require $config['BASE_DIR'] . '/classes/filter.class.php';
require $config['BASE_DIR'] . '/include/compat/json.php';
require $config['BASE_DIR'] . '/include/adodb/adodb.inc.php';
require $config['BASE_DIR'] . '/include/dbconn.php';
require $config['BASE_DIR'] . '/include/function_user.php';
$response = array('status' => 0, 'msg' => '', 'debug' => '');
if (isset($_POST['game_id'])) {
if (isset($_SESSION['uid'])) {
$filter = new VFilter();
$gid = $filter->get('game_id', 'INTEGER');
$uid = intval($_SESSION['uid']);
$sql = "SELECT UID FROM game WHERE GID = " . $gid . " LIMIT 1";
$rs = $conn->execute($sql);
if ($conn->Affected_Rows() === 1) {
$game = $rs->getrows();
if ($uid == $game[0][0]) {
deleteGame($gid);
$response['status'] = 1;
$response['msg'] = show_msg_mb($lang['ajax.delete_game_success']);
} else {
$response['msg'] = show_err_mb($lang['ajax.delete_game_failed']);
}
} else {
$response['msg'] = show_err_mb($lang['ajax.delete_game_failed']);
}
} else {
$response['msg'] = show_err_mb($lang['ajax.delete_game_login']);
}
}
echo json_encode($response);
die;
<?php
defined('_VALID') or die('Restricted Access!');
if ($config['photo_module'] == '0') {
die;
}
require $config['BASE_DIR'] . '/classes/filter.class.php';
require $config['BASE_DIR'] . '/include/adodb/adodb.inc.php';
require $config['BASE_DIR'] . '/include/dbconn.php';
require $config['BASE_DIR'] . '/include/compat/json.php';
$data = array('status' => 0, 'msg' => '');
if (isset($_POST['photo_id'])) {
if (isset($_SESSION['uid'])) {
$filter = new VFilter();
$pid = $filter->get('photo_id', 'INTEGER');
$uid = intval($_SESSION['uid']);
$sql = "DELETE FROM photo_favorites WHERE UID = " . $uid . " AND PID = " . $pid . " LIMIT 1";
$conn->execute($sql);
$data['status'] = 1;
$data['msg'] = show_msg_mb($lang['ajax.remove_fav_photo_success']);
} else {
$response = show_err_mb($lang['ajax.remove_fav_photo_login']);
}
} else {
$data['msg'] = 'Invalid request!?';
}
echo json_encode($data);
die;
require $config['BASE_DIR'] . '/include/compat/json.php';
require $config['BASE_DIR'] . '/include/adodb/adodb.inc.php';
require $config['BASE_DIR'] . '/include/dbconn.php';
$data = array('status' => 0, 'msg' => '', 'debug' => '');
if (isset($_POST['item_id']) && isset($_POST['flag_id']) && isset($_POST['message'])) {
$filter = new VFilter();
$game_id = $filter->get('item_id', 'INTEGER');
$flag_id = $filter->get('flag_id');
$flag_message = $filter->get('message');
if (isset($_SESSION['uid'])) {
$uid = intval($_SESSION['uid']);
if ($flag_id == '' or strlen($flag_id) > 14) {
$data['msg'] = show_err_mb($lang['ajax.flag_invalid']);
} else {
$sql = "SELECT GID FROM game_flags WHERE GID = " . $game_id . " AND UID = " . $uid . " LIMIT 1";
$conn->execute($sql);
if ($conn->Affected_Rows() == 1) {
$data['msg'] = show_err_mb($lang['ajax.flag_game_exists']);
} else {
$sql = "INSERT INTO game_flags (GID, UID, reason, message, add_date)\n VALUES (" . $game_id . ", " . $uid . ", '" . mysql_real_escape_string($flag_id) . "',\n '" . mysql_real_escape_string($flag_message) . "', '" . date('Y-m-d') . "')";
$conn->execute($sql);
$data['status'] = 1;
$data['msg'] = show_msg_mb($lang['ajax.flag_game_success']);
}
}
} else {
$data['msg'] = show_err_mb($lang['ajax.flag_game_login']);
}
}
echo json_encode($data);
die;
$conn->execute($sql);
$sql = "UPDATE signup SET points = points-2 WHERE UID = " . $fid . " LIMIT 1";
$conn->execute($sql);
$message = $lang['ajax.reject_friend_success'];
$sql = "SELECT u.username, u.email, p.friend_request FROM signup AS u, users_prefs AS p \n WHERE u.UID = " . $fid . " AND u.UID = p.UID LIMIT 1";
$rs = $conn->execute($sql);
if ($conn->Affected_Rows() === 1 && $rs->fields['friend_request'] == '1') {
$to = $rs->fields['email'];
$receiver = $rs->fields['username'];
$sql = "SELECT username FROM signup WHERE UID = " . $uid . " LIMIT 1";
$rs = $conn->execute($sql);
