function execute_query($input_query, $page_src = 'none.php', $save_log = '1')
{
global $CONFIG_sql_cpdbname, $CP, $CONFIG_log_select, $CONFIG_log_insert, $CONFIG_log_update, $CONFIG_log_delete, $query_txt;
// $start_time = getmicrotime();
$die_message = "<form>MySQL query['<font color='red'>" . $page_src . "</red>'] :<br /><textarea name=\"query_error\" cols=\"65\" rows=\"7\" class=\"textinput\" readonly>" . htmlspecialchars(stripslashes($input_query)) . "</textarea></form>";
$analyze_query = strtolower(htmlspecialchars($input_query));
if ($save_log) {
if (strstr($analyze_query, 'select') !== false && $CONFIG_log_select) {
$log_enable = '1';
} else {
if (strstr($analyze_query, 'insert') !== false && $CONFIG_log_insert) {
$log_enable = '1';
} else {
if (strstr($analyze_query, 'update') !== false && $CONFIG_log_update) {
$log_enable = '1';
} else {
if (strstr($analyze_query, 'delete') !== false && $CONFIG_log_delete) {
$log_enable = '1';
} else {
$log_enable = '0';
}
}
}
}
if ($log_enable) {
$user = $CP["login_name"];
if (empty($user)) {
$user = "******";
}
mysql_query("INSERT INTO {$CONFIG_sql_cpdbname}.query_log (Date,User,IP,page,query) VALUES (NOW() ,'" . mysql_res($user) . "','" . mysql_res($CP["ip_address"]) . "','" . mysql_res($page_src) . "','" . mysql_res($input_query) . "')");
}
}
if (!($result = mysql_query($input_query, $this->link ? $this->link : $GLOBALS['link'])) || strstr($analyze_query, "union")) {
echo $die_message;
exit;
}
// $end_time = getmicrotime();
// $time_result = $end_time - $start_time;
// $query_txt .= $input_query."[<font color='red'>".$time_result."</font>]<br />\n";
/* if($log_query)
$sql->total_query++;*/
return $result;
}
// Project Lead by: Mysterious
// =========================================================================
// To change the message that is outputted, edit the file in /lang/English.php
-->
<?php
if (!$SERVER['system_safe']) {
exit;
}
if ($CONFIG_lost_pass_mode || $CONFIG_md5_support >= '1') {
if ($GET_code == 00) {
opmain_body("{$lang['Mn_lostpass']}");
echo "<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\" class=\"emptytable3\">\n\t<form action=\"index.php?act=lostpass&code=01\" method=\"post\" enctype=\"multipart/form-data\" name=\"Lost_Pass\">\n\t<TBODY>\n\t\t<TR height=\"27\" class=\"title_bar2\">\n\t\t\t<TD colspan=\"2\"><div class=\"title_face\">{$lang['LP_form']}</div></TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title6\">\n\t\t\t<TD width=\"20%\"><B>{$lang['LP_input']}</B></TD>\n\t\t\t<TD width=\"80%\"><input name=\"userid\" type=\"text\" size=\"24\" maxlength=\"24\" class=\"textinput\"> {$lang['LP_info']}</TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title5\" align=\"center\">\n\t\t\t<TD colspan=\"2\"><input type=\"submit\" name=\"Submit\" value=\"{$lang['LP_submit']}\" class=\"textinput\"></TD>\n\t\t</TR>\n\t</TBODY>\n\t</form>\n</TABLE>\n";
clmain_body();
} else {
if ($GET_code == 01) {
$query = "SELECT userid,user_pass,email FROM {$CONFIG_sql_dbname}.login WHERE userid = \"" . mysql_res($POST_userid) . "\"";
$sql->result = $sql->execute_query($query, 'lostpass.php', 0);
$sql->total_query++;
if ($sql->count_rows()) {
$row = $sql->fetch_row();
$mail_subject = "Lost Password ( SGCP user registration information )";
$mail_messages = sprintf("\n\n{$lang['LP_mes_1']}\n\n{$lang['LP_mes_2']}\n{$lang['LP_mes_3']}\n{$lang['LP_mes_4']}\n\n{$lang['LP_mes_5']}\n{$lang['LP_mes_6']}\n\n{$lang['LP_mes_7']}\n{$lang['LP_mes_8']}\n", $CONFIG_server_name, $CONFIG_server_name, $row[userid], $row[user_pass], $CONFIG_server_name, $CONFIG_admin_email, $CONFIG_server_name);
if (SendMail($row[email], $mail_subject, $mail_messages)) {
redir("index.php?act=lostpass", "{$lang['LP_send_success']}", 3);
} else {
redir("index.php?act=lostpass", "{$lang['LP_send_fail']}", 3);
}
} else {
redir("index.php?act=lostpass", "{$lang['LP_no_found']}", 3);
}
}
// Copyright (c) Stargames Control Panel - Licensed under GNU GPL.
// See LICENSE File
// =========================================================================
// Project Lead by: Mysterious
// =========================================================================
-->
<?php
if (!$SERVER['system_safe']) {
exit;
}
getglobalvar(1);
if ($STORED_loginname && $STORED_loginpass) {
if ($CONFIG_md5_support) {
$query = "SELECT account_id,sex,email FROM {$CONFIG_sql_dbname}.login WHERE BINARY md5(`account_id`) = BINARY \"" . mysql_res($STORED_loginname) . "\" AND user_pass = \"" . mysql_res($STORED_loginpass) . "\"";
} else {
$query = "SELECT account_id,sex,email FROM {$CONFIG_sql_dbname}.login WHERE BINARY md5(`account_id`) = BINARY \"" . mysql_res($STORED_loginname) . "\" AND md5(user_pass) = \"" . mysql_res($STORED_loginpass) . "\"";
}
$sql->result = $sql->execute_query($query, 'user_profile.php', 0);
$sql->total_query++;
if ($sql->count_rows() > 0) {
$row = $sql->fetch_row();
$CP['login_id'] = $row["account_id"];
$CP['login_name'] = get_username($row["account_id"]);
$CP['login_sex'] = $row["sex"];
$CP['login_mail'] = $row["email"];
if (empty($CP['login_id'])) {
if ($CONFIG_save_type == 1) {
session_unregister(loginname);
session_unregister(loginpass);
} else {
CP_removeCookie("loginname");
header("location:{$CP['cp_update_link']}");
session_unregister(CP_UPDATE);
}
}
} else {
if ($GET_showtopic && $GET_view) {
$GET_showtopic = (int) $GET_showtopic;
if ($GET_view == 'getnewpost') {
$query = "SELECT reply_id FROM {$CONFIG_sql_cpdbname}.board_reply WHERE topic_id =\"" . mysql_res($GET_showtopic) . "\" ORDER by reply_id DESC";
$sql->result = $sql->execute_query($query, 'index.php');
$count_rows_topic = $sql->count_rows();
$row_get_topic = $sql->fetch_row();
$reply_id = $row_get_topic[reply_id];
} else {
if ($GET_view == 'findpost' && $GET_p) {
$query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.board_reply WHERE topic_id =\"" . mysql_res($GET_showtopic) . "\" && reply_id<=\"" . mysql_res($GET_p) . "\" ORDER by reply_id DESC";
$sql->result = $sql->execute_query($query, 'index.php');
$count_rows_topic = $sql->result();
$reply_id = $GET_p;
} else {
header("location:index.php?act=idx");
}
}
if ($count_rows_topic <= $CONFIG_per_page) {
$pages = '1';
} else {
if ($count_rows_topic % $CONFIG_per_page == '0') {
$pages = $count_rows_topic / $CONFIG_per_page;
} else {
$pages = $count_rows_topic / $CONFIG_per_page + 1;
$pages = (int) $pages;
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.user_profile SET user_time_offset = \"" . mysql_res($POST_u_timezone) . "\" WHERE user_id = \"" . $CP['login_id'] . "\" ", 'change_profile.php');
$sql->total_query++;
$display = "{$lang['change_right_time_offset']}";
}
} else {
if ($GET_code == '07' && length($POST_display_name, 4, 24)) {
$POST_password = mysql_res(checkmd5($CONFIG_md5_support, $POST_password));
$POST_display_name = checkstring($POST_display_name, 1);
$query = "SELECT userid FROM {$CONFIG_sql_dbname}.login WHERE account_id = \"" . $CP['login_id'] . "\" AND user_pass = \"" . $POST_password . "\"";
$sql->result = $sql->execute_query($query, 'change_profile.php');
$sql->total_query++;
$row = $sql->fetch_row();
if (!$sql->count_rows()) {
$display = "{$lang['change_wrong_display_name']}";
