public function psuedoSend() { global $USER, $LNG, $CONF, $UNI, $SESSION; $newUsername = HTTP::_GP('pseudo', $USER['username'], UTF8_SUPPORT); $SQL = ""; $redirectTo = 'game.php?page=settings'; if (!empty($newUsername) && $USER['username'] != $newUsername) { if (!CheckName($newUsername)) { $this->printMessage($LNG['op_user_name_no_alphanumeric']); } elseif ($USER['uctime'] >= TIMESTAMP - USERNAME_CHANGETIME) { $this->printMessage($LNG['op_change_name_pro_week']); } else { $Count = $GLOBALS['DATABASE']->getFirstCell("SELECT (SELECT COUNT(*) FROM " . USERS . " WHERE `universe` = " . $UNI . " AND `username` = '" . $GLOBALS['DATABASE']->sql_escape($newUsername) . "') + (SELECT COUNT(*) FROM " . USERS_VALID . " WHERE `universe` = " . $UNI . " AND `username` = '" . $GLOBALS['DATABASE']->sql_escape($newUsername) . "')"); if (!empty($Count)) { $this->printMessage(sprintf($LNG['op_change_name_exist'], $newUsername)); } else { $SQL = "UPDATE " . USERS . " SET username = '******'DATABASE']->sql_escape($newUsername) . "', uctime = " . TIMESTAMP . " WHERE id = " . $USER['id'] . ";"; $GLOBALS['DATABASE']->multi_query($SQL); $redirectTo = 'index.php'; $SESSION->DestroySession(); } } } $this->printMessage('<span class="vert">' . $LNG['op_options_changed'] . '</span>'); }
public function getACSPageData($fleetID) { global $USER, $PLANET, $LNG, $UNI; $fleetResult = $GLOBALS['DATABASE']->query("SELECT fleet_start_time, fleet_end_id, fleet_group, fleet_mess \n\t\t\t\t\t\t\t\t\t FROM " . FLEETS . "\n\t\t\t\t\t\t\t\t\t WHERE fleet_id = " . $fleetID . ";"); if ($GLOBALS['DATABASE']->numRows($fleetResult) != 1) { return array(); } $fleetData = $GLOBALS['DATABASE']->fetch_array($fleetResult); $GLOBALS['DATABASE']->free_result($fleetResult); if ($fleetData['fleet_mess'] == 1 || $fleetData['fleet_start_time'] <= TIMESTAMP) { return array(); } if ($fleetData['fleet_group'] == 0) { $acsData = $this->createACS($fleetID, $fleetData); } else { $acsData = $this->loadACS($fleetID, $fleetData); } if (empty($acsData)) { return array(); } $acsName = HTTP::_GP('acsName', '', UTF8_SUPPORT); if (!empty($acsName)) { if (!CheckName($acsName)) { $this->sendJSON($LNG['fl_acs_newname_alphanum']); } $GLOBALS['DATABASE']->query("UPDATE " . AKS . " SET name = '" . $GLOBALS['DATABASE']->sql_escape($acsName) . "' WHERE id = " . $acsData['id'] . ";"); $this->sendJSON(false); } $invitedUsers = array(); $userResult = $GLOBALS['DATABASE']->query("SELECT id, username\n\t\t\t\t\t\t\t\t\t FROM " . USERS_ACS . "\n\t\t\t\t\t\t\t\t\t INNER JOIN " . USERS . " ON userID = id \n\t\t\t\t\t\t\t\t\t WHERE acsID = " . $acsData['id'] . ";"); while ($userRow = $GLOBALS['DATABASE']->fetch_array($userResult)) { $invitedUsers[$userRow['id']] = $userRow['username']; } $GLOBALS['DATABASE']->free_result($userResult); $newUser = HTTP::_GP('username', '', UTF8_SUPPORT); $statusMessage = ""; if (!empty($newUser)) { $newUserID = $GLOBALS['DATABASE']->getFirstCell("SELECT id FROM " . USERS . " WHERE universe = " . $UNI . " AND username = '******'DATABASE']->sql_escape($newUser) . "';"); if (empty($newUserID)) { $statusMessage = $LNG['fl_player'] . " " . $newUser . " " . $LNG['fl_dont_exist']; } elseif (isset($invitedUsers[$newUserID])) { $statusMessage = $LNG['fl_player'] . " " . $newUser . " " . $LNG['fl_already_invited']; } else { $statusMessage = $LNG['fl_player'] . " " . $newUser . " " . $LNG['fl_add_to_attack']; $GLOBALS['DATABASE']->query("INSERT INTO " . USERS_ACS . " SET acsID = " . $acsData['id'] . ", userID = " . $newUserID . ";"); $invitedUsers[$newUserID] = $newUser; $inviteTitle = $LNG['fl_acs_invitation_title']; $inviteMessage = $LNG['fl_player'] . $USER['username'] . $LNG['fl_acs_invitation_message']; SendSimpleMessage($newUserID, $USER['id'], TIMESTAMP, 1, $USER['username'], $inviteTitle, $inviteMessage); } } return array('invitedUsers' => $invitedUsers, 'acsName' => $acsData['name'], 'mainFleetID' => $fleetID, 'statusMessage' => $statusMessage); }
} if (isset($_POST['insert'])) { $name = $_POST['name']; $boat_id = $_POST['boat_id']; // bootnaam if ($boat_id == 0) { $boat = "algemeen"; } else { $query2 = "SELECT Naam from boten WHERE ID={$boat_id};"; $result2 = mysql_query($query2); $row2 = mysql_fetch_assoc($result2); $boat = $row2['Naam']; } // $note = addslashes($_POST['note']); if (!CheckName($name)) { $fail_msg_name = "U dient een geldige voor- en achternaam op te geven. Let op: de apostrof (') wordt niet geaccepteerd."; } if (isset($fail_msg_name)) { $fail = TRUE; } if (!isset($fail)) { $query = "INSERT INTO `schades` (Datum, Naam, Boot_ID, Oms_lang) VALUES ('{$today_db}', '{$name}', '{$boat_id}', '{$note}');"; $result = mysql_query($query); if (!$result) { die("toevoegen klacht mislukt." . mysql_error()); } else { // mail aan matcom $message = $name . " heeft zojuist een schade gemeld betreffende '" . $boat . "'.<br>"; SendEmail("*****@*****.**", "Nieuwe schademelding", $message); // feedback op scherm
} } else { if ($USER[$resource[124]] == 0) { exit($LNG['fl_expedition_tech_required']); } $ActualFleets = $db->uniquequery("SELECT COUNT(*) as state FROM " . FLEETS . " WHERE `fleet_owner` = '" . $_SESSION['id'] . "' AND `fleet_mission` = '15';"); if ($ActualFleets['state'] >= floor(sqrt($USER[$resource[124]]))) { exit($LNG['fl_expedition_fleets_limit']); } } exit('OK'); break; case 'renameplanet': $newname = request_var('newname', '', UTF8_SUPPORT); if (!empty($newname)) { if (!CheckName($newname)) { exit(UTF8_SUPPORT ? $LNG['ov_newname_no_space'] : $LNG['ov_newname_alphanum']); } else { $db->query("UPDATE " . PLANETS . " SET `name` = '" . $db->sql_escape($newname) . "' WHERE `id` = '" . $_SESSION['planet'] . "';"); } } break; case 'deleteplanet': $password = request_var('password', '', true); if (!empty($password)) { $USER = $db->uniquequery("SELECT u.`password`, u.`id_planet`, p.`galaxy`, p.`system`, p.`planet`, p.`planet_type`, p.`id_luna` FROM " . USERS . " as u, " . PLANETS . " as p WHERE p.`id` = '" . $_SESSION['planet'] . "' AND u.`id` = '" . $_SESSION['id'] . "';"); $IfFleets = $db->uniquequery("SELECT COUNT(*) as state FROM " . FLEETS . " WHERE (`fleet_owner` = '" . $_SESSION['id'] . "' AND `fleet_start_galaxy` = '" . $USER['galaxy'] . "' AND `fleet_start_system` = '" . $USER['system'] . "' AND `fleet_start_planet` = '" . $USER['planet'] . "') OR (`fleet_target_owner` = '" . $_SESSION['id'] . "' AND `fleet_end_galaxy` = '" . $USER['galaxy'] . "' AND `fleet_end_system` = '" . $USER['system'] . "' AND `fleet_end_planet` = '" . $USER['planet'] . "');"); if ($IfFleets['state'] > 0) { exit(json_encode(array('mess' => $LNG['ov_abandon_planet_not_possible']))); } elseif ($USER['id_planet'] == $_SESSION['planet']) { exit(json_encode(array('mess' => $LNG['ov_principal_planet_cant_abanone'])));
#!/usr/bin/php <?php require_once "../../conf/cis/Config.php"; require_once "../../lib/cis/Lib.php"; function CheckName($var) { global $tbl_db_info; $Conn = mysql_connect($tbl_db_info[0], $tbl_db_info[1], $tbl_db_info[2]); mysql_select_db($tbl_db_info[3], $Conn); $ret = ""; $uid = intval($var["userid"]); $serv_id = intval($var["serv_id"]); $rolename = mysql_escape_string($var["rolename"]); $qs = "select distinct us_uId from tbl_char c, tbl_char_static cs where cs.cs_uId = c.cs_uId and (c_sName = '{$rolename}' or c_sNameFormer = '{$rolename}')"; $result = mysql_query($qs); while ($row = mysql_fetch_row($result)) { if ($row[0] != $uid) { $ret = "400"; return; } } $ret = "200"; header("Content-type: text/html; charset=utf-8"); header("Content-Length:" . strlen($ret)); print $ret; } CheckName($_GET); ?>
function rename() { global $LNG, $PLANET; $newname = HTTP::_GP('name', '', UTF8_SUPPORT); if (!empty($newname)) { if (!CheckName($newname)) { $this->sendJSON(array('message' => $LNG['ov_newname_specialchar'], 'error' => true)); } else { $GLOBALS['DATABASE']->query("UPDATE " . PLANETS . " SET name = '" . $GLOBALS['DATABASE']->sql_escape($newname) . "' WHERE id = " . $PLANET['id'] . ";"); $this->sendJSON(array('message' => $LNG['ov_newname_done'], 'error' => false)); } } }
private function createAllianceProcessor() { global $USER, $UNI, $LNG; $atag = HTTP::_GP('atag', '', UTF8_SUPPORT); $aname = HTTP::_GP('aname', '', UTF8_SUPPORT); if (empty($atag)) { $this->printMessage('<span class="rouge">' . $LNG['al_tag_required'] . '</span>', true, array("?page=alliance&mode=create", 3)); } if (empty($aname)) { $this->printMessage('<span class="rouge">' . $LNG['al_name_required'] . '</span>', true, array("?page=alliance&mode=create", 3)); } if (!CheckName($aname) || !CheckName($atag)) { $this->printMessage('<span class="rouge">' . $LNG['al_newname_specialchar'] . '</span>', true, array("?page=alliance&mode=create", 3)); } $allianceCount = $GLOBALS['DATABASE']->getFirstCell("SELECT COUNT(*) FROM " . ALLIANCE . " WHERE ally_universe = " . $UNI . " AND (ally_tag = '" . $GLOBALS['DATABASE']->sql_escape($atag) . "' OR ally_name = '" . $GLOBALS['DATABASE']->sql_escape($aname) . "');"); if ($allianceCount != 0) { $this->printMessage('<span class="rouge">' . sprintf($LNG['al_already_exists'], $aname) . '</span>', true, array("?page=alliance&mode=create", 3)); } $GLOBALS['DATABASE']->multi_query("INSERT INTO " . ALLIANCE . " SET\n\t\t\t\t\t\tally_name\t\t\t\t= '" . $GLOBALS['DATABASE']->sql_escape($aname) . "',\n\t\t\t\t\t\tally_tag\t\t\t\t= '" . $GLOBALS['DATABASE']->sql_escape($atag) . "' ,\n\t\t\t\t\t\tally_owner\t\t\t\t= " . $USER['id'] . ",\n\t\t\t\t\t\tally_owner_range\t\t= '" . $LNG['al_default_leader_name'] . "',\n\t\t\t\t\t\tally_members\t\t\t= 1,\n\t\t\t\t\t\tally_register_time\t\t= " . TIMESTAMP . ",\n\t\t\t\t\t\tally_universe \t\t\t= " . $UNI . ";\n\t\t\t\t\t\tSET @allianceID = LAST_INSERT_ID();\n\t\t\t\t\t\tUPDATE " . USERS . " SET\n\t\t\t\t\t\tally_id\t\t\t\t\t= @allianceID,\n\t\t\t\t\t\tally_rank_id\t\t\t= 0,\n\t\t\t\t\t\tally_register_time \t\t= " . TIMESTAMP . "\n\t\t\t\t\t\tWHERE id = " . $USER['id'] . ";\n\t\t\t\t\t\tUPDATE " . STATPOINTS . " SET\n\t\t\t\t\t\tid_ally \t\t\t\t= @allianceID\n\t\t\t\t\t\tWHERE id_owner = " . $USER['id'] . ";"); $this->printMessage('<span class="vert">' . sprintf($LNG['al_created'], $aname . ' [' . $atag . ']') . '</span>', true, array('?page=alliance', 3)); }
}); $app->get('/Login/id/:mid/pw/:pw', function () { $uri = $_SERVER['REQUEST_URI']; $arr_items = split('/', $uri); $pw = $arr_items[count($arr_items) - 1]; $id = $arr_items[count($arr_items) - 3]; //echo $id." ".$pw; Login($id, $pw); }); $app->get('/Check/id/:mid', function () { $uri = $_SERVER['REQUEST_URI']; $arr_items = split('/', $uri); $id = $arr_items[count($arr_items) - 1]; //$id = $arr_items[count($arr_items) - 3]; //echo $id; CheckName($id); }); // POST route $app->post('/post', function () { echo 'This is a POST route'; }); // PUT route $app->put('/put', function () { echo 'This is a PUT route'; }); // PATCH route $app->patch('/patch', function () { echo 'This is a PATCH route'; }); // DELETE route $app->delete('/delete', function () {
