function section_news_common($admReq)
{
$numarts = $_GET['numarts'];
if ($numarts < 5 || $numarts > 1000) {
$numarts = 15;
}
if (isFuncAllowed('news::edit_news') && $admReq) {
$adm = true;
foreach (array('id', 'text', 'date', 'state', 'del') as $v) {
${$v} = $_POST[$v];
}
if (!isset($id)) {
$id = $_GET['id'];
}
echo '<CENTER>';
if (isset($id)) {
if ($state == 1) {
echo '<DIV class=feedback><BR>';
section_news_submit($id, $del, $text, $date);
echo '</div><BR>';
} else {
section_news_presentForm($id);
return;
}
}
}
//unset ($_SESSION['new_news']);
section_news_displayNews($adm, $_GET['link'], $numarts);
}
function section_online()
{
echo '<BR>';
$showIP = isFuncAllowed('show_ip');
$logged = sqlQuery('SELECT callsign, MIN(' . SESSION_LIFETIME . '-(UNIX_TIMESTAMP(expire)-UNIX_TIMESTAMP())) AS idle,
ip, playerid FROM ' . TBL_SESSION . ' WHERE callsign IS NOT NULL AND expire > NOW() GROUP BY callsign ');
if (!$logged) {
echo 'Data problems - try back later<BR>';
return;
}
$guests = sqlQuery('SELECT MIN(' . SESSION_LIFETIME . '-(UNIX_TIMESTAMP(expire)-UNIX_TIMESTAMP())) AS idle, ip
FROM ' . TBL_SESSION . ' WHERE callsign IS NULL AND expire > NOW() GROUP BY ip');
if (mysql_num_rows($logged) == 0 && mysql_num_rows($guests) == 0) {
echo "<center>Nobody's online</center>";
return;
}
echo '<center><table>';
while ($row = mysql_fetch_object($logged)) {
echo '<TR><TD>' . $ipLong . playerLink($row->playerid, $row->callsign) . ' </td><TD> (idle: ' . section_online_timestr($row->idle) . ')</td>';
if ($showIP) {
echo "<TD width=10></td><TD>{$row->ip}</td>";
}
echo '</tr>';
}
if (isFuncAllowed('show_guests')) {
echo '<TR><TD colspan=5><BR></td></tr>';
while ($row = mysql_fetch_object($guests)) {
// Ignore googlebot and msnbot/microsoft surfers. Narrow this down if possible
if (!section_online_matchCIDR($row->ip, "66.249.64.0/19") && !section_online_matchCIDR($row->ip, "207.46.0.0/16")) {
echo '<TR><TD>guest </td><TD> (idle: ' . section_online_timestr($row->idle) . ')</td>';
if ($showIP) {
echo "<TD width=10></td><TD>{$row->ip}</td>";
}
echo '</tr>';
}
}
}
echo '</table></center>';
}
function section_links_links($admReq)
{
if (isFuncAllowed('links::edit_links') && $admReq) {
$adm = true;
foreach (array('id', 'url', 'title', 'comment', 'state', 'ord', 'del') as $v) {
${$v} = $_POST[$v];
}
if (!isset($id)) {
$id = $_GET['id'];
}
echo '<BR><CENTER>';
if (isset($id)) {
if ($state == 1) {
echo '<DIV class=feedback>';
section_links_submitLink($id, $title, $url, $comment, $ord, $del);
echo '</div><BR>';
} else {
section_links_presentForm($id);
return;
}
}
}
section_links_displayLinks($adm);
}
function section_banplayer()
{
require_once 'lib/common.php';
$playerid = $_GET['playerid'];
$teamid = $_GET['teamid'];
$f_okban_x = $_GET['f_okban_x'];
$f_ok_x = $_GET['f_ok_x'];
$callsign = $_GET['callsign'];
$name = $_GET['name'];
$link = $_GET['link'];
$player = mysql_fetch_object(mysql_query("select callsign from l_player where id=" . $playerid));
$team = mysql_fetch_object(mysql_query("select name from l_team where id=" . $teamid));
// FIXME: Ok, for now I ignore that players with teampassword can ban other
// players. This is just a quick fix, before there was NO checks WHATSOEVER
// if the operation was allowed
// Check permission
$allowed = 0;
$obj = mysql_fetch_object(mysql_query("select name, comment, leader, logo, password, status, adminclosed from l_team where id=" . $teamid));
$res = mysql_fetch_object(mysql_query("select count(*) num from l_player where team=" . $teamid));
$numplayer = $res->num;
if (isFuncAllowed('teamadmin::edit_any_team') || $_SESSION['playerid'] == $obj->leader) {
// Admin or team leader, allowed
$allowed = 1;
} else {
// FIXME: This wont work, as the link does not contain the teampassword.
/*
// Check password
$cypher = substr (crypt($f_password, substr($obj->password, 0, 2)), 0, 13);
if($cypher == $obj->password) {
// Good password, allowed
$allowed = 1;
}
*/
errorPage("Permission denied.");
return;
}
if ($f_okban_x) {
// Ban confirmed
// Open team is not administratively closed, or if num players<3
$pl = mysql_fetch_object(mysql_query("select count(*) num from l_player where team=" . $teamid));
if ($pl->num == 3) {
mysql_query("update l_team set status='opened' where id=" . $teamid);
} else {
mysql_query("update l_team set status='opened' where adminclosed='no' and id=" . $teamid);
}
mysql_query("update l_player set team=0 where id=" . $playerid);
echo '<center>Well <a href="index.php?link=playerinfo&id=' . $_SESSION['playerid'] . '">' . $_SESSION['callsign'] . '</a>,
<a href="index.php?link=playerinfo&id=' . $playerid . '">' . $callsign . '</a>
is no longer a member of the team
<a href="index.php?link=teaminfo&id=' . $teamid . '">' . $name . '</a>';
//TODO: reload of page sends multiple messages ... ?
echo '<br>A message has just been sent to the user.</center>';
sendBzMail(0, $playerid, 'You have been released!', 'Sorry, but ' . $_SESSION['callsign'] . ' released you from the ' . $team->name . ' team<br>');
} else {
if (!$f_ok_x) {
// Someone is playing with the headers
echo "<center>Hey! Please stop playing with your browser!</center>";
} else {
echo '<center>Please confirm that you want to ban <a href="index.php?link=playerinfo&id=' . $playerid . '&' . SID . '">' . $player->callsign . '</a>
from the team <a href="index.php?link=teaminfo&id=' . $teamid . '&' . SID . '">' . $team->name . '</a>.</center>';
echo '<center><BR><form method=GET>' . SID_FORM . '
<input type=hidden name=link value=' . $link . '>
<input type=hidden name=playerid value=' . $playerid . '>
<input type=hidden name=teamid value=' . $teamid . '>
<input type=hidden name=callsign value="' . $player->callsign . '">
<input type=hidden name=name value="' . $team->name . '">' . '<table border=0><TR><TD>' . htmlFormButton(' BAN ', 'f_okban_x') . ' </td><TD> ' . htmlURLbutton('Cancel', 'teaminfo', "id={$teamid}", CLRBUT) . '
</td></tr></table>
</form></center>';
}
}
}
function section_entermatch_editForm($mid, $teama, $teamb, $scorea, $scoreb, $dte, $tme, $mlen)
{
// enter form follows ....
