function html_header()
{
if (!defined('SITE_ROOT')) {
define('SITE_ROOT', './');
}
require SITE_ROOT . 'portal_config.php';
require_once SITE_ROOT . 'include/database.class.php';
$currentUserID = $_SESSION['current_userID'];
$db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$db->query("SELECT * FROM forum_users WHERE id='{$currentUserID}'");
if ($row = $db->fetch_array()) {
$username = $row['username'];
$realname = $row['realname'];
}
$db->close();
if ($realname !== null) {
$displayname = $realname;
} else {
$displayname = $username;
}
echo '
<div id="wrap">
<div class="navbar navbar-top"><div class="navbar-inner"><div class="container">
<a class="brand" href="#index.php"><div class="logo-ip"></div></a>
<div class="btn-group pull-left">
<a href="../forum" class="btn btn-inverse"><i class="icon-rss"></i> Forum Ishare</a>
</div>
<div class="btn-group">
<button class="btn dropdown-toggle" data-toggle="dropdown"><i class="icon-list muted"></i> KampusLinks <span class="caret"></span></button>
<ul class="dropdown-menu">
<li><a href="http://mpp.eng.usm.my/">MPPUSMKKj Official Blog</a></li>
<li><a href="http://hepp.eng.usm.my/">BHEPP USMKKj</a></li>
<li><a href="http://infodesk.eng.usm.my/">Infodesk PPKT USMKKj</a></li>
<li><a href="http://www.eng.usm.my/php/blockedIP/">Blocked Port List</a></li>
<li><a href="http://elearning.usm.my/">e-Learning Portal</a></li>
<li><a href="http://campusonline.usm.my/">CampusOnline Portal</a></li>
<li><a href="http://www.tcom.usm.my/">Sistem Direktori Telefon USM</a></li>
<li><a href="http://www.facebook.com/ppkt.eng.usm">Facebook PPKT USMKKj</a></li>
<li class="divider"></li>
<li><a href="http://hik3.net/refcode"><i class="icon-bookmark"></i> RefCode (Snippets)</a></li>
</ul>
</div>
<div class="btn-group pull-right">
<a href="index.php" class="btn btn-primary"><i class="icon-home icon-white"></i> Home</a>
<a href="profile.php?id=' . $currentUserID . '" class="btn btn-inverse"><i class="icon-user"></i> ' . $displayname . '</a>
<button class="btn btn-danger dropdown-toggle" data-toggle="dropdown"><span class="caret"></span></button>
<ul class="dropdown-menu">
<li><a href="edit_profile.php"><i class="icon-edit muted"></i> Edit Profile</a></li>
<li><a href="edit_sharerlink.php"><i class="icon-hdd muted"></i> Edit Sharerlink</a></li>
<li class="divider"></li>
<li><a href="../forum/login.php?action=out&id=' . $currentUserID . '"><i class="icon-off muted"></i> Logout</a></li>
</ul>
</div>
</div></div></div>
';
}
/**
* execute query and return all data in a reader
*
* @return SQLDataReader
*/
public function execute_reader()
{
$this->parse_query();
if (empty($this->queryParsed)) {
return new SQLDataReader();
}
$close = $this->conn->status() == 'closed';
$this->conn->open();
$res = $this->conn->query($this->queryParsed);
$data = array();
while ($row = $this->conn->fetch_array($res)) {
$data[] = $row;
}
// SQLite causes 'unknown error' after successful fetch of all data.
// Don't have a clue why...
$ret = empty($this->conn->error()) || $this->conn->error() == 'unknown error';
if ($close) {
$this->conn->close();
}
return $ret ? new SQLDataReader($data) : new SQLDataReader();
}
<?php
if (!defined('SITE_ROOT')) {
define('SITE_ROOT', '../');
}
require_once SITE_ROOT . 'portal_config.php';
require_once SITE_ROOT . 'include/database.class.php';
require_once SITE_ROOT . 'include/functions.php';
if (isset($_GET['slid'])) {
$dbsls = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$sharerLinkID = $dbsls->prot(htmlspecialchars($_GET['slid']));
$dbsls->query("SELECT * FROM ip_sharerlinks WHERE id='{$sharerLinkID}'");
if ($sls = $dbsls->fetch_array()) {
$url = $sls['sharerurl'];
$removehttp = str_replace('http://', '', $url);
$removeslash = rtrim($removehttp, '/');
if (strpos($removeslash, ':') !== false) {
list($ip, $port) = explode(":", $removeslash);
} else {
$ip = $removeslash;
$port = 80;
}
}
if (fsockopen($ip, $port, $errno, $errstr, 5) !== false) {
echo '1';
$dbsls->query("UPDATE ip_sharerlinks SET status='1' WHERE id='{$sharerLinkID}'");
} else {
echo '0';
$dbsls->query("UPDATE ip_sharerlinks SET status='0' WHERE id='{$sharerLinkID}'");
}
$dbsls->close();
function sql_table_dump($dbhost, $dbuser, $dbpass, $database, $table, $construct, $file)
{
global $lang_global;
$sql_0 = new SQL();
$sql_0->connect($dbhost, $dbuser, $dbpass, $database, true);
$fp = fopen($file, 'r+') or die(error($lang_backup['file_write_err']));
fseek($fp, 0, SEEK_END);
fwrite($fp, "--\n") or die(error($lang_backup['file_write_err']));
fwrite($fp, "-- Dump of {$database}.{$table}\n") or die(error($lang_backup['file_write_err']));
fwrite($fp, "-- Dump DATE : " . date("m.d.y H:i:s") . "\n--\n\n") or die(error($lang_backup['file_write_err']));
if ($construct) {
fwrite($fp, "-- Table structure for table {$database}.{$table}\n") or die(error($lang_backup['file_write_err']));
if (!($fi = $sql_0->query("DESC " . $table))) {
error($sql_0->error());
}
fwrite($fp, "DROP TABLE IF EXISTS {$table};\n") or die(error($lang_backup['file_write_err']));
$pri = "";
$creatinfo = array();
while ($tmp = $sql_0->fetch_row($fi)) {
$con = "`" . $tmp[0] . "` ";
$con .= trim($tmp[1] . " ");
if ($tmp[2] != "YES") {
$con .= " NOT NULL";
}
if ($tmp[4]) {
if ($tmp[4] == 'CURRENT_TIMESTAMP' || $tmp[4] == 'timestamp') {
$con .= " default " . $tmp[4];
} else {
$con .= " default '" . $tmp[4] . "'";
}
} else {
if ($tmp[4] === '' && $tmp[3] != "PRI") {
$con .= " default ''";
} else {
if (strlen($tmp[4]) != 0) {
$con .= " default '0'";
}
}
}
if (strtolower($tmp[5]) == "auto_increment") {
$con .= " auto_increment";
}
$creatinfo[] = $con;
}
$fieldscon = implode(",\n\t", $creatinfo);
fwrite($fp, "CREATE TABLE " . $table . " (") or die(error($lang_backup['file_write_err']));
fwrite($fp, "\n\t{$fieldscon}") or die(error($lang_backup['file_write_err']));
$qkey = $sql_0->query("SHOW INDEX FROM " . $table);
if ($rkey = $sql_0->fetch_array($qkey)) {
$knames = array();
$keys = array();
do {
$keys[$rkey["Key_name"]]["nonunique"] = $rkey["Non_unique"];
if (!$rkey["Sub_part"]) {
$keys[$rkey["Key_name"]]["order"][$rkey["Seq_in_index"] - 1] = $rkey["Column_name"];
} else {
$keys[$rkey["Key_name"]]["order"][$rkey["Seq_in_index"] - 1] = $rkey["Column_name"] . "(" . $rkey["Sub_part"] . ")";
}
$flag = false;
for ($l = 0; $l < sizeof($knames); $l++) {
if ($knames[$l] == $rkey["Key_name"]) {
$flag = true;
}
}
if (!$flag) {
$knames[] = $rkey["Key_name"];
}
} while ($rkey = $sql_0->fetch_array($qkey));
for ($kl = 0; $kl < sizeof($knames); $kl++) {
if ($knames[$kl] == "PRIMARY") {
fwrite($fp, ",\n\tPRIMARY KEY") or die(error($lang_backup['file_write_err']));
} else {
if ($keys[$knames[$kl]]["nonunique"] == "0") {
fwrite($fp, ",\n\tUNIQUE `{$knames[$kl]}`") or die(error($lang_backup['file_write_err']));
} else {
fwrite($fp, ",\n\tKEY `{$knames[$kl]}`") or die(error($lang_backup['file_write_err']));
}
}
$a = @implode("`,`", $keys[$knames[$kl]]["order"]);
fwrite($fp, " (`{$a}`)") or die(error($lang_backup['file_write_err']));
}
}
$query_res = $sql_0->query("SHOW TABLE STATUS FROM {$database} WHERE Name = '{$table}'");
$tmp = $sql_0->fetch_row($query_res);
$query_charset = $sql_0->query("SHOW VARIABLES WHERE Variable_name = 'character_set_database'");
$info = " ";
if ($tmp[1]) {
$info .= "ENGINE={$tmp['1']} ";
}
$info .= "DEFAULT CHARSET=" . $sql_0->result($query_charset, 0, 'Value') . " ";
if ($tmp[16]) {
$info .= strtoupper($tmp[16]) . " ";
}
if ($tmp[10]) {
$info .= "AUTO_INCREMENT={$tmp['10']} ";
}
if ($tmp[17]) {
$info .= "COMMENT='{$tmp['17']}'";
}
fwrite($fp, "\n){$info};\n\n") or die(error($lang_backup['file_write_err']));
}
$query = $sql_0->query("SELECT * FROM {$table}");
$num_fields = $sql_0->num_fields($query);
$numrow = $sql_0->num_rows($query);
$row_counter = 0;
if ($numrow) {
fwrite($fp, "-- Dumping data for table {$database}.{$table}\n") or die(error($lang_backup['file_write_err']));
fwrite($fp, "LOCK TABLES {$table} WRITE;\n") or die(error($lang_backup['file_write_err']));
fwrite($fp, "DELETE FROM {$table};\n") or die(error($lang_backup['file_write_err']));
fwrite($fp, "INSERT INTO {$table} (") or die(error($lang_backup['file_write_err']));
for ($count = 0; $count < $num_fields; $count++) {
fwrite($fp, "`" . $sql_0->field_name($query, $count) . "`") or die(error($lang_backup['file_write_err']));
if ($count < $num_fields - 1) {
fwrite($fp, ",") or die(error($lang_backup['file_write_err']));
}
}
fwrite($fp, ") VALUES \n") or die(error($lang_backup['file_write_err']));
for ($i = 0; $i < $numrow; $i++) {
$row_counter++;
fwrite($fp, "\t(") or die(error($lang_backup['file_write_err']));
$row = $sql_0->fetch_row($query);
for ($j = 0; $j < $num_fields; $j++) {
$row[$j] = addslashes($row[$j]);
$row[$j] = ereg_replace("\n", "\\n", $row[$j]);
if (isset($row[$j])) {
if ($sql_0->field_type($query, $j) == "int") {
fwrite($fp, "{$row[$j]}") or die(error($lang_backup['file_write_err']));
} else {
fwrite($fp, "'{$row[$j]}'") or die(error($lang_backup['file_write_err']));
}
} else {
fwrite($fp, "''") or die(error($lang_backup['file_write_err']));
}
if ($j < $num_fields - 1) {
fwrite($fp, ",") or die(error($lang_backup['file_write_err']));
