<?php/* decube.xyz*/echo "<!-- DARKDEV.EU --><!-- This website is using th

1. <?php
2. /* decube.xyz*/
3. echo "<!-- DARKDEV.EU -->
4. <!-- This website is using the premium version of DeviliumWeb CMS -->
5. <!-- To purchase contact visit www.darkdev.eu -->
6. ";
7. $domain = $_SERVER["SERVER_NAME"];
8. $ch = curl_init();
9. curl_setopt($ch, CURLOPT_URL, "http://darkdev.eu/licenta_web.php");
10. curl_setopt($ch, CURLOPT_HEADER, false);
11. curl_setopt($ch, CURLOPT_POST, true);
12. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
13. curl_setopt($ch, CURLOPT_POSTFIELDS, array("id" => "3", "ip" => "" . $server . "", "domain" => "" . $domain . "", "user_key" => "3", "submit" => "Send"));
14. $result = curl_exec($ch);
15. echo "$result";
16. curl_close($ch);
17.  
18. if (empty($result)) {
19. function error($text)
20. {
21. echo "<div class=\"msg_error\" align=\"left\" id=\"msg\">" . $text . "</div></div>";
22. }
23. function succes($text)
24. {
25. echo "<div class=\"msg_succes\" align=\"left\" id=\"msg\">" . $text . "</div></div>";
26. }
27. function success($text)
28. {
29. echo "<div class=\"msg_succes\" align=\"left\" id=\"msg\">" . $text . "</div></div>";
30. }
31. function login()
32. {
33. if (isset($_POST["submit"])) {
34. $username = replace($_POST["username"]);
35. $password = replace($_POST["password"]);
36. $sql = "SELECT count(*) FROM account.account where (login='$username' AND password=PASSWORD('" . $password . "'))";
37. $res = mysql_query($sql);
38. $row = mysql_fetch_array($res);
39. $acc = mysql_fetch_object(mysql_query("SELECT id,web_admin,web_aktiviert FROM account.account where (login='$username' AND password=PASSWORD('" . $password . "'))"));
40.  
41. if (0 < $row[0]) {
42. if ($acc->web_aktiviert == "0") {
43. error("Cont inactiv");
44. echo "<meta http-equiv=\"refresh\" content=\"1;url=index.php?page=email-activare\">";
45. }
46. else {
47. $_SESSION["user"] = $username;
48. $_SESSION["pass"] = $password;
49. $_SESSION["userid"] = $acc->id;
50. $_SESSION["admin"] = $acc->web_admin;
51. echo "<center>Logare reusita</center><meta http-equiv=\"refresh\" content=\"1;url=index.php\">";
52. }
53. }
54. else {
55. echo "<center>Logare esuata</center>";
56. echo "<center>Logare esuata</center><meta http-equiv=\"refresh\" content=\"1;url=index.php\">";
57. }
58. }
59. }
60. function retrimite_mail()
61. {
62. include ("inc/configurare.php");
63.  
64. if (isset($_POST["trimite"])) {
65. $username = replace($_POST["username"]);
66. $email = replace($_POST["email"]);
67.  
68. if (($username != NULL) && ($email != NULL)) {
69. $qu = mysql_query("Select * from account.account where login='$username'");
70. $in = mysql_fetch_object($qu);
71. $aktiv = $in->web_aktiviert;
72. $cod_activ = md5(rand(999, 99999));
73.  
74. if ($aktiv != "1") {
75. include ("configurare.php");
76. mysql_query("Update account.account set web_aktiviert='$cod_activ' where login='$username'");
77. $email = $in->email;
78. $to = $email;
79. $subject = "Activare cont!";
80. $message = "Salut " . $username . "\r\nPentru a activa contul tau acceseaza linkul de mai jos \r\nhttp://" . $website . "/index.php?page=activare-cont&cont=" . $username . "&cod=" . $cod_activ . "\r\n\t\t\t\t\t\t\t";
81. new mail($to, $subject, $message);
82. echo succes("Verificati adresa de email.");
83. }
84. else {
85. echo error("Contul este deja activ.Va puteti loga.");
86. }
87. }
88. }
89. }
90. function loadcontent()
91. {
92. if (isset($_GET["page"])) {
93. $page = replace($_GET["page"]);
94. include ("modules/" . $page . ".php");
95.  
96. if (!file_exists("modules/" . $page . ".php")) {
97. $error = 1;
98. echo error(website_module_off);
99. }
100. }
101. else if ($page == NULL) {
102. $page = "acasa";
103. include ("modules/" . $page . ".php");
104. }
105. }
106. function acc($usern, $opt)
107. {
108. $co = mysql_query("Select * from account.account where login='" . $usern . "'");
109. $c = mysql_fetch_object($co);
110. echo $c->$opt;
111. }
112. function count_ch($usern)
113. {
114. include ("configurare.php");
115. $cc = mysql_query("Select * from account.account where login='" . $usern . "'");
116. $cs = mysql_fetch_object($cc);
117. ($my = mysql_query("Select * from player.player where account_id='" . $cs->account_id . "'")) || exit(mysql_error());
118. $crs = mysql_num_rows($my);
119. echo $crs;
120. }
121. function clasa_c($clasa)
122. {
123. if (($clasa == "0") || ($clasa == "4")) {
124. echo c_war;
125. }
126. else {
127. if (($clasa == "1") || ($clasa == "5")) {
128. echo c_ninja;
129. }
130. else {
131. if (($clasa == "2") || ($clasa == "6")) {
132. echo c_sura;
133. }
134. else {
135. if (($clasa == "3") || ($clasa == "7")) {
136. echo c_sami;
137. }
138. }
139. }
140. }
141. }
142. function nume_regat($empire)
143. {
144. if ($empire == "1") {
145. echo "<img src='images/regat/reg_rosu.png' border='0'>";
146. }
147.  
148. if ($empire == "2") {
149. echo "<img src='images/regat/reg_galben.png' border='0'>";
150. }
151.  
152. if ($empire == "3") {
153. echo "<img src='images/regat/reg_albastru.png' border='0'>";
154. }
155. }
156. function recuperare_pw()
157. {
158. if (isset($_POST["recuperare"])) {
159. $username = replace($_POST["username"]);
160. $email = replace($_POST["email"]);
161.  
162. if (($username != NULL) && ($email != NULL)) {
163. if (md5($_POST["norobot"]) == $_SESSION["randomnr2"]) {
164. include ("configurare.php");
165. $ch = mysql_query("Select * from account.account where login='$username' and email='$email'");
166.  
167. if (mysql_num_rows($ch) == 1) {
168. $rec = md5(rand(99999, 9999999));
169. mysql_query("Update account.account set passlost_token='$rec' where login='$username'");
170. $to = $email;
171. $subject = "Confirm email!";
172. $message = "\r\n\t\t\t\t\t\t\t\r\n\t\t\tHi " . $username . "\r\n\r\n\t\t\tIf you want to reset your password you must confirm by clicking the link bellow : \r\n\r\n\t\t\thttp://" . $website . "/index.php?page=recuperare-pw&cont=" . $username . "&cod=" . $rec . "\r\n\t\t\t\t\t\t\t";
173. $headers = "Do not reply.";
174. new mail($to, $subject, $message, $headers);
175. echo succes(check_email_and);
176. }
177. else {
178. echo error(acc_or_email);
179. }
180. }
181. else {
182. echo error(spam);
183. }
184. }
185. }
186. }
187. function schimbare_pw()
188. {
189. if (isset($_POST["passwordchangerequest"])) {
190. $log = $_SESSION["user"];
191. include ("configurare.php");
192. $tr = mysql_fetch_object(mysql_query("Select * from account.account where login='$log'"));
193. $cod = md5(rand(999, 999999));
194. mysql_query("Update account.account set passchange_token='$cod' where login='$log'");
195. echo succes(check_email_and);
196. $email = $tr->email;
197. $to = $email;
198. $subject = "Confirm password change!";
199. $message = "If you want to reset your password please click the link bellow :\r\n\t\t\r\nhttp://$website/index.php?page=schimbare-pw&cod=" . $cod . "";
200. new mail($to, $subject, $message);
201. }
202. }
203. function schimbare_pw_confirmata()
204. {
205. if (isset($_POST["SubmitLostPasswordCodeForm"])) {
206. $cont = $_SESSION["user"];
207. $newpw = replace($_POST["newPassword"]);
208.  
209. if ($newpw != NULL) {
210. mysql_query("Update account.account set password=PASSWORD('$newpw') where login='$cont'");
211. mysql_query("Update account.account set passchange_token='1' where login='$cont'");
212. $data = date("h:i:s d/m/Y");
213. mysql_query("Insert into web.dev_player_log (account,data,actiune) values ('$cont','$data','Parola a fost schimbata in $newpw.')");
214. echo succes(password_changed);
215. }
216. else {
217. echo error(insert_new_password);
218. }
219. }
220. }
221. function parola_depozit()
222. {
223. if (isset($_POST["sendStoragePassword"])) {
224. $log = $_SESSION["user"];
225. ($s = mysql_fetch_object(mysql_query("Select id,email from account.account where login='$log'"))) || exit(mysql_error());
226. $id = $s->id;
227. $email = $s->email;
228. $com = mysql_query("Select * from player.safebox where account_id='$id'");
229. $dep = mysql_fetch_array($com);
230.  
