本文整理汇总了PHP中wowhead_tt函数的典型用法代码示例。如果您正苦于以下问题:PHP wowhead_tt函数的具体用法?PHP wowhead_tt怎么用?PHP wowhead_tt使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了wowhead_tt函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: bbcode_callbacks_wow
function bbcode_callbacks_wow($item)
{
global $item_datasite;
wowhead_tt();
require_once "scripts/id_tab.php";
require_once "scripts/get_lib.php";
return "<a href=\"{$item_datasite}{$item[1]}\" target=\"_blank\"\r\nonmouseover=\"toolTip('" . addslashes(get_item_tooltip($item[1])) . "','item_tooltip')\" onmouseout=\"toolTip()\">\r\n<img src=\"" . get_item_icon($item[1]) . "\" class=\"icon_border\" alt=\"\" /></a>";
}
示例2: bbcode_callbacks_wow
function bbcode_callbacks_wow($item)
{
global $base_datasite, $item_datasite;
wowhead_tt();
require_once "scripts/id_tab.php";
require_once "scripts/get_lib.php";
return '
<a href="' . $base_datasite . $item_datasite . $item[1] . '" target="_blank" onmouseover="oldtoolTip(\'' . addslashes(get_item_tooltip($item[1])) . '\',\'old_item_tooltip\')" onmouseout="oldtoolTip()">
<img src="' . get_item_icon($item[1]) . '" class="icon_border" alt="" />
</a>';
}
示例3: search
function search()
{
global $lang_global, $lang_mail, $output, $itemperpage, $item_datasite, $mangos_db, $characters_db, $realm_id, $sql_search_limit;
wowhead_tt();
if (!isset($_GET['search_value']) || !isset($_GET['search_by'])) {
redirect("mail_on.php?error=2");
}
$sql = new SQL();
$sql->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
$search_value = $sql->quote_smart($_GET['search_value']);
$search_by = $sql->quote_smart($_GET['search_by']);
$search_menu = array('sender', 'receiver');
// if (!array_key_exists($search_by, $search_menu)) $search_by = 'sender';
$start = isset($_GET['start']) ? $sql->quote_smart($_GET['start']) : 0;
$order_by = isset($_GET['order_by']) ? $sql->quote_smart($_GET['order_by']) : "id";
$dir = isset($_GET['dir']) ? $sql->quote_smart($_GET['dir']) : 1;
$order_dir = $dir ? "ASC" : "DESC";
$dir = $dir ? 0 : 1;
$temp = $sql->query("SELECT guid FROM `characters` WHERE name like '%{$search_value}%'");
$search_value = $sql->result($temp, 0, 'guid');
$query_1 = $sql->query("SELECT count(*) FROM `mail`");
$query = $sql->query("SELECT a.id, a.messageType, a.sender, a.receiver, a.subject, a.itemTextId, a.has_items, a.money, a.cod, a.checked, b.item_template\r\n FROM mail a\r\n INNER JOIN mail_items b ON a.id = b.mail_id\r\n WHERE {$search_by} = {$search_value}\r\n ORDER BY {$order_by} {$order_dir} LIMIT {$start}, {$itemperpage}");
$this_page = $sql->num_rows($query);
$all_record = $sql->result($query_1, 0);
$total_found = $sql->num_rows($query);
//==========================top page navigation starts here========================
$output .= "<center><table class=\"top_hidden\">\r\n <tr><td>\r\n <table class=\"hidden\">\r\n <tr><td>\r\n <form action=\"mail_on.php\" method=\"get\" name=\"form\">\r\n <input type=\"hidden\" name=\"action\" value=\"search\" />\r\n <input type=\"hidden\" name=\"error\" value=\"4\" />\r\n <input type=\"text\" size=\"45\" name=\"search_value\" />\r\n <select name=\"search_by\">\r\n <option value=\"sender\">Sender</option>\r\n <option value=\"receiver\">Receiver</option>\r\n </select></form></td><td>";
makebutton($lang_global['search'], "javascript:do_submit()", 80);
$output .= "</td></tr></table>\r\n <td align=\"right\">";
$output .= generate_pagination("mail_on.php?action=search&order_by={$order_by}&dir=" . !$dir, $all_record, $itemperpage, $start);
$output .= "</td></tr></table>";
//==========================top page navigation ENDS here ========================
$output .= "<table class=\"lined\">\r\n <tr>\r\n <th width=\"5%\">" . $lang_mail['id'] . "</th>\r\n <th width=\"5%\">" . $lang_mail['mail_type'] . "</th>\r\n <th width=\"10%\">" . $lang_mail['sender'] . "</th>\r\n <th width=\"10%\">" . $lang_mail['receiver'] . "</th>\r\n <th width=\"15%\">" . $lang_mail['subject'] . "</th>\r\n <th width=\"5%\">" . $lang_mail['has_items'] . "</th>\r\n <th width=\"25%\">" . $lang_mail['text'] . "</th>\r\n <th width=\"20%\">" . $lang_mail['money'] . "</th>\r\n <th width=\"5%\">" . $lang_mail['checked'] . "</th>\r\n </tr>";
while ($mail = $sql->fetch_array($query)) {
$g = floor($mail[7] / 10000);
$mail[7] -= $g * 10000;
$s = floor($mail[7] / 100);
$mail[7] -= $s * 100;
$c = $mail[7];
$money = "";
if ($mail[7] > 0) {
$money = $g . "<img src=\"./img/gold.gif\" /> " . $s . "<img src=\"./img/silver.gif\" /> " . $c . "<img src=\"./img/copper.gif\" /> ";
}
$output .= "<tr valign=top>\r\n <td>{$mail['0']}</td>\r\n <td>" . get_mail_source($mail[1]) . "</td>\r\n <td><a href=\"char.php?id={$mail['2']}\">" . get_char_name($mail[2]) . "</a></td>\r\n <td><a href=\"char.php?id={$mail['3']}\">" . get_char_name($mail[3]) . "</a></td>\r\n <td>{$mail['4']}</td>\r\n ";
$output .= "<td>";
$output .= "\r\n <a style=\"padding:2px;\" href=\"{$item_datasite}{$mail[10]}\" target=\"_blank\">\r\n <img class=\"bag_icon\" src=\"" . get_item_icon($mail[10]) . "\" alt=\"\" />\r\n </a>";
//maketooltip("<img src=\"./img/up.gif\" alt=\"\">", $item_datasite{$mail[10]}, $mail[10], "item_tooltip", "target=\"_blank\"");
$output .= "</td>";
$output .= "<td>" . get_mail_text($mail[5]) . "</td>\r\n <td>{$money}</td>\r\n <td>" . get_check_state($mail[9]) . "</td>\r\n </tr>";
}
/*--------------------------------------------------*/
$output .= "<tr><td colspan=\"6\" class=\"hidden\" align=\"right\">All Mails: {$all_record}</td></tr>\r\n </table></center>";
$sql->close();
}
示例4: char_inv
function char_inv(&$sqlr, &$sqlc)
{
global $output, $lang_global, $lang_char, $lang_item, $realm_id, $characters_db, $world_db, $mmfpm_db, $action_permission, $user_lvl, $user_name, $item_datasite;
// this page uses wowhead tooltops
wowhead_tt();
require_once 'core/char/char_security.php';
// getting character data from database
$result = $sqlc->query('SELECT account, name, race, class, level, gender, money
FROM characters WHERE guid = ' . $id . ' LIMIT 1');
// no point going further if character does not exist
if ($sqlc->num_rows($result)) {
$char = $sqlc->fetch_assoc($result);
// we get user permissions first
$owner_acc_id = $sqlc->result($result, 0, 'account');
$result = $sqlr->query('SELECT `username`, `gmlevel` FROM `account` LEFT JOIN `account_access` ON `account`.`id`=`account_access`.`id` WHERE `account`.`id` = ' . $owner_acc_id . ' ORDER BY `gmlevel` DESC LIMIT 1');
$owner_name = $sqlr->result($result, 0, 'username');
$owner_gmlvl = $sqlr->result($result, 0, 'gmlevel');
