if ($userdata['online'] > 0) {
?>
<img src="<?php
echo $path;
?>
/web-gallery/v2/images/online.gif"><?php
} else {
?>
<img src="<?php
echo $path;
?>
/web-gallery/v2/images/offline.gif"><?php
}
?>
// Banido: <?php
if (Transaction::num_rows($check_bann) > 0) {
echo 'Sim';
} else {
echo 'No';
}
?>
</center></div>
<table width='100%' cellspacing='0' cellpadding='5' align='center' border='0'>
<tr>
<td class='tablerow1' width='40%' valign='middle'><b>Nome do usurio</b><div class='graytext'>Nome do usurio que deseja editar</div></td>
<td class='tablerow2' width='60%' valign='middle'><input type='text' name='name' value="<?php
echo $userdata['username'];
?>
" disabled="disabled" size='30' class='textinput'></td>
public static function Active($template)
{
$path = TEMPLATES;
$gall = GALLERY;
$q = Transaction::query("SELECT * FROM mobbo_templates WHERE active = 1");
if (Transaction::num_rows($q) > 0) {
$q = Transaction::query("SELECT * FROM mobbo_templates WHERE active = 1");
$o = Transaction::fetch($q);
$p = $o['path'];
if ($p != $template) {
Files::del_dir(TEMPLATES . "{$p}/web-gallery");
Files::copy_directory(WEBGALLERY, TEMPLATES . "{$p}/web-gallery/");
Files::del_dir(WEBGALLERY);
Files::copy_directory(TEMPLATES . $template . '/web-gallery/', WEBGALLERY);
Transaction::query("UPDATE mobbo_templates SET active = 0;");
Transaction::query("UPDATE mobbo_templates SET active = 1 WHERE path = '" . $template . "'");
return 1;
} else {
Files::copy_directory(TEMPLATES . $template . '/web-gallery', WEBGALLERY);
Transaction::query("UPDATE mobbo_templates SET active = 0;");
Transaction::query("UPDATE mobbo_templates SET active = 1 WHERE path = '" . $template . "'");
return 1;
}
} else {
Files::copy_directory(TEMPLATES . $template . '/web-gallery', WEBGALLERY);
Transaction::query("UPDATE mobbo_templates SET active = '0';");
Transaction::query("UPDATE mobbo_templates SET active = 1 WHERE path = '" . $template . "'");
return 1;
}
}
<li data-orbit-slide="headline-1">
<div style="' . $background . 'background-position-y:-4px;border-radius:0px;">
<h2> ' . $row["title"] . ' </h2>
<h3> ' . $row["shortstory"] . '</h3>
<a href="#" style="float:right" data-reveal-id="new_' . $row["id"] . '" class="radius button">Leia Mais…</a>
<br><br><br>
</div>
</li>
';
$c++;
}
?>
</ul>
<?php
$query_display = Transaction::query("SELECT * FROM mobbo_news");
$row_news = Transaction::num_rows($query_display);
if ($row_news == 0) {
echo ' ';
}
$query = Transaction::query("SELECT * FROM mobbo_news ORDER BY published DESC LIMIT 4");
$c = 0;
while ($row = Transaction::fetch($query)) {
$display = 'block';
if ($c > 0) {
$display = 'none';
}
$imageme = $row['image'];
if (strpos($imageme, "#") !== false) {
$backgrounde = 'background:' . $imageme . ' !important;';
} else {
$backgrounde = 'background:url(' . $imageme . ') !important;';
public static function show($actions = array())
{
$action = htmlspecialchars($actions);
switch ($action) {
case "login":
if (isset($_POST['username'])) {
if (isset($_POST['password'])) {
$email = Security::textFilter($_POST['username']);
$password = md5(Security::textFilter($_POST['password']));
$find_user2 = Transaction::query("SELECT * FROM `users` WHERE `username` = '" . $email . "'");
$user_info2 = Transaction::fetch($find_user2);
$find_user = Transaction::query("SELECT * FROM `users` WHERE `mail` = '" . $email . "'");
$user_info = Transaction::fetch($find_user);
if ($user_info['password'] == $password or $user_info2['password'] == $password) {
$queryban = Transaction::query("SELECT * FROM `bans` WHERE `value` = '" . $user_info['username'] . "' OR `value` = '" . $user_info2['username'] . "' LIMIT 1");
if (Transaction::num_rows($queryban) > 0) {
$fetchban = Transaction::fetch($queryban);
header("location: ../index.php?ban=" . $fetchban['value'] . "&reason=" . $fetchban['reason'] . "&time=" . $fetchban['expire'] . "&true=1");
exit;
}
if (!empty($user_info)) {
$_SESSION['id'] = $user_info['id'];
$_SESSION['userid'] = $user_info['id'];
$rawhotel = md5($user_info['id'] + $user_info['username'] + $user_info['password'] + Security::getUserIP());