231. if ($dep["password"] == NULL) {
232. $password = "000000";
233. }
234. else {
235. $password = $dep["password"];
236. }
237.  
238. $to = $email;
239. $subject = "Warehouse password.";
240. $message = "Your warehouse password is : " . $password . "";
241. new mail($to, $subject, $message);
242. $data = date("h:i:s d/m/Y");
243. echo succes(check_email . " " . $email . ".");
244. }
245. }
246. function cod_securitate()
247. {
248. if (isset($_POST["sendSocialcodeDisplayLink"])) {
249. include ("configurare.php");
250. echo succes(check_email_and);
251. $log = $_SESSION["user"];
252. ($xx = mysql_fetch_object(mysql_query("Select * from account.account where login='$log'"))) || exit(mysql_error());
253. $cod = $xx->social_id;
254. $email = $xx->email;
255. $to = $email;
256. $subject = "Social ID.!";
257. $message = "Hi " . $log . "!\r\n\r\n\t\tFor security reasons you need you need to enter a code in order to delete a character.\r\n\r\n\t\tYour code is : " . $cod . "\r\n\r\n\r\n\t\tWrite it on something or remember it!\r\n\r\n\r\n\r\n\t\tWith welcome\r\n\r\n\t\t" . $titlu . ".";
258. new mail($to, $subject, $message);
259. $data = date("h:i:s d/m/Y");
260. }
261. }
262. function sterge_cont()
263. {
264. if (isset($_POST["accountdeletion_submit"])) {
265. echo succes(check_email_and);
266. $log = $_SESSION["user"];
267. ($aa = mysql_fetch_object(mysql_query("Select * from account.account where login='$log'"))) || exit(mysql_error());
268. $email = $aa->email;
269. $cod = md5(rand(999, 99999));
270. $bb = mysql_query("Update account.account set cod_stergere_account='$cod' where login='$log'");
271. $to = $email;
272. include ("configurare.php");
273. $subject = "Confirm account delete.!";
274. $message = "Salut " . $log . "!\r\n\r\n\t\t\tIf you want to delete your account press the link bellow :\r\n\r\n\t\t\thttp://$website/index.php?page=stergere-cont&cont=" . $log . "&cod=" . $cod . "\r\n\r\n\t\t\tYou can cancel this operation in less then 7 days!\r\n\r\n\r\n\r\n\t\t\tWith welcome\r\n\r\n\t\t\t" . $titlu . "";
275. new mail($to, $subject, $message);
276. }
277. }
278. function stergere_cont_final()
279. {
280. if (($_GET["cont"] != NULL) && ($_GET["cod"] != NULL)) {
281. $cod = replace($_GET["cod"]);
282. $log = $_SESSION["user"];
283. $query = mysql_query("Select * from account.account where cod_stergere_account='$cod' and login='$log'");
284.  
285. if (mysql_num_rows($query) == 1) {
286. $nextWeek = time() + (7 * 24 * 60 * 60);
287. $delete = date("d/m/Y", $nextWeek);
288. mysql_query("Update account.account set data_stergere='$delete' where login='$log'");
289. echo succes(delete_in_7)."<meta http-equiv=\"refresh\" content=\"0;url=index.php?page=stergere-cont\">";
290. }
291. else {
292. echo error("ERROR");
293. echo error("ERROR")."<meta http-equiv=\"refresh\" content=\"0;url=index.php?page=stergere-cont\">";
294. }
295. }
296. }
297. function stergere_cont_cancel()
298. {
299. if (isset($_POST["accountdeletion_cancel"])) {
300. $log = $_SESSION["user"];
301. mysql_query("Update account.account set stergere_account='' where login='$log'");
302. echo succes(delete_cancel)."<meta http-equiv=\"refresh\" content=\"1;url=index.php?page=panou-user\">";
303. }
304. }
305. function debug()
306. {
307. if (isset($_GET["page"]) && isset($_GET["debug"])) {
308. $char = replace($_GET["debug"]);
309. $const = mysql_fetch_object(mysql_query("Select * from player.player where id='$char'"));
310. $chek = mysql_fetch_object(mysql_query("Select * from account.account where id='" . $const->account_id . "'"));
311. $aid = $chek->id;
312.  
313. if (isset($_GET["debug"])) {
314. $sqlCmd = "SELECT * FROM player.player WHERE id='" . $char . "' AND account_id ='" . $aid . "'";
315. $sqlQry = mysql_query($sqlCmd);
316.  
317. if (0 < mysql_num_rows($sqlQry)) {
318. $resetPos = array();
319. $resetPos[1]["map_index"] = 1;
320. $resetPos[1]["x"] = 468779;
321. $resetPos[1]["y"] = 962107;
322. $resetPos[2]["map_index"] = 21;
323. $resetPos[2]["x"] = 55700;
324. $resetPos[2]["y"] = 157900;
325. $resetPos[3]["map_index"] = 41;
326. $resetPos[3]["x"] = 969066;
327. $resetPos[3]["y"] = 278290;
328. $getChar = mysql_fetch_object($sqlQry);
329. $pid = $getChar->id;
330. ($query2 = mysql_query("SELECT * FROM player.player_index WHERE pid1='$pid' or pid2='$pid' or pid3='$pid' or pid4='$pid'")) || exit("ERROR");
331. $row2 = mysql_fetch_array($query2);
332. $empire = $row2["empire"];
333. $lp = strtotime($getChar->timeStamp);
334. $difSpielzeit = time() - $lp;
335. $toGoTime = (5 * 60) - $difSpielzeit;
336. $toGoMin = floor($toGoTime / 60);
337. $toGoSek = $toGoTime % 60;
338. $sqlUpdate = "UPDATE player.player SET map_index='" . $resetPos["\$empire"]["map_index"] . "', x='" . $resetPos[$empire]["x"] . "', y='" . $resetPos[$empire]["y"] . "', \texit_x='" . $resetPos[$empire]["x"] . "', exit_y='" . $resetPos[$empire]["y"] . "', exit_map_index='" . $resetPos[$empire]["map_index"] . "', horse_riding='0' WHERE id='" . $char . "' LIMIT 1";
339. ($updatePos = mysql_query($sqlUpdate)) || exit(mysql_error());
340.  
341. if ($updatePos) {
342. echo succes(char_debug_ok);
343. }
344. else {
345. echo error(char_debug_er);
346. }
347. }
348. else {
349. echo "<p class=\"meldung\">" . char_debug_er . "</p>";
350. }
351. }
352.  
353. echo "<p><a href=\"javascript:history.back()\">&laquo; " . go_back . "</a></p>";
354. }
355. }
356. function admin_debug()
357. {
358. if (isset($_GET["page"]) && isset($_GET["debug"])) {
359. $char = replace($_GET["debug"]);
360. $const = mysql_fetch_object(mysql_query("Select * from player.player where id='$char'"));
361. $chek = mysql_fetch_object(mysql_query("Select * from account.account where id='" . $const->account_id . "'"));
362. $aid = $chek->id;
363.  
364. if (isset($_GET["debug"])) {
365. $sqlCmd = "SELECT * FROM player.player WHERE id='" . $char . "' AND account_id ='" . $aid . "'";
366. $sqlQry = mysql_query($sqlCmd);
367.  
368. if (0 < mysql_num_rows($sqlQry)) {
369. $resetPos = array();
370. $resetPos[1]["map_index"] = 1;
371. $resetPos[1]["x"] = 468779;
372. $resetPos[1]["y"] = 962107;
373. $resetPos[2]["map_index"] = 21;
374. $resetPos[2]["x"] = 55700;
375. $resetPos[2]["y"] = 157900;
376. $resetPos[3]["map_index"] = 41;
377. $resetPos[3]["x"] = 969066;
378. $resetPos[3]["y"] = 278290;
379. $getChar = mysql_fetch_object($sqlQry);
380. $pid = $getChar->id;
381. ($query2 = mysql_query("SELECT * FROM player.player_index WHERE pid1='$pid' or pid2='$pid' or pid3='$pid' or pid4='$pid'")) || exit("ERROR");
382. $row2 = mysql_fetch_array($query2);
383. $empire = $row2["empire"];
384. $lp = strtotime($getChar->timeStamp);
385. $difSpielzeit = time() - $lp;
386. $toGoTime = (5 * 60) - $difSpielzeit;
387. $toGoMin = floor($toGoTime / 60);
388. $toGoSek = $toGoTime % 60;
389. ($sqlUpdate = "UPDATE player.player SET map_index='" . $resetPos["\$empire"]["map_index"] . "', x='" . $resetPos[$empire]["x"] . "', y='" . $resetPos[$empire]["y"] . "', \texit_x='" . $resetPos[$empire]["x"] . "', exit_y='" . $resetPos[$empire]["y"] . "', exit_map_index='" . $resetPos[$empire]["map_index"] . "', horse_riding='0' WHERE id='" . $char . "' LIMIT 1") || exit(mysql_error());
390. ($updatePos = mysql_query($sqlUpdate)) || exit(mysql_error());
391.  
