function forum_do_edit_stick(&$sqlm)
{
global $forum_lang, $user_lvl, $mmfpm_db;
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
if ($user_lvl == 0) {
error($forum_lang['no_access']);
}
if (!isset($_GET['id'])) {
error($forum_lang['no_such_topic']);
} else {
$id = $sqlm->quote_smart($_GET['id']);
}
if (!isset($_GET['state'])) {
error('Bad request, please mail admin and describe what you did to get this error.');
} else {
$state = $sqlm->quote_smart($_GET['state']);
}
$sqlm->query('
UPDATE mm_forum_posts
SET sticked = ' . $state . '
WHERE id = ' . $id . '');
$sqlm->close();
redirect('forum.php?action=view_topic&id=' . $id . '');
// Queries : 1
}
function search()
{
global $lang_global, $lang_mail, $output, $itemperpage, $item_datasite, $mangos_db, $characters_db, $realm_id, $sql_search_limit;
wowhead_tt();
if (!isset($_GET['search_value']) || !isset($_GET['search_by'])) {
redirect("mail_on.php?error=2");
}
$sql = new SQL();
$sql->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
$search_value = $sql->quote_smart($_GET['search_value']);
$search_by = $sql->quote_smart($_GET['search_by']);
$search_menu = array('sender', 'receiver');
// if (!array_key_exists($search_by, $search_menu)) $search_by = 'sender';
$start = isset($_GET['start']) ? $sql->quote_smart($_GET['start']) : 0;
$order_by = isset($_GET['order_by']) ? $sql->quote_smart($_GET['order_by']) : "id";
$dir = isset($_GET['dir']) ? $sql->quote_smart($_GET['dir']) : 1;
$order_dir = $dir ? "ASC" : "DESC";
$dir = $dir ? 0 : 1;
$temp = $sql->query("SELECT guid FROM `characters` WHERE name like '%{$search_value}%'");
$search_value = $sql->result($temp, 0, 'guid');
$query_1 = $sql->query("SELECT count(*) FROM `mail`");
$query = $sql->query("SELECT a.id, a.messageType, a.sender, a.receiver, a.subject, a.itemTextId, a.has_items, a.money, a.cod, a.checked, b.item_template\r\n FROM mail a\r\n INNER JOIN mail_items b ON a.id = b.mail_id\r\n WHERE {$search_by} = {$search_value}\r\n ORDER BY {$order_by} {$order_dir} LIMIT {$start}, {$itemperpage}");
$this_page = $sql->num_rows($query);
$all_record = $sql->result($query_1, 0);
$total_found = $sql->num_rows($query);
//==========================top page navigation starts here========================
$output .= "<center><table class=\"top_hidden\">\r\n <tr><td>\r\n <table class=\"hidden\">\r\n <tr><td>\r\n <form action=\"mail_on.php\" method=\"get\" name=\"form\">\r\n <input type=\"hidden\" name=\"action\" value=\"search\" />\r\n <input type=\"hidden\" name=\"error\" value=\"4\" />\r\n <input type=\"text\" size=\"45\" name=\"search_value\" />\r\n <select name=\"search_by\">\r\n <option value=\"sender\">Sender</option>\r\n <option value=\"receiver\">Receiver</option>\r\n </select></form></td><td>";
makebutton($lang_global['search'], "javascript:do_submit()", 80);
$output .= "</td></tr></table>\r\n <td align=\"right\">";
$output .= generate_pagination("mail_on.php?action=search&order_by={$order_by}&dir=" . !$dir, $all_record, $itemperpage, $start);
$output .= "</td></tr></table>";
//==========================top page navigation ENDS here ========================
$output .= "<table class=\"lined\">\r\n <tr>\r\n <th width=\"5%\">" . $lang_mail['id'] . "</th>\r\n <th width=\"5%\">" . $lang_mail['mail_type'] . "</th>\r\n <th width=\"10%\">" . $lang_mail['sender'] . "</th>\r\n <th width=\"10%\">" . $lang_mail['receiver'] . "</th>\r\n <th width=\"15%\">" . $lang_mail['subject'] . "</th>\r\n <th width=\"5%\">" . $lang_mail['has_items'] . "</th>\r\n <th width=\"25%\">" . $lang_mail['text'] . "</th>\r\n <th width=\"20%\">" . $lang_mail['money'] . "</th>\r\n <th width=\"5%\">" . $lang_mail['checked'] . "</th>\r\n </tr>";
while ($mail = $sql->fetch_array($query)) {
$g = floor($mail[7] / 10000);
$mail[7] -= $g * 10000;
$s = floor($mail[7] / 100);
$mail[7] -= $s * 100;
$c = $mail[7];
$money = "";
if ($mail[7] > 0) {
$money = $g . "<img src=\"./img/gold.gif\" /> " . $s . "<img src=\"./img/silver.gif\" /> " . $c . "<img src=\"./img/copper.gif\" /> ";
}
$output .= "<tr valign=top>\r\n <td>{$mail['0']}</td>\r\n <td>" . get_mail_source($mail[1]) . "</td>\r\n <td><a href=\"char.php?id={$mail['2']}\">" . get_char_name($mail[2]) . "</a></td>\r\n <td><a href=\"char.php?id={$mail['3']}\">" . get_char_name($mail[3]) . "</a></td>\r\n <td>{$mail['4']}</td>\r\n ";
$output .= "<td>";
$output .= "\r\n <a style=\"padding:2px;\" href=\"{$item_datasite}{$mail[10]}\" target=\"_blank\">\r\n <img class=\"bag_icon\" src=\"" . get_item_icon($mail[10]) . "\" alt=\"\" />\r\n </a>";
//maketooltip("<img src=\"./img/up.gif\" alt=\"\">", $item_datasite{$mail[10]}, $mail[10], "item_tooltip", "target=\"_blank\"");
$output .= "</td>";
$output .= "<td>" . get_mail_text($mail[5]) . "</td>\r\n <td>{$money}</td>\r\n <td>" . get_check_state($mail[9]) . "</td>\r\n </tr>";
}
/*--------------------------------------------------*/
$output .= "<tr><td colspan=\"6\" class=\"hidden\" align=\"right\">All Mails: {$all_record}</td></tr>\r\n </table></center>";
$sql->close();
}
function do_add_entry()
{
global $realm_db, $user_name, $output, $action_permission, $user_lvl;
valid_login($action_permission['insert']);
if (empty($_GET['ban_type']) || empty($_GET['entry']) || empty($_GET['bantime'])) {
redirect("banned.php?error=1&action=add_entry");
}
$sqlr = new SQL();
$sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$ban_type = $sqlr->quote_smart($_GET['ban_type']);
$entry = $sqlr->quote_smart($_GET['entry']);
if ($ban_type == "account_banned") {
$result1 = $sqlr->query("SELECT id FROM account WHERE username ='******'");
if (!$sqlr->num_rows($result1)) {
redirect("banned.php?error=4&action=add_entry");
} else {
$entry = $sqlr->result($result1, 0, 'id');
}
}
$bantime = time() + 3600 * $sqlr->quote_smart($_GET['bantime']);
$banreason = isset($_GET['banreason']) && $_GET['banreason'] != '' ? $sqlr->quote_smart($_GET['banreason']) : "none";
if ($ban_type === "account_banned") {
$result = $sqlr->query("SELECT count(*) FROM account_banned WHERE id = '{$entry}'");
if (!$sqlr->result($result, 0)) {
$sqlr->query("INSERT INTO account_banned (id, bandate, unbandate, bannedby, banreason, active)\r\n VALUES ('{$entry}'," . time() . ",{$bantime},'{$user_name}','{$banreason}', 1)");
}
} else {
$sqlr->query("INSERT INTO ip_banned (ip, bandate, unbandate, bannedby, banreason)\r\n VALUES ('{$entry}'," . time() . ",{$bantime},'{$user_name}','{$banreason}')");
}
if ($sqlr->affected_rows()) {
redirect("banned.php?error=3&ban_type={$ban_type}");
} else {
redirect("banned.php?error=2&ban_type={$ban_type}");
}
}
function backup_user(&$sqlr, &$sqlc)
{
global $lang_global, $lang_user, $output, $realm_db, $characters_db, $realm_id, $user_lvl, $backup_dir, $action_permission;
valid_login($action_permission['insert']);
$sqlr = new SQL();
$sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
if (isset($_GET['check'])) {
$check = $sqlr->quote_smart($_GET['check']);
} else {
redirect("accounts.php?error=1");
}
require_once "libs/tab_lib.php";
$subdir = "{$backup_dir}/accounts/" . date("m_d_y_H_i_s") . "_partial";
mkdir($subdir, 0777);
for ($t = 0; $t < count($check); $t++) {
if ($check[$t] != "") {
$query = $sqlr->query("SELECT id FROM account WHERE id = {$check[$t]}");
$acc = $sqlr->fetch_array($query);
$file_name_new = $acc[0] . "_{$realm_db['name']}.sql";
$fp = fopen("{$subdir}/{$file_name_new}", 'w') or die($lang_backup['file_write_err']);
fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$realm_db['name']};\n") or die(error($lang_backup['file_write_err']));
fwrite($fp, "USE {$realm_db['name']};\n\n") or die($lang_backup['file_write_err']);
foreach ($tab_backup_user_realmd as $value) {
$acc_query = $sqlr->query("SELECT * FROM {$value['0']} WHERE {$value['1']} = {$acc['0']}");
$num_fields = $sqlr->num_fields($acc_query);
$numrow = $sqlr->num_rows($acc_query);
$result = "-- Dumping data for {$value['0']} " . date("m.d.y_H.i.s") . "\n";
$result .= "LOCK TABLES {$value['0']} WRITE;\n";
$result .= "DELETE FROM {$value['0']} WHERE {$value['1']} = {$acc['0']};\n";
if ($numrow) {
$result .= "INSERT INTO {$value['0']} (";
for ($count = 0; $count < $num_fields; $count++) {
$result .= "`" . $sqlr->field_name($acc_query, $count) . "`";
if ($count < $num_fields - 1) {
$result .= ",";
}
}
$result .= ") VALUES \n";
for ($i = 0; $i < $numrow; $i++) {
$result .= "\t(";
$row = $sqlr->fetch_row($acc_query);
for ($j = 0; $j < $num_fields; $j++) {
$row[$j] = addslashes($row[$j]);
$row[$j] = ereg_replace("\n", "\\n", $row[$j]);
if (isset($row[$j])) {
if ($sqlr->field_type($acc_query, $j) == "int") {
$result .= "{$row[$j]}";
} else {
$result .= "'{$row[$j]}'";
}
} else {
$result .= "''";
}
if ($j < $num_fields - 1) {
$result .= ",";
}
}
if ($i < $numrow - 1) {
$result .= "),\n";
}
}
$result .= ");\n";
}
$result .= "UNLOCK TABLES;\n";
$result .= "\n";
fwrite($fp, $result) or die(error($lang_backup['file_write_err']));
}
fclose($fp);
foreach ($characters_db as $db) {
$file_name_new = $acc[0] . "_{$db[$realm_id]['name']}.sql";
$fp = fopen("{$subdir}/{$file_name_new}", 'w') or die(error($lang_backup['file_write_err']));
fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$db[$realm_id]['name']};\n") or die(error($lang_backup['file_write_err']));
fwrite($fp, "USE {$db[$realm_id]['name']};\n\n") or die(error($lang_backup['file_write_err']));
$all_char_query = $sqlc->query("SELECT guid,name FROM `characters` WHERE account = {$acc['0']}");
while ($char = $sqlc->fetch_array($all_char_query)) {
fwrite($fp, "-- Dumping data for character {$char['1']}\n") or die(error($lang_backup['file_write_err']));
foreach ($tab_backup_user_characters as $value) {
$char_query = $sqlc->query("SELECT * FROM {$value['0']} WHERE {$value['1']} = {$char['0']}");
$num_fields = $sqlc->num_fields($char_query);
$numrow = $sqlc->num_rows($char_query);
$result = "LOCK TABLES {$value['0']} WRITE;\n";
$result .= "DELETE FROM {$value['0']} WHERE {$value['1']} = {$char['0']};\n";
if ($numrow) {
$result .= "INSERT INTO {$value['0']} (";
for ($count = 0; $count < $num_fields; $count++) {
$result .= "`" . $sqlc->field_name($char_query, $count) . "`";
if ($count < $num_fields - 1) {
$result .= ",";
}
}
$result .= ") VALUES \n";
for ($i = 0; $i < $numrow; $i++) {
$result .= "\t(";
$row = $sqlc->fetch_row($char_query);
for ($j = 0; $j < $num_fields; $j++) {
$row[$j] = addslashes($row[$j]);
$row[$j] = ereg_replace("\n", "\\n", $row[$j]);
if (isset($row[$j])) {
if ($sqlc->field_type($char_query, $j) == "int") {
$result .= "{$row[$j]}";
} else {
$result .= "'{$row[$j]}'";
}
} else {
$result .= "''";
}
if ($j < $num_fields - 1) {
$result .= ",";
}
}
if ($i < $numrow - 1) {
$result .= "),\n";
}
}
$result .= ");\n";
}
$result .= "UNLOCK TABLES;\n";
$result .= "\n";
fwrite($fp, $result) or die(error($lang_backup['file_write_err']));
}
}
fclose($fp);
}
}
}
redirect("accounts.php?error=15");
}
function instances()
{
global $output, $lang_instances, $realm_id, $world_db, $mmfpm_db, $itemperpage;
$sqlw = new SQL();
$sqlw->connect($world_db[$realm_id]['addr'], $world_db[$realm_id]['user'], $world_db[$realm_id]['pass'], $world_db[$realm_id]['name']);
//-------------------SQL Injection Prevention--------------------------------
// this page has multipage support and field ordering, so we need these
$start = isset($_GET['start']) ? $sqlw->quote_smart($_GET['start']) : 0;
if (is_numeric($start)) {
} else {
$start = 0;
}
$order_by = isset($_GET['order_by']) ? $sqlw->quote_smart($_GET['order_by']) : 'levelMin';
if (preg_match('/^[_[:lower:]]{1,11}$/', $order_by)) {
} else {
$order_by = 'levelMin';
}
$dir = isset($_GET['dir']) ? $sqlw->quote_smart($_GET['dir']) : 1;
if (preg_match('/^[01]{1}$/', $dir)) {
} else {
$dir = 1;
}
$order_dir = $dir ? 'ASC' : 'DESC';
$dir = $dir ? 0 : 1;
//-------------------SQL Injection Prevention--------------------------------
// for multipage support
$all_record = $sqlw->result($sqlw->query('SELECT count(*) FROM instance_template'), 0);
// main data that we need for this page, instances
$result = $sqlw->query('
SELECT map, levelMin, levelMax
FROM instance_template
ORDER BY ' . $order_by . ' ' . $order_dir . ' LIMIT ' . $start . ', ' . $itemperpage . ';');
//---------------Page Specific Data Starts Here--------------------------
$output .= '
<center>
<table class="top_hidden">
<tr>
<td width="25%" align="right">';
// multi page links
$output .= $lang_instances['total'] . ' : ' . $all_record . '<br /><br />' . generate_pagination('instances.php?order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1), $all_record, $itemperpage, $start);
// column headers, with links for sorting
$output .= '
</td>
</tr>
</table>
<table class="lined">
<tr>
<th width="20%"><a href="instances.php?order_by=map&start=' . $start . '&dir=' . $dir . '"' . ($order_by === 'map' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_instances['map'] . '</a></th>
<th width="5%"><a href="instances.php?order_by=levelMin&start=' . $start . '&dir=' . $dir . '"' . ($order_by === 'levelMin' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_instances['level_min'] . '</a></th>
<th width="5%"><a href="instances.php?order_by=levelMax&start=' . $start . '&dir=' . $dir . '"' . ($order_by === 'levelMax' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_instances['level_max'] . '</a></th>
<th width="20%">' . $lang_instances['area'] . '</th>
<th width="10%">' . $lang_instances['type'] . '</th>
<th width="5%">' . $lang_instances['expansion'] . '</th>
<th width="5%">' . $lang_instances['ppl'] . '</th>
</tr>';
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
while ($instances = $sqlw->fetch_assoc($result)) {
$output .= '
<tr valign="top">
<td>' . get_map_name($instances['map'], $sqlm) . '</td>
<td>' . char_get_level_color($instances['levelMin']) . '</td>
<td>' . char_get_level_color($instances['levelMax']) . '</td>
<td>' . get_map_zone($instances['map'], $sqlm) . '</td>
<td>' . get_map_type($instances['map'], $sqlm) . '</td>
<td>' . get_map_exp($instances['map'], $sqlm) . '</td>
<td>' . get_map_ppl($instances['map'], $sqlm) . '</td>
</tr>';
}
unset($reset);
unset($hours);
unset($days);
unset($instances);
unset($result);
$output .= '
</table>
<table class="top_hidden">
<tr>
<td width="25%" align="right">';
// multi page links
$output .= $lang_instances['total'] . ' : ' . $all_record . '<br /><br />' . generate_pagination('instances.php?order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1), $all_record, $itemperpage, $start);
unset($start);
$output .= '
</td>
</tr>
</table>
</center>';
}
function del_guild()
{
global $lang_guild, $lang_global, $output, $characters_db, $realm_id, $realm_db, $action_permission, $user_lvl, $user_id;
$sqlr = new SQL();
$sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
if (empty($_GET['realm'])) {
$realmid = $realm_id;
} else {
$realmid = $sqlr->quote_smart($_GET['realm']);
if (!is_numeric($realmid)) {
$realmid = $realm_id;
}
}
if (isset($_GET['id'])) {
$id = $_GET['id'];
} else {
redirect("guild.php?error=1&realm={$realmid}");
}
if (is_numeric($id)) {
} else {
redirect("guild.php?error=5&realm={$realmid}");
}
$sqlc = new SQL();
$sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']);
$q_amIguildleader = $sqlc->query("select 1 from guild where guildid = '{$id}' and leaderguid in (select guid from characters where account = '{$user_id}')");
$amIguildleader = $sqlc->result($q_amIguildleader, 0, '1');
if ($user_lvl < $action_permission['delete'] && !$amIguildleader) {
redirect("guild.php?error=6&realm={$realmid}");
}
$output .= "\r\n <center>\r\n <h1><font class=\"error\">{$lang_global['are_you_sure']}</font></h1>\r\n <br />\r\n <font class=\"bold\">{$lang_guild['guild_id']}: {$id} {$lang_global['will_be_erased']}</font>\r\n <br /><br />\r\n <form action=\"cleanup.php?action=docleanup\" method=\"post\" name=\"form\">\r\n <input type=\"hidden\" name=\"type\" value=\"guild\" />\r\n <input type=\"hidden\" name=\"check\" value=\"-{$id}\" />\r\n <input type=\"hidden\" name=\"override\" value=\"1\" />\r\n <table class=\"hidden\">\r\n <tr>\r\n <td>";
makebutton($lang_global['yes'], "javascript:do_submit()\" type=\"wrn", 130);
$output .= "\r\n </td>\r\n <td>";
makebutton($lang_global['no'], "guild.php?action=view_guild&realm={$realmid}&id={$id}\" type=\"def", 130);
$output .= '
</td>
</tr>
</table>
</form>
</center>
<br />';
}
function saveserver()
{
global $corem_db;
$sqlm = new SQL();
$sqlm->connect($corem_db["addr"], $corem_db["user"], $corem_db["pass"], $corem_db["name"], $corem_db["encoding"]);
$server_id = $sqlm->quote_smart($_GET["index"]);
$new_server_id = $sqlm->quote_smart($_GET["new_index"]);
$server_name = $sqlm->quote_smart($_GET["server_name"]);
$server_hosti = $sqlm->quote_smart($_GET["server_hosti"]);
$server_hostp = $sqlm->quote_smart($_GET["server_hostp"]);
$server_port = $sqlm->quote_smart($_GET["server_port"]);
$server_telnet_port = isset($_GET["server_telnet_port"]) ? $sqlm->quote_smart($_GET["server_telnet_port"]) : NULL;
$server_telnet_user = isset($_GET["server_telnet_user"]) ? strtoupper($sqlm->quote_smart($_GET["server_telnet_user"])) : NULL;
$server_telnet_pass = isset($_GET["server_telnet_pass"]) ? $sqlm->quote_smart($_GET["server_telnet_pass"]) : NULL;
$server_type = $sqlm->quote_smart($_GET["server_type"]);
$server_color = $sqlm->quote_smart($_GET["server_color"]);
$server_timezone = $sqlm->quote_smart($_GET["server_timezone"]);
$server_factions = isset($_GET["server_both"]) ? 1 : 0;
$server_stats = isset($_GET["server_stats"]) ? $sqlm->quote_smart($_GET["server_stats"]) : NULL;
$result = $sqlm->query("UPDATE config_servers SET `Index`='" . $new_server_id . "', Address='" . $server_hosti . "', Port='" . $server_port . "', Telnet_Port='" . $server_telnet_port . "', Telnet_User='******', Telnet_Pass='******', Both_Factions='" . $server_factions . "', Stats_XML='" . $server_stats . "', Name='" . $server_name . "', External_Address='" . $server_hostp . "', Port='" . $server_port . "', Icon='" . $server_type . "', Color='" . $server_color . "', Timezone='" . $server_timezone . "' WHERE `Index`='" . $server_id . "'");
redirect("admin.php?section=servers");
}
function do_update()
{
global $world_db, $realm_id, $action_permission, $user_lvl, $locales_search_option;
// on update, use replace.. and else insert
if ($_POST['insert'] == "1") {
if ($user_lvl < $action_permission['insert']) {
redirect("creature.php?error=9");
}
$db_action_creature = "INSERT";
} else {
if ($user_lvl < $action_permission['update']) {
redirect("creature.php?error=9");
}
$db_action_creature = "REPLACE";
}
//($del_trainer_spell || $del_loot_items || $del_skin_items || $del_pp_items || $del_questrelation || $del_involvedrelation || $del_vendor_item ) &&
if ($user_lvl < $action_permission['delete']) {
redirect("creature.php?error=9");
}
$deplang = get_lang_id();
if (!isset($_POST['entry']) || $_POST['entry'] === '') {
redirect("creature.php?error=1");
}
$sql = new SQL();
$sql->connect($world_db[$realm_id]['addr'], $world_db[$realm_id]['user'], $world_db[$realm_id]['pass'], $world_db[$realm_id]['name']);
$entry = $sql->quote_smart($_POST['entry']);
if (isset($_POST['difficulty_entry_1']) && $_POST['difficulty_entry_1'] != '') {
$difficulty_entry_1 = $sql->quote_smart($_POST['difficulty_entry_1']);
} else {
$difficulty_entry_1 = 0;
}
if (isset($_POST['modelid1']) && $_POST['modelid2'] != '') {
$modelid1 = $sql->quote_smart($_POST['modelid1']);
} else {
$modelid1 = 0;
}
if (isset($_POST['modelid3']) && $_POST['modelid3'] != '') {
$modelid3 = $sql->quote_smart($_POST['modelid3']);
} else {
$modelid3 = 0;
}
if (isset($_POST['name']) && $_POST['name'] != '') {
$name = $sql->quote_smart($_POST['name']);
} else {
$name = "";
}
if (isset($_POST['subname']) && $_POST['subname'] != '') {
$subname = $sql->quote_smart($_POST['subname']);
} else {
$subname = "";
}
if (isset($_POST['minlevel']) && $_POST['minlevel'] != '') {
$minlevel = $sql->quote_smart($_POST['minlevel']);
} else {
$minlevel = 0;
}
if (isset($_POST['maxlevel']) && $_POST['maxlevel'] != '') {
$maxlevel = $sql->quote_smart($_POST['maxlevel']);
} else {
$maxlevel = 0;
}
if (isset($_POST['faction_A']) && $_POST['faction_A'] != '') {
$faction_A = $sql->quote_smart($_POST['faction_A']);
} else {
$faction_A = 0;
}
if (isset($_POST['faction_H']) && $_POST['faction_H'] != '') {
$faction_H = $sql->quote_smart($_POST['faction_H']);
} else {
$faction_H = 0;
}
if (isset($_POST['npcflag'])) {
$npcflag = $sql->quote_smart($_POST['npcflag']);
} else {
$npcflag = 0;
}
if (isset($_POST['speed_walk']) && $_POST['speed_walk'] != '') {
$speed_walk = $sql->quote_smart($_POST['speed_walk']);
} else {
$speed_walk = 0;
}
if (isset($_POST['rank']) && $_POST['rank'] != '') {
$rank = $sql->quote_smart($_POST['rank']);
} else {
$rank = 0;
}
if (isset($_POST['mindmg']) && $_POST['mindmg'] != '') {
$mindmg = $sql->quote_smart($_POST['mindmg']);
} else {
$mindmg = 0;
}
if (isset($_POST['maxdmg']) && $_POST['maxdmg'] != '') {
$maxdmg = $sql->quote_smart($_POST['maxdmg']);
} else {
$maxdmg = 0;
}
if (isset($_POST['dmgschool']) && $_POST['dmgschool'] != '') {
$dmgschool = $sql->quote_smart($_POST['dmgschool']);
} else {
$dmgschool = 0;
}
if (isset($_POST['attackpower']) && $_POST['attackpower'] != '') {
$attackpower = $sql->quote_smart($_POST['attackpower']);
} else {
$attackpower = 0;
}
if (isset($_POST['baseattacktime']) && $_POST['baseattacktime'] != '') {
$baseattacktime = $sql->quote_smart($_POST['baseattacktime']);
} else {
$baseattacktime = 0;
}
if (isset($_POST['rangeattacktime']) && $_POST['rangeattacktime'] != '') {
$rangeattacktime = $sql->quote_smart($_POST['rangeattacktime']);
} else {
$rangeattacktime = 0;
}
if (isset($_POST['unit_flags']) && $_POST['unit_flags'] != '') {
$unit_flags = $sql->quote_smart($_POST['unit_flags']);
} else {
$unit_flags = 0;
}
if (isset($_POST['dynamicflags']) && $_POST['dynamicflags'] != '') {
$dynamicflags = $sql->quote_smart($_POST['dynamicflags']);
} else {
$dynamicflags = 0;
}
if (isset($_POST['family']) && $_POST['family'] != '') {
$family = $sql->quote_smart($_POST['family']);
} else {
$family = 0;
}
if (isset($_POST['trainer_type']) && $_POST['trainer_type'] != '') {
$trainer_type = $sql->quote_smart($_POST['trainer_type']);
} else {
$trainer_type = 0;
}
if (isset($_POST['trainer_spell']) && $_POST['trainer_spell'] != '') {
$trainer_spell = $sql->quote_smart($_POST['trainer_spell']);
} else {
$trainer_spell = 0;
}
if (isset($_POST['trainer_class']) && $_POST['trainer_class'] != '') {
$trainer_class = $sql->quote_smart($_POST['trainer_class']);
} else {
$trainer_class = 0;
}
if (isset($_POST['trainer_race']) && $_POST['trainer_race'] != '') {
$trainer_race = $sql->quote_smart($_POST['trainer_race']);
} else {
$trainer_race = 0;
}
if (isset($_POST['minrangedmg']) && $_POST['minrangedmg'] != '') {
$minrangedmg = $sql->quote_smart($_POST['minrangedmg']);
} else {
$minrangedmg = 0;
}
if (isset($_POST['maxrangedmg']) && $_POST['maxrangedmg'] != '') {
$maxrangedmg = $sql->quote_smart($_POST['maxrangedmg']);
} else {
$maxrangedmg = 0;
}
if (isset($_POST['rangedattackpower']) && $_POST['rangedattackpower'] != '') {
$rangedattackpower = $sql->quote_smart($_POST['rangedattackpower']);
} else {
$rangedattackpower = 0;
}
if (isset($_POST['combat_reach']) && $_POST['combat_reach'] != '') {
$combat_reach = $sql->quote_smart($_POST['combat_reach']);
} else {
$combat_reach = 0;
}
if (isset($_POST['type']) && $_POST['type'] != '') {
$type = $sql->quote_smart($_POST['type']);
} else {
$type = 0;
}
if (isset($_POST['flags_extra']) && $_POST['flags_extra'] != '') {
$flags_extra = $sql->quote_smart($_POST['flags_extra']);
} else {
$flags_extra = 0;
}
if (isset($_POST['type_flags']) && $_POST['type_flags'] != '') {
$type_flags = $sql->quote_smart($_POST['type_flags']);
} else {
$type_flags = 0;
}
if (isset($_POST['lootid']) && $_POST['lootid'] != '') {
$lootid = $sql->quote_smart($_POST['lootid']);
} else {
$lootid = 0;
}
if (isset($_POST['pickpocketloot']) && $_POST['pickpocketloot'] != '') {
$pickpocketloot = $sql->quote_smart($_POST['pickpocketloot']);
} else {
$pickpocketloot = 0;
}
if (isset($_POST['skinloot']) && $_POST['skinloot'] != '') {
$skinloot = $sql->quote_smart($_POST['skinloot']);
} else {
$skinloot = 0;
}
if (isset($_POST['resistance1']) && $_POST['resistance1'] != '') {
$resistance1 = $sql->quote_smart($_POST['resistance1']);
} else {
$resistance1 = 0;
}
if (isset($_POST['resistance2']) && $_POST['resistance2'] != '') {
$resistance2 = $sql->quote_smart($_POST['resistance2']);
} else {
$resistance2 = 0;
}
if (isset($_POST['resistance3']) && $_POST['resistance3'] != '') {
$resistance3 = $sql->quote_smart($_POST['resistance3']);
} else {
$resistance3 = 0;
}
if (isset($_POST['resistance4']) && $_POST['resistance4'] != '') {
$resistance4 = $sql->quote_smart($_POST['resistance4']);
} else {
$resistance4 = 0;
}
if (isset($_POST['resistance5']) && $_POST['resistance5'] != '') {
$resistance5 = $sql->quote_smart($_POST['resistance5']);
} else {
$resistance5 = 0;
}
if (isset($_POST['resistance6']) && $_POST['resistance6'] != '') {
$resistance6 = $sql->quote_smart($_POST['resistance6']);
} else {
$resistance6 = 0;
}
if (isset($_POST['spell1']) && $_POST['spell1'] != '') {
$spell1 = $sql->quote_smart($_POST['spell1']);
} else {
$spell1 = 0;
}
if (isset($_POST['spell2']) && $_POST['spell2'] != '') {
$spell2 = $sql->quote_smart($_POST['spell2']);
} else {
$spell2 = 0;
}
if (isset($_POST['spell3']) && $_POST['spell3'] != '') {
$spell3 = $sql->quote_smart($_POST['spell3']);
} else {
$spell3 = 0;
}
if (isset($_POST['spell4']) && $_POST['spell4'] != '') {
$spell4 = $sql->quote_smart($_POST['spell4']);
} else {
$spell4 = 0;
}
if (isset($_POST['mingold']) && $_POST['mingold'] != '') {
$mingold = $sql->quote_smart($_POST['mingold']);
} else {
$mingold = 0;
}
if (isset($_POST['maxgold']) && $_POST['maxgold'] != '') {
$maxgold = $sql->quote_smart($_POST['maxgold']);
} else {
$maxgold = 0;
}
if (isset($_POST['AIName']) && $_POST['AIName'] != '') {
$AIName = $sql->quote_smart($_POST['AIName']);
} else {
$AIName = "";
}
if (isset($_POST['MovementType']) && $_POST['MovementType'] != '') {
$MovementType = $sql->quote_smart($_POST['MovementType']);
} else {
$MovementType = 0;
}
if (isset($_POST['InhabitType']) && $_POST['InhabitType'] != '') {
$InhabitType = $sql->quote_smart($_POST['InhabitType']);
} else {
$InhabitType = 0;
}
if (isset($_POST['ScriptName']) && $_POST['ScriptName'] != '') {
$ScriptName = $sql->quote_smart($_POST['ScriptName']);
} else {
$ScriptName = "";
}
if (isset($_POST['RacialLeader']) && $_POST['RacialLeader'] != '') {
$RacialLeader = $sql->quote_smart($_POST['RacialLeader']);
} else {
$RacialLeader = 0;
}
if (isset($_POST['ChanceOrQuestChance']) && $_POST['ChanceOrQuestChance'] != '') {
$ChanceOrQuestChance = $sql->quote_smart($_POST['ChanceOrQuestChance']);
} else {
$ChanceOrQuestChance = 0;
}
if (isset($_POST['groupid']) && $_POST['groupid'] != '') {
$groupid = $sql->quote_smart($_POST['groupid']);
} else {
$groupid = 0;
}
if (isset($_POST['mincountOrRef']) && $_POST['mincountOrRef'] != '') {
$mincountOrRef = $sql->quote_smart($_POST['mincountOrRef']);
} else {
$mincountOrRef = 0;
}
if (isset($_POST['maxcount']) && $_POST['maxcount'] != '') {
$maxcount = $sql->quote_smart($_POST['maxcount']);
} else {
$maxcount = 0;
}
if (isset($_POST['lootcondition']) && $_POST['lootcondition'] != '') {
$lootcondition = $sql->quote_smart($_POST['lootcondition']);
} else {
$lootcondition = 0;
}
if (isset($_POST['condition_value1']) && $_POST['condition_value1'] != '') {
$condition_value1 = $sql->quote_smart($_POST['condition_value1']);
} else {
$condition_value1 = 0;
}
if (isset($_POST['condition_value2']) && $_POST['condition_value2'] != '') {
$condition_value2 = $sql->quote_smart($_POST['condition_value2']);
} else {
$condition_value2 = 0;
}
if (isset($_POST['item']) && $_POST['item'] != '') {
$item = $sql->quote_smart($_POST['item']);
} else {
$item = 0;
}
if (isset($_POST['del_loot_items']) && $_POST['del_loot_items'] != '') {
$del_loot_items = $sql->quote_smart($_POST['del_loot_items']);
} else {
$del_loot_items = NULL;
}
if (isset($_POST['involvedrelation']) && $_POST['involvedrelation'] != '') {
$involvedrelation = $sql->quote_smart($_POST['involvedrelation']);
} else {
$involvedrelation = 0;
}
if (isset($_POST['del_involvedrelation']) && $_POST['del_involvedrelation'] != '') {
$del_involvedrelation = $sql->quote_smart($_POST['del_involvedrelation']);
} else {
$del_involvedrelation = NULL;
}
if (isset($_POST['questrelation']) && $_POST['questrelation'] != '') {
$questrelation = $sql->quote_smart($_POST['questrelation']);
} else {
$questrelation = 0;
}
if (isset($_POST['del_questrelation']) && $_POST['del_questrelation'] != '') {
$del_questrelation = $sql->quote_smart($_POST['del_questrelation']);
} else {
$del_questrelation = NULL;
}
if (isset($_POST['del_vendor_item']) && $_POST['del_vendor_item'] != '') {
$del_vendor_item = $sql->quote_smart($_POST['del_vendor_item']);
} else {
$del_vendor_item = NULL;
}
if (isset($_POST['vendor_item']) && $_POST['vendor_item'] != '') {
$vendor_item = $sql->quote_smart($_POST['vendor_item']);
} else {
$vendor_item = 0;
}
if (isset($_POST['vendor_maxcount']) && $_POST['vendor_maxcount'] != '') {
$vendor_maxcount = $sql->quote_smart($_POST['vendor_maxcount']);
} else {
$vendor_maxcount = 0;
}
if (isset($_POST['vendor_incrtime']) && $_POST['vendor_incrtime'] != '') {
$vendor_incrtime = $sql->quote_smart($_POST['vendor_incrtime']);
} else {
$vendor_incrtime = 0;
}
if (isset($_POST['vendor_extended_cost']) && $_POST['vendor_extended_cost'] != '') {
$vendor_extended_cost = $sql->quote_smart($_POST['vendor_extended_cost']);
