function section_leaveteam()
{
require_once 'lib/common.php';
$id = addslashes($_GET['id']);
$link = $_GET['link'];
$answer = $_GET['answer'];
$s_playerid = $_SESSION['playerid'];
// Dont let admirarch leave a team. SC request
// if( $s_playerid == 2074 ) {
// errorpage("No can do");
// return;
// }
$obj = mysql_fetch_object(sqlQuery("select name, leader from l_team where id={$id}"));
echo '<BR>';
if ($answer == "") {
if ($s_playerid == $obj->leader) {
// Prevent leaders from leaving their own team
echo "<center>You can't abandon the magnificient {$obj->name} team, because you are its leader.<BR>\n Please go to your <a href=\"index.php?link=teamadmin&id=" . $id . "&" . SID . "\"><b>team page</b></a>\n and assign another leader first!</center>";
} else {
echo '<center>You are about to abandon the magnificient <a href="index.php?link=teaminfo&id=' . $id . '&' . SID . '">' . $obj->name . '</a> team, its members will miss you...<br>';
echo "Please, please, stay in the team!<br>";
echo "Are you really sure you want to abandon this team ?<br><br>";
echo '<TABLE border=0><TR><TD>' . htmlURLbutton('ABANDON', $link, "id={$id}&answer=yes") . '</td><TD> </td><TD>' . htmlURLbutton('CANCEL', $link, "id={$id}&answer=no", CLRBUT) . '</td></tr></table>';
}
} else {
if ($answer == "yes") {
// Remove this player from the team
mysql_query("update l_player set team=0 where id=" . $s_playerid);
// Open the team, because it needs at least one more player,
// but only if it is not administratively closed, or if num players<3
$pl = mysql_fetch_object(mysql_query("select count(*) num from l_player where team=" . $id));
if ($pl->num < 3) {
mysql_query("update l_team set status='opened' where id=" . $id);
} else {
mysql_query("update l_team set status='opened' where adminclosed='no' and id=" . $id);
}
echo "<center>That's it, you are no longer a member of the <a href=\"index.php?link=teaminfo&id=" . $id . "&" . SID . "\">" . $obj->name . "</a> team.<br>\n A message has just been sent to the team leader</center>";
session_refresh();
// Send a message to the team leader
sendBzMail(0, $obj->leader, $_SESSION['callsign'] . ' has left your team!', 'A player just left your team: "' . $_SESSION['callsign'] . '"');
} else {
// Say thank you
echo '<BR><center>The <a href="index.php?link=teaminfo&id=' . $id . '&' . SID . '">' . $obj->name . '</a> team members thank you for being so brave, and continuing the fight!</center>';
}
}
}
function section_contact()
{
$obj = mysql_fetch_object(mysql_query("select text from bzl_siteconfig where name='contact'"));
echo nl2br($obj->text);
echo '<p><TABLE cellspacing=0 align=center><TR><TD colspan=3>
<HR>Matches can be reported to any of the following:<BR><BR></td></tr>';
$roles = getRolesWithPermission('show');
$res = sqlQuery("SELECT p.id, p.callsign, r.name as level from l_player p, bzl_roles r \n WHERE r.id = p.role_id AND r.id IN (" . join(',', $roles) . ") ORDER BY level");
while ($row = mysql_fetch_object($res)) {
if (++$line % 2) {
$cl = "rowEven";
} else {
$cl = "rowOdd";
}
echo "<tr class=\"{$cl}\"><td width=40% align=right>" . htmlLink($row->callsign, 'playerinfo', "id={$row->id}") . '</td><td width=10></td><td align=left>';
if (isAuthenticated()) {
echo htmlURLbutton('BZmail', 'sendmessage', "pid={$row->id}");
}
echo '</td></tr>';
}
echo '</table>';
}
function section_banplayer()
{
require_once 'lib/common.php';
$playerid = $_GET['playerid'];
$teamid = $_GET['teamid'];
$f_okban_x = $_GET['f_okban_x'];
$f_ok_x = $_GET['f_ok_x'];
$callsign = $_GET['callsign'];
$name = $_GET['name'];
$link = $_GET['link'];
$player = mysql_fetch_object(mysql_query("select callsign from l_player where id=" . $playerid));
$team = mysql_fetch_object(mysql_query("select name from l_team where id=" . $teamid));
// FIXME: Ok, for now I ignore that players with teampassword can ban other
// players. This is just a quick fix, before there was NO checks WHATSOEVER
// if the operation was allowed
// Check permission
$allowed = 0;
$obj = mysql_fetch_object(mysql_query("select name, comment, leader, logo, password, status, adminclosed from l_team where id=" . $teamid));
$res = mysql_fetch_object(mysql_query("select count(*) num from l_player where team=" . $teamid));
$numplayer = $res->num;
if (isFuncAllowed('teamadmin::edit_any_team') || $_SESSION['playerid'] == $obj->leader) {
// Admin or team leader, allowed
$allowed = 1;
} else {
// FIXME: This wont work, as the link does not contain the teampassword.
/*
// Check password
$cypher = substr (crypt($f_password, substr($obj->password, 0, 2)), 0, 13);
if($cypher == $obj->password) {
// Good password, allowed
$allowed = 1;
}
*/
errorPage("Permission denied.");
return;
}
if ($f_okban_x) {
// Ban confirmed
// Open team is not administratively closed, or if num players<3
$pl = mysql_fetch_object(mysql_query("select count(*) num from l_player where team=" . $teamid));
if ($pl->num == 3) {
mysql_query("update l_team set status='opened' where id=" . $teamid);
} else {
mysql_query("update l_team set status='opened' where adminclosed='no' and id=" . $teamid);
}
mysql_query("update l_player set team=0 where id=" . $playerid);
echo '<center>Well <a href="index.php?link=playerinfo&id=' . $_SESSION['playerid'] . '">' . $_SESSION['callsign'] . '</a>,
<a href="index.php?link=playerinfo&id=' . $playerid . '">' . $callsign . '</a>
is no longer a member of the team
<a href="index.php?link=teaminfo&id=' . $teamid . '">' . $name . '</a>';
//TODO: reload of page sends multiple messages ... ?
echo '<br>A message has just been sent to the user.</center>';
sendBzMail(0, $playerid, 'You have been released!', 'Sorry, but ' . $_SESSION['callsign'] . ' released you from the ' . $team->name . ' team<br>');
} else {
if (!$f_ok_x) {
// Someone is playing with the headers
echo "<center>Hey! Please stop playing with your browser!</center>";
} else {
echo '<center>Please confirm that you want to ban <a href="index.php?link=playerinfo&id=' . $playerid . '&' . SID . '">' . $player->callsign . '</a>
from the team <a href="index.php?link=teaminfo&id=' . $teamid . '&' . SID . '">' . $team->name . '</a>.</center>';
echo '<center><BR><form method=GET>' . SID_FORM . '
<input type=hidden name=link value=' . $link . '>
<input type=hidden name=playerid value=' . $playerid . '>
<input type=hidden name=teamid value=' . $teamid . '>
<input type=hidden name=callsign value="' . $player->callsign . '">
<input type=hidden name=name value="' . $team->name . '">' . '<table border=0><TR><TD>' . htmlFormButton(' BAN ', 'f_okban_x') . ' </td><TD> ' . htmlURLbutton('Cancel', 'teaminfo', "id={$teamid}", CLRBUT) . '
</td></tr></table>
</form></center>';
}
}
}
function section_entermatch_editIt($mid, $teamA, $teamB, $scoreA, $scoreB, $tsActUnix, $del, $mlen)
{
snCheck('fights');
section_entermatch_orderResults(&$teamA, &$teamB, &$scoreA, &$scoreB);
if (!($old = section_entermatch_queryGetMatch($mid))) {
echo '<CENTER>That match does not exist<BR>';
return;
}
$affected_dates = array();
if ($del) {
sqlQuery("UPDATE l_team SET matches = matches - 1 WHERE id IN({$old->team1},{$old->team2})");
sqlQuery("delete from " . TBL_MATCH . " where id = {$mid}");
section_entermatch_dispMatch('Deleted :', $teamA, $teamB, $scoreA, $scoreB, $tsActUnix, $mlen);
$affected_dates[] = $old->tsactual;
} else {
$now = gmdate("Y-m-d H:i:s");
$pid = $_SESSION['playerid'];
$tsActStr = date("Y-m-d H:i:s", $tsActUnix);
if ($old->team1 == $teamA && $old->team2 == $teamB && $old->score1 == $scoreA && $old->score2 == $scoreB && strtotime($old->tsactual) == $tsActUnix && $old->mlength == $mlen) {
echo "<CENTER>No changes made!<BR>";
return;
}
sqlQuery("UPDATE l_team SET matches = matches - 1 WHERE id IN({$old->team1},{$old->team2})");