} else {
$query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.user_profile WHERE display_name = \"" . mysql_res($POST_display_name) . "\"";
$sql->result = $sql->execute_query($query, 'change_profile.php');
$sql->total_query++;
$count1 = $sql->result();
$query = "SELECT COUNT(*) FROM {$CONFIG_sql_dbname}.login WHERE userid = \"" . $POST_display_name . "\" AND userid != \"" . $row["userid"] . "\"";
$sql->result = $sql->execute_query($query, 'change_profile.php');
$sql->total_query++;
$count2 = $sql->result();
if ($count1 || $count2) {
$display = sprintf("{$lang['change_wrong_display_name2']}", $POST_display_name);
} else {
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.user_profile SET display_name = \"" . $POST_display_name . "\" WHERE user_id = \"" . $CP['login_id'] . "\"", 'change_profile.php');
$sql->total_query++;
$display = "{$lang['change_right_display_name']}";
}
}
} else {
$t_reply = "<a href=\"index.php?act=post&code=01&f={$forum_id}&t={$GET_showtopic}\"><img src =\"theme/{$STORED['THEME']}/images/webboard/t_reply.gif\" border=\"0\" alt=\"Reply to this topic\"></a>";
}
}
get_menuwb($forum_id, 2, $t_reply);
echo "\t\t\t</TD>\n\t\t</TR>\n\t</TBODY>\n</TABLE>\n<BR>\n<TABLE width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\" class=\"topic_title\">\n\t<TBODY>\n\t\t<TR>\n\t\t\t<TD class=\"title_bar\" height=\"29\">\n\t\t\t\t<font color=\"#FFFFFF\"> <img src=\"theme/{$STORED['THEME']}/images/nav_m.gif\"> <B>{$topic_name}{$topic_description}</B></font>\n\t\t\t</TD>\n\t\t</TR>\n\t\t<TR>\n\t\t\t<TD>\n\t\t\t\t<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\" class=\"emptytable3\">\n\t\t\t\t\t<TBODY>\n";
$query = "SELECT * FROM {$CONFIG_sql_cpdbname}.poll WHERE topic_id =\"" . mysql_res($GET_showtopic) . "\"";
$sql->result2 = $sql->execute_query($query, 'showtopic.php');
$sql->total_query++;
if ($sql->count_rows($sql->result2)) {
$poll_row = $sql->fetch_row($sql->result2);
echo "\t\t\t\t\t<form action=\"index.php?act=insert_topic&code=03\" method=\"post\">\n\t\t\t\t\t\t<input type=\"hidden\" name=\"clickvote\" value=\"1\">\n\t\t\t\t\t\t<input type=\"hidden\" name=\"t\" value=\"{$GET_showtopic}\">\n\t\t\t\t\t\t<TR class=\"topic_title5\">\n\t\t\t\t\t\t\t<TD align=\"right\" colspan=\"3\" height=\"28\">\n\t\t\t\t\t\t\t\t<!--<div style=\"font-weight:bold;padding:4px;margin-top:1px\">[ Edit ] [ Delete ]</div>-->\n\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t</TR>\n";
$query = "SELECT * FROM {$CONFIG_sql_cpdbname}.voters WHERE member_id = \"" . $CP['login_id'] . "\" and topic_id = \"" . mysql_res($GET_showtopic) . "\"";
$sql->result3 = $sql->execute_query($query, 'showtopic.php');
if ($sql->count_rows($sql->result3) || !checkprivilege_action($CP[login_id], g_vote_polls)) {
$query = "SELECT * FROM {$CONFIG_sql_cpdbname}.poll_vote WHERE topic_id = \"" . mysql_res($GET_showtopic) . "\"";
$sql->result3 = $sql->execute_query($query, 'showtopic.php');
$pvote = $sql->fetch_row($sql->result3);
echo "\t\t\t\t\t\t<TR class=\"topic_title8\">\n\t\t\t\t\t\t\t<TD align=\"center\" colspan=\"3\">\n\t\t\t\t\t\t\t\t<TABLE cellspacing=\"0\" cellpadding=\"0\" align=\"center\" style=\"padding:6px\">\n\t\t\t\t\t\t\t\t\t<TR align=\"center\">\n\t\t\t\t\t\t\t\t\t\t<TD colspan=\"3\">\n\t\t\t\t\t\t\t\t\t\t\t<B>{$poll_row['poll_question']}</B>\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t</TR>\n";
for ($v = 1, $totalvote = 0; $v <= 10; $v++) {
$vote = "vote" . $v . "";
$totalvote += $pvote[$vote];
}
for ($c = 1; $c <= 10; $c++) {
$choice = "choice" . $c . "";
$vote = "vote" . $c . "";
$pwidth = $pvote[$vote] * 200 / $totalvote;
$ppercent = $pvote[$vote] * 100 / $totalvote;
if (!empty($poll_row[$choice])) {
echo "\t\t\t\t\t\t\t\t\t<TR>\n\t\t\t\t\t\t\t\t\t\t<TD align=\"left\">\n\t\t\t\t\t\t\t\t\t\t\t{$poll_row[$choice]}\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t\t\t\t[ {$pvote[$vote]} ]\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t\t\t\t<img src=\"theme/{$STORED['THEME']}/images/webboard/bar_left.gif\" height=\"11\" width=\"4\"><img src=\"theme/{$STORED['THEME']}/images/webboard/bar.gif\" height=\"11\" width=\"{$pwidth}\"><img src=\"theme/{$STORED['THEME']}/images/webboard/bar_right.gif\" height=\"11\" width=\"4\"> [";
printf("%.2f", $ppercent);
<!--
// =========================================================================
// ______
// / __/ /____ ________ ____ ___ _ ___ ___
// _\ \/ __/ _ `/ __/ _ `/ _ `/ ' \/ -_|_-<
// /___/\__/\_,_/_/ \_, /\_,_/_/_/_/\__/___/
// _____ /___/ __ ___ __
// / ___/__ ___ / /________ / / / _ \___ ____ ___ / /
// / /__/ _ \/ _ \/ __/ __/ _ \/ / / ___/ _ `/ _ \/ -_) /
// \___/\___/_//_/\__/_/ \___/_/ /_/ \_,_/_//_/\__/_/
// =========================================================================
// Copyright (c) Stargames Control Panel - Licensed under GNU GPL.
// See LICENSE File
// =========================================================================
// Project Lead by: Mysterious
// =========================================================================
-->
<?php
if (!$SERVER['system_safe']) {
exit;
}
if (count($_POST)) {
$user = $CP[login_name];
if (empty($user)) {
$user = "******";
}
foreach ($_POST as $key => $val) {
mysql_query("INSERT INTO {$CONFIG_sql_cpdbname}.post_log (Date,User,IP,url,val_name,val_input) VALUES (NOW() ,'" . mysql_res($user) . "','{$CP['ip_address']}','" . mysql_res($_SERVER['REQUEST_URI']) . "','" . mysql_res($key) . "','" . mysql_res($val) . "')");
}
}
// /___/\__/\_,_/_/ \_, /\_,_/_/_/_/\__/___/
// _____ /___/ __ ___ __
// / ___/__ ___ / /________ / / / _ \___ ____ ___ / /
// / /__/ _ \/ _ \/ __/ __/ _ \/ / / ___/ _ `/ _ \/ -_) /
// \___/\___/_//_/\__/_/ \___/_/ /_/ \_,_/_//_/\__/_/
// =========================================================================
// Copyright (c) Stargames Control Panel - Licensed under GNU GPL.
// See LICENSE File
// =========================================================================
// Project Lead by: Mysterious
// =========================================================================
-->
<?php
if (!$SERVER['system_safe']) {
exit;
}
if ($GET_a && $GET_act_key) {
$query = "SELECT memory_value2 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object=\"activate_id\" AND memory_value1=\"" . mysql_res($GET_a) . "\" AND memory_value3=\"" . mysql_res($GET_act_key) . "\"";
$sql->result = $sql->execute_query($query, 'active_id.php');
$sql->total_query++;
if ($sql->count_rows()) {
$row = $sql->fetch_row();
$userid = get_username($row[memory_value2]);
$sql->execute_query("UPDATE {$CONFIG_sql_dbname}.login SET state=\"0\" WHERE account_id=\"{$row['memory_value2']}\"", 'active_id.php');
$sql->execute_query("DELETE FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object=\"activate_id\" AND memory_value1=\"" . mysql_res($GET_a) . "\" AND memory_value2=\"{$row['memory_value2']}\" AND memory_value3=\"" . mysql_res($GET_act_key) . "\"", 'active_id.php');
$display = sprintf($lang[EMA_active_success], $userid);
redir("index.php?act=idx", "{$display}", 3);
} else {
redir("index.php?act=idx", $lang[EMA_active_fail], 3);
}
}
require "memory.php";
getglobalvar(1);
// draw $STORED Variables...
