function section_news_common($admReq) { $numarts = $_GET['numarts']; if ($numarts < 5 || $numarts > 1000) { $numarts = 15; } if (isFuncAllowed('news::edit_news') && $admReq) { $adm = true; foreach (array('id', 'text', 'date', 'state', 'del') as $v) { ${$v} = $_POST[$v]; } if (!isset($id)) { $id = $_GET['id']; } echo '<CENTER>'; if (isset($id)) { if ($state == 1) { echo '<DIV class=feedback><BR>'; section_news_submit($id, $del, $text, $date); echo '</div><BR>'; } else { section_news_presentForm($id); return; } } } //unset ($_SESSION['new_news']); section_news_displayNews($adm, $_GET['link'], $numarts); }
function section_online() { echo '<BR>'; $showIP = isFuncAllowed('show_ip'); $logged = sqlQuery('SELECT callsign, MIN(' . SESSION_LIFETIME . '-(UNIX_TIMESTAMP(expire)-UNIX_TIMESTAMP())) AS idle, ip, playerid FROM ' . TBL_SESSION . ' WHERE callsign IS NOT NULL AND expire > NOW() GROUP BY callsign '); if (!$logged) { echo 'Data problems - try back later<BR>'; return; } $guests = sqlQuery('SELECT MIN(' . SESSION_LIFETIME . '-(UNIX_TIMESTAMP(expire)-UNIX_TIMESTAMP())) AS idle, ip FROM ' . TBL_SESSION . ' WHERE callsign IS NULL AND expire > NOW() GROUP BY ip'); if (mysql_num_rows($logged) == 0 && mysql_num_rows($guests) == 0) { echo "<center>Nobody's online</center>"; return; } echo '<center><table>'; while ($row = mysql_fetch_object($logged)) { echo '<TR><TD>' . $ipLong . playerLink($row->playerid, $row->callsign) . ' </td><TD> (idle: ' . section_online_timestr($row->idle) . ')</td>'; if ($showIP) { echo "<TD width=10></td><TD>{$row->ip}</td>"; } echo '</tr>'; } if (isFuncAllowed('show_guests')) { echo '<TR><TD colspan=5><BR></td></tr>'; while ($row = mysql_fetch_object($guests)) { // Ignore googlebot and msnbot/microsoft surfers. Narrow this down if possible if (!section_online_matchCIDR($row->ip, "66.249.64.0/19") && !section_online_matchCIDR($row->ip, "207.46.0.0/16")) { echo '<TR><TD>guest </td><TD> (idle: ' . section_online_timestr($row->idle) . ')</td>'; if ($showIP) { echo "<TD width=10></td><TD>{$row->ip}</td>"; } echo '</tr>'; } } } echo '</table></center>'; }
function section_links_links($admReq) { if (isFuncAllowed('links::edit_links') && $admReq) { $adm = true; foreach (array('id', 'url', 'title', 'comment', 'state', 'ord', 'del') as $v) { ${$v} = $_POST[$v]; } if (!isset($id)) { $id = $_GET['id']; } echo '<BR><CENTER>'; if (isset($id)) { if ($state == 1) { echo '<DIV class=feedback>'; section_links_submitLink($id, $title, $url, $comment, $ord, $del); echo '</div><BR>'; } else { section_links_presentForm($id); return; } } } section_links_displayLinks($adm); }
function section_banplayer() { require_once 'lib/common.php'; $playerid = $_GET['playerid']; $teamid = $_GET['teamid']; $f_okban_x = $_GET['f_okban_x']; $f_ok_x = $_GET['f_ok_x']; $callsign = $_GET['callsign']; $name = $_GET['name']; $link = $_GET['link']; $player = mysql_fetch_object(mysql_query("select callsign from l_player where id=" . $playerid)); $team = mysql_fetch_object(mysql_query("select name from l_team where id=" . $teamid)); // FIXME: Ok, for now I ignore that players with teampassword can ban other // players. This is just a quick fix, before there was NO checks WHATSOEVER // if the operation was allowed // Check permission $allowed = 0; $obj = mysql_fetch_object(mysql_query("select name, comment, leader, logo, password, status, adminclosed from l_team where id=" . $teamid)); $res = mysql_fetch_object(mysql_query("select count(*) num from l_player where team=" . $teamid)); $numplayer = $res->num; if (isFuncAllowed('teamadmin::edit_any_team') || $_SESSION['playerid'] == $obj->leader) { // Admin or team leader, allowed $allowed = 1; } else { // FIXME: This wont work, as the link does not contain the teampassword. /* // Check password $cypher = substr (crypt($f_password, substr($obj->password, 0, 2)), 0, 13); if($cypher == $obj->password) { // Good password, allowed $allowed = 1; } */ errorPage("Permission denied."); return; } if ($f_okban_x) { // Ban confirmed // Open team is not administratively closed, or if num players<3 $pl = mysql_fetch_object(mysql_query("select count(*) num from l_player where team=" . $teamid)); if ($pl->num == 3) { mysql_query("update l_team set status='opened' where id=" . $teamid); } else { mysql_query("update l_team set status='opened' where adminclosed='no' and id=" . $teamid); } mysql_query("update l_player set team=0 where id=" . $playerid); echo '<center>Well <a href="index.php?link=playerinfo&id=' . $_SESSION['playerid'] . '">' . $_SESSION['callsign'] . '</a>, <a href="index.php?link=playerinfo&id=' . $playerid . '">' . $callsign . '</a> is no longer a member of the team <a href="index.php?link=teaminfo&id=' . $teamid . '">' . $name . '</a>'; //TODO: reload of page sends multiple messages ... ? echo '<br>A message has just been sent to the user.</center>'; sendBzMail(0, $playerid, 'You have been released!', 'Sorry, but ' . $_SESSION['callsign'] . ' released you from the ' . $team->name . ' team<br>'); } else { if (!$f_ok_x) { // Someone is playing with the headers echo "<center>Hey! Please stop playing with your browser!</center>"; } else { echo '<center>Please confirm that you want to ban <a href="index.php?link=playerinfo&id=' . $playerid . '&' . SID . '">' . $player->callsign . '</a> from the team <a href="index.php?link=teaminfo&id=' . $teamid . '&' . SID . '">' . $team->name . '</a>.</center>'; echo '<center><BR><form method=GET>' . SID_FORM . ' <input type=hidden name=link value=' . $link . '> <input type=hidden name=playerid value=' . $playerid . '> <input type=hidden name=teamid value=' . $teamid . '> <input type=hidden name=callsign value="' . $player->callsign . '"> <input type=hidden name=name value="' . $team->name . '">' . '<table border=0><TR><TD>' . htmlFormButton(' BAN ', 'f_okban_x') . ' </td><TD> ' . htmlURLbutton('Cancel', 'teaminfo', "id={$teamid}", CLRBUT) . ' </td></tr></table> </form></center>'; } } }
