<?php
require_once 'engine/init.php';
include 'layout/overall/header.php';
if ($config['log_ip']) {
znote_visitor_insert_detailed_data(4);
}
if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
$name = $_GET['name'];
$user_id = user_character_exist($name);
if ($user_id !== false) {
if ($config['TFSVersion'] == 'TFS_10') {
$profile_data = user_character_data($user_id, 'name', 'level', 'vocation', 'lastlogin', 'sex');
$profile_data['online'] = user_is_online_10($user_id);
if ($config['Ach'] == true) {
$achievementPoints = mysql_select_single("SELECT SUM(`value`) AS `sum` FROM `player_storage` WHERE `key` LIKE '30___' AND `player_id`='{$user_id}'");
}
} else {
$profile_data = user_character_data($user_id, 'name', 'level', 'vocation', 'lastlogin', 'online', 'sex');
}
$profile_znote_data = user_znote_character_data($user_id, 'created', 'hide_char', 'comment');
$guild_exist = false;
if (get_character_guild_rank($user_id) > 0) {
$guild_exist = true;
$guild = get_player_guild_data($user_id);
$guild_name = get_guild_name($guild['guild_id']);
}
?>
<!-- PROFILE MARKUP HERE-->
<h1><font class="profile_font" name="profile_font_header">Profile: <?php
$order = mysql_select_single("SELECT `id`, `account_id` FROM `znote_shop_orders` WHERE `type`='4' AND `account_id` = '{$accountId}' LIMIT 1;");
if ($order === false) {
$errors[] = 'Did not find any name change tickets, buy them in our <a href="shop.php">shop!</a>';
}
// Check if player and account matches
if ($session_user_id != $accountId || $session_user_id != $order['account_id']) {
$errors[] = 'Failed to sync your account. :|';
}
$newname = validate_name($newname);
if ($newname === false) {
$errors[] = 'Your name can not contain more than 2 words.';
} else {
if (empty($newname)) {
$errors[] = 'Please enter a name!';
} else {
if (user_character_exist($newname) !== false) {
$errors[] = 'Sorry, that character name already exist.';
} else {
if (!preg_match("/^[a-zA-Z_ ]+\$/", $newname)) {
$errors[] = 'Your name may only contain a-z, A-Z and spaces.';
} else {
if (strlen($newname) < $config['minL'] || strlen($newname) > $config['maxL']) {
$errors[] = 'Your character name must be between ' . $config['minL'] . ' - ' . $config['maxL'] . ' characters long.';
} else {
if (!ctype_upper($newname[0])) {
$errors[] = 'The first letter of a name has to be a capital letter!';
}
}
}
}
}
// Give points to character
if (empty($_POST['points_char']) === false && empty($_POST['points_value']) === false) {
$char = sanitize($_POST['points_char']);
$points = (int) $_POST['points_value'];
data_dump($_POST, false, "post data");
$account = mysql_select_single("SELECT `account_id` FROM `players` WHERE `name`='{$char}' LIMIT 1;");
data_dump($account, false, "fetching account id from players table");
$znote_account = mysql_select_single("SELECT `id`, `points` FROM `znote_accounts` WHERE `account_id`='" . $account['account_id'] . "';");
data_dump($znote_account, false, "Fetching existing points from znote_accounts");
data_dump(array('Old:' => $znote_account['points'], 'New:' => $points, 'Total:' => $znote_account['points'] + $points), false, "Points calculation:");
$points += $znote_account['points'];
mysql_update("UPDATE `znote_accounts` SET `points`='{$points}' WHERE `account_id`='" . $account['account_id'] . "';");
}
// Set character position
if (empty($_POST['position_name']) === false && empty($_POST['position_type']) === false) {
if (user_character_exist($_POST['position_name'])) {
if (array_key_exists($_POST['position_type'], $config['ingame_positions'])) {
if ($config['TFSVersion'] == 'TFS_02' || $config['TFSVersion'] == 'TFS_10') {
set_ingame_position($_POST['position_name'], $_POST['position_type']);
} else {
if ($config['TFSVersion'] == 'TFS_03') {
set_ingame_position03($_POST['position_name'], $_POST['position_type']);
}
}
$pos = 'Undefined';
foreach ($config['ingame_positions'] as $key => $value) {
if ($key == $_POST['position_type']) {
$pos = $value;
}
}
$errors[] = 'Character ' . $_POST['position_name'] . ' recieved the ingame position: ' . $pos . '.';
function set_rule_violation($charname, $typeid, $actionid, $reasonid, $time, $comment)
{
$charid = user_character_id($charname);
$typeid = (int) $typeid;
$actionid = (int) $actionid;
$reasonid = (int) $reasonid;
$time = (int) ($time + time());
$data = user_character_data($charid, 'account_id', 'lastip');
$accountid = $data['account_id'];
$charip = $data['lastip'];
$comment = sanitize($comment);
// ...
