function execute_query($input_query, $page_src = 'none.php', $save_log = '1') { global $CONFIG_sql_cpdbname, $CP, $CONFIG_log_select, $CONFIG_log_insert, $CONFIG_log_update, $CONFIG_log_delete, $query_txt; // $start_time = getmicrotime(); $die_message = "<form>MySQL query['<font color='red'>" . $page_src . "</red>'] :<br /><textarea name=\"query_error\" cols=\"65\" rows=\"7\" class=\"textinput\" readonly>" . htmlspecialchars(stripslashes($input_query)) . "</textarea></form>"; $analyze_query = strtolower(htmlspecialchars($input_query)); if ($save_log) { if (strstr($analyze_query, 'select') !== false && $CONFIG_log_select) { $log_enable = '1'; } else { if (strstr($analyze_query, 'insert') !== false && $CONFIG_log_insert) { $log_enable = '1'; } else { if (strstr($analyze_query, 'update') !== false && $CONFIG_log_update) { $log_enable = '1'; } else { if (strstr($analyze_query, 'delete') !== false && $CONFIG_log_delete) { $log_enable = '1'; } else { $log_enable = '0'; } } } } if ($log_enable) { $user = $CP["login_name"]; if (empty($user)) { $user = "******"; } mysql_query("INSERT INTO {$CONFIG_sql_cpdbname}.query_log (Date,User,IP,page,query) VALUES (NOW() ,'" . mysql_res($user) . "','" . mysql_res($CP["ip_address"]) . "','" . mysql_res($page_src) . "','" . mysql_res($input_query) . "')"); } } if (!($result = mysql_query($input_query, $this->link ? $this->link : $GLOBALS['link'])) || strstr($analyze_query, "union")) { echo $die_message; exit; } // $end_time = getmicrotime(); // $time_result = $end_time - $start_time; // $query_txt .= $input_query."[<font color='red'>".$time_result."</font>]<br />\n"; /* if($log_query) $sql->total_query++;*/ return $result; }
// Project Lead by: Mysterious // ========================================================================= // To change the message that is outputted, edit the file in /lang/English.php --> <?php if (!$SERVER['system_safe']) { exit; } if ($CONFIG_lost_pass_mode || $CONFIG_md5_support >= '1') { if ($GET_code == 00) { opmain_body("{$lang['Mn_lostpass']}"); echo "<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\" class=\"emptytable3\">\n\t<form action=\"index.php?act=lostpass&code=01\" method=\"post\" enctype=\"multipart/form-data\" name=\"Lost_Pass\">\n\t<TBODY>\n\t\t<TR height=\"27\" class=\"title_bar2\">\n\t\t\t<TD colspan=\"2\"><div class=\"title_face\">{$lang['LP_form']}</div></TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title6\">\n\t\t\t<TD width=\"20%\"><B>{$lang['LP_input']}</B></TD>\n\t\t\t<TD width=\"80%\"><input name=\"userid\" type=\"text\" size=\"24\" maxlength=\"24\" class=\"textinput\"> {$lang['LP_info']}</TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title5\" align=\"center\">\n\t\t\t<TD colspan=\"2\"><input type=\"submit\" name=\"Submit\" value=\"{$lang['LP_submit']}\" class=\"textinput\"></TD>\n\t\t</TR>\n\t</TBODY>\n\t</form>\n</TABLE>\n"; clmain_body(); } else { if ($GET_code == 01) { $query = "SELECT userid,user_pass,email FROM {$CONFIG_sql_dbname}.login WHERE userid = \"" . mysql_res($POST_userid) . "\""; $sql->result = $sql->execute_query($query, 'lostpass.php', 0); $sql->total_query++; if ($sql->count_rows()) { $row = $sql->fetch_row(); $mail_subject = "Lost Password ( SGCP user registration information )"; $mail_messages = sprintf("\n\n{$lang['LP_mes_1']}\n\n{$lang['LP_mes_2']}\n{$lang['LP_mes_3']}\n{$lang['LP_mes_4']}\n\n{$lang['LP_mes_5']}\n{$lang['LP_mes_6']}\n\n{$lang['LP_mes_7']}\n{$lang['LP_mes_8']}\n", $CONFIG_server_name, $CONFIG_server_name, $row[userid], $row[user_pass], $CONFIG_server_name, $CONFIG_admin_email, $CONFIG_server_name); if (SendMail($row[email], $mail_subject, $mail_messages)) { redir("index.php?act=lostpass", "{$lang['LP_send_success']}", 3); } else { redir("index.php?act=lostpass", "{$lang['LP_send_fail']}", 3); } } else { redir("index.php?act=lostpass", "{$lang['LP_no_found']}", 3); } }
// Copyright (c) Stargames Control Panel - Licensed under GNU GPL. // See LICENSE File // ========================================================================= // Project Lead by: Mysterious // ========================================================================= --> <?php if (!$SERVER['system_safe']) { exit; } getglobalvar(1); if ($STORED_loginname && $STORED_loginpass) { if ($CONFIG_md5_support) { $query = "SELECT account_id,sex,email FROM {$CONFIG_sql_dbname}.login WHERE BINARY md5(`account_id`) = BINARY \"" . mysql_res($STORED_loginname) . "\" AND user_pass = \"" . mysql_res($STORED_loginpass) . "\""; } else { $query = "SELECT account_id,sex,email FROM {$CONFIG_sql_dbname}.login WHERE BINARY md5(`account_id`) = BINARY \"" . mysql_res($STORED_loginname) . "\" AND md5(user_pass) = \"" . mysql_res($STORED_loginpass) . "\""; } $sql->result = $sql->execute_query($query, 'user_profile.php', 0); $sql->total_query++; if ($sql->count_rows() > 0) { $row = $sql->fetch_row(); $CP['login_id'] = $row["account_id"]; $CP['login_name'] = get_username($row["account_id"]); $CP['login_sex'] = $row["sex"]; $CP['login_mail'] = $row["email"]; if (empty($CP['login_id'])) { if ($CONFIG_save_type == 1) { session_unregister(loginname); session_unregister(loginpass); } else { CP_removeCookie("loginname");
header("location:{$CP['cp_update_link']}"); session_unregister(CP_UPDATE); } } } else { if ($GET_showtopic && $GET_view) { $GET_showtopic = (int) $GET_showtopic; if ($GET_view == 'getnewpost') { $query = "SELECT reply_id FROM {$CONFIG_sql_cpdbname}.board_reply WHERE topic_id =\"" . mysql_res($GET_showtopic) . "\" ORDER by reply_id DESC"; $sql->result = $sql->execute_query($query, 'index.php'); $count_rows_topic = $sql->count_rows(); $row_get_topic = $sql->fetch_row(); $reply_id = $row_get_topic[reply_id]; } else { if ($GET_view == 'findpost' && $GET_p) { $query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.board_reply WHERE topic_id =\"" . mysql_res($GET_showtopic) . "\" && reply_id<=\"" . mysql_res($GET_p) . "\" ORDER by reply_id DESC"; $sql->result = $sql->execute_query($query, 'index.php'); $count_rows_topic = $sql->result(); $reply_id = $GET_p; } else { header("location:index.php?act=idx"); } } if ($count_rows_topic <= $CONFIG_per_page) { $pages = '1'; } else { if ($count_rows_topic % $CONFIG_per_page == '0') { $pages = $count_rows_topic / $CONFIG_per_page; } else { $pages = $count_rows_topic / $CONFIG_per_page + 1; $pages = (int) $pages;
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.user_profile SET user_time_offset = \"" . mysql_res($POST_u_timezone) . "\" WHERE user_id = \"" . $CP['login_id'] . "\" ", 'change_profile.php'); $sql->total_query++; $display = "{$lang['change_right_time_offset']}"; } } else { if ($GET_code == '07' && length($POST_display_name, 4, 24)) { $POST_password = mysql_res(checkmd5($CONFIG_md5_support, $POST_password)); $POST_display_name = checkstring($POST_display_name, 1); $query = "SELECT userid FROM {$CONFIG_sql_dbname}.login WHERE account_id = \"" . $CP['login_id'] . "\" AND user_pass = \"" . $POST_password . "\""; $sql->result = $sql->execute_query($query, 'change_profile.php'); $sql->total_query++; $row = $sql->fetch_row(); if (!$sql->count_rows()) { $display = "{$lang['change_wrong_display_name']}"; } else { $query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.user_profile WHERE display_name = \"" . mysql_res($POST_display_name) . "\""; $sql->result = $sql->execute_query($query, 'change_profile.php'); $sql->total_query++; $count1 = $sql->result(); $query = "SELECT COUNT(*) FROM {$CONFIG_sql_dbname}.login WHERE userid = \"" . $POST_display_name . "\" AND userid != \"" . $row["userid"] . "\""; $sql->result = $sql->execute_query($query, 'change_profile.php'); $sql->total_query++; $count2 = $sql->result(); if ($count1 || $count2) { $display = sprintf("{$lang['change_wrong_display_name2']}", $POST_display_name); } else { $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.user_profile SET display_name = \"" . $POST_display_name . "\" WHERE user_id = \"" . $CP['login_id'] . "\"", 'change_profile.php'); $sql->total_query++; $display = "{$lang['change_right_display_name']}"; } }
