Esempio n. 1
0
function chooseacct()
{
    global $output, $action_permission, $characters_db, $corem_db, $realm_id, $user_name, $transfer_credits, $user_id, $user_lvl, $sql, $core;
    valid_login($action_permission["view"]);
    $guid = $sql["char"]->quote_smart($_GET["char"]);
    $new = '';
    if (isset($_GET["new"])) {
        $new = $sql["char"]->quote_smart($_GET["new"]);
    }
    // if we came here from char_list.php (and have permission)
    // then we need to skip the approval process
    if ($_GET["priority"] == 1 && $user_lvl >= $action_permission["update"]) {
        $priority = 1;
    }
    if ($core == 1) {
        $accts_query = "SELECT acct, accounts.login, IFNULL(`" . $corem_db["name"] . "`.config_accounts.ScreenName, '') AS ScreenName\r\n    FROM accounts\r\n      LEFT JOIN `" . $corem_db["name"] . "`.config_accounts ON config_accounts.Login=accounts.login COLLATE utf8_general_ci\r\n    WHERE acct<>(SELECT acct FROM `" . $characters_db[$realm_id]['name'] . "`.characters WHERE guid='" . $guid . "') ORDER BY ScreenName ASC";
    } else {
        $accts_query = "SELECT id AS acct, username AS login, IFNULL(`" . $corem_db["name"] . "`.config_accounts.ScreenName, '') AS ScreenName\r\n    FROM account\r\n      LEFT JOIN `" . $corem_db["name"] . "`.config_accounts ON config_accounts.Login=account.username\r\n    WHERE id<>(SELECT account FROM `" . $characters_db[$realm_id]['name'] . "`.characters WHERE guid='" . $guid . "') ORDER BY ScreenName ASC";
    }
    $accts = $sql["logon"]->query($accts_query);
    $query = "SELECT * FROM characters WHERE guid='" . $guid . "'";
    $char = $sql["char"]->fetch_assoc($sql["char"]->query($query));
    // credits
    if ($transfer_credits >= 0) {
        // get our credit balance
        $cr_query = "SELECT Credits FROM config_accounts WHERE Login='******'";
        $cr_result = $sql["mgr"]->query($cr_query);
        $cr_result = $sql["mgr"]->fetch_assoc($cr_result);
        $credits = $cr_result["Credits"];
    }
    $output .= '
          <div id="xname_fieldset" class="fieldset_border center">
            <span class="legend">' . lang("xacct", "chooseacct") . '</span>
            <form method="get" action="change_char_account.php" id="form">
              <div>
                <input type="hidden" name="action" value="' . ($priority != 1 ? 'getapproval' : 'direct') . '" />
                <input type="hidden" name="guid" value="' . $char["guid"] . '" />
              </div>
              <table id="xname_char_table" class="center">
                <tr>
                  <td rowspan="4" style="width: 170px;">
                    <div style="width: 64px; margin-left: auto; margin-right: auto;">
                      <img src="' . char_get_avatar_img($char["level"], $char["gender"], $char["race"], $char["class"]) . '" alt="" />
                    </div>
                  </td>
                  <td>
                    <span class="xname_char_name">' . $char["name"] . '</span>
                  </td>
                </tr>
                <tr>
                  <td>' . lang("xacct", "level") . ': ' . $char["level"] . '</td>
                </tr>
                <tr>
                  <td>' . lang("xacct", "race") . ': ' . char_get_race_name($char["race"]) . '</td>
                </tr>
                <tr>
                  <td>' . lang("xacct", "class") . ': ' . char_get_class_name($char["class"]) . '</td>
                </tr>
                <tr>
                  <td>&nbsp;</td>
                </tr>';
    if ($transfer_credits > 0) {
        $cost_line = lang("xacct", "credit_cost");
        $cost_line = str_replace("%1", '<b>' . $transfer_credits . '</b>', $cost_line);
        $output .= '
                <tr>
                  <td colspan="2">' . $cost_line . '</td>
                </tr>';
        if ($credits >= 0) {
            $credit_balance = lang("xacct", "credit_balance");
            $credit_balance = str_replace("%1", '<b>' . (double) $credits . '</b>', $credit_balance);
            $output .= '
                <tr>
                  <td colspan="2">' . $credit_balance . '</td>
                </tr>';
            if ($credits < $transfer_credits) {
                $output .= '
                <tr>
                  <td colspan="2">' . lang("xacct", "insufficient_credits") . '</td>
                </tr>';
            } else {
                $output .= '
                <tr>
                  <td colspan="2">&nbsp;</td>
                </tr>
                <tr>
                  <td colspan="2">' . lang("xacct", "delay_warning") . '</td>
                </tr>';
            }
        } else {
            $output .= '
                <tr>
                  <td colspan="2">' . lang("global", "credits_unlimited") . '</td>
                </tr>';
        }
        $output .= '
                <tr>
                  <td colspan="2">&nbsp;</td>
                </tr>';
    }
    $output .= '
                <tr>
                  <td colspan="2"><b>' . lang("xacct", "enteracct") . ':</b></td>
                </tr>
                <tr>
                  <td>' . lang("xacct", "newacct") . ':</td>
                  <td>
                    <select name="new">';
    while ($row = $sql["logon"]->fetch_assoc($accts)) {
        $output .= '
                      <option value="' . $row["acct"] . '">';
        // GM's see account name
        // Players see Screen Name if available
        if ($user_lvl < 4) {
            if ($row["ScreenName"] == '') {
                $output .= $row["login"];
            } else {
                $output .= $row["ScreenName"];
            }
        } else {
            $output .= $row["login"];
        }
        $output .= '
                      </option>';
    }
    $output .= '
                    </select>
                  </td>
                </tr>
                <tr>
                  <td>' . lang("xacct", "newacct1") . ':</td>
                  <td>
                    <input type="text" name="new1" value="" style="width: 110px;" />
                  </td>
                </tr>';
    // if we have unlimited credits, then we fake our credit balance here
    $credits = $credits < 0 ? $transfer_credits : $credits;
    if ($transfer_credits <= 0 || $credits >= $transfer_credits) {
        $output .= '
                <tr>
                  <td colspan="2">&nbsp;</td>
                </tr>
                <tr>
                  <td colspan="2">';
        makebutton(lang("xacct", "save"), "javascript:do_submit()", 180);
        $output .= '
                  </td>
                  <td>&nbsp;</td>
                </tr>';
    }
    $output .= '
              </table>
            </form>
          </div>
          <br />';
}
Esempio n. 2
0
function char_main(&$sqlr, &$sqlc)
{
    global $output, $lang_global, $lang_char, $lang_item, $realm_id, $realm_db, $characters_db, $world_db, $server, $mmfpm_db, $action_permission, $user_lvl, $user_name, $user_id, $item_datasite, $spell_datasite, $showcountryflag;
    // this page uses wowhead tooltops
    wowhead_tt();
    // we need at least an id or we would have nothing to show
    if (empty($_GET['id'])) {
        error($lang_global['empty_fields']);
    }
    // this is multi realm support, as of writing still under development
    //  this page is already implementing it
    if (empty($_GET['realm'])) {
        $realmid = $realm_id;
    } else {
        $realmid = $sqlr->quote_smart($_GET['realm']);
        if (is_numeric($realmid)) {
            $sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']);
        } else {
            $realmid = $realm_id;
        }
    }
    $id = $sqlc->quote_smart($_GET['id']);
    if (is_numeric($id)) {
    } else {
        error($lang_global['empty_fields']);
    }
    $result = $sqlc->query('SELECT account, race FROM characters WHERE guid = ' . $id . ' LIMIT 1');
    if ($sqlc->num_rows($result)) {
        //resrict by owner's gmlvl
        $owner_acc_id = $sqlc->result($result, 0, 'account');
        $query = $sqlr->query('SELECT gmlevel, username FROM account WHERE id = ' . $owner_acc_id . '');
        $owner_gmlvl = $sqlr->result($query, 0, 'gmlevel');
        $owner_name = $sqlr->result($query, 0, 'username');
        if ($user_lvl || $server[$realmid]['both_factions']) {
            $side_v = 0;
            $side_p = 0;
        } else {
            $side_p = in_array($sqlc->result($result, 0, 'race'), array(2, 5, 6, 8, 10)) ? 1 : 2;
            $result_1 = $sqlc->query('SELECT race FROM characters WHERE account = ' . $user_id . ' LIMIT 1');
            if ($sqlc->num_rows($result)) {
                $side_v = in_array($sqlc->result($result_1, 0, 'race'), array(2, 5, 6, 8, 10)) ? 1 : 2;
            } else {
                $side_v = 0;
            }
            unset($result_1);
        }
        if ($user_lvl >= $owner_gmlvl && ($side_v === $side_p || !$side_v)) {
            $result = $sqlc->query('SELECT account, data, name, race, class, gender, level, zone, map, online, totaltime, 
									arenaPoints, totalHonorPoints, totalKills, 
									health, 
									power1, power2, power3, power4, power5, power6, power7
								FROM characters 
								WHERE guid = ' . $id . '');
            $char = $sqlc->fetch_assoc($result);
            $char_data = explode(' ', $char['data']);
            $online = $char['online'] ? $lang_char['online'] : $lang_char['offline'];
            if ($char_data[CHAR_DATA_OFFSET_GUILD_ID]) {
                $guild_name = $sqlc->result($sqlc->query('SELECT name FROM guild WHERE guildid =' . $char_data[CHAR_DATA_OFFSET_GUILD_ID] . ''), 0, 'name');
                $guild_name = '<a href="guild.php?action=view_guild&amp;realm=' . $realmid . '&amp;error=3&amp;id=' . $char_data[CHAR_DATA_OFFSET_GUILD_ID] . '" >' . $guild_name . '</a>';
                $mrank = $char_data[CHAR_DATA_OFFSET_GUILD_RANK] + 1;
                $guild_rank = $sqlc->result($sqlc->query('SELECT rname FROM guild_rank WHERE guildid =' . $char_data[CHAR_DATA_OFFSET_GUILD_ID] . ' AND rid=' . $mrank . ''), 0, 'rname');
            } else {
                $guild_name = $lang_global['none'];
                $guild_rank = $lang_global['none'];
            }
            $block = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_BLOCK]));
            $block = round($block[1], 2);
            $dodge = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_DODGE]));
            $dodge = round($dodge[1], 2);
            $parry = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_PARRY]));
            $parry = round($parry[1], 2);
            $crit = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MELEE_CRIT]));
            $crit = round($crit[1], 2);
            $ranged_crit = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_RANGE_CRIT]));
            $ranged_crit = round($ranged_crit[1], 2);
            $maxdamage = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MAXDAMAGE]));
            $maxdamage = round($maxdamage[1], 0);
            $mindamage = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MINDAMAGE]));
            $mindamage = round($mindamage[1], 0);
            $maxrangeddamage = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MAXRANGEDDAMAGE]));
            $maxrangeddamage = round($maxrangeddamage[1], 0);
            $minrangeddamage = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MINRANGEDDAMAGE]));
            $minrangeddamage = round($minrangeddamage[1], 0);
            $spell_crit = 100;
            for ($i = 0; $i < 6; ++$i) {
                $temp = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_SPELL_CRIT + 1 + $i]));
                if ($temp[1] < $spell_crit) {
                    $spell_crit = $temp[1];
                }
            }
            $spell_crit = round($spell_crit, 2);
            $spell_damage = 9999;
            for ($i = 0; $i < 6; ++$i) {
                if ($char_data[CHAR_DATA_OFFSET_SPELL_DAMAGE + 1 + $i] < $spell_damage) {
                    $spell_damage = $char_data[CHAR_DATA_OFFSET_SPELL_DAMAGE + 1 + $i];
                }
            }
            $rage = round($char['power2'] / 10);
            $expertise = '' . $char_data[CHAR_DATA_OFFSET_EXPERTISE] . ' / ' . $char_data[CHAR_DATA_OFFSET_OFFHAND_EXPERTISE] . '';
            $EQU_HEAD = $char_data[CHAR_DATA_OFFSET_EQU_HEAD];
            $EQU_NECK = $char_data[CHAR_DATA_OFFSET_EQU_NECK];
            $EQU_SHOULDER = $char_data[CHAR_DATA_OFFSET_EQU_SHOULDER];
            $EQU_SHIRT = $char_data[CHAR_DATA_OFFSET_EQU_SHIRT];
            $EQU_CHEST = $char_data[CHAR_DATA_OFFSET_EQU_CHEST];
            $EQU_BELT = $char_data[CHAR_DATA_OFFSET_EQU_BELT];
            $EQU_LEGS = $char_data[CHAR_DATA_OFFSET_EQU_LEGS];
            $EQU_FEET = $char_data[CHAR_DATA_OFFSET_EQU_FEET];
            $EQU_WRIST = $char_data[CHAR_DATA_OFFSET_EQU_WRIST];
            $EQU_GLOVES = $char_data[CHAR_DATA_OFFSET_EQU_GLOVES];
            $EQU_FINGER1 = $char_data[CHAR_DATA_OFFSET_EQU_FINGER1];
            $EQU_FINGER2 = $char_data[CHAR_DATA_OFFSET_EQU_FINGER2];
            $EQU_TRINKET1 = $char_data[CHAR_DATA_OFFSET_EQU_TRINKET1];
            $EQU_TRINKET2 = $char_data[CHAR_DATA_OFFSET_EQU_TRINKET2];
            $EQU_BACK = $char_data[CHAR_DATA_OFFSET_EQU_BACK];
            $EQU_MAIN_HAND = $char_data[CHAR_DATA_OFFSET_EQU_MAIN_HAND];
            $EQU_OFF_HAND = $char_data[CHAR_DATA_OFFSET_EQU_OFF_HAND];
            $EQU_RANGED = $char_data[CHAR_DATA_OFFSET_EQU_RANGED];
            $EQU_TABARD = $char_data[CHAR_DATA_OFFSET_EQU_TABARD];
            /*
            // reserved incase we want to use back minimanagers' built in tooltip, instead of wowheads'
            // minimanagers' item tooltip needs updating, but it can show enchantments and sockets.
            
                  $equiped_items = array
                  (
                     1 => array(($EQU_HEAD      ? get_item_tooltip($EQU_HEAD)      : 0),($EQU_HEAD      ? get_item_icon($EQU_HEAD)      : 0),($EQU_HEAD      ? get_item_border($EQU_HEAD)      : 0)),
                     2 => array(($EQU_NECK      ? get_item_tooltip($EQU_NECK)      : 0),($EQU_NECK      ? get_item_icon($EQU_NECK)      : 0),($EQU_NECK      ? get_item_border($EQU_NECK)      : 0)),
                     3 => array(($EQU_SHOULDER  ? get_item_tooltip($EQU_SHOULDER)  : 0),($EQU_SHOULDER  ? get_item_icon($EQU_SHOULDER)  : 0),($EQU_SHOULDER  ? get_item_border($EQU_SHOULDER)  : 0)),
                     4 => array(($EQU_SHIRT     ? get_item_tooltip($EQU_SHIRT)     : 0),($EQU_SHIRT     ? get_item_icon($EQU_SHIRT)     : 0),($EQU_SHIRT     ? get_item_border($EQU_SHIRT)     : 0)),
                     5 => array(($EQU_CHEST     ? get_item_tooltip($EQU_CHEST)     : 0),($EQU_CHEST     ? get_item_icon($EQU_CHEST)     : 0),($EQU_CHEST     ? get_item_border($EQU_CHEST)     : 0)),
                     6 => array(($EQU_BELT      ? get_item_tooltip($EQU_BELT)      : 0),($EQU_BELT      ? get_item_icon($EQU_BELT)      : 0),($EQU_BELT      ? get_item_border($EQU_BELT)      : 0)),
                     7 => array(($EQU_LEGS      ? get_item_tooltip($EQU_LEGS)      : 0),($EQU_LEGS      ? get_item_icon($EQU_LEGS)      : 0),($EQU_LEGS      ? get_item_border($EQU_LEGS)      : 0)),
                     8 => array(($EQU_FEET      ? get_item_tooltip($EQU_FEET)      : 0),($EQU_FEET      ? get_item_icon($EQU_FEET)      : 0),($EQU_FEET      ? get_item_border($EQU_FEET)      : 0)),
                     9 => array(($EQU_WRIST     ? get_item_tooltip($EQU_WRIST)     : 0),($EQU_WRIST     ? get_item_icon($EQU_WRIST)     : 0),($EQU_WRIST     ? get_item_border($EQU_WRIST)     : 0)),
                    10 => array(($EQU_GLOVES    ? get_item_tooltip($EQU_GLOVES)    : 0),($EQU_GLOVES    ? get_item_icon($EQU_GLOVES)    : 0),($EQU_GLOVES    ? get_item_border($EQU_GLOVES)    : 0)),
                    11 => array(($EQU_FINGER1   ? get_item_tooltip($EQU_FINGER1)   : 0),($EQU_FINGER1   ? get_item_icon($EQU_FINGER1)   : 0),($EQU_FINGER1   ? get_item_border($EQU_FINGER1)   : 0)),
                    12 => array(($EQU_FINGER2   ? get_item_tooltip($EQU_FINGER2)   : 0),($EQU_FINGER2   ? get_item_icon($EQU_FINGER2)   : 0),($EQU_FINGER2   ? get_item_border($EQU_FINGER2)   : 0)),
                    13 => array(($EQU_TRINKET1  ? get_item_tooltip($EQU_TRINKET1)  : 0),($EQU_TRINKET1  ? get_item_icon($EQU_TRINKET1)  : 0),($EQU_TRINKET1  ? get_item_border($EQU_TRINKET1)  : 0)),
                    14 => array(($EQU_TRINKET2  ? get_item_tooltip($EQU_TRINKET2)  : 0),($EQU_TRINKET2  ? get_item_icon($EQU_TRINKET2)  : 0),($EQU_TRINKET2  ? get_item_border($EQU_TRINKET2)  : 0)),
                    15 => array(($EQU_BACK      ? get_item_tooltip($EQU_BACK)      : 0),($EQU_BACK      ? get_item_icon($EQU_BACK)      : 0),($EQU_BACK      ? get_item_border($EQU_BACK)      : 0)),
                    16 => array(($EQU_MAIN_HAND ? get_item_tooltip($EQU_MAIN_HAND) : 0),($EQU_MAIN_HAND ? get_item_icon($EQU_MAIN_HAND) : 0),($EQU_MAIN_HAND ? get_item_border($EQU_MAIN_HAND) : 0)),
                    17 => array(($EQU_OFF_HAND  ? get_item_tooltip($EQU_OFF_HAND)  : 0),($EQU_OFF_HAND  ? get_item_icon($EQU_OFF_HAND)  : 0),($EQU_OFF_HAND  ? get_item_border($EQU_OFF_HAND)  : 0)),
                    18 => array(($EQU_RANGED    ? get_item_tooltip($EQU_RANGED)    : 0),($EQU_RANGED    ? get_item_icon($EQU_RANGED)    : 0),($EQU_RANGED    ? get_item_border($EQU_RANGED)    : 0)),
                    19 => array(($EQU_TABARD    ? get_item_tooltip($EQU_TABARD)    : 0),($EQU_TABARD    ? get_item_icon($EQU_TABARD)    : 0),($EQU_TABARD    ? get_item_border($EQU_TABARD)    : 0))
                  );
            */
            $sqlm = new SQL();
            $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
            $sqlw = new SQL();
            $sqlw->connect($world_db[$realmid]['addr'], $world_db[$realmid]['user'], $world_db[$realmid]['pass'], $world_db[$realmid]['name']);
            $equiped_items = array(1 => array('', $EQU_HEAD ? get_item_icon($EQU_HEAD, $sqlm, $sqlw) : 0, $EQU_HEAD ? get_item_border($EQU_HEAD, $sqlw) : 0), 2 => array('', $EQU_NECK ? get_item_icon($EQU_NECK, $sqlm, $sqlw) : 0, $EQU_NECK ? get_item_border($EQU_NECK, $sqlw) : 0), 3 => array('', $EQU_SHOULDER ? get_item_icon($EQU_SHOULDER, $sqlm, $sqlw) : 0, $EQU_SHOULDER ? get_item_border($EQU_SHOULDER, $sqlw) : 0), 4 => array('', $EQU_SHIRT ? get_item_icon($EQU_SHIRT, $sqlm, $sqlw) : 0, $EQU_SHIRT ? get_item_border($EQU_SHIRT, $sqlw) : 0), 5 => array('', $EQU_CHEST ? get_item_icon($EQU_CHEST, $sqlm, $sqlw) : 0, $EQU_CHEST ? get_item_border($EQU_CHEST, $sqlw) : 0), 6 => array('', $EQU_BELT ? get_item_icon($EQU_BELT, $sqlm, $sqlw) : 0, $EQU_BELT ? get_item_border($EQU_BELT, $sqlw) : 0), 7 => array('', $EQU_LEGS ? get_item_icon($EQU_LEGS, $sqlm, $sqlw) : 0, $EQU_LEGS ? get_item_border($EQU_LEGS, $sqlw) : 0), 8 => array('', $EQU_FEET ? get_item_icon($EQU_FEET, $sqlm, $sqlw) : 0, $EQU_FEET ? get_item_border($EQU_FEET, $sqlw) : 0), 9 => array('', $EQU_WRIST ? get_item_icon($EQU_WRIST, $sqlm, $sqlw) : 0, $EQU_WRIST ? get_item_border($EQU_WRIST, $sqlw) : 0), 10 => array('', $EQU_GLOVES ? get_item_icon($EQU_GLOVES, $sqlm, $sqlw) : 0, $EQU_GLOVES ? get_item_border($EQU_GLOVES, $sqlw) : 0), 11 => array('', $EQU_FINGER1 ? get_item_icon($EQU_FINGER1, $sqlm, $sqlw) : 0, $EQU_FINGER1 ? get_item_border($EQU_FINGER1, $sqlw) : 0), 12 => array('', $EQU_FINGER2 ? get_item_icon($EQU_FINGER2, $sqlm, $sqlw) : 0, $EQU_FINGER2 ? get_item_border($EQU_FINGER2, $sqlw) : 0), 13 => array('', $EQU_TRINKET1 ? get_item_icon($EQU_TRINKET1, $sqlm, $sqlw) : 0, $EQU_TRINKET1 ? get_item_border($EQU_TRINKET1, $sqlw) : 0), 14 => array('', $EQU_TRINKET2 ? get_item_icon($EQU_TRINKET2, $sqlm, $sqlw) : 0, $EQU_TRINKET2 ? get_item_border($EQU_TRINKET2, $sqlw) : 0), 15 => array('', $EQU_BACK ? get_item_icon($EQU_BACK, $sqlm, $sqlw) : 0, $EQU_BACK ? get_item_border($EQU_BACK, $sqlw) : 0), 16 => array('', $EQU_MAIN_HAND ? get_item_icon($EQU_MAIN_HAND, $sqlm, $sqlw) : 0, $EQU_MAIN_HAND ? get_item_border($EQU_MAIN_HAND, $sqlw) : 0), 17 => array('', $EQU_OFF_HAND ? get_item_icon($EQU_OFF_HAND, $sqlm, $sqlw) : 0, $EQU_OFF_HAND ? get_item_border($EQU_OFF_HAND, $sqlw) : 0), 18 => array('', $EQU_RANGED ? get_item_icon($EQU_RANGED, $sqlm, $sqlw) : 0, $EQU_RANGED ? get_item_border($EQU_RANGED, $sqlw) : 0), 19 => array('', $EQU_TABARD ? get_item_icon($EQU_TABARD, $sqlm, $sqlw) : 0, $EQU_TABARD ? get_item_border($EQU_TABARD, $sqlw) : 0));
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
                $output .= '
          <!-- start of char.php -->
          <center>
            <div id="tab_content">
              <div id="tab">
                <ul>
                  <li><a href="char_inv.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['inventory'] . '</a></li>
                  <li><a href="char_extra.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['extra'] . '</a></li>
                  ' . ($char['level'] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['talents'] . '</a></li>') . '
                  <li><a href="char_achieve.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['achievements'] . '</a></li>
                  <li><a href="char_rep.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['reputation'] . '</a></li>
                  <li><a href="char_skill.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['skills'] . '</a></li>
                  <li><a href="char_quest.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['quests'] . '</a></li>';
                if (char_get_class_name($char['class']) === 'Hunter') {
                    $output .= '
                  <li><a href="char_pets.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['pets'] . '</a></li>';
                }
                $output .= '
                  <li><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['friends'] . '</a></li>
				  <li><a href="char_spell.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['spells'] . '</a></li>
				  <li><a href="char_mail.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['mail'] . '</a></li>
                </ul>
                <ul>';
                // selected char tab at last
                $output .= '
                  <li id="selected"><a href="char.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li>';
            } else {
                $output .= '
          <center>
            <div id="tab">
              <ul>
                <li id="selected"><a href="char.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li>
              </ul>
            </div>
            <div id="tab_content">
              <div id="tab">
                <ul>';
            }
            $output .= '
                </ul>
              </div>
              <div id="tab_content2">
                <table class="lined" style="width: 580px;">
                  <tr>
                    <td colspan="2">
                      <div>
                        <img src="' . char_get_avatar_img($char['level'], $char['gender'], $char['race'], $char['class'], 0) . '" alt="avatar" />
                      </div>
                      <div>';
            $a_results = $sqlc->query('SELECT DISTINCT spell FROM character_aura WHERE guid = ' . $id . '');
            if ($sqlc->num_rows($a_results)) {
                while ($aura = $sqlc->fetch_assoc($a_results)) {
                    $output .= '
                        <a style="padding:2px;" href="' . $spell_datasite . $aura['spell'] . '" target="_blank">
                          <img src="' . spell_get_icon($aura['spell'], $sqlm) . '" alt="' . $aura['spell'] . '" width="24" height="24" />
                        </a>';
                }
            }
            $output .= '
                      </div>
                    </td>
                    <td colspan="4">
                      <font class="bold">
                        ' . htmlentities($char['name']) . ' -
                        <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />
                        <img src="img/c_icons/' . $char['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />
                        - lvl ' . char_get_level_color($char['level']) . '
                      </font>
                      <br />' . get_map_name($char['map'], $sqlm) . ' - ' . get_zone_name($char['zone'], $sqlm) . '
                      <br />' . $lang_char['honor_points'] . ': ' . $char['totalHonorPoints'] . ' / ' . $char['arenaPoints'] . ' - ' . $lang_char['honor_kills'] . ': ' . $char['totalKills'] . '
                      <br />' . $lang_char['guild'] . ': ' . $guild_name . ' | ' . $lang_char['rank'] . ': ' . htmlentities($guild_rank) . '
                      <br />' . ($char['online'] ? '<img src="img/up.gif" onmousemove="toolTip(\'Online\', \'item_tooltip\')" onmouseout="toolTip()" alt="online" />' : '<img src="img/down.gif" onmousemove="toolTip(\'Offline\', \'item_tooltip\')" onmouseout="toolTip()" alt="offline" />');
            if ($showcountryflag) {
                require_once 'libs/misc_lib.php';
                $country = misc_get_country_by_account($char['account'], $sqlr, $sqlm);
                $output .= ' - ' . ($country['code'] ? '<img src="img/flags/' . $country['code'] . '.png" onmousemove="toolTip(\'' . $country['country'] . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />' : '-');
                unset($country);
            }
            $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td width="6%">';
            if ($equiped_items[1][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_HEAD . '" target="_blank">
                        <img src="' . $equiped_items[1][1] . '" class="' . $equiped_items[1][2] . '" alt="Head" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_head.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td class="half_line" colspan="2" align="center" width="50%">
                      <div class="gradient_p">' . $lang_item['health'] . ':</div>
                      <div class="gradient_pp">' . $char['health'] . '</div>';
            if ($char['class'] == 11) {
                //druid
                $output .= '
                      </br>
                      <div class="gradient_p">' . $lang_item['energy'] . ':</div>
                      <div class="gradient_pp">' . $char['power4'] . '</div>';
            }
            $output .= '
                    </td>
                    <td class="half_line" colspan="2" align="center" width="50%">';
            if ($char['class'] == 1) {
                $output .= '
                      <div class="gradient_p">' . $lang_item['rage'] . ':</div>
                      <div class="gradient_pp">' . $rage . '</div>';
            } elseif ($char['class'] == 4) {
                $output .= '
                      <div class="gradient_p">' . $lang_item['energy'] . ':</div>
                      <div class="gradient_pp">' . $char['power4'] . '</div>';
            } elseif ($char['class'] == 6) {
                // Don't know if FOCUS is the right one need to verify with Death Knight player.
                $output .= '
                      <div class="gradient_p">' . $lang_item['runic'] . ':</div>
                      <div class="gradient_pp">Unknown</div>';
            } elseif ($char['class'] == 11) {
                $output .= '
                      <div class="gradient_p">' . $lang_item['mana'] . ':</div>
                      <div class="gradient_pp">' . $char['power1'] . '</div>
                      </br>
                      <div class="gradient_p">' . $lang_item['rage'] . ':</div>
                      <div class="gradient_pp">' . $rage . '</div>';
            } elseif ($char['class'] == 2 || $char['class'] == 3 || $char['class'] == 5 || $char['class'] == 7 || $char['class'] == 8 || $char['class'] == 9) {
                $output .= '
                      <div class="gradient_p">' . $lang_item['mana'] . ':</div>
                      <div class="gradient_pp">' . $char['power1'] . '</div>';
            }
            $output .= '
                    </td>
                    <td width="6%">';
            if ($equiped_items[10][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_GLOVES . '" target="_blank">
                        <img src="' . $equiped_items[10][1] . '" class="' . $equiped_items[10][2] . '" alt="Gloves" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_gloves.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td width="1%">';
            if ($equiped_items[2][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_NECK . '" target="_blank">
                        <img src="' . $equiped_items[2][1] . '" class="' . $equiped_items[2][2] . '" alt="Neck" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_neck.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td class="half_line" colspan="2" rowspan="3" align="center" width="50%">
                      <div class="gradient_p">
                        ' . $lang_item['strength'] . ':<br />
                        ' . $lang_item['agility'] . ':<br />
                        ' . $lang_item['stamina'] . ':<br />
                        ' . $lang_item['intellect'] . ':<br />
                        ' . $lang_item['spirit'] . ':<br />
                        ' . $lang_item['armor'] . ':
                      </div>
                      <div class="gradient_pp">
                        ' . $char_data[CHAR_DATA_OFFSET_STR] . '<br />
                        ' . $char_data[CHAR_DATA_OFFSET_AGI] . '<br />
                        ' . $char_data[CHAR_DATA_OFFSET_STA] . '<br />
                        ' . $char_data[CHAR_DATA_OFFSET_INT] . '<br />
                        ' . $char_data[CHAR_DATA_OFFSET_SPI] . '<br />
                        ' . $char_data[CHAR_DATA_OFFSET_ARMOR] . '
                      </div>
                    </td>
                    <td class="half_line" colspan="2" rowspan="3" align="center" width="50%">
                      <div class="gradient_p">
                        ' . $lang_item['res_holy'] . ':<br />
                        ' . $lang_item['res_arcane'] . ':<br />
                        ' . $lang_item['res_fire'] . ':<br />
                        ' . $lang_item['res_nature'] . ':<br />
                        ' . $lang_item['res_frost'] . ':<br />
                        ' . $lang_item['res_shadow'] . ':
                      </div>
                      <div class="gradient_pp">
                        ' . $char_data[CHAR_DATA_OFFSET_RES_HOLY] . '<br />
                        ' . $char_data[CHAR_DATA_OFFSET_RES_ARCANE] . '<br />
                        ' . $char_data[CHAR_DATA_OFFSET_RES_FIRE] . '<br />
                        ' . $char_data[CHAR_DATA_OFFSET_RES_NATURE] . '<br />
                        ' . $char_data[CHAR_DATA_OFFSET_RES_FROST] . '<br />
                        ' . $char_data[CHAR_DATA_OFFSET_RES_SHADOW] . '
                      </div>
                    </td>
                    <td width="1%">';
            if ($equiped_items[6][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_BELT . '" target="_blank">
                        <img src="' . $equiped_items[6][1] . '" class="' . $equiped_items[6][2] . '" alt="Belt" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_waist.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td width="1%">';
            if ($equiped_items[3][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_SHOULDER . '" target="_blank">
                        <img src="' . $equiped_items[3][1] . '" class="' . $equiped_items[3][2] . '" alt="Shoulder" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_shoulder.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td width="1%">';
            if ($equiped_items[7][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_LEGS . '" target="_blank">
                        <img src="' . $equiped_items[7][1] . '" class="' . $equiped_items[7][2] . '" alt="Legs" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_legs.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td width="1%">';
            if ($equiped_items[15][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_BACK . '" target="_blank">
                        <img src="' . $equiped_items[15][1] . '" class="' . $equiped_items[15][2] . '" alt="Back" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_chest_back.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td width="1%">';
            if ($equiped_items[8][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_FEET . '" target="_blank">
                        <img src="' . $equiped_items[8][1] . '" class="' . $equiped_items[8][2] . '" alt="Feet" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_feet.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td width="1%">';
            if ($equiped_items[5][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_CHEST . '" target="_blank">
                        <img src="' . $equiped_items[5][1] . '" class="' . $equiped_items[5][2] . '" alt="Chest" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_chest_back.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td class="half_line" colspan="2" rowspan="2" align="center" width="50%">
                      <div class="gradient_p">
                        ' . $lang_char['melee_d'] . ':<br />
                        ' . $lang_char['melee_ap'] . ':<br />
                        ' . $lang_char['melee_hit'] . ':<br />
                        ' . $lang_char['melee_crit'] . ':<br />
                        ' . $lang_char['expertise'] . ':<br />
                      </div>
                      <div class="gradient_pp">
                        ' . $mindamage . '-' . $maxdamage . '<br />
                        ' . ($char_data[CHAR_DATA_OFFSET_AP] + $char_data[CHAR_DATA_OFFSET_AP_MOD]) . '<br />
                        ' . $char_data[CHAR_DATA_OFFSET_MELEE_HIT] . '<br />
                        ' . $crit . '%<br />
                        ' . $expertise . '<br />
                      </div>
                    </td>
                    <td class="half_line" colspan="2" rowspan="2" align="center" width="50%">
                      <div class="gradient_p">
                        ' . $lang_char['spell_d'] . ':<br />
                        ' . $lang_char['spell_heal'] . ':<br />
                        ' . $lang_char['spell_hit'] . ':<br />
                        ' . $lang_char['spell_crit'] . ':<br />
                        ' . $lang_char['spell_haste'] . '
                      </div>
                      <div class="gradient_pp">
                        ' . $spell_damage . '<br />
                        ' . $char_data[CHAR_DATA_OFFSET_SPELL_HEAL] . '<br />
                        ' . $char_data[CHAR_DATA_OFFSET_SPELL_HIT] . '<br />
                        ' . $spell_crit . '%<br />
                        ' . $char_data[CHAR_DATA_OFFSET_SPELL_HASTE_RATING] . '
                      </div>
                    </td>
                    <td width="1%">';
            if ($equiped_items[11][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_FINGER1 . '" target="_blank">
                        <img src="' . $equiped_items[11][1] . '" class="' . $equiped_items[11][2] . '" alt="Finger1" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_finger.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td width="1%">';
            if ($equiped_items[4][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_SHIRT . '" target="_blank">
                        <img src="' . $equiped_items[4][1] . '" class="' . $equiped_items[4][2] . '" alt="Shirt" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_shirt.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td width="1%">';
            if ($equiped_items[12][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_FINGER2 . '" target="_blank">
                        <img src="' . $equiped_items[12][1] . '" class="' . $equiped_items[12][2] . '" alt="Finger2" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_finger.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td width="1%">';
            if ($equiped_items[19][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_TABARD . '" target="_blank">
                        <img src="' . $equiped_items[19][1] . '" class="' . $equiped_items[19][2] . '" alt="Tabard" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_tabard.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td class="half_line" colspan="2" rowspan="2" align="center" width="50%">
                      <div class="gradient_p">
                        ' . $lang_char['dodge'] . ':<br />
                        ' . $lang_char['parry'] . ':<br />
                        ' . $lang_char['block'] . ':<br />
                        ' . $lang_char['resilience'] . ':<br />
                      </div>
                      <div class="gradient_pp">
                        ' . $dodge . '%<br />
                        ' . $parry . '%<br />
                        ' . $block . '%<br />
                        ' . $char_data[CHAR_DATA_OFFSET_RESILIENCE] . '<br />
                      </div>
                    </td>
                    <td class="half_line" colspan="2" rowspan="2" align="center" width="50%">
                      <div class="gradient_p">
                        ' . $lang_char['ranged_d'] . ':<br />
                        ' . $lang_char['ranged_ap'] . ':<br />
                        ' . $lang_char['ranged_hit'] . ':<br />
                        ' . $lang_char['ranged_crit'] . ':<br />
                      </div>
                      <div class="gradient_pp">
                        ' . $minrangeddamage . '-' . $maxrangeddamage . '<br />
                        ' . ($char_data[CHAR_DATA_OFFSET_RANGED_AP] + $char_data[CHAR_DATA_OFFSET_RANGED_AP_MOD]) . '<br />
                        ' . $char_data[CHAR_DATA_OFFSET_RANGE_HIT] . '<br />
                        ' . $ranged_crit . '%<br />
                      </div>
                    </td>
                    <td width="1%">';
            if ($equiped_items[13][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_TRINKET1 . '" target="_blank">
                        <img src="' . $equiped_items[13][1] . '" class="' . $equiped_items[13][2] . '" alt="Trinket1" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_trinket.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td width="1%">';
            if ($equiped_items[9][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_WRIST . '" target="_blank">
                        <img src="' . $equiped_items[9][1] . '" class="' . $equiped_items[9][2] . '" alt="Wrist" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_wrist.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td width="1%">';
            if ($equiped_items[14][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_TRINKET2 . '" target="_blank">
                        <img src="' . $equiped_items[14][1] . '" class="' . $equiped_items[14][2] . '" alt="Trinket2" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_trinket.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td></td>
                    <td width="15%">';
            if ($equiped_items[16][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_MAIN_HAND . '" target="_blank">
                        <img src="' . $equiped_items[16][1] . '" class="' . $equiped_items[16][2] . '" alt="MainHand" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_main_hand.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td width="15%">';
            if ($equiped_items[17][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_OFF_HAND . '" target="_blank">
                        <img src="' . $equiped_items[17][1] . '" class="' . $equiped_items[17][2] . '" alt="OffHand" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_off_hand.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td width="15%">';
            if ($equiped_items[18][1]) {
                $output .= '
                      <a style="padding:2px;" href="' . $item_datasite . $EQU_RANGED . '" target="_blank">
                        <img src="' . $equiped_items[18][1] . '" class="' . $equiped_items[18][2] . '" alt="Ranged" />
                      </a>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_ranged.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td width="15%"></td>
                    <td></td>
                  </tr>';
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
                //total time played
                $tot_time = $char['totaltime'];
                $tot_days = (int) ($tot_time / 86400);
                $tot_time = $tot_time - $tot_days * 86400;
                $total_hours = (int) ($tot_time / 3600);
                $tot_time = $tot_time - $total_hours * 3600;
                $total_min = (int) ($tot_time / 60);
                $output .= '
                  <tr>
                    <td colspan="6">
                      ' . $lang_char['tot_paly_time'] . ': ' . $tot_days . ' ' . $lang_char['days'] . ' ' . $total_hours . ' ' . $lang_char['hours'] . ' ' . $total_min . ' ' . $lang_char['min'] . '
                    </td>
                  </tr>';
            }
            $output .= '
                </table>
              </div>
              <br />
            </div>
            <br />
            <table class="hidden">
              <tr>
                <td>';
            // button to user account page, user account page has own security
            makebutton($lang_char['chars_acc'], 'user.php?action=edit_user&amp;id=' . $owner_acc_id . '', 130);
            $output .= '
                </td>
                <td>';
            // only higher level GM with delete access can edit character
            //  character edit allows removal of character items, so delete permission is needed
            if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete']) {
                makebutton($lang_char['edit_button'], 'char_edit.php?id=' . $id . '&amp;realm=' . $realmid . '', 130);
                $output .= '
                </td>
                <td>';
            }
            // only higher level GM with delete access, or character owner can delete character
            if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete'] || $owner_name === $user_name) {
                makebutton($lang_char['del_char'], 'char_list.php?action=del_char_form&amp;check%5B%5D=' . $id . '" type="wrn', 130);
                $output .= '
                </td>
                <td>';
            }
            // only GM with update permission can send mail, mail can send items, so update permission is needed
            if ($user_lvl >= $action_permission['update']) {
                makebutton($lang_char['send_mail'], 'mail.php?type=ingame_mail&amp;to=' . $char['name'] . '', 130);
                $output .= '
                </td>
                <td>';
            }
            makebutton($lang_global['back'], 'javascript:window.history.back()" type="def', 130);
            $output .= '
                </td>
              </tr>
            </table>
            <br />
          </center>
          <!-- end of char.php -->';
        } else {
            error($lang_char['no_permission']);
        }
    } else {
        error($lang_char['no_char_found']);
    }
}
Esempio n. 3
0
function char_select(&$sqlr, &$sqlm, &$sqlc)
{
    global $output, $lang_rewards, $lang_global, $characters_db, $mmfpm_db, $realm_id, $user_id;
    require_once 'libs/char_lib.php';
    $sqlc = new SQL();
    $sqlc->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
    $output .= '
<center>
	<div id="tab_content">
		<div id="tab">
			<ul>
				<li><a href="rewards.php">INFO</a></li>
				<li id="selected"><a href="rewards.php?action=char_select">SELECT CHAR</a></li>
				<li><a href="rewards.php?action=show_reward_gold">GOLD</a></li>
				<li><a href="rewards.php?action=show_reward_item">ITEM</a></li>
			</ul>
		</div>
		<div id="tab_content2">
			<table class="lined" style="width: 200px;">
				<tr>
					<th align="center">
						Select Character
					</th>
				</tr>';
    $result = $sqlc->query('SELECT account, name, race, class, gender, level
							FROM characters
							WHERE account = ' . $user_id . '');
    while ($char = $sqlc->fetch_assoc($result)) {
        $output .= '
				<tr>
					<td align="right">
						<font>
							' . htmlentities($char['name']) . ' -
							<img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif"
							onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />
							<img src="img/c_icons/' . $char['class'] . '.gif"
							onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . '
						</font>
					</td>
				</tr>
				<BR />';
    }
    unset($char);
    $sqlm = new SQL();
    $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
    $result = $sqlm->query('SELECT *
							FROM mm_reward_char
							WHERE account = ' . $user_id . ' 
							LIMIT 1');
    while ($char = $sqlc->fetch_assoc($result)) {
        $output .= '
				<tr>
					<th align="center">
						Selected Character
					</th>
				</tr>
				<tr>
					<td align="right">
						<font>
							' . htmlentities($char['name']) . ' -
							<img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif"
							onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />
							<img src="img/c_icons/' . $char['class'] . '.gif"
							onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . '
						</font>
					</td>
				</tr>';
    }
    $output .= '
			</table>
		</div>
		<br />
	</div>
</center>';
}
Esempio n. 4
0
function char_friends(&$sqlr, &$sqlc)
{
    global $output, $lang_global, $lang_char, $realm_id, $realm_db, $mmfpm_db, $characters_db, $action_permission, $user_lvl, $user_name;
    //==========================$_GET and SECURE=================================
    // id and multi realm security to prevent sql injection
    require_once './include/char/include/char_multi_realm_security.php';
    $order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : 'name';
    if (preg_match('/^[[:lower:]]{1,6}$/', $order_by)) {
    } else {
        $order_by = 'name';
    }
    $dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 1;
    if (preg_match('/^[01]{1}$/', $dir)) {
    } else {
        $dir = 1;
    }
    $order_dir = $dir ? 'ASC' : 'DESC';
    $dir = $dir ? 0 : 1;
    if ($order_by === 'map') {
        $order_by = 'map ' . $order_dir . ', zone';
    } elseif ($order_by === 'zone') {
        $order_by = 'zone ' . $order_dir . ', map';
    }
    //==========================$_GET and SECURE end========================
    // getting character data from database
    $result = $sqlc->query('
		SELECT account, name, race, class, gender, level
		FROM characters
		WHERE guid = ' . $id . '
		LIMIT 1');
    // no point going further if character does not exist
    if ($sqlc->num_rows($result)) {
        $char = $sqlc->fetch_assoc($result);
        // we get user permissions first
        $owner_acc_id = $sqlc->result($result, 0, 'account');
        $result = $sqlr->query('
			SELECT gmlevel, username 
			FROM account 
			WHERE id = ' . $char['account'] . '');
        $owner_gmlvl = $sqlr->result($result, 0, 'gmlevel');
        $owner_name = $sqlr->result($result, 0, 'username');
        // check user permission
        if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
            // character sub header
            $output .= '
<center>
<div id="tab_content">
	<h1>' . $lang_char['friends'] . '</h1>
	<br />';
            // character menu tab
            require_once './include/char/include/char_header.php';
            // character info
            require_once './include/char/include/char_info.php';
            //---------------Page Specific Data Starts Here--------------------------
            $output .= '
<script type="text/javascript">
	// <![CDATA[
		function wrap()
		{
			if (getBrowserWidth() > 1024)
				document.write(\'</table></td><td><table class="lined" style="width: 1%;">\');
		}
		// ]]>
</script>
	<div id="tab_content2">
		<table class="lined" style="width: 1%;">';
            $sqlm = new SQL();
            $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
            $result = $sqlc->query('
				SELECT name, race, class, map, zone, level, gender, online, account, guid
				FROM characters 
				WHERE guid in 
					(SELECT friend 
					FROM character_social 
					WHERE guid = ' . $id . ' and flags <= 1) 
				ORDER BY ' . $order_by . ' ' . $order_dir . '');
            if ($sqlc->num_rows($result)) {
                $output .= '
			<tr>
				<th colspan="7" align="left">' . $lang_char['friends'] . '</th>
			</tr>
			<tr>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=name&amp;dir=' . $dir . '"' . ($order_by === 'name' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['name'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=race&amp;dir=' . $dir . '"' . ($order_by === 'race' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['race'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=class&amp;dir=' . $dir . '"' . ($order_by === 'class' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['class'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=level&amp;dir=' . $dir . '"' . ($order_by === 'level' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['level'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=map&amp;dir=' . $dir . '"' . ($order_by === 'map ' . $order_dir . ', zone' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['map'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=zone&amp;dir=' . $dir . '"' . ($order_by === 'zone ' . $order_dir . ', map' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['zone'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=online&amp;dir=' . $dir . '"' . ($order_by === 'online' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['online'] . '</a></th>
			</tr>';
                while ($data = $sqlc->fetch_assoc($result)) {
                    $char_gm_level = $sqlr->result($sqlr->query('
						SELECT gmlevel 
						FROM account 
						WHERE id = ' . $data['account'] . ''), 0, 'gmlevel');
                    $output .= '
			<tr>
				<td>';
                    if ($user_lvl >= $char_gm_level) {
                        $output .= '
					<a href="char.php?id=' . $data['guid'] . '">' . $data['name'] . '</a>';
                    } else {
                        $output .= $data['name'];
                    }
                    $output .= '
				</td>
				<td><img src="img/c_icons/' . $data['race'] . '-' . $data['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($data['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /></td>
				<td><img src="img/c_icons/' . $data['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($data['class']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /></td>
				<td>' . char_get_level_color($data['level']) . '</td>
				<td class="small"><span onmousemove="toolTip(\'MapID:' . $data['map'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_map_name($data['map'], $sqlm) . '</span></td>
				<td class="small"><span onmousemove="toolTip(\'ZoneID:' . $data['zone'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_zone_name($data['zone'], $sqlm) . '</span></td>
				<td>' . ($data['online'] ? '<img src="img/up.gif" alt="" />' : '-') . '</td>
			</tr>';
                }
            }
            $result = $sqlc->query('
				SELECT name, race, class, map, zone, level, gender, online, account, guid
				FROM characters 
				WHERE guid in
					(SELECT guid
					FROM character_social
					WHERE friend = ' . $id . ' and flags <= 1)
				ORDER BY ' . $order_by . ' ' . $order_dir . '');
            if ($sqlc->num_rows($result)) {
                $output .= '
			<tr>
				<th colspan="7" align="left">' . $lang_char['friendof'] . '</th>
			</tr>
			<tr>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=name&amp;dir=' . $dir . '"' . ($order_by === 'name' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['name'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=race&amp;dir=' . $dir . '"' . ($order_by === 'race' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['race'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=class&amp;dir=' . $dir . '"' . ($order_by === 'class' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['class'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=level&amp;dir=' . $dir . '"' . ($order_by === 'level' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['level'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=map&amp;dir=' . $dir . '"' . ($order_by === 'map ' . $order_dir . ', zone' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['map'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=zone&amp;dir=' . $dir . '"' . ($order_by === 'zone ' . $order_dir . ', map' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['zone'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=online&amp;dir=' . $dir . '"' . ($order_by === 'online' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['online'] . '</a></th>
			</tr>';
                while ($data = $sqlc->fetch_assoc($result)) {
                    $char_gm_level = $sqlr->result($sqlr->query('
						SELECT gmlevel
						FROM account
						WHERE id = ' . $data['account'] . ''), 0, 'gmlevel');
                    $output .= '
			<tr>
				<td>';
                    if ($user_lvl >= $char_gm_level) {
                        $output .= '
					<a href="char.php?id=' . $data['guid'] . '">' . $data['name'] . '</a>';
                    } else {
                        $output .= $data['name'];
                    }
                    $output .= '
				</td>
				<td><img src="img/c_icons/' . $data['race'] . '-' . $data['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($data['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /></td>
				<td><img src="img/c_icons/' . $data['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($data['class']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /></td>
				<td>' . char_get_level_color($data['level']) . '</td>
				<td class="small"><span onmousemove="toolTip(\'MapID:' . $data['map'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_map_name($data['map'], $sqlm) . '</span></td>
				<td class="small"><span onmousemove="toolTip(\'ZoneID:' . $data['zone'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_zone_name($data['zone'], $sqlm) . '</span></td>
				<td>' . ($data['online'] ? '<img src="img/up.gif" alt="" />' : '-') . '</td>
			</tr>';
                }
            }
            $output .= '
<script type="text/javascript">
	// <![CDATA[
		wrap();
	// ]]>
</script>';
            $result = $sqlc->query('
				SELECT name, race, class, map, zone, level, gender, online, account, guid
				FROM characters
				WHERE guid in
					(SELECT friend
					FROM character_social
					WHERE guid = ' . $id . ' and flags > 1)
				ORDER BY ' . $order_by . ' ' . $order_dir . '');
            if ($sqlc->num_rows($result)) {
                $output .= '
			<tr>
				<th colspan="7" align="left">' . $lang_char['ignored'] . '</th>
			</tr>
			<tr>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=name&amp;dir=' . $dir . '"' . ($order_by === 'name' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['name'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=race&amp;dir=' . $dir . '"' . ($order_by === 'race' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['race'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=class&amp;dir=' . $dir . '"' . ($order_by === 'class' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['class'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=level&amp;dir=' . $dir . '"' . ($order_by === 'level' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['level'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=map&amp;dir=' . $dir . '"' . ($order_by === 'map ' . $order_dir . ', zone' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['map'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=zone&amp;dir=' . $dir . '"' . ($order_by === 'zone ' . $order_dir . ', map' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['zone'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=online&amp;dir=' . $dir . '"' . ($order_by === 'online' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['online'] . '</a></th>
			</tr>';
                while ($data = $sqlc->fetch_assoc($result)) {
                    $char_gm_level = $sqlr->result($sqlr->query('
						SELECT gmlevel
						FROM account
						WHERE id = ' . $data['account'] . ''), 0, 'gmlevel');
                    $output .= '
			<tr>
				<td>';
                    if ($user_lvl >= $char_gm_level) {
                        $output .= '
					<a href="char.php?id=' . $data['guid'] . '">' . $data['name'] . '</a>';
                    } else {
                        $output .= $data['name'];
                    }
                    $output .= '
				</td>
				<td><img src="img/c_icons/' . $data['race'] . '-' . $data['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($data['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /></td>
				<td><img src="img/c_icons/' . $data['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($data['class']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /></td>
				<td>' . char_get_level_color($data['level']) . '</td>
				<td class="small"><span onmousemove="toolTip(\'MapID:' . $data['map'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_map_name($data['map'], $sqlm) . '</span></td>
				<td class="small"><span onmousemove="toolTip(\'ZoneID:' . $data['zone'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_zone_name($data['zone'], $sqlm) . '</span></td>
				<td>' . ($data['online'] ? '<img src="img/up.gif" alt="" />' : '-') . '</td>
			</tr>';
                }
            }
            $result = $sqlc->query('
				SELECT name, race, class, map, zone, level, gender, online, account, guid
				FROM characters
				WHERE guid in
					(SELECT guid
					FROM character_social
					WHERE friend = ' . $id . ' and flags > 1)
				ORDER BY ' . $order_by . ' ' . $order_dir . '');
            if ($sqlc->num_rows($result)) {
                $output .= '
			<tr>
				<th colspan="7" align="left">' . $lang_char['ignoredby'] . '</th>
			</tr>
			<tr>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=name&amp;dir=' . $dir . '"' . ($order_by === 'name' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['name'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=race&amp;dir=' . $dir . '"' . ($order_by === 'race' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['race'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=class&amp;dir=' . $dir . '"' . ($order_by === 'class' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['class'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=level&amp;dir=' . $dir . '"' . ($order_by === 'level' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['level'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=map&amp;dir=' . $dir . '"' . ($order_by === 'map ' . $order_dir . ', zone' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['map'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=zone&amp;dir=' . $dir . '"' . ($order_by === 'zone ' . $order_dir . ', map' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['zone'] . '</a></th>
				<th width="1%"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=online&amp;dir=' . $dir . '"' . ($order_by === 'online' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['online'] . '</a></th>
			</tr>';
                while ($data = $sqlc->fetch_assoc($result)) {
                    $char_gm_level = $sqlr->result($sqlr->query('
						SELECT gmlevel
						FROM account
						WHERE id = ' . $data['account'] . ''), 0, 'gmlevel');
                    $output .= '
			<tr>
				<td>';
                    if ($user_lvl >= $char_gm_level) {
                        $output .= '
					<a href="char.php?id=' . $data['guid'] . '">' . $data['name'] . '</a>';
                    } else {
                        $output .= $data['name'];
                    }
                    $output .= '
				</td>
				<td><img src="img/c_icons/' . $data['race'] . '-' . $data['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($data['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /></td>
				<td><img src="img/c_icons/' . $data['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($data['class']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /></td>
				<td>' . char_get_level_color($data['level']) . '</td>
				<td class="small"><span onmousemove="toolTip(\'MapID:' . $data['map'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_map_name($data['map'], $sqlm) . '</span></td>
				<td class="small"><span onmousemove="toolTip(\'ZoneID:' . $data['zone'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_zone_name($data['zone'], $sqlm) . '</span></td>
				<td>' . ($data['online'] ? '<img src="img/up.gif" alt="" />' : '-') . '</td>
			</tr>';
                }
            }
            $output .= '
		</table>
	</div>
</div>
<br />';
            //---------------Page Specific Data Ends here----------------------------
            // character sub footer
            require_once './include/char/include/char_ footer.php';
            $output .= '
<br />
</center>';
        } else {
            error($lang_char['no_permission']);
        }
    } else {
        error($lang_char['no_char_found']);
    }
}
function char_pets()
{
    global $output, $realm_id, $characters_db, $arcm_db, $action_permission, $user_lvl, $user_name, $site_encoding, $base_datasite, $spell_datasite, $pet_ability, $sql, $core;
    //wowhead_tt();
    if (empty($_GET["id"])) {
        error(lang("global", "empty_fields"));
    }
    if (empty($_GET["realm"])) {
        $realmid = $realm_id;
    } else {
        $realmid = $sql["logon"]->quote_smart($_GET["realm"]);
        if (is_numeric($realmid)) {
            $sql["char"]->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name'], $characters_db[$realmid]["encoding"]);
        } else {
            $realmid = $realm_id;
        }
    }
    $id = $sql["char"]->quote_smart($_GET["id"]);
    if (!is_numeric($id)) {
        $id = 0;
    }
    if ($core == 1) {
        $result = $sql["char"]->query("SELECT acct, name, race, class, level, gender\n      FROM characters\n      WHERE guid='" . $id . "' LIMIT 1");
    } else {
        $result = $sql["char"]->query("SELECT account AS acct, name, race, class, level, gender\n      FROM characters\n      WHERE guid='" . $id . "' LIMIT 1");
    }
    if ($sql["char"]->num_rows($result)) {
        $char = $sql["char"]->fetch_assoc($result);
        // we get user permissions first
        $owner_acc_id = $sql["char"]->result($result, 0, 'acct');
        if ($core == 1) {
            $result = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $char["acct"] . "'");
        } else {
            $result = $sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $char["acct"] . "'");
        }
        $owner_name = $sql["logon"]->result($result, 0, 'login');
        $s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='******'";
        $s_result = $sql["mgr"]->query($s_query);
        $s_fields = $sql["mgr"]->fetch_assoc($s_result);
        $owner_gmlvl = $s_fields["gm"];
        $view_mod = $s_fields["View_Mod_Pets"];
        if ($owner_gmlvl >= 1073741824) {
            $owner_gmlvl -= 1073741824;
        }
        // owner configured overrides
        $view_override = false;
        if ($view_mod > 0) {
            if ($view_mod == 1) {
            } elseif ($view_mod == 2) {
                // only registered users may view this page
                if ($user_lvl > -1) {
                    $view_override = true;
                }
            }
        }
        // visibility overrides for specific tabs
        $view_inv_override = false;
        if ($s_fields["View_Mod_Inv"] > 0) {
            if ($s_fields["View_Mod_Inv"] == 1) {
            } elseif ($s_fields["View_Mod_Inv"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_inv_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_inv_override = true;
            }
        }
        $view_talent_override = false;
        if ($s_fields["View_Mod_Talent"] > 0) {
            if ($s_fields["View_Mod_Talent"] == 1) {
            } elseif ($s_fields["View_Mod_Talent"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_talent_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_talent_override = true;
            }
        }
        $view_achieve_override = false;
        if ($s_fields["View_Mod_Achieve"] > 0) {
            if ($s_fields["View_Mod_Achieve"] == 1) {
            } elseif ($s_fields["View_Mod_Achieve"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_achieve_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_achieve_override = true;
            }
        }
        $view_quest_override = false;
        if ($s_fields["View_Mod_Quest"] > 0) {
            if ($s_fields["View_Mod_Quest"] == 1) {
            } elseif ($s_fields["View_Mod_Quest"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_quest_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_quest_override = true;
            }
        }
        $view_friends_override = false;
        if ($s_fields["View_Mod_Friends"] > 0) {
            if ($s_fields["View_Mod_Friends"] == 1) {
            } elseif ($s_fields["View_Mod_Friends"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_friends_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_friends_override = true;
            }
        }
        $view_view_override = false;
        if ($s_fields["View_Mod_View"] > 0) {
            if ($s_fields["View_Mod_View"] == 1) {
            } elseif ($s_fields["View_Mod_View"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_view_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_view_override = true;
            }
        }
        $view_rep_override = false;
        if ($s_fields["View_Mod_Rep"] > 0) {
            if ($s_fields["View_Mod_Rep"] == 1) {
            } elseif ($s_fields["View_Mod_Rep"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_rep_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_rep_override = true;
            }
        }
        $view_skill_override = false;
        if ($s_fields["View_Mod_Skill"] > 0) {
            if ($s_fields["View_Mod_Skill"] == 1) {
            } elseif ($s_fields["View_Mod_Skill"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_skill_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_skill_override = true;
            }
        }
        $view_pvp_override = false;
        if ($s_fields["View_Mod_PvP"] > 0) {
            if ($s_fields["View_Mod_PvP"] == 1) {
            } elseif ($s_fields["View_Mod_PvP"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_pvp_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_pvp_override = true;
            }
        }
        if ($view_override || $user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
            $output .= '
          <center>
            <div class="tab">
              <ul>
                <li class="selected"><a href="char.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>';
            if ($view_inv_override) {
                $output .= '
                <li><a href="char_inv.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "inventory") . '</a></li>';
            }
            if ($view_talent_override) {
                $output .= '
                ' . ($char["level"] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "talents") . '</a></li>') . '';
            }
            if ($view_achieve_override) {
                $output .= '
                <li><a href="char_achieve.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "achievements") . '</a></li>';
            }
            if ($view_quest_override) {
                $output .= '
                <li><a href="char_quest.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "quests") . '</a></li>';
            }
            if ($view_friends_override) {
                $output .= '
                <li><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "friends") . '</a></li>';
            }
            if ($view_view_override) {
                $output .= '
                <li><a href="char_view.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "view") . '</a></li>';
            }
            $output .= '
              </ul>
            </div>
            <div class="tab_content">
              <div class="tab">
                <ul>
                  <li><a href="char.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>';
            $output .= '
                  <li class="selected"><a href="char_pets.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "pets") . '</a></li>';
            if ($view_rep_override) {
                $output .= '
                  <li><a href="char_rep.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "reputation") . '</a></li>';
            }
            if ($view_skill_override) {
                $output .= '
                  <li><a href="char_skill.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "skills") . '</a></li>';
            }
            if ($view_pvp_override) {
                $output .= '
                  <li><a href="char_pvp.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "pvp") . '</a></li>';
            }
            if ($owner_name == $user_name || $user_lvl >= get_page_permission("insert", "char_mail.php")) {
                $output .= '
                  <li><a href="char_mail.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "mail") . '</a></li>';
            }
            $output .= '
                </ul>
              </div>
              <div class="tab_content2">
              <font class="bold">
                ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' -
                <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . '
              </font>
              <br />
              <br />';
            if ($core == 1) {
                $result = $sql["char"]->query("SELECT petnumber, level, fields,\n          SUBSTRING_INDEX(SUBSTRING_INDEX(`fields`, ' ', 77), ' ', -1) AS cur_xp,\n          SUBSTRING_INDEX(SUBSTRING_INDEX(`fields`, ' ', 78), ' ', -1) AS next_level_xp,\n          name, happinessupdate\n          FROM playerpets\n          WHERE ownerguid='" . $id . "'");
            } else {
                $result = $sql["char"]->query("SELECT id AS petnumber, level, abdata AS fields,\n          exp AS cur_xp,\n          SUBSTRING_INDEX(SUBSTRING_INDEX(`abdata`, ' ', 78), ' ', -1) AS next_level_xp,\n          name, curhappiness AS happinessupdate\n          FROM character_pet \n          WHERE owner='" . $id . "'");
            }
            if ($sql["char"]->num_rows($result)) {
                while ($pet = $sql["char"]->fetch_assoc($result)) {
                    $pet_data = explode(' ', $pet["fields"]);
                    $happiness = floor($pet_data[UNIT_FIELD_MAXPOWER3] / 333000);
                    if ($happiness == 1) {
                        $hap_text = 'Content';
                        $hap_val = 1;
                    } elseif ($happiness == 2) {
                        $hap_text = 'Happy';
                        $hap_val = 2;
                    } else {
                        $hap_text = 'Unhappy';
                        $hap_val = 0;
                    }
                    if ($core == 1) {
                        $pet_next_lvl_xp = $pet["next_level_xp"];
                    } else {
                        $pet_next_lvl_xp = floor(char_get_xp_to_level($pet["level"]) / 4);
                    }
                    // this_is_junk: style left hardcoded because it's calculated.
