function vote($voter, $site_id)
{
$settings = get_option('votesys_options');
if ($settings['track_by_time']) {
if (can_vote($voter, $site_id)) {
//dadeda tasku
add_points($voter, $settings['add_point_sk']);
//panaikina senaji balsa mysqle
delete_vote($voter->id, $site_id);
//uzregistruoja nauja balsa mysqle
create_vote($voter->id, $site_id);
}
} else {
//dadeda tasku
add_points($voter, $settings['add_point_sk']);
//panaikina senaji balsa mysqle
delete_vote($voter->id, $site_id);
//uzregistruoja nauja balsa mysqle
create_vote($voter->id, $site_id);
}
}
function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, $post_username, $post_subject, $post_sub_title, $post_message, $poll_title, &$poll_options, &$poll_length, &$max_vote, &$hide_vote, &$tothide_vote, &$attribute_id)
{
global $board_config, $lang, $db, $phpbb_root_path, $phpEx;
global $userdata, $user_ip, $post_info;
include $phpbb_root_path . 'includes/functions_search.' . $phpEx;
$current_time = time();
if ($mode == 'newtopic' || $mode == 'reply' || $mode == 'editpost') {
//
// Flood control
//Unless admin/mod
if ($userdata['user_level'] != ADMIN && $userdata['user_level'] != MOD) {
$where_sql = $userdata['user_id'] == ANONYMOUS ? "poster_ip = '{$user_ip}'" : 'poster_id = ' . $userdata['user_id'];
$sql = "SELECT MAX(post_time) AS last_post_time\r\n\t\t\t\tFROM " . POSTS_TABLE . "\r\n\t\t\t\tWHERE {$where_sql}";
if (($result = $db->sql_query($sql)) && ($row = $db->sql_fetchrow($result))) {
if (intval($row['last_post_time']) > 0 && $current_time - intval($row['last_post_time']) < intval($board_config['flood_interval'])) {
message_die(GENERAL_MESSAGE, $lang['Flood_Error']);
}
}
}
adr_add_experience_points($userdata['user_id'], $mode);
}
if ($mode == 'editpost') {
remove_search_post($post_id);
}
// prepare sub-title data
$common = new common();
$post_sub_title = $common->sql_type_cast($post_sub_title, true);
unset($common);
if ($mode == 'newtopic' || $mode == 'editpost' && $post_data['first_post']) {
$topic_vote = !empty($poll_title) && count($poll_options) >= 2 ? 1 : 0;
//-- mod : quick title edition -------------------------------------------------
//-- add
$attribute = $attribute_id > -1 ? implode(',', array($attribute_id, $userdata['user_id'], time())) : '';
//-- fin mod : quick title edition ---------------------------------------------
$sql = $mode != "editpost" ? "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type, topic_vote) VALUES ('{$post_subject}', " . $userdata['user_id'] . ", {$current_time}, {$forum_id}, " . TOPIC_UNLOCKED . ", {$topic_type}, {$topic_vote})" : "UPDATE " . TOPICS_TABLE . " SET topic_title = '{$post_subject}', topic_type = {$topic_type} " . ($post_data['edit_vote'] || !empty($poll_title) ? ", topic_vote = " . $topic_vote : "") . " WHERE topic_id = {$topic_id}";
//-- mod : quick title edition -------------------------------------------------
//-- add
if ($mode != 'editpost') {
$sql = str_replace('INSERT INTO ' . TOPICS_TABLE . ' (', 'INSERT INTO ' . TOPICS_TABLE . ' (topic_attribute, ', $sql);
$sql = str_replace('VALUES (', 'VALUES (\'' . $attribute . '\', ', $sql);
} else {
$sql = str_replace('SET ', 'SET topic_attribute = \'' . $attribute . '\', ', $sql);
}
//-- fin mod : quick title edition ---------------------------------------------
// send topic sub-title data
if ($mode != 'editpost') {
$sql = str_replace('INSERT INTO ' . TOPICS_TABLE . ' (', 'INSERT INTO ' . TOPICS_TABLE . ' (topic_sub_title, ', $sql);
$sql = str_replace('VALUES (', 'VALUES (' . $post_sub_title . ', ', $sql);
} else {
$sql = str_replace('SET ', 'SET topic_sub_title = ' . $post_sub_title . ', ', $sql);
}
if (!$db->sql_query($sql)) {
message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
}
if ($mode == 'newtopic') {
$topic_id = $db->sql_nextid();
}
}
$edited_sql = $mode == 'editpost' && !$post_data['last_post'] && $post_data['poster_post'] ? ", post_edit_time = {$current_time}, post_edit_count = post_edit_count + 1 " : "";
$sql = $mode != "editpost" ? "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, post_created, poster_ip, enable_bbcode, enable_html, enable_smilies, enable_sig) VALUES ({$topic_id}, {$forum_id}, " . $userdata['user_id'] . ", '{$post_username}', {$current_time}, {$current_time}, '{$user_ip}', {$bbcode_on}, {$html_on}, {$smilies_on}, {$attach_sig})" : "UPDATE " . POSTS_TABLE . " SET post_username = '******', enable_bbcode = {$bbcode_on}, enable_html = {$html_on}, enable_smilies = {$smilies_on}, enable_sig = {$attach_sig}" . $edited_sql . " WHERE post_id = {$post_id}";
if (!$db->sql_query($sql, BEGIN_TRANSACTION)) {
$db->clear_cache('posts_');
message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
}
if ($mode != 'editpost') {
