function html_header() { if (!defined('SITE_ROOT')) { define('SITE_ROOT', './'); } require SITE_ROOT . 'portal_config.php'; require_once SITE_ROOT . 'include/database.class.php'; $currentUserID = $_SESSION['current_userID']; $db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false); $db->query("SELECT * FROM forum_users WHERE id='{$currentUserID}'"); if ($row = $db->fetch_array()) { $username = $row['username']; $realname = $row['realname']; } $db->close(); if ($realname !== null) { $displayname = $realname; } else { $displayname = $username; } echo ' <div id="wrap"> <div class="navbar navbar-top"><div class="navbar-inner"><div class="container"> <a class="brand" href="#index.php"><div class="logo-ip"></div></a> <div class="btn-group pull-left"> <a href="../forum" class="btn btn-inverse"><i class="icon-rss"></i> Forum Ishare</a> </div> <div class="btn-group"> <button class="btn dropdown-toggle" data-toggle="dropdown"><i class="icon-list muted"></i> KampusLinks <span class="caret"></span></button> <ul class="dropdown-menu"> <li><a href="http://mpp.eng.usm.my/">MPPUSMKKj Official Blog</a></li> <li><a href="http://hepp.eng.usm.my/">BHEPP USMKKj</a></li> <li><a href="http://infodesk.eng.usm.my/">Infodesk PPKT USMKKj</a></li> <li><a href="http://www.eng.usm.my/php/blockedIP/">Blocked Port List</a></li> <li><a href="http://elearning.usm.my/">e-Learning Portal</a></li> <li><a href="http://campusonline.usm.my/">CampusOnline Portal</a></li> <li><a href="http://www.tcom.usm.my/">Sistem Direktori Telefon USM</a></li> <li><a href="http://www.facebook.com/ppkt.eng.usm">Facebook PPKT USMKKj</a></li> <li class="divider"></li> <li><a href="http://hik3.net/refcode"><i class="icon-bookmark"></i> RefCode (Snippets)</a></li> </ul> </div> <div class="btn-group pull-right"> <a href="index.php" class="btn btn-primary"><i class="icon-home icon-white"></i> Home</a> <a href="profile.php?id=' . $currentUserID . '" class="btn btn-inverse"><i class="icon-user"></i> ' . $displayname . '</a> <button class="btn btn-danger dropdown-toggle" data-toggle="dropdown"><span class="caret"></span></button> <ul class="dropdown-menu"> <li><a href="edit_profile.php"><i class="icon-edit muted"></i> Edit Profile</a></li> <li><a href="edit_sharerlink.php"><i class="icon-hdd muted"></i> Edit Sharerlink</a></li> <li class="divider"></li> <li><a href="../forum/login.php?action=out&id=' . $currentUserID . '"><i class="icon-off muted"></i> Logout</a></li> </ul> </div> </div></div></div> '; }
/** * execute query and return all data in a reader * * @return SQLDataReader */ public function execute_reader() { $this->parse_query(); if (empty($this->queryParsed)) { return new SQLDataReader(); } $close = $this->conn->status() == 'closed'; $this->conn->open(); $res = $this->conn->query($this->queryParsed); $data = array(); while ($row = $this->conn->fetch_array($res)) { $data[] = $row; } // SQLite causes 'unknown error' after successful fetch of all data. // Don't have a clue why... $ret = empty($this->conn->error()) || $this->conn->error() == 'unknown error'; if ($close) { $this->conn->close(); } return $ret ? new SQLDataReader($data) : new SQLDataReader(); }
<?php if (!defined('SITE_ROOT')) { define('SITE_ROOT', '../'); } require_once SITE_ROOT . 'portal_config.php'; require_once SITE_ROOT . 'include/database.class.php'; require_once SITE_ROOT . 'include/functions.php'; if (isset($_GET['slid'])) { $dbsls = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false); $sharerLinkID = $dbsls->prot(htmlspecialchars($_GET['slid'])); $dbsls->query("SELECT * FROM ip_sharerlinks WHERE id='{$sharerLinkID}'"); if ($sls = $dbsls->fetch_array()) { $url = $sls['sharerurl']; $removehttp = str_replace('http://', '', $url); $removeslash = rtrim($removehttp, '/'); if (strpos($removeslash, ':') !== false) { list($ip, $port) = explode(":", $removeslash); } else { $ip = $removeslash; $port = 80; } } if (fsockopen($ip, $port, $errno, $errstr, 5) !== false) { echo '1'; $dbsls->query("UPDATE ip_sharerlinks SET status='1' WHERE id='{$sharerLinkID}'"); } else { echo '0'; $dbsls->query("UPDATE ip_sharerlinks SET status='0' WHERE id='{$sharerLinkID}'"); } $dbsls->close();
function sql_table_dump($dbhost, $dbuser, $dbpass, $database, $table, $construct, $file) { global $lang_global; $sql_0 = new SQL(); $sql_0->connect($dbhost, $dbuser, $dbpass, $database, true); $fp = fopen($file, 'r+') or die(error($lang_backup['file_write_err'])); fseek($fp, 0, SEEK_END); fwrite($fp, "--\n") or die(error($lang_backup['file_write_err'])); fwrite($fp, "-- Dump of {$database}.{$table}\n") or die(error($lang_backup['file_write_err'])); fwrite($fp, "-- Dump DATE : " . date("m.d.y H:i:s") . "\n--\n\n") or die(error($lang_backup['file_write_err'])); if ($construct) { fwrite($fp, "-- Table structure for table {$database}.{$table}\n") or die(error($lang_backup['file_write_err'])); if (!($fi = $sql_0->query("DESC " . $table))) { error($sql_0->error()); } fwrite($fp, "DROP TABLE IF EXISTS {$table};\n") or die(error($lang_backup['file_write_err'])); $pri = ""; $creatinfo = array(); while ($tmp = $sql_0->fetch_row($fi)) { $con = "`" . $tmp[0] . "` "; $con .= trim($tmp[1] . " "); if ($tmp[2] != "YES") { $con .= " NOT NULL"; } if ($tmp[4]) { if ($tmp[4] == 'CURRENT_TIMESTAMP' || $tmp[4] == 'timestamp') { $con .= " default " . $tmp[4]; } else { $con .= " default '" . $tmp[4] . "'"; } } else { if ($tmp[4] === '' && $tmp[3] != "PRI") { $con .= " default ''"; } else { if (strlen($tmp[4]) != 0) { $con .= " default '0'"; } } } if (strtolower($tmp[5]) == "auto_increment") { $con .= " auto_increment"; } $creatinfo[] = $con; } $fieldscon = implode(",\n\t", $creatinfo); fwrite($fp, "CREATE TABLE " . $table . " (") or die(error($lang_backup['file_write_err'])); fwrite($fp, "\n\t{$fieldscon}") or die(error($lang_backup['file_write_err'])); $qkey = $sql_0->query("SHOW INDEX FROM " . $table); if ($rkey = $sql_0->fetch_array($qkey)) { $knames = array(); $keys = array(); do { $keys[$rkey["Key_name"]]["nonunique"] = $rkey["Non_unique"]; if (!$rkey["Sub_part"]) { $keys[$rkey["Key_name"]]["order"][$rkey["Seq_in_index"] - 1] = $rkey["Column_name"]; } else { $keys[$rkey["Key_name"]]["order"][$rkey["Seq_in_index"] - 1] = $rkey["Column_name"] . "(" . $rkey["Sub_part"] . ")"; } $flag = false; for ($l = 0; $l < sizeof($knames); $l++) { if ($knames[$l] == $rkey["Key_name"]) { $flag = true; } } if (!$flag) { $knames[] = $rkey["Key_name"]; } } while ($rkey = $sql_0->fetch_array($qkey)); for ($kl = 0; $kl < sizeof($knames); $kl++) { if ($knames[$kl] == "PRIMARY") { fwrite($fp, ",\n\tPRIMARY KEY") or die(error($lang_backup['file_write_err'])); } else { if ($keys[$knames[$kl]]["nonunique"] == "0") { fwrite($fp, ",\n\tUNIQUE `{$knames[$kl]}`") or die(error($lang_backup['file_write_err'])); } else { fwrite($fp, ",\n\tKEY `{$knames[$kl]}`") or die(error($lang_backup['file_write_err'])); } } $a = @implode("`,`", $keys[$knames[$kl]]["order"]); fwrite($fp, " (`{$a}`)") or die(error($lang_backup['file_write_err'])); } } $query_res = $sql_0->query("SHOW TABLE STATUS FROM {$database} WHERE Name = '{$table}'"); $tmp = $sql_0->fetch_row($query_res); $query_charset = $sql_0->query("SHOW VARIABLES WHERE Variable_name = 'character_set_database'"); $info = " "; if ($tmp[1]) { $info .= "ENGINE={$tmp['1']} "; } $info .= "DEFAULT CHARSET=" . $sql_0->result($query_charset, 0, 'Value') . " "; if ($tmp[16]) { $info .= strtoupper($tmp[16]) . " "; } if ($tmp[10]) { $info .= "AUTO_INCREMENT={$tmp['10']} "; } if ($tmp[17]) { $info .= "COMMENT='{$tmp['17']}'"; } fwrite($fp, "\n){$info};\n\n") or die(error($lang_backup['file_write_err'])); } $query = $sql_0->query("SELECT * FROM {$table}"); $num_fields = $sql_0->num_fields($query); $numrow = $sql_0->num_rows($query); $row_counter = 0; if ($numrow) { fwrite($fp, "-- Dumping data for table {$database}.{$table}\n") or die(error($lang_backup['file_write_err'])); fwrite($fp, "LOCK TABLES {$table} WRITE;\n") or die(error($lang_backup['file_write_err'])); fwrite($fp, "DELETE FROM {$table};\n") or die(error($lang_backup['file_write_err'])); fwrite($fp, "INSERT INTO {$table} (") or die(error($lang_backup['file_write_err'])); for ($count = 0; $count < $num_fields; $count++) { fwrite($fp, "`" . $sql_0->field_name($query, $count) . "`") or die(error($lang_backup['file_write_err'])); if ($count < $num_fields - 1) { fwrite($fp, ",") or die(error($lang_backup['file_write_err'])); } } fwrite($fp, ") VALUES \n") or die(error($lang_backup['file_write_err'])); for ($i = 0; $i < $numrow; $i++) { $row_counter++; fwrite($fp, "\t(") or die(error($lang_backup['file_write_err'])); $row = $sql_0->fetch_row($query); for ($j = 0; $j < $num_fields; $j++) { $row[$j] = addslashes($row[$j]); $row[$j] = ereg_replace("\n", "\\n", $row[$j]); if (isset($row[$j])) { if ($sql_0->field_type($query, $j) == "int") { fwrite($fp, "{$row[$j]}") or die(error($lang_backup['file_write_err'])); } else { fwrite($fp, "'{$row[$j]}'") or die(error($lang_backup['file_write_err'])); } } else { fwrite($fp, "''") or die(error($lang_backup['file_write_err'])); } if ($j < $num_fields - 1) { fwrite($fp, ",") or die(error($lang_backup['file_write_err'])); } } if ($row_counter >= 10) { fwrite($fp, ");\n") or die(error($lang_backup['file_write_err'])); fwrite($fp, "INSERT INTO {$table} (") or die(error($lang_backup['file_write_err'])); for ($count = 0; $count < $num_fields; $count++) { fwrite($fp, "`" . $sql_0->field_name($query, $count) . "`") or die(error($lang_backup['file_write_err'])); if ($count < $num_fields - 1) { fwrite($fp, ",") or die(error($lang_backup['file_write_err'])); } } fwrite($fp, ") VALUES \n") or die(error($lang_backup['file_write_err'])); $row_counter = 0; } elseif ($i < $numrow - 1) { fwrite($fp, "),\n") or die(error($lang_backup['file_write_err'])); } } fwrite($fp, ");\n") or die(error($lang_backup['file_write_err'])); fwrite($fp, "UNLOCK TABLES;\n") or die(error($lang_backup['file_write_err'])); } else { fwrite($fp, "-- EMPTY\n") or die(error($lang_backup['file_write_err'])); } $sql_0->close(); fwrite($fp, "\n") or die(error($lang_backup['file_write_err'])); fclose($fp); }
