API tools faq
paste
Guest User

Untitled

a guest
Dec 15th, 2018
194
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 7.32 KB | None | 0 0
raw download clone embed print report
  1. <center>
  2.  
  3. <title>Village Wars</title>
  4. <?php
  5. include_once 'config.php';
  6. session_start();
  7. require "languages/index.lang.php";
  8. echo "<a href='index.php'><img src='images/banner.jpg'></a>"; //Banner
  9. ?>
  10.  
  11. <link href="style.css" rel="stylesheet" type="text/css"/>
  12. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  13.  
  14. <?php
  15. echo "<div id='vwmain'>";
  16. if (isset($_POST['LOGIN-NOW']))
  17. {
  18.   $player=$_POST['player'];
  19.   $password=$_POST['password'];
  20.   $player=strip_tags($player);
  21.   $password=md5($password);
  22.  
  23.  
  24.   $query = "select username,password from players where username='$player' and '$password'";
  25.   $result = mysql_query($query) or die("Internal Error 432551 - Login Status: OFFLINE");
  26.   $result2 = mysql_fetch_array($result);
  27.   if ($result2)
  28.   {
  29.     $_SESSION['player']=$player;
  30.     echo '<meta http-equiv="refresh" content="0; URL=index.php"></center>';
  31.   }
  32.   else
  33.   {
  34.   if($language)
  35.   {
  36.   echo "<h2>". $lang['LoginError1']['$language'] . "</h2>";
  37.   }
  38.   else
  39.   {
  40.   echo "<h2>" . $lang['LoginError1']['en'] . "</h2>";
  41.   }
  42.  
  43.     echo '<meta http-equiv="refresh" content="2; URL=index.php">';
  44.   }
  45. }
  46. else
  47. {
  48.  
  49.  
  50. if (isset($_SESSION['player']))
  51. {
  52. echo "</div>";
  53.  
  54.   $player=$_SESSION['player'];
  55.   $info=mysql_fetch_array(mysql_query("SELECT * from players where username='$player'"));
  56.   $language = $info['language'];
  57.   $username = $info['username'];
  58.   $gold = $info['gold'];
  59.  
  60. }
  61. else
  62. {
  63.  
  64. include 'register.php';
  65. include 'login.php';
  66.  
  67. exit;
  68. }
  69. }
  70.  
  71. $bypass = 0;
  72. include 'menu.php';
  73.  
  74.  
  75. echo '
  76. <div id="playerinfotop"><center>
  77. ' . $lang["Username"][$language] . '&nbsp;' . $player . '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;' . $lang["Gold"][$language] . '&nbsp;' . $gold . '
  78. </div></center>
  79. ';
  80.  
  81.  
  82.  
  83.  
  84. include 'pub.php';
  85.  
  86. if(isset($_POST['readm']))
  87. {
  88.     $bypass = 2;
  89. }
  90. else if(isset($_POST['apagar']))
  91. {
  92.     $bypass = 3;
  93. }
  94. else if(isset($_POST['sendmessage']))
  95. {
  96.     $bypass = 4;
  97. }
  98.  
  99. echo '
  100. <div id="igactivemenu">';
  101. echo "<center>";
  102. if($bypass == 0)
  103. {
  104. echo"<br>
  105. <h2>" . $lang['Msg_New_Label'][$language] . "</h2>";
  106. echo '<form method="POST" action="messages.php">' .
  107. $lang['Msg_Username'][$language] . '&nbsp;<br><input type="text" size="20" name="receiver"><br>' .
  108. $lang['Msg_Subject'][$language] . '&nbsp;<br><input type="text" name="subject" size="20"><br>' .
  109. $lang['Msg_Message'][$language] . '<br><textarea rows="4" cols="40" name="message" ></textarea><br>
  110. <input type="hidden" name="sendmessage" value="1">
  111. <br><input type="submit" style="height:2.2em; width:5em;" value="' . $lang['Msg_Send'][$language] . '"></center></form>
  112. ';
  113.  
  114.  
  115. echo "<br><br><h3><center>" . $lang['Msg_Show'][$language] . "</center></h3>";
  116.  
  117. $i=0;
  118.  $query = mysql_query("SELECT * FROM `messages` WHERE `pid`='$player' ORDER BY date DESC");
  119.     $result = mysql_fetch_array($query);
  120.    
  121.     $num = mysql_numrows($query);
  122.    
  123.    
  124.     while ($i < $num ) {
  125.  
  126.     $subject = mysql_result($query,$i,"subject");
  127.     $message = mysql_result($query,$i,"message");
  128.     $date = mysql_result($query,$i,"date");
  129.     $sender = mysql_result($query,$i,"sender");
  130.     $read = mysql_result($query,$i,"readm");
  131.     $randid = mysql_result($query,$i,"randid");
  132.     echo "<center>";
  133.     if($read)
  134.     {
  135.         //echo"<form target='blank' method='post' action='messages.php'><table border='1'>";
  136.         echo"<form method='post' action='messages.php'><table border='1'>";
  137.         echo "<tr><td>" . $lang['Msg_Date'][$language] . "" . $date . "</td><td>" . $subject . " " . $lang['Msg_New'][$language] . " &nbsp;&nbsp;</b> <td>
  138.         " . $lang['Msg_From'][$language] . "" . $sender . "</td><td>
  139.         <input type='hidden' name='readm' value='1'>
  140.         <input type='hidden' name='msgid' value='$randid'>
  141.         <input type='submit' value='" .$lang['Read'][$language] . "'></form>   
  142.  
