/**
* Command for current user to purchase a quantity of a specific item
*
* @param quantity int The quantity of the item to purchase
* @param item string The identity of the item to purchase
* @return Array
*/
public function buy()
{
$in_quantity = in('quantity');
$in_item = in('item');
$gold = get_gold($this->sessionData['char_id']);
$current_item_cost = 0;
$no_funny_business = false;
// Pull the item info from the database
$item_costs = $this->itemForSaleCosts();
$item = getItemByID(item_id_from_display_name($in_item));
$quantity = whichever(positive_int($in_quantity), 1);
$item_text = null;
if ($item instanceof Item) {
$item_text = $quantity > 1 ? $item->getPluralName() : $item->getName();
$purchaseOrder = new PurchaseOrder();
// Determine the quantity from input or as a fallback, default of 1.
$purchaseOrder->quantity = $quantity;
$purchaseOrder->item = $item;
$potential_cost = isset($item_costs[$purchaseOrder->item->identity()]['item_cost']) ? $item_costs[$purchaseOrder->item->identity()]['item_cost'] : null;
$current_item_cost = first_value($potential_cost, 0);
$current_item_cost = $current_item_cost * $purchaseOrder->quantity;
if (!$this->sessionData['char_id'] || !$purchaseOrder->item || $purchaseOrder->quantity < 1) {
$no_funny_business = true;
} else {
if ($gold >= $current_item_cost) {
// Has enough gold.
try {
add_item($this->sessionData['char_id'], $purchaseOrder->item->identity(), $purchaseOrder->quantity);
subtract_gold($this->sessionData['char_id'], $current_item_cost);
} catch (\Exception $e) {
$invalid_item = $e->getMessage();
error_log('Invalid Item attempted :' . $invalid_item);
$no_funny_business = true;
}
}
}
} else {
$no_funny_business = true;
}
$parts = array('current_item_cost' => $current_item_cost, 'quantity' => $quantity, 'item_text' => $item_text, 'no_funny_business' => $no_funny_business, 'view_part' => 'buy');
return $this->render($parts);
}
if (!$logged) {
$errormessage .= 'Please login first.';
} else {
$buy_id = (int) $_POST['buy_id'];
$buy_name = trim($_POST['buy_name']);
$buy_from = trim($_POST['buy_from']);
if (empty($buy_from)) {
$buy_from = 'Anonymous';
}
if (empty($buy_id)) {
$errormessage .= 'Please <a href="?subtopic=shopsystem">select item</a> first.';
} else {
if (!check_name($buy_from)) {
$errormessage .= 'Invalid nick ("from player") format. Please <a href="?subtopic=shopsystem&action=select_player&buy_id=' . $buy_id . '">select other name</a> or contact with administrator.';
} else {
$buy_offer = getItemByID($buy_id);
if (isset($buy_offer['id'])) {
if ($user_premium_points >= $buy_offer['points']) {
if (check_name($buy_name)) {
$buy_player = new Player();
$buy_player->find($buy_name);
if ($buy_player->isLoaded()) {
$buy_player_account = $buy_player->getAccount();
if ($_SESSION['viewed_confirmation_page'] == 'yes' && $_POST['buy_confirmed'] == 'yes') {
if ($buy_offer['type'] == 'item') {
$sql = 'INSERT INTO ' . $SQL->tableName('z_ots_comunication') . ' (' . $SQL->fieldName('id') . ',' . $SQL->fieldName('name') . ',' . $SQL->fieldName('type') . ',' . $SQL->fieldName('action') . ',' . $SQL->fieldName('param1') . ',' . $SQL->fieldName('param2') . ',' . $SQL->fieldName('param3') . ',' . $SQL->fieldName('param4') . ',' . $SQL->fieldName('param5') . ',' . $SQL->fieldName('param6') . ',' . $SQL->fieldName('param7') . ',' . $SQL->fieldName('delete_it') . ') VALUES (NULL, ' . $SQL->quote($buy_player->getName()) . ', ' . $SQL->quote('login') . ', ' . $SQL->quote('give_item') . ', ' . $SQL->quote($buy_offer['item_id']) . ', ' . $SQL->quote($buy_offer['item_count']) . ', ' . $SQL->quote('') . ', ' . $SQL->quote('') . ', ' . $SQL->quote('item') . ', ' . $SQL->quote($buy_offer['name']) . ', ' . $SQL->quote($buy_offer['id']) . ', ' . $SQL->quote(1) . ');';
$SQL->query($sql);
$save_transaction = 'INSERT INTO ' . $SQL->tableName('z_shop_history_item') . ' (' . $SQL->fieldName('id') . ',' . $SQL->fieldName('to_name') . ',' . $SQL->fieldName('to_account') . ',' . $SQL->fieldName('from_nick') . ',' . $SQL->fieldName('from_account') . ',' . $SQL->fieldName('price') . ',' . $SQL->fieldName('offer_id') . ',' . $SQL->fieldName('trans_state') . ',' . $SQL->fieldName('trans_start') . ',' . $SQL->fieldName('trans_real') . ') VALUES (' . $SQL->lastInsertId() . ', ' . $SQL->quote($buy_player->getName()) . ', ' . $SQL->quote($buy_player_account->getId()) . ', ' . $SQL->quote($buy_from) . ', ' . $SQL->quote($account_logged->getId()) . ', ' . $SQL->quote($buy_offer['points']) . ', ' . $SQL->quote($buy_offer['name']) . ', ' . $SQL->quote('wait') . ', ' . $SQL->quote(time()) . ', ' . $SQL->quote(0) . ');';
$SQL->query($save_transaction);
$account_logged->setCustomField('premium_points', $user_premium_points - $buy_offer['points']);
$user_premium_points = $user_premium_points - $buy_offer['points'];
/**
* Creates a feed object from the URL parameters fetched only
*
*/
function __construct($options = NULL)
{
global $_zp_gallery, $_zp_current_admin_obj, $_zp_loggedin;
if (empty($options)) {
self::feed404();
}
$this->feedtype = $options['external'];
$this->key = @$options['accesskey'];
parent::__construct($options);
if ($this->key) {
$result = query_single_row('SELECT * FROM ' . prefix('plugin_storage') . ' WHERE `type`="externalFeed" AND `data`=' . db_quote($this->key));
if (!$result) {
$this->key = NULL;
}
}
if (!$this->key && $this->feedtype != 'site_closed') {
self::feed404();
}
// general feed setup
$channeltitlemode = getOption('externalFeed_title');
$this->host = html_encode($_SERVER["HTTP_HOST"]);
//channeltitle general
switch ($channeltitlemode) {
case 'gallery':
$this->channel_title = $_zp_gallery->getBareTitle($this->locale);
break;
case 'website':
$this->channel_title = getBare($_zp_gallery->getWebsiteTitle($this->locale));
break;
case 'both':