$post_id = $db->sql_nextid();
}
//-- mod : post description ----------------------------------------------------
// here we added
// , post_sub_title
// , $post_sub_title
// , post_sub_title = $post_sub_title
//-- modify
$sql = $mode != 'editpost' ? "INSERT INTO " . POSTS_TEXT_TABLE . " (post_id, post_subject, post_sub_title, bbcode_uid, post_text) VALUES ({$post_id}, '{$post_subject}', {$post_sub_title}, '{$bbcode_uid}', '{$post_message}')" : "UPDATE " . POSTS_TEXT_TABLE . " SET post_text = '{$post_message}', bbcode_uid = '{$bbcode_uid}', post_subject = '{$post_subject}', post_sub_title = {$post_sub_title} WHERE post_id = {$post_id}";
//-- fin mod : post description ------------------------------------------------
if (!$db->sql_query($sql)) {
exit($sql);
message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
}
$db->clear_cache('posts_');
add_search_words('single', $post_id, stripslashes($post_message), stripslashes($post_subject));
//
// Add poll
//
if (($mode == 'newtopic' || $mode == 'editpost' && $post_data['edit_poll']) && !empty($poll_title) && count($poll_options) >= 2) {
$sql = !$post_data['has_poll'] ? "INSERT INTO " . VOTE_DESC_TABLE . " (topic_id, vote_text, vote_start, vote_length, vote_max, vote_hide, vote_tothide) VALUES ({$topic_id}, '{$poll_title}', {$current_time}, " . $poll_length * 86400 . ", '{$max_vote}', '{$hide_vote}', '{$tothide_vote}')" : "UPDATE " . VOTE_DESC_TABLE . " SET vote_text = '{$poll_title}', vote_length = " . $poll_length * 86400 . ", vote_max = '{$max_vote}', vote_hide = '{$hide_vote}', vote_tothide = '{$tothide_vote}' WHERE topic_id = {$topic_id}";
if (!$db->sql_query($sql)) {
$db->clear_cache('posts_');
message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
}
$delete_option_sql = '';
$old_poll_result = array();
if ($mode == 'editpost' && $post_data['has_poll']) {
$sql = "SELECT vote_option_id, vote_result \r\n\t\t\t\tFROM " . VOTE_RESULTS_TABLE . " \r\n\t\t\t\tWHERE vote_id = {$poll_id} \r\n\t\t\t\tORDER BY vote_option_id ASC";
if (!($result = $db->sql_query($sql))) {
$db->clear_cache('posts_');
message_die(GENERAL_ERROR, 'Could not obtain vote data results for this topic', '', __LINE__, __FILE__, $sql);
}
while ($row = $db->sql_fetchrow($result)) {
$old_poll_result[$row['vote_option_id']] = $row['vote_result'];
if (!isset($poll_options[$row['vote_option_id']])) {
$delete_option_sql .= $delete_option_sql != '' ? ', ' . $row['vote_option_id'] : $row['vote_option_id'];
}
}
} else {
$poll_id = $db->sql_nextid();
}
@reset($poll_options);
$poll_option_id = 1;
while (list($option_id, $option_text) = each($poll_options)) {
if (!empty($option_text)) {
$option_text = str_replace("\\'", "''", htmlspecialchars($option_text));
$poll_result = $mode == "editpost" && isset($old_poll_result[$option_id]) ? $old_poll_result[$option_id] : 0;
$sql = $mode != "editpost" || !isset($old_poll_result[$option_id]) ? "INSERT INTO " . VOTE_RESULTS_TABLE . " (vote_id, vote_option_id, vote_option_text, vote_result) VALUES ({$poll_id}, {$poll_option_id}, '{$option_text}', {$poll_result})" : "UPDATE " . VOTE_RESULTS_TABLE . " SET vote_option_text = '{$option_text}', vote_result = {$poll_result} WHERE vote_option_id = {$option_id} AND vote_id = {$poll_id}";
if (!$db->sql_query($sql)) {
$db->clear_cache('posts_');
message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
}
$poll_option_id++;
}
}
if ($delete_option_sql != '') {
$sql = "DELETE FROM " . VOTE_RESULTS_TABLE . " \r\n\t\t\t\tWHERE vote_option_id IN ({$delete_option_sql}) \r\n\t\t\t\t\tAND vote_id = {$poll_id}";
if (!$db->sql_query($sql)) {
$db->clear_cache('posts_');
message_die(GENERAL_ERROR, 'Error deleting pruned poll options', '', __LINE__, __FILE__, $sql);
}
}
}
if ($board_config['points_post'] && !$post_info['points_disabled'] && ($mode == 'newtopic' || $mode == 'reply')) {
$points = abs($mode == 'newtopic' ? $board_config['points_topic'] : $board_config['points_reply']);
if ($userdata['user_id'] != ANONYMOUS && $userdata['admin_allow_points']) {
add_points($userdata['user_id'], $points);
}
}
$meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.{$phpEx}?" . POST_POST_URL . "=" . $post_id) . '#' . $post_id . '">';
$message = $lang['Stored'] . '<br /><br />' . sprintf($lang['Click_view_message'], '<a href="' . append_sid("viewtopic.{$phpEx}?" . POST_POST_URL . "=" . $post_id) . '#' . $post_id . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid("viewforum.{$phpEx}?" . POST_FORUM_URL . "={$forum_id}") . '">', '</a>');
$db->clear_cache('posts_');
$db->clear_cache('topics_recent_');
return false;
}
}
// Check, if user tries to rob more than x % of users cash
if ($points_values['robbery_max_rob'] != 0) {
if ($attacked_amount > $pointsa / 100 * $points_values['robbery_max_rob']) {
