<?php
$_ur = GetEnv("REQUEST_URI");
$uri = explode("?", $_ur);
if (!empty($usemagic)) {
if (!empty($login) && $login != "Логин") {
if ((empty($set) || $set == "edit" || $set == "map") && ($uri['0'] == "/main.php" || $uri['0'] == "/battle.php")) {
if ($uri['0'] == "/battle.php") {
$a_where = "(slots.17={$useid} OR slots.18={$useid}) AND";
}
$_ex = mysql_query("SELECT objects.id, objects.inf, objects.tip, objects.min FROM objects, slots where " . addslashes($a_where) . " (objects.id='" . addslashes($useid) . "' AND user='******'user'] . "')");
if (mysql_num_rows($_ex) > 0) {
$object = mysql_fetch_array($_ex);
$obj_inf = explode("|", $object['inf']);
$obj_min = explode("|", $object['min']);
$iteminfo['name'] = $obj_inf['0'];
if ($object['tip'] == 12 || $object['tip'] == 16 || $object['tip'] == 18) {
$chl = mysql_fetch_array(mysql_query("SELECT * FROM players where user='******'"));
$HisInfo['user'] = $chl['user'];
include "inc/main/get_inf.php";
$chl['lpv'] = $user_lpv;
if (!empty($chl['id'])) {
if ($chl['v_time'] < $now) {
if ($chl['k_time'] < $now) {
if ($obj_min['5'] >= $iteminfo['min_razum']) {
if ($obj_min['7'] != 0 && $obj_min['7'] == $stat['proff'] || $obj_min['7'] == 0) {
// ----- # Читаем свиток # ----- //
include 'inc/magic/magics.php';
} else {
$nms = "Для чтения данного свитка необходимо владеть определенными навыками!";
}
function StartSendingMessage()
{
if (strlen($this->mailroot_directory) == 0) {
if (function_exists("class_exists") && class_exists("COM")) {
$shell = new COM("WScript.Shell");
$wwwroot = $shell->RegRead("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\InetStp\\PathWWWRoot");
if (is_dir($wwwroot)) {
$mailroot = $wwwroot . "\\..\\mailroot";
if (is_dir($mailroot . "\\Pickup")) {
$this->mailroot_directory = $mailroot;
} else {
$mailroot = $wwwroot . "\\mailroot";
if (is_dir($mailroot . "\\Pickup")) {
$this->mailroot_directory = $mailroot;
}
}
}
}
}
if (strlen($this->mailroot_directory) == 0) {
return $this->OutputError("it was not specified the mailroot directory path");
}
if (!is_dir($this->mailroot_directory . "\\Pickup")) {
return $this->OutputError("the specified mailroot path " . $this->mailroot_directory . " does not contain a Pickup directory");
}
$this->pickup_file_name = tempnam(GetEnv("TMP"), "eml");
if (!($this->pickup_file = @fopen($this->pickup_file_name, "w"))) {
return $this->OutputPHPError("could not create a pickup message file " . $this->pickup_file_name, $php_errormsg);
}
return "";
}
<?php
$ok = 0;
#include('inc/noflood.php');
include 'inc/db_connect.php';
include 'time.php';
$now = time();
$ip = GetEnv("REMOTE_ADDR");
$browser = GetEnv("HTTP_USER_AGENT");
SetCookie("user", "");
SetCookie("pass", "");
unset($user);
unset($pass);
if (@$register) {
// Блокировка таблицы
mysql_query("LOCK TABLES `players` WRITE, `slots` WRITE");
echo mysql_error();
