'; } else { while($transfers = $DB->fetch_array($prev_sql)) { $previous_user = p_info("p_nickname","id",$transfers[1]); $previous_sends .= '\n'; } } } $this->tab_output .= '
'#333333','control' => '#333333','deposit' => '#333333','withdraw' => '#333333','transfer' => '#333333','support' => '#333333'); // Change #666666 to another colour to change the default 'selected' tab colour var $high_bg = '#666666'; /* YOU SHOULD NOT HAVE TO CHANGE ANYTHING BELOW HERE */ var $account_id; var $tab_output = ''; var $output = ''; var $error = array(); var $modify_account_message = ''; var $give_access_message = ''; var $take_access_message = ''; var $transfer_message = ''; var $support_message = ''; var $a_user_id; var $a_description; var $a_type; var $a_status; var $a_open_date; var $current_status; var $account_cfg; var $account_log; var $status; var $referer; var $privilages = array('all','home tab','control tab','deposit tab','withdrawl tab','transfer tab','support tab'); function fragBank () { global $cfgs; global $HTTP_POST_VARS; global $HTTP_COOKIE_VARS; global $HTTP_GET_VARS; global $LOGIN; global $DB; if($HTTP_GET_VARS["new_account"] == true) { setcookie("account_id",$HTTP_GET_VARS["account_id"],time()+1800); $HTTP_COOKIE_VARS["account_id"] = $HTTP_GET_VARS["account_id"]; } elseif(empty($HTTP_COOKIE_VARS["account_id"])) { $this->error[microtime()] = 'Sorry, but either your login to this account has timed out, or your browser doesn\'t support cookies. To log in again, please go to the fragBank launcher.'; $this->end(); } $this->account_id = $HTTP_COOKIE_VARS["account_id"]; setcookie("account_id",$this->account_id,time()+1800); if($GLOBALS['logout'] == true) { $this->logout(); header('Location: http://bank.fragzzhost.com'); } if($LOGIN->status == 'loggedin') { $check_result = $LOGIN->check_auth('%',true,'bank',$this->account_id); if($check_result != true) { $this->error[microtime()] = $check_result; $this->end(); } $accountSQL = $DB->query("SELECT user_id, description, type, status, open_date FROM b_db WHERE account_id = '$this->account_id'") or die($DB->error()); list($this->a_user_id,$this->a_description,$this->a_type,$this->a_status,$this->a_open_date) = mysql_fetch_row($accountSQL); $balSQL = $DB->query("SELECT balance FROM b_transaction_db WHERE account_id = '$this->account_id' ORDER BY date DESC LIMIT 1") or die($DB->error()); $this->balance = $DB->result($balSQL,0); if($GLOBALS['support_action'] == 'send support request') { $LOGIN->check_auth('support tab',true,'bank',$this->account_id); if($this->a_description == 'demo') { $this->error[microtime()] = 'Disabled for demo!!'; $this->end(); } if(!empty($GLOBALS['support_text'])) { global $support_topics; $support_email = 'Hello A support request has been sent. Here are the details: Account ID: '.$this->account_id.' User ID: '.$this->a_user_id.' Logged User ID: '.$LOGIN->user_id.' Description: '.$this->a_description.' Account Type: '.$this->a_type.' Subject: '.$GLOBALS['support_subject'].' Email: '.$GLOBALS['support_email'].' Message: '.$GLOBALS['support_text'].' Thanks Fragzzhost support'; mail($support_topics[$GLOBALS['support_subject']],'Fragzzhost support: '.$GLOBALS['support_subject'],$support_email,'From: Fragzzhost '); $this->support_message = '[i] Your support request has been sent. You should receive a reply within 48 hours, but probobly within 24 hours.'; } else { $this->error[microtime()] = 'Your message was empty!'; $this->end(); } } if($HTTP_POST_VARS['control_action'] == 'give access') { $LOGIN->check_auth('control tab',true,'bank',$this->account_id); $priv = NULL; $accesslist = ''; foreach($HTTP_POST_VARS['give_privilages'] AS $priv) { $accesslist .= $priv.'
'; } if(!check_player('username',$HTTP_POST_VARS['give_user_name'])) { $this->error[microtime()] = 'The username which you specified cannot be found in our database. Please go back and check it.'; $this->end(); } else { $username_add = getuserinfo("customer_id","username",$HTTP_POST_VARS['give_user_name']); if($DB->query("INSERT INTO account_privs_db VALUES ('','$this->account_id','".$username_add."','$accesslist');")) { $this->give_access_message .= 'User given privilages sucessfully.'; } else { $this->give_access_message .= $DB->error(); } } } if($HTTP_POST_VARS['control_action'] == 'update details') { $LOGIN->check_auth('control tab',true,'bank',$this->account_id); if($DB->query("UPDATE b_db SET description = '".$HTTP_POST_VARS["description"]."' WHERE account_id = '$this->account_id'")) { $this->modify_account_message .= 'Details updated sucessfully.

