function char_achievements(&$sqlr, &$sqlc) { global $output, $lang_global, $lang_char, $realm_id, $characters_db, $mmfpm_db, $action_permission, $user_lvl, $user_name, $achievement_datasite; // this page uses wowhead tooltops wowhead_tt(); //==========================$_GET and SECURE================================= // id and multi realm security to prevent sql injection require_once './include/char/include/char_multi_realm_security.php'; $show_type = isset($_POST['show_type']) ? $sqlc->quote_smart($_POST['show_type']) : 0; if (is_numeric($show_type)) { } else { $show_type = 0; } //==========================$_GET and SECURE end============================= // getting character data from database $result = $sqlc->query(' SELECT account, name, race, class, level, gender FROM characters WHERE guid = ' . $id . ' LIMIT 1'); // no point going further if character does not exist if ($sqlc->num_rows($result)) { $char = $sqlc->fetch_assoc($result); // we get user permissions first $owner_acc_id = $sqlc->result($result, 0, 'account'); $result = $sqlr->query(' SELECT gmlevel, username FROM account WHERE id = ' . $char['account'] . ''); $owner_gmlvl = $sqlr->result($result, 0, 'gmlevel'); $owner_name = $sqlr->result($result, 0, 'username'); // check user permission if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) { // character sub header $output .= ' <center> <div id="tab_content"> <h1>' . $lang_char['achievements'] . '</h1> <br />'; // character menu tab require_once './include/char/include/char_header.php'; // character info require_once './include/char/include/char_info.php'; //---------------Page Specific Data Starts Here-------------------------- $output .= ' <script type="text/javascript"> function expand(thistag) { var i = 0; %%REPLACE%% if (thistag == \'tsummary\') { document.getElementById(\'tsummary\').style.display="table"; document.getElementById(\'divsummary\').innerHTML = \'[-] ' . $lang_char['summary'] . '\' ; for(x in main_cats) { if(document.getElementById(main_cats[x]).style.display=="table") { document.getElementById(main_cats[x]).style.display="none"; document.getElementById(main_cats_achieve[x]).style.display="none"; document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x]; } } for(x in main_sub_cats) { if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table") { document.getElementById(main_sub_cats_achieve[x]).style.display="none"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x]; } } } else { if (document.getElementById(\'tsummary\').style.display="table") { document.getElementById(\'tsummary\').style.display="none"; document.getElementById(\'divsummary\').innerHTML = \'[+] ' . $lang_char['summary'] . '\' ; } for(x in main_cats) { if (main_cats[x] == thistag) { i = 1; } } if (i == 1) { for(x in main_cats) { if (main_cats[x] == thistag) { if(document.getElementById(main_cats[x]).style.display=="table") { document.getElementById(main_cats[x]).style.display="none"; document.getElementById(main_cats_achieve[x]).style.display="none"; document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x]; document.getElementById(\'tsummary\').style.display="table"; document.getElementById(\'divsummary\').innerHTML = \'[-] ' . $lang_char['summary'] . '\' ; } else { document.getElementById(main_cats[x]).style.display="table"; document.getElementById(main_cats_achieve[x]).style.display="table"; document.getElementById(main_cats_div[x]).innerHTML = \'[-] \' + main_cats_name[x]; } } else { if(document.getElementById(main_cats[x]).style.display=="table") { document.getElementById(main_cats[x]).style.display="none"; document.getElementById(main_cats_achieve[x]).style.display="none"; document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x]; } } } for(x in main_sub_cats) { if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table") { document.getElementById(main_sub_cats_achieve[x]).style.display="none"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x]; } } } else if (i == 0) { for(x in main_sub_cats) { if (main_sub_cats[x] == thistag) { if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table") { document.getElementById(main_sub_cats_achieve[x]).style.display="none"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x]; } else { document.getElementById(main_sub_cats_achieve[x]).style.display="table"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[-] \' + main_sub_cats_name[x]; } } else { if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table") { document.getElementById(main_sub_cats_achieve[x]).style.display="none"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x]; } } } for(x in main_cats) { if(document.getElementById(main_cats_achieve[x]).style.display=="table") { document.getElementById(main_cats_achieve[x]).style.display="none"; } } } } } </script>'; $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); $output .= ' <div id="tab_content2"> <table class="top_hidden" style="width: 90%;"> <tr> <td width="30%"> </td> %%REPLACE_POINTS%% <td align="right"> <form action="char_achieve.php?id=' . $id . '&realm=' . $realmid . '" method="post" name="form"> ' . $lang_char['show'] . ' : <select name="show_type"> <option value="1"'; if (1 == $show_type) { $output .= ' selected="selected"'; } $output .= ' >' . $lang_char['all'] . ' </option> <option value="0"'; if (0 == $show_type) { $output .= ' selected="selected"'; } $output .= ' >' . $lang_char['earned'] . ' </option> <option value="2"'; if (2 == $show_type) { $output .= ' selected="selected"'; } $output .= ' >' . $lang_char['incomplete'] . ' </option> </select> </form> </td> <td align="right">'; makebutton('View', 'javascript:do_submit()', 130); $output .= ' </td> </tr> </table> <table class="lined" style="width: 90%;"> <tr valign="top"> <td width="30%"> <table class="hidden" style="width: 100%"> <tr> <th align="left"> <div id="divsummary" onclick="expand(\'tsummary\')">[-] ' . $lang_char['summary'] . '</div> </th> </tr> <tr> <td> </td> </tr>'; $result = $sqlc->query(' SELECT achievement, date FROM character_achievement WHERE guid = ' . $id . ''); $char_achieve = array(); while ($temp = $sqlc->fetch_assoc($result)) { $char_achieve[$temp['achievement']] = $temp['date']; } $result = $sqlc->query(' SELECT achievement, date FROM character_achievement WHERE guid = \'' . $id . '\' ORDER BY date DESC LIMIT 4'); $points = 0; $main_cats = achieve_get_main_category($sqlm); $sub_cats = achieve_get_sub_category($sqlm); $output_achieve_main_cat = array(); $output_u_achieve_main_cat = array(); $output_achieve_sub_cat = array(); $output_u_achieve_sub_cat = array(); $js_main_cats = ' var main_cats = new Array(); var main_cats_div = new Array(); var main_cats_name = new Array(); var main_cats_achieve = new Array(); var main_sub_cats = new Array(); var main_sub_cats_div = new Array(); var main_sub_cats_name = new Array(); var main_sub_cats_achieve = new Array();'; foreach ($main_cats as $cat_id => $cat) { if (isset($cat['name01'])) { $i = 0; $output_achieve_main_cat[$cat_id] = ''; $output_u_achieve_main_cat[$cat_id] = ''; $achieve_main_cat = achieve_get_id_category($cat['id'], $sqlm); foreach ($achieve_main_cat as $achieve_id => $cid) { if (isset($achieve_id) && isset($cid['id'])) { if (isset($char_achieve[$cid['id']])) { if (2 > $show_type) { $cid['name01'] = str_replace('&', '&', $cid['name01']); $cid['description01'] = str_replace('&', '&', $cid['description01']); $cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']); $output_achieve_main_cat[$cat_id] .