function start()
{
$this->page = new Page('Search');
$this->searchphrase = is_null($_POST['searchphrase']) ? slashfix($_GET['searchphrase']) : slashfix($_POST['searchphrase']);
$this->searchphrase = preg_replace('/\\*/', '%', $this->searchphrase);
$this->searchphrase = trim($this->searchphrase);
$this->searchtype = is_null($_POST['searchtype']) ? $_GET['searchtype'] : $_POST['searchtype'];
}
* @package EDK
*/
require_once 'common/admin/admin_menu.php';
$page = new Page();
$page->setAdmin();
$page->setTitle('Administration - Post Permissions');
if ($_POST['searchphrase'] != "" && strlen($_POST['searchphrase']) >= 3) {
switch ($_POST['searchtype']) {
case "pilot":
$sql = "select plt.plt_id, plt.plt_name, crp.crp_name\n from kb3_pilots plt, kb3_corps crp\n where lower( plt.plt_name ) like lower( '%" . slashfix($_POST['searchphrase']) . "%' )\n and plt.plt_crp_id = crp.crp_id\n order by plt.plt_name";
break;
case "corp":
$sql = "select crp.crp_id, crp.crp_name, ali.all_name\n from kb3_corps crp, kb3_alliances ali\n where lower( crp.crp_name ) like lower( '%" . slashfix($_POST['searchphrase']) . "%' )\n and crp.crp_all_id = ali.all_id\n order by crp.crp_name";
break;
case "alliance":
$sql = "select ali.all_id, ali.all_name\n from kb3_alliances ali\n where lower( ali.all_name ) like lower( '%" . slashfix($_POST['searchphrase']) . "%' )\n order by ali.all_name";
break;
}
$qry = DBFactory::getDBQuery();
if (!$qry->execute($sql)) {
die($qry->getErrorMsg());
}
while ($row = $qry->getRow()) {
switch ($_POST['searchtype']) {
case 'pilot':
$link = KB_HOST . '/?a=admin_postperm&add=p' . $row['plt_id'] . '&akey=' . session::makeKey();
$descr = 'Pilot ' . $row['plt_name'] . ' from ' . $row['crp_name'];
break;
case 'corp':
$link = KB_HOST . "/?a=admin_postperm&add=c" . $row['crp_id'] . '&akey=' . session::makeKey();
$descr = 'Corp ' . $row['crp_name'] . ', member of ' . $row['all_name'];
* Currently only supports users,
* but will be made to support corps and alliances
*/
require_once 'admin_menu.php';
$page = new Page('Administration - Export searcher');
$page->setAdmin();
$html .= '<form id="search" method="post" action="' . edkURI::page("admin_kill_export_search") . '">';
$html .= "<table class=kb-subtable><tr>";
$html .= "<td>Type:</td><td>Text: (3 letters minimum)</td>";
$html .= "</tr><tr>";
$html .= "<td><input id=searchphrase name=searchphrase type=text size=30/></td>";
$html .= "<td><input type=submit name=submit value=Search></td>";
$html .= "</tr></table>";
$html .= "</form>";
if ($_POST['searchphrase'] != "" && strlen($_POST['searchphrase']) >= 3) {
$sql = "select plt.plt_id, plt.plt_name, crp.crp_name\r\n from kb3_pilots plt, kb3_corps crp\r\n where lower( plt.plt_name ) like lower( '%" . slashfix($_POST['searchphrase']) . "%' )\r\n and plt.plt_crp_id = crp.crp_id\r\n order by plt.plt_name";
$header = "<td>Pilot</td><td>Corporation</td>";
$qry = DBFactory::getDBQuery();
if (!$qry->execute($sql)) {
die($qry->getErrorMsg());
}
$html .= "<div class=block-header>Search results</div>";
if ($qry->recordCount() > 0) {
$html .= "<table class=kb-table width=450 cellspacing=1>";
$html .= "<tr class=kb-table-header>" . $header . "</tr>";
} else {
$html .= "No results.";
}
while ($row = $qry->getRow()) {
$html .= "<tr class=kb-table-row-even>";
$html .= '<td><a href="?a=admin_kill_export_csv&plt_id=' . $row['plt_id'] . '&akey=' . session::makeKey() . '">' . $row['plt_name'] . '</a></td><td>' . $row['crp_name'] . '</td>';
<?php
/**
* @package EDK
*/
if (isset($_GET['int'])) {
$thumb = new thumbInt($_GET['id'], intval($_GET['size']), slashfix($_GET['type']));
} else {
$thumb = new thumb($_GET['id'], intval($_GET['size']), slashfix($_GET['type']));
}
$thumb->display();
$error = false;
if (config::get('user_regpass')) {
if ($_POST['regpass'] != config::get('user_regpass')) {
$smarty->assign('error', 'Registration password does not match.');
$error = true;
}
}
if (!$_POST['usrlogin']) {
$smarty->assign('error', 'You missed to specify a login.');
$error = true;
}
if (!$_POST['usrpass']) {
$smarty->assign('error', 'You missed to specify a password.');
$error = true;
}
if (strlen($_POST['usrpass']) < 3) {
$smarty->assign('error', 'Your password needs to have at least 4 chars.');
$error = true;
}
if (!$error) {
$pilot = null;
$id = null;
user::register(slashfix($_POST['usrlogin']), slashfix($_POST['usrpass']), $pilot, $id);
$page->setContent('Account registered.');
$page->generate();
return;
}
}
$smarty->assign('actionURL', edkURI::page('register'));
$page->setContent($smarty->fetch(get_tpl('user_register')));
$page->generate();
<?php
/**
* @package EDK
*/
$page = new Page();
$page->setAdmin();
$page->setTitle('Administration - Role Management');
if ($_POST['action'] == 'search') {
$hitlist = array();
$search = slashfix($_POST['search']);
$qry = DBFactory::getDBQuery();
$qry->execute('select usr_login from kb3_user where usr_login like ' . "'%" . $search . "%'");
while ($row = $qry->getRow()) {
$hitlist[] = $row['usr_login'];
}
$smarty->assignByRef('role', $_POST['role']);
$smarty->assignByRef('user', $hitlist);
$smarty->assign('url', edkURI::page("admin_roles"));
$page->addContext($menubox->generate());
$page->setContent($smarty->fetch(get_tpl('admin_roles_assign')));
$page->generate();
} elseif ($_POST['action'] == 'assign') {
$qry = DBFactory::getDBQuery();
$tmp = role::_get($_POST['role']);
var_dump($tmp);
#$qry->execute('select usr_login from kb3_user where usr_login like '."'%".$search."%'");
} elseif ($_POST['action'] == 'create') {
$page->addContext($menubox->generate());
$page->setContent('to be done');
$page->generate();
/**
* Fetch corporation name and alliance from CCP using the stored external ID.