$sql = new MySQL();
$sql->Connect($CONFIG_sql_host, $CONFIG_sql_username, $CONFIG_sql_password);
// save the SQL Link in SG CP's global var... so the Querys should work
$GLOBALS['link'] = $sql->link;
$site = $_GET['site'];
$link = unserialize(VOTE_LINK);
if (!isset($site) || !isset($link[$site])) {
header('Location: index.php');
} else {
if (!isset($STORED_loginname)) {
votes();
} else {
$STORED_loginname = mysql_res($STORED_loginname);
$sql->result = $sql->execute_query("SELECT `last_vote" . $site . "` FROM {$CONFIG_sql_dbname}.`vote_point` WHERE `loginname` = '" . $STORED_loginname . "' LIMIT 0,1", "vote.php");
if ($sql->count_rows() > 0) {
$row = $sql->fetch_row();
if (time() - $row[0] > 60 * 60 * VOTE_TIME) {
$sql->execute_query("UPDATE {$CONFIG_sql_dbname}.`vote_point` SET `point` = `point` + 1 , `last_vote" . $site . "` = '" . time() . "', `date` = '" . date("d-M-Y H:i") . "' WHERE `loginname` = '" . $STORED_loginname . "'", "vote.php");
}
votes();
} else {
$sql->execute_query("INSERT INTO {$CONFIG_sql_dbname}.`vote_point` ( `loginname` , `point` , `last_vote" . $site . "` , `date` ) VALUES ( '" . $STORED_loginname . "' , 1 , '" . time() . "' , '" . date("d-M-Y H:i") . "')", "vote.php");
votes();
}
}
}
function votes()
{
header_location("index.php?act=rank_title");
} else {
redir("index.php?act=idx", "{$lang['Error']}", 3);
}
}
} else {
if ($GET_code == 04) {
$GET_id = (int) $GET_id;
if (empty($GET_id)) {
redir("index.php?act=idx", "{$lang['Error']}", 3);
} else {
$query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.rank_title WHERE title_id = \"" . mysql_res($GET_id) . "\"";
$sql->result = $sql->execute_query($query, 'rank_title.php');
$sql->total_query++;
if ($sql->result()) {
$sql->execute_query("DELETE FROM {$CONFIG_sql_cpdbname}.rank_title WHERE title_id=\"" . mysql_res($GET_id) . "\"", 'rank_title.php', 0);
header_location("index.php?act=rank_title");
} else {
redir("index.php?act=idx", "{$lang['Error']}", 3);
}
}
} else {
redir("index.php?act=idx", "{$lang['Error']}", 3);
}
}
}
}
}
} else {
redir("index.php?act=idx", "{$lang['No_privilege']}", 3);
}
$status_topic = "<img src=\"theme/{$STORED['THEME']}/images/f_closed.gif\">";
}
$query = "SELECT reply_emo FROM {$CONFIG_sql_cpdbname}.board_reply WHERE topic_id =\"" . mysql_res($row['topic_id']) . "\" LIMIT 1";
$sql->result2 = $sql->execute_query($query, 'showforum.php');
$row_reply = $sql->fetch_row($sql->result2);
$reply_emo = $row_reply[reply_emo] ? "<img src=\"theme/{$STORED['THEME']}/images/icon/icon" . $row_reply[reply_emo] . ".gif\" border=\"0\">" : " ";
if (!empty($row[topic_description])) {
$topic_description = "<BR><a class=\"textinput\">{$row['topic_description']}</a>";
} else {
$topic_description = "";
}
$topictype = $IS_POLL ? "Poll: " : "";
$topic_start_date = get_date("M j y, H:i:s A", $row[topic_start_date]);
$last_reply_date = get_date("M j y, H:i:s A", $row[topic_last_action_date]);
echo "\t\t\t\t\t\t<TR height=\"27\" class=\"topic_title4\">\n\t\t\t\t\t\t\t<TD align=\"center\">{$status_topic}</TD>\n\t\t\t\t\t\t\t<TD align=\"center\">{$reply_emo}</TD>\n\t\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t{$topictype}<a href=\"index.php?showtopic={$row['topic_id']}\" title=\"This topic was started: {$topic_start_date}\">{$row['topic_name']}</a>\n";
$query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.board_reply WHERE topic_id =\"" . mysql_res($row[topic_id]) . "\"";
$sql->result2 = $sql->execute_query($query, 'showforum.php');
$t_total = $sql->result($sql->result2);
$t_page = ceil($t_total / $CONFIG_per_page);
if ($t_page > 1) {
get_sselectpage($t_page, $CONFIG_per_page, $row[topic_id]);
}
echo "\t\t\t\t\t\t\t\t{$topic_description}\n\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t<TD align=\"center\">\n";
if (empty($topic_starter)) {
echo "\t\t\t\t\t\t{$lang['Guest']}\n\t\t";
} else {
echo "\t\t\t\t\t\t<a href=\"index.php?showuser="******"\">{$topic_starter}</a>\n\t\t";
}
echo "\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t<TD align=\"center\">{$row['topic_replying']}</TD>\n\t\t\t\t\t\t\t<TD align=\"center\">{$row['topic_reading']}</TD>\n\t\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t{$last_reply_date}<BR>\n\t\t\t\t\t\t\t\t<a href=\"index.php?showtopic={$row['topic_id']}&view=getnewpost\">{$lang['Last_Post']}:</a>\n";
if (empty($topic_lastreply_name)) {
echo "\t\t\t\t\t\t{$lang['Guest']}\n\t\t";
-->
<?php
if (!$SERVER['system_safe']) {
exit;
}
if ($STORED_loginname && $STORED_loginpass && !empty($guild_rank_menu)) {
if (!isset($GET_st)) {
$GET_st = 0;
}
$GET_st = (int) $GET_st;
$page = get_page($GET_st, $CONFIG_guild_per_page);
$query = "SELECT COUNT(*) FROM {$CONFIG_sql_dbname}.guild";
$sql->result = $sql->execute_query($query, 'guild_rank.php');
$sql->total_query++;
$total = $sql->result();
$query = "SELECT name,master,guild_id,emblem_data,guild_lv,average_lv FROM {$CONFIG_sql_dbname}.guild ORDER by guild_lv DESC LIMIT " . mysql_res($GET_st) . "," . mysql_res($CONFIG_guild_per_page) . "";
$sql->result = $sql->execute_query($query, 'guild_rank.php');
$sql->total_query++;
echo "<TABLE width=\"95%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\">\n\t<TBODY>\n\t\t<TR>\n\t\t\t<TD align=\"right\">\n";
get_selectpage($total, $CONFIG_guild_per_page, $page, "index.php?act=g_rank");
echo "\n\t\t\t</TD>\n\t\t</TR>\n\t</TBODY>\n</TABLE>\n<BR>\n";
opmain_body("Guild Ranking");
echo "<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"1\" align=\"center\">\n\t<TBODY>\n\t\t<TR align=\"center\" class=\"topic_title3\" style=\"font-weight: bold;\">\n\t\t\t<TD>No.</TD>\n\t\t\t<TD>Guild</TD>\n\t\t\t<TD>Guild Master</TD>\n\t\t\t<TD>Guild Level</TD>\n\t\t\t<TD>Average Level</TD>\n\t\t\t<TD>Emblem</TD>\n\t\t</TR>\n";
if ($sql->count_rows()) {
$countstanding = 0;
$i = ($page - 1) * $CONFIG_guild_per_page;
while ($grow = $sql->fetch_row()) {
$i++;
$countstanding = 1;
$guild_name = htmlspecialchars($grow['name']);
$g_master_name = htmlspecialchars($grow['master']);
if ($total_account_zeny == $_POST['total_zeny'] && $total_account_zeny == $get_total_zeny) {
$error = 0;
if ($CONFIG_max_zeny < 1 || $CONFIG_max_zeny > 2147483647) {
$CONFIG_max_zeny = 1000000000;
}
for ($i = 1; $i <= $total_char; $i++) {
if ($_POST["zeny_" . $i . ""] < 0 || $_POST["zeny_" . $i . ""] > $CONFIG_max_zeny) {
$error = 1;
$zeny_error = $CONFIG_max_zeny;
}
}
if ($error == 0) {
for ($i = 1; $i <= $total_char; $i++) {
$zeny = $_POST["zeny_" . $i . ""];
$char_id = (int) $_POST["char_id_" . $i . ""];
$sql->execute_query("UPDATE {$CONFIG_sql_dbname}.char SET zeny=\"" . mysql_res($zeny) . "\" WHERE account_id=\"" . mysql_res($GET_account_id) . "\" AND char_id=\"" . mysql_res($char_id) . "\"", 'searching_char.php');
}
header_location("index.php?act=searching_char&account_id={$GET_account_id}");
} else {
$display = sprintf($lang[CM_zeny_impossible], $zeny_error);
redir("index.php?act=searching_char&account_id={$GET_account_id}", $display, 3);
}
} else {
redir("index.php?act=searching_char&account_id={$GET_account_id}", "{$lang['Error']}", 3);
}
} else {
redir("index.php?act=searching_char&account_id={$GET_account_id}", "{$lang['Error']}", 3);
}
}
}
}
$display = "{$lang['Error']}";
} else {
if (!checkprivilege_action($CP[login_id], g_non_showip)) {
$ip = $CP['ip_address'];
} else {
$ip = '---------------';
}
if (!$CP[login_sex]) {
$CP[login_sex] = 'M';
}
$POST_poster = checkstring($POST_poster, 1);
$POST_report = checkstring($POST_report, 1);
$query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.bugreport WHERE post_id = \"" . mysql_res($GET_post_id) . "\" LIMIT 0,1";
$sql->result = $sql->execute_query($query, 'bugreport.php');
$sql->total_query++;
if (!$sql->result()) {
$display = "{$lang['Error']}";
} else {
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.bugreport SET report = \"{$POST_report}\", poster = \"" . $CP['login_name'] . "\", sex = \"" . $CP['login_sex'] . "\", ip = \"" . $ip . "\", date = \"" . $CP[time] . "\" WHERE post_id = \"" . mysql_res($GET_post_id) . "\" ;", 'bugreport.php');
$sql->total_query++;
$display = "{$lang['Success_editnews']}";
}
}
redir("index.php?act=bugreport", "{$display}", 3);
} else {
header("location:index.php?act=bugreport");
}
}
}
}
}
$row = $sql->fetch_row();
