public function psuedoSend()
{
global $USER, $LNG, $CONF, $UNI, $SESSION;
$newUsername = HTTP::_GP('pseudo', $USER['username'], UTF8_SUPPORT);
$SQL = "";
$redirectTo = 'game.php?page=settings';
if (!empty($newUsername) && $USER['username'] != $newUsername) {
if (!CheckName($newUsername)) {
$this->printMessage($LNG['op_user_name_no_alphanumeric']);
} elseif ($USER['uctime'] >= TIMESTAMP - USERNAME_CHANGETIME) {
$this->printMessage($LNG['op_change_name_pro_week']);
} else {
$Count = $GLOBALS['DATABASE']->getFirstCell("SELECT (SELECT COUNT(*) FROM " . USERS . " WHERE `universe` = " . $UNI . " AND `username` = '" . $GLOBALS['DATABASE']->sql_escape($newUsername) . "') + (SELECT COUNT(*) FROM " . USERS_VALID . " WHERE `universe` = " . $UNI . " AND `username` = '" . $GLOBALS['DATABASE']->sql_escape($newUsername) . "')");
if (!empty($Count)) {
$this->printMessage(sprintf($LNG['op_change_name_exist'], $newUsername));
} else {
$SQL = "UPDATE " . USERS . " SET username = '******'DATABASE']->sql_escape($newUsername) . "', uctime = " . TIMESTAMP . " WHERE id = " . $USER['id'] . ";";
$GLOBALS['DATABASE']->multi_query($SQL);
$redirectTo = 'index.php';
$SESSION->DestroySession();
}
}
}
$this->printMessage('<span class="vert">' . $LNG['op_options_changed'] . '</span>');
}
public function getACSPageData($fleetID)
{
global $USER, $PLANET, $LNG, $UNI;
$fleetResult = $GLOBALS['DATABASE']->query("SELECT fleet_start_time, fleet_end_id, fleet_group, fleet_mess \n\t\t\t\t\t\t\t\t\t FROM " . FLEETS . "\n\t\t\t\t\t\t\t\t\t WHERE fleet_id = " . $fleetID . ";");
if ($GLOBALS['DATABASE']->numRows($fleetResult) != 1) {
return array();
}
$fleetData = $GLOBALS['DATABASE']->fetch_array($fleetResult);
$GLOBALS['DATABASE']->free_result($fleetResult);
if ($fleetData['fleet_mess'] == 1 || $fleetData['fleet_start_time'] <= TIMESTAMP) {
return array();
}
if ($fleetData['fleet_group'] == 0) {
$acsData = $this->createACS($fleetID, $fleetData);
} else {
$acsData = $this->loadACS($fleetID, $fleetData);
}
if (empty($acsData)) {
return array();
}
$acsName = HTTP::_GP('acsName', '', UTF8_SUPPORT);
if (!empty($acsName)) {
if (!CheckName($acsName)) {
$this->sendJSON($LNG['fl_acs_newname_alphanum']);
}
$GLOBALS['DATABASE']->query("UPDATE " . AKS . " SET name = '" . $GLOBALS['DATABASE']->sql_escape($acsName) . "' WHERE id = " . $acsData['id'] . ";");
$this->sendJSON(false);
}
$invitedUsers = array();
$userResult = $GLOBALS['DATABASE']->query("SELECT id, username\n\t\t\t\t\t\t\t\t\t FROM " . USERS_ACS . "\n\t\t\t\t\t\t\t\t\t INNER JOIN " . USERS . " ON userID = id \n\t\t\t\t\t\t\t\t\t WHERE acsID = " . $acsData['id'] . ";");
while ($userRow = $GLOBALS['DATABASE']->fetch_array($userResult)) {
$invitedUsers[$userRow['id']] = $userRow['username'];
}
$GLOBALS['DATABASE']->free_result($userResult);
$newUser = HTTP::_GP('username', '', UTF8_SUPPORT);
$statusMessage = "";
if (!empty($newUser)) {
$newUserID = $GLOBALS['DATABASE']->getFirstCell("SELECT id FROM " . USERS . " WHERE universe = " . $UNI . " AND username = '******'DATABASE']->sql_escape($newUser) . "';");
if (empty($newUserID)) {
$statusMessage = $LNG['fl_player'] . " " . $newUser . " " . $LNG['fl_dont_exist'];
} elseif (isset($invitedUsers[$newUserID])) {
$statusMessage = $LNG['fl_player'] . " " . $newUser . " " . $LNG['fl_already_invited'];
} else {
$statusMessage = $LNG['fl_player'] . " " . $newUser . " " . $LNG['fl_add_to_attack'];
$GLOBALS['DATABASE']->query("INSERT INTO " . USERS_ACS . " SET acsID = " . $acsData['id'] . ", userID = " . $newUserID . ";");
$invitedUsers[$newUserID] = $newUser;
$inviteTitle = $LNG['fl_acs_invitation_title'];
$inviteMessage = $LNG['fl_player'] . $USER['username'] . $LNG['fl_acs_invitation_message'];
SendSimpleMessage($newUserID, $USER['id'], TIMESTAMP, 1, $USER['username'], $inviteTitle, $inviteMessage);
}
}
return array('invitedUsers' => $invitedUsers, 'acsName' => $acsData['name'], 'mainFleetID' => $fleetID, 'statusMessage' => $statusMessage);
}
}
if (isset($_POST['insert'])) {
$name = $_POST['name'];
$boat_id = $_POST['boat_id'];
// bootnaam
if ($boat_id == 0) {
$boat = "algemeen";
} else {
$query2 = "SELECT Naam from boten WHERE ID={$boat_id};";
$result2 = mysql_query($query2);
$row2 = mysql_fetch_assoc($result2);
$boat = $row2['Naam'];
}
//
$note = addslashes($_POST['note']);
if (!CheckName($name)) {
$fail_msg_name = "U dient een geldige voor- en achternaam op te geven. Let op: de apostrof (') wordt niet geaccepteerd.";
}
if (isset($fail_msg_name)) {
$fail = TRUE;
}
if (!isset($fail)) {
$query = "INSERT INTO `schades` (Datum, Naam, Boot_ID, Oms_lang) VALUES ('{$today_db}', '{$name}', '{$boat_id}', '{$note}');";
$result = mysql_query($query);
if (!$result) {
die("toevoegen klacht mislukt." . mysql_error());
} else {
// mail aan matcom
$message = $name . " heeft zojuist een schade gemeld betreffende '" . $boat . "'.<br>";
SendEmail("*****@*****.**", "Nieuwe schademelding", $message);
// feedback op scherm
}
} else {
if ($USER[$resource[124]] == 0) {
exit($LNG['fl_expedition_tech_required']);
}
$ActualFleets = $db->uniquequery("SELECT COUNT(*) as state FROM " . FLEETS . " WHERE `fleet_owner` = '" . $_SESSION['id'] . "' AND `fleet_mission` = '15';");
if ($ActualFleets['state'] >= floor(sqrt($USER[$resource[124]]))) {
exit($LNG['fl_expedition_fleets_limit']);
}
}
exit('OK');
break;
case 'renameplanet':
$newname = request_var('newname', '', UTF8_SUPPORT);
if (!empty($newname)) {
if (!CheckName($newname)) {
exit(UTF8_SUPPORT ? $LNG['ov_newname_no_space'] : $LNG['ov_newname_alphanum']);
} else {
$db->query("UPDATE " . PLANETS . " SET `name` = '" . $db->sql_escape($newname) . "' WHERE `id` = '" . $_SESSION['planet'] . "';");
}
}
break;
case 'deleteplanet':
$password = request_var('password', '', true);
if (!empty($password)) {
$USER = $db->uniquequery("SELECT u.`password`, u.`id_planet`, p.`galaxy`, p.`system`, p.`planet`, p.`planet_type`, p.`id_luna` FROM " . USERS . " as u, " . PLANETS . " as p WHERE p.`id` = '" . $_SESSION['planet'] . "' AND u.`id` = '" . $_SESSION['id'] . "';");
$IfFleets = $db->uniquequery("SELECT COUNT(*) as state FROM " . FLEETS . " WHERE (`fleet_owner` = '" . $_SESSION['id'] . "' AND `fleet_start_galaxy` = '" . $USER['galaxy'] . "' AND `fleet_start_system` = '" . $USER['system'] . "' AND `fleet_start_planet` = '" . $USER['planet'] . "') OR (`fleet_target_owner` = '" . $_SESSION['id'] . "' AND `fleet_end_galaxy` = '" . $USER['galaxy'] . "' AND `fleet_end_system` = '" . $USER['system'] . "' AND `fleet_end_planet` = '" . $USER['planet'] . "');");
if ($IfFleets['state'] > 0) {
exit(json_encode(array('mess' => $LNG['ov_abandon_planet_not_possible'])));
} elseif ($USER['id_planet'] == $_SESSION['planet']) {
exit(json_encode(array('mess' => $LNG['ov_principal_planet_cant_abanone'])));
#!/usr/bin/php
<?php
require_once "../../conf/cis/Config.php";
require_once "../../lib/cis/Lib.php";
function CheckName($var)
{
global $tbl_db_info;
$Conn = mysql_connect($tbl_db_info[0], $tbl_db_info[1], $tbl_db_info[2]);
mysql_select_db($tbl_db_info[3], $Conn);
$ret = "";
$uid = intval($var["userid"]);
$serv_id = intval($var["serv_id"]);
$rolename = mysql_escape_string($var["rolename"]);
$qs = "select distinct us_uId from tbl_char c, tbl_char_static cs where cs.cs_uId = c.cs_uId and (c_sName = '{$rolename}' or c_sNameFormer = '{$rolename}')";
$result = mysql_query($qs);
while ($row = mysql_fetch_row($result)) {
if ($row[0] != $uid) {
$ret = "400";
return;
}
}
$ret = "200";
header("Content-type: text/html; charset=utf-8");
header("Content-Length:" . strlen($ret));
print $ret;
}
CheckName($_GET);
?>
function rename()
{
global $LNG, $PLANET;
$newname = HTTP::_GP('name', '', UTF8_SUPPORT);
if (!empty($newname)) {
if (!CheckName($newname)) {
$this->sendJSON(array('message' => $LNG['ov_newname_specialchar'], 'error' => true));
} else {
$GLOBALS['DATABASE']->query("UPDATE " . PLANETS . " SET name = '" . $GLOBALS['DATABASE']->sql_escape($newname) . "' WHERE id = " . $PLANET['id'] . ";");
$this->sendJSON(array('message' => $LNG['ov_newname_done'], 'error' => false));
}
}
}
private function createAllianceProcessor()
{
global $USER, $UNI, $LNG;
$atag = HTTP::_GP('atag', '', UTF8_SUPPORT);
$aname = HTTP::_GP('aname', '', UTF8_SUPPORT);
if (empty($atag)) {
$this->printMessage('<span class="rouge">' . $LNG['al_tag_required'] . '</span>', true, array("?page=alliance&mode=create", 3));
}
if (empty($aname)) {
$this->printMessage('<span class="rouge">' . $LNG['al_name_required'] . '</span>', true, array("?page=alliance&mode=create", 3));
}
if (!CheckName($aname) || !CheckName($atag)) {
$this->printMessage('<span class="rouge">' . $LNG['al_newname_specialchar'] . '</span>', true, array("?page=alliance&mode=create", 3));
}
$allianceCount = $GLOBALS['DATABASE']->getFirstCell("SELECT COUNT(*) FROM " . ALLIANCE . " WHERE ally_universe = " . $UNI . " AND (ally_tag = '" . $GLOBALS['DATABASE']->sql_escape($atag) . "' OR ally_name = '" . $GLOBALS['DATABASE']->sql_escape($aname) . "');");
if ($allianceCount != 0) {
$this->printMessage('<span class="rouge">' . sprintf($LNG['al_already_exists'], $aname) . '</span>', true, array("?page=alliance&mode=create", 3));
}
$GLOBALS['DATABASE']->multi_query("INSERT INTO " . ALLIANCE . " SET\n\t\t\t\t\t\tally_name\t\t\t\t= '" . $GLOBALS['DATABASE']->sql_escape($aname) . "',\n\t\t\t\t\t\tally_tag\t\t\t\t= '" . $GLOBALS['DATABASE']->sql_escape($atag) . "' ,\n\t\t\t\t\t\tally_owner\t\t\t\t= " . $USER['id'] . ",\n\t\t\t\t\t\tally_owner_range\t\t= '" . $LNG['al_default_leader_name'] . "',\n\t\t\t\t\t\tally_members\t\t\t= 1,\n\t\t\t\t\t\tally_register_time\t\t= " . TIMESTAMP . ",\n\t\t\t\t\t\tally_universe \t\t\t= " . $UNI . ";\n\t\t\t\t\t\tSET @allianceID = LAST_INSERT_ID();\n\t\t\t\t\t\tUPDATE " . USERS . " SET\n\t\t\t\t\t\tally_id\t\t\t\t\t= @allianceID,\n\t\t\t\t\t\tally_rank_id\t\t\t= 0,\n\t\t\t\t\t\tally_register_time \t\t= " . TIMESTAMP . "\n\t\t\t\t\t\tWHERE id = " . $USER['id'] . ";\n\t\t\t\t\t\tUPDATE " . STATPOINTS . " SET\n\t\t\t\t\t\tid_ally \t\t\t\t= @allianceID\n\t\t\t\t\t\tWHERE id_owner = " . $USER['id'] . ";");
$this->printMessage('<span class="vert">' . sprintf($LNG['al_created'], $aname . ' [' . $atag . ']') . '</span>', true, array('?page=alliance', 3));
}
});
$app->get('/Login/id/:mid/pw/:pw', function () {
$uri = $_SERVER['REQUEST_URI'];
$arr_items = split('/', $uri);
$pw = $arr_items[count($arr_items) - 1];
$id = $arr_items[count($arr_items) - 3];
//echo $id." ".$pw;
Login($id, $pw);
});
$app->get('/Check/id/:mid', function () {
$uri = $_SERVER['REQUEST_URI'];
$arr_items = split('/', $uri);
$id = $arr_items[count($arr_items) - 1];
//$id = $arr_items[count($arr_items) - 3];
//echo $id;
CheckName($id);
});
// POST route
$app->post('/post', function () {
echo 'This is a POST route';
});
// PUT route
$app->put('/put', function () {
echo 'This is a PUT route';
});
// PATCH route
$app->patch('/patch', function () {
echo 'This is a PATCH route';
});
// DELETE route
$app->delete('/delete', function () {
function ShowCreatorPage()
{
global $LNG, $USER, $UNI, $CONF;
$template = new template();
switch ($_GET['mode']) {
case 'user':
$LNG->includeData(array('PUBLIC'));
if ($_POST) {
$UserName = HTTP::_GP('name', '', UTF8_SUPPORT);
$UserPass = HTTP::_GP('password', '');
$UserPass2 = HTTP::_GP('password2', '');
$UserMail = HTTP::_GP('email', '');
$UserMail2 = HTTP::_GP('email2', '');
$UserLang = HTTP::_GP('lang', '');
$UserAuth = HTTP::_GP('authlevel', 0);
$Galaxy = HTTP::_GP('galaxy', 0);
$System = HTTP::_GP('system', 0);
$Planet = HTTP::_GP('planet', 0);
$ExistsUser = $GLOBALS['DATABASE']->getFirstCell("SELECT (SELECT COUNT(*) FROM " . USERS . " WHERE universe = " . $_SESSION['adminuni'] . " AND username = '******'DATABASE']->sql_escape($UserName) . "') + (SELECT COUNT(*) FROM " . USERS_VALID . " WHERE universe = " . $_SESSION['adminuni'] . " AND username = '******'DATABASE']->sql_escape($UserName) . "')");
$ExistsMails = $GLOBALS['DATABASE']->getFirstCell("SELECT (SELECT COUNT(*) FROM " . USERS . " WHERE universe = " . $_SESSION['adminuni'] . " AND (email = '" . $GLOBALS['DATABASE']->sql_escape($UserMail) . "' OR email_2 = '" . $GLOBALS['DATABASE']->sql_escape($UserMail) . "')) + (SELECT COUNT(*) FROM " . USERS_VALID . " WHERE universe = " . $_SESSION['adminuni'] . " AND email = '" . $GLOBALS['DATABASE']->sql_escape($UserMail) . "')");
if (!ValidateAddress($UserMail)) {
$errors .= $LNG['invalid_mail_adress'];
}
if (empty($UserName)) {
$errors .= $LNG['empty_user_field'];
}
if (strlen($UserPass) < 6) {
$errors .= $LNG['password_lenght_error'];
}
if ($UserPass != $UserPass2) {
$errors .= $LNG['different_passwords'];
}
if ($UserMail != $UserMail2) {
$errors .= $LNG['different_mails'];
}
if (!CheckName($UserName)) {
$errors .= $LNG['user_field_specialchar'];
