function vote($voter, $site_id) { $settings = get_option('votesys_options'); if ($settings['track_by_time']) { if (can_vote($voter, $site_id)) { //dadeda tasku add_points($voter, $settings['add_point_sk']); //panaikina senaji balsa mysqle delete_vote($voter->id, $site_id); //uzregistruoja nauja balsa mysqle create_vote($voter->id, $site_id); } } else { //dadeda tasku add_points($voter, $settings['add_point_sk']); //panaikina senaji balsa mysqle delete_vote($voter->id, $site_id); //uzregistruoja nauja balsa mysqle create_vote($voter->id, $site_id); } }
function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, $post_username, $post_subject, $post_sub_title, $post_message, $poll_title, &$poll_options, &$poll_length, &$max_vote, &$hide_vote, &$tothide_vote, &$attribute_id) { global $board_config, $lang, $db, $phpbb_root_path, $phpEx; global $userdata, $user_ip, $post_info; include $phpbb_root_path . 'includes/functions_search.' . $phpEx; $current_time = time(); if ($mode == 'newtopic' || $mode == 'reply' || $mode == 'editpost') { // // Flood control //Unless admin/mod if ($userdata['user_level'] != ADMIN && $userdata['user_level'] != MOD) { $where_sql = $userdata['user_id'] == ANONYMOUS ? "poster_ip = '{$user_ip}'" : 'poster_id = ' . $userdata['user_id']; $sql = "SELECT MAX(post_time) AS last_post_time\r\n\t\t\t\tFROM " . POSTS_TABLE . "\r\n\t\t\t\tWHERE {$where_sql}"; if (($result = $db->sql_query($sql)) && ($row = $db->sql_fetchrow($result))) { if (intval($row['last_post_time']) > 0 && $current_time - intval($row['last_post_time']) < intval($board_config['flood_interval'])) { message_die(GENERAL_MESSAGE, $lang['Flood_Error']); } } } adr_add_experience_points($userdata['user_id'], $mode); } if ($mode == 'editpost') { remove_search_post($post_id); } // prepare sub-title data $common = new common(); $post_sub_title = $common->sql_type_cast($post_sub_title, true); unset($common); if ($mode == 'newtopic' || $mode == 'editpost' && $post_data['first_post']) { $topic_vote = !empty($poll_title) && count($poll_options) >= 2 ? 1 : 0; //-- mod : quick title edition ------------------------------------------------- //-- add $attribute = $attribute_id > -1 ? implode(',', array($attribute_id, $userdata['user_id'], time())) : ''; //-- fin mod : quick title edition --------------------------------------------- $sql = $mode != "editpost" ? "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type, topic_vote) VALUES ('{$post_subject}', " . $userdata['user_id'] . ", {$current_time}, {$forum_id}, " . TOPIC_UNLOCKED . ", {$topic_type}, {$topic_vote})" : "UPDATE " . TOPICS_TABLE . " SET topic_title = '{$post_subject}', topic_type = {$topic_type} " . ($post_data['edit_vote'] || !empty($poll_title) ? ", topic_vote = " . $topic_vote : "") . " WHERE topic_id = {$topic_id}"; //-- mod : quick title edition ------------------------------------------------- //-- add if ($mode != 'editpost') { $sql = str_replace('INSERT INTO ' . TOPICS_TABLE . ' (', 'INSERT INTO ' . TOPICS_TABLE . ' (topic_attribute, ', $sql); $sql = str_replace('VALUES (', 'VALUES (\'' . $attribute . '\', ', $sql); } else { $sql = str_replace('SET ', 'SET topic_attribute = \'' . $attribute . '\', ', $sql); } //-- fin mod : quick title edition --------------------------------------------- // send topic sub-title data if ($mode != 'editpost') { $sql = str_replace('INSERT INTO ' . TOPICS_TABLE . ' (', 'INSERT INTO ' . TOPICS_TABLE . ' (topic_sub_title, ', $sql); $sql = str_replace('VALUES (', 'VALUES (' . $post_sub_title . ', ', $sql); } else { $sql = str_replace('SET ', 'SET topic_sub_title = ' . $post_sub_title . ', ', $sql); } if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } if ($mode == 'newtopic') { $topic_id = $db->sql_nextid(); } } $edited_sql = $mode == 'editpost' && !$post_data['last_post'] && $post_data['poster_post'] ? ", post_edit_time = {$current_time}, post_edit_count = post_edit_count + 1 " : ""; $sql = $mode != "editpost" ? "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, post_created, poster_ip, enable_bbcode, enable_html, enable_smilies, enable_sig) VALUES ({$topic_id}, {$forum_id}, " . $userdata['user_id'] . ", '{$post_username}', {$current_time}, {$current_time}, '{$user_ip}', {$bbcode_on}, {$html_on}, {$smilies_on}, {$attach_sig})" : "UPDATE " . POSTS_TABLE . " SET post_username = '******', enable_bbcode = {$bbcode_on}, enable_html = {$html_on}, enable_smilies = {$smilies_on}, enable_sig = {$attach_sig}" . $edited_sql . " WHERE post_id = {$post_id}"; if (!