setcookie('rawsessionhotel', $rawhotel);
} elseif (!empty($user_info2)) {
$_SESSION['id'] = $user_info2['id'];
$_SESSION['userid'] = $user_info2['id'];
$rawhotel = md5($user_info2['id'] + $user_info2['username'] + $user_info2['password'] + Security::getUserIP());
setcookie('rawsessionhotel', $rawhotel);
}
header("location: me");
if ($_SESSION['login_try'] > 0) {
$_SESSION['login_try'] = 0;
}
exit;
} else {
$_SESSION['login_try'] = $_SESSION['login_try'] + 1;
header("location: ../index.php?erroro=" . $_POST['username'] . "&type=1");
exit;
}
} else {
$_SESSION['login_try'] = $_SESSION['login_try'] + 1;
header("location: ../index.php?erroro=" . $_POST['username'] . "&type=1");
exit;
}
} else {
$_SESSION['login_try'] = $_SESSION['login_try'] + 1;
header("location: ../index.php?erroro=" . $_POST['username'] . "&type=2");
exit;
}
break;
case "logout":
session_destroy();
setcookie('rawsessionhotel', '0');
header("location: ../index.php");
break;
case "404":
$ok = <<<PAGE
<html>
<title>404</title>
\t <meta charset="utf-8">
<link type="text/css" rel="stylesheet" href="../web-gallery/css/marketing.css">
</head>
<body style="">
<section id="oops" style="width: 100%;">
<div class="row">
<div class="large-9 medium-9 small-12 columns small-centered">
<h5>404: Página não Encontrada</h5>
<h1 class="oversized">Esta página não existe...</h1>
<p class="lead bottom40">Você pode tentar recarregar a página indo na <a href="./">homepage.</a></p>
</div>
</div>
</section>
<a class="exit-off-canvas"></a>
</div>
</div>
</body></html>
PAGE;
echo $ok;
break;
case "405":
$maintenance_text = mobbo::mobbo_settings('maintenance_text');
$ok = <<<PAGE
<html>
\t\t\t\t\t <meta charset="utf-8">
<title>405</title>
<link type="text/css" rel="stylesheet" href="../web-gallery/css/marketing.css">
</head>
<body style="">
<section id="oops" style="width: 100%;">
<div class="row">
<div class="large-9 medium-9 small-12 columns small-centered">
<h5>405: Estamos em Manutencao</h5>
<h1 class="oversized">Opa! Manutencao.</h1>
<p class="lead bottom40"><b>Motivo:</b> {$maintenance_text} <a href="/">Voltar a Home Page</a></p>
</div>
</div>
</section>
<a class="exit-off-canvas"></a>
</div>
</div>
</body></html>
PAGE;
echo $ok;
break;
case 'referidos':
echo ' <link type="text/css" rel="stylesheet" href="./web-gallery/css/marketing.css">';
if (!isset($_SESSION['id'])) {
$ip = $_SERVER['REMOTE_ADDR'];
$usuario = htmlentities($_GET['referido']);
$query1 = Transaction::query("SELECT ip_referida FROM users_referidos WHERE ip_referida = '" . $ip . "' LIMIT 1");
if (Transaction::num_rows($query1) > 0) {
echo '<div data-alert class="alert-box alert" style="position:fixed;width:100%;height:45px;z-index:9;">
IP Ja Registrado, voce nao Pode se Registrar por Este Referido.
<a href="#" class="close">×</a>
</div>';
} else {
$_SESSION['referido'] = $ip;
$_SESSION['referiduser'] = $usuario;
header("Location: /registro");
}
}
break;
case 'erroro':
echo ' <link type="text/css" rel="stylesheet" href="./web-gallery/css/marketing.css">';
$erroro = htmlentities(addslashes($_GET['erroro']));
if ($_GET['type'] == 1) {
echo '<div data-alert class="alert-box alert" style="position:fixed;width:100%;height:45px;z-index:9;">
' . $erroro . ', Suas Credenciais de Logins sao Invalidas, e essa senha Mesmo?
<a href="#" class="close">×</a>
</div>';
}
if ($_GET['type'] == 2) {
echo '<div data-alert class="alert-box alert" style="position:fixed;width:100%;height:45px;z-index:9;">
' . $erroro . ', Este usuario nao Existe, tem Certeza?
<a href="#" class="close">×</a>
</div>';
}
break;
case 'ban':
echo ' <link type="text/css" rel="stylesheet" href="./web-gallery/css/marketing.css">';
$user = htmlentities(addslashes($_GET['ban']));
$reason = htmlentities(addslashes($_GET['reason']));
$reason = htmlentities(addslashes($_GET['expire']));
echo '<div data-alert class="alert-box alert" style="position:fixed;width:100%;height:45px;z-index:9;">
' . $user . ', Você foi Banido, Pelo Seguinte Motivo: ' . $reason . ', Entre em Contato com os Admins!
