function char_achievements()
{
global $output, $logon_db, $site_encoding, $realm_id, $characters_db, $corem_db, $action_permission, $user_lvl, $user_name, $base_datasite, $achievement_datasite, $sql, $core;
// this page uses wowhead tooltops
wowhead_tt();
// we need at least an id or we would have nothing to show
if (empty($_GET["id"])) {
error(lang("global", "empty_fields"));
}
// this is multi realm support, as of writing still under development
// this page is already implementing it
if (empty($_GET["realm"])) {
$realmid = $realm_id;
} else {
$realmid = $sql["logon"]->quote_smart($_GET["realm"]);
if (is_numeric($realmid)) {
$sql["char"]->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name'], $characters_db[$realmid]["encoding"]);
} else {
$realmid = $realm_id;
}
}
//-------------------SQL Injection Prevention--------------------------------
// no point going further if we don have a valid ID
$id = $sql["char"]->quote_smart($_GET["id"]);
if (!is_numeric($id)) {
error(lang("global", "empty_fields"));
}
$show_type = isset($_POST["show_type"]) ? $sql["char"]->quote_smart($_POST["show_type"]) : 0;
if (!is_numeric($show_type)) {
$show_type = 0;
}
// getting character data from database
if ($core == 1) {
$result = $sql["char"]->query("SELECT acct, name, race, class, level, gender\n FROM characters WHERE guid='" . $id . "' LIMIT 1");
} else {
$result = $sql["char"]->query("SELECT account AS acct, name, race, class, level, gender\n FROM characters WHERE guid='" . $id . "' LIMIT 1");
}
// no point going further if character does not exist
if ($sql["char"]->num_rows($result)) {
$char = $sql["char"]->fetch_assoc($result);
// we get user permissions first
$owner_acc_id = $sql["char"]->result($result, 0, 'acct');
if ($core == 1) {
$result = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $char["acct"] . "'");
} else {
$result = $sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $char["acct"] . "'");
}
$owner_name = $sql["logon"]->result($result, 0, 'login');
$s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='******'";
$s_result = $sql["mgr"]->query($s_query);
$s_fields = $sql["mgr"]->fetch_assoc($s_result);
$owner_gmlvl = $s_fields["gm"];
$view_mod = $s_fields["View_Mod_Achieve"];
if ($owner_gmlvl >= 1073741824) {
$owner_gmlvl -= 1073741824;
}
// owner configured overrides
$view_override = false;
if ($view_mod > 0) {
if ($view_mod == 1) {
} elseif ($view_mod == 2) {
// only registered users may view this page
if ($user_lvl > -1) {
$view_override = true;
}
}
}
// visibility overrides for specific tabs
$view_inv_override = false;
if ($s_fields["View_Mod_Inv"] > 0) {
if ($s_fields["View_Mod_Inv"] == 1) {
} elseif ($s_fields["View_Mod_Inv"] == 2) {
// only registered users may view this tab
if ($user_lvl > -1) {
$view_inv_override = true;
}
}
} else {
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
$view_inv_override = true;
}
}
$view_talent_override = false;
if ($s_fields["View_Mod_Talent"] > 0) {
if ($s_fields["View_Mod_Talent"] == 1) {
} elseif ($s_fields["View_Mod_Talent"] == 2) {
// only registered users may view this tab
if ($user_lvl > -1) {
$view_talent_override = true;
}
}
} else {
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
$view_talent_override = true;
}
}
$view_quest_override = false;
if ($s_fields["View_Mod_Quest"] > 0) {
if ($s_fields["View_Mod_Quest"] == 1) {
} elseif ($s_fields["View_Mod_Quest"] == 2) {
// only registered users may view this tab
if ($user_lvl > -1) {
$view_quest_override = true;
}
}
} else {
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
$view_quest_override = true;
}
}
$view_friends_override = false;
if ($s_fields["View_Mod_Friends"] > 0) {
if ($s_fields["View_Mod_Friends"] == 1) {
} elseif ($s_fields["View_Mod_Friends"] == 2) {
// only registered users may view this tab
if ($user_lvl > -1) {
$view_friends_override = true;
}
}
} else {
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
$view_friends_override = true;
}
}
$view_view_override = false;
if ($s_fields["View_Mod_View"] > 0) {
if ($s_fields["View_Mod_View"] == 1) {
} elseif ($s_fields["View_Mod_View"] == 2) {
// only registered users may view this tab
if ($user_lvl > -1) {
$view_view_override = true;
}
}
} else {
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
$view_view_override = true;
}
}
// check user permission
if ($view_override || $user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
//------------------------Character Tabs---------------------------------
// we start with a lead of 10 spaces,
// because last line of header is an opening tag with 8 spaces
// keep html indent in sync, so debuging from browser source would be easy to read
$output .= '
<!-- start of char_achieve.php -->
<script type="text/javascript">
function expand(thistag)
{
var i = 0;
%%REPLACE%%
if ( thistag == \'tsummary\' )
{
document.getElementById(\'tsummary\').style.display="table";
document.getElementById(\'divsummary\').innerHTML = \'[-] ' . lang("char", "summary") . '\' ;
for ( x in main_cats )
{
if ( document.getElementById(main_cats[x]).style.display=="table" )
{
document.getElementById(main_cats[x]).style.display="none";
document.getElementById(main_cats_achieve[x]).style.display="none";
document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x];
}
}
for ( x in main_sub_cats )
{
if ( document.getElementById(main_sub_cats_achieve[x]).style.display=="table" )
{
document.getElementById(main_sub_cats_achieve[x]).style.display="none";
document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x];
}
}
}
else
{
if ( document.getElementById(\'tsummary\').style.display="table" )
{
document.getElementById(\'tsummary\').style.display="none";
document.getElementById(\'divsummary\').innerHTML = \'[+] ' . lang("char", "summary") . '\' ;
}
for ( x in main_cats )
{
if ( main_cats[x] == thistag )
{
i = 1;
}
}
if ( i == 1 )
{
for ( x in main_cats )
{
if ( main_cats[x] == thistag )
{
if ( document.getElementById(main_cats[x]).style.display=="table" )
{
document.getElementById(main_cats[x]).style.display="none";
document.getElementById(main_cats_achieve[x]).style.display="none";
document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x];
document.getElementById(\'tsummary\').style.display="table";
document.getElementById(\'divsummary\').innerHTML = \'[-] ' . lang("char", "summary") . '\' ;
}
else
{
document.getElementById(main_cats[x]).style.display="table";
document.getElementById(main_cats_achieve[x]).style.display="table";
document.getElementById(main_cats_div[x]).innerHTML = \'[-] \' + main_cats_name[x];
}
}
else
{
if ( document.getElementById(main_cats[x]).style.display=="table" )
{
document.getElementById(main_cats[x]).style.display="none";
document.getElementById(main_cats_achieve[x]).style.display="none";
document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x];
