function exchangeCheck() { if (isset($_SERVER['HTTP_REFERER'])) { $referral = $_SERVER['HTTP_REFERER']; $array = parse_url($referral); $referral1 = $array['host']; $referral2 = str_replace("www.", "", $referral1); $referral3 = "http://" . trim($referral2); $referral4 = "http://www." . $referral2; $select_link_in = yasDB_select("SELECT * FROM links WHERE url='{$referral1}' OR url='{$referral2}' OR url='{$referral3}' OR url='{$referral4}'"); if ($select_link_in->num_rows > 0) { $link_in = $select_link_in->fetch_array(MYSQLI_ASSOC); $select_link_in->close(); yasDB_update("UPDATE links SET `in`=`in`+1 WHERE id='{$link_in['id']}'"); return true; } } return false; }
$new_jobs[$jobNames[$i]][1] = $plus_month; } else { $new_jobs[$jobNames[$i]][1] = $midnight_today; } } } else { $new_jobs[$jobNames[$i]][1] = $job[1]; } if ($jobNames[$i] == 'gameque') { $new_jobs[$jobNames[$i]][3] = intval($_POST['gameCount']); } $i++; } $new_jobs['jobstate'] = $status; $finished_jobs = serialize($new_jobs); yasDB_update("UPDATE `settings` SET `jobs` = '{$finished_jobs}' WHERE `id` = 1"); include "../includes/settings_function.inc.php"; createConfigFile(); ?> <center>Scheduled Jobs updated!<br/><a href="index.php?act=managejobs" />Continue</a></center><?php } else { if (isset($_GET['run'])) { $_SESSION['runjobs'] = 'good-to-go'; $runjob = $_GET['run']; class usersOnline { public function ipCheck() { if (getenv('HTTP_CLIENT_IP')) { $ip = getenv('HTTP_CLIENT_IP'); } elseif (getenv('HTTP_X_FORWARDED_FOR')) {
$name = yasDB_clean($_POST['name']); $email = yasDB_clean($_POST['email']); $location = yasDB_clean($_POST['location']); $aboutme = yasDB_clean($_POST['aboutme']); $hobbies = yasDB_clean($_POST['hobbies']); $shhobs = yasDB_clean($_POST['shhobs']); $shloc = yasDB_clean($_POST['shloc']); $sheml = yasDB_clean($_POST['sheml']); $shname = yasDB_clean($_POST['shname']); $shabout = yasDB_clean($_POST['shabout']); $deact = yasDB_clean($_POST['deact']); $cmtsdisabled = yasDB_clean($_POST['cmtsdisabled']); yasDB_update("UPDATE `user` SET website = '{$website}', name = '{$name}', email = '{$email}', location = '{$location}', aboutme = '{$aboutme}', hobbies = '{$hobbies}', shhobs = '{$shhobs}', shloc = '{$shloc}', sheml = '{$sheml}', shname = '{$shname}', shabout = '{$shabout}', deact = '{$deact}', cmtsdisabled = '{$cmtsdisabled}' WHERE username = '******'"); if (!empty($_POST['password'])) { $password = md5(yasDB_clean($_POST['password'])); yasDB_update("UPDATE user SET password = '******' WHERE username = '******'"); } echo '<META HTTP-EQUIV="Refresh" CONTENT="0; URL=index.php?act=profile">'; } else { $query = yasDB_select("SELECT * FROM `user` WHERE username = '******'"); $row = $query->fetch_array(MYSQLI_ASSOC); echo ' <div class="containbox2"><div id="preview"></div><div id="profileBox"> <form name="usersettings" id="profile" method="post" action="index.php?act=profile"> <table class="tg"> <tr> <th class="tg-s6z2" colspan="4">' . $user . 's Profile:</th> </tr> <tr> <td class="tg-vn4c">Name:</td> <td class="tg-vn4c"><input type="text" name="name" id="s-a-g" value="' . $row['name'] . '" size="30" /></td> <td class="tg-vn4c">Email:</td>
<input type="submit" name="submit" value="Submit" /><br/><br/> </form> <?php if (isset($_POST["username"]) || isset($_POST["useremail"])) { $username = $_POST["username"]; $useremail = $_POST["useremail"]; $res = yasDB_select("SELECT * FROM user WHERE username='******' AND email='{$useremail}'", false); $row = $res->fetch_array(MYSQLI_ASSOC); $res->close(); if (!empty($row)) { $email = $row["email"]; srand((double) microtime() * 1000000); $random = rand(1234, 2343); $password = $row["name"] . $random; $upassword = md5($password); yasDB_update("UPDATE user SET password='******' WHERE username='******'", false); $headers = "From: {$setting['email']} \n"; //from address $headers .= "MIME-Version: 1.0\n"; $headers .= "Content-type: text/html; charset=iso-8859-1 \n"; $subject = $setting['sitename'] . " Password Reset - Do Not Reply"; $body = "<div align=center><br><br>----------------------------- Password Reset--------------------------------<br><br><br><br>\n\t\tYour New Password is: {$password}<br/>\n\t\tPlease log in and create a new password if you wish.</div>"; if (mail($email, $subject, $body, $headers)) { echo "<font class=tblackb>Your password has been sent to your Email address</font>"; } else { echo ""; } } else { echo '<span style="color: #ff0000;">Invalid user name or email. If you feel this is error, please contact us for assistance.</span><br/>'; } }
echo $row['id']; ?> " /><input type="submit" class="button" name="check" value="Edit!" /> <input type="reset" class="button" value="Reset" /></td> </tr> </table> </div> </form> <?php } } elseif (isset($_GET['check'])) { if (empty($_GET['name'])) { echo '<center>One or more fields was left empty.<br />'; echo '<a href="index.php?act=manageforumcats&edit=' . $_GET['id'] . '">Click here to go back</a></center>'; } else { yasDB_update("UPDATE forumcats SET name = '{$_GET['name']}', active = '{$_GET['active']}', `order` = '{$_GET['order']}', `desc` = '{$_GET['desc']}' where id = '{$_GET['id']}'", false); echo '<center>Category Successfully edited!<br/><br/>'; echo '<a href="index.php?act=manageforumcats">Click here to proceed</a></center>'; } } elseif (!empty($_GET['delete'])) { $query = yasDB_select("SELECT id FROM forumcats WHERE id = '{$_GET['delete']}'", false); if ($query->num_rows == 0) { echo '<center>You cannot delete a category that does not exist!<br />'; echo '<a href="index.php?act=manageforumcats">Click here to go back</a></center>'; $query->close(); } else { $query->close(); yasDB_delete("DELETE FROM forumcats WHERE id = '{$_GET['delete']}'"); echo '<center>Category successfully deleted.<br />'; echo '<a href="index.php?act=manageforumcats">Click here to proceed</a></center>'; }