<a href="#" class="close">×</a>
</div>';
break;
case 'registro':
if (isset($_POST['username']) && isset($_POST['mail']) && isset($_POST['pass'])) {
$usuario = Security::textFilter(htmlentities($_POST['username']));
$mail = Security::textFilter(htmlentities($_POST['mail']));
$pass = Security::textFilter(htmlentities(md5($_POST['pass'])));
$firstn = Security::textFilter(htmlentities($_POST['firstname']));
$lastn = Security::textFilter(htmlentities($_POST['lastname']));
$query = Transaction::query("SELECT `id` FROM `users` WHERE `mail` = '" . $mail . "'");
if (Transaction::num_rows($query) == 0) {
$query = Transaction::query("SELECT `id` FROM `users` WHERE `username` = '" . $usuario . "'");
if (Transaction::num_rows($query) == 0) {
if (strlen($_POST['pass']) > 5) {
if (preg_match('`[a-z]`', $_POST['pass'])) {
if (preg_match('`[0-9]`', $_POST['pass'])) {
if (count(explode(' ', $usuario)) > 1) {
echo 'Sem Espaço Em Branco Pls';
} else {
if (mb_strlen($usuario) <= 25) {
Transaction::query("INSERT INTO `users` (`username`, `password`, `mail`) VALUES ('" . $usuario . "', '" . $pass . "', '" . $mail . "');");
$get_id = Transaction::query("SELECT id FROM `users` WHERE `username` = '" . $usuario . "';");
$get_id_result = Transaction::fetch($get_id);
$_SESSION['id'] = $get_id_result['id'];
$_SESSION['userid'] = $get_id_result['id'];
$_SESSION['step'] = 0;
if (isset($_SESSION['referido'])) {
$ip = htmlentities($_SESSION['referido']);
$userne = htmlentities($_SESSION['referiduser']);
Transaction::query("INSERT INTO users_referidos (usuario, ip_referida) VALUES ('" . $userne . "', '" . $ip . "');");
$_SESSION['referido'] = NULL;
}
echo 'OKAY';
} else {
echo 'Menos Caracteres Pls';
}
}
} else {
echo 'Esta senha a muito curta e/ou invalida';
}
} else {
echo 'Esta senha a muito curta e/ou invalida';
}
} else {
echo 'Esta senha a muito curta e/ou invalida';
}
} else {
echo 'Esse Usuario ja Existe';
}
} else {
echo 'Este e-mail esta em uso';
}
} else {
echo 'Erro...';
}
break;
case 'editarhome':
if (isset($_POST['texto'])) {
$username = htmlentities($_POST['username']);
$texto = htmlentities(addslashes($_POST['texto']));
$fundo = htmlentities(addslashes($_POST['fundo']));
$cores = htmlentities($_POST['cor']);
$video = htmlentities($_POST['video']);
if (!empty($texto)) {
Transaction::query("UPDATE users_homes SET texto = '" . $texto . "' WHERE username = '******'");
}
if (!empty($video)) {
Transaction::query("UPDATE users_homes SET video = '" . $video . "' WHERE username = '******'");
}
if (!empty($cores)) {
Transaction::query("UPDATE users_homes SET cores = '" . $cores . "' WHERE username = '******'");
}
if (!empty($fundo)) {
Transaction::query("UPDATE users_homes SET fundo = '" . $fundo . "' WHERE username = '******'");
}
}
break;
case 'editarfundo':
$fundo = htmlentities($_POST['fundo']);
$words = array('http://', 'www.');
if (strpos($fundo, $words[0]) !== false or strpos($fundo, $words[1]) !== false) {
$fundo = 'url(' . $fundo . ')';
}
$username = htmlentities($_POST['username']);
$user = mobbo::users_info('username');
if ($username == $user) {
Transaction::query("UPDATE users SET fundom = '" . $fundo . "' WHERE username = '******'");
}
break;
case 'colocarmanutencao':
if (mobbo::users_info("rank") >= 6) {
if (mobbo::mobbo_settings("maintenance") == 0) {
Transaction::query("UPDATE mobbo_settings SET value = '1' WHERE variable = 'maintenance'");
} elseif (mobbo::mobbo_settings("maintenance") == 1) {
Transaction::query("UPDATE mobbo_settings SET value = '0' WHERE variable = 'maintenance'");
}
header("Location: /me");
} else {
header("Location: /me");
}
break;
case 'compraritem':
$fetch = 0;
$cat = 0;
$query = 0;
if (isset($_POST['cat'])) {
$cat = htmlentities(addslashes($_POST['cat']));
$query = Transaction::query("SELECT * FROM mobbo_marktplatzvip WHERE id = '" . $cat . "' LIMIT 1");
$fetch = Transaction::fetch($query);
$dolares = $fetch['dolares'];
if (mobbo::users_info('dolares') >= $dolares) {
$queryCheck = Transaction::query("SELECT * FROM user_badges WHERE user_id = '" . mobbo::users_info('id') . "' AND badge_id = '" . $cat . "' LIMIT 1");
if (Transaction::num_rows($queryCheck) < 1) {
Transaction::query("UPDATE users SET dolares = dolares-'" . $fetch['dolares'] . "' WHERE id = '" . mobbo::users_info('id') . "' LIMIT 1");
Transaction::query("INSERT INTO user_badges (user_id, badge_id) VALUES ('" . mobbo::users_info('id') . "','" . $cat . "')");
$dolares = mobbo::users_info('dolares');
echo "Item Comprado com Sucesso, Seu Balanço de Dolares agora é de {$dolares}";
} else {
echo "Você já Possui este Emblema";
}
} else {
echo "Você Não Possui Dolares Suficientes";
}
} else {
