API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 21st, 2018
56
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 23.57 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. $acc_ount = addslashes($_SESSION['accno']);
  3. $pass_word = addslashes($_SESSION['password']);
  4. if(!isset($_GET['site']))
  5. {
  6. if(!isset($_SESSION['login']))
  7. {
  8. echo"<center><h2>Aby doładować konto musisz być zalogowany!</h2><br />Aby się zalogować <a href='account'>kliknij Tutaj</a></center>";
  9.  
  10. } else {
  11.  
  12. $offer = array(array());
  13.  
  14. $login_pos = "307;254;9";
  15.  
  16. $offer[0]['offer_type'] = "item";
  17. $offer[0]['item_name'] = "100cc";
  18. $offer[0]['desc'] = 'Trochę kasy na początek się przyda.';
  19. $offer[0]['image'] = "<img src='/images/smsimages/coins.gif'>";
  20. $offer[0]['action_id'] = 6055;
  21. $offer[0]['points'] = 215;
  22.  
  23. $offer[1]['offer_type'] = "item";
  24. $offer[1]['item_name'] = "Warlord Sword";
  25. $offer[1]['desc'] = '(Atk:60 Def:40) Sword it is Hero Players';
  26. $offer[1]['image'] = "<img src='./images/smsimages/warlord.gif'>";
  27. $offer[1]['action_id'] = 10002;
  28. $offer[1]['points'] = 685;
  29.  
  30. $offer[2]['offer_type'] = "item";
  31. $offer[2]['item_name'] = "Arbalest + Crystal Arrow";
  32. $offer[2]['desc'] = ', najlepsza kusza & strzała na D.B. World.';
  33. $offer[2]['image'] = "<img src='./images/smsimages/crystal_arrow.gif'>";
  34. $offer[2]['action_id'] = 10001;
  35. $offer[2]['points'] = 685;
  36.  
  37. $offer[3]['offer_type'] = "item";
  38. $offer[3]['item_name'] = "Blessed Rod";
  39. $offer[3]['desc'] = ', najlepsza rozga na D.B. World.';
  40. $offer[3]['image'] = "<img src='./images/itemseq/2437.gif'>";
  41. $offer[3]['action_id'] = 10003;
  42. $offer[3]['points'] = 685;
  43. /*
  44. $offer[3]['offer_type'] = "item";
  45. $offer[3]['item_name'] = "Dragon Scale Helmet";
  46. $offer[3]['desc'] = ', najlepszy helmet na D.B. World - Earth.';
  47. $offer[3]['image'] = "<img src='./images/smsimages/2506.gif'>";
  48. $offer[3]['action_id'] = 666;
  49. $offer[3]['points'] = 1475;
  50. */
  51. $offer[4]['offer_type'] = "item";
  52. $offer[4]['item_name'] = "Manarune";
  53. $offer[4]['desc'] = 'Manaruna ,która się nie kończy. Dodaje tyle samo co zwykła manaruna.';
  54. $offer[4]['image'] = "<img src='/images/smsimages/healrune.gif'>";
  55. $offer[4]['action_id'] = 6053;
  56. $offer[4]['points'] = 685;
  57.  
  58. $offer[5]['offer_type'] = "item";
  59. $offer[5]['item_name'] = "Addon Doll";
  60. $offer[5]['desc'] = 'Laleczka, którą można wymienić u NPC na Electry City.';
  61. $offer[5]['image'] = "<img src='/images/smsimages/addon_doll.gif'>";
  62. $offer[5]['action_id'] = 6089;
  63. $offer[5]['points'] = 685;
  64.  
  65. $offer[6]['offer_type'] = "item";
  66. $offer[6]['item_name'] = "Vip Island";
  67. $offer[6]['desc'] = ', bez tej mapy nie znajdziesz specjalnej wyspy.';
  68. $offer[6]['image'] = "<img src='./images/itemseq/6118.gif'>";
  69. $offer[6]['action_id'] = 6149;
  70. $offer[6]['points'] = 685;
  71.  
  72. $offer[7]['offer_type'] = "ban";
  73. $offer[7]['item_name'] = "Frag Remover";
  74. $offer[7]['desc'] = ', usuwanie RS-a nabytego przez fragi w grze.';
  75. $offer[7]['image'] = "<img src='./images/smsimages/frag.gif'>";
  76. $offer[7]['points'] = 215;
  77.  
