<?php require_once "./init.php"; if (!defined('is_florensia')) { die('Hacking attempt'); } $florensia->sitetitle("CharacterAPI"); $flolang->load("character"); if (strlen($_GET['verify'])) { if (!$flouser->userid) { $verificationbar = "<span style='color:#FF0000'>{$flolang->character_api_verify_error_notloggedin}</span>"; } else { $character = new class_character($_GET['verify']); if (!$character->is_valid()) { $verificationbar = "<span style='color:#FF0000'>" . $character->get_errormsg() . "</span>"; } elseif ($character->data['ownerid']) { $verificationbar = $flolang->character_api_already_verified; } elseif (MYSQL_NUM_ROWS(MYSQL_QUERY("SELECT id FROM flobase_character_verification WHERE userid='{$flouser->userid}' AND characterid='{$character->data['characterid']}' AND accepted='-1'"))) { $verificationbar = $flolang->character_api_verify_pending; } else { if ($_POST['do_upload'] && $_FILES['screenshot']['tmp_name']) { //verify if the screen is the original one. $screen = fopen($_FILES['screenshot']['tmp_name'], "rb"); $header = fread($screen, 163); $origheader = "ÿØÿàJFIFÿÛC\t\t\n\f\r\f\v\v\f \$.' \",#(7),01444'9=82<.342ÿÛC\t\t\t\f\v\f\r\r2!!22222222222222222222222222222222222222222222222222ÿÀ"; if ($header == $origheader) { MYSQL_QUERY("INSERT INTO flobase_character_verification (userid, characterid, timestamp) VALUES('{$flouser->userid}', '{$character->data['characterid']}', '" . date("U") . "')"); @rename($_FILES['screenshot']['tmp_name'], "{$florensia->root_abs}/pictures/characterverification/" . mysql_insert_id()); chmod("{$florensia->root_abs}/pictures/characterverification/" . mysql_insert_id(), 0755); $verificationbar = $flolang->character_api_verify_pending; $florensia->notice($flolang->character_api_verify_upload_successfully, "successful");
$sigchars = join($sep, $create_slots); //save chars MYSQL_QUERY("UPDATE flobase_signaturetemp SET characters='" . mysql_real_escape_string($sigchars) . "' WHERE userid='" . $mybb->user['uid'] . "'"); } } else { $saved_chars = explode($sep, $template['characters']); $sigchars = join($sep, $saved_chars); foreach ($saved_chars as $i => $charname) { $_POST['slot_' . $i] = $charname; } } unset($charselect); for ($i = 0; $i < count($xml->char); $i++) { if (strlen($_POST['slot_' . $i])) { $characterslot = new class_character($_POST['slot_' . $i]); if (!$characterslot->is_valid()) { $errorcharnotice = $characterslot->get_errormsg(); } else { unset($errorcharnotice); } if ($errorcharnotice) { $errorcharnotice = " <span class='small' style='font-weight:normal;'><span style='color:#FF0000;'>(</span>{$errorcharnotice}<span style='color:#FF0000;'>)</span></span>"; } } else { unset($errorcharnotice); } $charselect .= "<tr><td style='width:100px;'>" . $flolang->sprintf($flolang->signature_slots, $i + 1) . ":</td><td><input type='text' name='slot_{$i}' value='" . $florensia->escape($_POST['slot_' . $i]) . "' maxlength='255' style='width:200px;'>{$errorcharnotice}</td></tr>"; } if (count($xml->char) == 0) { $charselect .= "<tr><td colspan='2' class='small'>{$flolang->signature_create_characterslots_notice}</tr>"; }
<div class='subtitle' style='padding:10px; margin-bottom:15px; margin-right:315px;'> <div style='margin:auto; height:164px; width:279px; background-image:url({$florensia->layer_rel}/character_inv.png); background-position:center; background-repeat:no-repeat;'></div> </div> */ $content = "\n <div class='subtitle' style='margin-bottom:10px;'><a href='{$florensia->root}/characterdetails'>{$flolang->character_sitetitle}</a> > " . $florensia->escape($character->data['charname']) . "</div>\n <div class='subtitle' style='text-align:center; margin-bottom:15px;'>{$flolang->character_jumpto} " . $florensia->quicksearch() . "</div>\n {$charoverview}\n "; $florensia->sitetitle("Characterdetails"); $florensia->sitetitle($florensia->escape($character->data['charname'])); $florensia->output_page($content); } else { foreach ($getcharacter as $charname) { if ($charname == "0") { continue; } #ignore placeholder $char = new class_character($charname); if (!