function OptimizeTable($Token, $Table = null)
{
$total = 0;
if (($mundane_id = Ork3::$Lib->authorization->IsAuthorized($Token)) > 0 && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_ADMIN, 0, AUTH_CREATE)) {
if (is_null($Table)) {
$tables = $this->db->query('show tables');
$t = 'Tables_in_' . DB_DATABASE;
do {
set_time_limit(60 * 60);
$this->db->query('optimize table "' . $tables->{$t} . '"');
$total++;
} while ($tables->next());
} else {
if (is_array($Table) && count($Table > 0)) {
foreach ($Table as $k => $t) {
set_time_limit(60 * 60);
$this->db->query('optimize table "' . $t . '"');
$total++;
}
}
}
return Success($total);
}
return NoAuthorization();
}
public function save()
{
$aid = $this->admin['aid'];
$password = ForceStringFrom('password');
$passwordconfirm = ForceStringFrom('passwordconfirm');
$email = ForceStringFrom('email');
$fullname = ForceStringFrom('fullname');
$fullname_en = ForceStringFrom('fullname_en');
if (strlen($password) or strlen($passwordconfirm)) {
if (strcmp($password, $passwordconfirm)) {
$errors[] = '两次输入的密码不相同!';
}
}
if (!$email) {
$errors[] = '请输入Email地址!';
} elseif (!IsEmail($email)) {
$errors[] = 'Email地址不规范!';
} elseif (APP::$DB->getOne("SELECT aid FROM " . TABLE_PREFIX . "admin WHERE email = '{$email}' AND aid != '{$aid}'")) {
$errors[] = 'Email地址已占用!';
}
if (!$fullname) {
$errors[] = '请输入中文昵称!';
}
if (!$fullname_en) {
$errors[] = '请输入英文昵称!';
}
if (isset($errors)) {
Error($errors, '编辑我的信息错误');
} else {
APP::$DB->exe("UPDATE " . TABLE_PREFIX . "admin SET \r\n\t\t\t" . Iif($password, "password = '******',") . "\r\n\t\t\temail = '{$email}',\r\n\t\t\tfullname = '{$fullname}',\r\n\t\t\tfullname_en = '{$fullname_en}'\r\n\t\t\tWHERE aid = '{$aid}'");
Success('myprofile');
}
}
/**
* @param callable $hof
* @return Success|Failure
*/
function Attempt(callable $hof)
{
try {
return Success(call_user_func($hof));
} catch (\Exception $e) {
return Failure($e);
}
}
public function updatemessages()
{
$page = ForceIntFrom('p', 1);
//页码
$deletemids = $_POST['deletemids'];
for ($i = 0; $i < count($deletemids); $i++) {
$mid = ForceInt($deletemids[$i]);
APP::$DB->exe("DELETE FROM " . TABLE_PREFIX . "msg WHERE mid = '{$mid}'");
}
Success('messages?p=' . $page);
}
public function updateguests()
{
$page = ForceIntFrom('p', 1);
//页码
$deletegids = $_POST['deletegids'];
for ($i = 0; $i < count($deletegids); $i++) {
$gid = ForceInt($deletegids[$i]);
$this->DeleteGuest($gid);
//批量删除客人及对话记录
}
Success('guests?p=' . $page);
}
public function CreateGame($request)
{
if (($mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token'])) > 0) {
switch ($request['Type']) {
case 'flag-capture':
return Success($this->create_flag_capture($request['Name'], $mundane_id, $request['Configuration']));
break;
default:
return Success($this->create_game($request['Name'], 'custom', $mundane_id, $request['Configuration'], array()));
break;
}
} else {
return NoAuthorization();
}
}
public function restore()
{
$filename = ForceStringFrom('file');
$fp = openFileRead($this->backupDir . $filename);
while (!eof($fp)) {
$query .= readFileData($fp, 10000);
}
closeFile($fp);
$queries = ParseQueries($query, ';');
for ($i = 0; $i < count($queries); $i++) {
$sql = trim($queries[$i]);
if (!empty($sql)) {
APP::$DB->query($sql);
}
}
Success('database');
}
public function RemoveLastDuesPaid($request)
{
logtrace('RemoveLastDuesPaid', $request);
if (($player = Ork3::$Lib->player->player_info($request['MundaneId'])) === false) {
return InvalidParameter('Player could not be found.');
}
logtrace('Found Player', $request);
if (($mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token'])) > 0 && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_PARK, $player['ParkId'], AUTH_EDIT)) {
$sql = "select \n\t\t\t s.transaction_id \n\t\t\t from " . DB_PREFIX . "split s \n\t\t\t left join " . DB_PREFIX . "transaction t on s.transaction_id = t.transaction_id\n\t\t\t where \n\t\t\t src_mundane_id = '" . mysql_real_escape_string($request['MundaneId']) . "' and is_dues = 1 order by t.date_created desc limit 1";
logtrace('Passed Security', $sql);
$lastdues = $this->db->query($sql);
if ($lastdues != false && $lastdues->size() == 1) {
$this->remove_transaction($lastdues->transaction_id);
return Success('Transaction ' . $lastdues->transaction_id . ' removed.');
}
}
return NoAuthorization('You lack authoratah.');
}
public function updatecomments()
{
$page = ForceIntFrom('p', 1);
//页码
if (IsPost('updatecomms')) {
$updatecids = $_POST['updatecids'];
for ($i = 0; $i < count($updatecids); $i++) {
$cid = ForceInt($updatecids[$i]);
APP::$DB->exe("UPDATE " . TABLE_PREFIX . "comment SET readed = 1 WHERE cid = '{$cid}'");
}
} else {
$deletecids = $_POST['deletecids'];
for ($i = 0; $i < count($deletecids); $i++) {
$cid = ForceInt($deletecids[$i]);
APP::$DB->exe("DELETE FROM " . TABLE_PREFIX . "comment WHERE cid = '{$cid}'");
}
}
Success('comments?p=' . $page);
}
public function updatephrases()
{
$page = ForceIntFrom('p', 1);
//页码
if (IsPost('updatephrases')) {
$pids = $_POST['pids'];
$sorts = $_POST['sorts'];
$activateds = $_POST['activateds'];
$msgs = $_POST['msgs'];
$msg_ens = $_POST['msg_ens'];
for ($i = 0; $i < count($pids); $i++) {
$pid = ForceInt($pids[$i]);
APP::$DB->exe("UPDATE " . TABLE_PREFIX . "phrase SET sort = '" . ForceInt($sorts[$i]) . "',\n\t\t\t\t\tactivated = '" . ForceInt($activateds[$i]) . "',\n\t\t\t\t\tmsg = '" . ForceString($msgs[$i]) . "',\n\t\t\t\t\tmsg_en = '" . ForceString($msg_ens[$i]) . "'\t\t\t\t\t\n\t\t\t\t\tWHERE pid = '{$pid}'");
}
} else {
$deletepids = $_POST['deletepids'];
for ($i = 0; $i < count($deletepids); $i++) {
$pid = ForceInt($deletepids[$i]);
APP::$DB->exe("DELETE FROM " . TABLE_PREFIX . "phrase WHERE pid = '{$pid}'");
}
}
Success('phrases?p=' . $page);
}
$in2['uidNumber'] = $in['uidNumber'];
// Incrementing maxUID entry
$mod = AssistedLDAPModify($ldapc, $moddn, $in2);
}
// If the modification went OK, we send the notification e-mail to the user
if ($mod) {
$send = AssistedEMail("NewUserDo", $mail);
}
// If the mailing went OK ...