echo "Error converting games to the new category. Please check your dberror_log.txt for more details.<br/>Deleting of category cancelled."; } else { $catreturn = yasDB_delete("DELETE FROM categories WHERE id={$oldid}"); if ($catreturn === false) { echo "Error deleteing category. Please check your dberror_log.txt for more details.<br/>Deleting of category aborted."; } else { echo '<center>Category Successfully deleted!<br/><br/>'; echo '<a href="index.php?act=categories">Click here to proceed</a></center>'; } } } elseif (isset($_GET['check'])) { if (empty($_GET['name'])) { echo '<center>One or more fields was left empty.<br />'; echo '<a href="index.php?act=categories&edit=' . $_GET['id'] . '">Click here to go back</a></center>'; } else { yasDB_update("UPDATE categories SET name = '{$_GET['name']}', active = '{$_GET['active']}', `order` = '{$_GET['order']}', `parent` = '{$_GET['parent']}', `home` = '{$_GET['home']}', `desc` = '{$_GET['desc']}', `pid` = '{$_GET['pid']}' where id = '{$_GET['id']}'", false); echo '<center>Category Successfully edited!<br/><br/>'; echo '<a href="index.php?act=categories">Click here to proceed</a></center>'; } } elseif (!empty($_GET['delete'])) { $query = yasDB_select("SELECT id FROM categories WHERE id = " . intval($_GET['delete']), false); $query2 = yasDB_select("SELECT COUNT(id) AS count FROM games WHERE category=" . intval($_GET['delete'])); $tcount = $query2->fetch_array(MYSQLI_ASSOC); if ($query->num_rows == 0) { echo '<center>You cannot delete a category that does not exist!<br />'; echo '<a href="index.php?act=categories">Click here to go back</a></center>'; $query->close(); } elseif ($tcount['count'] > 0) { ?> <center>Games are attached to this category. Please choose a category for these games.<br /> <?php
$user = null; } if (!empty($user_profile)) { $username = $user_profile['name']; $uid = $user_profile['id']; $email = $user_profile['email']; $user = new User(); $userdata = $user->checkUser($uid, 'facebook', $username, $email); if (!empty($userdata)) { $_SESSION['userid'] = $userdata['id']; $_SESSION['oauth_id'] = $uid; $_SESSION['user'] = $userdata['username']; $_SESSION['email'] = $email; $_SESSION['oauth_provider'] = $userdata['oauth_provider']; $now = time(); $query = yasDB_select("SELECT `id` FROM `membersonline` WHERE `memberid` = '{$userdata['id']}'"); if ($query->num_rows == 0) { yasDB_insert("INSERT INTO `membersonline` (id, memberid, timeactive) VALUES ('', '{$userdata['id']}', '{$now}')", false); } else { yasDB_update("UPDATE `membersonline` SET timeactive='{$now}' WHERE `memberid`='{$userdata['id']}'"); } header("Location: " . $setting['siteurl']); exit; } } else { die("There was an error."); } } else { $login_url = $facebook->getLoginUrl(array('scope' => 'email')); header("Location: " . $login_url); }
$name = ''; } } $date = date("F j, Y, g:i a"); //create date time $sql = "INSERT INTO `forumtopics` (id, subject, cat, date, name, text,lastupdate) VALUES ('', '{$subject}', {$cat}, '{$date}', '{$name}', '{$text}'," . time() . ")"; $result = yasDB_insert($sql); if (isset($_SESSION['user'])) { $user = yasDB_clean($_SESSION['user']); yasDB_update("UPDATE `user` set topics = topics +1 WHERE username = '******'"); // add a post to the user yasDB_update("UPDATE `user` set totalposts = totalposts +1 WHERE username = '******'"); // add a post to user total yasDB_update("UPDATE `stats` set numbers = numbers +1 WHERE id = '3'"); // adds a post to Forum Total Posts yasDB_update("UPDATE `stats` set numbers = numbers +1 WHERE id = '4'"); // adds a post to Post Today } if ($result) { ?> <center>Successful<br/></center> <?php $query = yasDB_select("SELECT max(id) AS lastid FROM forumtopics"); $answer = $query->fetch_array(MYSQLI_ASSOC); if ($setting['seo'] == 'yes') { $answerlink = $setting['siteurl'] . 'forumtopics/' . $answer['lastid'] . '/1.html'; } else { $answerlink = $setting['siteurl'] . 'index.php?act=forumtopics&id=' . $answer['lastid']; } ?> <center><a href="<?php
echo "\n\n<form action='forgotpassword.php' method='POST'>\n\tEnter your username <input type='text' name='username'><p><br>\n\tEnter your email <input type='text' name='email'><p></br>\n\t<input type='submit' value='Submit' name='submit'></br><br>\n</form>\n\n"; if (isset($_POST['submit'])) { $username = yasDB_clean($_POST['username']); $email = yasDB_clean($_POST['email']); $query = yasDB_select("SELECT * FROM user WHERE username='******'"); $numrow = $query->num_rows; if ($numrow != 0) { while ($row = mysqli_fetch_assoc($query)) { $db_email = $row['email']; } if ($email == $db_email) { $code = rand(10000, 1000000); $to = $db_email; $subject = $setting['sitename'] . " Password Reset"; $body = "\n\t\t\tYou are receiving this e-mail because a request was made to reset your password\t\t\t\n\t\t\tIf you did not make this request, you can ignore this e-mail. Click this link to reset your password.\n\t\t\t" . $setting['siteurl'] . "forgotpassword.php?code={$code}&username={$username}"; yasDB_update("UPDATE user SET passreset='{$code}' WHERE username='******'"); mail($to, $subject, $body); echo "Check your email for password reset"; } else { echo "Email is incorrect"; } } else { echo "That username doesnt exist"; } } } ?> </div> <div class="clear"></div> </div> </body>
