function update_match_stats_entered($team_id1, $team_id2, $team1_points, $team2_points, $site, $connection) { // increase match count for teams that participated $query = 'UPDATE `teams_profile` SET `num_matches_total`=`num_matches_total`+1'; $query .= ' WHERE (`teamid`=' . sqlSafeStringQuotes($team_id1) . ' OR `teamid`=' . sqlSafeStringQuotes($team_id2) . ')'; if (!($result = $site->execute_query('teams_overview', $query, $connection))) { unlock_tables($site, $connection); $site->dieAndEndPage('The match count for the teams with id' . sqlSafeString($team_id1) . ' and ' . sqlSafeString($team_id2) . ' could not be updated due to a sql problem!'); } // mark both participating teams as active $query = 'UPDATE `teams_overview` SET `deleted`=' . sqlSafeStringQuotes('1') . ' WHERE `teamid`=' . sqlSafeStringQuotes($team_id1) . ' OR `teamid`=' . sqlSafeStringQuotes($team_id2) . ' LIMIT 2'; if (!($result = @$site->execute_query('teams_overview', $query, $connection))) { $site->dieAndEndPage('Could not mark team with id ' . sqlSafeString($teamid) . ' as active!'); } // increase match win count for teams that participated if ($team1_points > $team2_points) { // team 1 won $query = 'UPDATE `teams_profile` SET `num_matches_won`=`num_matches_won`+1'; $query .= ' WHERE `teamid`=' . sqlSafeStringQuotes($team_id1); if (!($result = $site->execute_query('teams_profile', $query, $connection))) { unlock_tables($site, $connection); $site->dieAndEndPage('The match win count for team ' . sqlSafeString($team_id1) . ' could not be updated due to a sql problem!'); } // team 2 lost $query = 'UPDATE `teams_profile` SET `num_matches_lost`=`num_matches_lost`+1'; $query .= ' WHERE `teamid`=' . sqlSafeStringQuotes($team_id2); if (!($result = $site->execute_query('teams_profile', $query, $connection))) { unlock_tables($site, $connection); $site->dieAndEndPage('The match lose count for team ' . sqlSafeString($team_id2) . ' could not be updated due to a sql problem!'); } } if ($team1_points < $team2_points) { // team 2 won $query = 'UPDATE `teams_profile` SET `num_matches_won`=`num_matches_won`+1'; $query .= ' WHERE `teamid`=' . sqlSafeStringQuotes($team_id2); if (!($result = $site->execute_query('teams_profile', $query, $connection))) { unlock_tables($site, $connection); $site->dieAndEndPage('The match win count for team ' . sqlSafeString($team_id2) . ' could not be updated due to a sql problem!'); } // team 1 lost $query = 'UPDATE `teams_profile` SET `num_matches_lost`=`num_matches_lost`+1'; $query .= ' WHERE `teamid`=' . sqlSafeStringQuotes($team_id1); if (!($result = $site->execute_query('teams_profile', $query, $connection))) { unlock_tables($site, $connection); $site->dieAndEndPage('The match lose count for team ' . sqlSafeString($team_id1) . ' could not be updated due to a sql problem!'); } } // match entered ended in a draw if ((int) $team1_points === (int) $team2_points) { $query = 'UPDATE `teams_profile` SET `num_matches_draw`=`num_matches_draw`+1'; $query .= ' WHERE (`teamid`=' . sqlSafeStringQuotes($team_id1) . ' OR `teamid`=' . sqlSafeStringQuotes($team_id2) . ')'; if (!($result = $site->execute_query('teams_profile', $query, $connection))) { unlock_tables($site, $connection); $site->dieAndEndPage('The match draw count for the teams with id' . sqlSafeString($team_id1) . ' and ' . sqlSafeString($team_id2) . ' could not be updated due to a sql problem!'); } } }
<?php // this is plain text! header('Content-Type: text/plain'); require realpath('../CMS/siteinfo.php'); $site = new siteinfo(); $connection = $site->connect_to_db(); // display teams $query = 'SELECT `teams`.`id`,`teams`.`name` FROM `teams`,`teams_overview`' . ' WHERE `teams_overview`.`teamid`=`teams`.`id` AND `teams_overview`.`deleted`<>' . sqlSafeStringQuotes(2); if (!($result = @$site->execute_silent_query('teams,teams_overview', $query, $connection))) { $site->dieAndEndPage('It seems like the team profile can not be accessed for an unknown reason.'); } while ($row = mysql_fetch_array($result)) { echo 'TE: ' . $row['id'] . ', ' . htmlent_decode($row['name']) . "\n"; } mysql_free_result($result); $query = 'SELECT `id`,`teamid`,`name` FROM `users`' . ' WHERE `users`.`status`=' . sqlSafeStringQuotes('active'); if (!($result = @$site->execute_silent_query('users', $query, $connection))) { $site->dieAndEndPage('It seems like the player profile can not be accessed for an unknown reason.'); } while ($row = mysql_fetch_array($result)) { echo 'PL: ' . $row['teamid'] . ', ' . $row['id'] . ', ' . htmlent_decode($row['name']) . "\n"; } mysql_free_result($result); // done with outputting stats
