$sql .= "AND login.state != 5 ";
}
if (Flux::config('HideTempBannedZenyRank')) {
$sql .= "AND (login.unban_time IS NULL OR login.unban_time = 0) ";
}
$groupsLT = AccountLevel::getGroupID((int) Flux::config('RankingHideGroupLevel'), '<');
if (!empty($groupsLT)) {
$idsLT = implode(', ', array_fill(0, count($groupsLT), '?'));
$sql .= "AND login.group_id IN ({$idsLT})";
$bind = array_merge($bind, $groupsLT);
}
if ($days = Flux::config('ZenyRankingThreshold')) {
$sql .= 'AND TIMESTAMPDIFF(DAY, login.lastlogin, NOW()) <= ? ';
$bind[] = $days * 24 * 60 * 60;
}
$groupsGEQ = AccountLevel::getGroupID((int) $auth->getGroupLevelToHideFromZenyRank, '>=');
if (!empty($groupsGEQ)) {
$ids = implode(', ', array_fill(0, count($groupsGEQ), '?'));
$check1 = "AND login.group_id IN ({$ids})";
$bind = array_merge($bind, $groupsGEQ);
}
if (!empty($groupsLT)) {
$check2 = "OR login.group_id IN ({$idsLT})";
$bind = array_merge($bind, $groupsLT);
}
// Whether or not the character is allowed to hide themselves from the Zeny Ranking.
if (isset($check1) && isset($check2)) {
$sql .= "AND (((hide_from_zr.value IS NULL OR hide_from_zr.value = 0) {$check1}) {$check2}) ";
}
if (!is_null($jobClass)) {
$sql .= "AND ch.class = ? ";
$sth->execute(array($accountID));
// Account object.
$account = $sth->fetch();
$isMine = false;
if ($account) {
if ($account->group_id > $session->account->group_id && !$auth->allowedToEditHigherPower) {
$this->deny();
}
$isMine = $account->account_id == $session->account->account_id;
if ($isMine) {
$title = Flux::message('AccountEditTitle2');
} else {
$title = sprintf(Flux::message('AccountEditTitle3'), $account->userid);
}
if (count($_POST)) {
$groups = AccountLevel::getArray();
$email = trim($params->get('email'));
$gender = trim($params->get('gender'));
$loginCount = (int) $params->get('logincount');
$birthdate = $params->get('birthdate_date');
$lastLogin = $params->get('lastlogin_date');
$lastIP = trim($params->get('last_ip'));
$group_id = (int) $params->get('group_id');
$balance = (int) $params->get('balance');
if ($isMine && $account->group_id != $group_id) {
$errorMessage = Flux::message('CannotModifyOwnGroupID');
} elseif ($account->group_id != $group_id && !$auth->allowedToEditAccountGroupID) {
$errorMessage = Flux::message('CannotModifyAnyGroupID');
} elseif ($group_id > $session->account->group_id) {
$errorMessage = Flux::message('CannotModifyGroupIDHigh');
} elseif (!isset($groups[$group_id])) {
}
$sql = "SELECT login.*, {$creditColumns}, {$createColumns} FROM {$server->loginDatabase}.login ";
$sql .= "LEFT OUTER JOIN {$server->loginDatabase}.{$creditsTable} AS credits ON login.account_id = credits.account_id ";
$sql .= "LEFT OUTER JOIN {$server->loginDatabase}.{$createTable} AS created ON login.account_id = created.account_id ";
$sql .= "WHERE login.sex != 'S' AND login.group_id >= 0 AND login.account_id = ? LIMIT 1";
$sth = $server->connection->getStatement($sql);
$sth->execute(array($accountID));
// Account object.
