function down($from, $c, $id) { $set = check_get($_GET[set]); $actual_order = get_actual_order($from, $c, $id); $query1 = "UPDATE " . PREFIX . "{$from} SET {$c}={$actual_order} WHERE {$c}={$actual_order}+1 LIMIT 1"; $query2 = "UPDATE " . PREFIX . "{$from} SET {$c}={$actual_order}+1 WHERE id={$id} LIMIT 1;"; if ($set == "vyrobky") { $query = "SELECT druh FROM " . PREFIX . "{$from} WHERE id = '{$id}' LIMIT 1"; $lng_id_query = mysql_query($query, $GLOBALS["link"]) or die("" . $query . " <br> " . mysql_error($GLOBALS["link"])); $lng_id = mysql_fetch_assoc($lng_id_query); $id_druh = $lng_id[druh]; $query1 = "UPDATE " . PREFIX . "{$from} SET {$c}={$actual_order} WHERE {$c}={$actual_order}+1 AND druh={$id_druh} LIMIT 1"; $query2 = "UPDATE " . PREFIX . "{$from} SET {$c}={$actual_order}+1 WHERE id={$id} AND druh={$id_druh} LIMIT 1;"; } //echo "{$query1} <br>"; //echo "{$query2} <br>"; $down_query = mysql_query($query1, $GLOBALS["link"]) or die("" . $query1 . " <br> " . mysql_error($GLOBALS["link"])); $down_query = mysql_query($query2, $GLOBALS["link"]) or die("" . $query2 . " <br> " . mysql_error($GLOBALS["link"])); }
<?php include '../functions/functions.php'; session_start(); echo $_COOKIE['login']; if (!isset($_SESSION['username']) || empty($_SESSION['username'])) { session_destroy(); header('Location:index.php'); exit; } /* Controlador de acciones */ $a = check_get('a'); switch ($a) { case 'login': check_login(); break; case 'register': echo "quieres registrarte"; break; case 'forgot': echo "quieres recuperar tu contraseña"; break; case 'logout': end_session(); break; } ?> <!doctype html> <html class="no-js" lang="en"> <head> <meta charset="utf-8" />
} echo "\r\n <p>\r\n <a href=\"?vyber={$vyber}&action=del&id={$all['id']}&confirm=OK\">Áno, vymazať</a>\r\n ----- \r\n <a href=\"?vyber={$vyber}&action=edit&id={$id}\">Nie, vrátiť sa späť</a>\r\n </p>"; } } if ($action == "insert") { if ($_POST[submit]) { $max_order = get_max($table, "poradie", $druh) + 1; $query = "INSERT INTO " . PREFIX . "{$table} (id, vyrobok, parent, druh, seria, popis_serie, rozmer, hmotnost, poradie, zobraz) \r\n VALUES (\"\", \"{$vyrobok}\", \"{$rodic}\", \"{$druh}\", \"{$seria}\", \"{$popis_serie}\", \"{$rozmer}\", \"{$hmotnost}\", {$max_order}, {$zobraz})"; echo $query; $result_menu = mysql_query($query, $GLOBALS[link]) or die("SQL nebol uspesne napojeny<br>" . $query . " <br> " . mysql_error($GLOBALS[link])); header("location: ?vyber={$vyber}"); } else { $lng = check_get($_GET[lng]); $meno = check_get($_GET[meno]); $title = check_get($_GET[title]); $meta_descr = check_get($_GET[meta_descr]); echo "<form action=\"?vyber={$vyber}&action={$action}\" method=\"POST\"><br />\n"; echo "<label for=\"vyrobok\">výrobok</label><input type=\"text\" value=\"{$lng}\" name=\"vyrobok\"><br />\n"; echo "<label for=\"rozmer\">rozmer</label><input type=\"text\" value=\"\" name=\"rozmer\"><br />\n"; echo "<label for=\"hmotnost\">hmotnost</label><input type=\"text\" value=\"\" name=\"hmotnost\"><br />\n"; echo "<label for=\"rodic\">rodič</label><select name=\"rodic\">"; $query = "SELECT id, vyrobok FROM " . PREFIX . "{$table} WHERE parent=0 ORDER BY vyrobok"; $druh_query = mysql_query($query, $GLOBALS["link"]) or die("" . $query . " <br> " . mysql_error($GLOBALS["link"])); echo "<option value=0> </option>"; while ($druh_id = mysql_fetch_assoc($druh_query)) { echo "<option value={$druh_id['id']}>{$druh_id['vyrobok']}</option>"; } echo "</select> \r\n <br />\n"; echo "<label for=\"druh\">druh</label><select name=\"druh\">"; $query = "SELECT id, druh FROM " . PREFIX . "druh"; $druh_query = mysql_query($query, $GLOBALS["link"]) or die("" . $query . " <br> " . mysql_error($GLOBALS["link"]));