if ($conn->Affected_Rows() === 1) {
$username = $rs->fields['username'];
require $config['BASE_DIR'] . '/classes/email.class.php';
$mail = new VMail();
$search = array('{$site_title}', '{$username}', '{$baseurl}', '{$site_name}', '{$receiver}');
$replace = array($config['site_title'], $username, $config['BASE_URL'], $config['site_name'], $receiver);
$mail->sendPredefined($to, 'request_rejected', $search, $replace);
}
}
} else {
$message = $lang['ajax.reject_friend_missing'];
}
} else {
$message = $lang['ajax.reject_friend_login'];
}
} else {
$message = 'Invalid request!?';
}
echo show_msg_mb($message);
require $config['BASE_DIR'] . '/include/adodb/adodb.inc.php';
require $config['BASE_DIR'] . '/include/dbconn.php';
$data = array('status' => 0, 'msg' => '', 'debug' => '');
if (isset($_POST['item_id']) && isset($_POST['flag_id']) && isset($_POST['message'])) {
$filter = new VFilter();
$photo_id = $filter->get('item_id', 'INTEGER');
$flag_id = $filter->get('flag_id');
$flag_message = $filter->get('message');
if (isset($_SESSION['uid'])) {
$uid = intval($_SESSION['uid']);
if (strlen($flag_id) > 14) {
$data['msg'] = show_err_mb($lang['ajax.flag_invalid']);
} else {
$sql = "SELECT PID FROM photo_flags WHERE PID = " . $photo_id . " AND UID = " . $uid . " LIMIT 1";
$conn->execute($sql);
if ($conn->Affected_Rows() == 1) {
$data['msg'] = show_err_mb($lang['ajax.flag_photo_exists']);
} else {
$sql = "INSERT INTO photo_flags (PID, UID, reason, message, add_date)\n VALUES (" . $photo_id . ", " . $uid . ", '" . mysql_real_escape_string($flag_id) . "',\n '" . mysql_real_escape_string($flag_message) . "', '" . date('Y-m-d') . "')";
$data['debug'] = $sql;
$conn->execute($sql);
$data['status'] = 1;
$data['msg'] = show_msg_mb($lang['ajax.flag_photo_success']);
}
}
} else {
$data['msg'] = show_err_mb($lang['ajax.flag_photo_login']);
}
}
echo json_encode($data);
die;
$sql_add[] = "'" . mysql_real_escape_string($user) . "'";
}
$sql = "SELECT email FROM signup WHERE username in (" . implode(',', $sql_add) . ")";
$rs = $conn->execute($sql);
$users_emails = $rs->getrows();
foreach ($users_emails as $user) {
$emails[] = $user['email'];
}
}
if (!$emails) {
$data['msg'] = show_err_mb($lang['ajax.share_recipient_valid']);
} else {
$sql = "SELECT title FROM game WHERE GID = " . $game_id . " LIMIT 1";
$rs = $conn->execute($sql);
if ($conn->Affected_Rows() == 1) {
$title = $rs->fields['title'];
$url = '<a href="' . $config['BASE_URL'] . '/game/' . $game_id . '/' . prepare_string($title) . '">' . $config['BASE_URL'] . '/game/' . $game_id . '/' . prepare_string($title) . '</a>';
$search = array('{$site_name}', '{$site_title}', '{$sender_name}', '{$message}', '{$baseurl}', '{$game_link}');
$replace = array($config['site_name'], $config['site_title'], $from, $message, $config['BASE_URL'], $url);
$mail = new VMail();
$mail->sendPredefined($emails, 'share_game', $search, $replace);
$data['status'] = 1;
$data['msg'] = show_msg_mb($lang['ajax.share_success']);
} else {
$data['msg'] = show_err_mb($lang['ajax.share_game_failed']);
}
}
}
}
echo json_encode($data);
die;
<?php
defined('_VALID') or die('Restricted Access!');
require $config['BASE_DIR'] . '/classes/filter.class.php';
require $config['BASE_DIR'] . '/include/adodb/adodb.inc.php';
require $config['BASE_DIR'] . '/include/dbconn.php';
require $config['BASE_DIR'] . '/include/compat/json.php';
$data = array('status' => 0, 'msg' => '');
if (isset($_POST['video_id'])) {
if (isset($_SESSION['uid'])) {
$filter = new VFilter();
$vid = $filter->get('video_id', 'INTEGER');
$uid = intval($_SESSION['uid']);
$sql = "DELETE FROM playlist WHERE UID = " . $uid . " AND VID = " . $vid . " LIMIT 1";
$conn->execute($sql);
$data['status'] = 1;
$data['msg'] = show_msg_mb($lang['ajax.remove_playlist_success']);
} else {
$data['msg'] = show_err_mb($lang['ajax.remove_playlist_login']);
}
}
echo json_encode($data);
die;