if ($send) {
// We need to get rid of the temporary entry
$del_q = sprintf("DELETE FROM NewUser" . " WHERE uid='%s'" . " AND token='%s'", mysql_real_escape_string($uid), mysql_real_escape_string($token));
// Deleting the row from the table ...
$del_r = AssistedMYSQLQuery($del_q);
// We log the event
WriteLog("NewUserDo");
// Print the good news to the user
Success("NewUserDo");
} else {
// We fail nicely, at least
Fail("NewUserDo");
}
}
}
}
}
// Closing the connection
$ldapx = AssistedLDAPClose($ldapc);
// Closing the connection
$mysqlx = AssistedMYSQLClose($mysqlc);
require_once "./themes/{$app_theme}/footer.php";
public function AddParticipant($request)
{
if (!$this->check_auth($request)) {
return NoAuthorization();
}
if (valid_id($request['ParticipantId'])) {
$sql = "insert into " . DB_PREFIX . "participant (tournament_id, bracket_id, alias, mundane_id, unit_id, park_id, kingdom_id, team_id) \n\t\t\t\t\t\tselect tournament_id, " . mysql_real_escape_string($request['BracketId']) . ", alias, mundane_id, unit_id, park_id, kingdom_id, team_id from " . DB_PREFIX . "participant where participant_id = '" . mysql_real_escape_string($request['ParticipantId']) . "'";
$this->db->query($sql);
return Success($this->db->getInsertId());
} else {
$this->Participant->clear();
$this->Participant->tournament_id = $request['TournamentId'];
$this->Participant->bracket_id = $request['BracketId'];
$this->Participant->alias = $request['Alias'];
$this->Participant->unit_id = $request['UnitId'];
$this->Participant->park_id = $request['ParkId'];
$this->Participant->kingdom_id = $request['KingdomId'];
$this->Participant->team_id = $request['TeamId'];
$this->Participant->save();
if (!valid_id($request['MundaneId'])) {
foreach ($request['Members'] as $k => $member) {
$this->Player->clear();
$this->Player->participant_id = $this->Participant->participant_id;
$this->Player->mundane_id = $member['MundaneId'];
$this->Player->tournament_id = $member['TournamentId'];
$this->Player->bracket_id = $member['BracketId'];
$this->Player->save();
}
}
return Success($this->Participant->participant_id);
}
}
public function personal_()
{
eval(USER);
try {
$data = $_POST;
unset($data['__hash__']);
$root = C('ROOT');
if (isset($_FILES["picture"])) {
$upload = uploadImage();
if (!is_string($upload)) {
$data['picture'] = $root . $upload[0]["savepath"] . $upload[0]["savename"];
}
if ($data["picture"] == $root) {
unset($data["picture"]);
}
}
DBModel::updateDB('cernet_user', array('username' => session('username')), $data);
$this->success(Success('modify'), '__ROOT__/User/personal');
} catch (Exception $e) {
throw_exception($e->getMessage());
}
}
public function NextYear($request)
{
$sql = "select event.event_id, event.name, detail.event_start, detail.event_end, detail.url, detail.description from " . DB_PREFIX . "event event left join " . DB_PREFIX . "event_calendardetail detail on detail.event_id = event.event_id where event_start >= '" . mysql_real_escape_string($request['Date']) . "' and event_end <= date_add('" . mysql_real_escape_string($request['Date']) . "', interval 1 year)";
return array('Status' => Success(), 'Dates' => array_merge($this->_make_calendar_set($sql), $this->_park_days(strtotime($request['Date']), 'year')));
}
}
}
}
if (!$fail) {
if (!$rankFail) {
//Update Old Ranks
for ($i = 0; $i < $anotherOldCount; $i++) {
global $oldRankIds, $oldRankNewPower;
$sql = "Call sp_UpdateRankPower(" . $oldRankIds[$i] . ", " . $oldRankNewPower[$i] . ")";
$result = mysql_query($sql, $conn) or die(mysql_error());
}
//Add New Ranks
for ($i = 0; $i < $newRankCount; $i++) {
$sql = "Call sp_AddNewRank('" . $newRankNames[$i] . "', " . $newRankPower[$i] . ")";
$result = mysql_query($sql, $conn) or die(mysql_error());
}
} else {
Fail("You cannot Create or Edit the Rank of a Rank with higher or Equal Power as yourself");
}
Success();
} else {
Fail("Bad Data");
}
function Fail($error)
{
header('Location: ./TDSInError.php?Error=' . $error . '');
}
function Success()
{
header('Location: ./TDSInAdminTools.php');
}
function ApplyConfigPureftpd()
{
writelogs('Start pure-ftpd configuration....', __FUNCTION__, __FILE__);
$prod = "pureftpd_main_settings";
$user = new usersMenus();
if ($user->PUREFTP_INSTALLED == true) {
if (!isset($_GET["hostname"])) {
$hostname = $user->hostname;
} else {
$hostname = $_GET["hostname"];
}
$sock = new sockets();
writelogs('Start pure-ftpd ->pureftpd_saveconf....', __FUNCTION__, __FILE__);
$sock->getfile("pureftpd_saveconf:{$hostname}");
$tpl = new templates();
