function LoginForm() { global $command, $admlogin, $admpassword; htmlProlog($_SERVER['PHP_SELF'], "Administration", false); ?> <form method="post" action="<?php echo basename($_SERVER['PHP_SELF']); ?> " name=loginform> <table frame=void rules=none WIDTH="300"> <tr> <td align="left"> login: </td> <td align="left"> <input type="text" name="admlogin" maxlength=16 size=16> </td> <tr> <td align="left"> password: </td> <td align="left"> <input type="password" name="admpassword" maxlength=16 size=16> </td> <tr> <td align="left"> </td> <td align="left"> </td> <tr> <td align="left"> </td> <td align="left"> <input type=submit value="login" name="cmdlogin"> </td> <td align="left"> <input type=hidden name="command" value="login"> </td> </table> </form> <script type="text/javascript"> <!-- if (document.loginform) { document.loginform.login.focus(); } // --> </script> <?php $admlogin = ''; $admpassword = ''; htmlEpilog(); }
echo "<td>" . $parse["UserName"] . "</td>"; echo "<td><a href='index.php?select_view=DefaultPlayer&filter_shard={$res_shard}&filter_entity=" . $parse["EId"] . "'>" . $parse["EId"] . "</a></td>"; echo "<td>" . $parse["EntityName"] . "</td>"; echo "<td>" . $parse["EntitySlot"] . "</td>"; echo "<td>" . $parse["State"] . "</td>"; echo "<td>"; if (isset($parse["SaveFile"])) { echo "<a href='backup_interface.php?charid=" . $parse["EId"] . "&file=" . $parse["SaveFile"] . "'>Load/Save sheet</a>"; } echo "</td>"; echo "</tr>\n"; ++$num_player; } echo "</table>\n"; } echo "<script><!--\n"; echo "var num_player = {$num_player};\n"; echo "//--></script>\n"; echo "<form name='select_player_form' method=post action='index.php?select_view=DefaultPlayer'>\n"; echo "<input type=submit name='from_player_locator' value='Select Players'>\n"; echo "<input id='filter_entity_hidden' type=hidden name=filter_entity value=''>\n"; echo "<input id='active_player_hidden' type=hidden name=active_player value=''>\n"; echo "</form>\n"; } echo "</td>\n"; echo "</tr></table>\n"; echo "<script type='text/javascript'><!--\n"; echo "if (document.cmdform) { document.cmdform.execCommand.focus(); }\n"; echo "// --></script>\n"; htmlEpilog();
} echo "<center>\n"; echo "<form method=post action='" . $_SERVER['PHP_SELF'] . "'>\n"; echo "<textarea name=help_body rows=10 cols=70>{$help_body}</textarea><br>\n"; echo "<input type=submit name='update' value='Update'>\n"; echo "<input type=submit value='Cancel'>\n"; echo "<input type=hidden name=file value='{$file}'>\n"; echo "<input type=hidden name=topic value='{$topic}'>\n"; echo "</form>\n"; echo "</center>\n"; $view = false; } else { if ($update) { mysql_query("DELETE FROM help_topic WHERE file='{$file}' AND topic='{$topic}'"); mysql_query("INSERT INTO help_topic SET file='{$file}', topic='{$topic}', help_body='{$help_body}'"); } } if ($view) { $result = mysql_query("SELECT help_body FROM help_topic WHERE file='{$file}' AND topic='{$topic}'"); if ($result && ($body = mysql_fetch_array($result))) { echo "<b>Help for '{$file}/{$topic}':</b><br>\n"; echo "<a href='" . $_SERVER['PHP_SELF'] . "?edit=1&file={$file}&topic={$topic}'>Edit Help</a><br><hr>\n"; echo "<p align=justify>" . ereg_replace("{([^}]+)}", "<a href='" . $_SERVER['PHP_SELF'] . "?file=common&topic=\\1'>\\1</a>", nl2br($body["help_body"])) . "<br>\n"; } else { echo "<b>No help found for '{$file}/{$topic}'.</b><br>\n"; echo "If you want to create an <b>Help note</b> for this topic, <a href='" . $_SERVER['PHP_SELF'] . "?edit=1&file={$file}&topic={$topic}'>click here</a>.\n"; } } } htmlEpilog(false);
function auth(&$error) { global $command, $sessionAuth, $admcookielogin, $admcookiepassword, $sessionAuth; global $admlogin, $admpassword, $uid, $gid, $useCookie, $group, $HTTP_POST_VARS; unset($error); switch ($HTTP_POST_VARS["command"]) { case "logout": addToLog("Logout!"); $uid = $sessionAuth["uid"]; logUser($uid, "LOGOUT"); //session_unregister("sessionAuth"); unset($_SESSION["sessionAuth"]); session_destroy(); // erases cookies eraseCookies(); unset($admlogin); unset($admpassword); unset($admcookielogin); unset($admcookiepassword); unset($uid); htmlProlog($_SERVER['PHP_SELF'], "Logout", false); echo "<center>\n"; echo "You are not logged any more<br>\n"; echo "Click <a href='index.php'>here</a> to login<br>\n"; echo "</center>\n"; htmlEpilog(); die; break; case "chPassword": addToLog("Change pass!"); global $chOldPass, $chNewPass, $chConfirmNewPass; if (!($uid = validateId($admlogin, $admpassword, $useCookie, $gid, $group))) { $error = "Invalid login '{$admlogin}'"; eraseCookies(); return 0; } if (crypt($chOldPass, "NL") == $admpassword && $chNewPass == $chConfirmNewPass) { sqlquery("UPDATE user SET password='******' WHERE uid='{$uid}'"); $admpassword = $chNewPass; addToLog("Changed password to '{$chNewPass}':'" . crypt($chNewPass, "NL") . "'"); //session_unregister("sessionAuth"); unset($_SESSION["sessionAuth"]); session_destroy(); } case "login": $admpassword = crypt($admpassword, "NL"); addToLog("Login! -- admlogin='******', admpassword='******'"); if (!($uid = validateId($admlogin, $admpassword, $useCookie, $gid, $group))) { $error = "Invalid login '{$admlogin}'"; print $error; eraseCookies(); return 0; } $sessionAuth = array("admlogin" => $admlogin, "admpassword" => $admpassword, "uid" => $uid); //session_register("sessionAuth"); $_SESSION["sessionAuth"] = $sessionAuth; if ($useCookie) { setupCookies($admlogin, $admpassword); } logUser($uid, "LOGIN"); return 1; break; default: if (!isset($sessionAuth) || $sessionAuth["admlogin"] == "") { print "no sessionauth or admlogin is blank"; if (!isset($admcookielogin)) { addToLog("cookie not set"); return false; } else { $admlogin = $admcookielogin; $admpassword = $admcookiepassword; } } else { $admlogin = $sessionAuth["admlogin"]; $admpassword = $sessionAuth["admpassword"]; $uid = $sessionAuth["uid"]; } if (!($uid = validateId($admlogin, $admpassword, $useCookie, $gid, $group))) { if (!$uid) { $error = "Invalid login '{$admlogin}'"; eraseCookies(); return false; } } $sessionAuth = array("admlogin" => $admlogin, "admpassword" => $admpassword, "uid" => $uid); //session_register("sessionAuth"); $_SESSION["sessionAuth"] = $sessionAuth; if ($useCookie) { setupCookies($admlogin, $admpassword); } else { eraseCookies(); } //logUser($uid, "BROWSE"); return 1; break; } }