<?php
$db_link = serverConnect();
$max = 'LIMIT ' . ($pageNum - 1) * $_SESSION['items'] . ',' . $_SESSION['items'];
if (isset($search)) {
logAction($_SESSION['user_name'], $lang['searched'] . ' (' . $search . ') ' . $lang['in'] . ' ' . $lang['vehicles'], 1);
$sql = "SELECT `id` FROM `houses` INNER JOIN `players` ON houses.pid=players.playerid WHERE `id` LIKE '" . $search . "' OR `pos` LIKE '" . $search . "' OR `inventory` LIKE '%" . $search . "%' OR `name` LIKE '%" . $search . "%' AND `pid` = '" . $_SESSION['playerid'] . "';";
$result_of_query = $db_link->query($sql);
$total_records = mysqli_num_rows($result_of_query);
if ($pageNum > $total_records) {
$pageNum = $total_records;
}
$sql = "SELECT `id`,`pid`,`pos`,`name`,`owned` FROM `houses` INNER JOIN `players` ON houses.pid=players.playerid WHERE `id` LIKE '" . $search . "' OR `pos` LIKE '" . $search . "' OR `inventory` LIKE '%" . $search . "%' OR `name` LIKE '%" . $search . "%' AND `pid` = '" . $_SESSION['playerid'] . "' " . $max . " ;";
} else {
$sql = "SELECT `id` FROM `houses`;";
$result_of_query = $db_link->query($sql);
$total_records = mysqli_num_rows($result_of_query);
if ($pageNum > $total_records) {
$pageNum = $total_records;
}
$sql = "SELECT `id`,`pid`,`pos`,`name`,`owned` FROM `houses` INNER JOIN `players` ON houses.pid=players.playerid AND `pid` = '" . $_SESSION['playerid'] . "' " . $max . " ;";
}
$result_of_query = $db_link->query($sql);
if ($result_of_query->num_rows > 0) {
?>
<div class="row">
<div class="col-lg-12">
<h1 class="page-header">
<?php
echo $lang['houses'];
?>
session_name('CyberWorks');
session_set_cookie_params(1209600);
session_start();
include_once 'config/english.php';
foreach ($settings['plugins'] as &$plugin) {
if (file_exists("plugins/" . $plugin . "/lang/lang.php")) {
include "plugins/" . $plugin . "/lang/lang.php";
}
}
if (isset($_SESSION['permissions']['edit']['licences'])) {
if ($_SESSION['permissions']['edit']['licences'] && isset($_POST['player']) && isset($_POST['id'])) {
require '../gfunctions.php';
require '../config/license.php';
$settings = (require '../config/settings.php');
if (isset($_SESSION['dbid'])) {
$db_link = serverConnect($_SESSION['dbid']);
$change = explode("_", $_POST['id']);
$col = $change['1'] . "_licenses";
$sql = "SELECT `" . $col . "` FROM `players` WHERE `uid` = '" . $_POST['player'] . "';";
//todo: innerjoin
$result = $db_link->query($sql);
if ($result->num_rows > 0) {
$lic = $result->fetch_object()->{$col};
$num = strpos($lic, $change['2']) + strlen($change['2']) + 2;
if ($lic[$num] == '1') {
$lic[$num] = '0';
if ($settings['logging']) {
logAction($_SESSION['user_name'], $lang['removed'] . ' ' . uIDname($_POST['player'], $db_link) . ' ' . $lang['licenses'] . ' (' . licName($_POST['id'], $license) . ')', 2);
}
} elseif ($lic[$num] == '0') {
$lic[$num] = '1';
