$username = $core->CurrentUser()->Name;
// Browser string
$browser = @$_SERVER["HTTP_USER_AGENT"];
if (empty($browser)) {
$browser = "Unknown";
}
// Save username and browser string in our database
// SQL($query) is a method of the Core object that runs a SQL query on the plugin database
// SQLEscape($string) is also a Core method that is a shorthand for mysql_real_escape_string($string)
$core->SQL("INSERT INTO `browserstats` (`User`, `Browser`) VALUES ('" . $core->SQLEscape($username) . "', '" . $core->SQLEscape($browser) . "') ON DUPLICATE KEY UPDATE `Browser`='" . $core->SQLEscape($browser) . "'");
// Read the database
$result = $core->SQL("SELECT * FROM `browserstats`");
$browserstats = array();
while ($row = mysql_fetch_assoc($result)) {
$br = new Browser($core->SQLUnEscape($row["Browser"]));
$browsername = "{$br->Platform}, {$br->Name} {$br->Version}";
if (isset($browserstats[$browsername])) {
$browserstats[$browsername] += 1;
} else {
$browserstats[$browsername] = 1;
}
}
// We have the browser stats in an array. Now assign it to a Smarty template variable
// So that it will be availabe in the Smarty template.
// You can assign any type of variable: numbers, strings, arrays, objects... all work
// The format is $core->assign("template_variable_name", "variable_value")
$core->assign("browserstats", $browserstats);
// We are done. Last step is to display our Smarty template
// PlugInPath is a property of the Core object that returns the absolute path to the main plugin directory.
// Relative paths do not work here.
$core->display($core->PlugInPath . "browserstats/browserstats.tpl");
$action = "home";
}
$result = 0;
if (isset($_GET["read"]) && is_numeric(@$_GET["read"])) {
$note = $cms->ReadNotepad($_GET["read"]);
$_POST["id"] = $note->ID;
$_POST["title"] = $note->Title;
if ($cms->IsIGB()) {
$_POST["text"] = strip_tags($note->Text);
} else {
$_POST["text"] = $note->Text;
}
$action = "read";
} elseif ($action == "home") {
$titles = $cms->GetNotepadTitles();
$cms->assign("titles", $titles);
} elseif ($action == "newdone") {
if ($_POST["submit"] == "Save") {
if (empty($_POST["title"]) || empty($_POST["text"])) {
$action = "new";
$result = 1;
} else {
$cms->NewNotepad($_POST["title"], $_POST["text"]);
$cms->Goto("notepad.php");
}
} else {
$cms->Goto("notepad.php");
}
} elseif ($action == "editdone") {
if ($_POST["submit"] == "Save") {
if (empty($_POST["title"]) || empty($_POST["text"])) {
<?php
require_once '../core/core.class.php';
$cms = new Core();
$step = @$_POST["step"];
if (empty($step)) {
$step = 1;
}
$result = 0;
$cms->assign("apiuserid", @$_POST["apiuserid"]);
$cms->assign("apikey", @$_POST["apikey"]);
$cms->assign("charid", @$_POST["charid"]);
$cms->assign("charname", @$_POST["charname"]);
$cms->assign("corpname", @$_POST["corpname"]);
$cms->assign("corpticker", @$_POST["corpticker"]);
$cms->assign("corpid", @$_POST["corpid"]);
if ($step == 2) {
if (empty($_POST["apiuserid"]) | empty($_POST["apikey"])) {
$result = 1;
$step = 1;
} else {
$res = $cms->GetUserCharacters($_POST["apiuserid"], $_POST["apikey"]);
if ($res === FALSE) {
$result = 2;
$step = 1;
} elseif (empty($res)) {
$result = 3;
$step = 1;
} elseif (count($res) == 1) {
$result = 4;
$step = 2;
<?php
require_once '../core/core.class.php';
$cms = new Core();
$result = 0;
$cms->assign("username", @$_POST["username"]);
$cms->assign("apiuserid", @$_POST["apiuserid"]);
$cms->assign("apikey", @$_POST["apikey"]);
if (isset($_POST["submit"])) {
if (empty($_POST["apiuserid"]) || empty($_POST["apikey"])) {
$result = 1;
} elseif (empty($_POST["username"])) {
$result = 7;
} elseif (empty($_POST["password1"]) || empty($_POST["password2"])) {
$result = 4;
} elseif ($_POST["password1"] != $_POST["password2"]) {
$result = 5;
} else {
$result = $cms->CoreSQL("SELECT * FROM users WHERE Name='" . $cms->SQLEscape($_POST["username"]) . "' OR FIND_IN_SET('" . $cms->SQLEscape($_POST["username"]) . "', Alts) LIMIT 1");
if (mysql_num_rows($result) == 0) {
