当前位置: 首页>>代码示例>>PHP>>正文


PHP valid_login函数代码示例

本文整理汇总了PHP中valid_login函数的典型用法代码示例。如果您正苦于以下问题:PHP valid_login函数的具体用法?PHP valid_login怎么用?PHP valid_login使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了valid_login函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: authenticate_to_host

            $bind_pwd = $xerte_toolkits_site->bind_pwd;
            $basedn = $xerte_toolkits_site->basedn;
            $bind_dn = $xerte_toolkits_site->bind_dn;
            $result = authenticate_to_host($host, $port, $bind_pwd, $basedn, $bind_dn, $username, $password, $xerte_toolkits_site);
            if ($result) {
                receive_message($username, "USER", "SUCCESS", "Logging in succeeded for " . $username, "Logging in succeeded for " . $username);
                return $result;
            } else {
                receive_message($username, "USER", "CRITICAL", "Login failed for " . $username, "Login failed for " . $username);
                return $result;
            }
        }
    } else {
        while ($host = mysql_fetch_array($ldap_hosts)) {
            $result = authenticate_to_host($host['ldap_host'], $host['ldap_port'], $host['ldap_password'], $host['ldap_username'], $host['ldap_basedn'], $host['ldap_filter'], $host['ldap_filter_attr'], $username, $password, $xerte_toolkits_site);
            if ($result[0]) {
                return true;
            }
        }
    }
    return false;
}
require "../config.php";
if (valid_login($_POST['username'], $_POST['password'], $xerte_toolkits_site)) {
    echo "Logging in worked";
} else {
    echo "Logging in failed";
}
$data = get_user_details($_POST['username'], $_POST['password']);
echo "<p>Getting LDAP record for user - to work with Toolkits - [sn][0] should the surname and [givenname][0] should be the first name<pre>";
print_r($data[1][0]);
开发者ID:jak786,项目名称:xerteonlinetoolkits,代码行数:31,代码来源:ldap_test.php

示例2: do_delete_reward_item

function do_delete_reward_item(&$sqlm)
{
    global $action_permission, $mmfpm_db;
    valid_login($action_permission['delete']);
    $sqlm = new SQL();
    $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
    if (empty($_GET['item'])) {
        redirect('rewards.php?error=1');
    }
    $items = $sqlm->quote_smart($_GET['item']);
    if (is_numeric($items)) {
    } else {
        redirect('rewards.php?error=1');
    }
    $sqlm->query('DELETE FROM mm_reward_item WHERE item = ' . $items . '');
    unset($items);
    if ($sqlm->affected_rows()) {
        redirect('rewards.php?action=show_reward_item');
    } else {
        redirect('rewards.php?error=2');
    }
}
开发者ID:BACKUPLIB,项目名称:Infinity_MaNGOS,代码行数:22,代码来源:rewards.php

示例3: delete_motd

function delete_motd(&$sqlm)
{
    global $action_permission, $realm_id, $mmfpm_db;
    // minimum permission to view page
    valid_login($action_permission['delete']);
    $sqlm = new SQL();
    $sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
    if (empty($_GET['id'])) {
        redirect('index.php');
    }
    $id = $sqlm->quote_smart($_GET['id']);
    if (is_numeric($id)) {
    } else {
        redirect('motd.php?error=1');
    }
    $sqlm->query('
		DELETE FROM mm_motd
		WHERE id =' . $id . '');
    unset($id);
    redirect('index.php');
}
开发者ID:BACKUPLIB,项目名称:Infinity_MaNGOS,代码行数:21,代码来源:motd.php