$account = $sth->fetch();
if ($account) {
$title = sprintf(Flux::message('AccountViewTitle2'), $account->userid);
}
} else {
$title = Flux::message('AccountViewTitle3');
}
$level = AccountLevel::getGroupLevel($account->group_id);
$banSuperior = $account && ($level > $session->account->group_level && $auth->allowedToBanHigherPower || $level <= $session->account->group_level);
$canTempBan = !$isMine && $banSuperior && $auth->allowedToTempBanAccount;
$canPermBan = !$isMine && $banSuperior && $auth->allowedToPermBanAccount;
$tempBanned = $account && $account->unban_time > 0;
$permBanned = $account && $account->state == 5;
$showTempBan = !$isMine && !$tempBanned && !$permBanned && $auth->allowedToTempBanAccount;
$showPermBan = !$isMine && !$permBanned && $auth->allowedToPermBanAccount;
$showUnban = !$isMine && ($tempBanned && $auth->allowedToTempUnbanAccount) || $permBanned && $auth->allowedToPermUnbanAccount;
if (count($_POST) && $account) {
$reason = (string) $params->get('reason');
if ($params->get('tempban') && ($tempBanDate = $params->get('tempban_date'))) {
if ($canTempBan) {
if ($server->loginServer->temporarilyBan($session->account->account_id, $reason, $account->account_id, $tempBanDate)) {
$formattedDate = $this->formatDateTime($tempBanDate);
$session->setMessageData("Account has been temporarily banned until {$formattedDate}.");
}
$col = "ch.char_id, ch.name AS char_name, ch.class AS char_class, ch.base_level, ch.job_level, ";
$col .= "ch.guild_id, guild.name AS guild_name, guild.emblem_len AS guild_emblem_len, ";
$col .= "CAST(IFNULL(reg.value, '0') AS UNSIGNED) AS death_count";
$sql = "SELECT {$col} FROM {$server->charMapDatabase}.`char` AS ch ";
$sql .= "LEFT JOIN {$server->charMapDatabase}.guild ON guild.guild_id = ch.guild_id ";
$sql .= "LEFT JOIN {$server->loginDatabase}.login ON login.account_id = ch.account_id ";
$sql .= "LEFT JOIN {$server->charMapDatabase}.`global_reg_value` AS reg ON reg.char_id = ch.char_id AND reg.str = 'PC_DIE_COUNTER' ";
$sql .= "WHERE 1=1 ";
if (Flux::config('HidePermBannedDeathRank')) {
$sql .= "AND login.state != 5 ";
}
if (Flux::config('HideTempBannedDeathRank')) {
$sql .= "AND (login.unban_time IS NULL OR login.unban_time = 0) ";
}
$groups = AccountLevel::getGroupID((int) Flux::config('RankingHideGroupLevel'), '<');
if (!empty($groups)) {
$ids = implode(', ', array_fill(0, count($groups), '?'));
$sql .= "AND login.group_id IN ({$ids}) ";
$bind = array_merge($bind, $groups);
}
if ($days = Flux::config('DeathRankingThreshold')) {
$sql .= 'AND TIMESTAMPDIFF(DAY, login.lastlogin, NOW()) <= ? ';
$bind[] = $days * 24 * 60 * 60;
}
if (!is_null($jobClass)) {
$sql .= "AND ch.class = ? ";
$bind[] = $jobClass;
}
$sql .= "ORDER BY death_count DESC, ch.char_id DESC ";
$sql .= "LIMIT " . (int) Flux::config('DeathRankingLimit');
<?php
if (!defined('FLUX_ROOT')) {
exit;
}
$bind = array();
$sqlpartial = '';
$chars = array();
$hideGroupLevel = Flux::config('HideFromWhosOnline');
$groups = AccountLevel::getGroupID($hideGroupLevel, '<');
if (!empty($groups)) {
$ids = implode(', ', array_fill(0, count($groups), '?'));
$sqlpartial .= " where login.group_id IN ({$ids}) ";
$bind = array_merge($bind, $groups);
}
$sqlpartial .= " group by m.kill_char_id";
$sql = "SELECT count(*) AS total FROM {$server->charMapDatabase}.`mvplog` as m inner join `char` as ch ON ch.char_id = `m`.kill_char_id left join login ON `login`.account_id =ch.account_id {$sqlpartial}";
$sth = $server->connection->getStatement($sql);
$sth->execute($bind);
$sortable = array('name', 'char_id', 'class', 'amount' => 'desc', 'base_level', 'job_level');
$paginator = $this->getPaginator($sth->fetch()->total);
$paginator->setSortableColumns($sortable);
$col = "ch.name, ch.char_id, class, ch.guild_id, count(3) as amount, base_level, job_level, guild.name as g_name";
$sql = $paginator->getSQL("SELECT {$col} FROM {$server->charMapDatabase}.`mvplog` as m inner join `char` as ch ON ch.char_id = `m`.kill_char_id left join login ON `login`.account_id =ch.account_id left join guild on guild.guild_id=ch.guild_id {$sqlpartial}");
$sth = $server->connection->getStatement($sql);
$sth->execute($bind);
$chars = $sth->fetchAll();
<?php
// Module variables are available in page menus.
// However, access group_id checking must be done directly from the page menu.
// Minimal access checking such as $auth->actionAllowed('moduleName', 'actionName') should be performed.