echo "Você é um Hacker ?";
}
break;
case 'wallupdate':
if (isset($_POST['update'])) {
//insert into wall table
$message = Security::textFilter($_POST['update']);
if ($message != "") {
$image = '';
$time = time();
$video = '';
$userid = mobbo::users_info('id');
$query = Transaction::query("INSERT INTO `posts` (`desc`, `image_url`, `vid_url`,`date`,`userid`) VALUES ('{$message}', '{$image}', '{$video}','{$time}', '{$userid}')");
$ins_id = mysql_insert_id();
echo 'sucess';
}
}
break;
default:
die('This Action Does Not Exists');
break;
}
}
<td class='tablesubheader' width='5%'>Informao</td>
<td class='tablesubheader' width='5%'>Equipe</td>
<td class='tablesubheader' width='20%'>Mensagem</td>
<td class='tablesubheader' width='10%'>Sala</td>
<td class='tablesubheader' width='11%'>Data</td>
<td class='tablesubheader' width='1%'>Total</td>
</tr>
<?php
$query_min = $page * 50 - 50;
if ($query_min < 0) {
$query_min = 0;
}
if ($do == "cautions" && $_GET['name']) {
$get_id = Transaction::query("SELECT id FROM users WHERE username = '******'name']) . "'");
if (Transaction::num_rows($get_id) > 0) {
$get = Transaction::fetch($get_id);
$get_tickets = Transaction::query("SELECT * FROM moderation_tickets WHERE reported_id = '" . $get['id'] . "' ORDER BY id DESC LIMIT " . $query_min . ", 50");
}
} else {
$get_tickets = Transaction::query("SELECT * FROM moderation_tickets ORDER BY id DESC LIMIT " . $query_min . ", 50");
}
while ($row = Transaction::fetch($get_tickets)) {
$get_sender_id = Transaction::fetch($get_reporter_id = Transaction::query("SELECT username FROM users WHERE id = '" . $row['sender_id'] . "'"));
$get_reported_id = Transaction::fetch($get_reported_id = Transaction::query("SELECT username FROM users WHERE id = '" . $row['reported_id'] . "'"));
$get_moderator_id = Transaction::fetch($get_reporter_id = Transaction::query("SELECT username FROM users WHERE id = '" . $row['moderator_id'] . "'"));
$sender_id = $get_sender_id['username'];
if ($row['reported_id'] == "0") {
$reported_id = "-/-";
} else {
$reported_id = $get_reported_id['username'];
Transaction::query("TRUNCATE TABLE stafflogs");
Transaction::query("INSERT INTO stafflogs (action,message,note,userid,targetid,timestamp) VALUES ('Housekeeping','Staff Logs wurde geleert','logs.php','" . $my_id . "','','" . $date_full . "')");
}
$pagename = "Dados da Equipe";
$pageid = "stafflogs";
@(include 'subheader.php');
?>
<div class='tableborder'>
<div class='tableheaderalt'><center>Dados Salvos da Equipe</center></div>
<table cellpadding='4' cellspacing='0' width='100%'>
<?php
if ($do == "reading" && is_numeric($key)) {
$get_details = Transaction::query("SELECT * FROM stafflogs WHERE id = '" . $key . "' && details IS NOT NULL");
if (Transaction::num_rows($get_details) > 0) {
?>
<tr>
<td class='tablesubheader' width='20%' align='left'>Usuário</td>
<td class='tablesubheader' width='80%' align='left'>Detalhes</td>
</tr>
<?php
$details = Transaction::fetch($get_details);
$user = Transaction::query("SELECT * FROM users WHERE id = '" . $details['targetid'] . "'");
$user = Transaction::fetch($user);
?>
<tr>
<td class='tablerow1' align='left'><?php
$pagename = "Editar Emblemas";
$pageid = "badgetool";
if (isset($_POST['badge']) && $_POST['name']) {
$check_name = Transaction::query("SELECT * FROM users WHERE username = '******'name']) . "'");
if (Transaction::num_rows($check_name) > 0) {
$userdata = Transaction::fetch($check_name);
$check_badge = Transaction::query("SELECT * FROM user_badges WHERE user_id = '" . $userdata['id'] . "' AND badge_id = '" . Security::textFilter($_POST['badge']) . "' LIMIT 1");
if ($_POST['action'] == "give") {
if (Transaction::num_rows($check_badge) < 1) {
Transaction::query("INSERT INTO user_badges (user_id,badge_id,badge_slot) VALUES ('" . $userdata['id'] . "','" . Security::textFilter($_POST['badge']) . "','0')");
$msg = "<div class='rounded rounded-green'><center>Voc acabou de dar <b>" . Security::textFilter($_POST['name']) . "</b> o emblema " . Security::textFilter($_POST['badge']) . " com sucesso. <img src=\"./w/images/check.gif\"></center></div>";
} else {
$msg = "<div class='rounded rounded-red'><center>" . $_POST['name'] . " J tm o Emblema " . $_POST['badge'] . ". <img src=\"./w/images/del.gif\"></center></div>";
}
} else {
if (Transaction::num_rows($check_badge) > 0) {
Transaction::query("DELETE FROM user_badges WHERE user_id = '" . $userdata['id'] . "' AND badge_id = '" . Security::textFilter($_POST['badge']) . "'");
$msg = "<div class='rounded rounded-green'><center>Voc removeu o Emblema " . Security::textFilter($_POST['badge']) . " . <img src=\"./w/images/check.gif\"></center></div>";
} else {