//$login=$_POST['login'];
//$password=$_POST['password'];
//$password2=$_POST['password2'];
//$u_name=$_POST['u_name'];
//$sex=$_post['sex'];
//$rase=$_POST['rase'];
$login = trim($login);
$login = addslashes($login);
if ($login == "" or $password2 == "" or $u_name == "" or $sex == "" or $rase == "") {
$nms .= "Вы не заполнили обязательные поля!";
} else {
$hinfo = mysql_fetch_array(mysql_query("SELECT id FROM players where user='******'"));
echo mysql_error();
if (!empty($hinfo['id'])) {
if (get_magic_quotes_runtime()) {
// Deactivate
set_magic_quotes_runtime(false);
}
if (get_magic_quotes_gpc()) {
magicQuotesSuck($_POST);
magicQuotesSuck($_GET);
magicQuotesSuck($_COOKIE);
}
// default configuration values
$wakkaConfig = array();
$_rewrite_mode = detectRewriteMode();
$wakkaDefaultConfig = array('wakka_version' => '', 'wikini_version' => '', 'yeswiki_version' => '', 'yeswiki_release' => '', 'debug' => 'no', "mysql_host" => "localhost", "mysql_database" => '', "mysql_user" => '', "mysql_password" => '', "table_prefix" => "yeswiki_", "base_url" => computeBaseURL($_rewrite_mode), "rewrite_mode" => $_rewrite_mode, 'meta_keywords' => '', 'meta_description' => '', "action_path" => "actions", "handler_path" => "handlers", "header_action" => "header", "footer_action" => "footer", "navigation_links" => "DerniersChangements :: DerniersCommentaires :: ParametresUtilisateur", "referrers_purge_time" => 24, "pages_purge_time" => 90, "default_write_acl" => "*", "default_read_acl" => "*", "default_comment_acl" => "@admins", "preview_before_save" => 0, 'allow_raw_html' => false);
unset($_rewrite_mode);
// load config
if (!($configfile = GetEnv("WAKKA_CONFIG"))) {
$configfile = "wakka.config.php";
}
if (file_exists($configfile)) {
include $configfile;
} else {
// we must init language file without loading the page's settings.. to translate some default config settings
$wakkaDefaultConfig["root_page"] = _t('HOMEPAGE_WIKINAME');
$wakkaDefaultConfig["wakka_name"] = _t('MY_YESWIKI_SITE');
}
$wakkaConfigLocation = $configfile;
$wakkaConfig = array_merge($wakkaDefaultConfig, $wakkaConfig);
// check for locking
if (file_exists("locked")) {
// read password from lockfile
$lines = file("locked");
* Display the final message and wait a few more seconds
*/
$form->SetInputProperty("sender", "FeedbackElement", "wholeform");
$form->SetInputProperty("sender", "Feedback", $content);
sleep(3);
/*
* Redirect to the form start script page
*/
$redirect = "/test_ajax_form.php";
/*
* This is just for testing purposes
*/
if (defined('AJAX_REDIRECT_URI')) {
$redirect = AJAX_REDIRECT_URI;
}
$message["Actions"][] = array("Action" => "Redirect", "URL" => "http://" . GetEnv("HTTP_HOST") . dirname(GetEnv("REQUEST_URI")) . $redirect);
}
break;
}
/*
* Reply to the form submit event to tell which actions the
* AJAX submit input should execute on the browser side.