392. if ($updatePos) {
393. echo succes(char_debug_ok);
394. }
395. else {
396. echo error(char_debug_er);
397. }
398. }
399. else {
400. echo error(char_debug_er);
401. }
402. }
403. }
404. }
405. function adauga_acces()
406. {
407. if (isset($_POST["adauga"])) {
408. $utilizator = replace($_POST["utilizator"]);
409. $nivel = $_POST["nivel"];
410. $mys = mysql_query("Select * from account.account where login='$utilizator'");
411.  
412. if (0 < mysql_num_rows($mys)) {
413. if ($utilizator != NULL) {
414. mysql_query("Update account.account set web_admin='$nivel' where login='$utilizator'");
415. echo succes(level_1 . " $nivel " . level_2 . " $utilizator .");
416. }
417. }
418. else {
419. echo error(user_noexist);
420. }
421. }
422. }
423. function cauta_cont()
424. {
425. if (isset($_POST["cauta"])) {
426. $cont = r_text($_POST["cont"]);
427.  
428. if ($cont != NULL) {
429. $ques = mysql_query("Select * from account.account where login like '%$cont%'");
430.  
431. if (mysql_num_rows($ques) == 0) {
432. echo error(user_noexist);
433. }
434. else {
435. echo "<table width=\"100%\" border=\"0\" align=\"center\" cellspacing=\"1\" cellpadding=\"1\">";
436. echo "<table width=\"100%\" border=\"0\" align=\"center\" cellspacing=\"1\" cellpadding=\"1\"><tr class=\"top\"><td class=\"iR_stats_level\">Userid</td><td class=\"iR_stats_level\">Cont</td><td class=\"iR_stats_level\">Email</td><td class=\"iR_stats_level\">Data inregistrari</td><td class=\"iR_stats_level\">Status</td><td>&nbsp;</td></tr>";
437.  
438. while ($cont = mysql_fetch_object($ques)) {
439. echo "<tr class=\"top\"><td class=\"iR_stats_reset\">" . $cont->id . "</td><td class=\"iR_stats_reset\">" . $cont->login . "</td><td class=\"iR_stats_reset\">" . $cont->email . "</td><td class=\"iR_stats_reset\">" . $cont->create_time . "</td><td class=\"iR_stats_reset\">" . $cont->status . "</td><td class=\"collect\" align=\"center\"><a href=\"index.php?page=edit_cont&cont=" . $cont->id . "\"><font color=\"white\">Vizualizare</font></a></td></tr>";
440. }
441.  
442. echo "</table>";
443. }
444. }
445. }
446. }
447. function cauta_caracter()
448. {
449. if (isset($_POST["cauta"])) {
450. $char = r_text($_POST["caracter"]);
451.  
452. if ($char != NULL) {
453. $qu = mysql_query("Select * from player.player where name like '%$char%'");
454.  
455. if (mysql_num_rows($qu) == 0) {
456. echo error(char_noexist);
457. }
458. else {
459. echo "<table width=\"100%\" border=\"0\" align=\"center\" cellspacing=\"1\" cellpadding=\"1\">";
460. echo "<table width=\"100%\" border=\"0\" align=\"center\" cellspacing=\"1\" cellpadding=\"1\"><tr class=\"top\"><td class=\"iR_stats_level\">Owner</td><td class=\"iR_stats_level\">Nume</td><td class=\"iR_stats_level\">Level</td><td class=\"iR_stats_level\">Ip</td><td>&nbsp;</td></tr>";
461.  
462. while ($ch = mysql_fetch_object($qu)) {
463. $acs = mysql_fetch_object(mysql_query("Select * from account.account where id='$ch->account_id'"));
464. echo "<tr class=\"top\"><td class=\"iR_stats_reset\"><a href=\"index.php?page=edit_cont&cont=" . $ch->account_id . "\"><font color=\"white\">[" . $ch->account_id . "]" . $acs->login . "</font></a></td><td class=\"iR_stats_reset\">" . $ch->name . "</td><td class=\"iR_stats_reset\">" . $ch->level . "</td><td class=\"iR_stats_reset\"><a href=\"index.php?page=cauta_ip&ip=" . $ch->ip . "\"><font color=\"white\">" . $ch->ip . "</font></a></td><td class=\"collect\" align=\"center\"><a href=\"index.php?page=a_caracter&id=" . $ch->id . "\"><font color=\"white\">Vizualizare</font></a></td></tr>";
465. }
466.  
467. echo "</table>";
468. }
469. }
470. }
471. }
472. function ban_char()
473. {
474. if (isset($_POST["baneaza"])) {
475. $cont = replace($_GET["cont"]);
476. $motiv = replace($_POST["motiv"]);
477. $perioada = $_POST["perioada"];
478. $query2 = mysql_query("Select * from account.account where id='$cont'");
479. $nrs = mysql_fetch_object($query2);
480.  
481. if (($motiv != NULL) && (mysql_num_rows($query2) == 1)) {
482. if ($perioada == "saptamana") {
483. $per = time() + (7 * 24 * 60 * 60);
484. }
485. else if ($perioada == "luna") {
486. $per = time() + (30 * 24 * 60 * 60);
487. }
488. else if ($perioada == "zi") {
489. $per = time() + (24 * 60 * 60);
490. }
491. else if ($perioada == "3zi") {
492. $per = time() + (3 * 24 * 60 * 60);
493. }
494.  
495. $ban = date("d/m/Y", $per);
496. $data = date("H:i:s d-M-y ");
497.  
498. if ($perioada != "permanent") {
499. mysql_query("Update account.account set unban_date='$ban',motiv_ban='$motiv',status='BLOCK' where id='$cont'");
500. echo succes(banned_1 . " $ban " . banned2);
501. mysql_query("Insert into web.dev_ban_log (admin,player,motiv,durata,data) values('" . $_SESSION["user"] . "','$nrs->login','$motiv','$per','$data')") || exit(mysql_error());
502. }
503. else {
504. mysql_query("Update account.account set unban_date='PERMANENT',motiv_ban='$motiv',status='BLOCK' where id='$cont'");
505. echo succes(ban_permanent);
506. mysql_query("Insert into web.dev_ban_log (admin,player,motiv,durata,data) values('" . $_SESSION["user"] . "','$nrs->login','$motiv','PERMANENT','$data')") || exit(mysql_error());
507. }
508. }
509. else {
510. echo error(ban_reason);
511. }
512. }
513. }
514. function debanare_cont()
515. {
516. if (isset($_GET["debanare"])) {
517. $cont = replace($_GET["debanare"]);
518. $query2 = mysql_query("Select * from account.account where id='$cont' and status='BLOCK'");
519. $ct = mysql_fetch_object($query2);
520. $data = date("H:i:s d-M-y ");
521.  
522. if (mysql_num_rows($query2) == 0) {
523. echo error(acc_noe_nob);
524. }
525. else {
526. mysql_query("Update account.account set motiv_ban='Debanare',status='OK',unban_date='' where id='$cont'");
527. echo succes(acc_unban);
528. mysql_query("Insert into web.dev_ban_log (admin,player,motiv,durata,data) values('" . $_SESSION["user"] . "','$ct->login','Ban scos','UNBANNED','$data')");
529. echo "<meta http-equiv=\"refresh\" content=\"2;url=index.php?page=edit_cont&cont=" . $cont . "\">";
530. }
531. }
532. }
533. function plus_monezi()
534. {
535. if (isset($_POST["adauga"])) {
536. if (isset($_GET["cont"])) {
537. $cont = replace($_GET["cont"]);
538. $cantitate = replace($_POST["cantitate"]);
539. $query2 = mysql_query("Select * from account.account where id='$cont'");
540. $old = mysql_fetch_object($query2);
541.  
542. if (mysql_num_rows($query2) == 0) {
543. echo error(user_noexist);
544. }
545. else {
546. $ocoins = $old->coins;
547. $coins = $cantitate + $ocoins;
548. $data = date("H:i:s d-M-y ");
549. mysql_query("Update account.account set coins='$coins' where id='$cont'");
550. echo succes("" . $cantitate . " " . coins_added . " " . $coins . " MD");
551. mysql_query("Insert into web.dev_log_monezi (data,admin,actiune) values ('$data','" . $_SESSION["user"] . "','A adaugat " . $cantitate . " monezi userului " . $old->login . "')") || exit(mysql_error());
552. echo "<meta http-equiv=\"refresh\" content=\"1;url=index.php?page=edit_cont&cont=" . $cont . "\">";
553. }
554. }
555. }
556. }
557. function editare_caracter()
558. {
559. if (isset($_POST["salveaza"])) {
560. $id = replace($_GET["id"]);
561. $qw = mysql_query("Select * from player.player where id='$id'");
562.  