示例4: valid_login

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/
require_once "header.php";
require_once "libs/get_uptime_lib.php";
valid_login($action_permission["view"]);
function stats($action)
{
    global $output, $realm_id, $logon_db, $server, $theme, $sql, $core;
    $race = array(1 => array(1, "human", "", ""), 2 => array(2, "orc", "", ""), 3 => array(3, "dwarf", "", ""), 4 => array(4, "nightelf", "", ""), 5 => array(5, "undead", "", ""), 6 => array(6, "tauren", "", ""), 7 => array(7, "gnome", "", ""), 8 => array(8, "troll", "", ""), 10 => array(10, "bloodelf", "", ""), 11 => array(11, "draenei", "", ""));
    $class = array(1 => array(1, "warrior", "", ""), 2 => array(2, "paladin", "", ""), 3 => array(3, "hunter", "", ""), 4 => array(4, "rogue", "", ""), 5 => array(5, "priest", "", ""), 6 => array(6, "death_knight", "", ""), 7 => array(7, "shaman", "", ""), 8 => array(8, "mage", "", ""), 9 => array(9, "warlock", "", ""), 11 => array(11, "druid", "", ""));
    $level = array(1 => array(1, 1, 9, "", ""), 2 => array(2, 10, 19, "", ""), 3 => array(3, 20, 29, "", ""), 4 => array(4, 30, 39, "", ""), 5 => array(5, 40, 49, "", ""), 6 => array(6, 50, 59, "", ""), 7 => array(7, 60, 69, "", ""), 8 => array(8, 70, 79, "", ""), 9 => array(9, 80, 80, "", ""));
    function format_uptime($seconds)
    {
        $secs = intval($seconds % 60);
        $mins = intval($seconds / 60 % 60);
        $hours = intval($seconds / 3600 % 24);
        $days = intval($seconds / 86400);
        $uptimeString = "";
        if ($days) {
            $uptimeString .= $days;
开发者ID:Refuge89,项目名称:World-of-Warcraft-Trinity-Core-MaNGOS,代码行数:31,代码来源:stat.php

示例5: switch

    }
}
// If the user isn't logged in, force the user to login
if (!isset($_SESSION['is_valid'])) {
    $action = 'login';
}
switch ($action) {
    case 'login':
        if (isset($_POST['login-email']) && isset($_POST['login-password'])) {
            $user = $_POST['login-email'];
            $password = $_POST['login-password'];
        } else {
            $user = '';
            $password = '';
        }
        if (valid_login($user, $password)) {
            $_SESSION['is_valid'] = $user;
            include 'view/dashboard.php';
        } else {
            include 'view/page_login.php';
        }
        break;
    case 'logout':
        $_SESSION = array();
        // Clear all session data from memory
        session_destroy();
        // Clean up the session ID
        include 'view/page_login.php';
        break;
    case 'show_profile':
        $_SESSION['view_people'] = $_SESSION['is_valid'];
开发者ID:qmau94,项目名称:company_management,代码行数:31,代码来源:index.php

