public function sendPersonal()
{
if ((int) in('target_id')) {
$target_id = (int) in('target_id');
} else {
if (in('to')) {
$target_id = get_user_id(in('to'));
} else {
$target_id = null;
}
}
if ($target_id) {
Message::create(['send_from' => self_char_id(), 'send_to' => $target_id, 'message' => in('message', null, null), 'type' => 0]);
$recipient = get_char_name($target_id);
return new RedirectResponse('/messages.php?command=personal&individual_or_clan=1&message_sent_to=' . url($recipient) . '&informational=' . url('Message sent to ' . $recipient . '.'));
} else {
return new RedirectResponse('/messages.php?command=personal&error=' . url('No such ninja to message.'));
}
}
/**
*
* @param int $p_leaderID
* @param String $p_clanName
* @return Clan
*/
public static function createClan($p_leaderID, $p_clanName)
{
DatabaseConnection::getInstance();
$p_clanName = trim($p_clanName);
$result = DatabaseConnection::$pdo->query("SELECT nextval('clan_clan_id_seq')");
$newClanID = $result->fetchColumn();
$statement = DatabaseConnection::$pdo->prepare('INSERT INTO clan (clan_id, clan_name, clan_founder) VALUES (:clanID, :clanName, :leader)');
$statement->bindValue(':clanID', $newClanID);
$statement->bindValue(':clanName', $p_clanName);
$statement->bindValue(':leader', get_char_name($p_leaderID));
$statement->execute();
$statement = DatabaseConnection::$pdo->prepare('INSERT INTO clan_player (_player_id, _clan_id, member_level) VALUES (:leader, :clanID, 2)');
$statement->bindValue(':clanID', $newClanID);
$statement->bindValue(':leader', $p_leaderID);
$statement->execute();
return new Clan($newClanID, $p_clanName);
}
function char_mail(&$sqlr, &$sqlc)
{
global $output, $lang_global, $lang_char, $lang_mail, $realm_id, $realm_db, $mmfpm_db, $characters_db, $action_permission, $user_lvl, $user_name, $item_datasite, $itemperpage;
if (empty($_GET['id'])) {
error($lang_global['empty_fields']);
}
// this is multi realm support, as of writing still under development
// this page is already implementing it
if (empty($_GET['realm'])) {
$realmid = $realm_id;
} else {
$realmid = $sqlr->quote_smart($_GET['realm']);
if (is_numeric($realmid)) {
$sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']);
} else {
$realmid = $realm_id;
}
}
$id = $sqlc->quote_smart($_GET['id']);
if (is_numeric($id)) {
} else {
$id = 0;
}
//==========================$_GET and SECURE=================================
$start = isset($_GET['start']) ? $sqlc->quote_smart($_GET['start']) : 0;
if (is_numeric($start)) {
} else {
$start = 0;
}
$order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : 'id';
if (preg_match('/^[_[:lower:]]{1,12}$/', $order_by)) {
} else {
$order_by = 'id';
}
$dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 1;
if (preg_match('/^[01]{1}$/', $dir)) {
} else {
$dir = 1;
}
$order_dir = $dir ? 'ASC' : 'DESC';
$dir = $dir ? 0 : 1;
//==========================$_GET and SECURE end=============================
// getting character data from database
$result = $sqlc->query('SELECT account, name, race, class, level, gender
FROM characters WHERE guid = ' . $id . ' LIMIT 1');
if ($sqlc->num_rows($result)) {
$char = $sqlc->fetch_assoc($result);
// we get user permissions first
$owner_acc_id = $sqlc->result($result, 0, 'account');
$result = $sqlr->query('SELECT gmlevel, username FROM account WHERE id = ' . $char['account'] . '');
$owner_gmlvl = $sqlr->result($result, 0, 'gmlevel');
$owner_name = $sqlr->result($result, 0, 'username');
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
//------------------------Character Tabs---------------------------------
// we start with a lead of 10 spaces,
// because last line of header is an opening tag with 8 spaces
