/** * Creates a list of the given item on stock. * * @global type $UMC_DATA * @param type $table * @param type $item * @param type $type * @param type $uuid * @return type */ function umc_shopmgr_stocklist($table, $item = false, $type = 0, $uuid = false) { global $UMC_DATA; $where = "WHERE damage={$type}"; // do not show item column if there is only one type $what = 'concat(item_name,' | ',damage, ' | ', meta) AS item_name, '; if ($item && isset($UMC_DATA[$item])) { $where .= " AND item_name='{$item}'"; $what = ''; } if ($uuid && umc_check_user($uuid)) { $where .= " AND uuid='{$uuid}'"; } $sql = "SELECT id AS shop_id, {$what} uuid, amount AS quantity, price FROM minecraft_iconomy.{$table} {$where}"; $data_rst = umc_mysql_query($sql); $sort_column = '0, "desc"'; $non_numeric = array('item_name', 'uuid'); $check = umc_web_table('shop' . $table, $sort_column, $data_rst, '', array(), $non_numeric); if (!$check) { XMPP_ERROR_trigger("Error creating web_table with SQL {$sql}"); return "Error creating data table. Admin was notified, please wait until it is fixed"; } else { return $check; } }
function umc_webkarma() { XMPP_ERROR_trace(__FUNCTION__, func_get_args()); $members = umc_get_active_members(); // list onliny active receivers $all_sql = "SELECT SUM(karma), receiver_uuid, receivers.username AS username\r\n FROM minecraft_srvr.karma\r\n LEFT JOIN minecraft_srvr.UUID AS receivers ON receiver_uuid=receivers.uuid\r\n LEFT JOIN minecraft_srvr.UUID AS senders ON sender_uuid=senders.uuid\r\n\tWHERE senders.lot_count > 0\r\n GROUP BY receiver_uuid\r\n ORDER BY SUM(karma) DESC, username ASC"; $all_data = umc_mysql_fetch_all($all_sql); $out_data = array(); foreach ($all_data as $row) { $receiver = $row['username']; $receiver_uuid = $row['receiver_uuid']; if (!isset($members[$receiver_uuid]) || $receiver == 'uncovery') { continue; } $sql = "SELECT karma FROM minecraft_srvr.karma\r\n LEFT JOIN minecraft_srvr.UUID AS sender ON sender_uuid=sender.uuid\r\n WHERE receiver_uuid = '{$receiver_uuid}'\r\n\t AND sender.lot_count > 0"; $sender_data = umc_mysql_fetch_all($sql); $pos_karma = 0; $neg_karma = 0; foreach ($sender_data as $send_row) { if ($send_row['karma'] > 0) { $pos_karma = $pos_karma + $send_row['karma']; } else { if ($send_row['karma'] < 0) { $neg_karma = $neg_karma + $send_row['karma']; } } } $sum_karma = $pos_karma + $neg_karma; $out_data[] = array('username' => $receiver, 'karma' => $sum_karma, 'Positive Karma' => $pos_karma, 'Negative Karma' => $neg_karma); } echo umc_web_table("karma", 1, $out_data, '', array(), array('username'), false); }
/** * returns likely accounts shared by UUIDs * and donations given after the user last logged in * */ function umc_web_usercheck() { XMPP_ERROR_trace(__FUNCTION__, func_get_args()); $tables = array('Same IP' => 'last_ip', 'Same Browser' => 'browser_id', 'Same TeamSpeak' => 'ts_uuid'); $out = ''; foreach ($tables as $table_name => $crit_field) { $sql = "SELECT {$crit_field} FROM minecraft_srvr.UUID WHERE {$crit_field} <> '' " . "GROUP BY {$crit_field} HAVING count({$crit_field}) > 1 ORDER BY count({$crit_field}) DESC, onlinetime DESC"; $L = umc_mysql_fetch_all($sql); $out_arr = array(); foreach ($L as $l) { $line_sql = "SELECT username, userlevel, lot_count, onlinetime, INET_NTOA(last_ip) as ip, " . "CONCAT(browser_id, '<br>', ts_uuid) AS 'Browser & TS ID' " . "FROM minecraft_srvr.UUID WHERE {$crit_field} = '{$l[$crit_field]}'" . "ORDER BY onlinetime DESC"; $D = umc_mysql_fetch_all($line_sql); foreach ($D as $d) { $out_arr[] = $d; } } $out .