function validateCreation($formData)
{
$clanName = mysql_real_escape_string($formData['clan_name']);
$clanPass = mysql_real_escape_string($formData['clan_password']);
$confirmPass = mysql_real_escape_string($formData['confirm_clan_password']);
$requiredMoney = 100000;
$userID = (int) $formData['user_id'];
$query = mysql_query("SELECT * FROM clan_admin WHERE admin_uid='{$userID}'");
$rows = mysql_num_rows($query);
if (!$rows) {
if (!empty($clanName) && !empty($clanPass) && !empty($confirmPass)) {
if ($clanPass === $confirmPass) {
$hashedPass = md5($clanPass);
$userStats = getUserStats($userID);
$totalExp = $userStats['total_exp'];
$userName = $userStats['username'];
$totalMoney = $userStats['money'];
$battlesWon = $userStats['battles_won'];
$battlesLost = $userStats['battles_lost'];
$success = array();
if ($totalMoney < $requiredMoney) {
$query = mysql_query("INSERT INTO clans SET clan_name='{$clanName}', leader_id='{$userID}', clan_leader='{$userName}', total_money='{$totalMoney}', total_exp='{$totalExp}', total_members='1'");
if ($query) {
$success[] = true;
$query = mysql_query("SELECT * FROM clans WHERE clan_name='{$clanName}'");
$clans = mysql_fetch_assoc($query);
$clanID = $clans['id'];
$clanNameAdmin = strtolower($clanName);
$query = mysql_query("INSERT INTO clan_admin SET clan_id='{$clanID}', clan_name='{$clanNameAdmin}', clan_password='******', admin_uid='{$userID}'");
if ($query) {
$success[] = true;
$query = mysql_query("INSERT INTO clan_members SET clan_id='{$clanID}', members_id='{$userID}', clan_name='{$clanName}', members_name='{$userName}', members_money='{$totalMoney}', members_exp='{$totalExp}', clan_access='2'");
if ($query) {
echo "Clan successfully created!<br />";
return true;
} else {
$success[] = false;
}
} else {
$success[] = false;
}
} else {
$success[] = false;
}
} else {
echo "Sorry, you must have atleast \$" . number_format($requiredMoney) . " to create a clan.<br />";
}
} else {
echo "Your passwords did not match.<br />";
}
} else {
echo "Please fill out the entire form to create a clan.<br />";
}
} else {
echo "Sorry, You can only create one clan.<br />";
}
}
if ($code == $_SESSION['groupcode']) {
if ($userid == $_SESSION['userid']) {
setError('Gruppe des eigenen Benutzers kann nicht geändert werden!');
} else {
if (setUserGroup($userid, $group)) {
setInfo("Gruppe erfolgreich zugewiesen!");
} else {
setError("Die Gruppe konnte nicht zugewiesen werden!");
}
}
header("location: {$SETTINGS['url']}/user/{$userid}");
exit;
}
}
$userinfo = getUserInfo($userid);
$userstats = getUserStats($userid);
$username = htmlspecialchars($userinfo->username, 0, 'UTF-8');
$lastname = htmlspecialchars($userinfo->lastname, 0, 'UTF-8');
$group = getRoleName($userinfo->group);
$correct = $userinfo->correct;
$wrong = $userinfo->wrong;
$total = $correct + $wrong;
$ratio = $total == 0 ? 0 : round($correct * 100 / $total, 2);
$created = $userstats->add;
$modified = $userstats->mod;
$deleted = $userstats->del;
$selectedguest = $userinfo->group == 'guest' ? ' selected="selected"' : '';
$selecteduser = $userinfo->group == 'user' ? ' selected="selected"' : '';
$selectedadmin = $userinfo->group == 'admin' ? ' selected="selected"' : '';
$deletecode = sha1(rand());
$_SESSION['deletecode'] = $deletecode;
<?php
# Include files required for the site to work properly.
require_once "config.php";
require_once "functions.php";
# Set a flag to keep track of whether login was successful, this
# allows for the display of an appopriate message later.
$leaveSuccess = false;
# Retrieve the account username.
$username = $_POST['username'];
# Get the rank of the account associated with the username.
$rank = getUserStats($username, $connection);
$rank = $rank[0];
# To deactive that user account, the rank is made a negative number.
# Find the lowest negative rank to determine what to set the user's
# rank to.
$getMinRank = mysqli_query($connection, "SELECT MIN(rank) FROM player");
$minRank = mysqli_fetch_array($getMinRank);
$minRank = $minRank[0];
if ($minRank > 0) {
$minRank = 0;
}
# Update the deactivated account's rank to be the lowest rank in the
# database.
$newRank = $minRank - 1;
$leaveSuccess = mysqli_query($connection, "UPDATE player SET rank = '{$newRank}' WHERE username = '******'") or die(mysqli_error($connection));
# If the deactivation was successful, get and update the rank of
# every player ranked behind the deactivated account.
if ($leaveSuccess) {
# Remove all challenges involving the player who left.
$removeChallenges = mysqli_query($connection, "DELETE FROM challenge WHERE \n challenger = '{$username}' OR\n challengee = '{$username}'");
<?php
# Only show the challenge form if the user is logged into a valid account.
if ($validUser) {
# Only display the page if a player has been selected.
if (isset($_POST['player'])) {
# Retrieve the submitted player
$player = $_POST['player'];
# Get information for the player
$playerName = getName($player, $connection);
# Get the statistics for the requested player.
$playerStats = getUserStats($player, $connection);
$playerRank = $playerStats[0];
$playerWins = $playerStats[1];
$playerLosses = $playerStats[2];
$playerAvg = $playerStats[3];
?>
<div class="widget">
<div class="widgetTitle">
<img src="includes/images/graphics/body/titleBand.png" class="goldband" />
<h2>Statistics For <?php
echo $playerName;
?>
</h2>
</div>
<div class="widgetContent">
<table>
<tr>
