function chooseacct() { global $output, $action_permission, $characters_db, $corem_db, $realm_id, $user_name, $transfer_credits, $user_id, $user_lvl, $sql, $core; valid_login($action_permission["view"]); $guid = $sql["char"]->quote_smart($_GET["char"]); $new = ''; if (isset($_GET["new"])) { $new = $sql["char"]->quote_smart($_GET["new"]); } // if we came here from char_list.php (and have permission) // then we need to skip the approval process if ($_GET["priority"] == 1 && $user_lvl >= $action_permission["update"]) { $priority = 1; } if ($core == 1) { $accts_query = "SELECT acct, accounts.login, IFNULL(`" . $corem_db["name"] . "`.config_accounts.ScreenName, '') AS ScreenName\r\n FROM accounts\r\n LEFT JOIN `" . $corem_db["name"] . "`.config_accounts ON config_accounts.Login=accounts.login COLLATE utf8_general_ci\r\n WHERE acct<>(SELECT acct FROM `" . $characters_db[$realm_id]['name'] . "`.characters WHERE guid='" . $guid . "') ORDER BY ScreenName ASC"; } else { $accts_query = "SELECT id AS acct, username AS login, IFNULL(`" . $corem_db["name"] . "`.config_accounts.ScreenName, '') AS ScreenName\r\n FROM account\r\n LEFT JOIN `" . $corem_db["name"] . "`.config_accounts ON config_accounts.Login=account.username\r\n WHERE id<>(SELECT account FROM `" . $characters_db[$realm_id]['name'] . "`.characters WHERE guid='" . $guid . "') ORDER BY ScreenName ASC"; } $accts = $sql["logon"]->query($accts_query); $query = "SELECT * FROM characters WHERE guid='" . $guid . "'"; $char = $sql["char"]->fetch_assoc($sql["char"]->query($query)); // credits if ($transfer_credits >= 0) { // get our credit balance $cr_query = "SELECT Credits FROM config_accounts WHERE Login='******'"; $cr_result = $sql["mgr"]->query($cr_query); $cr_result = $sql["mgr"]->fetch_assoc($cr_result); $credits = $cr_result["Credits"]; } $output .= ' <div id="xname_fieldset" class="fieldset_border center"> <span class="legend">' . lang("xacct", "chooseacct") . '</span> <form method="get" action="change_char_account.php" id="form"> <div> <input type="hidden" name="action" value="' . ($priority != 1 ? 'getapproval' : 'direct') . '" /> <input type="hidden" name="guid" value="' . $char["guid"] . '" /> </div> <table id="xname_char_table" class="center"> <tr> <td rowspan="4" style="width: 170px;"> <div style="width: 64px; margin-left: auto; margin-right: auto;"> <img src="' . char_get_avatar_img($char["level"], $char["gender"], $char["race"], $char["class"]) . '" alt="" /> </div> </td> <td> <span class="xname_char_name">' . $char["name"] . '</span> </td> </tr> <tr> <td>' . lang("xacct", "level") . ': ' . $char["level"] . '</td> </tr> <tr> <td>' . lang("xacct", "race") . ': ' . char_get_race_name($char["race"]) . '</td> </tr> <tr> <td>' . lang("xacct", "class") . ': ' . char_get_class_name($char["class"]) . '</td> </tr> <tr> <td> </td> </tr>'; if ($transfer_credits > 0) { $cost_line = lang("xacct", "credit_cost"); $cost_line = str_replace("%1", '<b>' . $transfer_credits . '</b>', $cost_line); $output .= ' <tr> <td colspan="2">' . $cost_line . '</td> </tr>'; if ($credits >= 0) { $credit_balance = lang("xacct", "credit_balance"); $credit_balance = str_replace("%1", '<b>' . (double) $credits . '</b>', $credit_balance); $output .= ' <tr> <td colspan="2">' . $credit_balance . '</td> </tr>'; if ($credits < $transfer_credits) { $output .= ' <tr> <td colspan="2">' . lang("xacct", "insufficient_credits") . '</td> </tr>'; } else { $output .= ' <tr> <td colspan="2"> </td> </tr> <tr> <td colspan="2">' . lang("xacct", "delay_warning") . '</td> </tr>'; } } else { $output .= ' <tr> <td colspan="2">' . lang("global", "credits_unlimited") . '</td> </tr>'; } $output .= ' <tr> <td colspan="2"> </td> </tr>'; } $output .= ' <tr> <td colspan="2"><b>' . lang("xacct", "enteracct") . ':</b></td> </tr> <tr> <td>' . lang("xacct", "newacct") . ':</td> <td> <select name="new">'; while ($row = $sql["logon"]->fetch_assoc($accts)) { $output .= ' <option value="' . $row["acct"] . '">'; // GM's see account name // Players see Screen Name if available if ($user_lvl < 4) { if ($row["ScreenName"] == '') { $output .= $row["login"]; } else { $output .= $row["ScreenName"]; } } else { $output .= $row["login"]; } $output .= ' </option>'; } $output .= ' </select> </td> </tr> <tr> <td>' . lang("xacct", "newacct1") . ':</td> <td> <input type="text" name="new1" value="" style="width: 110px;" /> </td> </tr>'; // if we have unlimited credits, then we fake our credit balance here $credits = $credits < 0 ? $transfer_credits : $credits; if ($transfer_credits <= 0 || $credits >= $transfer_credits) { $output .= ' <tr> <td colspan="2"> </td> </tr> <tr> <td colspan="2">'; makebutton(lang("xacct", "save"), "javascript:do_submit()", 180); $output .= ' </td> <td> </td> </tr>'; } $output .= ' </table> </form> </div> <br />'; }
function char_main(&$sqlr, &$sqlc) { global $output, $lang_global, $lang_char, $lang_item, $realm_id, $realm_db, $characters_db, $world_db, $server, $mmfpm_db, $action_permission, $user_lvl, $user_name, $user_id, $item_datasite, $spell_datasite, $showcountryflag; // this page uses wowhead tooltops wowhead_tt(); // we need at least an id or we would have nothing to show if (empty($_GET['id'])) { error($lang_global['empty_fields']); } // this is multi realm support, as of writing still under development // this page is already implementing it if (empty($_GET['realm'])) { $realmid = $realm_id; } else { $realmid = $sqlr->quote_smart($_GET['realm']); if (is_numeric($realmid)) { $sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']); } else { $realmid = $realm_id; } } $id = $sqlc->quote_smart($_GET['id']); if (is_numeric($id)) { } else { error($lang_global['empty_fields']); } $result = $sqlc->query('SELECT account, race FROM characters WHERE guid = ' . $id . ' LIMIT 1'); if ($sqlc->num_rows($result)) { //resrict by owner's gmlvl $owner_acc_id = $sqlc->result($result, 0, 'account'); $query = $sqlr->query('SELECT gmlevel, username FROM account WHERE id = ' . $owner_acc_id . ''); $owner_gmlvl = $sqlr->result($query, 0, 'gmlevel'); $owner_name = $sqlr->result($query, 0, 'username'); if ($user_lvl || $server[$realmid]['both_factions']) { $side_v = 0; $side_p = 0; } else { $side_p = in_array($sqlc->result($result, 0, 'race'), array(2, 5, 6, 8, 10)) ? 1 : 2; $result_1 = $sqlc->query('SELECT race FROM characters WHERE account = ' . $user_id . ' LIMIT 1'); if ($sqlc->num_rows($result)) { $side_v = in_array($sqlc->result($result_1, 0, 'race'), array(2, 5, 6, 8, 10)) ? 1 : 2; } else { $side_v = 0; } unset($result_1); } if ($user_lvl >= $owner_gmlvl && ($side_v === $side_p || !$side_v)) { $result = $sqlc->query('SELECT account, data, name, race, class, gender, level, zone, map, online, totaltime, arenaPoints, totalHonorPoints, totalKills, health, power1, power2, power3, power4, power5, power6, power7 FROM characters WHERE guid = ' . $id . ''); $char = $sqlc->fetch_assoc($result); $char_data = explode(' ', $char['data']); $online = $char['online'] ? $lang_char['online'] : $lang_char['offline']; if ($char_data[CHAR_DATA_OFFSET_GUILD_ID]) { $guild_name = $sqlc->result($sqlc->query('SELECT name FROM guild WHERE guildid =' . $char_data[CHAR_DATA_OFFSET_GUILD_ID] . ''), 0, 'name'); $guild_name = '<a href="guild.php?action=view_guild&realm=' . $realmid . '&error=3&id=' . $char_data[CHAR_DATA_OFFSET_GUILD_ID] . '" >' . $guild_name . '</a>'; $mrank = $char_data[CHAR_DATA_OFFSET_GUILD_RANK] + 1; $guild_rank = $sqlc->result($sqlc->query('SELECT rname FROM guild_rank WHERE guildid =' . $char_data[CHAR_DATA_OFFSET_GUILD_ID] . ' AND rid=' . $mrank . ''), 0, 'rname'); } else { $guild_name = $lang_global['none']; $guild_rank = $lang_global['none']; } $block = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_BLOCK])); $block = round($block[1], 2); $dodge = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_DODGE])); $dodge = round($dodge[1], 2); $parry = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_PARRY])); $parry = round($parry[1], 2); $crit = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MELEE_CRIT])); $crit = round($crit[1], 2); $ranged_crit = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_RANGE_CRIT])); $ranged_crit = round($ranged_crit[1], 2); $maxdamage = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MAXDAMAGE])); $maxdamage = round($maxdamage[1], 0); $mindamage = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MINDAMAGE])); $mindamage = round($mindamage[1], 0); $maxrangeddamage = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MAXRANGEDDAMAGE])); $maxrangeddamage = round($maxrangeddamage[1], 0); $minrangeddamage = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MINRANGEDDAMAGE])); $minrangeddamage = round($minrangeddamage[1], 0); $spell_crit = 100; for ($i = 0; $i < 6; ++$i) { $temp = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_SPELL_CRIT + 1 + $i])); if ($temp[1] < $spell_crit) { $spell_crit = $temp[1]; } } $spell_crit = round($spell_crit, 2); $spell_damage = 9999; for ($i = 0; $i < 6; ++$i) { if ($char_data[CHAR_DATA_OFFSET_SPELL_DAMAGE + 1 + $i] < $spell_damage) { $spell_damage = $char_data[CHAR_DATA_OFFSET_SPELL_DAMAGE + 1 + $i]; } } $rage = round($char['power2'] / 10); $expertise = '' . $char_data[CHAR_DATA_OFFSET_EXPERTISE] . ' / ' . $char_data[CHAR_DATA_OFFSET_OFFHAND_EXPERTISE] . ''; $EQU_HEAD = $char_data[CHAR_DATA_OFFSET_EQU_HEAD]; $EQU_NECK = $char_data[CHAR_DATA_OFFSET_EQU_NECK]; $EQU_SHOULDER = $char_data[CHAR_DATA_OFFSET_EQU_SHOULDER]; $EQU_SHIRT = $char_data[CHAR_DATA_OFFSET_EQU_SHIRT]; $EQU_CHEST = $char_data[CHAR_DATA_OFFSET_EQU_CHEST]; $EQU_BELT = $char_data[CHAR_DATA_OFFSET_EQU_BELT]; $EQU_LEGS = $char_data[CHAR_DATA_OFFSET_EQU_LEGS]; $EQU_FEET = $char_data[CHAR_DATA_OFFSET_EQU_FEET]; $EQU_WRIST = $char_data[CHAR_DATA_OFFSET_EQU_WRIST]; $EQU_GLOVES = $char_data[CHAR_DATA_OFFSET_EQU_GLOVES]; $EQU_FINGER1 = $char_data[CHAR_DATA_OFFSET_EQU_FINGER1]; $EQU_FINGER2 = $char_data[CHAR_DATA_OFFSET_EQU_FINGER2]; $EQU_TRINKET1 = $char_data[CHAR_DATA_OFFSET_EQU_TRINKET1]; $EQU_TRINKET2 = $char_data[CHAR_DATA_OFFSET_EQU_TRINKET2]; $EQU_BACK = $char_data[CHAR_DATA_OFFSET_EQU_BACK]; $EQU_MAIN_HAND = $char_data[CHAR_DATA_OFFSET_EQU_MAIN_HAND]; $EQU_OFF_HAND = $char_data[CHAR_DATA_OFFSET_EQU_OFF_HAND]; $EQU_RANGED = $char_data[CHAR_DATA_OFFSET_EQU_RANGED]; $EQU_TABARD = $char_data[CHAR_DATA_OFFSET_EQU_TABARD]; /* // reserved incase we want to use back minimanagers' built in tooltip, instead of wowheads' // minimanagers' item tooltip needs updating, but it can show enchantments and sockets. $equiped_items = array ( 1 => array(($EQU_HEAD ? get_item_tooltip($EQU_HEAD) : 0),($EQU_HEAD ? get_item_icon($EQU_HEAD) : 0),($EQU_HEAD ? get_item_border($EQU_HEAD) : 0)), 2 => array(($EQU_NECK ? get_item_tooltip($EQU_NECK) : 0),($EQU_NECK ? get_item_icon($EQU_NECK) : 0),($EQU_NECK ? get_item_border($EQU_NECK) : 0)), 3 => array(($EQU_SHOULDER ? get_item_tooltip($EQU_SHOULDER) : 0),($EQU_SHOULDER ? get_item_icon($EQU_SHOULDER) : 0),($EQU_SHOULDER ? get_item_border($EQU_SHOULDER) : 0)), 4 => array(($EQU_SHIRT ? get_item_tooltip($EQU_SHIRT) : 0),($EQU_SHIRT ? get_item_icon($EQU_SHIRT) : 0),($EQU_SHIRT ? get_item_border($EQU_SHIRT) : 0)), 5 => array(($EQU_CHEST ? get_item_tooltip($EQU_CHEST) : 0),($EQU_CHEST ? get_item_icon($EQU_CHEST) : 0),($EQU_CHEST ? get_item_border($EQU_CHEST) : 0)), 6 => array(($EQU_BELT ? get_item_tooltip($EQU_BELT) : 0),($EQU_BELT ? get_item_icon($EQU_BELT) : 0),($EQU_BELT ? get_item_border($EQU_BELT) : 0)), 7 => array(($EQU_LEGS ? get_item_tooltip($EQU_LEGS) : 0),($EQU_LEGS ? get_item_icon($EQU_LEGS) : 0),($EQU_LEGS ? get_item_border($EQU_LEGS) : 0)), 8 => array(($EQU_FEET ? get_item_tooltip($EQU_FEET) : 0),($EQU_FEET ? get_item_icon($EQU_FEET) : 0),($EQU_FEET ? get_item_border($EQU_FEET) : 0)), 9 => array(($EQU_WRIST ? get_item_tooltip($EQU_WRIST) : 0),($EQU_WRIST ? get_item_icon($EQU_WRIST) : 0),($EQU_WRIST ? get_item_border($EQU_WRIST) : 0)), 10 => array(($EQU_GLOVES ? get_item_tooltip($EQU_GLOVES) : 0),($EQU_GLOVES ? get_item_icon($EQU_GLOVES) : 0),($EQU_GLOVES ? get_item_border($EQU_GLOVES) : 0)), 11 => array(($EQU_FINGER1 ? get_item_tooltip($EQU_FINGER1) : 0),($EQU_FINGER1 ? get_item_icon($EQU_FINGER1) : 0),($EQU_FINGER1 ? get_item_border($EQU_FINGER1) : 0)), 12 => array(($EQU_FINGER2 ? get_item_tooltip($EQU_FINGER2) : 0),($EQU_FINGER2 ? get_item_icon($EQU_FINGER2) : 0),($EQU_FINGER2 ? get_item_border($EQU_FINGER2) : 0)), 13 => array(($EQU_TRINKET1 ? get_item_tooltip($EQU_TRINKET1) : 0),($EQU_TRINKET1 ? get_item_icon($EQU_TRINKET1) : 0),($EQU_TRINKET1 ? get_item_border($EQU_TRINKET1) : 0)), 14 => array(($EQU_TRINKET2 ? get_item_tooltip($EQU_TRINKET2) : 0),($EQU_TRINKET2 ? get_item_icon($EQU_TRINKET2) : 0),($EQU_TRINKET2 ? get_item_border($EQU_TRINKET2) : 0)), 15 => array(($EQU_BACK ? get_item_tooltip($EQU_BACK) : 0),($EQU_BACK ? get_item_icon($EQU_BACK) : 0),($EQU_BACK ? get_item_border($EQU_BACK) : 0)), 16 => array(($EQU_MAIN_HAND ? get_item_tooltip($EQU_MAIN_HAND) : 0),($EQU_MAIN_HAND ? get_item_icon($EQU_MAIN_HAND) : 0),($EQU_MAIN_HAND ? get_item_border($EQU_MAIN_HAND) : 0)), 17 => array(($EQU_OFF_HAND ? get_item_tooltip($EQU_OFF_HAND) : 0),($EQU_OFF_HAND ? get_item_icon($EQU_OFF_HAND) : 0),($EQU_OFF_HAND ? get_item_border($EQU_OFF_HAND) : 0)), 18 => array(($EQU_RANGED ? get_item_tooltip($EQU_RANGED) : 0),($EQU_RANGED ? get_item_icon($EQU_RANGED) : 0),($EQU_RANGED ? get_item_border($EQU_RANGED) : 0)), 19 => array(($EQU_TABARD ? get_item_tooltip($EQU_TABARD) : 0),($EQU_TABARD ? get_item_icon($EQU_TABARD) : 0),($EQU_TABARD ? get_item_border($EQU_TABARD) : 0)) ); */ $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); $sqlw = new SQL(); $sqlw->connect($world_db[$realmid]['addr'], $world_db[$realmid]['user'], $world_db[$realmid]['pass'], $world_db[$realmid]['name']); $equiped_items = array(1 => array('', $EQU_HEAD ? get_item_icon($EQU_HEAD, $sqlm, $sqlw) : 0, $EQU_HEAD ? get_item_border($EQU_HEAD, $sqlw) : 0), 2 => array('', $EQU_NECK ? get_item_icon($EQU_NECK, $sqlm, $sqlw) : 0, $EQU_NECK ? get_item_border($EQU_NECK, $sqlw) : 0), 3 => array('', $EQU_SHOULDER ? get_item_icon($EQU_SHOULDER, $sqlm, $sqlw) : 0, $EQU_SHOULDER ? get_item_border($EQU_SHOULDER, $sqlw) : 0), 4 => array('', $EQU_SHIRT ? get_item_icon($EQU_SHIRT, $sqlm, $sqlw) : 0, $EQU_SHIRT ? get_item_border($EQU_SHIRT, $sqlw) : 0), 5 => array('', $EQU_CHEST ? get_item_icon($EQU_CHEST, $sqlm, $sqlw) : 0, $EQU_CHEST ? get_item_border($EQU_CHEST, $sqlw) : 0), 6 => array('', $EQU_BELT ? get_item_icon($EQU_BELT, $sqlm, $sqlw) : 0, $EQU_BELT ? get_item_border($EQU_BELT, $sqlw) : 0), 7 => array('', $EQU_LEGS ? get_item_icon($EQU_LEGS, $sqlm, $sqlw) : 0, $EQU_LEGS ? get_item_border($EQU_LEGS, $sqlw) : 0), 8 => array('', $EQU_FEET ? get_item_icon($EQU_FEET, $sqlm, $sqlw) : 0, $EQU_FEET ? get_item_border($EQU_FEET, $sqlw) : 0), 9 => array('', $EQU_WRIST ? get_item_icon($EQU_WRIST, $sqlm, $sqlw) : 0, $EQU_WRIST ? get_item_border($EQU_WRIST, $sqlw) : 0), 10 => array('', $EQU_GLOVES ? get_item_icon($EQU_GLOVES, $sqlm, $sqlw) : 0, $EQU_GLOVES ? get_item_border($EQU_GLOVES, $sqlw) : 0), 11 => array('', $EQU_FINGER1 ? get_item_icon($EQU_FINGER1, $sqlm, $sqlw) : 0, $EQU_FINGER1 ? get_item_border($EQU_FINGER1, $sqlw) : 0), 12 => array('', $EQU_FINGER2 ? get_item_icon($EQU_FINGER2, $sqlm, $sqlw) : 0, $EQU_FINGER2 ? get_item_border($EQU_FINGER2, $sqlw) : 0), 13 => array('', $EQU_TRINKET1 ? get_item_icon($EQU_TRINKET1, $sqlm, $sqlw) : 0, $EQU_TRINKET1 ? get_item_border($EQU_TRINKET1, $sqlw) : 0), 14 => array('', $EQU_TRINKET2 ? get_item_icon($EQU_TRINKET2, $sqlm, $sqlw) : 0, $EQU_TRINKET2 ? get_item_border($EQU_TRINKET2, $sqlw) : 0), 15 => array('', $EQU_BACK ? get_item_icon($EQU_BACK, $sqlm, $sqlw) : 0, $EQU_BACK ? get_item_border($EQU_BACK, $sqlw) : 0), 16 => array('', $EQU_MAIN_HAND ? get_item_icon($EQU_MAIN_HAND, $sqlm, $sqlw) : 0, $EQU_MAIN_HAND ? get_item_border($EQU_MAIN_HAND, $sqlw) : 0), 17 => array('', $EQU_OFF_HAND ? get_item_icon($EQU_OFF_HAND, $sqlm, $sqlw) : 0, $EQU_OFF_HAND ? get_item_border($EQU_OFF_HAND, $sqlw) : 0), 18 => array('', $EQU_RANGED ? get_item_icon($EQU_RANGED, $sqlm, $sqlw) : 0, $EQU_RANGED ? get_item_border($EQU_RANGED, $sqlw) : 0), 19 => array('', $EQU_TABARD ? get_item_icon($EQU_TABARD, $sqlm, $sqlw) : 0, $EQU_TABARD ? get_item_border($EQU_TABARD, $sqlw) : 0)); if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) { $output .= ' <!-- start of char.php --> <center> <div id="tab_content"> <div id="tab"> <ul> <li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['inventory'] . '</a></li> <li><a href="char_extra.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['extra'] . '</a></li> ' . ($char['level'] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['talents'] . '</a></li>') . ' <li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['achievements'] . '</a></li> <li><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['reputation'] . '</a></li> <li><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['skills'] . '</a></li> <li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['quests'] . '</a></li>'; if (char_get_class_name($char['class']) === 'Hunter') { $output .= ' <li><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['pets'] . '</a></li>'; } $output .= ' <li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['friends'] . '</a></li> <li><a href="char_spell.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['spells'] . '</a></li> <li><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['mail'] . '</a></li> </ul> <ul>'; // selected char tab at last $output .= ' <li id="selected"><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li>'; } else { $output .= ' <center> <div id="tab"> <ul> <li id="selected"><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li> </ul> </div> <div id="tab_content"> <div id="tab"> <ul>'; } $output .= ' </ul> </div> <div id="tab_content2"> <table class="lined" style="width: 580px;"> <tr> <td colspan="2"> <div> <img src="' . char_get_avatar_img($char['level'], $char['gender'], $char['race'], $char['class'], 0) . '" alt="avatar" /> </div> <div>'; $a_results = $sqlc->query('SELECT DISTINCT spell FROM character_aura WHERE guid = ' . $id . ''); if ($sqlc->num_rows($a_results)) { while ($aura = $sqlc->fetch_assoc($a_results)) { $output .= ' <a style="padding:2px;" href="' . $spell_datasite . $aura['spell'] . '" target="_blank"> <img src="' . spell_get_icon($aura['spell'], $sqlm) . '" alt="' . $aura['spell'] . '" width="24" height="24" /> </a>'; } } $output .= ' </div> </td> <td colspan="4"> <font class="bold"> ' . htmlentities($char['name']) . ' - <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /> <img src="img/c_icons/' . $char['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . ' </font> <br />' . get_map_name($char['map'], $sqlm) . ' - ' . get_zone_name($char['zone'], $sqlm) . ' <br />' . $lang_char['honor_points'] . ': ' . $char['totalHonorPoints'] . ' / ' . $char['arenaPoints'] . ' - ' . $lang_char['honor_kills'] . ': ' . $char['totalKills'] . ' <br />' . $lang_char['guild'] . ': ' . $guild_name . ' | ' . $lang_char['rank'] . ': ' . htmlentities($guild_rank) . ' <br />' . ($char['online'] ? '<img src="img/up.gif" onmousemove="toolTip(\'Online\', \'item_tooltip\')" onmouseout="toolTip()" alt="online" />' : '<img src="img/down.gif" onmousemove="toolTip(\'Offline\', \'item_tooltip\')" onmouseout="toolTip()" alt="offline" />'); if ($showcountryflag) { require_once 'libs/misc_lib.php'; $country = misc_get_country_by_account($char['account'], $sqlr, $sqlm); $output .= ' - ' . ($country['code'] ? '<img src="img/flags/' . $country['code'] . '.png" onmousemove="toolTip(\'' . $country['country'] . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />' : '-'); unset($country); } $output .= ' </td> </tr> <tr> <td width="6%">'; if ($equiped_items[1][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_HEAD . '" target="_blank"> <img src="' . $equiped_items[1][1] . '" class="' . $equiped_items[1][2] . '" alt="Head" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_head.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td class="half_line" colspan="2" align="center" width="50%"> <div class="gradient_p">' . $lang_item['health'] . ':</div> <div class="gradient_pp">' . $char['health'] . '</div>'; if ($char['class'] == 11) { //druid $output .= ' </br> <div class="gradient_p">' . $lang_item['energy'] . ':</div> <div class="gradient_pp">' . $char['power4'] . '</div>'; } $output .= ' </td> <td class="half_line" colspan="2" align="center" width="50%">'; if ($char['class'] == 1) { $output .= ' <div class="gradient_p">' . $lang_item['rage'] . ':</div> <div class="gradient_pp">' . $rage . '</div>'; } elseif ($char['class'] == 4) { $output .= ' <div class="gradient_p">' . $lang_item['energy'] . ':</div> <div class="gradient_pp">' . $char['power4'] . '</div>'; } elseif ($char['class'] == 6) { // Don't know if FOCUS is the right one need to verify with Death Knight player. $output .= ' <div class="gradient_p">' . $lang_item['runic'] . ':</div> <div class="gradient_pp">Unknown</div>'; } elseif ($char['class'] == 11) { $output .= ' <div class="gradient_p">' . $lang_item['mana'] . ':</div> <div class="gradient_pp">' . $char['power1'] . '</div> </br> <div class="gradient_p">' . $lang_item['rage'] . ':</div> <div class="gradient_pp">' . $rage . '</div>'; } elseif ($char['class'] == 2 || $char['class'] == 3 || $char['class'] == 5 || $char['class'] == 7 || $char['class'] == 8 || $char['class'] == 9) { $output .= ' <div class="gradient_p">' . $lang_item['mana'] . ':</div> <div class="gradient_pp">' . $char['power1'] . '</div>'; } $output .= ' </td> <td width="6%">'; if ($equiped_items[10][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_GLOVES . '" target="_blank"> <img src="' . $equiped_items[10][1] . '" class="' . $equiped_items[10][2] . '" alt="Gloves" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_gloves.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[2][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_NECK . '" target="_blank"> <img src="' . $equiped_items[2][1] . '" class="' . $equiped_items[2][2] . '" alt="Neck" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_neck.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td class="half_line" colspan="2" rowspan="3" align="center" width="50%"> <div class="gradient_p"> ' . $lang_item['strength'] . ':<br /> ' . $lang_item['agility'] . ':<br /> ' . $lang_item['stamina'] . ':<br /> ' . $lang_item['intellect'] . ':<br /> ' . $lang_item['spirit'] . ':<br /> ' . $lang_item['armor'] . ': </div> <div class="gradient_pp"> ' . $char_data[CHAR_DATA_OFFSET_STR] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_AGI] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_STA] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_INT] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_SPI] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_ARMOR] . ' </div> </td> <td class="half_line" colspan="2" rowspan="3" align="center" width="50%"> <div class="gradient_p"> ' . $lang_item['res_holy'] . ':<br /> ' . $lang_item['res_arcane'] . ':<br /> ' . $lang_item['res_fire'] . ':<br /> ' . $lang_item['res_nature'] . ':<br /> ' . $lang_item['res_frost'] . ':<br /> ' . $lang_item['res_shadow'] . ': </div> <div class="gradient_pp"> ' . $char_data[CHAR_DATA_OFFSET_RES_HOLY] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_RES_ARCANE] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_RES_FIRE] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_RES_NATURE] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_RES_FROST] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_RES_SHADOW] . ' </div> </td> <td width="1%">'; if ($equiped_items[6][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_BELT . '" target="_blank"> <img src="' . $equiped_items[6][1] . '" class="' . $equiped_items[6][2] . '" alt="Belt" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_waist.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[3][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_SHOULDER . '" target="_blank"> <img src="' . $equiped_items[3][1] . '" class="' . $equiped_items[3][2] . '" alt="Shoulder" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_shoulder.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="1%">'; if ($equiped_items[7][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_LEGS . '" target="_blank"> <img src="' . $equiped_items[7][1] . '" class="' . $equiped_items[7][2] . '" alt="Legs" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_legs.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[15][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_BACK . '" target="_blank"> <img src="' . $equiped_items[15][1] . '" class="' . $equiped_items[15][2] . '" alt="Back" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_chest_back.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="1%">'; if ($equiped_items[8][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_FEET . '" target="_blank"> <img src="' . $equiped_items[8][1] . '" class="' . $equiped_items[8][2] . '" alt="Feet" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_feet.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[5][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_CHEST . '" target="_blank"> <img src="' . $equiped_items[5][1] . '" class="' . $equiped_items[5][2] . '" alt="Chest" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_chest_back.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td class="half_line" colspan="2" rowspan="2" align="center" width="50%"> <div class="gradient_p"> ' . $lang_char['melee_d'] . ':<br /> ' . $lang_char['melee_ap'] . ':<br /> ' . $lang_char['melee_hit'] . ':<br /> ' . $lang_char['melee_crit'] . ':<br /> ' . $lang_char['expertise'] . ':<br /> </div> <div class="gradient_pp"> ' . $mindamage . '-' . $maxdamage . '<br /> ' . ($char_data[CHAR_DATA_OFFSET_AP] + $char_data[CHAR_DATA_OFFSET_AP_MOD]) . '<br /> ' . $char_data[CHAR_DATA_OFFSET_MELEE_HIT] . '<br /> ' . $crit . '%<br /> ' . $expertise . '<br /> </div> </td> <td class="half_line" colspan="2" rowspan="2" align="center" width="50%"> <div class="gradient_p"> ' . $lang_char['spell_d'] . ':<br /> ' . $lang_char['spell_heal'] . ':<br /> ' . $lang_char['spell_hit'] . ':<br /> ' . $lang_char['spell_crit'] . ':<br /> ' . $lang_char['spell_haste'] . ' </div> <div class="gradient_pp"> ' . $spell_damage . '<br /> ' . $char_data[CHAR_DATA_OFFSET_SPELL_HEAL] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_SPELL_HIT] . '<br /> ' . $spell_crit . '%<br /> ' . $char_data[CHAR_DATA_OFFSET_SPELL_HASTE_RATING] . ' </div> </td> <td width="1%">'; if ($equiped_items[11][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_FINGER1 . '" target="_blank"> <img src="' . $equiped_items[11][1] . '" class="' . $equiped_items[11][2] . '" alt="Finger1" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_finger.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[4][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_SHIRT . '" target="_blank"> <img src="' . $equiped_items[4][1] . '" class="' . $equiped_items[4][2] . '" alt="Shirt" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_shirt.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="1%">'; if ($equiped_items[12][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_FINGER2 . '" target="_blank"> <img src="' . $equiped_items[12][1] . '" class="' . $equiped_items[12][2] . '" alt="Finger2" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_finger.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[19][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_TABARD . '" target="_blank"> <img src="' . $equiped_items[19][1] . '" class="' . $equiped_items[19][2] . '" alt="Tabard" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_tabard.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td class="half_line" colspan="2" rowspan="2" align="center" width="50%"> <div class="gradient_p"> ' . $lang_char['dodge'] . ':<br /> ' . $lang_char['parry'] . ':<br /> ' . $lang_char['block'] . ':<br /> ' . $lang_char['resilience'] . ':<br /> </div> <div class="gradient_pp"> ' . $dodge . '%<br /> ' . $parry . '%<br /> ' . $block . '%<br /> ' . $char_data[CHAR_DATA_OFFSET_RESILIENCE] . '<br /> </div> </td> <td class="half_line" colspan="2" rowspan="2" align="center" width="50%"> <div class="gradient_p"> ' . $lang_char['ranged_d'] . ':<br /> ' . $lang_char['ranged_ap'] . ':<br /> ' . $lang_char['ranged_hit'] . ':<br /> ' . $lang_char['ranged_crit'] . ':<br /> </div> <div class="gradient_pp"> ' . $minrangeddamage . '-' . $maxrangeddamage . '<br /> ' . ($char_data[CHAR_DATA_OFFSET_RANGED_AP] + $char_data[CHAR_DATA_OFFSET_RANGED_AP_MOD]) . '<br /> ' . $char_data[CHAR_DATA_OFFSET_RANGE_HIT] . '<br /> ' . $ranged_crit . '%<br /> </div> </td> <td width="1%">'; if ($equiped_items[13][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_TRINKET1 . '" target="_blank"> <img src="' . $equiped_items[13][1] . '" class="' . $equiped_items[13][2] . '" alt="Trinket1" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_trinket.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[9][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_WRIST . '" target="_blank"> <img src="' . $equiped_items[9][1] . '" class="' . $equiped_items[9][2] . '" alt="Wrist" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_wrist.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="1%">'; if ($equiped_items[14][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_TRINKET2 . '" target="_blank"> <img src="' . $equiped_items[14][1] . '" class="' . $equiped_items[14][2] . '" alt="Trinket2" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_trinket.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td></td> <td width="15%">'; if ($equiped_items[16][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_MAIN_HAND . '" target="_blank"> <img src="' . $equiped_items[16][1] . '" class="' . $equiped_items[16][2] . '" alt="MainHand" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_main_hand.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="15%">'; if ($equiped_items[17][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_OFF_HAND . '" target="_blank"> <img src="' . $equiped_items[17][1] . '" class="' . $equiped_items[17][2] . '" alt="OffHand" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_off_hand.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="15%">'; if ($equiped_items[18][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_RANGED . '" target="_blank"> <img src="' . $equiped_items[18][1] . '" class="' . $equiped_items[18][2] . '" alt="Ranged" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_ranged.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="15%"></td> <td></td> </tr>'; if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) { //total time played $tot_time = $char['totaltime']; $tot_days = (int) ($tot_time / 86400); $tot_time = $tot_time - $tot_days * 86400; $total_hours = (int) ($tot_time / 3600); $tot_time = $tot_time - $total_hours * 3600; $total_min = (int) ($tot_time / 60); $output .= ' <tr> <td colspan="6"> ' . $lang_char['tot_paly_time'] . ': ' . $tot_days . ' ' . $lang_char['days'] . ' ' . $total_hours . ' ' . $lang_char['hours'] . ' ' . $total_min . ' ' . $lang_char['min'] . ' </td> </tr>'; } $output .= ' </table> </div> <br /> </div> <br /> <table class="hidden"> <tr> <td>'; // button to user account page, user account page has own security makebutton($lang_char['chars_acc'], 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130); $output .= ' </td> <td>'; // only higher level GM with delete access can edit character // character edit allows removal of character items, so delete permission is needed if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete']) { makebutton($lang_char['edit_button'], 'char_edit.php?id=' . $id . '&realm=' . $realmid . '', 130); $output .= ' </td> <td>'; } // only higher level GM with delete access, or character owner can delete character if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete'] || $owner_name === $user_name) { makebutton($lang_char['del_char'], 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130); $output .= ' </td> <td>'; } // only GM with update permission can send mail, mail can send items, so update permission is needed if ($user_lvl >= $action_permission['update']) { makebutton($lang_char['send_mail'], 'mail.php?type=ingame_mail&to=' . $char['name'] . '', 130); $output .= ' </td> <td>'; } makebutton($lang_global['back'], 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> <br /> </center> <!-- end of char.php -->'; } else { error($lang_char['no_permission']); } } else { error($lang_char['no_char_found']); } }
function char_select(&$sqlr, &$sqlm, &$sqlc) { global $output, $lang_rewards, $lang_global, $characters_db, $mmfpm_db, $realm_id, $user_id; require_once 'libs/char_lib.php'; $sqlc = new SQL(); $sqlc->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']); $output .= ' <center> <div id="tab_content"> <div id="tab"> <ul> <li><a href="rewards.php">INFO</a></li> <li id="selected"><a href="rewards.php?action=char_select">SELECT CHAR</a></li> <li><a href="rewards.php?action=show_reward_gold">GOLD</a></li> <li><a href="rewards.php?action=show_reward_item">ITEM</a></li> </ul> </div> <div id="tab_content2"> <table class="lined" style="width: 200px;"> <tr> <th align="center"> Select Character </th> </tr>'; $result = $sqlc->query('SELECT account, name, race, class, gender, level FROM characters WHERE account = ' . $user_id . ''); while ($char = $sqlc->fetch_assoc($result)) { $output .= ' <tr> <td align="right"> <font> ' . htmlentities($char['name']) . ' - <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /> <img src="img/c_icons/' . $char['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . ' </font> </td> </tr> <BR />'; } unset($char); $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); $result = $sqlm->query('SELECT * FROM mm_reward_char WHERE account = ' . $user_id . ' LIMIT 1'); while ($char = $sqlc->fetch_assoc($result)) { $output .= ' <tr> <th align="center"> Selected Character </th> </tr> <tr> <td align="right"> <font> ' . htmlentities($char['name']) . ' - <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /> <img src="img/c_icons/' . $char['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . ' </font> </td> </tr>'; } $output .= ' </table> </div> <br /> </div> </center>'; }
function char_friends(&$sqlr, &$sqlc) { global $output, $lang_global, $lang_char, $realm_id, $realm_db, $mmfpm_db, $characters_db, $action_permission, $user_lvl, $user_name; //==========================$_GET and SECURE================================= // id and multi realm security to prevent sql injection require_once './include/char/include/char_multi_realm_security.php'; $order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : 'name'; if (preg_match('/^[[:lower:]]{1,6}$/', $order_by)) { } else { $order_by = 'name'; } $dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 1; if (preg_match('/^[01]{1}$/', $dir)) { } else { $dir = 1; } $order_dir = $dir ? 'ASC' : 'DESC'; $dir = $dir ? 0 : 1; if ($order_by === 'map') { $order_by = 'map ' . $order_dir . ', zone'; } elseif ($order_by === 'zone') { $order_by = 'zone ' . $order_dir . ', map'; } //==========================$_GET and SECURE end======================== // getting character data from database $result = $sqlc->query(' SELECT account, name, race, class, gender, level FROM characters WHERE guid = ' . $id . ' LIMIT 1'); // no point going further if character does not exist if ($sqlc->num_rows($result)) { $char = $sqlc->fetch_assoc($result); // we get user permissions first $owner_acc_id = $sqlc->result($result, 0, 'account'); $result = $sqlr->query(' SELECT gmlevel, username FROM account WHERE id = ' . $char['account'] . ''); $owner_gmlvl = $sqlr->result($result, 0, 'gmlevel'); $owner_name = $sqlr->result($result, 0, 'username'); // check user permission if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) { // character sub header $output .= ' <center> <div id="tab_content"> <h1>' . $lang_char['friends'] . '</h1> <br />'; // character menu tab require_once './include/char/include/char_header.php'; // character info require_once './include/char/include/char_info.php'; //---------------Page Specific Data Starts Here-------------------------- $output .= ' <script type="text/javascript"> // <![CDATA[ function wrap() { if (getBrowserWidth() > 1024) document.write(\'</table></td><td><table class="lined" style="width: 1%;">\'); } // ]]> </script> <div id="tab_content2"> <table class="lined" style="width: 1%;">'; $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); $result = $sqlc->query(' SELECT name, race, class, map, zone, level, gender, online, account, guid FROM characters WHERE guid in (SELECT friend FROM character_social WHERE guid = ' . $id . ' and flags <= 1) ORDER BY ' . $order_by . ' ' . $order_dir . ''); if ($sqlc->num_rows($result)) { $output .= ' <tr> <th colspan="7" align="left">' . $lang_char['friends'] . '</th> </tr> <tr> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=name&dir=' . $dir . '"' . ($order_by === 'name' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['name'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=race&dir=' . $dir . '"' . ($order_by === 'race' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['race'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=class&dir=' . $dir . '"' . ($order_by === 'class' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['class'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=level&dir=' . $dir . '"' . ($order_by === 'level' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['level'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=map&dir=' . $dir . '"' . ($order_by === 'map ' . $order_dir . ', zone' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['map'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=zone&dir=' . $dir . '"' . ($order_by === 'zone ' . $order_dir . ', map' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['zone'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=online&dir=' . $dir . '"' . ($order_by === 'online' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['online'] . '</a></th> </tr>'; while ($data = $sqlc->fetch_assoc($result)) { $char_gm_level = $sqlr->result($sqlr->query(' SELECT gmlevel FROM account WHERE id = ' . $data['account'] . ''), 0, 'gmlevel'); $output .= ' <tr> <td>'; if ($user_lvl >= $char_gm_level) { $output .= ' <a href="char.php?id=' . $data['guid'] . '">' . $data['name'] . '</a>'; } else { $output .= $data['name']; } $output .= ' </td> <td><img src="img/c_icons/' . $data['race'] . '-' . $data['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($data['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /></td> <td><img src="img/c_icons/' . $data['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($data['class']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /></td> <td>' . char_get_level_color($data['level']) . '</td> <td class="small"><span onmousemove="toolTip(\'MapID:' . $data['map'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_map_name($data['map'], $sqlm) . '</span></td> <td class="small"><span onmousemove="toolTip(\'ZoneID:' . $data['zone'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_zone_name($data['zone'], $sqlm) . '</span></td> <td>' . ($data['online'] ? '<img src="img/up.gif" alt="" />' : '-') . '</td> </tr>'; } } $result = $sqlc->query(' SELECT name, race, class, map, zone, level, gender, online, account, guid FROM characters WHERE guid in (SELECT guid FROM character_social WHERE friend = ' . $id . ' and flags <= 1) ORDER BY ' . $order_by . ' ' . $order_dir . ''); if ($sqlc->num_rows($result)) { $output .= ' <tr> <th colspan="7" align="left">' . $lang_char['friendof'] . '</th> </tr> <tr> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=name&dir=' . $dir . '"' . ($order_by === 'name' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['name'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=race&dir=' . $dir . '"' . ($order_by === 'race' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['race'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=class&dir=' . $dir . '"' . ($order_by === 'class' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['class'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=level&dir=' . $dir . '"' . ($order_by === 'level' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['level'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=map&dir=' . $dir . '"' . ($order_by === 'map ' . $order_dir . ', zone' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['map'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=zone&dir=' . $dir . '"' . ($order_by === 'zone ' . $order_dir . ', map' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['zone'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=online&dir=' . $dir . '"' . ($order_by === 'online' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['online'] . '</a></th> </tr>'; while ($data = $sqlc->fetch_assoc($result)) { $char_gm_level = $sqlr->result($sqlr->query(' SELECT gmlevel FROM account WHERE id = ' . $data['account'] . ''), 0, 'gmlevel'); $output .= ' <tr> <td>'; if ($user_lvl >= $char_gm_level) { $output .= ' <a href="char.php?id=' . $data['guid'] . '">' . $data['name'] . '</a>'; } else { $output .= $data['name']; } $output .= ' </td> <td><img src="img/c_icons/' . $data['race'] . '-' . $data['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($data['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /></td> <td><img src="img/c_icons/' . $data['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($data['class']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /></td> <td>' . char_get_level_color($data['level']) . '</td> <td class="small"><span onmousemove="toolTip(\'MapID:' . $data['map'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_map_name($data['map'], $sqlm) . '</span></td> <td class="small"><span onmousemove="toolTip(\'ZoneID:' . $data['zone'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_zone_name($data['zone'], $sqlm) . '</span></td> <td>' . ($data['online'] ? '<img src="img/up.gif" alt="" />' : '-') . '</td> </tr>'; } } $output .= ' <script type="text/javascript"> // <![CDATA[ wrap(); // ]]> </script>'; $result = $sqlc->query(' SELECT name, race, class, map, zone, level, gender, online, account, guid FROM characters WHERE guid in (SELECT friend FROM character_social WHERE guid = ' . $id . ' and flags > 1) ORDER BY ' . $order_by . ' ' . $order_dir . ''); if ($sqlc->num_rows($result)) { $output .= ' <tr> <th colspan="7" align="left">' . $lang_char['ignored'] . '</th> </tr> <tr> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=name&dir=' . $dir . '"' . ($order_by === 'name' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['name'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=race&dir=' . $dir . '"' . ($order_by === 'race' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['race'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=class&dir=' . $dir . '"' . ($order_by === 'class' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['class'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=level&dir=' . $dir . '"' . ($order_by === 'level' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['level'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=map&dir=' . $dir . '"' . ($order_by === 'map ' . $order_dir . ', zone' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['map'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=zone&dir=' . $dir . '"' . ($order_by === 'zone ' . $order_dir . ', map' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['zone'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=online&dir=' . $dir . '"' . ($order_by === 'online' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['online'] . '</a></th> </tr>'; while ($data = $sqlc->fetch_assoc($result)) { $char_gm_level = $sqlr->result($sqlr->query(' SELECT gmlevel FROM account WHERE id = ' . $data['account'] . ''), 0, 'gmlevel'); $output .= ' <tr> <td>'; if ($user_lvl >= $char_gm_level) { $output .= ' <a href="char.php?id=' . $data['guid'] . '">' . $data['name'] . '</a>'; } else { $output .= $data['name']; } $output .= ' </td> <td><img src="img/c_icons/' . $data['race'] . '-' . $data['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($data['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /></td> <td><img src="img/c_icons/' . $data['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($data['class']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /></td> <td>' . char_get_level_color($data['level']) . '</td> <td class="small"><span onmousemove="toolTip(\'MapID:' . $data['map'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_map_name($data['map'], $sqlm) . '</span></td> <td class="small"><span onmousemove="toolTip(\'ZoneID:' . $data['zone'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_zone_name($data['zone'], $sqlm) . '</span></td> <td>' . ($data['online'] ? '<img src="img/up.gif" alt="" />' : '-') . '</td> </tr>'; } } $result = $sqlc->query(' SELECT name, race, class, map, zone, level, gender, online, account, guid FROM characters WHERE guid in (SELECT guid FROM character_social WHERE friend = ' . $id . ' and flags > 1) ORDER BY ' . $order_by . ' ' . $order_dir . ''); if ($sqlc->num_rows($result)) { $output .= ' <tr> <th colspan="7" align="left">' . $lang_char['ignoredby'] . '</th> </tr> <tr> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=name&dir=' . $dir . '"' . ($order_by === 'name' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['name'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=race&dir=' . $dir . '"' . ($order_by === 'race' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['race'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=class&dir=' . $dir . '"' . ($order_by === 'class' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['class'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=level&dir=' . $dir . '"' . ($order_by === 'level' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['level'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=map&dir=' . $dir . '"' . ($order_by === 'map ' . $order_dir . ', zone' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['map'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=zone&dir=' . $dir . '"' . ($order_by === 'zone ' . $order_dir . ', map' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['zone'] . '</a></th> <th width="1%"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=online&dir=' . $dir . '"' . ($order_by === 'online' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['online'] . '</a></th> </tr>'; while ($data = $sqlc->fetch_assoc($result)) { $char_gm_level = $sqlr->result($sqlr->query(' SELECT gmlevel FROM account WHERE id = ' . $data['account'] . ''), 0, 'gmlevel'); $output .= ' <tr> <td>'; if ($user_lvl >= $char_gm_level) { $output .= ' <a href="char.php?id=' . $data['guid'] . '">' . $data['name'] . '</a>'; } else { $output .= $data['name']; } $output .= ' </td> <td><img src="img/c_icons/' . $data['race'] . '-' . $data['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($data['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /></td> <td><img src="img/c_icons/' . $data['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($data['class']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /></td> <td>' . char_get_level_color($data['level']) . '</td> <td class="small"><span onmousemove="toolTip(\'MapID:' . $data['map'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_map_name($data['map'], $sqlm) . '</span></td> <td class="small"><span onmousemove="toolTip(\'ZoneID:' . $data['zone'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_zone_name($data['zone'], $sqlm) . '</span></td> <td>' . ($data['online'] ? '<img src="img/up.gif" alt="" />' : '-') . '</td> </tr>'; } } $output .= ' </table> </div> </div> <br />'; //---------------Page Specific Data Ends here---------------------------- // character sub footer require_once './include/char/include/char_ footer.php'; $output .= ' <br /> </center>'; } else { error($lang_char['no_permission']); } } else { error($lang_char['no_char_found']); } }