if (empty($owner_gmlvl)) {
$owner_gmlvl = 0;
}
// check user permission
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
// main data that we need for this page, character inventory
$result = $sqlc->query('SELECT ci.bag, ci.slot, ci.item, ii.itemEntry,
count as stack_count
FROM character_inventory ci INNER JOIN item_instance ii on ii.guid = ci.item
WHERE ci.guid = ' . $id . ' ORDER BY ci.bag,ci.slot');
//---------------Page Specific Data Starts Here--------------------------
// lets start processing first before we display anything
// we have lots to do for inventory
// character bags, 1 main + 4 additional
$bag = array(0 => array(), 1 => array(), 2 => array(), 3 => array(), 4 => array());
// character bang, 1 main + 7 additional
$bank = array(0 => array(), 1 => array(), 2 => array(), 3 => array(), 4 => array(), 5 => array(), 6 => array(), 7 => array());
// this is where we will put items that are in main bag
$bag_id = array();
// this is where we will put items that are in main bank
$bank_bag_id = array();
// this is where we will put items that are in character bags, 4 arrays, 1 for each
$equiped_bag_id = array(0, 0, 0, 0, 0);
// this is where we will put items that are in bank bangs, 7 arrays, 1 for each
$equip_bnk_bag_id = array(0, 0, 0, 0, 0, 0, 0, 0);
$sqlw = new SQL();
$sqlw->connect($world_db[$realmid]['addr'], $world_db[$realmid]['user'], $world_db[$realmid]['pass'], $world_db[$realmid]['name']);
// we load the things in each bag slot
while ($slot = $sqlc->fetch_assoc($result)) {
if ($slot['bag'] == 0 && $slot['slot'] > 18) {
if ($slot['slot'] < 23) {
$bag_id[$slot['item']] = $slot['slot'] - 18;
$equiped_bag_id[$slot['slot'] - 18] = array($slot['itemEntry'], $sqlw->result($sqlw->query('SELECT ContainerSlots FROM item_template WHERE entry = ' . $slot['itemEntry'] . ''), 0, 'ContainerSlots'), $slot['stack_count']);
} elseif ($slot['slot'] < 39) {
if (isset($bag[0][$slot['slot'] - 23])) {
$bag[0][$slot['slot'] - 23][0]++;
} else {
$bag[0][$slot['slot'] - 23] = array($slot['itemEntry'], 0, $slot['stack_count']);
}
} elseif ($slot['slot'] < 67) {
// SLOT 39 TO 66 (Bank)
$bank[0][$slot['slot'] - 39] = array($slot['itemEntry'], 0, $slot['stack_count']);
} elseif ($slot['slot'] < 74) {
$bank_bag_id[$slot['item']] = $slot['slot'] - 66;
$equip_bnk_bag_id[$slot['slot'] - 66] = array($slot['itemEntry'], $sqlw->result($sqlw->query('SELECT ContainerSlots FROM item_template WHERE entry = ' . $slot['itemEntry'] . ''), 0, 'ContainerSlots'), $slot['stack_count']);
}
} else {
// Bags
if (isset($bag_id[$slot['bag']])) {
if (isset($bag[$bag_id[$slot['bag']]][$slot['slot']])) {
$bag[$bag_id[$slot['bag']]][$slot['slot']][1]++;
} else {
$bag[$bag_id[$slot['bag']]][$slot['slot']] = array($slot['itemEntry'], 0, $slot['stack_count']);
}
} elseif (isset($bank_bag_id[$slot['bag']])) {
$bank[$bank_bag_id[$slot['bag']]][$slot['slot']] = array($slot['itemEntry'], 0, $slot['stack_count']);
}
}
}
unset($slot);
unset($bag_id);
unset($bank_bag_id);
unset($result);
//------------------------Character Tabs---------------------------------
// we start with a lead of 10 spaces,
// because last line of header is an opening tag with 8 spaces
// keep html indent in sync, so debuging from browser source would be easy to read
$output .= '
<center>
<div id="tab_content">
<h1>' . $lang_char['inventory'] . '</h1>
<br />';
require_once 'core/char/char_header.php';
$output .= '
<br /><br />
<table class="lined" style="width: 700px;">
<tr>';
//---------------Page Specific Data Starts Here--------------------------
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
// equipped bags
for ($i = 1; $i < 5; ++$i) {
$output .= '
//.........这里部分代码省略.........
示例5: char_main
function char_main(&$sqlr, &$sqlc)
{
global $output, $lang_global, $lang_char, $lang_item, $realm_id, $realm_db, $characters_db, $world_db, $server, $mmfpm_db, $action_permission, $user_lvl, $user_name, $user_id, $item_datasite, $spell_datasite, $showcountryflag;
// this page uses wowhead tooltops
wowhead_tt();
// we need at least an id or we would have nothing to show
if (empty($_GET['id'])) {
error($lang_global['empty_fields']);
}
// this is multi realm support, as of writing still under development
// this page is already implementing it
if (empty($_GET['realm'])) {
$realmid = $realm_id;
} else {
$realmid = $sqlr->quote_smart($_GET['realm']);
if (is_numeric($realmid)) {
$sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']);
} else {
$realmid = $realm_id;
}
}
$id = $sqlc->quote_smart($_GET['id']);
if (is_numeric($id)) {
} else {
error($lang_global['empty_fields']);
}
$result = $sqlc->query('SELECT account, race FROM characters WHERE guid = ' . $id . ' LIMIT 1');
if ($sqlc->num_rows($result)) {
//resrict by owner's gmlvl
$owner_acc_id = $sqlc->result($result, 0, 'account');
$query = $sqlr->query('SELECT gmlevel, username FROM account WHERE id = ' . $owner_acc_id . '');
$owner_gmlvl = $sqlr->result($query, 0, 'gmlevel');
$owner_name = $sqlr->result($query, 0, 'username');
if ($user_lvl || $server[$realmid]['both_factions']) {
$side_v = 0;
$side_p = 0;
} else {
$side_p = in_array($sqlc->result($result, 0, 'race'), array(2, 5, 6, 8, 10)) ? 1 : 2;
$result_1 = $sqlc->query('SELECT race FROM characters WHERE account = ' . $user_id . ' LIMIT 1');
if ($sqlc->num_rows($result)) {
$side_v = in_array($sqlc->result($result_1, 0, 'race'), array(2, 5, 6, 8, 10)) ? 1 : 2;
} else {
$side_v = 0;
}
unset($result_1);
}
if ($user_lvl >= $owner_gmlvl && ($side_v === $side_p || !$side_v)) {
$result = $sqlc->query('SELECT account, data, name, race, class, gender, level, zone, map, online, totaltime,
arenaPoints, totalHonorPoints, totalKills,
health,
power1, power2, power3, power4, power5, power6, power7
FROM characters
WHERE guid = ' . $id . '');
$char = $sqlc->fetch_assoc($result);
$char_data = explode(' ', $char['data']);
$online = $char['online'] ? $lang_char['online'] : $lang_char['offline'];
if ($char_data[CHAR_DATA_OFFSET_GUILD_ID]) {
$guild_name = $sqlc->result($sqlc->query('SELECT name FROM guild WHERE guildid =' . $char_data[CHAR_DATA_OFFSET_GUILD_ID] . ''), 0, 'name');
$guild_name = '<a href="guild.php?action=view_guild&realm=' . $realmid . '&error=3&id=' . $char_data[CHAR_DATA_OFFSET_GUILD_ID] . '" >' . $guild_name . '</a>';
$mrank = $char_data[CHAR_DATA_OFFSET_GUILD_RANK] + 1;
$guild_rank = $sqlc->result($sqlc->query('SELECT rname FROM guild_rank WHERE guildid =' . $char_data[CHAR_DATA_OFFSET_GUILD_ID] . ' AND rid=' . $mrank . ''), 0, 'rname');