$website_title = $_zp_gallery->getWebsiteTitle($this->locale);
$this->channel_title = $_zp_gallery->getBareTitle($this->locale);
if (!empty($website_title)) {
$this->channel_title = $website_title . ' - ' . $this->channel_title;
}
break;
}
// individual feedtype setup
switch ($this->feedtype) {
case 'gallery':
if (!getOption('externalFeed_album_image')) {
self::feed404();
}
$albumname = $this->getChannelTitleExtra();
if ($this->albumfolder) {
$alb = newAlbum($this->albumfolder, true, true);
if ($alb->exists) {
$albumtitle = $alb->getTitle();
if ($this->mode == 'albums' || $this->collection) {
$albumname = ' - ' . html_encode($albumtitle) . $this->getChannelTitleExtra();
}
} else {
self::feed404();
}
} else {
$albumtitle = '';
}
$albumname = $this->getChannelTitleExtra();
$this->channel_title = html_encode($this->channel_title . ' ' . getBare($albumname));
$this->imagesize = $this->getImageSize();
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/image_album_statistics.php';
break;
case 'news':
//Zenpage News
if (!getOption('externalFeed_articles')) {
self::feed404();
}
$titleappendix = gettext(' (Latest news)');
switch ($this->sortorder) {
case 'popular':
$titleappendix = gettext(' (Most popular news)');
break;
case 'mostrated':
$titleappendix = gettext(' (Most rated news)');
break;
case 'toprated':
$titleappendix = gettext(' (Top rated news)');
break;
case 'random':
$titleappendix = gettext(' (Random news)');
break;
}
$this->channel_title = html_encode($this->channel_title . $this->cattitle . $titleappendix);
$this->imagesize = $this->getImageSize();
$this->itemnumber = getOption("externalFeed_zenpage_items");
// # of Items displayed on the feed
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/image_album_statistics.php';
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/zenpage/zenpage-template-functions.php';
break;
case 'pages':
//Zenpage News
if (!getOption('externalFeed_pages')) {
self::feed404();
}
switch ($this->sortorder) {
case 'popular':
$titleappendix = gettext(' (Most popular pages)');
break;
case 'mostrated':
$titleappendix = gettext(' (Most rated pages)');
break;
case 'toprated':
$titleappendix = gettext(' (Top rated pages)');
break;
case 'random':
$titleappendix = gettext(' (Random pages)');
break;
default:
$titleappendix = gettext(' (Latest pages)');
break;
}
$this->channel_title = html_encode($this->channel_title . $titleappendix);
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/zenpage/zenpage-template-functions.php';
break;
case 'comments':
//Comments
if (!getOption('externalFeed_comments')) {
self::feed404();
}
if ($this->id) {
switch ($this->commentfeedtype) {
case 'album':
$table = 'albums';
break;
case 'image':
$table = 'images';
break;
case 'news':
$table = 'news';
break;
case 'page':
$table = 'pages';
break;
default:
self::feed404();
break;
}
$this->itemobj = getItemByID($table, $this->id);
if ($this->itemobj) {
$title = ' - ' . $this->itemobj->getTitle();
} else {
self::feed404();
}
} else {
$this->itemobj = NULL;
$title = NULL;
}
$this->channel_title = html_encode($this->channel_title . $title . gettext(' (latest comments)'));
if (extensionEnabled('zenpage')) {
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/zenpage/zenpage-template-functions.php';
}
break;
case 'null':
//we just want the class instantiated
return;
}
$this->feeditems = $this->getitems();
}
/**
* Gets an item object by id
*
* @param string $table database table to search
* @param int $id id of the item to get
* @return mixed
*/
function getItemByID($table, $id)
{
if ($result = query_single_row('SELECT * FROM ' . prefix($table) . ' WHERE id =' . (int) $id)) {
switch ($table) {
case 'images':
if ($alb = getItemByID('albums', $result['albumid'])) {
return newImage($alb, $result['filename'], true);
}
break;
case 'albums':
return newAlbum($result['folder'], false, true);
case 'news':
return new ZenpageNews($result['titlelink']);
case 'pages':
return new ZenpagePage($result['titlelink']);
case 'news_categories':
return new ZenpageCategory($result['titlelink']);
}
}
return NULL;
}
/**
* Creates a feed object from the URL parameters fetched only
*
*/
function __construct($options = NULL)
{
global $_zp_gallery, $_zp_current_admin_obj, $_zp_loggedin;
if (empty($options)) {
self::feed404();
}
$this->feedtype = $options['rss'];
parent::__construct($options);
if (isset($options['token'])) {
// The link camed from a logged in user, see if it is valid
$link = $options;
unset($link['token']);
$token = Zenphoto_Authority::passwordHash(serialize($link), '');
if ($token == $options['token']) {
$adminobj = Zenphoto_Authority::getAnAdmin(array('`id`=' => (int) $link['user']));
if ($adminobj) {
$_zp_current_admin_obj = $adminobj;
$_zp_loggedin = $_zp_current_admin_obj->getRights();
}
}
}
// general feed setup
$channeltitlemode = getOption('RSS_title');
$this->host = html_encode($_SERVER["HTTP_HOST"]);
//channeltitle general
switch ($channeltitlemode) {
case 'gallery':
$this->channel_title = $_zp_gallery->getBareTitle($this->locale);
break;
case 'website':
$this->channel_title = getBare($_zp_gallery->getWebsiteTitle($this->locale));
break;
case 'both':
$website_title = $_zp_gallery->getWebsiteTitle($this->locale);
$this->channel_title = $_zp_gallery->getBareTitle($this->locale);
if (!empty($website_title)) {
$this->channel_title = $website_title . ' - ' . $this->channel_title;
}
break;
}
// individual feedtype setup
switch ($this->feedtype) {
case 'gallery':
if (!getOption('RSS_album_image')) {
self::feed404();
}
$albumname = $this->getChannelTitleExtra();
if ($this->albumfolder) {
$alb = newAlbum($this->albumfolder, true, true);
if ($alb->exists) {
$albumtitle = $alb->getTitle();
if ($this->mode == 'albums' || $this->collection) {
$albumname = ' - ' . html_encode($albumtitle) . $this->getChannelTitleExtra();