function char_pets() { global $output, $realm_id, $characters_db, $arcm_db, $action_permission, $user_lvl, $user_name, $site_encoding, $base_datasite, $spell_datasite, $pet_ability, $sql, $core; //wowhead_tt(); if (empty($_GET["id"])) { error(lang("global", "empty_fields")); } if (empty($_GET["realm"])) { $realmid = $realm_id; } else { $realmid = $sql["logon"]->quote_smart($_GET["realm"]); if (is_numeric($realmid)) { $sql["char"]->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name'], $characters_db[$realmid]["encoding"]); } else { $realmid = $realm_id; } } $id = $sql["char"]->quote_smart($_GET["id"]); if (!is_numeric($id)) { $id = 0; } if ($core == 1) { $result = $sql["char"]->query("SELECT acct, name, race, class, level, gender\n FROM characters\n WHERE guid='" . $id . "' LIMIT 1"); } else { $result = $sql["char"]->query("SELECT account AS acct, name, race, class, level, gender\n FROM characters\n WHERE guid='" . $id . "' LIMIT 1"); } if ($sql["char"]->num_rows($result)) { $char = $sql["char"]->fetch_assoc($result); // we get user permissions first $owner_acc_id = $sql["char"]->result($result, 0, 'acct'); if ($core == 1) { $result = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $char["acct"] . "'"); } else { $result = $sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $char["acct"] . "'"); } $owner_name = $sql["logon"]->result($result, 0, 'login'); $s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='******'"; $s_result = $sql["mgr"]->query($s_query); $s_fields = $sql["mgr"]->fetch_assoc($s_result); $owner_gmlvl = $s_fields["gm"]; $view_mod = $s_fields["View_Mod_Pets"]; if ($owner_gmlvl >= 1073741824) { $owner_gmlvl -= 1073741824; } // owner configured overrides $view_override = false; if ($view_mod > 0) { if ($view_mod == 1) { } elseif ($view_mod == 2) { // only registered users may view this page if ($user_lvl > -1) { $view_override = true; } } } // visibility overrides for specific tabs $view_inv_override = false; if ($s_fields["View_Mod_Inv"] > 0) { if ($s_fields["View_Mod_Inv"] == 1) { } elseif ($s_fields["View_Mod_Inv"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_inv_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_inv_override = true; } } $view_talent_override = false; if ($s_fields["View_Mod_Talent"] > 0) { if ($s_fields["View_Mod_Talent"] == 1) { } elseif ($s_fields["View_Mod_Talent"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_talent_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_talent_override = true; } } $view_achieve_override = false; if ($s_fields["View_Mod_Achieve"] > 0) { if ($s_fields["View_Mod_Achieve"] == 1) { } elseif ($s_fields["View_Mod_Achieve"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_achieve_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_achieve_override = true; } } $view_quest_override = false; if ($s_fields["View_Mod_Quest"] > 0) { if ($s_fields["View_Mod_Quest"] == 1) { } elseif ($s_fields["View_Mod_Quest"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_quest_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_quest_override = true; } } $view_friends_override = false; if ($s_fields["View_Mod_Friends"] > 0) { if ($s_fields["View_Mod_Friends"] == 1) { } elseif ($s_fields["View_Mod_Friends"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_friends_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_friends_override = true; } } $view_view_override = false; if ($s_fields["View_Mod_View"] > 0) { if ($s_fields["View_Mod_View"] == 1) { } elseif ($s_fields["View_Mod_View"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_view_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_view_override = true; } } $view_rep_override = false; if ($s_fields["View_Mod_Rep"] > 0) { if ($s_fields["View_Mod_Rep"] == 1) { } elseif ($s_fields["View_Mod_Rep"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_rep_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_rep_override = true; } } $view_skill_override = false; if ($s_fields["View_Mod_Skill"] > 0) { if ($s_fields["View_Mod_Skill"] == 1) { } elseif ($s_fields["View_Mod_Skill"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_skill_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_skill_override = true; } } $view_pvp_override = false; if ($s_fields["View_Mod_PvP"] > 0) { if ($s_fields["View_Mod_PvP"] == 1) { } elseif ($s_fields["View_Mod_PvP"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_pvp_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_pvp_override = true; } } if ($view_override || $user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $output .= ' <center> <div class="tab"> <ul> <li class="selected"><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>'; if ($view_inv_override) { $output .= ' <li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "inventory") . '</a></li>'; } if ($view_talent_override) { $output .= ' ' . ($char["level"] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "talents") . '</a></li>') . ''; } if ($view_achieve_override) { $output .= ' <li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "achievements") . '</a></li>'; } if ($view_quest_override) { $output .= ' <li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "quests") . '</a></li>'; } if ($view_friends_override) { $output .= ' <li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "friends") . '</a></li>'; } if ($view_view_override) { $output .= ' <li><a href="char_view.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "view") . '</a></li>'; } $output .= ' </ul> </div> <div class="tab_content"> <div class="tab"> <ul> <li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>'; $output .= ' <li class="selected"><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "pets") . '</a></li>'; if ($view_rep_override) { $output .= ' <li><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "reputation") . '</a></li>'; } if ($view_skill_override) { $output .= ' <li><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "skills") . '</a></li>'; } if ($view_pvp_override) { $output .= ' <li><a href="char_pvp.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "pvp") . '</a></li>'; } if ($owner_name == $user_name || $user_lvl >= get_page_permission("insert", "char_mail.php")) { $output .= ' <li><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "mail") . '</a></li>'; } $output .= ' </ul> </div> <div class="tab_content2"> <font class="bold"> ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' - <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . ' </font> <br /> <br />'; if ($core == 1) { $result = $sql["char"]->query("SELECT petnumber, level, fields,\n SUBSTRING_INDEX(SUBSTRING_INDEX(`fields`, ' ', 77), ' ', -1) AS cur_xp,\n SUBSTRING_INDEX(SUBSTRING_INDEX(`fields`, ' ', 78), ' ', -1) AS next_level_xp,\n name, happinessupdate\n FROM playerpets\n WHERE ownerguid='" . $id . "'"); } else { $result = $sql["char"]->query("SELECT id AS petnumber, level, abdata AS fields,\n exp AS cur_xp,\n SUBSTRING_INDEX(SUBSTRING_INDEX(`abdata`, ' ', 78), ' ', -1) AS next_level_xp,\n name, curhappiness AS happinessupdate\n FROM character_pet \n WHERE owner='" . $id . "'"); } if ($sql["char"]->num_rows($result)) { while ($pet = $sql["char"]->fetch_assoc($result)) { $pet_data = explode(' ', $pet["fields"]); $happiness = floor($pet_data[UNIT_FIELD_MAXPOWER3] / 333000); if ($happiness == 1) { $hap_text = 'Content'; $hap_val = 1; } elseif ($happiness == 2) { $hap_text = 'Happy'; $hap_val = 2; } else { $hap_text = 'Unhappy'; $hap_val = 0; } if ($core == 1) { $pet_next_lvl_xp = $pet["next_level_xp"]; } else { $pet_next_lvl_xp = floor(char_get_xp_to_level($pet["level"]) / 4); } // this_is_junk: style left hardcoded because it's calculated. $output .= ' <font class="bold">' . $pet["name"] . ' - lvl ' . char_get_level_color($pet["level"]) . ' <a class="ch_pet_padding" onmouseover="oldtoolTip(\'' . $hap_text . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()"><img src="img/pet/happiness_' . $hap_val . '.jpg" alt="" /></a> <br /><br /> </font> <table class="lined" id="ch_pet_xp"> <tr> <td align="right">Exp:</td> <td valign="top" class="bar skill_bar" style="background-position: ' . (round(385 * $pet["cur_xp"] / $pet_next_lvl_xp) - 385) . 'px;"> <span>' . $pet["cur_xp"] . '/' . $pet_next_lvl_xp . '</span> </td> </tr> <tr> <td align="right">Pet Abilities:</td> <td align="left">'; if ($core == 1) { $ability_results = $sql["char"]->query("SELECT spellid FROM playerpetspells WHERE petnumber='" . $pet["petnumber"] . "' AND flags > 1"); } else { $ability_results = $sql["char"]->query("SELECT spell AS spellid FROM pet_spell WHERE guid='" . $pet["petnumber"] . "' AND active > 1"); } // active = 0 is unused and active = 1 probably some passive auras, i dont know diference between values 129 and 193, need to check mangos source if ($sql["char"]->num_rows($ability_results)) { while ($ability = $sql["char"]->fetch_assoc($ability_results)) { $output .= ' <a class="ch_pet_padding" href="' . $base_datasite . $spell_datasite . $ability["spellid"] . '" target="_blank"> <img src="' . spell_get_icon($ability["spellid"]) . '" alt="' . $ability["spellid"] . '" class="icon_border_0" /> </a>'; } } $output .= ' </td> </tr> </table> <br /><br />'; } unset($ability_results); unset($pet_next_lvl_xp); unset($happiness); unset($pet); } $output .= ' </div> </div> <br /> <table class="hidden"> <tr> <td>'; // button to user account page, user account page has own security makebutton(lang("char", "chars_acc"), 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130); $output .= ' </td> <td>'; // only higher level GM with delete access can edit character // character edit allows removal of character items, so delete permission is needed if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"]) { //makebutton($lang_char["edit_button"], 'char_edit.php?id='.$id.'&realm='.$realmid.'', 130); $output .= ' </td> <td>'; } // only higher level GM with delete access, or character owner can delete character if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"] || $owner_name === $user_name) { makebutton(lang("char", "del_char"), 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130); $output .= ' </td> <td>'; } // only GM with update permission can send mail, mail can send items, so update permission is needed if ($user_lvl >= $action_permission["update"]) { makebutton(lang("char", "send_mail"), 'mail.php?type=ingame_mail&to=' . $char["name"] . '', 130); $output .= ' </td> <td>'; } makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> <br /> </center> <!-- end of char_pets.php -->'; } else { error(lang("char", "no_permission")); } } else { error(lang("char", "no_char_found")); } }
function approve() { global $output, $action_permission, $characters_db, $realm_id, $user_name, $arcm_db, $user_id, $hearthstone_credits, $sql, $core; valid_login($action_permission["view"]); $guid = $sql["char"]->quote_smart($_GET["char"]); $new1 = ''; if (isset($_GET["new1"])) { $new1 = $sql["char"]->quote_smart($_GET["new1"]); } $new2 = ''; if (isset($_GET["new2"])) { $new2 = $sql["char"]->quote_smart($_GET["new2"]); } if ($core == 1) { $query = "SELECT * FROM characters WHERE guid='" . $guid . "'"; } elseif ($core == 2) { $query = "SELECT *, characters.guid AS guid,\n characters.map AS mapId, characters.zone AS zoneId,\n character_homebind.map AS bindmapId, character_homebind.zone AS bindzoneId\n FROM characters LEFT JOIN character_homebind ON characters.guid=character_homebind.guid WHERE characters.guid='" . $guid . "'"; } else { $query = "SELECT *, characters.guid AS guid,\n characters.map AS mapId, characters.zone AS zoneId,\n character_homebind.mapId AS bindmapId, character_homebind.zoneId AS bindzoneId\n FROM characters LEFT JOIN character_homebind ON characters.guid=character_homebind.guid WHERE characters.guid='" . $guid . "'"; } $char = $sql["char"]->fetch_assoc($sql["char"]->query($query)); // credits if ($hearthstone_credits >= 0) { // get our credit balance $cr_query = "SELECT Credits FROM config_accounts WHERE Login='******'"; $cr_result = $sql["mgr"]->query($cr_query); $cr_result = $sql["mgr"]->fetch_assoc($cr_result); $credits = $cr_result["Credits"]; } // MaNGOS & Trinity don't automatically add a home bind location for a character. if ($core != 1) { if (!isset($char["bindmapId"])) { $query = "SELECT * FROM playercreateinfo WHERE race='" . $char["race"] . "' AND class='" . $char["class"] . "'"; $result = $sql["world"]->query($query); $fields = $sql["world"]->fetch_assoc($result); $char["bindmapId"] = $fields["map"]; $char["bindzoneId"] = $fields["zone"]; } } $output .= ' <div id="xname_fieldset" class="fieldset_border center"> <span class="legend">' . lang("unstuck", "newloc_legend") . '</span> <form method="get" action="hearthstone.php" id="form"> <div> <input type="hidden" name="action" value="save" /> <input type="hidden" name="guid" value="' . $char["guid"] . '" /> </div> <table id="xname_char_table" class="center"> <tr> <td rowspan="4" style="width: 170px;"> <div style="width: 64px; margin-left: auto; margin-right: auto;"> <img src="' . char_get_avatar_img($char["level"], $char["gender"], $char["race"], $char["class"]) . '" alt="" /> </div> </td> <td> <span class="xname_char_name">' . $char["name"] . '</span> </td> </tr> <tr> <td>' . lang("unstuck", "level") . ': ' . $char["level"] . '</td> </tr> <tr> <td>' . lang("unstuck", "race") . ': ' . char_get_race_name($char["race"]) . '</td> </tr> <tr> <td>' . lang("unstuck", "class") . ': ' . char_get_class_name($char["class"]) . '</td> </tr> <tr> <td> </td> </tr>'; if ($hearthstone_credits > 0) { $cost_line = lang("unstuck", "credit_cost"); $cost_line = str_replace("%1", '<b>' . $hearthstone_credits . '</b>', $cost_line); $output .= ' <tr> <td colspan="2">' . $cost_line . '</td> </tr>'; if ($credits >= 0) { $credit_balance = lang("unstuck", "credit_balance"); $credit_balance = str_replace("%1", '<b>' . (double) $credits . '</b>', $credit_balance); $output .= ' <tr> <td colspan="2">' . $credit_balance . '</td> </tr>'; if ($credits < $hearthstone_credits) { $output .= ' <tr> <td colspan="2">' . lang("xacct", "insufficient_credits") . '</td> </tr>'; } else { $output .= ' <tr> <td colspan="2"> </td> </tr> <tr> <td colspan="2">' . lang("xacct", "delay_warning") . '</td> </tr>'; } } else { $output .= ' <tr> <td colspan="2">' . lang("global", "credits_unlimited") . '</td> </tr>'; } $output .= ' <tr> <td colspan="2"> </td> </tr>'; } $output .= ' <tr> <td><b>' . lang("unstuck", "curloc") . ':</b></td> </tr> <tr> <td>' . get_map_name($char["mapId"]) . '</td> <td>' . get_zone_name($char["zoneId"]) . '</td> </tr> <tr> <td> </td> </tr> <tr> <td colspan="2"><b>' . lang("unstuck", "newloc") . ':</b></td> </tr> <tr> <td>' . get_map_name($char["bindmapId"]) . '</td> <td>' . get_zone_name($char["bindzoneId"]) . '</td> </tr>'; // if we have unlimited credits, then we fake our credit balance here $credits = $credits < 0 ? $hearthstone_credits : $credits; if ($hearthstone_credits <= 0 || $credits >= $hearthstone_credits) { $output .= ' <tr> <td colspan="2"> </td> </tr> <tr> <td colspan="2">'; makebutton(lang("unstuck", "save"), "javascript:do_submit()", 180); $output .= ' </td> </tr>'; } $output .= ' </table> </form> </div> <br />'; }
function char_tools_form() { global $output, $characters_db, $realm_id, $action_permission, $site_encoding, $showcountryflag, $sql; valid_login($action_permission["delete"]); if (isset($_GET["char"])) { $id = $_GET["char"]; } else { error(lang("global", "empty_fields")); } if ($core == 1) { $result = $sql["char"]->query("SELECT guid, name, race, class, level, zoneid, mapid, online, gender\r\n acct, data \r\n FROM characters WHERE guid='" . $id . "'"); } elseif ($core == 2) { $result = $sql["char"]->query("SELECT guid, name, race, class, level, zone AS zoneid, map AS mapid, \r\n online, gender, totaltime, account AS acct,\r\n arenaPoints, totalHonorPoints, totalKills\r\n FROM characters WHERE guid='" . $id . "'"); } else { $result = $sql["char"]->query("SELECT guid, name, race, class, level, zone AS zoneid, map AS mapid, \r\n online, gender, totaltime, account AS acct, arenaPoints, totalHonorPoints, totalKills\r\n FROM characters WHERE guid='" . $id . "'"); } $char = $sql["char"]->fetch_assoc($result); if ($core == 1) { $char_data = $char["data"]; if (empty($char_data)) { $char_data = str_repeat("0;", PLAYER_END); } $char_data = explode(";", $char_data); } else { $query = "SELECT * FROM characters\r\n LEFT JOIN character_stats ON characters.guid=character_stats.guid\r\n WHERE characters.guid='" . $id . "'"; $char_data_result = $sql["char"]->query($query); $char_data_fields = $sql["char"]->fetch_assoc($char_data_result); $char_data[PLAYER_FIELD_HONOR_CURRENCY] = isset($char["totalHonorPoints"]) ? $char["totalHonorPoints"] : ' '; $char_data[PLAYER_FIELD_ARENA_CURRENCY] = isset($char["arenaPoints"]) ? $char["arenaPoints"] : ' '; $char_data[PLAYER_FIELD_LIFETIME_HONORBALE_KILLS] = isset($char["totalKills"]) ? $char["totalKills"] : ' '; } if ($core == 1) { $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_data WHERE playerid='" . $char["guid"] . "'"), 0); $guild_rank = $sql["char"]->result($sql["char"]->query("SELECT guildRank FROM guild_data WHERE playerid='" . $char["guid"] . "'"), 0); $guild_name = $sql["char"]->result($sql["char"]->query("SELECT guildName FROM guilds WHERE guildid='" . $guild_id . "'")); } else { $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_member WHERE guid='" . $char["guid"] . "'"), 0); $guild_rank = $sql["char"]->result($sql["char"]->query("SELECT rank AS guildRank FROM guild_member WHERE guid='" . $char["guid"] . "'"), 0); $guild_name = $sql["char"]->result($sql["char"]->query("SELECT name AS guildName FROM guild WHERE guildid='" . $guild_id . "'")); } $online = $char["online"] ? lang("char", "online") : lang("char", "offline"); if ($guild_id) { $guild_name = '<a href="guild.php?action=view_guild&realm=' . $realmid . '&error=3&id=' . $guild_id . '" >' . $guild_name . '</a>'; $mrank = $guild_rank; if ($core == 1) { $guild_rank = $sql["char"]->result($sql["char"]->query('SELECT rankname FROM guild_ranks WHERE guildid=' . $guild_id . ' AND rankId=' . $mrank . ''), 0, 'rankname'); } else { $guild_rank = $sql["char"]->result($sql["char"]->query('SELECT rname AS rankname FROM guild_rank WHERE guildid=' . $guild_id . ' AND rid=' . $mrank . ''), 0, 'rankname'); } } else { $guild_name = lang("global", "none"); $guild_rank = lang("global", "none"); } $output .= ' <center> <table class="hidden char_list_char_tools"> <tr> <td class="char_tools_avatar"> <div> <img src="' . char_get_avatar_img($char["level"], $char["gender"], $char["race"], $char["class"], 0) . '" alt="avatar" /> </div> </td> <td colspan="3"> <font class="bold"> ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' - <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . ' </font> <br />' . lang("char", "location") . ': ' . get_map_name($char["mapid"]) . ' - ' . get_zone_name($char["zoneid"]) . ' <br />' . lang("char", "honor_points") . ': ' . $char_data[PLAYER_FIELD_HONOR_CURRENCY] . ' | ' . lang("char", "arena_points") . ': ' . $char_data[PLAYER_FIELD_ARENA_CURRENCY] . ' | ' . lang("char", "honor_kills") . ': ' . $char_data[PLAYER_FIELD_LIFETIME_HONORBALE_KILLS] . ' <br />' . lang("char", "guild") . ': ' . $guild_name . ' | ' . lang("char", "rank") . ': ' . htmlentities($guild_rank, ENT_COMPAT, $site_encoding) . ' <br />' . lang("char", "online") . ': ' . ($char["online"] ? '<img src="img/up.gif" onmousemove="oldtoolTip(\'' . lang("char", "online") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="online" />' : '<img src="img/down.gif" onmousemove="oldtoolTip(\'' . lang("char", "offline") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="offline" />'); if ($showcountryflag) { require_once 'libs/misc_lib.php'; $country = misc_get_country_by_account($char["acct"]); $output .= ' | ' . lang("global", "country") . ': ' . ($country["code"] ? '<img src="img/flags/' . $country["code"] . '.png" onmousemove="oldtoolTip(\'' . $country["country"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />' : '-'); unset($country); } $output .= ' </td> </tr> </table> <br /> <table class="hidden char_list_char_tools"> <tr> <td>'; makebutton(lang("xname", "changename"), "char_tools.php?char=" . $id, 150); $output .= ' </td> <td>'; makebutton(lang("xrace", "changerace"), "char_tools.php?char=" . $id, 150); $output .= ' </td> <td>'; makebutton(lang("unstuck", "unstuck"), "hearthstone.php?action=approve&char=" . $id, 150); $output .= ' </td> </tr> <tr> <td>'; makebutton(lang("char_list", "transfer"), "change_char_account.php?action=chooseacct&priority=1&char=" . $id, 150); $output .= ' </td> <td>'; makebutton(lang("global", "back"), "char_list.php", 150); $output .= ' </td> </tr> </table> </center>'; }
function char_inv() { global $output, $realm_id, $characters_db, $world_db, $corem_db, $site_encoding, $action_permission, $user_lvl, $user_name, $locales_search_option, $base_datasite, $item_datasite, $sql, $core; // this page uses wowhead tooltops //wowhead_tt(); $cid = $_GET["id"]; // we need at least an id or we would have nothing to show // also, make sure id is numeric to prevent SQL injection if (empty($_GET["id"]) || !is_numeric($cid)) { error(lang("global", "empty_fields")); } // this is multi realm support, as of writing still under development // this page is already implementing it if (empty($_GET["realm"])) { $realmid = $realm_id; } else { $realmid = $sql["logon"]->quote_smart($_GET["realm"]); if (is_numeric($realmid)) { $sql["char"]->connect($characters_db[$realmid]["addr"], $characters_db[$realmid]["user"], $characters_db[$realmid]["pass"], $characters_db[$realmid]["name"], $characters_db[$realmid]["encoding"]); } else { $realmid = $realm_id; } } //-------------------SQL Injection Prevention-------------------------------- // no point going further if we don have a valid ID // this_is_junk: char.php doesn't post account. Why is this even here? //$acct = $sql["char"]->quote_smart($_GET["acct"]); //if (is_numeric($acct)); //else error($lang_global["empty_fields"]); // getting character data from database if ($core == 1) { $result = $sql["char"]->query("SELECT acct, name, race, class, level, gender, gold, online\r\n FROM characters WHERE guid='" . $cid . "' LIMIT 1"); } else { $result = $sql["char"]->query("SELECT account AS acct, name, race, class, level, gender, money AS gold, online\r\n FROM characters WHERE guid='" . $cid . "' LIMIT 1"); } // no point going further if character does not exist if ($sql["char"]->num_rows($result)) { $char = $sql["char"]->fetch_assoc($result); // we get user permissions first $owner_acc_id = $sql["char"]->result($result, 0, "acct"); if ($core == 1) { $query = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $owner_acc_id . "'"); } else { $query = $sql["logon"]->query("SELECT username as login FROM account WHERE id='" . $owner_acc_id . "'"); } $owner_name = $sql["logon"]->result($query, 0, "login"); $s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='******'"; $s_result = $sql["mgr"]->query($s_query); $s_fields = $sql["mgr"]->fetch_assoc($s_result); $owner_gmlvl = $s_fields["gm"]; $view_mod = $s_fields["View_Mod_Inv"]; if ($owner_gmlvl >= 1073741824) { $owner_gmlvl -= 1073741824; } // owner configured overrides $view_override = false; if ($view_mod > 0) { if ($view_mod == 1) { } elseif ($view_mod == 2) { // only registered users may view this page if ($user_lvl > -1) { $view_override = true; } } } // visibility overrides for specific tabs $view_talent_override = false; if ($s_fields["View_Mod_Talent"] > 0) { if ($s_fields["View_Mod_Talent"] == 1) { } elseif ($s_fields["View_Mod_Talent"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_talent_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_talent_override = true; } } $view_achieve_override = false; if ($s_fields["View_Mod_Achieve"] > 0) { if ($s_fields["View_Mod_Achieve"] == 1) { } elseif ($s_fields["View_Mod_Achieve"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_achieve_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_achieve_override = true; } } $view_quest_override = false; if ($s_fields["View_Mod_Quest"] > 0) { if ($s_fields["View_Mod_Quest"] == 1) { } elseif ($s_fields["View_Mod_Quest"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_quest_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_quest_override = true; } } $view_friends_override = false; if ($s_fields["View_Mod_Friends"] > 0) { if ($s_fields["View_Mod_Friends"] == 1) { } elseif ($s_fields["View_Mod_Friends"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_friends_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_friends_override = true; } } $view_view_override = false; if ($s_fields["View_Mod_View"] > 0) { if ($s_fields["View_Mod_View"] == 1) { } elseif ($s_fields["View_Mod_View"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_view_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_view_override = true; } } // find out what mode we're in View or Delete (0 = View, 1 = Delete) $mode = isset($_GET["mode"]) ? $_GET["mode"] : 0; // only the character's owner or a GM with Delete privs can enter Delete Mode if ($owner_name != $user_name) { if ($user_lvl < $action_permission["delete"]) { $mode = 0; } else { $mode = $mode; } } // View Mode is only availble on characters that are offline if ($char["online"] != 0) { $mode = 0; } // check user permission if ($view_override || $user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { // main data that we need for this page, character inventory if ($core == 1) { $result = $sql["char"]->query("SELECT \r\n containerslot, slot, entry, enchantments AS enchantment, randomprop AS property, count, flags\r\n FROM playeritems WHERE ownerguid='" . $cid . "' ORDER BY containerslot, slot"); } elseif ($core == 2) { $result = $sql["char"]->query("SELECT \r\n bag, slot, item_template AS entry, item, \r\n SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 11), ' ', -1) AS creator,\r\n SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 23), ' ', -1) AS enchantment, \r\n SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 60), ' ', -1) AS property, \r\n SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 15), ' ', -1) AS count,\r\n SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 62), ' ', -1) AS durability,\r\n SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 22), ' ', -1) AS flags\r\n FROM character_inventory LEFT JOIN item_instance ON character_inventory.item=item_instance.guid\r\n WHERE character_inventory.guid='" . $cid . "' ORDER BY bag, slot"); } else { $result = $sql["char"]->query("SELECT \r\n bag, slot, itemEntry AS entry, item, \r\n creatorGuid AS creator,\r\n enchantments AS enchantment, \r\n randomPropertyId AS property, \r\n count, durability, flags\r\n FROM character_inventory \r\n LEFT JOIN item_instance ON character_inventory.item=item_instance.guid\r\n WHERE character_inventory.guid='" . $cid . "' ORDER BY bag, slot"); } //---------------Page Specific Data Starts Here-------------------------- // lets start processing first before we display anything // we have lots to do for inventory // character bags, 1 main + 4 additional $bag = array(0 => array(), 1 => array(), 2 => array(), 3 => array(), 4 => array()); // character bank, 1 main + 7 additional $bank = array(0 => array(), 1 => array(), 2 => array(), 3 => array(), 4 => array(), 5 => array(), 6 => array(), 7 => array()); // this is where we will put items that are in main bag $bag_id = array(); // this is where we will put items that are in main bank $bank_bag_id = array(); // this is where we will put items that are in character bags, 4 arrays, 1 for each $equiped_bag_id = array(0, 0, 0, 0, 0); // this is where we will put items that are in bank bangs, 7 arrays, 1 for each $equip_bnk_bag_id = array(0, 0, 0, 0, 0, 0, 0, 0); // we load the things in each bag slot while ($slot = $sql["char"]->fetch_assoc($result)) { if ($core == 1) { if ($slot["containerslot"] == -1 && $slot["slot"] > 18) { if ($slot["slot"] < 23) { $bag_id[$slot["slot"]] = $slot["slot"] - 18; $equiped_bag_id[$slot["slot"] - 18] = array($slot["entry"], $sql["world"]->result($sql["world"]->query("SELECT containerslots FROM items\r\n WHERE entry='" . $slot["entry"] . "'"), 0, "containerslots"), $slot["count"]); } elseif ($slot["slot"] < 39) { $i_query = "SELECT \r\n *, description AS description1, name1 AS name, quality AS Quality, inventorytype AS InventoryType, \r\n socket_color_1 AS socketColor_1, socket_color_2 AS socketColor_2, socket_color_3 AS socketColor_3,\r\n requiredlevel AS RequiredLevel, allowableclass AS AllowableClass,\r\n sellprice AS SellPrice, itemlevel AS ItemLevel\r\n FROM items " . ($locales_search_option != 0 ? "LEFT JOIN items_localized ON (items_localized.entry=items.entry AND language_code='" . $locales_search_option . "') " : " ") . "WHERE items.entry='" . $slot["entry"] . "'"; $i_result = $sql["world"]->query($i_query); $i = $sql["world"]->fetch_assoc($i_result); if (isset($bag[0][$slot["slot"] - 23])) { $bag[0][$slot["slot"] - 23][0]++; } else { $bag[0][$slot["slot"] - 23] = array($slot["entry"], 0, $slot["count"], $i, $slot["enchantment"], $slot["property"], $slot["creator"], $slot["durability"], $slot["flags"], $slot["bag"], $slot["slot"]); } } elseif ($slot["slot"] < 67) { $i_query = "SELECT\r\n *, description AS description1, name1 AS name, quality AS Quality, inventorytype AS InventoryType, \r\n socket_color_1 AS socketColor_1, socket_color_2 AS socketColor_2, socket_color_3 AS socketColor_3,\r\n requiredlevel AS RequiredLevel, allowableclass AS AllowableClass,\r\n sellprice AS SellPrice, itemlevel AS ItemLevel\r\n FROM items " . ($locales_search_option != 0 ? "LEFT JOIN items_localized ON (items_localized.entry=items.entry AND language_code='" . $locales_search_option . "') " : " ") . "WHERE items.entry='" . $slot["entry"] . "'"; $i_result = $sql["world"]->query($i_query); $i = $sql["world"]->fetch_assoc($i_result); $bank[0][$slot["slot"] - 39] = array($slot["entry"], 0, $slot["count"], $i, $slot["enchantment"], $slot["property"], $slot["creator"], $slot["durability"], $slot["flags"], $slot["bag"], $slot["slot"]); } elseif ($slot["slot"] < 74) { $bank_bag_id[$slot["slot"]] = $slot["slot"] - 66; $equip_bnk_bag_id[$slot["slot"] - 66] = array($slot["entry"], $sql["world"]->result($sql["world"]->query("SELECT containerslots FROM items\r\n WHERE entry='" . $slot["entry"] . "'"), 0, "containerslots"), $slot["count"]); } } else { // Bags if (isset($bag_id[$slot["containerslot"]])) { $i_query = "SELECT\r\n *, description AS description1, name1 AS name, quality AS Quality, inventorytype AS InventoryType, \r\n socket_color_1 AS socketColor_1, socket_color_2 AS socketColor_2, socket_color_3 AS socketColor_3,\r\n requiredlevel AS RequiredLevel, allowableclass AS AllowableClass,\r\n sellprice AS SellPrice, itemlevel AS ItemLevel\r\n FROM items " . ($locales_search_option != 0 ? "LEFT JOIN items_localized ON (items_localized.entry=items.entry AND language_code='" . $locales_search_option . "') " : " ") . "WHERE items.entry='" . $slot["entry"] . "'"; $i_result = $sql["world"]->query($i_query); $i = $sql["world"]->fetch_assoc($i_result); if (isset($bag[$bag_id[$slot["containerslot"]]][$slot["slot"]])) { $bag[$bag_id[$slot["containerslot"]]][$slot["slot"]][1]++; } else { $bag[$bag_id[$slot["containerslot"]]][$slot["slot"]] = array($slot["entry"], 0, $slot["count"], $i, $slot["enchantment"], $slot["property"], $slot["creator"], $slot["durability"], $slot["flags"], $slot["bag"], $slot["slot"]); } } elseif (isset($bank_bag_id[$slot["containerslot"]])) { $i_query = "SELECT\r\n *, description AS description1, name1 AS name, quality AS Quality, inventorytype AS InventoryType, \r\n socket_color_1 AS socketColor_1, socket_color_2 AS socketColor_2, socket_color_3 AS socketColor_3,\r\n requiredlevel AS RequiredLevel, allowableclass AS AllowableClass,\r\n sellprice AS SellPrice, itemlevel AS ItemLevel\r\n FROM items " . ($locales_search_option != 0 ? "LEFT JOIN items_localized ON (items_localized.entry=items.entry AND language_code='" . $locales_search_option . "') " : " ") . "WHERE items.entry='" . $slot["entry"] . "'"; $i_result = $sql["world"]->query($i_query); $i = $sql["world"]->fetch_assoc($i_result); $bank[$bank_bag_id[$slot["containerslot"]]][$slot["slot"]] = array($slot["entry"], 0, $slot["count"], $i, $slot["enchantment"], $slot["property"], $slot["creator"], $slot["durability"], $slot["flags"], $slot["bag"], $slot["slot"]); } } } else { if ($slot["bag"] == 0 && $slot["slot"] > 18) { if ($slot["slot"] < 23) { $bag_id[$slot["item"]] = $slot["slot"] - 18; $equiped_bag_id[$slot["slot"] - 18] = array($slot["entry"], $sql["world"]->result($sql["world"]->query("SELECT ContainerSlots FROM item_template\r\n WHERE entry='" . $slot["entry"] . "'"), 0, "containerslots"), $slot["count"]); } elseif ($slot["slot"] < 39) { $i_query = "SELECT *, description AS description1 FROM item_template " . ($locales_search_option != 0 ? "LEFT JOIN locales_item ON locales_item.entry=item_template.entry " : " ") . "WHERE item_template.entry='" . $slot["entry"] . "'"; $i_result = $sql["world"]->query($i_query); $i = $sql["world"]->fetch_assoc($i_result); if (isset($bag[0][$slot["slot"] - 23])) { $bag[0][$slot["slot"] - 23][0]++; } else { $bag[0][$slot["slot"] - 23] = array($slot["entry"], 0, $slot["count"], $i, $slot["enchantment"], $slot["property"], $slot["creator"], $slot["durability"], $slot["flags"], $slot["bag"], $slot["slot"]); } } elseif ($slot["slot"] < 67) { $i_query = "SELECT *, description AS description1 FROM item_template " . ($locales_search_option != 0 ? "LEFT JOIN locales_item ON locales_item.entry=item_template.entry " : " ") . "WHERE item_template.entry='" . $slot["entry"] . "'"; $i_result = $sql["world"]->query($i_query); $i = $sql["world"]->fetch_assoc($i_result); $bank[0][$slot["slot"] - 39] = array($slot["entry"], 0, $slot["count"], $i, $slot["enchantment"], $slot["property"], $slot["creator"], $slot["durability"], $slot["flags"], $slot["bag"], $slot["slot"]); } elseif ($slot["slot"] < 74) { $bank_bag_id[$slot["item"]] = $slot["slot"] - 66; $equip_bnk_bag_id[$slot["slot"] - 66] = array($slot["entry"], $sql["world"]->result($sql["world"]->query('SELECT ContainerSlots FROM item_template WHERE entry = ' . $slot["entry"] . ''), 0, "ContainerSlots"), $slot["count"]); } } else { // Bags if (isset($bag_id[$slot["bag"]])) { $i_query = "SELECT *, description AS description1 FROM item_template " . ($locales_search_option != 0 ? "LEFT JOIN locales_item ON locales_item.entry=item_template.entry " : " ") . "WHERE item_template.entry='" . $slot["entry"] . "'"; $i_result = $sql["world"]->query($i_query); $i = $sql["world"]->fetch_assoc($i_result); if (isset($bag[$bag_id[$slot["bag"]]][$slot["slot"]])) { $bag[$bag_id[$slot["bag"]]][$slot["slot"]][1]++; } else { $bag[$bag_id[$slot["bag"]]][$slot["slot"]] = array($slot["entry"], 0, $slot["count"], $i, $slot["enchantment"], $slot["property"], $slot["creator"], $slot["durability"], $slot["flags"], $slot["bag"], $slot["slot"]); } } elseif (isset($bank_bag_id[$slot["bag"]])) { $i_query = "SELECT *, description AS description1 FROM item_template " . ($locales_search_option != 0 ? "LEFT JOIN locales_item ON locales_item.entry=item_template.entry " : " ") . "WHERE item_template.entry='" . $slot["entry"] . "'"; $i_result = $sql["world"]->query($i_query); $i = $sql["world"]->fetch_assoc($i_result); $bank[$bank_bag_id[$slot["bag"]]][$slot["slot"]] = array($slot["entry"], 0, $slot["count"], $i, $slot["enchantment"], $slot["property"], $slot["creator"], $slot["durability"], $slot["flags"], $slot["bag"], $slot["slot"]); } } } } unset($slot); unset($bag_id); unset($bank_bag_id); unset($result); //------------------------Character Tabs--------------------------------- // we start with a lead of 10 spaces, // because last line of header is an opening tag with 8 spaces // keep html indent in sync, so debuging from browser source would be easy to read $output .= ' <!-- start of char_inv.php --> <div class="tab"> <ul> <li><a href="char.php?id=' . $cid . '&realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>'; $output .= ' <li class="selected"><a href="char_inv.php?id=' . $cid . '&realm=' . $realmid . '">' . lang("char", "inventory") . '</a></li>'; if ($view_talent_override) { $output .= ' ' . ($char["level"] < 10 ? '' : '<li><a href="char_talent.php?id=' . $cid . '&realm=' . $realmid . '">' . lang("char", "talents") . '</a></li>') . ''; } if ($view_achieve_override) { $output .= ' <li><a href="char_achieve.php?id=' . $cid . '&realm=' . $realmid . '">' . lang("char", "achievements") . '</a></li>'; } if ($view_quest_override) { $output .= ' <li><a href="char_quest.php?id=' . $cid . '&realm=' . $realmid . '">' . lang("char", "quests") . '</a></li>'; } if ($view_friends_override) { $output .= ' <li><a href="char_friends.php?id=' . $cid . '&realm=' . $realmid . '">' . lang("char", "friends") . '</a></li>'; } if ($view_view_override) { $output .= ' <li><a href="char_view.php?id=' . $cid . '&realm=' . $realmid . '">' . lang("char", "view") . '</a></li>'; } $output .= ' </ul> </div> <div class="tab_content center" id="ch_inv_bags_wrap"> <span class="bold"> ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' - <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . ' </span> <br /> <br /> <table class="lined" id="ch_inv_bags"> <tr>'; //---------------Page Specific Data Starts Here-------------------------- // equipped bags for ($i = 4; $i > 0; --$i) { $output .= ' <th>'; if ($equiped_bag_id[$i]) { $output .= ' <a href="' . $base_datasite . $item_datasite . $equiped_bag_id[$i][0] . '" rel="external"> <img class="bag_icon" src="' . get_item_icon($equiped_bag_id[$i][0]) . '" alt="" /> </a> ' . lang("item", "bag") . ' ' . $i . '<br /> <span class="small">' . $equiped_bag_id[$i][1] . ' ' . lang("item", "slots") . '</span>'; } $output .= ' </th>'; } $output .= ' </tr> <tr>'; // equipped bag slots for ($t = 4; $t > 0; --$t) { // this_is_junk: style left hardcoded because it's calculated. $output .= ' <td align="center"> <div class="bag" style="width: ' . 4 * 43 . 'px; height: ' . ceil($equiped_bag_id[$t][1] / 4) * 41 . 'px;">'; $dsp = $equiped_bag_id[$t][1] % 4; if ($dsp) { $output .= ' <div class="no_slot"></div>'; } foreach ($bag[$t] as $pos => $item) { // this_is_junk: style left hardcoded because it's calculated. $item[2] = $item[2] == 1 ? '' : $item[2]; $output .= ' <div class="bag_slot" style="left: ' . (($pos + $dsp) % 4 * 43 + 4) . 'px; top: ' . (floor(($pos + $dsp) / 4) * 41 + 4) . 'px;"> <a href="' . $base_datasite . $item_datasite . $item[0] . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . $t . 'p' . $pos . ($pos + $dsp) % 4 * 42 . 'x' . floor(($pos + $dsp) / 4) * 41 . '\');" onmouseout="HideTooltip(\'_b' . $t . 'p' . $pos . ($pos + $dsp) % 4 * 42 . 'x' . floor(($pos + $dsp) / 4) * 41 . '\');"> <img src="' . get_item_icon($item[0]) . '" alt="" class="inv_icon" /> </a>'; if ($mode) { $output .= ' <div> <a href="char_inv.php?action=delete_item&id=' . $cid . '&bag=' . $item[9] . '&slot=' . $item[10] . '&item=' . $item[0] . '&mode=' . $mode . '"> <img src="img/aff_cross.png" class="ch_inv_delete" alt="" /> </a> </div>'; } else { $output .= ' <div class="ch_inv_quantity_shadow">' . $item[2] . '</div> <div class="ch_inv_quantity">' . $item[2] . '</div>'; } $output .= ' </div>'; // build a tooltip object for this item $output .= ' <div class="item_tooltip" id="tooltip_b' . $t . 'p' . $pos . ($pos + $dsp) % 4 * 42 . 'x' . floor(($pos + $dsp) / 4) * 41 . '" style="left: ' . (($pos + $dsp) % 4 * 42 - 129) . 'px; top: ' . (floor(($pos + $dsp) / 4) * 41 + 42) . 'px;"> <table> <tr> <td>' . get_item_tooltip($item[3], $item[4], $item[5], $item[6], $item[7], $item[8]) . '</td> </tr> </table> </div>'; } $output .= ' </div> </td>'; } unset($equiped_bag_id); // this_is_junk: style left hardcoded because it's calculated. $output .= ' </tr> <tr> <th colspan="2" align="left"> <img class="bag_icon" src="' . get_item_icon(3960) . '" alt="" id="ch_backpack_icon_margin" /> <span id="ch_backpack_name_margin">' . lang("char", "backpack") . '</span> </th> <th colspan="2"> ' . lang("char", "bank_items") . ' </th> </tr> <tr> <td colspan="2" style="height: 220px; text-align: center;"> <div class="bag" id="ch_backpack" style="width: ' . 4 * 43 . 'px; height: ' . ceil(16 / 4) * 41 . 'px;">'; // inventory items foreach ($bag[0] as $pos => $item) { // this_is_junk: style left hardcoded because it's calculated. $item[2] = $item[2] == 1 ? '' : $item[2]; $output .= ' <div class="bag_slot" style="left: ' . ($pos % 4 * 43 + 4) . 'px; top: ' . (floor($pos / 4) * 41 + 4) . 'px;"> <a href="' . $base_datasite . $item_datasite . $item[0] . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . $t . 'p' . $pos . $pos % 4 * 42 . 'x' . floor($pos / 4) * 41 . '\');" onmouseout="HideTooltip(\'_b' . $t . 'p' . $pos . $pos % 4 * 42 . 'x' . floor($pos / 4) * 41 . '\');"> <img src="' . get_item_icon($item[0]) . '" class="inv_icon" alt="" /> </a>'; if ($mode) { $output .= ' <div> <a href="char_inv.php?action=delete_item&id=' . $cid . '&bag=' . $item[9] . '&slot=' . $item[10] . '&item=' . $item[0] . '&mode=' . $mode . '"> <img src="img/aff_cross.png" class="ch_inv_delete" alt="" /> </a> </div>'; } else { $output .= ' <div class="ch_inv_quantity_shadow">' . $item[2] . '</div> <div class="ch_inv_quantity">' . $item[2] . '</div>'; } $output .= ' </div>'; // build a tooltip object for this item $output .= ' <div class="item_tooltip" id="tooltip_b' . $t . 'p' . $pos . $pos % 4 * 42 . 'x' . floor($pos / 4) * 41 . '" style="left: ' . ($pos % 4 * 42 - 129) . 'px; top: ' . (floor($pos / 4) * 41 + 42) . 'px;"> <table> <tr> <td>' . get_item_tooltip($item[3], $item[4], $item[5], $item[6], $item[7], $item[8]) . '</td> </tr> </table> </div>'; } unset($bag); $output .= ' </div> <div id="ch_money"> <b> ' . substr($char["gold"], 0, -4) . '<img src="img/gold.gif" alt="gold" style="position: relative; bottom: -6px;" /> ' . substr($char["gold"], -4, 2) . '<img src="img/silver.gif" alt="silver" style="position: relative; bottom: -6px;" /> ' . substr($char["gold"], -2) . '<img src="img/copper.gif" alt="copper" style="position: relative; bottom: -6px;" /> </b> </div> </td> <td colspan="2" align="center"> <div class="bag bank" style="width: ' . (7 * 43 + 2) . 'px; height: ' . ceil(24 / 7) * 41 . 'px;">'; // bank items foreach ($bank[0] as $pos => $item) { // this_is_junk: style left hardcoded because it's calculated. $item[2] = $item[2] == 1 ? '' : $item[2]; $output .= ' <div class="bag_slot" style="left: ' . ($pos % 7 * 43 + 4) . 'px; top: ' . (floor($pos / 7) * 41 + 4) . 'px;"> <a href="' . $base_datasite . $item_datasite . $item[0] . '" rel="external" onmouseover="ShowTooltip(this,\'_bbp' . $pos . $pos % 7 * 43 . 'x' . floor($pos / 7) * 41 . '\');" onmouseout="HideTooltip(\'_bbp' . $pos . $pos % 7 * 43 . 'x' . floor($pos / 7) * 41 . '\');"> <img src="' . get_item_icon($item[0]) . '" class="inv_icon" alt="" /> </a>'; if ($mode) { $output .= ' <div> <a href="char_inv.php?action=delete_item&id=' . $cid . '&bag=' . $item[9] . '&slot=' . $item[10] . '&item=' . $item[0] . '&mode=' . $mode . '"> <img src="img/aff_cross.png" class="ch_inv_delete" alt="" /> </a> </div>'; } else { $output .= ' <div class="ch_inv_quantity_shadow">' . $item[2] . '</div> <div class="ch_inv_quantity">' . $item[2] . '</div>'; } $output .= ' </div>'; // build a tooltip object for this item $output .= ' <div class="item_tooltip" id="tooltip_bbp' . $pos . $pos % 7 * 43 . 'x' . floor($pos / 7) * 41 . '" style="left: ' . ($pos % 7 * 43 - 129) . 'px; top: ' . (floor($pos / 7) * 41 + 42) . 'px;"> <table> <tr> <td>' . get_item_tooltip($item[3], $item[4], $item[5], $item[6], $item[7], $item[8]) . '</td> </tr> </table> </div>'; } $output .= ' </div> </td> </tr> <tr>'; // equipped bank bags, first 4 for ($i = 1; $i < 5; ++$i) { $output .= ' <th>'; if ($equip_bnk_bag_id[$i]) { $output .= ' <a href="' . $base_datasite . $item_datasite . $equip_bnk_bag_id[$i][0] . '" rel="external"> <img class="bag_icon" src="' . get_item_icon($equip_bnk_bag_id[$i][0]) . '" alt="" /> </a> ' . lang("item", "bag") . ' ' . $i . '<br /> <span class="small">' . $equip_bnk_bag_id[$i][1] . ' ' . lang("item", "slots") . '</span>'; } $output .= ' </th>'; } $output .= ' </tr> <tr>'; // equipped bank bag slots for ($t = 1; $t < 8; ++$t) { // equipped bank bags, last 3 if ($t === 5) { $output .= ' </tr> <tr>'; for ($i = 5; $i < 8; ++$i) { $output .= ' <th>'; if ($equip_bnk_bag_id[$i]) { $output .= ' <a href="' . $base_datasite . $item_datasite . $equip_bnk_bag_id[$i][0] . '" rel="external"> <img class="bag_icon" src="' . get_item_icon($equip_bnk_bag_id[$i][0]) . '" alt="" /> </a> ' . lang("item", "bag") . ' ' . $i . '<br /> <span class="small">' . $equip_bnk_bag_id[$i][1] . ' ' . lang("item", "slots") . '</span>'; } $output .= ' </th>'; } $output .= ' <th> </th> </tr> <tr>'; } // this_is_junk: style left hardcoded because it's calculated. $output .= ' <td align="center"> <div class="bag bank" style="width: ' . (4 * 43 + 2) . 'px; height: ' . ceil($equip_bnk_bag_id[$t][1] / 4) * 41 . 'px;">'; $dsp = $equip_bnk_bag_id[$t][1] % 4; if ($dsp) { $output .= ' <div class="no_slot"></div>'; } foreach ($bank[$t] as $pos => $item) { // this_is_junk: style left hardcoded because it's calculated. $item[2] = $item[2] == 1 ? '' : $item[2]; $output .= ' <div class="bag_slot" style="left: ' . (($pos + $dsp) % 4 * 43 + 4) . 'px; top: ' . (floor(($pos + $dsp) / 4) * 41 + 4) . 'px;"> <a href="' . $base_datasite . $item_datasite . $item[0] . '" rel="external" onmouseover="ShowTooltip(this,\'_bb' . $t . 'p' . $pos . ($pos + $dsp) % 4 * 43 . 'x' . floor(($pos + $dsp) / 4) * 41 . '\');" onmouseout="HideTooltip(\'_bb' . $t . 'p' . $pos . ($pos + $dsp) % 4 * 43 . 'x' . floor(($pos + $dsp) / 4) * 41 . '\');"> <img src="' . get_item_icon($item[0]) . '" class="inv_icon" alt="" /> </a>'; if ($mode) { $output .= ' <div> <a href="char_inv.php?action=delete_item&id=' . $cid . '&bag=' . $item[9] . '&slot=' . $item[10] . '&item=' . $item[0] . '&mode=' . $mode . '"> <img src="img/aff_cross.png" class="ch_inv_delete" alt="" /> </a> </div>'; } else { $output .= ' <div class="ch_inv_quantity_shadow">' . $item[2] . '</div> <div class="ch_inv_quantity">' . $item[2] . '</div>'; } $output .= ' </div>'; // build a tooltip object for this item $output .= ' <div class="item_tooltip" id="tooltip_bb' . $t . 'p' . $pos . ($pos + $dsp) % 4 * 43 . 'x' . floor(($pos + $dsp) / 4) * 41 . '" style="left: ' . (($pos + $dsp) % 4 * 43 - 129) . 'px; top: ' . (floor(($pos + $dsp) / 4) * 41 + 42) . 'px;"> <table> <tr> <td>' . get_item_tooltip($item[3], $item[4], $item[5], $item[6], $item[7], $item[8]) . '</td> </tr> </table> </div>'; } $output .= ' </div> </td>'; } unset($equip_bnk_bag_id); unset($bank); $output .= ' <td><div class="bag bank"></div></td>'; //---------------Page Specific Data Ends here---------------------------- //---------------Character Tabs Footer----------------------------------- $output .= ' </tr> </table> </div> <br /> <table class="hidden"> <tr> <td>'; // button to user account page, user account page has own security makebutton(lang("char", "chars_acc"), 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130); $output .= ' </td> <td>'; // show Delete Mode / View Mode button depending on current mode if ($mode) { makebutton(lang("char", "viewmode"), 'char_inv.php?id=' . $cid . '&realm=' . $realmid . '&mode=0" type="def', 130); } else { makebutton(lang("char", "deletemode"), 'char_inv.php?id=' . $cid . '&realm=' . $realmid . '&mode=1" type="def', 130); } $output .= ' </td> <td>'; // only higher level GM with delete access can edit character // character edit allows removal of character items, so delete permission is needed if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"]) { //makebutton($lang_char["edit_button"], 'char_edit.php?id='.$cid.'&realm='.$realmid.'', 130); $output .= ' </td> <td>'; } // only higher level GM with delete access, or character owner can delete character if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"] || $owner_name === $user_name) { makebutton(lang("char", "del_char"), 'char_list.php?action=del_char_form&check%5B%5D=' . $cid . '" type="wrn', 130); $output .= ' </td> <td>'; } // only GM with update permission can send mail, mail can send items, so update permission is needed if ($user_lvl >= $action_permission["update"]) { makebutton(lang("char", "send_mail"), 'mail.php?type=ingame_mail&to=' . $char["name"] . '', 130); $output .= ' </td> <td>'; } makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> <br /> <!-- end of char_inv.php -->'; } else { error(lang("char", "no_permission")); } } else { error(lang("char", "no_char_found")); } }
function show_list() { global $realm_id, $output, $logon_db, $characters_db, $itemperpage, $action_permission, $user_lvl, $sql, $core; valid_login($action_permission["view"]); if ($core == 1) { $query = "SELECT * FROM characters WHERE acct='" . $_SESSION["user_id"] . "'"; } else { $query = "SELECT * FROM characters WHERE account='" . $_SESSION["user_id"] . "'"; } $result = $sql["char"]->query($query); $num_rows = $sql["char"]->num_rows($result); $output .= ' <table class="top_hidden"> <tr> <td> <div class="half_frame fieldset_border center"> <span class="legend">' . lang("ultra", "selectchar") . '</span>'; if ($num_rows == 0) { // Localization $nochars = lang("ultra", "nochars"); $nochars = str_replace("%1", $_SESSION["login"], $nochars); $output .= ' <table> <tr> <td> <b>' . $nochars . '</b> </td> </tr> <tr> <td>'; makebutton(lang("global", "back"), "javascript:window.history.back()\" type=\"def", 130); $output .= ' </td> </tr> </table>'; } else { $output .= ' <form method="get" action="ultra_vendor.php" id="form"> <div> <input type="hidden" name="action" value="selected_char" /> </div> <table class="lined" id="xname_char_table"> <tr> <th class="xname_radio"> </th> <th class="xname_name">' . lang("xname", "char") . '</th> <th class="xname_LRC">' . lang("xname", "lvl") . '</th> <th class="xname_LRC">' . lang("xname", "race") . '</th> <th class="xname_LRC">' . lang("xname", "class") . '</th> </tr>'; if ($num_rows > 1) { while ($field = $sql["char"]->fetch_assoc($result)) { $output .= ' <tr> <td> <input type="radio" name="charname" value="' . $field["name"] . '" /> </td> <td>' . $field["name"] . '</td> <td>' . char_get_level_color($field["level"]) . '</td> <td> <img src="img/c_icons/' . $field["race"] . '-' . $field["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($field["race"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <img src="img/c_icons/' . $field["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($field["class"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> </tr>'; } } else { $field = $sql["char"]->fetch_assoc($result); $output .= ' <tr> <td> <input type="radio" name="charname" value="' . $field["name"] . '" checked="true" /> </td> <td>' . $field["name"] . '</td> <td>' . char_get_level_color($field["level"]) . '</td> <td> <img src="img/c_icons/' . $field["race"] . '-' . $field["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($field["race"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <img src="img/c_icons/' . $field["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($field["class"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> </td> </tr>'; } $output .= ' <tr> <td class="hidden" colspan="3">'; makebutton(lang("ultra", "select"), "javascript:do_submit()\" type=\"def", 180); $output .= ' </td> <td class="hidden" colspan="2">'; makebutton(lang("global", "back"), "javascript:window.history.back()\" type=\"def", 130); $output .= ' </td> </tr> </table> </form>'; } $output .= ' </div> </td> </tr> </table>'; }