function ShowCreatorPage() { global $LNG, $USER, $UNI, $CONF; $template = new template(); switch ($_GET['mode']) { case 'user': $LNG->includeData(array('PUBLIC')); if ($_POST) { $UserName = HTTP::_GP('name', '', UTF8_SUPPORT); $UserPass = HTTP::_GP('password', ''); $UserPass2 = HTTP::_GP('password2', ''); $UserMail = HTTP::_GP('email', ''); $UserMail2 = HTTP::_GP('email2', ''); $UserLang = HTTP::_GP('lang', ''); $UserAuth = HTTP::_GP('authlevel', 0); $Galaxy = HTTP::_GP('galaxy', 0); $System = HTTP::_GP('system', 0); $Planet = HTTP::_GP('planet', 0); $ExistsUser = $GLOBALS['DATABASE']->getFirstCell("SELECT (SELECT COUNT(*) FROM " . USERS . " WHERE universe = " . $_SESSION['adminuni'] . " AND username = '******'DATABASE']->sql_escape($UserName) . "') + (SELECT COUNT(*) FROM " . USERS_VALID . " WHERE universe = " . $_SESSION['adminuni'] . " AND username = '******'DATABASE']->sql_escape($UserName) . "')"); $ExistsMails = $GLOBALS['DATABASE']->getFirstCell("SELECT (SELECT COUNT(*) FROM " . USERS . " WHERE universe = " . $_SESSION['adminuni'] . " AND (email = '" . $GLOBALS['DATABASE']->sql_escape($UserMail) . "' OR email_2 = '" . $GLOBALS['DATABASE']->sql_escape($UserMail) . "')) + (SELECT COUNT(*) FROM " . USERS_VALID . " WHERE universe = " . $_SESSION['adminuni'] . " AND email = '" . $GLOBALS['DATABASE']->sql_escape($UserMail) . "')"); if (!ValidateAddress($UserMail)) { $errors .= $LNG['invalid_mail_adress']; } if (empty($UserName)) { $errors .= $LNG['empty_user_field']; } if (strlen($UserPass) < 6) { $errors .= $LNG['password_lenght_error']; } if ($UserPass != $UserPass2) { $errors .= $LNG['different_passwords']; } if ($UserMail != $UserMail2) { $errors .= $LNG['different_mails']; } if (!CheckName($UserName)) { $errors .= $LNG['user_field_specialchar']; } if ($ExistsUser != 0) { $errors .= $LNG['user_already_exists']; } if ($ExistsMails != 0) { $errors .= $LNG['mail_already_exists']; } if (CheckPlanetIfExist($Galaxy, $System, $Planet, $_SESSION['adminuni'])) { $errors .= $LNG['planet_already_exists']; } if ($Galaxy > Config::get('max_galaxy') || $System > Config::get('max_system') || $Planet > Config::get('max_planets')) { $errors .= $LNG['po_complete_all2']; } if (!empty($errors)) { $template->message($errors, '?page=create&mode=user', 10, true); exit; } $SQL = "INSERT INTO " . USERS . " SET\n\t\t\t\tusername\t\t= '" . $GLOBALS['DATABASE']->sql_escape($UserName) . "',\n\t\t\t\tpassword\t\t= '" . cryptPassword($UserPass) . "',\n\t\t\t\temail\t\t\t= '" . $GLOBALS['DATABASE']->sql_escape($UserMail) . "',\n\t\t\t\temail_2\t\t\t= '" . $GLOBALS['DATABASE']->sql_escape($UserMail) . "',\n\t\t\t\tlang\t\t\t= '" . $GLOBALS['DATABASE']->sql_escape($UserLang) . "',\n\t\t\t\tauthlevel\t\t= " . $UserAuth . ",\n\t\t\t\tip_at_reg\t\t= '" . $_SERVER['REMOTE_ADDR'] . "',\n\t\t\t\tid_planet\t\t= 0,\n\t\t\t\tuniverse\t\t= " . $_SESSION['adminuni'] . ",\n\t\t\t\tonlinetime\t\t= " . TIMESTAMP . ",\n\t\t\t\tregister_time\t= " . TIMESTAMP . ",\n\t\t\t\tdpath\t\t\t= '" . DEFAULT_THEME . "',\n\t\t\t\ttimezone\t\t= '" . Config::get('timezone') . "',\n\t\t\t\tuctime\t\t\t= 0;"; $GLOBALS['DATABASE']->query($SQL); $UserID = $GLOBALS['DATABASE']->GetInsertID(); require_once 'includes/functions/CreateOnePlanetRecord.php'; $PlanerID = CreateOnePlanetRecord($Galaxy, $System, $Planet, $_SESSION['adminuni'], $UserID, $LNG['fcm_planet'], true, $UserAuth); $SQL = "UPDATE " . USERS . " SET \n\t\t\t\tid_planet\t= " . $PlanerID . ",\n\t\t\t\tgalaxy\t\t= " . $Galaxy . ",\n\t\t\t\tsystem\t\t= " . $System . ",\n\t\t\t\tplanet\t\t= " . $Planet . "\n\t\t\t\tWHERE\n\t\t\t\tid\t\t\t= " . $UserID . ";\n\t\t\t\tINSERT INTO " . STATPOINTS . " SET \n\t\t\t\tid_owner\t= " . $UserID . ",\n\t\t\t\tuniverse\t= " . $_SESSION['adminuni'] . ",\n\t\t\t\tstat_type\t= 1,\n\t\t\t\ttech_rank\t= " . (Config::get('users_amount') + 1) . ",\n\t\t\t\tbuild_rank\t= " . (Config::get('users_amount') + 1) . ",\n\t\t\t\tdefs_rank\t= " . (Config::get('users_amount') + 1) . ",\n\t\t\t\tfleet_rank\t= " . (Config::get('users_amount') + 1) . ",\n\t\t\t\ttotal_rank\t= " . (Config::get('users_amount') + 1) . ";"; $GLOBALS['DATABASE']->multi_query($SQL); Config::update(array('users_amount' => Config::get('users_amount') + 1)); $template->message($LNG['new_user_success'], '?page=create&mode=user', 5, true); exit; } $AUTH = array(); $AUTH[AUTH_USR] = $LNG['user_level'][AUTH_USR]; if ($USER['authlevel'] >= AUTH_OPS) { $AUTH[AUTH_OPS] = $LNG['user_level'][AUTH_OPS]; } if ($USER['authlevel'] >= AUTH_MOD) { $AUTH[AUTH_MOD] = $LNG['user_level'][AUTH_MOD]; } if ($USER['authlevel'] >= AUTH_ADM) { $AUTH[AUTH_ADM] = $LNG['user_level'][AUTH_ADM]; } $template->assign_vars(array('admin_auth' => $USER['authlevel'], 'new_add_user' => $LNG['new_add_user'], 'new_creator_refresh' => $LNG['new_creator_refresh'], 'new_creator_go_back' => $LNG['new_creator_go_back'], 'universe' => $LNG['mu_universe'], 'user_reg' => $LNG['user_reg'], 'pass_reg' => $LNG['pass_reg'], 'pass2_reg' => $LNG['pass2_reg'], 'email_reg' => $LNG['email_reg'], 'email2_reg' => $LNG['email2_reg'], 'new_coord' => $LNG['new_coord'], 'new_range' => $LNG['new_range'], 'lang_reg' => $LNG['lang_reg'], 'new_title' => $LNG['new_title'], 'Selector' => array('auth' => $AUTH, 'lang' => $LNG->getAllowedLangs(false)))); $template->show('CreatePageUser.tpl'); break; case 'moon': if ($_POST) { $PlanetID = HTTP::_GP('add_moon', 0); $MoonName = HTTP::_GP('name', '', UTF8_SUPPORT); $Diameter = HTTP::_GP('diameter', 0); $FieldMax = HTTP::_GP('field_max', 0); $MoonPlanet = $GLOBALS['DATABASE']->getFirstRow("SELECT temp_max, temp_min, id_luna, galaxy, system, planet, planet_type, destruyed, id_owner FROM " . PLANETS . " WHERE id = '" . $PlanetID . "' AND universe = '" . $_SESSION['adminuni'] . "' AND planet_type = '1' AND destruyed = '0';"); if (!isset($MoonPlanet)) { $template->message($LNG['mo_planet_doesnt_exist'], '?page=create&mode=moon', 3, true); exit; } require_once 'includes/functions/CreateOneMoonRecord.php'; if (empty($MoonName)) { $MoonName = $LNG['type_planet'][3]; } if (CreateOneMoonRecord($MoonPlanet['galaxy'], $MoonPlanet['system'], $MoonPlanet['planet'], $_SESSION['adminuni'], $MoonPlanet['id_owner'], $MoonName, 20, TIMESTAMP, $_POST['diameter_check'] == 'on' ? 0 : $Diameter) !== false) { $template->message($LNG['mo_moon_added'], '?page=create&mode=moon', 3, true); } else { $template->message($LNG['mo_moon_unavaible'], '?page=create&mode=moon', 3, true); } exit; } $template->assign_vars(array('admin_auth' => $USER['authlevel'], 'universum' => $LNG['mu_universe'], 'po_add_moon' => $LNG['po_add_moon'], 'input_id_planet' => $LNG['input_id_planet'], 'mo_moon_name' => $LNG['mo_moon_name'], 'mo_diameter' => $LNG['mo_diameter'], 'mo_temperature' => $LNG['mo_temperature'], 'mo_fields_avaibles' => $LNG['mo_fields_avaibles'], 'button_add' => $LNG['button_add'], 'new_creator_refresh' => $LNG['new_creator_refresh'], 'mo_moon' => $LNG['fcm_moon'], 'new_creator_go_back' => $LNG['new_creator_go_back'])); $template->show('CreatePageMoon.tpl'); break; case 'planet': if ($_POST) { $id = HTTP::_GP('id', 0); $Galaxy = HTTP::_GP('galaxy', 0); $System = HTTP::_GP('system', 0); $Planet = HTTP::_GP('planet', 0); $name = HTTP::_GP('name', '', UTF8_SUPPORT); $field_max = HTTP::_GP('field_max', 0); if ($Galaxy > Config::get('max_galaxy') || $System > Config::get('max_system') || $Planet > Config::get('max_planets')) { $template->message($LNG['po_complete_all2'], '?page=create&mode=planet', 3, true); exit; } $ISUser = $GLOBALS['DATABASE']->getFirstRow("SELECT id, authlevel FROM " . USERS . " WHERE id = '" . $id . "' AND universe = '" . $_SESSION['adminuni'] . "';"); if (CheckPlanetIfExist($Galaxy, $System, $Planet, $_SESSION['adminuni']) || !isset($ISUser)) { $template->message($LNG['po_complete_all'], '?page=create&mode=planet', 3, true); exit; } require_once 'includes/functions/CreateOnePlanetRecord.php'; CreateOnePlanetRecord($Galaxy, $System, $Planet, $_SESSION['adminuni'], $id, '', '', false); $SQL = "UPDATE " . PLANETS . " SET "; if ($_POST['diameter_check'] != 'on' || $field_max > 0) { $SQL .= "field_max = '" . $field_max . "' "; } if (!empty($name)) { $SQL .= ", name = '" . $GLOBALS['DATABASE']->sql_escape($name) . "' "; } $SQL .= "WHERE "; $SQL .= "universe = '" . $_SESSION['adminuni'] . "' AND "; $SQL .= "galaxy = '" . $Galaxy . "' AND "; $SQL .= "system = '" . $System . "' AND "; $SQL .= "planet = '" . $Planet . "' AND "; $SQL .= "planet_type = '1'"; $GLOBALS['DATABASE']->query($SQL); $template->message($LNG['po_complete_succes'], '?page=create&mode=planet', 3, true); exit; } $Query = $GLOBALS['DATABASE']->query("SELECT uni, game_name FROM " . CONFIG . " ORDER BY uni ASC;"); while ($Unis = $GLOBALS['DATABASE']->fetch_array($Query)) { $AvailableUnis[$Unis['uni']] = $Unis; } $template->assign_vars(array('AvailableUnis' => $AvailableUnis, 'admin_auth' => $USER['authlevel'], 'universum' => $LNG['mu_universe'], 'po_add_planet' => $LNG['po_add_planet'], 'po_galaxy' => $LNG['po_galaxy'], 'po_system' => $LNG['po_system'], 'po_planet' => $LNG['po_planet'], 'input_id_user' => $LNG['input_id_user'], 'new_creator_coor' => $LNG['new_creator_coor'], 'po_name_planet' => $LNG['po_name_planet'], 'po_fields_max' => $LNG['po_fields_max'], 'button_add' => $LNG['button_add'], 'po_colony' => $LNG['fcp_colony'], 'new_creator_refresh' => $LNG['new_creator_refresh'], 'new_creator_go_back' => $LNG['new_creator_go_back'])); $template->show('CreatePagePlanet.tpl'); break; default: $template->assign_vars(array('new_creator_title_u' => $LNG['new_creator_title_u'], 'new_creator_title_p' => $LNG['new_creator_title_p'], 'new_creator_title_l' => $LNG['new_creator_title_l'], 'new_creator_title' => $LNG['new_creator_title'])); $template->show('CreatePage.tpl'); break; } }
if (empty($UserPlanet)) { $errors .= $LNG['empty_planet_field']; } if (!isset($UserPass[5])) { $errors .= $LNG['password_lenght_error']; } if ($UserPass != $UserPass2) { $errors .= $LNG['different_passwords']; } if ($UserEmail != $UserEmail2) { $errors .= $LNG['different_mails']; } if (!CheckName($UserName)) { $errors .= UTF8_SUPPORT ? $LNG['user_field_no_space'] : $LNG['user_field_no_alphanumeric']; } if (!CheckName($UserPlanet)) { $errors .= UTF8_SUPPORT ? $LNG['planet_field_no_space'] : $LNG['planet_field_no_alphanumeric']; } if ($agbrules != 'on') { $errors .= $LNG['terms_and_conditions']; } if (isset($Exist['userv']['username']) || isset($Exist['valid']['username']) && ($UserName == $Exist['userv']['username'] || $UserName == $Exist['valid']['username'])) { $errors .= $LNG['user_already_exists']; } if ((isset($Exist['userv']['email']) || isset($Exist['valid']['email'])) && ($UserEmail == $Exist['userv']['email'] || $UserEmail == $Exist['valid']['email'])) { $errors .= $LNG['mail_already_exists']; } if (!empty($errors)) { $template->message($errors, '?page=reg&lang=' . $LANG, 3, true); exit; }
public function __construct() { global $USER, $PLANET, $CONF, $LNG, $LANG, $UNI, $db, $SESSION, $THEME; $mode = request_var('mode', ''); $exit = request_var('exit_modus', ''); $db_deaktjava = request_var('db_deaktjava', ''); $PlanetRess = new ResourceUpdate(); $PlanetRess->CalcResource(); $PlanetRess->SavePlanetToDB(); $template = new template(); $SQLQuery = ""; switch ($mode) { case "exit": if ($exit == 'on' and $USER['urlaubs_until'] <= TIMESTAMP) { $SQLQuery .= "UPDATE " . USERS . " SET `urlaubs_modus` = '0', `urlaubs_until` = '0' WHERE `id` = '" . $USER['id'] . "' LIMIT 1;UPDATE " . PLANETS . " SET `last_update` = '" . TIMESTAMP . "', `energy_used` = '10', `energy_max` = '10', `metal_mine_porcent` = '10', `crystal_mine_porcent` = '10', `deuterium_sintetizer_porcent` = '10', `solar_plant_porcent` = '10', `fusion_plant_porcent` = '10', `solar_satelit_porcent` = '10' WHERE `id_owner` = '" . $USER["id"] . "';"; } $SQLQuery .= $db_deaktjava == 'on' ? "UPDATE " . USERS . " SET `db_deaktjava` = '" . TIMESTAMP . "' WHERE `id` = '" . $USER['id'] . "' LIMIT 1;" : "UPDATE " . USERS . " SET `db_deaktjava` = '0' WHERE `id` = '" . $USER['id'] . "' LIMIT 1;"; $db->multi_query($SQLQuery); $template->message($LNG['op_options_changed'], '?page=options', 1); break; case "change": $design = request_var('design', ''); $noipcheck = request_var('noipcheck', ''); $USERname = request_var('db_character', $USER['username'], UTF8_SUPPORT); $db_email = request_var('db_email', $USER['email']); $spio_anz = max(request_var('spio_anz', 5), 1); $settings_tooltiptime = request_var('settings_tooltiptime', 1); $settings_fleetactions = max(request_var('settings_fleetactions', 1), 1); $settings_planetmenu = request_var('settings_planetmenu', ''); $settings_esp = request_var('settings_esp', ''); $settings_wri = request_var('settings_wri', ''); $settings_bud = request_var('settings_bud', ''); $settings_mis = request_var('settings_mis', ''); $settings_rep = request_var('settings_rep', ''); $settings_tnstor = request_var('settings_tnstor', ''); $urlaubs_modus = request_var('urlaubs_modus', ''); $SetSort = request_var('settings_sort', 0); $SetOrder = request_var('settings_order', 0); $db_password = request_var('db_password', ''); $newpass1 = request_var('newpass1', ''); $newpass2 = request_var('newpass2', ''); $hof = request_var('hof', ''); $adm_pl_prot = request_var('adm_pl_prot', ''); $langs = request_var('langs', $LANG->getUser()); $dpath = request_var('dpath', $THEME->getThemeName()); $design = $design == 'on' ? 1 : 0; $hof = $hof == 'on' ? 1 : 0; $noipcheck = $noipcheck == 'on' ? 1 : 0; $settings_esp = $settings_esp == 'on' ? 1 : 0; $settings_wri = $settings_wri == 'on' ? 1 : 0; $settings_bud = $settings_bud == 'on' ? 1 : 0; $settings_mis = $settings_mis == 'on' ? 1 : 0; $settings_rep = $settings_rep == 'on' ? 1 : 0; $settings_tnstor = $settings_tnstor == 'on' ? 1 : 0; $settings_planetmenu = $settings_planetmenu == 'on' ? 1 : 0; $db_deaktjava = $db_deaktjava == 'on' ? TIMESTAMP : 0; $langs = in_array($langs, $LANG->getAllowedLangs()) ? $langs : $LANG->getUser(); $dpath = in_array($dpath, Theme::getAvalibleSkins()) ? $dpath : $THEME->getThemeName(); if ($urlaubs_modus == 'on') { if (!$this->CheckVMode()) { $template->message($LNG['op_cant_activate_vacation_mode'], '?page=options', 3); exit; } $SQLQuery .