forked from emeth-/Multiplayer-PHP-Ajax-Games
-
Notifications
You must be signed in to change notification settings - Fork 2
/
globals.php
114 lines (104 loc) · 2.83 KB
/
globals.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
<?php
if(!$_SESSION['userid'])
{
session_start();
}
ob_start();
if(get_magic_quotes_gpc() == 0)
{
foreach($_POST as $k => $v)
{
$_POST[$k]=addslashes($v);
$_POST[$k]=str_replace(array("meta","onload","onerror","onLoad","onError","xml","null", "alert(","eval(","innerHTML","innerhtml","onreadystatechange","var "),array("","","","","","","","","","","","",""),$_POST[$k]);
$_POST[$k]=str_replace(array("<script", "applet", "embed", "<form", "union","--", "../","/*","java"),array("","","","","","","","","",""),$_POST[$k]);
}
foreach($_GET as $k => $v)
{
$_GET[$k]=addslashes($v);
$_GET[$k]=str_replace(array("meta","onload","onerror","onLoad","onError","xml","null", "alert(","eval(","innerHTML","innerhtml","onreadystatechange","var "),array("","","","","","","","","","","","",""),$_GET[$k]);
$_GET[$k]=str_replace(array("<script", "applet", "embed", "<form", "union","--", "../","/*","java"),array("","","","","","","","","",""),$_GET[$k]);
}
}
global $user;
require "global_func.php";
include_once 'lib/config.php';
$user = User::fbc_getLoggedIn();
($user) ? $fb_active_session = $user->fbc_is_session_active() : $fb_active_session = FALSE;
if($user)
{
//facebook
$userid=$user->fbc_uid;
$_SESSION['userid'] = $user->fbc_uid;
if (!$_SESSION['userid'])
{
$_SESSION['redirectURL']=$_SERVER["REQUEST_URI"];
header("Location: login.php");exit;
}
}
else
{
//guest
if (!$_SESSION['userid'])
{
$_SESSION['redirectURL']=$_SERVER["REQUEST_URI"];
header("Location: login.php");exit;
}
$userid = $_SESSION['userid'];
$guest=1;
}
require "header.php";
include "config.php";
global $_CONFIG;
define("MONO_ON", 1);
require "class/class_db_mysql.php";
$db=new database;
$db->configure($_CONFIG['hostname'],
$_CONFIG['username'],
$_CONFIG['password'],
$_CONFIG['database'],
$_CONFIG['persistent']);
$db->connect();
$c=$db->connection_id;
$set=array();
$settq=$db->query("SELECT * FROM settings");
while($r=$db->fetch_row($settq))
{
$set[$r['conf_name']]=$r['conf_value'];
}
$domain=$set['domain'];
if($_SESSION['userid'])
{
if($guest){$gutxt=" AND guest=1";}
$is=$db->query("SELECT * FROM users WHERE userid='$userid'{$gutxt}");
$useex = $db->num_rows($is);
if($useex>0)
{
$ir=$db->fetch_row($is);
$namenospaces = str_replace(" ", "_", $ir['username']);
$_SESSION['username']=$namenospaces;
}
else if(!$userid)
{
die('error');
}
else
{
if($guest==1)
{
header('Location: login.php');
}
else
{
$name=$user->fbc_name;
$db->query("INSERT INTO users (userid, username, money) VALUES('$userid', '$name', 1000)");
$is=$db->query("SELECT * FROM users WHERE userid='$userid'");
$ir=$db->fetch_row($is);
}
}
}
$h = new headers;
$h->startheaders();
$fm="\$".number_format($ir['money']);
$lv=date('F j, Y, g:i a',$ir['laston']);
$h->userdata($ir,$lv,$fm);
?>