echo "<center><TABLE width=200><TR><TD align=center>\n <TABLE cellpadding=5><TR><TD align=center>TEAM</td><TD>Score</td></tr>\n <form method=post action=\"index.php\"><TR><TD>\n <input type=hidden name=link value=editmatch>\n <input type=hidden name=state value=1>\n <input type=hidden name=mid value={$mid}>";
echo snFormInit();
section_entermatch_htmlTeamSelect('teama', $teama);
echo "</td><TD><input size=3 maxlength=3 value=\"{$scorea}\" name=scorea></td></tr><TR><TD>";
section_entermatch_htmlTeamSelect("teamb", $teamb);
echo "</td><TD><input size=3 maxlength=3 value=\"{$scoreb}\" name=scoreb></td></tr></table>";
if ($dte == '') {
$dte = gmdate('Y-m-d');
}
if ($tme == '') {
$tme = gmdate('H:i:s');
}
echo "<BR><HR>\n <TABLE><TR><TD align=right>\n <nobr>DATE: <input type=text name=dte size=10 maxlength=10 value=\"{$dte}\"></nobr>\n <p>\n <nobr>TIME: <input type=text name=tme size=10 maxlength=8 value=\"{$tme}\"></nobr>\n </td><TD> </td><TD valign=top><nobr>Actual date/time of match (GMT).</nobr><BR>Chronological ";
$mlens = section_entermatch_durations();
if (count($mlens) == 1) {
print "<input type=hidden name=mlen value=" . $mlens[0] . ">";
} else {
print "<p> <nobr>LENGTH: ";
print "<select name=\"mlen\">";
foreach ($mlens as $duration) {
htmlOption($duration, "{$duration} mins", $mlen);
}
print "</select>";
}
echo "</td><TD> </td><TD valign=top><nobr>Actual date/time of match (GMT).</nobr><BR>Chronological \n order of matches can affect team rankings!";
echo '</td></tr></table><TR><TD align=center><HR><TABLE align=center><TR><TD>';
if ($mid) {
echo htmlFormButton(' EDIT ', '') . '</td>';
if (isFuncAllowed('delete_match')) {
echo '<TD width=8></td><TD>' . htmlFormButton('DELETE', 'del') . '</td>';
}
} else {
echo htmlFormButton('Enter', '') . '</td>';
}
echo '<TD width=8></td><TD>' . htmlFormReset('Reset') . '
</td></tr></table></form>
</td></tr></table><p><p>';
}
function section_teaminfo()
{
require_once 'lib/common.php';
$s_teamid = $_SESSION['teamid'];
$s_logedin = isAuthenticated();
$s_level = $_SESSION['level'];
$s_playerid = $_SESSION['playerid'];
$id = addslashes($_GET['id']);
$res = mysql_query("SELECT name, comment, leader, logo, status, score, \n unix_timestamp(status_changed) as status_changed, unix_timestamp(created) as ucreated\n FROM l_team WHERE id='{$id}'");
$team = mysql_fetch_object($res);
if (!$team) {
echo '<BR><CENTER>Specified team does not exist<BR>';
return;
}
echo '<TABLE align=center><TR><TD>' . htmlURLbutton('Opponent summary', 'oppsumm', "id={$id}") . '</td>';
// Join this team if opened, and if we are logged and not belonging to any team
if ($s_logedin && !$s_teamid && $members < 20 && $team->status == "opened") {
echo '<TD>' . htmlURLbutton('Join Team', 'jointhisteam', "id={$id}") . '</td>';
}
// Send a message to all the team members
if ($s_logedin && $team->status != 'deleted') {
echo '<TD>' . htmlURLbutton('Send BZmessage', 'sendmessage', "tid={$id}") . '</td>';
}
echo '</tr></table>';
if ($team->status == 'deleted') {
echo '<div class=feedback>';
if ($team->status_changed) {
echo "<br><center>This team was deleted on " . gmdate('Y-m-d', $team->status_changed) . "</center>";
} else {
echo "<br><center>This team is deleted.</center>";
}
echo '</div>';
}
echo '<BR><table align=center border=0 cellspacing=0 cellpadding=1>
<tr><td class=teamName align=center>' . $team->name . '<BR></td></tr>';
// Logo if any
if ($team->logo != "") {
echo '<tr><td align=center>
<table><TR><TD bgcolor=white><img src="' . $team->logo . '"></td></tr></table>
<hr></td></tr>';
}
// Ratings
$act45 = teamActivity($id, 45);
$act90 = teamActivity($id, 90);
echo '<tr><td> <TABLE align=center>
<TR><TD width=50% align=right>Created:</td><td width=10></td><td width=50%>' . gmdate('Y-m-d', $team->ucreated) . '</td></tr>
<TR><TD align=right>Rating:</td><td></td><td>' . displayRating($id) . '</td></tr>
<TR><TD align=right>Activity:</td><TD></td><td>' . sprintf('%1.2f / %1.2f', $act45, $act90) . '</td></tr>
<TR><TD colspan=3 align=center> Average number of games played per day<BR>
<NOBR>(exponential moving average over last 45 / 90 days)</nobr></td></tr>';
echo '</td></td></table></td></tr>';
// Matches statistics
$sta1 = mysql_fetch_object(mysql_query("select ifnull(sum(if(score1>score2,1,0)),0) win,\n ifnull(sum(if(score1=score2,1,0)),0) draw,\n ifnull(sum(if(score1<score2,1,0)),0) loss\n from " . TBL_MATCH . " where team1={$id}"));
$sta2 = mysql_fetch_object(mysql_query("select ifnull(sum(if(score2>score1,1,0)),0) win,\n ifnull(sum(if(score2=score1,1,0)),0) draw,\n ifnull(sum(if(score2<score1,1,0)),0) loss\n from " . TBL_MATCH . " where team2={$id}"));
$win = $sta1->win + $sta2->win;
$draw = $sta1->draw + $sta2->draw;
$loss = $sta1->loss + $sta2->loss;
echo "<tr><td align=center><hr>\n <table border=0 cellspacing=0 cellpadding=0 align=center><tr>\n <td align=center>Wins</td><td align=center> Draws </td><td align=center>Losses</td></tr><tr>\n <td align=center>{$win}</td><td align=center>{$draw}</td><td align=center>{$loss}</td>\n </tr></table>\n <hr></td></tr>";
// Comment if any
if ($team->comment != "") {
echo '<tr><td><ul>' . nl2br($team->comment) . '</ul><hr></td></tr>';
}
// Players list
$i = 0;
if (SHOW_PLAYER_ACTIVE > 0) {
$activeDays = SHOW_PLAYER_ACTIVE;
} else {
$activeDays = 0;
}
$res = mysql_query("select id, callsign, comment, status, C.flagname, \n last_login > subdate(now(), INTERVAL {$activeDays} DAY) as active\n from l_player\n left join bzl_countries C on country = C.numcode\n where team=" . $id . "\n order by active desc,callsign");
$members = 0;
echo '<TR><TD><table border=0 cellspacing=0 cellpadding=0 align=center>';
while ($obj = mysql_fetch_object($res)) {
$members++;
if (++$i & 1) {
$cl = "rowEven";
} else {
$cl = "rowOdd";
}
echo "<tr class='{$cl}' valign=middle>";
echo "<TD align=right><a href='index.php?link=playerinfo&id={$obj->id}'>{$obj->callsign}</a></td><TD>";
if ($obj->id == $team->leader) {
echo ' <img TITLE="Team Leader" src="' . THEME_DIR . 'leader.gif">';
}
echo '</td><TD>';
if ($obj->active) {