// keep html indent in sync, so debuging from browser source would be easy to read
$output .= '
<center>
<div id="tab_content">
<div id="tab">
<ul>
<li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li>
<li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['inventory'] . '</a></li>
<li><a href="char_extra.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['extra'] . '</a></li>
' . ($char['level'] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['talents'] . '</a></li>') . '
<li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['achievements'] . '</a></li>
<li><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['reputation'] . '</a></li>
<li><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['skills'] . '</a></li>
<li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['quests'] . '</a></li>';
if (char_get_class_name($char['class']) === 'Hunter') {
$output .= '
<li><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['pets'] . '</a></li>';
}
$output .= '
<li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['friends'] . '</a></li>
<li><a href="char_spell.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['spells'] . '</a></li>
</ul>
<ul>';
// selected char tab at last
$output .= '
<li id="selected"><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['mail'] . '</a></li>';
$output .= '
</ul>
</div>
<div id="tab_content2">
<font class="bold">
' . htmlentities($char['name']) . ' -
<img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif"
onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />
<img src="img/c_icons/' . $char['class'] . '.gif"
onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . '
</font>
<br /><br />
<table class="lined" style="width: 100%">';
//---------------Page Specific Starts Ends here----------------------------
$query = $sqlc->query('SELECT a.id as id, a.messageType as messagetype, a.sender as sender,
a.subject as subject, a.itemTextId as itemtextid, a.has_items as hasitems, a.money as money, a.cod as cod, a.checked as checked,
b.item_template as itemtemplate
FROM mail a INNER JOIN mail_items b ON a.id = b.mail_id where a.receiver = ' . $id . ' LIMIT ' . $start . ', ' . $itemperpage . '');
$total_mail = $sqlc->result($sqlc->query('SELECT count(*) FROM mail WHERE receiver= ' . $id . ''), 0);
$output .= '
<tr>
<td align="left">
Total Mails: ' . $total_mail . '
</td>
<td align="right" width="45%">';
$output .= generate_pagination('char_mail.php?start=' . $start . '&order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1), $total_mail, $itemperpage, $start);
$output .= '
</td>
</table>
<table class="lined" style="width: 100%">
<tr>
<th width="5%">' . $lang_mail['mail_type'] . '</th>
<th width="10%">' . $lang_mail['sender'] . '</th>
<th width="15%">' . $lang_mail['subject'] . '</th>
<th width="5%">' . $lang_mail['has_items'] . '</th>
<th width="25%">' . $lang_mail['text'] . '</th>
<th width="20%">' . $lang_mail['money'] . '</th>
<th width="5%">' . $lang_mail['checked'] . '</th>
</tr>';
while ($mail = $sqlc->fetch_assoc($query)) {
$output .= '
<tr valign=top>
<td>' . get_mail_source($mail['messagetype']) . '</td>
<td><a href="char.php?id=' . $mail['sender'] . '">' . get_char_name($mail['sender']) . '</a></td>
<td>' . $mail['subject'] . '</td>
<td>
<a style="padding:2px;" href="' . $item_datasite . $mail['itemtemplate'] . '" target="_blank">
<img class="bag_icon" src="' . get_item_icon($mail['itemtemplate'], $sqlm) . '" alt="" />
</a>
</td>
<td>' . get_mail_text($mail['itemtextid']) . '</td>
<td>
' . substr($mail['money'], 0, -4) . '<img src="img/gold.gif" alt="" align="middle" />
' . substr($mail['money'], -4, 2) . '<img src="img/silver.gif" alt="" align="middle" />
' . substr($mail['money'], -2) . '<img src="img/copper.gif" alt="" align="middle" />