}
}
if ($row_counter >= 10) {
fwrite($fp, ");\n") or die(error($lang_backup['file_write_err']));
fwrite($fp, "INSERT INTO {$table} (") or die(error($lang_backup['file_write_err']));
for ($count = 0; $count < $num_fields; $count++) {
fwrite($fp, "`" . $sql_0->field_name($query, $count) . "`") or die(error($lang_backup['file_write_err']));
if ($count < $num_fields - 1) {
fwrite($fp, ",") or die(error($lang_backup['file_write_err']));
}
}
fwrite($fp, ") VALUES \n") or die(error($lang_backup['file_write_err']));
$row_counter = 0;
} elseif ($i < $numrow - 1) {
fwrite($fp, "),\n") or die(error($lang_backup['file_write_err']));
}
}
fwrite($fp, ");\n") or die(error($lang_backup['file_write_err']));
fwrite($fp, "UNLOCK TABLES;\n") or die(error($lang_backup['file_write_err']));
} else {
fwrite($fp, "-- EMPTY\n") or die(error($lang_backup['file_write_err']));
}
$sql_0->close();
fwrite($fp, "\n") or die(error($lang_backup['file_write_err']));
fclose($fp);
}
function search()
{
global $lang_global, $lang_mail, $output, $itemperpage, $item_datasite, $mangos_db, $characters_db, $realm_id, $sql_search_limit;
wowhead_tt();
if (!isset($_GET['search_value']) || !isset($_GET['search_by'])) {
redirect("mail_on.php?error=2");
}
$sql = new SQL();
$sql->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
$search_value = $sql->quote_smart($_GET['search_value']);
$search_by = $sql->quote_smart($_GET['search_by']);
$search_menu = array('sender', 'receiver');
// if (!array_key_exists($search_by, $search_menu)) $search_by = 'sender';
$start = isset($_GET['start']) ? $sql->quote_smart($_GET['start']) : 0;
$order_by = isset($_GET['order_by']) ? $sql->quote_smart($_GET['order_by']) : "id";
$dir = isset($_GET['dir']) ? $sql->quote_smart($_GET['dir']) : 1;
$order_dir = $dir ? "ASC" : "DESC";
$dir = $dir ? 0 : 1;
if ($search_value == '') {
$search_by .= ' != 0';
} else {
$temp = $sql->query("SELECT guid FROM `characters` WHERE name like '%{$search_value}%'");
$search_value = $sql->result($temp, 0, 'guid');
$search_by .= ' =' . $search_value;
}
$query_1 = $sql->query("SELECT count(*) FROM `mail`");
$query = $sql->query("SELECT a.id, a.messageType, a.sender, a.receiver, a.subject, a.body, a.has_items, a.money, a.cod, a.checked, b.item_template\r\n FROM mail a\r\n LEFT JOIN mail_items b ON a.id = b.mail_id\r\n WHERE {$search_by}\r\n ORDER BY {$order_by} {$order_dir} LIMIT {$start}, {$itemperpage}");
$this_page = $sql->num_rows($query);
$all_record = $sql->result($query_1, 0);
$total_found = $sql->num_rows($query);
//==========================top page navigation starts here========================
$output .= "<center><table class=\"top_hidden\">\r\n <tr><td>\r\n <table class=\"hidden\">\r\n <tr><td>\r\n <form action=\"mail_on.php\" method=\"get\" name=\"form\">\r\n <input type=\"hidden\" name=\"action\" value=\"search\" />\r\n <input type=\"hidden\" name=\"error\" value=\"4\" />\r\n <input type=\"text\" size=\"45\" name=\"search_value\" />\r\n <select name=\"search_by\">\r\n <option value=\"a.sender\">Sender</option>\r\n <option value=\"a.receiver\">Receiver</option>\r\n </select></form></td><td>";
makebutton($lang_global['search'], "javascript:do_submit()", 80);
$output .= "</td></tr></table>\r\n <td align=\"right\">";
$output .= generate_pagination("mail_on.php?action=search&order_by={$order_by}&dir=" . !$dir, $all_record, $itemperpage, $start);
$output .= "</td></tr></table>";
//==========================top page navigation ENDS here ========================
$output .= "<table class=\"lined\">\r\n <tr>\r\n <th width=\"5%\">" . $lang_mail['id'] . "</th>\r\n <th width=\"5%\">" . $lang_mail['mail_type'] . "</th>\r\n <th width=\"10%\">" . $lang_mail['sender'] . "</th>\r\n <th width=\"10%\">" . $lang_mail['receiver'] . "</th>\r\n <th width=\"15%\">" . $lang_mail['subject'] . "</th>\r\n <th width=\"5%\">" . $lang_mail['has_items'] . "</th>\r\n <th width=\"25%\">" . $lang_mail['text'] . "</th>\r\n <th width=\"20%\">" . $lang_mail['money'] . "</th>\r\n <th width=\"5%\">" . $lang_mail['checked'] . "</th>\r\n </tr>";
while ($mail = $sql->fetch_array($query)) {
$g = floor($mail[7] / 10000);
$mail[7] -= $g * 10000;
$s = floor($mail[7] / 100);
$mail[7] -= $s * 100;
$c = $mail[7];
$money = "";
if ($mail[7] > 0) {
$money = $g . "<img src=\"./img/gold.gif\" /> " . $s . "<img src=\"./img/silver.gif\" /> " . $c . "<img src=\"./img/copper.gif\" /> ";
}
$output .= "<tr valign=top>\r\n <td>{$mail['0']}</td>\r\n <td>" . get_mail_source($mail[1]) . "</td>\r\n <td><a href=\"char.php?id={$mail['2']}\">" . get_char_name($mail[2]) . "</a></td>\r\n <td><a href=\"char.php?id={$mail['3']}\">" . get_char_name($mail[3]) . "</a></td>\r\n <td>{$mail['4']}</td>\r\n ";
$output .= "<td>";
if ($mail[6]) {
$output .= "\r\n <a style=\"padding:2px;\" href=\"{$item_datasite}{$mail[10]}\" target=\"_blank\">\r\n <img class=\"bag_icon\" src=\"" . get_item_icon($mail[10]) . "\" alt=\"\" />\r\n </a>";
}
//maketooltip("<img src=\"./img/up.gif\" alt=\"\">", $item_datasite{$mail[10]}, $mail[10], "item_tooltip", "target=\"_blank\"");
$output .= "</td>";
$output .= "<td>" . get_mail_text($mail[0]) . "</td>\r\n <td>{$money}</td>\r\n <td>" . get_check_state($mail[9]) . "</td>\r\n </tr>";
}
/*--------------------------------------------------*/
$output .= "<tr><td colspan=\"6\" class=\"hidden\" align=\"right\">All Mails: {$all_record}</td></tr>\r\n </table></center>";
$sql->close();
}
}
}
if (isset($_GET['lastid']) && !empty($_GET['lastid'])) {
$db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$lastid = $db->prot(htmlspecialchars($_GET['lastid']));
$db->query("SELECT * FROM ip_shouts WHERE id<'{$lastid}' ORDER BY id DESC LIMIT 20");
$count_shout_more = 0;
while ($row = $db->fetch_assoc()) {
$count_shout_more++;
$get_shoutID = $row['id'];
$get_userID = $row['user_id'];
$get_shoutMsg = $row['shout_msg'];
$get_sTime = $row['shout_time'];
$dbf = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$dbf->query("SELECT * FROM forum_users WHERE id='{$get_userID}'");
if ($rowf = $dbf->fetch_array()) {
$get_groupID = $rowf['group_id'];
$get_username = $rowf['username'];
$get_realname = $rowf['realname'];
$get_title = $rowf['title'];
$get_location = $rowf['location'];
$get_registered = $rowf['registered'];
$get_url = $rowf['url'];
$get_facebook = $rowf['facebook'];
$get_twitter = $rowf['twitter'];
$show_avatar = $rowf['show_avatars'];
$avatar_type = $rowf['avatar'];
if ($get_facebook == null) {
$facebook_url = '';
} else {
if (strpos($get_facebook, "http://") === 0 || strpos($get_facebook, "https://") === 0) {
function dobackup()
{
global $lang_backup, $backup_dir, $tables_backup_realmd, $tables_backup_characters, $output, $realm_db, $characters_db, $realm_id, $tab_backup_user_realmd, $tab_backup_user_characters;
if (empty($_GET['backup_action']) || empty($_GET['backup_from_to'])) {
redirect("backup.php?error=1");
} else {
$backup_action = addslashes($_GET['backup_action']);
$backup_from_to = addslashes($_GET['backup_from_to']);
}
if ("load" == $backup_action && "file" == $backup_from_to) {
if (!eregi("(\\.(sql|qbquery))\$", $_FILES["uploaded_file"]["name"])) {
error($lang_backup['upload_sql_file_only']);
}
$uploaded_filename = str_replace(" ", "_", $_FILES["uploaded_file"]["name"]);
$uploaded_filename = preg_replace("/[^_A-Za-z0-9-\\.]/i", '', $uploaded_filename);
$file_name_new = $uploaded_filename . "_" . date("m.d.y_H.i.s") . ".sql";
move_uploaded_file($_FILES["uploaded_file"]["tmp_name"], "{$backup_dir}/{$file_name_new}") or die(error("{$lang_backup['upload_err_write_permission']} {$backup_dir}"));
if (file_exists("{$backup_dir}/{$file_name_new}")) {
require_once "libs/db_lib/sql_lib.php";
$use_db = addslashes($_POST['use_db']);
if ($use_db == $realm_db['name']) {
$queries = run_sql_script($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name'], "{$backup_dir}/{$file_name_new}", true);
} else {
foreach ($characters_db as $db) {
if ($use_db == $db['name']) {
$queries = run_sql_script($db['addr'], $db['user'], $db['pass'], $db['name'], "{$backup_dir}/{$file_name_new}", true);
}
}
}
redirect("backup.php?error=4&tot={$queries}");
} else {
error($lang_backup['file_not_found']);
}
} elseif ("load" == $backup_action && "web" == $backup_from_to) {
if (empty($_POST['selected_file_name'])) {
redirect("backup.php?error=1");
} else {
$file_name = addslashes($_POST['selected_file_name']);
}
if (file_exists("{$backup_dir}/{$file_name}")) {
require_once "libs/db_lib/sql_lib.php";
$use_db = addslashes($_POST['use_db']);
if ($use_db == $realm_db['name']) {
$queries = run_sql_script($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name'], "{$backup_dir}/{$file_name}", false);
} else {
foreach ($characters_db as $db) {
if ($use_db == $db['name']) {
$queries = run_sql_script($db['addr'], $db['user'], $db['pass'], $db['name'], "{$backup_dir}/{$file_name}", false);
}
}
}
redirect("backup.php?error=4&tot={$queries}");
} else {
error($lang_backup['file_not_found']);
}
} elseif ("save" == $backup_action && "file" == $backup_from_to) {
//save and send to user
$struc_backup = addslashes($_GET['struc_backup']);
$save_all_realms = addslashes($_GET['save_all_realms']);