function search() { global $lang_global, $lang_mail, $output, $itemperpage, $item_datasite, $mangos_db, $characters_db, $realm_id, $sql_search_limit; wowhead_tt(); if (!isset($_GET['search_value']) || !isset($_GET['search_by'])) { redirect("mail_on.php?error=2"); } $sql = new SQL(); $sql->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']); $search_value = $sql->quote_smart($_GET['search_value']); $search_by = $sql->quote_smart($_GET['search_by']); $search_menu = array('sender', 'receiver'); // if (!array_key_exists($search_by, $search_menu)) $search_by = 'sender'; $start = isset($_GET['start']) ? $sql->quote_smart($_GET['start']) : 0; $order_by = isset($_GET['order_by']) ? $sql->quote_smart($_GET['order_by']) : "id"; $dir = isset($_GET['dir']) ? $sql->quote_smart($_GET['dir']) : 1; $order_dir = $dir ? "ASC" : "DESC"; $dir = $dir ? 0 : 1; if ($search_value == '') { $search_by .= ' != 0'; } else { $temp = $sql->query("SELECT guid FROM `characters` WHERE name like '%{$search_value}%'"); $search_value = $sql->result($temp, 0, 'guid'); $search_by .= ' =' . $search_value; } $query_1 = $sql->query("SELECT count(*) FROM `mail`"); $query = $sql->query("SELECT a.id, a.messageType, a.sender, a.receiver, a.subject, a.body, a.has_items, a.money, a.cod, a.checked, b.item_template\r\n FROM mail a\r\n LEFT JOIN mail_items b ON a.id = b.mail_id\r\n WHERE {$search_by}\r\n ORDER BY {$order_by} {$order_dir} LIMIT {$start}, {$itemperpage}"); $this_page = $sql->num_rows($query); $all_record = $sql->result($query_1, 0); $total_found = $sql->num_rows($query); //==========================top page navigation starts here======================== $output .= "<center><table class=\"top_hidden\">\r\n <tr><td>\r\n <table class=\"hidden\">\r\n <tr><td>\r\n <form action=\"mail_on.php\" method=\"get\" name=\"form\">\r\n <input type=\"hidden\" name=\"action\" value=\"search\" />\r\n <input type=\"hidden\" name=\"error\" value=\"4\" />\r\n <input type=\"text\" size=\"45\" name=\"search_value\" />\r\n <select name=\"search_by\">\r\n <option value=\"a.sender\">Sender</option>\r\n <option value=\"a.receiver\">Receiver</option>\r\n </select></form></td><td>"; makebutton($lang_global['search'], "javascript:do_submit()", 80); $output .= "</td></tr></table>\r\n <td align=\"right\">"; $output .= generate_pagination("mail_on.php?action=search&order_by={$order_by}&dir=" . !$dir, $all_record, $itemperpage, $start); $output .= "</td></tr></table>"; //==========================top page navigation ENDS here ======================== $output .= "<table class=\"lined\">\r\n <tr>\r\n <th width=\"5%\">" . $lang_mail['id'] . "</th>\r\n <th width=\"5%\">" . $lang_mail['mail_type'] . "</th>\r\n <th width=\"10%\">" . $lang_mail['sender'] . "</th>\r\n <th width=\"10%\">" . $lang_mail['receiver'] . "</th>\r\n <th width=\"15%\">" . $lang_mail['subject'] . "</th>\r\n <th width=\"5%\">" . $lang_mail['has_items'] . "</th>\r\n <th width=\"25%\">" . $lang_mail['text'] . "</th>\r\n <th width=\"20%\">" . $lang_mail['money'] . "</th>\r\n <th width=\"5%\">" . $lang_mail['checked'] . "</th>\r\n </tr>"; while ($mail = $sql->fetch_array($query)) { $g = floor($mail[7] / 10000); $mail[7] -= $g * 10000; $s = floor($mail[7] / 100); $mail[7] -= $s * 100; $c = $mail[7]; $money = ""; if ($mail[7] > 0) { $money = $g . "<img src=\"./img/gold.gif\" /> " . $s . "<img src=\"./img/silver.gif\" /> " . $c . "<img src=\"./img/copper.gif\" /> "; } $output .= "<tr valign=top>\r\n <td>{$mail['0']}</td>\r\n <td>" . get_mail_source($mail[1]) . "</td>\r\n <td><a href=\"char.php?id={$mail['2']}\">" . get_char_name($mail[2]) . "</a></td>\r\n <td><a href=\"char.php?id={$mail['3']}\">" . get_char_name($mail[3]) . "</a></td>\r\n <td>{$mail['4']}</td>\r\n "; $output .= "<td>"; if ($mail[6]) { $output .= "\r\n <a style=\"padding:2px;\" href=\"{$item_datasite}{$mail[10]}\" target=\"_blank\">\r\n <img class=\"bag_icon\" src=\"" . get_item_icon($mail[10]) . "\" alt=\"\" />\r\n </a>"; } //maketooltip("<img src=\"./img/up.gif\" alt=\"\">", $item_datasite{$mail[10]}, $mail[10], "item_tooltip", "target=\"_blank\""); $output .= "</td>"; $output .= "<td>" . get_mail_text($mail[0]) . "</td>\r\n <td>{$money}</td>\r\n <td>" . get_check_state($mail[9]) . "</td>\r\n </tr>"; } /*--------------------------------------------------*/ $output .= "<tr><td colspan=\"6\" class=\"hidden\" align=\"right\">All Mails: {$all_record}</td></tr>\r\n </table></center>"; $sql->close(); }
} } if (isset($_GET['lastid']) && !empty($_GET['lastid'])) { $db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false); $lastid = $db->prot(htmlspecialchars($_GET['lastid'])); $db->query("SELECT * FROM ip_shouts WHERE id<'{$lastid}' ORDER BY id DESC LIMIT 20"); $count_shout_more = 0; while ($row = $db->fetch_assoc()) { $count_shout_more++; $get_shoutID = $row['id']; $get_userID = $row['user_id']; $get_shoutMsg = $row['shout_msg']; $get_sTime = $row['shout_time']; $dbf = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false); $dbf->query("SELECT * FROM forum_users WHERE id='{$get_userID}'"); if ($rowf = $dbf->fetch_array()) { $get_groupID = $rowf['group_id']; $get_username = $rowf['username']; $get_realname = $rowf['realname']; $get_title = $rowf['title']; $get_location = $rowf['location']; $get_registered = $rowf['registered']; $get_url = $rowf['url']; $get_facebook = $rowf['facebook']; $get_twitter = $rowf['twitter']; $show_avatar = $rowf['show_avatars']; $avatar_type = $rowf['avatar']; if ($get_facebook == null) { $facebook_url = ''; } else { if (strpos($get_facebook, "http://") === 0 || strpos($get_facebook, "https://") === 0) {
function dobackup() { global $lang_backup, $backup_dir, $tables_backup_realmd, $tables_backup_characters, $output, $realm_db, $characters_db, $realm_id, $tab_backup_user_realmd, $tab_backup_user_characters; if (empty($_GET['backup_action']) || empty($_GET['backup_from_to'])) { redirect("backup.php?error=1"); } else { $backup_action = addslashes($_GET['backup_action']); $backup_from_to = addslashes($_GET['backup_from_to']); } if ("load" == $backup_action && "file" == $backup_from_to) { if (!eregi("(\\.(sql|qbquery))\$", $_FILES["uploaded_file"]["name"])) { error($lang_backup['upload_sql_file_only']); } $uploaded_filename = str_replace(" ", "_", $_FILES["uploaded_file"]["name"]); $uploaded_filename = preg_replace("/[^_A-Za-z0-9-\\.]/i", '', $uploaded_filename); $file_name_new = $uploaded_filename . "_" . date("m.d.y_H.i.s") . ".sql"; move_uploaded_file($_FILES["uploaded_file"]["tmp_name"], "{$backup_dir}/{$file_name_new}") or die(error("{$lang_backup['upload_err_write_permission']} {$backup_dir}")); if (file_exists("{$backup_dir}/{$file_name_new}")) { require_once "libs/db_lib/sql_lib.php"; $use_db = addslashes($_POST['use_db']); if ($use_db == $realm_db['name']) { $queries = run_sql_script($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name'], "{$backup_dir}/{$file_name_new}", true); } else { foreach ($characters_db as $db) { if ($use_db == $db['name']) { $queries = run_sql_script($db['addr'], $db['user'], $db['pass'], $db['name'], "{$backup_dir}/{$file_name_new}", true); } } } redirect("backup.php?error=4&tot={$queries}"); } else { error($lang_backup['file_not_found']); } } elseif ("load" == $backup_action && "web" == $backup_from_to) { if (empty($_POST['selected_file_name'])) { redirect("backup.php?error=1"); } else { $file_name = addslashes($_POST['selected_file_name']); } if (file_exists("{$backup_dir}/{$file_name}")) { require_once "libs/db_lib/sql_lib.php"; $use_db = addslashes($_POST['use_db']); if ($use_db == $realm_db['name']) { $queries = run_sql_script($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name'], "{$backup_dir}/{$file_name}", false); } else { foreach ($characters_db as $db) { if ($use_db == $db['name']) { $queries = run_sql_script($db['addr'], $db['user'], $db['pass'], $db['name'], "{$backup_dir}/{$file_name}", false); } } } redirect("backup.php?error=4&tot={$queries}"); } else { error($lang_backup['file_not_found']); } } elseif ("save" == $backup_action && "file" == $backup_from_to) { //save and send to user $struc_backup = addslashes($_GET['struc_backup']); $save_all_realms = addslashes($_GET['save_all_realms']); if ($save_all_realms) { $temp_id = "all_realms"; } else { $temp_id = "realmid_" . $realm_id; } $file_name_new = $temp_id . "_backup_" . date("m.d.y_H.i.s") . ".sql"; $fp = fopen("{$backup_dir}/{$file_name_new}", 'w') or die(error($lang_backup['file_write_err'])); fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$realm_db['name']};\n") or die(error($lang_backup['file_write_err'])); fwrite($fp, "USE {$realm_db['name']};\n\n") or die(error($lang_backup['file_write_err'])); fclose($fp); require_once "libs/db_lib/sql_lib.php"; foreach ($tables_backup_realmd as $value) { sql_table_dump($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name'], $value, $struc_backup, "{$backup_dir}/{$file_name_new}"); } if ($save_all_realms) { foreach ($characters_db as $db) { $fp = fopen("{$backup_dir}/{$file_name_new}", 'r+') or die(error($lang_backup['file_write_err'])); fseek($fp, 0, SEEK_END); fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$db['name']};\n") or die(error($lang_backup['file_write_err'])); fwrite($fp, "USE {$db['name']};\n\n") or die(error($lang_backup['file_write_err'])); fclose($fp); foreach ($tables_backup_characters as $value) { sql_table_dump($db['addr'], $db['user'], $db['pass'], $db['name'], $value, $struc_backup, "{$backup_dir}/{$file_name_new}"); } } } else { $fp = fopen("{$backup_dir}/{$file_name_new}", 'r+') or die(error($lang_backup['file_write_err'])); fseek($fp, 0, SEEK_END); fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$characters_db[$realm_id]['name']};\n") or die(error($lang_backup['file_write_err'])); fwrite($fp, "USE {$characters_db[$realm_id]['name']};\n\n") or die(error($lang_backup['file_write_err'])); fclose($fp); foreach ($tables_backup_characters as $value) { sql_table_dump($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name'], $value, $struc_backup, "{$backup_dir}/{$file_name_new}"); } } Header("Content-type: application/octet-stream"); Header("Content-Disposition: attachment; filename={$file_name_new}"); $fp = fopen("{$backup_dir}/{$file_name_new}", 'r') or die(error($lang_backup['file_write_err'])); while (!feof($fp)) { $output_file = fread($fp, 1024); echo $output_file; } fclose($fp); unlink("{$backup_dir}/{$file_name_new}"); exit; } elseif ("save" == $backup_action && "web" == $backup_from_to) { //save backup to web/backup folder $struc_backup = addslashes($_GET['struc_backup']); $save_all_realms = addslashes($_GET['save_all_realms']); $file_name_new = $realm_db['name'] . "_backup_" . date("m.d.y_H.i.s") . ".sql"; $fp = fopen("{$backup_dir}/{$file_name_new}", 'w') or die(error($lang_backup['file_write_err'])); fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$realm_db['name']};\n") or die(error($lang_backup['file_write_err'])); fwrite($fp, "USE {$realm_db['name']};\n\n") or die(error($lang_backup['file_write_err'])); fclose($fp); require_once "libs/db_lib/sql_lib.php"; foreach ($tables_backup_realmd as $value) { sql_table_dump($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name'], $value, $struc_backup, "{$backup_dir}/{$file_name_new}"); } fclose($fp); if ($save_all_realms) { foreach ($characters_db as $db) { $file_name_new = $db['name'] . "_backup_" . date("m.d.y_H.i.s") . ".sql"; $fp = fopen("{$backup_dir}/{$file_name_new}", 'w') or die(error($lang_backup['file_write_err'])); fseek($fp, 0, SEEK_END); fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$db['name']};\n") or die(error($lang_backup['file_write_err'])); fwrite($fp, "USE {$db['name']};\n\n") or die(error($lang_backup['file_write_err'])); fclose($fp); foreach ($tables_backup_characters as $value) { sql_table_dump($db['addr'], $db['user'], $db['pass'], $db['name'], $value, $struc_backup, "{$backup_dir}/{$file_name_new}"); } fclose($fp); } } else { $file_name_new = $characters_db[$realm_id]['name'] . "_backup_" . date("m.d.y_H.i.s") . ".sql"; $fp = fopen("{$backup_dir}/{$file_name_new}", 'w') or die(error($lang_backup['file_write_err'])); fseek($fp, 0, SEEK_END); fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$characters_db[$realm_id]['name']};\n") or die(error($lang_backup['file_write_err'])); fwrite($fp, "USE {$characters_db[$realm_id]['name']};\n\n") or die(error($lang_backup['file_write_err'])); fclose($fp); foreach ($tables_backup_characters as $value) { sql_table_dump($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name'], $value, $struc_backup, "{$backup_dir}/{$file_name_new}"); } fclose($fp); } redirect("backup.php?error=2"); exit; } elseif ("save" == $backup_action && "acc_on_file" == $backup_from_to) { //save evry account in different file $struc_backup = addslashes($_GET['struc_backup']); $save_all_realms = addslashes($_GET['save_all_realms']); $sql = new SQL(); $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); $query = $sql->query("SELECT id FROM account"); $subdir = "{$backup_dir}/accounts/" . date("m_d_y_H_i_s"); mkdir($subdir, 0750); while ($acc = $sql->fetch_array($query)) { $file_name_new = $acc[0] . "_{$realm_db['name']}.sql"; $fp = fopen("{$subdir}/{$file_name_new}", 'w') or die(error($lang_backup['file_write_err'])); fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$realm_db['name']};\n") or die(error($lang_backup['file_write_err'])); fwrite($fp, "USE {$realm_db['name']};\n\n") or die(error($lang_backup['file_write_err'])); $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); foreach ($tab_backup_user_realmd as $value) { $acc_query = $sql->query("SELECT * FROM {$value['0']} WHERE {$value['1']} = {$acc['0']}"); $num_fields = $sql->num_fields($acc_query); $numrow = $sql->num_rows($acc_query); $result = "-- Dumping data for {$value['0']} " . date("m.d.y_H.i.s") . "\n"; $result .= "LOCK TABLES {$value['0']} WRITE;\n"; $result .= "DELETE FROM {$value['0']} WHERE {$value['1']} = {$acc['0']};\n"; if ($numrow) { $result .= "INSERT INTO {$value['0']} ("; for ($count = 0; $count < $num_fields; $count++) { $result .= "`" . $sql->field_name($acc_query, $count) . "`"; if ($count < $num_fields - 1) { $result .= ","; } } $result .= ") VALUES \n"; for ($i = 0; $i < $numrow; $i++) { $result .= "\t("; $row = $sql->fetch_row($acc_query); for ($j = 0; $j < $num_fields; $j++) { $row[$j] = addslashes($row[$j]); $row[$j] = ereg_replace("\n", "\\n", $row[$j]); if (isset($row[$j])) { if ($sql->field_type($acc_query, $j) == "int") { $result .= "{$row[$j]}"; } else { $result .= "'{$row[$j]}'"; } } else { $result .= "''"; } if ($j < $num_fields - 1) { $result .= ","; } } if ($i < $numrow - 1) { $result .= "),\n"; } } $result .= ");\n"; } $result .= "UNLOCK TABLES;\n"; $result .= "\n"; fwrite($fp, $result) or die(error($lang_backup['file_write_err'])); } fclose($fp); foreach ($characters_db as $db) { $file_name_new = $acc[0] . "_{$db['name']}.sql"; $fp = fopen("{$subdir}/{$file_name_new}", 'w') or die(error($lang_backup['file_write_err'])); fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$db['name']};\n") or die(error($lang_backup['file_write_err'])); fwrite($fp, "USE {$db['name']};\n\n") or die(error($lang_backup['file_write_err'])); $sql->connect($db['addr'], $db['user'], $db['pass'], $db['name']); $all_char_query = $sql->query("SELECT guid,name FROM `characters` WHERE account = {$acc['0']}"); while ($char = $sql->fetch_array($all_char_query)) { fwrite($fp, "-- Dumping data for character {$char['1']}\n") or die(error($lang_backup['file_write_err'])); foreach ($tab_backup_user_characters as $value) { $char_query = $sql->query("SELECT * FROM {$value['0']} WHERE {$value['1']} = {$char['0']}"); $num_fields = $sql->num_fields($char_query); $numrow = $sql->num_rows($char_query); $result = "LOCK TABLES {$value['0']} WRITE;\n"; $result .= "DELETE FROM {$value['0']} WHERE {$value['1']} = {$char['0']};\n"; if ($numrow) { $result .= "INSERT INTO {$value['0']} ("; for ($count = 0; $count < $num_fields; $count++) { $result .= "`" . $sql->field_name($char_query, $count) . "`"; if ($count < $num_fields - 1) { $result .= ","; } } $result .= ") VALUES \n"; for ($i = 0; $i < $numrow; $i++) { $result .= "\t("; $row = $sql->fetch_row($char_query); for ($j = 0; $j < $num_fields; $j++) { $row[$j] = addslashes($row[$j]); $row[$j] = ereg_replace("\n", "\\n", $row[$j]); if (isset($row[$j])) { if ($sql->field_type($char_query, $j) == "int") { $result .= "{$row[$j]}"; } else { $result .= "'{$row[$j]}'"; } } else { $result .= "''"; } if ($j < $num_fields - 1) { $result .= ","; } } if ($i < $numrow - 1) { $result .= "),\n"; } } $result .= ");\n"; } $result .= "UNLOCK TABLES;\n"; $result .= "\n"; fwrite($fp, $result) or die(error($lang_backup['file_write_err'])); } } fclose($fp); } } $sql->close(); unset($sql); redirect("backup.php?error=2"); } elseif ("load" == $backup_action && "acc_on_file" == $backup_from_to) { //load saved account if (empty($_POST['selected_file_name']) || empty($_POST['file_dir'])) { redirect("backup.php?error=1"); } else { $file_name = addslashes($_POST['selected_file_name']); $file_dir = addslashes($_POST['file_dir']); $use_db = addslashes($_POST['use_db']); } $file_tmp = "{$backup_dir}/accounts/{$file_dir}/" . $file_name . "_{$use_db}.sql"; if (file_exists($file_tmp)) { require_once "libs/db_lib/sql_lib.php"; if ($use_db == $realm_db['name']) { $queries = run_sql_script($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name'], "{$backup_dir}/accounts/{$file_dir}/{$file_name}.sql", true); } else { foreach ($characters_db as $db) { if ($use_db == $db['name']) { $queries = run_sql_script($db['addr'], $db['user'], $db['pass'], $db['name'], "{$backup_dir}/accounts/{$file_dir}/{$file_name}.sql", true); } } } redirect("backup.php?error=4&tot={$queries}"); } else { error($lang_backup['file_not_found']); } } else { //non of the options = error redirect("backup.php?error=1"); } }