function section_entermatch_editForm($mid, $teama, $teamb, $scorea, $scoreb, $dte, $tme, $mlen) { // enter form follows .... echo "<center><TABLE width=200><TR><TD align=center>\n <TABLE cellpadding=5><TR><TD align=center>TEAM</td><TD>Score</td></tr>\n <form method=post action=\"index.php\"><TR><TD>\n <input type=hidden name=link value=editmatch>\n <input type=hidden name=state value=1>\n <input type=hidden name=mid value={$mid}>"; echo snFormInit(); section_entermatch_htmlTeamSelect('teama', $teama); echo "</td><TD><input size=3 maxlength=3 value=\"{$scorea}\" name=scorea></td></tr><TR><TD>"; section_entermatch_htmlTeamSelect("teamb", $teamb); echo "</td><TD><input size=3 maxlength=3 value=\"{$scoreb}\" name=scoreb></td></tr></table>"; if ($dte == '') { $dte = gmdate('Y-m-d'); } if ($tme == '') { $tme = gmdate('H:i:s'); } echo "<BR><HR>\n <TABLE><TR><TD align=right>\n <nobr>DATE: <input type=text name=dte size=10 maxlength=10 value=\"{$dte}\"></nobr>\n <p>\n <nobr>TIME: <input type=text name=tme size=10 maxlength=8 value=\"{$tme}\"></nobr>\n </td><TD> </td><TD valign=top><nobr>Actual date/time of match (GMT).</nobr><BR>Chronological "; $mlens = section_entermatch_durations(); if (count($mlens) == 1) { print "<input type=hidden name=mlen value=" . $mlens[0] . ">"; } else { print "<p> <nobr>LENGTH: "; print "<select name=\"mlen\">"; foreach ($mlens as $duration) { htmlOption($duration, "{$duration} mins", $mlen); } print "</select>"; } echo "</td><TD> </td><TD valign=top><nobr>Actual date/time of match (GMT).</nobr><BR>Chronological \n order of matches can affect team rankings!"; echo '</td></tr></table><TR><TD align=center><HR><TABLE align=center><TR><TD>'; if ($mid) { echo htmlFormButton(' EDIT ', '') . '</td>'; if (isFuncAllowed('delete_match')) { echo '<TD width=8></td><TD>' . htmlFormButton('DELETE', 'del') . '</td>'; } } else { echo htmlFormButton('Enter', '') . '</td>'; } echo '<TD width=8></td><TD>' . htmlFormReset('Reset') . ' </td></tr></table></form> </td></tr></table><p><p>'; }
function section_teaminfo() { require_once 'lib/common.php'; $s_teamid = $_SESSION['teamid']; $s_logedin = isAuthenticated(); $s_level = $_SESSION['level']; $s_playerid = $_SESSION['playerid']; $id = addslashes($_GET['id']); $res = mysql_query("SELECT name, comment, leader, logo, status, score, \n unix_timestamp(status_changed) as status_changed, unix_timestamp(created) as ucreated\n FROM l_team WHERE id='{$id}'"); $team = mysql_fetch_object($res); if (!$team) { echo '<BR><CENTER>Specified team does not exist<BR>'; return; } echo '<TABLE align=center><TR><TD>' . htmlURLbutton('Opponent summary', 'oppsumm', "id={$id}") . '</td>'; // Join this team if opened, and if we are logged and not belonging to any team if ($s_logedin && !$s_teamid && $members < 20 && $team->status == "opened") { echo '<TD>' . htmlURLbutton('Join Team', 'jointhisteam', "id={$id}") . '</td>'; } // Send a message to all the team members if ($s_logedin && $team->status != 'deleted') { echo '<TD>' . htmlURLbutton('Send BZmessage', 'sendmessage', "tid={$id}") . '</td>'; } echo '</tr></table>'; if ($team->status == 'deleted') { echo '<div class=feedback>'; if ($team->status_changed) { echo "<br><center>This team was deleted on " . gmdate('Y-m-d', $team->status_changed) . "</center>"; } else { echo "<br><center>This team is deleted.</center>"; } echo '</div>'; } echo '<BR><table align=center border=0 cellspacing=0 cellpadding=1> <tr><td class=teamName align=center>' . $team->name . '<BR></td></tr>'; // Logo if any if ($team->logo != "") { echo '<tr><td align=center> <table><TR><TD bgcolor=white><img src="' . $team->logo . '"></td></tr></table> <hr></td></tr>'; } // Ratings $act45 = teamActivity($id, 45); $act90 = teamActivity($id, 90); echo '<tr><td> <TABLE align=center> <TR><TD width=50% align=right>Created:</td><td width=10></td><td width=50%>' . gmdate('Y-m-d', $team->ucreated) . '</td></tr> <TR><TD align=right>Rating:</td><td></td><td>' . displayRating($id) . '</td></tr> <TR><TD align=right>Activity:</td><TD></td><td>' . sprintf('%1.2f / %1.2f', $act45, $act90) . '</td></tr> <TR><TD colspan=3 align=center> Average number of games played per day<BR> <NOBR>(exponential moving average over last 45 / 90 days)</nobr></td></tr>'; echo '</td></td></table></td></tr>'; // Matches statistics $sta1 = mysql_fetch_object(mysql_query("select ifnull(sum(if(score1>score2,1,0)),0) win,\n ifnull(sum(if(score1=score2,1,0)),0) draw,\n ifnull(sum(if(score1<score2,1,0)),0) loss\n from " . TBL_MATCH . " where team1={$id}")); $sta2 = mysql_fetch_object(mysql_query("select ifnull(sum(if(score2>score1,1,0)),0) win,\n ifnull(sum(if(score2=score1,1,0)),0) draw,\n ifnull(sum(if(score2<score1,1,0)),0) loss\n from " . TBL_MATCH . " where team2={$id}")); $win = $sta1->win + $sta2->win; $draw = $sta1->draw + $sta2->draw; $loss = $sta1->loss + $sta2->loss; echo "<tr><td align=center><hr>\n <table border=0 cellspacing=0 cellpadding=0 align=center><tr>\n <td align=center>Wins</td><td align=center> Draws </td><td align=center>Losses</td></tr><tr>\n <td align=center>{$win}</td><td align=center>{$draw}</td><td align=center>{$loss}</td>\n </tr></table>\n <hr></td></tr>"; // Comment if any if ($team->comment != "") { echo '<tr><td><ul>' . nl2br($team->comment) . '</ul><hr></td></tr>'; } // Players list $i = 0; if (SHOW_PLAYER_ACTIVE > 0) { $activeDays = SHOW_PLAYER_ACTIVE; } else { $activeDays = 0; } $res = mysql_query("select id, callsign, comment, status, C.flagname, \n last_login > subdate(now(), INTERVAL {$activeDays} DAY) as active\n from l_player\n left join bzl_countries C on country = C.numcode\n where team=" . $id . "\n order by active desc,callsign"); $members = 0; echo '<TR><TD><table border=0 cellspacing=0 cellpadding=0 align=center>'; while ($obj = mysql_fetch_object($res)) { $members++; if (++$i & 1) { $cl = "rowEven"; } else { $cl = "rowOdd"; } echo "<tr class='{$cl}' valign=middle>"; echo "<TD align=right><a href='index.php?link=playerinfo&id={$obj->id}'>{$obj->callsign}</a></td><TD>"; if ($obj->id == $team->leader) { echo ' <img TITLE="Team Leader" src="' . THEME_DIR . 