Erroe core.php

1. <?php
2.  
3. define("IN_HOLOCMS", TRUE);
4.  
5. session_start();
6.  
7. // #########################################################################
8. // Start the initalization process
9.  
10. @include('./data_classes.php');
11. @include('../data_classes.php');
12.  
13. // Launch the installer if needed
14. if(empty($sqlpassword) || empty($sqlusername) || empty($sqldb) || empty($sqlhostname)){
15.  
16. header("location:install.php");
17. exit;
18.  
19. } else {
20.  
21. if(file_exists('install.php') || file_exists('upgrade.php') && $bypass_check != true){
22.  
23. echo "Attenzione , ci sono dei file di installazione del CMS, rimuovili per continuare.";
24. exit;
25. }elseif(file_exists('check.php')){
26. header("location:check.php");
27. } else {
28.  
29. include('includes/mysql.php');
30.  
31. }
32.  
33. }
34.  
35. // #########################################################################
36. // Define the variables HoloCMS wants to use later on
37.  
38. $configsql = mysql_query("SELECT * FROM cms_system LIMIT 1") or die(mysql_error());
39. $config = mysql_fetch_assoc($configsql);
40.  
41. $remote_ip = $_SERVER[REMOTE_ADDR];
42. $sitename = $config['sitename'];
43. $shortname = $config['shortname'];
44.  
45. $ip = $config['ip'];
46. $port = $config['port'];
47. $mus = $config['mus'];
48.  
49. $variables = $config['variables'];
50. $texts = $config['texts'];
51. $override_variables = $config['override_variables'];
52. $override_texts = $config['override_texts'];
53. $productdata = $config['productdata'];
54. $furnidata = $config['furnidata'];
55. $base = $config['base'];
56. $habboswf = $config['habboswf'];
57. $loadtext = $config['loadtext'];
58.  
59. $maintenance = $config['site_closed'];
60. $adminpath = "".$path."/admin";
61.  
62. // TIME
63.  
64. $H = date('H');
65. $i = date('i');
66. $s = date('s');
67. $m = date('m');
68. $d = date('d');
69. $Y = date('Y');
70. $j = date('j');
71. $n = date('n');
72. $today = $d;
73. $month = $m;
74. $year = $Y;
75. $date_normal = date('d/m/Y',mktime($m,$d,$Y));
76. $date_reversed = date('Y/m/d', mktime($m,$d,$y));
77. $date_slim = date('d/m/Y - H:i',mktime($H,$i,$s,$m,$d,$Y));
78. $date_full = date('d/m/Y - H:i:s',mktime($H,$i,$s,$m,$d,$Y));
79. $date_time = date('H:i:s',mktime($H,$i,$s));
80. $date_hc = "".$j."-".$n."-".$Y."";
81. $regdate = $date_normal;
82. $s1ql = mysql_query("SELECT * FROM server_status LIMIT 1");
83. $r1ow = mysql_fetch_assoc($s1ql);
84. $online_count = $r1ow['users_online'];
85. $server_on_localhost = $config['localhost'];
86. $habboversion = "r63";
87. $forumid = FilterText($_GET['id']);
88. $analytics = HoloText($config['analytics'], true)."\n";
89.  
90. // #########################################################################
91.  
92. function edit_date($data , $full = false)
93. {
94. $xbits = explode(" ", $data);
95. $xdate = explode("-", $xbits[0]);
96. $mesi = array('01' => 'gen', '02' => 'feb', '03' => 'mar', '04' => 'apr', '05' => 'mag', '06' => 'giu', '07' => 'lug', '08' => 'ago', '09' => 'set', '10' => 'ott' , '11' => 'nov', '12' => 'dic');
97. if($full != true) { $data = "".$xdate[0]."-".strtr($xdate[1], $mesi)."-".$xdate[2]."";}else{ $data = "".$xdate[0]."-".strtr($xdate[1], $mesi)."-".$xdate[2]." ".$xbits[1]."";}
98. return $data;
99. }
100.  
101. function FetchServerSetting($strSetting, $switch = false){
102.  
103. $tmp = mysql_query("SELECT sval FROM system_config WHERE skey = '".$strSetting."' LIMIT 1") or die(mysql_error());
104. $tmp = mysql_fetch_assoc($tmp);
105.  