} else {
$guild_name = $lang_global['none'];
$guild_rank = $lang_global['none'];
}
$block = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_BLOCK]));
$block = round($block[1], 2);
$dodge = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_DODGE]));
$dodge = round($dodge[1], 2);
$parry = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_PARRY]));
$parry = round($parry[1], 2);
$crit = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MELEE_CRIT]));
$crit = round($crit[1], 2);
$ranged_crit = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_RANGE_CRIT]));
$ranged_crit = round($ranged_crit[1], 2);
$maxdamage = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MAXDAMAGE]));
$maxdamage = round($maxdamage[1], 0);
$mindamage = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MINDAMAGE]));
$mindamage = round($mindamage[1], 0);
$maxrangeddamage = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MAXRANGEDDAMAGE]));
$maxrangeddamage = round($maxrangeddamage[1], 0);
$minrangeddamage = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_MINRANGEDDAMAGE]));
$minrangeddamage = round($minrangeddamage[1], 0);
$spell_crit = 100;
for ($i = 0; $i < 6; ++$i) {
$temp = unpack('f', pack('L', $char_data[CHAR_DATA_OFFSET_SPELL_CRIT + 1 + $i]));
if ($temp[1] < $spell_crit) {
$spell_crit = $temp[1];
}
}
$spell_crit = round($spell_crit, 2);
$spell_damage = 9999;
for ($i = 0; $i < 6; ++$i) {
if ($char_data[CHAR_DATA_OFFSET_SPELL_DAMAGE + 1 + $i] < $spell_damage) {
$spell_damage = $char_data[CHAR_DATA_OFFSET_SPELL_DAMAGE + 1 + $i];
}
}
$rage = round($char['power2'] / 10);
$expertise = '' . $char_data[CHAR_DATA_OFFSET_EXPERTISE] . ' / ' . $char_data[CHAR_DATA_OFFSET_OFFHAND_EXPERTISE] . '';
$EQU_HEAD = $char_data[CHAR_DATA_OFFSET_EQU_HEAD];
//.........这里部分代码省略.........
示例6: char_skill
function char_skill(&$sqlr, &$sqlc)
{
global $lang_global, $lang_char, $output, $realm_id, $realm_db, $characters_db, $mmfpm_db, $action_permission, $user_lvl, $user_name, $skill_datasite;
// this page uses wowhead tooltops
wowhead_tt();
//==========================$_GET and SECURE=================================
// id and multi realm security to prevent sql injection
require_once './include/char/include/char_multi_realm_security.php';
$order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : 1;
$dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 1;
if (preg_match('/^[01]{1}$/', $dir)) {
} else {
$dir = 1;
}
$order_dir = $dir ? 'ASC' : 'DESC';
$dir = $dir ? 0 : 1;
//==========================$_GET and SECURE end=============================
// getting character data from database
$result = $sqlc->query('
SELECT account, name, race, class, gender, level
FROM characters
WHERE guid = ' . $id . '
LIMIT 1');
// no point going further if character does not exist
if ($sqlc->num_rows($result)) {
$char = $sqlc->fetch_assoc($result);
// we get user permissions first
$owner_acc_id = $sqlc->result($result, 0, 'account');
$result = $sqlr->query('
SELECT gmlevel, username
FROM account
WHERE id = ' . $char['account'] . '');
$owner_gmlvl = $sqlr->result($result, 0, 'gmlevel');
$owner_name = $sqlr->result($result, 0, 'username');
// check user permission
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
// character sub header
$output .= '
<center>
<div id="tab_content">
<h1>' . $lang_char['skills'] . '</h1>
<br />';
// character menu tab
require_once './include/char/include/char_header.php';
// character info
require_once './include/char/include/char_info.php';
//---------------Page Specific Data Starts Here--------------------------
$output .= '
<div id="tab_content2">
<table class="lined" style="width: 700px;">
<tr>
<th class="title" colspan="' . ($user_lvl ? '3' : '2') . '" align="left">' . $lang_char['skills'] . '</th>
</tr>
<tr>
' . ($user_lvl ? '<th><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '&order_by=0&dir=' . $dir . '"' . ($order_by == 0 ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['skill_id'] . '</a></th>' : '') . '
<th align="right"><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '&order_by=1&dir=' . $dir . '"' . ($order_by == 1 ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['skill_name'] . '</a></th>
<th><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '&order_by=2&dir=' . $dir . '"' . ($order_by == 2 ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['skill_value'] . '</a></th>
</tr>';
$skill_array = array();
$class_array = array();
$prof_1_array = array();
$prof_2_array = array();
$weapon_array = array();
$armor_array = array();
$language_array = array();
$skill_rank_array = array(1 => $lang_char['none'], 350 => $lang_char['none'], 75 => $lang_char['apprentice'], 150 => $lang_char['journeyman'], 225 => $lang_char['expert'], 300 => $lang_char['artisan'], 375 => $lang_char['master'], 450 => $lang_char['grand_master'], 525 => $lang_char['illustrious']);
$result = $sqlc->query('
SELECT skill, value, max
FROM character_skills
WHERE guid = ' . $id . '');
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
while ($char_skill = $sqlc->fetch_assoc($result)) {
$temp = $char_skill['value'];
$skill = $char_skill['skill'];
$max = $char_skill['max'];
if (skill_get_type($skill, $sqlm) == 6) {
array_push($weapon_array, array($user_lvl ? $skill : '', skill_get_name($skill, $sqlm), $temp, $max));
} elseif (skill_get_type($skill, $sqlm) == 7) {
array_push($class_array, array($user_lvl ? $skill : '', skill_get_name($skill, $sqlm), $temp, $max));
} elseif (skill_get_type($skill, $sqlm) == 8) {
array_push($armor_array, array($user_lvl ? $skill : '', skill_get_name($skill, $sqlm), $temp, $max));
} elseif (skill_get_type($skill, $sqlm) == 9) {
array_push($prof_2_array, array($user_lvl ? $skill : '', skill_get_name($skill, $sqlm), $temp, $max));
} elseif (skill_get_type($skill, $sqlm) == 10) {
array_push($language_array, array($user_lvl ? $skill : '', skill_get_name($skill, $sqlm), $temp, $max));
} elseif (skill_get_type($skill, $sqlm) == 11) {
array_push($prof_1_array, array($user_lvl ? $skill : '', skill_get_name($skill, $sqlm), $temp, $max));
} else {
array_push($skill_array, array($user_lvl ? $skill : '', skill_get_name($skill, $sqlm), $temp, $max));
}
}
unset($char_skill);
aasort($skill_array, $order_by, $dir);
aasort($class_array, $order_by, $dir);
aasort($prof_1_array, $order_by, $dir);
aasort($prof_2_array, $order_by, $dir);
aasort($weapon_array, $order_by, $dir);
aasort($armor_array, $order_by, $dir);
aasort($language_array, $order_by, $dir);
//.........这里部分代码省略.........