} else {
$vendor_extended_cost = 0;
}
if (isset($_POST['skin_ChanceOrQuestChance']) && $_POST['skin_ChanceOrQuestChance'] != '') {
$skin_ChanceOrQuestChance = $sql->quote_smart($_POST['skin_ChanceOrQuestChance']);
} else {
$skin_ChanceOrQuestChance = 0;
}
if (isset($_POST['skin_groupid']) && $_POST['skin_groupid'] != '') {
$skin_groupid = $sql->quote_smart($_POST['skin_groupid']);
} else {
$skin_groupid = 0;
}
if (isset($_POST['skin_mincountOrRef']) && $_POST['skin_mincountOrRef'] != '') {
$skin_mincountOrRef = $sql->quote_smart($_POST['skin_mincountOrRef']);
} else {
$skin_mincountOrRef = 0;
}
if (isset($_POST['skin_maxcount']) && $_POST['skin_maxcount'] != '') {
$skin_maxcount = $sql->quote_smart($_POST['skin_maxcount']);
} else {
$skin_maxcount = 0;
}
if (isset($_POST['skin_lootcondition']) && $_POST['skin_lootcondition'] != '') {
$skin_lootcondition = $sql->quote_smart($_POST['skin_lootcondition']);
} else {
$skin_lootcondition = 0;
}
if (isset($_POST['skin_condition_value1']) && $_POST['skin_condition_value1'] != '') {
$skin_condition_value1 = $sql->quote_smart($_POST['skin_condition_value1']);
} else {
$skin_condition_value1 = 0;
}
if (isset($_POST['skin_condition_value2']) && $_POST['skin_condition_value2'] != '') {
$skin_condition_value2 = $sql->quote_smart($_POST['skin_condition_value2']);
} else {
$skin_condition_value2 = 0;
}
if (isset($_POST['skin_item']) && $_POST['skin_item'] != '') {
$skin_item = $sql->quote_smart($_POST['skin_item']);
} else {
$skin_item = 0;
}
if (isset($_POST['del_skin_items']) && $_POST['del_skin_items'] != '') {
$del_skin_items = $sql->quote_smart($_POST['del_skin_items']);
} else {
$del_skin_items = NULL;
}
if (isset($_POST['pp_ChanceOrQuestChance']) && $_POST['pp_ChanceOrQuestChance'] != '') {
$pp_ChanceOrQuestChance = $sql->quote_smart($_POST['pp_ChanceOrQuestChance']);
} else {
$pp_ChanceOrQuestChance = 0;
}
if (isset($_POST['pp_groupid']) && $_POST['pp_groupid'] != '') {
$pp_groupid = $sql->quote_smart($_POST['pp_groupid']);
} else {
$pp_groupid = 0;
}
if (isset($_POST['pp_mincountOrRef']) && $_POST['pp_mincountOrRef'] != '') {
$pp_mincountOrRef = $sql->quote_smart($_POST['pp_mincountOrRef']);
} else {
$pp_mincountOrRef = 0;
}
if (isset($_POST['pp_maxcount']) && $_POST['pp_maxcount'] != '') {
$pp_maxcount = $sql->quote_smart($_POST['pp_maxcount']);
} else {
$pp_maxcount = 0;
}
if (isset($_POST['pp_lootcondition']) && $_POST['pp_lootcondition'] != '') {
$pp_lootcondition = $sql->quote_smart($_POST['pp_lootcondition']);
} else {
$pp_lootcondition = 0;
}
if (isset($_POST['pp_condition_value1']) && $_POST['pp_condition_value1'] != '') {
$pp_condition_value1 = $sql->quote_smart($_POST['pp_condition_value1']);
} else {
$pp_condition_value1 = 0;
}
if (isset($_POST['pp_condition_value2']) && $_POST['pp_condition_value2'] != '') {
$pp_condition_value2 = $sql->quote_smart($_POST['pp_condition_value2']);
} else {
$pp_condition_value2 = 0;
}
if (isset($_POST['pp_item']) && $_POST['pp_item'] != '') {
$pp_item = $sql->quote_smart($_POST['pp_item']);
} else {
$pp_item = 0;
}
if (isset($_POST['del_pp_items']) && $_POST['del_pp_items'] != '') {
$del_pp_items = $sql->quote_smart($_POST['del_pp_items']);
} else {
$del_pp_items = NULL;
}
if (isset($_POST['trainer_spell']) && $_POST['trainer_spell'] != '') {
$trainer_spell = $sql->quote_smart($_POST['trainer_spell']);
} else {
$trainer_spell = 0;
}
if (isset($_POST['spellcost']) && $_POST['spellcost'] != '') {
$spellcost = $sql->quote_smart($_POST['spellcost']);
} else {
$spellcost = 0;
}
if (isset($_POST['reqskill']) && $_POST['reqskill'] != '') {
$reqskill = $sql->quote_smart($_POST['reqskill']);
} else {
$reqskill = 0;
}
if (isset($_POST['reqskillvalue']) && $_POST['reqskillvalue'] != '') {
$reqskillvalue = $sql->quote_smart($_POST['reqskillvalue']);
} else {
$reqskillvalue = 0;
}
if (isset($_POST['reqlevel']) && $_POST['reqlevel'] != '') {
$reqlevel = $sql->quote_smart($_POST['reqlevel']);
} else {
$reqlevel = 0;
}
if (isset($_POST['del_trainer_spell']) && $_POST['del_trainer_spell'] != '') {
$del_trainer_spell = $sql->quote_smart($_POST['del_trainer_spell']);
} else {
$del_trainer_spell = NULL;
}
if ($locales_search_option != 0) {
// locales
for ($lc = 1; $lc < 9; $lc++) {
if (isset($_POST['name_loc' . $lc]) && $_POST['name_loc' . $lc] != '' && !preg_match('/^[\\t\\v\\b\\f\\a\\n\\r\\\\"\\? <>[](){}_=+-|!@#$%^&*~`.,\\0]{1,30}$/', $_POST['name_loc' . $lc])) {
$name_loc[$lc] = $sql->quote_smart($_POST['name_loc' . $lc]);
} else {
$name_loc[$lc] = '';
}
if (isset($_POST['subname_loc' . $lc]) && $_POST['subname_loc' . $lc] != '' && !preg_match('/^[\\t\\v\\b\\f\\a\\n\\r\\\\"\\? <>[](){}_=+-|!@#$%^&*~`.,\\0]{1,30}$/', $_POST['subname_loc' . $lc])) {
$subname_loc[$lc] = $sql->quote_smart($_POST['subname_loc' . $lc]);
} else {
$subname_loc[$lc] = '';
}
}
}
$tmp = 0;
for ($t = 0; $t < count($npcflag); $t++) {
if ($npcflag[$t] & 1) {
$tmp = $tmp + 1;
}
if ($npcflag[$t] & 2) {
$tmp = $tmp + 2;
}
if ($npcflag[$t] & 16) {
$tmp = $tmp + 16;
}
if ($npcflag[$t] & 128) {
$tmp = $tmp + 128;
}
if ($npcflag[$t] & 4096) {
$tmp = $tmp + 4096;
}
if ($npcflag[$t] & 8192) {
$tmp = $tmp + 8192;
}
if ($npcflag[$t] & 16384) {
$tmp = $tmp + 16384;
}
if ($npcflag[$t] & 65536) {
$tmp = $tmp + 65536;
}
if ($npcflag[$t] & 131072) {
$tmp = $tmp + 131072;
}
if ($npcflag[$t] & 262144) {
$tmp = $tmp + 262144;
}
if ($npcflag[$t] & 524288) {
$tmp = $tmp + 524288;
}
if ($npcflag[$t] & 1048576) {
$tmp = $tmp + 1048576;
}
if ($npcflag[$t] & 2097152) {
$tmp = $tmp + 2097152;
}
if ($npcflag[$t] & 4194304) {
$tmp = $tmp + 4194304;
}
if ($npcflag[$t] & 268435456) {
$tmp = $tmp + 268435456;
}
}
$npcflag = $tmp ? $tmp : 0;
// insert or update creature
$sql_query = "{$db_action_creature} INTO creature_template ( entry, difficulty_entry_1, modelid1, modelid3, name, subname, minlevel, maxlevel, faction_A, faction_H, npcflag, speed_walk, rank, mindmg, maxdmg, dmgschool, attackpower, baseattacktime, rangeattacktime, unit_flags, dynamicflags, family, trainer_type, trainer_spell, trainer_class, trainer_race, minrangedmg, maxrangedmg, rangedattackpower, type, flags_extra, type_flags, lootid, pickpocketloot, skinloot, resistance1, resistance2, resistance3, resistance4, resistance5, resistance6, spell1, spell2, spell3, spell4, mingold, maxgold, AIName, MovementType, InhabitType, RacialLeader, ScriptName) VALUES ( '{$entry}', '{$difficulty_entry_1}', '{$modelid1}', '{$modelid3}', '{$name}', '{$subname}', '{$minlevel}', '{$maxlevel}', '{$faction_A}', '{$faction_A}', '{$npcflag}', '{$speed_walk}', '{$rank}', '{$mindmg}', '{$maxdmg}', '{$dmgschool}', '{$attackpower}', '{$baseattacktime}', '{$rangeattacktime}', '{$unit_flags}', '{$dynamicflags}', '{$family}', '{$trainer_type}', '{$trainer_spell}', '{$trainer_class}', '{$trainer_race}', '{$minrangedmg}', '{$maxrangedmg}', '{$rangedattackpower}', '{$type}', '{$flags_extra}', '{$type_flags}', '{$lootid}', '{$pickpocketloot}', '{$skinloot}', '{$resistance1}', '{$resistance2}', '{$resistance3}', '{$resistance4}', '{$resistance5}', '{$resistance6}', '{$spell1}', '{$spell2}', '{$spell3}', '{$spell4}', '{$mingold}', '{$maxgold}', '{$AIName}', '{$MovementType}', '{$InhabitType}', '{$RacialLeader}', '{$ScriptName}' );\n";
if ($trainer_spell) {
$sql_query .= "{$db_action_creature} INTO npc_trainer (entry, spell, spellcost, reqskill, reqskillvalue, reqlevel) VALUES ({$entry},{$trainer_spell},{$spellcost},{$reqskill} ,{$reqskillvalue} ,{$reqlevel});\n";
}
if ($del_trainer_spell) {
foreach ($del_trainer_spell as $spell_id) {
$sql_query .= "DELETE FROM npc_trainer WHERE entry = {$entry} AND spell = {$spell_id};\n";
}
}
if ($item) {
$sql_query .= "{$db_action_creature} INTO creature_loot_template (entry, item, ChanceOrQuestChance, `groupid`, mincountOrRef, maxcount, lootcondition, condition_value1, condition_value2) VALUES ({$lootid},{$item},'{$ChanceOrQuestChance}', '{$groupid}' ,{$mincountOrRef} ,{$maxcount} ,{$lootcondition} ,{$condition_value1} ,{$condition_value2});\n";
}
if ($del_loot_items) {
foreach ($del_loot_items as $item_id) {
$sql_query .= "DELETE FROM creature_loot_template WHERE entry = {$lootid} AND item = {$item_id};\n";
}
}
if ($skin_item) {
$sql_query .= "{$db_action_creature} INTO skinning_loot_template (entry, item, ChanceOrQuestChance, `groupid`, mincountOrRef, maxcount, lootcondition, condition_value1, condition_value2) VALUES ({$skinloot},{$skin_item},'{$skin_ChanceOrQuestChance}', '{$skin_groupid}' ,{$skin_mincountOrRef} ,{$skin_maxcount} ,{$skin_lootcondition} ,{$skin_condition_value1} ,{$skin_condition_value2});\n";
}
if ($del_skin_items) {
foreach ($del_skin_items as $item_id) {
$sql_query .= "DELETE FROM skinning_loot_template WHERE entry = {$skinloot} AND item = {$item_id};\n";
}
}
if ($pp_item) {
$sql_query .= "{$db_action_creature} INTO pickpocketing_loot_template (entry, item, ChanceOrQuestChance, `groupid`, mincountOrRef, maxcount, lootcondition, condition_value1, condition_value2) VALUES ({$pickpocketloot},{$pp_item},'{$pp_ChanceOrQuestChance}', '{$pp_groupid}' ,{$pp_mincountOrRef} ,{$pp_maxcount} ,{$pp_lootcondition} ,{$pp_condition_value1} ,{$pp_condition_value2});\n";
}
if ($del_pp_items) {
foreach ($del_pp_items as $item_id) {
$sql_query .= "DELETE FROM pickpocketing_loot_template WHERE entry = {$pickpocketloot} AND item = {$item_id};\n";
}
}
if ($questrelation) {
$sql_query .= "{$db_action_creature} INTO creature_questrelation (id, quest) VALUES ({$entry},{$questrelation});\n";
}
if ($involvedrelation) {
$sql_query .= "{$db_action_creature} INTO creature_involvedrelation (id, quest) VALUES ({$entry},{$involvedrelation});\n";
}
if ($del_questrelation) {
foreach ($del_questrelation as $quest_id) {
$sql_query .= "DELETE FROM creature_questrelation WHERE id = {$entry} AND quest = {$quest_id};\n";
}
}
if ($del_involvedrelation) {
foreach ($del_involvedrelation as $quest_id) {
$sql_query .= "DELETE FROM creature_involvedrelation WHERE id = {$entry} AND quest = {$quest_id};\n";
}
}
if ($del_vendor_item) {
foreach ($del_vendor_item as $item_id) {
$sql_query .= "DELETE FROM npc_vendor WHERE entry = {$entry} AND item = {$item_id};\n";
}
}
if ($vendor_item) {
$sql_query .= "{$db_action_creature} INTO npc_vendor (entry, item, maxcount, incrtime, ExtendedCost) VALUES ({$entry},{$vendor_item},{$vendor_maxcount},{$vendor_incrtime},{$vendor_extended_cost});\n";
}
if ($locales_search_option != 0) {
if ($name_loc) {
$sql_query .= "{$db_action_creature} INTO locales_creature (`entry`, `name_loc1`, `name_loc2`, `name_loc3`, `name_loc4`, `name_loc5`, `name_loc6`, `name_loc7`, `name_loc8`, `subname_loc1`, `subname_loc2`, `subname_loc3`, `subname_loc4`, `subname_loc5`, `subname_loc6`, `subname_loc7`, `subname_loc8`) VALUES ('{$entry}', '{$name_loc['1']}', '{$name_loc['2']}', '{$name_loc['3']}', '{$name_loc['4']}', '{$name_loc['5']}', '{$name_loc['6']}', '{$name_loc['7']}', '{$name_loc['8']}', '{$subname_loc['1']}', '{$subname_loc['2']}', '{$subname_loc['3']}', '{$subname_loc['4']}', '{$subname_loc['5']}', '{$subname_loc['6']}', '{$subname_loc['7']}', '{$subname_loc['8']}');\n";
}
}
if (isset($_POST['backup_op']) && $_POST['backup_op'] == 1) {
$sql->close();
Header("Content-type: application/octet-stream");
Header("Content-Disposition: attachment; filename=creatureid_{$entry}.sql");
echo $sql_query;
exit;
redirect("creature.php?action=edit&entry={$entry}&error=4");
} else {
$sql_query = explode(';', $sql_query);
foreach ($sql_query as $tmp_query) {
if ($tmp_query && $tmp_query != "\n") {
$result = $sql->query($tmp_query);
}
}
$sql->close();
}
if ($result) {
redirect("creature.php?action=edit&entry={$entry}&error=4");
} else {
redirect("creature.php");
}
}
function do_update()
{
global $world_db, $realm_id, $action_permission, $user_lvl;
valid_login($action_permission['update']);
if (!isset($_POST['type']) || $_POST['type'] === '') {
redirect("item.php?error=1");
}
if (!isset($_POST['entry']) || $_POST['entry'] === '') {
redirect("item.php?error=1");
}
$sql = new SQL();
$sql->connect($world_db[$realm_id]['addr'], $world_db[$realm_id]['user'], $world_db[$realm_id]['pass'], $world_db[$realm_id]['name']);
$entry = $sql->quote_smart($_POST['entry']);
if (isset($_POST['class']) && $_POST['class'] != '') {
$class = $sql->quote_smart($_POST['class']);
} else {
$class = 0;
}
if (isset($_POST['subclass']) && $_POST['subclass'] != '') {
$subclass = $sql->quote_smart($_POST['subclass']);
} else {
$subclass = 0;
}
if (isset($_POST['name']) && $_POST['name'] != '') {
$name = $sql->quote_smart($_POST['name']);
} else {
$name = 0;
}
if (isset($_POST['displayid']) && $_POST['displayid'] != '') {
$displayid = $sql->quote_smart($_POST['displayid']);
} else {
$displayid = 0;
}
if (isset($_POST['Quality']) && $_POST['Quality'] != '') {
$Quality = $sql->quote_smart($_POST['Quality']);
} else {
$Quality = 0;
}
if (isset($_POST['Flags']) && $_POST['Flags'] != '') {
$Flags = $sql->quote_smart($_POST['Flags']);
} else {
$Flags = 0;
}
if (isset($_POST['BuyCount']) && $_POST['BuyCount'] != '') {
$BuyCount = $sql->quote_smart($_POST['BuyCount']);
} else {
$BuyCount = 0;
}
if (isset($_POST['BuyPrice']) && $_POST['BuyPrice'] != '') {
$BuyPrice = $sql->quote_smart($_POST['BuyPrice']);
} else {
$BuyPrice = 0;
}
if (isset($_POST['SellPrice']) && $_POST['SellPrice'] != '') {
$SellPrice = $sql->quote_smart($_POST['SellPrice']);
} else {
$SellPrice = 0;
}
if (isset($_POST['InventoryType']) && $_POST['InventoryType'] != '') {
$InventoryType = $sql->quote_smart($_POST['InventoryType']);
} else {
$AllowableClass = 0;
}
if (isset($_POST['AllowableClass'])) {
$AllowableClass = $sql->quote_smart($_POST['AllowableClass']);
} else {
$AllowableClass = -1;
}
if (isset($_POST['AllowableRace'])) {
$AllowableRace = $sql->quote_smart($_POST['AllowableRace']);
} else {
$AllowableRace = -1;
}
if (isset($_POST['ItemLevel']) && $_POST['ItemLevel'] != '') {
$ItemLevel = $sql->quote_smart($_POST['ItemLevel']);
} else {
$ItemLevel = 1;
}
if (isset($_POST['RequiredLevel']) && $_POST['RequiredLevel'] != '') {
$RequiredLevel = $sql->quote_smart($_POST['RequiredLevel']);
} else {
$RequiredLevel = 0;
}
if (isset($_POST['RequiredSkill']) && $_POST['RequiredSkill'] != '') {
$RequiredSkill = $sql->quote_smart($_POST['RequiredSkill']);
} else {
$RequiredSkill = 0;
}
if (isset($_POST['RequiredSkillRank']) && $_POST['RequiredSkillRank'] != '') {
$RequiredSkillRank = $sql->quote_smart($_POST['RequiredSkillRank']);
} else {
$RequiredSkillRank = 0;
}
if (isset($_POST['requiredspell']) && $_POST['requiredspell'] != '') {
$requiredspell = $sql->quote_smart($_POST['requiredspell']);
} else {
$requiredspell = 0;
}
if (isset($_POST['requiredhonorrank']) && $_POST['requiredhonorrank'] != '') {
$requiredhonorrank = $sql->quote_smart($_POST['requiredhonorrank']);
} else {
$requiredhonorrank = 0;
}
if (isset($_POST['RequiredCityRank']) && $_POST['RequiredCityRank'] != '') {
$RequiredCityRank = $sql->quote_smart($_POST['RequiredCityRank']);
} else {
$RequiredCityRank = 0;
}
if (isset($_POST['RequiredReputationFaction']) && $_POST['RequiredReputationFaction'] != '') {
$RequiredReputationFaction = $sql->quote_smart($_POST['RequiredReputationFaction']);
} else {
$RequiredReputationFaction = 0;
}
if (isset($_POST['RequiredReputationRank']) && $_POST['RequiredReputationRank'] != '') {
$RequiredReputationRank = $sql->quote_smart($_POST['RequiredReputationRank']);
} else {
$RequiredReputationRank = 0;
}
if (isset($_POST['maxcount']) && $_POST['maxcount'] != '') {
$maxcount = $sql->quote_smart($_POST['maxcount']);
} else {
$maxcount = 0;
}
if (isset($_POST['stackable']) && $_POST['stackable'] != '') {
$stackable = $sql->quote_smart($_POST['stackable']);
} else {
$description = 0;
}
if (isset($_POST['ContainerSlots']) && $_POST['ContainerSlots'] != '') {
$ContainerSlots = $sql->quote_smart($_POST['ContainerSlots']);
} else {
$ContainerSlots = 0;
}
if (isset($_POST['stat_type1']) && $_POST['stat_type1'] != '') {
$stat_type1 = $sql->quote_smart($_POST['stat_type1']);
} else {
$stat_type1 = 0;
}
if (isset($_POST['stat_value1']) && $_POST['stat_value1'] != '') {
$stat_value1 = $sql->quote_smart($_POST['stat_value1']);
} else {
$stat_value1 = 0;
}
if (isset($_POST['stat_type2']) && $_POST['stat_type2'] != '') {
$stat_type2 = $sql->quote_smart($_POST['stat_type2']);
} else {
$stat_type2 = 0;
}
if (isset($_POST['stat_value2']) && $_POST['stat_value2'] != '') {
$stat_value2 = $sql->quote_smart($_POST['stat_value2']);
} else {
$stat_value2 = 0;
}
if (isset($_POST['stat_type3']) && $_POST['stat_type3'] != '') {
$stat_type3 = $sql->quote_smart($_POST['stat_type3']);
} else {
$stat_type3 = 0;
}
if (isset($_POST['stat_value3']) && $_POST['stat_value3'] != '') {
$stat_value3 = $sql->quote_smart($_POST['stat_value3']);
} else {
$stat_value3 = 0;
}
if (isset($_POST['stat_type4']) && $_POST['stat_type4'] != '') {
$stat_type4 = $sql->quote_smart($_POST['stat_type4']);
} else {
$stat_type4 = 0;
}
if (isset($_POST['stat_value4']) && $_POST['stat_value4'] != '') {
$stat_value4 = $sql->quote_smart($_POST['stat_value4']);
} else {
$stat_value4 = 0;
}
if (isset($_POST['stat_type5']) && $_POST['stat_type5'] != '') {
$stat_type5 = $sql->quote_smart($_POST['stat_type5']);
} else {
$stat_type5 = 0;
}
if (isset($_POST['stat_value5']) && $_POST['stat_value5'] != '') {
$stat_value5 = $sql->quote_smart($_POST['stat_value5']);
} else {
$stat_value5 = 0;
}
if (isset($_POST['stat_type6']) && $_POST['stat_type6'] != '') {
$stat_type6 = $sql->quote_smart($_POST['stat_type6']);
} else {
$stat_type6 = 0;
}
if (isset($_POST['stat_value6']) && $_POST['stat_value6'] != '') {
$stat_value6 = $sql->quote_smart($_POST['stat_value6']);
} else {
$stat_value6 = 0;
}
if (isset($_POST['stat_type7']) && $_POST['stat_type7'] != '') {
$stat_type7 = $sql->quote_smart($_POST['stat_type7']);
} else {
$stat_type7 = 0;
}
if (isset($_POST['stat_value7']) && $_POST['stat_value7'] != '') {
$stat_value7 = $sql->quote_smart($_POST['stat_value7']);
} else {
$stat_value7 = 0;
}
if (isset($_POST['stat_type8']) && $_POST['stat_type8'] != '') {
$stat_type8 = $sql->quote_smart($_POST['stat_type8']);
} else {
$stat_type8 = 0;
}
if (isset($_POST['stat_value8']) && $_POST['stat_value8'] != '') {
$stat_value8 = $sql->quote_smart($_POST['stat_value8']);
} else {
$stat_value8 = 0;
}
if (isset($_POST['stat_type9']) && $_POST['stat_type9'] != '') {
$stat_type9 = $sql->quote_smart($_POST['stat_type9']);
} else {
$stat_type9 = 0;
}
if (isset($_POST['stat_value9']) && $_POST['stat_value9'] != '') {
$stat_value9 = $sql->quote_smart($_POST['stat_value9']);
} else {
$stat_value9 = 0;
}
if (isset($_POST['stat_type10']) && $_POST['stat_type10'] != '') {
$stat_type10 = $sql->quote_smart($_POST['stat_type10']);
} else {
$stat_type10 = 0;
}
if (isset($_POST['stat_value10']) && $_POST['stat_value10'] != '') {
$stat_value10 = $sql->quote_smart($_POST['stat_value10']);
} else {
$stat_value10 = 0;
}
if (isset($_POST['dmg_min1']) && $_POST['dmg_min1'] != '') {
$dmg_min1 = $sql->quote_smart($_POST['dmg_min1']);
} else {
$dmg_min1 = 0;
}
if (isset($_POST['dmg_max1']) && $_POST['dmg_max1'] != '') {
$dmg_max1 = $sql->quote_smart($_POST['dmg_max1']);
} else {
$dmg_max1 = 0;
}
if (isset($_POST['dmg_type1']) && $_POST['dmg_type1'] != '') {
$dmg_type1 = $sql->quote_smart($_POST['dmg_type1']);
} else {
$dmg_type1 = 0;
}
if (isset($_POST['dmg_min2']) && $_POST['dmg_min2'] != '') {
$dmg_min2 = $sql->quote_smart($_POST['dmg_min2']);
} else {
$dmg_min2 = 0;
}
if (isset($_POST['dmg_max2']) && $_POST['dmg_max2'] != '') {
$dmg_max2 = $sql->quote_smart($_POST['dmg_max2']);
} else {
$dmg_max2 = 0;
}
if (isset($_POST['dmg_type2']) && $_POST['dmg_type2'] != '') {
$dmg_type2 = $sql->quote_smart($_POST['dmg_type2']);
} else {
$dmg_type2 = 0;
}
if (isset($_POST['armor']) && $_POST['armor'] != '') {
$armor = $sql->quote_smart($_POST['armor']);
} else {
$armor = 0;
}
if (isset($_POST['holy_res']) && $_POST['holy_res'] != '') {
$holy_res = $sql->quote_smart($_POST['holy_res']);
} else {
$holy_res = 0;
}
if (isset($_POST['fire_res']) && $_POST['fire_res'] != '') {
$fire_res = $sql->quote_smart($_POST['fire_res']);
} else {
$fire_res = 0;
}
if (isset($_POST['nature_res']) && $_POST['nature_res'] != '') {
$nature_res = $sql->quote_smart($_POST['nature_res']);
} else {
$nature_res = 0;
}
if (isset($_POST['frost_res']) && $_POST['frost_res'] != '') {
$frost_res = $sql->quote_smart($_POST['frost_res']);
} else {
$frost_res = 0;
}
if (isset($_POST['shadow_res']) && $_POST['shadow_res'] != '') {
$shadow_res = $sql->quote_smart($_POST['shadow_res']);
} else {
$shadow_res = 0;
}
if (isset($_POST['arcane_res']) && $_POST['arcane_res'] != '') {
$arcane_res = $sql->quote_smart($_POST['arcane_res']);
} else {
$arcane_res = 0;
}
if (isset($_POST['delay']) && $_POST['delay'] != '') {
$delay = $sql->quote_smart($_POST['delay']);
} else {
$delay = 0;
}
if (isset($_POST['ammo_type']) && $_POST['ammo_type'] != '') {
$ammo_type = $sql->quote_smart($_POST['ammo_type']);
} else {
$ammo_type = 0;
}
if (isset($_POST['RangedModRange']) && $_POST['RangedModRange'] != '') {
$RangedModRange = $sql->quote_smart($_POST['RangedModRange']);
} else {
$RangedModRange = 0;
}
if (isset($_POST['spellid_1']) && $_POST['spellid_1'] != '') {
$spellid_1 = $sql->quote_smart($_POST['spellid_1']);
} else {
$spellid_1 = 0;
}
if (isset($_POST['spelltrigger_1']) && $_POST['spelltrigger_1'] != '') {
$spelltrigger_1 = $sql->quote_smart($_POST['spelltrigger_1']);
} else {
$spelltrigger_1 = 0;
}
if (isset($_POST['spellcharges_1']) && $_POST['spellcharges_1'] != '') {
$spellcharges_1 = $sql->quote_smart($_POST['spellcharges_1']);
} else {
$spellcharges_1 = 0;
}
if (isset($_POST['spellcooldown_1']) && $_POST['spellcooldown_1'] != '') {
$spellcooldown_1 = $sql->quote_smart($_POST['spellcooldown_1']);
} else {
$spellcooldown_1 = -1;
}
if (isset($_POST['spellcategory_1']) && $_POST['spellcategory_1'] != '') {
$spellcategory_1 = $sql->quote_smart($_POST['spellcategory_1']);
} else {
$spellcategory_1 = 0;
}
if (isset($_POST['spellcategorycooldown_1']) && $_POST['spellcategorycooldown_1'] != '') {
$spellcategorycooldown_1 = $sql->quote_smart($_POST['spellcategorycooldown_1']);
} else {
$spellcategorycooldown_1 = -1;
}
if (isset($_POST['spellppmRate_1']) && $_POST['spellppmRate_1'] != '') {
$spellppmRate_1 = $sql->quote_smart($_POST['spellppmRate_1']);
} else {
$spellppmRate_1 = 0;
}
if (isset($_POST['spellid_2']) && $_POST['spellid_2'] != '') {
$spellid_2 = $sql->quote_smart($_POST['spellid_2']);
} else {
$spellid_2 = 0;
}
if (isset($_POST['spelltrigger_2']) && $_POST['spelltrigger_2'] != '') {
$spelltrigger_2 = $sql->quote_smart($_POST['spelltrigger_2']);
} else {
$spelltrigger_2 = 0;
}
if (isset($_POST['spellcharges_2']) && $_POST['spellcharges_2'] != '') {
$spellcharges_2 = $sql->quote_smart($_POST['spellcharges_2']);
} else {
$spellcharges_2 = 0;
}
if (isset($_POST['spellcooldown_2']) && $_POST['spellcooldown_2'] != '') {
$spellcooldown_2 = $sql->quote_smart($_POST['spellcooldown_2']);
} else {
$spellcooldown_2 = -1;
}
if (isset($_POST['spellcategory_2']) && $_POST['spellcategory_2'] != '') {
$spellcategory_2 = $sql->quote_smart($_POST['spellcategory_2']);
} else {
$spellcategory_2 = 0;
}
if (isset($_POST['spellcategorycooldown_2']) && $_POST['spellcategorycooldown_2'] != '') {
$spellcategorycooldown_2 = $sql->quote_smart($_POST['spellcategorycooldown_2']);
} else {
$spellcategorycooldown_2 = -1;
}
if (isset($_POST['spellppmRate_2']) && $_POST['spellppmRate_2'] != '') {
$spellppmRate_2 = $sql->quote_smart($_POST['spellppmRate_2']);
} else {
$spellppmRate_2 = 0;
}
if (isset($_POST['spellid_3']) && $_POST['spellid_3'] != '') {
$spellid_3 = $sql->quote_smart($_POST['spellid_3']);
} else {
$spellid_3 = 0;
}
if (isset($_POST['spelltrigger_3']) && $_POST['spelltrigger_3'] != '') {
$spelltrigger_3 = $sql->quote_smart($_POST['spelltrigger_3']);
} else {
$spelltrigger_3 = 0;
}
if (isset($_POST['spellcharges_3']) && $_POST['spellcharges_3'] != '') {
$spellcharges_3 = $sql->quote_smart($_POST['spellcharges_3']);
} else {
$spellcharges_3 = 0;
}
if (isset($_POST['spellcooldown_3']) && $_POST['spellcooldown_3'] != '') {
$spellcooldown_3 = $sql->quote_smart($_POST['spellcooldown_3']);
} else {
$spellcooldown_3 = -1;
}
if (isset($_POST['spellcategory_3']) && $_POST['spellcategory_3'] != '') {
$spellcategory_3 = $sql->quote_smart($_POST['spellcategory_3']);
} else {
$description = 0;
}
if (isset($_POST['spellcategorycooldown_3']) && $_POST['spellcategorycooldown_3'] != '') {
$spellcategorycooldown_3 = $sql->quote_smart($_POST['spellcategorycooldown_3']);
} else {
$spellcategorycooldown_3 = -1;
}
if (isset($_POST['spellppmRate_3']) && $_POST['spellppmRate_3'] != '') {
$spellppmRate_3 = $sql->quote_smart($_POST['spellppmRate_3']);
} else {
$spellppmRate_3 = 0;
}
if (isset($_POST['spellid_4']) && $_POST['spellid_4'] != '') {
$spellid_4 = $sql->quote_smart($_POST['spellid_4']);
} else {
$spellid_4 = 0;
}
if (isset($_POST['spelltrigger_4']) && $_POST['spelltrigger_4'] != '') {
$spelltrigger_4 = $sql->quote_smart($_POST['spelltrigger_4']);
} else {
$spelltrigger_4 = 0;
}
if (isset($_POST['spellcharges_4']) && $_POST['spellcharges_4'] != '') {
$spellcharges_4 = $sql->quote_smart($_POST['spellcharges_4']);
} else {
$spellcharges_4 = 0;
}
if (isset($_POST['spellcooldown_4']) && $_POST['spellcooldown_4'] != '') {
$spellcooldown_4 = $sql->quote_smart($_POST['spellcooldown_4']);
} else {
$spellcooldown_4 = -1;
}
if (isset($_POST['spellcategory_4']) && $_POST['spellcategory_4'] != '') {
$spellcategory_4 = $sql->quote_smart($_POST['spellcategory_4']);
} else {
$spellcategory_4 = 0;
}
if (isset($_POST['spellcategorycooldown_4']) && $_POST['spellcategorycooldown_4'] != '') {
$spellcategorycooldown_4 = $sql->quote_smart($_POST['spellcategorycooldown_4']);
} else {
$spellcategorycooldown_4 = -1;
}
if (isset($_POST['spellppmRate_4']) && $_POST['spellppmRate_4'] != '') {
$spellppmRate_4 = $sql->quote_smart($_POST['spellppmRate_4']);
} else {
$spellppmRate_4 = 0;
}
if (isset($_POST['spellid_5']) && $_POST['spellid_5'] != '') {
$spellid_5 = $sql->quote_smart($_POST['spellid_5']);
} else {
$spellid_5 = 0;
}
if (isset($_POST['spelltrigger_5']) && $_POST['spelltrigger_5'] != '') {
$spelltrigger_5 = $sql->quote_smart($_POST['spelltrigger_5']);
} else {
$spelltrigger_5 = 0;
}
if (isset($_POST['spellcharges_5']) && $_POST['spellcharges_5'] != '') {
$spellcharges_5 = $sql->quote_smart($_POST['spellcharges_5']);
} else {
$spellcharges_5 = 0;
}
if (isset($_POST['spellcooldown_5']) && $_POST['spellcooldown_5'] != '') {
$spellcooldown_5 = $sql->quote_smart($_POST['spellcooldown_5']);
} else {
$spellcooldown_5 = -1;
}
if (isset($_POST['spellcategory_5']) && $_POST['spellcategory_5'] != '') {
$spellcategory_5 = $sql->quote_smart($_POST['spellcategory_5']);
} else {
$spellcategory_5 = 0;
}
if (isset($_POST['spellcategorycooldown_5']) && $_POST['spellcategorycooldown_5'] != '') {
$spellcategorycooldown_5 = $sql->quote_smart($_POST['spellcategorycooldown_5']);
} else {
$spellcategorycooldown_5 = -1;
}
if (isset($_POST['spellppmRate_5']) && $_POST['spellppmRate_5'] != '') {
$spellppmRate_5 = $sql->quote_smart($_POST['spellppmRate_5']);
} else {
$spellppmRate_5 = 0;
}
if (isset($_POST['bonding']) && $_POST['bonding'] != '') {
$bonding = $sql->quote_smart($_POST['bonding']);
} else {
$bonding = 0;
}
if (isset($_POST['description']) && $_POST['description'] != '') {
$description = $sql->quote_smart($_POST['description']);
} else {
$description = "";
}
if (isset($_POST['PageText']) && $_POST['PageText'] != '') {
$PageText = $sql->quote_smart($_POST['PageText']);
} else {
$PageText = 0;
}
if (isset($_POST['LanguageID']) && $_POST['LanguageID'] != '') {
$LanguageID = $sql->quote_smart($_POST['LanguageID']);
} else {
$LanguageID = 0;
}
if (isset($_POST['PageMaterial']) && $_POST['PageMaterial'] != '') {
$PageMaterial = $sql->quote_smart($_POST['PageMaterial']);
} else {
$PageMaterial = 0;
}
if (isset($_POST['startquest']) && $_POST['startquest'] != '') {
$startquest = $sql->quote_smart($_POST['startquest']);
} else {
$startquest = 0;
}
if (isset($_POST['lockid']) && $_POST['lockid'] != '') {
$lockid = $sql->quote_smart($_POST['lockid']);
} else {
$lockid = 0;
}
if (isset($_POST['Material']) && $_POST['Material'] != '') {
$Material = $sql->quote_smart($_POST['Material']);
} else {
$Material = 0;
}
if (isset($_POST['sheath']) && $_POST['sheath'] != '') {
$sheath = $sql->quote_smart($_POST['sheath']);
} else {
$sheath = 0;
}
if (isset($_POST['RandomProperty']) && $_POST['RandomProperty'] != '') {
$RandomProperty = $sql->quote_smart($_POST['RandomProperty']);
} else {
$RandomProperty = 0;
}
if (isset($_POST['block ']) && $_POST['block '] != '') {
$block = $sql->quote_smart($_POST['block']);
} else {
$block = 0;
}
if (isset($_POST['itemset']) && $_POST['itemset'] != '') {
$itemset = $sql->quote_smart($_POST['itemset']);
} else {
$itemset = 0;
}
if (isset($_POST['MaxDurability']) && $_POST['MaxDurability'] != '') {
$MaxDurability = $sql->quote_smart($_POST['MaxDurability']);
} else {
$MaxDurability = 0;
}
if (isset($_POST['area']) && $_POST['area'] != '') {
$area = $sql->quote_smart($_POST['area']);
} else {
$area = 0;
}
if (isset($_POST['BagFamily']) && $_POST['BagFamily'] != '') {
$BagFamily = $sql->quote_smart($_POST['BagFamily']);
} else {
$BagFamily = 0;
}
if (isset($_POST['Map']) && $_POST['Map'] != '') {
$Map = $sql->quote_smart($_POST['Map']);
} else {
$Map = 0;
}
if (isset($_POST['ScriptName']) && $_POST['ScriptName'] != '') {
$ScriptName = $sql->quote_smart($_POST['ScriptName']);
} else {
$ScriptName = 0;
}
if (isset($_POST['DisenchantID']) && $_POST['DisenchantID'] != '') {