= umc_web_table($table_name, 0, $out_arr, "<h2>{$table_name}</h2>"); } $sql_donations = 'SELECT id as d_id, amount, UUID.username, email, date as d_date, lastlogin, userlevel, lot_count ' . 'FROM minecraft_srvr.donations ' . 'LEFT JOIN minecraft_srvr.UUID on minecraft_srvr.donations.uuid=UUID.UUID ' . 'WHERE UUID.lastlogin < date '; $C = umc_mysql_fetch_all($sql_donations); $out .= umc_web_table('Late Donations', 0, $C, "<h2>Late Donations</h2>"); return $out; }
/** * returns likely accounts shared by UUIDs * */ function umc_web_usercheck() { XMPP_ERROR_trace(__FUNCTION__, func_get_args()); $tables = array('Same IP' => 'last_ip', 'Same Browser' => 'browser_id', 'Same TeamSpeak' => 'ts_uuid'); $out = ''; foreach ($tables as $table_name => $crit_field) { $sql = "SELECT {$crit_field} FROM minecraft_srvr.UUID WHERE {$crit_field} <> '' " . "GROUP BY {$crit_field} HAVING count({$crit_field}) > 1 ORDER BY count({$crit_field}) DESC, onlinetime DESC"; $L = umc_mysql_fetch_all($sql); $out_arr = array(); foreach ($L as $l) { $line_sql = "SELECT username, userlevel, lot_count, onlinetime, INET_NTOA(last_ip) as ip, " . "CONCAT(browser_id, '<br>', ts_uuid) AS 'Browser & TS ID' " . "FROM minecraft_srvr.UUID WHERE {$crit_field} = '{$l[$crit_field]}'" . "ORDER BY onlinetime DESC"; $D = umc_mysql_fetch_all($line_sql); foreach ($D as $d) { $out_arr[] = $d; } } $out .= umc_web_table($table_name, 0, $out_arr, "<h2>{$table_name}</h2>"); } return $out; }
/** * displays an interface for email on the website * * @global type $UMC_USER * @return string */ function umc_mail_web() { XMPP_ERROR_trace(__FUNCTION__, func_get_args()); global $UMC_USER, $UMC_DOMAIN; if (!$UMC_USER) { return "You have to be logged in to use this!"; } $uuid = $UMC_USER['uuid']; $username = $UMC_USER['username']; $folder_arr = array('inbox' => "recipient_uuid='{$uuid}' AND (status='sent' OR status='read')", 'outbox' => "sender_uuid='{$uuid}' AND (status='sent')", 'drafts' => "sender_uuid='{$uuid}' AND (status='draft')", 'trash' => "(recipient_uuid='{$uuid}' AND status IN ('deleted_receiver','deleted_both')) OR (sender_uuid='{$uuid}' AND status IN ('deleted_sender','deleted_both'))"); $selected = array(); $action = filter_input(INPUT_POST, 'action', FILTER_SANITIZE_STRING); if (!isset($action)) { $action = filter_input(INPUT_GET, 'action', FILTER_SANITIZE_STRING); } $out = '<div id="umc_ajax_container" class="webmail" style="display:block">' . "\n"; // XMPP_ERROR_trigger("Mail"); $sani_post = filter_input_array(INPUT_POST, FILTER_SANITIZE_STRING); $out .= "\n<!-- POST CHECK // \n" . var_export($sani_post, true) . " \n// end -->\n"; $sani_get = filter_input_array(INPUT_GET, FILTER_SANITIZE_STRING); $out .= "\n<!