if ($save_all_realms) {
$temp_id = "all_realms";
} else {
$temp_id = "realmid_" . $realm_id;
}
$file_name_new = $temp_id . "_backup_" . date("m.d.y_H.i.s") . ".sql";
$fp = fopen("{$backup_dir}/{$file_name_new}", 'w') or die(error($lang_backup['file_write_err']));
fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$realm_db['name']};\n") or die(error($lang_backup['file_write_err']));
fwrite($fp, "USE {$realm_db['name']};\n\n") or die(error($lang_backup['file_write_err']));
fclose($fp);
require_once "libs/db_lib/sql_lib.php";
foreach ($tables_backup_realmd as $value) {
sql_table_dump($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name'], $value, $struc_backup, "{$backup_dir}/{$file_name_new}");
}
if ($save_all_realms) {
foreach ($characters_db as $db) {
$fp = fopen("{$backup_dir}/{$file_name_new}", 'r+') or die(error($lang_backup['file_write_err']));
fseek($fp, 0, SEEK_END);
fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$db['name']};\n") or die(error($lang_backup['file_write_err']));
fwrite($fp, "USE {$db['name']};\n\n") or die(error($lang_backup['file_write_err']));
fclose($fp);
foreach ($tables_backup_characters as $value) {
sql_table_dump($db['addr'], $db['user'], $db['pass'], $db['name'], $value, $struc_backup, "{$backup_dir}/{$file_name_new}");
}
}
} else {
$fp = fopen("{$backup_dir}/{$file_name_new}", 'r+') or die(error($lang_backup['file_write_err']));
fseek($fp, 0, SEEK_END);
fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$characters_db[$realm_id]['name']};\n") or die(error($lang_backup['file_write_err']));
fwrite($fp, "USE {$characters_db[$realm_id]['name']};\n\n") or die(error($lang_backup['file_write_err']));
fclose($fp);
foreach ($tables_backup_characters as $value) {
sql_table_dump($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name'], $value, $struc_backup, "{$backup_dir}/{$file_name_new}");
}
}
Header("Content-type: application/octet-stream");
Header("Content-Disposition: attachment; filename={$file_name_new}");
$fp = fopen("{$backup_dir}/{$file_name_new}", 'r') or die(error($lang_backup['file_write_err']));
while (!feof($fp)) {
$output_file = fread($fp, 1024);
echo $output_file;
}
fclose($fp);
unlink("{$backup_dir}/{$file_name_new}");
exit;
} elseif ("save" == $backup_action && "web" == $backup_from_to) {
//save backup to web/backup folder
$struc_backup = addslashes($_GET['struc_backup']);
$save_all_realms = addslashes($_GET['save_all_realms']);
$file_name_new = $realm_db['name'] . "_backup_" . date("m.d.y_H.i.s") . ".sql";
$fp = fopen("{$backup_dir}/{$file_name_new}", 'w') or die(error($lang_backup['file_write_err']));
fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$realm_db['name']};\n") or die(error($lang_backup['file_write_err']));
fwrite($fp, "USE {$realm_db['name']};\n\n") or die(error($lang_backup['file_write_err']));
fclose($fp);
require_once "libs/db_lib/sql_lib.php";
foreach ($tables_backup_realmd as $value) {
sql_table_dump($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name'], $value, $struc_backup, "{$backup_dir}/{$file_name_new}");
}
fclose($fp);
if ($save_all_realms) {
foreach ($characters_db as $db) {
$file_name_new = $db['name'] . "_backup_" . date("m.d.y_H.i.s") . ".sql";
$fp = fopen("{$backup_dir}/{$file_name_new}", 'w') or die(error($lang_backup['file_write_err']));
fseek($fp, 0, SEEK_END);
fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$db['name']};\n") or die(error($lang_backup['file_write_err']));
fwrite($fp, "USE {$db['name']};\n\n") or die(error($lang_backup['file_write_err']));
fclose($fp);
foreach ($tables_backup_characters as $value) {
sql_table_dump($db['addr'], $db['user'], $db['pass'], $db['name'], $value, $struc_backup, "{$backup_dir}/{$file_name_new}");
}
fclose($fp);
}
} else {
$file_name_new = $characters_db[$realm_id]['name'] . "_backup_" . date("m.d.y_H.i.s") . ".sql";
$fp = fopen("{$backup_dir}/{$file_name_new}", 'w') or die(error($lang_backup['file_write_err']));
fseek($fp, 0, SEEK_END);
fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$characters_db[$realm_id]['name']};\n") or die(error($lang_backup['file_write_err']));
fwrite($fp, "USE {$characters_db[$realm_id]['name']};\n\n") or die(error($lang_backup['file_write_err']));
fclose($fp);
foreach ($tables_backup_characters as $value) {
sql_table_dump($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name'], $value, $struc_backup, "{$backup_dir}/{$file_name_new}");
}
fclose($fp);
}
redirect("backup.php?error=2");
exit;
} elseif ("save" == $backup_action && "acc_on_file" == $backup_from_to) {
//save evry account in different file
$struc_backup = addslashes($_GET['struc_backup']);
$save_all_realms = addslashes($_GET['save_all_realms']);
$sql = new SQL();
$sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$query = $sql->query("SELECT id FROM account");
$subdir = "{$backup_dir}/accounts/" . date("m_d_y_H_i_s");
mkdir($subdir, 0750);
while ($acc = $sql->fetch_array($query)) {
$file_name_new = $acc[0] . "_{$realm_db['name']}.sql";
$fp = fopen("{$subdir}/{$file_name_new}", 'w') or die(error($lang_backup['file_write_err']));
fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$realm_db['name']};\n") or die(error($lang_backup['file_write_err']));
fwrite($fp, "USE {$realm_db['name']};\n\n") or die(error($lang_backup['file_write_err']));
$sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
foreach ($tab_backup_user_realmd as $value) {
$acc_query = $sql->query("SELECT * FROM {$value['0']} WHERE {$value['1']} = {$acc['0']}");
$num_fields = $sql->num_fields($acc_query);
$numrow = $sql->num_rows($acc_query);
$result = "-- Dumping data for {$value['0']} " . date("m.d.y_H.i.s") . "\n";
$result .= "LOCK TABLES {$value['0']} WRITE;\n";
$result .= "DELETE FROM {$value['0']} WHERE {$value['1']} = {$acc['0']};\n";
if ($numrow) {
$result .= "INSERT INTO {$value['0']} (";
for ($count = 0; $count < $num_fields; $count++) {
$result .= "`" . $sql->field_name($acc_query, $count) . "`";
if ($count < $num_fields - 1) {
$result .= ",";
}
}
$result .= ") VALUES \n";
for ($i = 0; $i < $numrow; $i++) {
$result .= "\t(";
$row = $sql->fetch_row($acc_query);
for ($j = 0; $j < $num_fields; $j++) {
$row[$j] = addslashes($row[$j]);
$row[$j] = ereg_replace("\n", "\\n", $row[$j]);
if (isset($row[$j])) {
if ($sql->field_type($acc_query, $j) == "int") {
$result .= "{$row[$j]}";
} else {
$result .= "'{$row[$j]}'";
}
} else {
$result .= "''";
}
if ($j < $num_fields - 1) {
$result .= ",";
}
}
if ($i < $numrow - 1) {
$result .= "),\n";
}
}
$result .= ");\n";
}
$result .= "UNLOCK TABLES;\n";
$result .= "\n";
fwrite($fp, $result) or die(error($lang_backup['file_write_err']));
}
fclose($fp);
foreach ($characters_db as $db) {
$file_name_new = $acc[0] . "_{$db['name']}.sql";
$fp = fopen("{$subdir}/{$file_name_new}", 'w') or die(error($lang_backup['file_write_err']));
fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$db['name']};\n") or die(error($lang_backup['file_write_err']));
fwrite($fp, "USE {$db['name']};\n\n") or die(error($lang_backup['file_write_err']));
$sql->connect($db['addr'], $db['user'], $db['pass'], $db['name']);
$all_char_query = $sql->query("SELECT guid,name FROM `characters` WHERE account = {$acc['0']}");
while ($char = $sql->fetch_array($all_char_query)) {
fwrite($fp, "-- Dumping data for character {$char['1']}\n") or die(error($lang_backup['file_write_err']));
foreach ($tab_backup_user_characters as $value) {
$char_query = $sql->query("SELECT * FROM {$value['0']} WHERE {$value['1']} = {$char['0']}");
$num_fields = $sql->num_fields($char_query);
$numrow = $sql->num_rows($char_query);
$result = "LOCK TABLES {$value['0']} WRITE;\n";
$result .= "DELETE FROM {$value['0']} WHERE {$value['1']} = {$char['0']};\n";
if ($numrow) {
$result .= "INSERT INTO {$value['0']} (";
for ($count = 0; $count < $num_fields; $count++) {
$result .= "`" . $sql->field_name($char_query, $count) . "`";
if ($count < $num_fields - 1) {
$result .= ",";
}
}
$result .= ") VALUES \n";
for ($i = 0; $i < $numrow; $i++) {
$result .= "\t(";
$row = $sql->fetch_row($char_query);
for ($j = 0; $j < $num_fields; $j++) {
$row[$j] = addslashes($row[$j]);
$row[$j] = ereg_replace("\n", "\\n", $row[$j]);
if (isset($row[$j])) {
if ($sql->field_type($char_query, $j) == "int") {
$result .= "{$row[$j]}";
} else {
$result .= "'{$row[$j]}'";
}
} else {
$result .= "''";
}
if ($j < $num_fields - 1) {
$result .= ",";
}
}
if ($i < $numrow - 1) {
$result .= "),\n";
}
}
$result .= ");\n";
}
$result .= "UNLOCK TABLES;\n";
$result .= "\n";
fwrite($fp, $result) or die(error($lang_backup['file_write_err']));
}
}
fclose($fp);
}
}
$sql->close();
unset($sql);
redirect("backup.php?error=2");
} elseif ("load" == $backup_action && "acc_on_file" == $backup_from_to) {
//load saved account
if (empty($_POST['selected_file_name']) || empty($_POST['file_dir'])) {
redirect("backup.php?error=1");
} else {
$file_name = addslashes($_POST['selected_file_name']);
$file_dir = addslashes($_POST['file_dir']);
$use_db = addslashes($_POST['use_db']);
}
$file_tmp = "{$backup_dir}/accounts/{$file_dir}/" . $file_name . "_{$use_db}.sql";
if (file_exists($file_tmp)) {
require_once "libs/db_lib/sql_lib.php";