$db->sql_query($sql, BEGIN_TRANSACTION)) { $db->clear_cache('posts_'); message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } if ($mode != 'editpost') { $post_id = $db->sql_nextid(); } //-- mod : post description ---------------------------------------------------- // here we added // , post_sub_title // , $post_sub_title // , post_sub_title = $post_sub_title //-- modify $sql = $mode != 'editpost' ? "INSERT INTO " . POSTS_TEXT_TABLE . " (post_id, post_subject, post_sub_title, bbcode_uid, post_text) VALUES ({$post_id}, '{$post_subject}', {$post_sub_title}, '{$bbcode_uid}', '{$post_message}')" : "UPDATE " . POSTS_TEXT_TABLE . " SET post_text = '{$post_message}', bbcode_uid = '{$bbcode_uid}', post_subject = '{$post_subject}', post_sub_title = {$post_sub_title} WHERE post_id = {$post_id}"; //-- fin mod : post description ------------------------------------------------ if (!$db->sql_query($sql)) { exit($sql); message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } $db->clear_cache('posts_'); add_search_words('single', $post_id, stripslashes($post_message), stripslashes($post_subject)); // // Add poll // if (($mode == 'newtopic' || $mode == 'editpost' && $post_data['edit_poll']) && !empty($poll_title) && count($poll_options) >= 2) { $sql = !$post_data['has_poll'] ? "INSERT INTO " . VOTE_DESC_TABLE . " (topic_id, vote_text, vote_start, vote_length, vote_max, vote_hide, vote_tothide) VALUES ({$topic_id}, '{$poll_title}', {$current_time}, " . $poll_length * 86400 . ", '{$max_vote}', '{$hide_vote}', '{$tothide_vote}')" : "UPDATE " . VOTE_DESC_TABLE . " SET vote_text = '{$poll_title}', vote_length = " . $poll_length * 86400 . ", vote_max = '{$max_vote}', vote_hide = '{$hide_vote}', vote_tothide = '{$tothide_vote}' WHERE topic_id = {$topic_id}"; if (!$db->sql_query($sql)) { $db->clear_cache('posts_'); message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } $delete_option_sql = ''; $old_poll_result = array(); if ($mode == 'editpost' && $post_data['has_poll']) { $sql = "SELECT vote_option_id, vote_result \r\n\t\t\t\tFROM " . VOTE_RESULTS_TABLE . " \r\n\t\t\t\tWHERE vote_id = {$poll_id} \r\n\t\t\t\tORDER BY vote_option_id ASC"; if (!($result = $db->sql_query($sql))) { $db->clear_cache('posts_'); message_die(GENERAL_ERROR, 'Could not obtain vote data results for this topic', '', __LINE__, __FILE__, $sql); } while ($row = $db->sql_fetchrow($result)) { $old_poll_result[$row['vote_option_id']] = $row['vote_result']; if (!isset($poll_options[$row['vote_option_id']])) { $delete_option_sql .= $delete_option_sql != '' ? ', ' . $row['vote_option_id'] : $row['vote_option_id']; } } } else { $poll_id = $db->sql_nextid(); } @reset($poll_options); $poll_option_id = 1; while (list($option_id, $option_text) = each($poll_options)) { if (!empty($option_text)) { $option_text = str_replace("\\'", "''", htmlspecialchars($option_text)); $poll_result = $mode == "editpost" && isset($old_poll_result[$option_id]) ? $old_poll_result[$option_id] : 0; $sql = $mode != "editpost" || !isset($old_poll_result[$option_id]) ? "INSERT INTO " . VOTE_RESULTS_TABLE . " (vote_id, vote_option_id, vote_option_text, vote_result) VALUES ({$poll_id}, {$poll_option_id}, '{$option_text}', {$poll_result})" : "UPDATE " . VOTE_RESULTS_TABLE . " SET vote_option_text = '{$option_text}', vote_result = {$poll_result} WHERE vote_option_id = {$option_id} AND vote_id = {$poll_id}"; if (!$db->sql_query($sql)) { $db->clear_cache('posts_'); message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql); } $poll_option_id++; } } if ($delete_option_sql != '') { $sql = "DELETE FROM " . VOTE_RESULTS_TABLE . " \r\n\t\t\t\tWHERE vote_option_id IN ({$delete_option_sql}) \r\n\t\t\t\t\tAND vote_id = {$poll_id}"; if (!$db->sql_query($sql)) { $db->clear_cache('posts_'); message_die(GENERAL_ERROR, 'Error deleting pruned poll options', '', __LINE__, __FILE__, $sql); } } } if ($board_config['points_post'] && !$post_info['points_disabled'] && ($mode == 'newtopic' || $mode == 'reply')) { $points = abs($mode == 'newtopic' ? $board_config['points_topic'] : $board_config['points_reply']); if ($userdata['user_id'] != ANONYMOUS && $userdata['admin_allow_points']) { add_points($userdata['user_id'], $points); } } $meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.{$phpEx}?" . POST_POST_URL . "=" . $post_id) . '#' . $post_id . '">'; $message = $lang['Stored'] . '<br /><br />' . sprintf($lang['Click_view_message'], '<a href="' . append_sid("viewtopic.{$phpEx}?" . POST_POST_URL . "=" . $post_id) . '#' . $post_id . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid("viewforum.{$phpEx}?" . POST_FORUM_URL . "={$forum_id}") . '">', '</a>'); $db->clear_cache('posts_'); $db->clear_cache('topics_recent_'); return false; }