-- GET CHECK // \n" . var_export($sani_get, true) . " \n// end -->\n"; $subject = ''; $message = ''; $recipient = ''; $error = ''; $msg_id = ''; if ($action == 'Mark all read') { $read_sql = "UPDATE minecraft_srvr.`user_mail` SET status='read' WHERE recipient_uuid='{$uuid}';"; umc_mysql_query($read_sql, true); } if ($action == 'Reply') { $recipient = filter_input(INPUT_POST, 'sender', FILTER_SANITIZE_STRING); $subject = "Re: " . htmlentities(filter_input(INPUT_POST, 'subject', FILTER_SANITIZE_STRING)); $action = "New Mail"; } else { if ($action == 'Delete' || $action == 'Undelete') { $msg_id = filter_input(INPUT_POST, 'msg_id', FILTER_SANITIZE_NUMBER_INT); $recipient_uuid = filter_input(INPUT_POST, 'recipient_uuid', FILTER_SANITIZE_STRING); $sender_uuid = filter_input(INPUT_POST, 'sender_uuid', FILTER_SANITIZE_STRING); $status = filter_input(INPUT_POST, 'status', FILTER_SANITIZE_STRING); if ($sender_uuid == $uuid) { $role = 'sender'; } else { if ($recipient_uuid == $uuid) { $role = 'recipient'; } } umc_mail_delete_update_status($status, $role, $msg_id); } else { if ($action == 'Send' || $action == 'Save Draft') { // send message $subject = filter_input(INPUT_POST, 'subject', FILTER_SANITIZE_STRING); $message = filter_input(INPUT_POST, 'message', FILTER_SANITIZE_STRING); $recipient = strtolower(filter_input(INPUT_POST, 'recipient', FILTER_SANITIZE_STRING)); $recipient_uuid = umc_user2uuid($recipient); $check = umc_check_user($recipient_uuid); if ($recipient == $username) { $check = false; $error = "You cannot send emails to yourself!"; } else { if (!$check) { $error = "ERROR: Recipient '{$recipient}' could not be found!"; $recipient = ''; } } $msg_id = filter_input(INPUT_GET, 'msg_id', FILTER_SANITIZE_NUMBER_INT); if (strlen($message) < 5) { $error = "Your message is too short!"; $action = "New Mail"; $check = false; } else { if (strlen($subject) < 5) { $error = "Your subject is too short!"; $action = "New Mail"; $check = false; } } if ($action == 'Send' && !$check) { // only complain if we are trying to send $action = "New Mail"; } else { umc_mail_send_backend($recipient_uuid, $uuid, $message, $subject, $action, $msg_id); $action = ''; } } } } $out .= $error; if ($action == 'edit') { $msg_id = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT); $onemail_sql = "SELECT `msg_id`, `date_time`, `recipient_uuid`, username, `title`, `message`, `status`\r\n FROM minecraft_srvr.`user_mail`\r\n LEFT JOIN minecraft_srvr.UUID ON recipient_uuid=UUID\r\n WHERE msg_id={$msg_id} AND sender_uuid='{$uuid}' AND status='draft';"; $mail_data = umc_mysql_fetch_all($onemail_sql); if (count($mail_data) == 0) { $out .= "ERROR: The draft email with ID {$msg_id} could not be found!"; } else { $mail = $mail_data[0]; $recipient = $mail['username']; $subject = htmlentities(trim($mail['subject'])); $message = htmlentities(trim($mail['message'])); $msg_id = $mail['msg_id']; $action = "New Mail"; } } $msg_id = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT); if ($action == 'New Mail') { //onsubmit=\"return umcAjaxFormProcess('" . umc_web_curr_url() . "', event)\" $out .