<?php
defined('AVARCADE_') or die('');
if (isset($_GET['id'])) {
if ($user['login_status'] == 1) {
$last_comment = mysql_query("SELECT last_pm FROM ava_users WHERE id = {$user['id']} AND last_pm > NOW() - INTERVAL 1 MINUTE");
if (mysql_num_rows($last_comment) == '0' || $user['admin'] == 1) {
if (isset($_GET['done'])) {
if ($_POST['message_title'] == "") {
$subject = PM_NO_SUBJECT;
} else {
$subject = mysql_secure($_POST['message_title']);
}
$message = mysql_secure($_POST['message']);
SendPM($subject, $message, $id);
$date = date("Y-m-d H:i:s");
mysql_query("UPDATE ava_users SET last_pm = '{$date}' WHERE id = {$user['id']}") or die(mysql_error());
echo PM_MESSAGE_SENT . '<br /><br />
<a href="' . $setting['site_url'] . '/index.php?task=profile&id=' . $id . '">' . PM_RETURN_TO_PROFILE . '</a><br />
<a href="' . $setting['site_url'] . '/index.php?task=messages">' . PM_RETURN_TO_INBOX . '</a>';
$subject = secure($_POST['message_title']);
$message = secure($_POST['message']);
$to_user = mysql_fetch_array(mysql_query("SELECT username,email,email_new_message from ava_users WHERE id = {$id}"));
$data = array('to_username' => $to_user['username'], 'email_address' => $to_user['email'], 'from_username' => $user['username'], 'from_avatar' => $user['avatar'], 'message' => $message, 'message_title' => $subject, 'subject' => $user['username'] . ' ' . EMAIL_MESSAGE_INTRO, 'send_email' => $to_user['email_new_message']);
if ($setting['seo_on'] != 0) {
$data['message_url'] = $setting['site_url'] . '/messages';
} else {
$data['message_url'] = $setting['site_url'] . '/?task=messages';
}
SendEmail($data, 'new_message');
} else {
if ($leaderboard_id == 'latest') {
$score = mysql_query("SELECT * FROM ava_highscores WHERE user = {$user['id']} AND game = {$game_id} ORDER BY id DESC LIMIT 1");
$highscore = mysql_fetch_array($score);
$leaderboard = mysql_fetch_array(mysql_query("SELECT * FROM ava_leaderboards WHERE leaderboard_id = '{$highscore['leaderboard']}' AND game_id = {$game_id}"));
} else {
$leaderboard = mysql_fetch_array(mysql_query("SELECT * FROM ava_leaderboards WHERE leaderboard_id = '{$leaderboard_id}' AND game_id = {$game_id}"));
$score = mysql_query("SELECT * FROM ava_highscores WHERE user = {$user['id']} AND game = {$game_id} AND leaderboard = '{$leaderboard_id}' ORDER BY score {$leaderboard['order_by']} LIMIT 1");
$highscore = mysql_fetch_array($score);
}
$already_challenged = mysql_result(mysql_query("SELECT COUNT(*) as Num FROM ava_messages WHERE highscore_game_id = {$highscore['game']}"), 0);
if ($already_challenged == 0) {
$game = mysql_fetch_array(mysql_query("SELECT * FROM ava_games WHERE id = {$game_id}"));
$subject = CHALLENGE_PM_SUBJECT1 . " {$highscore['score']} " . CHALLENGE_PM_SUBJECT2 . " {$game['name']}";
$game_thumbnail = GameImageUrl($game['image'], $game['import'], $game['url']);
$game_url = GameUrl($game['id'], $game['seo_url'], $game['category_id']);
$get_to_user = mysql_query("SELECT * FROM ava_users WHERE id= {$friend_id}");
$to_user = mysql_fetch_array($get_to_user);
$message = CHALLENGE_PM_GREETING1 . ' ' . $to_user['username'] . ', ' . $user['username'] . ' ' . CHALLENGE_PM_GREETING2 . '
<div class="challenge_pm_container">
<div class="challenge_pm_image"><img src="' . $game_thumbnail . '" width="80" height="80"/></div>
<div class="challenge_pm_info"><b>' . GAME . '</b>: <a href="' . $game_url . '">' . $game['name'] . '</a><br /><b>' . LEADERBOARD . '</b>: ' . $leaderboard['leaderboard_name'] . '<br /><b>' . HIGHSCORE_SCORE . '</b>: ' . $highscore['score'] . '</div>
</div>';
SendPM($subject, $message, $friend_id, $game['id']);
mysql_query("UPDATE ava_users SET points = points + {$setting['points_challenge']} WHERE id = {$user['id']}");
$data = array('to_username' => $to_user['username'], 'email_address' => $to_user['email'], 'from_username' => $user['username'], 'from_avatar' => $user['avatar'], 'subject' => $user['username'] . ' ' . CHALLENGE_PM_GREETING2, 'send_email' => $to_user['email_new_message'], 'game_name' => $game['name'], 'game_url' => $game_url, 'game_image' => $game_thumbnail, 'leaderboard_name' => $leaderboard['leaderboard_name'], 'score' => $highscore['score']);
SendEmail($data, 'highscore_challenge');
echo "({success: 1, message: '" . addslashes(N_POINTS_EARNED1) . " <span style=\"font-weight:bold;\">{$setting['points_challenge']} " . addslashes(N_POINTS_EARNED2) . "</span> " . addslashes(N_POINTS_EARNED_CHALLENGE) . "', points: {$setting['points_challenge']}})";
} else {
echo "({success: 0, message: 'You have already challenged that friend'})";
}
}