= "UPDATE " . USERS . " SET \r\n\t\t\t\t\t\t\t\t\t`urlaubs_modus` = '1',\r\n\t\t\t\t\t\t\t\t\t`urlaubs_until` = '" . (TIMESTAMP + VACATION_MIN_TIME) . "'\r\n\t\t\t\t\t\t\t\t\tWHERE `id` = '" . $USER["id"] . "';\r\n\t\t\t\t\t\t\t\t\tUPDATE " . PLANETS . " SET\r\n\t\t\t\t\t\t\t\t\t`energy_used` = '0',\r\n\t\t\t\t\t\t\t\t\t`energy_max` = '0',\r\n\t\t\t\t\t\t\t\t\t`metal_mine_porcent` = '0',\r\n\t\t\t\t\t\t\t\t\t`crystal_mine_porcent` = '0',\r\n\t\t\t\t\t\t\t\t\t`deuterium_sintetizer_porcent` = '0',\r\n\t\t\t\t\t\t\t\t\t`solar_plant_porcent` = '0',\r\n\t\t\t\t\t\t\t\t\t`fusion_plant_porcent` = '0',\r\n\t\t\t\t\t\t\t\t\t`solar_satelit_porcent` = '0',\r\n\t\t\t\t\t\t\t\t\t`metal_perhour` = '0',\r\n `crystal_perhour` = '0',\r\n `deuterium_perhour` = '0'\r\n WHERE `id_owner` = '" . $USER["id"] . "';"; } $SQLQuery .= "UPDATE " . USERS . " SET\r\n\t\t\t\t\t\t\t\t`dpath` = '" . $db->sql_escape($dpath) . "',\r\n\t\t\t\t\t\t\t\t`design` = '" . $design . "',\r\n\t\t\t\t\t\t\t\t`noipcheck` = '" . $noipcheck . "',\r\n\t\t\t\t\t\t\t\t`planet_sort` = '" . $SetSort . "',\r\n\t\t\t\t\t\t\t\t`planet_sort_order` = '" . $SetOrder . "',\r\n\t\t\t\t\t\t\t\t`spio_anz` = '" . $spio_anz . "',\r\n\t\t\t\t\t\t\t\t`settings_tooltiptime` = '" . $settings_tooltiptime . "',\r\n\t\t\t\t\t\t\t\t`settings_fleetactions` = '" . $settings_fleetactions . "',\r\n\t\t\t\t\t\t\t\t`settings_planetmenu` = '" . $settings_planetmenu . "',\r\n\t\t\t\t\t\t\t\t`settings_esp` = '" . $settings_esp . "',\r\n\t\t\t\t\t\t\t\t`settings_wri` = '" . $settings_wri . "',\r\n\t\t\t\t\t\t\t\t`settings_bud` = '" . $settings_bud . "',\r\n\t\t\t\t\t\t\t\t`settings_mis` = '" . $settings_mis . "',\r\n\t\t\t\t\t\t\t\t`settings_tnstor` = '" . $settings_tnstor . "',\r\n\t\t\t\t\t\t\t\t`db_deaktjava` = '" . $db_deaktjava . "',\r\n\t\t\t\t\t\t\t\t`lang` = '" . $langs . "',\r\n\t\t\t\t\t\t\t\t`hof` = '" . $hof . "',\r\n\t\t\t\t\t\t\t\t`settings_rep` = '" . $settings_rep . "' \r\n\t\t\t\t\t\t\t\tWHERE `id` = '" . $USER["id"] . "';"; if ($USER['authlevel'] > 0) { $SQLQuery .= $adm_pl_prot == 'on' ? "UPDATE " . PLANETS . " SET `id_level` = '" . $USER['authlevel'] . "' WHERE `id_owner` = '" . $USER['id'] . "';" : "UPDATE " . PLANETS . " SET `id_level` = '0' WHERE `id_owner` = '" . $USER['id'] . "';"; } if (!empty($db_email) && $db_email != $USER['email'] && md5($db_password) == $USER['password']) { if (!ValidateAddress($db_email)) { $template->message($LNG['op_not_vaild_mail'], '?page=options', 3); exit; } $query = $db->uniquequery("SELECT id FROM " . USERS . " WHERE email = '" . $db->sql_escape($db_email) . "' OR email_2 = '" . $db->sql_escape($db_email) . "';"); if (!empty($query)) { $template->message(sprintf($LNG['op_change_mail_exist'], $db_email), '?page=options', 3); exit; } $SQLQuery .= "UPDATE " . USERS . " SET `email` = '" . $db->sql_escape($db_email) . "', `setmail` = '" . (TIMESTAMP + 604800) . "' WHERE `id` = '" . $USER['id'] . "';"; } if (!empty($newpass1) && md5($db_password) == $USER["password"] && $newpass1 == $newpass2) { $newpass = md5($newpass1); $SQLQuery .= "UPDATE " . USERS . " SET `password` = '" . $newpass . "' WHERE `id` = '" . $USER['id'] . "';"; $SESSION->DestroySession(); $template->message($LNG['op_password_changed'], "index.php", 3); } elseif ($USER['username'] != $USERname) { if (!CheckName($USERname)) { $template->message($LNG['op_user_name_no_alphanumeric'], '?page=options', 3); } elseif ($USER['uctime'] >= TIMESTAMP - 60 * 60 * 24 * 7) { $template->message($LNG['op_change_name_pro_week'], '?page=options', 3); } else { $query = $db->uniquequery("SELECT id FROM " . USERS . " WHERE username='******';"); if (!empty($query)) { $template->message(sprintf($LNG['op_change_name_exist'], $USERname), '?page=options', 3); } else { require ROOT_PATH . 'includes/classes/class.Records.php'; $Records = new records(); $RecordsArray = $Records->RenameRecordOwner($USER['username'], $USERname, $UNI); $SQLQuery .= "UPDATE " . USERS . " SET `username` = '" . $db->sql_escape($USERname) . "', `uctime` = '" . TIMESTAMP . "' WHERE `id`= '" . $USER['id'] . "';"; $SESSION->DestroySession(); $template->message($LNG['op_username_changed'], 'index.php', 3); } } } else { $template->message($LNG['op_options_changed'], '?page=options', 3); } $db->multi_query($SQLQuery); break; default: if ($USER['urlaubs_modus'] == 1) { $template->assign_vars(array('vacation_until' => date(TDFORMAT, $USER['urlaubs_until']), 'op_save_changes' => $LNG['op_save_changes'], 'op_end_vacation_mode' => $LNG['op_end_vacation_mode'], 'op_vacation_mode_active_message' => $LNG['op_vacation_mode_active_message'], 'op_dlte_account_descrip' => $LNG['op_dlte_account_descrip'], 'op_dlte_account' => $LNG['op_dlte_account'], 'opt_delac_data' => $USER['db_deaktjava'], 'is_deak_vacation' => $USER['urlaubs_until'] <= TIMESTAMP ? true : false)); $template->show("options_overview_vmode.tpl"); } else { $template->assign_vars(array('opt_usern_data' => $USER['username'], 'opt_mail1_data' => $USER['email'], 'opt_mail2_data' => $USER['email_2'], 'opt_dpath_data' => $USER['dpath'], 'opt_dpath_data_sel' => substr($USER['dpath'], 13, -1), 'opt_probe_data' => $USER['spio_anz'], 'opt_toolt_data' => $USER['settings_tooltiptime'], 'opt_fleet_data' => $USER['settings_fleetactions'], 'opt_sskin_data' => $USER['design'], 'opt_noipc_data' => $USER['noipcheck'], 'opt_allyl_data' => $USER['settings_planetmenu'], 'opt_delac_data' => $USER['db_deaktjava'], 'opt_stor_data' => $USER['settings_tnstor'], 'user_settings_rep' => $USER['settings_rep'], 'user_settings_esp' => $USER['settings_esp'], 'user_settings_wri' => $USER['settings_wri'], 'user_settings_mis' => $USER['settings_mis'], 'user_settings_bud' => $USER['settings_bud'], 'opt_hof' => $USER['hof'], 'langs' => $USER['lang'], 'adm_pl_prot_data' => $PLANET['id_level'], 'user_authlevel' => $USER['authlevel'], 'Selectors' => array('Sort' => array(0 => $LNG['op_sort_normal'], 1 => $LNG['op_sort_koords'], 2 => $LNG['op_sort_abc']), 'SortUpDown' => array(0 => $LNG['op_sort_up'], 1 => $LNG['op_sort_down']), 'Skins' => Theme::getAvalibleSkins(), 'lang' => $LANG->getAllowedLangs(false)), 'planet_sort' => $USER['planet_sort'], 'planet_sort_order' => $USER['planet_sort_order'], 'uctime' => TIMESTAMP - $USER['uctime'] >= 60 * 60 * 24 * 7 ? true : false, 'op_admin_planets_protection' => $LNG['op_admin_planets_protection'], 'op_admin_title_options' => $LNG['op_admin_title_options'], 'op_user_data' => $LNG['op_user_data'], 'op_username' => $LNG['op_username'], 'op_old_pass' => $LNG['op_old_pass'], 'op_new_pass' => $LNG['op_new_pass'], 'op_repeat_new_pass' => $LNG['op_repeat_new_pass'], 'op_email_adress_descrip' => $LNG['op_email_adress_descrip'], 'op_email_adress' => $LNG['op_email_adress'], 'op_permanent_email_adress' => $LNG['op_permanent_email_adress'], 'op_general_settings' => $LNG['op_general_settings'], 'op_lang' => $LNG['op_lang'], 'op_sort_planets_by' => $LNG['op_sort_planets_by'], 'op_sort_kind' => $LNG['op_sort_kind'], 'op_skin_example' => $LNG['op_skin_example'], 'op_show_skin' => $LNG['op_show_skin'], 'op_active_build_messages' => $LNG['op_active_build_messages'], 'op_deactivate_ipcheck_descrip' => $LNG['op_deactivate_ipcheck_descrip'], 'op_deactivate_ipcheck' => $LNG['op_deactivate_ipcheck'], 'op_galaxy_settings' => $LNG['op_galaxy_settings'], 'op_spy_probes_number_descrip' => $LNG['op_spy_probes_number_descrip'], 'op_spy_probes_number' => $LNG['op_spy_probes_number'], 'op_seconds' => $LNG['op_seconds'], 'op_toolt_data' => $LNG['op_toolt_data'], 'op_max_fleets_messages' => $LNG['op_max_fleets_messages'], 'op_show_planetmenu' => $LNG['op_show_planetmenu'], 'op_shortcut' => $LNG['op_shortcut'], 'op_show' => $LNG['op_show'], 'op_spy' => $LNG['op_spy'], 'op_write_message' => $LNG['op_write_message'], 'op_add_to_buddy_list' => $LNG['op_add_to_buddy_list'], 'op_missile_attack' => $LNG['op_missile_attack'], 'op_send_report' => $LNG['op_send_report'], 'op_vacation_delete_mode' => $LNG['op_vacation_delete_mode'], 'op_activate_vacation_mode_descrip' => $LNG['op_activate_vacation_mode_descrip'], 'op_activate_vacation_mode' => $LNG['op_activate_vacation_mode'], 'op_dlte_account_descrip' => $LNG['op_dlte_account_descrip'], 'op_dlte_account' => $LNG['op_dlte_account'], 'op_save_changes' => $LNG['op_save_changes'], 'op_small_storage' => $LNG['op_small_storage'])); $template->show("options_overview.tpl"); } break; } }
function ShowCreatorPage() { global $LNG, $db, $USER; $template = new template(); $template->page_header(); switch ($_GET['mode']) { case 'user': includeLang('PUBLIC'); if ($_POST) { $UserName = request_var('name', '', UTF8_SUPPORT); $UserPass = request_var('password', ''); $UserPass2 = request_var('password2', ''); $UserMail = request_var('email', ''); $UserMail2 = request_var('email2', ''); $UserLang = request_var('lang', ''); $UserAuth = request_var('authlevel', 0); $Galaxy = request_var('galaxy', 0); $System = request_var('system', 0); $Planet = request_var('planet', 0); if ($CONF['capaktiv'] === '1') { require_once 'includes/libs/reCAPTCHA/recaptchalib.php'; $resp = recaptcha_check_answer($CONF['capprivate'], $_SERVER['REMOTE_ADDR'], request_var('recaptcha_challenge_field', ''), request_var('recaptcha_response_field', '')); if (!$resp->is_valid) { $errorlist .= $LNG['wrong_captcha']; } } $Exist['userv'] = $db->uniquequery("SELECT username, email FROM " . USERS . " WHERE username = '******' OR email = '" . $db->sql_escape($UserEmail) . "';"); $Exist['vaild'] = $db->uniquequery("SELECT username, email FROM " . USERS_VALID . " WHERE username = '******' OR email = '" . $db->sql_escape($UserEmail) . "';"); if (!ValidateAddress($UserMail)) { $errors .= $LNG['invalid_mail_adress']; } if (empty($UserName)) { $errors .= $LNG['empty_user_field']; } if (strlen($UserPass) < 6) { $errors .= $LNG['password_lenght_error']; } if ($UserPass != $UserPass2) { $errors .= $LNG['different_passwords']; } if ($UserMail != $UserMail2) { $errors .= $LNG['different_mails']; } if (!CheckName($UserName)) { $errors .= UTF8_SUPPORT ? $LNG['user_field_no_space'] : $LNG['user_field_no_alphanumeric']; } if (isset($Exist['userv']['username']) || isset($Exist['vaild']['username']) && ($UserName == $Exist['userv']['username'] || $UserName == $Exist['vaild']['username'])) { $errors .= $LNG['user_already_exists']; } if ((isset($Exist['userv']['email']) || isset($Exist['vaild']['email'])) && ($UserEmail == $Exist['userv']['email'] || $UserEmail == $Exist['vaild']['email'])) { $errors .= $LNG['mail_already_exists']; } if (CheckPlanetIfExist($Galaxy, $System, $Position)) { $errors .= $LNG['planet_already_exists']; } if (!empty($errors)) { $template->message($errors, '?page=create&mode=user', 3, true); exit; } $SQL = "INSERT INTO " . USERS . " SET "; $SQL .= "`username` = '" . $db->sql_escape($UserName) . "', "; $SQL .= "`email` = '" . $db->sql_escape($UserMail) . "', "; $SQL .= "`email_2` = '" . $db->sql_escape($UserMail) . "', "; $SQL .= "`lang` = '" . $db->sql_escape($UserLang) . "', "; $SQL .= "`authlevel` = '" . $UserAuth . "', "; $SQL .= "`ip_at_reg` = '" . $_SERVER['REMOTE_ADDR'] . "', "; $SQL .= "`id_planet` = '0', "; $SQL .= "`onlinetime` = '" . TIMESTAMP . "', "; $SQL .= "`register_time` = '" . TIMESTAMP . "', "; $SQL .= "`password` = '" . md5($UserPass) . "', "; $SQL .= "`dpath` = '" . DEFAULT_SKINPATH . "', "; $SQL .= "`uctime`= '0';"; $db->query($SQL); $db->query("UPDATE " . CONFIG . " SET `config_value` = config_value + '1' WHERE `config_name` = 'users_amount';"); $ID_USER = $db->uniquequery("SELECT `id` FROM " . USERS . " WHERE `username` = '" . $db->sql_escape($UserName) . "';"); require_once ROOT_PATH . 'includes/functions/CreateOnePlanetRecord.' . PHP_EXT; CreateOnePlanetRecord($Galaxy, $System, $Planet, $ID_USER['id'], $UserPlanet, true, $UserAuth); $ID_PLANET = $db->uniquequery("SELECT `id` FROM " . PLANETS . " WHERE `id_owner` = '" . $ID_USER['id'] . "';"); $SQL = "UPDATE " . USERS . " SET "; $SQL .= "`id_planet` = '" . $ID_PLANET['id'] . "', "; $SQL .= "`galaxy` = '" . $Galaxy . "', "; $SQL .= "`system` = '" . $System . "', "; $SQL .= "`planet` = '" . $Planet . "' "; $SQL .= "WHERE "; $SQL .= "`id` = '" . $ID_USER['id'] . "' "; $SQL .= "LIMIT 1;"; $db->query($SQL); $template->message($LNG['new_user_success'], '?page=create&mode=user', 3, true); exit; } $AUTH[0] = $LNG['user_level'][0]; if ($USER['authlevel'] >= AUTH_OPS) { $AUTH[AUTH_OPS] = $LNG['user_level'][AUTH_OPS]; } if ($USER['authlevel'] >= AUTH_MOD) { $AUTH[AUTH_MOD] = $LNG['user_level'][AUTH_MOD]; } if ($USER['authlevel'] >= AUTH_ADM) { $AUTH[AUTH_ADM] = $LNG['user_level'][AUTH_ADM]; } $template->assign_vars(array('new_add_user' => $LNG['new_add_user'], 'new_creator_refresh' => $LNG['new_creator_refresh'], 'new_creator_go_back' => $LNG['new_creator_go_back'], 'user_reg' => $LNG['user_reg'], 'pass_reg' => $LNG['pass_reg'], 'pass2_reg' => $LNG['pass2_reg'], 'email_reg' => $LNG['email_reg'], 'email2_reg' => $LNG['email2_reg'], 'new_coord' => $LNG['new_coord'], 'new_range' => $LNG['new_range'], 'new_title' => $LNG['new_title'], 'Selector' => $AUTH)); $template->show('adm/CreatePageUser.tpl'); break; case 'moon': if ($_POST) { $PlanetID = request_var('add_moon', 0); $MoonName = request_var('name', '', UTF8_SUPPORT); $Diameter = request_var('diameter', 0); $FieldMax = request_var('field_max', 0); $MoonPlanet = $db->uniquequery("SELECT `temp_max`, `temp_min`, `id_luna`, `galaxy`, `system`, `planet`, `planet_type`, `destruyed`, `id_level`, `id_owner` FROM " . PLANETS . " WHERE `id` = '" . $PlanetID . "' AND `planet_type` = '1' AND `destruyed` = '0';"); if (!isset($MoonPlanet)) { $template->message($LNG['mo_planet_doesnt_exist'], '?page=create&mode=moon', 3, true); exit; } require_once ROOT_PATH . 