// the rest of the needed data $query .= ',`matches`.`team1_points`,`matches`.`team2_points`,`matches`.`userid`'; $query .= ',`users`.`name` AS `playername`,`matches`.`id`, `matches`.`duration`'; // the tables in question $query .= ' FROM `matches`,`users` WHERE `users`.`id`=`matches`.`userid`'; if (isset($_GET['search'])) { // Every derived table must have its own alias $query .= ') AS `t1`'; // now do the search thing if ($search_team) { // team name search $query .= 'WHERE `team1_name` LIKE ' . sqlSafeStringQuotes($search_expression); $query .= ' OR `team2_name` LIKE ' . sqlSafeStringQuotes($search_expression); } else { // timestamp search $query .= 'WHERE `timestamp` LIKE ' . sqlSafeStringQuotes($search_expression . '%'); } } // newest matches first please $query .= ' ORDER BY `timestamp` DESC '; // limit the output to the requested rows to speed up displaying $query .= 'LIMIT '; $view_range = (int) 0; // the "LIMIT 0,200" part of query means only the first 200 entries are received // the range of shown matches is set by the GET variable i if (isset($_GET['i'])) { if ((int) $_GET['i'] > 0) { $view_range = (int) $_GET['i']; $query .= $view_range . ','; } else { // force write 0 for value 0 (speed saving due to no casting to string)
function import_bans() { global $site; global $connection; $query = 'SELECT `id`, `raw_announcement` from `bans`'; if (!($result = @$site->execute_query($db_to_be_imported, 'bans', $query, $connection))) { // query was bad, error message was already given in $site->execute_query(...) $site->dieAndEndPage(''); } while ($row = mysql_fetch_array($result)) { // skip empty entries if (!(strcmp($row['raw_announcement'], '') === 0)) { $query = 'UPDATE `bans` SET `announcement`=' . sqlSafeStringQuotes($site->bbcode($row['raw_announcement'])) . ' WHERE `id`=' . sqlSafeStringQuotes($row['id']) . ' LIMIT 1'; // execute query, ignore result @$site->execute_query('news', $query, $connection); } } }
function query_servers() { global $site; global $connection; $query = 'SELECT `id`, `servername`, `serveraddress` FROM `servertracker`' . ' ORDER BY `id`'; if (!($result = $site->execute_query('servertracker', $query, $connection))) { die('Could not find out servername and serveraddress to be updated.'); } // need to include game specific backend include dirname(dirname(dirname(__FILE__))) . "/Servertracker/bzfquery.php"; // update each entry while ($row = mysql_fetch_array($result)) { // get raw query result $data = bzfquery($row['serveraddress']); // build the query with the result if (isset($data['numPlayers'])) { $query = 'UPDATE `servertracker` SET' . ' `cur_players_total`=' . sqlSafeStringQuotes($data['numPlayers']) . ' WHERE `id`=' . sqlSafeStringQuotes($row['id']) . ' LIMIT 1'; // execute the update query $site->execute_query('servertracker', $query, $connection); } } mysql_free_result($result); // $query = 'UPDATE `misc_data` SET `last_servertracker_query`=' . sqlSafeStringQuotes($current_time); // if (!($result = @$site->execute_query('misc_data', $query, $connection))) // { // die('Could not set newest last_servertracker_query value.'); // } }