</td>
<td>' . get_check_state($mail['checked']) . '</td>
</tr>';
}
//---------------Page Specific Data Ends here----------------------------
//---------------Character Tabs Footer-----------------------------------
$output .= '
</table>
</div>
<br />
<table class="hidden">
<tr>
<td>';
// button to user account page, user account page has own security
makebutton($lang_char['chars_acc'], 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130);
$output .= '
</td>
<td>';
// only higher level GM with delete access can edit character
// character edit allows removal of character items, so delete permission is needed
if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete']) {
makebutton($lang_char['edit_button'], 'char_edit.php?id=' . $id . '&realm=' . $realmid . '', 130);
$output .= '
</td>
<td>';
}
// only higher level GM with delete access, or character owner can delete character
if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete'] || $owner_name === $user_name) {
makebutton($lang_char['del_char'], 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130);
$output .= '
</td>
<td>';
}
// only GM with update permission can send mail, mail can send items, so update permission is needed
if ($user_lvl >= $action_permission['update']) {
makebutton($lang_char['send_mail'], 'mail.php?type=ingame_mail&to=' . $char['name'] . '', 130);
$output .= '
</td>
<td>';
}
makebutton($lang_global['back'], 'javascript:window.history.back()" type="def', 130);
$output .= '
</td>
</tr>
</table>
<br />
</center>
<!-- end of char_mail.php -->';
} else {
error($lang_char['no_permission']);
}
} else {
error($lang_char['no_char_found']);
}
}
function search()
{
global $lang_global, $lang_mail, $output, $itemperpage, $item_datasite, $mangos_db, $characters_db, $realm_id, $sql_search_limit;
wowhead_tt();
if (!isset($_GET['search_value']) || !isset($_GET['search_by'])) {
redirect("mail_on.php?error=2");
}
$sql = new SQL();
$sql->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
$search_value = $sql->quote_smart($_GET['search_value']);
$search_by = $sql->quote_smart($_GET['search_by']);
$search_menu = array('sender', 'receiver');
// if (!array_key_exists($search_by, $search_menu)) $search_by = 'sender';
$start = isset($_GET['start']) ? $sql->quote_smart($_GET['start']) : 0;
$order_by = isset($_GET['order_by']) ? $sql->quote_smart($_GET['order_by']) : "id";
$dir = isset($_GET['dir']) ? $sql->quote_smart($_GET['dir']) : 1;
$order_dir = $dir ? "ASC" : "DESC";
$dir = $dir ? 0 : 1;
if ($search_value == '') {
$search_by .= ' != 0';
} else {
$temp = $sql->query("SELECT guid FROM `characters` WHERE name like '%{$search_value}%'");
$search_value = $sql->result($temp, 0, 'guid');
$search_by .= ' =' . $search_value;
}
$query_1 = $sql->query("SELECT count(*) FROM `mail`");
$query = $sql->query("SELECT a.id, a.messageType, a.sender, a.receiver, a.subject, a.body, a.has_items, a.money, a.cod, a.checked, b.item_template\r\n FROM mail a\r\n LEFT JOIN mail_items b ON a.id = b.mail_id\r\n WHERE {$search_by}\r\n ORDER BY {$order_by} {$order_dir} LIMIT {$start}, {$itemperpage}");
$this_page = $sql->num_rows($query);
$all_record = $sql->result($query_1, 0);
$total_found = $sql->num_rows($query);
//==========================top page navigation starts here========================
$output .= "<center><table class=\"top_hidden\">\r\n <tr><td>\r\n <table class=\"hidden\">\r\n <tr><td>\r\n <form action=\"mail_on.php\" method=\"get\" name=\"form\">\r\n <input type=\"hidden\" name=\"action\" value=\"search\" />\r\n <input type=\"hidden\" name=\"error\" value=\"4\" />\r\n <input type=\"text\" size=\"45\" name=\"search_value\" />\r\n <select name=\"search_by\">\r\n <option value=\"a.sender\">Sender</option>\r\n <option value=\"a.receiver\">Receiver</option>\r\n </select></form></td><td>";