$bannedby = config('website_char');
if (user_character_exist($bannedby)) {
$bannedby = user_character_id($bannedby);
if (Config('TFSVersion') === 'TFS_02') {
mysql_insert("INSERT INTO `bans` (`type` ,`ip` ,`mask` ,`player` ,`account` ,`time` ,`reason_id` ,`action_id` ,`comment` ,`banned_by`) VALUES ('{$typeid}', '{$charip}', '4294967295', '{$charid}', '{$accountid}', '{$time}', '{$reasonid}', '{$actionid}', '{$comment}', '{$bannedby}');");
} elseif (Config('TFSVersion') === 'TFS_03') {
$now = time();
switch ($typeid) {
case 1:
// IP ban
mysql_insert("INSERT INTO `bans` (`type`, `value`, `param`, `active`, `expires`, `added`, `admin_id`, `comment`) VALUES ('{$typeid}', '{$charip}', '4294967295', '1', '{$time}', '{$now}', '{$bannedby}', '{$comment}');");
break;
case 2:
// namelock
mysql_insert("INSERT INTO `bans` (`type`, `value`, `param`, `active`, `expires`, `added`, `admin_id`, `comment`) VALUES ('{$typeid}', '{$charid}', '4294967295', '1', '{$time}', '{$now}', '{$bannedby}', '{$comment}');");
break;
case 3:
// acc ban
mysql_insert("INSERT INTO `bans` (`type`, `value`, `param`, `active`, `expires`, `added`, `admin_id`, `comment`) VALUES ('{$typeid}', '{$accountid}', '4294967295', '1', '{$time}', '{$now}', '{$bannedby}', '{$comment}');");
break;
case 4:
// notation
mysql_insert("INSERT INTO `bans` (`type`, `value`, `param`, `active`, `expires`, `added`, `admin_id`, `comment`) VALUES ('{$typeid}', '{$charid}', '4294967295', '1', '{$time}', '{$now}', '{$bannedby}', '{$comment}');");
break;
case 5:
// deletion
mysql_insert("INSERT INTO `bans` (`type`, `value`, `param`, `active`, `expires`, `added`, `admin_id`, `comment`) VALUES ('{$typeid}', '{$charid}', '4294967295', '1', '{$time}', '{$now}', '{$bannedby}', '{$comment}');");
break;
}
} elseif (Config('TFSVersion') === 'TFS_10') {
$now = time();
switch ($typeid) {
case 1:
// IP ban
mysql_insert("INSERT INTO `ip_bans` (`ip`, `reason`, `banned_at`, `expires_at`, `banned_by`) VALUES ('{$charip}', '{$comment}', '{$now}', '{$time}', '{$bannedby}');");
break;
case 2:
// namelock
mysql_insert("INSERT INTO `player_namelocks` (`player_id`, `reason`, `namelocked_at`, `namelocked_by`) VALUES ('{$charid}', 'comment', '{$now}', '{$bannedby}');");
break;
case 3:
// acc ban
mysql_insert("INSERT INTO `account_bans` (`account_id`, `reason`, `banned_at`, `expires_at`, `banned_by`) VALUES ('{$accountid}', '{$comment}', '{$now}', '{$time}', '{$bannedby}');");
break;
case 4:
// notation
data_dump(false, array('status' => false), "Function deprecated. Ban option does not exist in TFS 1.0.");
die;
break;
case 5:
// deletion
data_dump(false, array('status' => false), "Function deprecated. Ban option does not exist in TFS 1.0.");
die;
break;
}
}
return true;
} else {
return false;
}
}
foreach ($_POST as $key => $value) {
if (empty($value) && in_array($key, $required_fields) === true) {
$errors[] = 'You need to fill in all fields.';
break 1;
}
}
// check errors (= user exist, pass long enough
if (empty($errors) === true) {
if (!Token::isValid($_POST['token'])) {
$errors[] = 'Token is invalid.';
}
$_POST['name'] = validate_name($_POST['name']);
if ($_POST['name'] === false) {
$errors[] = 'Your name can not contain more than 2 words.';
} else {