echo $row['newsid']; ?> " /><input type="submit" class="button" name="edit" value="Edit!" /><input type="reset" class="button" value="Reset"/></td> </tr> </table> </div> </form> <?php } $query->close(); } elseif (isset($_POST['edit'])) { if (!isset($_POST['username']) || !isset($_POST['comment'])) { echo '<center>One or more fields was left empty.<br />'; echo '<a href="index.php?act=newsblogcomments&edit=' . intval($_POST['id']) . '">Click here to go back</a><center>'; } else { yasDB_update("update newsblog set username = '******'username']) . "', comment = '" . yasDB_clean($_POST['comment']) . "' WHERE id = " . intval($_POST['id']), false); echo '<center>Comment Successfully edited!<br />'; echo '<a href="index.php?act=newsblogcomments">Click here to proceed</a></center>'; } } elseif (!empty($_GET['delete'])) { $query = yasDB_select("select id from newsblog where id = " . intval($_GET['delete']), false); if ($query->num_rows == 0) { echo '<center>You cannot delete a members comment that does not exist!<br />'; echo '<a href="index.php?act=newsblogcomments">Click here to go back</a></center>'; $query->close(); } else { $query->close(); yasDB_delete("delete from newsblog where id = " . intval($_GET['delete']), false); echo '<center>Members comment successfully deleted.<br />'; echo '<a href="index.php?act=newsblogcomments">Click here to proceed</a></center>'; }
</div> <?php $replace = array('https://', 'http://', 'www.'); $serverUrl = $setting['siteurl']; $serverUrl = str_replace($replace, "", $serverUrl); $serverUrl = 'www.' . $serverUrl; if (isset($_POST['edit_ga'])) { $galogin = yasDB_clean($_POST['gaLogin']); $gapassword = yasDB_clean($_POST['gaPassword']); $gaurl = yasDB_clean($_POST['gaUrl']); if ($gapassword == "") { $pswd = ""; } else { $pswd = ", `gapassword` = '" . $gapassword . "'"; } yasDB_update("UPDATE `settings` SET `galogin` = '{$galogin}'" . $pswd . ", `gaurl` = '{$gaurl}' WHERE id = 1", false); echo '<center>Updated!'; echo '<br/><a href="index.php?act=gainfo">Click to continue.</a></center>'; } else { echo '<br/>'; $query = yasDB_select("SELECT `galogin`, `gapassword`, `gaurl` FROM `settings` WHERE `id` = 1"); $social = $query->fetch_array(MYSQLI_ASSOC); ?> <div class="table"> <img src="img/bg-th-left.gif" width="8" height="7" alt="" class="left" /> <img src="img/bg-th-right.gif" width="7" height="7" alt="" class="right" /> <form name="app_ids" method="post" action="index.php?act=gainfo"> <table class="listing form" cellpadding="0" cellspacing="0"> <tr> <th class="full" colspan="2">Google Analytics Login Info</th> </tr>
} // kill the script because normal users will never see this. //connecting to the database to get some information $query = yasDB_select("SELECT total_votes, total_value, used_ips FROM ratingsbar WHERE id='{$id_sent}' ") or die(" Error"); $numbers = $query->fetch_array(MYSQLI_ASSOC); $checkIP = unserialize($numbers['used_ips']); $count = $numbers['total_votes']; //how many votes total $current_rating = $numbers['total_value']; //total number of rating added together and stored $sum = $vote_sent + $current_rating; // add together the current vote value and the total vote value $tense = $count == 1 ? "vote" : "votes"; $sum == 0 ? $added = 0 : ($added = $count + 1); is_array($checkIP) ? array_push($checkIP, $ip_num) : ($checkIP = array($ip_num)); $insertip = serialize($checkIP); //IP check when voting $result = yasDB_select("SELECT used_ips FROM ratingsbar WHERE used_ips LIKE '%" . $ip . "%' AND id='" . $id_sent . "' "); $voted = $result->num_rows; if (!$voted) { //if the user hasn't yet voted, then vote normally... if ($vote_sent >= 1 && $vote_sent <= $units && $ip == $ip_num) { // keep votes within range $update = "UPDATE ratingsbar SET total_votes='" . $added . "', total_value='" . $sum . "', used_ips='" . $insertip . "' WHERE id='{$id_sent}'"; $result = yasDB_update($update); } header("Location: {$referer}"); // go back to the page we came from exit; } //end for the "if(!$voted)"
</head> <body> <div id="body_wrapper"> <div id="wrapper"><div id="menu">Your Account:</div> <div id="marqueecontainer" onMouseover="copyspeed=pausespeed" onMouseout="copyspeed=marqueespeed"> <div id="vmarquee" style="position: absolute; width: 98%;"> <?php include_once "includes/config.inc.php"; include_once "includes/db_functions.inc.php"; $id = intval($_GET['id']); $code = yasDB_clean($_GET['code']); if ($id && $code) { $check = yasDB_select("SELECT id FROM user WHERE id={$id} AND randomkey='{$code}'", false); $checknum = $check->num_rows; if ($checknum == 1) { $activated = yasDB_update("UPDATE user SET activated='1' WHERE id='{$id}'", false); echo '<h4>Your account is now active you can now login!.<br /> Click here to login.<br /> <a href="' . $setting['siteurl'] . 'index.php">Login</a> </h4>'; } else { echo '<h4>Invalid ID or Activation code.Please contact admin using our contact form<br /> <a href="' . $setting['siteurl'] . 'contactus.html">Contact Us</a> </h4>'; } } else { echo '<h4>Date missing!<br /><br /> This means something has went wrong when you tryed to register with us. <br /> Please contact admin from the contactus page <br /> <a href="' . $setting['siteurl'] . 'contactus.html">Contact Us</a></h4>'; } ?> </div>
