<?php require_once '../config.php'; require_once '../functions.php'; require_once 'admin_functions.php'; if (!isAdmin()) { die('Only admins can access this page.'); } include '_header.php'; echoHeader('Edit Pokemon Shop'); if (isset($_POST['addPoke'])) { $errors = array(); $price = (int) str_replace(array(',', '.', '$'), '', $_POST['price']); if ($price < 0) { $errors[] = 'Price can not be negative.'; } $name = str_replace(array(chr(0), '.', '/', '\\', '?', '<', '>'), '', $_POST['name']); if (!file_exists('../images/pokemon/' . $name . '.png')) { $errors[] = 'Could not find a picture for that pokemon.'; } $newCat = (bool) $_POST['newCat']; $catName = $newCat == true ? $_POST['newCatName'] : $_POST['oldCatName']; $catName = preg_replace('/[^A-Za-z0-9]/', '', $catName); if ($catName == '') { $errors[] = 'Invalid character in category name.'; } if (count($errors) >= 1) { echo '<div class="error">' . implode('</div><div class="error">', $errors) . '</div>'; } else { $name = cleanSql($name); $price = cleanSql($price);
<?php require_once '../config.php'; require_once '../functions.php'; require_once 'admin_functions.php'; if (!isAdmin()) { die('Only admins can access this page.'); } include '_header.php'; echoHeader('Pokedex Long View'); echo ' <script type="text/javascript" src="js/jquery-1.11.0.min.js"></script> <script type="text/javascript" src="js/__jquery.tablesorter.min.js"></script> <script> $(document).ready(function() { $("#myTable").tablesorter(); $("input:checkbox:not(:checked)").each(function() { var column = "table ." + $(this).attr("name"); $(column).hide(); }); $("input:checkbox").click(function(){ var column = "table ." + $(this).attr("name"); $(column).toggle(); }); }); </script> '; $query = mysql_query("SELECT * FROM `pokedex` ORDER BY `num` ASC"); echo '
<?php require_once '../config.php'; require_once '../functions.php'; require_once 'admin_functions.php'; if (!isAdmin()) { die('Only admins can access this page.'); } $handle = fopen('edit_snow_machine_log.txt', 'a+'); fwrite($handle, "{$_SESSION['username']} accessed edit_snow_machine.php" . PHP_EOL); fclose($handle); include '_header.php'; echoHeader('Edit Snow Machine'); if (isset($_POST['save'])) { $errors = array(); $name = str_replace(array(chr(0), '.', '/', '\\', '?', '<', '>'), '', $_POST['name']); if (!file_exists('../images/pokemon/' . $name . '.png')) { $errors[] = 'Could not find a picture for that pokemon.'; } $price = (int) str_replace(array(',', ' ', '$'), '', $_POST['price']); if ($price <= 0) { $errors[] = 'Price can not be negative.'; } $level = (int) $_POST['level']; if ($level <= 0 || $level > 100) { $errors[] = 'Level needs to be between 1 and 100.'; } $chance = (int) $_POST['chance']; if ($chance <= 0 || $chance > 100) { $errors[] = 'Chance needs to be between 1 and 100.'; }
<?php require_once '../config.php'; require_once '../functions.php'; require_once 'admin_functions.php'; if (!isAdmin()) { die; } include '_header.php'; echoHeader('News List'); $query = mysql_query("SELECT * FROM `news` ORDER BY `id` DESC"); echo ' <table class="pretty-table" style="margin-left: 10px; margin-right: 10px;"> <tr> <th>ID</th> <th>Title</th> <th>News</th> <th>Date</th> <th>By Who</th> </tr> '; while ($row = mysql_fetch_assoc($query)) { $row = cleanHtml($row); echo ' <tr> <td>' . $row['id'] . '</td> <td>' . $row['title'] . '</td> <td>' . $row['news'] . '</td> <td>' . $row['date'] . '</td> <td>' . $row['bywho'] . '</td> </tr>
<?php require_once '../config.php'; require_once '../functions.php'; require_once 'admin_functions.php'; if (!isAdmin()) { die('Only admins can access this page.'); } include '_header.php'; echoHeader('Staff Panel'); $filename = 'admin_messages_nkjdngksndfgermekmrz.txt'; if (isset($_POST['message'])) { $fh = fopen($filename, 'w'); fwrite($fh, $_POST['message']); fclose($fh); echo '<div class="notice">Message has been saved.</div>'; } echo ' <div class="center-text"> Admin List: ' . getAdminProfileList() . '<br /><br /> <form method="post"> <textarea name="message" cols="50" rows="10">' . file_get_contents($filename) . '</textarea><br /><br /> <input type="submit" value="Save" /> </form> </div> '; include '_footer.php';