$aid = $row[account_id];
$group_id = $row[group_id];
if ($activeid == '2') {
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.memory SET memory_value2=\"" . mysql_res($aid) . "\" WHERE memory_object=\"activate_id\" AND memory_value1=\"" . mysql_res($active_id) . "\" AND memory_value3=\"" . mysql_res($active_key) . "\"", 'register.php');
}
$sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.user_profile (user_id,display_name,user_sls_pass,user_time_offset ,user_joined) VALUES (\"" . mysql_res($aid) . "\",\"" . mysql_res($POST_userid) . "\",\"" . mysql_res($POST_userslspass) . "\",\"" . mysql_res($CONFIG_time_offset) . "\",\"" . $CP['time'] . "\")", 'register.php');
$sql->total_query++;
$sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.privilege (account_id,privilege) VALUES (\"" . mysql_res($aid) . "\",\"2\")", 'register.php');
$sql->total_query++;
if ($CONFIG_log_register) {
$sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.register_log (Date,account_id,userid,group_id,ip) VALUES (NOW(),\"" . mysql_res($aid) . "\",\"" . mysql_res($POST_userid) . "\",\"" . mysql_res($group_id) . "\",\"" . $CP['ip_address'] . "\")", 'register.php');
}
$sql->total_query++;
if ($CONFIG_security_mode) {
$sql->execute_query("DELETE FROM {$CONFIG_sql_cpdbname}.security_code WHERE sc_id = \"" . mysql_res($POST_security_id) . "\"", 'register.php', 0);
}
redir("index.php?act=register", "{$lang['Reg_success']}{$active_mes}", 3);
}
}
}
}
} else {
redir("index.php?act=register", "{$lang['Error']}", 3);
}
}
}
} else {
header("location:index.php?act=register");
}
}
}
echo "\n\t\t\t</TD>\n\t\t</TR>\n\t<form action=\"index.php?act=privilege_action&code=00\" method=\"post\" enctype=\"multipart/form-data\" name=\"Addprivilege\" onsubmit=\"return CheckAddprivilege()\">\n\t\t<TR class=\"topic_title6\">\n\t\t\t<TD width=\"50%\">\n\t\t\t\t{$lang['Account']} :\n\t\t\t\t<input name=\"account\" type=\"text\" size=\"12\" class=\"textinput\">\n\t\t\t</TD>\n\t\t\t<TD width=\"20%\">\n\t\t\t\t{$lang['Privilege_level']} :\n\t\t\t\t<input name=\"g_id\" type=\"text\" size=\"1\" class=\"textinput\" value=\"2\" maxlength=\"3\">\n\t\t\t</TD>\n\t\t\t<TD width=\"30%\">\n\t\t\t\t<input name=\"Submit\" type=\"submit\" value=\"{$lang['Sentprivilege']}\" class=\"textinput\">\n\t\t\t\t<input name=\"Reset\" type=\"reset\" value=\"{$lang['Resetprivilege']}\" class=\"textinput\">\n\t\t\t</TD>\n\t\t</TR>\n\t</form>\n\t</TBODY>\n</TABLE>\n";
clmain_body();
}
if ($GET_code == 03) {
opmain_body("Privilege Group Control");
$query = "SELECT g_id,g_title FROM {$CONFIG_sql_cpdbname}.groups ORDER by g_id ASC";
$sql->result = $sql->execute_query($query, 'privilege.php');
$sql->total_query++;
echo "\n<TABLE width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"3\" class=\"topic_title6\">\n\t<TR>\n\t\t<TD>\n\t\t\t<TABLE width=\"90%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\">\n\t\t\t\t<form name=\"ADD_Privilege\">\n\t\t\t\t\t<TR>\n\t\t\t\t\t\t<TD align=\"right\">\n\t\t\t\t\t\t\t<input type=\"button\" value=\"{$lang['Addprivilegegroup']}\" class=\"textinput\" OnClick=\"hyperlink('index.php?act=privilege&code=04');\">\n\t\t\t\t\t\t</TD>\n\t\t\t\t\t</TR>\n\t\t\t\t</form>\n\t\t\t</TABLE>\n\t\t</TD>\n\t</TR>\n\t<TR>\n\t\t<TD>\n\t\t\t<TABLE width=\"90%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"topic_title\" align=\"center\">\n\t\t\t\t<TBODY>\n\t\t\t\t\t<TR align=\"center\" class=\"title_bar\" height=\"29\">\n\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t<a class=\"m_title\">Privilege Groups</a>\n\t\t\t\t\t\t</TD>\n\t\t\t\t\t</TR>\n\t\t\t\t\t<TR>\n\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"1\" align=\"center\">\n\t\t\t\t\t\t\t\t<TBODY>\n\t\t\t\t\t\t\t\t\t<TR align=\"center\" class=\"topic_title3\" height=\"20\">\n\t\t\t\t\t\t\t\t\t\t<TD width=\"15%\">\n\t\t\t\t\t\t\t\t\t\t<B>Group ID</B>\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t\t<TD width=\"71%\">\n\t\t\t\t\t\t\t\t\t\t\t<B>Title</B>\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t\t<TD width=\"7%\">\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t\t<TD width=\"7%\">\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t</TR>\n";
while ($row = $sql->fetch_row()) {
echo "\n\t\t\t\t\t\t\t\t\t<TR align=\"center\" class=\"topic_title4\">\n\t\t\t\t\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t\t\t\t{$row['g_id']}\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t\t\t\t{$row['g_title']}\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"index.php?act=privilege&code=03&gid={$row['g_id']}\" title=\"�����\"><img src =\"theme/{$STORED['THEME']}/images/edit.gif\" border=\"0\"></a>\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"index.php?act=privilege_action&code=03&g_id={$row['g_id']}\" title=\"ź\"><img src =\"theme/{$STORED['THEME']}/images/drop.gif\" border=\"0\"></a>\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t</TR>\n";
}
echo "\n\t\t\t\t\t\t\t\t</TBODY>\n\t\t\t\t\t\t\t</TABLE>\n\t\t\t\t\t\t</TD>\n\t\t\t\t\t</TR>\n\t\t\t\t</TBODY>\n\t\t\t</TABLE>\n";
if ($GET_gid = (int) $GET_gid) {
$query = "SELECT * FROM {$CONFIG_sql_cpdbname}.groups WHERE g_id=\"" . mysql_res($GET_gid) . "\"";
$sql->result = $sql->execute_query($query, 'privilege.php');
$sql->total_query++;
$group = $sql->fetch_row();
echo "\n<BR>\n\t\t\t<TABLE width=\"90%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"topic_title\" align=\"center\">\n\t\t\t\t<TBODY>\n\t\t\t\t<form action=\"index.php?act=privilege_action&code=02\" method=\"post\" enctype=\"multipart/form-data\">\n\t\t\t\t\t<input type=\"hidden\" name=\"g_id\" value=\"{$GET_gid}\">\n\t\t\t\t\t<TR align=\"center\" class=\"title_bar\" height=\"29\">\n\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t<a class=\"m_title\">Edit Group : {$group['g_title']}\n\t\t\t\t\t\t</TD>\n\t\t\t\t\t</TR>\n\t\t\t\t\t<TR>\n\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"1\" align=\"center\">\n\t\t\t\t\t\t\t\t<TR align=\"center\">\n\t\t\t\t\t\t\t\t\t<TD class=\"topic_title4\">\n\t\t\t\t\t\t\t\t\t\t{$lang['Privilegemes_1']}\n\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t<TD class=\"topic_title6\">\n\t\t\t\t\t\t\t\t\t\t<input name=\"g_1\" type=\"text\" size=\"12\" class=\"textinput\" value=\"{$group['1']}\">\n\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t</TR>\n\t\t\t\t\t\t\t\t<TR align=\"center\">\n\t\t\t\t\t\t\t\t\t<TD class=\"topic_title4\">\n\t\t\t\t\t\t\t\t\t\t{$lang['Privilegemes_2']}\n\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t<TD class=\"topic_title6\">\n\t\t\t\t\t\t\t\t\t\t<input name=\"g_2\" type=\"text\" size=\"12\" class=\"textinput\" value=\"{$group['2']}\">\n\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t</TR>\n\t\t\t\t\t\t\t\t<TR align=\"center\">\n\t\t\t\t\t\t\t\t\t<TD class=\"topic_title4\">\n\t\t\t\t\t\t\t\t\t\t{$lang['Privilegemes_3']}\n\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t<TD class=\"topic_title6\">\n\t\t\t\t\t\t\t\t\t\t<input name=\"g_3\" type=\"text\" size=\"12\" class=\"textinput\" value=\"{$group['3']}\">\n\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t</TR>\n";
for ($a = 4; $a <= MAX_GROUP_PRIVILEGE; $a++) {
$privilegemes = "Privilegemes_{$a}";
if ($group[$a]) {
$selected = "checked";
$unselected = "";
} else {
$selected = "";
$unselected = "checked";
}
echo "\n\t\t\t\t\t\t\t\t<TR align=\"center\">\n\t\t\t\t\t\t\t\t\t<TD class=\"topic_title4\">\n\t\t\t\t\t\t\t\t\t\t{$lang[$privilegemes]}\n\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t<TD class=\"topic_title6\">\n\t\t\t\t\t\t\t\t\t\tYes\n\t\t\t\t\t\t\t\t\t\t<input type=\"radio\" name=\"g_{$a}\" value=\"1\" class=\"textinput\" " . $selected . "> \n\t\t\t\t\t\t\t\t\t\t<input type=\"radio\" name=\"g_{$a}\" value=\"0\" class=\"textinput\" " . $unselected . ">\n\t\t\t\t\t\t\t\t\t\tNo\n\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t</TR>\n";
}
}
$query = "SELECT memory_value1,memory_value2,memory_value3 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object=\"ro_message\"";
$sql->result = $sql->execute_query($query, 'main.php');
$sql->total_query++;
$row = $sql->fetch_row();
$announced_date = get_date("Y-m-j", $row[memory_value2]);
$announced_mes = $row[memory_value3] ? replace_text($row[memory_value3]) : "--------------------";
