Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include('./anti_inject.php');
- $getuser = $_POST['user'];
- $dbname="blanked out";
- $dbuser="blanked out";
- $dbpass="blanked out";
- $msconnect=odbc_connect("$dbname","$dbuser","$dbpass");
- $dbname2="KN_online";
- $dbuser2="knight";
- $dbpass2="knight";
- $msconnect2=odbc_connect("$dbname2","$dbuser2","$dbpass2");
- $getclan=odbc_exec($msconnect2,"SELECT strcharid from currentuser where straccountid = '$getuser'");
- while(odbc_fetch_row($getclan)) {
- $char=odbc_result($getclan, 1);
- }
- $_SESSION['sesuser'] = $_SESSION['loggeduser'];
- include('./settings.php');
- include('./langs/' . $language . '.php');
- if ($_GET['act'] == "logout") {
- unset($_SESSION['sesuser']);
- unset($_SESSION['sespw']);
- unset($_SESSION['sesadmin']);
- session_destroy();
- echo "<script> self.location='index.php'; </script>";
- exit;
- }
- session_start();
- if (!isset($_SESSION['sesuser'])) {
- print('
- <form action="" method=post>
- Name: <input type=text name=user value = "'.$getuser.'"><br>Password: <input type=password name=passw><br>
- <input type=submit value=Ok>
- </form>');
- if (isset($_POST[passw])){
- $msconnect2=odbc_connect("$dbname2","$dbuser2","$dbpass2");
- $postpass=test($_POST[passw]);
- $msquery="SELECT COUNT(strACcountID) FROM tb_user WHERE strACcountID = '$getuser' AND strPasswd = '$postpass'";
- $msresults=odbc_exec($msconnect2,$msquery) or die("error");
- odbc_fetch_row($msresults);
- if (odbc_result($msresults,1) > 0) {
- session_start();
- $_SESSION['sesuser']=$getuser;
- $_SESSION['sespw']=$postpass;
- $account = $_SESSION['sesuser'];
- }}
- }else{
- include('./pusconf.php');
- function alma($t){
- include('./pusconf.php');
- if(($_GET[site]=='2') and ($t<=$weaponscount[$_GET[page]-1])){ //ha weponsbutton és van jelenlegi index item
- print('
- <table border=0 cellspacing=0 cellpadding=0 width=100% height=100% background=pus/buttons/item.gif>
- <tr height=5><td width=18><td><td>
- <tr><td> <td rowspan=3 width=72 height=72><img src='.$weaponsicon[$_GET[page]-1][$t-1].' width=72 height=72>
- <td valign=bottom> Price:'.$weaponsprice[$_GET[page]-1][$t-1].'
- <tr><td><td> Quantity:'.$weaponsquantity[$_GET[page]-1][$t-1].'
- <tr><td><td> <a href=# onclick="confirmation'.$t.'()"><img src=pus/buttons/buy.jpg border=0></a>
- <script type="text/javascript">
- <!--
- function confirmation'.$t.'() {
- var answer = confirm("Are you sure u want buy this item? '.$char.' '.$weapons[$_GET[page]-1][$t-1].'")
- if (answer){
- window.location = "pus.php?site='.$_GET[site].'&page='.$_GET[page].'&buy='.$t.'";}}
- </script>
- <tr><td><td valign=top><a
- href=pus.php?site='.$_GET[site].'&page='.$_GET[page].'&info='.$t.'><img src=pus/buttons/info.jpg border=0></a><td>
- </table>');
- }
- elseif(($_GET[site]=='3') and ($t<=$armorscount[$_GET[page]-1])){
- print('
- <table border=0 cellspacing=0 cellpadding=0 width=100% height=100% background=pus/buttons/item.gif>
- <tr height=5><td width=18><td><td>
- <tr><td> <td rowspan=3 width=72 height=72><img src='.$armorsicon[$_GET[page]-1][$t-1].' width=72 height=72>
- <td valign=bottom> Price:'.$armorsprice[$_GET[page]-1][$t-1].'
