本文整理汇总了PHP中valid_login函数的典型用法代码示例。如果您正苦于以下问题:PHP valid_login函数的具体用法?PHP valid_login怎么用?PHP valid_login使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了valid_login函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: authenticate_to_host
$bind_pwd = $xerte_toolkits_site->bind_pwd;
$basedn = $xerte_toolkits_site->basedn;
$bind_dn = $xerte_toolkits_site->bind_dn;
$result = authenticate_to_host($host, $port, $bind_pwd, $basedn, $bind_dn, $username, $password, $xerte_toolkits_site);
if ($result) {
receive_message($username, "USER", "SUCCESS", "Logging in succeeded for " . $username, "Logging in succeeded for " . $username);
return $result;
} else {
receive_message($username, "USER", "CRITICAL", "Login failed for " . $username, "Login failed for " . $username);
return $result;
}
}
} else {
while ($host = mysql_fetch_array($ldap_hosts)) {
$result = authenticate_to_host($host['ldap_host'], $host['ldap_port'], $host['ldap_password'], $host['ldap_username'], $host['ldap_basedn'], $host['ldap_filter'], $host['ldap_filter_attr'], $username, $password, $xerte_toolkits_site);
if ($result[0]) {
return true;
}
}
}
return false;
}
require "../config.php";
if (valid_login($_POST['username'], $_POST['password'], $xerte_toolkits_site)) {
echo "Logging in worked";
} else {
echo "Logging in failed";
}
$data = get_user_details($_POST['username'], $_POST['password']);
echo "<p>Getting LDAP record for user - to work with Toolkits - [sn][0] should the surname and [givenname][0] should be the first name<pre>";
print_r($data[1][0]);
示例2: do_delete_reward_item
function do_delete_reward_item(&$sqlm)
{
global $action_permission, $mmfpm_db;
valid_login($action_permission['delete']);
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
if (empty($_GET['item'])) {
redirect('rewards.php?error=1');
}
$items = $sqlm->quote_smart($_GET['item']);
if (is_numeric($items)) {
} else {
redirect('rewards.php?error=1');
}
$sqlm->query('DELETE FROM mm_reward_item WHERE item = ' . $items . '');
unset($items);
if ($sqlm->affected_rows()) {
redirect('rewards.php?action=show_reward_item');
} else {
redirect('rewards.php?error=2');
}
}
示例3: delete_motd
function delete_motd(&$sqlm)
{
global $action_permission, $realm_id, $mmfpm_db;
// minimum permission to view page
valid_login($action_permission['delete']);
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
if (empty($_GET['id'])) {
redirect('index.php');
}
$id = $sqlm->quote_smart($_GET['id']);
if (is_numeric($id)) {
} else {
redirect('motd.php?error=1');
}
$sqlm->query('
DELETE FROM mm_motd
WHERE id =' . $id . '');
unset($id);
redirect('index.php');
}
示例4: valid_login
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
require_once "header.php";
require_once "libs/get_uptime_lib.php";
valid_login($action_permission["view"]);
function stats($action)
{
global $output, $realm_id, $logon_db, $server, $theme, $sql, $core;
$race = array(1 => array(1, "human", "", ""), 2 => array(2, "orc", "", ""), 3 => array(3, "dwarf", "", ""), 4 => array(4, "nightelf", "", ""), 5 => array(5, "undead", "", ""), 6 => array(6, "tauren", "", ""), 7 => array(7, "gnome", "", ""), 8 => array(8, "troll", "", ""), 10 => array(10, "bloodelf", "", ""), 11 => array(11, "draenei", "", ""));
$class = array(1 => array(1, "warrior", "", ""), 2 => array(2, "paladin", "", ""), 3 => array(3, "hunter", "", ""), 4 => array(4, "rogue", "", ""), 5 => array(5, "priest", "", ""), 6 => array(6, "death_knight", "", ""), 7 => array(7, "shaman", "", ""), 8 => array(8, "mage", "", ""), 9 => array(9, "warlock", "", ""), 11 => array(11, "druid", "", ""));
