- 001
- 002
- 003
- 004
- 005
- 006
- 007
- 008
- 009
- 010
- 011
- 012
- 013
- 014
- 015
- 016
- 017
- 018
- 019
- 020
- 021
- 022
- 023
- 024
- 025
- 026
- 027
- 028
- 029
- 030
- 031
- 032
- 033
- 034
- 035
- 036
- 037
- 038
- 039
- 040
- 041
- 042
- 043
- 044
- 045
- 046
- 047
- 048
- 049
- 050
- 051
- 052
- 053
- 054
- 055
- 056
- 057
- 058
- 059
- 060
- 061
- 062
- 063
- 064
- 065
- 066
- 067
- 068
- 069
- 070
- 071
- 072
- 073
- 074
- 075
- 076
- 077
- 078
- 079
- 080
- 081
- 082
- 083
- 084
- 085
- 086
- 087
- 088
- 089
- 090
- 091
- 092
- 093
- 094
- 095
- 096
- 097
- 098
- 099
- 100
<?
@session_start();
@error_reporting ( E_ALL ^ E_WARNING ^ E_NOTICE );
@ini_set ( 'display_errors', true );
@ini_set ( 'html_errors', false );
@ini_set ( 'error_reporting', E_ALL ^ E_WARNING ^ E_NOTICE );
define( 'DATALIFEENGINE', true );
define( 'ROOT_DIR', '../../..' );
define( 'ENGINE_DIR', ROOT_DIR . '/system' );
define ( 'NEXT_DIR', dirname ( __FILE__ ) );
require_once NEXT_DIR.'/api.functions.php';
require_once ENGINE_DIR.'/modules/functions.php';
include_once (ENGINE_DIR . '/classes/mysql.php');
include_once (ENGINE_DIR . '/data/dbconfig.php');
include_once (ENGINE_DIR . '/data/config.php');
if(!checksign($_GET)) die('SIG Error'); //check sig
switch(strtolower($_GET['method']))
{
// Показываем профиль..
case 'getprofile':
$id=$_GET['uid'];
$db->query("SELECT * FROM ".USERPREFIX."_users where user_id in($id)");
$resp="<profiles>";
while($row=$db->get_row())
{
$row['fullname']=iconv($config['charset'],"UTF-8",$row['fullname']);
$row['land']=iconv($config['charset'],"UTF-8",$row['land']);
$resp .=<<<XML
<user>
<uid>{$row['user_id']}</uid>
<first_name>{$row['fullname']}</first_name>
<last_name></last_name>
<nickname>{$row['name']}</nickname>
<birthday></birthday>
<sex></sex>
<avatar_url>{$config['http_home_url']}uploads/fotos/{$row['foto']}</avatar_url>
<country>{$row['land']}</country>
<city></city>
</user>
XML;
}$resp.="</profiles>";
break;
// Отправляем ПМ
case "sendmessage":
require_once ENGINE_DIR . '/classes/parse.class.php';
$parse = new ParseFilter( );
$parse->safe_mode = true;
$uid=intval($_GET['uid']);
$sender_id=intval($_GET['sender_id']);
$message=convert_unicode($_GET['message'],$config['charset']);
$message=$parse->BB_Parse( $parse->process($message ), false );
$subj=strip_tags($db->safesql($nextgame['subj_pm'],$config['charset']));
if($_GET['type']=='user'){
$user=$db->super_query("SELECT user_id,name from ".USERPREFIX."_users where user_id='{$sender_id}'");
}else
{$user['name']="NexGame Aplication";
}
$time = time() + ($config['date_adjust'] * 60);
$db->query( "INSERT INTO " . USERPREFIX . "_pm (subj, text, user, user_from, date, pm_read, folder) values ('$subj', '$message', '{$uid}', '{$user['name']}', '$time', 'no', 'inbox')" );
$db->query("UPDATE " . USERPREFIX . "_users set pm_all=pm_all+1, pm_unread=pm_unread+1 where user_id='{$uid}'");
$resp="<msg><uid>{$uid}</uid><delivered>1</delivered></msg>";
break;
case 'sendinvite': /// Инвайт отправим.
if(empty($_GET['uid']) OR intval($_GET['sender_id'])==0 OR intval($_GET['app_id'])==0) die();
$sender_id=intval($_GET['sender_id']);
$game_id=intval($_GET['app_id']);
$subj=(empty($nextgame['subj_invite']))?"Empty!":strip_tags($nextgame['subj_invite']);
//$subj=strip_tags(trim(convert_unicode($nextgame['subj_invite'],$config['charset'])));
$time = time() + ($config['date_adjust'] * 60);
$game_link=($config['allow_alt_url'] == "yes")?$config['http_home_url']."game/".$game_id."/?ref_id=".$sender_id:$config['http_home_url']."?do=game&about_app=".$game_id."&ref_id=".$sender_id;
$row=$db->super_query("SELECT name,user_id FROM ".USERPREFIX."_users where user_id='{$sender_id}'");
if(!$row['user_id']) die("No Such User"); //Фтопку отправлять от анонимов
$message=str_replace('"', '"',$nextgame['message_invite']);
$message=str_replace("[game_link]","<a href=\"{$game_link}\">",$message);
$message=str_replace("[/game_link]","</a>",$message);
$message=str_replace("{gamer}",$row['name'],$message);
$message=$db->safesql($message);
$users=explode(",",$_GET['uid']);
$query=array();
$users_id=array();
foreach($users as $user){
$users_id[]=intval($user); $query[]="('$subj','$message','$user','{$row['name']}','$time','no','inbox')";
$resp.="<user>$user</user>";}
$invite_recipients=implode(",",$query);
$invite_recipients_id=implode(",",$users_id);
$db->query( "INSERT INTO " . USERPREFIX . "_pm (subj, text, user, user_from, date, pm_read, folder) values $invite_recipients;");
$db->query( "UPDATE " . USERPREFIX . "_users set pm_all=pm_all+1, pm_unread=pm_unread+1 where user_id in('{$invite_recipients_id}')" );
$resp="<invite>{$resp}</invite>";
break;
default: $resp="<error>true</error>";
}
@header('Content-type: text/xml');
echo<<<XML
<?xml version="1.0" encoding="UTF-8"?>
$resp
XML;
?>