$DisenchantID = $sql->quote_smart($_POST['DisenchantID']);
} else {
$DisenchantID = 0;
}
if (isset($_POST['RequiredDisenchantSkill']) && $_POST['RequiredDisenchantSkill'] != '') {
$RequiredDisenchantSkill = $sql->quote_smart($_POST['RequiredDisenchantSkill']);
} else {
$RequiredDisenchantSkill = -1;
}
if (isset($_POST['unk0']) && $_POST['unk0'] != '') {
$unk0 = $sql->quote_smart($_POST['unk0']);
} else {
$unk0 = -1;
}
if (isset($_POST['RandomSuffix']) && $_POST['RandomSuffix'] != '') {
$RandomSuffix = $sql->quote_smart($_POST['RandomSuffix']);
} else {
$RandomSuffix = 0;
}
if (isset($_POST['TotemCategory']) && $_POST['TotemCategory'] != '') {
$TotemCategory = $sql->quote_smart($_POST['TotemCategory']);
} else {
$TotemCategory = 0;
}
if (isset($_POST['socketColor_1']) && $_POST['socketColor_1'] != '') {
$socketColor_1 = $sql->quote_smart($_POST['socketColor_1']);
} else {
$socketColor_1 = 0;
}
if (isset($_POST['socketContent_1']) && $_POST['socketContent_1'] != '') {
$socketContent_1 = $sql->quote_smart($_POST['socketContent_1']);
} else {
$socketContent_1 = 0;
}
if (isset($_POST['socketColor_2']) && $_POST['socketColor_2'] != '') {
$socketColor_2 = $sql->quote_smart($_POST['socketColor_2']);
} else {
$socketColor_2 = 0;
}
if (isset($_POST['socketContent_2']) && $_POST['socketContent_2'] != '') {
$socketContent_2 = $sql->quote_smart($_POST['socketContent_2']);
} else {
$socketContent_2 = 0;
}
if (isset($_POST['socketColor_3']) && $_POST['socketColor_3'] != '') {
$socketColor_3 = $sql->quote_smart($_POST['socketColor_3']);
} else {
$socketColor_3 = 0;
}
if (isset($_POST['socketContent_3']) && $_POST['socketContent_3'] != '') {
$socketContent_3 = $sql->quote_smart($_POST['socketContent_3']);
} else {
$socketContent_3 = 0;
}
if (isset($_POST['socketBonus']) && $_POST['socketBonus'] != '') {
$socketBonus = $sql->quote_smart($_POST['socketBonus']);
} else {
$socketBonus = 0;
}
if (isset($_POST['GemProperties']) && $_POST['GemProperties'] != '') {
$GemProperties = $sql->quote_smart($_POST['GemProperties']);
} else {
$GemProperties = 0;
}
if (isset($_POST['ArmorDamageModifier']) && $_POST['ArmorDamageModifier'] != '') {
$ArmorDamageModifier = $sql->quote_smart($_POST['ArmorDamageModifier']);
} else {
$ArmorDamageModifier = 0;
}
if (isset($_POST['de_ChanceOrQuestChance']) && $_POST['de_ChanceOrQuestChance'] != '') {
$de_ChanceOrQuestChance = $sql->quote_smart($_POST['de_ChanceOrQuestChance']);
} else {
$de_ChanceOrQuestChance = 0;
}
if (isset($_POST['de_groupid']) && $_POST['de_groupid'] != '') {
$de_groupid = $sql->quote_smart($_POST['de_groupid']);
} else {
$de_groupid = 0;
}
if (isset($_POST['de_mincountOrRef']) && $_POST['de_mincountOrRef'] != '') {
$de_mincountOrRef = $sql->quote_smart($_POST['de_mincountOrRef']);
} else {
$de_mincountOrRef = 0;
}
if (isset($_POST['de_maxcount']) && $_POST['de_maxcount'] != '') {
$de_maxcount = $sql->quote_smart($_POST['de_maxcount']);
} else {
$de_maxcount = 0;
}
if (isset($_POST['de_lootcondition']) && $_POST['de_lootcondition'] != '') {
$de_lootcondition = $sql->quote_smart($_POST['de_lootcondition']);
} else {
$de_lootcondition = 0;
}
if (isset($_POST['de_condition_value1']) && $_POST['de_condition_value1'] != '') {
$de_condition_value1 = $sql->quote_smart($_POST['de_condition_value1']);
} else {
$de_condition_value1 = 0;
}
if (isset($_POST['de_condition_value2']) && $_POST['de_condition_value2'] != '') {
$de_condition_value2 = $sql->quote_smart($_POST['de_condition_value2']);
} else {
$de_condition_value2 = 0;
}
if (isset($_POST['de_item']) && $_POST['de_item'] != '') {
$de_item = $sql->quote_smart($_POST['de_item']);
} else {
$de_item = 0;
}
if (isset($_POST['del_de_items']) && $_POST['del_de_items'] != '') {
$del_de_items = $sql->quote_smart($_POST['del_de_items']);
} else {
$del_de_items = NULL;
}
$tmp = 0;
if ($AllowableClass[0] != -1) {
for ($t = 0; $t < count($AllowableClass); $t++) {
if ($AllowableClass[$t] & 1) {
$tmp = $tmp + 1;
}
if ($AllowableClass[$t] & 2) {
$tmp = $tmp + 2;
}
if ($AllowableClass[$t] & 4) {
$tmp = $tmp + 4;
}
if ($AllowableClass[$t] & 8) {
$tmp = $tmp + 8;
}
if ($AllowableClass[$t] & 16) {
$tmp = $tmp + 16;
}
if ($AllowableClass[$t] & 32) {
$tmp = $tmp + 32;
}
if ($AllowableClass[$t] & 64) {
$tmp = $tmp + 64;
}
if ($AllowableClass[$t] & 128) {
$tmp = $tmp + 128;
}
if ($AllowableClass[$t] & 256) {
$tmp = $tmp + 256;
}
if ($AllowableClass[$t] & 512) {
$tmp = $tmp + 512;
}
if ($AllowableClass[$t] & 1024) {
$tmp = $tmp + 1024;
}
}
}
if ($tmp) {
$AllowableClass = $tmp;
} else {
$AllowableClass = -1;
}
$tmp = 0;
if ($AllowableRace[0] != -1) {
for ($t = 0; $t < count($AllowableRace); $t++) {
if ($AllowableRace[$t] & 1) {
$tmp = $tmp + 1;
}
if ($AllowableRace[$t] & 2) {
$tmp = $tmp + 2;
}
if ($AllowableRace[$t] & 4) {
$tmp = $tmp + 4;
}
if ($AllowableRace[$t] & 8) {
$tmp = $tmp + 8;
}
if ($AllowableRace[$t] & 16) {
$tmp = $tmp + 16;
}
if ($AllowableRace[$t] & 32) {
$tmp = $tmp + 32;
}
if ($AllowableRace[$t] & 64) {
$tmp = $tmp + 64;
}
if ($AllowableRace[$t] & 128) {
$tmp = $tmp + 128;
}
if ($AllowableRace[$t] & 256) {
$tmp = $tmp + 256;
}
if ($AllowableRace[$t] & 512) {
$tmp = $tmp + 512;
}
}
}
if ($tmp) {
$AllowableRace = $tmp;
} else {
$AllowableRace = -1;
}
if ($_POST['type'] == "add_new") {
$sql_query = "INSERT INTO item_template (entry, class, subclass, name,displayid, Quality, Flags, BuyCount, BuyPrice, SellPrice, InventoryType, AllowableClass, AllowableRace, ItemLevel,\n RequiredLevel, RequiredSkill, RequiredSkillRank, requiredspell, requiredhonorrank, RequiredCityRank, RequiredReputationFaction, RequiredReputationRank, maxcount, stackable, ContainerSlots, stat_type1,\n stat_value1, stat_type2, stat_value2, stat_type3, stat_value3, stat_type4, stat_value4, stat_type5, stat_value5, stat_type6, stat_value6, stat_type7, stat_value7, stat_type8, stat_value8, stat_type9,\n stat_value9, stat_type10, stat_value10, dmg_min1, dmg_max1, dmg_type1, dmg_min2, dmg_max2, dmg_type2, armor, holy_res, fire_res, nature_res, frost_res, shadow_res, arcane_res, delay, ammo_type,\n RangedModRange, spellid_1, spelltrigger_1, spellcharges_1, spellppmRate_1, spellcooldown_1, spellcategory_1, spellcategorycooldown_1,\n spellid_2, spelltrigger_2, spellcharges_2, spellppmRate_2, spellcooldown_2, spellcategory_2, spellcategorycooldown_2, spellid_3, spelltrigger_3, spellcharges_3, spellppmRate_3, spellcooldown_3, spellcategory_3, spellcategorycooldown_3,\n spellid_4, spelltrigger_4, spellcharges_4, spellppmRate_4, spellcooldown_4, spellcategory_4, spellcategorycooldown_4, spellid_5, spelltrigger_5, spellcharges_5, spellppmRate_5, spellcooldown_5, spellcategory_5, spellcategorycooldown_5,\n bonding, description, PageText, LanguageID, PageMaterial, startquest, lockid, Material, sheath, RandomProperty, block, itemset, MaxDurability, area, BagFamily, Map, ScriptName, DisenchantID,RequiredDisenchantSkill,\n ArmorDamageModifier,unk0,RandomSuffix,TotemCategory, socketColor_1, socketContent_1, socketColor_2, socketContent_2, socketColor_3, socketContent_3, socketBonus, GemProperties)\n VALUES ('{$entry}', '{$class}', '{$subclass}', '{$name}','{$displayid}', '{$Quality}', '{$Flags}', '{$BuyCount}', '{$BuyPrice}', '{$SellPrice}', '{$InventoryType}', '{$AllowableClass}', '{$AllowableRace}', '{$ItemLevel}', '{$RequiredLevel}',\n '{$RequiredSkill}', '{$RequiredSkillRank}', '{$requiredspell}', '{$requiredhonorrank}', '{$RequiredCityRank}', '{$RequiredReputationFaction}', '{$RequiredReputationRank}', '{$maxcount}', '{$stackable}', '{$ContainerSlots}', '{$stat_type1}',\n '{$stat_value1}', '{$stat_type2}', '{$stat_value2}', '{$stat_type3}', '{$stat_value3}', '{$stat_type4}', '{$stat_value4}', '{$stat_type5}', '{$stat_value5}', '{$stat_type6}', '{$stat_value6}', '{$stat_type7}', '{$stat_value7}', '{$stat_type8}', '{$stat_value8}',\n '{$stat_type9}', '{$stat_value9}', '{$stat_type10}', '{$stat_value10}', '{$dmg_min1}', '{$dmg_max1}', '{$dmg_type1}', '{$dmg_min2}', '{$dmg_max2}', '{$dmg_type2}', '{$armor}', '{$holy_res}', '{$fire_res}', '{$nature_res}', '{$frost_res}', '{$shadow_res}', '{$arcane_res}', '{$delay}', '{$ammo_type}', '{$RangedModRange}', '{$spellid_1}', '{$spelltrigger_1}', '{$spellcharges_1}', '{$spellppmRate_1}', '{$spellcooldown_1}',\n '{$spellcategory_1}', '{$spellcategorycooldown_1}', '{$spellid_2}', '{$spelltrigger_2}', '{$spellcharges_2}', '{$spellppmRate_2}', '{$spellcooldown_2}', '{$spellcategory_2}', '{$spellcategorycooldown_2}', '{$spellid_3}', '{$spelltrigger_3}', '{$spellcharges_3}', '{$spellppmRate_3}',\n '{$spellcooldown_3}', '{$spellcategory_3}', '{$spellcategorycooldown_3}', '{$spellid_4}', '{$spelltrigger_4}', '{$spellcharges_4}', '{$spellppmRate_4}', '{$spellcooldown_4}', '{$spellcategory_4}', '{$spellcategorycooldown_4}', '{$spellid_5}', '{$spelltrigger_5}',\n '{$spellcharges_5}', '{$spellppmRate_5}', '{$spellcooldown_5}', '{$spellcategory_5}', '{$spellcategorycooldown_5}', '{$bonding}', '{$description}', '{$PageText}', '{$LanguageID}', '{$PageMaterial}', '{$startquest}', '{$lockid}', '{$Material}', '{$sheath}', '{$RandomProperty}', '{$block}',\n '{$itemset}', '{$MaxDurability}', '{$area}', '{$BagFamily}', '{$Map}', '{$ScriptName}', '{$DisenchantID}', '{$RequiredDisenchantSkill}','{$ArmorDamageModifier}','{$unk0}','{$RandomSuffix}', '{$TotemCategory}', '{$socketColor_1}', '{$socketContent_1}', '{$socketColor_2}',\n '{$socketContent_2}', '{$socketColor_3}', '{$socketContent_3}', '{$socketBonus}', '{$GemProperties}')";
} elseif ($_POST['type'] == "edit") {
$sql_query = "UPDATE item_template SET ";
$result = $sql->query("SELECT `item_template`.`entry`,`class`,`subclass`,`unk0`,IFNULL(" . ($deplang != 0 ? "name_loc{$deplang}" : "NULL") . ",`name`) as name,`displayid`,`Quality`,`Flags`,`BuyCount`,`BuyPrice`,`SellPrice`,`InventoryType`,`AllowableClass`,`AllowableRace`,`ItemLevel`,`RequiredLevel`,`RequiredSkill`,`RequiredSkillRank`,`requiredspell`,`requiredhonorrank`,`RequiredCityRank`,`RequiredReputationFaction`,`RequiredReputationRank`,`maxcount`,`stackable`,`ContainerSlots`,`stat_type1`,`stat_value1`,`stat_type2`,`stat_value2`,`stat_type3`,`stat_value3`,`stat_type4`,`stat_value4`,`stat_type5`,`stat_value5`,`stat_type6`,`stat_value6`,`stat_type7`,`stat_value7`,`stat_type8`,`stat_value8`,`stat_type9`,`stat_value9`,`stat_type10`,`stat_value10`,`dmg_min1`,`dmg_max1`,`dmg_type1`,`dmg_min2`,`dmg_max2`,`dmg_type2`,`armor`,`holy_res`,`fire_res`,`nature_res`,`frost_res`,`shadow_res`,`arcane_res`,`delay`,`ammo_type`,`RangedModRange`,`spellid_1`,`spelltrigger_1`,`spellcharges_1`,`spellppmRate_1`,`spellcooldown_1`,`spellcategory_1`,`spellcategorycooldown_1`,`spellid_2`,`spelltrigger_2`,`spellcharges_2`,`spellppmRate_2`,`spellcooldown_2`,`spellcategory_2`,`spellcategorycooldown_2`,`spellid_3`,`spelltrigger_3`,`spellcharges_3`,`spellppmRate_3`,`spellcooldown_3`,`spellcategory_3`,`spellcategorycooldown_3`,`spellid_4`,`spelltrigger_4`,`spellcharges_4`,`spellppmRate_4`,`spellcooldown_4`,`spellcategory_4`,`spellcategorycooldown_4`,`spellid_5`,`spelltrigger_5`,`spellcharges_5`,`spellppmRate_5`,`spellcooldown_5`,`spellcategory_5`,`spellcategorycooldown_5`,`bonding`,`description`,`PageText`,`LanguageID`,`PageMaterial`,`startquest`,`lockid`,`Material`,`sheath`,`RandomProperty`,`RandomSuffix`,`block`,`itemset`,`MaxDurability`,`area`,`Map`,`BagFamily`,`TotemCategory`,`socketColor_1`,`socketContent_1`,`socketColor_2`,`socketContent_2`,`socketColor_3`,`socketContent_3`,`socketBonus`,`GemProperties`,`RequiredDisenchantSkill`,`ArmorDamageModifier`,`ScriptName`,`DisenchantID`,`FoodType`,`minMoneyLoot`,`maxMoneyLoot` FROM item_template LEFT JOIN locales_item ON item_template.entry = locales_item.entry WHERE item_template.entry = '{$entry}'");
if ($item_templ = $sql->fetch_assoc($result)) {
if ($item_templ['class'] != $class) {
$sql_query .= "class='{$class}',";
}
if ($item_templ['subclass'] != $subclass) {
$sql_query .= "subclass='{$subclass}',";
}
if ($item_templ['name'] != $name) {
$sql_query .= "name='{$name}',";
}
if ($item_templ['displayid'] != $displayid) {
$sql_query .= "displayid='{$displayid}',";
}
if ($item_templ['Quality'] != $Quality) {
$sql_query .= "Quality='{$Quality}',";
}
if ($item_templ['Flags'] != $Flags) {
$sql_query .= "Flags='{$Flags}',";
}
if ($item_templ['BuyCount'] != $BuyCount) {
$sql_query .= "BuyCount='{$BuyCount}',";
}
if ($item_templ['BuyPrice'] != $BuyPrice) {
$sql_query .= "BuyPrice='{$BuyPrice}',";
}
if ($item_templ['SellPrice'] != $SellPrice) {
$sql_query .= "SellPrice='{$SellPrice}',";
}
if ($item_templ['InventoryType'] != $InventoryType) {
$sql_query .= "InventoryType='{$InventoryType}',";
}
if ($item_templ['AllowableClass'] != $AllowableClass) {
$sql_query .= "AllowableClass='{$AllowableClass}',";
}
if ($item_templ['AllowableRace'] != $AllowableRace) {
$sql_query .= "AllowableRace='{$AllowableRace}',";
}
if ($item_templ['ItemLevel'] != $ItemLevel) {
$sql_query .= "ItemLevel='{$ItemLevel}',";
}
if ($item_templ['RequiredLevel'] != $RequiredLevel) {
$sql_query .= "RequiredLevel='{$RequiredLevel}',";
}
if ($item_templ['RequiredSkill'] != $RequiredSkill) {
$sql_query .= "RequiredSkill='{$RequiredSkill}',";
}
if ($item_templ['RequiredSkillRank'] != $RequiredSkillRank) {
$sql_query .= "RequiredSkillRank='{$RequiredSkillRank}',";
}
if ($item_templ['requiredspell'] != $requiredspell) {
$sql_query .= "requiredspell='{$requiredspell}',";
}
if ($item_templ['requiredhonorrank'] != $requiredhonorrank) {
$sql_query .= "requiredhonorrank='{$requiredhonorrank}',";
}
if ($item_templ['RequiredCityRank'] != $RequiredCityRank) {
$sql_query .= "RequiredCityRank='{$RequiredCityRank}',";
}
if ($item_templ['RequiredReputationFaction'] != $RequiredReputationFaction) {
$sql_query .= "RequiredReputationFaction='{$RequiredReputationFaction}',";
}
if ($item_templ['RequiredReputationRank'] != $RequiredReputationRank) {
$sql_query .= "RequiredReputationRank='{$RequiredReputationRank}',";
}
if ($item_templ['maxcount'] != $maxcount) {
$sql_query .= "maxcount='{$maxcount}',";
}
if ($item_templ['stackable'] != $stackable) {
$sql_query .= "stackable='{$stackable}',";
}
if ($item_templ['ContainerSlots'] != $ContainerSlots) {
$sql_query .= "ContainerSlots='{$ContainerSlots}',";
}
if ($item_templ['stat_type1'] != $stat_type1) {
$sql_query .= "stat_type1='{$stat_type1}',";
}
if ($item_templ['stat_value1'] != $stat_value1) {
$sql_query .= "stat_value1='{$stat_value1}',";
}
if ($item_templ['stat_type2'] != $stat_type2) {
$sql_query .= "stat_type2='{$stat_type2}',";
}
if ($item_templ['stat_value2'] != $stat_value2) {
$sql_query .= "stat_value2='{$stat_value2}',";
}
if ($item_templ['stat_type3'] != $stat_type3) {
$sql_query .= "stat_type3='{$stat_type3}',";
}
if ($item_templ['stat_value3'] != $stat_value3) {
$sql_query .= "stat_value3='{$stat_value3}',";
}
if ($item_templ['stat_type4'] != $stat_type4) {
$sql_query .= "stat_type4='{$stat_type4}',";
}
if ($item_templ['stat_value4'] != $stat_value4) {
$sql_query .= "stat_value4='{$stat_value4}',";
}
if ($item_templ['stat_type5'] != $stat_type5) {
$sql_query .= "stat_type5='{$stat_type5}',";
}
if ($item_templ['stat_value5'] != $stat_value5) {
$sql_query .= "stat_value5='{$stat_value5}',";
}
if ($item_templ['stat_type6'] != $stat_type6) {
$sql_query .= "stat_type6='{$stat_type6}',";
}
if ($item_templ['stat_value6'] != $stat_value6) {
$sql_query .= "stat_value6='{$stat_value6}',";
}
if ($item_templ['stat_type7'] != $stat_type7) {
$sql_query .= "stat_type7='{$stat_type7}',";
}
if ($item_templ['stat_value7'] != $stat_value7) {
$sql_query .= "stat_value7='{$stat_value7}',";
}
if ($item_templ['stat_type8'] != $stat_type8) {
$sql_query .= "stat_type8='{$stat_type8}',";
}
if ($item_templ['stat_value8'] != $stat_value8) {
$sql_query .= "stat_value8='{$stat_value8}',";
}
if ($item_templ['stat_type9'] != $stat_type9) {
$sql_query .= "stat_type9='{$stat_type9}',";
}
if ($item_templ['stat_value9'] != $stat_value9) {
$sql_query .= "stat_value9='{$stat_value9}',";
}
if ($item_templ['stat_type10'] != $stat_type10) {
$sql_query .= "stat_type10='{$stat_type10}',";
}
if ($item_templ['stat_value10'] != $stat_value10) {
$sql_query .= "stat_value10='{$stat_value10}',";
}
if ($item_templ['dmg_min1'] != $dmg_min1) {
$sql_query .= "dmg_min1='{$dmg_min1}',";
}
if ($item_templ['dmg_max1'] != $dmg_max1) {
$sql_query .= "dmg_max1='{$dmg_max1}',";
}
if ($item_templ['dmg_type1'] != $dmg_type1) {
$sql_query .= "dmg_type1='{$dmg_type1}',";
}
if ($item_templ['dmg_min2'] != $dmg_min2) {
$sql_query .= "dmg_min2='{$dmg_min2}',";
}
if ($item_templ['dmg_max2'] != $dmg_max2) {
$sql_query .= "dmg_max2='{$dmg_max2}',";
}
if ($item_templ['dmg_type2'] != $dmg_type2) {
$sql_query .= "dmg_type2='{$dmg_type2}',";
}
if ($item_templ['armor'] != $armor) {
$sql_query .= "armor='{$armor}',";
}
if ($item_templ['holy_res'] != $holy_res) {
$sql_query .= "holy_res='{$holy_res}',";
}
if ($item_templ['fire_res'] != $fire_res) {
$sql_query .= "fire_res='{$fire_res}',";
}
if ($item_templ['nature_res'] != $nature_res) {
$sql_query .= "nature_res='{$nature_res}',";
}
if ($item_templ['frost_res'] != $frost_res) {
$sql_query .= "frost_res='{$frost_res}',";
}
if ($item_templ['shadow_res'] != $shadow_res) {
$sql_query .= "shadow_res='{$shadow_res}',";
}
if ($item_templ['arcane_res'] != $arcane_res) {
$sql_query .= "arcane_res='{$arcane_res}',";
}
if ($item_templ['delay'] != $delay) {
$sql_query .= "delay='{$delay}',";
}
if ($item_templ['ammo_type'] != $ammo_type) {
$sql_query .= "ammo_type='{$ammo_type}',";
}
if ($item_templ['RangedModRange'] != $RangedModRange) {
$sql_query .= "RangedModRange='{$RangedModRange}',";
}
if ($item_templ['spellid_1'] != $spellid_1) {
$sql_query .= "spellid_1='{$spellid_1}',";
}
if ($item_templ['spelltrigger_1'] != $spelltrigger_1) {
$sql_query .= "spelltrigger_1='{$spelltrigger_1}',";
}
if ($item_templ['spellcharges_1'] != $spellcharges_1) {
$sql_query .= "spellcharges_1='{$spellcharges_1}',";
}
if ($item_templ['spellppmRate_1'] != $spellppmRate_1) {
$sql_query .= "spellppmRate_1='{$spellppmRate_1}',";
}
if ($item_templ['spellcooldown_1'] != $spellcooldown_1) {
$sql_query .= "spellcooldown_1='{$spellcooldown_1}',";
}
if ($item_templ['spellcategory_1'] != $spellcategory_1) {
$sql_query .= "spellcategory_1='{$spellcategory_1}',";
}
if ($item_templ['spellcategorycooldown_1'] != $spellcategorycooldown_1) {
$sql_query .= "spellcategorycooldown_1='{$spellcategorycooldown_1}',";
}
if ($item_templ['spellid_2'] != $spellid_2) {
$sql_query .= "spellid_2='{$spellid_2}',";
}
if ($item_templ['spelltrigger_2'] != $spelltrigger_2) {
$sql_query .= "spelltrigger_2='{$spelltrigger_2}',";
}
if ($item_templ['spellcharges_2'] != $spellcharges_2) {
$sql_query .= "spellcharges_2='{$spellcharges_2}',";
}
if ($item_templ['spellppmRate_2'] != $spellppmRate_2) {
$sql_query .= "spellppmRate_2='{$spellppmRate_2}',";
}
if ($item_templ['spellcooldown_2'] != $spellcooldown_2) {
$sql_query .= "spellcooldown_2='{$spellcooldown_2}',";
}
if ($item_templ['spellcategory_2'] != $spellcategory_2) {
$sql_query .= "spellcategory_2='{$spellcategory_2}',";
}
if ($item_templ['spellcategorycooldown_2'] != $spellcategorycooldown_2) {
$sql_query .= "spellcategorycooldown_2='{$spellcategorycooldown_2}',";
}
if ($item_templ['spellid_3'] != $spellid_3) {
$sql_query .= "spellid_3='{$spellid_3}',";
}
if ($item_templ['spelltrigger_3'] != $spelltrigger_3) {
$sql_query .= "spelltrigger_3='{$spelltrigger_3}',";
}
if ($item_templ['spellcharges_3'] != $spellcharges_3) {
$sql_query .= "spellcharges_3='{$spellcharges_3}',";
}
if ($item_templ['spellppmRate_3'] != $spellppmRate_3) {
$sql_query .= "spellppmRate_3='{$spellppmRate_3}',";
}
if ($item_templ['spellcooldown_3'] != $spellcooldown_3) {
$sql_query .= "spellcooldown_3='{$spellcooldown_3}',";
}
if ($item_templ['spellcategory_3'] != $spellcategory_3) {
$sql_query .= "spellcategory_3='{$spellcategory_3}',";
}
if ($item_templ['spellcategorycooldown_3'] != $spellcategorycooldown_3) {
$sql_query .= "spellcategorycooldown_3='{$spellcategorycooldown_3}',";
}
if ($item_templ['spellid_4'] != $spellid_4) {
$sql_query .= "spellid_4='{$spellid_4}',";
}
if ($item_templ['spelltrigger_4'] != $spelltrigger_4) {
$sql_query .= "spelltrigger_4='{$spelltrigger_4}',";
}
if ($item_templ['spellcharges_4'] != $spellcharges_4) {
$sql_query .= "spellcharges_4='{$spellcharges_4}',";
}
if ($item_templ['spellppmRate_4'] != $spellppmRate_4) {
$sql_query .= "spellppmRate_4='{$spellppmRate_4}',";
}
if ($item_templ['spellcooldown_4'] != $spellcooldown_4) {
$sql_query .= "spellcooldown_4='{$spellcooldown_4}',";
}
if ($item_templ['spellcategory_4'] != $spellcategory_4) {
$sql_query .= "spellcategory_4='{$spellcategory_4}',";
}
if ($item_templ['spellcategorycooldown_4'] != $spellcategorycooldown_4) {
$sql_query .= "spellcategorycooldown_4='{$spellcategorycooldown_4}', ";
}
if ($item_templ['spellid_5'] != $spellid_5) {
$sql_query .= "spellid_5='{$spellid_5}',";
}
if ($item_templ['spelltrigger_5'] != $spelltrigger_5) {
$sql_query .= "spelltrigger_5='{$spelltrigger_5}',";
}
if ($item_templ['spellcharges_5'] != $spellcharges_5) {
$sql_query .= "spellcharges_5='{$spellcharges_5}',";
}
if ($item_templ['spellppmRate_5'] != $spellppmRate_5) {
$sql_query .= "spellppmRate_5='{$spellppmRate_5}',";
}
if ($item_templ['spellcooldown_5'] != $spellcooldown_5) {
$sql_query .= "spellcooldown_5='{$spellcooldown_5}',";
}
if ($item_templ['spellcategory_5'] != $spellcategory_5) {
$sql_query .= "spellcategory_5='{$spellcategory_5}',";
}
if ($item_templ['spellcategorycooldown_5'] != $spellcategorycooldown_5) {
$sql_query .= "spellcategorycooldown_5='{$spellcategorycooldown_5}',";
}
if ($item_templ['bonding'] != $bonding) {
$sql_query .= "bonding='{$bonding}',";
}
if ($item_templ['description'] != $description) {
$sql_query .= "description='{$description}',";
}
if ($item_templ['PageText'] != $PageText) {
$sql_query .= "PageText='{$PageText}',";
}
if ($item_templ['LanguageID'] != $LanguageID) {
$sql_query .= "LanguageID='{$LanguageID}',";
}
if ($item_templ['PageMaterial'] != $PageMaterial) {
$sql_query .= "PageMaterial='{$PageMaterial}',";
}
if ($item_templ['startquest'] != $startquest) {
$sql_query .= "startquest='{$startquest}',";
}
if ($item_templ['lockid'] != $lockid) {
$sql_query .= "lockid='{$lockid}',";
}
if ($item_templ['Material'] != $Material) {
$sql_query .= "Material='{$Material}',";
}
if ($item_templ['sheath'] != $sheath) {
$sql_query .= "sheath='{$sheath}',";
}
if ($item_templ['RandomProperty'] != $RandomProperty) {
$sql_query .= "RandomProperty='{$RandomProperty}',";
}
if ($item_templ['block'] != $block) {
$sql_query .= "block='{$block}',";
}
if ($item_templ['itemset'] != $itemset) {
$sql_query .= "itemset='{$itemset}',";
}
if ($item_templ['MaxDurability'] != $MaxDurability) {
$sql_query .= "MaxDurability='{$MaxDurability}',";
}
if ($item_templ['area'] != $area) {
$sql_query .= "area='{$area}',";
}
if ($item_templ['BagFamily'] != $BagFamily) {
$sql_query .= "BagFamily='{$BagFamily}',";
}
if ($item_templ['Map'] != $Map) {
$sql_query .= "Map='{$Map}',";
}
if ($item_templ['ScriptName'] != $ScriptName) {
$sql_query .= "ScriptName='{$ScriptName}',";
}
if ($item_templ['DisenchantID'] != $DisenchantID) {
$sql_query .= "DisenchantID='{$DisenchantID}',";
}
if ($item_templ['RequiredDisenchantSkill'] != $RequiredDisenchantSkill) {
$sql_query .= "RequiredDisenchantSkill='{$RequiredDisenchantSkill}',";
}
if ($item_templ['ArmorDamageModifier'] != $ArmorDamageModifier) {
$sql_query .= "ArmorDamageModifier='{$ArmorDamageModifier}',";
}
if ($item_templ['unk0'] != $unk0) {
$sql_query .= "unk0='{$unk0}',";
}
if ($item_templ['RandomSuffix'] != $RandomSuffix) {
$sql_query .= "RandomSuffix='{$RandomSuffix}',";
}
if ($item_templ['TotemCategory'] != $TotemCategory) {
$sql_query .= "TotemCategory='{$TotemCategory}',";
}
if ($item_templ['socketColor_1'] != $socketColor_1) {
$sql_query .= "socketColor_1='{$socketColor_1}',";
}
if ($item_templ['socketContent_1'] != $socketContent_1) {
$sql_query .= "socketContent_1='{$socketContent_1}',";
}
if ($item_templ['socketColor_2'] != $socketColor_2) {
$sql_query .= "socketColor_2='{$socketColor_2}',";
}
if ($item_templ['socketContent_2'] != $socketContent_2) {
$sql_query .= "socketContent_2='{$socketContent_2}',";
}
if ($item_templ['socketColor_3'] != $socketColor_3) {
$sql_query .= "socketColor_3='{$socketColor_3}',";
}
if ($item_templ['socketContent_3'] != $socketContent_3) {
$sql_query .= "socketContent_3='{$socketContent_3}',";
}
if ($item_templ['socketBonus'] != $socketBonus) {
$sql_query .= "socketBonus='{$socketBonus}',";
}
if ($item_templ['GemProperties'] != $GemProperties) {
$sql_query .= "GemProperties='{$GemProperties}',";
}
$sql->free_result($result);
unset($item_templ);
if ($sql_query == "UPDATE item_template SET " && !$de_item && !$del_de_items) {
$sql->close();
redirect("item.php?action=edit&entry={$entry}&error=6");
} else {
if ($sql_query != "UPDATE item_template SET ") {
$sql_query[strlen($sql_query) - 1] = " ";
$sql_query .= " WHERE entry = '{$entry}';\n";
} else {
$sql_query = "";
}
}
if ($de_item) {
$sql_query .= "INSERT INTO disenchant_loot_template (entry, item, ChanceOrQuestChance, `groupid`, mincountOrRef, maxcount, lootcondition, condition_value1, condition_value2)\n VALUES ({$DisenchantID},{$de_item},'{$de_ChanceOrQuestChance}', '{$de_groupid}' ,{$de_mincountOrRef} ,{$de_maxcount} ,{$de_lootcondition} ,{$de_condition_value1} ,{$de_condition_value2});\n";
}
if ($del_de_items) {
foreach ($del_de_items as $item_id) {
$sql_query .= "DELETE FROM disenchant_loot_template WHERE entry = {$DisenchantID} AND item = {$item_id};\n";
}
}
} else {
$sql->close();
redirect("item.php?error=5");
}
} else {
$sql->close();
redirect("item.php?error=5");
}
if (isset($_POST['backup_op']) && $_POST['backup_op'] == 1) {
$sql->close();
Header("Content-type: application/octet-stream");
Header("Content-Disposition: attachment; filename=itemid_{$entry}.sql");
echo $sql_query;
exit;
} else {
$sql_query = explode(';', $sql_query);
foreach ($sql_query as $tmp_query) {
if ($tmp_query && $tmp_query != "\n") {
$result = $sql->query($tmp_query);
}
}
$sql->close();
}
if ($result) {
redirect("item.php?action=edit&entry={$entry}&error=4");
} else {
redirect("item.php");
}
}
function doupdate_commands()
{
global $output, $realm_id, $world_db, $action_permission;
valid_login($action_permission['update']);
$sqlw = new SQL();
$sqlw->connect($world_db[$realm_id]['addr'], $world_db[$realm_id]['user'], $world_db[$realm_id]['pass'], $world_db[$realm_id]['name']);
if (isset($_GET['change'])) {
$change = $sqlw->quote_smart($_GET['change']);
} else {
redirect('command.php?error=1');
}
$commands = array_keys($change);
$n_commands = count($change);
for ($i = 0; $i < $n_commands; ++$i) {
$query = $sqlw->query('UPDATE command SET security = ' . $change[$commands[$i]] . ' WHERE name= \'' . $commands[$i] . '\'');
}
unset($n_commands);
unset($commands);
unset($change);
redirect('command.php');
}
function do_pass_activate()
{
global $lang_global, $realm_db;
if (empty($_GET['h']) || empty($_GET['p'])) {
redirect("register.php?action=pass_recovery&err=1");
}
$sql = new SQL();
$sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$pass = $sql->quote_smart(trim($_GET['p']));
$hash = $sql->quote_smart($_GET['h']);
$result = $sql->query("SELECT id,username FROM account WHERE sha_pass_hash = '{$hash}'");
if ($sql->num_rows($result) == 1) {
$username = $sql->result($result, 0, 'username');
$id = $sql->result($result, 0, 'id');
if (substr(sha1(strtoupper($sql->result($result, 0, 'username'))), 0, 7) == $pass) {
$sql->query("UPDATE account SET sha_pass_hash=SHA1(CONCAT(UPPER('{$username}'),':',UPPER('{$pass}'))), v=0, s=0 WHERE id = '{$id}'");
redirect("login.php");
}
} else {
redirect("register.php?action=pass_recovery&err=1");
}
redirect("register.php?action=pass_recovery&err=1");
}
<?php
require_once "header.php";
require_once "libs/char_lib.php";
valid_login($action_permission['read']);
//global $lang_honor, $lang_global, $output, $characters_db, $realm_id, $itemperpage, $realm_db;
$sql = new SQL();
$sql->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
$start = isset($_GET['start']) ? $sql->quote_smart($_GET['start']) : 0;
$order_by = isset($_GET['order_by']) ? $sql->quote_smart($_GET['order_by']) : "honor";
$query = $sql->query("SELECT C.guid, C.name, C.race, C.class, C.totalHonorPoints AS honor , C.totalKills AS kills, C.level, C.arenaPoints AS arena, COALESCE(guild_member.guildid,0) as GNAME, C.gender FROM characters C LEFT JOIN guild_member ON C.guid = guild_member.guid WHERE race in (1,3,4,7,11) ORDER BY {$order_by} DESC LIMIT 25;");
$this_page = $sql->num_rows($query);
$output .= "\r\n <script type=\"text/javascript\">\r\n answerbox.btn_ok='{$lang_global['yes_low']}';\r\n answerbox.btn_cancel='{$lang_global['no']}';\r\n </script>\r\n <center>\r\n <fieldset style=\"width: 776px;\">\r\n <legend><img src='img/alliance.gif' /></legend>\r\n <table class=\"lined\" style=\"width: 705px;\">\r\n <tr class=\"bold\">\r\n <td colspan=\"11\">{$lang_honor['allied']} {$lang_honor['browse_honor']}</td>\r\n </tr>\r\n <tr>\r\n <th width=\"30%\">{$lang_honor['guid']}</th>\r\n <th width=\"7%\">{$lang_honor['race']}</th>\r\n <th width=\"7%\">{$lang_honor['class']}</th>\r\n <th width=\"7%\">{$lang_honor['level']}</th>\r\n <th width=\"5%\"><a href=\"honor.php?order_by=honor\"" . ($order_by == 'honor' ? " class=DESC" : "") . ">{$lang_honor['honor']}</a></th>\r\n <th width=\"5%\"><a href=\"honor.php?order_by=honor\"" . ($order_by == 'honor' ? " class=DESC" : "") . ">{$lang_honor['honor points']}</a></th>\r\n <th width=\"5%\"><a href=\"honor.php?order_by=kills\"" . ($order_by == 'kills' ? " class=DESC" : "") . ">Kills</a></th>\r\n <th width=\"5%\"><a href=\"honor.php?order_by=arena\"" . ($order_by == 'arena' ? " class=DESC" : "") . ">AP</a></th>\r\n <th width=\"30%\">{$lang_honor['guild']}</th>\r\n </tr>";