if ($use_db == $realm_db['name']) {
$queries = run_sql_script($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name'], "{$backup_dir}/accounts/{$file_dir}/{$file_name}.sql", true);
} else {
foreach ($characters_db as $db) {
if ($use_db == $db['name']) {
$queries = run_sql_script($db['addr'], $db['user'], $db['pass'], $db['name'], "{$backup_dir}/accounts/{$file_dir}/{$file_name}.sql", true);
}
}
}
redirect("backup.php?error=4&tot={$queries}");
} else {
error($lang_backup['file_not_found']);
}
} else {
//non of the options = error
redirect("backup.php?error=1");
}
}
<?php
if (isset($_GET['retweet']) && !empty($_GET['retweet'])) {
if (!defined('SITE_ROOT')) {
define('SITE_ROOT', '../');
}
require_once SITE_ROOT . 'portal_config.php';
require_once SITE_ROOT . 'include/database.class.php';
$db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$retweetID = $db->prot(htmlspecialchars($_GET['retweet']));
$db->query("SELECT shout_msg FROM ip_shouts WHERE id='{$retweetID}'");
if ($row = $db->fetch_array()) {
$shoutMsg = stripslashes(rtrim(htmlspecialchars_decode($row['shout_msg'])));
$shoutMsg = str_ireplace("[rt]", "", $shoutMsg);
$shoutMsg = str_ireplace("[/rt]", "", $shoutMsg);
$shoutMsg = str_ireplace("<code>", "", $shoutMsg);
$shoutMsg = str_ireplace("</code>", "", $shoutMsg);
if (preg_match("/!update/i", $shoutMsg)) {
$replaceShout = str_ireplace("!update", "", $shoutMsg);
echo '[rt]' . $replaceShout . '[/rt]';
} else {
if (preg_match("/!request/i", $shoutMsg)) {
$replaceShout = str_ireplace("!request", "", $shoutMsg);
echo '[rt]' . $replaceShout . '[/rt]';
} else {
echo '[rt]' . $shoutMsg . '[/rt]';
}
}
} else {
echo 'KO';
}
function edit_user()
{
global $lang_edit, $lang_global, $output, $realm_db, $characters_db, $realm_id, $mmfpm_db, $user_name, $user_id, $lang_id_tab, $gm_level_arr, $ren_char, $total_points;
mysql_connect($realm_db['addr'], $realm_db['user'], $realm_db['pass']);
mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']);
$referred_by = mysql_fetch_row(mysql_query("SELECT `InvitedBy` FROM point_system_invites WHERE `PlayersAccount` = '{$user_name}';"));
$referred_by = $referred_by[0];
$total_points = mysql_fetch_row(mysql_query("SELECT `points` FROM point_system WHERE `accountid` = '{$user_id}';"));
$total_points = $total_points[0];
if ($total_points <= 0) {
$total_points = (int) 0;
}
$datetime = date("Y-m-d H:i:s");
//################################################################################
##############################
// INVITE SYSTEM
//################################################################################
##############################
$invite_points = 2;
$write_invited = 1;
mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']);
$rewarded = mysql_fetch_row(mysql_query("SELECT `Rewarded` FROM point_system_invites WHERE `PlayersAccount` = '{$user_name}';"));
$rewarded = $rewarded[0];
if ($rewarded != NULL) {
if ($rewarded == 0) {
if ($referred_by != NULL) {
mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']);
$total_points = mysql_fetch_row(mysql_query("SELECT `points` FROM point_system WHERE `accountid` = '{$user_id}';"));
$total_points = $total_points[0];
if ($total_points == NULL) {
$total_points = -1;
}
if ($total_points >= 0) {
mysql_select_db($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
$RightLevel = mysql_fetch_row(mysql_query("SELECT CAST(SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) AS UNSIGNED) AS `lvl` FROM `characters` WHERE account='{$user_id}' AND (SELECT CAST(SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) AS UNSIGNED)) >= '45' ORDER BY `lvl` DESC LIMIT 1;"));
if ($RightLevel[0] != NULL) {
mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']);
mysql_query("UPDATE point_system SET `points` = ({$total_points} + {$write_invited}) WHERE `accountid` = '{$user_id}';");
mysql_query("INSERT INTO point_system_requests (`username`, `request`, `date`, `code`, `treated`) VALUES ('{$user_name}', 'Got {$write_invited} Points', '{$datetime}', 'For Writing a Reffer', 'Yes');");
mysql_query("UPDATE point_system_invites SET `Rewarded` = '1' WHERE `PlayersAccount` = '{$user_name}';");
$output .= "You Received {$write_invited} Points for Writing who invited you!<br>";
}
}
if ($total_points == -1) {
mysql_select_db($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
$RightLevel = mysql_fetch_row(mysql_query("SELECT CAST(SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) AS UNSIGNED) AS `lvl` FROM `characters` WHERE account='{$user_id}' AND (SELECT CAST(SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) AS UNSIGNED)) >= '45' ORDER BY `lvl` DESC LIMIT 1;"));
if ($RightLevel[0] != NULL) {
mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']);
mysql_query("INSERT INTO point_system (`accountid`, `points`) VALUES ('{$user_id}', '{$write_invited}');");
mysql_query("INSERT INTO point_system_requests (`username`, `request`, `date`, `code`, `treated`) VALUES ('{$user_name}', 'Created {$write_invited} Points', '{$datetime}', 'For Writing a Reffer', 'Yes');");
mysql_query("UPDATE point_system_invites SET `Rewarded` = '1' WHERE `PlayersAccount` = '{$user_name}';");
$output .= "You Received {$write_invited} Points for Writing who invited you! (NEW)<br>";
}
}
}
}
}
mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']);
$HasPoints = mysql_fetch_row(mysql_query("SELECT `PlayersAccount`,`Treated` FROM point_system_invites WHERE `InviterAccount` = '{$user_name}' AND `Treated` = 0 LIMIT 1;"));
if ($HasPoints != NULL) {
$HasPoint = $HasPoints[1];
$PlayersAccount = $HasPoints[0];
mysql_select_db($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$iIP = mysql_fetch_row(mysql_query("SELECT `last_ip` FROM account WHERE `username` = '{$PlayersAccount}';"));
$pIP = mysql_fetch_row(mysql_query("SELECT `last_ip` FROM account WHERE `username` = '{$user_name}';"));
if ($HasPoint != 1) {
if ($iIP[0] != $pIP[0]) {
mysql_select_db($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$PlayersAccountID = mysql_fetch_row(mysql_query("SELECT `id` FROM account WHERE `username` = '{$PlayersAccount}';"));
$PlayersAccountID = $PlayersAccountID[0];
mysql_select_db($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
$RightLevel = mysql_fetch_row(mysql_query("SELECT CAST(SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) AS UNSIGNED) AS `lvl` FROM `characters` WHERE account='{$PlayersAccountID}' AND (SELECT CAST(SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) AS UNSIGNED)) >= '45' ORDER BY `lvl` DESC LIMIT 1;"));
if ($user_id < $PlayersAccountID) {
if ($RightLevel[0] != NULL) {
$output .= "You received points for account {$PlayersAccount} who has a player level {$RightLevel['0']}<br>";
mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']);
$total_points = mysql_fetch_row(mysql_query("SELECT `points` FROM point_system WHERE `accountid` = '{$user_id}';"));
$total_points = $total_points[0];
if ($total_points == NULL) {
$total_points = -1;
}
if ($total_points >= 0) {
mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']);
mysql_query("UPDATE point_system SET `points` = ({$total_points} + {$invite_points}) WHERE `accountid` = '{$user_id}';");
mysql_query("INSERT INTO point_system_requests (`username`, `request`, `date`, `code`, `treated`) VALUES ('{$user_name}', 'Added {$invite_points} Points', '{$datetime}', 'Invited {$PlayersAccount}', 'Yes');");
mysql_query("UPDATE point_system_invites SET `Treated` = '1' WHERE `PlayersAccount` = '{$PlayersAccount}';");
$output .= "You Received {$invite_points} Points for Inviting a Friend, Good JOB!";
}
if ($total_points == -1) {
mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']);
mysql_query("INSERT INTO point_system (`accountid`, `points`) VALUES ('{$user_id}', '{$invite_points}');");
mysql_query("INSERT INTO point_system_requests (`username`, `request`, `date`, `code`, `treated`) VALUES ('{$user_name}', 'Created {$invite_points} Points', '{$datetime}', 'Invited {$PlayersAccount}', 'Yes');");
mysql_query("UPDATE point_system_invites SET `Treated` = '1' WHERE `PlayersAccount` = '{$PlayersAccount}';");
$output .= "You Received {$invite_points} Points for Inviting a Friend, Good JOB! (NEW)";
}
} else {
mysql_select_db($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
$RightLevel = mysql_fetch_row(mysql_query("SELECT CAST(SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) AS UNSIGNED) AS `lvl` FROM `characters` WHERE account='{$PlayersAccountID}' AND (SELECT CAST(SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) AS UNSIGNED)) >= '45' ORDER BY `lvl` DESC LIMIT 1;"));
mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']);
mysql_query("UPDATE point_system_invites SET `Treated` = '1' WHERE `PlayersAccount` = '{$PlayersAccount}';");
$output .= "Players you invited did not reach correct level for points";
if ($RightLevel != NULL) {
mysql_query("UPDATE point_system_invites SET `Treated` = '0' WHERE `PlayersAccount` = '{$PlayersAccount}';");
}
}
} else {
$output .= "Inviter is older than you";
mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']);
mysql_query("UPDATE point_system_invites SET `Treated` = '1' WHERE `PlayersAccount` = '{$PlayersAccount}';");