}
if ($ExistsUser != 0) {
$errors .= $LNG['user_already_exists'];
}
if ($ExistsMails != 0) {
$errors .= $LNG['mail_already_exists'];
}
if (CheckPlanetIfExist($Galaxy, $System, $Planet, $_SESSION['adminuni'])) {
$errors .= $LNG['planet_already_exists'];
}
if ($Galaxy > Config::get('max_galaxy') || $System > Config::get('max_system') || $Planet > Config::get('max_planets')) {
$errors .= $LNG['po_complete_all2'];
}
if (!empty($errors)) {
$template->message($errors, '?page=create&mode=user', 10, true);
exit;
}
$SQL = "INSERT INTO " . USERS . " SET\n\t\t\t\tusername\t\t= '" . $GLOBALS['DATABASE']->sql_escape($UserName) . "',\n\t\t\t\tpassword\t\t= '" . cryptPassword($UserPass) . "',\n\t\t\t\temail\t\t\t= '" . $GLOBALS['DATABASE']->sql_escape($UserMail) . "',\n\t\t\t\temail_2\t\t\t= '" . $GLOBALS['DATABASE']->sql_escape($UserMail) . "',\n\t\t\t\tlang\t\t\t= '" . $GLOBALS['DATABASE']->sql_escape($UserLang) . "',\n\t\t\t\tauthlevel\t\t= " . $UserAuth . ",\n\t\t\t\tip_at_reg\t\t= '" . $_SERVER['REMOTE_ADDR'] . "',\n\t\t\t\tid_planet\t\t= 0,\n\t\t\t\tuniverse\t\t= " . $_SESSION['adminuni'] . ",\n\t\t\t\tonlinetime\t\t= " . TIMESTAMP . ",\n\t\t\t\tregister_time\t= " . TIMESTAMP . ",\n\t\t\t\tdpath\t\t\t= '" . DEFAULT_THEME . "',\n\t\t\t\ttimezone\t\t= '" . Config::get('timezone') . "',\n\t\t\t\tuctime\t\t\t= 0;";
$GLOBALS['DATABASE']->query($SQL);
$UserID = $GLOBALS['DATABASE']->GetInsertID();
require_once 'includes/functions/CreateOnePlanetRecord.php';
$PlanerID = CreateOnePlanetRecord($Galaxy, $System, $Planet, $_SESSION['adminuni'], $UserID, $LNG['fcm_planet'], true, $UserAuth);
$SQL = "UPDATE " . USERS . " SET \n\t\t\t\tid_planet\t= " . $PlanerID . ",\n\t\t\t\tgalaxy\t\t= " . $Galaxy . ",\n\t\t\t\tsystem\t\t= " . $System . ",\n\t\t\t\tplanet\t\t= " . $Planet . "\n\t\t\t\tWHERE\n\t\t\t\tid\t\t\t= " . $UserID . ";\n\t\t\t\tINSERT INTO " . STATPOINTS . " SET \n\t\t\t\tid_owner\t= " . $UserID . ",\n\t\t\t\tuniverse\t= " . $_SESSION['adminuni'] . ",\n\t\t\t\tstat_type\t= 1,\n\t\t\t\ttech_rank\t= " . (Config::get('users_amount') + 1) . ",\n\t\t\t\tbuild_rank\t= " . (Config::get('users_amount') + 1) . ",\n\t\t\t\tdefs_rank\t= " . (Config::get('users_amount') + 1) . ",\n\t\t\t\tfleet_rank\t= " . (Config::get('users_amount') + 1) . ",\n\t\t\t\ttotal_rank\t= " . (Config::get('users_amount') + 1) . ";";
$GLOBALS['DATABASE']->multi_query($SQL);
Config::update(array('users_amount' => Config::get('users_amount') + 1));
$template->message($LNG['new_user_success'], '?page=create&mode=user', 5, true);
exit;
}
$AUTH = array();
$AUTH[AUTH_USR] = $LNG['user_level'][AUTH_USR];
if ($USER['authlevel'] >= AUTH_OPS) {
$AUTH[AUTH_OPS] = $LNG['user_level'][AUTH_OPS];
}
if ($USER['authlevel'] >= AUTH_MOD) {
$AUTH[AUTH_MOD] = $LNG['user_level'][AUTH_MOD];
}
if ($USER['authlevel'] >= AUTH_ADM) {
$AUTH[AUTH_ADM] = $LNG['user_level'][AUTH_ADM];
}
$template->assign_vars(array('admin_auth' => $USER['authlevel'], 'new_add_user' => $LNG['new_add_user'], 'new_creator_refresh' => $LNG['new_creator_refresh'], 'new_creator_go_back' => $LNG['new_creator_go_back'], 'universe' => $LNG['mu_universe'], 'user_reg' => $LNG['user_reg'], 'pass_reg' => $LNG['pass_reg'], 'pass2_reg' => $LNG['pass2_reg'], 'email_reg' => $LNG['email_reg'], 'email2_reg' => $LNG['email2_reg'], 'new_coord' => $LNG['new_coord'], 'new_range' => $LNG['new_range'], 'lang_reg' => $LNG['lang_reg'], 'new_title' => $LNG['new_title'], 'Selector' => array('auth' => $AUTH, 'lang' => $LNG->getAllowedLangs(false))));
$template->show('CreatePageUser.tpl');
break;
case 'moon':
if ($_POST) {
$PlanetID = HTTP::_GP('add_moon', 0);
$MoonName = HTTP::_GP('name', '', UTF8_SUPPORT);
$Diameter = HTTP::_GP('diameter', 0);
$FieldMax = HTTP::_GP('field_max', 0);
$MoonPlanet = $GLOBALS['DATABASE']->getFirstRow("SELECT temp_max, temp_min, id_luna, galaxy, system, planet, planet_type, destruyed, id_owner FROM " . PLANETS . " WHERE id = '" . $PlanetID . "' AND universe = '" . $_SESSION['adminuni'] . "' AND planet_type = '1' AND destruyed = '0';");
if (!isset($MoonPlanet)) {
$template->message($LNG['mo_planet_doesnt_exist'], '?page=create&mode=moon', 3, true);
exit;
}
require_once 'includes/functions/CreateOneMoonRecord.php';
if (empty($MoonName)) {
$MoonName = $LNG['type_planet'][3];
}
if (CreateOneMoonRecord($MoonPlanet['galaxy'], $MoonPlanet['system'], $MoonPlanet['planet'], $_SESSION['adminuni'], $MoonPlanet['id_owner'], $MoonName, 20, TIMESTAMP, $_POST['diameter_check'] == 'on' ? 0 : $Diameter) !== false) {
$template->message($LNG['mo_moon_added'], '?page=create&mode=moon', 3, true);
} else {
$template->message($LNG['mo_moon_unavaible'], '?page=create&mode=moon', 3, true);
}
exit;
}
$template->assign_vars(array('admin_auth' => $USER['authlevel'], 'universum' => $LNG['mu_universe'], 'po_add_moon' => $LNG['po_add_moon'], 'input_id_planet' => $LNG['input_id_planet'], 'mo_moon_name' => $LNG['mo_moon_name'], 'mo_diameter' => $LNG['mo_diameter'], 'mo_temperature' => $LNG['mo_temperature'], 'mo_fields_avaibles' => $LNG['mo_fields_avaibles'], 'button_add' => $LNG['button_add'], 'new_creator_refresh' => $LNG['new_creator_refresh'], 'mo_moon' => $LNG['fcm_moon'], 'new_creator_go_back' => $LNG['new_creator_go_back']));
$template->show('CreatePageMoon.tpl');
break;
case 'planet':
if ($_POST) {
$id = HTTP::_GP('id', 0);
$Galaxy = HTTP::_GP('galaxy', 0);
$System = HTTP::_GP('system', 0);
$Planet = HTTP::_GP('planet', 0);
$name = HTTP::_GP('name', '', UTF8_SUPPORT);
$field_max = HTTP::_GP('field_max', 0);
if ($Galaxy > Config::get('max_galaxy') || $System > Config::get('max_system') || $Planet > Config::get('max_planets')) {
$template->message($LNG['po_complete_all2'], '?page=create&mode=planet', 3, true);
exit;
}
$ISUser = $GLOBALS['DATABASE']->getFirstRow("SELECT id, authlevel FROM " . USERS . " WHERE id = '" . $id . "' AND universe = '" . $_SESSION['adminuni'] . "';");
if (CheckPlanetIfExist($Galaxy, $System, $Planet, $_SESSION['adminuni']) || !isset($ISUser)) {
$template->message($LNG['po_complete_all'], '?page=create&mode=planet', 3, true);
exit;
}
require_once 'includes/functions/CreateOnePlanetRecord.php';
CreateOnePlanetRecord($Galaxy, $System, $Planet, $_SESSION['adminuni'], $id, '', '', false);
$SQL = "UPDATE " . PLANETS . " SET ";
if ($_POST['diameter_check'] != 'on' || $field_max > 0) {
$SQL .= "field_max = '" . $field_max . "' ";
}
if (!empty($name)) {
$SQL .= ", name = '" . $GLOBALS['DATABASE']->sql_escape($name) . "' ";
}
$SQL .= "WHERE ";
$SQL .= "universe = '" . $_SESSION['adminuni'] . "' AND ";
$SQL .= "galaxy = '" . $Galaxy . "' AND ";
$SQL .= "system = '" . $System . "' AND ";
$SQL .= "planet = '" . $Planet . "' AND ";
$SQL .= "planet_type = '1'";
$GLOBALS['DATABASE']->query($SQL);
$template->message($LNG['po_complete_succes'], '?page=create&mode=planet', 3, true);
exit;
}
$Query = $GLOBALS['DATABASE']->query("SELECT uni, game_name FROM " . CONFIG . " ORDER BY uni ASC;");
while ($Unis = $GLOBALS['DATABASE']->fetch_array($Query)) {
$AvailableUnis[$Unis['uni']] = $Unis;
}
$template->assign_vars(array('AvailableUnis' => $AvailableUnis, 'admin_auth' => $USER['authlevel'], 'universum' => $LNG['mu_universe'], 'po_add_planet' => $LNG['po_add_planet'], 'po_galaxy' => $LNG['po_galaxy'], 'po_system' => $LNG['po_system'], 'po_planet' => $LNG['po_planet'], 'input_id_user' => $LNG['input_id_user'], 'new_creator_coor' => $LNG['new_creator_coor'], 'po_name_planet' => $LNG['po_name_planet'], 'po_fields_max' => $LNG['po_fields_max'], 'button_add' => $LNG['button_add'], 'po_colony' => $LNG['fcp_colony'], 'new_creator_refresh' => $LNG['new_creator_refresh'], 'new_creator_go_back' => $LNG['new_creator_go_back']));
$template->show('CreatePagePlanet.tpl');
break;
default:
$template->assign_vars(array('new_creator_title_u' => $LNG['new_creator_title_u'], 'new_creator_title_p' => $LNG['new_creator_title_p'], 'new_creator_title_l' => $LNG['new_creator_title_l'], 'new_creator_title' => $LNG['new_creator_title']));
$template->show('CreatePage.tpl');
break;
}
}
if (empty($UserPlanet)) {
$errors .= $LNG['empty_planet_field'];
}
if (!isset($UserPass[5])) {
$errors .= $LNG['password_lenght_error'];
}
if ($UserPass != $UserPass2) {
$errors .= $LNG['different_passwords'];
}
if ($UserEmail != $UserEmail2) {
$errors .= $LNG['different_mails'];
}
if (!CheckName($UserName)) {
$errors .= UTF8_SUPPORT ? $LNG['user_field_no_space'] : $LNG['user_field_no_alphanumeric'];
}
if (!CheckName($UserPlanet)) {
$errors .= UTF8_SUPPORT ? $LNG['planet_field_no_space'] : $LNG['planet_field_no_alphanumeric'];
}
if ($agbrules != 'on') {
$errors .= $LNG['terms_and_conditions'];
}
if (isset($Exist['userv']['username']) || isset($Exist['valid']['username']) && ($UserName == $Exist['userv']['username'] || $UserName == $Exist['valid']['username'])) {
$errors .= $LNG['user_already_exists'];
}
if ((isset($Exist['userv']['email']) || isset($Exist['valid']['email'])) && ($UserEmail == $Exist['userv']['email'] || $UserEmail == $Exist['valid']['email'])) {
$errors .= $LNG['mail_already_exists'];
}
if (!empty($errors)) {
$template->message($errors, '?page=reg&lang=' . $LANG, 3, true);
exit;
}
public function __construct()
{
global $USER, $PLANET, $CONF, $LNG, $LANG, $UNI, $db, $SESSION, $THEME;
$mode = request_var('mode', '');
$exit = request_var('exit_modus', '');
$db_deaktjava = request_var('db_deaktjava', '');
$PlanetRess = new ResourceUpdate();
$PlanetRess->CalcResource();
$PlanetRess->SavePlanetToDB();
$template = new template();
$SQLQuery = "";
switch ($mode) {
case "exit":
if ($exit == 'on' and $USER['urlaubs_until'] <= TIMESTAMP) {
$SQLQuery .= "UPDATE " . USERS . " SET `urlaubs_modus` = '0', `urlaubs_until` = '0' WHERE `id` = '" . $USER['id'] . "' LIMIT 1;UPDATE " . PLANETS . " SET `last_update` = '" . TIMESTAMP . "', `energy_used` = '10', `energy_max` = '10', `metal_mine_porcent` = '10', `crystal_mine_porcent` = '10', `deuterium_sintetizer_porcent` = '10', `solar_plant_porcent` = '10', `fusion_plant_porcent` = '10', `solar_satelit_porcent` = '10' WHERE `id_owner` = '" . $USER["id"] . "';";
}
$SQLQuery .= $db_deaktjava == 'on' ? "UPDATE " . USERS . " SET `db_deaktjava` = '" . TIMESTAMP . "' WHERE `id` = '" . $USER['id'] . "' LIMIT 1;" : "UPDATE " . USERS . " SET `db_deaktjava` = '0' WHERE `id` = '" . $USER['id'] . "' LIMIT 1;";
$db->multi_query($SQLQuery);
$template->message($LNG['op_options_changed'], '?page=options', 1);
break;
case "change":
$design = request_var('design', '');
$noipcheck = request_var('noipcheck', '');
$USERname = request_var('db_character', $USER['username'], UTF8_SUPPORT);
$db_email = request_var('db_email', $USER['email']);
$spio_anz = max(request_var('spio_anz', 5), 1);
$settings_tooltiptime = request_var('settings_tooltiptime', 1);
$settings_fleetactions = max(request_var('settings_fleetactions', 1), 1);
$settings_planetmenu = request_var('settings_planetmenu', '');
$settings_esp = request_var('settings_esp', '');
$settings_wri = request_var('settings_wri', '');
$settings_bud = request_var('settings_bud', '');
$settings_mis = request_var('settings_mis', '');
$settings_rep = request_var('settings_rep', '');
$settings_tnstor = request_var('settings_tnstor', '');
$urlaubs_modus = request_var('urlaubs_modus', '');
$SetSort = request_var('settings_sort', 0);
$SetOrder = request_var('settings_order', 0);
$db_password = request_var('db_password', '');
$newpass1 = request_var('newpass1', '');
$newpass2 = request_var('newpass2', '');
$hof = request_var('hof', '');
$adm_pl_prot = request_var('adm_pl_prot', '');
$langs = request_var('langs', $LANG->getUser());
$dpath = request_var('dpath', $THEME->getThemeName());
$design = $design == 'on' ? 1 : 0;
$hof = $hof == 'on' ? 1 : 0;
$noipcheck = $noipcheck == 'on' ? 1 : 0;
$settings_esp = $settings_esp == 'on' ? 1 : 0;
$settings_wri = $settings_wri == 'on' ? 1 : 0;
$settings_bud = $settings_bud == 'on' ? 1 : 0;
$settings_mis = $settings_mis == 'on' ? 1 : 0;
$settings_rep = $settings_rep == 'on' ? 1 : 0;
$settings_tnstor = $settings_tnstor == 'on' ? 1 : 0;
$settings_planetmenu = $settings_planetmenu == 'on' ? 1 : 0;
$db_deaktjava = $db_deaktjava == 'on' ? TIMESTAMP : 0;
$langs = in_array($langs, $LANG->getAllowedLangs()) ? $langs : $LANG->getUser();
$dpath = in_array($dpath, Theme::getAvalibleSkins()) ? $dpath : $THEME->getThemeName();
if ($urlaubs_modus == 'on') {
if (!$this->CheckVMode()) {
$template->message($LNG['op_cant_activate_vacation_mode'], '?page=options', 3);
exit;
}