                    $output .= '
                <font class="bold">' . $pet["name"] . ' - lvl ' . char_get_level_color($pet["level"]) . '
                  <a class="ch_pet_padding" onmouseover="oldtoolTip(\'' . $hap_text . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()"><img src="img/pet/happiness_' . $hap_val . '.jpg" alt="" /></a>
                  <br /><br />
                </font>
                <table class="lined" id="ch_pet_xp">
                  <tr>
                    <td align="right">Exp:</td>
                    <td valign="top" class="bar skill_bar" style="background-position: ' . (round(385 * $pet["cur_xp"] / $pet_next_lvl_xp) - 385) . 'px;">
                      <span>' . $pet["cur_xp"] . '/' . $pet_next_lvl_xp . '</span>
                    </td>
                  </tr>
                  <tr>
                    <td align="right">Pet Abilities:</td>
                    <td align="left">';
                    if ($core == 1) {
                        $ability_results = $sql["char"]->query("SELECT spellid FROM playerpetspells WHERE petnumber='" . $pet["petnumber"] . "' AND flags > 1");
                    } else {
                        $ability_results = $sql["char"]->query("SELECT spell AS spellid FROM pet_spell WHERE guid='" . $pet["petnumber"] . "' AND active > 1");
                    }
                    // active = 0 is unused and active = 1 probably some passive auras, i dont know diference between values 129 and 193, need to check mangos source
                    if ($sql["char"]->num_rows($ability_results)) {
                        while ($ability = $sql["char"]->fetch_assoc($ability_results)) {
                            $output .= '
                      <a class="ch_pet_padding" href="' . $base_datasite . $spell_datasite . $ability["spellid"] . '" target="_blank">
                        <img src="' . spell_get_icon($ability["spellid"]) . '" alt="' . $ability["spellid"] . '" class="icon_border_0" />
                      </a>';
                        }
                    }
                    $output .= '
                    </td>
                  </tr>
                </table>
                <br /><br />';
                }
                unset($ability_results);
                unset($pet_next_lvl_xp);
                unset($happiness);
                unset($pet);
            }
            $output .= '
              </div>
            </div>
            <br />
            <table class="hidden">
              <tr>
                <td>';
            // button to user account page, user account page has own security
            makebutton(lang("char", "chars_acc"), 'user.php?action=edit_user&amp;id=' . $owner_acc_id . '', 130);
            $output .= '
                </td>
                <td>';
            // only higher level GM with delete access can edit character
            //  character edit allows removal of character items, so delete permission is needed
            if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"]) {
                //makebutton($lang_char["edit_button"], 'char_edit.php?id='.$id.'&amp;realm='.$realmid.'', 130);
                $output .= '
                </td>
                <td>';
            }
            // only higher level GM with delete access, or character owner can delete character
            if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"] || $owner_name === $user_name) {
                makebutton(lang("char", "del_char"), 'char_list.php?action=del_char_form&amp;check%5B%5D=' . $id . '" type="wrn', 130);
                $output .= '
                </td>
                <td>';
            }
            // only GM with update permission can send mail, mail can send items, so update permission is needed
            if ($user_lvl >= $action_permission["update"]) {
                makebutton(lang("char", "send_mail"), 'mail.php?type=ingame_mail&amp;to=' . $char["name"] . '', 130);
                $output .= '
                </td>
                <td>';
            }
            makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130);
            $output .= '
                </td>
              </tr>
            </table>
            <br />
          </center>
          <!-- end of char_pets.php -->';
        } else {
            error(lang("char", "no_permission"));
        }
    } else {
        error(lang("char", "no_char_found"));
    }
}
function approve()
{
    global $output, $action_permission, $characters_db, $realm_id, $user_name, $arcm_db, $user_id, $hearthstone_credits, $sql, $core;
    valid_login($action_permission["view"]);
    $guid = $sql["char"]->quote_smart($_GET["char"]);
    $new1 = '';
    if (isset($_GET["new1"])) {
        $new1 = $sql["char"]->quote_smart($_GET["new1"]);
    }
    $new2 = '';
    if (isset($_GET["new2"])) {
        $new2 = $sql["char"]->quote_smart($_GET["new2"]);
    }
    if ($core == 1) {
        $query = "SELECT * FROM characters WHERE guid='" . $guid . "'";
    } elseif ($core == 2) {
        $query = "SELECT *, characters.guid AS guid,\n      characters.map AS mapId, characters.zone AS zoneId,\n      character_homebind.map AS bindmapId, character_homebind.zone AS bindzoneId\n      FROM characters LEFT JOIN character_homebind ON characters.guid=character_homebind.guid WHERE characters.guid='" . $guid . "'";
    } else {
        $query = "SELECT *, characters.guid AS guid,\n      characters.map AS mapId, characters.zone AS zoneId,\n      character_homebind.mapId AS bindmapId, character_homebind.zoneId AS bindzoneId\n      FROM characters LEFT JOIN character_homebind ON characters.guid=character_homebind.guid WHERE characters.guid='" . $guid . "'";
    }
    $char = $sql["char"]->fetch_assoc($sql["char"]->query($query));
    // credits
    if ($hearthstone_credits >= 0) {
        // get our credit balance
        $cr_query = "SELECT Credits FROM config_accounts WHERE Login='******'";
        $cr_result = $sql["mgr"]->query($cr_query);
        $cr_result = $sql["mgr"]->fetch_assoc($cr_result);
        $credits = $cr_result["Credits"];
    }
    // MaNGOS & Trinity don't automatically add a home bind location for a character.
    if ($core != 1) {
        if (!isset($char["bindmapId"])) {
            $query = "SELECT * FROM playercreateinfo WHERE race='" . $char["race"] . "' AND class='" . $char["class"] . "'";
            $result = $sql["world"]->query($query);
            $fields = $sql["world"]->fetch_assoc($result);
            $char["bindmapId"] = $fields["map"];
            $char["bindzoneId"] = $fields["zone"];
        }
    }
    $output .= '
          <div id="xname_fieldset" class="fieldset_border center">
            <span class="legend">' . lang("unstuck", "newloc_legend") . '</span>
            <form method="get" action="hearthstone.php" id="form">
              <div>
                <input type="hidden" name="action" value="save" />
                <input type="hidden" name="guid" value="' . $char["guid"] . '" />
              </div>
              <table id="xname_char_table" class="center">
                <tr>
                  <td rowspan="4" style="width: 170px;">
                    <div style="width: 64px; margin-left: auto; margin-right: auto;">
                      <img src="' . char_get_avatar_img($char["level"], $char["gender"], $char["race"], $char["class"]) . '" alt="" />
                    </div>
                  </td>
                  <td>
                    <span class="xname_char_name">' . $char["name"] . '</span>
                  </td>
                </tr>
                <tr>
                  <td>' . lang("unstuck", "level") . ': ' . $char["level"] . '</td>
                </tr>
                <tr>
                  <td>' . lang("unstuck", "race") . ': ' . char_get_race_name($char["race"]) . '</td>
                </tr>
                <tr>
                  <td>' . lang("unstuck", "class") . ': ' . char_get_class_name($char["class"]) . '</td>
                </tr>
                <tr>
                  <td>&nbsp;</td>
                </tr>';
    if ($hearthstone_credits > 0) {
        $cost_line = lang("unstuck", "credit_cost");
        $cost_line = str_replace("%1", '<b>' . $hearthstone_credits . '</b>', $cost_line);
        $output .= '
                <tr>
                  <td colspan="2">' . $cost_line . '</td>
                </tr>';
        if ($credits >= 0) {
            $credit_balance = lang("unstuck", "credit_balance");
            $credit_balance = str_replace("%1", '<b>' . (double) $credits . '</b>', $credit_balance);
            $output .= '
                <tr>
                  <td colspan="2">' . $credit_balance . '</td>
                </tr>';
            if ($credits < $hearthstone_credits) {
                $output .= '
                <tr>
                  <td colspan="2">' . lang("xacct", "insufficient_credits") . '</td>
                </tr>';
            } else {
                $output .= '
                <tr>
                  <td colspan="2">&nbsp;</td>
                </tr>
                <tr>
                  <td colspan="2">' . lang("xacct", "delay_warning") . '</td>
                </tr>';
            }
        } else {
            $output .= '
                <tr>
                  <td colspan="2">' . lang("global", "credits_unlimited") . '</td>
                </tr>';
        }
        $output .= '
                <tr>
                  <td colspan="2">&nbsp;</td>
                </tr>';
    }
    $output .= '
                <tr>
                  <td><b>' . lang("unstuck", "curloc") . ':</b></td>
                </tr>
                <tr>
                  <td>' . get_map_name($char["mapId"]) . '</td>
                  <td>' . get_zone_name($char["zoneId"]) . '</td>
                </tr>
                <tr>
                  <td>&nbsp;</td>
                </tr>
                <tr>
                  <td colspan="2"><b>' . lang("unstuck", "newloc") . ':</b></td>
                </tr>
                <tr>
                  <td>' . get_map_name($char["bindmapId"]) . '</td>
                  <td>' . get_zone_name($char["bindzoneId"]) . '</td>
                </tr>';
    // if we have unlimited credits, then we fake our credit balance here
    $credits = $credits < 0 ? $hearthstone_credits : $credits;
    if ($hearthstone_credits <= 0 || $credits >= $hearthstone_credits) {
        $output .= '
                <tr>
                  <td colspan="2">&nbsp;</td>
                </tr>
                <tr>
                  <td colspan="2">';
        makebutton(lang("unstuck", "save"), "javascript:do_submit()", 180);
        $output .= '
                  </td>
                </tr>';
    }
    $output .= '
              </table>
            </form>
          </div>
          <br />';
}
Esempio n. 7
0
function char_tools_form()
{
    global $output, $characters_db, $realm_id, $action_permission, $site_encoding, $showcountryflag, $sql;
    valid_login($action_permission["delete"]);
    if (isset($_GET["char"])) {
        $id = $_GET["char"];
    } else {
        error(lang("global", "empty_fields"));
    }
    if ($core == 1) {
        $result = $sql["char"]->query("SELECT guid, name, race, class, level, zoneid, mapid, online, gender\r\n      acct, data \r\n      FROM characters WHERE guid='" . $id . "'");
    } elseif ($core == 2) {
        $result = $sql["char"]->query("SELECT guid, name, race, class, level, zone AS zoneid, map AS mapid, \r\n      online, gender, totaltime, account AS acct,\r\n      arenaPoints, totalHonorPoints, totalKills\r\n      FROM characters WHERE guid='" . $id . "'");
    } else {
        $result = $sql["char"]->query("SELECT guid, name, race, class, level, zone AS zoneid, map AS mapid, \r\n      online, gender, totaltime, account AS acct, arenaPoints, totalHonorPoints, totalKills\r\n      FROM characters WHERE guid='" . $id . "'");
    }
    $char = $sql["char"]->fetch_assoc($result);
    if ($core == 1) {
        $char_data = $char["data"];
        if (empty($char_data)) {
            $char_data = str_repeat("0;", PLAYER_END);
        }
        $char_data = explode(";", $char_data);
    } else {
        $query = "SELECT * FROM characters\r\n                LEFT JOIN character_stats ON characters.guid=character_stats.guid\r\n              WHERE characters.guid='" . $id . "'";
        $char_data_result = $sql["char"]->query($query);
        $char_data_fields = $sql["char"]->fetch_assoc($char_data_result);
        $char_data[PLAYER_FIELD_HONOR_CURRENCY] = isset($char["totalHonorPoints"]) ? $char["totalHonorPoints"] : '&nbsp;';
        $char_data[PLAYER_FIELD_ARENA_CURRENCY] = isset($char["arenaPoints"]) ? $char["arenaPoints"] : '&nbsp;';
        $char_data[PLAYER_FIELD_LIFETIME_HONORBALE_KILLS] = isset($char["totalKills"]) ? $char["totalKills"] : '&nbsp;';
    }
    if ($core == 1) {
        $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_data WHERE playerid='" . $char["guid"] . "'"), 0);
        $guild_rank = $sql["char"]->result($sql["char"]->query("SELECT guildRank FROM guild_data WHERE playerid='" . $char["guid"] . "'"), 0);
        $guild_name = $sql["char"]->result($sql["char"]->query("SELECT guildName FROM guilds WHERE guildid='" . $guild_id . "'"));
    } else {
        $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_member WHERE guid='" . $char["guid"] . "'"), 0);
        $guild_rank = $sql["char"]->result($sql["char"]->query("SELECT rank AS guildRank FROM guild_member WHERE guid='" . $char["guid"] . "'"), 0);
        $guild_name = $sql["char"]->result($sql["char"]->query("SELECT name AS guildName FROM guild WHERE guildid='" . $guild_id . "'"));
    }
    $online = $char["online"] ? lang("char", "online") : lang("char", "offline");
    if ($guild_id) {
        $guild_name = '<a href="guild.php?action=view_guild&amp;realm=' . $realmid . '&amp;error=3&amp;id=' . $guild_id . '" >' . $guild_name . '</a>';
        $mrank = $guild_rank;
        if ($core == 1) {
            $guild_rank = $sql["char"]->result($sql["char"]->query('SELECT rankname FROM guild_ranks WHERE guildid=' . $guild_id . ' AND rankId=' . $mrank . ''), 0, 'rankname');
        } else {
            $guild_rank = $sql["char"]->result($sql["char"]->query('SELECT rname AS rankname FROM guild_rank WHERE guildid=' . $guild_id . ' AND rid=' . $mrank . ''), 0, 'rankname');
        }
    } else {
        $guild_name = lang("global", "none");
        $guild_rank = lang("global", "none");
    }
    $output .= '
          <center>
            <table class="hidden char_list_char_tools">
              <tr>
                <td class="char_tools_avatar">
                  <div>
                    <img src="' . char_get_avatar_img($char["level"], $char["gender"], $char["race"], $char["class"], 0) . '" alt="avatar" />
                  </div>
                </td>
                <td colspan="3">
                  <font class="bold">
                    ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' -
                    <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                    <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                   - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . '
                  </font>
                  <br />' . lang("char", "location") . ': ' . get_map_name($char["mapid"]) . ' - ' . get_zone_name($char["zoneid"]) . '
                  <br />' . lang("char", "honor_points") . ': ' . $char_data[PLAYER_FIELD_HONOR_CURRENCY] . ' | ' . lang("char", "arena_points") . ': ' . $char_data[PLAYER_FIELD_ARENA_CURRENCY] . ' | ' . lang("char", "honor_kills") . ': ' . $char_data[PLAYER_FIELD_LIFETIME_HONORBALE_KILLS] . '
                  <br />' . lang("char", "guild") . ': ' . $guild_name . ' | ' . lang("char", "rank") . ': ' . htmlentities($guild_rank, ENT_COMPAT, $site_encoding) . '
                  <br />' . lang("char", "online") . ': ' . ($char["online"] ? '<img src="img/up.gif" onmousemove="oldtoolTip(\'' . lang("char", "online") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="online" />' : '<img src="img/down.gif" onmousemove="oldtoolTip(\'' . lang("char", "offline") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="offline" />');
    if ($showcountryflag) {
        require_once 'libs/misc_lib.php';
        $country = misc_get_country_by_account($char["acct"]);
        $output .= ' | ' . lang("global", "country") . ': ' . ($country["code"] ? '<img src="img/flags/' . $country["code"] . '.png" onmousemove="oldtoolTip(\'' . $country["country"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />' : '-');
        unset($country);
    }
    $output .= '
                </td>
              </tr>
            </table>
            <br />
            <table class="hidden char_list_char_tools">
              <tr>
                <td>';
    makebutton(lang("xname", "changename"), "char_tools.php?char=" . $id, 150);
    $output .= '
                </td>
                <td>';
    makebutton(lang("xrace", "changerace"), "char_tools.php?char=" . $id, 150);
    $output .= '
                </td>
                <td>';
    makebutton(lang("unstuck", "unstuck"), "hearthstone.php?action=approve&amp;char=" . $id, 150);
    $output .= '
                </td>
              </tr>
              <tr>
                <td>';
    makebutton(lang("char_list", "transfer"), "change_char_account.php?action=chooseacct&amp;priority=1&amp;char=" . $id, 150);
    $output .= '
                </td>
                <td>';
    makebutton(lang("global", "back"), "char_list.php", 150);
    $output .= '
                </td>
              </tr>
            </table>
          </center>';
}
Esempio n. 8
0
function char_inv()
{
    global $output, $realm_id, $characters_db, $world_db, $corem_db, $site_encoding, $action_permission, $user_lvl, $user_name, $locales_search_option, $base_datasite, $item_datasite, $sql, $core;
    // this page uses wowhead tooltops
    //wowhead_tt();
    $cid = $_GET["id"];
    // we need at least an id or we would have nothing to show
    // also, make sure id is numeric to prevent SQL injection
    if (empty($_GET["id"]) || !is_numeric($cid)) {
        error(lang("global", "empty_fields"));
    }
    // this is multi realm support, as of writing still under development
    //  this page is already implementing it
    if (empty($_GET["realm"])) {
        $realmid = $realm_id;
    } else {
        $realmid = $sql["logon"]->quote_smart($_GET["realm"]);
        if (is_numeric($realmid)) {
            $sql["char"]->connect($characters_db[$realmid]["addr"], $characters_db[$realmid]["user"], $characters_db[$realmid]["pass"], $characters_db[$realmid]["name"], $characters_db[$realmid]["encoding"]);
        } else {
            $realmid = $realm_id;
        }
    }
    //-------------------SQL Injection Prevention--------------------------------
    // no point going further if we don have a valid ID
    // this_is_junk: char.php doesn't post account.   Why is this even here?
    //$acct = $sql["char"]->quote_smart($_GET["acct"]);
    //if (is_numeric($acct));
    //else error($lang_global["empty_fields"]);
    // getting character data from database
    if ($core == 1) {
        $result = $sql["char"]->query("SELECT acct, name, race, class, level, gender, gold, online\r\n      FROM characters WHERE guid='" . $cid . "' LIMIT 1");
    } else {
        $result = $sql["char"]->query("SELECT account AS acct, name, race, class, level, gender, money AS gold, online\r\n      FROM characters WHERE guid='" . $cid . "' LIMIT 1");
    }
    // no point going further if character does not exist
    if ($sql["char"]->num_rows($result)) {
        $char = $sql["char"]->fetch_assoc($result);
        // we get user permissions first
        $owner_acc_id = $sql["char"]->result($result, 0, "acct");
        if ($core == 1) {
            $query = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $owner_acc_id . "'");
        } else {
            $query = $sql["logon"]->query("SELECT username as login FROM account WHERE id='" . $owner_acc_id . "'");
        }
        $owner_name = $sql["logon"]->result($query, 0, "login");
        $s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='******'";
        $s_result = $sql["mgr"]->query($s_query);
        $s_fields = $sql["mgr"]->fetch_assoc($s_result);
        $owner_gmlvl = $s_fields["gm"];
        $view_mod = $s_fields["View_Mod_Inv"];
        if ($owner_gmlvl >= 1073741824) {
            $owner_gmlvl -= 1073741824;
        }
        // owner configured overrides
        $view_override = false;
        if ($view_mod > 0) {
            if ($view_mod == 1) {
            } elseif ($view_mod == 2) {
                // only registered users may view this page
                if ($user_lvl > -1) {
                    $view_override = true;
                }
            }
        }
        // visibility overrides for specific tabs
        $view_talent_override = false;
        if ($s_fields["View_Mod_Talent"] > 0) {
            if ($s_fields["View_Mod_Talent"] == 1) {
            } elseif ($s_fields["View_Mod_Talent"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_talent_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_talent_override = true;
            }
        }
        $view_achieve_override = false;
        if ($s_fields["View_Mod_Achieve"] > 0) {
            if ($s_fields["View_Mod_Achieve"] == 1) {
            } elseif ($s_fields["View_Mod_Achieve"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_achieve_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_achieve_override = true;
            }
        }
        $view_quest_override = false;
        if ($s_fields["View_Mod_Quest"] > 0) {
            if ($s_fields["View_Mod_Quest"] == 1) {
            } elseif ($s_fields["View_Mod_Quest"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_quest_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_quest_override = true;
            }
        }
        $view_friends_override = false;
        if ($s_fields["View_Mod_Friends"] > 0) {
            if ($s_fields["View_Mod_Friends"] == 1) {
            } elseif ($s_fields["View_Mod_Friends"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_friends_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_friends_override = true;
            }
        }
        $view_view_override = false;
        if ($s_fields["View_Mod_View"] > 0) {
            if ($s_fields["View_Mod_View"] == 1) {
            } elseif ($s_fields["View_Mod_View"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_view_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_view_override = true;
            }
        }
        // find out what mode we're in View or Delete (0 = View, 1 = Delete)
        $mode = isset($_GET["mode"]) ? $_GET["mode"] : 0;
        // only the character's owner or a GM with Delete privs can enter Delete Mode
        if ($owner_name != $user_name) {
            if ($user_lvl < $action_permission["delete"]) {
                $mode = 0;
            } else {
                $mode = $mode;
            }
        }
        // View Mode is only availble on characters that are offline
        if ($char["online"] != 0) {
            $mode = 0;
        }
        // check user permission
        if ($view_override || $user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
            // main data that we need for this page, character inventory
            if ($core == 1) {
                $result = $sql["char"]->query("SELECT \r\n          containerslot, slot, entry, enchantments AS enchantment, randomprop AS property, count, flags\r\n          FROM playeritems WHERE ownerguid='" . $cid . "' ORDER BY containerslot, slot");
            } elseif ($core == 2) {
                $result = $sql["char"]->query("SELECT \r\n          bag, slot, item_template AS entry, item, \r\n          SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 11), ' ', -1) AS creator,\r\n          SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 23), ' ', -1) AS enchantment, \r\n          SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 60), ' ', -1) AS property, \r\n          SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 15), ' ', -1) AS count,\r\n          SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 62), ' ', -1) AS durability,\r\n          SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 22), ' ', -1) AS flags\r\n          FROM character_inventory LEFT JOIN item_instance ON character_inventory.item=item_instance.guid\r\n          WHERE character_inventory.guid='" . $cid . "' ORDER BY bag, slot");
            } else {
                $result = $sql["char"]->query("SELECT \r\n          bag, slot, itemEntry AS entry, item, \r\n          creatorGuid AS creator,\r\n          enchantments AS enchantment, \r\n          randomPropertyId AS property, \r\n          count, durability, flags\r\n          FROM character_inventory \r\n            LEFT JOIN item_instance ON character_inventory.item=item_instance.guid\r\n          WHERE character_inventory.guid='" . $cid . "' ORDER BY bag, slot");
            }
            //---------------Page Specific Data Starts Here--------------------------
            // lets start processing first before we display anything
            //  we have lots to do for inventory
            // character bags, 1 main + 4 additional
            $bag = array(0 => array(), 1 => array(), 2 => array(), 3 => array(), 4 => array());
            // character bank, 1 main + 7 additional
            $bank = array(0 => array(), 1 => array(), 2 => array(), 3 => array(), 4 => array(), 5 => array(), 6 => array(), 7 => array());
            // this is where we will put items that are in main bag
            $bag_id = array();
            // this is where we will put items that are in main bank
            $bank_bag_id = array();
            // this is where we will put items that are in character bags, 4 arrays, 1 for each
            $equiped_bag_id = array(0, 0, 0, 0, 0);
            // this is where we will put items that are in bank bangs, 7 arrays, 1 for each
            $equip_bnk_bag_id = array(0, 0, 0, 0, 0, 0, 0, 0);
            // we load the things in each bag slot
            while ($slot = $sql["char"]->fetch_assoc($result)) {
                if ($core == 1) {
                    if ($slot["containerslot"] == -1 && $slot["slot"] > 18) {
                        if ($slot["slot"] < 23) {
                            $bag_id[$slot["slot"]] = $slot["slot"] - 18;
                            $equiped_bag_id[$slot["slot"] - 18] = array($slot["entry"], $sql["world"]->result($sql["world"]->query("SELECT containerslots FROM items\r\n                  WHERE entry='" . $slot["entry"] . "'"), 0, "containerslots"), $slot["count"]);
                        } elseif ($slot["slot"] < 39) {
                            $i_query = "SELECT \r\n                *, description AS description1, name1 AS name, quality AS Quality, inventorytype AS InventoryType, \r\n                socket_color_1 AS socketColor_1, socket_color_2 AS socketColor_2, socket_color_3 AS socketColor_3,\r\n                requiredlevel AS RequiredLevel, allowableclass AS AllowableClass,\r\n                sellprice AS SellPrice, itemlevel AS ItemLevel\r\n                FROM items " . ($locales_search_option != 0 ? "LEFT JOIN items_localized ON (items_localized.entry=items.entry AND language_code='" . $locales_search_option . "') " : " ") . "WHERE items.entry='" . $slot["entry"] . "'";
                            $i_result = $sql["world"]->query($i_query);
                            $i = $sql["world"]->fetch_assoc($i_result);
                            if (isset($bag[0][$slot["slot"] - 23])) {
                                $bag[0][$slot["slot"] - 23][0]++;
                            } else {
                                $bag[0][$slot["slot"] - 23] = array($slot["entry"], 0, $slot["count"], $i, $slot["enchantment"], $slot["property"], $slot["creator"], $slot["durability"], $slot["flags"], $slot["bag"], $slot["slot"]);
                            }
                        } elseif ($slot["slot"] < 67) {
                            $i_query = "SELECT\r\n                *, description AS description1, name1 AS name, quality AS Quality, inventorytype AS InventoryType, \r\n                socket_color_1 AS socketColor_1, socket_color_2 AS socketColor_2, socket_color_3 AS socketColor_3,\r\n                requiredlevel AS RequiredLevel, allowableclass AS AllowableClass,\r\n                sellprice AS SellPrice, itemlevel AS ItemLevel\r\n                FROM items " . ($locales_search_option != 0 ? "LEFT JOIN items_localized ON (items_localized.entry=items.entry AND language_code='" . $locales_search_option . "') " : " ") . "WHERE items.entry='" . $slot["entry"] . "'";
                            $i_result = $sql["world"]->query($i_query);
                            $i = $sql["world"]->fetch_assoc($i_result);
                            $bank[0][$slot["slot"] - 39] = array($slot["entry"], 0, $slot["count"], $i, $slot["enchantment"], $slot["property"], $slot["creator"], $slot["durability"], $slot["flags"], $slot["bag"], $slot["slot"]);
                        } elseif ($slot["slot"] < 74) {
                            $bank_bag_id[$slot["slot"]] = $slot["slot"] - 66;
                            $equip_bnk_bag_id[$slot["slot"] - 66] = array($slot["entry"], $sql["world"]->result($sql["world"]->query("SELECT containerslots FROM items\r\n                  WHERE entry='" . $slot["entry"] . "'"), 0, "containerslots"), $slot["count"]);
                        }
                    } else {
                        // Bags
                        if (isset($bag_id[$slot["containerslot"]])) {
                            $i_query = "SELECT\r\n                *, description AS description1, name1 AS name, quality AS Quality, inventorytype AS InventoryType, \r\n                socket_color_1 AS socketColor_1, socket_color_2 AS socketColor_2, socket_color_3 AS socketColor_3,\r\n                requiredlevel AS RequiredLevel, allowableclass AS AllowableClass,\r\n                sellprice AS SellPrice, itemlevel AS ItemLevel\r\n                FROM items " . ($locales_search_option != 0 ? "LEFT JOIN items_localized ON (items_localized.entry=items.entry AND language_code='" . $locales_search_option . "') " : " ") . "WHERE items.entry='" . $slot["entry"] . "'";
                            $i_result = $sql["world"]->query($i_query);
                            $i = $sql["world"]->fetch_assoc($i_result);
                            if (isset($bag[$bag_id[$slot["containerslot"]]][$slot["slot"]])) {
                                $bag[$bag_id[$slot["containerslot"]]][$slot["slot"]][1]++;
                            } else {
                                $bag[$bag_id[$slot["containerslot"]]][$slot["slot"]] = array($slot["entry"], 0, $slot["count"], $i, $slot["enchantment"], $slot["property"], $slot["creator"], $slot["durability"], $slot["flags"], $slot["bag"], $slot["slot"]);
                            }
                        } elseif (isset($bank_bag_id[$slot["containerslot"]])) {
                            $i_query = "SELECT\r\n                *, description AS description1, name1 AS name, quality AS Quality, inventorytype AS InventoryType, \r\n                socket_color_1 AS socketColor_1, socket_color_2 AS socketColor_2, socket_color_3 AS socketColor_3,\r\n                requiredlevel AS RequiredLevel, allowableclass AS AllowableClass,\r\n                sellprice AS SellPrice, itemlevel AS ItemLevel\r\n                FROM items " . ($locales_search_option != 0 ? "LEFT JOIN items_localized ON (items_localized.entry=items.entry AND language_code='" . $locales_search_option . "') " : " ") . "WHERE items.entry='" . $slot["entry"] . "'";
                            $i_result = $sql["world"]->query($i_query);
                            $i = $sql["world"]->fetch_assoc($i_result);
                            $bank[$bank_bag_id[$slot["containerslot"]]][$slot["slot"]] = array($slot["entry"], 0, $slot["count"], $i, $slot["enchantment"], $slot["property"], $slot["creator"], $slot["durability"], $slot["flags"], $slot["bag"], $slot["slot"]);
                        }
                    }
                } else {
                    if ($slot["bag"] == 0 && $slot["slot"] > 18) {
                        if ($slot["slot"] < 23) {
                            $bag_id[$slot["item"]] = $slot["slot"] - 18;
                            $equiped_bag_id[$slot["slot"] - 18] = array($slot["entry"], $sql["world"]->result($sql["world"]->query("SELECT ContainerSlots FROM item_template\r\n                  WHERE entry='" . $slot["entry"] . "'"), 0, "containerslots"), $slot["count"]);
                        } elseif ($slot["slot"] < 39) {
                            $i_query = "SELECT *, description AS description1 FROM item_template " . ($locales_search_option != 0 ? "LEFT JOIN locales_item ON locales_item.entry=item_template.entry " : " ") . "WHERE item_template.entry='" . $slot["entry"] . "'";
                            $i_result = $sql["world"]->query($i_query);
                            $i = $sql["world"]->fetch_assoc($i_result);
                            if (isset($bag[0][$slot["slot"] - 23])) {
                                $bag[0][$slot["slot"] - 23][0]++;
                            } else {
                                $bag[0][$slot["slot"] - 23] = array($slot["entry"], 0, $slot["count"], $i, $slot["enchantment"], $slot["property"], $slot["creator"], $slot["durability"], $slot["flags"], $slot["bag"], $slot["slot"]);
                            }
                        } elseif ($slot["slot"] < 67) {
                            $i_query = "SELECT *, description AS description1 FROM item_template " . ($locales_search_option != 0 ? "LEFT JOIN locales_item ON locales_item.entry=item_template.entry " : " ") . "WHERE item_template.entry='" . $slot["entry"] . "'";
                            $i_result = $sql["world"]->query($i_query);
                            $i = $sql["world"]->fetch_assoc($i_result);
                            $bank[0][$slot["slot"] - 39] = array($slot["entry"], 0, $slot["count"], $i, $slot["enchantment"], $slot["property"], $slot["creator"], $slot["durability"], $slot["flags"], $slot["bag"], $slot["slot"]);
                        } elseif ($slot["slot"] < 74) {
                            $bank_bag_id[$slot["item"]] = $slot["slot"] - 66;
                            $equip_bnk_bag_id[$slot["slot"] - 66] = array($slot["entry"], $sql["world"]->result($sql["world"]->query('SELECT ContainerSlots FROM item_template
                  WHERE entry = ' . $slot["entry"] . ''), 0, "ContainerSlots"), $slot["count"]);
                        }
                    } else {
                        // Bags
                        if (isset($bag_id[$slot["bag"]])) {
                            $i_query = "SELECT *, description AS description1 FROM item_template " . ($locales_search_option != 0 ? "LEFT JOIN locales_item ON locales_item.entry=item_template.entry " : " ") . "WHERE item_template.entry='" . $slot["entry"] . "'";
                            $i_result = $sql["world"]->query($i_query);
                            $i = $sql["world"]->fetch_assoc($i_result);
                            if (isset($bag[$bag_id[$slot["bag"]]][$slot["slot"]])) {
                                $bag[$bag_id[$slot["bag"]]][$slot["slot"]][1]++;
                            } else {
                                $bag[$bag_id[$slot["bag"]]][$slot["slot"]] = array($slot["entry"], 0, $slot["count"], $i, $slot["enchantment"], $slot["property"], $slot["creator"], $slot["durability"], $slot["flags"], $slot["bag"], $slot["slot"]);
                            }
                        } elseif (isset($bank_bag_id[$slot["bag"]])) {
                            $i_query = "SELECT *, description AS description1 FROM item_template " . ($locales_search_option != 0 ? "LEFT JOIN locales_item ON locales_item.entry=item_template.entry " : " ") . "WHERE item_template.entry='" . $slot["entry"] . "'";
                            $i_result = $sql["world"]->query($i_query);
                            $i = $sql["world"]->fetch_assoc($i_result);
                            $bank[$bank_bag_id[$slot["bag"]]][$slot["slot"]] = array($slot["entry"], 0, $slot["count"], $i, $slot["enchantment"], $slot["property"], $slot["creator"], $slot["durability"], $slot["flags"], $slot["bag"], $slot["slot"]);
                        }
                    }
                }
            }
            unset($slot);
            unset($bag_id);
            unset($bank_bag_id);
            unset($result);
            //------------------------Character Tabs---------------------------------
            // we start with a lead of 10 spaces,
            //  because last line of header is an opening tag with 8 spaces
            //  keep html indent in sync, so debuging from browser source would be easy to read
            $output .= '
          <!-- start of char_inv.php -->
            <div class="tab">
              <ul>
                <li><a href="char.php?id=' . $cid . '&amp;realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>';
            $output .= '
                <li class="selected"><a href="char_inv.php?id=' . $cid . '&amp;realm=' . $realmid . '">' . lang("char", "inventory") . '</a></li>';
            if ($view_talent_override) {
                $output .= '
                ' . ($char["level"] < 10 ? '' : '<li><a href="char_talent.php?id=' . $cid . '&amp;realm=' . $realmid . '">' . lang("char", "talents") . '</a></li>') . '';
            }
            if ($view_achieve_override) {
                $output .= '
                <li><a href="char_achieve.php?id=' . $cid . '&amp;realm=' . $realmid . '">' . lang("char", "achievements") . '</a></li>';
            }
            if ($view_quest_override) {
                $output .= '
                <li><a href="char_quest.php?id=' . $cid . '&amp;realm=' . $realmid . '">' . lang("char", "quests") . '</a></li>';
            }
            if ($view_friends_override) {
                $output .= '
                <li><a href="char_friends.php?id=' . $cid . '&amp;realm=' . $realmid . '">' . lang("char", "friends") . '</a></li>';
            }
            if ($view_view_override) {
                $output .= '
                <li><a href="char_view.php?id=' . $cid . '&amp;realm=' . $realmid . '">' . lang("char", "view") . '</a></li>';
            }
            $output .= '
              </ul>
            </div>
            <div class="tab_content center" id="ch_inv_bags_wrap">
              <span class="bold">
                ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' -
                <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif"
                  onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                <img src="img/c_icons/' . $char["class"] . '.gif"
                  onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . '
              </span>
              <br />
              <br />
              <table class="lined" id="ch_inv_bags">
                <tr>';
            //---------------Page Specific Data Starts Here--------------------------
            // equipped bags
            for ($i = 4; $i > 0; --$i) {
                $output .= '
                  <th>';
                if ($equiped_bag_id[$i]) {
                    $output .= '
                    <a href="' . $base_datasite . $item_datasite . $equiped_bag_id[$i][0] . '" rel="external">
                      <img class="bag_icon" src="' . get_item_icon($equiped_bag_id[$i][0]) . '" alt="" />
                    </a>
                    ' . lang("item", "bag") . ' ' . $i . '<br />
                    <span class="small">' . $equiped_bag_id[$i][1] . ' ' . lang("item", "slots") . '</span>';
                }
                $output .= '
                  </th>';
            }
            $output .= '
                </tr>
                <tr>';
            // equipped bag slots
            for ($t = 4; $t > 0; --$t) {
                // this_is_junk: style left hardcoded because it's calculated.
                $output .= '
                  <td align="center">
                    <div class="bag" style="width: ' . 4 * 43 . 'px; height: ' . ceil($equiped_bag_id[$t][1] / 4) * 41 . 'px;">';
                $dsp = $equiped_bag_id[$t][1] % 4;
                if ($dsp) {
                    $output .= '
                      <div class="no_slot"></div>';
                }
                foreach ($bag[$t] as $pos => $item) {
                    // this_is_junk: style left hardcoded because it's calculated.
                    $item[2] = $item[2] == 1 ? '' : $item[2];
                    $output .= '
                      <div class="bag_slot" style="left: ' . (($pos + $dsp) % 4 * 43 + 4) . 'px; top: ' . (floor(($pos + $dsp) / 4) * 41 + 4) . 'px;">
                        <a href="' . $base_datasite . $item_datasite . $item[0] . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . $t . 'p' . $pos . ($pos + $dsp) % 4 * 42 . 'x' . floor(($pos + $dsp) / 4) * 41 . '\');" onmouseout="HideTooltip(\'_b' . $t . 'p' . $pos . ($pos + $dsp) % 4 * 42 . 'x' . floor(($pos + $dsp) / 4) * 41 . '\');">
                          <img src="' . get_item_icon($item[0]) . '" alt="" class="inv_icon" />
                        </a>';
                    if ($mode) {
                        $output .= '
                        <div>
                          <a href="char_inv.php?action=delete_item&amp;id=' . $cid . '&amp;bag=' . $item[9] . '&amp;slot=' . $item[10] . '&amp;item=' . $item[0] . '&amp;mode=' . $mode . '">
                            <img src="img/aff_cross.png" class="ch_inv_delete" alt="" />
                          </a>
                        </div>';
                    } else {
                        $output .= '
                        <div class="ch_inv_quantity_shadow">' . $item[2] . '</div>
                        <div class="ch_inv_quantity">' . $item[2] . '</div>';
                    }
                    $output .= '
                      </div>';
                    // build a tooltip object for this item
                    $output .= '
                      <div class="item_tooltip" id="tooltip_b' . $t . 'p' . $pos . ($pos + $dsp) % 4 * 42 . 'x' . floor(($pos + $dsp) / 4) * 41 . '" style="left: ' . (($pos + $dsp) % 4 * 42 - 129) . 'px; top: ' . (floor(($pos + $dsp) / 4) * 41 + 42) . 'px;">
                        <table>
                          <tr>
                            <td>' . get_item_tooltip($item[3], $item[4], $item[5], $item[6], $item[7], $item[8]) . '</td>
                          </tr>
                        </table>
                      </div>';
                }
                $output .= '
                    </div>
                  </td>';
            }
            unset($equiped_bag_id);
            // this_is_junk: style left hardcoded because it's calculated.
            $output .= '
                </tr>
                <tr>
                  <th colspan="2" align="left">
                    <img class="bag_icon" src="' . get_item_icon(3960) . '" alt="" id="ch_backpack_icon_margin" />
                    <span id="ch_backpack_name_margin">' . lang("char", "backpack") . '</span>
                  </th>
                  <th colspan="2">
                    ' . lang("char", "bank_items") . '
                  </th>
                </tr>
                <tr>
                  <td colspan="2" style="height: 220px; text-align: center;">
                    <div class="bag" id="ch_backpack" style="width: ' . 4 * 43 . 'px; height: ' . ceil(16 / 4) * 41 . 'px;">';
            // inventory items
            foreach ($bag[0] as $pos => $item) {
                // this_is_junk: style left hardcoded because it's calculated.
                $item[2] = $item[2] == 1 ? '' : $item[2];
                $output .= '
                      <div class="bag_slot" style="left: ' . ($pos % 4 * 43 + 4) . 'px; top: ' . (floor($pos / 4) * 41 + 4) . 'px;">
                        <a href="' . $base_datasite . $item_datasite . $item[0] . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . $t . 'p' . $pos . $pos % 4 * 42 . 'x' . floor($pos / 4) * 41 . '\');" onmouseout="HideTooltip(\'_b' . $t . 'p' . $pos . $pos % 4 * 42 . 'x' . floor($pos / 4) * 41 . '\');">
                          <img src="' . get_item_icon($item[0]) . '" class="inv_icon" alt="" />
                        </a>';
                if ($mode) {
                    $output .= '
                        <div>
                          <a href="char_inv.php?action=delete_item&amp;id=' . $cid . '&amp;bag=' . $item[9] . '&amp;slot=' . $item[10] . '&amp;item=' . $item[0] . '&amp;mode=' . $mode . '">
                            <img src="img/aff_cross.png" class="ch_inv_delete" alt="" />
                          </a>
                        </div>';
                } else {
                    $output .= '
                        <div class="ch_inv_quantity_shadow">' . $item[2] . '</div>
                        <div class="ch_inv_quantity">' . $item[2] . '</div>';
                }
                $output .= '
                      </div>';
                // build a tooltip object for this item
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . $t . 'p' . $pos . $pos % 4 * 42 . 'x' . floor($pos / 4) * 41 . '" style="left: ' . ($pos % 4 * 42 - 129) . 'px; top: ' . (floor($pos / 4) * 41 + 42) . 'px;">
                        <table>
                          <tr>
                            <td>' . get_item_tooltip($item[3], $item[4], $item[5], $item[6], $item[7], $item[8]) . '</td>
                          </tr>
                        </table>
                      </div>';
            }
            unset($bag);
            $output .= '
                    </div>
                    <div id="ch_money">
                      <b>
                        ' . substr($char["gold"], 0, -4) . '<img src="img/gold.gif" alt="gold" style="position: relative; bottom: -6px;" />
                        ' . substr($char["gold"], -4, 2) . '<img src="img/silver.gif" alt="silver" style="position: relative; bottom: -6px;" />
                        ' . substr($char["gold"], -2) . '<img src="img/copper.gif" alt="copper" style="position: relative; bottom: -6px;" />
                      </b>
                    </div>
                  </td>
                  <td colspan="2" align="center">
                    <div class="bag bank" style="width: ' . (7 * 43 + 2) . 'px; height: ' . ceil(24 / 7) * 41 . 'px;">';
            // bank items
            foreach ($bank[0] as $pos => $item) {
                // this_is_junk: style left hardcoded because it's calculated.
                $item[2] = $item[2] == 1 ? '' : $item[2];
                $output .= '
                      <div class="bag_slot" style="left: ' . ($pos % 7 * 43 + 4) . 'px; top: ' . (floor($pos / 7) * 41 + 4) . 'px;">
                        <a href="' . $base_datasite . $item_datasite . $item[0] . '" rel="external" onmouseover="ShowTooltip(this,\'_bbp' . $pos . $pos % 7 * 43 . 'x' . floor($pos / 7) * 41 . '\');" onmouseout="HideTooltip(\'_bbp' . $pos . $pos % 7 * 43 . 'x' . floor($pos / 7) * 41 . '\');">
                          <img src="' . get_item_icon($item[0]) . '" class="inv_icon" alt="" />
                        </a>';
                if ($mode) {
                    $output .= '
                        <div>
                          <a href="char_inv.php?action=delete_item&amp;id=' . $cid . '&amp;bag=' . $item[9] . '&amp;slot=' . $item[10] . '&amp;item=' . $item[0] . '&amp;mode=' . $mode . '">
                            <img src="img/aff_cross.png" class="ch_inv_delete" alt="" />
                          </a>
                        </div>';
                } else {
                    $output .= '
                        <div class="ch_inv_quantity_shadow">' . $item[2] . '</div>
                        <div class="ch_inv_quantity">' . $item[2] . '</div>';
                }
                $output .= '
                      </div>';
                // build a tooltip object for this item
                $output .= '
                      <div class="item_tooltip" id="tooltip_bbp' . $pos . $pos % 7 * 43 . 'x' . floor($pos / 7) * 41 . '" style="left: ' . ($pos % 7 * 43 - 129) . 'px; top: ' . (floor($pos / 7) * 41 + 42) . 'px;">
                        <table>
                          <tr>
                            <td>' . get_item_tooltip($item[3], $item[4], $item[5], $item[6], $item[7], $item[8]) . '</td>
                          </tr>
                        </table>
                      </div>';
            }
            $output .= '
                    </div>
                  </td>
                </tr>
                <tr>';
            // equipped bank bags, first 4
            for ($i = 1; $i < 5; ++$i) {
                $output .= '
                  <th>';
                if ($equip_bnk_bag_id[$i]) {
                    $output .= '
                    <a href="' . $base_datasite . $item_datasite . $equip_bnk_bag_id[$i][0] . '" rel="external">
                      <img class="bag_icon" src="' . get_item_icon($equip_bnk_bag_id[$i][0]) . '" alt="" />
                    </a>
                    ' . lang("item", "bag") . ' ' . $i . '<br />
                    <span class="small">' . $equip_bnk_bag_id[$i][1] . ' ' . lang("item", "slots") . '</span>';
                }
                $output .= '
                  </th>';
            }
            $output .= '
                </tr>
                <tr>';
            // equipped bank bag slots
            for ($t = 1; $t < 8; ++$t) {
                // equipped bank bags, last 3
                if ($t === 5) {
                    $output .= '
                </tr>
                <tr>';
                    for ($i = 5; $i < 8; ++$i) {
                        $output .= '
                  <th>';
                        if ($equip_bnk_bag_id[$i]) {
                            $output .= '
                    <a href="' . $base_datasite . $item_datasite . $equip_bnk_bag_id[$i][0] . '" rel="external">
                      <img class="bag_icon" src="' . get_item_icon($equip_bnk_bag_id[$i][0]) . '" alt="" />
                    </a>
                    ' . lang("item", "bag") . ' ' . $i . '<br />
                    <span class="small">' . $equip_bnk_bag_id[$i][1] . ' ' . lang("item", "slots") . '</span>';
                        }
                        $output .= '
                  </th>';
                    }
                    $output .= '
                  <th>
                  </th>
                </tr>
                <tr>';
                }
                // this_is_junk: style left hardcoded because it's calculated.
                $output .= '
                  <td align="center">
                    <div class="bag bank" style="width: ' . (4 * 43 + 2) . 'px; height: ' . ceil($equip_bnk_bag_id[$t][1] / 4) * 41 . 'px;">';
                $dsp = $equip_bnk_bag_id[$t][1] % 4;
                if ($dsp) {
                    $output .= '
                      <div class="no_slot"></div>';
                }
                foreach ($bank[$t] as $pos => $item) {
                    // this_is_junk: style left hardcoded because it's calculated.
