function browse_motd()
{
global $output, $action_permission, $sql;
valid_login($action_permission["insert"]);
$motds = $sql["mgr"]->query("SELECT * FROM motd ORDER BY Priority ASC");
$output .= '
<table class="lined center">
<tr>
<th style="width: 1%;">' . lang("global", "delete_short") . '</th>
<th style="width: 1%;">' . lang("global", "edit") . '</th>
<th style="width: 1%;">' . lang("motd", "enabled") . '</th>
<th style="width: 20%;">' . lang("motd", "message") . '</th>
<th style="width: 1%;">' . lang("motd", "target") . '</th>
<th style="width: 1%;">' . lang("motd", "min_sec_level") . '</th>
</tr>';
while ($motd = $sql["mgr"]->fetch_assoc($motds)) {
if ($motd["Target"] != 0) {
if ($core == 1) {
$un_query = "SELECT login FROM accounts WHERE acct=" . $motd["Target"];
} else {
$un_query = "SELECT username AS login FROM account WHERE id=" . $motd["Target"];
}
$un_result = $sql["logon"]->query($un_query);
$un = $sql["logon"]->fetch_assoc($un_result);
$un = $un["login"];
} else {
$un = "-";
}
$output .= '
<tr>
<td>
<a href="motd.php?action=delete_motd&id=' . $motd["ID"] . '&redirect=1"><img src="img/cross.png" alt="" /></a>
</td>
<td>
<a href="motd.php?action=edit_motd&id=' . $motd["ID"] . '&redirect=1"><img src="img/edit.png" alt="" /></a>
</td>
<td>
' . ($motd["Enabled"] ? '<img src="img/up.gif" alt="" />' : '<img src="img/down.gif" alt="" />') . '
</td>
<td>
' . bb2html($motd["Message"]) . '
</td>
<td>
' . $un . '
</td>
<td>
' . gmlevel_name($motd["Min_Sec_Level"]) . '
</td>
</tr>';
}
$output .= '
</table>
<br />';
makebutton(lang("motd", "add_motd"), 'motd.php?action=add_motd&error=4&redirect=1" type="def', 180);
$output .= '
<br />
<br />';
}
function Frontend($topic, $subtopic, $language, $filename, $QUERY_STRING)
{
global $db;
$this->setVars($topic, $subtopic, $language, $filename, $QUERY_STRING);
// content handle
$row_lastcontent = mysql_fetch_row($this->result_lastcontent);
$this->languageinfo_id = $row_lastcontent[0];
$this->content_id = $row_lastcontent[1];
$tmp = $this->info_id[content];
$result_content = $db->sql("SELECT value FROM languageinfo WHERE languageinfo_id='{$this->languageinfo_id}' AND language_id='{$this->lang_id}' AND info_id = '{$tmp}'");
$row_content = mysql_fetch_row($result_content);
$this->maincontent = bb2html($row_content[0]);
return true;
}
function HTMLize($no)
{
global $ddir, $ext, $kdir, $kext;
$log = file($ddir . $no . $ext);
list($fname, $femail, $fdate, $fcom, $fsub) = explode(",", $log[0]);
//親
$fcom = bb2html($fcom);
$kako = "<title>{$fsub}</title><body><dl><b><font size=+1 color=red>{$fsub}</font></b>";
$kako .= "<dt>1 <font color=\"forestgreen\"><b>{$fname}</b></font> [ {$fdate} ]<dt><dd>{$fcom}<br><br><br>";
for ($i = 2; $i < count($log) + 1; $i++) {
list($name, $email, $date, $com) = explode(",", $log[$i - 1]);
$com = bb2html($com);
$kako .= "<dt>{$i} <font color=forestgreen><b>{$name}</b></font> [ {$date} ]<dd>{$com}<br><br>";
}
$kako .= "</dl><hr size=1></body>";
$fp = fopen($kdir . $no . $kext, "w");
fputs($fp, $kako);
fclose($fp);
echo "<a href=\"{$kdir}{$no}{$kext}\"> {$fsub} </a>HTML化完了<br>";
}
</li><br>
<?php
print bb2html($row['post_content']);
?>
<?php
if ($row['post_lastedit_user'] && $row['post_lastedit_date']) {
$username = $db->query('select username from ' . $_CONF['dbprefix'] . 'users where user_id=' . getInt($row['post_lastedit_user']));
$db->freeResult();
$username = sanitizeHTML($username[0]['username']);
$lastdate = @date('d M Y, h:i:s a', getInt($row['post_lastedit_date']));
print '<br><br><span style="font-size: 10px">' . $_LANG['last_modify_by'] . ' <a href="' . BASEDIR . 'user/' . getInt($row['post_lastedit_user']) . '">' . $username . '</a> ' . '@ ' . $lastdate . '</span>';
}
if ($user[0]['user_signature']) {
print '<br><br><div class="signatureHead"></div><div class="signature">' . bb2html($user[0]['user_signature']) . '</div>';
}
?>
</td>
</tr>
<?php
}
?>
</table><br><br>
<?php
if ($numPosts >= 10) {
print '<center>';
for ($i = 1; $i <= (int) ($numPosts / 10) + 1; $i++) {
if ($i == $page) {
<?php
echo "by <a href=\"/\" onClick=\"load('about=", $row["user_id"], "', '#content'); return false;\">", $row["username"], "</a> on ", date("F jS Y", $date_created);
?>
<?php
if ($row["updated"]) {
?>
<?php
echo "<i>(updated ", date("F jS Y", $date_updated), ")</i>";
?>
<?php
}
?>
</div>
<div class="content">
<?php
echo bb2html($row["content"]);
?>
</div>
</div>
<?php
}
?>
<?php
$row = $result->fetch_assoc();
?>
<?php
if ($row && $i < 4) {
?>
<hr/>
<?php
}
function mail_send()
{
global $ir, $c, $userid, $h;
$sql = mysql_query("select max(userid) from users");
$result = mysql_result($sql, $users);
if ($_POST['userid'] > $result or $_POST['userid'] == 0) {
print "Oh no, you're trying to mail a ghost.<br /><br />\n<a href='mailbox.php'>Back</a>";
$h->endpage();
exit;
}
if ($userid == $_POST['userid']) {
print "Whats the point in mailing yourself ?<br /><br />\n<a href='mailbox.php'>Back</a>";
$h->endpage();
exit;
}
$subj = str_replace(array("\n"), array("<br />"), strip_tags($_POST['subject']));
$msg = bb2html($_POST['message']);
$codes = array(":)", ";)", ":o", ":D", ":s", ":(", ":red", ":clown", ":bashful", ":x", ":green", ":|", ";(", ":]", ":horny", ":cool");
$images = array("<img src=smilies/smiley1.gif>", "<img src=smilies/smiley2.gif>", "<img src=smilies/smiley3.gif>", "<img\n\nsrc=smilies/smiley4.gif>", "<img src=smilies/smiley5.gif>", "<img src=smilies/smiley6.gif>", "<img\n\nsrc=smilies/smiley7.gif>", "<img src=smilies/smiley8.gif>", "<img src=smilies/smiley9.gif>", "<img\n\nsrc=smilies/smiley10.gif>", "<img src=smilies/smiley11.gif>", "<img src=smilies/smiley12.gif>", "<img\n\nsrc=smilies/smiley13.gif>", "<img src=smilies/smiley14.gif>", "<img src=smilies/smiley15.gif>", "<img src=smilies/smiley16.gif>");
$newmsg = str_replace($codes, $images, $msg);
$to = (int) $_POST['userid'];
mysql_query("INSERT INTO mail VALUES ('',0,{$userid},{$to},unix_timestamp(),'{$subj}','{$newmsg}')", $c) or die(mysql_error());
mysql_query("UPDATE users SET new_mail=new_mail+1 WHERE userid={$to}") or die(mysql_error());
print "Message sent.<br /><br />\n<a href='mailbox.php'>Back</a>";
}
}
$uid = $userdata['userid'];
if (get_user_right($f_id) == 0) {
show_error('ln_error_10', $modul_name);
exit;
}
$topic_count = 1;
$last_post_id = 0;
$a_count = 0;
$result = $db->query("SELECT * FROM cc" . $n . "_forum_posts where si_forum_id = '" . $f_id . "' and si_topic_id='" . $ft_id . "' ORDER BY si_post_time ASC");
while ($row = $db->fetch_array($result)) {
$post_name_t = $row['si_poster_name'];
$post_new_id = $row['si_post_id'];
$post_id_t = $row['si_poster_id'];
$post_name = generate_userlink($post_id_t, $post_name_t);
$post_text = bb2html($row['si_post_text']);
$post_date_t = $row['si_post_time'];
$post_date = date("d.m.Y, H:i", $post_date_t);
if ($last_post_id < $post_new_id) {
$last_post_id = $post_new_id;
}
if ($post_id_t == $userdata['userid']) {
$post_edit_pic = "<a href=\"forum.php?action=edit&ft_id={$ft_id}&f_id={$f_id}&fp_id={$post_new_id}\"><img src=\"" . LITO_IMG_PATH_URL . $modul_name . "/edit.png\" title=\"Bearbeiten\" alt=\"Bearbeiten\" border=\"0\"></a>";
} else {
$post_edit_pic = "";
}
// l�schen
$ali_admin = $userdata['isadmin'];
if ($post_id_t == $userdata['userid'] || $ali_admin == 1) {
$post_del_pic = "<a href=\"forum.php?action=delete&ft_id={$ft_id}&f_id={$f_id}&fp_id={$post_new_id}\"><img src=\"" . LITO_IMG_PATH_URL . $modul_name . "/del.png\" title=\"L�schen\" alt=\"L�schen\" border=\"0\"></a>";
} else {
print " node-unpublished";
}
?>
">
<?php
if ($page == 0) {
?>
<?php
print $picture;
?>
<h1 class="title"><a href="<?php
print $node_url;
?>
"><?php
print bb2html($title);
?>
</a></h1>
<?php
}
?>
<?php
if ($links) {
?>
<div class="links">
<?php
$totalComments = $node->comment_count;
if ($totalComments == 1) {
$commentText = "comment";
}
}
/* end function bb2html()
*/
/*
create_mail
a callback function for the email tag */
function create_mail($matches)
{
$removers = array('"', '\\');
// in case they add quotes
$mail = str_replace($removers, '', $matches[1]);
$mail = str_replace(' ', '%20', bbmashed_mail($mail));
return '<a title="mail me!" href="' . $mail . '">' . $matches[2] . '</a>';
}
/*
create *my* email
a callback function for the mmail tag */
function create_mmail($matches)
{
global $emailaddress;
$removers = array('"', '\\');
// in case they add quotes
$mashed_address = str_replace($removers, '', $matches[1]);
$mashed_address = bbmashed_mail($emailaddress . '?subject=' . $mashed_address);
$mashed_address = str_replace(' ', '%20', $mashed_address);
// hmmm
return '<a class="cb-mail" title="mail me!" href="' . $mashed_address . '\\">' . $matches[2] . '<!--mail--></a>';
}
echo bb2html(file_get_contents("/dev/stdin"));
}
$db->query("INSERT INTO cc" . $n . "_messages (username,fromuserid,touserid,text,time,isnew,inbox,subject,pri) VALUES ('" . $userdata['username'] . "','" . $userdata['userid'] . "','" . $userid_c . "','" . mysql_real_escape_string($text) . "','" . time() . "','1','1','" . mysql_real_escape_string($subject) . "','" . $pri . "')");
}
header("LOCATION: message.php");
exit;
}
if ($action == "lookup") {
$pmid = intval($_GET['pmid']);
$result = $db->query("SELECT * FROM cc" . $n . "_messages WHERE touserid='" . $userdata['userid'] . "' AND pmid='{$pmid}'");
$row = $db->fetch_array($result);
if ($row['pmid'] != $pmid) {
show_error('ln_message_e_notfound', $modul_name);
exit;
}
$db->query("UPDATE cc" . $n . "_messages SET isnew='0' WHERE pmid='{$pmid}' AND touserid='" . $userdata['userid'] . "' AND isnew='1'");
$text = bb2html($row['text']);
$row['subject'] = c_trim($row['subject']);
$time = date("d.m.Y, H:i", $row['time']);
$M_USER_ID = $row['fromuserid'];
$M_USER_NAME = $row['username'];
if ($op_use_badwords == 1) {
$result_bad = $db->query("select badword from cc" . $n . "_badwords where in_mail ='1'");
while ($row_bad = $db->fetch_array($result_bad)) {
$text = str_replace($row_bad['badword'], "**ZENSIERT**", $text);
}
}
$tpl->assign('M_USER_ID', $M_USER_ID);
$tpl->assign('M_USER_NAME', $M_USER_NAME);
$tpl->assign('M_SUBJECT', $row['subject']);
$tpl->assign('M_TEXT', $text);
$tpl->assign('M_ID', $row['pmid']);
print $mission;
?>
</div>
<?php
}
?>
<?php
if ($tabs) {
print '<div id="tabs-wrapper" class="clear-block">';
}
?>
<?php
if ($title) {
print '
<h1' . ($tabs ? ' class="with-tabs title"' : '') . '>' . bb2html($title) . '</h1>
';
}
?>
<?php
if ($tabs) {
print '<ul class="tabs primary">' . $tabs . '</ul></div>';
}
?>
<?php
if ($tabs2) {
print '<ul class="tabs secondary">' . $tabs2 . '</ul>';
}
?>
<?php
/**
* Fetches the objects given in $result
* @param $result
* @return array
*/
function parseObjects($result, $username = null)
{
global $db;
$objects = array();
while ($row = $db->fetchAssoc($result)) {
$row['description'] = bb2html(nl2br(str_replace("\\n", "\n", $row['description'])));
//Fetch latest bid
$bidResult = $db->buildQuery("SELECT TOP 1 * FROM bids WHERE objectid=%d ORDER BY bidvalue DESC", $row['id']);
if ($db->getHasRows($bidResult)) {
$res = $db->fetchAssoc($bidResult);
$row['currentBid'] = $res['bidvalue'];
$row['currentBidName'] = $res['username'];
} else {
$row['currentBid'] = $row['start_bid'];
}
$imageResult = $db->buildQuery("SELECT TOP 1 filename FROM files WHERE objectid=%d", $row['id']);
if ($db->getHasRows($imageResult)) {
if ($row['city'] == 'batch') {
$row['image'] = "http://iproject2.icasites.nl/pics/" . $db->fetchAssoc($imageResult)['filename'];
} else {
$row['image'] = baseurl("upload/" . $db->fetchAssoc($imageResult)['filename']);
}
} else {
$row['image'] = "https://placehold.it/150x110";
}
if ($username != null) {
$ownBidResult = $db->buildQuery("SELECT TOP 1 bidvalue FROM bids WHERE username =%s AND objectid=%d ORDER BY bidvalue DESC", $username, $row['id']);
$row['ownBid'] = $db->fetchAssoc($ownBidResult)['bidvalue'];
}
$row['timeRemaining'] = $row['end_moment']->getTimeStamp() - time();
$objects[] = $row;
}
return $objects;
}
// keep html indent in sync, so debuging from browser source would be easy to read
$output .= '
<div class="bubble">
<!-- start of error.php -->
<div class="center_text">
<br />
<table id="error_message_table" class="flat center">
<tr>
<td align="center">
<h1>
<span class="error">
<img src="img/warn_red.gif" width="48" height="48" alt="error" />
<br />' . lang("error", "error") . '!