sqlQuery("UPDATE l_team SET matches = matches + 1 WHERE id IN({$teamA},{$teamB})");
sqlQuery("update " . TBL_MATCH . " \n set team1={$teamA}, team2={$teamB}, score1={$scoreA}, score2={$scoreB},\n idedit={$pid}, tsactual='{$tsActStr}', tsedit='{$now}', mlength='{$mlen}' where id = {$mid}");
section_entermatch_dispMatch('Changed from:', $old->team1, $old->team2, $old->score1, $old->score2, strtotime($old->tsactual), $old->mlength);
section_entermatch_dispMatch(' Changed to:', $teamA, $teamB, $scoreA, $scoreB, $tsActUnix, $mlen);
if (ENABLE_SEASONS) {
$affected_dates[] = date("Y-m-d H:i:s", $tsActUnix);
if ($old->tsactual && $old->tsactual != $tsActStr) {
$affected_dates[] = $old->tsactual;
}
}
}
section_entermatch_recalcAllRatings(&$affected_dates);
foreach ($affected_dates as $d) {
section_entermatch_recalcSeasonRatingsByDate($d);
}
echo '<BR>' . htmlURLbutton('back to matches', 'fights');
}
function section_teaminfo()
{
require_once 'lib/common.php';
$s_teamid = $_SESSION['teamid'];
$s_logedin = isAuthenticated();
$s_level = $_SESSION['level'];
$s_playerid = $_SESSION['playerid'];
$id = addslashes($_GET['id']);
$res = mysql_query("SELECT name, comment, leader, logo, status, score, \n unix_timestamp(status_changed) as status_changed, unix_timestamp(created) as ucreated\n FROM l_team WHERE id='{$id}'");
$team = mysql_fetch_object($res);
if (!$team) {
echo '<BR><CENTER>Specified team does not exist<BR>';
return;
}
echo '<TABLE align=center><TR><TD>' . htmlURLbutton('Opponent summary', 'oppsumm', "id={$id}") . '</td>';
// Join this team if opened, and if we are logged and not belonging to any team
if ($s_logedin && !$s_teamid && $members < 20 && $team->status == "opened") {
echo '<TD>' . htmlURLbutton('Join Team', 'jointhisteam', "id={$id}") . '</td>';
}
// Send a message to all the team members
if ($s_logedin && $team->status != 'deleted') {
echo '<TD>' . htmlURLbutton('Send BZmessage', 'sendmessage', "tid={$id}") . '</td>';
}
echo '</tr></table>';
if ($team->status == 'deleted') {
echo '<div class=feedback>';
if ($team->status_changed) {
echo "<br><center>This team was deleted on " . gmdate('Y-m-d', $team->status_changed) . "</center>";
} else {
echo "<br><center>This team is deleted.</center>";
}
echo '</div>';
}
echo '<BR><table align=center border=0 cellspacing=0 cellpadding=1>
<tr><td class=teamName align=center>' . $team->name . '<BR></td></tr>';
// Logo if any
if ($team->logo != "") {
echo '<tr><td align=center>
<table><TR><TD bgcolor=white><img src="' . $team->logo . '"></td></tr></table>
<hr></td></tr>';
}
// Ratings
$act45 = teamActivity($id, 45);
$act90 = teamActivity($id, 90);
echo '<tr><td> <TABLE align=center>
<TR><TD width=50% align=right>Created:</td><td width=10></td><td width=50%>' . gmdate('Y-m-d', $team->ucreated) . '</td></tr>
<TR><TD align=right>Rating:</td><td></td><td>' . displayRating($id) . '</td></tr>
<TR><TD align=right>Activity:</td><TD></td><td>' . sprintf('%1.2f / %1.2f', $act45, $act90) . '</td></tr>
<TR><TD colspan=3 align=center> Average number of games played per day<BR>
<NOBR>(exponential moving average over last 45 / 90 days)</nobr></td></tr>';
echo '</td></td></table></td></tr>';
// Matches statistics
$sta1 = mysql_fetch_object(mysql_query("select ifnull(sum(if(score1>score2,1,0)),0) win,\n ifnull(sum(if(score1=score2,1,0)),0) draw,\n ifnull(sum(if(score1<score2,1,0)),0) loss\n from " . TBL_MATCH . " where team1={$id}"));
$sta2 = mysql_fetch_object(mysql_query("select ifnull(sum(if(score2>score1,1,0)),0) win,\n ifnull(sum(if(score2=score1,1,0)),0) draw,\n ifnull(sum(if(score2<score1,1,0)),0) loss\n from " . TBL_MATCH . " where team2={$id}"));
$win = $sta1->win + $sta2->win;
$draw = $sta1->draw + $sta2->draw;
$loss = $sta1->loss + $sta2->loss;
echo "<tr><td align=center><hr>\n <table border=0 cellspacing=0 cellpadding=0 align=center><tr>\n <td align=center>Wins</td><td align=center> Draws </td><td align=center>Losses</td></tr><tr>\n <td align=center>{$win}</td><td align=center>{$draw}</td><td align=center>{$loss}</td>\n </tr></table>\n <hr></td></tr>";
// Comment if any
if ($team->comment != "") {
echo '<tr><td><ul>' . nl2br($team->comment) . '</ul><hr></td></tr>';
}
// Players list
$i = 0;
if (SHOW_PLAYER_ACTIVE > 0) {
$activeDays = SHOW_PLAYER_ACTIVE;
} else {
$activeDays = 0;
}
$res = mysql_query("select id, callsign, comment, status, C.flagname, \n last_login > subdate(now(), INTERVAL {$activeDays} DAY) as active\n from l_player\n left join bzl_countries C on country = C.numcode\n where team=" . $id . "\n order by active desc,callsign");
$members = 0;
echo '<TR><TD><table border=0 cellspacing=0 cellpadding=0 align=center>';
while ($obj = mysql_fetch_object($res)) {
$members++;
if (++$i & 1) {
$cl = "rowEven";
} else {
$cl = "rowOdd";
}
echo "<tr class='{$cl}' valign=middle>";
echo "<TD align=right><a href='index.php?link=playerinfo&id={$obj->id}'>{$obj->callsign}</a></td><TD>";
if ($obj->id == $team->leader) {
echo ' <img TITLE="Team Leader" src="' . THEME_DIR . 'leader.gif">';
}
echo '</td><TD>';
if ($obj->active) {
echo ' <img TITLE="Active player (has logged into this site recently)" src="' . THEME_DIR . 'active.gif">';
}
echo '</td><TD width=10></td>';
echo '<TD>' . smallflag($obj->flagname) . '</td>';
if ($s_logedin && (isFuncAllowed('teamadmin::edit_any_team') || $s_playerid == $team->leader)) {
if ($obj->id != $team->leader) {
// Link to ban a player from a team
echo '<td align=center>' . htmlURLbutSmall('BAN', 'banplayer', "playerid={$obj->id}&teamid={$id}&f_ok_x=2", ADMBUT) . '</form></td></tr>';
} else {
echo '<td> </td></tr>';
}
} else {
echo '<td> </td></tr>';
}
echo "\n";
}
echo '</td></tr></table>';
// Show last fights
$sql = "SELECT t1.id, t1.name, f.score1, t2.id, t2.name, f.score2, f.tsactual, unix_timestamp(f.tsactual) tstamp_ts \n" . "FROM " . TBL_MATCH . " f, l_team t1, l_team t2 " . "WHERE (f.team1 = '{$id}' OR f.team2 = '{$id}') " . " AND f.team1 = t1.id " . " AND f.team2 = t2.id " . "ORDER BY f.tsactual DESC " . "LIMIT 11 ";
$res = sqlQuery($sql);
$tmp = '';
$count = 0;
while ($row = mysql_fetch_array($res)) {
$count++;
if ($count < 11) {
if (isset($_SESSION['last_login']) && $_SESSION['last_login'] < $row[7]) {
$new1 = "<font color=\"red\">";
$new2 = "</font>";
} else {
$new1 = '';
$new2 = '';
}
if ($count % 2) {
$cl = "rowEven";
} else {
$cl = "rowOdd";
}
$tmp .= "<tr class=\"{$cl}\">";
$tmp .= '<td align="right">' . $new1 . $row[6] . $new2 . '</td>';
if ($row[0] != $id) {
$oppid = $row[0];
$oppname = stripslashes($row[1]);
$oppscore = $row[2];
$teamscore = $row[5];
} else {
$oppid = $row[3];
$oppname = stripslashes($row[4]);
$oppscore = $row[5];
$teamscore = $row[2];
}
$tmp .= "<td>{$new1}";
$oppname = '<a href="index.php?link=teaminfo&id=' . $oppid . '&' . SID . '">' . $new1 . $oppname . $new2 . '</a>';
if ($oppscore < $teamscore) {
$tmp .= "<b>Won</b> against {$oppname}";
} elseif ($oppscore > $teamscore) {
$tmp .= "<b>Lost</b> against {$oppname}";
} else {
$tmp .= "<b>Tie</b> against {$oppname}";
}
$tmp .= " ({$row[2]} - {$row[5]})";
$tmp .= "{$new2}</td>";
$tmp .= "</tr>\n";
}
}
echo '<tr>';
echo '<td align=center> <br><b>';
if ($count == 1) {
echo 'Last match';
} else {
if ($count == 11) {
echo 'Last 10 matches, view them all <a href="index.php?link=fights&id=' . $id . '&' . SID . '">here</a>';
} elseif ($count == 0) {
echo "No matches played";
} else {
echo "Last {$count} matches";
}
}
echo '</b><BR><BR></td></tr><TR><TD>';
echo "<table align=center border=0>{$tmp}</table>";
// Or... edit your team if you are a leader or ad admin, or with a password if you are a member
// Team members can't change the password, though...