  78. $offer[8]['offer_type'] = "item";
  79. $offer[8]['item_name'] = "Exp Ring";
  80. $offer[8]['desc'] = ' Dzięki temu ringowi otrzymasz 50% więcej expa za zabicie potwora. Czas trwania to 60min.';
  81. $offer[8]['image'] = "<img src='/images/smsimages/exp_ring.gif'>";
  82. $offer[8]['action_id'] = 6054;
  83. $offer[8]['points'] = 215;
  84.  
  85. $offer[9]['offer_type'] = "item";
  86. $offer[9]['item_name'] = "TP Runa";
  87. $offer[9]['desc'] = ' umozliwiajaca teleport do temple w kazdym momencie gry.';
  88. $offer[9]['image'] = "<img src='/images/smsimages/tprune.gif'>";
  89. $offer[9]['action_id'] = 10004;
  90. $offer[9]['points'] = 2000;
  91.  
  92. $offer[10]['offer_type'] = "item";
  93. $offer[10]['item_name'] = "Best EQ Pack";
  94. $offer[10]['desc'] = ' Umozliwia on wylosowanie kilku rare items spośród wszystkich innych';
  95. $offer[10]['image'] = "<img src='/images/itemseq/8110.gif'>";
  96. $offer[10]['action_id'] = 6090;
  97. $offer[10]['points'] = 685;
  98.  
  99. $offer[11]['offer_type'] = "namelock";
  100. $offer[11]['item_name'] = "Change Name";
  101. $offer[11]['desc'] = ' Zmiana nazwy postaci na inną';
  102. $offer[11]['image'] = "<img src='/images/smsimages/namelock.gif'>";
  103. $offer[11]['points'] = 1000;
  104.  
  105. $offerId = addslashes($_POST['offer']);
  106. $haslo = addslashes($_POST['haslo']);
  107. require_once "./cfg/connect.php";
  108. $shop_db = @new mysqli($host, $db_user, $db_password, $db_name);
  109. if($shop_db->connect_errno!=0)
  110. {
  111. echo "Error:".$shop_db->connect_errno;
  112. }
  113. $SQL = $shop_db->query(sprintf("SELECT * FROM `accounts` WHERE `accno`='%s' AND password='%s'",
  114. mysqli_real_escape_string($shop_db,$acc_ount),
  115. mysqli_real_escape_string($shop_db,$pass_word)));
  116. $jankesi = $SQL->fetch_assoc();
  117.  
  118. if($offer[$offerId]['offer_type'] == 'item'){
  119.  
  120. $nick = addslashes($_POST['nick']);
  121. $ilee = addslashes($_POST['ilee']);
  122. $item_id = addslashes($offer[$offerId]['item_id']);
  123. $action_id = addslashes($offer[$offerId]['action_id']);
  124.  
  125. $dbest = $shop_db->query(sprintf("SELECT * FROM `players` WHERE `name`='%s' AND account='%s'",
  126. mysqli_real_escape_string($shop_db,$nick),
  127. mysqli_real_escape_string($shop_db,$acc_ount)));
  128. $zasne = $shop_db->query(sprintf("SELECT * FROM `players` WHERE `name`='%s' AND account='%s'",
  129. mysqli_real_escape_string($shop_db,$nick),
  130. mysqli_real_escape_string($shop_db,$acc_ount)));
  131. $hoku = $dbest->num_rows;
  132. $ok = $zasne->fetch_assoc();
  133. if($hoku > 0){
  134. $joker = $shop_db->query(sprintf("SELECT * FROM `players` WHERE (account = '%s' AND name = '%s')",
  135. mysqli_real_escape_string($shop_db,$acc_ount),
  136. mysqli_real_escape_string($shop_db,$nick)));
  137.  
  138. $player = $joker->fetch_array();
  139. $kurwa = $player['id'];
  140. $auc = addslashes($offer[$offerId]['points']);
  141. $oblicznik = addslashes($jankesi['premiumPoints']-$auc);
  142. $action = addslashes("shop_login; Kupiles ". $offer[$offerId]['item_name'] ." za ".$offer[$offerId]['points']." punktow.");
  143. $action = htmlentities($action, ENT_QUOTES, "UTF-8");
  144. if($haslo != $pass_word){
  145. $_SESSION['e_haslo'] = "Podane hasło jest niepoprawne! ";
  146. }else if($jankesi['premiumPoints'] >= $offer[$offerId]['points']){
  147. if (!isset($_POST['rules']))
  148. {
  149. $wszystko_git=false;
  150. $_SESSION['e_haslo']="Potwierdz ,że wylogowałeś się z postaci <font color='orange'>".$nick."</font>.";
  151. }else{
  152.  