echo ' <img TITLE="Active player (has logged into this site recently)" src="' . THEME_DIR . 'active.gif">';
}
echo '</td><TD width=10></td>';
echo '<TD>' . smallflag($obj->flagname) . '</td>';
if ($s_logedin && (isFuncAllowed('teamadmin::edit_any_team') || $s_playerid == $team->leader)) {
if ($obj->id != $team->leader) {
// Link to ban a player from a team
echo '<td align=center>' . htmlURLbutSmall('BAN', 'banplayer', "playerid={$obj->id}&teamid={$id}&f_ok_x=2", ADMBUT) . '</form></td></tr>';
} else {
echo '<td> </td></tr>';
}
} else {
echo '<td> </td></tr>';
}
echo "\n";
}
echo '</td></tr></table>';
// Show last fights
$sql = "SELECT t1.id, t1.name, f.score1, t2.id, t2.name, f.score2, f.tsactual, unix_timestamp(f.tsactual) tstamp_ts \n" . "FROM " . TBL_MATCH . " f, l_team t1, l_team t2 " . "WHERE (f.team1 = '{$id}' OR f.team2 = '{$id}') " . " AND f.team1 = t1.id " . " AND f.team2 = t2.id " . "ORDER BY f.tsactual DESC " . "LIMIT 11 ";
$res = sqlQuery($sql);
$tmp = '';
$count = 0;
while ($row = mysql_fetch_array($res)) {
$count++;
if ($count < 11) {
if (isset($_SESSION['last_login']) && $_SESSION['last_login'] < $row[7]) {
$new1 = "<font color=\"red\">";
$new2 = "</font>";
} else {
$new1 = '';
$new2 = '';
}
if ($count % 2) {
$cl = "rowEven";
} else {
$cl = "rowOdd";
}
$tmp .= "<tr class=\"{$cl}\">";
$tmp .= '<td align="right">' . $new1 . $row[6] . $new2 . '</td>';
if ($row[0] != $id) {
$oppid = $row[0];
$oppname = stripslashes($row[1]);
$oppscore = $row[2];
$teamscore = $row[5];
} else {
$oppid = $row[3];
$oppname = stripslashes($row[4]);
$oppscore = $row[5];
$teamscore = $row[2];
}
$tmp .= "<td>{$new1}";
$oppname = '<a href="index.php?link=teaminfo&id=' . $oppid . '&' . SID . '">' . $new1 . $oppname . $new2 . '</a>';
if ($oppscore < $teamscore) {
$tmp .= "<b>Won</b> against {$oppname}";
} elseif ($oppscore > $teamscore) {
$tmp .= "<b>Lost</b> against {$oppname}";
} else {
$tmp .= "<b>Tie</b> against {$oppname}";
}
$tmp .= " ({$row[2]} - {$row[5]})";
$tmp .= "{$new2}</td>";
$tmp .= "</tr>\n";
}
}
echo '<tr>';
echo '<td align=center> <br><b>';
if ($count == 1) {
echo 'Last match';
} else {
if ($count == 11) {
echo 'Last 10 matches, view them all <a href="index.php?link=fights&id=' . $id . '&' . SID . '">here</a>';
} elseif ($count == 0) {
echo "No matches played";
} else {
echo "Last {$count} matches";
}
}
echo '</b><BR><BR></td></tr><TR><TD>';
echo "<table align=center border=0>{$tmp}</table>";
// Or... edit your team if you are a leader or ad admin, or with a password if you are a member
// Team members can't change the password, though...
// Unless ofcause the team is deleted
if ($team->status == 'deleted') {
if ($team->status_changed) {
echo "<br><center>This team is deleted as of " . gmdate('Y-m-d', $team->status_changed) . "</center>";
} else {
echo "<br><center>This team is deleted.</center>";
}
} else {
if ($s_logedin && (isFuncAllowed('teamadmin::edit_any_team') || $s_teamid == $id)) {
if (!isFuncAllowed('teamadmin::edit_any_team') && $s_playerid != $team->leader) {
// Team member, need password
echo '<form method=post>
<input type=hidden name=link value=teamadmin>
<input type=hidden name=id value=' . $id . '>
<br><center>Enter team password <input type=password size=8 maxlength=8 name=f_password> and
' . htmlFormButton('Edit Team', 'f_edit_x') . '
</center></form>';
} else {
$invites = sqlQuery("SELECT *, l_player.callsign FROM bzl_invites, l_player\n WHERE teamid={$id} AND expires > NOW() AND bzl_invites.playerid = l_player.id");
if (mysql_num_rows($invites) > 0) {
echo '<BR><HR>Invitations currently active:<BR><TABLE>';
while ($row = mysql_fetch_object($invites)) {
echo '<TR><TD width=25></td><TD>' . playerLink($row->playerid, $row->callsign) . "</td><TD width=10></td><TD>(expires: {$row->expires})</td></tr>";
}
echo '</table><HR>';
}
// Team leader or admin, let's go
echo '<center><BR>
' . htmlURLbutton('Edit Team', 'teamadmin', "id={$id}", ADMBUT) . '
<BR>
' . htmlURLbutton('Dismiss Team', 'dismissteam', "id={$id}", ADMBUT);
}
}
}
}
function section_bzforums()
{
require_once 'lib/common.php';
$allowDelete = isFuncAllowed('post_delete');
$allowNew = isFuncAllowed('post_new');
$allowReply = isFuncAllowed('post_reply');
$allowEdit = isFuncAllowed('post_edit');
$allowLock = isFuncAllowed('topic_lock');
$allowSticky = isFuncAllowed('topic_sticky');
$allowTDelete = isFuncAllowed('topic_delete');
$allowViewDeleted = isFuncAllowed('topic_view_deleted');
$showRoles = isFuncAllowed('show_roles');
$POSTSPERPAGE = 10;
$link = 'bzforums';
$utcNOW = gmdate("Y-m-d H:i:s");
// Variables:
// top = which post is first on the page i think
$vars = array('top', 'threadid', 'forumid', 'id', 'action');
foreach ($vars as $var) {
${$var} = $_REQUEST[$var];
}
// Get and print the forum title
if (isset($forumid)) {
$row = mysql_fetch_object(mysql_query("select title, status from l_forum where id={$forumid}"));
echo 'Forum: <a href="index.php?link=' . $link . '&' . SID . '">
<font size=+1>BZforums</font></a><font size=+1><i> / </i></font>
<a href="index.php?link=' . $link . '&forumid=' . $forumid . '&' . SID . '">
<font size=+1>' . $row->title . '</font></a><hr>';
if ($row->status != 'Open') {
print "This forum is not accessible. Sorry";
return;
}
}
// check if we need to change permissions (eg, disallow reply/post for locked topics)
if (isset($threadid)) {
$threadid = intval($threadid);
$row = mysql_fetch_object(mysql_query("select status, is_sticky from l_forumthread where id={$threadid}"));
if ($row->status == 'locked' && !isAdmin()) {
$allowNew = false;
$allowReply = false;
} elseif ($row->status == 'deleted' && !$allowViewDeleted) {
errorPage('This topic is deleted');
return;
}
$threadstatus = $row->status;
$threadsticky = $row->is_sticky;
}
// Perform deletion
if ($allowDelete && $action == 'delete2' && $id != '') {
$id = intval($id);
mysql_query("DELETE FROM l_forummsg WHERE msgid = '{$id}' LIMIT 1") or die(mysql_error());
// Check if there is any message left for that thread
$threadid = intval($threadid);
$res = mysql_query("SELECT count(1) FROM l_forummsg WHERE threadid = '{$threadid}'") or die(mysql_error());
