function inncoupons_run() { require_once "lib/sanitize.php"; global $session; $op = httpget("op"); $iname = getsetting("innname", LOCATION_INN); $cost = get_module_setting("cost"); $config = unserialize($session['user']['donationconfig']); if (!is_array($config)) { $config = array(); } if (isset($config['innstays']) && $config['innstays']) { set_module_pref("availablestays", $config['innstays']); unset($config['innstays']); $session['user']['donationconfig'] = serialize($config); } if ($op == "room") { $num = get_module_pref("availablestays"); $num--; set_module_pref("availablestays", $num); $session['user']['loggedin'] = 0; $session['user']['location'] = $iname; $session['user']['boughtroomtoday'] = 1; $session['user']['restorepage'] = "inn.php?op=strolldown"; saveuser(); $session = array(); redirect("index.php"); } elseif ($op == "innstays") { page_header("Hunter's Lodge"); output("`7J. C. Petersen turns to you. \"`&Ten free nights in %s will cost %s points,`7\" he says.", $iname, $cost); output("\"`&Will this suit you?`7\"`n`n"); addnav("Confirm Inn Stays"); addnav("Yes", "runmodule.php?module=inncoupons&op=innconfirm"); addnav("No", "lodge.php"); } elseif ($op == "innconfirm") { page_header("Hunter's Lodge"); addnav("L?Return to the Lodge", "lodge.php"); $pointsavailable = $session['user']['donation'] - $session['user']['donationspent']; if ($pointsavailable >= $cost) { output("`7J. C. Petersen gives you a card that reads \"Coupon: Good for ten free stays at %s\"", $iname); $num = get_module_pref("availablestays"); $num += 10; set_module_pref("availablestays", $num); $session['user']['donationspent'] += $cost; } else { output("`7J. C. Petersen looks down his nose at you."); output("\"`&I'm sorry, but you do not have the %s points required to purchase the coupons. Please return when you do and I'll be happy to sell them to you.`7\"", $cost); } } page_footer(); }
function redirect($location, $reason = false) { global $session, $REQUEST_URI; // This function is deliberately not localized. It is meant as error // handling. if (strpos($location, "badnav.php") === false) { //deliberately html in translations so admins can personalize this, also in once scheme $session['allowednavs'] = array(); addnav("", $location); $session['output'] = "<a href=\"" . HTMLEntities($location, ENT_COMPAT, getsetting("charset", "ISO-8859-1")) . "\">" . translate_inline("Click here.", "badnav") . "</a>"; $session['output'] .= translate_inline("<br><br>If you cannot leave this page, notify the staff via <a href='petition.php'>petition</a> and tell them where this happened and what you did. Thanks.", "badnav"); } restore_buff_fields(); $session['debug'] .= "Redirected to {$location} from {$REQUEST_URI}. {$reason}<br>"; saveuser(); @header("Location: {$location}"); //echo "<html><head><meta http-equiv='refresh' content='0;url=$location'></head></html>"; //echo "<a href='$location'>$location</a><br><br>"; //echo $location; //echo $session['debug']; exit; }
function redirect($location, $reason = false) { global $session, $REQUEST_URI; // This function is deliberately not localized. It is meant as error // handling. if (strpos($location, "badnav.php") === false) { //deliberately html in translations so admins can personalize this, also in once scheme $session['allowednavs'] = array(); addnav("", $location); addnav("", HTMLEntities($location, ENT_COMPAT, getsetting("charset", "ISO-8859-1"))); $session['output'] = "<a href=\"" . HTMLEntities($location, ENT_COMPAT, getsetting("charset", "ISO-8859-1")) . "\">" . translate_inline("Click here.", "badnav") . "</a>"; $session['output'] .= translate_inline("<br><br><b>You've got a BadNav!</b> <a href=\"http://enquirer.improbableisland.com/dokuwiki/doku.php?id=badnav\">Click here to find out what that is.</a> If you see this message consistently, please add your tuppence'orth to <a href='http://enquirer.improbableisland.com/forum/viewtopic.php?showtopic=19239'>this forum thread</a>.<br /><br />If you cannot leave this page by clicking the first link above, notify the staff via <a href='petition.php'>petition</a> and tell them what you were doing just before this happened. Also copy and paste everything that appears below this message. Thanks!<br><br>BADNAV REPORT<br>Attempted redirect: \"" . $location . "\"<br>Sanitized attempted redirect: \"" . HTMLEntities($location, ENT_COMPAT, getsetting("charset", "ISO-8859-1")) . "\"<br>Redirect reason: \"" . $reason . "\"", "badnav"); } restore_buff_fields(); $session['debug'] .= "Redirected to {$location} from {$REQUEST_URI}. {$reason}<br>"; saveuser(); @header("Location: {$location}"); //echo "<html><head><meta http-equiv='refresh' content='0;url=$location'></head></html>"; //echo "<a href='$location'>$location</a><br><br>"; //echo $location; //echo $session['debug']; exit; }