while ($char = $sql->fetch_row($query)) {
$guild_name = $sql->fetch_row($sql->query("SELECT `name` FROM `guild` WHERE `guildid`=" . $char[8] . ";"));
$output .= "\r\n <tr>\r\n <td><a href=\"char.php?id={$char['0']}\">" . htmlentities($char[1]) . "</a></td>\r\n <td><img src='img/c_icons/{$char[2]}-{$char[9]}.gif' onmousemove='toolTip(\"" . char_get_race_name($char[2]) . "\",\"item_tooltip\")' onmouseout='toolTip()'></td>\r\n <td><img src='img/c_icons/{$char[3]}.gif' onmousemove='toolTip(\"" . char_get_class_name($char[3]) . "\",\"item_tooltip\")' onmouseout='toolTip()'></td>\r\n <td>" . char_get_level_color($char[6]) . "</td>\r\n <td><span onmouseover='toolTip(\"" . char_get_pvp_rank_name($char[4], char_get_side_id($char[2])) . "\",\"item_tooltip\")' onmouseout='toolTip()' style='color: white;'><img src='img/ranks/rank" . char_get_pvp_rank_id($char[4], char_get_side_id($char[2])) . ".gif'></span></td>\r\n <td>{$char['4']}</td>\r\n <td>{$char['5']}</td>\r\n <td>{$char['7']}</td>\r\n <td><a href=\"guild.php?action=view_guild&error=3&id={$char['8']}\">" . htmlentities($guild_name[0]) . "</a></td>\r\n </tr>";
}
$output .= "\r\n </table>\r\n <br />\r\n </fieldset>";
$query = $sql->query("SELECT C.guid, C.name, C.race, C.class, C.todayHonorPoints AS honor , C.totalKills AS kills, C.level, C.arenaPoints AS arena, COALESCE(guild_member.guildid,0) as GNAME, C.gender FROM characters C LEFT JOIN guild_member ON C.guid = guild_member.guid WHERE race not in (1,3,4,7,11) ORDER BY {$order_by} DESC LIMIT 25;");
$this_page = $sql->num_rows($query);
$output .= "\r\n <script type=\"text/javascript\">\r\n answerbox.btn_ok='{$lang_global['yes_low']}';\r\n answerbox.btn_cancel='{$lang_global['no']}';\r\n </script>\r\n <center>\r\n <fieldset style=\"width: 776px;\">\r\n <legend><img src='img/horde.gif' /></legend>\r\n <table class=\"lined\" style=\"width: 705px;\">\r\n <tr class=\"bold\">\r\n <td colspan=\"11\">{$lang_honor['horde']} {$lang_honor['browse_honor']}</td>\r\n </tr>\r\n <tr>\r\n <th width=\"30%\">{$lang_honor['guid']}</th>\r\n <th width=\"7%\">{$lang_honor['race']}</th>\r\n <th width=\"7%\">{$lang_honor['class']}</th>\r\n <th width=\"7%\">{$lang_honor['level']}</th>\r\n <th width=\"5%\"><a href=\"honor.php?order_by=honor\"" . ($order_by == 'honor' ? " class=DESC" : "") . ">{$lang_honor['honor']}</a></th>\r\n <th width=\"5%\"><a href=\"honor.php?order_by=honor\"" . ($order_by == 'honor' ? " class=DESC" : "") . ">{$lang_honor['honor points']}</a></th>\r\n <th width=\"5%\"><a href=\"honor.php?order_by=kills\"" . ($order_by == 'kills' ? " class=DESC" : "") . ">Kills</a></th>\r\n <th width=\"5%\"><a href=\"honor.php?order_by=arena\"" . ($order_by == 'arena' ? " class=DESC" : "") . ">AP</a></th>\r\n <th width=\"30%\">{$lang_honor['guild']}</th>\r\n </tr>";
while ($char = $sql->fetch_row($query)) {
$guild_name = $sql->fetch_row($sql->query("SELECT `name` FROM `guild` WHERE `guildid`=" . $char[8] . ";"));
$output .= "\r\n <tr>\r\n <td><a href=\"char.php?id={$char['0']}\">" . htmlentities($char[1]) . "</a></td>\r\n <td><img src='img/c_icons/{$char[2]}-{$char[9]}.gif' onmousemove='toolTip(\"" . char_get_race_name($char[2]) . "\",\"item_tooltip\")' onmouseout='toolTip()'></td>\r\n <td><img src='img/c_icons/{$char[3]}.gif' onmousemove='toolTip(\"" . char_get_class_name($char[3]) . "\",\"item_tooltip\")' onmouseout='toolTip()'></td>\r\n <td>" . char_get_level_color($char[6]) . "</td>\r\n <td><span onmouseover='toolTip(\"" . char_get_pvp_rank_name($char[4], char_get_side_id($char[2])) . "\",\"item_tooltip\")' onmouseout='toolTip()' style='color: white;'><img src='img/ranks/rank" . char_get_pvp_rank_id($char[4], char_get_side_id($char[2])) . ".gif'></span></td>\r\n <td>{$char['4']}</td>\r\n <td>{$char['5']}</td>\r\n <td>{$char['7']}</td>\r\n <td><a href=\"guild.php?action=view_guild&error=3&id={$char['8']}\">" . htmlentities($guild_name[0]) . "</a></td>\r\n </tr>";
}
$output .= "\r\n </table>\r\n <br />\r\n </fieldset>";
require_once "footer.php";
function saveforum()
{
global $corem_db;
$sqlm = new SQL();
$sqlm->connect($corem_db["addr"], $corem_db["user"], $corem_db["pass"], $corem_db["name"], $corem_db["encoding"]);
$forum_item = $sqlm->quote_smart($_GET["forum_item"]);
$forum = $sqlm->quote_smart($_GET["category"]);
$name = $sqlm->quote_smart($_GET["name"]);
$desc = $sqlm->quote_smart($_GET["desc"]);
$sideaccess = $sqlm->quote_smart($_GET["sideaccess"]);
$min_security_level_read = $sqlm->quote_smart($_GET["min_security_level_read"]);
$min_security_level_post = $sqlm->quote_smart($_GET["min_security_level_post"]);
$min_security_level_create_topic = $sqlm->quote_smart($_GET["min_security_level_create_topic"]);
$result = $sqlm->query("SELECT * FROM config_forums WHERE `Index`='" . $forum_item . "'");
if ($sqlm->num_rows($result)) {
$result = $sqlm->query("UPDATE config_forums SET Category='" . $forum . "', Name='" . $name . "', `Desc`='" . $desc . "', Side_Access='" . $sideaccess . "', Min_Security_Level_Read='" . $min_security_level_read . "', Min_Security_Level_Post='" . $min_security_level_post . "', Min_Security_Level_Create_Topic='" . $min_security_level_create_topic . "' WHERE `Index`='" . $forum_item . "'");
} else {
$result = $sqlm->query("INSERT INTO config_forums (Category, Name, Desc, Side_Access, Min_Security_Level_Read, Min_Security_Level_Post, Min_Security_Level_Create_Topic) VALUES ('" . $forum . "', '" . $name . "', '" . $desc . "', '" . $sideaccess . "', '" . $min_security_level_read . "', '" . $min_security_level_post . "', '" . $min_security_level_create_topic . "')");
}
redirect("admin.php?section=forum");
}
function forum_do_move_topic(&$sqlm)
{
global $forum_lang, $forum_skeleton, $maxqueries, $user_lvl, $user_id, $output, $mmfpm_db;
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
//==========================$_POST and SECURE=================================
if (!isset($_POST['forum'])) {
error($forum_lang['no_such_forum']);
} else {
$forum = $sqlm->quote_smart($_POST['forum']);
}
if (!isset($_POST['id'])) {
error($forum_lang["no_such_topic"]);
} else {
$id = $sqlm->quote_smart($_POST['id']);
}
//==========================$_POST and SECURE end=============================
$sqlm->query('
UPDATE mm_forum_posts
SET forum = ' . $forum . '
WHERE topic = ' . $id . '');
// update topic' s last post id
redirect('forum.php?action=view_topic&id=' . $id . '');
// Queries : 1
}
function forum_do_edit_post(&$sqlm)
{
global $forum_lang, $user_lvl, $user_name, $user_id, $mmfpm_db;
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
//==========================$_POST and SECURE=================================
if (!isset($_POST['forum'])) {
error($forum_lang["no_such_forum"]);
} else {
$forum = $sqlm->quote_smart($_POST['forum']);
}
if (!isset($_POST['post'])) {
error($forum_lang["no_such_post"]);
} else {
$post = $sqlm->quote_smart($_POST['post']);
}
if (!isset($_POST['name'])) {
$topic = 0;
} else {
$topic = 1;
// htmlspecialchars($_POST['name']);
$name = $sqlm->quote_smart($_POST['name']);
if (strlen($name) > 49) {
$sqlm->close();
error($forum_lang["name_too_long"]);
}
if (strlen($name) < 5) {
$sqlm->close();
error($forum_lang["name_too_short"]);
}
}
// $_POST['msg'] = htmlspecialchars($_POST['msg']);
$msg = trim($sqlm->quote_smart($_POST['msg']), " ");
if (strlen($msg) < 5) {
$sqlm->close();
error($forum_lang["msg_too_short"]);
}
//==========================$_POST and SECURE end==============================
$msg = str_replace('\\n', '<br />', $msg);
// $msg = str_replace('\r', '<br />', $msg);
$result = $sqlm->query('
SELECT topic
FROM mm_forum_posts
WHERE id = ' . $post . '');
$topicid = $sqlm->fetch_assoc($result);
$sqlm->query('
UPDATE mm_forum_posts
SET text = \'' . $msg . '\'
WHERE id = ' . $post . '');
if ($topic == 1) {
$sqlm->query('
UPDATE mm_forum_posts
SET name = \'' . $name . '\'
WHERE topic = ' . $topicid['topic'] . '');
}
$result = $sqlm->query('
SELECT topic
FROM mm_forum_posts
WHERE id = ' . $post . '');
$topicid = $sqlm->fetch_assoc($result);
$sqlm->close();
redirect('forum.php?action=view_topic&id=' . $topicid['topic'] . '');
// Queries : 3 (+1 if topic)
}
function savedbs()
{
global $output, $corem_db;
$sqlm = new SQL();
$sqlm->connect($corem_db["addr"], $corem_db["user"], $corem_db["pass"], $corem_db["name"], $corem_db["encoding"]);
if (isset($_GET["addchar"])) {
// Add new Character Database
// get highest index
$i_query = "SELECT IFNULL(MAX(`Index`), 0) AS MaxID FROM config_character_databases";
$i_result = $sqlm->query($i_query);
$i_result = $sqlm->fetch_assoc($i_result);
$max_index = $i_result["MaxID"];
$result_addchar = $sqlm->query("INSERT INTO config_character_databases (`Index`, Encoding) VALUES ('" . ($max_index + 1) . "', 'utf8')");
}
if (isset($_GET["addworld"])) {
// Add new World Database
// get highest index
$i_query = "SELECT IFNULL(MAX(`Index`), 0) AS MaxID FROM config_world_databases";
$i_result = $sqlm->query($i_query);
$i_result = $sqlm->fetch_assoc($i_result);
$max_index = $i_result["MaxID"];
$result_addworld = $sqlm->query("INSERT INTO config_world_databases (`Index`, Encoding) VALUES ('" . ($max_index + 1) . "', 'utf8')");
}
if (isset($_GET["dbc_name"])) {
$dbc_host = $sqlm->quote_smart($_GET["host"]);
$dbc_port = $sqlm->quote_smart($_GET["port"]);
$dbc_user = $sqlm->quote_smart($_GET["user"]);
$dbc_pass = $sqlm->quote_smart($_GET["pass"]);
$dbc_name = $sqlm->quote_smart($_GET["dbc_name"]);
$dbc_encoding = $sqlm->quote_smart($_GET["dbc_encoding"]);
$dbc_count = $sqlm->fetch_assoc($sqlm->query("SELECT COUNT(*) FROM config_dbc_database"));
if ($dbc_count["COUNT(*)"] == 1) {
$dbc_upper = $sqlm->fetch_assoc($sqlm->query("SELECT MAX(`Index`) FROM config_dbc_database"));
$result = $sqlm->query("UPDATE config_dbc_database SET Address='" . $dbc_host . "', Port='" . $dbc_port . "', Name='" . $dbc_name . "', User='******', Password='******', Encoding='" . $dbc_encoding . "' WHERE `Index`='" . $dbc_upper["MAX(`Index`)"] . "'");
} elseif ($dbc_count["COUNT(*)"] > 1) {
$result = $sqlm->query("TRUNCATE TABLE config_dbc_database");
$result = $sqlm->query("INSERT INTO config_dbc_database (Address, Port, User, Name, Password, Encoding) VALUES ('" . $dbc_host . "', '" . $dbc_port . "', '" . $dbc_user . "', '" . $dbc_name . "', '" . $dbc_pass . "', '" . $dbc_encoding . "')");
} else {
$result = $sqlm->query("INSERT INTO config_dbc_database (Address, Port, User, Name, Password, Encoding) VALUES ('" . $dbc_host . "', '" . $dbc_port . "', '" . $dbc_user . "', '" . $dbc_name . "', '" . $dbc_pass . "', '" . $dbc_encoding . "')");
}
}
if (isset($_GET["logon_name"])) {
$logon_host = $sqlm->quote_smart($_GET["host"]);
$logon_port = $sqlm->quote_smart($_GET["port"]);
$logon_user = $sqlm->quote_smart($_GET["user"]);
$logon_pass = $sqlm->quote_smart($_GET["pass"]);
$logon_name = $sqlm->quote_smart($_GET["logon_name"]);
$logon_encoding = $sqlm->quote_smart($_GET["logon_encoding"]);
$result_logon = $sqlm->query("UPDATE config_logon_database SET Address='" . $logon_host . "', Port='" . $logon_port . "', User='******', Password='******', Name='" . $logon_name . "', Encoding='" . $logon_encoding . "' WHERE `Index`=1");
}
if (isset($_GET["char_realm"])) {
$char_realms = isset($_GET["char_realm"]) ? $sqlm->quote_smart($_GET["char_realm"]) : NULL;
$char_new_realms = isset($_GET["char_new_realm"]) ? $sqlm->quote_smart($_GET["char_new_realm"]) : NULL;
$char_hosts = isset($_GET["host"]) ? $sqlm->quote_smart($_GET["host"]) : NULL;
$char_ports = isset($_GET["port"]) ? $sqlm->quote_smart($_GET["port"]) : NULL;
$char_users = isset($_GET["user"]) ? $sqlm->quote_smart($_GET["user"]) : NULL;
$char_passes = isset($_GET["pass"]) ? $sqlm->quote_smart($_GET["pass"]) : NULL;
$char_names = isset($_GET["char_name"]) ? $sqlm->quote_smart($_GET["char_name"]) : NULL;
$char_encodings = isset($_GET["char_encoding"]) ? $sqlm->quote_smart($_GET["char_encoding"]) : NULL;
for ($i = 0; $i < count($char_names); $i++) {
$result_char = $sqlm->query("UPDATE config_character_databases SET `Index`='" . $char_new_realms[$i] . "', Address='" . $char_hosts . "', Port='" . $char_ports . "', User='******', Password='******', Name='" . $char_names[$i] . "', Encoding='" . $char_encodings[$i] . "' WHERE `Index`='" . $char_realms[$i] . "'");
}
}
if (isset($_GET["remove_char"])) {
$remove_chars = isset($_GET["remove_char"]) ? $sqlm->quote_smart($_GET["remove_char"]) : NULL;
for ($i = 0; $i <= count($remove_chars); $i++) {
$result_char = $sqlm->query("DELETE FROM config_character_databases WHERE `Index`='" . $remove_chars[$i] . "'");
}
}
if (isset($_GET["world_realm"])) {
$world_realms = isset($_GET["world_realm"]) ? $sqlm->quote_smart($_GET["world_realm"]) : NULL;
$world_new_realms = isset($_GET["world_new_realm"]) ? $sqlm->quote_smart($_GET["world_new_realm"]) : NULL;
$world_hosts = isset($_GET["host"]) ? $sqlm->quote_smart($_GET["host"]) : NULL;
$world_ports = isset($_GET["port"]) ? $sqlm->quote_smart($_GET["port"]) : NULL;
$world_users = isset($_GET["user"]) ? $sqlm->quote_smart($_GET["user"]) : NULL;
$world_passes = isset($_GET["pass"]) ? $sqlm->quote_smart($_GET["pass"]) : NULL;
$world_names = isset($_GET["world_name"]) ? $sqlm->quote_smart($_GET["world_name"]) : NULL;
$world_encodings = isset($_GET["world_encoding"]) ? $sqlm->quote_smart($_GET["world_encoding"]) : NULL;
for ($i = 0; $i < count($world_names); $i++) {
$result_world = $sqlm->query("UPDATE config_world_databases SET `Index`='" . $world_new_realms[$i] . "', Address='" . $world_hosts . "', Port='" . $world_ports . "', User='******', Password='******', Name='" . $world_names[$i] . "', Encoding='" . $world_encodings[$i] . "' WHERE `Index`='" . $world_realms[$i] . "'");
}
}
if (isset($_GET["remove_world"])) {
$remove_worlds = isset($_GET["remove_world"]) ? $sqlm->quote_smart($_GET["remove_world"]) : NULL;
for ($i = 0; $i <= count($remove_worlds); $i++) {
$remove_query = "DELETE FROM config_world_databases WHERE `Index`='" . $remove_worlds[$i] . "'";
$result_world = $sqlm->query($remove_query);
}
}
redirect("admin.php?section=databases");
}
function docleanup()
{
global $lang_cleanup, $lang_global, $output, $realm_db, $characters_db, $realm_id, $user_lvl, $tab_del_user_characters, $tab_del_user_characters_trinity, $tab_del_user_realmd;
if ($server_type) {
$tab_del_user_characters = $tab_del_user_characters_trinity;
}
if (!isset($_POST['type']) || $_POST['type'] === '') {
redirect("cleanup.php?error=1");
}
$sql = new SQL();
$sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$type = $sql->quote_smart($_POST['type']);
if (isset($_POST['check']) && $_POST['check'] != '') {
$check = $sql->quote_smart($_POST['check']);
$check = explode('-', $check);
} else {
redirect("cleanup.php?error=1");
}
$deleted_acc = 0;
$deleted_chars = 0;
$deleted_gulds = 0;
require_once "./libs/del_lib.php";
switch ($type) {
//we deleting account array
case "acc":
for ($i = 1; $i < count($check); $i++) {
if ($check[$i] != "") {
list($flag, $del_char) = del_acc($check[$i]);
if ($flag) {
$deleted_acc++;
$deleted_chars += $del_char;
}
}
}
break;
//we deleting character array
//we deleting character array
case "char":
for ($i = 1; $i < count($check); $i++) {
if ($check[$i] != "") {
if (del_char($check[$i], $realm_id)) {
$deleted_chars++;
}
}
}
break;
//cleaning guilds
//cleaning guilds
case "guild":
for ($i = 1; $i < count($check); $i++) {
if ($check[$i] != "") {
if (del_guild($check[$i], $realm_id)) {
$deleted_gulds++;
}
}
}
break;
//cleaning arena teams
//cleaning arena teams
case "arenateam":
for ($i = 1; $i < count($check); $i++) {
if ($check[$i] != "") {
if (del_arenateam($check[$i], $realm_id)) {
$deleted_arenateams++;
}
}
}
break;
default:
redirect("cleanup.php?error=1");
}
$sql->close();
unset($sql);
$output .= "<center>";
if ($type == "guild") {
if (!$deleted_gulds) {
$output .= "<h1><font class=\"error\">{$lang_cleanup['no_guilds_del']}</font></h1>";
} else {
$output .= "<h1><font class=\"error\">{$lang_cleanup['total']} <font color=blue>{$deleted_gulds}</font> {$lang_cleanup['guilds_deleted']}</font></h1>";
}
} else {
if ($type == "arenateam") {
if (!$deleted_arenateams) {
$output .= "<h1><font class=\"error\">{$lang_cleanup['no_arenateams_del']}</font></h1>";
} else {
$output .= "<h1><font class=\"error\">{$lang_cleanup['total']} <font color=blue>{$deleted_arenateams}</font> {$lang_cleanup['arenateams_deleted']}</font></h1>";
}
} else {
if ($deleted_acc + $deleted_chars == 0) {
$output .= "<h1><font class=\"error\">{$lang_cleanup['no_acc_chars_deleted']}</font></h1>";
} else {
$output .= "<h1><font class=\"error\">{$lang_cleanup['total']} <font color=blue>{$deleted_acc}</font> {$lang_cleanup['accs_deleted']}</font></h1><br />";
$output .= "<h1><font class=\"error\">{$lang_cleanup['total']} <font color=blue>{$deleted_chars}</font> {$lang_cleanup['chars_deleted']}</font></h1>";
}
}
}
$output .= "<br /><br />";
$output .= "<table class=\"hidden\">\r\n <tr><td>";
makebutton($lang_cleanup['back_cleaning'], "cleanup.php", 200);
$output .= "</td></tr>\r\n </table><br /></center>";
}
function do_add_tele()
{
global $world_db, $realm_id, $action_permission;
valid_login($action_permission['insert']);
if (!isset($_GET['name']) || !isset($_GET['map']) || !isset($_GET['x']) || !isset($_GET['y']) || !isset($_GET['z']) || !isset($_GET['orientation'])) {
redirect("tele.php?error=1");
}
$sqlw = new SQL();
$sqlw->connect($world_db[$realm_id]['addr'], $world_db[$realm_id]['user'], $world_db[$realm_id]['pass'], $world_db[$realm_id]['name']);
$name = $sqlw->quote_smart($_GET['name']);
$map = $sqlw->quote_smart($_GET['map']);
$x = $sqlw->quote_smart($_GET['x']);
$y = $sqlw->quote_smart($_GET['y']);
$z = $sqlw->quote_smart($_GET['z']);
$orientation = $sqlw->quote_smart($_GET['orientation']);
$sqlw->query("INSERT INTO game_tele VALUES (NULL,'{$x}','{$y}', '{$z}' ,'{$orientation}' ,'{$map}' ,'{$name}')");
if ($sqlw->affected_rows()) {
redirect("tele.php?error=3");
} else {
redirect("tele.php?error=5");
}
}
function savemenu()
{
global $corem_db;
$sqlm = new SQL();
$sqlm->connect($corem_db["addr"], $corem_db["user"], $corem_db["pass"], $corem_db["name"], $corem_db["encoding"]);
$menu_item = $sqlm->quote_smart($_GET["menu_item"]);
$menu = $sqlm->quote_smart($_GET["menu"]);
$order = $sqlm->quote_smart($_GET["order"]);
$name = $sqlm->quote_smart($_GET["name"]);
$action = $sqlm->quote_smart($_GET["menu_action"]);
$view = $sqlm->quote_smart($_GET["view"]);
$insert = $sqlm->quote_smart($_GET["insert"]);
$update = $sqlm->quote_smart($_GET["update"]);
$delete = $sqlm->quote_smart($_GET["delete"]);
$enabled = isset($_GET["enabled"]) ? 1 : 0;
if (empty($order) || !isset($order)) {
redirect("admin.php?section=menus&error=1");
}
$result = $sqlm->query("SELECT * FROM config_menus WHERE `Index`='" . $menu_item . "'");
if ($sqlm->num_rows($result)) {
$result = $sqlm->query("UPDATE config_menus SET Menu='" . $menu . "', `Order`='" . $order . "', Name='" . $name . "', Action='" . $action . "', View='" . $view . "', `Insert`='" . $insert . "', `Update`='" . $update . "', `Delete`='" . $delete . "', Enabled='" . $enabled . "' WHERE `Index`='" . $menu_item . "'");
} else {
$result = $sqlm->query("INSERT INTO config_menus (Menu, `Order`, Name, Action, View, Insert, Update, Delete, Enabled) VALUES ('" . $menu . "', '" . $order . "', '" . $name . "', '" . $action . "', '" . $view . "', '" . $insert . "', '" . $update . "', '" . $delete . "', '" . $enabled . "')");
}
redirect("admin.php?section=menus");
}
function events()
{
global $output, $lang_events, $realm_id, $world_db, $itemperpage;
$sqlw = new SQL();
$sqlw->connect($world_db[$realm_id]['addr'], $world_db[$realm_id]['user'], $world_db[$realm_id]['pass'], $world_db[$realm_id]['name']);
//-------------------SQL Injection Prevention--------------------------------
// this page has multipage support and field ordering, so we need these
$start = isset($_GET['start']) ? $sqlw->quote_smart($_GET['start']) : 0;
if (is_numeric($start)) {
} else {
$start = 0;
}
$order_by = isset($_GET['order_by']) ? $sqlw->quote_smart($_GET['order_by']) : 'description';
if (preg_match('/^[_[:lower:]]{1,11}$/', $order_by)) {
} else {
$order_by = 'description';
}
$dir = isset($_GET['dir']) ? $sqlw->quote_smart($_GET['dir']) : 1;
if (preg_match('/^[01]{1}$/', $dir)) {
} else {
$dir = 1;
}
$order_dir = $dir ? 'ASC' : 'DESC';
$dir = $dir ? 0 : 1;
// for multipage support
$all_record = $sqlw->result($sqlw->query('SELECT count(*) FROM game_event WHERE start_time <> end_time'), 0);
// main data that we need for this page, game events
$result = $sqlw->query('SELECT description, start_time, occurence, length
FROM game_event WHERE start_time <> end_time ORDER BY ' . $order_by . ' ' . $order_dir . ' LIMIT ' . $start . ', ' . $itemperpage . '');
//---------------Page Specific Data Starts Here--------------------------
// we start with a lead of 10 spaces,
// because last line of header is an opening tag with 8 spaces
// keep html indent in sync, so debuging from browser source would be easy to read
$output .= '
<!-- start of events.php -->
<center>
<table class="top_hidden">
<tr>
<td width="25%" align="right">';
// multi page links
$output .= $lang_events['total'] . ' : ' . $all_record . '<br /><br />' . generate_pagination('events.php?order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1), $all_record, $itemperpage, $start);
// column headers, with links for sorting
$output .= '
</td>
</tr>
</table>
<table class="lined">
<tr>
<th width="35%"><a href="events.php?order_by=description&start=' . $start . '&dir=' . $dir . '"' . ($order_by === 'description' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_events['descr'] . '</a></th>
<th width="25%"><a href="events.php?order_by=start_time&start=' . $start . '&dir=' . $dir . '"' . ($order_by === 'start_time' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_events['start'] . '</a></th>
<th width="20%"><a href="events.php?order_by=occurence&start=' . $start . '&dir=' . $dir . '"' . ($order_by === 'occurence' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_events['occur'] . '</a></th>
<th width="20%"><a href="events.php?order_by=length&start=' . $start . '&dir=' . $dir . '"' . ($order_by === 'length' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_events['length'] . '</a></th>
</tr>';
while ($events = $sqlw->fetch_assoc($result)) {
$days = floor(round($events['occurence'] / 60) / 24);
$hours = round($events['occurence'] / 60) - $days * 24;
$event_occurance = '';
if ($days) {
$event_occurance .= $days . ' days ';
}
if ($hours) {
$event_occurance .= $hours . ' hours';
}
$days = floor(round($events['length'] / 60) / 24);
$hours = round($events['length'] / 60) - $days * 24;
$event_duration = '';
if ($days) {
$event_duration .= $days . ' days ';
}
if ($hours) {
$event_duration .= $hours . ' hours';
}
$output .= '
<tr valign="top">
<td align="left">' . $events['description'] . '</td>
<td>' . $events['start_time'] . '</td>
<td>' . $event_occurance . '</td>
<td>' . $event_duration . '</td>
</tr>';
}
unset($event_duration);
unset($event_occurance);
unset($hours);
unset($days);
unset($events);
unset($result);
$output .= '
<tr>
<td colspan="4" class="hidden" align="right" width="25%">';
// multi page links
$output .= generate_pagination('events.php?order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1), $all_record, $itemperpage, $start);
unset($start);
$output .= '
</td>
</tr>
<tr>
<td colspan="4" class="hidden" align="right">' . $lang_events['total'] . ' : ' . $all_record . '</td>
</tr>
</table>
</center>
<!-- end of events.php -->';
}
function saveacct()
{
global $corem_db;
$sqlm = new SQL();
$sqlm->connect($corem_db["addr"], $corem_db["user"], $corem_db["pass"], $corem_db["name"], $corem_db["encoding"]);
$acct = $sqlm->quote_smart($_GET["login"]);
$sn = $sqlm->quote_smart($_GET["sn"]);
$sec = isset($_GET["sec"]) ? $sqlm->quote_smart($_GET["sec"]) : 0;
$acp = isset($_GET["acp"]) ? 1 : 0;
if ($acp) {
$sec += 1073741824;
}
$result = $sqlm->query("SELECT * FROM config_accounts WHERE Login='******'");
if ($sqlm->num_rows($result)) {
$result = $sqlm->query("UPDATE config_accounts SET ScreenName='" . $sn . "', SecurityLevel='" . $sec . "' WHERE Login='******'");
} else {
$result = $sqlm->query("INSERT INTO config_accounts (Login, ScreenName, SecurityLevel) VALUES ('" . $acct . "', '" . $sn . "', '" . $sec . "')");
}
redirect("admin.php?section=accounts");
}
function send_mail()
{
global $lang_global, $output, $realm_db, $characters_db, $realm_id, $user_name, $from_mail, $mailer_type, $smtp_cfg;
if (empty($_POST['body']) || empty($_POST['subject']) || empty($_POST['type']) || empty($_POST['group_sign']) || empty($_POST['group_send'])) {
redirect("mail.php?error=1");
}
$sqlr = new SQL();
$sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$sqlc = new SQL();
$sqlc->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
$body = explode("\n", $_POST['body']);
$subject = $sqlc->quote_smart($_POST['subject']);
if (isset($_POST['to']) && $_POST['to'] != '') {
$to = $sqlc->quote_smart($_POST['to']);
} else {
$to = 0;
if (!isset($_POST['group_value']) || $_POST['group_value'] === '') {
redirect("mail.php?error=1");
} else {
$group_value = $sqlc->quote_smart($_POST['group_value']);
$group_sign = $sqlc->quote_smart($_POST['group_sign']);
$group_send = $sqlc->quote_smart($_POST['group_send']);
}
}
$type = addslashes($_POST['type']);
$att_gold = $sqlc->quote_smart($_POST['money']);
$att_item = $sqlc->quote_smart($_POST['att_item']);
$att_stack = $sqlc->quote_smart($_POST['att_stack']);
switch ($type) {
case "email":
require_once "libs/mailer/class.phpmailer.php";
$mail = new PHPMailer();
$mail->Mailer = $mailer_type;
if ($mailer_type == "smtp") {
$mail->Host = $smtp_cfg['host'];
$mail->Port = $smtp_cfg['port'];
if ($smtp_cfg['user'] != '') {
$mail->SMTPAuth = true;
$mail->Username = $smtp_cfg['user'];
$mail->Password = $smtp_cfg['pass'];
}
}
$value = NULL;
for ($i = 0; $i < count($body); $i++) {
$value .= $body[$i] . "\r\n";
}
$body = $value;
$mail->From = $from_mail;
$mail->FromName = $user_name;
$mail->Subject = $subject;
$mail->IsHTML(true);
$body = str_replace("\n", "<br />", $body);
$body = str_replace("\r", " ", $body);
$body = str_replace(array("\r\n", "\n", "\r"), '<br />', $body);
$body = preg_replace("/([^\\/=\"\\]])((http|ftp)+(s)?:\\/\\/[^<>\\s]+)/i", "\\1<a href=\"\\2\" target=\"_blank\">\\2</a>", $body);
$body = preg_replace('/([^\\/=\\"\\]])(www\\.)(\\S+)/', '\\1<a href="http://\\2\\3" target="_blank">\\2\\3</a>', $body);
$mail->Body = $body;
$mail->WordWrap = 50;
if ($to) {
//single Recipient
$mail->AddAddress($to);
if (!$mail->Send()) {
$mail->ClearAddresses();
redirect("mail.php?error=3&mail_err=" . $mail->ErrorInfo);
} else {
$mail->ClearAddresses();
redirect("mail.php?error=2");
}
} elseif (isset($group_value)) {
//group send
$email_array = array();
switch ($group_send) {
case "gm_level":
$result = $sqlr->query("SELECT email FROM account WHERE gmlevel {$group_sign} '{$group_value}'");
while ($user = $sqlr->fetch_row($result)) {
if ($user[0] != "") {
array_push($email_array, $user[0]);
}
}
break;
case "locked":
$result = $sqlr->query("SELECT email FROM account WHERE locked {$group_sign} '{$group_value}'");
while ($user = $sqlr->fetch_row($result)) {
if ($user[0] != "") {
array_push($email_array, $user[0]);
}
}
break;
case "banned":
$que = $sqlr->query("SELECT id FROM account_banned");
while ($banned = $sql->fetch_row($que)) {
$result = $sqlr->query("SELECT email FROM account WHERE id = '{$banned['0']}'");
if ($sqlr->result($result, 0, 'email')) {
array_push($email_array, $sql->result($result, 0, 'email'));
}
}
break;
default:
redirect("mail.php?error=5");
break;
}
foreach ($email_array as $mail_addr) {
$mail->AddAddress($mail_addr);
if (!$mail->Send()) {
$mail->ClearAddresses();
redirect("mail.php?error=3&mail_err=" . $mail->ErrorInfo);
} else {
$mail->ClearAddresses();
}
}
redirect("mail.php?error=2");
} else {
redirect("mail.php?error=1");
}
break;
case "ingame_mail":
$value = NULL;
for ($i = 0; $i < count($body); $i++) {
$value .= $body[$i] . " ";
}
$body = $value;
$body = str_replace("\r", " ", $body);
if ($to) {
//single Recipient
$result = $sqlc->query("SELECT name FROM characters WHERE name = '{$to}'");
if ($sqlc->num_rows($result) == 1) {
$receiver = $sqlc->result($result, 0, 'name');
$mails = array();
array_push($mails, array($receiver, $subject, $body, $att_gold, $att_item, $att_stack));
send_ingame_mail($realm_id, $mails);
} else {
redirect("mail.php?error=4");
}
redirect("mail.php?error=2");
break;
} elseif (isset($group_value)) {
//group send
$char_array = array();
switch ($group_send) {
case "gm_level":
$result = $sqlr->query("SELECT id FROM account WHERE gmlevel {$group_sign} '{$group_value}'");
while ($acc = $sqlc->fetch_row($result)) {
$result_2 = $sqlc->query("SELECT name FROM `characters` WHERE account = '{$acc['0']}'");
while ($char = $sqlc->fetch_row($result_2)) {
array_push($char_array, $char[0]);
}
}
break;
case "online":
$result = $sqlc->query("SELECT name FROM `characters` WHERE online {$group_sign} '{$group_value}'");
while ($user = $sqlc->fetch_row($result)) {
array_push($char_array, $user[0]);
}
break;
case "char_level":
$result = $sqlc->query("SELECT name FROM `characters` WHERE SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) {$group_sign} '{$group_value}'");
while ($user = $sqlc->fetch_row($result)) {
array_push($char_array, $user[0]);
}
break;
default:
redirect("mail.php?error=5");
}
$mails = array();