$result = 6;
} else {
$res = $cms->GetUserCharacters($_POST["apiuserid"], $_POST["apikey"]);
if ($res === FALSE) {
$result = 2;
} elseif (empty($res)) {
$result = 3;
} elseif (count($res) > 0) {
foreach ($res as $char) {
if ($char["Name"] == $_POST["username"]) {
$result = 8;
<?php
require_once '../core/core.class.php';
$cms = new Core();
if (isset($_GET["unsubscribe"]) && is_numeric(@$_GET["unsubscribe"])) {
$cms->UnSubscribeForumTopic($_GET["unsubscribe"]);
}
// List all signed-up events
$calendar = $cms->ReadCalendarSignups();
$cms->assign("calendar", $calendar);
// Subscribed topics
$subs = $cms->GetForumSubscriptions();
$cms->assign('subscriptions', $subs);
$cms->display('signups.tpl');
<?php
require_once '../core/core.class.php';
$cms = new Core();
if (!$cms->AccessCheck()) {
header("Location: access.php");
exit;
}
$article = $cms->ReadArticle(3);
$cms->assign("quickinfo", $article);
$cms->display('quickinfo.tpl');
$action = @$_GET["action"];
if (empty($action)) {
$action = "plugins";
}
$result = 0;
if (isset($_GET["edit"]) && is_numeric(@$_GET["edit"])) {
if (!isset($_POST["id"])) {
$plugin = $cms->ReadPlugIn($_GET["edit"]);
$_POST["id"] = $plugin->ID;
$_POST["title"] = $plugin->Title;
$_POST["releasecontrol"] = $plugin->Release;
$_POST["accesscontrol"] = $plugin->ReadAccess;
$_POST["showigb"] = $plugin->ShowIGB ? "on" : "";
$_POST["showadmin"] = $plugin->ShowAdmin ? "on" : "";
}
$cms->assign("id", @$_POST["id"]);
$cms->assign("title", @$_POST["title"]);
$cms->assign("releasecontrol", @$_POST["releasecontrol"]);
$cms->assign("accesscontrol", @$_POST["accesscontrol"]);
$cms->assign("showigb", @$_POST["showigb"]);
$cms->assign("showadmin", @$_POST["showadmin"]);
$action = "edit";
} elseif ($action == "editdone" && is_numeric(@$_POST["id"])) {
if ($_POST["submit"] == "Save") {
if (empty($_POST["title"])) {
$action = "edit";
$result = 1;
$cms->assign("id", @$_POST["id"]);
$cms->assign("title", @$_POST["title"]);
$cms->assign("releasecontrol", @$_POST["releasecontrol"]);
$cms->assign("accesscontrol", @$_POST["accesscontrol"]);
<?php
require_once '../core/core.class.php';
$cms = new Core();
$ismoderator = $cms->CurrentUser()->HasPortalRole(User::MDYN_CEO) || $cms->CurrentUser()->HasPortalRole(User::MDYN_ForumModerator) || $cms->CurrentUser()->HasPortalRole(User::MDYN_Administrator) || $cms->CurrentUser()->HasEVERole(User::EVE_Director) ? 1 : 0;
$cms->assign("ismoderator", $ismoderator);
$cms->assign("pagetitle", " | Forums");
if (isset($_GET["category"]) && is_numeric(@$_GET["category"])) {
$access = $cms->CanReadCategory($_GET["category"]);
if ($access == 0) {
$cms->Goto("access.php");
}
if ($access == 2) {
$cms->Goto("forums.php?getcategorypassword="******"category"]);
}
$page = 0;
if (isset($_GET["page"]) && is_numeric(@$_GET["page"])) {
$page = $_GET["page"] - 1;
}
$pagecount = floor($cms->ReadForumTopicCount($_GET["category"]) / 20) + 1;
if ($pagecount < 0) {
$pagecount = 0;
}
if ($page < 0) {
$page = 0;
}
if ($page > $pagecount - 1) {
$page = $pagecount - 1;
}
$cat = $cms->ReadForumCategory($_GET["category"]);
$topics = $cms->ReadForumTopics($_GET["category"], $page * 20);
<?php
require_once '../core/core.class.php';
$cms = new Core();
$action = @$_GET["action"];
if (empty($action)) {
$action = "home";
}
$result = 0;
$isadmin = $cms->CurrentUser()->HasPortalRole(User::MDYN_CEO) || $cms->CurrentUser()->HasPortalRole(User::MDYN_Administrator) || $cms->CurrentUser()->HasEVERole(User::EVE_Director) ? 1 : 0;
$cms->assign("isadmin", $isadmin);
if ($cms->CurrentUser()->HasPortalRole(User::MDYN_CanSubmitNews) || $cms->CurrentUser()->AccessRight() >= 3) {
$cms->assign("canpost", true);
}
if (isset($_GET["read"]) && is_numeric(@$_GET["read"])) {
// Show news item from the archive
$note = $cms->ReadNewsItem($_GET["read"]);
$_POST["id"] = $note->ID;
$_POST["title"] = $note->Title;
$_POST["text"] = $note->Text;
$_POST["readaccess"] = $note->ReadAccess;
$cms->assign("author", $note->AuthorName);