$row = mysql_fetch_row($res);
if ($row[0] == 0) {
// No messages in thread: deleting thread - jumo to threadlist
mysql_query("DELETE FROM l_forumthread WHERE id = '{$threadid}' LIMIT 1") or die(mysql_error());
header("Location: index.php?link=bzforums&forumid={$forumid}");
exit;
}
$action = '';
} elseif ($action == 'lock') {
$threadid = intval($threadid);
if (!$allowLock) {
errorPage("You are not allowed to lock topics");
return;
}
mysql_query("UPDATE l_forumthread SET status = 'locked', status_by = {$_SESSION['playerid']}, \n status_at = '{$utcNOW}' WHERE id = '{$threadid}' and status != 'locked' LIMIT 1") or die(mysql_error());
$action = '';
$threadstatus = 'locked';
} elseif ($action == 'revive') {
$threadid = intval($threadid);
if (!$allowLock && $threadstatus == 'locked') {
errorPage("You are not allowed to unlock topics");
return;
}
if (!$allowTDelete && $threadstatus == 'deleted') {
errorPage("You are not allowed to undelete topics");
return;
}
mysql_query("UPDATE l_forumthread SET status = 'normal', \n status_by = {$_SESSION['playerid']}, status_at = '{$utcNOW}' WHERE id = '{$threadid}' LIMIT 1") or die(mysql_error());
$action = '';
$threadstatus = 'normal';
} elseif ($action == 'deletetopic') {
$threadid = intval($threadid);
if (!$allowTDelete) {
errorPage("You are not allowed to delete topics");
return;
}
mysql_query("UPDATE l_forumthread SET status = 'deleted', status_by = {$_SESSION['playerid']}, \n status_at = '{$utcNOW}' WHERE id = '{$threadid}' and status != 'deleted' LIMIT 1") or die(mysql_error());
$action = '';
$threadstatus = 'deleted';
} elseif ($action == 'sticky') {
$threadid = intval($threadid);
if (!$allowSticky) {
errorPage("You are not allowed to use sticky");
return;
}
mysql_query("UPDATE l_forumthread SET is_sticky = 1 WHERE id = '{$threadid}' LIMIT 1") or die(mysql_error());
$action = '';
$threadsticky = 1;
} elseif ($action == 'unsticky') {
$threadid = intval($threadid);
if (!$allowSticky) {
errorPage("You are not allowed to use sticky");
return;
}
mysql_query("UPDATE l_forumthread SET is_sticky = 0 WHERE id = '{$threadid}' LIMIT 1") or die(mysql_error());
$action = '';
$threadsticky = 0;
} elseif ($action == 'new' || $action == 'reply' || $action == 'edit') {
if ($action == 'new' && !$allowNew) {
errorPage("You are not allowed to post new topics");
return;
} elseif ($action == 'reply' && !$allowReply) {
errorPage("You are not allowed to reply");
return;
} elseif ($action == 'edit' && !$allowEdit) {
errorPage("You are not allowed to edit");
return;
}
echo '<form method=post name="post" action="index.php">' . SID_FORM;
echo '<input type=hidden name=threadid value=' . $threadid . '>';
echo '<input type=hidden name=link value="' . $link . '">';
echo '<input type=hidden name=forumid value=' . $forumid . '>';
echo '<input type=hidden name=id value=' . $id . '>';
echo '<input type=hidden name=top value=' . $top . '>' . snFormInit();
echo '<table border=0 align=center cellspacing=0 cellpadding=0>';
echo '<tr class=tablehead><td colspan=2 align=center>';
if ($action == 'new') {
echo 'New Topic';
} elseif ($action == 'reply') {
echo 'New Reply';
} else {
echo "Edit message";
}
echo '</td></tr>';
echo '<tr><td>Subject: </td><td>';
if ($action == 'new') {
print '<input type=text name=subject size=50 maxlength=80>';
} else {
$row = mysql_fetch_object(mysql_query("select subject from l_forumthread where id={$threadid}"));
echo '<i>' . $row->subject . '</i>';
}
print '</td></tr>';
echo '<tr><td valign="top">Message</td><td>';
if ($action == 'edit') {
$id = intval($id);
$row = mysql_fetch_object(mysql_query("select msg from l_forummsg where msgid={$id}"));
print '<textarea cols=50 rows=10 name=forummsg>' . htmlspecialchars($row->msg) . '</textarea>';
} else {
print '<textarea cols=50 rows=10 name=forummsg></textarea>';
}
print '</td></tr>';
// Form buttons
echo '<tr><td colspan=2 align=center>' . htmlFormButton('OK', 'save_' . $action) . ' ' . htmlFormButton('Cancel', 'cancel', CLRBUT) . '</td></tr>';
print '<tr><td>Smiley:</td><td align="middle">';
$res = mysql_query("select image, code from l_smiley GROUP BY image") or die(mysql_error());
while ($row = mysql_fetch_object($res)) {
print '<a href="#" onclick="javascript:document.post.forummsg.value += \' ' . $row->code . '\'"><img border=0 src="' . THEME_DIR . 'smilies/' . $row->image . '" border=0/></a> ';
}
print "</tr>";
echo '</table></form>';
} elseif (isset($_POST['save_new'])) {
$forummsg = section_bzforums_stripExtraLF($_POST['forummsg']);
$subject = $_POST['subject'];
// New topic
if ($allowNew) {
mysql_query("INSERT INTO l_forumthread (id,forumid,creatorid,subject) VALUES(0, {$forumid}, {$_SESSION['playerid']}, '" . $subject . "')") or die(mysql_error());
$threadid = mysql_insert_id();
mysql_query("insert into l_forummsg(msgid,threadid,fromid,msg,datesent) \n values(0, {$threadid}, {$_SESSION['playerid']}, '" . $forummsg . "', '{$utcNOW}')") or die(mysql_error());
session_refresh_all();
} else {
errorPage("You are not allowed to post new topics");
return;
}
} elseif (isset($_POST['save_reply'])) {
$forummsg = section_bzforums_stripExtraLF($_POST['forummsg']);
if ($allowReply) {
snCheck('bzforums', "forumid={$forumid}&threadid={$threadid}");
mysql_query("insert into l_forummsg(msgid,threadid,fromid,msg,datesent) \n values(0, {$threadid}, {$_SESSION['playerid']}, '" . $forummsg . "', '{$utcNOW}')");
session_refresh_all();
} else {
errorPage("You are not allowed to reply");
return;
}
} elseif (isset($_POST['save_edit'])) {
$forummsg = section_bzforums_stripExtraLF($_POST['forummsg']);
if ($allowReply) {
$id = intval($id);
snCheck('bzforums', "forumid={$forumid}&threadid={$threadid}");
// mysql_query("UPDATE l_forummsg SET msg = '$forummsg' WHERE msgid = '$id'");
mysql_query("UPDATE l_forummsg SET msg = '{$forummsg}', status = 'edited', \n status_by = {$_SESSION['playerid']}, status_at = '{$utcNOW}' WHERE msgid = '{$id}'");
session_refresh_all();
} else {
errorPage("You are not allowed to edit");
return;
}
}
if (isset($threadid)) {
// Display a thread
// Control buttons
// 06/28/2002: $POSTSPERPAGE posts/page max.