= ' <tr> <td width="1%" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank"> <img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" /> </a> </td> <td colspan="2" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br /> ' . $cid['description01'] . '<br /> ' . $cid['rewarddesc01'] . ' </td> <td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td> <td width="15%" align="right">' . date('o-m-d', $char_achieve[$cid['id']]) . '</td> </tr>'; ++$i; } $points += $cid['rewpoints']; } elseif ($show_type && isset($achieve_id)) { $cid['name01'] = str_replace('&', '&', $cid['name01']); $cid['description01'] = str_replace('&', '&', $cid['description01']); $cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']); $output_u_achieve_main_cat[$cat_id] .= ' <tr> <td width="1%" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank"> <span style="opacity:0.2;"> <img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" /> </span> </a> </td> <td colspan="2" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br /> ' . $cid['description01'] . '<br /> ' . $cid['rewarddesc01'] . ' </td> <td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td> <td width="15%" align="right">' . $lang_char['incomplete'] . '</td> </tr>'; ++$i; } } } unset($achieve_main_cat); $output_achieve_main_cat[$cat_id] = ' <table class="hidden" id="ta' . $cat_id . '" style="width: 100%; display: none;"> <tr> <th colspan="3" align="left">' . $lang_char['achievement_title'] . '</th> <th width="5%">' . $lang_char['achievement_points'] . '</th> <th width="15%">' . $lang_char['achievement_date'] . '</th> </tr>' . $output_achieve_main_cat[$cat_id] . $output_u_achieve_main_cat[$cat_id] . ' </table>'; unset($output_u_achieve_main_cat); $js_main_cats .= ' main_cats_achieve[' . $cat_id . '] = "ta' . $cat_id . '";'; $output_sub_cat = ''; $total_sub_cat = 0; if (isset($sub_cats[$cat['id']])) { $main_sub_cats = $sub_cats[$cat['id']]; foreach ($main_sub_cats as $sub_cat_id => $sub_cat) { if (isset($sub_cat)) { $j = 0; $output_achieve_sub_cat[$sub_cat_id] = ''; $output_u_achieve_sub_cat[$sub_cat_id] = ''; $achieve_sub_cat = achieve_get_id_category($sub_cat_id, $sqlm); foreach ($achieve_sub_cat as $achieve_id => $cid) { if (isset($achieve_id) && isset($cid['id'])) { if (isset($char_achieve[$cid['id']])) { if (2 > $show_type) { $cid['name01'] = str_replace('&', '&', $cid['name01']); $cid['description01'] = str_replace('&', '&', $cid['description01']); $cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']); $output_achieve_sub_cat[$sub_cat_id] .= ' <tr> <td width="1%" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank"> <img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" /> </a> </td> <td colspan="2" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br /> ' . $cid['description01'] . '<br /> ' . $cid['rewarddesc01'] . ' </td> <td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td> <td width="15%" align="right">' . date('o-m-d', $char_achieve[$cid['id']]) . '</td> </tr>'; ++$j; } $points += $cid['rewpoints']; } elseif ($show_type && isset($achieve_id)) { $cid['name01'] = str_replace('&', '&', $cid['name01']); $cid['description01'] = str_replace('&', '&', $cid['description01']); $cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']); $output_u_achieve_sub_cat[$sub_cat_id] .= ' <tr> <td width="1%" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank"> <span style="opacity:0.2;"> <img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" /> </span> </a> </td> <td colspan="2" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br /> ' . $cid['description01'] . '<br /> ' . $cid['rewarddesc01'] . ' </td> <td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td> <td width="15%" align="right">' . $lang_char['incomplete'] . '</td> </tr>'; ++$j; } } } unset($achieve_sub_cat); $total_sub_cat = $total_sub_cat + $j; if ($j) { $sub_cat['name01'] = str_replace('&', '&', $sub_cat['name01']); $output_sub_cat .= ' <tr> <th align="left"> <div id="divs' . $sub_cat_id . '" onclick="expand(\'tsa' . $sub_cat_id . '\');">[+] ' . $sub_cat . ' (' . $j . ')</div> </th> </tr>'; $js_main_cats .= ' main_sub_cats[' . $sub_cat_id . '] = "tsa' . $sub_cat_id . '"; main_sub_cats_div[' . $sub_cat_id . '] = "divs' . $sub_cat_id . '"; main_sub_cats_name[' . $sub_cat_id . '] = "' . $sub_cat . ' (' . $j . ')";'; $output_achieve_sub_cat[$sub_cat_id] = ' <table class="hidden" id="tsa' . $sub_cat_id . '" style="width: 100%; display: none;"> <tr> <th colspan="3" align="left">' . $lang_char['achievement_title'] . '</th> <th width="5%">' . $lang_char['achievement_points'] . '</th> <th width="15%">' . $lang_char['achievement_date'] . '</th> </tr>' . $output_achieve_sub_cat[$sub_cat_id] . $output_u_achieve_sub_cat[$sub_cat_id] . ' </table>'; unset($output_u_achieve_sub_cat); $js_main_cats .= ' main_sub_cats_achieve[' . $sub_cat_id . '] = "tsa' . $sub_cat_id . '";'; } } } unset($main_sub_cats); } if ($total_sub_cat || $i) { $cat['name01'] = str_replace('&', '&', $cat['name01']); $output .= ' <tr> <th align="left"> <div id="div' . $cat_id . '" onclick="expand(\'t' . $cat_id . '\');">[+] ' . $cat['name01'] . ' (' . ($i + $total_sub_cat) . ')</div> </th> </tr> <tr> <td> <table class="hidden" id="t' . $cat_id . '" style="width: 100%; display: none;">' . $output_sub_cat . ' </table> </td> </tr>'; $js_main_cats .= ' main_cats[' . $cat_id . '] = "t' . $cat_id . '"; main_cats_div[' . $cat_id . '] = "div' . $cat_id . '"; main_cats_name[' . $cat_id . '] = "' . $cat['name01'] . ' (' . ($i + $total_sub_cat) . ')";'; } unset($output_sub_cat); } } unset($sub_cats); unset($main_cats); unset($char_achieve); $output = str_replace('%%REPLACE%%', $js_main_cats, $output); unset($js_main_cats); $output = str_replace('%%REPLACE_POINTS%%', ' <td align="right"> ' . $lang_char['achievements'] . ' ' . $lang_char['achievement_points'] . ': ' . $points . ' </td>', $output); unset($point); $output .= ' </table> </td> <td>'; foreach ($output_achieve_main_cat as $temp) { $output .= $temp; } foreach ($output_achieve_sub_cat as $temp) { $output .= $temp; } unset($temp); unset($output_achieve_main_cat); unset($output_achieve_sub_cat); $output .= ' <table class="hidden" id="tsummary" style="width: 100%; display: table;"> <tr> <th colspan="5"> ' . $lang_char['recent'] . ' ' . $lang_char['achievements'] . ' </th> </tr> <tr> <th colspan="3" align="left">' . $lang_char['achievement_title'] . '</th> <th width="5%">' . $lang_char['achievement_points'] . '</th> <th width="15%">' . $lang_char['achievement_date'] . '</th> </tr>'; while ($temp = $sqlc->fetch_assoc($result)) { $cid = achieve_get_details($temp['achievement'], $sqlm); $cid['name01'] = str_replace('&', '&', $cid['name01']); $cid['description01'] = str_replace('&', '&', $cid['description01']); $cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']); $output .