// Unless ofcause the team is deleted
if ($team->status == 'deleted') {
if ($team->status_changed) {
echo "<br><center>This team is deleted as of " . gmdate('Y-m-d', $team->status_changed) . "</center>";
} else {
echo "<br><center>This team is deleted.</center>";
}
} else {
if ($s_logedin && (isFuncAllowed('teamadmin::edit_any_team') || $s_teamid == $id)) {
if (!isFuncAllowed('teamadmin::edit_any_team') && $s_playerid != $team->leader) {
// Team member, need password
echo '<form method=post>
<input type=hidden name=link value=teamadmin>
<input type=hidden name=id value=' . $id . '>
<br><center>Enter team password <input type=password size=8 maxlength=8 name=f_password> and
' . htmlFormButton('Edit Team', 'f_edit_x') . '
</center></form>';
} else {
$invites = sqlQuery("SELECT *, l_player.callsign FROM bzl_invites, l_player\n WHERE teamid={$id} AND expires > NOW() AND bzl_invites.playerid = l_player.id");
if (mysql_num_rows($invites) > 0) {
echo '<BR><HR>Invitations currently active:<BR><TABLE>';
while ($row = mysql_fetch_object($invites)) {
echo '<TR><TD width=25></td><TD>' . playerLink($row->playerid, $row->callsign) . "</td><TD width=10></td><TD>(expires: {$row->expires})</td></tr>";
}
echo '</table><HR>';
}
// Team leader or admin, let's go
echo '<center><BR>
' . htmlURLbutton('Edit Team', 'teamadmin', "id={$id}", ADMBUT) . '
<BR>
' . htmlURLbutton('Dismiss Team', 'dismissteam', "id={$id}", ADMBUT);
}
}
}
}
function section_teams()
{
require_once "lib/common.php";
$s_logedin = isAuthenticated();
$s_teamid = $_SESSION['teamid'];
$tacts = teamActivity(null, 45);
echo '<BR>';
$res = sqlQuery("\n SELECT l_team.id, l_team.name, l_team.logo, l_team.score, \n player2.callsign leader, player2.id leaderid, \n l_team.status, count(distinct l_player.callsign) numplayers,\n l_team.active = 'yes' activeteam, l_team.matches, l_team.matches > 0 sorter\n FROM l_team, l_player player2, l_player\n WHERE player2.id = l_team.leader \n AND l_team.status != 'deleted' \n AND l_player.team = l_team.id\n GROUP BY l_team.name, l_team.leader, l_team.status, l_team.score\n ORDER BY sorter desc, activeteam desc, l_team.score desc, l_team.name");
echo "<table align=center border=0 cellspacing=0 cellpadding=2>\n <tr class=tabhead align=center>\n <td>Name</td><td>Leader</td><td colspan=2>Members</td>\n <td colspan=2>Rating</td><td>Join</td><TD>Activity</td></tr>";
$separated = 0;
$rownum = 0;
while ($obj = mysql_fetch_object($res)) {
++$rownum;
if ($obj->activeteam == 0 && $separated == 0) {
$separated = 1;
echo '<tr><td align=center colspan=10><hr><b>Inactive Teams</b></td></tr>';
$rownum = 1;
}
if ($obj->sorter == 0 && $separated == 1) {
$separated = 2;
echo '<tr><td align=center colspan=10><hr><b>Did not play any match</b></td></tr>';
$rownum = 1;
}
if ($obj->logo != '') {
$logo = '<img src="' . THEME_DIR . 'islogo.gif">';
} else {
$logo = ' ';
}
if ($s_teamid == $obj->id) {
$c = 'myteam';
} elseif ($obj->status == 'deleted') {
$c = 'deletedteam';
} else {
if ($rownum % 2) {
$c = 'rowOdd';
} else {
$c = 'rowEven';
}
}
echo "<TR class='{$c}' valign=middle>";
$teamname = substr($obj->name, 0, 35);
$act = $tacts[$obj->id];
echo '<td><a href="index.php?link=teaminfo&id=' . $obj->id . '">' . $teamname . '</a></td>
<td><a href="index.php?link=playerinfo&id=' . $obj->leaderid . '&' . SID . '">' . $obj->leader . '</a></td>
<td align=center>' . $obj->numplayers . '</td><td>' . $logo . '</td>
<td align=left>' . displayRating($obj->id) . '</td>';
if ($separated) {
echo '<td> </td>';
} else {
echo '<td align=center>(' . $obj->matches . ')</td>';
}
// Print join or joinnot, not forgetting we may already belong to a team
echo '<TD align=left>';
if ($s_logedin) {
if (!$s_teamid) {
switch ($obj->status) {
case 'opened':
if ($obj->numplayers < 20) {
echo htmlURLbutSmall('JOIN', 'jointeam', "id={$obj->id}") . '</td>';
} else {
echo ' [Closed]</td>';
}
break;
case 'closed':
echo ' [Closed]</td>';
break;
default:
echo 'Deleted.</td>';
break;
}
} else {
if ($s_teamid == $obj->id) {
// if( $_SESSION['playerid'] != 2074 ) // Dont allow Admir to leave (SC request)
echo htmlURLbutSmall('Abandon', 'leaveteam', "id={$obj->id}&leader={$obj->leaderid}") . '</td>';
} elseif ($obj->status == 'closed') {
echo ' [Closed]</td>';
} elseif ($obj->status == 'deleted') {
echo 'deleted.</td>';
} else {
echo '</td>';
}
}
} elseif ($obj->status == 'closed') {
echo ' [Closed]</td>';
} else {
echo '</td>';
}
$act = sprintf('%1.2f', $tacts[$obj->id]);
echo "<TD align=center>{$act}</td>";
echo "</tr>";
}
echo "</table>";
// Create a new team, if logged in and not a team member
if ($s_logedin && !$s_teamid) {
echo '<br><center>
' . htmlURLbutton('Create New Team', 'createteam', null) . '</center>';
}
}
function section_news_presentForm($id)
{
echo '<BR><div class=feedback>';
if ($id > 0) {
$row = mysql_fetch_object(sqlQuery('select * from ' . TBL_NEWS . " where id={$id}"));
echo "EDITING NEWS (id #{$id}, by:{$row->authorname})";
} else {
echo "ADDING NEWS";
$row->newsdate = gmdate('Y-m-d H:i:s');
}
$link = $_GET['link'];
echo '</div><BR>';
echo "<form method=post><table align=center border=0 cellspacing=0 cellpadding=1>\n <input type=hidden name=link value={$link}>\n <input type=hidden name=state value=1>\n <tr><td align=right>Date:</td><TD width=8></td>\n <TD><input type=text size=20 maxlength=20 name=date value='{$row->newsdate}'></td></tr>\n <tr><td align=right valign=top>Text:</td><TD width=8></td>\n <TD><textarea cols=70 rows=10 name=text>{$row->text}</textarea></td></tr>\n <tr><td align=center colspan=3><BR>";
htmlMiniTable(array(htmlFormButton('Submit', '', ADMBUT), $id == 0 ? '' : htmlFormButton('DELETE News', 'del', ADMBUT), htmlURLbutton('Cancel', 'newsadmin', null, CLRBUT)), 8);
echo '</td></tr></form></table>';
}
function section_bzforums()
{
require_once 'lib/common.php';
$allowDelete = isFuncAllowed('post_delete');
$allowNew = isFuncAllowed('post_new');
$allowReply = isFuncAllowed('post_reply');
$allowEdit = isFuncAllowed('post_edit');
$allowLock = isFuncAllowed('topic_lock');
$allowSticky = isFuncAllowed('topic_sticky');
$allowTDelete = isFuncAllowed('topic_delete');
$allowViewDeleted = isFuncAllowed('topic_view_deleted');
$showRoles = isFuncAllowed('show_roles');
$POSTSPERPAGE = 10;
$link = 'bzforums';
$utcNOW = gmdate("Y-m-d H:i:s");
// Variables:
// top = which post is first on the page i think
$vars = array('top', 'threadid', 'forumid', 'id', 'action');
foreach ($vars as $var) {
${$var} = $_REQUEST[$var];
}
// Get and print the forum title
if (isset($forumid)) {
$row = mysql_fetch_object(mysql_query("select title, status from l_forum where id={$forumid}"));
echo 'Forum: <a href="index.php?link=' . $link . '&' . SID . '">
<font size=+1>BZforums</font></a><font size=+1><i> / </i></font>
<a href="index.php?link=' . $link . '&forumid=' . $forumid . '&' . SID . '">
<font size=+1>' . $row->title . '</font></a><hr>';
if ($row->status != 'Open') {
print "This forum is not accessible. Sorry";
return;
}
}