<div id="center"> <div class="container_box1"><div id="headergames2">Members</div> <div class="containbox"> <?php //include "includes/db_functions.inc.php"; $newpass = $_POST['newpass']; $newpass1 = $_POST['newpass1']; $post_username = $_POST['username']; $code = $_GET['code']; if (strlen($_POST['newpass']) < 4 || strlen($_POST['newpass']) > 20) { echo "<h3>Password must be between 4 and 20 characters!</h3><br />Go back to your mail and click on the link again"; } else { if ($newpass == $newpass1) { $enc_pass = md5($newpass); yasDB_update("UPDATE user SET password='******' WHERE username='******'"); yasDB_update("UPDATE user SET repeatpassword='******' WHERE username='******'"); yasDB_update("UPDATE user SET passreset='0' WHERE username='******'"); echo "Your password has been updated!"; } else { echo "Passwords must match. Go back to your mail and click on the link again"; } } ?> </div> <div class="clear"></div></div>
$new = $query2->fetch_array(); $old = $query1->fetch_array(); yasDB_select("UPDATE `gameque` SET `order` = `order` +1 WHERE `source` = '{$new[0]}' AND `sourceid` = {$new[1]}"); yasDB_select("UPDATE `gameque` SET `order` = `order` - 1 WHERE `source` = '{$old[0]}' AND `sourceid` = {$old[1]}"); } break; } } exit; } if (isset($_GET['delete'])) { $ident = explode(',', $_GET['delete']); $query1 = yasDB_select("SELECT `order` FROM `gameque` WHERE `source` = '" . yasDB_clean($ident[0]) . "' AND `sourceid` = " . intval($ident[1])); $order = $query1->fetch_array(); $deleteResult = yasDB_delete("DELETE FROM `gameque` WHERE `source` = '" . yasDB_clean($ident[0]) . "' AND `sourceid` = " . intval($ident[1])); yasDB_update("UPDATE `gameque` SET `order` = `order` - 1 WHERE `order` > {$order[0]}"); } ?> <script language="JavaScript"> function Check(chk) { if(document.deleteform.Check_All.value=="Check All"){ for (i = 0; i < chk.length; i++) { chk[i].checked = true; } document.deleteform.Check_All.value="UnCheck All"; } else { for (i = 0; i < chk.length; i++) { chk[i].checked = false; } document.deleteform.Check_All.value="Check All"; }
function install_konggame($gameid) { global $mysqli; $query = yasDB_select("SELECT * FROM `kongregate` WHERE `id` = '{$gameid}'", false); $result = $query->fetch_array(MYSQLI_ASSOC); $categories = array('Action' => 2, 'Adventure & RPG' => 3, 'Strategy & Defense' => 10, 'Multiplayer' => 2, 'Puzzle' => 1, 'Rhythm' => 7, 'Shooter' => 5, 'Sports & Racing' => 4, 'Music & More' => 7); //Other // Download and save game file if ($result['file']) { $g_url = str_replace("..", "", $result['file']); $game_file = basename($g_url); $game_file = "kong_" . preg_replace('#\\W#', '', $result['title']) . "." . GetFileExtension($result['file']); $game_url = '../swf/' . $game_file; download_file($g_url, $game_url); } else { return false; } // Download and save thumbnail pic if ($result['thumbnail']) { $t_url = str_replace("..", "", $result['thumbnail']); $smallthumb = "kong_" . preg_replace('#\\W#', '', $result['title']) . "." . GetFileExtension($result['thumbnail']); $thumb = '../img/' . $smallthumb; download_file($t_url, $thumb); } $desc = yasDB_clean($result['description']); // Prep for DB insert $gamename = yasDB_clean($result['title']); $gamefile = yasDB_clean(str_replace("../", "", $game_url)); $gamethumb = yasDB_clean(str_replace("../", "", $thumb)); $height = $result['height']; $width = $result['width']; $c = $result['category']; $category = $categories[$c]; $query->close(); $query = yasDB_insert("INSERT INTO `games` (`id`, `title`, `description`, `instructions`, `keywords`, `file`, `height`, `width`, `category`, `plays`, `code`, `type`, `source`, `sourceid`, `thumbnail`, `thumbnail_200`, `screen1`, `screen2`, `screen3`, `screen4`) VALUES (NULL, '{$gamename}', '{$desc}', '', '', '{$gamefile}', {$height}, {$width}, {$category}, 0, '', 'SWF', 'KONGREGATE', {$gameid}, '{$gamethumb}', '', '', '','','')", false); if (!$query) { echo 'Error updating Games database'; return false; } $query = yasDB_update("UPDATE kongregate SET installed = 1 WHERE id = {$result['id']}", false); if (!query) { echo 'Error updating kongergate database'; return false; } return true; }
echo $row['id']; ?> " /><input type="submit" class="button" name="edit" value="Edit!" /><input type="reset" class="button" value="Reset"/></td> </tr> </table> </div> </form> <?php } $query->close(); } elseif (isset($_POST['edit'])) { if (empty($_POST['name']) || empty($_POST['comment'])) { echo '<center>One or more fields was left empty.<br />'; echo '<a href="index.php?act=memberscomment?edit=' . $_POST['id'] . '">Click here to go back</a></center>'; } else { yasDB_update("update memberscomments set name = '{$_POST['name']}', comment = '{$_POST['comment']}' where id = '{$_POST['id']}'", false); echo '<center>Comment Successfully edited!<br />'; echo '<a href="index.php?act=memberscomment">Click here to proceed</a></center>'; } } elseif (!empty($_GET['delete'])) { $query = yasDB_select("select id from memberscomments where id = '{$_GET['delete']}'", false); if ($query->num_rows == 0) { echo '<center>You cannot delete a members comment that does not exist!<br />'; echo '<a href="index.php?act=memberscomment">Click here to go back</a></center>'; $query->close(); } else { $query->close(); yasDB_delete("delete from memberscomments where id = '{$_GET['delete']}'", false); echo '<center>Members comment successfully deleted.<br />'; echo '<a href="index.php?act=memberscomment">Click here to proceed</a></center>'; }