= ' <tr> <td width="1%" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank"> <img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" /> </a> </td> <td colspan="2" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br /> ' . $cid['description01'] . '<br /> ' . $cid['rewarddesc01'] . ' </td> <td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td> <td width="15%" align="right">' . date('o-m-d', $temp['date']) . '</td> </tr>'; } unset($cid); unset($temp); unset($result); $output .= ' </table> </td> </tr> </table> </div> <br />'; //---------------Page Specific Data Ends here---------------------------- // character sub footer require_once './include/char/include/char_ footer.php'; $output .= ' <br /> </center>'; } else { error($lang_char['no_permission']); } } else { error($lang_char['no_char_found']); } }
function char_achievements() { global $output, $logon_db, $site_encoding, $realm_id, $characters_db, $corem_db, $action_permission, $user_lvl, $user_name, $base_datasite, $achievement_datasite, $sql, $core; // this page uses wowhead tooltops wowhead_tt(); // we need at least an id or we would have nothing to show if (empty($_GET["id"])) { error(lang("global", "empty_fields")); } // this is multi realm support, as of writing still under development // this page is already implementing it if (empty($_GET["realm"])) { $realmid = $realm_id; } else { $realmid = $sql["logon"]->quote_smart($_GET["realm"]); if (is_numeric($realmid)) { $sql["char"]->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name'], $characters_db[$realmid]["encoding"]); } else { $realmid = $realm_id; } } //-------------------SQL Injection Prevention-------------------------------- // no point going further if we don have a valid ID $id = $sql["char"]->quote_smart($_GET["id"]); if (!is_numeric($id)) { error(lang("global", "empty_fields")); } $show_type = isset($_POST["show_type"]) ? $sql["char"]->quote_smart($_POST["show_type"]) : 0; if (!is_numeric($show_type)) { $show_type = 0; } // getting character data from database if ($core == 1) { $result = $sql["char"]->query("SELECT acct, name, race, class, level, gender\n FROM characters WHERE guid='" . $id . "' LIMIT 1"); } else { $result = $sql["char"]->query("SELECT account AS acct, name, race, class, level, gender\n FROM characters WHERE guid='" . $id . "' LIMIT 1"); } // no point going further if character does not exist if ($sql["char"]->num_rows($result)) { $char = $sql["char"]->fetch_assoc($result); // we get user permissions first $owner_acc_id = $sql["char"]->result($result, 0, 'acct'); if ($core == 1) { $result = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $char["acct"] . "'"); } else { $result = $sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $char["acct"] . "'"); } $owner_name = $sql["logon"]->result($result, 0, 'login'); $s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='******'"; $s_result = $sql["mgr"]->query($s_query); $s_fields = $sql["mgr"]->fetch_assoc($s_result); $owner_gmlvl = $s_fields["gm"]; $view_mod = $s_fields["View_Mod_Achieve"]; if ($owner_gmlvl >= 1073741824) { $owner_gmlvl -= 1073741824; } // owner configured overrides $view_override = false; if ($view_mod > 0) { if ($view_mod == 1) { } elseif ($view_mod == 2) { // only registered users may view this page if ($user_lvl > -1) { $view_override = true; } } } // visibility overrides for specific tabs $view_inv_override = false; if ($s_fields["View_Mod_Inv"] > 0) { if ($s_fields["View_Mod_Inv"] == 1) { } elseif ($s_fields["View_Mod_Inv"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_inv_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_inv_override = true; } } $view_talent_override = false; if ($s_fields["View_Mod_Talent"] > 0) { if ($s_fields["View_Mod_Talent"] == 1) { } elseif ($s_fields["View_Mod_Talent"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_talent_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_talent_override = true; } } $view_quest_override = false; if ($s_fields["View_Mod_Quest"] > 0) { if ($s_fields["View_Mod_Quest"] == 1) { } elseif ($s_fields["View_Mod_Quest"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_quest_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_quest_override = true; } } $view_friends_override = false; if ($s_fields["View_Mod_Friends"] > 0) { if ($s_fields["View_Mod_Friends"] == 1) { } elseif ($s_fields["View_Mod_Friends"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_friends_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_friends_override = true; } } $view_view_override = false; if ($s_fields["View_Mod_View"] > 0) { if ($s_fields["View_Mod_View"] == 1) { } elseif ($s_fields["View_Mod_View"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_view_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_view_override = true; } } // check user permission if ($view_override || $user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { //------------------------Character Tabs--------------------------------- // we start with a lead of 10 spaces, // because last line of header is an opening tag with 8 spaces // keep html indent in sync, so debuging from browser source would be easy to read $output .= ' <!-- start of char_achieve.php --> <script type="text/javascript"> function expand(thistag) { var i = 0; %%REPLACE%% if ( thistag == \'tsummary\' ) { document.getElementById(\'tsummary\').style.display="table"; document.getElementById(\'divsummary\').innerHTML = \'[-] ' . lang("char", "summary") . '\' ; for ( x in main_cats ) { if ( document.getElementById(main_cats[x]).style.display=="table" ) { document.getElementById(main_cats[x]).style.display="none"; document.getElementById(main_cats_achieve[x]).style.display="none"; document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x]; } } for ( x in main_sub_cats ) { if ( document.getElementById(main_sub_cats_achieve[x]).style.display=="table" ) { document.getElementById(main_sub_cats_achieve[x]).style.display="none"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x]; } } } else { if ( document.getElementById(\'tsummary\').style.display="table" ) { document.getElementById(\'tsummary\').style.display="none"; document.getElementById(\'divsummary\').innerHTML = \'[+] ' . lang("char", "summary") . '\' ; } for ( x in main_cats ) { if ( main_cats[x] == thistag ) { i = 1; } } if ( i == 1 ) { for ( x in main_cats ) { if ( main_cats[x] == thistag ) { if ( document.getElementById(main_cats[x]).style.display=="table" ) { document.getElementById(main_cats[x]).style.display="none"; document.getElementById(main_cats_achieve[x]).style.display="none"; document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x]; document.getElementById(\'tsummary\').style.display="table"; document.getElementById(\'divsummary\').innerHTML = \'[-] ' . lang("char", "summary") . '\' ; } else { document.getElementById(main_cats[x]).style.display="table"; document.getElementById(main_cats_achieve[x]).style.display="table"; document.getElementById(main_cats_div[x]).innerHTML = \'[-] \' + main_cats_name[x]; } } else { if ( document.getElementById(main_cats[x]).style.display=="table" ) { document.getElementById(main_cats[x]).style.display="none"; document.getElementById(main_cats_achieve[x]).style.display="none"; document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x]; } } } for ( x in main_sub_cats ) { if ( document.getElementById(main_sub_cats_achieve[x]).style.display=="table" ) { document.getElementById(main_sub_cats_achieve[x]).style.display="none"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x]; } } } else if ( i == 0 ) { for ( x in main_sub_cats ) { if ( main_sub_cats[x] == thistag ) { if ( document.getElementById(main_sub_cats_achieve[x]).style.display=="table" ) { document.getElementById(main_sub_cats_achieve[x]).style.display="none"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x]; } else { document.getElementById(main_sub_cats_achieve[x]).style.display="table"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[-] \' + main_sub_cats_name[x]; } } else { if ( document.getElementById(main_sub_cats_achieve[x]).style.display=="table" ) { document.getElementById(main_sub_cats_achieve[x]).style.display="none"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x]; } } } for ( x in main_cats ) { if ( document.getElementById(main_cats_achieve[x]).style.display=="table" ) { document.getElementById(main_cats_achieve[x]).style.display="none"; } } } } } </script> <div class="tab"> <ul> <li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>'; if ($view_inv_override) { $output .= ' <li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "inventory") . '</a></li>'; } if ($view_talent_override) { $output .= ' ' . ($char["level"] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "talents") . '</a></li>') . ''; } $output .= ' <li class="selected"><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "achievements") . '</a></li>'; if ($view_quest_override) { $output .= ' <li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "quests") . '</a></li>'; } if ($view_friends_override) { $output .= ' <li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "friends") . '</a></li>'; } if ($view_view_override) { $output .= ' <li><a href="char_view.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "view") . '</a></li>'; } $output .= ' </ul> </div> <div class="tab_content center center_text"> <span class="bold"> ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' - <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . ' </span> <br /><br />'; //---------------Page Specific Data Starts Here-------------------------- $output .= ' <table class="top_hidden" id="ch_ach_info"> <tr> <td style="width: 30%;"> </td> <td align="center"> %%REPLACE_POINTS%% </td> <td align="right" style="width: 20%;"> <div style="position: relative; float: left; top: 2px;">' . lang("char", "show") . ' :</div> <form action="char_achieve.php?id=' . $id . '&realm=' . $realmid . '" method="post" id="form"> <div> <select name="show_type"> <option value="1"' . ($show_type == 1 ? ' selected="selected"' : '') . '>' . lang("char", "all") . '</option> <option value="0"' . ($show_type == 0 ? ' selected="selected"' : '') . '>' . lang("char", "earned") . '</option> <option value="2"' . ($show_type == 2 ? ' selected="selected"' : '') . '>' . lang("char", "incomplete") . '</option> </select> </div> </form> </td> <td align="right" style="width: 20%;">'; makebutton("View", 'javascript:do_submit()', 130); $output .= ' </td> </tr> </table> <table class="lined" id="ch_ach_main"> <tr valign="top"> <td id="ch_ach_categories"> <table class="hidden" id="ch_ach_categories_list"> <tr> <th align="left"> <div id="divsummary" onclick="expand(\'tsummary\')">[-] ' . lang("char", "summary") . '</div> </th> </tr> <tr> <td> </td> </tr>'; $result = $sql["char"]->query("SELECT achievement, date FROM character_achievement WHERE guid='" . $id . "'"); $char_achieve = array(); while ($temp = $sql["char"]->fetch_assoc($result)) { $char_achieve[$temp["achievement"]] = $temp["date"]; } $result = $sql["char"]->query("SELECT achievement, date FROM character_achievement WHERE guid='" . $id . "' ORDER BY date DESC LIMIT 4"); $points = 0; $main_cats = achieve_get_main_category(); $sub_cats = achieve_get_sub_category(); $output_achieve_main_cat = array(); $output_u_achieve_main_cat = array(); $output_achieve_sub_cat = array(); $output_u_achieve_sub_cat = array(); $js_main_cats = ' var main_cats = new Array(); var main_cats_div = new Array(); var main_cats_name = new Array(); var main_cats_achieve = new Array(); var main_sub_cats = new Array(); var main_sub_cats_div = new Array(); var main_sub_cats_name = new Array(); var main_sub_cats_achieve = new Array();'; foreach ($main_cats as $cat_id => $cat) { if (isset($cat["Name"])) { $i = 0; $output_achieve_main_cat[$cat_id] = ''; $output_u_achieve_main_cat[$cat_id] = ''; $achieve_main_cat = achieve_get_id_category($cat["ID"]); foreach ($achieve_main_cat as $achieve_id => $cid) { if (isset($achieve_id) && isset($cid["id"])) { if (isset($char_achieve[$cid["id"]])) { if ($show_type < 2) { $cid["name01"] = str_replace('&', '&', $cid["name"]); $cid["description01"] = str_replace('&', '&', $cid["description"]); $cid["rewarddesc01"] = str_replace('&', '&', $cid["reward"]); $output_achieve_main_cat[$cat_id] .= ' <tr> <td style="width: 1%;" align="left"> <a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external"> <img src="' . achieve_get_icon($cid["id"]) . '" width="36" height="36" class="icon_border_0" alt="" /> </a> </td> <td colspan="2" align="left"> <a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external">' . $cid["name"] . '</a><br /> ' . $cid["description"] . '<br /> ' . $cid["reward"] . ' </td> <td style="width: 5%;" align="right">' . $cid["points"] . ' <img src="img/money_achievement.gif" alt="" /></td> <td style="width: 15%;" align="right">' . date('o-m-d', $char_achieve[$cid["id"]]) . '</td> </tr>'; ++$i; } $points += $cid["rewpoints"]; } elseif ($show_type && isset($achieve_id)) { $cid["name"] = str_replace('&', '&', $cid["name"]); $cid["description"] = str_replace('&', '&', $cid["description"]); $cid["reward"] = str_replace('&', '&', $cid["reward"]); $output_u_achieve_main_cat[$cat_id] .