563. if (mysql_num_rows($qw) == 0) {
564. echo error(char_noexist);
565. }
566. else {
567. $old = mysql_fetch_object($qw);
568. $nume = r_text($_POST["nume"]);
569. $level = replace($_POST["level"]);
570. $clasa = $_POST["job"];
571. $rang = $_POST["rang"];
572. $yang = replace($_POST["yang"]);
573. $st = replace($_POST["st"]);
574. $dx = replace($_POST["dx"]);
575. $iq = replace($_POST["iq"]);
576. $ht = replace($_POST["ht"]);
577. $data = date("h:i:s d/m/Y");
578.  
579. if (($nume != NULL) && ($level != NULL) && ($yang != NULL) && ($st != NULL) && ($dx != NULL) && ($iq != NULL) && ($ht != NULL)) {
580. if (($nume == $old->name) && ($rang == "")) {
581. mysql_query("Update player.player set level='$level',job='$clasa',gold='$yang',st='$st',dx='$dx',iq='$iq',ht='$ht' where id='$id'");
582. echo succes(char_edited);
583. mysql_query("Insert into web.dev_player_edit (data,admin,player,initial,final) values ('$data','" . $_SESSION["user"] . "','" . $old->name . "','Nume : " . $old->name . ", Level: " . $old->level . ", St: " . $old->st . ", Dx: " . $old->st . ", Iq: " . $old->iq . ", Ht: " . $old->ht . "','Nume : $nume, Level: $level,, St: $st, Dx: $st, Iq: $iq, Ht: $ht')");
584. }
585. else if ($rang != "") {
586. $nnm = mysql_query("Select * from player.player where name='$rang$nume'");
587.  
588. if (mysql_num_rows($nnm) == 0) {
589. mysql_query("Update player.player set name='$rang$nume',level='$level',job='$clasa',gold='$yang',st='$st',dx='$dx',iq='$iq',ht='$ht' where id='$id'");
590. echo succes(char_edited_n . " $rang$nume");
591. mysql_query("Insert into web.dev_player_edit (data,admin,player,initial,final) values ('$data','" . $_SESSION["user"] . "','" . $old->name . "','Nume : " . $old->name . ", Level: " . $old->level . ", St: " . $old->st . ", Dx: " . $old->st . ", Iq: " . $old->iq . ", Ht: " . $old->ht . "','Nume : $rang$nume, Level: $level, St: $st, Dx: $st, Iq: $iq, Ht: $ht')");
592. }
593. else {
594. echo error(name_exist);
595. }
596. }
597. else {
598. $nnm = mysql_query("Select * from player.player where name='$rang$nume'");
599.  
600. if (mysql_num_rows($nnm) == 0) {
601. mysql_query("Update player.player set name='$nume',level='$level',job='$clasa',gold='$yang',st='$st',dx='$dx',iq='$iq',ht='$ht' where id='$id'");
602. echo succes("Caracterul a fost editat cu succes!Noul nume $rang$nume");
603. mysql_query("Insert into web.dev_player_edit (data,admin,player,initial,final) values ('$data','" . $_SESSION["user"] . "','" . $old->name . "','Nume : " . $old->name . ", Level: " . $old->level . ", St: " . $old->st . ", Dx: " . $old->st . ", Iq: " . $old->iq . ", Ht: " . $old->ht . "','Nume : $rang$nume, Level: $level, St: $st, Dx: $st, Iq: $iq, Ht: $ht')");
604. }
605. else {
606. echo error(name_exist);
607. }
608. }
609. }
610. else {
611. echo error(all_fields);
612. }
613. }
614. }
615. }
616. function nume_item($vnum)
617. {
618. $q = mysql_query("Select * from player.item_proto where vnum='$vnum'");
619. $m = mysql_fetch_object($q);
620. echo "<b>" . $m->locale_name . "</b>";
621. }
622. function cauta_ip()
623. {
624. if (isset($_POST["cauta"])) {
625. $ip = replace($_POST["ip"]);
626.  
627. if ($ip != NULL) {
628. ($qu = mysql_query("Select * from player.player where ip like '%$ip%'")) || exit(mysql_error());
629.  
630. if (mysql_num_rows($qu) == 0) {
631. echo error(ip_noexist);
632. }
633. else {
634. echo "<table width=\"100%\" border=\"0\" align=\"center\" cellspacing=\"1\" cellpadding=\"1\">";
635. echo "<table width=\"100%\" border=\"0\" align=\"center\" cellspacing=\"1\" cellpadding=\"1\"><tr class=\"top\"><td class=\"iR_stats_level\">Ip</td><td class=\"iR_stats_level\">Cont :: Caracter</td><td>&nbsp;</td></tr>";
636.  
637. while ($ch = mysql_fetch_object($qu)) {
638. $account = mysql_fetch_object(mysql_query("Select * from account.account where id='$ch->account_id'"));
639. echo "<tr class=\"top\">
640. <td class=\"iR_stats_reset\">" . $ch->ip . "</td>
641. <td class=\"iR_stats_reset\"><a href=\"index.php?page=edit_cont&cont=" . $ch->account_id . "\"><font color=\"white\">" . $account->login . "</font></a> :: <a href=\"index.php?page=a_caracter&id=" . $ch->id . "\"><font color=\"white\">" . $ch->name . "</font></a></td>
642. <td class=\"collect\"><a href=\"index.php?page=ban_ip&ip=" . $ch->ip . "\"><font color=\"white\">Baneaza IP</font></a></td>
643. </tr>";
644. }
645.  
646. echo "</table>";
647. }
648. }
649. }
650.  
651. if (isset($_GET["ip"])) {
652. $ip = replace($_GET["ip"]);
653.  
654. if ($ip != NULL) {
655. ($qu = mysql_query("Select * from player.player where ip like '%$ip%'")) || exit(mysql_error());
656.  
657. if (mysql_num_rows($qu) == 0) {
658. echo error(ip_noexist);
659. }
660. else {
661. echo "<table width=\"100%\" border=\"0\" align=\"center\" cellspacing=\"1\" cellpadding=\"1\">";
662. echo "<table width=\"100%\" border=\"0\" align=\"center\" cellspacing=\"1\" cellpadding=\"1\"><tr class=\"top\"><td class=\"iR_stats_level\">Ip</td><td class=\"iR_stats_level\">Cont :: Caracter</td><td>&nbsp;</td></tr>";
663.  
664. while ($ch = mysql_fetch_object($qu)) {
665. $account = mysql_fetch_object(mysql_query("Select * from account.account where id='$ch->account_id'"));
666. echo "<tr class=\"top\">
667. <td class=\"iR_stats_reset\">" . $ch->ip . "</td>
668. <td class=\"iR_stats_reset\"><a href=\"index.php?page=edit_cont&cont=" . $ch->account_id . "\"><font color=\"white\">" . $account->login . "</font></a> :: <a href=\"index.php?page=a_caracter&id=" . $ch->id . "\"><font color=\"white\">" . $ch->name . "</font></a></td>
669. <td class=\"collect\"><a href=\"index.php?page=ban_ip&ip=" . $ch->ip . "\"><font color=\"white\">Baneaza IP</font></a></td>
670. </tr>";
671. }
672.  
673. echo "</table>";
674. }
675. }
676. }
677. }
678. function ban_ip()
679. {
680. $ip = replace($_GET["ip"]);
681. ($qu = mysql_query("Select * from player.player where ip='$ip'")) || exit(mysql_error());
682.  
683. if (mysql_num_rows($qu) == 0) {
684. echo error(ip_noexist);
685. }
686. else {
687. $ban = "PERMANENT";
688. $motiv = "BANIP";
689. $data = date("H:i:s d-M-y ");
690.  
691. while ($inf = mysql_fetch_object($qu)) {
692. mysql_query("Update account.account set unban_date='$ban',motiv_ban='$motiv',status='BLOCK' where id='" . $inf->account_id . "'");
693. $nnf = mysql_fetch_object(mysql_query("Select * from account.account where id='" . $inf->account_id . "'"));
694. mysql_query("Insert into web.dev_ban_log (admin,player,motiv,durata,data) values('" . $_SESSION["user"] . "','$nnf->login','$motiv','$ban','$data')") || exit(mysql_error());
695. ++$nr;
696. }
697.  
698. echo succes(acc_ban . " $ip " . acc_ban2);
699. mysql_query("Insert into web.web_log_banip (admin,actiune) values ('" . $_SESSION["user"] . "','Conturile cu ip $ip au fost banate cu succes.Perioada ban : PERMANENT')");
700. echo "<meta http-equiv=\"refresh\" content=\"2;url=index.php?page=cauta_ip\">";
701. }
702. }
703. function cauta_vnum()
704. {
705. include ("inc/daten.inc.php");
706.  
707. if (isset($_POST["cauta"])) {
708. $vnum = replace($_POST["vnum"]);
709. $window = $_POST["locatie"];
710.  