$level = array(1 => array(1, 1, 9, "", ""), 2 => array(2, 10, 19, "", ""), 3 => array(3, 20, 29, "", ""), 4 => array(4, 30, 39, "", ""), 5 => array(5, 40, 49, "", ""), 6 => array(6, 50, 59, "", ""), 7 => array(7, 60, 69, "", ""), 8 => array(8, 70, 79, "", ""), 9 => array(9, 80, 80, "", ""));
function format_uptime($seconds)
{
$secs = intval($seconds % 60);
$mins = intval($seconds / 60 % 60);
$hours = intval($seconds / 3600 % 24);
$days = intval($seconds / 86400);
$uptimeString = "";
if ($days) {
$uptimeString .= $days;
示例5: switch
}
}
// If the user isn't logged in, force the user to login
if (!isset($_SESSION['is_valid'])) {
$action = 'login';
}
switch ($action) {
case 'login':
if (isset($_POST['login-email']) && isset($_POST['login-password'])) {
$user = $_POST['login-email'];
$password = $_POST['login-password'];
} else {
$user = '';
$password = '';
}
if (valid_login($user, $password)) {
$_SESSION['is_valid'] = $user;
include 'view/dashboard.php';
} else {
include 'view/page_login.php';
}
break;
case 'logout':
$_SESSION = array();
// Clear all session data from memory
session_destroy();
// Clean up the session ID
include 'view/page_login.php';
break;
case 'show_profile':
$_SESSION['view_people'] = $_SESSION['is_valid'];
示例6: saveloc
function saveloc()
{
global $output, $action_permission, $characters_db, $realm_id, $user_id, $hearthstone_credits, $sql, $core;
valid_login($action_permission["view"]);
$guid = $sql["char"]->quote_smart($_GET["guid"]);
if ($core == 1) {
$query = "SELECT * FROM characters WHERE guid='" . $guid . "'";
} elseif ($core == 2) {
$query = "SELECT *,\n characters.map AS mapId, characters.zone AS zoneId,\n character_homebind.map AS bindmapId, character_homebind.zone AS bindzoneId,\n character_homebind.position_x AS bindpositionX, character_homebind.position_y AS bindpositionY,\n character_homebind.position_z AS bindpositionZ\n FROM characters LEFT JOIN character_homebind ON characters.guid=character_homebind.guid WHERE characters.guid='" . $guid . "'";
} else {
$query = "SELECT *,\n characters.map AS mapId, characters.zone AS zoneId,\n character_homebind.mapId AS bindmapId, character_homebind.zoneId AS bindzoneId,\n character_homebind.posX AS bindpositionX, character_homebind.posY AS bindpositionY,\n character_homebind.posZ AS bindpositionZ\n FROM characters LEFT JOIN character_homebind ON characters.guid=character_homebind.guid WHERE characters.guid='" . $guid . "'";
}
$char = $sql["char"]->fetch_assoc($sql["char"]->query($query));
if ($core != 1) {
if (!isset($char["bindmapId"])) {
$query = "SELECT * FROM playercreateinfo WHERE race='" . $char["race"] . "' AND class='" . $char["class"] . "'";
$result = $sql["world"]->query($query);
$fields = $sql["world"]->fetch_assoc($result);
$char["bindmapId"] = $fields["map"];
$char["bindzoneId"] = $fields["zone"];
$char["bindpositionX"] = $fields["position_x"];
$char["bindpositionY"] = $fields["position_y"];
$char["bindpositionZ"] = $fields["position_z"];
}
}
$int_err = 0;
// credits
if ($hearthstone_credits > 0) {
// we need the player's account
if ($core == 1) {
$acct_query = "SELECT login AS username FROM accounts WHERE acct=(SELECT acct FROM " . $characters_db[$realm_id]["name"] . ".characters WHERE guid='" . $guid . "')";
