function search() { global $lang_global, $output, $itemperpage, $item_datasite, $mangos_db, $characters_db, $realm_id, $sql_search_limit; wowhead_tt(); if (!isset($_GET['search_value']) || !isset($_GET['search_by'])) { redirect("mail_on.php?error=2"); } $sql = new SQL(); $sql->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']); $search_value = $sql->quote_smart($_GET['search_value']); $search_by = $sql->quote_smart($_GET['search_by']); $search_menu = array('sender', 'receiver'); // if (!array_key_exists($search_by, $search_menu)) $search_by = 'sender'; $start = isset($_GET['start']) ? $sql->quote_smart($_GET['start']) : 0; $order_by = isset($_GET['order_by']) ? $sql->quote_smart($_GET['order_by']) : "id"; $dir = isset($_GET['dir']) ? $sql->quote_smart($_GET['dir']) : 1; $order_dir = $dir ? "ASC" : "DESC"; $dir = $dir ? 0 : 1; $temp = $sql->query("SELECT guid FROM `characters` WHERE name like '%{$search_value}%'"); $search_value = $sql->result($temp, 0, 'guid'); $query_1 = $sql->query("SELECT count(*) FROM `mail`"); $query = $sql->query("SELECT a.id, a.messageType, a.sender, a.receiver, a.subject, a.itemTextId, a.has_items, a.money, a.cod, a.checked, b.item_template\r\n FROM mail a\r\n INNER JOIN mail_items b ON a.id = b.mail_id\r\n WHERE {$search_by} = {$search_value}\r\n ORDER BY {$order_by} {$order_dir} LIMIT {$start}, {$itemperpage}"); $this_page = $sql->num_rows($query); $all_record = $sql->result($query_1, 0); $total_found = $sql->num_rows($query); //==========================top page navigation starts here======================== $output .= "<center><table class=\"top_hidden\">\r\n <tr><td>\r\n <table class=\"hidden\">\r\n <tr><td>\r\n <form action=\"mail_on.php\" method=\"get\" name=\"form\">\r\n <input type=\"hidden\" name=\"action\" value=\"search\" />\r\n <input type=\"hidden\" name=\"error\" value=\"4\" />\r\n <input type=\"text\" size=\"45\" name=\"search_value\" />\r\n <select name=\"search_by\">\r\n <option value=\"sender\">Sender</option>\r\n <option value=\"receiver\">Receiver</option>\r\n </select></form></td><td>"; makebutton($lang_global['search'], "javascript:do_submit()", 80); $output .= "</td></tr></table>\r\n <td align=\"right\">"; $output .= generate_pagination("mail_on.php?action=search&order_by={$order_by}&dir=" . !$dir, $all_record, $itemperpage, $start); $output .= "</td></tr></table>"; //==========================top page navigation ENDS here ======================== $output .= "<table class=\"lined\">\r\n <tr>\r\n <th width=\"5%\">ID</th>\r\n <th width=\"5%\">Source</th>\r\n <th width=\"10%\">Sender</th>\r\n <th width=\"10%\">Receiver</th>\r\n <th width=\"15%\">Subject</th>\r\n <th width=\"5%\">Has Items</th>\r\n <th width=\"25%\">Text</th>\r\n <th width=\"15%\">Money</th>\r\n <th width=\"5%\">Checked</th>\r\n </tr>"; while ($mail = $sql->fetch_array($query)) { $g = floor($mail[7] / 10000); $mail[7] -= $g * 10000; $s = floor($mail[7] / 100); $mail[7] -= $s * 100; $c = $mail[7]; $money = ""; if ($mail[7] > 0) { $money = $g . "<img src=\"./img/gold.gif\" /> " . $s . "<img src=\"./img/silver.gif\" /> " . $c . "<img src=\"./img/copper.gif\" /> "; } $output .= "<tr valign=top>\r\n <td>{$mail['0']}</td>\r\n <td>" . get_mail_source($mail[1]) . "</td>\r\n <td><a href=\"char.php?id={$mail['2']}\">" . get_char_name($mail[2]) . "</a></td>\r\n <td><a href=\"char.php?id={$mail['3']}\">" . get_char_name($mail[3]) . "</a></td>\r\n <td>{$mail['4']}</td>\r\n "; $output .= "<td>"; $output .= "\r\n <a style=\"padding:2px;\" href=\"{$item_datasite}{$mail[10]}\" target=\"_blank\">\r\n <img class=\"bag_icon\" src=\"" . get_item_icon($mail[10]) . "\" alt=\"\" />\r\n </a>"; //maketooltip("<img src=\"./img/up.gif\" alt=\"\">", $item_datasite{$mail[10]}, $mail[10], "item_tooltip", "target=\"_blank\""); $output .= "</td>"; $output .= "<td>" . get_mail_text($mail[5]) . "</td>\r\n <td>{$money}</td>\r\n <td>" . get_check_state($mail[9]) . "</td>\r\n </tr>"; } /*--------------------------------------------------*/ $output .= "<tr><td colspan=\"6\" class=\"hidden\" align=\"right\">All Mails: {$all_record}</td></tr>\r\n </table></center>"; $sql->close(); }
function char_achievements(&$sqlr, &$sqlc) { global $output, $lang_global, $lang_char, $realm_id, $characters_db, $mmfpm_db, $action_permission, $user_lvl, $user_name, $achievement_datasite; // this page uses wowhead tooltops wowhead_tt(); //==========================$_GET and SECURE================================= // id and multi realm security to prevent sql injection require_once './include/char/include/char_multi_realm_security.php'; $show_type = isset($_POST['show_type']) ? $sqlc->quote_smart($_POST['show_type']) : 0; if (is_numeric($show_type)) { } else { $show_type = 0; } //==========================$_GET and SECURE end============================= // getting character data from database $result = $sqlc->query(' SELECT account, name, race, class, level, gender FROM characters WHERE guid = ' . $id . ' LIMIT 1'); // no point going further if character does not exist if ($sqlc->num_rows($result)) { $char = $sqlc->fetch_assoc($result); // we get user permissions first $owner_acc_id = $sqlc->result($result, 0, 'account'); $result = $sqlr->query(' SELECT gmlevel, username FROM account WHERE id = ' . $char['account'] . ''); $owner_gmlvl = $sqlr->result($result, 0, 'gmlevel'); $owner_name = $sqlr->result($result, 0, 'username'); // check user permission if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) { // character sub header $output .= ' <center> <div id="tab_content"> <h1>' . $lang_char['achievements'] . '</h1> <br />'; // character menu tab require_once './include/char/include/char_header.php'; // character info require_once './include/char/include/char_info.php'; //---------------Page Specific Data Starts Here-------------------------- $output .= ' <script type="text/javascript"> function expand(thistag) { var i = 0; %%REPLACE%% if (thistag == \'tsummary\') { document.getElementById(\'tsummary\').style.display="table"; document.getElementById(\'divsummary\').innerHTML = \'[-] ' . $lang_char['summary'] . '\' ; for(x in main_cats) { if(document.getElementById(main_cats[x]).style.display=="table") { document.getElementById(main_cats[x]).style.display="none"; document.getElementById(main_cats_achieve[x]).style.display="none"; document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x]; } } for(x in main_sub_cats) { if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table") { document.getElementById(main_sub_cats_achieve[x]).style.display="none"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x]; } } } else { if (document.getElementById(\'tsummary\').style.display="table") { document.getElementById(\'tsummary\').style.display="none"; document.getElementById(\'divsummary\').innerHTML = \'[+] ' . $lang_char['summary'] . '\' ; } for(x in main_cats) { if (main_cats[x] == thistag) { i = 1; } } if (i == 1) { for(x in main_cats) { if (main_cats[x] == thistag) { if(document.getElementById(main_cats[x]).style.display=="table") { document.getElementById(main_cats[x]).style.display="none"; document.getElementById(main_cats_achieve[x]).style.display="none"; document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x]; document.getElementById(\'tsummary\').style.display="table"; document.getElementById(\'divsummary\').innerHTML = \'[-] ' . $lang_char['summary'] . '\' ; } else { document.getElementById(main_cats[x]).style.display="table"; document.getElementById(main_cats_achieve[x]).style.display="table"; document.getElementById(main_cats_div[x]).innerHTML = \'[-] \' + main_cats_name[x]; } } else { if(document.getElementById(main_cats[x]).style.display=="table") { document.getElementById(main_cats[x]).style.display="none"; document.getElementById(main_cats_achieve[x]).style.display="none"; document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x]; } } } for(x in main_sub_cats) { if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table") { document.getElementById(main_sub_cats_achieve[x]).style.display="none"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x]; } } } else if (i == 0) { for(x in main_sub_cats) { if (main_sub_cats[x] == thistag) { if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table") { document.getElementById(main_sub_cats_achieve[x]).style.display="none"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x]; } else { document.getElementById(main_sub_cats_achieve[x]).style.display="table"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[-] \' + main_sub_cats_name[x]; } } else { if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table") { document.getElementById(main_sub_cats_achieve[x]).style.display="none"; document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x]; } } } for(x in main_cats) { if(document.getElementById(main_cats_achieve[x]).style.display=="table") { document.getElementById(main_cats_achieve[x]).style.display="none"; } } } } } </script>'; $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); $output .= ' <div id="tab_content2"> <table class="top_hidden" style="width: 90%;"> <tr> <td width="30%"> </td> %%REPLACE_POINTS%% <td align="right"> <form action="char_achieve.php?id=' . $id . '&realm=' . $realmid . '" method="post" name="form"> ' . $lang_char['show'] . ' : <select name="show_type"> <option value="1"'; if (1 == $show_type) { $output .= ' selected="selected"'; } $output .= ' >' . $lang_char['all'] . ' </option> <option value="0"'; if (0 == $show_type) { $output .= ' selected="selected"'; } $output .= ' >' . $lang_char['earned'] . ' </option> <option value="2"'; if (2 == $show_type) { $output .= ' selected="selected"'; } $output .= ' >' . $lang_char['incomplete'] . ' </option> </select> </form> </td> <td align="right">'; makebutton('View', 'javascript:do_submit()', 130); $output .= ' </td> </tr> </table> <table class="lined" style="width: 90%;"> <tr valign="top"> <td width="30%"> <table class="hidden" style="width: 100%"> <tr> <th align="left"> <div id="divsummary" onclick="expand(\'tsummary\')">[-] ' . $lang_char['summary'] . '</div> </th> </tr> <tr> <td> </td> </tr>'; $result = $sqlc->query(' SELECT achievement, date FROM character_achievement WHERE guid = ' . $id . ''); $char_achieve = array(); while ($temp = $sqlc->fetch_assoc($result)) { $char_achieve[$temp['achievement']] = $temp['date']; } $result = $sqlc->query(' SELECT achievement, date FROM character_achievement WHERE guid = \'' . $id . '\' ORDER BY date DESC LIMIT 4'); $points = 0; $main_cats = achieve_get_main_category($sqlm); $sub_cats = achieve_get_sub_category($sqlm); $output_achieve_main_cat = array(); $output_u_achieve_main_cat = array(); $output_achieve_sub_cat = array(); $output_u_achieve_sub_cat = array(); $js_main_cats = ' var main_cats = new Array(); var main_cats_div = new Array(); var main_cats_name = new Array(); var main_cats_achieve = new Array(); var main_sub_cats = new Array(); var main_sub_cats_div = new Array(); var main_sub_cats_name = new Array(); var main_sub_cats_achieve = new Array();'; foreach ($main_cats as $cat_id => $cat) { if (isset($cat['name01'])) { $i = 0; $output_achieve_main_cat[$cat_id] = ''; $output_u_achieve_main_cat[$cat_id] = ''; $achieve_main_cat = achieve_get_id_category($cat['id'], $sqlm); foreach ($achieve_main_cat as $achieve_id => $cid) { if (isset($achieve_id) && isset($cid['id'])) { if (isset($char_achieve[$cid['id']])) { if (2 > $show_type) { $cid['name01'] = str_replace('&', '&', $cid['name01']); $cid['description01'] = str_replace('&', '&', $cid['description01']); $cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']); $output_achieve_main_cat[$cat_id] .= ' <tr> <td width="1%" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank"> <img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" /> </a> </td> <td colspan="2" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br /> ' . $cid['description01'] . '<br /> ' . $cid['rewarddesc01'] . ' </td> <td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td> <td width="15%" align="right">' . date('o-m-d', $char_achieve[$cid['id']]) . '</td> </tr>'; ++$i; } $points += $cid['rewpoints']; } elseif ($show_type && isset($achieve_id)) { $cid['name01'] = str_replace('&', '&', $cid['name01']); $cid['description01'] = str_replace('&', '&', $cid['description01']); $cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']); $output_u_achieve_main_cat[$cat_id] .= ' <tr> <td width="1%" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank"> <span style="opacity:0.2;"> <img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" /> </span> </a> </td> <td colspan="2" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br /> ' . $cid['description01'] . '<br /> ' . $cid['rewarddesc01'] . ' </td> <td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td> <td width="15%" align="right">' . $lang_char['incomplete'] . '</td> </tr>'; ++$i; } } } unset($achieve_main_cat); $output_achieve_main_cat[$cat_id] = ' <table class="hidden" id="ta' . $cat_id . '" style="width: 100%; display: none;"> <tr> <th colspan="3" align="left">' . $lang_char['achievement_title'] . '</th> <th width="5%">' . $lang_char['achievement_points'] . '</th> <th width="15%">' . $lang_char['achievement_date'] . '</th> </tr>' . $output_achieve_main_cat[$cat_id] . $output_u_achieve_main_cat[$cat_id] . ' </table>'; unset($output_u_achieve_main_cat); $js_main_cats .= ' main_cats_achieve[' . $cat_id . '] = "ta' . $cat_id . '";'; $output_sub_cat = ''; $total_sub_cat = 0; if (isset($sub_cats[$cat['id']])) { $main_sub_cats = $sub_cats[$cat['id']]; foreach ($main_sub_cats as $sub_cat_id => $sub_cat) { if (isset($sub_cat)) { $j = 0; $output_achieve_sub_cat[$sub_cat_id] = ''; $output_u_achieve_sub_cat[$sub_cat_id] = ''; $achieve_sub_cat = achieve_get_id_category($sub_cat_id, $sqlm); foreach ($achieve_sub_cat as $achieve_id => $cid) { if (isset($achieve_id) && isset($cid['id'])) { if (isset($char_achieve[$cid['id']])) { if (2 > $show_type) { $cid['name01'] = str_replace('&', '&', $cid['name01']); $cid['description01'] = str_replace('&', '&', $cid['description01']); $cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']); $output_achieve_sub_cat[$sub_cat_id] .= ' <tr> <td width="1%" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank"> <img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" /> </a> </td> <td colspan="2" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br /> ' . $cid['description01'] . '<br /> ' . $cid['rewarddesc01'] . ' </td> <td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td> <td width="15%" align="right">' . date('o-m-d', $char_achieve[$cid['id']]) . '</td> </tr>'; ++$j; } $points += $cid['rewpoints']; } elseif ($show_type && isset($achieve_id)) { $cid['name01'] = str_replace('&', '&', $cid['name01']); $cid['description01'] = str_replace('&', '&', $cid['description01']); $cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']); $output_u_achieve_sub_cat[$sub_cat_id] .= ' <tr> <td width="1%" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank"> <span style="opacity:0.2;"> <img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" /> </span> </a> </td> <td colspan="2" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br /> ' . $cid['description01'] . '<br /> ' . $cid['rewarddesc01'] . ' </td> <td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td> <td width="15%" align="right">' . $lang_char['incomplete'] . '</td> </tr>'; ++$j; } } } unset($achieve_sub_cat); $total_sub_cat = $total_sub_cat + $j; if ($j) { $sub_cat['name01'] = str_replace('&', '&', $sub_cat['name01']); $output_sub_cat .= ' <tr> <th align="left"> <div id="divs' . $sub_cat_id . '" onclick="expand(\'tsa' . $sub_cat_id . '\');">[+] ' . $sub_cat . ' (' . $j . ')</div> </th> </tr>'; $js_main_cats .= ' main_sub_cats[' . $sub_cat_id . '] = "tsa' . $sub_cat_id . '"; main_sub_cats_div[' . $sub_cat_id . '] = "divs' . $sub_cat_id . '"; main_sub_cats_name[' . $sub_cat_id . '] = "' . $sub_cat . ' (' . $j . ')";'; $output_achieve_sub_cat[$sub_cat_id] = ' <table class="hidden" id="tsa' . $sub_cat_id . '" style="width: 100%; display: none;"> <tr> <th colspan="3" align="left">' . $lang_char['achievement_title'] . '</th> <th width="5%">' . $lang_char['achievement_points'] . '</th> <th width="15%">' . $lang_char['achievement_date'] . '</th> </tr>' . $output_achieve_sub_cat[$sub_cat_id] . $output_u_achieve_sub_cat[$sub_cat_id] . ' </table>'; unset($output_u_achieve_sub_cat); $js_main_cats .= ' main_sub_cats_achieve[' . $sub_cat_id . '] = "tsa' . $sub_cat_id . '";'; } } } unset($main_sub_cats); } if ($total_sub_cat || $i) { $cat['name01'] = str_replace('&', '&', $cat['name01']); $output .= ' <tr> <th align="left"> <div id="div' . $cat_id . '" onclick="expand(\'t' . $cat_id . '\');">[+] ' . $cat['name01'] . ' (' . ($i + $total_sub_cat) . ')</div> </th> </tr> <tr> <td> <table class="hidden" id="t' . $cat_id . '" style="width: 100%; display: none;">' . $output_sub_cat . ' </table> </td> </tr>'; $js_main_cats .= ' main_cats[' . $cat_id . '] = "t' . $cat_id . '"; main_cats_div[' . $cat_id . '] = "div' . $cat_id . '"; main_cats_name[' . $cat_id . '] = "' . $cat['name01'] . ' (' . ($i + $total_sub_cat) . ')";'; } unset($output_sub_cat); } } unset($sub_cats); unset($main_cats); unset($char_achieve); $output = str_replace('%%REPLACE%%', $js_main_cats, $output); unset($js_main_cats); $output = str_replace('%%REPLACE_POINTS%%', ' <td align="right"> ' . $lang_char['achievements'] . ' ' . $lang_char['achievement_points'] . ': ' . $points . ' </td>', $output); unset($point); $output .= ' </table> </td> <td>'; foreach ($output_achieve_main_cat as $temp) { $output .= $temp; } foreach ($output_achieve_sub_cat as $temp) { $output .= $temp; } unset($temp); unset($output_achieve_main_cat); unset($output_achieve_sub_cat); $output .= ' <table class="hidden" id="tsummary" style="width: 100%; display: table;"> <tr> <th colspan="5"> ' . $lang_char['recent'] . ' ' . $lang_char['achievements'] . ' </th> </tr> <tr> <th colspan="3" align="left">' . $lang_char['achievement_title'] . '</th> <th width="5%">' . $lang_char['achievement_points'] . '</th> <th width="15%">' . $lang_char['achievement_date'] . '</th> </tr>'; while ($temp = $sqlc->fetch_assoc($result)) { $cid = achieve_get_details($temp['achievement'], $sqlm); $cid['name01'] = str_replace('&', '&', $cid['name01']); $cid['description01'] = str_replace('&', '&', $cid['description01']); $cid['rewarddesc01'] = str_replace('&', '&', $cid['rewarddesc01']); $output .= ' <tr> <td width="1%" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank"> <img src="' . achieve_get_icon($cid['id'], $sqlm) . '" width="36" height="36" class="icon_border_0" alt="" /> </a> </td> <td colspan="2" align="left"> <a href="' . $achievement_datasite . $cid['id'] . '" target="_blank">' . $cid['name01'] . '</a><br /> ' . $cid['description01'] . '<br /> ' . $cid['rewarddesc01'] . ' </td> <td width="5%" align="right">' . $cid['rewpoints'] . ' <img src="img/money_achievement.gif" alt="" /></td> <td width="15%" align="right">' . date('o-m-d', $temp['date']) . '</td> </tr>'; } unset($cid); unset($temp); unset($result); $output .= ' </table> </td> </tr> </table> </div> <br />'; //---------------Page Specific Data Ends here---------------------------- // character sub footer require_once './include/char/include/char_ footer.php'; $output .= ' <br /> </center>'; } else { error($lang_char['no_permission']); } } else { error($lang_char['no_char_found']); } }
function edit_motd(&$sqlm) { global $output, $lang_motd, $lang_global, $realm_id, $mmfpm_db, $action_permission; // minimum permission to view page valid_login($action_permission['update']); $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); if (empty($_GET['id'])) { redirect('motd.php?error=1'); } $id = $sqlm->quote_smart($_GET['id']); if (is_numeric($id)) { } else { redirect('motd.php?error=1'); } $msg = $sqlm->result($sqlm->query(' SELECT content FROM mm_motd WHERE id = ' . $id . ''), 0); $output .= ' <center> <form action="motd.php?action=do_edit_motd" method="post" name="form"> <input type="hidden" name="id" value="' . $id . '" /> <table class="top_hidden"> <tr> <td colspan="3">'; unset($id); bbcode_add_editor(); $output .= ' </td> </tr> <tr> <td colspan="3"> <textarea id="msg" name="msg" rows="26" cols="97">' . $msg . '</textarea> </td> </tr> <tr> <td>' . $lang_motd['post_rules'] . '</td> <td>'; unset($msg); makebutton($lang_motd['post_motd'], 'javascript:do_submit()" type="wrn', 230); $output .= ' </td> <td>'; makebutton($lang_global['back'], 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> </form> <br /> </center>'; }
<!-- start of error.php --> <div class="center_text"> <br /> <table id="error_message_table" class="flat center"> <tr> <td align="center"> <h1> <span class="error"> <img src="img/warn_red.gif" width="48" height="48" alt="error" /> <br />' . lang("error", "error") . '! </span> </h1> <br />' . htmlspecialchars($err) . '<br /> </td> </tr> </table> <br /> <table id="error_buttons" class="hidden center"> <tr> <td align="center">'; makebutton(lang("global", "home"), 'index.php', 130); makebutton(lang("global", "back"), 'javascript:window.history.back()', 130); unset($err); $output .= ' </td> </tr> </table> <br /> </div> <!-- end of error.php -->'; require_once "footer.php";
function del_guild() { global $lang_guild, $lang_global, $output, $characters_db, $realm_id, $realm_db, $action_permission, $user_lvl, $user_id; $sqlr = new SQL(); $sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); if (empty($_GET['realm'])) { $realmid = $realm_id; } else { $realmid = $sqlr->quote_smart($_GET['realm']); if (!is_numeric($realmid)) { $realmid = $realm_id; } } if (isset($_GET['id'])) { $id = $_GET['id']; } else { redirect("guild.php?error=1&realm={$realmid}"); } if (is_numeric($id)) { } else { redirect("guild.php?error=5&realm={$realmid}"); } $sqlc = new SQL(); $sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']); $q_amIguildleader = $sqlc->query("select 1 from guild where guildid = '{$id}' and leaderguid in (select guid from characters where account = '{$user_id}')"); $amIguildleader = $sqlc->result($q_amIguildleader, 0, '1'); if ($user_lvl < $action_permission['delete'] && !$amIguildleader) { redirect("guild.php?error=6&realm={$realmid}"); } $output .= "\r\n <center>\r\n <h1><font class=\"error\">{$lang_global['are_you_sure']}</font></h1>\r\n <br />\r\n <font class=\"bold\">{$lang_guild['guild_id']}: {$id} {$lang_global['will_be_erased']}</font>\r\n <br /><br />\r\n <form action=\"cleanup.php?action=docleanup\" method=\"post\" name=\"form\">\r\n <input type=\"hidden\" name=\"type\" value=\"guild\" />\r\n <input type=\"hidden\" name=\"check\" value=\"-{$id}\" />\r\n <input type=\"hidden\" name=\"override\" value=\"1\" />\r\n <table class=\"hidden\">\r\n <tr>\r\n <td>"; makebutton($lang_global['yes'], "javascript:do_submit()\" type=\"wrn", 130); $output .= "\r\n </td>\r\n <td>"; makebutton($lang_global['no'], "guild.php?action=view_guild&realm={$realmid}&id={$id}\" type=\"def", 130); $output .= ' </td> </tr> </table> </form> </center> <br />'; }
