?> </h2> <?php $players = get_ranking($id); draw_ranking($players); } // started break; // case view // case view case 'join': check_banned($_SESSION['playerID']); $id = $_GET['id']; $t = mysql_fetch_array(mysql_query("SELECT * FROM tournaments WHERE id = '{$id}'")); $name = db_output($t['name']); if (strpos($name, "Finals") > 0) { echo "<b>Cannot join Finals</b>"; exit; } if (joined($id, $_SESSION['playerID'])) { echo "<b>{$MSG_LANG['tournamentalready']}</b>"; exit; } if (get_num($id) == $t['players']) { echo "<b>{$MSG_LANG['tournament44']}</b>"; exit; } if ($me['rating'] < $t['min_rating'] || $me['rating'] > $t['max_rating']) { echo "<b>{$MSG_LANG['tournamentsorry']}</b>"; exit;
function db_output($param) { return $param; //Note: NO need to strip slashes since we are escaping strings using mysql_real_escape ..03/14/08 peter. if (is_string($param)) { return trim(stripslashes($param)); } elseif (is_array($param)) { reset($param); while (list($key, $value) = each($param)) { $param[$key] = db_output($value); } return $param; } return $param; }
//what's autor mean? need this in english //config option $forums_live == 1 or 0 and use an if $forum_module_active = true; $smarty->assign('lang_main_menu_forum1', $MSG_LANG['forum1']); //forums let's make it a config option $smarty->assign('main_messages_per_page', $main_perpage); $smarty->assign('lang_main_menu_forum2', $MSG_LANG['forum2']); $smarty->assign('lang_main_menu_forum3', $MSG_LANG['forum3']); $smarty->assign('forums_module_active', $forum_module_active); include_once "forum_functions.php"; $t1 = mysql_query("SELECT t.*, p.firstName, p.playerID from forum_topics t LEFT JOIN players p ON p.playerID = t.userid ORDER BY time DESC LIMIT {$main_perpage}"); $forums_data = array(); while ($forum_data = mysql_fetch_array($t1)) { $title = db_output($forum_data['title']); $title = strip_tags($title); $text = db_output($forum_data['text'], true); $text = strip_tags($text, "<br>"); $text = bbcode($text); $text = forum_smilies($text); $date = date("d.m.y, H:i", $forum_data['time']); $topic = $forum_data['replyto'] > 0 ? $forum_data['replyto'] : $forum_data['topic_id']; $count = getcount('forum_topics', "WHERE replyto = '" . $topic . "'"); $lp1 = mysql_query("SELECT t.topic_id, t.userid, p.firstName FROM forum_topics t\n LEFT JOIN players p ON p.playerID = t.userid\n WHERE t.replyto = '" . $topic . "'\n AND t.time = '" . $t['lastreply'] . "'"); $lp = mysql_fetch_array($lp1); $total_pages = ceil($count / $topics_perpage); $start = ($total_pages - 1) * $topics_perpage; if ($start < 0) { $start = 0; } $link = 'forum.php?action=viewtopic&id=' . $topic . '&start=' . $start . '#' . $lp['topic_id']; $forum_data['date'] = $date;
function db_output($param) { if (!function_exists('get_magic_quotes_runtime') || !get_magic_quotes_runtime()) { //Sucker is NOT on - thanks. return $param; } if (is_array($param)) { reset($param); while (list($key, $value) = each($param)) { $param[$key] = db_output($value); } return $param; } elseif (!is_numeric($param)) { $param = trim(stripslashes($param)); } return $param; }
function db_fetch_row($res) { return $res ? db_output($res->fetch_row()) : NULL; }
function crosstable($id) { global $MSG_LANG; $t = mysql_fetch_array(mysql_query("SELECT * FROM tournaments WHERE id = '$id'")); $name = db_output($t['name']); $date = date("m.d.y", $t['time']); $i = 1; $query = mysql_query("SELECT * FROM games WHERE tournament = '$id' ORDER BY gameID ASC"); while ($g = mysql_fetch_array($query)) { $games[$i] = $g; $i++; } // while $p1 = mysql_fetch_array(mysql_query("SELECT * FROM {$db_prefix}players WHERE player_id = '".$t['player1']."'")); $p2 = mysql_fetch_array(mysql_query("SELECT * FROM {$db_prefix}players WHERE player_id = '".$t['player2']."'")); $p3 = mysql_fetch_array(mysql_query("SELECT * FROM {$db_prefix}players WHERE player_id = '".$t['player3']."'")); $p4 = mysql_fetch_array(mysql_query("SELECT * FROM {$db_prefix}players WHERE player_id = '".$t['player4']."'")); //print_r($games); ?> <table border="1" style="width: 100%"> <tr> <td> <h1><?=$name?></h1><br> <?=$MSG_LANG["start"]?>: <?=$date?> <br> <br> <table width="500"> <tr> <td width="100" height="100"> </td> <td width="100" height="100"><b><?PHP echo "<a href=\"stats_user.php?cod=" . $p1['playerID'] . "\">" . $p1['firstName'] . "</a>"; ?