} } } } break; case "room": $config = unserialize($session['user']['donationconfig']); $expense = round($session['user']['level'] * (10 + log($session['user']['level'])), 0); if ($_GET['pay']) { if ($_GET['coupon'] == 1) { $config['innstays']--; $session['user']['donationconfig'] = serialize($config); $session['user']['loggedin'] = 0; $session['user']['location'] = 1; $session['user']['boughtroomtoday'] = 1; saveuser(); $session = array(); redirect("index.php"); } else { if ($_GET['pay'] == 2 || $session['user']['gold'] >= $expense || $session['user']['boughtroomtoday']) { if ($session['user']['loggedin']) { if ($session['user']['boughtroomtoday']) { } else { if ($_GET['pay'] == 2) { $fee = getsetting("innfee", "5%"); if (strpos($fee, "%")) { $expense += round($expense * $fee / 100, 0); } else { $expense += $fee; } $goldline = ",goldinbank=goldinbank-{$expense}";
function worldmapen_run_real() { global $session, $badguy, $pvptimeout, $options, $outdoors, $shady; $outdoors = true; $op = httpget("op"); $battle = false; if ($op == 'move' && rawurldecode(httpget('oloc')) != get_module_pref('worldXYZ')) { debug(get_module_pref('worldXYZ')); $op = 'continue'; httpset('op', $op); } // debug("Worldmap running op={$op} ..."); // handle the admin editor first if ($op == "edit") { if (!get_module_pref("canedit")) { check_su_access(SU_EDIT_USERS); } if (get_module_setting("worldmapenInstalled") != 1) { set_module_setting('worldmapenInstalled', "1"); worldmapen_defaultcityloc(); } worldmapen_editor(); } if ($op == "destination") { $cname = httpget("cname"); $session['user']['location'] = $cname; addnav(array("Enter %s", $cname), "village.php"); output("`c`4`bYou've Arrived in %s.`b`0`c`n", $cname); output("`cYou have reached the outer gates of the city.`c"); } if (!get_module_setting("worldmapenInstalled")) { page_header("A rip in the fabric of space and time"); require_once "lib/villagenav.php"; villagenav(); output("`^The admins of this game haven't yet finished installing the worldmapen module."); output("You should send them a petition and tell them that they forgot to generate the initial locations of the cities."); output("Until then, you are kind of stuck here, so I hope you like where you are.`n`n"); output("After all, remember:`nWherever you go, there you are.`0"); page_footer(); } $subop = httpget("subop"); $act = httpget("act"); $type = httpget("type"); $name = httpget("name"); $direction = httpget("dir"); $su = httpget("su"); $buymap = httpget("buymap"); $worldmapCostGold = get_module_setting("worldmapCostGold"); $pvp = httpget('pvp'); require_once "lib/events.php"; if ($session['user']['specialinc'] != "" || httpget("eventhandler")) { $in_event = handle_event(get_module_setting("randevent"), "runmodule.php?module=worldmapen&op=continue&", "Travel"); if ($in_event) { addnav("Continue", "runmodule.php?module=worldmapen&op=continue"); module_display_events(get_module_setting("randevent"), "runmodule.php?module=worldmapen&op=continue"); page_footer(); } } page_header("Journey"); //is the player looking at chat? if (httpget('comscroll') || httpget('comscroll') === 0 || httpget('comment') || httpget('refresh')) { $chatoverride = 1; require_once "lib/commentary.php"; addcommentary(); $loc = get_module_pref("worldXYZ", "worldmapen"); viewcommentary("mapchat-" . $loc, "Chat with others who walk this path...", 25); } if ($op == "beginjourney") { $loc = $session['user']['location']; $x = get_module_setting($loc . "X"); $y = get_module_setting($loc . "Y"); $z = get_module_setting($loc . "Z"); $xyz = $x . "," . $y . "," . $z; set_module_pref("worldXYZ", $xyz); output("`b`&The gates of %s`& stand closed behind you.`0`b`n`n", $session['user']['location']); $num = e_rand(1, 5); $msg = get_module_setting("leaveGates{$num}"); output("`c`n`^%s`0`n`c`n", $msg); worldmapen_determinenav(); if (get_module_setting("smallmap")) { worldmapen_viewsmallmap(); } if (!$chatoverride) { require_once "lib/commentary.php"; addcommentary(); $loc = get_module_pref("worldXYZ", "worldmapen"); viewcommentary("mapchat-" . $loc, "Chat with others who walk this path...", 25); } worldmapen_viewmapkey(true, false); module_display_events(get_module_setting("randevent"), "runmodule.php?module=worldmapen&op=continue"); $loc = get_module_pref('worldXYZ'); list($x, $y, $z) = explode(",", $loc); $t = worldmapen_getTerrain($x, $y, $z); //debug($t); if ($t['type'] == "Forest") { $shady = true; } } elseif ($op == "continue") { checkday(); worldmapen_determinenav(); if (get_module_setting("smallmap")) { worldmapen_viewsmallmap(); } if (!