} else { $t_reply = "<a href=\"index.php?act=post&code=01&f={$forum_id}&t={$GET_showtopic}\"><img src =\"theme/{$STORED['THEME']}/images/webboard/t_reply.gif\" border=\"0\" alt=\"Reply to this topic\"></a>"; } } get_menuwb($forum_id, 2, $t_reply); echo "\t\t\t</TD>\n\t\t</TR>\n\t</TBODY>\n</TABLE>\n<BR>\n<TABLE width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\" class=\"topic_title\">\n\t<TBODY>\n\t\t<TR>\n\t\t\t<TD class=\"title_bar\" height=\"29\">\n\t\t\t\t<font color=\"#FFFFFF\"> <img src=\"theme/{$STORED['THEME']}/images/nav_m.gif\"> <B>{$topic_name}{$topic_description}</B></font>\n\t\t\t</TD>\n\t\t</TR>\n\t\t<TR>\n\t\t\t<TD>\n\t\t\t\t<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\" class=\"emptytable3\">\n\t\t\t\t\t<TBODY>\n"; $query = "SELECT * FROM {$CONFIG_sql_cpdbname}.poll WHERE topic_id =\"" . mysql_res($GET_showtopic) . "\""; $sql->result2 = $sql->execute_query($query, 'showtopic.php'); $sql->total_query++; if ($sql->count_rows($sql->result2)) { $poll_row = $sql->fetch_row($sql->result2); echo "\t\t\t\t\t<form action=\"index.php?act=insert_topic&code=03\" method=\"post\">\n\t\t\t\t\t\t<input type=\"hidden\" name=\"clickvote\" value=\"1\">\n\t\t\t\t\t\t<input type=\"hidden\" name=\"t\" value=\"{$GET_showtopic}\">\n\t\t\t\t\t\t<TR class=\"topic_title5\">\n\t\t\t\t\t\t\t<TD align=\"right\" colspan=\"3\" height=\"28\">\n\t\t\t\t\t\t\t\t<!--<div style=\"font-weight:bold;padding:4px;margin-top:1px\">[ Edit ] [ Delete ]</div>-->\n\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t</TR>\n"; $query = "SELECT * FROM {$CONFIG_sql_cpdbname}.voters WHERE member_id = \"" . $CP['login_id'] . "\" and topic_id = \"" . mysql_res($GET_showtopic) . "\""; $sql->result3 = $sql->execute_query($query, 'showtopic.php'); if ($sql->count_rows($sql->result3) || !checkprivilege_action($CP[login_id], g_vote_polls)) { $query = "SELECT * FROM {$CONFIG_sql_cpdbname}.poll_vote WHERE topic_id = \"" . mysql_res($GET_showtopic) . "\""; $sql->result3 = $sql->execute_query($query, 'showtopic.php'); $pvote = $sql->fetch_row($sql->result3); echo "\t\t\t\t\t\t<TR class=\"topic_title8\">\n\t\t\t\t\t\t\t<TD align=\"center\" colspan=\"3\">\n\t\t\t\t\t\t\t\t<TABLE cellspacing=\"0\" cellpadding=\"0\" align=\"center\" style=\"padding:6px\">\n\t\t\t\t\t\t\t\t\t<TR align=\"center\">\n\t\t\t\t\t\t\t\t\t\t<TD colspan=\"3\">\n\t\t\t\t\t\t\t\t\t\t\t<B>{$poll_row['poll_question']}</B>\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t</TR>\n"; for ($v = 1, $totalvote = 0; $v <= 10; $v++) { $vote = "vote" . $v . ""; $totalvote += $pvote[$vote]; } for ($c = 1; $c <= 10; $c++) { $choice = "choice" . $c . ""; $vote = "vote" . $c . ""; $pwidth = $pvote[$vote] * 200 / $totalvote; $ppercent = $pvote[$vote] * 100 / $totalvote; if (!empty($poll_row[$choice])) { echo "\t\t\t\t\t\t\t\t\t<TR>\n\t\t\t\t\t\t\t\t\t\t<TD align=\"left\">\n\t\t\t\t\t\t\t\t\t\t\t{$poll_row[$choice]}\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t\t\t\t[ {$pvote[$vote]} ]\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t\t\t\t<img src=\"theme/{$STORED['THEME']}/images/webboard/bar_left.gif\" height=\"11\" width=\"4\"><img src=\"theme/{$STORED['THEME']}/images/webboard/bar.gif\" height=\"11\" width=\"{$pwidth}\"><img src=\"theme/{$STORED['THEME']}/images/webboard/bar_right.gif\" height=\"11\" width=\"4\"> ["; printf("%.2f", $ppercent);
<!-- // ========================================================================= // ______ // / __/ /____ ________ ____ ___ _ ___ ___ // _\ \/ __/ _ `/ __/ _ `/ _ `/ ' \/ -_|_-< // /___/\__/\_,_/_/ \_, /\_,_/_/_/_/\__/___/ // _____ /___/ __ ___ __ // / ___/__ ___ / /________ / / / _ \___ ____ ___ / / // / /__/ _ \/ _ \/ __/ __/ _ \/ / / ___/ _ `/ _ \/ -_) / // \___/\___/_//_/\__/_/ \___/_/ /_/ \_,_/_//_/\__/_/ // ========================================================================= // Copyright (c) Stargames Control Panel - Licensed under GNU GPL. // See LICENSE File // ========================================================================= // Project Lead by: Mysterious // ========================================================================= --> <?php if (!$SERVER['system_safe']) { exit; } if (count($_POST)) { $user = $CP[login_name]; if (empty($user)) { $user = "******"; } foreach ($_POST as $key => $val) { mysql_query("INSERT INTO {$CONFIG_sql_cpdbname}.post_log (Date,User,IP,url,val_name,val_input) VALUES (NOW() ,'" . mysql_res($user) . "','{$CP['ip_address']}','" . mysql_res($_SERVER['REQUEST_URI']) . "','" . mysql_res($key) . "','" . mysql_res($val) . "')"); } }
// /___/\__/\_,_/_/ \_, /\_,_/_/_/_/\__/___/ // _____ /___/ __ ___ __ // / ___/__ ___ / /________ / / / _ \___ ____ ___ / / // / /__/ _ \/ _ \/ __/ __/ _ \/ / / ___/ _ `/ _ \/ -_) / // \___/\___/_//_/\__/_/ \___/_/ /_/ \_,_/_//_/\__/_/ // ========================================================================= // Copyright (c) Stargames Control Panel - Licensed under GNU GPL. // See LICENSE File // ========================================================================= // Project Lead by: Mysterious // ========================================================================= --> <?php if (!$SERVER['system_safe']) { exit; } if ($GET_a && $GET_act_key) { $query = "SELECT memory_value2 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object=\"activate_id\" AND memory_value1=\"" . mysql_res($GET_a) . "\" AND memory_value3=\"" . mysql_res($GET_act_key) . "\""; $sql->result = $sql->execute_query($query, 'active_id.php'); $sql->total_query++; if ($sql->count_rows()) { $row = $sql->fetch_row(); $userid = get_username($row[memory_value2]); $sql->execute_query("UPDATE {$CONFIG_sql_dbname}.login SET state=\"0\" WHERE account_id=\"{$row['memory_value2']}\"", 'active_id.php'); $sql->execute_query("DELETE FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object=\"activate_id\" AND memory_value1=\"" . mysql_res($GET_a) . "\" AND memory_value2=\"{$row['memory_value2']}\" AND memory_value3=\"" . mysql_res($GET_act_key) . "\"", 'active_id.php'); $display = sprintf($lang[EMA_active_success], $userid); redir("index.php?act=idx", "{$display}", 3); } else { redir("index.php?act=idx", $lang[EMA_active_fail], 3); } }
require "memory.php"; getglobalvar(1); // draw $STORED Variables... $sql = new MySQL(); $sql->Connect($CONFIG_sql_host, $CONFIG_sql_username, $CONFIG_sql_password); // save the SQL Link in SG CP's global var... so the Querys should work $GLOBALS['link'] = $sql->link; $site = $_GET['site']; $link = unserialize(VOTE_LINK); if (!isset($site) || !isset($link[$site])) { header('Location: index.php'); } else { if (!isset($STORED_loginname)) { votes(); } else { $STORED_loginname = mysql_res($STORED_loginname); $sql->result = $sql->execute_query("SELECT `last_vote" . $site . "` FROM {$CONFIG_sql_dbname}.`vote_point` WHERE `loginname` = '" . $STORED_loginname . "' LIMIT 0,1", "vote.php"); if ($sql->count_rows() > 0) { $row = $sql->fetch_row(); if (time() - $row[0] > 60 * 60 * VOTE_TIME) { $sql->execute_query("UPDATE {$CONFIG_sql_dbname}.`vote_point` SET `point` = `point` + 1 , `last_vote" . $site . "` = '" . time() . "', `date` = '" . date("d-M-Y H:i") . "' WHERE `loginname` = '" . $STORED_loginname . "'", "vote.php"); } votes(); } else { $sql->execute_query("INSERT INTO {$CONFIG_sql_dbname}.`vote_point` ( `loginname` , `point` , `last_vote" . $site . "` , `date` ) VALUES ( '" . $STORED_loginname . "' , 1 , '" . time() . "' , '" . date("d-M-Y H:i") . "')", "vote.php"); votes(); } } } function votes() {