foreach ($char_array as $receiver) {
array_push($mails, array($receiver, $subject, $body, $att_gold, $att_item, $att_stack));
}
send_ingame_mail($realm_id, $mails);
redirect("mail.php?error=2");
}
break;
default:
redirect("mail.php?error=1");
}
}
function save()
{
global $corem_db;
$sqlm = new SQL();
$sqlm->connect($corem_db["addr"], $corem_db["user"], $corem_db["pass"], $corem_db["name"], $corem_db["encoding"]);
// then we get the config data
// General Database Settings
if ($_GET["host"] != "") {
$host = $sqlm->quote_smart($_GET["host"]);
} else {
redirect("setup.php?error=1");
}
if ($_GET["port"] != "") {
$port = $sqlm->quote_smart($_GET["port"]);
} else {
redirect("setup.php?error=1");
}
if ($_GET["user"] != "") {
$user = $sqlm->quote_smart($_GET["user"]);
} else {
redirect("setup.php?error=1");
}
if ($_GET["pass"] != "") {
$pass = $sqlm->quote_smart($_GET["pass"]);
} else {
redirect("setup.php?error=1");
}
// Authentication DB Name
if ($_GET["name"] != "") {
$name = $sqlm->quote_smart($_GET["name"]);
} else {
redirect("setup.php?error=1");
}
// DBC DB Name
if ($_GET["dbcname"] != "") {
$dbcname = $sqlm->quote_smart($_GET["dbcname"]);
} else {
redirect("setup.php?error=1");
}
if ($_GET["acctname"] != "") {
$acctname = $sqlm->quote_smart($_GET["acctname"]);
} else {
redirect("setup.php?error=1");
}
if ($_GET["screenname"] != "") {
$screenname = $sqlm->quote_smart($_GET["screenname"]);
} else {
redirect("setup.php?error=1");
}
// first, we import databases
import_db($host, $port, $user, $pass, $dbcname);
// save logon database configs
$logon_count = $sqlm->fetch_assoc($sqlm->query("SELECT COUNT(*) FROM config_logon_database"));
if ($logon_count["COUNT(*)"] == 1) {
$logon_upper = $sqlm->fetch_assoc($sqlm->query("SELECT MAX(`Index`) FROM config_logon_database"));
$result = $sqlm->query("UPDATE config_logon_database SET Address='" . $host . "', Port='" . $port . "', Name='" . $name . "', User='******', Password='******', Encoding='utf8' WHERE `Index`='" . $logon_upper["MAX(`Index`)"] . "'");
} elseif ($logon_count["COUNT(*)"] > 1) {
$result = $sqlm->query("TRUNCATE TABLE config_logon_database");
$result = $sqlm->query("INSERT INTO config_logon_database (Address, Port, User, Name, Password, Encoding) VALUES ('" . $host . "', '" . $port . "', '" . $user . "', '" . $name . "', '" . $pass . "', 'utf8')");
} else {
$result = $sqlm->query("INSERT INTO config_logon_database (Address, Port, User, Name, Password, Encoding) VALUES ('" . $host . "', '" . $port . "', '" . $user . "', '" . $name . "', '" . $pass . "', 'utf8')");
}
// save dbc database configs
$dbc_count = $sqlm->fetch_assoc($sqlm->query("SELECT COUNT(*) FROM config_dbc_database"));
if ($dbc_count["COUNT(*)"] == 1) {
$dbc_upper = $sqlm->fetch_assoc($sqlm->query("SELECT MAX(`Index`) FROM config_dbc_database"));
$result = $sqlm->query("UPDATE config_dbc_database SET Address='" . $host . "', Port='" . $port . "', Name='" . $dbcname . "', User='******', Password='******', Encoding='utf8' WHERE `Index`='" . $dbc_upper["MAX(`Index`)"] . "'");
} elseif ($dbc_count["COUNT(*)"] > 1) {
$result = $sqlm->query("TRUNCATE TABLE config_dbc_database");
$result = $sqlm->query("INSERT INTO config_dbc_database (Address, Port, User, Name, Password, Encoding) VALUES ('" . $host . "', '" . $port . "', '" . $user . "', '" . $dbcname . "', '" . $pass . "', 'utf8')");
} else {
$result = $sqlm->query("INSERT INTO config_dbc_database (Address, Port, User, Name, Password, Encoding) VALUES ('" . $host . "', '" . $port . "', '" . $user . "', '" . $dbcname . "', '" . $pass . "', 'utf8')");
}
// set up web admin account
$account = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_accounts WHERE Login='******'"));
if ($account["Login"] != '') {
$result = $sqlm->query("UPDATE config_accounts SET ScreenName='" . $screenname . "', SecurityLevel=(4+1073741824) WHERE Login='******'");
} else {
$result = $sqlm->query("INSERT INTO config_accounts (Login, ScreenName, SecurityLevel) VALUES (UPPER('" . $acctname . "'), '" . $screenname . "', (4+1073741824))");
}
$result = $sqlm->query("UPDATE config_misc SET Value='1' WHERE `Key`='Installed'");
redirect("admin.php");
}
function forum_do_add_topic(&$sqlm)
{
global $enablesidecheck, $forum_skeleton, $forum_lang, $user_lvl, $user_name, $user_id, $mmfpm_db, $minfloodtime;
if ($enablesidecheck) {
$side = get_side();
}
// Better to use it here instead of call it many time in the loop :)
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
$userposts = $sqlm->query('
SELECT time
FROM mm_forum_posts
WHERE authorid = ' . $user_id . '
ORDER BY id DESC
LIMIT 1');
if ($sqlm->num_rows($userposts) != 0) {
$mintimeb4post = $sqlm->fetch_assoc($userposts);
$mintimeb4post = time() - strtotime($mintimeb4post['time']);
if ($mintimeb4post < $minfloodtime) {
error($forum_lang['please_wait']);
}
}
//==========================$_POST and SECURE=================================
if (!isset($_POST['forum'])) {
error($forum_lang['no_such_forum']);
} else {
$forum = $sqlm->quote_smart($_POST['forum']);
}
//==========================$_POST and SECURE end=============================
$cat = 0;
foreach ($forum_skeleton as $cid => $category) {
foreach ($category['forums'] as $fid => $forum_) {
if ($fid == $forum) {
$cat = $cid;
}
}
}
if (empty($forum_skeleton[$cat]['forums'][$forum])) {
error($forum_lang['no_such_forum']);
}
$forum_ = $forum_skeleton[$cat]['forums'][$forum];
if ($forum_skeleton[$cat]['level_post_topic'] > $user_lvl || $forum_['level_post_topic'] > $user_lvl) {
error($forum_lang['no_access']);
}
if ($user_lvl == 0 && $enablesidecheck) {
if ($forum_skeleton[$cat]['side_access'] != 'ALL') {
// Not an all side forum
if ($side == 'NO') {
// No char
continue;
} else {
if ($forum_skeleton[$cat]['side_access'] != $side) {
// Forumside different of the user side
continue;
}
}
}
if ($forum_['side_access'] != 'ALL') {
// Not an all side forum
if ($side == 'NO') {
// No char
continue;
} else {
if ($forum_['side_access'] != $side) {
// Forumside different of the user side
continue;
}
}
}
}
//==========================$_POST and SECURE=================================
// $_POST['msg'] = htmlspecialchars($_POST['msg']);
$msg = trim($sqlm->quote_smart($_POST['msg']), " ");
// $_POST['name'] = htmlspecialchars($_POST['name']);
$name = trim($sqlm->quote_smart($_POST['name']), " ");
//==========================$_POST and SECURE end=============================
if (strlen($name) > 49) {
$sqlm->close();
error($forum_lang['name_too_long']);
}
if (strlen($name) < 5) {
$sqlm->close();
error($forum_lang['name_too_short']);
}
if (strlen($msg) < 5) {
$sqlm->close();
error($forum_lang['msg_too_short']);
}
$msg = str_replace('\\n', '<br />', $msg);
// $msg = str_replace('\r', '<br />', $msg);
$time = date("m/d/y H:i:s");
$sqlm->query('
INSERT INTO mm_forum_posts
(authorid, authorname, forum, name, text, time)
VALUES
(\'' . $user_id . '\', \'' . $user_name . '\', \'' . $forum . '\', \'' . $name . '\', \'' . $msg . '\', \'' . $time . '\')');
$id = $sqlm->insert_id();
$sqlm->query('
UPDATE mm_forum_posts
SET topic = ' . $id . ', lastpost = ' . $id . '
WHERE id = ' . $id . '');
$sqlm->close();
redirect('forum.php?action=view_topic&id=' . $id . '');
// Queries : 3
}
function doedit_user()
{
global $lang_global, $realm_db, $mmfpm_db, $user_lvl, $user_name, $action_permission;
valid_login($action_permission['update']);
if ((!isset($_POST['pass']) || $_POST['pass'] === '') && (!isset($_POST['mail']) || $_POST['mail'] === '') && (!isset($_POST['expansion']) || $_POST['expansion'] === '') && (!isset($_POST['referredby']) || $_POST['referredby'] === '')) {
redirect("user.php?action=edit_user&&id={$_POST['id']}&error=1");
}
$sqlr = new SQL();
$sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$id = $sqlr->quote_smart($_POST['id']);
$username = $sqlr->quote_smart($_POST['username']);
$banreason = $sqlr->quote_smart($_POST['banreason']);
$pass = $sqlr->quote_smart($_POST['pass']);
$user_pass_change = $pass != sha1(strtoupper($username) . ":******") ? "username='******',sha_pass_hash='{$pass}'," : "";
$mail = isset($_POST['mail']) && $_POST['mail'] != '' ? $sqlr->quote_smart($_POST['mail']) : "";
$failed = isset($_POST['failed']) ? $sqlr->quote_smart($_POST['failed']) : 0;
$gmlevel = isset($_POST['gmlevel']) ? $sqlr->quote_smart($_POST['gmlevel']) : 0;
$expansion = isset($_POST['expansion']) ? $sqlr->quote_smart($_POST['expansion']) : 1;
$banned = isset($_POST['banned']) ? $sqlr->quote_smart($_POST['banned']) : 0;
$locked = isset($_POST['locked']) ? $sqlr->quote_smart($_POST['locked']) : 0;
$referredby = $sqlr->quote_smart(trim($_POST['referredby']));
//make sure username/pass at least 4 chars long and less than max
if (strlen($username) < 4 || strlen($username) > 15) {
redirect("user.php?action=edit_user&id={$id}&error=8");
}
if ($gmlevel >= $user_lvl) {
redirect("user.php?action=edit_user&&id={$_POST['id']}&error=16");
}
require_once "libs/valid_lib.php";
if (!valid_alphabetic($username)) {
redirect("user.php?action=edit_user&error=9&id={$id}");
}
//restricting accsess to lower gmlvl
$result = $sqlr->query("SELECT gmlevel,username FROM account WHERE id = '{$id}'");
if ($user_lvl <= $sqlr->result($result, 0, 'gmlevel') && $user_name != $sqlr->result($result, 0, 'username')) {
redirect("user.php?error=14");
}
if (!$banned) {
$sqlr->query("DELETE FROM account_banned WHERE id='{$id}'");
} else {
$result = $sqlr->query("SELECT count(*) FROM account_banned WHERE id = '{$id}'");
if (!$sqlr->result($result, 0)) {
$sqlr->query("INSERT INTO account_banned (id, bandate, unbandate, bannedby, banreason, active)\r\n VALUES ({$id}, " . time() . "," . (time() + 365 * 24 * 3600) . ",'{$user_name}','{$banreason}', 1)");
}
}
$sqlr->query("UPDATE account SET email='{$mail}', {$user_pass_change} v=0,s=0,failed_logins='{$failed}',locked='{$locked}',expansion='{$expansion}' WHERE id='{$id}'");
$sqlr->query("UPDATE account SET gmlevel='{$gmlevel}' WHERE id='{$id}'");
if (doupdate_referral($referredby, $id) || $sqlr->affected_rows()) {
redirect("user.php?action=edit_user&error=13&id={$id}");
} else {
redirect("user.php?action=edit_user&error=12&id={$id}");
}
}
function do_edit_ticket()
{
global $characters_db, $realm_id, $action_permission;
valid_login($action_permission['update']);
if (empty($_POST['new_text']) || empty($_POST['id'])) {
redirect("ticket.php?error=1");
}
$sqlc = new SQL();
$sqlc->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
$new_text = $sqlc->quote_smart($_POST['new_text']);
$id = $sqlc->quote_smart($_POST['id']);
if (is_numeric($id)) {
} else {
redirect("ticket.php?error=1");
}
$query = $sqlc->query("UPDATE gm_tickets SET message='{$new_text}' WHERE guid = '{$id}'");
if ($sqlc->affected_rows()) {
redirect("ticket.php?error=5");
} else {
redirect("ticket.php?error=6");
}
}
function do_delete_reward_item(&$sqlm)
{
global $action_permission, $mmfpm_db;
valid_login($action_permission['delete']);
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
if (empty($_GET['item'])) {
redirect('rewards.php?error=1');
}
$items = $sqlm->quote_smart($_GET['item']);
if (is_numeric($items)) {
} else {
redirect('rewards.php?error=1');
}
$sqlm->query('DELETE FROM mm_reward_item WHERE item = ' . $items . '');
unset($items);
if ($sqlm->affected_rows()) {
redirect('rewards.php?action=show_reward_item');
} else {
redirect('rewards.php?error=2');
}
}
function general()
{
global $output, $corem_db, $world_db, $core;
// we need $core to be set
if ($core == 0) {
$core = detectcore();
}
$sqlm = new SQL();
$sqlm->connect($corem_db["addr"], $corem_db["user"], $corem_db["pass"], $corem_db["name"], $corem_db["encoding"]);
$sqlw = new SQL();
$sqlw->connect($world_db[1]["addr"], $world_db[1]["user"], $world_db[1]["pass"], $world_db[1]["name"], $world_db[1]["encoding"]);
$subsection = isset($_GET["subsection"]) ? $sqlm->quote_smart($_GET["subsection"]) : 1;
$output .= '
<table id="sidebar">
<tr>
<td ' . ($subsection == "more" ? 'class="current"' : '') . '>
<a href="admin.php?section=general&subsection=more">' . lang("admin", "more") . '</a>
</td>
</tr>
<tr>
<td ' . ($subsection == "version" ? 'class="current"' : '') . '>
<a href="admin.php?section=general&subsection=version">' . lang("admin", "version") . '</a>
</td>
</tr>
<tr>
<td ' . ($subsection == "mail" ? 'class="current"' : '') . '>
<a href="admin.php?section=general&subsection=mail">' . lang("admin", "mail") . '</a>
</td>
</tr>
<tr>
<td ' . ($subsection == "irc" ? 'class="current"' : '') . '>
<a href="admin.php?section=general&subsection=irc">' . lang("admin", "irc") . '</a>
</td>
</tr>
<tr>
<td ' . ($subsection == "proxy" ? 'class="current"' : '') . '>
<a href="admin.php?section=general&subsection=proxy">' . lang("admin", "proxy") . '</a>
</td>
</tr>
<tr>
<td ' . ($subsection == "datasite" ? 'class="current"' : '') . '>
<a href="admin.php?section=general&subsection=datasite">' . lang("admin", "datasite") . '</a>
</td>
</tr>
<tr>
<td ' . ($subsection == "acctcreation" ? 'class="current"' : '') . '>
<a href="admin.php?section=general&subsection=acctcreation">' . lang("admin", "acct_creation") . '</a>
</td>
</tr>
<tr>
<td ' . ($subsection == "guests" ? 'class="current"' : '') . '>
<a href="admin.php?section=general&subsection=guests">' . lang("admin", "guests") . '</a>
</td>
</tr>
<tr>
<td ' . ($subsection == "extratools" ? 'class="current"' : '') . '>
<a href="admin.php?section=general&subsection=extratools">' . lang("admin", "extra_tools") . '</a>
</td>
</tr>
<tr>
<td ' . ($subsection == "internalmap" ? 'class="current"' : '') . '>
<a href="admin.php?section=general&subsection=internalmap">' . lang("admin", "internal_map") . '</a>
</td>
</tr>
<tr>
<td ' . ($subsection == "validip" ? 'class="current"' : '') . '>
<a href="admin.php?section=general&subsection=validip">' . lang("admin", "validip") . '</a>
</td>
</tr>
<tr>
<td ' . ($subsection == "ads" ? 'class="current"' : '') . '>
<a href="admin.php?section=general&subsection=ads">' . lang("admin", "ads") . '</a>
</td>
</tr>
<tr>
<td ' . ($subsection == "gmlevels" ? 'class="current"' : '') . '>
<a href="admin.php?section=general&subsection=gmlevels">' . lang("admin", "gm_levels") . '</a>
</td>
</tr>
</table>';
if (isset($_GET["error"])) {
$output .= '
<div id="misc_error">';
} else {
$output .= '
<div id="misc">';
}
$sub_action = isset($_GET["subaction"]) ? $_GET["subaction"] : '';
switch ($subsection) {
case "version":
if (!$sub_action) {
$show_version_show = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Show_Version_Show'"));
$show_version_version = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Show_Version_Version'"));
$show_version_version_lvl = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Show_Version_Version_Lvl'"));
$show_version_revision = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Show_Version_SVNRev'"));
$show_version_revision_lvl = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Show_Version_SVNRev_Lvl'"));
$output .= '
<form action="admin.php" method="get" id="form">
<div>
<input type="hidden" name="section" value="general" />
<input type="hidden" name="subaction" value="saveversion" />
<input type="hidden" name="subsection" value="version" />
</div>
<table class="simple">
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "show_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "show") . '</a>:
</td>
<td>
<select name="showversion" id="admin_showversion_field">
<option value="0" ' . ($show_version_show["Value"] == 0 ? 'selected="selected"' : '') . '>' . lang("admin", "dontshow") . '</option>
<option value="1" ' . ($show_version_show["Value"] == 1 ? 'selected="selected"' : '') . 'disabled="disabled">' . lang("admin", "version") . '</option>
<option value="2"' . ($show_version_show["Value"] == 2 ? 'selected="selected"' : '') . '>' . lang("admin", "verrev") . '</option>
</select>
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "version_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "version") . '</a>:
</td>
<td>
<input type="text" name="version" value="' . $show_version_version["Value"] . '" readonly="readonly" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "versionlvl_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "versionlvl") . '</a>:
</td>
<td>
<input type="text" name="versionlvl" value="' . $show_version_version_lvl["Value"] . '" readonly="readonly" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "revision_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "revision") . '</a>:
</td>
<td>
<input type="text" name="revision" value="' . $show_version_revision["Value"] . '" readonly="readonly" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "revisionlvl_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "revisionlvl") . '</a>:
</td>
<td>
<input type="text" name="revisionlvl" value="' . $show_version_revision_lvl["Value"] . '" />
</td>
</tr>
</table>
<div>
<input type="submit" name="save" value="' . lang("admin", "save") . '" />
</div>
</form>';
} else {
$show_version = $sqlm->quote_smart($_GET["showversion"]);
$version = $sqlm->quote_smart($_GET["version"]);
$version_lvl = $sqlm->quote_smart($_GET["versionlvl"]);
$revision = $sqlm->quote_smart($_GET["revision"]);
$revision_lvl = $sqlm->quote_smart($_GET["revisionlvl"]);
$result = $sqlm->query("UPDATE config_misc SET Value='" . $show_version . "' WHERE `Key`='Show_Version_Show'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $version . "' WHERE `Key`='Show_Version_Version'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $version_lvl . "' WHERE `Key`='Show_Version_Version_Lvl'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $revision . "' WHERE `Key`='Show_Version_SVNRev'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $revision_lvl . "' WHERE `Key`='Show_Version_SVNRev_Lvl'");
redirect("admin.php?section=general&subsection=version");
}
break;
case "mail":
if (!$sub_action) {
$mail_admin_email = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Mail_Admin_Email'"));
$mail_mailer_type = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Mail_Mailer_Type'"));
$mail_from_email = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Mail_From_Email'"));
$mail_gmailsender = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Mail_GMailSender'"));
$format_mail_html = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Format_Mail_HTML'"));
$smtp_host = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='SMTP_Host'"));
$smtp_port = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='SMTP_Port'"));
$smtp_user = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='SMTP_User'"));
$smtp_pass = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='SMTP_Pass'"));
$pm_from_char = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='PM_From_Char'"));
$pm_stationary = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='PM_Stationary'"));
$url_path = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='URL_Path'"));
$output .= '
<form action="admin.php" method="get" id="form">
<div>
<input type="hidden" name="section" value="general" />
<input type="hidden" name="subaction" value="savemail" />
<input type="hidden" name="subsection" value="mail" />
</div>
<table class="simple">
<tr>
<td colspan="2"><b>' . lang("admin", "email") . '</b></td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "adminemail_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "adminemail") . '</a>:
</td>
<td>
<input type="text" name="adminemail" value="' . $mail_admin_email["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "mailertype_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "mailertype") . '</a>:
</td>
<td>
<select name="mailertype" id="admin_mailertype_field">
<option value="mail" ' . ($mail_mailer_type["Value"] == "mail" ? 'selected="selected" ' : '') . '>' . lang("admin", "mail") . '</option>
<option value="sendmail" ' . ($mail_mailer_type["Value"] == "sendmail" ? 'selected="selected" ' : '') . '>' . lang("admin", "sendmail") . '</option>
<option value="smtp"' . ($mail_mailer_type["Value"] == "smtp" ? 'selected="selected" ' : '') . '>' . lang("admin", "smtp") . '</option>
<option value="gmailsmtp"' . ($mail_gmailsender["Value"] == 1 ? 'selected="selected" ' : '') . '>' . lang("admin", "gmailsmtp") . '</option>
</select>
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "fromemail_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "fromemail") . '</a>:
</td>
<td>
<input type="text" name="fromemail" value="' . $mail_from_email["Value"] . '" />
</td>
</tr>
<!-- tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "usegmail_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "usegmail") . '</a>:
</td>
<td>
<input type="checkbox" name="gmail" ' . ($mail_gmailsender["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr -->
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "formathtml_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "formathtml") . '</a>:
</td>
<td>
<input type="checkbox" name="usehtml" ' . ($format_mail_html["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "urlpath_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "urlpath") . '</a>:
</td>
<td>
<input type="text" name="urlpath" value="' . $url_path["Value"] . '" />
</td>
</tr>
<tr>
<td colspan="2">
<b>' . lang("admin", "smtp") . '</b>
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "smtphost_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "smtphost") . '</a>:
</td>
<td>
<input type="text" name="smtphost" value="' . $smtp_host["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "smtpport_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "smtpport") . '</a>:
</td>
<td>
<input type="text" name="smtpport" value="' . $smtp_port["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "smtpuser_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "smtpuser") . '</a>:
</td>
<td>
<input type="text" name="smtpuser" value="' . $smtp_user["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "smtppass_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "smtppass") . '</a>:
</td>
<td>
<input type="text" name="smtppass" value="' . $smtp_pass["Value"] . '" />
</td>
</tr>';
if ($core == 1) {
$output .= '
<tr>
<td colspan="2">
<b>' . lang("admin", "pm") . '</b>
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "pmfrom_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "pmfrom") . '</a>:
</td>
<td>
<input type="text" name="fromchar" value="' . $pm_from_char["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "pmstation_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "pmstation") . '</a>:
</td>
<td>
<input type="text" name="stationary" value="' . $pm_stationary["Value"] . '" />
</td>
</tr>';
}
$output .= '
</table>
<div>
<input type="submit" name="save" value="' . lang("admin", "save") . '" />
</div>
</form>';
} else {
$mail_admin_email = $sqlm->quote_smart($_GET["adminemail"]);
$mail_mailer_type = $sqlm->quote_smart($_GET["mailertype"]);
$mail_from_email = $sqlm->quote_smart($_GET["fromemail"]);
if ($mail_mailer_type == "gmailsmtp") {
$mail_gmailsender = 1;
} else {
$mail_gmailsender = 0;
}
$format_mail_html = isset($_GET["usehtml"]) ? 1 : 0;
$smtp_host = $sqlm->quote_smart($_GET["smtphost"]);
$smtp_port = $sqlm->quote_smart($_GET["smtpport"]);
$smtp_user = $sqlm->quote_smart($_GET["smtpuser"]);
$smtp_pass = $sqlm->quote_smart($_GET["smtppass"]);
$pm_from_char = isset($_GET["fromchar"]) ? $sqlm->quote_smart($_GET["fromchar"]) : 1;
$pm_stationary = isset($_GET["stationary"]) ? $sqlm->quote_smart($_GET["stationary"]) : 41;
$url_path = $sqlm->quote_smart($_GET["urlpath"]);
// clean up $url_path in case user can't read
if ($url_path != "" && $url_path[0] != "/") {
$url_path = "/" . $url_path;
}
if ($url_path == "/") {
$url_path = "";
}
$result = $sqlm->query("UPDATE config_misc SET Value='" . $mail_admin_email . "' WHERE `Key`='Mail_Admin_Email'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $mail_mailer_type . "' WHERE `Key`='Mail_Mailer_Type'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $mail_from_email . "' WHERE `Key`='Mail_From_Email'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $mail_gmailsender . "' WHERE `Key`='Mail_GMailSender'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $format_mail_html . "' WHERE `Key`='Format_Mail_HTML'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $smtp_host . "' WHERE `Key`='SMTP_Host'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $smtp_port . "' WHERE `Key`='SMTP_Port'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $smtp_user . "' WHERE `Key`='SMTP_User'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $smtp_pass . "' WHERE `Key`='SMTP_Pass'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $pm_from_char . "' WHERE `Key`='PM_From_Char'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $pm_stationary . "' WHERE `Key`='PM_Stationary'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $url_path . "' WHERE `Key`='URL_Path'");
redirect("admin.php?section=general&subsection=mail");
}
break;
case "irc":
if (!$sub_action) {
$irc_host = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='IRC_Server'"));
$irc_port = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='IRC_Port'"));
$irc_channel = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='IRC_Channel'"));
$irc_helppage = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='IRC_HelpPage'"));
$output .= '
<form action="admin.php" method="get" id="form">
<div>
<input type="hidden" name="section" value="general" />
<input type="hidden" name="subaction" value="saveirc" />
<input type="hidden" name="subsection" value="irc" />
</div>
<table class="simple">
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "irchost_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "irchost") . '</a>:
</td>
<td>
<input type="text" name="irchost" value="' . $irc_host["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "ircport_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "ircport") . '</a>:
</td>
<td>
<input type="text" name="ircport" value="' . $irc_port["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "ircchannel_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "ircchannel") . '</a>:
</td>
<td>
<input type="text" name="ircchannel" value="' . $irc_channel["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "irchelppage_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "irchelppage") . '</a>:
</td>
<td>
<input type="text" name="irchelppage" value="' . $irc_helppage["Value"] . '" readonly="readonly" />
</td>
</tr>
</table>
<div>
<input type="submit" name="save" value="' . lang("admin", "save") . '" />
</div>
</form>';
} else {
$irc_host = $sqlm->quote_smart($_GET["irchost"]);
$irc_port = $sqlm->quote_smart($_GET["ircport"]);
$irc_channel = $sqlm->quote_smart($_GET["ircchannel"]);
$irc_helppage = $sqlm->quote_smart($_GET["irchelppage"]);
$result = $sqlm->query("UPDATE config_misc SET Value='" . $irc_host . "' WHERE `Key`='IRC_Server'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $irc_port . "' WHERE `Key`='IRC_Port'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $irc_channel . "' WHERE `Key`='IRC_Channel'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $irc_helppage . "' WHERE `Key`='IRC_HelpPage'");
redirect("admin.php?section=general&subsection=irc");
}
break;
case "proxy":
if (!$sub_action) {
$proxy_host = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Proxy_Addr'"));
$proxy_port = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Proxy_Port'"));
$proxy_user = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Proxy_User'"));
$proxy_pass = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Proxy_Pass'"));
$output .= '
<form action="admin.php" method="get" id="form">
<div>
<input type="hidden" name="section" value="general" />
<input type="hidden" name="subaction" value="saveproxy" />
<input type="hidden" name="subsection" value="proxy" />
</div>
<table class="simple">
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "proxyhost_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "proxyhost") . '</a>:
</td>
<td>
<input type="text" name="proxyhost" value="' . $proxy_host["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "proxyport_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "proxyport") . '</a>:
</td>
<td>
<input type="text" name="proxyport" value="' . $proxy_port["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "proxyuser_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "proxyuser") . '</a>:
</td>
<td>
<input type="text" name="proxyuser" value="' . $proxy_user["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "proxypass_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "proxypass") . '</a>:
</td>
<td>
<input type="text" name="proxypass" value="' . $proxy_pass["Value"] . '" />
</td>
</tr>
</table>
<div>
<input type="submit" name="save" value="' . lang("admin", "save") . '" />
</div>
</form>';
} else {
$proxy_host = $sqlm->quote_smart($_GET["proxyhost"]);
$proxy_port = $sqlm->quote_smart($_GET["proxyport"]);
$proxy_user = $sqlm->quote_smart($_GET["proxyuser"]);
$proxy_pass = $sqlm->quote_smart($_GET["proxypass"]);
$result = $sqlm->query("UPDATE config_misc SET Value='" . $proxy_host . "' WHERE `Key`='Proxy_Addr'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $proxy_port . "' WHERE `Key`='Proxy_Port'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $proxy_user . "' WHERE `Key`='Proxy_User'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $proxy_pass . "' WHERE `Key`='Proxy_Pass'");
redirect("admin.php?section=general&subsection=proxy");
}
break;
case "datasite":
if (!$sub_action) {
$datasite_tooltip_script_src = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Tooltip_Script_Src'"));