$message = sprintf($user->lang['ROBBERY_MAX_ROB'], $points_values['robbery_max_rob']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=robbery") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>';
trigger_error($message);
}
}
// Get some info about the robbed user
$user_namepoints = get_username_string('full', $checked_user['user_id'], $checked_user['username'], $checked_user['user_colour']);
// Genarate a random number
$rand_base = $points_values['robbery_chance'];
$rand_value = rand(0, 100);
// If robbery was successful and PM is enabled, send PM
if ($rand_value <= $rand_base) {
add_points($user->data['user_id'], $attacked_amount);
substract_points($user_id, $attacked_amount);
if ($points_config['robbery_sendpm'] && $user_info['user_allow_pm'] == 1 && $user_robbery_pm) {
// Prepare user lang
$sql_array = array('SELECT' => '*', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => 'user_id = ' . (int) $user_id);
$sql = $db->sql_build_query('SELECT', $sql_array);
$result = $db->sql_query($sql);
$user_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
// first check if language file exists, if not, use the default language
$user_row['user_lang'] = file_exists($phpbb_root_path . 'language/' . $user_row['user_lang'] . "/mods/points.{$phpEx}") ? $user_row['user_lang'] : $config['default_lang'];
// load receivers language
include $phpbb_root_path . 'language/' . basename($user_row['user_lang']) . "/mods/points.{$phpEx}";
// Send PM
$pm_subject = utf8_normalize_nfc(sprintf($lang['ROBBERY_PM_SUCCESFUL_SUBJECT'], $config['points_name']));
$pm_text = utf8_normalize_nfc(sprintf($lang['ROBBERY_PM_SUCCESFUL_BODY'], $user_namepoints, $attacked_amount, $config['points_name']));
function main($id, $mode)
{
global $template, $user, $db, $config, $phpEx, $phpbb_root_path, $ultimate_points, $points_config, $points_values, $auth, $checked_user, $check_auth;
add_form_key('transfer_user');
// Grab the message variable
$message = request_var('comment', '', true);
// Check, if transferring is allowed
if (!$points_config['transfer_enable']) {
$message = $user->lang['TRANSFER_REASON_TRANSFER'] . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>';
trigger_error($message);
}
// Check, if user is allowed to use the transfer module
if (!$auth->acl_get('u_use_transfer')) {
$message = $user->lang['NOT_AUTHORISED'] . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>';
trigger_error($message);
}
// Add part to bar
$template->assign_block_vars('navlinks', array('U_VIEW_FORUM' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user"), 'FORUM_NAME' => sprintf($user->lang['TRANSFER_TITLE'], $config['points_name'])));
if (isset($_POST['submit'])) {
if (!check_form_key('transfer_user')) {
trigger_error('FORM_INVALID');
}
// Grab need variables for the transfer
$am = round(request_var('amount', 0.0), 2);
$comment = request_var('comment', '', true);
$username1 = request_var('username', '', true);
$username = strtolower($username1);
// Select the user data to transfer to
$sql = 'SELECT *
FROM ' . USERS_TABLE . "\n\t\t\t\tWHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'\n\t\t\t\t\tAND user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ')';
$result = $db->sql_query($sql);
$transfer_user = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($transfer_user == NULL) {
$message = $user->lang['TRANSFER_NO_USER_RETURN'] . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>';
trigger_error($message);
}
// Select the old user_points from user_id to transfer to
$sql_array = array('SELECT' => 'user_points', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => 'user_id = ' . (int) $transfer_user['user_id']);
$sql = $db->sql_build_query('SELECT', $sql_array);
$result = $db->sql_query($sql);
$transfer_user_old_points = (int) $db->sql_fetchfield('user_points');
$db->sql_freeresult($result);
// Check, if the sender has enough cash
if ($user->data['user_points'] < $am) {
$message = sprintf($user->lang['TRANSFER_REASON_MINPOINTS'], $config['points_name']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>';
trigger_error($message);
}
// Check, if the amount is 0 or below
if ($am <= 0) {
$message = sprintf($user->lang['TRANSFER_REASON_UNDERZERO'], $config['points_name']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>';
trigger_error($message);
}
// Check, if user is trying to send to himself
if ($user->data['user_id'] == $transfer_user['user_id']) {
$message = sprintf($user->lang['TRANSFER_REASON_YOURSELF'], $config['points_name']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>';
trigger_error($message);
}
// Add cash to receiver
add_points($transfer_user['user_id'], $am);
// Remove cash from sender