'leader.gif">'; } echo '</td><TD>'; if ($obj->active) { echo ' <img TITLE="Active player (has logged into this site recently)" src="' . THEME_DIR . 'active.gif">'; } echo '</td><TD width=10></td>'; echo '<TD>' . smallflag($obj->flagname) . '</td>'; if ($s_logedin && (isFuncAllowed('teamadmin::edit_any_team') || $s_playerid == $team->leader)) { if ($obj->id != $team->leader) { // Link to ban a player from a team echo '<td align=center>' . htmlURLbutSmall('BAN', 'banplayer', "playerid={$obj->id}&teamid={$id}&f_ok_x=2", ADMBUT) . '</form></td></tr>'; } else { echo '<td> </td></tr>'; } } else { echo '<td> </td></tr>'; } echo "\n"; } echo '</td></tr></table>'; // Show last fights $sql = "SELECT t1.id, t1.name, f.score1, t2.id, t2.name, f.score2, f.tsactual, unix_timestamp(f.tsactual) tstamp_ts \n" . "FROM " . TBL_MATCH . " f, l_team t1, l_team t2 " . "WHERE (f.team1 = '{$id}' OR f.team2 = '{$id}') " . " AND f.team1 = t1.id " . " AND f.team2 = t2.id " . "ORDER BY f.tsactual DESC " . "LIMIT 11 "; $res = sqlQuery($sql); $tmp = ''; $count = 0; while ($row = mysql_fetch_array($res)) { $count++; if ($count < 11) { if (isset($_SESSION['last_login']) && $_SESSION['last_login'] < $row[7]) { $new1 = "<font color=\"red\">"; $new2 = "</font>"; } else { $new1 = ''; $new2 = ''; } if ($count % 2) { $cl = "rowEven"; } else { $cl = "rowOdd"; } $tmp .= "<tr class=\"{$cl}\">"; $tmp .= '<td align="right">' . $new1 . $row[6] . $new2 . '</td>'; if ($row[0] != $id) { $oppid = $row[0]; $oppname = stripslashes($row[1]); $oppscore = $row[2]; $teamscore = $row[5]; } else { $oppid = $row[3]; $oppname = stripslashes($row[4]); $oppscore = $row[5]; $teamscore = $row[2]; } $tmp .= "<td>{$new1}"; $oppname = '<a href="index.php?link=teaminfo&id=' . $oppid . '&' . SID . '">' . $new1 . $oppname . $new2 . '</a>'; if ($oppscore < $teamscore) { $tmp .= "<b>Won</b> against {$oppname}"; } elseif ($oppscore > $teamscore) { $tmp .= "<b>Lost</b> against {$oppname}"; } else { $tmp .= "<b>Tie</b> against {$oppname}"; } $tmp .= " ({$row[2]} - {$row[5]})"; $tmp .= "{$new2}</td>"; $tmp .= "</tr>\n"; } } echo '<tr>'; echo '<td align=center> <br><b>'; if ($count == 1) { echo 'Last match'; } else { if ($count == 11) { echo 'Last 10 matches, view them all <a href="index.php?link=fights&id=' . $id . '&' . SID . '">here</a>'; } elseif ($count == 0) { echo "No matches played"; } else { echo "Last {$count} matches"; } } echo '</b><BR><BR></td></tr><TR><TD>'; echo "<table align=center border=0>{$tmp}</table>"; // Or... edit your team if you are a leader or ad admin, or with a password if you are a member // Team members can't change the password, though... // Unless ofcause the team is deleted if ($team->status == 'deleted') { if ($team->status_changed) { echo "<br><center>This team is deleted as of " . gmdate('Y-m-d', $team->status_changed) . "</center>"; } else { echo "<br><center>This team is deleted.</center>"; } } else { if ($s_logedin && (isFuncAllowed('teamadmin::edit_any_team') || $s_teamid == $id)) { if (!isFuncAllowed('teamadmin::edit_any_team') && $s_playerid != $team->leader) { // Team member, need password echo '<form method=post> <input type=hidden name=link value=teamadmin> <input type=hidden name=id value=' . $id . '> <br><center>Enter team password <input type=password size=8 maxlength=8 name=f_password> and ' . htmlFormButton('Edit Team', 'f_edit_x') . ' </center></form>'; } else { $invites = sqlQuery("SELECT *, l_player.callsign FROM bzl_invites, l_player\n WHERE teamid={$id} AND expires > NOW() AND bzl_invites.playerid = l_player.id"); if (mysql_num_rows($invites) > 0) { echo '<BR><HR>Invitations currently active:<BR><TABLE>'; while ($row = mysql_fetch_object($invites)) { echo '<TR><TD width=25></td><TD>' . playerLink($row->playerid, $row->callsign) . "</td><TD width=10></td><TD>(expires: {$row->expires})</td></tr>"; } echo '</table><HR>'; } // Team leader or admin, let's go echo '<center><BR> ' . htmlURLbutton('Edit Team', 'teamadmin', "id={$id}", ADMBUT) . ' <BR> ' . htmlURLbutton('Dismiss Team', 'dismissteam', "id={$id}", ADMBUT); } } } }
function section_bzforums() { require_once 'lib/common.php'; $allowDelete = isFuncAllowed('post_delete'); $allowNew = isFuncAllowed('post_new'); $allowReply = isFuncAllowed('post_reply'); $allowEdit = isFuncAllowed('post_edit'); $allowLock = isFuncAllowed('topic_lock'); $allowSticky = isFuncAllowed('topic_sticky'); $allowTDelete = isFuncAllowed('topic_delete'); $allowViewDeleted = isFuncAllowed('topic_view_deleted'); $showRoles = isFuncAllowed('show_roles'); $POSTSPERPAGE = 10; $link = 'bzforums'; $utcNOW = gmdate("Y-m-d H:i:s"); // Variables: // top = which post is first on the page i think $vars = array('top', 'threadid', 'forumid', 'id', 'action'); foreach ($vars as $var) { ${$var} = $_REQUEST[$var]; } // Get and print the forum title if (isset($forumid)) { $row = mysql_fetch_object(mysql_query("select title, status from l_forum where id={$forumid}")); echo 'Forum: <a href="index.php?link=' . $link . '&' . SID . '"> <font size=+1>BZforums</font></a><font size=+1><i> / </i></font> <a href="index.php?link=' . $link . '&forumid=' . $forumid . '&' . SID . '"> <font size=+1>' . $row->title . '</font></a><hr>'; if ($row->status != 'Open') { print "This forum is not accessible. Sorry"; return; } } // check if we need to change permissions (eg, disallow reply/post for locked topics) if (isset($threadid)) { $threadid = intval($threadid); $row = mysql_fetch_object(mysql_query("select status, is_sticky from l_forumthread where id={$threadid}")); if ($row->status == 'locked' && !isAdmin()) { $allowNew = false; $allowReply = false; } elseif ($row->status == 'deleted' && !