echo $tpl->_ENGINE_parse_body(Success($prod));
}
}
public function UpdateAward($request)
{
$mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token']);
$awards = new yapo($this->db, DB_PREFIX . 'awards');
$awards->clear();
$awards->awards_id = $request['AwardsId'];
if (valid_id($request['AwardsId']) && $awards->find()) {
$mundane = $this->player_info($awards->mundane_id);
if (valid_id($mundane_id) && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_PARK, $mundane['ParkId'], AUTH_EDIT)) {
if (valid_id($request['ParkId'])) {
$Park = new Park();
$info = $Park->GetParkShortInfo(array('ParkId' => $request['ParkId']));
if ($info['Status']['Status'] != 0) {
return InvalidParameter();
}
}
$awards->rank = $request['Rank'];
$awards->date = $request['Date'];
$awards->given_by_id = $request['GivenById'];
$awards->note = $request['Note'];
// If no event, then go Park!
$awards->park_id = !valid_id($request['EventId']) ? $request['ParkId'] : 0;
// If no event and valid parkid, go Park! Otherwise, go Kingdom. Unless it's an event. Then go ... ZERO!
$awards->kingdom_id = !valid_id($request['EventId']) ? valid_id($request['ParkId']) ? $info['ParkInfo']['KingdomId'] : $request['KingdomId'] : 0;
// Events are awesome.
$awards->event_id = valid_id($request['EventId']) ? $request['EventId'] : 0;
$awards->save();
return Success($awards->awards_id);
} else {
return InvalidParamter();
}
} else {
return NoAuthorization();
}
}
public function add_member_h($request)
{
logtrace("add_member_h", $request);
$this->unit->clear();
$this->unit->type = 'Company';
$this->unit->unit_id = $request['UnitId'];
if ($this->unit->find()) {
$this->members->clear();
$this->members->unit_id = $request['UnitId'];
$this->members->mundane_id = $request['MundaneId'];
$this->members->active = 'Active';
if ($this->members->find()) {
return InvalidParameter('Player is already an active member of this company.');
}
$this->members->clear();
$this->members->mundane_id = $request['MundaneId'];
$this->members->unit_id = $request['UnitId'];
$this->members->active = 'Retired';
if ($this->members->find()) {
$this->members->active = 'Active';
$this->members->save();
return Success($this->members->unit_mundane_id);
}
}
$this->members->clear();
$this->members->unit_id = $request['UnitId'];
$this->members->mundane_id = $request['MundaneId'];
$this->members->role = $request['Role'];
$this->members->title = $request['Title'];
$this->members->active = $request['Active'];
$this->members->save();
return Success($this->members->unit_mundane_id);
}
</div>
<h3>Control Panel</h3>
<br/>
<div id="ControlPanel">
<br/>
<table class="CPanel Searchd">
<tbody>
<tr>
<th class="Desc">Searchd: </th>
<th>Status</th>
</tr>
<tr>
<td>Status: </td>
<td> <?php
if ($Settings['Status']->SearchdRunning) {
Success('Running');
} else {
Fail('Not Running');
}
?>
</td>
</tr>
</tbody>
</table>
<br/>
</div>
<br/>
<h3>Changelog</h3>
20140115
function ValidateInfo($aReg)
{
global $CFG, $dbConn;
// Username
if ($aReg['username'] == '') {
// They didn't specify a username.
$aError[] = 'You must specify a desired username.';
} else {
if (strlen($aReg['username']) > $CFG['maxlen']['username']) {
// The username they specified is too long.
$aError[] = "The username you specified is longer than {$CFG['maxlen']['username']} characters.";
} else {
if (trim($aReg['username']) != $aReg['username']) {
// Their username contains whitespace at the beginning and/or end.
$aError[] = 'Usernames must not begin or end with whitespace.';
}
}
}
$strUsername = $dbConn->sanitize($aReg['username']);
// Password
if ($aReg['passworda'] != $aReg['passwordb']) {
// The two passwords they specified are not the same.
$aError[] = 'The passwords you specified do not match.';
} else {
if ($aReg['passworda'] == '') {
// They didn't specify a password.
$aError[] = 'You must specify a password.';
} else {
if (strlen($aReg['passworda']) > $CFG['maxlen']['password']) {
// The password they specified is too long.
$aError[] = "The password you specified is longer than {$CFG['maxlen']['password']} characters.";
}
}
}
$strPassword = md5($aReg['passworda']);
// E-Mail Address
if ($aReg['emaila'] != $aReg['emailb']) {
// The two e-mail addresses they specified are not the same.
$aError[] = 'The e-mail addresses you specified do not match.';
} else {
if ($aReg['emaila'] == '') {
// They didn't specify an e-mail address.
$aError[] = 'You must specify an e-mail address.';
} else {
if (strlen($aReg['emaila']) > $CFG['maxlen']['email']) {
// The e-mail address they specified is too long.
