$sql = mysql_query("SELECT * FROM ava_news ORDER BY id DESC LIMIT {$from}, {$npp}");
} else {
if (isset($_GET['id'])) {
$sql = mysql_query("SELECT * FROM ava_news WHERE id=" . $id . " LIMIT 1");
} else {
$name = mysql_secure($_GET['name']);
$sql = mysql_query("SELECT * FROM ava_news WHERE seo_url= '{$name}' LIMIT 1");
}
}
while ($row = mysql_fetch_array($sql)) {
$id = $row['id'];
$sql2 = mysql_query("SELECT * FROM ava_users WHERE id='" . $row['user'] . "' LIMIT 1");
while ($row2 = mysql_fetch_array($sql2)) {
// Assign items to 'news' array for use in the template
$news = array('title' => $row['title'], 'author' => $row2['username'], 'date' => FormatDate($row['date'], 'time'), 'main' => $row['content']);
$news['user_url'] = ProfileUrl($row2['id'], $row2['seo_url']);
$news['news_url'] = NewsUrl($row['id'], $row['seo_url']);
$news['comments'] = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_news_comments WHERE link_id={$row['id']}"), 0);
$news['image_url'] = $setting['site_url'] . '/uploads/news_icons/' . $row['image'];
// Include the template for news items
include '.' . $setting['template_url'] . '/' . $template['news_item'];
}
}
if (!isset($_GET['id']) && !isset($_GET['name'])) {
$total_results = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_news"), 0);
$total_pages = ceil($total_results / $npp);
if ($total_pages > 1) {
echo '<div class="category_pages">';
if ($page > 1) {
$prev = $page - 1;
$url = NewsPagesUrl($prev);
if (mysql_num_rows($requests_q)) {
echo '<div class="friend_requests_header">Friend Requests</div> <div class="friend_requests_container">';
while ($friend = mysql_fetch_array($requests_q)) {
$friend['url'] = ProfileUrl($friend['id'], $friend['seo_url']);
$friend['avatar_url'] = AvatarUrl($friend['avatar'], $friend['facebook'], $friend['facebook_id']);
$friend['last_activity'] = FormatDate($friend['last_activity'], 'time');
$friend['buttons'] = '<a href="#" onclick="ManageFriend(' . $friend['id'] . ', \'accept_request\', \'friends_page\');return false"><img src="images/add_friend.png" /></a>
<a href="#" onclick="ManageFriend(' . $friend['id'] . ', \'delete_request\', \'friends_page\');return false"><img src="images/delete_friend.png" /></a>';
include '.' . $setting['template_url'] . '/' . $template['friend'];
}
echo '</div>';
}
echo '<div class="friends_header">Friends</div> <div class="friends_container">';
// Mutual friends
$friends_q = mysql_query("SELECT ava_users.*\n\tFROM ava_friends\n\tLEFT JOIN ava_users \n\tON ava_friends.user2 = ava_users.id\n\tWHERE ava_friends.user1 = {$user['id']}");
if (mysql_num_rows($friends_q)) {
while ($friend = mysql_fetch_array($friends_q)) {
$friend['url'] = ProfileUrl($friend['id'], $friend['seo_url']);
$friend['avatar_url'] = AvatarUrl($friend['avatar'], $friend['facebook'], $friend['facebook_id']);
$friend['last_activity'] = FormatDate($friend['last_activity'], 'time');
$friend['buttons'] = '<a href="index.php?task=send_message&id=' . $friend['id'] . '"><img src="images/friend_message.png" /></a>
<a href="#" onclick="ManageFriend(' . $friend['id'] . ', \'delete_friend\', \'friends_page\');return false"><img src="images/delete_friend.png" /></a>';
include '.' . $setting['template_url'] . '/' . $template['friend'];
}
} else {
echo '<div class="no_friends">' . NO_FRIENDS . '</div>';
}
echo '</div>';
} else {
echo FRIENDS_LOGIN;
}
<?php
// VIEW A PRIVATE MESSAGE
defined('AVARCADE_') or die('');
if (isset($_COOKIE["ava_username"])) {
$sql = mysql_query("SELECT * FROM ava_messages WHERE id= {$id}");
$row = mysql_fetch_array($sql);
if ($user['id'] == $row['user_id']) {
// Display the PM and the options
echo '<div class="pm_header">
