function validateCreation($formData) { $clanName = mysql_real_escape_string($formData['clan_name']); $clanPass = mysql_real_escape_string($formData['clan_password']); $confirmPass = mysql_real_escape_string($formData['confirm_clan_password']); $requiredMoney = 100000; $userID = (int) $formData['user_id']; $query = mysql_query("SELECT * FROM clan_admin WHERE admin_uid='{$userID}'"); $rows = mysql_num_rows($query); if (!$rows) { if (!empty($clanName) && !empty($clanPass) && !empty($confirmPass)) { if ($clanPass === $confirmPass) { $hashedPass = md5($clanPass); $userStats = getUserStats($userID); $totalExp = $userStats['total_exp']; $userName = $userStats['username']; $totalMoney = $userStats['money']; $battlesWon = $userStats['battles_won']; $battlesLost = $userStats['battles_lost']; $success = array(); if ($totalMoney < $requiredMoney) { $query = mysql_query("INSERT INTO clans SET clan_name='{$clanName}', leader_id='{$userID}', clan_leader='{$userName}', total_money='{$totalMoney}', total_exp='{$totalExp}', total_members='1'"); if ($query) { $success[] = true; $query = mysql_query("SELECT * FROM clans WHERE clan_name='{$clanName}'"); $clans = mysql_fetch_assoc($query); $clanID = $clans['id']; $clanNameAdmin = strtolower($clanName); $query = mysql_query("INSERT INTO clan_admin SET clan_id='{$clanID}', clan_name='{$clanNameAdmin}', clan_password='******', admin_uid='{$userID}'"); if ($query) { $success[] = true; $query = mysql_query("INSERT INTO clan_members SET clan_id='{$clanID}', members_id='{$userID}', clan_name='{$clanName}', members_name='{$userName}', members_money='{$totalMoney}', members_exp='{$totalExp}', clan_access='2'"); if ($query) { echo "Clan successfully created!<br />"; return true; } else { $success[] = false; } } else { $success[] = false; } } else { $success[] = false; } } else { echo "Sorry, you must have atleast \$" . number_format($requiredMoney) . " to create a clan.<br />"; } } else { echo "Your passwords did not match.<br />"; } } else { echo "Please fill out the entire form to create a clan.<br />"; } } else { echo "Sorry, You can only create one clan.<br />"; } }
if ($code == $_SESSION['groupcode']) { if ($userid == $_SESSION['userid']) { setError('Gruppe des eigenen Benutzers kann nicht geändert werden!'); } else { if (setUserGroup($userid, $group)) { setInfo("Gruppe erfolgreich zugewiesen!"); } else { setError("Die Gruppe konnte nicht zugewiesen werden!"); } } header("location: {$SETTINGS['url']}/user/{$userid}"); exit; } } $userinfo = getUserInfo($userid); $userstats = getUserStats($userid); $username = htmlspecialchars($userinfo->username, 0, 'UTF-8'); $lastname = htmlspecialchars($userinfo->lastname, 0, 'UTF-8'); $group = getRoleName($userinfo->group); $correct = $userinfo->correct; $wrong = $userinfo->wrong; $total = $correct + $wrong; $ratio = $total == 0 ? 0 : round($correct * 100 / $total, 2); $created = $userstats->add; $modified = $userstats->mod; $deleted = $userstats->del; $selectedguest = $userinfo->group == 'guest' ? ' selected="selected"' : ''; $selecteduser = $userinfo->group == 'user' ? ' selected="selected"' : ''; $selectedadmin = $userinfo->group == 'admin' ? ' selected="selected"' : ''; $deletecode = sha1(rand()); $_SESSION['deletecode'] = $deletecode;
<?php # Include files required for the site to work properly. require_once "config.php"; require_once "functions.php"; # Set a flag to keep track of whether login was successful, this # allows for the display of an appopriate message later. $leaveSuccess = false; # Retrieve the account username. $username = $_POST['username']; # Get the rank of the account associated with the username. $rank = getUserStats($username, $connection); $rank = $rank[0]; # To deactive that user account, the rank is made a negative number. # Find the lowest negative rank to determine what to set the user's # rank to. $getMinRank = mysqli_query($connection, "SELECT MIN(rank) FROM player"); $minRank = mysqli_fetch_array($getMinRank); $minRank = $minRank[0]; if ($minRank > 0) { $minRank = 0; } # Update the deactivated account's rank to be the lowest rank in the # database. $newRank = $minRank - 1; $leaveSuccess = mysqli_query($connection, "UPDATE player SET rank = '{$newRank}' WHERE username = '******'") or die(mysqli_error($connection)); # If the deactivation was successful, get and update the rank of # every player ranked behind the deactivated account. if ($leaveSuccess) { # Remove all challenges involving the player who left. $removeChallenges = mysqli_query($connection, "DELETE FROM challenge WHERE \n challenger = '{$username}' OR\n challengee = '{$username}'");
<?php # Only show the challenge form if the user is logged into a valid account. if ($validUser) { # Only display the page if a player has been selected. if (isset($_POST['player'])) { # Retrieve the submitted player $player = $_POST['player']; # Get information for the player $playerName = getName($player, $connection); # Get the statistics for the requested player. $playerStats = getUserStats($player, $connection); $playerRank = $playerStats[0]; $playerWins = $playerStats[1]; $playerLosses = $playerStats[2]; $playerAvg = $playerStats[3]; ?> <div class="widget"> <div class="widgetTitle"> <img src="includes/images/graphics/body/titleBand.png" class="goldband" /> <h2>Statistics For <?php echo $playerName; ?> </h2> </div> <div class="widgetContent"> <table> <tr>