$msg = "<div class='rounded rounded-red'><center>" . Security::textFilter($_POST['name']) . " no tem o emblema " . Security::textFilter($_POST['badge']) . " <img src=\"./w/images/del.gif\"></center></div>";
}
}
} else {
$msg = "<div class='rounded rounded-red'><center>No foi possvel encontrar o usurio! <img src=\"./w/images/del.gif\"></center></div>";
}
}
@(include 'subheader.php');
if (isset($msg)) {
?>
<p><strong><?php
echo $msg;
public static function evaluate($query)
{
$result = Transaction::query($query);
$michae = Transaction::num_rows($result);
if ($michae >= 1) {
return $michae;
} else {
return 0;
}
}
<?php
/*
Hooks System 0.1a - mobbo 6.0
:: NAME :: Reffers of a User
:: VERSION :: 1.0
:: AUTHOR :: bi0s
*/
$query = Transaction::query("SELECT * FROM users_referidos WHERE usuario = '" . mobbo::users_info('username') . "'");
$rows = Transaction::num_rows($query);
if ($rows == NULL or $rows == 0) {
$rows = "Nenhum";
}
?>
<h5 align="center">você tem <span style="font-size:x-large;"><?php
echo $rows;
?>
</span> Referido(s)</h5>
<?php
if ($rows > 0) {
?>
<a href="#" class="button tiny success radius alert" data-dropdown="drop2">Trocar Referidos por Doláres</a>
<div id="drop2" class="f-dropdown content medium" data-dropdown-content>
<h4>Compras</h4>
<p>Atenção se você tiver 5 Referidos, Ganha 1 Dolar, se Você tiver 10 Referidos Ganha 2 Dolares, Assim Vai Adiante até 40 Referidos Que Ganha 8 Dolares, Se Você tiver 40 Referidos Automaticamente Ganha 8 Dolares, não Há como Escolher a Opção de Trocar 5 Referidos, Se você tiver mais de 40 Referidos basta Apenas Trocar Mais Uma Vez, E Assim Por Diante.</p>
<p>Grato, A Direção.</p>
<a class="button tiny success radius" href="/loja?buy=dolares">Trocar Os Seus Referidos por Doláre(s)</a>
</div>
<?php
}
}
$pagename = "Banimentos";
$pageid = "ban";
if (isset($_POST['value']) && $_POST['length'] && $_POST['reason']) {
$check_exists = Transaction::query("SELECT * FROM bans WHERE value = '" . Security::textFilter($_POST['value']) . "' AND bantype = '" . Security::textFilter($_POST['type']) . "'");
$get_cc = Transaction::query("SELECT * FROM users WHERE username = '******'value'] . "'");
$userdata = Transaction::fetch($get_cc);
if (Transaction::num_rows($check_exists) > 0) {
Transaction::query("UPDATE bans SET expire = expire + '" . Security::textFilter($_POST['length']) . "' WHERE value = '" . Security::textFilter($_POST['value']) . "' AND bantype = '" . Security::textFilter($_POST['type']) . "'");
$msg = "<div class='rounded rounded-green'><center>El ban (" . Security::textFilter($_POST['type']) . " - " . Security::textFilter($_POST['value']) . ") ha sido actualizado. <img src=\"./w/images/check.gif\"></center></div>";
} else {
if (Transaction::num_rows($get_cc) > 0 && $_POST['type'] == "user") {
Transaction::query("INSERT INTO bans (bantype,value,reason,expire,added_by,added_date) VALUES ('" . Security::textFilter($_POST['type']) . "','" . Security::textFilter($_POST['value']) . "','" . Security::textFilter($_POST['reason']) . "','" . time() . "' + '" . Security::textFilter($_POST['length']) . "','" . $name . "','" . time() . "')");
Transaction::query("UPDATE users SET auth_ticket = '' WHERE username = '******'value']) . "' LIMIT 1");
$msg = "<div class='rounded rounded-green'><center>" . $_POST['value'] . " foi banido <img src=\"./w/images/check.gif\"></center></div>";
} elseif (Transaction::num_rows($get_cc) < 1 && $_POST['type'] == "user") {
$msg = "<div class='rounded rounded-red'><center>No foi possvel encontrar o usurio <img src=\"./w/images/del.gif\"></center></div>";
} elseif ($_POST['type'] == "ip") {
Transaction::query("INSERT INTO bans (bantype,value,reason,expire,added_by,added_date) VALUES ('" . Security::textFilter($_POST['type']) . "','" . Security::textFilter($_POST['value']) . "','" . Security::textFilter($_POST['reason']) . "','" . time() . "' + '" . Security::textFilter($_POST['length']) . "','" . $name . "','" . time() . "')");
Transaction::query("UPDATE users SET auth_ticket = '' WHERE username = '******'value']) . "' LIMIT 1");
$msg = "<div class='rounded rounded-green'><center>O IP " . Security::textFilter($_POST['value']) . " foi banido! <img src=\"./w/images/check.gif\"></center></div>";
}
}
}
@(include 'subheader.php');
if (isset($msg)) {
?>
<p><strong><?php
echo $msg;
?>
</strong></p><?php
exit;
}
$pagename = "Desbanir";
$pageid = "unban";
if (isset($_POST['query'])) {
if ($_POST['type'] == 'ip') {
$check_ip = Transaction::query("SELECT * FROM bans WHERE value = '" . Security::textFilter($_POST['query']) . "' AND bantype = 'ip'");
if (Transaction::num_rows($check_ip) > 0) {