} else {
$acct_query = "SELECT username FROM account WHERE id=(SELECT account FROM " . $characters_db[$realm_id]["name"] . ".characters WHERE guid='" . $guid . "')";
}
$acct_result = $sql["logon"]->query($acct_query);
$acct_result = $sql["logon"]->fetch_assoc($acct_result);
$username = $acct_result["username"];
// now we get the user's credit balance
$cr_query = "SELECT Credits FROM config_accounts WHERE Login='" . $username . "'";
$cr_result = $sql["mgr"]->query($cr_query);
$cr_result = $sql["mgr"]->fetch_assoc($cr_result);
$credits = $cr_result["Credits"];
// since this action is delayed, we have to make sure the account still has sufficient funds
// if the account doesn't have enough, we just ignore the hearthstone request
if ($credits >= 0 && $credits < $hearthstone_credits) {
$int_err = 1;
}
if (!$int_err) {
// we don't charge credits if the account is unlimited
if ($credits >= 0) {
$credits = $credits - $hearthstone_credits;
}
$money_query = "UPDATE config_accounts SET Credits='" . $credits . "' WHERE Login='" . $username . "'";
$money_result = $sql["mgr"]->query($money_query);
}
}
if (!$int_err) {
if ($core == 1) {
$query = "UPDATE characters SET positionX='" . $char["bindpositionX"] . "', positionY='" . $char["bindpositionY"] . "', positionZ='" . $char["bindpositionZ"] . "', mapId='" . $char["bindmapId"] . "', zoneId='" . $char["bindzoneId"] . "' WHERE guid='" . $guid . "'";
} else {
$query = "UPDATE characters SET position_x='" . $char["bindpositionX"] . "', position_y='" . $char["bindpositionY"] . "', position_z='" . $char["bindpositionZ"] . "', map='" . $char["bindmapId"] . "', zone='" . $char["bindzoneId"] . "' WHERE guid='" . $guid . "'";
}
$result = $sql["char"]->query($query);
redirect("hearthstone.php?error=2");
}
redirect("index.php");
}
示例7: set_def_realm
function set_def_realm(&$sqlr)
{
global $action_permission;
valid_login($action_permission['read']);
$id = isset($_GET['id']) ? $sqlr->quote_smart($_GET['id']) : 1;
if (is_numeric($id)) {
} else {
$id = 1;
}
if ($sqlr->num_rows($sqlr->query('
SELECT id
FROM realmlist
WHERE id = ' . $id . ''))) {
$_SESSION['realm_id'] = $id;
}
unset($id);
$url = isset($_GET['url']) ? $_GET['url'] : 'index.php';
redirect($url);
}
示例8: valid_login
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
// page header, and any additional required libraries
require_once 'header.php';
// minimum permission to view page
valid_login($action_permission['delete']);
if (test_port($server[$realm_id]['addr_wan'], $server[$realm_id]['term_port'])) {
// we start with a lead of 10 spaces,
// because last line of header is an opening tag with 8 spaces
// keep html indent in sync, so debuging from browser source would be easy to read
$output .= '
<!-- start of ssh.php -->
<center>
<br />
<applet codebase="." archive="libs/js/ssh.jar"
code="de.mud.jta.Applet" width="780" height="350">
<param name="plugins" value="Status,Socket,' . $server[$realm_id]['term_type'] . ',Terminal" />
<param name="Socket.host" value="' . $server[$realm_id]['addr_wan'] . '" />
<param name="Socket.port" value="' . $server[$realm_id]['term_port'] . '" />
</applet>
<br />
示例9: purchase
function purchase()
{
global $world_db, $characters_db, $realm_id, $user_name, $output, $action_permission, $user_lvl, $from_char, $stationary, $sql, $core;
valid_login($action_permission["view"]);
if (empty($_GET["item"])) {
redirect("ultra_vendor.php?error=1");