// check if we need to change permissions (eg, disallow reply/post for locked topics)
if (isset($threadid)) {
$threadid = intval($threadid);
$row = mysql_fetch_object(mysql_query("select status, is_sticky from l_forumthread where id={$threadid}"));
if ($row->status == 'locked' && !isAdmin()) {
$allowNew = false;
$allowReply = false;
} elseif ($row->status == 'deleted' && !$allowViewDeleted) {
errorPage('This topic is deleted');
return;
}
$threadstatus = $row->status;
$threadsticky = $row->is_sticky;
}
// Perform deletion
if ($allowDelete && $action == 'delete2' && $id != '') {
$id = intval($id);
mysql_query("DELETE FROM l_forummsg WHERE msgid = '{$id}' LIMIT 1") or die(mysql_error());
// Check if there is any message left for that thread
$threadid = intval($threadid);
$res = mysql_query("SELECT count(1) FROM l_forummsg WHERE threadid = '{$threadid}'") or die(mysql_error());
$row = mysql_fetch_row($res);
if ($row[0] == 0) {
// No messages in thread: deleting thread - jumo to threadlist
mysql_query("DELETE FROM l_forumthread WHERE id = '{$threadid}' LIMIT 1") or die(mysql_error());
header("Location: index.php?link=bzforums&forumid={$forumid}");
exit;
}
$action = '';
} elseif ($action == 'lock') {
$threadid = intval($threadid);
if (!$allowLock) {
errorPage("You are not allowed to lock topics");
return;
}
mysql_query("UPDATE l_forumthread SET status = 'locked', status_by = {$_SESSION['playerid']}, \n status_at = '{$utcNOW}' WHERE id = '{$threadid}' and status != 'locked' LIMIT 1") or die(mysql_error());
$action = '';
$threadstatus = 'locked';
} elseif ($action == 'revive') {
$threadid = intval($threadid);
if (!$allowLock && $threadstatus == 'locked') {
errorPage("You are not allowed to unlock topics");
return;
}
if (!$allowTDelete && $threadstatus == 'deleted') {
errorPage("You are not allowed to undelete topics");
return;
}
mysql_query("UPDATE l_forumthread SET status = 'normal', \n status_by = {$_SESSION['playerid']}, status_at = '{$utcNOW}' WHERE id = '{$threadid}' LIMIT 1") or die(mysql_error());
$action = '';
$threadstatus = 'normal';
} elseif ($action == 'deletetopic') {
$threadid = intval($threadid);
if (!$allowTDelete) {
errorPage("You are not allowed to delete topics");
return;
}
mysql_query("UPDATE l_forumthread SET status = 'deleted', status_by = {$_SESSION['playerid']}, \n status_at = '{$utcNOW}' WHERE id = '{$threadid}' and status != 'deleted' LIMIT 1") or die(mysql_error());
$action = '';
$threadstatus = 'deleted';
} elseif ($action == 'sticky') {
$threadid = intval($threadid);
if (!$allowSticky) {
errorPage("You are not allowed to use sticky");
return;
}
mysql_query("UPDATE l_forumthread SET is_sticky = 1 WHERE id = '{$threadid}' LIMIT 1") or die(mysql_error());
$action = '';
$threadsticky = 1;
} elseif ($action == 'unsticky') {
$threadid = intval($threadid);
if (!$allowSticky) {
errorPage("You are not allowed to use sticky");
return;
}
mysql_query("UPDATE l_forumthread SET is_sticky = 0 WHERE id = '{$threadid}' LIMIT 1") or die(mysql_error());
$action = '';
$threadsticky = 0;
} elseif ($action == 'new' || $action == 'reply' || $action == 'edit') {
if ($action == 'new' && !$allowNew) {
errorPage("You are not allowed to post new topics");
return;
} elseif ($action == 'reply' && !$allowReply) {
errorPage("You are not allowed to reply");
return;
} elseif ($action == 'edit' && !$allowEdit) {
errorPage("You are not allowed to edit");
return;
}
echo '<form method=post name="post" action="index.php">' . SID_FORM;
echo '<input type=hidden name=threadid value=' . $threadid . '>';
echo '<input type=hidden name=link value="' . $link . '">';
echo '<input type=hidden name=forumid value=' . $forumid . '>';
echo '<input type=hidden name=id value=' . $id . '>';
echo '<input type=hidden name=top value=' . $top . '>' . snFormInit();
echo '<table border=0 align=center cellspacing=0 cellpadding=0>';
echo '<tr class=tablehead><td colspan=2 align=center>';
if ($action == 'new') {
echo 'New Topic';
} elseif ($action == 'reply') {
echo 'New Reply';
} else {
echo "Edit message";
}
echo '</td></tr>';
echo '<tr><td>Subject: </td><td>';
if ($action == 'new') {
print '<input type=text name=subject size=50 maxlength=80>';
} else {
$row = mysql_fetch_object(mysql_query("select subject from l_forumthread where id={$threadid}"));
echo '<i>' . $row->subject . '</i>';
}
print '</td></tr>';
echo '<tr><td valign="top">Message</td><td>';
if ($action == 'edit') {
$id = intval($id);
$row = mysql_fetch_object(mysql_query("select msg from l_forummsg where msgid={$id}"));
print '<textarea cols=50 rows=10 name=forummsg>' . htmlspecialchars($row->msg) . '</textarea>';
} else {
print '<textarea cols=50 rows=10 name=forummsg></textarea>';
}
print '</td></tr>';
// Form buttons
echo '<tr><td colspan=2 align=center>' . htmlFormButton('OK', 'save_' . $action) . ' ' . htmlFormButton('Cancel', 'cancel', CLRBUT) . '</td></tr>';
print '<tr><td>Smiley:</td><td align="middle">';
$res = mysql_query("select image, code from l_smiley GROUP BY image") or die(mysql_error());
while ($row = mysql_fetch_object($res)) {
print '<a href="#" onclick="javascript:document.post.forummsg.value += \' ' . $row->code . '\'"><img border=0 src="' . THEME_DIR . 'smilies/' . $row->image . '" border=0/></a> ';
}
print "</tr>";
echo '</table></form>';
} elseif (isset($_POST['save_new'])) {
$forummsg = section_bzforums_stripExtraLF($_POST['forummsg']);
$subject = $_POST['subject'];
// New topic
if ($allowNew) {
mysql_query("INSERT INTO l_forumthread (id,forumid,creatorid,subject) VALUES(0, {$forumid}, {$_SESSION['playerid']}, '" . $subject . "')") or die(mysql_error());
$threadid = mysql_insert_id();
mysql_query("insert into l_forummsg(msgid,threadid,fromid,msg,datesent) \n values(0, {$threadid}, {$_SESSION['playerid']}, '" . $forummsg . "', '{$utcNOW}')") or die(mysql_error());
session_refresh_all();
} else {
errorPage("You are not allowed to post new topics");
return;
}
} elseif (isset($_POST['save_reply'])) {
$forummsg = section_bzforums_stripExtraLF($_POST['forummsg']);
if ($allowReply) {
snCheck('bzforums', "forumid={$forumid}&threadid={$threadid}");
mysql_query("insert into l_forummsg(msgid,threadid,fromid,msg,datesent) \n values(0, {$threadid}, {$_SESSION['playerid']}, '" . $forummsg . "', '{$utcNOW}')");
session_refresh_all();
} else {
errorPage("You are not allowed to reply");
return;
}
} elseif (isset($_POST['save_edit'])) {
$forummsg = section_bzforums_stripExtraLF($_POST['forummsg']);
if ($allowReply) {
$id = intval($id);
snCheck('bzforums', "forumid={$forumid}&threadid={$threadid}");
// mysql_query("UPDATE l_forummsg SET msg = '$forummsg' WHERE msgid = '$id'");
mysql_query("UPDATE l_forummsg SET msg = '{$forummsg}', status = 'edited', \n status_by = {$_SESSION['playerid']}, status_at = '{$utcNOW}' WHERE msgid = '{$id}'");
session_refresh_all();
} else {
errorPage("You are not allowed to edit");
return;
}
}
if (isset($threadid)) {
// Display a thread
// Control buttons
// 06/28/2002: $POSTSPERPAGE posts/page max.