function edit_ticket() { global $output, $characters_db, $realm_id, $action_permission, $site_encoding, $sql, $core; valid_login($action_permission["update"]); if (!isset($_GET["id"])) { redirect("Location: ticket.php?error=1"); } $id = $sql["char"]->quote_smart($_GET["id"]); if (!is_numeric($id)) { redirect("ticket.php?error=1"); } if ($core == 1) { $query = $sql["char"]->query("SELECT gm_tickets.ticketid AS guid, gm_tickets.playerGuid AS player,\r\n gm_tickets.message AS message,\r\n `characters`.name AS opener,\r\n gm_tickets.deleted AS status, gm_tickets.timestamp AS timestamp\r\n FROM gm_tickets\r\n LEFT JOIN `characters` ON gm_tickets.playerGuid=`characters`.`guid`\r\n WHERE ticketid='" . $id . "'"); } elseif ($core == 2) { $query = $sql["char"]->query("SELECT character_ticket.ticket_id AS guid, character_ticket.guid AS player,\r\n character_ticket.ticket_text AS message,\r\n op.name AS opener,\r\n UNIX_TIMESTAMP(character_ticket.ticket_lastchange) AS timestamp\r\n FROM character_ticket\r\n LEFT JOIN `characters` AS op ON character_ticket.guid=op.`guid`\r\n WHERE character_ticket.ticket_id='" . $id . "'"); } else { $query = $sql["char"]->query("SELECT gm_tickets.guid AS guid, gm_tickets.guid AS player,\r\n gm_tickets.message AS message,\r\n op.name AS opener, gm.name AS closer,\r\n gm_tickets.closedBy AS status, lastModifiedTime AS timestamp\r\n FROM gm_tickets\r\n LEFT JOIN `characters` AS op ON gm_tickets.guid=op.`guid`\r\n LEFT JOIN `characters` AS gm ON gm_tickets.closedBy=gm.`guid`\r\n WHERE gm_tickets.guid='" . $id . "'"); } if ($ticket = $sql["char"]->fetch_assoc($query)) { $output .= ' <div id="ticket_edit_field" class="fieldset_border center"> <span class="legend">' . lang("ticket", "edit_reply") . '</span> <form method="post" action="ticket.php?action=do_edit_ticket" id="form"> <div> <input type="hidden" name="id" value="' . $id . '" /> </div> <table class="flat"> <tr> <td>' . lang("ticket", "id") . '</td> <td>' . $id . '</td> </tr> <tr> <td>' . lang("ticket", "submitted_by") . ':</td> <td> <a href="char.php?id=' . $ticket["player"] . '">' . htmlentities($ticket["opener"], ENT_COMPAT, $site_encoding) . '</a> </td> </tr> <tr> <td>' . lang("ticket", "date") . ':</td> <td>' . date('G:i:s m-d-Y', $ticket["timestamp"]) . '</td> </tr> <tr> <td valign="top">' . lang("ticket", "message") . '</td> <td> <textarea name="new_text" rows="5" cols="40">' . htmlentities($ticket["message"], ENT_COMPAT, $site_encoding) . '</textarea> </td> </tr>'; if ($core == 3) { $output .= ' <tr> <td>' . lang("ticket", "closedby") . ':</td> <td>' . ($ticket["status"] != 0 ? '<a href="char.php?id=' . $ticket["status"] . '">' . htmlentities($ticket["closer"], ENT_COMPAT, $site_encoding) . '</a>' : '') . '</td> </tr>'; } $output .= ' <tr> <td>'; makebutton(lang("ticket", "update"), "javascript:do_submit()\" type=\"wrn", 140); $output .= ' </td> <td>'; // MaNGOS just deletes a ticket to close it // so we don't need this button if ($core == 2) { $output .= ' '; } else { if (!$ticket["status"]) { makebutton(lang("ticket", "abandon" . ($core == 1 ? "A" : "MT")), 'ticket.php?action=do_mark_ticket&id=' . $id . '" type="wrn', 230); } else { makebutton(lang("ticket", "abandon" . ($core == 1 ? "A" : "MT")), 'ticket.php', 230); } } $output .= ' </td> </tr> <tr> <td>'; makebutton(lang("ticket", "send_ingame_mail"), "mail.php?type=ingame_mail&to=" . $ticket["opener"], 140); $output .= ' </td> <td>'; makebutton(lang("global", "back"), "javascript:window.history.back()\" type=\"def", 130); $output .= ' </td> </tr> </table> </form> <br /> <br /> </div>'; } else { error(lang("global", "err_no_records_found")); } }
function stats($action) { global $output, $realm_id, $logon_db, $server, $theme, $sql, $core; $race = array(1 => array(1, "human", "", ""), 2 => array(2, "orc", "", ""), 3 => array(3, "dwarf", "", ""), 4 => array(4, "nightelf", "", ""), 5 => array(5, "undead", "", ""), 6 => array(6, "tauren", "", ""), 7 => array(7, "gnome", "", ""), 8 => array(8, "troll", "", ""), 10 => array(10, "bloodelf", "", ""), 11 => array(11, "draenei", "", "")); $class = array(1 => array(1, "warrior", "", ""), 2 => array(2, "paladin", "", ""), 3 => array(3, "hunter", "", ""), 4 => array(4, "rogue", "", ""), 5 => array(5, "priest", "", ""), 6 => array(6, "death_knight", "", ""), 7 => array(7, "shaman", "", ""), 8 => array(8, "mage", "", ""), 9 => array(9, "warlock", "", ""), 11 => array(11, "druid", "", "")); $level = array(1 => array(1, 1, 9, "", ""), 2 => array(2, 10, 19, "", ""), 3 => array(3, 20, 29, "", ""), 4 => array(4, 30, 39, "", ""), 5 => array(5, 40, 49, "", ""), 6 => array(6, 50, 59, "", ""), 7 => array(7, 60, 69, "", ""), 8 => array(8, 70, 79, "", ""), 9 => array(9, 80, 80, "", "")); function format_uptime($seconds) { $secs = intval($seconds % 60); $mins = intval($seconds / 60 % 60); $hours = intval($seconds / 3600 % 24); $days = intval($seconds / 86400); $uptimeString = ""; if ($days) { $uptimeString .= $days; $uptimeString .= $days === 1 ? " day" : " days"; } if ($hours) { $uptimeString .= ($days > 0 ? ", " : "") . $hours; $uptimeString .= $hours === 1 ? " hour" : " hours"; } if ($mins) { $uptimeString .= ($days > 0 || $hours > 0 ? ", " : "") . $mins; $uptimeString .= $mins === 1 ? " minute" : " minutes"; } if ($secs) { $uptimeString .= ($days > 0 || $hours > 0 || $mins > 0 ? ", " : "") . $secs; $uptimeString .= $secs === 1 ? " second" : " seconds"; } return $uptimeString; } $total_chars = $sql["char"]->result($sql["char"]->query("SELECT COUNT(*) FROM characters" . ($action ? " WHERE online=1" : "")), 0); if ($core == 1) { $stats = get_uptime($server[$realm_id]["stats.xml"]); $stat_uptime = explode(' ', $stats["uptime"]); } else { $up_query = "SELECT * FROM uptime WHERE realmid='" . $realm_id . "' ORDER BY starttime DESC LIMIT 1"; $up_results = $sql["logon"]->query($up_query); $uptime = $sql["logon"]->fetch_assoc($up_results); $stats["uptime"] = time() - $uptime["starttime"]; $stats["uptime"] = " " . format_uptime($stats["uptime"]); $stat_uptime = explode(" ", $stats["uptime"]); $stats["peak"] = $uptime["maxplayers"]; } $output .= ' <div class="tab"> <ul> <li' . ($action ? '' : ' class="selected"') . '> <a href="stat.php">' . lang("stat", "srv_statistics") . '</a> </li> <li' . ($action ? ' class="selected"' : '') . '> <a href="stat.php?action=true">' . lang("stat", "on_statistics") . '</a> </li> </ul> </div> <div class="tab_content center"> <div class="top"><h1>' . ($action ? lang("stat", "on_statistics") : lang("stat", "srv_statistics")) . '</h1></div> <table class="hidden"> <tr> <td align="left"> <h1>' . lang("stat", "general_info") . '</h1> </td> </tr> <tr align="left"> <td class="large">'; if ($action) { $output .= ' <font class="bold">' . lang("index", "tot_users_online") . ' : ' . $total_chars . '</font><br /><br />'; } else { if ($core == 1) { $query = $sql["logon"]->query("SELECT COUNT(*) FROM accounts UNION SELECT COUNT(*) FROM accounts WHERE gm<>'0'"); } elseif ($core == 2) { $query = $sql["logon"]->query("SELECT COUNT(*) FROM account UNION SELECT COUNT(*) FROM account WHERE gmlevel<>'0'"); } else { $query = $sql["logon"]->query("SELECT COUNT(*) FROM account UNION SELECT COUNT(*) FROM account_access WHERE gmlevel<>'0'"); } $total_acc = $sql["logon"]->result($query, 0); $total_gms = $sql["logon"]->result($query, 1); unset($query); $data = date("Y-m-d H:i:s"); $data_1 = mktime(date("H"), date("i"), date("s"), date("m"), date("d") - 1, date("Y")); $data_1 = date("Y-m-d H:i:s", $data_1); if ($core == 1) { $uni_query = "SELECT DISTINCT COUNT(lastip) FROM accounts WHERE lastlogin>'" . $data_1 . "' AND lastlogin<'" . $data . "'"; } else { $uni_query = "SELECT DISTINCT COUNT(last_ip) FROM account WHERE last_login>'" . $data_1 . "' AND last_login<'" . $data . "'"; } $uniqueIPs = $sql["logon"]->result($sql["logon"]->query($uni_query), 0); unset($data_1); unset($data); //$max_ever = $sql["mgr"]->result($sql["mgr"]->query('SELECT peakcount FROM uptime WHERE realmid = '.$realm_id.' ORDER BY peakcount DESC LIMIT 1'), 0); $max_restart = $stats["peak"]; // Mangos uptime table doesn't have an uptime field. O_o //$uptime = $sqlr->fetch_row($sqlr->query('SELECT AVG(uptime)/60, MAX(uptime)/60, ( 100*SUM(uptime)/( UNIX_TIMESTAMP()-MIN(starttime) ) ) FROM uptime WHERE realmid = '.$realm_id.'')); $output .= ' <table> <tr valign="top"> <td align="left"> <span>' . lang("stat", "max_uptime") . ':</span> <br /> <br /> <span>' . lang("stat", "tot_accounts") . ':</span> <br /> <span>' . lang("stat", "tot_chars_on_realm") . ':</span> <br /> </td> <td align="right"> <span>' . $stat_uptime[4] . 'd ' . $stat_uptime[6] . 'h ' . $stat_uptime[8] . 'm</span> <br /> <br /> <span>' . $total_acc . '</span> <br /> <span>' . $total_chars . '</span> <br /> </td> <td> </td> <td align="left"> <span>' . lang("stat", "unique_ip") . ':</span> <br /> <br /> <span>' . lang("stat", "max_players") . ' </span> <br /> <span>' . lang("stat", "max_restart") . ' :</span> <br /> </td> <td align="right"> <span>' . $uniqueIPs . '</span> <br /> <br /> <br /> <span>' . $max_restart . '</span> <br /> </td> </tr> <tr align="left"> <td colspan="2"> <span>' . lang("stat", "average_of") . ' ' . round($total_chars / $total_acc, 1) . ' ' . lang("stat", "chars_per_acc") . '</span> <br /> <span>' . lang("stat", "total_of") . ' ' . $total_gms . ' ' . lang("stat", "gms_one_for") . ' ' . round($total_acc / $total_gms, 1) . ' ' . lang("stat", "players") . '</span> </td> <td colspan="2"></td> </tr> </table> <br />'; unset($uptime); unset($uniqueIPs); unset($max_restart); unset($max_ever); unset($total_gms); unset($total_acc); } // get counts and percentages for alliance and horde characters $horde_chars = $sql["char"]->result($sql["char"]->query("SELECT COUNT(guid) FROM characters WHERE race IN(2, 5, 6, 8, 10)" . ($action ? " AND online=1" : "")), 0); $horde_pros = round($horde_chars * 100 / $total_chars, 1); $allies_chars = $total_chars - $horde_chars; $allies_pros = 100 - $horde_pros; // if we have zero of both, we'll show half red, half blue if ($horde_chars == 0 && $allies_chars == 0) { $horde_pros = 50; $allies_pros = 50; } $output .= ' <table class="tot_bar"> <tr> <td class="tot_bar_horde" style="width: ' . $horde_pros . '%; height: 40px;"><a href="stat.php?action=' . $action . '&side=h">' . lang("stat", "horde") . ': ' . $horde_chars . ' (' . $horde_pros . '%)</a></td> <td class="tot_bar_alliance" style="width: ' . $allies_pros . '%; height: 40px;"><a href="stat.php?action=' . $action . '&side=a">' . lang("stat", "alliance") . ': ' . $allies_chars . ' (' . $allies_pros . '%)</a></td> </tr> </table> <hr/> </td> </tr>'; unset($horde_chars); unset($horde_pros); unset($allies_chars); unset($allies_pros); $order_race = isset($_GET["race"]) ? "AND race=" . $sql["char"]->quote_smart($_GET["race"]) : ""; $order_class = isset($_GET["class"]) ? "AND class=" . $sql["char"]->quote_smart($_GET["class"]) : ""; if (isset($_GET["level"])) { $lvl_min = $sql["char"]->quote_smart($_GET["level"]); $lvl_max = $lvl_min + 4; $order_level = "AND level>=" . $lvl_min . " AND level<=" . $lvl_max . ""; } else { $order_level = ""; } if (isset($_GET["side"])) { if ($sql["char"]->quote_smart($_GET["side"]) == "h") { $order_side = "AND race IN(2, 5, 6, 8, 10)"; } elseif ($sql["char"]->quote_smart($_GET["side"]) == "a") { $order_side = "AND race IN (1, 3, 4, 7, 11)"; } } else { $order_side = ""; } // RACE foreach ($race as $id) { $race[$id[0]][2] = $sql["char"]->result($sql["char"]->query("SELECT COUNT(guid) FROM characters\n WHERE race=" . $id[0] . " " . $order_class . " " . $order_level . " " . $order_side . ($action ? " AND online=1" : "")), 0); $race[$id[0]][3] = round($race[$id[0]][2] * 100 / $total_chars, 1); } $output .= ' <tr align="left"> <td> <h1>' . lang("stat", "chars_by_race") . '</h1> </td> </tr> <tr> <td> <table class="bargraph"> <tr>'; foreach ($race as $id) { $height = $race[$id[0]][3] * 4; $output .= ' <td> <a href="stat.php?action=' . $action . '&race=' . $id[0] . '" class="graph_link">' . $race[$id[0]][3] . '%<img src="themes/' . $theme . '/column.gif" width="69" height="' . $height . '" alt="' . $race[$id[0]][2] . '" /></a> </td>'; } $output .= ' </tr> <tr>'; foreach ($race as $id) { $output .= ' <th>' . lang("id_tab", $race[$id[0]][1]) . '<br />' . $race[$id[0]][2] . '</th>'; } unset($race); $output .= ' </tr> </table> <br /> </td> </tr>'; // RACE END // CLASS foreach ($class as $id) { $class[$id[0]][2] = $sql["char"]->result($sql["char"]->query("SELECT COUNT(guid) FROM characters\n WHERE class=" . $id[0] . " " . $order_race . " " . $order_level . " " . $order_side . ($action ? " AND online=1" : "")), 0); $class[$id[0]][3] = round($class[$id[0]][2] * 100 / $total_chars, 1); } unset($order_level); $output .= ' <tr align="left"> <td> <h1>' . lang("stat", "chars_by_class") . '</h1> </td> </tr> <tr> <td> <table class="bargraph"> <tr>'; foreach ($class as $id) { $height = $class[$id[0]][3] * 4; $output .= ' <td> <a href="stat.php?action=' . $action . '&class=' . $id[0] . '" class="graph_link">' . $class[$id[0]][3] . '%<img src="themes/' . $theme . '/column.gif" width="69" height="' . $height . '" alt="' . $class[$id[0]][2] . '" /></a> </td>'; } $output .= ' </tr> <tr>'; foreach ($class as $id) { $output .= ' <th>' . lang("id_tab", $class[$id[0]][1]) . '<br />' . $class[$id[0]][2] . '</th>'; } unset($class); $output .= ' </tr> </table> <br /> </td> </tr>'; // CLASS END // LEVEL foreach ($level as $id) { $level[$id[0]][3] = $sql["char"]->result($sql["char"]->query("SELECT COUNT(guid) FROM characters\n WHERE level>=" . $id[1] . " AND level<=" . $id[2] . "\n " . $order_race . " " . $order_class . " " . $order_side . ($action ? " AND online=1" : "")), 0); $level[$id[0]][4] = round($level[$id[0]][3] * 100 / $total_chars, 1); } unset($order_level); unset($order_class); unset($order_race); unset($total_chars); unset($order_side); $output .= ' <tr align="left"> <td> <h1>' . lang("stat", "chars_by_level") . '</h1> </td> </tr> <tr> <td> <table class="bargraph"> <tr>'; foreach ($level as $id) { $height = $level[$id[0]][4] * 4; $output .= ' <td><a href="stat.php?action=' . $action . '&level=' . $id[1] . '" class="graph_link">' . $level[$id[0]][4] . '%<img src="themes/' . $theme . '/column.gif" width="77" height="' . $height . '" alt="' . $level[$id[0]][3] . '" /></a></td>'; } unset($height); $output .= ' </tr> <tr>'; foreach ($level as $id) { $output .= ' <th>' . $level[$id[0]][1] . '-' . $level[$id[0]][2] . '<br />' . $level[$id[0]][3] . '</th>'; } unset($id); unset($level); $output .= ' </tr> </table> <br /> <hr/> </td> </tr> <tr> <td>'; // LEVEL END makebutton(lang("stat", "reset"), 'stat.php', 720); $output .= ' </td> </tr> </table> </div> <br />'; }
function char_pets() { global $output, $realm_id, $characters_db, $arcm_db, $action_permission, $user_lvl, $user_name, $site_encoding, $base_datasite, $spell_datasite, $pet_ability, $sql, $core; //wowhead_tt(); if (empty($_GET["id"])) { error(lang("global", "empty_fields")); } if (empty($_GET["realm"])) { $realmid = $realm_id; } else { $realmid = $sql["logon"]->quote_smart($_GET["realm"]); if (is_numeric($realmid)) { $sql["char"]->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name'], $characters_db[$realmid]["encoding"]); } else { $realmid = $realm_id; } } $id = $sql["char"]->quote_smart($_GET["id"]); if (!is_numeric($id)) { $id = 0; } if ($core == 1) { $result = $sql["char"]->query("SELECT acct, name, race, class, level, gender\n FROM characters\n WHERE guid='" . $id . "' LIMIT 1"); } else { $result = $sql["char"]->query("SELECT account AS acct, name, race, class, level, gender\n FROM characters\n WHERE guid='" . $id . "' LIMIT 1"); } if ($sql["char"]->num_rows($result)) { $char = $sql["char"]->fetch_assoc($result); // we get user permissions first $owner_acc_id = $sql["char"]->result($result, 0, 'acct'); if ($core == 1) { $result = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $char["acct"] . "'"); } else { $result = $sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $char["acct"] . "'"); } $owner_name = $sql["logon"]->result($result, 0, 'login'); $s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='******'"; $s_result = $sql["mgr"]->query($s_query); $s_fields = $sql["mgr"]->fetch_assoc($s_result); $owner_gmlvl = $s_fields["gm"]; $view_mod = $s_fields["View_Mod_Pets"]; if ($owner_gmlvl >= 1073741824) { $owner_gmlvl -= 1073741824; } // owner configured overrides $view_override = false; if ($view_mod > 0) { if ($view_mod == 1) { } elseif ($view_mod == 2) { // only registered users may view this page if ($user_lvl > -1) { $view_override = true; } } } // visibility overrides for specific tabs $view_inv_override = false; if ($s_fields["View_Mod_Inv"] > 0) { if ($s_fields["View_Mod_Inv"] == 1) { } elseif ($s_fields["View_Mod_Inv"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_inv_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_inv_override = true; } } $view_talent_override = false; if ($s_fields["View_Mod_Talent"] > 0) { if ($s_fields["View_Mod_Talent"] == 1) { } elseif ($s_fields["View_Mod_Talent"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_talent_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_talent_override = true; } } $view_achieve_override = false; if ($s_fields["View_Mod_Achieve"] > 0) { if ($s_fields["View_Mod_Achieve"] == 1) { } elseif ($s_fields["View_Mod_Achieve"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_achieve_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_achieve_override = true; } } $view_quest_override = false; if ($s_fields["View_Mod_Quest"] > 0) { if ($s_fields["View_Mod_Quest"] == 1) { } elseif ($s_fields["View_Mod_Quest"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_quest_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_quest_override = true; } } $view_friends_override = false; if ($s_fields["View_Mod_Friends"] > 0) { if ($s_fields["View_Mod_Friends"] == 1) { } elseif ($s_fields["View_Mod_Friends"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_friends_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_friends_override = true; } } $view_view_override = false; if ($s_fields["View_Mod_View"] > 0) { if ($s_fields["View_Mod_View"] == 1) { } elseif ($s_fields["View_Mod_View"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_view_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_view_override = true; } } $view_rep_override = false; if ($s_fields["View_Mod_Rep"] > 0) { if ($s_fields["View_Mod_Rep"] == 1) { } elseif ($s_fields["View_Mod_Rep"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_rep_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_rep_override = true; } } $view_skill_override = false; if ($s_fields["View_Mod_Skill"] > 0) { if ($s_fields["View_Mod_Skill"] == 1) { } elseif ($s_fields["View_Mod_Skill"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_skill_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_skill_override = true; } } $view_pvp_override = false; if ($s_fields["View_Mod_PvP"] > 0) { if ($s_fields["View_Mod_PvP"] == 1) { } elseif ($s_fields["View_Mod_PvP"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_pvp_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_pvp_override = true; } } if ($view_override || $user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $output .= ' <center> <div class="tab"> <ul> <li class="selected"><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>'; if ($view_inv_override) { $output .= ' <li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "inventory") . '</a></li>'; } if ($view_talent_override) { $output .= ' ' . ($char["level"] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "talents") . '</a></li>') . ''; } if ($view_achieve_override) { $output .= ' <li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "achievements") . '</a></li>'; } if ($view_quest_override) { $output .= ' <li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "quests") . '</a></li>'; } if ($view_friends_override) { $output .= ' <li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "friends") . '</a></li>'; } if ($view_view_override) { $output .= ' <li><a href="char_view.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "view") . '</a></li>'; } $output .= ' </ul> </div> <div class="tab_content"> <div class="tab"> <ul> <li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>'; $output .= ' <li class="selected"><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "pets") . '</a></li>'; if ($view_rep_override) { $output .= ' <li><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "reputation") . '</a></li>'; } if ($view_skill_override) { $output .= ' <li><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "skills") . '</a></li>'; } if ($view_pvp_override) { $output .= ' <li><a href="char_pvp.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "pvp") . '</a></li>'; } if ($owner_name == $user_name || $user_lvl >= get_page_permission("insert", "char_mail.php")) { $output .= ' <li><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "mail") . '</a></li>'; } $output .= ' </ul> </div> <div class="tab_content2"> <font class="bold"> ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' - <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . ' </font> <br /> <br />'; if ($core == 1) { $result = $sql["char"]->query("SELECT petnumber, level, fields,\n SUBSTRING_INDEX(SUBSTRING_INDEX(`fields`, ' ', 77), ' ', -1) AS cur_xp,\n SUBSTRING_INDEX(SUBSTRING_INDEX(`fields`, ' ', 78), ' ', -1) AS next_level_xp,\n name, happinessupdate\n FROM playerpets\n WHERE ownerguid='" . $id . "'"); } else { $result = $sql["char"]->query("SELECT id AS petnumber, level, abdata AS fields,\n exp AS cur_xp,\n SUBSTRING_INDEX(SUBSTRING_INDEX(`abdata`, ' ', 78), ' ', -1) AS next_level_xp,\n name, curhappiness AS happinessupdate\n FROM character_pet \n WHERE owner='" . $id . "'"); } if ($sql["char"]->num_rows($result)) { while ($pet = $sql["char"]->fetch_assoc($result)) { $pet_data = explode(' ', $pet["fields"]); $happiness = floor($pet_data[UNIT_FIELD_MAXPOWER3] / 333000); if ($happiness == 1) { $hap_text = 'Content'; $hap_val = 1; } elseif ($happiness == 2) { $hap_text = 'Happy'; $hap_val = 2; } else { $hap_text = 'Unhappy'; $hap_val = 0; } if ($core == 1) { $pet_next_lvl_xp = $pet["next_level_xp"]; } else { $pet_next_lvl_xp = floor(char_get_xp_to_level($pet["level"]) / 4); } // this_is_junk: style left hardcoded because it's calculated. $output .= ' <font class="bold">' . $pet["name"] . ' - lvl ' . char_get_level_color($pet["level"]) . ' <a class="ch_pet_padding" onmouseover="oldtoolTip(\'' . $hap_text . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()"><img src="img/pet/happiness_' . $hap_val . '.jpg" alt="" /></a> <br /><br /> </font> <table class="lined" id="ch_pet_xp"> <tr> <td align="right">Exp:</td> <td valign="top" class="bar skill_bar" style="background-position: ' . (round(385 * $pet["cur_xp"] / $pet_next_lvl_xp) - 385) . 'px;"> <span>' . $pet["cur_xp"] . '/' . $pet_next_lvl_xp . '</span> </td> </tr> <tr> <td align="right">Pet Abilities:</td> <td align="left">'; if ($core == 1) { $ability_results = $sql["char"]->query("SELECT spellid FROM playerpetspells WHERE petnumber='" . $pet["petnumber"] . "' AND flags > 1"); } else { $ability_results = $sql["char"]->query("SELECT spell AS spellid FROM pet_spell WHERE guid='" . $pet["petnumber"] . "' AND active > 1"); } // active = 0 is unused and active = 1 probably some passive auras, i dont know diference between values 129 and 193, need to check mangos source if ($sql["char"]->num_rows($ability_results)) { while ($ability = $sql["char"]->fetch_assoc($ability_results)) { $output .= ' <a class="ch_pet_padding" href="' . $base_datasite . $spell_datasite . $ability["spellid"] . '" target="_blank"> <img src="' . spell_get_icon($ability["spellid"]) . '" alt="' . $ability["spellid"] . '" class="icon_border_0" /> </a>'; } } $output .= ' </td> </tr> </table> <br /><br />'; } unset($ability_results); unset($pet_next_lvl_xp); unset($happiness); unset($pet); } $output .= ' </div> </div> <br /> <table class="hidden"> <tr> <td>'; // button to user account page, user account page has own security makebutton(lang("char", "chars_acc"), 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130); $output .= ' </td> <td>'; // only higher level GM with delete access can edit character // character edit allows removal of character items, so delete permission is needed if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"]) { //makebutton($lang_char["edit_button"], 'char_edit.php?id='.$id.'&realm='.$realmid.'', 130); $output .= ' </td> <td>'; } // only higher level GM with delete access, or character owner can delete character if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"] || $owner_name === $user_name) { makebutton(lang("char", "del_char"), 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130); $output .= ' </td> <td>'; } // only GM with update permission can send mail, mail can send items, so update permission is needed if ($user_lvl >= $action_permission["update"]) { makebutton(lang("char", "send_mail"), 'mail.php?type=ingame_mail&to=' . $char["name"] . '', 130); $output .= ' </td> <td>'; } makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> <br /> </center> <!-- end of char_pets.php -->'; } else { error(lang("char", "no_permission")); } } else { error(lang("char", "no_char_found")); } }
