bi WHERE bi.basketOwner = :userId';
     $stmt = DatabaseFactory::getInstance()->prepare($sql);
     $stmt->bindValue(':userId', Session::getUser()->getId());
     $stmt->execute();
     return $stmt->numRows() == 0;
 }
 public function process()
 {
     $event = Events::getById($this->getElementValue('id'));
     Events::setSignupStatus($this->user->getId(), $event['id'], 'SIGNEDUP');
     Events::appendSignupComment($this->user->getId(), $event['id'], 'Forced signup.', Session::getUser()->getUsername());
     logActivity('Forced signup of:' . $this->getElementValue('username') . ' to event: ' . $event['id'] . ' (' . $event['name'] . ')');
     redirect('viewEvent.php?id=' . $event['id'], 'They have been signed up.');
 }
Esempio n. 4
0
 public function process()
 {
     global $db;
     $sql = 'INSERT INTO plugin_shoutbox (user, content) VALUES (:user, :content) ';
     $stmt = $db->prepare($sql);
     $stmt->bindValue(':user', Session::getUser()->getId());
     $stmt->bindValue(':content', $this->getElementValue('shout'));
     $stmt->execute();
 }
 public function process()
 {
     $sql = 'INSERT INTO basket_items (user, event, basketOwner) VALUES (:user, :event, :basketOwner)';
     $stmt = DatabaseFactory::getInstance()->prepare($sql);
     $stmt->bindValue(':user', $this->user->getId());
     $stmt->bindValue(':event', $this->getElementValue('event'));
     $stmt->bindValue(':basketOwner', Session::getUser()->getId());
     $stmt->execute();
 }
Esempio n. 6
0
function getQuadrants()
{
    global $db;
    $sql = 'SELECT q.id, q.name FROM quadrents q WHERE owner = :userId';
    $stmt = $db->prepare($sql);
    $stmt->bindValue(':userId', Session::getUser()->getId());
    $stmt->execute();
    return $stmt->fetchAll();
}
 public function process()
 {
     global $db;
     $sql = 'INSERT INTO news (title, content, author, date) VALUES (:title, :content, :author, now())';
     $stmt = $db->prepare($sql);
     $stmt->bindValue(':title', $this->getElementValue('title'));
     $stmt->bindValue(':content', $this->getElementValue('content'));
     $stmt->bindValue(':author', Session::getUser()->getId());
     $stmt->execute();
 }
function deleteSeatsForUser($eventId, $userId = null)
{
    if (empty($userId)) {
        $userId = Session::getUser()->getId();
    }
    $sql = 'DELETE FROM seatingplan_seat_selections WHERE event = :event AND user = :user ';
    $stmt = DatabaseFactory::getInstance()->prepare($sql);
    $stmt->bindValue(':event', $eventId);
    $stmt->bindValue(':user', $userId);
    $stmt->execute();
}
 public function processNew()
 {
     global $db;
     $sql = 'INSERT INTO page_content (page, content, updatedBy) VALUES (:title, :content, :userId) ';
     $stmt = $db->prepare($sql);
     $stmt->bindValue(':title', $this->getElementValue('title'));
     $stmt->bindValue(':content', $this->getElementValue('content'));
     $stmt->bindValue(':userId', Session::getUser()->getId());
     $stmt->execute();
     logActivity('Content created: ' . $this->getElementValue('title'));
     return true;
 }
function setUserInSeat($eventId, $seatId, $userId = null)
{
    if (empty($userId)) {
        $userId = Session::getUser()->getId();
    }
    logActivity('_u_' . ' selected seat ' . $seatId . ' for event _e_', null, array('user' => $userId, 'event' => $eventId));
    $sql = 'INSERT INTO seatingplan_seat_selections (seat, event, user) VALUES (:seat, :event, :user1) ON DUPLICATE KEY UPDATE user = :user2';
    $stmt = DatabaseFactory::getInstance()->prepare($sql);
    $stmt->bindValue(':seat', $seatId);
    $stmt->bindValue(':event', $eventId);
    $stmt->bindValue(':user1', $userId);
    $stmt->bindValue(':user2', $userId);
    $stmt->execute();
}
Esempio n. 11
0
 public function process()
 {
     if (!empty($_SESSION['userHidden'])) {
         $_SESSION['user'] = $_SESSION['userHidden'];
         $_SESSION['userHidden'] = null;
     } else {
         // Directly manipulate the session to workaround the security restrictions.