if (!isset($top)) {
$top = 0;
$newtop = 0;
}
if ($top == "") {
$top = 0;
$newtop = 0;
}
if ($action == '') {
echo '<TABLE align=right><TR>';
if ($allowReply && $threadstatus != 'deleted') {
echo '<td>' . htmlURLbutton('Add Reply', $link, "forumid={$forumid}&threadid={$threadid}&action=reply&top={$top}") . '</td>';
}
if ($allowLock && $threadstatus != 'locked') {
echo '<td>' . htmlURLbutton('Lock topic', $link, "forumid={$forumid}&threadid={$threadid}&action=lock&top={$top}", ADMBUT) . '</td>';
}
if ($allowTDelete && $threadstatus != 'deleted') {
echo '<td>' . htmlURLbutton('Delete topic', $link, "forumid={$forumid}&threadid={$threadid}&action=deletetopic&top={$top}", ADMBUT) . '</td>';
}
if ($allowLock && $threadstatus == 'locked' || $allowTDelete && $threadstatus == 'deleted') {
echo '<td>' . htmlURLbutton('Revive topic', $link, "forumid={$forumid}&threadid={$threadid}&action=revive&top={$top}", ADMBUT) . '</td>';
}
if ($allowSticky) {
if ($threadsticky) {
echo '<td>' . htmlURLbutton('Remove sticky', $link, "forumid={$forumid}&threadid={$threadid}&action=unsticky&top={$top}", ADMBUT) . '</td>';
} else {
echo '<td>' . htmlURLbutton('Make sticky', $link, "forumid={$forumid}&threadid={$threadid}&action=sticky&top={$top}", ADMBUT) . '</td>';
}
}
echo '</tr></table><BR clear=all>';
}
$temp = mysql_fetch_object(mysql_query("select count(msgid) num from l_forummsg where threadid={$threadid}"));
$numpost = $temp->num;
$numpages = floor(($numpost + $POSTSPERPAGE - 1) / $POSTSPERPAGE);
$curpage = $top / $POSTSPERPAGE + 1;
$res = sqlQuery("select msgid, msg, datesent, l_forummsg.status, status_at, l_player.id pid, \n player2.callsign as editedby, l_player.callsign, r.name as role\n from (l_forummsg, l_player, bzl_roles r)\n LEFT JOIN l_player player2 ON player2.id = status_by\n where threadid={$threadid}\n and fromid = l_player.id\n and l_player.role_id = r.id\n order by datesent\n limit {$top}, {$POSTSPERPAGE}");
// Table header
$sub = mysql_fetch_object(mysql_query("select subject, status from l_forumthread where id={$threadid}"));
echo '<table align=center border=1 cellspacing=0 cellpadding=1>';
if ($threadsticky) {
$status = '<b>Sticky</b> ';
} else {
$status = '';
}
if ($sub->status == 'locked') {
$status .= '<b>Locked</b> ';
} elseif ($sub->status == 'deleted') {
$status .= '<b>Deleted</b> ';
}
echo '<tr class=tabhead><td colspan=3><font size=+1>' . $status . '<i>' . smileys($sub->subject) . '</i></font>';
// Display pages if multiple pages and not adding a post
if ($numpages > 1 && !isset($addpost)) {
echo '<div align=right>';
for ($i = 1; $i <= $numpages; $i++) {
if ($i == $curpage) {
echo $i . ' ';
} else {
$newtop = ($i - 1) * $POSTSPERPAGE;
echo '<a href="index.php?link=' . $link . '&forumid=' . $forumid . '&threadid=' . $threadid . '&top=' . $newtop . '&' . SID . '">' . $i . '</a> ';
}
}
echo '</div>';
}
echo '</td></tr>';
echo '<tr class=tablehead><td>Author</td><td>Message</td></tr>';
$cf = 1;
while ($row = mysql_fetch_object($res)) {
echo '<tr class=forum' . $cf . '>';
echo '<td valign=top rowspan="' . ($allowDelete ? 2 : 1) . '"><a href="index.php?link=playerinfo&id=' . $row->pid . '&' . SID . '">' . $row->callsign . '</a>';
if ($showRoles) {
print " <small>({$row->role})</small>";
}
echo '<br><font size=-2>(' . $row->datesent . ')</font></td>';
$msgbody = smileys(wordwrap(nl2br(htmlspecialchars($row->msg)), 75, " ", true));
// DMP 19oct2007: Added wordwrap to break annoyingly long lines
$highlight = false;
// Setup available commands
// Comamnds: If a ALL key exists, it will be the only one showed, otherwise all elements is shown
$commands = array();
if ($allowDelete) {
if ($action == 'delete' && $id == $row->msgid) {
$highlight = true;
$commands['ALL'] = 'Confirmation: ' . htmlLink('Delete', 'bzforums', 'action=delete2&id=' . $row->msgid . '&forumid=' . $forumid . '&threadid=' . $threadid . '&top=' . $top) . ' OR ' . htmlLink('Cancel?', 'bzforums', 'id=' . $row->msgid . '&forumid=' . $forumid . '&threadid=' . $threadid . '&top=' . $top);
} else {
$commands[] = htmlLink('[delete]', 'bzforums', 'action=delete&id=' . $row->msgid . '&forumid=' . $forumid . '&threadid=' . $threadid . '&top=' . $top);
}
}
if ($allowEdit) {
$commands[] = htmlLink('[edit]', 'bzforums', 'action=edit&id=' . $row->msgid . '&forumid=' . $forumid . '&threadid=' . $threadid . '&top=' . $top);
}
if ($highlight) {
echo '<td valign=top><font color=red>' . $msgbody . '</font>';
} else {
echo '<td valign=top>' . $msgbody;
}
if ($row->status == 'edited') {
echo "<BR><small>(Message edited by {$row->editedby} at: {$row->status_at})</small>";
}
echo '</td></tr>';
// Show commands if any
if (count($commands)) {
// if action is set dont show i$commands unless it contains 'ALL'
if ($action != '' && isset($commands['ALL']) || $action == '') {
echo '<tr><td align="right" colspan="2" valign=top><small>' . (isset($commands['ALL']) ? $commands['ALL'] : join(' ', $commands)) . '</small></td></tr>';
} else {
echo '<tr></tr>';
}
}
$cf = 3 - $cf;
}
echo '</table>';
if ($curpage < $numpages) {
echo '<CENTER><BR>' . htmlURLbutSmall("NEXT Page", $link, "forumid={$forumid}&threadid={$threadid}&top=" . $curpage * $POSTSPERPAGE);
}
} else {
if (isset($forumid) && !isset($addpost)) {
// Display specific forum
// Control buttons
if ($allowNew) {
echo '<div align=right>' . htmlURLbutton('New Topic', $link, "forumid={$forumid}&action=new&top={$top}") . '</div>';
}
if ($allowViewDeleted) {
$viewClause = '';
} else {
$viewClause = "AND l_forumthread.status != 'deleted' ";
}
$res = mysql_query("select l_forumthread.id,l_forumthread.subject, l_player.id pid, \n l_player.callsign, max(l_forummsg.datesent) ds, \n unix_timestamp(max(l_forummsg.datesent)) datesent_ts,\n l_forumthread.status, \n l_forumthread.status_at,\n splayer.callsign as status_by, l_forumthread.is_sticky\n from (l_forumthread, l_forummsg, l_player, l_player l_player2)\n left join l_player splayer ON (splayer.id = l_forumthread.status_by)\n where l_forumthread.forumid={$forumid}\n and l_forumthread.creatorid = l_player.id\n {$viewClause}\n and l_forumthread.id = l_forummsg.threadid\n and l_player2.id = l_forummsg.fromid\n group by l_forumthread.id, l_forumthread.subject, l_player.id, l_player.callsign\n order by l_forumthread.is_sticky DESC, ds desc") or die(mysql_error());
// Table header
echo '<table align=center border=1 cellspacing=0 cellpadding=1>';
echo '<tr class=tabhead><td width=50%>Topic</td><td align=center>Replies</td><td
align=center>Last Comment</td><td align=center>Started by</td></tr>';
while ($row = mysql_fetch_object($res)) {
// Get the last author for this topic
$la = mysql_fetch_object(mysql_query("select l_player.id pid, l_player.callsign\n from l_player, l_forummsg\n where threadid = {$row->id}\n and fromid = l_player.id\n order by datesent desc\n limit 0, 1"));
$nr = mysql_fetch_object(mysql_query("select count(*)-1 num\n from l_forummsg\n where threadid = " . $row->id));
echo '<tr><td>';
if ($row->is_sticky == 1) {
print '<b>STICKY</b> ';
}
if ($row->status == 'locked') {
echo '<b>LOCKED</b>; ';
} elseif ($row->status == 'deleted') {
echo '<b>DELETED</b>; ';
}
echo '<a href="index.php?link=' . $link . '&forumid=' . $forumid . '&threadid=' . $row->id . '&' . SID . '">';
if (empty($row->subject)) {
$row->subject = '(no subject)';
}
if (isset($_SESSION['last_login']) && $_SESSION['last_login'] < $row->datesent_ts) {
echo '<font color="red"><b>' . smileys($row->subject) . '</b></font></a>';
} else {
echo smileys($row->subject) . '</a>';
}
$numpages = floor(($nr->num + 1 + $POSTSPERPAGE - 1) / $POSTSPERPAGE);
if ($numpages > 1) {
echo ' (<img src="' . THEME_DIR . '/multipage.gif"> ';
for ($i = 2; $i <= $numpages; $i++) {
$t = ($i - 1) * 10;
echo '<a href="index.php?link=' . $link . '&top=' . $t . '&forumid=' . $forumid . '&threadid=' . $row->id . '&' . SID . '">' . $i . '</a> ';
}
echo ')';
}
if ($row->status != 'normal') {
if (!$row->status_by) {
$row->status_by = 'SYSTEM';
}
echo "<br /><small>by {$row->status_by} at {$row->status_at}</small>";
}
echo '</td>
<td align=center>' . $nr->num;
echo '</td>
<td align=center>' . $row->ds . '<br>by <a href="index.php?link=playerinfo&id=' . $la->pid . '&' . SID . '">' . $la->callsign . '</a></td>
<td align=center><a href="index.php?link=playerinfo&id=' . $row->pid . '&' . SID . '">' . $row->callsign . '</a></td>
</tr>';
}
echo '</table>';
} elseif ($action == '') {
// Display forums list
$res = mysql_query("select l_forum.id, l_forum.title, ifnull(max(l_forummsg.datesent),'n/a') md, count(l_forummsg.msgid) num,\n unix_timestamp(max(l_forummsg.datesent)) as datesent_ts\n from l_forum \n left join l_forumthread on (l_forum.id = l_forumthread.forumid AND l_forumthread.status != 'deleted')\n left join l_forummsg on l_forumthread.id = l_forummsg.threadid\n where l_forum.status = 'open'\n group by l_forum.id, l_forum.title\n order by title") or die(mysql_error());
echo '<table align=center border=0 cellspacing=0 cellpadding=1>
<tr class=tabhead><td>Forums</td><td align=right># Posts</td><td align=center>Last Comment</td></tr>';
while ($row = mysql_fetch_object($res)) {
echo '<tr><td><a href="index.php?link=' . $link . '&forumid=' . $row->id . '&' . SID . '">';
if (isset($_SESSION['last_login']) && $_SESSION['last_login'] < $row->datesent_ts) {
echo "<font color=\"red\">" . $row->title . "</font>";
} else {
echo $row->title;
}
echo '</a></td><td align=center>' . $row->num . '</td><td align=center>' . $row->md . '</td></tr>';
}
echo '</table>';
}
}
}
function section_playerinfo_displayPlayer(&$se)
{
$s_level = $_SESSION['level'];
$s_logedin = isAuthenticated();
$s_playerid = $_SESSION['playerid'];
$s_leader = $_SESSION['leader'];
$s_teamid = $_SESSION['teamid'];
$editAny = isFuncAllowed('edit_any_players');
echo '<table width=90% align=center border=0 cellspacing=0 cellpadding=1>
<tr><td class=playername align=center>' . $se->callsign . '<BR><BR></td></tr>';
// Logo if any
if ($se->logo != "") {
echo '<tr><td align=center>' . section_playerinfo_dispLogo($se->logo, $se->logobg) . '<hr></td></tr>';
}
// Bio if any
if ($se->comment != "") {
echo "<tr><td class=playerbio>" . nl2br($se->comment) . "<hr></td></tr>";
}
// misc info ....