                    $item[2] = $item[2] == 1 ? '' : $item[2];
                    $output .= '
                      <div class="bag_slot" style="left: ' . (($pos + $dsp) % 4 * 43 + 4) . 'px; top: ' . (floor(($pos + $dsp) / 4) * 41 + 4) . 'px;">
                        <a href="' . $base_datasite . $item_datasite . $item[0] . '" rel="external" onmouseover="ShowTooltip(this,\'_bb' . $t . 'p' . $pos . ($pos + $dsp) % 4 * 43 . 'x' . floor(($pos + $dsp) / 4) * 41 . '\');" onmouseout="HideTooltip(\'_bb' . $t . 'p' . $pos . ($pos + $dsp) % 4 * 43 . 'x' . floor(($pos + $dsp) / 4) * 41 . '\');">
                          <img src="' . get_item_icon($item[0]) . '" class="inv_icon" alt="" />
                        </a>';
                    if ($mode) {
                        $output .= '
                        <div>
                          <a href="char_inv.php?action=delete_item&amp;id=' . $cid . '&amp;bag=' . $item[9] . '&amp;slot=' . $item[10] . '&amp;item=' . $item[0] . '&amp;mode=' . $mode . '">
                            <img src="img/aff_cross.png" class="ch_inv_delete" alt="" />
                          </a>
                        </div>';
                    } else {
                        $output .= '
                        <div class="ch_inv_quantity_shadow">' . $item[2] . '</div>
                        <div class="ch_inv_quantity">' . $item[2] . '</div>';
                    }
                    $output .= '
                      </div>';
                    // build a tooltip object for this item
                    $output .= '
                      <div class="item_tooltip" id="tooltip_bb' . $t . 'p' . $pos . ($pos + $dsp) % 4 * 43 . 'x' . floor(($pos + $dsp) / 4) * 41 . '" style="left: ' . (($pos + $dsp) % 4 * 43 - 129) . 'px; top: ' . (floor(($pos + $dsp) / 4) * 41 + 42) . 'px;">
                        <table>
                          <tr>
                            <td>' . get_item_tooltip($item[3], $item[4], $item[5], $item[6], $item[7], $item[8]) . '</td>
                          </tr>
                        </table>
                      </div>';
                }
                $output .= '
                    </div>
                  </td>';
            }
            unset($equip_bnk_bag_id);
            unset($bank);
            $output .= '
                  <td><div class="bag bank"></div></td>';
            //---------------Page Specific Data Ends here----------------------------
            //---------------Character Tabs Footer-----------------------------------
            $output .= '
                </tr>
              </table>
            </div>
            <br />
            <table class="hidden">
              <tr>
                <td>';
            // button to user account page, user account page has own security
            makebutton(lang("char", "chars_acc"), 'user.php?action=edit_user&amp;id=' . $owner_acc_id . '', 130);
            $output .= '
                </td>
                <td>';
            // show Delete Mode / View Mode button depending on current mode
            if ($mode) {
                makebutton(lang("char", "viewmode"), 'char_inv.php?id=' . $cid . '&amp;realm=' . $realmid . '&amp;mode=0" type="def', 130);
            } else {
                makebutton(lang("char", "deletemode"), 'char_inv.php?id=' . $cid . '&amp;realm=' . $realmid . '&amp;mode=1" type="def', 130);
            }
            $output .= '
                </td>
                <td>';
            // only higher level GM with delete access can edit character
            //  character edit allows removal of character items, so delete permission is needed
            if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"]) {
                //makebutton($lang_char["edit_button"], 'char_edit.php?id='.$cid.'&amp;realm='.$realmid.'', 130);
                $output .= '
                </td>
                <td>';
            }
            // only higher level GM with delete access, or character owner can delete character
            if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"] || $owner_name === $user_name) {
                makebutton(lang("char", "del_char"), 'char_list.php?action=del_char_form&amp;check%5B%5D=' . $cid . '" type="wrn', 130);
                $output .= '
                </td>
                <td>';
            }
            // only GM with update permission can send mail, mail can send items, so update permission is needed
            if ($user_lvl >= $action_permission["update"]) {
                makebutton(lang("char", "send_mail"), 'mail.php?type=ingame_mail&amp;to=' . $char["name"] . '', 130);
                $output .= '
                </td>
                <td>';
            }
            makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130);
            $output .= '
                </td>
              </tr>
            </table>
            <br />
          <!-- end of char_inv.php -->';
        } else {
            error(lang("char", "no_permission"));
        }
    } else {
        error(lang("char", "no_char_found"));
    }
}
Esempio n. 9
0
function show_list()
{
    global $realm_id, $output, $logon_db, $characters_db, $itemperpage, $action_permission, $user_lvl, $sql, $core;
    valid_login($action_permission["view"]);
    if ($core == 1) {
        $query = "SELECT * FROM characters WHERE acct='" . $_SESSION["user_id"] . "'";
    } else {
        $query = "SELECT * FROM characters WHERE account='" . $_SESSION["user_id"] . "'";
    }
    $result = $sql["char"]->query($query);
    $num_rows = $sql["char"]->num_rows($result);
    $output .= '
        <table class="top_hidden">
          <tr>
            <td>
              <div class="half_frame fieldset_border center">
                <span class="legend">' . lang("ultra", "selectchar") . '</span>';
    if ($num_rows == 0) {
        // Localization
        $nochars = lang("ultra", "nochars");
        $nochars = str_replace("%1", $_SESSION["login"], $nochars);
        $output .= '
                <table>
                  <tr>
                    <td>
                      <b>' . $nochars . '</b>
                    </td>
                  </tr>
                  <tr>
                    <td>';
        makebutton(lang("global", "back"), "javascript:window.history.back()\" type=\"def", 130);
        $output .= '
                    </td>
                  </tr>
                </table>';
    } else {
        $output .= '
                <form method="get" action="ultra_vendor.php" id="form">
                  <div>
                    <input type="hidden" name="action" value="selected_char" />
                  </div>
                  <table class="lined" id="xname_char_table">
                    <tr>
                      <th class="xname_radio">&nbsp;</th>
                      <th class="xname_name">' . lang("xname", "char") . '</th>
                      <th class="xname_LRC">' . lang("xname", "lvl") . '</th>
                      <th class="xname_LRC">' . lang("xname", "race") . '</th>
                      <th class="xname_LRC">' . lang("xname", "class") . '</th>
                    </tr>';
        if ($num_rows > 1) {
            while ($field = $sql["char"]->fetch_assoc($result)) {
                $output .= '
                    <tr>
                      <td>
                        <input type="radio" name="charname" value="' . $field["name"] . '" />
                      </td>
                      <td>' . $field["name"] . '</td>
                      <td>' . char_get_level_color($field["level"]) . '</td>
                      <td>
                        <img src="img/c_icons/' . $field["race"] . '-' . $field["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($field["race"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                      </td>
                      <td>
                        <img src="img/c_icons/' . $field["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($field["class"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                      </td>
                    </tr>';
            }
        } else {
            $field = $sql["char"]->fetch_assoc($result);
            $output .= '
                    <tr>
                      <td>
                        <input type="radio" name="charname" value="' . $field["name"] . '" checked="true" />
                      </td>
                      <td>' . $field["name"] . '</td>
                      <td>' . char_get_level_color($field["level"]) . '</td>
                      <td>
                        <img src="img/c_icons/' . $field["race"] . '-' . $field["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($field["race"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                      </td>
                      <td>
                        <img src="img/c_icons/' . $field["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($field["class"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                      </td>
                      </td>
                    </tr>';
        }
        $output .= '
                    <tr>
                      <td class="hidden" colspan="3">';
        makebutton(lang("ultra", "select"), "javascript:do_submit()\" type=\"def", 180);
        $output .= '
                      </td>
                      <td class="hidden" colspan="2">';
        makebutton(lang("global", "back"), "javascript:window.history.back()\" type=\"def", 130);
        $output .= '
                      </td>
                    </tr>
                  </table>
                </form>';
    }
    $output .= '
              </div>
            </td>
          </tr>
        </table>';
}
function edit_user()
{
    global $output, $dbc_db, $corem_db, $logon_db, $characters_db, $corem_db, $realm_id, $invite_only, $timezone_offset, $user_name, $user_id, $expansion_select, $server, $developer_test_mode, $multi_realm_mode, $remember_me_checked, $achievement_point_points, $achievement_point_credits, $credits_fractional, $sql, $core;
    $refguid = $sql["mgr"]->result($sql["mgr"]->query("SELECT InvitedBy FROM point_system_invites WHERE PlayersAccount='" . $user_id . "'"), 0, 'InvitedBy');
    $referred_by = $sql["char"]->result($sql["char"]->query("SELECT name FROM characters WHERE guid='" . $refguid . "'"), 0, 'name');
    unset($refguid);
    if ($core == 1) {
        $query = "SELECT email, flags, lastip FROM accounts WHERE login='******'";
    } else {
        $query = "SELECT email, expansion AS flags, last_ip AS lastip FROM account WHERE username='******'";
    }
    if ($acc = $sql["logon"]->fetch_assoc($sql["logon"]->query($query))) {
        // if we have a screen name, we need to use it
        $screen_name_query = "SELECT *,\n        SUBSTRING_INDEX(SUBSTRING_INDEX(Avatar, ' ', 1), ' ', -1) AS avatarsex,\n        SUBSTRING_INDEX(SUBSTRING_INDEX(Avatar, ' ', 2), ' ', -1) AS avatarrace,\n        SUBSTRING_INDEX(SUBSTRING_INDEX(Avatar, ' ', 3), ' ', -1) AS avatarclass,\n        SUBSTRING_INDEX(SUBSTRING_INDEX(Avatar, ' ', 4), ' ', -1) AS avatarlevel\n        FROM config_accounts WHERE Login='******'";
        $screen_name = $sql["mgr"]->query($screen_name_query);
        $screen_name = $sql["mgr"]->fetch_assoc($screen_name);
        if ($screen_name["SecurityLevel"] >= 1073741824) {
            $screen_name["SecurityLevel"] -= 1073741824;
        }
        // ArcEmu: find out if we're using an encrypted password for this account
        if ($core == 1) {
            $pass_query = "SELECT * FROM accounts WHERE login='******' AND encrypted_password<>''";
            $pass_result = $sql["logon"]->query($pass_query);
            $arc_encrypted = $sql["logon"]->num_rows($pass_result);
        }
        $output .= '
            <script type="text/javascript" src="libs/js/sha1.js"></script>
            <script type="text/javascript">
              // <![CDATA[
                function do_submit_data ()
                {
                  var myForm = document.getElementById("form")';
        if ($core == 1) {
            if ($arc_encrypted) {
                $output .= '
                  myForm.pass.value = hex_sha1("' . strtoupper($user_name) . ':" + myForm.user_pass.value.toUpperCase());';
            } else {
                $output .= '
                  myForm.pass.value = myForm.user_pass.value;';
            }
        } else {
            $output .= '
                  myForm.pass.value = hex_sha1("' . strtoupper($user_name) . ':" + myForm.user_pass.value.toUpperCase());';
        }
        $output .= '
                  myForm.pass.value = myForm.pass.value.toUpperCase();
                  do_submit();
                }
              // ]]>
            </script>
            <div id="edit_fieldset" class="fieldset_border center">
              <span class="legend">' . lang("edit", "edit_acc") . '</span>
              <form method="post" action="edit.php?action=doedit_user" id="form">
                <div>
                  <input type="hidden" name="pass" value="" maxlength="256" />
                </div>
                <table class="flat" id="edit_fieldset_table">
                  <tr>
                    <td>' . lang("edit", "id") . ':</td>
                    <td colspan="2">' . htmlspecialchars($user_id) . '</td>
                  </tr>
                  <tr>
                    <td>' . lang("edit", "username") . ':</td>
                    <td colspan="2">' . htmlspecialchars($user_name) . '</td>
                  </tr>';
        if (!$screen_name["ScreenName"]) {
            $output .= '
                  <tr>
                    <td>' . lang("edit", "screenname") . ':</td>
                    <td colspan="2"><input type="text" name="screenname" size="42" maxlength="14" /></td>
                  </tr>';
        } else {
            $output .= '
                  <tr>
                    <td>' . lang("edit", "screenname") . ':</td>
                    <td colspan="2">' . htmlspecialchars($screen_name["ScreenName"]) . '</td>
                  </tr>';
        }
        $output .= '
                  <tr>
                    <td>' . lang("edit", "password") . ':</td>
                    <td colspan="2">
                      <input type="text" name="user_pass" size="39" maxlength="40" value="******" />
                      <img src="img/information.png" onmousemove="oldtoolTip(\'' . lang("edit", "pass_warning") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                    </td>
                  </tr>
                  <tr>
                    <td>' . lang("edit", "mail") . ':</td>';
        if ($screen_name["TempEmail"]) {
            $output .= '
                    <td colspan="2">
                      <a href="edit.php?action=cancel_email_change" >
                        <img src="img/aff_warn.gif" onmousemove="oldtoolTip(\'' . lang("edit", "email_changed") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                      </a>
                      <input type="text" name="mail" size="39" maxlength="225" value="' . $acc["email"] . '" />
                    </td>';
        } else {
            $output .= '
                    <td colspan="2"><input type="text" name="mail" size="42" maxlength="225" value="' . $acc["email"] . '" /></td>';
        }
        $output .= '
                  </tr>
                  <tr>
                    <td>' . lang("edit", "invited_by") . ':</td>
                    <td colspan="2">';
        if ($referred_by == NULL) {
            $output .= '
                      <input type="text" name="referredby" size="20" maxlength="12" value="' . $referred_by . '" /> (' . lang("user", "charname") . ')';
        } else {
            $output .= '
                    ' . htmlspecialchars($referred_by) . '';
        }
        $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td>' . lang("edit", "gm_level") . ':</td>
                    <td colspan="2">' . id_get_gm_level($screen_name["SecurityLevel"]) . ' ( ' . $screen_name["SecurityLevel"] . ' )</td>
                  </tr>
                  <tr>
                    <td>' . lang("edit", "last_ip") . ':</td>
                    <td colspan="2">' . htmlspecialchars($acc["lastip"]) . '</td>
                  </tr>';
        if ($expansion_select) {
            if ($core == 1) {
                $output .= '
                    <tr>
                      <td>' . lang("edit", "client_type") . ':</td>
                      <td colspan="2">
                        <select name="expansion">
                          <option value="24" ' . ($acc["flags"] == 24 ? 'selected="selected"' : '') . '>' . lang("edit", "wotlktbc") . '</option>
                          <option value="16" ' . ($acc["flags"] == 16 ? 'selected="selected"' : '') . '>' . lang("edit", "wotlk") . '</option>
                          <option value="8" ' . ($acc["flags"] == 8 ? 'selected="selected"' : '') . '>' . lang("edit", "tbc") . '</option>
                          <option value="0" ' . ($acc["flags"] == 0 ? 'selected="selected"' : '') . '>' . lang("edit", "classic") . '</option>
                        </select>
                      </td>
                    </tr>';
            } else {
                $output .= '
                    <tr>
                      <td>' . lang("edit", "client_type") . ':</td>
                      <td colspan="2">
                        <select name="expansion">
                          <option value="2" ' . ($acc["flags"] == 2 ? 'selected="selected"' : '') . '>' . lang("edit", "wotlktbc") . '</option>
                          <option value="1" ' . ($acc["flags"] == 1 ? 'selected="selected"' : '') . '>' . lang("edit", "tbc") . '</option>
                          <option value="0" ' . ($acc["flags"] == 0 ? 'selected="selected"' : '') . '>' . lang("edit", "classic") . '</option>
                        </select>
                      </td>
                    </tr>';
            }
        }
        $output .= '
                    <tr>
                      <td>' . lang("edit", "credits") . ':</td>
                      <td colspan="2">' . ($screen_name["Credits"] < 0 ? lang("edit", "unlimited") : (double) $screen_name["Credits"]) . '</td>
                    </tr>';
        foreach ($characters_db as $db) {
            $sqlt = new SQL();
            $sqlt->connect($db["addr"], $db["user"], $db["pass"], $db["name"], $db["encoding"]);
            if ($core == 1) {
                $query = "SELECT COUNT(*) FROM characters WHERE acct='" . $user_id . "'";
            } else {
                $query = "SELECT COUNT(*) FROM characters WHERE account='" . $user_id . "'";
            }
            $result = $sqlt->query($query);
            $fields = $sqlt->fetch_assoc($result);
            $c_count += $fields["COUNT(*)"];
        }
        $output .= '
                  <tr>
                    <td>' . lang("edit", "tot_chars") . ':</td>
                    <td colspan="2">' . $c_count . '</td>
                  </tr>';
        $total_achieve_points = 0;
        $realms = $sql["mgr"]->query("SELECT * FROM config_servers");
        if (1 < $sql["mgr"]->num_rows($realms) && 1 < count($server) && 1 < count($characters_db)) {
            while ($realm = $sql["mgr"]->fetch_assoc($realms)) {
                $sql["char"]->connect($characters_db[$realm["Index"]]["addr"], $characters_db[$realm["Index"]]["user"], $characters_db[$realm["Index"]]["pass"], $characters_db[$realm["Index"]]["name"], $characters_db[$realm["Index"]]["encoding"]);
                if ($core == 1) {
                    $result = $sql["char"]->query("SELECT guid, name, race, class, level, gender, timestamp,\n            IFNULL((SELECT SUM(points) FROM character_achievement LEFT JOIN `" . $dbc_db["name"] . "`.achievement ON `" . $dbc_db["name"] . "`.achievement.id=character_achievement.achievement WHERE character_achievement.guid=characters.guid), 0) AS ach_points\n            FROM characters WHERE acct='" . $user_id . "'");
                } else {
                    $result = $sql["char"]->query("SELECT guid, name, race, class, level, gender, logout_time AS timestamp,\n            IFNULL((SELECT SUM(points) FROM character_achievement LEFT JOIN `" . $dbc_db["name"] . "`.achievement ON `" . $dbc_db["name"] . "`.achievement.id=character_achievement.achievement WHERE character_achievement.guid=characters.guid), 0) AS ach_points\n            FROM characters WHERE account='" . $user_id . "'");
                }
                // calculate timezone offset
                $time_offset = $timezone_offset * 3600;
                $output .= '
                    <tr>
                      <td colspan="3">&nbsp;</td>
                    </tr>
                    <tr>
                      <td colspan="3">' . lang("index", "realm") . ': ' . $realm["Name"] . '</td>
                    </tr>
                    <tr>
                      <td>' . lang("edit", "characters") . ':</td>
                      <td>' . $sql["char"]->num_rows($result) . '</td>
                    </tr>';
                while ($char = $sql["char"]->fetch_assoc($result)) {
                    if ($char["timestamp"] != 0) {
                        $lastseen = date("F j, Y @ Hi", $char["timestamp"] + $time_offset);
                    } else {
                        $lastseen = '-';
                    }
                    // add this character's achievement points to our total
                    $total_achieve_points += $char["ach_points"];
                    $output .= '
                    <tr>
                      <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\'---></td>
                      <td>
                        <a href="char.php?id=' . $char["guid"] . '&amp;realm=' . $realm["Index"] . '">' . $char["name"] . '</a> -
                        <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                        <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . '
                      </td>
                      <td>' . $lastseen . '</td>
                    </tr>';
                }
            }
            unset($realm);
        } else {
            if ($core == 1) {
                $result = $sql["char"]->query("SELECT guid, name, race, class, level, gender, timestamp,\n          IFNULL((SELECT SUM(points) FROM character_achievement LEFT JOIN `" . $dbc_db["name"] . "`.achievement ON `" . $dbc_db["name"] . "`.achievement.id=character_achievement.achievement WHERE character_achievement.guid=characters.guid), 0) AS ach_points\n          FROM characters WHERE acct='" . $user_id . "'");
            } else {
                $result = $sql["char"]->query("SELECT guid, name, race, class, level, gender, logout_time AS timestamp,\n          IFNULL((SELECT SUM(points) FROM character_achievement LEFT JOIN `" . $dbc_db["name"] . "`.achievement ON `" . $dbc_db["name"] . "`.achievement.id=character_achievement.achievement WHERE character_achievement.guid=characters.guid), 0) AS ach_points\n          FROM characters WHERE account='" . $user_id . "'");
            }
            // calculate timezone offset
            $time_offset = $timezone_offset * 3600;
            $output .= '
                  <!-- tr>
                    <td>' . lang("edit", "characters") . ':</td>
                    <td>' . $sql["char"]->num_rows($result) . '</td>
                  </tr -->';
            while ($char = $sql["char"]->fetch_assoc($result)) {
                if ($char["timestamp"] != 0) {
                    $lastseen = date("F j, Y @ Hi", $char["timestamp"] + $time_offset);
                } else {
                    $lastseen = '-';
                }
                // add this character's achievement points to our total
                $total_achieve_points += $char["ach_points"];
                $output .= '
                  <tr>
                    <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\'---></td>
                    <td>
                      <a href="char.php?id=' . $char["guid"] . '">' . $char["name"] . '</a> -
                      <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                      <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt=""/> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . '
                    </td>
                    <td>' . $lastseen . '</td>
                  </tr>';
            }
        }
        unset($result);
        unset($realms);
        // Achievement Point to Credit conversion
        if ($achievement_point_credits && $screen_name["Credits"] >= 0) {
            $output .= '
                  <tr>
                    <td colspan="3">
                      <hr />
                    </td>
                  </tr>
                  <tr>
                    <td colspan="3">
                      <table>
                        <tr>
                          <td>' . lang("edit", "total_achieve_points") . ':</td>
                          <td colspan="2">
                            <span>' . $total_achieve_points . '</span>
                          </td>
                        </tr>
                        <tr>
                          <td>' . lang("edit", "total_achieve_spent") . ':</td>
                          <td colspan="2">
                            <span>' . $screen_name["AchievePointsSpent"] . '</span>
                          </td>
                        </tr>
                        <tr>
                          <td>' . lang("edit", "achieve_points_available") . ':</td>
                          <td colspan="2">
                            <span>' . ($total_achieve_points - $screen_name["AchievePointsSpent"]) . '</span>
                            <img src="img/information.png" style="position: relative; top: 4px;" onmousemove="oldtoolTip(\'' . lang("edit", "achieve_warning") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                          </td>
                        </tr>';
            if ($credits_fractional) {
                $output .= '
                        <tr>
                          <td>' . lang("edit", "points_to_credits") . ':</td>
                          <td colspan="2">
                            <span>' . $achievement_point_credits / $achievement_point_points . '&nbsp;' . lang("edit", "credits") . '</span>
                          </td>
                        </tr>';
            } else {
                $output .= '
                        <tr>
                          <td>' . lang("edit", "points_to_credits") . ':</td>
                          <td colspan="2">
                            <span>' . round($achievement_point_credits / $achievement_point_points) . '&nbsp;' . lang("edit", "credits") . '</span>
                            <img src="img/information.png" style="position: relative; top: 4px;" onmousemove="oldtoolTip(\'' . lang("edit", "points_to_credits_round") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                          </td>
                        </tr>';
            }
            $output .= '
                        <tr>
                          <td>' . lang("edit", "points_to_spend") . ':</td>
                          <td colspan="2">';
            if ($total_achieve_points - $screen_name["AchievePointsSpent"] > 0) {
                $output .= '
                            <input type="text" name="points_to_spend" value="0" />';
            } else {
                $output .= '
                            <div style="display: none;">
                              <input type="hidden" name="points_to_spend" value="0" />
                            </div>
                            <span>' . lang("edit", "insufficient_funds") . '</span>';
            }
            $output .= '
                          </td>
                        </tr>
                      </table>
                    </td>
                  </tr>';
        }
        $override_remember_me = $_COOKIE["corem_override_remember_me"];
        if (!isset($override_remember_me)) {
            $override_remember_me = 1;
        }
        if ($remember_me_checked) {
            $output .= '
                  <tr>
                    <td>' . lang("edit", "override") . ':</td>
                    <td><input type="checkbox" name="override" value="1" ' . ($override_remember_me ? 'checked="checked"' : '') . ' />
                  </tr>';
        }
        $output .= '
                  <tr>
                    <td>';
        makebutton(lang("edit", "update"), 'javascript:do_submit_data()" type="wrn', 130);
        $output .= '
                    </td>
                    <td colspan="2">';
        makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130);
        $output .= '
                    </td>
                  </tr>
                </table>
              </form>
            </div>
            <br />
            <div id="edit_profile_fieldset" class="fieldset_border center">
              <span class="legend">' . lang("edit", "profile_options") . '</span>
              <form action="edit.php" method="get" id="form3">
                <div>
                  <input type="hidden" name="action" value="profile_set" />
                </div>
                <table class="hidden" id="edit_profile_table">
                  <tr>
                    <td align="left" colspan="3">' . lang("edit", "profile_info") . '</td>
                  </tr>
                  <tr>
                    <td align="left" colspan="3">
                      <textarea name="profileinfo" rows="6" cols="65">' . $screen_name["Info"] . '</textarea>
                    </td>
                  </tr>
                  <tr>
                    <td></td>
                  </tr>
                  <tr>
                    <td></td>
                  </tr>
                  <tr>
                    <td align="left" colspan="3">' . lang("edit", "signature") . '</td>
                  </tr>
                  <tr>
                    <td align="left" colspan="3">';
        bbcode_add_editor();
        $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td align="left" colspan="3">
                      <textarea id="msg" name="signature" rows="6" cols="65">' . $screen_name["Signature"] . '</textarea>
                    </td>
                  </tr>
                  <tr>
                    <td></td>
                  </tr>
                  <tr>
                    <td></td>
                  </tr>
                  <tr>
                    <td align="left" colspan="3">' . lang("edit", "prefavatar") . '</td>
                  </tr>';
        if ($screen_name["SecurityLevel"] == 0) {
            if ($screen_name["Avatar"] == '') {
                if ($core == 1) {
                    $avatar_query = "SELECT acct, name, gender, race, class, level,\n            (SELECT gm FROM `" . $logon_db["name"] . "`.accounts WHERE `" . $logon_db["name"] . "`.accounts.acct=`" . $characters_db[$realm_id]['name'] . "`.characters.acct) AS gmlevel,\n            (SELECT login FROM `" . $logon_db["name"] . "`.accounts WHERE `" . $logon_db["name"] . "`.accounts.acct=`" . $characters_db[$realm_id]['name'] . "`.characters.acct) AS login\n            FROM `" . $characters_db[$realm_id]['name'] . "`.characters\n            WHERE level IN (SELECT MAX(level) FROM `" . $characters_db[$realm_id]['name'] . "`.characters WHERE acct='" . $user_id . "')";
                } elseif ($core == 2) {
                    $avatar_query = "SELECT account AS acct, name, gender, race, class, level,\n            (SELECT gmlevel FROM `" . $logon_db["name"] . "`.account WHERE `" . $logon_db["name"] . "`.account.id=`" . $characters_db[$realm_id]['name'] . "`.characters.account) AS gmlevel,\n            (SELECT username FROM `" . $logon_db["name"] . "`.account WHERE `" . $logon_db["name"] . "`.account.id=`" . $characters_db[$realm_id]['name'] . "`.characters.account) AS login\n            FROM `" . $characters_db[$realm_id]['name'] . "`.characters\n            WHERE level IN (SELECT MAX(level) FROM `" . $characters_db[$realm_id]['name'] . "`.characters WHERE account='" . $user_id . "') AND account='" . $user_id . "'";
                } else {
                    $avatar_query = "SELECT account AS acct, name, gender, race, class, level,\n            (SELECT gmlevel FROM `" . $logon_db["name"] . "`.account_access WHERE `" . $logon_db["name"] . "`.account_access.id=`" . $characters_db[$realm_id]['name'] . "`.characters.account) AS gmlevel,\n            (SELECT username FROM `" . $logon_db["name"] . "`.account WHERE `" . $logon_db["name"] . "`.account.id=`" . $characters_db[$realm_id]['name'] . "`.characters.account) AS login\n            FROM `" . $characters_db[$realm_id]['name'] . "`.characters\n            WHERE level IN (SELECT MAX(level) FROM `" . $characters_db[$realm_id]['name'] . "`.characters WHERE account='" . $user_id . "') AND account='" . $user_id . "'";
                }
                $avatar_result = $sql["char"]->query($avatar_query);
                $avatar_fields = $sql["char"]->fetch_assoc($avatar_result);
                $avatar = gen_avatar_panel($avatar_fields["level"], $avatar_fields["gender"], $avatar_fields["race"], $avatar_fields["class"], 1, 0);
                $screen_name["avatarlevel"] = $avatar_fields["level"];
                $screen_name["avatarrace"] = $avatar_fields["race"];
                $screen_name["avatarclass"] = $avatar_fields["class"];
                $screen_name["avatarsex"] = $avatar_fields["gender"];
            } else {
                $avatar = gen_avatar_panel($screen_name["avatarlevel"], $screen_name["avatarsex"], $screen_name["avatarrace"], $screen_name["avatarclass"], 1, $screen_name["SecurityLevel"]);
            }
            $output .= '
                  <tr>
                    <td id="forum_topic_avatar" rowspan="6">
                      <center>' . $avatar . '</center>
                    </td>
                    <tr>
                      <td>' . lang("edit", "usedefault") . ':</td>
                      <td><input type="checkbox" name="use_default" value="1" ' . ($screen_name["Avatar"] == '' ? 'checked="checked"' : '') . ' />&nbsp;' . lang("edit", "usedefaultinfo") . '</td>
                    </tr>
                    <td>' . lang("edit", "gender") . ':</td>
                    <td>
                      <select name="avatargender">
                        <option value="0" ' . ($screen_name["avatarsex"] == 0 ? 'selected="selected"' : '') . ' >' . lang("edit", "male") . '</option>
                        <option value="1" ' . ($screen_name["avatarsex"] == 1 ? 'selected="selected"' : '') . ' >' . lang("edit", "female") . '</option>
                      </select>
                    </td>
                  </tr>
                  <tr>
                    <td>' . lang("edit", "race") . ':</td>
                    <td>
                      <select name="avatarrace">';
            $races = array(1 => array(1, lang("id_tab", "human")), 2 => array(2, lang("id_tab", "orc")), 3 => array(3, lang("id_tab", "dwarf")), 4 => array(4, lang("id_tab", "nightelf")), 5 => array(5, lang("id_tab", "undead")), 6 => array(6, lang("id_tab", "tauren")), 7 => array(7, lang("id_tab", "gnome")), 8 => array(8, lang("id_tab", "troll")), 10 => array(10, lang("id_tab", "bloodelf")), 11 => array(11, lang("id_tab", "draenei")));
            foreach ($races as $race) {
                $output .= '
                          <option value="' . $race[0] . '" ' . ($screen_name["avatarrace"] == $race[0] ? 'selected="selected"' : '') . ' >' . $race[1] . '</option>';
            }
            $output .= '
                      </select>
                    </td>
                  </tr>
                  <tr>
                    <td>' . lang("edit", "class") . ':</td>
                    <td>
                      <select name="avatarclass">';
            $classes = $class_names = array(1 => array(1, lang("id_tab", "warrior")), 2 => array(2, lang("id_tab", "paladin")), 3 => array(3, lang("id_tab", "hunter")), 4 => array(4, lang("id_tab", "rogue")), 5 => array(5, lang("id_tab", "priest")), 6 => array(6, lang("id_tab", "death_knight")), 7 => array(7, lang("id_tab", "shaman")), 8 => array(8, lang("id_tab", "mage")), 9 => array(9, lang("id_tab", "warlock")), 11 => array(11, lang("id_tab", "druid")));
            foreach ($classes as $class) {
                $output .= '
                        <option value="' . $class[0] . '" ' . ($screen_name["avatarclass"] == $class[0] ? 'selected="selected"' : '') . ' >' . $class[1] . '</option>';
            }
            $output .= '
                      </select>
                    </td>
                  </tr>
                  <tr>
                    <td>' . lang("edit", "level") . ':</td>
                    <td>
                      <input type="text" name="avatarlevel" value="' . $screen_name["avatarlevel"] . '" />
                    </td>
                  </tr>';
        } else {
            $output .= '
                  <tr>
                    <td id="forum_topic_avatar" rowspan="4">
                      <div>' . gen_avatar_panel($screen_name["avatarlevel"], $screen_name["avatarsex"], $screen_name["avatarrace"], $screen_name["avatarclass"], 0, $screen_name["SecurityLevel"]) . '</div>
                    </td>
                    <td>' . lang("edit", "gender") . ':</td>
                    <td>' . lang("edit", "unavailable") . '</td>
                  </tr>
                  <tr>
                    <td>' . lang("edit", "race") . ':</td>
                    <td>' . lang("edit", "unavailable") . '</td>
                  </tr>
                  <tr>
                    <td>' . lang("edit", "class") . ':</td>
                    <td>' . lang("edit", "unavailable") . '</td>
                  </tr>
                  <tr>
                    <td>' . lang("edit", "level") . ':</td>
                    <td>' . lang("edit", "unavailable") . '</td>
                  </tr>';
        }
        $output .= '
                  <tr>
                    <td></td>
                  </tr>
                  <tr>
                    <td></td>
                  </tr>
                  <tr>
                    <td align="left" colspan="3">' . lang("edit", "viewmods") . '</td>
                  </tr>
                  <tr>
                    <td>' . lang("char", "char_sheet") . ':</td>
                    <td colspan="2">
                      <select name="viewmod_sheet">
                        <option value="0" ' . ($screen_name["View_Mod_Sheet"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option>
                        <!-- option value="1" ' . ($screen_name["View_Mod_Sheet"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option -->
                        <option value="2" ' . ($screen_name["View_Mod_Sheet"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option>
                      </select>
                    </td>
                  </tr>
                  <tr>
                    <td>' . lang("char", "achievements") . ':</td>
                    <td colspan="2">
                      <select name="viewmod_achieve">
                        <option value="0" ' . ($screen_name["View_Mod_Achieve"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option>
                        <!-- option value="1" ' . ($screen_name["View_Mod_Achieve"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option -->
                        <option value="2" ' . ($screen_name["View_Mod_Achieve"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option>
                      </select>
                    </td>
                  </tr>
                  <tr>
                    <td>' . lang("char", "friends") . ':</td>
                    <td colspan="2">
                      <select name="viewmod_friends">
                        <option value="0" ' . ($screen_name["View_Mod_Friends"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option>
                        <!-- option value="1" ' . ($screen_name["View_Mod_Friends"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option -->
                        <option value="2" ' . ($screen_name["View_Mod_Friends"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option>
                      </select>
                    </td>
                  </tr>
                  <tr>
                    <td>' . lang("char", "inventory") . ':</td>
                    <td colspan="2">
                      <select name="viewmod_inv">
                        <option value="0" ' . ($screen_name["View_Mod_Inv"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option>
                        <!-- option value="1" ' . ($screen_name["View_Mod_Inv"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option -->
                        <option value="2" ' . ($screen_name["View_Mod_Inv"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option>
                      </select>
                    </td>
                  </tr>
                  <tr>
                    <td>' . lang("char", "pets") . ':</td>
                    <td colspan="2">
                      <select name="viewmod_pets">
                        <option value="0" ' . ($screen_name["View_Mod_Pets"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option>
                        <!-- option value="1" ' . ($screen_name["View_Mod_Pets"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option -->
                        <option value="2" ' . ($screen_name["View_Mod_Pets"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option>
                      </select>
                    </td>
                  </tr>
                  <tr>
                    <td>' . lang("char", "pvp") . ':</td>
                    <td colspan="2">
                      <select name="viewmod_pvp">
                        <option value="0" ' . ($screen_name["View_Mod_PvP"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option>
                        <!-- option value="1" ' . ($screen_name["View_Mod_PvP"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option -->
                        <option value="2" ' . ($screen_name["View_Mod_PvP"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option>
                      </select>
                    </td>
                  </tr>
                  <tr>
                    <td>' . lang("char", "quests") . ':</td>
                    <td colspan="2">
                      <select name="viewmod_quests">
                        <option value="0" ' . ($screen_name["View_Mod_Quest"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option>
                        <!-- option value="1" ' . ($screen_name["View_Mod_Quest"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option -->
                        <option value="2" ' . ($screen_name["View_Mod_Quest"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option>
                      </select>
                    </td>
                  </tr>
                  <tr>
                    <td>' . lang("char", "reputation") . ':</td>
                    <td colspan="2">
                      <select name="viewmod_rep">
                        <option value="0" ' . ($screen_name["View_Mod_Rep"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option>
                        <!-- option value="1" ' . ($screen_name["View_Mod_Rep"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option -->
                        <option value="2" ' . ($screen_name["View_Mod_Rep"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option>
                      </select>
                    </td>
                  </tr>
                  <tr>
                    <td>' . lang("char", "skills") . ':</td>
                    <td colspan="2">
                      <select name="viewmod_skills">
                        <option value="0" ' . ($screen_name["View_Mod_Skill"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option>
                        <!-- option value="1" ' . ($screen_name["View_Mod_Skill"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option -->
                        <option value="2" ' . ($screen_name["View_Mod_Skill"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option>
                      </select>
                    </td>
                  </tr>
                  <tr>
                    <td>' . lang("char", "talents") . ':</td>
                    <td colspan="2">
                      <select name="viewmod_talents">
                        <option value="0" ' . ($screen_name["View_Mod_Talent"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option>
                        <!-- option value="1" ' . ($screen_name["View_Mod_Talent"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option -->
                        <option value="2" ' . ($screen_name["View_Mod_Talent"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option>
                      </select>
                    </td>
                  </tr>
                  <tr>
                    <td>' . lang("char", "view") . ':</td>
                    <td colspan="2">
                      <select name="viewmod_view">
                        <option value="0" ' . ($screen_name["View_Mod_View"] == 0 ? 'selected="selected" ' : '') . '>' . lang("edit", "onlyme") . '</option>
                        <!-- option value="1" ' . ($screen_name["View_Mod_View"] == 1 ? 'selected="selected" ' : '') . '>' . lang("edit", "friends") . '</option -->
                        <option value="2" ' . ($screen_name["View_Mod_View"] == 2 ? 'selected="selected" ' : '') . '>' . lang("edit", "reg_users") . '</option>
                      </select>
                    </td>
                  </tr>
                  <tr>
                    <td></td>
                  </tr>
                  <tr>
                    <td>';
        makebutton(lang("edit", "save"), 'javascript:do_submit(\'form3\', 0)', 130);
        $output .= '
                    </td>
                  </tr>
                </table>
              </form>
            </div>
            <div id="edit_invites_fieldset" class="fieldset_border center">
              <span class="legend">' . lang("edit", "invite_options") . '</span>
              <table class="hidden" id="edit_invites_table">
                <tr>
                  <td align="left">' . lang("edit", "invite_email") . ': </td>
                  <td align="right">
                    <form action="edit.php" method="get" id="form4">
                      <div>
                        <input type="hidden" name="action" value="send_invite" />
                        <input type="text" name="invite_email" value="" size="30" />
                      </div>
                    </form>
                  </td>
                </tr>
                <tr>
                  <td colspan="2">';
        makebutton(lang("edit", "sendinvite"), 'javascript:do_submit(\'form4\', 0)', 130);
        $output .= '
                  </td>
                </tr>
                <tr>
                  <td>&nbsp;</td>
                </tr>
                <tr>
                  <td align="left" colspan="2">' . lang("edit", "active_invites") . ': </td>
                </tr>
                <tr>
                  <td colspan="2">
                    <table class="lined" id="active_invites_table">
                      <tr>
                        <th style="width: 15%;">Delete</th>
                        <th>Email</th>
                        <th style="width: 15%">Resend</th>
                      </tr>';
        $invites_query = "SELECT * FROM invitations WHERE issuer_acct_id='" . $user_id . "'";
        $invites_result = $sql["mgr"]->query($invites_query);
        while ($row = $sql["mgr"]->fetch_assoc($invites_result)) {
            $output .= '
                      <tr>
                        <td>
                          <a href="edit.php?action=delete_invite&key=' . $row["invitation_key"] . '">
                            <img src="img/aff_cross.png" alt="Delete" />
                          </a>
                        </td>
                        <td>' . $row["invited_email"] . '</td>
                        <td>
                          <a href="edit.php?action=resend_invite&key=' . $row["invitation_key"] . '">
                            <img src="img/add.png" alt="Resend" />
                          </a>
                        </td>
                      </tr>';
        }
        $output .= '
                    </table>
                  </td>
                </tr>
              </table>
            </div>
            <br />
            <div id="edit_prizebags_fieldset" class="fieldset_border center">
              <span class="legend">' . lang("edit", "my_bags") . '</span>
              <table class="hidden" id="edit_prizebags_table">';
        //
        $bag_query = "SELECT * FROM point_system_prize_bags WHERE owner='" . $user_id . "'";
        $bag_result = $sql["mgr"]->query($bag_query);
        $output_temp = '<tr><td style="display: none;"></td></tr>';
        while ($bag = $sql["mgr"]->fetch_assoc($bag_result)) {
            $output_temp .= '
                <tr>
                  <td align="right">
                    <a href="point_system.php?action=view_bag&amp;bag_id=' . $bag["entry"] . '">
                      <img src="' . get_item_icon(1725) . '" alt="" />
                    </a>
                  </td>
                  <td align="left">
                    <span>&nbsp;' . $bag["slots"] . ' ' . lang("edit", "bag_slots") . '</span>
                  </td>
                </tr>';
        }
        $output .= $output_temp;
        $output .= '
              </table>
            </div>
            <br />
            <div id="edit_theme_fieldset" class="fieldset_border center">
              <span class="legend">' . lang("edit", "theme_options") . '</span>
              <table class="hidden" id="edit_theme_table">
                <tr>
                  <td align="left">' . lang("edit", "select_layout_lang") . ': </td>
                  <td align="right">
                    <form action="edit.php" method="get" id="form1">
                      <div>
                        <input type="hidden" name="action" value="lang_set" />
                        <select name="lang">
                          <optgroup label="' . lang("edit", "language") . '">';
        if (is_dir('./lang')) {
            if ($dh = opendir('./lang')) {
                while (($file = readdir($dh)) == true) {
                    $lang = explode('.', $file);
                    if (isset($lang[1]) && $lang[1] == 'php') {
                        $output .= '
                        <option value="' . $lang[0] . '"' . (isset($_COOKIE["corem_lang"]) && $_COOKIE["corem_lang"] == $lang[0] ? ' selected="selected" ' : '') . '>' . lang("edit", $lang[0]) . '</option>';
                    }
                }
                closedir($dh);
            }
        }
        $output .= '
                          </optgroup>
                        </select>
                      </div>
                    </form>
                  </td>
                  <td>';
        makebutton(lang("edit", "save"), 'javascript:do_submit(\'form1\', 0)', 130);
        $output .= '
                  </td>
                </tr>
                <tr>
                  <td align="left">' . lang("edit", "select_theme") . ': </td>
                  <td align="right">
                    <form action="edit.php" method="get" id="form2">
                      <div>
                        <input type="hidden" name="action" value="theme_set" />
                        <select name="theme">
                          <optgroup label="' . lang("edit", "theme") . '">';
        if (is_dir('./themes')) {
            if ($dh = opendir('./themes')) {
                while (($file = readdir($dh)) == true) {
                    if ($file == '.' || $file == '..' || $file == '.htaccess' || $file == 'index.html' || $file == '.svn') {
                    } else {
                        $output .= '
                          <option value="' . $file . '"' . (isset($_COOKIE["corem_theme"]) && $_COOKIE["corem_theme"] == $file ? ' selected="selected" ' : '') . '>' . $file . '</option>';
                    }
                }
                closedir($dh);
            }
        }
        $output .= '
                          </optgroup>
                        </select>
                      </div>
                    </form>
                  </td>
                  <td>';
        makebutton(lang("edit", "save"), 'javascript:do_submit(\'form2\',0)', 130);
        $output .= '
                  </td>
                </tr>
              </table>
            </div>
            <br />';
    } else {
        error(lang("global", "err_no_records_found"));
    }
}
Esempio n. 11
0
function view_raffle()
{
    global $output, $coupon_id, $raffle_id, $bag_id, $characters_db, $user_id, $user_name, $base_datasite, $item_datasite, $sql, $core;
    points_tabs();
    if (!isset($_GET["purchased"])) {
        $query = "SELECT * FROM point_system_raffles WHERE entry='" . $raffle_id . "'";
        $result = $sql["mgr"]->query($query);
        $raffle = $sql["mgr"]->fetch_assoc($result);
        $my_usage_query = "SELECT * FROM point_system_raffle_tickets WHERE raffle='" . $raffle_id . "' AND user='******'";
        $my_usage_result = $sql["mgr"]->query($my_usage_query);
        $my_usage_count = $sql["mgr"]->num_rows($my_usage_result);
        $usage_query = "SELECT * FROM point_system_raffle_tickets WHERE raffle='" . $raffle_id . "'";
        $usage_result = $sql["mgr"]->query($usage_query);
        $usage_count = $sql["mgr"]->num_rows($usage_result);
        $output .= '
          <div class="tab_content center">';
        // make sure we're allowed to use this coupon
        if ($raffle["tickets_per_user"] <= $my_usage_count && $raffle["tickets_per_user"] != -1 || $usage_count >= $raffle["ticket_limit"] && $raffle["ticket_limit"] != -1) {
            $output .= '
            <span class="error">' . lang("points", "cannot_purchase_ticket") . '</span>';
        } else {
            $output .= '
            <form action="point_system.php" id="form1">
              <input type="hidden" name="action" value="do_purchase" />
              <input type="hidden" name="raffle_id" value="' . $raffle_id . '" />
              <table class="lined" id="coupon_table">
                <tr>
                  <td align="left">' . $raffle["title"] . '</td>
                </tr>';
            if ($raffle["text"] != "") {
                $output .= '
                <tr>
                  <td align="left">' . $raffle["text"] . '</td>
                </tr>';
            }
            $output .= '
              <tr>
                <td align="left"><span>' . lang("points", "drawing") . '</span>:&nbsp;' . $raffle["drawing"] . '</td>
              </tr>';
            if ($raffle["credits"] != 0 || $raffle["money"] != 0 || $raffle["item_id"] != 0) {
                $output .= '
                <tr>
                  <td>
                    <div class="coupon_parts">' . lang("points", "raffle_prizes") . ':</div>';
                if ($raffle["credits"] != 0) {
                    if ($raffle["credits"] > 1) {
                        $tip = lang("points", "raffle_credits");
                    } else {
                        $tip = lang("points", "raffle_credit");
                    }
                    $output .= '
                    <div class="coupon_parts">
                      <span>' . $raffle["credits"] . '</span>
                      <span>' . $tip . '</span>
                    </div>';
                }
                if ($raffle["money"] != 0) {
                    // extract gold/silver/copper from single gold number
                    $raffle["money"] = str_pad($raffle["money"], 4, "0", STR_PAD_LEFT);
                    $raffle_g = substr($raffle["money"], 0, -4);
                    if ($raffle_g == "") {
                        $raffle_g = 0;
                    }
                    $raffle_s = substr($raffle["money"], -4, 2);
                    if ($raffle_s == "" || $raffle_s == "00") {
                        $raffle_s = 0;
                    }
                    $raffle_c = substr($raffle["money"], -2);
                    if ($raffle_c == "" || $raffle_c == "00") {
                        $raffle_c = 0;
                    }
                    $output .= '
                    <div class="coupon_parts">
                      <span>' . $raffle_g . '</span>
                      <img src="img/gold.gif" alt="gold" style="position: relative; bottom: -6px;" />
                      <span>' . $raffle_s . '</span>
                      <img src="img/silver.gif" alt="silver" style="position: relative; bottom: -6px;" />
                      <span>' . $raffle_c . '</span>
                      <img src="img/copper.gif" alt="copper" style="position: relative; bottom: -6px;" />
                    </div>';
                }
                if ($raffle["item_id"] != 0) {
                    if ($raffle["item_id"] > 0) {
                        // get item data
                        if ($core == 1) {
                            $i_query = "SELECT \r\n                *, description AS description1, name1 AS name, quality AS Quality, inventorytype AS InventoryType, \r\n                socket_color_1 AS socketColor_1, socket_color_2 AS socketColor_2, socket_color_3 AS socketColor_3,\r\n                requiredlevel AS RequiredLevel, allowableclass AS AllowableClass,\r\n                sellprice AS SellPrice, itemlevel AS ItemLevel\r\n                FROM items " . ($locales_search_option != 0 ? "LEFT JOIN items_localized ON (items_localized.entry=items.entry AND language_code='" . $locales_search_option . "') " : " ") . "WHERE items.entry='" . $raffle["item_id"] . "'";
                        } else {
                            $i_query = "SELECT *, description AS description1 FROM item_template " . ($locales_search_option != 0 ? "LEFT JOIN locales_item ON locales_item.entry=item_template.entry " : " ") . "WHERE item_template.entry='" . $raffle["item_id"] . "'";
                        }
                        $i_result = $sql["world"]->query($i_query);
                        $i = $sql["world"]->fetch_assoc($i_result);
                        $output .= '
                    <div class="coupon_parts">
                      <div class="coupon_item">
                        <div>
                          <a id="ch_inv_padding" href="' . $base_datasite . $item_datasite . $raffle["item_id"] . '" rel="external" onmouseover="ShowTooltip(this,\'_b\');" onmouseout="HideTooltip(\'_b\');">
                            <img src="' . get_item_icon($raffle["item_id"]) . '" alt="" />
                          </a>';
                        if ($raffle["item_count"] > 1) {
                            $output .= '
                          <div id="coupon_item_quantity_shadow">' . $raffle["item_count"] . '</div>
                          <div id="coupon_item_quantity">' . $raffle["item_count"] . '</div>';
                        }
                        $output .= '
                        </div>';
                        // build a tooltip object for this item
                        $output .= '
                        <div class="item_tooltip" id="tooltip_b" style="left: -129px; top: 42px;">
                          <table>
                            <tr>
                              <td>' . get_item_tooltip($i, $item[4], $item[5], $item[6], $item[7], $item[8]) . '</td>
                            </tr>
                          </table>
                        </div>';
                        $output .= '
                      </div>
                    </div>';
                    } else {
                        $output .= '
                    <div class="coupon_parts">
                      <div>
                        <a href="point_system.php?action=view_bag&amp;bag_id=' . $coupon["item_id"] * -1 . '&amp;raffle_id=' . $raffle_id . '" onmousemove="oldtoolTip(\'' . lang("points", "prize_bag") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">
                          <img src="' . get_item_icon(1725) . '" alt="" />
                        </a>
                      </div>
                    </div>';
                    }
                }
                $output .= '
                  </td>
                </tr>
                <tr>
                  <td>
                    <div class="coupon_parts">' . lang("points", "ticket_cost") . ':</div>';
                if ($raffle["cost_credits"] != 0) {
                    // get our credit balance
                    $query = "SELECT credits FROM config_accounts WHERE Login='******'";
                    $result = $sql["mgr"]->query($query);
                    $result = $sql["mgr"]->fetch_assoc($result);
                    $credits = $result["credits"];
                    // check our funds vs Unlimited and the raffle's requirement
                    $insufficient = false;
                    if ($credits < $raffle["cost_credits"] && $credits > -1) {
                        $insufficient = true;
                    }
                    if ($raffle["cost_credits"] > 1) {
                        $tip = lang("points", "raffle_credits");
                    } else {
                        $tip = lang("points", "raffle_credit");
                    }
                    $output .= '
                    <div class="coupon_parts">
                      <span>' . $raffle["cost_credits"] . '</span>
                      <span>' . $tip . '</span>
                      <span class="points_credit_highlight">' . ($credits > -1 ? '&nbsp;' . lang("points", "balance") . ':&nbsp;' . rtrim($credits, "0.") : '') . '</span>
                      <span class="points_credit_highlight">' . ($insufficient ? '&nbsp;<b>(' . lang("points", "insufficient_funds") . ')</b>' : '') . '</span>
                      <span class="points_credit_highlight">' . ($credits <= -1 ? '&nbsp;<b>(' . lang("points", "unlimited") . ')</b>' : '') . '</span>
                    </div>';
                }
                if ($raffle["cost_money"] != 0) {
                    // extract gold/silver/copper from single gold number
                    $raffle["cost_money"] = str_pad($raffle["cost_money"], 4, "0", STR_PAD_LEFT);
                    $raffle_cost_g = substr($raffle["cost_money"], 0, -4);
                    if ($raffle_cost_g == "") {
                        $raffle_cost_g = 0;
                    }
                    $raffle_cost_s = substr($raffle["cost_money"], -4, 2);
                    if ($raffle_cost_s == "" || $raffle_cost_s == "00") {
                        $raffle_cost_s = 0;
                    }
                    $raffle_cost_c = substr($raffle["cost_money"], -2);
                    if ($raffle_cost_c == "" || $raffle_cost_c == "00") {
                        $raffle_cost_c = 0;
                    }
                    $output .= '
                    <div class="coupon_parts">
                      <span>' . $raffle_cost_g . '</span>
                      <img src="img/gold.gif" alt="gold" style="position: relative; bottom: -6px;" />
                      <span>' . $raffle_cost_s . '</span>
                      <img src="img/silver.gif" alt="silver" style="position: relative; bottom: -6px;" />
                      <span>' . $raffle_cost_c . '</span>
                      <img src="img/copper.gif" alt="copper" style="position: relative; bottom: -6px;" />
                    </div>';
                    $output .= '
                    <div class="coupon_part_title">
                      <span>' . lang("points", "choose_char_use_money") . ':</span>
                    </div>';
                    // get characters
                    $char_list = array();
                    $realm_list = array();
                    foreach ($characters_db as $db) {
                        $sqlt = new SQL();
                        $sqlt->connect($db["addr"], $db["user"], $db["pass"], $db["name"], $db["encoding"]);
                        $realm_char_list = array();
                        // store the realm id for later
                        $realm_list[] = $db["id"];
                        if ($core == 1) {
                            $char_query = "SELECT guid FROM characters WHERE acct='" . $user_id . "' ORDER BY guid ASC";
                        } else {
                            $char_query = "SELECT guid FROM characters WHERE account='" . $user_id . "' ORDER BY guid ASC";
                        }
                        $char_result = $sqlt->query($char_query);
                        while ($row = $sqlt->fetch_assoc($char_result)) {
                            $realm_char_list[] = $row["guid"];
                        }
                        $char_list[] = $realm_char_list;
                    }
                    for ($i = 0; $i < count($char_list); $i++) {
                        $realm_chars = $char_list[$i];
                        $cur_realm = $realm_list[$i];
                        $realm_name_query = "SELECT * FROM config_servers WHERE `Index`='" . $cur_realm . "'";
                        $realm_name_result = $sql["mgr"]->query($realm_name_query);
                        $realm_name_result = $sql["mgr"]->fetch_assoc($realm_name_result);
                        $cur_realm_name = $realm_name_result["Name"];
                        $sqlt = new SQL();
                        $sqlt->connect($characters_db[$cur_realm]["addr"], $characters_db[$cur_realm]["user"], $characters_db[$cur_realm]["pass"], $characters_db[$cur_realm]["name"], $characters_db[$cur_realm]["encoding"]);
                        if (count($realm_list) > 1) {
                            $output .= '
                    <div class="coupon_part_chars">
                      <span>' . $cur_realm_name . '</span>
                    </div>';
                        }
                        $output .= '
                    <div class="coupon_part_chars">
                      <div class="fake_table">';
                        $first = true;
                        // we want the first character to be selected
                        foreach ($realm_chars as $row) {
                            if ($core == 1) {
                                $char_query = "SELECT *, gold AS money FROM characters WHERE guid='" . $row . "'";
                            } else {
                                $char_query = "SELECT * FROM characters WHERE guid='" . $row . "'";
                            }
                            $char_result = $sqlt->query($char_query);
                            $char = $sqlt->fetch_assoc($char_result);
                            // extract gold/silver/copper from single gold number
                            $char["money"] = str_pad($char["money"], 4, "0", STR_PAD_LEFT);
                            $char_g = substr($char["money"], 0, -4);
                            if ($char_g == "") {
                                $char_g = 0;
                            }
                            $char_s = substr($char["money"], -4, 2);
                            if ($char_s == "" || $char_s == "00") {
                                $char_s = 0;
                            }
                            $char_c = substr($char["money"], -2);
                            if ($char_c == "" || $char_c == "00") {
                                $char_c = 0;
                            }
                            $output .= '
                        <div class="fake_table_cell">
                          <input type="radio" name="money_character" value="' . ($i + 1) . "-" . $row . '-' . $char["name"] . '"' . (isset($first) ? ' checked="checked"' : '') . ($char["online"] || $char["money"] < $raffle["cost_money"] ? ' disabled="disabled"' : '') . ' />
                          <a href="char.php?id=' . $row . '&amp;realm=' . $cur_realm . '">' . $char["name"] . '</a> - <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                          <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt=""/> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . '
                        </div>
                        <div class="fake_table_cell">
                          <span>' . $char_g . '</span>
                          <img src="img/gold.gif" alt="gold" style="position: relative; bottom: -6px;" />
                          <span>' . $char_s . '</span>
                          <img src="img/silver.gif" alt="silver" style="position: relative; bottom: -6px;" />
                          <span>' . $char_c . '</span>
                          <img src="img/copper.gif" alt="copper" style="position: relative; bottom: -6px;" />
                        </div>';
                            unset($first);
                        }
                    }
                }
                $output .= '
                      </div>
                    </div>
                  </td>
                </tr>';
            }
            if ($raffle["tickets_per_user"] > 1) {
                $output .= '
                <tr>
                  <td>
                    <div class="coupon_parts">' . lang("points", "tickets_purchased") . ':&nbsp;<b>' . $my_usage_count . '</b></div>
                  </td>
                </tr>';
            }
            $output .= '
                <tr>
                  <td align="right">
                    <a href="javascript:do_submit(\'form1\',0)">
                      <img src="img/aff_tick.png" width="16" height="16" alt="" />
                      <span>&nbsp;' . lang("points", "confirm_purchase") . '</span>
                    </a>
                  </td>
                </tr>
              </table>
            </form>';
        }
    } else {
        $output .= '
          <div class="tab_content center">';
        $output .= '
            <span>' . lang("points", "purchased") . '</span>';
    }
    $output .= '
          </div>
          <br />
          <!-- end of point_system.php -->';
}
Esempio n. 12
0
function char_skill()
{
    global $output, $realm_id, $characters_db, $corem_db, $action_permission, $user_lvl, $site_encoding, $user_name, $base_datasite, $skill_datasite, $sql, $core;
    //wowhead_tt();
    if (empty($_GET["id"])) {
        error(lang("global", "empty_fields"));
    }
    // this is multi realm support, as of writing still under development
    //  this page is already implementing it
    if (empty($_GET["realm"])) {
        $realmid = $realm_id;
    } else {
        $realmid = $sql["logon"]->quote_smart($_GET["realm"]);
        if (is_numeric($realmid)) {
            $sql["char"]->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name'], $characters_db[$realmid]["encoding"]);
        } else {
            $realmid = $realm_id;
        }
    }
    $id = $sql["char"]->quote_smart($_GET["id"]);
    if (!is_numeric($id)) {
        $id = 0;
    }
    $order_by = isset($_GET["order_by"]) ? $sql["char"]->quote_smart($_GET["order_by"]) : 1;
    $dir = isset($_GET["dir"]) ? $sql["char"]->quote_smart($_GET["dir"]) : 1;
    if (!preg_match('/^[01]{1}$/', $dir)) {
        $dir = 1;
    }
    $order_dir = $dir ? 'ASC' : 'DESC';
    $dir = $dir ? 0 : 1;
    if ($core == 1) {
        $result = $sql["char"]->query('SELECT acct, name, race, class, level, gender FROM characters WHERE guid = ' . $id . ' LIMIT 1');
    } else {
        $result = $sql["char"]->query('SELECT account AS acct, name, race, class, level, gender FROM characters WHERE guid = ' . $id . ' LIMIT 1');
    }
    if ($sql["char"]->num_rows($result)) {
        $char = $sql["char"]->fetch_assoc($result);
        // we get user permissions first
        $owner_acc_id = $sql["char"]->result($result, 0, 'acct');
        if ($core == 1) {
            $result = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $char["acct"] . "'");
        } else {
            $result = $sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $char["acct"] . "'");
        }
        $owner_name = $sql["logon"]->result($result, 0, 'login');
        $s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='******'";
        $s_result = $sql["mgr"]->query($s_query);
        $s_fields = $sql["mgr"]->fetch_assoc($s_result);
        $owner_gmlvl = $s_fields["gm"];
        $view_mod = $s_fields["View_Mod_Skill"];
        if ($owner_gmlvl >= 1073741824) {
            $owner_gmlvl -= 1073741824;
        }
        // owner configured overrides
        $view_override = false;
        if ($view_mod > 0) {
            if ($view_mod == 1) {
            } elseif ($view_mod == 2) {
                // only registered users may view this page
                if ($user_lvl > -1) {
                    $view_override = true;
                }
            }
        }
        // visibility overrides for specific tabs
        $view_inv_override = false;
        if ($s_fields["View_Mod_Inv"] > 0) {
            if ($s_fields["View_Mod_Inv"] == 1) {
            } elseif ($s_fields["View_Mod_Inv"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_inv_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_inv_override = true;
            }
        }
        $view_talent_override = false;
        if ($s_fields["View_Mod_Talent"] > 0) {
            if ($s_fields["View_Mod_Talent"] == 1) {
            } elseif ($s_fields["View_Mod_Talent"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_talent_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_talent_override = true;
            }
        }
        $view_achieve_override = false;
        if ($s_fields["View_Mod_Achieve"] > 0) {
            if ($s_fields["View_Mod_Achieve"] == 1) {
            } elseif ($s_fields["View_Mod_Achieve"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_achieve_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_achieve_override = true;
            }
        }
        $view_quest_override = false;
        if ($s_fields["View_Mod_Quest"] > 0) {
            if ($s_fields["View_Mod_Quest"] == 1) {
            } elseif ($s_fields["View_Mod_Quest"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_quest_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_quest_override = true;
            }
        }
        $view_friends_override = false;
        if ($s_fields["View_Mod_Friends"] > 0) {
            if ($s_fields["View_Mod_Friends"] == 1) {
            } elseif ($s_fields["View_Mod_Friends"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_friends_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_friends_override = true;
            }
        }
        $view_view_override = false;
        if ($s_fields["View_Mod_View"] > 0) {
            if ($s_fields["View_Mod_View"] == 1) {
            } elseif ($s_fields["View_Mod_View"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_view_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_view_override = true;
            }
        }
        $view_pets_override = false;
        if ($s_fields["View_Mod_Pets"] > 0) {
            if ($s_fields["View_Mod_Pets"] == 1) {
            } elseif ($s_fields["View_Mod_Pets"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_pets_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_pets_override = true;
            }
        }
        $view_rep_override = false;
        if ($s_fields["View_Mod_Rep"] > 0) {
            if ($s_fields["View_Mod_Rep"] == 1) {
            } elseif ($s_fields["View_Mod_Rep"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_rep_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_rep_override = true;
            }
        }
        $view_pvp_override = false;
        if ($s_fields["View_Mod_PvP"] > 0) {
            if ($s_fields["View_Mod_PvP"] == 1) {
            } elseif ($s_fields["View_Mod_PvP"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_pvp_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_pvp_override = true;
            }
        }
        if ($view_override || $user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
            if ($core == 1) {
                $result = $sql["char"]->query("SELECT data, name, race, class, level, gender FROM characters WHERE guid = '" . $id . "'");
                $char = $sql["char"]->fetch_assoc($result);
                $char_data = explode(';', $char["data"]);
            } else {
                $result = $sql["char"]->query("SELECT name, race, class, level, gender FROM characters WHERE guid='" . $id . "'");
                $char = $sql["char"]->fetch_assoc($result);
                $result = $sql["char"]->query("SELECT * FROM character_skills WHERE guid='" . $id . "'");
                // make TC's skill data work like our treatment of Arc's
                $char_data = array();
                $i = 0;
                while ($skill_row = $sql["char"]->fetch_assoc($result)) {
                    $char_data[PLAYER_SKILL_INFO_1_1 + $i] = $skill_row["skill"];
                    $char_data[PLAYER_SKILL_INFO_1_1 + $i + 1] = $skill_row["value"];
                    $char_data[PLAYER_SKILL_INFO_1_1 + $i + 2] = $skill_row["max"];
                    $i += 3;
                }
            }
            $output .= '
            <div class="tab">
              <ul>
                <li class="selected"><a href="char.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>';
            if ($view_inv_override) {
                $output .= '
                <li><a href="char_inv.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "inventory") . '</a></li>';
            }
            if ($view_talent_override) {
                $output .= '
                ' . ($char["level"] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "talents") . '</a></li>') . '';
            }
            if ($view_achieve_override) {
                $output .= '
                <li><a href="char_achieve.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "achievements") . '</a></li>';
            }
            if ($view_quest_override) {
                $output .= '
                <li><a href="char_quest.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "quests") . '</a></li>';
            }
            if ($view_friends_override) {
                $output .= '
                <li><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "friends") . '</a></li>';
            }
            if ($view_view_override) {
                $output .= '
                <li><a href="char_view.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "view") . '</a></li>';
            }
            $output .= '
              </ul>
            </div>
            <div class="tab_content center">
              <div class="tab">
                <ul>
                  <li><a href="char.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>';
            if (char_get_class_name($char["class"]) == "Hunter" && $view_pets_override) {
                $output .= '
                  <li><a href="char_pets.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "pets") . '</a></li>';
            }
            if ($view_rep_override) {
                $output .= '
                  <li><a href="char_rep.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "reputation") . '</a></li>';
            }
            $output .= '
                  <li class="selected"><a href="char_skill.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "skills") . '</a></li>';
            if ($view_pvp_override) {
                $output .= '
                  <li><a href="char_pvp.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "pvp") . '</a></li>';
            }
            if ($owner_name == $user_name || $user_lvl >= get_page_permission("insert", "char_mail.php")) {
                $output .= '
                  <li><a href="char_mail.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "mail") . '</a></li>';
            }
            $output .= '
                </ul>
              </div>
              <div class="tab_content2 center center_text">
                <span class="bold">
                  ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' -
                  <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                  <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . '
                </span>
                <br />
                <br />
                <table class="lined" id="ch_ski_main">
                  <tr>
                    <th class="title" colspan="' . ($user_lvl ? '3' : '2') . '" align="left">' . lang("char", "skills") . '</th>
                  </tr>
                  <tr>
                    ' . ($user_lvl ? '<th><a href="char_skill.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=0&amp;dir=' . $dir . '"' . ($order_by == 0 ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "skill_id") . '</a></th>' : '') . '
                    <th align="right"><a href="char_skill.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=1&amp;dir=' . $dir . '"' . ($order_by == 1 ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "skill_name") . '</a></th>
                    <th><a href="char_skill.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=2&amp;dir=' . $dir . '"' . ($order_by == 2 ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "skill_value") . '</a></th>
                  </tr>';
            $skill_array = array();
            $class_array = array();
            $prof_1_array = array();
            $prof_2_array = array();
            $weapon_array = array();
            $armor_array = array();
            $language_array = array();
            $skill_rank_array = array(75 => lang("char", "apprentice"), 150 => lang("char", "journeyman"), 225 => lang("char", "expert"), 300 => lang("char", "artisan"), 375 => lang("char", "master"), 450 => lang("char", "inherent"), 385 => lang("char", "wise"));
            for ($i = PLAYER_SKILL_INFO_1_1; $i <= PLAYER_SKILL_INFO_1_1 + 384; $i += 3) {
                if ($char_data[$i] && skill_get_name($char_data[$i] & 0xffff)) {
                    $temp = unpack("S", pack("L", $char_data[$i + 1]));
                    $skill = $char_data[$i] & 0xffff;
                    if (skill_get_type($skill) == 6) {
                        array_push($weapon_array, array($user_lvl ? $skill : '', skill_get_name($skill), $temp[1]));
                    } elseif (skill_get_type($skill) == 7) {
                        array_push($class_array, array($user_lvl ? $skill : '', skill_get_name($skill), $temp[1]));
                    } elseif (skill_get_type($skill) == 8) {
                        array_push($armor_array, array($user_lvl ? $skill : '', skill_get_name($skill), $temp[1]));
                    } elseif (skill_get_type($skill) == 9) {
                        array_push($prof_2_array, array($user_lvl ? $skill : '', skill_get_name($skill), $temp[1]));
                    } elseif (skill_get_type($skill) == 10) {
                        array_push($language_array, array($user_lvl ? $skill : '', skill_get_name($skill), $temp[1]));
                    } elseif (skill_get_type($skill) == 11) {
                        array_push($prof_1_array, array($user_lvl ? $skill : '', skill_get_name($skill), $temp[1]));
                    } else {
                        array_push($skill_array, array($user_lvl ? $skill : '', skill_get_name($skill), $temp[1]));
                    }
                }
            }
            unset($char_data);
            aasort($skill_array, $order_by, $dir);
            aasort($class_array, $order_by, $dir);
            aasort($prof_1_array, $order_by, $dir);
            aasort($prof_2_array, $order_by, $dir);
            aasort($weapon_array, $order_by, $dir);
            aasort($armor_array, $order_by, $dir);
            aasort($language_array, $order_by, $dir);
            foreach ($skill_array as $data) {
                // this_is_junk: style left hardcoded because it's calculated.
                $max = $data[2] < $char["level"] * 5 ? $char["level"] * 5 : $data[2];
                $output .= '
                  <tr>
                    ' . ($user_lvl ? '<td>' . $data[0] . '</td>' : '') . '
                    <td align="right">' . $data[1] . '</td>
                    <td class="bar skill_bar" style="background-position: ' . (round(385 * $data[2] / $max) - 385) . 'px;">
                      <span style="position: relative; top: -2px;">' . $data[2] . '/' . $max . '</span>
                    </td>
                  </tr>';
            }
            if (count($class_array)) {
                $output .= '
                  <tr><th class="title" colspan="' . ($user_lvl ? '3' : '2') . '" align="left">' . lang("char", "classskills") . '</th></tr>';
            }
            foreach ($class_array as $data) {
                $max = $data[2] < $char["level"] * 5 ? $char["level"] * 5 : $data[2];
                $output .= '
                  <tr>
                    ' . ($user_lvl ? '<td>' . $data[0] . '</td>' : '') . '
                    <td align="right"><a href="' . $base_datasite . $skill_datasite . '7.' . $char["class"] . '.' . $data[0] . '" rel="external">' . $data[1] . '</a></td>
                    <td class="bar skill_bar" style="background-position: 0px;">
                    </td>
                  </tr>';
            }
            if (count($prof_1_array)) {
                $output .= '
                  <tr><th class="title" colspan="' . ($user_lvl ? '3' : '2') . '" align="left">' . lang("char", "professions") . '</th></tr>';
            }
            foreach ($prof_1_array as $data) {
                // this_is_junk: style left hardcoded because it's calculated.
                $max = $data[2] < 76 ? 75 : ($data[2] < 151 ? 150 : ($data[2] < 226 ? 225 : ($data[2] < 301 ? 300 : ($data[2] < 376 ? 375 : ($data[2] < 376 ? 375 : 450)))));
                $output .= '
                  <tr>
                    ' . ($user_lvl ? '<td>' . $data[0] . '</td>' : '') . '
                    <td align="right"><a href="' . $base_datasite . $skill_datasite . '11.' . $data[0] . '" rel="external">' . $data[1] . '</a></td>
                    <td class="bar skill_bar" style="background-position: ' . (round(385 * $data[2] / $max) - 385) . 'px;">
                      <span style="position: relative; top: -2px;">' . $data[2] . '/' . $max . ' (' . $skill_rank_array[$max] . ')</span>
                    </td>
                  </tr>';
            }
            if (count($prof_2_array)) {
                $output .= '
                  <tr><th class="title" colspan="' . ($user_lvl ? '3' : '2') . '" align="left">' . lang("char", "secondaryskills") . '</th></tr>';
            }
            foreach ($prof_2_array as $data) {
                // this_is_junk: style left hardcoded because it's calculated.
                $max = $data[2] < 76 ? 75 : ($data[2] < 151 ? 150 : ($data[2] < 226 ? 225 : ($data[2] < 301 ? 300 : ($data[2] < 376 ? 375 : ($data[2] < 376 ? 375 : 450)))));
                $output .= '
                  <tr>
                    ' . ($user_lvl ? '<td>' . $data[0] . '</td>' : '') . '
                    <td align="right"><a href="' . $base_datasite . $skill_datasite . '9.' . $data[0] . '" rel="external">' . $data[1] . '</a></td>
                    <td class="bar skill_bar" style="background-position: ' . (round(385 * $data[2] / $max) - 385) . 'px;">
                      <span style="position: relative; top: -2px;">' . $data[2] . '/' . $max . ' (' . $skill_rank_array[$max] . ')</span>
                    </td>
                  </tr>';
            }
            if (count($weapon_array)) {
                $output .= '
                  <tr><th class="title" colspan="' . ($user_lvl ? '3' : '2') . '" align="left">' . lang("char", "weaponskills") . '</th></tr>';
            }
            foreach ($weapon_array as $data) {
                // this_is_junk: style left hardcoded because it's calculated.
                $max = $data[2] < $char["level"] * 5 ? $char["level"] * 5 : $data[2];
                $output .= '
                  <tr>
                    ' . ($user_lvl ? '<td>' . $data[0] . '</td>' : '') . '
                    <td align="right">' . $data[1] . '</td>
                    <td class="bar skill_bar" style="background-position: ' . (round(385 * $data[2] / $max) - 385) . 'px;">
                      <span style="position: relative; top: -2px;">' . $data[2] . '/' . $max . '</span>
                    </td>
                  </tr>';
            }
            if (count($armor_array)) {
                $output .= '
                  <tr><th class="title" colspan="' . ($user_lvl ? '3' : '2') . '" align="left">' . lang("char", "armorproficiencies") . '</th></tr>';
            }
            foreach ($armor_array as $data) {
                $max = $data[2] < $char["level"] * 5 ? $char["level"] * 5 : $data[2];
                $output .= '
                  <tr>
                    ' . ($user_lvl ? '<td>' . $data[0] . '</td>' : '') . '
                    <td align="right">' . $data[1] . '</td>
                    <td class="bar skill_bar" style="background-position: 0px;">
                    </td>
                  </tr>';
            }
            if (count($language_array)) {
                $output .= '
                  <tr><th class="title" colspan="' . ($user_lvl ? '3' : '2') . '" align="left">' . lang("char", "languages") . '</th></tr>';
            }
            foreach ($language_array as $data) {
                // this_is_junk: style left hardcoded because it's calculated.