<?php if (isset($_GET['retweet']) && !empty($_GET['retweet'])) { if (!defined('SITE_ROOT')) { define('SITE_ROOT', '../'); } require_once SITE_ROOT . 'portal_config.php'; require_once SITE_ROOT . 'include/database.class.php'; $db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false); $retweetID = $db->prot(htmlspecialchars($_GET['retweet'])); $db->query("SELECT shout_msg FROM ip_shouts WHERE id='{$retweetID}'"); if ($row = $db->fetch_array()) { $shoutMsg = stripslashes(rtrim(htmlspecialchars_decode($row['shout_msg']))); $shoutMsg = str_ireplace("[rt]", "", $shoutMsg); $shoutMsg = str_ireplace("[/rt]", "", $shoutMsg); $shoutMsg = str_ireplace("<code>", "", $shoutMsg); $shoutMsg = str_ireplace("</code>", "", $shoutMsg); if (preg_match("/!update/i", $shoutMsg)) { $replaceShout = str_ireplace("!update", "", $shoutMsg); echo '[rt]' . $replaceShout . '[/rt]'; } else { if (preg_match("/!request/i", $shoutMsg)) { $replaceShout = str_ireplace("!request", "", $shoutMsg); echo '[rt]' . $replaceShout . '[/rt]'; } else { echo '[rt]' . $shoutMsg . '[/rt]'; } } } else { echo 'KO'; }
function edit_user() { global $lang_edit, $lang_global, $output, $realm_db, $characters_db, $realm_id, $mmfpm_db, $user_name, $user_id, $lang_id_tab, $gm_level_arr, $ren_char, $total_points; mysql_connect($realm_db['addr'], $realm_db['user'], $realm_db['pass']); mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']); $referred_by = mysql_fetch_row(mysql_query("SELECT `InvitedBy` FROM point_system_invites WHERE `PlayersAccount` = '{$user_name}';")); $referred_by = $referred_by[0]; $total_points = mysql_fetch_row(mysql_query("SELECT `points` FROM point_system WHERE `accountid` = '{$user_id}';")); $total_points = $total_points[0]; if ($total_points <= 0) { $total_points = (int) 0; } $datetime = date("Y-m-d H:i:s"); //################################################################################ ############################## // INVITE SYSTEM //################################################################################ ############################## $invite_points = 2; $write_invited = 1; mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']); $rewarded = mysql_fetch_row(mysql_query("SELECT `Rewarded` FROM point_system_invites WHERE `PlayersAccount` = '{$user_name}';")); $rewarded = $rewarded[0]; if ($rewarded != NULL) { if ($rewarded == 0) { if ($referred_by != NULL) { mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']); $total_points = mysql_fetch_row(mysql_query("SELECT `points` FROM point_system WHERE `accountid` = '{$user_id}';")); $total_points = $total_points[0]; if ($total_points == NULL) { $total_points = -1; } if ($total_points >= 0) { mysql_select_db($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']); $RightLevel = mysql_fetch_row(mysql_query("SELECT CAST(SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) AS UNSIGNED) AS `lvl` FROM `characters` WHERE account='{$user_id}' AND (SELECT CAST(SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) AS UNSIGNED)) >= '45' ORDER BY `lvl` DESC LIMIT 1;")); if ($RightLevel[0] != NULL) { mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']); mysql_query("UPDATE point_system SET `points` = ({$total_points} + {$write_invited}) WHERE `accountid` = '{$user_id}';"); mysql_query("INSERT INTO point_system_requests (`username`, `request`, `date`, `code`, `treated`) VALUES ('{$user_name}', 'Got {$write_invited} Points', '{$datetime}', 'For Writing a Reffer', 'Yes');"); mysql_query("UPDATE point_system_invites SET `Rewarded` = '1' WHERE `PlayersAccount` = '{$user_name}';"); $output .= "You Received {$write_invited} Points for Writing who invited you!<br>"; } } if ($total_points == -1) { mysql_select_db($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']); $RightLevel = mysql_fetch_row(mysql_query("SELECT CAST(SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) AS UNSIGNED) AS `lvl` FROM `characters` WHERE account='{$user_id}' AND (SELECT CAST(SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) AS UNSIGNED)) >= '45' ORDER BY `lvl` DESC LIMIT 1;")); if ($RightLevel[0] != NULL) { mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']); mysql_query("INSERT INTO point_system (`accountid`, `points`) VALUES ('{$user_id}', '{$write_invited}');"); mysql_query("INSERT INTO point_system_requests (`username`, `request`, `date`, `code`, `treated`) VALUES ('{$user_name}', 'Created {$write_invited} Points', '{$datetime}', 'For Writing a Reffer', 'Yes');"); mysql_query("UPDATE point_system_invites SET `Rewarded` = '1' WHERE `PlayersAccount` = '{$user_name}';"); $output .= "You Received {$write_invited} Points for Writing who invited you! (NEW)<br>"; } } } } } mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']); $HasPoints = mysql_fetch_row(mysql_query("SELECT `PlayersAccount`,`Treated` FROM point_system_invites WHERE `InviterAccount` = '{$user_name}' AND `Treated` = 0 LIMIT 1;")); if ($HasPoints != NULL) { $HasPoint = $HasPoints[1]; $PlayersAccount = $HasPoints[0]; mysql_select_db($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); $iIP = mysql_fetch_row(mysql_query("SELECT `last_ip` FROM account WHERE `username` = '{$PlayersAccount}';")); $pIP = mysql_fetch_row(mysql_query("SELECT `last_ip` FROM account WHERE `username` = '{$user_name}';")); if ($HasPoint != 1) { if ($iIP[0] != $pIP[0]) { mysql_select_db($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); $PlayersAccountID = mysql_fetch_row(mysql_query("SELECT `id` FROM account WHERE `username` = '{$PlayersAccount}';")); $PlayersAccountID = $PlayersAccountID[0]; mysql_select_db($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']); $RightLevel = mysql_fetch_row(mysql_query("SELECT CAST(SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) AS UNSIGNED) AS `lvl` FROM `characters` WHERE account='{$PlayersAccountID}' AND (SELECT CAST(SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) AS UNSIGNED)) >= '45' ORDER BY `lvl` DESC LIMIT 1;")); if ($user_id < $PlayersAccountID) { if ($RightLevel[0] != NULL) { $output .= "You received points for account {$PlayersAccount} who has a player level {$RightLevel['0']}<br>"; mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']); $total_points = mysql_fetch_row(mysql_query("SELECT `points` FROM point_system WHERE `accountid` = '{$user_id}';")); $total_points = $total_points[0]; if ($total_points == NULL) { $total_points = -1; } if ($total_points >= 0) { mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']); mysql_query("UPDATE point_system SET `points` = ({$total_points} + {$invite_points}) WHERE `accountid` = '{$user_id}';"); mysql_query("INSERT INTO point_system_requests (`username`, `request`, `date`, `code`, `treated`) VALUES ('{$user_name}', 'Added {$invite_points} Points', '{$datetime}', 'Invited {$PlayersAccount}', 'Yes');"); mysql_query("UPDATE point_system_invites SET `Treated` = '1' WHERE `PlayersAccount` = '{$PlayersAccount}';"); $output .= "You Received {$invite_points} Points for Inviting a Friend, Good JOB!"; } if ($total_points == -1) { mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']); mysql_query("INSERT INTO point_system (`accountid`, `points`) VALUES ('{$user_id}', '{$invite_points}');"); mysql_query("INSERT INTO point_system_requests (`username`, `request`, `date`, `code`, `treated`) VALUES ('{$user_name}', 'Created {$invite_points} Points', '{$datetime}', 'Invited {$PlayersAccount}', 'Yes');"); mysql_query("UPDATE point_system_invites SET `Treated` = '1' WHERE `PlayersAccount` = '{$PlayersAccount}';"); $output .= "You Received {$invite_points} Points for Inviting a Friend, Good JOB! (NEW)"; } } else { mysql_select_db($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']); $RightLevel = mysql_fetch_row(mysql_query("SELECT CAST(SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) AS UNSIGNED) AS `lvl` FROM `characters` WHERE account='{$PlayersAccountID}' AND (SELECT CAST(SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) AS UNSIGNED)) >= '45' ORDER BY `lvl` DESC LIMIT 1;")); mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']); mysql_query("UPDATE point_system_invites SET `Treated` = '1' WHERE `PlayersAccount` = '{$PlayersAccount}';"); $output .= "Players you invited did not reach correct level for points"; if ($RightLevel != NULL) { mysql_query("UPDATE point_system_invites SET `Treated` = '0' WHERE `PlayersAccount` = '{$PlayersAccount}';"); } } } else { $output .= "Inviter is older than you"; mysql_select_db($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass']); mysql_query("UPDATE point_system_invites SET `Treated` = '1' WHERE `PlayersAccount` = '{$PlayersAccount}';"); } } else { $output .