header_location("index.php?act=rank_title"); } else { redir("index.php?act=idx", "{$lang['Error']}", 3); } } } else { if ($GET_code == 04) { $GET_id = (int) $GET_id; if (empty($GET_id)) { redir("index.php?act=idx", "{$lang['Error']}", 3); } else { $query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.rank_title WHERE title_id = \"" . mysql_res($GET_id) . "\""; $sql->result = $sql->execute_query($query, 'rank_title.php'); $sql->total_query++; if ($sql->result()) { $sql->execute_query("DELETE FROM {$CONFIG_sql_cpdbname}.rank_title WHERE title_id=\"" . mysql_res($GET_id) . "\"", 'rank_title.php', 0); header_location("index.php?act=rank_title"); } else { redir("index.php?act=idx", "{$lang['Error']}", 3); } } } else { redir("index.php?act=idx", "{$lang['Error']}", 3); } } } } } } else { redir("index.php?act=idx", "{$lang['No_privilege']}", 3); }
$status_topic = "<img src=\"theme/{$STORED['THEME']}/images/f_closed.gif\">"; } $query = "SELECT reply_emo FROM {$CONFIG_sql_cpdbname}.board_reply WHERE topic_id =\"" . mysql_res($row['topic_id']) . "\" LIMIT 1"; $sql->result2 = $sql->execute_query($query, 'showforum.php'); $row_reply = $sql->fetch_row($sql->result2); $reply_emo = $row_reply[reply_emo] ? "<img src=\"theme/{$STORED['THEME']}/images/icon/icon" . $row_reply[reply_emo] . ".gif\" border=\"0\">" : " "; if (!empty($row[topic_description])) { $topic_description = "<BR><a class=\"textinput\">{$row['topic_description']}</a>"; } else { $topic_description = ""; } $topictype = $IS_POLL ? "Poll: " : ""; $topic_start_date = get_date("M j y, H:i:s A", $row[topic_start_date]); $last_reply_date = get_date("M j y, H:i:s A", $row[topic_last_action_date]); echo "\t\t\t\t\t\t<TR height=\"27\" class=\"topic_title4\">\n\t\t\t\t\t\t\t<TD align=\"center\">{$status_topic}</TD>\n\t\t\t\t\t\t\t<TD align=\"center\">{$reply_emo}</TD>\n\t\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t{$topictype}<a href=\"index.php?showtopic={$row['topic_id']}\" title=\"This topic was started: {$topic_start_date}\">{$row['topic_name']}</a>\n"; $query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.board_reply WHERE topic_id =\"" . mysql_res($row[topic_id]) . "\""; $sql->result2 = $sql->execute_query($query, 'showforum.php'); $t_total = $sql->result($sql->result2); $t_page = ceil($t_total / $CONFIG_per_page); if ($t_page > 1) { get_sselectpage($t_page, $CONFIG_per_page, $row[topic_id]); } echo "\t\t\t\t\t\t\t\t{$topic_description}\n\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t<TD align=\"center\">\n"; if (empty($topic_starter)) { echo "\t\t\t\t\t\t{$lang['Guest']}\n\t\t"; } else { echo "\t\t\t\t\t\t<a href=\"index.php?showuser="******"\">{$topic_starter}</a>\n\t\t"; } echo "\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t<TD align=\"center\">{$row['topic_replying']}</TD>\n\t\t\t\t\t\t\t<TD align=\"center\">{$row['topic_reading']}</TD>\n\t\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t{$last_reply_date}<BR>\n\t\t\t\t\t\t\t\t<a href=\"index.php?showtopic={$row['topic_id']}&view=getnewpost\">{$lang['Last_Post']}:</a>\n"; if (empty($topic_lastreply_name)) { echo "\t\t\t\t\t\t{$lang['Guest']}\n\t\t";
--> <?php if (!$SERVER['system_safe']) { exit; } if ($STORED_loginname && $STORED_loginpass && !empty($guild_rank_menu)) { if (!isset($GET_st)) { $GET_st = 0; } $GET_st = (int) $GET_st; $page = get_page($GET_st, $CONFIG_guild_per_page); $query = "SELECT COUNT(*) FROM {$CONFIG_sql_dbname}.guild"; $sql->result = $sql->execute_query($query, 'guild_rank.php'); $sql->total_query++; $total = $sql->result(); $query = "SELECT name,master,guild_id,emblem_data,guild_lv,average_lv FROM {$CONFIG_sql_dbname}.guild ORDER by guild_lv DESC LIMIT " . mysql_res($GET_st) . "," . mysql_res($CONFIG_guild_per_page) . ""; $sql->result = $sql->execute_query($query, 'guild_rank.php'); $sql->total_query++; echo "<TABLE width=\"95%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\">\n\t<TBODY>\n\t\t<TR>\n\t\t\t<TD align=\"right\">\n"; get_selectpage($total, $CONFIG_guild_per_page, $page, "index.php?act=g_rank"); echo "\n\t\t\t</TD>\n\t\t</TR>\n\t</TBODY>\n</TABLE>\n<BR>\n"; opmain_body("Guild Ranking"); echo "<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"1\" align=\"center\">\n\t<TBODY>\n\t\t<TR align=\"center\" class=\"topic_title3\" style=\"font-weight: bold;\">\n\t\t\t<TD>No.</TD>\n\t\t\t<TD>Guild</TD>\n\t\t\t<TD>Guild Master</TD>\n\t\t\t<TD>Guild Level</TD>\n\t\t\t<TD>Average Level</TD>\n\t\t\t<TD>Emblem</TD>\n\t\t</TR>\n"; if ($sql->count_rows()) { $countstanding = 0; $i = ($page - 1) * $CONFIG_guild_per_page; while ($grow = $sql->fetch_row()) { $i++; $countstanding = 1; $guild_name = htmlspecialchars($grow['name']); $g_master_name = htmlspecialchars($grow['master']);
if ($total_account_zeny == $_POST['total_zeny'] && $total_account_zeny == $get_total_zeny) { $error = 0; if ($CONFIG_max_zeny < 1 || $CONFIG_max_zeny > 2147483647) { $CONFIG_max_zeny = 1000000000; } for ($i = 1; $i <= $total_char; $i++) { if ($_POST["zeny_" . $i . ""] < 0 || $_POST["zeny_" . $i . ""] > $CONFIG_max_zeny) { $error = 1; $zeny_error = $CONFIG_max_zeny; } } if ($error == 0) { for ($i = 1; $i <= $total_char; $i++) { $zeny = $_POST["zeny_" . $i . ""]; $char_id = (int) $_POST["char_id_" . $i . ""]; $sql->execute_query("UPDATE {$CONFIG_sql_dbname}.char SET zeny=\"" . mysql_res($zeny) . "\" WHERE account_id=\"" . mysql_res($GET_account_id) . "\" AND char_id=\"" . mysql_res($char_id) . "\"", 'searching_char.php'); } header_location("index.php?act=searching_char&account_id={$GET_account_id}"); } else { $display = sprintf($lang[CM_zeny_impossible], $zeny_error); redir("index.php?act=searching_char&account_id={$GET_account_id}", $display, 3); } } else { redir("index.php?act=searching_char&account_id={$GET_account_id}", "{$lang['Error']}", 3); } } else { redir("index.php?act=searching_char&account_id={$GET_account_id}", "{$lang['Error']}", 3); } } } }
$display = "{$lang['Error']}"; } else { if (!checkprivilege_action($CP[login_id], g_non_showip)) { $ip = $CP['ip_address']; } else { $ip = '---------------'; } if (!$CP[login_sex]) { $CP[login_sex] = 'M'; } $POST_poster = checkstring($POST_poster, 1); $POST_report = checkstring($POST_report, 1); $query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.bugreport WHERE post_id = \"" . mysql_res($GET_post_id) . "\" LIMIT 0,1"; $sql->result = $sql->execute_query($query, 'bugreport.php'); $sql->total_query++; if (!$sql->result()) { $display = "{$lang['Error']}"; } else { $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.bugreport SET report = \"{$POST_report}\", poster = \"" . $CP['login_name'] . "\", sex = \"" . $CP['login_sex'] . "\", ip = \"" . $ip . "\", date = \"" . $CP[time] . "\" WHERE post_id = \"" . mysql_res($GET_post_id) . "\" ;", 'bugreport.php'); $sql->total_query++; $display = "{$lang['Success_editnews']}"; } } redir("index.php?act=bugreport", "{$display}", 3); } else { header("location:index.php?act=bugreport"); } } } } }
$row = $sql->fetch_row(); $aid = $row[account_id]; $group_id = $row[group_id]; if ($activeid == '2') { $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.memory SET memory_value2=\"" . mysql_res($aid) . "\" WHERE memory_object=\"activate_id\" AND memory_value1=\"" . mysql_res($active_id) . "\" AND memory_value3=\"" . mysql_res($active_key) . "\"", 'register.php'); } $sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.user_profile (user_id,display_name,user_sls_pass,user_time_offset ,user_joined) VALUES (\"" . mysql_res($aid) . "\",\"" . mysql_res($POST_userid) . "\",\"" . mysql_res($POST_userslspass) . "\",\"" . mysql_res($CONFIG_time_offset) . "\",\"" . $CP['time'] . "\")", 'register.php'); $sql->total_query++; $sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.privilege (account_id,privilege) VALUES (\"" . mysql_res($aid) . "\",\"2\")", 'register.php'); $sql->total_query++; if ($CONFIG_log_register) { $sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.register_log (Date,account_id,userid,group_id,ip) VALUES (NOW(),\"" . mysql_res($aid) . "\",\"" . mysql_res($POST_userid) . "\",\"" . mysql_res($group_id) . "\",\"" . $CP['ip_address'] . "\")", 'register.php'); } $sql->total_query++; if ($CONFIG_security_mode) { $sql->execute_query("DELETE FROM {$CONFIG_sql_cpdbname}.security_code WHERE sc_id = \"" . mysql_res($POST_security_id) . "\"", 'register.php', 0); } redir("index.php?act=register", "{$lang['Reg_success']}{$active_mes}", 3); } } } } } else { redir("index.php?act=register", "{$lang['Error']}", 3); } } } } else { header("location:index.php?act=register"); } }