  153. if($ok['online'] == 1){
  154. $_SESSION['e_haslo'] = "Nie jesteś wylogowany na tej postaci.";
  155.  
  156. }else{
  157.  
  158. if($ok['level'] >= 8){
  159.  
  160.  
  161. $storage = $shop_db->query(sprintf("SELECT COUNT(*) FROM `playerstorage` WHERE `player` = '%s' AND `key` = '%s'",
  162. mysqli_real_escape_string($shop_db,$kurwa),
  163. mysqli_real_escape_string($shop_db,$action_id)));
  164. $qwerty = $storage->fetch_array()[0];
  165. if($qwerty > 0){
  166. for($x=1;$x<=$ilee;$x++){
  167. $values = addslashes(1);
  168. $shop_db->query(sprintf("UPDATE `playerstorage` SET `value` = `value` + 1 WHERE `player` = '%s' AND `key` = '%s'",
  169. mysqli_real_escape_string($shop_db,$kurwa),
  170. mysqli_real_escape_string($shop_db,$action_id)));
  171. $shop_db->query(sprintf("UPDATE `players` SET `pos` = '%s', `direction` = '0' WHERE `id` = '%s'",
  172. mysqli_real_escape_string($shop_db,$login_pos),
  173. mysqli_real_escape_string($shop_db,$kurwa)));
  174. $auc = $offer[$offerId]['points'];
  175. $shop_db->query(sprintf("UPDATE `accounts` SET `premiumPoints` = `premiumPoints`-'%s' WHERE accno='%s'",
  176. mysqli_real_escape_string($shop_db,$auc),
  177. mysqli_real_escape_string($shop_db,$acc_ount)));
  178.  
  179. $shop_db->query(sprintf("INSERT INTO `store` (`id`, `kupujacy`, `secondpoints`, `firstpoints`, `time`, `action`) VALUES (NULL, '%s', '%s', '%s', '".time()."', '%s')",
  180. mysqli_real_escape_string($shop_db,$acc_ount),
  181. mysqli_real_escape_string($shop_db,$auc),
  182. mysqli_real_escape_string($shop_db,$oblicznik),
  183. mysqli_real_escape_string($shop_db,$action)));
  184.  
  185. }
  186.  
  187.  
  188.  
  189. $_SESSION['u_storage'] = "Gratulacje! Wybrany przedmiot został dodany do Twojego konta.";
  190.  
  191.  
  192. }else{
  193.  
  194. $valuek = addslashes(1);
  195. $shop_db->query(sprintf("INSERT INTO `playerstorage` (`player`, `key`, `value`) VALUES ('%s', '%s', '%s')",
  196. mysqli_real_escape_string($shop_db,$kurwa),
  197. mysqli_real_escape_string($shop_db,$action_id),
  198. mysqli_real_escape_string($shop_db,$valuek)));
  199. $shop_db->query(sprintf("UPDATE `players` SET `pos` = '%s', `direction` = '0' WHERE `id` = '%s'",
  200. mysqli_real_escape_string($shop_db,$login_pos),
  201. mysqli_real_escape_string($shop_db,$kurwa)));
  202.  
  203. $shop_db->query(sprintf("UPDATE `accounts` SET `premiumPoints` = `premiumPoints`-'%s' WHERE accno='%s'",
  204. mysqli_real_escape_string($shop_db,$auc),
  205. mysqli_real_escape_string($shop_db,$acc_ount)));
  206. $shop_db->query(sprintf("INSERT INTO `store` (`id`, `kupujacy`, `secondpoints`, `firstpoints`, `time`, `action`) VALUES (NULL, '%s', '%s', '%s', '".time()."', '%s')",
  207. mysqli_real_escape_string($shop_db,$acc_ount),
  208. mysqli_real_escape_string($shop_db,$auc),
  209. mysqli_real_escape_string($shop_db,$oblicznik),
  210. mysqli_real_escape_string($shop_db,$action)));
  211.  
  212.  