711. if ($vnum != NULL) {
712. ($sqlCmd = mysql_query("SELECT item.*,player.name,player.account_id,account.login \r\n FROM player.item\r\n INNER JOIN player.player \r\n ON player.id=item.owner_id \r\n INNER JOIN account.account \r\n ON account.id=player.account_id \r\n WHERE item.vnum='" . $vnum . "' \r\n AND window='" . $window . "'")) || exit(mysql_error());
713. ($sqlCmd2 = mysql_query("SELECT item.*,account.id AS account_id,account.login\r\n FROM player.item\r\n INNER JOIN account.account \r\n ON account.id=item.owner_id \r\n WHERE item.vnum='" . $vnum . "' \r\n AND window='" . $window . "'")) || exit(mysql_error());
714. $iss = mysql_num_rows($sqlCmd);
715. echo succes("$iss iteme gasite.")."<table width=\"100%\" border=\"0\" align=\"center\" cellspacing=\"1\" cellpadding=\"1\"><tr><td class=\"iR_stats_level\">Owner</td><td class=\"iR_stats_level\">id</td><td class=\"iR_stats_level\">bonusuri</td></tr>";
716.  
717. while ($ch = mysql_fetch_object($sqlCmd)) {
718. echo "<tr>
719. <td class=\"iR_stats_level\">
720. <a href=\"index.php?page=edit_cont&cont=" . $ch->account_id . "\">
721. <font color=\"white\">" . $ch->login . " :: " . $ch->name . "</font></a></td>
722. <td class=\"iR_stats_level\">" . $ch->id . "</td>
723. <td class=\"iR_stats_level\">";
724. $i = 0;
725.  
726. while ($i < 7) {
727. if ($i == 0) {
728. $akBoni = $ch->attrtype0;
729. $akWert = $ch->attrvalue0;
730. }
731.  
732. if ($i == 1) {
733. $akBoni = $ch->attrtype1;
734. $akWert = $ch->attrvalue1;
735. }
736.  
737. if ($i == 2) {
738. $akBoni = $ch->attrtype2;
739. $akWert = $ch->attrvalue2;
740. }
741.  
742. if ($i == 3) {
743. $akBoni = $ch->attrtype3;
744. $akWert = $ch->attrvalue3;
745. }
746.  
747. if ($i == 4) {
748. $akBoni = $ch->attrtype4;
749. $akWert = $ch->attrvalue4;
750. }
751.  
752. if ($i == 5) {
753. $akBoni = $ch->attrtype5;
754. $akWert = $ch->attrvalue5;
755. }
756.  
757. if ($i == 6) {
758. $akBoni = $ch->attrtype6;
759. $akWert = $ch->attrvalue6;
760. }
761.  
762. echo "#" . ($i + 1) . "&nbsp;";
763.  
764. if (isset($itemBoni[$akBoni])) {
765. echo $itemBoni[$akBoni];
766. }
767. else {
768. echo $akBoni;
769. }
770.  
771. echo ":&nbsp;" . $akWert."<br/>";
772. ++$i;
773. }
774.  
775. echo "</td></tr>";
776. }
777.  
778. echo "</table>";
779. }
780. }
781. }
782. function auto_unban()
783. {
784. $data = date("d/m/Y");
785. $query = mysql_query("Select * from account.account where unban_date <= '$data'");
786.  
787. while ($cont = mysql_fetch_object($query)) {
788. mysql_query("Update account.account set unban_date='',motiv_ban='',status='OK' where id='$cont->id'") || exit(mysql_error());
789. }
790. }
791. function sterge_cont_automat()
792. {
793. $data = date("d/m/Y");
794. $query = mysql_query("Select * from account.account where data_stergere='$data'");
795.  
796. while ($cont = mysql_fetch_object($query)) {
797. mysql_query("Delete from account.account where id='$cont->id'");
798. }
799. }
800. function adauga_admini()
801. {
802. if (isset($_POST["submit"])) {
803. $cont = replace($_POST["cont"]);
804. $char = replace($_POST["caracter"]);
805. $acces = $_POST["mAuthority"];
806.  
807. if (($cont != NULL) && ($char != NULL)) {
808. mysql_query("Insert into common.gmlist (mAccount,mName,mAuthority) values ('$cont','$char','$acces')");
809. echo succes(acc_char . " $char" . is_now . " $acces");
810. }
811. }
812. }
813. function check_donate()
814. {
815. if (isset($_GET["cod"]) && is_numeric($_GET["cod"]) && ($_GET["set_status"] == "Valid")) {
816. $cod = replace($_GET["cod"]);
817. $admin = $_SESSION["user"];
818. include ("configurare.php");
819. $query = mysql_query("Select * from web.donate where cod='$cod' and status='In curs de verificare'");
820.  
821. if (mysql_num_rows($query) == 1) {
822. $fetch = mysql_fetch_object($query);
823. $query2 = mysql_query("Select * from account.account where login='$fetch->cont'");
824. $fetch2 = mysql_fetch_object($query2);
825. $rasplata = $fetch->valoarea * $rasplata_euro;
826. $paid = $rasplata + $fetch2->coins;
827. mysql_query("Update account.account set coins='$paid' where login='" . $fetch->cont . "'");
828. mysql_query("Update web.donate set status='Valid',admin='$admin' where cod='$cod'");
829. echo succes(donate1 . " $cod" . donate2 . " " . $fetch2->login . " " . donate3 . " " . $rasplata . "" . donate4 . " $paid MD.");
830. }
831. else {
832. error(cod_validated);
833. }
834. }
835.  
836. if (isset($_GET["cod"]) && is_numeric($_GET["cod"]) && ($_GET["set_status"] == "Invalid")) {
837. $cod = replace($_GET["cod"]);
838. $admin = $_SESSION["user"];
839. $query = mysql_query("Select * from web.donate where cod='$cod' and status='In curs de verificare'");
840.  
841. if (mysql_num_rows($query) == 1) {
842. mysql_query("Update web.donate set status='Invalid',admin='$admin' where cod='$cod'");
843. echo succes(donate1 . " $cod " . donate22);
844. }
845. else {
846. error(cod_validated);
847. }
848. }
849. }
850. function retrage_item()
851. {
852. if (isset($_GET["retrage"])) {
853. $ii = replace($_GET["retrage"]);
854. $m2pos = mysql_query("Select * from player.item where owner_id='" . $_SESSION["userid"] . "' and window='MALL' order by pos desc limit 0,1");
855. $positione = mysql_fetch_object($m2pos);
856. $posact = $positione->pos;
857. $error = 0;
858. $data = date("h:i:s d/M/Y");
859.  
860. if ($posact < 48) {
861. $posact = $posact + 1;
862.  
863. if ($posact == "0") {
864. ++$posact;
865. }
866. }
867. else {
868. $error = 1;
869. echo error(full_warehouse);
870. }
871.  
872. if ($error != 1) {
873. mysql_query("UPDATE player.item SET owner_id='" . $_SESSION["userid"] . "', window='MALL', pos='$posact' WHERE id='" . $ii . "'");
874. echo succes(w_ii . "" . $ii . "" . w_ii2 . "");
875. mysql_query("Insert into web.dev_log_retrage (data,admin,actiune) values ('$data','" . $_SESSION["user"] . "','Itemul cu id " . $ii . " a fost retras cu succes.')");
876. }
877. }
878. }
879. function vote()
880. {
881. $id = replace($_GET["voteid"]);
882. $ip = getenv("REMOTE_ADDR");
883. $owneri = mysql_query("Select id,coins from account.account where login='" . $_SESSION["user"] . "'");
884. $owner = mysql_fetch_object($owneri);
885. $ownerid = $owner->id;
886. $coinsa = $owner->coins;
887. $time = time();
888. $hours = time() + (12 * 60 * 60);
889. $sql1 = mysql_query("Select * from web.votes where accountid='$ownerid' and voteid='$id' ");
890. $sql11 = mysql_fetch_object($sql1);
891. $siteid = $sql11->voteid;
892. $data = $sql11->data;
893. ($justip = mysql_query("Select ip from web.votes where ip='$ip'")) || exit(mysql_error());
894. ($vi = mysql_query("Select * from web.vote where id='$id'")) || exit(mysql_error());
895. ($viv = mysql_query("Select valoare from web.vote where id='$id'")) || exit(mysql_error());
896. $coin = mysql_fetch_object($viv);
897. $value = $coin->valoare;
898. $rasplata = $coinsa + $value;
899.  