<div class="pm_subject">' . $row['title'] . '</div>
<div class="pm_details"><strong>' . PM_FROM . ':</strong> <a href="' . $setting['site_url'] . '/index.php?task=profile&id=' . $row['sender_id'] . '">' . $row['sender_name'] . '</a> <strong>' . PM_DATE . ':</strong> ' . FormatDate($row['date'], 'time') . '</div></div>
<div class="pm_message">' . $row['message'] . '</div>';
$profile_url = ProfileUrl($row['sender_id'], seoname($row['sender_name']));
echo ' <div class="pm_footer">
<p class="sub_button"><a href="' . $setting['site_url'] . '/index.php?task=send_message&id=' . $row['sender_id'] . '&re=' . $row['id'] . '">' . PM_REPLY . '</a></p>
<p class="sub_button"><a href="' . $setting['site_url'] . '/index.php?task=messages&pm_task=delete&id=' . $row['id'] . '">' . PM_DELETE_MESSAGE . '</a></p>
<p class="sub_button"><a href="' . $profile_url . '">' . PM_SENDER_PROFILE . '</a></p>
<p class="sub_button"><a href="' . $setting['site_url'] . '/index.php?task=messages&pm_task=unread&id=' . $row['id'] . '">' . PM_MARK_UNREAD . '</a></p>';
if ($row['highscore_game_id'] == 0) {
echo ' <p class="sub_button"><a href="#" onclick="ShowPopup(\'ava-popup\', \'' . $setting['site_url'] . '/includes/forms/pm_report_form.php?id=' . $row['id'] . '\', \'' . PM_REPORT . '\');return false">' . PM_REPORT . '</a></p>';
}
echo '</div>';
if ($row['read'] == 0) {
mysql_query("UPDATE ava_messages SET `read` = 1 WHERE id = {$row['id']} LIMIT 1");
// Update user messages counter
$msg_count = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_messages WHERE user_id={$user['id']} AND `read`=0"), 0);
$update = mysql_query("UPDATE ava_users SET messages={$msg_count} WHERE id='{$user['id']}'") or die(mysql_error());
}
} else {
$date = date("F j Y");
if (isset($_COOKIE['ava_ref'])) {
$referrer = intval($_COOKIE['ava_ref']);
} else {
$referrer = 0;
}
$seo_url = seoname($username);
// If email validation is off, instantly activate the account
if ($setting['email_on'] == 0) {
$sql = mysql_query("INSERT INTO ava_users (username, password, email, activate, joined, referrer, seo_url)\n \t\tVALUES('{$username}', '{$passwordpro}', '{$email}', '1', '{$date}', {$referrer}, '{$seo_url}')") or die(mysql_error());
$new_user = mysql_insert_id();
// If user was referred, give the referrer points
if (isset($_COOKIE['ava_ref'])) {
mysql_query("UPDATE ava_users SET points = points + {$setting['points_refer']} WHERE id= {$referrer}");
$date = date("F j Y, G:i");
$profile_url = ProfileUrl($new_user, seoname($username));
mysql_query("INSERT INTO ava_messages (user_id, sender_id, sender_name, title, message, date) \n\t\t\t\t\tVALUES ('{$referrer}', '{$new_user}', '{$username}', '{$username} " . REF_PM_TITLE . " {$setting['site_name']}', '{$username} " . REF_PM_MESSAGE . ": <a href=\"{$profile_url}\">{$profile_url}</a>', '{$date}')");
}
echo VALIDATED;
} else {
$sql = mysql_query("INSERT INTO ava_users (username, password, email, joined, referrer, seo_url)\n \t\t\tVALUES('{$username}', '{$passwordpro}', '{$email}', '{$date}', {$referrer}, '{$seo_url}')") or die(mysql_error());
$userid = mysql_insert_id();
$data = array('email_address' => $email, 'to_username' => $username, 'subject' => EMAIL_REGISTER_HEADER . ' ' . $username, 'send_email' => 1);
$data['validate_url'] = $setting['site_url'] . '/index.php?task=validate&id=' . $userid . '&code=' . $passwordpro;
SendEmail($data, 'validate_email');
echo EMAIL4;
// Email sent message
}
}
}
} else {
<?php
echo '<ul>';
$sql = mysql_query("SELECT * FROM ava_users ORDER BY id desc LIMIT 10");
while ($row = mysql_fetch_array($sql)) {
$url = ProfileUrl($row['id'], $row['seo_url']);
echo '<li><a href="' . $setting['site_url'] . '/' . $url . '">' . $row['username'] . '</a></li>';
