本文整理汇总了PHP中SQL::result方法的典型用法代码示例。如果您正苦于以下问题:PHP SQL::result方法的具体用法?PHP SQL::result怎么用?PHP SQL::result使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类SQL
的用法示例。
在下文中一共展示了SQL::result方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: search
function search()
{
global $lang_global, $output, $itemperpage, $item_datasite, $mangos_db, $characters_db, $realm_id, $sql_search_limit;
wowhead_tt();
if (!isset($_GET['search_value']) || !isset($_GET['search_by'])) {
redirect("mail_on.php?error=2");
}
$sql = new SQL();
$sql->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
$search_value = $sql->quote_smart($_GET['search_value']);
$search_by = $sql->quote_smart($_GET['search_by']);
$search_menu = array('sender', 'receiver');
// if (!array_key_exists($search_by, $search_menu)) $search_by = 'sender';
$start = isset($_GET['start']) ? $sql->quote_smart($_GET['start']) : 0;
$order_by = isset($_GET['order_by']) ? $sql->quote_smart($_GET['order_by']) : "id";
$dir = isset($_GET['dir']) ? $sql->quote_smart($_GET['dir']) : 1;
$order_dir = $dir ? "ASC" : "DESC";
$dir = $dir ? 0 : 1;
$temp = $sql->query("SELECT guid FROM `characters` WHERE name like '%{$search_value}%'");
$search_value = $sql->result($temp, 0, 'guid');
$query_1 = $sql->query("SELECT count(*) FROM `mail`");
$query = $sql->query("SELECT a.id, a.messageType, a.sender, a.receiver, a.subject, a.itemTextId, a.has_items, a.money, a.cod, a.checked, b.item_template\r\n FROM mail a\r\n INNER JOIN mail_items b ON a.id = b.mail_id\r\n WHERE {$search_by} = {$search_value}\r\n ORDER BY {$order_by} {$order_dir} LIMIT {$start}, {$itemperpage}");
$this_page = $sql->num_rows($query);
$all_record = $sql->result($query_1, 0);
$total_found = $sql->num_rows($query);
//==========================top page navigation starts here========================
$output .= "<center><table class=\"top_hidden\">\r\n <tr><td>\r\n <table class=\"hidden\">\r\n <tr><td>\r\n <form action=\"mail_on.php\" method=\"get\" name=\"form\">\r\n <input type=\"hidden\" name=\"action\" value=\"search\" />\r\n <input type=\"hidden\" name=\"error\" value=\"4\" />\r\n <input type=\"text\" size=\"45\" name=\"search_value\" />\r\n <select name=\"search_by\">\r\n <option value=\"sender\">Sender</option>\r\n <option value=\"receiver\">Receiver</option>\r\n </select></form></td><td>";
makebutton($lang_global['search'], "javascript:do_submit()", 80);
$output .= "</td></tr></table>\r\n <td align=\"right\">";
$output .= generate_pagination("mail_on.php?action=search&order_by={$order_by}&dir=" . !$dir, $all_record, $itemperpage, $start);
$output .= "</td></tr></table>";
//==========================top page navigation ENDS here ========================
$output .= "<table class=\"lined\">\r\n <tr>\r\n <th width=\"5%\">ID</th>\r\n <th width=\"5%\">Source</th>\r\n <th width=\"10%\">Sender</th>\r\n <th width=\"10%\">Receiver</th>\r\n <th width=\"15%\">Subject</th>\r\n <th width=\"5%\">Has Items</th>\r\n <th width=\"25%\">Text</th>\r\n <th width=\"15%\">Money</th>\r\n <th width=\"5%\">Checked</th>\r\n </tr>";
while ($mail = $sql->fetch_array($query)) {
$g = floor($mail[7] / 10000);
$mail[7] -= $g * 10000;
$s = floor($mail[7] / 100);
$mail[7] -= $s * 100;
$c = $mail[7];
$money = "";
if ($mail[7] > 0) {
$money = $g . "<img src=\"./img/gold.gif\" /> " . $s . "<img src=\"./img/silver.gif\" /> " . $c . "<img src=\"./img/copper.gif\" /> ";
}
$output .= "<tr valign=top>\r\n <td>{$mail['0']}</td>\r\n <td>" . get_mail_source($mail[1]) . "</td>\r\n <td><a href=\"char.php?id={$mail['2']}\">" . get_char_name($mail[2]) . "</a></td>\r\n <td><a href=\"char.php?id={$mail['3']}\">" . get_char_name($mail[3]) . "</a></td>\r\n <td>{$mail['4']}</td>\r\n ";