$cms->assign("date", $note->Date);
$cms->assign("editid", $isadmin == true || $cms->CurrentUser()->AccessRight() >= 4 || $note->Author == $cms->CurrentUser()->ID ? $note->ID : 0);
$action = "read";
} elseif (isset($_GET["edit"]) && is_numeric(@$_GET["edit"])) {
$note = $cms->ReadNewsItem($_GET["edit"]);
$_POST["id"] = $note->ID;
$_POST["title"] = $note->Title;
$_POST["text"] = $note->Text;
$_POST["readaccess"] = $note->ReadAccess;
<?php
require_once '../core/core.class.php';
$cms = new Core();
$action = @$_GET["action"];
if (empty($action)) {
$action = "home";
}
$result = 0;
$isadmin = $cms->CurrentUser()->HasPortalRole(User::MDYN_CEO) || $cms->CurrentUser()->HasPortalRole(User::MDYN_Administrator) || $cms->CurrentUser()->HasEVERole(User::EVE_Director) ? 1 : 0;
$cms->assign("isadmin", $isadmin);
if ($cms->CurrentUser()->HasPortalRole(User::MDYN_CanSubmitCalendar) || $cms->CurrentUser()->AccessRight() >= 3) {
$cms->assign("canpost", true);
}
// All corp members can post
if ($cms->CurrentUser()->AccessRight() >= 2) {
$cms->assign("canpost", true);
}
if (isset($_GET["view"])) {
// List all calendar entries
$allcalendar = $cms->ReadCalendarAll();
$calendar = array();
foreach ($allcalendar as $item) {
if (date("Ymd", strtotime($item->Date)) == $_GET["view"]) {
$calendar[] = $item;
}
}
$cms->assign("view", date("Y-m-d", strtotime($_GET["view"])));
$cms->assign("calendar", $calendar);
$action = "view";
} elseif (isset($_GET["read"]) && is_numeric(@$_GET["read"])) {
$portalid = $core->CurrentUser()->ID;
}
if ($template == "" || empty($template) || $template < 0) {
$template = 0;
}
if ($templatepost == "" || empty($templatepost) || $templatepost < 0) {
$templatepost = 0;
}
if ($return == "" || empty($return) || $return < 0) {
$return = 0;
}
if ($action == "home") {
$result = $core->SQL("SELECT * FROM operations_params");
while ($row = mysql_fetch_assoc($result)) {
if ($row["Name"] == "IndexDate") {
$core->assign("indexdate", $row["Value"]);
}
if ($row["Name"] == "IndexTime") {
$core->assign("indextime", $row["Value"]);
}
}
} elseif ($action == "qtc7" || $action == "qtc30") {
$timeperiod = 7;
if ($action == "qtc30") {
$timeperiod = 30;
}
$raw = file_get_contents("http://www.starvingpoet.net/feeds/mmi.xml");
if ($raw !== FALSE) {
$xml = new SimpleXMLElement($raw);
$date = $xml["date"];
$date = substr($date, 0, 4) . "-" . substr($date, 4, 2) . "-" . substr($date, 6, 2);
<?php
require_once '../core/core.class.php';
$cms = new Core();
if ($cms->CurrentUser()->Name == "Guest") {
header("Location: access.php");
exit;
}
$action = @$_GET["action"];
$result = 0;
if (isset($_GET["user"]) && is_numeric(@$_GET["user"])) {
$cms->assign('showuser', $cms->GetUserFromID($_GET["user"]));
$cms->assign('posts', $cms->ForumRepliesByAuthor($_GET["user"]));
$_GET["action"] = "user";
} elseif ($action == "editdone") {
if ($_POST["submit"] == "Save") {
$cms->EditUserInfo($_POST["timezone"], $_POST["email"], $_POST["im"], $_POST["dob_Year"] . "-" . $_POST["dob_Month"] . "-" . $_POST["dob_Day"], $_POST["location"]);
if (!empty($_POST["apiuserid"]) && !empty($_POST["apikey"])) {
$cms->EditUserAPIInfo($_POST["apiuserid"], $_POST["apikey"]);
}
$settings = 0;
if (@$_POST["showgamenews"] == "on") {
$settings = $settings | User::ShowGameNews;
}
if (@$_POST["showdevblogs"] == "on") {
$settings = $settings | User::ShowDevBlogs;
}
if (@$_POST["showrpnews"] == "on") {
$settings = $settings | User::ShowRPNews;
}
if (@$_POST["showtqstatus"] == "on") {
<?php
require_once '../core/core.class.php';
$cms = new Core();
if (!$cms->AccessCheck(User::EVE_Director, array(User::MDYN_CEO, User::MDYN_Administrator, User::MDYN_Developer))) {
$cms->Goto("access.php");
}
$action = @$_GET["action"];
if (empty($action)) {
$action = "cronjobs";
}
$result = 0;
$crontypes = array("Hourly at xx:00", "Hourly at xx:30", "Daily at 00:00 GMT", "Daily at 11:00 GMT", "Daily at 12:00 GMT", "Weekly on Mondays at 00:00 GMT", "Weekly on Wednesdays at 00:00 GMT", "Weekly on Fridays at 00:00 GMT", "Weekly on Saturdays at 00:00 GMT", "Weekly on Sundays at 00:00 GMT");