106. if($switch !== true){
107. return $tmp['sval'];
108. } elseif($switch == true && $tmp['sval'] == "1"){
109. return "Enabled";
110. } elseif($switch == true && $tmp['sval'] !== "1"){
111. return "Disabled";
112. }
113.  
114. }
115.  
116. // #########################################################################
117.  
118. function getContent($strKey){
119.  
120. $tmp = mysql_query("SELECT contentvalue FROM cms_content WHERE contentkey = '".FilterText($strKey)."' LIMIT 1") or die(mysql_error());
121. $tmp = mysql_fetch_assoc($tmp);
122. return $tmp['contentvalue'];
123.  
124. }
125.  
126. // #########################################################################
127.  
128. function getServer($value, $switch = false){
129.  
130. $sql = mysql_query("SELECT sval FROM system_config WHERE skey = '".$value."' LIMIT 1") or die(mysql_error());
131. $row = mysql_fetch_assoc($sql);
132.  
133. if($switch !== true){
134. return $row['sval'];
135. } else if($switch && $row['sval'] == "1"){
136. return "Attivato";
137. } else if($switch && $row['sval'] !== "1"){
138. return "Disattivato";
139. }
140.  
141. }
142.  
143. // #########################################################################
144. // If a user is logged out and has a 'remember me' cookie, validate the information
145. // in the cookie and log the user in if everything's valid.
146. // Please do not mess with this. It is a fairly simple process, but if it doesn't work
147. // properly it can cause a huge mess. Everything in this function is commented.
148.  
149. @include('./includes/inc.crypt.php');
150. @include('../includes/inc.crypt.php');
151. if(!session_is_registered(username) && $_COOKIE['remember'] == "remember"){
152.  
153. // Get variables stored in cookies;the username and sha1 hashed password
154. $cname = FilterText($_COOKIE['rusername']);
155. $cpass_hash = $_COOKIE['rpassword'];
156.  
157. // Now fetch the password that belongs to this user from the database
158. $csql = mysql_query("SELECT password FROM users WHERE username = '".$cname."' LIMIT 1") or die(mysql_error());
159. $cnum = mysql_num_rows($csql);
160.  
161. // If no results are returned (invalid username, destroy the cookie
162. if($cnum < 1){
163. setcookie("remember", "", time()-60*60*24*100, "/");setcookie("cookpass", "", time()-60*60*24*100, "/");
164. setcookie("rusername", "", time()-60*60*24*100, "/");setcookie("cookpass", "", time()-60*60*24*100, "/");
165. setcookie("rpassword", "", time()-60*60*24*100, "/");setcookie("cookpass", "", time()-60*60*24*100, "/");
166. } else {
167.  
168. // We found a user, now get his password and hash it
169. $crow = mysql_fetch_assoc($csql);
170. $correct_pass = $crow['password'];
171.  
172. // Check if the hashed database password and hash in the cookie match
173. // If no, destroy the cookie. If yes, log the user in.
174. if($cpass_hash == $correct_pass){
175. $_SESSION['username'] = $cname;
176. $_SESSION['password'] = $crow['password'];
177. mysql_query("UPDATE users SET last_online = UNIX_TIMESTAMP() WHERE username = '".$cname."'") or die(mysql_error());
178. header("Location: security_check.php");
179. exit;
180. } else {
181. setcookie("remember", "", time()-60*60*24*100, "/");setcookie("cookpass", "", time()-60*60*24*100, "/");
182. setcookie("rusername", "", time()-60*60*24*100, "/");setcookie("cookpass", "", time()-60*60*24*100, "/");
183. setcookie("rpassword", "", time()-60*60*24*100, "/");setcookie("cookpass", "", time()-60*60*24*100, "/");
184. }
185.  
186. }
187.  
188. }
189.  
190. // #########################################################################
191.  
192. function IsEven($intNumber)
193. {
194. if($intNumber % 2 == 0){
195. return true;
196. } else {
197. return false;
198. }
199. }
200.  
201. // #########################################################################
202.  
203. function bbcode_format($str){
204.  