900. if (mysql_num_rows($vi) == 0) {
901. echo error(v_invalid);
902. }
903. else if (1 <= mysql_num_rows($sql1)) {
904. if ($data <= $time) {
905. mysql_query("Delete from web.votes where voteid='$id' and accountid='$ownerid'");
906. mysql_query("Insert into web.votes (data,voteid,accountid,ip) values ('$hours','$id','$ownerid','$ip')");
907. mysql_query("Update account.account set coins='$rasplata' where id='$ownerid'");
908. $oradata = date("H:i:s d/m/Y");
909. $ip = getenv("REMOTE_ADDR");
910. $link = $vl->link;
911. echo succes(v_redirect);
912. echo "<meta http-equiv=\"refresh\" content=\"1;url=http://" . $link . "\">";
913. }
914. else {
915. echo error(v_voted);
916. }
917. }
918. else {
919. mysql_query("Insert into web.votes (data,voteid,accountid,ip) values ('$hours','$id','$ownerid','$ip')");
920. $oradata = date("H:i:s d/m/Y");
921. $ip = getenv("REMOTE_ADDR");
922. mysql_query("Update account set coins='$rasplata' where id='$ownerid'");
923. $vl = mysql_fetch_object($vi);
924. $link = $vl->link;
925. echo succes(v_redirect);
926. echo "<meta http-equiv=\"refresh\" content=\"1;url=http://" . $link . "\">";
927. }
928. }
929. function link_vot()
930. {
931. if (isset($_POST["adauga"])) {
932. $nume = replace($_POST["nume"]);
933. $valoare = replace($_POST["valoare"]);
934. $link = replace($_POST["link"]);
935. if ($link && $valoare && $nume) {
936. mysql_query("Insert into web.vote (nume,valoare,link) values ('$nume','$valoare','$link')") || exit(mysql_error());
937. echo succes(v_link);
938. }
939. else {
940. echo error(all_fields);
941. }
942. }
943. }
944. function a_parola()
945. {
946. if (isset($_POST["schimba"])) {
947. if (isset($_GET["cont"]) && is_numeric($_GET["cont"])) {
948. $cont = replace($_GET["cont"]);
949.  
950. if ($cont != NULL) {
951. $check = mysql_query("Select * from account.account where id='$cont'");
952. $ft = mysql_fetch_object($check);
953.  
954. if (mysql_num_rows($check) == 1) {
955. $parola = replace($_POST["parola"]);
956.  
957. if ($parola != NULL) {
958. mysql_query("Update account.account set password=password('$parola') where id='$cont'");
959. echo succes(new_pw . "$ft->login" . new_pw2 . "$parola.");
960. }
961. }
962. }
963. else {
964. echo error(pw_err);
965. }
966. }
967. }
968. }
969. function romana($var)
970. {
971. $new_var = str_replace("г", "a", $var);
972. $new_var = str_replace("г", "a", $new_var);
973. $new_var = str_replace("в", "a", $new_var);
974. $new_var = str_replace("О", "I", $new_var);
975. $new_var = str_replace("о", "i", $new_var);
976. $new_var = str_replace("s", "s", $new_var);
977. $new_var = str_replace("t", "t", $new_var);
978. $new_var = str_replace("A", "A", $new_var);
979. $new_var = str_replace("В", "I", $new_var);
980. $new_var = str_replace("S", "S", $new_var);
981. $new_var = str_replace("T", "T", $new_var);
982. $new_var = str_replace("ю", "t", $new_var);
983. $new_var = str_replace("є", "s", $new_var);
984. $new_var = str_replace("2147483647", "-15", $new_var);
985. return $new_var;
986. }
987. function img_item($item)
988. {
989. $q = mysql_query("Select img_status FROM web.dev_is_items where vnum='$item'");
990. $it = mysql_fetch_object($q);
991. $itemalin = mysql_fetch_row(mysql_query("SELECT imagine from web.dev_is_items where vnum='$item'"));
992.  
993. if ("0" < $it->img_status) {
994. echo "<div align='center'><img src='images/item/$itemalin[0].png'></div>";
995. }
996. else {
997. if (strlen($item) == 1) {
998. $immagine_item = "images/item/0000" . $item . ".png";
999. }
1000.  
1001. if (strlen($item) == 2) {
1002. $immagine_item = "images/item/000" . substr($item, 0, 1) . "0.png";
1003. }
1004.  
1005. if (strlen($item) == 3) {
1006. $immagine_item = "images/item/00" . substr($item, 0, 2) . "0.png";
1007. }
1008.  
1009. if (strlen($item) == 4) {
1010. $immagine_item = "images/item/0" . substr($item, 0, 3) . "0.png";
1011. }
1012.  
1013. if (strlen($item) == 5) {
1014. $immagine_item = "images/item/" . substr($item, 0, 4) . "0.png";
1015. }
1016.  
1017. if (strlen($item) == 6) {
1018. $immagine_item = "images/item/" . substr($item, 0, 5) . "0.png";
1019. }
1020.  
1021. if (strlen($item) == 0) {
1022. $immagine_item = "images/item/error.png";
1023. }
1024.  
1025. echo "<div align='center'><img src='$immagine_item' border='0px' alt='' align='center' style='max-height:90px;'></div>";
1026. }
1027. }
1028. function img_item_jd($item)
1029. {
1030. $q = mysql_query("Select img_status FROM web.dev_jd_items where vnum='$item'");
1031. $it = mysql_fetch_object($q);
1032. $itemalin = mysql_fetch_row(mysql_query("SELECT imagine from web.dev_jd_items where vnum='$item'"));
1033.  
1034. if ("0" < $it->img_status) {
1035. echo "<div align='center'><img src='images/item/$itemalin[0].png'></div>";
1036. }
1037. else {
1038. if (strlen($item) == 1) {
1039. $immagine_item = "images/item/0000" . $item . ".png";
1040. }
1041.  
1042. if (strlen($item) == 2) {
1043. $immagine_item = "images/item/000" . substr($item, 0, 1) . "0.png";
1044. }
1045.  
1046. if (strlen($item) == 3) {
1047. $immagine_item = "images/item/00" . substr($item, 0, 2) . "0.png";
1048. }
1049.  
1050. if (strlen($item) == 4) {
1051. $immagine_item = "images/item/0" . substr($item, 0, 3) . "0.png";
1052. }
1053.  
1054. if (strlen($item) == 5) {
1055. $immagine_item = "images/item/" . substr($item, 0, 4) . "0.png";
1056. }
1057.  
1058. if (strlen($item) == 6) {
1059. $immagine_item = "images/item/" . substr($item, 0, 5) . "0.png";
1060. }
1061.  
1062. if (strlen($item) == 0) {
1063. $immagine_item = "images/item/error.png";
1064. }
1065.  
1066. echo "<div align='center'><img src='$immagine_item' border='0px' alt='' align='center' style='max-height:90px;'></div>";
1067. }
1068. }
1069. function resetare_parola()
1070. {
1071. if (isset($_POST["reseteaza"])) {
1072. $cont = replace($_GET["cont"]);
1073. $password = substr(hash("sha512", rand()), 0, 7);
1074. $check = mysql_query("Select * from account.account where id='$cont'");
1075.  
1076. if (mysql_num_rows($check) == 0) {
1077. echo error(user_noexist);
1078. }
1079. else {
1080. include ("configurare.php");
1081. $query = mysql_query("Select * from account.account where id='$cont'");
1082. $conts = mysql_fetch_object($query);
1083. mysql_query("Update account.account set password=PASSWORD('$password') where id='$cont'");
1084. echo succes("" . $conts->login . " :: Noua parola $password a fost trimisa la email " . $conts->email . ".");
1085. $to = $conts->email;
1086. $subject = "Your new password!";
1087. $message = "Hi " . $conts->login . "!\r\n\r\n\t\t\tYou have requested to reset your old password.\r\n\r\n\t\t\tYour new password is : " . $password . "\r\n\r\n\t\t\t\r\n\t\t\tWith welcome\r\n\r\n\t\t\t" . $titlu . ".";
1088. new mail($to, $subject, $message);
1089. }
1090. }
1091. }
1092. function adauga_news()
1093. {
1094. if (isset($_POST["adauga"])) {
1095. $titlu = replace($_POST["titlu"]);
1096. $tip = $_POST["tip"];
1097. $continut = $_POST["elm1"];
1098. $data = date("h:i:s d/M/Y");
1099. if ($titlu && $continut) {
1100. mysql_query("Insert into web.dev_news (data,tip,continut,titlu) values ('$data','$tip','$continut','$titlu')");
1101. echo succes("Stire adaugata cu succes!");
1102. }
1103. else {
1104. echo error("Spatii libere");
1105. }
1106. }
1107. }
1108. function adauga_descarcari()
1109. {
1110. if (isset($_POST["adauga"])) {
1111. $nume = replace($_POST["nume"]);
1112. $tip = $_POST["tip"];
1113. $link = replace($_POST["link"]);
1114. $marime = replace($_POST["marime"]);
1115. $data = date("d/M/Y");
1116. if ($nume && $link && $marime) {
1117. mysql_query("Insert into web.dev_descarcari (data,tip,nume,link,marime) values ('$data','$tip','$nume','$link','$marime')") || exit(mysql_error());
1118. echo succes(d_link);
1119. }
1120. else {
1121. echo error(all_fields);
1122. }
1123. }
1124. }
1125. function BuyItem()
1126. {
1127. include ("daten.inc.php");
1128. include ("configurare.php");
1129.  