                $max = $data[2] < $char["level"] * 5 ? $char["level"] * 5 : $data[2];
                $output .= '
                  <tr>
                    ' . ($user_lvl ? '<td>' . $data[0] . '</td>' : '') . '
                    <td align="right">' . $data[1] . '</td>
                    <td class="bar skill_bar" style="background-position: ' . (round(385 * $data[2] / $max) - 385) . 'px;">
                      <span style="position: relative; top: -2px;">' . $data[2] . '/' . $max . '</span>
                    </td>
                  </tr>';
            }
            $output .= '
                </table>
                <br />
              </div>
              <br />
            </div>
            <br />
            <table class="hidden center">
              <tr>
                <td>';
            // button to user account page, user account page has own security
            makebutton(lang("char", "chars_acc"), 'user.php?action=edit_user&amp;id=' . $owner_acc_id . '', 130);
            $output .= '
                </td>
                <td>';
            // only higher level GM with delete access can edit character
            //  character edit allows removal of character items, so delete permission is needed
            if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"]) {
                //makebutton($lang_char["edit_button"], 'char_edit.php?id='.$id.'&amp;realm='.$realmid.'', 130);
                $output .= '
                </td>
                <td>';
            }
            // only higher level GM with delete access, or character owner can delete character
            if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"] || $owner_name === $user_name) {
                makebutton(lang("char", "del_char"), 'char_list.php?action=del_char_form&amp;check%5B%5D=' . $id . '" type="wrn', 130);
                $output .= '
                </td>
                <td>';
            }
            // only GM with update permission can send mail, mail can send items, so update permission is needed
            if ($user_lvl >= $action_permission["update"]) {
                makebutton(lang("char", "send_mail"), 'mail.php?type=ingame_mail&amp;to=' . $char["name"] . '', 130);
                $output .= '
                </td>
                <td>';
            }
            makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130);
            $output .= '
                </td>
              </tr>
            </table>
            <br />
          <!-- end of char_achieve.php -->';
        } else {
            error(lang("char", "no_permission"));
        }
    } else {
        error(lang("char", "no_char_found"));
    }
}
Esempio n. 13
0
function index(&$sqlr, &$sqlc, &$sqlm)
{
    global $output, $lang_global, $lang_index, $realm_id, $mmfpm_db, $server, $action_permission, $user_lvl, $user_id, $showcountryflag, $motd_display_poster, $gm_online_count, $gm_online, $itemperpage;
    $output .= '
<div class="top">';
    if (test_port($server[$realm_id]['addr'], $server[$realm_id]['game_port'])) {
        $stats = $sqlr->fetch_assoc($sqlr->query('
			SELECT starttime, maxplayers 
			FROM uptime 
			WHERE realmid = ' . $realm_id . ' 
			ORDER BY starttime DESC 
			LIMIT 1'), 0);
        $uptimetime = time() - $stats['starttime'];
        $max_ever = $sqlr->fetch_assoc($sqlr->query('
			SELECT maxplayers
			FROM uptime
			WHERE realmid = ' . $realm_id . '
			ORDER BY maxplayers DESC
			LIMIT 1'), 0);
        function format_uptime($seconds)
        {
            $secs = intval($seconds % 60);
            $mins = intval($seconds / 60 % 60);
            $hours = intval($seconds / 3600 % 24);
            $days = intval($seconds / 86400);
            $uptimeString = '';
            if ($days) {
                $uptimeString .= $days;
                $uptimeString .= 1 === $days ? ' day' : ' days';
            }
            if ($hours) {
                $uptimeString .= (0 < $days ? ', ' : '') . $hours;
                $uptimeString .= 1 === $hours ? ' hour' : ' hours';
            }
            if ($mins) {
                $uptimeString .= (0 < $days || 0 < $hours ? ', ' : '') . $mins;
                $uptimeString .= 1 === $mins ? ' minute' : ' minutes';
            }
            if ($secs) {
                $uptimeString .= (0 < $days || 0 < $hours || 0 < $mins ? ', ' : '') . $secs;
                $uptimeString .= 1 === $secs ? ' second' : ' seconds';
            }
            return $uptimeString;
        }
        $staticUptime = $lang_index['realm'] . ' <em>' . htmlentities(get_realm_name($realm_id)) . '</em> ' . $lang_index['online'] . ' for ' . format_uptime($uptimetime);
        unset($uptimetime);
        $output .= '
	<div id="uptime">
		<h1><font color="#55aa55">' . $staticUptime . '</font><br /></h1>
	</div>
</div>';
        unset($staticUptime);
        $online = true;
    } else {
        $output .= '
	<h1><font class="error">' . $lang_index['realm'] . ' <em>' . htmlentities(get_realm_name($realm_id)) . '</em> ' . $lang_index['offline_or_let_high'] . '</font></h1>
</div>';
        $online = false;
    }
    $output .= '
<center>
<fieldset>
	<legend>Info</legend>
	<table class="lined" style="width: 100%; display: table">
		<tr>
			<th>
				' . $lang_index['maxplayers'] . ': ' . $stats['maxplayers'] . '<br />
				' . $lang_index['maxplayersever'] . ': ' . $max_ever['maxplayers'] . '
			</th>
		</tr>
	</table>
</fieldset>';
    unset($max_ever);
    unset($stats);
    $start_m = isset($_GET['start_m']) ? $sqlc->quote_smart($_GET['start_m']) : 0;
    if (is_numeric($start_m)) {
    } else {
        $start_m = 0;
    }
    //print online chars
    if ($online) {
        //==========================$_GET and SECURE=================================
        $start = isset($_GET['start']) ? $sqlc->quote_smart($_GET['start']) : 0;
        if (is_numeric($start)) {
        } else {
            $start = 0;
        }
        $order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : 'level';
        if (preg_match('/^[_[:lower:]]{1,12}$/', $order_by)) {
        } else {
            $order_by = 'level';
        }
        $dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 1;
        if (preg_match('/^[01]{1}$/', $dir)) {
        } else {
            $dir = 1;
        }
        $order_dir = $dir ? 'DESC' : 'ASC';
        $dir = $dir ? 0 : 1;
        //==========================$_GET and SECURE end=============================
        if ($order_by === 'map') {
            $order_by = 'map ' . $order_dir . ', zone';
        } elseif ($order_by === 'zone') {
            $order_by = 'zone ' . $order_dir . ', map';
        }
        $order_side = '';
        if ($user_lvl || $server[$realm_id]['both_factions']) {
        } else {
            $result = $sqlc->query('
				SELECT race 
				FROM characters 
				WHERE account = ' . $user_id . '	AND totaltime = 
					(SELECT MAX(totaltime) 
					FROM characters 
					WHERE account = ' . $user_id . ') 
				LIMIT 1');
            if ($sqlc->num_rows($result)) {
                $order_side = in_array($sqlc->result($result, 0), array(2, 5, 6, 8, 10)) ? ' AND race IN (2,5,6,8,10) ' : ' AND race IN (1,3,4,7,11) ';
            }
        }
        if ($order_by == 'ip') {
            $result = $sqlr->query('
				SELECT id, last_ip 
				FROM account 
				WHERE active_realm_id  != 1 
				ORDER BY last_ip ' . $order_dir . ' 
				LIMIT ' . $start . ', ' . $itemperpage . '');
        } else {
            $result = $sqlc->query('
				SELECT c.guid, c.name, c.race, c.class, c.zone, c.map, c.level, c.account, c.gender, c.totalHonorPoints,
					COALESCE(guild_member.guildid,0) AS guildid 
				FROM characters c
					LEFT JOIN guild_member ON guild_member.guid = c.guid 
				WHERE c.online = 1 ' . ($gm_online == '0' ? 'AND c.extra_flags &1 = 0 ' : '') . $order_side . ' 
				ORDER BY ' . $order_by . ' ' . $order_dir . ' LIMIT ' . $start . ', ' . $itemperpage);
        }
        $total_online = $sqlc->result($sqlc->query('
				SELECT count(*)
				FROM characters
				WHERE online= 1' . ($gm_online_count == '0' ? ' AND extra_flags &1 = 0' : '')), 0);
        $output .= '
<center>
<fieldset>
	<legend>' . $lang_index['tot_users_online'] . ': ' . $total_online . '</legend>
	<table class="lined" style="width: 100%; display: table">

	<tr>
		<td colspan="' . (10 - $showcountryflag) . '" align="right" class="hidden" width="25%">';
        $output .= generate_pagination('index.php?start_m=' . $start_m . '&amp;order_by=' . $order_by . '&amp;dir=' . ($dir ? 0 : 1), $total_online, $itemperpage, $start);
        $output .= '
		</td>
	</tr>
	<tr>
		<th width="15%"><a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=name&amp;dir=' . $dir . '"' . ($order_by === 'name' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['name'] . '</a></th>
		<th width="1%"><a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=race&amp;dir=' . $dir . '"' . ($order_by === 'race' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['race'] . '</a></th>
		<th width="1%"><a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=class&amp;dir=' . $dir . '"' . ($order_by === 'class' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['class'] . '</a></th>
		<th width="5%"><a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=level&amp;dir=' . $dir . '"' . ($order_by === 'level' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['level'] . '</a></th>
		<th width="1%"><a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=totalHonorPoints&amp;dir=' . $dir . '"' . ($order_by === 'totalHonorPoints' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['rank'] . '</a></th>
		<th width="15%"><a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=guildid&amp;dir=' . $dir . '"' . ($order_by === 'gname' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['guild'] . '</a></th>
		<th width="20%"><a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=map&amp;dir=' . $dir . '"' . ($order_by === 'map ' . $order_dir . ', zone' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['map'] . '</a></th>
		<th width="25%"><a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=zone&amp;dir=' . $dir . '"' . ($order_by === 'zone ' . $order_dir . ', map' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['zone'] . '</a></th>';
        if ($showcountryflag) {
            require_once 'libs/misc_lib.php';
            $output .= '
		<th width="1%">' . $lang_global['country'] . '</th>';
        }
        $output .= '
	</tr>';
        $sqlm = new SQL();
        $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
        while ($char = $sqlc->fetch_assoc($result)) {
            if ($order_by == 'ip') {
                $temp = $sqlc->fetch_assoc($sqlc->query('
					SELECT characters.guid, characters.name, characters.race, characters.class, characters.zone, characters.map, characters.level, characters.account, characters.gender, characters.totalHonorPoints,
						COALESCE(guild_member.guildid,0) AS guildid 
					FROM characters LEFT JOIN guild_member ON guild_member.guid = characters.guid 
					WHERE characters.online= 1 ' . ($gm_online == '0' ? 'AND characters.extra_flags &1 = 0 ' : '') . $order_side . ' and account = ' . $char['id']));
                if (isset($temp['guid'])) {
                    $char = $temp;
                } else {
                    continue;
                }
            }
            $gm = $sqlr->result($sqlr->query('
			SELECT gmlevel 
			FROM account 
			WHERE id=' . $char['account'] . ''), 0);
            $guild_name = $sqlc->result($sqlc->query('
			SELECT name 
			FROM guild 
			WHERE guildid=' . $char['guildid'] . ''));
            $output .= '
	<tr>
		<td>';
            if ($user_lvl >= $gm) {
                $output .= '
			<a href="char.php?id=' . $char['guid'] . '">
				<span onmousemove="toolTip(\'' . id_get_gm_level($gm) . '\', \'item_tooltip\')" onmouseout="toolTip()">' . htmlentities($char['name']) . '</span>
			</a>';
            } else {
                $output .= '
			' . htmlentities($char['name']) . '</span>';
            }
            $output .= '
		</td>
		<td>
			<img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />
		</td>
		<td>
			<img src="img/c_icons/' . $char['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />
		</td>
		<td>' . char_get_level_color($char['level']) . '</td>
		<td>
			<span onmouseover="toolTip(\'' . char_get_pvp_rank_name($char['totalHonorPoints'], char_get_side_id($char['race'])) . '\', \'item_tooltip\')" onmouseout="toolTip()" style="color: white;"><img src="img/ranks/rank' . char_get_pvp_rank_id($char['totalHonorPoints'], char_get_side_id($char['race'])) . '.gif" alt="" /></span>
		</td>
		<td>
			<a href="guild.php?action=view_guild&amp;error=3&amp;id=' . $char['guildid'] . '">' . htmlentities($guild_name) . '</a>
		</td>
		<td>
			<span onmousemove="toolTip(\'MapID:' . $char['map'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_map_name($char['map'], $sqlm) . '</span>
		</td>
		<td>
			<span onmousemove="toolTip(\'ZoneID:' . $char['zone'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_zone_name($char['zone'], $sqlm) . '</span>
		</td>';
            if ($showcountryflag) {
                $country = misc_get_country_by_account($char['account'], $sqlr, $sqlm);
                $output .= '
		<td>
			' . ($country['code'] ? '<img src="img/flags/' . $country['code'] . '.png" onmousemove="toolTip(\'' . $country['country'] . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" />' : '-') . '
		</td>';
            }
            $output .= '
	</tr>';
        }
        $output .= '
	<tr>';
        $output .= '
		<td colspan="' . (10 - $showcountryflag) . '" align="right" class="hidden" width="25%">';
        $output .= generate_pagination('index.php?start_m=' . $start_m . '&amp;order_by=' . $order_by . '&amp;dir=' . ($dir ? 0 : 1), $total_online, $itemperpage, $start);
        unset($total_online);
        $output .= '
		</td>
	</tr>
	</table>
</fieldset>
<br />
</center>';
    }
}
Esempio n. 14
0
function front(&$sqlr, &$sqlc, &$sqlm)
{
    global $output, $lang_global, $lang_index, $realm_id, $world_db, $mmfpm_db, $server, $action_permission, $user_lvl, $user_id, $showcountryflag, $motd_display_poster, $gm_online_count, $gm_online, $itemperpage;
    $output .= '
                <div class="top">';
    if (test_port($server[$realm_id]['addr'], $server[$realm_id]['game_port'])) {
        $stats = $sqlr->fetch_assoc($sqlr->query('SELECT starttime, maxplayers FROM uptime WHERE realmid = ' . $realm_id . ' ORDER BY starttime DESC LIMIT 1'), 0);
        $uptimetime = time() - $stats['starttime'];
        function format_uptime($seconds)
        {
            $secs = intval($seconds % 60);
            $mins = intval($seconds / 60 % 60);
            $hours = intval($seconds / 3600 % 24);
            $days = intval($seconds / 86400);
            $uptimeString = '';
            if ($days) {
                $uptimeString .= $days;
                $uptimeString .= 1 === $days ? ' day' : ' days';
            }
            if ($hours) {
                $uptimeString .= (0 < $days ? ', ' : '') . $hours;
                $uptimeString .= 1 === $hours ? ' hour' : ' hours';
            }
            if ($mins) {
                $uptimeString .= (0 < $days || 0 < $hours ? ', ' : '') . $mins;
                $uptimeString .= 1 === $mins ? ' minute' : ' minutes';
            }
            if ($secs) {
                $uptimeString .= (0 < $days || 0 < $hours || 0 < $mins ? ', ' : '') . $secs;
                $uptimeString .= 1 === $secs ? ' second' : ' seconds';
            }
            return $uptimeString;
        }
        $staticUptime = $lang_index['realm'] . ' <em>' . htmlentities(get_realm_name($realm_id)) . '</em> ' . $lang_index['online'] . ' for ' . format_uptime($uptimetime);
        unset($uptimetime);
        $output .= '
                    <div id="uptime">
                        <h1>
                            <font color="#55aa55">' . $staticUptime . '<br />' . $lang_index['maxplayers'] . ': ' . $stats['maxplayers'] . '</font>
                        </h1>
                    </div>';
        unset($staticUptime);
        unset($stats);
        $online = true;
    } else {
        $output .= '
                    <h1>
                        <font class="error">' . $lang_index['realm'] . ' <em>' . htmlentities(get_realm_name($realm_id)) . '</em> ' . $lang_index['offline_or_let_high'] . '</font>
                    </h1>';
        $online = false;
    }
    $sqlw = new SQL();
    $sqlw->connect($world_db[$realm_id]['addr'], $world_db[$realm_id]['user'], $world_db[$realm_id]['pass'], $world_db[$realm_id]['name']);
    //  This retrieves the actual database version from the database itself, instead of hardcoding it into a string
    $version = $sqlw->fetch_assoc($sqlw->query('SELECT core_revision, db_version FROM version'), 0);
    $output .= '
                    ' . $lang_index['trinity_rev'] . ' ' . $version['core_revision'] . ' ' . $lang_index['using_db'] . ' ' . $version['db_version'] . '
                </div>';
    unset($version);
    //MOTD part
    $start_m = isset($_GET['start_m']) ? $sqlc->quote_smart($_GET['start_m']) : 0;
    if (is_numeric($start_m)) {
    } else {
        $start_m = 0;
    }
    $sqlm = new SQL();
    $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
    $all_record_m = $sqlm->result($sqlm->query('SELECT count(*) FROM mm_motd'), 0);
    if ($user_lvl >= $action_permission['delete']) {
        $output .= '
                <script type="text/javascript">
                    // <![CDATA[
                        answerbox.btn_ok="' . $lang_global['yes_low'] . '";
                        answerbox.btn_cancel="' . $lang_global['no'] . '";
                        var del_motd = "motd.php?action=delete_motd&amp;id=";
                    // ]]>
                </script>';
    }
    $output .= '
                <center>
                    <table class="lined">
                        <tr>
                            <th align="right">';
    if ($user_lvl >= $action_permission['insert']) {
        $output .= '
                                <a href="motd.php?action=add_motd">' . $lang_index['add_motd'] . '</a>';
    }
    $output .= '
                            </th>
                        </tr>';
    if ($all_record_m) {
        $result = $sqlm->query('SELECT id, realmid, type, content FROM mm_motd WHERE realmid = ' . $realm_id . ' ORDER BY id DESC LIMIT ' . $start_m . ', 3');
        while ($post = $sqlm->fetch_assoc($result)) {
            $output .= '
                        <tr>
                            <td align="left" class="large">
                                <blockquote>' . bbcode_bbc2html($post['content']) . '</blockquote>
                            </td>
                        </tr>
                        <tr>
                            <td align="right">';
            $motd_display_poster ? $output .= $post['type'] : '';
            if ($user_lvl >= $action_permission['delete']) {
                $output .= '
                                <img src="img/cross.png" width="12" height="12" onclick="answerBox(\'' . $lang_global['delete'] . ': &lt;font color=white&gt;' . $post['id'] . '&lt;/font&gt;&lt;br /&gt;' . $lang_global['are_you_sure'] . '\', del_motd + ' . $post['id'] . ');" style="cursor:pointer;" alt="" />';
            }
            if ($user_lvl >= $action_permission['update']) {
                $output .= '
                                <a href="motd.php?action=edit_motd&amp;error=3&amp;id=' . $post['id'] . '">
                                    <img src="img/edit.png" width="14" height="14" alt="" />
                                </a>';
            }
            $output .= '
                            </td>
                        </tr>
                        <tr>
                            <td class="hidden"></td>
                        </tr>';
        }
        if ($online) {
            $output .= '%%REPLACE_TAG%%';
        } else {
            $output .= '
                        <tr>
                            <td align="right" class="hidden">' . generate_pagination('index.php?start=0', $all_record_m, 3, $start_m, 'start_m') . '</td>
                        </tr>';
        }
    }
    $output .= '
                    </table>';
    //print online chars
    if ($online) {
        //==========================$_GET and SECURE=================================
        $start = isset($_GET['start']) ? $sqlc->quote_smart($_GET['start']) : 0;
        if (is_numeric($start)) {
        } else {
            $start = 0;
        }
        $order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : 'level';
        if (preg_match('/^[_[:lower:]]{1,12}$/', $order_by)) {
        } else {
            $order_by = 'level';
        }
        $dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 1;
        if (preg_match('/^[01]{1}$/', $dir)) {
        } else {
            $dir = 1;
        }
        $order_dir = $dir ? 'DESC' : 'ASC';
        $dir = $dir ? 0 : 1;
        //==========================$_GET and SECURE end=============================
        if ($order_by === 'map') {
            $order_by = 'map ' . $order_dir . ', zone';
        } elseif ($order_by === 'zone') {
            $order_by = 'zone ' . $order_dir . ', map';
        }
        $order_side = '';
        if ($user_lvl || $server[$realm_id]['both_factions']) {
        } else {
            $result = $sqlc->query('SELECT race FROM characters WHERE account = ' . $user_id . '
                                    AND totaltime = (SELECT MAX(totaltime) FROM characters WHERE account = ' . $user_id . ') LIMIT 1');
            if ($sqlc->num_rows($result)) {
                $order_side = in_array($sqlc->result($result, 0), array(2, 5, 6, 8, 10)) ? ' AND race IN (2,5,6,8,10) ' : ' AND race IN (1,3,4,7,11) ';
            }
        }
        if ($order_by == 'ip') {
            $result = $sqlr->query('SELECT id, last_ip FROM account WHERE online = 1 ORDER BY last_ip ' . $order_dir . ' LIMIT ' . $start . ', ' . $itemperpage . '');
        } else {
            $result = $sqlc->query('SELECT characters.guid,  characters.name,  characters.race,  characters.class,  characters.zone,  characters.map,  characters.level,  characters.account,  characters.gender,  characters.totalHonorPoints, COALESCE(guild_member.guildid,0) AS guildid FROM characters LEFT JOIN guild_member ON guild_member.guid = characters.guid WHERE characters.online = 1 ' . ($gm_online == '0' ? 'AND characters.extra_flags &1 = 0 ' : '') . $order_side . ' ORDER BY ' . $order_by . ' ' . $order_dir . ' LIMIT ' . $start . ', ' . $itemperpage);
        }
        $total_online = $sqlc->result($sqlc->query('SELECT count(*) FROM characters WHERE online= 1' . ($gm_online_count == '0' ? ' AND extra_flags &1 = 0' : '')), 0);
        $replace = '
              <tr>
                <td align="right" class="hidden">' . generate_pagination('index.php?start=' . $start . '&amp;order_by=' . $order_by . '&amp;dir=' . ($dir ? 0 : 1) . '', $all_record_m, 3, $start_m, 'start_m') . '</td>
              </tr>';
        unset($all_record_m);
        $output = str_replace('%%REPLACE_TAG%%', $replace, $output);
        unset($replace);
        $output .= '
                    <font class="bold">' . $lang_index['tot_users_online'] . ': ' . $total_online . '</font>
                    <table class="lined">
                        <tr>
                            <td colspan="' . (10 - $showcountryflag) . '" align="right" class="hidden" width="25%">';
        $output .= generate_pagination('index.php?start_m=' . $start_m . '&amp;order_by=' . $order_by . '&amp;dir=' . ($dir ? 0 : 1), $total_online, $itemperpage, $start);
        $output .= '
                            </td>
                        </tr>
                        <tr>
                            <th width="15%"><a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=name&amp;dir=' . $dir . '"' . ($order_by === 'name' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['name'] . '</a></th>
                            <th width="1%"><a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=race&amp;dir=' . $dir . '"' . ($order_by === 'race' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['race'] . '</a></th>
                            <th width="1%"><a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=class&amp;dir=' . $dir . '"' . ($order_by === 'class' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['class'] . '</a></th>
                            <th width="5%"><a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=level&amp;dir=' . $dir . '"' . ($order_by === 'level' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['level'] . '</a></th>
                            <th width="1%"><a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=totalHonorPoints&amp;dir=' . $dir . '"' . ($order_by === 'totalHonorPoints' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['rank'] . '</a></th>
                            <th width="15%"><a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=guildid&amp;dir=' . $dir . '"' . ($order_by === 'guildid' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['guild'] . '</a></th>
                            <th width="20%"><a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=map&amp;dir=' . $dir . '"' . ($order_by === 'map ' . $order_dir . ', zone' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['map'] . '</a></th>
                            <th width="25%"><a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=zone&amp;dir=' . $dir . '"' . ($order_by === 'zone ' . $order_dir . ', map' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_index['zone'] . '</a></th>';
        if ($showcountryflag) {
            require_once 'libs/misc_lib.php';
            $output .= '
                            <th width="1%">' . $lang_global['country'] . '</th>';
        }
        $output .= '
                        </tr>';
        $sqlm = new SQL();
        $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
        while ($char = $sqlc->fetch_assoc($result)) {
            if ($order_by == 'ip') {
                $temp = $sqlc->fetch_assoc($sqlc->query('SELECT characters.guid,  characters.name,  characters.race,  characters.class,  characters.zone,  characters.map,  characters.level,  characters.account,  characters.gender,  characters.totalHonorPoints, COALESCE(guild_member.guildid,0) AS guildid FROM characters LEFT JOIN guild_member ON guild_member.guid = characters.guid WHERE characters.online= 1 ' . ($gm_online == '0' ? 'AND characters.extra_flags &1 = 0 ' : '') . $order_side . ' and account = ' . $char['id']));
                if (isset($temp['guid'])) {
                    $char = $temp;
                } else {
                    continue;
                }
            }
            $gm = $sqlr->result($sqlr->query('SELECT gmlevel FROM account_access WHERE id=' . $char['account'] . ''), 0);
            $guild_name = $sqlc->result($sqlc->query('SELECT name FROM guild WHERE guildid=' . $char['guildid'] . ''));
            $output .= '
                        <tr>
                            <td>';
            if ($user_lvl >= $gm) {
                $output .= '
                                <a href="char.php?id=' . $char['guid'] . '">
                                    <span onmousemove="toolTip(\'' . id_get_gm_level($gm) . '\', \'item_tooltip\')" onmouseout="toolTip()">' . htmlentities($char['name']) . '</span>
                                </a>';
            } else {
                $output .= '
                                <span onmousemove="toolTip(\'' . id_get_gm_level($gm) . '\', \'item_tooltip\')" onmouseout="toolTip()">' . htmlentities($char['name']) . '</span>';
            }
            $output .= '
                            </td>
                            <td>
                                <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />
                            </td>
                            <td>
                                <img src="img/c_icons/' . $char['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />
                            </td>
                            <td>' . char_get_level_color($char['level']) . '</td>
                            <td>
                                <span onmouseover="toolTip(\'' . char_get_pvp_rank_name($char['totalHonorPoints'], char_get_side_id($char['race'])) . '\', \'item_tooltip\')" onmouseout="toolTip()" style="color: white;"><img src="img/ranks/rank' . char_get_pvp_rank_id($char['totalHonorPoints'], char_get_side_id($char['race'])) . '.gif" alt="" /></span>
                            </td>
                            <td>
                                <a href="guild.php?action=view_guild&amp;error=3&amp;id=' . $char['guildid'] . '">' . htmlentities($guild_name) . '</a>
                            </td>
                            <td><span onmousemove="toolTip(\'MapID:' . $char['map'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_map_name($char['map'], $sqlm) . '</span></td>
                            <td><span onmousemove="toolTip(\'ZoneID:' . $char['zone'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_zone_name($char['zone'], $sqlm) . '</span></td>';
            if ($showcountryflag) {
                $country = misc_get_country_by_account($char['account'], $sqlr, $sqlm);
                $output .= '
                            <td>' . ($country['code'] ? '<img src="img/flags/' . $country['code'] . '.png" onmousemove="toolTip(\'' . $country['country'] . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" />' : '-') . '</td>';
            }
            $output .= '
                        </tr>';
        }
        $output .= '
                        <tr>';
        $output .= '
                            <td colspan="' . (10 - $showcountryflag) . '" align="right" class="hidden" width="25%">';
        $output .= generate_pagination('index.php?start_m=' . $start_m . '&amp;order_by=' . $order_by . '&amp;dir=' . ($dir ? 0 : 1), $total_online, $itemperpage, $start);
        unset($total_online);
        $output .= '
                            </td>
                        </tr>
                    </table>
                    <br />
                </center>';
    }
}
Esempio n. 15
0
            </tr>';
while ($char = $sql["char"]->fetch_assoc($query)) {
    if ($core == 1) {
        $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_data WHERE playerid='" . $char["guid"] . "'"), 0);
        $guild_name = $sql["char"]->result($sql["char"]->query("SELECT guildname FROM guilds WHERE guildid='" . $guild_id . "'"), 0);
    } else {
        $guild_name = $sql["char"]->fetch_assoc($sql["char"]->query("SELECT `name` FROM `guild` WHERE `guildid`=" . $char["GNAME"] . ";"));
        $guild_name = $guild_name["name"];
    }
    $output .= '
            <tr>
              <td>
                <a href="char.php?id=' . $char["guid"] . '">' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . '</a>
              </td>
              <td>
                <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
              </td>
              <td>
                <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
              </td>
              <td>' . char_get_level_color($char["level"]) . '</td>
              <td>
                <span onmouseover="oldtoolTip(\'' . char_get_pvp_rank_name($char["honor"], char_get_side_id($char["race"])) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" class="honor_tooltip">
                  <img src="img/ranks/rank' . char_get_pvp_rank_id($char["honor"], char_get_side_id($char["race"])) . '.gif" alt="" />
                </span>
              </td>
              <td>' . $char["honor"] . '</td>
              <td>' . $char["kills"] . '</td>
              <td>' . $char["arena"] . '</td>
              <td>
                <a href="guild.php?action=view_guild&amp;error=3&amp;id=' . $char["GNAME"] . '">' . htmlentities($guild_name, ENT_COMPAT, $site_encoding) . '</a>
function char_main()
{
    global $output, $realm_id, $logon_db, $characters_db, $world_db, $server, $corem_db, $site_encoding, $action_permission, $user_lvl, $user_name, $user_id, $locales_search_option, $base_datasite, $item_datasite, $spell_datasite, $showcountryflag, $timezone_offset, $sql, $core;
    // this page uses wowhead tooltops
    //wowhead_tt();
    // we need at either an id or a name or we would have nothing to show
    if (empty($_GET["id"])) {
        if (empty($_GET["name"])) {
            error(lang("global", "empty_fields"));
        }
    }
    // this is multi realm support, as of writing still under development
    // this page is already implementing it
    if (empty($_GET["realm"])) {
        $realmid = $realm_id;
    } else {
        $realmid = $sql["logon"]->quote_smart($_GET["realm"]);
        if (is_numeric($realmid)) {
            $sql["char"]->connect($characters_db[$realmid]["addr"], $characters_db[$realmid]["user"], $characters_db[$realmid]["pass"], $characters_db[$realmid]["name"], $characters_db[$realmid]["encoding"]);
        } else {
            $realmid = $realm_id;
        }
    }
    if (empty($_GET["id"])) {
        $name = $sql["char"]->quote_smart($_GET["name"]);
        if ($core == 1) {
            $result = $sql["char"]->query("SELECT guid, acct, race FROM characters WHERE name='" . $name . "' LIMIT 1");
        } else {
            $result = $sql["char"]->query("SELECT guid, id AS acct, race FROM characters WHERE name='" . $name . "' LIMIT 1");
        }
        $id_result = $sql["char"]->fetch_assoc($result);
        $id = $id_result["guid"];
    } else {
        $id = $sql["char"]->quote_smart($_GET["id"]);
    }
    if (!is_numeric($id)) {
        error(lang("global", "empty_fields"));
    }
    if ($core == 1) {
        $result = $sql["char"]->query("SELECT acct, race FROM characters WHERE guid='" . $id . "' LIMIT 1");
    } else {
        $result = $sql["char"]->query("SELECT account AS acct, race FROM characters WHERE guid='" . $id . "' LIMIT 1");
    }
    if ($sql["char"]->num_rows($result)) {
        //resrict by owner's gmlvl
        $owner_acc_id = $sql["char"]->result($result, 0, "acct");
        if ($core == 1) {
            $query = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $owner_acc_id . "'");
        } else {
            $query = $sql["logon"]->query("SELECT username as login FROM account WHERE id='" . $owner_acc_id . "'");
        }
        $owner_name = $sql["logon"]->result($query, 0, "login");
        $s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='******'";
        $s_result = $sql["mgr"]->query($s_query);
        $s_fields = $sql["mgr"]->fetch_assoc($s_result);
        $owner_gmlvl = $s_fields["gm"];
        $view_mod = $s_fields["View_Mod_Sheet"];
        if ($owner_gmlvl >= 1073741824) {
            $owner_gmlvl -= 1073741824;
        }
        // owner configured overrides
        $view_override = false;
        if ($view_mod > 0) {
            if ($view_mod == 1) {
            } elseif ($view_mod == 2) {
                // only registered users may view this page
                if ($user_lvl > -1) {
                    $view_override = true;
                }
            }
        }
        if ($user_lvl || $server[$realmid]["both_factions"]) {
            $side_v = 0;
            $side_p = 0;
        } else {
            $side_p = in_array($sql["char"]->result($result, 0, "race"), array(2, 5, 6, 8, 10)) ? 1 : 2;
            if ($core == 1) {
                $result_1 = $sql["char"]->query("SELECT race FROM characters WHERE acct='" . $user_id . "' LIMIT 1");
            } else {
                $result_1 = $sql["char"]->query("SELECT race FROM characters WHERE account='" . $user_id . "' LIMIT 1");
            }
            if ($sql["char"]->num_rows($result)) {
                $side_v = in_array($sql["char"]->result($result_1, 0, "race"), array(2, 5, 6, 8, 10)) ? 1 : 2;
            } else {
                $side_v = 0;
            }
            unset($result_1);
        }
        if ($view_override || $user_lvl >= gmlevel($owner_gmlvl) && ($side_v === $side_p || !$side_v)) {
            if ($core == 1) {
                $result = $sql["char"]->query("SELECT guid, name, race, class, level, zoneid, mapid, online, gender,\n          SUBSTRING_INDEX(SUBSTRING_INDEX(playedtime, ' ', 2), ' ', -1) AS totaltime,\n          acct, data, timestamp, xp \n          FROM characters WHERE guid='" . $id . "'");
            } elseif ($core == 2) {
                $result = $sql["char"]->query("SELECT guid, name, race, class, level, zone AS zoneid, map AS mapid, \n          online, gender, totaltime, account AS acct, logout_time AS timestamp, health, \n\t\t\t\t\tpower1, power2, power3, power4, power5, power6, power7, xp,\n          arenaPoints, totalHonorPoints, totalKills\n          FROM characters WHERE guid='" . $id . "'");
            } else {
                $result = $sql["char"]->query("SELECT guid, name, race, class, level, zone AS zoneid, map AS mapid, \n          online, gender, totaltime, account AS acct, logout_time AS timestamp, health, \n\t\t\t\t\tpower1, power2, power3, power4, power5, power6, power7, xp, arenaPoints, totalHonorPoints, totalKills\n          FROM characters WHERE guid='" . $id . "'");
            }
            $char = $sql["char"]->fetch_assoc($result);
            // find out what mode we're in View or Delete (0 = View, 1 = Delete)
            $mode = isset($_GET["mode"]) ? $_GET["mode"] : 0;
            // only the character's owner or a GM with Delete privs can enter Delete Mode
            if ($owner_name != $user_name) {
                if ($user_lvl < $action_permission["delete"]) {
                    $mode = 0;
                } else {
                    $mode = $mode;
                }
            }
            // View Mode is only availble on characters that are offline
            if ($char["online"] != 0) {
                $mode = 0;
            }
            if ($core == 1) {
                $char_data = $char["data"];
                if (empty($char_data)) {
                    $char_data = str_repeat("0;", PLAYER_END);
                }
                $char_data = explode(";", $char_data);
            } else {
                $query = "SELECT * FROM characters LEFT JOIN character_stats ON characters.guid=character_stats.guid WHERE characters.guid='" . $id . "'";
                $char_data_result = $sql["char"]->query($query);
                $char_data_fields = $sql["char"]->fetch_assoc($char_data_result);
                $char_data[PLAYER_BLOCK_PERCENTAGE] = isset($char_data_fields["blockPct"]) ? $char_data_fields["blockPct"] : '&nbsp;';
                $char_data[PLAYER_DODGE_PERCENTAGE] = isset($char_data_fields["dodgePct"]) ? $char_data_fields["dodgePct"] : '&nbsp;';
                $char_data[PLAYER_PARRY_PERCENTAGE] = isset($char_data_fields["parryPct"]) ? $char_data_fields["parryPct"] : '&nbsp;';
                $char_data[PLAYER_CRIT_PERCENTAGE] = isset($char_data_fields["critPct"]) ? $char_data_fields["critPct"] : '&nbsp;';
                $char_data[PLAYER_RANGED_CRIT_PERCENTAGE] = isset($char_data_fields["rangedCritPct"]) ? $char_data_fields["rangedCritPct"] : '&nbsp;';
                $char_data[UNIT_FIELD_MAXDAMAGE] = isset($char_data_fields["attackPower"]) ? $char_data_fields["attackPower"] : '&nbsp;';
                $char_data[UNIT_FIELD_MINDAMAGE] = isset($char_data_fields["attackPower"]) ? $char_data_fields["attackPower"] : '&nbsp;';
                $char_data[UNIT_FIELD_MAXRANGEDDAMAGE] = isset($char_data_fields["rangedAttackPower"]) ? $char_data_fields["rangedAttackPower"] : '&nbsp;';
                $char_data[UNIT_FIELD_MINRANGEDDAMAGE] = isset($char_data_fields["rangedAttackPower"]) ? $char_data_fields["rangedAttackPower"] : '&nbsp;';
                $char_data[PLAYER_SPELL_CRIT_PERCENTAGE1] = isset($char_data_fields["spellCritPct"]) ? $char_data_fields["spellCritPct"] : '&nbsp;';
                $char_data[PLAYER_FIELD_MOD_DAMAGE_DONE_POS] = isset($char_data_fields["spellPower"]) ? $char_data_fields["spellPower"] : '&nbsp;';
                $char_data[UNIT_FIELD_STAT0] = isset($char_data_fields["strength"]) ? $char_data_fields["strength"] : '&nbsp;';
                $char_data[UNIT_FIELD_STAT1] = isset($char_data_fields["agility"]) ? $char_data_fields["agility"] : '&nbsp;';
                $char_data[UNIT_FIELD_STAT2] = isset($char_data_fields["stamina"]) ? $char_data_fields["stamina"] : '&nbsp;';
                $char_data[UNIT_FIELD_STAT3] = isset($char_data_fields["intellect"]) ? $char_data_fields["intellect"] : '&nbsp;';
                $char_data[UNIT_FIELD_STAT4] = isset($char_data_fields["spirit"]) ? $char_data_fields["spirit"] : '&nbsp;';
                $char_data[UNIT_FIELD_RESISTANCES] = isset($char_data_fields["armor"]) ? $char_data_fields["armor"] : '&nbsp;';
                $char_data[UNIT_FIELD_RESISTANCES + 1] = isset($char_data_fields["resHoly"]) ? $char_data_fields["resHoly"] : '&nbsp;';
                $char_data[UNIT_FIELD_RESISTANCES + 2] = isset($char_data_fields["resArcane"]) ? $char_data_fields["resArcane"] : '&nbsp;';
                $char_data[UNIT_FIELD_RESISTANCES + 3] = isset($char_data_fields["resFire"]) ? $char_data_fields["resFire"] : '&nbsp;';
                $char_data[UNIT_FIELD_RESISTANCES + 4] = isset($char_data_fields["resNature"]) ? $char_data_fields["resNature"] : '&nbsp;';
                $char_data[UNIT_FIELD_RESISTANCES + 5] = isset($char_data_fields["resFrost"]) ? $char_data_fields["resFrost"] : '&nbsp;';
                $char_data[UNIT_FIELD_RESISTANCES + 6] = isset($char_data_fields["resShadow"]) ? $char_data_fields["resShadow"] : '&nbsp;';
                $char_data[UNIT_FIELD_HEALTH] = isset($char["health"]) ? $char["health"] : '&nbsp;';
                $char_data[UNIT_FIELD_MAXHEALTH] = isset($char_data_fields["maxhealth"]) ? $char_data_fields["maxhealth"] : '&nbsp;';
                $char_data[UNIT_FIELD_POWER1] = isset($char["power1"]) ? $char["power1"] : '&nbsp;';
                $char_data[UNIT_FIELD_POWER2] = isset($char["power2"]) ? $char["power2"] : '&nbsp;';
                $char_data[UNIT_FIELD_POWER3] = isset($char["power3"]) ? $char["power3"] : '&nbsp;';
                $char_data[UNIT_FIELD_POWER4] = isset($char["power4"]) ? $char["power4"] : '&nbsp;';
                $char_data[UNIT_FIELD_POWER5] = isset($char["power5"]) ? $char["power5"] : '&nbsp;';
                $char_data[UNIT_FIELD_POWER6] = isset($char["power6"]) ? $char["power6"] : '&nbsp;';
                $char_data[UNIT_FIELD_POWER7] = isset($char["power7"]) ? $char["power7"] : '&nbsp;';
                $char_data[UNIT_FIELD_MAXPOWER1] = isset($char_data_fields["maxpower1"]) ? $char_data_fields["maxpower1"] : '&nbsp;';
                $char_data[UNIT_FIELD_MAXPOWER2] = isset($char_data_fields["maxpower2"]) ? $char_data_fields["maxpower2"] : '&nbsp;';
                $char_data[UNIT_FIELD_MAXPOWER3] = isset($char_data_fields["maxpower3"]) ? $char_data_fields["maxpower3"] : '&nbsp;';
                $char_data[UNIT_FIELD_MAXPOWER4] = isset($char_data_fields["maxpower4"]) ? $char_data_fields["maxpower4"] : '&nbsp;';
                $char_data[UNIT_FIELD_MAXPOWER5] = isset($char_data_fields["maxpower5"]) ? $char_data_fields["maxpower5"] : '&nbsp;';
                $char_data[UNIT_FIELD_MAXPOWER6] = isset($char_data_fields["maxpower6"]) ? $char_data_fields["maxpower6"] : '&nbsp;';
                $char_data[UNIT_FIELD_MAXPOWER7] = isset($char_data_fields["maxpower7"]) ? $char_data_fields["maxpower7"] : '&nbsp;';
                $char_data[PLAYER_FIELD_MOD_HEALING_DONE_POS] = "ERR";
                $char_data[PLAYER_FIELD_COMBAT_RATING_1 + 5] = "ERR";
                $char_data[PLAYER_FIELD_COMBAT_RATING_1 + 17] = "ERR";
                $char_data[PLAYER_FIELD_COMBAT_RATING_1 + 6] = "ERR";
                $char_data[PLAYER_FIELD_COMBAT_RATING_1 + 7] = "ERR";
                $char_data[PLAYER_EXPERTISE] = "ERR";
                $char_data[PLAYER_OFFHAND_EXPERTISE] = "ERR";
                $char_data[PLAYER_FIELD_HONOR_CURRENCY] = isset($char["totalHonorPoints"]) ? $char["totalHonorPoints"] : '&nbsp;';
                $char_data[PLAYER_FIELD_ARENA_CURRENCY] = isset($char["arenaPoints"]) ? $char["arenaPoints"] : '&nbsp;';
                $char_data[PLAYER_FIELD_LIFETIME_HONORBALE_KILLS] = isset($char["totalKills"]) ? $char["totalKills"] : '&nbsp;';
            }
            if ($core == 1) {
                $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_data WHERE playerid='" . $char["guid"] . "'"), 0);
                $guild_rank = $sql["char"]->result($sql["char"]->query("SELECT guildRank FROM guild_data WHERE playerid='" . $char["guid"] . "'"), 0);
                $guild_name = $sql["char"]->result($sql["char"]->query("SELECT guildName FROM guilds WHERE guildid='" . $guild_id . "'"));
            } else {
                $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_member WHERE guid='" . $char["guid"] . "'"), 0);
                $guild_rank = $sql["char"]->result($sql["char"]->query("SELECT rank AS guildRank FROM guild_member WHERE guid='" . $char["guid"] . "'"), 0);
                $guild_name = $sql["char"]->result($sql["char"]->query("SELECT name AS guildName FROM guild WHERE guildid='" . $guild_id . "'"));
            }
            $online = $char["online"] ? lang("char", "online") : lang("char", "offline");
            if ($guild_id) {
                //$guild_name = $sql["char"]->result($sql["char"]->query('SELECT name FROM guild WHERE guildid ='.$char_data[CHAR_DATA_OFFSET_GUILD_ID].''), 0, 'name');
                $guild_name = '<a href="guild.php?action=view_guild&amp;realm=' . $realmid . '&amp;error=3&amp;id=' . $guild_id . '" >' . $guild_name . '</a>';
                $mrank = $guild_rank;
                if ($core == 1) {
                    $guild_rank = $sql["char"]->result($sql["char"]->query("SELECT rankname FROM guild_ranks WHERE guildid='" . $guild_id . "' AND rankId='" . $mrank . "'"), 0, "rankname");
                } else {
                    $guild_rank = $sql["char"]->result($sql["char"]->query("SELECT rname AS rankname FROM guild_rank WHERE guildid='" . $guild_id . "' AND rid='" . $mrank . "'"), 0, "rankname");
                }
            } else {
                $guild_name = lang("global", "none");
                $guild_rank = lang("global", "none");
            }
            if ($core == 1) {
                $block = unpack("f", pack("L", $char_data[PLAYER_BLOCK_PERCENTAGE]));
                $block = round($block[1], 2);
                $dodge = unpack("f", pack("L", $char_data[PLAYER_DODGE_PERCENTAGE]));
                $dodge = round($dodge[1], 2);
                $parry = unpack("f", pack("L", $char_data[PLAYER_PARRY_PERCENTAGE]));
                $parry = round($parry[1], 2);
                $crit = unpack("f", pack("L", $char_data[PLAYER_CRIT_PERCENTAGE]));
                $crit = round($crit[1], 2);
                $ranged_crit = unpack("f", pack("L", $char_data[PLAYER_RANGED_CRIT_PERCENTAGE]));
                $ranged_crit = round($ranged_crit[1], 2);
                $maxdamage = unpack("f", pack("L", $char_data[UNIT_FIELD_MAXDAMAGE]));
                $maxdamage = round($maxdamage[1], 0);
                $mindamage = unpack("f", pack("L", $char_data[UNIT_FIELD_MINDAMAGE]));
                $mindamage = round($mindamage[1], 0);
                $maxrangeddamage = unpack("f", pack("L", $char_data[UNIT_FIELD_MAXRANGEDDAMAGE]));
                $maxrangeddamage = round($maxrangeddamage[1], 0);
                $minrangeddamage = unpack("f", pack("L", $char_data[UNIT_FIELD_MINRANGEDDAMAGE]));
                $minrangeddamage = round($minrangeddamage[1], 0);
            } else {
                $block = $char_data[PLAYER_BLOCK_PERCENTAGE];
                $block = round($block, 2);
                $dodge = $char_data[PLAYER_DODGE_PERCENTAGE];
                $dodge = round($dodge, 2);
                $parry = $char_data[PLAYER_PARRY_PERCENTAGE];
                $parry = round($parry, 2);
                $crit = $char_data[PLAYER_CRIT_PERCENTAGE];
                $crit = round($crit, 2);
                $ranged_crit = $char_data[PLAYER_RANGED_CRIT_PERCENTAGE];
                $ranged_crit = round($ranged_crit, 2);
                $maxdamage = $char_data[UNIT_FIELD_MAXDAMAGE];
                $maxdamage = round($maxdamage, 0);
                $mindamage = $char_data[UNIT_FIELD_MINDAMAGE];
                $mindamage = round($mindamage, 0);
                $maxrangeddamage = $char_data[UNIT_FIELD_MAXRANGEDDAMAGE];
                $maxrangeddamage = round($maxrangeddamage, 0);
                $minrangeddamage = $char_data[UNIT_FIELD_MINRANGEDDAMAGE];
                $minrangeddamage = round($minrangeddamage, 0);
            }
            if ($core == 1) {
                $spell_crit = 100;
                for ($i = 0; $i < 6; ++$i) {
                    $temp = unpack("f", pack("L", $char_data[PLAYER_SPELL_CRIT_PERCENTAGE1 + 1 + $i]));
                    if ($temp[1] < $spell_crit) {
                        $spell_crit = $temp[1];
                    }
                }
                $spell_crit = round($spell_crit, 2);
            } else {
                $spell_crit = $char_data[PLAYER_SPELL_CRIT_PERCENTAGE1];
                $spell_crit = round($spell_crit, 2);
            }
            if ($core == 1) {
                $spell_damage = 9999;
                for ($i = 0; $i < 6; ++$i) {
                    if ($char_data[PLAYER_FIELD_MOD_DAMAGE_DONE_POS + 1 + $i] < $spell_damage) {
                        $spell_damage = $char_data[PLAYER_FIELD_MOD_DAMAGE_DONE_POS + 1 + $i];
                    }
                }
            } else {
                $spell_damage = $char_data[PLAYER_FIELD_MOD_DAMAGE_DONE_POS];
            }
            $spell_heal = $char_data[PLAYER_FIELD_MOD_HEALING_DONE_POS];
            // this_is_junk: PLAYER_FIELD_COMBAT_RATING_1 +5, +6, and +7 seem to have the same value as +5
            //               I'm not sure which of these fields is which hit rating. :/
            $spell_hit = $char_data[PLAYER_FIELD_COMBAT_RATING_1 + 5];
            // this_is_junk: PLAYER_FIELD_COMBAT_RATING_1 +18 and +19 seem to have the same value as +5
            //               I'm not sure which of these fields is really spell haste. :/
            $spell_haste = $char_data[PLAYER_FIELD_COMBAT_RATING_1 + 17];
            // this_is_junk: PLAYER_FIELD_COMBAT_RATING_1 +5, +6, and +7 seem to have the same value as +5
            //               I'm not sure which of these fields is which hit rating. :/
            $ranged_hit = $char_data[PLAYER_FIELD_COMBAT_RATING_1 + 6];
            // this_is_junk: PLAYER_FIELD_COMBAT_RATING_1 +5, +6, and +7 seem to have the same value as +5
            //               I'm not sure which of these fields is which hit rating. :/
            $melee_hit = $char_data[PLAYER_FIELD_COMBAT_RATING_1 + 7];
            $expertise = $char_data[PLAYER_EXPERTISE] . " / " . $char_data[PLAYER_OFFHAND_EXPERTISE];
            //if ( $core == 1 )
            //{
            /*$EQU_HEAD      = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 0];
              $EQU_NECK      = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 2];
              $EQU_SHOULDER  = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 4];
              $EQU_SHIRT     = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 6];
              $EQU_CHEST     = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 8];
              $EQU_BELT      = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 10];
              $EQU_LEGS      = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 12];
              $EQU_FEET      = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 14];
              $EQU_WRIST     = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 16];
              $EQU_GLOVES    = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 18];
              $EQU_FINGER1   = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 20];
              $EQU_FINGER2   = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 22];
              $EQU_TRINKET1  = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 24];
              $EQU_TRINKET2  = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 26];
              $EQU_BACK      = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 28];
              $EQU_MAIN_HAND = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 30];
              $EQU_OFF_HAND  = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 32];
              $EQU_RANGED    = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 34];
              $EQU_TABARD    = $char_data[PLAYER_FIELD_INV_SLOT_HEAD + 36];*/
            //}
            //else
            //{
            $world_db_name = $world_db[$realm_id]["name"];
            if ($core == 1) {
                $char_equip_query = "SELECT *, \n          playeritems.entry AS item_template, randomprop as property, enchantments AS enchantment, flags\n          FROM playeritems WHERE ownerguid='" . $id . "' AND containerslot=-1";
            } elseif ($core == 2) {
                $char_equip_query = "SELECT *,\n          SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 11), ' ', -1) AS creator,\n          SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 23), ' ', -1) AS enchantment,\n          SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 60), ' ', -1) AS property,\n          SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 62), ' ', -1) AS durability,\n          SUBSTRING_INDEX(SUBSTRING_INDEX(item_instance.data, ' ', 22), ' ', -1) AS flags\n          FROM character_inventory\n            LEFT JOIN item_instance ON character_inventory.item=item_instance.guid\n          WHERE character_inventory.guid='" . $id . "' AND character_inventory.bag=0";
            } else {
                $char_equip_query = "SELECT *,\n          creatorGuid AS creator, enchantments AS enchantment,\n          randomPropertyId AS property, durability, flags,\n          itemEntry AS item_template\n          FROM character_inventory\n            LEFT JOIN item_instance ON character_inventory.item=item_instance.guid\n          WHERE character_inventory.guid='" . $id . "' AND character_inventory.bag=0";
            }
            $char_equip_result = $sql["char"]->query($char_equip_query);
            while ($equip_row = $sql["char"]->fetch_assoc($char_equip_result)) {
                switch ($equip_row["slot"]) {
                    case 0:
                        $EQU_HEAD = $equip_row["item_template"];
                        $EQU_HEAD_ROW = $equip_row;
                        break;
                    case 1:
                        $EQU_NECK = $equip_row["item_template"];
                        $EQU_NECK_ROW = $equip_row;
                        break;
                    case 2:
                        $EQU_SHOULDER = $equip_row["item_template"];
                        $EQU_SHOULDER_ROW = $equip_row;
                        break;
                    case 3:
                        $EQU_SHIRT = $equip_row["item_template"];
                        $EQU_SHIRT_ROW = $equip_row;
                        break;
                    case 4:
                        $EQU_CHEST = $equip_row["item_template"];
                        $EQU_CHEST_ROW = $equip_row;
                        break;
                    case 5:
                        $EQU_BELT = $equip_row["item_template"];
                        $EQU_BELT_ROW = $equip_row;
                        break;
                    case 6:
                        $EQU_LEGS = $equip_row["item_template"];
                        $EQU_LEGS_ROW = $equip_row;
                        break;
                    case 7:
                        $EQU_FEET = $equip_row["item_template"];
                        $EQU_FEET_ROW = $equip_row;
                        break;
                    case 8:
                        $EQU_WRIST = $equip_row["item_template"];
                        $EQU_WRIST_ROW = $equip_row;
                        break;
                    case 9:
                        $EQU_GLOVES = $equip_row["item_template"];
                        $EQU_GLOVES_ROW = $equip_row;
                        break;
                    case 10:
                        $EQU_FINGER1 = $equip_row["item_template"];
                        $EQU_FINGER1_ROW = $equip_row;
                        break;
                    case 11:
                        $EQU_FINGER2 = $equip_row["item_template"];
                        $EQU_FINGER2_ROW = $equip_row;
                        break;
                    case 12:
                        $EQU_TRINKET1 = $equip_row["item_template"];
                        $EQU_TRINKET1_ROW = $equip_row;
                        break;
                    case 13:
                        $EQU_TRINKET2 = $equip_row["item_template"];
                        $EQU_TRINKET2_ROW = $equip_row;
                        break;
                    case 14:
                        $EQU_BACK = $equip_row["item_template"];
                        $EQU_BACK_ROW = $equip_row;
                        break;
                    case 15:
                        $EQU_MAIN_HAND = $equip_row["item_template"];
                        $EQU_MAIN_HAND_ROW = $equip_row;
                        break;
                    case 16:
                        $EQU_OFF_HAND = $equip_row["item_template"];
                        $EQU_OFF_HAND_ROW = $equip_row;
                        break;
                    case 17:
                        $EQU_RANGED = $equip_row["item_template"];
                        $EQU_RANGED_ROW = $equip_row;
                        break;
                    case 18:
                        $EQU_TABARD = $equip_row["item_template"];
                        $EQU_TABARD_ROW = $equip_row;
                        break;
                }
            }
            //}
            $equiped_items = array(1 => array("", $EQU_HEAD ? get_item_icon($EQU_HEAD) : 0, $EQU_HEAD ? get_item_border($EQU_HEAD) : 0, $EQU_HEAD_ROW), 2 => array("", $EQU_NECK ? get_item_icon($EQU_NECK) : 0, $EQU_NECK ? get_item_border($EQU_NECK) : 0, $EQU_NECK_ROW), 3 => array("", $EQU_SHOULDER ? get_item_icon($EQU_SHOULDER) : 0, $EQU_SHOULDER ? get_item_border($EQU_SHOULDER) : 0, $EQU_SHOULDER_ROW), 4 => array("", $EQU_SHIRT ? get_item_icon($EQU_SHIRT) : 0, $EQU_SHIRT ? get_item_border($EQU_SHIRT) : 0, $EQU_SHIRT_ROW), 5 => array("", $EQU_CHEST ? get_item_icon($EQU_CHEST) : 0, $EQU_CHEST ? get_item_border($EQU_CHEST) : 0, $EQU_CHEST_ROW), 6 => array("", $EQU_BELT ? get_item_icon($EQU_BELT) : 0, $EQU_BELT ? get_item_border($EQU_BELT) : 0, $EQU_BELT_ROW), 7 => array("", $EQU_LEGS ? get_item_icon($EQU_LEGS) : 0, $EQU_LEGS ? get_item_border($EQU_LEGS) : 0, $EQU_LEGS_ROW), 8 => array("", $EQU_FEET ? get_item_icon($EQU_FEET) : 0, $EQU_FEET ? get_item_border($EQU_FEET) : 0, $EQU_FEET_ROW), 9 => array("", $EQU_WRIST ? get_item_icon($EQU_WRIST) : 0, $EQU_WRIST ? get_item_border($EQU_WRIST) : 0, $EQU_WRIST_ROW), 10 => array("", $EQU_GLOVES ? get_item_icon($EQU_GLOVES) : 0, $EQU_GLOVES ? get_item_border($EQU_GLOVES) : 0, $EQU_GLOVES_ROW), 11 => array("", $EQU_FINGER1 ? get_item_icon($EQU_FINGER1) : 0, $EQU_FINGER1 ? get_item_border($EQU_FINGER1) : 0, $EQU_FINGER1_ROW), 12 => array("", $EQU_FINGER2 ? get_item_icon($EQU_FINGER2) : 0, $EQU_FINGER2 ? get_item_border($EQU_FINGER2) : 0, $EQU_FINGER2_ROW), 13 => array("", $EQU_TRINKET1 ? get_item_icon($EQU_TRINKET1) : 0, $EQU_TRINKET1 ? get_item_border($EQU_TRINKET1) : 0, $EQU_TRINKET1_ROW), 14 => array("", $EQU_TRINKET2 ? get_item_icon($EQU_TRINKET2) : 0, $EQU_TRINKET2 ? get_item_border($EQU_TRINKET2) : 0, $EQU_TRINKET2_ROW), 15 => array("", $EQU_BACK ? get_item_icon($EQU_BACK) : 0, $EQU_BACK ? get_item_border($EQU_BACK) : 0, $EQU_BACK_ROW), 16 => array("", $EQU_MAIN_HAND ? get_item_icon($EQU_MAIN_HAND) : 0, $EQU_MAIN_HAND ? get_item_border($EQU_MAIN_HAND) : 0, $EQU_MAIN_HAND_ROW), 17 => array("", $EQU_OFF_HAND ? get_item_icon($EQU_OFF_HAND) : 0, $EQU_OFF_HAND ? get_item_border($EQU_OFF_HAND) : 0, $EQU_OFF_HAND_ROW), 18 => array("", $EQU_RANGED ? get_item_icon($EQU_RANGED) : 0, $EQU_RANGED ? get_item_border($EQU_RANGED) : 0, $EQU_RANGED_ROW), 19 => array("", $EQU_TABARD ? get_item_icon($EQU_TABARD) : 0, $EQU_TABARD ? get_item_border($EQU_TABARD) : 0, $EQU_TABARD_ROW));
            // visibility overrides for specific tabs
            $view_inv_override = false;
            if ($s_fields["View_Mod_Inv"] > 0) {
                if ($s_fields["View_Mod_Inv"] == 1) {
                } elseif ($s_fields["View_Mod_Inv"] == 2) {
                    // only registered users may view this tab
                    if ($user_lvl > -1) {
                        $view_inv_override = true;
                    }
                }
            } else {
                if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                    $view_inv_override = true;
                }
            }
            $view_talent_override = false;
            if ($s_fields["View_Mod_Talent"] > 0) {
                if ($s_fields["View_Mod_Talent"] == 1) {
                } elseif ($s_fields["View_Mod_Talent"] == 2) {
                    // only registered users may view this tab
                    if ($user_lvl > -1) {
                        $view_talent_override = true;
                    }
                }
            } else {
                if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                    $view_talent_override = true;
                }
            }
            $view_achieve_override = false;
            if ($s_fields["View_Mod_Achieve"] > 0) {
                if ($s_fields["View_Mod_Achieve"] == 1) {
                } elseif ($s_fields["View_Mod_Achieve"] == 2) {
                    // only registered users may view this tab
                    if ($user_lvl > -1) {
                        $view_achieve_override = true;
                    }
                }
            } else {
                if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                    $view_achieve_override = true;
                }
            }
            $view_quest_override = false;
            if ($s_fields["View_Mod_Quest"] > 0) {
                if ($s_fields["View_Mod_Quest"] == 1) {
                } elseif ($s_fields["View_Mod_Quest"] == 2) {
                    // only registered users may view this tab
                    if ($user_lvl > -1) {
                        $view_quest_override = true;
                    }
                }
            } else {
                if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                    $view_quest_override = true;
                }
            }
            $view_friends_override = false;
            if ($s_fields["View_Mod_Friends"] > 0) {
                if ($s_fields["View_Mod_Friends"] == 1) {
                } elseif ($s_fields["View_Mod_Friends"] == 2) {
                    // only registered users may view this tab
                    if ($user_lvl > -1) {
                        $view_friends_override = true;
                    }
                }
            } else {
                if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                    $view_friends_override = true;
                }
            }
            $view_view_override = false;
            if ($s_fields["View_Mod_View"] > 0) {
                if ($s_fields["View_Mod_View"] == 1) {
                } elseif ($s_fields["View_Mod_View"] == 2) {
                    // only registered users may view this tab
                    if ($user_lvl > -1) {
                        $view_view_override = true;
                    }
                }
            } else {
                if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                    $view_view_override = true;
                }
            }
            $view_pets_override = false;
            if ($s_fields["View_Mod_Pets"] > 0) {
                if ($s_fields["View_Mod_Pets"] == 1) {
                } elseif ($s_fields["View_Mod_Pets"] == 2) {
                    // only registered users may view this tab
                    if ($user_lvl > -1) {
                        $view_pets_override = true;
                    }
                }
            } else {
                if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                    $view_pets_override = true;
                }
            }
            $view_rep_override = false;
            if ($s_fields["View_Mod_Rep"] > 0) {
                if ($s_fields["View_Mod_Rep"] == 1) {
                } elseif ($s_fields["View_Mod_Rep"] == 2) {
                    // only registered users may view this tab
                    if ($user_lvl > -1) {
                        $view_rep_override = true;
                    }
                }
            } else {
                if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                    $view_rep_override = true;
                }
            }
            $view_skill_override = false;
            if ($s_fields["View_Mod_Skill"] > 0) {
                if ($s_fields["View_Mod_Skill"] == 1) {
                } elseif ($s_fields["View_Mod_Skill"] == 2) {
                    // only registered users may view this tab
                    if ($user_lvl > -1) {
                        $view_skill_override = true;
                    }
                }
            } else {
                if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                    $view_skill_override = true;
                }
            }
            $view_pvp_override = false;
            if ($s_fields["View_Mod_PvP"] > 0) {
                if ($s_fields["View_Mod_PvP"] == 1) {
                } elseif ($s_fields["View_Mod_PvP"] == 2) {
                    // only registered users may view this tab
                    if ($user_lvl > -1) {
                        $view_pvp_override = true;
                    }
                }
            } else {
                if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                    $view_pvp_override = true;
                }
            }
            $output .= '
          <!-- start of char.php -->
          <div class="tab">
            <ul>
              <li class="selected"><a href="char.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>';
            if ($view_inv_override) {
                $output .= '
              <li><a href="char_inv.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "inventory") . '</a></li>';
            }
            if ($view_talent_override) {
                $output .= '
              ' . ($char["level"] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "talents") . '</a></li>') . '';
            }
            if ($view_achieve_override) {
                $output .= '
              <li><a href="char_achieve.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "achievements") . '</a></li>';
            }
            if ($view_quest_override) {
                $output .= '
              <li><a href="char_quest.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "quests") . '</a></li>';
            }
            if ($view_friends_override) {
                $output .= '
              <li><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "friends") . '</a></li>';
            }
            if ($view_view_override) {
                $output .= '
              <li><a href="char_view.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "view") . '</a></li>';
            }
            $output .= '
            </ul>
          </div>';
            if ($view_override || $user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $output .= '
          <div class="tab_content center">
            <div class="tab">
              <ul>
                <li class="selected"><a href="char.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>';
                if (char_get_class_name($char["class"]) === "Hunter" && $view_pets_override) {
                    $output .= '
                <li><a href="char_pets.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "pets") . '</a></li>';
                }
                if ($view_rep_override) {
                    $output .= '
                <li><a href="char_rep.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "reputation") . '</a></li>';
                }
                if ($view_skill_override) {
                    $output .= '
                <li><a href="char_skill.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "skills") . '</a></li>';
                }
                if ($view_pvp_override) {
                    $output .= '
                <li><a href="char_pvp.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "pvp") . '</a></li>';
                }
                if ($owner_name == $user_name || $user_lvl >= get_page_permission("insert", "char_mail.php")) {
                    $output .= '
                <li><a href="char_mail.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "mail") . '</a></li>';
                }
                $output .= '
              </ul>
            </div>';
            } else {
                $output .= '
            <div class="tab_content center">
              <div class="tab">
              </div>';
            }
            $output .= '
              <div class="tab_content2 center">
                <table class="lined" id="char_character_sheet">
                  <tr>
                    <td colspan="2">
                      <div>
                        <img src="' . char_get_avatar_img($char["level"], $char["gender"], $char["race"], $char["class"], 0) . '" alt="avatar" />
                      </div>
                      <div>';
            // this_is_junk: auras are stored in a string in the characters table.