function edit_user() { global $output, $dbc_db, $corem_db, $logon_db, $characters_db, $corem_db, $realm_id, $invite_only, $timezone_offset, $user_name, $user_id, $expansion_select, $server, $developer_test_mode, $multi_realm_mode, $remember_me_checked, $achievement_point_points, $achievement_point_credits, $credits_fractional, $sql, $core; $refguid = $sql["mgr"]->result($sql["mgr"]->query("SELECT InvitedBy FROM point_system_invites WHERE PlayersAccount='" . $user_id . "'"), 0, 'InvitedBy'); $referred_by = $sql["char"]->result($sql["char"]->query("SELECT name FROM characters WHERE guid='" . $refguid . "'"), 0, 'name'); unset($refguid); if ($core == 1) { $query = "SELECT email, flags, lastip FROM accounts WHERE login='******'"; } else { $query = "SELECT email, expansion AS flags, last_ip AS lastip FROM account WHERE username='******'"; } if ($acc = $sql["logon"]->fetch_assoc($sql["logon"]->query($query))) { // if we have a screen name, we need to use it $screen_name_query = "SELECT *,\n SUBSTRING_INDEX(SUBSTRING_INDEX(Avatar, ' ', 1), ' ', -1) AS avatarsex,\n SUBSTRING_INDEX(SUBSTRING_INDEX(Avatar, ' ', 2), ' ', -1) AS avatarrace,\n SUBSTRING_INDEX(SUBSTRING_INDEX(Avatar, ' ', 3), ' ', -1) AS avatarclass,\n SUBSTRING_INDEX(SUBSTRING_INDEX(Avatar, ' ', 4), ' ', -1) AS avatarlevel\n FROM config_accounts WHERE Login='******'"; $screen_name = $sql["mgr"]->query($screen_name_query); $screen_name = $sql["mgr"]->fetch_assoc($screen_name); if ($screen_name["SecurityLevel"] >= 1073741824) { $screen_name["SecurityLevel"] -= 1073741824; } // ArcEmu: find out if we're using an encrypted password for this account if ($core == 1) { $pass_query = "SELECT * FROM accounts WHERE login='******' AND encrypted_password<>''"; $pass_result = $sql["logon"]->query($pass_query); $arc_encrypted = $sql["logon"]->num_rows($pass_result); } $output .= ' <script type="text/javascript" src="libs/js/sha1.js"></script> <script type="text/javascript"> // <![CDATA[ function do_submit_data () { var myForm = document.getElementById("form")'; if ($core == 1) { if ($arc_encrypted) { $output .= ' myForm.pass.value = hex_sha1("' . strtoupper($user_name) . ':" + myForm.user_pass.value.toUpperCase());'; } else { $output .= ' myForm.pass.value = myForm.user_pass.value;'; } } else { $output .= ' myForm.pass.value = hex_sha1("' . strtoupper($user_name) . ':" + myForm.user_pass.value.toUpperCase());'; } $output .= ' myForm.pass.value = myForm.pass.value.toUpperCase(); do_submit(); } // ]]> </script> <div id="edit_fieldset" class="fieldset_border center"> <span class="legend">' . lang("edit", "edit_acc") . '</span> <form method="post" action="edit.php?action=doedit_user" id="form"> <div> <input type="hidden" name="pass" value="" maxlength="256" /> </div> <table class="flat" id="edit_fieldset_table"> <tr> <td>' . lang("edit", "id") . ':</td> <td colspan="2">' . htmlspecialchars($user_id) . '</td> </tr> <tr> <td>' . lang("edit", "username") . ':</td> <td colspan="2">' . htmlspecialchars($user_name) . '</td> </tr>'; if (!$screen_name["ScreenName"]) { $output .= ' <tr> <td>' . lang("edit", "screenname") . ':</td> <td colspan="2"><input type="text" name="screenname" size="42" maxlength="14" /></td> </tr>'; } else { $output .= ' <tr> <td>' . lang("edit", "screenname") . ':</td> <td colspan="2">' . htmlspecialchars($screen_name["ScreenName"]) . '</td> </tr>'; } $output .= ' <tr> <td>' . lang("edit", "password") . ':</td> <td colspan="2"> <input type="text" name="user_pass" size="39" maxlength="40" value="******" /> <img src="img/information.png" onmousemove="oldtoolTip(\'' . lang("edit", "pass_warning") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> </tr> <tr> <td>' . lang("edit", "mail") . ':</td>'; if ($screen_name["TempEmail"]) { $output .= ' <td colspan="2"> <a href="edit.php?action=cancel_email_change" > <img src="img/aff_warn.gif" onmousemove="oldtoolTip(\'' . lang("edit", "email_changed") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </a> <input type="text" name="mail" size="39" maxlength="225" value="' . $acc["email"] . '" /> </td>'; } else { $output .= ' <td colspan="2"><input type="text" name="mail" size="42" maxlength="225" value="' . $acc["email"] . '" /></td>'; } $output .= ' </tr> <tr> <td>' . lang("edit", "invited_by") . ':</td> <td colspan="2">'; if ($referred_by == NULL) { $output .= ' <input type="text" name="referredby" size="20" maxlength="12" value="' . $referred_by . '" /> (' . lang("user", "charname") . ')'; } else { $output .= ' ' . htmlspecialchars($referred_by) . ''; } $output .= ' </td> </tr> <tr> <td>' . lang("edit", "gm_level") . ':</td> <td colspan="2">' . id_get_gm_level($screen_name["SecurityLevel"]) . ' ( ' . $screen_name["SecurityLevel"] . ' )</td> </tr> <tr> <td>' . lang("edit", "last_ip") . ':</td> <td colspan="2">' . htmlspecialchars($acc["lastip"]) . '</td> </tr>'; if ($expansion_select) { if ($core == 1) { $output .= ' <tr> <td>' . lang("edit", "client_type") . ':</td> <td colspan="2"> <select name="expansion"> <option value="24" ' . ($acc["flags"] == 24 ? 'selected="selected"' : '') . '>' . lang("edit", "wotlktbc") . '</option> <option value="16" ' . ($acc["flags"] == 16 ? 'selected="selected"' : '') . '>' . lang("edit", "wotlk") . '</option> <option value="8" ' . ($acc["flags"] == 8 ? 'selected="selected"' : '') . '>' . lang("edit", "tbc") . '</option> <option value="0" ' . ($acc["flags"] == 0 ? 'selected="selected"' : '') . '>' . lang("edit", "classic") . '</option> </select> </td> </tr>'; } else { $output .= ' <tr> <td>' . lang("edit", "client_type") . ':</td> <td colspan="2"> <select name="expansion"> <option value="2" ' . ($acc["flags"] == 2 ? 'selected="selected"' : '') . '>' . lang("edit", "wotlktbc") . '</option> <option value="1" ' . ($acc["flags"] == 1 ? 'selected="selected"' : '') . '>' . lang("edit", "tbc") . '</option> <option value="0" ' . ($acc["flags"] == 0 ? 'selected="selected"' : '') . '>' . lang("edit", "classic") . '</option> </select> </td> </tr>'; } } $output .= ' <tr> <td>' . lang("edit", "credits") . ':</td> <td colspan="2">' . ($screen_name["Credits"] < 0 ? lang("edit", "unlimited") : (double) $screen_name["Credits"]) . '</td> </tr>'; foreach ($characters_db as $db) { $sqlt = new SQL(); $sqlt->connect($db["addr"], $db["user"], $db["pass"], $db["name"], $db["encoding"]); if ($core == 1) { $query = "SELECT COUNT(*) FROM characters WHERE acct='" . $user_id . "'"; } else { $query = "SELECT COUNT(*) FROM characters WHERE account='" . $user_id . "'"; } $result = $sqlt->query($query); $fields = $sqlt->fetch_assoc($result); $c_count += $fields["COUNT(*)"]; } $output .= ' <tr> <td>' . lang("edit", "tot_chars") . ':</td> <td colspan="2">' . $c_count . '</td> </tr>'; $total_achieve_points = 0; $realms = $sql["mgr"]->query("SELECT * FROM config_servers"); if (1 < $sql["mgr"]->num_rows($realms) && 1 < count($server) && 1 < count($characters_db)) { while ($realm = $sql["mgr"]->fetch_assoc($realms)) { $sql["char"]->connect($characters_db[$realm["Index"]]["addr"], $characters_db[$realm["Index"]]["user"], $characters_db[$realm["Index"]]["pass"], $characters_db[$realm["Index"]]["name"], $characters_db[$realm["Index"]]["encoding"]); if ($core == 1) { $result = $sql["char"]->query("SELECT guid, name, race, class, level, gender, timestamp,\n IFNULL((SELECT SUM(points) FROM character_achievement LEFT JOIN `" . $dbc_db["name"] . "`.achievement ON `" . $dbc_db["name"] . "`.achievement.id=character_achievement.achievement WHERE character_achievement.guid=characters.guid), 0) AS ach_points\n FROM characters WHERE acct='" . $user_id . "'"); } else { $result = $sql["char"]->query("SELECT guid, name, race, class, level, gender, logout_time AS timestamp,\n IFNULL((SELECT SUM(points) FROM character_achievement LEFT JOIN `" . $dbc_db["name"] . "`.achievement ON `" . $dbc_db["name"] . "`.achievement.id=character_achievement.achievement WHERE character_achievement.guid=characters.guid), 0) AS ach_points\n FROM characters WHERE account='" . $user_id . "'"); } // calculate timezone offset $time_offset = $timezone_offset * 3600; $output .= ' <tr> <td colspan="3"> </td> </tr> <tr> <td colspan="3">' . lang("index", "realm") . ': ' . $realm["Name"] . '</td> </tr> <tr> <td>' . lang("edit", "characters") . ':</td> <td>' . $sql["char"]->num_rows($result) . '</td> </tr>'; while ($char = $sql["char"]->fetch_assoc($result)) { if ($char["timestamp"] != 0) { $lastseen = date("F j, Y @ Hi", $char["timestamp"] + $time_offset); } else { $lastseen = '-'; } // add this character's achievement points to our total $total_achieve_points += $char["ach_points"]; $output .= ' <tr> <td> \'---></td> <td> <a href="char.php?id=' . $char["guid"] . '&realm=' . $realm["Index"] . '">' . $char["name"] . '</a> - <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . ' </td> <td>' . $lastseen . '</td> </tr>'; } } unset($realm); } else { if ($core == 1) { $result = $sql["char"]->query("SELECT guid, name, race, class, level, gender, timestamp,\n IFNULL((SELECT SUM(points) FROM character_achievement LEFT JOIN `" . $dbc_db["name"] . "`.achievement ON `" . $dbc_db["name"] . "`.achievement.id=character_achievement.achievement WHERE character_achievement.guid=characters.guid), 0) AS ach_points\n FROM characters WHERE acct='" . $user_id . "'"); } else { $result = $sql["char"]->query("SELECT guid, name, race, class, level, gender, logout_time AS timestamp,\n IFNULL((SELECT SUM(points) FROM character_achievement LEFT JOIN `" . $dbc_db["name"] . "`.achievement ON `" . $dbc_db["name"] . "`.achievement.id=character_achievement.achievement WHERE character_achievement.guid=characters.guid), 0) AS ach_points\n FROM characters WHERE account='" . $user_id . "'"); } // calculate timezone offset $time_offset = $timezone_offset * 3600; $output .= ' <!-- tr> <td>' . lang("edit", "characters") . ':</td> <td>' . $sql["char"]->num_rows($result) . '</td> </tr -->'; while ($char = $sql["char"]->fetch_assoc($result)) { if ($char["timestamp"] != 0) { $lastseen = date("F j, Y @ Hi", $char["timestamp"] + $time_offset); } else { $lastseen = '-'; } // add this character's achievement points to our total $total_achieve_points += $char["ach_points"]; $output .= ' <tr> <td> \'---></td> <td> <a href="char.php?id=' . $char["guid"] . '">' . $char["name"] . '</a> - <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt=""/> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . ' </td> <td>' . $lastseen . '</td> </tr>'; } } unset($result); unset($realms); // Achievement Point to Credit conversion if ($achievement_point_credits && $screen_name["Credits"] >= 0) { $output .= ' <tr> <td colspan="3"> <hr /> </td> </tr> <tr> <td colspan="3"> <table> <tr> <td>' . lang("edit", "total_achieve_points") . ':</td> <td colspan="2"> <span>' . $total_achieve_points . '</span> </td> </tr> <tr> <td>' . lang("edit", "total_achieve_spent") . ':</td> <td colspan="2"> <span>' . $screen_name["AchievePointsSpent"] . '</span> </td> </tr> <tr> <td>' . lang("edit", "achieve_points_available") . ':</td> <td colspan="2"> <span>' . ($total_achieve_points - $screen_name["AchievePointsSpent"]) . '</span> <img src="img/information.png" style="position: relative; top: 4px;" onmousemove="oldtoolTip(\'' . lang("edit", "achieve_warning") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> </tr>'; if ($credits_fractional) { $output .= ' <tr> <td>' . lang("edit", "points_to_credits") . ':</td> <td colspan="2"> <span>' . $achievement_point_credits / $achievement_point_points . ' ' . lang("edit", "credits") . '</span> </td> </tr>'; } else { $output .= ' <tr> <td>' . lang("edit", "points_to_credits") . ':</td> <td colspan="2"> <span>' . round($achievement_point_credits / $achievement_point_points) . ' ' . lang("edit", "credits") . '</span> <img src="img/information.png" style="position: relative; top: 4px;" onmousemove="oldtoolTip(\'' . lang("edit", "points_to_credits_round") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> </tr>'; } $output .= ' <tr> <td>' . lang("edit", "points_to_spend") . ':</td> <td colspan="2">'; if ($total_achieve_points - $screen_name["AchievePointsSpent"] > 0) { $output .= ' <input type="text" name="points_to_spend" value="0" />'; } else { $output .= ' <div style="display: none;"> <input type="hidden" name="points_to_spend" value="0" /> </div> <span>' . lang("edit", "insufficient_funds") . '</span>'; } $output .= ' </td> </tr> </table> </td> </tr>'; } $override_remember_me = $_COOKIE["corem_override_remember_me"]; if (!isset($override_remember_me)) { $override_remember_me = 1; } if ($remember_me_checked) { $output .= ' <tr> <td>' . lang("edit", "override") . ':</td> <td><input type="checkbox" name="override" value="1" ' . ($override_remember_me ? 'checked="checked"' : '') . ' /> </tr>'; } $output .= ' <tr> <td>'; makebutton(lang("edit", "update"), 'javascript:do_submit_data()" type="wrn', 130); $output .= ' </td> <td colspan="2">'; makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> </form> </div> <br /> <div id="edit_profile_fieldset" class="fieldset_border center"> <span class="legend">' . lang("edit", "profile_options") . '</span> <form action="edit.php" method="get" id="form3"> <div> <input type="hidden" name="action" value="profile_set" /> </div> <table class="hidden" id="edit_profile_table"> <tr> <td align="left" colspan="3">' . lang("edit", "profile_info") . '</td> </tr> <tr> <td align="left" colspan="3"> <textarea name="profileinfo" rows="6" cols="65">' . $screen_name["Info"] . '</textarea> </td> </tr> <tr> <td></td> </tr> <tr> <td></td> </tr> <tr> <td align="left" colspan="3">' . lang("edit", "signature") . '</td> </tr> <tr> <td align="left" colspan="3">'; bbcode_add_editor(); $output .= ' </td> </tr> <tr> <td align="left" colspan="3"> <textarea id="msg" name="signature" rows="6" cols="65">' . $screen_name["Signature"] . '</textarea> </td> </tr> <tr> <td></td> </tr> <tr> <td></td> </tr> <tr> <td align="left" colspan="3">' . lang("edit", "prefavatar") . '</td> </tr>'; if ($screen_name["SecurityLevel"] == 0) { if ($screen_name["Avatar"] == '') { if ($core == 1) { $avatar_query = "SELECT acct, name, gender, race, class, level,\n (SELECT gm FROM `" . $logon_db["name"] . "`.accounts WHERE `" . $logon_db["name"] . "`.accounts.acct=`" . $characters_db[$realm_id]['name'] . "`.characters.acct) AS gmlevel,\n (SELECT login FROM `" . $logon_db["name"] . "`.accounts WHERE `" . $logon_db["name"] . "`.accounts.acct=`" . $characters_db[$realm_id]['name'] . "`.characters.acct) AS login\n FROM `" . $characters_db[$realm_id]['name'] . "`.characters\n WHERE level IN (SELECT MAX(level) FROM `" . $characters_db[$realm_id]['name'] . "`.characters WHERE acct='" . $user_id . "')"; } elseif ($core == 2) { $avatar_query = "SELECT account AS acct, name, gender, race, class, level,\n (SELECT gmlevel FROM `" . $logon_db["name"] . "`.account WHERE `" . $logon_db["name"] . "`.account.id=`" . $characters_db[$realm_id]['name'] . "`.characters.account) AS gmlevel,\n (SELECT username FROM `" . $logon_db["name"] . "`.account WHERE `" . $logon_db["name"] . "`.account.id=`" . $characters_db[$realm_id]['name'] . "`.characters.account) AS login\n FROM `" . $characters_db[$realm_id]['name'] . "`.characters\n WHERE level IN (SELECT MAX(level) FROM `" . $characters_db[$realm_id]['name'] . "`.characters WHERE account='" . $user_id . "') AND account='" . $user_id . "'"; } else { $avatar_query = "SELECT account AS acct, name, gender, race, class, level,\n (SELECT gmlevel FROM `" . $logon_db["name"] . "`.account_access WHERE `" . $logon_db["name"] . "`.account_access.id=`" . $characters_db[$realm_id]['name'] . "`.characters.account) AS gmlevel,\n (SELECT username FROM `" . $logon_db["name"] . "`.account WHERE `" . $logon_db["name"] . "`.account.id=`" . $characters_db[$realm_id]['name'] . "`.characters.account) AS login\n FROM `" . $characters_db[$realm_id]['name'] . "`.characters\n WHERE level IN (SELECT MAX(level) FROM `" . $characters_db[$realm_id]['name'] . "`.characters WHERE account='" . $user_id . "') AND account='" . $user_id . "'"; } $avatar_result = $sql["char"]->query($avatar_query); $avatar_fields = $sql["char"]->fetch_assoc($avatar_result); $avatar = gen_avatar_panel($avatar_fields["level"], $avatar_fields["gender"], $avatar_fields["race"], $avatar_fields["class"], 1, 0); $screen_name["avatarlevel"] = $avatar_fields["level"]; $screen_name["avatarrace"] = $avatar_fields["race"]; $screen_name["avatarclass"] = $avatar_fields["class"]; $screen_name["avatarsex"] = $avatar_fields["gender"]; } else { $avatar = gen_avatar_panel($screen_name["avatarlevel"], $screen_name["avatarsex"], $screen_name["avatarrace"], $screen_name["avatarclass"], 1, $screen_name["SecurityLevel"]); } $output .= ' <tr> <td id="forum_topic_avatar" rowspan="6"> <center>' . $avatar . '</center> </td> <tr> <td>' . lang("edit", "usedefault") . ':</td> <td><input type="checkbox" name="use_default" value="1" ' . ($screen_name["Avatar"] == '' ? 'checked="checked"' : '') . ' /> ' . lang("edit", "usedefaultinfo") . '</td> </tr> <td>' . lang("edit", "gender") . ':</td> <td> <select name="avatargender"> <option value="0" ' . ($screen_name["avatarsex"] == 0 ? 'selected="selected"' : '') . ' >' . lang("edit", "male") . '</option> <option value="1" ' . ($screen_name["avatarsex"] == 1 ? 'selected="selected"' : '') . ' >' . lang("edit", "female") . '</option> </select> </td> </tr> <tr> <td>' . lang("edit", "race") . ':</td> <td> <select name="avatarrace">'; $races = array(1 => array(1, lang("id_tab", "human")), 2 => array(2, lang("id_tab", "orc")), 3 => array(3, lang("id_tab", "dwarf")), 4 => array(4, lang("id_tab", "nightelf")), 5 => array(5, lang("id_tab", "undead")), 6 => array(6, lang("id_tab", "tauren")), 7 => array(7, lang("id_tab", "gnome")), 8 => array(8, lang("id_tab", "troll")), 10 => array(10, lang("id_tab", "bloodelf")), 11 => array(11, lang("id_tab", "draenei"))); foreach ($races as $race) { $output .= ' <option value="' . $race[0] . '" ' . ($screen_name["avatarrace"] == $race[0] ? 'selected="selected"' : '') . ' >' . $race[1] . '</option>'; } $output .= ' </select> </td> </tr> <tr> <td>' . lang("edit", "class") . ':</td> <td> <select name="avatarclass">'; $classes = $class_names = array(1 => array(1, lang("id_tab", "warrior")), 2 => array(2, lang("id_tab", "paladin")), 3 => array(3, lang("id_tab", "hunter")), 4 => array(4, lang("id_tab", "rogue")), 5 => array(5, lang("id_tab", "priest")), 6 => array(6, lang("id_tab", "death_knight")), 7 => array(7, lang("id_tab", "shaman")), 8 => array(8, lang("id_tab", "mage")), 9 => array(9, lang("id_tab", "warlock")), 11 => array(11, lang("id_tab", "druid"))); foreach ($classes as $class) { $output .= ' <option value="' . $class[0] . '" ' . ($screen_name["avatarclass"] == $class[0] ? 'selected="selected"' : '') . ' >' . $class[1] . '</option>'; } $output .= ' </select> </td> </tr> <tr> <td>' . lang("edit", "level") . ':</td> <td> <input type="text" name="avatarlevel" value="' . $screen_name["avatarlevel"] . '" /> </td> </tr>'; } else { $output .= ' <tr> <td id="forum_topic_avatar" rowspan="4"> <div>' . gen_avatar_panel($screen_name["avatarlevel"], $screen_name["avatarsex"], $screen_name["avatarrace"], $screen_name["avatarclass"], 0, $screen_name["SecurityLevel"]) . '</div> </td> <td>' . lang("edit", "gender") . ':</td> <td>' . lang("edit", "unavailable") . '</td> </tr> <tr> <td>' . lang("edit", "race") . ':</td> <td>' . lang("edit", "unavailable") . '</td> </tr> <tr> <td>' . lang("edit", "class") . ':</td> <td>' . lang("edit", "unavailable") . '</td> </tr> <tr> <td>' . lang("edit", "level") . ':</td> <td>' . lang("edit", "unavailable") . '</td> </tr>'; } $output .= ' <tr> <td></td> </tr> <tr> <td></td> </tr> <tr> <td align="left" colspan="3">' . lang("edit", "viewmods") . '</td> </tr> <tr> <td>' . lang("char", "char_sheet") . ':</td> <td colspan="2"> <select name="viewmod_sheet"> <option value="0" ' . ($screen_name["View_Mod_Sheet"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option> <!-- option value="1" ' . ($screen_name["View_Mod_Sheet"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option --> <option value="2" ' . ($screen_name["View_Mod_Sheet"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option> </select> </td> </tr> <tr> <td>' . lang("char", "achievements") . ':</td> <td colspan="2"> <select name="viewmod_achieve"> <option value="0" ' . ($screen_name["View_Mod_Achieve"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option> <!-- option value="1" ' . ($screen_name["View_Mod_Achieve"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option --> <option value="2" ' . ($screen_name["View_Mod_Achieve"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option> </select> </td> </tr> <tr> <td>' . lang("char", "friends") . ':</td> <td colspan="2"> <select name="viewmod_friends"> <option value="0" ' . ($screen_name["View_Mod_Friends"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option> <!-- option value="1" ' . ($screen_name["View_Mod_Friends"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option --> <option value="2" ' . ($screen_name["View_Mod_Friends"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option> </select> </td> </tr> <tr> <td>' . lang("char", "inventory") . ':</td> <td colspan="2"> <select name="viewmod_inv"> <option value="0" ' . ($screen_name["View_Mod_Inv"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option> <!-- option value="1" ' . ($screen_name["View_Mod_Inv"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option --> <option value="2" ' . ($screen_name["View_Mod_Inv"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option> </select> </td> </tr> <tr> <td>' . lang("char", "pets") . ':</td> <td colspan="2"> <select name="viewmod_pets"> <option value="0" ' . ($screen_name["View_Mod_Pets"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option> <!-- option value="1" ' . ($screen_name["View_Mod_Pets"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option --> <option value="2" ' . ($screen_name["View_Mod_Pets"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option> </select> </td> </tr> <tr> <td>' . lang("char", "pvp") . ':</td> <td colspan="2"> <select name="viewmod_pvp"> <option value="0" ' . ($screen_name["View_Mod_PvP"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option> <!-- option value="1" ' . ($screen_name["View_Mod_PvP"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option --> <option value="2" ' . ($screen_name["View_Mod_PvP"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option> </select> </td> </tr> <tr> <td>' . lang("char", "quests") . ':</td> <td colspan="2"> <select name="viewmod_quests"> <option value="0" ' . ($screen_name["View_Mod_Quest"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option> <!-- option value="1" ' . ($screen_name["View_Mod_Quest"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option --> <option value="2" ' . ($screen_name["View_Mod_Quest"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option> </select> </td> </tr> <tr> <td>' . lang("char", "reputation") . ':</td> <td colspan="2"> <select name="viewmod_rep"> <option value="0" ' . ($screen_name["View_Mod_Rep"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option> <!-- option value="1" ' . ($screen_name["View_Mod_Rep"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option --> <option value="2" ' . ($screen_name["View_Mod_Rep"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option> </select> </td> </tr> <tr> <td>' . lang("char", "skills") . ':</td> <td colspan="2"> <select name="viewmod_skills"> <option value="0" ' . ($screen_name["View_Mod_Skill"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option> <!-- option value="1" ' . ($screen_name["View_Mod_Skill"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option --> <option value="2" ' . ($screen_name["View_Mod_Skill"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option> </select> </td> </tr> <tr> <td>' . lang("char", "talents") . ':</td> <td colspan="2"> <select name="viewmod_talents"> <option value="0" ' . ($screen_name["View_Mod_Talent"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option> <!-- option value="1" ' . ($screen_name["View_Mod_Talent"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option --> <option value="2" ' . ($screen_name["View_Mod_Talent"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option> </select> </td> </tr> <tr> <td>' . lang("char", "view") . ':</td> <td colspan="2"> <select name="viewmod_view"> <option value="0" ' . ($screen_name["View_Mod_View"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option> <!-- option value="1" ' . ($screen_name["View_Mod_View"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option --> <option value="2" ' . ($screen_name["View_Mod_View"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option> </select> </td> </tr> <tr> <td></td> </tr> <tr> <td>'; makebutton(lang("edit", "save"), 'javascript:do_submit(\'form3\', 0)', 130); $output .= ' </td> </tr> </table> </form> </div> <div id="edit_invites_fieldset" class="fieldset_border center"> <span class="legend">' . lang("edit", "invite_options") . '</span> <table class="hidden" id="edit_invites_table"> <tr> <td align="left">' . lang("edit", "invite_email") . ': </td> <td align="right"> <form action="edit.php" method="get" id="form4"> <div> <input type="hidden" name="action" value="send_invite" /> <input type="text" name="invite_email" value="" size="30" /> </div> </form> </td> </tr> <tr> <td colspan="2">'; makebutton(lang("edit", "sendinvite"), 'javascript:do_submit(\'form4\', 0)', 130); $output .= ' </td> </tr> <tr> <td> </td> </tr> <tr> <td align="left" colspan="2">' . lang("edit", "active_invites") . ': </td> </tr> <tr> <td colspan="2"> <table class="lined" id="active_invites_table"> <tr> <th style="width: 15%;">Delete</th> <th>Email</th> <th style="width: 15%">Resend</th> </tr>'; $invites_query = "SELECT * FROM invitations WHERE issuer_acct_id='" . $user_id . "'"; $invites_result = $sql["mgr"]->query($invites_query); while ($row = $sql["mgr"]->fetch_assoc($invites_result)) { $output .= ' <tr> <td> <a href="edit.php?action=delete_invite&key=' . $row["invitation_key"] . '"> <img src="img/aff_cross.png" alt="Delete" /> </a> </td> <td>' . $row["invited_email"] . '</td> <td> <a href="edit.php?action=resend_invite&key=' . $row["invitation_key"] . '"> <img src="img/add.png" alt="Resend" /> </a> </td> </tr>'; } $output .= ' </table> </td> </tr> </table> </div> <br /> <div id="edit_prizebags_fieldset" class="fieldset_border center"> <span class="legend">' . lang("edit", "my_bags") . '</span> <table class="hidden" id="edit_prizebags_table">'; // $bag_query = "SELECT * FROM point_system_prize_bags WHERE owner='" . $user_id . "'"; $bag_result = $sql["mgr"]->query($bag_query); $output_temp = '<tr><td style="display: none;"></td></tr>'; while ($bag = $sql["mgr"]->fetch_assoc($bag_result)) { $output_temp .= ' <tr> <td align="right"> <a href="point_system.php?action=view_bag&bag_id=' . $bag["entry"] . '"> <img src="' . get_item_icon(1725) . '" alt="" /> </a> </td> <td align="left"> <span> ' . $bag["slots"] . ' ' . lang("edit", "bag_slots") . '</span> </td> </tr>'; } $output .= $output_temp; $output .= ' </table> </div> <br /> <div id="edit_theme_fieldset" class="fieldset_border center"> <span class="legend">' . lang("edit", "theme_options") . '</span> <table class="hidden" id="edit_theme_table"> <tr> <td align="left">' . lang("edit", "select_layout_lang") . ': </td> <td align="right"> <form action="edit.php" method="get" id="form1"> <div> <input type="hidden" name="action" value="lang_set" /> <select name="lang"> <optgroup label="' . lang("edit", "language") . '">'; if (is_dir('./lang')) { if ($dh = opendir('./lang')) { while (($file = readdir($dh)) == true) { $lang = explode('.', $file); if (isset($lang[1]) && $lang[1] == 'php') { $output .= ' <option value="' . $lang[0] . '"' . (isset($_COOKIE["corem_lang"]) && $_COOKIE["corem_lang"] == $lang[0] ? ' selected="selected" ' : '') . '>' . lang("edit", $lang[0]) . '</option>'; } } closedir($dh); } } $output .= ' </optgroup> </select> </div> </form> </td> <td>'; makebutton(lang("edit", "save"), 'javascript:do_submit(\'form1\', 0)', 130); $output .= ' </td> </tr> <tr> <td align="left">' . lang("edit", "select_theme") . ': </td> <td align="right"> <form action="edit.php" method="get" id="form2"> <div> <input type="hidden" name="action" value="theme_set" /> <select name="theme"> <optgroup label="' . lang("edit", "theme") . '">'; if (is_dir('./themes')) { if ($dh = opendir('./themes')) { while (($file = readdir($dh)) == true) { if ($file == '.' || $file == '..' || $file == '.htaccess' || $file == 'index.html' || $file == '.svn') { } else { $output .= ' <option value="' . $file . '"' . (isset($_COOKIE["corem_theme"]) && $_COOKIE["corem_theme"] == $file ? ' selected="selected" ' : '') . '>' . $file . '</option>'; } } closedir($dh); } } $output .= ' </optgroup> </select> </div> </form> </td> <td>'; makebutton(lang("edit", "save"), 'javascript:do_submit(\'form2\',0)', 130); $output .= ' </td> </tr> </table> </div> <br />'; } else { error(lang("global", "err_no_records_found")); } }
function view_raffle() { global $output, $coupon_id, $raffle_id, $bag_id, $characters_db, $user_id, $user_name, $base_datasite, $item_datasite, $sql, $core; points_tabs(); if (!isset($_GET["purchased"])) { $query = "SELECT * FROM point_system_raffles WHERE entry='" . $raffle_id . "'"; $result = $sql["mgr"]->query($query); $raffle = $sql["mgr"]->fetch_assoc($result); $my_usage_query = "SELECT * FROM point_system_raffle_tickets WHERE raffle='" . $raffle_id . "' AND user='******'"; $my_usage_result = $sql["mgr"]->query($my_usage_query); $my_usage_count = $sql["mgr"]->num_rows($my_usage_result); $usage_query = "SELECT * FROM point_system_raffle_tickets WHERE raffle='" . $raffle_id . "'"; $usage_result = $sql["mgr"]->query($usage_query); $usage_count = $sql["mgr"]->num_rows($usage_result); $output .= ' <div class="tab_content center">'; // make sure we're allowed to use this coupon if ($raffle["tickets_per_user"] <= $my_usage_count && $raffle["tickets_per_user"] != -1 || $usage_count >= $raffle["ticket_limit"] && $raffle["ticket_limit"] != -1) { $output .= ' <span class="error">' . lang("points", "cannot_purchase_ticket") . '</span>'; } else { $output .= ' <form action="point_system.php" id="form1"> <input type="hidden" name="action" value="do_purchase" /> <input type="hidden" name="raffle_id" value="' . $raffle_id . '" /> <table class="lined" id="coupon_table"> <tr> <td align="left">' . $raffle["title"] . '</td> </tr>'; if ($raffle["text"] != "") { $output .= ' <tr> <td align="left">' . $raffle["text"] . '</td> </tr>'; } $output .= ' <tr> <td align="left"><span>' . lang("points", "drawing") . '</span>: ' . $raffle["drawing"] . '</td> </tr>'; if ($raffle["credits"] != 0 || $raffle["money"] != 0 || $raffle["item_id"] != 0) { $output .= ' <tr> <td> <div class="coupon_parts">' . lang("points", "raffle_prizes") . ':</div>'; if ($raffle["credits"] != 0) { if ($raffle["credits"] > 1) { $tip = lang("points", "raffle_credits"); } else { $tip = lang("points", "raffle_credit"); } $output .= ' <div class="coupon_parts"> <span>' . $raffle["credits"] . '</span> <span>' . $tip . '</span> </div>'; } if ($raffle["money"] != 0) { // extract gold/silver/copper from single gold number $raffle["money"] = str_pad($raffle["money"], 4, "0", STR_PAD_LEFT); $raffle_g = substr($raffle["money"], 0, -4); if ($raffle_g == "") { $raffle_g = 0; } $raffle_s = substr($raffle["money"], -4, 2); if ($raffle_s == "" || $raffle_s == "00") { $raffle_s = 0; } $raffle_c = substr($raffle["money"], -2); if ($raffle_c == "" || $raffle_c == "00") { $raffle_c = 0; } $output .= ' <div class="coupon_parts"> <span>' . $raffle_g . '</span> <img src="img/gold.gif" alt="gold" style="position: relative; bottom: -6px;" /> <span>' . $raffle_s . '</span> <img src="img/silver.gif" alt="silver" style="position: relative; bottom: -6px;" /> <span>' . $raffle_c . '</span> <img src="img/copper.gif" alt="copper" style="position: relative; bottom: -6px;" /> </div>'; } if ($raffle["item_id"] != 0) { if ($raffle["item_id"] > 0) { // get item data if ($core == 1) { $i_query = "SELECT \r\n *, description AS description1, name1 AS name, quality AS Quality, inventorytype AS InventoryType, \r\n socket_color_1 AS socketColor_1, socket_color_2 AS socketColor_2, socket_color_3 AS socketColor_3,\r\n requiredlevel AS RequiredLevel, allowableclass AS AllowableClass,\r\n sellprice AS SellPrice, itemlevel AS ItemLevel\r\n FROM items " . ($locales_search_option != 0 ? "LEFT JOIN items_localized ON (items_localized.entry=items.entry AND language_code='" . $locales_search_option . "') " : " ") . "WHERE items.entry='" . $raffle["item_id"] . "'"; } else { $i_query = "SELECT *, description AS description1 FROM item_template " . ($locales_search_option != 0 ? "LEFT JOIN locales_item ON locales_item.entry=item_template.entry " : " ") . "WHERE item_template.entry='" . $raffle["item_id"] . "'"; } $i_result = $sql["world"]->query($i_query); $i = $sql["world"]->fetch_assoc($i_result); $output .= ' <div class="coupon_parts"> <div class="coupon_item"> <div> <a id="ch_inv_padding" href="' . $base_datasite . $item_datasite . $raffle["item_id"] . '" rel="external" onmouseover="ShowTooltip(this,\'_b\');" onmouseout="HideTooltip(\'_b\');"> <img src="' . get_item_icon($raffle["item_id"]) . '" alt="" /> </a>'; if ($raffle["item_count"] > 1) { $output .= ' <div id="coupon_item_quantity_shadow">' . $raffle["item_count"] . '</div> <div id="coupon_item_quantity">' . $raffle["item_count"] . '</div>'; } $output .= ' </div>'; // build a tooltip object for this item $output .= ' <div class="item_tooltip" id="tooltip_b" style="left: -129px; top: 42px;"> <table> <tr> <td>' . get_item_tooltip($i, $item[4], $item[5], $item[6], $item[7], $item[8]) . '</td> </tr> </table> </div>'; $output .= ' </div> </div>'; } else { $output .= ' <div class="coupon_parts"> <div> <a href="point_system.php?action=view_bag&bag_id=' . $coupon["item_id"] * -1 . '&raffle_id=' . $raffle_id . '" onmousemove="oldtoolTip(\'' . lang("points", "prize_bag") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()"> <img src="' . get_item_icon(1725) . '" alt="" /> </a> </div> </div>'; } } $output .= ' </td> </tr> <tr> <td> <div class="coupon_parts">' . lang("points", "ticket_cost") . ':</div>'; if ($raffle["cost_credits"] != 0) { // get our credit balance $query = "SELECT credits FROM config_accounts WHERE Login='******'"; $result = $sql["mgr"]->query($query); $result = $sql["mgr"]->fetch_assoc($result); $credits = $result["credits"]; // check our funds vs Unlimited and the raffle's requirement $insufficient = false; if ($credits < $raffle["cost_credits"] && $credits > -1) { $insufficient = true; } if ($raffle["cost_credits"] > 1) { $tip = lang("points", "raffle_credits"); } else { $tip = lang("points", "raffle_credit"); } $output .= ' <div class="coupon_parts"> <span>' . $raffle["cost_credits"] . '</span> <span>' . $tip . '</span> <span class="points_credit_highlight">' . ($credits > -1 ? ' ' . lang("points", "balance") . ': ' . rtrim($credits, "0.") : '') . '</span> <span class="points_credit_highlight">' . ($insufficient ? ' <b>(' . lang("points", "insufficient_funds") . ')</b>' : '') . '</span> <span class="points_credit_highlight">' . ($credits <= -1 ? ' <b>(' . lang("points", "unlimited") . ')</b>' : '') . '</span> </div>'; } if ($raffle["cost_money"] != 0) { // extract gold/silver/copper from single gold number $raffle["cost_money"] = str_pad($raffle["cost_money"], 4, "0", STR_PAD_LEFT); $raffle_cost_g = substr($raffle["cost_money"], 0, -4); if ($raffle_cost_g == "") { $raffle_cost_g = 0; } $raffle_cost_s = substr($raffle["cost_money"], -4, 2); if ($raffle_cost_s == "" || $raffle_cost_s == "00") { $raffle_cost_s = 0; } $raffle_cost_c = substr($raffle["cost_money"], -2); if ($raffle_cost_c == "" || $raffle_cost_c == "00") { $raffle_cost_c = 0; } $output .= ' <div class="coupon_parts"> <span>' . $raffle_cost_g . '</span> <img src="img/gold.gif" alt="gold" style="position: relative; bottom: -6px;" /> <span>' . $raffle_cost_s . '</span> <img src="img/silver.gif" alt="silver" style="position: relative; bottom: -6px;" /> <span>' . $raffle_cost_c . '</span> <img src="img/copper.gif" alt="copper" style="position: relative; bottom: -6px;" /> </div>'; $output .= ' <div class="coupon_part_title"> <span>' . lang("points", "choose_char_use_money") . ':</span> </div>'; // get characters $char_list = array(); $realm_list = array(); foreach ($characters_db as $db) { $sqlt = new SQL(); $sqlt->connect($db["addr"], $db["user"], $db["pass"], $db["name"], $db["encoding"]); $realm_char_list = array(); // store the realm id for later $realm_list[] = $db["id"]; if ($core == 1) { $char_query = "SELECT guid FROM characters WHERE acct='" . $user_id . "' ORDER BY guid ASC"; } else { $char_query = "SELECT guid FROM characters WHERE account='" . $user_id . "' ORDER BY guid ASC"; } $char_result = $sqlt->query($char_query); while ($row = $sqlt->fetch_assoc($char_result)) { $realm_char_list[] = $row["guid"]; } $char_list[] = $realm_char_list; } for ($i = 0; $i < count($char_list); $i++) { $realm_chars = $char_list[$i]; $cur_realm = $realm_list[$i]; $realm_name_query = "SELECT * FROM config_servers WHERE `Index`='" . $cur_realm . "'"; $realm_name_result = $sql["mgr"]->query($realm_name_query); $realm_name_result = $sql["mgr"]->fetch_assoc($realm_name_result); $cur_realm_name = $realm_name_result["Name"]; $sqlt = new SQL(); $sqlt->connect($characters_db[$cur_realm]["addr"], $characters_db[$cur_realm]["user"], $characters_db[$cur_realm]["pass"], $characters_db[$cur_realm]["name"], $characters_db[$cur_realm]["encoding"]); if (count($realm_list) > 1) { $output .= ' <div class="coupon_part_chars"> <span>' . $cur_realm_name . '</span> </div>'; } $output .= ' <div class="coupon_part_chars"> <div class="fake_table">'; $first = true; // we want the first character to be selected foreach ($realm_chars as $row) { if ($core == 1) { $char_query = "SELECT *, gold AS money FROM characters WHERE guid='" . $row . "'"; } else { $char_query = "SELECT * FROM characters WHERE guid='" . $row . "'"; } $char_result = $sqlt->query($char_query); $char = $sqlt->fetch_assoc($char_result); // extract gold/silver/copper from single gold number $char["money"] = str_pad($char["money"], 4, "0", STR_PAD_LEFT); $char_g = substr($char["money"], 0, -4); if ($char_g == "") { $char_g = 0; } $char_s = substr($char["money"], -4, 2); if ($char_s == "" || $char_s == "00") { $char_s = 0; } $char_c = substr($char["money"], -2); if ($char_c == "" || $char_c == "00") { $char_c = 0; } $output .= ' <div class="fake_table_cell"> <input type="radio" name="money_character" value="' . ($i + 1) . "-" . $row . '-' . $char["name"] . '"' . (isset($first) ? ' checked="checked"' : '') . ($char["online"] || $char["money"] < $raffle["cost_money"] ? ' disabled="disabled"' : '') . ' /> <a href="char.php?id=' . $row . '&realm=' . $cur_realm . '">' . $char["name"] . '</a> - <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt=""/> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . ' </div> <div class="fake_table_cell"> <span>' . $char_g . '</span> <img src="img/gold.gif" alt="gold" style="position: relative; bottom: -6px;" /> <span>' . $char_s . '</span> <img src="img/silver.gif" alt="silver" style="position: relative; bottom: -6px;" /> <span>' . $char_c . '</span> <img src="img/copper.gif" alt="copper" style="position: relative; bottom: -6px;" /> </div>'; unset($first); } } } $output .= ' </div> </div> </td> </tr>'; } if ($raffle["tickets_per_user"] > 1) { $output .= ' <tr> <td> <div class="coupon_parts">' . lang("points", "tickets_purchased") . ': <b>' . $my_usage_count . '</b></div> </td> </tr>'; } $output .= ' <tr> <td align="right"> <a href="javascript:do_submit(\'form1\',0)"> <img src="img/aff_tick.png" width="16" height="16" alt="" /> <span> ' . lang("points", "confirm_purchase") . '</span> </a> </td> </tr> </table> </form>'; } } else { $output .= ' <div class="tab_content center">'; $output .= ' <span>' . lang("points", "purchased") . '</span>'; } $output .= ' </div> <br /> <!-- end of point_system.php -->'; }
function char_skill() { global $output, $realm_id, $characters_db, $corem_db, $action_permission, $user_lvl, $site_encoding, $user_name, $base_datasite, $skill_datasite, $sql, $core; //wowhead_tt(); if (empty($_GET["id"])) { error(lang("global", "empty_fields")); } // this is multi realm support, as of writing still under development // this page is already implementing it if (empty($_GET["realm"])) { $realmid = $realm_id; } else { $realmid = $sql["logon"]->quote_smart($_GET["realm"]); if (is_numeric($realmid)) { $sql["char"]->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name'], $characters_db[$realmid]["encoding"]); } else { $realmid = $realm_id; } } $id = $sql["char"]->quote_smart($_GET["id"]); if (!is_numeric($id)) { $id = 0; } $order_by = isset($_GET["order_by"]) ? $sql["char"]->quote_smart($_GET["order_by"]) : 1; $dir = isset($_GET["dir"]) ? $sql["char"]->quote_smart($_GET["dir"]) : 1; if (!preg_match('/^[01]{1}$/', $dir)) { $dir = 1; } $order_dir = $dir ? 'ASC' : 'DESC'; $dir = $dir ? 0 : 1; if ($core == 1) { $result = $sql["char"]->query('SELECT acct, name, race, class, level, gender FROM characters WHERE guid = ' . $id . ' LIMIT 1'); } else { $result = $sql["char"]->query('SELECT account AS acct, name, race, class, level, gender FROM characters WHERE guid = ' . $id . ' LIMIT 1'); } if ($sql["char"]->num_rows($result)) { $char = $sql["char"]->fetch_assoc($result); // we get user permissions first $owner_acc_id = $sql["char"]->result($result, 0, 'acct'); if ($core == 1) { $result = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $char["acct"] . "'"); } else { $result = $sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $char["acct"] . "'"); } $owner_name = $sql["logon"]->result($result, 0, 'login'); $s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='******'"; $s_result = $sql["mgr"]->query($s_query); $s_fields = $sql["mgr"]->fetch_assoc($s_result); $owner_gmlvl = $s_fields["gm"]; $view_mod = $s_fields["View_Mod_Skill"]; if ($owner_gmlvl >= 1073741824) { $owner_gmlvl -= 1073741824; } // owner configured overrides $view_override = false; if ($view_mod > 0) { if ($view_mod == 1) { } elseif ($view_mod == 2) { // only registered users may view this page if ($user_lvl > -1) { $view_override = true; } } } // visibility overrides for specific tabs $view_inv_override = false; if ($s_fields["View_Mod_Inv"] > 0) { if ($s_fields["View_Mod_Inv"] == 1) { } elseif ($s_fields["View_Mod_Inv"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_inv_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_inv_override = true; } } $view_talent_override = false; if ($s_fields["View_Mod_Talent"] > 0) { if ($s_fields["View_Mod_Talent"] == 1) { } elseif ($s_fields["View_Mod_Talent"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_talent_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_talent_override = true; } } $view_achieve_override = false; if ($s_fields["View_Mod_Achieve"] > 0) { if ($s_fields["View_Mod_Achieve"] == 1) { } elseif ($s_fields["View_Mod_Achieve"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_achieve_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_achieve_override = true; } } $view_quest_override = false; if ($s_fields["View_Mod_Quest"] > 0) { if ($s_fields["View_Mod_Quest"] == 1) { } elseif ($s_fields["View_Mod_Quest"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_quest_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_quest_override = true; } } $view_friends_override = false; if ($s_fields["View_Mod_Friends"] > 0) { if ($s_fields["View_Mod_Friends"] == 1) { } elseif ($s_fields["View_Mod_Friends"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_friends_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_friends_override = true; } } $view_view_override = false; if ($s_fields["View_Mod_View"] > 0) { if ($s_fields["View_Mod_View"] == 1) { } elseif ($s_fields["View_Mod_View"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_view_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_view_override = true; } } $view_pets_override = false; if ($s_fields["View_Mod_Pets"] > 0) { if ($s_fields["View_Mod_Pets"] == 1) { } elseif ($s_fields["View_Mod_Pets"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_pets_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_pets_override = true; } } $view_rep_override = false; if ($s_fields["View_Mod_Rep"] > 0) { if ($s_fields["View_Mod_Rep"] == 1) { } elseif ($s_fields["View_Mod_Rep"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_rep_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_rep_override = true; } } $view_pvp_override = false; if ($s_fields["View_Mod_PvP"] > 0) { if ($s_fields["View_Mod_PvP"] == 1) { } elseif ($s_fields["View_Mod_PvP"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_pvp_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_pvp_override = true; } } if ($view_override || $user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { if ($core == 1) { $result = $sql["char"]->query("SELECT data, name, race, class, level, gender FROM characters WHERE guid = '" . $id . "'"); $char = $sql["char"]->fetch_assoc($result); $char_data = explode(';', $char["data"]); } else { $result = $sql["char"]->query("SELECT name, race, class, level, gender FROM characters WHERE guid='" . $id . "'"); $char = $sql["char"]->fetch_assoc($result); $result = $sql["char"]->query("SELECT * FROM character_skills WHERE guid='" . $id . "'"); // make TC's skill data work like our treatment of Arc's $char_data = array(); $i = 0; while ($skill_row = $sql["char"]->fetch_assoc($result)) { $char_data[PLAYER_SKILL_INFO_1_1 + $i] = $skill_row["skill"]; $char_data[PLAYER_SKILL_INFO_1_1 + $i + 1] = $skill_row["value"]; $char_data[PLAYER_SKILL_INFO_1_1 + $i + 2] = $skill_row["max"]; $i += 3; } } $output .= ' <div class="tab"> <ul> <li class="selected"><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>'; if ($view_inv_override) { $output .= ' <li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "inventory") . '</a></li>'; } if ($view_talent_override) { $output .= ' ' . ($char["level"] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "talents") . '</a></li>') . ''; } if ($view_achieve_override) { $output .= ' <li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "achievements") . '</a></li>'; } if ($view_quest_override) { $output .= ' <li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "quests") . '</a></li>'; } if ($view_friends_override) { $output .= ' <li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "friends") . '</a></li>'; } if ($view_view_override) { $output .= ' <li><a href="char_view.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "view") . '</a></li>'; } $output .= ' </ul> </div> <div class="tab_content center"> <div class="tab"> <ul> <li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>'; if (char_get_class_name($char["class"]) == "Hunter" && $view_pets_override) { $output .= ' <li><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "pets") . '</a></li>'; } if ($view_rep_override) { $output .= ' <li><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "reputation") . '</a></li>'; } $output .= ' <li class="selected"><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "skills") . '</a></li>'; if ($view_pvp_override) { $output .= ' <li><a href="char_pvp.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "pvp") . '</a></li>'; } if ($owner_name == $user_name || $user_lvl >= get_page_permission("insert", "char_mail.php")) { $output .= ' <li><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "mail") . '</a></li>'; } $output .= ' </ul> </div> <div class="tab_content2 center center_text"> <span class="bold"> ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' - <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . ' </span> <br /> <br /> <table class="lined" id="ch_ski_main"> <tr> <th class="title" colspan="' . ($user_lvl ? '3' : '2') . '" align="left">' . lang("char", "skills") . '</th> </tr> <tr> ' . ($user_lvl ? '<th><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '&order_by=0&dir=' . $dir . '"' . ($order_by == 0 ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "skill_id") . '</a></th>' : '') . ' <th align="right"><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '&order_by=1&dir=' . $dir . '"' . ($order_by == 1 ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "skill_name") . '</a></th> <th><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '&order_by=2&dir=' . $dir . '"' . ($order_by == 2 ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "skill_value") . '</a></th> </tr>'; $skill_array = array(); $class_array = array(); $prof_1_array = array(); $prof_2_array = array(); $weapon_array = array(); $armor_array = array(); $language_array = array(); $skill_rank_array = array(75 => lang("char", "apprentice"), 150 => lang("char", "journeyman"), 225 => lang("char", "expert"), 300 => lang("char", "artisan"), 375 => lang("char", "master"), 450 => lang("char", "inherent"), 385 => lang("char", "wise")); for ($i = PLAYER_SKILL_INFO_1_1; $i <= PLAYER_SKILL_INFO_1_1 + 384; $i += 3) { if ($char_data[$i] && skill_get_name($char_data[$i] & 0xffff)) { $temp = unpack("S", pack("L", $char_data[$i + 1])); $skill = $char_data[$i] & 0xffff; if (skill_get_type($skill) == 6) { array_push($weapon_array, array($user_lvl ? $skill : '', skill_get_name($skill), $temp[1])); } elseif (skill_get_type($skill) == 7) { array_push($class_array, array($user_lvl ? $skill : '', skill_get_name($skill), $temp[1])); } elseif (skill_get_type($skill) == 8) { array_push($armor_array, array($user_lvl ? $skill : '', skill_get_name($skill), $temp[1])); } elseif (skill_get_type($skill) == 9) { array_push($prof_2_array, array($user_lvl ? $skill : '', skill_get_name($skill), $temp[1])); } elseif (skill_get_type($skill) == 10) { array_push($language_array, array($user_lvl ? $skill : '', skill_get_name($skill), $temp[1])); } elseif (skill_get_type($skill) == 11) { array_push($prof_1_array, array($user_lvl ? $skill : '', skill_get_name($skill), $temp[1])); } else { array_push($skill_array, array($user_lvl ? $skill : '', skill_get_name($skill), $temp[1])); } } } unset($char_data); aasort($skill_array, $order_by, $dir); aasort($class_array, $order_by, $dir); aasort($prof_1_array, $order_by, $dir); aasort($prof_2_array, $order_by, $dir); aasort($weapon_array, $order_by, $dir); aasort($armor_array, $order_by, $dir); aasort($language_array, $order_by, $dir); foreach ($skill_array as $data) { // this_is_junk: style left hardcoded because it's calculated. $max = $data[2] < $char["level"] * 5 ? $char["level"] * 5 : $data[2]; $output .= ' <tr> ' . ($user_lvl ? '<td>' . $data[0] . '</td>' : '') . ' <td align="right">' . $data[1] . '</td> <td class="bar skill_bar" style="background-position: ' . (round(385 * $data[2] / $max) - 385) . 'px;"> <span style="position: relative; top: -2px;">' . $data[2] . '/' . $max . '</span> </td> </tr>'; } if (count($class_array)) { $output .= ' <tr><th class="title" colspan="' . ($user_lvl ? '3' : '2') . '" align="left">' . lang("char", "classskills") . '</th></tr>'; } foreach ($class_array as $data) { $max = $data[2] < $char["level"] * 5 ? $char["level"] * 5 : $data[2]; $output .= ' <tr> ' . ($user_lvl ? '<td>' . $data[0] . '</td>' : '') . ' <td align="right"><a href="' . $base_datasite . $skill_datasite . '7.' . $char["class"] . '.' . $data[0] . '" rel="external">' . $data[1] . '</a></td> <td class="bar skill_bar" style="background-position: 0px;"> </td> </tr>'; } if (count($prof_1_array)) { $output .= ' <tr><th class="title" colspan="' . ($user_lvl ? '3' : '2') . '" align="left">' . lang("char", "professions") . '</th></tr>'; } foreach ($prof_1_array as $data) { // this_is_junk: style left hardcoded because it's calculated. $max = $data[2] < 76 ? 75 : ($data[2] < 151 ? 150 : ($data[2] < 226 ? 225 : ($data[2] < 301 ? 300 : ($data[2] < 376 ? 375 : ($data[2] < 376 ? 375 : 450))))); $output .= ' <tr> ' . ($user_lvl ? '<td>' . $data[0] . '</td>' : '') . ' <td align="right"><a href="' . $base_datasite . $skill_datasite . '11.' . $data[0] . '" rel="external">' . $data[1] . '</a></td> <td class="bar skill_bar" style="background-position: ' . (round(385 * $data[2] / $max) - 385) . 'px;"> <span style="position: relative; top: -2px;">' . $data[2] . '/' . $max . ' (' . $skill_rank_array[$max] . ')</span> </td> </tr>'; } if (count($prof_2_array)) { $output .= ' <tr><th class="title" colspan="' . ($user_lvl ? '3' : '2') . '" align="left">' . lang("char", "secondaryskills") . '</th></tr>'; } foreach ($prof_2_array as $data) { // this_is_junk: style left hardcoded because it's calculated. $max = $data[2] < 76 ? 75 : ($data[2] < 151 ? 150 : ($data[2] < 226 ? 225 : ($data[2] < 301 ? 300 : ($data[2] < 376 ? 375 : ($data[2] < 376 ? 375 : 450))))); $output .= ' <tr> ' . ($user_lvl ? '<td>' . $data[0] . '</td>' : '') . ' <td align="right"><a href="' . $base_datasite . $skill_datasite . '9.' . $data[0] . '" rel="external">' . $data[1] . '</a></td> <td class="bar skill_bar" style="background-position: ' . (round(385 * $data[2] / $max) - 385) . 'px;"> <span style="position: relative; top: -2px;">' . $data[2] . '/' . $max . ' (' . $skill_rank_array[$max] . ')</span> </td> </tr>'; } if (count($weapon_array)) { $output .= ' <tr><th class="title" colspan="' . ($user_lvl ? '3' : '2') . '" align="left">' . lang("char", "weaponskills") . '</th></tr>'; } foreach ($weapon_array as $data) { // this_is_junk: style left hardcoded because it's calculated. $max = $data[2] < $char["level"] * 5 ? $char["level"] * 5 : $data[2]; $output .= ' <tr> ' . ($user_lvl ? '<td>' . $data[0] . '</td>' : '') . ' <td align="right">' . $data[1] . '</td> <td class="bar skill_bar" style="background-position: ' . (round(385 * $data[2] / $max) - 385) . 'px;"> <span style="position: relative; top: -2px;">' . $data[2] . '/' . $max . '</span> </td> </tr>'; } if (count($armor_array)) { $output .= ' <tr><th class="title" colspan="' . ($user_lvl ? '3' : '2') . '" align="left">' . lang("char", "armorproficiencies") . '</th></tr>'; } foreach ($armor_array as $data) { $max = $data[2] < $char["level"] * 5 ? $char["level"] * 5 : $data[2]; $output .= ' <tr> ' . ($user_lvl ? '<td>' . $data[0] . '</td>' : '') . ' <td align="right">' . $data[1] . '</td> <td class="bar skill_bar" style="background-position: 0px;"> </td> </tr>'; } if (count($language_array)) { $output .= ' <tr><th class="title" colspan="' . ($user_lvl ? '3' : '2') . '" align="left">' . lang("char", "languages") . '</th></tr>'; } foreach ($language_array as $data) { // this_is_junk: style left hardcoded because it's calculated. $max = $data[2] < $char["level"] * 5 ? $char["level"] * 5 : $data[2]; $output .= ' <tr> ' . ($user_lvl ? '<td>' . $data[0] . '</td>' : '') . ' <td align="right">' . $data[1] . '</td> <td class="bar skill_bar" style="background-position: ' . (round(385 * $data[2] / $max) - 385) . 'px;"> <span style="position: relative; top: -2px;">' . $data[2] . '/' . $max . '</span> </td> </tr>'; } $output .= ' </table> <br /> </div> <br /> </div> <br /> <table class="hidden center"> <tr> <td>'; // button to user account page, user account page has own security makebutton(lang("char", "chars_acc"), 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130); $output .= ' </td> <td>'; // only higher level GM with delete access can edit character // character edit allows removal of character items, so delete permission is needed if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"]) { //makebutton($lang_char["edit_button"], 'char_edit.php?id='.$id.'&realm='.$realmid.'', 130); $output .= ' </td> <td>'; } // only higher level GM with delete access, or character owner can delete character if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"] || $owner_name === $user_name) { makebutton(lang("char", "del_char"), 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130); $output .= ' </td> <td>'; } // only GM with update permission can send mail, mail can send items, so update permission is needed if ($user_lvl >= $action_permission["update"]) { makebutton(lang("char", "send_mail"), 'mail.php?type=ingame_mail&to=' . $char["name"] . '', 130); $output .= ' </td> <td>'; } makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> <br /> <!-- end of char_achieve.php -->'; } else { error(lang("char", "no_permission")); } } else { error(lang("char", "no_char_found")); } }
