$sql .= "AND login.state != 5 "; } if (Flux::config('HideTempBannedZenyRank')) { $sql .= "AND (login.unban_time IS NULL OR login.unban_time = 0) "; } $groupsLT = AccountLevel::getGroupID((int) Flux::config('RankingHideGroupLevel'), '<'); if (!empty($groupsLT)) { $idsLT = implode(', ', array_fill(0, count($groupsLT), '?')); $sql .= "AND login.group_id IN ({$idsLT})"; $bind = array_merge($bind, $groupsLT); } if ($days = Flux::config('ZenyRankingThreshold')) { $sql .= 'AND TIMESTAMPDIFF(DAY, login.lastlogin, NOW()) <= ? '; $bind[] = $days * 24 * 60 * 60; } $groupsGEQ = AccountLevel::getGroupID((int) $auth->getGroupLevelToHideFromZenyRank, '>='); if (!empty($groupsGEQ)) { $ids = implode(', ', array_fill(0, count($groupsGEQ), '?')); $check1 = "AND login.group_id IN ({$ids})"; $bind = array_merge($bind, $groupsGEQ); } if (!empty($groupsLT)) { $check2 = "OR login.group_id IN ({$idsLT})"; $bind = array_merge($bind, $groupsLT); } // Whether or not the character is allowed to hide themselves from the Zeny Ranking. if (isset($check1) && isset($check2)) { $sql .= "AND (((hide_from_zr.value IS NULL OR hide_from_zr.value = 0) {$check1}) {$check2}) "; } if (!is_null($jobClass)) { $sql .= "AND ch.class = ? ";
$sth->execute(array($accountID)); // Account object. $account = $sth->fetch(); $isMine = false; if ($account) { if ($account->group_id > $session->account->group_id && !$auth->allowedToEditHigherPower) { $this->deny(); } $isMine = $account->account_id == $session->account->account_id; if ($isMine) { $title = Flux::message('AccountEditTitle2'); } else { $title = sprintf(Flux::message('AccountEditTitle3'), $account->userid); } if (count($_POST)) { $groups = AccountLevel::getArray(); $email = trim($params->get('email')); $gender = trim($params->get('gender')); $loginCount = (int) $params->get('logincount'); $birthdate = $params->get('birthdate_date'); $lastLogin = $params->get('lastlogin_date'); $lastIP = trim($params->get('last_ip')); $group_id = (int) $params->get('group_id'); $balance = (int) $params->get('balance'); if ($isMine && $account->group_id != $group_id) { $errorMessage = Flux::message('CannotModifyOwnGroupID'); } elseif ($account->group_id != $group_id && !$auth->allowedToEditAccountGroupID) { $errorMessage = Flux::message('CannotModifyAnyGroupID'); } elseif ($group_id > $session->account->group_id) { $errorMessage = Flux::message('CannotModifyGroupIDHigh'); } elseif (!isset($groups[$group_id])) {
} $sql = "SELECT login.*, {$creditColumns}, {$createColumns} FROM {$server->loginDatabase}.login "; $sql .= "LEFT OUTER JOIN {$server->loginDatabase}.{$creditsTable} AS credits ON login.account_id = credits.account_id "; $sql .= "LEFT OUTER JOIN {$server->loginDatabase}.{$createTable} AS created ON login.account_id = created.account_id "; $sql .= "WHERE login.sex != 'S' AND login.group_id >= 0 AND login.account_id = ? LIMIT 1"; $sth = $server->connection->getStatement($sql); $sth->execute(array($accountID)); // Account object. $account = $sth->fetch(); if ($account) { $title = sprintf(Flux::message('AccountViewTitle2'), $account->userid); } } else { $title = Flux::message('AccountViewTitle3'); } $level = AccountLevel::getGroupLevel($account->group_id); $banSuperior = $account && ($level > $session->account->group_level && $auth->allowedToBanHigherPower || $level <= $session->account->group_level); $canTempBan = !$isMine && $banSuperior && $auth->allowedToTempBanAccount; $canPermBan = !$isMine && $banSuperior && $auth->allowedToPermBanAccount; $tempBanned = $account && $account->unban_time > 0; $permBanned = $account && $account->state == 5; $showTempBan = !$isMine && !$tempBanned && !$permBanned && $auth->allowedToTempBanAccount; $showPermBan = !$isMine && !$permBanned && $auth->allowedToPermBanAccount; $showUnban = !$isMine && ($tempBanned && $auth->allowedToTempUnbanAccount) || $permBanned && $auth->allowedToPermUnbanAccount; if (count($_POST) && $account) { $reason = (string) $params->get('reason'); if ($params->get('tempban') && ($tempBanDate = $params->get('tempban_date'))) { if ($canTempBan) { if ($server->loginServer->temporarilyBan($session->account->account_id, $reason, $account->account_id, $tempBanDate)) { $formattedDate = $this->formatDateTime($tempBanDate); $session->setMessageData("Account has been temporarily banned until {$formattedDate}.");