= ' <tr> <td style="width: 1%;" align="left"> <a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external"> <span id="ch_ach_opacity"> <img src="' . achieve_get_icon($cid["id"]) . '" width="36" height="36" class="icon_border_0" alt="" /> </span> </a> </td> <td colspan="2" align="left"> <a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external">' . $cid["name"] . '</a><br /> ' . $cid["description"] . '<br /> ' . $cid["reward"] . ' </td> <td style="width: 5%;" align="right">' . $cid["points"] . ' <img src="img/money_achievement.gif" alt="" /></td> <td style="width: 15%;" align="right">' . lang("char", "incomplete") . '</td> </tr>'; ++$i; } } } unset($achieve_main_cat); // this_is_junk: unfortunately the CSS here needs to be hardcoded. $output_achieve_main_cat[$cat_id] = ' <table class="hidden" id="ta' . $cat_id . '" style="width: 100%; display: none;"> <tr> <th colspan="3" align="left">' . lang("char", "achievement_title") . '</th> <th style="width: 5%;">' . lang("char", "achievement_points") . '</th> <th style="width: 15%;">' . lang("char", "achievement_date") . '</th> </tr>' . $output_achieve_main_cat[$cat_id] . $output_u_achieve_main_cat[$cat_id] . ' </table>'; unset($output_u_achieve_main_cat); $js_main_cats .= ' main_cats_achieve[' . $cat_id . '] = "ta' . $cat_id . '";'; $output_sub_cat = ''; $total_sub_cat = 0; if (isset($sub_cats[$cat["ID"]])) { $main_sub_cats = $sub_cats[$cat["ID"]]; foreach ($main_sub_cats as $sub_cat_id => $sub_cat) { if (isset($sub_cat)) { $j = 0; $output_achieve_sub_cat[$sub_cat_id] = ''; $output_u_achieve_sub_cat[$sub_cat_id] = ''; $achieve_sub_cat = achieve_get_id_category($sub_cat_id); foreach ($achieve_sub_cat as $achieve_id => $cid) { if (isset($achieve_id) && isset($cid["id"])) { if (isset($char_achieve[$cid["id"]])) { if ($show_type < 2) { $cid["name"] = str_replace('&', '&', $cid["name"]); $cid["description"] = str_replace('&', '&', $cid["description"]); $cid["reward"] = str_replace('&', '&', $cid["reward"]); $output_achieve_sub_cat[$sub_cat_id] .= ' <tr> <td style="width: 1%;" align="left"> <a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external"> <img src="' . achieve_get_icon($cid["id"]) . '" width="36" height="36" class="icon_border_0" alt="" /> </a> </td> <td colspan="2" align="left"> <a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external">' . $cid["name"] . '</a><br /> ' . $cid["description"] . '<br /> ' . $cid["rewarddesc"] . ' </td> <td style="width: 5%;" align="right">' . $cid["points"] . ' <img src="img/money_achievement.gif" alt="" /></td> <td style="width: 15%;" align="right">' . date('o-m-d', $char_achieve[$cid["id"]]) . '</td> </tr>'; ++$j; } $points += $cid["points"]; } elseif ($show_type && isset($achieve_id)) { $cid["name"] = str_replace('&', '&', $cid["name"]); $cid["description"] = str_replace('&', '&', $cid["description"]); $cid["reward"] = str_replace('&', '&', $cid["reward"]); $output_u_achieve_sub_cat[$sub_cat_id] .= ' <tr> <td style="width: 1%;" align="left"> <a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external"> <span id="ch_ach_opacity"> <img src="' . achieve_get_icon($cid["id"]) . '" width="36" height="36" class="icon_border_0" alt="" /> </span> </a> </td> <td colspan="2" align="left"> <a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external">' . $cid["name"] . '</a><br /> ' . $cid["description"] . '<br /> ' . $cid["reward"] . ' </td> <td style="width: 5%;" align="right">' . $cid["points"] . ' <img src="img/money_achievement.gif" alt="" /></td> <td style="width: 15%;" align="right">' . lang("char", "incomplete") . '</td> </tr>'; ++$j; } } } unset($achieve_sub_cat); $total_sub_cat = $total_sub_cat + $j; if ($j) { $sub_cat["name"] = str_replace('&', '&', $sub_cat["name"]); $output_sub_cat .= ' <tr> <th align="left"> <div id="divs' . $sub_cat_id . '" onclick="expand(\'tsa' . $sub_cat_id . '\');">[+] ' . $sub_cat . ' (' . $j . ')</div> </th> </tr>'; $js_main_cats .= ' main_sub_cats[' . $sub_cat_id . '] = "tsa' . $sub_cat_id . '"; main_sub_cats_div[' . $sub_cat_id . '] = "divs' . $sub_cat_id . '"; main_sub_cats_name[' . $sub_cat_id . '] = "' . $sub_cat . ' (' . $j . ')";'; // this_is_junk: unfortunately the CSS here needs to be hardcoded. $output_achieve_sub_cat[$sub_cat_id] = ' <table class="hidden" id="tsa' . $sub_cat_id . '" style="width: 100%; display: none;"> <tr> <th colspan="3" align="left">' . lang("char", "achievement_title") . '</th> <th style="width: 5%;">' . lang("char", "achievement_points") . '</th> <th style="width: 15%;">' . lang("char", "achievement_date") . '</th> </tr>' . $output_achieve_sub_cat[$sub_cat_id] . $output_u_achieve_sub_cat[$sub_cat_id] . ' </table>'; unset($output_u_achieve_sub_cat); $js_main_cats .= ' main_sub_cats_achieve[' . $sub_cat_id . '] = "tsa' . $sub_cat_id . '";'; } } } unset($main_sub_cats); } if ($total_sub_cat || $i) { $cat["Name"] = str_replace('&', '&', $cat["Name"]); // this_is_junk: unfortunately the CSS here needs to be hardcoded. $output .= ' <tr> <th align="left"> <div id="div' . $cat_id . '" onclick="expand(\'t' . $cat_id . '\');">[+] ' . $cat["Name"] . ' (' . ($i + $total_sub_cat) . ')</div> </th> </tr> <tr> <td> <table class="hidden" id="t' . $cat_id . '" style="width: 100%; display: none;"> ' . ($output_sub_cat != "" ? $output_sub_cat : '<tr><td></td></tr>') . ' </table> </td> </tr>'; $js_main_cats .= ' main_cats[' . $cat_id . '] = "t' . $cat_id . '"; main_cats_div[' . $cat_id . '] = "div' . $cat_id . '"; main_cats_name[' . $cat_id . '] = "' . $cat["Name"] . ' (' . ($i + $total_sub_cat) . ')";'; } unset($output_sub_cat); } } unset($sub_cats); unset($main_cats); unset($char_achieve); $output = str_replace('%%REPLACE%%', $js_main_cats, $output); unset($js_main_cats); $output = str_replace('%%REPLACE_POINTS%%', ' ' . lang("char", "achievements") . ' ' . lang("char", "achievement_points") . ': ' . $points . '', $output); unset($point); $output .= ' </table> </td> <td>'; foreach ($output_achieve_main_cat as $temp) { $output .= $temp; } foreach ($output_achieve_sub_cat as $temp) { $output .= $temp; } unset($temp); unset($output_achieve_main_cat); unset($output_achieve_sub_cat); // this_is_junk: unfortunately the CSS here needs to be hardcoded. $output .= ' <table class="hidden" id="tsummary" style="width: 100%; display: table;"> <tr> <th colspan="5"> ' . lang("char", "recent") . ' ' . lang("char", "achievements") . ' </th> </tr> <tr> <th colspan="3" align="left">' . lang("char", "achievement_title") . '</th> <th style="width: 5%;">' . lang("char", "achievement_points") . '</th> <th style="width: 15%;">' . lang("char", "achievement_date") . '</th> </tr>'; while ($temp = $sql["char"]->fetch_assoc($result)) { $cid = achieve_get_details($temp["achievement"]); $cid["name"] = str_replace('&', '&', $cid["name"]); $cid["description"] = str_replace('&', '&', $cid["description"]); $cid["reward"] = str_replace('&', '&', $cid["reward"]); $output .= ' <tr> <td style="width: 1%;" align="left"> <a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external"> <img src="' . achieve_get_icon($cid["id"]) . '" width="36" height="36" class="icon_border_0" alt="" /> </a> </td> <td colspan="2" align="left"> <a href="' . $base_datasite . $achievement_datasite . $cid["id"] . '" rel="external">' . $cid["name"] . '</a><br /> ' . $cid["description"] . '<br /> ' . $cid["reward"] . ' </td> <td style="width: 5%;" align="right">' . $cid["points"] . ' <img src="img/money_achievement.gif" alt="" /></td> <td style="width: 15%;" align="right">' . date('o-m-d', $temp["date"]) . '</td> </tr>'; } unset($cid); unset($temp); unset($result); $output .