$output .= "<td>";
$output .= "\r\n <a style=\"padding:2px;\" href=\"{$item_datasite}{$mail[10]}\" target=\"_blank\">\r\n <img class=\"bag_icon\" src=\"" . get_item_icon($mail[10]) . "\" alt=\"\" />\r\n </a>";
//maketooltip("<img src=\"./img/up.gif\" alt=\"\">", $item_datasite{$mail[10]}, $mail[10], "item_tooltip", "target=\"_blank\"");
$output .= "</td>";
$output .= "<td>" . get_mail_text($mail[5]) . "</td>\r\n <td>{$money}</td>\r\n <td>" . get_check_state($mail[9]) . "</td>\r\n </tr>";
}
/*--------------------------------------------------*/
$output .= "<tr><td colspan=\"6\" class=\"hidden\" align=\"right\">All Mails: {$all_record}</td></tr>\r\n </table></center>";
$sql->close();
}
示例2: del_acc
function del_acc($acc_id)
{
global $characters_db, $realm_db, $user_lvl, $user_id, $tab_del_user_realmd, $tab_del_user_char, $tab_del_user_characters, $tab_del_pet;
$del_char = 0;
$sqlc = new SQL();
$sqlr = new SQL();
$sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$query = $sqlr->query('SELECT `account`.`online`, `account_access`.`gmlevel` FROM `account` LEFT JOIN `account_access` ON `account`.`id`=`account_access`.`id` WHERE `account`.`id` = ' . $acc_id . '');
$gmlevel = $sqlr->result($query, 0, 'gmlevel');
if ($user_lvl > $gmlevel || $acc_id == $user_id) {
if ($sqlr->result($query, 0, 'online')) {
} else {
foreach ($characters_db as $db) {
$sqlc->connect($db['addr'], $db['user'], $db['pass'], $db['name']);
$result = $sqlc->query('SELECT guid
FROM characters
WHERE account = ' . $acc_id . '');
while ($row = $sqlc->fetch_assoc($result)) {
//Delete pet aura ,spells and cooldowns
foreach ($tab_del_pet as $value) {
$sqlc->query('DELETE
FROM ' . $value[0] . '
WHERE ' . $value[1] . ' IN
(SELECT id
FROM character_pet
WHERE owner IN
(SELECT guid
FROM characters
WHERE guid = ' . $row['guid'] . '))');
}
foreach ($tab_del_user_characters as $value) {
$sqlc->query('DELETE
FROM ' . $value[0] . '
WHERE ' . $value[1] . ' = ' . $row['guid'] . '');
}
$del_char++;
}
$sqlc->query('DELETE
FROM account_data
WHERE account = ' . $acc_id . '');
}
foreach ($tab_del_user_realmd as $value) {
$sqlr->query('DELETE
FROM ' . $value[0] . '
WHERE ' . $value[1] . ' = ' . $acc_id . '');
}
if ($sqlr->affected_rows()) {
return array(true, $del_char);
}
}
}
return array(false, $del_char);
}
示例3: get_realm_name
function get_realm_name($realm_id)
{
global $realm_db;
$sqlr = new SQL();
$sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$result = $sqlr->query("SELECT name FROM `realmlist` WHERE id = '{$realm_id}'");
$realm_name = $sqlr->result($result, 0);
return $realm_name;
}
示例4: get_char_name
function get_char_name($id)
{
global $characters_db, $realm_id;
if ($id) {
$sqlc = new SQL();
$sqlc->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
$result = $sqlc->query("SELECT `name` FROM `characters` WHERE `guid` = '{$id}'");
$player_name = $sqlc->result($result, 0);
return $player_name;
} else {
return NULL;
}
}
示例5: get_mail_text
function get_mail_text($id)
{
global $characters_db, $realm_id;
if ($id) {
$sqlc = new SQL();
$sqlc->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
$result = $sqlc->query("SELECT `body` FROM `mail` WHERE `id` = '{$id}'");
$text_subject = $sqlc->result($result, 0);
return $text_subject;
} else {
return NULL;
}
}
示例6: search
function search()
{
global $lang_global, $lang_item, $lang_item_edit, $output, $mmfpm_db, $world_db, $realm_id, $action_permission, $user_lvl;
valid_login($action_permission['read']);
$sqlw = new SQL();
$sqlw->connect($world_db[$realm_id]['addr'], $world_db[$realm_id]['user'], $world_db[$realm_id]['pass'], $world_db[$realm_id]['name']);
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