></b></td> <td width="100" height="100"><b><?PHP echo "<a href=\"stats_user.php?cod=" . $p2['playerID'] . "\">" . $p2['firstName'] . "</a>"; ?></b></td> <td width="100" height="100"><b><?PHP echo "<a href=\"stats_user.php?cod=" . $p3['playerID'] . "\">" . $p3['firstName'] . "</a>"; ?></b></td> <td width="100" height="100"><b><?PHP echo "<a href=\"stats_user.php?cod=" . $p4['playerID'] . "\">" . $p4['firstName'] . "</a>"; ?></b></td> </tr> <tr> <td width="100" height="100"><b><?PHP echo "<a href=\"stats_user.php?cod=" . $p1['playerID'] . "\">" . $p1['firstName'] . "</a>"; ?></b></td> <td width="100" height="100"> </td> <td width="100" height="100"><b><?PHP show_game(4, $games); ?></b></td> <td width="100" height="100"><b><?PHP show_game(7, $games); ?></b></td> <td width="100" height="100"><b><?PHP show_game(10, $games); ?></b></td> </tr> <tr> <td width="100" height="100"><b><?PHP echo "<a href=\"stats_user.php?cod=" . $p2['playerID'] . "\">" . $p2['firstName'] . "</a>"; ?></b></td> <td width="100" height="100"><b><?PHP show_game(1, $games); ?></b></td> <td width="100" height="100"> </td> <td width="100" height="100"><b><?PHP show_game(8, $games); ?></b></td> <td width="100" height="100"><b><?PHP show_game(11, $games); ?></b></td> </tr> <tr> <td width="100" height="100"><b><?PHP echo "<a href=\"stats_user.php?cod=" . $p3['playerID'] . "\">" . $p3['firstName'] . "</a>"; ?></b></td> <td width="100" height="100"><b><?PHP show_game(2, $games); ?></b></td> <td width="100" height="100"><b><?PHP show_game(5, $games); ?></b></td> <td width="100" height="100"> </td> <td width="100" height="100"><b><?PHP show_game(12, $games); ?></b></td> </tr> <tr> <td width="100" height="100"><b><?PHP echo "<a href=\"stats_user.php?cod=" . $p4['playerID'] . "\">" . $p4['firstName'] . "</a>"; ?></b></td> <td width="100" height="100"><b><?PHP show_game(3, $games); ?></b></td> <td width="100" height="100"><b><?PHP show_game(6, $games); ?></b></td> <td width="100" height="100"><b><?PHP show_game(9, $games); ?></b></td> <td width="100" height="100"> </td> </tr> </table> </td> </tr> </table> <?PHP }
} echo '</table>'; break; // case list case 'view': $g1 = mysql_query("SELECT g.*, p.firstName FROM groups g LEFT JOIN players p on p.playerID = g.creator WHERE g.group_id = '$id'"); echo mysql_error(); $g = mysql_fetch_array($g1); $c = getcount("group_members", "WHERE group_id = '$id' AND joined > 0"); $title = db_output($g['title']); $text = db_output($g['text']); ?> <font size="+1"> <?PHP echo $title; echo ($g['ag'] == 1) ? ' - Chess AG' : ''; ?> </font> <br><br> <?=$MSG_LANG["teamleader4"]?>: <?PHP echo '<a href="stats_user.php?cod='.$g['creator'].'">'.$g['firstName'].'</a>'; ?> <?=$MSG_LANG["teamleader5"]?>
function db_fetch_row($res) { return $res ? db_output(mysql_fetch_row($res)) : NULL; }
$g1 = mysql_query("SELECT topic_id FROM forum_topics WHERE replyto = 0 AND gameid = '".$_SESSION['gameID']."'"); $g = mysql_fetch_array($g1); $t1 = mysql_query("SELECT t.*, p.firstName, p.playerID, p.lastUpdate from forum_topics t LEFT JOIN players p ON p.playerID = t.userid WHERE t.topic_id = '".$g['topic_id']."' OR t.replyto = '".$g['topic_id']."' ORDER BY time DESC LIMIT ".$replies_perpage); //echo mysql_error(); while ($t = mysql_fetch_array($t1)) { $title = db_output($t['title']); $title = strip_tags($title); $text = db_output($t['text'], true); $text = strip_tags($text, "<br>"); $text = bbcode($text); $text = forum_smilies($text); $date = date("d.m.y, H:i", $t['time']); ?> <table> <tr> <tr> <td width="100" valign="top">
$title = db_input($_POST['title']); $forum_text = db_input($_POST['forum_text']); $query = "UPDATE forums\n SET forum_title = '{$title}',\n forum_text = '{$forum_text}'\n WHERE forum_id = '" . $_POST['id'] . "'"; mysql_query($query); echo mysql_error(); echo "Forum Created!"; } // title break; // case create // case create case 'delete': if ($_GET['confirm'] != true) { $f1 = mysql_query("SELECT * FROM forums WHERE forum_id='" . $_GET['id'] . "'"); $f = mysql_fetch_array($f1); $forum_title = db_output($f['forum_title']); ?> <table width="100%"> <tr> <td> <div align="left" width="100%"> <b>Forum Delete:</b><br><br> <?php echo $forum_title; ?> <br><br> <font color="#FF0000">ATTENTION:</font> You are about to delete this post permanently! This will delete the first post of the subject and all replies following <br><br> <a href="forum_admin.php?action=delete&id=<?php