205. // Parse smilies
206. if(HoloText(getContent('enable-smilies'), true) == "1"){
207. $str = str_replace(":)", " <img src='./web-gallery/smilies/smile.gif' alt='Smiley' title='Smiley' border='0'> ", $str);
208. $str = str_replace(";)", " <img src='./web-gallery/smilies/wink.gif' alt='Smiley' title='Smiley' border='0'> ", $str);
209. $str = str_replace(":P", " <img src='./web-gallery/smilies/tongue.gif' alt='Smiley' title='Smiley' border='0'> ", $str);
210. $str = str_replace(":p", " <img src='./web-gallery/smilies/tongue.gif' alt='Smiley' title='Smiley' border='0'> ", $str);
211. $str = str_replace(";P", " <img src='./web-gallery/smilies/winktongue.gif' alt='Smiley' title='Smiley' border='0'> ", $str);
212. $str = str_replace(";p", " <img src='./web-gallery/smilies/winktongue.gif' alt='Smiley' title='Smiley' border='0'> ", $str);
213. $str = str_replace(":O", " <img src='./web-gallery/smilies/shocked.gif' alt='Smiley' title='Smiley' border='0'> ", $str);
214. $str = str_replace(":o", " <img src='./web-gallery/smilies/shocked.gif' alt='Smiley' title='Smiley' border='0'> ", $str);
215. $str = str_replace("<3", " <img src='./web-gallery/smilies/heart.gif' alt='Smiley' title='Smiley' border='0'> ", $str);
216. }
217.  
218. // Parse BB code
219. $simple_search = array(
220. '/\[b\](.*?)\[\/b\]/is',
221. '/\[i\](.*?)\[\/i\]/is',
222. '/\[u\](.*?)\[\/u\]/is',
223. '/\[s\](.*?)\[\/s\]/is',
224. '/\[quote\](.*?)\[\/quote\]/is',
225. '/\[link\=(.*?)\](.*?)\[\/link\]/is',
226. '/\[url\=(.*?)\](.*?)\[\/url\]/is',
227. '/\[color\=(.*?)\](.*?)\[\/color\]/is',
228. '/\[size=small\](.*?)\[\/size\]/is',
229. '/\[size=large\](.*?)\[\/size\]/is',
230. '/\[code\](.*?)\[\/code\]/is',
231. '/\[habbo\=(.*?)\](.*?)\[\/habbo\]/is',
232. '/\[room\=(.*?)\](.*?)\[\/room\]/is',
233. '/\[group\=(.*?)\](.*?)\[\/group\]/is',
234. '/\[img\](.*?)\[\/img\]/is'
235. );
236.  
237.  
238. $simple_replace = array(
239. '<strong>$1</strong>',
240. '<em>$1</em>',
241. '<u>$1</u>',
242. '<s>$1</s>',
243. "<div class='bbcode-quote'>$1</div>",
244. "<a href='$1'>$2</a>",
245. "<a href='$1'>$2</a>",
246. "<font color='$1'>$2</font>",
247. "<font size='1'>$1</font>",
248. "<font size='3'>$1</font>",
249. '<pre>$1</pre>',
250. "<a href='./user_profile?id=$1'>$2</a>",
251. "<a onclick=\"roomForward(this, '$1', 'private');return false;\" target=\"client\" href=\"./client.php?forwardId=2&roomId=$1\">$2</a>",
252. "<a href='./group_profile?id=$1'>$2</a>",
253. "<img src='$1'/>"
254. );
255.  
256. $str = preg_replace ($simple_search, $simple_replace, $str);
257.  
258. return $str;
259. }
260.  
261. // #########################################################################
262.  
263. function GenerateTicket(){
264.  
265. $data = "";
266.  
267. for ($i=1;$i<=6;$i++){
268. $data = $data . rand(0,10);
269. }
270.  
271. $data = $data . "";
272.  
273. for ($i=1;$i<=20;$i++){
274. $data = $data . rand(0,10);
275. }
276.  
277. $data = $data . "";
278. $data = $data . rand(0,10);
279.  
280. return $data;
281. }
282.  
283.  
284. // #########################################################################
285.  
286. if(session_is_registered('username')){
287.  
288. $rawname = $_SESSION['username'];// Has slashes added and lacking proper capitals
289. $rawpass = $_SESSION['password'];// HoloHash()'ed user password
290.  