'; } else { $this->modify_account_message .= 'Error encountered.

'; } } if($HTTP_POST_VARS['transfer_action'] == 'make transfer') { $LOGIN->check_auth('transfer tab',true,'bank',$this->account_id); if(($this->balance - $HTTP_POST_VARS['transfer_amount']) < 0) { $this->error[microtime()] = 'You don\'t have enough frags in your account!'; $error = true; } if($HTTP_POST_VARS['transfer_account_id'] == 'SPECIFY') { $transfer_account_id = $HTTP_POST_VARS['transfer_specify_account_id']; } elseif (!empty($HTTP_POST_VARS['transfer_account_id'])) { $transfer_account_id = $HTTP_POST_VARS['transfer_account_id']; } else { $this->error[microtime()] = 'No account selected'; $this->end(); } if(!$this->check_account('account_id',$transfer_account_id)) { $this->error[microtime()] = 'The account number, '.$transfer_account_id.', which you specified cannot be found in our database. Please go back and check it.'; $this->end(); } else { if ($error == true) { $this->end(); } $new_total = $this->balance - $HTTP_POST_VARS['transfer_amount']; $DB->query("INSERT INTO b_transaction_db VALUES ('','$this->account_id','Transfer to $transfer_account_id','".time()."','','".$HTTP_POST_VARS['transfer_amount']."','0','$new_total')") or trigger_error(mysql_error(),E_USER_ERROR); $new_total = $this->get_balance($transfer_account_id) + $HTTP_POST_VARS['transfer_amount']; $DB->query("INSERT INTO b_transaction_db VALUES ('','$transfer_account_id','Transfer','".time()."','Account: $this->account_id','0','".$HTTP_POST_VARS['transfer_amount']."','$new_total')") or trigger_error(mysql_error(),E_USER_ERROR); //action_email($LOGIN->get('email'),'fragBank_transfer','transfer_amount='.$transfer_amount.'&transfer_account_id='.$transfer_account_id.'&transfer_from='.$this->account_id); } } } } function check_account($field, $data) { global $DB; global $LOGIN; $chkSQL = $DB->query("SELECT account_id FROM b_db WHERE $field = '$data'") or trigger_error(mysql_error(),E_USER_ERROR); if(@mysql_num_rows($chkSQL) < 1) { return false; } else { return true; } } function get_balance($account_id = false) { global $DB; if($account_id == false) { $account_id = $this->account_id; } $balSQL = $DB->query("SELECT balance FROM b_transaction_db WHERE account_id = '$account_id' ORDER BY date DESC LIMIT 1") or die($DB->error()); return $DB->result($balSQL,0); } function end () { print "fragBank Error
"; foreach($this->error AS $value) { print "[!] ".$value."
"; } exit; } function tab ($tab = 'home') { global $game_types; global $HTTP_GET_VARS; global $LOGIN; global $DB; $this->bg[$tab] = $this->high_bg; switch ($tab) { case "home": $LOGIN->check_auth('home tab',true,'bank',$this->account_id); if(empty($HTTP_GET_VARS["statement_order"])) { $HTTP_GET_VARS["statement_order"] = 'date'; } if(empty($HTTP_GET_VARS["statement_way"])) { $HTTP_GET_VARS["statement_way"] = 'ASC'; } if(empty($HTTP_GET_VARS["statement_limit"])) { $HTTP_GET_VARS["statement_limit"] = '15'; } $this->statement_html = ''; $sql1 = $DB->query("SELECT transaction_id, description, `date`, source, withdrawl, deposit, balance FROM b_transaction_db WHERE account_id = '$this->account_id' ORDER BY `".$HTTP_GET_VARS["statement_order"]."` ".$HTTP_GET_VARS["statement_way"]." LIMIT ".$HTTP_GET_VARS["statement_limit"]) or die($DB->error()); if($DB->num_rows($sql1) == 0) { $this->statement_html = 'No recent transactions found'; } else { $this->statement_html = ''; while($trans = $DB->fetch_array($sql1)) { $this->statement_html .= "\n"; } $this->statement_html .= "
IDDescriptionDateSourceRecieptsDepositsBalance
$trans[0]$trans[1]$trans[2]$trans[3]".frag()." $trans[4]".frag()." $trans[5]".frag()." $trans[6]
"; } $order_array = array('transaction_id' => 'Transaction ID','description' => 'Description','date' => 'Date','source' => 'Source / Destination','withdrawl' => 'Money Out','deposit' => 'Money In','balance' => 'End Balance'); $way_array = array('ASC' => 'Ascending (A-Z)','DESC' => 'Descending (Z-A)'); $limit_array = array('5' => '5','10' => '10','15' => '15','20' => '20','30' => '30','40' => '40','50' => '50','75' => '75','100' => '100','200' => '200','10000000' => 'All'); $this->statement_html .= '

Order by: '.get_array_select($order_array,$HTTP_GET_VARS["statement_order"],'statement_order').get_array_select($way_array,$HTTP_GET_VARS["statement_way"],'statement_way').'  Limit to '.get_array_select($limit_array,$HTTP_GET_VARS["statement_limit"],'statement_limit').' items  

'; $this->tab_output .= '
[-] account details
Description: '.$this->a_description.'
Account Type: '.$this->a_type.'
Date Opened: '.$this->a_open_date.'
[-] account summary
Balance: '.frag().' '.$this->balance.'
Status: '.$this->a_status.'
Account Type: '.$this->a_type.'
 