} // Check, if user tries to rob more than x % of users cash if ($points_values['robbery_max_rob'] != 0) { if ($attacked_amount > $pointsa / 100 * $points_values['robbery_max_rob']) { $message = sprintf($user->lang['ROBBERY_MAX_ROB'], $points_values['robbery_max_rob']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=robbery") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } } // Get some info about the robbed user $user_namepoints = get_username_string('full', $checked_user['user_id'], $checked_user['username'], $checked_user['user_colour']); // Genarate a random number $rand_base = $points_values['robbery_chance']; $rand_value = rand(0, 100); // If robbery was successful and PM is enabled, send PM if ($rand_value <= $rand_base) { add_points($user->data['user_id'], $attacked_amount); substract_points($user_id, $attacked_amount); if ($points_config['robbery_sendpm'] && $user_info['user_allow_pm'] == 1 && $user_robbery_pm) { // Prepare user lang $sql_array = array('SELECT' => '*', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => 'user_id = ' . (int) $user_id); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); $user_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); // first check if language file exists, if not, use the default language $user_row['user_lang'] = file_exists($phpbb_root_path . 'language/' . $user_row['user_lang'] . "/mods/points.{$phpEx}") ? $user_row['user_lang'] : $config['default_lang']; // load receivers language include $phpbb_root_path . 'language/' . basename($user_row['user_lang']) . "/mods/points.{$phpEx}"; // Send PM $pm_subject = utf8_normalize_nfc(sprintf($lang['ROBBERY_PM_SUCCESFUL_SUBJECT'], $config['points_name'])); $pm_text = utf8_normalize_nfc(sprintf($lang['ROBBERY_PM_SUCCESFUL_BODY'], $user_namepoints, $attacked_amount, $config['points_name']));
function main($id, $mode) { global $template, $user, $db, $config, $phpEx, $phpbb_root_path, $ultimate_points, $points_config, $points_values, $auth, $checked_user, $check_auth; add_form_key('transfer_user'); // Grab the message variable $message = request_var('comment', '', true); // Check, if transferring is allowed if (!$points_config['transfer_enable']) { $message = $user->lang['TRANSFER_REASON_TRANSFER'] . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } // Check, if user is allowed to use the transfer module if (!$auth->acl_get('u_use_transfer')) { $message = $user->lang['NOT_AUTHORISED'] . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } // Add part to bar $template->assign_block_vars('navlinks', array('U_VIEW_FORUM' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user"), 'FORUM_NAME' => sprintf($user->lang['TRANSFER_TITLE'], $config['points_name']))); if (isset($_POST['submit'])) { if (!check_form_key('transfer_user')) { trigger_error('FORM_INVALID'); } // Grab need variables for the transfer $am = round(request_var('amount', 0.0), 2); $comment = request_var('comment', '', true); $username1 = request_var('username', '', true); $username = strtolower($username1); // Select the user data to transfer to $sql = 'SELECT * FROM ' . USERS_TABLE . "\n\t\t\t\tWHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'\n\t\t\t\t\tAND user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ')'; $result = $db->sql_query($sql); $transfer_user = $db->sql_fetchrow($result); $db->sql_freeresult($result); if ($transfer_user == NULL) { $message = $user->lang['TRANSFER_NO_USER_RETURN'] . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } // Select the old user_points from user_id to transfer to $sql_array = array('SELECT' => 'user_points', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => 'user_id = ' . (int) $transfer_user['user_id']); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); $transfer_user_old_points = (int) $db->sql_fetchfield('user_points'); $db->sql_freeresult($result); // Check, if the sender has enough cash if ($user->data['user_points'] < $am) { $message = sprintf($user->lang['TRANSFER_REASON_MINPOINTS'], $config['points_name']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } // Check, if the amount is 0 or below if ($am <= 0) { $message = sprintf($user->lang['TRANSFER_REASON_UNDERZERO'], $config['points_name']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } // Check, if user is trying to send to himself if ($user->data['user_id'] == $transfer_user['user_id']) { $message = sprintf($user->lang['TRANSFER_REASON_YOURSELF'], $config['points_name']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } // Add cash to receiver add_points($transfer_user['user_id'], $am); // Remove cash from sender substract_points($user->data['user_id'], $am); // Get current time for log $current_time = time(); // Add transferring information to the log $text = utf8_normalize_nfc($message); $sql = 'INSERT INTO ' . POINTS_LOG_TABLE . ' ' . $db->sql_build_array('INSERT', array('point_send' => (int) $user->data['user_id'], 'point_recv' => (int) $transfer_user['user_id'], 'point_amount' => $am, 'point_sendold' => $user->data['user_points'], 'point_recvold' => $transfer_user_old_points, 'point_comment' => $text, 'point_type' => '1', 'point_date' => $current_time)); $db->sql_query($sql); // Send pm to receiver, if PM is enabled if (!$points_config['transfer_pm_enable'] == 0 && $transfer_user['user_allow_pm']) { // Select the receiver language $transfer_user['user_lang'] = file_exists($phpbb_root_path . 'language/' . $transfer_user['user_lang'] . "/mods/points.{$phpEx}") ? $transfer_user['user_lang'] : $config['default_lang']; // load receivers language include $phpbb_root_path . 'language/' . basename($transfer_user['user_lang']) . "/mods/points.{$phpEx}"; $points_name = $config['points_name']; $comment = $db->sql_escape($comment); $pm_subject = utf8_normalize_nfc(sprintf($lang['TRANSFER_PM_SUBJECT'])); $pm_text = utf8_normalize_nfc(sprintf($lang['TRANSFER_PM_BODY'], $am, $points_name, $text)); $poll = $uid = $bitfield = $options = ''; generate_text_for_storage($pm_subject, $uid, $bitfield, $options, false, false, false); generate_text_for_storage($pm_text, $uid, $bitfield, $options, true, true, true); $pm_data = array('address_list' => array('u' => array($transfer_user['user_id'] => 'to')), 'from_user_id' => $user->data['user_id'], 'from_username' => $user->data['username'], 'icon_id' => 0, 'from_user_ip' => '', 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'message' => $pm_text, 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid); submit_pm('post', $pm_subject, $pm_data, false); } // Change $username back to regular username $sql_array = array('SELECT' => 'username', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => 'user_id = ' . (int) $transfer_user['user_id']); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); $show_user = $db->sql_fetchfield('username'); $db->sql_freeresult($result); // Add log entry to inform the admin too add_log('user', $user->data['username'], 'LOG_USER_TRANSFER', $user->data['username'], $show_user, number_format_points($am), $config['points_name']); // Show the successful transfer message $message = sprintf($user->lang['TRANSFER_REASON_TRANSUCC'], number_format_points($am), $config['points_name'], $show_user) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); $template->assign_vars(array('U_ACTION' => $this->u_action)); } $template->assign_vars(array('USER_POINTS' => sprintf(number_format_points($checked_user['user_points'])), 'POINTS_NAME' => $config['points_name'], 'POINTS_COMMENTS' => $points_config['comments_enable'] ? true : false, 'LOTTERY_NAME' => $points_values['lottery_name'], 'BANK_NAME' => $points_values['bank_name'], 'L_TRANSFER_DESCRIPTION' => sprintf($user->lang['TRANSFER_DESCRIPTION'], $config['points_name']), 'U_TRANSFER_USER' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user"), 'U_LOGS' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=logs"), 'U_LOTTERY' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=lottery"), 'U_BANK' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=bank"), 'U_ROBBERY' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=robbery"), 'U_INFO' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=info"), 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", "mode=searchuser&form=post&field=username&select_single=true"), 'U_USE_TRANSFER' => $auth->acl_get('u_use_transfer'), 'U_USE_LOGS' => $auth->acl_get('u_use_logs'), 'U_USE_LOTTERY' => $auth->acl_get('u_use_lottery'), 'U_USE_BANK' => $auth->acl_get('u_use_bank'), 'U_USE_ROBBERY' => $auth->acl_get('u_use_robbery'), 'S_ALLOW_SEND_PM' => $auth->acl_get('u_sendpm'))); // Generate the page page_header(sprintf($user->lang['TRANSFER_TITLE'], $config['points_name'])); // Generate the page template $template->set_filenames(array('body' => 'points/points_transfer_user.html')); page_footer(); }