$aError[] = "The e-mail address you specified is longer than {$CFG['maxlen']['email']} characters.";
} else {
if (!preg_match("/^(([^<>()[\\]\\\\.,;:\\s@\"]+(\\.[^<>()[\\]\\\\.,;:\\s@\"]+)*)|(\"([^\"\\\\\r]|(\\\\[\\w\\W]))*\"))@((\\[([0-9]{1,3}\\.){3}[0-9]{1,3}\\])|(([a-z\\-0-9]+\\.)+[a-z]{2,}))\$/i", $aReg['emaila'])) {
// The "e-mail address" they specified does not match the format of a typical e-mail address.
$aError[] = 'The e-mail address you specified is not a valid address.';
}
}
}
}
$strEMail = $dbConn->sanitize($aReg['emaila']);
// Image verification.
if ($CFG['reg']['verify_img'] == TRUE && $aReg['verifyimg'] != $_SESSION['randstr']) {
$aError[] = 'The value you entered for the image verification is incorrect.';
unset($_SESSION['randstr']);
}
// Web Site
$aURL = @parse_url($aReg['website']);
if ($aReg['website'] == 'http://' || $aReg['website'] == '') {
// Either they specified nothing, or they left it at the default "http://".
$aReg['website'] = '';
} else {
if (!$aURL['scheme']) {
// Default to HTTP.
$aReg['website'] = "http://{$aReg['website']}";
}
}
if (strlen($aReg['website']) > $CFG['maxlen']['website']) {
// The Web site they specified is too long.
$aError[] = "The Web site you specified is longer than {$CFG['maxlen']['website']} characters.";
} else {
$strWebsite = $dbConn->sanitize($aReg['website']);
}
// AIM
if (strlen($aReg['aim']) > $CFG['maxlen']['aim']) {
// The AIM handle they specified is too long.
$aError[] = "The AIM handle you specified is longer than {$CFG['maxlen']['aim']} characters.";
}
$strAIM = $dbConn->sanitize($aReg['aim']);
// ICQ
if (strlen($aReg['icq']) > $CFG['maxlen']['icq']) {
// The ICQ number they specified is too long.
$aError[] = "The ICQ number you specified is longer than {$CFG['maxlen']['icq']} characters.";
}
$strICQ = $dbConn->sanitize($aReg['icq']);
// MSN
if (strlen($aReg['msn']) > $CFG['maxlen']['msn']) {
// The MSN Messenger handle they specified is too long.
$aError[] = "The MSN Messenger handle you specified is longer than {$CFG['maxlen']['msn']} characters.";
}
$strMSN = $dbConn->sanitize($aReg['msn']);
// Yahoo!
if (strlen($aReg['yahoo']) > $CFG['maxlen']['yahoo']) {
// The Yahoo! handle they specified is too long.
$aError[] = "The Yahoo! handle you specified is longer than {$CFG['maxlen']['yahoo']} characters.";
}
$strYahoo = $dbConn->sanitize($aReg['yahoo']);
// Referrer
if (strlen($aReg['referrer']) > $CFG['maxlen']['username']) {
// The referrer they specified is too long.
$aError[] = "The referrer\\'s username you specified is longer than {$CFG['maxlen']['username']} characters.";
}
$strReferrer = $dbConn->sanitize($aReg['referrer']);
// Birthday
if ($aReg['birthmonth'] < 0 || $aReg['birthmonth'] > 12) {
// The birthmonth they specified is invalid.
$aError[] = 'The birthmonth you specified is not a valid month.';
} else {
if ($aReg['birthmonth'] && $aReg['birthdate'] == 0 && $aReg['birthyear'] == '') {
// They specified a month but no date or year.
$aError[] = 'If you specify a birthmonth, you must also specify your birthdate and/or birthyear.';
}
}
if ($aReg['birthdate'] < 0 || $aReg['birthdate'] > 31) {
// The birthdate they specified is invalid.
$aError[] = 'The birthdate you specified is not a valid date.';
} else {
if ($aReg['birthdate'] && $aReg['birthmonth'] == 0) {
// They specified a date but no month.
$aError[] = 'If you specify a birthdate, you must also specify a birthmonth.';
}
}
if ($aReg['birthyear'] != '' && ($aReg['birthyear'] < 1900 || $aReg['birthyear'] > date('Y'))) {
// The birthyear they specified is invalid.
$aError[] = 'The birthyear you specified is not a valid year.';
}
if ($aReg['birthyear'] == '') {
$aReg['birthyear'] = 0;
}
$strBirthday = "'" . sprintf('%04u-%02u-%02u', $aReg['birthyear'], $aReg['birthmonth'], $aReg['birthdate']) . "'";
// Some databases will not accept invalid dates.
if ($strBirthday == "'0000-00-00'") {
$strBirthday = 'NULL';
}
// Biography
if (strlen($aReg['bio']) > $CFG['maxlen']['bio']) {
// The biography they specified is too long.
$aError[] = "The biography you specified is longer than {$CFG['maxlen']['bio']} characters.";
}
$strBio = $dbConn->sanitize($aReg['bio']);
// Location
if (strlen($aReg['residence']) > $CFG['maxlen']['location']) {
// The location they specified is too long.
$aError[] = "The location you specified is longer than {$CFG['maxlen']['location']} characters.";
}
$strLocation = $dbConn->sanitize($aReg['residence']);
// Interests
if (strlen($aReg['interests']) > $CFG['maxlen']['interests']) {
// The interests they specified is too long.
$aError[] = "The value you specified for interests is longer than {$CFG['maxlen']['interests']} characters.";
}
$strInterests = $dbConn->sanitize($aReg['interests']);
// Occupation
if (strlen($aReg['occupation']) > $CFG['maxlen']['occupation']) {
// The occupation they specified is too long.
$aError[] = "The occupation you specified is longer than {$CFG['maxlen']['occupation']} characters.";
}
$strOccupation = $dbConn->sanitize($aReg['occupation']);
// Signature
if (strlen($aReg['signature']) > $CFG['maxlen']['signature']) {
// The signature they specified is too long.