291. $usersql = mysql_query("SELECT * FROM users WHERE username = '".$rawname."' AND password = '".$rawpass."' LIMIT 1");
292. $myrow = mysql_fetch_assoc($usersql);
293.  
294. $password_correct = mysql_num_rows($usersql);
295.  
296. $my_id = $myrow['id'];
297. //$my_name = $myrow['username'];
298. $user_rank = $myrow['rank'];
299.  
300. $check = mysql_query("SELECT * FROM bans WHERE value = '".$rawname."' LIMIT 1") or die(mysql_error());
301. $is_banned = mysql_num_rows($check);
302.  
303. if($password_correct !== 1){ // Login Anti
304.  
305. session_destroy();
306. header("location:index.php?error=1");
307. exit;
308.  
309. } elseif($is_banned > 0){
310.  
311. $bandata = mysql_fetch_assoc($check);
312. $reason = $bandata['reason'];
313. $expire = $bandata['expire'];
314.  
315.  
316. if($is_banned > 0){
317.  
318. $login_error = "Sei stato bannato per \"" . $reason . "\". il tuo ban finisce " . $expire . ".";
319. include('logout.php');
320. session_destroy();
321. exit;
322.  
323.  
324.  
325. }
326. }
327.  
328. if($enable_sso == 1 && $password_correct == 1){
329.  
330. $myticket = $myrow['auth_ticket'];
331.  
332. // if(empty($myticket) || $myticket == "0" || strlen($myticket) < 39){
333. // $myticket = GenerateTicket();
334. // mysql_query("UPDATE users SET ticket_sso = '".$myticket."', ip_last = '".$remote_ip."' WHERE id = '".$my_id."' LIMIT 1") or die(mysql_error());
335. // }
336.  
337. } else {
338. $myticket = "";
339. }
340.  
341. $logged_in = true;
342. $name = HoloText($myrow['username']);
343.  
344. } else {
345.  
346. $user_rank = 0;
347. $name = "Guest";
348. $my_id = "GUEST";
349. //$myticket = "";
350. $logged_in = false;
351.  
352. }
353.  
354. // #########################################################################
355. // Gift check (noob/welcome stuff)
356. /*
357. $sql = mysql_query("SELECT noob,gift,sort,roomid,lastgift FROM users WHERE id='".$my_id."' LIMIT 1");
358. $row = mysql_fetch_assoc($sql);
359. if($row['gift'] < 3) {
360. if($row['noob'] == 1) {
361. if($row['lastgift'] < date("d-m-Y")) {
362. mysql_query("INSERT INTO cms_noobgifts (userid,gift,read) VALUES ('".$my_id."','".$row['gift']."','0')");
363. mysql_query("UPDATE users SET lastgift='".date("d-m-Y")."',gift=gift+'1' WHERE id='".$my_id."' LIMIT 1");
364. }
365. }
366. }
367. // #########################################################################
368. */
369.  
370. if($enable_status_image == "1"){
371. if($server_on_localhost != 0 || $ip == "127.0.0.1"){
372. $fip = "127.0.0.1";
373. } else {
374. $fip = $ip;
375. }
376.  
377. $fp = @fsockopen($fip, $fport, $errno, $errstr, 1);
378.  
379. if($fp){
380. $online = "online";
381. fclose($fp);
382. } else {
383. $online = "offline";
384. }
385. }else{
386. $online = "online";
387. }
388.  
389. // #########################################################################
390.  
391. if($user_rank > 5){
392. if(session_is_registered(hkusername) && session_is_registered(hkpassword)){
393. $rank['iAdmin'] = "1";
394. } else {
395. $rank['iAdmin'] = "0";
396. }
397. } else {
398. $rank['iAdmin'] = "0";
399. }
400.  
401. // #########################################################################
402.  
403. function GetUserBadge($strName){ // supports user IDs also
404.  
405. if(is_numeric($strName)){
406. $check = mysql_query("SELECT id FROM users WHERE id = '".$strName."' AND badge_status = '1' LIMIT 1") or die(mysql_error());
407. } else {
408. $check = mysql_query("SELECT id FROM users WHERE username = '".FilterText($strName)."' AND badge_status = '1' LIMIT 1") or die(mysql_error());
409. }
410.  
411. $exists = mysql_num_rows($check);
412.  