$chatoverride) { require_once "lib/commentary.php"; addcommentary(); $loc = get_module_pref("worldXYZ", "worldmapen"); viewcommentary("mapchat-" . $loc, "Chat with others who walk this path...", 25); } worldmapen_viewmapkey(true, false); $loc = get_module_pref('worldXYZ'); list($x, $y, $z) = explode(",", $loc); $t = worldmapen_getTerrain($x, $y, $z); //debug($t); if ($t['type'] == "Forest") { $shady = true; } //Turns Trading bit, added by CavemanJoe } elseif ($op == "tradeturn") { checkday(); $pointstrade = get_module_setting("turntravel"); output("You can trade one Turn for %s Travel Points. Do you want to do this now?", $pointstrade); addnav("Yes, use a turn", "runmodule.php?module=worldmapen&op=tradeturnconfirm"); addnav("No, cancel and return to the map", "runmodule.php?module=worldmapen&op=continue"); } elseif ($op == "tradeturnconfirm") { $pointstrade = get_module_setting("turntravel"); output("By conserving energy that you would have otherwise used for fighting creatures, you have gained %s Travel Points.", $pointstrade); $session['user']['turns']--; $ttoday = get_module_pref("traveltoday", "cities"); set_module_pref("traveltoday", $ttoday - $pointstrade, "cities"); addnav("Continue", "runmodule.php?module=worldmapen&op=continue"); } elseif ($op == "move" && !$chatoverride) { checkday(); if ($session['user']['location'] != 'World') { set_module_pref("lastCity", $session['user']['location']); $session['user']['location'] = "World"; } $session['user']['restorepage'] = "runmodule.php?module=worldmapen&op=continue"; $loc = get_module_pref('worldXYZ'); list($x, $y, $z) = explode(",", $loc); if ($direction == "north") { $y += 1; } if (get_module_setting("compasspoints") == "1" and $direction == "northeast") { $y += 1; $x += 1; } if (get_module_setting("compasspoints") == "1" and $direction == "northwest") { $y += 1; $x -= 1; } if ($direction == "east") { $x += 1; } if ($direction == "south") { $y -= 1; } if (get_module_setting("compasspoints") == "1" and $direction == "southeast") { $y -= 1; $x += 1; } if (get_module_setting("compasspoints") == "1" and $direction == "southwest") { $y -= 1; $x -= 1; } if ($direction == "west") { $x -= 1; } $terraincost = worldmapen_terrain_cost($x, $y, $z); $encounterbase = worldmapen_encounter($x, $y, $z); $encounterchance = get_module_pref("encounterchance"); $encounter = $encounterbase * $encounterchance / 100; debug($encounterbase . " * " . $encounterchance . " / 100 = " . $encounter); $ttoday = get_module_pref("traveltoday", "cities"); set_module_pref("traveltoday", $ttoday + $terraincost, "cities"); worldmapen_terrain_takestamina($x, $y, $z); $xyz = $x . "," . $y . "," . $z; set_module_pref("worldXYZ", $xyz); // $randchance = get_module_setting("randchance"); // if (e_rand(0,100) < $randchance){ // $eventravel = "travel"; // set_module_setting("randevent", $eventravel); // }else{ // $eventravel = "forest"; // set_module_setting("randevent", $eventravel); // } //Extra Gubbins pertaining to trading Turns for Travel, added by Caveman Joe $useturns = get_module_setting("useturns"); $allowzeroturns = get_module_setting("allowzeroturns"); $playerturns = $session['user']['turns']; $proceed = 1; //the Proceed value is used when the player has hit a monster, to make sure it's okay to actually run the event/monster. if ($playerturns == 0 && $allowzeroturns == 0) { $proceed = 0; } if (e_rand(0, 100) < $encounter && $su != '1' && $proceed == 1 && !$chatoverride) { // They've hit a monster! if (module_events(get_module_setting("randevent"), get_module_setting("wmspecialchance"), "runmodule.php?module=worldmapen&op=continue&") != 0) { page_header("Something Special!"); if (checknavs()) { page_footer(); } else { // Reset the special for good. $session['user']['specialinc'] = ""; $session['user']['specialmisc'] = ""; $skipvillagedesc = true; $op = ""; httpset("op", ""); addnav("Continue", "runmodule.php?module=worldmapen&op=continue&"); module_display_events(get_module_setting("randevent"), "runmodule.php?module=worldmapen&op=continue"); page_footer(); } } //Check if we're removing a turn when the player encounters a monster, and if so, do it if ($useturns == 1) { $session['user']['turns']--; } //Fix to only search for Forest type creatures, added by CavemanJoe $sql = "SELECT * FROM " . db_prefix("creatures") . " WHERE creaturelevel = '{$session['user']['level']}' AND forest = 1 ORDER BY rand(" . e_rand() . ") LIMIT 1"; $result = db_query($sql); restore_buff_fields(); if (db_num_rows($result) == 0) { // There is nothing in the database to challenge you, // let's give you a doppleganger. $badguy = array(); $badguy['creaturename'] = "An evil doppleganger of " . $session['user']['name']; $badguy['creatureweapon'] = $session['user']['weapon']; $badguy['creaturelevel'] = $session['user']['level']; $badguy['creaturegold'] = rand($session['user']['level'] * 15, $session['user']['level'] * 30); $badguy['creatureexp'] = round($session['user']['experience'] / 10, 0); $badguy['creaturehealth'] = $session['user']['maxhitpoints']; $badguy['creatureattack'] = $session['user']['attack']; $badguy['creaturedefense'] = $session['user']['defense']; } else { $badguy = db_fetch_assoc($result); require_once "lib/forestoutcomes.php"; $badguy = buffbadguy($badguy); } calculate_buff_fields(); $badguy['playerstarthp'] = $session['user']['hitpoints']; $badguy['diddamage'] = 0; $badguy['type'] = 'world'; //debug("Worldmap run.php is debugging badguy"); //debug($badguy); $session['user']['badguy'] = createstring($badguy); $battle = true; } else { // $args = modulehook("count-travels", array('available'=>0, 'used'=>0)); // $free = max(0, $args['available'] - $args['used']); // if (get_module_setting("usestamina")==1){ // output("`c`nYou think to yourself what a nice day it is.`c`n"); // } else { // output("`c`nYou think to yourself what a nice day it is.`nYou have %s Travel Points remaining.%s`c`n",$free); // } $free = 100; worldmapen_determinenav(); if (get_module_setting("smallmap")) { worldmapen_viewsmallmap(); } if (!$chatoverride) { require_once "lib/commentary.php"; addcommentary(); $loc = get_module_pref("worldXYZ", "worldmapen"); viewcommentary("mapchat-" . $loc, "Chat with others who walk this path...", 25); } worldmapen_viewmapkey(true, false); module_display_events(get_module_setting("randevent"), "runmodule.php?module=worldmapen&op=continue"); } $loc = get_module_pref('worldXYZ'); list($x, $y, $z) = explode(",", $loc); $t = worldmapen_getTerrain($x, $y, $z); //debug($t); if ($t['type'] == "Forest") { $shady = true; } } elseif ($op == "gypsy") { $outdoors = false; if ($buymap == '') { output("`5\"`!Ah, yes. An adventurer. I could tell by looking into your eyes,`5\" the gypsy says.`n"); output("\"`!Many people have lost their way while journeying without a guide such as this."); output("It will let you see all the world.`5\"`n"); output("\"`!Yes, yes. Let's see... What sort of price should we put on this?"); output("Hmm. How about `^%s`! gold?`5\"", $worldmapCostGold); addnav(array("Buy World Map `0(`^%s gold`0)", $worldmapCostGold), "runmodule.php?module=worldmapen&op=gypsy&buymap=yes"); addnav("Forget it", "village.php"); } elseif ($buymap == 'yes') { if ($session['user']['gold'] < $worldmapCostGold) { output("`5\"`!What do you take me for? A blind hag? Come back when you have the money`5\""); addnav("Leave quickly", "village.php"); } else { output("`5\"`!Enjoy your newfound sight,`5\" the gypsy says as she walks away to greet some patrons that have just strolled in."); $session['user']['gold'] -= $worldmapCostGold; set_module_pref("worldmapbuy", 1); require_once "lib/villagenav.php"; villagenav(); } } } elseif ($op == "viewmap") { worldmapen_determinenav(); worldmapen_viewmap(true); if (is_module_active("medals")) { require_once "modules/medals.php"; medals_award_medal("boughtmap", "Bearer of the Map", "This player purchased the World Map from the Comms Tent!", "medal_islandmap.png"); } } elseif ($op == "camp") { if ($session['user']['loggedin']) { $session['user']['loggedin'] = 0; $session['user']['restorepage'] = "runmodule.php?module=worldmapen&op=wake"; saveuser(); invalidatedatacache("charlisthomepage"); invalidatedatacache("list.php-warsonline"); } $session = array(); redirect("index.php", "Redirected to Index from World Map"); } elseif ($op == "wake") { if ($session['user']['hitpoints'] > 0) { // runmodule.php calls do_forced_nav, $session['user']['alive'] = true; // and that resets ['alive'], so } else { // this is from common.php to make sure $session['user']['alive'] = false; // the player is not half-dead after log-in. } output("You yawn and stretch and look around your campsite.`n`n"); output("Ah, how wonderful it is to sleep in the open air!`n"); output("The world seems full of possibilities today.`n`n"); checkday(); worldmapen_determinenav(); if (get_module_setting("smallmap")) { worldmapen_viewsmallmap(); } if (!$chatoverride) { require_once "lib/commentary.php"; addcommentary(); $loc = get_module_pref("worldXYZ", "worldmapen"); viewcommentary("mapchat-" . $loc, "Chat with others who walk this path...", 25); } worldmapen_viewmapkey(true, false); $loc = get_module_pref('worldXYZ'); list($x, $y, $z) = explode(",", $loc); $t = worldmapen_getTerrain($x, $y, $z); //debug($t); if ($t['type'] == "Forest") { $shady = true; } } elseif ($op == "combat") { // Okay, we've picked a person to fight. require_once "lib/pvpsupport.php"; $name = httpget("name"); $badguy = setup_target($name); $failedattack = false; if ($badguy === false) { output("`0`n`nYou survey the area again.