$datasite_base = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Datasite_Base'"));
$datasite_name = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Datasite_Name'"));
$datasite_item = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Datasite_Item'"));
$datasite_quest = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Datasite_Quest'"));
$datasite_creature = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Datasite_Creature'"));
$datasite_spell = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Datasite_Spell'"));
$datasite_skill = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Datasite_Skill'"));
$datasite_go = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Datasite_GO'"));
$datasite_achieve = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Datasite_Achievement'"));
$output .= '
<form action="admin.php" method="get" id="form">
<div>
<input type="hidden" name="section" value="general" />
<input type="hidden" name="subaction" value="savedatasite" />
<input type="hidden" name="subsection" value="datasite" />
</div>
<table class="simple" id="admin_datasite">
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "datasitetooltipscriptsrc_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "datasitetooltipscriptsrc") . '</a>:
</td>
<td>
<input type="text" name="datasitetooltipscriptsrc" value="' . $datasite_tooltip_script_src["Value"] . '" size="50" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "datasitebase_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "datasitebase") . '</a>:
</td>
<td>
<input type="text" name="datasitebase" value="' . $datasite_base["Value"] . '" size="50" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "datasitename_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "datasitename") . '</a>:
</td>
<td>
<input type="text" name="datasitename" value="' . $datasite_name["Value"] . '" size="50" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "datasiteitem_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "datasiteitem") . '</a>:
</td>
<td>
<input type="text" name="datasiteitem" value="' . $datasite_item["Value"] . '" size="50" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "datasitequest_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "datasitequest") . '</a>:
</td>
<td>
<input type="text" name="datasitequest" value="' . $datasite_quest["Value"] . '" size="50" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "datasitecreature_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "datasitecreature") . '</a>:
</td>
<td>
<input type="text" name="datasitecreature" value="' . $datasite_creature["Value"] . '" size="50" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "datasitespell_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "datasitespell") . '</a>:
</td>
<td>
<input type="text" name="datasitespell" value="' . $datasite_spell["Value"] . '" size="50" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "datasiteskill_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "datasiteskill") . '</a>:
</td>
<td>
<input type="text" name="datasiteskill" value="' . $datasite_skill["Value"] . '" size="50" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "datasitego_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "datasitego") . '</a>:
</td>
<td>
<input type="text" name="datasitego" value="' . $datasite_go["Value"] . '" size="50" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "datasiteachieve_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "datasiteachieve") . '</a>:
</td>
<td>
<input type="text" name="datasiteachieve" value="' . $datasite_achieve["Value"] . '" size="50" />
</td>
</tr>
</table>
<div>
<input type="submit" name="save" value="' . lang("admin", "save") . '" />
</div>
</form>';
} else {
$datasite_tooltip_script_src = $sqlm->quote_smart($_GET["datasitetooltipscriptsrc"]);
$datasite_base = $sqlm->quote_smart($_GET["datasitebase"]);
$datasite_name = $sqlm->quote_smart($_GET["datasitename"]);
$datasite_item = $sqlm->quote_smart($_GET["datasiteitem"]);
$datasite_quest = $sqlm->quote_smart($_GET["datasitequest"]);
$datasite_creature = $sqlm->quote_smart($_GET["datasitecreature"]);
$datasite_spell = $sqlm->quote_smart($_GET["datasitespell"]);
$datasite_skill = $sqlm->quote_smart($_GET["datasiteskill"]);
$datasite_go = $sqlm->quote_smart($_GET["datasitego"]);
$datasite_achieve = $sqlm->quote_smart($_GET["datasiteachieve"]);
$result = $sqlm->query("UPDATE config_misc SET Value='" . $datasite_tooltip_script_src . "' WHERE `Key`='Tooltip_Script_Src'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $datasite_base . "' WHERE `Key`='Datasite_Base'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $datasite_name . "' WHERE `Key`='Datasite_Name'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $datasite_item . "' WHERE `Key`='Datasite_Item'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $datasite_quest . "' WHERE `Key`='Datasite_Quest'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $datasite_creature . "' WHERE `Key`='Datasite_Creature'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $datasite_spell . "' WHERE `Key`='Datasite_Spell'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $datasite_skill . "' WHERE `Key`='Datasite_Skill'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $datasite_go . "' WHERE `Key`='Datasite_GO'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $datasite_achieve . "' WHERE `Key`='Datasite_Achievement'");
redirect("admin.php?section=general&subsection=datasite");
}
break;
case "acctcreation":
if (!$sub_action) {
$disable_acc_creation = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Disable_Acc_Creation'"));
$invite_only = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Invitation_Only'"));
$disable_reg_invite = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Disable_Invitation'"));
$expansion_select = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Expansion_Select'"));
$default_expansion = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Default_Expansion'"));
$enabled_captcha = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Enabled_Captcha'"));
$using_recaptcha = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Use_Recaptcha'"));
$publickey = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Recaptcha_Public_Key'"));
$privatekey = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Recaptcha_Private_Key'"));
$send_mail_on_creation = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Send_Mail_On_Creation'"));
$send_confirmation_mail_on_creation = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Send_Confirmation_Mail_On_Creation'"));
$validate_mail_host = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Validate_Mail_Host'"));
$limit_acc_per_ip = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Limit_Acc_Per_IP'"));
$output .= '
<form action="admin.php" method="get" id="form">
<div>
<input type="hidden" name="section" value="general" />
<input type="hidden" name="subaction" value="saveacctcreation" />
<input type="hidden" name="subsection" value="acctcreation" />
</div>
<table class="simple" id="admin_acct_creation">
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "disableacccreation_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "disableacccreation") . '</a>:
</td>
<td>
<input type="checkbox" name="disableacccreation" ' . ($disable_acc_creation["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "inviteonly_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "inviteonly") . '</a>:
</td>
<td>
<input type="checkbox" name="inviteonly" ' . ($invite_only["Value"] == 1 ? 'checked="checked"' : '') . ' ' . ($disable_acc_creation["Value"] == 1 ? '' : 'disabled="disabled"') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "disablereginvite_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "disablereginvite") . '</a>:
</td>
<td>
<input type="checkbox" name="disablereginvite" ' . ($disable_reg_invite["Value"] == 1 ? 'checked="checked"' : '') . ' ' . ($invite_only["Value"] == 0 ? '' : 'disabled="disabled"') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "expansionselect_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "expansionselect") . '</a>:
</td>
<td>
<input type="checkbox" name="expansionselect" ' . ($expansion_select["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "defaultexpansion_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "defaultexpansion") . '</a>:
</td>
<td>
<select name="defaultexpansion">';
if ($core == 1) {
$output .= '
<option value="0" ' . ($default_expansion["Value"] == 0 ? 'selected="selected"' : '') . '>Classic</option>
<option value="8" ' . ($default_expansion["Value"] == 8 ? 'selected="selected"' : '') . '>BC</option>
<option value="16" ' . ($default_expansion["Value"] == 16 ? 'selected="selected"' : '') . '>WotLK</option>
<option value="24" ' . ($default_expansion["Value"] == 24 ? 'selected="selected"' : '') . '>WotLK+BC</option>';
} else {
$output .= '
<option value="0" ' . ($default_expansion["Value"] == 0 ? 'selected="selected"' : '') . '>Classic</option>
<option value="1" ' . ($default_expansion["Value"] == 1 ? 'selected="selected"' : '') . '>BC</option>
<option value="2" ' . ($default_expansion["Value"] == 2 ? 'selected="selected"' : '') . '>WotLK+BC</option>';
}
$output .= '
</select>
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "enabledcaptcha_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "enabledcaptcha") . '</a>:
</td>
<td>
<input type="checkbox" name="enabledcaptcha" ' . ($enabled_captcha["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "userecaptcha_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "userecaptcha") . '</a>:
</td>
<td>
<input type="checkbox" name="userecaptcha" ' . ($using_recaptcha["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "publickey_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "publickey") . '</a>:
</td>
<td>
<input type="text" name="publickey" value="' . $publickey["Value"] . '" size="52" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "privatekey_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "privatekey") . '</a>:
</td>
<td>
<input type="text" name="privatekey" value="' . $privatekey["Value"] . '" size="52" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "sendmailoncreation_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "sendmailoncreation") . '</a>:
</td>
<td>
<input type="checkbox" name="sendmailoncreation" ' . ($send_mail_on_creation["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "sendconfirmmailoncreation_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "sendconfirmmailoncreation") . '</a>:
</td>
<td>
<input type="checkbox" name="sendconfirmmailoncreation" ' . ($send_confirmation_mail_on_creation["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "validatemailhost_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "validatemailhost") . '</a>:
</td>
<td>
<input type="checkbox" name="validatemailhost" ' . ($validate_mail_host["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "limitaccperip_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "limitaccperip") . '</a>:
</td>
<td>
<input type="checkbox" name="limitaccperip" ' . ($limit_acc_per_ip["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
</table>
<div>
<input type="submit" name="save" value="' . lang("admin", "save") . '" />
</div>
</form>';
} else {
$disable_acc_creation = isset($_GET["disableacccreation"]) ? 1 : 0;
$invite_only = isset($_GET["inviteonly"]) ? 1 : 0;
$disable_reg_invite = isset($_GET["disablereginvite"]) ? 1 : 0;
$expansion_select = isset($_GET["expansionselect"]) ? 1 : 0;
$default_expansion = $sqlm->quote_smart($_GET["defaultexpansion"]);
$enabled_captcha = isset($_GET["enabledcaptcha"]) ? 1 : 0;
$using_recaptcha = isset($_GET["userecaptcha"]) ? 1 : 0;
$publickey = $sqlm->quote_smart($_GET["publickey"]);
$privatekey = $sqlm->quote_smart($_GET["privatekey"]);
$send_mail_on_creation = isset($_GET["sendmailoncreation"]) ? 1 : 0;
$send_confirmation_mail_on_creation = isset($_GET["sendconfirmmailoncreation"]) ? 1 : 0;
$validate_mail_host = isset($_GET["validatemailhost"]) ? 1 : 0;
$limit_acc_per_ip = isset($_GET["limitaccperip"]) ? 1 : 0;
$result = $sqlm->query("UPDATE config_misc SET Value='" . $disable_acc_creation . "' WHERE `Key`='Disable_Acc_Creation'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $invite_only . "' WHERE `Key`='Invitation_Only'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $disable_reg_invite . "' WHERE `Key`='Disable_Invitation'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $expansion_select . "' WHERE `Key`='Expansion_Select'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $default_expansion . "' WHERE `Key`='Default_Expansion'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $enabled_captcha . "' WHERE `Key`='Enabled_Captcha'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $using_recaptcha . "' WHERE `Key`='Use_Recaptcha'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $publickey . "' WHERE `Key`='Recaptcha_Public_Key'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $privatekey . "' WHERE `Key`='Recaptcha_Private_Key'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $send_mail_on_creation . "' WHERE `Key`='Send_Mail_On_Creation'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $send_confirmation_mail_on_creation . "' WHERE `Key`='Send_Confirmation_Mail_On_Creation'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $validate_mail_host . "' WHERE `Key`='Validate_Mail_Host'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $limit_acc_per_ip . "' WHERE `Key`='Limit_Acc_Per_IP'");
redirect("admin.php?section=general&subsection=acctcreation");
}
break;
case "guests":
if (!$sub_action) {
$acp_allow_anony = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Allow_Anony'"));
$acp_anony_name = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Anony_Name'"));
$acp_anony_realm_id = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Anony_Realm_ID'"));
$output .= '
<form action="admin.php" method="get" id="form">
<div>
<input type="hidden" name="section" value="general" />
<input type="hidden" name="subaction" value="saveguests" />
<input type="hidden" name="subsection" value="guests" />
</div>
<table class="simple">
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "allowanony_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "allowanony") . '</a>:
</td>
<td>
<input type="checkbox" name="allowanony" ' . ($acp_allow_anony["Value"] == 1 ? 'checked="checked"' : '') . ' disabled="disabled" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "anonyname_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "anonyname") . '</a>:
</td>
<td>
<input type="text" name="anonyname" value="' . $acp_anony_name["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "anonyrealmid_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "anonyrealmid") . '</a>:
</td>
<td>
<input type="text" name="anonyrealmid" value="' . $acp_anony_realm_id["Value"] . '" />
</td>
</tr>
</table>
<div>
<input type="submit" name="save" value="' . lang("admin", "save") . '" />
</div>
</form>';
} else {
// Allow Anonymous is disabled but must stay checked
$acp_allow_anony = 1;
$acp_anony_name = $sqlm->quote_smart($_GET["anonyname"]);
$acp_anony_realm_id = $sqlm->quote_smart($_GET["anonyrealmid"]);
$result = $sqlm->query("UPDATE config_misc SET Value='" . $acp_allow_anony . "' WHERE `Key`='Allow_Anony'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $acp_anony_name . "' WHERE `Key`='Anony_Name'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $acp_anony_realm_id . "' WHERE `Key`='Anony_Realm_ID'");
redirect("admin.php?section=general&subsection=guests");
}
break;
case "extratools":
if (!$sub_action) {
if (isset($_GET["newdisable"])) {
$query = "INSERT IGNORE INTO ultravendor_disables VALUE ('" . $_GET["newdisable"] . "')";
$result = $sqlm->query($query);
}
if (isset($_GET["delete"])) {
$query = "DELETE FROM ultravendor_disables WHERE itemid='" . $_GET["delete"] . "'";
$result = $sqlm->query($query);
}
$quest_item_vendor_level_mul = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Quest_Item_Vendor_Level_Mul'"));
$quest_item_vendor_rew_mul = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Quest_Item_Vendor_Rew_Mul'"));
$ultra_vendor_mult_0 = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Ultra_Vendor_Mult_0'"));
$ultra_vendor_mult_1 = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Ultra_Vendor_Mult_1'"));
$ultra_vendor_mult_2 = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Ultra_Vendor_Mult_2'"));
$ultra_vendor_mult_3 = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Ultra_Vendor_Mult_3'"));
$ultra_vendor_mult_4 = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Ultra_Vendor_Mult_4'"));
$ultra_vendor_mult_5 = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Ultra_Vendor_Mult_5'"));
$ultra_vendor_mult_6 = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Ultra_Vendor_Mult_6'"));
$ultra_vendor_mult_7 = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Ultra_Vendor_Mult_7'"));
$ultra_vendor_base = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Ultra_Vendor_Base'"));
$ultra_vendor_max_item_level = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Ultra_Vendor_Max_Item_Level'"));
$ultra_vendor_max_item_req_level = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Ultra_Vendor_Max_Item_Req_Level'"));
$dis_query = "SELECT * FROM ultravendor_disables";
$dis_result = $sqlm->query($dis_query);
$output .= '
<form action="admin.php" method="get" id="form">
<div>
<input type="hidden" name="section" value="general" />
<input type="hidden" name="subaction" value="saveextratools" />
<input type="hidden" name="subsection" value="extratools" />
</div>
<table class="simple">
<tr>
<td colspan="2">
<b>' . lang("admin", "questitemvendor") . '</b>
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "questitemvendorlevelmul_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "questitemvendorlevelmul") . '</a>:
</td>
<td>
<input type="text" name="questitemvendorlevelmul" value="' . $quest_item_vendor_level_mul["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "questitemvendorrewmul_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "questitemvendorrewmul") . '</a>:
</td>
<td>
<input type="text" name="questitemvendorrewmul" value="' . $quest_item_vendor_rew_mul["Value"] . '" />
</td>
</tr>
<tr>
<td colspan="2">
<b>' . lang("admin", "ultravendor") . '</b>
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "ultravendormult0_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "ultravendormult0") . '</a>:
</td>
<td>
<input type="text" name="ultravendormult0" value="' . $ultra_vendor_mult_0["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "ultravendormult1_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "ultravendormult1") . '</a>:
</td>
<td>
<input type="text" name="ultravendormult1" value="' . $ultra_vendor_mult_1["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "ultravendormult2_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "ultravendormult2") . '</a>:
</td>
<td>
<input type="text" name="ultravendormult2" value="' . $ultra_vendor_mult_2["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "ultravendormult3_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "ultravendormult3") . '</a>:
</td>
<td>
<input type="text" name="ultravendormult3" value="' . $ultra_vendor_mult_3["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "ultravendormult4_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "ultravendormult4") . '</a>:
</td>
<td>
<input type="text" name="ultravendormult4" value="' . $ultra_vendor_mult_4["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "ultravendormult5_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "ultravendormult5") . '</a>:
</td>
<td>
<input type="text" name="ultravendormult5" value="' . $ultra_vendor_mult_5["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "ultravendormult6_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "ultravendormult6") . '</a>:
</td>
<td>
<input type="text" name="ultravendormult6" value="' . $ultra_vendor_mult_6["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "ultravendormult7_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "ultravendormult7") . '</a>:
</td>
<td>
<input type="text" name="ultravendormult7" value="' . $ultra_vendor_mult_7["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "ultravendorbase_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "ultravendorbase") . '</a>:
</td>
<td>
<input type="text" name="ultravendorbase" value="' . $ultra_vendor_base["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "ultravendormaxitemlevel_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "ultravendormaxitemlevel") . '</a>:
</td>
<td>
<input type="text" name="ultravendormaxitemlevel" value="' . $ultra_vendor_max_item_level["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "ultravendormaxitemreqlevel_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "ultravendormaxitemreqlevel") . '</a>:
</td>
<td>
<input type="text" name="ultravendormaxitemreqlevel" value="' . $ultra_vendor_max_item_req_level["Value"] . '" />
</td>
</tr>
</table>
<div>
<input type="submit" name="save" value="' . lang("admin", "save") . '" />
</div>
</form>
<br />
<div>
<span>' . lang("admin", "disabledinfo") . ':</span>
<table class="simple">
<tr>
<th class="disabled_remove_item_th"> </th>
<th class="disabled_item_th">' . lang("admin", "disableditem") . '</th>
<th> </th>
</tr>';
while ($row = $sqlm->fetch_assoc($dis_result)) {
if ($core == 1) {
$item_query = "SELECT name1, name FROM items\r\n LEFT JOIN itemnames ON itemnames.entry=items.entry\r\n WHERE entry='" . $row["itemid"] . "'";
} else {
$item_query = "SELECT 0 AS name1, name FROM item_template\r\n WHERE entry='" . $row["itemid"] . "'";
}
$item_result = $sqlw->query($item_query);
$item_result = $sqlw->fetch_assoc($item_result);
// Trinity and MaNGOS will always follow the else
// (at least until we add locales_item support here)
if ($item_result["name1"] != 0) {
$item_name = $item_result["name1"];
} else {
$item_name = $item_result["name"];
}
$output .= '
<tr>
<td class="disabled_item_id_td">
<a href="admin.php?section=general&subsection=extratools&delete=' . $row["itemid"] . '">
<img src="img/aff_cross.png" alt="" />
</a>
</td>
<td class="disabled_item_id_td">' . $row["itemid"] . '</td>
<td>' . $item_name . '</td>
</tr>';
}
$output .= '
<tr>
<td colspan="2">
<a id="link" href="#" onclick="admin_extratools_disable()">
<img src="img/add.png" alt="" />
<span>' . lang("admin", "disabledadd") . ':</span>
</a>
</td>
<td>
<input type="text" id="new_dis" />
</td>
</tr>
</table>
</div>';
} else {
$quest_item_vendor_level_mul = $sqlm->quote_smart($_GET["questitemvendorlevelmul"]);
$quest_item_vendor_rew_mul = $sqlm->quote_smart($_GET["questitemvendorrewmul"]);
$ultra_vendor_mult_0 = $sqlm->quote_smart($_GET["ultravendormult0"]);
$ultra_vendor_mult_1 = $sqlm->quote_smart($_GET["ultravendormult1"]);
$ultra_vendor_mult_2 = $sqlm->quote_smart($_GET["ultravendormult2"]);
$ultra_vendor_mult_3 = $sqlm->quote_smart($_GET["ultravendormult3"]);
$ultra_vendor_mult_4 = $sqlm->quote_smart($_GET["ultravendormult4"]);
$ultra_vendor_mult_5 = $sqlm->quote_smart($_GET["ultravendormult5"]);
$ultra_vendor_mult_6 = $sqlm->quote_smart($_GET["ultravendormult6"]);
$ultra_vendor_mult_7 = $sqlm->quote_smart($_GET["ultravendormult7"]);
$ultra_vendor_base = $sqlm->quote_smart($_GET["ultravendorbase"]);
$ultra_vendor_max_item_level = $sqlm->quote_smart($_GET["ultravendormaxitemlevel"]);
$ultra_vendor_max_item_req_level = $sqlm->quote_smart($_GET["ultravendormaxitemreqlevel"]);
$result = $sqlm->query("UPDATE config_misc SET Value='" . $quest_item_vendor_level_mul . "' WHERE `Key`='Quest_Item_Vendor_Level_Mul'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $quest_item_vendor_rew_mul . "' WHERE `Key`='Quest_Item_Vendor_Rew_Mul'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $ultra_vendor_mult_0 . "' WHERE `Key`='Ultra_Vendor_Mult_0'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $ultra_vendor_mult_1 . "' WHERE `Key`='Ultra_Vendor_Mult_1'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $ultra_vendor_mult_2 . "' WHERE `Key`='Ultra_Vendor_Mult_2'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $ultra_vendor_mult_3 . "' WHERE `Key`='Ultra_Vendor_Mult_3'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $ultra_vendor_mult_4 . "' WHERE `Key`='Ultra_Vendor_Mult_4'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $ultra_vendor_mult_5 . "' WHERE `Key`='Ultra_Vendor_Mult_5'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $ultra_vendor_mult_6 . "' WHERE `Key`='Ultra_Vendor_Mult_6'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $ultra_vendor_mult_7 . "' WHERE `Key`='Ultra_Vendor_Mult_7'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $ultra_vendor_base . "' WHERE `Key`='Ultra_Vendor_Base'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $ultra_vendor_max_item_level . "' WHERE `Key`='Ultra_Vendor_Max_Item_Level'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $ultra_vendor_max_item_req_level . "' WHERE `Key`='Ultra_Vendor_Max_Item_Req_Level'");
redirect("admin.php?section=general&subsection=extratools");
}
break;
case "internalmap":
if (!$sub_action) {
$map_gm_show_online_only_gmoff = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Map_GM_Show_Online_Only_GMOff'"));
$map_gm_show_online_only_gmvisible = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Map_GM_Show_Online_Only_GMVisible'"));
$map_gm_add_suffix = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Map_GM_Add_Suffix'"));
$map_status_gm_include_all = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Map_Status_GM_Include_All'"));
$map_show_status = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Map_Show_Status'"));
$map_show_timer = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Map_Show_Timer'"));
$map_timer = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Map_Timer'"));
$map_show_online = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Map_Show_Online'"));
$map_time_to_show_uptime = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Map_Time_To_Show_Uptime'"));
$map_time_to_show_maxonline = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Map_Time_To_Show_MaxOnline'"));
$map_time_to_show_gmonline = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Map_Time_To_Show_GMOnline'"));
$output .= '
<form action="admin.php" method="get" id="form">
<div>
<input type="hidden" name="section" value="general" />
<input type="hidden" name="subaction" value="saveinternalmap" />
<input type="hidden" name="subsection" value="internalmap" />
</div>
<table class="simple">
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "statusgmincludeall_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "statusgmincludeall") . '</a>:
</td>
<td>
<input type="checkbox" name="statusgmincludeall" ' . ($map_status_gm_include_all["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<!-- tr>
<td class="help"><a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "gmshowonlineonlygmoff_tip") . '\',\'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "gmshowonlineonlygmoff") . '</a>: </td>
<td><input type="checkbox" name="gmshowonlineonlygmoff" ' . ($map_gm_show_online_only_gmoff["Value"] == 1 ? 'checked="checked"' : '') . ' /></td>
</tr>
<tr>
<td class="help"><a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "gmshowonlineonlygmvisible_tip") . '\',\'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "gmshowonlineonlygmvisible") . '</a>: </td>
<td><input type="checkbox" name="gmshowonlineonlygmvisible" ' . ($map_gm_show_online_only_gmvisible["Value"] == 1 ? 'checked="checked"' : '') . ' disabled="disabled" /></td>
</tr -->
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "gmaddsuffix_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "gmaddsuffix") . '</a>:
</td>
<td>
<input type="checkbox" name="gmaddsuffix" ' . ($map_gm_add_suffix["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
</table>
<div>
<input type="submit" name="save" value="' . lang("admin", "save") . '" />
</div>
</form>';
} else {
$map_gm_show_online_only_gmoff = isset($_GET["gmshowonlineonlygmoff"]) ? 1 : 0;
$map_gm_show_online_only_gmvisible = isset($_GET["gmshowonlineonlygmvisible"]) ? 1 : 0;
$map_gm_add_suffix = isset($_GET["gmaddsuffix"]) ? 1 : 0;
$map_status_gm_include_all = isset($_GET["statusgmincludeall"]) ? 1 : 0;
$map_show_status = isset($_GET["showstatus"]) ? 1 : 0;
$map_show_timer = isset($_GET["showtimer"]) ? 1 : 0;
$map_timer = $sqlm->quote_smart($_GET["timer"]);
$map_show_online = isset($_GET["showonline"]) ? 1 : 0;
$map_time_to_show_uptime = $sqlm->quote_smart($_GET["timetoshowuptime"]);
$map_time_to_show_maxonline = $sqlm->quote_smart($_GET["timetoshowmaxonline"]);
$map_time_to_show_gmonline = $sqlm->quote_smart($_GET["timetoshowgmonline"]);