示例6: saveloc

function saveloc()
{
    global $output, $action_permission, $characters_db, $realm_id, $user_id, $hearthstone_credits, $sql, $core;
    valid_login($action_permission["view"]);
    $guid = $sql["char"]->quote_smart($_GET["guid"]);
    if ($core == 1) {
        $query = "SELECT * FROM characters WHERE guid='" . $guid . "'";
    } elseif ($core == 2) {
        $query = "SELECT *,\n      characters.map AS mapId, characters.zone AS zoneId,\n      character_homebind.map AS bindmapId, character_homebind.zone AS bindzoneId,\n      character_homebind.position_x AS bindpositionX, character_homebind.position_y AS bindpositionY,\n      character_homebind.position_z AS bindpositionZ\n      FROM characters LEFT JOIN character_homebind ON characters.guid=character_homebind.guid WHERE characters.guid='" . $guid . "'";
    } else {
        $query = "SELECT *,\n      characters.map AS mapId, characters.zone AS zoneId,\n      character_homebind.mapId AS bindmapId, character_homebind.zoneId AS bindzoneId,\n      character_homebind.posX AS bindpositionX, character_homebind.posY AS bindpositionY,\n      character_homebind.posZ AS bindpositionZ\n      FROM characters LEFT JOIN character_homebind ON characters.guid=character_homebind.guid WHERE characters.guid='" . $guid . "'";
    }
    $char = $sql["char"]->fetch_assoc($sql["char"]->query($query));
    if ($core != 1) {
        if (!isset($char["bindmapId"])) {
            $query = "SELECT * FROM playercreateinfo WHERE race='" . $char["race"] . "' AND class='" . $char["class"] . "'";
            $result = $sql["world"]->query($query);
            $fields = $sql["world"]->fetch_assoc($result);
            $char["bindmapId"] = $fields["map"];
            $char["bindzoneId"] = $fields["zone"];
            $char["bindpositionX"] = $fields["position_x"];
            $char["bindpositionY"] = $fields["position_y"];
            $char["bindpositionZ"] = $fields["position_z"];
        }
    }
    $int_err = 0;
    // credits
    if ($hearthstone_credits > 0) {
        // we need the player's account
        if ($core == 1) {
            $acct_query = "SELECT login AS username FROM accounts WHERE acct=(SELECT acct FROM " . $characters_db[$realm_id]["name"] . ".characters WHERE guid='" . $guid . "')";
        } else {
            $acct_query = "SELECT username FROM account WHERE id=(SELECT account FROM " . $characters_db[$realm_id]["name"] . ".characters WHERE guid='" . $guid . "')";
        }
        $acct_result = $sql["logon"]->query($acct_query);
        $acct_result = $sql["logon"]->fetch_assoc($acct_result);
        $username = $acct_result["username"];
        // now we get the user's credit balance
        $cr_query = "SELECT Credits FROM config_accounts WHERE Login='" . $username . "'";
        $cr_result = $sql["mgr"]->query($cr_query);
        $cr_result = $sql["mgr"]->fetch_assoc($cr_result);
        $credits = $cr_result["Credits"];
        // since this action is delayed, we have to make sure the account still has sufficient funds
        // if the account doesn't have enough, we just ignore the hearthstone request
        if ($credits >= 0 && $credits < $hearthstone_credits) {
            $int_err = 1;
        }
        if (!$int_err) {
            // we don't charge credits if the account is unlimited
            if ($credits >= 0) {
                $credits = $credits - $hearthstone_credits;
            }
            $money_query = "UPDATE config_accounts SET Credits='" . $credits . "' WHERE Login='" . $username . "'";
            $money_result = $sql["mgr"]->query($money_query);
        }
    }
    if (!$int_err) {
        if ($core == 1) {
            $query = "UPDATE characters SET positionX='" . $char["bindpositionX"] . "', positionY='" . $char["bindpositionY"] . "', positionZ='" . $char["bindpositionZ"] . "', mapId='" . $char["bindmapId"] . "', zoneId='" . $char["bindzoneId"] . "' WHERE guid='" . $guid . "'";
        } else {
            $query = "UPDATE characters SET position_x='" . $char["bindpositionX"] . "', position_y='" . $char["bindpositionY"] . "', position_z='" . $char["bindpositionZ"] . "', map='" . $char["bindmapId"] . "', zone='" . $char["bindzoneId"] . "' WHERE guid='" . $guid . "'";
        }
        $result = $sql["char"]->query($query);
        redirect("hearthstone.php?error=2");
    }
    redirect("index.php");
}
开发者ID:Refuge89,项目名称:World-of-Warcraft-Trinity-Core-MaNGOS,代码行数:67,代码来源:hearthstone.php

示例7: set_def_realm

function set_def_realm(&$sqlr)
{
    global $action_permission;
    valid_login($action_permission['read']);
    $id = isset($_GET['id']) ? $sqlr->quote_smart($_GET['id']) : 1;
    if (is_numeric($id)) {
    } else {
        $id = 1;
    }
    if ($sqlr->num_rows($sqlr->query('
		SELECT id 
		FROM realmlist 
		WHERE id = ' . $id . ''))) {
        $_SESSION['realm_id'] = $id;
    }
    unset($id);
    $url = isset($_GET['url']) ? $_GET['url'] : 'index.php';
    redirect($url);
}
开发者ID:BACKUPLIB,项目名称:Infinity_MaNGOS,代码行数:19,代码来源:realm.php