= "<form id=\"newmailform\" method=\"post\"><div>\n" . "<span style=\"max-width:50%;\">Recipient: <input type=\"text\" name=\"recipient\" value=\"{$recipient}\" style=\"width:35%;\" maxlength=\"32\"></span>\n " . "<span style=\"max-width:50%;\">Subject: <input type=\"text\" name=\"subject\" value=\"{$subject}\" style=\"width:35%;\" maxlength=\"32\"></span><br>\n" . "Message:<br><textarea name=\"message\" value=\"\" rows=\"10\" style=\"width:100%;\">{$message}</textarea><input type=\"hidden\" name=\"msg_id\" value=\"\">\n" . "<input type=\"submit\" name=\"action\" value=\"Send\"><input type=\"submit\" name=\"action\" value=\"Save Draft\"><input type=\"submit\" name=\"action\" value=\"Cancel\">\n" . "</div></form>"; } else { if ($action == 'mail' && is_numeric($msg_id)) { $onemail_sql = "SELECT `msg_id`, `date_time`, `sender_uuid`, `recipient_uuid`, `title` as subject, `message`, `status` FROM minecraft_srvr.`user_mail`\r\n WHERE msg_id={$msg_id} AND (recipient_uuid='{$uuid}' OR sender_uuid='{$uuid}');"; $mail_data = umc_mysql_fetch_all($onemail_sql); if (count($mail_data) == 0) { $out .= "ERROR: The email with ID {$msg_id} could not be found!<br>"; $out .= "<a href=\"{$UMC_DOMAIN}/server-access/mail/\">Back</a>"; } else { // onsubmit=\"return umcAjaxFormProcess('" . umc_web_curr_url() . "', event)\" $out .= "<a href=\"{$UMC_DOMAIN}/server-access/mail/\">Back</a><br>"; $out .= "\n<form id=\"newmailform\" method=\"POST\" action=\"{$UMC_DOMAIN}/server-access/mail/\">\n<div>"; $mail = array(); foreach ($mail_data[0] as $field => $value) { $mail[$field] = htmlentities(stripslashes(trim($value))); } $buttons = "<div style=\"float:right\">"; if (in_array($mail['status'], array('deleted_receiver', 'deleted_both'))) { $buttons .= " <input type=\"submit\" name=\"action\" value=\"Undelete\">"; } else { $buttons .= " <input type=\"submit\" name=\"action\" value=\"Delete\">"; } if ($mail['recipient_uuid'] == $uuid) { $buttons .= " <input type=\"submit\" name=\"action\" value=\"Reply\">"; } $buttons .= "</div>"; if ($mail['status'] == 'sent') { $read_sql = "UPDATE minecraft_srvr.`user_mail` SET status='read' WHERE msg_id={$mail['msg_id']};"; umc_mysql_query($read_sql, true); $mail['status'] = 'read'; } $sender = umc_user2uuid($mail['sender_uuid']); $recipient = umc_user2uuid($mail['recipient_uuid']); $out .= "<div class=\"line\"><div style=\"float:left;width:33%;\"><label>From:</label><span class=\"field\">{$sender}</span></div>\n" . "<div style=\"float:left;width:33%;\"><label>To:</label><span class=\"field\">{$recipient}</span></div>\n" . "<div style=\"float:left;width:33%;\"><label>Date:</label><span class=\"field\">{$mail['date_time']}</span></div>\n" . "<div style=\"clear:both;\"></div>\n</div>" . "{$buttons}<div class=\"line\" style=\"overflow:hidden\"><label>Subject:</label><span class=\"field\">{$mail['subject']}</span></div>\n" . "<div style=\"clear:both;\"></div>\n" . "<div class=\"line\"><label>Message:</label><br>" . "<div class=\"field\">{$mail['message']}</div>\n</div>\n" . "<input type=\"hidden\" name=\"status\" value=\"{$mail['status']}\">" . "<input type=\"hidden\" name=\"sender\" value=\"{$sender}\">" . "<input type=\"hidden\" name=\"subject\" value=\"{$mail['subject']}\">" . "<input