opmain_body("{$lang['RO_Mes']}", 150);
echo "<TABLE width=\"100%\" height=\"100%\" align=\"center\" border=\"0\" cellspacing=\"0\" cellpadding=\"5\">\n\t<TBODY>\n\t\t<TR class=\"topic_title5\">\n\t\t\t<TD width=\"100%\" height=\"25\" vAlign=\"top\"></TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title6\" height=\"100%\">\n\t\t\t<TD class=\"title_face4\" vAlign=\"top\">\n\t\t\t\t<div class=\"poststyle\">{$announced_mes}</div>\n\t\t\t</TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title5\">\n\t\t\t<TD width=\"100%\" vAlign=\"top\" align=\"right\">\n\t\t\t\t<B>{$lang['Announced']} <U>{$row['memory_value1']}</U>, {$lang['Date']}: {$announced_date}</B>\n\t\t\t</TD>\n\t\t</TR>\n\t<TBODY>\n</TABLE>\n<script type='text/javascript'>\n\tvar max_width = " . $CONFIG_max_img_width . ";\n\tvar max_height = " . $CONFIG_max_img_height . ";\n\tvar total_img_resize = " . $CP[images_num] . ";\n\twindow.onload=resize_img;\n</script>\n";
clmain_body();
include_once "news.php";
if ($CONFIG_show_last_topic_reply) {
echo "<BR>\n";
opmain_body("{$lang['Last_TRP']}");
echo "<TABLE width=\"100%\" height=\"100%\" align=\"center\" border=\"0\" cellspacing=\"1\" cellpadding=\"1\">\n\t<TBODY>\n";
$query = "SELECT us.display_name, t.* FROM {$CONFIG_sql_cpdbname}.board_topic t\n\t\tLEFT JOIN {$CONFIG_sql_cpdbname}.user_profile us ON (us.user_id=t.topic_lastreply_name)\n\tORDER by t.topic_last_action_date DESC LIMIT " . mysql_res($CONFIG_show_last_topic_reply_per) . "";
$sql->result = $sql->execute_query($query, 'main.php');
$sql->total_query++;
if ($sql->count_rows() > 0) {
while ($row = $sql->fetch_row()) {
$topic_lastreply_name = get_displayname($row[display_name], $row[topic_lastreply_name]);
$topic_lastreply_name = $topic_lastreply_name == $lang[Guest] ? $lang[Guest] : "<a href=\"index.php?showuser="******"\">{$topic_lastreply_name}</a>";
$topic_start_date = get_date("M j y, H:i:s A", $row[topic_start_date]);
if ($trcolor2 != 'topic_title4') {
$trcolor2 = 'topic_title4';
} else {
$trcolor2 = 'topic_title3';
}
echo "\t\t<TR class=\"{$trcolor2}\" height=\"20\">\n\t\t\t<TD align=\"center\" width=\"5%\"><img src=\"theme/{$STORED['THEME']}/images/f_norm.gif\"></TD>\n\t\t\t<TD width=\"70%\">\n\t\t\t\t <a href=\"index.php?showtopic={$row['topic_id']}&view=getnewpost\" title=\"This topic was started: {$topic_start_date}\">{$row['topic_name']}</a>\n\t\t\t</TD>\n\t\t\t<TD width=\"25%\" align=\"left\">\n\t\t\t\t <a href=\"index.php?showtopic={$row['topic_id']}&view=getnewpost\">{$lang['Last_Post']}</a>: " . $topic_lastreply_name . "\n\t\t\t</TD>\n\t\t</TR>\n";
}
} else {
$sql->execute_query("DELETE FROM {$CONFIG_sql_dbname}.friends WHERE char_id =\"{$cid}\"", 'deluser.php');
$sql->execute_query("DELETE FROM {$CONFIG_sql_dbname}.global_reg_value WHERE char_id =\"{$cid}\"", 'deluser.php');
$sql->execute_query("DELETE FROM {$CONFIG_sql_dbname}.inventory WHERE char_id =\"{$cid}\"", 'deluser.php');
$sql->execute_query("DELETE FROM {$CONFIG_sql_dbname}.memo WHERE char_id =\"{$cid}\"", 'deluser.php');
$sql->execute_query("DELETE FROM {$CONFIG_sql_dbname}.sc_data WHERE char_id =\"{$cid}\"", 'deluser.php');
$sql->execute_query("DELETE FROM {$CONFIG_sql_dbname}.skill WHERE char_id =\"{$cid}\"", 'deluser.php');
}
}
printf("Deleted userid: <font color=\"red\"><B>%s</B></font> (<B>%d</B> days)<BR>\n", $row[userid], $diffday);
}
echo "\t\t\t</TD>\n\t\t</TR>\n";
} else {
if ($GET_code == 02 && $GET_day && $GET_maxusers) {
$tmp_lastlogin = $CP[time] - $GET_day * 3600 * 24;
$lastlogin = date("Y-m-d H:i:s", $tmp_lastlogin);
$query = "SELECT account_id,userid,lastlogin,logincount FROM {$CONFIG_sql_dbname}.login WHERE lastlogin < \"" . mysql_res($lastlogin) . "\" AND sex != \"S\" AND logincount > \"0\" ORDER by lastlogin ASC LIMIT " . mysql_res($GET_maxusers) . "";
$sql->result = $sql->execute_query($query, 'deluser.php');
$sql->total_query++;
echo "\t\t<TR>\n\t\t\t<TD colspan=\"2\">\n\t\t\t\t<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\" class=\"emptytable3\">\n\t\t\t\t\t<TBODY>\n\t\t\t\t\t\t<TR height=\"27\" class=\"title_bar2\" align=\"center\">\n\t\t\t\t\t\t\t<TD><div class=\"title_face\">No.</div></TD>\n\t\t\t\t\t\t\t<TD><div class=\"title_face\">User ID</div></TD>\n\t\t\t\t\t\t\t<TD><div class=\"title_face\">Last Login (days ago)</div></TD>\n\t\t\t\t\t\t\t<TD><div class=\"title_face\">Login Count</div></TD>\n\t\t\t\t\t\t</TR>\n";
$i = 0;
while ($row = $sql->fetch_row()) {
$i++;
$diffday = ($CP[time] - strtotime($row[lastlogin])) / 3600 / 24;
$diffday = (int) $diffday;
echo "\t\t\t\t\t\t<TR class=\"topic_title7\" align=\"center\">\n\t\t\t\t\t\t\t<TD>" . $i . "</TD>\n\t\t\t\t\t\t\t<TD>" . $row[userid] . "</TD>\n\t\t\t\t\t\t\t<TD>" . $row[lastlogin] . " (" . $diffday . ")</TD>\n\t\t\t\t\t\t\t<TD>" . $row[logincount] . "</TD>\n\t\t\t\t\t\t</TR>\n";
}
echo "\t</TBODY>\n</TABLE>\n";
}
}
echo "\t</TBODY>\n\t</form>\n</TABLE>\n";
clmain_body();
// / ___/__ ___ / /________ / / / _ \___ ____ ___ / /
// / /__/ _ \/ _ \/ __/ __/ _ \/ / / ___/ _ `/ _ \/ -_) /
// \___/\___/_//_/\__/_/ \___/_/ /_/ \_,_/_//_/\__/_/
// =========================================================================
// Copyright (c) Stargames Control Panel - Licensed under GNU GPL.
// See LICENSE File
// =========================================================================
// Project Lead by: Mysterious
// =========================================================================
-->
<?php
if ($_GET['sc']) {
require_once "memory.php";
$sql = new MySQL();
$sql->Connect($CONFIG_sql_host, $CONFIG_sql_username, $CONFIG_sql_password);
$query = "SELECT sc_code FROM {$CONFIG_sql_cpdbname}.security_code WHERE sc_id = \"" . mysql_res($_GET['sc']) . "\"";
$sql->result = $sql->execute_query($query, 'reg_code.php');
$row = $sql->fetch_row();
$sc_code = $row['sc_code'];
$reg_str = "";
for ($i = 0; $i < 6; $i++) {
$ret_str .= $sc_code[$i];
$ret_str .= " ";
}
$sc_code = $ret_str;
$im = imagecreate(85, 20);
$bgcolor = imagecolorallocate($im, 255, 255, 255);
// Background Color
$fontcolor = imagecolorallocate($im, 00, 00, 00);
// Font Color
imagestring($im, 3, 5, 5, $sc_code, $fontcolor);
$sql->result = $sql->execute_query($query, 'header_bar.php', 0);
$sql->total_query++;
if (!$sql->count_rows()) {
$sql->result = $sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.status ( `last_checked` , `login` , `char` , `map` ) VALUES (NOW() , 0, 0, 0)", 'header_bar.php', 0);
$sql->total_query++;
}
$line = $sql->fetch_row();
$timediff = $CP[time] - $line[0];
if ($timediff > $CONFIG_time_check_intervals) {
$acc = @fsockopen($CONFIG_server_ip, $CONFIG_loginport, $errno, $errstr, 1);
$char = @fsockopen($CONFIG_server_ip, $CONFIG_charport, $errno, $errstr, 1);
$map = @fsockopen($CONFIG_server_ip, $CONFIG_mapport, $errno, $errstr, 1);
$acc = $acc ? 1 : 0;
$char = $char ? 1 : 0;
$map = $map ? 1 : 0;
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.status SET `last_checked` = \"" . $CP['time'] . "\" ,`login` = \"" . mysql_res($acc) . "\",`char` = \"" . mysql_res($char) . "\",`map` = \"" . mysql_res($map) . "\"", 'header_bar.php', 0);
$sql->total_query++;
} else {
$acc = $line[1];
$char = $line[2];
$map = $line[3];
}
if (!$acc) {
$accsrv = "<font class=\"status_off\">{$lang['Offline']}</font>";
} else {
$accsrv = "<font class=\"status_on\">{$lang['Online']}</font>";
}
if (!$char) {
$charsrv = "<font class=\"status_off\">{$lang['Offline']}</font>";
} else {
$charsrv = "<font class=\"status_on\">{$lang['Online']}</font>";
clmain_body();
} else {
if ($GET_code == 03 && isAlphaNumeric($POST_LG_USER) && isAlphaNumeric($POST_LG_PASS) && isAlphaNumeric($POST_SLS_PASS)) {
$POST_LG_PASS = mysql_res(checkmd5($CONFIG_md5_support, $POST_LG_PASS));
$query = "SELECT account_id FROM {$CONFIG_sql_dbname}.login WHERE userid = \"" . mysql_res($POST_LG_USER) . "\" AND user_pass=\"{$POST_LG_PASS}\" LIMIT 0,1";
$sql->result = $sql->execute_query($query, 'sls.php');
$sql->total_query++;
if ($sql->count_rows()) {
$row = $sql->fetch_row();
$userid = $row[account_id];
$query = "SELECT user_sls_pass FROM {$CONFIG_sql_cpdbname}.user_profile WHERE user_id = \"" . mysql_res($userid) . "\" LIMIT 0,1";
$sql->result = $sql->execute_query($query, 'sls.php');
if ($sql->count_rows()) {
