/** * method build_page * param * return main method, loads everything */ private function build_page() { $parse = $this->_lang; $parse['js_path'] = XGP_ROOT . JS_PATH; if (isset($_POST) && $_POST && $_GET['mode'] == "change") { $info = array(1 => array('color' => 'yellow'), 2 => array('color' => 'skyblue'), 3 => array('color' => 'red')); $color = $info[$this->_current_user['user_authlevel']]['color']; $level = $this->_lang['user_level'][$this->_current_user['user_authlevel']]; if (isset($_POST['tresc']) && $_POST['tresc'] != '' && (isset($_POST['temat']) && $_POST['temat'] != '') && (isset($_POST['message']) or isset($_POST['mail']))) { $sq = parent::$db->query("SELECT `user_id` , `user_name`, `user_email`\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM " . USERS . ""); if (isset($_POST['message'])) { $time = time(); $from = '<font color="' . $color . '">' . $level . ' ' . $this->_current_user['user_name'] . '</font>'; $subject = '<font color="' . $color . '">' . $_POST['temat'] . '</font>'; $message = '<font color="' . $color . '"><b>' . Functions_Lib::format_text($_POST['tresc']) . '</b></font>'; while ($u = parent::$db->fetch_array($sq)) { Functions_Lib::send_message($u['user_id'], $this->_current_user['user_id'], $time, 5, $from, $subject, $message); $_POST['tresc'] = str_replace(":name:", $u['user_name'], $_POST['tresc']); } } if (isset($_POST['mail'])) { $i = 0; while ($u = parent::$db->fetch_array($sq)) { mail($u['user_email'], $_POST['temat'], $_POST['tresc']); // 20 per row if ($i % 20 == 0) { sleep(1); // wait, prevent flooding } $i++; } } $parse['alert'] = Administration_Lib::save_message('ok', $this->_lang['ma_message_sended']); } else { $parse['alert'] = Administration_Lib::save_message('warning', $this->_lang['ma_subject_needed']); } } parent::$page->display(parent::$page->parse_template(parent::$page->get_template('adm/global_message_view'), $parse)); }
/** * method build_page * param * return main method, loads everything */ private function build_page() { $this->_lang['js_path'] = XGP_ROOT . JS_PATH; $parse = $this->_lang; $a = isset($_GET['a']) ? intval($_GET['a']) : NULL; $n = isset($_GET['n']) ? intval($_GET['n']) : NULL; $s = isset($_POST['s']) ? intval($_POST['s']) : NULL; if ($s == 1 or $s == 2) { $time = time(); $priority = intval($_POST['u']); $title = $_POST['title'] ? parent::$db->escape_value(strip_tags($_POST['title'])) : "Sin título"; $text = $_POST['text'] ? Functions_Lib::format_text($_POST['text']) : $this->_lang['nt_no_text']; if ($s == 1) { parent::$db->query("INSERT INTO " . NOTES . " SET\n\t\t\t\t\t\t\t\t\t\tnote_owner=" . intval($this->_current_user['user_id']) . ",\n\t\t\t\t\t\t\t\t\t\tnote_time={$time},\n\t\t\t\t\t\t\t\t\t\tnote_priority={$priority},\n\t\t\t\t\t\t\t\t\t\tnote_title='{$title}',\n\t\t\t\t\t\t\t\t\t\tnote_text='{$text}'"); Functions_Lib::redirect('game.php?page=notes'); } elseif ($s == 2) { $id = intval($_POST['n']); $note_query = parent::$db->query("SELECT *\n\t\t\t\t\t\t\t\t\t\t\t\t\tFROM " . NOTES . "\n\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE note_id=" . intval($id) . " AND\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tnote_owner=" . intval($this->_current_user['user_id']) . ""); if (!$note_query) { Functions_Lib::redirect('game.php?page=notes'); } parent::$db->query("UPDATE `" . NOTES . "` SET\n\t\t\t\t\t\t\t\t\t\tnote_time={$time},\n\t\t\t\t\t\t\t\t\t\tnote_priority={$priority},\n\t\t\t\t\t\t\t\t\t\tnote_title='{$title}',\n\t\t\t\t\t\t\t\t\t\tnote_text='{$text}'\n\t\t\t\t\t\t\t\t\t\tWHERE note_id=" . intval($id) . ""); Functions_Lib::redirect('game.php?page=notes'); } } elseif ($_POST) { foreach ($_POST as $a => $b) { if (preg_match("/delmes/i", $a) && $b == "y") { $id = str_replace("delmes", "", $a); $note_query = parent::$db->query("SELECT *\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM `" . NOTES . "`\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `note_id` = " . (int) $id . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tAND `note_owner` = " . $this->_current_user['user_id'] . ""); if ($note_query) { parent::$db->query("DELETE FROM `" . NOTES . "`\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE `note_id` = " . (int) $id . ";"); } } } Functions_Lib::redirect('game.php?page=notes'); } else { if ($a == 1) { $parse['c_Options'] = "<option value=2 selected=selected>" . $this->_lang['nt_important'] . "</option>\n\t\t\t\t<option value=1>" . $this->_lang['nt_normal'] . "</option>\n\t\t\t\t<option value=0>" . $this->_lang['nt_unimportant'] . "</option>"; $parse['TITLE'] = $this->_lang['nt_create_note']; $parse['inputs'] = "<input type=hidden name=s value=1>"; parent::$page->display(parent::$page->parse_template(parent::$page->get_template('notes/notes_form'), $parse), FALSE, '', FALSE); } elseif ($a == 2) { $SELECTED['0'] = ''; $SELECTED['1'] = ''; $SELECTED['2'] = ''; $note = parent::$db->query_fetch("SELECT *\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM `" . NOTES . "`\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `note_owner` = " . $this->_current_user['user_id'] . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tAND `note_id` = " . (int) $n . ";"); if (!$note) { Functions_Lib::redirect('game.php?page=notes'); } $SELECTED[$note['note_priority']] = ' selected="selected"'; $parse['c_Options'] = "<option value=2{$SELECTED['2']}>" . $this->_lang['nt_important'] . "</option>\n\t\t\t\t<option value=1{$SELECTED['1']}>" . $this->_lang['nt_normal'] . "</option>\n\t\t\t\t<option value=0{$SELECTED['0']}>" . $this->_lang['nt_unimportant'] . "</option>"; $parse['TITLE'] = $this->_lang['nt_edit_note']; $parse['inputs'] = '<input type="hidden" name="s" value="2"><input type="hidden" name="n" value=' . $note['note_id'] . '>'; $parse['asunto'] = $note['note_title']; $parse['texto'] = $note['note_text']; parent::$page->display(parent::$page->parse_template(parent::$page->get_template('notes/notes_form'), $parse), FALSE, '', FALSE); } else { $notes_query = parent::$db->query("SELECT *\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM `" . NOTES . "`\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `note_owner` = " . $this->_current_user['user_id'] . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tORDER BY `note_time` DESC"); $count = 0; $NotesBodyEntryTPL = parent::$page->get_template('notes/notes_body_entry'); $list = ''; while ($note = parent::$db->fetch_array($notes_query)) { $count++; $parse['NOTE_COLOR'] = $this->return_priority($note['note_priority']); $parse['NOTE_ID'] = $note['note_id']; $parse['NOTE_TIME'] = date(Functions_Lib::read_config('date_format_extended'), $note['note_time']); $parse['NOTE_TITLE'] = $note['note_title']; $parse['NOTE_TEXT'] = strlen($note['note_text']); $list .= parent::$page->parse_template($NotesBodyEntryTPL, $parse); } if ($count == 0) { $list .= "<tr><th colspan=4>" . $this->_lang['nt_you_dont_have_notes'] . "</th>\n"; } $parse['BODY_LIST'] = $list; parent::$page->display(parent::$page->parse_template(parent::$page->get_template('notes/notes_body'), $parse), FALSE, '', FALSE); } } }
/** * method build_page * param * return main method, loads everything */ private function build_page() { // some values by default $parse = $this->_lang; $parse['js_path'] = XGP_ROOT . JS_PATH; // display an specific category of items if (isset($_GET['dsp']) && $_GET['dsp'] == 1 && $this->_have_premium) { $mode = ''; $get_messages = ''; foreach ($_GET as $field => $value) { if (Functions_Lib::in_multiarray($field, $this->_message_type)) { $type_id = Functions_lib::recursive_array_search($field, $this->_message_type); $get_messages .= $type_id . ','; $active[$type_id] = 1; } } // get list of messages $message_list = parent::$db->query("SELECT *\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM `" . MESSAGES . "`\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `message_receiver` = " . $this->_current_user['user_id'] . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tAND `message_type` IN (" . rtrim($get_messages, ',') . ");"); // set messages as read parent::$db->query("UPDATE `" . MESSAGES . "`\n\t\t\t\t\t\t\t\t\tSET `message_read` = '1'\n\t\t\t\t\t\t\t\t\tWHERE `message_receiver` = " . $this->_current_user['user_id'] . "\n\t\t\t\t\t\t\t\t\t\tAND `message_type` IN (" . rtrim($get_messages, ',') . ");"); } else { $mode = isset($_GET['mode']) ? $_GET['mode'] : NULL; } // to delete something $to_delete = isset($_POST['deletemessages']) ? $_POST['deletemessages'] : NULL; if (isset($to_delete)) { $mode = "delete"; } $write_to = isset($_GET['id']) ? (int) $_GET['id'] : NULL; switch ($mode) { case 'write': $text = ''; $error_page = ''; if (!is_numeric($write_to)) { Functions_Lib::redirect('game.php?page=messages'); } else { $OwnerHome = parent::$db->query_fetch("SELECT u.`user_name`, p.`planet_galaxy`, p.`planet_system`, p.`planet_planet`\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM " . PLANETS . " AS p\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tINNER JOIN " . USERS . " as u ON p.planet_user_id = u.user_id\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE p.`planet_user_id` = '" . (int) $write_to . "';"); if (!$OwnerHome) { Functions_Lib::redirect('game.php?page=messages'); } } if ($_POST) { $error = 0; if (!$_POST['subject']) { $error++; $parse['error_text'] = $this->_lang['mg_no_subject']; $parse['error_color'] = '#FF0000'; $error_page = parent::$page->parse_template(parent::$page->get_template('messages/messages_error_table'), $parse); } if (!