$aError[] = "The signature you specified is longer than {$CFG['maxlen']['signature']} characters.";
}
$strSignature = $dbConn->sanitize($aReg['signature']);
// Default Thread View
if ($aReg['threadview'] > 365 && $aReg['threadview'] != 1000) {
// They specified an invalid choice for the default thread view.
$iThreadView = 0;
} else {
$iThreadView = $aReg['threadview'];
}
// Default Posts Per Page
if ($aReg['postsperpage'] < 0) {
// They specified an invalid choice for the default posts per page.
$iPostsPerPage = 0;
} else {
$iPostsPerPage = $aReg['postsperpage'];
}
// Default Threads Per Page
if ($aReg['threadsperpage'] < 0) {
// They specified an invalid choice for the default threads per page.
$iThreadsPerPage = 0;
} else {
$iThreadsPerPage = $aReg['threadsperpage'];
}
// Start Of The Week
if ($aReg['weekstart'] > 6) {
// They specified an invalid day for the start of the week.
$iWeekStart = 0;
} else {
$iWeekStart = $aReg['weekstart'];
}
// Time Offset
if ($aReg['timeoffset'] > 43200 || $aReg['timeoffset'] < -43200) {
// They specified an invalid time for the time offset.
$strTimeOffset = $CFG['time']['display_offset'];
} else {
$strTimeOffset = $aReg['timeoffset'];
}
// DST Offset
$iDSTOffset = $aReg['dsth'] * 3600 + $aReg['dstm'] * 60;
if ($iDSTOffset > 65535 || $iDSTOffset < 0) {
$iDSTOffset = 0;
}
// Do they have any errors?
if (is_array($aError)) {
return $aError;
}
// Is there already a user with the desired username?
$dbConn->query("SELECT id FROM citizen WHERE username='******'");
if ($dbConn->getresult()) {
// Yep, a user already exists. Let them know the bad news.
$aError[] = 'There is already a user with that username. Please specify a different one.';
}
// Is there already a user with the specified e-mail address?
$dbConn->query("SELECT id FROM citizen WHERE email='{$strEMail}'");
if ($dbConn->getresult()) {
// Yep, e-mail address is already in use. Let them know the bad news.
$aError[] = 'There is already a user with that e-mail address. Please specify a different one.';
}
// Do they have any errors?
if (is_array($aError)) {
return $aError;
}
// Is e-mail validation enabled?
if ($CFG['reg']['email']) {
// Yes, so generate a registration hash.
$strHash = md5(mt_rand());
// Add the user's member record.
$dJoined = gmdate('Y-m-d');
$dbConn->query("INSERT INTO citizen(username, passphrase, email, datejoined, website, aim, icq, msn, yahoo, referrer, birthday, bio, residence, interests, occupation, signature, allowmail, invisible, publicemail, enablepms, pmnotifya, pmnotifyb, threadview, postsperpage, threadsperpage, weekstart, timeoffset, dst, dstoffset, postcount, showsigs, showavatars, autologin, usergroup, pmfolders, reghash) VALUES('{$strUsername}', '{$strPassword}', '{$strEMail}', '{$dJoined}', '{$strWebsite}', '{$strAIM}', '{$strICQ}', '{$strMSN}', '{$strYahoo}', '{$strReferrer}', '{$strBirthday}', '{$strBio}', '{$strLocation}', '{$strInterests}', '{$strOccupation}', '{$strSignature}', {$aReg['allowmail']}, {$aReg['invisible']}, {$aReg['publicemail']}, {$aReg['enablepms']}, {$aReg['pmnotifya']}, {$aReg['pmnotifyb']}, {$iThreadView}, {$iPostsPerPage}, {$iThreadsPerPage}, {$iWeekStart}, {$strTimeOffset}, {$aReg['dst']}, {$iDSTOffset}, 0, {$aReg['showsigs']}, {$aReg['showavatars']}, {$aReg['autologin']}, 1, 'a:0:{}', '{$strHash}')");
$iUserID = mysql_insert_id();
// Send the user their activation e-mail.
$strMessage = file_get_contents('includes/activation.tpl');
$aReg['actlink'] = 'http://' . $_SERVER['HTTP_HOST'] . pathinfo($_SERVER['PHP_SELF'], PATHINFO_DIRNAME) . "/member.php?action=activate&userid={$iUserID}&hash={$strHash}";
@eval("\$strMessage = \"{$strMessage}\";");
mail($aReg['emaila'], "Action required to activate membership for {$CFG['general']['name']}!", preg_replace("/(\r\n|\r|\n)/s", "\r\n", $strMessage), "From: {$CFG['general']['name']} Mailer <{$CFG['general']['admin']['email']}>");
// Show them the success page.
JustRegistered();
}
// Add the user's member record.
$dJoined = gmdate('Y-m-d');
$dbConn->query("INSERT INTO citizen(username, passphrase, email, datejoined, website, aim, icq, msn, yahoo, referrer, birthday, bio, residence, interests, occupation, signature, allowmail, invisible, publicemail, enablepms, pmnotifya, pmnotifyb, threadview, postsperpage, threadsperpage, weekstart, timeoffset, dst, dstoffset, postcount, showsigs, showavatars, autologin, usergroup, pmfolders) VALUES('{$strUsername}', '{$strPassword}', '{$strEMail}', '{$dJoined}', '{$strWebsite}', '{$strAIM}', '{$strICQ}', '{$strMSN}', '{$strYahoo}', '{$strReferrer}', {$strBirthday}, '{$strBio}', '{$strLocation}', '{$strInterests}', '{$strOccupation}', '{$strSignature}', {$aReg['allowmail']}, {$aReg['invisible']}, {$aReg['publicemail']}, {$aReg['enablepms']}, {$aReg['pmnotifya']}, {$aReg['pmnotifyb']}, {$iThreadView}, {$iPostsPerPage}, {$iThreadsPerPage}, {$iWeekStart}, {$strTimeOffset}, {$aReg['dst']}, {$iDSTOffset}, 0, {$aReg['showsigs']}, {$aReg['showavatars']}, {$aReg['autologin']}, 1, 'a:0:{}')");
$iUserID = $dbConn->getinsertid('citizen');
// Update the forum stats.