- <tr><td><td> Quantity:'.$armorsquantity[$_GET[page]-1][$t-1].'
- <tr><td><td> <a href=# onclick="confirmation'.$t.'()"><img src=pus/buttons//buy.jpg border=0></a>
- <script type="text/javascript">
- <!--
- function confirmation'.$t.'() {
- var answer = confirm("Are you sure u want buy this item? '.$armors[$_GET[page]-1][$t-1].'")
- if (answer){
- window.location = "pus.php?site='.$_GET[site].'&page='.$_GET[page].'&buy='.$t.'";}}
- </script>
- <tr><td><td valign=top><a
- href=pus.php?site='.$_GET[site].'&page='.$_GET[page].'&info='.$t.'><img src=pus/buttons/info.jpg border=0></a><td>
- </table>');
- }elseif(($_GET[site]=='4') and ($t<=$scrollscount[$_GET[page]-1])){
- print('
- <table border=0 cellspacing=0 cellpadding=0 width=100% height=100% background=pus/buttons/item.gif>
- <tr height=5><td width=18><td><td>
- <tr><td> <td rowspan=3 width=72 height=72><img src='.$scrollsicon[$_GET[page]-1][$t-1].' width=72 height=72>
- <td valign=bottom> Price:'.$scrollsprice[$_GET[page]-1][$t-1].'
- <tr><td><td> Quantity:'.$scrollsquantity[$_GET[page]-1][$t-1].'
- <tr><td><td> <a href=# onclick="confirmation'.$t.'()"><img src=pus/buttons/buy.jpg border=0></a>
- <script type="text/javascript">
- <!--
- function confirmation'.$t.'() {
- var answer = confirm("Are you sure u want buy this item? '.$scrolls[$_GET[page]-1][$t-1].'")
- if (answer){
- window.location = "pus.php?site='.$_GET[site].'&page='.$_GET[page].'&buy='.$t.'";}}
- </script>
- <tr><td><td valign=top><a
- href=pus.php?site='.$_GET[site].'&page='.$_GET[page].'&info='.$t.'><img src=pus/buttons/info.jpg border=0></a><td>
- </table>');
- }elseif(($_GET[site]=='5') and ($t<=$otherscount[$_GET[page]-1])){
- print('
- <table border=0 cellspacing=0 cellpadding=0 width=100% height=100% background=pus/buttons/item.gif>
- <tr height=5><td width=18><td><td>
- <tr><td> <td rowspan=3 width=72 height=72><img src='.$othersicon[$_GET[page]-1][$t-1].' width=72 height=72>
- <td valign=bottom> Price:'.$othersprice[$_GET[page]-1][$t-1].'
- <tr><td><td> Quantity:'.$othersquantity[$_GET[page]-1][$t-1].'
- <tr><td><td> <a href=# onclick="confirmation'.$t.'()"><img src=pus/buttons//buy.jpg border=0></a>
- <script type="text/javascript">
- <!--
- function confirmation'.$t.'() {
- var answer = confirm("Are you sure u want buy this item? '.$others[$_GET[page]-1][$t-1].'")