<?php ob_start(); // Output buffering - allows header rewrites to happen at anytime before flushing the buffer session_start(); require_once "incdir.php.inc"; require_once "config.php"; include_php_dir("includes"); mysql_init(); document_header(); echo include_javascript_dir("js", $debug); echo include_stylesheet_dir("stylesheets", $debug); check_validated(); //Any pre-page logic should go here! if (isset($_POST['addpoints-submit'])) { add_points(strtolower($_POST['note']), $_POST['value'], $_GET['user_id']); } if (isset($_POST['removepoints-submit'])) { remove_points($_POST['point_id']); } if (count($_SESSION['notifications']) != 0) { draw_notification(); } if (isset($_GET['user_id'])) { $userinfo = get_user_info($_GET['user_id']); } draw_page($userinfo); close_page(); ob_end_flush(); // Flush the buffer out to client document_footer();
/** * function give_ultimate_points */ function give_ultimate_points($mode, $user_id) { // if ($this->ultimate_points_installed() && $this->config['enable_ultimate_points']) { if ($mode == 'invite') { add_points($user_id, $this->config['ultimate_points_invite']); } else { // $mode = 'register' add_points($user_id, $this->config['ultimate_points_register']); } } }
if (empty($posted_code)) { $errors[] = 'Prosze wpisac kod z SMSa/przelewu.'; } if (!$account->isLoaded()) { $errors[] = 'Konto o danej nazwie nie istnieje.'; } if (count($errors) == 0) { if ($config['homepay'][$sms_type]['type'] == "sms") { $code_info = check_code_homepay($posted_code, $sms_type); } else { $code_info = check_tcode_homepay($posted_code, $sms_type); } if ($code_info != "1") { $errors[] = 'Podany kod z SMSa/przelewu jest niepoprawny lub wybrano zla opcje SMSa/przelewu.'; } else { if (add_points($account, $config['homepay'][$sms_type]['addpoints'])) { $main_content .= '<h1><font color="red">Dodano ' . $config['homepay'][$sms_type]['addpoints'] . ' punktów premium do konta: ' . $to_user . ' !</font></h1>'; } else { $errors[] = 'Wystapił błąd podczas dodawania punktów do konta, sprobój ponownie.'; } } } } if (count($errors) > 0) { $main_content .= 'Wystapiły błędy:'; foreach ($errors as $error) { $main_content .= '<br />* ' . $error; } $main_content .= '<hr /><hr />'; } if ($config['homepay_active_sms']) {
include $phpbb_root_path . 'missions/common.' . $phpEx; //include($phpbb_root_path . 'includes/mods/functions_points.' . $phpEx); // Start session management $user->session_begin(); $auth->acl($user->data); $user->setup(); $date = date("l, F j, Y, g:i a"); $username = get_username_string('full', $user->data['user_id'], $user->data['username'], $user->data['user_colour']); $userid = $user->data['user_id']; $intScore = isset($_GET['vote']) ? $_GET['vote'] : 0; if (!isset($_POST['initiate'])) { if (isset($_GET['id'])) { if ($intScore > 5 and $_GET['id'] == 0) { page_header('Realistic 2'); $template->set_filenames(array('body' => 'missions/basicpage.html')); add_points($userid, 200); $result = "\n\t\t\t<div class=\"panel\" id=\"faqlinks\">\n\t\t<div class=\"inner\"><span class=\"corners-top\"><span></span></span> \n\t<center><font color=\"red\"><b>Congradulations, you have sucessfully completed Realstic 1!</b></font></center> \n\t\t\t<span class=\"corners-bottom\"><span></span></span></div>\n\t\t</div>\n\t"; $body = "\n\t<h3>Realistic 2 || 400 Points</h3>\n\t<b>From</b>: DestroyFascism <br />\n\t\t<b>To</b>: {$username} <br />\n\t<b>Date</b>: {$date} <br />\n\t<b>Message</b>: I have been informed that you have quite admirable hacking skills. Well, this racist hate group is using their website to organize a mass gathering of ignorant racist bastards. We cannot allow such bigoted aggression to happen. If you can gain access to their administrator page and post messages to their main page, we would be eternally grateful.<br />\n\t<br /><form action=\"" . $_SERVER['PHP_SELF'] . "\" method=\"post\">\n\t<dl>\n\t<input type=\"hidden\" name=\"initiate\" value=\"yes\">\n\t<dd><input name=\"submit\" type=\"submit\" id=\"submit\" class=\"button2\" value=\"initiate\"></dd>\n\t</dl>\n</form>\n\t"; } else { page_header('Realistic 1'); $template->set_filenames(array('body' => 'missions/basicpage.html')); $result = "\n\t\t\t<div class=\"panel\" id=\"faqlinks\">\n\t\t<div class=\"inner\"><span class=\"corners-top\"><span></span></span> \n\t<center><font color=\"red\"><b>Please retry, Realistic 1 not completed!