1130. if (isset($_SESSION["user"]) && isset($_SESSION["pass"])) {
1131. if (isset($_GET) && ($_GET["buy"] != NULL)) {
1132. $getbuy = replace($_GET["buy"]);
1133. $m2user = mysql_fetch_object(mysql_query("Select * from account.account where login='" . $_SESSION["user"] . "'"));
1134. $m2engine2 = mysql_query("Select * from web.dev_is_items where id='" . $getbuy . "'");
1135. $luamid = mysql_query("select * from player.item where id=(SELECT MAX(id) FROM player.item)");
1136. $idul = mysql_fetch_array($luamid);
1137. $item_id_final = $idul["id"] + 1;
1138.  
1139. if (mysql_num_rows($m2engine2) != NULL) {
1140. $owner_id = $m2user->id;
1141. $monezi_actuale = $m2user->coins;
1142. $jetoane_actuale = $m2user->jcoins;
1143. $m2engine = mysql_fetch_object($m2engine2);
1144. $preta = $m2engine->pret;
1145. $pretf = ($reducere / 100) * $preta;
1146. $pretrr = $preta - $pretf;
1147. $pret = round($pretrr);
1148. $new_coins = $monezi_actuale - $pret;
1149. $new_jcoins = $jetoane_actuale + $pret;
1150. ($m2pos = mysql_query("Select * from player.item where owner_id='$owner_id' and window='MALL' order by pos desc limit 0,1")) || exit(mysql_error());
1151. $positione = mysql_fetch_object($m2pos);
1152. $posact = $positione->pos;
1153. $error = 0;
1154.  
1155. if ($posact < 48) {
1156. $posact = $posact + 1;
1157.  
1158. if ($posact == "0") {
1159. ++$posact;
1160. }
1161. }
1162. else {
1163. $error = 1;
1164. echo alert(full_warehouse);
1165. }
1166.  
1167. if ($monezi_actuale < $pret) {
1168. $error = 1;
1169. echo error(low_coins)."<meta HTTP-EQUIV='REFRESH' content='0; url=index.php'>";
1170. }
1171. else if ($error != 1) {
1172. mysql_query("Update account.account set coins='$new_coins' where id='$owner_id'");
1173.  
1174. if ("0" < $jd_module) {
1175. mysql_query("Update account.account set jcoins='$new_jcoins' where id='$owner_id'");
1176. }
1177.  
1178. $count = $m2engine->count;
1179.  
1180. if (empty($count)) {
1181. $count = 1;
1182. }
1183.  
1184. if ($m2engine->game_nou == "1") {
1185. $timp = time() + $m2engine->socket0;
1186. }
1187. else {
1188. $timp = $m2engine->socket0;
1189. }
1190.  
1191. mysql_query("INSERT INTO player.item \r\n\t\t\t\t(owner_id,window,pos,count,vnum,attrtype0, attrvalue0, attrtype1, attrvalue1, attrtype2, attrvalue2, attrtype3, attrvalue3, attrtype4, attrvalue4, attrtype5, attrvalue5, attrtype6, attrvalue6, socket0, socket1, socket2)\r\n\t\t\t\tVALUES \r\n\t\t\t\t('" . mysql_real_escape_string($owner_id) . "','MALL','" . $posact . "','" . $count . "','" . $m2engine->vnum . "','" . $m2engine->attrtype0 . "', '" . $m2engine->attrvalue0 . "', '" . $m2engine->attrtype1 . "', '" . $m2engine->attrvalue1 . "', '" . $m2engine->attrtype2 . "', '" . $m2engine->attrvalue2 . "', '" . $m2engine->attrtype3 . "', '" . $m2engine->attrvalue3 . "', '" . $m2engine->attrtype4 . "', '" . $m2engine->attrvalue4 . "', '" . $m2engine->attrtype5 . "', '" . $m2engine->attrvalue5 . "', '" . $m2engine->attrtype6 . "', '" . $m2engine->attrvalue6 . "', '" . $timp . "', '" . $m2engine->socket1 . "', '" . $m2engine->socket2 . "')") || exit(mysql_error());
1192. $luamid = mysql_query("select * from player.item where id=(SELECT MAX(id) FROM player.item)");
1193. $idul = mysql_fetch_array($luamid);
1194. $item_id_final = $idul["id"] + 1;
1195. $today = date("H:i:s d/m/Y");
1196. mysql_query("Insert into web.dev_is_logs\r\n\t\t(owner_id,item_id,vnum,pret,timp) values \r\n\t\t('$owner_id','$item_id_final','$m2engine->vnum','$pret','$today')\r\n\t\t") || exit(mysql_error());
1197. succes("<font color='black'>Item cumparat cu succes . Verificati itemshop pozitia " . $posact . "</font> ");
1198. echo "<meta http-equiv=\"refresh\" content=\"2;url=index.php?page=itemshop\">";
1199. }
1200. }
1201. }
1202. }
1203. else {
1204. echo restricted;
1205. }
1206. }
1207. function JBuyItem()
1208. {
1209. if (isset($_GET) && is_numeric($_GET["buy"])) {
1210. include ("configurare.php");
1211. $getbuy = replace($_GET["buy"]);
1212. $m2user = mysql_fetch_object(mysql_query("Select * from account.account where login='" . $_SESSION["user"] . "'"));
1213. $m2engine2 = mysql_query("Select * from web.dev_jd_items where id='" . $getbuy . "'");
1214. $luamid = mysql_query("select * from player.item where id=(SELECT MAX(id) FROM player.item)");
1215. $idul = mysql_fetch_array($luamid);
1216. $item_id_final = $idul["id"] + 1;
1217.  
1218. if (mysql_num_rows($m2engine2) != NULL) {
1219. $owner_id = $m2user->id;
1220. $jmonezi_actuale = $m2user->jcoins;
1221. $m2engine = mysql_fetch_object($m2engine2);
1222. $preta = $m2engine->pret;
1223. $pretf = ($reducere / 100) * $preta;
1224. $pretrr = $preta - $pretf;
1225. $pret = round($pretrr);
1226. $new_jcoins = $jmonezi_actuale - $pret;
1227. ($m2pos = mysql_query("Select * from player.item where owner_id='$owner_id' and window='MALL' order by pos desc limit 0,1")) || exit(mysql_error());
1228. $positione = mysql_fetch_object($m2pos);
1229. $posact = $positione->pos;
1230. $error = 0;
1231.  
1232. if ($posact < 48) {
1233. $posact = $posact + 1;
1234.  
1235. if ($posact == "0") {
1236. ++$posact;
1237. }
1238. }
1239. else {
1240. $error = 1;
1241. echo error(fullwarehouse);
1242. }
1243.  
1244. if ($jmonezi_actuale < $pret) {
1245. $error = 1;
1246. echo error(nomd)."<meta HTTP-EQUIV='REFRESH' content='1; url=index.php?page=jshop'>";
1247. }
1248. else if ($error != 1) {
1249. mysql_query("Update account.account set jcoins='$new_jcoins' where id='$owner_id'");
1250. mysql_query("INSERT INTO player.item \r\n\t\t\t\t(owner_id,window,pos,count,vnum,attrtype0, attrvalue0, attrtype1, attrvalue1, attrtype2, attrvalue2, attrtype3, attrvalue3, attrtype4, attrvalue4, attrtype5, attrvalue5, attrtype6, attrvalue6, socket0, socket1, socket2)\r\n\t\t\t\tVALUES \r\n\t\t\t\t('" . mysql_real_escape_string($owner_id) . "','MALL','" . $posact . "','1','" . $m2engine->vnum . "','" . $m2engine->attrtype0 . "', '" . $m2engine->attrvalue0 . "', '" . $m2engine->attrtype1 . "', '" . $m2engine->attrvalue1 . "', '" . $m2engine->attrtype2 . "', '" . $m2engine->attrvalue2 . "', '" . $m2engine->attrtype3 . "', '" . $m2engine->attrvalue3 . "', '" . $m2engine->attrtype4 . "', '" . $m2engine->attrvalue4 . "', '" . $m2engine->attrtype5 . "', '" . $m2engine->attrvalue5 . "', '" . $m2engine->attrtype6 . "', '" . $m2engine->attrvalue6 . "', '" . $m2engine->socket0 . "', '" . $m2engine->socket1 . "', '" . $m2engine->socket2 . "')");
1251. $today = date("H:i:s d/m/Y");
1252. mysql_query("Insert into web.dev_is_logs (owner_id,item_id,vnum,pret,timp) values ('$owner_id','$item_id_final','$m2engine->vnum','$pret','$today')") || exit(mysql_error());
1253. echo succes(ibuy)."<meta HTTP-EQUIV='REFRESH' content='1; url=index.php?page=jshop'>";
1254. }
1255. }
1256. }
1257. }
1258. function update_categorii()
1259. {
1260. $getCats = mysql_query("Select * from web.dev_is_cat");
1261. $cN = 0;
1262.  