- if (answer){
- window.location = "pus.php?site='.$_GET[site].'&page='.$_GET[page].'&buy='.$t.'";}}
- </script>
- <tr><td><td valign=top><a
- href=pus.php?site='.$_GET[site].'&page='.$_GET[page].'&info='.$t.'><img src=pus/buttons/info.jpg border=0></a><td>
- </table>');
- }
- }//func vége
- if (isset($_GET[buy])){
- $msconnect2=odbc_connect("$dbname2","$dbuser2","$dbpass2");
- $getclan=odbc_exec($msconnect2,"SELECT strcharid from currentuser where straccountid = '".$_SESSION['sesuser']."'");
- while(odbc_fetch_row($getclan)) {
- $char=odbc_result($getclan, 1);
- }
- $msconnect=odbc_connect("$dbname","$dbuser","$dbpass");//és session
- $msteste11="select kc from tb_user where strAccountID = '".$_SESSION['sesuser']."'";
- $result2=odbc_exec($msconnect2,$msteste11) or die("error");
- while (odbc_fetch_row($result2))
- {
- $points2 = odbc_result($result2, 1);
- }
- $msconnect=odbc_connect("$dbname","$dbuser","$dbpass");//és session
- $ip = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
- {
- if($_GET[site]=='2'){
- if($points2>=$weaponsprice[$_GET[page]-1][$_GET[buy]-1]){
- $msconnect2=odbc_connect("$dbname2","$dbuser2","$dbpass2");
- $getclan=odbc_exec($msconnect2,"SELECT strcharid from currentuser where straccountid = '".$_SESSION['sesuser']."'");
- while(odbc_fetch_row($getclan)) {
- $char=odbc_result($getclan, 1);
- }
- $rrrtt=$points2-$weaponsprice[$_GET[page]-1][$_GET[buy]-1];
- $cucc="update tb_user set kc='".$rrrtt."' where strAccountID = '".$_SESSION['sesuser']."'";
- $cucc2="insert into WEB_ITEMMALL(straccountid,strcharid, serverno, itemid, itemcount, buytime) values ('".$_SESSION['sesuser']."','".$char."','15001', '".$weaponsid[$_GET[page]-1][$_GET[buy]-1]."', '1',Getdate()) ";
- $cucc3="insert into purchases (straccountid, dwid,stritemname, beginkc, endkc, itemprice,ip) values ('".$_SESSION['sesuser']."','".$weaponsid[$_GET[page]-1][$_GET[buy]-1]."','".$weapons[$_GET[page]-1][$_GET[buy]-1]."', '$points2', '$rrrtt', '".$weaponsprice[$_GET[page]-1][$_GET[buy]-1]."','$ip') ";
- }
- }
- elseif($_GET[site]=='3'){
- if($points2>=$armorsprice[$_GET[page]-1][$_GET[buy]-1]){
- $rrrtt=$points2-$armorsprice[$_GET[page]-1][$_GET[buy]-1];
- $cucc="update tb_user set kc='".$rrrtt."' where strAccountID = '".$_SESSION['sesuser']."'";
- $cucc2="insert into WEB_ITEMMALL(straccountid,strcharid, serverno, itemid, itemcount, buytime) values ('".$_SESSION['sesuser']."','".$char."','15001', '".$armorsid[$_GET[page]-1][$_GET[buy]-1]."', '1',Getdate()) ";
- $cucc3="insert into purchases (straccountid, dwid,stritemname, beginkc, endkc, itemprice,ip) values ('".$_SESSION['sesuser']."','".$armorssid[$_GET[page]-1][$_GET[buy]-1]."','".$armors[$_GET[page]-1][$_GET[buy]-1]."', '$points2', '$rrrtt', '".$armorsprice[$_GET[page]-1][$_GET[buy]-1]."','$ip') ";
- }
- }
- elseif($_GET[site]=='4'){
- if ($points2>=$scrollsprice[$_GET[page]-1][$_GET[buy]-1]){
- $rrrtt=$points2-$scrollsprice[$_GET[page]-1][$_GET[buy]-1];
- $cucc="update tb_user set kc='".$rrrtt."' where strAccountID = '".$_SESSION['sesuser']."'";
- $cucc2="insert into WEB_ITEMMALL(straccountid,strcharid, serverno, itemid, itemcount, buytime) values ('".$_SESSION['sesuser']."','".$char."','15001', '".$scrollsid[$_GET[page]-1][$_GET[buy]-1]."', '1',Getdate()) ";