$groups = AccountLevel::getArray();
$pageMenu = array();
if ((AccountLevel::getGroupLevel($account->group_id) <= $session->account->group_level || $auth->allowedToEditHigherPower) && $auth->actionAllowed('account', 'edit')) {
$pageMenu[Flux::message('ModifyAccountLink')] = $this->url('account', 'edit', array('id' => $account->account_id));
}
return $pageMenu;
if (!$groupName || !($loginAthenaGroup = Flux::getServerGroupByName($groupName))) {
$loginAthenaGroup = $session->loginAthenaGroup;
}
$sql = "SELECT account_id, user_pass, group_id FROM {$loginAthenaGroup->loginDatabase}.login WHERE ";
if ($loginAthenaGroup->loginServer->config->getNoCase()) {
$sql .= 'LOWER(userid) = LOWER(?) ';
} else {
$sql .= 'BINARY userid = ? ';
}
$sql .= "AND email = ? AND state = 0 AND sex IN ('M', 'F') LIMIT 1";
$sth = $loginAthenaGroup->connection->getStatement($sql);
$sth->execute(array($userid, $email));
$row = $sth->fetch();
if ($row) {
$groups = AccountLevel::getArray();
if (AccountLevel::getGroupLevel($row->group_id) >= Flux::config('NoResetPassGroupLevel')) {
$errorMessage = Flux::message('ResetPassDisallowed');
} else {
$code = md5(rand() + $row->account_id);
$sql = "INSERT INTO {$loginAthenaGroup->loginDatabase}.{$resetPassTable} ";
$sql .= "(code, account_id, old_password, request_date, request_ip, reset_done) ";
$sql .= "VALUES (?, ?, ?, NOW(), ?, 0)";
$sth = $loginAthenaGroup->connection->getStatement($sql);
$res = $sth->execute(array($code, $row->account_id, $row->user_pass, $_SERVER['REMOTE_ADDR']));
if ($res) {
require_once 'Flux/Mailer.php';
$name = $loginAthenaGroup->serverName;
$link = $this->url('account', 'resetpw', array('_host' => true, 'code' => $code, 'account' => $row->account_id, 'login' => $name));
$mail = new Flux_Mailer();
$sent = $mail->send($email, 'Reset Password', 'resetpass', array('AccountUsername' => $userid, 'ResetLink' => htmlspecialchars($link)));
}
/**
* Initialize session data.
*
* @param bool $force
* @return bool
* @access private
*/
private function initialize($force = false)
{
$keysToInit = array('username', 'serverName', 'athenaServerName', 'securityCode');
foreach ($keysToInit as $key) {
if ($force || !$this->{$key}) {
$method = ucfirst($key);
$method = "set{$method}Data";
$this->{$method}(null);
}
}
$loggedIn = true;
if (!$this->username) {
$loggedIn = false;
$cfgAthenaServerName = Flux::config('DefaultCharMapServer');
$cfgLoginAthenaGroup = Flux::config('DefaultLoginGroup');
if (Flux::getServerGroupByName($cfgLoginAthenaGroup)) {
$this->setServerNameData($cfgLoginAthenaGroup);
} else {
$defaultServerName = current(array_keys(Flux::$loginAthenaGroupRegistry));
$this->setServerNameData($defaultServerName);
}
}
if ($this->serverName && ($this->loginAthenaGroup = Flux::getServerGroupByName($this->serverName))) {
$this->loginServer = $this->loginAthenaGroup->loginServer;
if (!$loggedIn && $cfgAthenaServerName && $this->getAthenaServer($cfgAthenaServerName)) {
$this->setAthenaServerNameData($cfgAthenaServerName);
}
if (!$this->athenaServerName || (!$loggedIn && !$this->getAthenaServer($cfgAthenaServerName) || !$this->getAthenaServer($this->athenaServerName))) {
$this->setAthenaServerNameData(current($this->getAthenaServerNames()));
}
}
// Get new account data every request.
if ($this->loginAthenaGroup && $this->username && ($account = $this->getAccount($this->loginAthenaGroup, $this->username))) {
$this->account = $account;
$this->account->group_level = AccountLevel::getGroupLevel($account->group_id);
// Automatically log out of account when detected as banned.
$permBan = $account->state == 5 && !Flux::config('AllowPermBanLogin');
$tempBan = $account->unban_time > 0 && $account->unban_time < time() && !Flux::config('AllowTempBanLogin');
if ($permBan || $tempBan) {
$this->logout();
}
} else {
$this->account = new Flux_DataObject(null, array('group_level' => AccountLevel::UNAUTH));
}
//if (!$this->isLoggedIn()) {
// $this->setServerNameData(null);
// $this->setAthenaServerNameData(null);
//}
if (!is_array($this->cart)) {
$this->setCartData(array());
}
if ($this->account->account_id && $this->loginAthenaGroup) {
if (!array_key_exists($this->loginAthenaGroup->serverName, $this->cart)) {
$this->cart[$this->loginAthenaGroup->serverName] = array();
}
foreach ($this->getAthenaServerNames() as $athenaServerName) {
$athenaServer = $this->getAthenaServer($athenaServerName);
$cartArray =& $this->cart[$this->loginAthenaGroup->serverName];
$accountID = $this->account->account_id;
if (!array_key_exists($accountID, $cartArray)) {
$cartArray[$accountID] = array();
}
if (!array_key_exists($athenaServerName, $cartArray[$accountID])) {
$cartArray[$accountID][$athenaServerName] = new Flux_ItemShop_Cart();
}
$cartArray[$accountID][$athenaServerName]->setAccount($this->account);
$athenaServer->setCart($cartArray[$accountID][$athenaServerName]);
}
}
return true;
}