413. if($exists > 0){
414. $usrrow = mysql_fetch_assoc($check);
415. $check = mysql_query("SELECT * FROM user_badges WHERE user_id = '".$usrrow['id']."' AND badge_slot = '1' LIMIT 1") or die(mysql_error());
416. $hasbadge = mysql_num_rows($check);
417. if($hasbadge > 0){
418. $badgerow = mysql_fetch_assoc($check);
419. return $badgerow['badge_id'];
420. } else {
421. return false;
422. }
423. } else {
424. return false;
425. }
426. }
427.  
428. // #########################################################################
429.  
430. function GetUserGroup($my_id){
431. $check = mysql_query("SELECT groupid FROM user_stats WHERE id = '".$my_id."' LIMIT 1") or die(mysql_error());
432. $has_fave = mysql_num_rows($check);
433.  
434. if($has_fave > 0){
435.  
436. $row = mysql_fetch_assoc($check);
437. $groupid = $row['groupid'];
438.  
439. return $groupid;
440.  
441. } else {
442.  
443. return false;
444.  
445. }
446. }
447.  
448. // #########################################################################
449.  
450. function GetUserGroupBadge($my_id){
451. $check = mysql_query("SELECT groupid FROM user_stats WHERE id = '".$my_id."' LIMIT 1") or die(mysql_error());
452. $has_badge = mysql_num_rows($check);
453.  
454. if($has_badge > 0){
455.  
456. $row = mysql_fetch_assoc($check);
457. $groupid = $row['groupid'];
458.  
459. $check = mysql_query("SELECT badge FROM groups WHERE id = '".$groupid."' LIMIT 1") or die(mysql_error());
460.  
461. $row = mysql_fetch_assoc($check);
462. $badge = $row['badge'];
463.  
464. return $badge;
465.  
466. } else {
467.  
468. return false;
469.  
470. }
471. }
472.  
473. // ######################################################################### MUS servono per Phoenix Emulator
474.  
475. function SendMUS($header, $data){
476. $ip = "127.0.0.1";
477. $port = 30001;
478. $musData = $header . chr(1) . $data;
479. $sock = @socket_create(AF_INET, SOCK_STREAM, getprotobyname('tcp'));
480. @socket_connect($sock, $ip, $port);
481. @socket_send($sock, $musData, strlen($musData), MSG_DONTROUTE);
482. @socket_close($sock);
483. }
484.  
485. // #########################################################################
486.  
487. // Calculate the amount of HC Days left
488. function HCDaysLeft($my_id){
489.  
490. // Query for the info we need to calculate
491. $sql = mysql_query("SELECT timestamp_expire,timestamp_activated FROM user_subscriptions WHERE user_id = '".$my_id."' LIMIT 1") or die(mysql_error());
492. $tmp = mysql_fetch_assoc($sql);
493. $valid = mysql_num_rows($sql);
494.  
495. if($valid > 0){
496.  
497. // Collect the variables we need from the query result
498. $months_left = $tmp['timestamp_expire'];
499. $month_started = $tmp['timestamp_activated'];
500.  
501. // We take 31 days for every month left, assuming each month has 31 days
502. $days_left = $months_left * 31;
503.  
504. // Split up the day/month/year so we can use it with mktime
505. $tmp = explode("-", $month_started);
506. $day = $tmp[0];
507. $month = $tmp[1];
508. $year = $tmp[2];
509.  
510. // First of all make the dates we want to compare, do some math
511. $then = mktime(0, 0, 0, $month, $day, $year, 0);
512. $now = time();
513. $difference = $now - $then;
514.  
515. // If this month expired already
516. if ($difference < 0){
517. $difference = 0;
518. }
519.  
520. // Now do some math
521. $days_expired = floor($difference/60/60/24);
522.  
523. // $days_expired stands for the days we already wasted in this month
524. // 31 days for each month added together, minus the days we've wasted in the current month, is the amount of days we have left, totally
525. $days_left = $days_left - $days_expired;
526.  
527. return $days_left;
528.  
529. } else {
530. return 0;
531. }
532. }
533.  
534. // #########################################################################
535.  