`n"); worldmapen_determinenav(); } else { $battle = true; $badguy['type'] = 'pvp'; //$options['type'] = 'pvp'; $session['user']['badguy'] = createstring($badguy); $session['user']['playerfights']--; } } elseif ($op == "fight" || $op == "run") { if (!$chatoverride && !httpget("frombio")) { $battle = true; } else { worldmapen_determinenav(); if (get_module_setting("smallmap")) { worldmapen_viewsmallmap(); } worldmapen_viewmapkey(true, false); } // $args = modulehook("count-travels", array('available'=>0,'used'=>0)); // $free = max(0, $args['available'] - $args['used']); // if (get_module_setting("usestamina")==1){ $free = 100; // } if ($op == "run" && !$pvp) { if (!$chatoverride) { if (e_rand(1, 5) < 3 && $free) { // They managed to get away. output("You set off running at a breakneck pace!`n`n"); output("A short time later, you have managed to avoid your opponent, so you stop to catch your breath."); $ttoday = get_module_pref("traveltoday", "cities"); set_module_pref("traveltoday", $ttoday + 1, "cities"); output("As you look around, you realize that all you really managed was to run in circles."); $battle = false; worldmapen_determinenav(); if (get_module_setting("smallmap")) { worldmapen_viewsmallmap(); } require_once "lib/commentary.php"; addcommentary(); $loc = get_module_pref("worldXYZ", "worldmapen"); viewcommentary("mapchat-" . $loc, "Chat with others who walk this path...", 25); worldmapen_viewmapkey(true, false); } else { output("You try to run, but you don't manage to get away!`n"); $op = "fight"; httpset('op', $op); } } else { if (get_module_setting("smallmap")) { worldmapen_viewsmallmap(); } require_once "lib/commentary.php"; addcommentary(); $loc = get_module_pref("worldXYZ", "worldmapen"); viewcommentary("mapchat-" . $loc, "Chat with others who walk this path...", 25); worldmapen_determinenav(); worldmapen_viewmapkey(true, false); } } elseif ($op == "run" && $pvp) { output("Your pride prevents you from running"); $op = "fight"; httpset('op', $op); } $loc = get_module_pref('worldXYZ'); list($x, $y, $z) = explode(",", $loc); $t = worldmapen_getTerrain($x, $y, $z); //debug($t); if ($t['type'] == "Forest") { $shady = true; } } if ($battle) { include_once "battle.php"; if (isset($enemies) && !$pvp) { $badguy =& $enemies; } if ($victory) { if ($pvp) { require_once "lib/pvpsupport.php"; $aliveloc = $badguy['location']; pvpvictory($badguy, $aliveloc, $options); addnews("`4%s`3 defeated `4%s`3 while they were camped in the wilderness.`0", $session['user']['name'], $badguy['creaturename']); $badguy = array(); } else { if (!$chatoverride && !httpget('frombio')) { //is talking require_once "lib/forestoutcomes.php"; forestvictory($badguy, false); } } //has just beaten a badguy worldmapen_determinenav(); if (get_module_setting("smallmap")) { worldmapen_viewsmallmap(); } if (!$chatoverride) { require_once "lib/commentary.php"; addcommentary(); $loc = get_module_pref("worldXYZ", "worldmapen"); viewcommentary("mapchat-" . $loc, "Chat with others who walk this path...", 25); } worldmapen_viewmapkey(true, false); } elseif ($defeat) { // Reset the players body to the last city they were in $session['user']['location'] = get_module_pref('lastCity'); if ($pvp) { require_once "lib/pvpsupport.php"; require_once "lib/taunt.php"; $killedloc = $badguy['location']; $taunt = select_taunt(); pvpdefeat($badguy, $killedloc, $taunt, $options); addnews("`4%s`3 was defeated while attacking `4%s`3 as they were camped in the wilderness.`0`n%s", $session['user']['name'], $badguy['creaturename'], $taunt); } else { require_once "lib/forestoutcomes.php"; forestdefeat($badguy, "in the wild"); } output("`n`n`&You are sure that someone, sooner or later, will stumble over your corpse and return it to %s`& for you.`0", $session['user']['location']); } else { require_once "lib/fightnav.php"; $allow = true; $extra = ""; if ($pvp) { $allow = false; $extra = "pvp=1&"; } fightnav($allow, $allow, "runmodule.php?module=worldmapen&{$extra}"); } } page_footer(); }
logrequest($userid, $action); checksession(); checkprivileges($userid); getusagestats(); break; case "edituser": logrequest($userid, $action); checksession(); checkprivileges($userid); edituser($_GET["edituserid"]); break; case "saveuser": logrequest($userid, $action); checksession(); checkprivileges($userid); saveuser($_GET["edituserid"], $_GET["username"], $_GET["email"], $_GET["phone"], $_GET["privileges"], $_GET["limit"]); break; case "addcredit": logrequest($userid, $action); checksession(); checkprivileges($userid); addcredit($_GET["edituserid"], $_GET["creditmultiplier"]); break; case "trips": logrequest($userid, $action); checksession(); checkprivileges($userid); if ($_GET["bikeno"]) { $bikenum = trim($_GET["bikeno"]); checkbikeno($bikenum); trips($userid, $bikenum);