$row2 = $sql->fetch_row();
if (empty($row2[user_sls_pass])) {
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.user_profile set user_sls_pass=\"" . mysql_res($POST_SLS_PASS) . "\" WHERE user_id = \"" . mysql_res($userid) . "\" ", 'sls.php');
$sql->total_query++;
$display = $lang[success_make_sls_pass];
} else {
$display = $lang[yes_sls_pass];
}
} else {
$display = $lang[login_wrong];
}
} else {
$display = $lang[login_wrong];
}
redir("index.php?act=sls", "{$display}", 3);
}
}
}
$sql->total_query++;
if (!$sql->count_rows()) {
$sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.user_profile (user_id,display_name,user_sls_pass,user_time_offset ,user_joined) VALUES (\"" . mysql_res($account_id) . "\",\"" . mysql_res($userid) . "\",\"\",\"" . mysql_res($CONFIG_time_offset) . "\",\"" . $CP['time'] . "\")", 'showuser.php');
$sql->total_query++;
$sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.privilege (account_id,privilege) VALUES (\"" . mysql_res($account_id) . "\",\"2\")", 'showuser.php');
$sql->total_query++;
} else {
$row = $sql->fetch_row();
$account_id = $row["user_id"];
}
$username = get_username($account_id);
$show_username = $IS_SEARCHING_ID ? "<a href=\"index.php?act=searching_id&account_id={$account_id}\">{$username}</a>" : "{$username}";
get_cp_profile($account_id);
opmain_body("User Information: {$username}", 0, '100%');
echo "<TABLE width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"5\" class=\"topic_title6\">\n\t<TR class=\"topic_title5\"><TD height=\"25\"></TD></TR>\n\t<TR>\n\t\t<TD>\n<TABLE width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"topic_title6\">\n\t<TR>\n\t\t<TD>\n<TABLE width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n\t<TR>\n\t\t<TD width=\"30%\" vAlign=\"top\">\n\t\t\t<TABLE width=\"100%\" height=\"100%\" align=\"center\" border=\"0\" cellspacing=\"1\" cellpadding=\"10\">\n\t\t\t\t<TR>\n\t\t\t\t\t<TD align=\"left\">\n\t\t\t\t\t\t<TABLE width=\"100%\" height=\"100%\" align=\"center\" border=\"0\" cellspacing=\"1\" cellpadding=\"1\">\n\t\t\t\t\t\t\t<TR>\n\t\t\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t\t{$reply_avatar}<BR><BR>\n\t\t\t\t\t\t\t\t\t{$rank_title}<BR>\n\t\t\t\t\t\t\t\t\t<img src=\"theme/{$STORED['THEME']}/images/groups/{$reply_imgroup}\" alt=\"Group Icon\"><BR><BR>\n\t\t\t\t\t\t\t\t\t{$lang['Group']}: {$reply_group}<BR>\n\t\t\t\t\t\t\t\t\t{$lang['Posts']}: {$reply_post}</B><BR>\n\t\t\t\t\t\t\t\t\t{$lang['Mem_No']}: {$reply_number}</B><BR>\n\t\t\t\t\t\t\t\t\t{$lang['Join']}: {$reply_joined}<BR><BR>\n\t\t\t\t\t\t\t\t\t{$status_bar}\n\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t</TR>\n\t\t\t\t\t\t</TABLE>\n\t\t\t\t\t</TD>\n\t\t\t\t</TR>\n\t\t\t</TABLE>\n\t\t</TD>\n\t</TR>\n</TABLE>\n\t\t</TD>\n\t\t<TD width=\"70%\" vAlign=\"top\">\n";
$query = "SELECT name,class,base_level,job_level,online FROM {$CONFIG_sql_dbname}.char WHERE md5(`account_id`) =\"" . mysql_res($GET_showuser) . "\"";
$sql->result = $sql->execute_query($query, 'showuser.php');
$sql->total_query++;
if ($sql->count_rows()) {
echo "\t\t\t<TABLE width=\"100%\" height=\"100%\" align=\"center\" border=\"0\" cellspacing=\"1\" cellpadding=\"10\">\n\t\t\t\t<TR>\n\t\t\t\t\t<TD>\n\t\t\t<TABLE width=\"80%\" height=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\" class=\"topic_title\">\n\t\t\t\t<TBODY>\n\t\t\t\t\t<TR align=\"center\" class=\"title_bar\" height=\"29\">\n\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t<a class=\"m_title\">Character in user: {$show_username}</a>\n\t\t\t\t\t\t</TD>\n\t\t\t\t\t</TR>\n\t\t\t\t\t<TR>\n\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"1\" align=\"center\">\n\t\t\t\t\t\t\t\t<TBODY>\n\t\t\t\t\t\t\t\t\t<TR align=\"center\" class=\"topic_title3\" style=\"font-weight: bold;\">\n\t\t\t\t\t\t\t\t\t\t<TD>No.</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>Name</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>Class</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>Base Level</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>Job Level</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>Status</TD>\n\t\t\t\t\t\t\t\t\t</TR>\n";
$n = 0;
while ($c_row = $sql->fetch_row()) {
$n++;
$jobid = "{$c_row['class']}";
if ($c_row[online]) {
$online = "<font class=\"status_on\">Online</font>";
} else {
$online = "<font class=\"status_off\">Offline</font>";
}
echo "\t\t\t\t\t\t\t\t\t<TR align=\"center\" class=\"topic_title4\">\n\t\t\t\t\t\t\t\t\t\t<TD>{$n}</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>{$c_row['name']}</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>{$jobname[$jobid]}</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>{$c_row['base_level']}</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>{$c_row['job_level']}</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>{$online}</TD>\n\t\t\t\t\t\t\t\t\t</TR>\n";
}
$start_topics_selected = $forum_perm[3];
echo "\t<TR align=\"center\" class=\"topic_title6\">\n\t\t<TD>{$grow['1']}</TD>\n\t\t<TD><input name=\"show_forum_" . $grow[0] . "\" type=\"checkbox\" value=\"1\"" . $show_forum_selected . "></TD>\n\t\t<TD><input name=\"read_topics_" . $grow[0] . "\" type=\"checkbox\" value=\"1\"" . $read_topics_selected . "></TD>\n\t\t<TD><input name=\"reply_topics_" . $grow[0] . "\" type=\"checkbox\" value=\"1\"" . $reply_topics_selected . "></TD>\n\t\t<TD><input name=\"start_topics_" . $grow[0] . "\" type=\"checkbox\" value=\"1\"" . $start_topics_selected . "></TD>\n\t</TR>\n";
}
echo "</TABLE>\n";
}
echo "<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\">\n\t<TR class=\"topic_title5\">\n\t\t<TD width=\"100%\" align=\"center\">\n\t\t\t<input type=\"submit\" name=\"Submit\" value=\"Create�this�forum\" class=\"textinput\">\n\t\t\t<input type=\"reset\" name=\"Reset\" value=\"Reset\" class=\"textinput\">\n\t\t</TD>\n\t</TR>\n</TABLE>\n\t\t</TD>\n\t</TR>\n\t</form>\n</TABLE>\n";
clmain_body();
} else {
if ($GET_code == "editcategory" && $GET_c) {
$category_name = get_categoryname($GET_c);
opmain_body("Edit Category");
echo "<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\">\n\t<TBODY>\n\t\t<form action=\"index.php?act=forum_manage&manage=editcategory\" method=\"post\" enctype=\"multipart/form-data\" name=\"Category_Form\" OnSubmit=\"return CheckCategory()\">\n\t\t<input type=\"hidden\" name=\"c\" value=\"{$GET_c}\">\n\t\t<TR class=\"topic_title5\">\n\t\t\t<TD height=\"27\" colspan=\"2\"><div class=\"title_face\">{$category_name}</div></TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title6\">\n\t\t\t<TD width=\"30%\"><div class=\"title_face4\"><B>Category Name</B></div></TD>\n\t\t\t<TD width=\"70%\"><input name=\"category_name\" type=\"text\" size=\"40\" maxlength=\"50\" class=\"textinput\" value=\"{$category_name}\"></TD>\n\t\t</TR>\n\t\t\t<TR class=\"topic_title5\">\n\t\t\t\t<TD width=\"100%\" colspan=\"2\" align=\"center\">\n\t\t\t\t\t<input type=\"submit\" name=\"Submit\" value=\"Edit�this�category\" class=\"textinput\">\n\t\t\t\t\t<input type=\"reset\" name=\"Reset\" value=\"Restore\" class=\"textinput\">\n\t\t\t\t</TD>\n\t\t</TR>\n\t</form>\n\t</TBODY>\n</TABLE>\n";
clmain_body();
} else {
if ($GET_code == "editforum" && $GET_f) {
$query = "SELECT forum_title, forum_description, forum_perm FROM {$CONFIG_sql_cpdbname}.forum WHERE forum_id=\"" . mysql_res($GET_f) . "\"";
$sql->result = $sql->execute_query($query, 'forum_manage.php');
$frow = $sql->fetch_row();
$forum_name = $frow[forum_title];
$forum_description = $frow[forum_description];
$query = "SELECT g_id, g_title FROM {$CONFIG_sql_cpdbname}.groups ORDER by g_id";
$sql->result = $sql->execute_query($query, 'forum_manage.php');
opmain_body("Edit Forum");
echo "<TABLE width=\"100%\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\">\n\t<form action=\"index.php?act=forum_manage&manage=editforum\" method=\"post\" enctype=\"multipart/form-data\" name=\"Forum_Form\" OnSubmit=\"return CheckForum()\">\n\t<input type=\"hidden\" name=\"f\" value=\"{$GET_f}\">\n\t<TR>\n\t\t<TD>\n<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\">\n\t<TBODY>\n\t\t<TR class=\"topic_title5\">\n\t\t\t<TD height=\"27\" colspan=\"2\"><div class=\"title_face\">{$forum_name}</div></TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title6\">\n\t\t\t<TD width=\"30%\"><div class=\"title_face4\"><B>Forum Name</B></div></TD>\n\t\t\t<TD width=\"70%\"><input name=\"forum_name\" type=\"text\" size=\"40\" maxlength=\"50\" class=\"textinput\" value=\"{$forum_name}\"></TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title6\">\n\t\t\t<TD><div class=\"title_face4\"><B>Forum Description</B></div></TD>\n\t\t\t<TD><input name=\"forum_description\" type=\"text\" size=\"40\" maxlength=\"100\" class=\"textinput\" value=\"{$forum_description}\"></TD>\n\t\t</TR>\n\t</TBODY>\n</TABLE>\n";