}
if (empty($_GET["total"])) {
redirect("ultra_vendor.php?error=1");
}
if (empty($_GET["want"])) {
redirect("ultra_vendor.php?error=1");
}
$mode = $_GET["mode"];
if ($core == 1) {
$iquery = "SELECT * FROM items " . ($locales_search_option != 0 ? "LEFT JOIN items_localized ON (items_localized.entry=items.entry AND language_code='" . $locales_search_option . "') " : " ") . "WHERE items.entry='" . $_GET["item"] . "'";
} else {
$iquery = "SELECT * FROM item_template " . ($locales_search_option != 0 ? "LEFT JOIN locales_item ON locales_item.entry=item_template.entry " : " ") . "WHERE item_template.entry='" . $_GET["item"] . "'";
}
$iresult = $sql["world"]->query($iquery);
$item = $sql["world"]->fetch_assoc($iresult);
// Localization
if ($locales_search_option != 0) {
if ($core == 1) {
$item["name1"] = $item["name"];
} else {
$item["name1"] = $item["name_loc" . $locales_search_option];
}
} else {
$item["name1"] = $item["name1"];
}
$cquery = "SELECT *, money AS gold FROM characters WHERE name='" . $_GET["char"] . "'";
$cresult = $sql["char"]->query($cquery);
$char = $sql["char"]->fetch_assoc($cresult);
if ($mode == "money") {
$char_money = $char["gold"];
$char_money = $char_money - $_GET["total"];
if ($core == 1) {
$money_query = "UPDATE characters SET gold='" . $char_money . "' WHERE guid='" . $char["guid"] . "'";
} else {
$money_query = "UPDATE characters SET money='" . $char_money . "' WHERE guid='" . $char["guid"] . "'";
}
$money_result = $sql["char"]->query($money_query);
} else {
// get our credit balance
$cr_query = "SELECT Credits FROM config_accounts WHERE Login='" . $user_name . "'";
$cr_result = $sql["mgr"]->query($cr_query);
$cr_result = $sql["mgr"]->fetch_assoc($cr_result);
$credits = $cr_result["Credits"];
// we don't charge credits if the account is unlimited
if ($credits >= 0) {
$credits = $credits - $_GET["total"];
}
$money_query = "UPDATE config_accounts SET Credits='" . $credits . "' WHERE Login='" . $user_name . "'";
$money_result = $sql["mgr"]->query($money_query);
}
if ($core == 1) {
$mail_query = "INSERT INTO mailbox_insert_queue VALUES ('" . $from_char . "', '" . $char["guid"] . "', '" . lang("ultra", "questitems") . "', " . chr(34) . $_GET["want"] . "x " . $item["name1"] . chr(34) . ", '" . $stationary . "', '0', '" . $_GET["item"] . "', '" . $_GET["want"] . "')";
redirect("ultra_vendor.php&moneyresult=" . $money_result);
} else {
// we need to be able to bypass mail.php's normal permissions to send mail
$_SESSION['vendor_permission'] = 1;
redirect("mail.php?action=send_mail&type=ingame_mail&to=" . $char["name"] . "&subject=" . lang("ultra", "questitems") . "&body=" . $_GET["want"] . "x " . $item["name"] . "&group_sign==&group_send=gm_level&money=0&att_item=" . $_GET["item"] . "&att_stack=" . $_GET["want"] . "&redirect=ultra_vendor.php&moneyresult=" . $money_result);
}
}
示例10: valid_login
<?php
require_once "header.php";
valid_login($action_permission['update']);
//###########################################################################
// print mail form
function print_mail_form()
{
global $lang_mail, $output;
$to = isset($_GET['to']) ? $_GET['to'] : NULL;
$type = isset($_GET['type']) ? $_GET['type'] : "email";