function hasUnreadMail() { global $connection; require_once dirname(__FILE__) . '/permissions.php'; $unread_messages = false; // set the date and time date_default_timezone_set($this->used_timezone()); // remove expired sessions from the list of online users $query = 'SELECT `userid`, `last_activity` FROM `online_users`'; $result = $this->execute_silent_query('online_users', $query, $connection, __FILE__, 'Could not get list of online users from database'); if ((int) mysql_num_rows($result) > 0) { while ($row = mysql_fetch_array($result)) { $saved_timestamp = $row['last_activity']; $old_timestamp = strtotime($saved_timestamp); $now = (int) strtotime("now"); // is entry more than two hours old? (60*60*2) // FIXME: would need to set session expiration date directly inside code // FIXME: and not in the webserver setting if ($now - $old_timestamp > 60 * 60 * 2) { $query = 'DELETE LOW_PRIORITY FROM `online_users` WHERE `last_activity`='; $query .= sqlSafeStringQuotes($saved_timestamp); if (!($result_delete = $this->execute_silent_query('online_users', $query, $connection))) { $site->dieAndEndPage('<p>Could delete old online users from database.</p>'); } } } } mysql_free_result($result); // update activity data $logged_in = true; if (getUserID() > 0) { // the execution of the query is not that time critical and it happens often -> LOW_PRIORITY $query = 'UPDATE LOW_PRIORITY `online_users` SET `last_activity`='; $query .= sqlSafeStringQuotes(date('Y-m-d H:i:s')) . ' WHERE `userid`=' . sqlSafeStringQuotes(getUserID()); @mysql_select_db($this->db_used_name(), $connection); @mysql_query($query, $connection); // are there unread messages? // are there unread messages? $query = 'SELECT `id` FROM `messages_users_connection` WHERE `msg_status`=' . sqlSafeStringQuotes('new') . ' AND `userid`=' . sqlSafeStringQuotes(getUserID()) . ' LIMIT 1'; $result = @mysql_query($query, $connection); $rows = (int) @mysql_num_rows($result); if ($rows > 0) { $unread_messages = true; } mysql_free_result($result); } echo 'test'; return $unread_messages; }
function formatbzfquery_last($server, $connection) { global $site; global $connection; global $use_internal_db; if ($use_internal_db) { @(!mysql_select_db($site->db_used_name(), $connection)); } else { if (@(!mysql_select_db("playerlist", $connection))) { @mysql_close($connection); unset($connection); } } if (isset($_GET['server'])) { echo '<p>' . $server . '</p>' . "\n"; } else { echo '<p><a href="?server=' . urlencode($server) . '">' . $server . '</a></p>' . "\n"; } // Query the server if (!function_exists('pcntl_fork')) { ob_start(); } $data = bzfquery($server); $ausgabe = ''; if (!function_exists('pcntl_fork')) { $ausgabe .= ob_get_contents(); ob_end_clean(); } if (!isset($data['player'])) { if (!isset($data['protocol'])) { echo '<p>' . KEINEVERBINDUNG . ' '; if (!strcmp($ausgabe, '') == 0) { echo GEMELDETERFEHLER . $ausgabe . '.'; } echo '</p>' . "\n"; } else { echo '<p>' . KEINESPIELER . '</p>' . "\n"; } } else { $zaehler = $data['maxTime'] - $data['timeElapsed']; if ($zaehler > 0) { echo '<p class="zaehler">' . ZAEHLER . '<span class="zaehler">' . round($zaehler / 60, 2) . VON . round($data['maxTime'] / 60, 2) . '</span>' . RESTZEIT . '</p>' . "\n"; } // Display the server info $teamName = array(0 => "schurke", 1 => "rot", 2 => "gruen", 3 => "blau", 4 => "violett", 5 => "zuschauer", 6 => "hase"); $teamColour = array(0 => "yellow", 1 => "red", 2 => "green", 3 => "blue", 4 => "purple", 5 => "gray", 6 => "orange"); usort($data['player'], "cmp"); // echo 'count punkte:!' . print_r($data['player']['0']['team']); if (isset($data['player']['0']['team']) && !(strcmp($data['player']['0']['team'], '5') === 0)) { echo '<table class="punkte">' . "\n"; echo ' <tbody>' . "\n"; while (list($key, $val) = each($data['team'])) { if ($data['team'][$key]['size'] > 0) { echo ' '; // Mannschaftsfarbe marke('tr', $teamName[$key]); // Punktzahl echo '<td>'; echo $data['team'][$key]['won'] - $data['team'][$key]['lost']; echo '</td>'; // Gewonnen echo '<td>'; echo '(' . $data['team'][$key]['won'] . ' - '; // Verloren echo $data['team'][$key]['lost'] . ')'; echo '</td>'; // #Spieler echo '<td>'; echo $data['team'][$key]['size']; echo '</td>'; // Ende Mannschaftsfarbe echo '</tr>' . "\n"; } } echo ' </tbody>' . "\n" . '</table>' . "\n"; } reset($data); echo "\n\n" . '<table class="spieler" border="0">' . "\n"; echo ' <tbody>'; while (list($key, $val) = each($data['player'])) { echo "\n" . '<tr>' . "\n"; // Zuschauer spielen nicht -> keine Punktzahl if (!strcmp($teamName[$data['player'][$key]['team']], 'zuschauer') == 0) { echo '<td>'; echo $data['player'][$key]['won'] - $data['player'][$key]['lost']; echo '</td>' . "\n"; echo '<td>(' . $data['player'][$key]['won'] . '-' . $data['player'][$key]['lost'] . ')</td><td>[' . $data['player'][$key]['tks'] . ']</td>'; } else { echo '<td></td>' . "\n" . '<td></td>' . "\n" . '<td></td>' . "\n"; } // Mannschaftsfarbe marke('td', $teamName[$data['player'][$key]['team']]); $playername = $data['player'][$key]['sign']; // Spielernamen eventuell kuerzen if ($site->mobile_version()) { // Name ziemlich lang if (strlen($playername) > 13) { $playername = str_split($playername, 10); echo htmlent($playername[0]) . "..."; } else { echo htmlent($playername); } } else { echo htmlentities($playername); } echo '</td>' . "\n"; // Mehl marke('td', 'mehl'); if (!strcmp($data['player'][$key]['motto'], '') == 0) { $motto = $data['player'][$key]['motto']; // motto ziemlich lang if (strlen($motto) > 17) { $motto = str_split($motto, 14); $motto = htmlent($motto[0]) . '...'; } echo '(' . htmlent($motto) . ')'; } echo '</td>' . "\n"; // Existiert Datenbankverbindung? if ($connection) { // team herausfinden marke('td', 'team'); $callsign = $data['player'][$key]['sign']; $query = 'SELECT `teamid` from users WHERE `name`=' . sqlSafeStringQuotes($callsign) . ' LIMIT 1'; $result = mysql_query($query, $connection); if (!$result) { print mysql_error(); die("<br>\nQuery {$query} ist ungültiges SQL."); } $resultarray = mysql_fetch_array($result); $teamid = $resultarray['teamid']; if ($teamid > 0) { if ($use_internal_db) { $query = 'SELECT `name` from teams WHERE `id`=' . sqlSafeStringQuotes($teamid) . ' LIMIT 1'; } else { $query = 'SELECT `name` from teams WHERE `teamid`=' . sqlSafeStringQuotes($teamid) . ' LIMIT 1'; } $result = mysql_query($query, $connection); if (!$result) { print mysql_error(); die("<br>\nQuery {$query} ist ungültiges SQL."); } $resultarray = mysql_fetch_array($result); mysql_free_result($result); echo $resultarray['name']; } echo '</td>' . "\n"; } echo '</tr>' . "\n"; } echo ' </tbody>' . "\n" . '</table>' . "\n"; } }
function resolve_visits_log_hosts_helper($ip_address) { global $site; global $connection; $query = 'UPDATE `visits` SET `host`=' . sqlSafeStringQuotes(gethostbyaddr($ip_address)) . ' WHERE `ip-address`=' . sqlSafeStringQuotes($ip_address); // execute query, ignore result @$site->execute_query('visits', $query, $connection); }
$site->dieAndEndPageNoBox('<p>It seems like the name of player with id ' . sqlSafeStringQuotes(htmlent($profile)) . ' can not be accessed for an unknown reason.</p>'); } // existance test of user skipped intentionally // if the user does not exist, there will be no visits for him // sanity checks passed // get the name of the player in question $player_name = '(no player name)'; while ($row = mysql_fetch_array($result)) { $player_name = $row['name']; } mysql_free_result($result); // collect visits list of that player // example query: SELECT `users`.`name`,`visits`.`ip-address`, `visits`.`host`, `visits`.`timestamp` // FROM `visits`,`users` WHERE `visits`.`userid`='16' AND `users`.`id`='16' // ORDER BY `visits`.`id` DESC LIMIT 0,201 $query = 'SELECT `users`.`name`,`visits`.`ip-address`, `visits`.`host`, `visits`.`timestamp`,`visits`.`forwarded_for`' . ' FROM `visits`,`users` WHERE `visits`.`userid`=' . sqlSafeStringQuotes($profile) . ' AND `users`.`id`=' . sqlSafeStringQuotes($profile); } // display visits log overview if (!isset($_GET['profile'])) { if (!isset($_GET['search'])) { // get list of last 200 visits $query = 'SELECT `visits`.`userid`,' . '(SELECT `name` FROM `users` WHERE `id`=`visits`.`userid`) AS `name`,' . '`visits`.`ip-address`,`visits`.`host`,`visits`.`timestamp`,`visits`.`forwarded_for`' . ' FROM `visits`'; } } $query .= ' ORDER BY `visits`.`id` DESC LIMIT '; $view_range = (int) 0; // the "LIMIT 0,200" part of query means only the first 200 entries are received // the range of shown matches is set by the GET variable i if (isset($_GET['i'])) { if ((int) $_GET['i'] > 0) { $view_range = (int) $_GET['i'];