            // not sure how to query a string as though it were a record
            if ($core == 1) {
            } else {
                $a_results = $sql["char"]->query("SELECT DISTINCT spell FROM character_aura WHERE guid='" . $id . "'");
            }
            if ($sql["char"]->num_rows($a_results)) {
                while ($aura = $sql["char"]->fetch_assoc($a_results)) {
                    $output .= '
                        <a class="char_icon_padding" href="' . $base_datasite . $spell_datasite . $aura["spell"] . '" rel="external">
                          <img src="' . spell_get_icon($aura["spell"]) . '" alt="' . $aura["spell"] . '" width="24" height="24" />
                        </a>';
                }
            }
            $output .= '
                      </div>
                    </td>
                    <td colspan="4">
                      <span class="bold">
                        ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' -
                        <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                        <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                       - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . '
                      </span>
                      <br />' . lang("char", "location") . ': ' . get_map_name($char["mapid"]) . ' - ' . get_zone_name($char["zoneid"]) . '
                      <br />' . lang("char", "honor_points") . ': ' . $char_data[PLAYER_FIELD_HONOR_CURRENCY] . ' | ' . lang("char", "arena_points") . ': ' . $char_data[PLAYER_FIELD_ARENA_CURRENCY] . ' | ' . lang("char", "honor_kills") . ': ' . $char_data[PLAYER_FIELD_LIFETIME_HONORBALE_KILLS] . '
                      <br />' . lang("char", "guild") . ': ' . $guild_name . ' | ' . lang("char", "rank") . ': ' . htmlentities($guild_rank, ENT_COMPAT, $site_encoding) . '
                      <br />' . lang("char", "online") . ': ' . ($char["online"] ? '<img src="img/up.gif" onmousemove="oldtoolTip(\'' . lang("char", "online") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="online" />' : '<img src="img/down.gif" onmousemove="oldtoolTip(\'' . lang("char", "offline") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="offline" />');
            if ($showcountryflag) {
                require_once 'libs/misc_lib.php';
                $country = misc_get_country_by_account($char["acct"]);
                $output .= ' | ' . lang("global", "country") . ': ' . ($country["code"] ? '<img src="img/flags/' . $country["code"] . '.png" onmousemove="oldtoolTip(\'' . $country["country"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />' : '-');
                unset($country);
            }
            $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td style="width: 6%;">';
            if ($equiped_items[1][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_HEAD . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'HEAD' . '\');" onmouseout="HideTooltip(\'_b' . 'HEAD' . '\');">
                        <img src="' . $equiped_items[1][1] . '" class="' . $equiped_items[1][2] . '" alt="Head" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[1][3]["bag"] . '&slot=' . $equiped_items[1][3]["slot"] . '&item=' . $equiped_items[1][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[1][3]["item_template"]);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'HEAD' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[1][3]["enchantment"], $equiped_items[1][3]["property"], $equiped_items[1][3]["creator"], $equiped_items[1][3]["durability"], $equiped_items[1][3]["flags"]) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_head.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td class="half_line" colspan="2" align="center" style="width: 50%;">
                      <div class="gradient_p" id="char_hp_name">' . lang("item", "health") . ':</div>
                      <div class="gradient_pp" id="char_hp_value">' . $char_data[UNIT_FIELD_HEALTH] . '/' . $char_data[UNIT_FIELD_MAXHEALTH] . '</div>';
            if ($char["class"] == 11) {
                //druid
                $output .= '
                      <br />
                      <div class="gradient_p" id="char_energy_name">' . lang("item", "mana") . ':</div>
                      <div class="gradient_pp" id="char_energy_value">' . $char_data[UNIT_FIELD_POWER1] . '/' . $char_data[UNIT_FIELD_MAXPOWER1] . '</div>';
            }
            $output .= '
                    </td>
                    <td class="half_line" colspan="2" align="center" style="width: 50%;">';
            if ($char["class"] == 1) {
                $output .= '
                      <div class="gradient_p" id="char_energy_name">' . lang("item", "rage") . ':</div>
                      <div class="gradient_pp" id="char_energy_value">' . $char_data[UNIT_FIELD_POWER2] / 10 . '/' . $char_data[UNIT_FIELD_MAXPOWER2] / 10 . '</div>';
            } elseif ($char["class"] == 4) {
                $output .= '
                      <div class="gradient_p" id="char_energy_name">' . lang("item", "energy") . ':</div>
                      <div class="gradient_pp" id="char_energy_value">' . $char_data[UNIT_FIELD_POWER4] . '/' . $char_data[UNIT_FIELD_MAXPOWER4] . '</div>';
            } elseif ($char["class"] == 6) {
                $output .= '
                      <div class="gradient_p" id="char_energy_name">' . lang("item", "runic") . ':</div>
                      <div class="gradient_pp" id="char_energy_value">' . $char_data[UNIT_FIELD_POWER7] / 10 . '/' . $char_data[UNIT_FIELD_MAXPOWER7] / 10 . '</div>';
            } elseif ($char["class"] == 11) {
                $output .= '
                      <div class="gradient_p" id="char_energy_name">' . lang("item", "mana") . ':</div>
                      <div class="gradient_pp" id="char_energy_value">' . $char_data[UNIT_FIELD_POWER1] . '/' . $char_data[UNIT_FIELD_MAXPOWER1] . '</div>
                      <br />
                      <div class="gradient_p" id="char_energy_name">' . lang("item", "rage") . ':</div>
                      <div class="gradient_pp" id="char_energy_value">' . $char_data[UNIT_FIELD_POWER2] / 10 . '/' . $char_data[UNIT_FIELD_MAXPOWER2] / 10 . '</div>';
            } elseif ($char["class"] == 2 || $char["class"] == 3 || $char["class"] == 5 || $char["class"] == 7 || $char["class"] == 8 || $char["class"] == 9) {
                $output .= '
                      <div class="gradient_p" id="char_energy_name">' . lang("item", "mana") . ':</div>
                      <div class="gradient_pp" id="char_energy_value">' . $char_data[UNIT_FIELD_POWER1] . '/' . $char_data[UNIT_FIELD_MAXPOWER1] . '</div>';
            }
            $output .= '
                    </td>
                    <td style="width: 6%;">';
            if ($equiped_items[10][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_GLOVES . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'GLOVES' . '\');" onmouseout="HideTooltip(\'_b' . 'GLOVES' . '\');">
                        <img src="' . $equiped_items[10][1] . '" class="' . $equiped_items[10][2] . '" alt="Gloves" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[10][3]["bag"] . '&slot=' . $equiped_items[10][3]["slot"] . '&item=' . $equiped_items[10][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[10][3]["item_template"]);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'GLOVES' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[10][3]["enchantment"], $equiped_items[10][3]["property"], $equiped_items[10][3]["creator"], $equiped_items[10][3]["durability"], $equiped_items[10][3]["flags"]) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_gloves.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td style="width: 1%;">';
            if ($equiped_items[2][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_NECK . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'NECK' . '\');" onmouseout="HideTooltip(\'_b' . 'NECK' . '\');">
                        <img src="' . $equiped_items[2][1] . '" class="' . $equiped_items[2][2] . '" alt="Neck" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[2][3]["bag"] . '&slot=' . $equiped_items[2][3]["slot"] . '&item=' . $equiped_items[2][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[2][3]['item_template']);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'NECK' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[2][3]['enchantment'], $equiped_items[2][3]['property'], $equiped_items[2][3]['creator'], $equiped_items[2][3]['durability'], $equiped_items[2][3]['flags']) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_neck.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td class="half_line" colspan="2" rowspan="3" align="center" style="width: 50%;">
                      <div class="gradient_p">
                        ' . lang("item", "strength") . ':<br />
                        ' . lang("item", "agility") . ':<br />
                        ' . lang("item", "stamina") . ':<br />
                        ' . lang("item", "intellect") . ':<br />
                        ' . lang("item", "spirit") . ':<br />
                        ' . lang("item", "armor") . ':
                      </div>
                      <div class="gradient_pp">
                        ' . $char_data[UNIT_FIELD_STAT0] . '<br />
                        ' . $char_data[UNIT_FIELD_STAT1] . '<br />
                        ' . $char_data[UNIT_FIELD_STAT2] . '<br />
                        ' . $char_data[UNIT_FIELD_STAT3] . '<br />
                        ' . $char_data[UNIT_FIELD_STAT4] . '<br />
                        ' . $char_data[UNIT_FIELD_RESISTANCES] . '
                      </div>
                    </td>
                    <td class="half_line" colspan="2" rowspan="3" align="center" style="width: 50%;">
                      <div class="gradient_p">
                        ' . lang("item", "res_holy") . ':<br />
                        ' . lang("item", "res_arcane") . ':<br />
                        ' . lang("item", "res_fire") . ':<br />
                        ' . lang("item", "res_nature") . ':<br />
                        ' . lang("item", "res_frost") . ':<br />
                        ' . lang("item", "res_shadow") . ':
                      </div>
                      <div class="gradient_pp">
                        ' . $char_data[UNIT_FIELD_RESISTANCES + 1] . '<br />
                        ' . $char_data[UNIT_FIELD_RESISTANCES + 2] . '<br />
                        ' . $char_data[UNIT_FIELD_RESISTANCES + 3] . '<br />
                        ' . $char_data[UNIT_FIELD_RESISTANCES + 4] . '<br />
                        ' . $char_data[UNIT_FIELD_RESISTANCES + 5] . '<br />
                        ' . $char_data[UNIT_FIELD_RESISTANCES + 6] . '
                      </div>
                    </td>
                    <td style="width: 1%;">';
            if ($equiped_items[6][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_BELT . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'BELT' . '\');" onmouseout="HideTooltip(\'_b' . 'BELT' . '\');">
                        <img src="' . $equiped_items[6][1] . '" class="' . $equiped_items[6][2] . '" alt="Belt" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[6][3]["bag"] . '&slot=' . $equiped_items[6][3]["slot"] . '&item=' . $equiped_items[6][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[6][3]['item_template']);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'BELT' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[6][3]['enchantment'], $equiped_items[6][3]['property'], $equiped_items[6][3]['creator'], $equiped_items[6][3]['durability'], $equiped_items[6][3]['flags']) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_waist.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td style="width: 1%;">';
            if ($equiped_items[3][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_SHOULDER . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'SHOULDER' . '\');" onmouseout="HideTooltip(\'_b' . 'SHOULDER' . '\');">
                        <img src="' . $equiped_items[3][1] . '" class="' . $equiped_items[3][2] . '" alt="Shoulder" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[3][3]["bag"] . '&slot=' . $equiped_items[3][3]["slot"] . '&item=' . $equiped_items[3][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[3][3]['item_template']);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'SHOULDER' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[3][3]['enchantment'], $equiped_items[3][3]['property'], $equiped_items[3][3]['creator'], $equiped_items[3][3]['durability'], $equiped_items[3][3]['flags']) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_shoulder.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td style="width: 1%;">';
            if ($equiped_items[7][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_LEGS . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'LEGS' . '\');" onmouseout="HideTooltip(\'_b' . 'LEGS' . '\');">
                        <img src="' . $equiped_items[7][1] . '" class="' . $equiped_items[7][2] . '" alt="Legs" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[7][3]["bag"] . '&slot=' . $equiped_items[7][3]["slot"] . '&item=' . $equiped_items[7][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[7][3]['item_template']);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'LEGS' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[7][3]['enchantment'], $equiped_items[7][3]['property'], $equiped_items[7][3]['creator'], $equiped_items[7][3]['durability'], $equiped_items[7][3]['flags']) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_legs.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td style="width: 1%;">';
            if ($equiped_items[15][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_BACK . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'BACK' . '\');" onmouseout="HideTooltip(\'_b' . 'BACK' . '\');">
                        <img src="' . $equiped_items[15][1] . '" class="' . $equiped_items[15][2] . '" alt="Back" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[15][3]["bag"] . '&slot=' . $equiped_items[15][3]["slot"] . '&item=' . $equiped_items[15][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[15][3]['item_template']);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'BACK' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[15][3]['enchantment'], $equiped_items[15][3]['property'], $equiped_items[15][3]['creator'], $equiped_items[15][3]['durability'], $equiped_items[15][3]['flags']) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_chest_back.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td style="width: 1%;">';
            if ($equiped_items[8][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_FEET . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'FEET' . '\');" onmouseout="HideTooltip(\'_b' . 'FEET' . '\');">
                        <img src="' . $equiped_items[8][1] . '" class="' . $equiped_items[8][2] . '" alt="Feet" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[8][3]["bag"] . '&slot=' . $equiped_items[8][3]["slot"] . '&item=' . $equiped_items[8][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[8][3]['item_template']);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'FEET' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[8][3]['enchantment'], $equiped_items[8][3]['property'], $equiped_items[8][3]['creator'], $equiped_items[8][3]['durability'], $equiped_items[8][3]['flags']) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_feet.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td style="width: 1%;">';
            if ($equiped_items[5][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_CHEST . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'CHEST' . '\');" onmouseout="HideTooltip(\'_b' . 'CHEST' . '\');">
                        <img src="' . $equiped_items[5][1] . '" class="' . $equiped_items[5][2] . '" alt="Chest" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[5][3]["bag"] . '&slot=' . $equiped_items[5][3]["slot"] . '&item=' . $equiped_items[5][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[5][3]['item_template']);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'CHEST' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[5][3]['enchantment'], $equiped_items[5][3]['property'], $equiped_items[5][3]['creator'], $equiped_items[5][3]['durability'], $equiped_items[5][3]['flags']) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_chest_back.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td class="half_line" colspan="2" rowspan="2" align="center" style="width: 50%;">
                      <div class="gradient_p" id="char_melee_name">
                        ' . lang("char", "melee_d") . ':<br />
                        ' . lang("char", "melee_ap") . ':<br />
                        ' . lang("char", "melee_hit") . ':<br />
                        ' . lang("char", "melee_crit") . ':<br />
                        ' . lang("char", "expertise") . ':<br />
                      </div>
                      <div class="gradient_pp" id="char_melee_value">
                        ' . $mindamage . '-' . $maxdamage . '<br />
                        ' . ($char_data[UNIT_FIELD_ATTACK_POWER] + $char_data[UNIT_FIELD_ATTACK_POWER_MODS]) . '<br />
                        ' . $melee_hit . '<br />
                        ' . $crit . '%<br />
                        ' . $expertise . '<br />
                      </div>
                    </td>
                    <td class="half_line" colspan="2" rowspan="2" align="center" style="width: 50%;">
                      <div class="gradient_p">
                        ' . lang("char", "spell_d") . ':<br />
                        ' . lang("char", "spell_heal") . ':<br />
                        ' . lang("char", "spell_hit") . ':<br />
                        ' . lang("char", "spell_crit") . ':<br />
                        ' . lang("char", "spell_haste") . '
                      </div>
                      <div class="gradient_pp">
                        ' . $spell_damage . '<br />
                        ' . $spell_heal . '<br />
                        ' . $spell_hit . '<br />
                        ' . $spell_crit . '%<br />
                        ' . $spell_haste . '
                      </div>
                    </td>
                    <td style="width: 1%;">';
            if ($equiped_items[11][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_FINGER1 . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'FINGER1' . '\');" onmouseout="HideTooltip(\'_b' . 'FINGER1' . '\');">
                        <img src="' . $equiped_items[11][1] . '" class="' . $equiped_items[11][2] . '" alt="Finger1" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[11][3]["bag"] . '&slot=' . $equiped_items[11][3]["slot"] . '&item=' . $equiped_items[11][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[11][3]['item_template']);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'FINGER1' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[11][3]['enchantment'], $equiped_items[11][3]['property'], $equiped_items[11][3]['creator'], $equiped_items[11][3]['durability'], $equiped_items[11][3]['flags']) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_finger.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td style="width: 1%;">';
            if ($equiped_items[4][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_SHIRT . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'SHIRT' . '\');" onmouseout="HideTooltip(\'_b' . 'SHIRT' . '\');">
                        <img src="' . $equiped_items[4][1] . '" class="' . $equiped_items[4][2] . '" alt="Shirt" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[4][3]["bag"] . '&slot=' . $equiped_items[4][3]["slot"] . '&item=' . $equiped_items[4][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[4][3]['item_template']);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'SHIRT' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[4][3]['enchantment'], $equiped_items[4][3]['property'], $equiped_items[4][3]['creator'], $equiped_items[4][3]['durability'], $equiped_items[4][3]['flags']) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_shirt.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td style="width: 1%;">';
            if ($equiped_items[12][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_FINGER2 . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'FINGER2' . '\');" onmouseout="HideTooltip(\'_b' . 'FINGER2' . '\');">
                        <img src="' . $equiped_items[12][1] . '" class="' . $equiped_items[12][2] . '" alt="Finger2" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[12][3]["bag"] . '&slot=' . $equiped_items[12][3]["slot"] . '&item=' . $equiped_items[12][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[12][3]['item_template']);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'FINGER2' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[12][3]['enchantment'], $equiped_items[12][3]['property'], $equiped_items[12][3]['creator'], $equiped_items[12][3]['durability'], $equiped_items[12][3]['flags']) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_finger.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td style="width: 1%;">';
            if ($equiped_items[19][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_TABARD . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'TABARD' . '\');" onmouseout="HideTooltip(\'_b' . 'TABARD' . '\');">
                        <img src="' . $equiped_items[19][1] . '" class="' . $equiped_items[19][2] . '" alt="Tabard" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[19][3]["bag"] . '&slot=' . $equiped_items[19][3]["slot"] . '&item=' . $equiped_items[19][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[19][3]['item_template']);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'TABARD' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[19][3]['enchantment'], $equiped_items[19][3]['property'], $equiped_items[19][3]['creator'], $equiped_items[19][3]['durability'], $equiped_items[19][3]['flags']) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_tabard.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td class="half_line" colspan="2" rowspan="2" align="center" style="width: 50%;">
                      <div class="gradient_p">
                        ' . lang("char", "dodge") . ':<br />
                        ' . lang("char", "parry") . ':<br />
                        ' . lang("char", "block") . ':
                      </div>
                      <div class="gradient_pp">
                        ' . $dodge . '%<br />
                        ' . $parry . '%<br />
                        ' . $block . '%
                      </div>
                    </td>
                    <td class="half_line" colspan="2" rowspan="2" align="center" style="width: 50%;">
                      <div class="gradient_p" id="char_ranged_name">
                        ' . lang("char", "ranged_d") . ':<br />
                        ' . lang("char", "ranged_ap") . ':<br />
                        ' . lang("char", "ranged_hit") . ':<br />
                        ' . lang("char", "ranged_crit") . ':<br />
                      </div>
                      <div class="gradient_pp" id="char_ranged_value">
                        ' . $minrangeddamage . '-' . $maxrangeddamage . '<br />
                        ' . ($char_data[UNIT_FIELD_RANGED_ATTACK_POWER] + $char_data[UNIT_FIELD_RANGED_ATTACK_POWER_MODS]) . '<br />
                        ' . $ranged_hit . '<br />
                        ' . $ranged_crit . '%<br />
                      </div>
                    </td>
                    <td style="width: 1%;">';
            if ($equiped_items[13][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_TRINKET1 . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'TRINKET1' . '\');" onmouseout="HideTooltip(\'_b' . 'TRINKET1' . '\');">
                        <img src="' . $equiped_items[13][1] . '" class="' . $equiped_items[13][2] . '" alt="Trinket1" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[13][3]["bag"] . '&slot=' . $equiped_items[13][3]["slot"] . '&item=' . $equiped_items[13][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[13][3]['item_template']);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'TRINKET1' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[13][3]['enchantment'], $equiped_items[13][3]['property'], $equiped_items[13][3]['creator'], $equiped_items[13][3]['durability'], $equiped_items[13][3]['flags']) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_trinket.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td style="width: 1%;">';
            if ($equiped_items[9][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_WRIST . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'WRIST' . '\');" onmouseout="HideTooltip(\'_b' . 'WRIST' . '\');">
                        <img src="' . $equiped_items[9][1] . '" class="' . $equiped_items[9][2] . '" alt="Wrist" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[9][3]["bag"] . '&slot=' . $equiped_items[9][3]["slot"] . '&item=' . $equiped_items[9][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[9][3]['item_template']);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'WRIST' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[9][3]['enchantment'], $equiped_items[9][3]['property'], $equiped_items[9][3]['creator'], $equiped_items[9][3]['durability'], $equiped_items[9][3]['flags']) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_wrist.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td style="width: 1%;">';
            if ($equiped_items[14][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_TRINKET2 . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'TRINKET2' . '\');" onmouseout="HideTooltip(\'_b' . 'TRINKET2' . '\');">
                        <img src="' . $equiped_items[14][1] . '" class="' . $equiped_items[14][2] . '" alt="Trinket2" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[14][3]["bag"] . '&slot=' . $equiped_items[14][3]["slot"] . '&item=' . $equiped_items[14][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[14][3]['item_template']);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'TRINKET2' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[14][3]['enchantment'], $equiped_items[14][3]['property'], $equiped_items[14][3]['creator'], $equiped_items[14][3]['durability'], $equiped_items[14][3]['flags']) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_trinket.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                  </tr>
                  <tr>
                    <td></td>
                    <td style="width: 15%;">';
            if ($equiped_items[16][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_MAIN_HAND . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'MAIN_HAND' . '\');" onmouseout="HideTooltip(\'_b' . 'MAIN_HAND' . '\');">
                        <img src="' . $equiped_items[16][1] . '" class="' . $equiped_items[16][2] . '" alt="MainHand" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[16][3]["bag"] . '&slot=' . $equiped_items[16][3]["slot"] . '&item=' . $equiped_items[16][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[16][3]['item_template']);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'MAIN_HAND' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[16][3]['enchantment'], $equiped_items[16][3]['property'], $equiped_items[16][3]['creator'], $equiped_items[16][3]['durability'], $equiped_items[16][3]['flags']) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_main_hand.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td style="width: 15%;">';
            if ($equiped_items[17][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_OFF_HAND . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'OFF_HAND' . '\');" onmouseout="HideTooltip(\'_b' . 'OFF_HAND' . '\');">
                        <img src="' . $equiped_items[17][1] . '" class="' . $equiped_items[17][2] . '" alt="OffHand" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[17][3]["bag"] . '&slot=' . $equiped_items[17][3]["slot"] . '&item=' . $equiped_items[17][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[17][3]['item_template']);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'OFF_HAND' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[17][3]['enchantment'], $equiped_items[17][3]['property'], $equiped_items[17][3]['creator'], $equiped_items[17][3]['durability'], $equiped_items[17][3]['flags']) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_off_hand.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td style="width: 15%;">';
            if ($equiped_items[18][1]) {
                $output .= '
                      <a class="char_icon_padding" href="' . $base_datasite . $item_datasite . $EQU_RANGED . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . 'RANGED' . '\');" onmouseout="HideTooltip(\'_b' . 'RANGED' . '\');">
                        <img src="' . $equiped_items[18][1] . '" class="' . $equiped_items[18][2] . '" alt="Ranged" />
                      </a>';
                if ($mode) {
                    $output .= '
                      <div style="position: relative;">
                        <a href="char.php?action=delete_item&id=' . $id . '&bag=' . $equiped_items[18][3]["bag"] . '&slot=' . $equiped_items[18][3]["slot"] . '&item=' . $equiped_items[18][3]["item_template"] . '&mode=' . $mode . '" id="ch_item_delete">
                          <img src="img/aff_cross.png" />
                        </a>
                      </div>';
                }
                // build a tooltip object for this item
                $i_fields = get_item_info($equiped_items[18][3]['item_template']);
                $output .= '
                      <div class="item_tooltip" id="tooltip_b' . 'RANGED' . '">
                        <table>
                          <tr>
                            <td>
                              ' . get_item_tooltip($i_fields, $equiped_items[18][3]['enchantment'], $equiped_items[18][3]['property'], $equiped_items[18][3]['creator'], $equiped_items[18][3]['durability'], $equiped_items[18][3]['flags']) . '
                            </td>
                          </tr>
                        </table>
                      </div>';
            } else {
                $output .= '
                      <img src="img/INV/INV_empty_ranged.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                    </td>
                    <td style="width: 15%;"></td>
                    <td></td>
                  </tr>';
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                // if the character is still leveling, show an experience bar
                if ($char["level"] < 80) {
                    $xp_query = "SELECT * FROM xp_to_level WHERE level='" . $char["level"] . "'";
                    $xp_result = $sql["mgr"]->query($xp_query);
                    $xp_fields = $sql["mgr"]->fetch_assoc($xp_result);
                    $xp_to_level = $xp_fields["xp_for_next_level"];
                    $output .= '
                    <tr>
                      <td colspan="6" class="bar xp_bar" style="background-position: ' . (round(580 * $char["xp"] / $xp_to_level) - 580) . 'px;">
                        ' . lang("char", "exp") . ": " . $char["xp"] . " / " . $xp_to_level . '
                      </td>
                    </tr>';
                }
                //total time played
                $tot_time = $char["totaltime"];
                $tot_days = (int) ($tot_time / 86400);
                $tot_time = $tot_time - $tot_days * 86400;
                $total_hours = (int) ($tot_time / 3600);
                $tot_time = $tot_time - $total_hours * 3600;
                $total_min = (int) ($tot_time / 60);
                $time_offset = $timezone_offset * 3600;
                if ($char["timestamp"] != 0) {
                    $lastseen = date("F j, Y @ Hi", $char["timestamp"] + $time_offset);
                } else {
                    $lastseen = '-';
                }
                $output .= '
                  <tr>
                    <td colspan="6">
                      ' . lang("char", "tot_play_time") . ': ' . $tot_days . ' ' . lang("char", "days") . ' ' . $total_hours . ' ' . lang("char", "hours") . ' ' . $total_min . ' ' . lang("char", "min") . '
                    </td>
                  </tr>';
                $output .= '
                  <tr>
                    <td colspan="6">
                      ' . lang("char", "lastseen") . ': ' . $lastseen . '
                    </td>
                  </tr>';
            }
            $output .= '
                </table>
              </div>
              <br />
            </div>
            <br />
            <table class="hidden center">
              <tr>
                <td>';
            // button to user account page, user account page has own security
            makebutton(lang("char", "chars_acc"), 'user.php?action=edit_user&amp;acct=' . $owner_acc_id . '', 130);
            $output .= '
                </td>
                <td>';
            // only higher level GM with delete access can edit character
            //  character edit allows removal of character items, so delete permission is needed
            if ($user_lvl >= $owner_gmlvl && $user_lvl >= $action_permission["delete"]) {
                makebutton(lang("char", "edit_button"), 'char_edit.php?id=' . $id . '&amp;realm=' . $realmid, 130);
                $output .= '
                </td>
                <td>';
            }
            // only higher level GM with delete access, or character owner can delete character
            if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"] || $owner_name === $user_name) {
                makebutton(lang("char", "del_char"), 'char_list.php?action=del_char_form&amp;check%5B%5D=' . $id . '" type="wrn', 130);
                $output .= '
                </td>
                <td>';
            }
            // show Delete Mode / View Mode button depending on current mode
            if ($mode) {
                makebutton(lang("char", "viewmode"), 'char.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;mode=0" type="def', 130);
            } else {
                makebutton(lang("char", "deletemode"), 'char.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;mode=1" type="def', 130);
            }
            $output .= '
                </td>
                <td>';
            // only GM with update permission can send mail, mail can send items, so update permission is needed
            if ($user_lvl >= $action_permission["update"]) {
                makebutton(lang("char", "send_mail"), 'mail.php?type=ingame_mail&amp;to=' . $char["name"], 130);
                $output .= '
                </td>';
            } else {
                $output .= '
                </td>';
            }
            $output .= '
              </tr>
              <tr>
                <td>';
            makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130);
            $output .= '
                </td>
              </tr>
            </table>
            <br />
          <!-- end of char.php -->';
        } else {
        }
        //error($lang_char["no_permission"]);
    } else {
        error(lang("char", "no_char_found"));
    }
}
Esempio n. 17
0
function edit_char(&$sqlr, &$sqlc, &$sqlm)
{
    global $lang_global, $lang_char, $lang_item, $output, $realm_db, $characters_db, $realm_id, $mmfpm_db, $action_permission, $user_lvl, $item_datasite;
    // this page uses wowhead tooltops
    wowhead_tt();
    valid_login($action_permission['delete']);
    if (empty($_GET['id'])) {
        error($lang_global['empty_fields']);
    }
    $sqlm = new SQL();
    $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
    $id = $sqlc->quote_smart($_GET['id']);
    // getting character data from database
    $result = $sqlc->query("\r\n\t\tSELECT account \r\n\t\tFROM `characters` \r\n\t\tWHERE guid = '{$id}'");
    // no point going further if character does not exist
    if ($sqlc->num_rows($result)) {
        //resrict by owner's gmlvl
        $owner_acc_id = $sqlc->result($result, 0, 'account');
        $query = $sqlr->query("\r\n\t\t\tSELECT gmlevel, username \r\n\t\t\tFROM account \r\n\t\t\tWHERE id ='{$owner_acc_id}'");
        $owner_gmlvl = $sqlr->result($query, 0, 'gmlevel');
        $owner_name = $sqlr->result($query, 0, 'username');
        $owner_check = $sqlr->result($query, 0, 'username');
        if ($user_lvl >= $owner_gmlvl) {
            $result = $sqlc->query("\r\n\t\t\t\tSELECT c.guid, c.account, c.name, c.race, c.class, c.level, c.gender, c.online, c.money, c.totaltime,\r\n\t\t\t\t\tc.position_x, c.position_y, c.position_z, c.map, c.zone,\r\n\t\t\t\t\tc.totalHonorpoints, c.totalKills, c.arenaPoints, c.equipmentCache,\r\n\t\t\t\t\tCOALESCE(guild_member.guildid,0) AS guildid, COALESCE(guild_member.rank,0) AS grank\r\n\t\t\t\tFROM characters  c LEFT JOIN guild_member ON c.guid = guild_member.guid \r\n\t\t\t\tWHERE c.guid = '{$id}'");
            $char = $sqlc->fetch_assoc($result);
            $eq_data = explode(' ', $char['equipmentCache']);
            if ($char['online']) {
                $online = "<font class=\"error\">{$lang_char['online']}</font>{$lang_char['edit_offline_only_char']}";
            } else {
                $online = $lang_char['offline'];
            }
            if ($char['guildid']) {
                $query = $sqlc->query("\r\n\t\t\t\t\tSELECT name \r\n\t\t\t\t\tFROM guild \r\n\t\t\t\t\tWHERE guildid ='{$char['guildid']}'");
                $guild_name = $sqlc->result($query, 0, 'name');
                if ($user_lvl > 0) {
                    $guild_name = "<a href=\"guild.php?action=view_guild&amp;error=3&amp;id={$char['guildid']}\" >{$guild_name}</a>";
                }
                if ($char['grank']) {
                    $guild_rank_query = $sqlc->query("\r\n\t\t\t\t\t\tSELECT rname \r\n\t\t\t\t\t\tFROM guild_rank \r\n\t\t\t\t\t\tWHERE guildid ='{$char['guildid']}' AND rid='{$char['grank']}'");
                    $guild_rank = $sqlc->result($guild_rank_query, 0, 'rname');
                } else {
                    $guild_rank = $lang_char['guild_leader'];
                }
            } else {
                $guild_name = $lang_global['none'];
                $guild_rank = $lang_global['none'];
            }
            $output .= "\r\n                        <center>\r\n                            <form method=\"get\" action=\"char_edit.php\" name=\"form\">\r\n                                <input type=\"hidden\" name=\"action\" value=\"do_edit_char\" />\r\n                                <input type=\"hidden\" name=\"id\" value=\"{$id}\" />\r\n                                <table class=\"lined\">\r\n                                    <tr>\r\n                                        <td colspan=\"8\"><font class=\"bold\"><input type=\"text\" name=\"name\" size=\"14\" maxlength=\"12\" value=\"" . $char['name'] . "\" /> - <img src='img/c_icons/" . $char['race'] . "-" . $char['gender'] . ".gif' onmousemove='toolTip(\"" . char_get_race_name($char['race']) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" /> <img src='img/c_icons/" . $char['class'] . ".gif' onmousemove='toolTip(\"" . char_get_class_name($char['class']) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" /> - lvl " . char_get_level_color($char['level']) . "</font><br />" . $online . "</td>\r\n                                    </tr>\r\n                                    <tr>\r\n                                        <td colspan=\"8\">" . get_map_name($char['online'], $sqlm) . " - " . get_zone_name($char['zone'], $sqlm) . "</td>\r\n                                    </tr>\r\n                                    <tr>\r\n                                        <td colspan=\"8\">{$lang_char['username']}: <input type=\"text\" name=\"owner_name\" size=\"20\" maxlength=\"25\" value=\"{$owner_name}\" /> | {$lang_char['acc_id']}: {$owner_acc_id}</td>\r\n                                    </tr>\r\n                                    <tr>\r\n                                        <td colspan=\"8\">{$lang_char['guild']}: {$guild_name} | {$lang_char['rank']}: {$guild_rank}</td>\r\n                                    </tr>\r\n                                    <tr>\r\n                                        <td colspan=\"8\">{$lang_char['honor_points']}: <input type=\"text\" name=\"honor_points\" size=\"8\" maxlength=\"6\" value=\"{$char['totalHonorpoints']}\" />/\r\n                                            <input type=\"text\" name=\"arena_points\" size=\"8\" maxlength=\"6\" value=\"{$char['arenaPoints']}\" /> - {$lang_char['honor_kills']}: <input type=\"text\" name=\"total_kills\" size=\"8\" maxlength=\"6\" value=\"{$char['totalKills']}\" />\r\n                                        </td>\r\n                                    </tr>\r\n                                    <tr>\r\n                                        <td width=\"2%\"><input type=\"checkbox\" name=\"check[]\" value=\"a0\" /></td><td width=\"18%\">{$lang_item['head']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_HEAD]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_HEAD]) . "</a></td>\r\n                                        <td width=\"18%\">{$lang_item['gloves']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_GLOVES]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_GLOVES]) . "</a></td><td width=\"2%\"><input type=\"checkbox\" name=\"check[]\" value=\"a9\" /></td>\r\n                                    </tr>\r\n                                    <tr>\r\n                                        <td><input type=\"checkbox\" name=\"check[]\" value=\"a1\" /></td><td>{$lang_item['neck']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_NECK]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_NECK]) . "</a></td>\r\n                                        <td>{$lang_item['belt']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_BELT]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_BELT]) . "</a></td> <td><input type=\"checkbox\" name=\"check[]\" value=\"a5\" /></td>\r\n                                    </tr>\r\n                                    <tr>\r\n                                        <td><input type=\"checkbox\" name=\"check[]\" value=\"a2\" /></td><td>{$lang_item['shoulder']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_SHOULDER]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_SHOULDER]) . "</a></td>\r\n                                        <td>{$lang_item['legs']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_LEGS]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_LEGS]) . "</a></td><td><input type=\"checkbox\" name=\"check[]\" value=\"a6\" /></td>\r\n                                    </tr>\r\n                                    <tr>\r\n                                        <td><input type=\"checkbox\" name=\"check[]\" value=\"a14\" /></td><td>{$lang_item['back']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_BACK]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_BACK]) . "</a></td>\r\n                                        <td>{$lang_item['feet']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_FEET]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_FEET]) . "</a></td><td><input type=\"checkbox\" name=\"check[]\" value=\"a7\" /></td>\r\n                                    </tr>\r\n                                    <tr>\r\n                                        <td><input type=\"checkbox\" name=\"check[]\" value=\"a4\" /></td><td>{$lang_item['chest']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_CHEST]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_CHEST]) . "</a></td>\r\n                                        <td>{$lang_item['finger']} 1<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_FINGER1]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_FINGER1]) . "</a></td><td><input type=\"checkbox\" name=\"check[]\" value=\"a10\" /></td>\r\n                                    </tr>\r\n                                    <tr>\r\n                                        <td><input type=\"checkbox\" name=\"check[]\" value=\"a3\" /></td><td>{$lang_item['shirt']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_SHIRT]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_SHIRT]) . "</a></td>\r\n                                        <td>{$lang_item['finger']} 2<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_FINGER2]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_FINGER2]) . "</a></td><td><input type=\"checkbox\" name=\"check[]\" value=\"a11\" /></td>\r\n                                    </tr>\r\n                                    <tr>\r\n                                        <td><input type=\"checkbox\" name=\"check[]\" value=\"a18\" /></td><td>{$lang_item['tabard']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_TABARD]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_TABARD]) . "</a></td>\r\n                                        <td>{$lang_item['trinket']} 1<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_TRINKET1]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_TRINKET1]) . "</a></td><td><input type=\"checkbox\" name=\"check[]\" value=\"a12\" /></td>\r\n                                    </tr>\r\n                                    <tr>\r\n                                        <td><input type=\"checkbox\" name=\"check[]\" value=\"a8\" /></td><td>{$lang_item['wrist']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_WRIST]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_WRIST]) . "</a></td>\r\n                                        <td>{$lang_item['trinket']} 2<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_TRINKET2]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_TRINKET2]) . "</a></td><td><input type=\"checkbox\" name=\"check[]\" value=\"a13\" /></td>\r\n                                    </tr>\r\n                                    <tr>\r\n                                        <td><input type=\"checkbox\" name=\"check[]\" value=\"a15\" /></td>\r\n                                        <td colspan=\"2\">{$lang_item['main_hand']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_MAIN_HAND]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_MAIN_HAND]) . "</a></td>\r\n                                        <td colspan=\"2\"><input type=\"checkbox\" name=\"check[]\" value=\"a16\" />&nbsp;{$lang_item['off_hand']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_OFF_HAND]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_OFF_HAND]) . "</a></td>\r\n                                        <td colspan=\"2\">{$lang_item['ranged']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_RANGED]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_RANGED]) . "</a></td>\r\n                                        <td><input type=\"checkbox\" name=\"check[]\" value=\"a17\" /></td>\r\n                                    </tr>\r\n                                    <tr>\r\n                                        <td colspan=\"4\">{$lang_char['gold']}: <input type=\"text\" name=\"money\" size=\"10\" maxlength=\"8\" value=\"{$char['money']}\" /></td>\r\n                                        <td colspan=\"4\">{$lang_char['tot_paly_time']}: <input type=\"text\" name=\"tot_time\" size=\"8\" maxlength=\"14\" value=\"{$char['totaltime']}\" /></td>\r\n                                    </tr>\r\n                                    <tr>\r\n                                        <td colspan=\"5\">{$lang_char['location']}:\r\n                                            X:<input type=\"text\" name=\"x\" size=\"10\" maxlength=\"8\" value=\"{$char['position_x']}\" />\r\n                                            Y:<input type=\"text\" name=\"y\" size=\"8\" maxlength=\"16\" value=\"{$char['position_y']}\" />\r\n                                            Z:<input type=\"text\" name=\"z\" size=\"8\" maxlength=\"16\" value=\"{$char['position_z']}\" />\r\n                                            Map:<input type=\"text\" name=\"map\" size=\"8\" maxlength=\"16\" value=\"{$char['map']}\" />\r\n                                        </td>\r\n                                        <td colspan=\"3\">{$lang_char['move_to']}:<input type=\"text\" name=\"tp_to\" size=\"24\" maxlength=\"64\" value=\"\" /></td>\r\n                                    </tr>\r\n                                </table>\r\n                                <br />";
            //inventory+bank items
            $query2 = $sqlc->query("\r\n\t\t\t\tSELECT bag, slot, item, item_template \r\n\t\t\t\tFROM character_inventory \r\n\t\t\t\tWHERE guid = '{$id}' \r\n\t\t\t\tORDER BY bag, slot");
            $inv = array();
            $count = 0;
            while ($slot = $sqlc->fetch_row($query2)) {
                if ($slot[0] == 0) {
                    if ($slot[1] >= 23 && $slot[1] <= 62) {
                        $count++;
                        $inv[$count][0] = $slot[3];
                        $inv[$count][1] = $slot[2];
                    }
                } else {
                    $count++;
                    $inv[$count][0] = $slot[3];
                    $inv[$count][1] = $slot[2];
                }
            }
            $output .= "\r\n                                <table class=\"lined\">\r\n\t\t\t\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t\t\t\t<td>{$lang_char['inv_bank']}</td>\r\n\t\t\t\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t\t\t\t<td height=\"100\" align=\"center\">\r\n\t\t\t\t\t\t\t\t\t\t\t<table>\r\n\t\t\t\t\t\t\t\t\t\t\t\t<tr align=\"center\">";
            $j = 0;
            for ($i = 1; $i <= $count; $i++) {
                $j++;
                $output .= "\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t<td>\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<a href=\"{$item_datasite}{$inv[$i][0]}\" target=\"_blank\">{$inv[$i][0]}</a>\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<br />\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<input type=\"checkbox\" name=\"check[]\" value=\"{$inv[$i][1]}\" />\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t</td>";
                if ($j == 15) {
                    $output .= "\r\n\t\t\t\t\t\t\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t\t\t\t\t\t\t\t<tr align=\"center\">";
                    $j = 0;
                }
            }
            $output .= "\r\n                                                </tr>\r\n                                            </table>\r\n                                        </td>\r\n                                    </tr>\r\n                                </table>\r\n                                <br />\r\n                                <table class=\"hidden\">\r\n                                    <tr>\r\n                                        <td>";
            makebutton($lang_char['update'], "javascript:do_submit()", 190);
            makebutton($lang_char['to_char_view'], "char.php?id={$id}", 160);
            makebutton($lang_char['del_char'], "char_list.php?action=del_char_form&amp;check%5B%5D={$id}", 160);
            makebutton($lang_global['back'], "javascript:window.history.back()", 160);
            $output .= "\r\n                                        </td>\r\n                                    </tr>\r\n                                </table>\r\n                                <br />\r\n                            </form>\r\n                        </center>";
            //case of non auth request
        } else {
            error($lang_char['no_permission']);
        }
    } else {
        error($lang_char['no_char_found']);
    }
}
Esempio n. 18
0
function char_main(&$sqlr, &$sqlc)
{
    global $output, $lang_global, $lang_char, $lang_item, $realm_id, $realm_db, $characters_db, $world_db, $server, $mmfpm_db, $action_permission, $user_lvl, $user_name, $user_id, $item_datasite, $spell_datasite, $showcountryflag;
    // this page uses wowhead tooltops
    wowhead_tt();
    require_once 'core/char/char_security.php';
    $result = $sqlc->query('SELECT account, race FROM characters WHERE guid = ' . $id . ' LIMIT 1');
    if ($sqlc->num_rows($result)) {
        //resrict by owner's gmlvl
        $owner_acc_id = $sqlc->result($result, 0, 'account');
        $query = $sqlr->query('SELECT `username`, `gmlevel` FROM `account` LEFT JOIN `account_access` ON `account`.`id`=`account_access`.`id` WHERE `account`.`id` = ' . $owner_acc_id . ' ORDER BY `gmlevel` DESC LIMIT 1');
        $owner_name = $sqlr->result($query, 0, 'username');
        $owner_gmlvl = $sqlr->result($query, 0, 'gmlevel');
        if (empty($owner_gmlvl)) {
            $owner_gmlvl = 0;
        }
        if ($user_lvl || $server[$realmid]['both_factions']) {
            $side_v = 0;
            $side_p = 0;
        } else {
            $side_p = in_array($sqlc->result($result, 0, 'race'), array(2, 5, 6, 8, 10)) ? 1 : 2;
            $result_1 = $sqlc->query('SELECT race FROM characters WHERE account = ' . $user_id . ' LIMIT 1');
            if ($sqlc->num_rows($result)) {
                $side_v = in_array($sqlc->result($result_1, 0, 'race'), array(2, 5, 6, 8, 10)) ? 1 : 2;
            } else {
                $side_v = 0;
            }
            unset($result_1);
        }
        if ($user_lvl >= $owner_gmlvl && ($side_v === $side_p || !$side_v)) {
            $result = $sqlc->query('SELECT characters.equipmentCache, characters.name, characters.race, characters.class, characters.level, characters.zone, characters.map, characters.online, characters.totaltime, characters.gender, characters.account, character_stats.blockPct,
                                    character_stats.dodgePct, character_stats.parryPct, character_stats.critPct, character_stats.rangedCritPct, character_stats.spellCritPct, COALESCE(guild_member.guildid,0) AS guildid, COALESCE(guild_member.rank,0) AS rank, 
                                    characters.totalHonorPoints, characters.arenaPoints, characters.totalKills, character_stats.maxhealth, character_stats.maxpower1, character_stats.strength, character_stats.agility, character_stats.stamina, character_stats.intellect,
                                    character_stats.spirit, character_stats.armor, character_stats.resHoly, character_stats.resFire, character_stats.resNature, character_stats.resFrost, character_stats.resShadow, character_stats.resArcane, character_stats.attackPower,
                                    character_stats.rangedAttackPower, character_stats.spellPower, characters.power2, character_stats.maxpower2, characters.power4, character_stats.maxpower4, characters.power3, character_stats.maxpower3   
                                    FROM characters LEFT JOIN character_stats ON characters.guid = character_stats.guid LEFT JOIN guild_member ON characters.guid = guild_member.guid WHERE characters.guid = ' . $id);
            $char = $sqlc->fetch_assoc($result);
            $eq_data = explode(' ', $char['equipmentCache']);
            $online = $char['online'] ? $lang_char['online'] : $lang_char['offline'];
            if ($char['guildid'] && $char['guildid'] != 0) {
                $guild_name = $sqlc->result($sqlc->query('SELECT name FROM guild WHERE guildid =' . $char['guildid'] . ''), 0, 'name');
                $guild_name = '<a href="guild.php?action=view_guild&amp;realm=' . $realmid . '&amp;error=3&amp;id=' . $char['guildid'] . '" >' . $guild_name . '</a>';
                $mrank = $char['rank'];
                $guild_rank = $sqlc->result($sqlc->query('SELECT rname FROM guild_rank WHERE guildid =' . $char['guildid'] . ' AND rid=' . $mrank . ''), 0, 'rname');
            } else {
                $guild_name = $lang_global['none'];
                $guild_rank = $lang_global['none'];
            }
            $block = round($char['blockPct'], 2);
            $dodge = round($char['dodgePct'], 2);
            $parry = round($char['parryPct'], 2);
            $crit = round($char['critPct'], 2);
            $ranged_crit = round($char['rangedCritPct'], 2);
            $spell_crit = round($char['spellCritPct'], 2);
            $spell_damage = $char['spellPower'];
            $rage = round($char['power2'] / 10);
            $maxrage = round($char['maxpower2'] / 10);
            //preventing undefined variables, didnt want to remove all this stuff so just filling the missing variables with 0
            define('CHAR_DATA_OFFSET_MELEE_HIT', 0);
            define('CHAR_DATA_OFFSET_SPELL_HEAL', 1);
            define('CHAR_DATA_OFFSET_SPELL_HIT', 2);
            define('CHAR_DATA_OFFSET_SPELL_HASTE_RATING', 3);
            define('CHAR_DATA_OFFSET_RESILIENCE', 4);
            define('CHAR_DATA_OFFSET_RANGE_HIT', 5);
            $char_data = array(0, 0, 0, 0, 0, 0);
            $maxdamage = 0;
            $mindamage = 0;
            $maxrangeddamage = 0;
            $minrangeddamage = 0;
            $expertise = 0;
            $EQU_HEAD = $eq_data[EQ_DATA_OFFSET_EQU_HEAD];
            $EQU_NECK = $eq_data[EQ_DATA_OFFSET_EQU_NECK];
            $EQU_SHOULDER = $eq_data[EQ_DATA_OFFSET_EQU_SHOULDER];
            $EQU_SHIRT = $eq_data[EQ_DATA_OFFSET_EQU_SHIRT];
            $EQU_CHEST = $eq_data[EQ_DATA_OFFSET_EQU_CHEST];
            $EQU_BELT = $eq_data[EQ_DATA_OFFSET_EQU_BELT];
            $EQU_LEGS = $eq_data[EQ_DATA_OFFSET_EQU_LEGS];
            $EQU_FEET = $eq_data[EQ_DATA_OFFSET_EQU_FEET];
            $EQU_WRIST = $eq_data[EQ_DATA_OFFSET_EQU_WRIST];
            $EQU_GLOVES = $eq_data[EQ_DATA_OFFSET_EQU_GLOVES];
            $EQU_FINGER1 = $eq_data[EQ_DATA_OFFSET_EQU_FINGER1];
            $EQU_FINGER2 = $eq_data[EQ_DATA_OFFSET_EQU_FINGER2];
            $EQU_TRINKET1 = $eq_data[EQ_DATA_OFFSET_EQU_TRINKET1];
            $EQU_TRINKET2 = $eq_data[EQ_DATA_OFFSET_EQU_TRINKET2];
            $EQU_BACK = $eq_data[EQ_DATA_OFFSET_EQU_BACK];
            $EQU_MAIN_HAND = $eq_data[EQ_DATA_OFFSET_EQU_MAIN_HAND];
            $EQU_OFF_HAND = $eq_data[EQ_DATA_OFFSET_EQU_OFF_HAND];
            $EQU_RANGED = $eq_data[EQ_DATA_OFFSET_EQU_RANGED];
            $EQU_TABARD = $eq_data[EQ_DATA_OFFSET_EQU_TABARD];
            /*
            // reserved incase we want to use back minimanagers' built in tooltip, instead of wowheads'
            // minimanagers' item tooltip needs updating, but it can show enchantments and sockets.
            
                  $equiped_items = array
                  (
                     1 => array(($EQU_HEAD      ? get_item_tooltip($EQU_HEAD)      : 0),($EQU_HEAD      ? get_item_icon($EQU_HEAD)      : 0),($EQU_HEAD      ? get_item_border($EQU_HEAD)      : 0)),
                     2 => array(($EQU_NECK      ? get_item_tooltip($EQU_NECK)      : 0),($EQU_NECK      ? get_item_icon($EQU_NECK)      : 0),($EQU_NECK      ? get_item_border($EQU_NECK)      : 0)),
                     3 => array(($EQU_SHOULDER  ? get_item_tooltip($EQU_SHOULDER)  : 0),($EQU_SHOULDER  ? get_item_icon($EQU_SHOULDER)  : 0),($EQU_SHOULDER  ? get_item_border($EQU_SHOULDER)  : 0)),
                     4 => array(($EQU_SHIRT     ? get_item_tooltip($EQU_SHIRT)     : 0),($EQU_SHIRT     ? get_item_icon($EQU_SHIRT)     : 0),($EQU_SHIRT     ? get_item_border($EQU_SHIRT)     : 0)),
                     5 => array(($EQU_CHEST     ? get_item_tooltip($EQU_CHEST)     : 0),($EQU_CHEST     ? get_item_icon($EQU_CHEST)     : 0),($EQU_CHEST     ? get_item_border($EQU_CHEST)     : 0)),
                     6 => array(($EQU_BELT      ? get_item_tooltip($EQU_BELT)      : 0),($EQU_BELT      ? get_item_icon($EQU_BELT)      : 0),($EQU_BELT      ? get_item_border($EQU_BELT)      : 0)),
                     7 => array(($EQU_LEGS      ? get_item_tooltip($EQU_LEGS)      : 0),($EQU_LEGS      ? get_item_icon($EQU_LEGS)      : 0),($EQU_LEGS      ? get_item_border($EQU_LEGS)      : 0)),
                     8 => array(($EQU_FEET      ? get_item_tooltip($EQU_FEET)      : 0),($EQU_FEET      ? get_item_icon($EQU_FEET)      : 0),($EQU_FEET      ? get_item_border($EQU_FEET)      : 0)),
                     9 => array(($EQU_WRIST     ? get_item_tooltip($EQU_WRIST)     : 0),($EQU_WRIST     ? get_item_icon($EQU_WRIST)     : 0),($EQU_WRIST     ? get_item_border($EQU_WRIST)     : 0)),
                    10 => array(($EQU_GLOVES    ? get_item_tooltip($EQU_GLOVES)    : 0),($EQU_GLOVES    ? get_item_icon($EQU_GLOVES)    : 0),($EQU_GLOVES    ? get_item_border($EQU_GLOVES)    : 0)),
                    11 => array(($EQU_FINGER1   ? get_item_tooltip($EQU_FINGER1)   : 0),($EQU_FINGER1   ? get_item_icon($EQU_FINGER1)   : 0),($EQU_FINGER1   ? get_item_border($EQU_FINGER1)   : 0)),
                    12 => array(($EQU_FINGER2   ? get_item_tooltip($EQU_FINGER2)   : 0),($EQU_FINGER2   ? get_item_icon($EQU_FINGER2)   : 0),($EQU_FINGER2   ? get_item_border($EQU_FINGER2)   : 0)),
                    13 => array(($EQU_TRINKET1  ? get_item_tooltip($EQU_TRINKET1)  : 0),($EQU_TRINKET1  ? get_item_icon($EQU_TRINKET1)  : 0),($EQU_TRINKET1  ? get_item_border($EQU_TRINKET1)  : 0)),
                    14 => array(($EQU_TRINKET2  ? get_item_tooltip($EQU_TRINKET2)  : 0),($EQU_TRINKET2  ? get_item_icon($EQU_TRINKET2)  : 0),($EQU_TRINKET2  ? get_item_border($EQU_TRINKET2)  : 0)),
                    15 => array(($EQU_BACK      ? get_item_tooltip($EQU_BACK)      : 0),($EQU_BACK      ? get_item_icon($EQU_BACK)      : 0),($EQU_BACK      ? get_item_border($EQU_BACK)      : 0)),
                    16 => array(($EQU_MAIN_HAND ? get_item_tooltip($EQU_MAIN_HAND) : 0),($EQU_MAIN_HAND ? get_item_icon($EQU_MAIN_HAND) : 0),($EQU_MAIN_HAND ? get_item_border($EQU_MAIN_HAND) : 0)),
                    17 => array(($EQU_OFF_HAND  ? get_item_tooltip($EQU_OFF_HAND)  : 0),($EQU_OFF_HAND  ? get_item_icon($EQU_OFF_HAND)  : 0),($EQU_OFF_HAND  ? get_item_border($EQU_OFF_HAND)  : 0)),
                    18 => array(($EQU_RANGED    ? get_item_tooltip($EQU_RANGED)    : 0),($EQU_RANGED    ? get_item_icon($EQU_RANGED)    : 0),($EQU_RANGED    ? get_item_border($EQU_RANGED)    : 0)),
                    19 => array(($EQU_TABARD    ? get_item_tooltip($EQU_TABARD)    : 0),($EQU_TABARD    ? get_item_icon($EQU_TABARD)    : 0),($EQU_TABARD    ? get_item_border($EQU_TABARD)    : 0))
                  );
            */
            $sqlm = new SQL();
            $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
            $sqlw = new SQL();
            $sqlw->connect($world_db[$realmid]['addr'], $world_db[$realmid]['user'], $world_db[$realmid]['pass'], $world_db[$realmid]['name']);
            $equiped_items = array(1 => array('', $EQU_HEAD ? get_item_icon($EQU_HEAD, $sqlm, $sqlw) : 0, $EQU_HEAD ? get_item_border($EQU_HEAD, $sqlw) : 0), 2 => array('', $EQU_NECK ? get_item_icon($EQU_NECK, $sqlm, $sqlw) : 0, $EQU_NECK ? get_item_border($EQU_NECK, $sqlw) : 0), 3 => array('', $EQU_SHOULDER ? get_item_icon($EQU_SHOULDER, $sqlm, $sqlw) : 0, $EQU_SHOULDER ? get_item_border($EQU_SHOULDER, $sqlw) : 0), 4 => array('', $EQU_SHIRT ? get_item_icon($EQU_SHIRT, $sqlm, $sqlw) : 0, $EQU_SHIRT ? get_item_border($EQU_SHIRT, $sqlw) : 0), 5 => array('', $EQU_CHEST ? get_item_icon($EQU_CHEST, $sqlm, $sqlw) : 0, $EQU_CHEST ? get_item_border($EQU_CHEST, $sqlw) : 0), 6 => array('', $EQU_BELT ? get_item_icon($EQU_BELT, $sqlm, $sqlw) : 0, $EQU_BELT ? get_item_border($EQU_BELT, $sqlw) : 0), 7 => array('', $EQU_LEGS ? get_item_icon($EQU_LEGS, $sqlm, $sqlw) : 0, $EQU_LEGS ? get_item_border($EQU_LEGS, $sqlw) : 0), 8 => array('', $EQU_FEET ? get_item_icon($EQU_FEET, $sqlm, $sqlw) : 0, $EQU_FEET ? get_item_border($EQU_FEET, $sqlw) : 0), 9 => array('', $EQU_WRIST ? get_item_icon($EQU_WRIST, $sqlm, $sqlw) : 0, $EQU_WRIST ? get_item_border($EQU_WRIST, $sqlw) : 0), 10 => array('', $EQU_GLOVES ? get_item_icon($EQU_GLOVES, $sqlm, $sqlw) : 0, $EQU_GLOVES ? get_item_border($EQU_GLOVES, $sqlw) : 0), 11 => array('', $EQU_FINGER1 ? get_item_icon($EQU_FINGER1, $sqlm, $sqlw) : 0, $EQU_FINGER1 ? get_item_border($EQU_FINGER1, $sqlw) : 0), 12 => array('', $EQU_FINGER2 ? get_item_icon($EQU_FINGER2, $sqlm, $sqlw) : 0, $EQU_FINGER2 ? get_item_border($EQU_FINGER2, $sqlw) : 0), 13 => array('', $EQU_TRINKET1 ? get_item_icon($EQU_TRINKET1, $sqlm, $sqlw) : 0, $EQU_TRINKET1 ? get_item_border($EQU_TRINKET1, $sqlw) : 0), 14 => array('', $EQU_TRINKET2 ? get_item_icon($EQU_TRINKET2, $sqlm, $sqlw) : 0, $EQU_TRINKET2 ? get_item_border($EQU_TRINKET2, $sqlw) : 0), 15 => array('', $EQU_BACK ? get_item_icon($EQU_BACK, $sqlm, $sqlw) : 0, $EQU_BACK ? get_item_border($EQU_BACK, $sqlw) : 0), 16 => array('', $EQU_MAIN_HAND ? get_item_icon($EQU_MAIN_HAND, $sqlm, $sqlw) : 0, $EQU_MAIN_HAND ? get_item_border($EQU_MAIN_HAND, $sqlw) : 0), 17 => array('', $EQU_OFF_HAND ? get_item_icon($EQU_OFF_HAND, $sqlm, $sqlw) : 0, $EQU_OFF_HAND ? get_item_border($EQU_OFF_HAND, $sqlw) : 0), 18 => array('', $EQU_RANGED ? get_item_icon($EQU_RANGED, $sqlm, $sqlw) : 0, $EQU_RANGED ? get_item_border($EQU_RANGED, $sqlw) : 0), 19 => array('', $EQU_TABARD ? get_item_icon($EQU_TABARD, $sqlm, $sqlw) : 0, $EQU_TABARD ? get_item_border($EQU_TABARD, $sqlw) : 0));
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
                $output .= '
                <center>
                    <div id="tab_content">
                        <h1>' . $lang_char['char_sheet'] . '</h1><br />
                        <div id="tab">
                            <ul>
                                <li><a href="char.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li>
                                <li><a href="char_inv.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['inventory'] . '</a></li>
                                <li><a href="char_extra.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['extra'] . '</a></li>
                                ' . ($char['level'] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['talents'] . '</a></li>') . '
                                <li><a href="char_achieve.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['achievements'] . '</a></li>
                                <li><a href="char_rep.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['reputation'] . '</a></li>
                                <li><a href="char_skill.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['skills'] . '</a></li>
                                <li><a href="char_quest.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['quests'] . '</a></li>';
                if (char_get_class_name($char['class']) === 'Hunter') {
                    $output .= '
                                <li><a href="char_pets.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['pets'] . '</a></li>';
                }
                $output .= '
                                <li><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['friends'] . '</a></li>
                                <li><a href="char_spell.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['spells'] . '</a></li>
                                <li><a href="char_mail.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['mail'] . '</a></li>';
            } else {
                $output .= '
                <center>
                    <div id="tab_content">
                        <h1>' . $lang_char['char_sheet'] . '</h1><br />
                        <div id="tab">
                            <ul>
                                <li><a href="char.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li>';
            }
            $output .= '
                            </ul>
                        </div>
                        <div id="tab_content2">
                            <table class="lined" style="width: 580px;">
                                <tr>
                                    <td colspan="2">
                                        <div>
                                            <img src="' . char_get_avatar_img($char['level'], $char['gender'], $char['race'], $char['class'], 0) . '" alt="avatar" />
                                        </div>
                                        <div>';
            $a_results = $sqlc->query('SELECT DISTINCT spell FROM character_aura WHERE guid = ' . $id . '');
            if ($sqlc->num_rows($a_results)) {
                while ($aura = $sqlc->fetch_assoc($a_results)) {
                    $output .= '
                                            <a style="padding:2px;" href="' . $spell_datasite . $aura['spell'] . '" target="_blank">
                                                <img src="' . spell_get_icon($aura['spell'], $sqlm) . '" alt="' . $aura['spell'] . '" width="24" height="24" />
                                            </a>';
                }
            }
            $output .= '
                                        </div>
                                    </td>
                                    <td colspan="4">
                                        <font class="bold">
                                            ' . htmlentities($char['name']) . ' -
                                            <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />
                                            <img src="img/c_icons/' . $char['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />
                                            - lvl ' . char_get_level_color($char['level']) . '
                                        </font>
                                        <br />' . get_map_name($char['map'], $sqlm) . ' - ' . get_zone_name($char['zone'], $sqlm) . '
                                        <br />' . $lang_char['honor_points'] . ': ' . $char['totalHonorPoints'] . ' / ' . $char['arenaPoints'] . ' - ' . $lang_char['honor_kills'] . ': ' . $char['totalKills'] . '
                                        <br />' . $lang_char['guild'] . ': ' . $guild_name . ' | ' . $lang_char['rank'] . ': ' . htmlentities($guild_rank) . '
                                        <br />' . ($char['online'] ? '<img src="img/up.gif" onmousemove="toolTip(\'Online\', \'item_tooltip\')" onmouseout="toolTip()" alt="online" />' : '<img src="img/down.gif" onmousemove="toolTip(\'Offline\', \'item_tooltip\')" onmouseout="toolTip()" alt="offline" />');
            if ($showcountryflag) {
                require_once 'libs/misc_lib.php';
                $country = misc_get_country_by_account($char['account'], $sqlr, $sqlm);
                $output .= ' - ' . ($country['code'] ? '<img src="img/flags/' . $country['code'] . '.png" onmousemove="toolTip(\'' . $country['country'] . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />' : '-');
                unset($country);
            }
            $output .= '
                                    </td>
                                </tr>
                                <tr>
                                    <td width="6%">';
            if ($equiped_items[1][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_HEAD . '" target="_blank">
                                            <img src="' . $equiped_items[1][1] . '" class="' . $equiped_items[1][2] . '" alt="Head" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_head.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                    <td class="half_line" colspan="2" align="center" width="50%">
                                        <div class="gradient_p">' . $lang_item['health'] . ':</div>
                                        <div class="gradient_pp">' . $char['maxhealth'] . '</div>';
            if ($char['class'] == 11) {
                //druid
                $output .= '
                                        </br>
                                        <div class="gradient_p">' . $lang_item['energy'] . ':</div>
                                        <div class="gradient_pp">' . $char['power4'] . '/' . $char['maxpower4'] . '</div>';
            }
            $output .= '
                                    </td>
                                    <td class="half_line" colspan="2" align="center" width="50%">';
            if ($char['class'] == 1) {
                // warrior
                $output .= '
                                        <div class="gradient_p">' . $lang_item['rage'] . ':</div>
                                        <div class="gradient_pp">' . $rage . '/' . $maxrage . '</div>';
            } elseif ($char['class'] == 4) {
                // rogue
                $output .= '
                                        <div class="gradient_p">' . $lang_item['energy'] . ':</div>
                                        <div class="gradient_pp">' . $char['power4'] . '/' . $char['maxpower4'] . '</div>';
            } elseif ($char['class'] == 6) {
                // death knight // Don't know if FOCUS is the right one need to verify with Death Knight player.