Transaction::query("DELETE FROM bans WHERE value = '" . Security::textFilter($_POST['query']) . "' AND bantype = 'ip'");
$msg = "<div class='rounded rounded-green'><center> (" . Transaction::num_rows($check_ip) . ") Desbaneado correctamente. <img src=\"./w/images/check.gif\"></center></div>";
} else {
$msg = "<div class='rounded rounded-red'><center>No foi possvel encontrar o banimento <img src=\"./w/images/del.gif\"></center></div>";
}
} else {
$check_user = Transaction::query("SELECT * FROM bans WHERE value = '" . Security::textFilter($_POST['query']) . "' AND bantype = 'user'");
if (Transaction::num_rows($check_user) > 0) {
Transaction::query("DELETE FROM bans WHERE value = '" . Security::textFilter($_POST['query']) . "' AND bantype = 'user'");
$msg = "<div class='rounded rounded-green'><center>Usurio desbanido corretamente! <img src=\"./w/images/check.gif\"></center></div>";
} else {
$msg = "<div class='rounded rounded-red'><center>No foi possvel encontrar o banimento <img src=\"./w/images/del.gif\"></center></div>";
}
}
}
@(include 'subheader.php');
if (isset($msg)) {
?>
<p><strong><?php
echo $msg;
?>
</strong></p><?php
}
if (Transaction::num_rows($userdata) > 0) {
$userdata = Transaction::fetch($userdata);
$get_logs = Transaction::query("SELECT * FROM chatlogs WHERE user_id = '" . $userdata['id'] . "' ORDER BY timestamp DESC LIMIT " . $limit . "");
$results = Transaction::num_rows($get_logs);
if ($results > 0) {
$chatlogs = Transaction::fetch($get_logs);
$msg = "<div class='rounded rounded-green'><center>Reegistros de <u>" . $_POST['query'] . " (ID: " . $userdata['id'] . ")</u> <img src=\"./w/images/check.gif\"></center></div>";
} else {
$msg = "<div class='rounded rounded-red'><center>Ops, nenhuma conversa foi registrada.<img src=\"./w/images/del.gif\"></center></div>";
}
} else {
$msg = "<div class='rounded rounded-red'><center>Este usuário não possui nenhuma conversa registrada <img src=\"./w/images/del.gif\"></center></div>";
}
} else {
$get_logs = Transaction::query("SELECT * FROM chatlogs WHERE room_id = '" . $_POST['query'] . "' ORDER BY timestamp LIMIT " . $limit . "");
$results = Transaction::num_rows($get_logs);
if ($results > 0) {
$chatlogs = Transaction::fetch($get_logs);
$roomdata = Transaction::query("SELECT * FROM rooms WHERE id = '" . $_POST['query'] . "'");
$data = Transaction::fetch($roomdata);
$msg = "<div class='rounded rounded-green'><center>Conversas do quarto: <u>" . $data['caption'] . " (ID: " . $data['id'] . ")</u> <img src=\"./w/images/check.gif\"></center></div>";
} else {
$msg = "<div class='rounded rounded-red'><center>Conversa não encontrada. <img src=\"./w/images/del.gif\"></center></div>";
}
}
}
@(include 'subheader.php');
if (isset($msg)) {
?>
<p><strong><?php
echo $msg;
$msg = "<div class='rounded rounded-red'><center>No foi possvel encontrar este usurio.<img src=\"./w/images/del.gif\"></center></div>";
}
} elseif ($do == "add" && $_POST['vip']) {
// $timened = time() + 15552000;
$timeend2 = time() + 1296000 * 2;
$user_check = Transaction::query("SELECT * FROM users WHERE username = '******'vip'] . "' LIMIT 1");
$userdata = Transaction::fetch($user_check);
$badge_check = Transaction::query("SELECT * FROM user_badges WHERE user_id = '" . $userdata['id'] . "' and badge_id = 'VIP'");
$vip_check = Transaction::query("SELECT * FROM users WHERE id = '" . $userdata['id'] . "' LIMIT 1");
$vip = Transaction::fetch($vip_check);
if (Transaction::num_rows($user_check) > 0) {
if (Transaction::num_rows($vip_check) > 0) {
Transaction::query("UPDATE users SET credits = credits + '100000', crystals = crystals + '40', vip = '1', rank = '2' WHERE id = '" . $userdata['id'] . "'");
$msg = "<div class='rounded rounded-green'><center>" . $_POST['vip'] . " recebeu VIP com sucesso! <img src=\"./w/images/check.gif\"></center></div>";
} else {
if (Transaction::num_rows($badge_check) < 1) {
Transaction::query("INSERT INTO user_badges (user_id,badge_id,badge_slot) VALUES ('" . $userdata['id'] . "','VIP','0')");
}
Transaction::query("UPDATE users SET crystals = 'crystals' + 40; rank = '2'; vip = '1' WHERE id = '" . $userdata['id'] . "'");
Transaction::query("INSERT INTO vip (id_user,timestamp,timestampend) VALUES ('" . $userdata['id'] . "','" . time() . "','" . $timeend2 . "')");
Transaction::query("INSERT INTO mobbo_alerts (userid,alert) VALUES ('" . $userdata['id'] . "','Voc agora faz parte do Haboo VIP!')");
$msg = "<div class='rounded rounded-green'><center>" . $_POST['vip'] . " Recebeu o VIP corretamente! <img src=\"./w/images/check.gif\"></center></div><br>";
}
} else {
$msg = "<div class='rounded rounded-red'><center>No foi possvel encontrar este usurio! <img src=\"./w/images/del.gif\"></center></div><br>";