function decrease_draw_match_count($teamid) { global $connection; global $site; $query = 'UPDATE `teams_profile` SET '; $query .= '`num_matches_draw`=`num_matches_draw`-' . sqlSafeStringQuotes('1'); $query .= ' WHERE (`teamid`=' . sqlSafeStringQuotes($teamid) . ')'; // only one team needs to be updated $query .= ' LIMIT 1'; if (!($result = $site->execute_query('teams_profile', $query, $connection))) { unlock_tables($site, $connection); $site->dieAndEndPage('Could not update win/play count for team with id ' . sqlSafeString($teamid) . ' due to a sql problem!'); } }
function sanityCheck(&$confirmed) { global $site; global $connection; global $randomkey_name; global $team_id1; global $team_id2; global $team1_caps; global $team2_caps; global $timestamp; global $duration; global $match_id; global $similarMatchFound; // sanitise match id if (isset($_GET['edit'])) { $match_id = intval($_GET['edit']); } if (isset($_GET['delete'])) { $match_id = intval($_GET['delete']); } // sanitise team variables if (isset($_POST['match_team_id1'])) { $team_id1 = intval($_POST['match_team_id1']); } elseif (isset($_POST['team_id1'])) { $team_id1 = intval($_POST['team_id1']); } else { $team_id1 = 0; } if ($team_id1 < 1) { $team_id1 = 0; } if (isset($_POST['match_team_id2'])) { $team_id2 = intval($_POST['match_team_id2']); } elseif (isset($_POST['team_id2'])) { $team_id2 = intval($_POST['team_id2']); } else { $team_id2 = 0; } if ($team_id2 < 1) { $team_id2 = 0; } // do the teams exist? // teams specified? if (!isset($_GET['delete']) && ($team_id1 > 0 && $team_id2 > 0)) { $team_exists = 0; $query = 'SELECT COUNT(`id`) as `team_exists` FROM `teams` WHERE `id`=' . sqlSafeStringQuotes($team_id1) . ' LIMIT 1'; if (!($result = @$site->execute_query('teams', $query, $connection))) { $site->dieAndEndPage('Could not find out name of team #' . sqlSafeString($team_id1) . '.'); } while ($row = mysql_fetch_array($result)) { $team_exits = intval($row['team_exists']); } mysql_free_result($result); if ($team_exits === 0) { echo '<p>Error: The specified team #1 does not exist</p>'; $confirmed = 0; } // reset variable for team 2 $team_exits = 0; $query = 'SELECT COUNT(`id`) as `team_exists` FROM `teams` WHERE `id`=' . sqlSafeStringQuotes($team_id2) . ' LIMIT 1'; if (!($result = @$site->execute_query('teams', $query, $connection))) { $site->dieAndEndPage('Could not find out name of team #' . sqlSafeString($team_id2) . '.'); } while ($row = mysql_fetch_array($result)) { $team_exits = intval($row['team_exists']); } mysql_free_result($result); if ($team_exits === 0) { echo '<p>Error: The specified team #2 does not exist</p>'; $confirmed = 0; } // teams are the same (and chosen by user) if ($team_id1 > 0 && $team_id2 > 0 && $team_id1 === $team_id2) { echo '<p>In order to be an official match, teams would have to be different!</p>'; $confirmed = 0; } } // sanitise score variables if (isset($_POST['team1_points'])) { $team1_caps = intval($_POST['team1_points']); } else { $team1_caps = 0; } if (isset($_POST['team2_points'])) { $team2_caps = intval($_POST['team2_points']); } else { $team2_caps = 0; } // sanitise day and time variables if (isset($_POST['match_day'])) { $match_day = $_POST['match_day']; } else { $match_day = date('Y-m-d'); } if (isset($_POST['match_time'])) { $match_time = $_POST['match_time']; } else { $match_time = date('H:i:s'); } if (isset($_POST['match_day']) && isset($_POST['match_time'])) { $timestamp = $_POST['match_day'] . ' ' . sqlSafeString($_POST['match_time']); } // user wants to edit match data again if (isset($_POST['match_cancel'])) { $confirmed = 0; } if (isset($_POST['$match_id'])) { $match_id = intval($_POST['$match_id']); } if (isset($_POST['duration'])) { $duration = intval($_POST['duration']); } else { $duration = 15; } // does the match exit? if (isset($match_id)) { $query = 'SELECT `id` FROM `matches` WHERE `id`=' . sqlSafeStringQuotes($match_id); if (!($result = $site->execute_query('matches', $query, $connection))) { $site->dieAndEndPage('Could not find out id for team 1 given match id ' . sqlSafeString($match_id) . ' due to a sql problem!'); } if (intval(mysql_num_rows($result)) < 1) { // match did not exist! $confirmed = 0; } } // sanitise date and time specified // sanity checks regarding day format // sample day: 2009-12-15 if (!preg_match('/(2)(0|1|2|3|4|5|6|7|8|9){3,}-(0|1)(0|1|2|3|4|5|6|7|8|9)-(0|1|2|3)(0|1|2|3|4|5|6|7|8|9)/', $match_day)) { echo '<p>Please make sure your specified date is in correct format. Do not forget leading zeros.