}
} else {
self::feed404();
}
} else {
$albumtitle = '';
}
$albumname = $this->getChannelTitleExtra();
$this->channel_title = html_encode($this->channel_title . ' ' . getBare($albumname));
$this->imagesize = $this->getImageSize();
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/image_album_statistics.php';
break;
case 'news':
//Zenpage News RSS
if (!getOption('RSS_articles')) {
self::feed404();
}
$titleappendix = gettext(' (Latest news)');
switch ($this->newsoption) {
case 'withalbums':
case 'withalbums_mtime':
case 'withalbums_publishdate':
case 'withalbums_latestupdated':
$titleappendix = gettext(' (Latest news and albums)');
break;
case 'withimages':
case 'withimages_mtime':
case 'withimages_publishdate':
$titleappendix = gettext(' (Latest news and images)');
break;
default:
switch ($this->sortorder) {
case 'popular':
$titleappendix = gettext(' (Most popular news)');
break;
case 'mostrated':
$titleappendix = gettext(' (Most rated news)');
break;
case 'toprated':
$titleappendix = gettext(' (Top rated news)');
break;
case 'random':
$titleappendix = gettext(' (Random news)');
break;
}
break;
}
$this->channel_title = html_encode($this->channel_title . $this->cattitle . $titleappendix);
$this->imagesize = $this->getImageSize();
$this->itemnumber = getOption("RSS_zenpage_items");
// # of Items displayed on the feed
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/image_album_statistics.php';
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/zenpage/zenpage-template-functions.php';
break;
case 'pages':
//Zenpage News RSS
if (!getOption('RSS_pages')) {
self::feed404();
}
switch ($this->sortorder) {
case 'popular':
$titleappendix = gettext(' (Most popular pages)');
break;
case 'mostrated':
$titleappendix = gettext(' (Most rated pages)');
break;
case 'toprated':
$titleappendix = gettext(' (Top rated pages)');
break;
case 'random':
$titleappendix = gettext(' (Random pages)');
break;
default:
$titleappendix = gettext(' (Latest pages)');
break;
}
$this->channel_title = html_encode($this->channel_title . $titleappendix);
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/zenpage/zenpage-template-functions.php';
break;
case 'comments':
//Comments RSS
if (!getOption('RSS_comments')) {
self::feed404();
}
if ($this->id) {
switch ($this->commentfeedtype) {
case 'album':
$table = 'albums';
break;
case 'image':
$table = 'images';
break;
case 'news':
$table = 'news';
break;
case 'page':
$table = 'pages';
break;
default:
self::feed404();
break;
}
$this->itemobj = getItemByID($table, $this->id);
if ($this->itemobj) {
$title = ' - ' . $this->itemobj->getTitle();
} else {
self::feed404();
}
} else {
$this->itemobj = NULL;
$title = NULL;
}
$this->channel_title = html_encode($this->channel_title . $title . gettext(' (latest comments)'));
if (extensionEnabled('zenpage')) {
require_once SERVERPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/zenpage/zenpage-template-functions.php';
}
break;
case 'null':
//we just want the class instantiated
return;
}
$this->feeditems = $this->getitems();
}
$link = '<a href = "' . $obj->getLink() . '#zp_comment_id_' . $id . '">[' . gettext("article") . '] ' . $obj->getTitle() . "</a> ";
}
}
break;
case "pages":
// ZENPAGE: if plugin is installed
if (extensionEnabled('zenpage')) {
$obj = getItemByID('pages', $comment['ownerid']);
if ($obj) {
$link = "<a href=\"" . $obj->getLink() . '#zp_comment_id_' . $id . '">[' . gettext("page") . '] ' . $obj->getTitle() . "</a>";
}
}
break;
default:
// all the image types
$obj = getItemByID('images', $comment['ownerid']);
if ($obj) {
$link = "<a href=\"" . $obj->getLink() . '#zp_comment_id_' . $id . '">[' . gettext('image') . '] ' . $obj->getTitle() . "</a>";
}
break;
}
$date = myts_date('%m/%d/%Y %I:%M %p', $comment['date']);
$website = $comment['website'];
$fullcomment = sanitize($comment['comment'], 2);
$shortcomment = truncate_string(getBare($fullcomment), 123);
$inmoderation = $comment['inmoderation'];
$private = $comment['private'];
$anon = $comment['anon'];
?>
<tr class="newstr">
<td><?php
/**
* Use an item on a target
* @note /use/ is aliased to useItem externally because use is a php reserved keyword
*/
public function useItem($give = false, $self_use = false)
{
// Formats are:
// http://nw.local/item/self_use/amanita/
// http://nw.local/item/use/shuriken/10/
// http://nw.local/item/give/shuriken/10/
// http://nw.local/item/use/shuriken/156001/
$slugs = $this->parse_slugs($give, $self_use);
// Pull the parsed slugs
$link_back = $slugs['link_back'];
$selfTarget = $slugs['selfTarget'];
$item_in = $slugs['item_in'];
// Item identifier, either it's id or internal name
$in_target = $slugs['in_target'];
$give = $slugs['give'];
$target = $in_target;
if (positive_int($in_target)) {
$target_id = positive_int($target);
} else {
$target_id = get_char_id($target);
}
$give = in_array($give, array('on', 'Give'));
$player = new Player(self_char_id());
$victim_alive = true;
$using_item = true;
$item_used = true;
$stealthLost = false;
$error = false;
$suicide = false;
$kill = false;
$repeat = false;
$ending_turns = null;
$turns_change = null;
$turns_to_take = null;
$gold_mod = NULL;
$result = NULL;
$targetResult = NULL;
// result message to send to target of item use
$targetName = '';
$targetHealth = '';
$bountyMessage = '';
$resultMessage = '';
$alternateResultMessage = '';
if ($item_in == (int) $item_in && is_numeric($item_in)) {
// Can be cast to an id.
$item = $item_obj = getItemByID($item_in);
} elseif (is_string($item_in)) {
$item = $item_obj = $this->getItemByIdentity($item_in);
} else {
$item = null;
}
if (!is_object($item)) {
return new RedirectResponse(WEB_ROOT . 'inventory?error=noitem');
} else {
$item_count = $this->itemCount($player->id(), $item);
// Check whether use on self is occurring.
