<!-- TEMPLATE -->
<div class="contentBox">
<?php 
postErrOK(0, 600, "Sie sind nicht als Administrator angemeldet!");
postRedirect(3, "index.php?page=home");
?>
</div>
Example #2
0
<!-- ISADMIN -->
<!-- TEMPLATE -->
<div class="contentBox">
<?php 
if (move_uploaded_file(@$_FILES["uploadlua_file"]["tmp_name"], @$_FILES["uploadlua_file"]["name"])) {
    postErrOK(1, 600, "Die Datei wurde erfolgreich hochgeladen!");
    postRedirect(3, "index.php?page=parselua");
} else {
    postErrOK(0, 600, "Es trat ein Fehler auf!");
    postRedirect(3, "index.php?page=uploadlua");
}
?>
</div>
<!-- ISADMIN -->
<!-- TEMPLATE -->
<div class="contentBox">
<?php 
$found = false;
$result = mysql_query("SELECT * FROM " . $databasename . "." . $tableprefix . "itempoints");
while ($row = @mysql_fetch_assoc($result)) {
    if (toSaferValue(@$_POST["additempoints_id"]) == $row["itemid"]) {
        $found = true;
        break;
    }
}
@mysql_free_result($result);
if ($found) {
    mysql_query("UPDATE " . $databasename . "." . $tableprefix . "itempoints SET points = " . toSaferValue(@$_POST["additempoints_points"]) . " WHERE itemid = " . toSaferValue(@$_POST["additempoints_id"]));
    postErrOK(1, 600, "Der Eintrag wurde erfolgreich gespeichert!");
} else {
    mysql_query("INSERT INTO " . $databasename . "." . $tableprefix . "itempoints (itemid, points) VALUES (" . toSaferValue(@$_POST["additempoints_id"]) . ", " . toSaferValue(@$_POST["additempoints_points"]) . ")");
    postErrOK(1, 600, "Der Eintrag wurde erfolgreich gespeichert!");
}
postRedirect(3, "index.php?page=itempoints&filter=&sortindex=0&sortorder=asc");
?>
</div>
<!-- ISADMIN -->
<!-- TEMPLATE -->
<div class="contentBox">
<?php 
$found = false;
$result = mysql_query("SELECT * FROM " . $databasename . "." . $tableprefix . "hiddenitems");
while ($row = @mysql_fetch_assoc($result)) {
    if (toSaferValue(@$_GET["id"]) == $row["itemid"]) {
        $found = true;
        break;
    }
}
@mysql_free_result($result);
if ($found) {
    mysql_query("DELETE FROM " . $databasename . "." . $tableprefix . "hiddenitems WHERE itemid = " . toSaferValue(@$_GET["id"]));
    postErrOK(1, 600, "Der Eintrag wurde erfolgreich gespeichert!");
} else {
    mysql_query("INSERT INTO " . $databasename . "." . $tableprefix . "hiddenitems (itemid) VALUES (" . toSaferValue(@$_GET["id"]) . ")");
    postErrOK(1, 600, "Der Eintrag wurde erfolgreich gespeichert!");
}
postRedirect(3, "index.php?page=itemvisibility&filter=&sortindex=0&sortorder=asc");
?>
</div>
<!-- TEMPLATE -->
<div class="contentBox">
<?php 
$type = 1;
if (toSaferValue(@$_POST["addgbpentry_type"]) == "Auslagern") {
    $type = -1;
}
$found = false;
$result = mysql_query("SELECT * FROM " . $databasename . "." . $tableprefix . "member");
while ($row = @mysql_fetch_assoc($result)) {
    if (toSaferValue(@$_POST["addgbpentry_name"]) == $row["name"]) {
        $found = true;
        break;
    }
}
@mysql_free_result($result);
if ($found) {
    mysql_query("INSERT INTO " . $databasename . "." . $tableprefix . "gbphistory (type, name, points, info, timestamp) VALUES (" . $type . ", '" . toSaferValue(@$_POST["addgbpentry_name"]) . "', " . toSaferValue(@$_POST["addgbpentry_points"]) . ", '" . toSaferValue(@$_POST["addgbpentry_info"]) . "', NOW())");
    if ($type == 1) {
        mysql_query("UPDATE " . $databasename . "." . $tableprefix . "member SET gbp = gbp + " . toSaferValue(@$_POST["addgbpentry_points"]) . " WHERE name = '" . toSaferValue(@$_POST["addgbpentry_name"]) . "'");
    } else {
        mysql_query("UPDATE " . $databasename . "." . $tableprefix . "member SET gbp = gbp - " . toSaferValue(@$_POST["addgbpentry_points"]) . " WHERE name = '" . toSaferValue(@$_POST["addgbpentry_name"]) . "'");