substract_points($user->data['user_id'], $am);
// Get current time for log
$current_time = time();
// Add transferring information to the log
$text = utf8_normalize_nfc($message);
$sql = 'INSERT INTO ' . POINTS_LOG_TABLE . ' ' . $db->sql_build_array('INSERT', array('point_send' => (int) $user->data['user_id'], 'point_recv' => (int) $transfer_user['user_id'], 'point_amount' => $am, 'point_sendold' => $user->data['user_points'], 'point_recvold' => $transfer_user_old_points, 'point_comment' => $text, 'point_type' => '1', 'point_date' => $current_time));
$db->sql_query($sql);
// Send pm to receiver, if PM is enabled
if (!$points_config['transfer_pm_enable'] == 0 && $transfer_user['user_allow_pm']) {
// Select the receiver language
$transfer_user['user_lang'] = file_exists($phpbb_root_path . 'language/' . $transfer_user['user_lang'] . "/mods/points.{$phpEx}") ? $transfer_user['user_lang'] : $config['default_lang'];
// load receivers language
include $phpbb_root_path . 'language/' . basename($transfer_user['user_lang']) . "/mods/points.{$phpEx}";
$points_name = $config['points_name'];
$comment = $db->sql_escape($comment);
$pm_subject = utf8_normalize_nfc(sprintf($lang['TRANSFER_PM_SUBJECT']));
$pm_text = utf8_normalize_nfc(sprintf($lang['TRANSFER_PM_BODY'], $am, $points_name, $text));
$poll = $uid = $bitfield = $options = '';
generate_text_for_storage($pm_subject, $uid, $bitfield, $options, false, false, false);
generate_text_for_storage($pm_text, $uid, $bitfield, $options, true, true, true);
$pm_data = array('address_list' => array('u' => array($transfer_user['user_id'] => 'to')), 'from_user_id' => $user->data['user_id'], 'from_username' => $user->data['username'], 'icon_id' => 0, 'from_user_ip' => '', 'enable_bbcode' => true, 'enable_smilies' => true, 'enable_urls' => true, 'enable_sig' => true, 'message' => $pm_text, 'bbcode_bitfield' => $bitfield, 'bbcode_uid' => $uid);
submit_pm('post', $pm_subject, $pm_data, false);
}
// Change $username back to regular username
$sql_array = array('SELECT' => 'username', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => 'user_id = ' . (int) $transfer_user['user_id']);
$sql = $db->sql_build_query('SELECT', $sql_array);
$result = $db->sql_query($sql);
$show_user = $db->sql_fetchfield('username');
$db->sql_freeresult($result);
// Add log entry to inform the admin too
add_log('user', $user->data['username'], 'LOG_USER_TRANSFER', $user->data['username'], $show_user, number_format_points($am), $config['points_name']);
// Show the successful transfer message
$message = sprintf($user->lang['TRANSFER_REASON_TRANSUCC'], number_format_points($am), $config['points_name'], $show_user) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>';
trigger_error($message);
$template->assign_vars(array('U_ACTION' => $this->u_action));
}
$template->assign_vars(array('USER_POINTS' => sprintf(number_format_points($checked_user['user_points'])), 'POINTS_NAME' => $config['points_name'], 'POINTS_COMMENTS' => $points_config['comments_enable'] ? true : false, 'LOTTERY_NAME' => $points_values['lottery_name'], 'BANK_NAME' => $points_values['bank_name'], 'L_TRANSFER_DESCRIPTION' => sprintf($user->lang['TRANSFER_DESCRIPTION'], $config['points_name']), 'U_TRANSFER_USER' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user"), 'U_LOGS' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=logs"), 'U_LOTTERY' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=lottery"), 'U_BANK' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=bank"), 'U_ROBBERY' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=robbery"), 'U_INFO' => append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=info"), 'U_FIND_USERNAME' => append_sid("{$phpbb_root_path}memberlist.{$phpEx}", "mode=searchuser&form=post&field=username&select_single=true"), 'U_USE_TRANSFER' => $auth->acl_get('u_use_transfer'), 'U_USE_LOGS' => $auth->acl_get('u_use_logs'), 'U_USE_LOTTERY' => $auth->acl_get('u_use_lottery'), 'U_USE_BANK' => $auth->acl_get('u_use_bank'), 'U_USE_ROBBERY' => $auth->acl_get('u_use_robbery'), 'S_ALLOW_SEND_PM' => $auth->acl_get('u_sendpm')));
// Generate the page
page_header(sprintf($user->lang['TRANSFER_TITLE'], $config['points_name']));
// Generate the page template
$template->set_filenames(array('body' => 'points/points_transfer_user.html'));
page_footer();
}
<?php
ob_start();
// Output buffering - allows header rewrites to happen at anytime before flushing the buffer
session_start();
require_once "incdir.php.inc";
require_once "config.php";
include_php_dir("includes");
mysql_init();
document_header();
echo include_javascript_dir("js", $debug);
echo include_stylesheet_dir("stylesheets", $debug);
check_validated();
//Any pre-page logic should go here!