if ($sql->count_rows()) {
echo "<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\">\n\t<TR class=\"topic_title5\">\n\t\t<TD height=\"27\" colspan=\"5\"><div class=\"title_face\">Permission</div></TD>\n\t</TR>\n\t<TR align=\"center\" class=\"topic_title6\" style=\"font-weight: bold;\">\n\t\t<TD>Groups</TD>\n\t\t<TD>Show Forum</TD>\n\t\t<TD>Read Topics</TD>\n\t\t<TD>Reply Topics</TD>\n\t\t<TD>Start Topics</TD>\n\t</TR>\n";
while ($grow = $sql->fetch_row()) {
if (preg_match("#\\[g" . $grow[0] . "\\](.+?)\\[/g" . $grow[0] . "\\]#is", $frow[2])) {
preg_replace_callback("#\\[g" . $grow[0] . "\\](.+?)\\[/g" . $grow[0] . "\\]#is", 'get_forum_perm', $frow[2]);
if (strstr($forum_permission, ':show_perm:')) {
$show_forum_selected = " checked";
$jobid = $view_char_online[$i][3];
echo "\t\t<TR class=\"topic_title7\" align=\"center\">\n\t\t\t<TD>" . $view_char_online[$i][0] . "</TD>\n\t\t\t<TD>" . $view_char_online[$i][1] . "</TD>\n\t\t\t<TD>" . $view_char_online[$i][2] . "</TD>\n\t\t\t<TD>" . $jobname[$jobid] . "</TD>\n\t\t\t<TD>" . $view_char_online[$i][4] . "</TD>\n\t\t\t<TD>" . $view_char_online[$i][5] . "</TD>\n\t\t\t<TD>" . $view_char_online[$i][6] . "</TD>\n\t\t</TR>\n";
}
echo "\t</TBODY>\n</TABLE>\n";
clmain_body();
}
} else {
if ($GET_code == "view_inactiveid") {
if (!isset($GET_st)) {
$GET_st = 0;
}
$GET_st = (int) $GET_st;
$page = get_page($GET_st, $CONFIG_AM_per_page);
$sql->result = $sql->execute_query("SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object=\"activate_id\"", 'account_manage.php');
$total = $sql->result();
$query = "SELECT memory_value1,memory_value2 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object=\"activate_id\" ORDER by memory_value1 ASC LIMIT " . mysql_res($GET_st) . "," . mysql_res($CONFIG_AM_per_page) . "";
$sql->result = $sql->execute_query($query, 'account_manage.php');
$sql->total_query++;
echo "<TABLE width=\"95%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\">\n\t<TBODY>\n\t\t<TR>\n\t\t\t<TD align=\"right\">\n";
get_selectpage($total, $CONFIG_AM_per_page, $page, "index.php?act=account_manage&code=view_inactiveid");
echo "\t\t\t</TD>\n\t\t</TR>\n\t</TBODY>\n</TABLE>\n<BR>\n";
opmain_body("Inactive Account");
if ($sql->count_rows()) {
echo "<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\" class=\"emptytable3\">\n\t<TBODY>\n\t\t<TR height=\"27\" class=\"title_bar2\" align=\"center\">\n\t\t\t<TD width=\"5%\"><div class=\"title_face\">No.</div></TD>\n\t\t\t<TD width=\"25%\"><div class=\"title_face\">User ID</div></TD>\n\t\t\t<TD width=\"20%\"><div class=\"title_face\">Registed date</div></TD>\n\t\t\t<TD width=\"50%\"></TD>\n\t\t</TR>\n";
$i = 0;
while ($row = $sql->fetch_row()) {
$i++;
$query = "SELECT user_joined FROM {$CONFIG_sql_cpdbname}.user_profile WHERE user_id=\"{$row['memory_value2']}\"";
$sql->result2 = $sql->execute_query($query, 'account_manage.php');
$urow = $sql->fetch_row($sql->result2);
$user_joined = get_date("j-M y", $urow[user_joined]);
exit;
}
if (checkprivilege_action($CP[login_id], g_edit_mes_control)) {
if ($GET_code == 00 || $GET_code == 01) {
if ($GET_code == 00) {
$mes_title = "Ro Message";
$form_code = "02";
$memory_object = "ro_message";
} else {
if ($GET_code == 01) {
$mes_title = "Server Information";
$form_code = "03";
$memory_object = "server_info";
}
}
$query = "SELECT memory_value3 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object=\"" . mysql_res($memory_object) . "\"";
$sql->result = $sql->execute_query($query, 'mescontrol.php');
$sql->total_query++;
$row = $sql->fetch_row();
$message = my_br2nl($row[memory_value3]);
$message_preview = $row[memory_value3] ? replace_text($row[memory_value3]) : "--------------------";
opmain_body("{$mes_title}");
echo "<form action=\"index.php?act=mesctrl&code={$form_code}\" method=\"post\" enctype=\"multipart/form-data\" name=\"t_post_form\" id=\"t_post_form\" OnSubmit=\"document.t_post_form.Submit.disabled=true; return true;\">\n<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\" class=\"emptytable\">\n\t<TBODY>\n\t\t<TR class=\"topic_title5\">\n\t\t\t<TD width=\"100%\" colspan=\"2\">\n\t\t\t\t<div class=\"title_face3\"><B>Code Buttons</B></div>\n\t\t\t</TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title6\">\n\t\t\t<TD width=\"30%\"> </TD>\n\t\t\t<TD width=\"70%\">\n";
get_bbcode('t_post_form');
echo "\t\t\t</TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title5\">\n\t\t\t<TD colspan=\"2\">\n\t\t\t\t<div class=\"title_face3\"><B>Enter {$mes_title}</B></div>\n\t\t\t</TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title6\">\n\t\t\t<TD vAlign=\"top\">\n";
emotions_select('t_post_form');
echo "\t\t\t</TD>\n\t\t\t<TD vAlign=\"top\">\n\t\t\t\t<textarea style=\"width:100%\" name=\"t_mes\" cols=\"60\" rows=\"15\" class=\"textinput\">{$message}</textarea>\n\t\t\t</TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title5\">\n\t\t\t<TD align=\"center\">\n\t\t\t\t<select name=\"change_edit\" onChange=\"if(document.t_post_form.change_edit.value==-1){return false;}else{var A1=document.t_post_form.change_edit.value; document.location.replace(''+A1+'');}\" class=\"selectmenu\">\n\t\t\t\t\t<option value=\"-1\" selected>���� --�Select Action�--����</option>\n";
$selected = "value=\"-1\" class=\"slbackground\"";
$ADD_OPTION1 = $GET_code == 00 ? $selected : "value=\"index.php?act=mesctrl&code=00\"";
$ADD_OPTION2 = $GET_code == 01 ? $selected : "value=\"index.php?act=mesctrl&code=01\"";
echo "\t\t\t\t\t<option " . $ADD_OPTION1 . ">- Edit Ro Message</option>\n\t\t\t\t\t<option " . $ADD_OPTION2 . ">- Edit Server Information</option>\n\t\t\t\t</select>\n\t\t\t</TD>\n\t\t\t<TD>\n\t\t\t\t<input type=\"submit\" name=\"Submit\" value=\"Submit\" class=\"textinput\">\n\t\t\t\t<input type=\"reset\" name=\"Reset\" value=\"Restore\" class=\"textinput\">\n\t\t\t</TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title6\" height=\"100%\">\n\t\t\t<TD class=\"title_face4\" vAlign=\"top\" colspan=\"2\">\n\t\t\t\t<div class=\"poststyle\">{$message_preview}</div>\n\t\t\t</TD>\n\t\t</TR>\n\t</TBODY>\n</TABLE>\n</form>\n<script type='text/javascript'>\n\tvar max_width = " . $CONFIG_max_img_width . ";\n\tvar max_height = " . $CONFIG_max_img_height . ";\n\tvar total_img_resize = " . $CP[images_num] . ";\n\twindow.onload=resize_img;\n</script>\n";
if ($GET_code == 06) {
$row = $sql->fetch_row();
$last_ip = $row[last_ip];
$query = "SELECT memory_value2 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object =\"ip_blacklist\" AND memory_value1=\"" . mysql_res($last_ip) . "\"";
$sql->result = $sql->execute_query($query, 'searching_id.php');
$blacklist_row = $sql->fetch_row();
if ($sql->count_rows()) {
if ($blacklist_row[memory_value2] == 'block') {
$state = 'unblock';
} else {
$state = 'block';
}
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.memory SET memory_value2=\"" . mysql_res($state) . "\" WHERE memory_object=\"ip_blacklist\" AND memory_value1=\"" . mysql_res($last_ip) . "\"", 'searching_id.php');
} else {
$blacklist_code = md5(uniqid(microtime()));
$sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.memory (memory_object,memory_value1,memory_value2,memory_value3) values (\"ip_blacklist\",\"" . mysql_res($last_ip) . "\",\"block\",\"" . mysql_res($blacklist_code) . "\")", 'searching_id.php');
}
header_location("index.php?act=searching_id&account_id={$GET_account_id}");
} else {
redir("index.php?act=idx", "{$lang['Error']}", 3);
}
}
}
}
}
}
}
} else {
redir("index.php?act=idx", "{$lang['Error']}", 3);
}
} else {
$forum_name = get_forumname($POST_f);
$topic_name = get_topicname($POST_t);
opmain_body("Move Topic " . $forum_name . " > " . $topic_name . "");