}
echo '</ul>';
$get_game = mysql_fetch_array(mysql_query("SELECT * FROM ava_games WHERE id=" . $report['link_id']));
$game_url = GameUrl($get_game['id'], $get_game['seo_url'], $get_game['category_id']);
} elseif ($report['type'] == 2 || $report['type'] == 3) {
if ($report['type'] == 2) {
$get_comment = mysql_fetch_array(mysql_query("SELECT * FROM ava_comments WHERE id=" . $report['link_id']));
$get_game = mysql_fetch_array(mysql_query("SELECT * FROM ava_games WHERE id=" . $get_comment['link_id']));
$name = '<a href="' . GameUrl($get_game['id'], $get_game['seo_url'], $get_game['category_id']) . '#comment' . $get_comment['id'] . '"/>' . $get_game['name'] . '</a>';
} else {
$get_comment = mysql_fetch_array(mysql_query("SELECT * FROM ava_news_comments WHERE id=" . $report['link_id']));
$get_news = mysql_fetch_array(mysql_query("SELECT * FROM ava_news WHERE id=" . $get_comment['link_id']));
$name = '<a href="' . NewsUrl($get_news['id'], $get_news['seo_url']) . '#comment' . $get_comment['id'] . '"/>' . $get_news['title'] . '</a>';
}
$get_comment_user = mysql_fetch_array(mysql_query("SELECT * FROM ava_users WHERE id=" . $get_comment['user']));
} elseif ($report['type'] == 5) {
$get_reported_user = mysql_fetch_array(mysql_query("SELECT * FROM ava_users WHERE id=" . $report['link_id']));
$reported_user_url = ProfileUrl($get_reported_user['id'], $get_reported_user['seo_url']);
} elseif ($report['type'] == 6) {
$get_pm = mysql_fetch_array(mysql_query("SELECT * FROM ava_messages WHERE id=" . $report['link_id']));
$get_pm_user = mysql_fetch_array(mysql_query("SELECT * FROM ava_users WHERE id=" . $get_pm['sender_id']));
}
include 'report_item.php';
}
if (isset($_GET['id'])) {
$total_results = mysql_num_rows(mysql_query("SELECT * FROM ava_reported {$type} AND id <= {$_GET['id']}"));
} else {
$total_results = mysql_num_rows(mysql_query("SELECT * FROM ava_reported {$type}"));
}
$total_pages = ceil($total_results / $max_results);
if ($total_pages > 1) {
echo '<form id="form1" name="form1" method="get" action="manage_reported_ajax.php">
<label>
} else {
if (isset($_GET['id'])) {
$query = mysql_query("SELECT * FROM ava_users WHERE id <= " . $_GET['id'] . " ORDER BY id DESC LIMIT 30");
} else {
$query = mysql_query("SELECT * FROM ava_users ORDER BY id DESC LIMIT {$from}, {$max_results}");
}
}
}
}
while ($go = mysql_fetch_array($query)) {
if (isset($_GET['id']) && $_GET['id'] == $go['id']) {
$class = 'manage_user_extended';
} else {
$class = 'manage_item';
}
$profile_url = ProfileUrl($go['id'], $go['seo_url']);
$user_online = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_usersonline WHERE user_id = {$go['id']}"), 0);
if ($user_online == 1) {
$user_online_icon = '<img src="images/online.png" style="vertical-align: middle;" title="Online now" />';
} else {
$user_online_icon = '<img src="images/offline.png" style="vertical-align: middle;" title="Offline" />';
}
echo '
<div id="user-' . $go['id'] . '" class="' . $class . '"><div class="manage_column0">' . $go['id'] . '</div><div class="manage_column">' . $user_online_icon . ' <span id="tuser_name' . $go['id'] . '"> <a href="' . $profile_url . '" class="manage_user">' . $go['username'] . '</a></span></div>
<div class="manage_column_useractivity">' . FormatDate($go['last_activity'], 'admin_datetime') . '</div>
<div class="manage_column2"><a href="#page=1&ip=' . $go['lastip'] . '">' . $go['lastip'] . '</a></div>';
if ($go['admin'] != 1) {
if ($go['banned'] == 0) {
echo '<div class="manage_column3" id="banned-image-' . $go['id'] . '"><img src="images/published.png" width="24" height="24" onclick="ToggleBanned(' . $go['id'] . ', 1);"></div>';
} else {