</p>' . "\n"; $confirmed = (int) 0; } // sanity checks regarding time format // sample time: 15:21:35 if (!preg_match('/(0|1|2)([0-9]):([0-5])([0-9]):([0-5])([0-9])/', $match_time)) { echo '<p>Please make sure your specified time is in correct format. Do not forget leading zeros.</p>' . "\n"; $confirmed = (int) 0; } // get the unix timestamp from the date and time if (!($specifiedTime = strtotime($match_day . ' ' . $match_time))) { echo '<p>Please make sure your specified date and time is valid!</p>' . "\n"; $confirmed = (int) 0; } // look up if the day does exist in Gregorian calendar // checkdate expects order to be month, day, year if (!checkdate(date('m', $specifiedTime), date('d', $specifiedTime), date('Y', $specifiedTime))) { echo '<p>Please make sure your specified date and time is a valid Gregorian date.</p>' . "\n"; $confirmed = (int) 0; } // is match in the future? if (isset($timestamp)) { $curTime = (int) strtotime('now'); if ((int) $specifiedTime - $curTime >= 0) { echo '<p>You tried to enter, edit or delete a match that would have been played in the future.'; echo ' Only matches in the past can be entered, edited or deleted.</p>' . "\n"; $confirmed = (int) 0; } } // is match older than 2 months? $eightWeeksAgo = (int) strtotime('now -8 weeks'); if ((int) $specifiedTime <= $eightWeeksAgo) { echo '<p>You tried to enter, edit or delete a match that is older than 8 weeks.' . 'Only matches played in the last 8 weeks can be entered, edited or deleted.</p>' . "\n"; $confirmed = 0; } // check if there is already a match entered at that time // scores depend on the order, two matches done at the same time lead to undefined behaviour $query = 'SELECT `timestamp` FROM `matches` WHERE `timestamp`=' . sqlSafeStringQuotes($timestamp); if (!($result = @$site->execute_query('matches', $query, $connection))) { unlock_tables(); $site->dieAndEndPage('Unfortunately there seems to be a database problem' . ' and thus comparing timestamps (using equal operator) of matches failed.'); } $rows = (int) mysql_num_rows($result); mysql_free_result($result); if ($rows > 0 && !isset($_GET['edit']) && !isset($_GET['delete'])) { // go back to the first step of entering a match echo '<p>There is already a match entered at that exact time.'; echo ' There can be only one finished at the same time because the scores depend on the order of the played matches.</p>' . "\n"; // just warn them and let them enter it all again by hand echo 'Please enter the match with a different time.</p>' . "\n"; echo '<form enctype="application/x-www-form-urlencoded" method="post" action="?enter">' . "\n"; echo '<div>'; $site->write_self_closing_tag('input type="hidden" name="confirmed" value="0"'); echo '</div>' . "\n"; // pass the match values to the next page so the previously entered data can be set default for the new form show_form($team_id1, $team_id2, $team1_caps, $team2_caps, $readonly = false, $duration); echo '<div>'; $site->write_self_closing_tag('input type="submit" name="match_cancel" value="Cancel and change match data" id="send"'); echo '</div>' . "\n"; echo '</form>' . "\n"; $site->dieAndEndPage(); } // random key validity check if ($confirmed > 1) { $new_randomkey_name = ''; if (isset($_POST['key_name'])) { $new_randomkey_name = html_entity_decode($_POST['key_name']); } $randomkeysmatch = $site->compare_keys($randomkey_name, $new_randomkey_name); if (!$randomkeysmatch) { echo '<p>The magic key did not match. It looks like you came from somewhere else. Going back to compositing mode.</p>'; // reset the confirmed value $confirmed = 0; } } // check for similar match in database and warn user if at least one was found // skip warning if already warned (no infinite warning loop) if ($confirmed > 1 && !isset($_POST['similar_match'])) { // find out if there are similar matches $similarMatchFound = false; $similarMatchFound = similarMatchEntered(true); if (!$similarMatchFound) { // look for a possible last show stopper $similarMatchFound = similarMatchEntered(false); } else { // add space between last similar match and the one probably following $site->write_self_closing_tag('br'); // only call the function for user information, ignore result similarMatchEntered(false); } if ($similarMatchFound) { // ask for confirmation again and do not go ahead automatically $confirmed = 1; } } // no double confirmation about deletion - user saw confirmation step with $confirmed = 0 already if ($confirmed === 1 && isset($_GET['delete'])) { $confirmed = 2; } }