if (!isset($top)) {
$top = 0;
$newtop = 0;
}
if ($top == "") {
$top = 0;
$newtop = 0;
}
if ($action == '') {
echo '<TABLE align=right><TR>';
if ($allowReply && $threadstatus != 'deleted') {
echo '<td>' . htmlURLbutton('Add Reply', $link, "forumid={$forumid}&threadid={$threadid}&action=reply&top={$top}") . '</td>';
}
if ($allowLock && $threadstatus != 'locked') {
echo '<td>' . htmlURLbutton('Lock topic', $link, "forumid={$forumid}&threadid={$threadid}&action=lock&top={$top}", ADMBUT) . '</td>';
}
if ($allowTDelete && $threadstatus != 'deleted') {
echo '<td>' . htmlURLbutton('Delete topic', $link, "forumid={$forumid}&threadid={$threadid}&action=deletetopic&top={$top}", ADMBUT) . '</td>';
}
if ($allowLock && $threadstatus == 'locked' || $allowTDelete && $threadstatus == 'deleted') {
echo '<td>' . htmlURLbutton('Revive topic', $link, "forumid={$forumid}&threadid={$threadid}&action=revive&top={$top}", ADMBUT) . '</td>';
}
if ($allowSticky) {
if ($threadsticky) {
echo '<td>' . htmlURLbutton('Remove sticky', $link, "forumid={$forumid}&threadid={$threadid}&action=unsticky&top={$top}", ADMBUT) . '</td>';
} else {
echo '<td>' . htmlURLbutton('Make sticky', $link, "forumid={$forumid}&threadid={$threadid}&action=sticky&top={$top}", ADMBUT) . '</td>';
}
}
echo '</tr></table><BR clear=all>';
}
$temp = mysql_fetch_object(mysql_query("select count(msgid) num from l_forummsg where threadid={$threadid}"));
$numpost = $temp->num;
$numpages = floor(($numpost + $POSTSPERPAGE - 1) / $POSTSPERPAGE);
$curpage = $top / $POSTSPERPAGE + 1;
$res = sqlQuery("select msgid, msg, datesent, l_forummsg.status, status_at, l_player.id pid, \n player2.callsign as editedby, l_player.callsign, r.name as role\n from (l_forummsg, l_player, bzl_roles r)\n LEFT JOIN l_player player2 ON player2.id = status_by\n where threadid={$threadid}\n and fromid = l_player.id\n and l_player.role_id = r.id\n order by datesent\n limit {$top}, {$POSTSPERPAGE}");
// Table header
$sub = mysql_fetch_object(mysql_query("select subject, status from l_forumthread where id={$threadid}"));
echo '<table align=center border=1 cellspacing=0 cellpadding=1>';
if ($threadsticky) {
$status = '<b>Sticky</b> ';
} else {
$status = '';
}
if ($sub->status == 'locked') {
$status .= '<b>Locked</b> ';
} elseif ($sub->status == 'deleted') {
$status .= '<b>Deleted</b> ';
}
echo '<tr class=tabhead><td colspan=3><font size=+1>' . $status . '<i>' . smileys($sub->subject) . '</i></font>';
// Display pages if multiple pages and not adding a post
if ($numpages > 1 && !isset($addpost)) {
echo '<div align=right>';
for ($i = 1; $i <= $numpages; $i++) {
if ($i == $curpage) {
echo $i . ' ';
} else {
$newtop = ($i - 1) * $POSTSPERPAGE;
echo '<a href="index.php?link=' . $link . '&forumid=' . $forumid . '&threadid=' . $threadid . '&top=' . $newtop . '&' . SID . '">' . $i . '</a> ';
}
}
echo '</div>';
}
echo '</td></tr>';
echo '<tr class=tablehead><td>Author</td><td>Message</td></tr>';
$cf = 1;
while ($row = mysql_fetch_object($res)) {
echo '<tr class=forum' . $cf . '>';
echo '<td valign=top rowspan="' . ($allowDelete ? 2 : 1) . '"><a href="index.php?link=playerinfo&id=' . $row->pid . '&' . SID . '">' . $row->callsign . '</a>';
if ($showRoles) {
print " <small>({$row->role})</small>";
}
echo '<br><font size=-2>(' . $row->datesent . ')</font></td>';
$msgbody = smileys(wordwrap(nl2br(htmlspecialchars($row->msg)), 75, " ", true));
// DMP 19oct2007: Added wordwrap to break annoyingly long lines
$highlight = false;
// Setup available commands
// Comamnds: If a ALL key exists, it will be the only one showed, otherwise all elements is shown
$commands = array();
if ($allowDelete) {
if ($action == 'delete' && $id == $row->msgid) {
$highlight = true;
$commands['ALL'] = 'Confirmation: ' . htmlLink('Delete', 'bzforums', 'action=delete2&id=' . $row->msgid . '&forumid=' . $forumid . '&threadid=' . $threadid . '&top=' . $top) . ' OR ' . htmlLink('Cancel?', 'bzforums', 'id=' . $row->msgid . '&forumid=' . $forumid . '&threadid=' . $threadid . '&top=' . $top);
} else {
$commands[] = htmlLink('[delete]', 'bzforums', 'action=delete&id=' . $row->msgid . '&forumid=' . $forumid . '&threadid=' . $threadid . '&top=' . $top);
}
}
if ($allowEdit) {
$commands[] = htmlLink('[edit]', 'bzforums', 'action=edit&id=' . $row->msgid . '&forumid=' . $forumid . '&threadid=' . $threadid . '&top=' . $top);
}
if ($highlight) {
echo '<td valign=top><font color=red>' . $msgbody . '</font>';
} else {
echo '<td valign=top>' . $msgbody;
}
if ($row->status == 'edited') {
echo "<BR><small>(Message edited by {$row->editedby} at: {$row->status_at})</small>";
}
echo '</td></tr>';
// Show commands if any
if (count($commands)) {
// if action is set dont show i$commands unless it contains 'ALL'
if ($action != '' && isset($commands['ALL']) || $action == '') {
echo '<tr><td align="right" colspan="2" valign=top><small>' . (isset($commands['ALL']) ? $commands['ALL'] : join(' ', $commands)) . '</small></td></tr>';
} else {
echo '<tr></tr>';
}
}
$cf = 3 - $cf;
}
echo '</table>';
if ($curpage < $numpages) {
echo '<CENTER><BR>' . htmlURLbutSmall("NEXT Page", $link, "forumid={$forumid}&threadid={$threadid}&top=" . $curpage * $POSTSPERPAGE);
}
} else {
if (isset($forumid) && !isset($addpost)) {
// Display specific forum
// Control buttons
if ($allowNew) {
echo '<div align=right>' . htmlURLbutton('New Topic', $link, "forumid={$forumid}&action=new&top={$top}") . '</div>';
}
if ($allowViewDeleted) {
$viewClause = '';
} else {
$viewClause = "AND l_forumthread.status != 'deleted' ";
}
$res = mysql_query("select l_forumthread.id,l_forumthread.subject, l_player.id pid, \n l_player.callsign, max(l_forummsg.datesent) ds, \n unix_timestamp(max(l_forummsg.datesent)) datesent_ts,\n l_forumthread.status, \n l_forumthread.status_at,\n splayer.callsign as status_by, l_forumthread.is_sticky\n from (l_forumthread, l_forummsg, l_player, l_player l_player2)\n left join l_player splayer ON (splayer.id = l_forumthread.status_by)\n where l_forumthread.forumid={$forumid}\n and l_forumthread.creatorid = l_player.id\n {$viewClause}\n and l_forumthread.id = l_forummsg.threadid\n and l_player2.id = l_forummsg.fromid\n group by l_forumthread.id, l_forumthread.subject, l_player.id, l_player.callsign\n order by l_forumthread.is_sticky DESC, ds desc") or die(mysql_error());