  213.  
  214.  
  215.  
  216. $_SESSION['u_storage'] = "Gratulacje! Wybrany przedmiot został dodany do Twojego konta.";
  217.  
  218.  
  219.  
  220.  
  221. }
  222. }else{
  223. $_SESSION['e_haslo'] = "za maly level.";
  224.  
  225.  
  226. }
  227.  
  228. }
  229.  
  230. }
  231. }else{
  232. $_SESSION['e_haslo'] = "Nie posiadasz takiej ilości punktów.";
  233. }
  234.  
  235. }else{
  236. echo 'Postac musi nalerzeć do ciebie.';
  237.  
  238. }
  239.  
  240.  
  241. }
  242. else if($offer[$offerId]['offer_type'] == 'namelock')
  243. {
  244. if(($_POST['haslo'] == '' || $_POST['haslo'] != $pass_word))
  245. echo('<h2 style="color:#fff;">'.lang2("Błąd", "Error").' :</h2><h3 style="color:#fff;">'.lang2("Podane hasło jest nieprawidłowe", "Entered password is incorrect").'!</h3><a href="/shop">'.lang2("Powrót", "Return").'</a>');
  246. elseif(!isset($_POST['submit']))
  247. {
  248. $nick = addslashes($_POST['nick']);
  249. echo('<form action="/shop" method="POST">
  250. <input type="hidden" name="offer" value="'.$offerId.'">
  251. <input type="hidden" name="nick" value="'.$nick.'">
  252. <h2 style="color:#fff;" align="center">'.lang2("Zmień Nazwę Gracza", "Change Character Name").' :</h2>
  253. <table width="65%" cellspacing="1" cellpadding="5" border="0" align="center">
  254. <tr><td bgcolor="black" align="center"><b style="color:#fff;">'.lang2("Nazwa Gracza", "Character Name").' :</b></td><td bgcolor="black" align="center"><a href="index.php?id=info&act=players&char='.$nick.'">'.$nick.'</a></td></tr>
  255. <tr><td bgcolor="black" align="center"><b style="color:#fff;">'.lang2("Nowa Nazwa Gracza", "New Character Name").' :</b></td><td bgcolor="black" align="center"><input type="text" name="new" maxlength="20" required /></td></tr>
  256. <tr><td bgcolor="black" align="center"><b style="color:#fff;">'.lang2("Zmień", "Change").' :</b></td><td bgcolor="black" align="center"><input type="submit" name="submit" style="width: 40%; height: 25px" value="'.lang2("Zmień", "Change").'"></td></tr></table></center></br>
  257. <a href="index.php?id=account">'.lang2("Powrót", "Return").'</a>
  258. ');
  259. }
  260. else
  261. {
  262. $nick = addslashes($_POST['nick']);
  263. $new = addslashes($_POST['new']);
  264. $new = preg_replace('/\s+/', ' ', trim($new));
  265. $new = ucwords(strtolower($new));
  266.  
  267. $SQL = "SELECT `id` FROM `players` WHERE `name` = '".mysql_real_escape_string($nick)."' AND `account` = '".$acc_ount."'";
  268. $SQL = mysql_query($SQL);
  269.  