$result = $sqlw->query("SELECT count(*) FROM item_template");
$tot_items = $sqlw->result($result, 0);
$output .= "\n <center>\n <fieldset class=\"full_frame\">\n <legend>{$lang_item_edit['search_item']}</legend><br />\n <form action=\"item.php?action=do_search&error=2\" method=\"post\" name=\"form\">\n <table class=\"hidden\">\n <tr>\n <td align=\"right\">{$lang_item_edit['entry']}:</td>\n <td align=\"right\"><input type=\"text\" size=\"6\" maxlength=\"6\" name=\"entry\" /></td>\n <td align=\"right\">{$lang_item_edit['item_name']}:</td>\n <td align=\"right\" colspan=\"3\"><input type=\"text\" size=\"24\" maxlength=\"35\" name=\"name\" /></td>\n <td align=\"right\">{$lang_item_edit['model_id']}:</td>\n <td align=\"right\"><input type=\"text\" size=\"6\" maxlength=\"6\" name=\"displayid\" /></td>\n </tr>\n <tr>\n <td align=\"right\" width=\"10%\">{$lang_item_edit['class']}:</td>\n <td align=\"right\" width=\"10%\">\n <select name=\"class\">\n <option value=\"-1\">{$lang_item_edit['all']}</option>\n <option value=\"0\">{$lang_item['consumable']}</option>\n <option value=\"1\">{$lang_item['bag']}</option>\n <option value=\"2\">{$lang_item['weapon']}</option>\n <option value=\"4\">{$lang_item['armor']}</option>\n <option value=\"5\">{$lang_item['reagent']}</option>\n <option value=\"6\">{$lang_item['projectile']}</option>\n <option value=\"7\">{$lang_item['trade_goods']}</option>\n <option value=\"9\">{$lang_item['recipe']}</option>\n <option value=\"11\">{$lang_item['quiver']}</option>\n <option value=\"12\">{$lang_item['quest']}</option>\n <option value=\"13\">{$lang_item['key']}</option>\n <option value=\"14\">{$lang_item['permanent']}</option>\n <option value=\"15\">{$lang_item['misc_short']}</option>\n </select>\n </td>\n <td align=\"right\" width=\"10%\">{$lang_item_edit['quality']}:</td>\n <td align=\"right\" width=\"10%\">\n <select name=\"Quality\">\n <option value=\"-1\">{$lang_item_edit['all']}</option>\n <option value=\"0\">{$lang_item['poor']}</option>\n <option value=\"1\">{$lang_item['common']}</option>\n <option value=\"2\">{$lang_item['uncommon']}</option>\n <option value=\"3\">{$lang_item['rare']}</option>\n <option value=\"4\">{$lang_item['epic']}</option>\n <option value=\"5\">{$lang_item['legendary']}</option>\n <option value=\"6\">{$lang_item['artifact']}</option>\n </select>\n </td>\n <td align=\"right\" width=\"10%\">{$lang_item_edit['inv_type']}:</td>\n <td align=\"right\" width=\"10%\">\n <select name=\"InventoryType\">\n <option value=\"-1\">{$lang_item_edit['all']}</option>\n <option value=\"1\">{$lang_item['head']}</option>\n <option value=\"2\">{$lang_item['neck']}</option>\n <option value=\"3\">{$lang_item['shoulder']}</option>\n <option value=\"4\">{$lang_item['shirt']}</option>\n <option value=\"5\">{$lang_item['chest']}</option>\n <option value=\"6\">{$lang_item['belt']}</option>\n <option value=\"7\">{$lang_item['legs']}</option>\n <option value=\"8\">{$lang_item['feet']}</option>\n <option value=\"9\">{$lang_item['belt']}</option>\n <option value=\"10\">{$lang_item['gloves']}</option>\n <option value=\"11\">{$lang_item['finger']}</option>\n <option value=\"12\">{$lang_item['trinket']}</option>\n <option value=\"13\">{$lang_item['one_hand']}</option>\n <option value=\"14\">{$lang_item['off_hand']}</option>\n <option value=\"15\">{$lang_item['bow']}</option>\n <option value=\"16\">{$lang_item['back']}</option>\n <option value=\"17\">{$lang_item['two_hand']}</option>\n <option value=\"18\">{$lang_item['bag']}</option>\n <option value=\"19\">{$lang_item['tabard']}</option>\n <option value=\"20\">{$lang_item['robe']}</option>\n <option value=\"21\">{$lang_item['main_hand']}</option>\n <option value=\"22\">{$lang_item['off_misc']}</option>\n <option value=\"23\">{$lang_item['tome']}</option>\n <option value=\"24\">{$lang_item['projectile']}</option>\n <option value=\"25\">{$lang_item['thrown']}</option>\n <option value=\"26\">{$lang_item['rifle']}</option>\n </select>\n </td>\n <td align=\"right\" width=\"10%\">{$lang_item_edit['req_level']}:</td>\n <td align=\"right\" width=\"10%\"><input type=\"text\" size=\"6\" maxlength=\"3\" name=\"RequiredLevel\" /></td>\n </tr>\n <tr>\n <td align=\"right\">{$lang_item_edit['spell_id']} 1:</td>\n <td align=\"right\"><input type=\"text\" size=\"6\" maxlength=\"6\" name=\"spellid_1\" /></td>\n <td align=\"right\">{$lang_item_edit['spell_id']} 2:</td>\n <td align=\"right\"><input type=\"text\" size=\"6\" maxlength=\"6\" name=\"spellid_2\" /></td>\n <td align=\"right\">{$lang_item_edit['spell_id']} 3:</td>\n <td align=\"right\"><input type=\"text\" size=\"6\" maxlength=\"6\" name=\"spellid_3\" /></td>\n <td align=\"right\">{$lang_item_edit['spell_id']} 4:</td>\n <td align=\"right\"><input type=\"text\" size=\"6\" maxlength=\"6\" name=\"spellid_4\" /></td>\n </tr>\n <tr>\n <td align=\"right\">{$lang_item_edit['item_level']}:</td>\n <td align=\"right\"><input type=\"text\" size=\"6\" maxlength=\"6\" name=\"ItemLevel\" /></td>\n <td align=\"right\">{$lang_item_edit['item_set']}:</td>\n <td align=\"right\" colspan=\"3\">\n <select name=\"itemset\">\n <option value=\"\">{$lang_item_edit['all']}</option>";
$itemset_id = $sqlm->query("SELECT `id`, `field_1` FROM `dbc_itemset`");
while ($set = $sqlm->fetch_row($itemset_id)) {
$output .= "\n <option value=\"{$set[0]}\">({$set['0']}) {$set[1]}</option>";
}
$output .= "\n </select>\n </td>\n <td align=\"right\">{$lang_item_edit['flags']}:</td>\n <td align=\"right\"><input type=\"text\" size=\"6\" maxlength=\"6\" name=\"Flags\" /></td>\n </tr>\n <tr>\n <td align=\"right\">{$lang_item_edit['bonding']}:</td>\n <td align=\"right\" colspan=\"2\">\n <select name=\"bonding\">\n <option value=\"-1\">{$lang_item_edit['all']}</option>\n <option value=\"1\">{$lang_item['bop']}</option>\n <option value=\"2\">{$lang_item['boe']}</option>\n <option value=\"3\">{$lang_item['bou']}</option>\n <option value=\"4\">{$lang_item['quest_item']}</option>\n </select>\n </td>\n <td align=\"right\">{$lang_item_edit['custom_search']}:</td>\n <td align=\"right\" colspan=\"2\"><input type=\"text\" size=\"24\" maxlength=\"512\" name=\"custom_search\" /></td>\n <td align=\"right\" colspan=\"2\">\n </td>\n </tr>\n <tr>\n <td colspan=\"8\">-----------------------------------------------------------------------------------------------------------------------------------------------</td>\n </tr>\n <tr>\n <td align=\"right\"></td>\n <td align=\"right\" colspan=\"4\">";
if ($user_lvl >= $action_permission['insert']) {
makebutton($lang_item_edit['add_new_item'], "item.php?action=add_new&error=3", 130);
}
makebutton($lang_item_edit['search'], "javascript:do_submit()", 130);
$output .= "\n </td>\n <td align=\"right\" colspan=\"2\">{$lang_item_edit['tot_items_in_db']}: {$tot_items}</td>\n <td align=\"right\"></td>\n </tr>\n </table>\n </form>\n </fieldset>\n <br /><br />\n </center>\n";
}
示例7: accounts
function accounts()
{
global $output, $corem_db, $logon_db, $itemperpage, $core;
// we need $core to be set
if ($core == 0) {
$core = detectcore();
}
$sqlm = new SQL();
$sqlm->connect($corem_db["addr"], $corem_db["user"], $corem_db["pass"], $corem_db["name"], $corem_db["encoding"]);
$sqll = new SQL();
$sqll->connect($logon_db["addr"], $logon_db["user"], $logon_db["pass"], $logon_db["name"], $logon_db["encoding"]);
$start = isset($_GET["start"]) ? $sqll->quote_smart($_GET["start"]) : 0;
if (!is_numeric($start)) {
$start = 0;
}
