static function Init() { //&$con parent::Init(); if (!isset($install)) { $result = Query::query('SELECT * FROM tbl_settings'); while ($get_setting = $result->fetch_array()) { Settings::Set($get_setting['key'], $get_setting['value']); } Settings::Set($get_setting['table_prefix'], 'tbl_'); } //Template Settings $template = array(); $template['homepage_game_limit'] = 3; // Number of games to show per caregory on the homepage $template['homepage_order'] = 'newest'; // Rating stars $template['rating_star'] = 'star.png'; $template['rating_half_star'] = 'half_star.png'; $template['rating_empty_star'] = 'empty_star.png'; // Highscore image $template['highscore_image'] = '<img src="' . '' . '/images/trophy_smaller.png" />'; //$setting['site_url'] // Display settings $template['new_game_columns'] = 2; $template['new_game_number'] = 6; $template['category_columns'] = 2; // Number of game columns on the category page $template['homepage_columns'] = 2; // Number of category columns on the homepage $template['random_game_limit'] = 5; // Number of games to show in the random games section $template['games_per_page'] = 30; // Number of games to show per page in categories $template['category_game_chars'] = 25; // The character limit for game names in categories $template['category_game_desc_chars'] = 55; // The character limit for game descriptions in categories $template['home_game_chars'] = 25; // The character limit for game names in categories $template['home_game_desc_chars'] = 145; // The character limit for game descriptions in categories $template['random_game_chars'] = 25; // The character limit for the random game names $template['random_game_desc_chars'] = 110; // The character limit for the random game descriptions $template['module_max_chars'] = 25; // The character limit modules (game names, news) $template['player_module_max_chars'] = 20; // The character limit modules (game names, news) // Module Settings $template['categories_menu_seperator'] = ' '; $template['user_menu_seperator'] = ' '; $template['pages_menu_seperator'] = ' | '; foreach ($template as $key => $value) { Settings::Set($key, $value); $template = NULL; } }
static function Init() { if (User::login_check(Query::$mysqli) == true) { $u = Query::query('SELECT * FROM Players WHERE PlayerID=' . $_SESSION['user_id'])->fetch_assoc(); User::Set('id', $u['PlayerID']); User::Set('AvatarType', $u['AvatarType']); User::Set('Username', $u['Username']); } }
public function main($user) { //loadLanguageFile('play'); include '../lang/English.php'; include '../lang/sk/play.php'; if ($user['login_status'] == 1) { $friends_q = Query::query("SELECT tbl_users.*\r\n\t FROM tbl_friends\r\n\t LEFT JOIN tbl_users \r\n\t ON tbl_friends.user2 = tbl_users.id\r\n\t WHERE tbl_friends.user1 = {$user['id']}"); $f = []; $this->set('friend_num', $friends_q->num_rows); //echo '<div class="friend_con" id="fcf"><div id="title">Friends</div>'; if ($friends_q->num_rows) { while ($friends = $friends_q->fetch_assoc()) { $friends['url'] = Utils::ProfileUrl($friends['id'], $friends['seo_url']); //$friend['avatar_url'] = AvatarUrl($friend['avatar'], $friend['facebook'], $friend['facebook_id']); $friends['avatar'] = Utils::getAvatar($friends['id'], $friends['usrAvatarType']); //$friend['last_activity'] = FormatDate($friend['last_activity'], 'time'); $friends['buttons'] = '<a href="message/send/' . $friends['id'] . '"><img src="img/friend_message.png" /></a> <a href="friends#" onclick="ManageFriend(' . $friends['id'] . ', \'delete_friend\', \'friends_page\');return false"><img src="img/friend_delete.png" /></a>'; //include($setting['template'] . '/' . $template['sec_friend']); array_push($f, $friends); } $this->set('friends', $f); } else { echo '<div class="no_friends">NO_FRIENDS</div>'; } //echo '</div>'; $requests_q = Query::query("SELECT tbl_users.*\r\n\t FROM tbl_friend_requests\r\n\t LEFT JOIN tbl_users \r\n\t ON tbl_friend_requests.from_user = tbl_users.id\r\n\t WHERE tbl_friend_requests.to_user = {$user['id']}"); $r = []; $this->set('friend_requests_num', $requests_q->num_rows); //echo '<div class="friend_con" id="fcfr"><div id="title">Friend Requests</div>'; if ($requests_q->num_rows) { while ($friend_requests = $requests_q->fetch_assoc()) { $friend_requests['url'] = Utils::ProfileUrl($friend_requests['id'], $friend_requests['seo_url']); //$friend['avatar_url'] = AvatarUrl($friend['avatar'], $friend['facebook'], $friend['facebook_id']); $friend_requests['avatar'] = Utils::getAvatar($friend_requests['id'], $friend_requests['usrAvatarType']); //$friend['last_activity'] = FormatDate($friend['last_activity'], 'time'); $friend_requests['buttons'] = '<a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ManageFriend(' . $friend_requests['id'] . ', \'accept_request\', \'friends_page\');return false"><img src="img/friend_add.png" /></a> <a href="friends#" onclick="ManageFriend(' . $friend_requests['id'] . ', \'delete_request\', \'friends_page\');return false"><img src="img/friend_delete.png" /></a>'; //include($setting['template'] . '/' . $template['sec_friend']); array_push($r, $friend_requests); } $this->set('friend_requests', $r); } else { //echo '<div class="no_friends">NO_FRIENDS</div>'; } //echo '</div>'; } else { echo FRIENDS_LOGIN; } $this->render('Friends'); //$this->set('messages', $pm['messages']); //$this->render($page); }