536. if($maintenance == "1" && !$is_maintenance && $rank['iAdmin'] < 1){
537. header("Location: maintenance");
538. exit;
539. } elseif($rank['iAdmin'] == 1 && $maintenance == 1){
540. $notify_maintenance = true;
541. }
542.  
543. // #########################################################################
544.  
545. function AddUser($username = '', $real_name = '', $password = '', $mail = '', $figure = '', $motto = '', $home_room = '', $birth = '', $fb_id = 0)
546. {
547. mysql_query("INSERT INTO users (username, real_name, password, mail, credits, look, motto, account_created, last_online, ip_last, ip_reg, home_room, birth, facebook_id) VALUES ('".$username."', '".FilterText($real_name)."', '".$password."', '".$mail."', '50000', '".$figure."', '".$motto."', UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), '".$_SERVER['REMOTE_ADDR']."', '".$_SERVER['REMOTE_ADDR']."', '".$home_room."','".$birth."','".$fb_id."')");
548. $user_id = mysql_insert_id();
549. mysql_query("INSERT INTO user_stats (id, RoomVisits, OnlineTime, Respect, RespectGiven, GiftsGiven, GiftsReceived, DailyRespectPoints, DailyPetRespectPoints) VALUES ('".$user_id."', 0, 0, 0, 0, 0, 0, 3, 3)");
550. mysql_query("INSERT INTO user_info (user_id, bans, cautions, reg_timestamp, login_timestamp, cfhs, cfhs_abusive) VALUES ('".$user_id."', '0', '0', UNIX_TIMESTAMP(), '0', '0', '0')");
551. }
552.  
553. // #########################################################################
554.  
555. function IsHCMember($my_id){
556. if(HCDaysLeft($my_id) > 0 ){
557. return true;
558. } else {
559. // Make sure that HC members are _not_ rank 2 and that they do not have their gay little badge
560. $check = mysql_query("SELECT * FROM user_subscriptions WHERE user_id = '".$my_id."' LIMIT 1");
561. $clubrecord = mysql_num_rows($check);
562. if($clubrecord > 0){
563. mysql_query("UPDATE users SET badge_status = '0', hc_before='1' WHERE id = '".$my_id."' LIMIT 1") or die(mysql_error());
564. mysql_query("UPDATE users SET rank = '1' WHERE id = '".$my_id."' AND rank = '2' LIMIT 1") or die(mysql_error());
565. mysql_query("DELETE FROM users_badges WHERE badgecode = 'HC1' OR badgeid = 'HC2' AND userid = '".$my_id."' LIMIT 1");
566. mysql_query("DELETE FROM user_subscriptions WHERE user_id = '".$my_id."' LIMIT 1") or die(mysql_error());
567. if(function_exists(SendMUSData) !== true){ include('includes/mus.php');}
568. @SendMUSData('UPRS' . $my_id);
569. }
570. return false;
571. }
572. }
573.  
574. // #########################################################################
575.  
576. function GiveHC($user_id, $months){
577.  
578. $sql = mysql_query("SELECT * FROM user_subscriptions WHERE user_id = '".$user_id."' LIMIT 1") or die(mysql_error());
579. $valid = mysql_num_rows($sql);
580.  
581. if($valid > 0){
582. mysql_query("UPDATE users SET rank = '1' WHERE rank = '1' AND id = '".$user_id."' LIMIT 1") or die(mysql_error());
583. mysql_query("UPDATE user_subscriptions SET timestamp_expire = timestamp_expire + ".$months." WHERE user_id = '".$user_id."' LIMIT 1") or die(mysql_error());
584. $check = mysql_query("SELECT * FROM user_badges WHERE badge_id = 'HC6' AND user_id = '".$user_id."' LIMIT 1") or die(mysql_error());
585. $found = mysql_num_rows($check);
586. if($found !== 1){ // No badge. Poor thing.
587. mysql_query("UPDATE users SET badge_status = '0' WHERE id = '".$user_id."' LIMIT 1") or die(mysql_error());
588. mysql_query("UPDATE user_badges SET badge_slot = '0' WHERE user_id = '".$user_id."'") or die(mysql_error());
589. mysql_query("INSERT INTO user_badges (user_id,badge_id,badge_slot) VALUES ('".$user_id."','HC1','1')") or die(mysql_error());
590. }
591. } else {
592. $m = date('m');
593. $d = date('d');
594. $Y = date('Y');
595. $date = date('d-m-Y', mktime($m,$d,$Y));
596. mysql_query("INSERT INTO user_subscriptions (user_id,timestamp_activated,timestamp_expire) VALUES ('".$user_id."','".$date."','".$date."')") or die(mysql_error());
597. GiveHC($user_id, $months);
598. }
599.  
