<html><head><title>Xero Storm</title></head><body bgcolor="#121212"><t

1. <html>
2. <head>
3. <title>Xero Storm</title>
4. </head>
5. <body bgcolor="#121212">
6. <table border="0" width="100%" height="100%" style="font-family: tahoma, verdana; font-size: 10pt; color: #FFFFFF;">
7. <tr><td align="center" valign="middle">
8. <a href="index.php"><img src="images/smoothgreybb/logo_hover.png" border="0" width="330" height="80"></a><br />
9. <?php
10. // ------------------------- //
11. // Config //
12.  
13. $shop_mysql_host = "localhost";
14. $shop_mysql_user = "xerostor_db";
15. $shop_mysql_pass = "lolboll(nejjagdriver)";
16. $shop_mysql_db = "xerostor_db";
17.  
18. // Styles //
19.  
20. $shop_s['item'] = "text-align: center;";
21. $shop_s['description'] = "text-align: left;";
22. $shop_s['table'] = "font-family: Tahoma, Verdana; font-size: 10pt; color: #FFFFFF; border: 1px solid #1a1a1a;";
23. $shop_s['price'] = "color: #FF0000;";
24. $shop_s['buynow'] = "color: #FFFF00";
25.  
26.  
27. // ----------------------------
28.  
29. // MySQL connect
30. $shop_con = mysql_connect($shop_mysql_host, $shop_mysql_user, $shop_mysql_pass);
31. mysql_select_db($shop_mysql_db, $shop_con);
32.  
33. // ----------------------------
34.  
35. $shop_mybbuser = mysql_real_escape_string($_COOKIE['mybbuser']);
36. $shop_mybbuser = explode("_", $shop_mybbuser);
37. $shop_uid = $shop_mybbuser[0];
38. $shop_loginkey = $shop_mybbuser[1];
39. mysql_query("SELECT * FROM mybb_users WHERE uid = '".$shop_uid."' AND loginkey = '".$shop_loginkey."'");
40. if (mysql_affected_rows() < 1) {
41. exit("You have to be logged in to use the shop.<br />\n<a href=\"index.php\">Login</a>");
42. }
43.  
44. function sendPM($toid, $fromid, $subject, $message) { // Send PM function
45. $mybbpms = 'mybb_privatemessages';
46. $mybbpmusers = 'mybb_users';
47. $recipients = serialize(array("to" => array($toid)));
48. $time = time();
49. mysql_query("INSERT into $mybbpms(uid,toid,fromid,recipients,folder,subject,message,dateline,status) VALUES('$fromid','$toid','$fromid','$recipients','2','$subject','$message','$time','1')");
50. mysql_query("INSERT into $mybbpms(uid,toid,fromid,recipients,folder,subject,message,dateline,receipt) VALUES('$toid','$toid','$fromid','$recipients','1','$subject','$message','$time','1')");
51. mysql_query("UPDATE $mybbpmusers SET `pmnotice` = 2 WHERE uid = '$toid'"); //update the pm notify! finally fuck!
52. mysql_query("UPDATE $mybbpmusers SET `unreadpms` = `unreadpms` +1 WHERE uid = '$toid'"); //update the pm notify! finally fuck!
53. }
54.  
55. if (!isset($_GET['action'])) $_GET['action'] = "items";
56.  
57. function genRandString() {
58. $chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
59. $string = "";
60. for ($i=0; $i<5; $i++) {
61. for($ii=0; $ii<4; $ii++) {
62. $string .= $chars[rand(0,strlen($chars)-1)];
63. }
64. if ($i !== 4) $string .= "-";
65. }
66. return $string;
67. }
68.  
69. $shop_q = mysql_query("SELECT * FROM mybb_users WHERE uid = '".$shop_uid."'"); // MySQL query
70. $shop_row = mysql_fetch_array($shop_q); // Fetch array
71.  
72. $shop_users_points = $shop_row['newpoints'];
73. $shop_key = md5($shop_uid."s5vkmG6ZwaJyyCav5h".$shop_row['my_post_key']);
74.  
75. echo "You currently have <b>".$shop_users_points."</b> on your account.<br /><br />\n\n";
76.  