= "Same comp Same IP"; } } else { $output .= "All invite points has been treated"; } } else { $output .= "No New Points to add"; } //################################################################################ ############################## // PRINT //################################################################################ ############################## $sql = new SQL(); $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); $result = $sql->query("SELECT email,gmlevel,joindate,expansion FROM account WHERE username ='******'"); if ($acc = $sql->fetch_row($result)) { require_once "scripts/id_tab.php"; $output .= "<center>\r\n <script type=\"text/javascript\" src=\"js/sha1.js\"></script>\r\n <script type=\"text/javascript\">\r\n function do_submit_data () {\r\n document.form.pass.value = hex_sha1('" . strtoupper($user_name) . ":'+document.form.user_pass.value.toUpperCase());\r\n document.form.user_pass.value = '0';\r\n do_submit();\r\n }\r\n\r\n\r\n\r\n</script>\r\n <fieldset style=\"width: 600px;\">\r\n <legend>Credit Panel</legend>\r\n <form method=\"post\" action=\"credit.php?action=getitem\" name=\"form\">\r\n <input type=\"hidden\" name=\"pass\" value=\"\" maxlength=\"256\" />\r\n <table class=\"flat\">\r\n <tr>\r\n <td>Your Credits:</td>\r\n <td>{$total_points}</td>\r\n <tr>\r\n <td>VIP Level</td>\r\n <td>" . get_gm_level($acc[1]) . " ( {$acc['1']} )</td>"; if ($acc[1] == 0) { $output .= "<td><a href=\"credit.php?action=getvip\">Upgrade(20)</td>"; } if ($acc[1] != 0) { if ($acc[1] >= 3) { $output .= "<td><a href=\"credit.php?action=extvip\">Extend VIP(20)</td>"; } else { $output .= "<td><a href=\"credit.php?action=getvip\">Upgrade</td><td><a href=\"credit.php?action=extvip\">Extend VIP(20)</td>"; } } $output .= "</tr>\r\n <td>Request Item:</td></tr><tr>\r\n <td>\r\n <select name=\"items\"> \r\n <option value=\"error\">Please select an item</option>\r\n <option value=\"Phoenix\">Phoenix(20)</option>\r\n <option value=\"Bag\">36 Slot Bag(20)</option>\r\n <option value=\"Raven\">Raven Lord(15)</option>\r\n <option value=\"PrimalNether\">Primal Nether(5)</option>\r\n <option value=\"NetherVortex\">Nether Vortex(8)</option>\r\n <option value=\"MercilessD\">Merciless Nether Drake(25)</option>\r\n <option value=\"Murloc\">Murloc Costume(5)</option>\r\n <option value=\"Tiger60\">Swift Spectral Tiger For lvl 60(20)</option>\r\n <option value=\"Tiger30\">Swift Spectral Tiger For lvl 30(15)</option>\r\n <option value=\"Ogre\">Carved Ogre Idol(5)</option>\r\n <option value=\"FlyingBroom\">Swift Flying Broom(20)</option>\r\n <option value=\"BattleBear\">Big Battle Bear(15)</option>\r\n <option value=\"XRocket\">X-51 Nether-Rocket X-TREME(25)</option>\r\n </select>\r\n </td>\r\n <td><input name=\"character\" type=\"text\" value=\"Character Name\"></input></td>\r\n <td>\r\n <input type=\"submit\" value=\"Send item\">\r\n </td></tr>\r\n <tr><td>Your chars</td>\r\n </tr>"; $result = $sql->query("SELECT SUM(numchars) FROM realmcharacters WHERE acctid = '{$user_id}'"); $sql->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']); $result = $sql->query("SELECT guid,name,race,class,SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) FROM `characters` WHERE account = {$user_id}"); while ($char = $sql->fetch_array($result)) { $ren_char = $char[1]; $output .= "<tr>\r\n <td>{$char['1']} - " . get_player_race($char[2]) . " " . get_player_class($char[3]) . " | lvl {$char['4']}</td>\r\n </tr>\r\n<tr><td><a href=\"credit.php?action=rename&ren_char={$ren_char}\">Rename(6)</a></td><td><a href=\"credit.php?action=gen_char&gend_char={$ren_char}\">Change Gender(6)</a></td><td><a href=\"credit.php?action=movechar&char={$ren_char}\">Move Account(7)</a></td>"; } $output .= "</form> <tr>\r\n <form method=\"post\" action=\"credit.php?action=movepoints\" name=\"form\">\r\n <input type=\"hidden\" name=\"pass\" value=\"\" maxlength=\"256\" />\r\n <td>Transfer points to other players:</td></tr><tr>\r\n <td><input name=\"tcharacter\" type=\"text\" value=\"Character Name\"></input></td><td><input name=\"tpoints\" type=\"text\" value=\"Points\"></input></td>\r\n <td>\r\n <input type=\"submit\" value=\"Transfer\">\r\n </td></tr></form>\r\n <form method=\"post\" action=\"credit.php?action=tplayer\" name=\"form\">\r\n <tr><td>Teleport Player</td></tr><tr>\r\n <td><input name=\"tchar\" type=\"text\" value=\"Character Name\"></input></td>\r\n <td>\r\n <select name=\"tplace\"> \r\n <option value=\"error\">Please select a place</option>\r\n <option value=\"Shattrath\">Shattrath(1)</option>\r\n <option value=\"Stormwind\">Stormwind(1)</option>\r\n <option value=\"Orgrimmar\">Orgrimmar(1)</option>\r\n </select>\r\n </td>\r\n <td><input type=\"submit\" value=\"Teleport\"></td></tr>"; $output .= "</table>\r\n </fieldset>\r\n <br />\r\n\r\n <br /></center>"; } else { error($lang_global['err_no_records_found']); } $sql->close(); }
/** * 更新moreinfo * @param unknown_type $id * @param unknown_type $play_method * @param unknown_type $codes * @param unknown_type $ticket_type */ public function update_jc_ticket_sp($id, $play_method, $codes, $ticket_type = 1) { require_once WEBROOT . 'cron_script/SQL.php'; $sql_obj = new SQL(); $return = array(); $code_a = explode(';', $codes); $code = $code_a[0]; $match_detail = explode('/', $code); for ($i = 0; $i < count($match_detail); $i++) { $match_info = explode('|', $match_detail[$i]); $match_id = $match_info[0]; preg_match_all("/\\[(.*)\\]/", $match_info[1], $match_result, PREG_SET_ORDER); $match_results = $match_result[0][1]; $match_results_a = explode(',', $match_results); $match_result_sp = array(); $select_match_query = 'select comb,goalline from match_datas where ticket_type="' . $ticket_type . '" and play_type="' . $play_method . '" and match_id="' . $match_id . '" limit 1'; $sql_obj->query($select_match_query); $match_data = $sql_obj->fetch_array(); $sp = $match_data['comb']; $goalline = $match_data['goalline']; //var_dump($sp); $play_config = array(); if ($ticket_type == 1) { switch ($play_method) { case 1: $play_config = array('3' => 'H', '1' => 'D', '0' => 'A'); break; case 2: $play_config = array('0' => '0', '1' => '1', '2' => '2', '3' => '3', '4' => '4', '5' => '5', '6' => '6', '7' => '7'); break; case 3: $play_config = array('负其它' => '-1:-A', '胜其它' => '-1:-H', '平其它' => '-1:-D', '0:0' => '00:00', '0:1' => '00:01', '0:2' => '00:02', '0:3' => '00:03', '0:4' => '00:04', '0:5' => '00:05', '1:0' => '01:00', '1:1' => '01:01', '1:2' => '01:02', '1:3' => '01:03', '1:4' => '01:04', '1:5' => '01:05', '2:0' => '02:00', '2:1' => '02:01', '2:2' => '02:02', '2:3' => '02:03', '2:4' => '02:04', '2:5' => '02:05', '3:0' => '03:00', '3:1' => '03:01', '3:2' => '03:02', '3:3' => '03:03', '4:0' => '04:00', '4:1' => '04:01', '4:2' => '04:02', '5:0' => '05:00', '5:1' => '05:01', '5:2' => '05:02'); break; case 4: $play_config = array('0-0' => 'cc', '0-1' => 'cb', '0-3' => 'ca', '1-0' => 'bc', '1-1' => 'bb', '1-3' => 'ba', '3-0' => 'ac', '3-1' => 'ab', '3-3' => 'aa'); break; default: break; } } if ($ticket_type == 6) { switch ($play_method) { case 1: $play_config = array('2' => 'H', '1' => 'D'); break; case 2: $play_config = array('2' => 'H', '1' => 'D'); break; case 3: $play_config = array('01' => 'u4e3bu80dc1-5', '02' => 'u4e3bu80dc6-10', '03' => 'u4e3bu80dc11-15', '04' => 'u4e3bu80dc16-20', '05' => 'u4e3bu80dc21-25', '06' => 'u4e3bu80dc26+', '11' => 'u5ba2u80dc1-5', '12' => 'u5ba2u80dc6-10', '13' => 'u5ba2u80dc11-15', '14' => 'u5ba2u80dc16-20', '15' => 'u5ba2u80dc21-25', '16' => 'u5ba2u80dc26+'); break; case 4: $play_config = array('1' => 'H', '2' => 'D'); break; default: break; } } //$sp = '{"cc":{"c":"cc","v":"4.30","s":"1","d":"2011-09-06","t":"05:59:00"},"cb":{"c":"cb","v":"15.00","s":"1","d":"2011-09-06","t":"05:59:00"},"ca":{"c":"ca","v":"28.00","s":"1","d":"2011-09-06","t":"05:59:00"},"bc":{"c":"bc","v":"6.50","s":"1","d":"2011-09-06","t":"05:59:00"},"bb":{"c":"bb","v":"4.50","s":"1","d":"2011-09-06","t":"05:59:00"},"ba":{"c":"ba","v":"5.40","s":"1","d":"2011-09-06","t":"05:59:00"},"ac":{"c":"ac","v":"34.00","s":"1","d":"2011-09-06","t":"05:59:00"},"ab":{"c":"ab","v":"15.00","s":"1","d":"2011-09-06","t":"05:59:00"},"aa":{"c":"aa","v":"3.85","s":"1","d":"2011-09-06","t":"05:59:00"}}'; $sp = json_decode($sp); $result_sp = array(); foreach ($sp as $key => $val) { if (isset($val->c)) { $result_sp[$val->c] = $val->v; } else { $result_sp[] = $val->v; } } //var_dump($result_sp); for ($j = 0; $j < count($match_results_a); $j++) { $key = $play_config[$match_results_a[$j]]; if (array_key_exists($key, $result_sp)) { $match_result_sp[] = $result_sp[$key]; } } $match_result_sp = implode(',', $match_result_sp); //$return[] = $match_id.':'.$match_result_sp; if ($ticket_type == 6 && ($play_method == 2 || $play_method == 4)) { if ($play_method == 2 && $goalline > 0) { $goalline = '+' . $goalline; } $return[] = $match_id . '(' . $goalline . '):' . $match_result_sp; } else { $return[] = $match_id . ':' . $match_result_sp; } //var_dump($return); //echo $i; } $return = implode('|', $return); //var_dump($return); $sql_obj->query('update ticket_nums set moreinfo="' . $return . '" where id="' . $id . '"'); if (!$sql_obj->error()) { return true; } else { return false; } }