         if ($this->user->getId() == Session::getUser()->getId()) {
             return;
         }
         $_SESSION['userHidden'] = $_SESSION['user'];
         $_SESSION['user'] = $this->user;
     }
 }
 private function removeEventsAlreadySignedupFor($events)
 {
     $sql = 'SELECT s.event, s.status FROM signups s WHERE s.user = :user AND s.status != "SIGNEDUP" ';
     $stmt = DatabaseFactory::getInstance()->prepare($sql);
     $stmt->bindValue(':user', Session::getUser()->getId());
     $stmt->execute();
     $eventIds = array();
     foreach ($stmt->fetchAll() as $event) {
         $eventIds[] = $event['event'];
     }
     foreach ($events as $key => $event) {
         if (in_array($event['id'], $eventIds)) {
             unset($events[$key]);
         }
     }
     return $events;
 }
Esempio n. 13
0
 public function process()
 {
     global $db;
     $db->beginTransaction();
     $sql = 'DELETE FROM survey_votes WHERE opt IN (SELECT id FROM survey_options WHERE survey = :survey) AND user = :user ';
     $stmt = $db->prepare($sql);
     $stmt->bindValue(':survey', $this->survey['id']);
     $stmt->bindValue(':user', Session::getUser()->getId());
     $stmt->execute();
     $sql = 'INSERT INTO survey_votes (user, opt) VALUES (:user, :option)';
     $stmt = $db->prepare($sql);
     $count = 0;
     foreach ($this->getElementValue('voteValue') as $vote) {
         if ($count >= $this->survey['count']) {
             break;
         } else {
             $count++;
         }
         $stmt->bindValue(':user', Session::getUser()->getId());
         $stmt->bindValue(':option', $vote);
         $stmt->execute();
     }
     $db->commit();
 }
 private function logSettingChange($settingKey)
 {
     if ($this->settings[$settingKey] != $this->getElementValue($settingKey)) {
         logActivity('Changed site setting: ' . $settingKey, Session::getUser()->getId());
     }
 }
Esempio n. 15
0
     } else {
         echo "You have <strong>" . $result->numRows() . "</strong> slaves. Keep your number of slaves up.";
     }
     break;
 case 'business':
     $result = $db->query("SELECT * FROM inventory WHERE owner = '" . $_SESSION['username'] . "' AND type = 'BUSINESS'");
     if ($result->numRows() <= 0) {
         echo "You've no businesses! Go to the shop, and buy some to start making money!";
         echo "<br /><br /><strong>Overall</strong>: Bad";
     } else {
         echo "You have </strong>" . count_rows($result) . "</strong> businsesses, nice going.";
         echo "<br /><br /><strong>Overall</strong>: Good";
     }
     break;
 case 'financial':
     if (\libAllure\Session::getUser()->getData('gold') <= 0) {
         echo "We are in debt! Try raising some more cash.";
         echo "<br /><br /><strong>Overall</strong>: Bad";
     } else {
         echo "We are not in debt, but make more money!";
         echo "<br /><br /><strong>Overall</strong>: Good";
     }
     break;
 case 'rankings':
     $turns = get_turns($_SESSION['username']);
     $rank = intval($turns['total_turns'] * $user->getData('gold') / 10000);
     if ($rank <= 20) {
         echo "You're rank is only <strong>" . $rank . "</strong>, you aught to try and improve this... Try making more money.";
         echo "<br /><br /><strong>Overall</strong>: Bad";
     } else {
         echo "You've got a rank of <strong>" . $rank . "</strong>, keep going!";
Esempio n. 16
0
 /**
  * FIXME: Check they are actually allowed to set the status.
