function showPlayerWarningList($bdd)
{
global $mwarning2, $mwarning4, $mwarning5;
?>
<br />
<table class="table">
<tr>
<th>
<?php
echo $mwarning2;
?>
</th>
<th>
<?php
echo $mwarning4;
?>
</th>
</tr>
<?php
foreach ($bdd->query("SELECT * FROM Caranille_Warnings\n ORDER BY Warning_ID ASC") as $warning) {
$accountID = stripslashes($warning['Warning_Receiver']);
$warningID = stripslashes($warning['Warning_ID']);
?>
<tr>
<th>
<?php
newAccount($bdd, $accountID)->getPseudo();
?>
</th>
<th>
<form method="POST" action="Delete.php">
<input type="hidden" name="warningID" value="<?php
echo $warningID;
?>
">
<input class="btn btn-danger" type="submit" value="<?php
echo $mwarning5;
?>
">
</form>
</th>
</tr>
<?php
}
?>
</table>
<?php
}
function showPlayerSanctionList($bdd)
{
global $msanction3, $msanction4, $msanction5;
?>
<br />
<table class="table">
<tr>
<th>
<?php
echo $msanction3;
?>
</th>
<th>
<?php
echo $msanction4;
?>
</th>
</tr>
<?php
foreach ($bdd->query("SELECT * FROM Caranille_Accounts \n WHERE Account_Status = '1' \n ORDER BY Account_Pseudo ASC") as $player) {
$accountID = stripslashes($player['Account_ID']);
?>
<tr>
<th>
<?php
newAccount($bdd, $accountID)->getPseudo();
?>
</th>
<th>
<form method="POST" action="Delete.php">
<input type="hidden" name="accountID" value="<?php
echo $accountID;
?>
">
<input class="btn btn-danger" type="submit" value="<?php
echo $msanction5;
?>
">
</form>
</th>
</tr>
<?php
}
?>
</table>
<?php
}
function writeAccount()
{
global $_GET;
$OUTPUT = "";
// verify
extract($_GET);
$v =& new validate();
if (isset($account_name)) {
$v->isOK($account_name, "string", 1, 150, "Invalid account name.");
}
if (isset($server_host)) {
$v->isOK($server_host, "url", 0, 255, "Invalid host for pop3 server.");
}
if (isset($server_user)) {
$v->isOK($server_user, "string", 0, 255, "Invalid username.");
}
if (isset($server_pass)) {
if (strpos($server_pass, "'")) {
$v->addError("Invalid POP4 password.");
}
}
if (isset($server_pass_confirm)) {
$v->pwMatch($server_pass, $server_passconfirm, "Passwords do not match");
}
if (isset($smtp_from)) {
$v->isOK($smtp_from, "email", 0, 255, "Invalid email address in SMTP from field");
}
if (isset($smtp_reply)) {
$v->isOK($smtp_reply, "email", 0, 255, "Invalid email address in SMTP reply field");
}
if (isset($signature)) {
$v->isOK($signature, "string", 0, 1024, "Invalid signature");
}
if (isset($smtp_host)) {
$v->isOK($smtp_host, "url", 0, 255, "Invalid SMTP host");
}
if (isset($smtp_user)) {
$v->isOK($smtp_user, "string", 0, 255, "Invalid SMTP user.");
}
if (isset($smtp_pass)) {
if (strpos($smtp_pass, "'")) {
$v->addError("Invalid SMTP password.");
}
}
if (isset($smtp_passconfirm)) {
$v->pwMatch($smtp_pass, $smtp_passconfirm, "SMTP passwords do not match");
}
// was there erros
if ($v->isError()) {
$err = $v->getErrors();
foreach ($err as $ernum => $val) {
$OUTPUT .= "{$val['msg']}<br>";
}
// load the previous function
$OUTPUT .= newAccount();
return $OUTPUT;
}
// change the checkboxes to values recognized by the db
if (!isset($active)) {
$active = "0";
}
if (!isset($user_edit)) {
$user_edit = "0";
}
if (!isset($leave_msgs)) {
$leave_msgs = "0";
}
if (!isset($enable_smtp)) {
$enable_smtp = "0";
}
//if ( ! isset($smtp_auth) ) $smtp_auth = "0";
$smtp_auth = "0";
if (!isset($public)) {
$public = "0";
}
if ($active == "on") {
$active = "1";
}
if ($user_edit == "on") {
$user_edit = "1";
}
if ($leave_msgs == "on") {
$leave_msgs = "1";
}
if ($enable_smtp == "on") {
$enable_smtp = "1";
}
if ($smtp_auth == "on") {
$smtp_auth = "1";
}
if ($public == "on") {
$public = "1";
}
pglib_transaction("BEGIN");