if (user_character_exist($_POST['name']) !== false) {
$errors[] = 'Sorry, that character name already exist.';
}
if (!preg_match("/^[a-zA-Z_ ]+\$/", $_POST['name'])) {
$errors[] = 'Your name may only contain a-z, A-Z and spaces.';
}
if (strlen($_POST['name']) < $config['minL'] || strlen($_POST['name']) > $config['maxL']) {
$errors[] = 'Your character name must be between 4 - 20 characters long.';
}
// name restriction
$resname = explode(" ", $_POST['name']);
foreach ($resname as $res) {
if (in_array(strtolower($res), $config['invalidNameTags'])) {
$errors[] = 'Your username contains a restricted word.';
} else {
if (strlen($res) == 1) {
}
if ($chardata['online'] == 0) {
if ($config['TFSVersion'] !== 'TFS_10') {
update_player_guild_position($p_cid, $p_rid);
} else {
update_player_guild_position_10($p_cid, $p_rid);
}
header('Location: guilds.php?name=' . $_GET['name']);
exit;
} else {
echo '<font color="red" size="4">Character not offline.</font>';
}
}
}
if (!empty($_POST['invite'])) {
if (user_character_exist($_POST['invite'])) {
// Make sure they are not in another guild
if ($config['TFSVersion'] != 'TFS_10') {
$charname = sanitize($_POST['invite']);
$playerdata = mysql_select_single("SELECT `id`, `rank_id` FROM `players` WHERE `name`='{$charname}' LIMIT 1;");
$charid = $playerdata['id'];
$membership = $playerdata['rank_id'] > 0 ? true : false;
} else {
$charid = user_character_id($_POST['invite']);
$membership = mysql_select_single("SELECT `rank_id` FROM `guild_membership` WHERE `player_id`='{$charid}' LIMIT 1;");
}
if (!$membership) {
//
$status = false;
if ($inv_data !== false) {
foreach ($inv_data as $inv) {
<font color="red" size="7">Player must be offline!</font>
<?php
}
}
// Stage 1: Fetch name
if (isset($_GET['name'])) {
$name = getValue($_GET['name']);
} else {
$name = false;
}
//if (isset($_POST['name'])) $name = getValue($_POST['name']);
// Stage 2: Fetch user id and skills
$skills = false;
$pid = 0;
if ($name !== false) {
if (user_character_exist($name)) {
$pid = user_character_id($name);
if ($config['TFSVersion'] != 'TFS_10') {
$skills = mysql_select_multi("SELECT `value` FROM `player_skills` WHERE `player_id`='{$pid}' LIMIT 7;");
$player = mysql_select_single("SELECT `maglevel`, `level`, `vocation` FROM `players` WHERE `id`='{$pid}' LIMIT 1;");
$skills[] = array('value' => $player['maglevel']);
$skills[] = array('value' => $player['level']);
$skills[] = array('value' => $player['vocation']);
} else {
$player = mysql_select_single("SELECT `skill_fist`, `skill_club`, `skill_sword`, `skill_axe`, `skill_dist`, `skill_shielding`, `skill_fishing`, `maglevel`, `level`, `vocation` FROM `players` WHERE `id`='{$pid}' LIMIT 1;");
$skills = array(0 => array('value' => $player['skill_fist']), 1 => array('value' => $player['skill_club']), 2 => array('value' => $player['skill_sword']), 3 => array('value' => $player['skill_axe']), 4 => array('value' => $player['skill_dist']), 5 => array('value' => $player['skill_shielding']), 6 => array('value' => $player['skill_fishing']), 7 => array('value' => $player['maglevel']), 8 => array('value' => $player['level']), 9 => array('value' => $player['vocation']));
}
//data_dump($skills, false, "Player skills");
} else {
$name = false;
}
/**
* Create player.