  143.         <form method='post' action='messages.php'>
  144.         <input type='hidden' name='msgid' value='$randid'>
  145.         <input type='hidden' name='apagar' value='1'>
  146.         <input type='submit' value='" .$lang['Delete'][$language] . "'></form>
  147.        
  148.         </td></tr>";
  149.     }
  150.     else
  151.     {
  152.         echo"<form method='post' action='messages.php'><table border='1'>";
  153.        
  154.         echo "<tr><td>" . $lang['Msg_Date'][$language] . "" . $date . "</td><td>" . $subject . "<td>
  155.         " . $lang['Msg_From'][$language] . "" . $sender . "</td><td>
  156.         <input type='hidden' name='readm' value='1'>
  157.         <input type='hidden' name='msgid' value='$randid'>
  158.         <input type='submit' value='" .$lang['Read'][$language] . "'></form>   
  159.  
  160.         <form method='post' action='messages.php'>
  161.         <input type='hidden' name='msgid' value='$randid'>
  162.         <input type='hidden' name='apagar' value='1'>
  163.         <input type='submit' value='" .$lang['Delete'][$language] . "'></form>
  164.        
  165.         </td></tr>";
  166.     }
  167.    
  168.    
  169.     $i++;  
  170. }
  171. }
  172. else if($bypass == 2) //Read message
  173. {
  174. $msgid = $_POST['msgid']; //Message ID
  175.  
  176. $checkmsg=mysql_fetch_array(mysql_query("SELECT * from messages where randid='$msgid'"));
  177.    
  178.     if($checkmsg)
  179.     {
  180.         $readITnOW=mysql_query("UPDATE messages SET readm=0 where randid='$msgid'");
  181.        
  182.         $assunto = $checkmsg['subject'];
  183.         $message = $checkmsg['message'];
  184.         $date = $checkmsg['date'];
  185.         $sender = $checkmsg['sender'];
  186.         echo "<div id='msgs'>";
  187.         echo "<br><center>" . $lang['Msg_Subject'][$language] . $assunto;
  188.         echo "<br>" . $lang['Msg_Date'][$language] . ": " .$date;
  189.         echo "<br>" . $lang['Msg_Sender'][$language] . ": " . $sender;
  190.         echo "<br>" . $lang['Msg_Message'][$language] . ": " .$message;    
  191.         echo "<br><br>" . $lang['Msg_GoBack'][$language];
  192.     }
  193.     else
  194.     {
  195.         echo $lang['Msg_Error_NoMessage'][$language];
  196.     }
  197. }
  198. else if($bypass == 3)
  199. {
  200. $msgid = $_POST['msgid']; //Message ID
  201.  
  202. $checkmsg=mysql_fetch_array(mysql_query("SELECT * from messages where randid='$msgid'"));
  203.    
  204.     if($checkmsg)
  205.     {
  206.         $delete=mysql_query("DELETE FROM `messages` WHERE randid='$msgid'");
  207.         echo $lang['Msg_Deleted'][$language];
  208.     }
  209.     else
  210.     {
  211.         echo $lang['Msg_Error_NoMessage'][$language];
  212.     }
  213. }
  214. else if($bypass == 4)
  215. {
  216.     $message = $_POST['message'];
  217.     $subject = $_POST['subject'];
  218.     $receiver = $_POST['receiver'];
  219.    
  220.     if(strlen($subject)<20)
  221.     {
  222.  
  223.     if(strlen($message) < 150)
  224.     {
  225.         $checkexist=mysql_fetch_array(mysql_query("SELECT username from players where username='$receiver'"));
  226.         if($checkexist)
  227.         {
  228.             $pmban = $info['pmban'];
  229.             if($pmban == 0)
  230.             {
  231.        
  232.                 $randid = rand(1, 99999);
  233.    
  234.    
  235.                 mysql_query("INSERT into messages (pid, subject, message, randid, sender) VALUES ('$receiver', '$subject', '$message', '$randid', '$username')") or die("<center>Internal Error 3539<br>Consulta a p&aacute;gina de ajuda para mais informa&ccedil;&otilde;es sobre o erro.<br><a href='index.php'>Voltar</a>");
  236.    
  237.                 echo"<h3><center>" . $lang['Msg_Sent'][$language] . "!</h3>";
  238.                 echo '<meta http-equiv="refresh" content="2; URL=messages.php">';
  239.                 echo "<h6>" . $lang['Msg_Refresh'][$language] . "</h6>";
  240.            
  241.    
  242.             }
  243.             else
  244.             {
  245.                 echo "<h3><center>" . $lang['Msg_Ban'][$language] . "</h3>";
  246.             }
  247.         }
  248.         else
  249.         {
  250.             echo "<h3><center>" . $lang['Msg_NoUser'][$language] . "</h3>";
  251.         }
  252.    
  253.     }
  254.     else
  255.     {
  256.         echo "<h3><center>" . $lang['Msg_Size'][$language] . "</h3>";
  257.         echo '<meta http-equiv="refresh" content="2; URL=messages.php">';
  258.         echo "<h6>" . $lang['Msg_Refresh'][$language] . "</h6>";
  259.     }
  260.     }
  261.     else
  262.     {
  263.         echo "<h3><center>" . $lang['Msg_Size'][$language] . "</h3>";
  264.         echo '<meta http-equiv="refresh" content="2; URL=messages.php">';
  265.         echo "<h6>" . $lang['Msg_Refresh'][$language] . "</h6>";
  266.     }
  267. }
  268.  
  269.  
  270.  
  271.  
  272. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!