makebutton($lang_global['search'], "javascript:do_submit()", 80);
$output .= "</td></tr></table>\r\n <td align=\"right\">";
$output .= generate_pagination("mail_on.php?action=search&order_by={$order_by}&dir=" . !$dir, $all_record, $itemperpage, $start);
$output .= "</td></tr></table>";
//==========================top page navigation ENDS here ========================
$output .= "<table class=\"lined\">\r\n <tr>\r\n <th width=\"5%\">" . $lang_mail['id'] . "</th>\r\n <th width=\"5%\">" . $lang_mail['mail_type'] . "</th>\r\n <th width=\"10%\">" . $lang_mail['sender'] . "</th>\r\n <th width=\"10%\">" . $lang_mail['receiver'] . "</th>\r\n <th width=\"15%\">" . $lang_mail['subject'] . "</th>\r\n <th width=\"5%\">" . $lang_mail['has_items'] . "</th>\r\n <th width=\"25%\">" . $lang_mail['text'] . "</th>\r\n <th width=\"20%\">" . $lang_mail['money'] . "</th>\r\n <th width=\"5%\">" . $lang_mail['checked'] . "</th>\r\n </tr>";
while ($mail = $sql->fetch_array($query)) {
$g = floor($mail[7] / 10000);
$mail[7] -= $g * 10000;
$s = floor($mail[7] / 100);
$mail[7] -= $s * 100;
$c = $mail[7];
$money = "";
if ($mail[7] > 0) {
$money = $g . "<img src=\"./img/gold.gif\" /> " . $s . "<img src=\"./img/silver.gif\" /> " . $c . "<img src=\"./img/copper.gif\" /> ";
}
$output .= "<tr valign=top>\r\n <td>{$mail['0']}</td>\r\n <td>" . get_mail_source($mail[1]) . "</td>\r\n <td><a href=\"char.php?id={$mail['2']}\">" . get_char_name($mail[2]) . "</a></td>\r\n <td><a href=\"char.php?id={$mail['3']}\">" . get_char_name($mail[3]) . "</a></td>\r\n <td>{$mail['4']}</td>\r\n ";
$output .= "<td>";
if ($mail[6]) {
$output .= "\r\n <a style=\"padding:2px;\" href=\"{$item_datasite}{$mail[10]}\" target=\"_blank\">\r\n <img class=\"bag_icon\" src=\"" . get_item_icon($mail[10]) . "\" alt=\"\" />\r\n </a>";
}
//maketooltip("<img src=\"./img/up.gif\" alt=\"\">", $item_datasite{$mail[10]}, $mail[10], "item_tooltip", "target=\"_blank\"");
$output .= "</td>";
$output .= "<td>" . get_mail_text($mail[0]) . "</td>\r\n <td>{$money}</td>\r\n <td>" . get_check_state($mail[9]) . "</td>\r\n </tr>";
}
/*--------------------------------------------------*/
$output .= "<tr><td colspan=\"6\" class=\"hidden\" align=\"right\">All Mails: {$all_record}</td></tr>\r\n </table></center>";
$sql->close();
}
function char_mail(&$sqlr, &$sqlc)
{
global $output, $lang_global, $lang_char, $lang_mail, $realm_id, $realm_db, $mmfpm_db, $characters_db, $action_permission, $user_lvl, $user_name, $item_datasite, $itemperpage;
// this page uses wowhead tooltops
wowhead_tt();
//==========================$_GET and SECURE=================================
// id and multi realm security to prevent sql injection
require_once './include/char/include/char_multi_realm_security.php';
$start = isset($_GET['start']) ? $sqlc->quote_smart($_GET['start']) : 0;
if (is_numeric($start)) {
} else {
$start = 0;
}
$order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : 'id';
if (preg_match('/^[_[:lower:]]{1,12}$/', $order_by)) {
} else {
$order_by = 'id';
}
$dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 1;
if (preg_match('/^[01]{1}$/', $dir)) {
} else {
$dir = 1;
}
$order_dir = $dir ? 'ASC' : 'DESC';
$dir = $dir ? 0 : 1;
//==========================$_GET and SECURE end=============================
// getting character data from database
$result = $sqlc->query('
SELECT account, name, race, class, gender, level
FROM characters
WHERE guid = ' . $id . '
LIMIT 1');
// no point going further if character does not exist
if ($sqlc->num_rows($result)) {
$char = $sqlc->fetch_assoc($result);
// we get user permissions first