function index(&$sqlr, &$sqlc, &$sqlm) { global $output, $lang_global, $lang_index, $realm_id, $mmfpm_db, $server, $action_permission, $user_lvl, $user_id, $showcountryflag, $motd_display_poster, $gm_online_count, $gm_online, $itemperpage; $output .= ' <div class="top">'; if (test_port($server[$realm_id]['addr'], $server[$realm_id]['game_port'])) { $stats = $sqlr->fetch_assoc($sqlr->query(' SELECT starttime, maxplayers FROM uptime WHERE realmid = ' . $realm_id . ' ORDER BY starttime DESC LIMIT 1'), 0); $uptimetime = time() - $stats['starttime']; $max_ever = $sqlr->fetch_assoc($sqlr->query(' SELECT maxplayers FROM uptime WHERE realmid = ' . $realm_id . ' ORDER BY maxplayers DESC LIMIT 1'), 0); function format_uptime($seconds) { $secs = intval($seconds % 60); $mins = intval($seconds / 60 % 60); $hours = intval($seconds / 3600 % 24); $days = intval($seconds / 86400); $uptimeString = ''; if ($days) { $uptimeString .= $days; $uptimeString .= 1 === $days ? ' day' : ' days'; } if ($hours) { $uptimeString .= (0 < $days ? ', ' : '') . $hours; $uptimeString .= 1 === $hours ? ' hour' : ' hours'; } if ($mins) { $uptimeString .= (0 < $days || 0 < $hours ? ', ' : '') . $mins; $uptimeString .= 1 === $mins ? ' minute' : ' minutes'; } if ($secs) { $uptimeString .= (0 < $days || 0 < $hours || 0 < $mins ? ', ' : '') . $secs; $uptimeString .= 1 === $secs ? ' second' : ' seconds'; } return $uptimeString; } $staticUptime = $lang_index['realm'] . ' <em>' . htmlentities(get_realm_name($realm_id)) . '</em> ' . $lang_index['online'] . ' for ' . format_uptime($uptimetime); unset($uptimetime); $output .= ' <div id="uptime"> <h1><font color="#55aa55">' . $staticUptime . '</font><br /></h1> </div> </div>'; unset($staticUptime); $online = true; } else { $output .= ' <h1><font class="error">' . $lang_index['realm'] . ' <em>' . htmlentities(get_realm_name($realm_id)) . '</em> ' . $lang_index['offline_or_let_high'] . '</font></h1> </div>'; $online = false; } $output .= ' <center> <fieldset> <legend>Info</legend> <table class="lined" style="width: 100%; display: table"> <tr> <th> ' . $lang_index['maxplayers'] . ': ' . $stats['maxplayers'] . '<br /> ' . $lang_index['maxplayersever'] . ': ' . $max_ever['maxplayers'] . ' </th> </tr> </table> </fieldset>'; unset($max_ever); unset($stats); $start_m = isset($_GET['start_m']) ? $sqlc->quote_smart($_GET['start_m']) : 0; if (is_numeric($start_m)) { } else { $start_m = 0; } //print online chars if ($online) { //==========================$_GET and SECURE================================= $start = isset($_GET['start']) ? $sqlc->quote_smart($_GET['start']) : 0; if (is_numeric($start)) { } else { $start = 0; } $order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : 'level'; if (preg_match('/^[_[:lower:]]{1,12}$/', $order_by)) { } else { $order_by = 'level'; } $dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 1; if (preg_match('/^[01]{1}$/', $dir)) { } else { $dir = 1; } $order_dir = $dir ? 'DESC' : 'ASC'; $dir = $dir ? 0 : 1; //==========================$_GET and SECURE end============================= if ($order_by === 'map') { $order_by = 'map ' . $order_dir . ', zone'; } elseif ($order_by === 'zone') { $order_by = 'zone ' . $order_dir . ', map'; } $order_side = ''; if ($user_lvl || $server[$realm_id]['both_factions']) { } else { $result = $sqlc->query(' SELECT race FROM characters WHERE account = ' . $user_id . ' AND totaltime = (SELECT MAX(totaltime) FROM characters WHERE account = ' . $user_id . ') LIMIT 1'); if ($sqlc->num_rows($result)) { $order_side = in_array($sqlc->result($result, 0), array(2, 5, 6, 8, 10)) ? ' AND race IN (2,5,6,8,10) ' : ' AND race IN (1,3,4,7,11) '; } } if ($order_by == 'ip') { $result = $sqlr->query(' SELECT id, last_ip FROM account WHERE active_realm_id != 1 ORDER BY last_ip ' . $order_dir . ' LIMIT ' . $start . ', ' . $itemperpage . ''); } else { $result = $sqlc->query(' SELECT c.guid, c.name, c.race, c.class, c.zone, c.map, c.level, c.account, c.gender, c.totalHonorPoints, COALESCE(guild_member.guildid,0) AS guildid FROM characters c LEFT JOIN guild_member ON guild_member.guid = c.guid WHERE c.online = 1 ' . ($gm_online == '0' ? 'AND c.extra_flags &1 = 0 ' : '') . $order_side . ' ORDER BY ' . $order_by . ' ' . $order_dir . ' LIMIT ' . $start . ', ' . $itemperpage); } $total_online = $sqlc->result($sqlc->query(' SELECT count(*) FROM characters WHERE online= 1' . ($gm_online_count == '0' ? ' AND extra_flags &1 = 0' : '')), 0); $output .= ' <center> <fieldset> <legend>' . $lang_index['tot_users_online'] . ': ' . $total_online . '</legend> <table class="lined" style="width: 100%; display: table"> <tr> <td colspan="' . (10 - $showcountryflag) . '" align="right" class="hidden" width="25%">'; $output .= generate_pagination('index.php?start_m=' . $start_m . '&order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1), $total_online, $itemperpage, $start); $output .= ' </td> </tr> <tr> <th width="15%"><a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=name&dir=' . $dir . '"' . ($order_by === 'name' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['name'] . '</a></th> <th width="1%"><a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=race&dir=' . $dir . '"' . ($order_by === 'race' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['race'] . '</a></th> <th width="1%"><a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=class&dir=' . $dir . '"' . ($order_by === 'class' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['class'] . '</a></th> <th width="5%"><a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=level&dir=' . $dir . '"' . ($order_by === 'level' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['level'] . '</a></th> <th width="1%"><a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=totalHonorPoints&dir=' . $dir . '"' . ($order_by === 'totalHonorPoints' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['rank'] . '</a></th> <th width="15%"><a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=guildid&dir=' . $dir . '"' . ($order_by === 'gname' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['guild'] . '</a></th> <th width="20%"><a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=map&dir=' . $dir . '"' . ($order_by === 'map ' . $order_dir . ', zone' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['map'] . '</a></th> <th width="25%"><a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=zone&dir=' . $dir . '"' . ($order_by === 'zone ' . $order_dir . ', map' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['zone'] . '</a></th>'; if ($showcountryflag) { require_once 'libs/misc_lib.php'; $output .= ' <th width="1%">' . $lang_global['country'] . '</th>'; } $output .= ' </tr>'; $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); while ($char = $sqlc->fetch_assoc($result)) { if ($order_by == 'ip') { $temp = $sqlc->fetch_assoc($sqlc->query(' SELECT characters.guid, characters.name, characters.race, characters.class, characters.zone, characters.map, characters.level, characters.account, characters.gender, characters.totalHonorPoints, COALESCE(guild_member.guildid,0) AS guildid FROM characters LEFT JOIN guild_member ON guild_member.guid = characters.guid WHERE characters.online= 1 ' . ($gm_online == '0' ? 'AND characters.extra_flags &1 = 0 ' : '') . $order_side . ' and account = ' . $char['id'])); if (isset($temp['guid'])) { $char = $temp; } else { continue; } } $gm = $sqlr->result($sqlr->query(' SELECT gmlevel FROM account WHERE id=' . $char['account'] . ''), 0); $guild_name = $sqlc->result($sqlc->query(' SELECT name FROM guild WHERE guildid=' . $char['guildid'] . '')); $output .= ' <tr> <td>'; if ($user_lvl >= $gm) { $output .= ' <a href="char.php?id=' . $char['guid'] . '"> <span onmousemove="toolTip(\'' . id_get_gm_level($gm) . '\', \'item_tooltip\')" onmouseout="toolTip()">' . htmlentities($char['name']) . '</span> </a>'; } else { $output .= ' ' . htmlentities($char['name']) . '</span>'; } $output .= ' </td> <td> <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /> </td> <td> <img src="img/c_icons/' . $char['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /> </td> <td>' . char_get_level_color($char['level']) . '</td> <td> <span onmouseover="toolTip(\'' . char_get_pvp_rank_name($char['totalHonorPoints'], char_get_side_id($char['race'])) . '\', \'item_tooltip\')" onmouseout="toolTip()" style="color: white;"><img src="img/ranks/rank' . char_get_pvp_rank_id($char['totalHonorPoints'], char_get_side_id($char['race'])) . '.gif" alt="" /></span> </td> <td> <a href="guild.php?action=view_guild&error=3&id=' . $char['guildid'] . '">' . htmlentities($guild_name) . '</a> </td> <td> <span onmousemove="toolTip(\'MapID:' . $char['map'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_map_name($char['map'], $sqlm) . '</span> </td> <td> <span onmousemove="toolTip(\'ZoneID:' . $char['zone'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_zone_name($char['zone'], $sqlm) . '</span> </td>'; if ($showcountryflag) { $country = misc_get_country_by_account($char['account'], $sqlr, $sqlm); $output .= ' <td> ' . ($country['code'] ? '<img src="img/flags/' . $country['code'] . '.png" onmousemove="toolTip(\'' . $country['country'] . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" />' : '-') . ' </td>'; } $output .= ' </tr>'; } $output .= ' <tr>'; $output .= ' <td colspan="' . (10 - $showcountryflag) . '" align="right" class="hidden" width="25%">'; $output .= generate_pagination('index.php?start_m=' . $start_m . '&order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1), $total_online, $itemperpage, $start); unset($total_online); $output .= ' </td> </tr> </table> </fieldset> <br /> </center>'; } }
function front(&$sqlr, &$sqlc, &$sqlm) { global $output, $lang_global, $lang_index, $realm_id, $world_db, $mmfpm_db, $server, $action_permission, $user_lvl, $user_id, $showcountryflag, $motd_display_poster, $gm_online_count, $gm_online, $itemperpage; $output .= ' <div class="top">'; if (test_port($server[$realm_id]['addr'], $server[$realm_id]['game_port'])) { $stats = $sqlr->fetch_assoc($sqlr->query('SELECT starttime, maxplayers FROM uptime WHERE realmid = ' . $realm_id . ' ORDER BY starttime DESC LIMIT 1'), 0); $uptimetime = time() - $stats['starttime']; function format_uptime($seconds) { $secs = intval($seconds % 60); $mins = intval($seconds / 60 % 60); $hours = intval($seconds / 3600 % 24); $days = intval($seconds / 86400); $uptimeString = ''; if ($days) { $uptimeString .= $days; $uptimeString .= 1 === $days ? ' day' : ' days'; } if ($hours) { $uptimeString .= (0 < $days ? ', ' : '') . $hours; $uptimeString .= 1 === $hours ? ' hour' : ' hours'; } if ($mins) { $uptimeString .= (0 < $days || 0 < $hours ? ', ' : '') . $mins; $uptimeString .= 1 === $mins ? ' minute' : ' minutes'; } if ($secs) { $uptimeString .= (0 < $days || 0 < $hours || 0 < $mins ? ', ' : '') . $secs; $uptimeString .= 1 === $secs ? ' second' : ' seconds'; } return $uptimeString; } $staticUptime = $lang_index['realm'] . ' <em>' . htmlentities(get_realm_name($realm_id)) . '</em> ' . $lang_index['online'] . ' for ' . format_uptime($uptimetime); unset($uptimetime); $output .= ' <div id="uptime"> <h1> <font color="#55aa55">' . $staticUptime . '<br />' . $lang_index['maxplayers'] . ': ' . $stats['maxplayers'] . '</font> </h1> </div>'; unset($staticUptime); unset($stats); $online = true; } else { $output .= ' <h1> <font class="error">' . $lang_index['realm'] . ' <em>' . htmlentities(get_realm_name($realm_id)) . '</em> ' . $lang_index['offline_or_let_high'] . '</font> </h1>'; $online = false; } $sqlw = new SQL(); $sqlw->connect($world_db[$realm_id]['addr'], $world_db[$realm_id]['user'], $world_db[$realm_id]['pass'], $world_db[$realm_id]['name']); // This retrieves the actual database version from the database itself, instead of hardcoding it into a string $version = $sqlw->fetch_assoc($sqlw->query('SELECT core_revision, db_version FROM version'), 0); $output .= ' ' . $lang_index['trinity_rev'] . ' ' . $version['core_revision'] . ' ' . $lang_index['using_db'] . ' ' . $version['db_version'] . ' </div>'; unset($version); //MOTD part $start_m = isset($_GET['start_m']) ? $sqlc->quote_smart($_GET['start_m']) : 0; if (is_numeric($start_m)) { } else { $start_m = 0; } $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); $all_record_m = $sqlm->result($sqlm->query('SELECT count(*) FROM mm_motd'), 0); if ($user_lvl >= $action_permission['delete']) { $output .= ' <script type="text/javascript"> // <![CDATA[ answerbox.btn_ok="' . $lang_global['yes_low'] . '"; answerbox.btn_cancel="' . $lang_global['no'] . '"; var del_motd = "motd.php?action=delete_motd&id="; // ]]> </script>'; } $output .= ' <center> <table class="lined"> <tr> <th align="right">'; if ($user_lvl >= $action_permission['insert']) { $output .= ' <a href="motd.php?action=add_motd">' . $lang_index['add_motd'] . '</a>'; } $output .= ' </th> </tr>'; if ($all_record_m) { $result = $sqlm->query('SELECT id, realmid, type, content FROM mm_motd WHERE realmid = ' . $realm_id . ' ORDER BY id DESC LIMIT ' . $start_m . ', 3'); while ($post = $sqlm->fetch_assoc($result)) { $output .= ' <tr> <td align="left" class="large"> <blockquote>' . bbcode_bbc2html($post['content']) . '</blockquote> </td> </tr> <tr> <td align="right">'; $motd_display_poster ? $output .= $post['type'] : ''; if ($user_lvl >= $action_permission['delete']) { $output .= ' <img src="img/cross.png" width="12" height="12" onclick="answerBox(\'' . $lang_global['delete'] . ': <font color=white>' . $post['id'] . '</font><br />' . $lang_global['are_you_sure'] . '\', del_motd + ' . $post['id'] . ');" style="cursor:pointer;" alt="" />'; } if ($user_lvl >= $action_permission['update']) { $output .= ' <a href="motd.php?action=edit_motd&error=3&id=' . $post['id'] . '"> <img src="img/edit.png" width="14" height="14" alt="" /> </a>'; } $output .= ' </td> </tr> <tr> <td class="hidden"></td> </tr>'; } if ($online) { $output .= '%%REPLACE_TAG%%'; } else { $output .= ' <tr> <td align="right" class="hidden">' . generate_pagination('index.php?start=0', $all_record_m, 3, $start_m, 'start_m') . '</td> </tr>'; } } $output .= ' </table>'; //print online chars if ($online) { //==========================$_GET and SECURE================================= $start = isset($_GET['start']) ? $sqlc->quote_smart($_GET['start']) : 0; if (is_numeric($start)) { } else { $start = 0; } $order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : 'level'; if (preg_match('/^[_[:lower:]]{1,12}$/', $order_by)) { } else { $order_by = 'level'; } $dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 1; if (preg_match('/^[01]{1}$/', $dir)) { } else { $dir = 1; } $order_dir = $dir ? 'DESC' : 'ASC'; $dir = $dir ? 0 : 1; //==========================$_GET and SECURE end============================= if ($order_by === 'map') { $order_by = 'map ' . $order_dir . ', zone'; } elseif ($order_by === 'zone') { $order_by = 'zone ' . $order_dir . ', map'; } $order_side = ''; if ($user_lvl || $server[$realm_id]['both_factions']) { } else { $result = $sqlc->query('SELECT race FROM characters WHERE account = ' . $user_id . ' AND totaltime = (SELECT MAX(totaltime) FROM characters WHERE account = ' . $user_id . ') LIMIT 1'); if ($sqlc->num_rows($result)) { $order_side = in_array($sqlc->result($result, 0), array(2, 5, 6, 8, 10)) ? ' AND race IN (2,5,6,8,10) ' : ' AND race IN (1,3,4,7,11) '; } } if ($order_by == 'ip') { $result = $sqlr->query('SELECT id, last_ip FROM account WHERE online = 1 ORDER BY last_ip ' . $order_dir . ' LIMIT ' . $start . ', ' . $itemperpage . ''); } else { $result = $sqlc->query('SELECT characters.guid, characters.name, characters.race, characters.class, characters.zone, characters.map, characters.level, characters.account, characters.gender, characters.totalHonorPoints, COALESCE(guild_member.guildid,0) AS guildid FROM characters LEFT JOIN guild_member ON guild_member.guid = characters.guid WHERE characters.online = 1 ' . ($gm_online == '0' ? 'AND characters.extra_flags &1 = 0 ' : '') . $order_side . ' ORDER BY ' . $order_by . ' ' . $order_dir . ' LIMIT ' . $start . ', ' . $itemperpage); } $total_online = $sqlc->result($sqlc->query('SELECT count(*) FROM characters WHERE online= 1' . ($gm_online_count == '0' ? ' AND extra_flags &1 = 0' : '')), 0); $replace = ' <tr> <td align="right" class="hidden">' . generate_pagination('index.php?start=' . $start . '&order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1) . '', $all_record_m, 3, $start_m, 'start_m') . '</td> </tr>'; unset($all_record_m); $output = str_replace('%%REPLACE_TAG%%', $replace, $output); unset($replace); $output .= ' <font class="bold">' . $lang_index['tot_users_online'] . ': ' . $total_online . '</font> <table class="lined"> <tr> <td colspan="' . (10 - $showcountryflag) . '" align="right" class="hidden" width="25%">'; $output .= generate_pagination('index.php?start_m=' . $start_m . '&order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1), $total_online, $itemperpage, $start); $output .= ' </td> </tr> <tr> <th width="15%"><a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=name&dir=' . $dir . '"' . ($order_by === 'name' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['name'] . '</a></th> <th width="1%"><a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=race&dir=' . $dir . '"' . ($order_by === 'race' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['race'] . '</a></th> <th width="1%"><a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=class&dir=' . $dir . '"' . ($order_by === 'class' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['class'] . '</a></th> <th width="5%"><a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=level&dir=' . $dir . '"' . ($order_by === 'level' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['level'] . '</a></th> <th width="1%"><a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=totalHonorPoints&dir=' . $dir . '"' . ($order_by === 'totalHonorPoints' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['rank'] . '</a></th> <th width="15%"><a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=guildid&dir=' . $dir . '"' . ($order_by === 'guildid' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['guild'] . '</a></th> <th width="20%"><a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=map&dir=' . $dir . '"' . ($order_by === 'map ' . $order_dir . ', zone' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['map'] . '</a></th> <th width="25%"><a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=zone&dir=' . $dir . '"' . ($order_by === 'zone ' . $order_dir . ', map' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['zone'] . '</a></th>'; if ($showcountryflag) { require_once 'libs/misc_lib.php'; $output .= ' <th width="1%">' . $lang_global['country'] . '</th>'; } $output .= ' </tr>'; $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); while ($char = $sqlc->fetch_assoc($result)) { if ($order_by == 'ip') { $temp = $sqlc->fetch_assoc($sqlc->query('SELECT characters.guid, characters.name, characters.race, characters.class, characters.zone, characters.map, characters.level, characters.account, characters.gender, characters.totalHonorPoints, COALESCE(guild_member.guildid,0) AS guildid FROM characters LEFT JOIN guild_member ON guild_member.guid = characters.guid WHERE characters.online= 1 ' . ($gm_online == '0' ? 'AND characters.extra_flags &1 = 0 ' : '') . $order_side . ' and account = ' . $char['id'])); if (isset($temp['guid'])) { $char = $temp; } else { continue; } } $gm = $sqlr->result($sqlr->query('SELECT gmlevel FROM account_access WHERE id=' . $char['account'] . ''), 0); $guild_name = $sqlc->result($sqlc->query('SELECT name FROM guild WHERE guildid=' . $char['guildid'] . '')); $output .= ' <tr> <td>'; if ($user_lvl >= $gm) { $output .= ' <a href="char.php?id=' . $char['guid'] . '"> <span onmousemove="toolTip(\'' . id_get_gm_level($gm) . '\', \'item_tooltip\')" onmouseout="toolTip()">' . htmlentities($char['name']) . '</span> </a>'; } else { $output .= ' <span onmousemove="toolTip(\'' . id_get_gm_level($gm) . '\', \'item_tooltip\')" onmouseout="toolTip()">' . htmlentities($char['name']) . '</span>'; } $output .= ' </td> <td> <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /> </td> <td> <img src="img/c_icons/' . $char['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /> </td> <td>' . char_get_level_color($char['level']) . '</td> <td> <span onmouseover="toolTip(\'' . char_get_pvp_rank_name($char['totalHonorPoints'], char_get_side_id($char['race'])) . '\', \'item_tooltip\')" onmouseout="toolTip()" style="color: white;"><img src="img/ranks/rank' . char_get_pvp_rank_id($char['totalHonorPoints'], char_get_side_id($char['race'])) . '.gif" alt="" /></span> </td> <td> <a href="guild.php?action=view_guild&error=3&id=' . $char['guildid'] . '">' . htmlentities($guild_name) . '</a> </td> <td><span onmousemove="toolTip(\'MapID:' . $char['map'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_map_name($char['map'], $sqlm) . '</span></td> <td><span onmousemove="toolTip(\'ZoneID:' . $char['zone'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_zone_name($char['zone'], $sqlm) . '</span></td>'; if ($showcountryflag) { $country = misc_get_country_by_account($char['account'], $sqlr, $sqlm); $output .= ' <td>' . ($country['code'] ? '<img src="img/flags/' . $country['code'] . '.png" onmousemove="toolTip(\'' . $country['country'] . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" />' : '-') . '</td>'; } $output .= ' </tr>'; } $output .= ' <tr>'; $output .= ' <td colspan="' . (10 - $showcountryflag) . '" align="right" class="hidden" width="25%">'; $output .= generate_pagination('index.php?start_m=' . $start_m . '&order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1), $total_online, $itemperpage, $start); unset($total_online); $output .= ' </td> </tr> </table> <br /> </center>'; } }
</tr>'; while ($char = $sql["char"]->fetch_assoc($query)) { if ($core == 1) { $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_data WHERE playerid='" . $char["guid"] . "'"), 0); $guild_name = $sql["char"]->result($sql["char"]->query("SELECT guildname FROM guilds WHERE guildid='" . $guild_id . "'"), 0); } else { $guild_name = $sql["char"]->fetch_assoc($sql["char"]->query("SELECT `name` FROM `guild` WHERE `guildid`=" . $char["GNAME"] . ";")); $guild_name = $guild_name["name"]; } $output .= ' <tr> <td> <a href="char.php?id=' . $char["guid"] . '">' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . '</a> </td> <td> <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td>' . char_get_level_color($char["level"]) . '</td> <td> <span onmouseover="oldtoolTip(\'' . char_get_pvp_rank_name($char["honor"], char_get_side_id($char["race"])) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" class="honor_tooltip"> <img src="img/ranks/rank' . char_get_pvp_rank_id($char["honor"], char_get_side_id($char["race"])) . '.gif" alt="" /> </span> </td> <td>' . $char["honor"] . '</td> <td>' . $char["kills"] . '</td> <td>' . $char["arena"] . '</td> <td> <a href="guild.php?action=view_guild&error=3&id=' . $char["GNAME"] . '">' . htmlentities($guild_name, ENT_COMPAT, $site_encoding) . '</a>
function char_main() { global $output, $realm_id, $logon_db, $characters_db, $world_db, $server, $corem_db, $site_encoding, $action_permission, $user_lvl, $user_name, $user_id, $locales_search_option, $base_datasite, $item_datasite, $spell_datasite, $showcountryflag, $timezone_offset, $sql, $core; // this page uses wowhead tooltops //wowhead_tt(); // we need at either an id or a name or we would have nothing to show if (empty($_GET["id"])) { if (empty($_GET["name"])) { error(lang("global", "empty_fields")); } } // this is multi realm support, as of writing still under development // this page is already implementing it if (empty($_GET["realm"])) { $realmid = $realm_id; } else { $realmid = $sql["logon"]->quote_smart($_GET["realm"]); if (is_numeric($realmid)) { $sql["char"]->connect($characters_db[$realmid]["addr"], $characters_db[$realmid]["user"], $characters_db[$realmid]["pass"], $characters_db[$realmid]["name"], $characters_db[$realmid]["encoding"]); } else { $realmid = $realm_id; } } if (empty($_GET["id"])) { $name = $sql["char"]->quote_smart($_GET["name"]); if ($core == 1) { $result = $sql["char"]->query("SELECT guid, acct, race FROM characters WHERE name='" . $name . "' LIMIT 1"); } else { $result = $sql["char"]->query("SELECT guid, id AS acct, race FROM characters WHERE name='" . $name . "' LIMIT 1"); } $id_result = $sql["char"]->fetch_assoc($result); $id = $id_result["guid"]; } else { $id = $sql["char"]->quote_smart($_GET["id"]); } if (!is_numeric($id)) { error(lang("global", "empty_fields")); } if ($core == 1) { $result = $sql["char"]->query("SELECT acct, race FROM characters WHERE guid='" . $id . "' LIMIT 1"); } else { $result = $sql["char"]->query("SELECT account AS acct, race FROM characters WHERE guid='" . $id . "' LIMIT 1"); } if ($sql["char"]->num_rows($result)) { //resrict by owner's gmlvl $owner_acc_id = $sql["char"]->result($result, 0, "acct"); if ($core == 1) { $query = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $owner_acc_id . "'"); } else { $query = $sql["logon"]->query("SELECT username as login FROM account WHERE id='" . $owner_acc_id . "'"); } $owner_name = $sql["logon"]->result($query, 0, "login"); $s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='******'"; $s_result = $sql["mgr"]->query($s_query); $s_fields = $sql["mgr"]->fetch_assoc($s_result); $owner_gmlvl = $s_fields["gm"]; $view_mod = $s_fields["View_Mod_Sheet"]; if ($owner_gmlvl >= 1073741824) { $owner_gmlvl -= 1073741824; } // owner configured overrides $view_override = false; if ($view_mod > 0) { if ($view_mod == 1) { } elseif ($view_mod == 2) { // only registered users may view this page if ($user_lvl > -1) { $view_override = true; } } } if ($user_lvl || $server[$realmid]["both_factions"]) { $side_v = 0; $side_p = 0; } else { $side_p = in_array($sql["char"]->result($result, 0, "race"), array(2, 5, 6, 8, 10)) ? 1 : 2; if ($core == 1) { $result_1 = $sql["char"]->query("SELECT race FROM characters WHERE acct='" . $user_id . "' LIMIT 1"); } else { $result_1 = $sql["char"]->query("SELECT race FROM characters WHERE account='" . $user_id . "' LIMIT 1"); } if ($sql["char"]->num_rows($result)) { $side_v = in_array($sql["char"]->result($result_1, 0, "race"), array(2, 5, 6, 8, 10)) ? 1 : 2; } else { $side_v = 0; } unset($result_1); } if ($view_override || $user_lvl >= gmlevel($owner_gmlvl) && ($side_v === $side_p || !$side_v)) { if ($core == 1) { $result = $sql["char"]->query("SELECT guid, name, race, class, level, zoneid, mapid, online, gender,\n SUBSTRING_INDEX(SUBSTRING_INDEX(playedtime, ' ', 2), ' ', -1) AS totaltime,\n acct, data, timestamp, xp \n FROM characters WHERE guid='" . $id . "'"); } elseif ($core == 2) { $result = $sql["char"]->query("SELECT guid, name, race, class, level, zone AS zoneid, map AS mapid, \n online, gender, totaltime, account AS acct, logout_time AS timestamp, health, \n\t\t\t\t\tpower1, power2, power3, power4, power5, power6, power7, xp,\n arenaPoints, totalHonorPoints, totalKills\n FROM characters WHERE guid='" . $id . "'"); } else { $result = $sql["char"]->query("SELECT guid, name, race, class, level, zone AS zoneid, map AS mapid, \n online, gender, totaltime, account AS acct, logout_time AS timestamp, health, \n\t\t\t\t\tpower1, power2, power3, power4, power5, power6, power7, xp, arenaPoints, totalHonorPoints, totalKills\n FROM characters WHERE guid='" . $id . "'"); } $char = $sql["char"]->fetch_assoc($result); // find out what mode we're in View or Delete (0 = View, 1 = Delete) $mode = isset($_GET["mode"]) ? $_GET["mode"] : 0; // only the character's owner or a GM with Delete privs can enter Delete Mode if ($owner_name != $user_name) { if ($user_lvl < $action_permission["delete"]) { $mode = 0; } else { $mode = $mode; } } // View Mode is only availble on characters that are offline if ($char["online"] != 0) { $mode = 0; } if ($core == 1) { $char_data = $char["data"]; if (empty($char_data)) { $char_data = str_repeat("0;", PLAYER_END); } $char_data = explode(";", $char_data); } else { $query = "SELECT * FROM characters LEFT JOIN character_stats ON characters.guid=character_stats.guid WHERE characters.guid='" . $id . "'"; $char_data_result = $sql["char"]->query($query); $char_data_fields = $sql["char"]->fetch_assoc($char_data_result); $char_data[PLAYER_BLOCK_PERCENTAGE] = isset($char_data_fields["blockPct"]) ? $char_data_fields["blockPct"] : ' '; $char_data[PLAYER_DODGE_PERCENTAGE] = isset($char_data_fields["dodgePct"]) ? $char_data_fields["dodgePct"] : ' '; $char_data[PLAYER_PARRY_PERCENTAGE] = isset($char_data_fields["parryPct"]) ? $char_data_fields["parryPct"] : ' '; $char_data[PLAYER_CRIT_PERCENTAGE] = isset($char_data_fields["critPct"]) ? $char_data_fields["critPct"] : ' '; $char_data[PLAYER_RANGED_CRIT_PERCENTAGE] = isset($char_data_fields["rangedCritPct"]) ? $char_data_fields["rangedCritPct"] : ' '; $char_data[UNIT_FIELD_MAXDAMAGE] = isset($char_data_fields["attackPower"]) ? $char_data_fields["attackPower"] : ' '; $char_data[UNIT_FIELD_MINDAMAGE] = isset($char_data_fields["attackPower"]) ? $char_data_fields["attackPower"] : ' '; $char_data[UNIT_FIELD_MAXRANGEDDAMAGE] = isset($char_data_fields["rangedAttackPower"]) ? $char_data_fields["rangedAttackPower"] : ' '; $char_data[UNIT_FIELD_MINRANGEDDAMAGE] = isset($char_data_fields["rangedAttackPower"]) ? $char_data_fields["rangedAttackPower"] : ' '; $char_data[PLAYER_SPELL_CRIT_PERCENTAGE1] = isset($char_data_fields["spellCritPct"]) ? $char_data_fields["spellCritPct"] : ' '; $char_data[PLAYER_FIELD_MOD_DAMAGE_DONE_POS] = isset($char_data_fields["spellPower"]) ? $char_data_fields["spellPower"] : ' '; $char_data[UNIT_FIELD_STAT0] = isset($char_data_fields["strength"]) ? $char_data_fields["strength"] : ' '; $char_data[UNIT_FIELD_STAT1] = isset($char_data_fields["agility"]) ? $char_data_fields["agility"] : ' '; $char_data[UNIT_FIELD_STAT2] = isset($char_data_fields["stamina"]) ? $char_data_fields["stamina"] : ' '; $char_data[UNIT_FIELD_STAT3] = isset($char_data_fields["intellect"]) ? $char_data_fields["intellect"] : ' '; $char_data[UNIT_FIELD_STAT4] = isset($char_data_fields["spirit"]) ? $char_data_fields["spirit"] : ' '; $char_data[UNIT_FIELD_RESISTANCES] = isset($char_data_fields["armor"]) ? $char_data_fields["armor"] : ' '; $char_data[UNIT_FIELD_RESISTANCES + 1] = isset($char_data_fields["resHoly"]) ? $char_data_fields["resHoly"] : ' '; $char_data[UNIT_FIELD_RESISTANCES + 2] = isset($char_data_fields["resArcane"]) ? $char_data_fields["resArcane"] : ' '; $char_data[UNIT_FIELD_RESISTANCES + 3] = isset($char_data_fields["resFire"]) ? $char_data_fields["resFire"] : ' '; $char_data[UNIT_FIELD_RESISTANCES + 4] = isset($char_data_fields["resNature"]) ? $char_data_fields["resNature"] : ' '; $char_data[UNIT_FIELD_RESISTANCES + 5] = isset($char_data_fields["resFrost"]) ? $char_data_fields["resFrost"] : ' '; $char_data[UNIT_FIELD_RESISTANCES + 6] = isset($char_data_fields["resShadow"]) ? $char_data_fields["resShadow"] : ' '; $char_data[UNIT_FIELD_HEALTH] = isset($char["health"]) ? $char["health"] : ' '; $char_data[UNIT_FIELD_MAXHEALTH] = isset($char_data_fields["maxhealth"]) ? $char_data_fields["maxhealth"] : ' '; $char_data[UNIT_FIELD_POWER1] = isset($char["power1"]) ? $char["power1"] : ' '; $char_data[UNIT_FIELD_POWER2] = isset($char["power2"]) ? $char["power2"] : ' '; $char_data[UNIT_FIELD_POWER3] = isset($char["power3"]) ? $char["power3"] : ' '; $char_data[UNIT_FIELD_POWER4] = isset($char["power4"]) ? $char["power4"] : ' '; $char_data[UNIT_FIELD_POWER5] = isset($char["power5"]) ? $char["power5"] : ' '; $char_data[UNIT_FIELD_POWER6] = isset($char["power6"]) ? $char["power6"] : ' '; $char_data[UNIT_FIELD_POWER7] = isset($char["power7"]) ? $char["power7"] : ' '; $char_data[UNIT_FIELD_MAXPOWER1] = isset($char_data_fields["maxpower1"]) ? $char_data_fields["maxpower1"] : ' '; $char_data[UNIT_FIELD_MAXPOWER2] = isset($char_data_fields["maxpower2"]) ? $char_data_fields["maxpower2"] : ' '; $char_data[UNIT_FIELD_MAXPOWER3] = isset($char_data_fields["maxpower3"]) ? $char_data_fields["maxpower3"] : ' '; $char_data[UNIT_FIELD_MAXPOWER4] = isset($char_data_fields["maxpower4"]) ? $char_data_fields["maxpower4"] : ' '; $char_data[UNIT_FIELD_MAXPOWER5] = isset($char_data_fields["maxpower5"]) ? $char_data_fields["maxpower5"] : ' '; $char_data[UNIT_FIELD_MAXPOWER6] = isset($char_data_fields["maxpower6"]) ? $char_data_fields["maxpower6"] : ' '; $char_data[UNIT_FIELD_MAXPOWER7] = isset($char_data_fields["maxpower7"]) ? $char_data_fields["maxpower7"] : ' '; $char_data[PLAYER_FIELD_MOD_HEALING_DONE_POS] = "ERR"; $char_data[PLAYER_FIELD_COMBAT_RATING_1 + 5] = "ERR"; $char_data[PLAYER_FIELD_COMBAT_RATING_1 + 17] = "ERR"; $char_data[PLAYER_FIELD_COMBAT_RATING_1 + 6] = "ERR"; $char_data[PLAYER_FIELD_COMBAT_RATING_1 + 7] = "ERR"; $char_data[PLAYER_EXPERTISE] = "ERR"; $char_data[PLAYER_OFFHAND_EXPERTISE] = "ERR"; $char_data[PLAYER_FIELD_HONOR_CURRENCY] = isset($char["totalHonorPoints"]) ? $char["totalHonorPoints"] : ' '; $char_data[PLAYER_FIELD_ARENA_CURRENCY] = isset($char["arenaPoints"]) ? $char["arenaPoints"] : ' '; $char_data[PLAYER_FIELD_LIFETIME_HONORBALE_KILLS] = isset($char["totalKills"]) ? $char["totalKills"] : ' '; } if ($core == 1) { $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_data WHERE playerid='" . $char["guid"] . "'"), 0); $guild_rank = $sql["char"]->result($sql["char"]->query("SELECT guildRank FROM guild_data WHERE playerid='" . $char["guid"] . "'"), 0); $guild_name = $sql["char"]->result($sql["char"]->query("SELECT guildName FROM guilds WHERE guildid='" . $guild_id . "'")); } else { $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_member WHERE guid='" . $char["guid"] . "'"), 0); $guild_rank = $sql["char"]->result($sql["char"]->query("SELECT rank AS guildRank FROM guild_member WHERE guid='" . $char["guid"] . "'"), 0); $guild_name = $sql["char"]->result($sql["char"]->query("SELECT name AS guildName FROM guild WHERE guildid='" . $guild_id . "'")); } $online = $char["online"] ? lang("char", "online") : lang("char", "offline"); if ($guild_id) { //$guild_name = $sql["char"]->result($sql["char"]->query('SELECT name FROM guild WHERE guildid ='.$char_data[CHAR_DATA_OFFSET_GUILD_ID].''), 0, 'name'); $guild_name = '<a href="guild.php?action=view_guild&realm=' . $realmid . '&error=3&id=' . $guild_id . '" >' . $guild_name . '</a>'; $mrank = $guild_rank; if ($core == 1) { $guild_rank = $sql["char"]->result($sql["char"]->query("SELECT rankname FROM guild_ranks WHERE guildid='" . $guild_id . "' AND rankId='" . $mrank . "'"), 0, "rankname"); } else { $guild_rank = $sql["char"]->result($sql["char"]->query("SELECT rname AS rankname FROM guild_rank WHERE guildid='" . $guild_id . "' AND rid='" . $mrank . "'"), 0, "rankname"); } } else { $guild_name = lang("global", "none"); $guild_rank = lang("global", "none"); } if ($core == 1) { $block = unpack("f", pack("L", $char_data[PLAYER_BLOCK_PERCENTAGE])); $block = round($block[1], 2); $dodge = unpack("f", pack("L", $char_data[PLAYER_DODGE_PERCENTAGE])); $dodge = round($dodge[1], 2); $parry = unpack("f", pack("L", $char_data[PLAYER_PARRY_PERCENTAGE])); $parry = round($parry[1], 2); $crit = unpack("f", pack("L", $char_data[PLAYER_CRIT_PERCENTAGE])); $crit = round($crit[1], 2); $ranged_crit = unpack("f", pack("L", $char_data[PLAYER_RANGED_CRIT_PERCENTAGE])); $ranged_crit = round($ranged_crit[1], 2); $maxdamage = unpack("f", pack("L", $char_data[UNIT_FIELD_MAXDAMAGE])); $maxdamage = round($maxdamage[1], 0); $mindamage = unpack("f", pack("L", $char_data[UNIT_FIELD_MINDAMAGE])); $mindamage = round($mindamage[1], 0); $maxrangeddamage = unpack("f", pack("L", $char_data[UNIT_FIELD_MAXRANGEDDAMAGE])); $maxrangeddamage = round($maxrangeddamage[1], 0); $minrangeddamage = unpack("f", pack("L", $char_data[UNIT_FIELD_MINRANGEDDAMAGE])); $minrangeddamage = round($minrangeddamage[1], 0); } else { $block = $char_data[PLAYER_BLOCK_PERCENTAGE]; $block = round($block, 2); $dodge = $char_data[PLAYER_DODGE_PERCENTAGE]; $dodge = round($dodge, 2); $parry = $char_data[PLAYER_PARRY_PERCENTAGE]; $parry = round($parry, 2); $crit = $char_data[PLAYER_CRIT_PERCENTAGE]; $crit = round($crit, 2); $ranged_crit = $char_data[PLAYER_RANGED_CRIT_PERCENTAGE]; $ranged_crit = round($ranged_crit, 2); $maxdamage = $char_data[UNIT_FIELD_MAXDAMAGE]; $maxdamage = round($maxdamage, 0); $mindamage = $char_data[UNIT_FIELD_MINDAMAGE]; $mindamage = round($mindamage, 0); $maxrangeddamage = $char_data[UNIT_FIELD_MAXRANGEDDAMAGE]; $maxrangeddamage = round($maxrangeddamage, 0); $minrangeddamage = $char_data[UNIT_FIELD_MINRANGEDDAMAGE]; $minrangeddamage = round($minrangeddamage, 0); } if ($core == 1) { $spell_crit = 100; for ($i = 0; $i < 6; ++$i) { $temp = unpack("f", pack("L", $char_data[PLAYER_SPELL_CRIT_PERCENTAGE1 + 1 + $i])); if ($temp[1] < $spell_crit) { $spell_crit = $temp[1]; } } $spell_crit = round($spell_crit, 2); } else { $spell_crit = $char_data[PLAYER_SPELL_CRIT_PERCENTAGE1]; $spell_crit = round($spell_crit, 2); } if ($core == 1) { $spell_damage = 9999; for ($i = 0; $i < 6; ++$i) { if ($char_data[PLAYER_FIELD_MOD_DAMAGE_DONE_POS + 1 + $i] < $spell_damage) { $spell_damage = $char_data[PLAYER_FIELD_MOD_DAMAGE_DONE_POS + 1 + $i]; } } } else { $spell_damage = $char_data[PLAYER_FIELD_MOD_DAMAGE_DONE_POS]; } $spell_heal = $char_data[PLAYER_FIELD_MOD_HEALING_DONE_POS]; // this_is_junk: PLAYER_FIELD_COMBAT_RATING_1 +5, +6, and +7 seem to have the same value as +5 // I'm not sure which of these fields is which hit rating. :/ $spell_hit = $char_data[PLAYER_FIELD_COMBAT_RATING_1 + 5]; // this_is_junk: PLAYER_FIELD_COMBAT_RATING_1 +18 and +19 seem to have the same value as +5 // I'm not sure which of these fields is really spell haste. :/ $spell_haste = $char_data[PLAYER_FIELD_COMBAT_RATING_1 + 17]; // this_is_junk: PLAYER_FIELD_COMBAT_RATING_1 +5, +6, and +7 seem to have the same value as +5 // I'm not sure which of these fields is which hit rating. :/ $ranged_hit = $char_data[PLAYER_FIELD_COMBAT_RATING_1 + 6]; // this_is_junk: PLAYER_FIELD_COMBAT_RATING_1 +5, +6, and +7 seem to have the same value as +5 // I'm not sure which of these fields is which hit rating. :/ $melee_hit = $char_data[PLAYER_FIELD_COMBAT_RATING_1 + 7]; $expertise = $char_data[PLAYER_EXPERTISE] . " / " . $char_data[PLAYER_OFFHAND_EXPERTISE]; //if ( $core == 1 ) //{ /*$EQU_HEAD = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 0]; $EQU_NECK = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 2]; $EQU_SHOULDER = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 4]; $EQU_SHIRT = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 6]; $EQU_CHEST = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 8]; $EQU_BELT = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 10]; $EQU_LEGS = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 12]; $EQU_FEET = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 14]; $EQU_WRIST = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 16]; $EQU_GLOVES = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 18]; $EQU_FINGER1 = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 20]; $EQU_FINGER2 = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 22]; $EQU_TRINKET1 = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 24]; $EQU_TRINKET2 = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 26]; $EQU_BACK = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 28]; $EQU_MAIN_HAND = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 30]; $EQU_OFF_HAND = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 32]; $EQU_RANGED = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 34]; $EQU_TABARD = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 36];*/ //} //else //{ $world_db_name = $world_db[$realm_id]["name"]; if ($core == 1) { $char_equip_query = "SELECT *, \n playeritems.entry AS item_template, randomprop as property, enchantments AS enchantment, flags\n FROM playeritems WHERE ownerguid='" . $id . "' AND containerslot=-1"; } elseif ($core == 2) { $char_equip_query = "SELECT *,\n SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 11), ' ', -1) AS creator,\n SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 23), ' ', -1) AS enchantment,\n SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 60), ' ', -1) AS property,\n SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 62), ' ', -1) AS durability,\n SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 22), ' ', -1) AS flags\n FROM character_inventory\n LEFT JOIN item_instance ON character_inventory.item=item_instance.guid\n WHERE character_inventory.guid='" . $id . "' AND character_inventory.bag=0"; } else { $char_equip_query = "SELECT *,\n creatorGuid AS creator, enchantments AS enchantment,\n randomPropertyId AS property, durability, flags,\n itemEntry AS item_template\n FROM character_inventory\n LEFT JOIN item_instance ON character_inventory.item=item_instance.guid\n WHERE character_inventory.guid='" . $id . "' AND character_inventory.bag=0"; } $char_equip_result = $sql["char"]->query($char_equip_query); while ($equip_row = $sql["char"]->fetch_assoc($char_equip_result)) { switch ($equip_row["slot"]) { case 0: $EQU_HEAD = $equip_row["item_template"]; $EQU_HEAD_ROW = $equip_row; break; case 1: $EQU_NECK = $equip_row["item_template"]; $EQU_NECK_ROW = $equip_row; break; case 2: $EQU_SHOULDER = $equip_row["item_template"]; $EQU_SHOULDER_ROW = $equip_row; break; case 3: $EQU_SHIRT = $equip_row["item_template"]; $EQU_SHIRT_ROW = $equip_row; break; case 4: $EQU_CHEST = $equip_row["item_template"]; $EQU_CHEST_ROW = $equip_row; break; case 5: $EQU_BELT = $equip_row["item_template"]; $EQU_BELT_ROW = $equip_row; break; case 6: $EQU_LEGS = $equip_row["item_template"]; $EQU_LEGS_ROW = $equip_row; break; case 7: $EQU_FEET = $equip_row["item_template"]; $EQU_FEET_ROW = $equip_row; break; case 8: $EQU_WRIST = $equip_row["item_template"]; $EQU_WRIST_ROW = $equip_row; break; case 9: $EQU_GLOVES = $equip_row["item_template"]; $EQU_GLOVES_ROW = $equip_row; break; case 10: $EQU_FINGER1 = $equip_row["item_template"]; $EQU_FINGER1_ROW = $equip_row; break; case 11: $EQU_FINGER2 = $equip_row["item_template"]; $EQU_FINGER2_ROW = $equip_row; break; case 12: $EQU_TRINKET1 = $equip_row["item_template"]; $EQU_TRINKET1_ROW = $equip_row; break; case 13: $EQU_TRINKET2 = $equip_row["item_template"]; $EQU_TRINKET2_ROW = $equip_row; break; case 14: $EQU_BACK = $equip_row["item_template"]; $EQU_BACK_ROW = $equip_row; break; case 15: $EQU_MAIN_HAND = $equip_row["item_template"]; $EQU_MAIN_HAND_ROW = $equip_row; break; case 16: $EQU_OFF_HAND = $equip_row["item_template"]; $EQU_OFF_HAND_ROW = $equip_row; break; case 17: $EQU_RANGED = $equip_row["item_template"]; $EQU_RANGED_ROW = $equip_row; break; case 18: $EQU_TABARD = $equip_row["item_template"]; $EQU_TABARD_ROW = $equip_row; break; } } //} $equiped_items = array(1 => array("", $EQU_HEAD ? get_item_icon($EQU_HEAD) : 0, $EQU_HEAD ? get_item_border($EQU_HEAD) : 0, $EQU_HEAD_ROW), 2 => array("", $EQU_NECK ? get_item_icon($EQU_NECK) : 0, $EQU_NECK ? get_item_border($EQU_NECK) : 0, $EQU_NECK_ROW), 3 => array("", $EQU_SHOULDER ? get_item_icon($EQU_SHOULDER) : 0, $EQU_SHOULDER ? get_item_border($EQU_SHOULDER) : 0, $EQU_SHOULDER_ROW), 4 => array("", $EQU_SHIRT ? get_item_icon($EQU_SHIRT) : 0, $EQU_SHIRT ? get_item_border($EQU_SHIRT) : 0, $EQU_SHIRT_ROW), 5 => array("", $EQU_CHEST ? get_item_icon($EQU_CHEST) : 0, $EQU_CHEST ? get_item_border($EQU_CHEST) : 0, $EQU_CHEST_ROW), 6 => array("", $EQU_BELT ? get_item_icon($EQU_BELT) : 0, $EQU_BELT ? get_item_border($EQU_BELT) : 0, $EQU_BELT_ROW), 7 => array("", $EQU_LEGS ? get_item_icon($EQU_LEGS) : 0, $EQU_LEGS ? get_item_border($EQU_LEGS) : 0, $EQU_LEGS_ROW), 8 => array("", $EQU_FEET ? get_item_icon($EQU_FEET) : 0, $EQU_FEET ? get_item_border($EQU_FEET) : 0, $EQU_FEET_ROW), 9 => array("", $EQU_WRIST ? get_item_icon($EQU_WRIST) : 0, $EQU_WRIST ? get_item_border($EQU_WRIST) : 0, $EQU_WRIST_ROW), 10 => array("", $EQU_GLOVES ? get_item_icon($EQU_GLOVES) : 0, $EQU_GLOVES ? get_item_border($EQU_GLOVES) : 0, $EQU_GLOVES_ROW), 11 => array("", $EQU_FINGER1 ? get_item_icon($EQU_FINGER1) : 0, $EQU_FINGER1 ? get_item_border($EQU_FINGER1) : 0, $EQU_FINGER1_ROW), 12 => array("", $EQU_FINGER2 ? get_item_icon($EQU_FINGER2) : 0, $EQU_FINGER2 ? get_item_border($EQU_FINGER2) : 0, $EQU_FINGER2_ROW), 13 => array("", $EQU_TRINKET1 ? get_item_icon($EQU_TRINKET1) : 0, $EQU_TRINKET1 ? get_item_border($EQU_TRINKET1) : 0, $EQU_TRINKET1_ROW), 14 => array("", $EQU_TRINKET2 ? get_item_icon($EQU_TRINKET2) : 0, $EQU_TRINKET2 ? get_item_border($EQU_TRINKET2) : 0, $EQU_TRINKET2_ROW), 15 => array("", $EQU_BACK ? get_item_icon($EQU_BACK) : 0, $EQU_BACK ? get_item_border($EQU_BACK) : 0, $EQU_BACK_ROW), 16 => array("", $EQU_MAIN_HAND ? get_item_icon($EQU_MAIN_HAND) : 0, $EQU_MAIN_HAND ? get_item_border($EQU_MAIN_HAND) : 0, $EQU_MAIN_HAND_ROW), 17 => array("", $EQU_OFF_HAND ? get_item_icon($EQU_OFF_HAND) : 0, $EQU_OFF_HAND ? get_item_border($EQU_OFF_HAND) : 0, $EQU_OFF_HAND_ROW), 18 => array("", $EQU_RANGED ? get_item_icon($EQU_RANGED) : 0, $EQU_RANGED ? get_item_border($EQU_RANGED) : 0, $EQU_RANGED_ROW), 19 => array("", $EQU_TABARD ? get_item_icon($EQU_TABARD) : 0, $EQU_TABARD ? get_item_border($EQU_TABARD) : 0, $EQU_TABARD_ROW)); // visibility overrides for specific tabs $view_inv_override = false; if ($s_fields["View_Mod_Inv"] > 0) { if ($s_fields["View_Mod_Inv"] == 1) { } elseif ($s_fields["View_Mod_Inv"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_inv_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_inv_override = true; } } $view_talent_override = false; if ($s_fields["View_Mod_Talent"] > 0) { if ($s_fields["View_Mod_Talent"] == 1) { } elseif ($s_fields["View_Mod_Talent"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_talent_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_talent_override = true; } } $view_achieve_override = false; if ($s_fields["View_Mod_Achieve"] > 0) { if ($s_fields["View_Mod_Achieve"] == 1) { } elseif ($s_fields["View_Mod_Achieve"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_achieve_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_achieve_override = true; } } $view_quest_override = false; if ($s_fields["View_Mod_Quest"] > 0) { if ($s_fields["View_Mod_Quest"] == 1) { } elseif ($s_fields["View_Mod_Quest"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_quest_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_quest_override = true; } } $view_friends_override = false; if ($s_fields["View_Mod_Friends"] > 0) { if ($s_fields["View_Mod_Friends"] == 1) { } elseif ($s_fields["View_Mod_Friends"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_friends_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_friends_override = true; } } $view_view_override = false; if ($s_fields["View_Mod_View"] > 0) { if ($s_fields["View_Mod_View"] == 1) { } elseif ($s_fields["View_Mod_View"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_view_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_view_override = true; } } $view_pets_override = false; if ($s_fields["View_Mod_Pets"] > 0) { if ($s_fields["View_Mod_Pets"] == 1) { } elseif ($s_fields["View_Mod_Pets"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_pets_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_pets_override = true; } } $view_rep_override = false; if ($s_fields["View_Mod_Rep"] > 0) { if ($s_fields["View_Mod_Rep"] == 1) { } elseif ($s_fields["View_Mod_Rep"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_rep_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_rep_override = true; } } $view_skill_override = false; if ($s_fields["View_Mod_Skill"] > 0) { if ($s_fields["View_Mod_Skill"] == 1) { } elseif ($s_fields["View_Mod_Skill"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_skill_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_skill_override = true; } } $view_pvp_override = false; if ($s_fields["View_Mod_PvP"] > 0) { if ($s_fields["View_Mod_PvP"] == 1) { } elseif ($s_fields["View_Mod_PvP"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_pvp_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_pvp_override = true; } } $output .= ' <!-- start of char.php --> <div class="tab"> <ul> <li class="selected"><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>'; if ($view_inv_override) { $output .= ' <li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "inventory") . '</a></li>'; } if ($view_talent_override) { $output .= ' ' . ($char["level"] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "talents") . '</a></li>') . ''; } if ($view_achieve_override) { $output .= ' <li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "achievements") . '</a></li>'; } if ($view_quest_override) { $output .= ' <li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "quests") . '</a></li>'; } if ($view_friends_override) { $output .= ' <li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "friends") . '</a></li>'; } if ($view_view_override) { $output .= ' <li><a href="char_view.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "view") . '</a></li>'; } $output .= ' </ul> </div>'; if ($view_override || $user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $output .= ' <div class="tab_content center"> <div class="tab"> <ul> <li class="selected"><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>'; if (char_get_class_name($char["class"]) === "Hunter" && $view_pets_override) { $output .= ' <li><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "pets") . '</a></li>'; } if ($view_rep_override) { $output .= ' <li><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "reputation") . '</a></li>'; } if ($view_skill_override) { $output .= ' <li><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "skills") . '</a></li>'; } if ($view_pvp_override) { $output .= ' <li><a href="char_pvp.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "pvp") . '</a></li>'; } if ($owner_name == $user_name || $user_lvl >= get_page_permission("insert", "char_mail.php")) { $output .= ' <li><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "mail") . '</a></li>'; } $output .= ' </ul> </div>'; } else { $output .= ' <div class="tab_content center"> <div class="tab"> </div>'; } $output .= ' <div class="tab_content2 center"> <table class="lined" id="char_character_sheet"> <tr> <td colspan="2"> <div> <img src="' . char_get_avatar_img($char["level"], $char["gender"], $char["race"], $char["class"], 0) . '" alt="avatar" /> </div> <div>'; // this_is_junk: auras are stored in a string in the characters table. // not sure how to query a string as though it were a record if ($core == 1) { } else { $a_results = $sql["char"]->query("SELECT DISTINCT spell FROM character_aura WHERE guid='" . $id . "'"); } if ($sql["char"]->num_rows($a_results)) { while ($aura = $sql["char"]->fetch_assoc($a_results)) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $spell_datasite . $aura["spell"] . '" rel="external"> <img src="' . spell_get_icon($aura["spell"]) . '" alt="' . $aura["spell"] . '" width="24" height="24" /> </a>'; } } $output .= ' </div> </td> <td colspan="4"> <span class="bold"> ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' - <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . ' </span> <br />' . lang("char", "location") . ': ' . get_map_name($char["mapid"]) . ' - ' . get_zone_name($char["zoneid"]) . ' <br />' . lang("char", "honor_points") . ': ' . $char_data[PLAYER_FIELD_HONOR_CURRENCY] . ' | ' . lang("char", "arena_points") . ': ' . $char_data[PLAYER_FIELD_ARENA_CURRENCY] . ' | ' . lang("char", "honor_kills") . ': ' . $char_data[PLAYER_FIELD_LIFETIME_HONORBALE_KILLS] . ' <br />' . lang("char", "guild") . ': ' . $guild_name . ' | ' . lang("char", "rank") . ': ' . htmlentities($guild_rank, ENT_COMPAT, $site_encoding) . ' <br />' . lang("char", "online") . ': ' . ($char["online"] ? '<img src="img/up.gif" onmousemove="oldtoolTip(\'' . lang("char", "online") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="online" />' : '<img src="img/down.gif" onmousemove="oldtoolTip(\'' . lang("char", "offline") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="offline" />'); if ($showcountryflag) { require_once 'libs/misc_lib.php'; $country = misc_get_country_by_account($char["acct"]); $output .= ' | ' . lang("global", "country") . ': ' . ($country["code"] ? '<img src="img/flags/' . $country["code"] . '.png" onmousemove="oldtoolTip(\'' . $country["country"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />' : '-'); unset($country); } $output .= ' </td> </tr> <tr> <td style="width: 6%;">'; if ($equiped_items[1][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_HEAD . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'HEAD' . '\');" onmouseout="HideTooltip(\'_b' . 'HEAD' . '\');"> <img src="' . $equiped_items[1][1] . '" class="' . $equiped_items[1][2] . '" alt="Head" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[1][3]["bag"] . '&slot=' . $equiped_items[1][3]["slot"] . '&item=' . $equiped_items[1][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[1][3]["item_template"]); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'HEAD' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[1][3]["enchantment"], $equiped_items[1][3]["property"], $equiped_items[1][3]["creator"], $equiped_items[1][3]["durability"], $equiped_items[1][3]["flags"]) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_head.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td class="half_line" colspan="2" align="center" style="width: 50%;"> <div class="gradient_p" id="char_hp_name">' . lang("item", "health") . ':</div> <div class="gradient_pp" id="char_hp_value">' . $char_data[UNIT_FIELD_HEALTH] . '/' . $char_data[UNIT_FIELD_MAXHEALTH] . '</div>'; if ($char["class"] == 11) { //druid $output .= ' <br /> <div class="gradient_p" id="char_energy_name">' . lang("item", "mana") . ':</div> <div class="gradient_pp" id="char_energy_value">' . $char_data[UNIT_FIELD_POWER1] . '/' . $char_data[UNIT_FIELD_MAXPOWER1] . '</div>'; } $output .= ' </td> <td class="half_line" colspan="2" align="center" style="width: 50%;">'; if ($char["class"] == 1) { $output .