public function main() { $vars = array(); $result = Query::query("SELECT * FROM News ORDER BY id DESC LIMIT 1"); while ($row = $result->fetch_assoc()) { $content = strip_tags($row['content']); if (strlen($content) > 65) { $content = substr($content, 0, 65) . "..."; } $news_url = Utils::NewsUrl($row['id'], $row['seo_url']); $date = $row['date']; $news_item['url'] = $news_url; $news_item['title'] = $row['title']; $news_item['date'] = $date; $news_item['content'] = $content; array_push($vars, $news_item); } $this->set('newses', $vars); $this->render("NewsSmall"); }
public function main() { $result = Query::query('SELECT * FROM favorites f, tbl_games g WHERE g.game_id = f.game_id AND f.user_id=' . $this->request['id'] . ' LIMIT 16'); $favs = $result->num_rows; $vars = array(); if ($favs == 0) { echo PROFILE_NO_FAVS; } else { while ($rows = $result->fetch_assoc()) { $file = Utils::TitleToFile($rows['title']); $game['gameTitle'] = $rows['title']; $game['gameDesc'] = $rows['desc']; $game['url'] = 'view/' . $rows['game_id']; $game['image_url'] = Utils::FileToGameImageURL($file, "png"); array_push($vars, $game); } } $this->set('games', $vars); $this->render("ProfileTile"); }
public function main() { $vars = array(); $report_permissions = Settings::Get('report_permissions'); $site_url = Settings::Get('site_url'); $id = $this->request['id']; $result = Query::query('SELECT * FROM NewsComments WHERE link_id=' . $id . ' ORDER BY id desc'); while ($row = $result->fetch_assoc()) { $user2 = Query::query('SELECT * FROM tbl_users WHERE id=' . $row['user'] . ' LIMIT 1')->fetch_assoc(); $comment = array('username' => $user2['username'], 'content' => nl2br($row['comment']), 'user_points' => $user2['points']); //$seo_username = seoname($user2['username']); $this->set('username', $user2['username']); $this->set('content', nl2br($row['comment'])); $this->set('user_points', $user2['points']); $this->set('user_url', Utils::ProfileUrl($user2['id'], $user2['seo_url'])); $this->set('id', $row['id']); $admin = 1; if ($admin == 1) { $this->set('delete', '<a href="#" onclick="DeleteNewsComment(' . $row['id'] . ', ' . "'" . $site_url . "'" . '); return false">Delete</a>'); $this->set('report_button', '<a href="admin/?task=manage_users#page=1&ip=' . $row['ip'] . '"><img src="img/report.png" title="' . $row['ip'] . '" style="vertical-align:middle;"/></a>'); } else { $this->set('delete', ''); if ($report_permissions == "1" || $report_permissions == "2" && $user['login_status'] == 1) { $this->set('report_button', '<a href="#" onclick="ShowPopup(\'ava-popup\', \'' . $site_url . '/includes/forms/comment_report_form.php?id=' . $row['id'] . '&type=2\', \'Report comment\'); return false"><img src="img/report.png" title="' . REPORT . '" style="vertical-align:middle;"/></a>'); } else { $this->set('report_button', ''); } } if ($user2['usrAvatarType'] == '') { $this->set('avatar_url', $site_url . '/uploads/avatars/default.png'); } else { $this->set('avatar_url', $site_url . '/uploads/avatars/' . $user2['id'] . $user2['usrAvatarType']); } if ($row['date'] != '0000-00-00 00:00:00') { $this->set('date', Utils::FormatDate($row['date'], 'time')); } else { $this->set('date', ''); } $this->render("NewsComments"); } }
public function main() { $vars = array(); $result = Query::query("SELECT * FROM Players ORDER BY Points DESC LIMIT 10"); while ($row = $result->fetch_assoc()) { $name = Utils::shortenStr($row['Username'], Settings::Get('module_max_chars')); $player['username'] = htmlspecialchars($name); $player['url'] = Utils::ProfileUrl($row['PlayerID'], $row['Username']); if ($row['AvatarType'] == '') { $player['avatar_url'] = 'uploads/avatars/default.png'; } else { $player['avatar_url'] = 'uploads/avatars/' . $row['PlayerID'] . $row['AvatarType']; } if ($row['Points'] != '') { $player['points'] = ' (' . $row['Points'] . ' ' . __HOME_MISC_POINTS . ')'; } else { $player['points'] = ' (0 ' . __HOME_MISC_POINTS . ')'; } array_push($vars, $player); } $this->set('players', $vars); $this->render("TopPlayers"); }
public function main() { //loadLanguageFile('play'); include '../lang/English.php'; include '../lang/sk/play.php'; /*if (isset($_GET['name'])) { $seo_url = mysql_secure($_GET['name']); $result = $mysqli->query('SELECT * FROM tbl_games WHERE seo_url ='.$seo_url);// AND published=1 } else { $result = $mysqli->query('SELECT * FROM tbl_games WHERE game_id ='.$id);// AND published=1 }*/ $result = Query::query('SELECT * FROM Games WHERE GameID =' . $this->request[0]); // AND published=1 $game_exists = $result->num_rows; if ($game_exists != 0) { if (isset($_COOKIE['ava_username'])) { $show = 1; } } else { // Game not found header("HTTP/1.0 404 Not Found"); include 'includes/misc/404.php'; exit; } Query::query('UPDATE Games SET Plays = Plays+1 WHERE GameID = ' . $this->request[0]); Query::query('UPDATE Games SET PlaysM = PlaysM+1 WHERE GameID = ' . $this->request[0]); Query::query('UPDATE Games SET PlaysW = PlaysW+1 WHERE GameID = ' . $this->request[0]); $row2 = $result->fetch_assoc(); $id = $row2['GameID']; //$game = $row2; $this->set('id', $row2['GameID']); $this->set('site_url', Settings::Get('site_url')); $this->set('game_id', $row2['GameID']); $this->set('plays', $row2['Plays']); $this->set('content', $row2['Content']); $this->set('scores', $row2['Scores']); $this->set('width', $row2['Width']); $this->set('height', $row2['Height']); $this->set('type', $row2['Type']); $this->set('title', $row2['Title']); $this->set('name', Utils::getTranslation($row2['Key'], "TITLE", $row2['Title'])); $this->set('description', Utils::getTranslation($row2['Key'], "DESC", $row2['Desc'])); $this->set('instruction', Utils::getTranslation($row2['Key'], "INSTR", $row2['Instr'])); if ($row2['Type'] == 'swf' && Settings::Get('fullscreen_mode') == 1) { $this->set('full_screen_url', '<a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ResizeFlash(' . $row2['Height'] . ', ' . $row2['Width'] . '); return false"><img src="/boxarcade/img/tool_fullscreen.jpg"/></a>'); } else { $this->set('full_screen_url', '<a href="' . Settings::Get('site_url') . '/full_screen.php?id=' . $id . '"><img src="/boxarcade/img/tool_fullscreen.jpg"/></a>'); } //if ($user['login_status'] != 0) { if (1 == 0) { $this->set('rating', round(Query::query('SELECT rating FROM tbl_games WHERE game_id = ' . $id)->fetch_row()[0])); $this->set('user_rated', Query::query('SELECT COUNT(*) as Num FROM tbl_votes WHERE user_id=' . $user['id'] . ' AND game_id=' . $id)->fetch_row()[0]); } else { $this->set('rating', 0); $this->set('user_rated', 0); } $row_cat = Query::query('SELECT catName FROM tbl_game_categories WHERE catID=' . $row2['CatID'])->fetch_assoc(); $this->set('catID', $row2['CatID']); $this->set('category', $row_cat['catName']); $this->set('date_added', Utils::FormatDate($row2['DateAdded'], 'date')); $this->set('image_url', Utils::GameImageUrl(Utils::TitleToFile($row2['Title']) . "." . $row2['Type'], 1, Utils::TitleToFile($row2['Title']))); // Favorite game button $this->set('login_status', 1); //if ($user['login_status'] == 1) { //if(1==0) { if (User::login_check(Query::$mysqli) == true) { $user_id = $_SESSION['user_id']; $user_fav_yet = Query::query('SELECT COUNT(user_id) FROM favorites WHERE user_id=' . $user_id . ' AND game_id=' . $id)->fetch_row()[0]; if ($user_fav_yet >= 1) { $this->set('fav_game', '<a id="favo" href="' . $_SERVER['REQUEST_URI'] . '#" onclick="EditFav(' . $row2['GameID'] . ', 1,\'' . Settings::Get('site_url') . '\', \'<img src="/boxarcade/img/tool-unfavorite.jpg" />\', \'<img src="/boxarcade/img/tool-favorite.jpg" />\', ' . $user_id . ' ); return false"><img src="/boxarcade/img/tool-unfavorite.jpg"/></a>'); } else { $this->set('fav_game', '<a id="favo" href="' . $_SERVER['REQUEST_URI'] . '#" onclick="EditFav(' . $row2['GameID'] . ', 0,\'' . Settings::Get('site_url') . '\', \'<img src="/boxarcade/img/tool-unfavorite.jpg" />\', \'<img src="/boxarcade/img/tool-favorite.jpg" />\', ' . $user_id . ' ); return false"><img src="/boxarcade/img/tool-favorite.jpg"/></a>'); } } else { $this->set('fav_game', '<a href="' . Settings::Get('site_url') . '/index.php?task=login"><img src="/boxarcade/img/tool-favorite.jpg"/></a>'); } // Report game button if (Settings::Get('report_permissions') == "1" || Settings::Get('report_permissions') == "2") { //&& $user['login_status'] == 1) { $this->set('report_game', '<a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ShowPopup(\'ava-popup\', \'' . Settings::Get('site_url') . '/includes/overlays/report.php?id=' . $row2['GameID'] . '\', \'' . GAME_REPORT . '\'); return false"><img src="/boxarcade/img/tool-report.png"/></a>'); } $this->set('report_bug', '<a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ShowPopup(\'ava-popup\', \'' . Settings::Get('site_url') . '/includes/overlays/report.php?id=' . $row2['GameID'] . '\', \'Bug Report\'); return false"><img src="/boxarcade/img/tool-bug.jpg"/></a>'); $this->set('send', '<a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ShowPopup(\'ava-popup\', \'' . Settings::Get('site_url') . '/includes/overlays/send_game.php?id=' . $row2['GameID'] . '\', \'Send Game\'); return false"><img src="/boxarcade/img/tool-send.jpg"/></a>'); // Define the overall rating for use in the template $this->set('rating_image', ''); //GenerateRating(3); //$row2['rating']); // Define the 'new rating' section for the template if (isset($_COOKIE["ava_username"]) || 42 == 42) { } else { $this->set('new_rating_form', GAME_LOGIN_TO_RATE); } // If admin is logged in, show admin options //if ($user['admin'] == 1) { if (1 == 0) { $this->set('admin_options', '<a href="' . $setting['site_url'] . '/admin/?task=manage_games#id=' . $id . '"><img src=".' . $setting['template_url'] . '/images/edit.gif"/></a>'); } else { $this->set('admin_options', ''); } $did = $row2['DevID']; $usr = Query::query('SELECT username, id, usrAvatarType, seo_url FROM tbl_users WHERE id=' . $did . ' LIMIT 1')->fetch_assoc(); $this->set('user_avatar', Utils::getAvatar($usr['id'], $usr['usrAvatarType'])); //'uploads/avatars/' . $usr['id'] . $usr['usrAvatarType']; $this->set('user_name', $usr['username']); $this->set('profile', Utils::ProfileUrl($usr['id'], $usr['seo_url'])); $this->set('show', '$show'); $this->set('admin', ''); //$user['admin']; $this->set('login_status', ''); //$user['login_status']; //EmbedGame // Does this game have an advert set? /*if (/* $row2['advert_id'] *42 == 1) $ad_id = $setting['default_ad']; else $ad_id = 2; //$row2['advert_id'];*/ $ad_id = 2; // Is the user supposed to see the ad? if (Settings::Get('user_ads') == 1) { if ($user['login_status'] == 1) { $user_show_ad = 0; } else { $user_show_ad = 1; } } else { if (Settings::Get('user_ads') == 2) { if ($user['admin'] == 1) { $user_show_ad = 0; } else { $user_show_ad = 1; } } else { $user_show_ad = 1; } } if (defined("PRELOAD_INFO")) { $plm = PRELOAD_INFO; $cts = CLICK_TO_SKIP; } else { $plm = 'Advertisement: Your game is loading'; $cts = 'click here to skip'; } $this->set('ad_id', $ad_id); $this->set('skip_ads', Settings::Get('skip_ads')); $this->set('user_show_ad', $user_show_ad); $this->set('plm', $plm); $this->set('cts', $cts); // Resize flash if required if (isset($template['max_game_width']) && $width > $template['max_game_width']) { $gWidth = $row2['Width']; $gHeight = $row2['Height']; $h1 = $template['max_game_width'] / $gWidth; $h2 = $gHeight * $h1; $width = $template['max_game_width']; $height = $h2; } else { $width = $row2['Width']; $height = $row2['Height']; } $this->set('width', $width); $this->set('height', $height); //$this->set('type', $this->request['type']); //$this->set('title', $this->request['title']); $this->set('relgames', Game::getRelatedGames($id)); $this->set('comments', Comment::getComments($id)); $this->render("Pages/View"); }
