0)
{
$sql_query = "SELECT * FROM custompages WHERE pageid = $pageid";
//store the SQL query in the result variable
$result = @mysql_query($sql_query);
if(mysql_num_rows($result))
{
//output as long as there are still available fields
while($row = mysql_fetch_array($result))
{
$pagetitle = $row[pagetitle];
$pagetitle = stripslashes($pagetitle);
$pagekeywords = $row[pagekeywords];
$pagekeywords = stripslashes($pagekeywords);
$pagedescription = $row[pagedescription];
$pagedescription = stripslashes($pagedescription);
$custompagecontent = $row[pagecontent];
$custompagecontent = stripslashes($custompagecontent);
}
}
else
{
$pageid = '0';
$includefile = "includes/main.php";
$pagetitle = "Free Flash Arcade";
$pagekeywords = $site_keywords;
$pagedescription = $site_desc;
}
}
else
{
if ($action == "playgame")
{
$title = str_replace("-"," ",$title);
$title2 = str_replace("_","\'",$title);
$title = str_replace("_","'",$title);
$title = addslashes($title);
$title2 = addslashes($title2);
if (!$gameid)
$sql_query = "SELECT * FROM games WHERE gametitle = '$title' || gametitle = '$title2'";
else
$sql_query = "SELECT * FROM games WHERE gameid = $gameid";
//store the SQL query in the result variable
$result = mysql_query($sql_query);
if(mysql_num_rows($result))
{
//output as long as there are still available fields
while($row = mysql_fetch_array($result))
{
$gameid = $row[gameid];
$gametitle = $row[gametitle];
$gametitle = stripslashes($gametitle);
$gamedesc = $row[gamedesc];
$gamekeywords = $row[gamekeywords];
$gamefile = $row[gamefile];
$gameheight = $row[gameheight];
$gamewidth = $row[gamewidth];
$category = $row[category];
$timesplayed = $row[timesplayed];
$rating = $row[rating];
$gameicon = $row[gameicon];
$playedtoday = $row[playedtoday];
$gamelocation = $row[gamelocation];
$iconlocation = $row[iconlocation];
$instructions = $row[instructions];
$filetype = $row[filetype];
$customcode = $row[customcode];
$customcode = stripslashes($customcode);
}
}
else
{
header("Location: $base_url");
exit;
}
include ("includes/rating.php");
$timesplayed++;
$playedtoday++;
$add_times = "update games
set timesplayed = $timesplayed
where gameid = $gameid";
$result = mysql_query($add_times);
$times_today = "update games
set playedtoday = $playedtoday
where gameid = $gameid";
$result = mysql_query($times_today);
$loggedinstatus = $_SESSION['loggedin'];
if ($limitplays == 1 && $loggedinstatus != '1')
{
$sql_query = "SELECT * FROM userlog WHERE ipaddress = '$ipaddress'";
$result = @mysql_query($sql_query);
if(mysql_num_rows($result))
{
while($row = mysql_fetch_array($result))
{
$playedtoday = $row[gamesplayed];
}
}
$playedtoday++;
if ($playedtoday > $guestcredits)
{
header("Location: ".$base_url."index.php?action=register&nocredits=1"); // redirect
}
else
{
$update_credit = mysql_query ("update userlog
set gamesplayed = '$playedtoday'
where ipaddress = '$ipaddress'");
}
}
if (isset($_SESSION['loggedin']))
{
$userid = $_SESSION['loggedinuserid'];
$sql_query = "SELECT * FROM users WHERE userid = $userid";
//store the SQL query in the result variable
$result = @mysql_query($sql_query);
if(mysql_num_rows($result))
{
//output as long as there are still available fields
while($row = mysql_fetch_array($result))
{
$played_today = $row[playedtoday];
$total_played = $row[gamesplayed];
$first_game = $row[gameone];
$second_game = $row[gametwo];
$third_game = $row[gamethree];
$fourth_game = $row[gamefour];
$fifth_game = $row[gamefive];
$points = $row[points];
}
}
$played_today++;
$total_played++;
$points = $points + $game_points;
$fifth_game = $fourth_game;
$fourth_game = $third_game;
$third_game = $second_game;
$second_game = $first_game;
$first_game = $gameid;
$update_user = "update users
set gamesplayed = $total_played,
playedtoday = $played_today,
gameone = $first_game,
gametwo = $second_game,
gamethree = $third_game,
gamefour = $fourth_game,
gamefive = $fifth_game,
points = $points
where userid = $userid";
$result = mysql_query($update_user);
}
$pagedescription = $gamedesc;
$pagekeywords = $gamekeywords;
$pagetitle = $gametitle;
$includefile = "includes/displaygame.php";
}
elseif ($action == "browse")
{
// Mod_Rewrite On (Search Engine Friendy URL's)
if($rewrite != '0' && !$cat)
{
// If the Category name is All, then it will say the catid = all so that it will browse all games
if (!$catname)
{
$catid = 'all';
}
// Since it isn't all, it will now have to look up the category info in the database
else
{
$catname = str_replace("-"," ",$catname);
$catname = str_replace("_","\'",$catname);
$catname = addslashes($catname);
// If there is no category name AND no search term, then it will do nothing here
if (!$catname && !$searchterm)
{
}
// If there there is a category name but not search term, then it will get cat info
elseif (!$searchterm)
{
// Selects the category from the database by the category name
$sql_query2 = "SELECT * FROM categories WHERE catname = '$catname'";