<?php include_once "SQL.php"; // Guild page / war page to display check_get($guildPage, "gp"); $guildPage = intval($guildPage); check_get($warPage, "wp"); $warPage = intval($warPage); check_get($sortBy, "sortby"); if ($sortBy == "" || $sortBy == "guild_name") { $sort1 = "myrunuo_guilds.guild_name"; } else { $sort1 = $sortBy . " DESC"; } check_get($sortBy1, "sortby1"); if ($sortBy1 == "" || $sortBy1 == "guild_name") { $sort2 = "myrunuo_guilds.guild_name"; } else { $sort2 = $sortBy1 . " DESC"; } $sql = SQL::getConnection(); // Total guilds count $result = $sql->query("SELECT COUNT(*) FROM myrunuo_guilds"); $row = $result->fetch_assoc(); $totalGuilds = $row["COUNT(*)"]; // Total guilds at war $result = $sql->query("SELECT DISTINCT count(*) FROM myrunuo_guilds_wars GROUP BY guild_1"); $row = $result->fetch_assoc(); $totalWars = $row["COUNT(*)"]; // Chaos guilds total count $result = $sql->query("SELECT COUNT(*) FROM myrunuo_guilds WHERE guild_type = 'Chaos'");
<?php include_once "SQL.php"; check_get($currentPage, "tp"); $currentPage = intval($currentPage); check_get($flip, "flip"); if ($flip) { $sw = "desc"; } else { $sw = ""; } check_get($sortBy, "sortby"); $s = $sortBy; switch (strtolower($s)) { case "name": $sortBy = "char_name"; break; case "rank": $sortBy = "rank"; break; case "level": $sortBy = "level"; break; case "wins": $sortBy = "wins"; break; case "losses": $sortBy = "losses"; break; case "guild": $sortBy = "char_guild";
$query = "INSERT INTO " . PREFIX . "lng_{$table} (id, id_lng, id_{$table}, text ) \n VALUES (\"\", \"{$lng_id}\", \"{$id}\", \"{$text}\")"; echo $query; $result_menu = mysql_query($query, $GLOBALS[link]) or die("SQL nebol uspesne napojeny<br>" . $query . " <br> " . mysql_error($GLOBALS[link])); if ($set != "") { header("location: ?vyber={$set}&action=edit&id={$id}"); } else { header("location: ?vyber={$table}&action=edit&id={$id}"); } } else { //header("location: ?vyber=$vyber&action=$action&lng=$lng&meno=$meno&title=$title&meta_descr=$meta_descr"); } } else { $id = check_get($_GET[id]); $table = check_get($_GET[table]); $lng_id = check_get($_GET[lng_id]); $set = check_get($_GET[set]); echo "<form action=\"?vyber={$vyber}&action={$action}\" method=\"POST\"><br />\n"; echo "<input type=\"hidden\" value=\"{$set}\" name=\"set\"><br />\n"; echo "<input type=\"hidden\" value=\"{$id}\" name=\"id\"><br />\n"; echo "<input type=\"hidden\" value=\"{$lng_id}\" name=\"lng_id\"><br />\n"; echo "<input type=\"hidden\" value=\"{$table}\" name=\"table\"><br />\n"; echo "<textarea value=\"\" name=\"text\" class=\"widgEditor\">{$all['text']}</textarea>"; echo "\n <input type=\"submit\" name=\"submit\" value=\"OK\">\n\n </form>\n <p><a href=\"?vyber={$table}&action=edit&id={$id}\">Vrátiť sa späť</a></p>\n "; } } function get_max($from, $c) { $query = "SELECT MAX({$c}) FROM " . PREFIX . "{$from} LIMIT 1"; $lng_id_query = mysql_query($query, $GLOBALS["link"]) or die("" . $query . " <br> " . mysql_error($GLOBALS["link"])); $lng_id = mysql_fetch_assoc($lng_id_query); $max_order = $lng_id["MAX({$c})"];