function delete() { global $lang_global, $lang_creature, $output, $user_lvl, $action_permission; if ($user_lvl < $action_permission['delete']) { redirect("creature.php?error=9"); } if (isset($_GET['entry'])) { $entry = $_GET['entry']; } else { redirect("creature.php?error=1"); } $output .= "\r\n <center>\r\n <h1>\r\n <font class=\"error\">{$lang_global['are_you_sure']}</font>\r\n </h1>\r\n <br />\r\n <font class=\"bold\">\r\n {$lang_creature['creature_template']}: <a href=\"creature.php?action=edit&entry={$entry}\" target=\"_blank\">{$entry}</a>\r\n {$lang_global['will_be_erased']}<br />{$lang_creature['all_related_data']}\r\n </font>\r\n <br /><br />\r\n <table class=\"hidden\">\r\n <tr>\r\n <td>"; makebutton($lang_global['yes'], "creature.php?action=do_delete&entry={$entry}", 120); makebutton($lang_global['no'], "creature.php", 120); $output .= "\r\n </td>\r\n </tr>\r\n </table>\r\n </center>\r\n <br />"; }
function guild_bank() { global $output, $realm_id, $characters_db, $arcm_db, $world_db, $item_datasite, $base_datasite, $item_icons, $sql, $core; wowhead_tt(); if (empty($_GET["id"])) { error(lang("global", "empty_fields")); } // this is multi realm support, as of writing still under development // this page is already implementing it if (empty($_GET["realm"])) { $realmid = $realm_id; } else { $realmid = $sql["logon"]->quote_smart($_GET["realm"]); if (is_numeric($realmid)) { $sql["char"]->connect($characters_db[$realmid]["addr"], $characters_db[$realmid]["user"], $characters_db[$realmid]["pass"], $characters_db[$realmid]["name"], $characters_db[$realmid]["encoding"]); } else { $realmid = $realm_id; } } $guild_id = $sql["char"]->quote_smart($_GET["id"]); if (!is_numeric($guild_id)) { $guild_id = 0; } if (empty($_GET["tab"])) { $current_tab = 0; } else { $current_tab = $sql["char"]->quote_smart($_GET["tab"]); } if (!is_numeric($current_tab) || $current_tab > 6) { $current_tab = 0; } if ($core == 1) { $result = $sql["char"]->query("SELECT guildName, bankBalance FROM guilds WHERE guildid='" . $guild_id . "' LIMIT 1"); } else { $result = $sql["char"]->query("SELECT name AS guildName, BankMoney AS bankBalance FROM guild WHERE guildid='" . $guild_id . "' LIMIT 1"); } if ($sql["char"]->num_rows($result)) { $guild_name = $sql["char"]->result($result, 0, "guildName"); $bank_gold = $sql["char"]->result($result, 0, "bankBalance"); if ($core == 1) { $result = $sql["char"]->query("SELECT TabId, TabName, TabIcon FROM guild_banktabs WHERE guildid='" . $guild_id . "' LIMIT 6"); } else { $result = $sql["char"]->query("SELECT TabId, TabName, TabIcon FROM guild_bank_tab WHERE guildid='" . $guild_id . "' LIMIT 6"); } $tabs = array(); while ($tab = $sql["char"]->fetch_assoc($result)) { $tabs[$tab["TabId"]] = $tab; } $output .= ' <div class="top"> <h1>' . $guild_name . ' ' . lang("guildbank", "guildbank") . '</h1> </div> <div class="tab"> <ul>'; for ($i = 0; $i < 6; ++$i) { if (isset($tabs[$i])) { $output .= ' <li' . ($current_tab == $i ? ' class="selected"' : '') . '> <a href="guildbank.php?id=' . $guild_id . '&tab=' . $i . '&realm=' . $realmid . '">'; if ($tabs[$i]['TabIcon'] == '') { $output .= ' <img src="img/INV/INV_blank_32.gif" class="icon_border_0"'; } else { // make sure we're looking for the file name with the correct capitalization $ii_query = "SELECT * FROM itemdisplayinfo WHERE LCASE(IconName)='" . strtolower($tabs[$i]["TabIcon"]) . "' LIMIT 1"; $ii_result = $sql["dbc"]->query($ii_query); $ii_fields = $sql["dbc"]->fetch_assoc($ii_result); $tabs[$i]["TabIcon"] = $ii_fields["IconName"]; if (file_exists($item_icons . "/" . $tabs[$i]["TabIcon"] . ".png")) { $output .= ' <img src="' . $item_icons . "/" . $tabs[$i]["TabIcon"] . '.png" class="icon_border_0"'; } else { $output .= ' <img src="img/INV/INV_blank_32.gif" class="icon_border_0"'; } } if ($tabs[$i]['TabName'] == '') { $output .= ' onmousemove="oldtoolTip(\'' . lang("guildbank", "tab") . ($i + 1) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />'; } else { $output .= ' onmousemove="oldtoolTip(\'' . $tabs[$i]['TabName'] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />'; } $output .= ' </a> </li>'; } } $output .= ' </ul> </div> <div class="tab_content center">'; if ($core == 1) { $result = $sql["char"]->query("SELECT gbi.SlotId, gbi.itemGuid, ii.entry,\r\n ii.count AS stack_count,\r\n FROM guild_bankitems gbi\r\n INNER JOIN playeritems ii ON ii.guid=gbi.itemGuid\r\n WHERE gbi.guildid='" . $guild_id . "' AND TabID='" . $current_tab . "'"); } elseif ($core == 2) { $result = $sql["char"]->query("SELECT gbi.SlotId, gbi.item_guid AS itemGuid, gbi.item_entry AS entry, \r\n SUBSTRING_INDEX(SUBSTRING_INDEX(data, ' ', 15), ' ', -1) as stack_count \r\n FROM guild_bank_item gbi\r\n INNER JOIN item_instance ii ON ii.guid=gbi.item_guid \r\n WHERE gbi.guildid='" . $guild_id . "' AND TabID='" . $current_tab . "'"); } else { $result = $sql["char"]->query("SELECT gbi.SlotId, gbi.item_guid AS itemGuid, ii.itemEntry AS entry, \r\n ii.count as stack_count \r\n FROM guild_bank_item gbi\r\n INNER JOIN item_instance ii ON ii.guid=gbi.item_guid \r\n WHERE gbi.guildid='" . $guild_id . "' AND TabID='" . $current_tab . "'"); } $gb_slots = array(); while ($tab = $sql["char"]->fetch_assoc($result)) { if ($tab["itemGuid"]) { $gb_slots[$tab["SlotId"]] = $tab; } } // this_is_junk: style left hardcoded because it's calculated. $output .= ' <table id="guildbank_tabs"> <tr> <td align="center"> <div class="bag" style="width:' . (14 * 43 + 2) . 'px; height:' . 7 * 41 . 'px;">'; $item_position = 0; for ($i = 0; $i < 7; ++$i) { for ($j = 0; $j < 14; ++$j) { $item_position = $j * 7 + $i; if (isset($gb_slots[$item_position])) { $gb_item_id = $gb_slots[$item_position]["entry"]; $stack = $gb_slots[$item_position]["stack_count"] == 1 ? '' : $gb_slots[$item_position]["stack_count"]; // this_is_junk: style left hardcoded because it's calculated. $output .= ' <div class="bag_slot" style="left:' . ($j * 43 + 4) . 'px; top:' . ($i * 41 + 4) . 'px;"> <a class="guildbank_padding" href="' . $base_datasite . $item_datasite . $gb_item_id . '"> <img src="' . get_item_icon($gb_item_id) . '" class="inv_icon" alt="" /> </a> <div class="guildbank_quantity_shadow">' . $stack . '</div> <div class="guildbank_quantity">' . $stack . '</div> </div>'; } } } $output .= ' </div> </td> </tr> <tr> <td class="hidden" align="right"> ' . substr($bank_gold, 0, -4) . '<img src="img/gold.gif" alt="" style="position: relative; bottom: -6px;" /> ' . substr($bank_gold, -4, 2) . '<img src="img/silver.gif" alt="" style="position: relative; bottom: -6px;" /> ' . substr($bank_gold, -2) . '<img src="img/copper.gif" alt="" style="position: relative; bottom: -6px;" /> </td> </tr> </table> </div> <br /> <table class="hidden center"> <tr> <td>'; makebutton(lang("guildbank", "guild"), "guild.php?action=view_guild&realm=" . $realmid . "&error=3&id=" . $guild_id, 130); $output .= ' </td> </tr> </table> <br />'; unset($bank_gold); } else { redirect("error.php?err=" . lang("guildbank", "notfound")); } }
function del_realm() { global $output, $action_permission, $sql; valid_login($action_permission["delete"]); if (empty($_GET["id"])) { redirect("realm.php?error=1"); } $id = $sql["mgr"]->quote_smart($_GET["id"]); if (!is_numeric($id)) { redirect("realm.php?error=1"); } $output .= ' <center> <h1><font class="error">' . lang("global", "are_you_sure") . '</font></h1> <br /> <font class="bold">' . lang("realm", "realm_id") . ': ' . $id . '<br />' . lang("global", "will_be_erased") . '</font> <br /><br /> <table width="300" class="hidden"> <tr> <td>'; makebutton(lang("global", "yes"), 'realm.php?action=dodel_realm&id=' . $id . '" type ="wrn', 130); makebutton(lang("global", "no"), 'realm.php" type="def', 130); unset($id); $output .= ' </td> </tr> </table> </center>'; }
function backup_step2() { global $lang_backup, $lang_global, $output, $backup_dir, $realm_db, $characters_db; if (empty($_GET['backup_action']) || empty($_GET['backup_from_to'])) { redirect("backup.php?error=1"); } else { $backup_action = addslashes($_GET['backup_action']); $backup_from_to = addslashes($_GET['backup_from_to']); $struc_backup = isset($_GET['struc_backup']) ? addslashes($_GET['struc_backup']) : 0; $save_all_realms = isset($_GET['save_all_realms']) ? addslashes($_GET['save_all_realms']) : 0; } $upload_max_filesize = ini_get("upload_max_filesize"); if (eregi("([0-9]+)K", $upload_max_filesize, $tempregs)) { $upload_max_filesize = $tempregs[1] * 1024; } if (eregi("([0-9]+)M", $upload_max_filesize, $tempregs)) { $upload_max_filesize = $tempregs[1] * 1024 * 1024; } switch ($backup_action) { case "load": $output .= "\r\n <center>\r\n <fieldset class=\"tquarter_frame\">\r\n <legend>{$lang_backup['select_file']}</legend>\r\n <br />\r\n <table class=\"hidden\">"; switch ($backup_from_to) { case "file": $output .= "\r\n <tr>\r\n <td colspan=\"2\">\r\n {$lang_backup['max_file_size']} : {$upload_max_filesize} bytes (" . round($upload_max_filesize / 1024 / 1024) . " Mbytes)\r\n <br />\r\n {$lang_backup['use_ftp_for_large_files']}.\r\n </td>\r\n </tr>\r\n <tr>\r\n <td>\r\n <form enctype=\"multipart/form-data\" action=\"backup.php?action=dobackup&backup_action={$backup_action}&backup_from_to={$backup_from_to}\" method=\"post\" name=\"form\">\r\n <input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"{$upload_max_filesize}\" />\r\n <select name=\"use_db\">"; foreach ($characters_db as $db) { $output .= "\r\n <option value=\"{$db['name']}\">{$db['name']}</option>"; } $output .= "\r\n <option value=\"{$realm_db['name']}\">{$realm_db['name']}</option>\r\n </select>\r\n <input type=\"file\" name=\"uploaded_file\" />\r\n </form>\r\n </td>\r\n <td>"; makebutton($lang_backup['upload'], "javascript:do_submit()", 130); break; case "web": $output .= "\r\n <tr>\r\n <td>\r\n <form action=\"backup.php?action=dobackup&backup_action={$backup_action}&backup_from_to={$backup_from_to}\" method=\"post\" name=\"form\">\r\n <select name=\"use_db\">"; foreach ($characters_db as $db) { $output .= "\r\n <option value=\"{$db['name']}\">{$db['name']}</option>"; } $output .= "\r\n <option value=\"{$realm_db['name']}\">{$realm_db['name']}</option>\r\n </select>\r\n <select name=\"selected_file_name\">"; if (is_dir($backup_dir)) { if ($dh = opendir($backup_dir)) { while (($file = readdir($dh)) != false) { if ($file != '.' && $file != '..' && $file != '.htaccess' && $file != 'accounts' && $file != 'index.html') { $output .= "\r\n <option value=\"{$file}\">{$file}</option>"; } } closedir($dh); } } $output .= "\r\n </select>\r\n </form>\r\n </td>\r\n <td>"; makebutton($lang_backup['go'], "javascript:do_submit()", 130); break; case "acc_on_file": $output .= "\r\n <tr>\r\n <td colspan=\"2\">\r\n {$lang_backup['enter_acc_name']}:\r\n </td>\r\n </tr>\r\n <tr>\r\n <td>\r\n <form action=\"backup.php?action=dobackup&backup_action={$backup_action}&backup_from_to={$backup_from_to}\" method=\"post\" name=\"form\">\r\n <select name=\"use_db\">"; foreach ($characters_db as $db) { $output .= "\r\n <option value=\"{$db['name']}\">{$db['name']}</option>"; } $output .= "\r\n <option value=\"{$realm_db['name']}\">{$realm_db['name']}</option>\r\n </select>\r\n <select name=\"file_dir\">"; if (is_dir($backup_dir . "/accounts")) { if ($dh = opendir($backup_dir . "/accounts")) { while (($file = readdir($dh)) != false) { if ($file != '.' && $file != '..' && $file != '.htaccess' && $file != 'index.html') { $output .= "\r\n <option value=\"{$file}\">{$file}</option>"; } } closedir($dh); } } $output .= "\r\n </select>\r\n <input type=\"text\" name=\"selected_file_name\" size=\"20\" maxlength=\"35\" />\r\n </form>\r\n </td>\r\n <td>"; makebutton($lang_backup['go'], "javascript:do_submit()", 80); break; default: } makebutton($lang_global['back'], "javascript:window.history.back()", 80); $output .= "\r\n </td>\r\n </tr>\r\n </table>\r\n <br /><br />\r\n </fieldset>\r\n <br /><br />\r\n </center>"; break; case "save": redirect("backup.php?action=dobackup&backup_action={$backup_action}&backup_from_to={$backup_from_to}&struc_backup={$struc_backup}&save_all_realms={$save_all_realms}"); break; default: redirect("backup.php?error=1"); } }
function pass_recovery() { global $lang_register, $lang_global, $output; $output .= "<center>\r\n\t\t<fieldset class=\"half_frame\">\r\n\t\t<legend>{$lang_register['recover_acc_password']}</legend>\r\n\t\t<form method=\"post\" action=\"register.php?action=do_pass_recovery\" name=\"form\">\r\n\t\t\t<table class=\"flat\">\r\n\t\t\t\t<tr>\r\n\t\t\t\t\t<td valign=\"top\">\n\t\t\t\t\t\t{$lang_register['username']} :\n\t\t\t\t\t</td>\r\n\t\t\t\t\t<td>\n\t\t\t\t\t\t<input type=\"text\" name=\"username\" size=\"45\" maxlength=\"14\" />\n\t\t\t\t\t\t<br />\r\n\t\t\t\t\t\t{$lang_register['user_pass_rec_desc']}<br />\r\n\t\t\t\t\t</td>\r\n\t\t\t\t</tr>\r\n\t\t\t\t<tr>\r\n\t\t\t\t\t<td valign=\"top\">\n\t\t\t\t\t\t{$lang_register['email']} :\n\t\t\t\t\t</td>\r\n\t\t\t\t\t<td>\n\t\t\t\t\t\t<input type=\"text\" name=\"email\" size=\"45\" maxlength=\"225\" />\n\t\t\t\t\t\t<br />\r\n\t\t\t\t\t\t{$lang_register['mail_pass_rec_desc']}\n\t\t\t\t\t</td>\r\n\t\t\t\t</tr>\r\n\t\t\t\t<tr>\n\t\t\t\t\t<td>"; makebutton($lang_register['recover_pass'], "javascript:do_submit()", 150); $output .= "\n\t\t\t\t\t</td>\n\t\t\t\t\t<td>"; makebutton($lang_global['back'], "javascript:window.history.back()", 328); $output .= "\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\r\n\t\t\t</table>\r\n\t\t</form>\n\t</fieldset>\r\n\t<br />\n\t<br />\n</center>"; }
function add_tele() { global $output, $arcm_db, $action_permission, $sqlw; valid_login($action_permission['insert']); $output .= "\r\n <center>\r\n <fieldset class=\"half_frame\">\r\n <legend>" . lang('tele', 'add_new_tele') . "</legend>\r\n <form method=\"get\" action=\"tele.php\" name=\"form\">\r\n <input type=\"hidden\" name=\"action\" value=\"do_add_tele\" />\r\n <table class=\"flat\">\r\n <tr>\r\n <td>" . lang('tele', 'loc_name') . "</td>\r\n <td><input type=\"text\" name=\"name\" size=\"42\" maxlength=\"98\" value=\"" . lang('tele', 'name') . "\" /></td>\r\n </tr>\r\n <tr>\r\n <td>" . lang('tele', 'on_map') . "</td>\r\n <td>\r\n <select name=\"map\">"; $map_query = $sqlw->query("SELECT ID, InternalName from map order by id"); while ($map = $sqlw->fetch_row($map_query)) { $output .= "\r\n <option value=\"{$map[0]}\">{$map[0]} : {$map[1]}</option>"; } unset($map); unset($map_query); $output .= "\r\n </select>\r\n </td>\r\n </tr>\r\n <tr>\r\n <td>" . lang('tele', 'positionx') . "</td>\r\n <td><input type=\"text\" name=\"x\" size=\"42\" maxlength=\"36\" value=\"0.0000\" /></td>\r\n </tr>\r\n <tr>\r\n <td>" . lang('tele', 'positiony') . "</td>\r\n <td><input type=\"text\" name=\"y\" size=\"42\" maxlength=\"36\" value=\"0.0000\" /></td>\r\n </tr>\r\n <tr>\r\n <td>" . lang('tele', 'positionz') . "</td>\r\n <td><input type=\"text\" name=\"z\" size=\"42\" maxlength=\"36\" value=\"0.0000\" /></td>\r\n </tr>\r\n <tr>\r\n <td>" . lang('tele', 'orientation') . "</td>\r\n <td><input type=\"text\" name=\"orientation\" size=\"42\" maxlength=\"36\" value=\"0\" /></td>\r\n </tr>\r\n <tr>\r\n <td>\r\n </td>\r\n <td>"; makebutton(lang('tele', 'add_new'), "javascript:do_submit()", 130); makebutton(lang('global', 'back'), "tele.php\" type=\"def", 130); $output .= "\r\n </td>\r\n </tr>\r\n </table>\r\n </form>\r\n </fieldset>\r\n <br /><br />\r\n </center>\r\n"; }
function char_friends() { global $output, $realm_id, $logon_db, $corem_db, $characters_db, $site_encoding, $action_permission, $user_lvl, $user_name, $sql, $core; if (empty($_GET["id"])) { error(lang("global", "empty_fields")); } else { $id = $_GET["id"]; } // this is multi realm support, as of writing still under development // this page is already implementing it if (empty($_GET["realm"])) { $realmid = $realm_id; } else { $realmid = $sql["logon"]->quote_smart($_GET["realm"]); if (is_numeric($realmid)) { $sql["char"]->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name'], $characters_db[$realmid]["encoding"]); } else { $realmid = $realm_id; } } //==========================$_GET and SECURE======================== if (!is_numeric($id)) { $id = 0; } $order_by = isset($_GET["order_by"]) ? $sql["char"]->quote_smart($_GET["order_by"]) : 'name'; if (!preg_match('/^[[:lower:]]{1,6}$/', $order_by)) { $order_by = 'name'; } $dir = isset($_GET["dir"]) ? $sql["char"]->quote_smart($_GET["dir"]) : 1; if (!preg_match('/^[01]{1}$/', $dir)) { $dir = 1; } $order_dir = $dir ? "ASC" : "DESC"; $dir = $dir ? 0 : 1; //==========================$_GET and SECURE end======================== if ($order_by === "map") { $order_by = "map " . $order_dir . ", zone"; } elseif ($order_by === "zone") { $order_by = "zone " . $order_dir . ", map"; } // getting character data from database if ($core == 1) { $result = $sql["char"]->query("SELECT acct, name, race, class, level, gender\r\n FROM characters WHERE guid='" . $id . "' LIMIT 1"); } else { $result = $sql["char"]->query("SELECT account AS acct, name, race, class, level, gender\r\n FROM characters WHERE guid='" . $id . "' LIMIT 1"); } if ($sql["char"]->num_rows($result)) { $char = $sql["char"]->fetch_assoc($result); // we get user permissions first $owner_acc_id = $sql["char"]->result($result, 0, "acct"); if ($core == 1) { $result = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $char["acct"] . "'"); } else { $result = $sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $char["acct"] . "'"); } $owner_name = $sql["logon"]->result($result, 0, 'login'); $s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='******'"; $s_result = $sql["mgr"]->query($s_query); $s_fields = $sql["mgr"]->fetch_assoc($s_result); $owner_gmlvl = $s_fields["gm"]; $view_mod = $s_fields["View_Mod_Friends"]; if ($owner_gmlvl >= 1073741824) { $owner_gmlvl -= 1073741824; } // owner configured overrides $view_override = false; if ($view_mod > 0) { if ($view_mod == 1) { } elseif ($view_mod == 2) { // only registered users may view this page if ($user_lvl > -1) { $view_override = true; } } } // visibility overrides for specific tabs $view_inv_override = false; if ($s_fields["View_Mod_Inv"] > 0) { if ($s_fields["View_Mod_Inv"] == 1) { } elseif ($s_fields["View_Mod_Inv"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_inv_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_inv_override = true; } } $view_talent_override = false; if ($s_fields["View_Mod_Talent"] > 0) { if ($s_fields["View_Mod_Talent"] == 1) { } elseif ($s_fields["View_Mod_Talent"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_talent_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_talent_override = true; } } $view_achieve_override = false; if ($s_fields["View_Mod_Achieve"] > 0) { if ($s_fields["View_Mod_Achieve"] == 1) { } elseif ($s_fields["View_Mod_Achieve"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_achieve_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_achieve_override = true; } } $view_quest_override = false; if ($s_fields["View_Mod_Quest"] > 0) { if ($s_fields["View_Mod_Quest"] == 1) { } elseif ($s_fields["View_Mod_Quest"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_quest_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_quest_override = true; } } $view_view_override = false; if ($s_fields["View_Mod_View"] > 0) { if ($s_fields["View_Mod_View"] == 1) { } elseif ($s_fields["View_Mod_View"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_view_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_view_override = true; } } if ($view_override || $user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { //------------------------Character Tabs--------------------------------- // we start with a lead of 10 spaces, // because last line of header is an opening tag with 8 spaces // keep html indent in sync, so debuging from browser source would be easy to read $output .= ' <script type="text/javascript"> // <![CDATA[ function wrap() { if (getBrowserWidth() > 1024) document.write(\'</table></td><td><table class="lined" id="ch_fri_large_screen">\'); } // ]]> </script> <div class="tab"> <ul> <li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>'; if ($view_inv_override) { $output .= ' <li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "inventory") . '</a></li>'; } if ($view_talent_override) { $output .= ' ' . ($char["level"] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "talents") . '</a></li>') . ''; } if ($view_achieve_override) { $output .= ' <li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "achievements") . '</a></li>'; } if ($view_quest_override) { $output .= ' <li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "quests") . '</a></li>'; } $output .= ' <li class="selected"><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "friends") . '</a></li>'; if ($view_view_override) { $output .= ' <li><a href="char_view.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "view") . '</a></li>'; } $output .= ' </ul> </div> <div class="tab_content center center_text"> <span class="bold"> ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' - <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . ' </span> <br /><br /> <table class="hidden" id="ch_fri_unk_1"> <tr valign="top"> <td> <table class="lined" id="ch_fri_unk_2">'; // pre-build columns for friends/ignores table $friends_columns = ' <tr> <th style="width: 1%;"> <a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=name&dir=' . $dir . '"' . ($order_by === "name" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "name") . '</a> </th> <th style="width: 1%;"> <a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=race&dir=' . $dir . '"' . ($order_by === "race" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "race") . '</a> </th> <th style="width: 1%;"> <a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=class&dir=' . $dir . '"' . ($order_by === "class" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "class") . '</a> </th> <th style="width: 1%;"> <a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=level&dir=' . $dir . '"' . ($order_by === "level" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "level") . '</a> </th> <th style="width: 1%;"> <a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=mapid&dir=' . $dir . '"' . ($order_by === "map " . $order_dir . ", zone" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "map") . '</a> </th> <th style="width: 1%;"> <a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=zoneid&dir=' . $dir . '"' . ($order_by === "zone " . $order_dir . ", map" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "zone") . '</a> </th> <th style="width: 1%;"> <a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '&order_by=online&dir=' . $dir . '"' . ($order_by === "online" ? ' class="' . $order_dir . '"' : '') . '>' . lang("char", "online") . '</a> </th> </tr>'; // get friends if ($core == 1) { $result = $sql["char"]->query("SELECT name, race, class, mapid, zoneid, level, gender, online, acct, guid\r\n FROM characters WHERE guid IN (SELECT friend_guid FROM social_friends WHERE character_guid='" . $id . "') ORDER BY '" . $order_by . "' '" . $order_dir . "'"); } else { $result = $sql["char"]->query("SELECT name, race, class, map AS mapid, zone AS zoneid, level, gender, online, account AS acct, guid\r\n FROM characters WHERE guid IN (SELECT friend FROM character_social WHERE guid='" . $id . "' AND flags=1) ORDER BY '" . $order_by . "' '" . $order_dir . "'"); } $output_temp = '<tr><td style="display: none;"></td></tr>'; if ($sql["char"]->num_rows($result)) { $output_temp .= ' <tr> <th colspan="7" class="center_text"> <span>' . lang("char", "friends") . '</span> </th> </tr>'; // append columns $output_temp .