                $output .= '
                                        <div class="gradient_p">' . $lang_item['runic'] . ':</div>
                                        <div class="gradient_pp">' . $char['power3'] . '/' . $char['maxpower3'] . '</div>';
            } elseif ($char['class'] == 11) {
                // druid
                $output .= '
                                        <div class="gradient_p">' . $lang_item['mana'] . ':</div>
                                        <div class="gradient_pp">' . $char['maxpower1'] . '</div>
                                        </br>
                                        <div class="gradient_p">' . $lang_item['rage'] . ':</div>
                                        <div class="gradient_pp">' . $rage . '/' . $maxrage . '</div>';
            } elseif ($char['class'] == 2 || $char['class'] == 3 || $char['class'] == 5 || $char['class'] == 7 || $char['class'] == 8 || $char['class'] == 9) {
                // warlock
                $output .= '
                                        <div class="gradient_p">' . $lang_item['mana'] . ':</div>
                                        <div class="gradient_pp">' . $char['maxpower1'] . '</div>';
            }
            $output .= '
                                    </td>
                                    <td width="6%">';
            if ($equiped_items[10][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_GLOVES . '" target="_blank">
                                            <img src="' . $equiped_items[10][1] . '" class="' . $equiped_items[10][2] . '" alt="Gloves" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_gloves.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                </tr>
                                <tr>
                                    <td width="1%">';
            if ($equiped_items[2][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_NECK . '" target="_blank">
                                            <img src="' . $equiped_items[2][1] . '" class="' . $equiped_items[2][2] . '" alt="Neck" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_neck.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                    <td class="half_line" colspan="2" rowspan="3" align="center" width="50%">
                                        <div class="gradient_p">
                                            ' . $lang_item['strength'] . ':<br />
                                            ' . $lang_item['agility'] . ':<br />
                                            ' . $lang_item['stamina'] . ':<br />
                                            ' . $lang_item['intellect'] . ':<br />
                                            ' . $lang_item['spirit'] . ':<br />
                                            ' . $lang_item['armor'] . ':
                                        </div>
                                        <div class="gradient_pp">
                                            ' . $char['strength'] . '<br />
                                            ' . $char['agility'] . '<br />
                                            ' . $char['stamina'] . '<br />
                                            ' . $char['intellect'] . '<br />
                                            ' . $char['spirit'] . '<br />
                                            ' . $char['armor'] . '
                                        </div>
                                    </td>
                                    <td class="half_line" colspan="2" rowspan="3" align="center" width="50%">
                                        <div class="gradient_p">
                                            ' . $lang_item['res_holy'] . ':<br />
                                            ' . $lang_item['res_arcane'] . ':<br />
                                            ' . $lang_item['res_fire'] . ':<br />
                                            ' . $lang_item['res_nature'] . ':<br />
                                            ' . $lang_item['res_frost'] . ':<br />
                                            ' . $lang_item['res_shadow'] . ':
                                        </div>
                                        <div class="gradient_pp">
                                            ' . $char['resHoly'] . '<br />
                                            ' . $char['resArcane'] . '<br />
                                            ' . $char['resFire'] . '<br />
                                            ' . $char['resNature'] . '<br />
                                            ' . $char['resFrost'] . '<br />
                                            ' . $char['resShadow'] . '
                                        </div>
                                    </td>
                                    <td width="1%">';
            if ($equiped_items[6][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_BELT . '" target="_blank">
                                            <img src="' . $equiped_items[6][1] . '" class="' . $equiped_items[6][2] . '" alt="Belt" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_waist.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                </tr>
                                <tr>
                                    <td width="1%">';
            if ($equiped_items[3][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_SHOULDER . '" target="_blank">
                                            <img src="' . $equiped_items[3][1] . '" class="' . $equiped_items[3][2] . '" alt="Shoulder" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_shoulder.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                    <td width="1%">';
            if ($equiped_items[7][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_LEGS . '" target="_blank">
                                            <img src="' . $equiped_items[7][1] . '" class="' . $equiped_items[7][2] . '" alt="Legs" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_legs.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                </tr>
                                <tr>
                                    <td width="1%">';
            if ($equiped_items[15][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_BACK . '" target="_blank">
                                            <img src="' . $equiped_items[15][1] . '" class="' . $equiped_items[15][2] . '" alt="Back" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_chest_back.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                    <td width="1%">';
            if ($equiped_items[8][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_FEET . '" target="_blank">
                                            <img src="' . $equiped_items[8][1] . '" class="' . $equiped_items[8][2] . '" alt="Feet" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_feet.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                </tr>
                                <tr>
                                    <td width="1%">';
            if ($equiped_items[5][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_CHEST . '" target="_blank">
                                            <img src="' . $equiped_items[5][1] . '" class="' . $equiped_items[5][2] . '" alt="Chest" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_chest_back.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                    <td class="half_line" colspan="2" rowspan="2" align="center" width="50%">
                                        <div class="gradient_p">
                                            ' . $lang_char['melee_d'] . ':<br />
                                            ' . $lang_char['melee_ap'] . ':<br />
                                            ' . $lang_char['melee_hit'] . ':<br />
                                            ' . $lang_char['melee_crit'] . ':<br />
                                            ' . $lang_char['expertise'] . ':<br />
                                        </div>
                                        <div class="gradient_pp">
                                            ' . $mindamage . '-' . $maxdamage . '<br />
                                            ' . $char['attackPower'] . '<br />
                                            ' . $char_data[CHAR_DATA_OFFSET_MELEE_HIT] . '<br />
                                            ' . $crit . '%<br />
                                            ' . $expertise . '<br />
                                        </div>
                                    </td>
                                    <td class="half_line" colspan="2" rowspan="2" align="center" width="50%">
                                        <div class="gradient_p">
                                            ' . $lang_char['spell_d'] . ':<br />
                                            ' . $lang_char['spell_heal'] . ':<br />
                                            ' . $lang_char['spell_hit'] . ':<br />
                                            ' . $lang_char['spell_crit'] . ':<br />
                                            ' . $lang_char['spell_haste'] . '
                                        </div>
                                        <div class="gradient_pp">
                                            ' . $spell_damage . '<br />
                                            ' . $char_data[CHAR_DATA_OFFSET_SPELL_HEAL] . '<br />
                                            ' . $char_data[CHAR_DATA_OFFSET_SPELL_HIT] . '<br />
                                            ' . $spell_crit . '%<br />
                                            ' . $char_data[CHAR_DATA_OFFSET_SPELL_HASTE_RATING] . '
                                        </div>
                                    </td>
                                    <td width="1%">';
            if ($equiped_items[11][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_FINGER1 . '" target="_blank">
                                            <img src="' . $equiped_items[11][1] . '" class="' . $equiped_items[11][2] . '" alt="Finger1" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_finger.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                </tr>
                                <tr>
                                    <td width="1%">';
            if ($equiped_items[4][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_SHIRT . '" target="_blank">
                                            <img src="' . $equiped_items[4][1] . '" class="' . $equiped_items[4][2] . '" alt="Shirt" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_shirt.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                    <td width="1%">';
            if ($equiped_items[12][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_FINGER2 . '" target="_blank">
                                            <img src="' . $equiped_items[12][1] . '" class="' . $equiped_items[12][2] . '" alt="Finger2" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_finger.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                </tr>
                                <tr>
                                    <td width="1%">';
            if ($equiped_items[19][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_TABARD . '" target="_blank">
                                            <img src="' . $equiped_items[19][1] . '" class="' . $equiped_items[19][2] . '" alt="Tabard" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_tabard.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                    <td class="half_line" colspan="2" rowspan="2" align="center" width="50%">
                                        <div class="gradient_p">
                                            ' . $lang_char['dodge'] . ':<br />
                                            ' . $lang_char['parry'] . ':<br />
                                            ' . $lang_char['block'] . ':<br />
                                            ' . $lang_char['resilience'] . ':<br />
                                        </div>
                                        <div class="gradient_pp">
                                            ' . $dodge . '%<br />
                                            ' . $parry . '%<br />
                                            ' . $block . '%<br />
                                            ' . $char_data[CHAR_DATA_OFFSET_RESILIENCE] . '<br />
                                        </div>
                                    </td>
                                    <td class="half_line" colspan="2" rowspan="2" align="center" width="50%">
                                        <div class="gradient_p">
                                            ' . $lang_char['ranged_d'] . ':<br />
                                            ' . $lang_char['ranged_ap'] . ':<br />
                                            ' . $lang_char['ranged_hit'] . ':<br />
                                            ' . $lang_char['ranged_crit'] . ':<br />
                                        </div>
                                        <div class="gradient_pp">
                                            ' . $minrangeddamage . '-' . $maxrangeddamage . '<br />
                                            ' . $char['rangedAttackPower'] . '<br />
                                            ' . $char_data[CHAR_DATA_OFFSET_RANGE_HIT] . '<br />
                                            ' . $ranged_crit . '%<br />
                                        </div>
                                    </td>
                                    <td width="1%">';
            if ($equiped_items[13][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_TRINKET1 . '" target="_blank">
                                            <img src="' . $equiped_items[13][1] . '" class="' . $equiped_items[13][2] . '" alt="Trinket1" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_trinket.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                </tr>
                                <tr>
                                    <td width="1%">';
            if ($equiped_items[9][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_WRIST . '" target="_blank">
                                            <img src="' . $equiped_items[9][1] . '" class="' . $equiped_items[9][2] . '" alt="Wrist" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_wrist.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                    <td width="1%">';
            if ($equiped_items[14][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_TRINKET2 . '" target="_blank">
                                            <img src="' . $equiped_items[14][1] . '" class="' . $equiped_items[14][2] . '" alt="Trinket2" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_trinket.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                </tr>
                                <tr>
                                    <td></td>
                                    <td width="15%">';
            if ($equiped_items[16][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_MAIN_HAND . '" target="_blank">
                                            <img src="' . $equiped_items[16][1] . '" class="' . $equiped_items[16][2] . '" alt="MainHand" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_main_hand.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                    <td width="15%">';
            if ($equiped_items[17][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_OFF_HAND . '" target="_blank">
                                            <img src="' . $equiped_items[17][1] . '" class="' . $equiped_items[17][2] . '" alt="OffHand" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_off_hand.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                    <td width="15%">';
            if ($equiped_items[18][1]) {
                $output .= '
                                        <a style="padding:2px;" href="' . $item_datasite . $EQU_RANGED . '" target="_blank">
                                            <img src="' . $equiped_items[18][1] . '" class="' . $equiped_items[18][2] . '" alt="Ranged" />
                                        </a>';
            } else {
                $output .= '
                                        <img src="img/INV/INV_empty_ranged.png" class="icon_border_0" alt="empty" />';
            }
            $output .= '
                                    </td>
                                    <td width="15%"></td>
                                    <td></td>
                                </tr>';
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
                //total time played
                $tot_time = $char['totaltime'];
                $tot_days = (int) ($tot_time / 86400);
                $tot_time = $tot_time - $tot_days * 86400;
                $total_hours = (int) ($tot_time / 3600);
                $tot_time = $tot_time - $total_hours * 3600;
                $total_min = (int) ($tot_time / 60);
                $output .= '
                                <tr>
                                    <td colspan="6">
                                        ' . $lang_char['tot_paly_time'] . ': ' . $tot_days . ' ' . $lang_char['days'] . ' ' . $total_hours . ' ' . $lang_char['hours'] . ' ' . $total_min . ' ' . $lang_char['min'] . '
                                    </td>
                                </tr>';
            }
            $output .= '
                            </table>
                        </div>
                        <br />
                    </div>
                    <br />';
            require_once 'core/char/char_footer.php';
            $output .= '
                    <br />
                </center>';
        } else {
            error($lang_char['no_permission']);
        }
    } else {
        error($lang_char['no_char_found']);
    }
}
Esempio n. 19
0
function char_mail(&$sqlr, &$sqlc)
{
    global $output, $lang_global, $lang_char, $lang_mail, $realm_id, $realm_db, $mmfpm_db, $characters_db, $action_permission, $user_lvl, $user_name, $item_datasite, $itemperpage;
    if (empty($_GET['id'])) {
        error($lang_global['empty_fields']);
    }
    // this is multi realm support, as of writing still under development
    //  this page is already implementing it
    if (empty($_GET['realm'])) {
        $realmid = $realm_id;
    } else {
        $realmid = $sqlr->quote_smart($_GET['realm']);
        if (is_numeric($realmid)) {
            $sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']);
        } else {
            $realmid = $realm_id;
        }
    }
    $id = $sqlc->quote_smart($_GET['id']);
    if (is_numeric($id)) {
    } else {
        $id = 0;
    }
    //==========================$_GET and SECURE=================================
    $start = isset($_GET['start']) ? $sqlc->quote_smart($_GET['start']) : 0;
    if (is_numeric($start)) {
    } else {
        $start = 0;
    }
    $order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : 'id';
    if (preg_match('/^[_[:lower:]]{1,12}$/', $order_by)) {
    } else {
        $order_by = 'id';
    }
    $dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 1;
    if (preg_match('/^[01]{1}$/', $dir)) {
    } else {
        $dir = 1;
    }
    $order_dir = $dir ? 'ASC' : 'DESC';
    $dir = $dir ? 0 : 1;
    //==========================$_GET and SECURE end=============================
    // getting character data from database
    $result = $sqlc->query('SELECT account, name, race, class, level, gender
    FROM characters WHERE guid = ' . $id . ' LIMIT 1');
    if ($sqlc->num_rows($result)) {
        $char = $sqlc->fetch_assoc($result);
        // we get user permissions first
        $owner_acc_id = $sqlc->result($result, 0, 'account');
        $result = $sqlr->query('SELECT gmlevel, username FROM account WHERE id = ' . $char['account'] . '');
        $owner_gmlvl = $sqlr->result($result, 0, 'gmlevel');
        $owner_name = $sqlr->result($result, 0, 'username');
        if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
            //------------------------Character Tabs---------------------------------
            // we start with a lead of 10 spaces,
            //  because last line of header is an opening tag with 8 spaces
            //  keep html indent in sync, so debuging from browser source would be easy to read
            $output .= '
          <center>
           <div id="tab_content">
              <div id="tab">
                <ul>
                  <li><a href="char.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li>
                  <li><a href="char_inv.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['inventory'] . '</a></li>
                  <li><a href="char_extra.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['extra'] . '</a></li>
                  ' . ($char['level'] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['talents'] . '</a></li>') . '
                  <li><a href="char_achieve.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['achievements'] . '</a></li>
                  <li><a href="char_rep.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['reputation'] . '</a></li>
                  <li><a href="char_skill.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['skills'] . '</a></li>
				  <li><a href="char_quest.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['quests'] . '</a></li>';
            if (char_get_class_name($char['class']) === 'Hunter') {
                $output .= '
                  <li><a href="char_pets.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['pets'] . '</a></li>';
            }
            $output .= '
                  <li><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['friends'] . '</a></li>
				  <li><a href="char_spell.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['spells'] . '</a></li>
                </ul>
                <ul>';
            // selected char tab at last
            $output .= '
                  <li id="selected"><a href="char_mail.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['mail'] . '</a></li>';
            $output .= '
              </ul>
            </div>
            <div id="tab_content2">
              <font class="bold">
                ' . htmlentities($char['name']) . ' -
                <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif"
                  onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />
                <img src="img/c_icons/' . $char['class'] . '.gif"
                  onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . '
              </font>
              <br /><br />
              <table class="lined" style="width: 100%">';
            //---------------Page Specific Starts Ends here----------------------------
            $query = $sqlc->query('SELECT a.id as id, a.messageType as messagetype, a.sender as sender,
        a.subject as subject, a.itemTextId as itemtextid, a.has_items as hasitems, a.money as money, a.cod as cod, a.checked as checked,
        b.item_template as itemtemplate
        FROM mail a INNER JOIN mail_items b ON a.id = b.mail_id where a.receiver = ' . $id . ' LIMIT ' . $start . ', ' . $itemperpage . '');
            $total_mail = $sqlc->result($sqlc->query('SELECT count(*) FROM mail WHERE receiver= ' . $id . ''), 0);
            $output .= '
                <tr>
                  <td align="left">
                  Total Mails: ' . $total_mail . '
                  </td>
                  <td align="right" width="45%">';
            $output .= generate_pagination('char_mail.php?start=' . $start . '&amp;order_by=' . $order_by . '&amp;dir=' . ($dir ? 0 : 1), $total_mail, $itemperpage, $start);
            $output .= '
                </td>
              </table>
              <table class="lined" style="width: 100%">
                <tr>
                  <th width="5%">' . $lang_mail['mail_type'] . '</th>
                  <th width="10%">' . $lang_mail['sender'] . '</th>
                  <th width="15%">' . $lang_mail['subject'] . '</th>
                  <th width="5%">' . $lang_mail['has_items'] . '</th>
                  <th width="25%">' . $lang_mail['text'] . '</th>
                  <th width="20%">' . $lang_mail['money'] . '</th>
                  <th width="5%">' . $lang_mail['checked'] . '</th>
                </tr>';
            while ($mail = $sqlc->fetch_assoc($query)) {
                $output .= '
                <tr valign=top>
                  <td>' . get_mail_source($mail['messagetype']) . '</td>
                  <td><a href="char.php?id=' . $mail['sender'] . '">' . get_char_name($mail['sender']) . '</a></td>
                  <td>' . $mail['subject'] . '</td>
                  <td>
                    <a style="padding:2px;" href="' . $item_datasite . $mail['itemtemplate'] . '" target="_blank">
                    <img class="bag_icon" src="' . get_item_icon($mail['itemtemplate'], $sqlm) . '" alt="" />
                    </a>
                  </td>
                  <td>' . get_mail_text($mail['itemtextid']) . '</td>
                  <td>
                    ' . substr($mail['money'], 0, -4) . '<img src="img/gold.gif" alt="" align="middle" />
                    ' . substr($mail['money'], -4, 2) . '<img src="img/silver.gif" alt="" align="middle" />
                    ' . substr($mail['money'], -2) . '<img src="img/copper.gif" alt="" align="middle" />
                  </td>
                  <td>' . get_check_state($mail['checked']) . '</td>
                </tr>';
            }
            //---------------Page Specific Data Ends here----------------------------
            //---------------Character Tabs Footer-----------------------------------
            $output .= '
              </table>
            </div>
            <br />
            <table class="hidden">
              <tr>
                <td>';
            // button to user account page, user account page has own security
            makebutton($lang_char['chars_acc'], 'user.php?action=edit_user&amp;id=' . $owner_acc_id . '', 130);
            $output .= '
                </td>
                <td>';
            // only higher level GM with delete access can edit character
            //  character edit allows removal of character items, so delete permission is needed
            if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete']) {
                makebutton($lang_char['edit_button'], 'char_edit.php?id=' . $id . '&amp;realm=' . $realmid . '', 130);
                $output .= '
                </td>
                <td>';
            }
            // only higher level GM with delete access, or character owner can delete character
            if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete'] || $owner_name === $user_name) {
                makebutton($lang_char['del_char'], 'char_list.php?action=del_char_form&amp;check%5B%5D=' . $id . '" type="wrn', 130);
                $output .= '
                </td>
                <td>';
            }
            // only GM with update permission can send mail, mail can send items, so update permission is needed
            if ($user_lvl >= $action_permission['update']) {
                makebutton($lang_char['send_mail'], 'mail.php?type=ingame_mail&amp;to=' . $char['name'] . '', 130);
                $output .= '
                </td>
                <td>';
            }
            makebutton($lang_global['back'], 'javascript:window.history.back()" type="def', 130);
            $output .= '
                </td>
              </tr>
            </table>
            <br />
          </center>
          <!-- end of char_mail.php -->';
        } else {
            error($lang_char['no_permission']);
        }
    } else {
        error($lang_char['no_char_found']);
    }
}
Esempio n. 20
0
function gen_avatar_panel($level, $sex, $race, $class, $info = 1, $gm = 0, $edit_user = 0)
{
    require_once "libs/char_lib.php";
    $return = '
                <div class="center" style="background: transparent url(';
    $return .= char_get_avatar_img($level, $sex, $race, $class, $gm);
    $return .= ') repeat scroll 0%; width: 64px; height: 64px;' . ($edit_user == 0 ? ' border: 0px;' : '') . '">';
    $return .= '
                  <div style="background: transparent url(img/avatars/frame/full' . ($gm ? 'gm' : '') . '.gif) repeat scroll 0%; position: relative; left: 0px; top: 0px; width: 64px; height: 64px;">
                  </div>';
    if (!$gm) {
        $return .= '
                  <div style="text-align: center; font-weight: bold; color: white; position: relative; left: 21px; top: -18px; width: 24px; height: 24px;">' . $level . '
                  </div>';
    }
    $return .= '
                </div>';
    if ($gm > 0) {
        require_once "libs/get_lib.php";
        $return .= id_get_gm_level($gm) . '
                <br />';
    }
    if ($info == 1) {
        $return .= '
                <div style="margin-top:2px;">
                  <a href="#" onmouseover="oldtoolTip(\'' . char_get_race_name($race) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()">
                    <img src="img/c_icons/' . $race . '-' . $sex . '.gif" border="0" alt="" />
                  </a>
                  <a href="#" onmouseover="oldtoolTip(\'' . char_get_class_name($class) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()">
                    <img src="img/c_icons/' . $class . '.gif" border="0" alt="" />
                  </a>
                </div>';
    }
    return $return;
}
Esempio n. 21
0
function char_rep(&$sqlr, &$sqlc)
{
    global $output, $lang_global, $lang_char, $realm_id, $characters_db, $mmfpm_db, $action_permission, $user_lvl, $user_name;
    require_once 'libs/fact_lib.php';
    $reputation_rank = fact_get_reputation_rank_arr();
    $reputation_rank_length = fact_get_reputation_rank_length();
    if (empty($_GET['id'])) {
        error($lang_global['empty_fields']);
    }
    // this is multi realm support, as of writing still under development
    //  this page is already implementing it
    if (empty($_GET['realm'])) {
        $realmid = $realm_id;
    } else {
        $realmid = $sqlr->quote_smart($_GET['realm']);
        if (is_numeric($realmid)) {
            $sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']);
        } else {
            $realmid = $realm_id;
        }
    }
    $id = $sqlc->quote_smart($_GET['id']);
    if (is_numeric($id)) {
    } else {
        $id = 0;
    }
    $result = $sqlc->query('SELECT account, name, race, class, level, gender FROM characters WHERE guid = ' . $id . ' LIMIT 1');
    if ($sqlc->num_rows($result)) {
        $char = $sqlc->fetch_assoc($result);
        // we get user permissions first
        $owner_acc_id = $sqlc->result($result, 0, 'account');
        $result = $sqlr->query('SELECT gmlevel, username FROM account WHERE id = ' . $char['account'] . '');
        $owner_gmlvl = $sqlr->result($result, 0, 'gmlevel');
        $owner_name = $sqlr->result($result, 0, 'username');
        if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
            $result = $sqlc->query('SELECT faction, standing FROM character_reputation WHERE guid = ' . $id . ' AND (flags & 1 = 1)');
            $output .= '
          <center>
           <div id="tab_content">
              <div id="tab">
                <ul>
                  <li><a href="char.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li>
                  <li><a href="char_inv.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['inventory'] . '</a></li>
                  <li><a href="char_extra.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['extra'] . '</a></li>
                  ' . ($char['level'] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['talents'] . '</a></li>') . '
                  <li><a href="char_achieve.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['achievements'] . '</a></li>
                  <li><a href="char_skill.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['skills'] . '</a></li>
                  <li><a href="char_quest.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['quests'] . '</a></li>';
            if (char_get_class_name($char['class']) === 'Hunter') {
                $output .= '
                  <li><a href="char_pets.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['pets'] . '</a></li>';
            }
            $output .= '
                  <li><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['friends'] . '</a></li>
				  <li><a href="char_spell.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['spells'] . '</a></li>
				  <li><a href="char_mail.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['mail'] . '</a></li>
                </ul>
                <ul>';
            // selected char tab at last
            $output .= '
                  <li id="selected"><a href="char_rep.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['reputation'] . '</a></li>';
            $output .= '
              </ul>
            </div>
            <div id="tab_content2">
              <font class="bold">
                ' . htmlentities($char['name']) . ' -
                <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif"
                  onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />
                <img src="img/c_icons/' . $char['class'] . '.gif"
                  onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . '
              </font>
              <br /><br />';
            $temp_out = array(1 => array('
                <table class="lined" style="width: 550px;">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi1" onclick="expand(\'i1\', this, \'Alliance\')">[-] Alliance</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i1" class="lined" style="width: 535px; display: table;">', 0), 2 => array('
                <table class="lined" style="width: 550px;">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi2" onclick="expand(\'i2\', this, \'Horde\')">[-] Horde</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i2" class="lined" style="width: 535px; display: table;">', 0), 3 => array('
                <table class="lined" style="width: 550px;">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi3" onclick="expand(\'i3\', this, \'Alliance Forces\')">[-] Alliance Forces</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i3" class="lined" style="width: 535px; display: table;">', 0), 4 => array('
                <table class="lined" style="width: 550px;">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi4" onclick="expand(\'i4\', this, \'Horde Forces\')">[-] Horde Forces</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i4" class="lined" style="width: 535px; display: table;">', 0), 5 => array('
                <table class="lined" style="width: 550px;">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi5" onclick="expand(\'i5\', this, \'Steamwheedle Cartels\')">[-] Steamwheedle Cartel</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i5" class="lined" style="width: 535px; display: table;">', 0), 6 => array('
                <table class="lined" style="width: 550px;">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi6" onclick="expand(\'i6\', this, \'The Burning Crusade\')">[-] The Burning Crusade</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i6" class="lined" style="width: 535px; display: table;">', 0), 7 => array('
                <table class="lined" style="width: 550px;">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi7" onclick="expand(\'i7\', this, \'Shattrath City\')">[-] Shattrath City</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i7" class="lined" style="width: 535px; display: table;">', 0), 8 => array('
                <table class="lined" style="width: 550px;">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi8" onclick="expand(\'i8\', this, \'Alliance Vanguard\')">[-] Alliance Vanguard</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i8" class="lined" style="width: 535px; display: table;">', 0), 9 => array('
                <table class="lined" style="width: 550px;">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi9" onclick="expand(\'i9\', this, \'Horde Expedition \')">[-] Horde Expedition </div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i9" class="lined" style="width: 535px; display: table;">', 0), 10 => array('
                <table class="lined" style="width: 550px;">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi10" onclick="expand(\'i10\', this, \'Sholazar Basin\')">[-] Sholazar Basin</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i10" class="lined" style="width: 535px; display: table;">', 0), 11 => array('
                <table class="lined" style="width: 550px;">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi11" onclick="expand(\'i11\', this, \'Wrath of the Lich King\')">[-] Wrath of the Lich King</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i11" class="lined" style="width: 535px; display: table;">', 0), 12 => array('
                <table class="lined" style="width: 550px;">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi12" onclick="expand(\'i12\', this, \'Other\')">[-] Other</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i12" class="lined" style="width: 535px; display: table;">', 0), 0 => array('
                <table class="lined" style="width: 550px;">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi13" onclick="expand(\'i13\', this, \'Unknown\')">[-] Unknown</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i13" class="lined" style="width: 535px; display: table;">', 0));
            $sqlm = new SQL();
            $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
            if ($sqlc->num_rows($result)) {
                while ($fact = $sqlc->fetch_assoc($result)) {
                    $faction = $fact['faction'];
                    $standing = $fact['standing'];
                    $rep_rank = fact_get_reputation_rank($faction, $standing, $char['race'], $sqlm);
                    $rep_rank_name = $reputation_rank[$rep_rank];
                    $rep_cap = $reputation_rank_length[$rep_rank];
                    $rep = fact_get_reputation_at_rank($faction, $standing, $char['race'], $sqlm);
                    $faction_name = fact_get_faction_name($faction, $sqlm);
                    $ft = fact_get_faction_tree($faction);
                    // not show alliance rep for horde and vice versa:
                    if (1 << $char['race'] - 1 & 690 && ($ft == 1 || $ft == 3) || 1 << $char['race'] - 1 & 1101 && ($ft == 2 || $ft == 4)) {
                    } else {
                        $temp_out[$ft][0] .= '
                        <tr>
                          <td width="30%" align="left">' . $faction_name . '</td>
                          <td width="55%" valign="top">
                            <div class="faction-bar">
                              <div class="rep' . $rep_rank . '">
                                <span class="rep-data">' . $rep . '/' . $rep_cap . '</span>
                                <div class="bar-color" style="width:' . 100 * $rep / $rep_cap . '%"></div>
                              </div>
                            </div>
                          </td>
                          <td width="15%" align="left" class="rep' . $rep_rank . '">' . $rep_rank_name . '</td>
                        </tr>';
                        $temp_out[$ft][1] = 1;
                    }
                }
            } else {
                $output .= '
                        <tr>
                          <td colspan="2"><br /><br />' . $lang_global['err_no_records_found'] . '<br /><br /></td>
                        </tr>';
            }
            foreach ($temp_out as $out) {
                if ($out[1]) {
                    $output .= $out[0] . '
                      </table>
                    </td>
                  </tr>
                </table>';
                }
            }
            $output .= '
                <br />
              </div>
              <br />
            </div>
            <br />
            <table class="hidden">
              <tr>
                <td>';
            // button to user account page, user account page has own security
            makebutton($lang_char['chars_acc'], 'user.php?action=edit_user&amp;id=' . $owner_acc_id . '', 130);
            $output .= '
                </td>
                <td>';
            // only higher level GM with delete access can edit character
            //  character edit allows removal of character items, so delete permission is needed
            if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete']) {
                makebutton($lang_char['edit_button'], 'char_edit.php?id=' . $id . '&amp;realm=' . $realmid . '', 130);
                $output .= '
                </td>
                <td>';
            }
            // only higher level GM with delete access, or character owner can delete character
            if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete'] || $owner_name === $user_name) {
                makebutton($lang_char['del_char'], 'char_list.php?action=del_char_form&amp;check%5B%5D=' . $id . '" type="wrn', 130);
                $output .= '
                </td>
                <td>';
            }
            // only GM with update permission can send mail, mail can send items, so update permission is needed
            if ($user_lvl >= $action_permission['update']) {
                makebutton($lang_char['send_mail'], 'mail.php?type=ingame_mail&amp;to=' . $char['name'] . '', 130);
                $output .= '
                </td>
                <td>';
            }
            makebutton($lang_global['back'], 'javascript:window.history.back()" type="def', 130);
            $output .= '
                </td>
              </tr>
            </table>
            <br />
          </center>
          <!-- end of char_achieve.php -->';
        } else {
            error($lang_char['no_permission']);
        }
    } else {
        error($lang_char['no_char_found']);
    }
}
function view_guild()
{
    global $output, $logon_db, $characters_db, $corem_db, $realm_id, $itemperpage, $action_permission, $user_lvl, $user_id, $showcountryflag, $site_encoding, $show_guild_emblem, $sql, $core;
    if (!isset($_GET["id"])) {
        redirect("guild.php?error=1");
    }
    $guild_id = $sql["char"]->quote_smart($_GET["id"]);
    if (!is_numeric($guild_id)) {
        redirect("guild.php?error=6");
    }
    //==========================SQL INGUILD and GUILDLEADER======================
    if ($core == 1) {
        $q_inguild = $sql["char"]->query("SELECT 1 FROM guild_data WHERE guildid='" . $guild_id . "' AND playerid IN (SELECT guid FROM characters WHERE acct='" . $user_id . "')");
    } else {
        $q_inguild = $sql["char"]->query("SELECT 1 FROM guild_member WHERE guildid='" . $guild_id . "' AND guid IN (SELECT guid FROM characters WHERE account='" . $user_id . "')");
    }
    $inguild = $sql["char"]->result($q_inguild, 0, "1");
    if ($user_lvl < $action_permission["update"] && !$inguild) {
        redirect("guild.php?error=6");
    }
    if ($core == 1) {
        $q_amIguildleader = $sql["char"]->query("SELECT 1 FROM guilds WHERE guildid='" . $guild_id . "' AND leaderguid IN (SELECT guid FROM characters WHERE acct='" . $user_id . "')");
    } else {
        $q_amIguildleader = $sql["char"]->query("SELECT 1 FROM guild WHERE guildid='" . $guild_id . "' AND leaderguid IN (SELECT guid FROM characters WHERE account='" . $user_id . "')");
    }
    $amIguildleader = $sql["char"]->result($q_amIguildleader, 0, "1");
    if ($core == 1) {
        $q_guildmemberCount = $sql["char"]->query("SELECT 1 FROM guild_data WHERE guildid='" . $guild_id . "'");
    } else {
        $q_guildmemberCount = $sql["char"]->query("SELECT 1 from guild_member where guildid='" . $guild_id . "'");
    }
    $guildmemberCount = $sql["char"]->num_rows($q_guildmemberCount);
    //====================SQL INGUILD and GUILDLEADER end========================
    //==========================$_GET and SECURE=================================
    $start = isset($_GET["start"]) ? $sql["char"]->quote_smart($_GET["start"]) : 0;
    if (is_numeric($start)) {
    } else {
        $start = 0;
    }
    $order_by = isset($_GET["order_by"]) ? $sql["char"]->quote_smart($_GET["order_by"]) : "mrank";
    if (!preg_match("/^[_[:lower:]]{1,10}\$/", $order_by)) {
        $order_by = "mrank";
    }
    $dir = isset($_GET["dir"]) ? $sql["char"]->quote_smart($_GET["dir"]) : 1;
    if (!preg_match("/^[01]{1}\$/", $dir)) {
        $dir = 1;
    }
    $order_dir = $dir ? "ASC" : "DESC";
    $dir = $dir ? 0 : 1;
    //==========================$_GET and SECURE end=============================
    if ($core == 1) {
        $query = $sql["char"]->query("SELECT guildid, guildname AS name, guildinfo AS info, MOTD, createdate,\n      (SELECT COUNT(*) FROM guild_data WHERE guildid='" . $guild_id . "') AS mtotal,\n      (SELECT COUNT(*) FROM guild_data WHERE guildid='" . $guild_id . "' AND playerid IN\n      (SELECT guid FROM characters WHERE online=1)) AS monline,\n      emblemStyle AS EmblemStyle,\n      emblemColor AS EmblemColor,\n      borderStyle AS BorderStyle,\n      borderColor AS BorderColor,\n      backgroundColor AS BackgroundColor\n      FROM guilds WHERE guildid='" . $guild_id . "'");
    } else {
        $query = $sql["char"]->query("SELECT guildid, name, info, MOTD, createdate,\n      (SELECT COUNT(*) FROM guild_member where guildid='" . $guild_id . "') AS mtotal,\n      (SELECT COUNT(*) FROM guild_member where guildid='" . $guild_id . "' AND guid IN\n      (SELECT guid FROM characters WHERE online=1)) AS monline,\n      EmblemStyle, EmblemColor, BorderStyle, BorderColor, BackgroundColor\n      FROM guild WHERE guildid='" . $guild_id . "'");
    }
    $guild_data = $sql["char"]->fetch_assoc($query);
    $output .= '
        <script type="text/javascript">
          answerbox.btn_ok="' . lang("global", "yes") . '";
          answerbox.btn_cancel="' . lang("global", "no") . '";
        </script>
        <div class="guild_fieldset fieldset_border">
          <span class="legend">' . lang("guild", "guild") . '</span>
          <table class="lined">
            <tr>
              <td style="width: 25%;" class="hidden"><b>' . lang("guild", "create_date") . ':</b><br />' . date("o-m-d", $guild_data["createdate"]) . '</td>
              <td style="width: 50%;" class="bold hidden" colspan="2">' . $guild_data["name"] . '</td>
              <td style="width: 25%;" class="hidden"><b>' . lang("guild", "tot_m_online") . ':</b><br />' . $guild_data["monline"] . ' / ' . $guild_data["mtotal"] . '</td>
            </tr>
            <tr>
              <td colspan="2" class="hidden"><b>' . lang("guild", "info") . ':</b><br />' . $guild_data["info"] . '</td>
              <td colspan="2" class="hidden"><b>' . lang("guild", "motd") . ':</b><br />' . $guild_data["MOTD"] . '</td>
            </tr>';
    if ($show_guild_emblem) {
        $output .= '
            <tr>
              <td colspan="4" class="hidden">
                <div id="guild_emblem">
                  <div>
                    <img id="guild_view_background" src="img/emblems/Background_' . doubledigit($guild_data["BackgroundColor"]) . '.png" alt="" />
                    <img id="guild_view_emblem" src="img/emblems/Emblem_' . doubledigit($guild_data["EmblemStyle"]) . '_' . doubledigit($guild_data["EmblemColor"]) . '.png" alt="" />
                    <img id="guild_view_border" src="img/emblems/Border_' . doubledigit($guild_data["BorderStyle"]) . '_' . doubledigit($guild_data["BorderColor"]) . '.png" alt="" />
                    <img id="guild_emblem_border" src="img/EmblemBorder.png" alt="" />
                  </div>
                </div>
              </td>
            </tr>
            <tr>
              <td id="guild_pages_background" style="text-align: right;" colspan="4">' . generate_pagination("guild.php?action=view_guild&amp;id=" . $guild_id . "&amp;order_by=" . $order_by . "&amp;dir=" . ($dir ? 0 : 1), $guildmemberCount, $itemperpage, $start) . '</td>
            </tr>
          </table>
          <table class="lined">
            <tr>
              <th style="width: 1%;">' . lang("guild", "remove") . '</th>
              <th style="width: 15%;"><a href="guild.php?action=view_guild&amp;error=3&amp;id=' . $guild_id . '&amp;order_by=cname&amp;start=' . $start . '&amp;dir=' . $dir . '">' . ($order_by == "cname" ? '<img src="img/arr_' . ($dir ? "up" : "dw") . '.gif" alt="" /> ' : '') . lang("guild", "name") . '</a></th>
              <th style="width: 1%;"><a href="guild.php?action=view_guild&amp;error=3&amp;id=' . $guild_id . '&amp;order_by=crace&amp;start=' . $start . '&amp;dir=' . $dir . '">' . ($order_by == "crace" ? '<img src="img/arr_' . ($dir ? "up" : "dw") . '.gif" alt="" /> ' : '') . lang("guild", "race") . '</a></th>
              <th style="width: 1%;"><a href="guild.php?action=view_guild&amp;error=3&amp;id=' . $guild_id . '&amp;order_by=class&amp;start=' . $start . '&amp;dir=' . $dir . '">' . ($order_by == "cclass" ? '<img src="img/arr_' . ($dir ? "up" : "dw") . '.gif" alt="" /> ' : '') . lang("guild", "class") . '</a></th>
              <th style="width: 1%;"><a href="guild.php?action=view_guild&amp;error=3&amp;id=' . $guild_id . '&amp;order_by=clevel&amp;start=' . $start . '&amp;dir=' . $dir . '">' . ($order_by == "clevel" ? '<img src="img/arr_' . ($dir ? "up" : "dw") . '.gif" alt="" /> ' : '') . lang("guild", "level") . '</a></th>
              <th style="width: 25%;"><a href="guild.php?action=view_guild&amp;error=3&amp;id=' . $guild_id . '&amp;order_by=mrank&amp;start=' . $start . '&amp;dir=' . $dir . '">' . ($order_by == "mrank" ? '<img src="img/arr_' . ($dir ? "up" : "dw") . '.gif" alt="" /> ' : '') . lang("guild", "rank") . '</a></th>
              <th style="width: 15%;">' . lang("guild", "pnote") . '</th>
              <th style="width: 15%;">' . lang("guild", "offnote") . '</th>
              <th style="width: 15%;"><a href="guild.php?action=view_guild&amp;error=3&amp;id=' . $guild_id . '&amp;order_by=clogout&amp;start=' . $start . '&amp;dir=' . $dir . '">' . ($order_by == "clogout" ? '<img src="img/arr_' . ($dir ? "up" : "dw") . '.gif" alt="" /> ' : '') . lang("guild", "llogin") . '</a></th>
              <th style="width: 1%;"><a href="guild.php?action=view_guild&amp;error=3&amp;id=' . $guild_id . '&amp;order_by=conline&amp;start=' . $start . '&amp;dir=' . $dir . '">' . ($order_by == "conline" ? '<img src="img/arr_' . ($dir ? "up" : "dw") . '.gif" alt="" /> ' : '') . lang("guild", "online") . '</a></th>';
    }
    if ($showcountryflag) {
        require_once "libs/misc_lib.php";
        $output .= '
              <th style="width: 1%;">' . lang("global", "country") . '</th>';
    }
    $output .= '
              </tr>';
    // this_is_junk: WTF? O_o
    if ($core == 1) {
        $members = $sql["char"]->query("SELECT gm.playerid AS cguid, c.name AS cname, c.`race` AS crace, c.`class` AS cclass,\n      c.`level` AS clevel,\n      gm.guildrank AS mrank, (SELECT rankname FROM guild_ranks WHERE guildid='" . $guild_id . "' AND rankid=mrank) AS rname,\n      gm.publicNote AS pnote, gm.officerNote AS offnote, gender,\n      c.`online` AS conline, c.`acct`, c.`timestamp` AS clogout\n      FROM guild_data AS gm LEFT OUTER JOIN characters AS c ON c.guid=gm.playerid\n      WHERE gm.guildid='" . $guild_id . "' ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage);
    } else {
        $members = $sql["char"]->query("SELECT gm.guid AS cguid, c.name AS cname, c.`race` AS crace, c.`class` AS cclass,\n      c.`level` AS clevel,\n      gm.rank AS mrank, (SELECT rname FROM guild_rank WHERE guildid='" . $guild_id . "' AND rid=mrank) AS rname,\n      gm.pnote AS pnote, gm.offnote AS offnote, gender,\n      c.`online` AS conline, c.`account` AS acct, c.`logout_time` AS clogout\n      FROM guild_member AS gm LEFT OUTER JOIN characters AS c ON c.guid=gm.guid\n      WHERE gm.guildid='" . $guild_id . "' ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage);
    }
    while ($member = $sql["char"]->fetch_assoc($members)) {
        if ($core == 1) {
            $query = "SELECT * FROM accounts WHERE acct='" . $member["acct"] . "'";
            $result = $sql["logon"]->query($query);
            $result = $sql["logon"]->fetch_assoc($result);
            $user = $result["login"];
        } else {
            $query = "SELECT * FROM account WHERE id='" . $member["acct"] . "'";
            $result = $sql["logon"]->query($query);
            $result = $sql["logon"]->fetch_assoc($result);
            $user = $result["username"];
        }
        $result = $sql["mgr"]->query("SELECT SecurityLevel AS gm FROM config_accounts WHERE Login='******'");
        $owner_gmlvl = $sql["logon"]->result($result, 0, "gm");
        if ($owner_gmlvl >= 1073741824) {
            $owner_gmlvl -= 1073741824;
        }
        $output .= '
            <tr>';
        // gm, guildleader or own account! are allowed to remove from guild
        $output .= $user_lvl >= $action_permission["delete"] || $amIguildleader || $member["acct"] == $user_id ? '<td><img src="img/aff_cross.png" alt="" onclick="answerBox(\'' . lang("global", "delete") . ': &lt;font color=white&gt;' . $member["cname"] . '&lt;/font&gt;&lt;br /&gt;' . lang("global", "are_you_sure") . '\', \'guild.php?action=rem_char_from_guild&amp;realm=' . $realmid . '&amp;id=' . $member["cguid"] . '&amp;guld_id=' . $guild_id . '\');" class="guild_edit_delete_cursor" /></td>' : '<td></td>';
        $output .= '
              <td><a href="char.php?id=' . $member["cguid"] . '">' . htmlentities($member["cname"], ENT_COMPAT, $site_encoding) . '</a></td>
              <td><img src="img/c_icons/' . $member["crace"] . '-' . $member["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($member["crace"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /></td>
              <td><img src="img/c_icons/' . $member["cclass"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($member["cclass"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /></td>
              <td>' . char_get_level_color($member["clevel"]) . '</td>
              <td>' . htmlentities($member["rname"], ENT_COMPAT, $site_encoding) . ' (' . $member["mrank"] . ')</td>
              <td>' . htmlentities($member["pnote"], ENT_COMPAT, $site_encoding) . '</td>
              <td>' . htmlentities($member["offnote"], ENT_COMPAT, $site_encoding) . '</td>
              <td><span style="font-weight: bold;">' . get_days_with_color($member["clogout"]) . '</span></td>
              <td><img src="img/' . ($member["conline"] ? 'up' : 'down') . '.gif" alt="" /></td>';
        if ($showcountryflag) {
            // this_is_junk: apparently sometimes guilds end up with members who don't exist. O_o
            //               and because they don't exist, they don't have anything in their acct field.
            //               which misc_get_country_by_account() doesn't like.
            if ($member["acct"]) {
                $country = misc_get_country_by_account($member["acct"]);
            } else {
                $country = 0;
            }
            $output .= '
              <td>' . ($country["code"] ? '<img src="img/flags/' . $country["code"] . '.png" onmousemove="oldtoolTip(\'' . $country["country"] . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />' : '-') . '</td>';
        }
        $output .= '
            </tr>';
    }
    unset($member);
    $output .= '
            <tr>
              <td align="right" class="hidden">' . generate_pagination("guild.php?action=view_guild&amp;error=3&amp;id=" . $guild_id . "&amp;order_by=" . $order_by . "&amp;dir=" . !$dir, $guildmemberCount, $itemperpage, $start) . '</td>
            </tr>
          </table>
          <br />';
    $output .= '
          <table class="hidden center">
            <tr>
              <td>';
    if ($user_lvl >= $action_permission["delete"] || $amIguildleader) {
        makebutton(lang("guild", "del_guild"), "guild.php?action=del_guild&amp;realm=" . $realm_id . "&amp;id=" . $guild_id . "&amp;name=" . $guild_data["name"] . "\" type=\"wrn", 130);
        $output .= '
              </td>
              <td>';
    }
    makebutton(lang("guild", "guildbank"), "guildbank.php?id=" . $guild_id, 130);
    $output .= '
              </td>
              <td>';
    makebutton(lang("guild", "show_guilds"), "guild.php\" type=\"def", 130);
    $output .= '
              </td>
            </tr>
          </table>
        </div>';
}
Esempio n. 23
0
function char_rep()
{
    global $output, $realm_id, $characters_db, $logon_db, $corem_db, $action_permission, $site_encoding, $user_lvl, $user_name, $sql, $core;
    require_once 'libs/fact_lib.php';
    $reputation_rank = fact_get_reputation_rank_arr();
    $reputation_rank_length = fact_get_reputation_rank_length();
    if (empty($_GET["id"])) {
        error(lang("global", "empty_fields"));
    }
    // this is multi realm support, as of writing still under development
    //  this page is already implementing it
    if (empty($_GET["realm"])) {
        $realmid = $realm_id;
    } else {
        $realmid = $sql["logon"]->quote_smart($_GET["realm"]);
        if (is_numeric($realmid)) {
            $sql["char"]->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name'], $characters_db[$realmid]["encoding"]);
        } else {
            $realmid = $realm_id;
        }
    }
    $id = $sql["char"]->quote_smart($_GET["id"]);
    if (!is_numeric($id)) {
        $id = 0;
    }
    if ($core == 1) {
        $result = $sql["char"]->query("SELECT acct, name, race, class, level, gender FROM characters WHERE guid='" . $id . "' LIMIT 1");
    } else {
        $result = $sql["char"]->query("SELECT account AS acct, name, race, class, level, gender FROM characters WHERE guid='" . $id . "' LIMIT 1");
    }
    if ($sql["char"]->num_rows($result)) {
        $char = $sql["char"]->fetch_assoc($result);
        // we get user permissions first
        $owner_acc_id = $sql["char"]->result($result, 0, 'acct');
        if ($core == 1) {
            $result = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $char["acct"] . "'");
        } else {
            $result = $sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $char["acct"] . "'");
        }
        $owner_name = $sql["logon"]->result($result, 0, 'login');
        $s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='******'";
        $s_result = $sql["mgr"]->query($s_query);
        $s_fields = $sql["mgr"]->fetch_assoc($s_result);
        $owner_gmlvl = $s_fields["gm"];
        $view_mod = $s_fields["View_Mod_Rep"];
        if ($owner_gmlvl >= 1073741824) {
            $owner_gmlvl -= 1073741824;
        }
        // owner configured overrides
        $view_override = false;
        if ($view_mod > 0) {
            if ($view_mod == 1) {
            } elseif ($view_mod == 2) {
                // only registered users may view this page
                if ($user_lvl > -1) {
                    $view_override = true;
                }
            }
        }
        // visibility overrides for specific tabs
        $view_inv_override = false;
        if ($s_fields["View_Mod_Inv"] > 0) {
            if ($s_fields["View_Mod_Inv"] == 1) {
            } elseif ($s_fields["View_Mod_Inv"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_inv_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_inv_override = true;
            }
        }
        $view_talent_override = false;
        if ($s_fields["View_Mod_Talent"] > 0) {
            if ($s_fields["View_Mod_Talent"] == 1) {
            } elseif ($s_fields["View_Mod_Talent"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_talent_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_talent_override = true;
            }
        }
        $view_achieve_override = false;
        if ($s_fields["View_Mod_Achieve"] > 0) {
            if ($s_fields["View_Mod_Achieve"] == 1) {
            } elseif ($s_fields["View_Mod_Achieve"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_achieve_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_achieve_override = true;
            }
        }
        $view_quest_override = false;
        if ($s_fields["View_Mod_Quest"] > 0) {
            if ($s_fields["View_Mod_Quest"] == 1) {
            } elseif ($s_fields["View_Mod_Quest"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_quest_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_quest_override = true;
            }
        }
        $view_friends_override = false;
        if ($s_fields["View_Mod_Friends"] > 0) {
            if ($s_fields["View_Mod_Friends"] == 1) {
            } elseif ($s_fields["View_Mod_Friends"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_friends_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_friends_override = true;
            }
        }
        $view_view_override = false;
        if ($s_fields["View_Mod_View"] > 0) {
            if ($s_fields["View_Mod_View"] == 1) {
            } elseif ($s_fields["View_Mod_View"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_view_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_view_override = true;
            }
        }
        $view_pets_override = false;
        if ($s_fields["View_Mod_Pets"] > 0) {
            if ($s_fields["View_Mod_Pets"] == 1) {
            } elseif ($s_fields["View_Mod_Pets"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_pets_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_pets_override = true;
            }
        }
        $view_skill_override = false;
        if ($s_fields["View_Mod_Skill"] > 0) {
            if ($s_fields["View_Mod_Skill"] == 1) {
            } elseif ($s_fields["View_Mod_Skill"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_skill_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_skill_override = true;
            }
        }
        $view_pvp_override = false;
        if ($s_fields["View_Mod_PvP"] > 0) {
            if ($s_fields["View_Mod_PvP"] == 1) {
            } elseif ($s_fields["View_Mod_PvP"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_pvp_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_pvp_override = true;
            }
        }
        if ($view_override || $user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
            if ($core == 1) {
                $result = $sql["char"]->query("SELECT faction, standing FROM playerreputations WHERE guid='" . $id . "'");
                $factions = array();
                $faction_ranks = array();
                while ($fact = $sql["char"]->fetch_assoc($result)) {
                    array_push($factions, $fact["faction"]);
                    array_push($faction_ranks, $fact["standing"]);
                }
                /*$result = $result["reputation"];
                  $result = substr($result, 0, strlen($result) - 1);
                  $result = explode(",", $result);
                  $factions = array();
                  $faction_ranks = array();
                  $pick = 0;
                  foreach ( $result as $t )
                  {
                    switch ( $pick )
                    {
                      case 0:
                      {
                        array_push($factions, $t);
                        $pick = 1;
                        break;
                      }
                      case 1:
                      {
                        // we skip this one
                        $pick = 2;
                        break;
                      }
                      case 2:
                      {
                        // we skip this one
                        $pick = 3;
                        break;
                      }
                      case 3:
                      {
                        array_push($faction_ranks, $t);
                        $pick = 0;
                        break;
                      }
                    }
                  }*/
            } else {
                $result = $sql["char"]->query("SELECT faction, standing FROM character_reputation WHERE guid='" . $id . "' AND (flags & 1 = 1)");
                $factions = array();
                $faction_ranks = array();
                while ($fact = $sql["char"]->fetch_assoc($result)) {
                    array_push($factions, $fact["faction"]);
                    array_push($faction_ranks, $fact["standing"]);
                }
            }
            $output .= '
            <div class="tab">
              <ul>
                <li class="selected"><a href="char.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>';
            if ($view_inv_override) {
                $output .= '
                <li><a href="char_inv.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "inventory") . '</a></li>';
            }
            if ($view_talent_override) {
                $output .= '
                ' . ($char["level"] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "talents") . '</a></li>') . '';
            }
            if ($view_achieve_override) {
                $output .= '
                <li><a href="char_achieve.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "achievements") . '</a></li>';
            }
            if ($view_quest_override) {
                $output .= '
                <li><a href="char_quest.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "quests") . '</a></li>';
            }
            if ($view_friends_override) {
                $output .= '
                <li><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "friends") . '</a></li>';
            }
            if ($view_view_override) {
                $output .= '
                <li><a href="char_view.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "view") . '</a></li>';
            }
            $output .= '
               </ul>
            </div>
            <div class="tab_content center">
              <div class="tab">
                <ul>
                  <li><a href="char.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>';
            if (char_get_class_name($char["class"]) == "Hunter" && $view_pets_override) {
                $output .= '
                  <li><a href="char_pets.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "pets") . '</a></li>';
            }
            $output .= '
                  <li class="selected"><a href="char_rep.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "reputation") . '</a></li>';
            if ($view_skill_override) {
                $output .= '
                  <li><a href="char_skill.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "skills") . '</a></li>';
            }
            if ($view_pvp_override) {
                $output .= '
                  <li><a href="char_pvp.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "pvp") . '</a></li>';
            }
            if ($owner_name == $user_name || $user_lvl >= get_page_permission("insert", "char_mail.php")) {
                $output .= '
                  <li><a href="char_mail.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "mail") . '</a></li>';
            }
            $output .= '
                </ul>
              </div>
              <div class="tab_content2 center center_text">
                <span class="bold">
                  ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' -
                  <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                  <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . '
                </span>
                <br />
                <br />';
            $temp_out = array(1 => array('
                <table class="lined" id="ch_rep_rep_alliance">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi1" onclick="expand(\'i1\', this, \'Alliance\')">[-] ' . lang("char", "rep_alliance") . '</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i1" class="lined" style="width: 535px; display: table;">', 0), 2 => array('
                <table class="lined" id="ch_rep_rep_horde">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi2" onclick="expand(\'i2\', this, \'Horde\')">[-] ' . lang("char", "rep_horde") . '</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i2" class="lined" style="width: 535px; display: table;">', 0), 3 => array('
                <table class="lined" id="ch_rep_rep_alliance_forces">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi3" onclick="expand(\'i3\', this, \'Alliance Forces\')">[-] ' . lang("char", "rep_alliance_forces") . '</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i3" class="lined" style="width: 535px; display: table;">', 0), 4 => array('
                <table class="lined" id="ch_rep_rep_horde_forces">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi4" onclick="expand(\'i4\', this, \'Horde Forces\')">[-] ' . lang("char", "rep_horde_forces") . '</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i4" class="lined" style="width: 535px; display: table;">', 0), 5 => array('
                <table class="lined" id="ch_rep_rep_steamwheedle_cartel">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi5" onclick="expand(\'i5\', this, \'Steamwheedle Cartels\')">[-] ' . lang("char", "rep_steamwheedle_cartel") . '</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i5" class="lined" style="width: 535px; display: table;">', 0), 6 => array('
                <table class="lined" id="ch_rep_rep_the_burning_crusade">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi6" onclick="expand(\'i6\', this, \'The Burning Crusade\')">[-] ' . lang("char", "rep_the_burning_crusade") . '</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i6" class="lined" style="width: 535px; display: table;">', 0), 7 => array('
                <table class="lined" id="ch_rep_rep_shattrath_city">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi7" onclick="expand(\'i7\', this, \'Shattrath City\')">[-] ' . lang("char", "rep_shattrath_city") . '</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i7" class="lined" style="width: 535px; display: table;">', 0), 8 => array('
                <table class="lined" id="ch_rep_rep_alliance_vanguard">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi8" onclick="expand(\'i8\', this, \'Alliance Vanguard\')">[-] ' . lang("char", "rep_alliance_vanguard") . '</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i8" class="lined" style="width: 535px; display: table;">', 0), 9 => array('
                <table class="lined" id="ch_rep_rep_horde_expedition">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi9" onclick="expand(\'i9\', this, \'Horde Expedition \')">[-] ' . lang("char", "rep_horde_expedition") . '</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i9" class="lined" style="width: 535px; display: table;">', 0), 10 => array('
                <table class="lined" id="ch_rep_rep_sholazar_basin">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi10" onclick="expand(\'i10\', this, \'Sholazar Basin\')">[-] ' . lang("char", "rep_sholazar_basin") . '</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i10" class="lined" style="width: 535px; display: table;">', 0), 11 => array('
                <table class="lined" id="ch_rep_rep_wrath_of_the_lich_king">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi11" onclick="expand(\'i11\', this, \'Wrath of the Lich King\')">[-] ' . lang("char", "rep_wrath_of_the_lich_king") . '</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i11" class="lined" style="width: 535px; display: table;">', 0), 12 => array('
                <table class="lined" id="ch_rep_rep_other">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi12" onclick="expand(\'i12\', this, \'Other\')">[-] ' . lang("char", "rep_other") . '</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i12" class="lined" style="width: 535px; display: table;">', 0), 0 => array('
                <table class="lined" id="ch_rep_rep_unknown">
                  <tr>
                    <th colspan="3" align="left">
                      <div id="divi13" onclick="expand(\'i13\', this, \'Unknown\')">[-] ' . lang("char", "rep_unknown") . '</div>
                    </th>
                  </tr>
                  <tr>
                    <td>
                      <table id="i13" class="lined" style="width: 535px; display: table;">', 0));
            if (count($factions) > 1) {
                for ($i = 0; $i < count($factions); $i++) {
                    $faction = $factions[$i];
                    $standing = $faction_ranks[$i];
                    $rep_rank = fact_get_reputation_rank($faction, $standing, $char["race"]);
                    $rep_rank_name = $reputation_rank[$rep_rank];
                    $rep_cap = $reputation_rank_length[$rep_rank];
                    $rep = fact_get_reputation_at_rank($faction, $standing, $char["race"]);
                    $faction_name = fact_get_faction_name($faction);
                    $ft = fact_get_faction_tree($faction);
                    // not show alliance rep for horde and vice versa:
                    if (1 << $char["race"] - 1 & 690 && ($ft == 1 || $ft == 3) || 1 << $char["race"] - 1 & 1101 && ($ft == 2 || $ft == 4)) {
                    } else {
                        // this_is_junk: style left hardcoded because it's calculated.