*
* @param none
* @access public
* @return bool $status
**/
public function create()
{
// If player already have an id, the player already exist.
if (is_null($this->_playerdata['id']) && is_string($this->_playerdata['name'])) {
// Confirm player does not exist
$name = format_character_name($this->_playerdata['name']);
$name = validate_name($name);
$name = sanitize($name);
$exist = mysql_select_single("SELECT `id` FROM `players` WHERE `name`='{$name}' LIMIT 1;");
if ($exist !== false) {
$this->errors[] = "A player with the name [{$name}] already exist.";
return false;
}
$config = fullConfig();
if (user_character_exist($_POST['name']) !== false) {
$errors[] = 'Sorry, that character name already exist.';
}
if (!preg_match("/^[a-zA-Z_ ]+\$/", $_POST['name'])) {
$errors[] = 'Your name may only contain a-z, A-Z and spaces.';
}
if (strlen($_POST['name']) < $config['minL'] || strlen($_POST['name']) > $config['maxL']) {
$errors[] = 'Your character name must be between ' . $config['minL'] . ' - ' . $config['maxL'] . ' characters long.';
}
// name restriction
$resname = explode(" ", $_POST['name']);
foreach ($resname as $res) {
if (in_array(strtolower($res), $config['invalidNameTags'])) {
$errors[] = 'Your username contains a restricted word.';
} else {
if (strlen($res) == 1) {
$errors[] = 'Too short words in your name.';
}
}
}
// Validate vocation id
if (!in_array((int) $_POST['selected_vocation'], $config['available_vocations'])) {
$errors[] = 'Permission Denied. Wrong vocation.';
}
// Validate town id
if (!in_array((int) $_POST['selected_town'], $config['available_towns'])) {
$errors[] = 'Permission Denied. Wrong town.';
}
// Validate gender id
if (!in_array((int) $_POST['selected_gender'], array(0, 1))) {
$errors[] = 'Permission Denied. Wrong gender.';
}
if (vocation_id_to_name($_POST['selected_vocation']) === false) {
$errors[] = 'Failed to recognize that vocation, does it exist?';
}
if (town_id_to_name($_POST['selected_town']) === false) {
$errors[] = 'Failed to recognize that town, does it exist?';
}
if (gender_exist($_POST['selected_gender']) === false) {
$errors[] = 'Failed to recognize that gender, does it exist?';
}
// Char count
$char_count = user_character_list_count($session_user_id);
if ($char_count >= $config['max_characters']) {
$errors[] = 'Your account is not allowed to have more than ' . $config['max_characters'] . ' characters.';
}
if (validate_ip(getIP()) === false && $config['validate_IP'] === true) {
$errors[] = 'Failed to recognize your IP address. (Not a valid IPv4 address).';
}
echo "create player";
// Make sure all neccesary values are set
//Register
$character_data = array('name' => format_character_name($_POST['name']), 'account_id' => $session_user_id, 'vocation' => $_POST['selected_vocation'], 'town_id' => $_POST['selected_town'], 'sex' => $_POST['selected_gender'], 'lastip' => ip2long(getIP()), 'created' => time());
array_walk($character_data, 'array_sanitize');
$cnf = fullConfig();
if ($character_data['sex'] == 1) {
$outfit_type = $cnf['maleOutfitId'];
} else {
$outfit_type = $cnf['femaleOutfitId'];
}
// Create the player
} else {
echo "Player already exist.";
return false;
}
}