*
* @return boolean TRUE on success, FALSE on failure.
*/
public function fetchCorp()
{
if (!$this->externalid) {
$this->execQuery();
}
if (!$this->externalid) {
return false;
}
$myAPI = new API_CorporationSheet();
$myAPI->setCorpID($this->externalid);
$result = $myAPI->fetchXML();
if ($result == false) {
return false;
}
$alliance = Alliance::add($myAPI->getAllianceName(), $myAPI->getAllianceID());
if (!$alliance) {
return false;
}
$crp = Corporation::add(slashfix($myAPI->getCorporationName()), $alliance, $myAPI->getCurrentTime(), intval($myAPI->getCorporationID()));
$this->name = $crp->name;
$this->alliance = $crp->alliance;
$this->updated = $crp->updated;
return true;
}
$fields[] = intval(substr($_REQUEST['sta_id'], 1));
$fields[] = $fromtyp;
$fields[] = substr($_REQUEST['sta_id'], 0, 1);
$fields[] = str_replace(',', '.', $val);
$fields[] = slashfix($_REQUEST['comment']);
$qry->execute('INSERT INTO kb3_standings VALUES (\'' . join("','", $fields) . '\')');
}
foreach (config::get('cfg_allianceid') as $id) {
$fromtyp = 'a';
$fields = array();
$fields[] = $id;
$fields[] = intval(substr($_REQUEST['sta_id'], 1));
$fields[] = $fromtyp;
$fields[] = substr($_REQUEST['sta_id'], 0, 1);
$fields[] = str_replace(',', '.', $val);
$fields[] = slashfix($_REQUEST['comment']);
$qry->execute('INSERT INTO kb3_standings VALUES (\'' . join("','", $fields) . '\')');
}
}
if ($_REQUEST['del']) {
$totyp = preg_replace('/[^ac]/', '', substr($_REQUEST['del'], 0, 1));
$toid = intval(substr($_REQUEST['del'], 1));
$qry = DBFactory::getDBQuery();
if (config::get('cfg_corpid')) {
$qry->execute('DELETE FROM kb3_standings WHERE sta_from IN (' . join(',', config::get('cfg_corpid')) . ') AND sta_from_type=\'c\' AND sta_to=' . $toid . ' AND sta_to_type=\'' . $totyp . '\'');
}
if (config::get('cfg_allianceid')) {
$qry->execute('DELETE FROM kb3_standings WHERE sta_from IN (' . join(',', config::get('cfg_allianceid')) . ') AND sta_from_type=\'a\' AND sta_to=' . $toid . ' AND sta_to_type=\'' . $totyp . '\'');
}
}
$permt = array();
}
// On a get, we might be doing an EVE Central update
// The $eve_central_exists test is redundant, but acts as a safety-net.
if ('GET' == $_SERVER['REQUEST_METHOD'] and isset($_GET['d']) and 'eve_central' == $_GET['d'] and $eve_central_exists) {
if (ec_update_value($_GET['itm_id'])) {
$smarty->assign('success', 'EVE Central synchronise was successful.');
} else {
$smarty->assign('success', 'EVE Central synchronise was not successful. This could be because you do not have cURL enabled, or EVE Central returned invalid data for an item value.');
}
}
// Scan the items table for the internal ID, name and value.
$sql = "SELECT itm.typeID, itm.typeName, val.price FROM kb3_invtypes as itm LEFT JOIN kb3_item_price AS val ON itm.typeID = val.typeID WHERE ";
// Filter it if there's a search phrase
if (isset($_REQUEST['searchphrase']) && $_REQUEST['searchphrase'] != "" && strlen($_REQUEST['searchphrase']) >= 3) {
$smarty->assign('search', true);
$where[] = "itm.typeName like '%" . slashfix($_REQUEST['searchphrase']) . "%'";
}
// If a particular type was requested, filter on that type
isset($_REQUEST['item_type']) ? $type = $_REQUEST['item_type'] : ($type = 25);
// Default to frigates
$where[] = "itm.groupID = {$type}";
$where = join(' AND ', $where);
// And make it alphabetical
$sql .= $where . " ORDER BY itm.typeName";
$qry = DBFactory::getDBQuery();
$qry->execute($sql);
while ($row = $qry->getRow()) {
$results[] = array('id' => $row['typeID'], 'name' => $row['typeName'], 'value' => $row['price']);
}
$smarty->assignByRef('results', $results);
// Stuff we don't want to display.