echo '<div class="manage_column3" id="banned-image-' . $go['id'] . '"><img src="images/unpublished.png" width="24" height="24" onclick="ToggleBanned(' . $go['id'] . ', 0);"></div>';
$from = $page * $max_results - $max_results;
$lb_count = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_leaderboards WHERE game_id = {$id} LIMIT 1"), 0);
if ($lb_count != 0) {
if (isset($_GET['leaderboard']) && $_GET['leaderboard'] != 'default') {
$lb_id = $_GET['leaderboard'];
$leaderboard = mysql_query("SELECT * FROM ava_leaderboards WHERE game_id = {$id} AND leaderboard_id = '{$lb_id}'");
} else {
$leaderboard = mysql_query("SELECT * FROM ava_leaderboards WHERE game_id = {$id} LIMIT 1");
}
$get_leaderboard = mysql_fetch_array($leaderboard);
$lb_id = $get_leaderboard['leaderboard_id'];
$query = mysql_query("SELECT * FROM ava_highscores WHERE game = {$id} AND leaderboard = '{$get_leaderboard['leaderboard_id']}' ORDER BY score {$get_leaderboard['order_by']} LIMIT {$from}, {$max_results}");
while ($go = mysql_fetch_array($query)) {
$hs_user = mysql_fetch_array(mysql_query("SELECT * FROM ava_users WHERE id= {$go['user']}"));
$date = FormatDate($go['date'], 'admin_date');
$url = ProfileUrl($hs_user['id'], $hs_user['seo_url']);
echo '
<div id="score-' . $go['id'] . '" class="manage_item"><div class="manage_column0">' . $go['id'] . '</div><div id="tgame_name' . $go['id'] . '" class="manage_hs_column_username"><a href="' . $url . '" class="manage_link">' . $hs_user['username'] . '</a></div><div id="tcategory_name' . $go['id'] . '" class="manage_hs_column2">' . $go['score'] . '</div>
<div id="tdate' . $go['id'] . '" class="manage_hs_column_date">' . $date . '</div>
<div class="manage_column3" id="delete-image-' . $go['id'] . '"><img src="images/delete.png" width="24" height="24" onclick="DeleteScore(' . $go['id'] . ');"></div>';
echo '<div id="edit-score-' . $go['id'] . '" class="edit_game_container">';
echo '</div>
</div>';
}
$total_results = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_highscores WHERE game = {$id} AND leaderboard = '{$get_leaderboard['leaderboard_id']}'"), 0);
$total_pages = ceil($total_results / $max_results);
echo '<form id="form1" name="form1" method="get" action="manage_games_ajax.php">';
if ($total_pages > 1) {
echo '<label>
if (isset($_GET['scope']) && $_GET['scope'] == 'friends') {
$query = mysql_query("SELECT ava_users.*, ava_highscores.score, ava_highscores.date, ava_highscores.id as score_id \n\t\t\tFROM ava_users\n\t\t\tLEFT JOIN ava_friends\n\t\t\tON ava_users.id = ava_friends.user1 AND ava_friends.user2 = {$user_id}\n\t\t\tRIGHT JOIN ava_highscores\n\t\t\tON ava_highscores.user = ava_users.id\n\t\t\tWHERE game = {$id} AND leaderboard = '{$get_leaderboard['leaderboard_id']}' AND (user2 = {$user_id} OR ava_users.id = {$user_id})\n\t\t\tORDER BY score {$get_leaderboard['order_by']} LIMIT {$from}, {$max_results}") or die(mysql_error());
} else {
$query = mysql_query("SELECT ava_users.*, ava_highscores.score, ava_highscores.date, ava_highscores.id as score_id \n\t\t\tFROM ava_highscores \n\t\t\tLEFT JOIN ava_users\n\t\t\tON ava_users.id = ava_highscores.user\n\t\t\tWHERE game = {$id} AND leaderboard = '{$get_leaderboard['leaderboard_id']}'\n\t\t\tORDER BY score {$get_leaderboard['order_by']} LIMIT {$from}, {$max_results}");
}
echo '<ul class="game_highscore_list">
<li>
<div id="game_highscore_header">
<div class="game_highscore_name">' . HIGHSCORE_USER . '</div>
<div class="game_highscore_score">' . $get_leaderboard['label'] . '</div>
<div class="game_highscore_date">' . HIGHSCORE_DATE . '</div>
</div>
</li>';
while ($highscore = mysql_fetch_array($query)) {
$date = FormatDate($highscore['date'], 'short');