// Check $_GET to see if the value submitted is // in the dates array function check_get($arr) { // Check the string to see if it is a date if (!empty($arr)) { foreach ($_GET as $var) { if (in_array($var, $arr)) { return TRUE; } } } return FALSE; } if (!empty($_GET)) { if (check_get($dates)) { $date = array_pop($_GET); } else { die("You entered an invalid date. Stop that"); } } else { $date = $dates[0]; } // Escape the string in case someone manually mysql_real_escape_string($date); // Get all the posts for the month AND USER selected $query = "SELECT * FROM posts WHERE date > STR_TO_DATE('" . $date . "', '%M %Y') AND date < LAST_DAY(STR_TO_DATE('" . $date . "', '%M %Y')) AND username = '******' ORDER BY date DESC"; $result = mysql_query($query); if (!$result) { die("Could not select that month"); }
<?php include_once "SQL.php"; function skillname($skillId, $skill) { global $skillnames; if ($skill / 10 >= 100) { $temp = "Grandmaster:<br>"; } else { $temp = ""; } $skillname = $skillnames[$skillId]; return $skillname; } check_get($id, "id"); $id = intval($id); echo <<<EOF <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title>View Player</title> <meta http-equiv="Content-Type" content="text/html; CHARSET=iso-8859-1"> <link rel="stylesheet" type="text/css" href="style.css"/> <link href="styles.css" rel="stylesheet" type="text/css" /> </head> <body> EOF; $sql = SQL::getConnection(); $result = $sql->query("SELECT serial, accounts.accounts.id, lastlogin, myrunuo_characters.char_id, accounts.characters.id FROM accounts.characters, accounts.accounts, myrunuo.myrunuo_characters WHERE accounts.characters.id = accounts.accounts.id AND SERIAL = myrunuo_characters.char_id AND myrunuo_characters.char_id = {$id}"); $row = $result->fetch_assoc();
?> <!doctype html> <html class="no-js" lang="en"> <head> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <title>Foundation | Welcome</title> <link rel="stylesheet" href="css/foundation.css" /> <script src="js/vendor/modernizr.js"></script> </head> <body> <?php /*Controlador de vistas*/ $v = check_get("v"); switch ($v) { case "register": include '../template/form_register.php'; break; case "forgot": include '../template/form_forgot.php'; break; default: include '../template/form_login.php'; } ?> <script src="js/vendor/jquery.js"></script> <script src="js/foundation.min.js"></script> <script>
<?php $pid = check_get("pid", "NUMERIC"); $p = check_get("p", "ALPHABETIC"); if ($pid == "false" and $p == "false") { notfound(); } $page_query = $sys->db->query_read("SELECT * FROM pages WHERE id='" . $pid . "' OR short_url='" . $p . "' AND module='content'"); $page = $sys->db->fetch_array($page_query); if (!$page) { notfound(); }
$msg = ""; // Check for sumitted response check_get($id, "id"); $id = intval($id); check_get($submit, "submit"); if ($submit != "") { // Get name user is searching for check_get($player, "charname"); // If the name input is less than 3 characters then flag error if (strlen($player) < 3) { $msg = "<font face=\"Arial\" size=\"2\" size=\"3\"></font>You must enter the name of the character you wish to search for. The name must be at least three letters long.</font><br>"; } else { // Setup exact / beginning name search $front = "LIKE '"; $back = "'"; check_get($which, "which"); if ($which == "0") { $front = "LIKE '%"; $back = "%'"; } $sql = SQL::getConnection(); $player = addslashes($player); $result = $sql->query("SELECT char_id, char_name, guild_id AS char_guild_id, myrunuo_guilds.guild_abbreviation, myrunuo_guilds.guild_name, myrunuo_guilds.guild_id FROM myrunuo_characters INNER JOIN myrunuo_guilds WHERE char_name {$front}{$player}{$back} AND guild_id = myrunuo_guilds.guild_id ORDER by char_name"); if ($result->num_rows) { // Cycle through all records and display hyper link with shard player while ($row = $result->fetch_assoc()) { $id = intval($row["char_id"]); $name = htmlspecialchars($row["char_name"]); $guildAbbreviation = $row["guild_abbreviation"]; $guildId = $row["guild_id"]; $guildName = $row["guild_name"];