$self_use = $selfTarget || $target_id === $player->id();
if ($self_use) {
$target = $player->name();
$targetObj = $player;
} else {
if ($target_id) {
$targetObj = new Player($target_id);
$target = $targetObj->name();
}
}
$starting_turns = $player->turns;
$username_turns = $starting_turns;
$username_level = $player->level;
if ($targetObj instanceof Player && $targetObj->id()) {
$targets_turns = $targetObj->turns;
$targets_level = $targetObj->level;
$target_hp = $targetObj->health;
} else {
$targets_turns = $targets_level = $target_hp = null;
}
$max_power_increase = 10;
$level_difference = $targets_level - $username_level;
$level_check = $username_level - $targets_level;
$near_level_power_increase = $this->nearLevelPowerIncrease($level_difference, $max_power_increase);
// Sets the page to link back to.
if ($target_id && ($link_back == "" || $link_back == 'player') && $target_id != $player->id()) {
$return_to = 'player';
} else {
$return_to = 'inventory';
}
// Exceptions to the rules, using effects.
if ($item->hasEffect('wound')) {
// Minor damage by default items.
$item->setTargetDamage(rand(1, $item->getMaxDamage()));
// DEFAULT, overwritable.
// e.g. Shuriken slices, for some reason.
if ($item->hasEffect('slice')) {
// Minor slicing damage.
$item->setTargetDamage(rand(1, max(9, $player->getStrength() - 4)) + $near_level_power_increase);
}
// Piercing weapon, and actually does any static damage.
if ($item->hasEffect('pierce')) {
// Minor static piercing damage, e.g. 1-50 plus the near level power increase.
$item->setTargetDamage(rand(1, $item->getMaxDamage()) + $near_level_power_increase);
}
// Increased damage from damaging effects, minimum of 20.
if ($item->hasEffect('fire')) {
// Major fire damage
$item->setTargetDamage(rand(20, $player->getStrength() + 20) + $near_level_power_increase);
}
}
// end of wounds section.
// Exclusive speed/slow turn changes.
if ($item->hasEffect('slow')) {
$item->setTurnChange(-1 * $this->caltropTurnLoss($targets_turns, $near_level_power_increase));
} else {
if ($item->hasEffect('speed')) {
$item->setTurnChange($item->getMaxTurnChange());
}
}
$turn_change = $item_obj->getTurnChange();
$itemName = $item->getName();
$itemType = $item->getType();
$article = self::getIndefiniteArticle($item_obj->getName());
if ($give) {
$turn_cost = 1;
$using_item = false;
} else {
$turn_cost = $item->getTurnCost();
}
// Attack Legal section
$attacker = $player->name();
$params = ['required_turns' => $turn_cost, 'ignores_stealth' => $item_obj->ignoresStealth(), 'self_use' => $item->isSelfUsable()];
assert(!!$selfTarget || $attacker != $target);
$AttackLegal = new AttackLegal($player, $targetObj, $params);
$attack_allowed = $AttackLegal->check();
$attack_error = $AttackLegal->getError();
// *** Any ERRORS prevent attacks happen here ***
if (!$attack_allowed) {
//Checks for error conditions before starting.
$error = 1;
} else {
if (is_string($item) || $target == "") {
$error = 2;
} else {
if ($item_count < 1) {
$error = 3;
} else {
/**** MAIN SUCCESSFUL USE ****/
if ($give) {
$this->giveItem($player->name(), $target, $item->getName());
$alternateResultMessage = "__TARGET__ will receive your {$item->getName()}.";
} else {
if (!$item->isOtherUsable()) {
// If it doesn't do damage or have an effect, don't use up the item.
$resultMessage = $result = 'This item is not usable on __TARGET__, so it remains unused.';
$item_used = false;
$using_item = false;
} else {
if ($item->hasEffect('stealth')) {
$targetObj->addStatus(STEALTH);
$alternateResultMessage = "__TARGET__ is now stealthed.";
$targetResult = ' be shrouded in smoke.';
}
if ($item->hasEffect('vigor')) {
if ($targetObj->hasStatus(STR_UP1)) {
$result = "__TARGET__'s body cannot become more vigorous!";
$item_used = false;
$using_item = false;
} else {
$targetObj->addStatus(STR_UP1);
$result = "__TARGET__'s muscles experience a strange tingling.";
}
}
if ($item->hasEffect('strength')) {
if ($targetObj->hasStatus(STR_UP2)) {
$result = "__TARGET__'s body cannot become any stronger!";
$item_used = false;
$using_item = false;
} else {
$targetObj->addStatus(STR_UP2);
$result = "__TARGET__ feels a surge of power!";
}
}
// Slow and speed effects are exclusive.
if ($item->hasEffect('slow')) {
$turns_change = $item->getTurnChange();
if ($targetObj->hasStatus(SLOW)) {
// If the effect is already in play, it will have a decreased effect.
$turns_change = ceil($turns_change * 0.3);
$alternateResultMessage = "__TARGET__ is already moving slowly.";
} else {
if ($targetObj->hasStatus(FAST)) {
$targetObj->subtractStatus(FAST);
$alternateResultMessage = "__TARGET__ is no longer moving quickly.";
} else {
$targetObj->addStatus(SLOW);
$alternateResultMessage = "__TARGET__ begins to move slowly...";
}
}
if ($turns_change == 0) {
$alternateResultMessage .= " You fail to take any turns from __TARGET__.";
}
$targetResult = " lose " . abs($turns_change) . " turns.";
$targetObj->subtractTurns($turns_change);
} else {
if ($item->hasEffect('speed')) {
// Note that speed and slow effects are exclusive.
$turns_change = $item->getTurnChange();
if ($targetObj->hasStatus(FAST)) {
// If the effect is already in play, it will have a decreased effect.
$turns_change = ceil($turns_change * 0.5);
$alternateResultMessage = "__TARGET__ is already moving quickly.";
} else {
if ($targetObj->hasStatus(SLOW)) {
$targetObj->subtractStatus(SLOW);
$alternateResultMessage = "__TARGET__ is no longer moving slowly.";
} else {
$targetObj->addStatus(FAST);
$alternateResultMessage = "__TARGET__ begins to move quickly!";
}
}
// Actual turn gain is 1 less because 1 is used each time you use an item.
$targetResult = " gain {$turns_change} turns.";
$targetObj->changeTurns($turns_change);
// Still adding some turns.
}
}
if ($item->getTargetDamage() > 0) {
// *** HP Altering ***
$alternateResultMessage .= " __TARGET__ takes " . $item->getTargetDamage() . " damage.";
if ($self_use) {
$result .= "You take " . $item->getTargetDamage() . " damage!";
} else {
if (strlen($targetResult) > 0) {
$targetResult .= " You also";
// Join multiple targetResult messages.