= $friends_columns; while ($data = $sql["char"]->fetch_assoc($result)) { if ($core == 1) { $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $data["acct"] . "'"), 0, "gmlevel"); } else { $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $data["acct"] . "'"), 0, "login"); } $char_gm_level = $sql["mgr"]->result($sql["mgr"]->query("SELECT SecurityLevel AS gmlevel FROM config_accounts WHERE Login='******'"), 0, "gmlevel"); $output_temp .= ' <tr> <td>'; if ($user_lvl >= $char_gm_level) { $output_temp .= ' <a href="char.php?id=' . $data["guid"] . '"> <span>' . $data["name"] . '</span> </a>'; } else { $output_temp .= $data["name"]; } $output_temp .= ' </td> <td> <img src="img/c_icons/' . $data["race"] . '-' . $data["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($data["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <img src="img/c_icons/' . $data["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($data["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <span>' . char_get_level_color($data["level"]) . '</span> </td> <td class="small"> <span onmousemove="oldtoolTip(\'MapID:' . $data["mapid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_map_name($data["mapid"]) . '</span> </td> <td class="small"> <span onmousemove="oldtoolTip(\'ZoneID:' . $data["zoneid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_zone_name($data["zoneid"]) . '</span> </td> <td> <img src="img/' . ($data["online"] ? 'up' : 'down') . '.gif" alt="" /> </td> </tr>'; } } else { $output_temp .= ' <tr> <th colspan="7" class="center_text"> <span>' . lang("char", "friends") . '</span> </th> </tr>'; // append columns $output_temp .= $friends_columns; $output_temp .= ' <tr> <td colspan="7"> <span>' . lang("char", "no_friends") . '</span> </td> </tr>'; } $output_temp .= ' <tr> <th colspan="7"> </th> </tr>'; // get is friend of if ($core == 1) { $result = $sql["char"]->query("SELECT name, race, class, mapid, zoneid, level, gender, online, acct, guid\r\n FROM characters WHERE guid IN (SELECT character_guid FROM social_friends WHERE friend_guid='" . $id . "') ORDER BY '" . $order_by . "' '" . $order_dir . "'"); } else { $result = $sql["char"]->query("SELECT name, race, class, map AS mapid, zone AS zoneid, level, gender, online, account AS acct, guid\r\n FROM characters WHERE guid IN (SELECT guid FROM character_social WHERE friend='" . $id . "' AND flags=1) ORDER BY '" . $order_by . "' '" . $order_dir . "'"); } if ($sql["char"]->num_rows($result)) { $output_temp .= ' <tr> <th colspan="7" class="center_text"> <span>' . lang("char", "friendof") . '</span> </th> </tr>'; // append columns $output_temp .= $friends_columns; while ($data = $sql["char"]->fetch_assoc($result)) { if ($core == 1) { $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $data["acct"] . "'"), 0, "gmlevel"); } else { $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $data["acct"] . "'"), 0, "login"); } $char_gm_level = $sql["mgr"]->result($sql["mgr"]->query("SELECT SecurityLevel AS gmlevel FROM config_accounts WHERE Login='******'"), 0, "gmlevel"); $output_temp .= ' <tr> <td>'; if ($user_lvl >= $char_gm_level) { $output_temp .= ' <a href="char.php?id=' . $data["guid"] . '"> <span>' . $data["name"] . '</span> </a>'; } else { $output_temp .= $data["name"]; } $output_temp .= ' </td> <td> <img src="img/c_icons/' . $data["race"] . '-' . $data["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($data["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <img src="img/c_icons/' . $data["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($data["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <span>' . char_get_level_color($data["level"]) . '</span> </td> <td class="small"> <span onmousemove="oldtoolTip(\'MapID:' . $data["mapid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_map_name($data["mapid"]) . '</span> </td> <td class="small"> <span onmousemove="oldtoolTip(\'ZoneID:' . $data["zoneid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_zone_name($data["zoneid"]) . '</span> </td> <td> <img src="img/' . ($data["online"] ? 'up' : 'down') . '.gif" alt="" /> </td> </tr>'; } } else { $output_temp .= ' <tr> <th colspan="7" class="center_text"> <span>' . lang("char", "friendof") . '</span> </th> </tr>'; // append columns $output_temp .= $friends_columns; $output_temp .= ' <tr> <td colspan="7"> <span>' . lang("char", "no_friend_of") . '</span> </td> </tr>'; } $output_temp .= ' <tr> <th colspan="7"> </th> </tr>'; // get ignores if ($core == 1) { $result = $sql["char"]->query("SELECT name, race, class, mapid, zoneid, level, gender, online, acct, guid\r\n FROM characters WHERE guid IN (SELECT ignore_guid FROM social_ignores WHERE character_guid='" . $id . "') ORDER BY '" . $order_by . "' '" . $order_dir . "'"); } else { $result = $sql["char"]->query("SELECT name, race, class, map AS mapid, zone AS zoneid, level, gender, online, account AS acct, guid\r\n FROM characters WHERE guid IN (SELECT friend FROM character_social WHERE guid='" . $id . "' AND flags=2) ORDER BY '" . $order_by . "' '" . $order_dir . "'"); } if ($sql["char"]->num_rows($result)) { $output_temp .= ' <tr> <th colspan="7" class="center_text"> <span>' . lang("char", "ignored") . '</span> </th> </tr>'; // append columns $output_temp .= $friends_columns; while ($data = $sql["char"]->fetch_assoc($result)) { if ($core == 1) { $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $data["acct"] . "'"), 0, "gmlevel"); } else { $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $data["acct"] . "'"), 0, "login"); } $char_gm_level = $sql["mgr"]->result($sql["mgr"]->query("SELECT SecurityLevel AS gmlevel FROM config_accounts WHERE Login='******'"), 0, "gmlevel"); $output_temp .= ' <tr> <td>'; if ($user_lvl >= $char_gm_level) { $output_temp .= ' <a href="char.php?id=' . $data["guid"] . '"> <span>' . $data["name"] . '</span> </a>'; } else { $output_temp .= $data["name"]; } $output_temp .= ' </td> <td> <img src="img/c_icons/' . $data["race"] . '-' . $data["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($data["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <img src="img/c_icons/' . $data["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($data["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <span>' . char_get_level_color($data["level"]) . '</span> </td> <td class="small"> <span onmousemove="oldtoolTip(\'MapID:' . $data["mapid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_map_name($data["mapid"]) . '</span> </td> <td class="small"> <span onmousemove="oldtoolTip(\'ZoneID:' . $data["zoneid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_zone_name($data["zoneid"]) . '</span> </td> <td> <img src="img/' . ($data["online"] ? 'up' : 'down') . '.gif" alt="" /> </td> </tr>'; } } else { $output_temp .= ' <tr> <th colspan="7" class="center_text"> <span>' . lang("char", "ignored") . '</span> </th> </tr>'; // append columns $output_temp .= $friends_columns; $output_temp .= ' <tr> <td colspan="7"> <span>' . lang("char", "no_ignores") . '</span> </td> </tr>'; } $output_temp .= ' <tr> <th colspan="7"> </th> </tr>'; // get ignored by if ($core == 1) { $result = $sql["char"]->query("SELECT name, race, class, mapid, zoneid, level, gender, online, acct, guid\r\n FROM characters WHERE guid IN (SELECT ignore_guid FROM social_ignores WHERE character_guid='" . $id . "') ORDER BY '" . $order_by . "' '" . $order_dir . "'"); } else { $result = $sql["char"]->query("SELECT name, race, class, map AS mapid, zone AS zoneid, level, gender, online, account AS acct, guid\r\n FROM characters WHERE guid IN (SELECT guid FROM character_social WHERE friend='" . $id . "' AND flags=2) ORDER BY '" . $order_by . "' '" . $order_dir . "'"); } if ($sql["char"]->num_rows($result)) { $output_temp .= ' <tr> <th colspan="7" class="center_text"> <span>' . lang("char", "ignoredby") . '</span> </th> </tr>'; // append columns $output_temp .= $friends_columns; while ($data = $sql["char"]->fetch_assoc($result)) { if ($core == 1) { $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $data["acct"] . "'"), 0, "gmlevel"); } else { $char_owner = $sql["logon"]->result($sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $data["acct"] . "'"), 0, "login"); } $char_gm_level = $sql["mgr"]->result($sql["mgr"]->query("SELECT SecurityLevel AS gmlevel FROM config_accounts WHERE Login='******'"), 0, "gmlevel"); $output_temp .= ' <tr> <td>'; if ($user_lvl >= $char_gm_level) { $output_temp .= ' <a href="char.php?id=' . $data["guid"] . '"> <span>' . $data["name"] . '</span> </a>'; } else { $output_temp .= $data["name"]; } $output_temp .= ' </td> <td> <img src="img/c_icons/' . $data["race"] . '-' . $data["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($data["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <img src="img/c_icons/' . $data["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($data["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> </td> <td> <span>' . char_get_level_color($data["level"]) . '</span> </td> <td class="small"> <span onmousemove="oldtoolTip(\'MapID:' . $data["mapid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_map_name($data["mapid"]) . '</span> </td> <td class="small"> <span onmousemove="oldtoolTip(\'ZoneID:' . $data["zoneid"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()">' . get_zone_name($data["zoneid"]) . '</span> </td> <td> <img src="img/' . ($data["online"] ? 'up' : 'down') . '.gif" alt="" /> </td> </tr>'; } } else { $output_temp .= ' <tr> <th colspan="7" class="center_text"> <span>' . lang("char", "ignoredby") . '</span> </th> </tr>'; // append columns $output_temp .= $friends_columns; $output_temp .= ' <tr> <td colspan="7"> <span>' . lang("char", "no_ignored_by") . '</span> </td> </tr>'; } $output .= $output_temp; $output .= ' </table> </td>'; //---------------Page Specific Data Ends here---------------------------- //---------------Character Tabs Footer----------------------------------- $output .= ' </tr> </table> </div> <br /> <table class="hidden center"> <tr> <td>'; // button to user account page, user account page has own security makebutton(lang("char", "chars_acc"), 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130); $output .= ' </td> <td>'; // only higher level GM with delete access can edit character // character edit allows removal of character items, so delete permission is needed if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"]) { //makebutton($lang_char["edit_button"], 'char_edit.php?id='.$id.'&realm='.$realmid.'', 130); $output .= ' </td> <td>'; } // only higher level GM with delete access, or character owner can delete character if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"] || $owner_name === $user_name) { makebutton(lang("char", "del_char"), 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130); $output .= ' </td> <td>'; } // only GM with update permission can send mail, mail can send items, so update permission is needed if ($user_lvl >= $action_permission["update"]) { makebutton(lang("char", "send_mail"), 'mail.php?type=ingame_mail&to=' . $char["name"] . '', 130); $output .= ' </td> <td>'; } makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> <br /> <!-- end of char_friends.php -->'; } else { error(lang("char", "no_permission")); } } else { error(lang("char", "no_char_found")); } }
function char_rep(&$sqlr, &$sqlc) { global $output, $lang_global, $lang_char, $realm_id, $characters_db, $mmfpm_db, $action_permission, $user_lvl, $user_name; require_once 'libs/fact_lib.php'; $reputation_rank = fact_get_reputation_rank_arr(); $reputation_rank_length = fact_get_reputation_rank_length(); if (empty($_GET['id'])) { error($lang_global['empty_fields']); } // this is multi realm support, as of writing still under development // this page is already implementing it if (empty($_GET['realm'])) { $realmid = $realm_id; } else { $realmid = $sqlr->quote_smart($_GET['realm']); if (is_numeric($realmid)) { $sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']); } else { $realmid = $realm_id; } } $id = $sqlc->quote_smart($_GET['id']); if (is_numeric($id)) { } else { $id = 0; } $result = $sqlc->query('SELECT account, name, race, class, level, gender FROM characters WHERE guid = ' . $id . ' LIMIT 1'); if ($sqlc->num_rows($result)) { $char = $sqlc->fetch_assoc($result); // we get user permissions first $owner_acc_id = $sqlc->result($result, 0, 'account'); $result = $sqlr->query('SELECT gmlevel, username FROM account WHERE id = ' . $char['account'] . ''); $owner_gmlvl = $sqlr->result($result, 0, 'gmlevel'); $owner_name = $sqlr->result($result, 0, 'username'); if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) { $result = $sqlc->query('SELECT faction, standing FROM character_reputation WHERE guid = ' . $id . ' AND (flags & 1 = 1)'); $output .= ' <center> <div id="tab_content"> <div id="tab"> <ul> <li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li> <li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['inventory'] . '</a></li> <li><a href="char_extra.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['extra'] . '</a></li> ' . ($char['level'] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['talents'] . '</a></li>') . ' <li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['achievements'] . '</a></li> <li><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['skills'] . '</a></li> <li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['quests'] . '</a></li>'; if (char_get_class_name($char['class']) === 'Hunter') { $output .= ' <li><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['pets'] . '</a></li>'; } $output .= ' <li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['friends'] . '</a></li> <li><a href="char_spell.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['spells'] . '</a></li> <li><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['mail'] . '</a></li> </ul> <ul>'; // selected char tab at last $output .= ' <li id="selected"><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['reputation'] . '</a></li>'; $output .= ' </ul> </div> <div id="tab_content2"> <font class="bold"> ' . htmlentities($char['name']) . ' - <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /> <img src="img/c_icons/' . $char['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . ' </font> <br /><br />'; $temp_out = array(1 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi1" onclick="expand(\'i1\', this, \'Alliance\')">[-] Alliance</div> </th> </tr> <tr> <td> <table id="i1" class="lined" style="width: 535px; display: table;">', 0), 2 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi2" onclick="expand(\'i2\', this, \'Horde\')">[-] Horde</div> </th> </tr> <tr> <td> <table id="i2" class="lined" style="width: 535px; display: table;">', 0), 3 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi3" onclick="expand(\'i3\', this, \'Alliance Forces\')">[-] Alliance Forces</div> </th> </tr> <tr> <td> <table id="i3" class="lined" style="width: 535px; display: table;">', 0), 4 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi4" onclick="expand(\'i4\', this, \'Horde Forces\')">[-] Horde Forces</div> </th> </tr> <tr> <td> <table id="i4" class="lined" style="width: 535px; display: table;">', 0), 5 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi5" onclick="expand(\'i5\', this, \'Steamwheedle Cartels\')">[-] Steamwheedle Cartel</div> </th> </tr> <tr> <td> <table id="i5" class="lined" style="width: 535px; display: table;">', 0), 6 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi6" onclick="expand(\'i6\', this, \'The Burning Crusade\')">[-] The Burning Crusade</div> </th> </tr> <tr> <td> <table id="i6" class="lined" style="width: 535px; display: table;">', 0), 7 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi7" onclick="expand(\'i7\', this, \'Shattrath City\')">[-] Shattrath City</div> </th> </tr> <tr> <td> <table id="i7" class="lined" style="width: 535px; display: table;">', 0), 8 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi8" onclick="expand(\'i8\', this, \'Alliance Vanguard\')">[-] Alliance Vanguard</div> </th> </tr> <tr> <td> <table id="i8" class="lined" style="width: 535px; display: table;">', 0), 9 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi9" onclick="expand(\'i9\', this, \'Horde Expedition \')">[-] Horde Expedition </div> </th> </tr> <tr> <td> <table id="i9" class="lined" style="width: 535px; display: table;">', 0), 10 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi10" onclick="expand(\'i10\', this, \'Sholazar Basin\')">[-] Sholazar Basin</div> </th> </tr> <tr> <td> <table id="i10" class="lined" style="width: 535px; display: table;">', 0), 11 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi11" onclick="expand(\'i11\', this, \'Wrath of the Lich King\')">[-] Wrath of the Lich King</div> </th> </tr> <tr> <td> <table id="i11" class="lined" style="width: 535px; display: table;">', 0), 12 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi12" onclick="expand(\'i12\', this, \'Other\')">[-] Other</div> </th> </tr> <tr> <td> <table id="i12" class="lined" style="width: 535px; display: table;">', 0), 0 => array(' <table class="lined" style="width: 550px;"> <tr> <th colspan="3" align="left"> <div id="divi13" onclick="expand(\'i13\', this, \'Unknown\')">[-] Unknown</div> </th> </tr> <tr> <td> <table id="i13" class="lined" style="width: 535px; display: table;">', 0)); $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); if ($sqlc->num_rows($result)) { while ($fact = $sqlc->fetch_assoc($result)) { $faction = $fact['faction']; $standing = $fact['standing']; $rep_rank = fact_get_reputation_rank($faction, $standing, $char['race'], $sqlm); $rep_rank_name = $reputation_rank[$rep_rank]; $rep_cap = $reputation_rank_length[$rep_rank]; $rep = fact_get_reputation_at_rank($faction, $standing, $char['race'], $sqlm); $faction_name = fact_get_faction_name($faction, $sqlm); $ft = fact_get_faction_tree($faction); // not show alliance rep for horde and vice versa: if (1 << $char['race'] - 1 & 690 && ($ft == 1 || $ft == 3) || 1 << $char['race'] - 1 & 1101 && ($ft == 2 || $ft == 4)) { } else { $temp_out[$ft][0] .= ' <tr> <td width="30%" align="left">' . $faction_name . '</td> <td width="55%" valign="top"> <div class="faction-bar"> <div class="rep' . $rep_rank . '"> <span class="rep-data">' . $rep . '/' . $rep_cap . '</span> <div class="bar-color" style="width:' . 100 * $rep / $rep_cap . '%"></div> </div> </div> </td> <td width="15%" align="left" class="rep' . $rep_rank . '">' . $rep_rank_name . '</td> </tr>'; $temp_out[$ft][1] = 1; } } } else { $output .= ' <tr> <td colspan="2"><br /><br />' . $lang_global['err_no_records_found'] . '<br /><br /></td> </tr>'; } foreach ($temp_out as $out) { if ($out[1]) { $output .= $out[0] . ' </table> </td> </tr> </table>'; } } $output .= ' <br /> </div> <br /> </div> <br /> <table class="hidden"> <tr> <td>'; // button to user account page, user account page has own security makebutton($lang_char['chars_acc'], 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130); $output .= ' </td> <td>'; // only higher level GM with delete access can edit character // character edit allows removal of character items, so delete permission is needed if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete']) { makebutton($lang_char['edit_button'], 'char_edit.php?id=' . $id . '&realm=' . $realmid . '', 130); $output .= ' </td> <td>'; } // only higher level GM with delete access, or character owner can delete character if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete'] || $owner_name === $user_name) { makebutton($lang_char['del_char'], 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130); $output .= ' </td> <td>'; } // only GM with update permission can send mail, mail can send items, so update permission is needed if ($user_lvl >= $action_permission['update']) { makebutton($lang_char['send_mail'], 'mail.php?type=ingame_mail&to=' . $char['name'] . '', 130); $output .= ' </td> <td>'; } makebutton($lang_global['back'], 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> <br /> </center> <!-- end of char_achieve.php -->'; } else { error($lang_char['no_permission']); } } else { error($lang_char['no_char_found']); } }
function char_rep() { global $output, $realm_id, $characters_db, $logon_db, $corem_db, $action_permission, $site_encoding, $user_lvl, $user_name, $sql, $core; require_once 'libs/fact_lib.php'; $reputation_rank = fact_get_reputation_rank_arr(); $reputation_rank_length = fact_get_reputation_rank_length(); if (empty($_GET["id"])) { error(lang("global", "empty_fields")); } // this is multi realm support, as of writing still under development // this page is already implementing it if (empty($_GET["realm"])) { $realmid = $realm_id; } else { $realmid = $sql["logon"]->quote_smart($_GET["realm"]); if (is_numeric($realmid)) { $sql["char"]->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name'], $characters_db[$realmid]["encoding"]); } else { $realmid = $realm_id; } } $id = $sql["char"]->quote_smart($_GET["id"]); if (!is_numeric($id)) { $id = 0; } if ($core == 1) { $result = $sql["char"]->query("SELECT acct, name, race, class, level, gender FROM characters WHERE guid='" . $id . "' LIMIT 1"); } else { $result = $sql["char"]->query("SELECT account AS acct, name, race, class, level, gender FROM characters WHERE guid='" . $id . "' LIMIT 1"); } if ($sql["char"]->num_rows($result)) { $char = $sql["char"]->fetch_assoc($result); // we get user permissions first $owner_acc_id = $sql["char"]->result($result, 0, 'acct'); if ($core == 1) { $result = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $char["acct"] . "'"); } else { $result = $sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $char["acct"] . "'"); } $owner_name = $sql["logon"]->result($result, 0, 'login'); $s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='******'"; $s_result = $sql["mgr"]->query($s_query); $s_fields = $sql["mgr"]->fetch_assoc($s_result); $owner_gmlvl = $s_fields["gm"]; $view_mod = $s_fields["View_Mod_Rep"]; if ($owner_gmlvl >= 1073741824) { $owner_gmlvl -= 1073741824; } // owner configured overrides $view_override = false; if ($view_mod > 0) { if ($view_mod == 1) { } elseif ($view_mod == 2) { // only registered users may view this page if ($user_lvl > -1) { $view_override = true; } } } // visibility overrides for specific tabs $view_inv_override = false; if ($s_fields["View_Mod_Inv"] > 0) { if ($s_fields["View_Mod_Inv"] == 1) { } elseif ($s_fields["View_Mod_Inv"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_inv_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_inv_override = true; } } $view_talent_override = false; if ($s_fields["View_Mod_Talent"] > 0) { if ($s_fields["View_Mod_Talent"] == 1) { } elseif ($s_fields["View_Mod_Talent"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_talent_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_talent_override = true; } } $view_achieve_override = false; if ($s_fields["View_Mod_Achieve"] > 0) { if ($s_fields["View_Mod_Achieve"] == 1) { } elseif ($s_fields["View_Mod_Achieve"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_achieve_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_achieve_override = true; } } $view_quest_override = false; if ($s_fields["View_Mod_Quest"] > 0) { if ($s_fields["View_Mod_Quest"] == 1) { } elseif ($s_fields["View_Mod_Quest"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_quest_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_quest_override = true; } } $view_friends_override = false; if ($s_fields["View_Mod_Friends"] > 0) { if ($s_fields["View_Mod_Friends"] == 1) { } elseif ($s_fields["View_Mod_Friends"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_friends_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_friends_override = true; } } $view_view_override = false; if ($s_fields["View_Mod_View"] > 0) { if ($s_fields["View_Mod_View"] == 1) { } elseif ($s_fields["View_Mod_View"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_view_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_view_override = true; } } $view_pets_override = false; if ($s_fields["View_Mod_Pets"] > 0) { if ($s_fields["View_Mod_Pets"] == 1) { } elseif ($s_fields["View_Mod_Pets"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_pets_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_pets_override = true; } } $view_skill_override = false; if ($s_fields["View_Mod_Skill"] > 0) { if ($s_fields["View_Mod_Skill"] == 1) { } elseif ($s_fields["View_Mod_Skill"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_skill_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_skill_override = true; } } $view_pvp_override = false; if ($s_fields["View_Mod_PvP"] > 0) { if ($s_fields["View_Mod_PvP"] == 1) { } elseif ($s_fields["View_Mod_PvP"] == 2) { // only registered users may view this tab if ($user_lvl > -1) { $view_pvp_override = true; } } } else { if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { $view_pvp_override = true; } } if ($view_override || $user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) { if ($core == 1) { $result = $sql["char"]->query("SELECT faction, standing FROM playerreputations WHERE guid='" . $id . "'"); $factions = array(); $faction_ranks = array(); while ($fact = $sql["char"]->fetch_assoc($result)) { array_push($factions, $fact["faction"]); array_push($faction_ranks, $fact["standing"]); } /*$result = $result["reputation"]; $result = substr($result, 0, strlen($result) - 1); $result = explode(",", $result); $factions = array(); $faction_ranks = array(); $pick = 0; foreach ( $result as $t ) { switch ( $pick ) { case 0: { array_push($factions, $t); $pick = 1; break; } case 1: { // we skip this one $pick = 2; break; } case 2: { // we skip this one $pick = 3; break; } case 3: { array_push($faction_ranks, $t); $pick = 0; break; } } }*/ } else { $result = $sql["char"]->query("SELECT faction, standing FROM character_reputation WHERE guid='" . $id . "' AND (flags & 1 = 1)"); $factions = array(); $faction_ranks = array(); while ($fact = $sql["char"]->fetch_assoc($result)) { array_push($factions, $fact["faction"]); array_push($faction_ranks, $fact["standing"]); } } $output .