$_POST['text']) { $error++; $parse['error_text'] = $this->_lang['mg_no_text']; $parse['error_color'] = '#FF0000'; $error_page = parent::$page->parse_template(parent::$page->get_template('messages/messages_error_table'), $parse); } if ($error == 0) { $parse['error_text'] = $this->_lang['mg_msg_sended']; $parse['error_color'] = '#00FF00'; $error_page = parent::$page->parse_template(parent::$page->get_template('messages/messages_error_table'), $parse); $Owner = $write_to; $Sender = $this->_current_user['user_id']; $From = $this->_current_user['user_name'] . ' [' . $this->_current_user['user_galaxy'] . ':' . $this->_current_user['user_system'] . ':' . $this->_current_user['user_planet'] . ']'; $Subject = $_POST['subject']; $Message = Functions_Lib::format_text($_POST['text']); Functions_Lib::send_message($Owner, $Sender, '', 4, $From, $Subject, $Message); $subject = ''; $text = ''; } } $parse['id'] = $write_to; $parse['to'] = $OwnerHome['user_name'] . ' [' . $OwnerHome['planet_galaxy'] . ':' . $OwnerHome['planet_system'] . ':' . $OwnerHome['planet_planet'] . ']'; $parse['subject'] = !isset($subject) ? $this->_lang['mg_no_subject'] : $subject; $parse['text'] = $text; $parse['status_message'] = $error_page; parent::$page->display(parent::$page->parse_template(parent::$page->get_template('messages/messages_pm_form_view'), $parse)); break; case 'delete': if ($to_delete == 'deleteall') { parent::$db->query("DELETE FROM " . MESSAGES . "\n\t\t\t\t\t\t\t\t\t\tWHERE `message_receiver` = '" . $this->_current_user['user_id'] . "';"); } elseif ($to_delete == 'deletemarked') { foreach ($_POST as $Message => $Answer) { if (preg_match("/delmes/i", $Message) && $Answer == 'on') { $MessId = str_replace("delmes", "", $Message); $MessHere = parent::$db->query_fetch("SELECT *\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM " . MESSAGES . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `message_id` = '" . (int) $MessId . "' AND\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t`message_receiver` = '" . $this->_current_user['user_id'] . "';"); if ($MessHere) { parent::$db->query("DELETE FROM " . MESSAGES . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `message_id` = '" . (int) $MessId . "';"); } } } } elseif ($to_delete == 'deleteunmarked') { foreach ($_POST as $Message => $Answer) { $CurMess = preg_match("/showmes/i", $Message); $MessId = str_replace("showmes", "", $Message); $Selected = "delmes" . $MessId; $IsSelected = $_POST[$Selected]; if (preg_match("/showmes/i", $Message) && !isset($IsSelected)) { $MessHere = parent::$db->query_fetch("SELECT *\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM " . MESSAGES . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `message_id` = '" . (int) $MessId . "' AND\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t`message_receiver` = '" . $this->_current_user['user_id'] . "';"); if ($MessHere) { parent::$db->query_fetch("DELETE FROM " . MESSAGES . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `message_id` = '" . (int) $MessId . "';"); } } } } Functions_Lib::redirect('game.php?page=messages'); break; default: if ($this->_have_premium) { $type_row_template = parent::$page->get_template('messages/messages_body_premium_row_view'); $rows = ''; $this->make_counts(); while ($messages_list = parent::$db->fetch_assoc($this->_messages_count)) { $this->_message_type[$messages_list['message_type']]['count'] = $messages_list['message_type_count']; $this->_message_type[$messages_list['message_type']]['unread'] = $messages_list['unread_count']; } foreach ($this->_message_type as $id => $data) { $parse['message_type'] = $data['type_name']; $parse['message_type_name'] = $this->_lang['mg_type'][$id]; $parse['message_amount'] = isset($data['count']) ? $data['count'] : 0; $parse['message_unread'] = isset($data['unread']) ? $data['unread'] : 0; $parse['checked'] = isset($active[$id]) ? 'checked' : ''; $parse['checked_status'] = isset($active[$id]) ? 1 : 0; $rows .= parent::$page->parse_template($type_row_template, $parse); } $parse['message_type_rows'] = $rows; $parse['buddys_count'] = $this->_extra_count['buddys_count']; $parse['alliance_count'] = $this->_extra_count['alliance_count']; $parse['operators_count'] = $this->_extra_count['operators_count']; $parse['notes_count'] = $this->_extra_count['notes_count']; $parse['message_list'] = isset($message_list) ? $this->load_messages($message_list) : ''; $parse['delete_options'] = isset($_GET['dsp']) ? $this->load_delete_box() : ''; } else { // get list of messages $message_list = parent::$db->query("SELECT *\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM `" . MESSAGES . "`\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `message_receiver` = " . $this->_current_user['user_id'] . ";"); // set messages as read parent::$db->query("UPDATE `" . MESSAGES . "`\n\t\t\t\t\t\t\t\t\t\t\tSET `message_read` = '1'\n\t\t\t\t\t\t\t\t\t\t\tWHERE `message_receiver` = " . $this->_current_user['user_id'] . ";"); $single_message_template = parent::$page->get_template('messages/messages_list_row_view'); $list_of_messages = ''; while ($message = parent::$db->fetch_array($message_list)) { $message['message_text'] = nl2br($message['message_text']); $list_of_messages .