'includes/functions/CreateOneMoonRecord.' . PHP_EXT; if (CreateOneMoonRecord($MoonPlanet['galaxy'], $MoonPlanet['system'], $MoonPlanet['planet'], $MoonPlanet['id_owner'], 0, $MoonName, 20, $_POST['diameter_check'] == 'on' ? 0 : $Diameter) !== false) { $template->message($LNG['mo_moon_added'], '?page=create&mode=moon', 3, true); } else { $template->message($LNG['mo_moon_unavaible'], '?page=create&mode=moon', 3, true); } exit; } $template->assign_vars(array('po_add_moon' => $LNG['po_add_moon'], 'input_id_planet' => $LNG['input_id_planet'], 'mo_moon_name' => $LNG['mo_moon_name'], 'mo_diameter' => $LNG['mo_diameter'], 'mo_temperature' => $LNG['mo_temperature'], 'mo_fields_avaibles' => $LNG['mo_fields_avaibles'], 'button_add' => $LNG['button_add'], 'new_creator_refresh' => $LNG['new_creator_refresh'], 'mo_moon' => $LNG['fcm_moon'], 'new_creator_go_back' => $LNG['new_creator_go_back'])); $template->show('adm/CreatePageMoon.tpl'); break; case 'planet': if ($_POST) { $id = request_var('id', 0); $Galaxy = request_var('galaxy', 0); $System = request_var('system', 0); $Planet = request_var('planet', 0); $name = request_var('name', '', UTF8_SUPPORT); $field_max = request_var('field_max', 0); $ISUser = $db->uniquequery("SELECT id, authlevel FROM " . USERS . " WHERE `id` = '" . $id . "';"); if (CheckPlanetIfExist($Galaxy, $System, $Planet) || !isset($ISUser)) { $template->message($LNG['po_complete_all'], '?page=create&mode=planet', 3, true); exit; } require_once ROOT_PATH . 'includes/functions/CreateOnePlanetRecord.' . PHP_EXT; CreateOnePlanetRecord($Galaxy, $System, $Planet, $id, '', '', false); $SQL = "UPDATE " . PLANETS . " SET "; if ($_POST['diameter_check'] != 'on' || $field_max > 0) { $SQL .= "`field_max` = '" . $field_max . "', "; } if (!empty($name)) { $SQL .= "`name` = '" . $db->sql_escape($name) . "', "; } $SQL .= "`id_level` = '" . $ISUser['authlevel'] . "' "; $SQL .= "WHERE "; $SQL .= "`galaxy` = '" . $Galaxy . "' AND "; $SQL .= "`system` = '" . $System . "' AND "; $SQL .= "`planet` = '" . $Planet . "' AND "; $SQL .= "`planet_type` = '1'"; $db->query($SQL); $template->message($LNG['po_complete_succes'], '?page=create&mode=planet', 3, true); exit; } $template->assign_vars(array('po_add_planet' => $LNG['po_add_planet'], 'po_galaxy' => $LNG['po_galaxy'], 'po_system' => $LNG['po_system'], 'po_planet' => $LNG['po_planet'], 'input_id_user' => $LNG['input_id_user'], 'new_creator_coor' => $LNG['new_creator_coor'], 'po_name_planet' => $LNG['po_name_planet'], 'po_fields_max' => $LNG['po_fields_max'], 'button_add' => $LNG['button_add'], 'po_colony' => $LNG['fcp_colony'], 'new_creator_refresh' => $LNG['new_creator_refresh'], 'new_creator_go_back' => $LNG['new_creator_go_back'])); $template->show('adm/CreatePagePlanet.tpl'); break; default: $template->assign_vars(array('new_creator_title_u' => $LNG['new_creator_title_u'], 'new_creator_title_p' => $LNG['new_creator_title_p'], 'new_creator_title_l' => $LNG['new_creator_title_l'], 'new_creator_title' => $LNG['new_creator_title'])); $template->show('adm/CreatePage.tpl'); break; } }
function makeReservation($id, $boat_id, $name, $team_name, $email, $mpb, $date, $start_time_hrs, $start_time_mins, $end_time_hrs, $end_time_mins, $ergo_lo = 0, $ergo_hi = 0) { global $database_host; global $database_user; global $database_pass; global $database; global $opzoektabel; global $koudwaterprotocol; global $today_db; global $thehour; global $theminute; global $themonth; $NR_OF_CONCEPTS = 8; // LET OP: aanpassen als het aantal Concept-ergo's verandert! (ivm blokinschrijving) $bisdblink = mysql_connect($database_host, $database_user, $database_pass); if (!mysql_select_db($database, $bisdblink)) { $messages[] = "Fout: database niet gevonden."; $returnArray = array("success" => false, "messages" => $messages); return $returnArray; } $messages = array(); // check persoonsnaam if (!CheckName($name)) { $messages[] = "• U dient een geldige voor- en achternaam op te geven. Let op: de apostrof (') wordt niet geaccepteerd."; } // email is niet verplicht, maar moet wel correct zijn if ($email && !CheckEmail($email)) { $messages[] = "• U dient een geldig e-mailadres op te geven."; } // check date $date_db = 0; if (!$date || !CheckTheDate($date) || $mpb != "Societeit" && !InRange($date, 10)) { $messages[] = "• U dient een (geldige) inschrijfdatum op te geven, van vandaag tot over maximaal 10 dagen."; } else { $date_db = DateToDBdate($date); if (strtotime($date_db) < strtotime($today_db)) { $messages[] = "Een inschrijving kan niet in het verleden plaatsvinden."; } } // check time if (!is_numeric($start_time_hrs) || $start_time_hrs < 6 || $start_time_hrs > 23) { $messages[] = "Ongeldig start-uur."; } if (!is_numeric($end_time_hrs) || $end_time_hrs < 6 || $end_time_hrs > 23) { $messages[] = "Ongeldig eind-uur."; } if ($start_time_mins != "00" && $start_time_mins != "0" && $start_time_mins != "15" && $start_time_mins != "30" && $start_time_mins != "45") { $messages[] = "Ongeldige start-minuten."; } if ($end_time_mins != "00" && $end_time_mins != "0" && $end_time_mins != "15" && $end_time_mins != "30" && $end_time_mins != "45") { $messages[] = "Ongeldige eind-minuten."; } $start_time = $start_time_hrs . ":" . $start_time_mins; $end_time = $end_time_hrs . ":" . $end_time_mins; $duration = ($end_time_hrs - $start_time_hrs) * 60 + ($end_time_mins - $start_time_mins); if ($duration <= 0) { $messages[] = "De eindtijd van een inschrijving dient later dan de begintijd te zijn."; } if ($date_db == $today_db && ($start_time_hrs < $thehour || $start_time_hrs == $thehour && $start_time_mins < $theminute)) { $messages[] = "Een inschrijving kan niet in het verleden beginnen."; } // check ergo-blok if (!is_numeric($ergo_lo) || !is_numeric($ergo_hi) || $ergo_lo < 0 || $ergo_lo > $NR_OF_CONCEPTS || $ergo_hi < 0 || $ergo_hi > $NR_OF_CONCEPTS) { $messages[] = "Nummering van de Concept-ergometers klopt niet."; } $ergo_range = $ergo_hi - $ergo_lo; if ($ergo_range < 0) { $messages[] = "Het blok moet lopen van de laagst- t/m de hoogst-genummerde Concept-ergometer."; $ergo_lo = 0; $ergo_hi = 0; } // check boat if (!is_numeric($boat_id) || $boat_id == 0) { $boat = ""; $messages[] = "U heeft geen boot geselecteerd."; } else { $query_bootnaam = "SELECT Naam FROM boten WHERE ID={$boat_id};"; $result_bootnaam = mysql_query($query_bootnaam); $row_bootnaam = mysql_fetch_assoc($result_bootnaam); $boat = $row_bootnaam['Naam']; } // cat. & grade bepalen n.a.v. boot die wordt ingeschreven $query = "SELECT Roeigraad, `Type` FROM boten WHERE ID='" . $boat_id . "';"; $result = mysql_query($query); if ($result) { $row = mysql_fetch_assoc($result); $grade = $row['Roeigraad']; $type = $row['Type']; $query2 = "SELECT Categorie FROM types WHERE `Type`='" . $type . "';"; $result2 = mysql_query($query2); if ($result2) { $row2 = mysql_fetch_assoc($result2); $cat = $row2['Categorie']; } } // check op uit de vaart $query = "SELECT * \r\t\tFROM uitdevaart \r\t\tWHERE Verwijderd=0 \r\t\tAND Boot_ID='{$boat_id}' \r\t\tAND Startdatum<='{$date_db}' \r\t\tAND (Einddatum='0' OR Einddatum='0000-00-00' OR Einddatum IS NULL OR Einddatum>='{$date_db}');"; $result = mysql_query($query); if (!$result) { $messages[] = "Ophalen van uit de vaart-informatie mislukt."; } else { $rows_aff = mysql_affected_rows($bisdblink); if ($rows_aff > 0) { $messages[] = "Deze boot is op deze dag uit de vaart."; } } // check MPB // stop eerst alle MPB-gevende bestuursleden in een array $mpb_array = array(); $query = "SELECT Functie FROM bestuursleden WHERE MPB=1;"; $result = mysql_query($query); if (!$result) { $messages[] = "Ophalen van bestuursleden mislukt."; } while ($row = mysql_fetch_assoc($result)) { array_push($mpb_array, $row['Functie']); } if ($mpb != "" && !in_array($mpb, $mpb_array)) { $messages[] = "Onjuiste MPB-gever opgegeven."; } $controle = 0; if ($duration > 120) { if ($mpb == "") { $messages[] = "• U schrijft voor langer dan 2 uur in. Hiervoor is MPB benodigd."; } $controle = 1; } if (!InRange($date, 3)) { if ($mpb == "") { $messages[] = "• U schrijft meer dan 3 dagen vantevoren in. Hiervoor is MPB benodigd."; } $controle = 2; } if ($grade == "MPB") { if ($mpb == "") { $messages[] = "• U schrijft een MPB-boot in. Hiervoor is MPB benodigd."; } $controle = 3; } $action = "make"; if ($id > 0) { $action = "alter"; } // If one or more errors were made, return already if (sizeof($messages) > 0) { // $messages[] = "<strong>Uw inschrijving is mislukt vanwege de genoemde fouten</strong>"; $returnArray = array("success" => false, "messages" => $messages, "category" => $cat, "grade" => $grade, "action" => $action); return $returnArray; } $success = false; $fail_cnt = 0; for ($e = $ergo_lo; $e <= $ergo_hi; $e++) { // T.b.v. blokinschrijving ergometers (with normal reservation, ergo_lo = ergo_hi = e = 0) $fail = false; if ($e > 0) { $boat = "Concept " . $e; $query_ergonaam = "SELECT ID FROM boten WHERE Naam='" . $boat . "';"; $result_ergonaam = mysql_query($query_ergonaam); $row_ergonaam = mysql_fetch_assoc($result_ergonaam); $boat_id = $row_ergonaam['ID']; } // Check inschrijving tegen de database $query = "SELECT * FROM " . $opzoektabel . " WHERE Verwijderd=0 AND Volgnummer <> '{$id}' AND ((Begintijd >= '{$start_time}' AND Begintijd < '{$end_time}') OR (Eindtijd > '{$start_time}' AND Eindtijd <= '{$end_time}') OR (Begintijd <= '{$start_time}' AND Eindtijd >= '{$end_time}')) AND Datum = '{$date_db}' AND Boot_ID = '{$boat_id}';"; $result = mysql_query($query); if (!$result) { $messages[] = "Het controleren van uw inschrijving is mislukt."; $fail = true; } else { $rows_aff = mysql_affected_rows($bisdblink); if ($rows_aff > 0) { $messages[] = "Uw inschrijving van " . $boat . " is mislukt omdat deze conflicteert met een al bestaande inschrijving."; $fail = true; } } // Ingeval van het bewerken van een bestaande inschrijving, eerst oude uit DB verwijderen $mail_gestuurd = false; if ($id > 0 && $fail == false) { $email_to = ""; // haal gegevens niet uit form maar uit DB, om fraude te voorkomen $query2 = "SELECT Email, Boot_ID, Datum, Begintijd, Spits FROM " . $opzoektabel . " WHERE Volgnummer = " . $id . ";"; $result2 = mysql_query($query2); if ($result2) { $row = mysql_fetch_assoc($result2); $email_to = $row['Email']; $boot_id = $row['Boot_ID']; // retrieve boat name $query_bootnaam = "SELECT Naam FROM boten WHERE ID=" . $boot_id . ";"; $result_bootnaam = mysql_query($query_bootnaam); $row_bootnaam = mysql_fetch_assoc($result_bootnaam); $boot = $row_bootnaam['Naam']; // $db_datum = $row['Datum']; $date_tmp = strtotime($db_datum); $date_sh = strftime('%A %d-%m-%Y', $date_tmp); $starttijd = $row['Begintijd']; $spitsnr = $row['Spits']; if ($spitsnr > 0) { $mail_message = "Uw spitsblok van '{$boot}' op {$date_sh} vanaf " . substr($starttijd, 0, 5) . " is zojuist bevestigd."; } else { $mail_message = "Uw inschrijving van '{$boot}' op {$date_sh} vanaf " . substr($starttijd, 0, 5) . " is zojuist gewijzigd."; } } $query = "UPDATE " . $opzoektabel . " SET Verwijderd = 1 WHERE Volgnummer = " . $id . ";"; $result = mysql_query($query); if (!$result) { $messages[] = "Het verwijderen van de oude inschrijving is mislukt."; $fail = true; } else { if (SendEmail($email_to, "Wijziging of bevestiging inschrijving", $mail_message)) { $mail_gestuurd = true; } } } // Het inserten if ($fail == false) { // current (ergo) reservation is OK // inschrijving wordt ingevoerd of gewijzigd $today_db = date('Y-m-d'); $team_name = addslashes($team_name); // speciale tekens in ploegnaam "redden" $team_name = preg_replace("/\"/", "'", $team_name); // dubbele quotes omzetten naar enkele, omdat anders het tooltip-scriptje gek wordt $query = "INSERT INTO " . $opzoektabel . " (Datum, Inschrijfdatum, Begintijd, Eindtijd, Boot_ID, Pnaam, Ploegnaam, Email, MPB, Spits, Controle) VALUES ('{$date_db}', '{$today_db}', '{$start_time}', '{$end_time}', '{$boat_id}', '{$name}', \"{$team_name}\", '{$email}', '{$mpb}', '0', '{$controle}');"; $result = mysql_query($query); if (!$result) { $messages[] = "Uw inschrijving is mislukt."; } else { $success = true; $date_tmp = strtotime($date_db); $date_sh = strftime('%A %d-%m-%Y', $date_tmp); $messages[] = "Uw inschrijving van '" . $boat . "' op " . $date_sh . " van " . substr($start_time, 0, 5) . " tot " . substr($end_time, 0, 5) . " is gelukt."; if ($controle) { $messages[] = "NB: uw inschrijving is vanwege MPB gelogd en zal door het opgegeven bestuurslid worden gecontroleerd."; } if ($mail_gestuurd) { $messages[] = "NB: er is ter controle een e-mail gestuurd aan de oorspronkelijke inschrijver."; } if ($koudwaterprotocol && ($themonth < 4 || $themonth > 9) && $cat != "Ergometers en bak") { // Mind: this is the only message that contains HTML formatting $messages[] = "<strong>LET OP! Wees in de winter voorzichtig i.v.m. het koude water. Het <a href='https://www.hunze.nl/wp-content/uploads/2015/08/Koudwaterprotocol.pdf' target='_blank'>koudwater-protocol</a> geldt van 15 november - 1 mei."; } } } else { if ($e == 0) { $messages[] = "<strong>Uw inschrijving is mislukt vanwege de genoemde fouten</strong>"; } else { $fail_cnt++; } } } // end for-loop ergo_lo - ergo_hi if ($fail_cnt > 0) { $messages[] = "Let op: één of meer van de inschrijvingen in uw blok zijn mislukt."; } mysql_close($bisdblink); $returnArray = array("success" => $success, "messages" => $messages, "category" => $cat, "grade" => $grade, "action" => $action); return $returnArray; }