$allowViewDeleted) { errorPage('This topic is deleted'); return; } $threadstatus = $row->status; $threadsticky = $row->is_sticky; } // Perform deletion if ($allowDelete && $action == 'delete2' && $id != '') { $id = intval($id); mysql_query("DELETE FROM l_forummsg WHERE msgid = '{$id}' LIMIT 1") or die(mysql_error()); // Check if there is any message left for that thread $threadid = intval($threadid); $res = mysql_query("SELECT count(1) FROM l_forummsg WHERE threadid = '{$threadid}'") or die(mysql_error()); $row = mysql_fetch_row($res); if ($row[0] == 0) { // No messages in thread: deleting thread - jumo to threadlist mysql_query("DELETE FROM l_forumthread WHERE id = '{$threadid}' LIMIT 1") or die(mysql_error()); header("Location: index.php?link=bzforums&forumid={$forumid}"); exit; } $action = ''; } elseif ($action == 'lock') { $threadid = intval($threadid); if (!$allowLock) { errorPage("You are not allowed to lock topics"); return; } mysql_query("UPDATE l_forumthread SET status = 'locked', status_by = {$_SESSION['playerid']}, \n status_at = '{$utcNOW}' WHERE id = '{$threadid}' and status != 'locked' LIMIT 1") or die(mysql_error()); $action = ''; $threadstatus = 'locked'; } elseif ($action == 'revive') { $threadid = intval($threadid); if (!$allowLock && $threadstatus == 'locked') { errorPage("You are not allowed to unlock topics"); return; } if (!$allowTDelete && $threadstatus == 'deleted') { errorPage("You are not allowed to undelete topics"); return; } mysql_query("UPDATE l_forumthread SET status = 'normal', \n status_by = {$_SESSION['playerid']}, status_at = '{$utcNOW}' WHERE id = '{$threadid}' LIMIT 1") or die(mysql_error()); $action = ''; $threadstatus = 'normal'; } elseif ($action == 'deletetopic') { $threadid = intval($threadid); if (!$allowTDelete) { errorPage("You are not allowed to delete topics"); return; } mysql_query("UPDATE l_forumthread SET status = 'deleted', status_by = {$_SESSION['playerid']}, \n status_at = '{$utcNOW}' WHERE id = '{$threadid}' and status != 'deleted' LIMIT 1") or die(mysql_error()); $action = ''; $threadstatus = 'deleted'; } elseif ($action == 'sticky') { $threadid = intval($threadid); if (!$allowSticky) { errorPage("You are not allowed to use sticky"); return; } mysql_query("UPDATE l_forumthread SET is_sticky = 1 WHERE id = '{$threadid}' LIMIT 1") or die(mysql_error()); $action = ''; $threadsticky = 1; } elseif ($action == 'unsticky') { $threadid = intval($threadid); if (!$allowSticky) { errorPage("You are not allowed to use sticky"); return; } mysql_query("UPDATE l_forumthread SET is_sticky = 0 WHERE id = '{$threadid}' LIMIT 1") or die(mysql_error()); $action = ''; $threadsticky = 0; } elseif ($action == 'new' || $action == 'reply' || $action == 'edit') { if ($action == 'new' && !$allowNew) { errorPage("You are not allowed to post new topics"); return; } elseif ($action == 'reply' && !$allowReply) { errorPage("You are not allowed to reply"); return; } elseif ($action == 'edit' && !$allowEdit) { errorPage("You are not allowed to edit"); return; } echo '<form method=post name="post" action="index.php">' . SID_FORM; echo '<input type=hidden name=threadid value=' . $threadid . '>'; echo '<input type=hidden name=link value="' . $link . '">'; echo '<input type=hidden name=forumid value=' . $forumid . '>'; echo '<input type=hidden name=id value=' . $id . '>'; echo '<input type=hidden name=top value=' . $top . '>' . snFormInit(); echo '<table border=0 align=center cellspacing=0 cellpadding=0>'; echo '<tr class=tablehead><td colspan=2 align=center>'; if ($action == 'new') { echo 'New Topic'; } elseif ($action == 'reply') { echo 'New Reply'; } else { echo "Edit message"; } echo '</td></tr>'; echo '<tr><td>Subject: </td><td>'; if ($action == 'new') { print '<input type=text name=subject size=50 maxlength=80>'; } else { $row = mysql_fetch_object(mysql_query("select subject from l_forumthread where id={$threadid}")); echo '<i>' . $row->subject . '</i>'; } print '</td></tr>'; echo '<tr><td valign="top">Message</td><td>'; if ($action == 'edit') { $id = intval($id); $row = mysql_fetch_object(mysql_query("select msg from l_forummsg where msgid={$id}")); print '<textarea cols=50 rows=10 name=forummsg>' . htmlspecialchars($row->msg) . '</textarea>'; } else { print '<textarea cols=50 rows=10 name=forummsg></textarea>'; } print '</td></tr>'; // Form buttons echo '<tr><td colspan=2 align=center>' . htmlFormButton('OK', 'save_' . $action) . ' ' . htmlFormButton('Cancel', 'cancel', CLRBUT) . '</td></tr>'; print '<tr><td>Smiley:</td><td align="middle">'; $res = mysql_query("select image, code from l_smiley GROUP BY image") or die(mysql_error()); while ($row = mysql_fetch_object($res)) { print '<a href="#" onclick="javascript:document.post.forummsg.value += \' ' . $row->code . '\'"><img border=0 src="' . THEME_DIR . 'smilies/' . $row->image . '" border=0/></a> '; } print "</tr>"; echo '</table></form>'; } elseif (isset($_POST['save_new'])) { $forummsg = section_bzforums_stripExtraLF($_POST['forummsg']); $subject = $_POST['subject']; // New topic if ($allowNew) { mysql_query("INSERT INTO l_forumthread (id,forumid,creatorid,subject) VALUES(0, {$forumid}, {$_SESSION['playerid']}, '" . $subject . "')") or die(mysql_error()); $threadid = mysql_insert_id(); mysql_query("insert into l_forummsg(msgid,threadid,fromid,msg,datesent) \n values(0, {$threadid}, {$_SESSION['playerid']}, '" . $forummsg . "', '{$utcNOW}')") or die(mysql_error()); session_refresh_all(); } else { errorPage("You are not allowed to post new topics"); return; } } elseif (isset($_POST['save_reply'])) { $forummsg = section_bzforums_stripExtraLF($_POST['forummsg']); if ($allowReply) { snCheck('bzforums', "forumid={$forumid}&threadid={$threadid}"); mysql_query("insert into l_forummsg(msgid,threadid,fromid,msg,datesent) \n values(0, {$threadid}, {$_SESSION['playerid']}, '" . $forummsg . "', '{$utcNOW}')"); session_refresh_all(); } else { errorPage("You are not allowed to reply"); return; } } elseif (isset($_POST['save_edit'])) { $forummsg = section_bzforums_stripExtraLF($_POST['forummsg']); if ($allowReply) { $id = intval($id); snCheck('bzforums', "forumid={$forumid}&threadid={$threadid}"); // mysql_query("UPDATE l_forummsg SET msg = '$forummsg' WHERE msgid = '$id'"); mysql_query("UPDATE