// Table header
echo '<table align=center border=1 cellspacing=0 cellpadding=1>';
echo '<tr class=tabhead><td width=50%>Topic</td><td align=center>Replies</td><td
align=center>Last Comment</td><td align=center>Started by</td></tr>';
while ($row = mysql_fetch_object($res)) {
// Get the last author for this topic
$la = mysql_fetch_object(mysql_query("select l_player.id pid, l_player.callsign\n from l_player, l_forummsg\n where threadid = {$row->id}\n and fromid = l_player.id\n order by datesent desc\n limit 0, 1"));
$nr = mysql_fetch_object(mysql_query("select count(*)-1 num\n from l_forummsg\n where threadid = " . $row->id));
echo '<tr><td>';
if ($row->is_sticky == 1) {
print '<b>STICKY</b> ';
}
if ($row->status == 'locked') {
echo '<b>LOCKED</b>; ';
} elseif ($row->status == 'deleted') {
echo '<b>DELETED</b>; ';
}
echo '<a href="index.php?link=' . $link . '&forumid=' . $forumid . '&threadid=' . $row->id . '&' . SID . '">';
if (empty($row->subject)) {
$row->subject = '(no subject)';
}
if (isset($_SESSION['last_login']) && $_SESSION['last_login'] < $row->datesent_ts) {
echo '<font color="red"><b>' . smileys($row->subject) . '</b></font></a>';
} else {
echo smileys($row->subject) . '</a>';
}
$numpages = floor(($nr->num + 1 + $POSTSPERPAGE - 1) / $POSTSPERPAGE);
if ($numpages > 1) {
echo ' (<img src="' . THEME_DIR . '/multipage.gif"> ';
for ($i = 2; $i <= $numpages; $i++) {
$t = ($i - 1) * 10;
echo '<a href="index.php?link=' . $link . '&top=' . $t . '&forumid=' . $forumid . '&threadid=' . $row->id . '&' . SID . '">' . $i . '</a> ';
}
echo ')';
}
if ($row->status != 'normal') {
if (!$row->status_by) {
$row->status_by = 'SYSTEM';
}
echo "<br /><small>by {$row->status_by} at {$row->status_at}</small>";
}
echo '</td>
<td align=center>' . $nr->num;
echo '</td>
<td align=center>' . $row->ds . '<br>by <a href="index.php?link=playerinfo&id=' . $la->pid . '&' . SID . '">' . $la->callsign . '</a></td>
<td align=center><a href="index.php?link=playerinfo&id=' . $row->pid . '&' . SID . '">' . $row->callsign . '</a></td>
</tr>';
}
echo '</table>';
} elseif ($action == '') {
// Display forums list
$res = mysql_query("select l_forum.id, l_forum.title, ifnull(max(l_forummsg.datesent),'n/a') md, count(l_forummsg.msgid) num,\n unix_timestamp(max(l_forummsg.datesent)) as datesent_ts\n from l_forum \n left join l_forumthread on (l_forum.id = l_forumthread.forumid AND l_forumthread.status != 'deleted')\n left join l_forummsg on l_forumthread.id = l_forummsg.threadid\n where l_forum.status = 'open'\n group by l_forum.id, l_forum.title\n order by title") or die(mysql_error());
echo '<table align=center border=0 cellspacing=0 cellpadding=1>
<tr class=tabhead><td>Forums</td><td align=right># Posts</td><td align=center>Last Comment</td></tr>';
while ($row = mysql_fetch_object($res)) {
echo '<tr><td><a href="index.php?link=' . $link . '&forumid=' . $row->id . '&' . SID . '">';
if (isset($_SESSION['last_login']) && $_SESSION['last_login'] < $row->datesent_ts) {
echo "<font color=\"red\">" . $row->title . "</font>";
} else {
echo $row->title;
}
echo '</a></td><td align=center>' . $row->num . '</td><td align=center>' . $row->md . '</td></tr>';
}
echo '</table>';
}
}
}
function section_playerinfo_displayPlayer(&$se)
{
$s_level = $_SESSION['level'];
$s_logedin = isAuthenticated();
$s_playerid = $_SESSION['playerid'];
$s_leader = $_SESSION['leader'];
$s_teamid = $_SESSION['teamid'];
$editAny = isFuncAllowed('edit_any_players');
echo '<table width=90% align=center border=0 cellspacing=0 cellpadding=1>
<tr><td class=playername align=center>' . $se->callsign . '<BR><BR></td></tr>';
// Logo if any
if ($se->logo != "") {
echo '<tr><td align=center>' . section_playerinfo_dispLogo($se->logo, $se->logobg) . '<hr></td></tr>';
}
// Bio if any
if ($se->comment != "") {
echo "<tr><td class=playerbio>" . nl2br($se->comment) . "<hr></td></tr>";
}
// misc info ....
echo '</td></tr><TR><TD><table align=center><TR><TD width=100 valign=top align=left>';
if ($se->flagname) {
echo '<img src="' . FLAG_DIR . "c-{$se->flagname}.gif\">";
}
echo '</td><TD><TABLE>';
// Team if any
if ($se->teamname != "") {
echo "<tr><td>";
if ($se->leader == $se->id) {
$d = '<nobr>Leader (<img src="' . THEME_DIR . 'leader.gif">) of team</nobr>';
} else {
$d = "<nobr>Member of team</nobr>";
}
section_playerinfo_tab2($d, htmlLink($se->teamname, 'teaminfo', "id={$se->teamid}"));
} else {
echo "<tr><td align=center colspan=2>Does not belong to any team</td></tr>";
}
if ($se->altnik1 || $se->altnik2) {
if ($se->altnik1 && $se->altnik2) {
$plural = 's';
$niks = $se->altnik1 . ', ' . $se->altnik2;
} else {
if ($se->altnik1) {
$niks = $se->altnik1;
} else {
$niks = $se->altnik2;
}
}
section_playerinfo_tab2("<nobr>Alternate callsign{$plural}</nobr>", $niks);
}
if ($se->countryname) {
$loc = $se->countryname;
if ($se->stateabbr) {
$loc .= ' (';
if ($se->city) {
$loc .= $se->city . ', ';
}
$loc .= "{$se->stateabbr})";
}
section_playerinfo_tab2('Location', $loc);
}
if ($se->utczone || $se->zonename) {
section_playerinfo_tab2('Time zone', 'GMT ' . section_playerinfo_numPlus($se->utczone) . " ({$se->zonename})");
}
section_playerinfo_tab2('Site Member Since', date('Y-m-d', $se->created));
if (isset($se->last_login)) {
section_playerinfo_tab2('Last login', date('Y-m-d H:i', $se->last_login));
}
echo '<TR><TD colspan=2><HR></td></tr>';
if ($se->emailpub == 'Y') {
section_playerinfo_tab2('email', section_playerinfo_obsMail($se->email));
}
section_playerinfo_tab2('AIM', $se->aim);
section_playerinfo_tab2('IRC', $se->ircnik1);
section_playerinfo_tab2('ICQ', $se->icq);
section_playerinfo_tab2('YIM', $se->yim);
section_playerinfo_tab2('MSM', $se->msm);
section_playerinfo_tab2('Jabber', $se->jabber);
echo '</table></td><TD width=50></td></tr></table></tr>';
// Frequentation statistics
if ($se->status != 'deleted') {
echo '<tr><td><BR><BR>';
section_playerinfo_Frequentation($se->id);
echo '<BR></td></tr>';
}
if ($se->status != 'deleted') {
// Send a message to this player (but not to myself!)