echo "<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\">\n\t<form action=\"index.php?act=mod\" method=\"post\" enctype=\"multipart/form-data\" name=\"Move_Topic_Form\">\n\t<input type=\"hidden\" name=\"code\" value=\"08\">\n\t<input type=\"hidden\" name=\"f\" value=\"{$POST_f}\">\n\t<input type=\"hidden\" name=\"t\" value=\"{$POST_t}\">\n\t<TR class=\"topic_title5\">\n\t\t<TD colspan=\"2\" height=\"27\">\n\t\t\t<div class=\"title_face\">Please select the destination forum and method of moving</div>\n\t\t</TD>\n\t</TR>\n\t<TR class=\"topic_title6\">\n\t\t<TD width=\"30%\">\n\t\t\t<div class=\"title_face4\"><b>Move this topic from New Forum to</b></div>\n\t\t</TD>\n\t\t<TD width=\"70%\">\n\t\t\t<select name=\"select_forum\" class=\"selectmenu\">\n";
$query = "SELECT memory_value1,memory_value3 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object =\"forum_category\" ORDER by memory_value2 ASC";
$sql->result = $sql->execute_query($query, 'forum_manage.php');
$sql->total_query++;
if ($sql->count_rows()) {
while ($row = $sql->fetch_row()) {
$query = "SELECT forum_id,forum_title FROM {$CONFIG_sql_cpdbname}.forum WHERE category_id=\"" . $row[memory_value1] . "\" ORDER by forum_id ASC";
$sql->result2 = $sql->execute_query($query, 'forum_manage.php');
echo "\t\t\t\t<optgroup label=\"{$row['memory_value3']}\"></optgroup>\n";
if ($sql->count_rows($sql->result2)) {
while ($row2 = $sql->fetch_row($sql->result2)) {
echo "\t\t\t\t<option value=\"{$row2['forum_id']}\"> |-- {$row2['forum_title']}</option>\n";
}
}
}
}
echo "\t\t\t</select>\n\t\t</TD>\n\t</TR>\n\t<TR class=\"topic_title5\" align=\"center\">\n\t\t<TD colspan=\"2\">\n\t\t\t<input type=\"submit\" name=\"Submit\" value=\"Move�this�topic\" class=\"textinput\">\n\t\t</TD>\n\t</TR>\n\t</form>\n</TABLE>\n";
clmain_body();
}
if ($POST_code == '08' && checkprivilege_action($CP[login_id], g_move_topics) && check_category($POST_f) && check_category($POST_select_forum) && $POST_t) {
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.board_reply SET forum_id=\"" . mysql_res($POST_select_forum) . "\" WHERE topic_id =\"" . mysql_res($POST_t) . "\" AND forum_id = \"" . mysql_res($POST_f) . "\" ", 'moderate.php');
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.board_topic SET forum_id=\"" . mysql_res($POST_select_forum) . "\" WHERE topic_id =\"" . mysql_res($POST_t) . "\" AND forum_id = \"" . mysql_res($POST_f) . "\" ", 'moderate.php');
header_location("index.php?showtopic={$POST_t}");
}
}
} else {
redir("index.php?act=idx", "{$lang['No_privilege']}", 3);
}
$display = "CP can not delete this group";
}
redir("index.php?act=privilege&code=03", $display, 3);
} else {
$display = "{$lang['No_privilege']}";
redir("index.php?act=privilege", $display, 3);
}
} else {
if ($GET_code == 04 && $POST_g_1) {
if (checkprivilege_action($CP[login_id], g_add_privilege)) {
$POST_g_1 = checkstring($POST_g_1, 1);
$POST_g_2 = truestr($POST_g_2);
$POST_g_3 = truestr($POST_g_3);
for ($i = 2; $i <= MAX_GROUP_PRIVILEGE; $i++) {
$g_name = "POST_g_" . $i . "";
${$g_name} = mysql_res(${$g_name});
}
$sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.groups VALUES ('',\n\t\"{$POST_g_1}\",\n\t\"{$POST_g_2}\",\n\t\"{$POST_g_3}\",\n\t\"{$POST_g_4}\",\n\t\"{$POST_g_5}\",\n\t\"{$POST_g_6}\",\n\t\"{$POST_g_7}\",\n\t\"{$POST_g_8}\",\n\t\"{$POST_g_9}\",\n\t\"{$POST_g_10}\",\n\t\"{$POST_g_11}\",\n\t\"{$POST_g_12}\",\n\t\"{$POST_g_13}\",\n\t\"{$POST_g_14}\",\n\t\"{$POST_g_15}\",\n\t\"{$POST_g_16}\",\n\t\"{$POST_g_17}\",\n\t\"{$POST_g_18}\",\n\t\"{$POST_g_19}\",\n\t\"{$POST_g_20}\",\n\t\"{$POST_g_21}\",\n\t\"{$POST_g_22}\",\n\t\"{$POST_g_23}\",\n\t\"{$POST_g_24}\",\n\t\"{$POST_g_25}\",\n\t\"{$POST_g_26}\",\n\t\"{$POST_g_27}\",\n\t\"{$POST_g_28}\",\n\t\"{$POST_g_29}\",\n\t\"{$POST_g_30}\",\n\t\"{$POST_g_31}\",\n\t\"{$POST_g_32}\",\n\t\"{$POST_g_33}\",\n\t\"{$POST_g_34}\",\n\t\"{$POST_g_35}\",\n\t\"{$POST_g_36}\",\n\t\"{$POST_g_37}\",\n\t\"{$POST_g_38}\")", 'privilege_action.php');
$sql->total_query++;
$display = "{$lang['Success_addprivilege']}";
redir("index.php?act=privilege&code=03", $display, 3);
} else {
$display = "{$lang['No_privilege']}";
redir("index.php?act=privilege", $display, 3);
}
} else {
redir("index.php?act=privilege", "{$lang['Error']}", 3);
}
}
}
}
$sql->total_query++;
$row = $sql->fetch_row();
opmain_body("" . $row['name'] . " Guild");
echo "\n<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"1\" align=\"center\">\n\t<TBODY>\n\t\t<TR align=\"center\" class=\"topic_title3\" style=\"font-weight: bold;\">\n\t\t\t<TD>No.</TD>\n\t\t\t<TD>Name</TD>\n\t\t\t<TD>Class</TD>\n\t\t\t<TD>Level</TD>\n\t\t\t<TD>EXP Donated</TD>\n\t\t\t<TD>Position</TD>\n\t\t</TR>\n";
if ($sql->count_rows()) {
$query = "SELECT account_id,name,class,lv,exp,position FROM {$CONFIG_sql_dbname}.guild_member WHERE guild_id=\"" . mysql_res($GET_guild_id) . "\" ORDER BY position ASC";
$sql->result = $sql->execute_query($query, 'guildinfo.php');
$sql->total_query++;
$IS_SEARCHING_ID = checkprivilege_action($CP[login_id], g_searching_id) ? 1 : 0;
$countstanding = 0;
$i = 0;
while ($grow = $sql->fetch_row()) {
$i++;
$countstanding = 1;
$jobid = $grow['class'];
$query = "SELECT name FROM {$CONFIG_sql_dbname}.guild_position WHERE guild_id=\"" . mysql_res($GET_guild_id) . "\" and position=\"" . $grow['position'] . "\"";
$sql->result2 = $sql->execute_query($query, 'guildinfo.php');
$prow = $sql->fetch_row($sql->result2);
$name = $IS_SEARCHING_ID ? "<a href=\"index.php?act=searching_id&account_id={$grow['account_id']}\">" . htmlspecialchars($grow['name']) . "</a>" : "" . htmlspecialchars($grow['name']) . "";
echo "\n\t\t<TR align=\"center\" class=\"topic_title4\">\n\t\t\t<TD>{$i}</TD>\n\t\t\t<TD>{$name}</TD>\n\t\t\t<TD>{$jobname[$jobid]}</TD>\n\t\t\t<TD>{$grow['lv']}</TD>\n\t\t\t<TD>{$grow['exp']}</TD>\n\t\t\t<TD>" . htmlspecialchars($prow['name']) . "</TD>\n\t\t</TR>\n";
}
if (isset($emblems)) {
session_register(emblems);
$_SESSION['emblems'] = $emblems;
}
} else {
$countstanding = 1;
echo "\n\t\t<TR align=\"center\" class=\"topic_title4\">\n\t\t\t<TD colspan=\"6\">\n\t\t\t\tNo guilds in database!\n\t\t\t</TD>\n\t\t</TR>\n";
}
if (!$countstanding) {
echo "\n\t\t<TR align=\"center\" class=\"topic_title4\">\n\t\t\t<TD colspan=\"6\">\n\t\t\t\tNo guilds in database!\n\t\t\t</TD>\n\t\t</TR>\n";
} else {
$search_name_1 = "";
}
if ($GET_map) {
$search_map = " AND last_map LIKE \"%" . mysql_res($GET_map) . "%\"";
} else {
$search_map = "";
}
if (!isset($GET_st)) {
$GET_st = 0;
}
$GET_st = (int) $GET_st;
$page = get_page($GET_st, $GET_rows);
$sql->result = $sql->execute_query("SELECT COUNT(*) FROM {$CONFIG_sql_dbname}.char " . $job . " " . $online . " " . $showid . " " . $search_name_1 . "" . $search_map . "", 'player_rank.php');
$total = $sql->result();
$query = "SELECT account_id,name,class,base_level,job_level,max_hp,max_sp,last_map,online\n\tFROM {$CONFIG_sql_dbname}.char\n\t" . $job . " " . $online . " " . $showid . " " . $search_name_1 . "" . $search_map . "\n\tORDER by " . mysql_res($GET_ptype) . " " . mysql_res($GET_key) . " LIMIT " . mysql_res($GET_st) . "," . mysql_res($GET_rows) . "";
$sql->result = $sql->execute_query($query, 'player_rank.php');
$sql->total_query++;
echo "<BR>\n<TABLE width=\"95%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\">\n\t<TBODY>\n\t\t<TR>\n\t\t\t<TD align=\"right\">\n";
get_selectpage($total, $GET_rows, $page, "index.php?act=p_rank&charname={$charname}&ctype={$GET_ctype}&job={$GET_job}&ptype={$GET_ptype}&map={$GET_map}&key={$GET_key}&status={$GET_status}&rows={$GET_rows}");
echo "\t\t\t</TD>\n\t\t</TR>\n\t</TBODY>\n</TABLE>\n<BR>\n";
opmain_body("Player(s) Ranking");
echo "<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"1\" align=\"center\">\n\t<TBODY>\n\t\t<TR align=\"center\" class=\"topic_title3\" style=\"font-weight: bold;\">\n\t\t\t<TD>No.</TD>\n\t\t\t<TD>Name</TD>\n\t\t\t<TD>Class</TD>\n\t\t\t<TD>Base Level</TD>\n\t\t\t<TD>Job Level</TD>\n\t\t\t<TD>Max HP</TD>\n\t\t\t<TD>Max SP</TD>\n\t\t\t<TD>Last Map</TD>\n\t\t\t<TD>Status</TD>\n\t\t</TR>\n";
if ($sql->count_rows()) {
$IS_SEARCHING_ID = checkprivilege_action($CP[login_id], g_searching_id) ? 1 : 0;
$n = ($page - 1) * $GET_rows;
while ($row = $sql->fetch_row()) {
$n++;
if ($row[online]) {
$online = "<font class=\"status_on\">Online</font>";
} else {