= ' <div class="gradient_p" id="char_energy_name">' . lang("item", "rage") . ':</div> <div class="gradient_pp" id="char_energy_value">' . $char_data[UNIT_FIELD_POWER2] / 10 . '/' . $char_data[UNIT_FIELD_MAXPOWER2] / 10 . '</div>'; } elseif ($char["class"] == 4) { $output .= ' <div class="gradient_p" id="char_energy_name">' . lang("item", "energy") . ':</div> <div class="gradient_pp" id="char_energy_value">' . $char_data[UNIT_FIELD_POWER4] . '/' . $char_data[UNIT_FIELD_MAXPOWER4] . '</div>'; } elseif ($char["class"] == 6) { $output .= ' <div class="gradient_p" id="char_energy_name">' . lang("item", "runic") . ':</div> <div class="gradient_pp" id="char_energy_value">' . $char_data[UNIT_FIELD_POWER7] / 10 . '/' . $char_data[UNIT_FIELD_MAXPOWER7] / 10 . '</div>'; } elseif ($char["class"] == 11) { $output .= ' <div class="gradient_p" id="char_energy_name">' . lang("item", "mana") . ':</div> <div class="gradient_pp" id="char_energy_value">' . $char_data[UNIT_FIELD_POWER1] . '/' . $char_data[UNIT_FIELD_MAXPOWER1] . '</div> <br /> <div class="gradient_p" id="char_energy_name">' . lang("item", "rage") . ':</div> <div class="gradient_pp" id="char_energy_value">' . $char_data[UNIT_FIELD_POWER2] / 10 . '/' . $char_data[UNIT_FIELD_MAXPOWER2] / 10 . '</div>'; } elseif ($char["class"] == 2 || $char["class"] == 3 || $char["class"] == 5 || $char["class"] == 7 || $char["class"] == 8 || $char["class"] == 9) { $output .= ' <div class="gradient_p" id="char_energy_name">' . lang("item", "mana") . ':</div> <div class="gradient_pp" id="char_energy_value">' . $char_data[UNIT_FIELD_POWER1] . '/' . $char_data[UNIT_FIELD_MAXPOWER1] . '</div>'; } $output .= ' </td> <td style="width: 6%;">'; if ($equiped_items[10][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_GLOVES . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'GLOVES' . '\');" onmouseout="HideTooltip(\'_b' . 'GLOVES' . '\');"> <img src="' . $equiped_items[10][1] . '" class="' . $equiped_items[10][2] . '" alt="Gloves" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[10][3]["bag"] . '&slot=' . $equiped_items[10][3]["slot"] . '&item=' . $equiped_items[10][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[10][3]["item_template"]); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'GLOVES' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[10][3]["enchantment"], $equiped_items[10][3]["property"], $equiped_items[10][3]["creator"], $equiped_items[10][3]["durability"], $equiped_items[10][3]["flags"]) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_gloves.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td style="width: 1%;">'; if ($equiped_items[2][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_NECK . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'NECK' . '\');" onmouseout="HideTooltip(\'_b' . 'NECK' . '\');"> <img src="' . $equiped_items[2][1] . '" class="' . $equiped_items[2][2] . '" alt="Neck" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[2][3]["bag"] . '&slot=' . $equiped_items[2][3]["slot"] . '&item=' . $equiped_items[2][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[2][3]['item_template']); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'NECK' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[2][3]['enchantment'], $equiped_items[2][3]['property'], $equiped_items[2][3]['creator'], $equiped_items[2][3]['durability'], $equiped_items[2][3]['flags']) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_neck.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td class="half_line" colspan="2" rowspan="3" align="center" style="width: 50%;"> <div class="gradient_p"> ' . lang("item", "strength") . ':<br /> ' . lang("item", "agility") . ':<br /> ' . lang("item", "stamina") . ':<br /> ' . lang("item", "intellect") . ':<br /> ' . lang("item", "spirit") . ':<br /> ' . lang("item", "armor") . ': </div> <div class="gradient_pp"> ' . $char_data[UNIT_FIELD_STAT0] . '<br /> ' . $char_data[UNIT_FIELD_STAT1] . '<br /> ' . $char_data[UNIT_FIELD_STAT2] . '<br /> ' . $char_data[UNIT_FIELD_STAT3] . '<br /> ' . $char_data[UNIT_FIELD_STAT4] . '<br /> ' . $char_data[UNIT_FIELD_RESISTANCES] . ' </div> </td> <td class="half_line" colspan="2" rowspan="3" align="center" style="width: 50%;"> <div class="gradient_p"> ' . lang("item", "res_holy") . ':<br /> ' . lang("item", "res_arcane") . ':<br /> ' . lang("item", "res_fire") . ':<br /> ' . lang("item", "res_nature") . ':<br /> ' . lang("item", "res_frost") . ':<br /> ' . lang("item", "res_shadow") . ': </div> <div class="gradient_pp"> ' . $char_data[UNIT_FIELD_RESISTANCES + 1] . '<br /> ' . $char_data[UNIT_FIELD_RESISTANCES + 2] . '<br /> ' . $char_data[UNIT_FIELD_RESISTANCES + 3] . '<br /> ' . $char_data[UNIT_FIELD_RESISTANCES + 4] . '<br /> ' . $char_data[UNIT_FIELD_RESISTANCES + 5] . '<br /> ' . $char_data[UNIT_FIELD_RESISTANCES + 6] . ' </div> </td> <td style="width: 1%;">'; if ($equiped_items[6][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_BELT . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'BELT' . '\');" onmouseout="HideTooltip(\'_b' . 'BELT' . '\');"> <img src="' . $equiped_items[6][1] . '" class="' . $equiped_items[6][2] . '" alt="Belt" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[6][3]["bag"] . '&slot=' . $equiped_items[6][3]["slot"] . '&item=' . $equiped_items[6][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[6][3]['item_template']); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'BELT' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[6][3]['enchantment'], $equiped_items[6][3]['property'], $equiped_items[6][3]['creator'], $equiped_items[6][3]['durability'], $equiped_items[6][3]['flags']) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_waist.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td style="width: 1%;">'; if ($equiped_items[3][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_SHOULDER . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'SHOULDER' . '\');" onmouseout="HideTooltip(\'_b' . 'SHOULDER' . '\');"> <img src="' . $equiped_items[3][1] . '" class="' . $equiped_items[3][2] . '" alt="Shoulder" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[3][3]["bag"] . '&slot=' . $equiped_items[3][3]["slot"] . '&item=' . $equiped_items[3][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[3][3]['item_template']); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'SHOULDER' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[3][3]['enchantment'], $equiped_items[3][3]['property'], $equiped_items[3][3]['creator'], $equiped_items[3][3]['durability'], $equiped_items[3][3]['flags']) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_shoulder.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td style="width: 1%;">'; if ($equiped_items[7][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_LEGS . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'LEGS' . '\');" onmouseout="HideTooltip(\'_b' . 'LEGS' . '\');"> <img src="' . $equiped_items[7][1] . '" class="' . $equiped_items[7][2] . '" alt="Legs" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[7][3]["bag"] . '&slot=' . $equiped_items[7][3]["slot"] . '&item=' . $equiped_items[7][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[7][3]['item_template']); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'LEGS' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[7][3]['enchantment'], $equiped_items[7][3]['property'], $equiped_items[7][3]['creator'], $equiped_items[7][3]['durability'], $equiped_items[7][3]['flags']) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_legs.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td style="width: 1%;">'; if ($equiped_items[15][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_BACK . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'BACK' . '\');" onmouseout="HideTooltip(\'_b' . 'BACK' . '\');"> <img src="' . $equiped_items[15][1] . '" class="' . $equiped_items[15][2] . '" alt="Back" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[15][3]["bag"] . '&slot=' . $equiped_items[15][3]["slot"] . '&item=' . $equiped_items[15][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[15][3]['item_template']); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'BACK' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[15][3]['enchantment'], $equiped_items[15][3]['property'], $equiped_items[15][3]['creator'], $equiped_items[15][3]['durability'], $equiped_items[15][3]['flags']) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_chest_back.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td style="width: 1%;">'; if ($equiped_items[8][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_FEET . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'FEET' . '\');" onmouseout="HideTooltip(\'_b' . 'FEET' . '\');"> <img src="' . $equiped_items[8][1] . '" class="' . $equiped_items[8][2] . '" alt="Feet" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[8][3]["bag"] . '&slot=' . $equiped_items[8][3]["slot"] . '&item=' . $equiped_items[8][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[8][3]['item_template']); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'FEET' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[8][3]['enchantment'], $equiped_items[8][3]['property'], $equiped_items[8][3]['creator'], $equiped_items[8][3]['durability'], $equiped_items[8][3]['flags']) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_feet.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td style="width: 1%;">'; if ($equiped_items[5][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_CHEST . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'CHEST' . '\');" onmouseout="HideTooltip(\'_b' . 'CHEST' . '\');"> <img src="' . $equiped_items[5][1] . '" class="' . $equiped_items[5][2] . '" alt="Chest" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[5][3]["bag"] . '&slot=' . $equiped_items[5][3]["slot"] . '&item=' . $equiped_items[5][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[5][3]['item_template']); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'CHEST' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[5][3]['enchantment'], $equiped_items[5][3]['property'], $equiped_items[5][3]['creator'], $equiped_items[5][3]['durability'], $equiped_items[5][3]['flags']) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_chest_back.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td class="half_line" colspan="2" rowspan="2" align="center" style="width: 50%;"> <div class="gradient_p" id="char_melee_name"> ' . lang("char", "melee_d") . ':<br /> ' . lang("char", "melee_ap") . ':<br /> ' . lang("char", "melee_hit") . ':<br /> ' . lang("char", "melee_crit") . ':<br /> ' . lang("char", "expertise") . ':<br /> </div> <div class="gradient_pp" id="char_melee_value"> ' . $mindamage . '-' . $maxdamage . '<br /> ' . ($char_data[UNIT_FIELD_ATTACK_POWER] + $char_data[UNIT_FIELD_ATTACK_POWER_MODS]) . '<br /> ' . $melee_hit . '<br /> ' . $crit . '%<br /> ' . $expertise . '<br /> </div> </td> <td class="half_line" colspan="2" rowspan="2" align="center" style="width: 50%;"> <div class="gradient_p"> ' . lang("char", "spell_d") . ':<br /> ' . lang("char", "spell_heal") . ':<br /> ' . lang("char", "spell_hit") . ':<br /> ' . lang("char", "spell_crit") . ':<br /> ' . lang("char", "spell_haste") . ' </div> <div class="gradient_pp"> ' . $spell_damage . '<br /> ' . $spell_heal . '<br /> ' . $spell_hit . '<br /> ' . $spell_crit . '%<br /> ' . $spell_haste . ' </div> </td> <td style="width: 1%;">'; if ($equiped_items[11][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_FINGER1 . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'FINGER1' . '\');" onmouseout="HideTooltip(\'_b' . 'FINGER1' . '\');"> <img src="' . $equiped_items[11][1] . '" class="' . $equiped_items[11][2] . '" alt="Finger1" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[11][3]["bag"] . '&slot=' . $equiped_items[11][3]["slot"] . '&item=' . $equiped_items[11][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[11][3]['item_template']); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'FINGER1' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[11][3]['enchantment'], $equiped_items[11][3]['property'], $equiped_items[11][3]['creator'], $equiped_items[11][3]['durability'], $equiped_items[11][3]['flags']) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_finger.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td style="width: 1%;">'; if ($equiped_items[4][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_SHIRT . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'SHIRT' . '\');" onmouseout="HideTooltip(\'_b' . 'SHIRT' . '\');"> <img src="' . $equiped_items[4][1] . '" class="' . $equiped_items[4][2] . '" alt="Shirt" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[4][3]["bag"] . '&slot=' . $equiped_items[4][3]["slot"] . '&item=' . $equiped_items[4][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[4][3]['item_template']); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'SHIRT' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[4][3]['enchantment'], $equiped_items[4][3]['property'], $equiped_items[4][3]['creator'], $equiped_items[4][3]['durability'], $equiped_items[4][3]['flags']) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_shirt.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td style="width: 1%;">'; if ($equiped_items[12][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_FINGER2 . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'FINGER2' . '\');" onmouseout="HideTooltip(\'_b' . 'FINGER2' . '\');"> <img src="' . $equiped_items[12][1] . '" class="' . $equiped_items[12][2] . '" alt="Finger2" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[12][3]["bag"] . '&slot=' . $equiped_items[12][3]["slot"] . '&item=' . $equiped_items[12][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[12][3]['item_template']); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'FINGER2' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[12][3]['enchantment'], $equiped_items[12][3]['property'], $equiped_items[12][3]['creator'], $equiped_items[12][3]['durability'], $equiped_items[12][3]['flags']) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_finger.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td style="width: 1%;">'; if ($equiped_items[19][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_TABARD . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'TABARD' . '\');" onmouseout="HideTooltip(\'_b' . 'TABARD' . '\');"> <img src="' . $equiped_items[19][1] . '" class="' . $equiped_items[19][2] . '" alt="Tabard" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[19][3]["bag"] . '&slot=' . $equiped_items[19][3]["slot"] . '&item=' . $equiped_items[19][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[19][3]['item_template']); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'TABARD' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[19][3]['enchantment'], $equiped_items[19][3]['property'], $equiped_items[19][3]['creator'], $equiped_items[19][3]['durability'], $equiped_items[19][3]['flags']) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_tabard.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td class="half_line" colspan="2" rowspan="2" align="center" style="width: 50%;"> <div class="gradient_p"> ' . lang("char", "dodge") . ':<br /> ' . lang("char", "parry") . ':<br /> ' . lang("char", "block") . ': </div> <div class="gradient_pp"> ' . $dodge . '%<br /> ' . $parry . '%<br /> ' . $block . '% </div> </td> <td class="half_line" colspan="2" rowspan="2" align="center" style="width: 50%;"> <div class="gradient_p" id="char_ranged_name"> ' . lang("char", "ranged_d") . ':<br /> ' . lang("char", "ranged_ap") . ':<br /> ' . lang("char", "ranged_hit") . ':<br /> ' . lang("char", "ranged_crit") . ':<br /> </div> <div class="gradient_pp" id="char_ranged_value"> ' . $minrangeddamage . '-' . $maxrangeddamage . '<br /> ' . ($char_data[UNIT_FIELD_RANGED_ATTACK_POWER] + $char_data[UNIT_FIELD_RANGED_ATTACK_POWER_MODS]) . '<br /> ' . $ranged_hit . '<br /> ' . $ranged_crit . '%<br /> </div> </td> <td style="width: 1%;">'; if ($equiped_items[13][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_TRINKET1 . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'TRINKET1' . '\');" onmouseout="HideTooltip(\'_b' . 'TRINKET1' . '\');"> <img src="' . $equiped_items[13][1] . '" class="' . $equiped_items[13][2] . '" alt="Trinket1" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[13][3]["bag"] . '&slot=' . $equiped_items[13][3]["slot"] . '&item=' . $equiped_items[13][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[13][3]['item_template']); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'TRINKET1' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[13][3]['enchantment'], $equiped_items[13][3]['property'], $equiped_items[13][3]['creator'], $equiped_items[13][3]['durability'], $equiped_items[13][3]['flags']) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_trinket.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td style="width: 1%;">'; if ($equiped_items[9][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_WRIST . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'WRIST' . '\');" onmouseout="HideTooltip(\'_b' . 'WRIST' . '\');"> <img src="' . $equiped_items[9][1] . '" class="' . $equiped_items[9][2] . '" alt="Wrist" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[9][3]["bag"] . '&slot=' . $equiped_items[9][3]["slot"] . '&item=' . $equiped_items[9][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[9][3]['item_template']); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'WRIST' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[9][3]['enchantment'], $equiped_items[9][3]['property'], $equiped_items[9][3]['creator'], $equiped_items[9][3]['durability'], $equiped_items[9][3]['flags']) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_wrist.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td style="width: 1%;">'; if ($equiped_items[14][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_TRINKET2 . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'TRINKET2' . '\');" onmouseout="HideTooltip(\'_b' . 'TRINKET2' . '\');"> <img src="' . $equiped_items[14][1] . '" class="' . $equiped_items[14][2] . '" alt="Trinket2" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[14][3]["bag"] . '&slot=' . $equiped_items[14][3]["slot"] . '&item=' . $equiped_items[14][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[14][3]['item_template']); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'TRINKET2' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[14][3]['enchantment'], $equiped_items[14][3]['property'], $equiped_items[14][3]['creator'], $equiped_items[14][3]['durability'], $equiped_items[14][3]['flags']) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_trinket.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td></td> <td style="width: 15%;">'; if ($equiped_items[16][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_MAIN_HAND . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'MAIN_HAND' . '\');" onmouseout="HideTooltip(\'_b' . 'MAIN_HAND' . '\');"> <img src="' . $equiped_items[16][1] . '" class="' . $equiped_items[16][2] . '" alt="MainHand" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[16][3]["bag"] . '&slot=' . $equiped_items[16][3]["slot"] . '&item=' . $equiped_items[16][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[16][3]['item_template']); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'MAIN_HAND' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[16][3]['enchantment'], $equiped_items[16][3]['property'], $equiped_items[16][3]['creator'], $equiped_items[16][3]['durability'], $equiped_items[16][3]['flags']) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_main_hand.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td style="width: 15%;">'; if ($equiped_items[17][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_OFF_HAND . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'OFF_HAND' . '\');" onmouseout="HideTooltip(\'_b' . 'OFF_HAND' . '\');"> <img src="' . $equiped_items[17][1] . '" class="' . $equiped_items[17][2] . '" alt="OffHand" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[17][3]["bag"] . '&slot=' . $equiped_items[17][3]["slot"] . '&item=' . $equiped_items[17][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[17][3]['item_template']); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'OFF_HAND' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[17][3]['enchantment'], $equiped_items[17][3]['property'], $equiped_items[17][3]['creator'], $equiped_items[17][3]['durability'], $equiped_items[17][3]['flags']) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_off_hand.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td style="width: 15%;">'; if ($equiped_items[18][1]) { $output .= ' <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_RANGED . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'RANGED' . '\');" onmouseout="HideTooltip(\'_b' . 'RANGED' . '\');"> <img src="' . $equiped_items[18][1] . '" class="' . $equiped_items[18][2] . '" alt="Ranged" /> </a>'; if ($mode) { $output .= ' <div style="position: relative;"> <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[18][3]["bag"] . '&slot=' . $equiped_items[18][3]["slot"] . '&item=' . $equiped_items[18][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete"> <img src="img/aff_cross.png" /> </a> </div>'; } // build a tooltip object for this item $i_fields = get_item_info($equiped_items[18][3]['item_template']); $output .= ' <div class="item_tooltip" id="tooltip_b' . 'RANGED' . '"> <table> <tr> <td> ' . get_item_tooltip($i_fields, $equiped_items[18][3]['enchantment'], $equiped_items[18][3]['property'], $equiped_items[18][3]['creator'], $equiped_items[18][3]['durability'], $equiped_items[18][3]['flags']) . ' </td> </tr> </table> </div>'; } else { $output .= ' <img src="img/INV/INV_empty_ranged.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td style="width: 15%;"></td> <td></td> </tr>'; if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { // if the character is still leveling, show an experience bar if ($char["level"] < 80) { $xp_query = "SELECT * FROM xp_to_level WHERE level='" . $char["level"] . "'"; $xp_result = $sql["mgr"]->query($xp_query); $xp_fields = $sql["mgr"]->fetch_assoc($xp_result); $xp_to_level = $xp_fields["xp_for_next_level"]; $output .= ' <tr> <td colspan="6" class="bar xp_bar" style="background-position: ' . (round(580 * $char["xp"] / $xp_to_level) - 580) . 'px;"> ' . lang("char", "exp") . ": " . $char["xp"] . " / " . $xp_to_level . ' </td> </tr>'; } //total time played $tot_time = $char["totaltime"]; $tot_days = (int) ($tot_time / 86400); $tot_time = $tot_time - $tot_days * 86400; $total_hours = (int) ($tot_time / 3600); $tot_time = $tot_time - $total_hours * 3600; $total_min = (int) ($tot_time / 60); $time_offset = $timezone_offset * 3600; if ($char["timestamp"] != 0) { $lastseen = date("F j, Y @ Hi", $char["timestamp"] + $time_offset); } else { $lastseen = '-'; } $output .= ' <tr> <td colspan="6"> ' . lang("char", "tot_play_time") . ': ' . $tot_days . ' ' . lang("char", "days") . ' ' . $total_hours . ' ' . lang("char", "hours") . ' ' . $total_min . ' ' . lang("char", "min") . ' </td> </tr>'; $output .= ' <tr> <td colspan="6"> ' . lang("char", "lastseen") . ': ' . $lastseen . ' </td> </tr>'; } $output .= ' </table> </div> <br /> </div> <br /> <table class="hidden center"> <tr> <td>'; // button to user account page, user account page has own security makebutton(lang("char", "chars_acc"), 'user.php?action=edit_user&acct=' . $owner_acc_id . '', 130); $output .= ' </td> <td>'; // only higher level GM with delete access can edit character // character edit allows removal of character items, so delete permission is needed if ($user_lvl >= $owner_gmlvl && $user_lvl >= $action_permission["delete"]) { makebutton(lang("char", "edit_button"), 'char_edit.php?id=' . $id . '&realm=' . $realmid, 130); $output .= ' </td> <td>'; } // only higher level GM with delete access, or character owner can delete character if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"] || $owner_name === $user_name) { makebutton(lang("char", "del_char"), 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130); $output .= ' </td> <td>'; } // show Delete Mode / View Mode button depending on current mode if ($mode) { makebutton(lang("char", "viewmode"), 'char.php?id=' . $id . '&realm=' . $realmid . '&mode=0" type="def', 130); } else { makebutton(lang("char", "deletemode"), 'char.php?id=' . $id . '&realm=' . $realmid . '&mode=1" type="def', 130); } $output .= ' </td> <td>'; // only GM with update permission can send mail, mail can send items, so update permission is needed if ($user_lvl >= $action_permission["update"]) { makebutton(lang("char", "send_mail"), 'mail.php?type=ingame_mail&to=' . $char["name"], 130); $output .= ' </td>'; } else { $output .= ' </td>'; } $output .= ' </tr> <tr> <td>'; makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> <br /> <!-- end of char.php -->'; } else { } //error($lang_char["no_permission"]); } else { error(lang("char", "no_char_found")); } }
function edit_char(&$sqlr, &$sqlc, &$sqlm) { global $lang_global, $lang_char, $lang_item, $output, $realm_db, $characters_db, $realm_id, $mmfpm_db, $action_permission, $user_lvl, $item_datasite; // this page uses wowhead tooltops wowhead_tt(); valid_login($action_permission['delete']); if (empty($_GET['id'])) { error($lang_global['empty_fields']); } $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); $id = $sqlc->quote_smart($_GET['id']); // getting character data from database $result = $sqlc->query("\r\n\t\tSELECT account \r\n\t\tFROM `characters` \r\n\t\tWHERE guid = '{$id}'"); // no point going further if character does not exist if ($sqlc->num_rows($result)) { //resrict by owner's gmlvl $owner_acc_id = $sqlc->result($result, 0, 'account'); $query = $sqlr->query("\r\n\t\t\tSELECT gmlevel, username \r\n\t\t\tFROM account \r\n\t\t\tWHERE id ='{$owner_acc_id}'"); $owner_gmlvl = $sqlr->result($query, 0, 'gmlevel'); $owner_name = $sqlr->result($query, 0, 'username'); $owner_check = $sqlr->result($query, 0, 'username'); if ($user_lvl >= $owner_gmlvl) { $result = $sqlc->query("\r\n\t\t\t\tSELECT c.guid, c.account, c.name, c.race, c.class, c.level, c.gender, c.online, c.money, c.totaltime,\r\n\t\t\t\t\tc.position_x, c.position_y, c.position_z, c.map, c.zone,\r\n\t\t\t\t\tc.totalHonorpoints, c.totalKills, c.arenaPoints, c.equipmentCache,\r\n\t\t\t\t\tCOALESCE(guild_member.guildid,0) AS guildid, COALESCE(guild_member.rank,0) AS grank\r\n\t\t\t\tFROM characters c LEFT JOIN guild_member ON c.guid = guild_member.guid \r\n\t\t\t\tWHERE c.guid = '{$id}'"); $char = $sqlc->fetch_assoc($result); $eq_data = explode(' ', $char['equipmentCache']); if ($char['online']) { $online = "<font class=\"error\">{$lang_char['online']}</font>{$lang_char['edit_offline_only_char']}"; } else { $online = $lang_char['offline']; } if ($char['guildid']) { $query = $sqlc->query("\r\n\t\t\t\t\tSELECT name \r\n\t\t\t\t\tFROM guild \r\n\t\t\t\t\tWHERE guildid ='{$char['guildid']}'"); $guild_name = $sqlc->result($query, 0, 'name'); if ($user_lvl > 0) { $guild_name = "<a href=\"guild.php?action=view_guild&error=3&id={$char['guildid']}\" >{$guild_name}</a>"; } if ($char['grank']) { $guild_rank_query = $sqlc->query("\r\n\t\t\t\t\t\tSELECT rname \r\n\t\t\t\t\t\tFROM guild_rank \r\n\t\t\t\t\t\tWHERE guildid ='{$char['guildid']}' AND rid='{$char['grank']}'"); $guild_rank = $sqlc->result($guild_rank_query, 0, 'rname'); } else { $guild_rank = $lang_char['guild_leader']; } } else { $guild_name = $lang_global['none']; $guild_rank = $lang_global['none']; } $output .= "\r\n <center>\r\n <form method=\"get\" action=\"char_edit.php\" name=\"form\">\r\n <input type=\"hidden\" name=\"action\" value=\"do_edit_char\" />\r\n <input type=\"hidden\" name=\"id\" value=\"{$id}\" />\r\n <table class=\"lined\">\r\n <tr>\r\n <td colspan=\"8\"><font class=\"bold\"><input type=\"text\" name=\"name\" size=\"14\" maxlength=\"12\" value=\"" . $char['name'] . "\" /> - <img src='img/c_icons/" . $char['race'] . "-" . $char['gender'] . ".gif' onmousemove='toolTip(\"" . char_get_race_name($char['race']) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" /> <img src='img/c_icons/" . $char['class'] . ".gif' onmousemove='toolTip(\"" . char_get_class_name($char['class']) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" /> - lvl " . char_get_level_color($char['level']) . "</font><br />" . $online . "</td>\r\n </tr>\r\n <tr>\r\n <td colspan=\"8\">" . get_map_name($char['online'], $sqlm) . " - " . get_zone_name($char['zone'], $sqlm) . "</td>\r\n </tr>\r\n <tr>\r\n <td colspan=\"8\">{$lang_char['username']}: <input type=\"text\" name=\"owner_name\" size=\"20\" maxlength=\"25\" value=\"{$owner_name}\" /> | {$lang_char['acc_id']}: {$owner_acc_id}</td>\r\n </tr>\r\n <tr>\r\n <td colspan=\"8\">{$lang_char['guild']}: {$guild_name} | {$lang_char['rank']}: {$guild_rank}</td>\r\n </tr>\r\n <tr>\r\n <td colspan=\"8\">{$lang_char['honor_points']}: <input type=\"text\" name=\"honor_points\" size=\"8\" maxlength=\"6\" value=\"{$char['totalHonorpoints']}\" />/\r\n <input type=\"text\" name=\"arena_points\" size=\"8\" maxlength=\"6\" value=\"{$char['arenaPoints']}\" /> - {$lang_char['honor_kills']}: <input type=\"text\" name=\"total_kills\" size=\"8\" maxlength=\"6\" value=\"{$char['totalKills']}\" />\r\n </td>\r\n </tr>\r\n <tr>\r\n <td width=\"2%\"><input type=\"checkbox\" name=\"check[]\" value=\"a0\" /></td><td width=\"18%\">{$lang_item['head']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_HEAD]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_HEAD]) . "</a></td>\r\n <td width=\"18%\">{$lang_item['gloves']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_GLOVES]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_GLOVES]) . "</a></td><td width=\"2%\"><input type=\"checkbox\" name=\"check[]\" value=\"a9\" /></td>\r\n </tr>\r\n <tr>\r\n <td><input type=\"checkbox\" name=\"check[]\" value=\"a1\" /></td><td>{$lang_item['neck']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_NECK]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_NECK]) . "</a></td>\r\n <td>{$lang_item['belt']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_BELT]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_BELT]) . "</a></td> <td><input type=\"checkbox\" name=\"check[]\" value=\"a5\" /></td>\r\n </tr>\r\n <tr>\r\n <td><input type=\"checkbox\" name=\"check[]\" value=\"a2\" /></td><td>{$lang_item['shoulder']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_SHOULDER]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_SHOULDER]) . "</a></td>\r\n <td>{$lang_item['legs']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_LEGS]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_LEGS]) . "</a></td><td><input type=\"checkbox\" name=\"check[]\" value=\"a6\" /></td>\r\n </tr>\r\n <tr>\r\n <td><input type=\"checkbox\" name=\"check[]\" value=\"a14\" /></td><td>{$lang_item['back']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_BACK]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_BACK]) . "</a></td>\r\n <td>{$lang_item['feet']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_FEET]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_FEET]) . "</a></td><td><input type=\"checkbox\" name=\"check[]\" value=\"a7\" /></td>\r\n </tr>\r\n <tr>\r\n <td><input type=\"checkbox\" name=\"check[]\" value=\"a4\" /></td><td>{$lang_item['chest']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_CHEST]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_CHEST]) . "</a></td>\r\n <td>{$lang_item['finger']} 1<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_FINGER1]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_FINGER1]) . "</a></td><td><input type=\"checkbox\" name=\"check[]\" value=\"a10\" /></td>\r\n </tr>\r\n <tr>\r\n <td><input type=\"checkbox\" name=\"check[]\" value=\"a3\" /></td><td>{$lang_item['shirt']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_SHIRT]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_SHIRT]) . "</a></td>\r\n <td>{$lang_item['finger']} 2<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_FINGER2]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_FINGER2]) . "</a></td><td><input type=\"checkbox\" name=\"check[]\" value=\"a11\" /></td>\r\n </tr>\r\n <tr>\r\n <td><input type=\"checkbox\" name=\"check[]\" value=\"a18\" /></td><td>{$lang_item['tabard']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_TABARD]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_TABARD]) . "</a></td>\r\n <td>{$lang_item['trinket']} 1<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_TRINKET1]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_TRINKET1]) . "</a></td><td><input type=\"checkbox\" name=\"check[]\" value=\"a12\" /></td>\r\n </tr>\r\n <tr>\r\n <td><input type=\"checkbox\" name=\"check[]\" value=\"a8\" /></td><td>{$lang_item['wrist']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_WRIST]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_WRIST]) . "</a></td>\r\n <td>{$lang_item['trinket']} 2<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_TRINKET2]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_TRINKET2]) . "</a></td><td><input type=\"checkbox\" name=\"check[]\" value=\"a13\" /></td>\r\n </tr>\r\n <tr>\r\n <td><input type=\"checkbox\" name=\"check[]\" value=\"a15\" /></td>\r\n <td colspan=\"2\">{$lang_item['main_hand']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_MAIN_HAND]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_MAIN_HAND]) . "</a></td>\r\n <td colspan=\"2\"><input type=\"checkbox\" name=\"check[]\" value=\"a16\" /> {$lang_item['off_hand']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_OFF_HAND]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_OFF_HAND]) . "</a></td>\r\n <td colspan=\"2\">{$lang_item['ranged']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_RANGED]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_RANGED]) . "</a></td>\r\n <td><input type=\"checkbox\" name=\"check[]\" value=\"a17\" /></td>\r\n </tr>\r\n <tr>\r\n <td colspan=\"4\">{$lang_char['gold']}: <input type=\"text\" name=\"money\" size=\"10\" maxlength=\"8\" value=\"{$char['money']}\" /></td>\r\n <td colspan=\"4\">{$lang_char['tot_paly_time']}: <input type=\"text\" name=\"tot_time\" size=\"8\" maxlength=\"14\" value=\"{$char['totaltime']}\" /></td>\r\n </tr>\r\n <tr>\r\n <td colspan=\"5\">{$lang_char['location']}:\r\n X:<input type=\"text\" name=\"x\" size=\"10\" maxlength=\"8\" value=\"{$char['position_x']}\" />\r\n Y:<input type=\"text\" name=\"y\" size=\"8\" maxlength=\"16\" value=\"{$char['position_y']}\" />\r\n Z:<input type=\"text\" name=\"z\" size=\"8\" maxlength=\"16\" value=\"{$char['position_z']}\" />\r\n Map:<input type=\"text\" name=\"map\" size=\"8\" maxlength=\"16\" value=\"{$char['map']}\" />\r\n </td>\r\n <td colspan=\"3\">{$lang_char['move_to']}:<input type=\"text\" name=\"tp_to\" size=\"24\" maxlength=\"64\" value=\"\" /></td>\r\n </tr>\r\n </table>\r\n <br />"; //inventory+bank items $query2 = $sqlc->query("\r\n\t\t\t\tSELECT bag, slot, item, item_template \r\n\t\t\t\tFROM character_inventory \r\n\t\t\t\tWHERE guid = '{$id}' \r\n\t\t\t\tORDER BY bag, slot"); $inv = array(); $count = 0; while ($slot = $sqlc->fetch_row($query2)) { if ($slot[0] == 0) { if ($slot[1] >= 23 && $slot[1] <= 62) { $count++; $inv[$count][0] = $slot[3]; $inv[$count][1] = $slot[2]; } } else { $count++; $inv[$count][0] = $slot[3]; $inv[$count][1] = $slot[2]; } } $output .= "\r\n <table class=\"lined\">\r\n\t\t\t\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t\t\t\t<td>{$lang_char['inv_bank']}</td>\r\n\t\t\t\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t\t\t\t<td height=\"100\" align=\"center\">\r\n\t\t\t\t\t\t\t\t\t\t\t<table>\r\n\t\t\t\t\t\t\t\t\t\t\t\t<tr align=\"center\">"; $j = 0; for ($i = 1; $i <= $count; $i++) { $j++; $output .= "\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t<td>\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<a href=\"{$item_datasite}{$inv[$i][0]}\" target=\"_blank\">{$inv[$i][0]}</a>\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<br />\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<input type=\"checkbox\" name=\"check[]\" value=\"{$inv[$i][1]}\" />\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t</td>"; if ($j == 15) { $output .= "\r\n\t\t\t\t\t\t\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t\t\t\t\t\t\t\t<tr align=\"center\">"; $j = 0; } } $output .= "\r\n </tr>\r\n </table>\r\n </td>\r\n </tr>\r\n </table>\r\n <br />\r\n <table class=\"hidden\">\r\n <tr>\r\n <td>"; makebutton($lang_char['update'], "javascript:do_submit()", 190); makebutton($lang_char['to_char_view'], "char.php?id={$id}", 160); makebutton($lang_char['del_char'], "char_list.php?action=del_char_form&check%5B%5D={$id}", 160); makebutton($lang_global['back'], "javascript:window.history.back()", 160); $output .= "\r\n </td>\r\n </tr>\r\n </table>\r\n <br />\r\n </form>\r\n </center>"; //case of non auth request } else { error($lang_char['no_permission']); } } else { error($lang_char['no_char_found']); } }
function char_main(&$sqlr, &$sqlc) { global $output, $lang_global, $lang_char, $lang_item, $realm_id, $realm_db, $characters_db, $world_db, $server, $mmfpm_db, $action_permission, $user_lvl, $user_name, $user_id, $item_datasite, $spell_datasite, $showcountryflag; // this page uses wowhead tooltops wowhead_tt(); require_once 'core/char/char_security.php'; $result = $sqlc->query('SELECT account, race FROM characters WHERE guid = ' . $id . ' LIMIT 1'); if ($sqlc->num_rows($result)) { //resrict by owner's gmlvl $owner_acc_id = $sqlc->result($result, 0, 'account'); $query = $sqlr->query('SELECT `username`, `gmlevel` FROM `account` LEFT JOIN `account_access` ON `account`.`id`=`account_access`.`id` WHERE `account`.`id` = ' . $owner_acc_id . ' ORDER BY `gmlevel` DESC LIMIT 1'); $owner_name = $sqlr->result($query, 0, 'username'); $owner_gmlvl = $sqlr->result($query, 0, 'gmlevel'); if (empty($owner_gmlvl)) { $owner_gmlvl = 0; } if ($user_lvl || $server[$realmid]['both_factions']) { $side_v = 0; $side_p = 0; } else { $side_p = in_array($sqlc->result($result, 0, 'race'), array(2, 5, 6, 8, 10)) ? 1 : 2; $result_1 = $sqlc->query('SELECT race FROM characters WHERE account = ' . $user_id . ' LIMIT 1'); if ($sqlc->num_rows($result)) { $side_v = in_array($sqlc->result($result_1, 0, 'race'), array(2, 5, 6, 8, 10)) ? 1 : 2; } else { $side_v = 0; } unset($result_1); } if ($user_lvl >= $owner_gmlvl && ($side_v === $side_p || !$side_v)) { $result = $sqlc->query('SELECT characters.equipmentCache, characters.name, characters.race, characters.class, characters.level, characters.zone, characters.map, characters.online, characters.totaltime, characters.gender, characters.account, character_stats.blockPct, character_stats.dodgePct, character_stats.parryPct, character_stats.critPct, character_stats.rangedCritPct, character_stats.spellCritPct, COALESCE(guild_member.guildid,0) AS guildid, COALESCE(guild_member.rank,0) AS rank, characters.totalHonorPoints, characters.arenaPoints, characters.totalKills, character_stats.maxhealth, character_stats.maxpower1, character_stats.strength, character_stats.agility, character_stats.stamina, character_stats.intellect, character_stats.spirit, character_stats.armor, character_stats.resHoly, character_stats.resFire, character_stats.resNature, character_stats.resFrost, character_stats.resShadow, character_stats.resArcane, character_stats.attackPower, character_stats.rangedAttackPower, character_stats.spellPower, characters.power2, character_stats.maxpower2, characters.power4, character_stats.maxpower4, characters.power3, character_stats.maxpower3 FROM characters LEFT JOIN character_stats ON characters.guid = character_stats.guid LEFT JOIN guild_member ON characters.guid = guild_member.guid WHERE characters.guid = ' . $id); $char = $sqlc->fetch_assoc($result); $eq_data = explode(' ', $char['equipmentCache']); $online = $char['online'] ? $lang_char['online'] : $lang_char['offline']; if ($char['guildid'] && $char['guildid'] != 0) { $guild_name = $sqlc->result($sqlc->query('SELECT name FROM guild WHERE guildid =' . $char['guildid'] . ''), 0, 'name'); $guild_name = '<a href="guild.php?action=view_guild&realm=' . $realmid . '&error=3&id=' . $char['guildid'] . '" >' . $guild_name . '</a>'; $mrank = $char['rank']; $guild_rank = $sqlc->result($sqlc->query('SELECT rname FROM guild_rank WHERE guildid =' . $char['guildid'] . ' AND rid=' . $mrank . ''), 0, 'rname'); } else { $guild_name = $lang_global['none']; $guild_rank = $lang_global['none']; } $block = round($char['blockPct'], 2); $dodge = round($char['dodgePct'], 2); $parry = round($char['parryPct'], 2); $crit = round($char['critPct'], 2); $ranged_crit = round($char['rangedCritPct'], 2); $spell_crit = round($char['spellCritPct'], 2); $spell_damage = $char['spellPower']; $rage = round($char['power2'] / 10); $maxrage = round($char['maxpower2'] / 10); //preventing undefined variables, didnt want to remove all this stuff so just filling the missing variables with 0 define('CHAR_DATA_OFFSET_MELEE_HIT', 0); define('CHAR_DATA_OFFSET_SPELL_HEAL', 1); define('CHAR_DATA_OFFSET_SPELL_HIT', 2); define('CHAR_DATA_OFFSET_SPELL_HASTE_RATING', 3); define('CHAR_DATA_OFFSET_RESILIENCE', 4); define('CHAR_DATA_OFFSET_RANGE_HIT', 5); $char_data = array(0, 0, 0, 0, 0, 0); $maxdamage = 0; $mindamage = 0; $maxrangeddamage = 0; $minrangeddamage = 0; $expertise = 0; $EQU_HEAD = $eq_data[EQ_DATA_OFFSET_EQU_HEAD]; $EQU_NECK = $eq_data[EQ_DATA_OFFSET_EQU_NECK]; $EQU_SHOULDER = $eq_data[EQ_DATA_OFFSET_EQU_SHOULDER]; $EQU_SHIRT = $eq_data[EQ_DATA_OFFSET_EQU_SHIRT]; $EQU_CHEST = $eq_data[EQ_DATA_OFFSET_EQU_CHEST]; $EQU_BELT = $eq_data[EQ_DATA_OFFSET_EQU_BELT]; $EQU_LEGS = $eq_data[EQ_DATA_OFFSET_EQU_LEGS]; $EQU_FEET = $eq_data[EQ_DATA_OFFSET_EQU_FEET]; $EQU_WRIST = $eq_data[EQ_DATA_OFFSET_EQU_WRIST]; $EQU_GLOVES = $eq_data[EQ_DATA_OFFSET_EQU_GLOVES]; $EQU_FINGER1 = $eq_data[EQ_DATA_OFFSET_EQU_FINGER1]; $EQU_FINGER2 = $eq_data[EQ_DATA_OFFSET_EQU_FINGER2]; $EQU_TRINKET1 = $eq_data[EQ_DATA_OFFSET_EQU_TRINKET1]; $EQU_TRINKET2 = $eq_data[EQ_DATA_OFFSET_EQU_TRINKET2]; $EQU_BACK = $eq_data[EQ_DATA_OFFSET_EQU_BACK]; $EQU_MAIN_HAND = $eq_data[EQ_DATA_OFFSET_EQU_MAIN_HAND]; $EQU_OFF_HAND = $eq_data[EQ_DATA_OFFSET_EQU_OFF_HAND]; $EQU_RANGED = $eq_data[EQ_DATA_OFFSET_EQU_RANGED]; $EQU_TABARD = $eq_data[EQ_DATA_OFFSET_EQU_TABARD]; /* // reserved incase we want to use back minimanagers' built in tooltip, instead of wowheads' // minimanagers' item tooltip needs updating, but it can show enchantments and sockets. $equiped_items = array ( 1 => array(($EQU_HEAD ? get_item_tooltip($EQU_HEAD) : 0),($EQU_HEAD ? get_item_icon($EQU_HEAD) : 0),($EQU_HEAD ? get_item_border($EQU_HEAD) : 0)), 2 => array(($EQU_NECK ? get_item_tooltip($EQU_NECK) : 0),($EQU_NECK ? get_item_icon($EQU_NECK) : 0),($EQU_NECK ? get_item_border($EQU_NECK) : 0)), 3 => array(($EQU_SHOULDER ? get_item_tooltip($EQU_SHOULDER) : 0),($EQU_SHOULDER ? get_item_icon($EQU_SHOULDER) : 0),($EQU_SHOULDER ? get_item_border($EQU_SHOULDER) : 0)), 4 => array(($EQU_SHIRT ? get_item_tooltip($EQU_SHIRT) : 0),($EQU_SHIRT ? get_item_icon($EQU_SHIRT) : 0),($EQU_SHIRT ? get_item_border($EQU_SHIRT) : 0)), 5 => array(($EQU_CHEST ? get_item_tooltip($EQU_CHEST) : 0),($EQU_CHEST ? get_item_icon($EQU_CHEST) : 0),($EQU_CHEST ? get_item_border($EQU_CHEST) : 0)), 6 => array(($EQU_BELT ? get_item_tooltip($EQU_BELT) : 0),($EQU_BELT ? get_item_icon($EQU_BELT) : 0),($EQU_BELT ? get_item_border($EQU_BELT) : 0)), 7 => array(($EQU_LEGS ? get_item_tooltip($EQU_LEGS) : 0),($EQU_LEGS ? get_item_icon($EQU_LEGS) : 0),($EQU_LEGS ? get_item_border($EQU_LEGS) : 0)), 8 => array(($EQU_FEET ? get_item_tooltip($EQU_FEET) : 0),($EQU_FEET ? get_item_icon($EQU_FEET) : 0),($EQU_FEET ? get_item_border($EQU_FEET) : 0)), 9 => array(($EQU_WRIST ? get_item_tooltip($EQU_WRIST) : 0),($EQU_WRIST ? get_item_icon($EQU_WRIST) : 0),($EQU_WRIST ? get_item_border($EQU_WRIST) : 0)), 10 => array(($EQU_GLOVES ? get_item_tooltip($EQU_GLOVES) : 0),($EQU_GLOVES ? get_item_icon($EQU_GLOVES) : 0),($EQU_GLOVES ? get_item_border($EQU_GLOVES) : 0)), 11 => array(($EQU_FINGER1 ? get_item_tooltip($EQU_FINGER1) : 0),($EQU_FINGER1 ? get_item_icon($EQU_FINGER1) : 0),($EQU_FINGER1 ? get_item_border($EQU_FINGER1) : 0)), 12 => array(($EQU_FINGER2 ? get_item_tooltip($EQU_FINGER2) : 0),($EQU_FINGER2 ? get_item_icon($EQU_FINGER2) : 0),($EQU_FINGER2 ? get_item_border($EQU_FINGER2) : 0)), 13 => array(($EQU_TRINKET1 ? get_item_tooltip($EQU_TRINKET1) : 0),($EQU_TRINKET1 ? get_item_icon($EQU_TRINKET1) : 0),($EQU_TRINKET1 ? get_item_border($EQU_TRINKET1) : 0)), 14 => array(($EQU_TRINKET2 ? get_item_tooltip($EQU_TRINKET2) : 0),($EQU_TRINKET2 ? get_item_icon($EQU_TRINKET2) : 0),($EQU_TRINKET2 ? get_item_border($EQU_TRINKET2) : 0)), 15 => array(($EQU_BACK ? get_item_tooltip($EQU_BACK) : 0),($EQU_BACK ? get_item_icon($EQU_BACK) : 0),($EQU_BACK ? get_item_border($EQU_BACK) : 0)), 16 => array(($EQU_MAIN_HAND ? get_item_tooltip($EQU_MAIN_HAND) : 0),($EQU_MAIN_HAND ? get_item_icon($EQU_MAIN_HAND) : 0),($EQU_MAIN_HAND ? get_item_border($EQU_MAIN_HAND) : 0)), 17 => array(($EQU_OFF_HAND ? get_item_tooltip($EQU_OFF_HAND) : 0),($EQU_OFF_HAND ? get_item_icon($EQU_OFF_HAND) : 0),($EQU_OFF_HAND ? get_item_border($EQU_OFF_HAND) : 0)), 18 => array(($EQU_RANGED ? get_item_tooltip($EQU_RANGED) : 0),($EQU_RANGED ? get_item_icon($EQU_RANGED) : 0),($EQU_RANGED ? get_item_border($EQU_RANGED) : 0)), 19 => array(($EQU_TABARD ? get_item_tooltip($EQU_TABARD) : 0),($EQU_TABARD ? get_item_icon($EQU_TABARD) : 0),($EQU_TABARD ? get_item_border($EQU_TABARD) : 0)) ); */ $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); $sqlw = new SQL(); $sqlw->connect($world_db[$realmid]['addr'], $world_db[$realmid]['user'], $world_db[$realmid]['pass'], $world_db[$realmid]['name']); $equiped_items = array(1 => array('', $EQU_HEAD ? get_item_icon($EQU_HEAD, $sqlm, $sqlw) : 0, $EQU_HEAD ? get_item_border($EQU_HEAD, $sqlw) : 0), 2 => array('', $EQU_NECK ? get_item_icon($EQU_NECK, $sqlm, $sqlw) : 0, $EQU_NECK ? get_item_border($EQU_NECK, $sqlw) : 0), 3 => array('', $EQU_SHOULDER ? get_item_icon($EQU_SHOULDER, $sqlm, $sqlw) : 0, $EQU_SHOULDER ? get_item_border($EQU_SHOULDER, $sqlw) : 0), 4 => array('', $EQU_SHIRT ? get_item_icon($EQU_SHIRT, $sqlm, $sqlw) : 0, $EQU_SHIRT ? get_item_border($EQU_SHIRT, $sqlw) : 0), 5 => array('', $EQU_CHEST ? get_item_icon($EQU_CHEST, $sqlm, $sqlw) : 0, $EQU_CHEST ? get_item_border($EQU_CHEST, $sqlw) : 0), 6 => array('', $EQU_BELT ? get_item_icon($EQU_BELT, $sqlm, $sqlw) : 0, $EQU_BELT ? get_item_border($EQU_BELT, $sqlw) : 0), 7 => array('', $EQU_LEGS ? get_item_icon($EQU_LEGS, $sqlm, $sqlw) : 0, $EQU_LEGS ? get_item_border($EQU_LEGS, $sqlw) : 0), 8 => array('', $EQU_FEET ? get_item_icon($EQU_FEET, $sqlm, $sqlw) : 0, $EQU_FEET ? get_item_border($EQU_FEET, $sqlw) : 0), 9 => array('', $EQU_WRIST ? get_item_icon($EQU_WRIST, $sqlm, $sqlw) : 0, $EQU_WRIST ? get_item_border($EQU_WRIST, $sqlw) : 0), 10 => array('', $EQU_GLOVES ? get_item_icon($EQU_GLOVES, $sqlm, $sqlw) : 0, $EQU_GLOVES ? get_item_border($EQU_GLOVES, $sqlw) : 0), 11 => array('', $EQU_FINGER1 ? get_item_icon($EQU_FINGER1, $sqlm, $sqlw) : 0, $EQU_FINGER1 ? get_item_border($EQU_FINGER1, $sqlw) : 0), 12 => array('', $EQU_FINGER2 ? get_item_icon($EQU_FINGER2, $sqlm, $sqlw) : 0, $EQU_FINGER2 ? get_item_border($EQU_FINGER2, $sqlw) : 0), 13 => array('', $EQU_TRINKET1 ? get_item_icon($EQU_TRINKET1, $sqlm, $sqlw) : 0, $EQU_TRINKET1 ? get_item_border($EQU_TRINKET1, $sqlw) : 0), 14 => array('', $EQU_TRINKET2 ? get_item_icon($EQU_TRINKET2, $sqlm, $sqlw) : 0, $EQU_TRINKET2 ? get_item_border($EQU_TRINKET2, $sqlw) : 0), 15 => array('', $EQU_BACK ? get_item_icon($EQU_BACK, $sqlm, $sqlw) : 0, $EQU_BACK ? get_item_border($EQU_BACK, $sqlw) : 0), 16 => array('', $EQU_MAIN_HAND ? get_item_icon($EQU_MAIN_HAND, $sqlm, $sqlw) : 0, $EQU_MAIN_HAND ? get_item_border($EQU_MAIN_HAND, $sqlw) : 0), 17 => array('', $EQU_OFF_HAND ? get_item_icon($EQU_OFF_HAND, $sqlm, $sqlw) : 0, $EQU_OFF_HAND ? get_item_border($EQU_OFF_HAND, $sqlw) : 0), 18 => array('', $EQU_RANGED ? get_item_icon($EQU_RANGED, $sqlm, $sqlw) : 0, $EQU_RANGED ? get_item_border($EQU_RANGED, $sqlw) : 0), 19 => array('', $EQU_TABARD ? get_item_icon($EQU_TABARD, $sqlm, $sqlw) : 0, $EQU_TABARD ? get_item_border($EQU_TABARD, $sqlw) : 0)); if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) { $output .= ' <center> <div id="tab_content"> <h1>' . $lang_char['char_sheet'] . '</h1><br /> <div id="tab"> <ul> <li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li> <li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['inventory'] . '</a></li> <li><a href="char_extra.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['extra'] . '</a></li> ' . ($char['level'] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['talents'] . '</a></li>') . ' <li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['achievements'] . '</a></li> <li><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['reputation'] . '</a></li> <li><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['skills'] . '</a></li> <li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['quests'] . '</a></li>'; if (char_get_class_name($char['class']) === 'Hunter') { $output .= ' <li><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['pets'] . '</a></li>'; } $output .= ' <li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['friends'] . '</a></li> <li><a href="char_spell.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['spells'] . '</a></li> <li><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['mail'] . '</a></li>'; } else { $output .= ' <center> <div id="tab_content"> <h1>' . $lang_char['char_sheet'] . '</h1><br /> <div id="tab"> <ul> <li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li>'; } $output .= ' </ul> </div> <div id="tab_content2"> <table class="lined" style="width: 580px;"> <tr> <td colspan="2"> <div> <img src="' . char_get_avatar_img($char['level'], $char['gender'], $char['race'], $char['class'], 0) . '" alt="avatar" /> </div> <div>'; $a_results = $sqlc->query('SELECT DISTINCT spell FROM character_aura WHERE guid = ' . $id . ''); if ($sqlc->num_rows($a_results)) { while ($aura = $sqlc->fetch_assoc($a_results)) { $output .= ' <a style="padding:2px;" href="' . $spell_datasite . $aura['spell'] . '" target="_blank"> <img src="' . spell_get_icon($aura['spell'], $sqlm) . '" alt="' . $aura['spell'] . '" width="24" height="24" /> </a>'; } } $output .= ' </div> </td> <td colspan="4"> <font class="bold"> ' . htmlentities($char['name']) . ' - <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /> <img src="img/c_icons/' . $char['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . ' </font> <br />' . get_map_name($char['map'], $sqlm) . ' - ' . get_zone_name($char['zone'], $sqlm) . ' <br />' . $lang_char['honor_points'] . ': ' . $char['totalHonorPoints'] . ' / ' . $char['arenaPoints'] . ' - ' . $lang_char['honor_kills'] . ': ' . $char['totalKills'] . ' <br />' . $lang_char['guild'] . ': ' . $guild_name . ' | ' . $lang_char['rank'] . ': ' . htmlentities($guild_rank) . ' <br />' . ($char['online'] ? '<img src="img/up.gif" onmousemove="toolTip(\'Online\', \'item_tooltip\')" onmouseout="toolTip()" alt="online" />' : '<img src="img/down.gif" onmousemove="toolTip(\'Offline\', \'item_tooltip\')" onmouseout="toolTip()" alt="offline" />'); if ($showcountryflag) { require_once 'libs/misc_lib.php'; $country = misc_get_country_by_account($char['account'], $sqlr, $sqlm); $output .= ' - ' . ($country['code'] ? '<img src="img/flags/' . $country['code'] . '.png" onmousemove="toolTip(\'' . $country['country'] . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />' : '-'); unset($country); } $output .= ' </td> </tr> <tr> <td width="6%">'; if ($equiped_items[1][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_HEAD . '" target="_blank"> <img src="' . $equiped_items[1][1] . '" class="' . $equiped_items[1][2] . '" alt="Head" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_head.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td class="half_line" colspan="2" align="center" width="50%"> <div class="gradient_p">' . $lang_item['health'] . ':</div> <div class="gradient_pp">' . $char['maxhealth'] . '</div>'; if ($char['class'] == 11) { //druid $output .= ' </br> <div class="gradient_p">' . $lang_item['energy'] . ':</div> <div class="gradient_pp">' . $char['power4'] . '/' . $char['maxpower4'] . '</div>'; } $output .= ' </td> <td class="half_line" colspan="2" align="center" width="50%">'; if ($char['class'] == 1) { // warrior $output .= ' <div class="gradient_p">' . $lang_item['rage'] . ':</div> <div class="gradient_pp">' . $rage . '/' . $maxrage . '</div>'; } elseif ($char['class'] == 4) { // rogue $output .