示例8: valid_login

    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/
// page header, and any additional required libraries
require_once 'header.php';
// minimum permission to view page
valid_login($action_permission['delete']);
if (test_port($server[$realm_id]['addr_wan'], $server[$realm_id]['term_port'])) {
    // we start with a lead of 10 spaces,
    //  because last line of header is an opening tag with 8 spaces
    //  keep html indent in sync, so debuging from browser source would be easy to read
    $output .= '
          <!-- start of ssh.php -->
          <center>
            <br />
            <applet codebase="." archive="libs/js/ssh.jar"
              code="de.mud.jta.Applet" width="780" height="350">
              <param name="plugins" value="Status,Socket,' . $server[$realm_id]['term_type'] . ',Terminal" />
              <param name="Socket.host" value="' . $server[$realm_id]['addr_wan'] . '" />
              <param name="Socket.port" value="' . $server[$realm_id]['term_port'] . '" />
            </applet>
            <br />
开发者ID:Refuge89,项目名称:World-of-Warcraft-Trinity-Core-MaNGOS,代码行数:31,代码来源:ssh.php

示例9: purchase

function purchase()
{
    global $world_db, $characters_db, $realm_id, $user_name, $output, $action_permission, $user_lvl, $from_char, $stationary, $sql, $core;
    valid_login($action_permission["view"]);
    if (empty($_GET["item"])) {
        redirect("ultra_vendor.php?error=1");
    }
    if (empty($_GET["total"])) {
        redirect("ultra_vendor.php?error=1");
    }
    if (empty($_GET["want"])) {
        redirect("ultra_vendor.php?error=1");
    }
    $mode = $_GET["mode"];
    if ($core == 1) {
        $iquery = "SELECT * FROM items " . ($locales_search_option != 0 ? "LEFT JOIN items_localized ON (items_localized.entry=items.entry AND language_code='" . $locales_search_option . "') " : " ") . "WHERE items.entry='" . $_GET["item"] . "'";
    } else {
        $iquery = "SELECT * FROM item_template " . ($locales_search_option != 0 ? "LEFT JOIN locales_item ON locales_item.entry=item_template.entry " : " ") . "WHERE item_template.entry='" . $_GET["item"] . "'";
    }
    $iresult = $sql["world"]->query($iquery);
    $item = $sql["world"]->fetch_assoc($iresult);
    // Localization
    if ($locales_search_option != 0) {
        if ($core == 1) {
            $item["name1"] = $item["name"];
        } else {
            $item["name1"] = $item["name_loc" . $locales_search_option];
        }
    } else {
        $item["name1"] = $item["name1"];
    }
    $cquery = "SELECT *, money AS gold FROM characters WHERE name='" . $_GET["char"] . "'";
    $cresult = $sql["char"]->query($cquery);
    $char = $sql["char"]->fetch_assoc($cresult);
    if ($mode == "money") {
        $char_money = $char["gold"];
        $char_money = $char_money - $_GET["total"];
        if ($core == 1) {
            $money_query = "UPDATE characters SET gold='" . $char_money . "' WHERE guid='" . $char["guid"] . "'";
        } else {
            $money_query = "UPDATE characters SET money='" . $char_money . "' WHERE guid='" . $char["guid"] . "'";
        }
        $money_result = $sql["char"]->query($money_query);
    } else {
        // get our credit balance
        $cr_query = "SELECT Credits FROM config_accounts WHERE Login='" . $user_name . "'";
        $cr_result = $sql["mgr"]->query($cr_query);
        $cr_result = $sql["mgr"]->fetch_assoc($cr_result);
        $credits = $cr_result["Credits"];
        // we don't charge credits if the account is unlimited
        if ($credits >= 0) {
            $credits = $credits - $_GET["total"];
        }
        $money_query = "UPDATE config_accounts SET Credits='" . $credits . "' WHERE Login='" . $user_name . "'";
        $money_result = $sql["mgr"]->query($money_query);
    }
    if ($core == 1) {
        $mail_query = "INSERT INTO mailbox_insert_queue VALUES ('" . $from_char . "', '" . $char["guid"] . "', '" . lang("ultra", "questitems") . "', " . chr(34) . $_GET["want"] . "x " . $item["name1"] . chr(34) . ", '" . $stationary . "', '0', '" . $_GET["item"] . "', '" . $_GET["want"] . "')";
        redirect("ultra_vendor.php&moneyresult=" . $money_result);
    } else {
        // we need to be able to bypass mail.php's normal permissions to send mail
        $_SESSION['vendor_permission'] = 1;
        redirect("mail.php?action=send_mail&type=ingame_mail&to=" . $char["name"] . "&subject=" . lang("ultra", "questitems") . "&body=" . $_GET["want"] . "x " . $item["name"] . "&group_sign==&group_send=gm_level&money=0&att_item=" . $_GET["item"] . "&att_stack=" . $_GET["want"] . "&redirect=ultra_vendor.php&moneyresult=" . $money_result);
    }
}
开发者ID:xhaher,项目名称:CoreManager,代码行数:65,代码来源:ultra_vendor.php