l_forummsg SET msg = '{$forummsg}', status = 'edited', \n status_by = {$_SESSION['playerid']}, status_at = '{$utcNOW}' WHERE msgid = '{$id}'"); session_refresh_all(); } else { errorPage("You are not allowed to edit"); return; } } if (isset($threadid)) { // Display a thread // Control buttons // 06/28/2002: $POSTSPERPAGE posts/page max. if (!isset($top)) { $top = 0; $newtop = 0; } if ($top == "") { $top = 0; $newtop = 0; } if ($action == '') { echo '<TABLE align=right><TR>'; if ($allowReply && $threadstatus != 'deleted') { echo '<td>' . htmlURLbutton('Add Reply', $link, "forumid={$forumid}&threadid={$threadid}&action=reply&top={$top}") . '</td>'; } if ($allowLock && $threadstatus != 'locked') { echo '<td>' . htmlURLbutton('Lock topic', $link, "forumid={$forumid}&threadid={$threadid}&action=lock&top={$top}", ADMBUT) . '</td>'; } if ($allowTDelete && $threadstatus != 'deleted') { echo '<td>' . htmlURLbutton('Delete topic', $link, "forumid={$forumid}&threadid={$threadid}&action=deletetopic&top={$top}", ADMBUT) . '</td>'; } if ($allowLock && $threadstatus == 'locked' || $allowTDelete && $threadstatus == 'deleted') { echo '<td>' . htmlURLbutton('Revive topic', $link, "forumid={$forumid}&threadid={$threadid}&action=revive&top={$top}", ADMBUT) . '</td>'; } if ($allowSticky) { if ($threadsticky) { echo '<td>' . htmlURLbutton('Remove sticky', $link, "forumid={$forumid}&threadid={$threadid}&action=unsticky&top={$top}", ADMBUT) . '</td>'; } else { echo '<td>' . htmlURLbutton('Make sticky', $link, "forumid={$forumid}&threadid={$threadid}&action=sticky&top={$top}", ADMBUT) . '</td>'; } } echo '</tr></table><BR clear=all>'; } $temp = mysql_fetch_object(mysql_query("select count(msgid) num from l_forummsg where threadid={$threadid}")); $numpost = $temp->num; $numpages = floor(($numpost + $POSTSPERPAGE - 1) / $POSTSPERPAGE); $curpage = $top / $POSTSPERPAGE + 1; $res = sqlQuery("select msgid, msg, datesent, l_forummsg.status, status_at, l_player.id pid, \n player2.callsign as editedby, l_player.callsign, r.name as role\n from (l_forummsg, l_player, bzl_roles r)\n LEFT JOIN l_player player2 ON player2.id = status_by\n where threadid={$threadid}\n and fromid = l_player.id\n and l_player.role_id = r.id\n order by datesent\n limit {$top}, {$POSTSPERPAGE}"); // Table header $sub = mysql_fetch_object(mysql_query("select subject, status from l_forumthread where id={$threadid}")); echo '<table align=center border=1 cellspacing=0 cellpadding=1>'; if ($threadsticky) { $status = '<b>Sticky</b> '; } else { $status = ''; } if ($sub->status == 'locked') { $status .= '<b>Locked</b> '; } elseif ($sub->status == 'deleted') { $status .= '<b>Deleted</b> '; } echo '<tr class=tabhead><td colspan=3><font size=+1>' . $status . '<i>' . smileys($sub->subject) . '</i></font>'; // Display pages if multiple pages and not adding a post if ($numpages > 1 && !isset($addpost)) { echo '<div align=right>'; for ($i = 1; $i <= $numpages; $i++) { if ($i == $curpage) { echo $i . ' '; } else { $newtop = ($i - 1) * $POSTSPERPAGE; echo '<a href="index.php?link=' . $link . '&forumid=' . $forumid . '&threadid=' . $threadid . '&top=' . $newtop . '&' . SID . '">' . $i . '</a> '; } } echo '</div>'; } echo '</td></tr>'; echo '<tr class=tablehead><td>Author</td><td>Message</td></tr>'; $cf = 1; while ($row = mysql_fetch_object($res)) { echo '<tr class=forum' . $cf . '>'; echo '<td valign=top rowspan="' . ($allowDelete ? 2 : 1) . '"><a href="index.php?link=playerinfo&id=' . $row->pid . '&' . SID . '">' . $row->callsign . '</a>'; if ($showRoles) { print " <small>({$row->role})</small>"; } echo '<br><font size=-2>(' . $row->datesent . ')</font></td>'; $msgbody = smileys(wordwrap(nl2br(htmlspecialchars($row->msg)), 75, " ", true)); // DMP 19oct2007: Added wordwrap to break annoyingly long lines $highlight = false; // Setup available commands // Comamnds: If a ALL key exists, it will be the only one showed, otherwise all elements is shown $commands = array(); if ($allowDelete) { if ($action == 'delete' && $id == $row->msgid) { $highlight = true; $commands['ALL'] = 'Confirmation: ' . htmlLink('Delete', 'bzforums', 'action=delete2&id=' . $row->msgid . '&forumid=' . $forumid . '&threadid=' . $threadid . '&top=' . $top) . ' OR ' . htmlLink('Cancel?', 'bzforums', 'id=' . $row->msgid . '&forumid=' . $forumid . '&threadid=' . $threadid . '&top=' . $top); } else { $commands[] = htmlLink('[delete]', 'bzforums', 'action=delete&id=' . $row->msgid . '&forumid=' . $forumid . '&threadid=' . $threadid . '&top=' . $top); } } if ($allowEdit) { $commands[] = htmlLink('[edit]', 'bzforums', 'action=edit&id=' . $row->msgid . '&forumid=' . $forumid . '&threadid=' . $threadid . '&top=' . $top); } if ($highlight) { echo '<td valign=top><font color=red>' . $msgbody . '</font>'; } else { echo '<td valign=top>' . $msgbody; } if ($row->status == 'edited') { echo "<BR><small>(Message edited by {$row->editedby} at: {$row->status_at})</small>"; } echo '</td></tr>'; // Show commands if any if (count($commands)) { // if action is set dont show i$commands unless it contains 'ALL' if ($action != '' && isset($commands['ALL']) || $action == '') { echo '<tr><td align="right" colspan="2" valign=top><small>' . (isset($commands['ALL']) ? $commands['ALL'] : join(' ', $commands)) . '</small></td></tr>'; } else { echo '<tr></tr>'; } } $cf = 3 - $cf; } echo '</table>'; if ($curpage < $numpages) { echo '<CENTER><BR>' . htmlURLbutSmall("NEXT Page", $link, "forumid={$forumid}&threadid={$threadid}&top=" . $curpage * $POSTSPERPAGE); } } else { if (isset($forumid) && !isset($addpost)) { // Display specific forum // Control buttons if ($allowNew) { echo '<div align=right>' . htmlURLbutton('New Topic', $link, "forumid={$forumid}&action=new&top={$top}") . '</div>'; } if ($allowViewDeleted) { $viewClause = ''; } else { $viewClause = "AND l_forumthread.status != 'deleted' "; } $res = mysql_query("select l_forumthread.id,l_forumthread.subject, l_player.id pid, \n l_player.callsign, max(l_forummsg.datesent) ds, \n