}
$targetResult .= " take " . $item->getTargetDamage() . " damage!";
}
$victim_alive = $targetObj->subtractHealth($item->getTargetDamage());
// This is the other location that $victim_alive is set, to determine whether the death proceedings should occur.
}
if ($item->hasEffect('death')) {
$targetObj->death();
$resultMessage = "The life force drains from __TARGET__ and they drop dead before your eyes!";
$victim_alive = false;
$targetResult = " be drained of your life-force and die!";
$gold_mod = 0.25;
//The Dim Mak takes away 25% of a targets' gold.
}
if ($turns_change !== null) {
// Even if $turns_change is set to zero, let them know that.
if ($turns_change > 0) {
$resultMessage .= "__TARGET__ has gained back {$turns_change} turns!";
} else {
if ($turns_change === 0) {
$resultMessage .= "__TARGET__ did not lose any turns!";
} else {
$resultMessage .= "__TARGET__ has lost " . abs($turns_change) . " turns!";
}
if ($targetObj->turns <= 0) {
// Message when a target has no more turns to remove.
$resultMessage .= " __TARGET__ no longer has any turns.";
}
}
}
if (empty($resultMessage) && !empty($result)) {
$resultMessage = $result;
}
if (!$victim_alive) {
// Target was killed by the item.
if (!$self_use) {
// *** SUCCESSFUL KILL, not self-use of an item ***
$attacker_id = $player->hasStatus(STEALTH) ? "A Stealthed Ninja" : $player->name();
if (!$gold_mod) {
$gold_mod = 0.15;
}
$initial_gold = $targetObj->gold();
$loot = floor($gold_mod * $initial_gold);
$targetObj->set_gold($initial_gold - $loot);
$player->set_gold($player->gold() + $loot);
$player->save();
$targetObj->save();
$player->addKills(1);
$kill = true;
$bountyMessage = Combat::runBountyExchange($player->name(), $target);
//Rewards or increases bounty.
} else {
$loot = 0;
$suicide = true;
}
// Send mails if the target was killed.
$this->sendKillMails($player->name(), $target, $attacker_id, $article, $item->getName(), $loot);
} else {
// They weren't killed.
$attacker_id = $player->name();
}
if (!$self_use && $item_used) {
if (!$targetResult) {
error_log('Debug: Issue 226 - An attack was made using ' . $item->getName() . ', but no targetResult message was set.');
}
// Notify targets when they get an item used on them.
$message_to_target = "{$attacker_id} has used {$article} {$item->getName()} on you";
if ($targetResult) {
$message_to_target .= " and caused you to {$targetResult}";
} else {
$message_to_target .= '.';
}
send_event($player->id(), $target_id, str_replace(' ', ' ', $message_to_target));
}
// Unstealth
if (!$item->isCovert() && !$item->hasEffect('stealth') && $player->hasStatus(STEALTH)) {
//non-covert acts
$player->subtractStatus(STEALTH);
$stealthLost = true;
} else {
$stealthLost = false;
}
}
}
$targetName = $targetObj->uname;
$targetHealth = $targetObj->health;
$turns_to_take = 1;
if ($item_used) {
// *** remove Item ***
removeItem($player->id(), $item->getName(), 1);
// *** Decreases the item amount by 1.
}
if ($victim_alive && $using_item) {
$repeat = true;
}
}
}
}
// *** Take away at least one turn even on attacks that fail to prevent page reload spamming ***
if ($turns_to_take < 1) {
$turns_to_take = 1;
}
$ending_turns = $player->subtractTurns($turns_to_take);
assert($item->hasEffect('speed') || $ending_turns < $starting_turns || $starting_turns == 0);
return ['template' => 'inventory_mod.tpl', 'title' => 'Use Item', 'parts' => get_defined_vars(), 'options' => ['body_classes' => 'inventory-use', 'quickstat' => 'player']];
}
// Item was not valid object
}
function listDBUses($pattern)
{
$lookfor = array('images', 'albums', 'news', 'pages');
$found = array();
foreach ($lookfor as $table) {
echo '<br /><strong>' . sprintf(gettext('%s table'), $table) . '</strong>';
$output = false;
$sql = 'SELECT * FROM ' . prefix($table) . ' WHERE `codeblock` <> "" and `codeblock` IS NOT NULL and `codeblock`!="a:0:{}"';
$result = query($sql);
while ($row = db_fetch_assoc($result)) {
$codeblocks = getSerializedArray($row['codeblock']);
foreach ($codeblocks as $key => $codeblock) {
switch ($table) {
case 'news':
case 'pages':
$what = $row['titlelink'] . '::' . $key;
break;
case 'images':
$album = getItemByID('albums', $row['albumid']);
$what = $album->name . ':' . $row['filename'] . '::' . $key;
break;
case 'albums':
$what = $row['folder'] . '::' . $key;
break;
}
if (formatList($what, $codeblock, $pattern)) {
$output = true;
}
}
}
if ($output) {
echo '</ul>';
} else {
?>
<p class="messagebox"><?php
echo gettext('No calls on deprecated functions were found.');
?>
</p>
<?php
}
}
return $output;
}
function recordMissing($table, $row, $image)
{
global $missingImages;
$obj = getItemByID($table, $row['id']);
$missingImages[] = '<a href="' . $obj->getLink() . '">' . $obj->getTitle() . '</a> (' . html_encode($image) . ')<br />';
}
if (isset($result['EXIFGPSLatitude'])) {
$where .= ' OR (`GPSLatitude` IS NULL AND NOT `EXIFGPSLatitude` IS NULL)';
} else {
if (isset($result['EXIFGPSLongitude'])) {
$where .= ' OR (`GPSLongitude` IS NULL AND NOT `EXIFGPSLongitude` IS NULL)';
} else {
if (isset($result['EXIFGPSAltitude'])) {
$where .= ' OR (`GPSAltitude` IS NULL AND NOT `EXIFGPSAltitude` IS NULL)';
}
}
}
if (!empty($where)) {
$sql = 'SELECT `id` FROM ' . prefix('images') . ' WHERE ' . $where;
$result = query($sql);
while ($row = db_fetch_assoc($result)) {
$img = getItemByID('images', $row['id']);
foreach (array('EXIFGPSLatitude', 'EXIFGPSLongitude') as $source) {
$data = $img->get($source);
if (!empty($data)) {
if (in_array(strtoupper($img->get($source . 'Ref')), array('S', 'W'))) {
$data = -$data;
}
$img->set(substr($source, 4), $data);
}
}
$alt = $img->get('EXIFGPSAltitude');
if (!empty($alt)) {
if ($img->get('EXIFGPSAltitudeRef') == '-') {
$alt = -$alt;
}
$img->set('GPSAltitude', $alt);
/** For every album in the gallery, look for its file. Delete from the database
* if the file does not exist. Do the same for images. Clean up comments that have
* been left orphaned.