$dbConn->query("UPDATE stats SET content=content+1 WHERE name='membercount'");
$dbConn->query("UPDATE stats SET content={$iUserID} WHERE name='newestmember'");
// Show them the success page.
Success($iUserID);
}
/**
* Report List.
*/
public function report_list()
{
$this->assign("less", __FUNCTION__ . ".less");
try {
$model = D('cernet_report');
$list = $model->join('cernet_team ON cernet_report.id = cernet_team.report_id')->select();
$this->assign('list', $list);
} catch (Exception $e) {
$this->assign('list', '<h1>' . Success('nullContent') . '</h1>');
}
eval(NDSP);
}
// If we got more than one entry, then something is really messed up with
// the database, there must not be more than one entry with the same data
} elseif ($result_count > 1) {
MultipleResults();
// If we got one coincidence, then we can proceed to modification
} elseif ($result_count == 1) {
// What dn are we going to modify?
$moddn = $search_entries['0']['dn'];
// We fill in our attribute modificator array
$in['userPassword'] = $userPassword;
// Modifying ...
$mod = AssistedLDAPModify($ldapc, $moddn, $in);
// If the modifying went OK, we send the notification e-mail to the user
if ($mod) {
$send = AssistedEMail("ChangePasswordDo", $mail);
}
// If the mailing went OK ...
if ($send) {
// We log the event
WriteLog("ChangePasswordDo");
// Print the good news to the user
Success("ChangePasswordDo");
} else {
// We fail nicely, at least
Fail("ChangePasswordDo");
}
}
}
// Closing the connection
$ldapx = AssistedLDAPClose($ldapc);
require_once "./themes/{$app_theme}/footer.php";
public function GetActivePlayers($request)
{
if (strlen($request['MinimumWeeklyAttendance']) == 0) {
$request['MinimumWeeklyAttendance'] = 0;
}
if (strlen($request['MinimumDailyAttendance']) == 0) {
$request['MinimumDailyAttendance'] = 6;
}
if (strlen($request['MonthlyCreditMaximum']) == 0) {
$request['MonthlyCreditMaximum'] = 6;
}
if (strlen($request['MinimumCredits']) == 0) {
$request['MinimumCredits'] = 9;
}
if (strlen($request['PerWeeks']) == 0 && strlen($request['PerMonths']) == 0) {
$request['PerMonths'] = 6;
}
if (strlen($request['ReportFromDate']) == 0) {
$request['ReportFromDate'] = 'curdate()';
}
if (strlen($request['PerWeeks']) > 0) {
$per_period = mysql_real_escape_string($request['PerWeeks']) . ' week';
} else {
$per_period = mysql_real_escape_string($request['PerMonths']) . ' month';
}
if (valid_id($request['ParkId'])) {
$location = " and m.park_id = '" . mysql_real_escape_string($request['ParkId']) . "'";
$duesclause = "a.park_id = '" . mysql_real_escape_string($request['ParkId']) . "'";
if (valid_id($request['ByLocalPark'])) {
$park_comparator = " and a.park_id = '" . mysql_real_escape_string($request['ParkId']) . "' ";
}
} else {
if (strlen($request['KingdomId']) > 0 && $request['KingdomId'] > 0) {
$location = " and m.kingdom_id = '" . mysql_real_escape_string($request['KingdomId']) . "'";
$duesclause = "a.kingdom_id = '" . mysql_real_escape_string($request['KingdomId']) . "'";
if (valid_id($request['ByKingdom'])) {
$park_list = Ork3::$Lib->Kingdom->GetParks($request);
$parks = array();
foreach ($park_list['Parks'] as $p => $park) {
$parks[] = $p['ParkId'];
}
$park_comparator = " and a.park_id in (" . implode($parks) . ") ";
}
} else {
$park_comparator = "";
}
}
if ($request['KingdomId'] > 0 || $request['ParkId'] > 0) {
if ($request['DuesPaid']) {
$has_dues = "and s.is_dues = 1";
}
$duespaid_clause = "\n\t\t\t\t\tleft join \n\t\t\t\t\t\t(select distinct case split_id when null then 0 else 1 end as split_id, src_mundane_id \n\t\t\t\t\t\t\tfrom " . DB_PREFIX . "split s \n\t\t\t\t\t\t\tleft join " . DB_PREFIX . "account a on s.account_id = a.account_id \n\t\t\t\t\t\t\t\tand {$duesclause}\n\t\t\t\t\t\t\t\t{$has_dues}\n\t\t\t\t\t\t\twhere s.dues_through > curdate()) dues on attendance_summary.mundane_id = dues.src_mundane_id\n\t\t\t";
$duespaid_field = ',
ifnull(split_id,0) as duespaid';
$duespaid_order = 'duespaid desc, ';
}
if (trimlen($request['Peerage']) > 0) {
$peerage = "\n left join\n (select distinct awards.mundane_id, award.peerage \n from " . DB_PREFIX . "awards awards\n left join " . DB_PREFIX . "kingdomaward ka on ka.kingdomaward_id = awards.kingdomaward_id\n left join " . DB_PREFIX . "award award on ka.award_id = award.award_id\n left join " . DB_PREFIX . "mundane m on awards.mundane_id = m.mundane_id\n where award.peerage = '" . mysql_real_escape_string($request['Peerage']) . "' and awards.mundane_id > 0 {$location}\n group by awards.mundane_id\n ) peers on attendance_summary.mundane_id = peers.mundane_id\n ";
$peerage_clause = "and peers.peerage = '" . mysql_real_escape_string($request['Peerage']) . "'";
$peer_field = 'peers.peerage, ';
}
if ($request['Waivered']) {
$waiver_clause = ' and m.waivered = 1';
} else {
if ($request['UnWaivered']) {
$waiver_clause = ' and m.waivered = 0';
}
}