示例7: char_pets
function char_pets(&$sqlr, &$sqlc)
{
global $output, $lang_global, $lang_char, $realm_id, $characters_db, $mmfpm_db, $action_permission, $user_lvl, $user_name, $spell_datasite, $pet_ability;
// this page uses wowhead tooltops
wowhead_tt();
//==========================$_GET and SECURE=================================
// id and multi realm security to prevent sql injection
require_once './include/char/include/char_multi_realm_security.php';
//==========================$_GET and SECURE end=============================
// getting character data from database
$result = $sqlc->query('
SELECT account, name, race, class, gender, level
FROM characters
WHERE guid = ' . $id . '
LIMIT 1');
// no point going further if character does not exist
if ($sqlc->num_rows($result)) {
$char = $sqlc->fetch_assoc($result);
// we get user permissions first
$owner_acc_id = $sqlc->result($result, 0, 'account');
$result = $sqlr->query('
SELECT gmlevel, username
FROM account
WHERE id = ' . $char['account'] . '');
$owner_gmlvl = $sqlr->result($result, 0, 'gmlevel');
$owner_name = $sqlr->result($result, 0, 'username');
// check user permission
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
// character sub header
$output .= '
<center>
<div id="tab_content">
<h1>' . $lang_char['pets'] . '</h1>
<br />';
// character menu tab
require_once './include/char/include/char_header.php';
// character info
require_once './include/char/include/char_info.php';
//---------------Page Specific Data Starts Here--------------------------
$output .= '
<div id="tab_content2">';
$result = $sqlc->query('
SELECT id, level, exp, name, curhappiness
FROM character_pet
WHERE owner = ' . $id . '');
if ($sqlc->num_rows($result)) {
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
while ($pet = $sqlc->fetch_assoc($result)) {
$happiness = floor($pet['curhappiness'] / 333000);
if (1 == $happiness) {
$hap_text = 'Content';
$hap_val = 1;
} elseif (2 == $happiness) {
$hap_text = 'Happy';
$hap_val = 2;
} else {
$hap_text = 'Unhappy';
$hap_val = 0;
}
$pet_next_lvl_xp = floor(char_get_xp_to_level($pet['level']) / 4);
$output .= '
<font class="bold">' . $pet['name'] . ' - lvl ' . char_get_level_color($pet['level']) . '
<a style="padding:2px;" onmouseover="toolTip(\'' . $hap_text . '\', \'item_tooltip\')" onmouseout="toolTip()"><img src="img/pet/happiness_' . $hap_val . '.jpg" alt="" /></a>
<br /><br />
</font>
<table class="lined" style="width: 550px;">
<tr>
<td align="right">Exp:</td>
<td valign="top" class="bar skill_bar" style="background-position: ' . (round(385 * $pet['exp'] / $pet_next_lvl_xp) - 385) . 'px;">
<span>' . $pet['exp'] . '/' . $pet_next_lvl_xp . '</span>
</td>
</tr>
<tr>
<td align="right">Pet Abilities:</td>
<td align="left">';
// active = 0 is unused and active = 1 probably some passive auras, i dont know diference between values 129 and 193, need to check mangos source
$ability_results = $sqlc->query('
SELECT spell
FROM pet_spell
WHERE guid = ' . $pet['id'] . ' and active > 1');
if ($sqlc->num_rows($ability_results)) {
while ($ability = $sqlc->fetch_assoc($ability_results)) {
$output .= '
<a style="padding:2px;" href="' . $spell_datasite . $ability['spell'] . '" target="_blank">
<img src="' . spell_get_icon($ability['spell'], $sqlm) . '" alt="' . $ability['spell'] . '" class="icon_border_0" />
</a>';
}
}
$output .= '
</td>
</tr>
</table>
<br /><br />';
}
unset($ability_results);
unset($pet_next_lvl_xp);
unset($happiness);
unset($pet);
}
//.........这里部分代码省略.........
示例8: char_achievements
function char_achievements(&$sqlr, &$sqlc)
{
global $output, $lang_global, $lang_char, $realm_id, $characters_db, $mmfpm_db, $action_permission, $user_lvl, $user_name, $achievement_datasite;
// this page uses wowhead tooltops
wowhead_tt();
//==========================$_GET and SECURE=================================
// id and multi realm security to prevent sql injection
require_once './include/char/include/char_multi_realm_security.php';
$show_type = isset($_POST['show_type']) ? $sqlc->quote_smart($_POST['show_type']) : 0;
if (is_numeric($show_type)) {
} else {
$show_type = 0;
}
//==========================$_GET and SECURE end=============================
// getting character data from database
$result = $sqlc->query('
SELECT account, name, race, class, level, gender
FROM characters
WHERE guid = ' . $id . '
LIMIT 1');
// no point going further if character does not exist
if ($sqlc->num_rows($result)) {
$char = $sqlc->fetch_assoc($result);
// we get user permissions first
$owner_acc_id = $sqlc->result($result, 0, 'account');
$result = $sqlr->query('
SELECT gmlevel, username
FROM account
WHERE id = ' . $char['account'] . '');
$owner_gmlvl = $sqlr->result($result, 0, 'gmlevel');
$owner_name = $sqlr->result($result, 0, 'username');
// check user permission
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
// character sub header
$output .= '
<center>
<div id="tab_content">
<h1>' . $lang_char['achievements'] . '</h1>
<br />';
// character menu tab
require_once './include/char/include/char_header.php';
// character info
require_once './include/char/include/char_info.php';
//---------------Page Specific Data Starts Here--------------------------
$output .= '
<script type="text/javascript">
function expand(thistag)
{
var i = 0;
%%REPLACE%%
if (thistag == \'tsummary\')
{
document.getElementById(\'tsummary\').style.display="table";
document.getElementById(\'divsummary\').innerHTML = \'[-] ' . $lang_char['summary'] . '\' ;
for(x in main_cats)
{
if(document.getElementById(main_cats[x]).style.display=="table")
{
document.getElementById(main_cats[x]).style.display="none";
document.getElementById(main_cats_achieve[x]).style.display="none";
document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x];
}
}
for(x in main_sub_cats)
{
if(document.getElementById(main_sub_cats_achieve[x]).style.display=="table")
{
document.getElementById(main_sub_cats_achieve[x]).style.display="none";
document.getElementById(main_sub_cats_div[x]).innerHTML = \'[+] \' + main_sub_cats_name[x];
}
}
}
else
{
if (document.getElementById(\'tsummary\').style.display="table")
{
document.getElementById(\'tsummary\').style.display="none";
document.getElementById(\'divsummary\').innerHTML = \'[+] ' . $lang_char['summary'] . '\' ;
}
for(x in main_cats)
{
if (main_cats[x] == thistag)
{
i = 1;
}
}
if (i == 1)
{
for(x in main_cats)
{
if (main_cats[x] == thistag)
{
if(document.getElementById(main_cats[x]).style.display=="table")
{
document.getElementById(main_cats[x]).style.display="none";
document.getElementById(main_cats_achieve[x]).style.display="none";
document.getElementById(main_cats_div[x]).innerHTML = \'[+] \' + main_cats_name[x];
document.getElementById(\'tsummary\').style.display="table";
document.getElementById(\'divsummary\').innerHTML = \'[-] ' . $lang_char['summary'] . '\' ;
}
//.........这里部分代码省略.........