} else { if (isset($_POST['mode'])) { $mode = COM_applyFilter($_POST['mode']); } else { if (isset($_GET['mode'])) { $mode = COM_applyFilter($_GET['mode']); } } } } $display = ''; if (isset($_USER['uid']) && $_USER['uid'] > 1) { switch ($mode) { case 'saveuser': savepreferences($_POST); $display .= saveuser($_POST); PLG_profileExtrasSave(); break; case 'savepreferences': savepreferences($_POST); $display .= COM_refresh($_CONF['site_url'] . '/usersettings.php?mode=preferences&msg=6'); break; case 'confirmdelete': if ($_CONF['allow_account_delete'] == 1 && $_USER['uid'] > 1) { $accountId = COM_applyFilter($_POST['account_id']); if (!empty($accountId)) { $display .= confirmAccountDelete($accountId); } else { $display = COM_refresh($_CONF['site_url'] . '/index.php'); } } else {
Header("Location: index.php"); } break; case "saveuser": $past = time() - 300; sql_query("DELETE FROM " . $NPDS_Prefix . "session WHERE time < {$past}"); $result = sql_query("SELECT time FROM " . $NPDS_Prefix . "session WHERE username='******'1']}'"); if (sql_num_rows($result) == 1) { // CheckBox settype($attach, 'integer'); settype($user_viewemail, 'integer'); settype($usend_email, 'integer'); settype($uis_visible, 'integer'); settype($user_lnl, 'integer'); settype($raz_avatar, 'integer'); saveuser($uid, $name, $uname, $email, $femail, $url, $pass, $vpass, $bio, $user_avatar, $user_icq, $user_occ, $user_from, $user_intrest, $user_sig, $user_viewemail, $user_aim, $user_yim, $user_msnm, $attach, $usend_email, $uis_visible, $user_lnl, $C1, $C2, $C3, $C4, $C5, $C6, $C7, $C8, $M1, $M2, $T1, $T2, $B1, $MAX_FILE_SIZE, $raz_avatar); } else { Header("Location: user.php"); } break; case "edithome": if ($user) { edithome(); } else { Header("Location: index.php"); } break; case "savehome": settype($ublockon, 'integer'); savehome($uid, $uname, $theme, $storynum, $ublockon, $ublock); break;
finishNewUser($username, $user_email, $user_password, $random_num, $gfx_check); break; case "mailpasswd": mail_password($username, $code); break; case "userinfo": userinfo($username, $bypass, $hid, $url); break; case "login": login($username, $user_password, $redirect, $mode, $f, $t, $random_num, $gfx_check); break; case "edituser": edituser(); break; case "saveuser": saveuser($realname, $user_email, $femail, $user_website, $user_icq, $user_aim, $user_yim, $user_msnm, $user_from, $user_occ, $user_interests, $newsletter, $user_viewemail, $user_allow_viewonline, $user_notify, $user_notify_pm, $user_popup_pm, $user_attachsig, $user_allowbbcode, $user_allowhtml, $user_allowsmile, $user_timezone, $user_dateformat, $user_sig, $bio, $user_password, $vpass, $username, $user_id); break; case "edithome": edithome(); break; case "chgtheme": chgtheme(); break; case "savehome": savehome($user_id, $username, $storynum, $ublockon, $ublock, $broadcast); break; case "savetheme": savetheme($user_id, $theme); break; case "avatarlist": avatarlist($avatarcategory);
function popup_footer() { global $output, $nestedtags, $header, $nav, $session; while (list($key, $val) = each($nestedtags)) { $output .= "</{$key}>"; unset($nestedtags[$key]); } $output .= "</td></tr><tr><td bgcolor='#330000' align='center'>Copyright 2002, Eric Stevens</td></tr></table></body></html>"; $output = $header . $output; //$session[output]=$output; saveuser(); echo $output; exit; }
/** * Ends page generation for popup windows. Saves the user account info - doesn't update page generation stats * */ function popup_footer() { global $output, $nestedtags, $header, $session, $y2, $z2, $copyright, $template; while (list($key, $val) = each($nestedtags)) { if ($nestedtags[$key] === true) { $output .= "</{$key}>"; } unset($nestedtags[$key]); } $footer = $template['popupfoot']; // Pass the script file down into the footer so we can do something if // we need to on certain pages (much like we do on the header. // Problem is 'script' is a valid replacement token, so.. use an // invalid one which we can then blow away. $replacementbits = modulehook("footer-popup", array()); //output any template part replacements that above hooks need reset($replacementbits); while (list($key, $val) = each($replacementbits)) { $header = str_replace("{" . $key . "}", "{" . $key . "}" . join($val, ""), $header); $footer = str_replace("{" . $key . "}", "{" . $key . "}" . join($val, ""), $footer); } $z = $y2 ^ $z2; $footer = str_replace("{" . $z . "}", ${$z}, $footer); //clean up spare {fields}s from header and footer (in case they're not used) $footer = preg_replace("/{[^} \t\n\r]*}/i", "", $footer); $header = preg_replace("/{[^} \t\n\r]*}/i", "", $header); $output = $header . $output . $footer; saveuser(); $_SESSION['session'] = $session; session_write_close(); echo $output; exit; }