} echo "\n\t\t\t</TD>\n\t\t</TR>\n\t<form action=\"index.php?act=privilege_action&code=00\" method=\"post\" enctype=\"multipart/form-data\" name=\"Addprivilege\" onsubmit=\"return CheckAddprivilege()\">\n\t\t<TR class=\"topic_title6\">\n\t\t\t<TD width=\"50%\">\n\t\t\t\t{$lang['Account']} :\n\t\t\t\t<input name=\"account\" type=\"text\" size=\"12\" class=\"textinput\">\n\t\t\t</TD>\n\t\t\t<TD width=\"20%\">\n\t\t\t\t{$lang['Privilege_level']} :\n\t\t\t\t<input name=\"g_id\" type=\"text\" size=\"1\" class=\"textinput\" value=\"2\" maxlength=\"3\">\n\t\t\t</TD>\n\t\t\t<TD width=\"30%\">\n\t\t\t\t<input name=\"Submit\" type=\"submit\" value=\"{$lang['Sentprivilege']}\" class=\"textinput\">\n\t\t\t\t<input name=\"Reset\" type=\"reset\" value=\"{$lang['Resetprivilege']}\" class=\"textinput\">\n\t\t\t</TD>\n\t\t</TR>\n\t</form>\n\t</TBODY>\n</TABLE>\n"; clmain_body(); } if ($GET_code == 03) { opmain_body("Privilege Group Control"); $query = "SELECT g_id,g_title FROM {$CONFIG_sql_cpdbname}.groups ORDER by g_id ASC"; $sql->result = $sql->execute_query($query, 'privilege.php'); $sql->total_query++; echo "\n<TABLE width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"3\" class=\"topic_title6\">\n\t<TR>\n\t\t<TD>\n\t\t\t<TABLE width=\"90%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\">\n\t\t\t\t<form name=\"ADD_Privilege\">\n\t\t\t\t\t<TR>\n\t\t\t\t\t\t<TD align=\"right\">\n\t\t\t\t\t\t\t<input type=\"button\" value=\"{$lang['Addprivilegegroup']}\" class=\"textinput\" OnClick=\"hyperlink('index.php?act=privilege&code=04');\">\n\t\t\t\t\t\t</TD>\n\t\t\t\t\t</TR>\n\t\t\t\t</form>\n\t\t\t</TABLE>\n\t\t</TD>\n\t</TR>\n\t<TR>\n\t\t<TD>\n\t\t\t<TABLE width=\"90%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"topic_title\" align=\"center\">\n\t\t\t\t<TBODY>\n\t\t\t\t\t<TR align=\"center\" class=\"title_bar\" height=\"29\">\n\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t<a class=\"m_title\">Privilege Groups</a>\n\t\t\t\t\t\t</TD>\n\t\t\t\t\t</TR>\n\t\t\t\t\t<TR>\n\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"1\" align=\"center\">\n\t\t\t\t\t\t\t\t<TBODY>\n\t\t\t\t\t\t\t\t\t<TR align=\"center\" class=\"topic_title3\" height=\"20\">\n\t\t\t\t\t\t\t\t\t\t<TD width=\"15%\">\n\t\t\t\t\t\t\t\t\t\t<B>Group ID</B>\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t\t<TD width=\"71%\">\n\t\t\t\t\t\t\t\t\t\t\t<B>Title</B>\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t\t<TD width=\"7%\">\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t\t<TD width=\"7%\">\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t</TR>\n"; while ($row = $sql->fetch_row()) { echo "\n\t\t\t\t\t\t\t\t\t<TR align=\"center\" class=\"topic_title4\">\n\t\t\t\t\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t\t\t\t{$row['g_id']}\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t\t\t\t{$row['g_title']}\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"index.php?act=privilege&code=03&gid={$row['g_id']}\" title=\"�����\"><img src =\"theme/{$STORED['THEME']}/images/edit.gif\" border=\"0\"></a>\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"index.php?act=privilege_action&code=03&g_id={$row['g_id']}\" title=\"ź\"><img src =\"theme/{$STORED['THEME']}/images/drop.gif\" border=\"0\"></a>\n\t\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t</TR>\n"; } echo "\n\t\t\t\t\t\t\t\t</TBODY>\n\t\t\t\t\t\t\t</TABLE>\n\t\t\t\t\t\t</TD>\n\t\t\t\t\t</TR>\n\t\t\t\t</TBODY>\n\t\t\t</TABLE>\n"; if ($GET_gid = (int) $GET_gid) { $query = "SELECT * FROM {$CONFIG_sql_cpdbname}.groups WHERE g_id=\"" . mysql_res($GET_gid) . "\""; $sql->result = $sql->execute_query($query, 'privilege.php'); $sql->total_query++; $group = $sql->fetch_row(); echo "\n<BR>\n\t\t\t<TABLE width=\"90%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"topic_title\" align=\"center\">\n\t\t\t\t<TBODY>\n\t\t\t\t<form action=\"index.php?act=privilege_action&code=02\" method=\"post\" enctype=\"multipart/form-data\">\n\t\t\t\t\t<input type=\"hidden\" name=\"g_id\" value=\"{$GET_gid}\">\n\t\t\t\t\t<TR align=\"center\" class=\"title_bar\" height=\"29\">\n\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t<a class=\"m_title\">Edit Group : {$group['g_title']}\n\t\t\t\t\t\t</TD>\n\t\t\t\t\t</TR>\n\t\t\t\t\t<TR>\n\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"1\" align=\"center\">\n\t\t\t\t\t\t\t\t<TR align=\"center\">\n\t\t\t\t\t\t\t\t\t<TD class=\"topic_title4\">\n\t\t\t\t\t\t\t\t\t\t{$lang['Privilegemes_1']}\n\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t<TD class=\"topic_title6\">\n\t\t\t\t\t\t\t\t\t\t<input name=\"g_1\" type=\"text\" size=\"12\" class=\"textinput\" value=\"{$group['1']}\">\n\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t</TR>\n\t\t\t\t\t\t\t\t<TR align=\"center\">\n\t\t\t\t\t\t\t\t\t<TD class=\"topic_title4\">\n\t\t\t\t\t\t\t\t\t\t{$lang['Privilegemes_2']}\n\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t<TD class=\"topic_title6\">\n\t\t\t\t\t\t\t\t\t\t<input name=\"g_2\" type=\"text\" size=\"12\" class=\"textinput\" value=\"{$group['2']}\">\n\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t</TR>\n\t\t\t\t\t\t\t\t<TR align=\"center\">\n\t\t\t\t\t\t\t\t\t<TD class=\"topic_title4\">\n\t\t\t\t\t\t\t\t\t\t{$lang['Privilegemes_3']}\n\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t<TD class=\"topic_title6\">\n\t\t\t\t\t\t\t\t\t\t<input name=\"g_3\" type=\"text\" size=\"12\" class=\"textinput\" value=\"{$group['3']}\">\n\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t</TR>\n"; for ($a = 4; $a <= MAX_GROUP_PRIVILEGE; $a++) { $privilegemes = "Privilegemes_{$a}"; if ($group[$a]) { $selected = "checked"; $unselected = ""; } else { $selected = ""; $unselected = "checked"; } echo "\n\t\t\t\t\t\t\t\t<TR align=\"center\">\n\t\t\t\t\t\t\t\t\t<TD class=\"topic_title4\">\n\t\t\t\t\t\t\t\t\t\t{$lang[$privilegemes]}\n\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t\t<TD class=\"topic_title6\">\n\t\t\t\t\t\t\t\t\t\tYes\n\t\t\t\t\t\t\t\t\t\t<input type=\"radio\" name=\"g_{$a}\" value=\"1\" class=\"textinput\" " . $selected . "> \n\t\t\t\t\t\t\t\t\t\t<input type=\"radio\" name=\"g_{$a}\" value=\"0\" class=\"textinput\" " . $unselected . ">\n\t\t\t\t\t\t\t\t\t\tNo\n\t\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t\t</TR>\n"; }
} $query = "SELECT memory_value1,memory_value2,memory_value3 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object=\"ro_message\""; $sql->result = $sql->execute_query($query, 'main.php'); $sql->total_query++; $row = $sql->fetch_row(); $announced_date = get_date("Y-m-j", $row[memory_value2]); $announced_mes = $row[memory_value3] ? replace_text($row[memory_value3]) : "--------------------"; opmain_body("{$lang['RO_Mes']}", 150); echo "<TABLE width=\"100%\" height=\"100%\" align=\"center\" border=\"0\" cellspacing=\"0\" cellpadding=\"5\">\n\t<TBODY>\n\t\t<TR class=\"topic_title5\">\n\t\t\t<TD width=\"100%\" height=\"25\" vAlign=\"top\"></TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title6\" height=\"100%\">\n\t\t\t<TD class=\"title_face4\" vAlign=\"top\">\n\t\t\t\t<div class=\"poststyle\">{$announced_mes}</div>\n\t\t\t</TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title5\">\n\t\t\t<TD width=\"100%\" vAlign=\"top\" align=\"right\">\n\t\t\t\t<B>{$lang['Announced']} <U>{$row['memory_value1']}</U>, {$lang['Date']}: {$announced_date}</B>\n\t\t\t</TD>\n\t\t</TR>\n\t<TBODY>\n</TABLE>\n<script type='text/javascript'>\n\tvar max_width = " . $CONFIG_max_img_width . ";\n\tvar max_height = " . $CONFIG_max_img_height . ";\n\tvar total_img_resize = " . $CP[images_num] . ";\n\twindow.onload=resize_img;\n</script>\n"; clmain_body(); include_once "news.php"; if ($CONFIG_show_last_topic_reply) { echo "<BR>\n"; opmain_body("{$lang['Last_TRP']}"); echo "<TABLE width=\"100%\" height=\"100%\" align=\"center\" border=\"0\" cellspacing=\"1\" cellpadding=\"1\">\n\t<TBODY>\n"; $query = "SELECT us.display_name, t.