$owner_acc_id = $sqlc->result($result, 0, 'account');
$result = $sqlr->query('
SELECT gmlevel, username
FROM account
WHERE id = ' . $char['account'] . '');
$owner_gmlvl = $sqlr->result($result, 0, 'gmlevel');
$owner_name = $sqlr->result($result, 0, 'username');
// check user permission
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
// character sub header
$output .= '
<center>
<div id="tab_content">
<h1>' . $lang_char['mail'] . '</h1>
<br />';
// character menu tab
require_once './include/char/include/char_header.php';
// character info
require_once './include/char/include/char_info.php';
//---------------Page Specific Data Starts Here--------------------------
$output .= '
<div id="tab_content2">
<table class="lined" style="width: 100%">';
$query = $sqlc->query('
SELECT a.id as id, a.messageType as messagetype, a.sender as sender,
a.subject as subject, a.body as body, a.has_items as hasitems, a.money as money, a.cod as cod, a.checked as checked,
b.item_template as itemtemplate
FROM mail a
INNER JOIN mail_items b ON a.id = b.mail_id
WHERE a.receiver = ' . $id . '
LIMIT ' . $start . ', ' . $itemperpage . '');
$total_mail = $sqlc->result($sqlc->query('
SELECT count(*)
FROM mail
WHERE receiver= ' . $id . ''), 0);
$output .= '
<tr>
<td align="left">
Total Mails: ' . $total_mail . '
</td>
<td align="right" width="45%">';
$output .= generate_pagination('char_mail.php?start=' . $start . '&order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1), $total_mail, $itemperpage, $start);
$output .= '
</td>
</tr>
</table>
<table class="lined" style="width: 100%">
<tr>
<th width="5%">' . $lang_mail['mail_type'] . '</th>
<th width="10%">' . $lang_mail['sender'] . '</th>
<th width="15%">' . $lang_mail['subject'] . '</th>
<th width="5%">' . $lang_mail['has_items'] . '</th>
<th width="25%">' . $lang_mail['text'] . '</th>
<th width="20%">' . $lang_mail['money'] . '</th>
<th width="5%">' . $lang_mail['checked'] . '</th>
</tr>';
while ($mail = $sqlc->fetch_assoc($query)) {
$output .= '
<tr valign=top>
<td>' . get_mail_source($mail['messagetype']) . '</td>
<td><a href="char.php?id=' . $mail['sender'] . '">' . get_char_name($mail['sender']) . '</a></td>
<td>' . $mail['subject'] . '</td>
<td>
<a style="padding:2px;" href="' . $item_datasite . $mail['itemtemplate'] . '" target="_blank">
<img class="bag_icon" src="' . get_item_icon($mail['itemtemplate'], $sqlm) . '" alt="" />
</a>
</td>
<td>' . $mail['body'] . '</td>
<td>
' . substr($mail['money'], 0, -4) . '<img src="img/gold.gif" alt="" align="middle" />
' . substr($mail['money'], -4, -2) . '<img src="img/silver.gif" alt="" align="middle" />
' . substr($mail['money'], -2) . '<img src="img/copper.gif" alt="" align="middle" />
</td>
<td>' . get_check_state($mail['checked']) . '</td>
</tr>';
}
$output .= '
</table>
</div>
</div>
<br />';
//---------------Page Specific Data Ends here----------------------------
// character sub footer
require_once './include/char/include/char_ footer.php';
$output .= '
<br />
</center>';
} else {
error($lang_char['no_permission']);
}
} else {
error($lang_char['no_char_found']);
}
}
/**
* ????
*
* @todo Simplify this invite system.
* @param int $user_id
* @param int $clan_id
* @return void
*/
private function sendClanJoinRequest($user_id, $clan_id)
{
DatabaseConnection::getInstance();
$clan_obj = new Clan($clan_id);
$leader = $clan_obj->getLeaderInfo();
$leader_id = $leader['player_id'];
$username = get_char_name($user_id);
$confirmStatement = DatabaseConnection::$pdo->prepare('SELECT verification_number FROM players WHERE player_id = :user');
$confirmStatement->bindValue(':user', $user_id);
$confirmStatement->execute();
$confirm = $confirmStatement->fetchColumn();
// These ampersands get encoded later.