}
}
@(include 'subheader.php');
if (isset($msg)) {
?>
<p><strong><?php
<td class='tablesubheader' width='10%' align='left'>IP(Última vez)</td>
<td class='tablesubheader' width='20%' align='left'>Última vez no Hotel</td>
<td class='tablesubheader' width='20%' align='left'>Data de registro</td>
<td class='tablesubheader' width='10%' align='left'>Estado</td>
<td class='tablesubheader' width='10%' align='left'>Banido</td>
<td class='tablesubheader' width='10%' align='left'>Editar</td>
</tr>
<?php
while ($row = Transaction::fetch($get_users)) {
$get_banns = Transaction::query("SELECT * FROM bans WHERE value = '" . $row['id'] . "' AND bantype = 'user' OR value = '" . $row['ip_last'] . "' AND bantype = 'ip'");
if ($row['online'] > 0) {
$status = "Online";
} else {
$status = "Offline";
}
if (Transaction::num_rows($get_banns) > 0) {
$color = "Verde";
$text = "Sim";
} else {
$color = "Vermelho";
$text = "No";
}
?>
<tr>
<td class='tablerow1' align='center'><?php
echo $row['id'];
?>
</td>
<td class='tablerow2'><a href='<?php
echo $path;
public static function users_onlines()
{
$sql = Transaction::query("SELECT id FROM `users` WHERE `online` = '1'");
$return = Transaction::num_rows($sql);
return $return;
}
<?php
if ($hkzone !== true) {
header("Location: index.php?throwBack=true");
exit;
}
if (empty($pagename)) {
$pnme = "Painel de Controle";
} else {
$pnme = "Painel de Controle - " . $pagename . " ";
}
$search = Security::textFilter($_POST['search']);
$searchheader = Security::textFilter($_POST['searchheader']);
$username = mobbo::users_info('username');
if (isset($_POST['searchname'])) {
if ($check = Transaction::num_rows($sql = Transaction::query("SELECT * FROM users WHERE username = '******'searchname']) . "' LIMIT 1")) > 0) {
$rowid = Transaction::fetch($sql);
header("location: " . $adminpath . "/p/users_edit&key=" . $rowid['id'] . "");
} else {
echo "<script>alert(\"Der Username " . $_POST['searchname'] . " konnte nicht gefunden werden!\")</script>";
}
}
?>
<html class=" js flexbox flexboxlegacy canvas canvastext webgl no-touch geolocation postmessage websqldatabase indexeddb hashchange history draganddrop websockets rgba hsla multiplebgs backgroundsize borderimage borderradius boxshadow textshadow opacity cssanimations csscolumns cssgradients cssreflections csstransforms no-csstransforms3d csstransitions fontface generatedcontent video audio localstorage sessionstorage webworkers applicationcache svg inlinesvg smil svgclippaths js flexbox flexboxlegacy canvas canvastext webgl no-touch geolocation postmessage websqldatabase indexeddb hashchange history draganddrop websockets rgba hsla multiplebgs backgroundsize borderimage borderradius boxshadow textshadow opacity cssanimations csscolumns cssgradients cssreflections csstransforms no-csstransforms3d csstransitions fontface generatedcontent video audio localstorage sessionstorage webworkers applicationcache svg inlinesvg smil svgclippaths js flexbox flexboxlegacy canvas canvastext webgl no-touch geolocation postmessage websqldatabase indexeddb hashchange history draganddrop websockets rgba hsla multiplebgs backgroundsize borderimage borderradius boxshadow textshadow opacity cssanimations csscolumns cssgradients cssreflections csstransforms no-csstransforms3d csstransitions fontface generatedcontent video audio localstorage sessionstorage webworkers applicationcache svg inlinesvg smil svgclippaths" lang="en" data-useragent="Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.57 Safari/537.36" style=""><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<head>
<base href="<?php
echo $adminpath;
?>
">
<meta http-equiv="content-t ype" content="text/html; charset=iso-8859-1" />
$msg = "<div class='rounded rounded-green'><center>A notcia foi removida com xito!. <img src=\"./w/images/check.gif\"></center></div>";
} else {
$msg = "<div class='rounded rounded-red'><center>Voc no tem permisso para remover notcias!<img src=\"./w/images/del.gif\"></center></div>";
}
} elseif ($do == "edit") {
$check = Transaction::query("SELECT * FROM mobbo_news WHERE id = '" . $key . "' LIMIT 1");
if (Transaction::num_rows($check) > 0) {
$check = Transaction::query("SELECT * FROM mobbo_news WHERE id = '" . $key . "' LIMIT 1");
$article = Transaction::fetch($check);
$editor_mode = true;
} else {
$msg = "<div class='rounded rounded-red'><center>Voc no tem permisso para editar notcias.<img src=\"./w/images/del.gif\"></center></div>";
}
} elseif ($do == "save" && is_numeric($key) && isset($_POST['image'])) {
$check = Transaction::query("SELECT id FROM mobbo_news WHERE id = '" . $key . "' LIMIT 1");