= ' </table> </td>'; //---------------Page Specific Data Ends here---------------------------- //---------------Character Tabs Footer----------------------------------- $output .= ' </tr> </table> </div> <br /> <table class="hidden"> <tr> <td>'; // button to user account page, user account page has own security makebutton(lang("char", "chars_acc"), 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130); $output .= ' </td> <td>'; // only higher level GM with delete access can edit character // character edit allows removal of character items, so delete permission is needed if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"]) { //makebutton($lang_char["edit_button"], 'char_edit.php?id='.$id.'&realm='.$realmid.'', 130); $output .= ' </td> <td>'; } // only higher level GM with delete access, or character owner can delete character if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"] || $owner_name === $user_name) { makebutton(lang("char", "del_char"), 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130); $output .= ' </td> <td>'; } // only GM with update permission can send mail, mail can send items, so update permission is needed if ($user_lvl >= $action_permission["update"]) { makebutton(lang("char", "send_mail"), 'mail.php?type=ingame_mail&to=' . $char["name"] . '', 130); $output .= ' </td> <td>'; } makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> <br /> <!-- end of char_achieve.php -->'; } else { error(lang("char", "no_permission")); } } else { error(lang("char", "no_char_found")); } }
// please restore <code>\'scripts/config.dist.php\'</code></center>'); require_once 'scripts/config.php'; //} //else // exit('<center><br><code>\'scripts/config.php\'</code> not found,<br> // please copy <code>\'scripts/config.dist.php\'</code> to // <code>\'scripts/config.php\'</code> and make appropriate changes.'); require_once 'libs/db_lib.php'; require_once 'libs/global_lib.php'; require_once 'libs/archieve_lib.php'; //header('Expires: Tue, 01 Jan 2000 00:00:00 GMT'); //header('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT'); //header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0'); //header('Cache-Control: post-check=0, pre-check=0', false); //header('Pragma: no-cache'); //wowhead_tt(); //echo $output; $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); $result = $sqlm->query('select id from dbc_achievement order by id ASC'); $i = 0; while ($entry = $sqlm->fetch_assoc($result)) { if (achieve_get_icon($entry['id'], $sqlm) == 'img/INV/INV_blank_32.gif') { // echo '<a href="'.$achievement_datasite.$entry['id'].'"><img src="'.achieve_get_icon($entry['id'], $sqlm).'" /></a>'; achieve_get_icon($entry['id'], $sqlm); echo $entry['id'] . ' '; } else { ++$i; } } echo $i;
function char_achievements(&$sqlr, &$sqlc) { global $output, $lang_global, $lang_char, $realm_id, $characters_db, $mmfpm_db, $action_permission, $user_lvl, $user_name, $achievement_datasite; // this page uses wowhead tooltops wowhead_tt(); // we need at least an id or we would have nothing to show if (empty($_GET['id'])) { error($lang_global['empty_fields']); } // this is multi realm support, as of writing still under development // this page is already implementing it if (empty($_GET['realm'])) { $realmid = $realm_id; } else { $realmid = $sqlr->quote_smart($_GET['realm']); if (is_numeric($realmid)) { $sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']); } else { $realmid = $realm_id; } } //-------------------SQL Injection Prevention-------------------------------- // no point going further if we don have a valid ID $id = $sqlc->quote_smart($_GET['id']); if (is_numeric($id)) { } else { error($lang_global['empty_fields']); } $show_type = isset($_POST['show_type']) ? $sqlc->quote_smart($_POST['show_type']) : 0; if (is_numeric($show_type)) { } else { $show_type = 0; } // getting character data from database $result = $sqlc->query('SELECT account, name, race, class, level, gender FROM characters WHERE guid = ' . $id . ' LIMIT 1'); // no point going further if character does not exist if ($sqlc->num_rows($result)) { $char = $sqlc->fetch_assoc($result); // we get user permissions first $owner_acc_id = $sqlc->result($result, 0, 'account'); $result = $sqlr->query('SELECT gmlevel, username FROM account WHERE id = ' . $char['account'] . ''); $owner_gmlvl = $sqlr->result($result, 0, 'gmlevel'); $owner_name = $sqlr->result($result, 0, 'username'); // check user permission if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) { //------------------------Character Tabs--------------------------------- // we start with a lead of 10 spaces, // because last line of header is an opening tag with 8 spaces // keep html indent in sync, so debuging from browser source would be easy to read $output .= ' <!-- start of char_achieve.php --> <center> <script type="text/javascript"> function expand(thistag) { var i = 0; %%REPLACE%% if (thistag == \'tsummary\') { document.getElementById(\'tsummary\').style.display="table"; document.getElementById(\'divsummary\').innerHTML = \'[-] ' . $lang_char['summary'] . '\' ; for(x in main_cats) { if(document.getElementById(main_cats[x]).style.display=="table") { document.getElementById(main_cats[x]).style.display="none"; document.getElementById(main_cats_achieve[x]).style.display="none"; document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x]; } } for(x in main_sub_cats) { if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table") { document.getElementById(main_sub_cats_achieve[x]).style.display="none"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x]; } } } else { if (document.getElementById(\'tsummary\').style.display="table") { document.getElementById(\'tsummary\').style.display="none"; document.getElementById(\'divsummary\').innerHTML = \'[+] ' . $lang_char['summary'] . '\' ; } for(x in main_cats) { if (main_cats[x] == thistag) { i = 1; } } if (i == 1) { for(x in main_cats) { if (main_cats[x] == thistag) { if(document.getElementById(main_cats[x]).style.display=="table") { document.getElementById(main_cats[x]).style.display="none"; document.getElementById(main_cats_achieve[x]).style.display="none"; document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x]; document.getElementById(\'tsummary\').style.display="table"; document.getElementById(\'divsummary\').innerHTML = \'[-] ' . $lang_char['summary'] . '\' ; } else { document.getElementById(main_cats[x]).style.display="table"; document.getElementById(main_cats_achieve[x]).style.display="table"; document.getElementById(main_cats_div[x]).innerHTML = \'[-] \' + main_cats_name[x]; } } else { if(document.getElementById(main_cats[x]).style.display=="table") { document.getElementById(main_cats[x]).style.display="none"; document.getElementById(main_cats_achieve[x]).style.display="none"; document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x]; } } } for(x in main_sub_cats) { if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table") { document.getElementById(main_sub_cats_achieve[x]).style.display="none"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x]; } } } else