= ' <div class="gradient_p">' . $lang_item['energy'] . ':</div> <div class="gradient_pp">' . $char['power4'] . '/' . $char['maxpower4'] . '</div>'; } elseif ($char['class'] == 6) { // death knight // Don't know if FOCUS is the right one need to verify with Death Knight player. $output .= ' <div class="gradient_p">' . $lang_item['runic'] . ':</div> <div class="gradient_pp">' . $char['power3'] . '/' . $char['maxpower3'] . '</div>'; } elseif ($char['class'] == 11) { // druid $output .= ' <div class="gradient_p">' . $lang_item['mana'] . ':</div> <div class="gradient_pp">' . $char['maxpower1'] . '</div> </br> <div class="gradient_p">' . $lang_item['rage'] . ':</div> <div class="gradient_pp">' . $rage . '/' . $maxrage . '</div>'; } elseif ($char['class'] == 2 || $char['class'] == 3 || $char['class'] == 5 || $char['class'] == 7 || $char['class'] == 8 || $char['class'] == 9) { // warlock $output .= ' <div class="gradient_p">' . $lang_item['mana'] . ':</div> <div class="gradient_pp">' . $char['maxpower1'] . '</div>'; } $output .= ' </td> <td width="6%">'; if ($equiped_items[10][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_GLOVES . '" target="_blank"> <img src="' . $equiped_items[10][1] . '" class="' . $equiped_items[10][2] . '" alt="Gloves" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_gloves.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[2][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_NECK . '" target="_blank"> <img src="' . $equiped_items[2][1] . '" class="' . $equiped_items[2][2] . '" alt="Neck" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_neck.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td class="half_line" colspan="2" rowspan="3" align="center" width="50%"> <div class="gradient_p"> ' . $lang_item['strength'] . ':<br /> ' . $lang_item['agility'] . ':<br /> ' . $lang_item['stamina'] . ':<br /> ' . $lang_item['intellect'] . ':<br /> ' . $lang_item['spirit'] . ':<br /> ' . $lang_item['armor'] . ': </div> <div class="gradient_pp"> ' . $char['strength'] . '<br /> ' . $char['agility'] . '<br /> ' . $char['stamina'] . '<br /> ' . $char['intellect'] . '<br /> ' . $char['spirit'] . '<br /> ' . $char['armor'] . ' </div> </td> <td class="half_line" colspan="2" rowspan="3" align="center" width="50%"> <div class="gradient_p"> ' . $lang_item['res_holy'] . ':<br /> ' . $lang_item['res_arcane'] . ':<br /> ' . $lang_item['res_fire'] . ':<br /> ' . $lang_item['res_nature'] . ':<br /> ' . $lang_item['res_frost'] . ':<br /> ' . $lang_item['res_shadow'] . ': </div> <div class="gradient_pp"> ' . $char['resHoly'] . '<br /> ' . $char['resArcane'] . '<br /> ' . $char['resFire'] . '<br /> ' . $char['resNature'] . '<br /> ' . $char['resFrost'] . '<br /> ' . $char['resShadow'] . ' </div> </td> <td width="1%">'; if ($equiped_items[6][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_BELT . '" target="_blank"> <img src="' . $equiped_items[6][1] . '" class="' . $equiped_items[6][2] . '" alt="Belt" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_waist.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[3][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_SHOULDER . '" target="_blank"> <img src="' . $equiped_items[3][1] . '" class="' . $equiped_items[3][2] . '" alt="Shoulder" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_shoulder.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="1%">'; if ($equiped_items[7][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_LEGS . '" target="_blank"> <img src="' . $equiped_items[7][1] . '" class="' . $equiped_items[7][2] . '" alt="Legs" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_legs.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[15][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_BACK . '" target="_blank"> <img src="' . $equiped_items[15][1] . '" class="' . $equiped_items[15][2] . '" alt="Back" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_chest_back.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="1%">'; if ($equiped_items[8][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_FEET . '" target="_blank"> <img src="' . $equiped_items[8][1] . '" class="' . $equiped_items[8][2] . '" alt="Feet" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_feet.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[5][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_CHEST . '" target="_blank"> <img src="' . $equiped_items[5][1] . '" class="' . $equiped_items[5][2] . '" alt="Chest" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_chest_back.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td class="half_line" colspan="2" rowspan="2" align="center" width="50%"> <div class="gradient_p"> ' . $lang_char['melee_d'] . ':<br /> ' . $lang_char['melee_ap'] . ':<br /> ' . $lang_char['melee_hit'] . ':<br /> ' . $lang_char['melee_crit'] . ':<br /> ' . $lang_char['expertise'] . ':<br /> </div> <div class="gradient_pp"> ' . $mindamage . '-' . $maxdamage . '<br /> ' . $char['attackPower'] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_MELEE_HIT] . '<br /> ' . $crit . '%<br /> ' . $expertise . '<br /> </div> </td> <td class="half_line" colspan="2" rowspan="2" align="center" width="50%"> <div class="gradient_p"> ' . $lang_char['spell_d'] . ':<br /> ' . $lang_char['spell_heal'] . ':<br /> ' . $lang_char['spell_hit'] . ':<br /> ' . $lang_char['spell_crit'] . ':<br /> ' . $lang_char['spell_haste'] . ' </div> <div class="gradient_pp"> ' . $spell_damage . '<br /> ' . $char_data[CHAR_DATA_OFFSET_SPELL_HEAL] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_SPELL_HIT] . '<br /> ' . $spell_crit . '%<br /> ' . $char_data[CHAR_DATA_OFFSET_SPELL_HASTE_RATING] . ' </div> </td> <td width="1%">'; if ($equiped_items[11][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_FINGER1 . '" target="_blank"> <img src="' . $equiped_items[11][1] . '" class="' . $equiped_items[11][2] . '" alt="Finger1" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_finger.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[4][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_SHIRT . '" target="_blank"> <img src="' . $equiped_items[4][1] . '" class="' . $equiped_items[4][2] . '" alt="Shirt" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_shirt.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="1%">'; if ($equiped_items[12][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_FINGER2 . '" target="_blank"> <img src="' . $equiped_items[12][1] . '" class="' . $equiped_items[12][2] . '" alt="Finger2" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_finger.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[19][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_TABARD . '" target="_blank"> <img src="' . $equiped_items[19][1] . '" class="' . $equiped_items[19][2] . '" alt="Tabard" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_tabard.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td class="half_line" colspan="2" rowspan="2" align="center" width="50%"> <div class="gradient_p"> ' . $lang_char['dodge'] . ':<br /> ' . $lang_char['parry'] . ':<br /> ' . $lang_char['block'] . ':<br /> ' . $lang_char['resilience'] . ':<br /> </div> <div class="gradient_pp"> ' . $dodge . '%<br /> ' . $parry . '%<br /> ' . $block . '%<br /> ' . $char_data[CHAR_DATA_OFFSET_RESILIENCE] . '<br /> </div> </td> <td class="half_line" colspan="2" rowspan="2" align="center" width="50%"> <div class="gradient_p"> ' . $lang_char['ranged_d'] . ':<br /> ' . $lang_char['ranged_ap'] . ':<br /> ' . $lang_char['ranged_hit'] . ':<br /> ' . $lang_char['ranged_crit'] . ':<br /> </div> <div class="gradient_pp"> ' . $minrangeddamage . '-' . $maxrangeddamage . '<br /> ' . $char['rangedAttackPower'] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_RANGE_HIT] . '<br /> ' . $ranged_crit . '%<br /> </div> </td> <td width="1%">'; if ($equiped_items[13][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_TRINKET1 . '" target="_blank"> <img src="' . $equiped_items[13][1] . '" class="' . $equiped_items[13][2] . '" alt="Trinket1" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_trinket.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[9][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_WRIST . '" target="_blank"> <img src="' . $equiped_items[9][1] . '" class="' . $equiped_items[9][2] . '" alt="Wrist" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_wrist.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="1%">'; if ($equiped_items[14][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_TRINKET2 . '" target="_blank"> <img src="' . $equiped_items[14][1] . '" class="' . $equiped_items[14][2] . '" alt="Trinket2" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_trinket.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td></td> <td width="15%">'; if ($equiped_items[16][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_MAIN_HAND . '" target="_blank"> <img src="' . $equiped_items[16][1] . '" class="' . $equiped_items[16][2] . '" alt="MainHand" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_main_hand.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="15%">'; if ($equiped_items[17][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_OFF_HAND . '" target="_blank"> <img src="' . $equiped_items[17][1] . '" class="' . $equiped_items[17][2] . '" alt="OffHand" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_off_hand.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="15%">'; if ($equiped_items[18][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_RANGED . '" target="_blank"> <img src="' . $equiped_items[18][1] . '" class="' . $equiped_items[18][2] . '" alt="Ranged" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_ranged.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="15%"></td> <td></td> </tr>'; if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) { //total time played $tot_time = $char['totaltime']; $tot_days = (int) ($tot_time / 86400); $tot_time = $tot_time - $tot_days * 86400; $total_hours = (int) ($tot_time / 3600); $tot_time = $tot_time - $total_hours * 3600; $total_min = (int) ($tot_time / 60); $output .= ' <tr> <td colspan="6"> ' . $lang_char['tot_paly_time'] . ': ' . $tot_days . ' ' . $lang_char['days'] . ' ' . $total_hours . ' ' . $lang_char['hours'] . ' ' . $total_min . ' ' . $lang_char['min'] . ' </td> </tr>'; } $output .= ' </table> </div> <br /> </div> <br />'; require_once 'core/char/char_footer.php'; $output .= ' <br /> </center>'; } else { error($lang_char['no_permission']); } } else { error($lang_char['no_char_found']); } }
function char_mail(&$sqlr, &$sqlc) { global $output, $lang_global, $lang_char, $lang_mail, $realm_id, $realm_db, $mmfpm_db, $characters_db, $action_permission, $user_lvl, $user_name, $item_datasite, $itemperpage; if (empty($_GET['id'])) { error($lang_global['empty_fields']); } // this is multi realm support, as of writing still under development // this page is already implementing it if (empty($_GET['realm'])) { $realmid = $realm_id; } else { $realmid = $sqlr->quote_smart($_GET['realm']); if (is_numeric($realmid)) { $sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']); } else { $realmid = $realm_id; } } $id = $sqlc->quote_smart($_GET['id']); if (is_numeric($id)) { } else { $id = 0; } //==========================$_GET and SECURE================================= $start = isset($_GET['start']) ? $sqlc->quote_smart($_GET['start']) : 0; if (is_numeric($start)) { } else { $start = 0; } $order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : 'id'; if (preg_match('/^[_[:lower:]]{1,12}$/', $order_by)) { } else { $order_by = 'id'; } $dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 1; if (preg_match('/^[01]{1}$/', $dir)) { } else { $dir = 1; } $order_dir = $dir ? 'ASC' : 'DESC'; $dir = $dir ? 0 : 1; //==========================$_GET and SECURE end============================= // getting character data from database $result = $sqlc->query('SELECT account, name, race, class, level, gender FROM characters WHERE guid = ' . $id . ' LIMIT 1'); if ($sqlc->num_rows($result)) { $char = $sqlc->fetch_assoc($result); // we get user permissions first $owner_acc_id = $sqlc->result($result, 0, 'account'); $result = $sqlr->query('SELECT gmlevel, username FROM account WHERE id = ' . $char['account'] . ''); $owner_gmlvl = $sqlr->result($result, 0, 'gmlevel'); $owner_name = $sqlr->result($result, 0, 'username'); if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) { //------------------------Character Tabs--------------------------------- // we start with a lead of 10 spaces, // because last line of header is an opening tag with 8 spaces // keep html indent in sync, so debuging from browser source would be easy to read $output .= ' <center> <div id="tab_content"> <div id="tab"> <ul> <li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li> <li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['inventory'] . '</a></li> <li><a href="char_extra.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['extra'] . '</a></li> ' . ($char['level'] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['talents'] . '</a></li>') . ' <li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['achievements'] . '</a></li> <li><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['reputation'] . '</a></li> <li><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['skills'] . '</a></li> <li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['quests'] . '</a></li>'; if (char_get_class_name($char['class']) === 'Hunter') { $output .= ' <li><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['pets'] . '</a></li>'; } $output .= ' <li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['friends'] . '</a></li> <li><a href="char_spell.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['spells'] . '</a></li> </ul> <ul>'; // selected char tab at last $output .= ' <li id="selected"><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['mail'] . '</a></li>'; $output .= ' </ul> </div> <div id="tab_content2"> <font class="bold"> ' . htmlentities($char['name']) . ' - <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /> <img src="img/c_icons/' . $char['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . ' </font> <br /><br /> <table class="lined" style="width: 100%">'; //---------------Page Specific Starts Ends here---------------------------- $query = $sqlc->query('SELECT a.id as id, a.messageType as messagetype, a.sender as sender, a.subject as subject, a.itemTextId as itemtextid, a.has_items as hasitems, a.money as money, a.cod as cod, a.checked as checked, b.item_template as itemtemplate FROM mail a INNER JOIN mail_items b ON a.id = b.mail_id where a.receiver = ' . $id . ' LIMIT ' . $start . ', ' . $itemperpage . ''); $total_mail = $sqlc->result($sqlc->query('SELECT count(*) FROM mail WHERE receiver= ' . $id . ''), 0); $output .= ' <tr> <td align="left"> Total Mails: ' . $total_mail . ' </td> <td align="right" width="45%">'; $output .= generate_pagination('char_mail.php?start=' . $start . '&order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1), $total_mail, $itemperpage, $start); $output .= ' </td> </table> <table class="lined" style="width: 100%"> <tr> <th width="5%">' . $lang_mail['mail_type'] . '</th> <th width="10%">' . $lang_mail['sender'] . '</th> <th width="15%">' . $lang_mail['subject'] . '</th> <th width="5%">' . $lang_mail['has_items'] . '</th> <th width="25%">' . $lang_mail['text'] . '</th> <th width="20%">' . $lang_mail['money'] . '</th> <th width="5%">' . $lang_mail['checked'] . '</th> </tr>'; while ($mail = $sqlc->fetch_assoc($query)) { $output .= ' <tr valign=top> <td>' . get_mail_source($mail['messagetype']) . '</td> <td><a href="char.php?id=' . $mail['sender'] . '">' . get_char_name($mail['sender']) . '</a></td> <td>' . $mail['subject'] . '</td> <td> <a style="padding:2px;" href="' . $item_datasite . $mail['itemtemplate'] . '" target="_blank"> <img class="bag_icon" src="' . get_item_icon($mail['itemtemplate'], $sqlm) . '" alt="" /> </a> </td> <td>' . get_mail_text($mail['itemtextid']) . '</td> <td> ' . substr($mail['money'], 0, -4) . '<img src="img/gold.gif" alt="" align="middle" /> ' . substr($mail['money'], -4, 2) . '<img src="img/silver.gif" alt="" align="middle" /> ' . substr($mail['money'], -2) . '<img src="img/copper.gif" alt="" align="middle" /> </td> <td>' . get_check_state($mail['checked']) . '</td> </tr>'; } //---------------Page Specific Data Ends here---------------------------- //---------------Character Tabs Footer----------------------------------- $output .= ' </table> </div> <br /> <table class="hidden"> <tr> <td>'; // button to user account page, user account page has own security makebutton($lang_char['chars_acc'], 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130); $output .= ' </td> <td>'; // only higher level GM with delete access can edit character // character edit allows removal of character items, so delete permission is needed if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete']) { makebutton($lang_char['edit_button'], 'char_edit.php?id=' . $id . '&realm=' . $realmid . '', 130); $output .= ' </td> <td>'; } // only higher level GM with delete access, or character owner can delete character if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete'] || $owner_name === $user_name) { makebutton($lang_char['del_char'], 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130); $output .= ' </td> <td>'; } // only GM with update permission can send mail, mail can send items, so update permission is needed if ($user_lvl >= $action_permission['update']) { makebutton($lang_char['send_mail'], 'mail.php?type=ingame_mail&to=' . $char['name'] . '', 130); $output .= ' </td> <td>'; } makebutton($lang_global['back'], 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> <br /> </center> <!-- end of char_mail.php -->'; } else { error($lang_char['no_permission']); } } else { error($lang_char['no_char_found']); } }
function gen_avatar_panel($level, $sex, $race, $class, $info = 1, $gm = 0, $edit_user = 0) { require_once "libs/char_lib.php"; $return = ' <div class="center" style="background: transparent url('; $return .= char_get_avatar_img($level, $sex, $race, $class, $gm); $return .= ') repeat scroll 0%; width: 64px; height: 64px;' . ($edit_user == 0 ? ' border: 0px;' : '') . '">'; $return .= ' <div style="background: transparent url(img/avatars/frame/full' . ($gm ? 'gm' : '') . '.gif) repeat scroll 0%; position: relative; left: 0px; top: 0px; width: 64px; height: 64px;"> </div>'; if (!$gm) { $return .= ' <div style="text-align: center; font-weight: bold; color: white; position: relative; left: 21px; top: -18px; width: 24px; height: 24px;">' . $level . ' </div>'; } $return .= ' </div>'; if ($gm > 0) { require_once "libs/get_lib.php"; $return .= id_get_gm_level($gm) . ' <br />'; } if ($info == 1) { $return .= ' <div style="margin-top:2px;"> <a href="#" onmouseover="oldtoolTip(\'' . char_get_race_name($race) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()"> <img src="img/c_icons/' . $race . '-' . $sex . '.gif" border="0" alt="" /> </a> <a href="#" onmouseover="oldtoolTip(\'' . char_get_class_name($class) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()"> <img src="img/c_icons/' . $class . '.gif" border="0" alt="" /> </a> </div>'; } return $return; }
function char_rep(&$sqlr, &$sqlc) { global $output, $lang_global, $lang_char, $realm_id, $characters_db, $mmfpm_db, $action_permission, $user_lvl, $user_name; require_once 'libs/fact_lib.php'; $reputation_rank = fact_get_reputation_rank_arr(); $reputation_rank_length = fact_get_reputation_rank_length(); if (empty($_GET['id'])) { error($lang_global['empty_fields']); } // this is multi realm support, as of writing still under development // this page is already implementing it if (empty($_GET['realm'])) { $realmid = $realm_id; } else { $realmid = $sqlr->quote_smart($_GET['realm']); if (is_numeric($realmid)) { $sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']); } else { $realmid = $realm_id; } } $id = $sqlc->quote_smart($_GET['id']); if (is_numeric($id)) { } else { $id = 0; } $result = $sqlc->query('SELECT account, name, race, class, level, gender FROM characters WHERE guid = ' . $id . ' LIMIT 1'); if ($sqlc->num_rows($result)) { $char = $sqlc->fetch_assoc($result); // we get user permissions first $owner_acc_id = $sqlc->result($result, 0, 'account'); $result = $sqlr->query('SELECT gmlevel, username FROM account WHERE id = ' . $char['account'] . ''); $owner_gmlvl = $sqlr->result($result, 0, 'gmlevel'); $owner_name = $sqlr->result($result, 0, 'username'); if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) { $result = $sqlc->query('SELECT faction, standing FROM character_reputation WHERE guid = ' . $id . ' AND (flags & 1 = 1)'); $output .= ' <center> <div id="tab_content"> <div id="tab"> <ul> <li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li> <li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['inventory'] . '</a></li> <li><a href="char_extra.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['extra'] . '</a></li> ' . ($char['level'] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['talents'] . '</a></li>') . ' <li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['achievements'] . '</a></li> <li><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['skills'] . '</a></li> <li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['quests'] . '</a></li>'; if (char_get_class_name($char['class']) === 'Hunter') { $output .= ' <li><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['pets'] . '</a></li>'; } $output .= ' <li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['friends'] . '</a></li> <li><a href="char_spell.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['spells'] . '</a></li> <li><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['mail'] . '</a></li> </ul> <ul>'; // selected char tab at last $output .= ' <li id="selected"><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['reputation'] . '</a></li>'; $output .= ' </ul> </div> <div id="tab_content2"> <font class="bold"> ' . htmlentities($char['name']) . ' - <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /> <img src="img/c_icons/' . $char['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . ' </font> <br /><br />'; $temp_out = array(1 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi1" onclick="expand(\'i1\', this, \'Alliance\')">[-] Alliance</div> </th> </tr> <tr> <td> <table id="i1" class="lined" style="width: 535px; display: table;">', 0), 2 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi2" onclick="expand(\'i2\', this, \'Horde\')">[-] Horde</div> </th> </tr> <tr> <td> <table id="i2" class="lined" style="width: 535px; display: table;">', 0), 3 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi3" onclick="expand(\'i3\', this, \'Alliance Forces\')">[-] Alliance Forces</div> </th> </tr> <tr> <td> <table id="i3" class="lined" style="width: 535px; display: table;">', 0), 4 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi4" onclick="expand(\'i4\', this, \'Horde Forces\')">[-] Horde Forces</div> </th> </tr> <tr> <td> <table id="i4" class="lined" style="width: 535px; display: table;">', 0), 5 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi5" onclick="expand(\'i5\', this, \'Steamwheedle Cartels\')">[-] Steamwheedle Cartel</div> </th> </tr> <tr> <td> <table id="i5" class="lined" style="width: 535px; display: table;">', 0), 6 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi6" onclick="expand(\'i6\', this, \'The Burning Crusade\')">[-] The Burning Crusade</div> </th> </tr> <tr> <td> <table id="i6" class="lined" style="width: 535px; display: table;">', 0), 7 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi7" onclick="expand(\'i7\', this, \'Shattrath City\')">[-] Shattrath City</div> </th> </tr> <tr> <td> <table id="i7" class="lined" style="width: 535px; display: table;">', 0), 8 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi8" onclick="expand(\'i8\', this, \'Alliance Vanguard\')">[-] Alliance Vanguard</div> </th> </tr> <tr> <td> <table id="i8" class="lined" style="width: 535px; display: table;">', 0), 9 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi9" onclick="expand(\'i9\', this, \'Horde Expedition \')">[-] Horde Expedition </div> </th> </tr> <tr> <td> <table id="i9" class="lined" style="width: 535px; display: table;">', 0), 10 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi10" onclick="expand(\'i10\', this, \'Sholazar Basin\')">[-] Sholazar Basin</div> </th> </tr> <tr> <td> <table id="i10" class="lined" style="width: 535px; display: table;">', 0), 11 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi11" onclick="expand(\'i11\', this, \'Wrath of the Lich King\')">[-] Wrath of the Lich King</div> </th> </tr> <tr> <td> <table id="i11" class="lined" style="width: 535px; display: table;">', 0), 12 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi12" onclick="expand(\'i12\', this, \'Other\')">[-] Other</div> </th> </tr> <tr> <td> <table id="i12" class="lined" style="width: 535px; display: table;">', 0), 0 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi13" onclick="expand(\'i13\', this, \'Unknown\')">[-] Unknown</div> </th> </tr> <tr> <td> <table id="i13" class="lined" style="width: 535px; display: table;">', 0)); $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); if ($sqlc->num_rows($result)) { while ($fact = $sqlc->fetch_assoc($result)) { $faction = $fact['faction']; $standing = $fact['standing']; $rep_rank = fact_get_reputation_rank($faction, $standing, $char['race'], $sqlm); $rep_rank_name = $reputation_rank[$rep_rank]; $rep_cap = $reputation_rank_length[$rep_rank]; $rep = fact_get_reputation_at_rank($faction, $standing, $char['race'], $sqlm); $faction_name = fact_get_faction_name($faction, $sqlm); $ft = fact_get_faction_tree($faction); // not show alliance rep for horde and vice versa: if (1 << $char['race'] - 1 & 690 && ($ft == 1 || $ft == 3) || 1 << $char['race'] - 1 & 1101 && ($ft == 2 || $ft == 4)) { } else { $temp_out[$ft][0] .= ' <tr> <td width="30%" align="left">' . $faction_name . '</td> <td width="55%" valign="top"> <div class="faction-bar"> <div class="rep' . $rep_rank . '"> <span class="rep-data">' . $rep . '/' . $rep_cap . '</span> <div class="bar-color" style="width:' . 100 * $rep / $rep_cap . '%"></div> </div> </div> </td> <td width="15%" align="left" class="rep' . $rep_rank . '">' . $rep_rank_name . '</td> </tr>'; $temp_out[$ft][1] = 1; } } } else { $output .= ' <tr> <td colspan="2"><br /><br />' . $lang_global['err_no_records_found'] . '<br /><br /></td> </tr>'; } foreach ($temp_out as $out) { if ($out[1]) { $output .= $out[0] . ' </table> </td> </tr> </table>'; } } $output .= ' <br /> </div> <br /> </div> <br /> <table class="hidden"> <tr> <td>'; // button to user account page, user account page has own security makebutton($lang_char['chars_acc'], 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130); $output .= ' </td> <td>'; // only higher level GM with delete access can edit character // character edit allows removal of character items, so delete permission is needed if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete']) { makebutton($lang_char['edit_button'], 'char_edit.php?id=' . $id . '&realm=' . $realmid . '', 130); $output .= ' </td> <td>'; } // only higher level GM with delete access, or character owner can delete character if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete'] || $owner_name === $user_name) { makebutton($lang_char['del_char'], 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130); $output .= ' </td> <td>'; } // only GM with update permission can send mail, mail can send items, so update permission is needed if ($user_lvl >= $action_permission['update']) { makebutton($lang_char['send_mail'], 'mail.php?type=ingame_mail&to=' . $char['name'] . '', 130); $output .= ' </td> <td>'; } makebutton($lang_global['back'], 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> <br /> </center> <!-- end of char_achieve.php -->'; } else { error($lang_char['no_permission']); } } else { error($lang_char['no_char_found']); } }
function view_guild() { global $output, $logon_db, $characters_db, $corem_db, $realm_id, $itemperpage, $action_permission, $user_lvl, $user_id, $showcountryflag, $site_encoding, $show_guild_emblem, $sql, $core; if (!isset($_GET["id"])) { redirect("guild.php?error=1"); } $guild_id = $sql["char"]->quote_smart($_GET["id"]); if (!is_numeric($guild_id)) { redirect("guild.php?error=6"); } //==========================SQL INGUILD and GUILDLEADER====================== if ($core == 1) { $q_inguild = $sql["char"]->query("SELECT 1 FROM guild_data WHERE guildid='" . $guild_id . "' AND playerid IN (SELECT guid FROM characters WHERE acct='" . $user_id . "')"); } else { $q_inguild = $sql["char"]->query("SELECT 1 FROM guild_member WHERE guildid='" . $guild_id . "' AND guid IN (SELECT guid FROM characters WHERE account='" . $user_id . "')"); } $inguild = $sql["char"]->result($q_inguild, 0, "1"); if ($user_lvl < $action_permission["update"] && !$inguild) { redirect("guild.php?error=6"); } if ($core == 1) { $q_amIguildleader = $sql["char"]->query("SELECT 1 FROM guilds WHERE guildid='" . $guild_id . "' AND leaderguid IN (SELECT guid FROM characters WHERE acct='" . $user_id . "')"); } else { $q_amIguildleader = $sql["char"]->query("SELECT 1 FROM guild WHERE guildid='" . $guild_id . "' AND leaderguid IN (SELECT guid FROM characters WHERE account='" . $user_id . "')"); } $amIguildleader = $sql["char"]->result($q_amIguildleader, 0, "1"); if ($core == 1) { $q_guildmemberCount = $sql["char"]->query("SELECT 1 FROM guild_data WHERE guildid='" . $guild_id . "'"); } else { $q_guildmemberCount = $sql["char"]->query("SELECT 1 from guild_member where guildid='" . $guild_id . "'"); } $guildmemberCount = $sql["char"]->num_rows($q_guildmemberCount); //====================SQL INGUILD and GUILDLEADER end======================== //==========================$_GET and SECURE================================= $start = isset($_GET["start"]) ? $sql["char"]->quote_smart($_GET["start"]) : 0; if (is_numeric($start)) { } else { $start = 0; } $order_by = isset($_GET["order_by"]) ? $sql["char"]->quote_smart($_GET["order_by"]) : "mrank"; if (!preg_match("/^[_[:lower:]]{1,10}\$/", $order_by)) { $order_by = "mrank"; } $dir = isset($_GET["dir"]) ? $sql["char"]->quote_smart($_GET["dir"]) : 1; if (!preg_match("/^[01]{1}\$/", $dir)) { $dir = 1; } $order_dir = $dir ? "ASC" : "DESC"; $dir = $dir ? 0 : 1; //==========================$_GET and SECURE end============================= if ($core == 1) { $query = $sql["char"]->query("SELECT guildid, guildname AS name, guildinfo AS info, MOTD, createdate,\n (SELECT COUNT(*) FROM guild_data WHERE guildid='" . $guild_id . "') AS mtotal,\n (SELECT COUNT(*) FROM guild_data WHERE guildid='" . $guild_id . "' AND playerid IN\n (SELECT guid FROM characters WHERE online=1)) AS monline,\n emblemStyle AS EmblemStyle,\n emblemColor AS EmblemColor,\n borderStyle AS BorderStyle,\n borderColor AS BorderColor,\n backgroundColor AS BackgroundColor\n FROM guilds WHERE guildid='" . $guild_id . "'"); } else { $query = $sql["char"]->query("SELECT guildid, name, info, MOTD, createdate,\n (SELECT COUNT(*) FROM guild_member where guildid='" . $guild_id . "') AS mtotal,\n (SELECT COUNT(*) FROM guild_member where guildid='" . $guild_id . "' AND guid IN\n (SELECT guid FROM characters WHERE online=1)) AS monline,\n EmblemStyle, EmblemColor, BorderStyle, BorderColor, BackgroundColor\n FROM guild WHERE guildid='" . $guild_id . "'"); } $guild_data = $sql["char"]->fetch_assoc($query); $output .= ' <script type="text/javascript"> answerbox.btn_ok="' . lang("global", "yes") . '"; answerbox.btn_cancel="' . lang("global", "no") . '"; </script> <div class="guild_fieldset fieldset_border"> <span class="legend">' . lang("guild", "guild") . '</span> <table class="lined"> <tr> <td style="width: 25%;" class="hidden"><b>' . lang("guild", "create_date") . ':</b><br />' . date("o-m-d", $guild_data["createdate"]) . '</td> <td style="width: 50%;" class="bold hidden" colspan="2">' . $guild_data["name"] . '</td> <td style="width: 25%;" class="hidden"><b>' . lang("guild", "tot_m_online") . ':</b><br />' . $guild_data["monline"] . ' / ' . $guild_data["mtotal"] . '</td> </tr> <tr> <td colspan="2" class="hidden"><b>' . lang("guild", "info") . ':</b><br />' . $guild_data["info"] . '</td> <td colspan="2" class="hidden"><b>' . lang("guild", "motd") . ':</b><br />' . $guild_data["MOTD"] . '</td> </tr>'; if ($show_guild_emblem) { $output .= ' <tr> <td colspan="4" class="hidden"> <div id="guild_emblem"> <div> <img id="guild_view_background" src="img/emblems/Background_' . doubledigit($guild_data["BackgroundColor"]) . '.png" alt="" /> <img id="guild_view_emblem" src="img/emblems/Emblem_' . doubledigit($guild_data["EmblemStyle"]) . '_' . doubledigit($guild_data["EmblemColor"]) . '.png" alt="" /> <img id="guild_view_border" src="img/emblems/Border_' . doubledigit($guild_data["BorderStyle"]) . '_' . doubledigit($guild_data["BorderColor"]) . '.png" alt="" /> <img id="guild_emblem_border" src="img/EmblemBorder.png" alt="" /> </div> </div> </td> </tr> <tr> <td id="guild_pages_background" style="text-align: right;" colspan="4">' . generate_pagination("guild.php?action=view_guild&id=" . $guild_id . "&order_by=" . $order_by . "&dir=" . ($dir ? 0 : 1), $guildmemberCount, $itemperpage, $start) . '</td> </tr> </table> <table class="lined"> <tr> <th style="width: 1%;">' . lang("guild", "remove") . '</th> <th style="width: 15%;"><a href="guild.php?action=view_guild&error=3&id=' . $guild_id . '&order_by=cname&start=' . $start . '&dir=' . $dir . '">' . ($order_by == "cname" ? '<img src="img/arr_' . ($dir ? "up" : "dw") . '.gif" alt="" /> ' : '') . lang("guild", "name") . '</a></th> <th style="width: 1%;"><a href="guild.php?action=view_guild&error=3&id=' . $guild_id . '&order_by=crace&start=' . $start . '&dir=' . $dir . '">' . ($order_by == "crace" ? '<img src="img/arr_' . ($dir ? "up" : "dw") . '.gif" alt="" /> ' : '') . lang("guild", "race") . '</a></th> <th style="width: 1%;"><a href="guild.php?action=view_guild&error=3&id=' . $guild_id . '&order_by=class&start=' . $start . '&dir=' . $dir . '">' . ($order_by == "cclass" ? '<img src="img/arr_' . ($dir ? "up" : "dw") . '.gif" alt="" /> ' : '') . lang("guild", "class") . '</a></th> <th style="width: 1%;"><a href="guild.php?action=view_guild&error=3&id=' . $guild_id . '&order_by=clevel&start=' . $start . '&dir=' . $dir . '">' . ($order_by == "clevel" ? '<img src="img/arr_' . ($dir ? "up" : "dw") . '.gif" alt="" /> ' : '') . lang("guild", "level") . '</a></th> <th style="width: 25%;"><a href="guild.php?action=view_guild&error=3&id=' . $guild_id . '&order_by=mrank&start=' . $start . '&dir=' . $dir . '">' . ($order_by == "mrank" ? '<img src="img/arr_' . ($dir ? "up" : "dw") . '.gif" alt="" /> ' : '') . lang("guild", "rank") . '</a></th> <th style="width: 15%;">' . lang("guild", "pnote") . '</th> <th style="width: 15%;">' . lang("guild", "offnote") . '</th> <th style="width: 15%;"><a href="guild.php?action=view_guild&error=3&id=' . $guild_id . '&order_by=clogout&start=' . $start . '&dir=' . $dir . '">' . ($order_by == "clogout" ? '<img src="img/arr_' . ($dir ? "up" : "dw") . '.gif" alt="" /> ' : '') . lang("guild", "llogin") . '</a></th> <th style="width: 1%;"><a href="guild.php?action=view_guild&error=3&id=' . $guild_id . '&order_by=conline&start=' . $start . '&dir=' . $dir . '">' . ($order_by == "conline" ? '<img src="img/arr_' . ($dir ? "up" : "dw") . '.gif" alt="" /> ' : '') . lang("guild", "online") . '</a></th>'; } if ($showcountryflag) { require_once "libs/misc_lib.php"; $output .= ' <th style="width: 1%;">' . lang("global", "country") . '</th>'; } $output .= ' </tr>'; // this_is_junk: WTF? O_o if ($core == 1) { $members = $sql["char"]->query("SELECT gm.playerid AS cguid, c.name AS cname, c.`race` AS crace, c.`class` AS cclass,\n c.`level` AS clevel,\n gm.guildrank AS mrank, (SELECT rankname FROM guild_ranks WHERE guildid='" . $guild_id . "' AND rankid=mrank) AS rname,\n gm.publicNote AS pnote, gm.officerNote AS offnote, gender,\n c.`online` AS conline, c.`acct`, c.`timestamp` AS clogout\n FROM guild_data AS gm LEFT OUTER JOIN characters AS c ON c.guid=gm.playerid\n WHERE gm.guildid='" . $guild_id . "' ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage); } else { $members = $sql["char"]->query("SELECT gm.guid AS cguid, c.name AS cname, c.`race` AS crace, c.`class` AS cclass,\n c.`level` AS clevel,\n gm.rank AS mrank, (SELECT rname FROM guild_rank WHERE guildid='" . $guild_id . "' AND rid=mrank) AS rname,\n gm.pnote AS pnote, gm.offnote AS offnote, gender,\n c.`online` AS conline, c.`account` AS acct, c.`logout_time` AS clogout\n FROM guild_member AS gm LEFT OUTER JOIN characters AS c ON c.guid=gm.guid\n WHERE gm.guildid='" . $guild_id . "' ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage); } while ($member = $sql["char"]->fetch_assoc($members)) { if ($core == 1) { $query = "SELECT * FROM accounts WHERE acct='" . $member["acct"] . "'"; $result = $sql["logon"]->query($query); $result = $sql["logon"]->fetch_assoc($result); $user = $result["login"]; } else { $query = "SELECT * FROM account WHERE id='" . $member["acct"] . "'"; $result = $sql["logon"]->query($query); $result = $sql["logon"]->fetch_assoc($result); $user = $result["username"]; } $result = $sql["mgr"]->query("SELECT SecurityLevel AS gm FROM config_accounts WHERE Login='******'"); $owner_gmlvl = $sql["logon"]->result($result, 0, "gm"); if ($owner_gmlvl >= 1073741824) { $owner_gmlvl -= 1073741824; } $output .= ' <tr>'; // gm, guildleader or own account! are allowed to remove from guild $output .= $user_lvl >= $action_permission["delete"] || $amIguildleader || $member["acct"] == $user_id ? '<td><img src="img/aff_cross.png" alt="" onclick="answerBox(\'' . lang("global", "delete") . ': <font color=white>' . $member["cname"] . '</font><br />' . lang("global", "are_you_sure") . '\', \'guild.php?action=rem_char_from_guild&realm=' . $realmid . '&id=' . $member["cguid"] . '&guld_id=' . $guild_id . '\');" class="guild_edit_delete_cursor" /></td>' : '<td></td>'; $output .= ' <td><a href="char.php?id=' . $member["cguid"] . '">' . htmlentities($member["cname"], ENT_COMPAT, $site_encoding) . '</a></td> <td><img src="img/c_icons/' . $member["crace"] . '-' . $member["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($member["crace"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /></td> <td><img src="img/c_icons/' . $member["cclass"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($member["cclass"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /></td> <td>' . char_get_level_color($member["clevel"]) . '</td> <td>' . htmlentities($member["rname"], ENT_COMPAT, $site_encoding) . ' (' . $member["mrank"] . ')</td> <td>' . htmlentities($member["pnote"], ENT_COMPAT, $site_encoding) . '</td> <td>' . htmlentities($member["offnote"], ENT_COMPAT, $site_encoding) . '</td> <td><span style="font-weight: bold;">' . get_days_with_color($member["clogout"]) . '</span></td> <td><img src="img/' . ($member["conline"] ? 'up' : 'down') . '.gif" alt="" /></td>'; if ($showcountryflag) { // this_is_junk: apparently sometimes guilds end up with members who don't exist. O_o // and because they don't exist, they don't have anything in their acct field. // which misc_get_country_by_account() doesn't like. if ($member["acct"]) { $country = misc_get_country_by_account($member["acct"]); } else { $country = 0; } $output .= ' <td>' . ($country["code"] ? '<img src="img/flags/' . $country["code"] . '.png" onmousemove="oldtoolTip(\'' . $country["country"] . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />' : '-') . '</td>'; } $output .= ' </tr>'; } unset($member); $output .= ' <tr> <td align="right" class="hidden">' . generate_pagination("guild.php?action=view_guild&error=3&id=" . $guild_id . "&order_by=" . $order_by . "&dir=" . !$dir, $guildmemberCount, $itemperpage, $start) . '</td> </tr> </table> <br />'; $output .= ' <table class="hidden center"> <tr> <td>'; if ($user_lvl >= $action_permission["delete"] || $amIguildleader) { makebutton(lang("guild", "del_guild"), "guild.php?action=del_guild&realm=" . $realm_id . "&id=" . $guild_id . "&name=" . $guild_data["name"] . "\" type=\"wrn", 130); $output .= ' </td> <td>'; } makebutton(lang("guild", "guildbank"), "guildbank.php?id=" . $guild_id, 130); $output .= ' </td> <td>'; makebutton(lang("guild", "show_guilds"), "guild.php\" type=\"def", 130); $output .= ' </td> </tr> </table> </div>'; }
function char_rep() { global $output, $realm_id, $characters_db, $logon_db, $corem_db, $action_permission, $site_encoding, $user_lvl, $user_name, $sql, $core; require_once 'libs/fact_lib.php'; $reputation_rank = fact_get_reputation_rank_arr(); $reputation_rank_length = fact_get_reputation_rank_length(); if (empty($_GET["id"])) { error(lang("global", "empty_fields")); } // this is multi realm support, as of writing still under development // this page is already implementing it if (empty($_GET["realm"])) { $realmid = $realm_id; } else { $realmid = $sql["logon"]->quote_smart($_GET["realm"]); if (is_numeric($realmid)) { $sql["char"]->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name'], $characters_db[$realmid]["encoding"]); } else { $realmid = $realm_id; } } $id = $sql["char"]->quote_smart($_GET["id"]); if (!is_numeric($id)) { $id = 0; } if ($core == 1) { $result = $sql["char"]->query("SELECT acct, name, race, class, level, gender FROM characters WHERE guid='" . $id . "' LIMIT 1"); } else { $result = $sql["char"]->query("SELECT account AS acct, name, race, class, level, gender FROM characters WHERE guid='" . $id . "' LIMIT 1"); } if ($sql["char"]->num_rows($result)) { $char = $sql["char"]->fetch_assoc($result); // we get user permissions first $owner_acc_id = $sql["char"]->result($result, 0, 'acct'); if ($core == 1) { $result = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $char["acct"] . "'"); } else { $result = $sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $char["acct"] . "'"); } $owner_name = $sql["logon"]->result($result, 0, 'login'); $s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='******'"; $s_result = $sql["mgr"]->query($s_query); $s_fields = $sql["mgr"]->fetch_assoc($s_result); $owner_gmlvl = $s_fields["gm"]; $view_mod = $s_fields["View_Mod_Rep"]; if ($owner_gmlvl >= 1073741824) { $owner_gmlvl -= 1073741824; } // owner configured overrides $view_override = false; if ($view_mod > 0) { if ($view_mod == 1) { } elseif ($view_mod == 2) { // only registered users may view this page if ($user_lvl > -1) { $view_override = true; } } } // visibility overrides for specific tabs $view_inv_override = false; if ($s_fields["View_Mod_Inv"] > 0) { if ($s_fields["View_Mod_Inv"] == 1) { } elseif ($s_fields["View_Mod_Inv"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_inv_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_inv_override = true; } } $view_talent_override = false; if ($s_fields["View_Mod_Talent"] > 0) { if ($s_fields["View_Mod_Talent"] == 1) { } elseif ($s_fields["View_Mod_Talent"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_talent_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_talent_override = true; } } $view_achieve_override = false; if ($s_fields["View_Mod_Achieve"] > 0) { if ($s_fields["View_Mod_Achieve"] == 1) { } elseif ($s_fields["View_Mod_Achieve"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_achieve_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_achieve_override = true; } } $view_quest_override = false; if ($s_fields["View_Mod_Quest"] > 0) { if ($s_fields["View_Mod_Quest"] == 1) { } elseif ($s_fields["View_Mod_Quest"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_quest_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_quest_override = true; } } $view_friends_override = false; if ($s_fields["View_Mod_Friends"] > 0) { if ($s_fields["View_Mod_Friends"] == 1) { } elseif ($s_fields["View_Mod_Friends"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_friends_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_friends_override = true; } } $view_view_override = false; if ($s_fields["View_Mod_View"] > 0) { if ($s_fields["View_Mod_View"] == 1) { } elseif ($s_fields["View_Mod_View"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_view_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_view_override = true; } } $view_pets_override = false; if ($s_fields["View_Mod_Pets"] > 0) { if ($s_fields["View_Mod_Pets"] == 1) { } elseif ($s_fields["View_Mod_Pets"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_pets_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_pets_override = true; } } $view_skill_override = false; if ($s_fields["View_Mod_Skill"] > 0) { if ($s_fields["View_Mod_Skill"] == 1) { } elseif ($s_fields["View_Mod_Skill"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_skill_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_skill_override = true; } } $view_pvp_override = false; if ($s_fields["View_Mod_PvP"] > 0) { if ($s_fields["View_Mod_PvP"] == 1) { } elseif ($s_fields["View_Mod_PvP"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_pvp_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_pvp_override = true; } } if ($view_override || $user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { if ($core == 1) { $result = $sql["char"]->query("SELECT faction, standing FROM playerreputations WHERE guid='" . $id . "'"); $factions = array(); $faction_ranks = array(); while ($fact = $sql["char"]->fetch_assoc($result)) { array_push($factions, $fact["faction"]); array_push($faction_ranks, $fact["standing"]); } /*$result = $result["reputation"]; $result = substr($result, 0, strlen($result) - 1); $result = explode(",", $result); $factions = array(); $faction_ranks = array(); $pick = 0; foreach ( $result as $t ) { switch ( $pick ) { case 0: { array_push($factions, $t); $pick = 1; break; } case 1: { // we skip this one $pick = 2; break; } case 2: { // we skip this one $pick = 3; break; } case 3: { array_push($faction_ranks, $t); $pick = 0; break; } } }*/ } else { $result = $sql["char"]->query("SELECT faction, standing FROM character_reputation WHERE guid='" . $id . "' AND (flags & 1 = 1)"); $factions = array(); $faction_ranks = array(); while ($fact = $sql["char"]->fetch_assoc($result)) { array_push($factions, $fact["faction"]); array_push($faction_ranks, $fact["standing"]); } } $output .= ' <div class="tab"> <ul> <li class="selected"><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>'; if ($view_inv_override) { $output .= ' <li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "inventory") . '</a></li>'; } if ($view_talent_override) { $output .= ' ' . ($char["level"] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "talents") . '</a></li>') . ''; } if ($view_achieve_override) { $output .= ' <li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "achievements") . '</a></li>'; } if ($view_quest_override) { $output .= ' <li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "quests") . '</a></li>'; } if ($view_friends_override) { $output .= ' <li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "friends") . '</a></li>'; } if ($view_view_override) { $output .= ' <li><a href="char_view.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "view") . '</a></li>'; } $output .= ' </ul> </div> <div class="tab_content center"> <div class="tab"> <ul> <li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>'; if (char_get_class_name($char["class"]) == "Hunter" && $view_pets_override) { $output .= ' <li><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "pets") . '</a></li>'; } $output .= ' <li class="selected"><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "reputation") . '</a></li>'; if ($view_skill_override) { $output .= ' <li><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "skills") . '</a></li>'; } if ($view_pvp_override) { $output .= ' <li><a href="char_pvp.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "pvp") . '</a></li>'; } if ($owner_name == $user_name || $user_lvl >= get_page_permission("insert", "char_mail.php")) { $output .= ' <li><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "mail") . '</a></li>'; } $output .= ' </ul> </div> <div class="tab_content2 center center_text"> <span class="bold"> ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' - <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . ' </span> <br /> <br />'; $temp_out = array(1 => array(' <table class="lined" id="ch_rep_rep_alliance"> <tr> <th colspan="3" align="left"> <div id="divi1" onclick="expand(\'i1\', this, \'Alliance\')">[-] ' . lang("char", "rep_alliance") . '</div> </th> </tr> <tr> <td> <table id="i1" class="lined" style="width: 535px; display: table;">', 0), 2 => array(' <table class="lined" id="ch_rep_rep_horde"> <tr> <th colspan="3" align="left"> <div id="divi2" onclick="expand(\'i2\', this, \'Horde\')">[-] ' . lang("char", "rep_horde") . '</div> </th> </tr> <tr> <td> <table id="i2" class="lined" style="width: 535px; display: table;">', 0), 3 => array(' <table class="lined" id="ch_rep_rep_alliance_forces"> <tr> <th colspan="3" align="left"> <div id="divi3" onclick="expand(\'i3\', this, \'Alliance Forces\')">[-] ' . lang("char", "rep_alliance_forces") . '</div> </th> </tr> <tr> <td> <table id="i3" class="lined" style="width: 535px; display: table;">', 0), 4 => array(' <table class="lined" id="ch_rep_rep_horde_forces"> <tr> <th colspan="3" align="left"> <div id="divi4" onclick="expand(\'i4\', this, \'Horde Forces\')">[-] ' . lang("char", "rep_horde_forces") . '</div> </th> </tr> <tr> <td> <table id="i4" class="lined" style="width: 535px; display: table;">', 0), 5 => array(' <table class="lined" id="ch_rep_rep_steamwheedle_cartel"> <tr> <th colspan="3" align="left"> <div id="divi5" onclick="expand(\'i5\', this, \'Steamwheedle Cartels\')">[-] ' . lang("char", "rep_steamwheedle_cartel") . '</div> </th> </tr> <tr> <td> <table id="i5" class="lined" style="width: 535px; display: table;">', 0), 6 => array(' <table class="lined" id="ch_rep_rep_the_burning_crusade"> <tr> <th colspan="3" align="left"> <div id="divi6" onclick="expand(\'i6\', this, \'The Burning Crusade\')">[-] ' . lang("char", "rep_the_burning_crusade") . '</div> </th> </tr> <tr> <td> <table id="i6" class="lined" style="width: 535px; display: table;">', 0), 7 => array(' <table class="lined" id="ch_rep_rep_shattrath_city"> <tr> <th colspan="3" align="left"> <div id="divi7" onclick="expand(\'i7\', this, \'Shattrath City\')">[-] ' . lang("char", "rep_shattrath_city") . '</div> </th> </tr> <tr> <td> <table id="i7" class="lined" style="width: 535px; display: table;">', 0), 8 => array(' <table class="lined" id="ch_rep_rep_alliance_vanguard"> <tr> <th colspan="3" align="left"> <div id="divi8" onclick="expand(\'i8\', this, \'Alliance Vanguard\')">[-] ' . lang("char", "rep_alliance_vanguard") . '</div> </th> </tr> <tr> <td> <table id="i8" class="lined" style="width: 535px; display: table;">', 0), 9 => array(' <table class="lined" id="ch_rep_rep_horde_expedition"> <tr> <th colspan="3" align="left"> <div id="divi9" onclick="expand(\'i9\', this, \'Horde Expedition \')">[-] ' . lang("char", "rep_horde_expedition") . '</div> </th> </tr> <tr> <td> <table id="i9" class="lined" style="width: 535px; display: table;">', 0), 10 => array(' <table class="lined" id="ch_rep_rep_sholazar_basin"> <tr> <th colspan="3" align="left"> <div id="divi10" onclick="expand(\'i10\', this, \'Sholazar Basin\')">[-] ' . lang("char", "rep_sholazar_basin") . '</div> </th> </tr> <tr> <td> <table id="i10" class="lined" style="width: 535px; display: table;">', 0), 11 => array(' <table class="lined" id="ch_rep_rep_wrath_of_the_lich_king"> <tr> <th colspan="3" align="left"> <div id="divi11" onclick="expand(\'i11\', this, \'Wrath of the Lich King\')">[-] ' . lang("char", "rep_wrath_of_the_lich_king") . '</div> </th> </tr> <tr> <td> <table id="i11" class="lined" style="width: 535px; display: table;">', 0), 12 => array(' <table class="lined" id="ch_rep_rep_other"> <tr> <th colspan="3" align="left"> <div id="divi12" onclick="expand(\'i12\', this, \'Other\')">[-] ' . lang("char", "rep_other") . '</div> </th> </tr> <tr> <td> <table id="i12" class="lined" style="width: 535px; display: table;">', 0), 0 => array(' <table class="lined" id="ch_rep_rep_unknown"> <tr> <th colspan="3" align="left"> <div id="divi13" onclick="expand(\'i13\', this, \'Unknown\')">[-] ' . lang("char", "rep_unknown") . '</div> </th> </tr> <tr> <td> <table id="i13" class="lined" style="width: 535px; display: table;">', 0)); if (count($factions) > 1) { for ($i = 0; $i < count($factions); $i++) { $faction = $factions[$i]; $standing = $faction_ranks[$i]; $rep_rank = fact_get_reputation_rank($faction, $standing, $char["race"]); $rep_rank_name = $reputation_rank[$rep_rank]; $rep_cap = $reputation_rank_length[$rep_rank]; $rep = fact_get_reputation_at_rank($faction, $standing, $char["race"]); $faction_name = fact_get_faction_name($faction); $ft = fact_get_faction_tree($faction); // not show alliance rep for horde and vice versa: if (1 << $char["race"] - 1 & 690 && ($ft == 1 || $ft == 3) || 1 << $char["race"] - 1 & 1101 && ($ft == 2 || $ft == 4)) { } else { // this_is_junk: style left hardcoded because it's calculated. $temp_out[$ft][0] .= ' <tr> <td style="width: 30%;" align="left">' . $faction_name . '</td> <td style="width: 55%;" valign="top"> <div class="faction-bar"> <div class="rep' . $rep_rank . '"> <span class="rep-data">' . $rep . '/' . $rep_cap . '</span> <div class="bar-color" style="width:' . 100 * $rep / $rep_cap . '%"></div> </div> </div> </td> <td style="width: 15%;" align="left" class="rep' . $rep_rank . '">' . $rep_rank_name . '</td> </tr>'; $temp_out[$ft][1] = 1; } } } else { $output .= ' <tr> <td colspan="2"><br /><br />' . lang("global", "err_no_records_found") . '<br /><br /></td> </tr>'; } foreach ($temp_out as $out) { if ($out[1]) { $output .= $out[0] . ' </table> </td> </tr> </table>'; } } $output .= ' <br /> </div> <br /> </div> <br /> <table class="hidden center"> <tr> <td>'; // button to user account page, user account page has own security makebutton(lang("char", "chars_acc"), 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130); $output .= ' </td> <td>'; // only higher level GM with delete access can edit character // character edit allows removal of character items, so delete permission is needed if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"]) { //makebutton($lang_char["edit_button"], 'char_edit.php?id='.$id.'&realm='.$realmid.'', 130); $output .= ' </td> <td>'; } // only higher level GM with delete access, or character owner can delete character if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"] || $owner_name === $user_name) { makebutton(lang("char", "del_char"), 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130); $output .= ' </td> <td>'; } // only GM with update permission can send mail, mail can send items, so update permission is needed if ($user_lvl >= $action_permission["update"]) { makebutton(lang("char", "send_mail"), 'mail.php?type=ingame_mail&to=' . $char["name"] . '', 130); $output .= ' </td> <td>'; } makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> <br /> <!-- end of char_achieve.php -->'; } else { error(lang("char", "no_permission")); } } else { error(lang("char", "no_char_found")); } }