if (!($result = $site->execute_query('users_profile', $query, $connection))) { // query was bad, error message was already given in $site->execute_query(...) $site->dieAndEndPage(''); } } else { if (!(strcmp($_POST['logo_url'], '') === 0)) { echo '<p>Error: Skipping logo setting: Not allowed URL or extension.</p>'; } } } if (isset($_POST['admin_comments'])) { // only admins can edit their comments if ($allow_add_admin_comments_to_user_profile) { $query = 'UPDATE `users_profile` SET `admin_comments`=' . sqlSafeStringQuotes($site->bbcode($_POST['admin_comments'])); $query .= ', `raw_admin_comments`=' . sqlSafeStringQuotes($_POST['admin_comments']); $query .= ' WHERE `id`=' . sqlSafeStringQuotes($profile); if (!($result = @$site->execute_query('users_profile', $query, $connection))) { // query was bad, error message was already given in $site->execute_query(...) $site->dieAndEndPage(''); } } } echo '<p>The player profile has been updated successfully.</p>' . "\n"; $site->dieAndEndPage(''); } // display editing form echo '<form enctype="application/x-www-form-urlencoded" method="post" action="?edit=' . $profile . '">' . "\n"; echo '<div><input type="hidden" name="confirmed" value="1"></div>' . "\n"; $new_randomkey_name = $randomkey_name . microtime(); $new_randomkey = $site->set_key($new_randomkey_name); echo '<div><input type="hidden" name="key_name" value="' . htmlspecialchars($new_randomkey_name) . '"></div>' . "\n";
$query .= ' AND `users`.`teamid`<>' . sqlSafeStringQuotes('0'); } if (isset($_GET['search_string']) && !(strcmp($search_expression, '') === 0)) { if ($search_player_sort) { $query .= ' AND `users`.`name` LIKE ' . sqlSafeStringQuotes($search_expression); } elseif ($search_team_sort) { if (strcmp($search_expression, '(teamless)') === 0) { $query .= ' AND `users`.`teamid`=' . sqlSafeStringQuotes('0'); } else { $query .= ' AND `teams`.`name` LIKE ' . sqlSafeStringQuotes($search_expression); $query .= ' AND `teams`.`id`=`users`.`teamid`'; } } elseif ($search_bzid_sort) { $query .= ' AND `users`.`external_id` LIKE ' . sqlSafeStringQuotes($search_expression); } else { $query .= ' AND `users_profile`.`joined` LIKE ' . sqlSafeStringQuotes($search_expression); } } // the profile id of the player must match the actual player id (profile must belong to the same player) $query .= ' AND `users_profile`.`userid`=`users`.`id`'; // sort the result if ($search_player_sort) { $query .= ' ORDER BY `users`.`name`, `team_name`'; } elseif ($search_bzid_sort) { $query .= ' ORDER BY `users`.`external_id`, `users`.`name`, `team_name`'; } elseif ($search_joined_sort) { $query .= ' ORDER BY `users_profile`.`joined`, `team_name`, `users`.`name`'; } else { $query .= ' ORDER BY `team_name`, `users`.`name`'; } if ($result = @$site->execute_query('users, teams', $query, $connection)) {
function show_score_changes($team_stats_changes, $keys, $n_teams = 0) { global $site; global $connection; if (intval($n_teams) === 0) { $n_teams = (int) count($keys) - 1; } // old score = new score for some teams? $skipped_teams = false; for ($i = 0; $i <= $n_teams; $i++) { // grab old score from team overview $query = 'SELECT `score` FROM `teams_overview` WHERE `teamid`=' . sqlSafeStringQuotes($keys[$i]) . ' LIMIT 1'; if (!