unix_timestamp(max(l_forummsg.datesent)) datesent_ts,\n l_forumthread.status, \n l_forumthread.status_at,\n splayer.callsign as status_by, l_forumthread.is_sticky\n from (l_forumthread, l_forummsg, l_player, l_player l_player2)\n left join l_player splayer ON (splayer.id = l_forumthread.status_by)\n where l_forumthread.forumid={$forumid}\n and l_forumthread.creatorid = l_player.id\n {$viewClause}\n and l_forumthread.id = l_forummsg.threadid\n and l_player2.id = l_forummsg.fromid\n group by l_forumthread.id, l_forumthread.subject, l_player.id, l_player.callsign\n order by l_forumthread.is_sticky DESC, ds desc") or die(mysql_error()); // Table header echo '<table align=center border=1 cellspacing=0 cellpadding=1>'; echo '<tr class=tabhead><td width=50%>Topic</td><td align=center>Replies</td><td align=center>Last Comment</td><td align=center>Started by</td></tr>'; while ($row = mysql_fetch_object($res)) { // Get the last author for this topic $la = mysql_fetch_object(mysql_query("select l_player.id pid, l_player.callsign\n from l_player, l_forummsg\n where threadid = {$row->id}\n and fromid = l_player.id\n order by datesent desc\n limit 0, 1")); $nr = mysql_fetch_object(mysql_query("select count(*)-1 num\n from l_forummsg\n where threadid = " . $row->id)); echo '<tr><td>'; if ($row->is_sticky == 1) { print '<b>STICKY</b> '; } if ($row->status == 'locked') { echo '<b>LOCKED</b>; '; } elseif ($row->status == 'deleted') { echo '<b>DELETED</b>; '; } echo '<a href="index.php?link=' . $link . '&forumid=' . $forumid . '&threadid=' . $row->id . '&' . SID . '">'; if (empty($row->subject)) { $row->subject = '(no subject)'; } if (isset($_SESSION['last_login']) && $_SESSION['last_login'] < $row->datesent_ts) { echo '<font color="red"><b>' . smileys($row->subject) . '</b></font></a>'; } else { echo smileys($row->subject) . '</a>'; } $numpages = floor(($nr->num + 1 + $POSTSPERPAGE - 1) / $POSTSPERPAGE); if ($numpages > 1) { echo ' (<img src="' . THEME_DIR . '/multipage.gif"> '; for ($i = 2; $i <= $numpages; $i++) { $t = ($i - 1) * 10; echo '<a href="index.php?link=' . $link . '&top=' . $t . '&forumid=' . $forumid . '&threadid=' . $row->id . '&' . SID . '">' . $i . '</a> '; } echo ')'; } if ($row->status != 'normal') { if (!$row->status_by) { $row->status_by = 'SYSTEM'; } echo "<br /><small>by {$row->status_by} at {$row->status_at}</small>"; } echo '</td> <td align=center>' . $nr->num; echo '</td> <td align=center>' . $row->ds . '<br>by <a href="index.php?link=playerinfo&id=' . $la->pid . '&' . SID . '">' . $la->callsign . '</a></td> <td align=center><a href="index.php?link=playerinfo&id=' . $row->pid . '&' . SID . '">' . $row->callsign . '</a></td> </tr>'; } echo '</table>'; } elseif ($action == '') { // Display forums list $res = mysql_query("select l_forum.id, l_forum.title, ifnull(max(l_forummsg.datesent),'n/a') md, count(l_forummsg.msgid) num,\n unix_timestamp(max(l_forummsg.datesent)) as datesent_ts\n from l_forum \n left join l_forumthread on (l_forum.id = l_forumthread.forumid AND l_forumthread.status != 'deleted')\n left join l_forummsg on l_forumthread.id = l_forummsg.threadid\n where l_forum.status = 'open'\n group by l_forum.id, l_forum.title\n order by title") or die(mysql_error()); echo '<table align=center border=0 cellspacing=0 cellpadding=1> <tr class=tabhead><td>Forums</td><td align=right># Posts</td><td align=center>Last Comment</td></tr>'; while ($row = mysql_fetch_object($res)) { echo '<tr><td><a href="index.php?link=' . $link . '&forumid=' . $row->id . '&' . SID . '">'; if (isset($_SESSION['last_login']) && $_SESSION['last_login'] < $row->datesent_ts) { echo "<font color=\"red\">" . $row->title . "</font>"; } else { echo $row->title; } echo '</a></td><td align=center>' . $row->num . '</td><td align=center>' . $row->md . '</td></tr>'; } echo '</table>'; } } }
function section_playerinfo_displayPlayer(&$se) { $s_level = $_SESSION['level']; $s_logedin = isAuthenticated(); $s_playerid = $_SESSION['playerid']; $s_leader = $_SESSION['leader']; $s_teamid = $_SESSION['teamid']; $editAny = isFuncAllowed('edit_any_players'); echo '<table width=90% align=center border=0 cellspacing=0 cellpadding=1> <tr><td class=playername align=center>' . $se->callsign . '<BR><BR></td></tr>'; // Logo if any if ($se->logo != "") { echo '<tr><td align=center>' . section_playerinfo_dispLogo($se->logo, $se->logobg) . '<hr></td></tr>'; } // Bio if any if ($se->comment != "") { echo "<tr><td class=playerbio>" . nl2br($se->comment) . "<hr></td></tr>"; } // misc info .... echo '</td></tr><TR><TD><table align=center><TR><TD width=100 valign=top align=left>'; if ($se->flagname) { echo '<img src="' . FLAG_DIR . "c-{$se->flagname}.gif\">"; } echo '</td><TD><TABLE>'; // Team if any if ($se->teamname != "") { echo "<tr><td>"; if ($se->leader == $se->id) { $d = '<nobr>Leader (<img src="' . THEME_DIR . 'leader.gif">) of team</nobr>'; } else { $d = "<nobr>Member of team</nobr>"; } section_playerinfo_tab2($d, htmlLink($se->teamname, 'teaminfo', "id={$se->teamid}")); } else { echo "<tr><td align=center colspan=2>Does not belong to any team</td></tr>"; } if ($se->altnik1 || $se->altnik2) { if ($se->altnik1 && $se->altnik2) { $plural = 's'; $niks = $se->altnik1 . ', ' . $se->altnik2; } else { if ($se->altnik1) { $niks = $se->altnik1; } else { $niks = $se->altnik2; } } section_playerinfo_tab2("<nobr>Alternate callsign{$plural}</nobr>", $niks); } if ($se->countryname) { $loc = $se->countryname; if ($se->stateabbr) { $loc .= ' ('; if ($se->city) { $loc .= $se->city . ', '; } $loc .