} $col = "ch.char_id, ch.name AS char_name, ch.class AS char_class, ch.base_level, ch.job_level, "; $col .= "ch.guild_id, guild.name AS guild_name, guild.emblem_len AS guild_emblem_len, "; $col .= "CAST(IFNULL(reg.value, '0') AS UNSIGNED) AS death_count"; $sql = "SELECT {$col} FROM {$server->charMapDatabase}.`char` AS ch "; $sql .= "LEFT JOIN {$server->charMapDatabase}.guild ON guild.guild_id = ch.guild_id "; $sql .= "LEFT JOIN {$server->loginDatabase}.login ON login.account_id = ch.account_id "; $sql .= "LEFT JOIN {$server->charMapDatabase}.`global_reg_value` AS reg ON reg.char_id = ch.char_id AND reg.str = 'PC_DIE_COUNTER' "; $sql .= "WHERE 1=1 "; if (Flux::config('HidePermBannedDeathRank')) { $sql .= "AND login.state != 5 "; } if (Flux::config('HideTempBannedDeathRank')) { $sql .= "AND (login.unban_time IS NULL OR login.unban_time = 0) "; } $groups = AccountLevel::getGroupID((int) Flux::config('RankingHideGroupLevel'), '<'); if (!empty($groups)) { $ids = implode(', ', array_fill(0, count($groups), '?')); $sql .= "AND login.group_id IN ({$ids}) "; $bind = array_merge($bind, $groups); } if ($days = Flux::config('DeathRankingThreshold')) { $sql .= 'AND TIMESTAMPDIFF(DAY, login.lastlogin, NOW()) <= ? '; $bind[] = $days * 24 * 60 * 60; } if (!is_null($jobClass)) { $sql .= "AND ch.class = ? "; $bind[] = $jobClass; } $sql .= "ORDER BY death_count DESC, ch.char_id DESC "; $sql .= "LIMIT " . (int) Flux::config('DeathRankingLimit');
<?php if (!defined('FLUX_ROOT')) { exit; } $bind = array(); $sqlpartial = ''; $chars = array(); $hideGroupLevel = Flux::config('HideFromWhosOnline'); $groups = AccountLevel::getGroupID($hideGroupLevel, '<'); if (!empty($groups)) { $ids = implode(', ', array_fill(0, count($groups), '?')); $sqlpartial .= " where login.group_id IN ({$ids}) "; $bind = array_merge($bind, $groups); } $sqlpartial .= " group by m.kill_char_id"; $sql = "SELECT count(*) AS total FROM {$server->charMapDatabase}.`mvplog` as m inner join `char` as ch ON ch.char_id = `m`.kill_char_id left join login ON `login`.account_id =ch.account_id {$sqlpartial}"; $sth = $server->connection->getStatement($sql); $sth->execute($bind); $sortable = array('name', 'char_id', 'class', 'amount' => 'desc', 'base_level', 'job_level'); $paginator = $this->getPaginator($sth->fetch()->total); $paginator->setSortableColumns($sortable); $col = "ch.name, ch.char_id, class, ch.guild_id, count(3) as amount, base_level, job_level, guild.name as g_name"; $sql = $paginator->getSQL("SELECT {$col} FROM {$server->charMapDatabase}.`mvplog` as m inner join `char` as ch ON ch.char_id = `m`.kill_char_id left join login ON `login`.account_id =ch.account_id left join guild on guild.guild_id=ch.guild_id {$sqlpartial}"); $sth = $server->connection->getStatement($sql); $sth->execute($bind); $chars = $sth->fetchAll();
<?php // Module variables are available in page menus. // However, access group_id checking must be done directly from the page menu. // Minimal access checking such as $auth->actionAllowed('moduleName', 'actionName') should be performed. $groups = AccountLevel::getArray(); $pageMenu = array(); if ((AccountLevel::getGroupLevel($account->group_id) <= $session->account->group_level || $auth->allowedToEditHigherPower) && $auth->actionAllowed('account', 'edit')) { $pageMenu[Flux::message('ModifyAccountLink')] = $this->url('account', 'edit', array('id' => $account->account_id)); } return $pageMenu;