</span>
</h1>
<br />' . bb2html($err) . '<br />
</td>
</tr>
</table>
<br />
<table id="error_buttons" class="hidden center">
<tr>
<td align="center">';
makebutton(lang("global", "home"), 'index.php', 130);
makebutton(lang("global", "back"), 'javascript:window.history.back()', 130);
unset($err);
$output .= '
</td>
</tr>
</table>
<br />
header("LOCATION: alliance.php?action=change_forum");
exit;
}
if ($action == "get_info") {
$id = intval($_GET['id']);
if (!$id) {
show_error('ln_allianz_e_4', $modul_name);
exit;
}
$result = $db->query("SELECT * FROM cc" . $n . "_allianz WHERE aid='{$id}'");
$row = $db->fetch_array($result);
$banner = trim($row['imageurl']);
if ($banner == "") {
$banner = LITO_IMG_PATH_URL . $modul_name . "/no_ali_banner.png";
}
$description = bb2html($row['text_long']);
$ibit = "";
$result = $db->query("SELECT userid,username,is_ali_admin,status FROM cc" . $n . "_users WHERE allianzid='{$id}' ORDER BY is_ali_admin DESC");
while ($i = $db->fetch_array($result)) {
$ibit .= generate_messagelink_smal($i[username]) . " " . generate_userlink($i[userid], $i[username]);
if ($i['is_ali_admin'] == 1) {
$ibit .= " (Leiter)";
}
$ibit .= " {$img}<br>";
}
$is_in_ali = 0;
if (intval($userdata['allianzid']) > 0) {
$is_in_ali = 1;
}
$tpl->assign('is_in_ali', $is_in_ali);
$tpl->assign('banner', $banner);
die;
}
$db->query('delete from ' . $_CONF['dbprefix'] . 'privmsgs where privmsg_id=' . getInt($_GET['msg_id']) . ' ' . 'and privmsg_to=' . getInt($userinfo['user_id']));
require_once ABSOLUTE_BASEPATH . '/header.' . PHPEXT;
notification($_LANG['delete_privmsg_ok'], $_SERVER['HTTP_REFERER'], 3);
die;
}
$db = new nullBB_Database($_CONF, $_LANG);
$res = $db->query('select * from ' . $_CONF['dbprefix'] . 'privmsgs ' . "where privmsg_id=" . getInt($_GET['msg_id']) . " and privmsg_to=" . getInt($userinfo['user_id']));
$db->freeResult();
if (empty($res)) {
print $_LANG['privmsg_not_found'];
die;
}
$res = $res[0];
if ($res['privmsg_seen'] == false) {
$db->query('update ' . $_CONF['dbprefix'] . 'privmsgs set privmsg_seen=1 ' . 'where privmsg_id=' . getInt($_GET['msg_id']) . ' and privmsg_to=' . getInt($userinfo['user_id']));
}
$from = $db->query('select username from ' . $_CONF['dbprefix'] . 'users where user_id=' . getInt($res['privmsg_from']));
$db->freeResult();
$from = sanitizeHTML($from[0]['username']);
$to = sanitizeHTML($userinfo['username']);
$content = bb2html($res['privmsg_content']);
print '<li class="privmsgHead">' . $_LANG['from'] . ': ' . '<a href="' . BASEDIR . 'user/' . getInt($res['privmsg_from']) . '">' . $from . "</a></li>\n";
print '<li class="privmsgHead">' . $_LANG['to'] . ': ' . '<a href="' . BASEDIR . 'user/' . getInt($res['privmsg_to']) . '">' . $to . "</a></li><br>\n";
print '<div class="privmsgContent">' . $content . "</div><br>\n";
unset($res);
$db->close();
?>
</div>
<!-- end #header --></div>
<?php
include "sidebar.php";
?>
<div id="mainContent">
<h1 class="mainh1"> <?php
if (isset($_GET['snip'])) {
echo $_GET['snip'];
}
?>
</h1>
<p><?php
echo bb2html($row_Snippet['description']);
?>
</p>
<div class="code" id="code">
<?php
$geshi = new GeSHi($row_Snippet['code'], 'lua');
$geshi->enable_classes();
$geshi->set_header_type(GESHI_HEADER_PRE);
$geshi->enable_line_numbers(GESHI_NORMAL_LINE_NUMBERS);
echo $geshi->parse_code();
?>
</div>
<img src="/lovesnips/image/pencil.png" /><?php
echo $row_Snippet['contributor'];
?>
<br />
}
list($name, $email, $date, $com) = explode(",", $log[$i - 1]);
if ($taborn > 1 && $date == $aborn) {
$show = false;
}
if ($taborn > 0 && $date == $aborn && trim($com) == $aborn) {
$show = false;
}
if (isset($_GET['ua']) && $_GET['ua'] == 'i' && function_exists("mb_convert_encoding")) {
$name = mb_convert_encoding($name, "SJIS", "UTF-8");
$com = mb_convert_encoding($com, "SJIS", "UTF-8");
$email = mb_convert_encoding($email, "SJIS", "UTF-8");
$date = mb_convert_encoding($date, "SJIS", "UTF-8");
$sub = mb_convert_encoding($sub, "SJIS", "UTF-8");
}
$com = bb2html($com);
$r = compact('name', 'email', 'date', 'com', 'show');
$r['num'] = $i;
$arg['res'][] = $r;
}
$arg['num'] = $i;
$arg['read_def'] = $read_def;
// 改ページ処理
if ($line > 1 && $i < $line) {
$arg['next'] = $i + $read_def;
}
if ($st > 2) {
$arg['prev_st'] = $i - $read_def - $read_def;
if ($arg['prev_st'] < 0) {
$arg['prev_st'] = "";
}
}
// Process the new post form
if (isset($_POST["new_post"]) && isset($_POST["title"]) && isset($_POST["content"]) && isset($_SESSION["logged_in"]) && $_SESSION["edit"]) {
// Create the new post
$post_id = uniqid();
$_SERVER["mysqli"]->query("INSERT INTO posts SET post_id = '{$post_id}', user_id = '{$_SESSION["user_id"]}', date_created = CURRENT_TIMESTAMP, title = '{$_POST["title"]}', content = '{$_POST["content"]}'");
// Get the post
$result = $_SERVER["mysqli"]->query("SELECT * FROM posts INNER JOIN users ON posts.user_id = users.user_id WHERE posts.post_id = '{$post_id}'");
$row = $result->fetch_assoc();
$date_created = strtotime($row["date_created"]);
// Create the new post email
$headers = "From: {$_SERVER["site"]["title"]} <do-not-reply@{$_SERVER["site"]["domain"]}>\r\nMIME-Version: 1.0\r\nContent-type: text/html; charset=utf-8\r\n";
$subject = $row["title"];
$date_created = date("F jS Y", $date_created);
// Convert BB formatting to HTML formatting
$row["content"] = bb2html($row["content"]);
$body = "<html>\n <head>\n <title>{$_SERVER["site"]["title"]} - {$_SERVER["site"]["description"]}</title>\n </head>\n <body style=\"background-color: {$_SERVER["style"]["background_color"]}; color: {$_SERVER["style"]["font_color"]}; font-family: Tahoma, Sans-serif; font-size: 0.75em; padding-top: 20px; padding-bottom: 20px; text-align: center;\">\n <div style=\"background-color: {$_SERVER["style"]["foreground_color"]}; margin: auto; width: 80%; text-align: left; word-wrap: break-word;\">\n <div style=\"padding: 10px;\">\n <div style=\"font-size: 1.2em; font-weight: bold; margin-bottom: 2px;\">\n {$row["title"]}\n </div>\n <div>\n by <a style=\"color: {$_SERVER["style"]["link_color"]};\" href=\"{$_SERVER["site"]["url"]}#about={$_SESSION["user_id"]}\">{$row["username"]}</a> on {$date_created}\n </div>\n <div style=\"margin-top: 10px;\">\n {$row["content"]}\n </div>\n </div>\n </div>\n </body>\n</html>";
// Send the email to subscribed users
$result = $_SERVER["mysqli"]->query("SELECT * FROM users WHERE subscribe = 1");
while ($row = $result->fetch_assoc()) {
mail($row["email"], $subject, $body, $headers);
}
exit("0");
}
// Generate RSS feeds
if (isset($_GET["rss"])) {
// Set the content type to RSS
header("Content-Type: application/rss+xml; charset=utf-8");
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<rss version=\"2.0\" xmlns:atom=\"http://www.w3.org/2005/Atom\">\n <channel>\n";
// Get the site publication date
$pub_date = filemtime($_SERVER["DOCUMENT_ROOT"] . $_SERVER["PHP_SELF"]);
function thread($id)
{
global $arg, $id, $ddir, $ext;
if (!file_exists($ddir . $id . $ext)) {
error("Thread Not Found !!");
}
$lines = file($ddir . $id . $ext);
$size = count($lines);
list(, , , $des, $title) = explode(",", $lines[0]);
$lines = array_reverse($lines);
$ch_title = trim($title);
$ch_link = FULL_PATH . "read.php/" . $id . "/l50";
$ch_desc = strip_tags(bb2html($des));
$rss .= <<<RSS_HEAD
<?xml version="1.0" encoding="UTF-8" ?>
<?xml-stylesheet href="rss2.xsl" type="text/xsl" media="screen"?>
<rss version="2.0">
<channel>
<title>{$ch_title}</title>
<link>{$ch_link}</link>
<description>{$ch_desc}</description>
<language>ja</language>
RSS_HEAD;
for ($i = 0; $i < _RSS_MAX_; $i++) {
if ($lines[$i] == "") {
break;
}
list($name, $email, $date, $com) = explode(",", $lines[$i]);
$com = bb2html($com);
$com = strip_tags($com);
$name = strip_tags($name);
$no = $size - $i;
if ($date != $abone && $date != $st_date) {
$pos = strpos($date, "ID:");
if ($pos !== false) {
$date = substr($date, 0, $pos);
}
if (version_compare("5.0.0", PHP_VERSION) < 1) {
$date = preg_replace('/\\(.*\\)/', '', $date);
}
$date = strtotime(trim($date));
$pubdate = date("r", $date);
} else {
$pubdate = date("r");
}
$title = $name;
$link = FULL_PATH . "read.php/" . $id . "/" . $no . "n";
$desc = $com;
$rss .= <<<ITEM
<item>
\t<title>{$title}</title>
\t<link>{$link}</link>
\t<description>{$desc}</description>
\t<pubDate>{$pubdate}</pubDate>
</item>
ITEM;
}
$rss .= <<<RSS_FOOT
</channel>
</rss>
RSS_FOOT;
header('Content-Type: text/xml; charset=utf-8');
echo $rss;
// print(mb_convert_encoding($rss, "UTF-8", "SJIS"));
}
function del()
{
extract($GLOBALS);
$log_file = $ddir . $key . $ext;
$cgi_file = $ddir . $key . $ext_cgi;
$log = @file($log_file);
//ログを配列にぶちこむ
$log_cgi = @file($cgi_file);
if (!$log) {
d_error("スレッドが無いよう");
}
$line = sizeof($log);
//ログの行数
$del_no -= 1;
if ($log[$del_no] == "") {
d_error("そんな記事ないよ(´・ω・`)");
}
if ($line != count($log_cgi)) {
d_error("DEBUG:ログの行数は不一致です。");
}
list($dname, $demail, $dnow, $dcom, ) = explode(",", $log[$del_no]);
list(, , , , , , $pass) = explode(",", $log_cgi[$del_no]);
if ($delpwd != $ad_pass) {
if (trim($pass) == "") {
d_error("パスワードがありません。");
}
if ($pass != substr(md5($delpwd), 2, 8)) {
d_error("パスワードが違うみたい。。。");
}
}
$log[$del_no] = "{$aborn},,{$aborn},[i]この記事は投稿者によって削除されました[/i],\n";
if (!is_writable($log_file)) {
d_error("削除できない。。。");
}
$re = @fopen($log_file, "w") or d_error("削除できない。。。");
flock($re, 2);
reset($log);
fputs($re, implode('', $log));
fclose($re);
$com = bb2html($com);
include_once "index.inc";
head();
?>
<p>以下の記事を削除しました。たぶん。</p>
<table>