  */
 public static function setSignupStatus($userId, $eventId, $status)
 {
     global $db;
     $status = strtoupper($status);
     if ($userId != Session::getUser()->getId() && !Session::hasPriv('SIGNUPS_MODIFY')) {
         throw new PermissionException('You may only edit your own signup.');
     }
     if ($status == 'DELETE') {
         self::signupDelete($userId, $eventId);
         return;
     }
     $sql = 'SELECT id FROM signups AS s WHERE s.user = :userId AND s.event = :eventId';
     $stmt = $db->prepare($sql);
     $stmt->bindValue(':userId', $userId);
     $stmt->bindValue(':eventId', $eventId);
     $stmt->execute();
     if ($stmt->numRows() == 0) {
         self::signupCreate($userId, $eventId, $status);
     } else {
         $signupId = $stmt->fetchRow();
         $signupId = $signupId['id'];
         self::signupUpdate($signupId, $status, false);
     }
 }
Esempio n. 17
0
			<li><h3>Financial</h3></li>
			<li><a href="bank.php">bank</a></li>
			<li><a href="shop.php">shop</a></li>
			<li><a href="slaves.php">slaves</a></li>
			<li><a href="business.php">business</a></li>
		</ul>
		<ul class = "mainmenu">
			<li><h3>Account</h3></li>
			<li><a href="contacts.php">contacts</a></li>
			<li><a href="clans.php">clans</a></li>
			<li><a href="logout.php">logout</a></li>
		</ul>
	</div>
<?php 
    $turns = getTurns(Session::getUser()->getUsername());
    $gold = number_format(Session::getUser()->getData('gold'));
    echo '<p class = "status">';
    echo '<span class = "metric"><strong><img src = "resources/images/gold.png" /> ' . $gold . '</strong></span> ';
    echo '<span class = "metric"><strong><img src = "resources/images/turn.png" /> ' . $turns['remaining'] . '</strong></span> ';
    echo '<span class = "metric"><strong><img src = "resources/images/time.png" /> ' . $turns['time'] . '</strong></span>';
    echo "</p>";
} else {
    echo "<a href = \"register.php\">register</a> | ";
    echo "<a href = \"login.php\">login</a>";
}
?>

</div>

<div class = "page">
<?php

require_once 'includes/widgets/header.php';
require_once 'includes/widgets/sidebar.php';
require_once 'includes/classes/FormPermissionCreate.php';
use libAllure\Session;
if (!Session::getUser()->hasPriv('VIEW_PRIVS')) {
    box('You do not have permission to view this page.');
    require_once 'includes/widgets/footer.php';
}
$sql = 'SELECT `key`, description FROM permissions ORDER BY `key` ASC';
$result = $db->query($sql);
$permissions = array();
while ($perm = $result->fetchRow()) {
    if (Session::getUser()->hasPriv($perm['key'])) {
        $priv = '<span class = "good">' . $perm['key'] . '</span>';
    } else {
        if (Session::hasPriv('VIEW_UNASSIGNED_PERMISSIONS')) {
            $priv = '<span class = "bad">' . $perm['key'] . '</span>';
        }
    }
    $perm['priv'] = $priv;
    $permissions[] = $perm;
}
$tpl->assign('permissionsList', $permissions);
$tpl->display('listPermissions.tpl');
require_once 'includes/widgets/footer.php';
Esempio n. 19
0
function getSingleUserSignupsWithStatuses($statuses, $user = null)
{
    if ($user == null) {
        $user = Session::getUser()->getId();
    }
    array_walk($statuses, array(DatabaseFactory::getInstance(), 'quote'));
    array_walk($statuses, 'addQuotes');
    $statusString = implode(", ", $statuses);
    $sql = 'SELECT s.id, e.id AS eventId, e.name, s.status FROM signups s LEFT JOIN events e ON s.event = e.id WHERE s.user = :user AND s.status IN (' . $statusString . ')';
    $stmt = DatabaseFactory::getInstance()->prepare($sql);
    $stmt->bindValue(':user', $user);
    $stmt->execute();
    return $stmt->fetchAll();
}
Esempio n. 20
0
 protected function processUpdate()
 {
     global $db;
     if ($this->getElementValue('status') == "DELETE") {
         $this->processDelete();
     }
     $sanitizer = Sanitizer::getInstance();
     $sql = 'UPDATE signups SET status = :status, numberMachinesAllowed = :machinesAllowed, comments = concat(comments, "\\n", now(), " (", :staffUsername, ") - ", :comments, :changeMetadata), gigabit = :gigabit, ticketCost = :ticketCost WHERE id = :id';