$profile_url = ProfileUrl($highscore['id'], $highscore['seo_url']);
$avatar_url = AvatarUrl($highscore['avatar'], $highscore['facebook'], $highscore['facebook_id']);
echo '<li>
<div class="game_highscore_container" id="game_highscore' . $highscore['score_id'] . '">
<div class="game_highscore_avatar">
<a href="' . $profile_url . '"><img src="' . $avatar_url . '" width="30" height="30"/></a>
</div>
<div class="game_highscore_name"><a href="' . $profile_url . '">' . $highscore['username'] . '</a></div>
<div class="game_highscore_score">' . $highscore['score'];
if ($user['admin'] == 1) {
echo ' <img src="' . $setting['site_url'] . '/images/smallx.png" title="Delete score" onclick="DeleteHighscore(' . $highscore['score_id'] . ', \'' . $setting['site_url'] . '\');"/>';
}
echo '</div>
<div class="game_highscore_date">' . $date . '</div>
</div>
</li>';
<?php
if ($user['login_status'] == 1) {
$q = mysql_query("SELECT favourites from ava_users WHERE id={$user['id']}");
$favs = mysql_fetch_array($q);
if ($favs['favourites'] == '') {
echo '<p class="sb_error">' . PROFILE_NO_FAVS . '</p>';
} else {
$favourites = substr($favs['favourites'], 2);
$sql = mysql_query("SELECT * from ava_games WHERE id IN ({$favourites}) AND published = 1 LIMIT 10");
while ($row = mysql_fetch_array($sql)) {
$url = GameUrl($row['id'], $row['seo_url'], $row['category_id']);
$name = shortenStr($row['name'], $template['module_max_chars']);
if ($setting['module_thumbs'] == 1) {
$image_url = GameImageUrl($row['image'], $row['import'], $row['url']);
$image = '<img class="sidebar_gamesIMG_list" src="' . $image_url . '" alt="" /> ';
} else {
$image = '';
}
echo '<li><a href="' . $url . '">' . $image . '<span style="float:left; margin: 10px 0 0 0;">' . $name . '</span></a></li>';
}
echo '<li class="moreview"><a href="' . ProfileUrl($user['id'], $user['seo_url']) . '">' . FAVOURITES_VIEW_ALL . ' »</a></li>';
}
} else {
echo '<p class="sb_error">' . FAVOURITES_LOG_IN . '</p>';
}
$page = $_GET['page'];
}
}
$max_results = 30;
$from = $page * $max_results - $max_results;
$limit = "{$from}, {$max_results}";
$query = mysql_query("\n\tSELECT ava_submissions.*, ava_users.username, ava_users.seo_url FROM ava_submissions \n\tINNER JOIN ava_users\n\tON ava_submissions.user=ava_users.id\n\tORDER BY ava_submissions.id DESC\n\tLIMIT {$limit};");
while ($go = mysql_fetch_array($query)) {
$category = mysql_query("SELECT * FROM ava_cats WHERE id=" . $go['category'] . "");
$categorya = mysql_fetch_array($category);
if (isset($_GET['id']) && $_GET['id'] == $go['id']) {
$class = 'manage_item_extended';
} else {
$class = 'mochi_item';
}
$user_url = ProfileUrl($go['user'], $go['seo_url']);
$height = $go['height'] + 100;
echo '
<div id="game-' . $go['id'] . '" class="' . $class . '">
<div class="manage_column0"><a href="' . $go['thumbnail'] . '"><img src="' . $go['thumbnail'] . '" width="40" height="40" /></a></div>
<div id="tgame_name' . $go['id'] . '" class="submission_info">
' . $go['name'] . ' <span class="submittedby">submitted by</span> <a href="' . $user_url . '" class="manage_link">' . $go['username'] . '</a><br />
' . $go['description'] . '
</div>
<div class="mochi_column3" id="edit-image-' . $go['id'] . '"><img src="images/dl.png" width="24" height="24" onclick="Reviewgame(' . $go['id'] . ');"></div>
<div class="mochi_column3" id="delete-image-' . $go['id'] . '"><img src="images/delete.png" width="24" height="24" onclick="DeleteAsk(' . $go['id'] . ');"></div>';
if ($go['file'] != '') {
echo '<div class="mochi_column3" id="play-icon-' . $go['id'] . '"><img src="images/go.png" width="24" height="24" onclick="PlayGame(' . $go['id'] . ', ' . $height . ');" /></div>';
} else {