*
* Returns true if the operation was interrupted because it was taking too long
*
* @param bool $cascade garbage collect every image and album in the gallery.
* @param bool $complete garbage collect every image and album in the *database* - completely cleans the database.
* @param int $restart Image ID to restart scan from
* @return bool
*/
function garbageCollect($cascade = true, $complete = false, $restart = '')
{
global $_zp_gallery, $_zp_authority;
if (empty($restart)) {
setOption('last_garbage_collect', time());
/* purge old search cache items */
$sql = 'DELETE FROM ' . prefix('search_cache');
if (!$complete) {
$sql .= ' WHERE `date`<' . db_quote(date('Y-m-d H:m:s', time() - SEARCH_CACHE_DURATION * 60));
}
$result = query($sql);
/* clean the comments table */
$this->commentClean('images');
$this->commentClean('albums');
$this->commentClean('news');
$this->commentClean('pages');
// clean up obj_to_tag
$dead = array();
$result = query("SELECT * FROM " . prefix('obj_to_tag'));
if ($result) {
while ($row = db_fetch_assoc($result)) {
$tbl = $row['type'];
$dbtag = query_single_row("SELECT `id` FROM " . prefix('tags') . " WHERE `id`='" . $row['tagid'] . "'", false);
if (!$dbtag) {
$dead[] = $row['id'];
}
$dbtag = query_single_row("SELECT `id` FROM " . prefix($tbl) . " WHERE `id`='" . $row['objectid'] . "'", false);
if (!$dbtag) {
$dead[] = $row['id'];
}
}
db_free_result($result);
}
if (!empty($dead)) {
$dead = array_unique($dead);
query('DELETE FROM ' . prefix('obj_to_tag') . ' WHERE `id`=' . implode(' OR `id`=', $dead));
}
// clean up admin_to_object
$dead = array();
$result = query("SELECT * FROM " . prefix('admin_to_object'));
if ($result) {
while ($row = db_fetch_assoc($result)) {
if (!$_zp_authority->validID($row['adminid'])) {
$dead[] = $row['id'];
}
$tbl = $row['type'];
$dbtag = query_single_row("SELECT `id` FROM " . prefix($tbl) . " WHERE `id`='" . $row['objectid'] . "'", false);
if (!$dbtag) {
$dead[] = $row['id'];
}
}
db_free_result($result);
}
if (!empty($dead)) {
$dead = array_unique($dead);
query('DELETE FROM ' . prefix('admin_to_object') . ' WHERE `id`=' . implode(' OR `id`=', $dead));
}
// clean up news2cat
$dead = array();
$result = query("SELECT * FROM " . prefix('news2cat'));
if ($result) {
while ($row = db_fetch_assoc($result)) {
$dbtag = query_single_row("SELECT `id` FROM " . prefix('news') . " WHERE `id`='" . $row['news_id'] . "'", false);
if (!$dbtag) {
$dead[] = $row['id'];
}
$dbtag = query_single_row("SELECT `id` FROM " . prefix('news_categories') . " WHERE `id`='" . $row['cat_id'] . "'", false);
if (!$dbtag) {
$dead[] = $row['id'];
}
}
db_free_result($result);
}
if (!empty($dead)) {
$dead = array_unique($dead);
query('DELETE FROM ' . prefix('news2cat') . ' WHERE `id`=' . implode(' OR `id`=', $dead));
}
// Check for the existence albums
$dead = array();
$live = array('');
// purge the root album if it exists
$deadalbumthemes = array();
// Load the albums from disk
$result = query("SELECT * FROM " . prefix('albums'));
while ($row = db_fetch_assoc($result)) {
$albumpath = internalToFilesystem($row['folder']);
$albumpath_valid = preg_replace('~/\\.*/~', '/', $albumpath);
$albumpath_valid = ltrim(trim($albumpath_valid, '/'), './');
$illegal = $albumpath != $albumpath_valid;
$valid = file_exists(ALBUM_FOLDER_SERVERPATH . $albumpath_valid) && (hasDynamicAlbumSuffix($albumpath_valid) || is_dir(ALBUM_FOLDER_SERVERPATH . $albumpath_valid));
if ($valid && $illegal) {
// maybe there is only one record so we can fix it.