     $stmt = $db->prepare($sql);
     $stmt->bindValue(':id', $this->getElementValue('id'));
     $stmt->bindValue(':status', $this->getElementValue('status'));
     $stmt->bindValue(':comments', $sanitizer->formatString($this->getElementValue('comments')));
     $stmt->bindValue(':gigabit', $sanitizer->formatBool($this->getElementValue('gigabit')));
     $stmt->bindValue(':ticketCost', $this->getElementValue('ticketCost'));
     $stmt->bindValue(':staffUsername', Session::getUser()->getUsername());
     $stmt->bindValue(':changeMetadata', $this->getChangeMetadata());
     $stmt->bindValue(':machinesAllowed', $this->getElementValue('numberMachinesAllowed'));
     $stmt->execute();
     $this->signup = $this->getSignup();
     if ($this->getElementValue('status') == 'CANCELLED') {
         require_once 'includes/functions.seatingPlan.php';
         removeSeat($this->signup['event'], $this->signup['userId']);
     }
     $sql = 'SELECT e.id FROM events e WHERE e.id = :eventId LIMIT 1';
     $stmt = $db->prepare($sql);
     $stmt->bindValue(':eventId', $this->signup['event']);
     $stmt->execute();
     logActivity('Signup updated for _u_ to event _e_ ' . $this->getElementValue('comments') . '. ' . $this->getChangeMetadata(), null, array('user' => $this->signup['user'], 'event' => $this->signup['event']));
     redirect('viewEvent.php?id=' . $this->signup['event'], 'Signup edited.');
 }
Esempio n. 21
0
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with pFrog; if not, write to the Free Software
  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA

*******************************************************************************/
require_once 'includes/common.php';
$title = "index";
require_once "includes/widgets/header.php";
use libAllure\Session;
if (Session::isLoggedIn()) {
    startBox("Hello again!", BOX_GREEN);
    echo "Welcome back, " . Session::getUser()->getUsername() . ".";
    stopBox(BOX_GREEN);
    $sql = "SELECT * FROM `hints` ORDER BY rand() LIMIT 1 ";
    $result = $db->query($sql);
    $hint = $result->fetchRow();
    startBox("Random Game Hint #" . $hint['id'], BOX_YELLOW);
    echo $hint['content'];
    stopBox(BOX_YELLOW);
} else {
    echo "tycoonism is a free online role playing game, ( rpg for short ). The objectives of the game are as follows: ";
    echo "<ul>";
    echo "<li>Try to become the richest player in the game.</li>";
    echo "<li>The richer you become, within the smallest time as possible will give you good rankings.</li>";
    echo "<li>You play as a 'tycoon'. Earn lots of money while you get one up on your fellow players.</li>";
    echo "</ul>";
}
<?php

use libAllure\HtmlLinksCollection;
use libAllure\Session;
if (!Session::isLoggedIn()) {
    return;
}
$isMe = Session::getUser()->getId() == $user->getId() && Session::hasPriv('CHANGE_AVATAR');
$linksCollection = new HtmlLinksCollection('User admin');
$linksCollection->addIf(Session::hasPriv('DELETE_USER'), 'users.php?action=delete&amp;id=' . $user->getId(), 'Delete', null, 'delete');
$linksCollection->addIf(Session::hasPriv('VIEW_ATTENDANCE'), 'viewAttendance.php?user='******'Attendance');
$linksCollection->addIf(Session::hasPriv('EDIT_USER') || $isMe, 'users.php?action=edit&amp;user='******'Update my profile' : 'Edit user', null, 'update');
$linksCollection->addIf(Session::hasPriv('SEND_EMAIL'), 'sendEmail.php?userId=' . $user->getId(), 'Send email');
$linksCollection->addIf(Session::hasPriv('EDIT_OTHERS_AVATAR') || $isMe, 'updateAvatar.php?user='******'Avatar', null, 'avatar');
$linksCollection->addIfPriv('SUDO', 'formSudo.php?username='******'SUDO');
if ($linksCollection->hasLinks()) {
    $tpl->assign('links', $linksCollection);
    $tpl->display('sidebarLinks.tpl');
}
Esempio n. 23
0
    $tpl->error('Could not find user.');
}
if (Session::hasPriv('GROUP_EDIT')) {
    $formAddUserToGroup = new FormAddUserToGroup($user->getId());
    if ($formAddUserToGroup->validate()) {