<tr><td>名前</td><td><?php
echo $dname;
?>
</td></tr>
<tr><td>日付</td><td><?php
echo $ddate;
?>
</td></tr>
<tr><td>記事</td><td><?php
echo $dcom;
?>
</td></tr>
</table>
<p><b><a href="<?php
echo $dir_path;
?>
index.html">掲示板に戻る</a></b></p>
<?php
foot();
}
function forum_view_topic()
{
global $enablesidecheck, $forum_skeleton, $maxqueries, $user_lvl, $user_id, $output, $realm_db, $characters_db, $realm_id, $corem_db, $logon_db, $corem_db, $sql, $core;
if ($enablesidecheck) {
$side = get_side();
}
// Better to use it here instead of call it many time in the loop :)
if (isset($_GET["id"])) {
$id = $sql["mgr"]->quote_smart($_GET["id"]);
$post = false;
} else {
if (isset($_GET["postid"])) {
$id = $sql["mgr"]->quote_smart($_GET["postid"]);
$post = true;
} else {
error(lang("forum", "no_such_topic"));
}
}
if (!isset($_GET["page"])) {
$page = 0;
} else {
$page = $sql["mgr"]->quote_smart($_GET["page"]);
}
// Fok you mathafoker haxorz
$start = $maxqueries * $page;
if (!$post) {
$posts = $sql["mgr"]->query("SELECT id, authorid, authorname, forum, name, text, time, announced, sticked, closed FROM forum_posts WHERE topic='" . $id . "' ORDER BY id ASC LIMIT " . $start . ", " . $maxqueries . ";");
// Thx qsa for the query structure
if ($core == 1) {
$query = "SELECT acct, name, gender, race, class, level,\r\n (SELECT gm FROM `" . $logon_db["name"] . "`.accounts WHERE `" . $logon_db["name"] . "`.accounts.acct=`" . $characters_db[$realm_id]['name'] . "`.characters.acct) AS gmlevel,\r\n (SELECT login FROM `" . $logon_db["name"] . "`.accounts WHERE `" . $logon_db["name"] . "`.accounts.acct=`" . $characters_db[$realm_id]['name'] . "`.characters.acct) AS login\r\n FROM `" . $characters_db[$realm_id]['name'] . "`.characters\r\n WHERE level IN (SELECT MAX(level) FROM `" . $characters_db[$realm_id]['name'] . "`.characters WHERE acct IN (";
} elseif ($core == 2) {
$query = "SELECT account AS acct, name, gender, race, class, level,\r\n (SELECT gmlevel FROM `" . $logon_db["name"] . "`.account WHERE `" . $logon_db["name"] . "`.account.id=`" . $characters_db[$realm_id]['name'] . "`.characters.account) AS gmlevel,\r\n (SELECT username FROM `" . $logon_db["name"] . "`.account WHERE `" . $logon_db["name"] . "`.account.id=`" . $characters_db[$realm_id]['name'] . "`.characters.account) AS login\r\n FROM `" . $characters_db[$realm_id]['name'] . "`.characters\r\n WHERE level IN (SELECT MAX(level) FROM `" . $characters_db[$realm_id]['name'] . "`.characters WHERE account IN (";
} elseif ($core == 3) {
$query = "SELECT account AS acct, name, gender, race, class, level,\r\n (SELECT gmlevel FROM `" . $logon_db["name"] . "`.account_access WHERE `" . $logon_db["name"] . "`.account_access.id=`" . $characters_db[$realm_id]['name'] . "`.characters.account) AS gmlevel,\r\n (SELECT username FROM `" . $logon_db["name"] . "`.account WHERE `" . $logon_db["name"] . "`.account.id=`" . $characters_db[$realm_id]['name'] . "`.characters.account) AS login\r\n FROM `" . $characters_db[$realm_id]['name'] . "`.characters\r\n WHERE level IN (SELECT MAX(level) FROM `" . $characters_db[$realm_id]['name'] . "`.characters WHERE account IN (";
}
while ($post = $sql["mgr"]->fetch_row($posts)) {
$query .= $post[1] . ",";
}
mysql_data_seek($posts, 0);
if ($core == 1) {
$query .= "0) GROUP BY acct);";
} else {
$query .= "0) GROUP BY account);";
}
$results = $sql["mgr"]->query($query);
while ($avatar = $sql["mgr"]->fetch_row($results)) {
// get the post's author's prefered avatar
$avatar_query = "SELECT Avatar, SecurityLevel,\r\n SUBSTRING_INDEX(SUBSTRING_INDEX(Avatar, ' ', 1), ' ', -1) AS sex,\r\n SUBSTRING_INDEX(SUBSTRING_INDEX(Avatar, ' ', 2), ' ', -1) AS race,\r\n SUBSTRING_INDEX(SUBSTRING_INDEX(Avatar, ' ', 3), ' ', -1) AS class,\r\n SUBSTRING_INDEX(SUBSTRING_INDEX(Avatar, ' ', 4), ' ', -1) AS level\r\n FROM config_accounts WHERE Login='******'";
$avatar_result = $sql["mgr"]->query($avatar_query);
$avatar_fields = $sql["mgr"]->fetch_assoc($avatar_result);
if ($avatar_fields["Avatar"] == '') {
// if the user doesn't have a prefered avatar we go with the generated one
$avatars[$avatar[0]]["name"] = $avatar[7];
$avatars[$avatar[0]]["sex"] = $avatar[2];
$avatars[$avatar[0]]["race"] = $avatar[3];
$avatars[$avatar[0]]["class"] = $avatar[4];
$avatars[$avatar[0]]["level"] = $avatar[5];
$avatars[$avatar[0]]["gm"] = $avatar_fields["SecurityLevel"];
} else {
// otherwise we use the prefered one
$avatars[$avatar[0]]["name"] = $avatar[7];
$avatars[$avatar[0]]["sex"] = $avatar_fields["sex"];
$avatars[$avatar[0]]["race"] = $avatar_fields["race"];
$avatars[$avatar[0]]["class"] = $avatar_fields["class"];
$avatars[$avatar[0]]["level"] = $avatar_fields["level"];
$avatars[$avatar[0]]["gm"] = $avatar_fields["SecurityLevel"];
}
}
$replies = $sql["mgr"]->num_rows($posts);
if ($replies == 0) {
error(lang("forum", "no_such_topic"));
}
$post = $sql["mgr"]->fetch_row($posts);
$fid = $post[3];
$cat = 0;
foreach ($forum_skeleton as $cid => $category) {
foreach ($category["forums"] as $fid_ => $forum) {
if ($fid_ == $fid) {
$cat = $cid;
}
}
}
if (empty($forum_skeleton[$cat]["forums"][$fid])) {
error(lang("forum", "no_such_forum"));
}
$forum = $forum_skeleton[$cat]["forums"][$fid];
if ($forum_skeleton[$cat]["level_read"] > $user_lvl || $forum["level_read"] > $user_lvl) {
error(lang("forum", "no_access"));
}
if ($user_lvl == 0 && $enablesidecheck) {
if ($forum_skeleton[$cat]["side_access"] != "ALL") {
// Not an all side forum
if ($side == "NO") {
// No char
continue;
} elseif ($forum_skeleton[$cat]["side_access"] != $side) {
// Forumside different of the user side
continue;
}
}
if ($forum["side_access"] != "ALL") {
// Not an all side forum
if ($side == "NO") {
// No char
continue;
} elseif ($forum["side_access"] != $side) {
// Forumside different of the user side
continue;
}
}
}
$post[4] = htmlspecialchars($post[4]);
// get our user's signature
if ($core == 1) {
$sig_user_query = "SELECT login FROM `" . $logon_db["name"] . "`.accounts WHERE acct='" . $post[1] . "'";
} else {
$sig_user_query = "SELECT username AS login FROM `" . $logon_db["name"] . "`.account WHERE id='" . $post[1] . "'";
}
$sig_query = "SELECT Signature FROM config_accounts WHERE Login=(" . $sig_user_query . ")";
$sig_result = $sql["mgr"]->query($sig_query);
$sig_fields = $sql["mgr"]->fetch_assoc($sig_result);
// append the signature to the post
if (!($sig_fields["Signature"] == '' || $sig_fields["Signature"] == NULL)) {
$post[5] .= "\n\n" . $sig_fields["Signature"];
}
$post[5] = bb2html($post[5]);
$output .= '
<div class="top">
<h1>' . lang("forum", "forums") . '</h1>' . lang("forum", "you_are_here") . ': <a href="forum.php">' . lang("forum", "forum_index") . '</a> -> <a href="forum.php?action=view_forum&id=' . $fid . '">' . $forum["name"] . '</a> -> <a href="forum.php?action=view_topic&id=' . $id . '">' . $post[4] . '</a>
</div>
<table class="lined">
<tr>
<td id="forum_topic_header_info">' . lang("forum", "info") . '</td>
<td id="forum_topic_header_text">' . lang("forum", "text") . '</td>
<td id="forum_topic_header_misc">';
if ($user_lvl > 0) {
if ($post[8] == "1") {
if ($post[7] == "1") {
// Announcement
$output .= lang("forum", "announcement") . '
<a href="forum.php?action=edit_announce&id=' . $post[0] . '&state=0">
<img src="img/forums/down.gif" border="0" alt="' . lang("forum", "down") . '" />
</a>';
} else {
// Sticky
$output .= lang("forum", "sticky") . '
<a href="forum.php?action=edit_stick&id=' . $post[0] . '&state=0">
<img src="img/forums/down.gif" border="0" alt="' . lang("forum", "down") . '" />
</a>
<a href="forum.php?action=edit_announce&id=' . $post[0] . '&state=1">
<img src="img/forums/up.gif" border="0" alt="' . lang("forum", "up") . '" />
</a>';
}
} else {
if ($post[7] == "1") {
// Announcement
$output .= lang("forum", "announcement") . '
<a href="forum.php?action=edit_announce&id=' . $post[0] . '&state=0">
<img src="img/forums/down.gif" border="0" alt="' . lang("forum", "down") . '" />
</a>';
} else {
// Normal Topic
$output .= lang("forum", "normal") . '
<a href="forum.php?action=edit_stick&id=' . $post[0] . '&state=1">
<img src="img/forums/up.gif" border="0" alt="' . lang("forum", "up") . '" />
</a>';
}
}
if ($post[9] == "1") {
$output .= '
<a href="forum.php?action=edit_close&id=' . $post[0] . '&state=0">
<img src="img/forums/lock.gif" border="0" alt="' . lang("forum", "open") . '" />
</a>';
} else {
$output .= '
<a href="forum.php?action=edit_close&id=' . $post[0] . '&state=1">
<img src="img/forums/unlock.gif" border="0" alt="' . lang("forum", "close") . '" />
</a>';
}
$output .= '
<a href="forum.php?action=move_topic&id=' . $post[0] . '">
<img src="img/forums/move.gif" border="0" alt="' . lang("forum", "move") . '" />
</a>';
}
if (isset($avatars[$post[1]])) {
$avatar = gen_avatar_panel($avatars[$post[1]]["level"], $avatars[$post[1]]["sex"], $avatars[$post[1]]["race"], $avatars[$post[1]]["class"], $avatars[$post[1]]["gm"] ? 0 : 1, $avatars[$post[1]]["gm"]);
} else {
$avatar = "";
}
$output .= '
</td>
</tr>
<tr>
<td id="forum_topic_avatar">
<div>' . $avatar . '</div>' . lang("forum", "author") . ': ';
if ($user_lvl > 0) {
$output .= '
<a href="user.php?action=edit_user&error=11&acct=' . $post[1] . '">';
}
// Use screen name if available
// we have to get the actual login name first here
if ($core == 1) {
$un_query = "SELECT * FROM accounts WHERE acct='" . $post[1]["name"] . "'";
} else {
$un_query = "SELECT * FROM account WHERE id='" . $post[1]["name"] . "'";
}