</b></font></center> \n\t\t\t<span class=\"corners-bottom\"><span></span></span></div>\n\t\t</div>\n\t"; $body = "\n\t<h3>Realistic 1 || 200 Points</h3>\n\t<b>From</b>: HeavyMetalRyan <br />\n\t<b>To</b>: {$username} <br />\n\t<b>Date</b>: {$date} <br />\n<b>Message</b>: Hey man, I need a big favor from you. Remember that website I showed you once before? Uncle Arnold's Band Review Page? Well, a long time ago I made a \$500 bet with a friend that my band would be at the top of the list by the end of the year. Well, as you already know, two of my band members have died in a horrendous car accident... but this asshole still insists that the bet is on!\nI know you're good with computers and stuff, so I was wondering, is there any way for you to hack this website and make my band on the top of the list? My band is Raging Inferno. Thanks a lot, man!<br />\n<br />\n<form action=\"realistic1.php\" method=\"post\">\n\t<dl>\n\t<input type=\"hidden\" name=\"initiate\" value=\"yes\">\n\t<dd><input name=\"submit\" type=\"submit\" id=\"submit\" class=\"button2\" value=\"initiate\"></dd>\n\t</dl>\n</form>\n\t"; } } else { page_header('Realistic 2'); $template->set_filenames(array('body' => 'missions/basicpage.html')); $body = "\n\t<h3>Realistic 2 || 400 Points</h3>\n\t<b>From</b>: DestroyFascism <br />\n\t\t<b>To</b>: {$username} <br />\n\t<b>Date</b>: {$date} <br />\n\t<b>Message</b>: I have been informed that you have quite admirable hacking skills. Well, this racist hate group is using their website to organize a mass gathering of ignorant racist bastards. We cannot allow such bigoted aggression to happen. If you can gain access to their administrator page and post messages to their main page, we would be eternally grateful.<br />\n\t<br /><form action=\"" . $_SERVER['PHP_SELF'] . "\" method=\"post\">\n\t<dl>\n\t<input type=\"hidden\" name=\"initiate\" value=\"yes\">\n\t<dd><input name=\"submit\" type=\"submit\" id=\"submit\" class=\"button2\" value=\"initiate\"></dd>\n\t</dl>\n</form>"; } } else { page_header('Realistic 2');
<?php define('DarkCoreCMS', TRUE); include 'config.php'; include 'functions/vote_functions.php'; include 'functions/global_functions.php'; if (isset($_GET['user']) && isset($_GET['siteid'])) { $user = $_GET['user']; $siteid = $_GET['siteid']; $site_data = getSite_data_byID($siteid); if (isset($site_data['postback']) && $site_data['postback'] != NULL) { header('Location: ' . $site_data['link'] . $site_data['postback'] . $user); } else { $do_vote = vote($user, $siteid); if ($do_vote != 0) { $date = new DateTime(); $cur_time = $date->getTimestamp(); $day_number = idate('w', $cur_time); if ($day_number == 6 || $day_number == 0) { add_points($user, $site_data['end_week_points']); } else { add_points($user, $site_data['points']); } header('Location: ../user?done=1'); } header('Location: ' . $site_data['link']); } } else { header('Location: ../'); }
if ($user->data['user_points'] < $am) { $message = sprintf($user->lang['TRANSFER_REASON_MINPOINTS'], $config['points_name']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } // Check, if the amount is 0 or below if ($am <= 0) { $message = sprintf($user->lang['TRANSFER_REASON_UNDERZERO'], $config['points_name']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } // Check, if the user is trying to send to himself if ($user->data['user_id'] == $checked_user['user_id']) { $message = sprintf($user->lang['TRANSFER_REASON_YOURSELF'], $config['points_name']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } // Add cash to receiver add_points($checked_user['user_id'], $am); // Remove cash from sender substract_points($user->data['user_id'], $am); // Get current time for logs $current_time = time(); // Add transfer information to the log $text = utf8_normalize_nfc($message); $sql = 'INSERT INTO ' . POINTS_LOG_TABLE . ' ' . $db->sql_build_array('INSERT', array('point_send' => (int) $user->data['user_id'], 'point_recv' => (int) $checked_user['user_id'], 'point_amount' => $am, 'point_sendold' => $user->data['user_points'], 'point_recvold' => $checked_user['user_points'], 'point_comment' => $text, 'point_type' => '1', 'point_date' => $current_time)); $db->sql_query($sql); // Send pm to user if (!$points_config['transfer_pm_enable'] == 0 && $checked_user['user_allow_pm'] == 1) { // Select the user data for the PM $sql_array = array('SELECT' => '*', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => 'user_id = ' . (int) $checked_user['user_id']); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); $user_row = $db->sql_fetchrow($result);