$order_by = isset($_GET["order_by"]) ? $sqll->quote_smart($_GET["order_by"]) : "acct";
if ($order_by == "login") {
if ($core == 1) {
$order_by = "login";
} else {
$order_by = "username";
}
}
$dir = isset($_GET["dir"]) ? $sqll->quote_smart($_GET["dir"]) : 1;
if (!preg_match('/^[01]{1}$/', $dir)) {
$dir = 1;
}
$accts_per_page = isset($_GET["perpage"]) ? $sqll->quote_smart($_GET["perpage"]) : $itemperpage;
if (!is_numeric($accts_per_page)) {
$accts_per_page = $itemperpage;
}
$order_dir = $dir ? "ASC" : "DESC";
$dir = $dir ? 0 : 1;
$search_value = isset($_GET["search_value"]) ? $sqll->quote_smart($_GET["search_value"]) : "";
$search_by = isset($_GET["search_by"]) ? $sqll->quote_smart($_GET["search_by"]) : "";
if ($core == 1) {
$search_menu = array(array("login", "by_name"), array("acct", "by_id"), array("ScreenName", "by_sn"), array("SecurityLevel", "by_sl"), array("WebAdmin", "by_web"));
} else {
$search_menu = array(array("username", "by_name"), array("id", "by_id"), array("ScreenName", "by_sn"), array("SecurityLevel", "by_sl"), array("WebAdmin", "by_web"));
}
$search = "";
if ($search_value != "" && $search_by != "") {
if ($search_by == "WebAdmin") {
$search = "WHERE SecurityLevel>='1073741824'";
} else {
$search = "WHERE " . $search_by . " LIKE '%" . $search_value . "%'";
}
}
if ($core == 1) {
$query = "SELECT *, (SecurityLevel & 1073741824) AS WebAdmin\n FROM accounts\n LEFT JOIN `" . $corem_db["name"] . "`.config_accounts ON accounts.login=`" . $corem_db["name"] . "`.config_accounts.Login COLLATE utf8_general_ci\n " . $search . "\n ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $accts_per_page;
$count_query = "SELECT COUNT(*) FROM accounts\n LEFT JOIN `" . $corem_db["name"] . "`.config_accounts ON accounts.login=`" . $corem_db["name"] . "`.config_accounts.Login COLLATE utf8_general_ci\n " . $search;
} else {
$query = "SELECT *, id AS acct, username AS login, (SecurityLevel & 1073741824) AS WebAdmin\n FROM account\n LEFT JOIN `" . $corem_db["name"] . "`.config_accounts ON account.username=`" . $corem_db["name"] . "`.config_accounts.Login\n " . $search . "\n ORDER BY " . $order_by . " " . $order_dir . " LIMIT " . $start . ", " . $accts_per_page;
$count_query = "SELECT COUNT(*) FROM account\n LEFT JOIN `" . $corem_db["name"] . "`.config_accounts ON account.username=`" . $corem_db["name"] . "`.config_accounts.Login\n " . $search;
}
$result = $sqll->query($query);
$count_result = $sqll->query($count_query);
$all_record = $sqll->result($count_result, 0);
$accounts_action = 0;
if (isset($_GET["editacct"])) {
$accounts_action = "edit";
}
if (!$accounts_action) {
$output .= '
<div class="center" id="admin_accounts_search">
<form action="admin.php" method="get" id="form">
<div>
<input type="hidden" name="section" value="accounts" />
</div>
<table class="hidden" id="admin_accounts_search_table">
<tr>
<td>
<input type="text" size="24" maxlength="50" name="search_value" value="' . $search_value . '" />
</td>
<td>
<select name="search_by">';
foreach ($search_menu as $row) {
$output .= '
<option value="' . $row[0] . '"' . ($search_by === $row[0] ? ' selected="selected"' : '') . '>' . lang("admin", $row[1]) . '</option>';
}
$output .= '
</select>
</td>
<td>
<input type="submit" name="search" value="' . lang("global", "search") . '" />
</td>
</tr>
</table>
</form>';
$output .= '
<a href="admin.php?section=accounts&order_by=' . $order_by . '&start=' . $start . '&dir=' . ($dir ? 0 : 1) . '&perpage=' . $accts_per_page . '">' . lang("admin", "clearsearch") . '</a>
<br />
<br />';
if ($order_by == "username") {
$order_by = "login";
}
$output .= '
<table class="hidden admin_accounts">
<tr>
<td colspan="2" align="left">
//.........这里部分代码省略.........