= parent::$page->parse_template($single_message_template, $message); } $parse['message_list'] = $list_of_messages; } parent::$page->display(parent::$page->parse_template($this->set_default_template(), $parse)); break; } }
/** * method ally_admin * param * return the admin page for someone with an alliance */ private function ally_admin() { $parse = $this->_lang; if ($this->_current_user['user_ally_id'] != 0 && $this->_current_user['user_ally_request'] == 0) { $edit = isset($_GET['edit']) ? $_GET['edit'] : NULL; switch ($edit) { case $edit == 'rights' && $this->have_access($this->_ally['alliance_owner'], $this->permissions['right_hand']) === TRUE: $d = isset($_GET['d']) && is_numeric($_GET['d']) && $_GET['d'] >= 0 ? $_GET['d'] : NULL; $alliance_ranks = unserialize($this->_ally['alliance_ranks']); if (!empty($_POST['newrangname'])) { $name = parent::$db->escape_value(strip_tags($_POST['newrangname'])); $alliance_ranks[] = array('name' => $name, 'mails' => 0, 'delete' => 0, 'kick' => 0, 'bewerbungen' => 0, 'administrieren' => 0, 'bewerbungenbearbeiten' => 0, 'memberlist' => 0, 'onlinestatus' => 0, 'rechtehand' => 0); $ranks = serialize($alliance_ranks); parent::$db->query("UPDATE " . ALLIANCE . " SET\r\n\t\t\t\t\t\t\t\t\t\t\t\t`alliance_ranks`='" . $ranks . "'\r\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE `alliance_id` = " . (int) $this->_ally['alliance_id']); $goto = $_SERVER['PHP_SELF'] . "?" . str_replace('&', '&', $_SERVER['QUERY_STRING']); Functions_Lib::redirect($goto); } elseif (isset($_POST['id']) && $_POST['id'] != '' && is_array($_POST['id'])) { $ally_ranks_new = array(); foreach ($_POST['id'] as $id) { $name = $alliance_ranks[$id]['name']; $ally_ranks_new[$id]['name'] = $name; $ally_ranks_new[$id]['delete'] = isset($_POST['u' . $id . 'r0']) ? 1 : 0; $ally_ranks_new[$id]['kick'] = isset($_POST['u' . $id . 'r1']) && $this->_ally['alliance_owner'] == $this->_current_user['user_id'] ? 1 : 0; $ally_ranks_new[$id]['bewerbungen'] = isset($_POST['u' . $id . 'r2']) ? 1 : 0; $ally_ranks_new[$id]['memberlist'] = isset($_POST['u' . $id . 'r3']) ? 1 : 0; $ally_ranks_new[$id]['bewerbungenbearbeiten'] = isset($_POST['u' . $id . 'r4']) ? 1 : 0; $ally_ranks_new[$id]['administrieren'] = isset($_POST['u' . $id . 'r5']) ? 1 : 0; $ally_ranks_new[$id]['onlinestatus'] = isset($_POST['u' . $id . 'r6']) ? 1 : 0; $ally_ranks_new[$id]['mails'] = isset($_POST['u' . $id . 'r7']) ? 1 : 0; $ally_ranks_new[$id]['rechtehand'] = isset($_POST['u' . $id . 'r8']) ? 1 : 0; } $ranks = serialize($ally_ranks_new); parent::$db->query("UPDATE " . ALLIANCE . " SET\r\n\t\t\t\t\t\t\t\t\t\t\t\t`alliance_ranks`='" . $ranks . "'\r\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE `alliance_id`= " . $this->_ally['alliance_id']); $goto = $_SERVER['PHP_SELF'] . "?" . str_replace('&', '&', $_SERVER['QUERY_STRING']); Functions_Lib::redirect($goto); } elseif (isset($d) && isset($alliance_ranks[$d])) { unset($alliance_ranks[$d]); $this->_ally['ally_rank'] = serialize($alliance_ranks); parent::$db->query("UPDATE " . ALLIANCE . " SET\r\n\t\t\t\t\t\t\t\t\t\t\t\t`alliance_ranks`='" . $this->_ally['ally_rank'] . "'\r\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE `alliance_id` = " . $this->_ally['alliance_id'] . ""); } $i = 0; $list = ''; if (count($alliance_ranks) != 0 && $alliance_ranks != '') { foreach ($alliance_ranks as $a => $b) { if ($this->_ally['alliance_owner'] == $this->_current_user['user_id']) { $r1 = "<input type=checkbox name=\"u{$a}r0\"" . ($b['delete'] == 1 ? ' checked="checked"' : '') . ">"; } else { $r1 = "<b>-</b>"; } $this->_lang['id'] = $a; $this->_lang['r0'] = $b['name']; $this->_lang['delete'] = "<a href=\"game.php?page=alliance&mode=admin&edit=rights&d={$a}\"><img src=\"" . DPATH . "alliance/abort.gif\" border=0></a>"; $this->_lang['a'] = $a; $this->_lang['r1'] = $r1; $this->_lang['r2'] = "<input type=checkbox name=\"u{$a}r1\"" . ($b['kick'] == 1 ? ' checked="checked"' : '') . ">"; $this->_lang['r3'] = "<input type=checkbox name=\"u{$a}r2\"" . ($b['bewerbungen'] == 1 ? ' checked="checked"' : '') . ">"; $this->_lang['r4'] = "<input type=checkbox name=\"u{$a}r3\"" . ($b['memberlist'] == 1 ? ' checked="checked"' : '') . ">"; $this->_lang['r5'] = "<input type=checkbox name=\"u{$a}r4\"" . ($b['bewerbungenbearbeiten'] == 1 ? ' checked="checked"' : '') . ">"; $this->_lang['r6'] = "<input type=checkbox name=\"u{$a}r5\"" . ($b['administrieren'] == 1 ? ' checked="checked"' : '') . ">"; $this->_lang['r7'] = "<input type=checkbox name=\"u{$a}r6\"" . ($b['onlinestatus'] == 1 ? ' checked="checked"' : '') . ">"; $this->_lang['r8'] = "<input type=checkbox name=\"u{$a}r7\"" . ($b['mails'] == 1 ? ' checked="checked"' : '') . ">"; $this->_lang['r9'] = "<input type=checkbox name=\"u{$a}r8\"" . ($b['rechtehand'] == 1 ? ' checked="checked"' : '') . ">"; $list .