<?php require_once '../config.php'; require_once '../functions.php'; require_once 'mod_functions.php'; if (!isMod()) { die('Only mods can access this page.'); } include '_header.php'; echoHeader('Mod Panel'); $filename = 'mod_messages_fsdfadfasdfa.txt'; if (isset($_POST['message'])) { $fh = fopen($filename, 'w'); fwrite($fh, $_POST['message']); fclose($fh); echo '<div class="notice">Message has been saved.</div>'; } echo ' <div class="center-text"> Mod List: ' . getModProfileList() . '<br /><br /> <form method="post"> <textarea name="message" cols="50" rows="10">' . file_get_contents($filename) . '</textarea><br /><br /> <input type="submit" value="Save" /> </form> </div> '; include '_footer.php';
<?php require_once '../config.php'; require_once '../functions.php'; require_once 'admin_functions.php'; if (!isAdmin()) { die('Only admins can access this page.'); } include '_header.php'; echoHeader('Sprites Awaiting Approval'); if (isset($_GET['id'])) { $id = (int) $_GET['id']; $query = mysql_query("SELECT * FROM `new_images` WHERE `id`='{$id}' LIMIT 1"); if (mysql_num_rows($query) == 1) { $imgRow = mysql_fetch_assoc($query); if (isset($_GET['accept'])) { $fname = '../images/pokemon/' . $imgRow['image_name'] . '.png'; if (file_exists($fname) && false) { $i = 1; while (true) { $bfname = '../images/pokemon/' . $imgRow['image_name'] . '_backup' . $i . '.png'; if (!file_exists($bfname)) { rename($fname, $bfname); break; } $i++; } } file_put_contents($fname, base64_decode($imgRow['image_data'])); echo '<div class="notice">Image has been added/updated!</div>'; } else {
<?php require_once '../config.php'; require_once '../functions.php'; require_once 'admin_functions.php'; if (!isAdmin()) { die('Only admins can access this page.'); } $handle = fopen('edit_user_log.txt', 'a+'); fwrite($handle, "{$_SESSION['username']} accessed edit_user.php" . PHP_EOL); fclose($handle); include '_header.php'; echoHeader('Edit User'); if (isset($_GET['id'])) { $_POST['useUsername'] = false; $_POST['userid'] = $_GET['id']; $_POST['find'] = 'Find User'; } $userid = (int) $_POST['userid']; $username = $_POST['username']; $usernameSql = cleanSql($username); $usernameHtml = cleanHtml($username); $foundUser = false; if (isset($_POST['find'])) { $useUsername = (bool) $_POST['useUsername']; if ($_POST['useUsername'] == true) { $whereSql = "WHERE `username`='{$usernameSql}'"; $userid = 0; } else { $whereSql = "WHERE `id`='{$userid}'"; $username = '';
<?php require_once '../config.php'; require_once '../functions.php'; require_once 'admin_functions.php'; if (!isAdmin()) { die('Only admins can access this page.'); } include '_header.php'; $text = isset($_GET['add']) ? 'Add Pokemon To Pokedex' : 'Edit Pokedex'; echoHeader($text); $pid = (int) $_GET['id']; define('MAX_STAT', 255); if (!isset($_GET['add'])) { $query = mysql_query("SELECT * FROM `pokedex` ORDER BY `num` ASC"); echo '<form method="get" class="center-text bottom-padded"><select name="id" style="font-family:Consolas,Monaco,Lucida Console,Liberation Mono,DejaVu Sans Mono,Bitstream Vera Sans Mono,Courier New, monospace;">'; while ($row = mysql_fetch_assoc($query)) { $opttext = ' ' . str_pad($row['name'], 30, ' ', STR_PAD_RIGHT) . str_pad('#' . $row['num'], 7, ' ', STR_PAD_LEFT) . ' '; $opttext = str_replace(' ', ' ', $opttext); $attr = $pid == $row['id'] ? ' selected="selected" ' : ''; echo '<option value="' . $row['id'] . '" ' . $attr . ' style="font-family:Consolas,Monaco,Lucida Console,Liberation Mono,DejaVu Sans Mono,Bitstream Vera Sans Mono,Courier New, monospace;">' . $opttext . '</option>'; } echo '</select> <input type="submit" value="Edit Pokedex" /></form>'; $query = mysql_query("SELECT * FROM `pokedex` WHERE `id`='{$pid}' LIMIT 1"); if (mysql_num_rows($query) == 0) { include '_footer.php'; die; } $pokeInfo = mysql_fetch_assoc($query); } else { $pokeInfo = array('name' => '', 'num' => '', 'attack' => '100', 'spattack' => '100', 'def' => '100', 'spdef' => '100', 'hp' => '100', 'speed' => '100', 'type1' => 'Normal', 'type2' => '', 'move1' => 'Fire Blast', 'move2' => 'Scratch', 'move3' => 'Bubble', 'move4' => 'Razor Leaf');
