Result

'.am_injection($_GET['returnStatus']).'

'; exit; } //============================================ if(isset($_POST['featuredgame']) && is_numeric($_POST['featuredgame'])) { $fgame = am_injection($_POST['featuredgame']); $gamenameRes = am_queries($db, 'SELECT `gamename` FROM `AMCMS_games` WHERE `primkey`='.$fgame.';'); $gamename = $gamenameRes[0][0]; $linkG = am_gameLink($fgame, $gamename, 'here', ' target="_parent"'); am_queries($db, "INSERT INTO `AMCMS_challenges` (`primkey` ,`userkey1` ,`userkey2` ,`gameid` ,`winner`, `score1`, `score2`) VALUES (NULL, $yourUserId, $authorkey, $fgame, 0, 0, 0);"); echo '

Finish the Fight!

Play your turn now by clicking '.$linkG.'.

'; exit; } //============================================ if(isset($_GET['issuer']) && is_numeric($_GET['issuer'])) { $newRes = am_queries($db, 'SELECT * FROM `AMCMS_challenges` WHERE `primkey`='.am_injection($_GET['issuer']).';'); $fgame = $newRes[0][3]; $gamenameRes = am_queries($db, 'SELECT `gamename` FROM `AMCMS_games` WHERE `primkey`='.$fgame.';'); $gamename = $gamenameRes[0][0]; $linkG = ''; if($newRes[0][1]!=$yourUserId && $newRes[0][2]==$yourUserId) { $opponent1 = $newRes[0][1]; //Respond to a challenge someone invited you to. $opponentName = am_getusername($opponent1); echo '

You\'ve been challenged!

'.$opponentName.' is challenging you. '.$linkG.'

'; } elseif ($newRes[0][2]!=$yourUserId && $newRes[0][1]==$yourUserId) { $opponent2 = $newRes[0][2]; // Play your part in a challenge you initiated $opponentName = am_getusername($opponent2); echo '

Finish the Fight!

Opponent: '.$opponentName.' - Play your turn now by clicking '.$linkG.'

'; } elseif ($newRes[0][1]!=$yourUserId && $newRes[0][2]!=$yourUserId) { exit; // Unauthorized, let's terminate the script. } exit; } elseif($_GET['issuer']!=NULL && !is_numeric($_GET['issuer'])) {exit;} //============================================ echo ''; echo ''; echo '

Challenge!!!

You\'re challenging '.$res[0][0].' to a fight!
'; echo 'Choose Game:

'; echo ''; ?>