= ' <div class="tab"> <ul> <li class="selected"><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>'; if ($view_inv_override) { $output .= ' <li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "inventory") . '</a></li>'; } if ($view_talent_override) { $output .= ' ' . ($char["level"] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "talents") . '</a></li>') . ''; } if ($view_achieve_override) { $output .= ' <li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "achievements") . '</a></li>'; } if ($view_quest_override) { $output .= ' <li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "quests") . '</a></li>'; } if ($view_friends_override) { $output .= ' <li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "friends") . '</a></li>'; } if ($view_view_override) { $output .= ' <li><a href="char_view.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "view") . '</a></li>'; } $output .= ' </ul> </div> <div class="tab_content center"> <div class="tab"> <ul> <li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "char_sheet") . '</a></li>'; if (char_get_class_name($char["class"]) == "Hunter" && $view_pets_override) { $output .= ' <li><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "pets") . '</a></li>'; } $output .= ' <li class="selected"><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "reputation") . '</a></li>'; if ($view_skill_override) { $output .= ' <li><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "skills") . '</a></li>'; } if ($view_pvp_override) { $output .= ' <li><a href="char_pvp.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "pvp") . '</a></li>'; } if ($owner_name == $user_name || $user_lvl >= get_page_permission("insert", "char_mail.php")) { $output .= ' <li><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . lang("char", "mail") . '</a></li>'; } $output .= ' </ul> </div> <div class="tab_content2 center center_text"> <span class="bold"> ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' - <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . ' </span> <br /> <br />'; $temp_out = array(1 => array(' <table class="lined" id="ch_rep_rep_alliance"> <tr> <th colspan="3" align="left"> <div id="divi1" onclick="expand(\'i1\', this, \'Alliance\')">[-] ' . lang("char", "rep_alliance") . '</div> </th> </tr> <tr> <td> <table id="i1" class="lined" style="width: 535px; display: table;">', 0), 2 => array(' <table class="lined" id="ch_rep_rep_horde"> <tr> <th colspan="3" align="left"> <div id="divi2" onclick="expand(\'i2\', this, \'Horde\')">[-] ' . lang("char", "rep_horde") . '</div> </th> </tr> <tr> <td> <table id="i2" class="lined" style="width: 535px; display: table;">', 0), 3 => array(' <table class="lined" id="ch_rep_rep_alliance_forces"> <tr> <th colspan="3" align="left"> <div id="divi3" onclick="expand(\'i3\', this, \'Alliance Forces\')">[-] ' . lang("char", "rep_alliance_forces") . '</div> </th> </tr> <tr> <td> <table id="i3" class="lined" style="width: 535px; display: table;">', 0), 4 => array(' <table class="lined" id="ch_rep_rep_horde_forces"> <tr> <th colspan="3" align="left"> <div id="divi4" onclick="expand(\'i4\', this, \'Horde Forces\')">[-] ' . lang("char", "rep_horde_forces") . '</div> </th> </tr> <tr> <td> <table id="i4" class="lined" style="width: 535px; display: table;">', 0), 5 => array(' <table class="lined" id="ch_rep_rep_steamwheedle_cartel"> <tr> <th colspan="3" align="left"> <div id="divi5" onclick="expand(\'i5\', this, \'Steamwheedle Cartels\')">[-] ' . lang("char", "rep_steamwheedle_cartel") . '</div> </th> </tr> <tr> <td> <table id="i5" class="lined" style="width: 535px; display: table;">', 0), 6 => array(' <table class="lined" id="ch_rep_rep_the_burning_crusade"> <tr> <th colspan="3" align="left"> <div id="divi6" onclick="expand(\'i6\', this, \'The Burning Crusade\')">[-] ' . lang("char", "rep_the_burning_crusade") . '</div> </th> </tr> <tr> <td> <table id="i6" class="lined" style="width: 535px; display: table;">', 0), 7 => array(' <table class="lined" id="ch_rep_rep_shattrath_city"> <tr> <th colspan="3" align="left"> <div id="divi7" onclick="expand(\'i7\', this, \'Shattrath City\')">[-] ' . lang("char", "rep_shattrath_city") . '</div> </th> </tr> <tr> <td> <table id="i7" class="lined" style="width: 535px; display: table;">', 0), 8 => array(' <table class="lined" id="ch_rep_rep_alliance_vanguard"> <tr> <th colspan="3" align="left"> <div id="divi8" onclick="expand(\'i8\', this, \'Alliance Vanguard\')">[-] ' . lang("char", "rep_alliance_vanguard") . '</div> </th> </tr> <tr> <td> <table id="i8" class="lined" style="width: 535px; display: table;">', 0), 9 => array(' <table class="lined" id="ch_rep_rep_horde_expedition"> <tr> <th colspan="3" align="left"> <div id="divi9" onclick="expand(\'i9\', this, \'Horde Expedition \')">[-] ' . lang("char", "rep_horde_expedition") . '</div> </th> </tr> <tr> <td> <table id="i9" class="lined" style="width: 535px; display: table;">', 0), 10 => array(' <table class="lined" id="ch_rep_rep_sholazar_basin"> <tr> <th colspan="3" align="left"> <div id="divi10" onclick="expand(\'i10\', this, \'Sholazar Basin\')">[-] ' . lang("char", "rep_sholazar_basin") . '</div> </th> </tr> <tr> <td> <table id="i10" class="lined" style="width: 535px; display: table;">', 0), 11 => array(' <table class="lined" id="ch_rep_rep_wrath_of_the_lich_king"> <tr> <th colspan="3" align="left"> <div id="divi11" onclick="expand(\'i11\', this, \'Wrath of the Lich King\')">[-] ' . lang("char", "rep_wrath_of_the_lich_king") . '</div> </th> </tr> <tr> <td> <table id="i11" class="lined" style="width: 535px; display: table;">', 0), 12 => array(' <table class="lined" id="ch_rep_rep_other"> <tr> <th colspan="3" align="left"> <div id="divi12" onclick="expand(\'i12\', this, \'Other\')">[-] ' . lang("char", "rep_other") . '</div> </th> </tr> <tr> <td> <table id="i12" class="lined" style="width: 535px; display: table;">', 0), 0 => array(' <table class="lined" id="ch_rep_rep_unknown"> <tr> <th colspan="3" align="left"> <div id="divi13" onclick="expand(\'i13\', this, \'Unknown\')">[-] ' . lang("char", "rep_unknown") . '</div> </th> </tr> <tr> <td> <table id="i13" class="lined" style="width: 535px; display: table;">', 0)); if (count($factions) > 1) { for ($i = 0; $i < count($factions); $i++) { $faction = $factions[$i]; $standing = $faction_ranks[$i]; $rep_rank = fact_get_reputation_rank($faction, $standing, $char["race"]); $rep_rank_name = $reputation_rank[$rep_rank]; $rep_cap = $reputation_rank_length[$rep_rank]; $rep = fact_get_reputation_at_rank($faction, $standing, $char["race"]); $faction_name = fact_get_faction_name($faction); $ft = fact_get_faction_tree($faction); // not show alliance rep for horde and vice versa: if (1 << $char["race"] - 1 & 690 && ($ft == 1 || $ft == 3) || 1 << $char["race"] - 1 & 1101 && ($ft == 2 || $ft == 4)) { } else { // this_is_junk: style left hardcoded because it's calculated. $temp_out[$ft][0] .= ' <tr> <td style="width: 30%;" align="left">' . $faction_name . '</td> <td style="width: 55%;" valign="top"> <div class="faction-bar"> <div class="rep' . $rep_rank . '"> <span class="rep-data">' . $rep . '/' . $rep_cap . '</span> <div class="bar-color" style="width:' . 100 * $rep / $rep_cap . '%"></div> </div> </div> </td> <td style="width: 15%;" align="left" class="rep' . $rep_rank . '">' . $rep_rank_name . '</td> </tr>'; $temp_out[$ft][1] = 1; } } } else { $output .= ' <tr> <td colspan="2"><br /><br />' . lang("global", "err_no_records_found") . '<br /><br /></td> </tr>'; } foreach ($temp_out as $out) { if ($out[1]) { $output .= $out[0] . ' </table> </td> </tr> </table>'; } } $output .= ' <br /> </div> <br /> </div> <br /> <table class="hidden center"> <tr> <td>'; // button to user account page, user account page has own security makebutton(lang("char", "chars_acc"), 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130); $output .= ' </td> <td>'; // only higher level GM with delete access can edit character // character edit allows removal of character items, so delete permission is needed if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"]) { //makebutton($lang_char["edit_button"], 'char_edit.php?id='.$id.'&realm='.$realmid.'', 130); $output .= ' </td> <td>'; } // only higher level GM with delete access, or character owner can delete character if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission["delete"] || $owner_name === $user_name) { makebutton(lang("char", "del_char"), 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130); $output .= ' </td> <td>'; } // only GM with update permission can send mail, mail can send items, so update permission is needed if ($user_lvl >= $action_permission["update"]) { makebutton(lang("char", "send_mail"), 'mail.php?type=ingame_mail&to=' . $char["name"] . '', 130); $output .= ' </td> <td>'; } makebutton(lang("global", "back"), 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> <br /> <!-- end of char_achieve.php -->'; } else { error(lang("char", "no_permission")); } } else { error(lang("char", "no_char_found")); } }
function delete() { global $lang_global, $lang_item_edit, $output, $action_permission, $user_lvl; valid_login($action_permission['delete']); if (isset($_GET['entry'])) { $entry = $_GET['entry']; } else { redirect("item.php?error=1"); } $output .= "\n <center>\n <h1><font class=\"error\">{$lang_global['are_you_sure']}</font></h1>\n <br />\n <font class=\"bold\">\n {$lang_item_edit['item_id']}: <a href=\"item.php?action=edit&entry={$entry}\" target=\"_blank\">{$entry}</a>\n {$lang_global['will_be_erased']}\n </font>\n <br /><br />\n <table class=\"hidden\">\n <tr>\n <td>"; makebutton($lang_global['yes'], "item.php?action=do_delete&entry={$entry}\" type=\"warn", 130); makebutton($lang_global['no'], "item.php", 130); $output .= "\n </td>\n </tr>\n </table>\n <br />\n </center>"; }
function edit_user() { global $lang_global, $lang_user, $output, $realm_db, $characters_db, $realm_id, $mmfpm_db, $user_lvl, $user_name, $gm_level_arr, $action_permission, $expansion_select, $developer_test_mode, $multi_realm_mode, $server; $active_realm_id_pq = "active_realm_id"; if (empty($_GET['id'])) { redirect("user.php?error=10"); } $sqlr = new SQL(); $sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); $sqlc = new SQL(); $sqlc->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']); $id = $sqlr->quote_smart($_GET['id']); $result = $sqlr->query("SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,{$active_realm_id_pq},expansion FROM account WHERE id = '{$id}'"); $data = $sqlr->fetch_assoc($result); $refguid = $sqlm->fetch_assoc($sqlm->query('SELECT InvitedBy FROM mm_point_system_invites WHERE PlayersAccount = ' . $data['id'] . '')); $refguid = $refguid['InveitedBy']; $referred_by = $sqlc->fetch_assoc($sqlc->query("SELECT name FROM characters WHERE guid = '{$refguid}'")); unset($refguid); $referred_by = $referred_by['name']; if ($sqlr->num_rows($result)) { $output .= ' <center> <script type="text/javascript" src="libs/js/sha1.js"></script> <script type="text/javascript"> // <![CDATA[ function do_submit_data () { if ((document.form.username.value != "' . $data['username'] . '") && (document.form.new_pass.value == "******")) { alert("If you are changing Username, The password must be changed too."); return; } else { document.form.pass.value = hex_sha1(document.form.username.value.toUpperCase()+":"+document.form.new_pass.value.toUpperCase()); document.form.new_pass.value = "0"; do_submit(); } } // ]]> </script> <fieldset style="width: 550px;"> <legend>' . $lang_user['edit_acc'] . '</legend> <form method="post" action="user.php?action=doedit_user" name="form"> <input type="hidden" name="pass" value="" maxlength="256" /> <input type="hidden" name="id" value="' . $id . '" /> <table class="flat"> <tr> <td>' . $lang_user['id'] . '</td> <td>' . $data['id'] . '</td> </tr> <tr> <td>' . $lang_user['username'] . '</td>'; if ($user_lvl >= $action_permission['update']) { $output .= ' <td><input type="text" name="username" size="42" maxlength="15" value="' . $data['username'] . '" /></td>'; } else { $output .= ' <td>' . $data['username'] . '</td>'; } $output .= ' </tr> <tr> <td>' . $lang_user['password'] . '</td>'; if ($user_lvl >= $action_permission['update']) { $output .= "\r\n <td><input type=\"text\" name=\"new_pass\" size=\"42\" maxlength=\"40\" value=\"******\" /></td>"; } else { $output .= "\r\n <td>********</td>"; } $output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['email']}</td>"; if ($user_lvl >= $action_permission['update']) { $output .= ' <td><input type="text" name="mail" size="42" maxlength="225" value="' . $data['email'] . '" /></td>'; } else { $output .= "\r\n <td>***@***.***</td>"; } $output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['invited_by']}:</td>\r\n <td>"; if ($user_lvl >= $action_permission['update'] && !$referred_by != NULL) { $output .= "\r\n <input type=\"text\" name=\"referredby\" size=\"42\" maxlength=\"12\" value=\"{$referred_by}\" />"; } else { $output .= "\r\n {$referred_by}"; } $output .= "\r\n </td>\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['gm_level_long']}</td>"; if ($user_lvl >= $action_permission['update']) { $output .= "\r\n <td>\r\n <select name=\"gmlevel\">"; foreach ($gm_level_arr as $level) { if ($level[0] > -1 && $level[0] < $user_lvl) { $output .= "\r\n <option value=\"{$level[0]}\" "; if ($data['gmlevel'] == $level[0]) { $output .= "selected=\"selected\" "; } $output .= ">{$level[1]}</option>"; } } $output .= "\r\n </select>\r\n </td>"; } else { $output .= ' <td>' . id_get_gm_level($data['gmlevel']) . ' ( ' . $data['gmlevel'] . ' )</td>'; } $output .= ' </tr> <tr> <td>' . $lang_user['join_date'] . '</td> <td>' . $data['joindate'] . '</td> </tr> <tr> <td>' . $lang_user['last_ip'] . '</td>'; if ($user_lvl >= $action_permission['update']) { $output .= ' <td>' . $data['last_ip'] . '<a href="banned.php?action=do_add_entry&entry=' . $data['last_ip'] . '&bantime=3600&ban_type=ip_banned"> <- ' . $lang_user['ban_this_ip'] . '</a></td>'; } else { $output .= "\r\n <td>***.***.***.***</td>"; } $output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['banned']}</td>"; $que = $sqlr->query("SELECT bandate, unbandate, bannedby, banreason FROM account_banned WHERE id = {$id}"); if ($sqlr->num_rows($que)) { $banned = $sqlr->fetch_row($que); $ban_info = " From:" . date('d-m-Y G:i', $banned[0]) . " till:" . date('d-m-Y G:i', $banned[1]) . "<br />by {$banned['2']}"; $ban_checked = " checked=\"checked\""; } else { $ban_checked = ""; $ban_info = ""; $banned[3] = ""; } if ($user_lvl >= $action_permission['update']) { $output .= "\r\n <td><input type=\"checkbox\" name=\"banned\" value=\"1\" {$ban_checked}/>{$ban_info}</td>"; } else { $output .= "\r\n <td>{$ban_info}</td>"; } $output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['banned_reason']}</td>"; if ($user_lvl >= $action_permission['update']) { $output .= "\r\n <td><input type=\"text\" name=\"banreason\" size=\"42\" maxlength=\"255\" value=\"{$banned['3']}\" /></td>"; } else { $output .= "\r\n <td>{$banned['3']}</td>"; } if ($expansion_select) { $output .= "\r\n </tr>\r\n <tr>"; if ($user_lvl >= $action_permission['update']) { $output .= "\r\n <td>{$lang_user['client_type']}</td>"; $output .= "\r\n <td>\r\n <select name=\"expansion\">"; $output .= "\r\n <option value=\"0\">{$lang_user['classic']}</option>\r\n <option value=\"1\" "; if ($data['expansion'] == 1) { $output .= "selected=\"selected\" "; } $output .= ">{$lang_user['tbc']}</option>\r\n <option value=\"2\" "; if ($data['expansion'] == 2) { $output .= "selected=\"selected\" "; } $output .= ">{$lang_user['wotlk']}</option>\r\n </select>\r\n </td>"; } else { $output .= "\r\n <td>{$lang_user['classic']}</td>"; } } $output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['failed_logins_long']}</td>"; if ($user_lvl >= $action_permission['update']) { $output .= ' <td><input type="text" name="failed" size="42" maxlength="3" value="' . $data['failed_logins'] . '" /></td>'; } else { $output .= ' <td>' . $data['failed_logins'] . '</td>'; } $output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['locked']}</td>"; $lock_checked = $data['locked'] ? " checked=\"checked\"" : ""; if ($user_lvl >= $action_permission['update']) { $output .= "\r\n <td><input type=\"checkbox\" name=\"locked\" value=\"1\" {$lock_checked}/></td>"; } else { $output .= "\r\n <td></td>"; } $output .= ' </tr> <tr> <td>' . $lang_user['last_login'] . '</td> <td>' . $data['last_login'] . '</td> </tr> <tr> <td>' . $lang_user['online'] . '</td>'; $output .= "\r\n <td>" . ($data['active_realm_id'] ? $lang_global['yes'] : $lang_global['no']) . "</td>\r\n </tr>"; $query = $sqlr->query("SELECT SUM(numchars) FROM realmcharacters WHERE acctid = '{$id}'"); $tot_chars = $sqlr->result($query, 0); $query = $sqlc->query("SELECT count(*) FROM `characters` WHERE account = {$id}"); $chars_on_realm = $sqlc->result($query, 0); $output .= "\r\n <tr>\r\n <td>{$lang_user['tot_chars']}</td>\r\n <td>{$tot_chars}</td>\r\n </tr>"; $realms = $sqlr->query("SELECT id, name FROM realmlist"); if ($developer_test_mode && $multi_realm_mode && ($sqlr->num_rows($realms) > 1 && count($server) > 1 && count($characters_db) > 1)) { require_once "scripts/get_lib.php"; while ($realm = $sqlr->fetch_array($realms)) { $sqlc->connect($characters_db[$realm[0]]['addr'], $characters_db[$realm[0]]['user'], $characters_db[$realm[0]]['pass'], $characters_db[$realm[0]]['name']); $query = $sqlc->query("SELECT count(*) FROM `characters` WHERE account = {$id}"); $chars_on_realm = $sqlc->result($query, 0); $output .= "\r\n <tr>\r\n <td>{$lang_user['chars_on_realm']} " . get_realm_name($realm[0]) . "</td>\r\n <td>{$chars_on_realm}</td>\r\n </tr>"; if ($chars_on_realm) { $char_array = $sqlc->query("SELECT guid, name, race, class, level, gender\r\n FROM `characters` WHERE account = {$id}"); while ($char = $sqlc->fetch_array($char_array)) { $output .= "\r\n <tr>\r\n <td> '---></td>\r\n <td>\r\n <a href=\"char.php?id={$char['0']}&realm={$realm['0']}\">{$char['1']} - <img src='img/c_icons/{$char[2]}-{$char[5]}.gif' onmousemove='toolTip(\"" . char_get_race_name($char[2]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" />\r\n <img src='img/c_icons/{$char[3]}.gif' onmousemove='toolTip(\"" . char_get_class_name($char[3]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\"/> - lvl " . char_get_level_color($char[4]) . "</a>\r\n </td>\r\n </tr>"; } } } } else { $query = $sqlc->query("SELECT count(*) FROM `characters` WHERE account = {$id}"); $chars_on_realm = $sqlc->result($query, 0); $output .= "\r\n <tr>\r\n <td>{$lang_user['chars_on_realm']}</td>\r\n <td>{$chars_on_realm}</td>\r\n </tr>"; if ($chars_on_realm) { $char_array = $sqlc->query("SELECT guid,name,race,class, level, gender FROM `characters` WHERE account = {$id}"); while ($char = $sqlc->fetch_array($char_array)) { $output .= "\r\n <tr>\r\n <td> '---></td>\r\n <td>\r\n <a href=\"char.php?id={$char['0']}\">{$char['1']} - <img src='img/c_icons/{$char[2]}-{$char[5]}.gif' onmousemove='toolTip(\"" . char_get_race_name($char[2]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" />\r\n <img src='img/c_icons/{$char[3]}.gif' onmousemove='toolTip(\"" . char_get_class_name($char[3]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\"/> - lvl " . char_get_level_color($char[4]) . "</a>\r\n </td>\r\n </tr>"; } } } $output .= "\r\n <tr>\r\n <td>"; if ($user_lvl >= $action_permission['delete']) { makebutton($lang_user['del_acc'], "user.php?action=del_user&check%5B%5D={$id}\" type=\"wrn", 130); } $output .= "\r\n </td>\r\n <td>"; if ($user_lvl >= $action_permission['update']) { makebutton($lang_user['update_data'], "javascript:do_submit_data()", 130); } makebutton($lang_global['back'], "javascript:window.history.back()\" type=\"def", 130); $output .= "\r\n </td>\r\n </tr>\r\n </table>\r\n </form>\r\n </fieldset>\r\n <br /><br />\r\n </center>\r\n"; } else { error($lang_global['err_no_user']); } }