$un_results = $sql["logon"]->query($un_query);
$un = $sql["logon"]->fetch_assoc($un_results);
$sn_query = "SELECT * FROM config_accounts WHERE Login='******'";
$sn_result = $sql["mgr"]->query($sn_query);
if ($sql["mgr"]->num_rows($sn_result)) {
$sn = $sql["mgr"]->fetch_assoc($sn_result);
$post[1]["name"] = $sn["ScreenName"];
$post[2] = $sn["ScreenName"];
}
if (isset($avatars[$post[1]])) {
$output .= $avatars[$post[1]]["name"];
} else {
$output .= $post[2];
}
if ($user_lvl > 0) {
$output .= '
</a>';
}
$output .= '
<br /> ' . lang("forum", "at") . ': ' . $post[6] . '
</td>
<td colspan="2" id="forum_topic_text">' . $post[5] . '
<br />
<div id="forum_topic_controls">';
if ($user_lvl > 0 || $user_id == $post[1]) {
$output .= '
<a href="forum.php?action=edit_post&id=' . $post[0] . '">
<img src="img/forums/edit.gif" border="0" alt="' . lang("forum", "edit") . '" />
</a>
<a href="forum.php?action=delete_post&id=' . $post[0] . '">
<img src="img/forums/delete.gif" border="0" alt="' . lang("forum", "delete") . '" />
</a>';
}
$output .= '
</div>
</td>
</tr>';
$closed = $post[9];
while ($post = $sql["mgr"]->fetch_row($posts)) {
// get our user's signature
if ($core == 1) {
$sig_user_query = "SELECT login FROM `" . $logon_db["name"] . "`.accounts WHERE acct='" . $post[1] . "'";
} else {
$sig_user_query = "SELECT username AS login FROM `" . $logon_db["name"] . "`.account WHERE id='" . $post[1] . "'";
}
$sig_query = "SELECT Signature FROM config_accounts WHERE Login=(" . $sig_user_query . ")";
$sig_result = $sql["mgr"]->query($sig_query);
$sig_fields = $sql["mgr"]->fetch_assoc($sig_result);
// append the signature to the post
if (!($sig_fields["Signature"] == '' || $sig_fields["Signature"] == NULL)) {
$post[5] .= "\n\n" . $sig_fields["Signature"];
}
$post[5] = bb2html($post[5]);
if (isset($avatars[$post[1]])) {
$avatar = gen_avatar_panel($avatars[$post[1]]["level"], $avatars[$post[1]]["sex"], $avatars[$post[1]]["race"], $avatars[$post[1]]["class"], $avatars[$post[1]]["gm"] ? 0 : 1, $avatars[$post[1]]["gm"]);
} else {
$avatar = "";
}
$output .= '
<tr>
<td id="forum_topic_reply_avatar">
<div class="center">' . $avatar . '</div>' . lang("forum", "author") . ': ';
if ($user_lvl > 0) {
$output .= '
<a href="user.php?action=edit_user&error=11&acct=' . $post[1] . '">';
}
// Use screen name if available
// we have to get the actual login name first here
if ($core == 1) {
$un_query = "SELECT * FROM accounts WHERE acct='" . $post[1]["name"] . "'";
} else {
$un_query = "SELECT * FROM account WHERE id='" . $post[1]["name"] . "'";
}
$un_results = $sql["logon"]->query($un_query);
$un = $sql["logon"]->fetch_assoc($un_results);
$sn_query = "SELECT * FROM config_accounts WHERE Login='******'";
$sn_result = $sql["mgr"]->query($sn_query);
if ($sql["mgr"]->num_rows($sn_result)) {
$sn = $sql["mgr"]->fetch_assoc($sn_result);
$post[1]["name"] = $sn["ScreenName"];
$post[2] = $sn["ScreenName"];
}
if (isset($avatars[$post[1]])) {
$output .= $avatars[$post[1]]["name"];
} else {
$output .= $post[2];
}
if ($user_lvl > 0) {
$output .= '
</a>';
}
$output .= '
<br /> ' . lang("forum", "at") . ': ' . $post[6] . '
</td>
<td colspan="2" id="forum_topic_reply_text">' . $post[5] . '
<br />';
if ($user_lvl > 0 || $user_id == $post[1]) {
$output .= '
<div id="forum_topic_reply_controls">
<a href="forum.php?action=edit_post&id=' . $post[0] . '">
<img src="img/forums/edit.gif" border="0" alt="' . lang("forum", "edit") . '" />
</a>
<a href="forum.php?action=delete_post&id=' . $post[0] . '">
<img src="img/forums/delete.gif" border="0" alt="' . lang("forum", "delete") . '" />
</a>
</div>';
}
$output .= '
</td>
</tr>';
}
$totalposts = $sql["mgr"]->query("SELECT id FROM forum_posts WHERE topic='" . $id . "';");
$totalposts = $sql["mgr"]->num_rows($totalposts);
$pages = ceil($totalposts / $maxqueries);
$output .= '
<tr>
<td align="right" colspan="3">' . lang("forum", "pages") . ': ';
for ($x = 1; $x <= $pages; $x++) {
$y = $x - 1;
$output .= '
<a href="forum.php?action=view_topic&id=' . $id . '&page=' . $y . '">' . $x . '</a> ';
}
$output .= '
</td>
</tr>
<tr>
<td align="right" class="hidden"></td>
</tr>
</table>';
// Quick reply form
if (($user_lvl > 0 || !$closed) && ($forum_skeleton[$cat]["level_post"] <= $user_lvl && $forum["level_post"] <= $user_lvl)) {
$output .= '
<form action="forum.php?action=do_add_post" method="POST" id="form">
<table class="top_hidden">
<tr>
<td>
<center>' . lang("forum", "quick_reply") . '</center>
</td>
</tr>
<tr>
<td colspan="2">';
bbcode_add_editor();
$output .= '
<textarea id="msg" name="msg" rows=8 cols=93></textarea>
</td>
</tr>
<tr>
<td align="left">';
makebutton(lang("forum", "post"), "javascript:do_submit()", 100);
$output .= '
</td>
</tr>
</table>
<br/>
<input type="hidden" name="forum" value="' . $fid . '" />
<input type="hidden" name="topic" value="' . $id . '" />
</form>';
}
} else {
$output .= '
<div class="top">
<h1>Stand by...</h1>
</div>';
$post = $sql["mgr"]->query("SELECT topic, id FROM forum_posts WHERE id='" . $id . "'");
// Get our post id
if ($sql["mgr"]->num_rows($post) == 0) {
error(lang("forum", "no_such_topic"));
}
$post = $sql["mgr"]->fetch_row($post);
if ($post[0] == $post[1]) {
redirect("forum.php?action=view_topic&id=" . $id);
}
$topic = $post[0];
$posts = $sql["mgr"]->query("SELECT id FROM forum_posts WHERE topic='" . $topic . "';");
// Get posts in our topic
$replies = $sql["mgr"]->num_rows($posts);
if ($replies == 0) {
error(lang("forum", "no_such_topic"));
}
$row = 0;
while ($post = $sql["mgr"]->fetch_row($posts)) {
// Find the row of our post, so we could have his ratio (topic x/total topics) and knew the page to show
$row++;
if ($topic == $id) {
break;
}
}
$page = 0;
while ($page * $maxqueries < $row) {
$page++;
}
$page--;
redirect("forum.php?action=view_topic&id=" . $topic . "&page=" . $page);
}
// Queries: 2 with id || 2 (+2) with postid
}
function main()
{
global $output, $realm_id, $world_db, $logon_db, $characters_db, $corem_db, $server, $action_permission, $user_lvl, $user_id, $site_encoding, $hide_coupons, $locales_search_option, $base_datasite, $item_datasite, $showcountryflag, $gm_online_count, $gm_online, $itemperpage, $hide_uptime, $player_online, $hide_max_players, $hide_avg_latency, $hide_plr_latency, $hide_server_mem, $sql, $core;
// do any raffle drawings that are necessary
do_raffles();
// check achievement contests
do_contests();
$output .= '
<div class="top">';
//---------------------Information for Explorer Users--------------------------
if (preg_match("/MSIE/", $_SERVER["HTTP_USER_AGENT"])) {
$msie = '
<br />
<span id="index_explorer_warning">' . lang("index", "explorer_warn") . '</span>
<br />';
} else {
$msie = '';
}
//-----------------------------------------------------------------------------
if (test_port($server[$realm_id]["addr"], $server[$realm_id]["game_port"])) {
if ($core == 1) {
$stats = get_uptime($server[$realm_id]["stats.xml"]);
$staticUptime = ' <em>' . htmlentities(get_realm_name($realm_id), ENT_COMPAT, $site_encoding) . '</em> <br />' . $stats["platform"][4] . ' ' . $stats["platform"][5] . ' ' . $stats["platform"][6];
if (!$hide_uptime) {
$staticUptime .= '<br />' . lang("index", "online") . ' for ' . $stats["uptime"];
}
$output .= '
<div id="uptime">' . $msie . '
<h1>
<span id="index_realm_info">
<span>' . $staticUptime . '</span>';
if (!$hide_max_players) {
$output .= '
<br />
<span>' . lang("index", "maxplayers") . ': </span>
<span class="index_realm_info_value">' . $stats["peak"] . '</span>';
}
if (!$hide_avg_latency) {
$output .= '
<br />
<span>' . lang("index", "avglat") . ': </span>
<span class="index_realm_info_value">' . $stats["avglat"] . '</span>';
}
$output .= '
<br />';
if ($hide_server_mem != 0) {
if ($hide_server_mem == 2 || $user_lvl == $action_permission["delete"]) {
$output .= '
<span>' . lang("index", "cpu") . ': </span>
<span class="index_realm_info_value">' . $stats["cpu"] . '%, </span>
<span>' . lang("index", "ram") . ': </span>
<span class="index_realm_info_value">' . $stats["ram"] . ' MB, </span>
<span>' . lang("index", "threads") . ': </span>
<span class="index_realm_info_value">' . $stats["threads"] . '</span>';
}
}
$output .= '
</span>
</h1>
</div>';
} else {
$stats = $sql["logon"]->fetch_assoc($sql["logon"]->query("SELECT starttime, maxplayers FROM uptime WHERE realmid='" . $realm_id . "' ORDER BY starttime DESC LIMIT 1"), 0);
$uptimetime = time() - $stats["starttime"];
// a more reliable method of counting how many characters have been online since server start
//$maxplayers_query = "SELECT COUNT(*) FROM `".$characters_db[$realm_id]["name"]."`.characters WHERE logout_time>='".$stats["starttime"]."' AND logout_time>=(SELECT UNIX_TIMESTAMP(last_login) FROM `".$logon_db["name"]."`.account WHERE id=`".$characters_db[$realm_id]["name"]."`.characters.account)";
//$maxplayers_result = $sql["char"]->query($maxplayers_query);
//$maxplayers_result = $sql["char"]->fetch_assoc($maxplayers_result);
//$stats["maxplayers"] = $maxplayers_result["COUNT(*)"];
function format_uptime($seconds)
{
$secs = intval($seconds % 60);
$mins = intval($seconds / 60 % 60);
$hours = intval($seconds / 3600 % 24);
$days = intval($seconds / 86400);
if ($days > 365) {
$days = intval($seconds / 86400 % 365.24);
$years = intval($seconds / 31556926);
}
$uptimeString = '';
if ($years) {
// we have a server that has been up for over a year? O_o
// actually, it's probably because the server didn't write a useful
// value to the uptime table's starttime field.