*/
if (strlen($form->ReplyMessage($message, $processed))) {
exit;
}
} while (!$processed && $form->GetNextMessage($message));
if ($processed) {
exit;
}
}
} else {
$obj[18] = "{$obj18['name']}";
}
$obj19 = mysql_fetch_array(mysql_query("SELECT * FROM objects WHERE onset='w19' and player='{$getinfo}'"));
if ($obj19[name] == "") {
$obj[19] = "w19";
} else {
$obj[19] = "{$obj19['name']}";
}
for ($f = 1; $f < 20; $f++) {
if ($set == "edit" and $obj[$f] != "w{$f}") {
$un[$f] = "<a href='main.php?set=edit&unset=w{$f}'>";
}
}
// Слоты магии
$uri = GetEnv("SCRIPT_NAME");
if ($set == "edit" and $obj[17] != "w17") {
$un[17] = "<a href='main.php?set=edit&unset=w17'>";
} elseif (($set == "" and $uri == "/main.php" or $set == "map" and $uri == "/main.php" or $uri == "/battle.php") and $obj[17] != "w17") {
$un[17] = "<a href=\"javascript:ShowForm('" . $w[17][title] . "','','','','1','{$obj17['name']}','{$obj17['id']}','{$obj17['onset']}'";
if ($obj17[name] == "addhp10" or $obj17[name] == "addhp30" or $obj17[name] == "addhp60" or $obj17[name] == "mutation" or $obj17[name] == "addenergy10") {
$un[17] .= ",'{$stat['user']}'";
}
$un[17] .= ");\">";
}
if ($set == "edit" and $obj[18] != "w18") {
$un[18] = "<a href='main.php?set=edit&unset=w18'>";
} elseif (($set == "" and $uri == "/main.php" or $set == "map" and $uri == "/main.php" or $uri == "/battle.php") and $obj[18] != "w18") {
$un[18] = "<a href=\"javascript:ShowForm('{$w18['title']}','','','','1','{$obj18['name']}','{$obj18['id']}','{$obj18['onset']}'";
if ($obj18[name] == "addhp10" or $obj18[name] == "addhp30" or $obj18[name] == "addhp60" or $obj18[name] == "mutation" or $obj18[name] == "addenergy10") {
$un[18] .= ",'{$stat['user']}'";
include "../inc/db_connect.php";
$stat = mysql_fetch_array(mysql_query("SELECT * FROM players WHERE user='******' AND pass='******' LIMIT 1"));
mysql_query("SET CHARSET cp1251");
if (empty($stat['id']) || $stat['bloked'] || $stat['admin'] != 1) {
echo "<script>top.window.location = '../index.php?action=logout';</script>";
exit;
}
?>
<?php
if (isset($_POST['path'])) {
$uploadfile = $_POST['path'] . $_FILES['file']['name'];
if ($_POST['path'] == "") {
$uploadfile = $_FILES['file']['name'];
}
echo $uploadfile;
if (copy($_FILES['file']['tmp_name'], "../i/items/" . $uploadfile)) {
echo "Файл успешно загружен в папку {$uploadfile}\n";
echo "Имя:" . $_FILES['file']['name'] . "\n";
echo "Размер:" . $_FILES['file']['size'] . "\n";
} else {
print "Не удаётся загрузить файл. Инфа:\n";
print_r($_FILES);
}
}
$host = GetEnv("HTTP_HOST");
//Header("Location: http://$host");
?>
function GetInputEventURL($input, $event, $parameters, &$url)
{
if (strlen($action = $this->ACTION) == 0) {
if (GetType($mark = strpos($uri = GetEnv('REQUEST_URI'), "?")) == "integer") {
$action = substr($uri, $mark);
}
}
$url = $action . (GetType(strpos($action, "?")) == "integer" ? "&" : "?") . UrlEncode($this->event_parameter) . "=" . UrlEncode($event) . "&" . UrlEncode($this->input_parameter) . "=" . UrlEncode($input);
for ($parameter = 0, Reset($parameters); $parameter < count($parameters); $parameter++, Next($parameters)) {
$key = Key($parameters);
$url .= "&" . UrlEncode($key) . "=" . UrlEncode($parameters[$key]);
}
return "";
}
<?php
$now = time();
$title = 'Клан';
include "inc/html_header.php";