  270. if(preg_match("/^gm/i", $new)) $message = '<h2 style="color:#fff;">'.lang2("Błąd", "Error").' :</h2><h3 style="color:#fff;">'.lang2("Nie masz uprawnień bycia GM", "You are not allowed to be a GM").'!</h3><a href="/shop">'.lang2("Powrót", "Return").'</a>';
  271. else if(preg_match("/^gamemaster/i", $new)) $message = '<h2 style="color:#fff;">'.lang2("Błąd", "Error").' :</h2><h3 style="color:#fff;">'.lang2("Nie masz uprawnień bycia Game Master", "You are not allowed to be a Game Master").'!</h3><a href="/shop">'.lang2("Powrót", "Return").'</a>';
  272. else if(preg_match("/^god/i", $new)) $message = '<h2 style="color:#fff;">'.lang2("Błąd", "Error").' :</h2><h3 style="color:#fff;">'.lang2("Nie masz uprawnień bycia God", "You are not allowed to be a God").'!</h3><a href="/shop">'.lang2("Powrót", "Return").'</a>';
  273. else if(strlen($new) < 4) $message = '<h2 style="color:#fff;">'.lang2("Błąd", "Error").' :</h2><h3 style="color:#fff;">'.lang2("Nowa Nazwa jest zbyt krótka", "New name is too short").'.</h3><a href="index.php?id=shop_login">'.lang2("Powrót", "Return").'</a>';
  274. else if(strlen($new) > 20) $message = '<h2 style="color:#fff;">'.lang2("Błąd", "Error").' :</h2><h3 style="color:#fff;">'.lang2("Nowa Nazwa jest za długa", "New name is too long").'.</h3><a href="index.php?id=shop_login">'.lang2("Powrót", "Return").'</a>';
  275. else if(!preg_match("/^[a-zA-Z][a-zA-Z ]*$/", $new)) $message = '<h2 style="color:#fff;">'.lang2("Błąd", "Error").' :</h2><h3 style="color:#fff;">'.lang2("Nowa Nazwa zawiera niedozwolone znaki", "New name contains illegal characters").'.</h3><a href="index.php?id=shop_login">'.lang2("Powrót", "Return").'</a>';
  276. else
  277. {
  278. if (mysql_num_rows($SQL) > 0)
  279. {
  280. $player_id = mysql_result($SQL,0);
  281. $player2['account'] = mysql_result(mysql_query("SELECT `account` FROM `players` WHERE `id` = '".$player_id."' LIMIT 1"),0);
  282. $player['account'] = (int)$acc_ount;
  283. $account['points'] = mysql_result(mysql_query("SELECT `points` FROM `accounts` WHERE `accno` = '".$player['account']."' LIMIT 1"),0);
  284. $newplayer = mysql_result(mysql_query("SELECT `id` FROM `players` WHERE `name` = '".$new."' LIMIT 1"),0);
  285. $house = mysql_result(mysql_query("SELECT `houseid` FROM `houses` WHERE `owner` = '".$nick."' LIMIT 1"),0);
  286.  
  287. if((int)$player2['account'] != $player['account'])
  288. $message = '<h2 style="color:#fff;">'.lang2("Błąd", "Error").' :</h2><h3 style="color:#fff;">'.lang2("Postać musi należeć do Ciebie", "Character must belong to you").'.</h3><a href="index.php?id=shop_login">'.lang2("Powrót", "Return").'</a>';
  289. elseif($newplayer)
  290. $message = '<h2 style="color:#fff;">'.lang2("Błąd", "Error").' :</h2><h3 style="color:#fff;">'.lang2("Nazwa Gracza jest już zajęta", "Player name is already taken.").'.</h3><a href="index.php?id=shop_login">'.lang2("Powrót", "Return").'</a>';
  291. elseif($house)
  292. $message = '<h2 style="color:#fff;">'.lang2("Błąd", "Error").' :</h2><h3 style="color:#fff;">'.lang2("Postać nie może posiadać domku", "Character cannot have a house.").'.</font></h3><a href="index.php?id=shop_login">'.lang2("Powrót", "Return").'</a>';
  293. elseif((int)$account['points'] < (int)$offer[$offerId]['points'])
  294. $message = '<h2 style="color:#fff;">'.lang2("Błąd", "Error").' :</h2><h3 style="color:#fff;">'.lang2("Nie masz wystarczającej ilości Punktów Premium", "You do not have enough Premium Points").'.</h3><a href="index.php?id=buypoints" style="color:gold">['.lang2("KUP PUNKTY", "BUY POINTS").']</a><a href="index.php?id=shop_login">'.lang2("Powrót", "Return").'</a>';
  295. else
  296. {
  297. $plog = mysql_result(mysql_query("SELECT `logged` FROM `players` WHERE `name` = '".mysql_real_escape_string($nick)."' AND `account` = '".$acc_ount."' LIMIT 1"),0);
  298.  
  299. if((int)$plog == 1){
  300. $message = '<h2 style="color:#fff;">'.lang2("Błąd", "Error").' :</h2><h3 style="color:#fff;">'.lang2("Twoja postać musi być wylogowana", "This character must be logged off").'.</h3><a href="index.php?id=shop_login">'.lang2("Powrót", "Return").'</a>';
  301. } else {
  302. $SQL = mysql_query("UPDATE `players` SET `name` = '".$new."' WHERE `id` = '".$player_id."'");
  303. mysql_query("UPDATE `deathlist` SET `killer` = '".$new."' WHERE `killer` = '".$nick."'");
  304. if ($SQL) $message = '<h2 style="color:#fff;">'.lang2("Gratulacje", "Congratulations").' :</h2><h3 style="color:#fff;">'.lang2("Wybranej postaci została zmieniona Nazwa Gracza", "Chosen character player's name has been changed.").'.</h3><a href="index.php?id=shop_login">'.lang2("Powrót", "Return").'</a>';
  305. else $message = lang2("Błąd! Skontaktuj się z Supportem.", "Error! Contact with Support.");
  306.  