<?php require_once '../config.php'; require_once '../functions.php'; require_once 'mod_functions.php'; if (!isMod()) { die('Only mods can access this page.'); } include '_header.php'; echoHeader('Add New Sprite'); if (isset($_POST['submit'], $_POST['img_name'], $_POST['comment'])) { if ($_FILES['file']['error'] > 0) { // echo $_FILES["file"]["error"] . '<br />'; echo '<div class="error">There was an error!</div>'; } else { if ($_FILES['file']['size'] > 1048576) { echo '<div class="error">The file size it too large!</div>'; } else { $imageData = file_get_contents($_FILES['file']['tmp_name']); $im = imagecreatefromstring($imageData); if ($im == false) { echo '<div class="error">There was an error creating the image!</div>'; } else { $base64Image = cleanSql(base64_encode($imageData)); $imgName = cleanSql(trim(str_replace(array(chr(0), '<', '>', '.', '/', '\\'), '', $_POST['img_name']))); $comment = cleanSql($_POST['comment']); $uid = (int) $_SESSION['userid']; if (empty($imgName)) { echo '<div class="error">Image name was empty!</div>'; } else { mysql_query("\n\t\t\t\t\tINSERT INTO `new_images` (\n\t\t\t\t\t\t`uid`, `image_data`, `image_name`, `comment`\n\t\t\t\t\t) VALUES (\n\t\t\t\t\t\t'{$uid}', '{$base64Image}', '{$imgName}', '{$comment}'\n\t\t\t\t\t)\n\t\t\t\t");
<?php require_once '../config.php'; require_once '../functions.php'; require_once 'admin_functions.php'; if (!isAdmin()) { die('Only admins can access this page.'); } $handle = fopen('edit_pokemon_log.txt', 'a+'); fwrite($handle, "{$_SESSION['username']} accessed edit_pokemon.php" . PHP_EOL); fclose($handle); include '_header.php'; echoHeader('Edit Pokemon'); $pid = (int) $_GET['id']; echo ' <form method="get" class="center-text bottom-padded"> Pokemon ID: <input type="text" name="id" value="' . $pid . '" /> <input type="submit" value="Find Pokemon" /> </form> '; if ($pid == 0) { // echo 'Please enter the id of the pokemon you want to edit.'; include '_footer.php'; die; } $query = mysql_query("SELECT * FROM `user_pokemon` WHERE `id`='{$pid}' LIMIT 1"); if (mysql_num_rows($query) == 0) { echo 'This pokemon does not exist!'; include '_footer.php'; die; }
<?php require_once '../config.php'; require_once '../functions.php'; require_once 'admin_functions.php'; if (!isAdmin()) { die('Only admins can access this page.'); } include '_header.php'; echoHeader('Find Users With The Same IP.'); $ip = $_GET['ip']; $ipHtml = cleanHtml($ip); $ipSql = cleanSql($ip); echo ' <form method="get" class="center-text bottom-padded"> IP: <input type="text" name="ip" value="' . $ipHtml . '" /> <input type="submit" value="Search For IP" /> </form> '; if (isset($_GET['ip'])) { $query = mysql_query("SELECT * FROM `users` WHERE `ip`='{$ipSql}'"); if (mysql_num_rows($query) == 0) { echo ' <div class="error"> Could not find any users with the ip address of <strong>' . $ipHtml . '</strong>! </div> '; } else { echo ' <table class="center pretty-table" style="width: 50%;"> <tr>
<?php require_once '../config.php'; require_once '../functions.php'; require_once 'admin_functions.php'; if (!isAdmin()) { die('Only admins can access this page.'); } include '_header.php'; echoHeader('Edit Token Pokemon Shop'); if (isset($_POST['addPoke'])) { $errors = array(); $price = (int) str_replace(array(',', '.', '$'), '', $_POST['price']); if ($price < 0) { $errors[] = 'Price can not be negative.'; } $name = str_replace(array(chr(0), '.', '/', '\\', '?', '<', '>'), '', $_POST['name']); if (!file_exists('../images/pokemon/' . $name . '.png')) { $errors[] = 'Could not find a picture for that pokemon.'; } if (count($errors) >= 1) { echo '<div class="error">' . implode('</div><div class="error">', $errors) . '</div>'; } else { $name = cleanSql($name); $price = cleanSql($price); $query = mysql_query("\n INSERT INTO `token_shop_pokemon` (\n \t`name`, `price`\n ) VALUES (\n '{$name}', '{$price}'\n )\n "); if ($query) { echo '<div class="notice">The pokemon has been added to the shop.</div>'; } else { echo '<div class="error">There was an error.</div>'; }