/** * Helper function for calling $this->query->query() * * @see Query->query() * * @param array Query args * * @return array Stream Records */ function query($args) { return $this->query->query($args); }
static function getAd($ad) { $get_ad = Query::query("SELECT ad_content FROM tbl_ads WHERE ad_name = '{$ad}'")->fetch_array(); echo $get_ad['ad_content']; }
<?php include '../../../lib/sqlquery.class.php'; include '../../../lib/newmodel.class.php'; include '../../../app/models/Query.php'; include '../../../app/models/Settings.php'; include '../../../app/models/User.php'; include '../../../app/models/Utils.php'; $query = new SQLQuery(); $query->connect('localhost', 'root', '', 'boxarcade'); Settings::Init(); include '../../../lang/' . Settings::Get('language') . '.php'; User::sec_session_start(); User::Init(); $userid = intval($_SESSION['user_id']); if (User::login_check(Query::$mysqli) == true) { //$get_comment = Query::query("SELECT * FROM tbl_comments WHERE id='" . $_POST['id'] . "'")->fetch_assoc(); //Query::query("UPDATE tbl_users SET comments = comments - 1, points = points - $setting[points_comment] WHERE id='" . $get_comment['user'] . "'")->fetch_assoc(); $result = Query::query("DELETE FROM tbl_comments WHERE id='" . $_POST['id'] . "'"); echo $_POST['id']; echo 'Success'; } else { exit; }
public function main() { //loadLanguageFile('play'); include '../lang/English.php'; $utils = $this->factory->create('Utils'); $setting = $this->factory->create('Settings'); if (isset($_REQUEST['prevpage'])) { $prevpage = secure($_REQUEST['prevpage']); $pos = strpos($prevpage, 'register'); if ($pos !== false || $prevpage == '') { $prevpage = $setting->get('site_url'); } } else { $prevpage = $setting->get('site_url'); } if (isset($this->request[0]) && $this->request[0] == 1) { session_start(); if (!$_POST['username'] || !$_POST['password']) { header("Location: index.php?task=login&em=1&prevpage={$prevpage}"); } else { $username = $_POST['username']; $password = md5($_POST['password']); $sql = Query::query("SELECT * FROM tbl_users WHERE username='******' AND password='******' AND activate='1'"); $login_check = $sql->num_rows; if ($login_check > 0) { $row = $sql->fetch_assoc(); $user_id = $row['id']; if (isset($_POST['remember'])) { $time = time() + 60 * 60 * 24 * 100; setcookie("ava_username", $username, $time, '/boxarcade'); setcookie("ava_code", $password, $time, '/boxarcade'); setcookie("ava_userid", $user_id, $time, '/boxarcade'); } else { setcookie("ava_username", $username, '/boxarcade'); setcookie("ava_code", $password, '/boxarcade'); setcookie("ava_userid", $user_id, '/boxarcade'); } setcookie("inu", $username, $time, '/boxarcade'); setcookie("isp", $password, $time, '/boxarcade'); $_SESSION['inu'] = $username; $_SESSION['isp'] = $password; Query::query("INSERT INTO tbl_sessions(userName, userToken) VALUES('{$username}', '{$password}')") or die(mysql_error()); if (isset($_GET['action']) && $_GET['action'] == 'admin') { header("Location: admin"); } else { if (isset($_GET['nexttask'])) { if ($_GET['nexttask'] == 'login') { header("Location: index.php"); } else { header("Location: index.php?task=" . $_GET['nexttask'] . "&id=" . $_GET['nextid'] . ""); } } else { header("Location: " . urldecode($prevpage)); } } } else { header("Location: index.php?task=login&em=2&prevpage={$prevpage}"); } } } else { if (isset($_GET['action']) && $_GET['action'] == 'logout') { $pastdate = mktime(0, 0, 0, 1, 1, 1970); setcookie("ava_username", "", $pastdate); setcookie("ava_userid", "", $pastdate); setcookie("ava_code", "", $pastdate); setcookie("ava_iptrack", "", $pastdate); header("Location: index.php"); } else { // No info was submitted - user is requesting login form if (isset($_GET['em'])) { if ($_GET['em'] == 1) { $error_message = LOGIN_ERROR1; } else { $error_message = LOGIN_ERROR2; } } } } $this->render("Login"); }
public function main($user) { //loadLanguageFile('play'); include '../lang/English.php'; include '../lang/sk/play.php'; $news_item = array(); $news['newses'] = array(); //if (isset($_GET['id']) || isset($_GET['name'])) { if (isset($this->request[0])) { /*if (isset($_GET['id'])) { $id = intval($_GET['id']); $sql = mysql_query("SELECT * FROM news WHERE id=".$id." LIMIT 1"); } else { $name = mysql_secure($_GET['name']); $sql = mysql_query("SELECT * FROM news WHERE seo_url= '$name'"); }*/ $id = intval($this->request[0]); $count = Query::query("SELECT * FROM news WHERE id=" . $id . " LIMIT 1")->num_rows; if (!