$sql = "\n select main_summary.*, total_monthly_credits, credit_counts.daily_credits, credit_counts.rop_limited_credits\n from\n (select \n \t\t\t\t\t\t{$peer_field} count(week) as weeks_attended, sum(weekly_attendance) as park_days_attended, sum(daily_attendance) as days_attended, sum(credits_earned) total_credits, attendance_summary.mundane_id, \n \t\t\t\t\t\t\tmundane.persona, kingdom.kingdom_id, park.park_id, kingdom.name kingdom_name, kingdom.parent_kingdom_id, park.name park_name, attendance_summary.waivered {$duespaid_field}\n \t\t\t\t\tfrom\n \t\t\t\t\t\t(select \n \t\t\t\t\t\t\t\ta.park_id > 0 as weekly_attendance, count(a.park_id > 0) as daily_attendance, a.mundane_id, \n week(a.date,3) as week, year(a.date) as year, a.kingdom_id, a.park_id, max(credits) as credits_earned, m.waivered \n \t\t\t\t\t\t\tfrom " . DB_PREFIX . "attendance a\n \t\t\t\t\t\t\t\tleft join " . DB_PREFIX . "mundane m on a.mundane_id = m.mundane_id\n \t\t\t\t\t\t\twhere \n date > adddate(curdate(), interval -{$per_period}) {$park_comparator} {$location} {$waiver_clause}\n \t\t\t\t\t\t\tgroup by week(date,3), year(date), mundane_id) attendance_summary \n \t\t\t\t\tleft join " . DB_PREFIX . "mundane mundane on mundane.mundane_id = attendance_summary.mundane_id\n \t\t\t\t\t\tleft join " . DB_PREFIX . "kingdom kingdom on kingdom.kingdom_id = mundane.kingdom_id\n \t\t\t\t\t\tleft join " . DB_PREFIX . "park park on park.park_id = mundane.park_id\n \t\t\t\t\t{$duespaid_clause}\n {$peerage}\n \t\t\t\t\tgroup by mundane_id\n \t\t\t\t\thaving\n \t\t\t\t\t\tweeks_attended >= '" . mysql_real_escape_string($request['MinimumWeeklyAttendance']) . "'\n and days_attended >= '" . mysql_real_escape_string($request['MinimumDailyAttendance']) . "'\n and total_credits >= '" . mysql_real_escape_string($request['MinimumCredits']) . "'\n {$peerage_clause}\n \t\t\t\t\torder by {$duespaid_order} kingdom_name, park_name, persona) main_summary\n left join\n (select mundane_id, sum(monthly_credits) as total_monthly_credits\n from\n (select \n \t\t\t\t\t\t\tleast(sum(credits), " . mysql_real_escape_string($request['MonthlyCreditMaximum']) . ") as monthly_credits, a.mundane_id\n \t\t\t\t\t\t\tfrom ork_attendance a\n \t\t\t\t\t\t\t\tleft join ork_mundane m on a.mundane_id = m.mundane_id\n \t\t\t\t\t\t\twhere \n date > adddate(curdate(), interval -{$per_period}) {$location} {$waiver_clause}\n \t\t\t\t\t\t\tgroup by month(date), year(date), mundane_id) monthly_list\n group by monthly_list.mundane_id) monthly_summary on main_summary.mundane_id = monthly_summary.mundane_id\n left join\n (select mundane_id, sum(daily_credits) as daily_credits, sum(rop_limited_credits) as rop_limited_credits\n from \n (select least(" . mysql_real_escape_string($request['MonthlyCreditMaximum']) . ", sum(daily_credits)) as daily_credits, least(" . mysql_real_escape_string($request['MonthlyCreditMaximum']) . ", sum(rop_credits)) rop_limited_credits, mundane_id\n from\n (select \n \t\t\t\t\t\t\tmax(credits) as daily_credits, 1 as rop_credits, a.mundane_id, a.date\n \t\t\t\t\t\t\tfrom ork_attendance a\n \t\t\t\t\t\t\t\tleft join ork_mundane m on a.mundane_id = m.mundane_id\n \t\t\t\t\t\t\twhere \n date > adddate(curdate(), interval -{$per_period}) {$location} {$waiver_clause}\n \t\t\t\t\t\t\tgroup by dayofyear(date), year(date), mundane_id) credit_list_source\n \t\t\t\t\t group by mundane_id, month(`date`)) credit_list\n group by credit_list.mundane_id) credit_counts on main_summary.mundane_id = credit_counts.mundane_id\n\t\t\t\t\t";
// For last join, need to limit monthly credits to monthly credit maximum per kingdom config
logtrace('Report: GetActivePlayers', array($request, $sql));
$r = $this->db->query($sql);
$report = array();
if ($r !== false && $r->size() > 0) {
do {
$report[] = array('KingdomName' => $r->kingdom_name, 'KingdomId' => $r->kingdom_id, 'ParentKingdomId' => $r->parent_kingodm_id, 'ParkName' => $r->park_name, 'ParkId' => $r->park_id, 'Persona' => $r->persona, 'MundaneId' => $r->mundane_id, 'TotalCredits' => $r->total_credits, 'TotalMonthlyCredits' => $r->total_monthly_credits, 'WeeksAttended' => $r->weeks_attended, 'ParkDaysAttended' => $r->park_days_attended, 'DaysAttended' => $r->days_attended, 'DailyCredits' => $r->daily_credits, 'RopLimitedCredits' => $r->rop_limited_credits, 'DuesPaid' => $r->duespaid, 'Waivered' => $r->waivered);
} while ($r->next());
}
$response = array('Status' => Success(), 'ActivePlayerSummary' => $report);
return $response;
}
if ($result_count == 0) {
NoResults();
// If we got more than one entry, then something is really messed up with
// the database, there must not be more than one entry with the same data
} elseif ($result_count > 1) {
MultipleResults();
// If we got one coincidence, then we can proceed to deletion
} elseif ($result_count == 1) {
// Assigning DN to delete
$dn = $search_entries[0]["dn"];
// Deleting ...