$result = $sqlm->query("UPDATE config_misc SET Value='" . $map_gm_show_online_only_gmoff . "' WHERE `Key`='Map_GM_Show_Online_Only_GMOff'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $map_gm_show_online_only_gmvisible . "' WHERE `Key`='Map_GM_Show_Online_Only_GMVisible'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $map_gm_add_suffix . "' WHERE `Key`='Map_GM_Add_Suffix'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $map_status_gm_include_all . "' WHERE `Key`='Map_Status_GM_Include_All'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $map_show_status . "' WHERE `Key`='Map_Show_Status'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $map_gm_add_suffix . "' WHERE `Key`='Map_Show_Timer'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $map_timer . "' WHERE `Key`='Map_Timer'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $map_show_online . "' WHERE `Key`='Map_Show_Online'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $map_time_to_show_uptime . "' WHERE `Key`='Map_Time_To_Show_Uptime'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $map_time_to_show_maxonline . "' WHERE `Key`='Map_Time_To_Show_MaxOnline'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $map_time_to_show_gmonline . "' WHERE `Key`='Map_Time_To_Show_GMOnline'");
redirect("admin.php?section=general&subsection=internalmap");
}
break;
case "validip":
if (!$sub_action) {
$masks_query = $sqlm->query("SELECT * FROM config_valid_ip_mask");
$output .= '
<form action="admin.php" method="get" id="form">
<div>
<input type="hidden" name="section" value="general" />
<input type="hidden" name="subaction" value="editvalidip" />
<input type="hidden" name="subsection" value="validip" />
</div>
<table class="simple">
<tr>
<th style="width: 10%;"> </th>
<th style="width: 20%;">
<span style="text-align: center;">' . lang("admin", "index") . '</span>
</th>
<th>' . lang("admin", "validipmask") . '</th>
</tr>';
while ($mask = $sqlm->fetch_assoc($masks_query)) {
$output .= '
<tr>
<td>
<input type="radio" name="index" value="' . $mask["Index"] . '" />
</td>
<td>
<center>' . $mask["Index"] . '</center>
</td>
<td>' . $mask["ValidIPMask"] . '</td>
</tr>';
}
$output .= '
</table>
<div>
<input type="submit" name="edit" value="' . lang("admin", "editipmask") . '" />
<input type="submit" name="add" value="' . lang("admin", "addipmask") . '" />
<input type="submit" name="delete" value="' . lang("admin", "deleteipmask") . '" />
</div>
</form>';
} elseif ($sub_action == "editvalidip") {
if (isset($_GET["add"])) {
$lim = $sqlm->fetch_assoc($sqlm->query("SELECT MAX(`Index`) FROM config_valid_ip_mask"));
$lim = $lim["MAX(`Index`)"] + 1;
$sqlm->query("INSERT INTO config_valid_ip_mask SET `Index`='" . $lim . "', ValidIPMask=''");
redirect("admin.php?section=general&subsection=validip");
} elseif (isset($_GET["delete"])) {
$index = $sqlm->quote_smart($_GET["index"]);
if (!is_numeric($index)) {
redirect("admin.php?section=general&subsection=validip&error=1");
}
$result = $sqlm->query("DELETE FROM config_valid_ip_mask WHERE `Index`='" . $index . "'");
redirect("admin.php?section=general&subsection=validip");
} else {
$index = $sqlm->quote_smart($_GET["index"]);
if (!is_numeric($index)) {
redirect("admin.php?section=general&subsection=validip&error=1");
}
$mask = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_valid_ip_mask WHERE `Index`='" . $index . "'"));
$output .= '
<form action="admin.php" method="get" id="form">
<div>
<input type="hidden" name="section" value="general" />
<input type="hidden" name="subaction" value="savevalidip" />
<input type="hidden" name="subsection" value="validip" />
<input type="hidden" name="index" value="' . $mask["Index"] . '" />
</div>
<table class="simple">
<tr>
<th width="20%">
<center>' . lang("admin", "index") . '</center>
</th>
<th class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "validipmask_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "validipmask") . '</a>
</th>
</tr>
<tr>
<td>
<center>' . $mask["Index"] . '</center>
</td>
<td>
<input type="text" name="mask" value="' . $mask["ValidIPMask"] . '" />
</td>
</tr>
</table>
<div>
<input type="submit" name="save" value="' . lang("admin", "save") . '" />
</div>
</form>';
}
} else {
$index = $sqlm->quote_smart($_GET["index"]);
$mask = $sqlm->quote_smart($_GET["mask"]);
$result = $sqlm->query("UPDATE config_valid_ip_mask SET ValidIPMask='" . $mask . "' WHERE `Index`='" . $index . "'");
redirect("admin.php?section=general&subsection=validip");
}
break;
case "ads":
if (!$sub_action) {
$enable_bottom_ad = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Enable_Page_Bottom_Ad'"));
$bottom_ad_content = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Page_Bottom_Ad_Content'"));
$output .= '
<form action="admin.php" method="get" id="form">
<div>
<input type="hidden" name="section" value="general" />
<input type="hidden" name="subaction" value="saveads" />
<input type="hidden" name="subsection" value="ads" />
</div>
<table class="simple" id="admin_more">
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "enablebottomad_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "enablebottomad") . '</a>:
</td>
<td>
<input type="checkbox" name="enablebottomad" ' . ($enable_bottom_ad["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "bottomadcontent_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "bottomadcontent") . '</a>:
</td>
<td>
<textarea name="bottomadcontent" rows="5" cols="40">' . $bottom_ad_content["Value"] . '</textarea>
</td>
</tr>
</table>
<div>
<input type="submit" name="save" value="' . lang("admin", "save") . '" />
</div>
</form>';
} else {
$page_bottom_ad = isset($_GET["enablebottomad"]) ? 1 : 0;
$page_bottom_ad_content = $sqlm->quote_smart($_GET["bottomadcontent"]);
$result = $sqlm->query("UPDATE config_misc SET Value='" . $page_bottom_ad . "' WHERE `Key`='Enable_Page_Bottom_Ad'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $page_bottom_ad_content . "' WHERE `Key`='Page_Bottom_Ad_Content'");
redirect("admin.php?section=general&subsection=ads");
}
break;
case "more":
if (!$sub_action) {
$sql_search_limit = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='SQL_Search_Limit'"));
$item_icons = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Item_Icons'"));
$remember_me_checked = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Remember_Me_Checked'"));
$site_title = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Site_Title'"));
$item_per_page = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Item_Per_Page'"));
$show_country_flags = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Show_Country_Flags'"));
$default_theme = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Default_Theme'"));
$default_language = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Default_Language'"));
$timezone = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Timezone'"));
$timezone_offset = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Timezone_Offset'"));
$player_online = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Player_Online'"));
$gm_online = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='GM_Online'"));
$gm_online_count = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='GM_Online_Count'"));
$hide_uptime = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Hide_Uptime'"));
$hide_max_players = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Hide_Max_Players'"));
$hide_avg_latency = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Hide_Avg_Latency'"));
$hide_server_mem = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Hide_Server_Mem'"));
$hide_plr_latency = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Hide_Plr_Latency'"));
$hide_coupons = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Hide_Coupons_Main_Page'"));
$backup_dir = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Backup_Dir'"));
$debug = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Debug'"));
$test_mode = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Test_Mode'"));
$multi_realm = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Multi_Realm'"));
$show_emblem = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Show_Guild_Emblem'"));
$language_locales_search_option = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Language_Locales_Search_Option'"));
$language_site_encoding = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Language_Site_Encoding'"));
$show_newest_user = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Show_Newest_User'"));
$send_on_email = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Send_Mail_On_Email_Change'"));
$use_custom_logo = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Use_Custom_Logo'"));
$custom_logo = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Custom_Logo'"));
$allow_caching = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Allow_Logo_Caching'"));
$index_show_realms = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_misc WHERE `Key`='Index_Show_Realms'"));
$custom_logos_result = $sqlm->query("SELECT * FROM custom_logos");
$custom_logo_count = $sqlm->num_rows($custom_logos_result);
$custom_logos = array();
while ($row = $sqlm->fetch_assoc($custom_logos_result)) {
$custom_logos[] = $row;
}
$output .= '
<form action="admin.php" method="get" enctype="multipart/form-data" id="form">
<div>
<input type="hidden" name="section" value="general" />
<input type="hidden" name="subaction" value="savemore" />
<input type="hidden" name="subsection" value="more" />
</div>
<table class="simple" id="admin_more">
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "sqlsearchlimit_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "sqlsearchlimit") . '</a>:
</td>
<td>
<input type="text" name="sqlsearchlimit" value="' . $sql_search_limit["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "itemicons_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "itemicons") . '</a>:
</td>
<td>
<input type="text" name="itemicons" value="' . $item_icons["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "remembermechecked_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "remembermechecked") . '</a>:
</td>
<td>
<input type="checkbox" name="remembermechecked" ' . ($remember_me_checked["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "sitetitle_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "sitetitle") . '</a>:
</td>
<td>
<input type="text" name="sitetitle" value="' . $site_title["Value"] . '" size="50"/>
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "itemperpage_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "itemperpage") . '</a>:
</td>
<td>
<input type="text" name="itemperpage" value="' . $item_per_page["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "showcountryflags_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "showcountryflags") . '</a>:
</td>
<td>
<input type="checkbox" name="showcountryflags" ' . ($show_country_flags["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "defaulttheme_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "defaulttheme") . '</a>:
</td>
<td>
<input type="text" name="defaulttheme" value="' . $default_theme["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "defaultlanguage_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "defaultlanguage") . '</a>:
</td>
<td>
<select name="defaultlanguage">';
if (is_dir("./lang")) {
if ($dh = opendir("./lang")) {
while (($file = readdir($dh)) == true) {
$lang_temp = explode(".", $file);
if (isset($lang_temp[1]) && $lang_temp[1] == "php") {
$output .= '
<option value="' . $lang_temp[0] . '"' . ($default_language["Value"] == $lang_temp[0] ? ' selected="selected" ' : '') . '>' . lang("edit", $lang_temp[0]) . '</option>';
}
}
closedir($dh);
}
}
$output .= '
</select>
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "timezone_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "timezone") . '</a>:
</td>
<td>
<select name="timezone">
<option value="-12.0" ' . ($timezone["Value"] == "-12.0" ? 'selected="selected"' : '') . '>(UTC -12:00) Eniwetok, Kwajalein</option>
<option value="-11.0" ' . ($timezone["Value"] == "-11.0" ? 'selected="selected"' : '') . '>(UTC -11:00) Midway Island, Samoa</option>
<option value="-10.0" ' . ($timezone["Value"] == "-10.0" ? 'selected="selected"' : '') . '>(UTC -10:00) Hawaii</option>
<option value="-9.0" ' . ($timezone["Value"] == "-9.0" ? 'selected="selected"' : '') . '>(UTC -9:00) Alaska</option>
<option value="-8.0" ' . ($timezone["Value"] == "-8.0" ? 'selected="selected"' : '') . '>(UTC -8:00) Pacific Time (US & Canada)</option>
<option value="-7.0" ' . ($timezone["Value"] == "-7.0" ? 'selected="selected"' : '') . '>(UTC -7:00) Mountain Time (US & Canada)</option>
<option value="-6.0" ' . ($timezone["Value"] == "-6.0" ? 'selected="selected"' : '') . '>(UTC -6:00) Central Time (US & Canada), Mexico City</option>
<option value="-5.0" ' . ($timezone["Value"] == "-5.0" ? 'selected="selected"' : '') . '>(UTC -5:00) Eastern Time (US & Canada), Bogota, Lima</option>
<option value="-4.5" ' . ($timezone["Value"] == "-4.5" ? 'selected="selected"' : '') . '>(UTC -4:30) Caracas</option>
<option value="-4.0" ' . ($timezone["Value"] == "-4.0" ? 'selected="selected"' : '') . '>(UTC -4:00) Atlantic Time (Canada), La Paz</option>
<option value="-3.5" ' . ($timezone["Value"] == "-3.5" ? 'selected="selected"' : '') . '>(UTC -3:30) Newfoundland</option>
<option value="-3.0" ' . ($timezone["Value"] == "-3.0" ? 'selected="selected"' : '') . '>(UTC -3:00) Brazil, Buenos Aires, Georgetown</option>
<option value="-2.0" ' . ($timezone["Value"] == "-2.0" ? 'selected="selected"' : '') . '>(UTC -2:00) Mid-Atlantic</option>
<option value="-1.0" ' . ($timezone["Value"] == "-1.0" ? 'selected="selected"' : '') . '>(UTC -1:00) Azores, Cape Verde Islands</option>
<option value="0.0" ' . ($timezone["Value"] == "0.0" ? 'selected="selected"' : '') . '>(UTC) Western Europe Time, London, Lisbon, Casablanca</option>
<option value="1.0" ' . ($timezone["Value"] == "1.0" ? 'selected="selected"' : '') . '>(UTC +1:00) Brussels, Copenhagen, Madrid, Paris</option>
<option value="2.0" ' . ($timezone["Value"] == "2.0" ? 'selected="selected"' : '') . '>(UTC +2:00) Kaliningrad, South Africa</option>
<option value="3.0" ' . ($timezone["Value"] == "3.0" ? 'selected="selected"' : '') . '>(UTC +3:00) Baghdad, Riyadh, Moscow, St. Petersburg</option>
<option value="3.5" ' . ($timezone["Value"] == "3.5" ? 'selected="selected"' : '') . '>(UTC +3:30) Tehran</option>
<option value="4.0" ' . ($timezone["Value"] == "4.0" ? 'selected="selected"' : '') . '>(UTC +4:00) Abu Dhabi, Muscat, Baku, Tbilisi</option>
<option value="4.5" ' . ($timezone["Value"] == "4.5" ? 'selected="selected"' : '') . '>(UTC +4:30) Kabul</option>
<option value="5.0" ' . ($timezone["Value"] == "5.0" ? 'selected="selected"' : '') . '>(UTC +5:00) Ekaterinburg, Islamabad, Karachi, Tashkent</option>
<option value="5.5" ' . ($timezone["Value"] == "5.5" ? 'selected="selected"' : '') . '>(UTC +5:30) Bombay, Calcutta, Madras, New Delhi</option>
<option value="5.75" ' . ($timezone["Value"] == "5.75" ? 'selected="selected"' : '') . '>(UTC +5:45) Kathmandu</option>
<option value="6.0" ' . ($timezone["Value"] == "6.0" ? 'selected="selected"' : '') . '>(UTC +6:00) Almaty, Dhaka, Colombo</option>
<option value="7.0" ' . ($timezone["Value"] == "7.0" ? 'selected="selected"' : '') . '>(UTC +7:00) Bangkok, Hanoi, Jakarta</option>
<option value="8.0" ' . ($timezone["Value"] == "8.0" ? 'selected="selected"' : '') . '>(UTC +8:00) Beijing, Perth, Singapore, Hong Kong</option>
<option value="9.0" ' . ($timezone["Value"] == "9.0" ? 'selected="selected"' : '') . '>(UTC +9:00) Tokyo, Seoul, Osaka, Sapporo, Yakutsk</option>
<option value="9.5" ' . ($timezone["Value"] == "9.5" ? 'selected="selected"' : '') . '>(UTC +9:30) Adelaide, Darwin</option>
<option value="10.0" ' . ($timezone["Value"] == "10.0" ? 'selected="selected"' : '') . '>(UTC +10:00) Eastern Australia, Guam, Vladivostok</option>
<option value="11.0" ' . ($timezone["Value"] == "11.0" ? 'selected="selected"' : '') . '>(UTC +11:00) Magadan, Solomon Islands, New Caledonia</option>
<option value="12.0" ' . ($timezone["Value"] == "12.0" ? 'selected="selected"' : '') . '>(UTC +12:00) Auckland, Wellington, Fiji, Kamchatka</option>
</select>
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "timezone_offset_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "timezone_offset") . '</a>:
</td>
<td>
<input type="text" name="timezone_offset" value="' . $timezone_offset["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "playeronline_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "playeronline") . '</a>:
</td>
<td>
<select name="playeronline">';
$sl_query = "SELECT * FROM config_gm_level_names";
$sl_result = $sqlm->query($sl_query);
while ($row = $sqlm->fetch_assoc($sl_result)) {
$output .= '
<option value="' . $row["Security_Level"] . '" ' . ($player_online["Value"] == $row["Security_Level"] ? 'selected="selected"' : '') . '>' . $row["Full_Name"] . ' (' . $row["Security_Level"] . ')</option>';
}
$output .= '
</select>
<!-- input type="checkbox" name="playeronline" ' . ($player_online["Value"] == 1 ? 'checked="checked"' : '') . ' / -->
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "gmonline_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "gmonline") . '</a>:
</td>
<td>
<input type="checkbox" name="gmonline" ' . ($gm_online["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "gmonlinecount_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "gmonlinecount") . '</a>:
</td>
<td>
<input type="checkbox" name="gmonlinecount" ' . ($gm_online_count["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "hideuptime_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "hideuptime") . '</a>:
</td>
<td>
<input type="checkbox" name="hideuptime" ' . ($hide_uptime["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "hidemaxplayers_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "hidemaxplayers") . '</a>:
</td>
<td>
<input type="checkbox" name="hidemaxplayers" ' . ($hide_max_players["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "hideavglatency_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "hideavglatency") . '</a>:
</td>
<td>
<input type="checkbox" name="hideavglatency" ' . ($hide_avg_latency["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>';
if ($core == 1) {
$output .= '
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "hideservermem_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "hideservermem") . '</a>:
</td>
<td>
<select name="hideservermem">
<option value="0" ' . ($hide_server_mem["Value"] == 0 ? 'selected="selected"' : '') . '>' . lang("admin", "hide") . '</option>
<option value="1" ' . ($hide_server_mem["Value"] == 1 ? 'selected="selected"' : '') . '>' . lang("admin", "showtogmsonly") . '</option>
<option value="2" ' . ($hide_server_mem["Value"] == 2 ? 'selected="selected"' : '') . '>' . lang("admin", "showall") . '</option>
</select>
</td>
</tr>';
}
$output .= '
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "hideplrlatency_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "hideplrlatency") . '</a>:
</td>
<td>
<input type="checkbox" name="hideplrlatency" ' . ($hide_plr_latency["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "hidecoupons_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "hidecoupons") . '</a>:
</td>
<td>
<input type="checkbox" name="hidecoupons" ' . ($hide_coupons["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "backupdir_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "backupdir") . '</a>:
</td>
<td>
<input type="text" name="backupdir" value="' . $backup_dir["Value"] . '" readonly="readonly" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "debug_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "debug") . '</a>:
</td>
<td>
<input type="text" name="debug" value="' . $debug["Value"] . '" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "testmode_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "testmode") . '</a>:
</td>
<td>
<input type="text" name="testmode" value="' . $test_mode["Value"] . '" readonly="readonly" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "multirealm_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "multirealm") . '</a>:
</td>
<td>
<input type="text" name="multirealm" value="' . $multi_realm["Value"] . '" readonly="readonly" />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "showemblem_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "showemblem") . '</a>:
</td>
<td>
<input type="checkbox" name="showemblem" ' . ($show_emblem["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "shownewuser_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "shownewuser") . '</a>:
</td>
<td>
<input type="checkbox" name="shownewuser" ' . ($show_newest_user["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "sendonemail_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "sendonemail") . '</a>:
</td>
<td>
<input type="checkbox" name="sendonemail" ' . ($send_on_email["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "indexshowrealms_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "indexshowrealms") . '</a>:
</td>
<td>
<input type="checkbox" name="indexshowrealms" ' . ($index_show_realms["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td colspan="2">
<b>' . lang("admin", "customlogos") . '</b>
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "usecustomlogo_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "usecustomlogo") . '</a>:
</td>
<td>
<input type="checkbox" name="usecustomlogo" ' . ($use_custom_logo["Value"] == 1 ? 'checked="checked"' : '') . ' ' . ($custom_logo_count > 0 ? '' : 'disabled="disabled"') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "customlogo_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "customlogo") . '</a>:
</td>
<td>
<select name="customlogo" ' . ($custom_logo_count > 0 ? '' : 'disabled="disabled"') . '>';
foreach ($custom_logos as $row) {
$output .= '
<option value="' . $row["id"] . '" ' . ($row["id"] == $custom_logo["Value"] ? 'selected="selected"' : '') . '>' . $row["filename"] . '</option>';
}
$output .= '
</select>
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "deleteselectedlogo_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "deleteselectedlogo") . '</a>:
</td>
<td>
<input type="checkbox" name="deleteselectedlogo" ' . ($custom_logo_count > 0 ? '' : 'disabled="disabled"') . ' />
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "uploadlogo_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "uploadlogo") . '</a>:
</td>
<td>
<a href="admin.php?section=general&subsection=upload_logo">' . lang("admin", "upload") . '</a>
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "allowcaching_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "allowcaching") . '</a>:
</td>
<td>
<input type="checkbox" name="allowcaching" ' . ($allow_caching["Value"] == 1 ? 'checked="checked"' : '') . ' />
</td>
</tr>
<tr>
<td colspan="2">
<b>' . lang("admin", "language") . '</b>
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "languagelocalessearchoption_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "languagelocalessearchoption") . '</a>:
</td>
<td>
<select name="languagelocalessearchoption">
<option value="0" ' . ($language_locales_search_option["Value"] == 0 ? 'selected="selected" ' : '') . '>' . lang("global", "language_0") . '</option>
<option value="1" ' . ($language_locales_search_option["Value"] == 1 ? 'selected="selected" ' : '') . '>' . lang("global", "language_1") . '</option>
<option value="2" ' . ($language_locales_search_option["Value"] == 2 ? 'selected="selected" ' : '') . '>' . lang("global", "language_2") . '</option>
<option value="3" ' . ($language_locales_search_option["Value"] == 3 ? 'selected="selected" ' : '') . '>' . lang("global", "language_3") . '</option>
<option value="4" ' . ($language_locales_search_option["Value"] == 4 ? 'selected="selected" ' : '') . '>' . lang("global", "language_4") . '</option>
<option value="5" ' . ($language_locales_search_option["Value"] == 5 ? 'selected="selected" ' : '') . '>' . lang("global", "language_5") . '</option>
<option value="6" ' . ($language_locales_search_option["Value"] == 6 ? 'selected="selected" ' : '') . '>' . lang("global", "language_6") . '</option>
<option value="7" ' . ($language_locales_search_option["Value"] == 7 ? 'selected="selected" ' : '') . '>' . lang("global", "language_7") . '</option>
<option value="8" ' . ($language_locales_search_option["Value"] == 8 ? 'selected="selected" ' : '') . '>' . lang("global", "language_8") . '</option>
</select>
</td>
</tr>
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "languagesiteencoding_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "languagesiteencoding") . '</a>:
</td>
<td>
<input type="text" name="languagesiteencoding" value="' . $language_site_encoding["Value"] . '" />
</td>
</tr>
</table>
<div>
<input type="submit" name="save" value="' . lang("admin", "save") . '" />
</div>
</form>';
} else {
$sql_search_limit = $sqlm->quote_smart($_GET["sqlsearchlimit"]);
$item_icons = $sqlm->quote_smart($_GET["itemicons"]);
$remember_me_checked = isset($_GET["remembermechecked"]) ? 1 : 0;
$site_title = $sqlm->quote_smart($_GET["sitetitle"]);
$item_per_page = $sqlm->quote_smart($_GET["itemperpage"]);
$show_country_flags = isset($_GET["showcountryflags"]) ? 1 : 0;
$default_theme = $sqlm->quote_smart($_GET["defaulttheme"]);
$default_language = $sqlm->quote_smart($_GET["defaultlanguage"]);
$timezone = $sqlm->quote_smart($_GET["timezone"]);
$timezone_offset = $sqlm->quote_smart($_GET["timezone_offset"]);
$player_online = $sqlm->quote_smart($_GET["playeronline"]);
$gm_online = isset($_GET["gmonline"]) ? 1 : 0;
$gm_online_count = isset($_GET["gmonlinecount"]) ? 1 : 0;
$hide_uptime = isset($_GET["hideuptime"]) ? 1 : 0;
$hide_max_players = isset($_GET["hidemaxplayers"]) ? 1 : 0;
$hide_avg_latency = isset($_GET["hideavglatency"]) ? 1 : 0;
$hide_plr_latency = isset($_GET["hideplrlatency"]) ? 1 : 0;
$hide_coupons = isset($_GET["hidecoupons"]) ? 1 : 0;
$backup_dir = $sqlm->quote_smart($_GET["backupdir"]);
$debug = $sqlm->quote_smart($_GET["debug"]);
$test_mode = $sqlm->quote_smart($_GET["testmode"]);
$multi_realm = $sqlm->quote_smart($_GET["multirealm"]);
$show_emblem = isset($_GET["showemblem"]) ? 1 : 0;
$language_locales_search_option = $sqlm->quote_smart($_GET["languagelocalessearchoption"]);
$language_site_encoding = $sqlm->quote_smart($_GET["languagesiteencoding"]);
$hide_server_mem = $sqlm->quote_smart($_GET["hideservermem"]);
$show_newest_user = isset($_GET["shownewuser"]) ? 1 : 0;
$send_on_email = isset($_GET["sendonemail"]) ? 1 : 0;
$index_show_realms = isset($_GET["indexshowrealms"]) ? 1 : 0;
$use_custom_logo = isset($_GET["usecustomlogo"]) ? 1 : 0;
$custom_logo = isset($_GET["customlogo"]) ? $sqlm->quote_smart($_GET["customlogo"]) : NULL;
$delete_selected = isset($_GET["deleteselectedlogo"]) ? 1 : 0;
$allow_caching = isset($_GET["allowcaching"]) ? 1 : 0;
$result = $sqlm->query("UPDATE config_misc SET Value='" . $sql_search_limit . "' WHERE `Key`='SQL_Search_Limit'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $item_icons . "' WHERE `Key`='Item_Icons'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $remember_me_checked . "' WHERE `Key`='Remember_Me_Checked'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $site_title . "' WHERE `Key`='Site_Title'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $item_per_page . "' WHERE `Key`='Item_Per_Page'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $show_country_flags . "' WHERE `Key`='Show_Country_Flags'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $default_theme . "' WHERE `Key`='Default_Theme'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $default_language . "' WHERE `Key`='Default_Language'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $timezone . "' WHERE `Key`='Timezone'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $timezone_offset . "' WHERE `Key`='Timezone_Offset'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $player_online . "' WHERE `Key`='Player_Online'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $gm_online . "' WHERE `Key`='GM_Online'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $gm_online_count . "' WHERE `Key`='GM_Online_Count'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $hide_uptime . "' WHERE `Key`='Hide_Uptime'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $hide_max_players . "' WHERE `Key`='Hide_Max_Players'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $hide_avg_latency . "' WHERE `Key`='Hide_Avg_Latency'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $hide_server_mem . "' WHERE `Key`='Hide_Server_Mem'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $hide_plr_latency . "' WHERE `Key`='Hide_Plr_Latency'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $hide_coupons . "' WHERE `Key`='Hide_Coupons_Main_Page'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $backup_dir . "' WHERE `Key`='Backup_Dir'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $debug . "' WHERE `Key`='Debug'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $test_mode . "' WHERE `Key`='Test_Mode'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $multi_realm . "' WHERE `Key`='Multi_Realm'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $show_emblem . "' WHERE `Key`='Show_Guild_Emblem'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $language_locales_search_option . "' WHERE `Key`='Language_Locales_Search_Option'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $language_site_encoding . "' WHERE `Key`='Language_Site_Encoding'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $show_newest_user . "' WHERE `Key`='Show_Newest_User'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $send_on_email . "' WHERE `Key`='Send_Mail_On_Email_Change'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $index_show_realms . "' WHERE `Key`='Index_Show_Realms'");
if ($delete_selected) {
$result = $sqlm->query("DELETE FROM custom_logos WHERE id='" . $custom_logo . "'");
// if we have no more logos, then we don't want Use Custom Logos checked.