// tijden $start_time_hrs = $_POST['start_time_hrs']; $start_time_mins = $_POST['start_time_mins']; $start_time = $start_time_hrs . ":" . $start_time_mins; $end_time_hrs = $_POST['end_time_hrs']; $end_time_mins = $_POST['end_time_mins']; $end_time = $end_time_hrs . ":" . $end_time_mins; $duration = ($end_time_hrs - $start_time_hrs) * 60 + ($end_time_mins - $start_time_mins); if ($duration <= 0) { $fail_msg_time = "De eindtijd van een outing dient later dan de begintijd te zijn."; } // boot $boat_id = $_POST['boat_id']; // naam $pname = $_POST['pname']; if (!CheckName($pname)) { $fail_msg_pname = "U dient een geldige voor- en achternaam op te geven. Let op: de apostrof (') wordt niet geaccepteerd."; } // ploegnaam $name = $_POST['name']; // e-mail $email = $_POST['email']; // niet verplicht, maar moet wel correct zijn if ($email && !CheckEmail($email)) { $fail_msg_email = "U dient een geldig e-mailadres op te geven."; } // als niet gefaald, repeterend spitsblok toevoegen if (isset($fail_msg_startdate) || isset($fail_msg_enddate) || isset($fail_msg_date) || isset($fail_msg_time) || isset($fail_msg_pname) || isset($fail_msg_email)) { $fail = true; } else { if ($spits_id) {
public function __construct() { global $USER, $PLANET, $LNG, $db, $UNI; $parse = $LNG; $mode = request_var('mode', ''); $a = request_var('a', 1); $sort1 = request_var('sort1', ''); $sort2 = request_var('sort2', ''); $edit = request_var('edit', ''); $rank = request_var('rank', ''); $kick = request_var('kick', ''); $id = request_var('id', ''); $action = request_var('action', ''); $allyid = request_var('allyid', ''); $tag = request_var('tag', ''); $PlanetRess = new ResourceUpdate(); $PlanetRess->CalcResource(); $PlanetRess->SavePlanetToDB(); $template = new template(); if ($USER['ally_id'] != 0 && $USER['ally_request'] != 0) { $db->query("UPDATE `" . USERS . "` SET `ally_id` = 0 WHERE `id` = " . $USER['id'] . ";"); redirectTo("game.php?page=alliance"); } switch ($USER['ally_id']) { case 0: switch ($mode) { case 'ainfo': $allyrow = $db->uniquequery("SELECT * FROM " . ALLIANCE . " WHERE ally_tag='" . $db->sql_escape($tag) . "' OR id='" . $db->sql_escape($a) . "';"); if (!$allyrow) { die(redirectTo("game.php?page=alliance")); } $this->ainfo($allyrow, $template); break; case 'make': if ($USER['ally_request'] == 0) { if ($action == "send") { $atag = request_var('atag', '', UTF8_SUPPORT); $aname = request_var('aname', '', UTF8_SUPPORT); if (empty($atag)) { $template->message($LNG['al_tag_required'], "?page=alliance&mode=make", 3); } if (empty($aname)) { $template->message($LNG['al_name_required'], "?page=alliance&mode=make", 3); } if (!CheckName($aname) || !CheckName($atag)) { $template->message(UTF8_SUPPORT ? $LNG['al_newname_no_space'] : $LNG['al_newname_alphanum'], "?page=alliance&mode=make", 3); } $tagquery = $db->countquery("SELECT COUNT(*) FROM `" . ALLIANCE . "` WHERE `ally_universe` = '" . $UNI . "' AND (ally_tag = '" . $db->sql_escape($atag) . "' OR ally_name = '" . $db->sql_escape($aname) . "');"); if ($tagquery == 0) { $template->message(sprintf($LNG['al_already_exists'], $aname), "?page=alliance&mode=make", 3); } $db->multi_query("INSERT INTO " . ALLIANCE . " SET\r\n `ally_name`='" . $db->sql_escape($aname) . "',\r\n `ally_tag`='" . $db->sql_escape($atag) . "' ,\r\n `ally_owner`='" . $USER['id'] . "',\r\n `ally_owner_range`='Leader',\r\n `ally_members`='1',\r\n `ally_register_time`='" . TIMESTAMP . "',\r\n\t\t\t\t\t\t\t\t`ally_universe` ='" . $UNI . "';\r\n UPDATE " . USERS . " SET\r\n `ally_id`= (SELECT `id` FROM " . ALLIANCE . " WHERE ally_name = '" . $db->sql_escape($aname) . "'),\r\n `ally_name` = '" . $db->sql_escape($aname) . "',\r\n `ally_register_time` = '" . TIMESTAMP . "'\r\n WHERE `id` = '" . $USER['id'] . "';\r\n UPDATE " . STATPOINTS . " SET\r\n `id_ally` = (SELECT `id` FROM " . ALLIANCE . " WHERE ally_name = '" . $db->sql_escape($aname) . "')\r\n WHERE `id_owner` = '" . $USER['id'] . "';"); $template->message(sprintf($LNG['al_created'], $atag), "?page=alliance", 3); } else { $template->assign_vars(array('al_make_alliance' => $LNG['al_make_alliance'], 'al_make_ally_tag_required' => $LNG['al_make_ally_tag_required'], 'al_make_ally_name_required' => $LNG['al_make_ally_name_required'], 'al_make_submit' => $LNG['al_make_submit'])); $template->show("alliance_make.tpl"); } } else { redirectTo("game.php?page=alliance"); } break; case 'search': if ($USER['ally_request'] == 0) { $searchtext = request_var('searchtext', '', UTF8_SUPPORT); if (!empty($searchtext)) { $Search = $db->query("SELECT id, ally_tag, ally_name, ally_members FROM " . ALLIANCE . " WHERE ally_name LIKE '%" . $db->sql_escape($searchtext, true) . "%' OR ally_tag LIKE '%" . $db->sql_escape($searchtext, true) . "%' LIMIT 30;"); $SeachResult = array(); while ($CurrRow = $db->fetch_array($Search)) { $SeachResult[] = array('id' => $CurrRow['id'], 'tag' => $CurrRow['ally_tag'], 'name' => $CurrRow['ally_name'], 'members' => $CurrRow['ally_members']); } } $template->assign_vars(array('searchtext' => $searchtext, 'SeachResult' => $SeachResult, 'al_find_submit' => $LNG['al_find_submit'], 'al_find_text' => $LNG['al_find_text'], 'al_find_alliances' => $LNG['al_find_alliances'], 'al_make_submit' => $LNG['al_make_submit'], 'al_find_no_alliances' => $LNG['al_find_no_alliances'], 'al_ally_info_members' => $LNG['al_ally_info_members'], 'al_ally_info_name' => $LNG['al_ally_info_name'], 'al_ally_info_tag' => $LNG['al_ally_info_tag'])); $template->show("alliance_searchform.tpl"); } else { redirectTo("game.php" . "?page=alliance"); } break; case 'apply': if ($USER['ally_request'] == 0) { $text = request_var('text', '', true); $allyrow = $db->uniquequery("SELECT `ally_tag`, `ally_request`, `ally_request_notallow` FROM " . ALLIANCE . " WHERE id='" . $db->sql_escape($allyid) . "';"); if (!$allyrow) { redirectTo("game.php?page=alliance"); } if ($allyrow['ally_request_notallow'] == 1) { $template->message($LNG['al_alliance_closed']); exit; } else { if ($action == "send") { $db->query("UPDATE " . USERS . " SET `ally_request`='" . $db->sql_escape($allyid) . "', ally_request_text='" . $db->sql_escape($text) . "', ally_register_time='" . TIMESTAMP . "' WHERE `id`='" . $USER['id'] . "';"); $template->message($LNG['al_request_confirmation_message'], "?page=alliance"); } else { $template->assign_vars(array('allyid' => $allyid, 'al_your_request_title' => $LNG['al_your_request_title'], 'applytext' => !empty($allyrow['ally_request']) ? $allyrow['ally_request'] : $LNG['al_default_request_text'], 'al_write_request' => sprintf($LNG['al_write_request'], $allyrow['ally_tag']), 'al_applyform_reload' => $LNG['al_applyform_reload'], 'al_applyform_send' => $LNG['al_applyform_send'], 'al_message' => $LNG['al_message'])); $template->show("alliance_applyform.tpl"); } } } else { redirectTo("game.php?page=alliance"); } break; default: if ($USER['ally_request'] != 0) { $allyquery = $db->uniquequery("SELECT ally_tag FROM " . ALLIANCE . " WHERE id = '" . $USER['ally_request'] . "' ORDER BY `id`;"); $bcancel = request_var('bcancel', ''); if ($bcancel) { $db->query("UPDATE " . USERS . " SET `ally_request`= 0 WHERE `id`='" . $USER['id'] . "';"); $template->assign_vars(array('al_your_request_title' => $LNG['al_your_request_title'], 'button_text' => $LNG['al_continue'], 'request_text' => sprintf($LNG['al_request_deleted'], $allyquery['ally_tag']), 'al_make_submit' => $LNG['al_continue'])); } else { $template->assign_vars(array('al_your_request_title' => $LNG['al_your_request_title'], 'button_text' => $LNG['al_delete_request'], 'request_text' => sprintf($LNG['al_request_wait_message'], $allyquery['ally_tag']), 'al_make_submit' => $LNG['al_make_submit'])); } $template->show("alliance_apply_waitform.tpl"); } else { $template->assign_vars(array('al_alliance_search' => $LNG['al_alliance_search'], 'al_alliance_make' => $LNG['al_alliance_make'], 'al_alliance' => $LNG['al_alliance'])); $template->show("alliance_defaultmenu.tpl"); } break; } break; default: $ally = $db->uniquequery("SELECT * FROM " . ALLIANCE . " WHERE id='" . $USER['ally_id'] . "';"); if (!$ally) { $db->query("UPDATE `" . USERS . "` SET `ally_id` = 0 WHERE `id` = " . $USER['id'] . ";"); redirectTo("game.php?page=alliance"); } $ally_ranks = unserialize($ally['ally_ranks']); $USER['rights']['memberlist_on'] = $ally_ranks[$USER['ally_rank_id'] - 1]['onlinestatus'] == 1 || $ally['ally_owner'] == $USER['id'] ? true : false; $USER['rights']['memberlist'] = $ally_ranks[$USER['ally_rank_id'] - 1]['memberlist'] == 1 || $ally['ally_owner'] == $USER['id'] ? true : false; $USER['rights']['roundmail'] = $ally_ranks[$USER['ally_rank_id'] - 1]['mails'] == 1 || $ally['ally_owner'] == $USER['id'] ? true : false; $USER['rights']['kick'] = $ally_ranks[$USER['ally_rank_id'] - 1]['kick'] == 1 || $ally['ally_owner'] == $USER['id'] ? true : false; $USER['rights']['righthand'] = $ally_ranks[$USER['ally_rank_id'] - 1]['rechtehand'] == 1 || $ally['ally_owner'] == $USER['id'] ? true : false; $USER['rights']['close'] = $ally_ranks[$USER['ally_rank_id'] - 1]['delete'] == 1 || $ally['ally_owner'] == $USER['id'] ? true : false; $USER['rights']['seeapply'] = $ally_ranks[$USER['ally_rank_id'] - 1]['bewerbungen'] == 1 || $ally['ally_owner'] == $USER['id'] ? true : false; $USER['rights']['changeapply'] = $ally_ranks[$USER['ally_rank_id'] - 1]['bewerbungenbearbeiten'] == 1 || $ally['ally_owner'] == $USER['id'] ? true : false; $USER['rights']['admin'] = $ally_ranks[$USER['ally_rank_id'] - 1]['administrieren'] == 1 || $ally['ally_owner'] == $USER['id'] ? true : false; switch ($mode) { case 'ainfo': $allyrow = $db->uniquequery("SELECT * FROM " . ALLIANCE . " WHERE ally_tag='" . $db->sql_escape($tag) . "' OR id='" . $db->sql_escape($a) . "';"); if (!$allyrow) { redirectTo("game.php?page=alliance"); } $this->ainfo($allyrow, $template); break; case 'exit': if ($ally['ally_owner'] == $USER['id']) { $template->message($LNG['al_founder_cant_leave_alliance'], "?page=alliance", 3); } elseif ($action = "send") { $db->multi_query("UPDATE " . USERS . " SET `ally_id` = 0, `ally_name` = '', ally_rank_id = 0 WHERE `id`='" . $USER['id'] . "';UPDATE " . ALLIANCE . " SET `ally_members` = `ally_members` - 1 WHERE `id`='" . $ally['id'] . "';UPDATE " . STATPOINTS . " SET `id_ally` = '0' WHERE `id_ally` = '" . $ally['id'] . "' AND `id_owner` = '" . $USER['id'] . "';"); $template->message(sprintf($LNG['al_leave_sucess'], $ally['ally_name']), "game.php?page=alliance", 2); } else { $template->message(sprintf($LNG['al_do_you_really_want_to_go_out'], $ally['ally_name']) . "<br><a href=\"?page=alliance&mode=exit&action=send\">" . $LNG['al_go_out_yes'] . "</a>"); } break; case 'memberslist': if (!$USER['rights']['memberlist']) { redirectTo("game.php?page=alliance"); } if ($sort1 && $sort2) { switch ($sort1) { case 1: $sort = " ORDER BY `username`"; break; case 2: $sort = " ORDER BY `ally_rank_id`"; break; case 3: $sort = " ORDER BY `total_points`"; break; case 4: $sort = " ORDER BY `ally_register_time`"; break; case 5: $sort = " ORDER BY `onlinetime`"; break; default: $sort = " ORDER BY `id`"; break; } if ($sort2 == 1) { $sort .= " DESC;"; } elseif ($sort2 == 2) { $sort .= " ASC;"; } $listuser = $db->query("SELECT DISTINCT u.id, u.username,u.galaxy, u.system, u.planet, u.ally_register_time, u.onlinetime, u.ally_rank_id, s.total_points FROM `" . USERS . "` as u LEFT JOIN " . STATPOINTS . " as s ON s.