type=\"hidden\" name=\"recipient_uuid\" value=\"{$mail['recipient_uuid']}\">" . "<input type=\"hidden\" name=\"msg_id\" value=\"{$msg_id}\">" . "<input type=\"hidden\" name=\"sender_uuid\" value=\"{$mail['sender_uuid']}\">" . "</div></form>"; } } else { // show folder if (!isset($post_folder)) { $post_folder = filter_input(INPUT_POST, 'folder', FILTER_SANITIZE_STRING); } $sql_filter = $folder_arr['inbox']; if (isset($post_folder) && $post_folder != 'inbox') { if (isset($folder_arr[$post_folder])) { $sql_filter = $folder_arr[$post_folder]; } else { $out .= "<h2>Folder {$post_folder} cannot be found!</h2>"; } } // get the current value $alerts_saved = umc_wp_get_meta($uuid, 'mc_mail_alerts'); $alerts_choice = filter_input(INPUT_POST, 'email_alerts', FILTER_SANITIZE_STRING); $submit = filter_input(INPUT_POST, 'submit_form', FILTER_SANITIZE_STRING); // update database only if form was submitted if ($submit == 'submit_form') { if ($alerts_choice == 'email_alerts' && $alerts_saved == 'false') { umc_wp_set_meta($uuid, 'mc_mail_alerts', 'true'); $alerts_saved = 'true'; } else { if ($alerts_choice == NULL && $alerts_saved == 'true') { umc_wp_set_meta($uuid, 'mc_mail_alerts', 'false'); $alerts_saved = 'false'; } } } $out .= "<form action=\"\" method=\"post\">\n<div class=\"line\">\nFolder: <select name=\"folder\" onchange='this.form.submit()'>"; $selected[$post_folder] = " selected=\"selected\""; foreach ($folder_arr as $folder => $str_filter) { $folder_str = ucwords($folder); $sel_str = ''; if (isset($selected[$folder])) { $sel_str = $selected[$folder]; } $out .= "<option value=\"{$folder}\"{$sel_str}>{$folder_str}</option>"; } $checked = ''; if ($alerts_saved == 'true') { $checked = 'checked="checked"'; } $out .= "</select>\n<input type=\"submit\" name=\"action\" value=\"New Mail\"><input type=\"submit\" name=\"action\" value=\"Mark all read\"><input type=\"hidden\" name=\"submit_form\" value=\"submit_form\">\n" . "<span style=\"float:right;\"><input type=\"checkbox\" name=\"email_alerts\" value=\"email_alerts\" {$checked} onchange='this.form.submit()'> Send e-mail alerts</span>" . "</div></form>\n"; $sql = "SELECT `msg_id`, `date_time`, s_ref.username as sender, r_ref.username as recipient, `title` as subject, status\r\n FROM minecraft_srvr.`user_mail`\r\n LEFT JOIN minecraft_srvr.UUID as s_ref on sender_uuid=s_ref.UUID\r\n LEFT JOIN minecraft_srvr.UUID as r_ref on recipient_uuid=r_ref.UUID\r\n WHERE {$sql_filter} ORDER BY date_time DESC;"; $status_header = ""; if ($post_folder == 'outbox') { $status_header = '<th>Status</th>'; } $D = umc_mysql_fetch_all($sql); $non_numeric = array('date_time', 'sender', 'recipient', 'subject'); $formats = array('sender' => 'umc_mail_web_formats', 'status' => 'umc_mail_web_formats', 'recipient' => 'umc_mail_web_formats', 'subject' => 'umc_mail_web_formats'); $hide_cols = array('msg_id'); $check = umc_web_table("mail", "0, 'desc'", $D, '', $hide_cols, $non_numeric, $formats); if (!$check) { XMPP_ERROR_trigger("Error creating web_table with SQL {$sql}"); $out .= "Error creating data table. Admin was notified, please wait until it is fixed"; } else { $out .= $check; } } } $out .= "</div>\n"; return $out; }