echo '</td></tr><TR><TD><table align=center><TR><TD width=100 valign=top align=left>';
if ($se->flagname) {
echo '<img src="' . FLAG_DIR . "c-{$se->flagname}.gif\">";
}
echo '</td><TD><TABLE>';
// Team if any
if ($se->teamname != "") {
echo "<tr><td>";
if ($se->leader == $se->id) {
$d = '<nobr>Leader (<img src="' . THEME_DIR . 'leader.gif">) of team</nobr>';
} else {
$d = "<nobr>Member of team</nobr>";
}
section_playerinfo_tab2($d, htmlLink($se->teamname, 'teaminfo', "id={$se->teamid}"));
} else {
echo "<tr><td align=center colspan=2>Does not belong to any team</td></tr>";
}
if ($se->altnik1 || $se->altnik2) {
if ($se->altnik1 && $se->altnik2) {
$plural = 's';
$niks = $se->altnik1 . ', ' . $se->altnik2;
} else {
if ($se->altnik1) {
$niks = $se->altnik1;
} else {
$niks = $se->altnik2;
}
}
section_playerinfo_tab2("<nobr>Alternate callsign{$plural}</nobr>", $niks);
}
if ($se->countryname) {
$loc = $se->countryname;
if ($se->stateabbr) {
$loc .= ' (';
if ($se->city) {
$loc .= $se->city . ', ';
}
$loc .= "{$se->stateabbr})";
}
section_playerinfo_tab2('Location', $loc);
}
if ($se->utczone || $se->zonename) {
section_playerinfo_tab2('Time zone', 'GMT ' . section_playerinfo_numPlus($se->utczone) . " ({$se->zonename})");
}
section_playerinfo_tab2('Site Member Since', date('Y-m-d', $se->created));
if (isset($se->last_login)) {
section_playerinfo_tab2('Last login', date('Y-m-d H:i', $se->last_login));
}
echo '<TR><TD colspan=2><HR></td></tr>';
if ($se->emailpub == 'Y') {
section_playerinfo_tab2('email', section_playerinfo_obsMail($se->email));
}
section_playerinfo_tab2('AIM', $se->aim);
section_playerinfo_tab2('IRC', $se->ircnik1);
section_playerinfo_tab2('ICQ', $se->icq);
section_playerinfo_tab2('YIM', $se->yim);
section_playerinfo_tab2('MSM', $se->msm);
section_playerinfo_tab2('Jabber', $se->jabber);
echo '</table></td><TD width=50></td></tr></table></tr>';
// Frequentation statistics
if ($se->status != 'deleted') {
echo '<tr><td><BR><BR>';
section_playerinfo_Frequentation($se->id);
echo '<BR></td></tr>';
}
if ($se->status != 'deleted') {
// Send a message to this player (but not to myself!)
if ($s_logedin && $s_playerid != $se->id) {
echo '<tr><td><hr></td></tr><tr align=center><td><TABLE><TR><TD>' . htmlURLbutton('SEND BZmessage', 'sendmessage', "pid={$se->id}");
// If I am a team leader, and my team is not full, I can invite him
if (isAuthenticated() && $_SESSION['leader']) {
// Check if my team full
$team = mysql_fetch_object(mysql_query("select count(*) as num from l_player where team={$s_teamid}"));
if ($team->num < 20) {
$mytn = queryGetTeamName($s_teamid);
echo '<TD width=5></td><TD>' . htmlURLbutton("INVITE to {$mytn}", 'invite', "id={$se->id}") . '</td>';
}
}
echo '</tr></table></td></tr>';
}
// Administrators and owner can edit a player
if ($s_logedin && ($editAny || $s_playerid == $se->id)) {
if ($editAny && $s_playerid != $se->id) {
$class = ADMBUT;
}
echo '<tr><td align=center><hr><TABLE><TR><TD>' . htmlURLbutton('Edit Profile', 'playeradmin', "id={$se->id}&edt_st=1", $class);
if (isFuncAllowed('visitlog::visit_log')) {
echo '</td><TD width=5></td><TD>' . htmlURLbutton('Visits', 'visitlog', "id={$se->id}", ADMBUT);
}
if (isFuncAllowed('deleteplayer::delete_player') && $se->role_id != ADMIN_PERMISSION) {
echo '</td><TD width=5></td><TD>' . htmlURLbutton('DELETE Player', 'deleteplayer', "id={$se->id}", ADMBUT);
}
echo '</td></tr></table></td></tr>';
}
}
echo "</table>";
}
function section_teamadmin()
{
require_once 'lib/common.php';
$TEAMSIZE = 20;
$vars = array('id', 'f_password', 'f_ok_x', 'f_comment', 'f_logo', 'f_name', 'f_status', 'f_password1', 'f_password2', 'link', 'f_leader');
foreach ($vars as $var) {
${$var} = isset($_POST[$var]) ? $_POST[$var] : $_GET[$var];
}
// Check permission
$allowed = 0;
$obj = mysql_fetch_object(mysql_query("select name, comment, leader, logo, password, status, adminclosed from l_team where id=" . $id));
$res = mysql_fetch_object(mysql_query("select count(*) num from l_player where team=" . $id));
$numplayer = $res->num;
if (isFuncAllowed('edit_any_team') || $_SESSION['playerid'] == $obj->leader) {
// Admin or team leader, allowed
$allowed = 1;
} else {
// Check password
$cypher = substr(crypt($f_password, substr($obj->password, 0, 2)), 0, 13);
if ($cypher == $obj->password) {
// Good password, allowed
$allowed = 1;
}
}
echo '<BR>';
if ($obj->status == 'deleted') {
echo "<center>Sorry, you cannot edit a deleted team.</center>";
} else {
if (!$allowed) {
echo "<center>Sorry, you don't have the permission to edit the <a href=\"index.php?link=teaminfo&id=" . $id . "&" . SID . "\">" . $obj->name . "</a> team, or you entered an incorrect password.</center>";
} else {
if ($f_ok_x) {
$f_comment = stripslashes($f_comment);
$f_logo = stripslashes($f_logo);
$f_name = stripslashes($f_name);
$f_status = stripslashes($f_status);
} else {
$f_comment = $obj->comment;
$f_logo = $obj->logo;
$f_name = $obj->name;
$f_status = $obj->status;
}
$error = 1;
if ($f_ok_x) {
$error = 0;
// Check password
if ($f_password1 != $f_password2) {
$error = 1;
echo "<div class=error>The passwords don't match</div>";
} else {
if ($f_password1 != "") {
$cypher = ", password='******'$1') . "'";
} else {
$cypher = "";
}
}
// Check duplicate team names
$res = mysql_query("select name from l_team where id!={$id} and name=\"" . addslashes($f_name) . "\"");
if (mysql_num_rows($res) != 0) {
$error = 1;
echo "<div class=error>A team with this name: '{$f_name}' already exists</div>";
$f_name = $obj->name;
}
// Check empty team name
if ($f_name == '') {
$error = 1;
echo "<div class=error>The team name can't be empty</div>";
$f_name = $obj->name;
}
// Check logo
//$msg = checkLogoSize($f_logo);
$msg = '';
if ($msg != '') {
$error = 1;
echo "<div class=error>{$msg}</div>";
}
}
if ($error) {
echo "<form method=post><table align=center border=0 cellspacing=0 cellpadding=1>";
// Hidden fields
echo '<input type=hidden name=f_password value="' . $f_password . '">';
echo '<input type=hidden name=link value="' . $link . '">';
if (isAdmin() || $_SESSION['playerid'] == $obj->leader) {
// Admins and leaders can change the team name
echo '<tr><td>Team name:</td><td><input name=f_name size=40 maxlength=40 value="' . $f_name . '"></td></tr>';
} else {
echo "<tr><td align=center colspan=2 class=tablehead><div class=teamname><b>" . $obj->name . "</b></div><input type=hidden name=f_name value=\"{$f_name}\"></td></tr>";
}
// Logo
if ($obj->logo != "") {
echo '<tr><td align=center colspan=2><BR><img src="' . $obj->logo . '"></td></tr>';
}
echo '<tr><td>Logo URL (400x300 max!):</td><td><input type=text size=60 maxlength=200 name=f_logo value="' . $f_logo . '"></td></tr>';
echo "<tr><td colspan=2><hr></td></tr>";
// Admin and leaders can change the team password
if (isAdmin() || $_SESSION['playerid'] == $obj->leader) {
// Password
echo '<tr><td>Password:</td><td><input type=password size=8 maxlength=8 name=f_password1 value="' . $f_password1 . '"> (leaving the fields empty will keep the current password)</td></tr>
<tr><td>Password:</td><td><input type=password size=8 maxlength=8 name=f_password2 value="' . $f_password2 . '"></td></tr>
<tr><td colspan=2><hr></td></tr>';
}
// Admin and leaders can change the team status
if (isAdmin() || $_SESSION['playerid'] == $obj->leader) {
if ($numplayer >= 3 && $numplayer < $TEAMSIZE) {
// Can change status IF there are 3 players or more
echo "<tr><td>Team status:</td><td><select name=f_status>";
if ($f_status == 'opened') {
echo '<option selected value=opened>opened</option>
<option value=closed>closed</option>';