$url = "[href:clan/review/?joiner={$user_id}&confirmation={$confirm}|Confirm Request]";
$join_request_message = 'CLAN JOIN REQUEST: ' . htmlentities($username) . " has sent a request to join your clan.\n If you wish to allow this ninja into your clan click the following link:\n {$url}";
Message::create(['send_from' => $user_id, 'send_to' => $leader_id, 'message' => $join_request_message, 'type' => 0]);
}
<?php
if ($icon = $this->iconImage($char->nameid)) {
}
?>
<td width="24"><img src="<?php
echo htmlspecialchars($icon);
?>
?nocache=<?php
echo rand();
?>
" /></td>
<td>
<?php
$nick = "";
if ($char->card0 == 254) {
$nick_just = get_char_name($char->card2, $server);
$nick = "<span style='color: blue;'>{$nick_just}'s</span> ";
}
echo $nick . $vvs;
echo $this->linkToItem($char->nameid, get_item_name($char->nameid, $server));
?>
</td>
<td>
<?php
echo number_format($char->amount);
?>
</td>
<td>
<?php
echo number_format($char->price);
?>
function groups(&$sqlc)
{
global $output, $lang_group, $itemperpage;
$start = isset($_GET['start']) ? $sqlw->quote_smart($_GET['start']) : 0;
if (is_numeric($start)) {
} else {
$start = 0;
}
$order_by = isset($_GET['order_by']) ? $sqlw->quote_smart($_GET['order_by']) : 'groupId';
if (preg_match('/^[_[:lower:]]{1,11}$/', $order_by)) {
} else {
$order_by = 'groupId';
}
$dir = isset($_GET['dir']) ? $sqlw->quote_smart($_GET['dir']) : 1;
if (preg_match('/^[01]{1}$/', $dir)) {
} else {
$dir = 1;
}
$order_dir = $dir ? 'ASC' : 'DESC';
$dir = $dir ? 0 : 1;
// for multipage support
$all_record = $sqlc->result($sqlc->query('SELECT count(*) FROM groups'), 0);
// main data that we need for this page, instances
$result = $sqlc->query('
SELECT groupId, leaderGuid, mainTank, mainAssistant, lootMethod, groupType, difficulty, raiddifficulty
FROM groups
ORDER BY ' . $order_by . ' ' . $order_dir . '
LIMIT ' . $start . ', ' . $itemperpage . ';');
$output .= '
<center>
<table class="top_hidden">
<tr>
<td width="25%" align="right">';
// multi page links
$output .= '
' . $lang_group['tot_group'] . ': ' . $all_record . '<br /><br />' . generate_pagination('groups.php?order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1), $all_record, $itemperpage, $start);
// column headers, with links for sorting
$output .= '
</td>
</tr>
</table>
<table class="lined">
<tr>
<th width="1%"><a href="groups.php?order_by=groupId&start=' . $start . '&dir=' . $dir . '"' . ($order_by === 'groupId' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_group['id'] . '</a></th>
<th width="10%"><a href="groups.php?order_by=leaderGuid&start=' . $start . '&dir=' . $dir . '"' . ($order_by === 'leaderGuid' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_group['leader'] . '</a></th>
<th width="10%"><a href="groups.php?order_by=mainTank&start=' . $start . '&dir=' . $dir . '"' . ($order_by === 'mainTank' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_group['mtank'] . '</a></th>
<th width="10%"><a href="groups.php?order_by=mainAssistant&start=' . $start . '&dir=' . $dir . '"' . ($order_by === 'mainAssistant' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_group['massistant'] . '</a></th>
<th width="10%"><a href="groups.php?order_by=lootMethod&start=' . $start . '&dir=' . $dir . '"' . ($order_by === 'lootMethod' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_group['loot'] . '</a></th>
<th width="10%"><a href="groups.php?order_by=groupType&start=' . $start . '&dir=' . $dir . '"' . ($order_by === 'groupType' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_group['type'] . '</a></th>
</tr>';