function edit_char(&$sqlr, &$sqlc, &$sqlm) { global $lang_global, $lang_char, $lang_item, $output, $realm_db, $characters_db, $realm_id, $mmfpm_db, $action_permission, $user_lvl, $item_datasite; // this page uses wowhead tooltops wowhead_tt(); valid_login($action_permission['delete']); if (empty($_GET['id'])) { error($lang_global['empty_fields']); } $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); $id = $sqlc->quote_smart($_GET['id']); // getting character data from database $result = $sqlc->query("\r\n\t\tSELECT account \r\n\t\tFROM `characters` \r\n\t\tWHERE guid = '{$id}'"); // no point going further if character does not exist if ($sqlc->num_rows($result)) { //resrict by owner's gmlvl $owner_acc_id = $sqlc->result($result, 0, 'account'); $query = $sqlr->query("\r\n\t\t\tSELECT gmlevel, username \r\n\t\t\tFROM account \r\n\t\t\tWHERE id ='{$owner_acc_id}'"); $owner_gmlvl = $sqlr->result($query, 0, 'gmlevel'); $owner_name = $sqlr->result($query, 0, 'username'); $owner_check = $sqlr->result($query, 0, 'username'); if ($user_lvl >= $owner_gmlvl) { $result = $sqlc->query("\r\n\t\t\t\tSELECT c.guid, c.account, c.name, c.race, c.class, c.level, c.gender, c.online, c.money, c.totaltime,\r\n\t\t\t\t\tc.position_x, c.position_y, c.position_z, c.map, c.zone,\r\n\t\t\t\t\tc.totalHonorpoints, c.totalKills, c.arenaPoints, c.equipmentCache,\r\n\t\t\t\t\tCOALESCE(guild_member.guildid,0) AS guildid, COALESCE(guild_member.rank,0) AS grank\r\n\t\t\t\tFROM characters c LEFT JOIN guild_member ON c.guid = guild_member.guid \r\n\t\t\t\tWHERE c.guid = '{$id}'"); $char = $sqlc->fetch_assoc($result); $eq_data = explode(' ', $char['equipmentCache']); if ($char['online']) { $online = "<font class=\"error\">{$lang_char['online']}</font>{$lang_char['edit_offline_only_char']}"; } else { $online = $lang_char['offline']; } if ($char['guildid']) { $query = $sqlc->query("\r\n\t\t\t\t\tSELECT name \r\n\t\t\t\t\tFROM guild \r\n\t\t\t\t\tWHERE guildid ='{$char['guildid']}'"); $guild_name = $sqlc->result($query, 0, 'name'); if ($user_lvl > 0) { $guild_name = "<a href=\"guild.php?action=view_guild&error=3&id={$char['guildid']}\" >{$guild_name}</a>"; } if ($char['grank']) { $guild_rank_query = $sqlc->query("\r\n\t\t\t\t\t\tSELECT rname \r\n\t\t\t\t\t\tFROM guild_rank \r\n\t\t\t\t\t\tWHERE guildid ='{$char['guildid']}' AND rid='{$char['grank']}'"); $guild_rank = $sqlc->result($guild_rank_query, 0, 'rname'); } else { $guild_rank = $lang_char['guild_leader']; } } else { $guild_name = $lang_global['none']; $guild_rank = $lang_global['none']; } $output .= "\r\n <center>\r\n <form method=\"get\" action=\"char_edit.php\" name=\"form\">\r\n <input type=\"hidden\" name=\"action\" value=\"do_edit_char\" />\r\n <input type=\"hidden\" name=\"id\" value=\"{$id}\" />\r\n <table class=\"lined\">\r\n <tr>\r\n <td colspan=\"8\"><font class=\"bold\"><input type=\"text\" name=\"name\" size=\"14\" maxlength=\"12\" value=\"" . $char['name'] . "\" /> - <img src='img/c_icons/" . $char['race'] . "-" . $char['gender'] . ".gif' onmousemove='toolTip(\"" . char_get_race_name($char['race']) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" /> <img src='img/c_icons/" . $char['class'] . ".gif' onmousemove='toolTip(\"" . char_get_class_name($char['class']) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" /> - lvl " . char_get_level_color($char['level']) . "</font><br />" . $online . "</td>\r\n </tr>\r\n <tr>\r\n <td colspan=\"8\">" . get_map_name($char['online'], $sqlm) . " - " . get_zone_name($char['zone'], $sqlm) . "</td>\r\n </tr>\r\n <tr>\r\n <td colspan=\"8\">{$lang_char['username']}: <input type=\"text\" name=\"owner_name\" size=\"20\" maxlength=\"25\" value=\"{$owner_name}\" /> | {$lang_char['acc_id']}: {$owner_acc_id}</td>\r\n </tr>\r\n <tr>\r\n <td colspan=\"8\">{$lang_char['guild']}: {$guild_name} | {$lang_char['rank']}: {$guild_rank}</td>\r\n </tr>\r\n <tr>\r\n <td colspan=\"8\">{$lang_char['honor_points']}: <input type=\"text\" name=\"honor_points\" size=\"8\" maxlength=\"6\" value=\"{$char['totalHonorpoints']}\" />/\r\n <input type=\"text\" name=\"arena_points\" size=\"8\" maxlength=\"6\" value=\"{$char['arenaPoints']}\" /> - {$lang_char['honor_kills']}: <input type=\"text\" name=\"total_kills\" size=\"8\" maxlength=\"6\" value=\"{$char['totalKills']}\" />\r\n </td>\r\n </tr>\r\n <tr>\r\n <td width=\"2%\"><input type=\"checkbox\" name=\"check[]\" value=\"a0\" /></td><td width=\"18%\">{$lang_item['head']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_HEAD]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_HEAD]) . "</a></td>\r\n <td width=\"18%\">{$lang_item['gloves']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_GLOVES]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_GLOVES]) . "</a></td><td width=\"2%\"><input type=\"checkbox\" name=\"check[]\" value=\"a9\" /></td>\r\n </tr>\r\n <tr>\r\n <td><input type=\"checkbox\" name=\"check[]\" value=\"a1\" /></td><td>{$lang_item['neck']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_NECK]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_NECK]) . "</a></td>\r\n <td>{$lang_item['belt']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_BELT]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_BELT]) . "</a></td> <td><input type=\"checkbox\" name=\"check[]\" value=\"a5\" /></td>\r\n </tr>\r\n <tr>\r\n <td><input type=\"checkbox\" name=\"check[]\" value=\"a2\" /></td><td>{$lang_item['shoulder']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_SHOULDER]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_SHOULDER]) . "</a></td>\r\n <td>{$lang_item['legs']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_LEGS]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_LEGS]) . "</a></td><td><input type=\"checkbox\" name=\"check[]\" value=\"a6\" /></td>\r\n </tr>\r\n <tr>\r\n <td><input type=\"checkbox\" name=\"check[]\" value=\"a14\" /></td><td>{$lang_item['back']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_BACK]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_BACK]) . "</a></td>\r\n <td>{$lang_item['feet']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_FEET]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_FEET]) . "</a></td><td><input type=\"checkbox\" name=\"check[]\" value=\"a7\" /></td>\r\n </tr>\r\n <tr>\r\n <td><input type=\"checkbox\" name=\"check[]\" value=\"a4\" /></td><td>{$lang_item['chest']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_CHEST]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_CHEST]) . "</a></td>\r\n <td>{$lang_item['finger']} 1<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_FINGER1]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_FINGER1]) . "</a></td><td><input type=\"checkbox\" name=\"check[]\" value=\"a10\" /></td>\r\n </tr>\r\n <tr>\r\n <td><input type=\"checkbox\" name=\"check[]\" value=\"a3\" /></td><td>{$lang_item['shirt']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_SHIRT]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_SHIRT]) . "</a></td>\r\n <td>{$lang_item['finger']} 2<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_FINGER2]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_FINGER2]) . "</a></td><td><input type=\"checkbox\" name=\"check[]\" value=\"a11\" /></td>\r\n </tr>\r\n <tr>\r\n <td><input type=\"checkbox\" name=\"check[]\" value=\"a18\" /></td><td>{$lang_item['tabard']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_TABARD]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_TABARD]) . "</a></td>\r\n <td>{$lang_item['trinket']} 1<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_TRINKET1]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_TRINKET1]) . "</a></td><td><input type=\"checkbox\" name=\"check[]\" value=\"a12\" /></td>\r\n </tr>\r\n <tr>\r\n <td><input type=\"checkbox\" name=\"check[]\" value=\"a8\" /></td><td>{$lang_item['wrist']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_WRIST]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_WRIST]) . "</a></td>\r\n <td>{$lang_item['trinket']} 2<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_TRINKET2]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_TRINKET2]) . "</a></td><td><input type=\"checkbox\" name=\"check[]\" value=\"a13\" /></td>\r\n </tr>\r\n <tr>\r\n <td><input type=\"checkbox\" name=\"check[]\" value=\"a15\" /></td>\r\n <td colspan=\"2\">{$lang_item['main_hand']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_MAIN_HAND]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_MAIN_HAND]) . "</a></td>\r\n <td colspan=\"2\"><input type=\"checkbox\" name=\"check[]\" value=\"a16\" /> {$lang_item['off_hand']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_OFF_HAND]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_OFF_HAND]) . "</a></td>\r\n <td colspan=\"2\">{$lang_item['ranged']}<br /><a href=\"{$item_datasite}{$eq_data[EQ_DATA_OFFSET_EQU_RANGED]}\" target=\"_blank\">" . get_item_name($eq_data[EQ_DATA_OFFSET_EQU_RANGED]) . "</a></td>\r\n <td><input type=\"checkbox\" name=\"check[]\" value=\"a17\" /></td>\r\n </tr>\r\n <tr>\r\n <td colspan=\"4\">{$lang_char['gold']}: <input type=\"text\" name=\"money\" size=\"10\" maxlength=\"8\" value=\"{$char['money']}\" /></td>\r\n <td colspan=\"4\">{$lang_char['tot_paly_time']}: <input type=\"text\" name=\"tot_time\" size=\"8\" maxlength=\"14\" value=\"{$char['totaltime']}\" /></td>\r\n </tr>\r\n <tr>\r\n <td colspan=\"5\">{$lang_char['location']}:\r\n X:<input type=\"text\" name=\"x\" size=\"10\" maxlength=\"8\" value=\"{$char['position_x']}\" />\r\n Y:<input type=\"text\" name=\"y\" size=\"8\" maxlength=\"16\" value=\"{$char['position_y']}\" />\r\n Z:<input type=\"text\" name=\"z\" size=\"8\" maxlength=\"16\" value=\"{$char['position_z']}\" />\r\n Map:<input type=\"text\" name=\"map\" size=\"8\" maxlength=\"16\" value=\"{$char['map']}\" />\r\n </td>\r\n <td colspan=\"3\">{$lang_char['move_to']}:<input type=\"text\" name=\"tp_to\" size=\"24\" maxlength=\"64\" value=\"\" /></td>\r\n </tr>\r\n </table>\r\n <br />"; //inventory+bank items $query2 = $sqlc->query("\r\n\t\t\t\tSELECT bag, slot, item, item_template \r\n\t\t\t\tFROM character_inventory \r\n\t\t\t\tWHERE guid = '{$id}' \r\n\t\t\t\tORDER BY bag, slot"); $inv = array(); $count = 0; while ($slot = $sqlc->fetch_row($query2)) { if ($slot[0] == 0) { if ($slot[1] >= 23 && $slot[1] <= 62) { $count++; $inv[$count][0] = $slot[3]; $inv[$count][1] = $slot[2]; } } else { $count++; $inv[$count][0] = $slot[3]; $inv[$count][1] = $slot[2]; } } $output .= "\r\n <table class=\"lined\">\r\n\t\t\t\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t\t\t\t<td>{$lang_char['inv_bank']}</td>\r\n\t\t\t\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t\t\t\t<td height=\"100\" align=\"center\">\r\n\t\t\t\t\t\t\t\t\t\t\t<table>\r\n\t\t\t\t\t\t\t\t\t\t\t\t<tr align=\"center\">"; $j = 0; for ($i = 1; $i <= $count; $i++) { $j++; $output .= "\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t<td>\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<a href=\"{$item_datasite}{$inv[$i][0]}\" target=\"_blank\">{$inv[$i][0]}</a>\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<br />\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t<input type=\"checkbox\" name=\"check[]\" value=\"{$inv[$i][1]}\" />\r\n\t\t\t\t\t\t\t\t\t\t\t\t\t</td>"; if ($j == 15) { $output .= "\r\n\t\t\t\t\t\t\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t\t\t\t\t\t\t\t<tr align=\"center\">"; $j = 0; } } $output .= "\r\n </tr>\r\n </table>\r\n </td>\r\n </tr>\r\n </table>\r\n <br />\r\n <table class=\"hidden\">\r\n <tr>\r\n <td>"; makebutton($lang_char['update'], "javascript:do_submit()", 190); makebutton($lang_char['to_char_view'], "char.php?id={$id}", 160); makebutton($lang_char['del_char'], "char_list.php?action=del_char_form&check%5B%5D={$id}", 160); makebutton($lang_global['back'], "javascript:window.history.back()", 160); $output .= "\r\n </td>\r\n </tr>\r\n </table>\r\n <br />\r\n </form>\r\n </center>"; //case of non auth request } else { error($lang_char['no_permission']); } } else { error($lang_char['no_char_found']); } }
function char_main(&$sqlr, &$sqlc) { global $output, $lang_global, $lang_char, $lang_item, $realm_id, $realm_db, $characters_db, $world_db, $server, $mmfpm_db, $action_permission, $user_lvl, $user_name, $user_id, $item_datasite, $spell_datasite, $showcountryflag; // this page uses wowhead tooltops wowhead_tt(); // we need at least an id or we would have nothing to show if (empty($_GET['id'])) { error($lang_global['empty_fields']); } // this is multi realm support, as of writing still under development // this page is already implementing it if (empty($_GET['realm'])) { $realmid = $realm_id; } else { $realmid = $sqlr->quote_smart($_GET['realm']); if (is_numeric($realmid)) { $sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']); } else { $realmid = $realm_id; } } $id = $sqlc->quote_smart($_GET['id']); if (is_numeric($id)) { } else { error($lang_global['empty_fields']); } $result = $sqlc->query('SELECT account, race FROM characters WHERE guid = ' . $id . ' LIMIT 1'); if ($sqlc->num_rows($result)) { //resrict by owner's gmlvl $owner_acc_id = $sqlc->result($result, 0, 'account'); $query = $sqlr->query('SELECT gmlevel, username FROM account WHERE id = ' . $owner_acc_id . ''); $owner_gmlvl = $sqlr->result($query, 0, 'gmlevel'); $owner_name = $sqlr->result($query, 0, 'username'); if ($user_lvl || $server[$realmid]['both_factions']) { $side_v = 0; $side_p = 0; } else { $side_p = in_array($sqlc->result($result, 0, 'race'), array(2, 5, 6, 8, 10)) ? 1 : 2; $result_1 = $sqlc->query('SELECT race FROM characters WHERE account = ' . $user_id . ' LIMIT 1'); if ($sqlc->num_rows($result)) { $side_v = in_array($sqlc->result($result_1, 0, 'race'), array(2, 5, 6, 8, 10)) ? 1 : 2; } else { $side_v = 0; } unset($result_1); } if ($user_lvl >= $owner_gmlvl && ($side_v === $side_p || !$side_v)) { $result = $sqlc->query('SELECT account, data, name, race, class, gender, level, zone, map, online, totaltime, arenaPoints, totalHonorPoints, totalKills, health, power1, power2, power3, power4, power5, power6, power7 FROM characters WHERE guid = ' . $id . ''); $char = $sqlc->fetch_assoc($result); $char_data = explode(' ', $char['data']); $online = $char['online'] ? $lang_char['online'] : $lang_char['offline']; if ($char_data[CHAR_DATA_OFFSET_GUILD_ID]) { $guild_name = $sqlc->result($sqlc->query('SELECT name FROM guild WHERE guildid =' . $char_data[CHAR_DATA_OFFSET_GUILD_ID] . ''), 0, 'name'); $guild_name = '<a href="guild.php?action=view_guild&realm=' . $realmid . '&error=3&id=' . $char_data[CHAR_DATA_OFFSET_GUILD_ID] . '" >' . $guild_name . '</a>'; $mrank = $char_data[CHAR_DATA_OFFSET_GUILD_RANK] + 1; $guild_rank = $sqlc->result($sqlc->query('SELECT rname FROM guild_rank WHERE guildid =' . $char_data[CHAR_DATA_OFFSET_GUILD_ID] . ' AND rid=' . $mrank . ''), 0, 'rname'); } else { $guild_name = $lang_global['none']; $guild_rank = $lang_global['none']; } $block = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_BLOCK])); $block = round($block[1], 2); $dodge = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_DODGE])); $dodge = round($dodge[1], 2); $parry = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_PARRY])); $parry = round($parry[1], 2); $crit = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MELEE_CRIT])); $crit = round($crit[1], 2); $ranged_crit = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_RANGE_CRIT])); $ranged_crit = round($ranged_crit[1], 2); $maxdamage = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MAXDAMAGE])); $maxdamage = round($maxdamage[1], 0); $mindamage = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MINDAMAGE])); $mindamage = round($mindamage[1], 0); $maxrangeddamage = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MAXRANGEDDAMAGE])); $maxrangeddamage = round($maxrangeddamage[1], 0); $minrangeddamage = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MINRANGEDDAMAGE])); $minrangeddamage = round($minrangeddamage[1], 0); $spell_crit = 100; for ($i = 0; $i < 6; ++$i) { $temp = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_SPELL_CRIT + 1 + $i])); if ($temp[1] < $spell_crit) { $spell_crit = $temp[1]; } } $spell_crit = round($spell_crit, 2); $spell_damage = 9999; for ($i = 0; $i < 6; ++$i) { if ($char_data[CHAR_DATA_OFFSET_SPELL_DAMAGE + 1 + $i] < $spell_damage) { $spell_damage = $char_data[CHAR_DATA_OFFSET_SPELL_DAMAGE + 1 + $i]; } } $rage = round($char['power2'] / 10); $expertise = '' . $char_data[CHAR_DATA_OFFSET_EXPERTISE] . ' / ' . $char_data[CHAR_DATA_OFFSET_OFFHAND_EXPERTISE] . ''; $EQU_HEAD = $char_data[CHAR_DATA_OFFSET_EQU_HEAD]; $EQU_NECK = $char_data[CHAR_DATA_OFFSET_EQU_NECK]; $EQU_SHOULDER = $char_data[CHAR_DATA_OFFSET_EQU_SHOULDER]; $EQU_SHIRT = $char_data[CHAR_DATA_OFFSET_EQU_SHIRT]; $EQU_CHEST = $char_data[CHAR_DATA_OFFSET_EQU_CHEST]; $EQU_BELT = $char_data[CHAR_DATA_OFFSET_EQU_BELT]; $EQU_LEGS = $char_data[CHAR_DATA_OFFSET_EQU_LEGS]; $EQU_FEET = $char_data[CHAR_DATA_OFFSET_EQU_FEET]; $EQU_WRIST = $char_data[CHAR_DATA_OFFSET_EQU_WRIST]; $EQU_GLOVES = $char_data[CHAR_DATA_OFFSET_EQU_GLOVES]; $EQU_FINGER1 = $char_data[CHAR_DATA_OFFSET_EQU_FINGER1]; $EQU_FINGER2 = $char_data[CHAR_DATA_OFFSET_EQU_FINGER2]; $EQU_TRINKET1 = $char_data[CHAR_DATA_OFFSET_EQU_TRINKET1]; $EQU_TRINKET2 = $char_data[CHAR_DATA_OFFSET_EQU_TRINKET2]; $EQU_BACK = $char_data[CHAR_DATA_OFFSET_EQU_BACK]; $EQU_MAIN_HAND = $char_data[CHAR_DATA_OFFSET_EQU_MAIN_HAND]; $EQU_OFF_HAND = $char_data[CHAR_DATA_OFFSET_EQU_OFF_HAND]; $EQU_RANGED = $char_data[CHAR_DATA_OFFSET_EQU_RANGED]; $EQU_TABARD = $char_data[CHAR_DATA_OFFSET_EQU_TABARD]; /* // reserved incase we want to use back minimanagers' built in tooltip, instead of wowheads' // minimanagers' item tooltip needs updating, but it can show enchantments and sockets. $equiped_items = array ( 1 => array(($EQU_HEAD ? get_item_tooltip($EQU_HEAD) : 0),($EQU_HEAD ? get_item_icon($EQU_HEAD) : 0),($EQU_HEAD ? get_item_border($EQU_HEAD) : 0)), 2 => array(($EQU_NECK ? get_item_tooltip($EQU_NECK) : 0),($EQU_NECK ? get_item_icon($EQU_NECK) : 0),($EQU_NECK ? get_item_border($EQU_NECK) : 0)), 3 => array(($EQU_SHOULDER ? get_item_tooltip($EQU_SHOULDER) : 0),($EQU_SHOULDER ? get_item_icon($EQU_SHOULDER) : 0),($EQU_SHOULDER ? get_item_border($EQU_SHOULDER) : 0)), 4 => array(($EQU_SHIRT ? get_item_tooltip($EQU_SHIRT) : 0),($EQU_SHIRT ? get_item_icon($EQU_SHIRT) : 0),($EQU_SHIRT ? get_item_border($EQU_SHIRT) : 0)), 5 => array(($EQU_CHEST ? get_item_tooltip($EQU_CHEST) : 0),($EQU_CHEST ? get_item_icon($EQU_CHEST) : 0),($EQU_CHEST ? get_item_border($EQU_CHEST) : 0)), 6 => array(($EQU_BELT ? get_item_tooltip($EQU_BELT) : 0),($EQU_BELT ? get_item_icon($EQU_BELT) : 0),($EQU_BELT ? get_item_border($EQU_BELT) : 0)), 7 => array(($EQU_LEGS ? get_item_tooltip($EQU_LEGS) : 0),($EQU_LEGS ? get_item_icon($EQU_LEGS) : 0),($EQU_LEGS ? get_item_border($EQU_LEGS) : 0)), 8 => array(($EQU_FEET ? get_item_tooltip($EQU_FEET) : 0),($EQU_FEET ? get_item_icon($EQU_FEET) : 0),($EQU_FEET ? get_item_border($EQU_FEET) : 0)), 9 => array(($EQU_WRIST ? get_item_tooltip($EQU_WRIST) : 0),($EQU_WRIST ? get_item_icon($EQU_WRIST) : 0),($EQU_WRIST ? get_item_border($EQU_WRIST) : 0)), 10 => array(($EQU_GLOVES ? get_item_tooltip($EQU_GLOVES) : 0),($EQU_GLOVES ? get_item_icon($EQU_GLOVES) : 0),($EQU_GLOVES ? get_item_border($EQU_GLOVES) : 0)), 11 => array(($EQU_FINGER1 ? get_item_tooltip($EQU_FINGER1) : 0),($EQU_FINGER1 ? get_item_icon($EQU_FINGER1) : 0),($EQU_FINGER1 ? get_item_border($EQU_FINGER1) : 0)), 12 => array(($EQU_FINGER2 ? get_item_tooltip($EQU_FINGER2) : 0),($EQU_FINGER2 ? get_item_icon($EQU_FINGER2) : 0),($EQU_FINGER2 ? get_item_border($EQU_FINGER2) : 0)), 13 => array(($EQU_TRINKET1 ? get_item_tooltip($EQU_TRINKET1) : 0),($EQU_TRINKET1 ? get_item_icon($EQU_TRINKET1) : 0),($EQU_TRINKET1 ? get_item_border($EQU_TRINKET1) : 0)), 14 => array(($EQU_TRINKET2 ? get_item_tooltip($EQU_TRINKET2) : 0),($EQU_TRINKET2 ? get_item_icon($EQU_TRINKET2) : 0),($EQU_TRINKET2 ? get_item_border($EQU_TRINKET2) : 0)), 15 => array(($EQU_BACK ? get_item_tooltip($EQU_BACK) : 0),($EQU_BACK ? get_item_icon($EQU_BACK) : 0),($EQU_BACK ? get_item_border($EQU_BACK) : 0)), 16 => array(($EQU_MAIN_HAND ? get_item_tooltip($EQU_MAIN_HAND) : 0),($EQU_MAIN_HAND ? get_item_icon($EQU_MAIN_HAND) : 0),($EQU_MAIN_HAND ? get_item_border($EQU_MAIN_HAND) : 0)), 17 => array(($EQU_OFF_HAND ? get_item_tooltip($EQU_OFF_HAND) : 0),($EQU_OFF_HAND ? get_item_icon($EQU_OFF_HAND) : 0),($EQU_OFF_HAND ? get_item_border($EQU_OFF_HAND) : 0)), 18 => array(($EQU_RANGED ? get_item_tooltip($EQU_RANGED) : 0),($EQU_RANGED ? get_item_icon($EQU_RANGED) : 0),($EQU_RANGED ? get_item_border($EQU_RANGED) : 0)), 19 => array(($EQU_TABARD ? get_item_tooltip($EQU_TABARD) : 0),($EQU_TABARD ? get_item_icon($EQU_TABARD) : 0),($EQU_TABARD ? get_item_border($EQU_TABARD) : 0)) ); */ $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); $sqlw = new SQL(); $sqlw->connect($world_db[$realmid]['addr'], $world_db[$realmid]['user'], $world_db[$realmid]['pass'], $world_db[$realmid]['name']); $equiped_items = array(1 => array('', $EQU_HEAD ? get_item_icon($EQU_HEAD, $sqlm, $sqlw) : 0, $EQU_HEAD ? get_item_border($EQU_HEAD, $sqlw) : 0), 2 => array('', $EQU_NECK ? get_item_icon($EQU_NECK, $sqlm, $sqlw) : 0, $EQU_NECK ? get_item_border($EQU_NECK, $sqlw) : 0), 3 => array('', $EQU_SHOULDER ? get_item_icon($EQU_SHOULDER, $sqlm, $sqlw) : 0, $EQU_SHOULDER ? get_item_border($EQU_SHOULDER, $sqlw) : 0), 4 => array('', $EQU_SHIRT ? get_item_icon($EQU_SHIRT, $sqlm, $sqlw) : 0, $EQU_SHIRT ? get_item_border($EQU_SHIRT, $sqlw) : 0), 5 => array('', $EQU_CHEST ? get_item_icon($EQU_CHEST, $sqlm, $sqlw) : 0, $EQU_CHEST ? get_item_border($EQU_CHEST, $sqlw) : 0), 6 => array('', $EQU_BELT ? get_item_icon($EQU_BELT, $sqlm, $sqlw) : 0, $EQU_BELT ? get_item_border($EQU_BELT, $sqlw) : 0), 7 => array('', $EQU_LEGS ? get_item_icon($EQU_LEGS, $sqlm, $sqlw) : 0, $EQU_LEGS ? get_item_border($EQU_LEGS, $sqlw) : 0), 8 => array('', $EQU_FEET ? get_item_icon($EQU_FEET, $sqlm, $sqlw) : 0, $EQU_FEET ? get_item_border($EQU_FEET, $sqlw) : 0), 9 => array('', $EQU_WRIST ? get_item_icon($EQU_WRIST, $sqlm, $sqlw) : 0, $EQU_WRIST ? get_item_border($EQU_WRIST, $sqlw) : 0), 10 => array('', $EQU_GLOVES ? get_item_icon($EQU_GLOVES, $sqlm, $sqlw) : 0, $EQU_GLOVES ? get_item_border($EQU_GLOVES, $sqlw) : 0), 11 => array('', $EQU_FINGER1 ? get_item_icon($EQU_FINGER1, $sqlm, $sqlw) : 0, $EQU_FINGER1 ? get_item_border($EQU_FINGER1, $sqlw) : 0), 12 => array('', $EQU_FINGER2 ? get_item_icon($EQU_FINGER2, $sqlm, $sqlw) : 0, $EQU_FINGER2 ? get_item_border($EQU_FINGER2, $sqlw) : 0), 13 => array('', $EQU_TRINKET1 ? get_item_icon($EQU_TRINKET1, $sqlm, $sqlw) : 0, $EQU_TRINKET1 ? get_item_border($EQU_TRINKET1, $sqlw) : 0), 14 => array('', $EQU_TRINKET2 ? get_item_icon($EQU_TRINKET2, $sqlm, $sqlw) : 0, $EQU_TRINKET2 ? get_item_border($EQU_TRINKET2, $sqlw) : 0), 15 => array('', $EQU_BACK ? get_item_icon($EQU_BACK, $sqlm, $sqlw) : 0, $EQU_BACK ? get_item_border($EQU_BACK, $sqlw) : 0), 16 => array('', $EQU_MAIN_HAND ? get_item_icon($EQU_MAIN_HAND, $sqlm, $sqlw) : 0, $EQU_MAIN_HAND ? get_item_border($EQU_MAIN_HAND, $sqlw) : 0), 17 => array('', $EQU_OFF_HAND ? get_item_icon($EQU_OFF_HAND, $sqlm, $sqlw) : 0, $EQU_OFF_HAND ? get_item_border($EQU_OFF_HAND, $sqlw) : 0), 18 => array('', $EQU_RANGED ? get_item_icon($EQU_RANGED, $sqlm, $sqlw) : 0, $EQU_RANGED ? get_item_border($EQU_RANGED, $sqlw) : 0), 19 => array('', $EQU_TABARD ? get_item_icon($EQU_TABARD, $sqlm, $sqlw) : 0, $EQU_TABARD ? get_item_border($EQU_TABARD, $sqlw) : 0)); if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) { $output .= ' <!-- start of char.php --> <center> <div id="tab_content"> <div id="tab"> <ul> <li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['inventory'] . '</a></li> <li><a href="char_extra.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['extra'] . '</a></li> ' . ($char['level'] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['talents'] . '</a></li>') . ' <li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['achievements'] . '</a></li> <li><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['reputation'] . '</a></li> <li><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['skills'] . '</a></li> <li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['quests'] . '</a></li>'; if (char_get_class_name($char['class']) === 'Hunter') { $output .= ' <li><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['pets'] . '</a></li>'; } $output .= ' <li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['friends'] . '</a></li> <li><a href="char_spell.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['spells'] . '</a></li> <li><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['mail'] . '</a></li> </ul> <ul>'; // selected char tab at last $output .= ' <li id="selected"><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li>'; } else { $output .= ' <center> <div id="tab"> <ul> <li id="selected"><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li> </ul> </div> <div id="tab_content"> <div id="tab"> <ul>'; } $output .= ' </ul> </div> <div id="tab_content2"> <table class="lined" style="width: 580px;"> <tr> <td colspan="2"> <div> <img src="' . char_get_avatar_img($char['level'], $char['gender'], $char['race'], $char['class'], 0) . '" alt="avatar" /> </div> <div>'; $a_results = $sqlc->query('SELECT DISTINCT spell FROM character_aura WHERE guid = ' . $id . ''); if ($sqlc->num_rows($a_results)) { while ($aura = $sqlc->fetch_assoc($a_results)) { $output .= ' <a style="padding:2px;" href="' . $spell_datasite . $aura['spell'] . '" target="_blank"> <img src="' . spell_get_icon($aura['spell'], $sqlm) . '" alt="' . $aura['spell'] . '" width="24" height="24" /> </a>'; } } $output .= ' </div> </td> <td colspan="4"> <font class="bold"> ' . htmlentities($char['name']) . ' - <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /> <img src="img/c_icons/' . $char['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . ' </font> <br />' . get_map_name($char['map'], $sqlm) . ' - ' . get_zone_name($char['zone'], $sqlm) . ' <br />' . $lang_char['honor_points'] . ': ' . $char['totalHonorPoints'] . ' / ' . $char['arenaPoints'] . ' - ' . $lang_char['honor_kills'] . ': ' . $char['totalKills'] . ' <br />' . $lang_char['guild'] . ': ' . $guild_name . ' | ' . $lang_char['rank'] . ': ' . htmlentities($guild_rank) . ' <br />' . ($char['online'] ? '<img src="img/up.gif" onmousemove="toolTip(\'Online\', \'item_tooltip\')" onmouseout="toolTip()" alt="online" />' : '<img src="img/down.gif" onmousemove="toolTip(\'Offline\', \'item_tooltip\')" onmouseout="toolTip()" alt="offline" />'); if ($showcountryflag) { require_once 'libs/misc_lib.php'; $country = misc_get_country_by_account($char['account'], $sqlr, $sqlm); $output .