示例10: valid_login

<?php

require_once "header.php";
valid_login($action_permission['update']);
//###########################################################################
// print mail form
function print_mail_form()
{
    global $lang_mail, $output;
    $to = isset($_GET['to']) ? $_GET['to'] : NULL;
    $type = isset($_GET['type']) ? $_GET['type'] : "email";
    $output .= "\n        <center>\n          <form action=\"mail.php?action=send_mail\" method=\"post\" name=\"form\">\n            <fieldset style=\"width: 770px;\">\n              <legend>{$lang_mail['mail_type']}</legend>\n              <br />\n              <table class=\"top_hidden\" style=\"width: 720px;\">\n                <tr>\n                  <td align=\"left\">{$lang_mail['recipient']}: <input type=\"text\" name=\"to\" size=\"32\" value=\"{$to}\" maxlength=\"225\" /></td>\n                  <td align=\"left\">{$lang_mail['subject']}: <input type=\"text\" name=\"subject\" size=\"32\" maxlength=\"50\" /></td>\n                  <td width=\"1\" align=\"right\">\n                    <select name=\"type\">";
    if ($type == "email") {
        $output .= "\n                      <option value=\"email\">{$lang_mail['email']}</option>\n                      <option value=\"ingame_mail\">{$lang_mail['ingame_mail']}</option>";
    } else {
        $output .= "\n                      <option value=\"ingame_mail\">{$lang_mail['ingame_mail']}</option>\n                      <option value=\"email\">{$lang_mail['email']}</option>";
    }
    $output .= "\n                    </select>\n                  </td>\n                </tr>\n                <tr><td colspan=\"3\"><hr /></td></tr>\n                <tr>\n                  <td colspan=\"3\">\n                    {$lang_mail['dont_use_both_groupsend_and_to']}\n                  </td>\n                </tr>\n                <tr>\n                  <td colspan=\"3\">{$lang_mail['group_send']}:\n                    <select name=\"group_send\">\n                      <optgroup label=\"{$lang_mail['both']}\">\n                        <option value=\"gm_level\">{$lang_mail['gm_level']}</option>\n                      </optgroup>\n                      <optgroup label=\"{$lang_mail['email']}\">\n                        <option value=\"locked\">{$lang_mail['locked_accouns']}</option>\n                        <option value=\"banned\">{$lang_mail['banned_accounts']}</option>\n                      </optgroup>\n                      <optgroup label=\"{$lang_mail['ingame_mail']}\">\n                        <option value=\"char_level\">{$lang_mail['char_level']}</option>\n                        <option value=\"online\">{$lang_mail['online']}</option>\n                      </optgroup>\n                    </select>\n                    <select name=\"group_sign\">\n                      <option value=\"=\">=</option>\n                      <option value=\"&lt;\">&lt;</option>\n                      <option value=\">\">&gt;</option>\n                      <option value=\"!=\">!=</option>\n                    </select>\n                    <input type=\"text\" name=\"group_value\" size=\"20\" maxlength=\"40\" />\n                  </td>\n                </tr>\n                <tr><td colspan=\"3\"><hr /></td></tr>\n                <tr>\n                  <td colspan=\"3\" align=\"left\">\n                    {$lang_mail['attachments']}:\n                  </td>\n                </tr>\n                <tr>\n                  <td colspan=\"3\" align=\"right\">\n                    {$lang_mail['money']} : <input type=\"text\" name=\"money\" value=\"0\" size=\"10\" maxlength=\"10\" />\n                    {$lang_mail['item']} : <input type=\"text\" name=\"att_item\" value=\"0\" size=\"10\" maxlength=\"10\" />\n                    {$lang_mail['stack']} : <input type=\"text\" name=\"att_stack\" value=\"0\" size=\"10\" maxlength=\"10\" />\n                  </td>\n                </tr>\n                <tr>\n                  <td colspan=\"3\">\n                  </td>\n                </tr>\n              </table>\n            </fieldset>\n            <fieldset style=\"width: 770px;\">\n              <legend>{$lang_mail['mail_body']}</legend>\n              <br /><textarea name=\"body\" rows=\"14\" cols=\"92\"></textarea><br />\n              <br />\n              <table>\n                <tr>\n                  <td>";
    makebutton($lang_mail['send'], "javascript:do_submit()", 130);
    $output .= "\n                  </td>\n                </tr>\n              </table>\n            </fieldset>\n            <br />\n          </form>\n        </center>\n";
}
//#############################################################################
// Send the actual mail(s)
function send_mail()
{
    global $lang_global, $output, $realm_db, $characters_db, $realm_id, $user_name, $from_mail, $mailer_type, $smtp_cfg;
    if (empty($_POST['body']) || empty($_POST['subject']) || empty($_POST['type']) || empty($_POST['group_sign']) || empty($_POST['group_send'])) {
        redirect("mail.php?error=1");
    }
    $sqlr = new SQL();
    $sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
开发者ID:BACKUPLIB,项目名称:minimanager-1,代码行数:31,代码来源:mail.php