<?php require_once '../config.php'; require_once '../functions.php'; require_once 'admin_functions.php'; if (!isAdmin()) { die('Only admins can access this page.'); } include '_header.php'; echoHeader('Edit Promo'); if (isset($_POST['save'])) { $errors = array(); $name = str_replace(array(chr(0), '.', '/', '\\', '?', '<', '>'), '', $_POST['name']); if (!file_exists('../images/pokemon/' . $name . '.png')) { $errors[] = 'Could not find a picture for that pokemon.'; } $money = (int) str_replace(array(',', ' ', '$'), '', $_POST['money']); if ($money < 0) { $errors[] = 'Money can not be negative.'; } $tokens = (int) str_replace(array(',', ' ', '$'), '', $_POST['tokens']); if ($tokens < 0) { $errors[] = 'Tokens can not be negative.'; } $level = (int) $_POST['level']; if ($level <= 0 || $level > 100) { $errors[] = 'Level needs to be between 1 and 100.'; } if (count($errors) >= 1) { echo '<div class="error">' . implode('</div><div class="error">', $errors) . '</div>'; } else {
echo "<br />"; } } echo "</div>"; } else { } } ?> </head> <body style="background:#DDD"> <div class="site"> <?php echoHeader(); ?> <div id="top" class="site_content"> <div class="principal" id="principal"><br /> <div class="p"> <font size="+3" style="margin-left:4%; color:#FFF;"><b> Notícias</b></font> </div> <div class="destaques-center"> <br /><br /> <center> <div class="divCentro" id="galeria" >
<?php require_once '../config.php'; require_once '../functions.php'; require_once 'admin_functions.php'; if (!isAdmin()) { die('Only admins can access this page.'); } include '_header.php'; echoHeader('Edit Referral Shop'); if (isset($_POST['addPoke'])) { $errors = array(); $price = (int) str_replace(array(',', '.', '$'), '', $_POST['price']); if ($price < 0) { $errors[] = 'Price can not be negative.'; } $name = str_replace(array(chr(0), '.', '/', '\\', '?', '<', '>'), '', $_POST['name']); if (!file_exists('../images/pokemon/' . $name . '.png')) { $errors[] = 'Could not find a picture for that pokemon.'; } if (count($errors) >= 1) { echo '<div class="error">' . implode('</div><div class="error">', $errors) . '</div>'; } else { $name = cleanSql($name); $price = cleanSql($price); $query = mysql_query("\n INSERT INTO `shop_ref` (\n \t`name`, `price`\n ) VALUES (\n '{$name}', '{$price}'\n )\n "); if ($query) { echo '<div class="notice">The pokemon has been added to the shop.</div>'; } else { echo '<div class="error">There was an error.</div>'; }
<?php require_once '../config.php'; require_once '../functions.php'; require_once 'admin_functions.php'; if (!isAdmin()) { die; } include '_header.php'; echoHeader('Edit News'); if (isset($_POST['save'])) { $errors = array(); $title = trim($_POST['title']); if (empty($title)) { $errors[] = 'Title can not be empty.'; } $content = trim($_POST['content']); if (empty($content)) { $errors[] = 'Content can not be empty.'; } $sqlPoster = cleanSql($_POST['poster']); $query = mysql_query("SELECT * FROM `users` WHERE `username`='{$sqlPoster}' AND `admin`='1'"); if (mysql_num_rows($query) == 0) { $errors[] = 'Invalid poster.'; } if (count($errors) >= 1) { echo '<div class="error">' . implode('</div><div class="error">', $errors) . '</div>'; } else { echo '<div class="notice">The news has been edited!</div>'; $sqlTitle = cleanSql($title); $sqlContent = cleanSql($content);
<?php require_once '../config.php'; require_once '../functions.php'; require_once 'admin_functions.php'; if (!isAdmin()) { die('Only admins can access this page.'); } include '_header.php'; echoHeader('Ban List'); echo ' <table class="center pretty-table center-text" style="width: 750px;"> <tr> <th>ID</th> <th>Username</th> <th>Reason For Ban</th> <th>Options</th> </tr> '; $query = mysql_query("SELECT * FROM `users` WHERE `banned`='1' ORDER BY `id` ASC"); while ($banRow = mysql_fetch_assoc($query)) { $banRow = cleanHtml($banRow); echo ' <tr> <td>' . $banRow['id'] . '</td> <td><a href="../profile.php?id=' . $banRow['id'] . '">' . $banRow['username'] . '</a></td> <td>' . $banRow['ban_reason'] . '</td> <td>[<a href="edit_user.php?id=' . $banRow['id'] . '">Edit User</a>]</td> </tr> '; }