$endban = $endban * 24 * 60 * 60; $endban = time() + $endban; } } else { $endban = 0; } yasDB_update("UPDATE user SET username = '******'username']}', email = '{$_POST['email']}', website = '{$_POST['website']}', endban = {$endban} \n\t\t\tWHERE id = '{$_POST['id']}'"); echo '<center>user Successfully edited!<br />'; echo '<a href="index.php?act=manage_users">Click here to proceed</a></center>'; } } elseif (!empty($_GET['reset'])) { $query = yasDB_select("SELECT avatar FROM user WHERE id='{$_GET['reset']}'"); $exists = $query->fetch_array(MYSQLI_ASSOC); if ($exists['avatar'] != "") { unlink("../avatars/" . $exists['avatar']); yasDB_update("UPDATE user SET avatar='' WHERE id='{$_GET['reset']}'"); echo "<center>Users avatar has been deleted and reset.<br />"; echo "<a href=\"index.php?act=manage_users\">Click here to proceed</a></center>"; } } elseif (!empty($_GET['delete'])) { $query = yasDB_select("select username FROM user WHERE id = '{$_GET['delete']}'"); if ($query->num_rows == 0) { echo '<center>You cannot delete a user that does not exist!<br />'; echo '<a href="index.php?act=manage_users">Click here to go back</a></center>'; } else { yasDB_delete("DELETE FROM user WHERE id = '{$_GET['delete']}'"); echo '<center>user successfully deleted.<br />'; echo '<a href="index.php?act=manage_users">Click here to proceed</a></center>'; } } elseif (isset($_POST['deletechecked'])) { $count = count($_POST['checkbox']);
function install_vascogame($gameid) { global $mysqli; $query = yasDB_select("SELECT * FROM `vascogames` WHERE `id` = '{$gameid}'", false); $result = $query->fetch_array(MYSQLI_ASSOC); $categories = array('action games' => 2, 'adventure games' => 3, 'strategy games' => 10, 'skill games' => 10, 'puzzle games' => 1, 'arcade games' => 9, 'shooting games' => 5, 'sports games' => 4, 'misc games' => 7, 'car games' => 4); //Strategy // Download and save game file if ($result['file']) { $g_url = str_replace("..", "", $result['file']); $game_file = basename($g_url); $game_file = "vasco_" . preg_replace('#\\W#', '', $result['title']) . "." . GetFileExtension($result['file']); $game_url = '../swf/' . $game_file; download_file($g_url, $game_url); } else { return false; } // Download and save thumbnail pic if ($result['thumbnail']) { $t_url = str_replace("..", "", $result['thumbnail']); $smallthumb = "vasco_" . preg_replace('#\\W#', '', $result['title']) . "." . GetFileExtension($result['thumbnail']); $thumb = '../img/' . $smallthumb; download_file($t_url, $thumb); } $desc = yasDB_clean($result['description']); // Prep for DB insert $gamename = yasDB_clean($result['title']); $gamefile = yasDB_clean(str_replace("../", "", $game_url)); $gamethumb = yasDB_clean(str_replace("../", "", $thumb)); $height = $result['height']; $width = $result['width']; $c = $result['category']; $category = $categories[$c]; $query->close(); if ($category == null || $category == '' || $category == 0) { $category == 7; } $query = yasDB_insert("INSERT INTO `games` (`id`, `title`, `description`, `instructions`, `keywords`, `file`, `height`, `width`, `category`, `plays`, `code`, `type`, `source`, `sourceid`, `thumbnail`, `thumbnail_200`, `screen1`, `screen2`, `screen3`, `screen4`) VALUES (NULL, '{$gamename}', '{$desc}', '', '', '{$gamefile}', {$height}, {$width}, {$category}, 0, '', 'SWF', 'VASCOGAMES', {$gameid}, '{$gamethumb}', '', '', '','','')", false); if (!$query) { echo 'Error updating Games database'; return false; } $query = yasDB_update("UPDATE `vascogames` SET `installed` = 1 WHERE `id` = {$result['id']}", false); if (!query) { echo 'Error updating vascogames database'; return false; } return true; }
echo '<center>Files per page must be a number.</center>'; } else { if ($_POST['use'] == 1) { $captcha = 'yes'; } else { $captcha = 'no'; } if (!empty($_POST['password']) && $_POST['password'] == $_POST['passwordcheck']) { $id = '1'; yasDB_update("UPDATE settings SET gperpage = " . intval($_POST['gperpage']) . ", numbgames = " . intval($_POST['numbgames']) . ", gamesort = '{$_POST['gamesort']}', approvelinks = '{$_POST['approvelinks']}', numblinks = " . intval($_POST['numblinks']) . ", seo = '{$_POST['seo']}' , lightbox = '{$_POST['lightbox']}', theme = '{$_POST['theme']}', skin = '{$_POST['skin']}', disabled = '{$_POST['disabled']}', regclosed = '{$_POST['regclosed']}', email = '{$_POST['email']}', sitename = '" . yasDB_clean($_POST['sitename']) . "', slogan = '" . yasDB_clean($_POST['slogan']) . "', metades = '" . yasDB_clean($_POST['metades']) . "', metakeywords = '" . yasDB_clean($_POST['metakeywords']) . "',`userecaptcha` = '{$captcha}', `cachelife` = " . intval($_POST['pagecache']) . ", `password` = '" . md5($_POST['password']) . "' where id = '1'"); include "../includes/settings_function.inc.php"; createConfigFile(); echo '<center>Site settings updated!<br />'; echo '<a href="index.php?act=settings">Click here to proceed.</a></center>'; } elseif (empty($_POST['password'])) { yasDB_update("UPDATE settings SET gperpage = " . intval($_POST['gperpage']) . ", numbgames = " . intval($_POST['numbgames']) . ", gamesort = '{$_POST['gamesort']}', approvelinks = '{$_POST['approvelinks']}', numblinks = " . intval($_POST['numblinks']) . ", seo = '{$_POST['seo']}' , lightbox = '{$_POST['lightbox']}', theme = '{$_POST['theme']}', skin = '{$_POST['skin']}', disabled = '{$_POST['disabled']}', regclosed = '{$_POST['regclosed']}', email = '{$_POST['email']}', sitename = '" . yasDB_clean($_POST['sitename']) . "', slogan = '" . yasDB_clean($_POST['slogan']) . "', metades = '" . yasDB_clean($_POST['metades']) . "', metakeywords = '" . yasDB_clean($_POST['metakeywords']) . "',`userecaptcha` = '{$captcha}', `cachelife` = " . intval($_POST['pagecache']) . " where id = '1'"); include "../includes/settings_function.inc.php"; createConfigFile(); echo '<center>Site settings updated!<br />'; echo '<a href="index.php?act=settings"><span style="color:green;">Click here to proceed.</span></a></center>'; } else { echo '<center>Passwords did not match!<br />'; echo '<a href="index.php?act=settings">Click here to proceed.</a></center>'; } } } } else { $query = yasDB_select("SELECT * FROM settings"); $row = $query->fetch_array(MYSQLI_ASSOC); $dir = $setting['sitepath'] . '/templates/'; $files = scandir($dir);
