<?php
require '../config/classes.php';
$class = new user_panel();
$admin_name = mysqli_real_escape_string($class->conexion(), $_POST['admin_name']);
$topic = mysqli_real_escape_string($class->conexion(), $_POST['topic']);
$type = mysqli_real_escape_string($class->conexion(), $_POST['type']);
$msghtml = $_POST['msghtml'];
$patch = '../messages/msg_' . substr(sha1(rand(1, 999)), 0, -30) . '.txt';
$date = date("Y-m-d H:i:s");
$sql = mysqli_query($class->conexion(), "INSERT INTO account.messages (text_src,type,admin_name,topic,datef) VALUES ('" . $patch . "','" . $type . "','" . $admin_name . "','" . $topic . "','" . $date . "')");
if ($sql) {
$file = fopen($patch, "w");
fwrite($file, $msghtml);
fclose($file);
return true;
} else {
return false;
}
<?php
session_start();
require "../config/classes.php";
$class = new user_panel();
$msg_id = mysqli_real_escape_string($class->conexion(), $_GET['id']);
$sql = mysqli_query($class->conexion(), "SELECT * FROM account.messages WHERE id='" . $msg_id . "'");
$rows = mysqli_fetch_array($sql, MYSQLI_ASSOC);
?>
<br>
<div class="well" style="width:90%; margin-left:5%;">
<?php
$class->update_msg($_SESSION['id']);
$file = fopen("" . $rows['text_src'] . "", "r");
while (!feof($file)) {
echo fgets($file);
}
fclose($file);
?>
</div>
<?php
session_start();
require '../config/classes.php';
$class = new user_panel();
$vnum = mysqli_real_escape_string($class->conexion(), $_GET['id']);
/// CAPTURAR IP DEL USUARIO
$ip = $_SERVER['REMOTE_ADDR'];
/////////////////////////////
/// CHECKEAR QUE EL ITEM ESTE DENTRO DE LA TABLA DE ITEMS EN VENTA
$check = mysqli_query($class->conexion(), "SELECT classid,prices,count,rebate from player.item_proto_shop WHERE vnum='" . $vnum . "'");
$rows = mysqli_fetch_array($check, MYSQLI_ASSOC);
if ($rows['classid']) {
$arr_pos = array(45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45, 45);
$exec = mysqli_query($class->conexion(), "SELECT pos,vnum from player.item WHERE owner_id='" . $_SESSION['id'] . "' and window='MALL' order by pos asc");
if ($exec) {
while ($rs = mysqli_fetch_array($exec, MYSQLI_ASSOC)) {
$fg = mysqli_query($class->conexion(), "SELECT size from player.item_proto where vnum='" . $rs['vnum'] . "'");
$size = mysqli_fetch_array($fg, MYSQLI_ASSOC);
for ($k = $size['size']; $k > 0; $k--) {
$x = $rs["pos"] + ($size['size'] - $k) * 5;
$arr_pos[$x] = $x;
}
}
$arr_i = 0;
$guj = mysqli_query($class->conexion(), "SELECT count(id) as count FROM player.item WHERE owner_id='" . $_SESSION['id'] . "'");
$rf = mysqli_fetch_array($guj, MYSQLI_ASSOC);
if ($rf['count']) {
$pos = 45;
} else {
$pos = 0;
<?php
require "../config/classes.php";
$class = new user_panel();
$idcat = mysqli_real_escape_string($class->conexion(), $_GET['idcat']);
?>
<style type="text/css">
table .titulo {
padding: 5px;
margin: 0px;
color:#6E6E6E;
text-decoration: underline;
font-size:12px;
}
table .description {
padding: 5px;
font-size:11px;
}
</style>
<div class="table-responsive" style="width:100%;">
<table width="100%" class="table table-condensed">
<tbody>
<?php
$class->get_items($idcat);
?>
</tbody>
</table>
</div>
<?php
session_start();
require "../config/classes.php";
$class = new user_panel();
$email = mysqli_real_escape_string($class->conexion(), $_POST['email']);
if ($_SESSION['login']) {
$class->newpass($_SESSION['email']);
}
<?php session_start(); require "../config/classes.php"; $mysql = new user_panel(); $oldpass = mysqli_real_escape_string($mysql->conexion(), $_POST['oldpass']); $newpass = mysqli_real_escape_string($mysql->conexion(), $_POST['newpass']); $token = mysqli_real_escape_string($mysql->conexion(), $_POST['token']); $mysql->updatepass($oldpass, $newpass, $token);
<?php
session_start();
require "../config/classes.php";
$move = new user_panel();
$pid = mysqli_real_escape_string($move->conexion(), $_POST['pid']);
if ($_SESSION['login']) {
$move->desbloq($pid);
}
