function trymove($name, $login, $zone)
{
global $language, $charmovezones;
if (!$login || !$zone || !$name) {
return $login . " / " . $name . " / " . $zone . " - one or more fields was left blank";
}
if (!preg_match("/^[a-zA-Z]*\\z/", $name)) {
return $login . " / " . $name . " / " . $zone . " - character name contains illegal characters";
}
//if (!preg_match("/^[a-zA-Z]*\z/", $login)) return $login." / ".$name." / ".$zone." - login contains illegal characters";
if (!preg_match("/^[a-zA-Z]*\\z/", $zone)) {
return $login . " / " . $name . " / " . $zone . " - zone contains illegal characters";
}
if (!$charmovezones[$zone]) {
return $login . " / " . $name . " / " . $zone . " - zone is not a legal selection";
}
//get zone id, and verify shortname from db
$template = "SELECT `long_name`, `short_name`, `zoneidnumber` FROM `zone` " . "WHERE LCASE(`short_name`)='%s' " . "LIMIT 1";
$query = sprintf($template, mysql_real_escape_string(strtolower($zone)));
if (defined('DB_PERFORMANCE')) {
dbp_query_stat('query', $query);
}
//added 9/28/2014
$result = mysql_query($query);
if (!mysql_num_rows($result)) {
return $login . " / " . $name . " / " . $zone . " - zone database error";
}
$row = mysql_fetch_array($result);
$zonesn = $row['short_name'];
$zoneln = $row['long_name'];
$zoneid = $row['zoneidnumber'];
//verify acct info is correct
//updated character table name 9/26/2014
$template = "SELECT `character_data`.`id` FROM `character_data` " . "JOIN `account` " . " ON `account`.`id` = `character_data`.`account_id` " . "WHERE LCASE(`account`.`name`)='%s' " . " AND LCASE(`character_data`.`name`)='%s' " . "LIMIT 1";
$query = sprintf($template, mysql_real_escape_string(strtolower($login)), mysql_real_escape_string(strtolower($name)));
if (defined('DB_PERFORMANCE')) {
dbp_query_stat('query', $query);
}
//added 9/28/2014
$result = mysql_query($query);
if (!mysql_num_rows($result)) {
sleep(2);
return $login . " / " . $name . " / " . $zone . " - Login or character name was not correct";
}
$row = mysql_fetch_array($result);
$charid = $row['id'];
//move em
// updated character table name, zone id column name, and removed zonename 9/26/2014
$template = "UPDATE `character_data` " . "SET `zone_id` = '%s' " . " ,`x` = '%s' " . " ,`y` = '%s' " . " ,`z` = '%s' " . "WHERE `id`='%s' ";
$query = sprintf($template, mysql_real_escape_string($zoneid), mysql_real_escape_string($charmovezones[$zone]['x']), mysql_real_escape_string($charmovezones[$zone]['y']), mysql_real_escape_string($charmovezones[$zone]['z']), mysql_real_escape_string($charid));
if (defined('DB_PERFORMANCE')) {
dbp_query_stat('query', $query);
}
//added 9/28/2014
$result = mysql_query($query);
return $login . " / " . $name . " - moved to " . $zoneln;
}
/** Runs '$query' and returns the value of '$field' of the first (arbitrarily) found row
* If no row is selected by '$query', returns an emty string
*/
function GetFieldByQuery($field, $query)
{
if (defined('DB_PERFORMANCE')) {
dbp_query_stat('query', $query);
}
//added 9/28/2014
$QueryResult = mysql_query($query) or mymessage_die('mysql.php', 'GetFiedByQuery', $query, mysql_error());
if (mysql_num_rows($QueryResult) > 0) {
$rows = mysql_fetch_array($QueryResult) or message_die('mysql.php', 'GetFiedByQuery', "MYSQL_FETCH_ARRAY", mysql_error());
$Result = $rows[$field];
} else {
$Result = "";
}
return $Result;
}
$charName = $_GET['char'];
}
//character initializations - rewritten 9/28/2014