function browse_chars() { global $output, $logon_db, $corem_db, $corem_db, $characters_db, $realm_id, $site_encoding, $action_permission, $user_lvl, $user_name, $showcountryflag, $itemperpage, $timezone_offset, $sql, $core; //==========================$_GET and SECURE======================== $start = isset($_GET["start"]) ? $sql["logon"]->quote_smart($_GET["start"]) : 0; if (!is_numeric($start)) { $start = 0; } $order_by = isset($_GET["order_by"]) ? $sql["logon"]->quote_smart($_GET["order_by"]) : "guid"; if (!preg_match("/^[_[:lower:]]{1,12}\$/", $order_by)) { $order_by = "guid"; } $dir = isset($_GET["dir"]) ? $sql["logon"]->quote_smart($_GET["dir"]) : 1; if (!preg_match("/^[01]{1}\$/", $dir)) { $dir = 1; } $order_dir = $dir ? "ASC" : "DESC"; $dir = $dir ? 0 : 1; //==========================$_GET and SECURE end======================== if ($order_by == "mapid") { $order_by = "mapid, zoneid"; $order_hold = "mapid"; } elseif ($order_by == "zoneid") { $order_by = "zoneid, mapid"; $order_hold = "zoneid"; } else { $order_hold = $order_by; } switch ($_GET["symbol"]) { case "equal": $symbol = "="; break; case "greater_equal": $symbol = ">="; break; case "greater": $symbol = ">"; break; case "less_equal": $symbol = "<="; break; case "less": $symbol = "<"; break; case "not_equal": $symbol = "<>"; break; } $search_by = ""; $search_value = ""; if (isset($_GET["search_value"]) && isset($_GET["search_by"])) { $search_value = $sql["logon"]->quote_smart($_GET["search_value"]); $search_by = isset($_GET["search_by"]) ? $sql["logon"]->quote_smart($_GET["search_by"]) : "name"; $search_menu = array("name", "guid", "account", "level", "greater_level", "guild", "race", "class", "mapid", "highest_rank", "greater_rank", "online", "gold", "item"); if (!in_array($search_by, $search_menu)) { $search_by = "name"; } unset($search_menu); switch ($search_by) { //need to get the acc id from other table since input comes as name case "account": if (preg_match('/^[\\t\\v\\b\\f\\a\\n\\r\\\\"\'\\? <>[](){}_=+-|!@#$%^&*~`.,0123456789\\0]{1,30}$/', $search_value)) { redirect("charlist.php?error=2"); } if ($core == 1) { $result = $sql["logon"]->query("SELECT acct FROM accounts WHERE login LIKE '%" . $search_value . "%' LIMIT " . $start . ", " . $itemperpage); } else { $result = $sql["logon"]->query("SELECT id AS acct FROM account WHERE username LIKE '%" . $search_value . "%' LIMIT " . $start . ", " . $itemperpage); } if ($core == 1) { $where_out = " acct IN (0 "; } else { $where_out = " account IN (0 "; } while ($char = $sql["logon"]->fetch_row($result)) { $where_out .= ", "; $where_out .= $char[0]; } $where_out .= ") "; unset($result); break; case "level": if (!is_numeric($search_value)) { $search_value = 1; } $where_out = "level" . $symbol . $search_value; break; case "gold": if (!is_numeric($search_value)) { $search_value = 1; } if ($core == 1) { $where_out = "gold" . $symbol . $search_value; } else { $where_out = "money" . $symbol . $search_value; } break; case "guild": if (preg_match('/^[\\t\\v\\b\\f\\a\\n\\r\\\\"\'\\? <>[](){}_=+-|!@#$%^&*~`.,0123456789\\0]{1,30}$/', $search_value)) { redirect("charlist.php?error=2"); } if ($core == 1) { $result = $sql["char"]->query("SELECT guildid FROM guilds WHERE guildname LIKE '%" . $search_value . "%'"); } else { $result = $sql["char"]->query("SELECT guildid FROM guild WHERE name LIKE '%" . $search_value . "%'"); } $guildid = $sql["char"]->result($result, 0, 'guildid'); if (!$search_value) { $guildid = 0; } if ($core == 1) { $Q1 = "SELECT playerid FROM guild_data WHERE guildid=" . $guildid; } else { $Q1 = "SELECT guid AS playerid FROM guild_member WHERE guildid=" . $guildid; } $result = $sql["char"]->query($Q1); unset($guildid); unset($Q1); $where_out = "guid IN (0 "; while ($char = $sql["char"]->fetch_row($result)) { $where_out .= ", "; $where_out .= $char[0]; } $where_out .= ") "; unset($result); break; case "item": if (!is_numeric($search_value)) { $search_value = 0; } if ($core == 1) { $result = $sql["char"]->query("SELECT ownerguid\r\n FROM playeritems\r\n WHERE entry" . $symbol . "'" . $search_value . "'"); } elseif ($core == 2) { $result = $sql["char"]->query("SELECT owner_guid AS ownerguid\r\n FROM character_inventory\r\n LEFT JOIN item_instance ON character_inventory.item=item_instance.guid\r\n WHERE item_template" . $symbol . "'" . $search_value . "'"); } else { $result = $sql["char"]->query("SELECT owner_guid AS ownerguid\r\n FROM character_inventory\r\n LEFT JOIN item_instance ON character_inventory.item=item_instance.guid\r\n WHERE itemEntry" . $symbol . "'" . $search_value . "'"); } $where_out = "guid IN (0 "; while ($char = $sql["char"]->fetch_row($result)) { if ($char[0] != NULL) { $where_out .= ", "; $where_out .= $char[0]; } } $where_out .= ") "; unset($result); break; case "highest_rank": if (!is_numeric($search_value)) { $search_value = 0; } if ($core == 1) { $where_out = "SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ';', " . (PLAYER_FIELD_LIFETIME_HONORBALE_KILLS + 1) . "), ';', -1)" . $symbol . $search_value; } else { $where_out = "totalKills" . $symbol . $search_value; } break; case "mapid": if (!is_numeric($search_value)) { $search_value = 0; } if ($core == 1) { $where_out = "mapid" . $symbol . $search_value; } else { $where_out = "map" . $symbol . $search_value; } break; case "online": if ($search_value != 0) { $search_value = 1; } else { $search_value = 0; } $where_out = "online=" . $search_value; break; default: if (preg_match('/^[\\t\\v\\b\\f\\a\\n\\r\\\\"\'\\? <>[](){}_=+-|!@#$%^&*~`.,0123456789\\0]{1,30}$/', $search_value)) { redirect("charlist.php?error=2"); } if (!is_numeric($search_value)) { $where_out = $search_by . " LIKE '%" . $search_value . "%'"; } else { $where_out = $search_by . $symbol . "'" . $search_value . "'"; } } if ($core == 1) { $sql_query = "SELECT guid, name, acct, race, class, zoneid, mapid,\r\n CAST( SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ';', " . (PLAYER_FIELD_LIFETIME_HONORBALE_KILLS + 1) . "), ';', -1) AS UNSIGNED) AS highest_rank,\r\n online, level, gender, timestamp\r\n FROM `characters`\r\n WHERE " . $where_out . " ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage; } else { $sql_query = "SELECT guid, name, account AS acct, race, class, zone AS zoneid, map AS mapid,\r\n totalKills AS highest_rank,\r\n online, level, gender, logout_time AS timestamp\r\n FROM `characters`\r\n WHERE " . $where_out . " ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage; } $query_1 = $sql["char"]->query("SELECT COUNT(*) FROM `characters` WHERE " . $where_out); $query = $sql["char"]->query($sql_query); } else { $query_1 = $sql["char"]->query("SELECT COUNT(*) FROM `characters`"); if ($core == 1) { $query = $sql["char"]->query("SELECT guid, name, acct, race, class, zoneid, mapid,\r\n online, level, gender, timestamp,\r\n CAST( SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ';', " . (PLAYER_FIELD_LIFETIME_HONORBALE_KILLS + 1) . "), ';', -1) AS UNSIGNED) AS highest_rank\r\n FROM `characters` ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage); } else { $query = $sql["char"]->query("SELECT guid, name, account AS acct, race, class, zone AS zoneid, map AS mapid,\r\n online, level, gender, logout_time AS timestamp,\r\n totalKills AS highest_rank\r\n FROM `characters` ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage); } } $all_record = $sql["char"]->result($query_1, 0); unset($query_1); $this_page = $sql["char"]->num_rows($query); //==========================top page navigaion starts here======================== $output .= ' <script type="text/javascript" src="libs/js/check.js"></script> <table class="top_hidden"> <tr> <td>'; // cleanup unknown working condition //if($user_lvl >= $action_permission["delete"]) // makebutton($lang_char_list["cleanup"], 'cleanup.php', 130); makebutton(lang("global", "back"), 'javascript:window.history.back()', 130); $search_by && $search_value ? makebutton(lang("char_list", "characters"), 'char_list.php" type="def', 130) : ($output .= ''); $output .= ' </td> <td align="right" style="width: 25%;" rowspan="2">'; $output .= generate_pagination('char_list.php?order_by=' . $order_hold . '&dir=' . ($dir ? 0 : 1) . ($search_value && $search_by ? '&symbol=' . $_GET["symbol"] . '&search_by=' . $search_by . '&search_value=' . $search_value . '' : ''), $all_record, $itemperpage, $start); $output .= ' </td> </tr> <tr align="left"> <td> <table class="hidden"> <tr> <td> <form action="char_list.php" method="get" id="form"> <div> <input type="hidden" name="error" value="3" /> <select name="search_by"> <option value="name"' . ($search_by == "name" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_name") . '</option> <option value="guid"' . ($search_by == "guid" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_id") . '</option> <option value="account"' . ($search_by == "account" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_account") . '</option> <option value="level"' . ($search_by == "level" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_level") . '</option> <option value="guild"' . ($search_by == "guild" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_guild") . '</option> <option value="race"' . ($search_by == "race" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_race_id") . '</option> <option value="class"' . ($search_by == "class" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_class_id") . '</option> <option value="mapid"' . ($search_by == "mapid" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_map_id") . '</option> <option value="highest_rank"' . ($search_by == "highest_rank" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_honor_kills") . '</option> <option value="online"' . ($search_by == "online" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_online") . '</option> <option value="gold"' . ($search_by == "gold" ? ' selected="selected"' : '') . '>' . lang("char_list", "chars_gold") . '</option> <option value="item"' . ($search_by == "item" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_item") . '</option> </select> <select name="symbol"> <option value="equal"' . ($symbol == "=" ? ' selected="selected"' : '') . '>=</option> <option value="greater_equal"' . ($symbol == ">=" ? ' selected="selected"' : '') . '>>=</option> <option value="greater"' . ($symbol == ">" ? ' selected="selected"' : '') . '>></option> <option value="less_equal"' . ($symbol == "<=" ? ' selected="selected"' : '') . '><=</option> <option value="less"' . ($symbol == "<" ? ' selected="selected"' : '') . '><</option> <option value="not_equal"' . ($symbol == "<>" ? ' selected="selected"' : '') . '>!=</option> </select> <input type="text" size="24" maxlength="50" name="search_value" value="' . $search_value . '" /> </div> </form> </td> <td>'; makebutton(lang("global", "search"), 'javascript:do_submit()', 80); $output .= ' </td> </tr> </table> </td> </tr> </table>'; //==========================top page navigaion ENDS here ======================== $output .= ' <form method="get" action="char_list.php" id="form1"> <div> <input type="hidden" name="action" value="del_char_form" /> <input type="hidden" name="start" value="' . $start . '" /> </div> <table class="lined" id="char_list_table"> <tr> <td colspan="6" align="left" class="hidden">'; if ($user_lvl >= $action_permission["delete"] || $owner_acc_name == $user_name) { makebutton(lang("char_list", "del_selected_chars"), 'javascript:do_submit(\'form1\',0)" type="wrn', 220); } $output .= ' </td> </tr> <tr> <th style="width: 1%;"> <input name="allbox" type="checkbox" value="Check All" onclick="CheckAll(document.form1);" /> </th> <th style="width: 1%;"> <a href="char_list.php?order_by=guid&start=' . $start . ($search_value && $search_by ? '&search_by=' . $search_by . '&symbol=' . $_GET["symbol"] . '&search_value=' . $search_value : '') . '&dir=' . $dir . '">' . ($order_by == "guid" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "id") . '</a> </th> <th style="width: 10%;"> <a href="char_list.php?order_by=name&start=' . $start . ($search_value && $search_by ? '&search_by=' . $search_by . '&symbol=' . $_GET["symbol"] . '&search_value=' . $search_value : '') . '&dir=' . $dir . '">' . ($order_by == "name" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "char_name") . '</a> </th> <th style="width: 10%;"> <a href="char_list.php?order_by=acct&start=' . $start . ($search_value && $search_by ? '&search_by=' . $search_by . '&symbol=' . $_GET["symbol"] . '&search_value=' . $search_value : '') . '&dir=' . $dir . '">' . ($order_by == "acct" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "account") . '</a> </th> <th style="width: 1%;"> <a href="char_list.php?order_by=race&start=' . $start . ($search_value && $search_by ? '&search_by=' . $search_by . '&symbol=' . $_GET["symbol"] . '&search_value=' . $search_value : '') . '&dir=' . $dir . '">' . ($order_by == "race" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "race_short") . '</a> </th> <th style="width: 1%;"> <a href="char_list.php?order_by=class&start=' . $start . ($search_value && $search_by ? '&search_by=' . $search_by . '&symbol=' . $_GET["symbol"] . '&search_value=' . $search_value : '') . '&dir=' . $dir . '">' . ($order_by == "class" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "class_short") . '</a> </th> <th style="width: 1%;"> <a href="char_list.php?order_by=level&start=' . $start . ($search_value && $search_by ? '&search_by=' . $search_by . '&symbol=' . $_GET["symbol"] . '&search_value=' . $search_value : '') . '&dir=' . $dir . '">' . ($order_by == "level" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "level_short") . '</a> </th> <th style="width: 10%;"> <a href="char_list.php?order_by=mapid&start=' . $start . ($search_value && $search_by ? '&search_by=' . $search_by . '&symbol=' . $_GET["symbol"] . '&search_value=' . $search_value : '') . '&dir=' . $dir . '">' . ($order_by == "mapid, zoneid" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "map") . '</a> </th> <th style="width: 10%;"> <a href="char_list.php?order_by=zoneid&start=' . $start . ($search_value && $search_by ? '&search_by=' . $search_by . '&symbol=' . $_GET["symbol"] . '&search_value=' . $search_value : '') . '&dir=' . $dir . '">' . ($order_by == "zoneid, mapid" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "zone") . '</a> </th> <th style="width: 1%;"> <a href="char_list.php?order_by=highest_rank&start=' . $start . ($search_value && $search_by ? '&search_by=' . $search_by . '&symbol=' . $_GET["symbol"] . '&search_value=' . $search_value : '') . '&dir=' . $dir . '">' . ($order_by == "highest_rank" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "honor_kills") . '</a> </th> <th style="width: 10%;"> <!-- a href="char_list.php?order_by=guild&start=' . $start . ($search_value && $search_by ? '&search_by=' . $search_by . '&symbol=' . $_GET["symbol"] . '&search_value=' . $search_value : '') . '&dir=' . $dir . '" -->' . ($order_by == "guild" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "guild") . '<!-- /a --> </th> <th style="width: 10%;"> <a href="char_list.php?order_by=timestamp&start=' . $start . ($search_value && $search_by ? '&search_by=' . $search_by . '&symbol=' . $_GET["symbol"] . '&search_value=' . $search_value : '') . '&dir=' . $dir . '">' . ($order_by == "logout_time" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "lastseen") . '</a> </th> <th style="width: 1%;"> <a href="char_list.php?order_by=online&start=' . $start . ($search_value && $search_by ? '&search_by=' . $search_by . '&symbol=' . $_GET["symbol"] . '&search_value=' . $search_value : '') . '&dir=' . $dir . '">' . ($order_by == "online" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . ' <img src="img/lightning.png" onmousemove="oldtoolTip(\'' . lang("char_list", "online") . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" ' . ($order_by == "online" ? '' : 'style="position: relative; top: 7px;"') . ' /> </a> </th>'; if ($showcountryflag) { require_once "libs/misc_lib.php"; $output .= ' <th style="width: 1%;"> <img src="img/world.png" onmousemove="oldtoolTip(\'' . lang("global", "country") . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </th>'; } if ($user_lvl >= $action_permission["update"]) { $output .= ' <th style="width: 1%;"> <img src="img/arrow_switch.png" onmousemove="oldtoolTip(\'' . lang("char_list", "char_tools") . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </th>'; } $output .= ' </tr>'; $looping = $this_page < $itemperpage ? $this_page : $itemperpage; for ($i = 1; $i <= $looping; $i++) { // switched to fetch_assoc because using record indexes is for morons $char = $sql["char"]->fetch_assoc($query, 0) or die(error(lang("global", "err_no_user"))); // to disalow lower lvl gm to view accounts of other GMs if ($core == 1) { $a_query = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $char["acct"] . "'"); } else { $a_query = $sql["logon"]->query("SELECT username as login FROM account WHERE id='" . $char["acct"] . "'"); } $owner_acc_name = $sql["logon"]->result($a_query, 0, 'login'); $gm_query = $sql["mgr"]->query("SELECT SecurityLevel AS gm FROM config_accounts WHERE Login='******'"); $owner_gmlvl = $sql["mgr"]->result($gm_query, 0, 'gm'); if ($owner_gmlvl >= 1073741824) { $owner_gmlvl -= 1073741824; } $time_offset = $timezone_offset * 3600; if ($char["timestamp"] != 0) { // we only show hours if it was today if (date("M j, Y", $char["timestamp"] + $time_offset) == date("M j, Y", $time_offset)) { $lastseen = date(lang("char_list", "today") . " @ Hi", $char["timestamp"] + $time_offset); } else { $lastseen = date("M j, Y", $char["timestamp"] + $time_offset); } } else { $lastseen = "-"; } if ($core == 1) { $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_data WHERE playerid='" . $char["guid"] . "'"), 0); $guild_name = $sql["char"]->result($sql["char"]->query("SELECT guildName FROM guilds WHERE guildid='" . $guild_id . "'")); } else { $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_member WHERE guid='" . $char["guid"] . "'"), 0); $guild_name = $sql["char"]->result($sql["char"]->query("SELECT name FROM guild WHERE guildid='" . $guild_id . "'")); } // we need the screen name here // but first, we need the user name if ($core == 1) { $un_query = "SELECT * FROM accounts WHERE acct='" . $char["acct"] . "'"; } else { $un_query = "SELECT * FROM account WHERE id='" . $char["acct"] . "'"; } $un_results = $sql["logon"]->query($un_query); $un = $sql["logon"]->fetch_assoc($un_results); $sn_query = "SELECT * FROM config_accounts WHERE Login='******'"; $sn_result = $sql["mgr"]->query($sn_query); $sn = $sql["mgr"]->fetch_assoc($sn_result); if ($user_lvl >= $owner_gmlvl || $owner_acc_name == $user_name || $user_lvl == $action_permission["delete"]) { $output .= ' <tr> <td>'; if ($user_lvl >= $action_permission["delete"] || $owner_acc_name == $user_name) { $output .= ' <input type="checkbox" name="check[]" value="' . $char["guid"] . '" onclick="CheckCheckAll(document.form1);" />'; } $output .= ' </td> <td>' . $char["guid"] . '</td> <td> <a href="char.php?id=' . $char["guid"] . '">' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . '</a> </td>'; if ($sn["ScreenName"]) { $output .= ' <td> <a href="user.php?action=edit_user&error=11&acct=' . $char["acct"] . '">' . htmlentities($sn["ScreenName"], ENT_COMPAT, $site_encoding) . '</a> </td>'; } else { $output .= ' <td> <a href="user.php?action=edit_user&error=11&acct=' . $char["acct"] . '">' . htmlentities($owner_acc_name, ENT_COMPAT, $site_encoding) . '</a> </td>'; } $output .= ' <td> <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <span>' . char_get_level_color($char["level"]) . '</span> </td> <td> <span onmousemove="oldtoolTip(\'MapID:' . $char["mapid"] . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_map_name($char["mapid"]) . '</span> </td> <td> <span onmousemove="oldtoolTip(\'ZoneID:' . $char["zoneid"] . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_zone_name($char["zoneid"]) . '</span> </td> <td> <span>' . $char["highest_rank"] . '</span> </td> <td> <a href="guild.php?action=view_guild&error=3&id=' . $guild_id . '">' . htmlentities($guild_name, ENT_COMPAT, $site_encoding) . '</a> </td> <td> <span>' . $lastseen . '</span> </td> <td> <img src="img/' . ($char["online"] ? 'up' : 'down') . '.gif" alt="" /> </td>'; if ($showcountryflag) { $country = misc_get_country_by_account($char["acct"]); if ($country["code"]) { $output .= ' <td> <img src="img/flags/' . $country["code"] . '.png" onmousemove="oldtoolTip(\'' . $country["country"] . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td>'; } else { $output .= ' <td> <span>-</span> </td>'; } } if ($user_lvl >= $action_permission["update"]) { $output .= ' <td> <a href="char_tools.php?char=' . $char["guid"] . '"> <img src="img/arrow_switch.png" alt="" /> </a> </td>'; } $output .= ' </tr>'; } else { $output .= ' <tr> <td>*</td><td>***</td><td>***</td><td>You</td><td>Have</td><td>No</td><td class="small">Permission</td><td>to</td><td>View</td><td>this</td><td>Data</td><td>***</td><td>*</td>'; if ($showcountryflag) { $output .= '<td>*</td>'; } $output .= ' <td>*</td> </tr>'; } } unset($char); unset($result); $output .= ' <tr> <td colspan="13" align="right" class="hidden" style="width: 25%;">'; $output .= generate_pagination('char_list.php?order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1) . ($search_value && $search_by ? '&symbol=' . $_GET["symbol"] . '&search_by=' . $search_by . '&search_value=' . $search_value . '' : ''), $all_record, $itemperpage, $start); $output .= ' </td> </tr> <tr> <td colspan="6" align="left" class="hidden">'; if ($user_lvl >= $action_permission["delete"] || $owner_acc_name == $user_name) { makebutton(lang("char_list", "del_selected_chars"), 'javascript:do_submit(\'form1\',0)" type="wrn', 220); } $output .= ' </td> <td colspan="7" align="right" class="hidden">' . lang("char_list", "tot_chars") . ' : ' . $all_record . '</td> </tr> </table> </form>'; }
function edit_user() { global $lang_global, $lang_user, $output, $realm_db, $characters_db, $realm_id, $mmfpm_db, $user_lvl, $user_name, $gm_level_arr, $action_permission, $expansion_select, $developer_test_mode, $multi_realm_mode, $server; $active_realm_id_pq = "active_realm_id"; if (empty($_GET['id'])) { redirect("user.php?error=10"); } $sqlr = new SQL(); $sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); $sqlc = new SQL(); $sqlc->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']); $id = $sqlr->quote_smart($_GET['id']); $result = $sqlr->query("SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,{$active_realm_id_pq},expansion FROM account WHERE id = '{$id}'"); $data = $sqlr->fetch_assoc($result); $refguid = $sqlm->fetch_assoc($sqlm->query('SELECT InvitedBy FROM mm_point_system_invites WHERE PlayersAccount = ' . $data['id'] . '')); $refguid = $refguid['InveitedBy']; $referred_by = $sqlc->fetch_assoc($sqlc->query("SELECT name FROM characters WHERE guid = '{$refguid}'")); unset($refguid); $referred_by = $referred_by['name']; if ($sqlr->num_rows($result)) { $output .= ' <center> <script type="text/javascript" src="libs/js/sha1.js"></script> <script type="text/javascript"> // <![CDATA[ function do_submit_data () { if ((document.form.username.value != "' . $data['username'] . '") && (document.form.new_pass.value == "******")) { alert("If you are changing Username, The password must be changed too."); return; } else { document.form.pass.value = hex_sha1(document.form.username.value.toUpperCase()+":"+document.form.new_pass.value.toUpperCase()); document.form.new_pass.value = "0"; do_submit(); } } // ]]> </script> <fieldset style="width: 550px;"> <legend>' . $lang_user['edit_acc'] . '</legend> <form method="post" action="user.php?action=doedit_user" name="form"> <input type="hidden" name="pass" value="" maxlength="256" /> <input type="hidden" name="id" value="' . $id . '" /> <table class="flat"> <tr> <td>' . $lang_user['id'] . '</td> <td>' . $data['id'] . '</td> </tr> <tr> <td>' . $lang_user['username'] . '</td>'; if ($user_lvl >= $action_permission['update']) { $output .= ' <td><input type="text" name="username" size="42" maxlength="15" value="' . $data['username'] . '" /></td>'; } else { $output .= ' <td>' . $data['username'] . '</td>'; } $output .= ' </tr> <tr> <td>' . $lang_user['password'] . '</td>'; if ($user_lvl >= $action_permission['update']) { $output .= "\r\n <td><input type=\"text\" name=\"new_pass\" size=\"42\" maxlength=\"40\" value=\"******\" /></td>"; } else { $output .= "\r\n <td>********</td>"; } $output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['email']}</td>"; if ($user_lvl >= $action_permission['update']) { $output .= ' <td><input type="text" name="mail" size="42" maxlength="225" value="' . $data['email'] . '" /></td>'; } else { $output .= "\r\n <td>***@***.***</td>"; } $output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['invited_by']}:</td>\r\n <td>"; if ($user_lvl >= $action_permission['update'] && !$referred_by != NULL) { $output .= "\r\n <input type=\"text\" name=\"referredby\" size=\"42\" maxlength=\"12\" value=\"{$referred_by}\" />"; } else { $output .= "\r\n {$referred_by}"; } $output .= "\r\n </td>\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['gm_level_long']}</td>"; if ($user_lvl >= $action_permission['update']) { $output .= "\r\n <td>\r\n <select name=\"gmlevel\">"; foreach ($gm_level_arr as $level) { if ($level[0] > -1 && $level[0] < $user_lvl) { $output .= "\r\n <option value=\"{$level[0]}\" "; if ($data['gmlevel'] == $level[0]) { $output .= "selected=\"selected\" "; } $output .= ">{$level[1]}</option>"; } } $output .= "\r\n </select>\r\n </td>"; } else { $output .= ' <td>' . id_get_gm_level($data['gmlevel']) . ' ( ' . $data['gmlevel'] . ' )</td>'; } $output .= ' </tr> <tr> <td>' . $lang_user['join_date'] . '</td> <td>' . $data['joindate'] . '</td> </tr> <tr> <td>' . $lang_user['last_ip'] . '</td>'; if ($user_lvl >= $action_permission['update']) { $output .= ' <td>' . $data['last_ip'] . '<a href="banned.php?action=do_add_entry&entry=' . $data['last_ip'] . '&bantime=3600&ban_type=ip_banned"> <- ' . $lang_user['ban_this_ip'] . '</a></td>'; } else { $output .= "\r\n <td>***.***.***.***</td>"; } $output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['banned']}</td>"; $que = $sqlr->query("SELECT bandate, unbandate, bannedby, banreason FROM account_banned WHERE id = {$id}"); if ($sqlr->num_rows($que)) { $banned = $sqlr->fetch_row($que); $ban_info = " From:" . date('d-m-Y G:i', $banned[0]) . " till:" . date('d-m-Y G:i', $banned[1]) . "<br />by {$banned['2']}"; $ban_checked = " checked=\"checked\""; } else { $ban_checked = ""; $ban_info = ""; $banned[3] = ""; } if ($user_lvl >= $action_permission['update']) { $output .= "\r\n <td><input type=\"checkbox\" name=\"banned\" value=\"1\" {$ban_checked}/>{$ban_info}</td>"; } else { $output .= "\r\n <td>{$ban_info}</td>"; } $output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['banned_reason']}</td>"; if ($user_lvl >= $action_permission['update']) { $output .= "\r\n <td><input type=\"text\" name=\"banreason\" size=\"42\" maxlength=\"255\" value=\"{$banned['3']}\" /></td>"; } else { $output .= "\r\n <td>{$banned['3']}</td>"; } if ($expansion_select) { $output .= "\r\n </tr>\r\n <tr>"; if ($user_lvl >= $action_permission['update']) { $output .= "\r\n <td>{$lang_user['client_type']}</td>"; $output .= "\r\n <td>\r\n <select name=\"expansion\">"; $output .= "\r\n <option value=\"0\">{$lang_user['classic']}</option>\r\n <option value=\"1\" "; if ($data['expansion'] == 1) { $output .= "selected=\"selected\" "; } $output .= ">{$lang_user['tbc']}</option>\r\n <option value=\"2\" "; if ($data['expansion'] == 2) { $output .= "selected=\"selected\" "; } $output .= ">{$lang_user['wotlk']}</option>\r\n </select>\r\n </td>"; } else { $output .= "\r\n <td>{$lang_user['classic']}</td>"; } } $output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['failed_logins_long']}</td>"; if ($user_lvl >= $action_permission['update']) { $output .= ' <td><input type="text" name="failed" size="42" maxlength="3" value="' . $data['failed_logins'] . '" /></td>'; } else { $output .= ' <td>' . $data['failed_logins'] . '</td>'; } $output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['locked']}</td>"; $lock_checked = $data['locked'] ? " checked=\"checked\"" : ""; if ($user_lvl >= $action_permission['update']) { $output .= "\r\n <td><input type=\"checkbox\" name=\"locked\" value=\"1\" {$lock_checked}/></td>"; } else { $output .= "\r\n <td></td>"; } $output .= ' </tr> <tr> <td>' . $lang_user['last_login'] . '</td> <td>' . $data['last_login'] . '</td> </tr> <tr> <td>' . $lang_user['online'] . '</td>'; $output .= "\r\n <td>" . ($data['active_realm_id'] ? $lang_global['yes'] : $lang_global['no']) . "</td>\r\n </tr>"; $query = $sqlr->query("SELECT SUM(numchars) FROM realmcharacters WHERE acctid = '{$id}'"); $tot_chars = $sqlr->result($query, 0); $query = $sqlc->query("SELECT count(*) FROM `characters` WHERE account = {$id}"); $chars_on_realm = $sqlc->result($query, 0); $output .= "\r\n <tr>\r\n <td>{$lang_user['tot_chars']}</td>\r\n <td>{$tot_chars}</td>\r\n </tr>"; $realms = $sqlr->query("SELECT id, name FROM realmlist"); if ($developer_test_mode && $multi_realm_mode && ($sqlr->num_rows($realms) > 1 && count($server) > 1 && count($characters_db) > 1)) { require_once "scripts/get_lib.php"; while ($realm = $sqlr->fetch_array($realms)) { $sqlc->connect($characters_db[$realm[0]]['addr'], $characters_db[$realm[0]]['user'], $characters_db[$realm[0]]['pass'], $characters_db[$realm[0]]['name']); $query = $sqlc->query("SELECT count(*) FROM `characters` WHERE account = {$id}"); $chars_on_realm = $sqlc->result($query, 0); $output .= "\r\n <tr>\r\n <td>{$lang_user['chars_on_realm']} " . get_realm_name($realm[0]) . "</td>\r\n <td>{$chars_on_realm}</td>\r\n </tr>"; if ($chars_on_realm) { $char_array = $sqlc->query("SELECT guid, name, race, class, level, gender\r\n FROM `characters` WHERE account = {$id}"); while ($char = $sqlc->fetch_array($char_array)) { $output .= "\r\n <tr>\r\n <td> '---></td>\r\n <td>\r\n <a href=\"char.php?id={$char['0']}&realm={$realm['0']}\">{$char['1']} - <img src='img/c_icons/{$char[2]}-{$char[5]}.gif' onmousemove='toolTip(\"" . char_get_race_name($char[2]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" />\r\n <img src='img/c_icons/{$char[3]}.gif' onmousemove='toolTip(\"" . char_get_class_name($char[3]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\"/> - lvl " . char_get_level_color($char[4]) . "</a>\r\n </td>\r\n </tr>"; } } } } else { $query = $sqlc->query("SELECT count(*) FROM `characters` WHERE account = {$id}"); $chars_on_realm = $sqlc->result($query, 0); $output .= "\r\n <tr>\r\n <td>{$lang_user['chars_on_realm']}</td>\r\n <td>{$chars_on_realm}</td>\r\n </tr>"; if ($chars_on_realm) { $char_array = $sqlc->query("SELECT guid,name,race,class, level, gender FROM `characters` WHERE account = {$id}"); while ($char = $sqlc->fetch_array($char_array)) { $output .= "\r\n <tr>\r\n <td> '---></td>\r\n <td>\r\n <a href=\"char.php?id={$char['0']}\">{$char['1']} - <img src='img/c_icons/{$char[2]}-{$char[5]}.gif' onmousemove='toolTip(\"" . char_get_race_name($char[2]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" />\r\n <img src='img/c_icons/{$char[3]}.gif' onmousemove='toolTip(\"" . char_get_class_name($char[3]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\"/> - lvl " . char_get_level_color($char[4]) . "</a>\r\n </td>\r\n </tr>"; } } } $output .= "\r\n <tr>\r\n <td>"; if ($user_lvl >= $action_permission['delete']) { makebutton($lang_user['del_acc'], "user.php?action=del_user&check%5B%5D={$id}\" type=\"wrn", 130); } $output .= "\r\n </td>\r\n <td>"; if ($user_lvl >= $action_permission['update']) { makebutton($lang_user['update_data'], "javascript:do_submit_data()", 130); } makebutton($lang_global['back'], "javascript:window.history.back()\" type=\"def", 130); $output .= "\r\n </td>\r\n </tr>\r\n </table>\r\n </form>\r\n </fieldset>\r\n <br /><br />\r\n </center>\r\n"; } else { error($lang_global['err_no_user']); } }
function char_friends() { global $output, $realm_id, $logon_db, $corem_db, $characters_db, $site_encoding, $action_permission, $user_lvl, $user_name, $sql, $core; if (empty($_GET["id"])) { error(lang("global", "empty_fields")); } else { $id = $_GET["id"]; } // this is multi realm support, as of writing still under development // this page is already implementing it if (empty($_GET["realm"])) { $realmid = $realm_id; } else { $realmid = $sql["logon"]->quote_smart($_GET["realm"]); if (is_numeric($realmid)) { $sql["char"]->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name'], $characters_db[$realmid]["encoding"]); } else { $realmid = $realm_id; } } //==========================$_GET and SECURE======================== if (!is_numeric($id)) { $id = 0; } $order_by = isset($_GET["order_by"]) ? $sql["char"]->quote_smart($_GET["order_by"]) : 'name'; if (!preg_match('/^[[:lower:]]{1,6}$/', $order_by)) { $order_by = 'name'; } $dir = isset($_GET["dir"]) ? $sql["char"]->quote_smart($_GET["dir"]) : 1; if (!preg_match('/^[01]{1}$/', $dir)) { $dir = 1; } $order_dir = $dir ? "ASC" : "DESC"; $dir = $dir ? 0 : 1; //==========================$_GET and SECURE end======================== if ($order_by === "map") { $order_by = "map " . $order_dir . ", zone"; } elseif ($order_by === "zone") { $order_by = "zone " . $order_dir . ", map"; } // getting character data from database if ($core == 1) { $result = $sql["char"]->query("SELECT acct, name, race, class, level, gender\r\n FROM characters WHERE guid='" . $id . "' LIMIT 1"); } else { $result = $sql["char"]->query("SELECT account AS acct, name, race, class, level, gender\r\n FROM characters WHERE guid='" . $id . "' LIMIT 1"); } if ($sql["char"]->num_rows($result)) { $char = $sql["char"]->fetch_assoc($result); // we get user permissions first $owner_acc_id = $sql["char"]->result($result, 0, "acct"); if ($core == 1) { $result = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $char["acct"] . "'"); } else { $result = $sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $char["acct"] . "'"); } $owner_name = $sql["logon"]->result($result, 0, 'login'); $s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='******'"; $s_result = $sql["mgr"]->query($s_query); $s_fields = $sql["mgr"]->fetch_assoc($s_result); $owner_gmlvl = $s_fields["gm"]; $view_mod = $s_fields["View_Mod_Friends"]; if ($owner_gmlvl >= 1073741824) { $owner_gmlvl -= 1073741824; } // owner configured overrides $view_override = false; if ($view_mod > 0) { if ($view_mod == 1) { } elseif ($view_mod == 2) { // only registered users may view this page if ($user_lvl > -1) { $view_override = true; } } } // visibility overrides for specific tabs $view_inv_override = false; if ($s_fields["View_Mod_Inv"] > 0) { if ($s_fields["View_Mod_Inv"] == 1) { } elseif ($s_fields["View_Mod_Inv"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_inv_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_inv_override = true; } } $view_talent_override = false; if ($s_fields["View_Mod_Talent"] > 0) { if ($s_fields["View_Mod_Talent"] == 1) { } elseif ($s_fields["View_Mod_Talent"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_talent_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_talent_override = true; } } $view_achieve_override = false; if ($s_fields["View_Mod_Achieve"] > 0) { if ($s_fields["View_Mod_Achieve"] == 1) { } elseif ($s_fields["View_Mod_Achieve"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_achieve_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_achieve_override = true; } } $view_quest_override = false; if ($s_fields["View_Mod_Quest"] > 0) { if ($s_fields["View_Mod_Quest"] == 1) { } elseif ($s_fields["View_Mod_Quest"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_quest_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_quest_override = true; } } $view_view_override = false; if ($s_fields["View_Mod_View"] > 0) { if ($s_fields["View_Mod_View"] == 1) { } elseif ($s_fields["View_Mod_View"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_view_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_view_override = true; } } if ($view_override || $user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { //------------------------Character Tabs--------------------------------- // we start with a lead of 10 spaces, // because last line of header is an opening tag with 8 spaces // keep html indent in sync, so debuging from browser source would be easy to read $output .= ' <script type="text/javascript"> // <![CDATA[ function wrap() { if (getBrowserWidth() > 1024) document.write(\'</table></td><td><table class="lined" id="ch_fri_large_screen">\'); } // ]]> </script> <div class="tab"> <ul> <li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>'; if ($view_inv_override) { $output .= ' <li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "inventory") . '</a></li>'; } if ($view_talent_override) { $output .= ' ' . ($char["level"] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "talents") . '</a></li>') . ''; } if ($view_achieve_override) { $output .= ' <li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "achievements") . '</a></li>'; } if ($view_quest_override) { $output .= ' <li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "quests") . '</a></li>'; } $output .= ' <li class="selected"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "friends") . '</a></li>'; if ($view_view_override) { $output .= ' <li><a href="char_view.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "view") . '</a></li>'; } $output .= ' </ul> </div> <div class="tab_content center center_text"> <span class="bold"> ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' - <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . ' </span> <br /><br /> <table class="hidden" id="ch_fri_unk_1"> <tr valign="top"> <td> <table class="lined" id="ch_fri_unk_2">'; // pre-build columns for friends/ignores table $friends_columns = ' <tr> <th style="width: 1%;"> <a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=name&dir=' . $dir . '"' . ($order_by === "name" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "name") . '</a> </th> <th style="width: 1%;"> <a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=race&dir=' . $dir . '"' . ($order_by === "race" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "race") . '</a> </th> <th style="width: 1%;"> <a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=class&dir=' . $dir . '"' . ($order_by === "class" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "class") . '</a> </th> <th style="width: 1%;"> <a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=level&dir=' . $dir . '"' . ($order_by === "level" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "level") . '</a> </th> <th style="width: 1%;"> <a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=mapid&dir=' . $dir . '"' . ($order_by === "map " . $order_dir . ", zone" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "map") . '</a> </th> <th style="width: 1%;"> <a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=zoneid&dir=' . $dir . '"' . ($order_by === "zone " . $order_dir . ", map" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "zone") . '</a> </th> <th style="width: 1%;"> <a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=online&dir=' . $dir . '"' . ($order_by === "online" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "online") . '</a> </th> </tr>'; // get friends if ($core == 1) { $result = $sql["char"]->query("SELECT name, race, class, mapid, zoneid, level, gender, online, acct, guid\r\n FROM characters WHERE guid IN (SELECT friend_guid FROM social_friends WHERE character_guid='" . $id . "') ORDER BY '" . $order_by . "' '" . $order_dir . "'"); } else { $result = $sql["char"]->query("SELECT name, race, class, map AS mapid, zone AS zoneid, level, gender, online, account AS acct, guid\r\n FROM characters WHERE guid IN (SELECT friend FROM character_social WHERE guid='" . $id . "' AND flags=1) ORDER BY '" . $order_by . "' '" . $order_dir . "'"); } $output_temp = '<tr><td style="display: none;"></td></tr>'; if ($sql["char"]->num_rows($result)) { $output_temp .= ' <tr> <th colspan="7" class="center_text"> <span>' . lang("char", "friends") . '</span> </th> </tr>'; // append columns $output_temp .= $friends_columns; while ($data = $sql["char"]->fetch_assoc($result)) { if ($core == 1) { $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $data["acct"] . "'"), 0, "gmlevel"); } else { $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $data["acct"] . "'"), 0, "login"); } $char_gm_level = $sql["mgr"]->result($sql["mgr"]->query("SELECT SecurityLevel AS gmlevel FROM config_accounts WHERE Login='******'"), 0, "gmlevel"); $output_temp .= ' <tr> <td>'; if ($user_lvl >= $char_gm_level) { $output_temp .= ' <a href="char.php?id=' . $data["guid"] . '"> <span>' . $data["name"] . '</span> </a>'; } else { $output_temp .= $data["name"]; } $output_temp .= ' </td> <td> <img src="img/c_icons/' . $data["race"] . '-' . $data["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($data["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <img src="img/c_icons/' . $data["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($data["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <span>' . char_get_level_color($data["level"]) . '</span> </td> <td class="small"> <span onmousemove="oldtoolTip(\'MapID:' . $data["mapid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_map_name($data["mapid"]) . '</span> </td> <td class="small"> <span onmousemove="oldtoolTip(\'ZoneID:' . $data["zoneid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_zone_name($data["zoneid"]) . '</span> </td> <td> <img src="img/' . ($data["online"] ? 'up' : 'down') . '.gif" alt="" /> </td> </tr>'; } } else { $output_temp .= ' <tr> <th colspan="7" class="center_text"> <span>' . lang("char", "friends") . '</span> </th> </tr>'; // append columns $output_temp .= $friends_columns; $output_temp .= ' <tr> <td colspan="7"> <span>' . lang("char", "no_friends") . '</span> </td> </tr>'; } $output_temp .= ' <tr> <th colspan="7"> </th> </tr>'; // get is friend of if ($core == 1) { $result = $sql["char"]->query("SELECT name, race, class, mapid, zoneid, level, gender, online, acct, guid\r\n FROM characters WHERE guid IN (SELECT character_guid FROM social_friends WHERE friend_guid='" . $id . "') ORDER BY '" . $order_by . "' '" . $order_dir . "'"); } else { $result = $sql["char"]->query("SELECT name, race, class, map AS mapid, zone AS zoneid, level, gender, online, account AS acct, guid\r\n FROM characters WHERE guid IN (SELECT guid FROM character_social WHERE friend='" . $id . "' AND flags=1) ORDER BY '" . $order_by . "' '" . $order_dir . "'"); } if ($sql["char"]->num_rows($result)) { $output_temp .= ' <tr> <th colspan="7" class="center_text"> <span>' . lang("char", "friendof") . '</span> </th> </tr>'; // append columns $output_temp .= $friends_columns; while ($data = $sql["char"]->fetch_assoc($result)) { if ($core == 1) { $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $data["acct"] . "'"), 0, "gmlevel"); } else { $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $data["acct"] . "'"), 0, "login"); } $char_gm_level = $sql["mgr"]->result($sql["mgr"]->query("SELECT SecurityLevel AS gmlevel FROM config_accounts WHERE Login='******'"), 0, "gmlevel"); $output_temp .= ' <tr> <td>'; if ($user_lvl >= $char_gm_level) { $output_temp .= ' <a href="char.php?id=' . $data["guid"] . '"> <span>' . $data["name"] . '</span> </a>'; } else { $output_temp .= $data["name"]; } $output_temp .= ' </td> <td> <img src="img/c_icons/' . $data["race"] . '-' . $data["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($data["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <img src="img/c_icons/' . $data["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($data["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <span>' . char_get_level_color($data["level"]) . '</span> </td> <td class="small"> <span onmousemove="oldtoolTip(\'MapID:' . $data["mapid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_map_name($data["mapid"]) . '</span> </td> <td class="small"> <span onmousemove="oldtoolTip(\'ZoneID:' . $data["zoneid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_zone_name($data["zoneid"]) . '</span> </td> <td> <img src="img/' . ($data["online"] ? 'up' : 'down') . '.gif" alt="" /> </td> </tr>'; } } else { $output_temp .= ' <tr> <th colspan="7" class="center_text"> <span>' . lang("char", "friendof") . '</span> </th> </tr>'; // append columns $output_temp .= $friends_columns; $output_temp .= ' <tr> <td colspan="7"> <span>' . lang("char", "no_friend_of") . '</span> </td> </tr>'; } $output_temp .= ' <tr> <th colspan="7"> </th> </tr>'; // get ignores if ($core == 1) { $result = $sql["char"]->query("SELECT name, race, class, mapid, zoneid, level, gender, online, acct, guid\r\n FROM characters WHERE guid IN (SELECT ignore_guid FROM social_ignores WHERE character_guid='" . $id . "') ORDER BY '" . $order_by . "' '" . $order_dir . "'"); } else { $result = $sql["char"]->query("SELECT name, race, class, map AS mapid, zone AS zoneid, level, gender, online, account AS acct, guid\r\n FROM characters WHERE guid IN (SELECT friend FROM character_social WHERE guid='" . $id . "' AND flags=2) ORDER BY '" . $order_by . "' '" . $order_dir . "'"); } if ($sql["char"]->num_rows($result)) { $output_temp .= ' <tr> <th colspan="7" class="center_text"> <span>' . lang("char", "ignored") . '</span> </th> </tr>'; // append columns $output_temp .= $friends_columns; while ($data = $sql["char"]->fetch_assoc($result)) { if ($core == 1) { $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $data["acct"] . "'"), 0, "gmlevel"); } else { $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $data["acct"] . "'"), 0, "login"); } $char_gm_level = $sql["mgr"]->result($sql["mgr"]->query("SELECT SecurityLevel AS gmlevel FROM config_accounts WHERE Login='******'"), 0, "gmlevel"); $output_temp .= ' <tr> <td>'; if ($user_lvl >= $char_gm_level) { $output_temp .= ' <a href="char.php?id=' . $data["guid"] . '"> <span>' . $data["name"] . '</span> </a>'; } else { $output_temp .= $data["name"]; } $output_temp .= ' </td> <td> <img src="img/c_icons/' . $data["race"] . '-' . $data["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($data["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <img src="img/c_icons/' . $data["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($data["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <span>' . char_get_level_color($data["level"]) . '</span> </td> <td class="small"> <span onmousemove="oldtoolTip(\'MapID:' . $data["mapid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_map_name($data["mapid"]) . '</span> </td> <td class="small"> <span onmousemove="oldtoolTip(\'ZoneID:' . $data["zoneid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_zone_name($data["zoneid"]) . '</span> </td> <td> <img src="img/' . ($data["online"] ? 'up' : 'down') . '.gif" alt="" /> </td> </tr>'; } } else { $output_temp .= ' <tr> <th colspan="7" class="center_text"> <span>' . lang("char", "ignored") . '</span> </th> </tr>'; // append columns $output_temp .= $friends_columns; $output_temp .= ' <tr> <td colspan="7"> <span>' . lang("char", "no_ignores") . '</span> </td> </tr>'; } $output_temp .= ' <tr> <th colspan="7"> </th> </tr>'; // get ignored by if ($core == 1) { $result = $sql["char"]->query("SELECT name, race, class, mapid, zoneid, level, gender, online, acct, guid\r\n FROM characters WHERE guid IN (SELECT ignore_guid FROM social_ignores WHERE character_guid='" . $id . "') ORDER BY '" . $order_by . "' '" . $order_dir . "'"); } else { $result = $sql["char"]->query("SELECT name, race, class, map AS mapid, zone AS zoneid, level, gender, online, account AS acct, guid\r\n FROM characters WHERE guid IN (SELECT guid FROM character_social WHERE friend='" . $id . "' AND flags=2) ORDER BY '" . $order_by . "' '" . $order_dir . "'"); } if ($sql["char"]->num_rows($result)) { $output_temp .= ' <tr> <th colspan="7" class="center_text"> <span>' . lang("char", "ignoredby") . '</span> </th> </tr>'; // append columns $output_temp .= $friends_columns; while ($data = $sql["char"]->fetch_assoc($result)) { if ($core == 1) { $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $data["acct"] . "'"), 0, "gmlevel"); } else { $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $data["acct"] . "'"), 0, "login"); } $char_gm_level = $sql["mgr"]->result($sql["mgr"]->query("SELECT SecurityLevel AS gmlevel FROM config_accounts WHERE Login='******'"), 0, "gmlevel"); $output_temp .= ' <tr> <td>'; if ($user_lvl >= $char_gm_level) { $output_temp .= ' <a href="char.php?id=' . $data["guid"] . '"> <span>' . $data["name"] . '</span> </a>'; } else { $output_temp .= $data["name"]; } $output_temp .= ' </td> <td> <img src="img/c_icons/' . $data["race"] . '-' . $data["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($data["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <img src="img/c_icons/' . $data["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($data["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <span>' . char_get_level_color($data["level"]) . '</span> </td> <td class="small"> <span onmousemove="oldtoolTip(\'MapID:' . $data["mapid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_map_name($data["mapid"]) . '</span> </td> <td class="small"> <span onmousemove="oldtoolTip(\'ZoneID:' . $data["zoneid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_zone_name($data["zoneid"]) . '</span> </td> <td> <img src="img/' . ($data["online"] ? 'up' : 'down') . '.gif" alt="" /> </td> </tr>'; } } else { $output_temp .= ' <tr> <th colspan="7" class="center_text"> <span>' . lang("char", "ignoredby") . '</span> </th> </tr>'; // append columns $output_temp .= $friends_columns; $output_temp .= ' <tr> <td colspan="7"> <span>' . lang("char", "no_ignored_by") . '</span> </td> </tr>'; } $output .= $output_temp; $output .= ' </table> </td>'; //---------------Page Specific Data Ends here---------------------------- //---------------Character Tabs Footer----------------------------------- $output .= ' </tr> </table> </div> <br /> <table class="hidden center"> <tr> <td>'; // button to user account page, user account page has own security makebutton(lang("char", "chars_acc"), 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130); $output .= ' </td> <td>'; // only higher level GM with delete access can edit character // character edit allows removal of character items, so delete permission is needed if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"]) { //makebutton($lang_char["edit_button"], 'char_edit.php?id='.$id.'&realm='.$realmid.'', 130); $output .= ' </td> <td>'; } // only higher level GM with delete access, or character owner can delete character if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"] || $owner_name === $user_name) { makebutton(lang("char", "del_char"), 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130); $output .= ' </td> <td>'; } // only GM with update permission can send mail, mail can send items, so update permission is needed if ($user_lvl >= $action_permission["update"]) { makebutton(lang("char", "send_mail"), 'mail.php?type=ingame_mail&to=' . $char["name"] . '', 130); $output .= ' </td> <td>'; } makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> <br /> <!-- end of char_friends.php -->'; } else { error(lang("char", "no_permission")); } } else { error(lang("char", "no_char_found")); } }