if (i == 0) { for(x in main_sub_cats) { if (main_sub_cats[x] == thistag) { if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table") { document.getElementById(main_sub_cats_achieve[x]).style.display="none"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x]; } else { document.getElementById(main_sub_cats_achieve[x]).style.display="table"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[-] \' + main_sub_cats_name[x]; } } else { if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table") { document.getElementById(main_sub_cats_achieve[x]).style.display="none"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x]; } } } for(x in main_cats) { if(document.getElementById(main_cats_achieve[x]).style.display=="table") { document.getElementById(main_cats_achieve[x]).style.display="none"; } } } } } </script> <div id="tab_content"> <div id="tab"> <ul> <li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li> <li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['inventory'] . '</a></li> <li><a href="char_extra.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['extra'] . '</a></li> ' . ($char['level'] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['talents'] . '</a></li>') . ' <li><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['reputation'] . '</a></li> <li><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['skills'] . '</a></li> <li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['quests'] . '</a></li>'; if (char_get_class_name($char['class']) === 'Hunter') { $output .= ' <li><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['pets'] . '</a></li>'; } $output .= ' <li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['friends'] . '</a></li> <li><a href="char_spell.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['spells'] . '</a></li> <li><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['mail'] . '</a></li> </ul> <ul>'; // selected char tab at last $output .= ' <li id="selected"><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['achievements'] . '</a></li>'; $output .= ' </ul> </div> <div id="tab_content2"> <font class="bold"> ' . htmlentities($char['name']) . ' - <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /> <img src="img/c_icons/' . $char['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . ' </font> <br /><br />'; //---------------Page Specific Data Starts Here-------------------------- $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); $output .= ' <table class="top_hidden" style="width: 90%;"> <tr> <td width="30%"> </td> %%REPLACE_POINTS%% <td align="right"> <form action="char_achieve.php?id=' . $id . '&realm=' . $realmid . '" method="post" name="form"> ' . $lang_char['show'] . ' : <select name="show_type"> <option value="1"'; if (1 == $show_type) { $output .= ' selected="selected"'; } $output .= '>' . $lang_char['all'] . '</option> <option value="0"'; if (0 == $show_type) { $output .= ' selected="selected"'; } $output .= '>' . $lang_char['earned'] . '</option> <option value="2"'; if (2 == $show_type) { $output .= ' selected="selected"'; } $output .= '>' . $lang_char['incomplete'] . '</option> </select> </form> </td> <td align="right">'; makebutton('View', 'javascript:do_submit()', 130); $output .= ' </td> </tr> </table> <table class="lined" style="width: 90%;"> <tr valign="top"> <td width="30%"> <table class="hidden" style="width: 100%"> <tr> <th align="left"> <div id="divsummary" onclick="expand(\'tsummary\')">[-] ' . $lang_char['summary'] . '</div> </th> </tr> <tr> <td> </td> </tr>'; $result = $sqlc->query('SELECT achievement, date FROM character_achievement WHERE guid = ' . $id . ''); $char_achieve = array(); while ($temp = $sqlc->fetch_assoc($result)) { $char_achieve[$temp['achievement']] = $temp['date']; } $result = $sqlc->query('SELECT achievement, date FROM character_achievement WHERE guid = \'' . $id . '\' order by date DESC limit 4'); $points = 0; $main_cats = achieve_get_main_category($sqlm); $sub_cats = achieve_get_sub_category($sqlm); $output_achieve_main_cat = array(); $output_u_achieve_main_cat = array(); $output_achieve_sub_cat = array(); $output_u_achieve_sub_cat = array(); $js_main_cats = ' var main_cats = new Array(); var main_cats_div = new Array(); var main_cats_name = new Array(); var main_cats_achieve = new Array(); var main_sub_cats = new Array(); var main_sub_cats_div = new Array(); var main_sub_cats_name = new Array(); var main_sub_cats_achieve = new Array();'; foreach ($main_cats as $cat_id => $cat) { if (isset($cat['name01'])) { $i = 0; $output_achieve_main_cat[$cat_id] = ''; $output_u_achieve_main_cat[$cat_id] = ''; $achieve_main_cat = achieve_get_id_category($cat['id'], $sqlm); foreach ($achieve_main_cat as $achieve_id => $cid) { if (isset($achieve_id) && isset($cid['id'])) { if (isset($char_achieve[$cid['id']])) { if (2 > $show_type) { $cid['name01'] = str_replace('&', '&', $cid['name01']); $cid['description01'] = str_replace('&', '&', $cid['description01']); $cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']); $output_achieve_main_cat[$cat_id] .= ' <tr> <td width="1%" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank"> <img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" /> </a> </td> <td colspan="2" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br /> ' . $cid['description01'] . '<br /> ' . $cid['rewarddesc01'] . ' </td> <td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td> <td width="15%" align="right">' . date('o-m-d', $char_achieve[$cid['id']]) . '</td> </tr>'; ++$i; } $points += $cid['rewpoints']; } elseif ($show_type && isset($achieve_id)) { $cid['name01'] = str_replace('&', '&', $cid['name01']); $cid['description01'] = str_replace('&', '&', $cid['description01']); $cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']); $output_u_achieve_main_cat[$cat_id] .= ' <tr> <td width="1%" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank"> <span style="opacity:0.2;"> <img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" /> </span> </a> </td> <td colspan="2" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br /> ' . $cid['description01'] . '<br /> ' . $cid['rewarddesc01'] . ' </td> <td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td> <td width="15%" align="right">' . $lang_char['incomplete'] . '</td> </tr>'; ++$i; } } } unset($achieve_main_cat); $output_achieve_main_cat[$cat_id] = ' <table class="hidden" id="ta' . $cat_id . '" style="width: 100%; display: none;"> <tr> <th colspan="3" align="left">' . $lang_char['achievement_title'] . '</th> <th width="5%">' . $lang_char['achievement_points'] . '</th> <th width="15%">' . $lang_char['achievement_date'] . '</th> </tr>' . $output_achieve_main_cat[$cat_id] . $output_u_achieve_main_cat[$cat_id] . ' </table>'; unset($output_u_achieve_main_cat); $js_main_cats .