  307. $account['points'] -= (int)$offer[$offerId]['points'];
  308. mysql_query("UPDATE `accounts` SET `points` = '".$account['points']."' WHERE `accno` = '".$player['account']."'");
  309.  
  310. //$action = "shop_login;".lang2('Kupiłeś', 'You buy')." ".$offer[$offerId]['item_name']." ".lang2('za', 'for')." ".$offer[$offerId]['points']." ".lang2('punktów', 'points').".";
  311. //mysql_query("INSERT INTO `store` (`id`, `from`, `action`, `saldo`, `time`, `to`) VALUES (NULL, '". $player['account'] ."', '$action', '". $account['points'] ."', '".time()."', '". $player['account'] ."')") or die(mysql_error());
  312. }
  313. }
  314. }
  315. else
  316. $message = '<h2 style="color:#fff;">'.lang2("Błąd", "Error").' :</h2><h3 style="color:#fff;">'.lang2("Taka postać nie istnieje", "This character does not exists").'.</h3><a href="index.php?id=shop_login">'.lang2("Powrót", "Return").'</a>';
  317. }
  318. }
  319. }
  320. elseif($offer[$offerId]['offer_type'] == 'ban'){
  321. $nick_ban = addslashes($_POST['nick']);
  322. $item_id_ban = addslashes($offer[$offerId]['item_id']);
  323. $action_id_ban = addslashes($offer[$offerId]['action_id']);
  324.  
  325. $dbest_ban = $shop_db->query(sprintf("SELECT * FROM `players` WHERE `name`='%s' AND account='%s'",
  326. mysqli_real_escape_string($shop_db,$nick_ban),
  327. mysqli_real_escape_string($shop_db,$acc_ount)));
  328. $zasne_ban = $shop_db->query(sprintf("SELECT `online` FROM `players` WHERE `name`='%s' AND account='%s'",
  329. mysqli_real_escape_string($shop_db,$nick_ban),
  330. mysqli_real_escape_string($shop_db,$acc_ount)));
  331. $hoku_ban = $dbest_ban->num_rows;
  332. $ok_ban = $zasne_ban->fetch_assoc();
  333. if ($hoku_ban > 0){
  334. $pokers = $shop_db->query(sprintf("SELECT * FROM `players` WHERE (account = '%s' AND name = '%s')",
  335. mysqli_real_escape_string($shop_db,$acc_ount),
  336. mysqli_real_escape_string($shop_db,$nick_ban)));
  337.  
  338. $player_ban = $pokers->fetch_array();
  339. $kurwa_ban = $player_ban['id'];
  340. $auc = $offer[$offerId]['points'];
  341. $auc_ban = addslashes($offer[$offerId]['points']);
  342. $redsculltime = addslashes(0);
  343. $redskull = addslashes(0);
  344. $oblicznik_ban = addslashes($jankesi['premiumPoints']-$auc);
  345. $action_ban = addslashes("shop_login; Kupiles ". $offer[$offerId]['item_name'] ." za ".$offer[$offerId]['points']." punktow.");
  346. $action_ban = htmlentities($action_ban, ENT_QUOTES, "UTF-8");
  347. if($haslo != $pass_word){
  348. $_SESSION['e_haslo'] = "Podane hasło jest niepoprawne!";
  349. }if($jankesi['premiumPoints'] >= $offer[$offerId]['points']){
  350. if (!isset($_POST['rules']))
  351. {
  352. $wszystko_git=false;
  353. $_SESSION['e_haslo']="Potwierdz ,że wylogowałeś się z postaci <font color='orange'>".$nick_ban."</font>.";
  354. }else{
  355. if($ok_ban['online'] == 1){
  356. $_SESSION['e_haslo'] = "Nie jesteś wylogowany na tej postaci.";
  357.  