if (isset($_POST['addpoints-submit'])) {
add_points(strtolower($_POST['note']), $_POST['value'], $_GET['user_id']);
}
if (isset($_POST['removepoints-submit'])) {
remove_points($_POST['point_id']);
}
if (count($_SESSION['notifications']) != 0) {
draw_notification();
}
if (isset($_GET['user_id'])) {
$userinfo = get_user_info($_GET['user_id']);
}
draw_page($userinfo);
close_page();
ob_end_flush();
// Flush the buffer out to client
document_footer();
/**
* function give_ultimate_points
*/
function give_ultimate_points($mode, $user_id)
{
//
if ($this->ultimate_points_installed() && $this->config['enable_ultimate_points']) {
if ($mode == 'invite') {
add_points($user_id, $this->config['ultimate_points_invite']);
} else {
// $mode = 'register'
add_points($user_id, $this->config['ultimate_points_register']);
}
}
}
if (empty($posted_code)) {
$errors[] = 'Prosze wpisac kod z SMSa/przelewu.';
}
if (!$account->isLoaded()) {
$errors[] = 'Konto o danej nazwie nie istnieje.';
}
if (count($errors) == 0) {
if ($config['homepay'][$sms_type]['type'] == "sms") {
$code_info = check_code_homepay($posted_code, $sms_type);
} else {
$code_info = check_tcode_homepay($posted_code, $sms_type);
}
if ($code_info != "1") {
$errors[] = 'Podany kod z SMSa/przelewu jest niepoprawny lub wybrano zla opcje SMSa/przelewu.';
} else {
if (add_points($account, $config['homepay'][$sms_type]['addpoints'])) {
$main_content .= '<h1><font color="red">Dodano ' . $config['homepay'][$sms_type]['addpoints'] . ' punktów premium do konta: ' . $to_user . ' !</font></h1>';
} else {
$errors[] = 'Wystapił błąd podczas dodawania punktów do konta, sprobój ponownie.';
}
}
}
}
if (count($errors) > 0) {
$main_content .= 'Wystapiły błędy:';
foreach ($errors as $error) {
$main_content .= '<br />* ' . $error;
}
$main_content .= '<hr /><hr />';
}
if ($config['homepay_active_sms']) {
include $phpbb_root_path . 'missions/common.' . $phpEx;
//include($phpbb_root_path . 'includes/mods/functions_points.' . $phpEx);
// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup();
$date = date("l, F j, Y, g:i a");
$username = get_username_string('full', $user->data['user_id'], $user->data['username'], $user->data['user_colour']);
$userid = $user->data['user_id'];
$intScore = isset($_GET['vote']) ? $_GET['vote'] : 0;
if (!isset($_POST['initiate'])) {
if (isset($_GET['id'])) {
if ($intScore > 5 and $_GET['id'] == 0) {
page_header('Realistic 2');
$template->set_filenames(array('body' => 'missions/basicpage.html'));
add_points($userid, 200);
$result = "\n\t\t\t<div class=\"panel\" id=\"faqlinks\">\n\t\t<div class=\"inner\"><span class=\"corners-top\"><span></span></span> \n\t<center><font color=\"red\"><b>Congradulations, you have sucessfully completed Realstic 1!</b></font></center> \n\t\t\t<span class=\"corners-bottom\"><span></span></span></div>\n\t\t</div>\n\t";
$body = "\n\t<h3>Realistic 2 || 400 Points</h3>\n\t<b>From</b>: DestroyFascism <br />\n\t\t<b>To</b>: {$username} <br />\n\t<b>Date</b>: {$date} <br />\n\t<b>Message</b>: I have been informed that you have quite admirable hacking skills. Well, this racist hate group is using their website to organize a mass gathering of ignorant racist bastards. We cannot allow such bigoted aggression to happen. If you can gain access to their administrator page and post messages to their main page, we would be eternally grateful.<br />\n\t<br /><form action=\"" . $_SERVER['PHP_SELF'] . "\" method=\"post\">\n\t<dl>\n\t<input type=\"hidden\" name=\"initiate\" value=\"yes\">\n\t<dd><input name=\"submit\" type=\"submit\" id=\"submit\" class=\"button2\" value=\"initiate\"></dd>\n\t</dl>\n</form>\n\t";
} else {
page_header('Realistic 1');
$template->set_filenames(array('body' => 'missions/basicpage.html'));
$result = "\n\t\t\t<div class=\"panel\" id=\"faqlinks\">\n\t\t<div class=\"inner\"><span class=\"corners-top\"><span></span></span> \n\t<center><font color=\"red\"><b>Please retry, Realistic 1 not completed!</b></font></center> \n\t\t\t<span class=\"corners-bottom\"><span></span></span></div>\n\t\t</div>\n\t";
$body = "\n\t<h3>Realistic 1 || 200 Points</h3>\n\t<b>From</b>: HeavyMetalRyan <br />\n\t<b>To</b>: {$username} <br />\n\t<b>Date</b>: {$date} <br />\n<b>Message</b>: Hey man, I need a big favor from you. Remember that website I showed you once before? Uncle Arnold's Band Review Page? Well, a long time ago I made a \$500 bet with a friend that my band would be at the top of the list by the end of the year. Well, as you already know, two of my band members have died in a horrendous car accident... but this asshole still insists that the bet is on!\nI know you're good with computers and stuff, so I was wondering, is there any way for you to hack this website and make my band on the top of the list? My band is Raging Inferno. Thanks a lot, man!<br />\n<br />\n<form action=\"realistic1.php\" method=\"post\">\n\t<dl>\n\t<input type=\"hidden\" name=\"initiate\" value=\"yes\">\n\t<dd><input name=\"submit\" type=\"submit\" id=\"submit\" class=\"button2\" value=\"initiate\"></dd>\n\t</dl>\n</form>\n\t";
}
} else {
page_header('Realistic 2');
$template->set_filenames(array('body' => 'missions/basicpage.html'));