                        $temp_out[$ft][0] .= '
                        <tr>
                          <td style="width: 30%;" align="left">' . $faction_name . '</td>
                          <td style="width: 55%;" valign="top">
                            <div class="faction-bar">
                              <div class="rep' . $rep_rank . '">
                                <span class="rep-data">' . $rep . '/' . $rep_cap . '</span>
                                <div class="bar-color" style="width:' . 100 * $rep / $rep_cap . '%"></div>
                              </div>
                            </div>
                          </td>
                          <td style="width: 15%;" align="left" class="rep' . $rep_rank . '">' . $rep_rank_name . '</td>
                        </tr>';
                        $temp_out[$ft][1] = 1;
                    }
                }
            } else {
                $output .= '
                        <tr>
                          <td colspan="2"><br /><br />' . lang("global", "err_no_records_found") . '<br /><br /></td>
                        </tr>';
            }
            foreach ($temp_out as $out) {
                if ($out[1]) {
                    $output .= $out[0] . '
                      </table>
                    </td>
                  </tr>
                </table>';
                }
            }
            $output .= '
                <br />
              </div>
              <br />
            </div>
            <br />
            <table class="hidden center">
              <tr>
                <td>';
            // button to user account page, user account page has own security
            makebutton(lang("char", "chars_acc"), 'user.php?action=edit_user&amp;id=' . $owner_acc_id . '', 130);
            $output .= '
                </td>
                <td>';
            // only higher level GM with delete access can edit character
            //  character edit allows removal of character items, so delete permission is needed
            if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"]) {
                //makebutton($lang_char["edit_button"], 'char_edit.php?id='.$id.'&amp;realm='.$realmid.'', 130);
                $output .= '
                </td>
                <td>';
            }
            // only higher level GM with delete access, or character owner can delete character
            if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"] || $owner_name === $user_name) {
                makebutton(lang("char", "del_char"), 'char_list.php?action=del_char_form&amp;check%5B%5D=' . $id . '" type="wrn', 130);
                $output .= '
                </td>
                <td>';
            }
            // only GM with update permission can send mail, mail can send items, so update permission is needed
            if ($user_lvl >= $action_permission["update"]) {
                makebutton(lang("char", "send_mail"), 'mail.php?type=ingame_mail&amp;to=' . $char["name"] . '', 130);
                $output .= '
                </td>
                <td>';
            }
            makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130);
            $output .= '
                </td>
              </tr>
            </table>
            <br />
          <!-- end of char_achieve.php -->';
        } else {
            error(lang("char", "no_permission"));
        }
    } else {
        error(lang("char", "no_char_found"));
    }
}
Esempio n. 24
0
function browse_chars()
{
    global $output, $logon_db, $corem_db, $corem_db, $characters_db, $realm_id, $site_encoding, $action_permission, $user_lvl, $user_name, $showcountryflag, $itemperpage, $timezone_offset, $sql, $core;
    //==========================$_GET and SECURE========================
    $start = isset($_GET["start"]) ? $sql["logon"]->quote_smart($_GET["start"]) : 0;
    if (!is_numeric($start)) {
        $start = 0;
    }
    $order_by = isset($_GET["order_by"]) ? $sql["logon"]->quote_smart($_GET["order_by"]) : "guid";
    if (!preg_match("/^[_[:lower:]]{1,12}\$/", $order_by)) {
        $order_by = "guid";
    }
    $dir = isset($_GET["dir"]) ? $sql["logon"]->quote_smart($_GET["dir"]) : 1;
    if (!preg_match("/^[01]{1}\$/", $dir)) {
        $dir = 1;
    }
    $order_dir = $dir ? "ASC" : "DESC";
    $dir = $dir ? 0 : 1;
    //==========================$_GET and SECURE end========================
    if ($order_by == "mapid") {
        $order_by = "mapid, zoneid";
        $order_hold = "mapid";
    } elseif ($order_by == "zoneid") {
        $order_by = "zoneid, mapid";
        $order_hold = "zoneid";
    } else {
        $order_hold = $order_by;
    }
    switch ($_GET["symbol"]) {
        case "equal":
            $symbol = "=";
            break;
        case "greater_equal":
            $symbol = ">=";
            break;
        case "greater":
            $symbol = ">";
            break;
        case "less_equal":
            $symbol = "<=";
            break;
        case "less":
            $symbol = "<";
            break;
        case "not_equal":
            $symbol = "<>";
            break;
    }
    $search_by = "";
    $search_value = "";
    if (isset($_GET["search_value"]) && isset($_GET["search_by"])) {
        $search_value = $sql["logon"]->quote_smart($_GET["search_value"]);
        $search_by = isset($_GET["search_by"]) ? $sql["logon"]->quote_smart($_GET["search_by"]) : "name";
        $search_menu = array("name", "guid", "account", "level", "greater_level", "guild", "race", "class", "mapid", "highest_rank", "greater_rank", "online", "gold", "item");
        if (!in_array($search_by, $search_menu)) {
            $search_by = "name";
        }
        unset($search_menu);
        switch ($search_by) {
            //need to get the acc id from other table since input comes as name
            case "account":
                if (preg_match('/^[\\t\\v\\b\\f\\a\\n\\r\\\\"\'\\? <>[](){}_=+-|!@#$%^&*~`.,0123456789\\0]{1,30}$/', $search_value)) {
                    redirect("charlist.php?error=2");
                }
                if ($core == 1) {
                    $result = $sql["logon"]->query("SELECT acct FROM accounts WHERE login LIKE '%" . $search_value . "%' LIMIT " . $start . ", " . $itemperpage);
                } else {
                    $result = $sql["logon"]->query("SELECT id AS acct FROM account WHERE username LIKE '%" . $search_value . "%' LIMIT " . $start . ", " . $itemperpage);
                }
                if ($core == 1) {
                    $where_out = " acct IN (0 ";
                } else {
                    $where_out = " account IN (0 ";
                }
                while ($char = $sql["logon"]->fetch_row($result)) {
                    $where_out .= ", ";
                    $where_out .= $char[0];
                }
                $where_out .= ") ";
                unset($result);
                break;
            case "level":
                if (!is_numeric($search_value)) {
                    $search_value = 1;
                }
                $where_out = "level" . $symbol . $search_value;
                break;
            case "gold":
                if (!is_numeric($search_value)) {
                    $search_value = 1;
                }
                if ($core == 1) {
                    $where_out = "gold" . $symbol . $search_value;
                } else {
                    $where_out = "money" . $symbol . $search_value;
                }
                break;
            case "guild":
                if (preg_match('/^[\\t\\v\\b\\f\\a\\n\\r\\\\"\'\\? <>[](){}_=+-|!@#$%^&*~`.,0123456789\\0]{1,30}$/', $search_value)) {
                    redirect("charlist.php?error=2");
                }
                if ($core == 1) {
                    $result = $sql["char"]->query("SELECT guildid FROM guilds WHERE guildname LIKE '%" . $search_value . "%'");
                } else {
                    $result = $sql["char"]->query("SELECT guildid FROM guild WHERE name LIKE '%" . $search_value . "%'");
                }
                $guildid = $sql["char"]->result($result, 0, 'guildid');
                if (!$search_value) {
                    $guildid = 0;
                }
                if ($core == 1) {
                    $Q1 = "SELECT playerid FROM guild_data WHERE guildid=" . $guildid;
                } else {
                    $Q1 = "SELECT guid AS playerid FROM guild_member WHERE guildid=" . $guildid;
                }
                $result = $sql["char"]->query($Q1);
                unset($guildid);
                unset($Q1);
                $where_out = "guid IN (0 ";
                while ($char = $sql["char"]->fetch_row($result)) {
                    $where_out .= ", ";
                    $where_out .= $char[0];
                }
                $where_out .= ") ";
                unset($result);
                break;
            case "item":
                if (!is_numeric($search_value)) {
                    $search_value = 0;
                }
                if ($core == 1) {
                    $result = $sql["char"]->query("SELECT ownerguid\r\n          FROM playeritems\r\n          WHERE entry" . $symbol . "'" . $search_value . "'");
                } elseif ($core == 2) {
                    $result = $sql["char"]->query("SELECT owner_guid AS ownerguid\r\n          FROM character_inventory\r\n            LEFT JOIN item_instance ON character_inventory.item=item_instance.guid\r\n          WHERE item_template" . $symbol . "'" . $search_value . "'");
                } else {
                    $result = $sql["char"]->query("SELECT owner_guid AS ownerguid\r\n          FROM character_inventory\r\n            LEFT JOIN item_instance ON character_inventory.item=item_instance.guid\r\n          WHERE itemEntry" . $symbol . "'" . $search_value . "'");
                }
                $where_out = "guid IN (0 ";
                while ($char = $sql["char"]->fetch_row($result)) {
                    if ($char[0] != NULL) {
                        $where_out .= ", ";
                        $where_out .= $char[0];
                    }
                }
                $where_out .= ") ";
                unset($result);
                break;
            case "highest_rank":
                if (!is_numeric($search_value)) {
                    $search_value = 0;
                }
                if ($core == 1) {
                    $where_out = "SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ';', " . (PLAYER_FIELD_LIFETIME_HONORBALE_KILLS + 1) . "), ';', -1)" . $symbol . $search_value;
                } else {
                    $where_out = "totalKills" . $symbol . $search_value;
                }
                break;
            case "mapid":
                if (!is_numeric($search_value)) {
                    $search_value = 0;
                }
                if ($core == 1) {
                    $where_out = "mapid" . $symbol . $search_value;
                } else {
                    $where_out = "map" . $symbol . $search_value;
                }
                break;
            case "online":
                if ($search_value != 0) {
                    $search_value = 1;
                } else {
                    $search_value = 0;
                }
                $where_out = "online=" . $search_value;
                break;
            default:
                if (preg_match('/^[\\t\\v\\b\\f\\a\\n\\r\\\\"\'\\? <>[](){}_=+-|!@#$%^&*~`.,0123456789\\0]{1,30}$/', $search_value)) {
                    redirect("charlist.php?error=2");
                }
                if (!is_numeric($search_value)) {
                    $where_out = $search_by . " LIKE '%" . $search_value . "%'";
                } else {
                    $where_out = $search_by . $symbol . "'" . $search_value . "'";
                }
        }
        if ($core == 1) {
            $sql_query = "SELECT guid, name, acct, race, class, zoneid, mapid,\r\n        CAST( SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ';', " . (PLAYER_FIELD_LIFETIME_HONORBALE_KILLS + 1) . "), ';', -1) AS UNSIGNED) AS highest_rank,\r\n        online, level, gender, timestamp\r\n        FROM `characters`\r\n        WHERE " . $where_out . " ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage;
        } else {
            $sql_query = "SELECT guid, name, account AS acct, race, class, zone AS zoneid, map AS mapid,\r\n        totalKills AS highest_rank,\r\n        online, level, gender, logout_time AS timestamp\r\n        FROM `characters`\r\n        WHERE " . $where_out . " ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage;
        }
        $query_1 = $sql["char"]->query("SELECT COUNT(*) FROM `characters` WHERE " . $where_out);
        $query = $sql["char"]->query($sql_query);
    } else {
        $query_1 = $sql["char"]->query("SELECT COUNT(*) FROM `characters`");
        if ($core == 1) {
            $query = $sql["char"]->query("SELECT guid, name, acct, race, class, zoneid, mapid,\r\n        online, level, gender, timestamp,\r\n        CAST( SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ';', " . (PLAYER_FIELD_LIFETIME_HONORBALE_KILLS + 1) . "), ';', -1) AS UNSIGNED) AS highest_rank\r\n        FROM `characters` ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage);
        } else {
            $query = $sql["char"]->query("SELECT guid, name, account AS acct, race, class, zone AS zoneid, map AS mapid,\r\n        online, level, gender, logout_time AS timestamp,\r\n        totalKills AS highest_rank\r\n        FROM `characters` ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage);
        }
    }
    $all_record = $sql["char"]->result($query_1, 0);
    unset($query_1);
    $this_page = $sql["char"]->num_rows($query);
    //==========================top page navigaion starts here========================
    $output .= '
        <script type="text/javascript" src="libs/js/check.js"></script>
          <table class="top_hidden">
            <tr>
              <td>';
    // cleanup unknown working condition
    //if($user_lvl >= $action_permission["delete"])
    //              makebutton($lang_char_list["cleanup"], 'cleanup.php', 130);
    makebutton(lang("global", "back"), 'javascript:window.history.back()', 130);
    $search_by && $search_value ? makebutton(lang("char_list", "characters"), 'char_list.php" type="def', 130) : ($output .= '');
    $output .= '
              </td>
              <td align="right" style="width: 25%;" rowspan="2">';
    $output .= generate_pagination('char_list.php?order_by=' . $order_hold . '&amp;dir=' . ($dir ? 0 : 1) . ($search_value && $search_by ? '&amp;symbol=' . $_GET["symbol"] . '&amp;search_by=' . $search_by . '&amp;search_value=' . $search_value . '' : ''), $all_record, $itemperpage, $start);
    $output .= '
              </td>
            </tr>
            <tr align="left">
              <td>
                <table class="hidden">
                  <tr>
                    <td>
                      <form action="char_list.php" method="get" id="form">
                        <div>
                          <input type="hidden" name="error" value="3" />
                          <select name="search_by">
                            <option value="name"' . ($search_by == "name" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_name") . '</option>
                            <option value="guid"' . ($search_by == "guid" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_id") . '</option>
                            <option value="account"' . ($search_by == "account" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_account") . '</option>
                            <option value="level"' . ($search_by == "level" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_level") . '</option>
                            <option value="guild"' . ($search_by == "guild" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_guild") . '</option>
                            <option value="race"' . ($search_by == "race" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_race_id") . '</option>
                            <option value="class"' . ($search_by == "class" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_class_id") . '</option>
                            <option value="mapid"' . ($search_by == "mapid" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_map_id") . '</option>
                            <option value="highest_rank"' . ($search_by == "highest_rank" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_honor_kills") . '</option>
                            <option value="online"' . ($search_by == "online" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_online") . '</option>
                            <option value="gold"' . ($search_by == "gold" ? ' selected="selected"' : '') . '>' . lang("char_list", "chars_gold") . '</option>
                            <option value="item"' . ($search_by == "item" ? ' selected="selected"' : '') . '>' . lang("char_list", "by_item") . '</option>
                          </select>
                          <select name="symbol">
                            <option value="equal"' . ($symbol == "=" ? ' selected="selected"' : '') . '>=</option>
                            <option value="greater_equal"' . ($symbol == ">=" ? ' selected="selected"' : '') . '>&gt;=</option>
                            <option value="greater"' . ($symbol == ">" ? ' selected="selected"' : '') . '>&gt;</option>
                            <option value="less_equal"' . ($symbol == "<=" ? ' selected="selected"' : '') . '>&lt;=</option>
                            <option value="less"' . ($symbol == "<" ? ' selected="selected"' : '') . '>&lt;</option>
                            <option value="not_equal"' . ($symbol == "<>" ? ' selected="selected"' : '') . '>!=</option>
                          </select>
                          <input type="text" size="24" maxlength="50" name="search_value" value="' . $search_value . '" />
                        </div>
                      </form>
                    </td>
                    <td>';
    makebutton(lang("global", "search"), 'javascript:do_submit()', 80);
    $output .= '
                    </td>
                  </tr>
                </table>
              </td>
            </tr>
          </table>';
    //==========================top page navigaion ENDS here ========================
    $output .= '
          <form method="get" action="char_list.php" id="form1">
            <div>
              <input type="hidden" name="action" value="del_char_form" />
              <input type="hidden" name="start" value="' . $start . '" />
            </div>
            <table class="lined" id="char_list_table">
              <tr>
                <td colspan="6" align="left" class="hidden">';
    if ($user_lvl >= $action_permission["delete"] || $owner_acc_name == $user_name) {
        makebutton(lang("char_list", "del_selected_chars"), 'javascript:do_submit(\'form1\',0)" type="wrn', 220);
    }
    $output .= '
                </td>
              </tr>
              <tr>
                <th style="width: 1%;">
                  <input name="allbox" type="checkbox" value="Check All" onclick="CheckAll(document.form1);" />
                </th>
                <th style="width: 1%;">
                  <a href="char_list.php?order_by=guid&amp;start=' . $start . ($search_value && $search_by ? '&amp;search_by=' . $search_by . '&amp;symbol=' . $_GET["symbol"] . '&amp;search_value=' . $search_value : '') . '&amp;dir=' . $dir . '">' . ($order_by == "guid" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "id") . '</a>
                </th>
                <th style="width: 10%;">
                  <a href="char_list.php?order_by=name&amp;start=' . $start . ($search_value && $search_by ? '&amp;search_by=' . $search_by . '&amp;symbol=' . $_GET["symbol"] . '&amp;search_value=' . $search_value : '') . '&amp;dir=' . $dir . '">' . ($order_by == "name" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "char_name") . '</a>
                </th>
                <th style="width: 10%;">
                  <a href="char_list.php?order_by=acct&amp;start=' . $start . ($search_value && $search_by ? '&amp;search_by=' . $search_by . '&amp;symbol=' . $_GET["symbol"] . '&amp;search_value=' . $search_value : '') . '&amp;dir=' . $dir . '">' . ($order_by == "acct" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "account") . '</a>
                </th>
                <th style="width: 1%;">
                  <a href="char_list.php?order_by=race&amp;start=' . $start . ($search_value && $search_by ? '&amp;search_by=' . $search_by . '&amp;symbol=' . $_GET["symbol"] . '&amp;search_value=' . $search_value : '') . '&amp;dir=' . $dir . '">' . ($order_by == "race" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "race_short") . '</a>
                </th>
                <th style="width: 1%;">
                  <a href="char_list.php?order_by=class&amp;start=' . $start . ($search_value && $search_by ? '&amp;search_by=' . $search_by . '&amp;symbol=' . $_GET["symbol"] . '&amp;search_value=' . $search_value : '') . '&amp;dir=' . $dir . '">' . ($order_by == "class" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "class_short") . '</a>
                </th>
                <th style="width: 1%;">
                  <a href="char_list.php?order_by=level&amp;start=' . $start . ($search_value && $search_by ? '&amp;search_by=' . $search_by . '&amp;symbol=' . $_GET["symbol"] . '&amp;search_value=' . $search_value : '') . '&amp;dir=' . $dir . '">' . ($order_by == "level" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "level_short") . '</a>
                </th>
                <th style="width: 10%;">
                  <a href="char_list.php?order_by=mapid&amp;start=' . $start . ($search_value && $search_by ? '&amp;search_by=' . $search_by . '&amp;symbol=' . $_GET["symbol"] . '&amp;search_value=' . $search_value : '') . '&amp;dir=' . $dir . '">' . ($order_by == "mapid, zoneid" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "map") . '</a>
                </th>
                <th style="width: 10%;">
                  <a href="char_list.php?order_by=zoneid&amp;start=' . $start . ($search_value && $search_by ? '&amp;search_by=' . $search_by . '&amp;symbol=' . $_GET["symbol"] . '&amp;search_value=' . $search_value : '') . '&amp;dir=' . $dir . '">' . ($order_by == "zoneid, mapid" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "zone") . '</a>
                </th>
                <th style="width: 1%;">
                  <a href="char_list.php?order_by=highest_rank&amp;start=' . $start . ($search_value && $search_by ? '&amp;search_by=' . $search_by . '&amp;symbol=' . $_GET["symbol"] . '&amp;search_value=' . $search_value : '') . '&amp;dir=' . $dir . '">' . ($order_by == "highest_rank" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "honor_kills") . '</a>
                </th>
                <th style="width: 10%;">
                  <!-- a href="char_list.php?order_by=guild&amp;start=' . $start . ($search_value && $search_by ? '&amp;search_by=' . $search_by . '&amp;symbol=' . $_GET["symbol"] . '&amp;search_value=' . $search_value : '') . '&amp;dir=' . $dir . '" -->' . ($order_by == "guild" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "guild") . '<!-- /a -->
                </th>
                <th style="width: 10%;">
                  <a href="char_list.php?order_by=timestamp&amp;start=' . $start . ($search_value && $search_by ? '&amp;search_by=' . $search_by . '&amp;symbol=' . $_GET["symbol"] . '&amp;search_value=' . $search_value : '') . '&amp;dir=' . $dir . '">' . ($order_by == "logout_time" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . lang("char_list", "lastseen") . '</a>
                </th>
                <th style="width: 1%;">
                  <a href="char_list.php?order_by=online&amp;start=' . $start . ($search_value && $search_by ? '&amp;search_by=' . $search_by . '&amp;symbol=' . $_GET["symbol"] . '&amp;search_value=' . $search_value : '') . '&amp;dir=' . $dir . '">' . ($order_by == "online" ? '<img src="img/arr_' . ($dir ? "dw" : "up") . '.gif" alt="" /> ' : '') . '
                    <img src="img/lightning.png" onmousemove="oldtoolTip(\'' . lang("char_list", "online") . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" ' . ($order_by == "online" ? '' : 'style="position: relative; top: 7px;"') . ' />
                  </a>
                </th>';
    if ($showcountryflag) {
        require_once "libs/misc_lib.php";
        $output .= '
                <th style="width: 1%;">
                  <img src="img/world.png" onmousemove="oldtoolTip(\'' . lang("global", "country") . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                </th>';
    }
    if ($user_lvl >= $action_permission["update"]) {
        $output .= '
                <th style="width: 1%;">
                  <img src="img/arrow_switch.png" onmousemove="oldtoolTip(\'' . lang("char_list", "char_tools") . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                </th>';
    }
    $output .= '
              </tr>';
    $looping = $this_page < $itemperpage ? $this_page : $itemperpage;
    for ($i = 1; $i <= $looping; $i++) {
        // switched to fetch_assoc because using record indexes is for morons
        $char = $sql["char"]->fetch_assoc($query, 0) or die(error(lang("global", "err_no_user")));
        // to disalow lower lvl gm to  view accounts of other GMs
        if ($core == 1) {
            $a_query = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $char["acct"] . "'");
        } else {
            $a_query = $sql["logon"]->query("SELECT username as login FROM account WHERE id='" . $char["acct"] . "'");
        }
        $owner_acc_name = $sql["logon"]->result($a_query, 0, 'login');
        $gm_query = $sql["mgr"]->query("SELECT SecurityLevel AS gm FROM config_accounts WHERE Login='******'");
        $owner_gmlvl = $sql["mgr"]->result($gm_query, 0, 'gm');
        if ($owner_gmlvl >= 1073741824) {
            $owner_gmlvl -= 1073741824;
        }
        $time_offset = $timezone_offset * 3600;
        if ($char["timestamp"] != 0) {
            // we only show hours if it was today
            if (date("M j, Y", $char["timestamp"] + $time_offset) == date("M j, Y", $time_offset)) {
                $lastseen = date(lang("char_list", "today") . " @ Hi", $char["timestamp"] + $time_offset);
            } else {
                $lastseen = date("M j, Y", $char["timestamp"] + $time_offset);
            }
        } else {
            $lastseen = "-";
        }
        if ($core == 1) {
            $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_data WHERE playerid='" . $char["guid"] . "'"), 0);
            $guild_name = $sql["char"]->result($sql["char"]->query("SELECT guildName FROM guilds WHERE guildid='" . $guild_id . "'"));
        } else {
            $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_member WHERE guid='" . $char["guid"] . "'"), 0);
            $guild_name = $sql["char"]->result($sql["char"]->query("SELECT name FROM guild WHERE guildid='" . $guild_id . "'"));
        }
        // we need the screen name here
        // but first, we need the user name
        if ($core == 1) {
            $un_query = "SELECT * FROM accounts WHERE acct='" . $char["acct"] . "'";
        } else {
            $un_query = "SELECT * FROM account WHERE id='" . $char["acct"] . "'";
        }
        $un_results = $sql["logon"]->query($un_query);
        $un = $sql["logon"]->fetch_assoc($un_results);
        $sn_query = "SELECT * FROM config_accounts WHERE Login='******'";
        $sn_result = $sql["mgr"]->query($sn_query);
        $sn = $sql["mgr"]->fetch_assoc($sn_result);
        if ($user_lvl >= $owner_gmlvl || $owner_acc_name == $user_name || $user_lvl == $action_permission["delete"]) {
            $output .= '
              <tr>
                <td>';
            if ($user_lvl >= $action_permission["delete"] || $owner_acc_name == $user_name) {
                $output .= '
                  <input type="checkbox" name="check[]" value="' . $char["guid"] . '" onclick="CheckCheckAll(document.form1);" />';
            }
            $output .= '
                </td>
                <td>' . $char["guid"] . '</td>
                <td>
                  <a href="char.php?id=' . $char["guid"] . '">' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . '</a>
                </td>';
            if ($sn["ScreenName"]) {
                $output .= '
                <td>
                  <a href="user.php?action=edit_user&amp;error=11&amp;acct=' . $char["acct"] . '">' . htmlentities($sn["ScreenName"], ENT_COMPAT, $site_encoding) . '</a>
                </td>';
            } else {
                $output .= '
                <td>
                  <a href="user.php?action=edit_user&amp;error=11&amp;acct=' . $char["acct"] . '">' . htmlentities($owner_acc_name, ENT_COMPAT, $site_encoding) . '</a>
                </td>';
            }
            $output .= '
                <td>
                  <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                </td>
                <td>
                  <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                </td>
                <td>
                  <span>' . char_get_level_color($char["level"]) . '</span>
                </td>
                <td>
                  <span onmousemove="oldtoolTip(\'MapID:' . $char["mapid"] . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_map_name($char["mapid"]) . '</span>
                </td>
                <td>
                  <span onmousemove="oldtoolTip(\'ZoneID:' . $char["zoneid"] . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_zone_name($char["zoneid"]) . '</span>
                </td>
                <td>
                  <span>' . $char["highest_rank"] . '</span>
                </td>
                <td>
                  <a href="guild.php?action=view_guild&amp;error=3&amp;id=' . $guild_id . '">' . htmlentities($guild_name, ENT_COMPAT, $site_encoding) . '</a>
                </td>
                <td>
                  <span>' . $lastseen . '</span>
                </td>
                <td>
                  <img src="img/' . ($char["online"] ? 'up' : 'down') . '.gif" alt="" />
                </td>';
            if ($showcountryflag) {
                $country = misc_get_country_by_account($char["acct"]);
                if ($country["code"]) {
                    $output .= '
                <td>
                  <img src="img/flags/' . $country["code"] . '.png" onmousemove="oldtoolTip(\'' . $country["country"] . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                </td>';
                } else {
                    $output .= '
                <td>
                  <span>-</span>
                </td>';
                }
            }
            if ($user_lvl >= $action_permission["update"]) {
                $output .= '
                <td>
                  <a href="char_tools.php?char=' . $char["guid"] . '">
                    <img src="img/arrow_switch.png" alt="" />
                  </a>
                </td>';
            }
            $output .= '
              </tr>';
        } else {
            $output .= '
              <tr>
                <td>*</td><td>***</td><td>***</td><td>You</td><td>Have</td><td>No</td><td class="small">Permission</td><td>to</td><td>View</td><td>this</td><td>Data</td><td>***</td><td>*</td>';
            if ($showcountryflag) {
                $output .= '<td>*</td>';
            }
            $output .= '
                <td>*</td>
              </tr>';
        }
    }
    unset($char);
    unset($result);
    $output .= '
              <tr>
                <td colspan="13" align="right" class="hidden" style="width: 25%;">';
    $output .= generate_pagination('char_list.php?order_by=' . $order_by . '&amp;dir=' . ($dir ? 0 : 1) . ($search_value && $search_by ? '&amp;symbol=' . $_GET["symbol"] . '&amp;search_by=' . $search_by . '&amp;search_value=' . $search_value . '' : ''), $all_record, $itemperpage, $start);
    $output .= '
                </td>
              </tr>
              <tr>
                <td colspan="6" align="left" class="hidden">';
    if ($user_lvl >= $action_permission["delete"] || $owner_acc_name == $user_name) {
        makebutton(lang("char_list", "del_selected_chars"), 'javascript:do_submit(\'form1\',0)" type="wrn', 220);
    }
    $output .= '
                </td>
                <td colspan="7" align="right" class="hidden">' . lang("char_list", "tot_chars") . ' : ' . $all_record . '</td>
              </tr>
            </table>
          </form>';
}
Esempio n. 25
0
function edit_user()
{
    global $lang_global, $lang_user, $output, $realm_db, $characters_db, $realm_id, $mmfpm_db, $user_lvl, $user_name, $gm_level_arr, $action_permission, $expansion_select, $developer_test_mode, $multi_realm_mode, $server;
    $active_realm_id_pq = "active_realm_id";
    if (empty($_GET['id'])) {
        redirect("user.php?error=10");
    }
    $sqlr = new SQL();
    $sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
    $sqlm = new SQL();
    $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
    $sqlc = new SQL();
    $sqlc->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
    $id = $sqlr->quote_smart($_GET['id']);
    $result = $sqlr->query("SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,{$active_realm_id_pq},expansion FROM account WHERE id = '{$id}'");
    $data = $sqlr->fetch_assoc($result);
    $refguid = $sqlm->fetch_assoc($sqlm->query('SELECT InvitedBy FROM mm_point_system_invites WHERE PlayersAccount = ' . $data['id'] . ''));
    $refguid = $refguid['InveitedBy'];
    $referred_by = $sqlc->fetch_assoc($sqlc->query("SELECT name FROM characters WHERE guid = '{$refguid}'"));
    unset($refguid);
    $referred_by = $referred_by['name'];
    if ($sqlr->num_rows($result)) {
        $output .= '
        <center>
          <script type="text/javascript" src="libs/js/sha1.js"></script>
          <script type="text/javascript">
            // <![CDATA[
              function do_submit_data ()
              {
                if ((document.form.username.value != "' . $data['username'] . '") && (document.form.new_pass.value == "******"))
                {
                  alert("If you are changing Username, The password must be changed too.");
                  return;
                }
                else
                {
                  document.form.pass.value = hex_sha1(document.form.username.value.toUpperCase()+":"+document.form.new_pass.value.toUpperCase());
                  document.form.new_pass.value = "0";
                  do_submit();
                }
              }
            // ]]>
          </script>
          <fieldset style="width: 550px;">
            <legend>' . $lang_user['edit_acc'] . '</legend>
            <form method="post" action="user.php?action=doedit_user" name="form">
            <input type="hidden" name="pass" value="" maxlength="256" />
            <input type="hidden" name="id" value="' . $id . '" />
            <table class="flat">
              <tr>
                <td>' . $lang_user['id'] . '</td>
                <td>' . $data['id'] . '</td>
              </tr>
              <tr>
                <td>' . $lang_user['username'] . '</td>';
        if ($user_lvl >= $action_permission['update']) {
            $output .= '
                <td><input type="text" name="username" size="42" maxlength="15" value="' . $data['username'] . '" /></td>';
        } else {
            $output .= '
                <td>' . $data['username'] . '</td>';
        }
        $output .= '
              </tr>
              <tr>
                <td>' . $lang_user['password'] . '</td>';
        if ($user_lvl >= $action_permission['update']) {
            $output .= "\r\n                <td><input type=\"text\" name=\"new_pass\" size=\"42\" maxlength=\"40\" value=\"******\" /></td>";
        } else {
            $output .= "\r\n                <td>********</td>";
        }
        $output .= "\r\n              </tr>\r\n              <tr>\r\n                <td>{$lang_user['email']}</td>";
        if ($user_lvl >= $action_permission['update']) {
            $output .= '
                <td><input type="text" name="mail" size="42" maxlength="225" value="' . $data['email'] . '" /></td>';
        } else {
            $output .= "\r\n                <td>***@***.***</td>";
        }
        $output .= "\r\n              </tr>\r\n              <tr>\r\n                <td>{$lang_user['invited_by']}:</td>\r\n                <td>";
        if ($user_lvl >= $action_permission['update'] && !$referred_by != NULL) {
            $output .= "\r\n                  <input type=\"text\" name=\"referredby\" size=\"42\" maxlength=\"12\" value=\"{$referred_by}\" />";
        } else {
            $output .= "\r\n                  {$referred_by}";
        }
        $output .= "\r\n                </td>\r\n              </tr>\r\n              <tr>\r\n                <td>{$lang_user['gm_level_long']}</td>";
        if ($user_lvl >= $action_permission['update']) {
            $output .= "\r\n                <td>\r\n                  <select name=\"gmlevel\">";
            foreach ($gm_level_arr as $level) {
                if ($level[0] > -1 && $level[0] < $user_lvl) {
                    $output .= "\r\n                    <option value=\"{$level[0]}\" ";
                    if ($data['gmlevel'] == $level[0]) {
                        $output .= "selected=\"selected\" ";
                    }
                    $output .= ">{$level[1]}</option>";
                }
            }
            $output .= "\r\n                  </select>\r\n                </td>";
        } else {
            $output .= '
                <td>' . id_get_gm_level($data['gmlevel']) . ' ( ' . $data['gmlevel'] . ' )</td>';
        }
        $output .= '
              </tr>
              <tr>
                <td>' . $lang_user['join_date'] . '</td>
                <td>' . $data['joindate'] . '</td>
              </tr>
              <tr>
                <td>' . $lang_user['last_ip'] . '</td>';
        if ($user_lvl >= $action_permission['update']) {
            $output .= '
                <td>' . $data['last_ip'] . '<a href="banned.php?action=do_add_entry&amp;entry=' . $data['last_ip'] . '&amp;bantime=3600&amp;ban_type=ip_banned"> &lt;- ' . $lang_user['ban_this_ip'] . '</a></td>';
        } else {
            $output .= "\r\n                <td>***.***.***.***</td>";
        }
        $output .= "\r\n              </tr>\r\n              <tr>\r\n                <td>{$lang_user['banned']}</td>";
        $que = $sqlr->query("SELECT bandate, unbandate, bannedby, banreason FROM account_banned WHERE id = {$id}");
        if ($sqlr->num_rows($que)) {
            $banned = $sqlr->fetch_row($que);
            $ban_info = " From:" . date('d-m-Y G:i', $banned[0]) . " till:" . date('d-m-Y G:i', $banned[1]) . "<br />by {$banned['2']}";
            $ban_checked = " checked=\"checked\"";
        } else {
            $ban_checked = "";
            $ban_info = "";
            $banned[3] = "";
        }
        if ($user_lvl >= $action_permission['update']) {
            $output .= "\r\n                <td><input type=\"checkbox\" name=\"banned\" value=\"1\" {$ban_checked}/>{$ban_info}</td>";
        } else {
            $output .= "\r\n                <td>{$ban_info}</td>";
        }
        $output .= "\r\n              </tr>\r\n              <tr>\r\n                <td>{$lang_user['banned_reason']}</td>";
        if ($user_lvl >= $action_permission['update']) {
            $output .= "\r\n                <td><input type=\"text\" name=\"banreason\" size=\"42\" maxlength=\"255\" value=\"{$banned['3']}\" /></td>";
        } else {
            $output .= "\r\n                <td>{$banned['3']}</td>";
        }
        if ($expansion_select) {
            $output .= "\r\n              </tr>\r\n              <tr>";
            if ($user_lvl >= $action_permission['update']) {
                $output .= "\r\n                <td>{$lang_user['client_type']}</td>";
                $output .= "\r\n                <td>\r\n                  <select name=\"expansion\">";
                $output .= "\r\n                    <option value=\"0\">{$lang_user['classic']}</option>\r\n                    <option value=\"1\" ";
                if ($data['expansion'] == 1) {
                    $output .= "selected=\"selected\" ";
                }
                $output .= ">{$lang_user['tbc']}</option>\r\n                   <option value=\"2\" ";
                if ($data['expansion'] == 2) {
                    $output .= "selected=\"selected\" ";
                }
                $output .= ">{$lang_user['wotlk']}</option>\r\n                  </select>\r\n                </td>";
            } else {
                $output .= "\r\n                <td>{$lang_user['classic']}</td>";
            }
        }
        $output .= "\r\n              </tr>\r\n              <tr>\r\n                <td>{$lang_user['failed_logins_long']}</td>";
        if ($user_lvl >= $action_permission['update']) {
            $output .= '
                <td><input type="text" name="failed" size="42" maxlength="3" value="' . $data['failed_logins'] . '" /></td>';
        } else {
            $output .= '
                <td>' . $data['failed_logins'] . '</td>';
        }
        $output .= "\r\n              </tr>\r\n              <tr>\r\n                <td>{$lang_user['locked']}</td>";
        $lock_checked = $data['locked'] ? " checked=\"checked\"" : "";
        if ($user_lvl >= $action_permission['update']) {
            $output .= "\r\n                <td><input type=\"checkbox\" name=\"locked\" value=\"1\" {$lock_checked}/></td>";
        } else {
            $output .= "\r\n                <td></td>";
        }
        $output .= '
              </tr>
              <tr>
                <td>' . $lang_user['last_login'] . '</td>
                <td>' . $data['last_login'] . '</td>
              </tr>
              <tr>
                <td>' . $lang_user['online'] . '</td>';
        $output .= "\r\n                <td>" . ($data['active_realm_id'] ? $lang_global['yes'] : $lang_global['no']) . "</td>\r\n              </tr>";
        $query = $sqlr->query("SELECT SUM(numchars) FROM realmcharacters WHERE acctid = '{$id}'");
        $tot_chars = $sqlr->result($query, 0);
        $query = $sqlc->query("SELECT count(*) FROM `characters` WHERE account = {$id}");
        $chars_on_realm = $sqlc->result($query, 0);
        $output .= "\r\n              <tr>\r\n                <td>{$lang_user['tot_chars']}</td>\r\n                <td>{$tot_chars}</td>\r\n              </tr>";
        $realms = $sqlr->query("SELECT id, name FROM realmlist");
        if ($developer_test_mode && $multi_realm_mode && ($sqlr->num_rows($realms) > 1 && count($server) > 1 && count($characters_db) > 1)) {
            require_once "scripts/get_lib.php";
            while ($realm = $sqlr->fetch_array($realms)) {
                $sqlc->connect($characters_db[$realm[0]]['addr'], $characters_db[$realm[0]]['user'], $characters_db[$realm[0]]['pass'], $characters_db[$realm[0]]['name']);
                $query = $sqlc->query("SELECT count(*) FROM `characters` WHERE account = {$id}");
                $chars_on_realm = $sqlc->result($query, 0);
                $output .= "\r\n              <tr>\r\n                <td>{$lang_user['chars_on_realm']} " . get_realm_name($realm[0]) . "</td>\r\n                <td>{$chars_on_realm}</td>\r\n              </tr>";
                if ($chars_on_realm) {
                    $char_array = $sqlc->query("SELECT guid, name, race, class, level, gender\r\n          FROM `characters` WHERE account = {$id}");
                    while ($char = $sqlc->fetch_array($char_array)) {
                        $output .= "\r\n              <tr>\r\n                <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'---></td>\r\n                <td>\r\n                      <a href=\"char.php?id={$char['0']}&amp;realm={$realm['0']}\">{$char['1']}  - <img src='img/c_icons/{$char[2]}-{$char[5]}.gif' onmousemove='toolTip(\"" . char_get_race_name($char[2]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" />\r\n                      <img src='img/c_icons/{$char[3]}.gif' onmousemove='toolTip(\"" . char_get_class_name($char[3]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\"/> - lvl " . char_get_level_color($char[4]) . "</a>\r\n                </td>\r\n              </tr>";
                    }
                }
            }
        } else {
            $query = $sqlc->query("SELECT count(*) FROM `characters` WHERE account = {$id}");
            $chars_on_realm = $sqlc->result($query, 0);
            $output .= "\r\n              <tr>\r\n                <td>{$lang_user['chars_on_realm']}</td>\r\n                <td>{$chars_on_realm}</td>\r\n              </tr>";
            if ($chars_on_realm) {
                $char_array = $sqlc->query("SELECT guid,name,race,class, level, gender FROM `characters` WHERE account = {$id}");
                while ($char = $sqlc->fetch_array($char_array)) {
                    $output .= "\r\n                <tr>\r\n                  <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'---></td>\r\n                  <td>\r\n                    <a href=\"char.php?id={$char['0']}\">{$char['1']}  - <img src='img/c_icons/{$char[2]}-{$char[5]}.gif' onmousemove='toolTip(\"" . char_get_race_name($char[2]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" />\r\n                    <img src='img/c_icons/{$char[3]}.gif' onmousemove='toolTip(\"" . char_get_class_name($char[3]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\"/> - lvl " . char_get_level_color($char[4]) . "</a>\r\n                  </td>\r\n                </tr>";
                }
            }
        }
        $output .= "\r\n              <tr>\r\n                <td>";
        if ($user_lvl >= $action_permission['delete']) {
            makebutton($lang_user['del_acc'], "user.php?action=del_user&amp;check%5B%5D={$id}\" type=\"wrn", 130);
        }
        $output .= "\r\n                </td>\r\n                <td>";
        if ($user_lvl >= $action_permission['update']) {
            makebutton($lang_user['update_data'], "javascript:do_submit_data()", 130);
        }
        makebutton($lang_global['back'], "javascript:window.history.back()\" type=\"def", 130);
        $output .= "\r\n                </td>\r\n                </tr>\r\n              </table>\r\n            </form>\r\n          </fieldset>\r\n          <br /><br />\r\n        </center>\r\n";
    } else {
        error($lang_global['err_no_user']);
    }
}
Esempio n. 26
0
function char_friends()
{
    global $output, $realm_id, $logon_db, $corem_db, $characters_db, $site_encoding, $action_permission, $user_lvl, $user_name, $sql, $core;
    if (empty($_GET["id"])) {
        error(lang("global", "empty_fields"));
    } else {
        $id = $_GET["id"];
    }
    // this is multi realm support, as of writing still under development
    //  this page is already implementing it
    if (empty($_GET["realm"])) {
        $realmid = $realm_id;
    } else {
        $realmid = $sql["logon"]->quote_smart($_GET["realm"]);
        if (is_numeric($realmid)) {
            $sql["char"]->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name'], $characters_db[$realmid]["encoding"]);
        } else {
            $realmid = $realm_id;
        }
    }
    //==========================$_GET and SECURE========================
    if (!is_numeric($id)) {
        $id = 0;
    }
    $order_by = isset($_GET["order_by"]) ? $sql["char"]->quote_smart($_GET["order_by"]) : 'name';
    if (!preg_match('/^[[:lower:]]{1,6}$/', $order_by)) {
        $order_by = 'name';
    }
    $dir = isset($_GET["dir"]) ? $sql["char"]->quote_smart($_GET["dir"]) : 1;
    if (!preg_match('/^[01]{1}$/', $dir)) {
        $dir = 1;
    }
    $order_dir = $dir ? "ASC" : "DESC";
    $dir = $dir ? 0 : 1;
    //==========================$_GET and SECURE end========================
    if ($order_by === "map") {
        $order_by = "map " . $order_dir . ", zone";
    } elseif ($order_by === "zone") {
        $order_by = "zone " . $order_dir . ", map";
    }
    // getting character data from database
    if ($core == 1) {
        $result = $sql["char"]->query("SELECT acct, name, race, class, level, gender\r\n      FROM characters WHERE guid='" . $id . "' LIMIT 1");
    } else {
        $result = $sql["char"]->query("SELECT account AS acct, name, race, class, level, gender\r\n      FROM characters WHERE guid='" . $id . "' LIMIT 1");
    }
    if ($sql["char"]->num_rows($result)) {
        $char = $sql["char"]->fetch_assoc($result);
        // we get user permissions first
        $owner_acc_id = $sql["char"]->result($result, 0, "acct");
        if ($core == 1) {
            $result = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $char["acct"] . "'");
        } else {
            $result = $sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $char["acct"] . "'");
        }
        $owner_name = $sql["logon"]->result($result, 0, 'login');
        $s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='******'";
        $s_result = $sql["mgr"]->query($s_query);
        $s_fields = $sql["mgr"]->fetch_assoc($s_result);
        $owner_gmlvl = $s_fields["gm"];
        $view_mod = $s_fields["View_Mod_Friends"];
        if ($owner_gmlvl >= 1073741824) {
            $owner_gmlvl -= 1073741824;
        }
        // owner configured overrides
        $view_override = false;
        if ($view_mod > 0) {
            if ($view_mod == 1) {
            } elseif ($view_mod == 2) {
                // only registered users may view this page
                if ($user_lvl > -1) {
                    $view_override = true;
                }
            }
        }
        // visibility overrides for specific tabs
        $view_inv_override = false;
        if ($s_fields["View_Mod_Inv"] > 0) {
            if ($s_fields["View_Mod_Inv"] == 1) {
            } elseif ($s_fields["View_Mod_Inv"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_inv_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_inv_override = true;
            }
        }
        $view_talent_override = false;
        if ($s_fields["View_Mod_Talent"] > 0) {
            if ($s_fields["View_Mod_Talent"] == 1) {
            } elseif ($s_fields["View_Mod_Talent"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_talent_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_talent_override = true;
            }
        }
        $view_achieve_override = false;
        if ($s_fields["View_Mod_Achieve"] > 0) {
            if ($s_fields["View_Mod_Achieve"] == 1) {
            } elseif ($s_fields["View_Mod_Achieve"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_achieve_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_achieve_override = true;
            }
        }
        $view_quest_override = false;
        if ($s_fields["View_Mod_Quest"] > 0) {
            if ($s_fields["View_Mod_Quest"] == 1) {
            } elseif ($s_fields["View_Mod_Quest"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_quest_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_quest_override = true;
            }
        }
        $view_view_override = false;
        if ($s_fields["View_Mod_View"] > 0) {
            if ($s_fields["View_Mod_View"] == 1) {
            } elseif ($s_fields["View_Mod_View"] == 2) {
                // only registered users may view this tab
                if ($user_lvl > -1) {
                    $view_view_override = true;
                }
            }
        } else {
            if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
                $view_view_override = true;
            }
        }
        if ($view_override || $user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
            //------------------------Character Tabs---------------------------------
            // we start with a lead of 10 spaces,
            //  because last line of header is an opening tag with 8 spaces
            //  keep html indent in sync, so debuging from browser source would be easy to read
            $output .= '
            <script type="text/javascript">
              // <![CDATA[
                function wrap()
                {
                  if (getBrowserWidth() > 1024)
                  document.write(\'</table></td><td><table class="lined" id="ch_fri_large_screen">\');
                }
              // ]]>
            </script>
            <div class="tab">
              <ul>
                <li><a href="char.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>';
            if ($view_inv_override) {
                $output .= '
                <li><a href="char_inv.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "inventory") . '</a></li>';
            }
            if ($view_talent_override) {
                $output .= '
                ' . ($char["level"] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "talents") . '</a></li>') . '';
            }
            if ($view_achieve_override) {
                $output .= '
                <li><a href="char_achieve.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "achievements") . '</a></li>';
            }
            if ($view_quest_override) {
                $output .= '
                <li><a href="char_quest.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "quests") . '</a></li>';
            }
            $output .= '
                <li class="selected"><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "friends") . '</a></li>';
            if ($view_view_override) {
                $output .= '
                <li><a href="char_view.php?id=' . $id . '&amp;realm=' . $realmid . '">' . lang("char", "view") . '</a></li>';
            }
            $output .= '
              </ul>
            </div>
            <div class="tab_content center center_text">
              <span class="bold">
                ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' -
                <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . '
              </span>
              <br /><br />
              <table class="hidden" id="ch_fri_unk_1">
                <tr valign="top">
                  <td>
                    <table class="lined" id="ch_fri_unk_2">';
            // pre-build columns for friends/ignores table
            $friends_columns = '
                      <tr>
                        <th style="width: 1%;">
                          <a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=name&amp;dir=' . $dir . '"' . ($order_by === "name" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "name") . '</a>
                        </th>
                        <th style="width: 1%;">
                          <a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=race&amp;dir=' . $dir . '"' . ($order_by === "race" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "race") . '</a>
                        </th>
                        <th style="width: 1%;">
                          <a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=class&amp;dir=' . $dir . '"' . ($order_by === "class" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "class") . '</a>
                        </th>
                        <th style="width: 1%;">
                          <a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=level&amp;dir=' . $dir . '"' . ($order_by === "level" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "level") . '</a>
                        </th>
                        <th style="width: 1%;">
                          <a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=mapid&amp;dir=' . $dir . '"' . ($order_by === "map " . $order_dir . ", zone" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "map") . '</a>
                        </th>
                        <th style="width: 1%;">
                          <a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=zoneid&amp;dir=' . $dir . '"' . ($order_by === "zone " . $order_dir . ", map" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "zone") . '</a>
                        </th>
                        <th style="width: 1%;">
                          <a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '&amp;order_by=online&amp;dir=' . $dir . '"' . ($order_by === "online" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "online") . '</a>
                        </th>
                      </tr>';
            // get friends
            if ($core == 1) {
                $result = $sql["char"]->query("SELECT name, race, class, mapid, zoneid, level, gender, online, acct, guid\r\n          FROM characters WHERE guid IN (SELECT friend_guid FROM social_friends WHERE character_guid='" . $id . "') ORDER BY '" . $order_by . "' '" . $order_dir . "'");
            } else {
                $result = $sql["char"]->query("SELECT name, race, class, map AS mapid, zone AS zoneid, level, gender, online, account AS acct, guid\r\n          FROM characters WHERE guid IN (SELECT friend FROM character_social WHERE guid='" . $id . "' AND flags=1) ORDER BY '" . $order_by . "' '" . $order_dir . "'");
            }
            $output_temp = '<tr><td style="display: none;"></td></tr>';
            if ($sql["char"]->num_rows($result)) {
                $output_temp .= '
                      <tr>
                        <th colspan="7" class="center_text">
                          <span>' . lang("char", "friends") . '</span>
                        </th>
                      </tr>';
                // append columns
                $output_temp .= $friends_columns;
                while ($data = $sql["char"]->fetch_assoc($result)) {
                    if ($core == 1) {
                        $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $data["acct"] . "'"), 0, "gmlevel");
                    } else {
                        $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $data["acct"] . "'"), 0, "login");
                    }
                    $char_gm_level = $sql["mgr"]->result($sql["mgr"]->query("SELECT SecurityLevel AS gmlevel FROM config_accounts WHERE Login='******'"), 0, "gmlevel");
                    $output_temp .= '
                      <tr>
                        <td>';
                    if ($user_lvl >= $char_gm_level) {
                        $output_temp .= '
                          <a href="char.php?id=' . $data["guid"] . '">
                            <span>' . $data["name"] . '</span>
                          </a>';
                    } else {
                        $output_temp .= $data["name"];
                    }
                    $output_temp .= '
                        </td>
                        <td>
                          <img src="img/c_icons/' . $data["race"] . '-' . $data["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($data["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                        </td>
                        <td>
                          <img src="img/c_icons/' . $data["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($data["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                        </td>
                        <td>
                          <span>' . char_get_level_color($data["level"]) . '</span>
                        </td>
                        <td class="small">
                          <span onmousemove="oldtoolTip(\'MapID:' . $data["mapid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_map_name($data["mapid"]) . '</span>
                        </td>
                        <td class="small">
                          <span onmousemove="oldtoolTip(\'ZoneID:' . $data["zoneid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_zone_name($data["zoneid"]) . '</span>
                        </td>
                        <td>
                          <img src="img/' . ($data["online"] ? 'up' : 'down') . '.gif" alt="" />
                        </td>
                      </tr>';
                }
            } else {
                $output_temp .= '
                      <tr>
                        <th colspan="7" class="center_text">
                          <span>' . lang("char", "friends") . '</span>
                        </th>
                      </tr>';
                // append columns
                $output_temp .= $friends_columns;
                $output_temp .= '
                      <tr>
                        <td colspan="7">
                          <span>' . lang("char", "no_friends") . '</span>
                        </td>
                      </tr>';
            }
            $output_temp .= '
                      <tr>
                        <th colspan="7">&nbsp;</th>
                      </tr>';
            // get is friend of
            if ($core == 1) {
                $result = $sql["char"]->query("SELECT name, race, class, mapid, zoneid, level, gender, online, acct, guid\r\n          FROM characters WHERE guid IN (SELECT character_guid FROM social_friends WHERE friend_guid='" . $id . "') ORDER BY '" . $order_by . "' '" . $order_dir . "'");
            } else {
                $result = $sql["char"]->query("SELECT name, race, class, map AS mapid, zone AS zoneid, level, gender, online, account AS acct, guid\r\n          FROM characters WHERE guid IN (SELECT guid FROM character_social WHERE friend='" . $id . "' AND flags=1) ORDER BY '" . $order_by . "' '" . $order_dir . "'");
            }
            if ($sql["char"]->num_rows($result)) {
                $output_temp .= '
                      <tr>
                        <th colspan="7" class="center_text">
                          <span>' . lang("char", "friendof") . '</span>
                        </th>
                      </tr>';
                // append columns
                $output_temp .= $friends_columns;
                while ($data = $sql["char"]->fetch_assoc($result)) {
                    if ($core == 1) {
                        $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $data["acct"] . "'"), 0, "gmlevel");
                    } else {
                        $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $data["acct"] . "'"), 0, "login");
                    }
                    $char_gm_level = $sql["mgr"]->result($sql["mgr"]->query("SELECT SecurityLevel AS gmlevel FROM config_accounts WHERE Login='******'"), 0, "gmlevel");
                    $output_temp .= '
                      <tr>
                        <td>';
                    if ($user_lvl >= $char_gm_level) {
                        $output_temp .= '
                          <a href="char.php?id=' . $data["guid"] . '">
                            <span>' . $data["name"] . '</span>
                          </a>';
                    } else {
                        $output_temp .= $data["name"];
                    }
                    $output_temp .= '
                        </td>
                        <td>
                          <img src="img/c_icons/' . $data["race"] . '-' . $data["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($data["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                        </td>
                        <td>
                          <img src="img/c_icons/' . $data["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($data["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                        </td>
                        <td>
                        <span>' . char_get_level_color($data["level"]) . '</span>
                        </td>
                        <td class="small">
                          <span onmousemove="oldtoolTip(\'MapID:' . $data["mapid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_map_name($data["mapid"]) . '</span>
                        </td>
                        <td class="small">
                          <span onmousemove="oldtoolTip(\'ZoneID:' . $data["zoneid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_zone_name($data["zoneid"]) . '</span>
                        </td>
                        <td>
                          <img src="img/' . ($data["online"] ? 'up' : 'down') . '.gif" alt="" />
                        </td>
                      </tr>';
                }
            } else {
                $output_temp .= '
                      <tr>
                        <th colspan="7" class="center_text">
                          <span>' . lang("char", "friendof") . '</span>
                        </th>
                      </tr>';
                // append columns
                $output_temp .= $friends_columns;
                $output_temp .= '
                      <tr>
                        <td colspan="7">
                          <span>' . lang("char", "no_friend_of") . '</span>
                        </td>
                      </tr>';
            }
            $output_temp .= '
                      <tr>
                        <th colspan="7">&nbsp;</th>
                      </tr>';
            // get ignores
            if ($core == 1) {
                $result = $sql["char"]->query("SELECT name, race, class, mapid, zoneid, level, gender, online, acct, guid\r\n          FROM characters WHERE guid IN (SELECT ignore_guid FROM social_ignores WHERE character_guid='" . $id . "') ORDER BY '" . $order_by . "' '" . $order_dir . "'");
            } else {
                $result = $sql["char"]->query("SELECT name, race, class, map AS mapid, zone AS zoneid, level, gender, online, account AS acct, guid\r\n          FROM characters WHERE guid IN (SELECT friend FROM character_social WHERE guid='" . $id . "' AND flags=2) ORDER BY '" . $order_by . "' '" . $order_dir . "'");
            }
            if ($sql["char"]->num_rows($result)) {
                $output_temp .= '
                      <tr>
                        <th colspan="7" class="center_text">
                          <span>' . lang("char", "ignored") . '</span>
                        </th>
                      </tr>';
                // append columns
                $output_temp .= $friends_columns;
                while ($data = $sql["char"]->fetch_assoc($result)) {
                    if ($core == 1) {
                        $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $data["acct"] . "'"), 0, "gmlevel");
                    } else {
                        $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $data["acct"] . "'"), 0, "login");
                    }
                    $char_gm_level = $sql["mgr"]->result($sql["mgr"]->query("SELECT SecurityLevel AS gmlevel FROM config_accounts WHERE Login='******'"), 0, "gmlevel");
                    $output_temp .= '
                      <tr>
                        <td>';
                    if ($user_lvl >= $char_gm_level) {
                        $output_temp .= '
                          <a href="char.php?id=' . $data["guid"] . '">
                            <span>' . $data["name"] . '</span>
                          </a>';
                    } else {
                        $output_temp .= $data["name"];
                    }
                    $output_temp .= '
                        </td>
                        <td>
                          <img src="img/c_icons/' . $data["race"] . '-' . $data["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($data["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                        </td>
                        <td>
                          <img src="img/c_icons/' . $data["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($data["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                        </td>
                        <td>
                          <span>' . char_get_level_color($data["level"]) . '</span>
                        </td>
                        <td class="small">
                          <span onmousemove="oldtoolTip(\'MapID:' . $data["mapid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_map_name($data["mapid"]) . '</span>
                        </td>
                        <td class="small">
                          <span onmousemove="oldtoolTip(\'ZoneID:' . $data["zoneid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_zone_name($data["zoneid"]) . '</span>
                        </td>
                        <td>
                          <img src="img/' . ($data["online"] ? 'up' : 'down') . '.gif" alt="" />
                        </td>
                      </tr>';
                }
            } else {
                $output_temp .= '
                      <tr>
                        <th colspan="7" class="center_text">
                          <span>' . lang("char", "ignored") . '</span>
                        </th>
                      </tr>';
                // append columns
                $output_temp .= $friends_columns;
                $output_temp .= '
                      <tr>
                        <td colspan="7">
                          <span>' . lang("char", "no_ignores") . '</span>
                        </td>
                      </tr>';
            }
            $output_temp .= '
                      <tr>
                        <th colspan="7">&nbsp;</th>
                      </tr>';
            // get ignored by
            if ($core == 1) {
                $result = $sql["char"]->query("SELECT name, race, class, mapid, zoneid, level, gender, online, acct, guid\r\n          FROM characters WHERE guid IN (SELECT ignore_guid FROM social_ignores WHERE character_guid='" . $id . "') ORDER BY '" . $order_by . "' '" . $order_dir . "'");
            } else {
                $result = $sql["char"]->query("SELECT name, race, class, map AS mapid, zone AS zoneid, level, gender, online, account AS acct, guid\r\n          FROM characters WHERE guid IN (SELECT guid FROM character_social WHERE friend='" . $id . "' AND flags=2) ORDER BY '" . $order_by . "' '" . $order_dir . "'");
            }
            if ($sql["char"]->num_rows($result)) {
                $output_temp .= '
                      <tr>
                        <th colspan="7" class="center_text">
                          <span>' . lang("char", "ignoredby") . '</span>
                        </th>
                      </tr>';
                // append columns
                $output_temp .= $friends_columns;
                while ($data = $sql["char"]->fetch_assoc($result)) {
                    if ($core == 1) {
                        $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $data["acct"] . "'"), 0, "gmlevel");
                    } else {
                        $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $data["acct"] . "'"), 0, "login");
                    }
                    $char_gm_level = $sql["mgr"]->result($sql["mgr"]->query("SELECT SecurityLevel AS gmlevel FROM config_accounts WHERE Login='******'"), 0, "gmlevel");
                    $output_temp .= '
                      <tr>
                        <td>';
                    if ($user_lvl >= $char_gm_level) {
                        $output_temp .= '
                          <a href="char.php?id=' . $data["guid"] . '">
                            <span>' . $data["name"] . '</span>
                          </a>';
                    } else {
                        $output_temp .= $data["name"];
                    }
                    $output_temp .= '
                        </td>
                        <td>
                          <img src="img/c_icons/' . $data["race"] . '-' . $data["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($data["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                        </td>
                        <td>
                          <img src="img/c_icons/' . $data["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($data["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                        </td>
                        <td>
                          <span>' . char_get_level_color($data["level"]) . '</span>
                        </td>
                        <td class="small">
                          <span onmousemove="oldtoolTip(\'MapID:' . $data["mapid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_map_name($data["mapid"]) . '</span>
                        </td>
                        <td class="small">
                          <span onmousemove="oldtoolTip(\'ZoneID:' . $data["zoneid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_zone_name($data["zoneid"]) . '</span>
                        </td>
                        <td>
                          <img src="img/' . ($data["online"] ? 'up' : 'down') . '.gif" alt="" />
                        </td>
                      </tr>';
                }
            } else {
                $output_temp .= '
                      <tr>
                        <th colspan="7" class="center_text">
                          <span>' . lang("char", "ignoredby") . '</span>
                        </th>
                      </tr>';
                // append columns
                $output_temp .= $friends_columns;
                $output_temp .= '
                      <tr>
                        <td colspan="7">
                          <span>' . lang("char", "no_ignored_by") . '</span>
                        </td>