`stat_type` = '1' AND s.`id_owner` = u.`id` WHERE ally_id = '" . $USER['ally_id'] . "'" . $sort . ";"); } else { $listuser = $db->query("SELECT DISTINCT u.id, u.username,u.galaxy, u.system, u.planet, u.ally_register_time, u.onlinetime, u.ally_rank_id, s.total_points FROM `" . USERS . "` as u LEFT JOIN " . STATPOINTS . " as s ON s.`stat_type` = '1' AND s.`id_owner` = u.`id` WHERE `ally_id` = '" . $USER['ally_id'] . "';"); } while ($UserRow = $db->fetch_array($listuser)) { if ($ally['ally_owner'] == $UserRow['id']) { $UserRow['ally_range'] = $ally['ally_owner_range'] == '' ? $LNG['al_founder_rank_text'] : $ally['ally_owner_range']; } elseif ($UserRow['ally_rank_id'] != 0) { $UserRow['ally_range'] = $ally_ranks[$UserRow['ally_rank_id'] - 1]['name']; } else { $UserRow['ally_range'] = $LNG['al_new_member_rank_text']; } $Memberlist[] = array('id' => $UserRow['id'], 'username' => $UserRow['username'], 'galaxy' => $UserRow['galaxy'], 'system' => $UserRow['system'], 'planet' => $UserRow['planet'], 'register_time' => date(TDFORMAT, $UserRow['ally_register_time']), 'points' => pretty_number($UserRow['total_points']), 'range' => $UserRow['ally_range'], 'onlinetime' => floor((TIMESTAMP - $UserRow['onlinetime']) / 60)); } if (count($Memberlist) != $ally['ally_members']) { $db->query("UPDATE " . ALLIANCE . " SET `ally_members`='" . count($Memberlist) . "' WHERE `id`='" . $ally['id'] . "';"); } $template->assign_vars(array('Memberlist' => $Memberlist, 'sort' => $sort2 == 1 ? 2 : 1, 'seeonline' => $USER['rights']['memberlist_on'], 'al_users_list' => sprintf($LNG['al_users_list'], count($Memberlist)), 'al_num' => $LNG['al_num'], 'al_back' => $LNG['al_back'], 'al_message' => $LNG['al_message'], 'al_member' => $LNG['al_member'], 'al_position' => $LNG['al_position'], 'al_points' => $LNG['al_points'], 'al_coords' => $LNG['al_coords'], 'al_member_since' => $LNG['al_member_since'], 'al_estate' => $LNG['al_estate'], 'al_memberlist_on' => $LNG['al_memberlist_on'], 'al_memberlist_off' => $LNG['al_memberlist_off'], 'al_memberlist_min' => $LNG['al_memberlist_min'])); $template->show("alliance_memberslist.tpl"); break; case 'circular': if (!$USER['rights']['roundmail']) { redirectTo("game.php?page=alliance"); } if ($action == "send") { $r = request_var('r', 0); $subject = request_var('subject', '', true); $text = makebr(request_var('text', '', true)); $sq = $r == 0 ? $db->query("SELECT id, username FROM " . USERS . " WHERE `ally_id` = '" . $USER['ally_id'] . "';") : $db->query("SELECT id, username FROM " . USERS . " WHERE `ally_id` = '" . $USER['ally_id'] . "' AND `ally_rank_id` = '" . $r . "';"); $list = ''; $title = $LNG['al_circular_alliance'] . $ally['ally_tag']; $text = sprintf($LNG['al_circular_front_text'], $USER['username']) . "<br>" . $text; while ($u = $db->fetch_array($sq)) { SendSimpleMessage($u['id'], $USER['id'], '', 2, $title, $subject, $text); $list .= "\n" . $u['username']; } exit($LNG['al_circular_sended'] . $list); } $RangeList[] = $LNG['al_all_players']; if (is_array($ally_ranks)) { foreach ($ally_ranks as $id => $array) { $RangeList[$id + 1] = $array['name']; } } $template->assign_vars(array('RangeList' => $RangeList, 'al_circular_send_ciruclar' => $LNG['al_circular_send_ciruclar'], 'al_circular_reset' => $LNG['al_circular_reset'], 'al_receiveral_message' => $LNG['al_receiveral_message'], 'al_circular_send_submit' => $LNG['al_circular_send_submit'], 'al_characters' => $LNG['al_characters'], 'al_receiver' => $LNG['al_receiver'], 'mg_subject' => $LNG['mg_subject'], 'mg_no_subject' => $LNG['mg_no_subject'], 'mg_empty_text' => $LNG['mg_empty_text'])); $template->show("alliance_circular.tpl"); break; case 'admin': if (!$USER['rights']['admin']) { exit(redirectTo("game.php?page=alliance")); } switch ($edit) { case 'rights': if (!$USER['rights']['righthand']) { exit(redirectTo("game.php?page=alliance")); } $rankname = request_var('newrangname', '', UTF8_SUPPORT); $pid = $_POST['id']; $d = request_var('d', 1337); if (!empty($rankname)) { $pid = request_var('id', ''); $ally_ranks[] = array('name' => $rankname, 'mails' => 0, 'delete' => 0, 'kick' => 0, 'bewerbungen' => 0, 'administrieren' => 0, 'bewerbungenbearbeiten' => 0, 'memberlist' => 0, 'onlinestatus' => 0, 'rechtehand' => 0); $ranks = serialize($ally_ranks); $db->query("UPDATE " . ALLIANCE . " SET `ally_ranks`='" . $ranks . "' WHERE `id`='" . $ally['id'] . "';"); redirectTo("game.php?page=alliance&mode=admin&edit=rights"); exit; } elseif (is_array($pid)) { $ally_ranks_new = array(); foreach ($pid as $id) { $ally_ranks_new[$id]['name'] = $ally_ranks[$id]['name']; $ally_ranks_new[$id]['delete'] = isset($_POST['u' . $id . 'r0']) && $USER['rights']['close'] ? 1 : 0; $ally_ranks_new[$id]['kick'] = isset($_POST['u' . $id . 'r1']) && $USER['rights']['kick'] ? 1 : 0; $ally_ranks_new[$id]['bewerbungen'] = isset($_POST['u' . $id . 'r2']) && $USER['rights']['seeapply'] ? 1 : 0; $ally_ranks_new[$id]['memberlist'] = isset($_POST['u' . $id . 'r3']) && $USER['rights']['memberlist'] ? 1 : 0; $ally_ranks_new[$id]['bewerbungenbearbeiten'] = isset($_POST['u' . $id . 'r4']) && $USER['rights']['changeapply'] ? 1 : 0; $ally_ranks_new[$id]['administrieren'] = isset($_POST['u' . $id . 'r5']) && $USER['rights']['admin'] ? 1 : 0; $ally_ranks_new[$id]['onlinestatus'] = isset($_POST['u' . $id . 'r6']) && $USER['rights']['memberlist_on'] ? 1 : 0; $ally_ranks_new[$id]['mails'] = isset($_POST['u' . $id . 'r7']) && $USER['rights']['roundmail'] ? 1 : 0; $ally_ranks_new[$id]['rechtehand'] = isset($_POST['u' . $id . 'r8']) && $USER['rights']['righthand'] ? 1 : 0; } $ranks = serialize($ally_ranks_new); $db->query("UPDATE " . ALLIANCE . " SET `ally_ranks`='" . $ranks . "' WHERE `id`='" . $ally['id'] . "';"); redirectTo("game.php?page=alliance&mode=admin&edit=rights"); exit; } elseif (isset($ally_ranks[$d])) { unset($ally_ranks[$d]); $db->query("UPDATE " . ALLIANCE . " SET `ally_ranks`='" . serialize($ally_ranks) . "' WHERE `id`='" . $ally['id'] . "';"); } if (is_array($ally_ranks)) { foreach ($ally_ranks as $a => $b) { $AllyRanks[] = array('id' => $a, 'name' => $b['name'], 'memberlist_on' => $b['onlinestatus'], 'memberlist' => $b['memberlist'], 'roundmail' => $b['mails'], 'kick' => $b['kick'], 'righthand' => $b['rechtehand'], 'close' => $b['delete'], 'seeapply' => $b['bewerbungen'], 'changeapply' => $b['bewerbungenbearbeiten'], 'admin' => $b['administrieren']); } } $template->assign_vars(array('AllyRanks' => $AllyRanks, 'memberlist_on' => $USER['rights']['memberlist_on'], 'memberlist' => $USER['rights']['memberlist'], 'roundmail' => $USER['rights']['roundmail'], 'kick' => $USER['rights']['kick'], 'righthand' => $USER['rights']['righthand'], 'close' => $USER['rights']['close'], 'seeapply' => $USER['rights']['seeapply'], 'changeapply' => $USER['rights']['changeapply'], 'admin' => $USER['rights']['admin'], 'al_configura_ranks' => $LNG['al_configura_ranks'], 'al_save' => $LNG['al_configura_ranks'], 'Delete_range' => $LNG['Delete_range'], 'al_rank_name' => $LNG['al_rank_name'], 'al_dlte' => $LNG['al_dlte'], 'al_create' => $LNG['al_create'], 'al_rank_name' => $LNG['al_rank_name'], 'al_create_new_rank' => $LNG['al_create_new_rank'], 'al_back' => $LNG['al_back'], 'al_legend' => $LNG['al_legend'], 'al_no_ranks_defined' => $LNG['al_no_ranks_defined'], 'al_legend_kick_users' => $LNG['al_legend_kick_users'], 'al_legend_disolve_alliance' => $LNG['al_legend_disolve_alliance'], 'al_legend_see_requests' => $LNG['al_legend_see_requests'], 'al_legend_see_users_list' => $LNG['al_legend_see_users_list'], 'al_legend_check_requests' => $LNG['al_legend_check_requests'], 'al_legend_admin_alliance' => $LNG['al_legend_admin_alliance'], 'al_legend_see_connected_users' => $LNG['al_legend_see_connected_users'], 'al_legend_create_circular' => $LNG['al_legend_create_circular'], 'al_legend_right_hand' => $LNG['al_legend_right_hand'])); $template->show("alliance_admin_ranks.tpl"); break; case 'members': $NewRang = request_var('newrang', ''); if ($NewRang != '') { $q = $db->uniquequery("SELECT id FROM " . USERS . " WHERE id='" . $db->sql_escape($id) . "';"); isset($ally_ranks[$NewRang - 1]) && $q['id'] != $ally['ally_owner'] ? $db->query("UPDATE " . USERS . " SET `ally_rank_id`='" . $db->sql_escape($NewRang) . "' WHERE `id`='" . $db->sql_escape($id) . "';") : ''; } elseif ($action == "kick" && !empty($id) && $USER['rights']['kick']) { $u = $db->uniquequery("SELECT id FROM " . USERS . " WHERE id = '" . $db->sql_escape($id) . "' AND `ally_id` = '" . $ally['id'] . "' AND 'id' != '" . $ally['ally_owner'] . "';"); !empty($u['id']) ? $db->multi_query("UPDATE " . USERS . " SET `ally_id` = '0', `ally_name` = '', `ally_rank_id` = 0 WHERE `id` = '" . $u['id'] . "';UPDATE " . ALLIANCE . " SET `ally_members` = ally_members - 1 WHERE `id` = '" . $ally['id'] . "';UPDATE " . STATPOINTS . " SET `id_ally` = '0' WHERE `id_ally` = '" . $ally['id'] . "' AND `id_owner` = '" . $u['id'] . "';") : ''; } if ($sort1 && $sort2) { switch ($sort1) { case 1: $sort = " ORDER BY `username`"; break; case 2: $sort = " ORDER BY `ally_rank_id`"; break; case 3: $sort = " ORDER BY `total_points`"; break; case 4: $sort = " ORDER BY `ally_register_time`"; break; case 5: $sort = " ORDER BY `onlinetime`"; break; default: $sort = " ORDER BY `id`"; break; } if ($sort2 == 1) { $sort .= " DESC;"; } elseif ($sort2 == 2) { $sort .= " ASC;"; } $listuser = $db->query("SELECT DISTINCT u.id, u.username,u.galaxy, u.system, u.planet, u.ally_register_time, u.ally_rank_id, u.onlinetime, s.total_points FROM `" . USERS . "` as u LEFT JOIN " . STATPOINTS . " as s ON s.`stat_type` = '1' AND s.`id_owner` = u.`id` WHERE ally_id = '" . $USER['ally_id'] . "'" . $sort . ";"); } else { $listuser = $db->query("SELECT DISTINCT u.id, u.username,u.galaxy, u.system, u.planet, u.ally_register_time, u.ally_rank_id, u.onlinetime, s.total_points FROM `" . USERS . "` as u LEFT JOIN " . STATPOINTS . " as s ON s.`stat_type` = '1' AND s.`id_owner` = u.`id` WHERE `ally_id` = '" . $USER['ally_id'] . "';"); } $Selector[0] = $LNG['al_new_member_rank_text']; if (is_array($ally_ranks)) { foreach ($ally_ranks as $a => $b) { $Selector[$a + 1] = $b['name']; } } while ($UserRow = $db->fetch_array($listuser)) { if ($ally['ally_owner'] == $UserRow['id']) { $UserRow['ally_range'] = $ally['ally_owner_range'] == '' ? $LNG['al_founder_rank_text'] : $ally['ally_owner_range']; } elseif ($UserRow['ally_rank_id'] == 0) { $UserRow['ally_range'] = $LNG['al_new_member_rank_text']; } else { $UserRow['ally_range'] = $ally_ranks[$UserRow['ally_rank_id'] - 1]['name']; } $Memberlist[] = array('id' => $UserRow['id'], 'username' => $UserRow['username'], 'galaxy' => $UserRow['galaxy'], 'system' => $UserRow['system'], 'planet' => $UserRow['planet'], 'rank_id' => $UserRow['ally_rank_id'] - 1, 'register_time' => date(TDFORMAT, $UserRow['ally_register_time']), 'points' => pretty_number($UserRow['total_points']), 'range' => $UserRow['ally_range'], 'onlinetime' => sprintf("%d d", floor(TIMESTAMP - $UserRow['onlinetime']) / 86400), 'action' => $ally['ally_owner'] == $UserRow['id'] || $rank == $UserRow['id'] ? 0 : ($USER['rights']['kick'] == 1 ? 2 : 1), 'kick' => sprintf($LNG['al_kick_player'], $UserRow['username'])); } count($Memberlist) != $ally['ally_members'] ? $db->query("UPDATE " . ALLIANCE . " SET `ally_members`='" . count($Memberlist) . "' WHERE `id`='" . $ally['id'] . "';") : ''; $template->assign_vars(array('Selector' => $Selector, 'Memberlist' => $Memberlist, 'sort' => $sort2 == 1 ? 2 : 1, 'seeonline' => $USER['rights']['memberlist_on'], 'al_users_list' => sprintf($LNG['al_users_list'], count($Memberlist)), 'id' => $NewRang == '' ? $id : 0, 'al_num' => $LNG['al_num'], 'al_back' => $LNG['al_back'], 'al_message' => $LNG['al_message'], 'al_member' => $LNG['al_member'], 'al_position' => $LNG['al_position'], 'al_points' => $LNG['al_points'], 'al_coords' => $LNG['al_coords'], 'al_member_since' => $LNG['al_member_since'], 'al_estate' => $LNG['al_estate'], 'al_actions' => $LNG['al_actions'], 'al_ok' => $LNG['al_ok'])); $template->show("alliance_admin_members.tpl"); break; case 'diplo': !