600. if(function_exists(SendMUSData) !== true){ include('includes/mus.php');}
601. @SendMUSData('UPRS' . $user_id);
602. @SendMUSData('UPRC' . $user_id);
603. }
604.  
605. // #########################################################################
606.  
607. if(session_is_registered(username)){
608. $blob = time();
609. mysql_query("UPDATE users SET online1 = '".$blob."', ip_last = '".$remote_ip."' WHERE id = '".$my_id."' LIMIT 1") or die(mysql_error());
610.  
611. mysql_query("UPDATE users SET ip_last = '".$remote_ip."' WHERE id = '".$my_id."' LIMIT 1") or die(mysql_error());
612.  
613.  
614. //if($phail == true){
615. //echo "<b>Please wait..</b><br />Please wait while we update your HoloDB compatability..<br />";
616. //mysql_query("ALTER TABLE `users` ADD `online` TEXT NOT NULL ;") or die(mysql_error());
617. //echo "Done! Please reload this page to proceed. You will not see this message again.";
618. //exit;
619. //}
620. }
621.  
622. // #########################################################################
623.  
624. function IsUserOnline($intUID){
625. $result = mysql_fetch_array(mysql_query("SELECT online FROM users WHERE id = '".$intUID."' LIMIT 1")) or die(mysql_error());
626.  
627. if($result['online'] == 1){
628. return true;
629. } else {
630.  
631. return false;
632. }
633. }
634.  
635. // #########################################################################
636.  
637. function IsUserBanned(){
638.  
639.  
640.  
641. }
642. // #########################################################################
643.  
644. function mysql_evaluate($query, $default_value="undefined") {
645. $result = mysql_query($query) or die(mysql_error());
646.  
647. if(mysql_num_rows($result) < 1){
648. return $default_value;
649. } else {
650. return mysql_result($result, 0);
651. }
652. }
653.  
654. // #########################################################################
655.  
656. function FilterText($str, $advanced=false) {
657. if($advanced == true){ return mysql_real_escape_string($str);}
658. $str = mysql_real_escape_string(htmlspecialchars($str));
659. return $str;
660. }
661.  
662. function HoloText($str, $advanced=false, $bbcode=false) {
663. if($advanced == true){ return stripslashes($str);}
664. $str = stripslashes(nl2br(htmlspecialchars($str)));
665. if($bbcode == true){$str = bbcode_format($str);}
666. return $str;
667. }
668.  
669. function stringToURL($str,$lowercase=true,$spaces=false){
670. $str = trim(preg_replace('/\s\s+/',' ',preg_replace("/[^A-Za-z0-9-]/", " ", $str)));
671. if($lowercase == true){ $str = strtolower($str);}
672. if($spaces == true){ $str = str_replace(" ", "-", $str);}else{ str_replace(" ", "", $str);}
673. return $str;
674. }
675.  
676.  
677.  
678. function textInJS($str, $clean = false){
679. $str = str_replace("??","?",$str);
680. $str = str_replace("??","?",$str);
681. $str = str_replace("?‘","?",$str);
682. $str = str_replace("?±","?",$str);
683. $str = str_replace("??","?",$str);
684. $str = str_replace("??","?",$str);
685. $str = str_replace("?‰","?",$str);
686. $str = str_replace("?©","?",$str);
687. $str = str_replace("?“","?",$str);
688. $str = str_replace("??","?",$str);
689. $str = str_replace("??","?",$str);
690. $str = str_replace("??","?",$str);
691. $str = str_replace("??","?",$str);
692. $str = str_replace("?","?",$str);
693.  