echo '<div class="mochi_column3" id="play-icon-' . $go['id'] . '"><img src="images/no_go.png" width="24" height="24" title="No game file uploaded" /></div>';
<?php
if ($user['login_status'] == 1) {
$q = mysql_query("SELECT favourites from ava_users WHERE id={$user['id']}");
$favs = mysql_fetch_array($q);
if ($favs['favourites'] == '') {
echo '<div class="module_notice">' . PROFILE_NO_FAVS . '</div>';
} else {
echo '<ul>';
$favourites = substr($favs['favourites'], 2);
$sql = mysql_query("SELECT * from ava_games WHERE id IN ({$favourites}) AND published = 1 LIMIT 10");
while ($row = mysql_fetch_array($sql)) {
$url = GameUrl($row['id'], $row['seo_url'], $row['category_id']);
$name = shortenStr($row['name'], $template['module_max_chars']);
if ($setting['module_thumbs'] == 1) {
$image_url = GameImageUrl($row['image'], $row['import'], $row['url']);
$image = '<img src="' . $image_url . '" width= 25 height= 25 style="vertical-align: middle;" /> ';
} else {
$image = '';
}
echo '<li>' . $image . '<a href="' . $url . '">' . $name . '</a></li>';
}
echo '</ul>';
echo '<div class="more_links"><a href="' . ProfileUrl($user['id'], $user['seo_url']) . '">' . FAVOURITES_VIEW_ALL . ' »</a></div>';
}
} else {
echo '<div class="module_notice">' . FAVOURITES_LOG_IN . '</div>';
}
</div>
<div class="form_element_container">
<div class="form_lable">
<label>Submitter ID</label></div>
<div class="form_element"><input class="text_box_id" name="submitter" type="text" id="submitter<?php
echo $_POST['id'];
?>
" value="<?php
echo $values['submitter'];
?>
"/>
<?php
if ($values['submitter'] != 0) {
$link_submitter = mysql_fetch_array(mysql_query("SELECT * FROM ava_users WHERE id = {$values['submitter']} LIMIT 1"));
echo ' Registered user: <a href="' . ProfileUrl($link_submitter['id'], $link_submitter['seo_url']) . '">' . $link_submitter['username'] . '</a>';
} else {
if ($values['submitter'] == 0 && $values['submitter_email'] != '') {
echo ' Unregistered user email: <a href="mailto:' . $values['submitter_email'] . '">' . $values['submitter_email'] . '</a>';
}
}
?>
</div>
</div>
<input name="id" type="hidden" value="0" id="id<?php
echo $_POST['id'];
?>
" />
<div class="button_container"><input class="button" name="Submit" type="button" value="Submit" id="submit<?php
function getUser()
{
global $setting;
// Check for login & valid cookie
if (isset($_COOKIE["ava_username"])) {
$cookie_id = intval($_COOKIE['ava_userid']);
$cookie_password = preg_replace("/[^a-z,A-Z,0-9]/", "", $_COOKIE['ava_code']);
$sql = mysql_query("SELECT * FROM ava_users WHERE id='{$cookie_id}' AND password='******' LIMIT 1");
$user = mysql_fetch_array($sql);
//$login_check = mysql_num_rows($sql);
if (!isset($user['username'])) {
$info = INVALID_LOGIN1 . ' <a href=' . $setting['site_url'] . '/login.php?action=logout>' . UA_LOGOUT . '</a> ' . INVALID_LOGIN2;
if (defined('AVARCADE_')) {
include 'includes/misc/login_fail.php';
}
exit;
} else {
if ($user['banned'] == 1) {
$info = BANNED_MSG;
//if (defined( 'AVARCADE_' ))
include 'includes/misc/login_fail.php';
exit;
} else {
$user['ip'] = secure($_SERVER['REMOTE_ADDR']);
$user['login_status'] = 1;
if ($user['avatar'] == '') {
if ($user['facebook'] == 1) {
$user['avatar'] = 'http://graph.facebook.com/' . $user['facebook_id'] . '/picture';
} else {
$user['avatar'] = $setting['site_url'] . '/uploads/avatars/default.png';
}
} else {
$user['avatar'] = $setting['site_url'] . '/uploads/avatars/' . $user['avatar'];
}
$user['url'] = ProfileUrl($user['id'], $user['seo_url']);
}
}
} else {
$user['login_status'] = 0;
$user['admin'] = 0;
$user['login_link'] = $setting['site_url'] . '/index.php?task=login';
}
return $user;
}
</div>
</div>
</div>