$char = new profile($charName);
//the profile class will sanitize the character name
$charID = $char->char_id();
$name = $char->GetValue('name');
$mypermission = GetPermissions($char->GetValue('gm'), $char->GetValue('anon'), $char->char_id());
//block view if user level doesnt have permission
if ($mypermission['corpses']) {
message_die($language['MESSAGE_ERROR'], $language['MESSAGE_ITEM_NO_VIEW']);
}
// pull the characters corpses from the DB
$query = "SELECT zone.short_name, zone.zoneidnumber, character_corpses.isburried, character_corpses.x, character_corpses.y, character_corpses.rezzed, character_corpses.timeofdeath FROM zone, character_corpses WHERE character_corpses.charid = " . $charID . " AND zone.zoneidnumber = character_corpses.zoneid ORDER BY character_corpses.timeofdeath DESC;";
if (defined('DB_PERFORMANCE')) {
dbp_query_stat('query', $query);
}
//added 9/28/2014
$results = mysql_query($query);
if (!mysql_num_rows($results)) {
message_die($language['CORPSE_CORPSES'] . " - " . $name, $language['MESSAGE_NO_CORPSES']);
}
//drop page
$d_title = " - " . $name . $language['PAGE_TITLES_CORPSE'];
include "include/header.php";
//build body template
$template->set_filenames(array('corpse' => 'corpse_body.tpl'));
$template->assign_vars(array('NAME' => $name, 'L_REZZED' => $language['CORPSE_REZZED'], 'L_TOD' => $language['CORPSE_TOD'], 'L_LOC' => $language['CORPSE_LOC'], 'L_MAP' => $language['CORPSE_MAP'], 'L_CORPSES' => $language['CORPSE_CORPSES'], 'L_AAS' => $language['BUTTON_AAS'], 'L_KEYS' => $language['BUTTON_KEYS'], 'L_FLAGS' => $language['BUTTON_FLAGS'], 'L_SKILLS' => $language['BUTTON_SKILLS'], 'L_CORPSE' => $language['BUTTON_CORPSE'], 'L_FACTION' => $language['BUTTON_FACTION'], 'L_BOOKMARK' => $language['BUTTON_BOOKMARK'], 'L_INVENTORY' => $language['BUTTON_INVENTORY'], 'L_CHARMOVE' => $language['BUTTON_CHARMOVE'], 'L_DONE' => $language['BUTTON_DONE']));
//dump corpses
while ($row = mysql_fetch_array($results)) {
$template->assign_block_vars("corpses", array('REZZED' => !$row['rezzed'] ? "0" : "1", 'TOD' => $row['timeofdeath'], 'LOC' => $row['isburried'] ? "(burried)" : "(" . floor($row['y']) . ", " . floor($row['x']) . ")", 'ZONE' => $row['isburried'] ? "shadowrest" : $row['short_name'], 'ZONE_ID' => $row["zoneidnumber"], 'X' => floor($row['y']), 'Y' => floor($row['x'])));
function GetPermissions($gm, $anonlevel, $char_id)
{
global $permissions;
$query = "SELECT value FROM quest_globals WHERE charid = {$char_id} and name = 'charbrowser_profile';";
if (defined('DB_PERFORMANCE')) {
dbp_query_stat('query', $query);
}
//added 9/28/2014
$results = mysql_query($query);
if (mysql_num_rows($results)) {
$row = mysql_fetch_array($results);
if ($row['value'] == 1) {
return $permissions['PUBLIC'];
}
if ($row['value'] == 2) {
return $permissions['PRIVATE'];
}
}
if ($gm) {
return $permissions['GM'];
}
if ($anonlevel == 2) {
return $permissions['ROLEPLAY'];
}
if ($anonlevel == 1) {
return $permissions['ANON'];
}
return $permissions['ALL'];
}
private function _doCharacterQuery($table_name)
{
//build the query
$template = "SELECT * FROM `%s` WHERE `id` = '%d'";
$query = sprintf($template, $table_name, $this->char_id);
//gather database stats
if (defined('DB_PERFORMANCE')) {
dbp_query_stat('query', $query);
}
//get the results/error
$results = mysql_query($query) or message_die('profile.php', $query, mysql_error());
//serve em up
return $results;
}