$cms->assign("crontypes", $crontypes);
if (isset($_GET["edit"]) && is_numeric(@$_GET["edit"])) {
if (!isset($_POST["id"])) {
$job = $cms->ReadCronJob($_GET["edit"]);
$_POST["id"] = $job->ID;
$_POST["title"] = $job->Title;
$_POST["type"] = $job->ScheduleType;
$_POST["source"] = $job->Source;
}
$cms->assign("id", @$_POST["id"]);
$cms->assign("title", @$_POST["title"]);
$cms->assign("type", @$_POST["type"]);
$cms->assign("source", @$_POST["source"]);
$action = "edit";
} elseif ($action == "editdone") {
if ($_POST["submit"] == "Save") {
if (empty($_POST["title"]) || empty($_POST["source"])) {
$action = "edit";
if (!$cms->AccessCheck(User::EVE_Director, array(User::MDYN_CEO, User::MDYN_Administrator))) {
$cms->Goto("access.php");
}
$action = @$_GET["action"];
if (empty($action)) {
$action = "users";
}
$result = 0;
if (isset($_GET["edit"]) && is_numeric(@$_GET["edit"])) {
if (!isset($_POST["id"])) {
$note = $cms->ReadArticle($_GET["edit"]);
$_POST["id"] = $note->ID;
$_POST["title"] = $note->Title;
$_POST["text"] = $note->Text;
}
$cms->assign("id", @$_POST["id"]);
$cms->assign("title", @$_POST["title"]);
$cms->assign("text", @$_POST["text"]);
$action = "edit";
} elseif ($action == "editdone") {
if ($_POST["submit"] == "Save") {
if (empty($_POST["title"]) || empty($_POST["text"])) {
$action = "edit";
$result = 1;
$cms->assign("id", @$_POST["id"]);
$cms->assign("title", @$_POST["title"]);
$cms->assign("text", @$_POST["text"]);
} else {
if ($_POST["id"] == 1 || $_POST["id"] == 2) {
$cms->EditArticle($_POST["id"], $_POST["title"], $_POST["text"], 0, 4);
} else {
<?php
require_once '../core/core.class.php';
$cms = new Core();
$article = $cms->ReadArticle(4);
$cms->assign("help", $article);
$cms->display('help.tpl');
/**
* 如果使用者有輸入要查詢的IP,就使用使用者輸入的IP進行查詢。
* 如果沒有輸入,就檢查是否有啟用CloudFlare的服務,然後抓取使用者目前的IP。
*/
if (isset($_POST['ip']) && !empty(trim($_POST['ip']))) {
$ipAddress = $_POST['ip'];
} else {
$ipAddress = isset($_SERVER["HTTP_CF_CONNECTING_IP"]) ? $_SERVER["HTTP_CF_CONNECTING_IP"] : getenv('REMOTE_ADDR');
if ($ipAddress == '::1') {
$ipAddress = '127.0.0.1';
}
}
/**
* 指派要呈現的樣板變數和資料
*/
$smarty->assign(array('title' => 'HSDN - IP Information and Spam Check', 'subTitle' => 'IP Information and Spam Check', 'ipAddr' => $ipAddress, 'ipGeo' => _ip2geo($ipAddress), 'spamCheck' => _ipSpamCheck($ipAddress)));
/**
* 指定要呈現資料的樣板名稱
*/
$smarty->display('main.html');
/**
* 檢查IP是否被列為Spam來源
* @param String $ipAddress IP位址
* @return Array 檢查結果
*/
function _ipSpamCheck($ipAddress)
{
$revip = implode(".", array_reverse(explode(".", $ipAddress, 4), false));
/**
* 使用的SPAM檢查服務
* Abuseat: http://www.abuseat.org/faq.html
}
if (isset($_GET["edit"])) {
$action = "edit";
}
if ($action == "home" || $action == "homeships" || $action == "homerigs") {
$itemids = array();
// Read ship prices
if ($action == "homeships" || $action == "home") {
$result = $core->SQL("SELECT * FROM production_items WHERE Type=0 ORDER BY GroupName ASC, Race ASC, `Name` ASC");
$dbprices = array();
while ($row = mysql_fetch_assoc($result)) {
$dbprices[] = array("ID" => $row["id"], "EveTypeID" => $row["EveTypeID"], "EveGraphicID" => $row["EveGraphicID"], "GroupName" => $core->SQLUnEscape($row["GroupName"]), "Race" => $core->SQLUnEscape($row["Race"]), "Name" => $core->SQLUnEscape($row["Name"]), "Price" => number_format($row["Price"], 0), "AlliancePrice" => number_format($row["AlliancePrice"], 0));
$itemids[] = $row["EveTypeID"];
}
mysql_free_result($result);
$core->assign("shipprices", $dbprices);
}
// Read rig prices
if ($action == "homerigs" || $action == "home") {
$result = $core->SQL("SELECT * FROM production_items WHERE Type=1 ORDER BY GroupName ASC, `Name` ASC");
$dbprices = array();
while ($row = mysql_fetch_assoc($result)) {