- $cucc3="insert into purchases (straccountid, dwid,stritemname, beginkc, endkc, itemprice, ip) values ('".$_SESSION['sesuser']."','".$scrollsid[$_GET[page]-1][$_GET[buy]-1]."','".$scrolls[$_GET[page]-1][$_GET[buy]-1]."','$points2', '$rrrtt', '".$scrollsprice[$_GET[page]-1][$_GET[buy]-1]."', '$ip') ";
- }
- }
- elseif($_GET[site]=='5'){
- if ($points2>=$othersprice[$_GET[page]-1][$_GET[buy]-1]){
- $rrrtt=$points2-$othersprice[$_GET[page]-1][$_GET[buy]-1];
- $cucc="update tb_user set kc='".$rrrtt."' where strAccountID = '".$_SESSION['sesuser']."'";
- $cucc2="insert into WEB_ITEMMALL(straccountid,strcharid, serverno, itemid, itemcount, buytime) values ('".$_SESSION['sesuser']."','".$char."','15001', '".$othersid[$_GET[page]-1][$_GET[buy]-1]."', '1',Getdate()) ";
- $cucc3="insert into purchases (straccountid, dwid,stritemname, beginkc, endkc, itemprice,ip) values ('".$_SESSION['sesuser']."','".$othersid[$_GET[page]-1][$_GET[buy]-1]."','".$others[$_GET[page]-1][$_GET[buy]-1]."', '$points2', '$rrrtt', '".$othersprice[$_GET[page]-1][$_GET[buy]-1]."','$ip') ";
- }
- }
- }
- odbc_exec($msconnect2,$cucc) or die(odbc_error());
- odbc_exec($msconnect,$cucc2) or die(odbc_error());
- odbc_exec($msconnect,$cucc3) or die(odbc_error());
- $time=date('Y-m-d | g:i a');
- $ip = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
- $filename = "puslog.html";
- $fp = fopen($filename, "a") or die("Couldn’t open $filename");
- fwrite($fp,'['.$time.']['.$_SESSION['sesuser'].']['.$ip.']['.$_GET[page].']['.$_GET[buy].']<br>');
- fclose($fp);
- }
- echo"
- <script>
- function closethis(){
- }
- </script>
- <body background=pus/buttons//bg.jpg leftmargin=0 topmargin=0>
- <table border=0 height=100% width=100% cellspacing=0 cellpadding=0>
- <tr height=40><td width=48> <td width=625> <td align=right><a href=# onclick=closethis()><img src=pus/buttons//close.jpg border=0></a>
- <tr height=40><td width=48> <td width=625> <td align=right><a href=pus.php?site=1><img src=pus/buttons//21.jpg border=0 name=pic1 onmouseover=\"pic1.src='pus/buttons//21.jpg'\" onmouseout=\"pic1.src='pus/buttons//11.jpg'\"></a>
- <tr height=73><td width=48> <td width=625> <td align=right>
- <tr height=30><td colspan=2>
- <a href=pus.php?site=1><img src=pus/buttons//1.jpg border=0></a><a href=pus.php?site=2&page=1><img src=pus/buttons//2.jpg border=0></a><a href=pus.php?site=3&page=1><img src=pus/buttons//3.jpg border=0></a><a href=pus.php?site=4&page=1><img src=pus/buttons//4.jpg border=0></a><a href=pus.php?site=5&page=1><img src=pus/buttons//5.jpg border=0 ></a>
- <td>
- <tr height=30><td width=48> <td width=625> <td align=right>
- <tr height=485><td> <td>";
- /*##############################################*/
- if (($_GET[site]=='2') or ($_GET[site]=='3') or ($_GET[site]=='4') or ($_GET[site]=='5')){
- print('<table border=0 height=100% width=100% cellspacing=0 cellpadding=0>
- <tr height=144>
- <td width=205>'); alma(1);
- print('
- <td width=5>
- <td width=205>'); alma(2);
- print('
- <td width=5>
- <td width=205>'); alma(3);
- print('
- <tr height=3><td colspan=5>
- <tr height=144>
- <td width=205>'); alma(4);
- print('
- <td>
- <td width=205>'); alma(5);
- print('
- <td>
- <td width=205>'); alma(6);
- print('
- <tr height=3><td colspan=5>