}
} else {
$output .= "Same comp Same IP";
}
} else {
$output .= "All invite points has been treated";
}
} else {
$output .= "No New Points to add";
}
//################################################################################
##############################
// PRINT
//################################################################################
##############################
$sql = new SQL();
$sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$result = $sql->query("SELECT email,gmlevel,joindate,expansion FROM account WHERE username ='******'");
if ($acc = $sql->fetch_row($result)) {
require_once "scripts/id_tab.php";
$output .= "<center>\r\n <script type=\"text/javascript\" src=\"js/sha1.js\"></script>\r\n <script type=\"text/javascript\">\r\n function do_submit_data () {\r\n document.form.pass.value = hex_sha1('" . strtoupper($user_name) . ":'+document.form.user_pass.value.toUpperCase());\r\n document.form.user_pass.value = '0';\r\n do_submit();\r\n }\r\n\r\n\r\n\r\n</script>\r\n <fieldset style=\"width: 600px;\">\r\n <legend>Credit Panel</legend>\r\n <form method=\"post\" action=\"credit.php?action=getitem\" name=\"form\">\r\n <input type=\"hidden\" name=\"pass\" value=\"\" maxlength=\"256\" />\r\n <table class=\"flat\">\r\n <tr>\r\n <td>Your Credits:</td>\r\n <td>{$total_points}</td>\r\n <tr>\r\n <td>VIP Level</td>\r\n <td>" . get_gm_level($acc[1]) . " ( {$acc['1']} )</td>";
if ($acc[1] == 0) {
$output .= "<td><a href=\"credit.php?action=getvip\">Upgrade(20)</td>";
}
if ($acc[1] != 0) {
if ($acc[1] >= 3) {
$output .= "<td><a href=\"credit.php?action=extvip\">Extend VIP(20)</td>";
} else {
$output .= "<td><a href=\"credit.php?action=getvip\">Upgrade</td><td><a href=\"credit.php?action=extvip\">Extend VIP(20)</td>";
}
}
$output .= "</tr>\r\n <td>Request Item:</td></tr><tr>\r\n <td>\r\n <select name=\"items\"> \r\n <option value=\"error\">Please select an item</option>\r\n <option value=\"Phoenix\">Phoenix(20)</option>\r\n <option value=\"Bag\">36 Slot Bag(20)</option>\r\n <option value=\"Raven\">Raven Lord(15)</option>\r\n <option value=\"PrimalNether\">Primal Nether(5)</option>\r\n <option value=\"NetherVortex\">Nether Vortex(8)</option>\r\n <option value=\"MercilessD\">Merciless Nether Drake(25)</option>\r\n <option value=\"Murloc\">Murloc Costume(5)</option>\r\n <option value=\"Tiger60\">Swift Spectral Tiger For lvl 60(20)</option>\r\n <option value=\"Tiger30\">Swift Spectral Tiger For lvl 30(15)</option>\r\n <option value=\"Ogre\">Carved Ogre Idol(5)</option>\r\n <option value=\"FlyingBroom\">Swift Flying Broom(20)</option>\r\n <option value=\"BattleBear\">Big Battle Bear(15)</option>\r\n <option value=\"XRocket\">X-51 Nether-Rocket X-TREME(25)</option>\r\n </select>\r\n </td>\r\n <td><input name=\"character\" type=\"text\" value=\"Character Name\"></input></td>\r\n <td>\r\n <input type=\"submit\" value=\"Send item\">\r\n </td></tr>\r\n <tr><td>Your chars</td>\r\n </tr>";
$result = $sql->query("SELECT SUM(numchars) FROM realmcharacters WHERE acctid = '{$user_id}'");
$sql->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
$result = $sql->query("SELECT guid,name,race,class,SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) FROM `characters` WHERE account = {$user_id}");
while ($char = $sql->fetch_array($result)) {
$ren_char = $char[1];
$output .= "<tr>\r\n <td>{$char['1']} - " . get_player_race($char[2]) . " " . get_player_class($char[3]) . " | lvl {$char['4']}</td>\r\n </tr>\r\n<tr><td><a href=\"credit.php?action=rename&ren_char={$ren_char}\">Rename(6)</a></td><td><a href=\"credit.php?action=gen_char&gend_char={$ren_char}\">Change Gender(6)</a></td><td><a href=\"credit.php?action=movechar&char={$ren_char}\">Move Account(7)</a></td>";
}
$output .= "</form> <tr>\r\n <form method=\"post\" action=\"credit.php?action=movepoints\" name=\"form\">\r\n <input type=\"hidden\" name=\"pass\" value=\"\" maxlength=\"256\" />\r\n <td>Transfer points to other players:</td></tr><tr>\r\n <td><input name=\"tcharacter\" type=\"text\" value=\"Character Name\"></input></td><td><input name=\"tpoints\" type=\"text\" value=\"Points\"></input></td>\r\n <td>\r\n <input type=\"submit\" value=\"Transfer\">\r\n </td></tr></form>\r\n <form method=\"post\" action=\"credit.php?action=tplayer\" name=\"form\">\r\n <tr><td>Teleport Player</td></tr><tr>\r\n <td><input name=\"tchar\" type=\"text\" value=\"Character Name\"></input></td>\r\n <td>\r\n <select name=\"tplace\"> \r\n <option value=\"error\">Please select a place</option>\r\n <option value=\"Shattrath\">Shattrath(1)</option>\r\n <option value=\"Stormwind\">Stormwind(1)</option>\r\n <option value=\"Orgrimmar\">Orgrimmar(1)</option>\r\n </select>\r\n </td>\r\n <td><input type=\"submit\" value=\"Teleport\"></td></tr>";
$output .= "</table>\r\n </fieldset>\r\n <br />\r\n\r\n <br /></center>";
} else {
error($lang_global['err_no_records_found']);
}
$sql->close();
}
/**
* æ›´æ–°moreinfo
* @param unknown_type $id
* @param unknown_type $play_method
* @param unknown_type $codes
* @param unknown_type $ticket_type
*/
public function update_jc_ticket_sp($id, $play_method, $codes, $ticket_type = 1)
{
require_once WEBROOT . 'cron_script/SQL.php';
$sql_obj = new SQL();
$return = array();
$code_a = explode(';', $codes);
$code = $code_a[0];
$match_detail = explode('/', $code);
for ($i = 0; $i < count($match_detail); $i++) {
$match_info = explode('|', $match_detail[$i]);
$match_id = $match_info[0];
preg_match_all("/\\[(.*)\\]/", $match_info[1], $match_result, PREG_SET_ORDER);
$match_results = $match_result[0][1];
$match_results_a = explode(',', $match_results);
$match_result_sp = array();
$select_match_query = 'select comb,goalline from match_datas where ticket_type="' . $ticket_type . '" and play_type="' . $play_method . '" and match_id="' . $match_id . '" limit 1';
$sql_obj->query($select_match_query);
$match_data = $sql_obj->fetch_array();
$sp = $match_data['comb'];
$goalline = $match_data['goalline'];
//var_dump($sp);
$play_config = array();
if ($ticket_type == 1) {
switch ($play_method) {
case 1:
$play_config = array('3' => 'H', '1' => 'D', '0' => 'A');
break;
case 2:
$play_config = array('0' => '0', '1' => '1', '2' => '2', '3' => '3', '4' => '4', '5' => '5', '6' => '6', '7' => '7');
break;
case 3:
$play_config = array('负其它' => '-1:-A', '胜其它' => '-1:-H', '平其它' => '-1:-D', '0:0' => '00:00', '0:1' => '00:01', '0:2' => '00:02', '0:3' => '00:03', '0:4' => '00:04', '0:5' => '00:05', '1:0' => '01:00', '1:1' => '01:01', '1:2' => '01:02', '1:3' => '01:03', '1:4' => '01:04', '1:5' => '01:05', '2:0' => '02:00', '2:1' => '02:01', '2:2' => '02:02', '2:3' => '02:03', '2:4' => '02:04', '2:5' => '02:05', '3:0' => '03:00', '3:1' => '03:01', '3:2' => '03:02', '3:3' => '03:03', '4:0' => '04:00', '4:1' => '04:01', '4:2' => '04:02', '5:0' => '05:00', '5:1' => '05:01', '5:2' => '05:02');
break;
case 4:
$play_config = array('0-0' => 'cc', '0-1' => 'cb', '0-3' => 'ca', '1-0' => 'bc', '1-1' => 'bb', '1-3' => 'ba', '3-0' => 'ac', '3-1' => 'ab', '3-3' => 'aa');
break;
default:
break;
}
}
if ($ticket_type == 6) {
switch ($play_method) {
case 1:
$play_config = array('2' => 'H', '1' => 'D');
break;
case 2:
$play_config = array('2' => 'H', '1' => 'D');
break;
case 3:
$play_config = array('01' => 'u4e3bu80dc1-5', '02' => 'u4e3bu80dc6-10', '03' => 'u4e3bu80dc11-15', '04' => 'u4e3bu80dc16-20', '05' => 'u4e3bu80dc21-25', '06' => 'u4e3bu80dc26+', '11' => 'u5ba2u80dc1-5', '12' => 'u5ba2u80dc6-10', '13' => 'u5ba2u80dc11-15', '14' => 'u5ba2u80dc16-20', '15' => 'u5ba2u80dc21-25', '16' => 'u5ba2u80dc26+');
break;
case 4:
$play_config = array('1' => 'H', '2' => 'D');
break;
default:
break;
}
}
//$sp = '{"cc":{"c":"cc","v":"4.30","s":"1","d":"2011-09-06","t":"05:59:00"},"cb":{"c":"cb","v":"15.00","s":"1","d":"2011-09-06","t":"05:59:00"},"ca":{"c":"ca","v":"28.00","s":"1","d":"2011-09-06","t":"05:59:00"},"bc":{"c":"bc","v":"6.50","s":"1","d":"2011-09-06","t":"05:59:00"},"bb":{"c":"bb","v":"4.50","s":"1","d":"2011-09-06","t":"05:59:00"},"ba":{"c":"ba","v":"5.40","s":"1","d":"2011-09-06","t":"05:59:00"},"ac":{"c":"ac","v":"34.00","s":"1","d":"2011-09-06","t":"05:59:00"},"ab":{"c":"ab","v":"15.00","s":"1","d":"2011-09-06","t":"05:59:00"},"aa":{"c":"aa","v":"3.85","s":"1","d":"2011-09-06","t":"05:59:00"}}';
$sp = json_decode($sp);
$result_sp = array();
foreach ($sp as $key => $val) {
if (isset($val->c)) {
$result_sp[$val->c] = $val->v;
} else {
$result_sp[] = $val->v;
}
}
//var_dump($result_sp);
for ($j = 0; $j < count($match_results_a); $j++) {
$key = $play_config[$match_results_a[$j]];
if (array_key_exists($key, $result_sp)) {
$match_result_sp[] = $result_sp[$key];
}
}
$match_result_sp = implode(',', $match_result_sp);
//$return[] = $match_id.':'.$match_result_sp;
if ($ticket_type == 6 && ($play_method == 2 || $play_method == 4)) {
if ($play_method == 2 && $goalline > 0) {
$goalline = '+' . $goalline;
}
$return[] = $match_id . '(' . $goalline . '):' . $match_result_sp;
} else {
$return[] = $match_id . ':' . $match_result_sp;
}
//var_dump($return);
//echo $i;
}
$return = implode('|', $return);
//var_dump($return);