if (!$groupName || !($loginAthenaGroup = Flux::getServerGroupByName($groupName))) { $loginAthenaGroup = $session->loginAthenaGroup; } $sql = "SELECT account_id, user_pass, group_id FROM {$loginAthenaGroup->loginDatabase}.login WHERE "; if ($loginAthenaGroup->loginServer->config->getNoCase()) { $sql .= 'LOWER(userid) = LOWER(?) '; } else { $sql .= 'BINARY userid = ? '; } $sql .= "AND email = ? AND state = 0 AND sex IN ('M', 'F') LIMIT 1"; $sth = $loginAthenaGroup->connection->getStatement($sql); $sth->execute(array($userid, $email)); $row = $sth->fetch(); if ($row) { $groups = AccountLevel::getArray(); if (AccountLevel::getGroupLevel($row->group_id) >= Flux::config('NoResetPassGroupLevel')) { $errorMessage = Flux::message('ResetPassDisallowed'); } else { $code = md5(rand() + $row->account_id); $sql = "INSERT INTO {$loginAthenaGroup->loginDatabase}.{$resetPassTable} "; $sql .= "(code, account_id, old_password, request_date, request_ip, reset_done) "; $sql .= "VALUES (?, ?, ?, NOW(), ?, 0)"; $sth = $loginAthenaGroup->connection->getStatement($sql); $res = $sth->execute(array($code, $row->account_id, $row->user_pass, $_SERVER['REMOTE_ADDR'])); if ($res) { require_once 'Flux/Mailer.php'; $name = $loginAthenaGroup->serverName; $link = $this->url('account', 'resetpw', array('_host' => true, 'code' => $code, 'account' => $row->account_id, 'login' => $name)); $mail = new Flux_Mailer(); $sent = $mail->send($email, 'Reset Password', 'resetpass', array('AccountUsername' => $userid, 'ResetLink' => htmlspecialchars($link))); }
/** * Initialize session data. * * @param bool $force * @return bool * @access private */ private function initialize($force = false) { $keysToInit = array('username', 'serverName', 'athenaServerName', 'securityCode'); foreach ($keysToInit as $key) { if ($force || !$this->{$key}) { $method = ucfirst($key); $method = "set{$method}Data"; $this->{$method}(null); } } $loggedIn = true; if (!$this->username) { $loggedIn = false; $cfgAthenaServerName = Flux::config('DefaultCharMapServer'); $cfgLoginAthenaGroup = Flux::config('DefaultLoginGroup'); if (Flux::getServerGroupByName($cfgLoginAthenaGroup)) { $this->setServerNameData($cfgLoginAthenaGroup); } else { $defaultServerName = current(array_keys(Flux::$loginAthenaGroupRegistry)); $this->setServerNameData($defaultServerName); } } if ($this->serverName && ($this->loginAthenaGroup = Flux::getServerGroupByName($this->serverName))) { $this->loginServer = $this->loginAthenaGroup->loginServer; if (!$loggedIn && $cfgAthenaServerName && $this->getAthenaServer($cfgAthenaServerName)) { $this->setAthenaServerNameData($cfgAthenaServerName); } if (!$this->athenaServerName || (!$loggedIn && !$this->getAthenaServer($cfgAthenaServerName) || !$this->getAthenaServer($this->athenaServerName))) { $this->setAthenaServerNameData(current($this->getAthenaServerNames())); } } // Get new account data every request. if ($this->loginAthenaGroup && $this->username && ($account = $this->getAccount($this->loginAthenaGroup, $this->username))) { $this->account = $account; $this->account->group_level = AccountLevel::getGroupLevel($account->group_id); // Automatically log out of account when detected as banned. $permBan = $account->state == 5 && !Flux::config('AllowPermBanLogin'); $tempBan = $account->unban_time > 0 && $account->unban_time < time() && !Flux::config('AllowTempBanLogin'); if ($permBan || $tempBan) { $this->logout(); } } else { $this->account = new Flux_DataObject(null, array('group_level' => AccountLevel::UNAUTH)); } //if (!$this->isLoggedIn()) { // $this->setServerNameData(null); // $this->setAthenaServerNameData(null); //} if (!is_array($this->cart)) { $this->setCartData(array()); } if ($this->account->account_id && $this->loginAthenaGroup) { if (!array_key_exists($this->loginAthenaGroup->serverName, $this->cart)) { $this->cart[$this->loginAthenaGroup->serverName] = array(); } foreach ($this->getAthenaServerNames() as $athenaServerName) { $athenaServer = $this->getAthenaServer($athenaServerName); $cartArray =& $this->cart[$this->loginAthenaGroup->serverName]; $accountID = $this->account->account_id; if (!array_key_exists($accountID, $cartArray)) { $cartArray[$accountID] = array(); } if (!array_key_exists($athenaServerName, $cartArray[$accountID])) { $cartArray[$accountID][$athenaServerName] = new Flux_ItemShop_Cart(); } $cartArray[$accountID][$athenaServerName]->setAccount($this->account); $athenaServer->setCart($cartArray[$accountID][$athenaServerName]); } } return true; }