<?php // page header, and any additional required libraries require_once "header.php"; //############################################################################################## // MAIN //############################################################################################## $username = isset($_GET['username']) ? $_GET['username'] : NULL; $authkey = isset($_GET['authkey']) ? $_GET['authkey'] : NULL; $output .= "\n<div class=\"top\">"; $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); $query = $sqlm->query("SELECT * \n\t\t\t\t\t\tFROM mm_account_verification \n\t\t\t\t\t\tWHERE username = '******' AND authkey = '{$authkey}'"); $lang_verify = lang_verify(); if ($sqlm->num_rows($query) < 1) { $output .= "\n\t<h1><font class=\"error\">{$lang_verify['verify_failed']}</font></h1>"; } else { $output .= "<h1><font class=\"error\">{$lang_verify['verify_success']}</font></h1>"; $sqlr = new SQL(); $sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); $data = $sqlm->fetch_array($query); list($id, $username, $pass, $gmlevel, $session, $v, $s, $email, $joindate, $last_ip, $failed_logins, $locked, $last_login, $active, $expansion) = $data; $sqlr->query("\n\t\tINSERT INTO account\n\t\t\t(id,\n\t\t\tusername,\n\t\t\tsha_pass_hash,\n\t\t\tgmlevel,\n\t\t\tsessionkey,\n\t\t\tv,\n\t\t\ts,\n\t\t\temail,\n\t\t\tjoindate,\n\t\t\tlast_ip,\n\t\t\tfailed_logins,\n\t\t\tlocked,\n\t\t\tlast_login,\t\t\t\n\t\t\tactive_realm_id,\n\t\t\texpansion)\n\t\tVALUES\n\t\t\t('',\n\t\t\tUPPER('{$username}'),\n\t\t\t'{$pass}',\n\t\t\t0,\n\t\t\t'',\n\t\t\t'',\n\t\t\t'',\n\t\t\t'{$email}'\n\t\t\t,now(),\n\t\t\t'{$last_ip}',\n\t\t\t0,\n\t\t\t{$create_acc_locked},\n\t\t\tNULL,\n\t\t\t0,\n\t\t\t{$expansion})"); $result = $sqlr->query("\n\t\tSELECT * \n\t\tFROM account \n\t\tWHERE username='******'"); } $sqlm->query("\n\t\tDELETE FROM mm_account_verification \n\t\tWHERE username='******'"); $output .= "\n</div>"; $output .= "\n<center>\n<br />\n<table class=\"hidden\">\n\t<tr>\n\t\t<td>" . makebutton($lang_global['home'], 'index.php', 130) . "</td>\n\t</tr>\n</table>\n</center>"; require_once "footer.php";
function backup_user() { //this_is_junk: TODO: Convert this to use $logon_db and ArcEmu data global $output, $logon_db, $characters_db, $realm_id, $user_lvl, $backup_dir, $action_permission; valid_login($action_permission["insert"]); $sql = new SQL(); $sql->connect($logon_db["addr"], $logon_db["user"], $logon_db["pass"], $logon_db["name"], $logon_db["encoding"]); if (isset($_GET["check"])) { $check = $sql->quote_smart($_GET["check"]); } else { redirect("user.php?error=1"); } require_once "libs/tab_lib.php"; $subdir = "{$backup_dir}/accounts/" . date("m_d_y_H_i_s") . "_partial"; mkdir($subdir, 0750); for ($t = 0; $t < count($check); $t++) { if ($check[$t] != "") { $sql->connect($logon_db["addr"], $logon_db["user"], $logon_db["pass"], $logon_db["name"], $logon_db["encoding"]); $query = $sql->query("SELECT acct FROM accounts WHERE acct = {$check[$t]}"); $acc = $sql->fetch_array($query); $file_name_new = $acc[0] . "_{$logon_db["name"]}.sql"; $fp = fopen("{$subdir}/{$file_name_new}", 'w') or die(error(lang("backup", "file_write_err"))); fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$logon_db["name"]};\n") or die(error(lang("backup", "file_write_err"))); fwrite($fp, "USE {$logon_db["name"]};\n\n") or die(error(lang("backup", "file_write_err"))); foreach ($tab_backup_user_realmd as $value) { $acc_query = $sql->query("SELECT * FROM {$value['0']} WHERE {$value['1']} = {$acc['0']}"); $num_fields = $sql->num_fields($acc_query); $numrow = $sql->num_rows($acc_query); $result = "-- Dumping data for {$value['0']} " . date("m.d.y_H.i.s") . "\n"; $result .= "LOCK TABLES {$value['0']} WRITE;\n"; $result .= "DELETE FROM {$value['0']} WHERE {$value['1']} = {$acc['0']};\n"; if ($numrow) { $result .= "INSERT INTO {$value['0']} ("; for ($count = 0; $count < $num_fields; $count++) { $result .= "`" . $sql->field_name($acc_query, $count) . "`"; if ($count < $num_fields - 1) { $result .= ","; } } $result .= ") VALUES \n"; for ($i = 0; $i < $numrow; $i++) { $result .= "\t("; $row = $sql->fetch_row($acc_query); for ($j = 0; $j < $num_fields; $j++) { $row[$j] = addslashes($row[$j]); $row[$j] = ereg_replace("\n", "\\n", $row[$j]); if (isset($row[$j])) { if ($sql->field_type($acc_query, $j) == "int") { $result .= "{$row[$j]}"; } else { $result .= "'{$row[$j]}'"; } } else { $result .= "''"; } if ($j < $num_fields - 1) { $result .= ","; } } if ($i < $numrow - 1) { $result .= "),\n"; } } $result .= ");\n"; } $result .= "UNLOCK TABLES;\n"; $result .= "\n"; fwrite($fp, $result) or die(error(lang("backup", "file_write_err"))); } fclose($fp); foreach ($characters_db as $db) { $file_name_new = $acc[0] . "_{$db["name"]}.sql"; $fp = fopen("{$subdir}/{$file_name_new}", 'w') or die(error(lang("backup", "file_write_err"))); fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$db["name"]};\n") or die(error(lang("backup", "file_write_err"))); fwrite($fp, "USE {$db["name"]};\n\n") or die(error(lang("backup", "file_write_err"))); $sql->connect($db["addr"], $db["user"], $db["pass"], $db["name"], $db["encoding"]); $all_char_query = $sql->query("SELECT guid,name FROM `characters` WHERE account = {$acc['0']}"); while ($char = $sql->fetch_array($all_char_query)) { fwrite($fp, "-- Dumping data for character {$char['1']}\n") or die(error(lang("backup", "file_write_err"))); foreach ($tab_backup_user_characters as $value) { $char_query = $sql->query("SELECT * FROM {$value['0']} WHERE {$value['1']} = {$char['0']}"); $num_fields = $sql->num_fields($char_query); $numrow = $sql->num_rows($char_query); $result = "LOCK TABLES {$value['0']} WRITE;\n"; $result .= "DELETE FROM {$value['0']} WHERE {$value['1']} = {$char['0']};\n"; if ($numrow) { $result .= "INSERT INTO {$value['0']} ("; for ($count = 0; $count < $num_fields; $count++) { $result .= "`" . $sql->field_name($char_query, $count) . "`"; if ($count < $num_fields - 1) { $result .= ","; } } $result .= ") VALUES \n"; for ($i = 0; $i < $numrow; $i++) { $result .= "\t("; $row = $sql->fetch_row($char_query); for ($j = 0; $j < $num_fields; $j++) { $row[$j] = addslashes($row[$j]); $row[$j] = ereg_replace("\n", "\\n", $row[$j]); if (isset($row[$j])) { if ($sql->field_type($char_query, $j) == "int") { $result .= "{$row[$j]}"; } else { $result .= "'{$row[$j]}'"; } } else { $result .= "''"; } if ($j < $num_fields - 1) { $result .= ","; } } if ($i < $numrow - 1) { $result .= "),\n"; } } $result .= ");\n"; } $result .= "UNLOCK TABLES;\n"; $result .= "\n"; fwrite($fp, $result) or die(error(lang("backup", "file_write_err"))); } } fclose($fp); } } } redirect("user.php?error=15"); }
if ($_GET['id'] == null) { $charid = -1; } } else { $charid = -1; $charname = "Invalid ID!"; #redirect("characters.php"); } $sqlt = new SQL(); $sqlt->connect($trin_host, $trin_user, $trin_pass, $trin_db); $sqlc = new SQL(); $sqlc->connect($characters_host[$realmid], $characters_user[$realmid], $characters_pass[$realmid], $characters_db[$realmid]); $sqlw = new SQL(); $sqlw->connect($world_host[$realmid], $world_user[$realmid], $world_pass[$realmid], $world_db[$realmid]); $query = $sqlc->query("SELECT guid, name, online, level FROM characters WHERE guid={$charid}"); $character = $sqlc->fetch_array($query); if ($sqlc->num_rows($query) < 1) { $charname = "Invalid ID!"; $output .= ' <div class="content center_left"> <div class="contentbox"> <div class="contentbox_title">' . $charname . '</div> <div class="contentbox_body">'; } else { getguildbychar($charid); //Added to accomodate for the removal of the 'data' blob in the database $output .= ' <div class="content center_left"> <div class="contentbox"> <div class="contentbox_title">Character Info: ' . $character['name'] . '</div> <div class="contentbox_body"> <ul id="tabnav">
{ global $sqlt; $query = $sqlt->query("SELECT name FROM dbc_skillline WHERE id='{$skillid}'"); $res = $sqlt->fetch_assoc($query); return $res['name']; } $output .= '<div class="content center_left"> <div class="contentbox"> <div class="contentbox_title">Character Info: ' . $character['name'] . '</div> <div class="contentbox_body"> <ul id="tabnav"> <li><a href="characters.php?action=view&id=' . $charid . '">Character</a></li> <li><a href="characters.php?action=reputation&id=' . $charid . '">Reputation</a></li> <li><a href="#" id="tabnav-current">Skills</a></li> <li><a href="characters.php?action=talents&id=' . $charid . '">Talents</a></li> </ul> <div id="tabcontent"> <table class="stats_table">'; while ($skills = $sqlc->fetch_array($query)) { $output .= '<tr><td>' . getskillname($skills['skill']) . '</td><td class="stats_outerbar"> <div class="bar_skill stats_bar" style="width:' . 100 * $skills['value'] / $skills['max'] . '%"></div><div class="bar_text">' . $skills['value'] . '/' . $skills['max'] . '<div></td></tr>'; } $output .= '</div> </table> </div> </div> </div> </div> <div id="clear"> </div>'; require_once "footer.php"; echo $output;