示例11: do_edit_ticket

function do_edit_ticket()
{
    global $characters_db, $realm_id, $action_permission;
    valid_login($action_permission['update']);
    if (empty($_POST['new_text']) || empty($_POST['id'])) {
        redirect("ticket.php?error=1");
    }
    $sqlc = new SQL();
    $sqlc->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
    $new_text = $sqlc->quote_smart($_POST['new_text']);
    $id = $sqlc->quote_smart($_POST['id']);
    if (is_numeric($id)) {
    } else {
        redirect("ticket.php?error=1");
    }
    $query = $sqlc->query("UPDATE gm_tickets SET message='{$new_text}' WHERE guid = '{$id}'");
    if ($sqlc->affected_rows()) {
        redirect("ticket.php?error=5");
    } else {
        redirect("ticket.php?error=6");
    }
}
开发者ID:BACKUPLIB,项目名称:minimanager,代码行数:22,代码来源:ticket.php

示例12: valid_login

    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/
// page header, and any additional required libraries
require_once 'header.php';
require_once 'libs/map_zone_lib.php';
// minimum permission to view page
valid_login($action_permission['view']);
//#############################################################################
// INSTANCES
//#############################################################################
function instances()
{
    global $output, $lang_instances, $arcm_db, $realm_id, $world_db, $arcn_db, $itemperpage, $sqlw, $sqlm, $sqld;
    //-------------------SQL Injection Prevention--------------------------------
    // this page has multipage support and field ordering, so we need these
    $start = isset($_GET['start']) ? $sqlw->quote_smart($_GET['start']) : 0;
    if (is_numeric($start)) {
    } else {
        $start = 0;
    }
    $order_by = isset($_GET['order_by']) ? $sqlw->quote_smart($_GET['order_by']) : 'minlevel';
    if (preg_match('/^[_[:lower:]]{1,11}$/', $order_by)) {
开发者ID:Refuge89,项目名称:World-of-Warcraft-Trinity-Core-MaNGOS,代码行数:31,代码来源:instances.php