$count) { header("HTTP/1.0 404 Not Found"); include 'includes/misc/404.php'; exit; } $this->set('id', $id); } $news['rss_icon'] = '<a href="rss.php"><img valign="middle" src="img/rss_small.png" /></a>'; // If id isn't set, get the 10 newest news items. //if ((!isset($_GET['id'])) && (!isset($_GET['name']))) { if (!isset($this->request[0])) { if (!isset($_GET['page'])) { $page = 1; } else { $page = $_GET['page']; } $npp = 5; $from = $page * $npp - $npp; $sql = Query::query("SELECT * FROM news ORDER BY id DESC LIMIT {$from}, {$npp}"); } else { /*if (isset($_GET['id'])) { $sql = Query::query("SELECT * FROM news WHERE id=" . $id . " LIMIT 1"); } else { $name = Utils::secure($_GET['name']); $sql = Query::query("SELECT * FROM news WHERE seo_url= '$name' LIMIT 1"); }*/ $id = intval($this->request[0]); $sql = Query::query("SELECT * FROM news WHERE id=" . $id . " LIMIT 1"); } while ($row = $sql->fetch_assoc()) { $id = $row['id']; $sql2 = Query::query("SELECT * FROM tbl_users WHERE id='" . $row['user'] . "' LIMIT 1"); while ($row2 = $sql2->fetch_assoc()) { // Assign items to 'news' array for use in the template $news_item = array('title' => $row['title'], 'author' => $row2['username'], 'date' => $row['date'], 'main' => $row['content']); $news_item['user_url'] = Utils::ProfileUrl($row2['id'], $row2['seo_url']); $news_item['news_url'] = Utils::NewsUrl($row['id'], $row['seo_url']); $news_item['comments'] = Query::query("SELECT COUNT(*) as Num FROM NewsComments WHERE link_id={$row['id']}")->fetch_assoc()['Num']; $news_item['image_url'] = 'uploads/news_icons/' . $row['image']; // Include the template for news items //include $setting['template'] . '/' . $template['news_item']; array_push($news['newses'], $news_item); //$this->set('newses', $news_item); } } $this->set('newses', $news['newses']); //if ((!isset($_GET['id'])) && (!isset($_GET['name']))) { if (!isset($this->request[0])) { $total_results = Query::query("SELECT COUNT(*) as Num FROM news")->fetch_assoc()['Num']; $total_pages = ceil($total_results / $npp); if ($total_pages > 1) { echo '<div class="category_pages">'; if ($page > 1) { $prev = $page - 1; $url = NewsPagesUrl($prev); echo '<a href="' . $url . '"><< ' . PREVIOUS . '</a> '; } for ($i = 1; $i <= $total_pages; $i++) { $url = NewsPagesUrl($i); if ($page == $i) { echo '<b><a href="#">' . $i . '</a></b>'; } else { echo '<a href="' . $url . '">' . $i . '</a> '; } } if ($page < $total_pages) { $next = $page + 1; $url = NewsPagesUrl($next); echo '<a href="' . $url . '">' . NEXT . ' >></a> '; } echo '</div>'; } } $this->set('game_id', $id); $this->set('admin', $user['admin']); $this->set('login_status', $user['login_status']); $this->render('News'); }
function &save() { // This version creates the query on a per-call basis. // This is useful if some entries of an object to "update" haven't been loaded. // TODO: Implement a version that caches the prepared statement in other cases. $update = false; $sql = ""; $types = ''; $params = array(); /* Build up sql prepared statement and type string in parallel */ foreach ($this->columns() as $column) { $name = $column->name(); $value =& $this->values[$name]; if ($value === null) { continue; } if ($column->ignored()) { continue; } if ($name == 'id') { $update = $value ? $value : false; } else { $params[] =& $column->toDB($value); $sql .= " `{$name}`=?,"; $types .= $column->prepareCode(); } } $sql = trim($sql, ','); $table = $this->table()->name(); if (!$sql && $update !== false) { trigger_error("NO DATA IN DBRow update, table={$table},", E_USER_NOTICE); return; } if ($sql) { $sql = "set {$sql}"; } else { $sql = "() values()"; } if ($update === false) { $sql = "insert into `{$table}` {$sql}"; $query = new Query($sql, $types); $id = $query->insert($params); $this->values['id'] = $id; return $id; } else { $sql = "update `{$table}` {$sql} where id=?"; $params[] = $update; $types .= 'i'; $query = new Query($sql, $types); $query->query($params); } return $this; }
public function main() { //loadLanguageFile('play'); //include '../lang/English.php'; include '../lang/English.php'; $username = $this->request[0]; if (isset($this->request[1]) && $this->request[1] == 'update') { if (!empty($_FILES['img_file']) && $_FILES['img_file']['error'] == 0) { include 'includes/code/upload_avatar.php'; } $location = Utils::secure($_POST['usr']['loc']); $about = Utils::secure($_POST['usr']['bio']); $website = Utils::secure($_POST['usr']['site']); $pass = str_replace(' ', '', $_POST['usr']["pas"]); $id = $_SESSION['user_id']; Query::query("UPDATE Players SET Location='{$location}', About='{$about}', Website='{$website}' WHERE PlayerID='{$id}'") or die(mysql_error()); if ($pass != '') { echo 'PW Changes'; $password = md5($_POST['new_password']); setcookie("ava_code", $password); Query::query("UPDATE tbl_users SET password='******' WHERE id='{$id}'") or die(mysql_error()); } echo '<div id="error_message">' . PROFILE_UPDATED . "</div>"; $this->request[1] = 'edit'; } if (isset($this->request[1]) && $this->request[1] == 'edit') { if (User::login_check(Query::$mysqli) == true) { $row = Query::query('SELECT * FROM Players WHERE Username=\'' . $username . '\' LIMIT 1')->fetch_assoc(); $email = $row['Email']; $location2 = $row['Location']; $about2 = $row['About']; $website2 = $row['Website']; if ($row['AvatarType'] != '') { $avatar = $row['AvatarType']; } else { $avatar = 'default.png'; } } else { echo "You can only edit your own profile!"; } $this->set('id', $row['PlayerID']); $this->set('email', $email); $this->set('website2', $website2); $this->set('location2', $location2); $this->set('about2', $about2); $this->set('username', $username); if ($row['AvatarType'] == '') { $this->set('avatar', 'uploads/avatars/default.png'); } else { $this->set('avatar', 'uploads/avatars/' . $row['PlayerID'] . $row['AvatarType']); } $this->render("Pages/ProfileEdit"); } else { //id, comments, plays, ratings /*if (isset($_GET['name'])) { $seo_url = mysql_secure($_GET['name']); $sql = Query::query('SELECT * FROM tbl_users WHERE seo_url='.