RevCMS Working Homes!

Forget

Member
Apr 3, 2012
120
14
About
These are working homes for RevCMS and they can also be converted into all other cms very easily because its just the scripts that i am releasing not my page layout!


Credits
90% - Me (Forget)for coding the page and scripts
10% - Kryptos for making RevCMS


Screen Shots

2egacs3.jpg


The Codes
You must have this code at the top of the page for any of the other scripts to work:
<?php
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}

$username = filter($_REQUEST["user"]);
$userid = filter($_REQUEST["id"]);

// User Info \\
$userinfo = mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'"));
$_GET2 = mysql_fetch_assoc($userinfo);

$user = filter($_GET2['username']);
$id = filter($_GET2['id']);
$looks = filter($_GET2['look']);
$email = filter($_GET2['mail']);
$rank = filter($_GET2['rank']);
$motto = filter($_GET2['motto']);
$credits = filter($_GET2['credits']);
$pixels = filter($_GET2['activity_points']);
$pvip = filter($_GET2['vip_points']);
$online = filter($_GET2['online']);

?>


<?php


function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
//Stats\\
$stats = mysql_query("SELECT * FROM user_stats WHERE id='$id'");
$get1 = mysql_fetch_assoc($stats);

$resp = filter($_GET1['Respect']);
$giftr = filter($_GET1 ['GiftsReceived']);
$gifts = filter($_GET1 ['GiftsGiven']);
$achivement = filter($_GET1 ['AchievementScore']);
$visits = filter($_GET1['RoomVisits']);
?>


Show Username:
<?php echo $username; ?>


Show Motto:
<?php echo $motto; ?>


Show Email:
<?php echo $email; ?>


Show Credits:
<?php echo $credits; ?>


Show Pixels:
<?php echo $pixels; ?>


Show Vip Points:
<?php echo $pvip; ?>


Show Amount of respect:
<?php echo $resp; ?>


Show Gifts Given:
<?php echo $gifts; ?>


Show Gifts Recived:
<?php echo $giftr; ?>


Show Achievement Score:
<?php echo $achivement; ?>


Show Room Visits:
<?php echo $visits; ?>


Show Users Badges:
<?php


$getmybadges = mysql_query("SELECT * FROM user_badges WHERE user_id='$id'");


while($rowing = mysql_fetch_assoc($getmybadges)){
$badge = $rowing['badge_id'];
echo '<img src="r63/c_images/album1584/'.$badge.'.gif" style="margin-right: 10px;" />';


}
?>


Show Avatar Image:
<img src=" echo $looks; ?>&head_direction=3&action=wlk,wav,drk=0,crr=3" alt="<php echo $username; ?>" />


Show Users Rank:
<?php

$getUser = mysql_query("SELECT * FROM users WHERE id ='$id'");
$user = mysql_fetch_array($getUser);


$rankId = $user['rank'];
$getRank = mysql_query("SELECT * FROM ranks WHERE id ='$rankId'");
$rank = mysql_fetch_array($getRank);


echo "".$rank['name']." (".$rank['id'].")";
?>


Show Users Friends:
<?php
$query = mysql_query("SELECT * FROM messenger_friendships WHERE user_one_id = '$id'");
$i = 0;
while($friends = mysql_fetch_array($query))
{
$getfriend = mysql_query("SELECT * FROM users WHERE id ='".$friends['user_two_id']."' LIMIT 1");
if(mysql_num_rows($getfriend) > 0)
{
$i++;
if($i == 1)
{

echo '';
}
$friend = mysql_fetch_array($getfriend);
$friendname = $friend['username'];
echo "<a href='index.php?url=home&user=$friendname'>";
echo htmlspecialchars($friend['username']).'</a>, ';
}
}
if($i > 0)
echo '</br>'?>


How it works
Put the url as {url}/index.php?url=home&user={username} or the information will not show up
 

DaLightz

See ya'll in the afterlife.
May 19, 2012
1,136
262
<?php
$username = $_REQUEST["user"];
$userid = $_REQUEST["id"];

// User Info \\
$userinfo = mysql_query("SELECT * FROM users WHERE username='$username' or id='$userid'");
$get2 = mysql_fetch_assoc($userinfo);







$user = $get2['username'];
$id = $get2['id'];
$looks = $get2['look'];
$email = $get2['mail'];
$rank = $get2['rank'];
$motto = $get2['motto'];
$credits = $get2['credits'];
$pixels = $get2['activity_points'];
$pvip = $get2['vip_points'];
$online = $get2['online'];
?>

This goes on home.php right?
 

Forget

Member
Apr 3, 2012
120
14
Haha, thanks everyone who was helping other users out for me :) and yeah everything has to go in the home.php but the file does not have to be called homes, you can call it what you like, for example, profile etc :)
 

Forget

Member
Apr 3, 2012
120
14
Any hotels want to use it and ill put urls on the thread? itll get you some users and it will allow users to test it out
 

Justtest

New Member
Jan 9, 2012
17
0
There is a exploit in de code..
better use this code:

<?php
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}

$username = filter($_REQUEST["user"]);
$userid = filter($_REQUEST["id"]);

// User Info \\
$userinfo = mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'"));
$_GET2 = mysql_fetch_assoc($userinfo);

$user = filter($_GET2['username']);
$id = filter($_GET2['id']);
$looks = filter($_GET2['look']);
$email = filter($_GET2['mail']);
$rank = filter($_GET2['rank']);
$motto = filter($_GET2['motto']);
$credits = filter($_GET2['credits']);
$pixels = filter($_GET2['activity_points']);
$pvip = filter($_GET2['vip_points']);
$online = filter($_GET2['online']);

?>
 

lepos

thinking about you. yes you
Dec 11, 2011
2,024
687
Looks pretty sly.

I like it, nice job my friend - Also that other people can see your home is terrific :up:
 

Forget

Member
Apr 3, 2012
120
14
There is a exploit in de code..
better use this code:

<?php
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}

$username = filter($_REQUEST["user"]);
$userid = filter($_REQUEST["id"]);

// User Info \\
$userinfo = mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$username'"));
$_GET2 = mysql_fetch_assoc($userinfo);

$user = filter($_GET2['username']);
$id = filter($_GET2['id']);
$looks = filter($_GET2['look']);
$email = filter($_GET2['mail']);
$rank = filter($_GET2['rank']);
$motto = filter($_GET2['motto']);
$credits = filter($_GET2['credits']);
$pixels = filter($_GET2['activity_points']);
$pvip = filter($_GET2['vip_points']);
$online = filter($_GET2['online']);

?>


Let's be honest, there wasn't just that you can sql because there was no filter on the get's... but its not hard to add them you're self, so stop trying to be big, you got that from otaku as well, you probally don't even know what a exploit is...
 

Justtest

New Member
Jan 9, 2012
17
0
Let's be honest, there wasn't just that you can sql because there was no filter on the get's... but its not hard to add them you're self, so stop trying to be big, you got that from ***** as well, you probally don't even know what a exploit is...
Uhm, mate i filtered those codes.. and didnt taked them off *****. because i'm iOmvuZ -.-
 

Users who are viewing this thread

Top