$SQLQuery .= "UPDATE " . USERS . " SET \r\n\t\t\t\t\t\t\t\t\t`urlaubs_modus` = '1',\r\n\t\t\t\t\t\t\t\t\t`urlaubs_until` = '" . (TIMESTAMP + VACATION_MIN_TIME) . "'\r\n\t\t\t\t\t\t\t\t\tWHERE `id` = '" . $USER["id"] . "';\r\n\t\t\t\t\t\t\t\t\tUPDATE " . PLANETS . " SET\r\n\t\t\t\t\t\t\t\t\t`energy_used` = '0',\r\n\t\t\t\t\t\t\t\t\t`energy_max` = '0',\r\n\t\t\t\t\t\t\t\t\t`metal_mine_porcent` = '0',\r\n\t\t\t\t\t\t\t\t\t`crystal_mine_porcent` = '0',\r\n\t\t\t\t\t\t\t\t\t`deuterium_sintetizer_porcent` = '0',\r\n\t\t\t\t\t\t\t\t\t`solar_plant_porcent` = '0',\r\n\t\t\t\t\t\t\t\t\t`fusion_plant_porcent` = '0',\r\n\t\t\t\t\t\t\t\t\t`solar_satelit_porcent` = '0',\r\n\t\t\t\t\t\t\t\t\t`metal_perhour` = '0',\r\n `crystal_perhour` = '0',\r\n `deuterium_perhour` = '0'\r\n WHERE `id_owner` = '" . $USER["id"] . "';";
}
$SQLQuery .= "UPDATE " . USERS . " SET\r\n\t\t\t\t\t\t\t\t`dpath` = '" . $db->sql_escape($dpath) . "',\r\n\t\t\t\t\t\t\t\t`design` = '" . $design . "',\r\n\t\t\t\t\t\t\t\t`noipcheck` = '" . $noipcheck . "',\r\n\t\t\t\t\t\t\t\t`planet_sort` = '" . $SetSort . "',\r\n\t\t\t\t\t\t\t\t`planet_sort_order` = '" . $SetOrder . "',\r\n\t\t\t\t\t\t\t\t`spio_anz` = '" . $spio_anz . "',\r\n\t\t\t\t\t\t\t\t`settings_tooltiptime` = '" . $settings_tooltiptime . "',\r\n\t\t\t\t\t\t\t\t`settings_fleetactions` = '" . $settings_fleetactions . "',\r\n\t\t\t\t\t\t\t\t`settings_planetmenu` = '" . $settings_planetmenu . "',\r\n\t\t\t\t\t\t\t\t`settings_esp` = '" . $settings_esp . "',\r\n\t\t\t\t\t\t\t\t`settings_wri` = '" . $settings_wri . "',\r\n\t\t\t\t\t\t\t\t`settings_bud` = '" . $settings_bud . "',\r\n\t\t\t\t\t\t\t\t`settings_mis` = '" . $settings_mis . "',\r\n\t\t\t\t\t\t\t\t`settings_tnstor` = '" . $settings_tnstor . "',\r\n\t\t\t\t\t\t\t\t`db_deaktjava` = '" . $db_deaktjava . "',\r\n\t\t\t\t\t\t\t\t`lang` = '" . $langs . "',\r\n\t\t\t\t\t\t\t\t`hof` = '" . $hof . "',\r\n\t\t\t\t\t\t\t\t`settings_rep` = '" . $settings_rep . "' \r\n\t\t\t\t\t\t\t\tWHERE `id` = '" . $USER["id"] . "';";
if ($USER['authlevel'] > 0) {
$SQLQuery .= $adm_pl_prot == 'on' ? "UPDATE " . PLANETS . " SET `id_level` = '" . $USER['authlevel'] . "' WHERE `id_owner` = '" . $USER['id'] . "';" : "UPDATE " . PLANETS . " SET `id_level` = '0' WHERE `id_owner` = '" . $USER['id'] . "';";
}
if (!empty($db_email) && $db_email != $USER['email'] && md5($db_password) == $USER['password']) {
if (!ValidateAddress($db_email)) {
$template->message($LNG['op_not_vaild_mail'], '?page=options', 3);
exit;
}
$query = $db->uniquequery("SELECT id FROM " . USERS . " WHERE email = '" . $db->sql_escape($db_email) . "' OR email_2 = '" . $db->sql_escape($db_email) . "';");
if (!empty($query)) {
$template->message(sprintf($LNG['op_change_mail_exist'], $db_email), '?page=options', 3);
exit;
}
$SQLQuery .= "UPDATE " . USERS . " SET `email` = '" . $db->sql_escape($db_email) . "', `setmail` = '" . (TIMESTAMP + 604800) . "' WHERE `id` = '" . $USER['id'] . "';";
}
if (!empty($newpass1) && md5($db_password) == $USER["password"] && $newpass1 == $newpass2) {
$newpass = md5($newpass1);
$SQLQuery .= "UPDATE " . USERS . " SET `password` = '" . $newpass . "' WHERE `id` = '" . $USER['id'] . "';";
$SESSION->DestroySession();
$template->message($LNG['op_password_changed'], "index.php", 3);
} elseif ($USER['username'] != $USERname) {
if (!CheckName($USERname)) {
$template->message($LNG['op_user_name_no_alphanumeric'], '?page=options', 3);
} elseif ($USER['uctime'] >= TIMESTAMP - 60 * 60 * 24 * 7) {
$template->message($LNG['op_change_name_pro_week'], '?page=options', 3);
} else {
$query = $db->uniquequery("SELECT id FROM " . USERS . " WHERE username='******';");
if (!empty($query)) {
$template->message(sprintf($LNG['op_change_name_exist'], $USERname), '?page=options', 3);
} else {
require ROOT_PATH . 'includes/classes/class.Records.php';
$Records = new records();
$RecordsArray = $Records->RenameRecordOwner($USER['username'], $USERname, $UNI);
$SQLQuery .= "UPDATE " . USERS . " SET `username` = '" . $db->sql_escape($USERname) . "', `uctime` = '" . TIMESTAMP . "' WHERE `id`= '" . $USER['id'] . "';";
$SESSION->DestroySession();
$template->message($LNG['op_username_changed'], 'index.php', 3);
}
}
} else {
$template->message($LNG['op_options_changed'], '?page=options', 3);
}
$db->multi_query($SQLQuery);
break;
default:
if ($USER['urlaubs_modus'] == 1) {
$template->assign_vars(array('vacation_until' => date(TDFORMAT, $USER['urlaubs_until']), 'op_save_changes' => $LNG['op_save_changes'], 'op_end_vacation_mode' => $LNG['op_end_vacation_mode'], 'op_vacation_mode_active_message' => $LNG['op_vacation_mode_active_message'], 'op_dlte_account_descrip' => $LNG['op_dlte_account_descrip'], 'op_dlte_account' => $LNG['op_dlte_account'], 'opt_delac_data' => $USER['db_deaktjava'], 'is_deak_vacation' => $USER['urlaubs_until'] <= TIMESTAMP ? true : false));
$template->show("options_overview_vmode.tpl");
} else {
$template->assign_vars(array('opt_usern_data' => $USER['username'], 'opt_mail1_data' => $USER['email'], 'opt_mail2_data' => $USER['email_2'], 'opt_dpath_data' => $USER['dpath'], 'opt_dpath_data_sel' => substr($USER['dpath'], 13, -1), 'opt_probe_data' => $USER['spio_anz'], 'opt_toolt_data' => $USER['settings_tooltiptime'], 'opt_fleet_data' => $USER['settings_fleetactions'], 'opt_sskin_data' => $USER['design'], 'opt_noipc_data' => $USER['noipcheck'], 'opt_allyl_data' => $USER['settings_planetmenu'], 'opt_delac_data' => $USER['db_deaktjava'], 'opt_stor_data' => $USER['settings_tnstor'], 'user_settings_rep' => $USER['settings_rep'], 'user_settings_esp' => $USER['settings_esp'], 'user_settings_wri' => $USER['settings_wri'], 'user_settings_mis' => $USER['settings_mis'], 'user_settings_bud' => $USER['settings_bud'], 'opt_hof' => $USER['hof'], 'langs' => $USER['lang'], 'adm_pl_prot_data' => $PLANET['id_level'], 'user_authlevel' => $USER['authlevel'], 'Selectors' => array('Sort' => array(0 => $LNG['op_sort_normal'], 1 => $LNG['op_sort_koords'], 2 => $LNG['op_sort_abc']), 'SortUpDown' => array(0 => $LNG['op_sort_up'], 1 => $LNG['op_sort_down']), 'Skins' => Theme::getAvalibleSkins(), 'lang' => $LANG->getAllowedLangs(false)), 'planet_sort' => $USER['planet_sort'], 'planet_sort_order' => $USER['planet_sort_order'], 'uctime' => TIMESTAMP - $USER['uctime'] >= 60 * 60 * 24 * 7 ? true : false, 'op_admin_planets_protection' => $LNG['op_admin_planets_protection'], 'op_admin_title_options' => $LNG['op_admin_title_options'], 'op_user_data' => $LNG['op_user_data'], 'op_username' => $LNG['op_username'], 'op_old_pass' => $LNG['op_old_pass'], 'op_new_pass' => $LNG['op_new_pass'], 'op_repeat_new_pass' => $LNG['op_repeat_new_pass'], 'op_email_adress_descrip' => $LNG['op_email_adress_descrip'], 'op_email_adress' => $LNG['op_email_adress'], 'op_permanent_email_adress' => $LNG['op_permanent_email_adress'], 'op_general_settings' => $LNG['op_general_settings'], 'op_lang' => $LNG['op_lang'], 'op_sort_planets_by' => $LNG['op_sort_planets_by'], 'op_sort_kind' => $LNG['op_sort_kind'], 'op_skin_example' => $LNG['op_skin_example'], 'op_show_skin' => $LNG['op_show_skin'], 'op_active_build_messages' => $LNG['op_active_build_messages'], 'op_deactivate_ipcheck_descrip' => $LNG['op_deactivate_ipcheck_descrip'], 'op_deactivate_ipcheck' => $LNG['op_deactivate_ipcheck'], 'op_galaxy_settings' => $LNG['op_galaxy_settings'], 'op_spy_probes_number_descrip' => $LNG['op_spy_probes_number_descrip'], 'op_spy_probes_number' => $LNG['op_spy_probes_number'], 'op_seconds' => $LNG['op_seconds'], 'op_toolt_data' => $LNG['op_toolt_data'], 'op_max_fleets_messages' => $LNG['op_max_fleets_messages'], 'op_show_planetmenu' => $LNG['op_show_planetmenu'], 'op_shortcut' => $LNG['op_shortcut'], 'op_show' => $LNG['op_show'], 'op_spy' => $LNG['op_spy'], 'op_write_message' => $LNG['op_write_message'], 'op_add_to_buddy_list' => $LNG['op_add_to_buddy_list'], 'op_missile_attack' => $LNG['op_missile_attack'], 'op_send_report' => $LNG['op_send_report'], 'op_vacation_delete_mode' => $LNG['op_vacation_delete_mode'], 'op_activate_vacation_mode_descrip' => $LNG['op_activate_vacation_mode_descrip'], 'op_activate_vacation_mode' => $LNG['op_activate_vacation_mode'], 'op_dlte_account_descrip' => $LNG['op_dlte_account_descrip'], 'op_dlte_account' => $LNG['op_dlte_account'], 'op_save_changes' => $LNG['op_save_changes'], 'op_small_storage' => $LNG['op_small_storage']));
$template->show("options_overview.tpl");
}
break;
}
}
function ShowCreatorPage()
{
global $LNG, $db, $USER;
$template = new template();
$template->page_header();
switch ($_GET['mode']) {
case 'user':
includeLang('PUBLIC');
if ($_POST) {
$UserName = request_var('name', '', UTF8_SUPPORT);
$UserPass = request_var('password', '');
$UserPass2 = request_var('password2', '');
$UserMail = request_var('email', '');
$UserMail2 = request_var('email2', '');
$UserLang = request_var('lang', '');
$UserAuth = request_var('authlevel', 0);
$Galaxy = request_var('galaxy', 0);
$System = request_var('system', 0);
$Planet = request_var('planet', 0);
if ($CONF['capaktiv'] === '1') {
require_once 'includes/libs/reCAPTCHA/recaptchalib.php';
$resp = recaptcha_check_answer($CONF['capprivate'], $_SERVER['REMOTE_ADDR'], request_var('recaptcha_challenge_field', ''), request_var('recaptcha_response_field', ''));
if (!$resp->is_valid) {
$errorlist .= $LNG['wrong_captcha'];
}
}
$Exist['userv'] = $db->uniquequery("SELECT username, email FROM " . USERS . " WHERE username = '******' OR email = '" . $db->sql_escape($UserEmail) . "';");
$Exist['vaild'] = $db->uniquequery("SELECT username, email FROM " . USERS_VALID . " WHERE username = '******' OR email = '" . $db->sql_escape($UserEmail) . "';");
if (!ValidateAddress($UserMail)) {
$errors .= $LNG['invalid_mail_adress'];
}
if (empty($UserName)) {
$errors .= $LNG['empty_user_field'];
}
if (strlen($UserPass) < 6) {
$errors .= $LNG['password_lenght_error'];
}
if ($UserPass != $UserPass2) {
$errors .= $LNG['different_passwords'];
}
if ($UserMail != $UserMail2) {
$errors .= $LNG['different_mails'];
}
if (!CheckName($UserName)) {
$errors .= UTF8_SUPPORT ? $LNG['user_field_no_space'] : $LNG['user_field_no_alphanumeric'];
}
if (isset($Exist['userv']['username']) || isset($Exist['vaild']['username']) && ($UserName == $Exist['userv']['username'] || $UserName == $Exist['vaild']['username'])) {
$errors .= $LNG['user_already_exists'];
}
if ((isset($Exist['userv']['email']) || isset($Exist['vaild']['email'])) && ($UserEmail == $Exist['userv']['email'] || $UserEmail == $Exist['vaild']['email'])) {
$errors .= $LNG['mail_already_exists'];
}
if (CheckPlanetIfExist($Galaxy, $System, $Position)) {
$errors .= $LNG['planet_already_exists'];
}
if (!empty($errors)) {
$template->message($errors, '?page=create&mode=user', 3, true);
exit;
}
$SQL = "INSERT INTO " . USERS . " SET ";
$SQL .= "`username` = '" . $db->sql_escape($UserName) . "', ";
$SQL .= "`email` = '" . $db->sql_escape($UserMail) . "', ";
$SQL .= "`email_2` = '" . $db->sql_escape($UserMail) . "', ";
$SQL .= "`lang` = '" . $db->sql_escape($UserLang) . "', ";
$SQL .= "`authlevel` = '" . $UserAuth . "', ";
$SQL .= "`ip_at_reg` = '" . $_SERVER['REMOTE_ADDR'] . "', ";
$SQL .= "`id_planet` = '0', ";
$SQL .= "`onlinetime` = '" . TIMESTAMP . "', ";
$SQL .= "`register_time` = '" . TIMESTAMP . "', ";
$SQL .= "`password` = '" . md5($UserPass) . "', ";
$SQL .= "`dpath` = '" . DEFAULT_SKINPATH . "', ";
$SQL .= "`uctime`= '0';";
$db->query($SQL);
$db->query("UPDATE " . CONFIG . " SET `config_value` = config_value + '1' WHERE `config_name` = 'users_amount';");
$ID_USER = $db->uniquequery("SELECT `id` FROM " . USERS . " WHERE `username` = '" . $db->sql_escape($UserName) . "';");
require_once ROOT_PATH . 'includes/functions/CreateOnePlanetRecord.' . PHP_EXT;
CreateOnePlanetRecord($Galaxy, $System, $Planet, $ID_USER['id'], $UserPlanet, true, $UserAuth);
$ID_PLANET = $db->uniquequery("SELECT `id` FROM " . PLANETS . " WHERE `id_owner` = '" . $ID_USER['id'] . "';");
$SQL = "UPDATE " . USERS . " SET ";
$SQL .= "`id_planet` = '" . $ID_PLANET['id'] . "', ";
$SQL .= "`galaxy` = '" . $Galaxy . "', ";
$SQL .= "`system` = '" . $System . "', ";
$SQL .= "`planet` = '" . $Planet . "' ";
$SQL .= "WHERE ";
$SQL .= "`id` = '" . $ID_USER['id'] . "' ";
$SQL .= "LIMIT 1;";
$db->query($SQL);
$template->message($LNG['new_user_success'], '?page=create&mode=user', 3, true);
exit;
}
$AUTH[0] = $LNG['user_level'][0];
if ($USER['authlevel'] >= AUTH_OPS) {
$AUTH[AUTH_OPS] = $LNG['user_level'][AUTH_OPS];
}
if ($USER['authlevel'] >= AUTH_MOD) {
$AUTH[AUTH_MOD] = $LNG['user_level'][AUTH_MOD];
}
if ($USER['authlevel'] >= AUTH_ADM) {
$AUTH[AUTH_ADM] = $LNG['user_level'][AUTH_ADM];
}
$template->assign_vars(array('new_add_user' => $LNG['new_add_user'], 'new_creator_refresh' => $LNG['new_creator_refresh'], 'new_creator_go_back' => $LNG['new_creator_go_back'], 'user_reg' => $LNG['user_reg'], 'pass_reg' => $LNG['pass_reg'], 'pass2_reg' => $LNG['pass2_reg'], 'email_reg' => $LNG['email_reg'], 'email2_reg' => $LNG['email2_reg'], 'new_coord' => $LNG['new_coord'], 'new_range' => $LNG['new_range'], 'new_title' => $LNG['new_title'], 'Selector' => $AUTH));