$del = AssistedLDAPDelete($ldapc, $dn);
// If the deleting went OK, we send the notification e-mail to the user
if ($del) {
$send = AssistedEMail("DeleteUserDo", $mail);
}
// If the mailing went OK ...
if ($send) {
// We log the event
WriteLog("DeleteUserDo");
// Print the good news to the user
Success("DeleteUserDo");
} else {
// We fail nicely, at least
Fail("DeleteUserDo");
}
}
}
// Closing the connection
$ldapx = AssistedLDAPClose($ldapc);
require_once "./themes/{$app_theme}/footer.php";
public function RemoveAttendance($request)
{
logtrace("Attendance->RemoveAttendance()", $request);
if ($this->AttendanceAuthority($request) === false) {
return NoAuthorization();
}
$this->attendance->clear();
$this->attendance->attendance_id = $request['AttendanceId'];
if (!valid_id($request['AttendanceId']) || !$this->attendance->find()) {
return InvalidParameter();
}
$this->attendance->delete();
return Success($this->attendance->attendance_id);
}
public function add_auth_h($request)
{
logtrace('add_auth_h', $request);
$this->auth->clear();
$this->auth->mundane_id = $request['MundaneId'];
switch ($request['Type']) {
case AUTH_PARK:
$this->auth->park_id = $request['Id'];
break;
case AUTH_KINGDOM:
$this->auth->kingdom_id = $request['Id'];
break;
case AUTH_EVENT:
$this->auth->event_id = $request['Id'];
break;
case AUTH_UNIT:
$this->auth->unit_id = $request['Id'];
break;
case AUTH_ADMIN:
break;
default:
$response = InvalidParameter(null, "Unrecognized Type.");
return $response;
}
$this->auth->role = $request['Role'];
$this->auth->modified = date('Y-m-d H:i:s');
$this->auth->save();
return Success($this->auth->authorization_id);
}
if (!$val_r) {
require_once "./libraries/CreateUserTable.inc.php";
}
// Encoding the password
$userPassword = EncodePassword($userPassword, $ldap_enc);
// We build up our query to insert the user data into a temporary MYSQL Database
// while the user gets the confirmation e-mail and clicks the link
$ins_q = sprintf("INSERT INTO NewUser " . "(uid, givenName, sn, mail, userPassword, description, token) " . "VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s')", mysql_real_escape_string($uid), mysql_real_escape_string($givenName), mysql_real_escape_string($sn), mysql_real_escape_string($mail), mysql_real_escape_string($userPassword), mysql_real_escape_string($description), mysql_real_escape_string($newtoken));
// Inserting the row on the table ...
$ins_r = AssistedMYSQLQuery($ins_q);
// If the insert went OK, we send the notification e-mail to the user
if ($ins_r) {
$send = AssistedEMail("NewUserMail", $mail);
}
// If the mailing went OK ...
if ($send) {
// We log the event
WriteLog("NewUserMail");
// Print the good news to the user
Success("NewUserMail");
} else {
// We fail nicely, at least
Fail("NewUserMail");
}
}
}
// Closing the connection
$ldapx = AssistedLDAPClose($ldapc);
// Closing the connection
$mysqlx = AssistedMYSQLClose($mysqlc);
require_once "./themes/{$app_theme}/footer.php";
public function RemoveAward($request)
{
if (($mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token'])) > 0 && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_ADMIN, 0, AUTH_EDIT)) {
$this->log->Write('Award', $mundane_id, LOG_REMOVE, $request);
$this->award->award_id = $request['AwardId'];
if ($this->award->find()) {
$this->award->delete();
}
return Success();
}
return NoAuthorization();
}
public function SetEvent($request)
{
$mundane_id = Ork3::$Lib->authorization->IsAuthorized($request['Token']);
if (valid_id($mundane_id) && Ork3::$Lib->authorization->HasAuthority($mundane_id, AUTH_EVENT, $request['EventId'], AUTH_EDIT)) {
$this->event->clear();
$this->event->event_id = $request['EventId'];
$response = array();
if (valid_id($request['EventId']) && $this->event->find()) {
if (is_numeric($request['KingdomId'])) {
$this->event->kingdom_id = $request['KingdomId'];
}
if (is_numeric($request['ParkId'])) {
$this->event->park_id = $request['ParkId'];
$p = Ork3::$Lib->park->GetParkShortInfo(array('ParkId' => $request['ParkId']));
if ($p['Status']['Status'] != 0) {
return $p['Status'];
} else {
$this->event->kingdom_id = $p['KingdomId'];
}
}
if (is_numeric($request['MundaneId'])) {
$this->event->mundane_id = $request['MundaneId'];
}
if (is_numeric($request['UnitId'])) {
$this->event->unit_id = $request['UnitId'];
}
if (trimlen($request['Name'])) {
$this->event->name = $request['Name'];
}
$this->event->save();
Ork3::$Lib->heraldry->SetEventHeraldry($request);
logtrace("SetEvent", array($request, $this->event));
return Success();
} else {
return InvalidParameter('Event Id is not a valid id.');
}
} else {
return NoAuthorization();
}
}
public function GetKingdoms($request)
{
$response = ['Status' => Success(), 'Kingdoms' => []];
$this->kingdom->clear();
$this->kingdom->active = 'Active';
if ($this->kingdom->find()) {
do {
$config = Common::get_configs($this->kingdom->kingdom_id);
$response['Kingdoms'][$this->kingdom->kingdom_id] = ['KingdomId' => $this->kingdom->kingdom_id, 'KingdomName' => $this->kingdom->name, 'KingdomColor' => $config['AtlasColor']['Value']];
} while ($this->kingdom->next());
}
return $response;
}
