Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <center>
- <title>Village Wars</title>
- <?php
- include_once 'config.php';
- session_start();
- require "languages/index.lang.php";
- echo "<a href='index.php'><img src='images/banner.jpg'></a>"; //Banner
- ?>
- <link href="style.css" rel="stylesheet" type="text/css"/>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <?php
- echo "<div id='vwmain'>";
- if (isset($_POST['LOGIN-NOW']))
- {
- $player=$_POST['player'];
- $password=$_POST['password'];
- $player=strip_tags($player);
- $password=md5($password);
- $query = "select username,password from players where username='$player' and '$password'";
- $result = mysql_query($query) or die("Internal Error 432551 - Login Status: OFFLINE");
- $result2 = mysql_fetch_array($result);
- if ($result2)
- {
- $_SESSION['player']=$player;
- echo '<meta http-equiv="refresh" content="0; URL=index.php"></center>';
- }
- else
- {
- if($language)
- {
- echo "<h2>". $lang['LoginError1']['$language'] . "</h2>";
- }
- else
- {
- echo "<h2>" . $lang['LoginError1']['en'] . "</h2>";
- }
- echo '<meta http-equiv="refresh" content="2; URL=index.php">';
- }
- }
- else
- {
- if (isset($_SESSION['player']))
- {
- echo "</div>";
- $player=$_SESSION['player'];
- $info=mysql_fetch_array(mysql_query("SELECT * from players where username='$player'"));
- $language = $info['language'];
- $username = $info['username'];
- $gold = $info['gold'];
- }
- else
- {
- include 'register.php';
- include 'login.php';
- exit;
- }
- }
- $bypass = 0;
- include 'menu.php';
- echo '
- <div id="playerinfotop"><center>
- ' . $lang["Username"][$language] . ' ' . $player . ' ' . $lang["Gold"][$language] . ' ' . $gold . '
- </div></center>
- ';
- include 'pub.php';
- if(isset($_POST['readm']))
- {
- $bypass = 2;
- }
- else if(isset($_POST['apagar']))
- {
- $bypass = 3;
- }
- else if(isset($_POST['sendmessage']))
- {
- $bypass = 4;
- }
- echo '
- <div id="igactivemenu">';
- echo "<center>";
- if($bypass == 0)
- {
- echo"<br>
- <h2>" . $lang['Msg_New_Label'][$language] . "</h2>";
- echo '<form method="POST" action="messages.php">' .
- $lang['Msg_Username'][$language] . ' <br><input type="text" size="20" name="receiver"><br>' .
- $lang['Msg_Subject'][$language] . ' <br><input type="text" name="subject" size="20"><br>' .
- $lang['Msg_Message'][$language] . '<br><textarea rows="4" cols="40" name="message" ></textarea><br>
- <input type="hidden" name="sendmessage" value="1">
- <br><input type="submit" style="height:2.2em; width:5em;" value="' . $lang['Msg_Send'][$language] . '"></center></form>
- ';
- echo "<br><br><h3><center>" . $lang['Msg_Show'][$language] . "</center></h3>";
- $i=0;
- $query = mysql_query("SELECT * FROM `messages` WHERE `pid`='$player' ORDER BY date DESC");
- $result = mysql_fetch_array($query);
- $num = mysql_numrows($query);
- while ($i < $num ) {
- $subject = mysql_result($query,$i,"subject");
- $message = mysql_result($query,$i,"message");
- $date = mysql_result($query,$i,"date");
- $sender = mysql_result($query,$i,"sender");
- $read = mysql_result($query,$i,"readm");
- $randid = mysql_result($query,$i,"randid");
- echo "<center>";
- if($read)
- {
- //echo"<form target='blank' method='post' action='messages.php'><table border='1'>";
- echo"<form method='post' action='messages.php'><table border='1'>";
- echo "<tr><td>" . $lang['Msg_Date'][$language] . "" . $date . "</td><td>" . $subject . " " . $lang['Msg_New'][$language] . " </b> <td>
- " . $lang['Msg_From'][$language] . "" . $sender . "</td><td>
- <input type='hidden' name='readm' value='1'>
- <input type='hidden' name='msgid' value='$randid'>