} else { display_avatar_gallery($memberinfo); } showfooter(); } else { if (isset($_POST['save'])) { if ($CPG_SESS['admin']['page'] != 'users') { cpg_error(_ERROR_BAD_LINK, _SEC_ERROR); } if (!($memberinfo = getusrdata($_POST['id']))) { echo _NOINFOFOR . ' <strong>' . $username . '</strong>'; showfooter(); } else { $module_name = 'Your_Account'; require 'modules/Your_Account/edit_profile.php'; saveuser($memberinfo); } } else { if (isset($_GET['mode'])) { if ($_GET['mode'] == 'edit') { $pagetitle .= ' ' . _BC_DELIM . ' ' . _EDITUSER; showheader(); if (isset($_GET['edit'])) { if (!($memberinfo = getusrdata($_GET['id']))) { echo _NOINFOFOR . ' <strong>' . $_GET['id'] . '</strong>'; } else { require 'modules/Your_Account/edit_profile.php'; edituser($memberinfo); } } else { echo open_form(URL::admin(), 'post', 0, ' style="border:none"');
//END-OF-FIX break; case "mailpasswd": mail_password($username, $code); break; case "userinfo": userinfo($username, $bypass, $hid, $url); break; case "login": login($username, $user_password, $redirect, $mode, $f, $t, $random_num, $gfx_check); break; case "edituser": edituser(); break; case "saveuser": saveuser($realname, $user_email, $femail, $user_website, $user_icq, $user_aim, $user_yim, $user_msnm, $user_from, $user_occ, $user_interests, $newsletter, $user_viewemail, $user_allow_viewonline, $user_notify, $user_notify_pm, $user_popup_pm, $user_attachsig, $user_allowbbcode, $user_allowhtml, $user_allowsmile, $user_timezone, $user_dateformat, $user_sig, $bio, $user_password, $vpass, $username, $user_id, $usertype, $gradyear, $company, $designation, $specialization, $Company_Address_1, $Company_Address_2, $Company_Address_CITY, $Company_Address_STATE, $Company_Address_COUNTRY, $Company_Address_ZIP, $Company_Address_MOBILE, $Company_Address_PHONE, $Company_Address_FAX, $Company_Address_EMAIL, $PERMANENT_Address_1, $PERMANENT_Address_2, $PERMANENT_Address_CITY, $PERMANENT_Address_STATE, $PERMANENT_Address_COUNTRY, $PERMANENT_Address_ZIP, $PERMANENT_Address_MOBILE, $PERMANENT_Address_PHONE, $PERMANENT_Address_FAX, $PERMANENT_Address_EMAIL, $dasf_member, $guest_lectures_ok, $guest_lectures_topics, $summer_projects_ok, $placements_ok, $financial_help_ok, $sex, $dob, $is_married); break; case "edithome": edithome(); break; case "chgtheme": chgtheme(); break; case "savehome": savehome($user_id, $username, $storynum, $ublockon, $ublock, $broadcast); break; case "savetheme": savetheme($user_id, $theme); break; case "avatarlist": avatarlist($avatarcategory);
function module_user_admin() { // adminpage, stop here if not logged in/right access-level if (!isValidAdmin()) { echo getString("not_valid_admin", "Administratorside, du mÃ¥ logge inn for Ã¥ fÃ¥ tilgang her"); return; } echo "<!-- start user admin -->"; $all_ok = true; global $menu_files; if (isset($_REQUEST['edituser'])) { if (isset($_REQUEST['savechanges'])) { if (!($password1 == $password2)) { $all_ok = false; $error_msg .= " Passwords don't match!"; } if ($all_ok) { $result = saveuser($_POST['username'], $_POST['password1'], $_POST['email'], $_POST['firstname'], $_POST['lastname'], $_POST['webpage'], $_POST['birthdate'], $_POST['description'], $_POST['admin'], $_POST['may_post']); } else { echo $error_msg; } if ($result) { echo "Changes saved. Jolly good."; global $logtype; write_log_entry($_POST['username'], $logtype['user'], "admin_useredit,"); } else { echo "No changes were made."; } } else { $query = "SELECT * FROM user WHERE username=\"" . $_POST['edituser'] . "\";"; $row = DB_search($query); form_start_post(); echo '<table class="default_table">'; echo '<tr><td>Brukernavn</td><td>'; echo $row['username']; echo '</td></tr>'; echo '<tr><td>E-post</td><td>'; form_textfield("email", stripslashes($row['email'])); echo ' (må ligne på en ordentlig adresse)</td></tr>'; echo '<tr><td>Fornavn</td><td>'; form_textfield("firstname", $row['firstname']); echo ' (det dine venner kaller deg)</td></tr>'; echo '<tr><td>Etternavn</td><td>'; form_textfield("lastname", stripslashes($row['lastname'])); echo ' (det du het i militæret)</td></tr>'; echo '<tr><td>Passord</td><td>'; form_password("password1", ""); echo ' (minst 6 tegn)</td></tr>'; echo '<tr><td>Gjenta passord</td><td>'; form_password("password2", ""); echo ' (helst likt det i feltet over)</td></tr>'; echo '<tr><td>Fødselsdato</td><td>'; form_select_number("birthday", 0, 0, $birthday); form_select_number("birthmonth", 0, 0, $birthmonth); form_select_number("birthyear", 0, 0, $birthyear); echo '</td></tr>'; echo '<tr><td>Webside</td><td>'; form_textfield("webpage", stripslashes($row['webpage'])); echo ' (gjerne en som fins)</td></tr>'; echo '<tr><td>Er administrator</td><td>'; form_textfield("admin", stripslashes($row['admin'])); echo ' (er brukeren admin?)