= ' - ' . ($country['code'] ? '<img src="img/flags/' . $country['code'] . '.png" onmousemove="toolTip(\'' . $country['country'] . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />' : '-'); unset($country); } $output .= ' </td> </tr> <tr> <td width="6%">'; if ($equiped_items[1][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_HEAD . '" target="_blank"> <img src="' . $equiped_items[1][1] . '" class="' . $equiped_items[1][2] . '" alt="Head" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_head.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td class="half_line" colspan="2" align="center" width="50%"> <div class="gradient_p">' . $lang_item['health'] . ':</div> <div class="gradient_pp">' . $char['health'] . '</div>'; if ($char['class'] == 11) { //druid $output .= ' </br> <div class="gradient_p">' . $lang_item['energy'] . ':</div> <div class="gradient_pp">' . $char['power4'] . '</div>'; } $output .= ' </td> <td class="half_line" colspan="2" align="center" width="50%">'; if ($char['class'] == 1) { $output .= ' <div class="gradient_p">' . $lang_item['rage'] . ':</div> <div class="gradient_pp">' . $rage . '</div>'; } elseif ($char['class'] == 4) { $output .= ' <div class="gradient_p">' . $lang_item['energy'] . ':</div> <div class="gradient_pp">' . $char['power4'] . '</div>'; } elseif ($char['class'] == 6) { // Don't know if FOCUS is the right one need to verify with Death Knight player. $output .= ' <div class="gradient_p">' . $lang_item['runic'] . ':</div> <div class="gradient_pp">Unknown</div>'; } elseif ($char['class'] == 11) { $output .= ' <div class="gradient_p">' . $lang_item['mana'] . ':</div> <div class="gradient_pp">' . $char['power1'] . '</div> </br> <div class="gradient_p">' . $lang_item['rage'] . ':</div> <div class="gradient_pp">' . $rage . '</div>'; } elseif ($char['class'] == 2 || $char['class'] == 3 || $char['class'] == 5 || $char['class'] == 7 || $char['class'] == 8 || $char['class'] == 9) { $output .= ' <div class="gradient_p">' . $lang_item['mana'] . ':</div> <div class="gradient_pp">' . $char['power1'] . '</div>'; } $output .= ' </td> <td width="6%">'; if ($equiped_items[10][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_GLOVES . '" target="_blank"> <img src="' . $equiped_items[10][1] . '" class="' . $equiped_items[10][2] . '" alt="Gloves" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_gloves.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[2][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_NECK . '" target="_blank"> <img src="' . $equiped_items[2][1] . '" class="' . $equiped_items[2][2] . '" alt="Neck" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_neck.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td class="half_line" colspan="2" rowspan="3" align="center" width="50%"> <div class="gradient_p"> ' . $lang_item['strength'] . ':<br /> ' . $lang_item['agility'] . ':<br /> ' . $lang_item['stamina'] . ':<br /> ' . $lang_item['intellect'] . ':<br /> ' . $lang_item['spirit'] . ':<br /> ' . $lang_item['armor'] . ': </div> <div class="gradient_pp"> ' . $char_data[CHAR_DATA_OFFSET_STR] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_AGI] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_STA] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_INT] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_SPI] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_ARMOR] . ' </div> </td> <td class="half_line" colspan="2" rowspan="3" align="center" width="50%"> <div class="gradient_p"> ' . $lang_item['res_holy'] . ':<br /> ' . $lang_item['res_arcane'] . ':<br /> ' . $lang_item['res_fire'] . ':<br /> ' . $lang_item['res_nature'] . ':<br /> ' . $lang_item['res_frost'] . ':<br /> ' . $lang_item['res_shadow'] . ': </div> <div class="gradient_pp"> ' . $char_data[CHAR_DATA_OFFSET_RES_HOLY] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_RES_ARCANE] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_RES_FIRE] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_RES_NATURE] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_RES_FROST] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_RES_SHADOW] . ' </div> </td> <td width="1%">'; if ($equiped_items[6][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_BELT . '" target="_blank"> <img src="' . $equiped_items[6][1] . '" class="' . $equiped_items[6][2] . '" alt="Belt" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_waist.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[3][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_SHOULDER . '" target="_blank"> <img src="' . $equiped_items[3][1] . '" class="' . $equiped_items[3][2] . '" alt="Shoulder" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_shoulder.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="1%">'; if ($equiped_items[7][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_LEGS . '" target="_blank"> <img src="' . $equiped_items[7][1] . '" class="' . $equiped_items[7][2] . '" alt="Legs" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_legs.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[15][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_BACK . '" target="_blank"> <img src="' . $equiped_items[15][1] . '" class="' . $equiped_items[15][2] . '" alt="Back" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_chest_back.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="1%">'; if ($equiped_items[8][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_FEET . '" target="_blank"> <img src="' . $equiped_items[8][1] . '" class="' . $equiped_items[8][2] . '" alt="Feet" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_feet.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[5][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_CHEST . '" target="_blank"> <img src="' . $equiped_items[5][1] . '" class="' . $equiped_items[5][2] . '" alt="Chest" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_chest_back.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td class="half_line" colspan="2" rowspan="2" align="center" width="50%"> <div class="gradient_p"> ' . $lang_char['melee_d'] . ':<br /> ' . $lang_char['melee_ap'] . ':<br /> ' . $lang_char['melee_hit'] . ':<br /> ' . $lang_char['melee_crit'] . ':<br /> ' . $lang_char['expertise'] . ':<br /> </div> <div class="gradient_pp"> ' . $mindamage . '-' . $maxdamage . '<br /> ' . ($char_data[CHAR_DATA_OFFSET_AP] + $char_data[CHAR_DATA_OFFSET_AP_MOD]) . '<br /> ' . $char_data[CHAR_DATA_OFFSET_MELEE_HIT] . '<br /> ' . $crit . '%<br /> ' . $expertise . '<br /> </div> </td> <td class="half_line" colspan="2" rowspan="2" align="center" width="50%"> <div class="gradient_p"> ' . $lang_char['spell_d'] . ':<br /> ' . $lang_char['spell_heal'] . ':<br /> ' . $lang_char['spell_hit'] . ':<br /> ' . $lang_char['spell_crit'] . ':<br /> ' . $lang_char['spell_haste'] . ' </div> <div class="gradient_pp"> ' . $spell_damage . '<br /> ' . $char_data[CHAR_DATA_OFFSET_SPELL_HEAL] . '<br /> ' . $char_data[CHAR_DATA_OFFSET_SPELL_HIT] . '<br /> ' . $spell_crit . '%<br /> ' . $char_data[CHAR_DATA_OFFSET_SPELL_HASTE_RATING] . ' </div> </td> <td width="1%">'; if ($equiped_items[11][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_FINGER1 . '" target="_blank"> <img src="' . $equiped_items[11][1] . '" class="' . $equiped_items[11][2] . '" alt="Finger1" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_finger.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[4][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_SHIRT . '" target="_blank"> <img src="' . $equiped_items[4][1] . '" class="' . $equiped_items[4][2] . '" alt="Shirt" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_shirt.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="1%">'; if ($equiped_items[12][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_FINGER2 . '" target="_blank"> <img src="' . $equiped_items[12][1] . '" class="' . $equiped_items[12][2] . '" alt="Finger2" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_finger.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[19][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_TABARD . '" target="_blank"> <img src="' . $equiped_items[19][1] . '" class="' . $equiped_items[19][2] . '" alt="Tabard" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_tabard.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td class="half_line" colspan="2" rowspan="2" align="center" width="50%"> <div class="gradient_p"> ' . $lang_char['dodge'] . ':<br /> ' . $lang_char['parry'] . ':<br /> ' . $lang_char['block'] . ':<br /> ' . $lang_char['resilience'] . ':<br /> </div> <div class="gradient_pp"> ' . $dodge . '%<br /> ' . $parry . '%<br /> ' . $block . '%<br /> ' . $char_data[CHAR_DATA_OFFSET_RESILIENCE] . '<br /> </div> </td> <td class="half_line" colspan="2" rowspan="2" align="center" width="50%"> <div class="gradient_p"> ' . $lang_char['ranged_d'] . ':<br /> ' . $lang_char['ranged_ap'] . ':<br /> ' . $lang_char['ranged_hit'] . ':<br /> ' . $lang_char['ranged_crit'] . ':<br /> </div> <div class="gradient_pp"> ' . $minrangeddamage . '-' . $maxrangeddamage . '<br /> ' . ($char_data[CHAR_DATA_OFFSET_RANGED_AP] + $char_data[CHAR_DATA_OFFSET_RANGED_AP_MOD]) . '<br /> ' . $char_data[CHAR_DATA_OFFSET_RANGE_HIT] . '<br /> ' . $ranged_crit . '%<br /> </div> </td> <td width="1%">'; if ($equiped_items[13][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_TRINKET1 . '" target="_blank"> <img src="' . $equiped_items[13][1] . '" class="' . $equiped_items[13][2] . '" alt="Trinket1" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_trinket.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td width="1%">'; if ($equiped_items[9][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_WRIST . '" target="_blank"> <img src="' . $equiped_items[9][1] . '" class="' . $equiped_items[9][2] . '" alt="Wrist" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_wrist.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="1%">'; if ($equiped_items[14][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_TRINKET2 . '" target="_blank"> <img src="' . $equiped_items[14][1] . '" class="' . $equiped_items[14][2] . '" alt="Trinket2" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_trinket.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> </tr> <tr> <td></td> <td width="15%">'; if ($equiped_items[16][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_MAIN_HAND . '" target="_blank"> <img src="' . $equiped_items[16][1] . '" class="' . $equiped_items[16][2] . '" alt="MainHand" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_main_hand.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="15%">'; if ($equiped_items[17][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_OFF_HAND . '" target="_blank"> <img src="' . $equiped_items[17][1] . '" class="' . $equiped_items[17][2] . '" alt="OffHand" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_off_hand.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="15%">'; if ($equiped_items[18][1]) { $output .= ' <a style="padding:2px;" href="' . $item_datasite . $EQU_RANGED . '" target="_blank"> <img src="' . $equiped_items[18][1] . '" class="' . $equiped_items[18][2] . '" alt="Ranged" /> </a>'; } else { $output .= ' <img src="img/INV/INV_empty_ranged.png" class="icon_border_0" alt="empty" />'; } $output .= ' </td> <td width="15%"></td> <td></td> </tr>'; if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) { //total time played $tot_time = $char['totaltime']; $tot_days = (int) ($tot_time / 86400); $tot_time = $tot_time - $tot_days * 86400; $total_hours = (int) ($tot_time / 3600); $tot_time = $tot_time - $total_hours * 3600; $total_min = (int) ($tot_time / 60); $output .= ' <tr> <td colspan="6"> ' . $lang_char['tot_paly_time'] . ': ' . $tot_days . ' ' . $lang_char['days'] . ' ' . $total_hours . ' ' . $lang_char['hours'] . ' ' . $total_min . ' ' . $lang_char['min'] . ' </td> </tr>'; } $output .= ' </table> </div> <br /> </div> <br /> <table class="hidden"> <tr> <td>'; // button to user account page, user account page has own security makebutton($lang_char['chars_acc'], 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130); $output .= ' </td> <td>'; // only higher level GM with delete access can edit character // character edit allows removal of character items, so delete permission is needed if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete']) { makebutton($lang_char['edit_button'], 'char_edit.php?id=' . $id . '&realm=' . $realmid . '', 130); $output .= ' </td> <td>'; } // only higher level GM with delete access, or character owner can delete character if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete'] || $owner_name === $user_name) { makebutton($lang_char['del_char'], 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130); $output .= ' </td> <td>'; } // only GM with update permission can send mail, mail can send items, so update permission is needed if ($user_lvl >= $action_permission['update']) { makebutton($lang_char['send_mail'], 'mail.php?type=ingame_mail&to=' . $char['name'] . '', 130); $output .= ' </td> <td>'; } makebutton($lang_global['back'], 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> <br /> </center> <!-- end of char.php -->'; } else { error($lang_char['no_permission']); } } else { error($lang_char['no_char_found']); } }
function read() { global $output, $debug; $output .= ' <center> <form method="post" action="test.php?action=save" name="form"> <table> <tr> <td> debug </td> <td> <select name="setting[$debug]"> <option value="0" '; if (0 == $debug) { $output .= 'selected="selected"'; } $output .= '>0</option> <option value="1" '; if (1 == $debug) { $output .= 'selected="selected"'; } $output .= '>1</option> <option value="2" '; if (2 == $debug) { $output .= 'selected="selected"'; } $output .= '>2</option> <option value="3" '; if (3 == $debug) { $output .= 'selected="selected"'; } $output .= '>3</option> <option value="4" '; if (4 == $debug) { $output .= 'selected="selected"'; } $output .= '>4</option> </select> </td> <td> <select name="setting[$debug1]"> <option value="0" '; if (0 == $debug) { $output .= 'selected="selected"'; } $output .= '>0</option> <option value="1" '; if (1 == $debug) { $output .= 'selected="selected"'; } $output .= '>1</option> <option value="2" '; if (2 == $debug) { $output .= 'selected="selected"'; } $output .= '>2</option> <option value="3" '; if (3 == $debug) { $output .= 'selected="selected"'; } $output .= '>3</option> <option value="4" '; if (4 == $debug) { $output .= 'selected="selected"'; } $output .= '>4</option> </select> </td> </tr> <tr> <td>'; makebutton('save', 'javascript:do_submit()', 130); $output .= ' </td> </tr> </table> </form> </center>'; }
function stats($action, &$sqlr, &$sqlc) { global $output, $lang_global, $lang_stat, $lang_index, $realm_id, $theme; $race = array(1 => array(1, 'Human', '', ''), 2 => array(2, 'Orc', '', ''), 3 => array(3, 'Dwarf', '', ''), 4 => array(4, 'Nightelf', '', ''), 5 => array(5, 'Undead', '', ''), 6 => array(6, 'Tauren', '', ''), 7 => array(7, 'Gnome', '', ''), 8 => array(8, 'Troll', '', ''), 10 => array(10, 'Bloodelf', '', ''), 11 => array(11, 'Draenei', '', '')); $class = array(1 => array(1, 'Warrior', '', ''), 2 => array(2, 'Paladin', '', ''), 3 => array(3, 'Hunter', '', ''), 4 => array(4, 'Rogue', '', ''), 5 => array(5, 'Priest', '', ''), 6 => array(6, 'Death Knight', '', ''), 7 => array(7, 'Shaman', '', ''), 8 => array(8, 'Mage', '', ''), 9 => array(9, 'Warlock', '', ''), 11 => array(11, 'Druid', '', '')); $level = array(1 => array(1, 1, 9, '', ''), 2 => array(2, 10, 19, '', ''), 3 => array(3, 20, 29, '', ''), 4 => array(4, 30, 39, '', ''), 5 => array(5, 40, 49, '', ''), 6 => array(6, 50, 59, '', ''), 7 => array(7, 60, 69, '', ''), 8 => array(8, 70, 79, '', ''), 9 => array(9, 80, 80, '', '')); $total_chars = $sqlc->result($sqlc->query(' SELECT count(*) FROM characters' . ($action ? ' WHERE online= 1' : '') . ''), 0); if ($total_chars) { $output .= ' <center> <div id="tab"> <ul> <li' . ($action ? '' : ' id="selected"') . '> <a href="stat.php"> ' . $lang_stat['srv_statistics'] . ' </a> </li> <li' . ($action ? ' id="selected"' : '') . '> <a href="stat.php?action=true"> ' . $lang_stat['on_statistics'] . ' </a> </li> </ul> </div> <div id="tab_content"> <div class="top"><h1>' . ($action ? $lang_stat['on_statistics'] : $lang_stat['srv_statistics']) . '</h1></div> <center> <table class="hidden"> <tr> <td align="left"> <h1>' . $lang_stat['general_info'] . '</h1> </td> </tr> <tr align="left"> <td class="large">'; if ($action) { $output .= ' <font class="bold">' . $lang_index['tot_users_online'] . ' : ' . $total_chars . '</font><br /><br />'; } else { $query = $sqlr->query(' SELECT count(*) FROM account UNION SELECT count(*) FROM account WHERE gmlevel > 0'); $total_acc = $sqlr->result($query, 0); $total_gms = $sqlr->result($query, 1); unset($query); $data = date('Y-m-d H:i:s'); $data_1 = mktime(date('H'), date('i'), date('s'), date('m'), date('d') - 1, date('Y')); $data_1 = date('Y-m-d H:i:s', $data_1); $uniqueIPs = $sqlr->result($sqlr->query(' select distinct count(last_ip) from account where last_login > \'' . $data_1 . '\' and last_login < \'' . $data . '\''), 0); unset($data_1); unset($data); $max_ever = $sqlr->result($sqlr->query(' SELECT maxplayers FROM uptime WHERE realmid = ' . $realm_id . ' ORDER BY maxplayers DESC LIMIT 1'), 0); $max_restart = $sqlr->result($sqlr->query(' SELECT maxplayers FROM uptime WHERE realmid = ' . $realm_id . ' ORDER BY starttime DESC LIMIT 1'), 0); $uptime = $sqlr->fetch_row($sqlr->query(' SELECT AVG(uptime)/60, MAX(uptime)/60, ( 100*SUM(uptime)/( UNIX_TIMESTAMP()-MIN(starttime) ) ) FROM uptime WHERE realmid = ' . $realm_id . '')); $output .= ' <table> <tr valign="top"> <td align="left"> ' . $lang_stat['uptime_prec'] . ':<br /> ' . $lang_stat['avg_uptime'] . ':<br /> ' . $lang_stat['max_uptime'] . ':<br /> <br /> ' . $lang_stat['tot_accounts'] . ':<br /> ' . $lang_stat['tot_chars_on_realm'] . ':<br /> </td> <td align="right"> ' . round($uptime[2], 1) . '%<br /> ' . (int) ($uptime[0] / 60) . ':' . (int) ($uptime[0] % 60) . 'h<br /> ' . (int) ($uptime[1] / 60) . ':' . (int) ($uptime[1] % 60) . 'h<br /> <br /> ' . $total_acc . '<br /> ' . $total_chars . '<br /> </td> <td> </td> <td align="left"> ' . $lang_stat['unique_ip'] . ':<br /> <br /> ' . $lang_stat['max_players'] . ' :<br /> ' . $lang_stat['max_ever'] . ' :<br /> ' . $lang_stat['max_restart'] . ' :<br /> </td> <td align="right"> ' . $uniqueIPs . '<br /> <br /> <br /> ' . $max_ever . '<br /> ' . $max_restart . '<br /> </td> </tr> <tr align="left"> <td colspan="2"> ' . $lang_stat['average_of'] . ' ' . round($total_chars / $total_acc, 1) . ' ' . $lang_stat['chars_per_acc'] . '<br /> ' . $lang_stat['total_of'] . ' ' . $total_gms . ' ' . $lang_stat['gms_one_for'] . ' ' . round($total_acc / $total_gms, 1) . ' ' . $lang_stat['players'] . ' </td> <td colspan="2"> </td> </tr> </table> <br />'; unset($uptime); unset($uniqueIPs); unset($max_restart); unset($max_ever); unset($total_gms); unset($total_acc); } //there is always less hordies $horde_chars = $sqlc->result($sqlc->query(' SELECT count(guid) FROM characters WHERE race IN(2,5,6,8,10)' . ($action ? ' AND online= 1' : '')), 0); $horde_pros = round($horde_chars * 100 / $total_chars, 1); $allies_chars = $total_chars - $horde_chars; $allies_pros = 100 - $horde_pros; $output .= ' <table class="tot_bar"> <tr> <td width="' . $horde_pros . '%" background="img/bar_horde.gif" height="40"><a href="stat.php?action=' . $action . '&side=h">' . $lang_stat['horde'] . ': ' . $horde_chars . ' (' . $horde_pros . '%)</a></td> <td width="' . $allies_pros . '%" background="img/bar_allie.gif" height="40"><a href="stat.php?action=' . $action . '&side=a">' . $lang_stat['alliance'] . ': ' . $allies_chars . ' (' . $allies_pros . '%)</a></td> </tr> </table> <hr/> </td> </tr>'; unset($horde_chars); unset($horde_pros); unset($allies_chars); unset($allies_pros); $order_race = isset($_GET['race']) ? 'AND race =' . $sqlc->quote_smart($_GET['race']) : ''; $order_class = isset($_GET['class']) ? 'AND class =' . $sqlc->quote_smart($_GET['class']) : ''; if (isset($_GET['level'])) { $lvl_min = $sqlc->quote_smart($_GET['level']); $lvl_max = $lvl_min + 4; $order_level = 'AND level >= ' . $lvl_min . ' AND level <= ' . $lvl_max . ''; } else { $order_level = ''; } if (isset($_GET['side'])) { if ('h' == $sqlc->quote_smart($_GET['side'])) { $order_side = 'AND race IN(2,5,6,8,10)'; } elseif ('a' == $sqlc->quote_smart($_GET['side'])) { $order_side = 'AND race IN (1,3,4,7,11)'; } } else { $order_side = ''; } // RACE foreach ($race as $id) { $race[$id[0]][2] = $sqlc->result($sqlc->query(' SELECT count(guid) FROM characters WHERE race = ' . $id[0] . ' ' . $order_class . ' ' . $order_level . ' ' . $order_side . ($action ? ' AND online= 1' : '')), 0); $race[$id[0]][3] = round($race[$id[0]][2] * 100 / $total_chars, 1); } $output .= ' <tr align="left"> <td> <h1>' . $lang_stat['chars_by_race'] . '</h1> </td> </tr> <tr> <td> <table class="bargraph"> <tr>'; foreach ($race as $id) { $height = $race[$id[0]][3] * 4; $output .= ' <td> <a href="stat.php?action=' . $action . '&race=' . $id[0] . '" class="graph_link">' . $race[$id[0]][3] . '%<img src="core/themes/' . $theme . '/column.gif" width="69" height="' . $height . '" alt="' . $race[$id[0]][2] . '" /></a> </td>'; } $output .= ' </tr> <tr>'; foreach ($race as $id) { $output .= ' <th>' . $race[$id[0]][1] . '<br />' . $race[$id[0]][2] . '</th>'; } unset($race); $output .= ' </tr> </table> <br /> </td> </tr>'; // RACE END // CLASS foreach ($class as $id) { $class[$id[0]][2] = $sqlc->result($sqlc->query(' SELECT count(guid) FROM characters WHERE class = ' . $id[0] . ' ' . $order_race . ' ' . $order_level . ' ' . $order_side . ($action ? ' AND online= 1' : '')), 0); $class[$id[0]][3] = round($class[$id[0]][2] * 100 / $total_chars, 1); } unset($order_level); $output .= ' <tr align="left"> <td> <h1>' . $lang_stat['chars_by_class'] . '</h1> </td> </tr> <tr> <td> <table class="bargraph"> <tr>'; foreach ($class as $id) { $height = $class[$id[0]][3] * 4; $output .= ' <td> <a href="stat.php?action=' . $action . '&class=' . $id[0] . '" class="graph_link">' . $class[$id[0]][3] . '%<img src="core/themes/' . $theme . '/column.gif" width="69" height="' . $height . '" alt="' . $class[$id[0]][2] . '" /></a> </td>'; } $output .= ' </tr> <tr>'; foreach ($class as $id) { $output .= ' <th>' . $class[$id[0]][1] . '<br />' . $class[$id[0]][2] . '</th>'; } unset($class); $output .= ' </tr> </table> <br /> </td> </tr>'; // CLASS END // LEVEL foreach ($level as $id) { $level[$id[0]][3] = $sqlc->result($sqlc->query(' SELECT count(guid) FROM characters WHERE level >= ' . $id[1] . ' AND level <= ' . $id[2] . ' ' . $order_race . ' ' . $order_class . ' ' . $order_side . ($action ? ' AND online= 1' : '') . ''), 0); $level[$id[0]][4] = round($level[$id[0]][3] * 100 / $total_chars, 1); } unset($order_level); unset($order_class); unset($order_race); unset($total_chars); unset($order_side); $output .= ' <tr align="left"> <td> <h1>' . $lang_stat['chars_by_level'] . '</h1> </td> </tr> <tr> <td> <table class="bargraph"> <tr>'; foreach ($level as $id) { $height = $level[$id[0]][4] * 4; $output .= ' <td><a href="stat.php?action=' . $action . '&level=' . $id[1] . '" class="graph_link">' . $level[$id[0]][4] . '%<img src="core/themes/' . $theme . '/column.gif" width="77" height="' . $height . '" alt="' . $level[$id[0]][3] . '" /></a></td>'; } unset($height); $output .= ' </tr> <tr>'; foreach ($level as $id) { $output .= ' <th>' . $level[$id[0]][1] . '-' . $level[$id[0]][2] . '<br />' . $level[$id[0]][3] . '</th>'; } unset($id); unset($level); $output .= ' </tr> </table> <br /> <hr/> </td> </tr> <tr> <td>'; // LEVEL END makebutton($lang_stat['reset'], 'stat.php', 720); $output .= ' </td> </tr> </table> </center> </div> <br /> </center>'; } else { error($lang_global['err_no_result']); } }