$seo_url.' LIMIT 1'); } else { $sql = Query::query('SELECT * FROM tbl_users WHERE id='.$id.' LIMIT 1'); }*/ $sql = Query::query('SELECT * FROM Players WHERE Username=\'' . $username . '\' LIMIT 1'); $user_exists = $sql->num_rows; if ($user_exists != 1) { header("HTTP/1.0 404 Not Found"); include 'includes/misc/404.php'; exit; } $row = $sql->fetch_assoc(); $profile = array(); $this->set('name', $row['Username']); $id = $row['PlayerID']; if ($row['Location'] == '') { $this->set('location', PROFILE_NO_INFO); } else { $this->set('location', $row['Location']); } if ($row['Website'] == '') { $this->set('website', PROFILE_NO_INFO); } else { $this->set('website', $row['Website']); } if ($row['Website'] == '') { $this->set('website_link', PROFILE_NO_INFO); } else { $this->set('website_link', '<a href="' . $row['Website'] . '">' . $row['Website'] . '</a>'); } if ($row['About'] == '') { $this->set('about', PROFILE_NO_INFO); } else { $this->set('about', $row['About']); } if ($row['Interests'] == '') { $this->set('interests', PROFILE_NO_INFO); } else { $this->set('interests', $row['Interests']); } if ($row['AvatarType'] == '') { $this->set('avatar', 'uploads/avatars/default.png'); } else { $this->set('avatar', 'uploads/avatars/' . $row['PlayerID'] . $row['AvatarType']); } //$profile['comments'] = $mysqli->query('SELECT COUNT(*) FROM '.$tp.'comments WHERE user='******'utils', ''); $this->set('id', $row['PlayerID']); $this->set('plays', $row['Plays']); $this->set('comment_count', $row['Comments']); $this->set('ratings', $row['Ratings']); if ($row['Points'] == '') { $this->set('points', 0); } else { $this->set('points', $row['Points']); } $this->set('admin', $row['Admin']); $this->set('join_date', $row['Joined']); $this->set('isdev', $row['Developer']); if (isset($_SESSION['user_id']) && $id == $_SESSION['user_id']) { $this->set('button1', '<a href="profile/' . $username . '/edit">' . PROFILE_EDIT . '</a>'); } else { $this->set('button1', '<a href="boxarcade/?task=send_message&id=' . $id . '">' . PROFILE_SEND_MESSAGE . '</a>'); } // Check if user is friend //if (($user['login_status'] == 1) && ($id != $user['id'])) { if (1 == 0) { $is_friend = $mysqli->query('SELECT * FROM ' . $tp . 'friends WHERE user1 = ' . $user['id'] . ' AND user2 =' . $id); if ($is_friend->num_rows) { $profile['button2'] = '<div id="friend_button"><a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ManageFriend(' . $row['id'] . ', \'delete_friend\', \'profile\');return false">UNFRIEND</a></div>'; } else { $request_pending = $mysqli->query('SELECT * FROM ' . $tp . 'friend_requests WHERE from_user ='******' AND to_user ='******'button2'] = '<div id="friend_button"><a href="' . $_SERVER['REQUEST_URI'] . '#">REQUEST_SENT</a></div>'; } else { $profile['button2'] = '<div id="friend_button"><a href="' . $_SERVER['REQUEST_URI'] . '#" onclick="ManageFriend(' . $row['id'] . ', \'send_request\', \'profile\');return false">ADD_FRIEND</a></div>'; } } } else { $this->set('button2', ''); } // If admin is logged in, show admin options //if ($user['admin'] == 1) { if (1 == 1) { $this->set('admin_edit', '<a href="admin/?task=manage_users#id=' . $id . '">Edit user</a>'); } else { $this->set('admin_edit', ''); } $result = Query::query('SELECT * FROM favorites f, Games g WHERE GameID=f.game_id AND f.user_id=' . $row['PlayerID'] . ' LIMIT 16'); $favs = $result->num_rows; $vars = array(); if ($favs == 0) { echo PROFILE_NO_FAVS; } else { while ($rows = $result->fetch_assoc()) { $file = Utils::TitleToFile($rows['Title']); $game['gameTitle'] = $rows['Title']; $game['gameDesc'] = $rows['Desc']; $game['url'] = 'view/' . $rows['GameID']; $game['image_url'] = "games/img/" . $file . ".png"; //Utils::FileToGameImageURL($file, "png"); array_push($vars, $game); } } $this->set('games', $vars); $result = Utils::query('SELECT * FROM tbl_badges as b, tbl_badge_relations as br WHERE b.badge_id=br.badge_id AND user_id=' . $row['PlayerID'] . ' LIMIT 6'); $favs = $result->num_rows; $vars = array(); if ($favs == 0) { echo PROFILE_NO_FAVS; } else { while ($rows = $result->fetch_assoc()) { $g = Utils::query('SELECT * from tbl_games WHERE game_id=' . $rows['game_id'])->fetch_assoc(); $file = Utils::TitleToFile($g['title']); $game['gameTitle'] = $g['title']; $game['title'] = $rows['name']; $game['game'] = $g['title']; $game['score'] = $rows['points']; $game['gameDesc'] = $rows['desc']; $game['url'] = Utils::GameUrl($g['game_id']); $game['image_url'] = $rows['image']; array_push($vars, $game); } } $this->set('badges', $vars); $vars = array(); /*if ($_GET['task'] == 'profile') { $result = $this->request['utils']->con->query('SELECT * FROM tbl_comments WHERE user='******' ORDER BY id DESC LIMIT 8'); } else { $result = $this->request['utils']->con->query('SELECT * FROM tbl_comments WHERE user='******' ORDER BY id DESC'); }*/ $result = Utils::query('SELECT * FROM tbl_comments WHERE user='******'PlayerID'] . ' ORDER BY id DESC LIMIT 8'); $total_results = $result->num_rows; if ($total_results == 0) { echo $row['Username'] . ' ' . PROFILE_NO_COMMENTS; } else { while ($row = $result->fetch_assoc()) { $game = Utils::query('SELECT * FROM Games WHERE GameID=' . $row['link_id'] . ' LIMIT 1')->fetch_assoc(); $comment['the_comment'] = nl2br($row['comment']); $comment['game_name'] = $game['Title']; $comment['date'] = $row['date']; $comment['game_url'] = 'view/' . $game['GameID']; //Utils::GameUrl($game['game_id']); ///$comment['game_img'] = Utils::FileToGameImageURL(Utils::TitleToFile($game['Title']), "png"); $file = Utils::TitleToFile($game['Title']); $comment['game_img'] = "games/img/" . $file . ".png"; if (1 == 1) { $comment['admin_options'] = ' <a href="admin/index.php?action=delete_comment&id=' . $row['id'] . '&link_id=' . $game['GameID'] . '"><img src="admin/images/delete.png" align="absmiddle" /></a>'; } array_push($vars, $comment); } } $this->set('comments', $vars); $this->render("Pages/Profile"); } }