示例8: browse_teams
function browse_teams()
{
global $lang_arenateam, $lang_global, $output, $realm_db, $characters_db, $realm_id, $itemperpage, $action_permission, $user_lvl, $user_id;
$sqlc = new SQL();
$sqlc->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
//==========================$_GET and SECURE=================================
$start = isset($_GET['start']) ? $sqlc->quote_smart($_GET['start']) : 0;
if (is_numeric($start)) {
} else {
$start = 0;
}
$order_by = isset($_GET['order_by']) ? $sqlc->quote_smart($_GET['order_by']) : "atid";
if (!preg_match("/^[_[:lower:]]{1,17}\$/", $order_by)) {
$order_by = "atid";
}
$dir = isset($_GET['dir']) ? $sqlc->quote_smart($_GET['dir']) : 1;
if (!preg_match("/^[01]{1}\$/", $dir)) {
$dir = 1;
}
$order_dir = $dir ? "ASC" : "DESC";
$dir = $dir ? 0 : 1;
//==========================$_GET and SECURE end=============================
//==========================Browse/Search CHECK==============================
$search_by = '';
$search_value = '';
if (isset($_GET['search_value']) && isset($_GET['search_by'])) {
$search_value = $sqlc->quote_smart($_GET['search_value']);
$search_by = $sqlc->quote_smart($_GET['search_by']);
$search_menu = array('atname', 'leadername', 'atid');
if (!in_array($search_by, $search_menu)) {
$search_by = 'atid';
}
switch ($search_by) {
case "atname":
$query = $sqlc->query("SELECT art.`arenateamid` as atid, art.`name` as atname, art.`captainguid` as lguid, art.`type` as attype, cCaptain.`name` as lname, COUNT(atm.`arenateamid`) as tot_chars, art.`rating` as atrating, art.`seasonGames` as atgames, art.`seasonWins` as atwins FROM `arena_team` art\r\n LEFT JOIN `characters` cCaptain on art.`captainguid` = cCaptain.`guid`\r\n RIGHT JOIN `arena_team_member` atm on atm.`arenateamid` = art.`arenateamid`\r\n WHERE art.`name` LIKE '%{$search_value}%' GROUP BY atid ORDER BY {$order_by} {$order_dir} LIMIT {$start}, {$itemperpage}");
$query_1 = $sqlc->query("SELECT count(*) FROM arena_team WHERE arena_team.name LIKE '%{$search_value}%'");
break;
case "leadername":
$query = $sqlc->query("SELECT art.`arenateamid` as atid, art.`name` as atname, art.`captainguid` as lguid, art.`type` as attype, cCaptain.`name` as lname, COUNT(atm.`arenateamid`) as tot_chars, art.`rating` as atrating, art.`seasonGames` as atgames, art.`seasonWins` as atwins FROM `arena_team` art\r\n LEFT JOIN `characters` cCaptain on art.`captainguid` = cCaptain.`guid`\r\n RIGHT JOIN `arena_team_member` atm on atm.`arenateamid` = art.`arenateamid`\r\n WHERE cCaptain.`name` LIKE '%{$search_value}%' GROUP BY atid ORDER BY {$order_by} {$order_dir} LIMIT {$start}, {$itemperpage}");
$query_1 = $sqlc->query("SELECT count(*) FROM arena_team WHERE arena_team.captainguid in (SELECT guid from characters where name like '%{$search_value}%')");
break;
case "atid":
$query = $sqlc->query("SELECT art.`arenateamid` as atid, art.`name` as atname, art.`captainguid` as lguid, art.`type` as attype, cCaptain.`name` as lname, COUNT(atm.`arenateamid`) as tot_chars, art.`rating` as atrating, art.`seasonGames` as atgames, art.`seasonWins` as atwins, COUNT(cOnlineCount.`guid`) as arenateam_online\r\n FROM `arena_team` art\r\n LEFT JOIN `characters` cCaptain on art.`captainguid` = cCaptain.`guid`\r\n RIGHT JOIN `arena_team_member` atm on atm.`arenateamid` = art.`arenateamid`\r\n LEFT JOIN (SELECT `guid` FROM `characters` WHERE `online` = 1) cOnlineCount on cOnlineCount.`guid` = atm.`guid`\r\n GROUP BY atid ORDER BY {$order_by} {$order_dir} LIMIT {$start}, {$itemperpage}");
$query_1 = $sqlc->query("SELECT count(*) FROM arena_team arena_team.arenateamid ='{$search_value}'");
break;
}
} else {
$query = $sqlc->query("SELECT arena_team.arenateamid AS atid, arena_team.name AS atname, arena_team.captainguid AS lguid, arena_team.type AS attype, (SELECT NAME FROM `characters` WHERE guid = lguid) AS lname,(SELECT COUNT(*) FROM arena_team_member WHERE arenateamid = atid) AS tot_chars, rating AS atrating, seasonGames AS atgames, seasonWins AS atwins, (SELECT COUNT(*) AS GCNT FROM `arena_team_member`, `characters`, `arena_team` WHERE arena_team.arenateamid = atid AND arena_team_member.arenateamid = arena_team.arenateamid AND arena_team_member.guid = characters.guid AND characters.online = 1) AS arenateam_online FROM arena_team ORDER BY {$order_by} {$order_dir} LIMIT {$start}, {$itemperpage}");