1263. while ($cName = mysql_fetch_object($getCats)) {
1264. ++$cN;
1265. $categorii .= "<td class='is_cat'>\r\n\t<a href='index.php?page=itemshop&cat=" . $cName->id . "'>" . $cName->titlu . "</a>\r\n\t</td>";
1266.  
1267. if (($cN % 4) == 0) {
1268. $categorii .= "</tr><tr>";
1269. }
1270. }
1271.  
1272. if (file_exists("cache/itemshop/categorii.txt")) {
1273. unlink("cache/itemshop/categorii.txt");
1274. $cats = fopen("cache/itemshop/categorii.txt", "w");
1275. fwrite($cats, $categorii);
1276. fclose($cats);
1277. }
1278. else {
1279. $cats = fopen("cache/itemshop/categorii.txt", "w");
1280. fwrite($cats, $categorii);
1281. fclose($cats);
1282. }
1283. }
1284. function update_meniu()
1285. {
1286. $getCats = mysql_query("Select * from web.dev_menu_links WHERE type='utilizator'");
1287.  
1288. while ($cName = mysql_fetch_object($getCats)) {
1289. $categorii .= "<tr><td class='main_menu'>\r\n\t<a href='" . $cName->link . "'>&raquo; " . $cName->nume . "</a>\r\n\t</td></tr>";
1290. }
1291.  
1292. if (file_exists("cache/meniuri/meniu.txt")) {
1293. unlink("cache/meniuri/meniu.txt");
1294. $cats = fopen("cache/meniuri/meniu.txt", "w");
1295. fwrite($cats, $categorii);
1296. fclose($cats);
1297. }
1298. else {
1299. $cats = fopen("cache/meniuri/meniu.txt", "w");
1300. fwrite($cats, $categorii);
1301. fclose($cats);
1302. }
1303. }
1304. function update_meniu_normal()
1305. {
1306. $getCats = mysql_query("Select * from web.dev_menu_links WHERE type='normal'");
1307.  
1308. while ($cName = mysql_fetch_object($getCats)) {
1309. $categorii .= "<tr><td class='main_menu'>\r\n\t<a href='" . $cName->link . "'> " . $cName->nume . "</a>\r\n\t</td></tr>";
1310. }
1311.  
1312. if (file_exists("cache/meniuri/meniu_normal.txt")) {
1313. unlink("cache/meniuri/meniu_normal.txt");
1314. $cats = fopen("cache/meniuri/meniu_normal.txt", "w");
1315. fwrite($cats, $categorii);
1316. fclose($cats);
1317. }
1318. else {
1319. $cats = fopen("cache/meniuri/meniu_normal.txt", "w");
1320. fwrite($cats, $categorii);
1321. fclose($cats);
1322. }
1323. }
1324. function playerstats()
1325. {
1326. $unu = 0;
1327. $doi = 0;
1328. $trei = 0;
1329. $aLL = mysql_query("SELECT * FROM player.player WHERE DATE_SUB(NOW(), INTERVAL 5 MINUTE) < last_play;");
1330.  
1331. if ($oN = mysql_fetch_object($aLL)) {
1332. ($r1 = mysql_query("SELECT * FROM player.player_index where id='" . $oN->account_id . "' and empire='1'")) || exit(mysql_error());
1333.  
1334. while ($s1 = mysql_fetch_object($r1)) {
1335. ++$unu;
1336. }
1337.  
1338. ($r2 = mysql_query("SELECT * FROM player.player_index where id='" . $oN->account_id . "' and empire='2'")) || exit(mysql_error());
1339.  
1340. while ($s2 = mysql_fetch_object($r2)) {
1341. ++$doi;
1342. }
1343.  
1344. ($r3 = mysql_query("SELECT * FROM player.player_index where id='" . $oN->account_id . "' and empire='3'")) || exit(mysql_error());
1345.  
1346. ++$trei;
1347. }
1348.  
1349. $total = $unu + $doi + $trei;
1350. $latime = 220;
1351. $red = round(($latime / $total) * $unu);
1352. $yellow = round(($latime / $total) * $doi);
1353. $blue = round(($latime / $total) * $trei);
1354. echo "<table width=\"220\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" height=\"16\" style=\"padding-top:2px; margin-left:0px;\" align=\"center\">
1355. <tr style=\"-moz-border-radius: 10px; border-radius: 10px;\">";
1356.  
1357. if ("0" < $red) {
1358. echo "
1359. <td width=\"" . $red . "\" style=\"background-image:url(images/bars/barred.png); width: " . $red . "px;\"></td>";
1360. }
1361.  
1362. if ("0" < $yellow) {
1363. echo "<td width=\"" . $yellow . "\" style=\"background-image:url(images/bars/baryellow.png); width:" . $yellow . "px;\">&nbsp;</td>";
1364. }
1365.  
1366. if ("0" < $blue) {
1367. echo "<td width=\"" . $blue . "\" style=\"background-image:url(images/bars/barblue.png); width:" . $blue . "px;\">&nbsp;</td>";
1368. }
1369.  
1370. echo "</tr>
1371. </table>";
1372. }
1373. function buy_pachet()
1374. {
1375. if (isset($_GET) && is_numeric($_GET["buy_pachet"])) {
1376. $getbuy = replace($_GET["buy_pachet"]);
1377. $gUser = mysql_fetch_object(mysql_query("Select * from account.account where login='" . $_SESSION["user"] . "'"));
1378. $owner_id = $gUser->id;
1379. $getPachet = mysql_query("Select * from web.dev_pachetele_pachetele where id='$getbuy'");
1380. $dPachet = mysql_fetch_object($getPachet);
1381. $getItems = mysql_query("Select * from web.dev_is_items where pachet_id='$getbuy'");
1382.  
1383. if (mysql_num_rows($getPachet) == NULL) {
1384. echo error(p_exist);
1385. }
1386. else if (mysql_num_rows($getItems) == NULL) {
1387. echo error(p_items);
1388. }
1389. else {
1390. $pPret = $dPachet->pret;
1391. $mMonezi = $gUser->coins;
1392. $new_coins = $mMonezi - $pPret;
1393.  
1394. if ($mMonezi < $pPret) {
1395. echo error(nomd)."<meta http-equiv=\"refresh\" content=\"2;url=index.php?page=pachete_promotionale\">";
1396. }
1397. else {
1398. ($m2pos = mysql_query("Select * from player.item where owner_id='$owner_id' and window='MALL' order by pos desc limit 0,1")) || exit(mysql_error());
1399. $positione = mysql_fetch_object($m2pos);
1400. $posact = $positione->pos;
1401. $error = 0;
1402.  
1403. if ($posact <= 40) {
1404. $posact = $posact + 1;
1405.  
1406. if ($posact == "0") {
1407. $posact = $posact + 1;
1408. }
1409. }
1410. else {
1411. $error = 1;
1412. echo error(fullwarehouse);
1413. }
1414.  
1415. if ($error != 1) {
1416. while ($m2engine = mysql_fetch_object($getItems)) {
1417. ++$posact;
1418. mysql_query("Update account.account set coins='$new_coins' where id='$owner_id'");
1419. mysql_query("INSERT INTO player.item (owner_id,window,pos,count,vnum,attrtype0, attrvalue0, attrtype1, attrvalue1, attrtype2, attrvalue2, attrtype3, attrvalue3, attrtype4, attrvalue4, attrtype5, attrvalue5, attrtype6, attrvalue6, socket0, socket1, socket2) VALUES ('" . mysql_real_escape_string($owner_id) . "','MALL','" . $posact . "','" . $m2engine->count . "','" . $m2engine->vnum . "','" . $m2engine->attrtype0 . "', '" . $m2engine->attrvalue0 . "', '" . $m2engine->attrtype1 . "', '" . $m2engine->attrvalue1 . "', '" . $m2engine->attrtype2 . "', '" . $m2engine->attrvalue2 . "', '" . $m2engine->attrtype3 . "', '" . $m2engine->attrvalue3 . "', '" . $m2engine->attrtype4 . "', '" . $m2engine->attrvalue4 . "', '" . $m2engine->attrtype5 . "', '" . $m2engine->attrvalue5 . "', '" . $m2engine->attrtype6 . "', '" . $m2engine->attrvalue6 . "', '" . $m2engine->socket0 . "', '" . $m2engine->socket1 . "', '" . $m2engine->socket2 . "')");
1420. }
1421.  
1422. $today = date("H:i:s d/m/Y");
1423. mysql_query("Insert into web.dev_log_pachete (owner_id,item_id,vnum,pret,timp) values ('$owner_id','$item_id_final','$dPachet->titlu','$pPret','$today')") || exit(mysql_error());
1424. echo succes(pbuy)."<meta http-equiv=\"refresh\" content=\"1;url=index.php?page=pachete_promotionale\">";
1425. }
1426. }
1427. }
1428. }
1429. }
1430. include ("lang/lang_en.php");
1431. include ("inc/daten.inc.php");
1432. include ("inc/mail_class.php");
1433. }
1434.  
1435. ?>