$valid = query('UPDATE ' . prefix('albums') . ' SET `folder`=' . db_quote($albumpath_valid) . ' WHERE `id`=' . $row['id'], false);
debugLog(sprintf(gettext('Invalid album folder: %1$s %2$s'), $albumpath, $valid ? gettext('fixed') : gettext('discarded')));
}
if (!$valid || in_array($row['folder'], $live)) {
$dead[] = $row['id'];
if ($row['album_theme'] !== '') {
// orphaned album theme options table
$deadalbumthemes[$row['id']] = $row['folder'];
}
} else {
$live[] = $row['folder'];
}
}
db_free_result($result);
if (count($dead) > 0) {
/* delete the dead albums from the DB */
asort($dead);
$criteria = '(' . implode(',', $dead) . ')';
$first = array_pop($dead);
$sql1 = "DELETE FROM " . prefix('albums') . " WHERE `id` IN {$criteria}";
$n = query($sql1);
if (!$complete && $n && $cascade) {
$sql2 = "DELETE FROM " . prefix('images') . " WHERE `albumid` IN {$criteria}";
query($sql2);
$sql3 = "DELETE FROM " . prefix('comments') . " WHERE `type`='albums' AND `ownerid` IN {$criteria}";
query($sql3);
$sql4 = "DELETE FROM " . prefix('obj_to_tag') . " WHERE `type`='albums' AND `objectid` IN {$criteria}";
query($sql4);
}
}
if (count($deadalbumthemes) > 0) {
// delete the album theme options tables for dead albums
foreach ($deadalbumthemes as $id => $deadtable) {
$sql = 'DELETE FROM ' . prefix('options') . ' WHERE `ownerid`=' . $id;
query($sql, false);
}
}
}
if ($complete) {
if (empty($restart)) {
/* check album parent linkage */
$albums = $_zp_gallery->getAlbums();
foreach ($albums as $album) {
checkAlbumParentid($album, NULL, 'debuglog');
}
/* refresh 'metadata' albums */
$albumids = query("SELECT `id`, `mtime`, `folder`, `dynamic` FROM " . prefix('albums'));
if ($albumids) {
while ($analbum = db_fetch_assoc($albumids)) {
if (($mtime = filemtime(ALBUM_FOLDER_SERVERPATH . internalToFilesystem($analbum['folder']))) > $analbum['mtime']) {
// refresh
$album = newAlbum($analbum['folder']);
$album->set('mtime', $mtime);
if ($this->getAlbumUseImagedate()) {
$album->setDateTime(NULL);
}
if ($album->isDynamic()) {
$data = file_get_contents($album->localpath);
$thumb = getOption('AlbumThumbSelect');
$words = $fields = '';
while (!empty($data)) {
$data1 = trim(substr($data, 0, $i = strpos($data, "\n")));
if ($i === false) {
$data1 = $data;
$data = '';
} else {
$data = substr($data, $i + 1);
}
if (strpos($data1, 'WORDS=') !== false) {
$words = "words=" . urlencode(substr($data1, 6));
}
if (strpos($data1, 'THUMB=') !== false) {
$thumb = trim(substr($data1, 6));
}
if (strpos($data1, 'FIELDS=') !== false) {
$fields = "&searchfields=" . trim(substr($data1, 7));
}
}
if (!empty($words)) {
if (empty($fields)) {
$fields = '&searchfields=tags';
}
}
$album->set('search_params', $words . $fields);
$album->set('thumb', $thumb);
}
$album->save();
zp_apply_filter('album_refresh', $album);
}
}
db_free_result($albumids);
}
/* Delete all image entries that don't belong to an album at all. */
$albumids = query("SELECT `id` FROM " . prefix('albums'));
/* all the album IDs */
$idsofalbums = array();
if ($albumids) {
while ($row = db_fetch_assoc($albumids)) {
$idsofalbums[] = $row['id'];
}
db_free_result($albumids);
}
$imageAlbums = query("SELECT DISTINCT `albumid` FROM " . prefix('images'));
/* albumids of all the images */
$albumidsofimages = array();
if ($imageAlbums) {
while ($row = db_fetch_assoc($imageAlbums)) {
$albumidsofimages[] = $row['albumid'];
}
db_free_result($imageAlbums);
}
$orphans = array_diff($albumidsofimages, $idsofalbums);
/* albumids of images with no album */
if (count($orphans) > 0) {
/* delete dead images from the DB */
$sql = "DELETE FROM " . prefix('images') . " WHERE ";
foreach ($orphans as $id) {
if (is_null($id)) {
$sql .= "`albumid` is NULL OR ";
} else {
$sql .= " `albumid`='" . $id . "' OR ";
}
}
$sql = substr($sql, 0, -4);
query($sql);
// Then go into existing albums recursively to clean them... very invasive.
foreach ($this->getAlbums(0) as $folder) {
$album = newAlbum($folder);
if (!$album->isDynamic()) {
if (is_null($album->getDateTime())) {
// see if we can get one from an image
$images = $album->getImages(0, 0);
if (count($images) > 0) {
$image = newImage($album, array_shift($images));
$album->setDateTime($image->getDateTime());
$album->save();
}
}
$album->garbageCollect(true);
}
zp_apply_filter('album_refresh', $album);
}
}
}
/* Look for image records where the file no longer exists. While at it, check for images with IPTC data to update the DB */
$start = array_sum(explode(" ", microtime()));
// protect against too much processing.
if (!empty($restart)) {
$restartwhere = ' WHERE `id`>' . $restart . ' AND `mtime`=0';
} else {
$restartwhere = ' WHERE `mtime`=0';
}
define('RECORD_LIMIT', 5);
$sql = 'SELECT * FROM ' . prefix('images') . $restartwhere . ' ORDER BY `id` LIMIT ' . (RECORD_LIMIT + 2);
$images = query($sql);
if ($images) {
$c = 0;
while ($image = db_fetch_assoc($images)) {
$albumobj = getItemByID('albums', $image['albumid']);
if ($albumobj->exists && file_exists($imageName = internalToFilesystem(ALBUM_FOLDER_SERVERPATH . $albumobj->name . '/' . $image['filename']))) {
if ($image['mtime'] != ($mtime = filemtime($imageName))) {
// file has changed since we last saw it
$imageobj = newImage($albumobj, $image['filename']);
$imageobj->set('mtime', $mtime);
$imageobj->updateMetaData();
// prime the EXIF/IPTC fields
$imageobj->updateDimensions();
// update the width/height & account for rotation
$imageobj->save();
zp_apply_filter('image_refresh', $imageobj);
}
} else {
$sql = 'DELETE FROM ' . prefix('images') . ' WHERE `id`="' . $image['id'] . '";';
$result = query($sql);
$sql = 'DELETE FROM ' . prefix('comments') . ' WHERE `type` IN (' . zp_image_types('"') . ') AND `ownerid` ="' . $image['id'] . '";';
$result = query($sql);
}
if (++$c >= RECORD_LIMIT) {
return $image['id'];
// avoide excessive processing
}
}
db_free_result($images);
}
// cleanup the tables
$resource = db_show('tables');
if ($resource) {
while ($row = db_fetch_assoc($resource)) {
$tbl = array_shift($row);
query('OPTIMIZE TABLE `' . $tbl . '`');
}
db_free_result($resource);
}
}
return false;
}
$ending_turns = null;
$turns_change = null;
$turns_to_take = null;
$gold_mod = NULL;
$result = NULL;
$targetResult = NULL;
// result message to send to target of item use
$targetName = '';
$targetHealth = '';
$targetHealthPercent = '';
$bountyMessage = '';
$resultMessage = '';
$alternateResultMessage = '';
if ($item_in == (int) $item_in && is_numeric($item_in)) {
// Can be cast to an id.
$item = $item_obj = getItemByID($item_in);
} elseif (is_string($item_in)) {
$item = $item_obj = getItemByIdentity($item_in);
} else {
$item = null;
}
if (!is_object($item)) {
error_log('Invalid item identifier (' . (is_string($item_in) ? $item_in : 'non-string') . ') sent to page from ' . (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '(no referrer)') . '.');
redirect(WEB_ROOT . 'inventory.php?error=noitem');
}
$item_count = item_count($user_id, $item);
// Check whether use on self is occurring.