= ' main_cats_achieve[' . $cat_id . '] = "ta' . $cat_id . '";'; $output_sub_cat = ''; $total_sub_cat = 0; if (isset($sub_cats[$cat['id']])) { $main_sub_cats = $sub_cats[$cat['id']]; foreach ($main_sub_cats as $sub_cat_id => $sub_cat) { if (isset($sub_cat)) { $j = 0; $output_achieve_sub_cat[$sub_cat_id] = ''; $output_u_achieve_sub_cat[$sub_cat_id] = ''; $achieve_sub_cat = achieve_get_id_category($sub_cat_id, $sqlm); foreach ($achieve_sub_cat as $achieve_id => $cid) { if (isset($achieve_id) && isset($cid['id'])) { if (isset($char_achieve[$cid['id']])) { if (2 > $show_type) { $cid['name01'] = str_replace('&', '&', $cid['name01']); $cid['description01'] = str_replace('&', '&', $cid['description01']); $cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']); $output_achieve_sub_cat[$sub_cat_id] .= ' <tr> <td width="1%" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank"> <img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" /> </a> </td> <td colspan="2" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br /> ' . $cid['description01'] . '<br /> ' . $cid['rewarddesc01'] . ' </td> <td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td> <td width="15%" align="right">' . date('o-m-d', $char_achieve[$cid['id']]) . '</td> </tr>'; ++$j; } $points += $cid['rewpoints']; } elseif ($show_type && isset($achieve_id)) { $cid['name01'] = str_replace('&', '&', $cid['name01']); $cid['description01'] = str_replace('&', '&', $cid['description01']); $cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']); $output_u_achieve_sub_cat[$sub_cat_id] .= ' <tr> <td width="1%" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank"> <span style="opacity:0.2;"> <img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" /> </span> </a> </td> <td colspan="2" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br /> ' . $cid['description01'] . '<br /> ' . $cid['rewarddesc01'] . ' </td> <td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td> <td width="15%" align="right">' . $lang_char['incomplete'] . '</td> </tr>'; ++$j; } } } unset($achieve_sub_cat); $total_sub_cat = $total_sub_cat + $j; if ($j) { $sub_cat['name01'] = str_replace('&', '&', $sub_cat['name01']); $output_sub_cat .= ' <tr> <th align="left"> <div id="divs' . $sub_cat_id . '" onclick="expand(\'tsa' . $sub_cat_id . '\');">[+] ' . $sub_cat . ' (' . $j . ')</div> </th> </tr>'; $js_main_cats .= ' main_sub_cats[' . $sub_cat_id . '] = "tsa' . $sub_cat_id . '"; main_sub_cats_div[' . $sub_cat_id . '] = "divs' . $sub_cat_id . '"; main_sub_cats_name[' . $sub_cat_id . '] = "' . $sub_cat . ' (' . $j . ')";'; $output_achieve_sub_cat[$sub_cat_id] = ' <table class="hidden" id="tsa' . $sub_cat_id . '" style="width: 100%; display: none;"> <tr> <th colspan="3" align="left">' . $lang_char['achievement_title'] . '</th> <th width="5%">' . $lang_char['achievement_points'] . '</th> <th width="15%">' . $lang_char['achievement_date'] . '</th> </tr>' . $output_achieve_sub_cat[$sub_cat_id] . $output_u_achieve_sub_cat[$sub_cat_id] . ' </table>'; unset($output_u_achieve_sub_cat); $js_main_cats .= ' main_sub_cats_achieve[' . $sub_cat_id . '] = "tsa' . $sub_cat_id . '";'; } } } unset($main_sub_cats); } if ($total_sub_cat || $i) { $cat['name01'] = str_replace('&', '&', $cat['name01']); $output .= ' <tr> <th align="left"> <div id="div' . $cat_id . '" onclick="expand(\'t' . $cat_id . '\');">[+] ' . $cat['name01'] . ' (' . ($i + $total_sub_cat) . ')</div> </th> </tr> <tr> <td> <table class="hidden" id="t' . $cat_id . '" style="width: 100%; display: none;">' . $output_sub_cat . ' </table> </td> </tr>'; $js_main_cats .= ' main_cats[' . $cat_id . '] = "t' . $cat_id . '"; main_cats_div[' . $cat_id . '] = "div' . $cat_id . '"; main_cats_name[' . $cat_id . '] = "' . $cat['name01'] . ' (' . ($i + $total_sub_cat) . ')";'; } unset($output_sub_cat); } } unset($sub_cats); unset($main_cats); unset($char_achieve); $output = str_replace('%%REPLACE%%', $js_main_cats, $output); unset($js_main_cats); $output = str_replace('%%REPLACE_POINTS%%', ' <td align="right"> ' . $lang_char['achievements'] . ' ' . $lang_char['achievement_points'] . ': ' . $points . ' </td>', $output); unset($point); $output .= ' </table> </td> <td>'; foreach ($output_achieve_main_cat as $temp) { $output .= $temp; } foreach ($output_achieve_sub_cat as $temp) { $output .= $temp; } unset($temp); unset($output_achieve_main_cat); unset($output_achieve_sub_cat); $output .= ' <table class="hidden" id="tsummary" style="width: 100%; display: table;"> <tr> <th colspan="5"> ' . $lang_char['recent'] . ' ' . $lang_char['achievements'] . ' </th> </tr> <tr> <th colspan="3" align="left">' . $lang_char['achievement_title'] . '</th> <th width="5%">' . $lang_char['achievement_points'] . '</th> <th width="15%">' . $lang_char['achievement_date'] . '</th> </tr>'; while ($temp = $sqlc->fetch_assoc($result)) { $cid = achieve_get_details($temp['achievement'], $sqlm); $cid['name01'] = str_replace('&', '&', $cid['name01']); $cid['description01'] = str_replace('&', '&', $cid['description01']); $cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']); $output .= ' <tr> <td width="1%" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank"> <img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" /> </a> </td> <td colspan="2" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br /> ' . $cid['description01'] . '<br /> ' . $cid['rewarddesc01'] . ' </td> <td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td> <td width="15%" align="right">' . date('o-m-d', $temp['date']) . '</td> </tr>'; } unset($cid); unset($temp); unset($result); $output .= ' </table> </td>'; //---------------Page Specific Data Ends here---------------------------- //---------------Character Tabs Footer----------------------------------- $output .= ' </tr> </table> </div> </div> <br /> <table class="hidden"> <tr> <td>'; // button to user account page, user account page has own security makebutton($lang_char['chars_acc'], 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130); $output .= ' </td> <td>'; // only higher level GM with delete access can edit character // character edit allows removal of character items, so delete permission is needed if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete']) { makebutton($lang_char['edit_button'], 'char_edit.php?id=' . $id . '&realm=' . $realmid . '', 130); $output .= ' </td> <td>'; } // only higher level GM with delete access, or character owner can delete character if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete'] || $owner_name === $user_name) { makebutton($lang_char['del_char'], 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130); $output .= ' </td> <td>'; } // only GM with update permission can send mail, mail can send items, so update permission is needed if ($user_lvl >= $action_permission['update']) { makebutton($lang_char['send_mail'], 'mail.php?type=ingame_mail&to=' . $char['name'] . '', 130); $output .= ' </td> <td>'; } makebutton($lang_global['back'], 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> <br /> </center> <!-- end of char_achieve.php -->'; } else { error($lang_char['no_permission']); } } else { error($lang_char['no_char_found']); } }