}
}
}
for ( x in main_sub_cats )
{
if ( document.getElementById(main_sub_cats_achieve[x]).style.display=="table" )
{
document.getElementById(main_sub_cats_achieve[x]).style.display="none";
document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x];
}
}
}
else if ( i == 0 )
{
for ( x in main_sub_cats )
{
if ( main_sub_cats[x] == thistag )
{
if ( document.getElementById(main_sub_cats_achieve[x]).style.display=="table" )
{
document.getElementById(main_sub_cats_achieve[x]).style.display="none";
document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x];
}
else
{
document.getElementById(main_sub_cats_achieve[x]).style.display="table";
document.getElementById(main_sub_cats_div[x]).innerHTML = \'[-] \' + main_sub_cats_name[x];
}
}
else
{
if ( document.getElementById(main_sub_cats_achieve[x]).style.display=="table" )
{
document.getElementById(main_sub_cats_achieve[x]).style.display="none";
document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x];
}
}
}
for ( x in main_cats )
{
if ( document.getElementById(main_cats_achieve[x]).style.display=="table" )
{
document.getElementById(main_cats_achieve[x]).style.display="none";
}
}
}
}
}
</script>
<div class="tab">
<ul>
<li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>';
if ($view_inv_override) {
$output .= '
<li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "inventory") . '</a></li>';
}
if ($view_talent_override) {
$output .= '
' . ($char["level"] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "talents") . '</a></li>') . '';
}
$output .= '
<li class="selected"><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "achievements") . '</a></li>';
if ($view_quest_override) {
$output .= '
<li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "quests") . '</a></li>';
}
if ($view_friends_override) {
$output .= '
<li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "friends") . '</a></li>';
}
if ($view_view_override) {
$output .= '
<li><a href="char_view.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "view") . '</a></li>';
}
$output .= '
</ul>
</div>
<div class="tab_content center center_text">
<span class="bold">
' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' -
<img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
<img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . '
</span>
<br /><br />';
//---------------Page Specific Data Starts Here--------------------------
$output .= '
<table class="top_hidden" id="ch_ach_info">
<tr>
<td style="width: 30%;">
</td>
<td align="center">
%%REPLACE_POINTS%%
</td>
<td align="right" style="width: 20%;">
<div style="position: relative; float: left; top: 2px;">' . lang("char", "show") . ' :</div>
<form action="char_achieve.php?id=' . $id . '&realm=' . $realmid . '" method="post" id="form">
<div>
<select name="show_type">
<option value="1"' . ($show_type == 1 ? ' selected="selected"' : '') . '>' . lang("char", "all") . '</option>
<option value="0"' . ($show_type == 0 ? ' selected="selected"' : '') . '>' . lang("char", "earned") . '</option>
<option value="2"' . ($show_type == 2 ? ' selected="selected"' : '') . '>' . lang("char", "incomplete") . '</option>
</select>
</div>
</form>
</td>
<td align="right" style="width: 20%;">';
makebutton("View", 'javascript:do_submit()', 130);
$output .= '
</td>
</tr>
</table>
<table class="lined" id="ch_ach_main">
<tr valign="top">
<td id="ch_ach_categories">
<table class="hidden" id="ch_ach_categories_list">
<tr>
<th align="left">
<div id="divsummary" onclick="expand(\'tsummary\')">[-] ' . lang("char", "summary") . '</div>
</th>
</tr>
<tr>
<td>
</td>
</tr>';
$result = $sql["char"]->query("SELECT achievement, date FROM character_achievement WHERE guid='" . $id . "'");
$char_achieve = array();
while ($temp = $sql["char"]->fetch_assoc($result)) {
$char_achieve[$temp["achievement"]] = $temp["date"];
}
$result = $sql["char"]->query("SELECT achievement, date FROM character_achievement WHERE guid='" . $id . "' ORDER BY date DESC LIMIT 4");
$points = 0;
$main_cats = achieve_get_main_category();
$sub_cats = achieve_get_sub_category();
$output_achieve_main_cat = array();
$output_u_achieve_main_cat = array();
$output_achieve_sub_cat = array();
$output_u_achieve_sub_cat = array();
$js_main_cats = '
var main_cats = new Array();
var main_cats_div = new Array();
var main_cats_name = new Array();
var main_cats_achieve = new Array();
var main_sub_cats = new Array();
var main_sub_cats_div = new Array();
var main_sub_cats_name = new Array();
var main_sub_cats_achieve = new Array();';
foreach ($main_cats as $cat_id => $cat) {
if (isset($cat["Name"])) {
$i = 0;
$output_achieve_main_cat[$cat_id] = '';
$output_u_achieve_main_cat[$cat_id] = '';
$achieve_main_cat = achieve_get_id_category($cat["ID"]);
foreach ($achieve_main_cat as $achieve_id => $cid) {
if (isset($achieve_id) && isset($cid["id"])) {
if (isset($char_achieve[$cid["id"]])) {
if ($show_type < 2) {
$cid["name01"] = str_replace('&', '&', $cid["name"]);
$cid["description01"] = str_replace('&', '&', $cid["description"]);
$cid["rewarddesc01"] = str_replace('&', '&', $cid["reward"]);
$output_achieve_main_cat[$cat_id] .= '
<tr>
<td style="width: 1%;" align="left">
<a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external">
<img src="' . achieve_get_icon($cid["id"]) . '" width="36" height="36" class="icon_border_0" alt="" />
</a>
</td>
<td colspan="2" align="left">
<a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external">' . $cid["name"] . '</a><br />
' . $cid["description"] . '<br />
' . $cid["reward"] . '
</td>
<td style="width: 5%;" align="right">' . $cid["points"] . ' <img src="img/money_achievement.gif" alt="" /></td>
<td style="width: 15%;" align="right">' . date('o-m-d', $char_achieve[$cid["id"]]) . '</td>
</tr>';
++$i;
}
$points += $cid["rewpoints"];
} elseif ($show_type && isset($achieve_id)) {
$cid["name"] = str_replace('&', '&', $cid["name"]);
$cid["description"] = str_replace('&', '&', $cid["description"]);
$cid["reward"] = str_replace('&', '&', $cid["reward"]);
$output_u_achieve_main_cat[$cat_id] .= '
<tr>
<td style="width: 1%;" align="left">
<a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external">
<span id="ch_ach_opacity">
<img src="' . achieve_get_icon($cid["id"]) . '" width="36" height="36" class="icon_border_0" alt="" />
</span>
</a>
</td>
<td colspan="2" align="left">
<a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external">' . $cid["name"] . '</a><br />
' . $cid["description"] . '<br />
' . $cid["reward"] . '
</td>
<td style="width: 5%;" align="right">' . $cid["points"] . ' <img src="img/money_achievement.gif" alt="" /></td>
<td style="width: 15%;" align="right">' . lang("char", "incomplete") . '</td>
</tr>';
++$i;
}
}
}
unset($achieve_main_cat);
// this_is_junk: unfortunately the CSS here needs to be hardcoded.
$output_achieve_main_cat[$cat_id] = '
<table class="hidden" id="ta' . $cat_id . '" style="width: 100%; display: none;">
<tr>
<th colspan="3" align="left">' . lang("char", "achievement_title") . '</th>
<th style="width: 5%;">' . lang("char", "achievement_points") . '</th>
<th style="width: 15%;">' . lang("char", "achievement_date") . '</th>
</tr>' . $output_achieve_main_cat[$cat_id] . $output_u_achieve_main_cat[$cat_id] . '
</table>';
unset($output_u_achieve_main_cat);
$js_main_cats .= '
main_cats_achieve[' . $cat_id . '] = "ta' . $cat_id . '";';
$output_sub_cat = '';
$total_sub_cat = 0;
if (isset($sub_cats[$cat["ID"]])) {
$main_sub_cats = $sub_cats[$cat["ID"]];
foreach ($main_sub_cats as $sub_cat_id => $sub_cat) {
if (isset($sub_cat)) {
$j = 0;
$output_achieve_sub_cat[$sub_cat_id] = '';
$output_u_achieve_sub_cat[$sub_cat_id] = '';
$achieve_sub_cat = achieve_get_id_category($sub_cat_id);
foreach ($achieve_sub_cat as $achieve_id => $cid) {
if (isset($achieve_id) && isset($cid["id"])) {
if (isset($char_achieve[$cid["id"]])) {
if ($show_type < 2) {
$cid["name"] = str_replace('&', '&', $cid["name"]);
$cid["description"] = str_replace('&', '&', $cid["description"]);
$cid["reward"] = str_replace('&', '&', $cid["reward"]);
$output_achieve_sub_cat[$sub_cat_id] .= '
<tr>
<td style="width: 1%;" align="left">
<a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external">
<img src="' . achieve_get_icon($cid["id"]) . '" width="36" height="36" class="icon_border_0" alt="" />
</a>
</td>
<td colspan="2" align="left">
<a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external">' . $cid["name"] . '</a><br />
' . $cid["description"] . '<br />
' . $cid["rewarddesc"] . '
</td>
<td style="width: 5%;" align="right">' . $cid["points"] . ' <img src="img/money_achievement.gif" alt="" /></td>
<td style="width: 15%;" align="right">' . date('o-m-d', $char_achieve[$cid["id"]]) . '</td>
</tr>';
++$j;
}
$points += $cid["points"];
} elseif ($show_type && isset($achieve_id)) {
$cid["name"] = str_replace('&', '&', $cid["name"]);
$cid["description"] = str_replace('&', '&', $cid["description"]);
$cid["reward"] = str_replace('&', '&', $cid["reward"]);
$output_u_achieve_sub_cat[$sub_cat_id] .= '
<tr>
<td style="width: 1%;" align="left">
<a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external">
<span id="ch_ach_opacity">
<img src="' . achieve_get_icon($cid["id"]) . '" width="36" height="36" class="icon_border_0" alt="" />
</span>
</a>
</td>
<td colspan="2" align="left">
<a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external">' . $cid["name"] . '</a><br />
' . $cid["description"] . '<br />
' . $cid["reward"] . '
</td>
<td style="width: 5%;" align="right">' . $cid["points"] . ' <img src="img/money_achievement.gif" alt="" /></td>
<td style="width: 15%;" align="right">' . lang("char", "incomplete") . '</td>
</tr>';
++$j;
}
}
}
unset($achieve_sub_cat);
$total_sub_cat = $total_sub_cat + $j;
if ($j) {
$sub_cat["name"] = str_replace('&', '&', $sub_cat["name"]);
$output_sub_cat .= '
<tr>
<th align="left">
<div id="divs' . $sub_cat_id . '" onclick="expand(\'tsa' . $sub_cat_id . '\');">[+] ' . $sub_cat . ' (' . $j . ')</div>
</th>
</tr>';
$js_main_cats .= '
main_sub_cats[' . $sub_cat_id . '] = "tsa' . $sub_cat_id . '";
main_sub_cats_div[' . $sub_cat_id . '] = "divs' . $sub_cat_id . '";
main_sub_cats_name[' . $sub_cat_id . '] = "' . $sub_cat . ' (' . $j . ')";';
// this_is_junk: unfortunately the CSS here needs to be hardcoded.
$output_achieve_sub_cat[$sub_cat_id] = '
<table class="hidden" id="tsa' . $sub_cat_id . '" style="width: 100%; display: none;">
<tr>
<th colspan="3" align="left">' . lang("char", "achievement_title") . '</th>
<th style="width: 5%;">' . lang("char", "achievement_points") . '</th>
<th style="width: 15%;">' . lang("char", "achievement_date") . '</th>
</tr>' . $output_achieve_sub_cat[$sub_cat_id] . $output_u_achieve_sub_cat[$sub_cat_id] . '
</table>';
unset($output_u_achieve_sub_cat);
$js_main_cats .= '
main_sub_cats_achieve[' . $sub_cat_id . '] = "tsa' . $sub_cat_id . '";';
}
}
}
unset($main_sub_cats);
}
if ($total_sub_cat || $i) {
$cat["Name"] = str_replace('&', '&', $cat["Name"]);
// this_is_junk: unfortunately the CSS here needs to be hardcoded.
$output .= '
<tr>
<th align="left">
<div id="div' . $cat_id . '" onclick="expand(\'t' . $cat_id . '\');">[+] ' . $cat["Name"] . ' (' . ($i + $total_sub_cat) . ')</div>
</th>
</tr>
<tr>
<td>
<table class="hidden" id="t' . $cat_id . '" style="width: 100%; display: none;">
' . ($output_sub_cat != "" ? $output_sub_cat : '<tr><td></td></tr>') . '
</table>
</td>
</tr>';
$js_main_cats .= '
main_cats[' . $cat_id . '] = "t' . $cat_id . '";
main_cats_div[' . $cat_id . '] = "div' . $cat_id . '";
main_cats_name[' . $cat_id . '] = "' . $cat["Name"] . ' (' . ($i + $total_sub_cat) . ')";';
}
unset($output_sub_cat);
}
}
unset($sub_cats);
unset($main_cats);
unset($char_achieve);
$output = str_replace('%%REPLACE%%', $js_main_cats, $output);
unset($js_main_cats);
$output = str_replace('%%REPLACE_POINTS%%', '
' . lang("char", "achievements") . ' ' . lang("char", "achievement_points") . ': ' . $points . '', $output);
unset($point);
$output .= '
</table>
</td>
<td>';
foreach ($output_achieve_main_cat as $temp) {
$output .= $temp;
}
foreach ($output_achieve_sub_cat as $temp) {
$output .= $temp;
}
unset($temp);
unset($output_achieve_main_cat);
unset($output_achieve_sub_cat);
// this_is_junk: unfortunately the CSS here needs to be hardcoded.
$output .= '
<table class="hidden" id="tsummary" style="width: 100%; display: table;">
<tr>
<th colspan="5">
' . lang("char", "recent") . ' ' . lang("char", "achievements") . '
</th>
</tr>
<tr>
<th colspan="3" align="left">' . lang("char", "achievement_title") . '</th>
<th style="width: 5%;">' . lang("char", "achievement_points") . '</th>
<th style="width: 15%;">' . lang("char", "achievement_date") . '</th>
</tr>';
while ($temp = $sql["char"]->fetch_assoc($result)) {
$cid = achieve_get_details($temp["achievement"]);
$cid["name"] = str_replace('&', '&', $cid["name"]);
$cid["description"] = str_replace('&', '&', $cid["description"]);
$cid["reward"] = str_replace('&', '&', $cid["reward"]);
$output .= '
<tr>
<td style="width: 1%;" align="left">
<a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external">
<img src="' . achieve_get_icon($cid["id"]) . '" width="36" height="36" class="icon_border_0" alt="" />
</a>
</td>
<td colspan="2" align="left">
<a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external">' . $cid["name"] . '</a><br />
' . $cid["description"] . '<br />
' . $cid["reward"] . '
</td>
<td style="width: 5%;" align="right">' . $cid["points"] . ' <img src="img/money_achievement.gif" alt="" /></td>
<td style="width: 15%;" align="right">' . date('o-m-d', $temp["date"]) . '</td>
</tr>';
}
unset($cid);
unset($temp);
unset($result);
$output .= '
</table>
</td>';
//---------------Page Specific Data Ends here----------------------------
//---------------Character Tabs Footer-----------------------------------
$output .= '
</tr>
</table>
</div>
<br />
<table class="hidden">
<tr>
<td>';
// button to user account page, user account page has own security
makebutton(lang("char", "chars_acc"), 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130);
$output .= '
</td>
<td>';
// only higher level GM with delete access can edit character
// character edit allows removal of character items, so delete permission is needed
if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"]) {
//makebutton($lang_char["edit_button"], 'char_edit.php?id='.$id.'&realm='.$realmid.'', 130);
$output .= '
</td>
<td>';
}
// only higher level GM with delete access, or character owner can delete character
if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"] || $owner_name === $user_name) {
makebutton(lang("char", "del_char"), 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130);
$output .= '
</td>
<td>';
}
// only GM with update permission can send mail, mail can send items, so update permission is needed
if ($user_lvl >= $action_permission["update"]) {
makebutton(lang("char", "send_mail"), 'mail.php?type=ingame_mail&to=' . $char["name"] . '', 130);
$output .= '
</td>
<td>';
}
makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130);
$output .= '
</td>
</tr>
</table>
<br />
<!-- end of char_achieve.php -->';
} else {
error(lang("char", "no_permission"));
}
} else {
error(lang("char", "no_char_found"));
}
}
function char_achievements(&$sqlr, &$sqlc)
{
global $output, $lang_global, $lang_char, $realm_id, $characters_db, $mmfpm_db, $action_permission, $user_lvl, $user_name, $achievement_datasite;
// this page uses wowhead tooltops
wowhead_tt();
//==========================$_GET and SECURE=================================
// id and multi realm security to prevent sql injection
require_once './include/char/include/char_multi_realm_security.php';
$show_type = isset($_POST['show_type']) ? $sqlc->quote_smart($_POST['show_type']) : 0;
if (is_numeric($show_type)) {
} else {
$show_type = 0;
}
//==========================$_GET and SECURE end=============================
// getting character data from database
$result = $sqlc->query('
SELECT account, name, race, class, level, gender
FROM characters
WHERE guid = ' . $id . '
LIMIT 1');
// no point going further if character does not exist
if ($sqlc->num_rows($result)) {
$char = $sqlc->fetch_assoc($result);
// we get user permissions first
$owner_acc_id = $sqlc->result($result, 0, 'account');
$result = $sqlr->query('
SELECT gmlevel, username
FROM account
WHERE id = ' . $char['account'] . '');
$owner_gmlvl = $sqlr->result($result, 0, 'gmlevel');
$owner_name = $sqlr->result($result, 0, 'username');
// check user permission
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
// character sub header
$output .= '
<center>
<div id="tab_content">
<h1>' . $lang_char['achievements'] . '</h1>
<br />';
// character menu tab
require_once './include/char/include/char_header.php';
// character info
require_once './include/char/include/char_info.php';
//---------------Page Specific Data Starts Here--------------------------
$output .= '
<script type="text/javascript">
function expand(thistag)
{
var i = 0;
%%REPLACE%%
if (thistag == \'tsummary\')
{
document.getElementById(\'tsummary\').style.display="table";
document.getElementById(\'divsummary\').innerHTML = \'[-] ' . $lang_char['summary'] . '\' ;
for(x in main_cats)
{
if(document.getElementById(main_cats[x]).style.display=="table")
{
document.getElementById(main_cats[x]).style.display="none";
document.getElementById(main_cats_achieve[x]).style.display="none";
document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x];
}
}
for(x in main_sub_cats)
{
if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table")
{
document.getElementById(main_sub_cats_achieve[x]).style.display="none";
document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x];
}
}
}
else
{
if (document.getElementById(\'tsummary\').style.display="table")
{
document.getElementById(\'tsummary\').style.display="none";
document.getElementById(\'divsummary\').innerHTML = \'[+] ' . $lang_char['summary'] . '\' ;
}
for(x in main_cats)
{
if (main_cats[x] == thistag)
{
i = 1;
}
}
if (i == 1)
{
for(x in main_cats)
{
if (main_cats[x] == thistag)
{
if(document.getElementById(main_cats[x]).style.display=="table")
{
document.getElementById(main_cats[x]).style.display="none";
document.getElementById(main_cats_achieve[x]).style.display="none";
document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x];
document.getElementById(\'tsummary\').style.display="table";
document.getElementById(\'divsummary\').innerHTML = \'[-] ' . $lang_char['summary'] . '\' ;
}
else
{
document.getElementById(main_cats[x]).style.display="table";
document.getElementById(main_cats_achieve[x]).style.display="table";
document.getElementById(main_cats_div[x]).innerHTML = \'[-] \' + main_cats_name[x];
}
}
else
{
if(document.getElementById(main_cats[x]).style.display=="table")
{
document.getElementById(main_cats[x]).style.display="none";
document.getElementById(main_cats_achieve[x]).style.display="none";
document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x];
}
}
}
for(x in main_sub_cats)
{
if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table")
{
document.getElementById(main_sub_cats_achieve[x]).style.display="none";
document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x];
}
}
}
else if (i == 0)
{
for(x in main_sub_cats)
{
if (main_sub_cats[x] == thistag)
{
if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table")
{
document.getElementById(main_sub_cats_achieve[x]).style.display="none";
document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x];
}
else
{
document.getElementById(main_sub_cats_achieve[x]).style.display="table";
document.getElementById(main_sub_cats_div[x]).innerHTML = \'[-] \' + main_sub_cats_name[x];
}
}
else
{
if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table")
{
document.getElementById(main_sub_cats_achieve[x]).style.display="none";
document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x];
}
}
}
for(x in main_cats)
{
if(document.getElementById(main_cats_achieve[x]).style.display=="table")
{
document.getElementById(main_cats_achieve[x]).style.display="none";
}
}
}
}
}
</script>';
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
$output .= '
<div id="tab_content2">
<table class="top_hidden" style="width: 90%;">
<tr>
<td width="30%">
</td>
%%REPLACE_POINTS%%
<td align="right">
<form action="char_achieve.php?id=' . $id . '&realm=' . $realmid . '" method="post" name="form">
' . $lang_char['show'] . ' :
<select name="show_type">
<option value="1"';
if (1 == $show_type) {
$output .= '
selected="selected"';
}
$output .= '
>' . $lang_char['all'] . '
</option>
<option value="0"';
if (0 == $show_type) {
$output .= '
selected="selected"';
}
$output .= '
>' . $lang_char['earned'] . '
</option>
<option value="2"';
if (2 == $show_type) {
$output .= '
selected="selected"';
}
$output .= '
>' . $lang_char['incomplete'] . '
</option>
</select>
</form>
</td>
<td align="right">';
makebutton('View', 'javascript:do_submit()', 130);
$output .= '
</td>
</tr>
</table>
<table class="lined" style="width: 90%;">
<tr valign="top">
<td width="30%">
<table class="hidden" style="width: 100%">
<tr>
<th align="left">
<div id="divsummary" onclick="expand(\'tsummary\')">[-] ' . $lang_char['summary'] . '</div>
</th>
</tr>
<tr>
<td>
</td>
</tr>';
$result = $sqlc->query('
SELECT achievement, date
FROM character_achievement
WHERE guid = ' . $id . '');
$char_achieve = array();
while ($temp = $sqlc->fetch_assoc($result)) {
$char_achieve[$temp['achievement']] = $temp['date'];
}
$result = $sqlc->query('
SELECT achievement, date
FROM character_achievement
WHERE guid = \'' . $id . '\'
ORDER BY date DESC
LIMIT 4');
$points = 0;
$main_cats = achieve_get_main_category($sqlm);
$sub_cats = achieve_get_sub_category($sqlm);
$output_achieve_main_cat = array();
$output_u_achieve_main_cat = array();
$output_achieve_sub_cat = array();
$output_u_achieve_sub_cat = array();
$js_main_cats = '
var main_cats = new Array();
var main_cats_div = new Array();
var main_cats_name = new Array();
var main_cats_achieve = new Array();
var main_sub_cats = new Array();
var main_sub_cats_div = new Array();
var main_sub_cats_name = new Array();
var main_sub_cats_achieve = new Array();';
foreach ($main_cats as $cat_id => $cat) {
if (isset($cat['name01'])) {
$i = 0;
$output_achieve_main_cat[$cat_id] = '';
$output_u_achieve_main_cat[$cat_id] = '';
$achieve_main_cat = achieve_get_id_category($cat['id'], $sqlm);
foreach ($achieve_main_cat as $achieve_id => $cid) {
if (isset($achieve_id) && isset($cid['id'])) {
if (isset($char_achieve[$cid['id']])) {
if (2 > $show_type) {
$cid['name01'] = str_replace('&', '&', $cid['name01']);
$cid['description01'] = str_replace('&', '&', $cid['description01']);
$cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']);
$output_achieve_main_cat[$cat_id] .= '
<tr>
<td width="1%" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">
<img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" />
</a>
</td>
<td colspan="2" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br />
' . $cid['description01'] . '<br />
' . $cid['rewarddesc01'] . '
</td>
<td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td>
<td width="15%" align="right">' . date('o-m-d', $char_achieve[$cid['id']]) . '</td>
</tr>';
++$i;
}
$points += $cid['rewpoints'];
} elseif ($show_type && isset($achieve_id)) {
$cid['name01'] = str_replace('&', '&', $cid['name01']);
$cid['description01'] = str_replace('&', '&', $cid['description01']);
$cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']);
$output_u_achieve_main_cat[$cat_id] .= '
<tr>
<td width="1%" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">
<span style="opacity:0.2;">
<img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" />
</span>
</a>
</td>
<td colspan="2" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br />
' . $cid['description01'] . '<br />
' . $cid['rewarddesc01'] . '
</td>
<td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td>
<td width="15%" align="right">' . $lang_char['incomplete'] . '</td>
</tr>';
++$i;
}
}
}
unset($achieve_main_cat);
$output_achieve_main_cat[$cat_id] = '
<table class="hidden" id="ta' . $cat_id . '" style="width: 100%; display: none;">
<tr>
<th colspan="3" align="left">' . $lang_char['achievement_title'] . '</th>
<th width="5%">' . $lang_char['achievement_points'] . '</th>
<th width="15%">' . $lang_char['achievement_date'] . '</th>
</tr>' . $output_achieve_main_cat[$cat_id] . $output_u_achieve_main_cat[$cat_id] . '
</table>';
unset($output_u_achieve_main_cat);
$js_main_cats .= '
main_cats_achieve[' . $cat_id . '] = "ta' . $cat_id . '";';
$output_sub_cat = '';
$total_sub_cat = 0;
if (isset($sub_cats[$cat['id']])) {
$main_sub_cats = $sub_cats[$cat['id']];
foreach ($main_sub_cats as $sub_cat_id => $sub_cat) {
if (isset($sub_cat)) {
$j = 0;
$output_achieve_sub_cat[$sub_cat_id] = '';
$output_u_achieve_sub_cat[$sub_cat_id] = '';
$achieve_sub_cat = achieve_get_id_category($sub_cat_id, $sqlm);
foreach ($achieve_sub_cat as $achieve_id => $cid) {
if (isset($achieve_id) && isset($cid['id'])) {
if (isset($char_achieve[$cid['id']])) {
if (2 > $show_type) {
$cid['name01'] = str_replace('&', '&', $cid['name01']);
$cid['description01'] = str_replace('&', '&', $cid['description01']);
$cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']);
$output_achieve_sub_cat[$sub_cat_id] .= '
<tr>
<td width="1%" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">
<img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" />
</a>
</td>
<td colspan="2" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br />
' . $cid['description01'] . '<br />
' . $cid['rewarddesc01'] . '
</td>
<td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td>
<td width="15%" align="right">' . date('o-m-d', $char_achieve[$cid['id']]) . '</td>
</tr>';
++$j;
}
$points += $cid['rewpoints'];
} elseif ($show_type && isset($achieve_id)) {
$cid['name01'] = str_replace('&', '&', $cid['name01']);
$cid['description01'] = str_replace('&', '&', $cid['description01']);
$cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']);
$output_u_achieve_sub_cat[$sub_cat_id] .= '
<tr>
<td width="1%" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">
<span style="opacity:0.2;">
<img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" />
</span>
</a>
</td>
<td colspan="2" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br />
' . $cid['description01'] . '<br />
' . $cid['rewarddesc01'] . '
</td>
<td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td>
<td width="15%" align="right">' . $lang_char['incomplete'] . '</td>
</tr>';
++$j;
}
}
}
unset($achieve_sub_cat);
$total_sub_cat = $total_sub_cat + $j;
if ($j) {
$sub_cat['name01'] = str_replace('&', '&', $sub_cat['name01']);
$output_sub_cat .= '
<tr>
<th align="left">
<div id="divs' . $sub_cat_id . '" onclick="expand(\'tsa' . $sub_cat_id . '\');">[+] ' . $sub_cat . ' (' . $j . ')</div>
</th>
</tr>';
$js_main_cats .= '
main_sub_cats[' . $sub_cat_id . '] = "tsa' . $sub_cat_id . '";
main_sub_cats_div[' . $sub_cat_id . '] = "divs' . $sub_cat_id . '";
main_sub_cats_name[' . $sub_cat_id . '] = "' . $sub_cat . ' (' . $j . ')";';
$output_achieve_sub_cat[$sub_cat_id] = '
<table class="hidden" id="tsa' . $sub_cat_id . '" style="width: 100%; display: none;">
<tr>
<th colspan="3" align="left">' . $lang_char['achievement_title'] . '</th>
<th width="5%">' . $lang_char['achievement_points'] . '</th>
<th width="15%">' . $lang_char['achievement_date'] . '</th>
</tr>' . $output_achieve_sub_cat[$sub_cat_id] . $output_u_achieve_sub_cat[$sub_cat_id] . '
</table>';
unset($output_u_achieve_sub_cat);
$js_main_cats .= '
main_sub_cats_achieve[' . $sub_cat_id . '] = "tsa' . $sub_cat_id . '";';
}
}
}
unset($main_sub_cats);
}
if ($total_sub_cat || $i) {
$cat['name01'] = str_replace('&', '&', $cat['name01']);
$output .= '
<tr>
<th align="left">
<div id="div' . $cat_id . '" onclick="expand(\'t' . $cat_id . '\');">[+] ' . $cat['name01'] . ' (' . ($i + $total_sub_cat) . ')</div>
</th>
</tr>
<tr>
<td>
<table class="hidden" id="t' . $cat_id . '" style="width: 100%; display: none;">' . $output_sub_cat . '
</table>
</td>
</tr>';
$js_main_cats .= '
main_cats[' . $cat_id . '] = "t' . $cat_id . '";
main_cats_div[' . $cat_id . '] = "div' . $cat_id . '";
main_cats_name[' . $cat_id . '] = "' . $cat['name01'] . ' (' . ($i + $total_sub_cat) . ')";';
}
unset($output_sub_cat);
}
}
unset($sub_cats);
unset($main_cats);
unset($char_achieve);
$output = str_replace('%%REPLACE%%', $js_main_cats, $output);
unset($js_main_cats);
$output = str_replace('%%REPLACE_POINTS%%', '
<td align="right">
' . $lang_char['achievements'] . ' ' . $lang_char['achievement_points'] . ': ' . $points . '
</td>', $output);
unset($point);
$output .= '
</table>
</td>
<td>';
foreach ($output_achieve_main_cat as $temp) {
$output .= $temp;
}
foreach ($output_achieve_sub_cat as $temp) {
$output .= $temp;
}
unset($temp);
unset($output_achieve_main_cat);
unset($output_achieve_sub_cat);
$output .= '
<table class="hidden" id="tsummary" style="width: 100%; display: table;">
<tr>
<th colspan="5">
' . $lang_char['recent'] . ' ' . $lang_char['achievements'] . '
</th>
</tr>
<tr>
<th colspan="3" align="left">' . $lang_char['achievement_title'] . '</th>
<th width="5%">' . $lang_char['achievement_points'] . '</th>
<th width="15%">' . $lang_char['achievement_date'] . '</th>
</tr>';
while ($temp = $sqlc->fetch_assoc($result)) {
$cid = achieve_get_details($temp['achievement'], $sqlm);
$cid['name01'] = str_replace('&', '&', $cid['name01']);
$cid['description01'] = str_replace('&', '&', $cid['description01']);
$cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']);
$output .= '
<tr>
<td width="1%" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">
<img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" />
</a>
</td>
<td colspan="2" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br />
' . $cid['description01'] . '<br />
' . $cid['rewarddesc01'] . '
</td>
<td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td>
<td width="15%" align="right">' . date('o-m-d', $temp['date']) . '</td>
</tr>';
}
unset($cid);
unset($temp);
unset($result);
$output .= '
</table>
</td>
</tr>
</table>
</div>
<br />';
//---------------Page Specific Data Ends here----------------------------
// character sub footer
require_once './include/char/include/char_ footer.php';
$output .= '
<br />
</center>';
} else {
error($lang_char['no_permission']);
}
} else {
error($lang_char['no_char_found']);
}
}
function char_achievements(&$sqlr, &$sqlc)
{
global $output, $lang_global, $lang_char, $realm_id, $characters_db, $mmfpm_db, $action_permission, $user_lvl, $user_name, $achievement_datasite;
// this page uses wowhead tooltops
wowhead_tt();
// we need at least an id or we would have nothing to show
if (empty($_GET['id'])) {
error($lang_global['empty_fields']);
}
// this is multi realm support, as of writing still under development
// this page is already implementing it
if (empty($_GET['realm'])) {
$realmid = $realm_id;
} else {
$realmid = $sqlr->quote_smart($_GET['realm']);
if (is_numeric($realmid)) {
$sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']);
} else {
$realmid = $realm_id;
}
}
//-------------------SQL Injection Prevention--------------------------------
// no point going further if we don have a valid ID
$id = $sqlc->quote_smart($_GET['id']);
if (is_numeric($id)) {
} else {
error($lang_global['empty_fields']);
}
$show_type = isset($_POST['show_type']) ? $sqlc->quote_smart($_POST['show_type']) : 0;
if (is_numeric($show_type)) {
} else {
$show_type = 0;
}
// getting character data from database
$result = $sqlc->query('SELECT account, name, race, class, level, gender
FROM characters WHERE guid = ' . $id . ' LIMIT 1');
// no point going further if character does not exist
if ($sqlc->num_rows($result)) {
$char = $sqlc->fetch_assoc($result);
// we get user permissions first
$owner_acc_id = $sqlc->result($result, 0, 'account');
$result = $sqlr->query('SELECT gmlevel, username FROM account WHERE id = ' . $char['account'] . '');
$owner_gmlvl = $sqlr->result($result, 0, 'gmlevel');
$owner_name = $sqlr->result($result, 0, 'username');
// check user permission
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
//------------------------Character Tabs---------------------------------
// we start with a lead of 10 spaces,
// because last line of header is an opening tag with 8 spaces
// keep html indent in sync, so debuging from browser source would be easy to read
$output .= '
<!-- start of char_achieve.php -->
<center>
<script type="text/javascript">
function expand(thistag)
{
var i = 0;
%%REPLACE%%
if (thistag == \'tsummary\')
{
document.getElementById(\'tsummary\').style.display="table";
document.getElementById(\'divsummary\').innerHTML = \'[-] ' . $lang_char['summary'] . '\' ;
for(x in main_cats)
{
if(document.getElementById(main_cats[x]).style.display=="table")
{
document.getElementById(main_cats[x]).style.display="none";
document.getElementById(main_cats_achieve[x]).style.display="none";
document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x];
}
}
for(x in main_sub_cats)
{
if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table")
{
document.getElementById(main_sub_cats_achieve[x]).style.display="none";
document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x];
}
}
}
else
{
if (document.getElementById(\'tsummary\').style.display="table")
{
document.getElementById(\'tsummary\').style.display="none";
document.getElementById(\'divsummary\').innerHTML = \'[+] ' . $lang_char['summary'] . '\' ;
}
for(x in main_cats)
{
if (main_cats[x] == thistag)
{
i = 1;
}
}
if (i == 1)
{
for(x in main_cats)
{
if (main_cats[x] == thistag)
{
if(document.getElementById(main_cats[x]).style.display=="table")
{
document.getElementById(main_cats[x]).style.display="none";
document.getElementById(main_cats_achieve[x]).style.display="none";
document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x];
document.getElementById(\'tsummary\').style.display="table";
document.getElementById(\'divsummary\').innerHTML = \'[-] ' . $lang_char['summary'] . '\' ;
}
else
{
document.getElementById(main_cats[x]).style.display="table";
document.getElementById(main_cats_achieve[x]).style.display="table";
document.getElementById(main_cats_div[x]).innerHTML = \'[-] \' + main_cats_name[x];