while ($groups = $sqlc->fetch_assoc($result)) {
$output .= '
<tr valign="top">
<td><a href="groups.php?action=party&id=' . $groups['groupId'] . '">' . $groups['groupId'] . '</td>
<td>' . get_char_name($groups['leaderGuid']) . '</td>
<td>' . get_char_name($groups['mainTank']) . '</td>
<td>' . get_char_name($groups['mainAssistant']) . '</td>
<td>' . get_loot_method($groups['lootMethod']) . '</td>
<td>' . get_group_type($groups['groupType']) . '</td>
</tr>';
}
unset($groups);
unset($result);
$output .= '
<tr>
</table>
<table class="top_hidden">
<tr>
<td width="25%" align="right">';
// multi page links
$output .= '
' . $lang_group['tot_group'] . ': ' . $all_record . '<br /><br />' . generate_pagination('groups.php?order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1), $all_record, $itemperpage, $start);
unset($start);
// column headers, with links for sorting
$output .= '
</td>
</tr>
</table>
</center>';
}
$clan = ClanFactory::clanOfMember($ninja);
$has_clan = $clan ? true : false;
$page = in('page', 1, 'non_negative_int');
$limit = 25;
$offset = non_negative_int(($page - 1) * $limit);
$delete = in('delete');
$informational = in('informational');
$type = in('type');
// Clan chat or normal messages.
$type = restrict_to($type, array(0, 1));
$message_sent_to = null;
// Names or name to display.
$message_to = null;
// strings clan or individual if sent to those respectively.
if ($target_id) {
$to = get_char_name($target_id);
}
set_setting('last_messaged', $to);
switch (true) {
case $command == 'clan' && $_POST:
$messages_type = 'clan';
$current_tab = 'clan';
$type = 1;
break;
case $command == 'clan':
$messages_type = 'clan';
$current_tab = 'clan';
$type = 1;
break;
case $command == 'personal' && $_POST:
// Try to send
function get_username($char_id = null)
{
if (defined('DEBUG') && DEBUG && $char_id === null) {
nw_error('Deprecated call to get_char_name(null) with a null argument. For clarity reasons, this is now deprecated, use self_name() instead.');
}
return get_char_name($char_id);
}
function char_mail(&$sqlr, &$sqlc)
{
global $output, $lang_global, $lang_char, $lang_mail, $realm_id, $realm_db, $mmfpm_db, $characters_db, $action_permission, $user_lvl, $user_name, $item_datasite, $itemperpage;
require_once 'core/char/char_security.php';
//==========================$_GET and SECURE=================================
$start = isset($_GET['start']) ? $sqlc->quote_smart($_GET['start']) : 0;
if (is_numeric($start)) {
} else {
$start = 0;
}
$order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : 'id';
if (preg_match('/^[_[:lower:]]{1,12}$/', $order_by)) {
} else {
$order_by = 'id';
}
$dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 1;
if (preg_match('/^[01]{1}$/', $dir)) {
} else {
$dir = 1;
}
$order_dir = $dir ? 'ASC' : 'DESC';
$dir = $dir ? 0 : 1;
//==========================$_GET and SECURE end=============================
// getting character data from database
$result = $sqlc->query('SELECT account, name, race, class, level, gender
FROM characters WHERE guid = ' . $id . ' LIMIT 1');
if ($sqlc->num_rows($result)) {
$char = $sqlc->fetch_assoc($result);
// we get user permissions first
$owner_acc_id = $sqlc->result($result, 0, 'account');
$result = $sqlr->query('SELECT `username`, `gmlevel` FROM `account` LEFT JOIN `account_access` ON `account`.`id`=`account_access`.`id` WHERE `account`.`id` = ' . $owner_acc_id . ' ORDER BY `gmlevel` DESC LIMIT 1');
$owner_name = $sqlr->result($result, 0, 'username');
$owner_gmlvl = $sqlr->result($result, 0, 'gmlevel');
if (empty($owner_gmlvl)) {
$owner_gmlvl = 0;
}