function approve() { global $output, $action_permission, $characters_db, $realm_id, $user_name, $arcm_db, $user_id, $hearthstone_credits, $sql, $core; valid_login($action_permission["view"]); $guid = $sql["char"]->quote_smart($_GET["char"]); $new1 = ''; if (isset($_GET["new1"])) { $new1 = $sql["char"]->quote_smart($_GET["new1"]); } $new2 = ''; if (isset($_GET["new2"])) { $new2 = $sql["char"]->quote_smart($_GET["new2"]); } if ($core == 1) { $query = "SELECT * FROM characters WHERE guid='" . $guid . "'"; } elseif ($core == 2) { $query = "SELECT *, characters.guid AS guid,\n characters.map AS mapId, characters.zone AS zoneId,\n character_homebind.map AS bindmapId, character_homebind.zone AS bindzoneId\n FROM characters LEFT JOIN character_homebind ON characters.guid=character_homebind.guid WHERE characters.guid='" . $guid . "'"; } else { $query = "SELECT *, characters.guid AS guid,\n characters.map AS mapId, characters.zone AS zoneId,\n character_homebind.mapId AS bindmapId, character_homebind.zoneId AS bindzoneId\n FROM characters LEFT JOIN character_homebind ON characters.guid=character_homebind.guid WHERE characters.guid='" . $guid . "'"; } $char = $sql["char"]->fetch_assoc($sql["char"]->query($query)); // credits if ($hearthstone_credits >= 0) { // get our credit balance $cr_query = "SELECT Credits FROM config_accounts WHERE Login='******'"; $cr_result = $sql["mgr"]->query($cr_query); $cr_result = $sql["mgr"]->fetch_assoc($cr_result); $credits = $cr_result["Credits"]; } // MaNGOS & Trinity don't automatically add a home bind location for a character. if ($core != 1) { if (!isset($char["bindmapId"])) { $query = "SELECT * FROM playercreateinfo WHERE race='" . $char["race"] . "' AND class='" . $char["class"] . "'"; $result = $sql["world"]->query($query); $fields = $sql["world"]->fetch_assoc($result); $char["bindmapId"] = $fields["map"]; $char["bindzoneId"] = $fields["zone"]; } } $output .= ' <div id="xname_fieldset" class="fieldset_border center"> <span class="legend">' . lang("unstuck", "newloc_legend") . '</span> <form method="get" action="hearthstone.php" id="form"> <div> <input type="hidden" name="action" value="save" /> <input type="hidden" name="guid" value="' . $char["guid"] . '" /> </div> <table id="xname_char_table" class="center"> <tr> <td rowspan="4" style="width: 170px;"> <div style="width: 64px; margin-left: auto; margin-right: auto;"> <img src="' . char_get_avatar_img($char["level"], $char["gender"], $char["race"], $char["class"]) . '" alt="" /> </div> </td> <td> <span class="xname_char_name">' . $char["name"] . '</span> </td> </tr> <tr> <td>' . lang("unstuck", "level") . ': ' . $char["level"] . '</td> </tr> <tr> <td>' . lang("unstuck", "race") . ': ' . char_get_race_name($char["race"]) . '</td> </tr> <tr> <td>' . lang("unstuck", "class") . ': ' . char_get_class_name($char["class"]) . '</td> </tr> <tr> <td> </td> </tr>'; if ($hearthstone_credits > 0) { $cost_line = lang("unstuck", "credit_cost"); $cost_line = str_replace("%1", '<b>' . $hearthstone_credits . '</b>', $cost_line); $output .= ' <tr> <td colspan="2">' . $cost_line . '</td> </tr>'; if ($credits >= 0) { $credit_balance = lang("unstuck", "credit_balance"); $credit_balance = str_replace("%1", '<b>' . (double) $credits . '</b>', $credit_balance); $output .= ' <tr> <td colspan="2">' . $credit_balance . '</td> </tr>'; if ($credits < $hearthstone_credits) { $output .= ' <tr> <td colspan="2">' . lang("xacct", "insufficient_credits") . '</td> </tr>'; } else { $output .= ' <tr> <td colspan="2"> </td> </tr> <tr> <td colspan="2">' . lang("xacct", "delay_warning") . '</td> </tr>'; } } else { $output .= ' <tr> <td colspan="2">' . lang("global", "credits_unlimited") . '</td> </tr>'; } $output .= ' <tr> <td colspan="2"> </td> </tr>'; } $output .= ' <tr> <td><b>' . lang("unstuck", "curloc") . ':</b></td> </tr> <tr> <td>' . get_map_name($char["mapId"]) . '</td> <td>' . get_zone_name($char["zoneId"]) . '</td> </tr> <tr> <td> </td> </tr> <tr> <td colspan="2"><b>' . lang("unstuck", "newloc") . ':</b></td> </tr> <tr> <td>' . get_map_name($char["bindmapId"]) . '</td> <td>' . get_zone_name($char["bindzoneId"]) . '</td> </tr>'; // if we have unlimited credits, then we fake our credit balance here $credits = $credits < 0 ? $hearthstone_credits : $credits; if ($hearthstone_credits <= 0 || $credits >= $hearthstone_credits) { $output .= ' <tr> <td colspan="2"> </td> </tr> <tr> <td colspan="2">'; makebutton(lang("unstuck", "save"), "javascript:do_submit()", 180); $output .= ' </td> </tr>'; } $output .= ' </table> </form> </div> <br />'; }
function delete_reward_item(&$sqlm) { global $output, $lang_rewards, $lang_global, $action_permission, $mmfpm_db; valid_login($action_permission['delete']); $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); if (empty($_GET['item'])) { redirect('rewards.php?error=1'); } $items = $sqlm->quote_smart($_GET['item']); if (is_numeric($items)) { } else { redirect('rewards.php?error=1'); } $output .= ' <center> <h1><font class="error">' . $lang_global['are_you_sure'] . '</font></h1> <br /> <font class="bold">' . $items . '<br />' . $lang_global['will_be_erased'] . '</font> <br /><br /> <table width="300" class="hidden"> <tr> <td>'; makebutton($lang_global['yes'], 'rewards.php?action=do_delete_reward_item&item=' . $items . '" type ="wrn', 130); makebutton($lang_global['no'], 'rewards.php" type="def', 130); unset($items); $output .= ' </td> </tr> </table> </center>'; }
function char_mail(&$sqlr, &$sqlc) { global $output, $lang_global, $lang_char, $lang_mail, $realm_id, $realm_db, $mmfpm_db, $characters_db, $action_permission, $user_lvl, $user_name, $item_datasite, $itemperpage; if (empty($_GET['id'])) { error($lang_global['empty_fields']); } // this is multi realm support, as of writing still under development // this page is already implementing it if (empty($_GET['realm'])) { $realmid = $realm_id; } else { $realmid = $sqlr->quote_smart($_GET['realm']); if (is_numeric($realmid)) { $sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']); } else { $realmid = $realm_id; } } $id = $sqlc->quote_smart($_GET['id']); if (is_numeric($id)) { } else { $id = 0; } //==========================$_GET and SECURE================================= $start = isset($_GET['start']) ? $sqlc->quote_smart($_GET['start']) : 0; if (is_numeric($start)) { } else { $start = 0; } $order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : 'id'; if (preg_match('/^[_[:lower:]]{1,12}$/', $order_by)) { } else { $order_by = 'id'; } $dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 1; if (preg_match('/^[01]{1}$/', $dir)) { } else { $dir = 1; } $order_dir = $dir ? 'ASC' : 'DESC'; $dir = $dir ? 0 : 1; //==========================$_GET and SECURE end============================= // getting character data from database $result = $sqlc->query('SELECT account, name, race, class, level, gender FROM characters WHERE guid = ' . $id . ' LIMIT 1'); if ($sqlc->num_rows($result)) { $char = $sqlc->fetch_assoc($result); // we get user permissions first $owner_acc_id = $sqlc->result($result, 0, 'account'); $result = $sqlr->query('SELECT gmlevel, username FROM account WHERE id = ' . $char['account'] . ''); $owner_gmlvl = $sqlr->result($result, 0, 'gmlevel'); $owner_name = $sqlr->result($result, 0, 'username'); if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) { //------------------------Character Tabs--------------------------------- // we start with a lead of 10 spaces, // because last line of header is an opening tag with 8 spaces // keep html indent in sync, so debuging from browser source would be easy to read $output .= ' <center> <div id="tab_content"> <div id="tab"> <ul> <li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li> <li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['inventory'] . '</a></li> <li><a href="char_extra.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['extra'] . '</a></li> ' . ($char['level'] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['talents'] . '</a></li>') . ' <li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['achievements'] . '</a></li> <li><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['reputation'] . '</a></li> <li><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['skills'] . '</a></li> <li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['quests'] . '</a></li>'; if (char_get_class_name($char['class']) === 'Hunter') { $output .= ' <li><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['pets'] . '</a></li>'; } $output .= ' <li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['friends'] . '</a></li> <li><a href="char_spell.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['spells'] . '</a></li> </ul> <ul>'; // selected char tab at last $output .= ' <li id="selected"><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['mail'] . '</a></li>'; $output .= ' </ul> </div> <div id="tab_content2"> <font class="bold"> ' . htmlentities($char['name']) . ' - <img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif" onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" /> <img src="img/c_icons/' . $char['class'] . '.gif" onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . ' </font> <br /><br /> <table class="lined" style="width: 100%">'; //---------------Page Specific Starts Ends here---------------------------- $query = $sqlc->query('SELECT a.id as id, a.messageType as messagetype, a.sender as sender, a.subject as subject, a.itemTextId as itemtextid, a.has_items as hasitems, a.money as money, a.cod as cod, a.checked as checked, b.item_template as itemtemplate FROM mail a INNER JOIN mail_items b ON a.id = b.mail_id where a.receiver = ' . $id . ' LIMIT ' . $start . ', ' . $itemperpage . ''); $total_mail = $sqlc->result($sqlc->query('SELECT count(*) FROM mail WHERE receiver= ' . $id . ''), 0); $output .= ' <tr> <td align="left"> Total Mails: ' . $total_mail . ' </td> <td align="right" width="45%">'; $output .= generate_pagination('char_mail.php?start=' . $start . '&order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1), $total_mail, $itemperpage, $start); $output .= ' </td> </table> <table class="lined" style="width: 100%"> <tr> <th width="5%">' . $lang_mail['mail_type'] . '</th> <th width="10%">' . $lang_mail['sender'] . '</th> <th width="15%">' . $lang_mail['subject'] . '</th> <th width="5%">' . $lang_mail['has_items'] . '</th> <th width="25%">' . $lang_mail['text'] . '</th> <th width="20%">' . $lang_mail['money'] . '</th> <th width="5%">' . $lang_mail['checked'] . '</th> </tr>'; while ($mail = $sqlc->fetch_assoc($query)) { $output .= ' <tr valign=top> <td>' . get_mail_source($mail['messagetype']) . '</td> <td><a href="char.php?id=' . $mail['sender'] . '">' . get_char_name($mail['sender']) . '</a></td> <td>' . $mail['subject'] . '</td> <td> <a style="padding:2px;" href="' . $item_datasite . $mail['itemtemplate'] . '" target="_blank"> <img class="bag_icon" src="' . get_item_icon($mail['itemtemplate'], $sqlm) . '" alt="" /> </a> </td> <td>' . get_mail_text($mail['itemtextid']) . '</td> <td> ' . substr($mail['money'], 0, -4) . '<img src="img/gold.gif" alt="" align="middle" /> ' . substr($mail['money'], -4, 2) . '<img src="img/silver.gif" alt="" align="middle" /> ' . substr($mail['money'], -2) . '<img src="img/copper.gif" alt="" align="middle" /> </td> <td>' . get_check_state($mail['checked']) . '</td> </tr>'; } //---------------Page Specific Data Ends here---------------------------- //---------------Character Tabs Footer----------------------------------- $output .= ' </table> </div> <br /> <table class="hidden"> <tr> <td>'; // button to user account page, user account page has own security makebutton($lang_char['chars_acc'], 'user.php?action=edit_user&id=' . $owner_acc_id . '', 130); $output .= ' </td> <td>'; // only higher level GM with delete access can edit character // character edit allows removal of character items, so delete permission is needed if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete']) { makebutton($lang_char['edit_button'], 'char_edit.php?id=' . $id . '&realm=' . $realmid . '', 130); $output .= ' </td> <td>'; } // only higher level GM with delete access, or character owner can delete character if ($user_lvl > $owner_gmlvl && $user_lvl >= $action_permission['delete'] || $owner_name === $user_name) { makebutton($lang_char['del_char'], 'char_list.php?action=del_char_form&check%5B%5D=' . $id . '" type="wrn', 130); $output .= ' </td> <td>'; } // only GM with update permission can send mail, mail can send items, so update permission is needed if ($user_lvl >= $action_permission['update']) { makebutton($lang_char['send_mail'], 'mail.php?type=ingame_mail&to=' . $char['name'] . '', 130); $output .= ' </td> <td>'; } makebutton($lang_global['back'], 'javascript:window.history.back()" type="def', 130); $output .= ' </td> </tr> </table> <br /> </center> <!-- end of char_mail.php -->'; } else { error($lang_char['no_permission']); } } else { error($lang_char['no_char_found']); } }
function result() { global $output, $lang_global, $lang_message; $mess = isset($_GET['mess']) ? $_GET['mess'] : NULL; $output .= ' <div class="top"><h1>' . $lang_message['message_result'] . '</h1></div> <center> <table class="top_hidden" width="400"> <tr> <td align="center"> <br />' . $mess . '<br /><br />'; unset($mess); $output .= ' </td> </tr> <tr> <td align="center"> <table align="center" class="hidden"> <tr> <td>'; makebutton($lang_global['back'], 'javascript:window.history.back()', 130); $output .= ' </td> </tr> </table> </td> </tr> </table> </center>'; }
function char_tools_form() { global $output, $characters_db, $realm_id, $action_permission, $site_encoding, $showcountryflag, $sql; valid_login($action_permission["delete"]); if (isset($_GET["char"])) { $id = $_GET["char"]; } else { error(lang("global", "empty_fields")); } if ($core == 1) { $result = $sql["char"]->query("SELECT guid, name, race, class, level, zoneid, mapid, online, gender\r\n acct, data \r\n FROM characters WHERE guid='" . $id . "'"); } elseif ($core == 2) { $result = $sql["char"]->query("SELECT guid, name, race, class, level, zone AS zoneid, map AS mapid, \r\n online, gender, totaltime, account AS acct,\r\n arenaPoints, totalHonorPoints, totalKills\r\n FROM characters WHERE guid='" . $id . "'"); } else { $result = $sql["char"]->query("SELECT guid, name, race, class, level, zone AS zoneid, map AS mapid, \r\n online, gender, totaltime, account AS acct, arenaPoints, totalHonorPoints, totalKills\r\n FROM characters WHERE guid='" . $id . "'"); } $char = $sql["char"]->fetch_assoc($result); if ($core == 1) { $char_data = $char["data"]; if (empty($char_data)) { $char_data = str_repeat("0;", PLAYER_END); } $char_data = explode(";", $char_data); } else { $query = "SELECT * FROM characters\r\n LEFT JOIN character_stats ON characters.guid=character_stats.guid\r\n WHERE characters.guid='" . $id . "'"; $char_data_result = $sql["char"]->query($query); $char_data_fields = $sql["char"]->fetch_assoc($char_data_result); $char_data[PLAYER_FIELD_HONOR_CURRENCY] = isset($char["totalHonorPoints"]) ? $char["totalHonorPoints"] : ' '; $char_data[PLAYER_FIELD_ARENA_CURRENCY] = isset($char["arenaPoints"]) ? $char["arenaPoints"] : ' '; $char_data[PLAYER_FIELD_LIFETIME_HONORBALE_KILLS] = isset($char["totalKills"]) ? $char["totalKills"] : ' '; } if ($core == 1) { $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_data WHERE playerid='" . $char["guid"] . "'"), 0); $guild_rank = $sql["char"]->result($sql["char"]->query("SELECT guildRank FROM guild_data WHERE playerid='" . $char["guid"] . "'"), 0); $guild_name = $sql["char"]->result($sql["char"]->query("SELECT guildName FROM guilds WHERE guildid='" . $guild_id . "'")); } else { $guild_id = $sql["char"]->result($sql["char"]->query("SELECT guildid FROM guild_member WHERE guid='" . $char["guid"] . "'"), 0); $guild_rank = $sql["char"]->result($sql["char"]->query("SELECT rank AS guildRank FROM guild_member WHERE guid='" . $char["guid"] . "'"), 0); $guild_name = $sql["char"]->result($sql["char"]->query("SELECT name AS guildName FROM guild WHERE guildid='" . $guild_id . "'")); } $online = $char["online"] ? lang("char", "online") : lang("char", "offline"); if ($guild_id) { $guild_name = '<a href="guild.php?action=view_guild&realm=' . $realmid . '&error=3&id=' . $guild_id . '" >' . $guild_name . '</a>'; $mrank = $guild_rank; if ($core == 1) { $guild_rank = $sql["char"]->result($sql["char"]->query('SELECT rankname FROM guild_ranks WHERE guildid=' . $guild_id . ' AND rankId=' . $mrank . ''), 0, 'rankname'); } else { $guild_rank = $sql["char"]->result($sql["char"]->query('SELECT rname AS rankname FROM guild_rank WHERE guildid=' . $guild_id . ' AND rid=' . $mrank . ''), 0, 'rankname'); } } else { $guild_name = lang("global", "none"); $guild_rank = lang("global", "none"); } $output .= ' <center> <table class="hidden char_list_char_tools"> <tr> <td class="char_tools_avatar"> <div> <img src="' . char_get_avatar_img($char["level"], $char["gender"], $char["race"], $char["class"], 0) . '" alt="avatar" /> </div> </td> <td colspan="3"> <font class="bold"> ' . htmlentities($char["name"], ENT_COMPAT, $site_encoding) . ' - <img src="img/c_icons/' . $char["race"] . '-' . $char["gender"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_race_name($char["race"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> <img src="img/c_icons/' . $char["class"] . '.gif" onmousemove="oldtoolTip(\'' . char_get_class_name($char["class"]) . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" /> - ' . lang("char", "level_short") . char_get_level_color($char["level"]) . ' </font> <br />' . lang("char", "location") . ': ' . get_map_name($char["mapid"]) . ' - ' . get_zone_name($char["zoneid"]) . ' <br />' . lang("char", "honor_points") . ': ' . $char_data[PLAYER_FIELD_HONOR_CURRENCY] . ' | ' . lang("char", "arena_points") . ': ' . $char_data[PLAYER_FIELD_ARENA_CURRENCY] . ' | ' . lang("char", "honor_kills") . ': ' . $char_data[PLAYER_FIELD_LIFETIME_HONORBALE_KILLS] . ' <br />' . lang("char", "guild") . ': ' . $guild_name . ' | ' . lang("char", "rank") . ': ' . htmlentities($guild_rank, ENT_COMPAT, $site_encoding) . ' <br />' . lang("char", "online") . ': ' . ($char["online"] ? '<img src="img/up.gif" onmousemove="oldtoolTip(\'' . lang("char", "online") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="online" />' : '<img src="img/down.gif" onmousemove="oldtoolTip(\'' . lang("char", "offline") . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="offline" />'); if ($showcountryflag) { require_once 'libs/misc_lib.php'; $country = misc_get_country_by_account($char["acct"]); $output .= ' | ' . lang("global", "country") . ': ' . ($country["code"] ? '<img src="img/flags/' . $country["code"] . '.png" onmousemove="oldtoolTip(\'' . $country["country"] . '\', \'old_item_tooltip\')" onmouseout="oldtoolTip()" alt="" />' : '-'); unset($country); } $output .= ' </td> </tr> </table> <br /> <table class="hidden char_list_char_tools"> <tr> <td>'; makebutton(lang("xname", "changename"), "char_tools.php?char=" . $id, 150); $output .= ' </td> <td>'; makebutton(lang("xrace", "changerace"), "char_tools.php?char=" . $id, 150); $output .= ' </td> <td>'; makebutton(lang("unstuck", "unstuck"), "hearthstone.php?action=approve&char=" . $id, 150); $output .= ' </td> </tr> <tr> <td>'; makebutton(lang("char_list", "transfer"), "change_char_account.php?action=chooseacct&priority=1&char=" . $id, 150); $output .= ' </td> <td>'; makebutton(lang("global", "back"), "char_list.php", 150); $output .= ' </td> </tr> </table> </center>'; }
function choosename() { global $output, $action_permission, $characters_db, $realm_id, $user_id, $user_name, $name_credits, $sql, $core; valid_login($action_permission["view"]); $guid = $sql["char"]->quote_smart($_GET["char"]); $new1 = ""; if (isset($_GET["new1"])) { $new1 = $sql["char"]->quote_smart($_GET["new1"]); } $new2 = ""; if (isset($_GET["new2"])) { $new2 = $sql["char"]->quote_smart($_GET["new2"]); } $query = "SELECT * FROM characters WHERE guid='" . $guid . "'"; $char = $sql["char"]->fetch_assoc($sql["char"]->query($query)); // credits if ($name_credits >= 0) { // get our credit balance $cr_query = "SELECT Credits FROM config_accounts WHERE Login='******'"; $cr_result = $sql["mgr"]->query($cr_query); $cr_result = $sql["mgr"]->fetch_assoc($cr_result); $credits = $cr_result["Credits"]; } $output .= ' <div id="xname_fieldset" class="fieldset_border center"> <span class="legend">' . lang("xname", "choosename") . '</span> <form method="get" action="change_char_name.php" id="form"> <div> <input type="hidden" name="action" value="getapproval" /> <input type="hidden" name="guid" value="' . $char["guid"] . '" /> </div> <table id="xname_char_table" class="center"> <tr> <td rowspan="4" style="width: 170px;"> <div style="width: 64px; margin-left: auto; margin-right: auto;"> <img src="' . char_get_avatar_img($char["level"], $char["gender"], $char["race"], $char["class"]) . '" alt="" /> </div> </td> <td> <span class="xname_char_name">' . $char["name"] . '</span> </td> </tr> <tr> <td>' . lang("xname", "level") . ': ' . $char["level"] . '</td> </tr> <tr> <td>' . lang("xname", "race") . ': ' . char_get_race_name($char["race"]) . '</td> </tr> <tr> <td>' . lang("xname", "class") . ': ' . char_get_class_name($char["class"]) . '</td> </tr> <tr> <td> </td> </tr>'; if ($name_credits > 0) { $cost_line = lang("xname", "credit_cost"); $cost_line = str_replace("%1", '<b>' . $name_credits . '</b>', $cost_line); $output .= ' <tr> <td colspan="2">' . $cost_line . '</td> </tr>'; if ($credits >= 0) { $credit_balance = lang("xname", "credit_balance"); $credit_balance = str_replace("%1", '<b>' . (double) $credits . '</b>', $credit_balance); $output .= ' <tr> <td colspan="2">' . $credit_balance . '</td> </tr>'; if ($credits < $name_credits) { $output .= ' <tr> <td colspan="2">' . lang("xname", "insufficient_credits") . '</td> </tr>'; } else { $output .= ' <tr> <td colspan="2"> </td> </tr> <tr> <td colspan="2">' . lang("xname", "delay_warning") . '</td> </tr>'; } } else { $output .= ' <tr> <td colspan="2">' . lang("global", "credits_unlimited") . '</td> </tr>'; } $output .= ' <tr> <td colspan="2"> </td> </tr>'; } $output .= ' <tr> <td colspan="2"><b>' . lang("xname", "entername") . ':</b></td> </tr> <tr> <td>' . lang("xname", "newname") . ':</td> <td><input type="text" name="new1" value="' . $new1 . '" maxlength="12" style="width: 110px;" /></td> </tr> <tr> <td>' . lang("xname", "confirmname") . ':</td> <td><input type="text" name="new2" value="' . $new1 . '" maxlength="12" style="width: 110px;" /></td> </tr>'; // if we have unlimited credits, then we fake our credit balance here $credits = $credits < 0 ? $name_credits : $credits; if ($name_credits <= 0 || $credits >= $name_credits) { $output .= ' <tr> <td colspan="2"> </td> </tr> <tr> <td colspan="2">'; makebutton(lang("xname", "save"), "javascript:do_submit()", 180); $output .= ' </td> <td> </td> </tr>'; } $output .= ' </table> </form> </div> <br />'; }
function del_realm(&$sqlr) { global $output, $lang_realm, $lang_global, $action_permission; valid_login($action_permission['delete']); if (empty($_GET['id'])) { redirect('realm.php?error=1'); } $id = $sqlr->quote_smart($_GET['id']); if (is_numeric($id)) { } else { redirect('realm.php?error=1'); } $output .= ' <center> <h1><font class="error">' . $lang_global['are_you_sure'] . '</font></h1> <br /> <font class="bold">' . $lang_realm['realm_id'] . ': ' . $id . '<br />' . $lang_global['will_be_erased'] . '</font> <br /><br /> <table width="300" class="hidden"> <tr> <td>'; makebutton($lang_global['yes'], 'realm.php?action=dodel_realm&id=' . $id . '" type ="wrn', 130); makebutton($lang_global['no'], 'realm.php" type="def', 130); unset($id); $output .= ' </td> </tr> </table> </center>'; }