- <input type='submit' value='" .$lang['Read'][$language] . "'></form>
- <form method='post' action='messages.php'>
- <input type='hidden' name='msgid' value='$randid'>
- <input type='hidden' name='apagar' value='1'>
- <input type='submit' value='" .$lang['Delete'][$language] . "'></form>
- </td></tr>";
- }
- else
- {
- echo"<form method='post' action='messages.php'><table border='1'>";
- echo "<tr><td>" . $lang['Msg_Date'][$language] . "" . $date . "</td><td>" . $subject . "<td>
- " . $lang['Msg_From'][$language] . "" . $sender . "</td><td>
- <input type='hidden' name='readm' value='1'>
- <input type='hidden' name='msgid' value='$randid'>
- <input type='submit' value='" .$lang['Read'][$language] . "'></form>
- <form method='post' action='messages.php'>
- <input type='hidden' name='msgid' value='$randid'>
- <input type='hidden' name='apagar' value='1'>
- <input type='submit' value='" .$lang['Delete'][$language] . "'></form>
- </td></tr>";
- }
- $i++;
- }
- }
- else if($bypass == 2) //Read message
- {
- $msgid = $_POST['msgid']; //Message ID
- $checkmsg=mysql_fetch_array(mysql_query("SELECT * from messages where randid='$msgid'"));
- if($checkmsg)
- {
- $readITnOW=mysql_query("UPDATE messages SET readm=0 where randid='$msgid'");
- $assunto = $checkmsg['subject'];
- $message = $checkmsg['message'];
- $date = $checkmsg['date'];
- $sender = $checkmsg['sender'];
- echo "<div id='msgs'>";
- echo "<br><center>" . $lang['Msg_Subject'][$language] . $assunto;
- echo "<br>" . $lang['Msg_Date'][$language] . ": " .$date;
- echo "<br>" . $lang['Msg_Sender'][$language] . ": " . $sender;
- echo "<br>" . $lang['Msg_Message'][$language] . ": " .$message;
- echo "<br><br>" . $lang['Msg_GoBack'][$language];
- }
- else
- {
- echo $lang['Msg_Error_NoMessage'][$language];
- }
- }
- else if($bypass == 3)
- {
- $msgid = $_POST['msgid']; //Message ID
- $checkmsg=mysql_fetch_array(mysql_query("SELECT * from messages where randid='$msgid'"));
- if($checkmsg)
- {
- $delete=mysql_query("DELETE FROM `messages` WHERE randid='$msgid'");
- echo $lang['Msg_Deleted'][$language];
- }
- else
- {
- echo $lang['Msg_Error_NoMessage'][$language];
- }
- }
- else if($bypass == 4)
- {
- $message = $_POST['message'];
- $subject = $_POST['subject'];
- $receiver = $_POST['receiver'];
- if(strlen($subject)<20)
- {
- if(strlen($message) < 150)
- {
- $checkexist=mysql_fetch_array(mysql_query("SELECT username from players where username='$receiver'"));
- if($checkexist)
- {
- $pmban = $info['pmban'];
- if($pmban == 0)
- {
- $randid = rand(1, 99999);
- mysql_query("INSERT into messages (pid, subject, message, randid, sender) VALUES ('$receiver', '$subject', '$message', '$randid', '$username')") or die("<center>Internal Error 3539<br>Consulta a página de ajuda para mais informações sobre o erro.<br><a href='index.php'>Voltar</a>");
- echo"<h3><center>" . $lang['Msg_Sent'][$language] . "!</h3>";
- echo '<meta http-equiv="refresh" content="2; URL=messages.php">';
- echo "<h6>" . $lang['Msg_Refresh'][$language] . "</h6>";
- }
- else
- {
- echo "<h3><center>" . $lang['Msg_Ban'][$language] . "</h3>";
- }
- }
- else
- {
- echo "<h3><center>" . $lang['Msg_NoUser'][$language] . "</h3>";
- }
- }
- else
- {
- echo "<h3><center>" . $lang['Msg_Size'][$language] . "</h3>";
- echo '<meta http-equiv="refresh" content="2; URL=messages.php">';
- echo "<h6>" . $lang['Msg_Refresh'][$language] . "</h6>";
- }
- }
- else
- {
- echo "<h3><center>" . $lang['Msg_Size'][$language] . "</h3>";
- echo '<meta http-equiv="refresh" content="2; URL=messages.php">';
- echo "<h6>" . $lang['Msg_Refresh'][$language] . "</h6>";
- }
- }
- ?>
Add Comment
Please, Sign In to add comment