$char->is_valid()) { $errorcharnotice = $char->get_errormsg(); $char->data['jobclass'] = $guild = $server = $char->data['levelsea'] = $char->data['levelland'] = $char->data['updatepriority'] = "-"; $char->data['lastupdate'] = date("U"); $charname = $florensia->escape($charname) . "<br /><span style='color:#FF0000;'>(</span>{$errorcharnotice}<span style='color:#FF0000;'>)</span>"; } else { if ($char->data['gender'] == "m") { $gender = "<img src='{$florensia->layer_rel}/gender_male.gif' border='0' alt='male' style='height:12px;'>"; } else { $gender = "<img src='{$florensia->layer_rel}/gender_female.gif' border='0' alt='female' style='height:12px;'>"; } $charname = "{$gender} <a href='" . $florensia->outlink(array("characterdetails", $char->data['charname'])) . "'>" . $florensia->escape($char->data['charname']) . "</a>"; $server = "<a href='{$florensia->root}/statistics/" . $florensia->escape($char->data['server']) . "'>" . $florensia->escape($char->data['server']) . "</a>"; if ($char->data['guildid']) { $guild = "<a href='" . $florensia->outlink(array("guilddetails", $char->data['guildid'], $char->data['server'], $char->data['guild'])) . "'>" . $florensia->escape($char->data['guild']) . "</a>"; } elseif ($char->data['guild']) {
if (is_dir($cfg['language_abs'] . '/' . $language[1]) && $language[1] != "") { $flolang->language = $language[1]; } $flolang->load("signature"); /* * Loading character... */ preg_match("/^([a-z]{2}|0){$sep}([0-9t]+){$sep}(.+)\\.(png|gif)\$/", $_GET['sig'], $character); $character = explode($sep, $character[3]); foreach ($character as $charname) { if (trim($charname) == "0" or $charname == "") { $charinfo['placeholder_' . bcadd(count($charinfo), 1)] = 0; continue; } $api = new class_character($charname); if (!$api->is_valid()) { //timeout or deleted continue; } $charinfo[$charname] = $api->data; } /* * Loading template/signature... */ preg_match("/^([a-z]{2}|0){$sep}([0-9t]+)/", $_GET['sig'], $signature); $signature = $signature[2]; if (preg_match('/^t([0-9]+)$/', $signature, $signaturetemp)) { $querysignature = MYSQL_QUERY("SELECT template FROM flobase_signaturetemp WHERE userid='" . $signaturetemp[1] . "'"); if ($signature = MYSQL_FETCH_ARRAY($querysignature)) { $signature['layout'] = "create/" . $signaturetemp[1]; } else {
function updateentry($exchangetype, $itemid, $action, $extendtime = 0) { global $flouser, $flolang, $stringtable, $mybb, $florensia; // $flolang->load("market"); if ($exchangetype != "buy" && $exchangetype != "sell") { return false; } //not logged in if (!$mybb->user['uid']) { $florensia->notice($flolang->market_updateentry_error_notloggedin, "warning"); return false; } //banned from market if (!$flouser->get_permission("add_usermarket")) { $florensia->notice($flolang->market_updateentry_error_banned, "warning"); return false; } if ($action == "add" or $action == "update") { if ($action == "add" && MYSQL_NUM_ROWS(MYSQL_QUERY("SELECT id FROM flobase_usermarket WHERE userid='" . $mybb->user['uid'] . "' AND exchangetype='{$exchangetype}' AND itemid='" . mysql_real_escape_string($itemid) . "'")) != 0) { $florensia->notice($flolang->market_updateentry_error_alreadysaved, "warning"); return false; } elseif (MYSQL_NUM_ROWS(MYSQL_QUERY("SELECT itemid FROM server_item_idtable WHERE itemid='" . mysql_real_escape_string($itemid) . "'")) == 0) { $florensia->notice($flolang->market_updateentry_error_existitem, "warning"); return false; } $character = new class_character($_POST['charactername']); if (!