示例13: saveacct_direct

function saveacct_direct()
{
    global $output, $action_permission, $corem_db, $characters_db, $realm_id, $user_id, $sql, $core;
    valid_login($action_permission["update"]);
    $guid = $sql["mgr"]->quote_smart($_GET["guid"]);
    $new = $sql["mgr"]->quote_smart($_GET["new"]);
    if ($_GET["new1"] != "") {
        $new = $sql["mgr"]->quote_smart($_GET["new1"]);
        if (!is_numeric($new)) {
            if ($core == 1) {
                $acct_query = "SELECT acct, accounts.login, IFNULL(`" . $corem_db["name"] . "`.config_accounts.ScreenName, '')\r\n        FROM accounts\r\n          LEFT JOIN `" . $corem_db["name"] . "`.config_accounts ON config_accounts.Login=accounts.login COLLATE utf8_general_ci\r\n        WHERE accounts.login='" . $new . "' OR config_accounts.Login='" . $new . "'";
            } else {
                $acct_query = "SELECT id AS acct, username AS login, IFNULL(`" . $corem_db["name"] . "`.config_accounts.ScreenName, '')\r\n        FROM account\r\n          LEFT JOIN `" . $corem_db["name"] . "`.config_accounts ON config_accounts.Login=account.username\r\n        WHERE account.username='" . $new . "' OR config_accounts.ScreenName='" . $new . "'";
            }
            $acct_result = $sql["logon"]->query($acct_query);
            $acct_result = $sql["logon"]->fetch_assoc($acct_result);
            $new = $acct_result["acct"];
        }
    }
    if ($core == 1) {
        $result = $sql["char"]->query("UPDATE characters SET acct='" . $new . "' WHERE guid='" . $guid . "'");
    } else {
        $result = $sql["char"]->query("UPDATE characters SET account='" . $new . "' WHERE guid='" . $guid . "'");
    }
    redirect("char_list.php");
}
开发者ID:xhaher,项目名称:CoreManager,代码行数:26,代码来源:change_char_account.php