- <tr height=144>
- <td width=205>'); alma(7);
- print('
- <td>
- <td width=205>'); alma(8);
- print('
- <td>
- <td width=205>'); alma(9);
- print('
- <tr><td>
- <td><td>
- <td>
- <td>
- </table>');}elseif($_GET[site]=='1'){
- print('<table border=0 height=100% width=100% cellspacing=0 cellpadding=0><tr height=299><td width=631 background=pus/buttons//tbbg.gif>
- <center>
- Logged in as '.$_SESSION['sesuser'].'<br>
- <div align="center"><a href="pus.php?act=logout">Logout</a></div><BR>
- </form>
- <td> <tr><td> <td> </table>');
- }
- /*##############################################*/
- print('
- <td>
- <table border=0 cellspacing=0 cellpadding=0 width=100% height=100%>
- <tr height=72><td width=70><td align=center>');
- /*elseif kezdöoldal proc tbbg*/
- if (isset($_GET[info])){
- if($_GET[site]=='2'){
- print('<img src='.$weaponsicon[$_GET[page]-1][$_GET[info]-1].' width=72 height=72><td width=55>
- <tr><td><td valign=top>');
- }elseif($_GET[site]=='3'){
- print('<img src='.$armorsicon[$_GET[page]-1][$_GET[info]-1].' width=72 height=72><td width=55>
- <tr><td><td valign=top>');
- }elseif($_GET[site]=='4'){
- print('<img src='.$scrollsicon[$_GET[page]-1][$_GET[info]-1].' width=72 height=72><td width=55>
- <tr><td><td valign=top>');
- }elseif($_GET[site]=='5'){
- print('<img src='.$othersicon[$_GET[page]-1][$_GET[info]-1].' width=72 height=72><td width=55>
- <tr><td><td valign=top>');
- }}
- else{print(' <td width=55>
- <tr><td><td valign=top> <td>');}
- if (isset($_GET[info])){
- if($_GET[site]=='2'){
- print('<font color=yellow>'.$weapons[$_GET[page]-1][$_GET[info]-1].'<BR>'.$weaponsinfo[$_GET[page]-1][$_GET[info]-1].'<td>');
- }elseif($_GET[site]=='3'){
- print('<font color=yellow>'.$armors[$_GET[page]-1][$_GET[info]-1].'<BR>'.$armorsinfo[$_GET[page]-1][$_GET[info]-1].'<td>');
- }elseif($_GET[site]=='4'){
- print('<font color=yellow>'.$scrolls[$_GET[page]-1][$_GET[info]-1].'<BR>'.$scrollsinfo[$_GET[page]-1][$_GET[info]-1].'<td>');
- }elseif($_GET[site]=='5'){
- print('<font color=yellow>'.$others[$_GET[page]-1][$_GET[info]-1].'<BR>'.$othersinfo[$_GET[page]-1][$_GET[info]-1].'<td>');}
- }
- $msteste1="select kc from tb_user where strAccountID = '".$_SESSION['sesuser']."'";
- $result=odbc_exec($msconnect2,$msteste1) or die("error");
- while (odbc_fetch_row($result))
- {
- $points = odbc_result($result, 1);
- }
- print('<tr height=32><td><td align=right><font color=yellow>'.$points);
- print('
- </font><td>
- </table>
- <tr><td width=48> <td width=625 align=center valign=top>
- ');
- if($_GET[site]=='2'){
- for($i=1;$i<$weaponspagecount+1;$i++){
- print('<a href=pus.php?site='.$_GET[site].'&page='.$i.'>'.$i.'</a> ');}
- }elseif($_GET[site]=='3'){
- for($i=1;$i<$armorspagecount+1;$i++){
- print('<a href=pus.php?site='.$_GET[site].'&page='.$i.'>'.$i.'</a> ');}
- }elseif($_GET[site]=='4'){
- for($i=1;$i<$scrollspagecount+1;$i++){
- print('<a href=pus.php?site='.$_GET[site].'&page='.$i.'>'.$i.'</a> ');}
- }elseif($_GET[site]=='5'){
- for($i=1;$i<$otherspagecount+1;$i++){
- print('<a href=pus.php?site='.$_GET[site].'&page='.$i.'>'.$i.'</a> ');}
- }
- print('
- <td align=center valign=top><font color=yellow>  </font>
- </table>');
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement