function translationwizard_run()
{
    global $session, $logd_version, $coding;
    check_su_access(SU_IS_TRANSLATOR);
    //check again Superuser Access
    $op = httpget('op');
    page_header("Translation Wizard");
    //get some standards
    $languageschema = get_module_pref("language", "translationwizard");
    //these lines grabbed the local scheme, in 1.1.0 there is a setting for it
    $coding = getsetting("charset", "ISO-8859-1");
    $viewsimple = get_module_pref("view", "translationwizard");
    $mode = httpget('mode');
    $namespace = httppost('ns');
    $from = httpget('from');
    $page = get_module_setting(page);
    if (httpget('ns') != "" && $namespace == "") {
        $namespace = httpget('ns');
    }
    //if there is no post then there is maybe something to get
    $trans = httppost("transtext");
    if (is_array($trans)) {
        $transintext = $trans;
    } else {
        if ($trans) {
            $transintext = array($trans);
        } else {
            $transintext = array();
        }
    }
    $trans = httppost("transtextout");
    if (is_array($trans)) {
        $transouttext = $trans;
    } else {
        if ($trans) {
            $transouttext = array($trans);
        } else {
            $transouttext = array();
        }
    }
    //end of the header
    if ($op == "") {
        $op = "default";
    }
    require "./modules/translationwizard/errorhandler.php";
    require "./modules/translationwizard/{$op}.php";
    require_once "lib/superusernav.php";
    superusernav();
    require "./modules/translationwizard/build_nav.php";
    page_footer();
}
<?php

// Initially written as a module by Chris Vorndran.
// Moved into core by JT Traub
require_once "common.php";
require_once "lib/http.php";
check_su_access(SU_EDIT_CREATURES);
tlschema("masters");
$op = httpget('op');
$id = (int) httpget('id');
$act = httpget('act');
page_header("Masters Editor");
require_once "lib/superusernav.php";
superusernav();
if ($op == "del") {
    $sql = "DELETE FROM " . db_prefix("masters") . " WHERE creatureid={$id}";
    db_query($sql);
    output("`^Master deleted.`0");
    $op = "";
    httpset("op", "");
} elseif ($op == "save") {
    $name = addslashes(httppost('name'));
    $weapon = addslashes(httppost('weapon'));
    $win = addslashes(httppost('win'));
    $lose = addslashes(httppost('lose'));
    $lev = (int) httppost('level');
    if ($id != 0) {
        $sql = "UPDATE " . db_prefix("masters") . " SET creaturelevel={$lev}, creaturename='{$name}', creatureweapon='{$weapon}',  creaturewin='{$win}', creaturelose='{$lose}' WHERE creatureid={$id}";
    } else {
        $atk = $lev * 2;
        $def = $lev * 2;
<?php

// translator ready
// addnews ready
// mail ready
// Written by Christian Rutsch
require_once "common.php";
require_once "lib/http.php";
check_su_access(SU_EDIT_CONFIG);
tlschema("gamelog");
page_header("Game Log");
addnav("Navigation");
require_once "lib/superusernav.php";
superusernav();
$category = httpget('cat');
if ($category > "") {
    $cat = "&cat={$category}";
    $sqlcat = "WHERE " . db_prefix("gamelog") . ".category = '{$category}'";
} else {
    $cat = '';
    $sqlcat = '';
}
$sql = "SELECT count(logid) AS c FROM " . db_prefix("gamelog") . " {$sqlcat}";
$result = db_query($sql);
$row = db_fetch_assoc($result);
$max = $row['c'];
$start = (int) httpget('start');
$sql = "SELECT " . db_prefix("gamelog") . ".*, " . db_prefix("accounts") . ".name AS name FROM " . db_prefix("gamelog") . " LEFT JOIN " . db_prefix("accounts") . " ON " . db_prefix("gamelog") . ".who = " . db_prefix("accounts") . ".acctid {$sqlcat} LIMIT {$start},500";
$next = $start + 500;
$prev = $start - 500;
addnav("Operations");
<?php

// addnews ready
// translator ready
// mail ready
require_once "common.php";
require_once "lib/http.php";
require_once "lib/sanitize.php";
check_su_access(SU_MANAGE_MODULES);
tlschema("modulemanage");
page_header("Module Manager");
require_once "lib/superusernav.php";
superusernav();
addnav("Module Categories");
addnav("", $REQUEST_URI);
$op = httpget('op');
$module = httpget('module');
if ($op == 'mass') {
    if (httppost("activate")) {
        $op = "activate";
    }
    if (httppost("deactivate")) {
        $op = "deactivate";
    }
    if (httppost("uninstall")) {
        $op = "uninstall";
    }
    if (httppost("reinstall")) {
        $op = "reinstall";
    }
    if (httppost("install")) {
<?php

require_once "common.php";
require_once "lib/commentary.php";
require_once "lib/sanitize.php";
require_once "lib/http.php";
// tlschema("moderate");
addcommentary();
check_su_access(SU_EDIT_COMMENTS);
global $moderating;
$moderating = 1;
page_header("Comment Moderation");
// First, set up the left column navs. These don't change.
require_once "lib/superusernav.php";
superusernav();
addnav("B?Player Bios", "bios.php");
addnav("Overviews");
addnav("Recent Comments", "moderate.php");
addnav("Natters", "moderate.php?op=bio");
addnav("Lookups");
addnav("Dwellings", "moderate.php?op=dwell");
addnav("World Map", "moderate.php?op=map");
// addnav("Natters","moderate.php?op=bio");
// Get section and display names from other modules with chat spaces
$mods = array();
$mods = modulehook("moderate", $mods);
reset($mods);
// One of the outposts is "village" and the rest are from race modules
// Let's get them all into one array.
$cities = array();
$vname = getsetting("villagename", LOCATION_FIELDS);
<?php

// translator ready
// addnews ready
// mail ready
require_once "common.php";
require_once "lib/commentary.php";
require_once "lib/sanitize.php";
require_once "lib/http.php";
check_su_access(4294967295.0 & ~SU_DOESNT_GIVE_GROTTO);
addcommentary();
tlschema("superuser");
require_once "lib/superusernav.php";
superusernav();
$op = httpget('op');
if ($op == "keepalive") {
    $sql = "UPDATE " . db_prefix("accounts") . " SET laston='" . date("Y-m-d H:i:s") . "' WHERE acctid='{$session['user']['acctid']}'";
    db_query($sql);
    global $REQUEST_URI;
    echo '<html><meta http-equiv="Refresh" content="30;url=' . $REQUEST_URI . '"></html><body>' . date("Y-m-d H:i:s") . "</body></html>";
    exit;
} elseif ($op == "newsdelete") {
    $sql = "DELETE FROM " . db_prefix("news") . " WHERE newsid='" . httpget('newsid') . "'";
    db_query($sql);
    $return = httpget('return');
    $return = cmd_sanitize($return);
    $return = substr($return, strrpos($return, "/") + 1);
    redirect($return);
}
page_header("Superuser Grotto");
output("`^You duck into a secret cave that few know about. ");
<?php

// addnews ready
// translator ready
// mail ready
define("OVERRIDE_FORCED_NAV", true);
require_once "common.php";
tlschema("translatortool");
check_su_access(SU_IS_TRANSLATOR);
$op = httpget("op");
if ($op == "") {
    popup_header("Translator Tool");
    $uri = rawurldecode(httpget('u'));
    $text = stripslashes(rawurldecode(httpget('t')));
    $translation = translate_loadnamespace($uri);
    if (isset($translation[$text])) {
        $trans = $translation[$text];
    } else {
        $trans = "";
    }
    $namespace = translate_inline("Namespace:");
    $texta = translate_inline("Text:");
    $translation = translate_inline("Translation:");
    $saveclose = htmlentities(translate_inline("Save & Close"), ENT_COMPAT, getsetting("charset", "ISO-8859-1"));
    $savenotclose = htmlentities(translate_inline("Save No Close"), ENT_COMPAT, getsetting("charset", "ISO-8859-1"));
    rawoutput("<form action='translatortool.php?op=save' method='POST'>");
    rawoutput("{$namespace} <input name='uri' value=\"" . htmlentities(stripslashes($uri), ENT_COMPAT, getsetting("charset", "ISO-8859-1")) . "\" readonly><br/>");
    rawoutput("{$texta}<br>");
    rawoutput("<textarea name='text' cols='60' rows='5' readonly>" . htmlentities($text, ENT_COMPAT, getsetting("charset", "ISO-8859-1")) . "</textarea><br/>");
    rawoutput("{$translation}<br>");
    rawoutput("<textarea name='trans' cols='60' rows='5'>" . htmlentities(stripslashes($trans), ENT_COMPAT, getsetting("charset", "ISO-8859-1")) . "</textarea><br/>");
<?php

// translator ready
// addnews ready
// mail ready
require_once "common.php";
require_once "lib/commentary.php";
require_once "lib/http.php";
tlschema("petition");
check_su_access(SU_EDIT_PETITIONS);
addcommentary();
//WHEN 0 THEN 2 WHEN 1 THEN 3 WHEN 2 THEN 7 WHEN 3 THEN 5 WHEN 4 THEN 1 WHEN 5 THEN 0 WHEN 6 THEN 4 WHEN 7 THEN 6
$statuses = array(5 => "`\$Top Level`0", 4 => "`^Escalated`0", 0 => "`bUnhandled`b", 1 => "In-Progress", 6 => "`%Bug`0", 7 => "`#Awaiting Points`0", 3 => "`!Informational`0", 2 => "`iClosed`i");
//$statuses = modulehook("petition-status", $status);
$statuses = translate_inline($statuses);
$op = httpget("op");
$id = httpget("id");
if (trim(httppost('insertcommentary')) != "") {
    /* Update the bug if someone adds comments as well */
    $sql = "UPDATE " . db_prefix("petitions") . " SET closeuserid='{$session['user']['acctid']}',closedate='" . date("Y-m-d H:i:s") . "' WHERE petitionid='{$id}'";
    db_query($sql);
}
// Eric decide he didn't want petitions to be manually deleted
//
//if ($op=="del"){
//  $sql = "DELETE FROM " . db_prefix("petitions") . " WHERE petitionid='$id'";
//  db_query($sql);
//  $sql = "DELETE FROM " . db_prefix("commentary") . " WHERE section='pet-$id'";
//  db_query($sql);
//  invalidatedatacache("petition_counts");
//  $op="";
<?php

// translator ready
// addnews ready
// mail ready
require_once "common.php";
require_once "lib/commentary.php";
require_once "lib/sanitize.php";
require_once "lib/http.php";
check_su_access(0xffffffff & ~SU_DOESNT_GIVE_GROTTO);
addcommentary();
tlschema("superuser");
require_once "lib/superusernav.php";
superusernav();
$op = httpget('op');
if ($op == "keepalive") {
    $sql = "UPDATE " . db_prefix("accounts") . " SET laston='" . date("Y-m-d H:i:s") . "' WHERE acctid='{$session['user']['acctid']}'";
    db_query($sql);
    global $REQUEST_URI;
    echo '<html><meta http-equiv="Refresh" content="30;url=' . $REQUEST_URI . '"></html><body>' . date("Y-m-d H:i:s") . "</body></html>";
    exit;
} elseif ($op == "newsdelete") {
    $sql = "DELETE FROM " . db_prefix("news") . " WHERE newsid='" . httpget('newsid') . "'";
    db_query($sql);
    $return = httpget('return');
    $return = cmd_sanitize($return);
    $return = substr($return, strrpos($return, "/") + 1);
    redirect($return);
}
page_header("Superuser Grotto");
output("`^You duck into a secret cave that few know about. ");
<?php

// translator ready
// addnews ready
// mail ready
require_once "common.php";
require_once "lib/http.php";
require_once "lib/systemmail.php";
check_su_access(SU_EDIT_DONATIONS);
tlschema("donation");
page_header("Donator's Page");
require_once "lib/superusernav.php";
superusernav();
$ret = httpget('ret');
$return = cmd_sanitize($ret);
$return = substr($return, strrpos($return, "/") + 1);
tlschema("nav");
addnav("Return whence you came", $return);
tlschema();
$add = translate_inline("Add Donation");
rawoutput("<form action='donators.php?op=add1&ret=" . rawurlencode($ret) . "' method='POST'>");
addnav("", "donators.php?op=add1&ret=" . rawurlencode($ret) . "");
$name = httppost("name");
if ($name == "") {
    $name = httpget("name");
}
$amt = httppost("amt");
if ($amt == "") {
    $amt = httpget("amt");
}
$reason = httppost("reason");
function jquerycommentary_run()
{
    global $_SERVER, $output, $session;
    require_once 'lib/commentary.php';
    $section = httpget('section');
    $commentary = db_prefix('commentary');
    $accounts = db_prefix('accounts');
    if (($commid = httpget('rmvcmmnt')) != "") {
        $prefix = db_prefix('commentary');
        check_su_access(SU_EDIT_COMMENTS);
        if ($session['user']['superuser'] & SU_EDIT_COMMENTS) {
            db_query("DELETE FROM {$prefix} WHERE commentid = '{$commid}'");
        }
        db_query("INSERT INTO {$commentary} (section, author, comment, postdate) VALUES ('blackhole', '{$session['user']['acctid']}', 'I f****d up', '" . date('Y-m-d H:i:s') . "')");
        invalidatedatacache("comments-{$section}");
        invalidatedatacache("comments-blackhole");
    }
    if (httpget('section') == get_module_pref('current_section') && httpget('section') != '') {
        //echo 'x';
        //var_dump(get_all_module_settings());
        $output = "";
        $_SERVER['REQUEST_URI'] = httpget('r');
        $session['counter'] = httpget('c');
        viewcommentary(get_module_pref('current_section'), get_module_setting('message'), get_module_setting('limit'), get_module_setting('talkline'));
        $output = preg_replace('#<script(.*?)>(.*?)</script>#is', '', $output);
        $output = substr($output, 0, strpos($output, "<jquerycommentaryend>"));
        db_query("UPDATE accounts SET laston = '" . date('Y-m-d H:i:s') . "' WHERE acctid = '{$session['user']['acctid']}'");
        echo trim("{$output}");
        invalidatedatacache("comments-{$section}");
        /*$sql = db_query(
              "SELECT a.name, a.acctid
              FROM accounts AS a
              LEFT JOIN module_userprefs AS m
              ON m.userid = a.acctid
              LEFT JOIN module_userprefs AS u
              ON u.userid = m.userid
              WHERE m.modulename = 'jquerycommentary'
              AND m.setting = 'is_typing'
              AND m.value = '1'
              AND u.modulename = 'jquerycommentary'
              AND u.setting = 'current_section'
              and u.value = '" . get_module_pref('current_section') ."'"
          );
          $typing = [];
          while ($row = db_fetch_assoc($sql)) {
              array_push($typing, [$row['acctid'], $row['name']]);
          }
          $isTyping = appoencode('`@');
          $i = 0;
          echo appoencode('`@Who\'s typing: `n');
          if (count($typing) != 0) {
              foreach ($typing as $key => $val) {
                  $i++;
                  if ($i == 1) {
                      $isTyping .= appoencode($val[1]);
                  }
                  else if ($i > 1 && count($typing) > $i) {
                      $isTyping .= appoencode("`@, {$val[1]}");
                  }
                  else if ($i == count($typing)) {
                      $isTyping .= appoencode("`@ and {$val[1]}");
                  }
              }
              echo $isTyping;
          }
          else {
              echo appoencode('`@No one');
          }*/
    }
    switch (httpget('op')) {
        case 'get_json':
            $sql = db_query("SELECT commentid, author, comment FROM commentary WHERE section = '{$session['current_commentary_area']}' AND deleted = '0' ORDER BY commentid+0 DESC LIMIT 0, 25");
            $json = [];
            while ($row = db_fetch_assoc($sql)) {
                array_push($json, $row);
            }
            echo "<pre>";
            echo json_encode($json, JSON_PRETTY_PRINT);
            echo "</pre>";
            break;
        case 'post':
            $post = httpallpost();
            $post = modulehook('jquery-post-commentary', $post);
            $commentary = db_prefix('commentary');
            if ($post['method'] == 'insertcommentary') {
                require_once 'lib/commentary.php';
                injectcommentary(get_module_pref('current_section'), get_module_setting('talkline'), $post['comment']);
            } else {
                $commentid = explode('_', $post['method']);
                require_once 'lib/systemmail.php';
                require_once 'lib/sanitize.php';
                $post['comment'] = htmlent($post['comment']);
                db_query("UPDATE {$commentary} SET comment = '{$post['comment']}' WHERE commentid = '{$commentid[1]}'");
                db_query("INSERT INTO {$commentary} (section, author, comment, postdate) VALUES ('blackhole', '{$session['user']['acctid']}', 'I f****d up', '" . date('Y-m-d H:i:s') . "')");
                invalidatedatacache("comments-{$session['current_commentary_section']}");
                invalidatedatacache("comments-blackhole");
            }
            break;
        case 'last_comment':
            require_once 'lib/sanitize.php';
            db_query("UPDATE accounts SET laston = '" . date('Y-m-d H:i:s') . "' WHERE acctid = '{$session['user']['acctid']}'");
            //$sql = db_query("SELECT comment, commentid FROM ".db_prefix('commentary')." WHERE author = '{$session['user']['acctid']}' AND section = '{$session['current_commentary_area']}' ORDER BY commentid DESC LIMIT 0,1");
            $sql = db_query("SELECT comment, commentid FROM {$commentary}\n                WHERE author = '{$session['user']['acctid']}'\n                AND (section = 'globalooc'\n                    OR section = '{$session['current_commentary_area']}')\n                ORDER BY commentid DESC\n                LIMIT 0,1");
            $row = db_fetch_assoc($sql);
            $data = $row;
            $sql = db_query("SELECT commentid, section, comment FROM {$commentary}\n                WHERE (section = 'globalooc'\n                OR section = '{$session['current_commentary_area']}'\n                OR section = 'blackhole'\n                )\n                ORDER BY commentid+0 DESC\n                LIMIT 0,1");
            $row = db_fetch_assoc($sql);
            $data['last_section'] = $row['section'];
            $data['last_comment'] = $row['commentid'];
            $data['last_message'] = $row['comment'];
            echo json_encode($data);
            break;
        case 'is_typing':
            $post = httpallpost();
            if ($post['typing'] == 'yes') {
                set_module_pref('is_typing', 1);
            } else {
                set_module_pref('is_typing', 0);
            }
            $sql = db_query("SELECT a.name, a.acctid\n                FROM accounts AS a\n                LEFT JOIN module_userprefs AS m\n                ON m.userid = a.acctid\n                LEFT JOIN module_userprefs AS u\n                ON u.userid = m.userid\n                WHERE m.modulename = 'jquerycommentary'\n                AND m.setting = 'is_typing'\n                AND m.value = '1'\n                AND u.modulename = 'jquerycommentary'\n                AND u.setting = 'current_section'\n                and u.value = '" . get_module_pref('current_section') . "'");
            $typing = [];
            while ($row = db_fetch_assoc($sql)) {
                array_push($typing, [$row['acctid'], $row['name']]);
            }
            $isTyping = appoencode('`@');
            $i = 0;
            if (count($typing) != 0) {
                foreach ($typing as $key => $val) {
                    $i++;
                    if ($i == 1) {
                        $isTyping .= appoencode($val[1]);
                    } else {
                        if ($i > 1 && count($typing) > $i) {
                            $isTyping .= appoencode("`@, {$val[1]}");
                        } else {
                            if ($i == count($typing)) {
                                $isTyping .= appoencode("`@ and {$val[1]}");
                            }
                        }
                    }
                    if ($i == count($typing)) {
                        $isTyping .= appoencode("`@...");
                    }
                }
                echo "✏ {$isTyping}";
            } else {
                echo "<br />";
            }
            break;
        case 'api':
            header('Content-Type: application/json');
            /*$sql = db_query(
                  "SELECT c.*, a.name FROM $commentary AS c
                  LEFT JOIN $accounts AS a
                  ON a.acctid = c.author
                  WHERE (section = '{$session['current_commentary_area']}'
                  OR section = 'global-ooc')
                  AND deleted = 0
                  ORDER BY commentid+0 DESC
                  GROUP BY section
                  LIMIT 0, 25"
              );*/
            $sql = db_query("SELECT comm.*, acc.name FROM\n                (\n                    (SELECT * FROM\n                        (SELECT * FROM commentary\n                        WHERE section = 'globalooc'\n                        AND deleted = '0'\n                        ORDER BY commentid+0 DESC\n                        LIMIT 0, 10)\n                    AS c\n                    ORDER BY c.commentid+0 ASC\n                    LIMIT 0, 10)\n                    UNION (\n                        SELECT * FROM\n                        (SELECT * FROM commentary\n                        WHERE section = 'superuser'\n                        AND deleted = '0'\n                        ORDER BY commentid+0 DESC\n                        LIMIT 0, 25)\n                        AS c\n                        ORDER BY c.commentid+0 ASC\n                        LIMIT 0, 25\n                    )\n                ) AS comm\n                LEFT JOIN accounts AS acc\n                ON acc.acctid = comm.author");
            $json = [];
            while ($row = db_fetch_assoc($sql)) {
                $row['name'] = appoencode($row['name']);
                $row['comment'] = appoencode($row['comment']);
                array_push($json, $row);
            }
            echo json_encode($json, JSON_PRETTY_PRINT);
            break;
    }
}
function charrestore_run()
{
    check_su_access(SU_EDIT_USERS);
    require_once "lib/superusernav.php";
    page_header("Character Restore");
    superusernav();
    addnav("Functions");
    addnav("Search", "runmodule.php?module=charrestore&op=list");
    if (httpget("op") == "list") {
        output("Please note that only characters who have reached at least level %s in DK %s will have been saved!`n`n", get_module_setting("lvl_threshold"), get_module_setting("dk_threshold"));
        rawoutput("<form action='runmodule.php?module=charrestore&op=list' method='POST'>");
        addnav("", "runmodule.php?module=charrestore&op=list");
        output("Character Login: "******"<input name='login' value=\"" . htmlentities(stripslashes(httppost("login")), ENT_COMPAT, getsetting("charset", "ISO-8859-1")) . "\"><br>");
        output("After date: ");
        rawoutput("<input name='start' value=\"" . htmlentities(stripslashes(httppost("start")), ENT_COMPAT, getsetting("charset", "ISO-8859-1")) . "\"><br>");
        output("Before date: ");
        rawoutput("<input name='end' value=\"" . htmlentities(stripslashes(httppost("end")), ENT_COMPAT, getsetting("charset", "ISO-8859-1")) . "\"><br>");
        $submit = translate_inline("Submit");
        rawoutput("<input type='submit' value='{$submit}' class='button'>");
        rawoutput("</form>");
        //do the search.
        $login = httppost("login");
        $start = httppost("start");
        $end = httppost("end");
        if ($start > "") {
            $start = strtotime($start);
        }
        if ($end > "") {
            $end = strtotime($end);
        }
        if ($login . $start . $end > "") {
            $path = charrestore_getstorepath();
            debug($path);
            $d = dir($path);
            $count = 0;
            while (($entry = $d->read()) !== false) {
                $e = explode("|", $entry);
                if (count($e) < 2) {
                    continue;
                }
                $name = str_replace("_", " ", $e[0]);
                $date = strtotime($e[1]);
                if ($login > "") {
                    if (strpos(strtolower($name), strtolower($login)) === false) {
                        continue;
                    }
                }
                if ($start > "") {
                    if ($date < $start) {
                        continue;
                    }
                }
                if ($end > "") {
                    if ($date > $end) {
                        continue;
                    }
                }
                $count++;
                rawoutput("<a href='runmodule.php?module=charrestore&op=beginrestore&file=" . rawurlencode($entry) . "'>{$name}</a> (" . date("M d, Y", $date) . ")<br>");
                addnav("", "runmodule.php?module=charrestore&op=beginrestore&file=" . rawurlencode($entry));
            }
            if ($count == 0) {
                output("No characters matching the specified criteria were found.");
            }
        }
    } elseif (httpget("op") == "beginrestore") {
        $user = unserialize(join("", file(charrestore_getstorepath() . httpget("file"))));
        $sql = "SELECT count(*) AS c FROM " . db_prefix("accounts") . " WHERE login='******'account']['login']}'";
        $result = db_query($sql);
        $row = db_fetch_assoc($result);
        rawoutput("<form action='runmodule.php?module=charrestore&op=finishrestore&file=" . rawurlencode(stripslashes(httpget("file"))) . "' method='POST'>");
        addnav("", "runmodule.php?module=charrestore&op=finishrestore&file=" . rawurlencode(stripslashes(httpget("file"))));
        if ($row['c'] > 0) {
            output("`\$The user's login conflicts with an existing login in the system.");
            output("You will have to provide a new one, and you should probably think about giving them a new name after the restore.`n");
            output("`^New Login: "******"<input name='newlogin'><br>");
        }
        $yes = translate_inline("Do the restore");
        rawoutput("<input type='submit' value='{$yes}' class='button'>");
        output("`n`#Some user info:`0`n");
        $vars = array("login" => "Login", "name" => "Name", "laston" => "Last On", "email" => "Email", "dragonkills" => "DKs", "level" => "Level", "gentimecount" => "Total hits");
        while (list($key, $val) = each($vars)) {
            output("`^{$val}: `#%s`n", $user['account'][$key]);
        }
        rawoutput("<input type='submit' value='{$yes}' class='button'>");
        rawoutput("</form>");
    } elseif (httpget("op") == "finishrestore") {
        $user = unserialize(join("", file(charrestore_getstorepath() . httpget("file"))));
        $sql = "SELECT count(*) AS c FROM " . db_prefix("accounts") . " WHERE login='******'newlogin') > '' ? httppost('newlogin') : $user['account']['login']) . "'";
        $result = db_query($sql);
        $row = db_fetch_assoc($result);
        if ($row['c'] > 0) {
            redirect("runmodule.php?module=charrestore&op=beginrestore&file=" . rawurlencode(stripslashes(httpget("file"))));
        } else {
            if (httppost("newlogin") > "") {
                $user['account']['login'] = httppost('newlogin');
            }
            $sql = "DESCRIBE " . db_prefix("accounts");
            $result = db_query($sql);
            $known_columns = array();
            while ($row = db_fetch_assoc($result)) {
                $known_columns[$row['Field']] = true;
            }
            $keys = array();
            $vals = array();
            while (list($key, $val) = each($user['account'])) {
                if ($key == "laston") {
                    array_push($keys, $key);
                    array_push($vals, "'" . date("Y-m-d H:i:s", strtotime("-1 day")) . "'");
                } elseif (!isset($known_columns[$key])) {
                    output("`2Dropping the column `^%s`n", $key);
                } else {
                    array_push($keys, $key);
                    array_push($vals, "'" . addslashes($val) . "'");
                }
            }
            $sql = "INSERT INTO " . db_prefix("accounts") . " (\n" . join("\t,\n", $keys) . ") VALUES (\n" . join("\t,\n", $vals) . ")";
            db_query($sql);
            $id = db_insert_id();
            if ($id > 0) {
                addnav("Edit the restored user", "user.php?op=edit&userid={$id}");
                if ($id != $user['account']['acctid']) {
                    output("`^The account was restored, though the account ID was not preserved; things such as news, mail, comments, debuglog, and other items associated with this account that were not stored as part of the snapshot have lost their association.");
                    output("The original ID was `&%s`^, and the new ID is `&%s`^.", $user['account']['acctid'], $id);
                    output("The most common cause of this problem is another account already present with the same ID.");
                    output("Did you do a restore of an already existing account?  If so, the existing account was not overwritten.`n");
                } else {
                    output("`#The account was restored.`n");
                }
                output("`#Now working on module preferences.`n");
                while (list($modulename, $values) = each($user['prefs'])) {
                    output("`3Module: `2%s`3...`n", $modulename);
                    if (is_module_installed($modulename)) {
                        while (list($prefname, $value) = each($values)) {
                            set_module_pref($prefname, $value, $modulename, $id);
                        }
                    } else {
                        output("`\$Skipping prefs for module `^%s`\$ because this module is not currently installed.`n", $modulename);
                    }
                }
                output("`#The preferences were restored.`n");
            } else {
                output("`\$Something funky has happened, preventing this account from correctly being created.");
                output("I'm sorry, you may have to recreate this account by hand.");
                output("The SQL I tried was:`n");
                rawoutput("<pre>" . htmlentities($sql, ENT_COMPAT, getsetting("charset", "ISO-8859-1")) . "</pre>");
            }
        }
    }
    page_footer();
}
function drinks_editor()
{
    global $mostrecentmodule;
    if (!get_module_pref("canedit")) {
        check_su_access(SU_EDIT_USERS);
    }
    page_header("Drink Editor");
    require_once "lib/superusernav.php";
    superusernav();
    addnav("Drink Editor");
    addnav("Add a drink", "runmodule.php?module=drinks&act=editor&op=add&admin=true");
    $op = httpget('op');
    $drinkid = httpget('drinkid');
    $header = "";
    if ($op != "") {
        addnav("Drink Editor Main", "runmodule.php?module=drinks&act=editor&admin=true");
        if ($op == 'add') {
            $header = translate_inline("Adding a new drink");
        } else {
            if ($op == 'edit') {
                $header = translate_inline("Editing a drink");
            }
        }
    } else {
        $header = translate_inline("Current drinks");
    }
    output_notl("`&<h3>{$header}`0</h3>", true);
    $drinksarray = array("Drink,title", "drinkid" => "Drink ID,hidden", "name" => "Drink Name", "costperlevel" => "Cost per level,int", "hpchance" => "Chance of modifying HP (see below),range,0,10,1", "turnchance" => "Chance of modifying turns (see below),range,0,10,1", "alwayshp" => "Always modify hitpoints,bool", "alwaysturn" => "Always modify turns,bool", "drunkeness" => "Drunkeness,range,1,100,1", "harddrink" => "Is drink hard alchohol?,bool", "hpmin" => "Min HP to add (see below),range,-20,20,1", "hpmax" => "Max HP to add (see below),range,-20,20,1", "hppercent" => "Modify HP by some percent (see below),range,-25,25,5", "turnmin" => "Min turns to add (see below),range,-5,5,1", "turnmax" => "Max turns to add (see below),range,-5,5,1", "remarks" => "Remarks", "buffname" => "Name of the buff", "buffrounds" => "Rounds buff lasts,range,1,20,1", "buffroundmsg" => "Message each round of buff", "buffwearoff" => "Message when buff wears off", "buffatkmod" => "Attack modifier of buff", "buffdefmod" => "Defense modifier of buff", "buffdmgmod" => "Damage modifier of buff", "buffdmgshield" => "Damage shield modifier of buff", "buffeffectfailmsg" => "Effect failure message (see below)", "buffeffectnodmgmsg" => "No damage message (see below)", "buffeffectmsg" => "Effect message (see below)");
    if ($op == "del") {
        $sql = "DELETE FROM " . db_prefix("drinks") . " WHERE drinkid='{$drinkid}'";
        module_delete_objprefs('drinks', $drinkid);
        db_query($sql);
        $op = "";
        httpset('op', "");
    }
    if ($op == "save") {
        $subop = httpget("subop");
        if ($subop == "") {
            $drinkid = httppost("drinkid");
            list($sql, $keys, $vals) = postparse($drinksarray);
            if ($drinkid > 0) {
                $sql = "UPDATE " . db_prefix("drinks") . " SET {$sql} WHERE drinkid='{$drinkid}'";
            } else {
                $sql = "INSERT INTO " . db_prefix("drinks") . " ({$keys}) VALUES ({$vals})";
            }
            db_query($sql);
            if (db_affected_rows() > 0) {
                output("`^Drink saved!");
            } else {
                $str = db_error();
                if ($str == "") {
                    output("`^Drink not saved: no changes detected.");
                } else {
                    output("`^Drink not saved: `\$%s`0", $sql);
                }
            }
        } elseif ($subop == "module") {
            $drinkid = httpget("drinkid");
            // Save module settings
            $module = httpget("editmodule");
            // This should obey the same rules as the configuration editor
            // So disabling
            //$sql = "DELETE FROM " . db_prefix("module_objprefs") . " WHERE objtype='drinks' AND objid='$drinkid' AND modulename='$module'";
            //db_query($sql);
            $post = httpallpost();
            reset($post);
            while (list($key, $val) = each($post)) {
                set_module_objpref("drinks", $drinkid, $key, $val, $module);
            }
            output("`^Saved.");
        }
        if ($drinkid) {
            $op = "edit";
            httpset("drinkid", $drinkid, true);
        } else {
            $op = "";
        }
        httpset('op', $op);
    }
    if ($op == "activate") {
        $sql = "UPDATE " . db_prefix("drinks") . " SET active=1 WHERE drinkid='{$drinkid}'";
        db_query($sql);
        $op = "";
        httpset('op', "");
    }
    if ($op == "deactivate") {
        $sql = "UPDATE " . db_prefix("drinks") . " SET active=0 WHERE drinkid='{$drinkid}'";
        db_query($sql);
        $op = "";
        httpset('op', "");
    }
    if ($op == "") {
        $op = translate_inline("Ops");
        $id = translate_inline("Id");
        $nm = translate_inline("Name");
        $dkn = translate_inline("Drunkeness");
        $hard = translate_inline("Hard Alchohol?");
        $edit = translate_inline("Edit");
        $deac = translate_inline("Deactivate");
        $act = translate_inline("Activate");
        $conf = translate_inline("Are you sure you wish to delete this drink?");
        $del = translate_inline("Del");
        rawoutput("<table border=0 cellpadding=2 cellspacing=1 bgcolor='#999999'>");
        rawoutput("<tr class='trhead'>");
        rawoutput("<td>{$op}</td><td>{$id}</td><td>{$nm}</td><td>{$dkn}</td><td>{$hard}</td>");
        rawoutput("</tr>");
        $sql = "SELECT drinkid,active,name,drunkeness,harddrink FROM " . db_prefix("drinks") . " ORDER BY drinkid";
        $result = db_query($sql);
        for ($i = 0; $i < db_num_rows($result); $i++) {
            $row = db_fetch_assoc($result);
            $id = $row['drinkid'];
            rawoutput("<tr class='" . ($i % 2 ? "trlight" : "trdark") . "'>");
            rawoutput("<td nowrap>[ <a href='runmodule.php?module=drinks&act=editor&op=edit&drinkid={$id}&admin=true'>{$edit}</a>");
            addnav("", "runmodule.php?module=drinks&act=editor&op=edit&drinkid={$id}&admin=true");
            if ($row['active']) {
                rawoutput(" | <a href='runmodule.php?module=drinks&act=editor&op=deactivate&drinkid={$id}&admin=true'>{$deac}</a>");
                addnav("", "runmodule.php?module=drinks&act=editor&op=deactivate&drinkid={$id}&admin=true");
            } else {
                rawoutput(" | <a href='runmodule.php?module=drinks&act=editor&op=activate&drinkid={$id}&admin=true'>{$act}</a>");
                addnav("", "runmodule.php?module=drinks&act=editor&op=activate&drinkid={$id}&admin=true");
            }
            rawoutput(" | <a href='runmodule.php?module=drinks&act=editor&op=del&drinkid={$id}&admin=true' onClick='return confirm(\"{$conf}\");'>{$del}</a> ]</td>");
            addnav("", "runmodule.php?module=drinks&act=editor&op=del&drinkid={$id}&admin=true");
            output_notl("<td>`^%s</td>`0", $id, true);
            output_notl("<td>`&%s`0</td>", $row['name'], true);
            output_notl("<td>`^%s`0</td>", $row['drunkeness'], true);
            $hard = translate_inline("`^No");
            if ($row['harddrink']) {
                $hard = translate_inline("`\$Yes");
            }
            output_notl("<td>%s`0</td>", $hard, true);
            rawoutput("</tr>");
        }
        rawoutput("</table>");
    }
    $subop = httpget("subop");
    if ($op == "edit") {
        addnav("Drink properties", "runmodule.php?module=drinks&act=editor&op=edit&drinkid={$drinkid}&admin=true");
        module_editor_navs("prefs-drinks", "runmodule.php?module=drinks&act=editor&drinkid={$drinkid}&op=edit&subop=module&editmodule=");
        if ($subop == "module") {
            $module = httpget("editmodule");
            $oldmodule = $mostrecentmodule;
            rawoutput("<form action='runmodule.php?module=drinks&act=editor&op=save&subop=module&editmodule={$module}&drinkid={$drinkid}&admin=true' method='POST'>");
            module_objpref_edit('drinks', $module, $drinkid);
            $mostrecentmodule = $oldmodule;
            rawoutput("</form>");
            addnav("", "runmodule.php?module=drinks&act=editor&op=save&subop=module&editmodule={$module}&drinkid={$drinkid}&admin=true");
        } elseif ($subop == "") {
            $sql = "SELECT * FROM " . db_prefix("drinks") . " WHERE drinkid='" . httpget('drinkid') . "'";
            $result = db_query($sql);
            $row = db_fetch_assoc($result);
        }
    } elseif ($op == "add") {
        /* We're adding a new drink, make an empty row */
        $row = array();
        $row['drinkid'] = 0;
    }
    if (($op == "edit" || $op == "add") && $subop == "") {
        rawoutput("<form action='runmodule.php?module=drinks&act=editor&op=save&admin=true' method='POST'>");
        addnav("", "runmodule.php?module=drinks&act=editor&op=save&admin=true");
        showform($drinksarray, $row);
        rawoutput("</form>");
        output("`\$NOTE:`7 Make sure that you know what you are doing when modifying or adding drinks.`n");
        output("Just because the drinks have a lot of options, doesn't mean you have to use all of them`n`n");
        output("`2Drink ID: `7This field is used internally and should be unique.`n");
        output("`2Name: `7The name of the drink the user will see.`n");
        output("`2Cost per level: `7This value times the users level is the drink cost.`n");
        output("`2Chance of modifying HP: `7If set, this is the number of chances out of the total of this and the turn chance for HP getting modified.`n");
        output("`2Chance of modifying turns: `7If set, this is the number of chances out of the total of this and the HP chance for turns getting modified.`n");
        output("`2Always modify HP: `7If set, hitpoints will be modified.  Should not be set alongside HP chance above.`n");
        output("`2Always modify turns: `7If set, turns will be modified.  Should not be set alongside turn chance above.`n");
        output("`2Drunkeness: `7How drunk will this make the player.`n");
        output("`2Hard Drink: `7Users are only allowed a certain number of hard drinks per day regardless of drunkeness.`n");
        output("`2Min HP to add: `7If we are modifying hitpoints, and if HP percent isn't set, use this and the HP max value to pick a random amount of HP to add.  Can be negative.`n");
        output("`2Max HP to add: `7If we are modifying hitpoints and if HP percent isn't set, use this and the HP min value to pick a random amount of HP to add.  Can be negative.`n");
        output("`2HP percent: `7If we are modifying hitpoints and if this is set, the users hitpoints are modified by this percentage.  Can be negative.`n");
        output("`2Min turns to add: `7If we are modifying turns, use this and the turn max value to pick a random amount of turns to add.  Can be negative.`n");
        output("`2Max turns to add: `7If we are modifying turns, use this and the turn min value to pick a random amount of turns to add.  Can be negative.`n");
        output("`2Remarks: `7Text displayed to the user when they order the drink.`n");
        output("`2Buff name: `7What is this buff called.`n");
        output("`2Buff rounds: `7How many rounds this buff lasts.`n");
        output("`2Buff round message: `7What message should show as each round occurs.`n");
        output("`2Buff wearoff: `7What message is shown when this buff wears off.`n");
        output("`2Buff attack modifier: `7Multiplier to modify attack points by? 1.0 is no modification, 2.0 doubles their attack points.`n");
        output("`2Buff defense modifier: `7Multiplier to modify defense points by? 1.0 is no modification, 2.0 doubles their defense points.`n");
        output("`2Buff damage modifier: `7Multiplier to modify damage by? 1.0 is no modification, 2.0 doubles their damage points. This is `\$VERY POTENT`7!`n");
        output("`2Buff damage shield modifier: `7When you are hit, deals damage to your opponent based on damage done to you. 1.0 deals identical damage, 2.0 deals double damage back to the opponent.`n");
        output("`2Effect failure message: Message if this buff fails. (Only used with damage shield)`n");
        output("`2Effect no damage message: Message if no damage is done. (Only used with damage shield)`n");
        output("`2Effect message: What shows when this buff has an effect. (Only used with damage shield)`n`n");
    }
    page_footer();
}
function riddles_editor()
{
    global $session;
    require_once "lib/nltoappon.php";
    if (!get_module_pref("canedit")) {
        check_su_access(SU_EDIT_RIDDLES);
    }
    $op = httpget('op');
    $id = httpget('id');
    page_header("Riddle Editor");
    require_once "lib/superusernav.php";
    superusernav();
    addnav("Riddle Editor");
    addnav("Riddle Editor Home", "runmodule.php?module=riddles&act=editor&admin=true");
    addnav("Add a riddle", "runmodule.php?module=riddles&act=editor&op=edit&admin=true");
    if ($op == "save") {
        $id = httppost('id');
        $riddle = trim(httppost('riddle'));
        $answer = trim(httppost('answer'));
        if ($id > "") {
            $sql = "UPDATE " . db_prefix("riddles") . " SET riddle='" . nltoappon($riddle) . "', answer='{$answer}' WHERE id='{$id}'";
        } else {
            $sql = "INSERT INTO " . db_prefix("riddles") . " (riddle,answer,author) VALUES('" . nltoappon($riddle) . "','{$answer}','{$session['user']['login']}')";
        }
        db_query($sql);
        if (db_affected_rows() > 0) {
            $op = "";
            httpset("op", "");
            output("Riddle saved.");
        } else {
            output("The query was not executed for some reason I can't fathom.");
            output("Perhaps you didn't actually make any changes to the riddle.");
        }
    } elseif ($op == "del") {
        $sql = "DELETE FROM " . db_prefix("riddles") . " WHERE id='{$id}'";
        db_query($sql);
        $op = "";
        httpset("op", "");
        output("Riddle deleted.");
    }
    if ($op == "") {
        $sql = "SELECT * FROM " . db_prefix("riddles");
        $result = db_query($sql);
        $i = translate_inline("Id");
        $ops = translate_inline("Ops");
        $rid = translate_inline("Riddle");
        $ans = translate_inline("Answer");
        $auth = translate_inline("Author");
        rawoutput("<table border=0 cellpadding=2 cellspacing=1 bgcolor='#999999'><tr class='trhead'><td>{$i}</td><td>{$ops}</td><td>{$rid}</td><td>{$ans}</td><td>{$auth}</td></tr>");
        for ($i = 0; $i < db_num_rows($result); $i++) {
            $row = db_fetch_assoc($result);
            rawoutput("<tr class='" . ($i % 2 ? "trlight" : "trdark") . "'>");
            rawoutput("<td valign='top'>");
            output_notl("%s", $row['id']);
            rawoutput("</td><td valign='top'>");
            $conf = translate_inline("Are you sure you wish to delete this riddle?");
            $edit = translate_inline("Edit");
            $del = translate_inline("Delete");
            $elink = "runmodule.php?module=riddles&act=editor&op=edit&id=" . $row['id'] . "&admin=true";
            $dlink = "runmodule.php?module=riddles&act=editor&op=del&id=" . $row['id'] . "&admin=true";
            output_notl("[");
            rawoutput("<a href='{$elink}'>{$edit}</a>");
            output_notl("|");
            rawoutput("<a href='{$dlink}' onClick='return confirm(\"{$conf}\");'>{$del}</a>");
            output_notl("]");
            addnav("", $elink);
            addnav("", $dlink);
            rawoutput("</td><td valign='top'>");
            output_notl("`&%s`0", $row['riddle']);
            rawoutput("</td><td valign='top'>");
            output_notl("`#%s`0", $row['answer']);
            rawoutput("</td><td valign='top'>");
            output_notl("`^%s`0", $row['author']);
            rawoutput("</td></tr>");
        }
        rawoutput("</table>");
    } elseif ($op == "edit") {
        $sql = "SELECT * FROM " . db_prefix("riddles") . " WHERE id='{$id}'";
        $result = db_query($sql);
        rawoutput("<form action='runmodule.php?module=riddles&act=editor&op=save&admin=true' method='POST'>", true);
        addnav("", "runmodule.php?module=riddles&act=editor&op=save&admin=true");
        if ($row = db_fetch_assoc($result)) {
            output("`bEdit a riddle`b`n");
            $title = "Edit a riddle";
            $i = $row['id'];
            rawoutput("<input type='hidden' name='id' value='{$i}'>");
        } else {
            output("`bAdd a riddle`b`n");
            $title = "Add a riddle";
            $row = array("riddle" => "", "answer" => "", "author" => $session['user']['login']);
        }
        $form = array("Riddle,title", "riddle" => "Riddle text,textarea", "answer" => "Answer", "author" => "Author,viewonly");
        require_once "lib/showform.php";
        showform($form, $row);
        rawoutput("</form>");
        output("`^NOTE:`& Separate multiple correct answers with semicolons (;)`n`n");
        output("`7The following are ignored at the start of answers: `&a, an, and, the, my, your, someones, someone's, someone, his, hers`n");
        output("`7The following are ignored at the end of answers: `&s, ing, ed`0`n`n");
        output("`\$NOTE:  Riddles are displayed in the language they are stored in the database.");
        output("Similarly, answers are expected in the language stored in the database.");
    }
    page_footer();
}
<?php

$mode = httpget("mode");
require_once "lib/superusernav.php";
superusernav();
check_su_access(SU_AUDIT_MODERATION);
switch ($mode) {
    case "invalidate":
        $search = httppost('search');
        $who = httpget('who');
        if ($who == '') {
            $send = translate_inline("Search");
            output("Whose avatar do you want to invalidate?`n`n");
            rawoutput("<form method='POST' action='runmodule.php?module=avatar&op=validate&mode=invalidate'>");
            rawoutput("<input name='search' type='text' size='40' value={$search}>");
            rawoutput("<input type='submit' class='button' value={$send}>");
            rawoutput("</form>");
            addnav("", "runmodule.php?module=avatar&op=validate&mode=invalidate");
            output_notl("`n`n");
            if ($search) {
                $name = "%" . $search . "%";
                $sql = "SELECT u.userid AS acctid,k.name as name, k.login as login FROM " . db_prefix("module_userprefs") . " AS u INNER JOIN " . db_prefix("module_userprefs") . " AS t RIGHT JOIN " . db_prefix("accounts") . " as k ON u.userid=t.userid AND k.acctid=u.userid WHERE u.modulename='avatar' AND u.setting='avatar' AND u.value!='' AND t.modulename='avatar' AND t.setting='validated' AND t.value='1' AND (k.name LIKE '{$name}' OR k.login LIKE '{$name}');";
                $result = db_query($sql);
                if (db_num_rows($result) > 100) {
                    output("There are more than 100 matches. Please specify the user a bit more.");
                    addnav("runmodule.php?module=avatar&op=validate&mode=invalidate");
                    break;
                }
                if (db_num_rows($result) == 0) {
                    output("No user with a valid personal avatar found matching this criteria.");
                } else {
<?php

// translator ready
// addnews ready
// mail ready
require_once "common.php";
require_once "lib/showform.php";
require_once "lib/http.php";
check_su_access(SU_EDIT_EQUIPMENT);
tlschema("weapon");
page_header("Weapon Editor");
$weaponlevel = (int) httpget("level");
require_once "lib/superusernav.php";
superusernav();
addnav("Editor");
addnav("Weapon Editor Home", "weaponeditor.php?level={$weaponlevel}");
addnav("Add a weapon", "weaponeditor.php?op=add&level={$weaponlevel}");
$values = array(1 => 48, 225, 585, 990, 1575, 2250, 2790, 3420, 4230, 5040, 5850, 6840, 8010, 9000, 10350);
rawoutput("<h3>");
if ($weaponlevel == 1) {
    output("`&Weapons for 1 Dragon Kill`0");
} else {
    output("`&Weapons for %s Dragon Kills`0", $weaponlevel);
}
rawoutput("<h3>");
$weaponarray = array("Weapon,title", "weaponid" => "Weapon ID,hidden", "weaponname" => "Weapon Name", "damage" => "Damage,range,1,15,1");
$op = httpget('op');
$id = httpget('id');
if ($op == "edit" || $op == "add") {
    if ($op == "edit") {
        $sql = "SELECT * FROM " . db_prefix("weapons") . " WHERE weaponid='{$id}'";
<?php

//Author: Lonny Luberts - 3/18/2005
//Heavily modified by JT Traub
require_once "common.php";
require_once "lib/http.php";
check_su_access(SU_EDIT_USERS);
tlschema("retitle");
page_header("Title Editor");
$op = httpget('op');
$id = httpget('id');
$editarray = array("Titles,title", "dk" => "Dragon Kills,int|0", "male" => "Male Title,text|", "female" => "Female Title,text|");
addnav("Other");
require_once "lib/superusernav.php";
superusernav();
addnav("Functions");
if ($op == "save") {
    $male = httppost('male');
    $female = httppost('female');
    $dk = httppost('dk');
    // Ref is currently unused
    // $ref = httppost('ref');
    $ref = '';
    if ((int) $id == 0) {
        $sql = "INSERT INTO " . db_prefix("titles") . " (titleid,dk,ref,male,female) VALUES ({$id},{$dk},'{$ref}','{$male}','{$female}')";
        $note = "`^New title added.`0";
        $errnote = "`\$Unable to add title.`0";
    } else {
        $sql = "UPDATE " . db_prefix("titles") . " SET dk={$dk},ref='{$ref}',male='{$male}',female='{$female}' WHERE titleid={$id}";
        $note = "`^Title modified.`0";
        $errnote = "`\$Unable to modify title.`0";
<?php

// mail ready
// addnews ready
// translator ready
require_once "common.php";
require_once "lib/http.php";
tlschema("paylog");
check_su_access(SU_EDIT_PAYLOG);
/*
+-----------+---------------------+------+-----+---------+----------------+
| Field     | Type                | Null | Key | Default | Extra          |
+-----------+---------------------+------+-----+---------+----------------+
| payid     | int(11)             |      | PRI | NULL    | auto_increment |
| info      | text                |      |     |         |                |
| response  | text                |      |     |         |                |
| txnid     | varchar(32)         |      | MUL |         |                |
| amount    | float(9,2)          |      |     | 0.00    |                |
| name      | varchar(50)         |      |     |         |                |
| acctid    | int(11) unsigned    |      |     | 0       |                |
| processed | tinyint(4) unsigned |      |     | 0       |                |
| filed     | tinyint(4) unsigned |      |     | 0       |                |
| txfee     | float(9,2)          |      |     | 0.00    |                |
+-----------+---------------------+------+-----+---------+----------------+
*/
page_header("Payment Log");
require_once "lib/superusernav.php";
superusernav();
$op = httpget('op');
if ($op == "") {
    $sql = "SELECT info,txnid FROM " . db_prefix("paylog") . " WHERE processdate='0000-00-00'";
<?php

// translator ready
// addnews ready
// mail ready
require_once "common.php";
require_once "lib/http.php";
tlschema("rawsql");
check_su_access(SU_RAW_SQL);
page_header("Raw SQL/PHP execution");
require_once "lib/superusernav.php";
superusernav();
addnav("Execution");
addnav("SQL", "rawsql.php");
addnav("PHP", "rawsql.php?op=php");
$op = httpget("op");
if ($op == "" || $op == "sql") {
    $sql = httppost('sql');
    if ($sql != "") {
        $sql = stripslashes($sql);
        modulehook("rawsql-execsql", array("sql" => $sql));
        $r = db_query($sql, false);
        if (!$r) {
            output("`\$SQL Error:`& %s`0`n`n", db_error($r));
        } else {
            if (db_affected_rows() > 0) {
                output("`&%s rows affected.`n`n", db_affected_rows());
            }
            rawoutput("<table cellspacing='1' cellpadding='2' border='0' bgcolor='#999999'>");
            $number = db_num_rows($r);
            for ($i = 0; $i < $number; $i++) {
function worldmapen_run_real()
{
    global $session, $badguy, $pvptimeout, $options, $outdoors, $shady;
    $outdoors = true;
    $op = httpget("op");
    $battle = false;
    if ($op == 'move' && rawurldecode(httpget('oloc')) != get_module_pref('worldXYZ')) {
        debug(get_module_pref('worldXYZ'));
        $op = 'continue';
        httpset('op', $op);
    }
    //	debug("Worldmap running op={$op} ...");
    // handle the admin editor first
    if ($op == "edit") {
        if (!get_module_pref("canedit")) {
            check_su_access(SU_EDIT_USERS);
        }
        if (get_module_setting("worldmapenInstalled") != 1) {
            set_module_setting('worldmapenInstalled', "1");
            worldmapen_defaultcityloc();
        }
        worldmapen_editor();
    }
    if ($op == "destination") {
        $cname = httpget("cname");
        $session['user']['location'] = $cname;
        addnav(array("Enter %s", $cname), "village.php");
        output("`c`4`bYou've Arrived in %s.`b`0`c`n", $cname);
        output("`cYou have reached the outer gates of the city.`c");
    }
    if (!get_module_setting("worldmapenInstalled")) {
        page_header("A rip in the fabric of space and time");
        require_once "lib/villagenav.php";
        villagenav();
        output("`^The admins of this game haven't yet finished installing the worldmapen module.");
        output("You should send them a petition and tell them that they forgot to generate the initial locations of the cities.");
        output("Until then, you are kind of stuck here, so I hope you like where you are.`n`n");
        output("After all, remember:`nWherever you go, there you are.`0");
        page_footer();
    }
    $subop = httpget("subop");
    $act = httpget("act");
    $type = httpget("type");
    $name = httpget("name");
    $direction = httpget("dir");
    $su = httpget("su");
    $buymap = httpget("buymap");
    $worldmapCostGold = get_module_setting("worldmapCostGold");
    $pvp = httpget('pvp');
    require_once "lib/events.php";
    if ($session['user']['specialinc'] != "" || httpget("eventhandler")) {
        $in_event = handle_event(get_module_setting("randevent"), "runmodule.php?module=worldmapen&op=continue&", "Travel");
        if ($in_event) {
            addnav("Continue", "runmodule.php?module=worldmapen&op=continue");
            module_display_events(get_module_setting("randevent"), "runmodule.php?module=worldmapen&op=continue");
            page_footer();
        }
    }
    page_header("Journey");
    //is the player looking at chat?
    if (httpget('comscroll') || httpget('comscroll') === 0 || httpget('comment') || httpget('refresh')) {
        $chatoverride = 1;
        require_once "lib/commentary.php";
        addcommentary();
        $loc = get_module_pref("worldXYZ", "worldmapen");
        viewcommentary("mapchat-" . $loc, "Chat with others who walk this path...", 25);
    }
    if ($op == "beginjourney") {
        $loc = $session['user']['location'];
        $x = get_module_setting($loc . "X");
        $y = get_module_setting($loc . "Y");
        $z = get_module_setting($loc . "Z");
        $xyz = $x . "," . $y . "," . $z;
        set_module_pref("worldXYZ", $xyz);
        output("`b`&The gates of %s`& stand closed behind you.`0`b`n`n", $session['user']['location']);
        $num = e_rand(1, 5);
        $msg = get_module_setting("leaveGates{$num}");
        output("`c`n`^%s`0`n`c`n", $msg);
        worldmapen_determinenav();
        if (get_module_setting("smallmap")) {
            worldmapen_viewsmallmap();
        }
        if (!$chatoverride) {
            require_once "lib/commentary.php";
            addcommentary();
            $loc = get_module_pref("worldXYZ", "worldmapen");
            viewcommentary("mapchat-" . $loc, "Chat with others who walk this path...", 25);
        }
        worldmapen_viewmapkey(true, false);
        module_display_events(get_module_setting("randevent"), "runmodule.php?module=worldmapen&op=continue");
        $loc = get_module_pref('worldXYZ');
        list($x, $y, $z) = explode(",", $loc);
        $t = worldmapen_getTerrain($x, $y, $z);
        //debug($t);
        if ($t['type'] == "Forest") {
            $shady = true;
        }
    } elseif ($op == "continue") {
        checkday();
        worldmapen_determinenav();
        if (get_module_setting("smallmap")) {
            worldmapen_viewsmallmap();
        }
        if (!$chatoverride) {
            require_once "lib/commentary.php";
            addcommentary();
            $loc = get_module_pref("worldXYZ", "worldmapen");
            viewcommentary("mapchat-" . $loc, "Chat with others who walk this path...", 25);
        }
        worldmapen_viewmapkey(true, false);
        $loc = get_module_pref('worldXYZ');
        list($x, $y, $z) = explode(",", $loc);
        $t = worldmapen_getTerrain($x, $y, $z);
        //debug($t);
        if ($t['type'] == "Forest") {
            $shady = true;
        }
        //Turns Trading bit, added by CavemanJoe
    } elseif ($op == "tradeturn") {
        checkday();
        $pointstrade = get_module_setting("turntravel");
        output("You can trade one Turn for %s Travel Points.  Do you want to do this now?", $pointstrade);
        addnav("Yes, use a turn", "runmodule.php?module=worldmapen&op=tradeturnconfirm");
        addnav("No, cancel and return to the map", "runmodule.php?module=worldmapen&op=continue");
    } elseif ($op == "tradeturnconfirm") {
        $pointstrade = get_module_setting("turntravel");
        output("By conserving energy that you would have otherwise used for fighting creatures, you have gained %s Travel Points.", $pointstrade);
        $session['user']['turns']--;
        $ttoday = get_module_pref("traveltoday", "cities");
        set_module_pref("traveltoday", $ttoday - $pointstrade, "cities");
        addnav("Continue", "runmodule.php?module=worldmapen&op=continue");
    } elseif ($op == "move" && !$chatoverride) {
        checkday();
        if ($session['user']['location'] != 'World') {
            set_module_pref("lastCity", $session['user']['location']);
            $session['user']['location'] = "World";
        }
        $session['user']['restorepage'] = "runmodule.php?module=worldmapen&op=continue";
        $loc = get_module_pref('worldXYZ');
        list($x, $y, $z) = explode(",", $loc);
        if ($direction == "north") {
            $y += 1;
        }
        if (get_module_setting("compasspoints") == "1" and $direction == "northeast") {
            $y += 1;
            $x += 1;
        }
        if (get_module_setting("compasspoints") == "1" and $direction == "northwest") {
            $y += 1;
            $x -= 1;
        }
        if ($direction == "east") {
            $x += 1;
        }
        if ($direction == "south") {
            $y -= 1;
        }
        if (get_module_setting("compasspoints") == "1" and $direction == "southeast") {
            $y -= 1;
            $x += 1;
        }
        if (get_module_setting("compasspoints") == "1" and $direction == "southwest") {
            $y -= 1;
            $x -= 1;
        }
        if ($direction == "west") {
            $x -= 1;
        }
        $terraincost = worldmapen_terrain_cost($x, $y, $z);
        $encounterbase = worldmapen_encounter($x, $y, $z);
        $encounterchance = get_module_pref("encounterchance");
        $encounter = $encounterbase * $encounterchance / 100;
        debug($encounterbase . " * " . $encounterchance . " / 100 = " . $encounter);
        $ttoday = get_module_pref("traveltoday", "cities");
        set_module_pref("traveltoday", $ttoday + $terraincost, "cities");
        worldmapen_terrain_takestamina($x, $y, $z);
        $xyz = $x . "," . $y . "," . $z;
        set_module_pref("worldXYZ", $xyz);
        // $randchance = get_module_setting("randchance");
        // if (e_rand(0,100) < $randchance){
        // $eventravel = "travel";
        // set_module_setting("randevent", $eventravel);
        // }else{
        // $eventravel = "forest";
        // set_module_setting("randevent", $eventravel);
        // }
        //Extra Gubbins pertaining to trading Turns for Travel, added by Caveman Joe
        $useturns = get_module_setting("useturns");
        $allowzeroturns = get_module_setting("allowzeroturns");
        $playerturns = $session['user']['turns'];
        $proceed = 1;
        //the Proceed value is used when the player has hit a monster, to make sure it's okay to actually run the event/monster.
        if ($playerturns == 0 && $allowzeroturns == 0) {
            $proceed = 0;
        }
        if (e_rand(0, 100) < $encounter && $su != '1' && $proceed == 1 && !$chatoverride) {
            // They've hit a monster!
            if (module_events(get_module_setting("randevent"), get_module_setting("wmspecialchance"), "runmodule.php?module=worldmapen&op=continue&") != 0) {
                page_header("Something Special!");
                if (checknavs()) {
                    page_footer();
                } else {
                    // Reset the special for good.
                    $session['user']['specialinc'] = "";
                    $session['user']['specialmisc'] = "";
                    $skipvillagedesc = true;
                    $op = "";
                    httpset("op", "");
                    addnav("Continue", "runmodule.php?module=worldmapen&op=continue&");
                    module_display_events(get_module_setting("randevent"), "runmodule.php?module=worldmapen&op=continue");
                    page_footer();
                }
            }
            //Check if we're removing a turn when the player encounters a monster, and if so, do it
            if ($useturns == 1) {
                $session['user']['turns']--;
            }
            //Fix to only search for Forest type creatures, added by CavemanJoe
            $sql = "SELECT * FROM " . db_prefix("creatures") . " WHERE creaturelevel = '{$session['user']['level']}' AND forest = 1 ORDER BY rand(" . e_rand() . ") LIMIT 1";
            $result = db_query($sql);
            restore_buff_fields();
            if (db_num_rows($result) == 0) {
                // There is nothing in the database to challenge you,
                // let's give you a doppleganger.
                $badguy = array();
                $badguy['creaturename'] = "An evil doppleganger of " . $session['user']['name'];
                $badguy['creatureweapon'] = $session['user']['weapon'];
                $badguy['creaturelevel'] = $session['user']['level'];
                $badguy['creaturegold'] = rand($session['user']['level'] * 15, $session['user']['level'] * 30);
                $badguy['creatureexp'] = round($session['user']['experience'] / 10, 0);
                $badguy['creaturehealth'] = $session['user']['maxhitpoints'];
                $badguy['creatureattack'] = $session['user']['attack'];
                $badguy['creaturedefense'] = $session['user']['defense'];
            } else {
                $badguy = db_fetch_assoc($result);
                require_once "lib/forestoutcomes.php";
                $badguy = buffbadguy($badguy);
            }
            calculate_buff_fields();
            $badguy['playerstarthp'] = $session['user']['hitpoints'];
            $badguy['diddamage'] = 0;
            $badguy['type'] = 'world';
            //debug("Worldmap run.php is debugging badguy");
            //debug($badguy);
            $session['user']['badguy'] = createstring($badguy);
            $battle = true;
        } else {
            // $args = modulehook("count-travels", array('available'=>0, 'used'=>0));
            // $free = max(0, $args['available'] - $args['used']);
            // if (get_module_setting("usestamina")==1){
            // output("`c`nYou think to yourself what a nice day it is.`c`n");
            // } else {
            // output("`c`nYou think to yourself what a nice day it is.`nYou have %s Travel Points remaining.%s`c`n",$free);
            // }
            $free = 100;
            worldmapen_determinenav();
            if (get_module_setting("smallmap")) {
                worldmapen_viewsmallmap();
            }
            if (!$chatoverride) {
                require_once "lib/commentary.php";
                addcommentary();
                $loc = get_module_pref("worldXYZ", "worldmapen");
                viewcommentary("mapchat-" . $loc, "Chat with others who walk this path...", 25);
            }
            worldmapen_viewmapkey(true, false);
            module_display_events(get_module_setting("randevent"), "runmodule.php?module=worldmapen&op=continue");
        }
        $loc = get_module_pref('worldXYZ');
        list($x, $y, $z) = explode(",", $loc);
        $t = worldmapen_getTerrain($x, $y, $z);
        //debug($t);
        if ($t['type'] == "Forest") {
            $shady = true;
        }
    } elseif ($op == "gypsy") {
        $outdoors = false;
        if ($buymap == '') {
            output("`5\"`!Ah, yes.  An adventurer.  I could tell by looking into your eyes,`5\" the gypsy says.`n");
            output("\"`!Many people have lost their way while journeying without a guide such as this.");
            output("It will let you see all the world.`5\"`n");
            output("\"`!Yes, yes.  Let's see...  What sort of price should we put on this?");
            output("Hmm.  How about `^%s`! gold?`5\"", $worldmapCostGold);
            addnav(array("Buy World Map `0(`^%s gold`0)", $worldmapCostGold), "runmodule.php?module=worldmapen&op=gypsy&buymap=yes");
            addnav("Forget it", "village.php");
        } elseif ($buymap == 'yes') {
            if ($session['user']['gold'] < $worldmapCostGold) {
                output("`5\"`!What do you take me for?  A blind hag?  Come back when you have the money`5\"");
                addnav("Leave quickly", "village.php");
            } else {
                output("`5\"`!Enjoy your newfound sight,`5\"  the gypsy says as she walks away to greet some patrons that have just strolled in.");
                $session['user']['gold'] -= $worldmapCostGold;
                set_module_pref("worldmapbuy", 1);
                require_once "lib/villagenav.php";
                villagenav();
            }
        }
    } elseif ($op == "viewmap") {
        worldmapen_determinenav();
        worldmapen_viewmap(true);
        if (is_module_active("medals")) {
            require_once "modules/medals.php";
            medals_award_medal("boughtmap", "Bearer of the Map", "This player purchased the World Map from the Comms Tent!", "medal_islandmap.png");
        }
    } elseif ($op == "camp") {
        if ($session['user']['loggedin']) {
            $session['user']['loggedin'] = 0;
            $session['user']['restorepage'] = "runmodule.php?module=worldmapen&op=wake";
            saveuser();
            invalidatedatacache("charlisthomepage");
            invalidatedatacache("list.php-warsonline");
        }
        $session = array();
        redirect("index.php", "Redirected to Index from World Map");
    } elseif ($op == "wake") {
        if ($session['user']['hitpoints'] > 0) {
            // runmodule.php calls do_forced_nav,
            $session['user']['alive'] = true;
            // and that resets ['alive'], so
        } else {
            // this is from common.php to make sure
            $session['user']['alive'] = false;
            // the player is not half-dead after log-in.
        }
        output("You yawn and stretch and look around your campsite.`n`n");
        output("Ah, how wonderful it is to sleep in the open air!`n");
        output("The world seems full of possibilities today.`n`n");
        checkday();
        worldmapen_determinenav();
        if (get_module_setting("smallmap")) {
            worldmapen_viewsmallmap();
        }
        if (!$chatoverride) {
            require_once "lib/commentary.php";
            addcommentary();
            $loc = get_module_pref("worldXYZ", "worldmapen");
            viewcommentary("mapchat-" . $loc, "Chat with others who walk this path...", 25);
        }
        worldmapen_viewmapkey(true, false);
        $loc = get_module_pref('worldXYZ');
        list($x, $y, $z) = explode(",", $loc);
        $t = worldmapen_getTerrain($x, $y, $z);
        //debug($t);
        if ($t['type'] == "Forest") {
            $shady = true;
        }
    } elseif ($op == "combat") {
        // Okay, we've picked a person to fight.
        require_once "lib/pvpsupport.php";
        $name = httpget("name");
        $badguy = setup_target($name);
        $failedattack = false;
        if ($badguy === false) {
            output("`0`n`nYou survey the area again.`n");
            worldmapen_determinenav();
        } else {
            $battle = true;
            $badguy['type'] = 'pvp';
            //$options['type'] = 'pvp';
            $session['user']['badguy'] = createstring($badguy);
            $session['user']['playerfights']--;
        }
    } elseif ($op == "fight" || $op == "run") {
        if (!$chatoverride && !httpget("frombio")) {
            $battle = true;
        } else {
            worldmapen_determinenav();
            if (get_module_setting("smallmap")) {
                worldmapen_viewsmallmap();
            }
            worldmapen_viewmapkey(true, false);
        }
        // $args = modulehook("count-travels", array('available'=>0,'used'=>0));
        // $free = max(0, $args['available'] - $args['used']);
        // if (get_module_setting("usestamina")==1){
        $free = 100;
        // }
        if ($op == "run" && !$pvp) {
            if (!$chatoverride) {
                if (e_rand(1, 5) < 3 && $free) {
                    // They managed to get away.
                    output("You set off running at a breakneck pace!`n`n");
                    output("A short time later, you have managed to avoid your opponent, so you stop to catch your breath.");
                    $ttoday = get_module_pref("traveltoday", "cities");
                    set_module_pref("traveltoday", $ttoday + 1, "cities");
                    output("As you look around, you realize that all you really managed was to run in circles.");
                    $battle = false;
                    worldmapen_determinenav();
                    if (get_module_setting("smallmap")) {
                        worldmapen_viewsmallmap();
                    }
                    require_once "lib/commentary.php";
                    addcommentary();
                    $loc = get_module_pref("worldXYZ", "worldmapen");
                    viewcommentary("mapchat-" . $loc, "Chat with others who walk this path...", 25);
                    worldmapen_viewmapkey(true, false);
                } else {
                    output("You try to run, but you don't manage to get away!`n");
                    $op = "fight";
                    httpset('op', $op);
                }
            } else {
                if (get_module_setting("smallmap")) {
                    worldmapen_viewsmallmap();
                }
                require_once "lib/commentary.php";
                addcommentary();
                $loc = get_module_pref("worldXYZ", "worldmapen");
                viewcommentary("mapchat-" . $loc, "Chat with others who walk this path...", 25);
                worldmapen_determinenav();
                worldmapen_viewmapkey(true, false);
            }
        } elseif ($op == "run" && $pvp) {
            output("Your pride prevents you from running");
            $op = "fight";
            httpset('op', $op);
        }
        $loc = get_module_pref('worldXYZ');
        list($x, $y, $z) = explode(",", $loc);
        $t = worldmapen_getTerrain($x, $y, $z);
        //debug($t);
        if ($t['type'] == "Forest") {
            $shady = true;
        }
    }
    if ($battle) {
        include_once "battle.php";
        if (isset($enemies) && !$pvp) {
            $badguy =& $enemies;
        }
        if ($victory) {
            if ($pvp) {
                require_once "lib/pvpsupport.php";
                $aliveloc = $badguy['location'];
                pvpvictory($badguy, $aliveloc, $options);
                addnews("`4%s`3 defeated `4%s`3 while they were camped in the wilderness.`0", $session['user']['name'], $badguy['creaturename']);
                $badguy = array();
            } else {
                if (!$chatoverride && !httpget('frombio')) {
                    //is talking
                    require_once "lib/forestoutcomes.php";
                    forestvictory($badguy, false);
                }
            }
            //has just beaten a badguy
            worldmapen_determinenav();
            if (get_module_setting("smallmap")) {
                worldmapen_viewsmallmap();
            }
            if (!$chatoverride) {
                require_once "lib/commentary.php";
                addcommentary();
                $loc = get_module_pref("worldXYZ", "worldmapen");
                viewcommentary("mapchat-" . $loc, "Chat with others who walk this path...", 25);
            }
            worldmapen_viewmapkey(true, false);
        } elseif ($defeat) {
            // Reset the players body to the last city they were in
            $session['user']['location'] = get_module_pref('lastCity');
            if ($pvp) {
                require_once "lib/pvpsupport.php";
                require_once "lib/taunt.php";
                $killedloc = $badguy['location'];
                $taunt = select_taunt();
                pvpdefeat($badguy, $killedloc, $taunt, $options);
                addnews("`4%s`3 was defeated while attacking `4%s`3 as they were camped in the wilderness.`0`n%s", $session['user']['name'], $badguy['creaturename'], $taunt);
            } else {
                require_once "lib/forestoutcomes.php";
                forestdefeat($badguy, "in the wild");
            }
            output("`n`n`&You are sure that someone, sooner or later, will stumble over your corpse and return it to %s`& for you.`0", $session['user']['location']);
        } else {
            require_once "lib/fightnav.php";
            $allow = true;
            $extra = "";
            if ($pvp) {
                $allow = false;
                $extra = "pvp=1&";
            }
            fightnav($allow, $allow, "runmodule.php?module=worldmapen&{$extra}");
        }
    }
    page_footer();
}
    header("Content-Type: text/xml");
    $sql = "select name from " . db_prefix("accounts") . " where hashorse={$id}";
    $r = db_query($sql);
    echo "<xml>";
    while ($row = db_fetch_assoc($r)) {
        echo "<name name=\"";
        echo urlencode(appoencode("`0{$row['name']}"));
        echo "\"/>";
    }
    if (db_num_rows($r) == 0) {
        echo "<name name=\"" . translate_inline("NONE") . "\"/>";
    }
    echo "</xml>";
    exit;
}
check_su_access(SU_EDIT_MOUNTS);
tlschema("mounts");
page_header("Mount Editor");
require_once "lib/superusernav.php";
superusernav();
addnav("Mount Editor");
addnav("Add a mount", "mounts.php?op=add");
if ($op == "deactivate") {
    $sql = "UPDATE " . db_prefix("mounts") . " SET mountactive=0 WHERE mountid='{$id}'";
    db_query($sql);
    $op = "";
    httpset("op", "");
    invalidatedatacache("mountdata-{$id}");
} elseif ($op == "activate") {
    $sql = "UPDATE " . db_prefix("mounts") . " SET mountactive=1 WHERE mountid='{$id}'";
    db_query($sql);