($result = @$site->execute_query('teams_overview', $query, $connection))) { $site->dieAndEndPageNoBox('Could not load score from team overview for team #' . $keys[$i] . '.'); } while ($row = mysql_fetch_array($result)) { // remember old score $team_stats_changes[$keys[$i]]['old_score'] = $row['score']; // compute new score $team_stats_changes[$keys[$i]]['new_score'] = get_score_at_that_time($keys[$i], date('Y-m-d H:i:s')); // save new score in database, if needed if ($team_stats_changes[$keys[$i]]['old_score'] - $team_stats_changes[$keys[$i]]['new_score'] === 0) { // this team has no changed score unset($team_stats_changes[$keys[$i]]); // -> one team had no changed score $skipped_teams = true; } else { $query = 'UPDATE `teams_overview` SET `score`=' . $team_stats_changes[$keys[$i]]['new_score'] . ' WHERE `teamid`=' . sqlSafeStringQuotes($keys[$i]) . ' LIMIT 1'; if (!($result_update = @$site->execute_query('matches', $query, $connection))) { $site->dieAndEndPageNoBox('Could not load score of team overview for team #' . $keys[$i] . '.'); } } } mysql_free_result($result); if (isset($team_stats_changes[$keys[$i]])) { // get team name from database $query = 'SELECT `name` FROM `teams` WHERE `id`=' . sqlSafeStringQuotes($keys[$i]) . ' LIMIT 1'; if (!($result = @$site->execute_query('teams', $query, $connection))) { $site->dieAndEndPageNoBox('Could not load name of team #' . $keys[$i] . '.'); } while ($row = mysql_fetch_array($result)) { // save name in lookup array $team_stats_changes[$keys[$i]]['name'] = $row['name']; } mysql_free_result($result); } } // at least one team had no changed score if ($skipped_teams) { // re-index the keys $keys = array_keys($team_stats_changes); // re-compute the number of teams $n_teams = (int) count($keys) - 1; } if ($n_teams >= 0) { // if teams had changed scores show a nice comparison table echo '<table id="table_scores_changed_overview" class="nested_table">' . "\n"; echo '<caption>Changed teams scores</caption>' . "\n"; echo '<tr>' . "\n"; echo ' <th>Team</th>' . "\n"; echo ' <th>Previous score</th>' . "\n"; echo ' <th>New score</th>' . "\n"; echo ' <th>Difference</th>' . "\n"; echo '</tr>' . "\n\n"; for ($i = 0; $i <= $n_teams; $i++) { // entries with no changed scores were deleted without re-indexing using unset if (isset($keys[$i])) { echo '<tr class="table_scores_changed_overview">' . "\n"; // name of team echo ' <td class="table_scores_changed_overview_name">'; echo '<a href="../Teams/?profile=' . htmlspecialchars($keys[$i]) . '">'; echo strval($team_stats_changes[$keys[$i]]['name']); echo '</a>'; echo '</td>' . "\n"; // old score echo ' <td class="table_scores_changed_overview_score_before">'; echo strval($team_stats_changes[$keys[$i]]['old_score']); echo '</td>' . "\n"; // new score echo ' <td class="table_scores_changed_overview_score_after">'; echo strval($team_stats_changes[$keys[$i]]['new_score']); echo '</td>' . "\n"; // difference computation echo ' <td class="table_scores_changed_overview_difference">'; $score_change = strval(intval($team_stats_changes[$keys[$i]]['new_score']) - intval($team_stats_changes[$keys[$i]]['old_score'])); // prefix if ($score_change > 0) { echo '+'; } elseif ($score_change === 0) { // ± displays a +- symbol echo '±'; } // display difference echo $score_change; echo '</td>' . "\n"; echo '</tr>' . "\n"; } } // done echo '</table>' . "\n"; } else { echo '<p>No team scores were changed.</p>' . "\n"; } }
* GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. * */ /* * Vertical bar chart demonstration * */ if (!isset($site)) { die('this file is not meant to be called directly'); } include "../CMS/libchart-1.2.1/libchart/classes/libchart.php"; // get stats from database $query = 'SELECT `timestamp`, `team1ID`, `team2ID`' . ' FROM `matches`' . ' WHERE `timestamp` LIKE ' . sqlSafeStringQuotes('%') . ' AND (`team1ID` = 40 AND `team2ID` = 10' . ' OR (`team2ID` = 40 AND `team1ID` = 10))' . ' ORDER BY `timestamp`'; if (!($result = $site->execute_query('matches', $query, $connection))) { die('Could not grab history of all matches ever played.'); } // interpret results $oldTimestamp = ''; $matches = array(); while ($row = mysql_fetch_array($result)) { // raw database result // e.g. 2005-01-23 22:42:20 $curTimestamp = $row['timestamp']; // assume year has always 4 digits, a dash (here -) follows and then there follows always 2 digit month // as well as a dash and 2 digit day // e.g. 22: $curTimestamp = substr($curTimestamp, 11, 2); if (!isset($matches[$curTimestamp]['hours'])) {