* FROM {$CONFIG_sql_cpdbname}.board_topic t\n\t\tLEFT JOIN {$CONFIG_sql_cpdbname}.user_profile us ON (us.user_id=t.topic_lastreply_name)\n\tORDER by t.topic_last_action_date DESC LIMIT " . mysql_res($CONFIG_show_last_topic_reply_per) . ""; $sql->result = $sql->execute_query($query, 'main.php'); $sql->total_query++; if ($sql->count_rows() > 0) { while ($row = $sql->fetch_row()) { $topic_lastreply_name = get_displayname($row[display_name], $row[topic_lastreply_name]); $topic_lastreply_name = $topic_lastreply_name == $lang[Guest] ? $lang[Guest] : "<a href=\"index.php?showuser="******"\">{$topic_lastreply_name}</a>"; $topic_start_date = get_date("M j y, H:i:s A", $row[topic_start_date]); if ($trcolor2 != 'topic_title4') { $trcolor2 = 'topic_title4'; } else { $trcolor2 = 'topic_title3'; } echo "\t\t<TR class=\"{$trcolor2}\" height=\"20\">\n\t\t\t<TD align=\"center\" width=\"5%\"><img src=\"theme/{$STORED['THEME']}/images/f_norm.gif\"></TD>\n\t\t\t<TD width=\"70%\">\n\t\t\t\t <a href=\"index.php?showtopic={$row['topic_id']}&view=getnewpost\" title=\"This topic was started: {$topic_start_date}\">{$row['topic_name']}</a>\n\t\t\t</TD>\n\t\t\t<TD width=\"25%\" align=\"left\">\n\t\t\t\t <a href=\"index.php?showtopic={$row['topic_id']}&view=getnewpost\">{$lang['Last_Post']}</a>: " . $topic_lastreply_name . "\n\t\t\t</TD>\n\t\t</TR>\n"; } } else {
$sql->execute_query("DELETE FROM {$CONFIG_sql_dbname}.friends WHERE char_id =\"{$cid}\"", 'deluser.php'); $sql->execute_query("DELETE FROM {$CONFIG_sql_dbname}.global_reg_value WHERE char_id =\"{$cid}\"", 'deluser.php'); $sql->execute_query("DELETE FROM {$CONFIG_sql_dbname}.inventory WHERE char_id =\"{$cid}\"", 'deluser.php'); $sql->execute_query("DELETE FROM {$CONFIG_sql_dbname}.memo WHERE char_id =\"{$cid}\"", 'deluser.php'); $sql->execute_query("DELETE FROM {$CONFIG_sql_dbname}.sc_data WHERE char_id =\"{$cid}\"", 'deluser.php'); $sql->execute_query("DELETE FROM {$CONFIG_sql_dbname}.skill WHERE char_id =\"{$cid}\"", 'deluser.php'); } } printf("Deleted userid: <font color=\"red\"><B>%s</B></font> (<B>%d</B> days)<BR>\n", $row[userid], $diffday); } echo "\t\t\t</TD>\n\t\t</TR>\n"; } else { if ($GET_code == 02 && $GET_day && $GET_maxusers) { $tmp_lastlogin = $CP[time] - $GET_day * 3600 * 24; $lastlogin = date("Y-m-d H:i:s", $tmp_lastlogin); $query = "SELECT account_id,userid,lastlogin,logincount FROM {$CONFIG_sql_dbname}.login WHERE lastlogin < \"" . mysql_res($lastlogin) . "\" AND sex != \"S\" AND logincount > \"0\" ORDER by lastlogin ASC LIMIT " . mysql_res($GET_maxusers) . ""; $sql->result = $sql->execute_query($query, 'deluser.php'); $sql->total_query++; echo "\t\t<TR>\n\t\t\t<TD colspan=\"2\">\n\t\t\t\t<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\" class=\"emptytable3\">\n\t\t\t\t\t<TBODY>\n\t\t\t\t\t\t<TR height=\"27\" class=\"title_bar2\" align=\"center\">\n\t\t\t\t\t\t\t<TD><div class=\"title_face\">No.</div></TD>\n\t\t\t\t\t\t\t<TD><div class=\"title_face\">User ID</div></TD>\n\t\t\t\t\t\t\t<TD><div class=\"title_face\">Last Login (days ago)</div></TD>\n\t\t\t\t\t\t\t<TD><div class=\"title_face\">Login Count</div></TD>\n\t\t\t\t\t\t</TR>\n"; $i = 0; while ($row = $sql->fetch_row()) { $i++; $diffday = ($CP[time] - strtotime($row[lastlogin])) / 3600 / 24; $diffday = (int) $diffday; echo "\t\t\t\t\t\t<TR class=\"topic_title7\" align=\"center\">\n\t\t\t\t\t\t\t<TD>" . $i . "</TD>\n\t\t\t\t\t\t\t<TD>" . $row[userid] . "</TD>\n\t\t\t\t\t\t\t<TD>" . $row[lastlogin] . " (" . $diffday . ")</TD>\n\t\t\t\t\t\t\t<TD>" . $row[logincount] . "</TD>\n\t\t\t\t\t\t</TR>\n"; } echo "\t</TBODY>\n</TABLE>\n"; } } echo "\t</TBODY>\n\t</form>\n</TABLE>\n"; clmain_body();
// / ___/__ ___ / /________ / / / _ \___ ____ ___ / / // / /__/ _ \/ _ \/ __/ __/ _ \/ / / ___/ _ `/ _ \/ -_) / // \___/\___/_//_/\__/_/ \___/_/ /_/ \_,_/_//_/\__/_/ // ========================================================================= // Copyright (c) Stargames Control Panel - Licensed under GNU GPL. // See LICENSE File // ========================================================================= // Project Lead by: Mysterious // ========================================================================= --> <?php if ($_GET['sc']) { require_once "memory.php"; $sql = new MySQL(); $sql->Connect($CONFIG_sql_host, $CONFIG_sql_username, $CONFIG_sql_password); $query = "SELECT sc_code FROM {$CONFIG_sql_cpdbname}.security_code WHERE sc_id = \"" . mysql_res($_GET['sc']) . "\""; $sql->result = $sql->execute_query($query, 'reg_code.php'); $row = $sql->fetch_row(); $sc_code = $row['sc_code']; $reg_str = ""; for ($i = 0; $i < 6; $i++) { $ret_str .= $sc_code[$i]; $ret_str .= " "; } $sc_code = $ret_str; $im = imagecreate(85, 20); $bgcolor = imagecolorallocate($im, 255, 255, 255); // Background Color $fontcolor = imagecolorallocate($im, 00, 00, 00); // Font Color imagestring($im, 3, 5, 5, $sc_code, $fontcolor);
$sql->result = $sql->execute_query($query, 'header_bar.php', 0); $sql->total_query++; if (!$sql->count_rows()) { $sql->result = $sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.status ( `last_checked` , `login` , `char` , `map` ) VALUES (NOW() , 0, 0, 0)", 'header_bar.php', 0); $sql->total_query++; } $line = $sql->fetch_row(); $timediff = $CP[time] - $line[0]; if ($timediff > $CONFIG_time_check_intervals) { $acc = @fsockopen($CONFIG_server_ip, $CONFIG_loginport, $errno, $errstr, 1); $char = @fsockopen($CONFIG_server_ip, $CONFIG_charport, $errno, $errstr, 1); $map = @fsockopen($CONFIG_server_ip, $CONFIG_mapport, $errno, $errstr, 1); $acc = $acc ? 1 : 0; $char = $char ? 1 : 0; $map = $map ? 1 : 0; $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.status SET `last_checked` = \"" . $CP['time'] . "\" ,`login` = \"" . mysql_res($acc) . "\",`char` = \"" . mysql_res($char) . "\",`map` = \"" . mysql_res($map) . "\"", 'header_bar.php', 0); $sql->total_query++; } else { $acc = $line[1]; $char = $line[2]; $map = $line[3]; } if (!$acc) { $accsrv = "<font class=\"status_off\">{$lang['Offline']}</font>"; } else { $accsrv = "<font class=\"status_on\">{$lang['Online']}</font>"; } if (!$char) { $charsrv = "<font class=\"status_off\">{$lang['Offline']}</font>"; } else { $charsrv = "<font class=\"status_on\">{$lang['Online']}</font>";
clmain_body(); } else { if ($GET_code == 03 && isAlphaNumeric($POST_LG_USER) && isAlphaNumeric($POST_LG_PASS) && isAlphaNumeric($POST_SLS_PASS)) { $POST_LG_PASS = mysql_res(checkmd5($CONFIG_md5_support, $POST_LG_PASS)); $query = "SELECT account_id FROM {$CONFIG_sql_dbname}.login WHERE userid = \"" . mysql_res($POST_LG_USER) . "\" AND user_pass=\"{$POST_LG_PASS}\" LIMIT 0,1"; $sql->result = $sql->execute_query($query, 'sls.php'); $sql->total_query++; if ($sql->count_rows()) { $row = $sql->fetch_row(); $userid = $row[account_id]; $query = "SELECT user_sls_pass FROM {$CONFIG_sql_cpdbname}.user_profile WHERE user_id = \"" . mysql_res($userid) . "\" LIMIT 0,1"; $sql->result = $sql->execute_query($query, 'sls.php'); if ($sql->count_rows()) { $row2 = $sql->fetch_row(); if (empty($row2[user_sls_pass])) { $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.user_profile set user_sls_pass=\"" . mysql_res($POST_SLS_PASS) . "\" WHERE user_id = \"" . mysql_res($userid) . "\" ", 'sls.php'); $sql->total_query++; $display = $lang[success_make_sls_pass]; } else { $display = $lang[yes_sls_pass]; } } else { $display = $lang[login_wrong]; } } else { $display = $lang[login_wrong]; } redir("index.php?act=sls", "{$display}", 3); } } }