$template->show('adm/CreatePageUser.tpl');
break;
case 'moon':
if ($_POST) {
$PlanetID = request_var('add_moon', 0);
$MoonName = request_var('name', '', UTF8_SUPPORT);
$Diameter = request_var('diameter', 0);
$FieldMax = request_var('field_max', 0);
$MoonPlanet = $db->uniquequery("SELECT `temp_max`, `temp_min`, `id_luna`, `galaxy`, `system`, `planet`, `planet_type`, `destruyed`, `id_level`, `id_owner` FROM " . PLANETS . " WHERE `id` = '" . $PlanetID . "' AND `planet_type` = '1' AND `destruyed` = '0';");
if (!isset($MoonPlanet)) {
$template->message($LNG['mo_planet_doesnt_exist'], '?page=create&mode=moon', 3, true);
exit;
}
require_once ROOT_PATH . 'includes/functions/CreateOneMoonRecord.' . PHP_EXT;
if (CreateOneMoonRecord($MoonPlanet['galaxy'], $MoonPlanet['system'], $MoonPlanet['planet'], $MoonPlanet['id_owner'], 0, $MoonName, 20, $_POST['diameter_check'] == 'on' ? 0 : $Diameter) !== false) {
$template->message($LNG['mo_moon_added'], '?page=create&mode=moon', 3, true);
} else {
$template->message($LNG['mo_moon_unavaible'], '?page=create&mode=moon', 3, true);
}
exit;
}
$template->assign_vars(array('po_add_moon' => $LNG['po_add_moon'], 'input_id_planet' => $LNG['input_id_planet'], 'mo_moon_name' => $LNG['mo_moon_name'], 'mo_diameter' => $LNG['mo_diameter'], 'mo_temperature' => $LNG['mo_temperature'], 'mo_fields_avaibles' => $LNG['mo_fields_avaibles'], 'button_add' => $LNG['button_add'], 'new_creator_refresh' => $LNG['new_creator_refresh'], 'mo_moon' => $LNG['fcm_moon'], 'new_creator_go_back' => $LNG['new_creator_go_back']));
$template->show('adm/CreatePageMoon.tpl');
break;
case 'planet':
if ($_POST) {
$id = request_var('id', 0);
$Galaxy = request_var('galaxy', 0);
$System = request_var('system', 0);
$Planet = request_var('planet', 0);
$name = request_var('name', '', UTF8_SUPPORT);
$field_max = request_var('field_max', 0);
$ISUser = $db->uniquequery("SELECT id, authlevel FROM " . USERS . " WHERE `id` = '" . $id . "';");
if (CheckPlanetIfExist($Galaxy, $System, $Planet) || !isset($ISUser)) {
$template->message($LNG['po_complete_all'], '?page=create&mode=planet', 3, true);
exit;
}
require_once ROOT_PATH . 'includes/functions/CreateOnePlanetRecord.' . PHP_EXT;
CreateOnePlanetRecord($Galaxy, $System, $Planet, $id, '', '', false);
$SQL = "UPDATE " . PLANETS . " SET ";
if ($_POST['diameter_check'] != 'on' || $field_max > 0) {
$SQL .= "`field_max` = '" . $field_max . "', ";
}
if (!empty($name)) {
$SQL .= "`name` = '" . $db->sql_escape($name) . "', ";
}
$SQL .= "`id_level` = '" . $ISUser['authlevel'] . "' ";
$SQL .= "WHERE ";
$SQL .= "`galaxy` = '" . $Galaxy . "' AND ";
$SQL .= "`system` = '" . $System . "' AND ";
$SQL .= "`planet` = '" . $Planet . "' AND ";
$SQL .= "`planet_type` = '1'";
$db->query($SQL);
$template->message($LNG['po_complete_succes'], '?page=create&mode=planet', 3, true);
exit;
}
$template->assign_vars(array('po_add_planet' => $LNG['po_add_planet'], 'po_galaxy' => $LNG['po_galaxy'], 'po_system' => $LNG['po_system'], 'po_planet' => $LNG['po_planet'], 'input_id_user' => $LNG['input_id_user'], 'new_creator_coor' => $LNG['new_creator_coor'], 'po_name_planet' => $LNG['po_name_planet'], 'po_fields_max' => $LNG['po_fields_max'], 'button_add' => $LNG['button_add'], 'po_colony' => $LNG['fcp_colony'], 'new_creator_refresh' => $LNG['new_creator_refresh'], 'new_creator_go_back' => $LNG['new_creator_go_back']));
$template->show('adm/CreatePagePlanet.tpl');
break;
default:
$template->assign_vars(array('new_creator_title_u' => $LNG['new_creator_title_u'], 'new_creator_title_p' => $LNG['new_creator_title_p'], 'new_creator_title_l' => $LNG['new_creator_title_l'], 'new_creator_title' => $LNG['new_creator_title']));
$template->show('adm/CreatePage.tpl');
break;
}
}
function makeReservation($id, $boat_id, $name, $team_name, $email, $mpb, $date, $start_time_hrs, $start_time_mins, $end_time_hrs, $end_time_mins, $ergo_lo = 0, $ergo_hi = 0)
{
global $database_host;
global $database_user;
global $database_pass;
global $database;
global $opzoektabel;
global $koudwaterprotocol;
global $today_db;
global $thehour;
global $theminute;
global $themonth;
$NR_OF_CONCEPTS = 8;
// LET OP: aanpassen als het aantal Concept-ergo's verandert! (ivm blokinschrijving)
$bisdblink = mysql_connect($database_host, $database_user, $database_pass);
if (!mysql_select_db($database, $bisdblink)) {
$messages[] = "Fout: database niet gevonden.";
$returnArray = array("success" => false, "messages" => $messages);
return $returnArray;
}
$messages = array();
// check persoonsnaam
if (!CheckName($name)) {
$messages[] = "• U dient een geldige voor- en achternaam op te geven. Let op: de apostrof (') wordt niet geaccepteerd.";
}
// email is niet verplicht, maar moet wel correct zijn
if ($email && !CheckEmail($email)) {
$messages[] = "• U dient een geldig e-mailadres op te geven.";
}
// check date
$date_db = 0;
if (!$date || !CheckTheDate($date) || $mpb != "Societeit" && !InRange($date, 10)) {
$messages[] = "• U dient een (geldige) inschrijfdatum op te geven, van vandaag tot over maximaal 10 dagen.";
} else {
$date_db = DateToDBdate($date);
if (strtotime($date_db) < strtotime($today_db)) {
$messages[] = "Een inschrijving kan niet in het verleden plaatsvinden.";
}
}
// check time
if (!is_numeric($start_time_hrs) || $start_time_hrs < 6 || $start_time_hrs > 23) {
$messages[] = "Ongeldig start-uur.";
}
if (!is_numeric($end_time_hrs) || $end_time_hrs < 6 || $end_time_hrs > 23) {
$messages[] = "Ongeldig eind-uur.";
}
if ($start_time_mins != "00" && $start_time_mins != "0" && $start_time_mins != "15" && $start_time_mins != "30" && $start_time_mins != "45") {
$messages[] = "Ongeldige start-minuten.";
}
if ($end_time_mins != "00" && $end_time_mins != "0" && $end_time_mins != "15" && $end_time_mins != "30" && $end_time_mins != "45") {
$messages[] = "Ongeldige eind-minuten.";
}
$start_time = $start_time_hrs . ":" . $start_time_mins;
$end_time = $end_time_hrs . ":" . $end_time_mins;
$duration = ($end_time_hrs - $start_time_hrs) * 60 + ($end_time_mins - $start_time_mins);
if ($duration <= 0) {
$messages[] = "De eindtijd van een inschrijving dient later dan de begintijd te zijn.";
}
if ($date_db == $today_db && ($start_time_hrs < $thehour || $start_time_hrs == $thehour && $start_time_mins < $theminute)) {
$messages[] = "Een inschrijving kan niet in het verleden beginnen.";
}
// check ergo-blok
if (!is_numeric($ergo_lo) || !is_numeric($ergo_hi) || $ergo_lo < 0 || $ergo_lo > $NR_OF_CONCEPTS || $ergo_hi < 0 || $ergo_hi > $NR_OF_CONCEPTS) {
$messages[] = "Nummering van de Concept-ergometers klopt niet.";
}
$ergo_range = $ergo_hi - $ergo_lo;
if ($ergo_range < 0) {
$messages[] = "Het blok moet lopen van de laagst- t/m de hoogst-genummerde Concept-ergometer.";
$ergo_lo = 0;
$ergo_hi = 0;
}
// check boat
if (!is_numeric($boat_id) || $boat_id == 0) {
$boat = "";
$messages[] = "U heeft geen boot geselecteerd.";
} else {
$query_bootnaam = "SELECT Naam FROM boten WHERE ID={$boat_id};";
$result_bootnaam = mysql_query($query_bootnaam);
$row_bootnaam = mysql_fetch_assoc($result_bootnaam);
$boat = $row_bootnaam['Naam'];
}
// cat. & grade bepalen n.a.v. boot die wordt ingeschreven
$query = "SELECT Roeigraad, `Type` FROM boten WHERE ID='" . $boat_id . "';";
$result = mysql_query($query);
if ($result) {
$row = mysql_fetch_assoc($result);
$grade = $row['Roeigraad'];
$type = $row['Type'];
$query2 = "SELECT Categorie FROM types WHERE `Type`='" . $type . "';";
$result2 = mysql_query($query2);
if ($result2) {
$row2 = mysql_fetch_assoc($result2);
$cat = $row2['Categorie'];
}
}
// check op uit de vaart
$query = "SELECT * \r\t\tFROM uitdevaart \r\t\tWHERE Verwijderd=0 \r\t\tAND Boot_ID='{$boat_id}' \r\t\tAND Startdatum<='{$date_db}' \r\t\tAND (Einddatum='0' OR Einddatum='0000-00-00' OR Einddatum IS NULL OR Einddatum>='{$date_db}');";
$result = mysql_query($query);
if (!$result) {
$messages[] = "Ophalen van uit de vaart-informatie mislukt.";
} else {
$rows_aff = mysql_affected_rows($bisdblink);
if ($rows_aff > 0) {
$messages[] = "Deze boot is op deze dag uit de vaart.";
}
}
// check MPB
// stop eerst alle MPB-gevende bestuursleden in een array
$mpb_array = array();
$query = "SELECT Functie FROM bestuursleden WHERE MPB=1;";
$result = mysql_query($query);
if (!$result) {
$messages[] = "Ophalen van bestuursleden mislukt.";
}
while ($row = mysql_fetch_assoc($result)) {
array_push($mpb_array, $row['Functie']);
}
if ($mpb != "" && !in_array($mpb, $mpb_array)) {
$messages[] = "Onjuiste MPB-gever opgegeven.";
}
$controle = 0;
if ($duration > 120) {
if ($mpb == "") {
$messages[] = "• U schrijft voor langer dan 2 uur in. Hiervoor is MPB benodigd.";
}
$controle = 1;
}
if (!InRange($date, 3)) {
if ($mpb == "") {
$messages[] = "• U schrijft meer dan 3 dagen vantevoren in. Hiervoor is MPB benodigd.";
}
$controle = 2;
}
if ($grade == "MPB") {
if ($mpb == "") {
$messages[] = "• U schrijft een MPB-boot in. Hiervoor is MPB benodigd.";
}
$controle = 3;
}
$action = "make";
if ($id > 0) {
$action = "alter";
}
// If one or more errors were made, return already
if (sizeof($messages) > 0) {
// $messages[] = "<strong>Uw inschrijving is mislukt vanwege de genoemde fouten</strong>";
$returnArray = array("success" => false, "messages" => $messages, "category" => $cat, "grade" => $grade, "action" => $action);
return $returnArray;
}
$success = false;
$fail_cnt = 0;
for ($e = $ergo_lo; $e <= $ergo_hi; $e++) {
// T.b.v. blokinschrijving ergometers (with normal reservation, ergo_lo = ergo_hi = e = 0)
$fail = false;
if ($e > 0) {
$boat = "Concept " . $e;
$query_ergonaam = "SELECT ID FROM boten WHERE Naam='" . $boat . "';";
$result_ergonaam = mysql_query($query_ergonaam);
$row_ergonaam = mysql_fetch_assoc($result_ergonaam);
$boat_id = $row_ergonaam['ID'];
}
// Check inschrijving tegen de database
$query = "SELECT * FROM " . $opzoektabel . " WHERE Verwijderd=0 AND Volgnummer <> '{$id}' AND ((Begintijd >= '{$start_time}' AND Begintijd < '{$end_time}') OR (Eindtijd > '{$start_time}' AND Eindtijd <= '{$end_time}') OR (Begintijd <= '{$start_time}' AND Eindtijd >= '{$end_time}')) AND Datum = '{$date_db}' AND Boot_ID = '{$boat_id}';";
$result = mysql_query($query);
if (!$result) {
$messages[] = "Het controleren van uw inschrijving is mislukt.";
$fail = true;
} else {
$rows_aff = mysql_affected_rows($bisdblink);
if ($rows_aff > 0) {
$messages[] = "Uw inschrijving van " . $boat . " is mislukt omdat deze conflicteert met een al bestaande inschrijving.";
$fail = true;
}
}
// Ingeval van het bewerken van een bestaande inschrijving, eerst oude uit DB verwijderen
$mail_gestuurd = false;
if ($id > 0 && $fail == false) {
$email_to = "";
// haal gegevens niet uit form maar uit DB, om fraude te voorkomen
$query2 = "SELECT Email, Boot_ID, Datum, Begintijd, Spits FROM " . $opzoektabel . " WHERE Volgnummer = " . $id . ";";
$result2 = mysql_query($query2);
if ($result2) {
$row = mysql_fetch_assoc($result2);
$email_to = $row['Email'];
$boot_id = $row['Boot_ID'];
// retrieve boat name
$query_bootnaam = "SELECT Naam FROM boten WHERE ID=" . $boot_id . ";";
$result_bootnaam = mysql_query($query_bootnaam);
$row_bootnaam = mysql_fetch_assoc($result_bootnaam);
$boot = $row_bootnaam['Naam'];
//
$db_datum = $row['Datum'];
$date_tmp = strtotime($db_datum);
$date_sh = strftime('%A %d-%m-%Y', $date_tmp);
$starttijd = $row['Begintijd'];
$spitsnr = $row['Spits'];
if ($spitsnr > 0) {
$mail_message = "Uw spitsblok van '{$boot}' op {$date_sh} vanaf " . substr($starttijd, 0, 5) . " is zojuist bevestigd.";
} else {
$mail_message = "Uw inschrijving van '{$boot}' op {$date_sh} vanaf " . substr($starttijd, 0, 5) . " is zojuist gewijzigd.";
}
}
$query = "UPDATE " . $opzoektabel . " SET Verwijderd = 1 WHERE Volgnummer = " . $id . ";";
$result = mysql_query($query);
if (!$result) {
$messages[] = "Het verwijderen van de oude inschrijving is mislukt.";
$fail = true;
} else {
if (SendEmail($email_to, "Wijziging of bevestiging inschrijving", $mail_message)) {
$mail_gestuurd = true;
}
}
}
// Het inserten
if ($fail == false) {
// current (ergo) reservation is OK
// inschrijving wordt ingevoerd of gewijzigd
$today_db = date('Y-m-d');
$team_name = addslashes($team_name);
// speciale tekens in ploegnaam "redden"
$team_name = preg_replace("/\"/", "'", $team_name);
// dubbele quotes omzetten naar enkele, omdat anders het tooltip-scriptje gek wordt
$query = "INSERT INTO " . $opzoektabel . " (Datum, Inschrijfdatum, Begintijd, Eindtijd, Boot_ID, Pnaam, Ploegnaam, Email, MPB, Spits, Controle) VALUES ('{$date_db}', '{$today_db}', '{$start_time}', '{$end_time}', '{$boat_id}', '{$name}', \"{$team_name}\", '{$email}', '{$mpb}', '0', '{$controle}');";
$result = mysql_query($query);
if (!$result) {
$messages[] = "Uw inschrijving is mislukt.";
} else {
$success = true;