= parent::$page->parse_template(parent::$page->get_template('alliance/alliance_admin_laws_row'), $this->_lang); } } $this->_lang['list'] = $list; $this->_lang['dpath'] = DPATH; return parent::$page->parse_template(parent::$page->get_template('alliance/alliance_admin_laws'), $this->_lang); break; case '': case 'ally': default: $t = isset($_GET['t']) ? (int) $_GET['t'] : NULL; if ($t != 1 && $t != 2 && $t != 3) { $t = 1; } if ($_POST) { $_POST['owner_range'] = isset($_POST['owner_range']) ? stripslashes($_POST['owner_range']) : ''; $_POST['web'] = isset($_POST['web']) ? stripslashes($_POST['web']) : ''; $_POST['image'] = isset($_POST['image']) ? stripslashes($_POST['image']) : ''; $_POST['text'] = isset($_POST['text']) ? Functions_Lib::format_text($_POST['text']) : ''; } if (isset($_POST['options'])) { $this->_ally['alliance_owner_range'] = parent::$db->escape_value(htmlspecialchars(strip_tags($_POST['owner_range']))); $this->_ally['alliance_web'] = parent::$db->escape_value(htmlspecialchars(strip_tags($_POST['web']))); $this->_ally['alliance_image'] = parent::$db->escape_value(htmlspecialchars(strip_tags($_POST['image']))); $this->_ally['alliance_request_notallow'] = (int) $_POST['request_notallow']; if ($this->_ally['alliance_request_notallow'] != 0 && $this->_ally['alliance_request_notallow'] != 1) { Functions_Lib::redirect('game.php?page=alliance?mode=admin&edit=ally'); } parent::$db->query("UPDATE " . ALLIANCE . " SET\r\n\t\t\t\t\t\t\t\t\t\t\t\t`alliance_owner_range`='" . $this->_ally['alliance_owner_range'] . "',\r\n\t\t\t\t\t\t\t\t\t\t\t\t`alliance_image`='" . $this->_ally['alliance_image'] . "',\r\n\t\t\t\t\t\t\t\t\t\t\t\t`alliance_web`='" . $this->_ally['alliance_web'] . "',\r\n\t\t\t\t\t\t\t\t\t\t\t\t`alliance_request_notallow`='" . $this->_ally['alliance_request_notallow'] . "'\r\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE `alliance_id` = '" . $this->_ally['alliance_id'] . "'"); } elseif (isset($_POST['t'])) { if ($t == 3) { $this->_ally['alliance_request'] = $_POST['text']; parent::$db->query("UPDATE " . ALLIANCE . " SET\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t`alliance_request`='" . $this->_ally['alliance_request'] . "'\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `alliance_id` = '" . $this->_ally['alliance_id'] . "'"); Functions_Lib::redirect('game.php?page=alliance&mode=admin&edit=ally&t=3'); } elseif ($t == 2) { $this->_ally['alliance_text'] = $_POST['text']; parent::$db->query("UPDATE " . ALLIANCE . " SET\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t`alliance_text`='" . $this->_ally['alliance_text'] . "'\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `alliance_id` = '" . $this->_ally['alliance_id'] . "'"); Functions_Lib::redirect('game.php?page=alliance&mode=admin&edit=ally&t=2'); } else { $this->_ally['alliance_description'] = $_POST['text']; parent::$db->query("UPDATE " . ALLIANCE . " SET\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t`alliance_description`='" . $this->_ally['alliance_description'] . "'\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `alliance_id` = '" . $this->_ally['alliance_id'] . "'"); Functions_Lib::redirect('game.php?page=alliance&mode=admin&edit=ally&t=1'); } } $this->_lang['dpath'] = DPATH; if ($t == 3) { $this->_lang['request_type'] = $this->_lang['al_request_text']; } elseif ($t == 2) { $this->_lang['request_type'] = $this->_lang['al_inside_text']; } else { $this->_lang['request_type'] = $this->_lang['al_outside_text']; } if ($t == 2) { $this->_lang['text'] = $this->_ally['alliance_text']; } else { $this->_lang['text'] = $this->_ally['alliance_description']; } if ($t == 3) { $this->_lang['text'] = $this->_ally['alliance_request']; } $this->_lang['t'] = $t; $this->_lang['alliance_web'] = $this->_ally['alliance_web']; $this->_lang['alliance_image'] = $this->_ally['alliance_image']; $this->_lang['alliance_request_notallow_0'] = $this->_ally['alliance_request_notallow'] == 1 ? ' SELECTED' : ''; $this->_lang['alliance_request_notallow_1'] = $this->_ally['alliance_request_notallow'] == 