$body = "\n\t<h3>Realistic 2 || 400 Points</h3>\n\t<b>From</b>: DestroyFascism <br />\n\t\t<b>To</b>: {$username} <br />\n\t<b>Date</b>: {$date} <br />\n\t<b>Message</b>: I have been informed that you have quite admirable hacking skills. Well, this racist hate group is using their website to organize a mass gathering of ignorant racist bastards. We cannot allow such bigoted aggression to happen. If you can gain access to their administrator page and post messages to their main page, we would be eternally grateful.<br />\n\t<br /><form action=\"" . $_SERVER['PHP_SELF'] . "\" method=\"post\">\n\t<dl>\n\t<input type=\"hidden\" name=\"initiate\" value=\"yes\">\n\t<dd><input name=\"submit\" type=\"submit\" id=\"submit\" class=\"button2\" value=\"initiate\"></dd>\n\t</dl>\n</form>";
}
} else {
page_header('Realistic 2');
<?php
define('DarkCoreCMS', TRUE);
include 'config.php';
include 'functions/vote_functions.php';
include 'functions/global_functions.php';
if (isset($_GET['user']) && isset($_GET['siteid'])) {
$user = $_GET['user'];
$siteid = $_GET['siteid'];
$site_data = getSite_data_byID($siteid);
if (isset($site_data['postback']) && $site_data['postback'] != NULL) {
header('Location: ' . $site_data['link'] . $site_data['postback'] . $user);
} else {
$do_vote = vote($user, $siteid);
if ($do_vote != 0) {
$date = new DateTime();
$cur_time = $date->getTimestamp();
$day_number = idate('w', $cur_time);
if ($day_number == 6 || $day_number == 0) {
add_points($user, $site_data['end_week_points']);
} else {
add_points($user, $site_data['points']);
}
header('Location: ../user?done=1');
}
header('Location: ' . $site_data['link']);
}
} else {
header('Location: ../');
}
if ($user->data['user_points'] < $am) {
$message = sprintf($user->lang['TRANSFER_REASON_MINPOINTS'], $config['points_name']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>';
trigger_error($message);
}
// Check, if the amount is 0 or below
if ($am <= 0) {
$message = sprintf($user->lang['TRANSFER_REASON_UNDERZERO'], $config['points_name']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>';
trigger_error($message);
}
// Check, if the user is trying to send to himself
if ($user->data['user_id'] == $checked_user['user_id']) {
$message = sprintf($user->lang['TRANSFER_REASON_YOURSELF'], $config['points_name']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=transfer_user") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>';
trigger_error($message);
}
// Add cash to receiver
add_points($checked_user['user_id'], $am);
// Remove cash from sender
substract_points($user->data['user_id'], $am);
// Get current time for logs
$current_time = time();
// Add transfer information to the log
$text = utf8_normalize_nfc($message);
$sql = 'INSERT INTO ' . POINTS_LOG_TABLE . ' ' . $db->sql_build_array('INSERT', array('point_send' => (int) $user->data['user_id'], 'point_recv' => (int) $checked_user['user_id'], 'point_amount' => $am, 'point_sendold' => $user->data['user_points'], 'point_recvold' => $checked_user['user_points'], 'point_comment' => $text, 'point_type' => '1', 'point_date' => $current_time));
$db->sql_query($sql);
// Send pm to user
if (!$points_config['transfer_pm_enable'] == 0 && $checked_user['user_allow_pm'] == 1) {
// Select the user data for the PM
$sql_array = array('SELECT' => '*', 'FROM' => array(USERS_TABLE => 'u'), 'WHERE' => 'user_id = ' . (int) $checked_user['user_id']);
$sql = $db->sql_build_query('SELECT', $sql_array);
$result = $db->sql_query($sql);
$user_row = $db->sql_fetchrow($result);
}
if (abs(intval($HTTP_POST_VARS['amount'])) == 0) {
$error = true;
$error_msg .= (!empty($error_msg) ? '<br />' : '') . sprintf($lang['Points_enter_some_donate'], $board_config['points_name']);
}
if (isset($error)) {
$template->set_filenames(array('reg_header' => 'error_body.tpl'));
$template->assign_vars(array('ERROR_MESSAGE' => $error_msg));
$template->assign_var_from_handle('ERROR_BOX', 'reg_header');
} else {
$amount = abs(intval($HTTP_POST_VARS['amount']));
$from_points = get_user_points($userdata['user_id']);
if ($amount > $from_points) {
message_die(GENERAL_MESSAGE, sprintf($lang['Points_cant_donate'], $board_config['points_name']));
}
add_points($user_id, $amount);
subtract_points($userdata['user_id'], $amount);
//Send doation email if the user wants it
$sql = "SELECT username, user_lang, user_email, user_notify_donation \r\n\t\t\t\tFROM " . USERS_TABLE . "\r\n\t\t\t\tWHERE user_id = {$user_id}";
if (!($result = $db->sql_query($sql))) {
message_die(GENERAL_ERROR, "Could not get username & user_notify_donation & user_lang & user_email", '', __LINE__, __FILE__, $sql);
}
$to_userdata = $db->sql_fetchrow($result);
if ($to_userdata['user_notify_donation']) {
include $phpbb_root_path . 'includes/emailer.' . $phpEx;
$emailer = new emailer($board_config['smtp_delivery']);
$email_headers = 'From: ' . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\n";
$emailer->use_template('user_notify_donation', $to_userdata['user_lang']);
$emailer->email_address($to_userdata['user_email']);
$emailer->extra_headers($email_headers);
$emailer->assign_vars(array('DONATOR' => $userdata['username'], 'USERNAME' => $to_userdata['username'], 'AMOUNT_DONATE' => $amount, 'TOTAL_POINTS' => get_user_points($user_id), 'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']), 'L_POINTS' => $board_config['points_name']));
<?php
function add_points($player, $points)
{
$player->energy += $points;
print_r($player);
}
add_points(NULL, 2);
}
}
//
// Parse and show the overall header.