$USER['rights']['righthand'] ? redirectTo("game.php?page=alliance") : ''; $action = request_var('action', ''); $id = request_var('id', 0); $Level = request_var('level', 0); $DiploInfo = $this->GetDiplo($ally['id']); switch ($action) { case 'new': if (!empty($id)) { $text = request_var('text', '', true); $Alliances = $db->uniquequery("SELECT `ally_tag`, `ally_name` FROM " . ALLIANCE . " WHERE id = '" . $id . "';"); if ($Level == 4) { $AllyUsers = $db->query("SELECT `id` FROM " . USERS . " as s WHERE s.ally_id = '" . $ally['id'] . "' OR s.ally_id = '" . $id . "';"); while ($User = $db->fetch_array($AllyUsers)) { SendSimpleMessage($User['id'], $USER['id'], '', 2, $LNG['al_circular_alliance'] . $ally['ally_tag'] . " & " . $Alliances['ally_tag'], $LNG['al_diplo_war'], sprintf($LNG['al_diplo_war_mes'], $ally['ally_name'], $Alliances['ally_name'], $LNG['al_diplo_level'][$Level], $text)); } } else { $RanksRAW = $db->uniquequery("SELECT `ally_ranks`, `ally_owner` FROM " . ALLIANCE . " WHERE id = '" . $id . "';"); $Ranks = unserialize($RanksRAW['ally_ranks']); if (is_array($Ranks)) { foreach ($Ranks as $ID => $RankInfo) { if ($RankInfo['rechtehand'] == 0) { continue; } $SendRank[1] = "`ally_rank_id` ='" . ($ID + 1) . "' OR "; } } if (is_array($ally_ranks)) { foreach ($ally_ranks as $ID => $RankInfo) { if ($RankInfo['rechtehand'] == 0) { continue; } $SendRank[0] = "`ally_rank_id` ='" . ($ID + 1) . "' OR "; } } $AllyUsers = $db->query("SELECT `id` FROM " . USERS . " WHERE (ally_id = '" . $ally['id'] . "' AND (" . $SendRank[0] . "`id` = '" . $ally['ally_owner'] . "')) OR (ally_id = '" . $id . "' AND (" . $SendRank[1] . "`id` = '" . $RanksRAW['ally_owner'] . "'));"); while ($User = $db->fetch_array($AllyUsers)) { SendSimpleMessage($User['id'], $USER['id'], '', 2, $LNG['al_circular_alliance'] . $ally['ally_tag'] . " & " . $Alliances['ally_tag'], $LNG['al_diplo_ask'], sprintf($LNG['al_diplo_ask_mes'], $LNG['al_diplo_level'][$Level], $ally['ally_name'], $Alliances['ally_name'], $text)); } } $db->query("INSERT INTO " . DIPLO . " (`id` ,`owner_1` ,`owner_2` ,`level` ,`accept` ,`accept_text`) VALUES (NULL , '" . $ally['id'] . "', '" . $id . "', '" . $Level . "', '" . ($Level == 4 ? 1 : 0) . "', '" . $db->sql_escape($text) . "');"); exit($LNG['al_diplo_create_done']); } $Alliances = $db->query("SELECT `id`, `ally_name` FROM " . ALLIANCE . " WHERE id != '" . $ally['id'] . "';"); while ($Alliance = $db->fetch_array($Alliances)) { $AllianceList[$Alliance['id']] = $Alliance['ally_name']; } $template->assign_vars(array('AllianceList' => $AllianceList, 'al_diplo_create' => $LNG['al_diplo_create'], 'al_diplo_ally' => $LNG['al_diplo_ally'], 'al_diplo_level' => $LNG['al_diplo_level'], 'al_diplo_text' => $LNG['al_diplo_text'], 'al_diplo_level_des' => $LNG['al_diplo_level_des'], 'al_applyform_send' => $LNG['al_applyform_send'], 'mg_empty_text' => $LNG['mg_empty_text'])); $template->show("alliance_admin_diplo_form.tpl"); break; case 'accept': if (!empty($id)) { $AllyUsers = $db->query("SELECT `id` FROM " . USERS . " as s WHERE s.ally_id = '" . $ally['id'] . "' OR s.ally_id = '" . $DiploInfo[5][$id][1] . "';"); while ($User = $db->fetch_array($AllyUsers)) { SendSimpleMessage($User['id'], $USER['id'], '', 2, $LNG['al_circular_alliance'] . $ally['ally_tag'] . " & " . $DiploInfo[5][$id][5], $LNG['al_diplo_accept_yes'], sprintf($LNG['al_diplo_accept_yes_mes'], $LNG['al_diplo_level'][$Level], $ally['ally_name'], $DiploInfo[5][$id][0])); } $db->query("UPDATE " . DIPLO . " SET `accept` = '1', `accept_text` = '' WHERE `id`='" . $id . "' LIMIT 1;"); } redirectTo("game.php?page=alliance&mode=admin&edit=diplo"); break; case 'decline': if (!empty($id)) { $AllyUsers = $db->query("SELECT `id` FROM " . USERS . " as s WHERE s.ally_id = '" . $ally['id'] . "' OR s.ally_id = '" . $DiploInfo[5][$id][1] . "';"); while ($User = $db->fetch_array($AllyUsers)) { SendSimpleMessage($User['id'], $USER['id'], '', 2, $LNG['al_circular_alliance'] . $ally['ally_tag'] . " & " . $DiploInfo[5][$id][5], $LNG['al_diplo_accept_no'], sprintf($LNG['al_diplo_accept_no_mes'], $LNG['al_diplo_level'][$Level], $ally['ally_name'], $DiploInfo[5][$id][0])); } $db->query("DELETE FROM " . DIPLO . " WHERE `id` ='" . $id . "' LIMIT 1;"); } redirectTo("game.php?page=alliance&mode=admin&edit=diplo"); break; case 'delete': if (!empty($id)) { if (isset($DiploInfo[$Level][$id][1])) { $AllyUsers = $db->query("SELECT `id` FROM " . USERS . " as s WHERE s.ally_id = '" . $ally['id'] . "' OR s.ally_id = '" . $DiploInfo[$Level][$id][1] . "';"); while ($User = $db->fetch_array($AllyUsers)) { SendSimpleMessage($User['id'], $USER['id'], '', 2, $LNG['al_circular_alliance'] . $ally['ally_tag'] . " & " . $DiploInfo[$Level][$id][3], $LNG['al_diplo_delete'], sprintf($LNG['al_diplo_delete_mes'], $LNG['al_diplo_level'][$Level], $ally['ally_name'], $DiploInfo[$Level][$id][0])); } } $db->query("DELETE FROM " . DIPLO . " WHERE `id` ='" . $id . "' LIMIT 1;"); } redirectTo("game.php?page=alliance&mode=admin&edit=diplo"); break; default: $template->assign_vars(array('DiploInfo' => $DiploInfo, 'al_diplo_create' => $LNG['al_diplo_create'], 'al_diplo_level' => $LNG['al_diplo_level'], 'al_diplo_accept' => $LNG['al_diplo_accept'], 'al_diplo_accept_send' => $LNG['al_diplo_accept_send'], 'al_diplo_no_entry' => $LNG['al_diplo_no_entry'], 'al_diplo_no_accept' => $LNG['al_diplo_no_accept'], 'al_diplo_confirm_delete' => $LNG['al_diplo_confirm_delete'], 'al_diplo_accept_yes_confirm' => $LNG['al_diplo_accept_yes_confirm'], 'al_diplo_accept_no_confirm' => $LNG['al_diplo_accept_no_confirm'], 'al_diplo_ground' => $LNG['al_diplo_ground'], 'al_back' => $LNG['al_back'], 'ally_id' => $ally['id'])); $template->show("alliance_admin_diplo.tpl"); break; } break; case 'requests': !$USER['rights']['seeapply'] || !$USER['rights']['changeapply'] ? redirectTo("game.php?page=alliance") : ''; $text = makebr(request_var('text', '', true)); if ($action == $LNG['al_acept_request']) { $db->multi_query("UPDATE " . ALLIANCE . " SET `ally_members` = `ally_members` + 1 WHERE id='" . $ally['id'] . "';UPDATE " . USERS . " SET ally_name='" . $ally['ally_name'] . "', ally_request_text='', ally_request='0', ally_id='" . $ally['id'] . "' WHERE id='" . $db->sql_escape($id) . "';UPDATE " . STATPOINTS . " SET `id_ally` = '" . $ally['id'] . "' WHERE `id_owner` = '" . $id . "';"); SendSimpleMessage($id, $USER['id'], '', 2, $ally['ally_tag'], $LNG['al_you_was_acceted'] . $ally['ally_name'], $LNG['al_hi_the_alliance'] . $ally['ally_name'] . $LNG['al_has_accepted'] . $text); redirectTo('game.php?page=alliance&mode=admin&edit=ally'); } elseif ($action == $LNG['al_decline_request']) { $db->query("UPDATE " . USERS . " SET ally_request_text='',ally_request='0',ally_id='0' WHERE id='" . $db->sql_escape($id) . "';"); SendSimpleMessage($id, $USER['id'], '', 2, $ally['ally_tag'], $LNG['al_you_was_declined'] . $ally['ally_name'], $LNG['al_hi_the_alliance'] . $ally['ally_name'] . $LNG['al_has_declined'] . $text); redirectTo('game.php?page=alliance&mode=admin&edit=ally'); } $query = $db->query("SELECT id,username,ally_request_text,ally_register_time FROM " . USERS . " WHERE ally_request='" . $ally['id'] . "';"); while ($RequestRow = $db->fetch_array($query)) { $RequestList[] = array('username' => $RequestRow['username'], 'text' => makebr($RequestRow['ally_request_text']), 'id' => $RequestRow['id'], 'time' => date(TDFORMAT, $RequestRow['ally_register_time'])); } $template->assign_vars(array('RequestList' => $RequestList, 'requestcount' => sprintf($LNG['al_no_request_pending'], count($RequestList)), 'al_no_requests' => $LNG['al_no_requests'], 'al_candidate' => $LNG['al_candidate'], 'al_request_date' => $LNG['al_request_date'], 'al_request_list' => $LNG['al_request_list'], 'al_back' => $LNG['al_back'], 'al_reason' => $LNG['al_reason'], 'al_characters' => $LNG['al_characters'], 'al_request_from_user' => $LNG['al_request_from_user'], 'al_acept_request' => $LNG['al_acept_request'], 'al_decline_request' => $LNG['al_decline_request'], 'al_reply_to_request' => $LNG['al_reply_to_request'])); $template->show("alliance_admin_request.tpl"); break; case 'tag': $name = request_var('newname', '', UTF8_SUPPORT); !empty($name) ? $db->query("UPDATE " . ALLIANCE . " SET `ally_tag` = '" . $db->sql_escape($name) . "' WHERE `id` = '" . $USER['ally_id'] . "';") : ''; $template->assign_vars(array('caso' => $LNG['al_tag'], 'caso_titulo' => $LNG['al_new_tag'], 'al_change_submit' => $LNG['al_change_submit'], 'al_back' => $LNG['al_back'])); $template->show("alliance_admin_rename.tpl"); break; case 'name': $name = request_var('newname', '', UTF8_SUPPORT); !empty($name) ? $db->multi_query("UPDATE " . ALLIANCE . " SET `ally_name` = '" . $db->sql_escape($name) . "' WHERE `id` = '" . $USER['ally_id'] . "';UPDATE " . USERS . " SET `ally_name` = '" . $db->sql_escape($name) . "' WHERE `ally_id` = '" . $ally['id'] . "';") : ''; $template->assign_vars(array('caso' => $LNG['al_name'], 'caso_titulo' => $LNG['al_new_name'], 'al_change_submit' => $LNG['al_change_submit'], 'al_back' => $LNG['al_back'])); $template->show("alliance_admin_rename.tpl"); break; case 'exit': !$USER['rights']['close'] ? redirectTo("game.php?page=alliance") : ''; $db->multi_query("UPDATE " . USERS . " SET `ally_name` = '', `ally_id` = '0' WHERE `ally_id`='" . $ally['id'] . "';UPDATE " . STATPOINTS . " SET `id_ally` = '0' WHERE `id_ally` = '" . $ally['id'] . "';DELETE FROM " . ALLIANCE . " WHERE id = '" . $ally['id'] . "';DELETE FROM " . DIPLO . " WHERE `owner_1` = '" . $ally['id'] . "' OR `owner_2` = '" . $ally['id'] . "';"); redirectTo("game.php?page=alliance"); break; case 'transfer': $ally['ally_owner'] != $USER['id'] ? redirectTo("game.php?page=alliance") : ''; $postleader = request_var('newleader', 0); if (!empty($postleader)) { $Rank = $db->uniquequery("SELECT `ally_rank_id` FROM " . USERS . " WHERE `id` = '" . $postleader . "';"); $db->multi_query("UPDATE " . USERS . " SET `ally_rank_id` = '" . $Rank['ally_rank_id'] . "' WHERE `id` = '" . $USER['id'] . "';UPDATE " . USERS . " SET `ally_rank_id`= '0' WHERE `id` = '" . $postleader . "';UPDATE " . ALLIANCE . " SET `ally_owner` = '" . $postleader . "' WHERE `id` = '" . $USER['ally_id'] . "';"); redirectTo("game.php?page=alliance"); } else { $listuser = $db->query("SELECT id,ally_rank_id,username FROM " . USERS . " WHERE ally_id = '" . $USER['ally_id'] . "';"); while ($u = $db->fetch_array($listuser)) { $TransferUsers[$u['id']] = !empty($u['ally_rank_id']) && $ally['ally_owner'] != $u['id'] && $ally_ranks[$u['ally_rank_id'] - 1]['rechtehand'] == 1 ? $u['username'] . " [" . $ally_ranks[$u['ally_rank_id'] - 1]['name'] . "]" : ''; } $template->assign_vars(array('TransferUsers' => $TransferUsers, 'al_transfer_alliance' => $LNG['al_transfer_alliance'], 'al_transfer_to' => $LNG['al_transfer_to'], 'al_back' => $LNG['al_back'], 'al_transfer_submit' => $LNG['al_transfer_submit'])); $template->show("alliance_admin_transfer.tpl"); } break; default: $text = request_var('text', '0', true); $t = request_var('t', 1); if (isset($_POST['options'])) { $ally['ally_owner_range'] = request_var('owner_range', '', true); $ally['ally_web'] = request_var('web', ''); $ally['ally_image'] = request_var('image', ''); $ally['ally_request_notallow'] = request_var('request_notallow', 0); $ally['ally_stats'] = request_var('stats', 0); $ally['ally_diplo'] = request_var('diplo', 0); if ($ally['ally_request_notallow'] != 0 && $ally['ally_request_notallow'] != 1) { exit(redirectTo("game.php" . "?page=alliance")); } $db->query("UPDATE " . ALLIANCE . " SET\r\n\t\t\t\t\t\t\t\t\t`ally_owner_range` = '" . $db->sql_escape($ally['ally_owner_range']) . "',\r\n\t\t\t\t\t\t\t\t\t`ally_image` = '" . $db->sql_escape($ally['ally_image']) . "',\r\n\t\t\t\t\t\t\t\t\t`ally_web` = '" . $db->sql_escape($ally['ally_web']) . "',\r\n\t\t\t\t\t\t\t\t\t`ally_request_notallow` = '" . $ally['ally_request_notallow'] . "',\r\n\t\t\t\t\t\t\t\t\t`ally_stats` = '" . $ally['ally_stats'] . "',\r\n\t\t\t\t\t\t\t\t\t`ally_diplo` = '" . $ally['ally_diplo'] . "'\r\n\t\t\t\t\t\t\t\t\tWHERE `id`='" . $ally['id'] . "';"); } elseif ($text !== '0') { $QryText = "UPDATE " . ALLIANCE . " SET "; if ($t == 3) { $QryText .= "`ally_request`='" . $db->sql_escape($text) . "' "; } elseif ($t == 2) { $QryText .= "`ally_text`='" . $db->sql_escape($text) . "' "; } else { $QryText .= "`ally_description`='" . $db->sql_escape($text) . "' "; } $QryText .= "WHERE `id`='" . $ally['id'] . "';"; $db->query($QryText); } switch ($t) { case 2: $text = $text !== '0' ? $text : $ally['ally_text']; break; case 3: $text = $text !== '0' ? $text : $ally['ally_request']; break; default: $text = $text !