if ($s_logedin && $s_playerid != $se->id) {
echo '<tr><td><hr></td></tr><tr align=center><td><TABLE><TR><TD>' . htmlURLbutton('SEND BZmessage', 'sendmessage', "pid={$se->id}");
// If I am a team leader, and my team is not full, I can invite him
if (isAuthenticated() && $_SESSION['leader']) {
// Check if my team full
$team = mysql_fetch_object(mysql_query("select count(*) as num from l_player where team={$s_teamid}"));
if ($team->num < 20) {
$mytn = queryGetTeamName($s_teamid);
echo '<TD width=5></td><TD>' . htmlURLbutton("INVITE to {$mytn}", 'invite', "id={$se->id}") . '</td>';
}
}
echo '</tr></table></td></tr>';
}
// Administrators and owner can edit a player
if ($s_logedin && ($editAny || $s_playerid == $se->id)) {
if ($editAny && $s_playerid != $se->id) {
$class = ADMBUT;
}
echo '<tr><td align=center><hr><TABLE><TR><TD>' . htmlURLbutton('Edit Profile', 'playeradmin', "id={$se->id}&edt_st=1", $class);
if (isFuncAllowed('visitlog::visit_log')) {
echo '</td><TD width=5></td><TD>' . htmlURLbutton('Visits', 'visitlog', "id={$se->id}", ADMBUT);
}
if (isFuncAllowed('deleteplayer::delete_player') && $se->role_id != ADMIN_PERMISSION) {
echo '</td><TD width=5></td><TD>' . htmlURLbutton('DELETE Player', 'deleteplayer', "id={$se->id}", ADMBUT);
}
echo '</td></tr></table></td></tr>';
}
}
echo "</table>";
}
function section_teamadmin()
{
require_once 'lib/common.php';
$TEAMSIZE = 20;
$vars = array('id', 'f_password', 'f_ok_x', 'f_comment', 'f_logo', 'f_name', 'f_status', 'f_password1', 'f_password2', 'link', 'f_leader');
foreach ($vars as $var) {
${$var} = isset($_POST[$var]) ? $_POST[$var] : $_GET[$var];
}
// Check permission
$allowed = 0;
$obj = mysql_fetch_object(mysql_query("select name, comment, leader, logo, password, status, adminclosed from l_team where id=" . $id));
$res = mysql_fetch_object(mysql_query("select count(*) num from l_player where team=" . $id));
$numplayer = $res->num;
if (isFuncAllowed('edit_any_team') || $_SESSION['playerid'] == $obj->leader) {
// Admin or team leader, allowed
$allowed = 1;
} else {
// Check password
$cypher = substr(crypt($f_password, substr($obj->password, 0, 2)), 0, 13);
if ($cypher == $obj->password) {
// Good password, allowed
$allowed = 1;
}
}
echo '<BR>';
if ($obj->status == 'deleted') {
echo "<center>Sorry, you cannot edit a deleted team.</center>";
} else {
if (!$allowed) {
echo "<center>Sorry, you don't have the permission to edit the <a href=\"index.php?link=teaminfo&id=" . $id . "&" . SID . "\">" . $obj->name . "</a> team, or you entered an incorrect password.</center>";
} else {
if ($f_ok_x) {
$f_comment = stripslashes($f_comment);
$f_logo = stripslashes($f_logo);
$f_name = stripslashes($f_name);
$f_status = stripslashes($f_status);
} else {
$f_comment = $obj->comment;
$f_logo = $obj->logo;
$f_name = $obj->name;
$f_status = $obj->status;
}
$error = 1;
if ($f_ok_x) {
$error = 0;
// Check password
if ($f_password1 != $f_password2) {
$error = 1;
echo "<div class=error>The passwords don't match</div>";
} else {
if ($f_password1 != "") {
$cypher = ", password='******'$1') . "'";
} else {
$cypher = "";
}
}
// Check duplicate team names
$res = mysql_query("select name from l_team where id!={$id} and name=\"" . addslashes($f_name) . "\"");
if (mysql_num_rows($res) != 0) {
$error = 1;
echo "<div class=error>A team with this name: '{$f_name}' already exists</div>";
$f_name = $obj->name;
}
// Check empty team name
if ($f_name == '') {
$error = 1;
echo "<div class=error>The team name can't be empty</div>";
$f_name = $obj->name;
}
// Check logo
//$msg = checkLogoSize($f_logo);
$msg = '';
if ($msg != '') {
$error = 1;
echo "<div class=error>{$msg}</div>";
}
}
if ($error) {
echo "<form method=post><table align=center border=0 cellspacing=0 cellpadding=1>";
// Hidden fields
echo '<input type=hidden name=f_password value="' . $f_password . '">';
echo '<input type=hidden name=link value="' . $link . '">';
if (isAdmin() || $_SESSION['playerid'] == $obj->leader) {
// Admins and leaders can change the team name
echo '<tr><td>Team name:</td><td><input name=f_name size=40 maxlength=40 value="' . $f_name . '"></td></tr>';
} else {
echo "<tr><td align=center colspan=2 class=tablehead><div class=teamname><b>" . $obj->name . "</b></div><input type=hidden name=f_name value=\"{$f_name}\"></td></tr>";
}
// Logo
if ($obj->logo != "") {
echo '<tr><td align=center colspan=2><BR><img src="' . $obj->logo . '"></td></tr>';
}
echo '<tr><td>Logo URL (400x300 max!):</td><td><input type=text size=60 maxlength=200 name=f_logo value="' . $f_logo . '"></td></tr>';
echo "<tr><td colspan=2><hr></td></tr>";
// Admin and leaders can change the team password
if (isAdmin() || $_SESSION['playerid'] == $obj->leader) {
// Password
echo '<tr><td>Password:</td><td><input type=password size=8 maxlength=8 name=f_password1 value="' . $f_password1 . '"> (leaving the fields empty will keep the current password)</td></tr>
<tr><td>Password:</td><td><input type=password size=8 maxlength=8 name=f_password2 value="' . $f_password2 . '"></td></tr>
<tr><td colspan=2><hr></td></tr>';
}
// Admin and leaders can change the team status
if (isAdmin() || $_SESSION['playerid'] == $obj->leader) {
if ($numplayer >= 3 && $numplayer < $TEAMSIZE) {
// Can change status IF there are 3 players or more
echo "<tr><td>Team status:</td><td><select name=f_status>";
if ($f_status == 'opened') {
echo '<option selected value=opened>opened</option>
<option value=closed>closed</option>';
} else {
echo '<option value=opened>opened</option>
<option selected value=closed>closed</option>';
}
echo "</select></td></tr>";
} else {
if ($numplayer == 1) {
$typo = 'player';
} else {
$typo = 'players';
}