694. if($clean == true)
695. {
696. $str = str_replace("?","N",$str);
697. $str = str_replace("?","n",$str);
698. $str = str_replace("?","A",$str);
699. $str = str_replace("?","a",$str);
700. $str = str_replace("?","E",$str);
701. $str = str_replace("?","e",$str);
702. $str = str_replace("?","O",$str);
703. $str = str_replace("?","o",$str);
704. $str = str_replace("?","U",$str);
705. $str = str_replace("?","u",$str);
706. $str = str_replace("?","I",$str);
707. $str = str_replace("?","i",$str);
708. }
709.  
710. return $str;
711. }
712.  
713.  
714.  
715. function FilterSpecialChars($strInput)
716. {
717. $strInput = str_replace(chr(1), ' ', $strInput);
718. $strInput = str_replace(chr(2), ' ', $strInput);
719. $strInput = str_replace(chr(3), ' ', $strInput);
720. $strInput = str_replace(chr(9), ' ', $strInput);
721. }
722.  
723. function SwitchWordFilter($str)
724. {
725.  
726. $sql = mysql_query("SELECT word FROM system_wordfilter") or die(mysql_error());
727.  
728. while($row = mysql_fetch_assoc($sql)){
729. $str = str_replace($row['word'],getServer("wordfilter_censor"),$str);
730. }
731.  
732. return $str;
733.  
734. }
735.  
736.  
737.  
738.  
739.  
740. function EscapeString($string = '')
741. {
742. return mysql_real_escape_string(stripslashes(trim(htmlspecialchars($string))));
743. }
744.  
745. ###################################### php stuff ######################################
746. error_reporting(0);/* no errors please */
747. session_start(); /* for user´s data */
748.  
749.  
750.  
751. /* AVATAR */
752. $config["hImaging"] = 'http://habbo.it/habbo-imaging/avatarimage';
753. /* Avatar Predefinito */
754. $config["defaultAvatar"] = 'ch-3111-63-62.hd-3103-1.hr-3163-39.lg-285-77.sh-305-78';
755.  
756. ###################################### Connessione a MySQL ######################################
757. $con = mysql_connect($sqlhostname, $sqlusername, $sqlpassword) or die('Errore con la connessione a MySQL, apri <b>data_classes.php</b> e modifica con i tuoi dati.');
758. $db = mysql_select_db($sqldb, $con) or die('Database non trovato, apri <b>data_classes.php</b> e modifica con i tuoi dati.');
759.  
760.  
761. // #########################################################################
762.  
763. /* Funzione per il caricamento dei look */
764. function readAvatarSet($type, $gender, $publicDir = 'json/', $extFile = '.txt'){
765. /* formating avatar set file */ $set_file = $publicDir.$type.'-'.strtolower($gender).'.txt';
766. /* check if file exists */ if(file_exists($set_file) != false){ $x = fopen($set_file, "r");
767. /* reading file and returning data as string */ $s = fread($x, filesize($set_file));fclose($x);return $s;} else { return null;}
768. }
769.  
770. // #########################################################################
771.  
772. /* Funzione per il controllo delle stringhe */
773. function checkIfContains($substring, $string) {
774. $pos = strpos($string, $substring);
775. if($pos === false) { return false;} else { return true;}
776. }
777.  
778. // #########################################################################
779.  
780. /* Non toccare */
781. function createSecurityHash($length, $numbers, $upper){
782. if (1 > $length) $length = 8;
783. $chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
784. $numChars = 62;$string = '';
785. if (!$numbers) { $numChars = 52;$chars = substr($chars, 10, $numChars);}
786. if (!$upper) { $numChars -= 26;$chars = substr($chars, 0, $numChars);}
787. for ($i = 0;$i < $length;$i++) { $string .= $chars[mt_rand(0, $numChars - 1)];}
788. return $string;
789. }
790.  
791. // #########################################################################
792. function Securise($str)
793. {
794. $str = mysql_real_escape_string(htmlspecialchars(stripslashes(nl2br(trim($str)))));
795. return $str;
796. }
797.  
798. // ###################################### Redirect per Facebook ######################################
799. function Redirect($url){
800. $redirect = header("location:".$url."");
801. return $redirect;
802. }
803.  
804. // ###################################### Facebook Connect ###########################################
805. define('APP_ID', '');
806. define('APP_SECRET', '');
807. define('siteurl', '');
808.  
809. // ###################################### Version ####################################################
810. @include('./includes/version.php');
811. @include('../includes/version.php');
812. ?>