$sql_obj->query('update ticket_nums set moreinfo="' . $return . '" where id="' . $id . '"');
if (!$sql_obj->error()) {
return true;
} else {
return false;
}
}
<?php
// page header, and any additional required libraries
require_once "header.php";
//##############################################################################################
// MAIN
//##############################################################################################
$username = isset($_GET['username']) ? $_GET['username'] : NULL;
$authkey = isset($_GET['authkey']) ? $_GET['authkey'] : NULL;
$output .= "\n<div class=\"top\">";
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
$query = $sqlm->query("SELECT * \n\t\t\t\t\t\tFROM mm_account_verification \n\t\t\t\t\t\tWHERE username = '******' AND authkey = '{$authkey}'");
$lang_verify = lang_verify();
if ($sqlm->num_rows($query) < 1) {
$output .= "\n\t<h1><font class=\"error\">{$lang_verify['verify_failed']}</font></h1>";
} else {
$output .= "<h1><font class=\"error\">{$lang_verify['verify_success']}</font></h1>";
$sqlr = new SQL();
$sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$data = $sqlm->fetch_array($query);
list($id, $username, $pass, $gmlevel, $session, $v, $s, $email, $joindate, $last_ip, $failed_logins, $locked, $last_login, $active, $expansion) = $data;
$sqlr->query("\n\t\tINSERT INTO account\n\t\t\t(id,\n\t\t\tusername,\n\t\t\tsha_pass_hash,\n\t\t\tgmlevel,\n\t\t\tsessionkey,\n\t\t\tv,\n\t\t\ts,\n\t\t\temail,\n\t\t\tjoindate,\n\t\t\tlast_ip,\n\t\t\tfailed_logins,\n\t\t\tlocked,\n\t\t\tlast_login,\t\t\t\n\t\t\tactive_realm_id,\n\t\t\texpansion)\n\t\tVALUES\n\t\t\t('',\n\t\t\tUPPER('{$username}'),\n\t\t\t'{$pass}',\n\t\t\t0,\n\t\t\t'',\n\t\t\t'',\n\t\t\t'',\n\t\t\t'{$email}'\n\t\t\t,now(),\n\t\t\t'{$last_ip}',\n\t\t\t0,\n\t\t\t{$create_acc_locked},\n\t\t\tNULL,\n\t\t\t0,\n\t\t\t{$expansion})");
$result = $sqlr->query("\n\t\tSELECT * \n\t\tFROM account \n\t\tWHERE username='******'");
}
$sqlm->query("\n\t\tDELETE FROM mm_account_verification \n\t\tWHERE username='******'");
$output .= "\n</div>";
$output .= "\n<center>\n<br />\n<table class=\"hidden\">\n\t<tr>\n\t\t<td>" . makebutton($lang_global['home'], 'index.php', 130) . "</td>\n\t</tr>\n</table>\n</center>";
require_once "footer.php";
function backup_user()
{
//this_is_junk: TODO: Convert this to use $logon_db and ArcEmu data
global $output, $logon_db, $characters_db, $realm_id, $user_lvl, $backup_dir, $action_permission;
valid_login($action_permission["insert"]);
$sql = new SQL();
$sql->connect($logon_db["addr"], $logon_db["user"], $logon_db["pass"], $logon_db["name"], $logon_db["encoding"]);
if (isset($_GET["check"])) {
$check = $sql->quote_smart($_GET["check"]);
} else {
redirect("user.php?error=1");
}
require_once "libs/tab_lib.php";
$subdir = "{$backup_dir}/accounts/" . date("m_d_y_H_i_s") . "_partial";
mkdir($subdir, 0750);
for ($t = 0; $t < count($check); $t++) {
if ($check[$t] != "") {
$sql->connect($logon_db["addr"], $logon_db["user"], $logon_db["pass"], $logon_db["name"], $logon_db["encoding"]);
$query = $sql->query("SELECT acct FROM accounts WHERE acct = {$check[$t]}");
$acc = $sql->fetch_array($query);
$file_name_new = $acc[0] . "_{$logon_db["name"]}.sql";
$fp = fopen("{$subdir}/{$file_name_new}", 'w') or die(error(lang("backup", "file_write_err")));
fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$logon_db["name"]};\n") or die(error(lang("backup", "file_write_err")));
fwrite($fp, "USE {$logon_db["name"]};\n\n") or die(error(lang("backup", "file_write_err")));
foreach ($tab_backup_user_realmd as $value) {
$acc_query = $sql->query("SELECT * FROM {$value['0']} WHERE {$value['1']} = {$acc['0']}");
$num_fields = $sql->num_fields($acc_query);
$numrow = $sql->num_rows($acc_query);
$result = "-- Dumping data for {$value['0']} " . date("m.d.y_H.i.s") . "\n";
$result .= "LOCK TABLES {$value['0']} WRITE;\n";
$result .= "DELETE FROM {$value['0']} WHERE {$value['1']} = {$acc['0']};\n";
if ($numrow) {
$result .= "INSERT INTO {$value['0']} (";
for ($count = 0; $count < $num_fields; $count++) {
$result .= "`" . $sql->field_name($acc_query, $count) . "`";
if ($count < $num_fields - 1) {
$result .= ",";
}
}
$result .= ") VALUES \n";
for ($i = 0; $i < $numrow; $i++) {
$result .= "\t(";
$row = $sql->fetch_row($acc_query);
for ($j = 0; $j < $num_fields; $j++) {
$row[$j] = addslashes($row[$j]);
$row[$j] = ereg_replace("\n", "\\n", $row[$j]);
if (isset($row[$j])) {
if ($sql->field_type($acc_query, $j) == "int") {
$result .= "{$row[$j]}";
} else {
$result .= "'{$row[$j]}'";
}
} else {
$result .= "''";
}
if ($j < $num_fields - 1) {
$result .= ",";
}
}
if ($i < $numrow - 1) {
$result .= "),\n";
}
}
$result .= ");\n";
}
$result .= "UNLOCK TABLES;\n";
$result .= "\n";
fwrite($fp, $result) or die(error(lang("backup", "file_write_err")));
}
fclose($fp);
foreach ($characters_db as $db) {
$file_name_new = $acc[0] . "_{$db["name"]}.sql";
$fp = fopen("{$subdir}/{$file_name_new}", 'w') or die(error(lang("backup", "file_write_err")));
fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$db["name"]};\n") or die(error(lang("backup", "file_write_err")));
fwrite($fp, "USE {$db["name"]};\n\n") or die(error(lang("backup", "file_write_err")));
$sql->connect($db["addr"], $db["user"], $db["pass"], $db["name"], $db["encoding"]);
$all_char_query = $sql->query("SELECT guid,name FROM `characters` WHERE account = {$acc['0']}");
while ($char = $sql->fetch_array($all_char_query)) {
fwrite($fp, "-- Dumping data for character {$char['1']}\n") or die(error(lang("backup", "file_write_err")));
foreach ($tab_backup_user_characters as $value) {
$char_query = $sql->query("SELECT * FROM {$value['0']} WHERE {$value['1']} = {$char['0']}");
$num_fields = $sql->num_fields($char_query);
$numrow = $sql->num_rows($char_query);
$result = "LOCK TABLES {$value['0']} WRITE;\n";
$result .= "DELETE FROM {$value['0']} WHERE {$value['1']} = {$char['0']};\n";
if ($numrow) {
$result .= "INSERT INTO {$value['0']} (";
for ($count = 0; $count < $num_fields; $count++) {
$result .= "`" . $sql->field_name($char_query, $count) . "`";
if ($count < $num_fields - 1) {
$result .= ",";
}
}
$result .= ") VALUES \n";
for ($i = 0; $i < $numrow; $i++) {
$result .= "\t(";
$row = $sql->fetch_row($char_query);
for ($j = 0; $j < $num_fields; $j++) {
$row[$j] = addslashes($row[$j]);
$row[$j] = ereg_replace("\n", "\\n", $row[$j]);
if (isset($row[$j])) {
if ($sql->field_type($char_query, $j) == "int") {
$result .= "{$row[$j]}";
} else {
$result .= "'{$row[$j]}'";
}
} else {
$result .= "''";
}
if ($j < $num_fields - 1) {
$result .= ",";
}
}
if ($i < $numrow - 1) {
$result .= "),\n";
}
}
$result .= ");\n";
}
$result .= "UNLOCK TABLES;\n";
$result .= "\n";
fwrite($fp, $result) or die(error(lang("backup", "file_write_err")));
}
}
fclose($fp);
}
}
}
redirect("user.php?error=15");
}
if ($_GET['id'] == null) {
$charid = -1;
}
} else {
$charid = -1;
$charname = "Invalid ID!";
#redirect("characters.php");
}
$sqlt = new SQL();
$sqlt->connect($trin_host, $trin_user, $trin_pass, $trin_db);
$sqlc = new SQL();
$sqlc->connect($characters_host[$realmid], $characters_user[$realmid], $characters_pass[$realmid], $characters_db[$realmid]);
$sqlw = new SQL();
$sqlw->connect($world_host[$realmid], $world_user[$realmid], $world_pass[$realmid], $world_db[$realmid]);
$query = $sqlc->query("SELECT guid, name, online, level FROM characters WHERE guid={$charid}");
$character = $sqlc->fetch_array($query);
if ($sqlc->num_rows($query) < 1) {
$charname = "Invalid ID!";
$output .= '
<div class="content center_left">
<div class="contentbox">
<div class="contentbox_title">' . $charname . '</div>
<div class="contentbox_body">';
} else {
getguildbychar($charid);
//Added to accomodate for the removal of the 'data' blob in the database
$output .= ' <div class="content center_left">
<div class="contentbox">
<div class="contentbox_title">Character Info: ' . $character['name'] . '</div>
<div class="contentbox_body">
<ul id="tabnav">
{
global $sqlt;
$query = $sqlt->query("SELECT name FROM dbc_skillline WHERE id='{$skillid}'");
$res = $sqlt->fetch_assoc($query);
return $res['name'];
}
$output .= '<div class="content center_left">
<div class="contentbox">
<div class="contentbox_title">Character Info: ' . $character['name'] . '</div>
<div class="contentbox_body">
<ul id="tabnav">
<li><a href="characters.php?action=view&id=' . $charid . '">Character</a></li>
<li><a href="characters.php?action=reputation&id=' . $charid . '">Reputation</a></li>
<li><a href="#" id="tabnav-current">Skills</a></li>
<li><a href="characters.php?action=talents&id=' . $charid . '">Talents</a></li>
</ul>
<div id="tabcontent">
<table class="stats_table">';
while ($skills = $sqlc->fetch_array($query)) {
$output .= '<tr><td>' . getskillname($skills['skill']) . '</td><td class="stats_outerbar"> <div class="bar_skill stats_bar" style="width:' . 100 * $skills['value'] / $skills['max'] . '%"></div><div class="bar_text">' . $skills['value'] . '/' . $skills['max'] . '<div></td></tr>';
}
$output .= '</div>
</table>
</div>
</div>
</div>
</div>
<div id="clear">
</div>';
require_once "footer.php";
echo $output;
function populate_shoutbox()
{