    }
    postErrOK(1, 600, "Der Eintrag wurde erfolgreich gespeichert!");
} else {
    postErrOK(0, 600, "Dieses Mitglied ist nicht in der Datenbank eingetragen!");
}
postRedirect(3, "index.php?page=addgbpentry");
?>
</div>
Example #6
0
<!-- ISADMIN -->
<!-- TEMPLATE -->
<div class="contentBox">
<?php 
if (!file_exists("./" . toSaferValue(@$_POST["parselua_file"]))) {
    postErrOK(0, 600, "Es trat ein Fehler auf!");
    postRedirect(3, "index.php?page=parselua");
} else {
    mysql_query("TRUNCATE TABLE " . $databasename . "." . $tableprefix . "member");
    echo "<div class=\"simpleBoxOutline\" style=\"width: 600px; text-align: left\">\n";
    echo "<b>Beginne Parsing...</b>\n";
    $parsefile = fopen("./" . toSaferValue(@$_POST["parselua_file"]), "r");
    $hereweare = 0;
    $bankcount = 0;
    $tobank = "";
    $matches = NULL;
    while (!feof($parsefile)) {
        $line = fgets($parsefile);
        $line = trim($line);
        if (substr($line, 0, 16) == "gbm_guildmembers") {
            $hereweare = 1;
        }
        if (substr($line, 0, 11) == "gbm_excepts") {
            $hereweare = 2;
        }
        if (substr($line, 0, 8) == "gbm_bank") {
            $hereweare = 3;
        }
        $newbank = false;
        if (preg_match("@\\[\"[A-Za-zÄÖÜäöüß]*\"\\]@", $line, $matches) == 1) {
            $hereweare = 3;
Example #7
0
function userLogin()
{
    global $inventory_passwd;
    if (toSaferValue(@$_POST["userlogin_passwd"]) != $inventory_passwd) {
        postErrOK(0, 600, "Es trat ein Fehler auf!");
        postRedirect(3, "index.php?page=home");
    } else {
        $_SESSION["gbm_invpasswd"] = $inventory_passwd;
        postErrOK(1, 600, "Sie haben sich erfolgreich angemeldet!");
        postRedirect(3, "index.php?page=guildbank&filter=&sortindex=1&sortorder=asc");
    }
}
}
$found = false;
$result = mysql_query("SELECT * FROM " . $databasename . "." . $tableprefix . "member");
while ($row = @mysql_fetch_assoc($result)) {
    if (toSaferValue(@$_POST["editgbpentry_name"]) == $row["name"]) {
        $found = true;
        break;
    }
}
@mysql_free_result($result);
$oldpoints = 0;
$result = mysql_query("SELECT * FROM " . $databasename . "." . $tableprefix . "gbphistory WHERE historyid = " . toSaferValue(@$_POST["editgbpentry_id"]));
while ($row = @mysql_fetch_assoc($result)) {
    $oldpoints = $row["type"] * $row["points"];
}
@mysql_free_result($result);
if ($found) {
    mysql_query("UPDATE " . $databasename . "." . $tableprefix . "gbphistory SET type = " . $type . ", name = '" . toSaferValue(@$_POST["editgbpentry_name"]) . "', points = " . toSaferValue(@$_POST["editgbpentry_points"]) . ", info = '" . toSaferValue(@$_POST["editgbpentry_info"]) . "' WHERE historyid = " . toSaferValue(@$_POST["editgbpentry_id"]));
    if ($type == 1) {
        mysql_query("UPDATE " . $databasename . "." . $tableprefix . "member SET gbp = gbp + " . toSaferValue(@$_POST["editgbpentry_points"]) . " - " . $oldpoints . " WHERE name = '" . toSaferValue(@$_POST["editgbpentry_name"]) . "'");
    } else {
        mysql_query("UPDATE " . $databasename . "." . $tableprefix . "member SET gbp = gbp - " . toSaferValue(@$_POST["editgbpentry_points"]) . " - " . $oldpoints . " WHERE name = '" . toSaferValue(@$_POST["editgbpentry_name"]) . "'");
    }
    postErrOK(1, 600, "Der Eintrag wurde erfolgreich gespeichert!");
} else {
    postErrOK(0, 600, "Dieses Mitglied ist nicht in der Datenbank eingetragen!");
}
postRedirect(3, "index.php?page=gbphistoryadmin&name=&filter=&sortindex=0&sortorder=desc");
?>
</div>