$date_tmp = strtotime($date_db);
$date_sh = strftime('%A %d-%m-%Y', $date_tmp);
$messages[] = "Uw inschrijving van '" . $boat . "' op " . $date_sh . " van " . substr($start_time, 0, 5) . " tot " . substr($end_time, 0, 5) . " is gelukt.";
if ($controle) {
$messages[] = "NB: uw inschrijving is vanwege MPB gelogd en zal door het opgegeven bestuurslid worden gecontroleerd.";
}
if ($mail_gestuurd) {
$messages[] = "NB: er is ter controle een e-mail gestuurd aan de oorspronkelijke inschrijver.";
}
if ($koudwaterprotocol && ($themonth < 4 || $themonth > 9) && $cat != "Ergometers en bak") {
// Mind: this is the only message that contains HTML formatting
$messages[] = "<strong>LET OP! Wees in de winter voorzichtig i.v.m. het koude water. Het <a href='https://www.hunze.nl/wp-content/uploads/2015/08/Koudwaterprotocol.pdf' target='_blank'>koudwater-protocol</a> geldt van 15 november - 1 mei.";
}
}
} else {
if ($e == 0) {
$messages[] = "<strong>Uw inschrijving is mislukt vanwege de genoemde fouten</strong>";
} else {
$fail_cnt++;
}
}
}
// end for-loop ergo_lo - ergo_hi
if ($fail_cnt > 0) {
$messages[] = "Let op: één of meer van de inschrijvingen in uw blok zijn mislukt.";
}
mysql_close($bisdblink);
$returnArray = array("success" => $success, "messages" => $messages, "category" => $cat, "grade" => $grade, "action" => $action);
return $returnArray;
}
// tijden
$start_time_hrs = $_POST['start_time_hrs'];
$start_time_mins = $_POST['start_time_mins'];
$start_time = $start_time_hrs . ":" . $start_time_mins;
$end_time_hrs = $_POST['end_time_hrs'];
$end_time_mins = $_POST['end_time_mins'];
$end_time = $end_time_hrs . ":" . $end_time_mins;
$duration = ($end_time_hrs - $start_time_hrs) * 60 + ($end_time_mins - $start_time_mins);
if ($duration <= 0) {
$fail_msg_time = "De eindtijd van een outing dient later dan de begintijd te zijn.";
}
// boot
$boat_id = $_POST['boat_id'];
// naam
$pname = $_POST['pname'];
if (!CheckName($pname)) {
$fail_msg_pname = "U dient een geldige voor- en achternaam op te geven. Let op: de apostrof (') wordt niet geaccepteerd.";
}
// ploegnaam
$name = $_POST['name'];
// e-mail
$email = $_POST['email'];
// niet verplicht, maar moet wel correct zijn
if ($email && !CheckEmail($email)) {
$fail_msg_email = "U dient een geldig e-mailadres op te geven.";
}
// als niet gefaald, repeterend spitsblok toevoegen
if (isset($fail_msg_startdate) || isset($fail_msg_enddate) || isset($fail_msg_date) || isset($fail_msg_time) || isset($fail_msg_pname) || isset($fail_msg_email)) {
$fail = true;
} else {
if ($spits_id) {
public function __construct()
{
global $USER, $PLANET, $LNG, $db, $UNI;
$parse = $LNG;
$mode = request_var('mode', '');
$a = request_var('a', 1);
$sort1 = request_var('sort1', '');
$sort2 = request_var('sort2', '');
$edit = request_var('edit', '');
$rank = request_var('rank', '');
$kick = request_var('kick', '');
$id = request_var('id', '');
$action = request_var('action', '');
$allyid = request_var('allyid', '');
$tag = request_var('tag', '');
$PlanetRess = new ResourceUpdate();
$PlanetRess->CalcResource();
$PlanetRess->SavePlanetToDB();
$template = new template();
if ($USER['ally_id'] != 0 && $USER['ally_request'] != 0) {
$db->query("UPDATE `" . USERS . "` SET `ally_id` = 0 WHERE `id` = " . $USER['id'] . ";");
redirectTo("game.php?page=alliance");
}
switch ($USER['ally_id']) {
case 0:
switch ($mode) {
case 'ainfo':
$allyrow = $db->uniquequery("SELECT * FROM " . ALLIANCE . " WHERE ally_tag='" . $db->sql_escape($tag) . "' OR id='" . $db->sql_escape($a) . "';");
if (!$allyrow) {
die(redirectTo("game.php?page=alliance"));
}
$this->ainfo($allyrow, $template);
break;
case 'make':
if ($USER['ally_request'] == 0) {
if ($action == "send") {
$atag = request_var('atag', '', UTF8_SUPPORT);
$aname = request_var('aname', '', UTF8_SUPPORT);
if (empty($atag)) {
$template->message($LNG['al_tag_required'], "?page=alliance&mode=make", 3);
}
if (empty($aname)) {
$template->message($LNG['al_name_required'], "?page=alliance&mode=make", 3);
}
if (!CheckName($aname) || !CheckName($atag)) {
$template->message(UTF8_SUPPORT ? $LNG['al_newname_no_space'] : $LNG['al_newname_alphanum'], "?page=alliance&mode=make", 3);
}
$tagquery = $db->countquery("SELECT COUNT(*) FROM `" . ALLIANCE . "` WHERE `ally_universe` = '" . $UNI . "' AND (ally_tag = '" . $db->sql_escape($atag) . "' OR ally_name = '" . $db->sql_escape($aname) . "');");
if ($tagquery == 0) {
$template->message(sprintf($LNG['al_already_exists'], $aname), "?page=alliance&mode=make", 3);
}
$db->multi_query("INSERT INTO " . ALLIANCE . " SET\r\n `ally_name`='" . $db->sql_escape($aname) . "',\r\n `ally_tag`='" . $db->sql_escape($atag) . "' ,\r\n `ally_owner`='" . $USER['id'] . "',\r\n `ally_owner_range`='Leader',\r\n `ally_members`='1',\r\n `ally_register_time`='" . TIMESTAMP . "',\r\n\t\t\t\t\t\t\t\t`ally_universe` ='" . $UNI . "';\r\n UPDATE " . USERS . " SET\r\n `ally_id`= (SELECT `id` FROM " . ALLIANCE . " WHERE ally_name = '" . $db->sql_escape($aname) . "'),\r\n `ally_name` = '" . $db->sql_escape($aname) . "',\r\n `ally_register_time` = '" . TIMESTAMP . "'\r\n WHERE `id` = '" . $USER['id'] . "';\r\n UPDATE " . STATPOINTS . " SET\r\n `id_ally` = (SELECT `id` FROM " . ALLIANCE . " WHERE ally_name = '" . $db->sql_escape($aname) . "')\r\n WHERE `id_owner` = '" . $USER['id'] . "';");
$template->message(sprintf($LNG['al_created'], $atag), "?page=alliance", 3);
} else {
$template->assign_vars(array('al_make_alliance' => $LNG['al_make_alliance'], 'al_make_ally_tag_required' => $LNG['al_make_ally_tag_required'], 'al_make_ally_name_required' => $LNG['al_make_ally_name_required'], 'al_make_submit' => $LNG['al_make_submit']));
$template->show("alliance_make.tpl");
}
} else {
redirectTo("game.php?page=alliance");
}
break;
case 'search':
if ($USER['ally_request'] == 0) {
$searchtext = request_var('searchtext', '', UTF8_SUPPORT);
if (!empty($searchtext)) {
$Search = $db->query("SELECT id, ally_tag, ally_name, ally_members FROM " . ALLIANCE . " WHERE ally_name LIKE '%" . $db->sql_escape($searchtext, true) . "%' OR ally_tag LIKE '%" . $db->sql_escape($searchtext, true) . "%' LIMIT 30;");
$SeachResult = array();
while ($CurrRow = $db->fetch_array($Search)) {
$SeachResult[] = array('id' => $CurrRow['id'], 'tag' => $CurrRow['ally_tag'], 'name' => $CurrRow['ally_name'], 'members' => $CurrRow['ally_members']);
}
}
$template->assign_vars(array('searchtext' => $searchtext, 'SeachResult' => $SeachResult, 'al_find_submit' => $LNG['al_find_submit'], 'al_find_text' => $LNG['al_find_text'], 'al_find_alliances' => $LNG['al_find_alliances'], 'al_make_submit' => $LNG['al_make_submit'], 'al_find_no_alliances' => $LNG['al_find_no_alliances'], 'al_ally_info_members' => $LNG['al_ally_info_members'], 'al_ally_info_name' => $LNG['al_ally_info_name'], 'al_ally_info_tag' => $LNG['al_ally_info_tag']));
$template->show("alliance_searchform.tpl");
} else {
redirectTo("game.php" . "?page=alliance");
}
break;
case 'apply':
if ($USER['ally_request'] == 0) {
$text = request_var('text', '', true);
$allyrow = $db->uniquequery("SELECT `ally_tag`, `ally_request`, `ally_request_notallow` FROM " . ALLIANCE . " WHERE id='" . $db->sql_escape($allyid) . "';");
if (!$allyrow) {
redirectTo("game.php?page=alliance");
}
if ($allyrow['ally_request_notallow'] == 1) {
$template->message($LNG['al_alliance_closed']);
exit;
} else {
if ($action == "send") {
$db->query("UPDATE " . USERS . " SET `ally_request`='" . $db->sql_escape($allyid) . "', ally_request_text='" . $db->sql_escape($text) . "', ally_register_time='" . TIMESTAMP . "' WHERE `id`='" . $USER['id'] . "';");
$template->message($LNG['al_request_confirmation_message'], "?page=alliance");
} else {
$template->assign_vars(array('allyid' => $allyid, 'al_your_request_title' => $LNG['al_your_request_title'], 'applytext' => !empty($allyrow['ally_request']) ? $allyrow['ally_request'] : $LNG['al_default_request_text'], 'al_write_request' => sprintf($LNG['al_write_request'], $allyrow['ally_tag']), 'al_applyform_reload' => $LNG['al_applyform_reload'], 'al_applyform_send' => $LNG['al_applyform_send'], 'al_message' => $LNG['al_message']));
$template->show("alliance_applyform.tpl");
}
}
} else {
redirectTo("game.php?page=alliance");
}
break;
default:
if ($USER['ally_request'] != 0) {
$allyquery = $db->uniquequery("SELECT ally_tag FROM " . ALLIANCE . " WHERE id = '" . $USER['ally_request'] . "' ORDER BY `id`;");
$bcancel = request_var('bcancel', '');
if ($bcancel) {
$db->query("UPDATE " . USERS . " SET `ally_request`= 0 WHERE `id`='" . $USER['id'] . "';");
$template->assign_vars(array('al_your_request_title' => $LNG['al_your_request_title'], 'button_text' => $LNG['al_continue'], 'request_text' => sprintf($LNG['al_request_deleted'], $allyquery['ally_tag']), 'al_make_submit' => $LNG['al_continue']));
} else {
$template->assign_vars(array('al_your_request_title' => $LNG['al_your_request_title'], 'button_text' => $LNG['al_delete_request'], 'request_text' => sprintf($LNG['al_request_wait_message'], $allyquery['ally_tag']), 'al_make_submit' => $LNG['al_make_submit']));
}
$template->show("alliance_apply_waitform.tpl");
} else {
$template->assign_vars(array('al_alliance_search' => $LNG['al_alliance_search'], 'al_alliance_make' => $LNG['al_alliance_make'], 'al_alliance' => $LNG['al_alliance']));
$template->show("alliance_defaultmenu.tpl");
}
break;
}
break;
default:
$ally = $db->uniquequery("SELECT * FROM " . ALLIANCE . " WHERE id='" . $USER['ally_id'] . "';");
if (!$ally) {
$db->query("UPDATE `" . USERS . "` SET `ally_id` = 0 WHERE `id` = " . $USER['id'] . ";");
redirectTo("game.php?page=alliance");
}
$ally_ranks = unserialize($ally['ally_ranks']);
$USER['rights']['memberlist_on'] = $ally_ranks[$USER['ally_rank_id'] - 1]['onlinestatus'] == 1 || $ally['ally_owner'] == $USER['id'] ? true : false;
$USER['rights']['memberlist'] = $ally_ranks[$USER['ally_rank_id'] - 1]['memberlist'] == 1 || $ally['ally_owner'] == $USER['id'] ? true : false;
$USER['rights']['roundmail'] = $ally_ranks[$USER['ally_rank_id'] - 1]['mails'] == 1 || $ally['ally_owner'] == $USER['id'] ? true : false;
$USER['rights']['kick'] = $ally_ranks[$USER['ally_rank_id'] - 1]['kick'] == 1 || $ally['ally_owner'] == $USER['id'] ? true : false;
$USER['rights']['righthand'] = $ally_ranks[$USER['ally_rank_id'] - 1]['rechtehand'] == 1 || $ally['ally_owner'] == $USER['id'] ? true : false;
$USER['rights']['close'] = $ally_ranks[$USER['ally_rank_id'] - 1]['delete'] == 1 || $ally['ally_owner'] == $USER['id'] ? true : false;
$USER['rights']['seeapply'] = $ally_ranks[$USER['ally_rank_id'] - 1]['bewerbungen'] == 1 || $ally['ally_owner'] == $USER['id'] ? true : false;
$USER['rights']['changeapply'] = $ally_ranks[$USER['ally_rank_id'] - 1]['bewerbungenbearbeiten'] == 1 || $ally['ally_owner'] == $USER['id'] ? true : false;
$USER['rights']['admin'] = $ally_ranks[$USER['ally_rank_id'] - 1]['administrieren'] == 1 || $ally['ally_owner'] == $USER['id'] ? true : false;
switch ($mode) {
case 'ainfo':
$allyrow = $db->uniquequery("SELECT * FROM " . ALLIANCE . " WHERE ally_tag='" . $db->sql_escape($tag) . "' OR id='" . $db->sql_escape($a) . "';");
if (!$allyrow) {
redirectTo("game.php?page=alliance");
}
$this->ainfo($allyrow, $template);
break;
case 'exit':
if ($ally['ally_owner'] == $USER['id']) {
$template->message($LNG['al_founder_cant_leave_alliance'], "?page=alliance", 3);
} elseif ($action = "send") {
$db->multi_query("UPDATE " . USERS . " SET `ally_id` = 0, `ally_name` = '', ally_rank_id = 0 WHERE `id`='" . $USER['id'] . "';UPDATE " . ALLIANCE . " SET `ally_members` = `ally_members` - 1 WHERE `id`='" . $ally['id'] . "';UPDATE " . STATPOINTS . " SET `id_ally` = '0' WHERE `id_ally` = '" . $ally['id'] . "' AND `id_owner` = '" . $USER['id'] . "';");
$template->message(sprintf($LNG['al_leave_sucess'], $ally['ally_name']), "game.php?page=alliance", 2);
} else {
$template->message(sprintf($LNG['al_do_you_really_want_to_go_out'], $ally['ally_name']) . "<br><a href=\"?page=alliance&mode=exit&action=send\">" . $LNG['al_go_out_yes'] . "</a>");
}
break;
case 'memberslist':
if (!$USER['rights']['memberlist']) {
redirectTo("game.php?page=alliance");
}
if ($sort1 && $sort2) {
switch ($sort1) {
case 1:
$sort = " ORDER BY `username`";
break;
case 2:
$sort = " ORDER BY `ally_rank_id`";
break;
case 3:
$sort = " ORDER BY `total_points`";
break;
case 4:
$sort = " ORDER BY `ally_register_time`";
break;
case 5:
$sort = " ORDER BY `onlinetime`";
break;
default:
$sort = " ORDER BY `id`";
break;
}
if ($sort2 == 1) {
$sort .= " DESC;";
} elseif ($sort2 == 2) {
$sort .= " ASC;";
}
$listuser = $db->query("SELECT DISTINCT u.id, u.username,u.galaxy, u.system, u.planet, u.ally_register_time, u.onlinetime, u.ally_rank_id, s.total_points FROM `" . USERS . "` as u LEFT JOIN " . STATPOINTS . " as s ON s.`stat_type` = '1' AND s.`id_owner` = u.`id` WHERE ally_id = '" . $USER['ally_id'] . "'" . $sort . ";");