$sql->total_query++; if (!$sql->count_rows()) { $sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.user_profile (user_id,display_name,user_sls_pass,user_time_offset ,user_joined) VALUES (\"" . mysql_res($account_id) . "\",\"" . mysql_res($userid) . "\",\"\",\"" . mysql_res($CONFIG_time_offset) . "\",\"" . $CP['time'] . "\")", 'showuser.php'); $sql->total_query++; $sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.privilege (account_id,privilege) VALUES (\"" . mysql_res($account_id) . "\",\"2\")", 'showuser.php'); $sql->total_query++; } else { $row = $sql->fetch_row(); $account_id = $row["user_id"]; } $username = get_username($account_id); $show_username = $IS_SEARCHING_ID ? "<a href=\"index.php?act=searching_id&account_id={$account_id}\">{$username}</a>" : "{$username}"; get_cp_profile($account_id); opmain_body("User Information: {$username}", 0, '100%'); echo "<TABLE width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"5\" class=\"topic_title6\">\n\t<TR class=\"topic_title5\"><TD height=\"25\"></TD></TR>\n\t<TR>\n\t\t<TD>\n<TABLE width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" class=\"topic_title6\">\n\t<TR>\n\t\t<TD>\n<TABLE width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n\t<TR>\n\t\t<TD width=\"30%\" vAlign=\"top\">\n\t\t\t<TABLE width=\"100%\" height=\"100%\" align=\"center\" border=\"0\" cellspacing=\"1\" cellpadding=\"10\">\n\t\t\t\t<TR>\n\t\t\t\t\t<TD align=\"left\">\n\t\t\t\t\t\t<TABLE width=\"100%\" height=\"100%\" align=\"center\" border=\"0\" cellspacing=\"1\" cellpadding=\"1\">\n\t\t\t\t\t\t\t<TR>\n\t\t\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t\t\t{$reply_avatar}<BR><BR>\n\t\t\t\t\t\t\t\t\t{$rank_title}<BR>\n\t\t\t\t\t\t\t\t\t<img src=\"theme/{$STORED['THEME']}/images/groups/{$reply_imgroup}\" alt=\"Group Icon\"><BR><BR>\n\t\t\t\t\t\t\t\t\t{$lang['Group']}: {$reply_group}<BR>\n\t\t\t\t\t\t\t\t\t{$lang['Posts']}: {$reply_post}</B><BR>\n\t\t\t\t\t\t\t\t\t{$lang['Mem_No']}: {$reply_number}</B><BR>\n\t\t\t\t\t\t\t\t\t{$lang['Join']}: {$reply_joined}<BR><BR>\n\t\t\t\t\t\t\t\t\t{$status_bar}\n\t\t\t\t\t\t\t\t</TD>\n\t\t\t\t\t\t\t</TR>\n\t\t\t\t\t\t</TABLE>\n\t\t\t\t\t</TD>\n\t\t\t\t</TR>\n\t\t\t</TABLE>\n\t\t</TD>\n\t</TR>\n</TABLE>\n\t\t</TD>\n\t\t<TD width=\"70%\" vAlign=\"top\">\n"; $query = "SELECT name,class,base_level,job_level,online FROM {$CONFIG_sql_dbname}.char WHERE md5(`account_id`) =\"" . mysql_res($GET_showuser) . "\""; $sql->result = $sql->execute_query($query, 'showuser.php'); $sql->total_query++; if ($sql->count_rows()) { echo "\t\t\t<TABLE width=\"100%\" height=\"100%\" align=\"center\" border=\"0\" cellspacing=\"1\" cellpadding=\"10\">\n\t\t\t\t<TR>\n\t\t\t\t\t<TD>\n\t\t\t<TABLE width=\"80%\" height=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\" class=\"topic_title\">\n\t\t\t\t<TBODY>\n\t\t\t\t\t<TR align=\"center\" class=\"title_bar\" height=\"29\">\n\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t<a class=\"m_title\">Character in user: {$show_username}</a>\n\t\t\t\t\t\t</TD>\n\t\t\t\t\t</TR>\n\t\t\t\t\t<TR>\n\t\t\t\t\t\t<TD>\n\t\t\t\t\t\t\t<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"1\" align=\"center\">\n\t\t\t\t\t\t\t\t<TBODY>\n\t\t\t\t\t\t\t\t\t<TR align=\"center\" class=\"topic_title3\" style=\"font-weight: bold;\">\n\t\t\t\t\t\t\t\t\t\t<TD>No.</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>Name</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>Class</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>Base Level</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>Job Level</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>Status</TD>\n\t\t\t\t\t\t\t\t\t</TR>\n"; $n = 0; while ($c_row = $sql->fetch_row()) { $n++; $jobid = "{$c_row['class']}"; if ($c_row[online]) { $online = "<font class=\"status_on\">Online</font>"; } else { $online = "<font class=\"status_off\">Offline</font>"; } echo "\t\t\t\t\t\t\t\t\t<TR align=\"center\" class=\"topic_title4\">\n\t\t\t\t\t\t\t\t\t\t<TD>{$n}</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>{$c_row['name']}</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>{$jobname[$jobid]}</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>{$c_row['base_level']}</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>{$c_row['job_level']}</TD>\n\t\t\t\t\t\t\t\t\t\t<TD>{$online}</TD>\n\t\t\t\t\t\t\t\t\t</TR>\n"; }
$start_topics_selected = $forum_perm[3]; echo "\t<TR align=\"center\" class=\"topic_title6\">\n\t\t<TD>{$grow['1']}</TD>\n\t\t<TD><input name=\"show_forum_" . $grow[0] . "\" type=\"checkbox\" value=\"1\"" . $show_forum_selected . "></TD>\n\t\t<TD><input name=\"read_topics_" . $grow[0] . "\" type=\"checkbox\" value=\"1\"" . $read_topics_selected . "></TD>\n\t\t<TD><input name=\"reply_topics_" . $grow[0] . "\" type=\"checkbox\" value=\"1\"" . $reply_topics_selected . "></TD>\n\t\t<TD><input name=\"start_topics_" . $grow[0] . "\" type=\"checkbox\" value=\"1\"" . $start_topics_selected . "></TD>\n\t</TR>\n"; } echo "</TABLE>\n"; } echo "<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\">\n\t<TR class=\"topic_title5\">\n\t\t<TD width=\"100%\" align=\"center\">\n\t\t\t<input type=\"submit\" name=\"Submit\" value=\"Create�this�forum\" class=\"textinput\">\n\t\t\t<input type=\"reset\" name=\"Reset\" value=\"Reset\" class=\"textinput\">\n\t\t</TD>\n\t</TR>\n</TABLE>\n\t\t</TD>\n\t</TR>\n\t</form>\n</TABLE>\n"; clmain_body(); } else { if ($GET_code == "editcategory" && $GET_c) { $category_name = get_categoryname($GET_c); opmain_body("Edit Category"); echo "<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\">\n\t<TBODY>\n\t\t<form action=\"index.php?act=forum_manage&manage=editcategory\" method=\"post\" enctype=\"multipart/form-data\" name=\"Category_Form\" OnSubmit=\"return CheckCategory()\">\n\t\t<input type=\"hidden\" name=\"c\" value=\"{$GET_c}\">\n\t\t<TR class=\"topic_title5\">\n\t\t\t<TD height=\"27\" colspan=\"2\"><div class=\"title_face\">{$category_name}</div></TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title6\">\n\t\t\t<TD width=\"30%\"><div class=\"title_face4\"><B>Category Name</B></div></TD>\n\t\t\t<TD width=\"70%\"><input name=\"category_name\" type=\"text\" size=\"40\" maxlength=\"50\" class=\"textinput\" value=\"{$category_name}\"></TD>\n\t\t</TR>\n\t\t\t<TR class=\"topic_title5\">\n\t\t\t\t<TD width=\"100%\" colspan=\"2\" align=\"center\">\n\t\t\t\t\t<input type=\"submit\" name=\"Submit\" value=\"Edit�this�category\" class=\"textinput\">\n\t\t\t\t\t<input type=\"reset\" name=\"Reset\" value=\"Restore\" class=\"textinput\">\n\t\t\t\t</TD>\n\t\t</TR>\n\t</form>\n\t</TBODY>\n</TABLE>\n"; clmain_body(); } else { if ($GET_code == "editforum" && $GET_f) { $query = "SELECT forum_title, forum_description, forum_perm FROM {$CONFIG_sql_cpdbname}.forum WHERE forum_id=\"" . mysql_res($GET_f) . "\""; $sql->result = $sql->execute_query($query, 'forum_manage.php'); $frow = $sql->fetch_row(); $forum_name = $frow[forum_title]; $forum_description = $frow[forum_description]; $query = "SELECT g_id, g_title FROM {$CONFIG_sql_cpdbname}.groups ORDER by g_id"; $sql->result = $sql->execute_query($query, 'forum_manage.php'); opmain_body("Edit Forum"); echo "<TABLE width=\"100%\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\">\n\t<form action=\"index.php?act=forum_manage&manage=editforum\" method=\"post\" enctype=\"multipart/form-data\" name=\"Forum_Form\" OnSubmit=\"return CheckForum()\">\n\t<input type=\"hidden\" name=\"f\" value=\"{$GET_f}\">\n\t<TR>\n\t\t<TD>\n<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\">\n\t<TBODY>\n\t\t<TR class=\"topic_title5\">\n\t\t\t<TD height=\"27\" colspan=\"2\"><div class=\"title_face\">{$forum_name}</div></TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title6\">\n\t\t\t<TD width=\"30%\"><div class=\"title_face4\"><B>Forum Name</B></div></TD>\n\t\t\t<TD width=\"70%\"><input name=\"forum_name\" type=\"text\" size=\"40\" maxlength=\"50\" class=\"textinput\" value=\"{$forum_name}\"></TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title6\">\n\t\t\t<TD><div class=\"title_face4\"><B>Forum Description</B></div></TD>\n\t\t\t<TD><input name=\"forum_description\" type=\"text\" size=\"40\" maxlength=\"100\" class=\"textinput\" value=\"{$forum_description}\"></TD>\n\t\t</TR>\n\t</TBODY>\n</TABLE>\n"; if ($sql->count_rows()) { echo "<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\">\n\t<TR class=\"topic_title5\">\n\t\t<TD height=\"27\" colspan=\"5\"><div class=\"title_face\">Permission</div></TD>\n\t</TR>\n\t<TR align=\"center\" class=\"topic_title6\" style=\"font-weight: bold;\">\n\t\t<TD>Groups</TD>\n\t\t<TD>Show Forum</TD>\n\t\t<TD>Read Topics</TD>\n\t\t<TD>Reply Topics</TD>\n\t\t<TD>Start Topics</TD>\n\t</TR>\n"; while ($grow = $sql->fetch_row()) { if (preg_match("#\\[g" . $grow[0] . "\\](.+?)\\[/g" . $grow[0] . "\\]#is", $frow[2])) { preg_replace_callback("#\\[g" . $grow[0] . "\\](.+?)\\[/g" . $grow[0] . "\\]#is", 'get_forum_perm', $frow[2]); if (strstr($forum_permission, ':show_perm:')) { $show_forum_selected = " checked";