function populate_shoutbox() { $db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false); $db->query("SELECT * FROM ip_shouts ORDER BY id DESC LIMIT 100"); echo '<ul id="chat" class="chat">'; $count_shout = 0; while ($row = $db->fetch_assoc()) { $count_shout++; $get_shoutID = $row['id']; $get_userID = $row['user_id']; $get_shoutMsg = $row['shout_msg']; $get_sTime = $row['shout_time']; $dbf = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false); $dbf->query("SELECT * FROM forum_users WHERE id='{$get_userID}'"); if ($rowf = $dbf->fetch_array()) { $get_groupID = $rowf['group_id']; $get_username = $rowf['username']; $get_realname = $rowf['realname']; $get_title = $rowf['title']; $get_location = $rowf['location']; $get_registered = $rowf['registered']; $get_url = $rowf['url']; $get_facebook = $rowf['facebook']; $get_twitter = $rowf['twitter']; $show_avatar = $rowf['show_avatars']; $avatar_type = $rowf['avatar']; if ($get_facebook == null) { $facebook_url = ''; } else { if (strpos($get_facebook, "http://") === 0 || strpos($get_facebook, "https://") === 0) { $facebook_url = '<a href="' . $get_facebook . '">' . $get_facebook . '</a>'; } else { $facebook_url = '<a href="http://facebook.com/' . $get_facebook . '">http://facebook.com/' . $get_facebook . '</a>'; } } if ($get_twitter == null) { $twitter_url = ''; } else { if (strpos($get_twitter, "http://") === 0 || strpos($get_twitter, "https://") === 0) { $twitter_url = '<a href="' . $get_twitter . '">' . $get_twitter . '</a>'; } else { $twitter_url = '<a href="http://twitter.com/' . $get_twitter . '">http://twitter.com/' . $get_twitter . '</a>'; } } if ($get_url == null) { $website = ''; } else { if (strpos($get_url, "http://") === 0 || strpos($get_url, "https://") === 0) { $website = '<a href="' . $get_url . '">' . $get_url . '</a>'; } else { $website = '<a href="http://' . $get_url . '">http://' . $get_url . '</a>'; } } } $dbf->close(); if ($_SESSION['current_userID'] == $get_userID) { if ($count_shout == 20) { echo '<li id="lastShout" class="right">'; } else { echo '<li class="right">'; } } else { if ($count_shout == 20) { echo '<li id="lastShout" class="left">'; } else { echo '<li class="left">'; } } echo '<a href="profile.php?id=' . $get_userID . '"><img class="avatar" alt="' . $get_username . '" src="' . get_avatar($avatar_type, $get_userID) . '"></a>'; echo '<span class="message"><span class="arrow"></span>'; if ($get_realname == null) { echo '<span class="from"><a href="profile.php?id=' . $get_userID . '" class="user-name">@' . $get_username . '</a> '; } else { echo '<span class="from"><a href="profile.php?id=' . $get_userID . '" class="user-name">' . $get_realname . '</a> '; } if ($get_title !== null) { echo '<span class="forum-title"><em>' . $get_title . '</em></span></span> '; } echo '<span class="time muted"><small>' . timeAgo($get_sTime) . '</small></span>'; if ($_SESSION['current_userID'] !== $get_userID) { echo '<span class="pull-right">'; echo '<button class="btn btn-mini tip-top" id="rtshout-' . $get_shoutID . '" onClick="rtshout(\'' . $get_shoutID . '\',\'' . $get_username . '\');" title="Reshout"><i class="icon-share"></i> RT</button> '; echo '<button class="btn btn-mini" id="mention-' . $get_shoutID . '" onClick="insertNickname(\'' . $get_username . '\');"><i class="icon-circle"></i> Mention</button>'; echo '</span>'; } echo '<span class="text" id="msg-' . $get_shoutID . '">' . stripslashes(rtrim(clickable(bbCode($get_shoutMsg)))) . '</span>'; echo '</span></li>'; } if ($count_shout == 100) { echo '<div style="margin-top:10px;padding:10px;text-align:center;" id="more-' . $get_shoutID . '" class="morebox"><a href="#" id="' . $get_shoutID . '" class="btn btn-small btn-inverse more"><i class="icon-arrow-down icon-white"></i> Load more...</a></div>'; } echo '</ul>'; $db->close(); echo ' <script> $(document).ready(function () { // START DOCUMENT.READY $(".link-tip, .tip-top").tooltip(); $(".more").click(function(e){ e.preventDefault(); var ID = $(this).attr("id"); if (ID){ $("#more-"+ID).html("<div class=\\"loader\\" style=\\"margin-top:10px\\"></div>"); $.ajax({ type: "GET", url: "subfiles/shoutbox_more.php?lastid=" + urlencode(ID), success: function(html){ $("ul#chat").append(html).fadeIn(); $("#more-"+ID).remove(); } }); } else { $(".morebox").html("The End"); } }); }); // END DCOUMENT.READY function urlencode(a) { a = (a + "").toString(); return encodeURIComponent(a).replace(/!/g, "%21").replace(/\'/g, "%27").replace(/\\(/g, "%28").replace(/\\)/g, "%29").replace(/\\*/g, "%2A").replace(/%20/g, "+") } function rtshout(msgid,user){ $.ajax({ type: "GET", url: "subfiles/shoutbox_retweet.php?retweet=" + urlencode(msgid), success: function(html){ if (html !== "KO") { $("#shoutTextarea").val("RT @"+user+": " + html); } } }); } function insertNickname(nickname){ var currentText = document.getElementById("shoutTextarea"); var smileyWithPadding = " @" + nickname + " "; currentText.value += smileyWithPadding; } </script> '; }
function edit_user() { global $lang_global, $lang_user, $output, $realm_db, $characters_db, $realm_id, $mmfpm_db, $user_lvl, $user_name, $gm_level_arr, $action_permission, $expansion_select, $developer_test_mode, $multi_realm_mode, $server; $active_realm_id_pq = "active_realm_id"; if (empty($_GET['id'])) { redirect("user.php?error=10"); } $sqlr = new SQL(); $sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); $sqlm = new SQL(); $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']); $sqlc = new SQL(); $sqlc->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']); $id = $sqlr->quote_smart($_GET['id']); $result = $sqlr->query("SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,{$active_realm_id_pq},expansion FROM account WHERE id = '{$id}'"); $data = $sqlr->fetch_assoc($result); $refguid = $sqlm->fetch_assoc($sqlm->query('SELECT InvitedBy FROM mm_point_system_invites WHERE PlayersAccount = ' . $data['id'] . '')); $refguid = $refguid['InveitedBy']; $referred_by = $sqlc->fetch_assoc($sqlc->query("SELECT name FROM characters WHERE guid = '{$refguid}'")); unset($refguid); $referred_by = $referred_by['name']; if ($sqlr->num_rows($result)) { $output .= ' <center> <script type="text/javascript" src="libs/js/sha1.js"></script> <script type="text/javascript"> // <![CDATA[ function do_submit_data () { if ((document.form.username.value != "' . $data['username'] . '") && (document.form.new_pass.value == "******")) { alert("If you are changing Username, The password must be changed too."); return; } else { document.form.pass.value = hex_sha1(document.form.username.value.toUpperCase()+":"+document.form.new_pass.value.toUpperCase()); document.form.new_pass.value = "0"; do_submit(); } } // ]]> </script> <fieldset style="width: 550px;"> <legend>' . $lang_user['edit_acc'] . '</legend> <form method="post" action="user.php?action=doedit_user" name="form"> <input type="hidden" name="pass" value="" maxlength="256" /> <input type="hidden" name="id" value="' . $id . '" /> <table class="flat"> <tr> <td>' . $lang_user['id'] . '</td> <td>' . $data['id'] . '</td> </tr> <tr> <td>' . $lang_user['username'] . '</td>'; if ($user_lvl >= $action_permission['update']) { $output .= ' <td><input type="text" name="username" size="42" maxlength="15" value="' . $data['username'] . '" /></td>'; } else { $output .= ' <td>' . $data['username'] . '</td>'; } $output .= ' </tr> <tr> <td>' . $lang_user['password'] . '</td>'; if ($user_lvl >= $action_permission['update']) { $output .= "\r\n <td><input type=\"text\" name=\"new_pass\" size=\"42\" maxlength=\"40\" value=\"******\" /></td>"; } else { $output .= "\r\n <td>********</td>"; } $output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['email']}</td>"; if ($user_lvl >= $action_permission['update']) { $output .= ' <td><input type="text" name="mail" size="42" maxlength="225" value="' . $data['email'] . '" /></td>'; } else { $output .= "\r\n <td>***@***.***</td>"; } $output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['invited_by']}:</td>\r\n <td>"; if ($user_lvl >= $action_permission['update'] && !$referred_by != NULL) { $output .= "\r\n <input type=\"text\" name=\"referredby\" size=\"42\" maxlength=\"12\" value=\"{$referred_by}\" />"; } else { $output .= "\r\n {$referred_by}"; } $output .= "\r\n </td>\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['gm_level_long']}</td>"; if ($user_lvl >= $action_permission['update']) { $output .= "\r\n <td>\r\n <select name=\"gmlevel\">"; foreach ($gm_level_arr as $level) { if ($level[0] > -1 && $level[0] < $user_lvl) { $output .= "\r\n <option value=\"{$level[0]}\" "; if ($data['gmlevel'] == $level[0]) { $output .= "selected=\"selected\" "; } $output .= ">{$level[1]}</option>"; } } $output .= "\r\n </select>\r\n </td>"; } else { $output .= ' <td>' . id_get_gm_level($data['gmlevel']) . ' ( ' . $data['gmlevel'] . ' )</td>'; } $output .= ' </tr> <tr> <td>' . $lang_user['join_date'] . '</td> <td>' . $data['joindate'] . '</td> </tr> <tr> <td>' . $lang_user['last_ip'] . '</td>'; if ($user_lvl >= $action_permission['update']) { $output .= ' <td>' . $data['last_ip'] . '<a href="banned.php?action=do_add_entry&entry=' . $data['last_ip'] . '&bantime=3600&ban_type=ip_banned"> <- ' . $lang_user['ban_this_ip'] . '</a></td>'; } else { $output .