</div>
<!-- end of content left -->
<?php
if ($user['login_status'] == 1) {
?>
<div class="favgamesBOX">
<p class="favgame_title">Your Favorite Games
<?php
echo '<span style="float:right; font: 12px arial;">
<a href="' . ProfileUrl($user['id'], $user['seo_url']) . '" style="color: #ffffff; text-transform: lowercase; text-decoration:none; background-color: #007293; padding: 5px 10px 5px 10px; -webkit-border-radius: 5px;-moz-border-radius: 5px; border-radius: 5px;">' . FAVOURITES_VIEW_ALL . ' »</a></span></p> ';
?>
<?php
include './includes/modules/favourites.php';
?>
</div>
<?php
}
?>
<?php
include 'footer.php';
echo '<br /><span style="font-size:12px;">The reccommended forum version for AV Arcade ' . $version_no . ' is AV Arcade Forums ' . $forum_rec_version . '</span>';
}
}
?>
</div>
<div class="users_online">
<div class="users_online_title">Registered users online: <strong><?php
echo $registered_online;
?>
</strong></div>
<?php
$query = mysql_query("\n\tSELECT ava_users.*\n\tFROM ava_users\n\tINNER JOIN ava_usersonline\n\tON ava_users.id=ava_usersonline.user_id\n\tORDER BY ava_usersonline.time DESC");
while ($online_user = mysql_fetch_array($query)) {
$url = ProfileUrl($online_user['id'], $online_user['seo_url']);
echo '<a href="' . $url . '">' . $online_user['username'] . '</a> ';
}
?>
</div>
</div><div class="main_column2">
<div class="quick_add_container">
<div class="quick_add_title">
Add a game
</div>
<?php
include 'includes/quick_add_game_form.php';
?>
</div>
$the_comment = mysql_secure($_POST['comment'], 0);
$id = intval($_POST['id']);
if (isset($_COOKIE["ava_username"])) {
$cookie_id = intval($_COOKIE["ava_userid"]);
$code = preg_replace("/[^a-z,A-Z,0-9]/", "", $_COOKIE['ava_code']);
$last_comment = mysql_query("SELECT last_comment FROM ava_users WHERE id = {$cookie_id} AND last_comment > NOW() - INTERVAL 1 MINUTE");
if (mysql_num_rows($last_comment) == '0') {
$user = mysql_query("SELECT * FROM ava_users WHERE id=" . $cookie_id . "");
$user2 = mysql_fetch_array($user);
if ($user2['password'] == $code && $user2['banned'] == 0) {
$date = date("Y-m-d H:i:s");
mysql_query("INSERT INTO ava_news_comments (user, comment, link_id, date, ip) VALUES ('{$cookie_id}', '{$the_comment}', '{$id}', '{$date}', '{$_SERVER['REMOTE_ADDR']}')");
$comment = array('username' => $user2['username'], 'content' => stripslashes(nl2br(htmlspecialchars($_POST['comment']))), 'user_points' => $user2['points'], 'date' => FormatDate($date, 'time'));
$comment['delete'] = '';
$comment['report_button'] = '';
$comment['user_url'] = ProfileUrl($user2['id'], $user2['seo_url']);
if ($user2['avatar'] == '') {
if ($user2['facebook'] == 1) {
$comment['avatar_url'] = 'http://graph.facebook.com/' . $user2['facebook_id'] . '/picture';
} else {
$comment['avatar_url'] = $setting['site_url'] . '/uploads/avatars/default.png';
}
} else {
$comment['avatar_url'] = $setting['site_url'] . '/uploads/avatars/' . $user2['avatar'];
}
echo '<a name="1"></a>';
include '../../..' . $setting['template_url'] . '/' . $template['news_comment'];
mysql_query("UPDATE ava_users SET comments = comments + 1, points = points + {$setting['points_comment']}, last_comment = '{$date}' WHERE id='" . $cookie_id . "'") or die(mysql_error());
}
} else {
echo '<e1>';
<?php
if ($setting['seo_on'] == 0) {
$message_url = 'index.php?task=messages';
} else {
$message_url = 'messages';
}
$url = ProfileUrl($_COOKIE['ava_userid'], seourl($_COOKIE['ava_username']));
if (isset($_COOKIE["ava_username"])) {
$new_messages = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_messages WHERE `read` = 0 AND user_id=" . $userid . ""), 0);