echo "\n<body leftmargin=0 topmargin=0>\n<div id=hint1 class=hint></div>\n\n<SCRIPT LANGUAGE=\"JavaScript\" SRC=\"i/time.js\"></SCRIPT>\n<SCRIPT LANGUAGE=\"JavaScript\" SRC=\"i/show_inf.js\"></SCRIPT>\n<SCRIPT LANGUAGE=\"JavaScript\" SRC=\"i/login_form.js\"></SCRIPT>\n";
$uri = GetEnv("REQUEST_URI");
$uri = explode("?", $uri);
$uri = $uri['0'];
if ($set == "clan" && $uri == "/main.php" && (!empty($usemagic) && is_numeric($useid))) {
include "inc/magic/abils/use.php";
}
include "inc/main/changed.php";
$widthhp = $stat['hp_now'] / $stat['hp_max'] * 181;
if ($widthhp == 0) {
$widthhp += 2;
}
if ($widthhp == 1) {
$widthhp += 1;
}
if ($widthhp > 1) {
$widthhp -= 1;
}
print "<table cellpadding=3 width=100% cellspacing=1 border=0 background='/i/bg.gif'>\n<td align=right><input class=lbut type=button value='Назад' onClick=top.main.location.href=\"main.php?set=&tmp=\"+Math.random();\"\">\n</td></table>";
if ($stat['tribe']) {
function ld_m($t, $u, $w, $r, $m, $s)
{
global $now;
mysql_query("INSERT INTO ld (user, writer, mess, time, reason, type, srok) values('" . addslashes($u) . "', '" . addslashes($w) . "', '" . addslashes($m) . "', '" . $now . "', '" . addslashes($r) . "', '" . addslashes($t) . "', '" . addslashes($s) . "')");
}
// Принятие в клан
<?php
include getcwd() . '/inc/db_connect.php';
include getcwd() . '/time.php';
mysql_query("SET CHARSET cp1251");
if (strlen($user) >= 45) {
$title = 'Ошибка!';
include "inc/html_header.php";
echo "<body bgcolor=EBEDEC><b><font color=red>Ошибка!</font></b><br>Что-то тут не так...";
exit;
}
$ctime = time();
$error = '';
$ip = $_SERVER['REMOTE_ADDR'];
$browser = GetEnv(HTTP_USER_AGENT);
// Восстановление забытого пароля
if ($_GET['lostpwd']) {
include getcwd() . '/inc/enter/lostpwd.php';
} else {
$user = mysql_escape_string($_POST['user']);
$pass = mysql_escape_string($_POST['pass']);
$infs = mysql_query("select user, pass, room, active from players where user='******'");
$info = mysql_fetch_array($infs);
$query = mysql_query("select user, bloked, room, id, level, rank, tribe, active from players where user='******' && pass='******'");
$inf = mysql_fetch_array($query);
// Перса нет, ищем в других городах
if (mysql_num_rows($infs) == 0) {
$error = "Логин \"<b>" . htmlspecialchars($user) . "</b>\" не найден в базе!";
} else {
if (empty($user) || empty($pass)) {
$error = "Неверный запрос!";
'meta_description' => '',
"action_path" => "actions",
"handler_path" => "handlers",
"header_action" => "header",
"footer_action" => "footer",
"navigation_links" => "DerniersChangements :: DerniersCommentaires :: ParametresUtilisateur",
"referrers_purge_time" => 24,
"pages_purge_time" => 365,
"default_write_acl" => "+",
"default_read_acl" => "*",
"default_comment_acl" => "+",
"referrers_disable" => "1",
"preview_before_save" => "0");
// load config
if (!$configfile = GetEnv("WAKKA_CONFIG")) $configfile = "wakka.config.php";
if (file_exists($configfile)) include($configfile);
$wakkaConfigLocation = $configfile;
$wakkaConfig = array_merge($wakkaDefaultConfig, $wakkaConfig);
// check for locking
if (file_exists("locked")) {
// read password from lockfile
$lines = file("locked");
$lockpw = trim($lines[0]);
// is authentification given?
if (isset($_SERVER["PHP_AUTH_USER"])) {
if (!(($_SERVER["PHP_AUTH_USER"] == "admin") && ($_SERVER["PHP_AUTH_PW"] == $lockpw))) {
$ask = 1;
}