= "{$se->stateabbr})"; } section_playerinfo_tab2('Location', $loc); } if ($se->utczone || $se->zonename) { section_playerinfo_tab2('Time zone', 'GMT ' . section_playerinfo_numPlus($se->utczone) . " ({$se->zonename})"); } section_playerinfo_tab2('Site Member Since', date('Y-m-d', $se->created)); if (isset($se->last_login)) { section_playerinfo_tab2('Last login', date('Y-m-d H:i', $se->last_login)); } echo '<TR><TD colspan=2><HR></td></tr>'; if ($se->emailpub == 'Y') { section_playerinfo_tab2('email', section_playerinfo_obsMail($se->email)); } section_playerinfo_tab2('AIM', $se->aim); section_playerinfo_tab2('IRC', $se->ircnik1); section_playerinfo_tab2('ICQ', $se->icq); section_playerinfo_tab2('YIM', $se->yim); section_playerinfo_tab2('MSM', $se->msm); section_playerinfo_tab2('Jabber', $se->jabber); echo '</table></td><TD width=50></td></tr></table></tr>'; // Frequentation statistics if ($se->status != 'deleted') { echo '<tr><td><BR><BR>'; section_playerinfo_Frequentation($se->id); echo '<BR></td></tr>'; } if ($se->status != 'deleted') { // Send a message to this player (but not to myself!) if ($s_logedin && $s_playerid != $se->id) { echo '<tr><td><hr></td></tr><tr align=center><td><TABLE><TR><TD>' . htmlURLbutton('SEND BZmessage', 'sendmessage', "pid={$se->id}"); // If I am a team leader, and my team is not full, I can invite him if (isAuthenticated() && $_SESSION['leader']) { // Check if my team full $team = mysql_fetch_object(mysql_query("select count(*) as num from l_player where team={$s_teamid}")); if ($team->num < 20) { $mytn = queryGetTeamName($s_teamid); echo '<TD width=5></td><TD>' . htmlURLbutton("INVITE to {$mytn}", 'invite', "id={$se->id}") . '</td>'; } } echo '</tr></table></td></tr>'; } // Administrators and owner can edit a player if ($s_logedin && ($editAny || $s_playerid == $se->id)) { if ($editAny && $s_playerid != $se->id) { $class = ADMBUT; } echo '<tr><td align=center><hr><TABLE><TR><TD>' . htmlURLbutton('Edit Profile', 'playeradmin', "id={$se->id}&edt_st=1", $class); if (isFuncAllowed('visitlog::visit_log')) { echo '</td><TD width=5></td><TD>' . htmlURLbutton('Visits', 'visitlog', "id={$se->id}", ADMBUT); } if (isFuncAllowed('deleteplayer::delete_player') && $se->role_id != ADMIN_PERMISSION) { echo '</td><TD width=5></td><TD>' . htmlURLbutton('DELETE Player', 'deleteplayer', "id={$se->id}", ADMBUT); } echo '</td></tr></table></td></tr>'; } } echo "</table>"; }
function section_teamadmin() { require_once 'lib/common.php'; $TEAMSIZE = 20; $vars = array('id', 'f_password', 'f_ok_x', 'f_comment', 'f_logo', 'f_name', 'f_status', 'f_password1', 'f_password2', 'link', 'f_leader'); foreach ($vars as $var) { ${$var} = isset($_POST[$var]) ? $_POST[$var] : $_GET[$var]; } // Check permission $allowed = 0; $obj = mysql_fetch_object(mysql_query("select name, comment, leader, logo, password, status, adminclosed from l_team where id=" . $id)); $res = mysql_fetch_object(mysql_query("select count(*) num from l_player where team=" . $id)); $numplayer = $res->num; if (isFuncAllowed('edit_any_team') || $_SESSION['playerid'] == $obj->leader) { // Admin or team leader, allowed $allowed = 1; } else { // Check password $cypher = substr(crypt($f_password, substr($obj->password, 0, 2)), 0, 13); if ($cypher == $obj->password) { // Good password, allowed $allowed = 1; } } echo '<BR>'; if ($obj->status == 'deleted') { echo "<center>Sorry, you cannot edit a deleted team.</center>"; } else { if (!$allowed) { echo "<center>Sorry, you don't have the permission to edit the <a href=\"index.php?link=teaminfo&id=" . $id . "&" . SID . "\">" . $obj->name . "</a> team, or you entered an incorrect password.</center>"; } else { if ($f_ok_x) { $f_comment = stripslashes($f_comment); $f_logo = stripslashes($f_logo); $f_name = stripslashes($f_name); $f_status = stripslashes($f_status); } else { $f_comment = $obj->comment; $f_logo = $obj->logo; $f_name = $obj->name; $f_status = $obj->status; } $error = 1; if ($f_ok_x) { $error = 0; // Check password if ($f_password1 != $f_password2) { $error = 1; echo "<div class=error>The passwords don't match</div>"; } else { if ($f_password1 != "") { $cypher = ", password='******'$1') . "'"; } else { $cypher = ""; } } // Check duplicate team names $res = mysql_query("select name from l_team where id!={$id} and name=\"" . addslashes($f_name) . "\""); if (mysql_num_rows($res) != 0) { $error = 1; echo "<div class=error>A team with this name: '{$f_name}' already exists</div>"; $f_name = $obj->name; } // Check empty team name if ($f_name == '') { $error = 1; echo "<div class=error>The team name can't be empty</div>"; $f_name = $obj->name; } // Check logo //$msg = checkLogoSize($f_logo); $msg = ''; if ($msg != '') { $error = 1; echo "<div class=error>{$msg}</div>"; } } if ($error) { echo "<form method=post><table align=center border=0 cellspacing=0 cellpadding=1>"; // Hidden fields echo '<input type=hidden name=f_password value="' . $f_password . '">'; echo '<input type=hidden name=link value="' . $link . '">'; if (isAdmin() || $_SESSION['playerid'] == $obj->leader) { // Admins and leaders can change the team name echo '<tr><td>Team name:</td><td><input name=f_name size=40 maxlength=40 value="' . $f_name . '"></td></tr>'; } else { echo "<tr><td align=center colspan=2 class=tablehead><div class=teamname><b>" . $obj->name . "</b></div><input type=hidden name=f_name value=\"{$f_name}\"></td></tr>"; } // Logo if ($obj->logo != "") { echo '<tr><td align=center colspan=2><BR><img src="' . $obj->logo . '"></td></tr>'; } echo '<tr><td>Logo URL (400x300 max!):</td><td><input type=text size=60 maxlength=200 name=f_logo value="' . $f_logo . '"></td></tr>'; echo "<tr><td colspan=2><hr></td></tr>"; // Admin and leaders can change the team password if (isAdmin() || $_SESSION['playerid'] == $obj->leader) { // Password echo '<tr><td>Password:</td><td><input type=password size=8 maxlength=8 name=f_password1 value="' . $f_password1 . '"> (leaving the fields empty will keep the current password)</td></tr> <tr><td>Password:</td><td><input type=password size=8 maxlength=8 name=f_password2 value="' . $f_password2 . '"></td></tr> <tr><td colspan=2><hr></td></tr>'; } // Admin and leaders can change the team status if (isAdmin() || $_SESSION['playerid'] == $obj->leader) { if ($numplayer >= 3 && $numplayer < $TEAMSIZE) { // Can change status IF there are 3 players or more echo "<tr><td>Team status:</td><td><select name=f_status>"; if ($f_status == 'opened') { echo '<option selected value=opened>opened</option> <option value=closed>closed</option>'; } else { echo '<option value=opened>opened</option> <option selected value=closed>closed</option>'; } echo "</select></td></tr>"; } else { if ($numplayer == 1) { $typo = 'player'; } else { $typo = 'players'; } echo '<input type=hidden name=f_status value="' . $obj->status . '">'; echo '<tr><td align=center colspan=2>The team is currently ' . $obj->status . ' (forced because you have ' . $numplayer . ' ' . $typo . ')</td></tr>'; } } else { echo '<tr><td align=center colspan=2>The team is currently ' . $obj->status . '</td></tr>'; } if (isAdmin() || $_SESSION['playerid'] == $obj->leader) { echo "<tr>"; echo "<td>Leader</td>"; echo "<td><select name=\"f_leader\">"; $sql = "SELECT id, callsign FROM l_player WHERE team = '{$id}' ORDER by callsign"; $res = mysql_query($sql); while ($row = mysql_fetch_row($res)) { if ($row[0] == $obj->leader) { print "<option value=\"\" SELECTED>" . stripslashes($row[1]) . " (current leader)</option>"; } else { print "<option value=\"{$row[0]}\">" . stripslashes($row[1]) . "</option>"; } } echo "</select>"; echo "</td>"; echo "</tr>"; } // Comment echo '<tr><td colspan=2>Comment:<br><textarea name=f_comment cols=50 rows=6>' . $f_comment . '</textarea></td></tr> <tr><td colspan=2><hr></td></tr> <tr><td align=center colspan=2><table><tr><td>' . htmlFormButton(' OK ', 'f_ok_x') . '</td><td width=8></td><td>' . htmlURLbutton('Cancel', 'teaminfo', "id={$id}", CLRBUT) . '</td></tr></table></td></tr></table></form>'; } else { // Update the table if (!empty($f_leader)) { $sql = "SELECT 1 FROM l_player WHERE id = '{$f_leader}' AND team = {$id} "; $res = mysql_query($sql); if (mysql_fetch_row($res)) { $_SESSION['leader'] = $f_leader == $_SESSION['playerid'] ? 1 : 0; $f_leader = 'leader = ' . $f_leader . ', '; } else { $f_leader = ''; } } else { $f_leader = ''; } if ($f_status == '') { $f_status = 'opened'; } if ($f_status != $obj->status) { // Changed the status if ($f_status == 'closed') { $adminclosed = 'yes'; } else { $adminclosed = 'no'; } } else { // Keep current status $adminclosed = $obj->adminclosed; } sqlQuery($sql = 'update l_team set logo="' . addSlashes($f_logo) . '", comment="' . addSlashes($f_comment) . '" ' . $cypher . ', name="' . addSlashes($f_name) . '", adminclosed="' . $adminclosed . '", ' . $f_leader . ' status="' . $f_status . '" where id=' . $id); echo '<BR><center>Thank you, <a href="index.php?link=playerinfo&id=' . $_SESSION['playerid'] . '&' . SID . '">' . $_SESSION['callsign'] . '</a>, for updating the <a href="index.php?link=teaminfo&id=' . $id . '&' . SID . '">' . $f_name . '</a> team.</center>'; // If changed the team name, inform the team members if ($f_name != $obj->name) { echo '<center>You changed the team name, we inform your team members.</center>'; sendBzMail(0, $id, 'Team renamed!', '<center>---ADMINISTRATIVE MESSAGE---</center><br>' . $_SESSION['callsign'] . ' just changed the name of your team from <i>' . $obj->name . '</i> to <i>' . $f_name . '</i>.', true, true); } } } } }
function section_fights_doForm($teamid, $numdays, $detail) { echo '<TABLE align=center class=insetForm><TR><TD>'; echo "<TABLE border=0 cellpadding=0 cellspacing=0><TR valign=middle><TD>\n <form action=\"index.php\" name=none>\n <input type=hidden name=link value=fights>\n <input type=hidden name=id value={$teamid}>\n Period: </td><TD>\n <select name=days>"; htmlOption(15, '15 days', $numdays); htmlOption(30, '30 days', $numdays); htmlOption(60, '60 days', $numdays); htmlOption(90, '90 days', $numdays); htmlOption(182, '6 months', $numdays); htmlOption(365, '1 year', $numdays); htmlOption(0, 'ALL', $numdays); echo "</select><BR>\n </td><TD width=15></td>"; if (isFuncAllowed('match_detail')) { echo "<TD>Detail: </td><TD>\n <select name=det>"; htmlOption(0, 'none', $detail); htmlOption(2, 'some', $detail); htmlOption(5, 'all', $detail); echo "</select><BR>\n </td><TD width=15></td>"; } echo '<TD align=left>' . htmlFormButSmall('Show me', '') . '</td></tr></table></td></tr></table></form>'; }
function adminMenu() { //if ($GLOBALS['UserLevel']=='player' || $GLOBALS['UserLevel']=='guest') // return; $admMenu = array(array('entermatch::enter_match', 'Enter Match', 'entermatch', '', LINK_BOLD), array('admintext::edit_homepage', 'Homepage', 'admintext', 'func=homepage'), array('news::edit_news', 'News Edit', 'newsadmin'), array('shame::edit_shame', 'HOS Edit', 'shameadmin'), array('links::edit_links', 'Links Edit', 'linkadmin'), array('admintext::edit_contacts', 'Contacts', 'admintext', 'func=contact'), array('admintext::edit_faq', 'FAQ Edit', 'admintext', 'func=faq'), array('admintext::edit_rules', 'Rules Edit', 'admintext', 'func=rules'), array('adminlist::list_admins', 'Admin List', 'adminlist'), array('runmaintenance::maintenance', 'Maintenance', 'runmaintenance'), array('reviveteam::revive_team', 'Revive Team', 'reviveteam'), array('visitlog::visit_log', 'Visits Log', 'visitlog'), array('ipreport::ipreport', 'IP Report', 'ipreport'), array('dispchangelog::disp_changelog', 'ChangeLog', 'dispchangelog'), array('badpass::badpass', 'BadLogin', 'badpass'), array('admintext::edit_todo', 'Scratchpad', 'admintext', 'func=todo'), array('debug::debug', 'Debug', 'debug'), array('permissions::permissions', 'Permissions', 'permissions'), array('permissions::permissions', 'Roles', 'permissions', 'func=roles'), array('createaccount::create_account', 'Create Acct', 'createaccount'), array('addseason::add_season', 'Seasons', 'addseason')); $colCount = 0; $out = '<TABLE class=admback width=100%><TR><TD>'; $out .= '<TABLE align=center class=admbar cellpadding=0 cellspacing=0><TR>'; foreach ($admMenu as $mi) { if (isFuncAllowed($mi[0])) { $out .= '<TD align=center width=90><nobr>' . htmlLink($mi[1], $mi[2], $mi[3], $mi[4]) . '</nobr></td>'; if (++$colCount % 8 == 0) { $out .= '</tr><TR>'; } } } $out .= '</tr></table></td></tr></table>'; if ($colCount) { print $out; } }