0 ? ' SELECTED' : ''; $this->_lang['alliance_owner_range'] = $this->_ally['alliance_owner_range']; return parent::$page->parse_template(parent::$page->get_template('alliance/alliance_admin'), $this->_lang); break; case $edit == 'members' && $this->have_access($this->_ally['alliance_owner'], $this->permissions['admin_alliance']) === TRUE: $rank = isset($_GET['rank']) ? (int) $_GET['rank'] : NULL; $kick = isset($_GET['kick']) ? (int) $_GET['kick'] : NULL; $id = isset($_GET['id']) ? (int) $_GET['id'] : NULL; $sort1 = isset($_GET['sort1']) ? (int) $_GET['sort1'] : NULL; $sort2 = isset($_GET['sort2']) ? (int) $_GET['sort2'] : NULL; if (isset($kick)) { $this->have_access($this->_ally['alliance_owner'], $this->permissions['kick_users']); $u = parent::$db->query_fetch("SELECT `user_ally_id`, `user_id`\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM `" . USERS . "`\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `user_id` = '" . (int) $kick . "'\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tLIMIT 1"); if ($u['user_ally_id'] == $this->_ally['alliance_id'] && $u['user_id'] != $this->_ally['alliance_owner']) { parent::$db->query("UPDATE " . USERS . " SET\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t`user_ally_id`='0',\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t`user_ally_rank_id` = 0\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `user_id`='" . (int) $u['id'] . "' LIMIT 1;"); } } elseif (isset($_POST['newrang'])) { $u = isset($id) ? $id : ''; $q = parent::$db->query_fetch("SELECT `user_id`\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM " . USERS . "\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `user_id` = '" . (int) $u . "'\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tLIMIT 1"); if ((isset($alliance_ranks[$_POST['newrang'] - 1]) or $_POST['newrang'] == 0) && $q['user_id'] != $this->_ally['alliance_owner']) { parent::$db->query("UPDATE " . USERS . " SET\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t`user_ally_rank_id` = '" . parent::$db->escape_value($_POST['newrang']) . "'\r\n\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `user_id`='" . $q['user_id'] . "'"); } } if ($sort2) { $sort = $this->return_sort($sort1, $sort2); } else { $sort = ''; } $listuser = parent::$db->query("SELECT u.user_id, u.user_onlinetime, u.user_name, u.user_galaxy, u.user_system, u.user_planet, u.user_ally_register_time, u.user_ally_rank_id, s.user_statistic_total_points\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM `" . USERS . "` AS u\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tINNER JOIN `" . USERS_STATISTICS . "`AS s ON u.user_id = s.user_statistic_user_id\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE u.user_ally_id='" . $this->_current_user['user_ally_id'] . "'" . $sort); $i = 0; $r = $this->_lang; $s = $this->_lang; $this->_lang['i'] = parent::$db->num_rows($listuser); $page_list = ''; $r['options'] = ''; while ($u = parent::$db->fetch_array($listuser)) { $u['i'] = ++$i; $u['points'] = Format_Lib::pretty_number($u['user_statistic_total_points']); $days = floor((time() - $u['user_onlinetime']) / (3600 * 24)); $u['user_onlinetime'] = str_replace("%s", $days, "%s d"); if ($this->_ally['alliance_owner'] == $u['user_id']) { $ally_range = $this->_ally['alliance_owner_range'] == '' ? $this->_lang['al_founder_rank_text'] : $this->_ally['alliance_owner_range']; } elseif ($u['user_ally_rank_id'] == 0 or !isset($alliance_ranks[$u['user_ally_rank_id'] - 1]['name'])) { $ally_range = $this->_lang['al_new_member_rank_text']; } else { $ally_range = $alliance_ranks[$u['user_ally_rank_id'] - 1]['name']; } if ($this->_ally['alliance_owner'] == $u['user_id'] or $rank == $u['user_id']) { $u['acciones'] = '-'; } elseif ($alliance_ranks[$this->_current_user['user_ally_rank_id'] - 1]['kick'] == 1 && $alliance_ranks[$this->_current_user['user_ally_rank_id'] - 1]['administrieren'] == 1 or $this->_ally['alliance_owner'] == $this->_current_user['user_id']) { $u['acciones'] = "<a href=\"game.php?page=alliance&mode=admin&edit=members&kick=" . $u['user_id'] . "\" onclick=\"javascript:return confirm('" . str_replace('%s', $u['user_name'], $this->_lang['al_confirm_remove_member']) . "');\"><img src=\"" . DPATH . "alliance/abort.gif\" border=\"0\"></a> <a href=\"game.php?page=alliance&mode=admin&edit=members&rank=" . $u['user_id'] . "\"><img src=\"" . DPATH . "alliance/key.gif\" border=\"0\"></a>"; } elseif ($alliance_ranks[$this->_current_user['user_ally_rank_id'] - 1]['administrieren'] == 1) { $u['acciones'] = "<a href=\"game.php?page=alliance&mode=admin&edit=members&kick=" . $u['user_id'] . "\" onclick=\"javascript:return confirm('" . str_replace('%s', $u['user_name'], $this->_lang['al_confirm_remove_member']) . "');\"><img src=\"" . DPATH . "alliance/abort.gif\" border=\"0\"></a> <a href=\"game.php?page=alliance&mode=admin&edit=members&rank=" . $u['user_id'] . "\"><img src=\"" . DPATH . "alliance/key.gif\" border=\"0\"></a>"; } else { $u['acciones'] = '-'; } $u['dpath'] = DPATH; $u['alliance_register_time'] = date(Functions_Lib::read_config('date_format_extended'), $u['user_ally_register_time']); if ($rank == $u['user_id']) { $r['options'] .