function view_guild() { global $lang_guild, $lang_global, $output, $realm_db, $characters_db, $mmfpm_db, $realm_id, $itemperpage, $action_permission, $user_lvl, $user_id, $showcountryflag; if (!isset($_GET['id'])) { redirect("guild.php?error=1&realm={$realmid}"); } $sqlr = new SQL(); $sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); if (empty($_GET['realm'])) { $realmid = $realm_id; } else { $realmid = $sqlr->quote_smart($_GET['realm']); if (!is_numeric($realmid)) { $realmid = $realm_id; } } $sqlc = new SQL(); $sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']); $guild_id = $sqlc->quote_smart($_GET['id']); if (is_numeric($guild_id)) { } else { redirect("guild.php?error=6&realm={$realmid}"); } //==========================SQL INGUILD and GUILDLEADER====================== $q_inguild = $sqlc->query("select 1 from guild_member where guildid = '{$guild_id}' and guid in (select guid from characters where account = '{$user_id}')"); $inguild = $sqlc->result($q_inguild, 0, '1'); if ($user_lvl < $action_permission['update'] && !$inguild) { redirect("guild.php?error=6&realm={$realmid}"); } $q_amIguildleader = $sqlc->query("select 1 from guild where guildid = '{$guild_id}' and leaderguid in (select guid from characters where account = '{$user_id}')"); $amIguildleader = $sqlc->result($q_amIguildleader, 0, '1'); $q_guildmemberCount = $sqlc->query("SELECT 1 from guild_member where guildid = '{$guild_id}'"); $guildmemberCount = $sqlc->num_rows($q_guildmemberCount); //====================SQL INGUILD and GUILDLEADER end======================== //==========================$_GET and SECURE================================= $start = isset($_GET['start']) ? $sqlc->quote_smart($_GET['start']) : 0; if (is_numeric($start)) { } else { $start = 0; } $order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : "mrank"; if (!preg_match("/^[_[:lower:]]{1,10}\$/", $order_by)) { $order_by = "mrank"; } $dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 1; if (!preg_match("/^[01]{1}\$/", $dir)) { $dir = 1; } $order_dir = $dir ? "ASC" : "DESC"; $dir = $dir ? 0 : 1; //==========================$_GET and SECURE end============================= $query = $sqlc->query("SELECT guildid, name, info, MOTD, createdate,\r\n (select count(*) from guild_member where guildid = '{$guild_id}') as mtotal,\r\n (select count(*) from guild_member where guildid = '{$guild_id}' and guid in\r\n (select guid from characters where online = 1)) as monline\r\n FROM guild WHERE guildid = '{$guild_id}'"); $guild_data = $sqlc->fetch_row($query); $output .= "\r\n<center>\r\n\t<div id=\"tab_content\">\r\n\t\t<div id=\"tab\">\r\n\t\t\t<ul>\r\n\t\t\t\t<li id=\"selected\"><a href=\"guild.php?action=view_guild&realm={$realmid}&error=3&id={$guild_data['0']}\">" . $lang_guild['members'] . "</a></li>\r\n\t\t\t\t<li><a href=\"guildbank.php?id={$guild_id}&realm={$realmid}\">" . $lang_guild['guildbank'] . "</a></li>\r\n\t\t\t</ul>\r\n\t\t</div>\r\n"; $output .= "\r\n <script type=\"text/javascript\">\r\n answerbox.btn_ok='{$lang_global['yes']}';\r\n answerbox.btn_cancel='{$lang_global['no']}';\r\n </script>\r\n\t\t<div id=\"tab_content2\">\r\n\t\t\t<table class=\"hidden\" style=\"width: 100%;\">\r\n <tr>\r\n <td>\r\n <table class=\"lined\"style=\"width: 100%;\">\r\n <tr>\r\n <td width=\"25%\"><b>{$lang_guild['create_date']}:</b><br />" . date('o-m-d', $guild_data[4]) . "</td>\r\n <td width=\"50%\" class=\"bold\">{$guild_data['1']}</td>\r\n <td width=\"25%\"><b>{$lang_guild['tot_m_online']}:</b><br />{$guild_data['6']} / {$guild_data['5']}</td>\r\n </tr>"; if ($guild_data[2] != '') { $output .= "\r\n <tr>\r\n <td colspan=\"3\"><b>{$lang_guild['info']}:</b><br />{$guild_data['2']}</td>\r\n </tr>"; } if ($guild_data[3] != '') { $output .= "\r\n <tr>\r\n <td colspan=\"3\"><b>{$lang_guild['motd']}:</b><br />{$guild_data['3']}</td>\r\n </tr>"; } $output .= "\r\n </table>\r\n </td>\r\n </tr>\r\n <tr>\r\n <td align=\"right\">" . generate_pagination("guild.php?action=view_guild&realm={$realmid}&id={$guild_id}&order_by={$order_by}&dir=" . ($dir ? 0 : 1) . "", $guildmemberCount, $itemperpage, $start) . "</td>\r\n </tr>\r\n <tr>\r\n <td>\r\n <table class=\"lined\" style=\"width: 100%;\">\r\n <tr>\r\n <th width=\"1%\">{$lang_guild['remove']}</th>\r\n <th width=\"20%\"><a href=\"guild.php?action=view_guild&error=3&realm={$realmid}&id={$guild_id}&order_by=cname&start={$start}&dir={$dir}\">" . ($order_by == 'cname' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" alt=\"\" /> " : "") . "{$lang_guild['name']}</a></th>\r\n <th width=\"1%\"><a href=\"guild.php?action=view_guild&error=3&realm={$realmid}&id={$guild_id}&order_by=crace&start={$start}&dir={$dir}\">" . ($order_by == 'crace' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" alt=\"\" /> " : "") . "{$lang_guild['race']}</a></th>\r\n <th width=\"1%\"><a href=\"guild.php?action=view_guild&error=3&realm={$realmid}&id={$guild_id}&order_by=class&start={$start}&dir={$dir}\">" . ($order_by == 'cclass' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" alt=\"\" /> " : "") . "{$lang_guild['class']}</a></th>\r\n <th width=\"1%\"><a href=\"guild.php?action=view_guild&error=3&realm={$realmid}&id={$guild_id}&order_by=clevel&start={$start}&dir={$dir}\">" . ($order_by == 'clevel' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" alt=\"\" /> " : "") . "{$lang_guild['level']}</a></th>\r\n <th width=\"23%\"><a href=\"guild.php?action=view_guild&error=3&realm={$realmid}&id={$guild_id}&order_by=mrank&start={$start}&dir={$dir}\">" . ($order_by == 'mrank' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" alt=\"\" /> " : "") . "{$lang_guild['rank']}</a></th>\r\n <th width=\"25%\">{$lang_guild['pnote']}</th>\r\n <th width=\"25%\">{$lang_guild['offnote']}</th>\r\n <th width=\"1%\"><a href=\"guild.php?action=view_guild&error=3&realm={$realmid}&id={$guild_id}&order_by=clogout&start={$start}&dir={$dir}\">" . ($order_by == 'clogout' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" alt=\"\" /> " : "") . "{$lang_guild['llogin']}</a></th>\r\n <th width=\"1%\"><a href=\"guild.php?action=view_guild&error=3&realm={$realmid}&id={$guild_id}&order_by=conline&start={$start}&dir={$dir}\">" . ($order_by == 'conline' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" alt=\"\" /> " : "") . "{$lang_guild['online']}</a></th>"; if ($showcountryflag) { require_once 'libs/misc_lib.php'; $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); $output .= "\r\n <th width=\"1%\">{$lang_global['country']}</th>"; } $output .= "\r\n </tr>"; $members = $sqlc->query("SELECT gm.guid as cguid, c.name as cname, c.`race` as crace ,c.`class` as cclass,\r\n c.`level` AS clevel,\r\n gm.rank AS mrank, (SELECT rname FROM guild_rank WHERE guildid ='{$guild_id}' AND rid = mrank) AS rname,\r\n gm.Pnote, gm.OFFnote, gender,\r\n c.`online` as conline, c.`account`, c.`logout_time` as clogout\r\n FROM guild_member as gm left outer join characters as c on c.guid = gm.guid\r\n WHERE gm.guildid = '{$guild_id}' ORDER BY {$order_by} {$order_dir} LIMIT {$start}, {$itemperpage}"); while ($member = $sqlr->fetch_row($members)) { $result = $sqlr->query("SELECT gmlevel FROM account WHERE id ='{$member['11']}'"); $owner_gmlvl = $sqlr->result($result, 0, 'gmlevel'); $output .= "\r\n <tr>"; // gm, gildleader or own account! are allowed to remove from guild $output .= $user_lvl >= $action_permission['delete'] || $amIguildleader || $member[11] == $user_id ? "\r\n <td>\r\n <img src=\"img/aff_cross.png\" alt=\"\" onclick=\"answerBox('{$lang_global['delete']}: <font color=white>{$member[1]}</font><br />{$lang_global['are_you_sure']}', 'guild.php?action=rem_char_from_guild&realm={$realmid}&id={$member['0']}&guld_id={$guild_id}');\" style=\"cursor:pointer;\" />\r\n </td>" : "\r\n <td>\r\n </td>"; $output .= $user_lvl < $owner_gmlvl ? "\r\n <td>" . htmlentities($member[1]) . "</td>" : "\r\n <td><a href=\"char.php?id={$member['0']}&realm={$realmid}\">" . htmlentities($member[1]) . "</a></td>"; $output .= "\r\n <td><img src='img/c_icons/{$member[2]}-{$member[9]}.gif' onmousemove='toolTip(\"" . char_get_race_name($member[2]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" /></td>\r\n <td><img src='img/c_icons/{$member[3]}.gif' onmousemove='toolTip(\"" . char_get_class_name($member[3]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" /></td>\r\n <td>" . char_get_level_color($member[4]) . "</td>\r\n <td>" . htmlentities($member[6]) . " (" . $member[5] . ")</td>\r\n <td>" . htmlentities($member[7]) . "</td>\r\n <td>" . htmlentities($member[8]) . "</td>\r\n <td>" . get_days_with_color($member[12]) . "</td>\r\n <td>" . ($member[10] ? "<img src=\"img/up.gif\" alt=\"\" />" : "-") . "</td>"; if ($showcountryflag) { $country = misc_get_country_by_account($member[11], $sqlr, $sqlm); $output .= "\r\n <td>" . ($country['code'] ? "<img src='img/flags/" . $country['code'] . ".png' onmousemove='toolTip(\"" . $country['country'] . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" />" : "-") . "</td>"; } $output .= "\r\n </tr>"; } unset($member); $output .= "\r\n </table>\r\n </td>\r\n </tr>\r\n <tr>\r\n <td align=\"right\">" . generate_pagination("guild.php?action=view_guild&error=3&realm={$realmid}&id={$guild_id}&order_by={$order_by}&dir=" . !$dir, $guildmemberCount, $itemperpage, $start) . "</td>\r\n </tr>\r\n </table>\r\n\t\t</div>\r\n\t</div>\r\n <br />"; $output .= "\r\n <table class=\"hidden\">\r\n <tr>\r\n <td>"; if ($user_lvl >= $action_permission['delete'] || $amIguildleader) { makebutton($lang_guild['del_guild'], "guild.php?action=del_guild&realm={$realmid}&id={$guild_id}\" type=\"wrn", 130); $output .= "\r\n </td>\r\n <td>"; } makebutton($lang_guild['show_guilds'], "guild.php?realm={$realmid}\" type=\"def", 130); $output .= "\r\n </td>\r\n </tr>\r\n </table>\r\n\t</center>\r\n"; }
$output .= ' <div id="tab"> <ul> <li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li> <li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['inventory'] . '</a></li> <li><a href="char_extra.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['extra'] . '</a></li> ' . ($char['level'] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['talents'] . '</a></li>') . ' <li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['achievements'] . '</a></li> <li><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['reputation'] . '</a></li> <li><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['skills'] . '</a></li> <li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['quests'] . '</a></li>'; if (char_get_class_name($char['class']) === 'Hunter') { $output .= ' <li><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['pets'] . '</a></li>'; } $output .= ' <li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['friends'] . '</a></li> <li><a href="char_spell.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['spells'] . '</a></li> <li><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['mail'] . '</a></li> </ul> </div>'; $output .= ' <div id="tab_content2"> <font class="bold"> ' . htmlentities($char['name']) . ' - <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /> <img src="img/c_icons/' . $char['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . ' </font>';
function choosename() { global $output, $action_permission, $characters_db, $realm_id, $user_id, $user_name, $name_credits, $sql, $core; valid_login($action_permission["view"]); $guid = $sql["char"]->quote_smart($_GET["char"]); $new1 = ""; if (isset($_GET["new1"])) { $new1 = $sql["char"]->quote_smart($_GET["new1"]); } $new2 = ""; if (isset($_GET["new2"])) { $new2 = $sql["char"]->quote_smart($_GET["new2"]); } $query = "SELECT * FROM characters WHERE guid='" . $guid . "'"; $char = $sql["char"]->fetch_assoc($sql["char"]->query($query)); // credits if ($name_credits >= 0) { // get our credit balance $cr_query = "SELECT Credits FROM config_accounts WHERE Login='******'"; $cr_result = $sql["mgr"]->query($cr_query); $cr_result = $sql["mgr"]->fetch_assoc($cr_result); $credits = $cr_result["Credits"]; } $output .= ' <div id="xname_fieldset" class="fieldset_border center"> <span class="legend">' . lang("xname", "choosename") . '</span> <form method="get" action="change_char_name.php" id="form"> <div> <input type="hidden" name="action" value="getapproval" /> <input type="hidden" name="guid" value="' . $char["guid"] . '" /> </div> <table id="xname_char_table" class="center"> <tr> <td rowspan="4" style="width: 170px;"> <div style="width: 64px; margin-left: auto; margin-right: auto;"> <img src="' . char_get_avatar_img($char["level"], $char["gender"], $char["race"], $char["class"]) . '" alt="" /> </div> </td> <td> <span class="xname_char_name">' . $char["name"] . '</span> </td> </tr> <tr> <td>' . lang("xname", "level") . ': ' . $char["level"] . '</td> </tr> <tr> <td>' . lang("xname", "race") . ': ' . char_get_race_name($char["race"]) . '</td> </tr> <tr> <td>' . lang("xname", "class") . ': ' . char_get_class_name($char["class"]) . '</td> </tr> <tr> <td> </td> </tr>'; if ($name_credits > 0) { $cost_line = lang("xname", "credit_cost"); $cost_line = str_replace("%1", '<b>' . $name_credits . '</b>', $cost_line); $output .= ' <tr> <td colspan="2">' . $cost_line . '</td> </tr>'; if ($credits >= 0) { $credit_balance = lang("xname", "credit_balance"); $credit_balance = str_replace("%1", '<b>' . (double) $credits . '</b>', $credit_balance); $output .= ' <tr> <td colspan="2">' . $credit_balance . '</td> </tr>'; if ($credits < $name_credits) { $output .= ' <tr> <td colspan="2">' . lang("xname", "insufficient_credits") . '</td> </tr>'; } else { $output .= ' <tr> <td colspan="2"> </td> </tr> <tr> <td colspan="2">' . lang("xname", "delay_warning") . '</td> </tr>'; } } else { $output .= ' <tr> <td colspan="2">' . lang("global", "credits_unlimited") . '</td> </tr>'; } $output .= ' <tr> <td colspan="2"> </td> </tr>'; } $output .= ' <tr> <td colspan="2"><b>' . lang("xname", "entername") . ':</b></td> </tr> <tr> <td>' . lang("xname", "newname") . ':</td> <td><input type="text" name="new1" value="' . $new1 . '" maxlength="12" style="width: 110px;" /></td> </tr> <tr> <td>' . lang("xname", "confirmname") . ':</td> <td><input type="text" name="new2" value="' . $new1 . '" maxlength="12" style="width: 110px;" /></td> </tr>'; // if we have unlimited credits, then we fake our credit balance here $credits = $credits < 0 ? $name_credits : $credits; if ($name_credits <= 0 || $credits >= $name_credits) { $output .= ' <tr> <td colspan="2"> </td> </tr> <tr> <td colspan="2">'; makebutton(lang("xname", "save"), "javascript:do_submit()", 180); $output .= ' </td> <td> </td> </tr>'; } $output .= ' </table> </form> </div> <br />'; }
function main() { global $output, $realm_id, $world_db, $logon_db, $characters_db, $corem_db, $server, $action_permission, $user_lvl, $user_id, $site_encoding, $hide_coupons, $locales_search_option, $base_datasite, $item_datasite, $showcountryflag, $gm_online_count, $gm_online, $itemperpage, $hide_uptime, $player_online, $hide_max_players, $hide_avg_latency, $hide_plr_latency, $hide_server_mem, $sql, $core; // do any raffle drawings that are necessary do_raffles(); // check achievement contests do_contests(); $output .= ' <div class="top">'; //---------------------Information for Explorer Users-------------------------- if (preg_match("/MSIE/", $_SERVER["HTTP_USER_AGENT"])) { $msie = ' <br /> <span id="index_explorer_warning">' . lang("index", "explorer_warn") . '</span> <br />'; } else { $msie = ''; } //----------------------------------------------------------------------------- if (test_port($server[$realm_id]["addr"], $server[$realm_id]["game_port"])) { if ($core == 1) { $stats = get_uptime($server[$realm_id]["stats.xml"]); $staticUptime = ' <em>' . htmlentities(get_realm_name($realm_id), ENT_COMPAT, $site_encoding) . '</em> <br />' . $stats["platform"][4] . ' ' . $stats["platform"][5] . ' ' . $stats["platform"][6]; if (!$hide_uptime) { $staticUptime .= '<br />' . lang("index", "online") . ' for ' . $stats["uptime"]; } $output .= ' <div id="uptime">' . $msie . ' <h1> <span id="index_realm_info"> <span>' . $staticUptime . '</span>'; if (!$hide_max_players) { $output .= ' <br /> <span>' . lang("index", "maxplayers") . ': </span> <span class="index_realm_info_value">' . $stats["peak"] . '</span>'; } if (!$hide_avg_latency) { $output .= ' <br /> <span>' . lang("index", "avglat") . ': </span> <span class="index_realm_info_value">' . $stats["avglat"] . '</span>'; } $output .= ' <br />'; if ($hide_server_mem != 0) { if ($hide_server_mem == 2 || $user_lvl == $action_permission["delete"]) { $output .= ' <span>' . lang("index", "cpu") . ': </span> <span class="index_realm_info_value">' . $stats["cpu"] . '%, </span> <span>' . lang("index", "ram") . ': </span> <span class="index_realm_info_value">' . $stats["ram"] . ' MB, </span> <span>' . lang("index", "threads") . ': </span> <span class="index_realm_info_value">' . $stats["threads"] . '</span>'; } } $output .= ' </span> </h1> </div>'; } else { $stats = $sql["logon"]->fetch_assoc($sql["logon"]->query("SELECT starttime, maxplayers FROM uptime WHERE realmid='" . $realm_id . "' ORDER BY starttime DESC LIMIT 1"), 0); $uptimetime = time() - $stats["starttime"]; // a more reliable method of counting how many characters have been online since server start //$maxplayers_query = "SELECT COUNT(*) FROM `".$characters_db[$realm_id]["name"]."`.characters WHERE logout_time>='".$stats["starttime"]."' AND logout_time>=(SELECT UNIX_TIMESTAMP(last_login) FROM `".$logon_db["name"]."`.account WHERE id=`".$characters_db[$realm_id]["name"]."`.characters.account)"; //$maxplayers_result = $sql["char"]->query($maxplayers_query); //$maxplayers_result = $sql["char"]->fetch_assoc($maxplayers_result); //$stats["maxplayers"] = $maxplayers_result["COUNT(*)"]; function format_uptime($seconds) { $secs = intval($seconds % 60); $mins = intval($seconds / 60 % 60); $hours = intval($seconds / 3600 % 24); $days = intval($seconds / 86400); if ($days > 365) { $days = intval($seconds / 86400 % 365.24); $years = intval($seconds / 31556926); } $uptimeString = ''; if ($years) { // we have a server that has been up for over a year? O_o // actually, it's probably because the server didn't write a useful // value to the uptime table's starttime field. $uptimeString .= $years; $uptimeString .= $years == 1 ? ' ' . lang("index", "uptime_year") : ' ' . lang("index", "uptime_years"); if ($days) { $uptimeString .= ($years > 0 ? ', ' : '') . $days; $uptimeString .= $days == 1 ? ' ' . lang("index", "uptime_day") : ' ' . lang("index", "uptime_days"); } } else { if ($days) { $uptimeString .= $days; $uptimeString .= $days == 1 ? ' ' . lang("index", "uptime_day") : ' ' . lang("index", "uptime_days"); } } if ($hours) { $uptimeString .= ($days > 0 ? ', ' : '') . $hours; $uptimeString .= $hours == 1 ? ' ' . lang("index", "uptime_hour") : ' ' . lang("index", "uptime_hours"); } if ($mins) { $uptimeString .= ($days > 0 || $hours > 0 ? ', ' : '') . $mins; $uptimeString .= $mins == 1 ? ' ' . lang("index", "uptime_minute") : ' ' . lang("index", "uptime_minutes"); } if ($secs) { $uptimeString .= ($days > 0 || $hours > 0 || $mins > 0 ? ', ' : '') . $secs; $uptimeString .= $secs == 1 ? ' ' . lang("index", "uptime_second") : ' ' . lang("index", "uptime_seconds"); } return $uptimeString; } $staticUptime = ' <em>' . htmlentities(get_realm_name($realm_id), ENT_COMPAT, $site_encoding) . '</em> '; if (!$hide_uptime) { if ($stats["starttime"] != 0) { $staticUptime .= '<br /><span>' . lang("index", "online") . format_uptime($uptimetime) . '</span>'; } else { $staticUptime .= '<br /><span style="color:orange">' . lang("index", "time_error1") . ': <br>' . format_uptime($uptimetime) . '</span><br><span style="color:red">' . lang("index", "time_error2") . '</span>'; } } unset($uptimetime); $output .= ' <div id="uptime">' . $msie . ' <h1> <span id="index_realm_info">' . $staticUptime; if (!$hide_max_players) { $output .= ' <br /> <span>' . lang("index", "maxplayers") . ': </span> <span class="index_realm_info_value">' . $stats["maxplayers"] . '</span>'; } // this_is_junk: MaNGOS doesn't store player latency. :/ if ($core == 3) { if (!$hide_avg_latency) { $lat_query = "SELECT SUM(latency), COUNT(*) FROM characters WHERE online=1"; $lat_result = $sql["char"]->query($lat_query); $lat_fields = $sql["char"]->fetch_assoc($lat_result); $avglat = sprintf("%.3f", $lat_fields["SUM(latency)"] / $lat_fields["COUNT(*)"]); $output .= ' <br /> <span>' . lang("index", "avglat") . ': </span> <span class="index_realm_info_value">' . $avglat . '</span>'; } } $output .= ' </span> </h1> </div>'; unset($stats); $online = true; } unset($staticUptime); //unset($stats); $online = true; } else { $output .= $msie . '<h1><span class="error">' . lang("index", "realm") . ' <em>' . htmlentities(get_realm_name($realm_id), ENT_COMPAT, $site_encoding) . '</em> ' . lang("index", "offline_or_let_high") . '</span></h1>'; $online = false; } //close the div $output .= ' </div>'; // MOTDs // get our MotDs... $motd = ""; $motd_result = $sql["mgr"]->query("SELECT *, UNIX_TIMESTAMP(Created) AS Created, UNIX_TIMESTAMP(Last_Edited) AS Last_Edited FROM motd WHERE Enabled<>0 AND (Target='" . $user_id . "' OR Target=0) ORDER BY Priority ASC"); // if we don't get any MotDs, it'll stay empty if ($user_lvl >= $action_permission["update"]) { $output .= ' <script type="text/javascript"> // <![CDATA[ answerbox.btn_ok = "' . lang("global", "yes_low") . '"; answerbox.btn_cancel = "' . lang("global", "no") . '"; var del_motd = "motd.php?action=delete_motd&id="; // ]]> </script>'; } if ($sql["mgr"]->num_rows($motd_result) > 0) { $output .= ' <div class="div_lined"> <div class="div_lined_head"> <span>' . lang("index", "motd") . '</span> </div>'; } while ($temp = $sql["mgr"]->fetch_assoc($motd_result)) { if ($user_lvl >= $temp["Min_Sec_Level"]) { $motd = bb2html($temp["Message"]) . "<br /><br />"; if ($motd) { if ($temp["Target"] != 0) { $output .= ' <div class="div_lined_line left_text">' . lang("motd", "private") . '</div>'; } $output .= ' <div class="div_lined_line left_text">'; $output .= $motd; $output .= ' <br />'; // Get User Name for poster if ($core == 1) { $posted_name_query = "SELECT login FROM accounts WHERE acct='" . $temp["Created_By"] . "'"; } else { $posted_name_query = "SELECT username AS login FROM account WHERE id='" . $temp["Created_By"] . "'"; } $posted_name_result = $sql["logon"]->query($posted_name_query); $posted_name = $sql["logon"]->fetch_assoc($posted_name_result); $posted_name = $posted_name["login"]; // Get Screen Name for poster, if available $posted_screenname_query = "SELECT ScreenName FROM config_accounts WHERE Login='******'"; $posted_screenname_result = $sql["mgr"]->query($posted_screenname_query); $posted_screenname = $sql["mgr"]->fetch_assoc($posted_screenname_result); if ($posted_screenname["ScreenName"] != NULL) { $posted_name = htmlspecialchars($posted_screenname["ScreenName"]); } // if the Server Message is posted by the system, Created_By will be zero if ($temp["Created_By"] != 0) { $output .= ' <span>' . lang("motd", "posted_by") . ':</span>'; if ($user_lvl > -1) { $output .= ' <a href="user.php?action=edit_user&error=11&acct=' . $temp["Created_By"] . '">'; } $output .= ' <span>' . $posted_name . '</span>'; if ($user_lvl > -1) { $output .= ' </a>'; } $output .= ' <span>(' . date("M d, Y @ H:i:s", $temp["Created"]) . ')</span>'; } else { $output .= ' <span>' . lang("motd", "posted") . ': ' . date("M d, Y @ H:i:s", $temp["Created"]) . '</span>'; } // Get User Name for last editor if ($core == 1) { $edited_name_query = "SELECT login FROM accounts WHERE acct='" . $temp["Last_Edited_By"] . "'"; } else { $edited_name_query = "SELECT username AS login FROM account WHERE id='" . $temp["Last_Edited_By"] . "'"; } $edited_name_result = $sql["logon"]->query($edited_name_query); $edited_name = $sql["logon"]->fetch_assoc($edited_name_result); $edited_name = $edited_name["login"]; // Get Screen Name for last editor, if available $edited_screenname_query = "SELECT ScreenName FROM config_accounts WHERE Login='******'"; $edited_screenname_result = $sql["mgr"]->query($edited_screenname_query); $edited_screenname = $sql["mgr"]->fetch_assoc($edited_screenname_result); if ($edited_screenname["ScreenName"] != NULL) { $edited_name = htmlspecialchars($edited_screenname["ScreenName"]); } if ($temp["Last_Edited_By"] != 0) { $output .= ' <br /> <div> <span>' . lang("motd", "edited_by") . ':</span>'; if ($user_lvl > -1) { $output .= ' <a href="user.php?action=edit_user&error=11&acct=' . $temp["Last_Edited_By"] . '">'; } $output .= ' <span>' . $edited_name . '</span>'; if ($user_lvl > -1) { $output .= ' </a>'; } $output .= ' <span>(' . date("M d, Y @ H:i:s", $temp["Last_Edited"]) . ')</span> </div>'; } $output .= ' </div>'; if ($user_lvl >= $action_permission["update"]) { $output .= ' <div class="div_lined_line right_text"> <img src="img/aff_cross.png" width="16" height="16" onclick="answerBox(\'' . lang("global", "delete") . ': <font color=white>' . $temp["ID"] . '</font><br />' . lang("global", "are_you_sure") . '\', del_motd + ' . $temp["ID"] . ');" alt="" />'; } if ($user_lvl >= $action_permission["update"]) { $output .= ' <a href="motd.php?action=edit_motd&error=3&id=' . $temp["ID"] . '"> <img src="img/edit.png" width="16" height="16" alt="" /> </a> </div>'; } $output .= ' <br />'; } } } if ($sql["mgr"]->num_rows($motd_result)) { $output = substr($output, 0, strlen($output) - 24); } if ($sql["mgr"]->num_rows($motd_result) > 0) { $output .= ' </div>'; } if ($user_lvl >= $action_permission["insert"]) { $output .= ' <div class="div_lined"> <div class="div_lined_head right_text"> <a href="motd.php?action=add_motd&error=4">' . lang("index", "add_motd") . '</a> </div> </div>'; } // Coupons if (!$hide_coupons) { $coupon_query = "SELECT * FROM point_system_coupons WHERE ((target='0' AND contest='0') OR target='" . $user_id . "') AND enabled='1'"; $coupon_result = $sql["mgr"]->query($coupon_query); if ($sql["mgr"]->num_rows($coupon_result) > 0) { $output .= ' <br /> <div class="div_lined"> <div class="div_lined_head"> <span>' . lang("index", "avail_coupons") . '</span> </div>'; while ($coupon = $sql["mgr"]->fetch_assoc($coupon_result)) { $usage_query = "SELECT * FROM point_system_coupon_usage WHERE coupon='" . $coupon["entry"] . "' AND user='******'"; $usage_result = $sql["mgr"]->query($usage_query); if ($sql["mgr"]->num_rows($usage_result) < $coupon["usage_limit"] || $coupon["usage_limit"] == -1) { $output .= ' <div class="div_lined_line left_text"> <span>' . $coupon["title"] . '</span> </div>'; if ($coupon["text"] != "") { $output .= ' <div class="div_lined_line left_text"> <span>' . $coupon["text"] . '</span> </div>'; } if ($coupon["credits"] != 0 || $coupon["money"] != 0 || $coupon["item_id"] != 0 || $coupon["raffle_id"] != 0) { $output .= ' <div class="div_lined_line left_text"> <span>' . lang("index", "coupon_value") . ':</span>'; if ($coupon["credits"] > 0) { if ($coupon["credits"] > 1) { $tip = lang("index", "coupon_credits"); } else { $tip = lang("index", "coupon_credit"); } $output .= ' <br /> <br /> <span>' . $coupon["credits"] . '</span> <span>' . $tip . '</span>'; } if ($coupon["money"] > 0) { // extract gold/silver/copper from single gold number $coupon["money"] = str_pad($coupon["money"], 4, "0", STR_PAD_LEFT); $coupon_g = substr($coupon["money"], 0, -4); if ($coupon_g == "") { $coupon_g = 0; } $coupon_s = substr($coupon["money"], -4, 2); if ($coupon_s == "" || $coupon_s == "00") { $coupon_s = 0; } $coupon_c = substr($coupon["money"], -2); if ($coupon_c == "" || $coupon_c == "00") { $coupon_c = 0; } $output .= ' <br /> <br /> <span>' . $coupon_g . '</span> <img src="img/gold.gif" alt="gold" /> <span>' . $coupon_s . '</span> <img src="img/silver.gif" alt="gold" /> <span>' . $coupon_c . '</span> <img src="img/copper.gif" alt="gold" />'; } if ($coupon["item_id"] != 0) { if ($coupon["item_id"] > 0) { // get item data if ($core == 1) { $i_query = "SELECT \r\n *, description AS description1, name1 AS name, quality AS Quality, inventorytype AS InventoryType, \r\n socket_color_1 AS socketColor_1, socket_color_2 AS socketColor_2, socket_color_3 AS socketColor_3,\r\n requiredlevel AS RequiredLevel, allowableclass AS AllowableClass,\r\n sellprice AS SellPrice, itemlevel AS ItemLevel\r\n FROM items " . ($locales_search_option != 0 ? "LEFT JOIN items_localized ON (items_localized.entry=items.entry AND language_code='" . $locales_search_option . "') " : " ") . "WHERE items.entry='" . $coupon["item_id"] . "'"; } else { $i_query = "SELECT *, description AS description1 FROM item_template " . ($locales_search_option != 0 ? "LEFT JOIN locales_item ON locales_item.entry=item_template.entry " : " ") . "WHERE item_template.entry='" . $coupon["item_id"] . "'"; } $i_result = $sql["world"]->query($i_query); $i = $sql["world"]->fetch_assoc($i_result); $output .= ' <br /> <br /> <div class="coupon_item"> <div> <a href="' . $base_datasite . $item_datasite . $coupon["item_id"] . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . $coupon["entry"] . '\');" onmouseout="HideTooltip(\'_b' . $coupon["entry"] . '\');"> <img src="' . get_item_icon($coupon["item_id"]) . '" alt="" /> </a>'; if ($coupon["item_count"] > 1) { $output .= ' <div class="ch_inv_quantity_shadow">' . $coupon["item_count"] . '</div> <div class="ch_inv_quantity">' . $coupon["item_count"] . '</div>'; } $output .= ' </div>'; // build a tooltip object for this item $output .= ' <div class="item_tooltip_div" id="tooltip_b' . $coupon["entry"] . '" style="left: -129px; top: 42px;"> <div>' . get_item_tooltip($i, 0, 0, 0, 0, 0) . '</div> </div>'; $output .= ' </div>'; } else { $output .= ' <br /> <br /> <div class="coupon_item"> <div> <a href="point_system.php?action=view_bag&bag_id=' . $coupon["item_id"] * -1 . '" onmousemove="oldtoolTip(\'' . lang("points", "prize_bag") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()"> <img src="' . get_item_icon(1725) . '" alt="" /> </a> </div> </div>'; } } if ($coupon["raffle_id"] != 0) { // find out how many entries per user the raffle allows and whether the raffle is enabled if ($coupon["raffle_id"] != -1) { $query = "SELECT tickets_per_user, enabled FROM point_system_raffles WHERE entry='" . $coupon["raffle_id"] . "'"; $result = $sql["mgr"]->query($query); $result = $sql["mgr"]->fetch_assoc($result); $per_user = $result["tickets_per_user"]; $raffle_enabled = $result["enabled"]; // if tickets_per_user is -1 then its unlimited, fake it with a reasonably high number $per_user = 999999999; } else { // if it allows any raffle, then fake it $per_user = 999999999; $raffle_enabled = 1; } if ($raffle_enabled) { // find out how many time we've entered $query = "SELECT COUNT(*) FROM point_system_raffle_tickets WHERE raffle='" . $coupon["raffle_id"] . "' AND user='******'"; $result = $sql["mgr"]->query($query); $result = $sql["mgr"]->fetch_assoc($result); $tickets = $result["COUNT(*)"]; // if we haven't already purchased the maximum number of tickets // or the raffle allows purchase of tickets from any raffle if ($tickets < $per_user || $coupon["raffle_id"] == -1) { if ($coupon["redemption_option"] == 0) { $output .= ' <br /> <br /> <span>' . lang("index", "and_raffle") . '</span>'; } else { $output .= ' <br /> <br /> <span>' . lang("index", "or_raffle") . '</span>'; } } } } $output .= ' </div>'; } if ($coupon["credits"] < 0) { $message = lang("points", "coupon_cost_credits"); $message = str_replace("%1", $coupon["credits"] * -1, $message); $output .= ' <div class="div_lined_line right_text"> <span>' . $message . '</span> </div>'; } if ($coupon["money"] < 0) { $coupon["money"] = $coupon["money"] * -1; $coupon_money = $coupon["money"]; $coupon_money = str_pad($coupon_money, 4, "0", STR_PAD_LEFT); $cg = substr($coupon_money, 0, -4); if ($cg == "") { $cg = 0; } $cs = substr($coupon_money, -4, 2); if ($cs == "" || $cs == "00") { $cs = 0; } $cc = substr($coupon_money, -2); if ($cc == "" || $cc == "00") { $cc = 0; } $coupon_money_display = ' <span>' . $cg . '</span> <img src="img/gold.gif" alt="" align="middle" /> <span>' . $cs . '</span> <img src="img/silver.gif" alt="" align="middle" /> <span>' . $cc . '</span> <img src="img/copper.gif" alt="" align="middle" />'; $message = lang("points", "coupon_cost_money"); $message = str_replace("%1", $coupon_money_display, $message); $output .= ' <div class="div_lined_line right_text"> <span>' . $message . '</span> </div>'; } $output .= ' <div class="div_lined_line right_text"> <a href="point_system.php?action=redeem_coupon&coupon_id=' . $coupon["entry"] . '"> <img src="img/star.png" width="16" height="16" alt="" /> <span> ' . lang("index", "use_coupon") . '</span> </a> </div>'; $output .= ' <br />'; } } if ($sql["mgr"]->num_rows($coupon_result)) { $output = substr($output, 0, strlen($output) - 20); } $output .= ' </div>'; } } // GM Tickets $start_m = isset($_GET["start_m"]) ? $sql["char"]->quote_smart($_GET["start_m"]) : 0; if (!is_numeric($start_m)) { $start_m = 0; } if ($core == 1) { $all_record_m = $sql["char"]->result($sql["char"]->query("SELECT COUNT(*) FROM gm_tickets WHERE deleted=0"), 0); } elseif ($core == 2) { $all_record_m = $sql["char"]->result($sql["char"]->query("SELECT COUNT(*) FROM character_ticket"), 0); } else { $all_record_m = $sql["char"]->result($sql["char"]->query("SELECT COUNT(*) FROM gm_tickets WHERE closedBy=0"), 0); } // show gm tickets $output .= ' <br />'; if ($user_lvl >= $action_permission["insert"]) { if ($all_record_m) { $output .= ' <div class="div_lined"> <div class="div_lined_head"> <span>' . lang("index", "tickets") . '</span> </div>'; if ($core == 1) { $result = $sql["char"]->query("SELECT ticketid, level, message, name, deleted,\r\n timestamp, gm_tickets.playerGuid, acct\r\n FROM gm_tickets\r\n LEFT JOIN characters ON characters.guid=gm_tickets.playerGuid\r\n ORDER BY ticketid DESC LIMIT " . $start_m . ", 3"); } elseif ($core == 2) { $result = $sql["char"]->query("SELECT character_ticket.ticket_id AS ticketid, characters.level,\r\n ticket_text AS message, characters.name, UNIX_TIMESTAMP(ticket_lastchange) AS timestamp,\r\n character_ticket.guid AS playerGuid, account AS acct\r\n FROM character_ticket\r\n LEFT JOIN characters ON characters.guid=character_ticket.guid\r\n ORDER BY ticketid DESC LIMIT " . $start_m . ", 3"); } else { $result = $sql["char"]->query("SELECT gm_tickets.guid AS ticketid, characters.level, message,\r\n gm_tickets.name, closedBy AS deleted, lastModifiedTime AS timestamp, gm_tickets.guid AS playerGuid, account AS acct\r\n FROM gm_tickets\r\n LEFT JOIN characters ON characters.guid=gm_tickets.guid\r\n ORDER BY ticketid DESC LIMIT " . $start_m . ", 3"); } while ($post = $sql["char"]->fetch_assoc($result)) { if (!$post["deleted"]) { if ($core == 1) { $login_result = $sql["logon"]->query("SELECT * FROM accounts WHERE acct='" . $post["acct"] . "'"); } else { $login_result = $sql["logon"]->query("SELECT *, username AS login FROM account WHERE id='" . $post["acct"] . "'"); } $login = $sql["logon"]->fetch_assoc($login_result); $gm_result = $sql["mgr"]->query("SELECT SecurityLevel FROM config_accounts WHERE Login='******'"); $gm = $sql["mgr"]->fetch_assoc($gm_result); $gm = $gm["SecurityLevel"]; if ($user_lvl > 0 && ($user_lvl >= gmlevel($gm) || $user_lvl == $action_permission["delete"])) { $output .= ' <div class="div_lined_line left_text"> <a href="char.php?id=' . $post["playerGuid"] . '"> <span onmousemove="oldtoolTip(\'' . htmlspecialchars($login["username"]) . ' (' . id_get_gm_level($gm) . ')' . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . htmlentities($post["name"], ENT_COMPAT, $site_encoding) . '</span> </a> </div> <div class="div_lined_line left_text"> <span>' . htmlspecialchars($post["message"]) . '</span> </div> <div class="div_lined_line right_text">'; } $output .= ' <span>' . lang("index", "submitted") . ": " . date('G:i:s m-d-Y', $post["timestamp"]) . '</span>'; $output .= ' </div> <div class="div_lined_line right_text">'; if ($user_lvl >= $action_permission["update"]) { $output .= ' <a href="ticket.php?action=edit_ticket&error=4&id=' . $post["ticketid"] . '"> <img src="img/edit.png" width="16" height="16" alt="" /> </a>'; } $output .= ' </div> <br />'; } } $output .= ' </div>'; } } // Character Changes // count pending character changes $char_change_count = $sql["mgr"]->result($sql["mgr"]->query("SELECT COUNT(*) FROM char_changes"), 0); // show pending character changes $output .= ' <br />'; if ($user_lvl >= $action_permission["update"]) { if ($char_change_count) { $output .= ' <div class="div_lined"> <div class="div_lined_head"> <span>' . lang("index", "pendingchanges") . '</span> </div>'; $result = $sql["mgr"]->query("SELECT * FROM char_changes"); while ($change = $sql["mgr"]->fetch_assoc($result)) { if ($core == 1) { $change_char_query = "SELECT * FROM characters WHERE guid='" . $change["guid"] . "'"; } else { $change_char_query = "SELECT *, account AS acct FROM characters WHERE guid='" . $change["guid"] . "'"; } $change_char = $sql["char"]->fetch_assoc($sql["char"]->query($change_char_query)); if ($core == 1) { $change_acct_query = "SELECT * FROM accounts WHERE acct='" . $change_char["acct"] . "'"; } else { $change_acct_query = "SELECT *, username AS login FROM account WHERE id='" . $change_char["acct"] . "'"; } $change_acct = $sql["logon"]->fetch_assoc($sql["logon"]->query($change_acct_query)); if (isset($change["new_name"])) { // Localization $namechange = lang("xname", "playerhasreq"); $namechange = str_replace("%1", htmlspecialchars($change_acct["login"]), $namechange); $namechange = str_replace("%2", htmlspecialchars($change_char["name"]), $namechange); $namechange = str_replace("%3", htmlspecialchars($change["new_name"]), $namechange); $output .= ' <div class="div_lined_line left_text large"> <span>' . $namechange . '</span>'; } if (isset($change["new_race"])) { // Localization $racechange = lang("xrace", "playerhasreq"); $racechange = str_replace("%1", htmlspecialchars($change_acct["login"]), $racechange); $racechange = str_replace("%2", htmlspecialchars($change_char["name"]), $racechange); $racechange = str_replace("%3", char_get_race_name($change["new_race"]), $racechange); $output .= ' <div class="div_lined_line left_text large"> <span>' . $racechange . '</span>'; } if (isset($change["new_acct"])) { if ($core == 1) { $new_acct_query = "SELECT login FROM accounts WHERE acct='" . $change["new_acct"] . "'"; } else { $new_acct_query = "SELECT username AS login FROM account WHERE id='" . $change["new_acct"] . "'"; } $new_acct_result = $sql["logon"]->query($new_acct_query); $new_acct_result = $sql["logon"]->fetch_assoc($new_acct_result); $new_acct_name = $new_acct_result["login"]; // Localization $acctchange = lang("xacct", "playerhasreq"); $acctchange = str_replace("%1", htmlspecialchars($change_acct["login"]), $acctchange); $acctchange = str_replace("%2", htmlspecialchars($change_char["name"]), $acctchange); $acctchange = str_replace("%3", $new_acct_name, $acctchange); $output .= ' <div class="div_lined_line left_text large"> <span>' . $acctchange . '</span>'; } if ($change_char["online"]) { $output .= ' <br /> <br /> <img src="img/aff_warn.gif" alt="warn" /> <span class="error">' . lang("xname", "online") . '</span>'; } $output .= ' </div>'; if (isset($change["new_name"])) { $file = "change_char_name.php"; } elseif (isset($change["new_race"])) { $file = "change_char_race.php"; } else { $file = "change_char_account.php"; } $output .= ' <div class="div_lined_line right_text"> <a href="' . $file . '?action=denied&guid=' . $change["guid"] . '"> <img src="img/cross.png" width="12" height="12" alt="" /> </a>'; if (!$change_char["online"]) { $output .= ' <a href="' . $file . '?action=approve&guid=' . $change["guid"] . '"> <img src="img/aff_tick.png" width="14" height="14" alt="" /> </a>'; } $output .= ' </div> <br />'; } $output .= ' </div>'; } } //print online chars if ($online && $user_lvl >= $player_online) { //==========================$_GET and SECURE================================= $start = isset($_GET["start"]) ? $sql["char"]->quote_smart($_GET["start"]) : 0; if (!is_numeric($start)) { $start = 0; } $order_by = isset($_GET["order_by"]) ? $sql["char"]->quote_smart($_GET["order_by"]) : "name"; if (!preg_match("/^[_[:lower:]]{1,12}\$/", $order_by)) { $order_by = "name"; } $dir = isset($_GET["dir"]) ? $sql["char"]->quote_smart($_GET["dir"]) : 1; if (!preg_match("/^[01]{1}\$/", $dir)) { $dir = 1; } $order_dir = $dir ? "ASC" : "DESC"; $dir = $dir ? 0 : 1; //==========================$_GET and SECURE end============================= if ($order_by === "mapid") { $order_by = "mapid, zoneid "; $order_hold = "mapid"; } elseif ($order_by === "zoneid") { $order_by = "zoneid, mapid "; $order_hold = "zoneid"; } else { $order_hold = $order_by; } $order_side = ""; if (!($user_lvl || $server[$realm_id]["both_factions"])) { if ($core == 1) { $result = $sql["char"]->query("SELECT race FROM characters WHERE acct=" . $user_id . "\r\n AND SUBSTRING_INDEX(SUBSTRING_INDEX(playedtime, ' ', 2), ' ', -1)=(SELECT MAX(SUBSTRING_INDEX(SUBSTRING_INDEX(playedtime, ' ', 2), ' ', -1)) FROM characters WHERE acct=" . $user_id . ") LIMIT 1"); } else { $result = $sql["char"]->query("SELECT race FROM characters WHERE account=" . $user_id . "\r\n AND totaltime=(SELECT MAX(totaltime) FROM characters WHERE account=" . $user_id . ") LIMIT 1"); } if ($sql["char"]->num_rows($result)) { $order_side = in_array($sql["char"]->result($result, 0), array(2, 5, 6, 8, 10)) ? " AND race IN (2, 5, 6, 8, 10) " : " AND race IN (1, 3, 4, 7, 11) "; } } if ($core == 1) { $result = $sql["char"]->query("SELECT guid, name, race, class, zoneid, mapid, level, characters.acct, gender,\r\n CAST( SUBSTRING_INDEX( SUBSTRING_INDEX( data, ';', " . (PLAYER_FIELD_HONOR_CURRENCY + 1) . " ), ';', -1 ) AS UNSIGNED ) AS highest_rank, lastip\r\n FROM characters\r\n LEFT JOIN `" . $logon_db["name"] . "`.accounts ON characters.acct=`" . $logon_db["name"] . "`.accounts.acct\r\n WHERE characters.online=1 " . $order_side . " ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage); } elseif ($core == 2) { $result = $sql["char"]->query("SELECT guid, name, race, class, zone AS zoneid, map AS mapid, level, account AS acct, gender,\r\n totalHonorPoints AS highest_rank, last_ip AS lastip\r\n FROM characters\r\n LEFT JOIN `" . $logon_db["name"] . "`.account ON characters.account=`" . $logon_db["name"] . "`.account.id\r\n WHERE characters.online=1 " . $order_side . " ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage); } else { $result = $sql["char"]->query("SELECT characters.guid, characters.name, race, class, zone AS zoneid, map AS mapid, level, account AS acct, gender,\r\n totalHonorPoints AS highest_rank, latency, last_ip AS lastip, guild.name AS gname\r\n FROM characters\r\n LEFT JOIN `" . $logon_db["name"] . "`.account ON characters.account=`" . $logon_db["name"] . "`.account.id\r\n LEFT JOIN guild_member ON characters.guid=guild_member.guid\r\n LEFT JOIN guild ON guild_member.guildid=guild.guildid\r\n WHERE characters.online=1 " . $order_side . " ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage); } $total_online = $sql["char"]->result($sql["char"]->query("SELECT count(*) FROM characters WHERE online= 1"), 0); $output .= ' <div class="div_lined center_text"> <span class="bold">' . lang("index", "tot_users_online") . ': ' . $total_online . '</span> </div>'; if ($total_online) { $output .= ' <table class="lined"> <tr> <td colspan="' . (9 - $showcountryflag) . '" align="right" class="hidden" style="width: 25%;">'; $output .= generate_pagination("index.php?start_m=" . $start_m . "&order_by=" . $order_hold . "&dir=" . ($dir ? 0 : 1), $total_online, $itemperpage, $start); $output .= ' </td> </tr> <tr> <th style="width: 15%;"> <a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=name&dir=' . $dir . '"' . ($order_by === "name" ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "name") . '</a> </th> <th style="width: 1%;"> <a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=race&dir=' . $dir . '"' . ($order_by === "race" ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "race") . '</a> </th> <th style="width: 1%;"> <a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=class&dir=' . $dir . '"' . ($order_by === "class" ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "class") . '</a> </th> <th style="width: 5%;"> <a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=level&dir=' . $dir . '"' . ($order_by === "level" ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "level") . '</a> </th> <th style="width: 1%;"> <a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=highest_rank&dir=' . $dir . '"' . ($order_by === "highest_rank" ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "rank") . '</a> </th> <th style="width: 15%;"> <a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=gname&dir=' . $dir . '"' . ($order_by === "gname" ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "guild") . '</a> </th> <th style="width: 20%;"> <a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=mapid&dir=' . $dir . '"' . ($order_by === "mapid, zoneid " ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "map") . '</a> </th> <th style="width: 25%;"> <a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=zoneid&dir=' . $dir . '"' . ($order_by === "zoneid, mapid " ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "zone") . '</a> </th>'; if ($core == 1) { $output .= ' <th style="width: 25%;"> <span>' . lang("index", "area") . '</span> </th>'; } // this_is_junk: MaNGOS doesn't store player latency if ($core != 2) { if (!$hide_plr_latency) { // this_is_junk: Trinity is the only core which can sort by Player Latency if ($core == 3) { $output .= ' <th style="width: 1%;"> <a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=latency&dir=' . $dir . '"' . ($order_by === "latency" ? ' class="' . $order_dir . '"' : '') . '> <img src="img/time.png" onmousemove="oldtoolTip(\'' . lang("index", "latency") . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt=""' . ($order_by === "latency" ? '' : ' style="position: relative; top: 7px;"') . ' /> </a> </th>'; } else { $output .= ' <th style="width: 1%;"> <img src="img/time.png" onmousemove="oldtoolTip(\'' . lang("index", "latency") . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" style="position: relative; top: 7px;" /> </th>'; } } } if ($showcountryflag) { require_once "libs/misc_lib.php"; $output .= ' <th style="width: 1%;"> <a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=lastip&dir=' . $dir . '"' . ($order_by === "lastip" ? ' class="' . $order_dir . '"' : '') . '> <img src="img/world.png" onmousemove="oldtoolTip(\'' . lang("global", "country") . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt=""' . ($order_by === "lastip" ? '' : ' style="position: relative; top: 7px;"') . ' /> </a> </th>'; } $output .= ' </tr>'; } while ($char = $sql["char"]->fetch_assoc($result)) { if ($core == 1) { $ca_query = "SELECT accounts.login AS name FROM `" . $logon_db["name"] . "`.accounts LEFT JOIN `" . $corem_db["name"] . "`.config_accounts ON accounts.login=`" . $corem_db["name"] . "`.config_accounts.Login COLLATE utf8_unicode_ci WHERE acct='" . $char["acct"] . "'"; } else { $ca_query = "SELECT *, username AS name FROM `" . $logon_db["name"] . "`.account LEFT JOIN `" . $corem_db["name"] . "`.config_accounts ON account.username=`" . $corem_db["name"] . "`.config_accounts.Login WHERE id='" . $char["acct"] . "'"; } $ca_result = $sql["mgr"]->query($ca_query); $char_acct = $sql["mgr"]->fetch_assoc($ca_result); $gm = $char_acct["SecurityLevel"]; if (!isset($gm)) { $gm = 0; } if ($core == 1) { $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_data WHERE playerid='" . $char["guid"] . "'"), 0); } else { $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_member WHERE guid='" . $char["guid"] . "'"), 0); } if ($core == 1) { $guild_name_query = "SELECT guildName FROM guilds WHERE guildid='" . $guild_id . "'"; } else { $guild_name_query = "SELECT name AS guildName FROM guild WHERE guildid='" . $guild_id . "'"; } $guild_name_result = $sql["char"]->query($guild_name_query); $guild_name = $sql["char"]->fetch_assoc($guild_name_result); $guild_name = $guild_name["guildName"]; $output .= ' <tr> <td>'; if ($user_lvl > 0 && ($user_lvl >= gmlevel($gm) || $user_lvl == $action_permission["delete"])) { $output .= ' <a href="char.php?id=' . $char["guid"] . '"> <span onmousemove="oldtoolTip(\'' . htmlspecialchars($char_acct["name"]) . ' (' . id_get_gm_level($gm) . ')' . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . '</span> </a>'; } else { $output .= ' <span>' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . '</span>'; } $output .= ' </td> <td> <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td>' . char_get_level_color($char["level"]) . '</td> <td> <span onmouseover="oldtoolTip(\'' . char_get_pvp_rank_name($char["highest_rank"], char_get_side_id($char["race"])) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" id="index_delete_cursor"><img src="img/ranks/rank' . char_get_pvp_rank_id($char["highest_rank"], char_get_side_id($char["race"])) . '.gif" alt="" /></span> </td> <td> <a href="guild.php?action=view_guild&error=3&id=' . $guild_id . '">' . htmlentities($guild_name, ENT_COMPAT, $site_encoding) . '</a> </td> <td> <span onmousemove="oldtoolTip(\'MapID:' . $char["mapid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_map_name($char["mapid"]) . '</span> </td> <td> <span onmousemove="oldtoolTip(\'ZoneID:' . $char["zoneid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_zone_name($char["zoneid"]) . '</span> </td>'; // display player area, if available if ($core == 1) { for ($i = 0; $i < count($stats["plrs_area"]); $i++) { if ($stats["plrs_area"][$i][0] == $char["name"]) { $output .= ' <td> <span onmousemove="toolTip(\'AreaID:' . $stats["plrs_area"][$i][1] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_zone_name($stats["plrs_area"][$i][1]) . '</span> </td>'; } if (!isset($stats["plrs_lat"][$i][1])) { $output .= ' <td>-</td>'; } } } // display player latency, if enabled, and if available if (!$hide_plr_latency) { if ($core == 1) { for ($i = 0; $i < count($stats["plrs_lat"]); $i++) { if ($stats["plrs_lat"][$i][0] == $char["name"]) { $output .= ' <td>' . $stats["plrs_lat"][$i][1] . '</td>'; } if (!isset($stats["plrs_lat"][$i][1])) { $output .= ' <td>-</td>'; } } } else { // this_is_junk: MaNGOS doesn't store player latency if ($core == 3) { $output .= ' <td>' . $char["latency"] . '</td>'; } } } if ($showcountryflag) { $country = misc_get_country_by_ip($char["lastip"]); $output .= ' <td>' . ($country["code"] ? '<img src="img/flags/' . $country["code"] . '.png" onmousemove="oldtoolTip(\'' . $country["country"] . ($user_lvl >= $action_permission["update"] ? '<br />' . $country["actualip"] : '') . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />' : '-') . '</td>'; } $output .= ' </tr>'; } if ($total_online) { $output .= ' <tr>'; $output .= ' <td colspan="' . (9 - $showcountryflag) . '" align="right" class="hidden" style="width: 25%;">'; $output .= generate_pagination("index.php?start_m=" . $start_m . "&order_by=" . $order_by . "&dir=" . ($dir ? 0 : 1), $total_online, $itemperpage, $start); $output .= ' </td> </tr> </table>'; } $output .= ' <br />'; unset($total_online); } }