</td></tr>'; echo '<tr><td>Kan skrive artikler</td><td>'; form_textfield("may_post", stripslashes($row['may_post'])); echo ' 0=nei, 1=ja</td></tr>'; echo '<tr><td>Eventuelt tilknyttet bildes fil-id:</td><td>'; echo $row['picture']; echo ' (fjernes via filadmin: ' . $menu_files . ')</td></tr>'; echo '<tr><td colspan=2>Ymse visvas<br/>'; form_textarea("description", stripslashes($row['description']), 30, 10); echo '<br/>(hvis det er noe mer vi bør vite om deg)<br/><br/></td></tr>'; echo '<tr><td colspan=2>'; form_submit("Button", "Lagre profilendringer"); echo '</td></tr>'; echo '<tr><td colspan=2>'; form_submit("canceledit", "Avbryt profilendring"); echo '</td></tr>'; form_hidden("username", $row['username']); form_hidden("savechanges", "savechanges"); form_hidden("edituser", "savechanges"); form_hidden("m_c", "module_user_admin"); echo '</table>'; form_end(); } } else { if ($_POST['deleteuser']) { if ($_POST['reallysure']) { $query = "DELETE FROM user WHERE username =\"" . $_POST['deleteuser'] . "\";"; $result = DB_update($query); if ($result == 1) { global $logtype; write_log_entry($_POST['username'], $logtype['user'], "admin_deleteduser,"); echo "Bruker " . $_POST['deleteuser'] . " er slettet."; } else { if ($result == 0) { echo "Kunne ikke slette brukeren - fins fyren?"; } else { if ($result > 1) { echo "Du har prestert å slette flere eksemplarer av denne brukeren :p"; } } } } else { echo "<div>Sikker på at du vil slette " . $_POST['deleteuser'] . "? <a href=\"index.php\">No, go back!</a></div>"; form_start_post(); form_hidden("m_c", "module_user_admin"); form_hidden("reallysure", "yes"); form_hidden("deleteuser", $_POST['deleteuser']); form_submit("submit", "Ja, slett!"); form_end(); } } else { $query = "SELECT * FROM user"; $result = DB_get_table($query); $num_users = DB_rows_affected($result); echo '<table class="default_table">'; for ($i = 0; $i < $num_users; $i++) { $row = DB_next_row($result); echo '<tr><td><b>Bruker</b></td><td><b>'; echo $row['username']; echo '</b></td></tr><tr><td>Fornavn</td><td>'; echo $row['firstname']; //echo '</td></tr><tr><td>Etternavn</td><td>'; //echo $row['lastname']; echo '</td></tr><tr><td>E-post</td><td>'; echo $row['email']; echo '</td></tr><tr><td>Fødselsdato</td><td>'; echo date_nor_sql($row['birthdate']); echo '</td></tr><tr><td>Admin?</td><td>'; if ($row['admin'] != "" && $row['admin'] != 0) { echo 'Ja (' . $row['admin'] . ')'; } else { echo 'Nei (' . $row['admin'] . ')'; } echo '</td></tr><tr><td>Kan poste?</td><td>'; if ($row['may_post'] != "" && $row['may_post'] != 0) { echo 'Ja (' . $row['may_post'] . ')'; } else { echo 'Nei (' . $row['may_post'] . ')'; } echo '</td></tr><tr><td>Tilknyttet bilde, fil-id</td><td>'; echo $row['picture']; echo '</td></tr><tr><td colspan=2>'; ?> <form action="index.php" method="post"> <input type="hidden" value="module_user_admin" name="m_c" /> <input type="submit" name="edit" value="Edit user" /> <input type="hidden" name="edituser" value=<?php echo $row['username']; ?> /> </form> <form action="index.php" method="post"> <input type="hidden" value="module_user_admin" name="m_c" /> <input type="submit" name="delete" value="Delete user" /> <input type="hidden" name="deleteuser" value=<?php echo $row['username']; ?> /> </form> <?php echo '</td></tr><tr><td colspan=2><hr/></td></tr>'; } echo '</table>'; } } }
require_once "{$filepath}/userinfo.php"; userinfo($_GET['username']); } elseif ($op == 'logout') { $pagetitle .= ' ' . _BC_DELIM . ' ' . _LOGOUT; $redir = isset($_GET['redirect']) ? $CPG_SESS['user']['uri'] : $mainindex; cpg_error(_YOUARELOGGEDOUT, _YOUARELOGGEDOUT, $redir); } elseif (is_user()) { if (isset($_POST['avatargallery']) || isset($_GET['avatargallery'])) { require_once "{$filepath}/avatars.php"; display_avatar_gallery($userinfo); } elseif (isset($_GET['edit'])) { require_once "{$filepath}/edit_profile.php"; edituser($userinfo); } elseif (isset($_POST['save'])) { require_once "{$filepath}/edit_profile.php"; saveuser($userinfo); } else { switch ($op) { case 'edithome': edithome(); break; case 'editcomm': editcomm(); break; case 'savehome': $db->sql_query('UPDATE ' . $user_prefix . '_users SET storynum=' . intval($_POST['storynum']) . ', ublockon=' . intval($_POST['ublockon']) . ', ublock=\'' . Fix_Quotes($_POST['ublock']) . '\' WHERE user_id=' . $userinfo['user_id']); $_SESSION['CPG_USER'] = false; unset($_SESSION['CPG_USER']); URL::redirect(URL::index()); break; case 'savecomm':