//
$template->set_filenames(array('overall_header' => empty($gen_simple_header) ? 'overall_header.tpl' : 'simple_header.tpl'));
//
// Generate logged in/logged out status
//
if ($userdata['session_logged_in']) {
$u_login_logout = 'login.' . $phpEx . '?logout=true&sid=' . $userdata['session_id'];
$l_login_logout = $lang['Logout'] . ' [ ' . $userdata['username'] . ' ]';
if ($board_config['points_browse'] && !$post_info['points_disabled']) {
$points = $board_config['points_browse'];
if ($userdata['user_id'] != ANONYMOUS && $userdata['admin_allow_points']) {
add_points($userdata['user_id'], $points);
}
}
} else {
$u_login_logout = 'login.' . $phpEx;
$l_login_logout = $lang['Login'];
}
$t = isset($userdata['session_logged_in']) ? $userdata['user_lastvisit'] : null;
$s_last_visit = create_date($board_config['default_dateformat'], $t, $board_config['board_timezone']);
if (defined('SHOW_ONLINE')) {
new show_online();
}
//
// Obtain number of new private messages
// if user is logged in
//
<?php
define('DarkCoreCMS', TRUE);
include 'config.php';
include 'functions/vote_functions.php';
include 'functions/global_functions.php';
if (isset($_POST['pbid'])) {
$site_data = getSite_data_byID(4);
$do_vote = vote($_POST['pbid'], $_GET['siteid']);
if ($day_number == 6 || $day_number == 0) {
add_points($_POST['pbid'], $site_data['end_week_points']);
} else {
add_points($_POST['pbid'], $site_data['points']);
}
} else {
header('Location: ../');
}
function save()
{
$text = clear("text");
$add_comment = clear("add_comment");
$del = clear("del");
$edit_ok = clear("edit_ok");
$edit_id = clear("edit_id");
$is_spoiler = checkbox_value(clear("is_spoiler"));
//pridavani prispevku
if ($add_comment) {
if (!$this->uid) {
go_out();
}
if (!$text) {
$this->msg->set_text($this->l->t("empty_comment"), "error");
return 0;
}
//kontrola pripadne minimalni delky
if ($this->short_posts != 'allowed') {
$len = strlen(no_dia($text));
if ($len < 100) {
$this->msg->set_text($this->l->t("short_comment", $len), "error");
$this->show_text = "yes";
return 0;
}
}
//pokud jde o knihu, kontrola zda-li j*z nejaky komentar nevlozil
if ($this->type == 'book' || $this->type == 'author' || $this->type == 'selfpublishing') {
$sql = sql_query("select id from comments\n\t\t where (item = '" . $this->item . "'\n\t\t and type = '" . $this->type . "'\n\t\t and user = '******')");
$data = sql_fetch_object($sql);
if ($data->id) {
$this->msg->set_text($this->l->t("comment_exists"), "error");
$this->show_text = "yes";
return 0;
}
}
//pokud jde o selfpublishing, kontrolujeme ze knihu koupil
if ($this->type == 'selfpublishing') {
if ($this->has_selfpublishing_bought()) {
$this->msg->set_text($this->l->t("not_bought"), "error");
$this->show_text = "yes";
return 0;
}
}
$sql = sql_query("insert into comments\n (type, item, user, text, time, is_spoiler)\n values\n ('" . $this->type . "', '" . $this->item . "',\n '" . $this->uid . "', '" . $text . "', '" . time() . "', '" . $is_spoiler . "')");
if ($sql) {
//oznameni vsem kteri sleduji komentare
$comment_id = mysql_insert_id();
$this->msg->set_text($this->l->t("add_ok"));
if ($this->type == 'book') {
$this->sent_notice($comment_id);
}
//pridame body
add_points($this->uid, 3, 'comments');
}
}
//mazani prispevku
if ($del) {
//kontrola zda-li je jeho a nenni starsi nez 24 hodin
$sql = sql_query("select user, time\n from comments\n where (id = '{$del}')");
$data = sql_fetch_object($sql);
if ($data->user == $this->uid) {
//mazani
$sql = sql_query("delete from comments\n where (id = '{$del}')");
if ($sql) {
$this->msg->set_text($this->l->t("del_ok"));
//odebrani bodu
add_points($this->uid, -3, "comments");
}
}
}
//uprava prispevku
if ($edit_ok) {
//kontrola zda-li je jeho a nenni starsi nez 24 hodin