echo '<b>' . $_COOKIE['ava_username'] . ' logged in</b><br /><a href=' . $setting['site_url'] . '/login.php?action=logout>' . LOGOUT . '</a><br /><a href="' . $setting['site_url'] . '/' . $message_url . '">' . MESSAGES . '</a> (' . $new_messages . ')<br><a href=' . $setting['site_url'] . '/' . $url . '>' . MY_PROFILE . '</a>';
$sql = mysql_query("SELECT * FROM ava_users WHERE id=" . $userid . "");
while ($row = mysql_fetch_array($sql)) {
if ($row['admin'] == 1) {
echo "<br /><a href=" . $setting['site_url'] . "/admin/>Administration</a>";
}
}
} else {
echo '<div align="center">';
if ($setting['play_limit'] == 1) {
if ($setting['plays'] <= $_COOKIE["ava_plays"]) {
echo '<strong>' . REGISTER_NOW . '</strong>';
} else {
$left = $setting['plays'] - $_COOKIE["ava_plays"];
echo '<strong>' . YOU_HAVE . ' ' . $left . ' ' . YOU_HAVE2 . '</strong>';
}
}
include 'content/login.php';
}
$page = 1;
} else {
$page = $_GET['page'];
}
}
$max_results = 40;
$from = $page * $max_results - $max_results;
if (isset($_GET['s'])) {
$query = mysql_query("SELECT * FROM ava_links WHERE description like \"%" . $_GET['s'] . "%\" OR name like \"%" . $_GET['s'] . "%\" OR id like \"%" . $_GET['s'] . "%\" ORDER BY id DESC LIMIT {$from}, {$max_results}");
} else {
$query = mysql_query("SELECT * FROM ava_links ORDER BY id DESC LIMIT {$from}, {$max_results}");
}
while ($go = mysql_fetch_array($query)) {
if ($go['submitter'] != 0) {
$link_submitter = mysql_fetch_array(mysql_query("SELECT * FROM ava_users WHERE id = {$go['submitter']} LIMIT 1"));
$submitter_link = '<a href="' . ProfileUrl($link_submitter['id'], $link_submitter['seo_url']) . '">' . $link_submitter['username'] . '</a>';
} else {
if ($go['submitter_email'] != '') {
$submitter_link = '<a href="mailto:' . $go['submitter_email'] . '">' . $go['submitter_email'] . '</a>';
} else {
$submitter_link = '';
}
}
echo '
<div id="link-' . $go['id'] . '" class="manage_item"><div class="manage_column0">' . $go['id'] . '</div><div id="tlink_name' . $go['id'] . '" class="manage_column"><a href="' . $go['url'] . '" class="manage_link">' . $go['name'] . '</a></div><div id="tcategory_name' . $go['id'] . '" class="manage_column2"></div>
<div class="manage_column2fixed">' . $go['inbound'] . '</div>
<div class="manage_column2fixed">' . $go['outbound'] . '</div>
<div class="manage_column_linksubmitter">' . $submitter_link . '</div>
<div align="left">
<div id="treported_name' . $report['id'] . '" class="manage_user_column">
' . $report['report'] . '
</div>
</div>
</div>';
} elseif ($report['type'] == 6) {
echo '
<div id="reported-' . $report['id'] . '" class="manage_user_item">
<div id="treported_name' . $report['id'] . '" class="username_column"></div>
<div id="tcategory_name' . $report['id'] . '" class="manage_column2"></div>
<div class="manage_column3" id="bad-report-' . $report['id'] . '">
<img src="images/no.png" width="24" height="24" onclick="DeleteReported(' . $report['id'] . ', 0, ' . $user_id . ');">
</div>
<div class="manage_column3" id="good-report-' . $report['id'] . '">
<img src="images/yes.png" width="24" height="24" onclick="DeleteReported(' . $report['id'] . ', 1, ' . $user_id . ');">
</div>
<div align="left">
<div id="treported_name' . $report['id'] . '" class="manage_user_column">
<div class="the_report">
<span class="report_title">Report by ' . $report_user . ' (<a href="?task=manage_users#page=1&ip=' . $report['ip'] . '">' . $report['ip'] . '</a>):</span> ' . $report['report'] . '
</div>
<div class="the_report_comment">
<span class="report_title">Message from <a href="' . ProfileUrl($get_pm_user['id'], $get_pm_user['seo_url']) . '">' . $get_pm_user['username'] . '</a>:</span> ' . htmlspecialchars($get_pm['message']) . '
</div>
</div>
</div>
</div>';
}