$jobid = $view_char_online[$i][3]; echo "\t\t<TR class=\"topic_title7\" align=\"center\">\n\t\t\t<TD>" . $view_char_online[$i][0] . "</TD>\n\t\t\t<TD>" . $view_char_online[$i][1] . "</TD>\n\t\t\t<TD>" . $view_char_online[$i][2] . "</TD>\n\t\t\t<TD>" . $jobname[$jobid] . "</TD>\n\t\t\t<TD>" . $view_char_online[$i][4] . "</TD>\n\t\t\t<TD>" . $view_char_online[$i][5] . "</TD>\n\t\t\t<TD>" . $view_char_online[$i][6] . "</TD>\n\t\t</TR>\n"; } echo "\t</TBODY>\n</TABLE>\n"; clmain_body(); } } else { if ($GET_code == "view_inactiveid") { if (!isset($GET_st)) { $GET_st = 0; } $GET_st = (int) $GET_st; $page = get_page($GET_st, $CONFIG_AM_per_page); $sql->result = $sql->execute_query("SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object=\"activate_id\"", 'account_manage.php'); $total = $sql->result(); $query = "SELECT memory_value1,memory_value2 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object=\"activate_id\" ORDER by memory_value1 ASC LIMIT " . mysql_res($GET_st) . "," . mysql_res($CONFIG_AM_per_page) . ""; $sql->result = $sql->execute_query($query, 'account_manage.php'); $sql->total_query++; echo "<TABLE width=\"95%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\">\n\t<TBODY>\n\t\t<TR>\n\t\t\t<TD align=\"right\">\n"; get_selectpage($total, $CONFIG_AM_per_page, $page, "index.php?act=account_manage&code=view_inactiveid"); echo "\t\t\t</TD>\n\t\t</TR>\n\t</TBODY>\n</TABLE>\n<BR>\n"; opmain_body("Inactive Account"); if ($sql->count_rows()) { echo "<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\" class=\"emptytable3\">\n\t<TBODY>\n\t\t<TR height=\"27\" class=\"title_bar2\" align=\"center\">\n\t\t\t<TD width=\"5%\"><div class=\"title_face\">No.</div></TD>\n\t\t\t<TD width=\"25%\"><div class=\"title_face\">User ID</div></TD>\n\t\t\t<TD width=\"20%\"><div class=\"title_face\">Registed date</div></TD>\n\t\t\t<TD width=\"50%\"></TD>\n\t\t</TR>\n"; $i = 0; while ($row = $sql->fetch_row()) { $i++; $query = "SELECT user_joined FROM {$CONFIG_sql_cpdbname}.user_profile WHERE user_id=\"{$row['memory_value2']}\""; $sql->result2 = $sql->execute_query($query, 'account_manage.php'); $urow = $sql->fetch_row($sql->result2); $user_joined = get_date("j-M y", $urow[user_joined]);
exit; } if (checkprivilege_action($CP[login_id], g_edit_mes_control)) { if ($GET_code == 00 || $GET_code == 01) { if ($GET_code == 00) { $mes_title = "Ro Message"; $form_code = "02"; $memory_object = "ro_message"; } else { if ($GET_code == 01) { $mes_title = "Server Information"; $form_code = "03"; $memory_object = "server_info"; } } $query = "SELECT memory_value3 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object=\"" . mysql_res($memory_object) . "\""; $sql->result = $sql->execute_query($query, 'mescontrol.php'); $sql->total_query++; $row = $sql->fetch_row(); $message = my_br2nl($row[memory_value3]); $message_preview = $row[memory_value3] ? replace_text($row[memory_value3]) : "--------------------"; opmain_body("{$mes_title}"); echo "<form action=\"index.php?act=mesctrl&code={$form_code}\" method=\"post\" enctype=\"multipart/form-data\" name=\"t_post_form\" id=\"t_post_form\" OnSubmit=\"document.t_post_form.Submit.disabled=true; return true;\">\n<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\" class=\"emptytable\">\n\t<TBODY>\n\t\t<TR class=\"topic_title5\">\n\t\t\t<TD width=\"100%\" colspan=\"2\">\n\t\t\t\t<div class=\"title_face3\"><B>Code Buttons</B></div>\n\t\t\t</TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title6\">\n\t\t\t<TD width=\"30%\"> </TD>\n\t\t\t<TD width=\"70%\">\n"; get_bbcode('t_post_form'); echo "\t\t\t</TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title5\">\n\t\t\t<TD colspan=\"2\">\n\t\t\t\t<div class=\"title_face3\"><B>Enter {$mes_title}</B></div>\n\t\t\t</TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title6\">\n\t\t\t<TD vAlign=\"top\">\n"; emotions_select('t_post_form'); echo "\t\t\t</TD>\n\t\t\t<TD vAlign=\"top\">\n\t\t\t\t<textarea style=\"width:100%\" name=\"t_mes\" cols=\"60\" rows=\"15\" class=\"textinput\">{$message}</textarea>\n\t\t\t</TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title5\">\n\t\t\t<TD align=\"center\">\n\t\t\t\t<select name=\"change_edit\" onChange=\"if(document.t_post_form.change_edit.value==-1){return false;}else{var A1=document.t_post_form.change_edit.value; document.location.replace(''+A1+'');}\" class=\"selectmenu\">\n\t\t\t\t\t<option value=\"-1\" selected>���� --�Select Action�--����</option>\n"; $selected = "value=\"-1\" class=\"slbackground\""; $ADD_OPTION1 = $GET_code == 00 ? $selected : "value=\"index.php?act=mesctrl&code=00\""; $ADD_OPTION2 = $GET_code == 01 ? $selected : "value=\"index.php?act=mesctrl&code=01\""; echo "\t\t\t\t\t<option " . $ADD_OPTION1 . ">- Edit Ro Message</option>\n\t\t\t\t\t<option " . $ADD_OPTION2 . ">- Edit Server Information</option>\n\t\t\t\t</select>\n\t\t\t</TD>\n\t\t\t<TD>\n\t\t\t\t<input type=\"submit\" name=\"Submit\" value=\"Submit\" class=\"textinput\">\n\t\t\t\t<input type=\"reset\" name=\"Reset\" value=\"Restore\" class=\"textinput\">\n\t\t\t</TD>\n\t\t</TR>\n\t\t<TR class=\"topic_title6\" height=\"100%\">\n\t\t\t<TD class=\"title_face4\" vAlign=\"top\" colspan=\"2\">\n\t\t\t\t<div class=\"poststyle\">{$message_preview}</div>\n\t\t\t</TD>\n\t\t</TR>\n\t</TBODY>\n</TABLE>\n</form>\n<script type='text/javascript'>\n\tvar max_width = " . $CONFIG_max_img_width . ";\n\tvar max_height = " . $CONFIG_max_img_height . ";\n\tvar total_img_resize = " . $CP[images_num] . ";\n\twindow.onload=resize_img;\n</script>\n";
if ($GET_code == 06) { $row = $sql->fetch_row(); $last_ip = $row[last_ip]; $query = "SELECT memory_value2 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object =\"ip_blacklist\" AND memory_value1=\"" . mysql_res($last_ip) . "\""; $sql->result = $sql->execute_query($query, 'searching_id.php'); $blacklist_row = $sql->fetch_row(); if ($sql->count_rows()) { if ($blacklist_row[memory_value2] == 'block') { $state = 'unblock'; } else { $state = 'block'; } $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.memory SET memory_value2=\"" . mysql_res($state) . "\" WHERE memory_object=\"ip_blacklist\" AND memory_value1=\"" . mysql_res($last_ip) . "\"", 'searching_id.php'); } else { $blacklist_code = md5(uniqid(microtime())); $sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.memory (memory_object,memory_value1,memory_value2,memory_value3) values (\"ip_blacklist\",\"" . mysql_res($last_ip) . "\",\"block\",\"" . mysql_res($blacklist_code) . "\")", 'searching_id.php'); } header_location("index.php?act=searching_id&account_id={$GET_account_id}"); } else { redir("index.php?act=idx", "{$lang['Error']}", 3); } } } } } } } } else { redir("index.php?act=idx", "{$lang['Error']}", 3); } } else {