} else {
$listuser = $db->query("SELECT DISTINCT u.id, u.username,u.galaxy, u.system, u.planet, u.ally_register_time, u.onlinetime, u.ally_rank_id, s.total_points FROM `" . USERS . "` as u LEFT JOIN " . STATPOINTS . " as s ON s.`stat_type` = '1' AND s.`id_owner` = u.`id` WHERE `ally_id` = '" . $USER['ally_id'] . "';");
}
while ($UserRow = $db->fetch_array($listuser)) {
if ($ally['ally_owner'] == $UserRow['id']) {
$UserRow['ally_range'] = $ally['ally_owner_range'] == '' ? $LNG['al_founder_rank_text'] : $ally['ally_owner_range'];
} elseif ($UserRow['ally_rank_id'] != 0) {
$UserRow['ally_range'] = $ally_ranks[$UserRow['ally_rank_id'] - 1]['name'];
} else {
$UserRow['ally_range'] = $LNG['al_new_member_rank_text'];
}
$Memberlist[] = array('id' => $UserRow['id'], 'username' => $UserRow['username'], 'galaxy' => $UserRow['galaxy'], 'system' => $UserRow['system'], 'planet' => $UserRow['planet'], 'register_time' => date(TDFORMAT, $UserRow['ally_register_time']), 'points' => pretty_number($UserRow['total_points']), 'range' => $UserRow['ally_range'], 'onlinetime' => floor((TIMESTAMP - $UserRow['onlinetime']) / 60));
}
if (count($Memberlist) != $ally['ally_members']) {
$db->query("UPDATE " . ALLIANCE . " SET `ally_members`='" . count($Memberlist) . "' WHERE `id`='" . $ally['id'] . "';");
}
$template->assign_vars(array('Memberlist' => $Memberlist, 'sort' => $sort2 == 1 ? 2 : 1, 'seeonline' => $USER['rights']['memberlist_on'], 'al_users_list' => sprintf($LNG['al_users_list'], count($Memberlist)), 'al_num' => $LNG['al_num'], 'al_back' => $LNG['al_back'], 'al_message' => $LNG['al_message'], 'al_member' => $LNG['al_member'], 'al_position' => $LNG['al_position'], 'al_points' => $LNG['al_points'], 'al_coords' => $LNG['al_coords'], 'al_member_since' => $LNG['al_member_since'], 'al_estate' => $LNG['al_estate'], 'al_memberlist_on' => $LNG['al_memberlist_on'], 'al_memberlist_off' => $LNG['al_memberlist_off'], 'al_memberlist_min' => $LNG['al_memberlist_min']));
$template->show("alliance_memberslist.tpl");
break;
case 'circular':
if (!$USER['rights']['roundmail']) {
redirectTo("game.php?page=alliance");
}
if ($action == "send") {
$r = request_var('r', 0);
$subject = request_var('subject', '', true);
$text = makebr(request_var('text', '', true));
$sq = $r == 0 ? $db->query("SELECT id, username FROM " . USERS . " WHERE `ally_id` = '" . $USER['ally_id'] . "';") : $db->query("SELECT id, username FROM " . USERS . " WHERE `ally_id` = '" . $USER['ally_id'] . "' AND `ally_rank_id` = '" . $r . "';");
$list = '';
$title = $LNG['al_circular_alliance'] . $ally['ally_tag'];
$text = sprintf($LNG['al_circular_front_text'], $USER['username']) . "<br>" . $text;
while ($u = $db->fetch_array($sq)) {
SendSimpleMessage($u['id'], $USER['id'], '', 2, $title, $subject, $text);
$list .= "\n" . $u['username'];
}
exit($LNG['al_circular_sended'] . $list);
}
$RangeList[] = $LNG['al_all_players'];
if (is_array($ally_ranks)) {
foreach ($ally_ranks as $id => $array) {
$RangeList[$id + 1] = $array['name'];
}
}
$template->assign_vars(array('RangeList' => $RangeList, 'al_circular_send_ciruclar' => $LNG['al_circular_send_ciruclar'], 'al_circular_reset' => $LNG['al_circular_reset'], 'al_receiveral_message' => $LNG['al_receiveral_message'], 'al_circular_send_submit' => $LNG['al_circular_send_submit'], 'al_characters' => $LNG['al_characters'], 'al_receiver' => $LNG['al_receiver'], 'mg_subject' => $LNG['mg_subject'], 'mg_no_subject' => $LNG['mg_no_subject'], 'mg_empty_text' => $LNG['mg_empty_text']));
$template->show("alliance_circular.tpl");
break;
case 'admin':
if (!$USER['rights']['admin']) {
exit(redirectTo("game.php?page=alliance"));
}
switch ($edit) {
case 'rights':
if (!$USER['rights']['righthand']) {
exit(redirectTo("game.php?page=alliance"));
}
$rankname = request_var('newrangname', '', UTF8_SUPPORT);
$pid = $_POST['id'];
$d = request_var('d', 1337);
if (!empty($rankname)) {
$pid = request_var('id', '');
$ally_ranks[] = array('name' => $rankname, 'mails' => 0, 'delete' => 0, 'kick' => 0, 'bewerbungen' => 0, 'administrieren' => 0, 'bewerbungenbearbeiten' => 0, 'memberlist' => 0, 'onlinestatus' => 0, 'rechtehand' => 0);
$ranks = serialize($ally_ranks);
$db->query("UPDATE " . ALLIANCE . " SET `ally_ranks`='" . $ranks . "' WHERE `id`='" . $ally['id'] . "';");
redirectTo("game.php?page=alliance&mode=admin&edit=rights");
exit;
} elseif (is_array($pid)) {
$ally_ranks_new = array();
foreach ($pid as $id) {
$ally_ranks_new[$id]['name'] = $ally_ranks[$id]['name'];
$ally_ranks_new[$id]['delete'] = isset($_POST['u' . $id . 'r0']) && $USER['rights']['close'] ? 1 : 0;
$ally_ranks_new[$id]['kick'] = isset($_POST['u' . $id . 'r1']) && $USER['rights']['kick'] ? 1 : 0;
$ally_ranks_new[$id]['bewerbungen'] = isset($_POST['u' . $id . 'r2']) && $USER['rights']['seeapply'] ? 1 : 0;
$ally_ranks_new[$id]['memberlist'] = isset($_POST['u' . $id . 'r3']) && $USER['rights']['memberlist'] ? 1 : 0;
$ally_ranks_new[$id]['bewerbungenbearbeiten'] = isset($_POST['u' . $id . 'r4']) && $USER['rights']['changeapply'] ? 1 : 0;
$ally_ranks_new[$id]['administrieren'] = isset($_POST['u' . $id . 'r5']) && $USER['rights']['admin'] ? 1 : 0;
$ally_ranks_new[$id]['onlinestatus'] = isset($_POST['u' . $id . 'r6']) && $USER['rights']['memberlist_on'] ? 1 : 0;
$ally_ranks_new[$id]['mails'] = isset($_POST['u' . $id . 'r7']) && $USER['rights']['roundmail'] ? 1 : 0;
$ally_ranks_new[$id]['rechtehand'] = isset($_POST['u' . $id . 'r8']) && $USER['rights']['righthand'] ? 1 : 0;
}
$ranks = serialize($ally_ranks_new);
$db->query("UPDATE " . ALLIANCE . " SET `ally_ranks`='" . $ranks . "' WHERE `id`='" . $ally['id'] . "';");
redirectTo("game.php?page=alliance&mode=admin&edit=rights");
exit;
} elseif (isset($ally_ranks[$d])) {
unset($ally_ranks[$d]);
$db->query("UPDATE " . ALLIANCE . " SET `ally_ranks`='" . serialize($ally_ranks) . "' WHERE `id`='" . $ally['id'] . "';");
}
if (is_array($ally_ranks)) {
foreach ($ally_ranks as $a => $b) {
$AllyRanks[] = array('id' => $a, 'name' => $b['name'], 'memberlist_on' => $b['onlinestatus'], 'memberlist' => $b['memberlist'], 'roundmail' => $b['mails'], 'kick' => $b['kick'], 'righthand' => $b['rechtehand'], 'close' => $b['delete'], 'seeapply' => $b['bewerbungen'], 'changeapply' => $b['bewerbungenbearbeiten'], 'admin' => $b['administrieren']);
}
}
$template->assign_vars(array('AllyRanks' => $AllyRanks, 'memberlist_on' => $USER['rights']['memberlist_on'], 'memberlist' => $USER['rights']['memberlist'], 'roundmail' => $USER['rights']['roundmail'], 'kick' => $USER['rights']['kick'], 'righthand' => $USER['rights']['righthand'], 'close' => $USER['rights']['close'], 'seeapply' => $USER['rights']['seeapply'], 'changeapply' => $USER['rights']['changeapply'], 'admin' => $USER['rights']['admin'], 'al_configura_ranks' => $LNG['al_configura_ranks'], 'al_save' => $LNG['al_configura_ranks'], 'Delete_range' => $LNG['Delete_range'], 'al_rank_name' => $LNG['al_rank_name'], 'al_dlte' => $LNG['al_dlte'], 'al_create' => $LNG['al_create'], 'al_rank_name' => $LNG['al_rank_name'], 'al_create_new_rank' => $LNG['al_create_new_rank'], 'al_back' => $LNG['al_back'], 'al_legend' => $LNG['al_legend'], 'al_no_ranks_defined' => $LNG['al_no_ranks_defined'], 'al_legend_kick_users' => $LNG['al_legend_kick_users'], 'al_legend_disolve_alliance' => $LNG['al_legend_disolve_alliance'], 'al_legend_see_requests' => $LNG['al_legend_see_requests'], 'al_legend_see_users_list' => $LNG['al_legend_see_users_list'], 'al_legend_check_requests' => $LNG['al_legend_check_requests'], 'al_legend_admin_alliance' => $LNG['al_legend_admin_alliance'], 'al_legend_see_connected_users' => $LNG['al_legend_see_connected_users'], 'al_legend_create_circular' => $LNG['al_legend_create_circular'], 'al_legend_right_hand' => $LNG['al_legend_right_hand']));
$template->show("alliance_admin_ranks.tpl");
break;
case 'members':
$NewRang = request_var('newrang', '');
if ($NewRang != '') {
$q = $db->uniquequery("SELECT id FROM " . USERS . " WHERE id='" . $db->sql_escape($id) . "';");
isset($ally_ranks[$NewRang - 1]) && $q['id'] != $ally['ally_owner'] ? $db->query("UPDATE " . USERS . " SET `ally_rank_id`='" . $db->sql_escape($NewRang) . "' WHERE `id`='" . $db->sql_escape($id) . "';") : '';
} elseif ($action == "kick" && !empty($id) && $USER['rights']['kick']) {
$u = $db->uniquequery("SELECT id FROM " . USERS . " WHERE id = '" . $db->sql_escape($id) . "' AND `ally_id` = '" . $ally['id'] . "' AND 'id' != '" . $ally['ally_owner'] . "';");
!empty($u['id']) ? $db->multi_query("UPDATE " . USERS . " SET `ally_id` = '0', `ally_name` = '', `ally_rank_id` = 0 WHERE `id` = '" . $u['id'] . "';UPDATE " . ALLIANCE . " SET `ally_members` = ally_members - 1 WHERE `id` = '" . $ally['id'] . "';UPDATE " . STATPOINTS . " SET `id_ally` = '0' WHERE `id_ally` = '" . $ally['id'] . "' AND `id_owner` = '" . $u['id'] . "';") : '';
}
if ($sort1 && $sort2) {
switch ($sort1) {
case 1:
$sort = " ORDER BY `username`";
break;
case 2:
$sort = " ORDER BY `ally_rank_id`";
break;
case 3:
$sort = " ORDER BY `total_points`";
break;
case 4:
$sort = " ORDER BY `ally_register_time`";
break;
case 5:
$sort = " ORDER BY `onlinetime`";
break;
default:
$sort = " ORDER BY `id`";
break;
}
if ($sort2 == 1) {
$sort .= " DESC;";
} elseif ($sort2 == 2) {
$sort .= " ASC;";
}
$listuser = $db->query("SELECT DISTINCT u.id, u.username,u.galaxy, u.system, u.planet, u.ally_register_time, u.ally_rank_id, u.onlinetime, s.total_points FROM `" . USERS . "` as u LEFT JOIN " . STATPOINTS . " as s ON s.`stat_type` = '1' AND s.`id_owner` = u.`id` WHERE ally_id = '" . $USER['ally_id'] . "'" . $sort . ";");
} else {
$listuser = $db->query("SELECT DISTINCT u.id, u.username,u.galaxy, u.system, u.planet, u.ally_register_time, u.ally_rank_id, u.onlinetime, s.total_points FROM `" . USERS . "` as u LEFT JOIN " . STATPOINTS . " as s ON s.`stat_type` = '1' AND s.`id_owner` = u.`id` WHERE `ally_id` = '" . $USER['ally_id'] . "';");
}
$Selector[0] = $LNG['al_new_member_rank_text'];
if (is_array($ally_ranks)) {
foreach ($ally_ranks as $a => $b) {
$Selector[$a + 1] = $b['name'];
}
}
while ($UserRow = $db->fetch_array($listuser)) {
if ($ally['ally_owner'] == $UserRow['id']) {
$UserRow['ally_range'] = $ally['ally_owner_range'] == '' ? $LNG['al_founder_rank_text'] : $ally['ally_owner_range'];
} elseif ($UserRow['ally_rank_id'] == 0) {
$UserRow['ally_range'] = $LNG['al_new_member_rank_text'];
} else {
$UserRow['ally_range'] = $ally_ranks[$UserRow['ally_rank_id'] - 1]['name'];
}
$Memberlist[] = array('id' => $UserRow['id'], 'username' => $UserRow['username'], 'galaxy' => $UserRow['galaxy'], 'system' => $UserRow['system'], 'planet' => $UserRow['planet'], 'rank_id' => $UserRow['ally_rank_id'] - 1, 'register_time' => date(TDFORMAT, $UserRow['ally_register_time']), 'points' => pretty_number($UserRow['total_points']), 'range' => $UserRow['ally_range'], 'onlinetime' => sprintf("%d d", floor(TIMESTAMP - $UserRow['onlinetime']) / 86400), 'action' => $ally['ally_owner'] == $UserRow['id'] || $rank == $UserRow['id'] ? 0 : ($USER['rights']['kick'] == 1 ? 2 : 1), 'kick' => sprintf($LNG['al_kick_player'], $UserRow['username']));
}
count($Memberlist) != $ally['ally_members'] ? $db->query("UPDATE " . ALLIANCE . " SET `ally_members`='" . count($Memberlist) . "' WHERE `id`='" . $ally['id'] . "';") : '';
$template->assign_vars(array('Selector' => $Selector, 'Memberlist' => $Memberlist, 'sort' => $sort2 == 1 ? 2 : 1, 'seeonline' => $USER['rights']['memberlist_on'], 'al_users_list' => sprintf($LNG['al_users_list'], count($Memberlist)), 'id' => $NewRang == '' ? $id : 0, 'al_num' => $LNG['al_num'], 'al_back' => $LNG['al_back'], 'al_message' => $LNG['al_message'], 'al_member' => $LNG['al_member'], 'al_position' => $LNG['al_position'], 'al_points' => $LNG['al_points'], 'al_coords' => $LNG['al_coords'], 'al_member_since' => $LNG['al_member_since'], 'al_estate' => $LNG['al_estate'], 'al_actions' => $LNG['al_actions'], 'al_ok' => $LNG['al_ok']));
$template->show("alliance_admin_members.tpl");
break;
case 'diplo':
!$USER['rights']['righthand'] ? redirectTo("game.php?page=alliance") : '';
$action = request_var('action', '');
$id = request_var('id', 0);
$Level = request_var('level', 0);
$DiploInfo = $this->GetDiplo($ally['id']);
switch ($action) {
case 'new':
if (!empty($id)) {
$text = request_var('text', '', true);
$Alliances = $db->uniquequery("SELECT `ally_tag`, `ally_name` FROM " . ALLIANCE . " WHERE id = '" . $id . "';");
if ($Level == 4) {
$AllyUsers = $db->query("SELECT `id` FROM " . USERS . " as s WHERE s.ally_id = '" . $ally['id'] . "' OR s.ally_id = '" . $id . "';");
while ($User = $db->fetch_array($AllyUsers)) {