                      </tr>';
            }
            $output .= $output_temp;
            $output .= '
                    </table>
                  </td>';
            //---------------Page Specific Data Ends here----------------------------
            //---------------Character Tabs Footer-----------------------------------
            $output .= '
                </tr>
              </table>
            </div>
            <br />
            <table class="hidden center">
              <tr>
                <td>';
            // button to user account page, user account page has own security
            makebutton(lang("char", "chars_acc"), 'user.php?action=edit_user&amp;id=' . $owner_acc_id . '', 130);
            $output .= '
                </td>
                <td>';
            // only higher level GM with delete access can edit character
            //  character edit allows removal of character items, so delete permission is needed
            if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"]) {
                //makebutton($lang_char["edit_button"], 'char_edit.php?id='.$id.'&amp;realm='.$realmid.'', 130);
                $output .= '
                </td>
                <td>';
            }
            // only higher level GM with delete access, or character owner can delete character
            if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"] || $owner_name === $user_name) {
                makebutton(lang("char", "del_char"), 'char_list.php?action=del_char_form&amp;check%5B%5D=' . $id . '" type="wrn', 130);
                $output .= '
                </td>
                <td>';
            }
            // only GM with update permission can send mail, mail can send items, so update permission is needed
            if ($user_lvl >= $action_permission["update"]) {
                makebutton(lang("char", "send_mail"), 'mail.php?type=ingame_mail&amp;to=' . $char["name"] . '', 130);
                $output .= '
                </td>
                <td>';
            }
            makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130);
            $output .= '
                </td>
              </tr>
            </table>
            <br />
          <!-- end of char_friends.php -->';
        } else {
            error(lang("char", "no_permission"));
        }
    } else {
        error(lang("char", "no_char_found"));
    }
}
Esempio n. 27
0
function view_guild()
{
    global $lang_guild, $lang_global, $output, $realm_db, $characters_db, $mmfpm_db, $realm_id, $itemperpage, $action_permission, $user_lvl, $user_id, $showcountryflag;
    if (!isset($_GET['id'])) {
        redirect("guild.php?error=1&amp;realm={$realmid}");
    }
    $sqlr = new SQL();
    $sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
    if (empty($_GET['realm'])) {
        $realmid = $realm_id;
    } else {
        $realmid = $sqlr->quote_smart($_GET['realm']);
        if (!is_numeric($realmid)) {
            $realmid = $realm_id;
        }
    }
    $sqlc = new SQL();
    $sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']);
    $guild_id = $sqlc->quote_smart($_GET['id']);
    if (is_numeric($guild_id)) {
    } else {
        redirect("guild.php?error=6&amp;realm={$realmid}");
    }
    //==========================SQL INGUILD and GUILDLEADER======================
    $q_inguild = $sqlc->query("select 1 from guild_member where guildid = '{$guild_id}' and guid in (select guid from characters where account = '{$user_id}')");
    $inguild = $sqlc->result($q_inguild, 0, '1');
    if ($user_lvl < $action_permission['update'] && !$inguild) {
        redirect("guild.php?error=6&amp;realm={$realmid}");
    }
    $q_amIguildleader = $sqlc->query("select 1 from guild where guildid = '{$guild_id}' and leaderguid in (select guid from characters where account = '{$user_id}')");
    $amIguildleader = $sqlc->result($q_amIguildleader, 0, '1');
    $q_guildmemberCount = $sqlc->query("SELECT 1 from guild_member where guildid = '{$guild_id}'");
    $guildmemberCount = $sqlc->num_rows($q_guildmemberCount);
    //====================SQL INGUILD and GUILDLEADER end========================
    //==========================$_GET and SECURE=================================
    $start = isset($_GET['start']) ? $sqlc->quote_smart($_GET['start']) : 0;
    if (is_numeric($start)) {
    } else {
        $start = 0;
    }
    $order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : "mrank";
    if (!preg_match("/^[_[:lower:]]{1,10}\$/", $order_by)) {
        $order_by = "mrank";
    }
    $dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 1;
    if (!preg_match("/^[01]{1}\$/", $dir)) {
        $dir = 1;
    }
    $order_dir = $dir ? "ASC" : "DESC";
    $dir = $dir ? 0 : 1;
    //==========================$_GET and SECURE end=============================
    $query = $sqlc->query("SELECT guildid, name, info, MOTD, createdate,\r\n    (select count(*) from guild_member where guildid = '{$guild_id}') as mtotal,\r\n    (select count(*) from guild_member where guildid = '{$guild_id}' and guid in\r\n    (select guid from characters where online = 1)) as monline\r\n    FROM guild WHERE guildid = '{$guild_id}'");
    $guild_data = $sqlc->fetch_row($query);
    $output .= "\r\n<center>\r\n\t<div id=\"tab_content\">\r\n\t\t<div id=\"tab\">\r\n\t\t\t<ul>\r\n\t\t\t\t<li id=\"selected\"><a href=\"guild.php?action=view_guild&amp;realm={$realmid}&amp;error=3&amp;id={$guild_data['0']}\">" . $lang_guild['members'] . "</a></li>\r\n\t\t\t\t<li><a href=\"guildbank.php?id={$guild_id}&amp;realm={$realmid}\">" . $lang_guild['guildbank'] . "</a></li>\r\n\t\t\t</ul>\r\n\t\t</div>\r\n";
    $output .= "\r\n        <script type=\"text/javascript\">\r\n          answerbox.btn_ok='{$lang_global['yes']}';\r\n          answerbox.btn_cancel='{$lang_global['no']}';\r\n        </script>\r\n\t\t<div id=\"tab_content2\">\r\n\t\t\t<table class=\"hidden\" style=\"width: 100%;\">\r\n              <tr>\r\n                <td>\r\n                  <table class=\"lined\"style=\"width: 100%;\">\r\n                    <tr>\r\n                      <td width=\"25%\"><b>{$lang_guild['create_date']}:</b><br />" . date('o-m-d', $guild_data[4]) . "</td>\r\n                      <td width=\"50%\" class=\"bold\">{$guild_data['1']}</td>\r\n                      <td width=\"25%\"><b>{$lang_guild['tot_m_online']}:</b><br />{$guild_data['6']} / {$guild_data['5']}</td>\r\n                    </tr>";
    if ($guild_data[2] != '') {
        $output .= "\r\n                    <tr>\r\n                      <td colspan=\"3\"><b>{$lang_guild['info']}:</b><br />{$guild_data['2']}</td>\r\n                    </tr>";
    }
    if ($guild_data[3] != '') {
        $output .= "\r\n                    <tr>\r\n                      <td colspan=\"3\"><b>{$lang_guild['motd']}:</b><br />{$guild_data['3']}</td>\r\n                    </tr>";
    }
    $output .= "\r\n                  </table>\r\n                </td>\r\n              </tr>\r\n              <tr>\r\n                <td align=\"right\">" . generate_pagination("guild.php?action=view_guild&amp;realm={$realmid}&amp;id={$guild_id}&amp;order_by={$order_by}&amp;dir=" . ($dir ? 0 : 1) . "", $guildmemberCount, $itemperpage, $start) . "</td>\r\n              </tr>\r\n              <tr>\r\n                <td>\r\n                  <table class=\"lined\" style=\"width: 100%;\">\r\n                    <tr>\r\n                      <th width=\"1%\">{$lang_guild['remove']}</th>\r\n                      <th width=\"20%\"><a href=\"guild.php?action=view_guild&amp;error=3&amp;realm={$realmid}&amp;id={$guild_id}&amp;order_by=cname&amp;start={$start}&amp;dir={$dir}\">" . ($order_by == 'cname' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" alt=\"\" /> " : "") . "{$lang_guild['name']}</a></th>\r\n                      <th width=\"1%\"><a href=\"guild.php?action=view_guild&amp;error=3&amp;realm={$realmid}&amp;id={$guild_id}&amp;order_by=crace&amp;start={$start}&amp;dir={$dir}\">" . ($order_by == 'crace' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" alt=\"\" /> " : "") . "{$lang_guild['race']}</a></th>\r\n                      <th width=\"1%\"><a href=\"guild.php?action=view_guild&amp;error=3&amp;realm={$realmid}&amp;id={$guild_id}&amp;order_by=class&amp;start={$start}&amp;dir={$dir}\">" . ($order_by == 'cclass' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" alt=\"\" /> " : "") . "{$lang_guild['class']}</a></th>\r\n                      <th width=\"1%\"><a href=\"guild.php?action=view_guild&amp;error=3&amp;realm={$realmid}&amp;id={$guild_id}&amp;order_by=clevel&amp;start={$start}&amp;dir={$dir}\">" . ($order_by == 'clevel' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" alt=\"\" /> " : "") . "{$lang_guild['level']}</a></th>\r\n                      <th width=\"23%\"><a href=\"guild.php?action=view_guild&amp;error=3&amp;realm={$realmid}&amp;id={$guild_id}&amp;order_by=mrank&amp;start={$start}&amp;dir={$dir}\">" . ($order_by == 'mrank' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" alt=\"\" /> " : "") . "{$lang_guild['rank']}</a></th>\r\n                      <th width=\"25%\">{$lang_guild['pnote']}</th>\r\n                      <th width=\"25%\">{$lang_guild['offnote']}</th>\r\n                      <th width=\"1%\"><a href=\"guild.php?action=view_guild&amp;error=3&amp;realm={$realmid}&amp;id={$guild_id}&amp;order_by=clogout&amp;start={$start}&amp;dir={$dir}\">" . ($order_by == 'clogout' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" alt=\"\" /> " : "") . "{$lang_guild['llogin']}</a></th>\r\n                      <th width=\"1%\"><a href=\"guild.php?action=view_guild&amp;error=3&amp;realm={$realmid}&amp;id={$guild_id}&amp;order_by=conline&amp;start={$start}&amp;dir={$dir}\">" . ($order_by == 'conline' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" alt=\"\" /> " : "") . "{$lang_guild['online']}</a></th>";
    if ($showcountryflag) {
        require_once 'libs/misc_lib.php';
        $sqlm = new SQL();
        $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
        $output .= "\r\n                      <th width=\"1%\">{$lang_global['country']}</th>";
    }
    $output .= "\r\n                    </tr>";
    $members = $sqlc->query("SELECT gm.guid as cguid, c.name as cname, c.`race` as crace ,c.`class` as cclass,\r\n    c.`level` AS clevel,\r\n    gm.rank AS mrank, (SELECT rname FROM guild_rank WHERE guildid ='{$guild_id}' AND rid = mrank) AS rname,\r\n    gm.Pnote, gm.OFFnote, gender,\r\n    c.`online` as conline, c.`account`, c.`logout_time` as clogout\r\n    FROM guild_member as gm left outer join characters as c on c.guid = gm.guid\r\n    WHERE gm.guildid = '{$guild_id}' ORDER BY {$order_by} {$order_dir} LIMIT {$start}, {$itemperpage}");
    while ($member = $sqlr->fetch_row($members)) {
        $result = $sqlr->query("SELECT gmlevel FROM account WHERE id ='{$member['11']}'");
        $owner_gmlvl = $sqlr->result($result, 0, 'gmlevel');
        $output .= "\r\n                    <tr>";
        // gm, gildleader or own account! are allowed to remove from guild
        $output .= $user_lvl >= $action_permission['delete'] || $amIguildleader || $member[11] == $user_id ? "\r\n                      <td>\r\n                        <img src=\"img/aff_cross.png\" alt=\"\" onclick=\"answerBox('{$lang_global['delete']}: &lt;font color=white&gt;{$member[1]}&lt;/font&gt;&lt;br /&gt;{$lang_global['are_you_sure']}', 'guild.php?action=rem_char_from_guild&amp;realm={$realmid}&amp;id={$member['0']}&amp;guld_id={$guild_id}');\" style=\"cursor:pointer;\" />\r\n                      </td>" : "\r\n                      <td>\r\n                      </td>";
        $output .= $user_lvl < $owner_gmlvl ? "\r\n                      <td>" . htmlentities($member[1]) . "</td>" : "\r\n                      <td><a href=\"char.php?id={$member['0']}&amp;realm={$realmid}\">" . htmlentities($member[1]) . "</a></td>";
        $output .= "\r\n                      <td><img src='img/c_icons/{$member[2]}-{$member[9]}.gif' onmousemove='toolTip(\"" . char_get_race_name($member[2]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" /></td>\r\n                      <td><img src='img/c_icons/{$member[3]}.gif' onmousemove='toolTip(\"" . char_get_class_name($member[3]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" /></td>\r\n                      <td>" . char_get_level_color($member[4]) . "</td>\r\n                      <td>" . htmlentities($member[6]) . " (" . $member[5] . ")</td>\r\n                      <td>" . htmlentities($member[7]) . "</td>\r\n                      <td>" . htmlentities($member[8]) . "</td>\r\n                      <td>" . get_days_with_color($member[12]) . "</td>\r\n                      <td>" . ($member[10] ? "<img src=\"img/up.gif\" alt=\"\" />" : "-") . "</td>";
        if ($showcountryflag) {
            $country = misc_get_country_by_account($member[11], $sqlr, $sqlm);
            $output .= "\r\n                      <td>" . ($country['code'] ? "<img src='img/flags/" . $country['code'] . ".png' onmousemove='toolTip(\"" . $country['country'] . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" />" : "-") . "</td>";
        }
        $output .= "\r\n                    </tr>";
    }
    unset($member);
    $output .= "\r\n                  </table>\r\n                </td>\r\n              </tr>\r\n              <tr>\r\n                <td align=\"right\">" . generate_pagination("guild.php?action=view_guild&amp;error=3&amp;realm={$realmid}&amp;id={$guild_id}&amp;order_by={$order_by}&amp;dir=" . !$dir, $guildmemberCount, $itemperpage, $start) . "</td>\r\n              </tr>\r\n            </table>\r\n\t\t</div>\r\n\t</div>\r\n            <br />";
    $output .= "\r\n            <table class=\"hidden\">\r\n              <tr>\r\n                <td>";
    if ($user_lvl >= $action_permission['delete'] || $amIguildleader) {
        makebutton($lang_guild['del_guild'], "guild.php?action=del_guild&amp;realm={$realmid}&amp;id={$guild_id}\" type=\"wrn", 130);
        $output .= "\r\n                </td>\r\n                <td>";
    }
    makebutton($lang_guild['show_guilds'], "guild.php?realm={$realmid}\" type=\"def", 130);
    $output .= "\r\n                </td>\r\n              </tr>\r\n            </table>\r\n\t</center>\r\n";
}
Esempio n. 28
0
$output .= '
    <div id="tab">
        <ul>
            <li><a href="char.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li>
            <li><a href="char_inv.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['inventory'] . '</a></li>
            <li><a href="char_extra.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['extra'] . '</a></li>
            ' . ($char['level'] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['talents'] . '</a></li>') . '
            <li><a href="char_achieve.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['achievements'] . '</a></li>
            <li><a href="char_rep.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['reputation'] . '</a></li>
            <li><a href="char_skill.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['skills'] . '</a></li>
            <li><a href="char_quest.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['quests'] . '</a></li>';
if (char_get_class_name($char['class']) === 'Hunter') {
    $output .= '
            <li><a href="char_pets.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['pets'] . '</a></li>';
}
$output .= '
            <li><a href="char_friends.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['friends'] . '</a></li>
            <li><a href="char_spell.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['spells'] . '</a></li>
            <li><a href="char_mail.php?id=' . $id . '&amp;realm=' . $realmid . '">' . $lang_char['mail'] . '</a></li>
        </ul>
    </div>';
$output .= '
    <div id="tab_content2">
        <font class="bold">
            ' . htmlentities($char['name']) . ' -
            <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif"
            onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />
            <img src="img/c_icons/' . $char['class'] . '.gif"
            onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . '
        </font>';
Esempio n. 29
0
function choosename()
{
    global $output, $action_permission, $characters_db, $realm_id, $user_id, $user_name, $name_credits, $sql, $core;
    valid_login($action_permission["view"]);
    $guid = $sql["char"]->quote_smart($_GET["char"]);
    $new1 = "";
    if (isset($_GET["new1"])) {
        $new1 = $sql["char"]->quote_smart($_GET["new1"]);
    }
    $new2 = "";
    if (isset($_GET["new2"])) {
        $new2 = $sql["char"]->quote_smart($_GET["new2"]);
    }
    $query = "SELECT * FROM characters WHERE guid='" . $guid . "'";
    $char = $sql["char"]->fetch_assoc($sql["char"]->query($query));
    // credits
    if ($name_credits >= 0) {
        // get our credit balance
        $cr_query = "SELECT Credits FROM config_accounts WHERE Login='******'";
        $cr_result = $sql["mgr"]->query($cr_query);
        $cr_result = $sql["mgr"]->fetch_assoc($cr_result);
        $credits = $cr_result["Credits"];
    }
    $output .= '
          <div id="xname_fieldset" class="fieldset_border center">
            <span class="legend">' . lang("xname", "choosename") . '</span>
            <form method="get" action="change_char_name.php" id="form">
              <div>
                <input type="hidden" name="action" value="getapproval" />
                <input type="hidden" name="guid" value="' . $char["guid"] . '" />
              </div>
              <table id="xname_char_table" class="center">
                <tr>
                  <td rowspan="4" style="width: 170px;">
                    <div style="width: 64px; margin-left: auto; margin-right: auto;">
                      <img src="' . char_get_avatar_img($char["level"], $char["gender"], $char["race"], $char["class"]) . '" alt="" />
                    </div>
                  </td>
                  <td>
                    <span class="xname_char_name">' . $char["name"] . '</span>
                  </td>
                </tr>
                <tr>
                  <td>' . lang("xname", "level") . ': ' . $char["level"] . '</td>
                </tr>
                <tr>
                  <td>' . lang("xname", "race") . ': ' . char_get_race_name($char["race"]) . '</td>
                </tr>
                <tr>
                  <td>' . lang("xname", "class") . ': ' . char_get_class_name($char["class"]) . '</td>
                </tr>
                <tr>
                  <td>&nbsp;</td>
                </tr>';
    if ($name_credits > 0) {
        $cost_line = lang("xname", "credit_cost");
        $cost_line = str_replace("%1", '<b>' . $name_credits . '</b>', $cost_line);
        $output .= '
                <tr>
                  <td colspan="2">' . $cost_line . '</td>
                </tr>';
        if ($credits >= 0) {
            $credit_balance = lang("xname", "credit_balance");
            $credit_balance = str_replace("%1", '<b>' . (double) $credits . '</b>', $credit_balance);
            $output .= '
                <tr>
                  <td colspan="2">' . $credit_balance . '</td>
                </tr>';
            if ($credits < $name_credits) {
                $output .= '
                <tr>
                  <td colspan="2">' . lang("xname", "insufficient_credits") . '</td>
                </tr>';
            } else {
                $output .= '
                <tr>
                  <td colspan="2">&nbsp;</td>
                </tr>
                <tr>
                  <td colspan="2">' . lang("xname", "delay_warning") . '</td>
                </tr>';
            }
        } else {
            $output .= '
                <tr>
                  <td colspan="2">' . lang("global", "credits_unlimited") . '</td>
                </tr>';
        }
        $output .= '
                <tr>
                  <td colspan="2">&nbsp;</td>
                </tr>';
    }
    $output .= '
                <tr>
                  <td colspan="2"><b>' . lang("xname", "entername") . ':</b></td>
                </tr>
                <tr>
                  <td>' . lang("xname", "newname") . ':</td>
                  <td><input type="text" name="new1" value="' . $new1 . '" maxlength="12" style="width: 110px;" /></td>
                </tr>
                <tr>
                  <td>' . lang("xname", "confirmname") . ':</td>
                  <td><input type="text" name="new2" value="' . $new1 . '" maxlength="12" style="width: 110px;" /></td>
                </tr>';
    // if we have unlimited credits, then we fake our credit balance here
    $credits = $credits < 0 ? $name_credits : $credits;
    if ($name_credits <= 0 || $credits >= $name_credits) {
        $output .= '
                <tr>
                  <td colspan="2">&nbsp;</td>
                </tr>
                <tr>
                  <td colspan="2">';
        makebutton(lang("xname", "save"), "javascript:do_submit()", 180);
        $output .= '
                  </td>
                  <td>&nbsp;</td>
                </tr>';
    }
    $output .= '
              </table>
            </form>
          </div>
          <br />';
}
Esempio n. 30
0
function main()
{
    global $output, $realm_id, $world_db, $logon_db, $characters_db, $corem_db, $server, $action_permission, $user_lvl, $user_id, $site_encoding, $hide_coupons, $locales_search_option, $base_datasite, $item_datasite, $showcountryflag, $gm_online_count, $gm_online, $itemperpage, $hide_uptime, $player_online, $hide_max_players, $hide_avg_latency, $hide_plr_latency, $hide_server_mem, $sql, $core;
    // do any raffle drawings that are necessary
    do_raffles();
    // check achievement contests
    do_contests();
    $output .= '
          <div class="top">';
    //---------------------Information for Explorer Users--------------------------
    if (preg_match("/MSIE/", $_SERVER["HTTP_USER_AGENT"])) {
        $msie = '
            <br />
              <span id="index_explorer_warning">' . lang("index", "explorer_warn") . '</span>
            <br />';
    } else {
        $msie = '';
    }
    //-----------------------------------------------------------------------------
    if (test_port($server[$realm_id]["addr"], $server[$realm_id]["game_port"])) {
        if ($core == 1) {
            $stats = get_uptime($server[$realm_id]["stats.xml"]);
            $staticUptime = ' <em>' . htmlentities(get_realm_name($realm_id), ENT_COMPAT, $site_encoding) . '</em> <br />' . $stats["platform"][4] . ' ' . $stats["platform"][5] . ' ' . $stats["platform"][6];
            if (!$hide_uptime) {
                $staticUptime .= '<br />' . lang("index", "online") . ' for ' . $stats["uptime"];
            }
            $output .= '
            <div id="uptime">' . $msie . '
              <h1>
                <span id="index_realm_info">
                  <span>' . $staticUptime . '</span>';
            if (!$hide_max_players) {
                $output .= '
                  <br />
                  <span>' . lang("index", "maxplayers") . ': </span>
                  <span class="index_realm_info_value">' . $stats["peak"] . '</span>';
            }
            if (!$hide_avg_latency) {
                $output .= '
                  <br />
                  <span>' . lang("index", "avglat") . ': </span>
                  <span class="index_realm_info_value">' . $stats["avglat"] . '</span>';
            }
            $output .= '
                  <br />';
            if ($hide_server_mem != 0) {
                if ($hide_server_mem == 2 || $user_lvl == $action_permission["delete"]) {
                    $output .= '
                  <span>' . lang("index", "cpu") . ': </span>
                  <span class="index_realm_info_value">' . $stats["cpu"] . '%, </span>
                  <span>' . lang("index", "ram") . ': </span>
                  <span class="index_realm_info_value">' . $stats["ram"] . ' MB, </span>
                  <span>' . lang("index", "threads") . ': </span>
                  <span class="index_realm_info_value">' . $stats["threads"] . '</span>';
                }
            }
            $output .= '
               </span>
              </h1>
            </div>';
        } else {
            $stats = $sql["logon"]->fetch_assoc($sql["logon"]->query("SELECT starttime, maxplayers FROM uptime WHERE realmid='" . $realm_id . "' ORDER BY starttime DESC LIMIT 1"), 0);
            $uptimetime = time() - $stats["starttime"];
            // a more reliable method of counting how many characters have been online since server start
            //$maxplayers_query = "SELECT COUNT(*) FROM `".$characters_db[$realm_id]["name"]."`.characters WHERE logout_time>='".$stats["starttime"]."' AND logout_time>=(SELECT UNIX_TIMESTAMP(last_login) FROM `".$logon_db["name"]."`.account WHERE id=`".$characters_db[$realm_id]["name"]."`.characters.account)";
            //$maxplayers_result = $sql["char"]->query($maxplayers_query);
            //$maxplayers_result = $sql["char"]->fetch_assoc($maxplayers_result);
            //$stats["maxplayers"] = $maxplayers_result["COUNT(*)"];
            function format_uptime($seconds)
            {
                $secs = intval($seconds % 60);
                $mins = intval($seconds / 60 % 60);
                $hours = intval($seconds / 3600 % 24);
                $days = intval($seconds / 86400);
                if ($days > 365) {
                    $days = intval($seconds / 86400 % 365.24);
                    $years = intval($seconds / 31556926);
                }
                $uptimeString = '';
                if ($years) {
                    // we have a server that has been up for over a year? O_o
                    // actually, it's probably because the server didn't write a useful
                    // value to the uptime table's starttime field.
                    $uptimeString .= $years;
                    $uptimeString .= $years == 1 ? ' ' . lang("index", "uptime_year") : ' ' . lang("index", "uptime_years");
                    if ($days) {
                        $uptimeString .= ($years > 0 ? ', ' : '') . $days;
                        $uptimeString .= $days == 1 ? ' ' . lang("index", "uptime_day") : ' ' . lang("index", "uptime_days");
                    }
                } else {
                    if ($days) {
                        $uptimeString .= $days;
                        $uptimeString .= $days == 1 ? ' ' . lang("index", "uptime_day") : ' ' . lang("index", "uptime_days");
                    }
                }
                if ($hours) {
                    $uptimeString .= ($days > 0 ? ', ' : '') . $hours;
                    $uptimeString .= $hours == 1 ? ' ' . lang("index", "uptime_hour") : ' ' . lang("index", "uptime_hours");
                }
                if ($mins) {
                    $uptimeString .= ($days > 0 || $hours > 0 ? ', ' : '') . $mins;
                    $uptimeString .= $mins == 1 ? ' ' . lang("index", "uptime_minute") : ' ' . lang("index", "uptime_minutes");
                }
                if ($secs) {
                    $uptimeString .= ($days > 0 || $hours > 0 || $mins > 0 ? ', ' : '') . $secs;
                    $uptimeString .= $secs == 1 ? ' ' . lang("index", "uptime_second") : ' ' . lang("index", "uptime_seconds");
                }
                return $uptimeString;
            }
            $staticUptime = ' <em>' . htmlentities(get_realm_name($realm_id), ENT_COMPAT, $site_encoding) . '</em> ';
            if (!$hide_uptime) {
                if ($stats["starttime"] != 0) {
                    $staticUptime .= '<br /><span>' . lang("index", "online") . format_uptime($uptimetime) . '</span>';
                } else {
                    $staticUptime .= '<br /><span style="color:orange">' . lang("index", "time_error1") . ': <br>' . format_uptime($uptimetime) . '</span><br><span style="color:red">' . lang("index", "time_error2") . '</span>';
                }
            }
            unset($uptimetime);
            $output .= '
            <div id="uptime">' . $msie . '
              <h1>
                <span id="index_realm_info">' . $staticUptime;
            if (!$hide_max_players) {
                $output .= '
                  <br />
                  <span>' . lang("index", "maxplayers") . ': </span>
                  <span class="index_realm_info_value">' . $stats["maxplayers"] . '</span>';
            }
            // this_is_junk: MaNGOS doesn't store player latency. :/
            if ($core == 3) {
                if (!$hide_avg_latency) {
                    $lat_query = "SELECT SUM(latency), COUNT(*) FROM characters WHERE online=1";
                    $lat_result = $sql["char"]->query($lat_query);
                    $lat_fields = $sql["char"]->fetch_assoc($lat_result);
                    $avglat = sprintf("%.3f", $lat_fields["SUM(latency)"] / $lat_fields["COUNT(*)"]);
                    $output .= '
                    <br />
                    <span>' . lang("index", "avglat") . ': </span>
                    <span class="index_realm_info_value">' . $avglat . '</span>';
                }
            }
            $output .= '
                </span>
              </h1>
            </div>';
            unset($stats);
            $online = true;
        }
        unset($staticUptime);
        //unset($stats);
        $online = true;
    } else {
        $output .= $msie . '<h1><span class="error">' . lang("index", "realm") . ' <em>' . htmlentities(get_realm_name($realm_id), ENT_COMPAT, $site_encoding) . '</em> ' . lang("index", "offline_or_let_high") . '</span></h1>';
        $online = false;
    }
    //close the div
    $output .= '
          </div>';
    // MOTDs
    // get our MotDs...
    $motd = "";
    $motd_result = $sql["mgr"]->query("SELECT *, UNIX_TIMESTAMP(Created) AS Created, UNIX_TIMESTAMP(Last_Edited) AS Last_Edited FROM motd WHERE Enabled<>0 AND (Target='" . $user_id . "' OR Target=0) ORDER BY Priority ASC");
    // if we don't get any MotDs, it'll stay empty
    if ($user_lvl >= $action_permission["update"]) {
        $output .= '
          <script type="text/javascript">
            // <![CDATA[
              answerbox.btn_ok = "' . lang("global", "yes_low") . '";
              answerbox.btn_cancel = "' . lang("global", "no") . '";
              var del_motd = "motd.php?action=delete_motd&amp;id=";
            // ]]>
          </script>';
    }
    if ($sql["mgr"]->num_rows($motd_result) > 0) {
        $output .= '
            <div class="div_lined">
              <div class="div_lined_head">
                <span>' . lang("index", "motd") . '</span>
              </div>';
    }
    while ($temp = $sql["mgr"]->fetch_assoc($motd_result)) {
        if ($user_lvl >= $temp["Min_Sec_Level"]) {
            $motd = bb2html($temp["Message"]) . "<br /><br />";
            if ($motd) {
                if ($temp["Target"] != 0) {
                    $output .= '
                <div class="div_lined_line left_text">' . lang("motd", "private") . '</div>';
                }
                $output .= '
                <div class="div_lined_line left_text">';
                $output .= $motd;
                $output .= '
                  <br />';
                // Get User Name for poster
                if ($core == 1) {
                    $posted_name_query = "SELECT login FROM accounts WHERE acct='" . $temp["Created_By"] . "'";
                } else {
                    $posted_name_query = "SELECT username AS login FROM account WHERE id='" . $temp["Created_By"] . "'";
                }
                $posted_name_result = $sql["logon"]->query($posted_name_query);
                $posted_name = $sql["logon"]->fetch_assoc($posted_name_result);
                $posted_name = $posted_name["login"];
                // Get Screen Name for poster, if available
                $posted_screenname_query = "SELECT ScreenName FROM config_accounts WHERE Login='******'";
                $posted_screenname_result = $sql["mgr"]->query($posted_screenname_query);
                $posted_screenname = $sql["mgr"]->fetch_assoc($posted_screenname_result);
                if ($posted_screenname["ScreenName"] != NULL) {
                    $posted_name = htmlspecialchars($posted_screenname["ScreenName"]);
                }
                // if the Server Message is posted by the system, Created_By will be zero
                if ($temp["Created_By"] != 0) {
                    $output .= '
                  <span>' . lang("motd", "posted_by") . ':</span>';
                    if ($user_lvl > -1) {
                        $output .= '
                  <a href="user.php?action=edit_user&amp;error=11&amp;acct=' . $temp["Created_By"] . '">';
                    }
                    $output .= '
                    <span>' . $posted_name . '</span>';
                    if ($user_lvl > -1) {
                        $output .= '
                  </a>';
                    }
                    $output .= '
                  <span>(' . date("M d, Y @ H:i:s", $temp["Created"]) . ')</span>';
                } else {
                    $output .= '
                  <span>' . lang("motd", "posted") . ': ' . date("M d, Y @ H:i:s", $temp["Created"]) . '</span>';
                }
                // Get User Name for last editor
                if ($core == 1) {
                    $edited_name_query = "SELECT login FROM accounts WHERE acct='" . $temp["Last_Edited_By"] . "'";
                } else {
                    $edited_name_query = "SELECT username AS login FROM account WHERE id='" . $temp["Last_Edited_By"] . "'";
                }
                $edited_name_result = $sql["logon"]->query($edited_name_query);
                $edited_name = $sql["logon"]->fetch_assoc($edited_name_result);
                $edited_name = $edited_name["login"];
                // Get Screen Name for last editor, if available
                $edited_screenname_query = "SELECT ScreenName FROM config_accounts WHERE Login='******'";
                $edited_screenname_result = $sql["mgr"]->query($edited_screenname_query);
                $edited_screenname = $sql["mgr"]->fetch_assoc($edited_screenname_result);
                if ($edited_screenname["ScreenName"] != NULL) {
                    $edited_name = htmlspecialchars($edited_screenname["ScreenName"]);
                }
                if ($temp["Last_Edited_By"] != 0) {
                    $output .= '
                  <br />
                  <div>
                    <span>' . lang("motd", "edited_by") . ':</span>';
                    if ($user_lvl > -1) {
                        $output .= '
                    <a href="user.php?action=edit_user&amp;error=11&amp;acct=' . $temp["Last_Edited_By"] . '">';
                    }
                    $output .= '
                      <span>' . $edited_name . '</span>';
                    if ($user_lvl > -1) {
                        $output .= '
                    </a>';
                    }
                    $output .= '
                    <span>(' . date("M d, Y @ H:i:s", $temp["Last_Edited"]) . ')</span>
                  </div>';
                }
                $output .= '
                </div>';
                if ($user_lvl >= $action_permission["update"]) {
                    $output .= '
                <div class="div_lined_line right_text">
                  <img src="img/aff_cross.png" width="16" height="16" onclick="answerBox(\'' . lang("global", "delete") . ': &lt;font color=white&gt;' . $temp["ID"] . '&lt;/font&gt;&lt;br /&gt;' . lang("global", "are_you_sure") . '\', del_motd + ' . $temp["ID"] . ');" alt="" />';
                }
                if ($user_lvl >= $action_permission["update"]) {
                    $output .= '
                  <a href="motd.php?action=edit_motd&amp;error=3&amp;id=' . $temp["ID"] . '">
                    <img src="img/edit.png" width="16" height="16" alt="" />
                  </a>
                </div>';
                }
                $output .= '
                <br />';
            }
        }
    }
    if ($sql["mgr"]->num_rows($motd_result)) {
        $output = substr($output, 0, strlen($output) - 24);
    }
    if ($sql["mgr"]->num_rows($motd_result) > 0) {
        $output .= '
            </div>';
    }
    if ($user_lvl >= $action_permission["insert"]) {
        $output .= '
            <div class="div_lined">
              <div class="div_lined_head right_text">
                <a href="motd.php?action=add_motd&amp;error=4">' . lang("index", "add_motd") . '</a>
              </div>
            </div>';
    }
    // Coupons
    if (!$hide_coupons) {
        $coupon_query = "SELECT * FROM point_system_coupons WHERE ((target='0' AND contest='0') OR target='" . $user_id . "') AND enabled='1'";
        $coupon_result = $sql["mgr"]->query($coupon_query);
        if ($sql["mgr"]->num_rows($coupon_result) > 0) {
            $output .= '
            <br />
            <div class="div_lined">
              <div class="div_lined_head">
                <span>' . lang("index", "avail_coupons") . '</span>
              </div>';
            while ($coupon = $sql["mgr"]->fetch_assoc($coupon_result)) {
                $usage_query = "SELECT * FROM point_system_coupon_usage WHERE coupon='" . $coupon["entry"] . "' AND user='******'";
                $usage_result = $sql["mgr"]->query($usage_query);
                if ($sql["mgr"]->num_rows($usage_result) < $coupon["usage_limit"] || $coupon["usage_limit"] == -1) {
                    $output .= '
              <div class="div_lined_line left_text">
                <span>' . $coupon["title"] . '</span>
              </div>';
                    if ($coupon["text"] != "") {
                        $output .= '
              <div class="div_lined_line left_text">
                <span>' . $coupon["text"] . '</span>
              </div>';
                    }
                    if ($coupon["credits"] != 0 || $coupon["money"] != 0 || $coupon["item_id"] != 0 || $coupon["raffle_id"] != 0) {
                        $output .= '
              <div class="div_lined_line left_text">
                <span>' . lang("index", "coupon_value") . ':</span>';
                        if ($coupon["credits"] > 0) {
                            if ($coupon["credits"] > 1) {
                                $tip = lang("index", "coupon_credits");
                            } else {
                                $tip = lang("index", "coupon_credit");
                            }
                            $output .= '
                <br />
                <br />
                <span>' . $coupon["credits"] . '</span>
                <span>' . $tip . '</span>';
                        }
                        if ($coupon["money"] > 0) {
                            // extract gold/silver/copper from single gold number
                            $coupon["money"] = str_pad($coupon["money"], 4, "0", STR_PAD_LEFT);
                            $coupon_g = substr($coupon["money"], 0, -4);
                            if ($coupon_g == "") {
                                $coupon_g = 0;
                            }
                            $coupon_s = substr($coupon["money"], -4, 2);
                            if ($coupon_s == "" || $coupon_s == "00") {
                                $coupon_s = 0;
                            }
                            $coupon_c = substr($coupon["money"], -2);
                            if ($coupon_c == "" || $coupon_c == "00") {
                                $coupon_c = 0;
                            }
                            $output .= '
                <br />
                <br />
                <span>' . $coupon_g . '</span>
                <img src="img/gold.gif" alt="gold" />
                <span>' . $coupon_s . '</span>
                <img src="img/silver.gif" alt="gold" />
                <span>' . $coupon_c . '</span>
                <img src="img/copper.gif" alt="gold" />';
                        }
                        if ($coupon["item_id"] != 0) {
                            if ($coupon["item_id"] > 0) {
                                // get item data
                                if ($core == 1) {
                                    $i_query = "SELECT \r\n                    *, description AS description1, name1 AS name, quality AS Quality, inventorytype AS InventoryType, \r\n                    socket_color_1 AS socketColor_1, socket_color_2 AS socketColor_2, socket_color_3 AS socketColor_3,\r\n                    requiredlevel AS RequiredLevel, allowableclass AS AllowableClass,\r\n                    sellprice AS SellPrice, itemlevel AS ItemLevel\r\n                    FROM items " . ($locales_search_option != 0 ? "LEFT JOIN items_localized ON (items_localized.entry=items.entry AND language_code='" . $locales_search_option . "') " : " ") . "WHERE items.entry='" . $coupon["item_id"] . "'";
                                } else {
                                    $i_query = "SELECT *, description AS description1 FROM item_template " . ($locales_search_option != 0 ? "LEFT JOIN locales_item ON locales_item.entry=item_template.entry " : " ") . "WHERE item_template.entry='" . $coupon["item_id"] . "'";
                                }
                                $i_result = $sql["world"]->query($i_query);
                                $i = $sql["world"]->fetch_assoc($i_result);
                                $output .= '
                <br />
                <br />
                <div class="coupon_item">
                  <div>
                    <a href="' . $base_datasite . $item_datasite . $coupon["item_id"] . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . $coupon["entry"] . '\');" onmouseout="HideTooltip(\'_b' . $coupon["entry"] . '\');">
                      <img src="' . get_item_icon($coupon["item_id"]) . '" alt="" />
                    </a>';
                                if ($coupon["item_count"] > 1) {
                                    $output .= '
                    <div class="ch_inv_quantity_shadow">' . $coupon["item_count"] . '</div>
                    <div class="ch_inv_quantity">' . $coupon["item_count"] . '</div>';
                                }
                                $output .= '
                  </div>';
                                // build a tooltip object for this item
                                $output .= '
                  <div class="item_tooltip_div" id="tooltip_b' . $coupon["entry"] . '" style="left: -129px; top: 42px;">
                    <div>' . get_item_tooltip($i, 0, 0, 0, 0, 0) . '</div>
                  </div>';
                                $output .= '
                </div>';
                            } else {
                                $output .= '
                <br />
                <br />
                <div class="coupon_item">
                  <div>
                    <a href="point_system.php?action=view_bag&amp;bag_id=' . $coupon["item_id"] * -1 . '" onmousemove="oldtoolTip(\'' . lang("points", "prize_bag") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">
                      <img src="' . get_item_icon(1725) . '" alt="" />
                    </a>
                  </div>
                </div>';
                            }
                        }
                        if ($coupon["raffle_id"] != 0) {
                            // find out how many entries per user the raffle allows and whether the raffle is enabled
                            if ($coupon["raffle_id"] != -1) {
                                $query = "SELECT tickets_per_user, enabled FROM point_system_raffles WHERE entry='" . $coupon["raffle_id"] . "'";
                                $result = $sql["mgr"]->query($query);
                                $result = $sql["mgr"]->fetch_assoc($result);
                                $per_user = $result["tickets_per_user"];
                                $raffle_enabled = $result["enabled"];
                                // if tickets_per_user is -1 then its unlimited, fake it with a reasonably high number
                                $per_user = 999999999;
                            } else {
                                // if it allows any raffle, then fake it
                                $per_user = 999999999;
                                $raffle_enabled = 1;
                            }
                            if ($raffle_enabled) {
                                // find out how many time we've entered
                                $query = "SELECT COUNT(*) FROM point_system_raffle_tickets WHERE raffle='" . $coupon["raffle_id"] . "' AND user='******'";
                                $result = $sql["mgr"]->query($query);
                                $result = $sql["mgr"]->fetch_assoc($result);
                                $tickets = $result["COUNT(*)"];
                                // if we haven't already purchased the maximum number of tickets
                                // or the raffle allows purchase of tickets from any raffle
                                if ($tickets < $per_user || $coupon["raffle_id"] == -1) {
                                    if ($coupon["redemption_option"] == 0) {
                                        $output .= '
                <br />
                <br />
                <span>' . lang("index", "and_raffle") . '</span>';
                                    } else {
                                        $output .= '
                <br />
                <br />
                <span>' . lang("index", "or_raffle") . '</span>';
                                    }
                                }
                            }
                        }
                        $output .= '
              </div>';
                    }
                    if ($coupon["credits"] < 0) {
                        $message = lang("points", "coupon_cost_credits");
                        $message = str_replace("%1", $coupon["credits"] * -1, $message);
                        $output .= '
              <div class="div_lined_line right_text">
                <span>' . $message . '</span>
              </div>';
                    }
                    if ($coupon["money"] < 0) {
                        $coupon["money"] = $coupon["money"] * -1;
                        $coupon_money = $coupon["money"];
                        $coupon_money = str_pad($coupon_money, 4, "0", STR_PAD_LEFT);
                        $cg = substr($coupon_money, 0, -4);
                        if ($cg == "") {
                            $cg = 0;
                        }
                        $cs = substr($coupon_money, -4, 2);
                        if ($cs == "" || $cs == "00") {
                            $cs = 0;
                        }
                        $cc = substr($coupon_money, -2);
                        if ($cc == "" || $cc == "00") {
                            $cc = 0;
                        }
                        $coupon_money_display = '
              <span>' . $cg . '</span>
              <img src="img/gold.gif" alt="" align="middle" />
              <span>' . $cs . '</span>
              <img src="img/silver.gif" alt="" align="middle" />
              <span>' . $cc . '</span>
              <img src="img/copper.gif" alt="" align="middle" />';
                        $message = lang("points", "coupon_cost_money");
                        $message = str_replace("%1", $coupon_money_display, $message);
                        $output .= '
              <div class="div_lined_line right_text">
                <span>' . $message . '</span>
              </div>';
                    }
                    $output .= '
              <div class="div_lined_line right_text">
                <a href="point_system.php?action=redeem_coupon&amp;coupon_id=' . $coupon["entry"] . '">
                  <img src="img/star.png" width="16" height="16" alt="" />
                  <span>&nbsp;' . lang("index", "use_coupon") . '</span>
                </a>
              </div>';
                    $output .= '
              <br />';
                }
            }
            if ($sql["mgr"]->num_rows($coupon_result)) {
                $output = substr($output, 0, strlen($output) - 20);
            }
            $output .= '
            </div>';
        }
    }
    // GM Tickets
    $start_m = isset($_GET["start_m"]) ? $sql["char"]->quote_smart($_GET["start_m"]) : 0;
    if (!is_numeric($start_m)) {
        $start_m = 0;
    }
    if ($core == 1) {
        $all_record_m = $sql["char"]->result($sql["char"]->query("SELECT COUNT(*) FROM gm_tickets WHERE deleted=0"), 0);
    } elseif ($core == 2) {
        $all_record_m = $sql["char"]->result($sql["char"]->query("SELECT COUNT(*) FROM character_ticket"), 0);
    } else {
        $all_record_m = $sql["char"]->result($sql["char"]->query("SELECT COUNT(*) FROM gm_tickets WHERE closedBy=0"), 0);
    }
    // show gm tickets
    $output .= '
            <br />';
    if ($user_lvl >= $action_permission["insert"]) {
        if ($all_record_m) {
            $output .= '
            <div class="div_lined">
              <div class="div_lined_head">
                <span>' . lang("index", "tickets") . '</span>
              </div>';
            if ($core == 1) {
                $result = $sql["char"]->query("SELECT ticketid, level, message, name, deleted,\r\n          timestamp, gm_tickets.playerGuid, acct\r\n          FROM gm_tickets\r\n            LEFT JOIN characters ON characters.guid=gm_tickets.playerGuid\r\n          ORDER BY ticketid DESC LIMIT " . $start_m . ", 3");
            } elseif ($core == 2) {
                $result = $sql["char"]->query("SELECT character_ticket.ticket_id AS ticketid, characters.level,\r\n          ticket_text AS message, characters.name, UNIX_TIMESTAMP(ticket_lastchange) AS timestamp,\r\n          character_ticket.guid AS playerGuid, account AS acct\r\n          FROM character_ticket\r\n            LEFT JOIN characters ON characters.guid=character_ticket.guid\r\n          ORDER BY ticketid DESC LIMIT " . $start_m . ", 3");
            } else {
                $result = $sql["char"]->query("SELECT gm_tickets.guid AS ticketid, characters.level, message,\r\n          gm_tickets.name, closedBy AS deleted, lastModifiedTime AS timestamp, gm_tickets.guid AS playerGuid, account AS acct\r\n          FROM gm_tickets\r\n            LEFT JOIN characters ON characters.guid=gm_tickets.guid\r\n          ORDER BY ticketid DESC LIMIT " . $start_m . ", 3");
            }
            while ($post = $sql["char"]->fetch_assoc($result)) {
                if (!$post["deleted"]) {
                    if ($core == 1) {
                        $login_result = $sql["logon"]->query("SELECT * FROM accounts WHERE acct='" . $post["acct"] . "'");
                    } else {
                        $login_result = $sql["logon"]->query("SELECT *, username AS login FROM account WHERE id='" . $post["acct"] . "'");
                    }
                    $login = $sql["logon"]->fetch_assoc($login_result);
                    $gm_result = $sql["mgr"]->query("SELECT SecurityLevel FROM config_accounts WHERE Login='******'");
                    $gm = $sql["mgr"]->fetch_assoc($gm_result);
                    $gm = $gm["SecurityLevel"];
                    if ($user_lvl > 0 && ($user_lvl >= gmlevel($gm) || $user_lvl == $action_permission["delete"])) {
                        $output .= '
              <div class="div_lined_line left_text">
                <a href="char.php?id=' . $post["playerGuid"] . '">
                  <span onmousemove="oldtoolTip(\'' . htmlspecialchars($login["username"]) . ' (' . id_get_gm_level($gm) . ')' . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . htmlentities($post["name"], ENT_COMPAT, $site_encoding) . '</span>
                </a>
              </div>
              <div class="div_lined_line left_text">
                <span>' . htmlspecialchars($post["message"]) . '</span>
              </div>
              <div class="div_lined_line right_text">';
                    }
                    $output .= '
                <span>' . lang("index", "submitted") . ": " . date('G:i:s m-d-Y', $post["timestamp"]) . '</span>';
                    $output .= '
              </div>
              <div class="div_lined_line right_text">';
                    if ($user_lvl >= $action_permission["update"]) {
                        $output .= '
                <a href="ticket.php?action=edit_ticket&amp;error=4&amp;id=' . $post["ticketid"] . '">
                  <img src="img/edit.png" width="16" height="16" alt="" />
                </a>';
                    }
                    $output .= '
              </div>
              <br />';
                }
            }
            $output .= '
            </div>';
        }
    }
    // Character Changes
    // count pending character changes
    $char_change_count = $sql["mgr"]->result($sql["mgr"]->query("SELECT COUNT(*) FROM char_changes"), 0);
    // show pending character changes
    $output .= '
            <br />';
    if ($user_lvl >= $action_permission["update"]) {
        if ($char_change_count) {
            $output .= '
            <div class="div_lined">
              <div class="div_lined_head">
                <span>' . lang("index", "pendingchanges") . '</span>
              </div>';
            $result = $sql["mgr"]->query("SELECT * FROM char_changes");
            while ($change = $sql["mgr"]->fetch_assoc($result)) {
                if ($core == 1) {
                    $change_char_query = "SELECT * FROM characters WHERE guid='" . $change["guid"] . "'";
                } else {
                    $change_char_query = "SELECT *, account AS acct FROM characters WHERE guid='" . $change["guid"] . "'";
                }
                $change_char = $sql["char"]->fetch_assoc($sql["char"]->query($change_char_query));
                if ($core == 1) {
                    $change_acct_query = "SELECT * FROM accounts WHERE acct='" . $change_char["acct"] . "'";
                } else {
                    $change_acct_query = "SELECT *, username AS login FROM account WHERE id='" . $change_char["acct"] . "'";
                }
                $change_acct = $sql["logon"]->fetch_assoc($sql["logon"]->query($change_acct_query));
                if (isset($change["new_name"])) {
                    // Localization
                    $namechange = lang("xname", "playerhasreq");
                    $namechange = str_replace("%1", htmlspecialchars($change_acct["login"]), $namechange);
                    $namechange = str_replace("%2", htmlspecialchars($change_char["name"]), $namechange);
                    $namechange = str_replace("%3", htmlspecialchars($change["new_name"]), $namechange);
                    $output .= '
              <div class="div_lined_line left_text large">
                <span>' . $namechange . '</span>';
                }
                if (isset($change["new_race"])) {
                    // Localization
                    $racechange = lang("xrace", "playerhasreq");
                    $racechange = str_replace("%1", htmlspecialchars($change_acct["login"]), $racechange);
                    $racechange = str_replace("%2", htmlspecialchars($change_char["name"]), $racechange);
                    $racechange = str_replace("%3", char_get_race_name($change["new_race"]), $racechange);
                    $output .= '
              <div class="div_lined_line left_text large">
                <span>' . $racechange . '</span>';
                }
                if (isset($change["new_acct"])) {
                    if ($core == 1) {
                        $new_acct_query = "SELECT login FROM accounts WHERE acct='" . $change["new_acct"] . "'";
                    } else {
                        $new_acct_query = "SELECT username AS login FROM account WHERE id='" . $change["new_acct"] . "'";
                    }
                    $new_acct_result = $sql["logon"]->query($new_acct_query);
                    $new_acct_result = $sql["logon"]->fetch_assoc($new_acct_result);
                    $new_acct_name = $new_acct_result["login"];
                    // Localization
                    $acctchange = lang("xacct", "playerhasreq");
                    $acctchange = str_replace("%1", htmlspecialchars($change_acct["login"]), $acctchange);
                    $acctchange = str_replace("%2", htmlspecialchars($change_char["name"]), $acctchange);
                    $acctchange = str_replace("%3", $new_acct_name, $acctchange);
                    $output .= '
              <div class="div_lined_line left_text large">
                <span>' . $acctchange . '</span>';
                }
                if ($change_char["online"]) {
                    $output .= '
                <br />
                <br />
                <img src="img/aff_warn.gif" alt="warn" />
                <span class="error">' . lang("xname", "online") . '</span>';
                }
                $output .= '
              </div>';
                if (isset($change["new_name"])) {
                    $file = "change_char_name.php";
                } elseif (isset($change["new_race"])) {
                    $file = "change_char_race.php";
                } else {
                    $file = "change_char_account.php";
                }
                $output .= '
              <div class="div_lined_line right_text">
                <a href="' . $file . '?action=denied&amp;guid=' . $change["guid"] . '">
                  <img src="img/cross.png" width="12" height="12" alt="" />
                </a>';
                if (!$change_char["online"]) {
                    $output .= '
                <a href="' . $file . '?action=approve&amp;guid=' . $change["guid"] . '">
                  <img src="img/aff_tick.png" width="14" height="14" alt="" />
                </a>';
                }
                $output .= '
              </div>
              <br />';
            }
            $output .= '
            </div>';
        }
    }
    //print online chars
    if ($online && $user_lvl >= $player_online) {
        //==========================$_GET and SECURE=================================
        $start = isset($_GET["start"]) ? $sql["char"]->quote_smart($_GET["start"]) : 0;
        if (!is_numeric($start)) {
            $start = 0;
        }
        $order_by = isset($_GET["order_by"]) ? $sql["char"]->quote_smart($_GET["order_by"]) : "name";
        if (!preg_match("/^[_[:lower:]]{1,12}\$/", $order_by)) {
            $order_by = "name";
        }
        $dir = isset($_GET["dir"]) ? $sql["char"]->quote_smart($_GET["dir"]) : 1;
        if (!preg_match("/^[01]{1}\$/", $dir)) {
            $dir = 1;
        }
        $order_dir = $dir ? "ASC" : "DESC";
        $dir = $dir ? 0 : 1;
        //==========================$_GET and SECURE end=============================
        if ($order_by === "mapid") {
            $order_by = "mapid, zoneid ";
            $order_hold = "mapid";
        } elseif ($order_by === "zoneid") {
            $order_by = "zoneid, mapid ";
            $order_hold = "zoneid";
        } else {
            $order_hold = $order_by;
        }
        $order_side = "";
        if (!($user_lvl || $server[$realm_id]["both_factions"])) {
            if ($core == 1) {
                $result = $sql["char"]->query("SELECT race FROM characters WHERE acct=" . $user_id . "\r\n          AND SUBSTRING_INDEX(SUBSTRING_INDEX(playedtime, ' ', 2), ' ', -1)=(SELECT MAX(SUBSTRING_INDEX(SUBSTRING_INDEX(playedtime, ' ', 2), ' ', -1)) FROM characters WHERE acct=" . $user_id . ") LIMIT 1");
            } else {
                $result = $sql["char"]->query("SELECT race FROM characters WHERE account=" . $user_id . "\r\n          AND totaltime=(SELECT MAX(totaltime) FROM characters WHERE account=" . $user_id . ") LIMIT 1");
            }
            if ($sql["char"]->num_rows($result)) {
                $order_side = in_array($sql["char"]->result($result, 0), array(2, 5, 6, 8, 10)) ? " AND race IN (2, 5, 6, 8, 10) " : " AND race IN (1, 3, 4, 7, 11) ";
            }
        }
        if ($core == 1) {
            $result = $sql["char"]->query("SELECT guid, name, race, class, zoneid, mapid, level, characters.acct, gender,\r\n                            CAST( SUBSTRING_INDEX( SUBSTRING_INDEX( data, ';', " . (PLAYER_FIELD_HONOR_CURRENCY + 1) . " ), ';', -1 ) AS UNSIGNED ) AS highest_rank, lastip\r\n                            FROM characters\r\n                              LEFT JOIN `" . $logon_db["name"] . "`.accounts ON characters.acct=`" . $logon_db["name"] . "`.accounts.acct\r\n                            WHERE characters.online=1 " . $order_side . " ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage);
        } elseif ($core == 2) {
            $result = $sql["char"]->query("SELECT guid, name, race, class, zone AS zoneid, map AS mapid, level, account AS acct, gender,\r\n                            totalHonorPoints AS highest_rank, last_ip AS lastip\r\n                            FROM characters\r\n                              LEFT JOIN `" . $logon_db["name"] . "`.account ON characters.account=`" . $logon_db["name"] . "`.account.id\r\n                            WHERE characters.online=1 " . $order_side . " ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage);
        } else {
            $result = $sql["char"]->query("SELECT characters.guid, characters.name, race, class, zone AS zoneid, map AS mapid, level, account AS acct, gender,\r\n                            totalHonorPoints AS highest_rank, latency, last_ip AS lastip, guild.name AS gname\r\n                            FROM characters\r\n                              LEFT JOIN `" . $logon_db["name"] . "`.account ON characters.account=`" . $logon_db["name"] . "`.account.id\r\n                              LEFT JOIN guild_member ON characters.guid=guild_member.guid\r\n                              LEFT JOIN guild ON guild_member.guildid=guild.guildid\r\n                            WHERE characters.online=1 " . $order_side . " ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage);
        }
        $total_online = $sql["char"]->result($sql["char"]->query("SELECT count(*) FROM characters WHERE online= 1"), 0);
        $output .= '
            <div class="div_lined center_text">
              <span class="bold">' . lang("index", "tot_users_online") . ': ' . $total_online . '</span>
            </div>';
        if ($total_online) {
            $output .= '
            <table class="lined">
              <tr>
                <td colspan="' . (9 - $showcountryflag) . '" align="right" class="hidden" style="width: 25%;">';
            $output .= generate_pagination("index.php?start_m=" . $start_m . "&amp;order_by=" . $order_hold . "&amp;dir=" . ($dir ? 0 : 1), $total_online, $itemperpage, $start);
            $output .= '
                </td>
              </tr>
              <tr>
                <th style="width: 15%;">
                  <a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=name&amp;dir=' . $dir . '"' . ($order_by === "name" ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "name") . '</a>
                </th>
                <th style="width: 1%;">
                  <a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=race&amp;dir=' . $dir . '"' . ($order_by === "race" ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "race") . '</a>
                </th>
                <th style="width: 1%;">
                  <a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=class&amp;dir=' . $dir . '"' . ($order_by === "class" ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "class") . '</a>
                </th>
                <th style="width: 5%;">
                  <a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=level&amp;dir=' . $dir . '"' . ($order_by === "level" ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "level") . '</a>
                </th>
                <th style="width: 1%;">
                  <a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=highest_rank&amp;dir=' . $dir . '"' . ($order_by === "highest_rank" ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "rank") . '</a>
                </th>
                <th style="width: 15%;">
                  <a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=gname&amp;dir=' . $dir . '"' . ($order_by === "gname" ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "guild") . '</a>
                </th>
                <th style="width: 20%;">
                  <a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=mapid&amp;dir=' . $dir . '"' . ($order_by === "mapid, zoneid " ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "map") . '</a>
                </th>
                <th style="width: 25%;">
                  <a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=zoneid&amp;dir=' . $dir . '"' . ($order_by === "zoneid, mapid " ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "zone") . '</a>
                </th>';
            if ($core == 1) {
                $output .= '
                <th style="width: 25%;">
                  <span>' . lang("index", "area") . '</span>
                </th>';
            }
            // this_is_junk: MaNGOS doesn't store player latency
            if ($core != 2) {
                if (!$hide_plr_latency) {
                    // this_is_junk: Trinity is the only core which can sort by Player Latency
                    if ($core == 3) {
                        $output .= '
                <th style="width: 1%;">
                  <a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=latency&amp;dir=' . $dir . '"' . ($order_by === "latency" ? ' class="' . $order_dir . '"' : '') . '>
                    <img src="img/time.png" onmousemove="oldtoolTip(\'' . lang("index", "latency") . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt=""' . ($order_by === "latency" ? '' : ' style="position: relative; top: 7px;"') . ' />
                  </a>
                </th>';
                    } else {
                        $output .= '
                <th style="width: 1%;">
                  <img src="img/time.png" onmousemove="oldtoolTip(\'' . lang("index", "latency") . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" style="position: relative; top: 7px;" />
                </th>';
                    }
                }
            }
            if ($showcountryflag) {
                require_once "libs/misc_lib.php";
                $output .= '
                <th style="width: 1%;">
                  <a href="index.php?start=' . $start . '&amp;start_m=' . $start_m . '&amp;order_by=lastip&amp;dir=' . $dir . '"' . ($order_by === "lastip" ? ' class="' . $order_dir . '"' : '') . '>
                    <img src="img/world.png" onmousemove="oldtoolTip(\'' . lang("global", "country") . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt=""' . ($order_by === "lastip" ? '' : ' style="position: relative; top: 7px;"') . ' />
                  </a>
                </th>';
            }
            $output .= '
              </tr>';
        }
        while ($char = $sql["char"]->fetch_assoc($result)) {
            if ($core == 1) {
                $ca_query = "SELECT accounts.login AS name FROM `" . $logon_db["name"] . "`.accounts LEFT JOIN `" . $corem_db["name"] . "`.config_accounts ON accounts.login=`" . $corem_db["name"] . "`.config_accounts.Login COLLATE utf8_unicode_ci WHERE acct='" . $char["acct"] . "'";
            } else {
                $ca_query = "SELECT *, username AS name FROM `" . $logon_db["name"] . "`.account LEFT JOIN `" . $corem_db["name"] . "`.config_accounts ON account.username=`" . $corem_db["name"] . "`.config_accounts.Login WHERE id='" . $char["acct"] . "'";
            }
            $ca_result = $sql["mgr"]->query($ca_query);
            $char_acct = $sql["mgr"]->fetch_assoc($ca_result);
            $gm = $char_acct["SecurityLevel"];
            if (!isset($gm)) {
                $gm = 0;
            }
            if ($core == 1) {
                $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_data WHERE playerid='" . $char["guid"] . "'"), 0);
            } else {
                $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_member WHERE guid='" . $char["guid"] . "'"), 0);
            }
            if ($core == 1) {
                $guild_name_query = "SELECT guildName FROM guilds WHERE guildid='" . $guild_id . "'";
            } else {
                $guild_name_query = "SELECT name AS guildName FROM guild WHERE guildid='" . $guild_id . "'";
            }
            $guild_name_result = $sql["char"]->query($guild_name_query);
            $guild_name = $sql["char"]->fetch_assoc($guild_name_result);
            $guild_name = $guild_name["guildName"];
            $output .= '
              <tr>
                <td>';
            if ($user_lvl > 0 && ($user_lvl >= gmlevel($gm) || $user_lvl == $action_permission["delete"])) {
                $output .= '
                  <a href="char.php?id=' . $char["guid"] . '">
                    <span onmousemove="oldtoolTip(\'' . htmlspecialchars($char_acct["name"]) . ' (' . id_get_gm_level($gm) . ')' . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . '</span>
                  </a>';
            } else {
                $output .= '
                  <span>' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . '</span>';
            }
            $output .= '
                </td>
                <td>
                  <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                </td>
                <td>
                  <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
                </td>
                <td>' . char_get_level_color($char["level"]) . '</td>
                <td>
                  <span onmouseover="oldtoolTip(\'' . char_get_pvp_rank_name($char["highest_rank"], char_get_side_id($char["race"])) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" id="index_delete_cursor"><img src="img/ranks/rank' . char_get_pvp_rank_id($char["highest_rank"], char_get_side_id($char["race"])) . '.gif" alt="" /></span>
                </td>
                <td>
                  <a href="guild.php?action=view_guild&amp;error=3&amp;id=' . $guild_id . '">' . htmlentities($guild_name, ENT_COMPAT, $site_encoding) . '</a>
                </td>
                <td>
                  <span onmousemove="oldtoolTip(\'MapID:' . $char["mapid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_map_name($char["mapid"]) . '</span>
                </td>
                <td>
                  <span onmousemove="oldtoolTip(\'ZoneID:' . $char["zoneid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_zone_name($char["zoneid"]) . '</span>
                </td>';
            // display player area, if available
            if ($core == 1) {
                for ($i = 0; $i < count($stats["plrs_area"]); $i++) {
                    if ($stats["plrs_area"][$i][0] == $char["name"]) {
                        $output .= '
                <td>
                  <span onmousemove="toolTip(\'AreaID:' . $stats["plrs_area"][$i][1] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_zone_name($stats["plrs_area"][$i][1]) . '</span>
                </td>';
                    }
                    if (!isset($stats["plrs_lat"][$i][1])) {
                        $output .= '
                <td>-</td>';
                    }
                }
            }
            // display player latency, if enabled, and if available
            if (!$hide_plr_latency) {
                if ($core == 1) {
                    for ($i = 0; $i < count($stats["plrs_lat"]); $i++) {
                        if ($stats["plrs_lat"][$i][0] == $char["name"]) {
                            $output .= '
                <td>' . $stats["plrs_lat"][$i][1] . '</td>';
                        }
                        if (!isset($stats["plrs_lat"][$i][1])) {
                            $output .= '
                <td>-</td>';
                        }
                    }
                } else {
                    // this_is_junk: MaNGOS doesn't store player latency
                    if ($core == 3) {
                        $output .= '
                <td>' . $char["latency"] . '</td>';
                    }
                }
            }
            if ($showcountryflag) {
                $country = misc_get_country_by_ip($char["lastip"]);
                $output .= '
                <td>' . ($country["code"] ? '<img src="img/flags/' . $country["code"] . '.png" onmousemove="oldtoolTip(\'' . $country["country"] . ($user_lvl >= $action_permission["update"] ? '<br />' . $country["actualip"] : '') . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />' : '-') . '</td>';
            }
            $output .= '
              </tr>';
        }
        if ($total_online) {
            $output .= '
              <tr>';
            $output .= '
                <td colspan="' . (9 - $showcountryflag) . '" align="right" class="hidden" style="width: 25%;">';
            $output .= generate_pagination("index.php?start_m=" . $start_m . "&amp;order_by=" . $order_by . "&amp;dir=" . ($dir ? 0 : 1), $total_online, $itemperpage, $start);
            $output .= '
                </td>
              </tr>
            </table>';
        }
        $output .= '
            <br />';
        unset($total_online);
    }
}