示例9: char_extra
function char_extra(&$sqlr, &$sqlc, &$sqlw)
{
global $output, $lang_global, $lang_char, $realm_id, $characters_db, $world_db, $action_permission, $user_lvl, $user_name, $item_datasite;
// this page uses wowhead tooltops
wowhead_tt();
require_once 'core/char/char_security.php';
$result = $sqlc->query('SELECT account, name, race, class, gender, level
FROM characters
WHERE guid = ' . $id . ' LIMIT 1');
if ($sqlc->num_rows($result)) {
$char = $sqlc->fetch_assoc($result);
$owner_acc_id = $sqlc->result($result, 0, 'account');
$result = $sqlr->query('SELECT `username`, `gmlevel` FROM `account` LEFT JOIN `account_access` ON `account`.`id`=`account_access`.`id` WHERE `account`.`id` = ' . $owner_acc_id . ' ORDER BY `gmlevel` DESC LIMIT 1');
$owner_name = $sqlr->result($result, 0, 'username');
$owner_gmlvl = $sqlr->result($result, 0, 'gmlevel');
if (empty($owner_gmlvl)) {
$owner_gmlvl = 0;
}
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
$output .= '
<center>
<div id="tab_content">
<h1>' . $lang_char['extra'] . '</h1>
<br />';
require_once 'core/char/char_header.php';
//---------------Page Specific Data Starts Here--------------------------
$output .= '
<br /><br />
<table class="lined" style="width: 450px;">
<tr>
<th width="15%">' . $lang_char['icon'] . '</th>
<th width="15%">' . $lang_char['quantity'] . '</th>
<th width="70%">' . $lang_char['name'] . '</th>
</tr>';
$sqlw = new SQL();
$sqlw->connect($world_db[$realm_id]['addr'], $world_db[$realm_id]['user'], $world_db[$realm_id]['pass'], $world_db[$realm_id]['name']);
$result = $sqlw->query('SELECT entry, description FROM item_template WHERE BagFamily = 8192');
while ($bag = $sqlw->fetch_assoc($result)) {
$result_2 = $sqlc->query('SELECT guid as item, itemEntry FROM item_instance WHERE owner_guid = ' . $id . ' AND itemEntry = ' . $bag['entry'] . ' ');
while ($char = $sqlc->fetch_assoc($result_2)) {
$result_3 = $sqlc->query('SELECT count AS item FROM item_instance WHERE guid = ' . $char['item'] . ' ');
$items = $sqlc->fetch_row($result_3);
$output .= '
<tr valign="center">
<td>
<a style="padding:2px;" href="' . $item_datasite . $char['itemEntry'] . '" target="_blank">
<img src="' . get_item_icon($char['itemEntry'], $sqlm) . '" alt="' . $char['itemEntry'] . '" class="icon_border_0" />
</a>
</td>
<td>
' . $items['0'] . '
</td>
<td>
<span onmousemove="toolTip(\'' . $bag['description'] . '\', \'item_tooltip\')" onmouseout="toolTip()">' . get_item_name($char['itemEntry'], $sqlw) . '</span>
</td>
</tr>';
}
}
$output .= '
</table>';
unset($bag);
//---------------Page Specific Data Ends Here--------------------------
$output .= '
</div>
</div>
<br />';
require_once 'core/char/char_footer.php';
$output .= '
<br />
</center>';
} else {
error($lang_char['no_permission']);
}
} else {
error($lang_char['no_char_found']);
}
}
示例10: char_talent
function char_talent()
{
global $output, $realm_id, $characters_db, $corem_db, $dbc_db, $server, $action_permission, $site_encoding, $user_lvl, $user_name, $base_datasite, $spell_datasite, $sql, $core;
// this page uses wowhead tooltops
wowhead_tt();
// we need at least an id or we would have nothing to show
if (empty($_GET["id"])) {
error(lang("global", "empty_fields"));
}
// this is multi realm support, as of writing still under development
// this page is already implementing it
if (empty($_GET["realm"])) {
$realmid = $realm_id;
} else {
$realmid = $sql["logon"]->quote_smart($_GET["realm"]);
if (is_numeric($realmid)) {
$sql["char"]->connect($characters_db[$realmid]["addr"], $characters_db[$realmid]["user"], $characters_db[$realmid]["pass"], $characters_db[$realmid]["name"], $characters_db[$realmid]["encoding"]);
} else {
$realmid = $realm_id;
}
}
//-------------------SQL Injection Prevention--------------------------------
// no point going further if we don have a valid ID
$id = $sql["char"]->quote_smart($_GET["id"]);
if (!is_numeric($id)) {
error(lang("global", "empty_fields"));
}
if ($core == 1) {
$result = $sql["char"]->query("SELECT acct, name, race, class, level, gender,\n CAST( SUBSTRING_INDEX(SUBSTRING_INDEX(data, ' ', " . (CHAR_DATA_OFFSET_POINTS1 + 1) . "), ' ', -1) AS UNSIGNED) AS talent_points\n FROM characters WHERE guid='" . $id . "' LIMIT 1");
} else {
$result = $sql["char"]->query("SELECT account AS acct, name, race, class, level, gender\n FROM characters WHERE guid='" . $id . "' LIMIT 1");
}
if ($sql["char"]->num_rows($result)) {
$char = $sql["char"]->fetch_assoc($result);
//resrict by owner's gmlvl
$owner_acc_id = $sql["char"]->result($result, 0, "acct");
if ($core == 1) {
$query = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $owner_acc_id . "'");
} else {
$query = $sql["logon"]->query("SELECT username as login FROM account WHERE id='" . $owner_acc_id . "'");
}
$owner_name = $sql["logon"]->result($query, 0, "login");
$s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='" . $owner_name . "'";
$s_result = $sql["mgr"]->query($s_query);
$s_fields = $sql["mgr"]->fetch_assoc($s_result);
$owner_gmlvl = $s_fields["gm"];
$view_mod = $s_fields["View_Mod_Talent"];
if ($owner_gmlvl >= 1073741824) {
$owner_gmlvl -= 1073741824;
}
// owner configured overrides
$view_override = false;
if ($view_mod > 0) {
if ($view_mod == 1) {
} elseif ($view_mod == 2) {
// only registered users may view this page
if ($user_lvl > -1) {
$view_override = true;
}
}
}
// visibility overrides for specific tabs
$view_inv_override = false;
if ($s_fields["View_Mod_Inv"] > 0) {
if ($s_fields["View_Mod_Inv"] == 1) {
} elseif ($s_fields["View_Mod_Inv"] == 2) {
// only registered users may view this tab
if ($user_lvl > -1) {
$view_inv_override = true;
}
}
} else {
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
$view_inv_override = true;
}
}
$view_achieve_override = false;
if ($s_fields["View_Mod_AcView_Mod_Acieve"] > 0) {
if ($s_fields["View_Mod_Achieve"] == 1) {
} elseif ($s_fields["View_Mod_Achieve"] == 2) {
// only registered users may view this tab
if ($user_lvl > -1) {
$view_achieve_override = true;
}
}
} else {
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
$view_achieve_override = true;
}
}
$view_quest_override = false;
if ($s_fields["View_Mod_Quest"] > 0) {
if ($s_fields["View_Mod_Quest"] == 1) {
} elseif ($s_fields["View_Mod_Quest"] == 2) {
// only registered users may view this tab
if ($user_lvl > -1) {
$view_quest_override = true;
}
}
} else {
//.........这里部分代码省略.........