$uptimeString .= $years;
$uptimeString .= $years == 1 ? ' ' . lang("index", "uptime_year") : ' ' . lang("index", "uptime_years");
if ($days) {
$uptimeString .= ($years > 0 ? ', ' : '') . $days;
$uptimeString .= $days == 1 ? ' ' . lang("index", "uptime_day") : ' ' . lang("index", "uptime_days");
}
} else {
if ($days) {
$uptimeString .= $days;
$uptimeString .= $days == 1 ? ' ' . lang("index", "uptime_day") : ' ' . lang("index", "uptime_days");
}
}
if ($hours) {
$uptimeString .= ($days > 0 ? ', ' : '') . $hours;
$uptimeString .= $hours == 1 ? ' ' . lang("index", "uptime_hour") : ' ' . lang("index", "uptime_hours");
}
if ($mins) {
$uptimeString .= ($days > 0 || $hours > 0 ? ', ' : '') . $mins;
$uptimeString .= $mins == 1 ? ' ' . lang("index", "uptime_minute") : ' ' . lang("index", "uptime_minutes");
}
if ($secs) {
$uptimeString .= ($days > 0 || $hours > 0 || $mins > 0 ? ', ' : '') . $secs;
$uptimeString .= $secs == 1 ? ' ' . lang("index", "uptime_second") : ' ' . lang("index", "uptime_seconds");
}
return $uptimeString;
}
$staticUptime = ' <em>' . htmlentities(get_realm_name($realm_id), ENT_COMPAT, $site_encoding) . '</em> ';
if (!$hide_uptime) {
if ($stats["starttime"] != 0) {
$staticUptime .= '<br /><span>' . lang("index", "online") . format_uptime($uptimetime) . '</span>';
} else {
$staticUptime .= '<br /><span style="color:orange">' . lang("index", "time_error1") . ': <br>' . format_uptime($uptimetime) . '</span><br><span style="color:red">' . lang("index", "time_error2") . '</span>';
}
}
unset($uptimetime);
$output .= '
<div id="uptime">' . $msie . '
<h1>
<span id="index_realm_info">' . $staticUptime;
if (!$hide_max_players) {
$output .= '
<br />
<span>' . lang("index", "maxplayers") . ': </span>
<span class="index_realm_info_value">' . $stats["maxplayers"] . '</span>';
}
// this_is_junk: MaNGOS doesn't store player latency. :/
if ($core == 3) {
if (!$hide_avg_latency) {
$lat_query = "SELECT SUM(latency), COUNT(*) FROM characters WHERE online=1";
$lat_result = $sql["char"]->query($lat_query);
$lat_fields = $sql["char"]->fetch_assoc($lat_result);
$avglat = sprintf("%.3f", $lat_fields["SUM(latency)"] / $lat_fields["COUNT(*)"]);
$output .= '
<br />
<span>' . lang("index", "avglat") . ': </span>
<span class="index_realm_info_value">' . $avglat . '</span>';
}
}
$output .= '
</span>
</h1>
</div>';
unset($stats);
$online = true;
}
unset($staticUptime);
//unset($stats);
$online = true;
} else {
$output .= $msie . '<h1><span class="error">' . lang("index", "realm") . ' <em>' . htmlentities(get_realm_name($realm_id), ENT_COMPAT, $site_encoding) . '</em> ' . lang("index", "offline_or_let_high") . '</span></h1>';
$online = false;
}
//close the div
$output .= '
</div>';
// MOTDs
// get our MotDs...
$motd = "";
$motd_result = $sql["mgr"]->query("SELECT *, UNIX_TIMESTAMP(Created) AS Created, UNIX_TIMESTAMP(Last_Edited) AS Last_Edited FROM motd WHERE Enabled<>0 AND (Target='" . $user_id . "' OR Target=0) ORDER BY Priority ASC");
// if we don't get any MotDs, it'll stay empty
if ($user_lvl >= $action_permission["update"]) {
$output .= '
<script type="text/javascript">
// <![CDATA[
answerbox.btn_ok = "' . lang("global", "yes_low") . '";
answerbox.btn_cancel = "' . lang("global", "no") . '";
var del_motd = "motd.php?action=delete_motd&id=";
// ]]>
</script>';
}
if ($sql["mgr"]->num_rows($motd_result) > 0) {
$output .= '
<div class="div_lined">
<div class="div_lined_head">
<span>' . lang("index", "motd") . '</span>
</div>';
}
while ($temp = $sql["mgr"]->fetch_assoc($motd_result)) {
if ($user_lvl >= $temp["Min_Sec_Level"]) {
$motd = bb2html($temp["Message"]) . "<br /><br />";
if ($motd) {
if ($temp["Target"] != 0) {
$output .= '
<div class="div_lined_line left_text">' . lang("motd", "private") . '</div>';
}
$output .= '
<div class="div_lined_line left_text">';
$output .= $motd;
$output .= '
<br />';
// Get User Name for poster
if ($core == 1) {
$posted_name_query = "SELECT login FROM accounts WHERE acct='" . $temp["Created_By"] . "'";
} else {
$posted_name_query = "SELECT username AS login FROM account WHERE id='" . $temp["Created_By"] . "'";
}
$posted_name_result = $sql["logon"]->query($posted_name_query);
$posted_name = $sql["logon"]->fetch_assoc($posted_name_result);
$posted_name = $posted_name["login"];
// Get Screen Name for poster, if available
$posted_screenname_query = "SELECT ScreenName FROM config_accounts WHERE Login='******'";
$posted_screenname_result = $sql["mgr"]->query($posted_screenname_query);
$posted_screenname = $sql["mgr"]->fetch_assoc($posted_screenname_result);
if ($posted_screenname["ScreenName"] != NULL) {
$posted_name = htmlspecialchars($posted_screenname["ScreenName"]);
}
// if the Server Message is posted by the system, Created_By will be zero
if ($temp["Created_By"] != 0) {
$output .= '
<span>' . lang("motd", "posted_by") . ':</span>';
if ($user_lvl > -1) {
$output .= '
<a href="user.php?action=edit_user&error=11&acct=' . $temp["Created_By"] . '">';
}
$output .= '
<span>' . $posted_name . '</span>';
if ($user_lvl > -1) {
$output .= '
</a>';
}
$output .= '
<span>(' . date("M d, Y @ H:i:s", $temp["Created"]) . ')</span>';
} else {
$output .= '
<span>' . lang("motd", "posted") . ': ' . date("M d, Y @ H:i:s", $temp["Created"]) . '</span>';
}
// Get User Name for last editor
if ($core == 1) {
$edited_name_query = "SELECT login FROM accounts WHERE acct='" . $temp["Last_Edited_By"] . "'";
} else {
$edited_name_query = "SELECT username AS login FROM account WHERE id='" . $temp["Last_Edited_By"] . "'";
}
$edited_name_result = $sql["logon"]->query($edited_name_query);
$edited_name = $sql["logon"]->fetch_assoc($edited_name_result);
$edited_name = $edited_name["login"];
// Get Screen Name for last editor, if available
$edited_screenname_query = "SELECT ScreenName FROM config_accounts WHERE Login='******'";
$edited_screenname_result = $sql["mgr"]->query($edited_screenname_query);
$edited_screenname = $sql["mgr"]->fetch_assoc($edited_screenname_result);
if ($edited_screenname["ScreenName"] != NULL) {
$edited_name = htmlspecialchars($edited_screenname["ScreenName"]);
}
if ($temp["Last_Edited_By"] != 0) {
$output .= '
<br />
<div>
<span>' . lang("motd", "edited_by") . ':</span>';
if ($user_lvl > -1) {
$output .= '
<a href="user.php?action=edit_user&error=11&acct=' . $temp["Last_Edited_By"] . '">';
}
$output .= '
<span>' . $edited_name . '</span>';
if ($user_lvl > -1) {
$output .= '
</a>';
}
$output .= '
<span>(' . date("M d, Y @ H:i:s", $temp["Last_Edited"]) . ')</span>
</div>';
}
$output .= '
</div>';
if ($user_lvl >= $action_permission["update"]) {
$output .= '
<div class="div_lined_line right_text">
<img src="img/aff_cross.png" width="16" height="16" onclick="answerBox(\'' . lang("global", "delete") . ': <font color=white>' . $temp["ID"] . '</font><br />' . lang("global", "are_you_sure") . '\', del_motd + ' . $temp["ID"] . ');" alt="" />';
}
if ($user_lvl >= $action_permission["update"]) {
$output .= '
<a href="motd.php?action=edit_motd&error=3&id=' . $temp["ID"] . '">
<img src="img/edit.png" width="16" height="16" alt="" />
</a>
</div>';
}
$output .= '
<br />';
}
}
}
if ($sql["mgr"]->num_rows($motd_result)) {
$output = substr($output, 0, strlen($output) - 24);
}
if ($sql["mgr"]->num_rows($motd_result) > 0) {
$output .= '
</div>';
}
if ($user_lvl >= $action_permission["insert"]) {
$output .= '
<div class="div_lined">
<div class="div_lined_head right_text">
<a href="motd.php?action=add_motd&error=4">' . lang("index", "add_motd") . '</a>
</div>
</div>';
}
// Coupons
if (!$hide_coupons) {
$coupon_query = "SELECT * FROM point_system_coupons WHERE ((target='0' AND contest='0') OR target='" . $user_id . "') AND enabled='1'";
$coupon_result = $sql["mgr"]->query($coupon_query);
if ($sql["mgr"]->num_rows($coupon_result) > 0) {
$output .= '
<br />
<div class="div_lined">
<div class="div_lined_head">
<span>' . lang("index", "avail_coupons") . '</span>
</div>';
while ($coupon = $sql["mgr"]->fetch_assoc($coupon_result)) {
$usage_query = "SELECT * FROM point_system_coupon_usage WHERE coupon='" . $coupon["entry"] . "' AND user='******'";
$usage_result = $sql["mgr"]->query($usage_query);
if ($sql["mgr"]->num_rows($usage_result) < $coupon["usage_limit"] || $coupon["usage_limit"] == -1) {
$output .= '
<div class="div_lined_line left_text">
<span>' . $coupon["title"] . '</span>
</div>';
if ($coupon["text"] != "") {
$output .= '
<div class="div_lined_line left_text">
<span>' . $coupon["text"] . '</span>
</div>';
}
if ($coupon["credits"] != 0 || $coupon["money"] != 0 || $coupon["item_id"] != 0 || $coupon["raffle_id"] != 0) {
$output .= '
<div class="div_lined_line left_text">
<span>' . lang("index", "coupon_value") . ':</span>';
if ($coupon["credits"] > 0) {
if ($coupon["credits"] > 1) {
$tip = lang("index", "coupon_credits");
} else {
$tip = lang("index", "coupon_credit");
}
$output .= '
<br />
<br />
<span>' . $coupon["credits"] . '</span>
<span>' . $tip . '</span>';
}
if ($coupon["money"] > 0) {
// extract gold/silver/copper from single gold number
$coupon["money"] = str_pad($coupon["money"], 4, "0", STR_PAD_LEFT);
$coupon_g = substr($coupon["money"], 0, -4);
if ($coupon_g == "") {
$coupon_g = 0;
}
$coupon_s = substr($coupon["money"], -4, 2);
if ($coupon_s == "" || $coupon_s == "00") {
$coupon_s = 0;
}
$coupon_c = substr($coupon["money"], -2);
if ($coupon_c == "" || $coupon_c == "00") {
$coupon_c = 0;
}
$output .= '
<br />
<br />
<span>' . $coupon_g . '</span>
<img src="img/gold.gif" alt="gold" />
<span>' . $coupon_s . '</span>
<img src="img/silver.gif" alt="gold" />
<span>' . $coupon_c . '</span>
<img src="img/copper.gif" alt="gold" />';
}
if ($coupon["item_id"] != 0) {
if ($coupon["item_id"] > 0) {
// get item data
if ($core == 1) {
$i_query = "SELECT \r\n *, description AS description1, name1 AS name, quality AS Quality, inventorytype AS InventoryType, \r\n socket_color_1 AS socketColor_1, socket_color_2 AS socketColor_2, socket_color_3 AS socketColor_3,\r\n requiredlevel AS RequiredLevel, allowableclass AS AllowableClass,\r\n sellprice AS SellPrice, itemlevel AS ItemLevel\r\n FROM items " . ($locales_search_option != 0 ? "LEFT JOIN items_localized ON (items_localized.entry=items.entry AND language_code='" . $locales_search_option . "') " : " ") . "WHERE items.entry='" . $coupon["item_id"] . "'";
} else {
$i_query = "SELECT *, description AS description1 FROM item_template " . ($locales_search_option != 0 ? "LEFT JOIN locales_item ON locales_item.entry=item_template.entry " : " ") . "WHERE item_template.entry='" . $coupon["item_id"] . "'";
}
$i_result = $sql["world"]->query($i_query);
$i = $sql["world"]->fetch_assoc($i_result);
$output .= '
<br />
<br />
<div class="coupon_item">
<div>