[-] account statement

'.$this->statement_html.'
'; break; case "control": $LOGIN->check_auth('control tab',true,'bank',$this->account_id); $this->tab_output .= '
[-] modify account details
'.$this->modify_account_message.' Account description:

[-] give access to other user
'.$this->give_access_message.'

User name:
'; foreach($this->privilages AS $priv) { if($i == true) { $this->tab_output .= ''; } $this->tab_output .= ''; $i = true; } $this->tab_output .= '
Access:
  '.$priv.'
[-] take access from other user
'.$this->take_access_message.'
'; break; case "deposit": $LOGIN->check_auth('deposit tab',true,'bank',$this->account_id); $this->tab_output .= 'COMING SOON!'; break; case "withdraw": $LOGIN->check_auth('withdrawl tab',true,'bank',$this->account_id); $this->tab_output .= '
[-] main deposit file

'.$this->withdraw_message.'


'; break; case "transfer": $LOGIN->check_auth('transfer tab',true,'bank',$this->account_id); $previous_sends = ''; $prev_sql = $DB->query("SELECT T.account_id AS account_id, A.user_id FROM b_transaction_db AS T LEFT JOIN b_db AS A ON T.account_id = A.account_id WHERE T.source = 'Account: ".$this->account_id."' GROUP BY T.account_id"); if(!$prev_sql) { $this->error[microtime()] = 'Database error: '.$DB->error(); $this->end(); } else { $rows = $DB->num_rows($prev_sql); if($rows == 0) { $previous_sends = '
No previous transfers found
'.$transfers[0].''.$previous_user.'
[-] make transfer

'.$this->transfer_message.'

select an account to transfer to

'.$previous_sends.'
account holderaccount ID 
New -------------------->

Amount *'.frag().'


'; break; case "support": global $support_topics; $LOGIN->check_auth('support tab',true,'bank',$this->account_id); $subject_text = ''; foreach($support_topics AS $key => $value) { $subject_text .= "\n"; } $this->tab_output .= '
[-] support

'.$this->support_message.'

Subject :
Contact
(a way we can contact you i.e. email address)		 :
Message :


'; break; case "login": $this->tab_output .= '
Description :

password :


[?] To find your account login details, please go onto the User Bank on the main Fragzzhost site, and select the relevent subscrstatustion.'; break; } print ' '; $this->output .= '
'; $priv = $LOGIN->check_auth('home tab',true,'bank',$this->account_id); if($priv == true) { $this->output .= ''; } $priv = $LOGIN->check_auth('control tab',true,'bank',$this->account_id); if($priv == true) { $this->output .= ''; } $priv = $LOGIN->check_auth('deposit tab',true,'bank',$this->account_id); if($priv == true) { $this->output .= ''; } $priv = $LOGIN->check_auth('withdrawl tab',true,'bank',$this->account_id); if($priv == true) { $this->output .= ''; } $priv = $LOGIN->check_auth('transfer tab',true,'bank',$this->account_id); if($priv == true) { $this->output .= ''; } $priv = $LOGIN->check_auth('support tab',true,'bank',$this->account_id); if($priv == true) { $this->output .= ''; } $this->output .= '
home
control
deposit
withdraw
transfer
support

fragBank

 '; if($LOGIN->status == 'loggedin') { $this->output .= 'log out'; } $this->output .= '
'.$this->tab_output.'
'; } function check_privs($privs = '%',$do_die = false) { global $LOGIN; global $DB; $sql1 = $DB->query("SELECT priv_id FROM account_privs_db WHERE account_id = '$this->account_id' && user_id = '$LOGIN->user_id' && (privs LIKE '%$privs%' OR privs LIKE '%ALL%')") or die($DB->error()); if($DB->num_rows($sql1) != 0) { return true; } else { if($do_die) { $this->error[microtime()] = 'Our database shows that you do not have the correct permissions to view this page. Please contact us if this is an error.'; $this->end(); return false; } else { return 'Our database shows that you do not have the correct permissions to view this page. Please contact us if this is an error.'; } } } function logout() { setcookie("account_id",0,time()+3600); return true; } } $bank = new fragBank; if(!isset($action)) { $bank->tab(); } else { $bank->tab($action); } echo $bank->output; ?>