$sql = sql_query("select user, time\n from comments\n where (id = '{$edit_id}')");
$data = sql_fetch_object($sql);
$time = time() - 24 * 3600;
// && $time < $data->time - moznost mazani pouze 24 hodin po napsani prozatim zrusena
if ($data->user == $this->uid) {
if ($this->short_posts != 'allowed') {
$len = strlen(no_dia($text));
if ($len < 100) {
$this->msg->set_text($this->l->t("short_comment", $len), "error");
$this->show_text = "yes";
return 0;
}
}
//uprava
$sql = sql_query("update comments\n set text = '{$text}', is_spoiler = '{$is_spoiler}'\n where (id = '{$edit_id}')");
if ($sql) {
$this->msg->set_text($this->l->t("edit_ok"));
$this->show_text = '';
$_GET['edit'] = '';
}
}
}
//ulozeni / zruseni zasilani novych komentaru
$notice_on = clear("notice_on");
$notice_off = clear("notice_off");
if ($notice_on && $this->type == 'book' && $this->uid) {
//pripadne smazani kdyby slo o opakovany request
$sql = sql_query("delete from comments_notice\n where (user = '******' and book = '" . $this->item . "')");
$sql = sql_query("insert into comments_notice\n (user, book)\n values\n ('" . $this->uid . "', '" . $this->item . "')");
if ($sql) {
$this->msg->set_text($this->l->t("notice_on_msg"));
}
}
if ($notice_off && $this->type == 'book' && $this->uid) {
$sql = sql_query("delete from comments_notice\n where (user = '******' and book = '" . $this->item . "')");
if ($sql) {
$this->msg->set_text($this->l->t("notice_off_msg"));
}
}
}
$message = $user->lang['BANK_ERROR_MUCH_WITHDRAW'] . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=bank") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>';
trigger_error($message);
} elseif ($withdraw == $withdrawtotal_check) {
$withdrawtotal = $withdraw + $fees;
} else {
$withdrawtotal = round($withdraw / 100 * $points_values['bank_fees']) + $withdraw;
}
} else {
$withdrawtotal = 0;
}
if ($row['holding'] < $withdrawtotal) {
$message = sprintf($user->lang['BANK_ERROR_NOT_ENOUGH_WITHDRAW'], $config['points_name']) . '<br /><br /><a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=bank") . '">« ' . $user->lang['BACK_TO_PREV'] . '</a>';
trigger_error($message);
}
// Transfer points to users cash account
add_points($user->data['user_id'], $withdraw);
// Update users bank account
$sql_array = array('SELECT' => 'holding, totalwithdrew', 'FROM' => array(POINTS_BANK_TABLE => 'b'), 'WHERE' => 'user_id = ' . (int) $user->data['user_id']);
$sql = $db->sql_build_query('SELECT', $sql_array);
$result = $db->sql_query($sql);
$user_bank = $db->sql_fetchrow($result);
$user_holding = $user_bank['holding'];
$user_totalwithdrew = $user_bank['totalwithdrew'];
$db->sql_freeresult($result);
$data = array('holding' => $user_holding - $withdrawtotal, 'totalwithdrew' => $user_totalwithdrew + $withdraw);
$sql = 'UPDATE ' . POINTS_BANK_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $data) . '
WHERE user_id = ' . (int) $user->data['user_id'];
$db->sql_query($sql);
trigger_error(' ' . $user->lang['BANK_HAVE_WITHDRAW'] . ' ' . sprintf(number_format_points($withdraw)) . ' ' . $config['points_name'] . ' ' . $user->lang['BANK_FROM_ACCOUNT'] . '. <br />' . $user->lang['BANK_NEW_BALANCE'] . ' ' . sprintf(number_format_points($row['holding'] - $withdrawtotal)) . ' ' . $config['points_name'] . '.<br />' . $user->lang['BANK_NOW_HAVE'] . ' ' . sprintf(number_format_points($user->data['user_points'] + $withdraw)) . ' ' . $config['points_name'] . ' ' . $user->lang['BANK_ON_HAND'] . '.<br /><br />' . sprintf($user->lang['BANK_BACK_TO_BANK'], '<a href="' . append_sid("{$phpbb_root_path}points.{$phpEx}", "mode=bank") . '">', '</a>') . sprintf('<br />' . $user->lang['BANK_BACK_TO_INDEX'], '<a href="' . append_sid("{$phpbb_root_path}index.{$phpEx}") . '">', '</a>'));
} else {