= "<option onclick=\"document.editar_usu_rango.submit();\" value=\"0\">" . $this->_lang['al_new_member_rank_text'] . "</option>"; if ($alliance_ranks != NULL) { foreach ($alliance_ranks as $a => $b) { $r['options'] .= "<option onclick=\"document.editar_usu_rango.submit();\" value=\"" . ($a + 1) . "\""; if ($u['user_ally_rank_id'] - 1 == $a) { $r['options'] .= ' selected=selected'; } $r['options'] .= ">{$b['name']}</option>"; } } $r['id'] = $u['user_id']; $editar_miembros = parent::$page->parse_template(parent::$page->get_template('alliance/alliance_admin_members_row_edit'), $r); } if ($rank != $u['user_id']) { $u['ally_range'] = $ally_range; } else { $u['ally_range'] = $editar_miembros; } $page_list .= parent::$page->parse_template(parent::$page->get_template('alliance/alliance_admin_members_row'), $u); } if ($sort2 == 1) { $s = 2; } elseif ($sort2 == 2) { $s = 1; } else { $s = 1; } $this->_lang['memberslist'] = $page_list; $this->_lang['s'] = $s; return parent::$page->parse_template(parent::$page->get_template('alliance/alliance_admin_members_table'), $this->_lang); break; case $edit == 'requests' && $this->have_access($this->_ally['alliance_owner'], $this->permissions['check_requests']) === TRUE: $show = isset($_GET['show']) ? (int) $_GET['show'] : NULL; if (isset($_POST['action']) && $_POST['action'] == $this->_lang['al_acept_request']) { $_POST['text'] = trim(nl2br(strip_tags($_POST['text'], '<br>'))); $_POST['text'] = str_replace('rn', '\\r\\n', $_POST['text']); parent::$db->query("UPDATE " . USERS . " SET\r\n\t\t\t\t\t\t\t\t\t\t\t\tuser_ally_request_text = '',\r\n\t\t\t\t\t\t\t\t\t\t\t\tuser_ally_request = '0',\r\n\t\t\t\t\t\t\t\t\t\t\t\tuser_ally_id = '" . $this->_ally['alliance_id'] . "'\r\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE user_id = '" . $show . "'"); Functions_Lib::send_message($show, $this->_current_user['user_id'], '', 3, $this->_ally['alliance_tag'], $this->_lang['al_you_was_acceted'] . $this->_ally['alliance_name'], $this->_lang['al_hi_the_alliance'] . $this->_ally['alliance_name'] . $this->_lang['al_has_accepted'] . $_POST['text']); Functions_Lib::redirect('game.php?page=alliance&mode=admin&edit=ally'); } elseif (isset($_POST['action']) && $_POST['action'] == $this->_lang['al_decline_request'] && $_POST['action'] != '') { $_POST['text'] = trim(nl2br(strip_tags($_POST['text'], '<br>'))); $_POST['text'] = str_replace('rn', '\\r\\n', $_POST['text']); parent::$db->query("UPDATE " . USERS . " SET\r\n\t\t\t\t\t\t\t\t\t\t\t\tuser_ally_request_text='',\r\n\t\t\t\t\t\t\t\t\t\t\t\tuser_ally_request='0',\r\n\t\t\t\t\t\t\t\t\t\t\t\tuser_ally_id='0'\r\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE user_id = '" . (int) $show . "'"); Functions_Lib::send_message($show, $this->_current_user['user_id'], '', 3, $this->_ally['alliance_tag'], $this->_lang['al_you_was_declined'] . $this->_ally['alliance_name'], $this->_lang['al_hi_the_alliance'] . $this->_ally['alliance_name'] . $this->_lang['al_has_declined'] . $_POST['text']); Functions_Lib::redirect('game.php?page=alliance&mode=admin&edit=ally'); } $i = 0; $query = parent::$db->query("SELECT user_id, user_name, user_ally_request_text, user_ally_register_time\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM " . USERS . "\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE user_ally_request = '" . $this->_ally['alliance_id'] . "'"); /***start fix by jstar***/ $s = array(); $parse['list'] = ''; while ($r = parent::$db->fetch_array($query)) { if (isset($show) && $r['user_id'] == $show) { $s[$show]['username'] = $r['user_name']; $s[$show]['ally_request_text'] = nl2br($r['user_ally_request_text']); $s[$show]['id'] = $r['user_id']; } $r['time'] = date(Functions_Lib::read_config('date_format_extended'), $r['alliance_register_time']); $parse['list'] .