示例11: char_quest
function char_quest(&$sqlr, &$sqlc)
{
global $output, $lang_global, $lang_char, $realm_id, $world_db, $characters_db, $action_permission, $user_lvl, $user_name, $quest_datasite, $itemperpage;
wowhead_tt();
if (empty($_GET['id'])) {
error($lang_global['empty_fields']);
}
if (empty($_GET['realm'])) {
$realmid = $realm_id;
} else {
$realmid = $sqlr->quote_smart($_GET['realm']);
if (is_numeric($realmid)) {
$sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']);
} else {
$realmid = $realm_id;
}
}
$id = $sqlc->quote_smart($_GET['id']);
if (is_numeric($id)) {
} else {
$id = 0;
}
//==========================$_GET and SECURE=================================
$start = isset($_GET['start']) ? $sqlc->quote_smart($_GET['start']) : 0;
if (is_numeric($start)) {
} else {
$start = 0;
}
$order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : 1;
if (is_numeric($order_by)) {
} else {
$order_by = 1;
}
$dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 0;
if (preg_match('/^[01]{1}$/', $dir)) {
} else {
$dir = 0;
}
$order_dir = $dir ? 'ASC' : 'DESC';
$dir = $dir ? 0 : 1;
//==========================$_GET and SECURE end=============================
$result = $sqlc->query('SELECT account, name, race, class, level, gender
FROM characters WHERE guid = ' . $id . ' LIMIT 1');
if ($sqlc->num_rows($result)) {
$char = $sqlc->fetch_assoc($result);
$owner_acc_id = $sqlc->result($result, 0, 'account');
$result = $sqlr->query('SELECT gmlevel, username FROM account WHERE id = ' . $char['account'] . '');
$owner_gmlvl = $sqlr->result($result, 0, 'gmlevel');
$owner_name = $sqlr->result($result, 0, 'username');
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
$output .= '
<center>
<div id="tab_content">
<div id="tab">
<ul>
<li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li>
<li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['inventory'] . '</a></li>
<li><a href="char_extra.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['extra'] . '</a></li>
' . ($char['level'] < 10 ? '' : '<li><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['talents'] . '</a></li>') . '
<li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['achievements'] . '</a></li>
<li><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['reputation'] . '</a></li>
<li><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['skills'] . '</a></li>';
if (char_get_class_name($char['class']) === 'Hunter') {
$output .= '
<li><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['pets'] . '</a></li>';
}
$output .= '
<li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['friends'] . '</a></li>
<li><a href="char_spell.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['spells'] . '</a></li>
<li><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['mail'] . '</a></li>
</ul>
<ul>';
// selected char tab at last
$output .= '
<li id="selected"><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['quests'] . '</a></li>';
$output .= '
</ul>
</div>
<div id="tab_content2">
<font class="bold">
' . htmlentities($char['name']) . ' -
<img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif"
onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />
<img src="img/c_icons/' . $char['class'] . '.gif"
onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . '
</font>
<br /><br />
<table class="lined" style="width: 550px;">
<tr>
<th width="10%"><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '&start=' . $start . '&order_by=0&dir=' . $dir . '"' . ($order_by == 0 ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['quest_id'] . '</a></th>
<th width="7%"><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '&start=' . $start . '&order_by=1&dir=' . $dir . '"' . ($order_by == 1 ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['quest_level'] . '</a></th>
<th width="78%"><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '&start=' . $start . '&order_by=2&dir=' . $dir . '"' . ($order_by == 2 ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['quest_title'] . '</a></th>
<th width="5%"><img src="img/aff_qst.png" width="14" height="14" border="0" alt="" /></th>
</tr>';
$result = $sqlc->query('SELECT quest, status, rewarded FROM character_queststatus WHERE guid = ' . $id . ' AND ( status = 3 OR status = 1 ) ORDER BY status DESC');
$quests_1 = array();
$quests_3 = array();
if ($sqlc->num_rows($result)) {
while ($quest = $sqlc->fetch_assoc($result)) {
$deplang = get_lang_id();
//.........这里部分代码省略.........
示例12: char_talent
function char_talent(&$sqlr, &$sqlc)
{
global $output, $lang_global, $lang_char, $realm_id, $realm_db, $characters_db, $mmfpm_db, $server, $action_permission, $user_lvl, $user_name, $spell_datasite;
// this page uses wowhead tooltops
wowhead_tt();
// we need at least an id or we would have nothing to show
if (empty($_GET['id'])) {
error($lang_global['empty_fields']);
}
// this is multi realm support, as of writing still under development
// this page is already implementing it
if (empty($_GET['realm'])) {
$realmid = $realm_id;
} else {
$realmid = $sqlr->quote_smart($_GET['realm']);
if (is_numeric($realmid)) {
$sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']);
} else {
$realmid = $realm_id;
}
}
//-------------------SQL Injection Prevention--------------------------------
// no point going further if we don have a valid ID
$id = $sqlc->quote_smart($_GET['id']);
if (is_numeric($id)) {
} else {
error($lang_global['empty_fields']);
}
$result = $sqlc->query('SELECT account, name, race, class, level, gender,
CAST( SUBSTRING_INDEX(SUBSTRING_INDEX(data, " ", ' . (CHAR_DATA_OFFSET_POINTS1 + 1) . '), " ", -1) AS UNSIGNED) AS talent_points
FROM characters WHERE guid = ' . $id . ' LIMIT 1');
if ($sqlc->num_rows($result)) {
$char = $sqlc->fetch_assoc($result);
$owner_acc_id = $sqlc->result($result, 0, 'account');
$result = $sqlr->query('SELECT gmlevel,username FROM account WHERE id = ' . $char['account'] . '');
$owner_gmlvl = $sqlr->result($result, 0, 'gmlevel');
$owner_name = $sqlr->result($result, 0, 'username');
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
$result = $sqlc->query('SELECT spell FROM character_spell WHERE guid = ' . $id . ' and active = 1 and disabled = 0 ORDER BY spell DESC');
$output .= '
<center>
<div id="tab_content">
<div id="tab">
<ul>
<li><a href="char.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['char_sheet'] . '</a></li>
<li><a href="char_inv.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['inventory'] . '</a></li>
<li><a href="char_extra.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['extra'] . '</a></li>
<li><a href="char_achieve.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['achievements'] . '</a></li>
<li><a href="char_rep.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['reputation'] . '</a></li>
<li><a href="char_skill.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['skills'] . '</a></li>
<li><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['quests'] . '</a></li>';
if (char_get_class_name($char['class']) === 'Hunter') {
$output .= '
<li><a href="char_pets.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['pets'] . '</a></li>';
}
$output .= '
<li><a href="char_friends.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['friends'] . '</a></li>
<li><a href="char_spell.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['spells'] . '</a></li>
<li><a href="char_mail.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['mail'] . '</a></li>
</ul>
<ul>';
// selected char tab at last
$output .= '
<li id="selected"><a href="char_talent.php?id=' . $id . '&realm=' . $realmid . '">' . $lang_char['talents'] . '</a></li>';
$output .= '
</ul>
</div>
<div id="tab_content2">
<font class="bold">
' . htmlentities($char['name']) . ' -
<img src="img/c_icons/' . $char['race'] . '-' . $char['gender'] . '.gif"
onmousemove="toolTip(\'' . char_get_race_name($char['race']) . '\', \'item_tooltip\')" onmouseout="toolTip()" alt="" />
<img src="img/c_icons/' . $char['class'] . '.gif"
onmousemove="toolTip(\'' . char_get_class_name($char['class']) . '\',\'item_tooltip\')" onmouseout="toolTip()" alt="" /> - lvl ' . char_get_level_color($char['level']) . '
</font>
<br /><br />
<table class="lined" style="width: 550px;">
<tr valign="top" align="center">';
if ($sqlc->num_rows($result)) {
$talent_rate = isset($server[$realmid]['talent_rate']) ? $server[$realmid]['talent_rate'] : 1;
$talent_points = ($char['level'] - 9) * $talent_rate;
$talent_points_left = $char['talent_points'];
$talent_points_used = $talent_points - $talent_points_left;
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
$tabs = array();
$l = 0;
while (($talent = $sqlc->fetch_assoc($result)) && $l < $talent_points_used) {
if ($tab = $sqlm->fetch_assoc($sqlm->query('SELECT field_1, field_2, field_3, field_13, field_16 from dbc_talent where field_8 = ' . $talent['spell'] . ' LIMIT 1'))) {
if (isset($tabs[$tab['field_1']][$tab['field_2']][$tab['field_3']])) {
$l -= $tabs[$tab['field_1']][$tab['field_2']][$tab['field_3']][1];
}
$tabs[$tab['field_1']][$tab['field_2']][$tab['field_3']] = array($talent['spell'], '5', '5');
$l += 5;
if ($tab['field_13']) {
talent_dependencies($tabs, $tab, $l, $sqlm);
}
} elseif ($tab = $sqlm->fetch_assoc($sqlm->query('SELECT field_1, field_2, field_3, field_13, field_16, field_8 from dbc_talent where field_7 = ' . $talent['spell'] . ' LIMIT 1'))) {
if (isset($tabs[$tab['field_1']][$tab['field_2']][$tab['field_3']])) {
$l -= $tabs[$tab['field_1']][$tab['field_2']][$tab['field_3']][1];
//.........这里部分代码省略.........