function install_mgfgame($gameid) { global $mysqli; $query = yasDB_select("SELECT * FROM `mgffeed` WHERE `id` = '{$gameid}'", false); $result = $query->fetch_array(MYSQLI_ASSOC); // Download and save game file if ($result['file']) { $g_url = str_replace("..", "", $result['file']); $game_file = basename($g_url); $game_file = "mgf_" . $result['title'] . "." . GetFileExtension($result['file']); $game_url = '../swf/' . $game_file; download_file($g_url, $game_url); } else { return false; } // Download and save thumbnail pic if ($result['thumbnail']) { $t_url = str_replace("..", "", $result['thumbnail']); $smallthumb = "mgf_" . $result['title'] . "." . GetFileExtension($result['thumbnail']); $sm_thumb = '../img/' . $smallthumb; download_file($t_url, $sm_thumb); } $desc = yasDB_clean($result['description']); // Prep for DB insert $gamename = yasDB_clean($result['title']); $keywords = yasDB_clean($result['keywords']); $gamefile = yasDB_clean(str_replace("../", "", $game_url)); $gamethumb = yasDB_clean(str_replace("../", "", $sm_thumb)); $gamethumb200 = yasDB_clean(str_replace("../", "", $med_thumb)); $height = intval($result['height']); $width = intval($result['width']); $instructions = yasDB_clean($result['instructions']); $keywords = yasDB_clean($result['keywords']); $category = $result['category']; $review = yasDB_clean($result['review']); $query->close(); $query = yasDB_insert("INSERT INTO `games` (`id`, `title`, `description`, `instructions`, `keywords`, `file`, `height`, `width`, `category`, `plays`, `code`, `type`, `source`, `sourceid`, `thumbnail`, `ismochi`, `thumbnail_200`, `screen1`, `screen2`, `screen3`, `screen4`, `review`, `active`) VALUES (NULL, '{$gamename}', '{$desc}', '{$instructions}', '{$keywords}', '{$gamefile}', {$height}, {$width}, {$category}, 0, '', 'SWF', 'OTHER', {$gameid}, '{$gamethumb}', 0, '{$gamethumb200}', '', '','','', '{$review}', 1)", false); if (!$query) { echo 'Error updating Games database'; return false; } $query = yasDB_update("UPDATE mgffeed SET installed = '1' WHERE id = {$result['id']}", false); if (!$query) { echo 'Error updating mgffeed database'; return false; } return true; }
function install_fgdgame($gameid) { global $mysqli; $query = yasDB_select("SELECT * FROM `fgdfeed` WHERE `id` = '{$gameid}'", false); $result = $query->fetch_array(MYSQLI_ASSOC); $categories = array('Action' => 2, 'Adventure' => 3, 'Arcade' => 9, 'Defense' => 10, 'Casino' => 6, 'Driving' => 2, 'Fighting' => 2, 'Gadgets' => 10, 'Multiplayer' => 2, 'Puzzle' => 1, 'Rhythm' => 7, 'RPG' => 3, 'Shooter' => 5, 'Sports' => 4, 'Strategy' => 10, 'Other' => 7); //Other // Download and save game file if ($result['gamefile']) { $g_url = str_replace("..", "", $result['gamefile']); $game_file = basename($g_url); $game_file = "fgd_" . $result['uuid'] . "." . GetFileExtension($result['gamefile']); $game_url = '../swf/' . $game_file; download_file($g_url, $game_url); } else { return false; } // Download and save thumbnail pic if ($result['thumbfile']) { $t_url = str_replace("..", "", $result['thumbfile']); $smallthumb = "fgd_" . $result['uuid'] . "." . GetFileExtension($result['thumbfile']); $thumb = '../img/' . $smallthumb; download_file($t_url, $thumb); } $desc = yasDB_clean($result['description']); // Prep for DB insert $gamename = yasDB_clean($result['title']); $gamefile = yasDB_clean(str_replace("../", "", $game_url)); $gamethumb = yasDB_clean(str_replace("../", "", $thumb)); $tags = yasDB_clean($result['tags']); $height = $result['height']; $width = $result['width']; $c = explode(",", $result['categories']); if ($c[0] == "Other" || $c[0] == "Gadgets" || $c[0] == "Rhythm" || $c[0] == "Arcade") { $category = getCategory(wordsArray($result['title'] . ' ' . $result['description'] . ' ' . $result['tags'])); } else { $category = $categories[$c[0]]; } $query->close(); $query = yasDB_insert("INSERT INTO `games` (`id`, `title`, `description`, `instructions`, `keywords`, `file`, `height`, `width`, `category`, `plays`, `code`, `type`, `source`, `sourceid`, `thumbnail`, `thumbnail_200`, `screen1`, `screen2`, `screen3`, `screen4`) VALUES (NULL, '{$gamename}', '{$desc}', '', '{$tags}', '{$gamefile}', {$height}, {$width}, {$category}, 0, '', 'SWF', 'FGD', {$gameid}, '{$gamethumb}', '', '', '','','')", false); if (!$query) { echo 'Error updating Games database'; return false; } $query = yasDB_update("UPDATE fgdfeed SET installed = 1 WHERE id = {$result['id']}", false); if (!query) { echo 'Error updating fgdfeed database'; return false; } return true; }
<?php session_start(); require_once "db_functions.inc.php"; require_once "config.inc.php"; if (isset($_SESSION['userid'])) { $af = yasDB_clean($_GET['af']); $userid = yasDB_clean($_SESSION['userid']); yasDB_delete("DELETE FROM `avatars` WHERE `userid` = '{$userid}' and `avatar` = '{$af}'"); unlink("../avatars/" . $af); $query = yasDB_select("SELECT `avatarfile` FROM `user` WHERE `id` = '{$userid}'"); $useraf = $query->fetch_array(MYSQLI_ASSOC); if ($af == $useraf['avatarfile']) { yasDB_update("UPDATE user SET avatarfile = 'useruploads/noavatar.JPG' WHERE id = {$userid}"); echo 'useruploads/noavatar.JPG'; } else { echo $useraf['avatarfile']; } }