$output .= "\n <center>\n <form action=\"mail.php?action=send_mail\" method=\"post\" name=\"form\">\n <fieldset style=\"width: 770px;\">\n <legend>{$lang_mail['mail_type']}</legend>\n <br />\n <table class=\"top_hidden\" style=\"width: 720px;\">\n <tr>\n <td align=\"left\">{$lang_mail['recipient']}: <input type=\"text\" name=\"to\" size=\"32\" value=\"{$to}\" maxlength=\"225\" /></td>\n <td align=\"left\">{$lang_mail['subject']}: <input type=\"text\" name=\"subject\" size=\"32\" maxlength=\"50\" /></td>\n <td width=\"1\" align=\"right\">\n <select name=\"type\">";
if ($type == "email") {
$output .= "\n <option value=\"email\">{$lang_mail['email']}</option>\n <option value=\"ingame_mail\">{$lang_mail['ingame_mail']}</option>";
} else {
$output .= "\n <option value=\"ingame_mail\">{$lang_mail['ingame_mail']}</option>\n <option value=\"email\">{$lang_mail['email']}</option>";
}
$output .= "\n </select>\n </td>\n </tr>\n <tr><td colspan=\"3\"><hr /></td></tr>\n <tr>\n <td colspan=\"3\">\n {$lang_mail['dont_use_both_groupsend_and_to']}\n </td>\n </tr>\n <tr>\n <td colspan=\"3\">{$lang_mail['group_send']}:\n <select name=\"group_send\">\n <optgroup label=\"{$lang_mail['both']}\">\n <option value=\"gm_level\">{$lang_mail['gm_level']}</option>\n </optgroup>\n <optgroup label=\"{$lang_mail['email']}\">\n <option value=\"locked\">{$lang_mail['locked_accouns']}</option>\n <option value=\"banned\">{$lang_mail['banned_accounts']}</option>\n </optgroup>\n <optgroup label=\"{$lang_mail['ingame_mail']}\">\n <option value=\"char_level\">{$lang_mail['char_level']}</option>\n <option value=\"online\">{$lang_mail['online']}</option>\n </optgroup>\n </select>\n <select name=\"group_sign\">\n <option value=\"=\">=</option>\n <option value=\"<\"><</option>\n <option value=\">\">></option>\n <option value=\"!=\">!=</option>\n </select>\n <input type=\"text\" name=\"group_value\" size=\"20\" maxlength=\"40\" />\n </td>\n </tr>\n <tr><td colspan=\"3\"><hr /></td></tr>\n <tr>\n <td colspan=\"3\" align=\"left\">\n {$lang_mail['attachments']}:\n </td>\n </tr>\n <tr>\n <td colspan=\"3\" align=\"right\">\n {$lang_mail['money']} : <input type=\"text\" name=\"money\" value=\"0\" size=\"10\" maxlength=\"10\" />\n {$lang_mail['item']} : <input type=\"text\" name=\"att_item\" value=\"0\" size=\"10\" maxlength=\"10\" />\n {$lang_mail['stack']} : <input type=\"text\" name=\"att_stack\" value=\"0\" size=\"10\" maxlength=\"10\" />\n </td>\n </tr>\n <tr>\n <td colspan=\"3\">\n </td>\n </tr>\n </table>\n </fieldset>\n <fieldset style=\"width: 770px;\">\n <legend>{$lang_mail['mail_body']}</legend>\n <br /><textarea name=\"body\" rows=\"14\" cols=\"92\"></textarea><br />\n <br />\n <table>\n <tr>\n <td>";
makebutton($lang_mail['send'], "javascript:do_submit()", 130);
$output .= "\n </td>\n </tr>\n </table>\n </fieldset>\n <br />\n </form>\n </center>\n";
}
//#############################################################################
// Send the actual mail(s)
function send_mail()
{
global $lang_global, $output, $realm_db, $characters_db, $realm_id, $user_name, $from_mail, $mailer_type, $smtp_cfg;
if (empty($_POST['body']) || empty($_POST['subject']) || empty($_POST['type']) || empty($_POST['group_sign']) || empty($_POST['group_send'])) {
redirect("mail.php?error=1");
}
$sqlr = new SQL();
$sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
示例11: do_edit_ticket
function do_edit_ticket()
{
global $characters_db, $realm_id, $action_permission;
valid_login($action_permission['update']);
if (empty($_POST['new_text']) || empty($_POST['id'])) {
redirect("ticket.php?error=1");
}
$sqlc = new SQL();