  358. }
  359. else{
  360. $shop_db->query(sprintf("UPDATE `players` SET `redskulltime` = '%s', `redskull` = '%s' WHERE `id` = '%s'",
  361. mysqli_real_escape_string($shop_db,$redsculltime),
  362. mysqli_real_escape_string($shop_db,$redskull),
  363. mysqli_real_escape_string($shop_db,$kurwa_ban)));
  364.  
  365. $shop_db->query(sprintf("UPDATE `accounts` SET `premiumPoints` = `premiumPoints`-'%s' WHERE accno='%s'",
  366. mysqli_real_escape_string($shop_db,$auc),
  367. mysqli_real_escape_string($shop_db,$acc_ount)));
  368. $shop_db->query(sprintf("INSERT INTO `store` (`id`, `kupujacy`, `secondpoints`, `firstpoints`, `time`, `action`) VALUES (NULL, '%s', '%s', '%s', '".time()."', '%s')",
  369. mysqli_real_escape_string($shop_db,$acc_ount),
  370. mysqli_real_escape_string($shop_db,$auc),
  371. mysqli_real_escape_string($shop_db,$oblicznik_ban),
  372. mysqli_real_escape_string($shop_db,$action_ban)));
  373. $_SESSION['u_storage'] = "Gratulacje! Twój Ban ,oraz fragi zostały usunięte.";
  374.  
  375.  
  376. }
  377.  
  378. }
  379. }else{
  380. $_SESSION['e_haslo'] = "Nie posiadasz takiej ilości punktów.";
  381. }
  382. }else{
  383. echo 'Postac musi nalerzeć do ciebie.';
  384. }
  385.  
  386. }
  387.  
  388. ?>
  389. <?php
  390.  
  391. ?>
  392. <center>
  393. Twoja liczba punktów premium to: <span style="FONT-WEIGHT:bold; color:#FF8C00"><?php echo addslashes($jankesi['premiumPoints']); ?></span><br>Twoja liczba zamrożonych punktów to: <span style="FONT-WEIGHT:bold; color:#FF8C00"><?php echo addslashes($jankesi['zam_points']); ?></span><br /><small><font color="red"><a href="sys_p">Co to zamrożone punkty?</a></font></small><br><br><a href="sms_shop"><span style="FONT-WEIGHT:bold; color:#FF8C00">[Doładuj punkty premium]</span></a><br><br>
  394. <a href="shop/history">[historia operacji]</a><br><br>
  395. <table width=490 border='0' cellpadding='0' cellspacing='1'>
  396. <tr align='center' style='background-color:#2f261f;' height='30px'>
  397. <td width=10%><b>Obrazek</b></td>
  398. <td width=50%><b>Przedmiot</b></td>
  399. <td width=20%><b>Wymagane punkty</b></td>
  400. </tr>
  401. <?php
  402. for($from=0;$from<count($offer);$from++){
  403. $id=$i+1;
  404. echo ($i % 2) ? "<tr style='height:30px;' bgcolor=\"".$config['site']['vdarkborder']."\">" : "<tr style='height:30px;' bgcolor=\"".$config['site']['lightborder']."\">" ;
  405.  
  406.  
  407. echo '
  408. <td style="text-align: center;padding:15px;" >'.$offer[$from]['image'].'</td>
  409. <td style="padding-left:5px;">
  410. <p><span style="FONT-WEIGHT:bold; color:#00ff00">'.$offer[$from]['item_name'].'</span> '.$offer[$from]['desc'].'</p>
  411. </td>
  412. <td style="text-align: center;"><b>'.$offer[$from]['points'].'</b></td>
  413.  
  414. ';
  415.  
  416. echo'
  417. </td>
  418. </tr>';
  419. $i++;
  420.  
  421. }
  422. echo '</table><br />';
  423. echo'<form action="shop" method="post">';
  424. echo'<h3>Wybierz Przedmiot:<br />';
  425. echo'<select class="typ_sms" name="offer">';
  426.  
  427. for($from=0;$from<count($offer);$from++){
  428. echo '<option value="'.$from.'">'.$offer[$from]['item_name'].'</option>';
  429. }
  430. echo '</select><br /><br />';
  431. echo'<h3>Wybierz Postać:<br />';
  432. echo '<select class="typ_sms" name="nick">
  433. ';
  434.  