$dbprices[] = array("ID" => $row["id"], "EveTypeID" => $row["EveTypeID"], "EveGraphicID" => $row["EveGraphicID"], "GroupName" => $core->SQLUnEscape($row["GroupName"]), "Race" => $core->SQLUnEscape($row["Race"]), "Name" => $core->SQLUnEscape($row["Name"]), "Price" => number_format($row["Price"], 0), "AlliancePrice" => number_format($row["AlliancePrice"], 0));
$itemids[] = $row["EveTypeID"];
}
mysql_free_result($result);
$core->assign("rigprices", $dbprices);
}
// Read material prices
$result = $core->SQL("SELECT EveTypeID,Price FROM operations_items");
$itemprices = array();
if ($action == "inbox" || $action == "sentitems") {
$isinbox = $action == "inbox";
$sort = @$_GET["order"];
$page = 0;
if (isset($_GET["page"]) && is_numeric(@$_GET["page"])) {
$page = $_GET["page"] - 1;
}
$pagecount = ceil($cms->MailBoxCount($isinbox, $folder) / 20);
if ($page > $pagecount - 1) {
$page = $pagecount - 1;
}
if ($page < 0) {
$page = 0;
}
$messages = $cms->ReadMailBox($isinbox, $folder, $page * 20, 20, $sort);
$cms->assign("messages", $messages);
$cms->assign("page", $page);
$cms->assign("pagecount", $pagecount);
} elseif ($action == "search") {
$query = @$_GET["query"];
$mailbox = @$_GET["mailbox"];
if (empty($query)) {
$cms->Goto("mail.php?action=" . $mailbox);
}
$isinbox = $mailbox == "inbox";
$messages = $cms->SearchMailBox($query, $isinbox, $folder);
$cms->assign("messages", $messages);
$cms->assign("mailbox", $mailbox);
$cms->assign("query", $query);
} elseif ($action == "compose" || $action == "reply" || $action == "replytoall" || $action == "forward") {
$names = $cms->GetAllUserNames();
<?php
require_once '../core/core.class.php';
$cms = new Core();
$article = $cms->ReadArticle(2);
$cms->assign("policies", $article);
$cms->display('policies.tpl');
} else {
$result = $core->SQL("SELECT COUNT(*) FROM gallery");
$pagecount = ceil(mysql_result($result, 0) / $max);
$result = $core->SQL("SELECT * FROM gallery WHERE " . $core->CurrentUser()->AccessRight() . ">=AccessRight AND AccessRight!=-1 AND AccessRight!=1 ORDER BY Date DESC LIMIT " . $max * ($page - 1) . "," . $max);
}
} elseif ($action == "recruitment") {
if ($core->CurrentUser()->AccessRight() < 3) {
$core->Goto('../../php/access.php');
}
$recruitment = $_GET["recruitment"];
if ($recruitment == "all") {
$result = $core->SQL("SELECT COUNT(*) FROM gallery");
$pagecount = ceil(mysql_result($result, 0) / $max);
$result = $core->SQL("SELECT * FROM gallery WHERE AccessRight=1 ORDER BY Date DESC LIMIT " . $max * ($page - 1) . "," . $max);
} else {
$core->assign("recruitname", $core->GetUserFromID($recruitment)->Name);
$core->assign("recruitment", $recruitment);
$result = $core->SQL("SELECT COUNT(*) FROM gallery WHERE Owner=" . $recruitment);
$pagecount = ceil(mysql_result($result, 0) / $max);
$result = $core->SQL("SELECT * FROM gallery WHERE Owner=" . $recruitment . " AND AccessRight=1 ORDER BY Date DESC LIMIT " . $max * ($page - 1) . "," . $max);
}
} else {
if ($core->CurrentUser()->AccessRight() == 0) {
$result = $core->SQL("SELECT COUNT(*) FROM gallery");
$pagecount = ceil(mysql_result($result, 0) / $max);
$result = $core->SQL("SELECT * FROM gallery WHERE Owner=" . $core->CurrentUser()->ID . " AND AccessRight=1 ORDER BY Date DESC LIMIT " . $max * ($page - 1) . "," . $max);
} else {
$result = $core->SQL("SELECT COUNT(*) FROM gallery WHERE Owner=" . $core->CurrentUser()->ID);
$pagecount = ceil(mysql_result($result, 0) / $max);
$result = $core->SQL("SELECT * FROM gallery WHERE Owner=" . $core->CurrentUser()->ID . " AND AccessRight!=1 ORDER BY Date DESC LIMIT " . $max * ($page - 1) . "," . $max);
}
<?php
require_once '../core/core.class.php';
$cms = new Core();
if ($cms->IsIGB()) {
// Calendar
$calendar = $cms->ReadCalendar();
$cms->assign("calendar", $calendar);
// Corp news
$news = $cms->ReadNews();
$cms->assign("news", $news);
} else {
// Save shout
if (isset($_GET["shout"])) {
$cms->SaveShout($_GET["shout"]);
$cms->Goto("home.php");
}
// Current user
$user = $cms->CurrentUser();
// Welcome message
$article = $cms->ReadArticle(1);
$cms->assign("welcome", $article);
// Calendar