<a href="' . $base_datasite . $item_datasite . $coupon["item_id"] . '" rel="external" onmouseover="ShowTooltip(this,\'_b' . $coupon["entry"] . '\');" onmouseout="HideTooltip(\'_b' . $coupon["entry"] . '\');">
<img src="' . get_item_icon($coupon["item_id"]) . '" alt="" />
</a>';
if ($coupon["item_count"] > 1) {
$output .= '
<div class="ch_inv_quantity_shadow">' . $coupon["item_count"] . '</div>
<div class="ch_inv_quantity">' . $coupon["item_count"] . '</div>';
}
$output .= '
</div>';
// build a tooltip object for this item
$output .= '
<div class="item_tooltip_div" id="tooltip_b' . $coupon["entry"] . '" style="left: -129px; top: 42px;">
<div>' . get_item_tooltip($i, 0, 0, 0, 0, 0) . '</div>
</div>';
$output .= '
</div>';
} else {
$output .= '
<br />
<br />
<div class="coupon_item">
<div>
<a href="point_system.php?action=view_bag&bag_id=' . $coupon["item_id"] * -1 . '" onmousemove="oldtoolTip(\'' . lang("points", "prize_bag") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">
<img src="' . get_item_icon(1725) . '" alt="" />
</a>
</div>
</div>';
}
}
if ($coupon["raffle_id"] != 0) {
// find out how many entries per user the raffle allows and whether the raffle is enabled
if ($coupon["raffle_id"] != -1) {
$query = "SELECT tickets_per_user, enabled FROM point_system_raffles WHERE entry='" . $coupon["raffle_id"] . "'";
$result = $sql["mgr"]->query($query);
$result = $sql["mgr"]->fetch_assoc($result);
$per_user = $result["tickets_per_user"];
$raffle_enabled = $result["enabled"];
// if tickets_per_user is -1 then its unlimited, fake it with a reasonably high number
$per_user = 999999999;
} else {
// if it allows any raffle, then fake it
$per_user = 999999999;
$raffle_enabled = 1;
}
if ($raffle_enabled) {
// find out how many time we've entered
$query = "SELECT COUNT(*) FROM point_system_raffle_tickets WHERE raffle='" . $coupon["raffle_id"] . "' AND user='******'";
$result = $sql["mgr"]->query($query);
$result = $sql["mgr"]->fetch_assoc($result);
$tickets = $result["COUNT(*)"];
// if we haven't already purchased the maximum number of tickets
// or the raffle allows purchase of tickets from any raffle
if ($tickets < $per_user || $coupon["raffle_id"] == -1) {
if ($coupon["redemption_option"] == 0) {
$output .= '
<br />
<br />
<span>' . lang("index", "and_raffle") . '</span>';
} else {
$output .= '
<br />
<br />
<span>' . lang("index", "or_raffle") . '</span>';
}
}
}
}
$output .= '
</div>';
}
if ($coupon["credits"] < 0) {
$message = lang("points", "coupon_cost_credits");
$message = str_replace("%1", $coupon["credits"] * -1, $message);
$output .= '
<div class="div_lined_line right_text">
<span>' . $message . '</span>
</div>';
}
if ($coupon["money"] < 0) {
$coupon["money"] = $coupon["money"] * -1;
$coupon_money = $coupon["money"];
$coupon_money = str_pad($coupon_money, 4, "0", STR_PAD_LEFT);
$cg = substr($coupon_money, 0, -4);
if ($cg == "") {
$cg = 0;
}
$cs = substr($coupon_money, -4, 2);
if ($cs == "" || $cs == "00") {
$cs = 0;
}
$cc = substr($coupon_money, -2);
if ($cc == "" || $cc == "00") {
$cc = 0;
}
$coupon_money_display = '
<span>' . $cg . '</span>
<img src="img/gold.gif" alt="" align="middle" />
<span>' . $cs . '</span>
<img src="img/silver.gif" alt="" align="middle" />
<span>' . $cc . '</span>
<img src="img/copper.gif" alt="" align="middle" />';
$message = lang("points", "coupon_cost_money");
$message = str_replace("%1", $coupon_money_display, $message);
$output .= '
<div class="div_lined_line right_text">
<span>' . $message . '</span>
</div>';
}
$output .= '
<div class="div_lined_line right_text">
<a href="point_system.php?action=redeem_coupon&coupon_id=' . $coupon["entry"] . '">
<img src="img/star.png" width="16" height="16" alt="" />
<span> ' . lang("index", "use_coupon") . '</span>
</a>
</div>';
$output .= '
<br />';
}
}
if ($sql["mgr"]->num_rows($coupon_result)) {
$output = substr($output, 0, strlen($output) - 20);
}
$output .= '
</div>';
}
}
// GM Tickets
$start_m = isset($_GET["start_m"]) ? $sql["char"]->quote_smart($_GET["start_m"]) : 0;
if (!is_numeric($start_m)) {
$start_m = 0;
}
if ($core == 1) {
$all_record_m = $sql["char"]->result($sql["char"]->query("SELECT COUNT(*) FROM gm_tickets WHERE deleted=0"), 0);
} elseif ($core == 2) {
$all_record_m = $sql["char"]->result($sql["char"]->query("SELECT COUNT(*) FROM character_ticket"), 0);
} else {
$all_record_m = $sql["char"]->result($sql["char"]->query("SELECT COUNT(*) FROM gm_tickets WHERE closedBy=0"), 0);
}
// show gm tickets
$output .= '
<br />';
if ($user_lvl >= $action_permission["insert"]) {
if ($all_record_m) {
$output .= '
<div class="div_lined">
<div class="div_lined_head">
<span>' . lang("index", "tickets") . '</span>
</div>';
if ($core == 1) {
$result = $sql["char"]->query("SELECT ticketid, level, message, name, deleted,\r\n timestamp, gm_tickets.playerGuid, acct\r\n FROM gm_tickets\r\n LEFT JOIN characters ON characters.guid=gm_tickets.playerGuid\r\n ORDER BY ticketid DESC LIMIT " . $start_m . ", 3");
} elseif ($core == 2) {
$result = $sql["char"]->query("SELECT character_ticket.ticket_id AS ticketid, characters.level,\r\n ticket_text AS message, characters.name, UNIX_TIMESTAMP(ticket_lastchange) AS timestamp,\r\n character_ticket.guid AS playerGuid, account AS acct\r\n FROM character_ticket\r\n LEFT JOIN characters ON characters.guid=character_ticket.guid\r\n ORDER BY ticketid DESC LIMIT " . $start_m . ", 3");
} else {
$result = $sql["char"]->query("SELECT gm_tickets.guid AS ticketid, characters.level, message,\r\n gm_tickets.name, closedBy AS deleted, lastModifiedTime AS timestamp, gm_tickets.guid AS playerGuid, account AS acct\r\n FROM gm_tickets\r\n LEFT JOIN characters ON characters.guid=gm_tickets.guid\r\n ORDER BY ticketid DESC LIMIT " . $start_m . ", 3");
}
while ($post = $sql["char"]->fetch_assoc($result)) {
if (!$post["deleted"]) {
if ($core == 1) {
$login_result = $sql["logon"]->query("SELECT * FROM accounts WHERE acct='" . $post["acct"] . "'");
} else {
$login_result = $sql["logon"]->query("SELECT *, username AS login FROM account WHERE id='" . $post["acct"] . "'");
}
$login = $sql["logon"]->fetch_assoc($login_result);
$gm_result = $sql["mgr"]->query("SELECT SecurityLevel FROM config_accounts WHERE Login='******'");
$gm = $sql["mgr"]->fetch_assoc($gm_result);
$gm = $gm["SecurityLevel"];
if ($user_lvl > 0 && ($user_lvl >= gmlevel($gm) || $user_lvl == $action_permission["delete"])) {
$output .= '
<div class="div_lined_line left_text">
<a href="char.php?id=' . $post["playerGuid"] . '">
<span onmousemove="oldtoolTip(\'' . htmlspecialchars($login["username"]) . ' (' . id_get_gm_level($gm) . ')' . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . htmlentities($post["name"], ENT_COMPAT, $site_encoding) . '</span>
</a>
</div>
<div class="div_lined_line left_text">
<span>' . htmlspecialchars($post["message"]) . '</span>
</div>
<div class="div_lined_line right_text">';
}
$output .= '
<span>' . lang("index", "submitted") . ": " . date('G:i:s m-d-Y', $post["timestamp"]) . '</span>';
$output .= '
</div>
<div class="div_lined_line right_text">';
if ($user_lvl >= $action_permission["update"]) {
$output .= '
<a href="ticket.php?action=edit_ticket&error=4&id=' . $post["ticketid"] . '">
<img src="img/edit.png" width="16" height="16" alt="" />
</a>';
}
$output .= '
</div>
<br />';
}
}
$output .= '
</div>';
}
}
// Character Changes
// count pending character changes
$char_change_count = $sql["mgr"]->result($sql["mgr"]->query("SELECT COUNT(*) FROM char_changes"), 0);
// show pending character changes
$output .= '
<br />';
if ($user_lvl >= $action_permission["update"]) {
if ($char_change_count) {
$output .= '
<div class="div_lined">
<div class="div_lined_head">
<span>' . lang("index", "pendingchanges") . '</span>
</div>';
$result = $sql["mgr"]->query("SELECT * FROM char_changes");
while ($change = $sql["mgr"]->fetch_assoc($result)) {
if ($core == 1) {
$change_char_query = "SELECT * FROM characters WHERE guid='" . $change["guid"] . "'";
} else {
$change_char_query = "SELECT *, account AS acct FROM characters WHERE guid='" . $change["guid"] . "'";
}
$change_char = $sql["char"]->fetch_assoc($sql["char"]->query($change_char_query));
if ($core == 1) {
$change_acct_query = "SELECT * FROM accounts WHERE acct='" . $change_char["acct"] . "'";
} else {
$change_acct_query = "SELECT *, username AS login FROM account WHERE id='" . $change_char["acct"] . "'";
}
$change_acct = $sql["logon"]->fetch_assoc($sql["logon"]->query($change_acct_query));
if (isset($change["new_name"])) {
// Localization
$namechange = lang("xname", "playerhasreq");
$namechange = str_replace("%1", htmlspecialchars($change_acct["login"]), $namechange);
$namechange = str_replace("%2", htmlspecialchars($change_char["name"]), $namechange);
$namechange = str_replace("%3", htmlspecialchars($change["new_name"]), $namechange);
$output .= '
<div class="div_lined_line left_text large">
<span>' . $namechange . '</span>';
}
if (isset($change["new_race"])) {
// Localization
$racechange = lang("xrace", "playerhasreq");
$racechange = str_replace("%1", htmlspecialchars($change_acct["login"]), $racechange);
$racechange = str_replace("%2", htmlspecialchars($change_char["name"]), $racechange);
$racechange = str_replace("%3", char_get_race_name($change["new_race"]), $racechange);
$output .= '
<div class="div_lined_line left_text large">
<span>' . $racechange . '</span>';
}
if (isset($change["new_acct"])) {
if ($core == 1) {
$new_acct_query = "SELECT login FROM accounts WHERE acct='" . $change["new_acct"] . "'";
} else {
$new_acct_query = "SELECT username AS login FROM account WHERE id='" . $change["new_acct"] . "'";
}
$new_acct_result = $sql["logon"]->query($new_acct_query);
$new_acct_result = $sql["logon"]->fetch_assoc($new_acct_result);
$new_acct_name = $new_acct_result["login"];
// Localization
$acctchange = lang("xacct", "playerhasreq");
$acctchange = str_replace("%1", htmlspecialchars($change_acct["login"]), $acctchange);
$acctchange = str_replace("%2", htmlspecialchars($change_char["name"]), $acctchange);
$acctchange = str_replace("%3", $new_acct_name, $acctchange);
$output .= '
<div class="div_lined_line left_text large">
<span>' . $acctchange . '</span>';
}
if ($change_char["online"]) {
$output .= '
<br />
<br />
<img src="img/aff_warn.gif" alt="warn" />
<span class="error">' . lang("xname", "online") . '</span>';
}
$output .= '
</div>';
if (isset($change["new_name"])) {
$file = "change_char_name.php";
} elseif (isset($change["new_race"])) {
$file = "change_char_race.php";
} else {
$file = "change_char_account.php";
}
$output .= '
<div class="div_lined_line right_text">
<a href="' . $file . '?action=denied&guid=' . $change["guid"] . '">
<img src="img/cross.png" width="12" height="12" alt="" />
</a>';
if (!$change_char["online"]) {
$output .= '
<a href="' . $file . '?action=approve&guid=' . $change["guid"] . '">