$character->is_valid()) { if ($character->get_errormsg() == "timeout") { $florensia->notice($flolang->market_updateentry_error_character_timeout, "warning"); } else { $florensia->notice($flolang->market_updateentry_error_character_exists, "warning"); } return false; } //finally, if character verified... $timeout = bcadd(date("U"), intval($_POST['timeoutdays']) * 24 * 60 * 60); $itemamount = intval($_POST['itemamount']); if ($itemamount == 0 or $itemamount == "") { $itemamount = 1; } foreach ($_POST['marketlanguage'] as $languageid) { if (!$flolang->lang[$languageid]->visible_usermarket) { continue; } $marketlanguage .= $comma . $languageid; $comma = ","; } $exchangegelt = intval(str_replace(array(",", "."), "", $_POST['exchangegelt'])); if ($action == "add") { if (!MYSQL_QUERY("INSERT INTO flobase_usermarket (userid, itemid, itemamount, exchange, exchangegelt, exchangetype, server, characterid, marketlanguage, timeout, createtime) VALUES('" . $mybb->user['uid'] . "', '" . mysql_real_escape_string($itemid) . "', '{$itemamount}', '" . mysql_real_escape_string($_POST['exchange']) . "', '{$exchangegelt}', '{$exchangetype}', '" . mysql_real_escape_string($character->data['server']) . "', '{$character->data['characterid']}', '{$marketlanguage}', '{$timeout}', '" . date("U") . "')")) { $florensia->notice($flolang->market_updateentry_error_default, "warning"); return false; } else { $florensia->notice($flolang->sprintf($flolang->market_updateentry_successful_add, $stringtable->get_string($itemid), intval($_POST['timeoutdays'])), "successful"); return true; } } elseif ($action == "update") { if (!MYSQL_QUERY("UPDATE flobase_usermarket SET itemamount='{$itemamount}', exchange='" . mysql_real_escape_string($_POST['exchange']) . "', exchangegelt='{$exchangegelt}', server='" . mysql_real_escape_string($character->data['server']) . "', characterid='{$character->data['characterid']}', marketlanguage='{$marketlanguage}', timeout='{$timeout}' WHERE userid='{$mybb->user['uid']}' AND itemid='" . mysql_real_escape_string($itemid) . "' AND exchangetype='{$exchangetype}'")) { $florensia->notice($flolang->market_updateentry_error_default, "warning"); return false; } else { $florensia->notice($flolang->sprintf($flolang->market_updateentry_successful_update, $stringtable->get_string($itemid)), "successful"); return true; } } } elseif ($action == "delete") { MYSQL_QUERY("DELETE FROM flobase_usermarket WHERE userid='" . $mybb->user['uid'] . "' AND exchangetype='{$exchangetype}' AND itemid='" . mysql_real_escape_string($itemid) . "'"); $florensia->notice($flolang->sprintf($flolang->market_updateentry_successful_delete, $stringtable->get_string($itemid)), "successful"); return true; } elseif ($action == "extend" && intval($extendtime)) { $maxtime = 2 * 30; $extendtimedb = intval($extendtime) * 24 * 60 * 60; $verifyextend = MYSQL_FETCH_ARRAY(MYSQL_QUERY("SELECT timeout FROM flobase_usermarket WHERE userid='" . $mybb->user['uid'] . "' AND exchangetype='{$exchangetype}' AND itemid='" . mysql_real_escape_string($itemid) . "'")); if (bcadd($verifyextend['timeout'], $extendtimedb) >= bcadd(date("U"), $maxtime * 24 * 60 * 60)) { $florensia->notice($flolang->sprintf($flolang->market_updateentry_error_extend_timespan, $stringtable->get_string($itemid), intval($extendtime), $maxtime), "warning"); return false; } MYSQL_QUERY("UPDATE flobase_usermarket SET timeout=timeout+{$extendtimedb} WHERE userid='" . $mybb->user['uid'] . "' AND exchangetype='{$exchangetype}' AND itemid='" . mysql_real_escape_string($itemid) . "'"); $florensia->notice($flolang->sprintf($flolang->market_updateentry_successful_extend, $stringtable->get_string($itemid), $extendtime), "successful"); return true; } }