SendSimpleMessage($User['id'], $USER['id'], '', 2, $LNG['al_circular_alliance'] . $ally['ally_tag'] . " & " . $Alliances['ally_tag'], $LNG['al_diplo_war'], sprintf($LNG['al_diplo_war_mes'], $ally['ally_name'], $Alliances['ally_name'], $LNG['al_diplo_level'][$Level], $text));
}
} else {
$RanksRAW = $db->uniquequery("SELECT `ally_ranks`, `ally_owner` FROM " . ALLIANCE . " WHERE id = '" . $id . "';");
$Ranks = unserialize($RanksRAW['ally_ranks']);
if (is_array($Ranks)) {
foreach ($Ranks as $ID => $RankInfo) {
if ($RankInfo['rechtehand'] == 0) {
continue;
}
$SendRank[1] = "`ally_rank_id` ='" . ($ID + 1) . "' OR ";
}
}
if (is_array($ally_ranks)) {
foreach ($ally_ranks as $ID => $RankInfo) {
if ($RankInfo['rechtehand'] == 0) {
continue;
}
$SendRank[0] = "`ally_rank_id` ='" . ($ID + 1) . "' OR ";
}
}
$AllyUsers = $db->query("SELECT `id` FROM " . USERS . " WHERE (ally_id = '" . $ally['id'] . "' AND (" . $SendRank[0] . "`id` = '" . $ally['ally_owner'] . "')) OR (ally_id = '" . $id . "' AND (" . $SendRank[1] . "`id` = '" . $RanksRAW['ally_owner'] . "'));");
while ($User = $db->fetch_array($AllyUsers)) {
SendSimpleMessage($User['id'], $USER['id'], '', 2, $LNG['al_circular_alliance'] . $ally['ally_tag'] . " & " . $Alliances['ally_tag'], $LNG['al_diplo_ask'], sprintf($LNG['al_diplo_ask_mes'], $LNG['al_diplo_level'][$Level], $ally['ally_name'], $Alliances['ally_name'], $text));
}
}
$db->query("INSERT INTO " . DIPLO . " (`id` ,`owner_1` ,`owner_2` ,`level` ,`accept` ,`accept_text`) VALUES (NULL , '" . $ally['id'] . "', '" . $id . "', '" . $Level . "', '" . ($Level == 4 ? 1 : 0) . "', '" . $db->sql_escape($text) . "');");
exit($LNG['al_diplo_create_done']);
}
$Alliances = $db->query("SELECT `id`, `ally_name` FROM " . ALLIANCE . " WHERE id != '" . $ally['id'] . "';");
while ($Alliance = $db->fetch_array($Alliances)) {
$AllianceList[$Alliance['id']] = $Alliance['ally_name'];
}
$template->assign_vars(array('AllianceList' => $AllianceList, 'al_diplo_create' => $LNG['al_diplo_create'], 'al_diplo_ally' => $LNG['al_diplo_ally'], 'al_diplo_level' => $LNG['al_diplo_level'], 'al_diplo_text' => $LNG['al_diplo_text'], 'al_diplo_level_des' => $LNG['al_diplo_level_des'], 'al_applyform_send' => $LNG['al_applyform_send'], 'mg_empty_text' => $LNG['mg_empty_text']));
$template->show("alliance_admin_diplo_form.tpl");
break;
case 'accept':
if (!empty($id)) {
$AllyUsers = $db->query("SELECT `id` FROM " . USERS . " as s WHERE s.ally_id = '" . $ally['id'] . "' OR s.ally_id = '" . $DiploInfo[5][$id][1] . "';");
while ($User = $db->fetch_array($AllyUsers)) {
SendSimpleMessage($User['id'], $USER['id'], '', 2, $LNG['al_circular_alliance'] . $ally['ally_tag'] . " & " . $DiploInfo[5][$id][5], $LNG['al_diplo_accept_yes'], sprintf($LNG['al_diplo_accept_yes_mes'], $LNG['al_diplo_level'][$Level], $ally['ally_name'], $DiploInfo[5][$id][0]));
}
$db->query("UPDATE " . DIPLO . " SET `accept` = '1', `accept_text` = '' WHERE `id`='" . $id . "' LIMIT 1;");
}
redirectTo("game.php?page=alliance&mode=admin&edit=diplo");
break;
case 'decline':
if (!empty($id)) {
$AllyUsers = $db->query("SELECT `id` FROM " . USERS . " as s WHERE s.ally_id = '" . $ally['id'] . "' OR s.ally_id = '" . $DiploInfo[5][$id][1] . "';");
while ($User = $db->fetch_array($AllyUsers)) {
SendSimpleMessage($User['id'], $USER['id'], '', 2, $LNG['al_circular_alliance'] . $ally['ally_tag'] . " & " . $DiploInfo[5][$id][5], $LNG['al_diplo_accept_no'], sprintf($LNG['al_diplo_accept_no_mes'], $LNG['al_diplo_level'][$Level], $ally['ally_name'], $DiploInfo[5][$id][0]));
}
$db->query("DELETE FROM " . DIPLO . " WHERE `id` ='" . $id . "' LIMIT 1;");
}
redirectTo("game.php?page=alliance&mode=admin&edit=diplo");
break;
case 'delete':
if (!empty($id)) {
if (isset($DiploInfo[$Level][$id][1])) {
$AllyUsers = $db->query("SELECT `id` FROM " . USERS . " as s WHERE s.ally_id = '" . $ally['id'] . "' OR s.ally_id = '" . $DiploInfo[$Level][$id][1] . "';");
while ($User = $db->fetch_array($AllyUsers)) {
SendSimpleMessage($User['id'], $USER['id'], '', 2, $LNG['al_circular_alliance'] . $ally['ally_tag'] . " & " . $DiploInfo[$Level][$id][3], $LNG['al_diplo_delete'], sprintf($LNG['al_diplo_delete_mes'], $LNG['al_diplo_level'][$Level], $ally['ally_name'], $DiploInfo[$Level][$id][0]));
}
}
$db->query("DELETE FROM " . DIPLO . " WHERE `id` ='" . $id . "' LIMIT 1;");
}
redirectTo("game.php?page=alliance&mode=admin&edit=diplo");
break;
default:
$template->assign_vars(array('DiploInfo' => $DiploInfo, 'al_diplo_create' => $LNG['al_diplo_create'], 'al_diplo_level' => $LNG['al_diplo_level'], 'al_diplo_accept' => $LNG['al_diplo_accept'], 'al_diplo_accept_send' => $LNG['al_diplo_accept_send'], 'al_diplo_no_entry' => $LNG['al_diplo_no_entry'], 'al_diplo_no_accept' => $LNG['al_diplo_no_accept'], 'al_diplo_confirm_delete' => $LNG['al_diplo_confirm_delete'], 'al_diplo_accept_yes_confirm' => $LNG['al_diplo_accept_yes_confirm'], 'al_diplo_accept_no_confirm' => $LNG['al_diplo_accept_no_confirm'], 'al_diplo_ground' => $LNG['al_diplo_ground'], 'al_back' => $LNG['al_back'], 'ally_id' => $ally['id']));
$template->show("alliance_admin_diplo.tpl");
break;
}
break;
case 'requests':
!$USER['rights']['seeapply'] || !$USER['rights']['changeapply'] ? redirectTo("game.php?page=alliance") : '';
$text = makebr(request_var('text', '', true));
if ($action == $LNG['al_acept_request']) {
$db->multi_query("UPDATE " . ALLIANCE . " SET `ally_members` = `ally_members` + 1 WHERE id='" . $ally['id'] . "';UPDATE " . USERS . " SET ally_name='" . $ally['ally_name'] . "', ally_request_text='', ally_request='0', ally_id='" . $ally['id'] . "' WHERE id='" . $db->sql_escape($id) . "';UPDATE " . STATPOINTS . " SET `id_ally` = '" . $ally['id'] . "' WHERE `id_owner` = '" . $id . "';");
SendSimpleMessage($id, $USER['id'], '', 2, $ally['ally_tag'], $LNG['al_you_was_acceted'] . $ally['ally_name'], $LNG['al_hi_the_alliance'] . $ally['ally_name'] . $LNG['al_has_accepted'] . $text);
redirectTo('game.php?page=alliance&mode=admin&edit=ally');
} elseif ($action == $LNG['al_decline_request']) {
$db->query("UPDATE " . USERS . " SET ally_request_text='',ally_request='0',ally_id='0' WHERE id='" . $db->sql_escape($id) . "';");
SendSimpleMessage($id, $USER['id'], '', 2, $ally['ally_tag'], $LNG['al_you_was_declined'] . $ally['ally_name'], $LNG['al_hi_the_alliance'] . $ally['ally_name'] . $LNG['al_has_declined'] . $text);
redirectTo('game.php?page=alliance&mode=admin&edit=ally');
}
$query = $db->query("SELECT id,username,ally_request_text,ally_register_time FROM " . USERS . " WHERE ally_request='" . $ally['id'] . "';");
while ($RequestRow = $db->fetch_array($query)) {
$RequestList[] = array('username' => $RequestRow['username'], 'text' => makebr($RequestRow['ally_request_text']), 'id' => $RequestRow['id'], 'time' => date(TDFORMAT, $RequestRow['ally_register_time']));
}
$template->assign_vars(array('RequestList' => $RequestList, 'requestcount' => sprintf($LNG['al_no_request_pending'], count($RequestList)), 'al_no_requests' => $LNG['al_no_requests'], 'al_candidate' => $LNG['al_candidate'], 'al_request_date' => $LNG['al_request_date'], 'al_request_list' => $LNG['al_request_list'], 'al_back' => $LNG['al_back'], 'al_reason' => $LNG['al_reason'], 'al_characters' => $LNG['al_characters'], 'al_request_from_user' => $LNG['al_request_from_user'], 'al_acept_request' => $LNG['al_acept_request'], 'al_decline_request' => $LNG['al_decline_request'], 'al_reply_to_request' => $LNG['al_reply_to_request']));
$template->show("alliance_admin_request.tpl");
break;
case 'tag':
$name = request_var('newname', '', UTF8_SUPPORT);
!empty($name) ? $db->query("UPDATE " . ALLIANCE . " SET `ally_tag` = '" . $db->sql_escape($name) . "' WHERE `id` = '" . $USER['ally_id'] . "';") : '';
$template->assign_vars(array('caso' => $LNG['al_tag'], 'caso_titulo' => $LNG['al_new_tag'], 'al_change_submit' => $LNG['al_change_submit'], 'al_back' => $LNG['al_back']));
$template->show("alliance_admin_rename.tpl");
break;
case 'name':
$name = request_var('newname', '', UTF8_SUPPORT);
!empty($name) ? $db->multi_query("UPDATE " . ALLIANCE . " SET `ally_name` = '" . $db->sql_escape($name) . "' WHERE `id` = '" . $USER['ally_id'] . "';UPDATE " . USERS . " SET `ally_name` = '" . $db->sql_escape($name) . "' WHERE `ally_id` = '" . $ally['id'] . "';") : '';
$template->assign_vars(array('caso' => $LNG['al_name'], 'caso_titulo' => $LNG['al_new_name'], 'al_change_submit' => $LNG['al_change_submit'], 'al_back' => $LNG['al_back']));
$template->show("alliance_admin_rename.tpl");
break;
case 'exit':
!$USER['rights']['close'] ? redirectTo("game.php?page=alliance") : '';
$db->multi_query("UPDATE " . USERS . " SET `ally_name` = '', `ally_id` = '0' WHERE `ally_id`='" . $ally['id'] . "';UPDATE " . STATPOINTS . " SET `id_ally` = '0' WHERE `id_ally` = '" . $ally['id'] . "';DELETE FROM " . ALLIANCE . " WHERE id = '" . $ally['id'] . "';DELETE FROM " . DIPLO . " WHERE `owner_1` = '" . $ally['id'] . "' OR `owner_2` = '" . $ally['id'] . "';");
redirectTo("game.php?page=alliance");
break;
case 'transfer':
$ally['ally_owner'] != $USER['id'] ? redirectTo("game.php?page=alliance") : '';
$postleader = request_var('newleader', 0);
if (!empty($postleader)) {
$Rank = $db->uniquequery("SELECT `ally_rank_id` FROM " . USERS . " WHERE `id` = '" . $postleader . "';");
$db->multi_query("UPDATE " . USERS . " SET `ally_rank_id` = '" . $Rank['ally_rank_id'] . "' WHERE `id` = '" . $USER['id'] . "';UPDATE " . USERS . " SET `ally_rank_id`= '0' WHERE `id` = '" . $postleader . "';UPDATE " . ALLIANCE . " SET `ally_owner` = '" . $postleader . "' WHERE `id` = '" . $USER['ally_id'] . "';");
redirectTo("game.php?page=alliance");
} else {
$listuser = $db->query("SELECT id,ally_rank_id,username FROM " . USERS . " WHERE ally_id = '" . $USER['ally_id'] . "';");
while ($u = $db->fetch_array($listuser)) {
$TransferUsers[$u['id']] = !empty($u['ally_rank_id']) && $ally['ally_owner'] != $u['id'] && $ally_ranks[$u['ally_rank_id'] - 1]['rechtehand'] == 1 ? $u['username'] . " [" . $ally_ranks[$u['ally_rank_id'] - 1]['name'] . "]" : '';
}
$template->assign_vars(array('TransferUsers' => $TransferUsers, 'al_transfer_alliance' => $LNG['al_transfer_alliance'], 'al_transfer_to' => $LNG['al_transfer_to'], 'al_back' => $LNG['al_back'], 'al_transfer_submit' => $LNG['al_transfer_submit']));
$template->show("alliance_admin_transfer.tpl");
}
break;
default:
$text = request_var('text', '0', true);
$t = request_var('t', 1);
if (isset($_POST['options'])) {
$ally['ally_owner_range'] = request_var('owner_range', '', true);
$ally['ally_web'] = request_var('web', '');
$ally['ally_image'] = request_var('image', '');
$ally['ally_request_notallow'] = request_var('request_notallow', 0);
$ally['ally_stats'] = request_var('stats', 0);
$ally['ally_diplo'] = request_var('diplo', 0);
if ($ally['ally_request_notallow'] != 0 && $ally['ally_request_notallow'] != 1) {
exit(redirectTo("game.php" . "?page=alliance"));
}
$db->query("UPDATE " . ALLIANCE . " SET\r\n\t\t\t\t\t\t\t\t\t`ally_owner_range` = '" . $db->sql_escape($ally['ally_owner_range']) . "',\r\n\t\t\t\t\t\t\t\t\t`ally_image` = '" . $db->sql_escape($ally['ally_image']) . "',\r\n\t\t\t\t\t\t\t\t\t`ally_web` = '" . $db->sql_escape($ally['ally_web']) . "',\r\n\t\t\t\t\t\t\t\t\t`ally_request_notallow` = '" . $ally['ally_request_notallow'] . "',\r\n\t\t\t\t\t\t\t\t\t`ally_stats` = '" . $ally['ally_stats'] . "',\r\n\t\t\t\t\t\t\t\t\t`ally_diplo` = '" . $ally['ally_diplo'] . "'\r\n\t\t\t\t\t\t\t\t\tWHERE `id`='" . $ally['id'] . "';");
} elseif ($text !== '0') {
$QryText = "UPDATE " . ALLIANCE . " SET ";
if ($t == 3) {
$QryText .= "`ally_request`='" . $db->sql_escape($text) . "' ";
} elseif ($t == 2) {
$QryText .= "`ally_text`='" . $db->sql_escape($text) . "' ";
} else {
$QryText .= "`ally_description`='" . $db->sql_escape($text) . "' ";
}
$QryText .= "WHERE `id`='" . $ally['id'] . "';";
$db->query($QryText);
}
switch ($t) {
case 2:
$text = $text !== '0' ? $text : $ally['ally_text'];
break;
case 3:
$text = $text !== '0' ? $text : $ally['ally_request'];
break;
default:
$text = $text !== '0' ? $text : $ally['ally_description'];
break;
}
$template->loadscript('alliance.js');
$template->execscript("\$('#cntChars').text(\$('#text').val().length);");