$calendar = $cms->ReadCalendar();
$cms->assign("calendar", $calendar);
// Corp news
$news = $cms->ReadNews();
$cms->assign("news", $news);
$shortnews = "";
for ($i = 0; $i < min(count($news), 5); $i++) {
$feed = $news[$i];
$items[$val[0]] = $val[1];
}
$op = array("ID" => $row["id"], "Leader" => $names[$row["Leader"]], "Players" => $players, "PlayerNames" => $playernames, "Date" => $core->GMTToLocal($row["Date"]), "OpDate" => $row["OpDate"], "Status" => $row["Status"], "RejectReason" => $core->SQLUnEscape($row["RejectReason"]), "Notes" => $core->SQLUnEscape($row["Notes"]), "TimeIns" => $timeins, "TimeOuts" => $timeouts, "Items" => $items, "CanEdit" => $canedit);
// All items
$result = $core->SQL("SELECT `id`, `Name`, `GroupID` FROM operations_items ORDER BY `GroupID` ASC, `DisplayOrder` ASC, `Name` ASC");
$allitems = array();
while ($row = mysql_fetch_assoc($result)) {
$quantity = "";
if (isset($items[$row["id"]])) {
$quantity = $items[$row["id"]];
}
if ($action == "edit" || $action == "view" && !empty($quantity)) {
$allitems[] = array($row["id"], $row["GroupID"], $core->SQLUnEscape($row["Name"]), $quantity);
}
}
$core->assign("items", $allitems);
$core->assign("names", $names);
$core->assign("op", $op);
} elseif (isset($_GET["cancel"])) {
$id = $_GET["cancel"];
$result = $core->SQL("SELECT Leader, Players FROM operations_submissions WHERE id=" . $id . " LIMIT 1");
$row = mysql_fetch_assoc($result);
$canedit = $row["Leader"] == $core->CurrentUser()->ID || in_array($core->CurrentUser()->ID, explode(",", $row["Players"]));
if ($canedit) {
$core->SQL("UPDATE operations_submissions SET Status=5 WHERE id=" . $id . " LIMIT 1");
}
$core->Goto("index.php");
} elseif ($action == "editdone") {
$id = $_POST["id"];
$timeins = array();
$timeouts = array();
<?php
require_once '../core/core.class.php';
$cms = new Core();
if (isset($_GET["delete"]) && is_numeric(@$_GET["delete"]) && $cms->CurrentUser()->HasPortalRole(User::MDYN_Administrator)) {
$cms->CoreSQL("DELETE FROM feedback WHERE id=" . $_GET["delete"] . " LIMIT 1");
$cms->Goto("feedback.php");
} elseif ($cms->CurrentUser()->HasPortalRole(User::MDYN_Administrator)) {
$feedbacks = array();
$result = $cms->CoreSQL("SELECT * FROM feedback");
while ($row = mysql_fetch_assoc($result)) {
$feedbacks[] = array($cms->SQLUnEscape($row["Name"]), $cms->SQLUnEscape($row["EMail"]), $cms->SQLUnEscape($row["APIUserID"]), $cms->SQLUnEscape($row["APIKey"]), $cms->SQLUnEscape($row["Notes"]), $row["id"], $cms->GMTToLocal($row["Date"]));
}
$cms->assign("feedbacks", $feedbacks);
} elseif (@$_GET["result"] == "1") {
$cms->assign("result", 1);
} elseif (@$_POST["submit"] == "Submit") {
$query = "INSERT INTO feedback (Date,Name,Email,APIUserID,APIKey,Notes) VALUES (";
$query .= "'" . $cms->GMTTime() . "',";
$query .= "'" . $cms->SQLEscape($_POST["name"]) . "',";
$query .= "'" . $cms->SQLEscape($_POST["email"]) . "',";
$query .= "'" . $cms->SQLEscape($_POST["apiuserid"]) . "',";
$query .= "'" . $cms->SQLEscape($_POST["apikey"]) . "',";
$query .= "'" . $cms->SQLEscape($_POST["notes"]) . "')";
$cms->CoreSQL($query);
$cms->Goto("feedback.php?result=1");
}
$cms->display('feedback.tpl');
$result["Ticker"] = $xml->result->ticker;
$result["Alliance Name"] = $xml->result->allianceName;
$result["CEO"] = $xml->result->ceoName;
$result["Headquarters"] = $xml->result->stationName;
$result[] = "";
$result["Tax Rate"] = $xml->result->taxRate . "%";
$result["Member Count"] = $xml->result->memberCount;
$result["Member Limit"] = $xml->result->memberLimit;
$result["Shares"] = $xml->result->shares;
$result[] = "";
$result["Description"] = $xml->result->description;
$result["Web Site"] = empty($xml->result->url) ? "" : "<a href='" . $xml->result->url . "'>" . $xml->result->url . "</a>";
$error = "";
}
}
$core->assign("action", "corp");
$core->assign("error", $error);
$core->assign("result", $result);
} else {
$users = $core->GetAllUsers(true, true);
usort($users, "objcmp");
$core->assign("users", $users);