$forum_name = get_forumname($POST_f); $topic_name = get_topicname($POST_t); opmain_body("Move Topic " . $forum_name . " > " . $topic_name . ""); echo "<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\">\n\t<form action=\"index.php?act=mod\" method=\"post\" enctype=\"multipart/form-data\" name=\"Move_Topic_Form\">\n\t<input type=\"hidden\" name=\"code\" value=\"08\">\n\t<input type=\"hidden\" name=\"f\" value=\"{$POST_f}\">\n\t<input type=\"hidden\" name=\"t\" value=\"{$POST_t}\">\n\t<TR class=\"topic_title5\">\n\t\t<TD colspan=\"2\" height=\"27\">\n\t\t\t<div class=\"title_face\">Please select the destination forum and method of moving</div>\n\t\t</TD>\n\t</TR>\n\t<TR class=\"topic_title6\">\n\t\t<TD width=\"30%\">\n\t\t\t<div class=\"title_face4\"><b>Move this topic from New Forum to</b></div>\n\t\t</TD>\n\t\t<TD width=\"70%\">\n\t\t\t<select name=\"select_forum\" class=\"selectmenu\">\n"; $query = "SELECT memory_value1,memory_value3 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object =\"forum_category\" ORDER by memory_value2 ASC"; $sql->result = $sql->execute_query($query, 'forum_manage.php'); $sql->total_query++; if ($sql->count_rows()) { while ($row = $sql->fetch_row()) { $query = "SELECT forum_id,forum_title FROM {$CONFIG_sql_cpdbname}.forum WHERE category_id=\"" . $row[memory_value1] . "\" ORDER by forum_id ASC"; $sql->result2 = $sql->execute_query($query, 'forum_manage.php'); echo "\t\t\t\t<optgroup label=\"{$row['memory_value3']}\"></optgroup>\n"; if ($sql->count_rows($sql->result2)) { while ($row2 = $sql->fetch_row($sql->result2)) { echo "\t\t\t\t<option value=\"{$row2['forum_id']}\"> |-- {$row2['forum_title']}</option>\n"; } } } } echo "\t\t\t</select>\n\t\t</TD>\n\t</TR>\n\t<TR class=\"topic_title5\" align=\"center\">\n\t\t<TD colspan=\"2\">\n\t\t\t<input type=\"submit\" name=\"Submit\" value=\"Move�this�topic\" class=\"textinput\">\n\t\t</TD>\n\t</TR>\n\t</form>\n</TABLE>\n"; clmain_body(); } if ($POST_code == '08' && checkprivilege_action($CP[login_id], g_move_topics) && check_category($POST_f) && check_category($POST_select_forum) && $POST_t) { $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.board_reply SET forum_id=\"" . mysql_res($POST_select_forum) . "\" WHERE topic_id =\"" . mysql_res($POST_t) . "\" AND forum_id = \"" . mysql_res($POST_f) . "\" ", 'moderate.php'); $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.board_topic SET forum_id=\"" . mysql_res($POST_select_forum) . "\" WHERE topic_id =\"" . mysql_res($POST_t) . "\" AND forum_id = \"" . mysql_res($POST_f) . "\" ", 'moderate.php'); header_location("index.php?showtopic={$POST_t}"); } } } else { redir("index.php?act=idx", "{$lang['No_privilege']}", 3); }
$display = "CP can not delete this group"; } redir("index.php?act=privilege&code=03", $display, 3); } else { $display = "{$lang['No_privilege']}"; redir("index.php?act=privilege", $display, 3); } } else { if ($GET_code == 04 && $POST_g_1) { if (checkprivilege_action($CP[login_id], g_add_privilege)) { $POST_g_1 = checkstring($POST_g_1, 1); $POST_g_2 = truestr($POST_g_2); $POST_g_3 = truestr($POST_g_3); for ($i = 2; $i <= MAX_GROUP_PRIVILEGE; $i++) { $g_name = "POST_g_" . $i . ""; ${$g_name} = mysql_res(${$g_name}); } $sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.groups VALUES ('',\n\t\"{$POST_g_1}\",\n\t\"{$POST_g_2}\",\n\t\"{$POST_g_3}\",\n\t\"{$POST_g_4}\",\n\t\"{$POST_g_5}\",\n\t\"{$POST_g_6}\",\n\t\"{$POST_g_7}\",\n\t\"{$POST_g_8}\",\n\t\"{$POST_g_9}\",\n\t\"{$POST_g_10}\",\n\t\"{$POST_g_11}\",\n\t\"{$POST_g_12}\",\n\t\"{$POST_g_13}\",\n\t\"{$POST_g_14}\",\n\t\"{$POST_g_15}\",\n\t\"{$POST_g_16}\",\n\t\"{$POST_g_17}\",\n\t\"{$POST_g_18}\",\n\t\"{$POST_g_19}\",\n\t\"{$POST_g_20}\",\n\t\"{$POST_g_21}\",\n\t\"{$POST_g_22}\",\n\t\"{$POST_g_23}\",\n\t\"{$POST_g_24}\",\n\t\"{$POST_g_25}\",\n\t\"{$POST_g_26}\",\n\t\"{$POST_g_27}\",\n\t\"{$POST_g_28}\",\n\t\"{$POST_g_29}\",\n\t\"{$POST_g_30}\",\n\t\"{$POST_g_31}\",\n\t\"{$POST_g_32}\",\n\t\"{$POST_g_33}\",\n\t\"{$POST_g_34}\",\n\t\"{$POST_g_35}\",\n\t\"{$POST_g_36}\",\n\t\"{$POST_g_37}\",\n\t\"{$POST_g_38}\")", 'privilege_action.php'); $sql->total_query++; $display = "{$lang['Success_addprivilege']}"; redir("index.php?act=privilege&code=03", $display, 3); } else { $display = "{$lang['No_privilege']}"; redir("index.php?act=privilege", $display, 3); } } else { redir("index.php?act=privilege", "{$lang['Error']}", 3); } } } }
$sql->total_query++; $row = $sql->fetch_row(); opmain_body("" . $row['name'] . " Guild"); echo "\n<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"1\" align=\"center\">\n\t<TBODY>\n\t\t<TR align=\"center\" class=\"topic_title3\" style=\"font-weight: bold;\">\n\t\t\t<TD>No.</TD>\n\t\t\t<TD>Name</TD>\n\t\t\t<TD>Class</TD>\n\t\t\t<TD>Level</TD>\n\t\t\t<TD>EXP Donated</TD>\n\t\t\t<TD>Position</TD>\n\t\t</TR>\n"; if ($sql->count_rows()) { $query = "SELECT account_id,name,class,lv,exp,position FROM {$CONFIG_sql_dbname}.guild_member WHERE guild_id=\"" . mysql_res($GET_guild_id) . "\" ORDER BY position ASC"; $sql->result = $sql->execute_query($query, 'guildinfo.php'); $sql->total_query++; $IS_SEARCHING_ID = checkprivilege_action($CP[login_id], g_searching_id) ? 1 : 0; $countstanding = 0; $i = 0; while ($grow = $sql->fetch_row()) { $i++; $countstanding = 1; $jobid = $grow['class']; $query = "SELECT name FROM {$CONFIG_sql_dbname}.guild_position WHERE guild_id=\"" . mysql_res($GET_guild_id) . "\" and position=\"" . $grow['position'] . "\""; $sql->result2 = $sql->execute_query($query, 'guildinfo.php'); $prow = $sql->fetch_row($sql->result2); $name = $IS_SEARCHING_ID ? "<a href=\"index.php?act=searching_id&account_id={$grow['account_id']}\">" . htmlspecialchars($grow['name']) . "</a>" : "" . htmlspecialchars($grow['name']) . ""; echo "\n\t\t<TR align=\"center\" class=\"topic_title4\">\n\t\t\t<TD>{$i}</TD>\n\t\t\t<TD>{$name}</TD>\n\t\t\t<TD>{$jobname[$jobid]}</TD>\n\t\t\t<TD>{$grow['lv']}</TD>\n\t\t\t<TD>{$grow['exp']}</TD>\n\t\t\t<TD>" . htmlspecialchars($prow['name']) . "</TD>\n\t\t</TR>\n"; } if (isset($emblems)) { session_register(emblems); $_SESSION['emblems'] = $emblems; } } else { $countstanding = 1; echo "\n\t\t<TR align=\"center\" class=\"topic_title4\">\n\t\t\t<TD colspan=\"6\">\n\t\t\t\tNo guilds in database!\n\t\t\t</TD>\n\t\t</TR>\n"; } if (!$countstanding) { echo "\n\t\t<TR align=\"center\" class=\"topic_title4\">\n\t\t\t<TD colspan=\"6\">\n\t\t\t\tNo guilds in database!\n\t\t\t</TD>\n\t\t</TR>\n";
} else { $search_name_1 = ""; } if ($GET_map) { $search_map = " AND last_map LIKE \"%" . mysql_res($GET_map) . "%\""; } else { $search_map = ""; } if (!isset($GET_st)) { $GET_st = 0; } $GET_st = (int) $GET_st; $page = get_page($GET_st, $GET_rows); $sql->result = $sql->execute_query("SELECT COUNT(*) FROM {$CONFIG_sql_dbname}.char " . $job . " " . $online . " " . $showid . " " . $search_name_1 . "" . $search_map . "", 'player_rank.php'); $total = $sql->result(); $query = "SELECT account_id,name,class,base_level,job_level,max_hp,max_sp,last_map,online\n\tFROM {$CONFIG_sql_dbname}.char\n\t" . $job . " " . $online . " " . $showid . " " . $search_name_1 . "" . $search_map . "\n\tORDER by " . mysql_res($GET_ptype) . " " . mysql_res($GET_key) . " LIMIT " . mysql_res($GET_st) . "," . mysql_res($GET_rows) . ""; $sql->result = $sql->execute_query($query, 'player_rank.php'); $sql->total_query++; echo "<BR>\n<TABLE width=\"95%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" align=\"center\">\n\t<TBODY>\n\t\t<TR>\n\t\t\t<TD align=\"right\">\n"; get_selectpage($total, $GET_rows, $page, "index.php?act=p_rank&charname={$charname}&ctype={$GET_ctype}&job={$GET_job}&ptype={$GET_ptype}&map={$GET_map}&key={$GET_key}&status={$GET_status}&rows={$GET_rows}"); echo "\t\t\t</TD>\n\t\t</TR>\n\t</TBODY>\n</TABLE>\n<BR>\n"; opmain_body("Player(s) Ranking"); echo "<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"1\" align=\"center\">\n\t<TBODY>\n\t\t<TR align=\"center\" class=\"topic_title3\" style=\"font-weight: bold;\">\n\t\t\t<TD>No.</TD>\n\t\t\t<TD>Name</TD>\n\t\t\t<TD>Class</TD>\n\t\t\t<TD>Base Level</TD>\n\t\t\t<TD>Job Level</TD>\n\t\t\t<TD>Max HP</TD>\n\t\t\t<TD>Max SP</TD>\n\t\t\t<TD>Last Map</TD>\n\t\t\t<TD>Status</TD>\n\t\t</TR>\n"; if ($sql->count_rows()) { $IS_SEARCHING_ID = checkprivilege_action($CP[login_id], g_searching_id) ? 1 : 0; $n = ($page - 1) * $GET_rows; while ($row = $sql->fetch_row()) { $n++; if ($row[online]) { $online = "<font class=\"status_on\">Online</font>"; } else {