$sqlc->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
$new_text = $sqlc->quote_smart($_POST['new_text']);
$id = $sqlc->quote_smart($_POST['id']);
if (is_numeric($id)) {
} else {
redirect("ticket.php?error=1");
}
$query = $sqlc->query("UPDATE gm_tickets SET message='{$new_text}' WHERE guid = '{$id}'");
if ($sqlc->affected_rows()) {
redirect("ticket.php?error=5");
} else {
redirect("ticket.php?error=6");
}
}
示例12: valid_login
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
// page header, and any additional required libraries
require_once 'header.php';
require_once 'libs/map_zone_lib.php';
// minimum permission to view page
valid_login($action_permission['view']);
//#############################################################################
// INSTANCES
//#############################################################################
function instances()
{
global $output, $lang_instances, $arcm_db, $realm_id, $world_db, $arcn_db, $itemperpage, $sqlw, $sqlm, $sqld;
//-------------------SQL Injection Prevention--------------------------------
// this page has multipage support and field ordering, so we need these
$start = isset($_GET['start']) ? $sqlw->quote_smart($_GET['start']) : 0;
if (is_numeric($start)) {
} else {
$start = 0;
}
$order_by = isset($_GET['order_by']) ? $sqlw->quote_smart($_GET['order_by']) : 'minlevel';
if (preg_match('/^[_[:lower:]]{1,11}$/', $order_by)) {
示例13: saveacct_direct
function saveacct_direct()
{
global $output, $action_permission, $corem_db, $characters_db, $realm_id, $user_id, $sql, $core;
valid_login($action_permission["update"]);
$guid = $sql["mgr"]->quote_smart($_GET["guid"]);
$new = $sql["mgr"]->quote_smart($_GET["new"]);
if ($_GET["new1"] != "") {
$new = $sql["mgr"]->quote_smart($_GET["new1"]);
if (!is_numeric($new)) {
if ($core == 1) {
$acct_query = "SELECT acct, accounts.login, IFNULL(`" . $corem_db["name"] . "`.config_accounts.ScreenName, '')\r\n FROM accounts\r\n LEFT JOIN `" . $corem_db["name"] . "`.config_accounts ON config_accounts.Login=accounts.login COLLATE utf8_general_ci\r\n WHERE accounts.login='" . $new . "' OR config_accounts.Login='" . $new . "'";
} else {
$acct_query = "SELECT id AS acct, username AS login, IFNULL(`" . $corem_db["name"] . "`.config_accounts.ScreenName, '')\r\n FROM account\r\n LEFT JOIN `" . $corem_db["name"] . "`.config_accounts ON config_accounts.Login=account.username\r\n WHERE account.username='" . $new . "' OR config_accounts.ScreenName='" . $new . "'";
}
$acct_result = $sql["logon"]->query($acct_query);
$acct_result = $sql["logon"]->fetch_assoc($acct_result);
$new = $acct_result["acct"];
}
}
if ($core == 1) {
$result = $sql["char"]->query("UPDATE characters SET acct='" . $new . "' WHERE guid='" . $guid . "'");
} else {
$result = $sql["char"]->query("UPDATE characters SET account='" . $new . "' WHERE guid='" . $guid . "'");
}
redirect("char_list.php");
}
示例14: do_add_entry
function do_add_entry()
{
global $logon_db, $characters_db, $realm_id, $user_name, $output, $action_permission, $user_lvl, $sql, $core;
valid_login($action_permission["insert"]);
if (empty($_GET["ban_type"]) || empty($_GET["entry"]) || empty($_GET["bantime"])) {
redirect("banned.php?error=1&action=add_entry");
}
$ban_type = $sql["logon"]->quote_smart($_GET["ban_type"]);
$entry = $sql["logon"]->quote_smart($_GET["entry"]);
switch ($ban_type) {
case "accounts":
if ($core == 1) {