$sql = "INSERT INTO mail_accounts (username, user_edit, active, account_name, server_type, server_host, server_user,\r\n\t\t\tserver_pass, leave_msgs, enable_smtp, smtp_from, smtp_reply, smtp_host, smtp_auth, smtp_user,\r\n\t\t\tsmtp_pass, signature, \"public\")\r\n\t\tVALUES ('{$username}', '{$user_edit}', '{$active}', '{$account_name}', 'POP3', '{$server_host}', '{$server_user}',\r\n\t\t\t'{$server_pass}', '{$leave_msgs}', '{$enable_smtp}', '{$smtp_from}', '{$smtp_reply}', '{$smtp_host}',\r\n\t\t\t'{$smtp_auth}', '{$smtp_user}', '{$smtp_pass}', '{$signature}', '{$public}')";
$rslt = db_exec($sql);
if (pg_cmdtuples($rslt) <= 0) {
return "Error creating account. Please contact Cubit.<br>";
}
$aid = pglib_lastid("mail_accounts", "account_id");
pglib_transaction("COMMIT");
// create the five special folders folders
db_exec("INSERT INTO mail_folders (parent_id, account_id, icon_open, icon_closed, name, username, \"public\")\r\n\t\tVALUES (0, {$aid}, 'icon_inboxopen.gif', 'icon_inboxclosed.gif', 'Inbox', '{$username}', '0')");
/*db_exec("INSERT INTO mail_folders (parent_id, account_id, icon_open, icon_closed, name, username, public)
VALUES (0, $aid, 'icon_folderopen.gif', 'icon_folderclosed.gif', 'Outbox', '$username', '0')");
db_exec("INSERT INTO mail_folders (parent_id, account_id, icon_open, icon_closed, name, username, public)
VALUES (0, $aid, 'icon_draftsopen.gif', 'icon_draftsclosed.gif', 'Drafts', '$username', '0')");*/
db_exec("INSERT INTO mail_folders (parent_id, account_id, icon_open, icon_closed, name, username, public)\r\n\t\tVALUES (0, {$aid}, 'icon_sentopen.gif', 'icon_sentclosed.gif', 'Sent Items', '{$username}', '0')");
/*db_exec("INSERT INTO mail_folders (parent_id, account_id, icon_open, icon_closed, name, username, public)
VALUES (0, $aid, 'icon_trashopen.gif', 'icon_trashclosed.gif', 'Trash', '$username', '0')");*/
// set them as the special folders
$rslt = db_exec("SELECT folder_id FROM mail_folders WHERE name='Inbox' AND account_id={$aid}");
$inbox = pg_fetch_result($rslt, 0, 0);
/*$rslt = db_exec("SELECT folder_id FROM mail_folders WHERE name='Outbox' AND account_id=$aid");
$outbox = pg_fetch_result($rslt, 0, 0);
$rslt = db_exec("SELECT folder_id FROM mail_folders WHERE name='Drafts' AND account_id=$aid");
$drafts = pg_fetch_result($rslt, 0, 0);*/
$rslt = db_exec("SELECT folder_id FROM mail_folders WHERE name='Sent Items' AND account_id={$aid}");
$sentitems = pg_fetch_result($rslt, 0, 0);
/*$rslt = db_exec("SELECT folder_id FROM mail_folders WHERE name='Trash' AND account_id=$aid");
$trash = pg_fetch_result($rslt, 0, 0);*/
//db_exec("INSERT INTO mail_account_settings VALUES($aid, $inbox, $drafts, $sentitems, $trash, $outbox)");
db_exec("INSERT INTO mail_account_settings VALUES('{$aid}', '{$inbox}', 0, '{$sentitems}', 0, 0)");
// the following java script merely refreshes the tree view frame, so the new account get's shown
$OUTPUT .= "<script>\r\n\t\tparent.tree.document.location.reload();\r\n\t</script>Succesfully created account.<br>";
return $OUTPUT;
}
<?php
$timeStart = microtime(true);
session_start();
if (empty($_SESSION)) {
exit(header("Location: ../../index.php"));
}
require_once $_SESSION['File_Root'] . '/Kernel/Include.php';
require_once $_SESSION['File_Root'] . '/HTML/Header.php';
redirectToLogin($accountID, $linkRoot);
redirectToBattle($verifyBattle, $linkRoot);
hasAdmin($accountAccess);
$accountID = htmlspecialchars(addslashes($_POST['accountID']));
$playerAccount = newAccount($bdd, $accountID);
$Account_Pseudo = $playerAccount->getPseudo();
$Account_Email = $playerAccount->getEmail();
$Account_Access = $playerAccount->getAccess();
?>
<br>
<div class="panel panel-warning">