$result = $sqlm->query("SELECT * FROM custom_logos");
$logo_count = $sqlm->num_rows($result);
if ($logo_count == 0) {
$use_custom_logo = 0;
} else {
// we don't want the Custom_Logo field set to the one we just deleted
// so we'll set it to the first one on the list
$temp = $sqlm->fetch_assoc($result);
$custom_logo = $temp["id"];
}
}
$result = $sqlm->query("UPDATE config_misc SET Value='" . $use_custom_logo . "' WHERE `Key`='Use_Custom_Logo'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $custom_logo . "' WHERE `Key`='Custom_Logo'");
$result = $sqlm->query("UPDATE config_misc SET Value='" . $allow_caching . "' WHERE `Key`='Allow_Logo_Caching'");
redirect("admin.php?section=general&subsection=more");
}
break;
case "upload_logo":
if (!$sub_action) {
$upload_err = isset($_GET["up_err"]) ? $_GET["up_err"] : NULL;
$output .= '
<form action="admin.php?section=general&subsection=upload_logo&subaction=upload" method="post" enctype="multipart/form-data" id="form">
<table class="simple" id="admin_more">';
if (isset($upload_err)) {
$msg = lang("admin", "uploaderror" . abs($upload_err));
$output .= '
<td colspan="2">
<span class="error" style="display: block; width: 100%; text-align: center;">' . $msg . '</span>
</td>';
}
$output .= '
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "uploadlogo_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "uploadlogo") . '</a>:
</td>
<td>
<input type="file" name="image" />
</td>
</tr>
</table>
<div>
<input type="submit" name="save" value="' . lang("admin", "save") . '" />
<input type="button" name="cancel" value="' . lang("admin", "cancel") . '" onclick="window.location=\'admin.php?section=general&subsection=more\'"/>
</div>
</form>';
} else {
if (!array_key_exists("image", $_FILES)) {
redirect("admin.php?section=general&subsection=upload_logo&error=1");
}
$image = $_FILES["image"];
$err = checkValidUpload($image["error"]);
if ($err < 0) {
redirect("admin.php?section=general&subsection=upload_logo&up_err=" . $err);
} else {
if (!is_uploaded_file($image["tmp_name"])) {
redirect("admin.php?section=general&subsection=upload_logo&up_err=-8");
}
$info = getImageSize($image["tmp_name"]);
if (!$info) {
redirect("admin.php?section=general&subsection=upload_logo&up_err=-9");
}
$name = $sqlm->quote_smart($image["name"]);
$mime = $sqlm->quote_smart($info["mime"]);
$data = $sqlm->quote_smart(file_get_contents($image["tmp_name"]));
$upload_query = "INSERT INTO custom_logos (filename, mime_type, file_size, file_data) VALUES ('" . $name . "', '" . $mime . "', '" . $image['size'] . "', '" . $data . "')";
$sqlm->query($upload_query);
redirect("admin.php?section=general&subsection=more");
}
}
break;
case "gmlevels":
if (!$sub_action) {
$gm_lvls = $sqlm->query("SELECT * FROM config_gm_level_names");
if (!isset($_GET["edit_btn"])) {
$output .= '
<form action="admin.php" method="get" id="form">
<div>
<input type="hidden" name="section" value="general" />
<input type="hidden" name="subsection" value="gmlevels" />
<input type="hidden" name="edit_btn" value="edit" />
</div>
<table class="simple">
<tr>
<th>' . lang("admin", "edit") . '</th>
<th>' . lang("admin", "remove") . '</th>
<th>' . lang("admin", "seclvl") . '</th>
<th>' . lang("admin", "fullname") . '</th>
<th>' . lang("admin", "shortname") . '</th>
</tr>';
$color = "#EEEEEE";
while ($gm_lvl = $sqlm->fetch_assoc($gm_lvls)) {
$output .= '
<tr>
<td style="background-color:' . $color . '; text-align: center;">
<a href="admin.php?section=general&subsection=gmlevels&edit=' . $gm_lvl["Index"] . '&edit_btn=Edit">
<img src="img/edit.png" alt="" />
</a>
</td>
<td style="background-color:' . $color . '; text-align: center;">
<a href="admin.php?section=general&subsection=gmlevels&delrow=deleterow&edit=' . $gm_lvl["Index"] . '&edit_btn=Edit">
<img src="img/aff_cross.png" alt="" />
</a>
</td>
<td style="background-color:' . $color . '">' . $gm_lvl["Security_Level"] . '</td>
<td style="background-color:' . $color . '">' . $gm_lvl["Full_Name"] . '</td>
<td style="background-color:' . $color . '">' . $gm_lvl["Short_Name"] . '</td>
</tr>';
if ($color == "#EEEEEE") {
$color = "#FFFFFF";
} else {
$color = "#EEEEEE";
}
}
$output .= '
<tr>
<td style="background-color:' . $color . '; text-align: center;">
<a href="admin.php?section=general&subsection=gmlevels&edit_btn=Edit&addrow=addrow">
<img src="img/add.png" alt="" />
</a>
</td>
<td style="background-color:' . $color . ';" colspan="4">
<a href="admin.php?section=general&subsection=gmlevels&edit_btn=Edit&addrow=addrow">' . lang("admin", "addrow") . '</a>
</td>
</tr>';
$output .= '
</table>
</form>';
} else {
if (!isset($_GET["edit"])) {
if (!isset($_GET["addrow"])) {
redirect("admin.php?section=general&subsection=gmlevels");
}
}
$del_row = isset($_GET["delrow"]) ? $_GET["delrow"] : "";
$add_row = isset($_GET["addrow"]) ? $_GET["addrow"] : "";
$edit_row = $sqlm->quote_smart($_GET["edit"]);
if ($add_row) {
$add_result = $sqlm->query("INSERT INTO config_gm_level_names (Security_Level) VALUES ('-1')");
redirect("admin.php?section=general&subsection=gmlevels");
}
if ($del_row) {
$del_result = $sqlm->query("DELETE FROM config_gm_level_names WHERE `Index`='" . $edit_row . "'");
redirect("admin.php?section=general&subsection=gmlevels");
}
$gm_level = $sqlm->fetch_assoc($sqlm->query("SELECT * FROM config_gm_level_names WHERE `Index`='" . $edit_row . "'"));
$output .= '
<form action="admin.php" method="get" id="form">
<div>
<input type="hidden" name="section" value="general" />
<input type="hidden" name="subsection" value="gmlevels" />
<input type="hidden" name="subaction" value="savegms" />
<input type="hidden" name="index" value="' . $gm_level["Index"] . '" />
</div>
<fieldset id="admin_gm_level">
<table class="center">
<tr>
<td class="help">
<a href="#" onmouseover="oldtoolTip(\'' . lang("admin", "seclvl_tip") . '\', \'info_tooltip\')" onmouseout="oldtoolTip()">' . lang("admin", "seclvl") . '</a>:
</td>
<td>
<input type="text" name="seclvl" value="' . $gm_level["Security_Level"] . '" />
</td>
</tr>
<tr>
<td>' . lang("admin", "fullname") . ': </td>
<td>
<input type="text" name="fullname" value="' . $gm_level["Full_Name"] . '" />
</td>
</tr>
<tr>
<td>' . lang("admin", "shortname") . ': </td>
<td>
<input type="text" name="shortname" value="' . $gm_level["Short_Name"] . '" />
</td>
</tr>
</table>
</fieldset>
<div>
<input type="submit" name="save" value="' . lang("admin", "save") . '" />
</div>
</form>';
}
} else {
$index = $sqlm->quote_smart($_GET["index"]);
$sec_lvl = $sqlm->quote_smart($_GET["seclvl"]);
$full_name = $sqlm->quote_smart($_GET["fullname"]);
$short_name = $sqlm->quote_smart($_GET["shortname"]);
$result = $sqlm->query("UPDATE config_gm_level_names SET Security_Level='" . $sec_lvl . "', Full_Name='" . $full_name . "', Short_Name='" . $short_name . "' WHERE `Index`='" . $index . "'");
redirect("admin.php?section=general&subsection=gmlevels");
}
break;
}
$output .= '
</div>';
}
function delete_motd(&$sqlm)
{
global $action_permission, $realm_id, $mmfpm_db;
// minimum permission to view page
valid_login($action_permission['delete']);
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
if (empty($_GET['id'])) {
redirect('index.php');
}
$id = $sqlm->quote_smart($_GET['id']);
if (is_numeric($id)) {
} else {
redirect('motd.php?error=1');
}
$sqlm->query('
DELETE FROM mm_motd
WHERE id =' . $id . '');
unset($id);
redirect('index.php');
}
function do_update()
{
global $world_db, $realm_id;
if (!isset($_POST['opp_type']) || $_POST['opp_type'] === '') {
redirect("game_object.php?error=1");
}
if (!isset($_POST['entry']) || $_POST['entry'] === '') {
redirect("game_object.php?error=1");
}
$sql = new SQL();
$sql->connect($world_db[$realm_id]['addr'], $world_db[$realm_id]['user'], $world_db[$realm_id]['pass'], $world_db[$realm_id]['name']);
$entry = $sql->quote_smart($_POST['entry']);
if (isset($_POST['type']) && $_POST['type'] != '') {
$type = $sql->quote_smart($_POST['type']);
} else {
$type = 0;
}
if (isset($_POST['displayId']) && $_POST['displayId'] != '') {
$displayId = $sql->quote_smart($_POST['displayId']);
} else {
$displayId = 0;
}
if (isset($_POST['name']) && $_POST['name'] != '') {
$name = $sql->quote_smart($_POST['name']);
} else {
$name = "";
}
if (isset($_POST['faction']) && $_POST['faction'] != '') {
$faction = $sql->quote_smart($_POST['faction']);
} else {
$faction = 0;
}
if (isset($_POST['flags']) && $_POST['flags'] != '') {
$flags = $sql->quote_smart($_POST['flags']);
} else {
$flags = 0;
}
if (isset($_POST['size']) && $_POST['size'] != '') {
$size = $sql->quote_smart($_POST['size']);
} else {
$size = 0;
}
if (isset($_POST['ScriptName']) && $_POST['ScriptName'] != '') {
$ScriptName = $sql->quote_smart($_POST['ScriptName']);
} else {
$ScriptName = "";
}
if (isset($_POST['data0']) && $_POST['data0'] != '') {
$data0 = $sql->quote_smart($_POST['data0']);
} else {
$data0 = 0;
}
if (isset($_POST['data1']) && $_POST['data1'] != '') {
$data1 = $sql->quote_smart($_POST['data1']);
} else {
$data1 = 0;
}
if (isset($_POST['data2']) && $_POST['data2'] != '') {
$data2 = $sql->quote_smart($_POST['data2']);
} else {
$data2 = 0;
}
if (isset($_POST['data3']) && $_POST['data3'] != '') {
$data3 = $sql->quote_smart($_POST['data3']);
} else {
$data3 = 0;
}
if (isset($_POST['data4']) && $_POST['data4'] != '') {
$data4 = $sql->quote_smart($_POST['data4']);
} else {
$data4 = 0;
}
if (isset($_POST['data5']) && $_POST['data5'] != '') {
$data5 = $sql->quote_smart($_POST['data5']);
} else {
$data5 = 0;
}
if (isset($_POST['data6']) && $_POST['data6'] != '') {
$data6 = $sql->quote_smart($_POST['data6']);
} else {
$data6 = 0;
}
if (isset($_POST['data7']) && $_POST['data7'] != '') {
$data7 = $sql->quote_smart($_POST['data7']);
} else {
$data7 = 0;
}
if (isset($_POST['data8']) && $_POST['data8'] != '') {
$data8 = $sql->quote_smart($_POST['data8']);
} else {
$data8 = 0;
}
if (isset($_POST['data9']) && $_POST['data9'] != '') {
$data9 = $sql->quote_smart($_POST['data9']);
} else {
$data9 = 0;
}
if (isset($_POST['data10']) && $_POST['data10'] != '') {
$data10 = $sql->quote_smart($_POST['data10']);
} else {
$data10 = 0;
}
if (isset($_POST['data11']) && $_POST['data11'] != '') {
$data11 = $sql->quote_smart($_POST['data11']);
} else {
$data11 = 0;
}
if (isset($_POST['data12']) && $_POST['data12'] != '') {
$data12 = $sql->quote_smart($_POST['data12']);
} else {
$data12 = 0;
}
if (isset($_POST['data13']) && $_POST['data13'] != '') {
$data13 = $sql->quote_smart($_POST['data13']);
} else {
$data13 = 0;
}
if (isset($_POST['data14']) && $_POST['data14'] != '') {
$data14 = $sql->quote_smart($_POST['data14']);
} else {
$data14 = 0;
}
if (isset($_POST['data15']) && $_POST['data15'] != '') {
$data15 = $sql->quote_smart($_POST['data15']);
} else {
$data15 = 0;
}
if (isset($_POST['data16']) && $_POST['data16'] != '') {
$data16 = $sql->quote_smart($_POST['data16']);
} else {
$data16 = 0;
}
if (isset($_POST['data17']) && $_POST['data17'] != '') {
$data17 = $sql->quote_smart($_POST['data17']);
} else {
$data17 = 0;
}
if (isset($_POST['data18']) && $_POST['data18'] != '') {
$data18 = $sql->quote_smart($_POST['data18']);
} else {
$data18 = 0;
}
if (isset($_POST['data19']) && $_POST['data19'] != '') {
$data19 = $sql->quote_smart($_POST['data19']);
} else {
$data19 = 0;
}
if (isset($_POST['data20']) && $_POST['data20'] != '') {
$data20 = $sql->quote_smart($_POST['data20']);
} else {
$data20 = 0;
}
if (isset($_POST['data21']) && $_POST['data21'] != '') {
$data21 = $sql->quote_smart($_POST['data21']);
} else {
$data21 = 0;
}
if (isset($_POST['data22']) && $_POST['data22'] != '') {
$data22 = $sql->quote_smart($_POST['data22']);
} else {
$data22 = 0;
}
if (isset($_POST['data23']) && $_POST['data23'] != '') {
$data23 = $sql->quote_smart($_POST['data23']);
} else {
$data23 = 0;
}
if (isset($_POST['ChanceOrQuestChance']) && $_POST['ChanceOrQuestChance'] != '') {
$ChanceOrQuestChance = $sql->quote_smart($_POST['ChanceOrQuestChance']);
} else {
$ChanceOrQuestChance = 0;
}
if (isset($_POST['groupid']) && $_POST['groupid'] != '') {
$groupid = $sql->quote_smart($_POST['groupid']);
} else {
$groupid = 0;
}
if (isset($_POST['mincountOrRef']) && $_POST['mincountOrRef'] != '') {
$mincountOrRef = $sql->quote_smart($_POST['mincountOrRef']);
} else {
$mincountOrRef = 0;
}
if (isset($_POST['maxcount']) && $_POST['maxcount'] != '') {
$maxcount = $sql->quote_smart($_POST['maxcount']);
} else {
$maxcount = 0;
}
if (isset($_POST['lootcondition']) && $_POST['lootcondition'] != '') {
$lootcondition = $sql->quote_smart($_POST['lootcondition']);
} else {
$lootcondition = 0;
}
if (isset($_POST['condition_value1']) && $_POST['condition_value1'] != '') {
$condition_value1 = $sql->quote_smart($_POST['condition_value1']);
} else {
$condition_value1 = 0;
}
if (isset($_POST['condition_value2']) && $_POST['condition_value2'] != '') {
$condition_value2 = $sql->quote_smart($_POST['condition_value2']);
} else {
$condition_value2 = 0;
}
if (isset($_POST['item']) && $_POST['item'] != '') {
$item = $sql->quote_smart($_POST['item']);
} else {
$item = 0;
}
if (isset($_POST['del_loot_items']) && $_POST['del_loot_items'] != '') {
$del_loot_items = $sql->quote_smart($_POST['del_loot_items']);
} else {
$del_loot_items = NULL;
}
if (isset($_POST['involvedrelation']) && $_POST['involvedrelation'] != '') {
$involvedrelation = $sql->quote_smart($_POST['involvedrelation']);
} else {
$involvedrelation = 0;
}
if (isset($_POST['del_involvedrelation']) && $_POST['del_involvedrelation'] != '') {
$del_involvedrelation = $sql->quote_smart($_POST['del_involvedrelation']);
} else {
$del_involvedrelation = NULL;
}
if (isset($_POST['questrelation']) && $_POST['questrelation'] != '') {
$questrelation = $sql->quote_smart($_POST['questrelation']);
} else {
$questrelation = 0;
}
if (isset($_POST['del_questrelation']) && $_POST['del_questrelation'] != '') {
$del_questrelation = $sql->quote_smart($_POST['del_questrelation']);
} else {
$del_questrelation = NULL;
}
if ($_POST['opp_type'] == "add_new") {
$sql_query = "INSERT INTO gameobject_template ( entry, type, displayId, name, faction, flags, size, data0, data1,\r\n data2, data3, data4, data5, data6, data7, data8, data9, data10, data11, data12, data13,\r\n data14, data15, data16, data17, data18, data19, data20, data21, data22, data23, ScriptName )\r\n VALUES ( '{$entry}', '{$type}', '{$displayId}', '{$name}', '{$faction}', '{$flags}', '{$size}', '{$data0}', '{$data1}',\r\n '{$data2}', '{$data3}', '{$data4}', '{$data5}', '{$data6}', '{$data7}', '{$data8}', '{$data9}', '{$data10}', '{$data11}',\r\n '{$data12}', '{$data13}', '{$data14}', '{$data15}', '{$data16}', '{$data17}', '{$data18}', '{$data19}', '{$data20}',\r\n '{$data21}', '{$data22}', '{$data23}', '{$ScriptName}' )";
} elseif ($_POST['opp_type'] == "edit") {
$sql_query = "UPDATE gameobject_template SET ";
$result = $sql->query("SELECT gameobject_template.`entry`,`type`,`displayId`,IFNULL(" . ($deplang != 0 ? "name_loc{$deplang}" : "NULL") . ",`name`) as name,`faction`,`flags`,`size`,`data0`,`data1`,`data2`,`data3`,`data4`,`data5`,`data6`,`data7`,`data8`,`data9`,`data10`,`data11`,`data12`,`data13`,`data14`,`data15`,`data16`,`data17`,`data18`,`data19`,`data20`,`data21`,`data22`,`data23`,`ScriptName` FROM gameobject_template LEFT JOIN locales_gameobject ON gameobject_template.entry = locales_gameobject.entry WHERE gameobject_template.entry = '{$entry}'");
if ($go_templ = $sql->fetch_assoc($result)) {
if ($go_templ['type'] != $type) {
$sql_query .= "type='{$type}',";
}
if ($go_templ['displayId'] != $displayId) {
$sql_query .= "displayId='{$displayId}',";
}
if ($go_templ['name'] != $name) {
$sql_query .= "name='{$name}',";
}
if ($go_templ['faction'] != $faction) {
$sql_query .= "faction='{$faction}',";
}
if ($go_templ['flags'] != $flags) {
$sql_query .= "flags='{$flags}',";
}
if ($go_templ['size'] != $size) {
$sql_query .= "size='{$size}',";
}
if ($go_templ['data0'] != $data0) {
$sql_query .= "data0='{$data0}',";
}
if ($go_templ['data1'] != $data1) {
$sql_query .= "data1='{$data1}',";
}
if ($go_templ['data2'] != $data2) {
$sql_query .= "data2='{$data2}',";
}
if ($go_templ['data3'] != $data3) {
$sql_query .= "data3='{$data3}',";
}
if ($go_templ['data4'] != $data4) {
$sql_query .= "data4='{$data4}',";
}
if ($go_templ['data5'] != $data5) {
$sql_query .= "data5='{$data5}',";
}
if ($go_templ['data6'] != $data6) {
$sql_query .= "data6='{$data6}',";
}
if ($go_templ['data7'] != $data7) {
$sql_query .= "data7='{$data7}',";
}
if ($go_templ['data8'] != $data8) {
$sql_query .= "data8='{$data8}',";
}
if ($go_templ['data9'] != $data9) {
$sql_query .= "data9='{$data9}',";
}
if ($go_templ['data10'] != $data10) {
$sql_query .= "data10='{$data10}',";
}
if ($go_templ['data11'] != $data11) {
$sql_query .= "data11='{$data11}',";
}
if ($go_templ['data12'] != $data12) {
$sql_query .= "data12='{$data12}',";
}
if ($go_templ['data13'] != $data13) {
$sql_query .= "data13='{$data13}',";
}
if ($go_templ['data14'] != $data14) {
$sql_query .= "data14='{$data14}',";
}
if ($go_templ['data15'] != $data15) {
$sql_query .= "data15='{$data15}',";
}
if ($go_templ['data16'] != $data16) {
$sql_query .= "data16='{$data16}',";
}
if ($go_templ['data17'] != $data17) {
$sql_query .= "data17='{$data17}',";
}
if ($go_templ['data18'] != $data18) {
$sql_query .= "data18='{$data18}',";
}
if ($go_templ['data19'] != $data19) {
$sql_query .= "data19='{$data19}',";
}
if ($go_templ['data20'] != $data20) {
$sql_query .= "data20='{$data20}',";
}
if ($go_templ['data21'] != $data21) {
$sql_query .= "data21='{$data21}',";
}
if ($go_templ['data22'] != $data22) {
$sql_query .= "data22='{$data22}',";
}
if ($go_templ['data23'] != $data23) {
$sql_query .= "data23='{$data23}',";
}
if ($go_templ['ScriptName'] != $ScriptName) {
$sql_query .= "ScriptName='{$ScriptName}',";
}
$sql->free_result($result);
unset($go_templ);
if ($sql_query == "UPDATE gameobject_template SET " && !$item && !$del_loot_items && !$del_questrelation && !$questrelation && !$del_involvedrelation && !$involvedrelation) {
$sql->close();
redirect("game_object.php?action=edit&entry={$entry}&error=6");
} else {
if ($sql_query != "UPDATE gameobject_template SET ") {
$sql_query[strlen($sql_query) - 1] = " ";
$sql_query .= " WHERE entry = '{$entry}';\n";
} else {
$sql_query = "";
}
}
if ($item) {
$sql_query .= "INSERT INTO gameobject_loot_template (entry, item, ChanceOrQuestChance, `groupid`, mincountOrRef, maxcount, lootcondition, condition_value1, condition_value2)\r\n VALUES ({$data1},{$item},'{$ChanceOrQuestChance}', '{$groupid}' ,{$mincountOrRef} ,{$maxcount} ,{$lootcondition} ,{$condition_value1} ,{$condition_value2});\n";
}
if ($del_loot_items) {
foreach ($del_loot_items as $item_id) {
$sql_query .= "DELETE FROM gameobject_loot_template WHERE entry = {$data1} AND item = {$item_id};\n";
}
}
if ($questrelation) {
$sql_query .= "INSERT INTO gameobject_questrelation (id, quest) VALUES ({$entry},{$questrelation});\n";
}
if ($involvedrelation) {
$sql_query .= "INSERT INTO gameobject_involvedrelation (id, quest) VALUES ({$entry},{$involvedrelation});\n";
}
if ($del_questrelation) {
foreach ($del_questrelation as $quest_id) {
$sql_query .= "DELETE FROM gameobject_questrelation WHERE id = {$entry} AND quest = {$quest_id};\n";
}
}
if ($del_involvedrelation) {
foreach ($del_involvedrelation as $quest_id) {
$sql_query .= "DELETE FROM gameobject_involvedrelation WHERE id = {$entry} AND quest = {$quest_id};\n";
}
}
} else {
$sql->close();
redirect("game_object.php?error=5");
}
} else {
$sql->close();
redirect("game_object.php?error=5");
}
if (isset($_POST['backup_op']) && $_POST['backup_op'] == 1) {
$sql->close();
Header("Content-type: application/octet-stream");
Header("Content-Disposition: attachment; filename=goid_{$entry}.sql");
echo $sql_query;
exit;
redirect("game_object.php?action=edit&entry={$entry}&error=4");
} else {
$sql_query = explode(';', $sql_query);
foreach ($sql_query as $tmp_query) {
if ($tmp_query && $tmp_query != "\n") {
$result = $sql->query($tmp_query);
}
}
$sql->close();
}
if ($result) {
redirect("game_object.php?action=edit&entry={$entry}&error=4");
} else {
redirect("game_object.php");
}
}
