/** * Returns the state of the player from the database, * uses a user_id if one is present, otherwise * defaults to the currently logged in player, but can act on any player * if another username is passed in. * @param $user user_id or username * @param @password Unless true, wipe the password. **/ function get_player_info($user = null, $password = false) { $sql = new DBAccess(); $player_data = null; if (is_numeric($user)) { $sel_player = "select * from players where player_id = '" . $user . "' limit 1"; } else { $username = either($user, SESSION::is_set('username') ? SESSION::get('username') : null); // Default to current session user. $sel_player = "select * from players where uname = '" . sql($username) . "' limit 1"; } $player_data = $sql->QueryRowAssoc($sel_player); if (!$password) { unset($player_data['pname']); } return $player_data; }