        $formAddUserToGroup->process();
    }
}
require_once 'includes/widgets/header.php';
require_once 'includes/widgets/sidebar.php';
$userArray = array('username' => $user->getData('username'), 'realName' => $user->getData('real_name'), 'registered' => $user->getData('registered'));
$avatarUrl = 'resources/images/avatars/' . $user->getId() . '.png';
if (file_exists($avatarUrl)) {
    $userArray['avatar'] = $avatarUrl;
}
if (Session::isLoggedIn() && Session::getUser()->hasPriv('VIEW_PROFILE_PRIVATE')) {
    $userArray['canSeePrivate'] = true;
    $userArray['lastLogin'] = $user->getData('lastLogin');
    $userArray['email'] = $user->getData('email');
    $bannedReason = $user->getData('bannedReason');
    $userArray['isBanned'] = !empty($bannedReason);
    $userArray['bannedReason'] = $bannedReason;
} else {
    $userArray['canSeePrivate'] = false;
}
$tpl->assign('user', $userArray);
$tpl->display('profile.tpl');
if (Session::hasPriv('PRIVS_VIEW')) {
    $listPermissions = array();
    foreach ($user->getPrivs() as $privilege) {
        if ($privilege['source'] == 'Group') {
Esempio n. 24
0
    loginPrompt();
}
$notifications = array();
if (Session::hasPriv('GALLERY_APPROVE_IMAGE')) {
    $sql = 'SELECT i.filename, g.id AS gallery, g.title AS galleryTitle FROM images i LEFT JOIN galleries g ON i.gallery = g.id WHERE i.user_uploaded != 0 AND i.published = 0 ';
    $stmt = DatabaseFactory::getInstance()->prepare($sql);
    $stmt->execute();
    $unpublishedUserUploadedImages = $stmt->fetchAll();
    foreach ($unpublishedUserUploadedImages as $image) {
        $notifications[] = 'Image <a href = "viewGalleryImage.php?filename=' . $image['filename'] . '&gallery=' . $image['gallery'] . '">' . $image['filename'] . '</a> in gallery ' . $image['galleryTitle'] . ', uploaded by a user, is unpublished. Please publish or delete.';
    }
}
checkNotificationNotGuarenteedSeats($notifications);
$tpl->assign('notifications', $notifications);
$tpl->assign('emailFlagged', Session::getUser()->getData('emailFlagged'));
$tpl->assign('username', Session::getUser()->getUsername());
$standardLinks = new HtmlLinksCollection();
$standardLinks->addIf(Session::hasPriv('CHANGE_AVATAR'), 'updateAvatar.php', 'Avatar', 'avatar');
$standardLinks->addIf(Session::hasPriv('VIEW_ATTENDANCE'), 'viewAttendance.php', 'Attendance');
$standardLinks->addIfPriv('UPLOAD_GALLERY_IMAGE', 'formUploadImage.php', 'Upload gallery image');
$standardLinks->addIfPriv('VIEW_SURVEYS', 'listSurveys.php', 'Survey', 'survey');
$tpl->assign('standardLinks', $standardLinks);
$privilegedLinks = new HtmlLinksCollection();
$privilegedLinks->addIfPriv('ADMIN_USERS', 'users.php', 'Users', 'users');
$privilegedLinks->addIfPriv('ADMIN_GROUPS', 'listGroups.php', 'Groups');
$privilegedLinks->addIfPriv('ADMIN_USERS', 'formFlagEmail.php', 'Flag bad emails', 'users');
$privilegedLinks->addIfPriv('VIEW_PRIVS', 'listPermissions.php', 'Permissions');
$privilegedLinks->addIfPriv('VIEW_VENUES', 'listVenues.php', 'Venues');
$privilegedLinks->addIfPriv('EDIT_CONTENT', 'listContent.php', 'Content blocks', 'contentBlocks');
$privilegedLinks->addIfPriv('VIEW_LOG', 'listLogs.php', 'Log');
$privilegedLinks->addIfPriv('MAILING_LIST', 'viewMailingList.php', 'Mailing list');
Esempio n. 25
0
function getThemeDirectory()
{
    $installedThemes = 'resources/themes/';
    if (Session::isLoggedIn()) {
        $theme = Session::getUser()->getData('theme');
        if (is_dir($installedThemes . $theme)) {
            return $installedThemes . $theme;
        }
    }
    return $installedThemes . getSiteSetting('theme', 'airdale');
}
 public function process()
 {
     $filename = uniqid() . '.png';
     $this->getElement('file')->destinationFilename = 'full/' . $filename;
     $this->getElement('file')->savePng();
     $this->getElement('file')->resize(100, 100);
     $this->getElement('file')->destinationFilename = 'thumb/' . $filename;
     $this->getElement('file')->savePng();