<div class="panel-heading"></div>
<div class="panel-body">
<form method="POST" action="EndEdit.php">
<?php
echo $aaccounts2;
?>
<br> <input type="text" name="accountPseudo" class="form-control" placeholder="<?php
echo $aaccounts2;
?>
" value="<?php
<?php
if (isset($_SESSION['Account_ID'])) {
$account = newAccount($bdd, $_SESSION['Account_ID']);
$character = newCharacter($bdd, $_SESSION['Account_ID']);
$town = newTown($bdd, $character->getTownID());
$verifyBattle = verifyBattle($bdd, $character->getID());
if ($verifyBattle >= 1) {
$monster = newBattleMonster($bdd, $character->getID());
$monsterID = $monster->getID();
$monsterPicture = $monster->getPicture();
$monsterName = $monster->getName();
$monsterDescription = $monster->getDescription();
$monsterLevel = $monster->getLevel();
$monsterHP = $monster->getHp();
$monsterMP = $monster->getMp();
$monsterStrength = $monster->getStrength();
$monsterMagic = $monster->getMagic();
$monsterAgility = $monster->getAgility();
$monsterDefense = $monster->getDefense();
$monsterExperience = $monster->getExperience();
$monsterGold = $monster->getGold();
$minStrength = $character->getStrength() / 1.1;
$maxStrength = $character->getStrength() * 1.1;
$minMagic = $character->getMagic() / 1.1;
$maxMagic = $character->getMagic() * 1.1;
$minDefense = $character->getDefense() / 1.1;
$maxDefense = $character->getDefense() * 1.1;
$monsterMinStrength = $monster->getStrength() / 1.1;
$monsterMaxStrength = $monster->getStrength() * 1.1;
$monsterMinDefense = $monster->getDefense() / 1.1;
require_once 'actions/configchecks.php';
$isConfig = isConfigSet();
pageinit('home');
startbody();
pageheader();
startpagecontent();
startcontent();
if ($isConfig) {
statistics();
} else {
configform();
}
kigmintro();
endcontent();
startsidebar();
if (isset($_SESSION['info'])) {
operationinformation();
unset($_SESSION['info']);
}
if ($isConfig) {
loginform();
newAccount();
} else {
configInfo();
}
endsidebar();
divclear();
endpagecontent();
pagefooter();
endbody();
pageend();
$nombreDestinatario = $app->request->headers->get('nombreDestinatario');
$numeroUnidades = $app->request->headers->get('numeroUnidades');
$numeroDocumento = $app->request->headers->get('numeroDocumento');
$nombreDestinatario2 = $app->request->headers->get('nombreDestinatario2');
$destino2 = $app->request->headers->get('destino2');
$motivo = $app->request->headers->get('motivo');
$cupoDisponible = $app->request->headers->get('cupoDisponible');
$cupoCr = $app->request->headers->get('cupoCr');
$totalCartera = $app->request->headers->get('totalCartera');
$condicionPago = $app->request->headers->get('condicionPago');
$plazoPago = $app->request->headers->get('plazoPago');
$promedioPago = $app->request->headers->get('promedioPago');
$carteraVencida = $app->request->headers->get('carteraVencida');
$carteraVencer = $app->request->headers->get('carteraVencer');
//LLama el método que lee de la base de datos y obtiene la respuesta
$respuesta = newAccount($name, $nit, $codigoAlterno, $canal, $sector, $telefono1, $ext1, $telefono2, $ext2, $celular, $fax, $direccion, $municipio, $departamento, $zona, $uen, $email, $web, $grupo, $segmento, $estado, $descuento, $presupuesto, $descripcion, $correoTransporte, $usuarioAsignado, $usuarioCreador, $fechaConstitucion, $ventasActual, $ventasAnterior, $numeroAlianzas, $alianzas, $origenCuenta, $fechaFacturacion, $facturacionDiaria, $facturacionAcumuladaMes, $porcentajeCumplimiento, $facturacionAutorizada, $facturacionNoAutorizada, $fechaDespacho, $remesa, $destino, $nombreDestinatario, $numeroUnidades, $numeroDocumento, $nombreDestinatario2, $destino2, $motivo, $cupoDisponible, $cupoCr, $totalCartera, $condicionPago, $plazoPago, $promedioPago, $carteraVencida, $carteraVencer);