// Processes the search for the category name
$result2 = mysql_query($sql_query2);
if(mysql_num_rows($result2))
{
while($rows = mysql_fetch_array($result2))
{
// Category ID that is being browsed
$browse_cat_id = $rows[catid];
// Category Name that is being browsed
$browse_cat_name = $rows[catname];
$browse_cat_name = stripslashes($browse_cat_name);
$browse_cat_desc = $rows[catdesc];
$browse_cat_keywords = $rows[catkeywords];
}
}
}
}
}
else
{
// If no category id was mentioned, then it will use this at the page info
if (!$cat)
{
$pagetitle = "Browse Our Database of Games";
$pagekeywords = $site_keywords;
$pagedescription = $site_desc;
}
else
{
// Pick the category from the database by the category number
$sql_query2 = "SELECT * FROM categories WHERE catid = $cat";
//store the SQL query in the result variable
$result2 = mysql_query($sql_query2);
if(mysql_num_rows($result2))
{
//output as long as there are still available fields
while($rows = mysql_fetch_array($result2))
{
$browse_cat_id = $rows[catid];
$browse_cat_name = $rows[catname];
$browse_cat_name = stripslashes($browse_cat_name);
$browse_cat_desc = $rows[catdesc];
$browse_cat_keywords = $rows[catkeywords];
}
}
else
{
$action = "browse";
$cat = "";
echo '';
return;
}
}
}
if (!$searchterm && !$browse_cat_name)
{
$pagetitle = "Browse Our Database of Games";
$pagekeywords = $site_keywords;
$pagedescription = $site_desc;
}
elseif (!$browse_cat_name)
{
$pagetitle = "Search Results for $searchterm";
$pagekeywords = $site_keywords;
$pagedescription = $site_desc;
}
else
{
$pagetitle = "Browse Our Database of ".$browse_cat_name." Games";
$pagekeywords = $browse_cat_keywords;
$pagedescription = $browse_cat_desc;
}
$includefile = "includes/browse.php";
}
elseif ($action == "tradelinks")
{
$pagetitle = "Trade Links With $site_title";
$pagedescription = "Trade Links With $site_title";
$pagekeywords = $site_keywords;
$includefile = "templates/tradelinks.html";
}
elseif ($action == "links")
{
$pagetitle = "Links Page";
$pagedescription = "Links Page";
$pagekeywords = $site_keywords;
$includefile = "templates/links.html";
}
elseif ($action == "linkadded")
{
$websitename = $_GET[websitename];
$websiteurl = $_GET[websiteurl];
$pagetitle = "Your Link Has Been Added";
$pagekeywords = $site_keywords;
$pagedescription = "Trade Links With $site_title";
$includefile = "templates/linkadded.html";
}
elseif ($action == "profile")
{
$userid = $_GET[userid];
$pagetitle = "User Profiles";
$pagekeywords = $site_keywords;
$pagedescription = $site_desc;
$includefile = "includes/profile.php";
}
elseif ($action == "register")
{
$nocredits = $_GET[nocredits];
$pagetitle = "Register";
$pagekeywords = $site_keywords;
$pagedescription = $site_desc;
$includefile = "templates/register.html";
}
elseif ($action == "optout")
{
$newsletter_code = $_GET[code];
$userid = $_GET[userid];
$pagetitle = "Removed From Mailing List";
$pagekeywords = $site_keywords;
$pagedescription = $site_desc;
$includefile = "templates/optout.php";
}
elseif ($action == "newmember")
{
$newusername = $_POST[newusername];
$newpasswordone = $_POST[newpasswordone];
$newpasswordtwo = $_POST[newpasswordtwo];
$newemailaddress = $_POST[newemailaddress];
//Check to see if email address is valid!
$email_domain = explode("@",$newemailaddress);
if (!checkdnsrr($email_domain[1],"MX")){
header("Location: ".$base_url."index.php?action=register&status=Invalid Email Address");
exit;
}
if ($newpasswordone != $newpasswordtwo)
{
$status = "Your passwords did not match.";
$includefile = "templates/register.html";
}
// Checks to make sure all info is entered
elseif (!$newusername || !$newpasswordone || !$newpasswordtwo || !$newemailaddress)
{
$status = "You did not enter all the required information.";
$includefile = "templates/register.html";
}
else
{
// Checks to see if the user is already in the database
$query2 = "select * from users where username = '$newusername'";
$result2 = mysql_query($query2);
if (mysql_num_rows($result2)>0)
{
$status = "I'm sorry, that username is already taken.";
$includefile = "templates/register.html";
}
else
{
if ($email_confirmation == 1)
{
//Generate unique confirmation code
$random= "";
srand((double)microtime()*1000000);
$block = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
$block .= "0123456789";
for($i = 0; $i < 10; $i++)
{
$random .= substr($block,(rand()%(strlen($block))), 1);
}
//End confirmation code generation
$msg .=''.$newusername.': ';
$msg .='Thank you for registering with '.$site_title.'.
';
$msg .='Please click on the link below to confirm your account with us: ';
$msg .='Click here to Confirm
';
$msg .='If you cannot see the hyperlink or have problems confirming your account, please copy and paste the following link into your browsers address bar: ';
$msg .=''.$base_url.'index.php?action=confirmaccount&username='.$newusername.'&confirmation='.$random.'