/** Main Call Function **/ function callHook() { if (isset($_GET['url'])) { $url = $_GET['url']; } else { $url = "index"; } // Create the model factory $query = new SQLQuery(); $query->connect('localhost', 'root', '', 'boxarcade'); //$modelFactory = new ModelFactory($query); $settings = new Settings(); $login_check = 99; User::sec_session_start(); User::Init(); if (User::login_check(Query::$mysqli) == true) { $xuserid = intval($_SESSION['user_id']); $sql = Query::query("SELECT * FROM Players WHERE PlayerID={$xuserid}"); $get_user_info = $sql->fetch_assoc(); $user = array('usrLang' => $get_user_info['Language'], 'username' => $get_user_info['Username'], 'id' => intval($_SESSION['user_id']), 'points' => $get_user_info['Points'], 'login_status' => 1, 'messages' => $get_user_info['Messages'], 'seo_url' => $get_user_info['Username']); $user['ip'] = User::secure($_SERVER['REMOTE_ADDR']); // If not avatar, try to get one from fb or set a default if ($get_user_info['AvatarType'] == '') { $user['avatar'] = 'uploads/avatars/default.png'; } else { $user['avatar'] = 'uploads/avatars/' . $get_user_info['PlayerID'] . $get_user_info['AvatarType']; } $user['url'] = '/boxarcade/profile/' . $get_user_info['Username']; $user['message_url'] = 'messages'; $user['admin'] = $get_user_info['Admin']; $login_check = 1; // Update the user IP if this is a new session if (!isset($_COOKIE['ava_iptrack'])) { Query::query("UPDATE Players SET LastIP = '{$user['ip']}' WHERE PlayerID = {$user['id']}") or die(mysql_error()); setcookie("iptrack", '1'); } } else { $user['login_status'] = 0; $user['admin'] = 0; } // Prep the controller name and the query string $urlArray = explode("/", $url); $controller = ucwords($urlArray[0]); array_shift($urlArray); $queryString = array_merge($urlArray, $_POST, $_GET); // Call the header controller $h = new Header($modelFactory, [], true); call_user_func_array(array($h, 'main'), [$login_check, $user]); // Call the page controller $dispatch = new $controller($modelFactory, $queryString, false); call_user_func_array(array($dispatch, 'main'), [$user]); // If an action was sent, call the appropriate function in the controller if (isset($queryString['action']) && !empty($queryString['action'])) { if (is_string($queryString['action'])) { $method = $queryString['action']; } else { if (is_array($queryString['action'])) { list($a_key, $a_val) = each($_POST['action']); $method = 'btn' . ucwords($a_key) . '_Clicked'; } } if (method_exists($dispatch, $method) && is_callable(array($dispatch, $method))) { call_user_func_array(array($dispatch, $method), []); } else { header("HTTP/1.0 404 Not Found"); } } // Call the footer controller $f = new Footer($modelFactory, [], true); call_user_func_array(array($f, 'main'), []); }
public function main($user) { //loadLanguageFile('play'); include '../lang/English.php'; include '../lang/sk/play.php'; $msg = array(); $pm['messages'] = array(); $page = 'Pages/Messages'; // was 151 // If logged in if ($user['login_status'] == 1) { // TASK = VIEW if (isset($this->request[0]) && $this->request[0] == 'view') { $id = $this->request[1]; $sql = Query::query('SELECT * FROM messages WHERE id=' . $id . ' LIMIT 1'); if ($row = $sql->fetch_array()) { $this->set('reply', '<a href="' . 'messages/send/&id=' . $row['sender_id'] . '&re=' . $row['id'] . '">' . PM_REPLY . '</a>'); $this->set('delete', '<a href="' . 'messages/delete/' . $row['id'] . '">' . PM_DELETE_MESSAGE . '</a>'); $this->set('unread', '<a href="' . 'messages/unread/' . $row['id'] . '">' . PM_MARK_UNREAD . '</a>'); $this->set('subject', $row['title']); $this->set('img', 'uploads/avatars/' . $row['sender_id'] . '.jpg'); $this->set('date', $row['date']); $this->set('profile', 'profile&id=' . $row['sender_id']); $this->set('username', $row['sender_name']); $this->set('message', str_replace("\n", "<br>", $row['message'])); if ($row['opened'] == 0) { Query::query('UPDATE messages SET opened=1 WHERE messages.id=' . $id . ' LIMIT 1'); // Update user messages counter $msg_count = Query::query('SELECT COUNT(*) as Num FROM messages WHERE user_id=' . $user['id'] . ' AND opened=0')->fetch_assoc()['Num']; $update = Query::query('UPDATE tbl_users SET messages=' . $msg_count . ' WHERE id=' . $user['id']) or die(mysql_error()); } } $page .= 'Pages/View'; } // TASK = SEND if (isset($this->request[0]) && $this->request[0] == 'send') { $id = $this->request[1]; if (isset($this->request[2])) { $re = intval($this->request[2]); $re2 = Query::query("SELECT * FROM messages WHERE id={$re} AND user_id={$user['id']}")->fetch_assoc(); $this->set('subject', 'Re: ' . $re2['title']); $this->set('msg', "\n\n\n" . $re2['sender_name'] . " wrote:\n> " . str_replace("<br />", "\n>", preg_replace('/\\s+/', ' ', nl2br($re2['message'])))); } else { $this->set('subject', ''); $this->set('msg', ''); } $this->set('action', 'messages/sent/' . $id); $page .