= parent::$page->parse_template(parent::$page->get_template('alliance/alliance_admin_request_row'), $r); $i++; } if ($parse['list'] == '') { $parse['list'] = "<tr><th colspan=2>" . $this->_lang['al_no_requests'] . "</th></tr>"; } if (isset($show) && $show != 0 && $parse['list'] != '') { $s[$show]['Request_from'] = str_replace('%s', $s[$show]['username'], $this->_lang['al_request_from']); $parse['request'] = parent::$page->parse_template(parent::$page->get_template('alliance/alliance_admin_request_form'), array_merge($s[$show], $this->_lang)); } else { $parse['request'] = ''; } $parse['ally_tag'] = $this->_ally['alliance_tag']; $parse['There_is_hanging_request'] = str_replace('%n', $i, $this->_lang['al_no_request_pending']); return parent::$page->parse_template(parent::$page->get_template('alliance/alliance_admin_request_table'), $parse); break; case $edit == 'name' && $this->have_access($this->_ally['alliance_owner'], $this->permissions['admin_alliance']) === TRUE: $alliance_name = ''; if ($_POST) { $alliance_name = $this->check_name($_POST['nametag']); parent::$db->query("UPDATE " . ALLIANCE . " AS a SET\r\n\t\t\t\t\t\t\t\t\t\t\t\ta.`alliance_name` = '" . $alliance_name . "',\r\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE a.`alliance_id` = '" . $this->_ally['alliance_id'] . "';"); } $parse['caso'] = $alliance_name == '' ? str_replace('%s', $this->_ally['alliance_name'], $this->_lang['al_change_title']) : str_replace('%s', $alliance_name, $this->_lang['al_change_title']); $parse['caso_titulo'] = $this->_lang['al_new_name']; return parent::$page->parse_template(parent::$page->get_template('alliance/alliance_admin_rename'), $parse); break; case $edit == 'tag' && $this->have_access($this->_ally['alliance_owner'], $this->permissions['admin_alliance']) === TRUE: $alliance_tag = ''; if ($_POST) { $alliance_tag = $this->check_tag($_POST['nametag']); parent::$db->query("UPDATE " . ALLIANCE . " SET\r\n\t\t\t\t\t\t\t\t\t\t\t\t`alliance_tag` = '" . $alliance_tag . "'\r\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE `alliance_id` = '" . $this->_current_user['user_ally_id'] . "';"); } $parse['caso'] = $alliance_tag == '' ? str_replace('%s', $this->_ally['alliance_tag'], $this->_lang['al_change_title']) : str_replace('%s', $alliance_tag, $this->_lang['al_change_title']); $parse['caso_titulo'] = $this->_lang['al_new_tag']; return parent::$page->parse_template(parent::$page->get_template('alliance/alliance_admin_rename'), $parse); break; case $edit == 'exit' && $this->have_access($this->_ally['alliance_owner'], $this->permissions['disolve_alliance']) === TRUE: parent::$db->query("UPDATE `" . USERS . "` SET\r\n\t\t\t\t\t\t\t\t\t\t\t`user_ally_id` = '0'\r\n\t\t\t\t\t\t\t\t\t\t\tWHERE `user_ally_id` = '" . $this->_ally['alliance_id'] . "'"); parent::$db->query("DELETE FROM " . ALLIANCE . "\r\n\t\t\t\t\t\t\t\t\t\t\tWHERE `alliance_id` = '" . $this->_ally['alliance_id'] . "'\r\n\t\t\t\t\t\t\t\t\t\t\tLIMIT 1"); Functions_Lib::redirect('game.php?page=alliance'); break; case $edit == 'transfer' && $this->have_access($this->_ally['alliance_owner'], $this->permissions['admin_alliance']) === TRUE: if (isset($_POST['newleader'])) { parent::$db->query("UPDATE " . USERS . " AS u1, " . ALLIANCE . " AS a, " . USERS . " AS u2 SET\r\n\t\t\t\t\t\t\t\t\t\t\t\tu1.`user_ally_rank_id` = '0',\r\n\t\t\t\t\t\t\t\t\t\t\t\ta.`alliance_owner` = '" . parent::$db->escape_value(strip_tags($_POST['newleader'])) . "',\r\n\t\t\t\t\t\t\t\t\t\t\t\tu2.`user_ally_rank_id` = '0'\r\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE u1.`user_id`=" . $this->_current_user['user_id'] . " AND\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\ta.`alliance_id`=" . $this->_current_user['user_ally_id'] . " AND\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tu2.user_id`='" . parent::$db->escape_value(strip_tags($_POST['newleader'])) . "'"); Functions_Lib::redirect('game.php?page=alliance'); } $page_list = ''; if ($this->_ally['alliance_owner'] != $this->_current_user['user_id']) { Functions_Lib::redirect('game.php?page=alliance'); } else { $listuser = parent::$db->query("SELECT *\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM " . USERS . "\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE user_ally_id = '" . $this->_current_user['user_ally_id'] . "'"); $righthand = $this->_lang; while ($u = parent::$db->fetch_array($listuser)) { if ($this->_ally['alliance_owner'] != $u['user_id']) { if ($u['ally_rank_id'] != 0) { if ($alliance_ranks[$u['user_ally_rank_id'] - 1]['rechtehand'] == 1) { $righthand['righthand'] .= "\n<option value=\"" . $u['user_id'] . "\""; $righthand['righthand'] .= ">"; $righthand['righthand'] .= "" . $u['user_name']; $righthand['righthand'] .= " [" . $alliance_ranks[$u['user_ally_rank_id'] - 1]['name']; $righthand['righthand'] .= "] </option>"; } } } $righthand['dpath'] = DPATH; } $page_list .= parent::$page->parse_template(parent::$page->get_template('alliance/alliance_admin_transfer_row'), $righthand); $parse['list'] = $page_list; return parent::$page->parse_template(parent::$page->get_template('alliance/alliance_admin_transfer'), $parse); } break; } } }