source: action.php

Last change on this file was 1, checked in by george, 18 years ago

Prvnotní import původních kódů z wowresource.
File size: 5.1 KB
Line 
1<?php
2include './includes/config.php';
3if (isset($_COOKIE['lang']))
4 {
5 $lang = $_COOKIE['lang'];
6 }
7else
8 {
9 $lang = 'cs';
10 }
11require('./lang/'.$lang.'.php');
12$db = new tMySql;
13 $db->dbServer = $db_config['host'];
14 $db->dbUser = $db_config['user'];
15 $db->dbPassword = $db_config['pass'];
16 $db->dbName = $db_config['name'];
17$db->connect();
18$db->query(0, "SET NAMES UTF8");
19$geted = $db->escape($_GET);
20$posted = $db->escape($_POST);
21session_start();
22if (isset($_SESSION['id']))
23 {
24 $user = $db->strip($db->query_fetch_assoc('SELECT * from `users` WHERE id ='.(int)$_SESSION['id']));
25 }
26if ($_GET['do']=='logout')
27 {
28 session_unregister('id');
29 header("Location: $_SERVER[HTTP_REFERER]");
30 }
31
32 //check pass
33if ($_GET['do']=='check')
34 {
35 if ($_GET['p1']==$_GET['p2'])
36 {
37 $e = '<div id="img_ok" title="'.$text['pass_ok'].'"></div>';
38 }
39 else
40 {
41 $e = '<div id="img_error" title="'.$text['pass_error'].'"></div>';
42 }
43 if (empty($_GET['p1']))
44 {
45 $e = '<div id="img_error" title="'.$text['no_pass'].'"></div>';
46 }
47 echo $e;
48 }
49
50 // check login
51if ($_GET['do']=='checkl')
52 {
53 $pocet = $db->query_result('SELECT COUNT(*) as pocet FROM `users` WHERE name="'.$geted['login'].'"');
54 if ($pocet==1)
55 {
56 $e = '<div id="img_error" title="'.$text['login_error'].'"></div>';
57 }
58 else
59 {
60 $e = '<div id="img_ok" title="'.$text['login_ok'].'"></div>';
61 }
62 if (empty($geted['login']))
63 {
64 $e = '<div id="img_error" title="'.$text['no_login'].'"></div>';
65 }
66 echo $e;
67 }
68
69if ($_GET['do']=='checke')
70 {
71 if (is_email($_GET['email']))
72 {
73 $e = '<div id="img_ok" title="'.$text['email_ok'].'"></div>';
74 }
75 else
76 {
77 $e = '<div id="img_error" title="'.$text['email_wrong'].'"></div>';
78 }
79 $poce = $db->query_result('SELECT COUNT(*) as pocet FROM `users` WHERE email="'.$geted['email'].'"');
80 if ($poce==1)
81 {
82 $e = '<div id="img_error" title="'.$text['email_used'].'"></div>';
83 }
84 echo $e;
85 }
86if ($_GET['do']=='confirm')
87 {
88 $id = (int)$_GET['id'];
89 $db->update('users', array('active'=>1), '`id`*'.$config['nasobitel'].'='.$id);
90 $name = $db->query_result('SELECT `name` FROM `users` WHERE id = '.($id/$config['nasobitel']));
91 echo '<link rel="stylesheet" href="./templates/style/screen2.css" type="text/css" media="screen, projection">';
92 echo '<meta http-equiv="content-type" content="text/html; charset=utf-8">';
93 if (empty($name))
94 {
95 echo '<span class="error">'.$text['regist_finishing_error'].'</span>';
96 }
97 else
98 {
99 echo '<span class="success">'.$name.$text['registr_finished'].'</span>';
100 }
101 }
102
103
104//change lang
105if ($_GET['do']=='language')
106 {
107 if (($_GET['lang']=='en') OR ($_GET['lang']=='cs'))
108 {
109 setcookie('lang', $_GET['lang']);
110 header("Location: $_SERVER[HTTP_REFERER]");
111 }
112 else
113 {
114 die('Language not found');
115 }
116 }
117
118if ($_GET['do']=='rate')
119 {
120 $server_id = (int) $_GET['server'];
121 $rating = (int) $_GET['rating'];
122 if (empty($_SESSION['id']))
123 {
124 die('Hacking attempt');
125 }
126 $c = $db->query_result('SELECT COUNT(*) as pocet FROM `ratings` WHERE (`server_id`='.$server_id.' AND `user_id`='.(int)$_SESSION['id'].')');
127 if (($c==1) OR ($rating<1) OR ($rating>5))
128 {
129 die('Hacking attempt');
130 }
131 $db->insert('ratings', array('server_id'=>$server_id, 'user_id'=>$_SESSION['id'], 'rating'=> $rating));
132 $db->update('servers', array('rating_sum'=>'rating_sum+'.$rating, 'ratings'=>'ratings+1'), 'id='.$server_id);
133 header("Location: $_SERVER[HTTP_REFERER]");
134 }
135if ($_GET['do']=='delserver')
136 {
137 $id = (int) $_GET['server'];
138 if (empty($_SESSION['id']))
139 {
140 die('Hacking attempt2');
141 }
142 $owner = $db->query_result('SELECT `owner` FROM `servers` WHERE `id`='.$id);
143 if (($owner == $_SESSION['id']) OR ($user['admin']==1))
144 {
145 delserver($id);
146 echo '<script type="text/javascript"> alert("Smazano"); location.href="'.$config['base_url'].'";</script>';
147 }
148 else
149 {
150 die('hacking attempt1');
151 }
152
153 }
154
155if ($_GET['do']=='delcom')
156 {
157
158 if ($user['admin'] == 1)
159 {
160 $db->query(0, 'delete from `comments` where `id`='.(int)$_GET['id']);
161 header("Location: $_SERVER[HTTP_REFERER]");
162 }
163else
164 {
165 die('hacking atempt');
166 }
167 }
168
169if ($user['admin']==1)
170 {
171 if ($_GET['do']=='delwss')
172 {
173 $id = (int) $_GET['id'];
174 $db->update('servers', array('wss_partner'=>0), ' `id`='.$id);
175 header("Location: $_SERVER[HTTP_REFERER]");
176 }
177 if ($_GET['do']=='addwss')
178 {
179 $id = (int) $_GET['id'];
180 $db->update('servers', array('wss_partner'=>1), ' `id`='.$id);
181 header("Location: $_SERVER[HTTP_REFERER]");
182 }
183 if ($_GET['do']=='ban')
184 {
185 $id = (int)$_GET['id'];
186 $db->update('users', array('ban'=>1), '`id`='.$id);
187 header("Location: $_SERVER[HTTP_REFERER]");
188 }
189 if ($_GET['do']=='unban')
190 {
191 $id = (int)$_GET['id'];
192 $db->update('users', array('ban'=>0), '`id`='.$id);
193 header("Location: $_SERVER[HTTP_REFERER]");
194 }
195 }
196
197?>
Note: See TracBrowser for help on using the repository browser.