示例13: char_quest
function char_quest(&$sqlr, &$sqlc)
{
global $output, $lang_global, $lang_char, $realm_id, $world_db, $characters_db, $action_permission, $user_lvl, $user_name, $quest_datasite, $itemperpage;
wowhead_tt();
require_once 'core/char/char_security.php';
//==========================$_GET and SECURE=================================
$start = isset($_GET['start']) ? $sqlc->quote_smart($_GET['start']) : 0;
if (is_numeric($start)) {
} else {
$start = 0;
}
$order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : 1;
if (is_numeric($order_by)) {
} else {
$order_by = 1;
}
$dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 0;
if (preg_match('/^[01]{1}$/', $dir)) {
} else {
$dir = 0;
}
$order_dir = $dir ? 'ASC' : 'DESC';
$dir = $dir ? 0 : 1;
//==========================$_GET and SECURE end=============================
$result = $sqlc->query('SELECT account, name, race, class, level, gender
FROM characters WHERE guid = ' . $id . ' LIMIT 1');
if ($sqlc->num_rows($result)) {
$char = $sqlc->fetch_assoc($result);
$owner_acc_id = $sqlc->result($result, 0, 'account');
$result = $sqlr->query('SELECT `username`, `gmlevel` FROM `account` LEFT JOIN `account_access` ON `account`.`id`=`account_access`.`id` WHERE `account`.`id` = ' . $owner_acc_id . ' ORDER BY `gmlevel` DESC LIMIT 1');
$owner_name = $sqlr->result($result, 0, 'username');
$owner_gmlvl = $sqlr->result($result, 0, 'gmlevel');
if (empty($owner_gmlvl)) {
$owner_gmlvl = 0;
}
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name) {
$output .= '
<center>
<div id="tab_content">
<h1>' . $lang_char['quests'] . '</h1>
<br />';
require_once 'core/char/char_header.php';
$output .= '
<br /><br />
<table class="lined" style="width: 550px;">
<tr>
<th width="10%"><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '&start=' . $start . '&order_by=0&dir=' . $dir . '"' . ($order_by == 0 ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['quest_id'] . '</a></th>
<th width="7%"><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '&start=' . $start . '&order_by=1&dir=' . $dir . '"' . ($order_by == 1 ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['quest_level'] . '</a></th>
<th width="78%"><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '&start=' . $start . '&order_by=2&dir=' . $dir . '"' . ($order_by == 2 ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['quest_title'] . '</a></th>
<th width="5%"><img src="img/aff_qst.png" width="14" height="14" border="0" alt="" /></th>
</tr>';
$result = $sqlc->query('SELECT quest, status FROM character_queststatus WHERE guid = ' . $id . ' AND ( status = 3 OR status = 1 ) ORDER BY status DESC');
$quests_1 = array();
$quests_3 = array();
if ($sqlc->num_rows($result)) {
while ($quest = $sqlc->fetch_assoc($result)) {
$deplang = get_lang_id();
$query1 = $sqlc->query('SELECT Level, IFNULL(' . ($deplang != 0 ? '`title_loc' . $deplang . '`' : 'NULL') . ', title) as Title FROM `' . $world_db[$realmid]['name'] . '`.`quest_template` LEFT JOIN `' . $world_db[$realmid]['name'] . '`.`locales_quest` ON `quest_template`.`id` = `locales_quest`.`entry` WHERE `quest_template`.`id` = \'' . $quest['quest'] . '\'');
$quest_info = $sqlc->fetch_assoc($query1);
if (1 == $quest['status']) {
array_push($quests_1, array($quest['quest'], $quest_info['QuestLevel'], $quest_info['Title'], $quest['rewarded']));
} else {
array_push($quests_3, array($quest['quest'], $quest_info['QuestLevel'], $quest_info['Title']));
}
}
unset($quest);
unset($quest_info);
aasort($quests_1, $order_by, $dir);
$orderby = $order_by;
if (2 < $orderby) {
$orderby = 1;
}
aasort($quests_3, $orderby, $dir);
$all_record = count($quests_1);
foreach ($quests_3 as $data) {
$output .= '
<tr>
<td>' . $data[0] . '</td>
<td>(' . $data[1] . ')</td>
<td align="left"><a href="' . $quest_datasite . $data[0] . '" target="_blank">' . htmlentities($data[2]) . '</a></td>
<td><img src="img/aff_qst.png" width="14" height="14" alt="" /></td>
</tr>';
}
unset($quest_3);
if (count($quests_1)) {
$output .= '
</table>
<table class="hidden" style="width: 550px;">
<tr align="right">
<td>';
$output .= generate_pagination('char_quest.php?id=' . $id . '&realm=' . $realmid . '&start=' . $start . '&order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1), $all_record, $itemperpage, $start);
$output .= '
</td>
</tr>
</table>
<table class="lined" style="width: 550px;">
<tr>
<th width="10%"><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '&start=' . $start . '&order_by=0&dir=' . $dir . '"' . ($order_by == 0 ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['quest_id'] . '</a></th>
<th width="7%"><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '&start=' . $start . '&order_by=1&dir=' . $dir . '"' . ($order_by == 1 ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['quest_level'] . '</a></th>
<th width="68%"><a href="char_quest.php?id=' . $id . '&realm=' . $realmid . '&start=' . $start . '&order_by=2&dir=' . $dir . '"' . ($order_by == 2 ? ' class="' . $order_dir . '"' : '') . '>' . $lang_char['quest_title'] . '</a></th>
//.........这里部分代码省略.........
示例14: browse_auctions
function browse_auctions(&$sqlr, &$sqlc)
{
global $lang_auctionhouse, $lang_global, $lang_item, $output, $characters_db, $world_db, $realm_id, $itemperpage, $item_datasite, $server, $user_lvl, $user_id;
wowhead_tt();
$red = "\"#DD5047\"";
$blue = "\"#0097CD\"";
$sidecolor = array(1 => $blue, 2 => $red, 3 => $blue, 4 => $blue, 5 => $red, 6 => $red, 7 => $blue, 8 => $red, 10 => $red);
$hiddencols = array(1, 8, 9, 10);
//$sqlc = new SQL;
//$sqlc->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
//==========================$_GET and SECURE=================================
$start = isset($_GET['start']) ? $sqlc->quote_smart($_GET['start']) : 0;
if (is_numeric($start)) {
} else {
$start = 0;
}
$order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : "time";
if (!preg_match("/^[_[:lower:]]{1,15}\$/", $order_by)) {
$order_by = "time";
}
$dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 1;
if (!preg_match("/^[01]{1}\$/", $dir)) {
$dir = 1;
}
$order_dir = $dir ? "ASC" : "DESC";
$dir = $dir ? 0 : 1;
//==========================$_GET and SECURE end=============================
if (!$user_lvl && !$server[$realm_id]['both_factions']) {
$result = $sqlc->query("\n\t\t\tSELECT `race` FROM `characters` \n\t\t\tWHERE `account` = {$user_id} AND `totaltime` = (SELECT MAX(totaltime) \n\t\t\tFROM `characters` WHERE `account` = {$user_id}) LIMIT 1");
if ($sqlc->num_rows($result)) {
$order_side = in_array($sqlc->result($result, 0, 'race'), array(2, 5, 6, 8, 10)) ? " AND `characters`.`race` IN (2,5,6,8,10) " : " AND `characters`.`race` IN (1,3,4,7,11) ";
} else {
$order_side = "";
}
} else {
$order_side = "";
}
//==========================Browse/Search CHECK==============================
$search_by = '';
$search_value = '';
$search_filter = '';
$search_class = -1;
$search_quality = -1;
if (isset($_GET['search_value']) && isset($_GET['search_by']) || isset($_GET['search_class']) || isset($_GET['search_quality'])) {
$search_value = $sqlc->quote_smart($_GET['search_value']);
$search_by = $sqlc->quote_smart($_GET['search_by']);
$search_class = $sqlc->quote_smart($_GET['search_class']);
$search_quality = $sqlc->quote_smart($_GET['search_quality']);
switch ($search_by) {
case "item_name":
if (($search_class >= 0 || $search_quality >= 0) && !isset($search_value)) {
if ($search_class >= 0) {
$search_filter = "AND item_template.class = '{$search_class}'";
}
if ($search_quality >= 0) {
$search_filter = "AND item_template.Quality = '{$search_quality}'";
}
} else {
$item_prefix = "";
if ($search_class >= 0) {
$item_prefix .= "AND item_template.class = '{$search_class}' ";
}
if ($search_quality >= 0) {
$item_prefix .= "AND item_template.Quality = '{$search_quality}' ";
}
$result = $sqlc->query("\n\t\t\t\t\t\tSELECT `entry` \n\t\t\t\t\t\tFROM `" . $world_db[$realm_id]['name'] . "`.`item_template`\n\t\t\t\t\t\tWHERE `name` LIKE '%{$search_value}%' {$item_prefix}");
$search_filter = "AND auction.item_template IN(0";
while ($item = $sqlc->fetch_row($result)) {
$search_filter .= ", {$item['0']}";
}
$search_filter .= ")";
}
break;
case "item_id":
$search_filter = "AND auction.item_template = '{$search_value}'";
break;
case "seller_name":
if (($search_class >= 0 || $search_quality >= 0) && !isset($search_value)) {
if ($search_class >= 0) {
$search_filter = "AND item_template.class = '{$search_class}'";
}
if ($search_quality >= 0) {
$search_filter = "AND item_template.Quality = '{$search_quality}'";
}
} else {
$item_prefix = "";
if ($search_class >= 0) {
$item_prefix .= "AND item_template.class = '{$search_class}' ";
}
if ($search_quality >= 0) {
$item_prefix .= "AND item_template.Quality = '{$search_quality}' ";
}
$result = $sqlc->query("\n\t\t\t\t\t\tSELECT `guid` \n\t\t\t\t\t\tFROM `characters` \n\t\t\t\t\t\tWHERE `name` LIKE '%{$search_value}%'");
$search_filter = $item_prefix;
$search_filter .= "AND auction.itemowner IN(0";
while ($char = $sqlc->fetch_row($result)) {
$search_filter .= ", {$char['0']}";
}
$search_filter .= ")";
$search_filter .= $item_prefix;
//.........这里部分代码省略.........
示例15: char_achievements
function char_achievements()
{
global $output, $logon_db, $site_encoding, $realm_id, $characters_db, $corem_db, $action_permission, $user_lvl, $user_name, $base_datasite, $achievement_datasite, $sql, $core;
// this page uses wowhead tooltops
wowhead_tt();
// we need at least an id or we would have nothing to show
if (empty($_GET["id"])) {
error(lang("global", "empty_fields"));
}
// this is multi realm support, as of writing still under development
// this page is already implementing it
if (empty($_GET["realm"])) {
$realmid = $realm_id;
} else {
$realmid = $sql["logon"]->quote_smart($_GET["realm"]);
if (is_numeric($realmid)) {
$sql["char"]->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name'], $characters_db[$realmid]["encoding"]);
} else {
$realmid = $realm_id;
}
}
//-------------------SQL Injection Prevention--------------------------------
// no point going further if we don have a valid ID
$id = $sql["char"]->quote_smart($_GET["id"]);
if (!is_numeric($id)) {
error(lang("global", "empty_fields"));
}
$show_type = isset($_POST["show_type"]) ? $sql["char"]->quote_smart($_POST["show_type"]) : 0;
if (!is_numeric($show_type)) {
$show_type = 0;
}
// getting character data from database
if ($core == 1) {
$result = $sql["char"]->query("SELECT acct, name, race, class, level, gender\n FROM characters WHERE guid='" . $id . "' LIMIT 1");
} else {
$result = $sql["char"]->query("SELECT account AS acct, name, race, class, level, gender\n FROM characters WHERE guid='" . $id . "' LIMIT 1");
}
// no point going further if character does not exist
if ($sql["char"]->num_rows($result)) {
$char = $sql["char"]->fetch_assoc($result);
// we get user permissions first
$owner_acc_id = $sql["char"]->result($result, 0, 'acct');
if ($core == 1) {
$result = $sql["logon"]->query("SELECT login FROM accounts WHERE acct='" . $char["acct"] . "'");
} else {
$result = $sql["logon"]->query("SELECT username AS login FROM account WHERE id='" . $char["acct"] . "'");
}
$owner_name = $sql["logon"]->result($result, 0, 'login');
$s_query = "SELECT *, SecurityLevel AS gm FROM config_accounts WHERE Login='" . $owner_name . "'";
$s_result = $sql["mgr"]->query($s_query);
$s_fields = $sql["mgr"]->fetch_assoc($s_result);
$owner_gmlvl = $s_fields["gm"];
$view_mod = $s_fields["View_Mod_Achieve"];
if ($owner_gmlvl >= 1073741824) {
$owner_gmlvl -= 1073741824;
}
// owner configured overrides
$view_override = false;
if ($view_mod > 0) {
if ($view_mod == 1) {
} elseif ($view_mod == 2) {
// only registered users may view this page
if ($user_lvl > -1) {
$view_override = true;
}
}
}
// visibility overrides for specific tabs
$view_inv_override = false;
if ($s_fields["View_Mod_Inv"] > 0) {
if ($s_fields["View_Mod_Inv"] == 1) {
} elseif ($s_fields["View_Mod_Inv"] == 2) {
// only registered users may view this tab
if ($user_lvl > -1) {
$view_inv_override = true;
}
}
} else {
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
$view_inv_override = true;
}
}
$view_talent_override = false;
if ($s_fields["View_Mod_Talent"] > 0) {
if ($s_fields["View_Mod_Talent"] == 1) {
} elseif ($s_fields["View_Mod_Talent"] == 2) {
// only registered users may view this tab
if ($user_lvl > -1) {
$view_talent_override = true;
}
}
} else {
if ($user_lvl > $owner_gmlvl || $owner_name === $user_name || $user_lvl == $action_permission["delete"]) {
$view_talent_override = true;
}
}
$view_quest_override = false;
if ($s_fields["View_Mod_Quest"] > 0) {
if ($s_fields["View_Mod_Quest"] == 1) {
} elseif ($s_fields["View_Mod_Quest"] == 2) {
//.........这里部分代码省略.........