  435. $keke = $shop_db->query(sprintf("SELECT * FROM `players` WHERE `account` = '%s'",
  436. mysqli_real_escape_string($shop_db,$acc_ount)));
  437. while($postki = $keke->fetch_array()){
  438. echo'<option value="'.$postki["name"].'">'.$postki["name"].'</option>';
  439. }
  440. echo'</select><br /><br />';
  441.  
  442.  
  443. echo '<h3>Wybierz ilość:<br />';
  444. echo '<select class="typ_sms" name="ilee">';
  445.  
  446. for($from=1;$from<=20;$from++){
  447. echo '<option value="'.$from.'">'.$from.'</option>';
  448. }
  449. echo'</select><br /><br />';
  450.  
  451.  
  452. echo'<input type="password" name="haslo" class="logins" placeholder="Your Password" maxlength="25" required /><br />
  453.  
  454. '; ?>
  455. <?php
  456. if(isset($_SESSION['e_haslo']))
  457. {
  458. echo '<font color="red">'.$_SESSION['e_haslo'].'</font><br />';
  459. unset($_SESSION['e_haslo']);
  460. }
  461. ?>
  462. <?php
  463. if(isset($_SESSION['u_storage']))
  464. {
  465. echo '<font color="green">'.$_SESSION['u_storage'].'</font><br />';
  466. unset($_SESSION['u_storage']);
  467. }
  468. ?>
  469. <br /><label><input type="checkbox" name="rules" />Akceptuje regulamin sklepu<br /> i oświadczam,że wylogowałem się z postaci.</label><br />
  470. <?php
  471. echo'<br />';
  472. echo'<button class="button">Kup Przedmiot</button>';
  473. echo'</form>';
  474. }
  475.  
  476.  
  477.  
  478. ?>
  479.  
  480.  
  481. </center>
  482. <?php
  483.  
  484.  
  485. } else {
  486. switch($_GET['site']){
  487. case "history":
  488. echo"<table width='100%' border='0' cellpadding='0' cellspacing='1'>";
  489. echo"<tr>";
  490. echo"<td style='background-color:#2f261f;' height='30px' align='center'width='20%'><b style='color:#fff;'>Data Operacji:</b></td>";
  491. echo"<td style='background-color:#2f261f;' height='30px' align='center'width='60%'><b style='color:#fff;'>Akcja:</b></td>";
  492. echo"<td style='background-color:#2f261f;' height='30px' align='center'width='20%'><b style='color:#fff;'>Stan Konta<br /><small> (po operacji):</small></b></td>";
  493. require_once "./cfg/connect.php";
  494. $condziurno = @new mysqli($host, $db_user, $db_password, $db_name);
  495. if ($condziurno->connect_error) {
  496. die('Error : ('. $condziurno->connect_errno .') '. $condziurno->connect_error);
  497. }
  498. $rezult = $condziurno->query(sprintf("SELECT * FROM `store` WHERE `kupujacy` = '%s' ORDER BY `time` DESC LIMIT 0,50",
  499. mysqli_real_escape_string($condziurno,$acc_ount)));
  500. while($zabojca = $rezult->fetch_assoc()){
  501. $akcja = explode(';', $zabojca['action']);
  502. $id=$i+1;
  503. echo ($i % 2) ? "<tr style='height:30px;' bgcolor=\"".$config['site']['vdarkborder']."\">" : "<tr style='height:30px;' bgcolor=\"".$config['site']['lightborder']."\">" ;
  504. echo '<td style="text-align:center; border: 1px solid #1b0e0e;">'.date("Y-m-d, H:i:s", $zabojca["time"]).'</td> ';
  505. if($akcja[0] == "prowizja" || $akcja[0] == "sell_char" || $akcja[0] == "add" || $akcja[0] == "shop" || $akcja[0] == "xsms" || $akcja[0] == "shop_login"){
  506. echo '<td style="text-align:center; border: 1px solid #1b0e0e;">'.$akcja[1].'</td> ';
  507. }
  508. echo '<td style="text-align:center;border: 1px solid #1b0e0e;">'.$zabojca["firstpoints"].'</td> ';
  509. echo'</tr>';
  510. $i++;
  511.  
  512. }
  513. echo'</table>';
  514. break;
  515.  
  516.  
  517.  
  518.  
  519. }
  520.  
  521. }
  522.  
  523.  
  524.  
  525.  
  526. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!