} if (abs(intval($HTTP_POST_VARS['amount'])) == 0) { $error = true; $error_msg .= (!empty($error_msg) ? '<br />' : '') . sprintf($lang['Points_enter_some_donate'], $board_config['points_name']); } if (isset($error)) { $template->set_filenames(array('reg_header' => 'error_body.tpl')); $template->assign_vars(array('ERROR_MESSAGE' => $error_msg)); $template->assign_var_from_handle('ERROR_BOX', 'reg_header'); } else { $amount = abs(intval($HTTP_POST_VARS['amount'])); $from_points = get_user_points($userdata['user_id']); if ($amount > $from_points) { message_die(GENERAL_MESSAGE, sprintf($lang['Points_cant_donate'], $board_config['points_name'])); } add_points($user_id, $amount); subtract_points($userdata['user_id'], $amount); //Send doation email if the user wants it $sql = "SELECT username, user_lang, user_email, user_notify_donation \r\n\t\t\t\tFROM " . USERS_TABLE . "\r\n\t\t\t\tWHERE user_id = {$user_id}"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, "Could not get username & user_notify_donation & user_lang & user_email", '', __LINE__, __FILE__, $sql); } $to_userdata = $db->sql_fetchrow($result); if ($to_userdata['user_notify_donation']) { include $phpbb_root_path . 'includes/emailer.' . $phpEx; $emailer = new emailer($board_config['smtp_delivery']); $email_headers = 'From: ' . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\n"; $emailer->use_template('user_notify_donation', $to_userdata['user_lang']); $emailer->email_address($to_userdata['user_email']); $emailer->extra_headers($email_headers); $emailer->assign_vars(array('DONATOR' => $userdata['username'], 'USERNAME' => $to_userdata['username'], 'AMOUNT_DONATE' => $amount, 'TOTAL_POINTS' => get_user_points($user_id), 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']), 'L_POINTS' => $board_config['points_name']));
<?php function add_points($player, $points) { $player->energy += $points; print_r($player); } add_points(NULL, 2);
} } // // Parse and show the overall header. // $template->set_filenames(array('overall_header' => empty($gen_simple_header) ? 'overall_header.tpl' : 'simple_header.tpl')); // // Generate logged in/logged out status // if ($userdata['session_logged_in']) { $u_login_logout = 'login.' . $phpEx . '?logout=true&sid=' . $userdata['session_id']; $l_login_logout = $lang['Logout'] . ' [ ' . $userdata['username'] . ' ]'; if ($board_config['points_browse'] && !$post_info['points_disabled']) { $points = $board_config['points_browse']; if ($userdata['user_id'] != ANONYMOUS && $userdata['admin_allow_points']) { add_points($userdata['user_id'], $points); } } } else { $u_login_logout = 'login.' . $phpEx; $l_login_logout = $lang['Login']; } $t = isset($userdata['session_logged_in']) ? $userdata['user_lastvisit'] : null; $s_last_visit = create_date($board_config['default_dateformat'], $t, $board_config['board_timezone']); if (defined('SHOW_ONLINE')) { new show_online(); } // // Obtain number of new private messages // if user is logged in //
<?php define('DarkCoreCMS', TRUE); include 'config.php'; include 'functions/vote_functions.php'; include 'functions/global_functions.php'; if (isset($_POST['pbid'])) { $site_data = getSite_data_byID(4); $do_vote = vote($_POST['pbid'], $_GET['siteid']); if ($day_number == 6 || $day_number == 0) { add_points($_POST['pbid'], $site_data['end_week_points']); } else { add_points($_POST['pbid'], $site_data['points']); } } else { header('Location: ../'); }
function save() { $text = clear("text"); $add_comment = clear("add_comment"); $del = clear("del"); $edit_ok = clear("edit_ok"); $edit_id = clear("edit_id"); $is_spoiler = checkbox_value(clear("is_spoiler")); //pridavani prispevku if ($add_comment) { if (!$this->uid) { go_out(); } if (!$text) { $this->msg->set_text($this->l->t("empty_comment"), "error"); return 0; } //kontrola pripadne minimalni delky if ($this->short_posts != 'allowed') { $len = strlen(no_dia($text)); if ($len < 100) { $this->msg->set_text($this->l->t("short_comment", $len), "error"); $this->show_text = "yes"; return 0; } } //pokud jde o knihu, kontrola zda-li j*z nejaky komentar nevlozil if ($this->type == 'book' || $this->type == 'author' || $this->type == 'selfpublishing') { $sql = sql_query("select id from comments\n\t\t where (item = '" . $this->item . "'\n\t\t and type = '" . $this->type . "'\n\t\t and user = '******')"); $data = sql_fetch_object($sql); if ($data->id) { $this->msg->set_text($this->l->t("comment_exists"), "error"); $this->show_text = "yes"; return 0; } } //pokud jde o selfpublishing, kontrolujeme ze knihu koupil if ($this->type == 'selfpublishing') { if ($this->has_selfpublishing_bought()) { $this->msg->set_text($this->l->t("not_bought"), "error"); $this->show_text = "yes"; return 0; } } $sql = sql_query("insert into comments\n (type, item, user, text, time, is_spoiler)\n values\n ('" . $this->type . "', '" . $this->item . "',\n '" . $this->uid . "', '" . $text . "', '" . time() . "', '" . $is_spoiler . "')"); if ($sql) { //oznameni vsem kteri sleduji komentare $comment_id = mysql_insert_id(); $this->msg->set_text($this->l->t("add_ok")); if ($this->type == 'book') { $this->sent_notice($comment_id); } //pridame body add_points($this->uid, 3, 'comments'); } } //mazani prispevku if ($del) { //kontrola zda-li je jeho a nenni starsi nez 24 hodin $sql = sql_query("select user, time\n from comments\n where (id = '{$del}')"); $data = sql_fetch_object($sql); if ($data->user == $this->uid) { //mazani $sql = sql_query("delete from comments\n where (id = '{$del}')"); if ($sql) { $this->msg->set_text($this->l->t("del_ok")); //odebrani bodu add_points($this->uid, -3, "comments"); } } } //uprava prispevku if ($edit_ok) { //kontrola zda-li je jeho a nenni starsi nez 24 hodin $sql = sql_query("select user, time\n from comments\n where (id = '{$edit_id}')"); $data = sql_fetch_object($sql); $time = time() - 24 * 3600; // && $time < $data->time - moznost mazani pouze 24 hodin po napsani prozatim zrusena if ($data->user == $this->uid) { if ($this->short_posts != 'allowed') { $len = strlen(no_dia($text)); if ($len < 100) { $this->msg->set_text($this->l->t("short_comment", $len), "error"); $this->show_text = "yes"; return 0; } } //uprava $sql = sql_query("update comments\n set text = '{$text}', is_spoiler = '{$is_spoiler}'\n where (id = '{$edit_id}')"); if ($sql) { $this->msg->set_text($this->l->t("edit_ok")); $this->show_text = ''; $_GET['edit'] = ''; } } } //ulozeni / zruseni zasilani novych komentaru $notice_on = clear("notice_on"); $notice_off = clear("notice_off"); if ($notice_on && $this->type == 'book' && $this->uid) { //pripadne smazani kdyby slo o opakovany request $sql = sql_query("delete from comments_notice\n where (user = '******' and book = '" . $this->item . "')"); $sql = sql_query("insert into comments_notice\n (user, book)\n values\n ('" . $this->uid . "', '" . $this->item . "')"); if ($sql) { $this->msg->set_text($this->l->t("notice_on_msg")); } } if ($notice_off && $this->type == 'book' && $this->uid) { $sql = sql_query("delete from comments_notice\n where (user = '******' and book = '" . $this->item . "')"); if ($sql) { $this->msg->set_text($this->l->t("notice_off_msg")); } } }
$message = $user->lang['BANK_ERROR_MUCH_WITHDRAW'] . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=bank") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } elseif ($withdraw == $withdrawtotal_check) { $withdrawtotal = $withdraw + $fees; } else { $withdrawtotal = round($withdraw / 100 * $points_values['bank_fees']) + $withdraw; } } else { $withdrawtotal = 0; } if ($row['holding'] < $withdrawtotal) { $message = sprintf($user->lang['BANK_ERROR_NOT_ENOUGH_WITHDRAW'], $config['points_name']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=bank") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>'; trigger_error($message); } // Transfer points to users cash account add_points($user->data['user_id'], $withdraw); // Update users bank account $sql_array = array('SELECT' => 'holding, totalwithdrew', 'FROM' => array(POINTS_BANK_TABLE => 'b'), 'WHERE' => 'user_id = ' . (int) $user->data['user_id']); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); $user_bank = $db->sql_fetchrow($result); $user_holding = $user_bank['holding']; $user_totalwithdrew = $user_bank['totalwithdrew']; $db->sql_freeresult($result); $data = array('holding' => $user_holding - $withdrawtotal, 'totalwithdrew' => $user_totalwithdrew + $withdraw); $sql = 'UPDATE ' . POINTS_BANK_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $data) . ' WHERE user_id = ' . (int) $user->data['user_id']; $db->sql_query($sql); trigger_error(' ' . $user->lang['BANK_HAVE_WITHDRAW'] . ' ' . sprintf(number_format_points($withdraw)) . ' ' . $config['points_name'] . ' ' . $user->lang['BANK_FROM_ACCOUNT'] . '. <br />' . $user->lang['BANK_NEW_BALANCE'] . ' ' . sprintf(number_format_points($row['holding'] - $withdrawtotal)) . ' ' . $config['points_name'] . '.<br />' . $user->lang['BANK_NOW_HAVE'] . ' ' . sprintf(number_format_points($user->data['user_points'] + $withdraw)) . ' ' . $config['points_name'] . ' ' . $user->lang['BANK_ON_HAND'] . '.<br /><br />' . sprintf($user->lang['BANK_BACK_TO_BANK'], '<a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=bank") . '">', '</a>') . sprintf('<br />' . $user->lang['BANK_BACK_TO_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.{$phpEx}") . '">', '</a>')); } else {