<?php include '../functions/functions.php'; session_start(); if (!isset($_SESSION["username"]) || empty($_SESSION["username"])) { session_destroy(); header("location:index.php"); exit; } $a = check_get("a"); switch ($a) { case "login": check_login(); break; case "register": echo '¿quieres registrarte?'; break; case "forgot": echo '¿quieres recuperar tu contraseña?'; break; case "logout": end_session(); break; } ?> <!doctype html> <html class="no-js" lang="en"> <head> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" />
<?php include_once "SQL.php"; $sText = "Black"; check_get($currentPage, "tp"); $currentPage = intval($currentPage); check_get($findName, "fn"); if ($findName != "") { $where = "WHERE char_name LIKE '" . addslashes($findName) . "%'"; } else { $where = ""; } $sql = SQL::getConnection(); // Total public players if ($where != "") { $wherep = $where . " AND char_public=1"; } else { $wherep = "WHERE char_public=1"; } $result = $sql->query("SELECT COUNT(*) FROM myrunuo_characters {$wherep}"); $row = $result->fetch_assoc(); $totalPublic = $row["COUNT(*)"]; // Total players $result = $sql->query("SELECT COUNT(*) FROM myrunuo_characters {$where}"); $row = $result->fetch_assoc(); $totalPlayers = $row["COUNT(*)"]; // Player timestamp $result = $sql->query("SELECT time_datetime FROM myrunuo_timestamps WHERE time_type = 'Char'"); $row = $result->fetch_assoc(); $timestamp = $row["time_datetime"]; echo <<<EOF
} ?> <!doctype html> <html class="no-js" lang="en"> <head> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <title>Foundation | Welcome</title> <link rel="stylesheet" href="css/foundation.css" /> <script src="js/vendor/modernizr.js"></script> </head> <body> <?php /* CONTROLADOR DE VISTAS */ $v = check_get('v'); switch ($v) { case 'register': include '../templates/form-register.php'; break; case 'forgot': include '../templates/form-forgot.php'; break; default: include '../templates/form-login.php'; } ?> <script src="js/vendor/jquery.js"></script> <script src="js/foundation.min.js"></script> <script>
<?php $q = check_get('q', 'NUM_ALPH'); $sql = $sys->db->query("SELECT * FROM translations WHERE value LIKE '%{$q}%'"); while ($rs = $sys->db->fetch_array($sql)) { $cname = $rs['value']; echo "{$cname}\n"; }
<?php include_once "SQL.php"; check_get($id, "id"); $id = intval($id); check_get($nc, "nc"); $nc = intval($nc); check_get($guild, "g"); $guild = htmlspecialchars($guild); $guild = htmlspecialchars($guild); $sql = SQL::getConnection(); // Skills timestamp $result = $sql->query("SELECT time_datetime FROM myrunuo_timestamps WHERE time_type = 'Guild'"); $row = $result->fetch_assoc(); $timestamp = $row["time_datetime"]; echo <<<EOF <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <style type="text/css"> .class1 A:link {text-decoration: underline; color: white;} .class1 A:visited {text-decoration:underline; color: white;} .class1 A:active {text-decoration: underline; color: red;} .class1 A:hover {text-decoration: underline; color: red;} .class2 A:link {text-decoration: underline overline} .class2 A:visited {text-decoration: underline overline} .class2 A:active {text-decoration: underline overline} .class2 A:hover {text-decoration: underline; color: green;} </style> <html> <center> <head>