} else {
echo '<option value=opened>opened</option>
<option selected value=closed>closed</option>';
}
echo "</select></td></tr>";
} else {
if ($numplayer == 1) {
$typo = 'player';
} else {
$typo = 'players';
}
echo '<input type=hidden name=f_status value="' . $obj->status . '">';
echo '<tr><td align=center colspan=2>The team is currently ' . $obj->status . ' (forced because you have ' . $numplayer . ' ' . $typo . ')</td></tr>';
}
} else {
echo '<tr><td align=center colspan=2>The team is currently ' . $obj->status . '</td></tr>';
}
if (isAdmin() || $_SESSION['playerid'] == $obj->leader) {
echo "<tr>";
echo "<td>Leader</td>";
echo "<td><select name=\"f_leader\">";
$sql = "SELECT id, callsign FROM l_player WHERE team = '{$id}' ORDER by callsign";
$res = mysql_query($sql);
while ($row = mysql_fetch_row($res)) {
if ($row[0] == $obj->leader) {
print "<option value=\"\" SELECTED>" . stripslashes($row[1]) . " (current leader)</option>";
} else {
print "<option value=\"{$row[0]}\">" . stripslashes($row[1]) . "</option>";
}
}
echo "</select>";
echo "</td>";
echo "</tr>";
}
// Comment
echo '<tr><td colspan=2>Comment:<br><textarea name=f_comment cols=50 rows=6>' . $f_comment . '</textarea></td></tr>
<tr><td colspan=2><hr></td></tr>
<tr><td align=center colspan=2><table><tr><td>' . htmlFormButton(' OK ', 'f_ok_x') . '</td><td width=8></td><td>' . htmlURLbutton('Cancel', 'teaminfo', "id={$id}", CLRBUT) . '</td></tr></table></td></tr></table></form>';
} else {
// Update the table
if (!empty($f_leader)) {
$sql = "SELECT 1 FROM l_player WHERE id = '{$f_leader}' AND team = {$id} ";
$res = mysql_query($sql);
if (mysql_fetch_row($res)) {
$_SESSION['leader'] = $f_leader == $_SESSION['playerid'] ? 1 : 0;
$f_leader = 'leader = ' . $f_leader . ', ';
} else {
$f_leader = '';
}
} else {
$f_leader = '';
}
if ($f_status == '') {
$f_status = 'opened';
}
if ($f_status != $obj->status) {
// Changed the status
if ($f_status == 'closed') {
$adminclosed = 'yes';
} else {
$adminclosed = 'no';
}
} else {
// Keep current status
$adminclosed = $obj->adminclosed;
}
sqlQuery($sql = 'update l_team
set logo="' . addSlashes($f_logo) . '",
comment="' . addSlashes($f_comment) . '" ' . $cypher . ',
name="' . addSlashes($f_name) . '",
adminclosed="' . $adminclosed . '", ' . $f_leader . '
status="' . $f_status . '"
where id=' . $id);
echo '<BR><center>Thank you, <a href="index.php?link=playerinfo&id=' . $_SESSION['playerid'] . '&' . SID . '">' . $_SESSION['callsign'] . '</a>, for updating the <a href="index.php?link=teaminfo&id=' . $id . '&' . SID . '">' . $f_name . '</a> team.</center>';
// If changed the team name, inform the team members
if ($f_name != $obj->name) {
echo '<center>You changed the team name, we inform your team members.</center>';
sendBzMail(0, $id, 'Team renamed!', '<center>---ADMINISTRATIVE MESSAGE---</center><br>' . $_SESSION['callsign'] . ' just changed the name of your team from <i>' . $obj->name . '</i> to <i>' . $f_name . '</i>.', true, true);
}
}
}
}
}
function section_messages()
{
$vars = array('del', 'delbulk', 'checknum', 'read', 'link', 'read');
foreach ($vars as $var) {
${$var} = isset($_POST[$var]) ? $_POST[$var] : $_GET[$var];
}
echo '<BR>';
if (isAuthenticated()) {
$_SESSION['last_msg_read_ts'] = time();
$_SESSION['new_mail'] = 0;
if (isset($del)) {
mysql_query("delete from l_message\n where msgid={$del}\n and toid={$_SESSION['playerid']}");
}
if (isset($delbulk)) {
$numdel = 0;
for ($i = 0; $i < $checknum; $i++) {
$delid = $_POST["del" . $i];
if (isset($delid)) {
$numdel++;
mysql_query("delete from l_message where msgid={$delid} and toid={$_SESSION['playerid']}");
}
}
if ($numdel != 1) {
$esse = 's';
} else {
$esse = '';
}
echo "<center>Deleted {$numdel} message{$esse}.</center><BR>";
}
if (isset($read)) {
// Display one message
$res = sqlQuery("select l_player.callsign sender, l_message.status as msgstat, fromid, datesent, subject, msg, htmlok, l_message.team\n from l_message\n left join l_player\n on id = fromid\n where toid={$_SESSION['playerid']}\n and msgid={$read}");
if (mysql_num_rows($res) == 0) {
return errorPage('no messages found');
} else {
// Display the message
$msg = mysql_fetch_object($res);
echo '<table width=80% align=center border=0 cellspacing=0 cellpadding=1>
<tr class=tabhead><td align=right width=10><nobr>Date sent:</nobr></td><TD width=6></td><TD>' . $msg->datesent . '</td></tr>';
if ($msg->sender == '') {
// Administrative message
echo '<tr class=tabhead><td align=right>From: </td><TD></td><TD><b>CTF League System</b></td></tr>';
} else {
echo '<tr class=tabhead><td align=right>From: </td><TD></td><TD><a href="index.php?link=playerinfo&id=' . $msg->fromid . '&' . SID . '">' . $msg->sender . '</a></td></tr>';
}
if ($msg->subject == '') {
$subject = 'No subject';
} else {
$subject = stripslashes($msg->subject);
}
echo '<tr class=tabhead><td align=right>Subject:</td><TD></td><TD>' . wordwrap(htmlentities($subject), 40, '<br>') . '</td></tr>';
echo '<tr><td align=right valign=top><BR>Message:</td><TD></td><TD><BR><TABLE width=100% cellpadding=10 style="border: solid 1px"><TR><TD>';
if ($msg->sender == '' || $msg->htmlok > 0) {
// if admin message, allow html
echo nl2br($msg->msg);
} else {
echo nl2br(htmlentities($msg->msg));
}
echo '</td></tr></table></td></tr></table>';
if ($msg->msgstat == 'new') {
--$_SESSION['mail_unread'];
// Set message as read
mysql_query("update l_message set status='read' where msgid={$read}");
}
// Display buttons: delete goback reply
echo '<br><TABLE align=center><TR valign=top>';
// Can't reply to administrative messages
if ($msg->sender != '') {
echo '<TD><form method=post action="index.php">' . SID_FORM;
echo '<input type=hidden name=link value=sendmessage>';
echo '<input type=hidden name=pid value=' . $msg->fromid . '>';
echo '<input type=hidden name=toteam value="' . $msg->team . '">';
echo '<input type=hidden name=reply value=1>';
echo '<input type=hidden name=mid value=' . $read . '>';
echo htmlFormButton('Reply', 'reply_direct') . '</td>';
if ($msg->team == 'yes') {
echo '<td width=10></td><td>' . htmlFormButton('Reply To Team', 'reply_team') . '</td>';
}
echo '</form><TD width=10></td>';
}
echo '<TD>' . htmlURLbutton('Delete', 'messages', "del={$read}") . '</td><TD width=10></td><TD>' . htmlURLbutton('Back', 'messages', null, CLRBUT) . '</td></tr></table>';
}
} else {
// Display all messages
$res = mysql_query("select msgid, l_player.callsign sender, fromid, datesent, \n subject, l_message.status, l_message.team\n from l_message left join l_player on id = fromid\n where toid={$_SESSION['playerid']} order by datesent desc");
echo '<div class=checkbox>';
if (mysql_num_rows($res) == 0) {
echo "<center>You don't have any message to read.</center>";
} else {
echo '<script type="text/javascript">
function checkAll (form, checkallcheckbox)
{
for (i = 0; i < form.elements.length; i++)
if (form.elements[i].type == "checkbox"){
form.elements[i].checked = checkallcheckbox.checked;
}
}
</script>';
echo '<form name="myform" method=post>' . SID_FORM . '<table border=0 align=center cellspacing=0 cellpadding=1>
<tr class=tabhead><td><input type="checkbox" name="CheckAll" value="Check All"
onClick="checkAll(document.myform, document.myform.CheckAll)"</td><td>Date sent </td>
<td>Subject </td><td width=5></td><td>From</td></tr>';
$checknum = 0;
$rownum = 0;
while ($msg = mysql_fetch_object($res)) {
$cl = ++$rownum % 2 ? 'rowOdd' : 'rowEven';
echo "\n<tr class={$cl} valign=top><td>";
// Display checkbox for deleting message
echo '<input class=checkbox type=checkbox name=del' . $checknum . ' value=' . $msg->msgid . '> ';