$result1 = $sql["logon"]->query("SELECT acct FROM accounts WHERE login='" . $entry . "'");
} else {
$result1 = $sql["logon"]->query("SELECT id AS acct FROM account WHERE username='" . $entry . "'");
}
if (!$sql["logon"]->num_rows($result1)) {
redirect("banned.php?error=4&action=add_entry");
} else {
$entry = $sql["logon"]->result($result1, 0, 'acct');
}
break;
case "characters":
$result1 = $sql["char"]->query("SELECT guid FROM characters WHERE name='" . $entry . "'");
if (!$sql["char"]->num_rows($result1)) {
redirect("banned.php?error=4&action=add_entry");
} else {
$entry = $sql["char"]->result($result1, 0, 'guid');
}
break;
case "ipbans":
break;
}
$bantime = time() + 3600 * $sql["logon"]->quote_smart($_GET["bantime"]);
$banreason = isset($_GET["banreason"]) && $_GET["banreason"] != '' ? $sql["logon"]->quote_smart($_GET["banreason"]) : "none";
switch ($ban_type) {
case "accounts":
if ($core == 1) {
$result = $sql["logon"]->query("SELECT banned FROM accounts WHERE acct='" . $entry . "'");
} else {
$result = $sql["logon"]->query("SELECT active FROM account_banned WHERE id='" . $entry . "' AND active=1");
}
$acct_banned = $sql["logon"]->result($result, 0);
if ($acct_banned == 0) {
if ($core == 1) {
$sql["logon"]->query("UPDATE accounts SET banned='" . $bantime . "' WHERE acct='" . $entry . "'");
} else {
$sql["logon"]->query("INSERT INTO account_banned (id, bandate, unbandate, bannedby, banreason) VALUES ('" . $entry . "', UNIX_TIMESTAMP(), '" . $bantime . "', '" . $user_name . "', '" . $banreason . "')");
}
}
if ($sql["logon"]->affected_rows()) {
redirect("banned.php?error=3&ban_type=" . $ban_type);
} else {
redirect("banned.php?error=2&ban_type=" . $ban_type);
}
break;
case "characters":
$result = $sql["char"]->query("SELECT banned FROM characters WHERE guid='" . $entry . "'");
$char_banned = $sql["char"]->result($result, 0);
if ($char_banned == 0) {
$sql["char"]->query("UPDATE characters SET banned='" . $bantime . "', banReason='" . $banreason . "' WHERE guid='" . $entry . "'");
}
if ($sql["char"]->affected_rows()) {
redirect("banned.php?error=3&ban_type=" . $ban_type);
} else {
redirect("banned.php?error=2&ban_type=" . $ban_type);
}
break;
case "ipbans":
if ($core == 1) {
$result = $sql["logon"]->query("SELECT ip FROM ipbans WHERE ip='" . $entry . "'");
} else {
$result = $sql["logon"]->query("SELECT ip FROM ip_banned WHERE ip='" . $entry . "'");
}
if (!$sql["logon"]->num_rows($result)) {
if ($core == 1) {
$sql["logon"]->query("INSERT INTO ipbans (ip, expire) VALUES ('" . $entry . "', '" . $bantime . "')");
} else {
$sql["logon"]->query("INSERT INTO ip_banned (ip, bandate, unbandate, bannedby, banreason) VALUES ('" . $entry . "', UNIX_TIMESTAMP(), '" . $bantime . "', '" . $user_name . "', '" . $banreason . "')");
}
}
if ($sql["logon"]->affected_rows()) {
redirect("banned.php?error=3&ban_type=" . $ban_type);
} else {
redirect("banned.php?error=2&ban_type=" . $ban_type);
}
break;
}
}
示例15: do_delete
function do_delete()
{
global $world_db, $realm_id, $action_permission, $user_lvl;
valid_login($action_permission['delete']);
if (isset($_GET['entry'])) {
$entry = $_GET['entry'];
} else {
redirect("item.php?error=1");
}
$sqlw = new SQL();
$sqlw->connect($world_db[$realm_id]['addr'], $world_db[$realm_id]['user'], $world_db[$realm_id]['pass'], $world_db[$realm_id]['name']);
$result = $sqlw->query("DELETE FROM item_template WHERE entry = '{$entry}'");
redirect("item.php");
}