}
}
else
{
if(document.getElementById(main_cats[x]).style.display=="table")
{
document.getElementById(main_cats[x]).style.display="none";
document.getElementById(main_cats_achieve[x]).style.display="none";
document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x];
}
}
}
for(x in main_sub_cats)
{
if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table")
{
document.getElementById(main_sub_cats_achieve[x]).style.display="none";
document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x];
}
}
}
else if (i == 0)
{
for(x in main_sub_cats)
{
if (main_sub_cats[x] == thistag)
{
if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table")
{
document.getElementById(main_sub_cats_achieve[x]).style.display="none";
document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x];
}
else
{
document.getElementById(main_sub_cats_achieve[x]).style.display="table";
document.getElementById(main_sub_cats_div[x]).innerHTML = \'[-] \' + main_sub_cats_name[x];
}
}
else
{
if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table")
{
document.getElementById(main_sub_cats_achieve[x]).style.display="none";
document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x];
}
}
}
for(x in main_cats)
{
if(document.getElementById(main_cats_achieve[x]).style.display=="table")
{
document.getElementById(main_cats_achieve[x]).style.display="none";
}
}
}
}
}
</script>
<div id="tab_content">
<div id="tab">
<ul>
<li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li>
<li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['inventory'] . '</a></li>
<li><a href="char_extra.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['extra'] . '</a></li>
' . ($char['level'] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['talents'] . '</a></li>') . '
<li><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['reputation'] . '</a></li>
<li><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['skills'] . '</a></li>
<li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['quests'] . '</a></li>';
if (char_get_class_name($char['class']) === 'Hunter') {
$output .= '
<li><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['pets'] . '</a></li>';
}
$output .= '
<li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['friends'] . '</a></li>
<li><a href="char_spell.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['spells'] . '</a></li>
<li><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['mail'] . '</a></li>
</ul>
<ul>';
// selected char tab at last
$output .= '
<li id="selected"><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['achievements'] . '</a></li>';
$output .= '
</ul>
</div>
<div id="tab_content2">
<font class="bold">
' . htmlentities($char['name']) . ' -
<img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif"
onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />
<img src="img/c_icons/' . $char['class'] . '.gif"
onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . '
</font>
<br /><br />';
//---------------Page Specific Data Starts Here--------------------------
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
$output .= '
<table class="top_hidden" style="width: 90%;">
<tr>
<td width="30%">
</td>
%%REPLACE_POINTS%%
<td align="right">
<form action="char_achieve.php?id=' . $id . '&realm=' . $realmid . '" method="post" name="form">
' . $lang_char['show'] . ' :
<select name="show_type">
<option value="1"';
if (1 == $show_type) {
$output .= ' selected="selected"';
}
$output .= '>' . $lang_char['all'] . '</option>
<option value="0"';
if (0 == $show_type) {
$output .= ' selected="selected"';
}
$output .= '>' . $lang_char['earned'] . '</option>
<option value="2"';
if (2 == $show_type) {
$output .= ' selected="selected"';
}
$output .= '>' . $lang_char['incomplete'] . '</option>
</select>
</form>
</td>
<td align="right">';
makebutton('View', 'javascript:do_submit()', 130);
$output .= '
</td>
</tr>
</table>
<table class="lined" style="width: 90%;">
<tr valign="top">
<td width="30%">
<table class="hidden" style="width: 100%">
<tr>
<th align="left">
<div id="divsummary" onclick="expand(\'tsummary\')">[-] ' . $lang_char['summary'] . '</div>
</th>
</tr>
<tr>
<td>
</td>
</tr>';
$result = $sqlc->query('SELECT achievement, date FROM character_achievement WHERE guid = ' . $id . '');
$char_achieve = array();
while ($temp = $sqlc->fetch_assoc($result)) {
$char_achieve[$temp['achievement']] = $temp['date'];
}
$result = $sqlc->query('SELECT achievement, date FROM character_achievement WHERE guid = \'' . $id . '\' order by date DESC limit 4');
$points = 0;
$main_cats = achieve_get_main_category($sqlm);
$sub_cats = achieve_get_sub_category($sqlm);
$output_achieve_main_cat = array();
$output_u_achieve_main_cat = array();
$output_achieve_sub_cat = array();
$output_u_achieve_sub_cat = array();
$js_main_cats = '
var main_cats = new Array();
var main_cats_div = new Array();
var main_cats_name = new Array();
var main_cats_achieve = new Array();
var main_sub_cats = new Array();
var main_sub_cats_div = new Array();
var main_sub_cats_name = new Array();
var main_sub_cats_achieve = new Array();';
foreach ($main_cats as $cat_id => $cat) {
if (isset($cat['name01'])) {
$i = 0;
$output_achieve_main_cat[$cat_id] = '';
$output_u_achieve_main_cat[$cat_id] = '';
$achieve_main_cat = achieve_get_id_category($cat['id'], $sqlm);
foreach ($achieve_main_cat as $achieve_id => $cid) {
if (isset($achieve_id) && isset($cid['id'])) {
if (isset($char_achieve[$cid['id']])) {
if (2 > $show_type) {
$cid['name01'] = str_replace('&', '&', $cid['name01']);
$cid['description01'] = str_replace('&', '&', $cid['description01']);
$cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']);
$output_achieve_main_cat[$cat_id] .= '
<tr>
<td width="1%" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">
<img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" />
</a>
</td>
<td colspan="2" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br />
' . $cid['description01'] . '<br />
' . $cid['rewarddesc01'] . '
</td>
<td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td>
<td width="15%" align="right">' . date('o-m-d', $char_achieve[$cid['id']]) . '</td>
</tr>';
++$i;
}
$points += $cid['rewpoints'];
} elseif ($show_type && isset($achieve_id)) {
$cid['name01'] = str_replace('&', '&', $cid['name01']);
$cid['description01'] = str_replace('&', '&', $cid['description01']);
$cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']);
$output_u_achieve_main_cat[$cat_id] .= '
<tr>
<td width="1%" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">
<span style="opacity:0.2;">
<img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" />
</span>
</a>
</td>
<td colspan="2" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br />
' . $cid['description01'] . '<br />
' . $cid['rewarddesc01'] . '
</td>
<td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td>
<td width="15%" align="right">' . $lang_char['incomplete'] . '</td>
</tr>';
++$i;
}
}
}
unset($achieve_main_cat);
$output_achieve_main_cat[$cat_id] = '
<table class="hidden" id="ta' . $cat_id . '" style="width: 100%; display: none;">
<tr>
<th colspan="3" align="left">' . $lang_char['achievement_title'] . '</th>
<th width="5%">' . $lang_char['achievement_points'] . '</th>
<th width="15%">' . $lang_char['achievement_date'] . '</th>
</tr>' . $output_achieve_main_cat[$cat_id] . $output_u_achieve_main_cat[$cat_id] . '