return false; } } else { return false; } } return true; } else { return false; } } $backup = db_backup(); if ($jobs['backup'][0] == 7) { $jobs['backup'][1] = $plus_week; } else { if ($jobs['backup'][0] == 30) { $jobs['backup'][1] = $plus_month; } else { $jobs['backup'][1] = $midnight_today; } } $message = $backup === true ? 'successful' : 'failed'; doLog("Database update " . $message . " - triggered by visitor " . $displayIp); } if ($update == 1) { $new_jobs = serialize($jobs); yasDB_update("UPDATE `settings` SET `jobs` = '{$new_jobs}' WHERE `id` = 1"); include $setting['sitepath'] . "/includes/settings_function.inc.php"; createConfigFile(); } $_SESSION['runjobs'] = 'no-go';
function install_playtomic($gameid) { $table = ''; $pre = 'ptomic'; global $mysqli; $categories = array('Action' => 2, 'Adventure' => 3, 'Strategy' => 10, 'Multiplayer' => 2, 'Puzzle' => 1, 'Rhythm' => 7, 'Shooter' => 5, 'Sports' => 4, 'Other' => 7, 'RPG' => 3, 'Arcade' => 9, 'Driving' => 4, 'Defense' => 10, 'Rhythm' => 7, 'Education' => 7, 'Gadgets' => 1, 'Fighting' => 2, 'Dress Up' => 8, 'Board Game' => 7, 'Pimp & Customize' => 8, 'Pimp & Customize' => 8); $query = yasDB_select("SELECT * FROM `playtomicfeed` WHERE `id` = '{$gameid}'", false); $result = $query->fetch_array(MYSQLI_ASSOC); $gamename = $result['name']; $thumburl = $result['thumburl']; $thumburl_200 = $result['thumbnail_200x200']; $screen1_thumb = ''; $screen2_thumb = ''; $screen3_thumb = ''; $screen4_thumb = ''; $gameurl = $result['gameurl']; $c = explode(",", $result['categories']); // Remove comma delimiter and seperate categories into array in order to insert single category. $category = $categories[$c[0]]; $slug = str_replace(array('-', '_'), '', $result['slug']); // Download and save game file $game_file = $pre . "_" . $slug . "." . GetFileExtension($result['gameurl']); $game_url = '../swf/' . $game_file; download_file($gameurl, $game_url); $gamefile = 'swf/' . $game_file; // Download and save 100x100 thumbnail pic $smallthumb = $pre . "_" . $slug . "." . GetFileExtension($result['thumburl']); $sm_thumb = '../img/' . $smallthumb; download_file($thumburl, $sm_thumb); $gamethumb = 'img/' . $smallthumb; // Download and save 200x200 thumbnail pic $gamethumb200 = ''; /*if(!empty($result['thumbnail_200x200']) || $type == 0) { $t_url = str_replace("..", "", $result['thumbnail_200x200']); $mediumthumb = $pre."_200_" . $slug . "." . GetFileExtension($result['thumbnail_200x200']); $med_thumb = '../img/' . $mediumthumb; download_file($t_url, $med_thumb); $gamethumb200 = 'img/' . $mediumthumb; } else { $gamethumb200 = ''; }*/ ///////////////////////////////////////////////////////////////////////////////////////////////// // Remove code comment to download the game screen images - depends on availabilty in the feed // ///////////////////////////////////////////////////////////////////////////////////////////////// /* // Download and save screen 1 pic if($result['screenthumburl1']) { $t_url = str_replace("..", "", $result['screenthumburl1']); $largethumb = $pre."_screen1_" . $slug . "." . GetFileExtension($result['screenthumburl1']); $screen1_thumb = '../img/' . $largethumb; download_file($t_url, $screen1_thumb); } // Download and save screen 2 pic if($result['screenthumburl2']) { $t_url = str_replace("..", "", $result['screenthumburl2']); $largethumb = $pre."_screen2_" . $slug . "." . GetFileExtension($result['screenthumburl2']); $screen2_thumb = '../img/' . $largethumb; download_file($t_url, $screen2_thumb); } // Download and save screen 3 pic if($result['screenthumburl3']) { $t_url = str_replace("..", "", $result['screenthumburl3']); $largethumb = $pre."_screen3_" . $slug . "." . GetFileExtension($result['screenthumburl3']); $screen3_thumb = '../img/' . $largethumb; download_file($t_url, $screen3_thumb); } // Download and save screen 4 pic if($result['screenthumburl2']) { $t_url = str_replace("..", "", $result['screenthumburl4']); $largethumb = $pre."_screen4_" . $slug . "." . GetFileExtension($result['screenthumburl4']); $screen4_thumb = '../img/' . $largethumb; download_file($t_url, $screen4_thumb); } */ $desc = yasDB_clean($result['description']); // Prep for DB insert $instructions = yasDB_clean($result['instructions']); $keywords = $result['keywords']; $keywords = yasDB_clean($keywords); $gamename = yasDB_clean($gamename); $gamefile = yasDB_clean($gamefile); $gamethumb = yasDB_clean($gamethumb); $height = $result['height']; $width = $result['width']; $query->close(); $query = yasDB_insert("INSERT INTO `games` (`id`, `title`, `description`, `instructions`, `keywords`, `file`, `height`, `width`, `category`, `plays`, `code`, `type`, `source`, `sourceid`, `thumbnail`, `thumbnail_200`, `screen1`, `screen2`, `screen3`, `screen4`) VALUES (NULL, '{$gamename}', '{$desc}', '{$instructions}', '{$keywords}', '{$gamefile}', '{$height}', '{$width}', {$category}, 0, '', 'SWF', 'PLAYTOMIC', {$gameid}, '{$gamethumb}', '{$gamethumb200}', '{$screen1_thumb}', '{$screen2_thumb}','{$screen3_thumb}','{$screen4_thumb}')", false); if (!$query) { echo 'Error updating Games database'; return false; } $query = yasDB_update("UPDATE `playtomicfeed` SET isinstalled = 1 WHERE id = '{$result['id']}'", false); if (!query) { echo 'Error updating $table database'; return false; } return true; }