$template->assign_vars(array('al_characters' => $LNG['al_characters'], 'al_manage_alliance' => $LNG['al_manage_alliance'], 'al_texts' => $LNG['al_texts'], 'al_message' => $LNG['al_message'], 'al_manage_ranks' => $LNG['al_manage_ranks'], 'al_manage_members' => $LNG['al_manage_members'], 'al_manage_change_tag' => $LNG['al_manage_change_tag'], 'al_manage_change_name' => $LNG['al_manage_change_name'], 'al_outside_text' => $LNG['al_outside_text'], 'al_inside_text' => $LNG['al_inside_text'], 'al_request_text' => $LNG['al_request_text'], 'al_circular_reset' => $LNG['al_circular_reset'], 'al_save' => $LNG['al_save'], 'al_continue' => $LNG['al_continue'], 'al_manage_options' => $LNG['al_manage_options'], 'al_web_site' => $LNG['al_web_site'], 'al_manage_image' => $LNG['al_manage_image'], 'al_manage_requests' => $LNG['al_manage_requests'], 'al_manage_founder_rank' => $LNG['al_manage_founder_rank'], 'al_manage_diplo' => $LNG['al_manage_diplo'], 'al_view_stats' => $LNG['al_view_stats'], 'al_view_diplo' => $LNG['al_view_diplo'], 'al_disolve_alliance' => $LNG['al_disolve_alliance'], 'al_transfer_alliance' => $LNG['al_transfer_alliance'], 'al_close_ally' => $LNG['al_close_ally'], 'al_message' => $t == 2 ? $LNG['al_inside_text'] : ($t == 3 ? $LNG['al_request_text'] : $LNG['al_outside_text']), 'RequestSelector' => array(0 => $LNG['al_requests_allowed'], 1 => $LNG['al_requests_not_allowed']), 'YesNoSelector' => array(1 => $LNG['al_go_out_yes'], 0 => $LNG['al_go_out_no']), 't' => $t, 'text' => $text, 'righthand' => $USER['rights']['righthand'], 'ally_web' => $ally['ally_web'], 'ally_image' => $ally['ally_image'], 'ally_request_notallow' => $ally['ally_request_notallow'], 'ally_owner_range' => $ally['ally_owner_range'], 'ally_stats_data' => $ally['ally_stats'], 'ally_diplo_data' => $ally['ally_diplo']));
$template->show("alliance_admin.tpl");
break;
}
break;
default:
require_once ROOT_PATH . 'includes/functions/BBCode.php';
if ($ally['ally_owner'] == $USER['id']) {
$range = $ally['ally_owner_range'] != '' ? $ally['ally_owner_range'] : $LNG['al_founder_rank_text'];
} elseif ($USER['ally_rank_id'] != 0 && isset($ally_ranks[$USER['ally_rank_id'] - 1]['name'])) {
$range = $ally_ranks[$USER['ally_rank_id'] - 1]['name'];
} else {
$range = $LNG['al_new_member_rank_text'];
}
$StatsData = $db->uniquequery("SELECT SUM(wons) as wons, SUM(loos) as loos, SUM(draws) as draws, SUM(kbmetal) as kbmetal, SUM(kbcrystal) as kbcrystal, SUM(kbnorio) as kbnorio, SUM(lostunits) as lostunits, SUM(desunits) as desunits FROM " . USERS . " WHERE ally_id='" . $ally['id'] . "';");
$Reuqests = $db->uniquequery("SELECT COUNT(*) as state FROM " . USERS . " WHERE ally_request='" . $ally['id'] . "';");
$template->assign_vars(array('DiploInfo' => $this->GetDiplo($ally['id']), 'al_diplo_level' => $LNG['al_diplo_level'], 'al_diplo' => $LNG['al_diplo'], 'ally_web' => $ally['ally_web'], 'ally_tag' => $ally['ally_tag'], 'ally_members' => $ally['ally_members'], 'ally_name' => $ally['ally_name'], 'ally_image' => $ally['ally_image'], 'ally_description' => bbcode($ally['ally_description']), 'ally_text' => bbcode($ally['ally_text']), 'range' => $range, 'requests' => sprintf($LNG['al_new_requests'], $Reuqests['state']), 'req_count' => $Reuqests['state'], 'al_requests' => $LNG['al_requests'], 'al_leave_alliance' => $LNG['al_leave_alliance'], 'al_rank' => $LNG['al_rank'], 'al_ally_info_tag' => $LNG['al_ally_info_tag'], 'al_user_list' => $LNG['al_user_list'], 'al_ally_info_name' => $LNG['al_ally_info_name'], 'al_ally_info_members' => $LNG['al_ally_info_members'], 'al_manage_alliance' => $LNG['al_manage_alliance'], 'al_your_ally' => $LNG['al_your_ally'], 'al_Allyquote' => $LNG['al_Allyquote'], 'al_web_text' => $LNG['al_web_text'], 'al_circular_message' => $LNG['al_circular_message'], 'al_send_circular_message' => $LNG['al_send_circular_message'], 'al_description_message' => $LNG['al_description_message'], 'al_inside_section' => $LNG['al_inside_section'], 'pl_totalfight' => $LNG['pl_totalfight'], 'pl_fightwon' => $LNG['pl_fightwon'], 'pl_fightlose' => $LNG['pl_fightlose'], 'pl_fightdraw' => $LNG['pl_fightdraw'], 'pl_unitsshot' => $LNG['pl_unitsshot'], 'pl_unitslose' => $LNG['pl_unitslose'], 'pl_dermetal' => $LNG['pl_dermetal'], 'pl_dercrystal' => $LNG['pl_dercrystal'], 'pl_dernorio' => $LNG['pl_dernorio'], 'al_goto_chat' => $LNG['al_goto_chat'], 'al_continue' => $LNG['al_continue'], 'al_leave_alliance' => $LNG['al_leave_alliance'], 'al_leave_ally' => $LNG['al_leave_ally'], 'totalfight' => $StatsData['wons'] + $StatsData['loos'] + $StatsData['draws'], 'fightwon' => $StatsData['wons'], 'fightlose' => $StatsData['loos'], 'fightdraw' => $StatsData['draws'], 'unitsshot' => pretty_number($StatsData['desunits']), 'unitslose' => pretty_number($StatsData['lostunits']), 'dermetal' => pretty_number($StatsData['kbmetal']), 'dercrystal' => pretty_number($StatsData['kbcrystal']), 'dernorio' => pretty_number($StatsData['kbnorio']), 'isowner' => $ally['ally_owner'] != $USER['id'] ? true : false, 'rights' => $USER['rights']));
$template->show("alliance_frontpage.tpl");
break;
}
break;
}
}
if (!$phathanh) {
$phathanh = GetDateT($film[0][4]);
}
$thumb = $film[0][5];
if (!$thumb) {
$thumb = TEMPLATE_URL . 'images/grey.jpg';
}
$theloai = category_a($film[0][2]);
$quocgia = country_a($film[0][6]);
$genre = category_ad($film[0][2]);
$country = country_ad($film[0][6]);
$daodien_a = CheckName($film[0][7]);
$daodien = Get_List_director($film[0][7]);
$dienvien = Get_List_actor($film[0][8]);
$year = CheckName($film[0][9]);
$duration = CheckName($film[0][10]);
$viewed = $film[0][11];
$loaiphim = $film[0][19];
$content = RemoveHtml(UnHtmlChars($film[0][12]));
$tags = GetTag_a($film[0][13], 2);
$image_r = explode("<img ", UnHtmlChars($film[0][12]));
$Astar = $film[0][15];
$Bstar = $film[0][14];
$Cstar = $Astar / $Bstar;
$Dstar = number_format($Cstar, 0);
$Cstar = number_format($Cstar, 1);
for ($i = 1; $i < count($image_r); $i++) {
preg_match('/src="([^"]+)"/', $image_r[$i], $image);
$image = $image[1];
$image_all .= "<li><a href=\"{$image}\" rel=\"screen[s]\" title=\"{$tenphim} - {$tentienganh}\"><img src=\"{$image}\" alt=\"{$tenphim} - {$tentienganh}\" width=\"600px\"/></a></li>";
}
private function sendDefault()
{
global $USER, $PLANET, $CONF, $LNG, $UNI, $SESSION, $THEME;
$adminprotection = HTTP::_GP('adminprotection', 0);
$username = HTTP::_GP('username', $USER['username'], UTF8_SUPPORT);
$password = HTTP::_GP('password', '');
$newpassword = HTTP::_GP('newpassword', '');
$newpassword2 = HTTP::_GP('newpassword2', '');
$email = HTTP::_GP('email', $USER['email']);
$timezone = HTTP::_GP('timezone', '');
$language = HTTP::_GP('language', '');
$planetSort = HTTP::_GP('planetSort', 0);
$planetOrder = HTTP::_GP('planetOrder', 0);
$theme = HTTP::_GP('theme', $THEME->getThemeName());
$queueMessages = HTTP::_GP('queueMessages', 0);
$spycount = HTTP::_GP('spycount', 1.0);
$fblink = HTTP::_GP('fblink', '');
$fleetactions = HTTP::_GP('fleetactions', 5);
$galaxySpy = HTTP::_GP('galaxySpy', 0);
$galaxyMessage = HTTP::_GP('galaxyMessage', 0);
$galaxyBuddyList = HTTP::_GP('galaxyBuddyList', 0);
$galaxyMissle = HTTP::_GP('galaxyMissle', 0);
$blockPM = HTTP::_GP('blockPM', 0);
$vacation = HTTP::_GP('vacation', 0);
$delete = HTTP::_GP('delete', 0);
$sirena = HTTP::_GP('sirena', 0);
// Vertify
$adminprotection = $adminprotection == 1 && $USER['authlevel'] != AUTH_USR ? $USER['authlevel'] : 0;
$spycount = min(max(round($spycount), 1), 4294967295);
$fleetactions = min(max($fleetactions, 1), 99);
$language = array_key_exists($language, $LNG->getAllowedLangs(false)) ? $language : $LNG->getLanguage();
$theme = array_key_exists($theme, Theme::getAvalibleSkins()) ? $theme : $THEME->getThemeName();
$SQL = "";
$redirectTo = 'game.php?page=settings';
if (!empty($username) && $USER['username'] != $username) {
if (!CheckName($username)) {
$this->printMessage($LNG['op_user_name_no_alphanumeric']);
} elseif ($USER['uctime'] >= TIMESTAMP - USERNAME_CHANGETIME) {
$this->printMessage($LNG['op_change_name_pro_week']);
} else {
$Count = $GLOBALS['DATABASE']->getFirstCell("SELECT (SELECT COUNT(*) FROM " . USERS . " WHERE `universe` = " . $UNI . " AND `username` = '" . $GLOBALS['DATABASE']->sql_escape($username) . "') + (SELECT COUNT(*) FROM " . USERS_VALID . " WHERE `universe` = " . $UNI . " AND `username` = '" . $GLOBALS['DATABASE']->sql_escape($username) . "')");
if (!empty($Count)) {
$this->printMessage(sprintf($LNG['op_change_name_exist'], $username));
} else {
$SQL .= "UPDATE " . USERS . " SET username = '******'DATABASE']->sql_escape($username) . "', uctime = " . TIMESTAMP . " WHERE id = " . $USER['id'] . ";";
$redirectTo = 'index.php';
$SESSION->DestroySession();
}
}
}
if (!empty($newpassword) && md5($password) == $USER["password"]) {
$newpass = md5($newpassword);
$SQL .= "UPDATE " . USERS . " SET password = '******' WHERE id = " . $USER['id'] . ";";
$redirectTo = 'index.php';
$SESSION->DestroySession();
}
if (!empty($email) && $email != $USER['email']) {
if (cryptPassword($password) != $USER['password']) {
$this->printMessage($LNG['op_need_pass_mail']);
} elseif (!ValidateAddress($email)) {
$this->printMessage($LNG['op_not_vaild_mail']);
} else {
$Count = $GLOBALS['DATABASE']->getFirstCell("SELECT (SELECT COUNT(*) FROM " . USERS . " WHERE id != " . $USER['id'] . " AND universe = " . $UNI . " AND (email = '" . $GLOBALS['DATABASE']->sql_escape($email) . "' OR email_2 = '" . $GLOBALS['DATABASE']->sql_escape($email) . "')) + (SELECT COUNT(*) FROM " . USERS_VALID . " WHERE universe = " . $UNI . " AND email = '" . $GLOBALS['DATABASE']->sql_escape($email) . "')");
if (!empty($Count)) {
$this->printMessage(sprintf($LNG['op_change_mail_exist'], $email));
} else {
$SQL .= "UPDATE " . USERS . " SET email = '" . $GLOBALS['DATABASE']->sql_escape($email) . "', setmail = " . (TIMESTAMP + 604800) . " WHERE id = " . $USER['id'] . ";";
}
}
}
if ($vacation == 1) {
if (!$this->CheckVMode()) {
$this->printMessage($LNG['op_cant_activate_vacation_mode']);
} else {
$SQL .= "UPDATE " . USERS . " SET \n\t\t\t\t\t\t\turlaubs_modus = '1',\n\t\t\t\t\t\t\turlaubs_until = " . (TIMESTAMP + Config::get('vmode_min_time')) . "\n\t\t\t\t\t\t\tWHERE id = " . $USER["id"] . ";\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tUPDATE " . PLANETS . " SET\n\t\t\t\t\t\t\tmetal_mine_porcent = '0',\n\t\t\t\t\t\t\tcrystal_mine_porcent = '0',\n\t\t\t\t\t\t\tdeuterium_sintetizer_porcent = '0',\n\t\t\t\t\t\t\tmetal_perhour = '0',\n\t\t\t\t\t\t\tcrystal_perhour = '0',\n\t\t\t\t\t\t\tdeuterium_perhour = '0'\n\t\t\t\t\t\t\tWHERE id_owner = " . $USER["id"] . ";";
}
}
if ($delete == 1) {
$SQL .= "UPDATE " . USERS . " SET db_deaktjava = " . TIMESTAMP . " WHERE id = " . $USER['id'] . ";";
} else {
$SQL .= "UPDATE " . USERS . " SET db_deaktjava = 0 WHERE id = " . $USER['id'] . ";";
}
$SQL .= "UPDATE " . USERS . " SET\n\t\t\t\t\tdpath = '" . $GLOBALS['DATABASE']->sql_escape($theme) . "',\n\t\t\t\t\ttimezone = '" . $timezone . "',\n\t\t\t\t\tplanet_sort = " . $planetSort . ",\n\t\t\t\t\tplanet_sort_order = " . $planetOrder . ",\n\t\t\t\t\tspio_anz = " . $spycount . ",\n\t\t\t\t\tfblink = '" . $fblink . "',\n\t\t\t\t\tsettings_fleetactions = " . $fleetactions . ",\n\t\t\t\t\tsettings_esp = " . $galaxySpy . ",\n\t\t\t\t\tsettings_wri = " . $galaxyMessage . ",\n\t\t\t\t\tsettings_bud = " . $galaxyBuddyList . ",\n\t\t\t\t\tsettings_mis = " . $galaxyMissle . ",\n\t\t\t\t\tsettings_blockPM = " . $blockPM . ",\n\t\t\t\t\talarm_volume = " . $sirena / 10 . ",\n\t\t\t\t\tauthattack = " . $adminprotection . ",\n\t\t\t\t\tlang = '" . $language . "',\n\t\t\t\t\thof = " . $queueMessages . "\n\t\t\t\t\tWHERE id = '" . $USER["id"] . "';";
$GLOBALS['DATABASE']->multi_query($SQL);
$this->printMessage($LNG['op_options_changed']);
}
$quality = $arr[$i][7];
$year = $arr[$i][8];
$thumb = $arr[$i][3];
$duration = $arr[$i][10];
$content = $arr[$i][6];
$director = $arr[$i][11];
$actor = $arr[$i][12];
$country = one_data('name', 'country', "id = '" . $arr[$i][13] . "'");
$category = $arr[$i][14];
$category = substr($category, 1);
$category = substr($category, 0, -1);
$cat = MySql::dbselect('name', 'category', "id IN ({$category})");
for ($x = 0; $x < count($cat); $x++) {
$catx .= $cat[$x][0] . ', ';
}
$category = substr($catx, 0, -2);
$m_time = date('D, d M Y H:i:s', $arr[$i][9]);
$url = Url::get($arr[$i][0], $title, 'Phim');
$rss .= "<item>\r\n";
$rss .= "<title>" . clean_feed($title . ' - ' . $title_en) . "</title>\r\n";
$rss .= "<description><![CDATA[<table><tr><td><img src=\"" . $thumb . "\" width=\"200\" height=\"270\" alt=\"" . clean_feed($title . ' - ' . $title_en) . "\" /></td><td><a href=\"{$url}\" title=\"" . clean_feed($title . ' - ' . $title_en) . "\" target=\"_blank\"><h1 />" . clean_feed($title . ' - ' . $title_en) . "</h1></a><br />Diễn viên: " . CheckName($actor) . "<br />Đạo diễn: " . CheckName($director) . "<br />Quốc gia: " . RemoveHtml($country) . "<br />Thể loại: " . RemoveHtml($category) . " <br />Thời lượng: " . $duration . "</td></tr></table><hr />" . CutName(RemoveHtml(UnHtmlChars($content)), 250) . "]]></description>\r\n";
$rss .= "<link>" . $url . "</link>\r\n";
$rss .= "<pubDate>" . $m_time . " GMT</pubDate>\r\n";
$rss .= "</item>\r\n\r\n";
}
$rss .= "</channel>\r\n";
$rss .= "</rss>\r\n";
Cache::END_CACHE($rss, $file);
}
echo $rss;
exit;