echo '<input type=hidden name=f_status value="' . $obj->status . '">';
echo '<tr><td align=center colspan=2>The team is currently ' . $obj->status . ' (forced because you have ' . $numplayer . ' ' . $typo . ')</td></tr>';
}
} else {
echo '<tr><td align=center colspan=2>The team is currently ' . $obj->status . '</td></tr>';
}
if (isAdmin() || $_SESSION['playerid'] == $obj->leader) {
echo "<tr>";
echo "<td>Leader</td>";
echo "<td><select name=\"f_leader\">";
$sql = "SELECT id, callsign FROM l_player WHERE team = '{$id}' ORDER by callsign";
$res = mysql_query($sql);
while ($row = mysql_fetch_row($res)) {
if ($row[0] == $obj->leader) {
print "<option value=\"\" SELECTED>" . stripslashes($row[1]) . " (current leader)</option>";
} else {
print "<option value=\"{$row[0]}\">" . stripslashes($row[1]) . "</option>";
}
}
echo "</select>";
echo "</td>";
echo "</tr>";
}
// Comment
echo '<tr><td colspan=2>Comment:<br><textarea name=f_comment cols=50 rows=6>' . $f_comment . '</textarea></td></tr>
<tr><td colspan=2><hr></td></tr>
<tr><td align=center colspan=2><table><tr><td>' . htmlFormButton(' OK ', 'f_ok_x') . '</td><td width=8></td><td>' . htmlURLbutton('Cancel', 'teaminfo', "id={$id}", CLRBUT) . '</td></tr></table></td></tr></table></form>';
} else {
// Update the table
if (!empty($f_leader)) {
$sql = "SELECT 1 FROM l_player WHERE id = '{$f_leader}' AND team = {$id} ";
$res = mysql_query($sql);
if (mysql_fetch_row($res)) {
$_SESSION['leader'] = $f_leader == $_SESSION['playerid'] ? 1 : 0;
$f_leader = 'leader = ' . $f_leader . ', ';
} else {
$f_leader = '';
}
} else {
$f_leader = '';
}
if ($f_status == '') {
$f_status = 'opened';
}
if ($f_status != $obj->status) {
// Changed the status
if ($f_status == 'closed') {
$adminclosed = 'yes';
} else {
$adminclosed = 'no';
}
} else {
// Keep current status
$adminclosed = $obj->adminclosed;
}
sqlQuery($sql = 'update l_team
set logo="' . addSlashes($f_logo) . '",
comment="' . addSlashes($f_comment) . '" ' . $cypher . ',
name="' . addSlashes($f_name) . '",
adminclosed="' . $adminclosed . '", ' . $f_leader . '
status="' . $f_status . '"
where id=' . $id);
echo '<BR><center>Thank you, <a href="index.php?link=playerinfo&id=' . $_SESSION['playerid'] . '&' . SID . '">' . $_SESSION['callsign'] . '</a>, for updating the <a href="index.php?link=teaminfo&id=' . $id . '&' . SID . '">' . $f_name . '</a> team.</center>';
// If changed the team name, inform the team members
if ($f_name != $obj->name) {
echo '<center>You changed the team name, we inform your team members.</center>';
sendBzMail(0, $id, 'Team renamed!', '<center>---ADMINISTRATIVE MESSAGE---</center><br>' . $_SESSION['callsign'] . ' just changed the name of your team from <i>' . $obj->name . '</i> to <i>' . $f_name . '</i>.', true, true);
}
}
}
}
}
function section_fights_doForm($teamid, $numdays, $detail)
{
echo '<TABLE align=center class=insetForm><TR><TD>';
echo "<TABLE border=0 cellpadding=0 cellspacing=0><TR valign=middle><TD>\n <form action=\"index.php\" name=none>\n <input type=hidden name=link value=fights>\n <input type=hidden name=id value={$teamid}>\n Period: </td><TD>\n <select name=days>";
htmlOption(15, '15 days', $numdays);
htmlOption(30, '30 days', $numdays);
htmlOption(60, '60 days', $numdays);
htmlOption(90, '90 days', $numdays);
htmlOption(182, '6 months', $numdays);
htmlOption(365, '1 year', $numdays);
htmlOption(0, 'ALL', $numdays);
echo "</select><BR>\n </td><TD width=15></td>";
if (isFuncAllowed('match_detail')) {
echo "<TD>Detail: </td><TD>\n <select name=det>";
htmlOption(0, 'none', $detail);
htmlOption(2, 'some', $detail);
htmlOption(5, 'all', $detail);
echo "</select><BR>\n </td><TD width=15></td>";
}
echo '<TD align=left>' . htmlFormButSmall('Show me', '') . '</td></tr></table></td></tr></table></form>';
}
function adminMenu()
{
//if ($GLOBALS['UserLevel']=='player' || $GLOBALS['UserLevel']=='guest')
// return;
$admMenu = array(array('entermatch::enter_match', 'Enter Match', 'entermatch', '', LINK_BOLD), array('admintext::edit_homepage', 'Homepage', 'admintext', 'func=homepage'), array('news::edit_news', 'News Edit', 'newsadmin'), array('shame::edit_shame', 'HOS Edit', 'shameadmin'), array('links::edit_links', 'Links Edit', 'linkadmin'), array('admintext::edit_contacts', 'Contacts', 'admintext', 'func=contact'), array('admintext::edit_faq', 'FAQ Edit', 'admintext', 'func=faq'), array('admintext::edit_rules', 'Rules Edit', 'admintext', 'func=rules'), array('adminlist::list_admins', 'Admin List', 'adminlist'), array('runmaintenance::maintenance', 'Maintenance', 'runmaintenance'), array('reviveteam::revive_team', 'Revive Team', 'reviveteam'), array('visitlog::visit_log', 'Visits Log', 'visitlog'), array('ipreport::ipreport', 'IP Report', 'ipreport'), array('dispchangelog::disp_changelog', 'ChangeLog', 'dispchangelog'), array('badpass::badpass', 'BadLogin', 'badpass'), array('admintext::edit_todo', 'Scratchpad', 'admintext', 'func=todo'), array('debug::debug', 'Debug', 'debug'), array('permissions::permissions', 'Permissions', 'permissions'), array('permissions::permissions', 'Roles', 'permissions', 'func=roles'), array('createaccount::create_account', 'Create Acct', 'createaccount'), array('addseason::add_season', 'Seasons', 'addseason'));
$colCount = 0;
$out = '<TABLE class=admback width=100%><TR><TD>';
$out .= '<TABLE align=center class=admbar cellpadding=0 cellspacing=0><TR>';
foreach ($admMenu as $mi) {
if (isFuncAllowed($mi[0])) {
$out .= '<TD align=center width=90><nobr>' . htmlLink($mi[1], $mi[2], $mi[3], $mi[4]) . '</nobr></td>';
if (++$colCount % 8 == 0) {
$out .= '</tr><TR>';
}
}
}
$out .= '</tr></table></td></tr></table>';
if ($colCount) {
print $out;
}
}