     $gal = intval(str_replace('gallery', null, $this->getElementValue('dir')));
     if ($gal != null) {
         $sql = 'INSERT INTO images (filename, gallery, caption, published, user_uploaded) values (:filename, :gallery, :caption, 0, :user)';
         $stmt = DatabaseFactory::getInstance()->prepare($sql);
         $stmt->bindValue(':filename', $filename);
         $stmt->bindValue(':gallery', $gal);
         $stmt->bindValue(':caption', 'Uploaded by: ' . Session::getUser()->getUsername());
         $stmt->bindValue(':user', Session::getUser()->getId());
         $stmt->execute();
     }
     logActivity(Session::getUser()->getUsername() . ' uploaded image ' . $filename . ' to gallery: ' . $this->getElement('file')->destinationDir);
     redirect('account.php', 'Image has been uploaded, thanks!');
 }
Esempio n. 27
0
     require_once 'includes/widgets/footer.php';
     break;
 case 'bacsComplete':
     foreach (Basket::getContents() as $ticket) {
         Events::setSignupStatus(Session::getUser()->getId(), $ticket['eventId'], 'BACS_WAITING');
     }
     Basket::clear();
     redirect('account.php', 'Thanks, you will be marked as PAID by an admin when they receive the transfer.');
     break;
 case 'paypalFail':
     logAndRedirect('account.php', 'Paypal transaction failed.');
     break;
 case 'paypalComplete':
     logActivity('Started processing PayPal payment notification');
     foreach (Basket::getContents() as $ticket) {
         logActivity('PayPal transaction processing - setting status to PAID for event. Ticket owner _u_, event _e_', $ticket['userId'], array('event' => $ticket['eventId'], 'user' => Session::getUser()->getId()));
         Events::setSignupStatus($ticket['userId'], $ticket['eventId'], 'PAID');
     }
     logActivity('Finished processing PayPal payment notification.');
     Basket::clear();
     redirect('account.php', 'Thanks, payment complete!');
     break;
 default:
     require_once 'includes/widgets/header.php';
     require_once 'includes/widgets/sidebar.php';
     startBox();
     echo str_replace('%BASKETTOTAL%', doubleToGbp($cost), getContent('selectPaymentMethod'));
     $tpl->assign('cost', $cost);
     $tpl->assign('costPaypal', getPaypalCommission($cost));
     $tpl->assign('paypalEmail', getSiteSetting('paypalEmail'));
     $tpl->assign('listBasketContents', Basket::getContents());
Esempio n. 28
0
  (at your option) any later version.

  pFrog is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with pFrog; if not, write to the Free Software
  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA

*******************************************************************************/
require_once "includes/common.php";
$title = "slaves";
require_once "includes/widgets/header.php";
$sql = "SELECT * FROM slaves WHERE `user` = '" . \libAllure\Session::getUser()->getUsername() . "'";
$result = $db->query($sql);
$slaves = $result->numRows();
startBox("Slaves", BOX_GREEN);
echo "You currently have <strong>" . $slaves . "</strong> slaves.";
echo "<ul>";
while ($row = $result->fetchRow()) {
    popup("<li>" . $row['name'] . "</li>", "view_slave.php?slave=" . $row['name']);
}
echo "</ul>";
stopBox(BOX_GREEN);
$sql = 'SELECT * FROM slaves WHERE user = ""';
$result = $db->query($sql);
if ($result->numRows() == 0) {
    startBox("Slave Shop", BOX_RED);
    echo "There are are not any slaves for sale.";
Esempio n. 29
0
<?php

require_once 'includes/common.php';
use libAllure\Session;
$id = intval($_REQUEST['id']);
if (!(Session::isLoggedIn() && Session::getUser()->hasPriv('EVENT_DELETE'))) {
    throw new PermissionsException();
}
$sql = 'DELETE FROM events WHERE id = :id LIMIT 1';
$stmt = $db->prepare($sql);
$stmt->bindValue(':id', $id);
$stmt->execute();
logActivity('Event deleted');
redirect('listEvents.php', 'Event deleted. Oh dear.');
Esempio n. 30
0
<?php

require_once 'includes/common.php';
require_once 'includes/classes/DatabaseItem.php';
require_once 'includes/classes/Events.php';
use libAllure\Session;
var_dump(Session::getUser());