= 'Pages/Send'; } // TASK = SENT if (isset($this->request[0]) && $this->request[0] == 'sent') { $id = $this->request[1]; // Give it a title if it lacks one if ($_POST['message_title'] == "") { $title = 'Untitled'; } else { $title = Query::secure($_POST['message_title']); } $message = Query::secure($_POST['message']); $date = date("F j Y, G:i"); $read = 0; Query::query("INSERT INTO messages (user_id, sender_id, sender_name, title, message, date, ip) \r\n\t\t\t\t VALUES ('{$id}', '{$user['id']}', '{$user['username']}', '{$title}', '{$message}', '{$date}', '{$_SERVER['REMOTE_ADDR']}')"); echo 'Message sent!<br><br> <a href="profile/' . $id . '">Return to user profile</a><br> <a href="messages">Go to inbox</a>'; // Update user messages counter $msg_count = Query::query('SELECT COUNT(opened) as Num FROM messages WHERE user_id=' . $user['id'] . ' AND opened=0')->fetch_assoc()['Num']; $update = Query::query("UPDATE tbl_users SET messages={$msg_count} WHERE id='{$user['id']}'") or die(mysql_error()); } // TASK = DELETE if (isset($this->request[0]) && $this->request[0] == 'delete') { $id = $this->request[1]; $result = Query::query('DELETE FROM messages WHERE id=' . $id . ' AND user_id=' . $user['id']); // Update user messages counter $msg_count = Query::query('SELECT COUNT(opened) as Num FROM messages WHERE user_id=' . $user['id'] . ' AND opened=0')->fetch_assoc()['Num']; $update = Query::query("UPDATE tbl_users SET messages={$msg_count} WHERE id='{$user['id']}'") or die(mysql_error()); echo '<div id="pm_task_complete">' . PM_DELETED . '</div>'; } // TASK = UNREAD if (isset($this->request[0]) && $this->request[0] == 'unread') { $id = $this->request[1]; $read = Query::query('SELECT opened FROM messages WHERE id=' . $id . ' LIMIT 1')->fetch_assoc()['opened']; if ($read == 1) { Query::query('UPDATE messages SET opened = 0 WHERE messages.id = ' . $id . ' LIMIT 1'); // Update user messages counter $msg_count = Query::query('SELECT COUNT(opened) as Num FROM messages WHERE user_id=' . $user['id'] . ' AND opened=0')->fetch_assoc()['Num']; $update = Query::query("UPDATE tbl_users SET messages={$msg_count} WHERE id='{$user['id']}'") or die(mysql_error()); echo '<div id="pm_task_complete">' . PM_MAU . '</div>'; } } // TASK = READ if (isset($this->request[0]) && $this->request[0] == 'read') { $id = $this->request[1]; $read = Query::query('SELECT opened FROM messages WHERE id=' . $id . ' LIMIT 1')->fetch_assoc()['opened']; if ($read == 0) { Query::query('UPDATE messages SET opened = 1 WHERE messages.id = ' . $id . ' LIMIT 1'); // Update user messages counter $msg_count = Query::query('SELECT COUNT(opened) as Num FROM messages WHERE user_id=' . $user['id'] . ' AND opened=0')->fetch_assoc()['Num']; $update = Query::query("UPDATE tbl_users SET messages={$msg_count} WHERE id='{$user['id']}'") or die(mysql_error()); echo '<div id="pm_task_complete">' . PM_MAU . ' read</div>'; } } // Get all messages $msgs = Query::query("SELECT COUNT(opened) as Num FROM messages WHERE user_id={$user['id']}")->fetch_assoc()['Num']; if ($msgs >= 1) { $sql = Query::query("SELECT * FROM messages WHERE user_id={$user['id']} ORDER BY id desc"); while ($row = $sql->fetch_assoc()) { if ($row['opened'] == 0) { $link_class = 'unread_pm_link'; } else { $link_class = 'read_pm_link'; } $profile_url = Utils::ProfileUrl($row['sender_id'], $row['sender_name']); $msg['profile_url'] = $profile_url; $msg['url'] = 'messages/view/' . $row['id']; $msg['title'] = $row['title']; $msg['date'] = $row['date']; $msg['sender_name'] = $row['sender_name']; $msg['link_class'] = $link_class; $msg['reply'] = 'messages/reply/re=' . $row['id'] . '&id=' . $row['sender_id']; $msg['unread'] = 'messages/unread/' . $row['id']; $msg['read'] = 'messages/read/' . $row['id']; $msg['delete'] = 'messages/delete/' . $row['id']; $msg['reply_img'] = 'img/msg-reply.png'; $msg['unread_img'] = 'img/msg-unread.png'; $msg['read_img'] = 'img/msg-read.png'; $msg['delete_img'] = 'img/msg-delete.png'; array_push($pm['messages'], $msg); } } } else { header("Location: login"); } $this->set('messages', $pm['messages']); $this->render($page); }
include '../../../app/models/Query.php'; include '../../../app/models/Settings.php'; include '../../../app/models/User.php'; include '../../../app/models/Utils.php'; $query = new SQLQuery(); $query->connect('localhost', 'root', '', 'boxarcade'); Settings::Init(); include '../../../lang/' . Settings::Get('language') . '.php'; User::sec_session_start(); User::Init(); $userid = intval($_SESSION['user_id']); $the_comment = Utils::secure($_POST['comment']); $id = intval($_POST['id']); if (User::login_check(Query::$mysqli) == true) { $date = date("Y-m-d H:i:s"); Query::query("INSERT INTO tbl_comments (user, comment, link_id, date, ip) VALUES ('{$userid}', '{$the_comment}', '{$id}', '{$date}', '{$_SERVER['REMOTE_ADDR']}')"); $user_url = ''; //'uploads/avatars/' . User::Get('id') . User::Get('AvatarType');//ProfileUrl($user2['id'], $user2['seo_url']); $content = stripslashes(nl2br(strip_tags($_POST['comment']))); $username = User::Get('Username'); $report_button = ''; $delete = ''; if (User::Get('AvatarType') == '') { $avatar_url = '/uploads/avatars/default.png'; } else { $avatar_url = 'uploads/avatars/' . User::Get('id') . User::Get('AvatarType'); } //$this->set('user_avatar', 'uploads/avatars/' . User::Get('id') . User::Get('AvatarType')); include '../../../app/templates/sections/CommentsAJAX.tpl'; //$comment = array('username' => $user2['username'], 'content' => stripslashes(nl2br(strip_tags($_POST['comment']))), 'user_points' => $user2['points'], 'date' => FormatDate($date, 'time')); //$comment['delete'] = '';