$hobbies = yasDB_clean($_POST['hobbies']); $gender_radio = yasDB_clean($_POST['radio']); $month = yasDB_clean($_POST['DateOfBirth_Month']); $day = yasDB_clean($_POST['DateOfBirth_Day']); $year = yasDB_clean($_POST['DateOfBirth_Year']); $shhobs = yasDB_clean($_POST['shhobs']); $shloc = yasDB_clean($_POST['shloc']); $sheml = yasDB_clean($_POST['sheml']); $shname = yasDB_clean($_POST['shname']); $shabout = yasDB_clean($_POST['shabout']); $deact = yasDB_clean($_POST['deact']); $cmtsdisabled = yasDB_clean($_POST['cmtsdisabled']); if ($month == "-Month-" || $day == "-Day-" || $year == "-Year-") { $birthday = 0; } else { $birthday = strtotime($day . " " . $month . " " . $year); } if ($gender_radio == 'female') { $gender = 'female'; } elseif ($gender_radio == 'male') { $gender = 'male'; } else { $gender = ''; } if (isset($_SESSION['userid'])) { yasDB_update("UPDATE `user` SET website = '{$website}', name = '{$name}', email = '{$email}', location='{$location}', job='{$job}', aboutme='{$aboutme}', hobbies='{$hobbies}', shhobs = '{$shhobs}', cmtsdisabled = '{$cmtsdisabled}', shloc = '{$shloc}', sheml = '{$sheml}', shname = '{$shname}', shabout = '{$shabout}', deact = '{$deact}', birthday='{$birthday}', gender='{$gender}' WHERE id = '{$userid}'"); echo '<h2>Your profile has been updated.</h2>'; } else { echo '<h2>Invalid user detected.</h2>'; } }
include $setting['sitepath'] . '/templates/' . $setting['theme'] . '/adschedule.php'; $id = isset($_POST["id"]) ? yasDB_clean($_POST["id"]) : ''; $name = isset($_POST['name']) ? yasDB_clean($_POST['name']) : ''; $code = isset($_POST['code']) ? yasDB_clean(stripslashes($_POST['code'])) : ''; if (isset($_POST['edit_ads'])) { if ($id > 0 && $id < 12) { yasDB_update("UPDATE `ads` SET code = '{$code}' WHERE id = '{$id}'", false); } else { yasDB_update("UPDATE `ads` SET name = '{$name}', code = '{$code}' WHERE id = '{$id}'", false); } echo '<center>Updated!'; echo '<br><a href="index.php?act=ads">Click to continue.</a></center>'; } elseif (isset($_POST['delete_ad'])) { $id = $_REQUEST["id"]; if ($id > 0 && $id < 12) { yasDB_update("UPDATE ads SET code='Put AD code here' WHERE id = '{$id}'", false); } else { yasDB_delete("DELETE FROM ads WHERE id = '{$id}'", false); } echo '<center>The ad was deleted</center>'; echo '<center><br><a href="index.php?act=ads">Click to continue.</a></center>'; } else { echo '<br/>'; $ads = yasDB_select("SELECT * FROM `ads` ORDER BY id asc", false); while ($row = $ads->fetch_array(MYSQLI_ASSOC)) { $ad = '<?php '; $ad .= 'echo ad("' . $row['id'] . '");'; $ad .= ' ?>'; ?> <div class="table"> <img src="img/bg-th-left.gif" width="8" height="7" alt="" class="left" />
<?php include "db_functions.inc.php"; include "config.inc.php"; include "outputfile.php"; $get_id = intval($_GET['id']); $select_link = yasDB_select("SELECT `id`, `file` FROM `downgames` WHERE `id` = {$get_id}"); if ($select_link->num_rows == 1) { $result = $select_link->fetch_array(MYSQLI_ASSOC); yasDB_update("UPDATE `downgames` SET `downloadtimes` = `downloadtimes` + 1 WHERE id = {$result['id']}"); output_file($result['file'], basename($result['file'])); } $select_link->close();
<div class="top-bar"> <h1>Cpanel - Social</h1> <div class="breadcrumbs"><a href="index.php?act=socialids" title="Social IDs">Social IDs</a></div> </div><br /> <div class="select-bar"> <label> <h3>Social App IDs for Login</h3> </label> </div> <?php if (isset($_POST['edit_social'])) { $fbid = yasDB_clean($_POST['fbAppId']); $fbsecret = yasDB_clean($_POST['fbAppSecret']); $twid = yasDB_clean($_POST['twAppId']); $twsecret = yasDB_clean($_POST['twAppSecret']); yasDB_update("UPDATE `settings` SET `fb_app_id` = '{$fbid}', `fb_app_secret` = '{$fbsecret}', `tw_app_id` = '{$twid}', `tw_app_secret` = '{$twsecret}' WHERE id = 1", false); include "../includes/settings_function.inc.php"; createConfigFile(); echo '<center>Updated!'; echo '<br/><a href="index.php?act=socialids">Click to continue.</a></center>'; } else { echo '<br/>'; $query = yasDB_select("SELECT `fb_app_id`, `fb_app_secret`, `tw_app_id`, `tw_app_secret` FROM `settings` WHERE `id` = 1"); $social = $query->fetch_array(MYSQLI_ASSOC); ?> <div class="table"> <img src="img/bg-th-left.gif" width="8" height="7" alt="" class="left" /> <img src="img/bg-th-right.gif" width="7" height="7" alt="" class="right" /> <form name="app_ids" method="post" action="index.php?act=socialids"> <table class="listing form" cellpadding="0" cellspacing="0"> <tr>
<div id="center-column"> <div class="top-bar"> <a href="index.php?act=addlink" title="Add Link" class="button">ADD LINK</a> <h1>Cpanel - links</h1> <div class="breadcrumbs"><a href="index.php?act=general" title="Settings">Settings</a> / <a href="index.php?act=categories">Categories</a></div> </div><br /> <div class="select-bar"> <label> <h3>Manage links</h3> </label> </div> <?php if (isset($_POST['reset'])) { yasDB_update("UPDATE links SET `in` = '0', `out` = '0'", false); echo '<center>In/out successfully reset.<br />'; echo '<a href="index.php?act=links">Click here to proceed</a></center>'; } else { if (!empty($_GET['edit'])) { $query = yasDB_select("SELECT * FROM links WHERE id = '{$_GET['edit']}'", false); if ($query->num_rows == 0) { echo '<center>You cannot edit a link that doesnt exist.</center>'; } else { $row = $query->fetch_array(MYSQLI_ASSOC); ?> <div class="table"> <img src="img/bg-th-left.gif" width="8" height="7" alt="" class="left" /> <img src="img/bg-th-right.gif" width="7" height="7" alt="" class="right" /> <form name="edit" method="post" action="index.php?act=links"> <table class="listing form" cellpadding="0" cellspacing="0"> <tr> <th class="full" colspan="2">Edit - Link</th>