= "\r\n <td>***.***.***.***</td>"; } $output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['banned']}</td>"; $que = $sqlr->query("SELECT bandate, unbandate, bannedby, banreason FROM account_banned WHERE id = {$id}"); if ($sqlr->num_rows($que)) { $banned = $sqlr->fetch_row($que); $ban_info = " From:" . date('d-m-Y G:i', $banned[0]) . " till:" . date('d-m-Y G:i', $banned[1]) . "<br />by {$banned['2']}"; $ban_checked = " checked=\"checked\""; } else { $ban_checked = ""; $ban_info = ""; $banned[3] = ""; } if ($user_lvl >= $action_permission['update']) { $output .= "\r\n <td><input type=\"checkbox\" name=\"banned\" value=\"1\" {$ban_checked}/>{$ban_info}</td>"; } else { $output .= "\r\n <td>{$ban_info}</td>"; } $output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['banned_reason']}</td>"; if ($user_lvl >= $action_permission['update']) { $output .= "\r\n <td><input type=\"text\" name=\"banreason\" size=\"42\" maxlength=\"255\" value=\"{$banned['3']}\" /></td>"; } else { $output .= "\r\n <td>{$banned['3']}</td>"; } if ($expansion_select) { $output .= "\r\n </tr>\r\n <tr>"; if ($user_lvl >= $action_permission['update']) { $output .= "\r\n <td>{$lang_user['client_type']}</td>"; $output .= "\r\n <td>\r\n <select name=\"expansion\">"; $output .= "\r\n <option value=\"0\">{$lang_user['classic']}</option>\r\n <option value=\"1\" "; if ($data['expansion'] == 1) { $output .= "selected=\"selected\" "; } $output .= ">{$lang_user['tbc']}</option>\r\n <option value=\"2\" "; if ($data['expansion'] == 2) { $output .= "selected=\"selected\" "; } $output .= ">{$lang_user['wotlk']}</option>\r\n </select>\r\n </td>"; } else { $output .= "\r\n <td>{$lang_user['classic']}</td>"; } } $output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['failed_logins_long']}</td>"; if ($user_lvl >= $action_permission['update']) { $output .= ' <td><input type="text" name="failed" size="42" maxlength="3" value="' . $data['failed_logins'] . '" /></td>'; } else { $output .= ' <td>' . $data['failed_logins'] . '</td>'; } $output .= "\r\n </tr>\r\n <tr>\r\n <td>{$lang_user['locked']}</td>"; $lock_checked = $data['locked'] ? " checked=\"checked\"" : ""; if ($user_lvl >= $action_permission['update']) { $output .= "\r\n <td><input type=\"checkbox\" name=\"locked\" value=\"1\" {$lock_checked}/></td>"; } else { $output .= "\r\n <td></td>"; } $output .= ' </tr> <tr> <td>' . $lang_user['last_login'] . '</td> <td>' . $data['last_login'] . '</td> </tr> <tr> <td>' . $lang_user['online'] . '</td>'; $output .= "\r\n <td>" . ($data['active_realm_id'] ? $lang_global['yes'] : $lang_global['no']) . "</td>\r\n </tr>"; $query = $sqlr->query("SELECT SUM(numchars) FROM realmcharacters WHERE acctid = '{$id}'"); $tot_chars = $sqlr->result($query, 0); $query = $sqlc->query("SELECT count(*) FROM `characters` WHERE account = {$id}"); $chars_on_realm = $sqlc->result($query, 0); $output .= "\r\n <tr>\r\n <td>{$lang_user['tot_chars']}</td>\r\n <td>{$tot_chars}</td>\r\n </tr>"; $realms = $sqlr->query("SELECT id, name FROM realmlist"); if ($developer_test_mode && $multi_realm_mode && ($sqlr->num_rows($realms) > 1 && count($server) > 1 && count($characters_db) > 1)) { require_once "scripts/get_lib.php"; while ($realm = $sqlr->fetch_array($realms)) { $sqlc->connect($characters_db[$realm[0]]['addr'], $characters_db[$realm[0]]['user'], $characters_db[$realm[0]]['pass'], $characters_db[$realm[0]]['name']); $query = $sqlc->query("SELECT count(*) FROM `characters` WHERE account = {$id}"); $chars_on_realm = $sqlc->result($query, 0); $output .= "\r\n <tr>\r\n <td>{$lang_user['chars_on_realm']} " . get_realm_name($realm[0]) . "</td>\r\n <td>{$chars_on_realm}</td>\r\n </tr>"; if ($chars_on_realm) { $char_array = $sqlc->query("SELECT guid, name, race, class, level, gender\r\n FROM `characters` WHERE account = {$id}"); while ($char = $sqlc->fetch_array($char_array)) { $output .= "\r\n <tr>\r\n <td> '---></td>\r\n <td>\r\n <a href=\"char.php?id={$char['0']}&realm={$realm['0']}\">{$char['1']} - <img src='img/c_icons/{$char[2]}-{$char[5]}.gif' onmousemove='toolTip(\"" . char_get_race_name($char[2]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" />\r\n <img src='img/c_icons/{$char[3]}.gif' onmousemove='toolTip(\"" . char_get_class_name($char[3]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\"/> - lvl " . char_get_level_color($char[4]) . "</a>\r\n </td>\r\n </tr>"; } } } } else { $query = $sqlc->query("SELECT count(*) FROM `characters` WHERE account = {$id}"); $chars_on_realm = $sqlc->result($query, 0); $output .= "\r\n <tr>\r\n <td>{$lang_user['chars_on_realm']}</td>\r\n <td>{$chars_on_realm}</td>\r\n </tr>"; if ($chars_on_realm) { $char_array = $sqlc->query("SELECT guid,name,race,class, level, gender FROM `characters` WHERE account = {$id}"); while ($char = $sqlc->fetch_array($char_array)) { $output .= "\r\n <tr>\r\n <td> '---></td>\r\n <td>\r\n <a href=\"char.php?id={$char['0']}\">{$char['1']} - <img src='img/c_icons/{$char[2]}-{$char[5]}.gif' onmousemove='toolTip(\"" . char_get_race_name($char[2]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\" />\r\n <img src='img/c_icons/{$char[3]}.gif' onmousemove='toolTip(\"" . char_get_class_name($char[3]) . "\",\"item_tooltip\")' onmouseout='toolTip()' alt=\"\"/> - lvl " . char_get_level_color($char[4]) . "</a>\r\n </td>\r\n </tr>"; } } } $output .= "\r\n <tr>\r\n <td>"; if ($user_lvl >= $action_permission['delete']) { makebutton($lang_user['del_acc'], "user.php?action=del_user&check%5B%5D={$id}\" type=\"wrn", 130); } $output .= "\r\n </td>\r\n <td>"; if ($user_lvl >= $action_permission['update']) { makebutton($lang_user['update_data'], "javascript:do_submit_data()", 130); } makebutton($lang_global['back'], "javascript:window.history.back()\" type=\"def", 130); $output .= "\r\n </td>\r\n </tr>\r\n </table>\r\n </form>\r\n </fieldset>\r\n <br /><br />\r\n </center>\r\n"; } else { error($lang_global['err_no_user']); } }
<?php if (!defined('SITE_ROOT')) { define('SITE_ROOT', '../'); } require_once SITE_ROOT . 'portal_config.php'; require_once SITE_ROOT . 'include/database.class.php'; $db = new SQL(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME, false); //$db->query("SELECT ident FROM forum_online ORDER BY ident"); $db->query("SELECT username FROM forum_users ORDER BY username"); echo '['; while ($row = $db->fetch_array()) { $username = $row['username']; if ($username !== 'Guest') { echo '"@' . $username . '",'; } } echo ']'; $db->close();
$sqlw = new SQL(); $sqlw->connect($world_host[$realmid], $world_user[$realmid], $world_pass[$realmid], $world_db[$realmid]); $query = $sqlc->query("SELECT * FROM character_reputation WHERE guid='{$charid}' AND (flags & 1=1)"); $output .= '<div class="content center_left"> <div class="contentbox"> <div class="contentbox_title">Character Info</div> <div class="contentbox_body"> <ul id="tabnav"> <li><a href="characters.php?action=viewchar&id=' . $charid . '">Character</a></li> <li><a href="characters.php?action=reputation&id=' . $charid . '" id="tabnav-current">Reputation</a></li> <li><a href="characters.php?action=skills&id=' . $charid . '">Skills</a></li> <li><a href="characters.php?action=talents&id=' . $charid . '">Talents</a></li> </ul> <div id="tabcontent"> <table class="stats_table">'; while ($reputation = $sqlc->fetch_array($query)) { if ($reputation['standing'] <= 3000 && $reputation['standing'] >= -3000) { $output .= '<tr><td>' . getfactionname($reputation['faction']) . '</td><td class="stats_outerbar"> <div class="bar_neutral stats_bar" style="width:' . 100 * $reputation['standing'] / 3000 . '%"></div><div class="bar_text">Neutral: ' . $reputation['standing'] . '/3000<div></td></tr>'; } elseif ($reputation['standing'] <= 5999 && $reputation['standing'] >= 3001) { $output .= '<tr><td>' . getfactionname($reputation['faction']) . '</td><td class="stats_outerbar"> <div class="bar_good stats_bar" style="width:' . 100 * $reputation['standing'] / 6000 . '%"></div><div class="bar_text">Friendly: ' . $reputation['standing'] . '/6000<div></td></tr>'; } elseif ($reputation['standing'] <= 11999 && $reputation['standing'] >= 6000) { $output .= '<tr><td>' . getfactionname($reputation['faction']) . '</td><td class="stats_outerbar"> <div class="bar_good stats_bar" style="width:' . 100 * $reputation['standing'] / 12000 . '%"></div><div class="bar_text">Honored: ' . $reputation['standing'] . '/12000<div></td></tr>'; } elseif ($reputation['standing'] <= 20999 && $reputation['standing'] >= 12000) { $output .= '<tr><td>' . getfactionname($reputation['faction']) . '</td><td class="stats_outerbar"> <div class="bar_good stats_bar" style="width:' . 100 * $reputation['standing'] / 21000 . '%"></div><div class="bar_text">Revered: ' . $reputation['standing'] . '/21000<div></td></tr>'; } elseif ($reputation['standing'] <= 22000 && $reputation['standing'] >= 21000) { $output .= '<tr><td>' . getfactionname($reputation['faction']) . '</td><td class="stats_outerbar"> <div class="bar_good stats_bar" style="width:' . 100 * $reputation['standing'] / 22000 . '%"></div><div class="bar_text">Exalted: ' . $reputation['standing'] . '/22000<div></td></tr>'; } } $output .= '</div> </table> </div>