if (Transaction::num_rows($check) > 0) {
$check = Transaction::query("SELECT id FROM mobbo_news WHERE id = '" . $key . "' LIMIT 1");
$newsdata = Transaction::fetch($check);
if ($_POST['comments'] == true) {
$checked = '1';
} else {
$checked = '0';
}
Transaction::query("UPDATE mobbo_news SET title = '" . $_POST['title'] . "', image = '" . $_POST['image'] . "', shortstory = '" . $_POST['shortstory'] . "', longstory = '" . $_POST['longstory'] . "', author = '" . $_POST['author'] . "' WHERE id = '" . $key . "' LIMIT 1");
$msg = "<div class='rounded rounded-green'><center>A notcia foi publicada corretamente!. <img src=\"./w/images/check.gif\"></center></div>";
$editor_mode = false;
} else {
$msg = "<div class='rounded rounded-red'><center>Esta notcia no existe<img src=\"./w/images/check.gif\"></center></div>";
}
} elseif ($do == "add") {
$editor_mode = true;
}
$H = date('H');
$i = date('i');
$s = date('s');
$m = date('m');
$d = date('d');
$Y = date('Y');
$j = date('j');
$n = date('n');
// start the user system
if (isset($_SESSION['id'])) {
$rawname = htmlentities($_SESSION['id']);
$usersql = Transaction::query("SELECT * FROM users WHERE id = '" . $rawname . "' LIMIT 1");
$myrow = Transaction::fetch($usersql);
$ban = Transaction::query("SELECT * FROM bans WHERE value = '" . $myrow['username'] . "' AND bantype = 'user' or value = '" . $remote_ip . "' AND bantype = 'ip' LIMIT 1");
$bancheck = Transaction::num_rows($ban);
if ($myrow['ip_reg'] == "0") {
Transaction::query("UPDATE users SET ip_reg = '" . $remote_ip . "' WHERE id = '" . $myrow['id'] . "'");
} elseif ($bancheck > 0) {
$bandata = Transaction::fetch($ban);
$timestamp = time();
if ($bandata['expire'] > $timestamp) {
session_destroy();
header("Location: index.php");
exit;
} else {
Transaction::query("DELETE FROM bans WHERE value = '" . $name . "' AND bantype = 'user' or value = '" . $remote_ip . "' AND bantype = 'ip' LIMIT 1");
}
}
$rawhotel = 0;
$rawhotel = md5($myrow['id'] + $myrow['username'] + $myrow['password'] + Security::getUserIP());
$owner = 'yesiamtheowner';
}
$user_rank = mobbo::users_info('rank');
if ($user_rank > 3 && $logged_in or !$logged_in) {
$hkzone = true;
$p = Security::textFilter($_GET['p']);
$do = Security::textFilter($_GET['do']);
$page = Security::textFilter($_GET['page']);
$key = Security::textFilter($_GET['key']);
$search = Security::textFilter($_POST['search']);
if (mobbo::session_is_registered('acp')) {
$session = $_SESSION['acp'];
$admin_username = $_SESSION['hkusername'];
$admin_password = $_SESSION['hkpassword'];
$check = Transaction::query("SELECT * FROM `users` WHERE `username` = '" . $myrow['username'] . "' AND `rank` > 5 LIMIT 1");
$valid = Transaction::num_rows($check);
if ($valid > 0) {
$tmp = Transaction::fetch($check);
if ($p == "logout") {
session_destroy();
$notify_logout = true;
include 'login.php';
} elseif ($p == "home") {
$tab = 1;
require_once 'home.php';
} elseif ($p == "test") {
$tab = 1;
require_once 'test.php';
} elseif ($p == "banners") {
$tab = 3;
require_once 'banners.php';
$myrealip = $_SERVER['REMOTE_ADDR'];
if (empty($_SESSION['fb_id'])) {
$SQL = Transaction::query("SELECT auth_ticket FROM users WHERE id = '" . $id . "'");
echo mysql_error();
$N = Transaction::num_rows($SQL);
if ($N == 0) {
Transaction::query("UPDATE `users` SET `auth_ticket` = '" . Security::GenerateTicket() . "', `ip_last` = '" . $myrealip . "' WHERE id = '" . $id . "'") or die(mysql_error());
} else {
Transaction::query("UPDATE `users` SET `auth_ticket` = '" . Security::GenerateTicket() . "', `ip_last` = '" . $myrealip . "' WHERE id = '" . $id . "'") or die(mysql_error());
$ticketsql = Transaction::query("SELECT auth_ticket FROM users WHERE id = '" . $id . "'") or die(mysql_error());
$ticketrow = Transaction::fetch($ticketsql);
}
} else {
$SQL = Transaction::query("SELECT auth_ticket FROM users WHERE fb_id = '" . $fb_id . "'");
echo mysql_error();
$N = Transaction::num_rows($SQL);
if ($N == 0) {
Transaction::query("UPDATE `users` SET `auth_ticket` = '" . Security::GenerateTicket() . "', `ip_last` = '" . $myrealip . "' WHERE fb_id = '" . $fb_id . "'") or die(mysql_error());
} else {
Transaction::query("UPDATE `users` SET `auth_ticket` = '" . Security::GenerateTicket() . "', `ip_last` = '" . $myrealip . "' WHERE fb_id = '" . $fb_id . "'") or die(mysql_error());
}
$ticketsql = Transaction::query("SELECT auth_ticket FROM users WHERE fb_id = '" . $fb_id . "'") or die(mysql_error());
$ticketrow = Transaction::fetch($ticketsql);
}
logs::mobbo_log("client");
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" xmlns:og="http://opengraphprotocol.org/schema/" xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" />