<img src="img/aff_tick.png" width="14" height="14" alt="" />
</a>';
}
$output .= '
</div>
<br />';
}
$output .= '
</div>';
}
}
//print online chars
if ($online && $user_lvl >= $player_online) {
//==========================$_GET and SECURE=================================
$start = isset($_GET["start"]) ? $sql["char"]->quote_smart($_GET["start"]) : 0;
if (!is_numeric($start)) {
$start = 0;
}
$order_by = isset($_GET["order_by"]) ? $sql["char"]->quote_smart($_GET["order_by"]) : "name";
if (!preg_match("/^[_[:lower:]]{1,12}\$/", $order_by)) {
$order_by = "name";
}
$dir = isset($_GET["dir"]) ? $sql["char"]->quote_smart($_GET["dir"]) : 1;
if (!preg_match("/^[01]{1}\$/", $dir)) {
$dir = 1;
}
$order_dir = $dir ? "ASC" : "DESC";
$dir = $dir ? 0 : 1;
//==========================$_GET and SECURE end=============================
if ($order_by === "mapid") {
$order_by = "mapid, zoneid ";
$order_hold = "mapid";
} elseif ($order_by === "zoneid") {
$order_by = "zoneid, mapid ";
$order_hold = "zoneid";
} else {
$order_hold = $order_by;
}
$order_side = "";
if (!($user_lvl || $server[$realm_id]["both_factions"])) {
if ($core == 1) {
$result = $sql["char"]->query("SELECT race FROM characters WHERE acct=" . $user_id . "\r\n AND SUBSTRING_INDEX(SUBSTRING_INDEX(playedtime, ' ', 2), ' ', -1)=(SELECT MAX(SUBSTRING_INDEX(SUBSTRING_INDEX(playedtime, ' ', 2), ' ', -1)) FROM characters WHERE acct=" . $user_id . ") LIMIT 1");
} else {
$result = $sql["char"]->query("SELECT race FROM characters WHERE account=" . $user_id . "\r\n AND totaltime=(SELECT MAX(totaltime) FROM characters WHERE account=" . $user_id . ") LIMIT 1");
}
if ($sql["char"]->num_rows($result)) {
$order_side = in_array($sql["char"]->result($result, 0), array(2, 5, 6, 8, 10)) ? " AND race IN (2, 5, 6, 8, 10) " : " AND race IN (1, 3, 4, 7, 11) ";
}
}
if ($core == 1) {
$result = $sql["char"]->query("SELECT guid, name, race, class, zoneid, mapid, level, characters.acct, gender,\r\n CAST( SUBSTRING_INDEX( SUBSTRING_INDEX( data, ';', " . (PLAYER_FIELD_HONOR_CURRENCY + 1) . " ), ';', -1 ) AS UNSIGNED ) AS highest_rank, lastip\r\n FROM characters\r\n LEFT JOIN `" . $logon_db["name"] . "`.accounts ON characters.acct=`" . $logon_db["name"] . "`.accounts.acct\r\n WHERE characters.online=1 " . $order_side . " ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage);
} elseif ($core == 2) {
$result = $sql["char"]->query("SELECT guid, name, race, class, zone AS zoneid, map AS mapid, level, account AS acct, gender,\r\n totalHonorPoints AS highest_rank, last_ip AS lastip\r\n FROM characters\r\n LEFT JOIN `" . $logon_db["name"] . "`.account ON characters.account=`" . $logon_db["name"] . "`.account.id\r\n WHERE characters.online=1 " . $order_side . " ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage);
} else {
$result = $sql["char"]->query("SELECT characters.guid, characters.name, race, class, zone AS zoneid, map AS mapid, level, account AS acct, gender,\r\n totalHonorPoints AS highest_rank, latency, last_ip AS lastip, guild.name AS gname\r\n FROM characters\r\n LEFT JOIN `" . $logon_db["name"] . "`.account ON characters.account=`" . $logon_db["name"] . "`.account.id\r\n LEFT JOIN guild_member ON characters.guid=guild_member.guid\r\n LEFT JOIN guild ON guild_member.guildid=guild.guildid\r\n WHERE characters.online=1 " . $order_side . " ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $itemperpage);
}
$total_online = $sql["char"]->result($sql["char"]->query("SELECT count(*) FROM characters WHERE online= 1"), 0);
$output .= '
<div class="div_lined center_text">
<span class="bold">' . lang("index", "tot_users_online") . ': ' . $total_online . '</span>
</div>';
if ($total_online) {
$output .= '
<table class="lined">
<tr>
<td colspan="' . (9 - $showcountryflag) . '" align="right" class="hidden" style="width: 25%;">';
$output .= generate_pagination("index.php?start_m=" . $start_m . "&order_by=" . $order_hold . "&dir=" . ($dir ? 0 : 1), $total_online, $itemperpage, $start);
$output .= '
</td>
</tr>
<tr>
<th style="width: 15%;">
<a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=name&dir=' . $dir . '"' . ($order_by === "name" ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "name") . '</a>
</th>
<th style="width: 1%;">
<a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=race&dir=' . $dir . '"' . ($order_by === "race" ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "race") . '</a>
</th>
<th style="width: 1%;">
<a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=class&dir=' . $dir . '"' . ($order_by === "class" ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "class") . '</a>
</th>
<th style="width: 5%;">
<a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=level&dir=' . $dir . '"' . ($order_by === "level" ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "level") . '</a>
</th>
<th style="width: 1%;">
<a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=highest_rank&dir=' . $dir . '"' . ($order_by === "highest_rank" ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "rank") . '</a>
</th>
<th style="width: 15%;">
<a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=gname&dir=' . $dir . '"' . ($order_by === "gname" ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "guild") . '</a>
</th>
<th style="width: 20%;">
<a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=mapid&dir=' . $dir . '"' . ($order_by === "mapid, zoneid " ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "map") . '</a>
</th>
<th style="width: 25%;">
<a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=zoneid&dir=' . $dir . '"' . ($order_by === "zoneid, mapid " ? ' class="' . $order_dir . '"' : '') . '>' . lang("index", "zone") . '</a>
</th>';
if ($core == 1) {
$output .= '
<th style="width: 25%;">
<span>' . lang("index", "area") . '</span>
</th>';
}
// this_is_junk: MaNGOS doesn't store player latency
if ($core != 2) {
if (!$hide_plr_latency) {
// this_is_junk: Trinity is the only core which can sort by Player Latency
if ($core == 3) {
$output .= '
<th style="width: 1%;">
<a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=latency&dir=' . $dir . '"' . ($order_by === "latency" ? ' class="' . $order_dir . '"' : '') . '>
<img src="img/time.png" onmousemove="oldtoolTip(\'' . lang("index", "latency") . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt=""' . ($order_by === "latency" ? '' : ' style="position: relative; top: 7px;"') . ' />
</a>
</th>';
} else {
$output .= '
<th style="width: 1%;">
<img src="img/time.png" onmousemove="oldtoolTip(\'' . lang("index", "latency") . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" style="position: relative; top: 7px;" />
</th>';
}
}
}
if ($showcountryflag) {
require_once "libs/misc_lib.php";
$output .= '
<th style="width: 1%;">
<a href="index.php?start=' . $start . '&start_m=' . $start_m . '&order_by=lastip&dir=' . $dir . '"' . ($order_by === "lastip" ? ' class="' . $order_dir . '"' : '') . '>
<img src="img/world.png" onmousemove="oldtoolTip(\'' . lang("global", "country") . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt=""' . ($order_by === "lastip" ? '' : ' style="position: relative; top: 7px;"') . ' />
</a>
</th>';
}
$output .= '
</tr>';
}
while ($char = $sql["char"]->fetch_assoc($result)) {
if ($core == 1) {
$ca_query = "SELECT accounts.login AS name FROM `" . $logon_db["name"] . "`.accounts LEFT JOIN `" . $corem_db["name"] . "`.config_accounts ON accounts.login=`" . $corem_db["name"] . "`.config_accounts.Login COLLATE utf8_unicode_ci WHERE acct='" . $char["acct"] . "'";
} else {
$ca_query = "SELECT *, username AS name FROM `" . $logon_db["name"] . "`.account LEFT JOIN `" . $corem_db["name"] . "`.config_accounts ON account.username=`" . $corem_db["name"] . "`.config_accounts.Login WHERE id='" . $char["acct"] . "'";
}
$ca_result = $sql["mgr"]->query($ca_query);
$char_acct = $sql["mgr"]->fetch_assoc($ca_result);
$gm = $char_acct["SecurityLevel"];
if (!isset($gm)) {
$gm = 0;
}
if ($core == 1) {
$guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_data WHERE playerid='" . $char["guid"] . "'"), 0);
} else {
$guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_member WHERE guid='" . $char["guid"] . "'"), 0);
}
if ($core == 1) {
$guild_name_query = "SELECT guildName FROM guilds WHERE guildid='" . $guild_id . "'";
} else {
$guild_name_query = "SELECT name AS guildName FROM guild WHERE guildid='" . $guild_id . "'";
}
$guild_name_result = $sql["char"]->query($guild_name_query);
$guild_name = $sql["char"]->fetch_assoc($guild_name_result);
$guild_name = $guild_name["guildName"];
$output .= '
<tr>
<td>';
if ($user_lvl > 0 && ($user_lvl >= gmlevel($gm) || $user_lvl == $action_permission["delete"])) {
$output .= '
<a href="char.php?id=' . $char["guid"] . '">
<span onmousemove="oldtoolTip(\'' . htmlspecialchars($char_acct["name"]) . ' (' . id_get_gm_level($gm) . ')' . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . '</span>
</a>';
} else {
$output .= '
<span>' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . '</span>';
}
$output .= '
</td>
<td>
<img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
</td>
<td>
<img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />
</td>
<td>' . char_get_level_color($char["level"]) . '</td>
<td>
<span onmouseover="oldtoolTip(\'' . char_get_pvp_rank_name($char["highest_rank"], char_get_side_id($char["race"])) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" id="index_delete_cursor"><img src="img/ranks/rank' . char_get_pvp_rank_id($char["highest_rank"], char_get_side_id($char["race"])) . '.gif" alt="" /></span>
</td>
<td>
<a href="guild.php?action=view_guild&error=3&id=' . $guild_id . '">' . htmlentities($guild_name, ENT_COMPAT, $site_encoding) . '</a>
</td>
<td>
<span onmousemove="oldtoolTip(\'MapID:' . $char["mapid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_map_name($char["mapid"]) . '</span>
</td>
<td>
<span onmousemove="oldtoolTip(\'ZoneID:' . $char["zoneid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_zone_name($char["zoneid"]) . '</span>
</td>';
// display player area, if available
if ($core == 1) {
for ($i = 0; $i < count($stats["plrs_area"]); $i++) {
if ($stats["plrs_area"][$i][0] == $char["name"]) {
$output .= '
<td>
<span onmousemove="toolTip(\'AreaID:' . $stats["plrs_area"][$i][1] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_zone_name($stats["plrs_area"][$i][1]) . '</span>
</td>';
}
if (!isset($stats["plrs_lat"][$i][1])) {
$output .= '
<td>-</td>';
}
}
}
// display player latency, if enabled, and if available
if (!$hide_plr_latency) {
if ($core == 1) {
for ($i = 0; $i < count($stats["plrs_lat"]); $i++) {
if ($stats["plrs_lat"][$i][0] == $char["name"]) {
$output .= '
<td>' . $stats["plrs_lat"][$i][1] . '</td>';
}
if (!isset($stats["plrs_lat"][$i][1])) {