}
$core->display($core->PlugInPath . 'orgchart/orgchart.tpl');
// Sorts users by role then name
function objcmp($a, $b)
{
if ($a->IsCEO()) {
return -1;
} elseif ($b->IsCEO()) {
return 1;
require_once '../core/core.class.php';
$cms = new Core();
$action = @$_GET["action"];
if (empty($action)) {
$action = "home";
}
$result = 0;
if (isset($_GET["read"]) && is_numeric(@$_GET["read"])) {
$note = $cms->ReadArticle($_GET["read"]);
$_POST["id"] = $note->ID;
$_POST["title"] = $note->Title;
$_POST["text"] = $note->Text;
$_POST["readaccess"] = $note->ReadAccess;
$_POST["writeaccess"] = $note->WriteAccess;
$cms->assign("articleid", $note->ID);
$cms->assign("authorid", $note->Author);
$cms->assign("author", $note->AuthorName);
$cms->assign("signature", $note->AuthorSignature);
$cms->assign("date", $note->Date);
$cms->assign("editid", $note->WriteAccess <= $cms->CurrentUser()->AccessRight() || $note->Author == $cms->CurrentUser()->ID ? $note->ID : 0);
$cms->assign("isadmin", $note->Author != $cms->CurrentUser()->ID ? 1 : 0);
$cms->assign("comments", $note->Comments);
$action = "read";
} elseif (isset($_GET["edit"]) && is_numeric(@$_GET["edit"])) {
$note = $cms->ReadArticle($_GET["edit"]);
$_POST["id"] = $note->ID;
$_POST["title"] = $note->Title;
$_POST["text"] = $note->Text;
$_POST["readaccess"] = $note->ReadAccess;
$_POST["writeaccess"] = $note->WriteAccess;
$result = $core->SQL("SELECT id, OpDate, Leader FROM operations_submissions WHERE FIND_IN_SET(id, '" . implode(",", $opids) . "')");
while ($row = mysql_fetch_assoc($result)) {
$id = $row["id"];
$date = date("Y-m-d", strtotime($row["OpDate"]));
$leader = $row["Leader"];
$text = "<p>Following operation submitted by you was rejected by " . $core->CurrentUser()->Name . ".</p>";
$text .= "<p><a href='../plugins/payoutview/index.php?view=" . $id . "'>View Rejected Operation</a></p>";
$text .= "<p><b>REASON:</b><br />" . $_POST["reject"] . "</p>";
$core->SendMail($date . " Operation Rejected", $text, $leader);
}
$core->Goto("index.php");
} else {
$corpcut = $_POST["corpcut"];
$result = $core->SQL("SELECT * FROM operations_params");
while ($row = mysql_fetch_assoc($result)) {
$core->assign($row["Name"], $row["Value"]);
}
// Item prices
$result = $core->SQL("SELECT `id`, `Price` FROM operations_items");
$allitems = array();
while ($row = mysql_fetch_assoc($result)) {
$allitems[$row["id"]] = $row["Price"];
}
// Get selected ops
$result = $core->SQL("SELECT * FROM operations_submissions WHERE FIND_IN_SET(id, '" . implode(",", $opids) . "')");
$payouts = array();
$corptotal = 0;
$playertotal = 0;
while ($row = mysql_fetch_assoc($result)) {
// Total op value
$opvalue = 0;
<?php
require_once '../../core/core.class.php';
$core = new Core();
//Access control
if ($core->CurrentUser()->AccessRight() < 3) {
$core->Goto('../../php/access.php');
}
$action = @$_GET["action"];
$core->assign('result', 0);
if (empty($action)) {
$action = "home";
}
if ($action == "summary") {
$action = "summary";
}
if (isset($_GET["delete"])) {
$action = "delete";
}
if (isset($_GET["result"])) {
$core->assign('result', $_GET["result"]);
}
if ($action == "home") {
$names = $core->GetAllUserNames();
$names[0] = "-";
$result = $core->SQL("SELECT t1.id,t1.Notes,t1.Owner,t1.Date,t1.Priority,t1.Count,t1.IsAlly,t2.Price,t2.AlliancePrice,t1.Manager,t1.Status,t2.EveGraphicID,t2.GroupName,t2.Race,t2.Name FROM production_orders AS t1 INNER JOIN production_items AS t2 ON t1.Item=t2.id WHERE t1.IsDeleted=0 ORDER BY t1.Priority DESC, t1.Date ASC");
$orders = array();
$total = 0;
while ($row = mysql_fetch_assoc($result)) {
$price = $row["IsAlly"] ? $row["AlliancePrice"] : $row["Price"];
$orders[] = array("ID" => $row["id"], "Priority" => PriorityName($row["Priority"]), "Notes" => $core->SQLUnEscape($row["Notes"]), "Owner" => $names[$row["Owner"]], "IsAlly" => $row["IsAlly"], "Manager" => $names[$row["Manager"]], "Status" => StatusName($row["Status"]), "EveGraphicID" => $row["EveGraphicID"], "GroupName" => $core->SQLUnEscape($row["GroupName"]), "Race" => $core->SQLUnEscape($row["Race"]), "Name" => $core->SQLUnEscape($row["Name"]), "Count" => $row["Count"], "Price" => number_format($price, 0), "Cost" => number_format($row["Count"] * $price, 0), "Date" => $core->GMTToLocal($row["Date"]));