示例14: do_add_entry

function do_add_entry()
{
    global $logon_db, $characters_db, $realm_id, $user_name, $output, $action_permission, $user_lvl, $sql, $core;
    valid_login($action_permission["insert"]);
    if (empty($_GET["ban_type"]) || empty($_GET["entry"]) || empty($_GET["bantime"])) {
        redirect("banned.php?error=1&action=add_entry");
    }
    $ban_type = $sql["logon"]->quote_smart($_GET["ban_type"]);
    $entry = $sql["logon"]->quote_smart($_GET["entry"]);
    switch ($ban_type) {
        case "accounts":
            if ($core == 1) {
                $result1 = $sql["logon"]->query("SELECT acct FROM accounts WHERE login='" . $entry . "'");
            } else {
                $result1 = $sql["logon"]->query("SELECT id AS acct FROM account WHERE username='" . $entry . "'");
            }
            if (!$sql["logon"]->num_rows($result1)) {
                redirect("banned.php?error=4&action=add_entry");
            } else {
                $entry = $sql["logon"]->result($result1, 0, 'acct');
            }
            break;
        case "characters":
            $result1 = $sql["char"]->query("SELECT guid FROM characters WHERE name='" . $entry . "'");
            if (!$sql["char"]->num_rows($result1)) {
                redirect("banned.php?error=4&action=add_entry");
            } else {
                $entry = $sql["char"]->result($result1, 0, 'guid');
            }
            break;
        case "ipbans":
            break;
    }
    $bantime = time() + 3600 * $sql["logon"]->quote_smart($_GET["bantime"]);
    $banreason = isset($_GET["banreason"]) && $_GET["banreason"] != '' ? $sql["logon"]->quote_smart($_GET["banreason"]) : "none";
    switch ($ban_type) {
        case "accounts":
            if ($core == 1) {
                $result = $sql["logon"]->query("SELECT banned FROM accounts WHERE acct='" . $entry . "'");
            } else {
                $result = $sql["logon"]->query("SELECT active FROM account_banned WHERE id='" . $entry . "' AND active=1");
            }
            $acct_banned = $sql["logon"]->result($result, 0);
            if ($acct_banned == 0) {
                if ($core == 1) {
                    $sql["logon"]->query("UPDATE accounts SET banned='" . $bantime . "' WHERE acct='" . $entry . "'");
                } else {
                    $sql["logon"]->query("INSERT INTO account_banned (id, bandate, unbandate, bannedby, banreason) VALUES ('" . $entry . "', UNIX_TIMESTAMP(), '" . $bantime . "', '" . $user_name . "', '" . $banreason . "')");
                }
            }
            if ($sql["logon"]->affected_rows()) {
                redirect("banned.php?error=3&ban_type=" . $ban_type);
            } else {
                redirect("banned.php?error=2&ban_type=" . $ban_type);
            }
            break;
        case "characters":
            $result = $sql["char"]->query("SELECT banned FROM characters WHERE guid='" . $entry . "'");
            $char_banned = $sql["char"]->result($result, 0);
            if ($char_banned == 0) {
                $sql["char"]->query("UPDATE characters SET banned='" . $bantime . "', banReason='" . $banreason . "' WHERE guid='" . $entry . "'");
            }
            if ($sql["char"]->affected_rows()) {
                redirect("banned.php?error=3&ban_type=" . $ban_type);
            } else {
                redirect("banned.php?error=2&ban_type=" . $ban_type);
            }
            break;
        case "ipbans":
            if ($core == 1) {
                $result = $sql["logon"]->query("SELECT ip FROM ipbans WHERE ip='" . $entry . "'");
            } else {
                $result = $sql["logon"]->query("SELECT ip FROM ip_banned WHERE ip='" . $entry . "'");
            }
            if (!$sql["logon"]->num_rows($result)) {
                if ($core == 1) {
                    $sql["logon"]->query("INSERT INTO ipbans (ip, expire) VALUES ('" . $entry . "', '" . $bantime . "')");
                } else {
                    $sql["logon"]->query("INSERT INTO ip_banned (ip, bandate, unbandate, bannedby, banreason) VALUES ('" . $entry . "', UNIX_TIMESTAMP(), '" . $bantime . "', '" . $user_name . "', '" . $banreason . "')");
                }
            }
            if ($sql["logon"]->affected_rows()) {
                redirect("banned.php?error=3&ban_type=" . $ban_type);
            } else {
                redirect("banned.php?error=2&ban_type=" . $ban_type);
            }
            break;
    }
}
开发者ID:Refuge89,项目名称:World-of-Warcraft-Trinity-Core-MaNGOS,代码行数:89,代码来源:banned.php

示例15: do_delete

function do_delete()
{
    global $world_db, $realm_id, $action_permission, $user_lvl;
    valid_login($action_permission['delete']);
    if (isset($_GET['entry'])) {
        $entry = $_GET['entry'];
    } else {
        redirect("item.php?error=1");
    }
    $sqlw = new SQL();
    $sqlw->connect($world_db[$realm_id]['addr'], $world_db[$realm_id]['user'], $world_db[$realm_id]['pass'], $world_db[$realm_id]['name']);
    $result = $sqlw->query("DELETE FROM item_template WHERE entry = '{$entry}'");
    redirect("item.php");
}
开发者ID:BACKUPLIB,项目名称:Infinity_MaNGOS,代码行数:14,代码来源:item.php


注:本文中的valid_login函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。