$self_use = $selfTarget || $target_id === $user_id;
if ($self_use) {
$target = $username;
$targetObj = $player;
$handle = $link->prepare('SELECT '.$table_item.'.ID, '.$table_item.'.UUID, '.$table_item.'.Code, Description, ItemTypeID, Price, UnitID, QuantityOnHand, UseCombination FROM '.$table_item.' LEFT JOIN '.$table_inventoryOnHand.' ON '.$table_inventoryOnHand.'.ItemID = '.$table_item.'.ID WHERE code = :code');
$handle->bindParam(':code', $code);
}
$handle->execute();
if($product = $handle->fetchObject()){
if($bBarcode){
$product->barcode = $code;
}
echo json_encode($product);
}
else echo json_encode(false);*/
$itemBarcode = getItemBarcode($link, $code);
$item = null;
if ($itemBarcode) {
$item = getItemByID($link, $itemBarcode->ItemID);
//$bBarcode = true;
} else {
$item = getItemByCode($link, $code);
}
if ($item) {
//if($bBarcode){
if ($itemBarcode) {
$item->barcode = $code;
if ($itemBarcode->unitID) {
$item->UnitID = $itemBarcode->unitID;
}
if ($itemBarcode->itemCombinationID) {
$combinationInfo = getCombinationInfo($link, $item->ID, $itemBarcode->itemCombinationID);
if ($combinationInfo) {
$quantityOnHand = getQuantityOnHand($link, $item->ID, $itemBarcode->itemCombinationID);
/**
* Prints latest comments for images, albums, news and pages
*
* @param see getLatestComments
*
*/
function printLatestComments($number, $shorten = '123', $type = "all", $item = NULL, $ulid = 'showlatestcomments')
{
$comments = getLatestComments($number, $type, $item);
echo '<ul id="' . $ulid . $item . "\">\n";
foreach ($comments as $comment) {
if ($comment['anon'] === "0") {
$author = " " . gettext("by") . " " . $comment['name'];
} else {
$author = "";
}
$shortcomment = shortenContent($comment['comment'], $shorten, '');
$website = $comment['website'];
$date = $comment['date'];
switch ($comment['type']) {
case 'albums':
$album = getItemByID('albums', $comment['ownerid']);
if ($album) {
echo '<li><a href="' . $album->getLink() . '" class="commentmeta">' . $album->getTitle() . $author . "</a><br />\n";
echo '<span class="commentbody">' . $shortcomment . '</span></li>';
}
break;
case 'images':
$image = getItemByID('images', $comment['ownerid']);
if ($image) {
echo '<li><a href="' . $image->getLink() . '" class="commentmeta">' . $image->album->gettitle() . ': ' . $image->getTitle() . $author . "</a><br />\n";
echo '<span class="commentbody">' . $shortcomment . '</span></li>';
}
break;
case 'news':
$news = getItemByID('news', $comment['ownerid']);
if ($news) {
echo '<li><a href="' . $news->getLink() . '" class="commentmeta">' . gettext('Article') . ':' . $news->getTitle() . $author . "</a><br />\n";
echo '<span class="commentbody">' . $shortcomment . '</span></li>';
}
break;
case 'pages':
$page = getItemByID('news', $comment['ownerid']);
if ($page) {
echo '<li><a href="' . $page->getLink() . '" class="commentmeta">' . gettext('Article') . ':' . $page->getTitle() . $author . "</a><br />\n";
echo '<span class="commentbody">' . $shortcomment . '</span></li>';
}
break;
}
}
echo "</ul>\n";
}
/**
* Gets all pages or published ones.
*
* NOTE: Since this function only returns titlelinks for use with the object model it does not exclude pages that are password protected
*
* @param bool $published TRUE for published or FALSE for all pages including un-published
* @param bool $toplevel TRUE for only the toplevel pages
* @param int $number number of pages to get (NULL by default for all)
* @param string $sorttype NULL for the standard order as sorted on the backend, "title", "date", "id", "popular", "mostrated", "toprated", "random"
* @param string $sortdirection false for ascenting, true for descending
* @return array
*/
function getPages($published = NULL, $toplevel = false, $number = NULL, $sorttype = NULL, $sortdirection = NULL)
{
global $_zp_loggedin;
if (is_null($sortdirection)) {
$sortdirection = $this->getSortDirection('pages');
}
if (is_null($sorttype)) {
$sorttype = $this->getSortType('pages');
if (empty($sorttype)) {
$sorttype = 'date';
}
}
if (is_null($published)) {
$published = !zp_loggedin();
$all = zp_loggedin(MANAGE_ALL_PAGES_RIGHTS | VIEW_UNPUBLISHED_PAGE_RIGHTS);
} else {
$all = !$published;
}
$published = $published && !zp_loggedin(ZENPAGE_PAGES_RIGHTS);
$now = date('Y-m-d H:i:s');
$gettop = '';
if ($published) {
if ($toplevel) {
$gettop = " AND parentid IS NULL";
}
$show = " WHERE `show` = 1 AND date <= '" . $now . "'" . $gettop;
} else {
if ($toplevel) {
$gettop = " WHERE parentid IS NULL";
}
$show = $gettop;
}
if ($sortdirection) {
$sortdir = ' DESC';
} else {
$sortdir = ' ASC';
}
switch ($sorttype) {
default:
$sortorder = $sorttype;
break;
case 'popular':
$sortorder = 'hitcounter';
break;
case 'mostrated':
$sortorder = 'total_votes';
break;
case 'toprated':
if (empty($sortdir)) {
$sortdir = ' DESC';
}
$sortorder = '(total_value/total_votes) ' . $sortdir . ', total_value';
break;
case 'random':
$sortorder = 'RAND()';
$sortdir = '';
break;
}
$all_pages = array();
// Disabled cache var for now because it does not return un-publishded and published if logged on index.php somehow if logged in.
$result = query('SELECT * FROM ' . prefix('pages') . $show . ' ORDER by `' . $sortorder . '`' . $sortdir);
if ($result) {
while ($row = db_fetch_assoc($result)) {
if ($all || $row['show']) {
$all_pages[] = $row;
} else {
if ($_zp_loggedin) {
$page = newPage($row['titlelink']);
if ($page->subRights()) {
$all_pages[] = $row;
} else {
$parentid = $page->getParentID();
if ($parentid) {
$parent = getItemByID('pages', $parentid);
if ($parent->subRights() & MANAGED_OBJECT_RIGHTS_VIEW) {
$all_pages[] = $row;
}
}
}
}
}
if ($number && count($result) >= $number) {
break;
}
}
db_free_result($result);
}
return $all_pages;
}