77. switch($_GET['action']) {
78. case "items": // The items table
79. echo "<table border=\"1\" style=\"".$shop_s['table']."\" style=\"font-family: tahoma, verdana; font-size: 10pt; color: #FFFFFF;\">\n";
80. echo "<tr><td>&nbsp;</td><td width=\"500\"><b>Item name</b></td><td width=\"75\"><b>Price</b></td><td width=\"75\"><b>Stock</b><td width=\"75\"><b>Buy now</b></td></td>\n";
81. echo "<tr style=\"".$shop_s['item']."\"><td><img src=\"images/newpoints/default.png\"></td><td style=\"".$shop_s['description']."\"><b>Professional Upgrade</b><br />Use this item to upgrade yourself or another member to professional.</td><td style=\"".$shop_s['price']."\"><b>5000 P</b></td><td><b>Infinite</b><td><b><a href=\"shop.php?action=buy&item=professional_upgrade&shop_key=".$shop_key."\" style=\"".$shop_s['buynow']."\">Buy now</a></b></td></td></tr>\n";
82. echo "<tr style=\"".$shop_s['item']."\"><td><img src=\"images/newpoints/default.png\"></td><td style=\"".$shop_s['description']."\"><b>Group Creation Badge</b><br />Use this item to to create your own offical group.</td><td style=\"".$shop_s['price']."\"><b>10000 P</b></td><td><b>15</b><td><b><a href=\"shop.php?action=buy&item=group_creation_Badge&shop_key=".$shop_key."\" style=\"".$shop_s['buynow']."\">Buy now</a></b></td></td></tr>\n";
83. echo "<tr style=\"".$shop_s['item']."\"><td><img src=\"images/newpoints/default.png\"></td><td style=\"".$shop_s['description']."\"><b>Video Badge</b><br />With this item you can choose video of the day.</td><td style=\"".$shop_s['price']."\"><b>1000 P</b></td><td><b>15</b><td><b><a href=\"shop.php?action=buy&item=video_Badge&shop_key=".$shop_key."\" style=\"".$shop_s['buynow']."\">Buy now</a></b></td></td></tr>\n";
84. echo "</table>";
85. break;
86. case "buy":
87. if ($_GET['shop_key'] == $shop_key) { // Check if the shop key is valid
88. switch($_GET['item']) {
89. case "professional_upgrade": // ITEM: Professional Upgrade
90. if ($shop_users_points >= 5000) {
91. // Change usergroup and remove points from account
92. mysql_query("UPDATE mybb_users SET usergroup = 9, newpoints = newpoints - 5000 WHERE uid = ".$shop_uid);
93. // PM to eXore
94. sendPM(1, 373, "Purchase from point store", "User ID: ".$shop_uid." just purchased the item [b]Professional Upgrade[/b]!");
95. // PM to buyer
96. sendPM($shop_uid, 373, "Purchase from point store", "Hello!\nYou just purchased a Professional Upgrade from the pointstore.\nYou have already been upgraded as you read this.\nContact eXore if you have any questions about the purchase.");
97. // Add 1500 credits to account
98. mysql_query("UPDATE mybb_users SET newpoints = newpoints + 1500 WHERE uid = ".$shop_uid);
99. // Echo thanks
100. echo "You are now upgraded!<br />Enjoy your new benefits of being a Professional member.<br /><br /><a href=\"shop.php\"><< Back to the shop</a>";
101. } else {
102. echo "Sorry, you do not have enough points to buy this item.<br /><br /><a href=\"shop.php\"><< Back to the shop</a>";
103. }
104. break;
105. case "group_creation_Badge": // ITEM: Group Creation Badge
106. if ($shop_users_points >= 10000) {
107. // Generate code
108. $store_Badge_code = genRandString();
109. // PM to eXore
110. sendPM(1, 373, "Purchase from point store", "User ID: ".$shop_uid." just purchased the item [b]Group Creation Badge[/b]!\nBadge code: ".$store_Badge_code);
111. // PM to buyer
112. sendPM($shop_uid, 373, "Purchase from point store", "Hello!\nYou just purchased a Group Creation Badge from the pointstore.\n\nYour Badge code is: ".$store_Badge_code."\n\nThis PM is just a notification that everything went good.\nContact eXore if you have any questions about the purchase.");
113. // Remove points from buyers account
114. mysql_query("UPDATE mybb_users SET newpoints = newpoints - 10000 WHERE uid = ".$shop_uid);
115. // Echo thanks
116. echo "Your purchase is completed!<br />You have been PMd your code.<br />When you want to create your group, just shout a PM to eXore with the<br />name of the group and your Badge code.<br /><br /><a href=\"shop.php\"><< Back to the shop</a>";
117. } else {
118. echo "Sorry, you do not have enough points to buy this item.<br /><a href=\"shop.php\"><< Back to the shop</a>";
119. }
120. break;
121. case "video_Badge": // ITEM: Video Badge
122. if ($shop_users_points >= 1000) {
123. // Generate code
124. $store_video_code = genRandString();
125. // PM to eXore
126. sendPM(1, 373, "Purchase from point store", "User ID: ".$shop_uid." just purchased the item [b]Video Badge[/b]!\nBadge code: ".$store_video_code);
127. // PM to buyer
128. sendPM($shop_uid, 373, "Purchase from point store", "Hello!\nYou just purchased a Video Badge from the pointstore.\n\nYour Badge code is: ".$store_video_code."\n\nThis PM is just a notification that everything went good.\nContact eXore if you have any questions about the purchase.");
129. // Remove points from buyers account
130. mysql_query("UPDATE mybb_users SET newpoints = newpoints - 1000 WHERE uid = ".$shop_uid); // Remove points from account
131. // Echo thanks
132. echo "Your purchase is completed!<br />You have been PMd your code.<br />When you want your video to be video of the day, just shout a PM to eXore with the<br />link to the video and your Badge code.<br /><br /><a href=\"shop.php\"><< Back to the shop</a>";
133. } else {
134. echo "Sorry, you do not have enough points to buy this item.<br /><a href=\"shop.php\"><< Back to the shop</a>";
135. }
136. break;
137. }
138. } else {
139. echo "Your shop-key is invalid.<br />If you really wanted to buy this item, please contact an admin.<br /><br /><a href=\"shop.php\"><< Back to the shop</a>";
140. }
141. break;
142. }
143.  
144. mysql_close($shop_con);
145. ?>
146. </td></tr>
147. </body>
148. </html>