$db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$db->query("SELECT * FROM ip_shouts ORDER BY id DESC LIMIT 100");
echo '<ul id="chat" class="chat">';
$count_shout = 0;
while ($row = $db->fetch_assoc()) {
$count_shout++;
$get_shoutID = $row['id'];
$get_userID = $row['user_id'];
$get_shoutMsg = $row['shout_msg'];
$get_sTime = $row['shout_time'];
$dbf = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
$dbf->query("SELECT * FROM forum_users WHERE id='{$get_userID}'");
if ($rowf = $dbf->fetch_array()) {
$get_groupID = $rowf['group_id'];
$get_username = $rowf['username'];
$get_realname = $rowf['realname'];
$get_title = $rowf['title'];
$get_location = $rowf['location'];
$get_registered = $rowf['registered'];
$get_url = $rowf['url'];
$get_facebook = $rowf['facebook'];
$get_twitter = $rowf['twitter'];
$show_avatar = $rowf['show_avatars'];
$avatar_type = $rowf['avatar'];
if ($get_facebook == null) {
$facebook_url = '';
} else {
if (strpos($get_facebook, "http://") === 0 || strpos($get_facebook, "https://") === 0) {
$facebook_url = '<a href="' . $get_facebook . '">' . $get_facebook . '</a>';
} else {
$facebook_url = '<a href="http://facebook.com/' . $get_facebook . '">http://facebook.com/' . $get_facebook . '</a>';
}
}
if ($get_twitter == null) {
$twitter_url = '';
} else {
if (strpos($get_twitter, "http://") === 0 || strpos($get_twitter, "https://") === 0) {
$twitter_url = '<a href="' . $get_twitter . '">' . $get_twitter . '</a>';
} else {
$twitter_url = '<a href="http://twitter.com/' . $get_twitter . '">http://twitter.com/' . $get_twitter . '</a>';
}
}
if ($get_url == null) {
$website = '';
} else {
if (strpos($get_url, "http://") === 0 || strpos($get_url, "https://") === 0) {
$website = '<a href="' . $get_url . '">' . $get_url . '</a>';
} else {
$website = '<a href="http://' . $get_url . '">http://' . $get_url . '</a>';
}
}
}
$dbf->close();
if ($_SESSION['current_userID'] == $get_userID) {
if ($count_shout == 20) {
echo '<li id="lastShout" class="right">';
} else {
echo '<li class="right">';
}
} else {
if ($count_shout == 20) {
echo '<li id="lastShout" class="left">';
} else {
echo '<li class="left">';
}
}
echo '<a href="profile.php?id=' . $get_userID . '"><img class="avatar" alt="' . $get_username . '" src="' . get_avatar($avatar_type, $get_userID) . '"></a>';
echo '<span class="message"><span class="arrow"></span>';
if ($get_realname == null) {
echo '<span class="from"><a href="profile.php?id=' . $get_userID . '" class="user-name">@' . $get_username . '</a> ';
} else {
echo '<span class="from"><a href="profile.php?id=' . $get_userID . '" class="user-name">' . $get_realname . '</a> ';
}
if ($get_title !== null) {
echo '<span class="forum-title"><em>' . $get_title . '</em></span></span> ';
}
echo '<span class="time muted"><small>' . timeAgo($get_sTime) . '</small></span>';
if ($_SESSION['current_userID'] !== $get_userID) {
echo '<span class="pull-right">';
echo '<button class="btn btn-mini tip-top" id="rtshout-' . $get_shoutID . '" onClick="rtshout(\'' . $get_shoutID . '\',\'' . $get_username . '\');" title="Reshout"><i class="icon-share"></i> RT</button> ';
echo '<button class="btn btn-mini" id="mention-' . $get_shoutID . '" onClick="insertNickname(\'' . $get_username . '\');"><i class="icon-circle"></i> Mention</button>';
echo '</span>';
}
echo '<span class="text" id="msg-' . $get_shoutID . '">' . stripslashes(rtrim(clickable(bbCode($get_shoutMsg)))) . '</span>';
echo '</span></li>';
}
if ($count_shout == 100) {
echo '<div style="margin-top:10px;padding:10px;text-align:center;" id="more-' . $get_shoutID . '" class="morebox"><a href="#" id="' . $get_shoutID . '" class="btn btn-small btn-inverse more"><i class="icon-arrow-down icon-white"></i> Load more...</a></div>';
}
echo '</ul>';
$db->close();
echo '
<script>
$(document).ready(function () { // START DOCUMENT.READY
$(".link-tip, .tip-top").tooltip();
$(".more").click(function(e){
e.preventDefault();
var ID = $(this).attr("id");
if (ID){
$("#more-"+ID).html("<div class=\\"loader\\" style=\\"margin-top:10px\\"></div>");
$.ajax({
type: "GET", url: "subfiles/shoutbox_more.php?lastid=" + urlencode(ID),
success: function(html){ $("ul#chat").append(html).fadeIn(); $("#more-"+ID).remove(); }
});
} else {
$(".morebox").html("The End");
}
});
}); // END DCOUMENT.READY
function urlencode(a) {
a = (a + "").toString();
return encodeURIComponent(a).replace(/!/g, "%21").replace(/\'/g, "%27").replace(/\\(/g, "%28").replace(/\\)/g, "%29").replace(/\\*/g, "%2A").replace(/%20/g, "+")
}
function rtshout(msgid,user){
$.ajax({
type: "GET", url: "subfiles/shoutbox_retweet.php?retweet=" + urlencode(msgid),
success: function(html){
if (html !== "KO") { $("#shoutTextarea").val("RT @"+user+": " + html); }
}
});
}
function insertNickname(nickname){
var currentText = document.getElementById("shoutTextarea");
var smileyWithPadding = " @" + nickname + " ";
currentText.value += smileyWithPadding;
}
</script>
';
}
function edit_user()
{
global $lang_global, $lang_user, $output, $realm_db, $characters_db, $realm_id, $mmfpm_db, $user_lvl, $user_name, $gm_level_arr, $action_permission, $expansion_select, $developer_test_mode, $multi_realm_mode, $server;
$active_realm_id_pq = "active_realm_id";
if (empty($_GET['id'])) {
redirect("user.php?error=10");
}
$sqlr = new SQL();
$sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
$sqlc = new SQL();
$sqlc->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
$id = $sqlr->quote_smart($_GET['id']);
$result = $sqlr->query("SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,{$active_realm_id_pq},expansion FROM account WHERE id = '{$id}'");
$data = $sqlr->fetch_assoc($result);
$refguid = $sqlm->fetch_assoc($sqlm->query('SELECT InvitedBy FROM mm_point_system_invites WHERE PlayersAccount = ' . $data['id'] . ''));
$refguid = $refguid['InveitedBy'];
$referred_by = $sqlc->fetch_assoc($sqlc->query("SELECT name FROM characters WHERE guid = '{$refguid}'"));
unset($refguid);
$referred_by = $referred_by['name'];
if ($sqlr->num_rows($result)) {
$output .= '
<center>
<script type="text/javascript" src="libs/js/sha1.js"></script>
<script type="text/javascript">
// <![CDATA[
function do_submit_data ()
{
if ((document.form.username.value != "' . $data['username'] . '") && (document.form.new_pass.value == "******"))
{
alert("If you are changing Username, The password must be changed too.");
return;
}
else
{
document.form.pass.value = hex_sha1(document.form.username.value.toUpperCase()+":"+document.form.new_pass.value.toUpperCase());
document.form.new_pass.value = "0";
do_submit();
}
}
// ]]>
</script>
<fieldset style="width: 550px;">
<legend>' . $lang_user['edit_acc'] . '</legend>
<form method="post" action="user.php?action=doedit_user" name="form">
<input type="hidden" name="pass" value="" maxlength="256" />
<input type="hidden" name="id" value="' . $id . '" />
<table class="flat">
<tr>
<td>' . $lang_user['id'] . '</td>
<td>' . $data['id'] . '</td>
</tr>
<tr>
<td>' . $lang_user['username'] . '</td>';
if ($user_lvl >= $action_permission['update']) {
$output .= '
<td><input type="text" name="username" size="42" maxlength="15" value="' . $data['username'] . '" /></td>';
} else {
$output .= '
<td>' . $data['username'] . '</td>';
}
$output .= '
</tr>
<tr>
<td>' . $lang_user['password'] . '</td>';
if ($user_lvl >= $action_permission['update']) {
$output .= "\r\n <td><input type=\"text\" name=\"new_pass\" size=\"42\" maxlength=\"40\" value=\"******\" /></td>";
} else {
$output .= "\r\n <td>********</td>";
}
$output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['email']}</td>";
if ($user_lvl >= $action_permission['update']) {
$output .= '
<td><input type="text" name="mail" size="42" maxlength="225" value="' . $data['email'] . '" /></td>';
} else {
$output .= "\r\n <td>***@***.***</td>";
}
$output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['invited_by']}:</td>\r\n <td>";
if ($user_lvl >= $action_permission['update'] && !$referred_by != NULL) {
$output .= "\r\n <input type=\"text\" name=\"referredby\" size=\"42\" maxlength=\"12\" value=\"{$referred_by}\" />";
} else {
$output .= "\r\n {$referred_by}";
}
$output .= "\r\n </td>\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['gm_level_long']}</td>";
if ($user_lvl >= $action_permission['update']) {
$output .= "\r\n <td>\r\n <select name=\"gmlevel\">";
foreach ($gm_level_arr as $level) {
if ($level[0] > -1 && $level[0] < $user_lvl) {
$output .= "\r\n <option value=\"{$level[0]}\" ";
if ($data['gmlevel'] == $level[0]) {
$output .= "selected=\"selected\" ";
}
$output .= ">{$level[1]}</option>";
}
}
$output .= "\r\n </select>\r\n </td>";
} else {
$output .= '
<td>' . id_get_gm_level($data['gmlevel']) . ' ( ' . $data['gmlevel'] . ' )</td>';
}
$output .= '
</tr>
<tr>
<td>' . $lang_user['join_date'] . '</td>
<td>' . $data['joindate'] . '</td>
</tr>
<tr>
<td>' . $lang_user['last_ip'] . '</td>';
if ($user_lvl >= $action_permission['update']) {
$output .= '
<td>' . $data['last_ip'] . '<a href="banned.php?action=do_add_entry&entry=' . $data['last_ip'] . '&bantime=3600&ban_type=ip_banned"> <- ' . $lang_user['ban_this_ip'] . '</a></td>';
} else {
$output .= "\r\n <td>***.***.***.***</td>";