== '0' ? $text : $ally['ally_description']; break; } $template->loadscript('alliance.js'); $template->execscript("\$('#cntChars').text(\$('#text').val().length);"); $template->assign_vars(array('al_characters' => $LNG['al_characters'], 'al_manage_alliance' => $LNG['al_manage_alliance'], 'al_texts' => $LNG['al_texts'], 'al_message' => $LNG['al_message'], 'al_manage_ranks' => $LNG['al_manage_ranks'], 'al_manage_members' => $LNG['al_manage_members'], 'al_manage_change_tag' => $LNG['al_manage_change_tag'], 'al_manage_change_name' => $LNG['al_manage_change_name'], 'al_outside_text' => $LNG['al_outside_text'], 'al_inside_text' => $LNG['al_inside_text'], 'al_request_text' => $LNG['al_request_text'], 'al_circular_reset' => $LNG['al_circular_reset'], 'al_save' => $LNG['al_save'], 'al_continue' => $LNG['al_continue'], 'al_manage_options' => $LNG['al_manage_options'], 'al_web_site' => $LNG['al_web_site'], 'al_manage_image' => $LNG['al_manage_image'], 'al_manage_requests' => $LNG['al_manage_requests'], 'al_manage_founder_rank' => $LNG['al_manage_founder_rank'], 'al_manage_diplo' => $LNG['al_manage_diplo'], 'al_view_stats' => $LNG['al_view_stats'], 'al_view_diplo' => $LNG['al_view_diplo'], 'al_disolve_alliance' => $LNG['al_disolve_alliance'], 'al_transfer_alliance' => $LNG['al_transfer_alliance'], 'al_close_ally' => $LNG['al_close_ally'], 'al_message' => $t == 2 ? $LNG['al_inside_text'] : ($t == 3 ? $LNG['al_request_text'] : $LNG['al_outside_text']), 'RequestSelector' => array(0 => $LNG['al_requests_allowed'], 1 => $LNG['al_requests_not_allowed']), 'YesNoSelector' => array(1 => $LNG['al_go_out_yes'], 0 => $LNG['al_go_out_no']), 't' => $t, 'text' => $text, 'righthand' => $USER['rights']['righthand'], 'ally_web' => $ally['ally_web'], 'ally_image' => $ally['ally_image'], 'ally_request_notallow' => $ally['ally_request_notallow'], 'ally_owner_range' => $ally['ally_owner_range'], 'ally_stats_data' => $ally['ally_stats'], 'ally_diplo_data' => $ally['ally_diplo'])); $template->show("alliance_admin.tpl"); break; } break; default: require_once ROOT_PATH . 'includes/functions/BBCode.php'; if ($ally['ally_owner'] == $USER['id']) { $range = $ally['ally_owner_range'] != '' ? $ally['ally_owner_range'] : $LNG['al_founder_rank_text']; } elseif ($USER['ally_rank_id'] != 0 && isset($ally_ranks[$USER['ally_rank_id'] - 1]['name'])) { $range = $ally_ranks[$USER['ally_rank_id'] - 1]['name']; } else { $range = $LNG['al_new_member_rank_text']; } $StatsData = $db->uniquequery("SELECT SUM(wons) as wons, SUM(loos) as loos, SUM(draws) as draws, SUM(kbmetal) as kbmetal, SUM(kbcrystal) as kbcrystal, SUM(kbnorio) as kbnorio, SUM(lostunits) as lostunits, SUM(desunits) as desunits FROM " . USERS . " WHERE ally_id='" . $ally['id'] . "';"); $Reuqests = $db->uniquequery("SELECT COUNT(*) as state FROM " . USERS . " WHERE ally_request='" . $ally['id'] . "';"); $template->assign_vars(array('DiploInfo' => $this->GetDiplo($ally['id']), 'al_diplo_level' => $LNG['al_diplo_level'], 'al_diplo' => $LNG['al_diplo'], 'ally_web' => $ally['ally_web'], 'ally_tag' => $ally['ally_tag'], 'ally_members' => $ally['ally_members'], 'ally_name' => $ally['ally_name'], 'ally_image' => $ally['ally_image'], 'ally_description' => bbcode($ally['ally_description']), 'ally_text' => bbcode($ally['ally_text']), 'range' => $range, 'requests' => sprintf($LNG['al_new_requests'], $Reuqests['state']), 'req_count' => $Reuqests['state'], 'al_requests' => $LNG['al_requests'], 'al_leave_alliance' => $LNG['al_leave_alliance'], 'al_rank' => $LNG['al_rank'], 'al_ally_info_tag' => $LNG['al_ally_info_tag'], 'al_user_list' => $LNG['al_user_list'], 'al_ally_info_name' => $LNG['al_ally_info_name'], 'al_ally_info_members' => $LNG['al_ally_info_members'], 'al_manage_alliance' => $LNG['al_manage_alliance'], 'al_your_ally' => $LNG['al_your_ally'], 'al_Allyquote' => $LNG['al_Allyquote'], 'al_web_text' => $LNG['al_web_text'], 'al_circular_message' => $LNG['al_circular_message'], 'al_send_circular_message' => $LNG['al_send_circular_message'], 'al_description_message' => $LNG['al_description_message'], 'al_inside_section' => $LNG['al_inside_section'], 'pl_totalfight' => $LNG['pl_totalfight'], 'pl_fightwon' => $LNG['pl_fightwon'], 'pl_fightlose' => $LNG['pl_fightlose'], 'pl_fightdraw' => $LNG['pl_fightdraw'], 'pl_unitsshot' => $LNG['pl_unitsshot'], 'pl_unitslose' => $LNG['pl_unitslose'], 'pl_dermetal' => $LNG['pl_dermetal'], 'pl_dercrystal' => $LNG['pl_dercrystal'], 'pl_dernorio' => $LNG['pl_dernorio'], 'al_goto_chat' => $LNG['al_goto_chat'], 'al_continue' => $LNG['al_continue'], 'al_leave_alliance' => $LNG['al_leave_alliance'], 'al_leave_ally' => $LNG['al_leave_ally'], 'totalfight' => $StatsData['wons'] + $StatsData['loos'] + $StatsData['draws'], 'fightwon' => $StatsData['wons'], 'fightlose' => $StatsData['loos'], 'fightdraw' => $StatsData['draws'], 'unitsshot' => pretty_number($StatsData['desunits']), 'unitslose' => pretty_number($StatsData['lostunits']), 'dermetal' => pretty_number($StatsData['kbmetal']), 'dercrystal' => pretty_number($StatsData['kbcrystal']), 'dernorio' => pretty_number($StatsData['kbnorio']), 'isowner' => $ally['ally_owner'] != $USER['id'] ? true : false, 'rights' => $USER['rights'])); $template->show("alliance_frontpage.tpl"); break; } break; } }
if (!$phathanh) { $phathanh = GetDateT($film[0][4]); } $thumb = $film[0][5]; if (!$thumb) { $thumb = TEMPLATE_URL . 'images/grey.jpg'; } $theloai = category_a($film[0][2]); $quocgia = country_a($film[0][6]); $genre = category_ad($film[0][2]); $country = country_ad($film[0][6]); $daodien_a = CheckName($film[0][7]); $daodien = Get_List_director($film[0][7]); $dienvien = Get_List_actor($film[0][8]); $year = CheckName($film[0][9]); $duration = CheckName($film[0][10]); $viewed = $film[0][11]; $loaiphim = $film[0][19]; $content = RemoveHtml(UnHtmlChars($film[0][12])); $tags = GetTag_a($film[0][13], 2); $image_r = explode("<img ", UnHtmlChars($film[0][12])); $Astar = $film[0][15]; $Bstar = $film[0][14]; $Cstar = $Astar / $Bstar; $Dstar = number_format($Cstar, 0); $Cstar = number_format($Cstar, 1); for ($i = 1; $i < count($image_r); $i++) { preg_match('/src="([^"]+)"/', $image_r[$i], $image); $image = $image[1]; $image_all .= "<li><a href=\"{$image}\" rel=\"screen[s]\" title=\"{$tenphim} - {$tentienganh}\"><img src=\"{$image}\" alt=\"{$tenphim} - {$tentienganh}\" width=\"600px\"/></a></li>"; }
private function sendDefault() { global $USER, $PLANET, $CONF, $LNG, $UNI, $SESSION, $THEME; $adminprotection = HTTP::_GP('adminprotection', 0); $username = HTTP::_GP('username', $USER['username'], UTF8_SUPPORT); $password = HTTP::_GP('password', ''); $newpassword = HTTP::_GP('newpassword', ''); $newpassword2 = HTTP::_GP('newpassword2', ''); $email = HTTP::_GP('email', $USER['email']); $timezone = HTTP::_GP('timezone', ''); $language = HTTP::_GP('language', ''); $planetSort = HTTP::_GP('planetSort', 0); $planetOrder = HTTP::_GP('planetOrder', 0); $theme = HTTP::_GP('theme', $THEME->getThemeName()); $queueMessages = HTTP::_GP('queueMessages', 0); $spycount = HTTP::_GP('spycount', 1.0); $fblink = HTTP::_GP('fblink', ''); $fleetactions = HTTP::_GP('fleetactions', 5); $galaxySpy = HTTP::_GP('galaxySpy', 0); $galaxyMessage = HTTP::_GP('galaxyMessage', 0); $galaxyBuddyList = HTTP::_GP('galaxyBuddyList', 0); $galaxyMissle = HTTP::_GP('galaxyMissle', 0); $blockPM = HTTP::_GP('blockPM', 0); $vacation = HTTP::_GP('vacation', 0); $delete = HTTP::_GP('delete', 0); $sirena = HTTP::_GP('sirena', 0); // Vertify $adminprotection = $adminprotection == 1 && $USER['authlevel'] != AUTH_USR ? $USER['authlevel'] : 0; $spycount = min(max(round($spycount), 1), 4294967295); $fleetactions = min(max($fleetactions, 1), 99); $language = array_key_exists($language, $LNG->getAllowedLangs(false)) ? $language : $LNG->getLanguage(); $theme = array_key_exists($theme, Theme::getAvalibleSkins()) ? $theme : $THEME->getThemeName(); $SQL = ""; $redirectTo = 'game.php?page=settings'; if (!empty($username) && $USER['username'] != $username) { if (!CheckName($username)) { $this->printMessage($LNG['op_user_name_no_alphanumeric']); } elseif ($USER['uctime'] >= TIMESTAMP - USERNAME_CHANGETIME) { $this->printMessage($LNG['op_change_name_pro_week']); } else { $Count = $GLOBALS['DATABASE']->getFirstCell("SELECT (SELECT COUNT(*) FROM " . USERS . " WHERE `universe` = " . $UNI . " AND `username` = '" . $GLOBALS['DATABASE']->sql_escape($username) . "') + (SELECT COUNT(*) FROM " . USERS_VALID . " WHERE `universe` = " . $UNI . " AND `username` = '" . $GLOBALS['DATABASE']->sql_escape($username) . "')"); if (!empty($Count)) { $this->printMessage(sprintf($LNG['op_change_name_exist'], $username)); } else { $SQL .= "UPDATE " . USERS . " SET username = '******'DATABASE']->sql_escape($username) . "', uctime = " . TIMESTAMP . " WHERE id = " . $USER['id'] . ";"; $redirectTo = 'index.php'; $SESSION->DestroySession(); } } } if (!empty($newpassword) && md5($password) == $USER["password"]) { $newpass = md5($newpassword); $SQL .= "UPDATE " . USERS . " SET password = '******' WHERE id = " . $USER['id'] . ";"; $redirectTo = 'index.php'; $SESSION->DestroySession(); } if (!empty($email) && $email != $USER['email']) { if (cryptPassword($password) != $USER['password']) { $this->printMessage($LNG['op_need_pass_mail']); } elseif (!ValidateAddress($email)) { $this->printMessage($LNG['op_not_vaild_mail']); } else { $Count = $GLOBALS['DATABASE']->getFirstCell("SELECT (SELECT COUNT(*) FROM " . USERS . " WHERE id != " . $USER['id'] . " AND universe = " . $UNI . " AND (email = '" . $GLOBALS['DATABASE']->sql_escape($email) . "' OR email_2 = '" . $GLOBALS['DATABASE']->sql_escape($email) . "')) + (SELECT COUNT(*) FROM " . USERS_VALID . " WHERE universe = " . $UNI . " AND email = '" . $GLOBALS['DATABASE']->sql_escape($email) . "')"); if (!empty($Count)) { $this->printMessage(sprintf($LNG['op_change_mail_exist'], $email)); } else { $SQL .= "UPDATE " . USERS . " SET email = '" . $GLOBALS['DATABASE']->sql_escape($email) . "', setmail = " . (TIMESTAMP + 604800) . " WHERE id = " . $USER['id'] . ";"; } } } if ($vacation == 1) { if (!$this->CheckVMode()) { $this->printMessage($LNG['op_cant_activate_vacation_mode']); } else { $SQL .= "UPDATE " . USERS . " SET \n\t\t\t\t\t\t\turlaubs_modus = '1',\n\t\t\t\t\t\t\turlaubs_until = " . (TIMESTAMP + Config::get('vmode_min_time')) . "\n\t\t\t\t\t\t\tWHERE id = " . $USER["id"] . ";\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tUPDATE " . PLANETS . " SET\n\t\t\t\t\t\t\tmetal_mine_porcent = '0',\n\t\t\t\t\t\t\tcrystal_mine_porcent = '0',\n\t\t\t\t\t\t\tdeuterium_sintetizer_porcent = '0',\n\t\t\t\t\t\t\tmetal_perhour = '0',\n\t\t\t\t\t\t\tcrystal_perhour = '0',\n\t\t\t\t\t\t\tdeuterium_perhour = '0'\n\t\t\t\t\t\t\tWHERE id_owner = " . $USER["id"] . ";"; } } if ($delete == 1) { $SQL .= "UPDATE " . USERS . " SET db_deaktjava = " . TIMESTAMP . " WHERE id = " . $USER['id'] . ";"; } else { $SQL .= "UPDATE " . USERS . " SET db_deaktjava = 0 WHERE id = " . $USER['id'] . ";"; } $SQL .= "UPDATE " . USERS . " SET\n\t\t\t\t\tdpath = '" . $GLOBALS['DATABASE']->sql_escape($theme) . "',\n\t\t\t\t\ttimezone = '" . $timezone . "',\n\t\t\t\t\tplanet_sort = " . $planetSort . ",\n\t\t\t\t\tplanet_sort_order = " . $planetOrder . ",\n\t\t\t\t\tspio_anz = " . $spycount . ",\n\t\t\t\t\tfblink = '" . $fblink . "',\n\t\t\t\t\tsettings_fleetactions = " . $fleetactions . ",\n\t\t\t\t\tsettings_esp = " . $galaxySpy . ",\n\t\t\t\t\tsettings_wri = " . $galaxyMessage . ",\n\t\t\t\t\tsettings_bud = " . $galaxyBuddyList . ",\n\t\t\t\t\tsettings_mis = " . $galaxyMissle . ",\n\t\t\t\t\tsettings_blockPM = " . $blockPM . ",\n\t\t\t\t\talarm_volume = " . $sirena / 10 . ",\n\t\t\t\t\tauthattack = " . $adminprotection . ",\n\t\t\t\t\tlang = '" . $language . "',\n\t\t\t\t\thof = " . $queueMessages . "\n\t\t\t\t\tWHERE id = '" . $USER["id"] . "';"; $GLOBALS['DATABASE']->multi_query($SQL); $this->printMessage($LNG['op_options_changed']); }
$quality = $arr[$i][7]; $year = $arr[$i][8]; $thumb = $arr[$i][3]; $duration = $arr[$i][10]; $content = $arr[$i][6]; $director = $arr[$i][11]; $actor = $arr[$i][12]; $country = one_data('name', 'country', "id = '" . $arr[$i][13] . "'"); $category = $arr[$i][14]; $category = substr($category, 1); $category = substr($category, 0, -1); $cat = MySql::dbselect('name', 'category', "id IN ({$category})"); for ($x = 0; $x < count($cat); $x++) { $catx .= $cat[$x][0] . ', '; } $category = substr($catx, 0, -2); $m_time = date('D, d M Y H:i:s', $arr[$i][9]); $url = Url::get($arr[$i][0], $title, 'Phim'); $rss .= "<item>\r\n"; $rss .= "<title>" . clean_feed($title . ' - ' . $title_en) . "</title>\r\n"; $rss .= "<description><![CDATA[<table><tr><td><img src=\"" . $thumb . "\" width=\"200\" height=\"270\" alt=\"" . clean_feed($title . ' - ' . $title_en) . "\" /></td><td><a href=\"{$url}\" title=\"" . clean_feed($title . ' - ' . $title_en) . "\" target=\"_blank\"><h1 />" . clean_feed($title . ' - ' . $title_en) . "</h1></a><br />Diễn viên: " . CheckName($actor) . "<br />Đạo diễn: " . CheckName($director) . "<br />Quốc gia: " . RemoveHtml($country) . "<br />Thể loại: " . RemoveHtml($category) . " <br />Thời lượng: " . $duration . "</td></tr></table><hr />" . CutName(RemoveHtml(UnHtmlChars($content)), 250) . "]]></description>\r\n"; $rss .= "<link>" . $url . "</link>\r\n"; $rss .= "<pubDate>" . $m_time . " GMT</pubDate>\r\n"; $rss .= "</item>\r\n\r\n"; } $rss .= "</channel>\r\n"; $rss .= "</rss>\r\n"; Cache::END_CACHE($rss, $file); } echo $rss; exit;