//Muestra la respuesta al cliente
echo $respuesta;
});
//--------------------------------------------------------------------------------------------------
$app->put('/editAccount', function () {
//Importa el archivo que contiene el método
require_once 'Servicios/editAccount.php';
$app = new \Slim\Slim();
require_once 'Servicios/Auth.php';
$deviceId = $app->request->headers->get('deviceID');
$hash = $app->request->headers->get('hash');
$respuesta = auth($deviceId, $hash);
if ($respuesta != "Auth_OK") {
echo $respuesta;
return;
require_once $_SESSION['File_Root'] . '/HTML/Header.php';
require_once 'Functions/SQL.php';
$accountPseudo = htmlspecialchars(addslashes($_POST['accountPseudo']));
$accountPassword = htmlspecialchars(addslashes($_POST['accountPassword']));
$account = findAccount($bdd, $accountPseudo);
?>
<br>
<div class="panel panel-danger">
<div class="panel-heading"></div>
<div class="panel-body">
<?php
if (DeCryptMDP($accountPassword, $account['Account_Password'])) {
$ID = findIdByPseudo($bdd, $accountPseudo);
$account = newAccount($bdd, $ID);
if ($account->getStatus() == 0) {
$gameStatus = verifyConnectionGame($bdd);
if ($gameStatus == 0) {
$_SESSION['Account_ID'] = $ID;
echo "lol";
exit(header("Location: {$linkRoot}/Modules/Main/index.php"));
} else {
if ($account->getAccess() == 2) {
$_SESSION['Account_ID'] = $ID;
exit(header("Location: {$linkRoot}/Modules/Main/index.php"));
} else {
echo $login7;
}
}
} else {
$passwordLv2Err = "Bạn cần phải nhập đủ mật khẩu cấp 2 !";
} else {
$passwordLv2 = test_input($_POST["passwordLv2"]);
$passwordLv2Err = "";
}
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (checkEmployeeNumberExists($employeeNumber)) {
$employeeNumberErr = "Mã nhân viên này đã được đăng kí, <a href='LongNAForgotPassword.php'>Quên mật khẩu ???</a>";
}
if (checkUserNameExisted($userName)) {
$userNameErr = "Tên đăng nhập này đã được sử dụng bởi người khác, xin thử lại!";
}
if (!checkUserNameExisted($userName) && !checkEmployeeNumberExists($employeeNumber)) {
echo "Dang ki";
newAccount($employeeNumber, $userName, $password, $passwordLv2);
}
}
function newAccount($employeeNumberparam, $userNameParam, $passwordParam, $passwordLv2Param)
{
$host = "localhost";
$user = "******";
$password = "";
$table = "account";
$check = 0;
$now = "NOW()";
$userNameParam = "'{$userNameParam}'";
$passwordParam = "'{$passwordParam}'";
$passwordLv2Param = "'{$passwordLv2Param}'";
$normalUser = "******";
$mysql = "INSERT INTO " . $table . " VALUES({$employeeNumberparam}, {$userNameParam}, {$passwordParam}, {$passwordLv2Param}, {$now}, {$normalUser});";
$employeeType = test_input($_POST["employeeType"]);
}
if (is_null($_POST["gender"])) {
$genderErr = "Bạn cần phải nhập vào giới tính của nhân viên";
} else {
$gender = test_input($_POST["gender"]);
}
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (checkEmployeeNumberExists($employeeNumber)) {
$employeeNumberErr = "Mã nhân viên này đã được đăng kí, Xin hãy thử một mã khác";
} else {
if (!$checkNumberic) {
$employeeNumberErr = "Mã nhân viên phải là số";
} else {
newAccount($employeeNumber, $employeeName, $employeeType, $gender);
}
}
}
function checkEmployeeNumberExists($employeeNumberparam)
{
$host = "localhost";
$user = "******";
$password = "";
$mysql = "SELECT employeeNumber FROM account";
$link = mysql_connect($host, $user, $password);
if ($link) {
$result = mysql_db_query("abckitchen", $mysql);
while ($row = mysql_fetch_array($result)) {
if ($employeeNumberparam === $row["employeeNumber"]) {
return true;