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
//------------------------Character Tabs---------------------------------
// we start with a lead of 10 spaces,
// because last line of header is an opening tag with 8 spaces
// keep html indent in sync, so debuging from browser source would be easy to read
$output .= '
<center>
<div id="tab_content">
<h1>' . $lang_char['mail'] . '</h1>
<br />';
require_once 'core/char/char_header.php';
$output .= '
<br /><br />
<table class="lined" style="width: 100%">';
//---------------Page Specific Starts Ends here----------------------------
$query = $sqlc->query('SELECT a.id as id, a.messageType as messagetype, a.sender as sender,
a.subject as subject, a.body as body, a.has_items as hasitems, a.money as money, a.cod as cod, a.checked as checked,
b.item_guid as itemtemplate, c.itemEntry
FROM mail a INNER JOIN mail_items b ON a.id = b.mail_id LEFT JOIN item_instance c ON b.item_guid = c.guid where a.receiver = ' . $id . ' LIMIT ' . $start . ', ' . $itemperpage . '');
$total_mail = $sqlc->result($sqlc->query('SELECT count(*) FROM mail WHERE receiver= ' . $id . ''), 0);
$output .= '
<tr>
<td align="left">
Total Mails: ' . $total_mail . '
</td>
<td align="right" width="45%">';
$output .= generate_pagination('char_mail.php?start=' . $start . '&order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1), $total_mail, $itemperpage, $start);
$output .= '
</td>
</tr>
</table>
<table class="lined" style="width: 100%">
<tr>
<th width="5%">' . $lang_mail['mail_type'] . '</th>
<th width="10%">' . $lang_mail['sender'] . '</th>
<th width="15%">' . $lang_mail['subject'] . '</th>
<th width="5%">' . $lang_mail['has_items'] . '</th>
<th width="25%">' . $lang_mail['text'] . '</th>
<th width="20%">' . $lang_mail['money'] . '</th>
<th width="5%">' . $lang_mail['checked'] . '</th>
</tr>';
while ($mail = $sqlc->fetch_assoc($query)) {
$output .= '
<tr valign=top>
<td>' . get_mail_source($mail['messagetype']) . '</td>
<td><a href="char.php?id=' . $mail['sender'] . '">' . get_char_name($mail['sender']) . '</a></td>
<td>' . $mail['subject'] . '</td>
<td>
<a style="padding:2px;" href="' . $item_datasite . $mail['itemEntry'] . '" target="_blank">
<img class="bag_icon" src="' . get_item_icon($mail['itemEntry'], $sqlm) . '" alt="" />
</a>
</td>
<td>' . $mail['body'] . '</td>
<td>
' . substr($mail['money'], 0, -4) . '<img src="img/gold.gif" alt="" align="middle" />
' . substr($mail['money'], -4, 2) . '<img src="img/silver.gif" alt="" align="middle" />
' . substr($mail['money'], -2) . '<img src="img/copper.gif" alt="" align="middle" />
</td>
<td>' . get_check_state($mail['checked']) . '</td>
</tr>';
}
//---------------Page Specific Data Ends here----------------------------
//---------------Character Tabs Footer-----------------------------------
$output .= '
</table>
</div>
<br />';
require_once 'core/char/char_footer.php';
$output .= '
<br />
</center>
<!-- end of char_mail.php -->';
} else {
error($lang_char['no_permission']);
}
} else {
error($lang_char['no_char_found']);
}
}
public function kick()
{
$kicker = new Player(self_char_id());
$clan = ClanFactory::clanOfMember($kicker);
$kicked = in('kicked', '');
$kicked_name = get_char_name($kicked);
if (!$this->playerIsLeader($kicker, $clan)) {
throw new Exception('You may not kick members from a clan you are not a leader of.');
}
$clan->kickMember($kicked, $kicker);
return $this->render(['action_message' => "You have removed {$kicked_name} from your clan", 'title' => 'Manage your clan', 'clan' => $clan, 'pageParts' => ['manage', 'info', 'member-list']]);
}