</table>';
unset($output_u_achieve_main_cat);
$js_main_cats .= '
main_cats_achieve[' . $cat_id . '] = "ta' . $cat_id . '";';
$output_sub_cat = '';
$total_sub_cat = 0;
if (isset($sub_cats[$cat['id']])) {
$main_sub_cats = $sub_cats[$cat['id']];
foreach ($main_sub_cats as $sub_cat_id => $sub_cat) {
if (isset($sub_cat)) {
$j = 0;
$output_achieve_sub_cat[$sub_cat_id] = '';
$output_u_achieve_sub_cat[$sub_cat_id] = '';
$achieve_sub_cat = achieve_get_id_category($sub_cat_id, $sqlm);
foreach ($achieve_sub_cat as $achieve_id => $cid) {
if (isset($achieve_id) && isset($cid['id'])) {
if (isset($char_achieve[$cid['id']])) {
if (2 > $show_type) {
$cid['name01'] = str_replace('&', '&', $cid['name01']);
$cid['description01'] = str_replace('&', '&', $cid['description01']);
$cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']);
$output_achieve_sub_cat[$sub_cat_id] .= '
<tr>
<td width="1%" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">
<img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" />
</a>
</td>
<td colspan="2" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br />
' . $cid['description01'] . '<br />
' . $cid['rewarddesc01'] . '
</td>
<td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td>
<td width="15%" align="right">' . date('o-m-d', $char_achieve[$cid['id']]) . '</td>
</tr>';
++$j;
}
$points += $cid['rewpoints'];
} elseif ($show_type && isset($achieve_id)) {
$cid['name01'] = str_replace('&', '&', $cid['name01']);
$cid['description01'] = str_replace('&', '&', $cid['description01']);
$cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']);
$output_u_achieve_sub_cat[$sub_cat_id] .= '
<tr>
<td width="1%" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">
<span style="opacity:0.2;">
<img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" />
</span>
</a>
</td>
<td colspan="2" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br />
' . $cid['description01'] . '<br />
' . $cid['rewarddesc01'] . '
</td>
<td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td>
<td width="15%" align="right">' . $lang_char['incomplete'] . '</td>
</tr>';
++$j;
}
}
}
unset($achieve_sub_cat);
$total_sub_cat = $total_sub_cat + $j;
if ($j) {
$sub_cat['name01'] = str_replace('&', '&', $sub_cat['name01']);
$output_sub_cat .= '
<tr>
<th align="left">
<div id="divs' . $sub_cat_id . '" onclick="expand(\'tsa' . $sub_cat_id . '\');">[+] ' . $sub_cat . ' (' . $j . ')</div>
</th>
</tr>';
$js_main_cats .= '
main_sub_cats[' . $sub_cat_id . '] = "tsa' . $sub_cat_id . '";
main_sub_cats_div[' . $sub_cat_id . '] = "divs' . $sub_cat_id . '";
main_sub_cats_name[' . $sub_cat_id . '] = "' . $sub_cat . ' (' . $j . ')";';
$output_achieve_sub_cat[$sub_cat_id] = '
<table class="hidden" id="tsa' . $sub_cat_id . '" style="width: 100%; display: none;">
<tr>
<th colspan="3" align="left">' . $lang_char['achievement_title'] . '</th>
<th width="5%">' . $lang_char['achievement_points'] . '</th>
<th width="15%">' . $lang_char['achievement_date'] . '</th>
</tr>' . $output_achieve_sub_cat[$sub_cat_id] . $output_u_achieve_sub_cat[$sub_cat_id] . '
</table>';
unset($output_u_achieve_sub_cat);
$js_main_cats .= '
main_sub_cats_achieve[' . $sub_cat_id . '] = "tsa' . $sub_cat_id . '";';
}
}
}
unset($main_sub_cats);
}
if ($total_sub_cat || $i) {
$cat['name01'] = str_replace('&', '&', $cat['name01']);
$output .= '
<tr>
<th align="left">
<div id="div' . $cat_id . '" onclick="expand(\'t' . $cat_id . '\');">[+] ' . $cat['name01'] . ' (' . ($i + $total_sub_cat) . ')</div>
</th>
</tr>
<tr>
<td>
<table class="hidden" id="t' . $cat_id . '" style="width: 100%; display: none;">' . $output_sub_cat . '
</table>
</td>
</tr>';
$js_main_cats .= '
main_cats[' . $cat_id . '] = "t' . $cat_id . '";
main_cats_div[' . $cat_id . '] = "div' . $cat_id . '";
main_cats_name[' . $cat_id . '] = "' . $cat['name01'] . ' (' . ($i + $total_sub_cat) . ')";';
}
unset($output_sub_cat);
}
}
unset($sub_cats);
unset($main_cats);
unset($char_achieve);
$output = str_replace('%%REPLACE%%', $js_main_cats, $output);
unset($js_main_cats);
$output = str_replace('%%REPLACE_POINTS%%', '
<td align="right">
' . $lang_char['achievements'] . ' ' . $lang_char['achievement_points'] . ': ' . $points . '
</td>', $output);
unset($point);
$output .= '
</table>
</td>
<td>';
foreach ($output_achieve_main_cat as $temp) {
$output .= $temp;
}
foreach ($output_achieve_sub_cat as $temp) {
$output .= $temp;
}
unset($temp);
unset($output_achieve_main_cat);
unset($output_achieve_sub_cat);
$output .= '
<table class="hidden" id="tsummary" style="width: 100%; display: table;">
<tr>
<th colspan="5">
' . $lang_char['recent'] . ' ' . $lang_char['achievements'] . '
</th>
</tr>
<tr>
<th colspan="3" align="left">' . $lang_char['achievement_title'] . '</th>
<th width="5%">' . $lang_char['achievement_points'] . '</th>
<th width="15%">' . $lang_char['achievement_date'] . '</th>
</tr>';
while ($temp = $sqlc->fetch_assoc($result)) {
$cid = achieve_get_details($temp['achievement'], $sqlm);
$cid['name01'] = str_replace('&', '&', $cid['name01']);
$cid['description01'] = str_replace('&', '&', $cid['description01']);
$cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']);
$output .= '
<tr>
<td width="1%" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">
<img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" />
</a>
</td>
<td colspan="2" align="left">
<a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br />
' . $cid['description01'] . '<br />
' . $cid['rewarddesc01'] . '
</td>
<td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td>
<td width="15%" align="right">' . date('o-m-d', $temp['date']) . '</td>
</tr>';
}
unset($cid);
unset($temp);
unset($result);
$output .= '
</table>
</td>';
//---------------Page Specific Data Ends here----------------------------
//---------------Character Tabs Footer-----------------------------------
$output .= '
</tr>
</table>
</div>
</div>
<br />
<table class="hidden">
<tr>
<td>';
// button to user account page, user account page has own security
makebutton($lang_char['chars_acc'], 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130);
$output .= '
</td>
<td>';
// only higher level GM with delete access can edit character
// character edit allows removal of character items, so delete permission is needed
if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete']) {
makebutton($lang_char['edit_button'], 'char_edit.php?id=' . $id . '&realm=' . $realmid . '', 130);
$output .= '
</td>
<td>';
}
// only higher level GM with delete access, or character owner can delete character
if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete'] || $owner_name === $user_name) {
makebutton($lang_char['del_char'], 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130);
$output .= '
</td>
<td>';
}
// only GM with update permission can send mail, mail can send items, so update permission is needed
if ($user_lvl >= $action_permission['update']) {
makebutton($lang_char['send_mail'], 'mail.php?type=ingame_mail&to=' . $char['name'] . '', 130);
$output .= '
</td>
<td>';
}
makebutton($lang_global['back'], 'javascript:window.history.back()" type="def', 130);
$output .= '
</td>
</tr>
</table>
<br />
</center>
<!-- end of char_achieve.php -->';
} else {
error($lang_char['no_permission']);
}
} else {
error($lang_char['no_char_found']);
}
}