$output .= '
<td>-</td>';
}
}
} else {
// this_is_junk: MaNGOS doesn't store player latency
if ($core == 3) {
$output .= '
<td>' . $char["latency"] . '</td>';
}
}
}
if ($showcountryflag) {
$country = misc_get_country_by_ip($char["lastip"]);
$output .= '
<td>' . ($country["code"] ? '<img src="img/flags/' . $country["code"] . '.png" onmousemove="oldtoolTip(\'' . $country["country"] . ($user_lvl >= $action_permission["update"] ? '<br />' . $country["actualip"] : '') . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />' : '-') . '</td>';
}
$output .= '
</tr>';
}
if ($total_online) {
$output .= '
<tr>';
$output .= '
<td colspan="' . (9 - $showcountryflag) . '" align="right" class="hidden" style="width: 25%;">';
$output .= generate_pagination("index.php?start_m=" . $start_m . "&order_by=" . $order_by . "&dir=" . ($dir ? 0 : 1), $total_online, $itemperpage, $start);
$output .= '
</td>
</tr>
</table>';
}
$output .= '
<br />';
unset($total_online);
}
}
*/
$session_id = @$_POST['PHPSESSID'];
session_id($session_id);
session_start();
require_once '../../../ww.incs/basics.php';
require_once SCRIPTBASE . 'ww.incs/bb2html.php';
/**
* check user is logged in
*/
$user_id = (int) @$_SESSION['userdata']['id'];
if ($user_id == 0) {
Core_quit();
}
$name = reset(explode('.', $_FILES['theme-zip']['name']));
$version = addslashes(@$_POST['version']);
$description = bb2html(addslashes(@$_POST['description']));
$tags = addslashes(@$_POST['tags']);
$author = addslashes(@$_POST['author']);
$author_url = addslashes(@$_POST['author_url']);
$_SESSION['theme_upload']['description'] = $description;
$_SESSION['theme_upload']['version'] = $version;
$_SESSION['theme_upload']['tags'] = $tags;
/**
* make sure all required fields are populated
*/
if ($version == '' || $author == '') {
die('error');
}
/**
* make sure zip file is being used
*/
<?php
defined("SYSPATH") or die("No direct script access.");
?>
<div id="g-info">
<?php
echo $theme->album_top();
?>
<h1><?php
echo html::purify($item->title);
?>
</h1>
<div class="g-description"><?php
echo $item->description ? bb2html(html::purify($item->description), 1) : null;
?>
</div>
</div>
<?php
echo $theme->paginator();
?>
<ul id="g-album-grid">
<?php
if (count($children)) {
?>
<?php
foreach ($children as $i => $child) {
?>
<?php
$item_class = "g-photo";
?>
function parse()
{
$displayName = "Kavel";
$objectResult = $this->db->buildQuery("SELECT * FROM objects WHERE id=%i", $this->argsIndexed[0]);
if ($this->db->getHasRows($objectResult)) {
$object = $this->db->fetchAssoc($objectResult);
//See if they placed a bid, and if they're logged in
if (isset($_POST['submit']) && isset($_POST['bid']) && $this->user->isLoggedIn()) {
if ($_POST['bid'] >= $this->db->fetchIndex($this->db->executeFunction('dbo.fnMinimalNewBid', $object['id']))[0]) {
if ($object['seller'] != $this->user->getName()) {
if ($_POST['bid'] < 1000000) {
$insertArray = array("objectid" => $object['id'], "bidvalue" => $_POST['bid'], "username" => $this->user->getName(), "bidmoment" => date('Y-m-d H:i:s'));
} else {
$this->website->assign("bidError", "Je bod overschrijd de maximale gepermitteerde bedrag.");
}
$this->db->insert("bids", $insertArray);
$error = $this->db->getLastError();
if ($error) {
var_dump($error);
} else {
header("Location: " . $_SERVER['REQUEST_URI']);
}
}
} else {
$this->website->assign("bidError", "Je bod is niet hoog genoeg.");
}
}
//Fetch images:
$imageResult = $this->db->buildQuery("SELECT filename FROM files WHERE objectid=%i", $this->argsIndexed[0]);
if ($this->db->getHasRows($imageResult)) {
if ($object['city'] == 'batch') {
$object['image'] = "http://iproject2.icasites.nl/pics/" . $this->db->fetchAssoc($imageResult)['filename'];
} else {
$object['image'] = baseurl("upload/" . $this->db->fetchAssoc($imageResult)['filename']);
}
} else {
$object['image'] = "https://placehold.it/465x465";
}
$object['timeRemaining'] = $object['end_moment']->getTimeStamp() - time();
$object['description'] = nl2br(htmlentities(str_replace(" ", chr(1), str_replace('\\n', "\n", $object['description']))));
$object['description'] = bb2html(str_replace(chr(1), " ", $object['description']));
//Fetch bids
$bidsResult = $this->db->buildQuery("SELECT * FROM bids WHERE objectid=%i ORDER BY bidmoment DESC", $this->argsIndexed[0]);
$object['bids'] = $this->db->fetchAllAssoc($bidsResult);
//Get minimal new bid:
$object['nextBid'] = $this->db->fetchIndex($this->db->executeFunction('dbo.fnMinimalNewBid', $object['id']))[0];
//Fetch user
$userResult = $this->db->buildQuery("SELECT * FROM users WHERE username=%s", $object['seller']);
$object['user'] = $this->db->fetchAssoc($userResult);
$object['user']['gravatarUrl'] = get_gravatar($object['user']['email'], 72);
//Fetch the rating:
$object['user']['rating'] = $this->db->fetchIndex($this->db->executeFunction('dbo.fnCalculateRating', $object['user']['username'], false))[0];
//Fetch category this object is in
$catId = $this->db->fetchAssoc($this->db->buildQuery("SELECT category_id FROM object_in_category WHERE object_id=%i", $object['id']))['category_id'];
//Get related here.
$relatedObjectsResult = $this->db->buildQuery("SELECT TOP 3 * FROM objects WHERE id IN (SELECT object_id FROM object_in_category WHERE category_id=%i AND NOT object_id=%i) AND end_moment > GETDATE() ORDER BY NEWID()", $catId, $object['id']);
$object['related'] = parseObjects($relatedObjectsResult);
$categories = array();
getCategoryFromBottom($categories, $catId);
$this->addToBreadcrumbs("Home", baseurl(""));
foreach ($categories as $cat) {
$this->addToBreadcrumbs($cat['name'], baseurl("Rubriek/" . $cat['id']));
}
$this->addToBreadcrumbs($object['title']);
$this->website->assign("object", $object);
$this->render($displayName, 'lot/lot.tpl');
} else {
$this->website->assign("error", "Dit object bestaat niet!");
$this->render($displayName, 'error.tpl');
}
}
<?php
defined("SYSPATH") or die("No direct script access.");
?>
<span class="g-metadata">
<?php
if ($item->description) {
?>
<?php
echo bb2html(html::purify($item->description), 1);
?>
<?php
} else {
?>
<?php
}
?>
</span>
/**
* display a specific thread
*
* @param object &$PAGEDATA the page object
* @param int &$id the thread's ID
*
* @return string HTML of the forum creation tool
*/
function Forum_showThread(&$PAGEDATA, &$id)
{
require_once SCRIPTBASE . 'ww.incs/bb2html.php';
WW_addCSS('/ww.plugins/forum/frontend/forum.css');
$script = '$(function(){$(".ratings").ratings();});';
WW_addScript('ratings/ratings.js');
WW_addInlineScript($script);
$thread = dbRow('select * from forums_threads where id=' . $id);
$forum_id = $thread['forum_id'];
if (!$thread || !count($thread)) {
return '<em class="error">Error: this thread does not exist!</em>';
}
$c = Forum_getForumBreadcrumbs($PAGEDATA, $thread['forum_id']) . ' » <a href="' . $PAGEDATA->getRelativeUrl() . '?forum-f=' . $forum_id . '&forum-t=' . $id . '">' . htmlspecialchars($thread['name']) . '</a>';
$c .= '<table id="forum-posts"><tr><th>Author</th><th>Post</th></tr>';
$posts = dbAll('select * from forums_posts where thread_id=' . $id . ' and moderated = 1 order by created_date');
foreach ($posts as $post) {
$user = User::getInstance($post['author_id']);
if ($user) {
$user_name = $user->get('name');
$user_id = $post['author_id'];
$user_email = $user->get('email');
} else {
$user_name = 'unknown';
$user_id = 0;
$user_email = '';
}
$c .= '<tr p-data=\'({"id":' . $post['id'] . ',"cdate":"' . $post['created_date'] . '"' . ',"uid":' . $post['author_id'] . '})\'>' . '<td class="user-details"><a name="forum-c-' . $post['id'] . '"></a>' . htmlspecialchars($user_name) . '</td>' . '<td><div class="post-header">Posted: ' . Core_dateM2H($post['created_date'], 'datetime') . '</div></td></tr>';
$count_posts = $user_id ? dbOne('select count(id) from forums_posts where author_id=' . $user->get('id'), 'count(id)') : 0;
$emailHash = md5(trim(strtolower($user_email)));
$c .= '<tr><td><img class="avatar" data-uid="' . $user_id . '" />' . '<span>Posts: ' . $count_posts . '</span>' . '<p>Helpfulness:' . '<span class="ratings" id="forum_user_' . $user_email . '"' . ' type="forum_user">rating</span></p>';
$c .= '</td><td class="post">' . bb2html($post['body']) . '</td></tr>';
}
$c .= '</table>';
// { post form
if (isset($_SESSION['userdata']) && $_SESSION['userdata']['id']) {
$c .= '<div id="forum-post-submission-form"><script defer="defer">var forum_id=' . $forum_id . ',forum_thread_id=' . $id . ';</script></div>';
WW_addScript('//cdn.ckeditor.com/4.4.3/standard/ckeditor.js');
WW_addScript('//cdn.ckeditor.com/4.4.3/standard/adapters/jquery.js');
WW_addScript('forum/frontend/forum.js');
} else {
$c .= '<div class="forum-not-logged-in">In order to post to this thread,' . ' you must <a href="/_r?type=loginpage">login' . '</a> first.</div>';
}
// }
return $c;
}
function getTargetContent()
{
// gibt den content für die aktuelle ID zurück
global $db;
if ($this->go == "new_content") {
return $this->getNewContentForm();
} elseif ($this->go == "edit_content") {
return $this->getEditContentForm();
} else {
$info_ID = $this->info_id[content];
$lang_ID = $this->lang_id;
$result_target = $db->sql("SELECT languageinfo_id FROM content WHERE content_id='{$this->content_id}'");
$row_target = mysql_fetch_row($result_target);
$result_content = $db->sql("SELECT value FROM languageinfo WHERE languageinfo_id = '{$row_target['0']}' AND language_id = '{$lang_ID}' AND info_id = '{$info_ID}'");
$row_content = mysql_fetch_row($result_content);
return bb2html($row_content[0]);
}
}
$map_modul_org = "./../" . $module[0] . "/" . $module[1];
$land_link = "<a href=\"{$map_modul_org}?x={$i['x']}&y={$i['y']}\">" . $i[name] . " " . $members_koords . " ({$i['x']}:{$i['y']})</a>";
$ibit .= $land_link . " {$i['points']} " . $members_points . "<br>";
}
$userallianzname = generate_allilink($row['allianzid']);
if ($row['lastactive'] > time() - 3600) {
$online = "<span class=\"green\">" . $profile_on . "</span>";
} else {
$online = "<span class=\"red\">" . $profile_off . "</span>";
}
if (trim($row['userpic']) == "") {
$upic = "./images/no_user_pic.jpg";
} else {
$upic = $row['userpic'];
}
$description = bb2html($row['description']);
$message_link = generate_messagelink($row['username'], 1);
$tpl->assign('description', $row['description']);
$tpl->assign('message_link', $message_link);
$tpl->assign('username', $row['username']);
$tpl->assign('rasse', $userrasse['rassenname']);
$tpl->assign('userallianzname', $userallianzname);
$tpl->assign('points', $row['points']);
$tpl->assign('ibit', $ibit);
$tpl->assign('online', $online);
$tpl->assign('description', $description);
$tpl->assign('upic', $upic);
template_out('members_profile.html', $modul_name);
}
if ($action == "race_choose") {
$new_found_inhalt = array();