<?php
require_once '../../core/core.class.php';
$core = new Core();
//Access control
if ($core->CurrentUser()->AccessRight() < 2) {
$core->Goto('../../php/access.php');
}
$action = @$_GET["action"];
if (empty($action)) {
$action = "home";
}
$names = $core->GetAllUserNames();
$core->assign("names", $names);
if ($action == "times" || @$_POST["submit"] == "Add Player" || substr(@$_POST["submit"], 0, 13) == "Remove Player") {
$result = $core->SQL("SELECT Distinct `GroupID` FROM `operations_items` Order By `GroupID`");
while ($row = mysql_fetch_assoc($result)) {
$var = "group" . $row['GroupID'];
$core->assign($var, @$_POST[$var]);
$groupnumber[$row['GroupID']] = @$_POST["group" . $row['GroupID']];
}
$core->assign("groupnumber", $groupnumber);
$opdate = @$_POST["opdate"];
if (empty($opdate)) {
$opdate = gmdate("Y-m-d");
}
$core->assign("opdate", $opdate);
$count = @$_POST["count"];
$players = array();
if (empty($count)) {
$count = 0;
$action = "resubmit";
}
if ($action == "home") {
$names = $core->GetAllUserNames();
$names[0] = "-";
if ($core->CurrentUser()->IsAlly) {
$result = $core->SQL("SELECT t1.id,t1.Date,t1.Count,t2.AlliancePrice AS Price,t1.Manager,t1.Status,t2.EveGraphicID,t2.GroupName,t2.Race,t2.Name FROM production_orders AS t1 INNER JOIN production_items AS t2 ON t1.Item=t2.id WHERE t1.Owner=" . $core->CurrentUser()->ID . " AND t1.IsDeleted=0 AND t1.Item!=0 AND t2.AlliancePrice!=0 ORDER BY t1.Date DESC LIMIT 50");
} else {
$result = $core->SQL("SELECT t1.id,t1.Date,t1.Count,t2.Price,t1.Manager,t1.Status,t2.EveGraphicID,t2.GroupName,t2.Race,t2.Name FROM production_orders AS t1 INNER JOIN production_items AS t2 ON t1.Item=t2.id WHERE t1.Owner=" . $core->CurrentUser()->ID . " AND t1.IsDeleted=0 AND t1.Item!=0 ORDER BY t1.Date DESC LIMIT 50");
}
$orders = array();
while ($row = mysql_fetch_assoc($result)) {
$orders[] = array("ID" => $row["id"], "Cost" => number_format($row["Count"] * $row["Price"], 0), "Manager" => $names[$row["Manager"]], "Status" => StatusName($row["Status"]), "StatusID" => $row["Status"], "Price" => $row["Price"], "EveGraphicID" => $row["EveGraphicID"], "GroupName" => $core->SQLUnEscape($row["GroupName"]), "Race" => $core->SQLUnEscape($row["Race"]), "Name" => $core->SQLUnEscape($row["Name"]), "Count" => $row["Count"], "Date" => $core->GMTToLocal($row["Date"]));
}
mysql_free_result($result);
$core->assign("orders", $orders);
} elseif ($action == "queue") {
$names = $core->GetAllUserNames();
$names[0] = "-";
$result = $core->SQL("SELECT t1.id,t1.Owner,t1.Date,t1.Count,t1.Manager,t1.Status,t2.EveGraphicID,t2.GroupName,t2.Race,t2.Name FROM production_orders AS t1 INNER JOIN production_items AS t2 ON t1.Item=t2.id WHERE t1.IsDeleted=0 AND t1.Item!=0 ORDER BY t1.Date DESC LIMIT 50");
$orders = array();
while ($row = mysql_fetch_assoc($result)) {
$orders[] = array("ID" => $row["id"], "Owner" => $names[$row["Owner"]], "Manager" => $names[$row["Manager"]], "Status" => StatusName($row["Status"]), "EveGraphicID" => $row["EveGraphicID"], "GroupName" => $core->SQLUnEscape($row["GroupName"]), "Race" => $core->SQLUnEscape($row["Race"]), "Name" => $core->SQLUnEscape($row["Name"]), "Count" => $row["Count"], "Date" => $core->GMTToLocal($row["Date"]));
}
mysql_free_result($result);
$core->assign("orders", $orders);
} elseif ($action == "addship") {
if ($core->CurrentUser()->IsAlly) {
$result = $core->SQL("SELECT id,Name,GroupName,AlliancePrice AS Price FROM production_items WHERE Type=0 AND AlliancePrice!=0 ORDER BY GroupName ASC, Race ASC, Name ASC");
} else {
$result = $core->SQL("SELECT id,Name,GroupName,Price FROM production_items WHERE Type=0 ORDER BY GroupName ASC, Race ASC, Name ASC");