$checknum++;
// New messages are bold, so we prepare some stuff
$bb = '';
$be = '';
switch ($msg->status) {
case 'new':
echo '<img src="' . THEME_DIR . 'msgnew.gif">';
$bb = '<b>';
$be = '</b>';
break;
case 'read':
echo '<img src="' . THEME_DIR . 'msgread.gif">';
break;
case 'replied':
echo '<img src="' . THEME_DIR . 'msgreplied.gif">';
break;
}
if ($msg->team == 'yes') {
echo '<img src="' . THEME_DIR . '/team.gif">';
}
echo '</td><td><font size=-2>' . $bb . $msg->datesent . $be . '</font> </td>';
if ($msg->subject == '') {
$subject = 'No subject';
} else {
$subject = stripslashes($msg->subject);
}
echo "<TD>{$bb}" . htmlLink(wordwrap($subject, 40, '<br>'), 'messages', "read={$msg->msgid}", $bb ? LINK_NEW : null) . "</a>{$be}</td><TD></td>";
if ($msg->sender == '') {
// Administrative message
echo '<td> <b>CTF League System</b></td></tr>';
} else {
echo '<td> <a href="index.php?link=playerinfo&id=' . $msg->fromid . '&' . SID . '">' . $msg->sender . '</a></td></tr>';
}
}
echo '</table><br> </div> <center>' . htmlFormButton('Delete Checked', 'delbulk') . '<input type=hidden name=link value="messages">
<input type=hidden name=checknum value=' . $checknum . '
</center></form>';
}
}
} else {
errorPage('You are not allowed to view the messages');
}
}
function section_sendmessage()
{
require_once 'lib/common.php';
$vars = array('pid', 'tid', 'f_ok_x', 'toteam', 'reply', 'f_subject', 'f_msg', 'replying', 'repid', 'mid', 'link', 'dup');
$s_playerid = $_SESSION['playerid'];
foreach ($vars as $var) {
${$var} = isset($_POST[$var]) ? $_POST[$var] : $_GET[$var];
}
if (isGuest()) {
return errorPage('Not Authorized');
}
if ($dup) {
echo '<BR><CENTER>Duplicate mail not sent (refresh or back button detected)<BR>';
return;
}
if (isset($pid)) {
if ($toteam == 'yes' && isset($_POST['reply_team'])) {
$team = mysql_fetch_object(mysql_query("select l_team.id, name from l_team, l_player where l_player.id={$pid} and l_team.id=team"));
$tid = $team->id;
} else {
$toteam = 'no';
$player = mysql_fetch_object(mysql_query("select callsign from l_player where id={$pid}"));
}
}
if (isset($tid)) {
$team = mysql_fetch_object(mysql_query("select name from l_team where id={$tid}"));
}
$error = 1;
if ($f_ok_x) {
$error = 0;
$f_msg = stripslashes($f_msg);
if ($f_msg == '') {
$error = 1;
echo "<div class=error>You must write something to send a message</div>";
}
}
if ($error) {
if (isset($toteam)) {
if ($toteam == 'yes') {
$rcpt = 'team <a href="index.php?link=teaminfo&id=' . $tid . '&' . SID . '">' . $team->name . '</a>';
} else {
$rcpt = '<a href="index.php?link=playerinfo&id=' . $pid . '&' . SID . '">' . $player->callsign . '</a>';
}
} else {
if (isset($tid)) {
$rcpt = 'team <a href="index.php?link=teaminfo&id=' . $tid . '&' . SID . '">' . $team->name . '</a>';
} else {
$rcpt = 'player <a href="index.php?link=playerinfo&id=' . $pid . '&' . SID . '">' . $player->callsign . '</a>';
}
}
if (isset($reply)) {
$msg = mysql_fetch_object(mysql_query($sql = "select * from l_message where msgid={$mid}"));
$message = $msg->msg;
$f_subject = $msg->subject;
if (substr($f_subject, 0, 3) != 'Re:') {
$f_subject = 'Re: ' . $f_subject;
}
// Strip subject if it's too long
if (strlen($f_subject) > 80) {
$f_subject = substr($f_subject, 0, 80);
}
echo "<table border=0 align=center cellspacing=0 cellpadding=1>\n <tr class=tablehead><td>Original message:</td></tr>\n <tr class=msgquote><td>";
echo stripslashes(nl2br($message)) . '</td></tr></table><br>';
// Quote initial message
$f_msg = ereg_replace("\n", ">", ereg_replace("^", ">", $message));
$f_msg = $f_msg . "\n>\n";
$action = "Replying to ";
} else {
$action = "Sending a message to ";
}
echo '<center><form method=post>' . SID_FORM . $action . $rcpt . '.<br><br>
Enter your message below:<br>
Subject:<input type=text maxlength=80 size=60 name=f_subject value="' . $f_subject . '"><BR>
<textarea cols=50 rows=15 name=f_msg>' . stripslashes($f_msg) . '</textarea>
<hr><center>
<input type=hidden name=link value=' . $link . '>';
snFormInit();
echo '<TABLE><TR><TD>' . htmlFormButton('SEND', 'f_ok_x') . '</td><TD width=10></td><TD>';
if (isset($pid)) {
echo htmlURLbutton('Cancel', 'playerinfo', "id={$pid}", CLRBUT);
} else {
echo htmlURLbutton('Cancel', 'teaminfo', "id={$tid}", CLRBUT);
}
echo '</td></tr></table><input type=hidden name=link value=' . $link . '>';
if (isset($reply)) {
// Flag that we are replying to a message
echo '<input type=hidden name=replying value=1>';
echo '<input type=hidden name=repid value=' . $mid . '>';
}
if (isset($tid)) {
echo '<input type=hidden name=tid value=' . $tid . '>';
} else {
echo '<input type=hidden name=pid value=' . $pid . '>';
}
echo '</center></form></center>';
} else {
// Do send the message
echo "<center>Message sent, thank you!</center>";
snCheck('sendmessage', 'dup=1');
// If replying we mark the original message as replied
if (isset($replying)) {
mysql_query("update l_message set status='replied' where msgid={$repid}");
}
if (isset($pid)) {
if ($toteam == 'yes') {
// Send to a team
sendBzMail($s_playerid, $tid, $f_subject, $f_msg, 'yes');
} else {
// Send to one player
sendBzMail($s_playerid, $pid, $f_subject, $f_msg);
}
} else {
// Send to a team
sendBzMail($s_playerid, $tid, $f_subject, $f_msg, 'yes');
}
}
}
function section_invite_dispForm($team, $player, $link, $days)
{
global $invite_durations;
echo '<center><form method=post><font size=+1>Sending an invitation to ' . playerLink($player->id, $player->callsign) . ' to join your team, ' . teamLink($team->name, $team->id, false) . '</font><br>';
echo '<BR><TABLE><TR><TD><HR><p>This invitation will allow ' . playerLink($id, $player->callsign) . ' to join your team, even if it is closed.<BR>Please select when this invitation should expire:
<select name=days>';
foreach ($invite_durations as $val => $text) {
htmlOption($val, $text, $days);
}
echo '</select><p><hr><p>
Enter a few words which will be attached to your invitation (mandatory):<br>
<textarea cols=50 rows=6 name=f_invite>' . $f_invite . '</textarea>
<center><p><TABLE align=center><TR><TD>' . htmlFormButton("Invite", 'f_ok_x') . '</td><TD width=10></td><TD>' . htmlURLbutton("Cancel", 'playerinfo', "id={$id}", CLRBUT) . '</td></tr></table>';
echo '<input type=hidden name=link value=' . $link . '>
<input type=hidden name=id value=' . $player->id . '>
</center></form></center> </td></tr></table>';
}
function section_links_presentForm($id)
{
echo '<BR><div class=feedback>';
if ($id > 0) {
echo "EDITING LINK (id #{$id})";
$row = mysql_fetch_object(sqlQuery('select * from ' . TBL_LINKS . " where id={$id}"));
} else {
echo "ADDING NEW LINK";
$row->url = 'http://';
}
$link = $_GET['link'];
echo '</div><BR>';
echo "<form method=post><table align=center border=0 cellspacing=0 cellpadding=1>\n <input type=hidden name=link value={$link}>\n <input type=hidden name=state value=1>\n <tr><td align=right>Title:</td><TD><input type=text size=50 maxlength=80 name=title value='{$row->name}'></td></tr>\n <tr><td align=right>URL:</td><TD><input type=text size=50 maxlength=120 name=url value='{$row->url}'></td></tr>\n <tr><td align=right>Comment:</td><TD><textarea cols=70 rows=10 name=comment>{$row->comment}</textarea></td></tr>\n <tr><td align=right>Sort #:</td><TD><input type=text size=5 maxlength=4 name=ord value='{$row->ord}'></td></tr>\n <tr><td align=center colspan=2>";
htmlMiniTable(array(htmlFormButton('Submit', '', ADMBUT), $id == 0 ? '' : htmlFormButton('DELETE Link', 'del', ADMBUT), htmlURLbutton('Cancel', 'linkadmin', null, CLRBUT)), 8);
echo '</td></tr></form></table>';
}