}
$output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['banned']}</td>";
$que = $sqlr->query("SELECT bandate, unbandate, bannedby, banreason FROM account_banned WHERE id = {$id}");
if ($sqlr->num_rows($que)) {
$banned = $sqlr->fetch_row($que);
$ban_info = " From:" . date('d-m-Y G:i', $banned[0]) . " till:" . date('d-m-Y G:i', $banned[1]) . "<br />by {$banned['2']}";
$ban_checked = " checked=\"checked\"";
} else {
$ban_checked = "";
$ban_info = "";
$banned[3] = "";
}
if ($user_lvl >= $action_permission['update']) {
$output .= "\r\n <td><input type=\"checkbox\" name=\"banned\" value=\"1\" {$ban_checked}/>{$ban_info}</td>";
} else {
$output .= "\r\n <td>{$ban_info}</td>";
}
$output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['banned_reason']}</td>";
if ($user_lvl >= $action_permission['update']) {
$output .= "\r\n <td><input type=\"text\" name=\"banreason\" size=\"42\" maxlength=\"255\" value=\"{$banned['3']}\" /></td>";
} else {
$output .= "\r\n <td>{$banned['3']}</td>";
}
if ($expansion_select) {
$output .= "\r\n </tr>\r\n <tr>";
if ($user_lvl >= $action_permission['update']) {
$output .= "\r\n <td>{$lang_user['client_type']}</td>";
$output .= "\r\n <td>\r\n <select name=\"expansion\">";
$output .= "\r\n <option value=\"0\">{$lang_user['classic']}</option>\r\n <option value=\"1\" ";
if ($data['expansion'] == 1) {
$output .= "selected=\"selected\" ";
}
$output .= ">{$lang_user['tbc']}</option>\r\n <option value=\"2\" ";
if ($data['expansion'] == 2) {
$output .= "selected=\"selected\" ";
}
$output .= ">{$lang_user['wotlk']}</option>\r\n </select>\r\n </td>";
} else {
$output .= "\r\n <td>{$lang_user['classic']}</td>";
}
}
$output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['failed_logins_long']}</td>";
if ($user_lvl >= $action_permission['update']) {
$output .= '
<td><input type="text" name="failed" size="42" maxlength="3" value="' . $data['failed_logins'] . '" /></td>';
} else {
$output .= '
<td>' . $data['failed_logins'] . '</td>';
}
$output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['locked']}</td>";
$lock_checked = $data['locked'] ? " checked=\"checked\"" : "";
if ($user_lvl >= $action_permission['update']) {
$output .= "\r\n <td><input type=\"checkbox\" name=\"locked\" value=\"1\" {$lock_checked}/></td>";
} else {
$output .= "\r\n <td></td>";
}
$output .= '
</tr>
<tr>
<td>' . $lang_user['last_login'] . '</td>
<td>' . $data['last_login'] . '</td>
</tr>
<tr>
<td>' . $lang_user['online'] . '</td>';
$output .= "\r\n <td>" . ($data['active_realm_id'] ? $lang_global['yes'] : $lang_global['no']) . "</td>\r\n </tr>";
$query = $sqlr->query("SELECT SUM(numchars) FROM realmcharacters WHERE acctid = '{$id}'");
$tot_chars = $sqlr->result($query, 0);
$query = $sqlc->query("SELECT count(*) FROM `characters` WHERE account = {$id}");
$chars_on_realm = $sqlc->result($query, 0);
$output .= "\r\n <tr>\r\n <td>{$lang_user['tot_chars']}</td>\r\n <td>{$tot_chars}</td>\r\n </tr>";
$realms = $sqlr->query("SELECT id, name FROM realmlist");
if ($developer_test_mode && $multi_realm_mode && ($sqlr->num_rows($realms) > 1 && count($server) > 1 && count($characters_db) > 1)) {
require_once "scripts/get_lib.php";
while ($realm = $sqlr->fetch_array($realms)) {
$sqlc->connect($characters_db[$realm[0]]['addr'], $characters_db[$realm[0]]['user'], $characters_db[$realm[0]]['pass'], $characters_db[$realm[0]]['name']);
$query = $sqlc->query("SELECT count(*) FROM `characters` WHERE account = {$id}");
$chars_on_realm = $sqlc->result($query, 0);
$output .= "\r\n <tr>\r\n <td>{$lang_user['chars_on_realm']} " . get_realm_name($realm[0]) . "</td>\r\n <td>{$chars_on_realm}</td>\r\n </tr>";
if ($chars_on_realm) {
$char_array = $sqlc->query("SELECT guid, name, race, class, level, gender\r\n FROM `characters` WHERE account = {$id}");
while ($char = $sqlc->fetch_array($char_array)) {
$output .= "\r\n <tr>\r\n <td> '---></td>\r\n <td>\r\n <a href=\"char.php?id={$char['0']}&realm={$realm['0']}\">{$char['1']} - <img src='img/c_icons/{$char[2]}-{$char[5]}.gif' onmousemove='toolTip(\"" . char_get_race_name($char[2]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" />\r\n <img src='img/c_icons/{$char[3]}.gif' onmousemove='toolTip(\"" . char_get_class_name($char[3]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\"/> - lvl " . char_get_level_color($char[4]) . "</a>\r\n </td>\r\n </tr>";
}
}
}
} else {
$query = $sqlc->query("SELECT count(*) FROM `characters` WHERE account = {$id}");
$chars_on_realm = $sqlc->result($query, 0);
$output .= "\r\n <tr>\r\n <td>{$lang_user['chars_on_realm']}</td>\r\n <td>{$chars_on_realm}</td>\r\n </tr>";
if ($chars_on_realm) {
$char_array = $sqlc->query("SELECT guid,name,race,class, level, gender FROM `characters` WHERE account = {$id}");
while ($char = $sqlc->fetch_array($char_array)) {
$output .= "\r\n <tr>\r\n <td> '---></td>\r\n <td>\r\n <a href=\"char.php?id={$char['0']}\">{$char['1']} - <img src='img/c_icons/{$char[2]}-{$char[5]}.gif' onmousemove='toolTip(\"" . char_get_race_name($char[2]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" />\r\n <img src='img/c_icons/{$char[3]}.gif' onmousemove='toolTip(\"" . char_get_class_name($char[3]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\"/> - lvl " . char_get_level_color($char[4]) . "</a>\r\n </td>\r\n </tr>";
}
}
}
$output .= "\r\n <tr>\r\n <td>";
if ($user_lvl >= $action_permission['delete']) {
makebutton($lang_user['del_acc'], "user.php?action=del_user&check%5B%5D={$id}\" type=\"wrn", 130);
}
$output .= "\r\n </td>\r\n <td>";
if ($user_lvl >= $action_permission['update']) {
makebutton($lang_user['update_data'], "javascript:do_submit_data()", 130);
}
makebutton($lang_global['back'], "javascript:window.history.back()\" type=\"def", 130);
$output .= "\r\n </td>\r\n </tr>\r\n </table>\r\n </form>\r\n </fieldset>\r\n <br /><br />\r\n </center>\r\n";
} else {
error($lang_global['err_no_user']);
}
}
<?php
if (!defined('SITE_ROOT')) {
define('SITE_ROOT', '../');
}
require_once SITE_ROOT . 'portal_config.php';
require_once SITE_ROOT . 'include/database.class.php';
$db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false);
//$db->query("SELECT ident FROM forum_online ORDER BY ident");
$db->query("SELECT username FROM forum_users ORDER BY username");
echo '[';
while ($row = $db->fetch_array()) {
$username = $row['username'];
if ($username !== 'Guest') {
echo '"@' . $username . '",';
}
}
echo ']';
$db->close();
$sqlw = new SQL();
$sqlw->connect($world_host[$realmid], $world_user[$realmid], $world_pass[$realmid], $world_db[$realmid]);
$query = $sqlc->query("SELECT * FROM character_reputation WHERE guid='{$charid}' AND (flags & 1=1)");
$output .= '<div class="content center_left">
<div class="contentbox">
<div class="contentbox_title">Character Info</div>
<div class="contentbox_body">
<ul id="tabnav">
<li><a href="characters.php?action=viewchar&id=' . $charid . '">Character</a></li>
<li><a href="characters.php?action=reputation&id=' . $charid . '" id="tabnav-current">Reputation</a></li>
<li><a href="characters.php?action=skills&id=' . $charid . '">Skills</a></li>
<li><a href="characters.php?action=talents&id=' . $charid . '">Talents</a></li>
</ul>
<div id="tabcontent">
<table class="stats_table">';
while ($reputation = $sqlc->fetch_array($query)) {
if ($reputation['standing'] <= 3000 && $reputation['standing'] >= -3000) {
$output .= '<tr><td>' . getfactionname($reputation['faction']) . '</td><td class="stats_outerbar"> <div class="bar_neutral stats_bar" style="width:' . 100 * $reputation['standing'] / 3000 . '%"></div><div class="bar_text">Neutral: ' . $reputation['standing'] . '/3000<div></td></tr>';
} elseif ($reputation['standing'] <= 5999 && $reputation['standing'] >= 3001) {
$output .= '<tr><td>' . getfactionname($reputation['faction']) . '</td><td class="stats_outerbar"> <div class="bar_good stats_bar" style="width:' . 100 * $reputation['standing'] / 6000 . '%"></div><div class="bar_text">Friendly: ' . $reputation['standing'] . '/6000<div></td></tr>';
} elseif ($reputation['standing'] <= 11999 && $reputation['standing'] >= 6000) {
$output .= '<tr><td>' . getfactionname($reputation['faction']) . '</td><td class="stats_outerbar"> <div class="bar_good stats_bar" style="width:' . 100 * $reputation['standing'] / 12000 . '%"></div><div class="bar_text">Honored: ' . $reputation['standing'] . '/12000<div></td></tr>';
} elseif ($reputation['standing'] <= 20999 && $reputation['standing'] >= 12000) {
$output .= '<tr><td>' . getfactionname($reputation['faction']) . '</td><td class="stats_outerbar"> <div class="bar_good stats_bar" style="width:' . 100 * $reputation['standing'] / 21000 . '%"></div><div class="bar_text">Revered: ' . $reputation['standing'] . '/21000<div></td></tr>';
} elseif ($reputation['standing'] <= 22000 && $reputation['standing'] >= 21000) {
$output .= '<tr><td>' . getfactionname($reputation['faction']) . '</td><td class="stats_outerbar"> <div class="bar_good stats_bar" style="width:' . 100 * $reputation['standing'] / 22000 . '%"></div><div class="bar_text">Exalted: ' . $reputation['standing'] . '/22000<div></td></tr>';
}
}
$output .= '</div>
</table>
</div>