$query_1 = $sqlc->query("SELECT count(*) FROM arena_team");
}
$all_record = $sqlc->result($query_1, 0);
unset($query_1);
$this_page = $sqlc->num_rows($query);
//==========================top page navigation starts here====================
$output .= "\r\n <center>\r\n <table class=\"top_hidden\">\r\n <tr>\r\n <td>";
makebutton($lang_global['back'], "javascript:window.history.back()", 130);
$search_by && $search_value ? makebutton($lang_arenateam['arenateams'], "arenateam.php", 130) : ($output .= "");
$output .= "\r\n </td>\r\n </tr>\r\n <tr>\r\n <td>\r\n <table class=\"hidden\">\r\n <tr>\r\n <td>\r\n <form action=\"arenateam.php\" method=\"get\" name=\"form\">\r\n <input type=\"hidden\" name=\"error\" value=\"4\" />\r\n <input type=\"text\" size=\"24\" name=\"search_value\" value=\"{$search_value}\"/>\r\n <select name=\"search_by\">\r\n <option value=\"atname\"" . ($search_by == 'atname' ? " selected=\"selected\"" : "") . ">{$lang_arenateam['by_name']}</option>\r\n <option value=\"leadername\"" . ($search_by == 'leadername' ? " selected=\"selected\"" : "") . ">{$lang_arenateam['by_team_leader']}</option>\r\n <option value=\"atid\"" . ($search_by == 'atid' ? " selected=\"selected\"" : "") . ">{$lang_arenateam['by_id']}</option>\r\n </select>\r\n </form>\r\n </td>\r\n <td>";
makebutton($lang_global['search'], "javascript:do_submit()", 80);
$output .= "\r\n </td>\r\n </tr>\r\n </table>\r\n </td>\r\n <td align=\"right\">";
$output .= generate_pagination("arenateam.php?order_by={$order_by}" . ($search_value && $search_by ? "&search_by={$search_by}&search_value={$search_value}" : "") . "&dir=" . !$dir, $all_record, $itemperpage, $start);
$output .= "\r\n </td>\r\n </tr>\r\n </table>";
//==========================top page navigation ENDS here =====================
$output .= "\r\n <table class=\"lined\">\r\n <tr>\r\n <th width=\"1%\"><a href=\"arenateam.php?order_by=atid&start={$start}" . ($search_value && $search_by ? "&search_by={$search_by}&search_value={$search_value}" : "") . "&dir={$dir}\">" . ($order_by == 'atid' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" /> " : "") . "{$lang_arenateam['id']}</a></th>\r\n <th width=\"1%\"><a href=\"arenateam.php?order_by=atname&start={$start}" . ($search_value && $search_by ? "&search_by={$search_by}&search_value={$search_value}" : "") . "&dir={$dir}\">" . ($order_by == 'atname' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" /> " : "") . "{$lang_arenateam['arenateam_name']}</a></th>\r\n <th width=\"1%\"><a href=\"arenateam.php?order_by=lname&start={$start}" . ($search_value && $search_by ? "&search_by={$search_by}&search_value={$search_value}" : "") . "&dir={$dir}\">" . ($order_by == 'lname' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" /> " : "") . "{$lang_arenateam['captain']}</a></th>\r\n <th width=\"1%\"><a href=\"arenateam.php?order_by=attype&start={$start}" . ($search_value && $search_by ? "&search_by={$search_by}&search_value={$search_value}" : "") . "&dir={$dir}\">" . ($order_by == 'attype' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" /> " : "") . "{$lang_arenateam['type']}</a></th>\r\n <th width=\"1%\"><a href=\"arenateam.php?order_by=tot_chars&start={$start}" . ($search_value && $search_by ? "&search_by={$search_by}&search_value={$search_value}" : "") . "&dir={$dir}\">" . ($order_by == 'tot_chars' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" /> " : "") . "{$lang_arenateam['members']}</a></th>\r\n <th width=\"1%\"><a href=\"arenateam.php?order_by=arenateam_online&start={$start}" . ($search_value && $search_by ? "&search_by={$search_by}&search_value={$search_value}" : "") . "&dir={$dir}\">" . ($order_by == 'arenateam_online' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" /> " : "") . "{$lang_arenateam['arenateam_online']}</a></th>\r\n <th width=\"1%\"><a href=\"arenateam.php?order_by=rating&start={$start}" . ($search_value && $search_by ? "&search_by={$search_by}&search_value={$search_value}" : "") . "&dir={$dir}\">" . ($order_by == 'rating' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" /> " : "") . "{$lang_arenateam['rating']}</a></th>\r\n <th width=\"1%\"><a href=\"arenateam.php?order_by=atgames&start={$start}" . ($search_value && $search_by ? "&search_by={$search_by}&search_value={$search_value}" : "") . "&dir={$dir}\">" . ($order_by == 'atgames' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" /> " : "") . "{$lang_arenateam['games']}</a></th>\r\n <th width=\"1%\"><a href=\"arenateam.php?order_by=atwins&start={$start}" . ($search_value && $search_by ? "&search_by={$search_by}&search_value={$search_value}" : "") . "&dir={$dir}\">" . ($order_by == 'atwins' ? "<img src=\"img/arr_" . ($dir ? "up" : "dw") . ".gif\" /> " : "") . "{$lang_arenateam['wins']}</a></th>\r\n </tr>";
while ($data = $sqlc->fetch_row($query)) {
$gonline = $sqlc->query("SELECT count(*) AS GCNT FROM `arena_team_member`, `characters`, `arena_team` WHERE arena_team.arenateamid = " . $data[0] . " AND arena_team_member.arenateamid = arena_team.arenateamid AND arena_team_member.guid = characters.guid AND characters.online = 1;");
$arenateam_online = $sqlc->result($gonline, "GCNT");
$output .= "\r\n <tr>\r\n <td>{$data['0']}</td>\r\n <td><a href=\"arenateam.php?action=view_team&error=3&id={$data['0']}\">" . htmlentities($data[1]) . "</a></td>\r\n <td><a href=\"char.php?id={$data['2']}\">" . htmlentities($data[4]) . "</a></td>\r\n <td>{$lang_arenateam[$data[3]]}</td>\r\n <td>{$data['5']}</td>\r\n <td>{$arenateam_online}</td>\r\n <td>{$data['6']}</td>\r\n <td>{$data['7']}</td>\r\n <td>{$data['8']}</td>\r\n </tr>";
}
$output .= "\r\n <tr>\r\n <td colspan=\"9\" class=\"hidden\" align=\"right\">{$lang_arenateam['tot_teams']} : {$all_record}</td>\r\n </tr>\r\n </table>\r\n </center>";
}
示例9: do_pass_activate
function do_pass_activate()
{
global $lang_global, $realm_db;
if (empty($_GET['h']) || empty($_GET['p'])) {
redirect("register.php?action=pass_recovery&err=1");
}
$sql = new SQL();
$sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$pass = $sql->quote_smart(trim($_GET['p']));
$hash = $sql->quote_smart($_GET['h']);
$result = $sql->query("SELECT id,username FROM account WHERE sha_pass_hash = '{$hash}'");
if ($sql->num_rows($result) == 1) {
$username = $sql->result($result, 0, 'username');
$id = $sql->result($result, 0, 'id');
if (substr(sha1(strtoupper($sql->result($result, 0, 'username'))), 0, 7) == $pass) {
$sql->query("UPDATE account SET sha_pass_hash=SHA1(CONCAT(UPPER('{$username}'),':',UPPER('{$pass}'))), v=0, s=0 WHERE id = '{$id}'");
redirect("login.php");
}
} else {
redirect("register.php?action=pass_recovery&err=1");
}
redirect("register.php?action=pass_recovery&err=1");
}
示例10: instances
function instances()
{
global $output, $lang_instances, $realm_id, $world_db, $mmfpm_db, $itemperpage;
$sqlw = new SQL();
$sqlw->connect($world_db[$realm_id]['addr'], $world_db[$realm_id]['user'], $world_db[$realm_id]['pass'], $world_db[$realm_id]['name']);
//-------------------SQL Injection Prevention--------------------------------
// this page has multipage support and field ordering, so we need these
$start = isset($_GET['start']) ? $sqlw->quote_smart($_GET['start']) : 0;
if (is_numeric($start)) {
} else {
$start = 0;
}
$order_by = isset($_GET['order_by']) ? $sqlw->quote_smart($_GET['order_by']) : 'levelMin';
if (preg_match('/^[_[:lower:]]{1,11}$/', $order_by)) {
} else {
$order_by = 'levelMin';
}
$dir = isset($_GET['dir']) ? $sqlw->quote_smart($_GET['dir']) : 1;
if (preg_match('/^[01]{1}$/', $dir)) {
} else {
$dir = 1;
}
$order_dir = $dir ? 'ASC' : 'DESC';
$dir = $dir ? 0 : 1;
//-------------------SQL Injection Prevention--------------------------------
// for multipage support
$all_record = $sqlw->result($sqlw->query('SELECT count(*) FROM instance_template'), 0);
// main data that we need for this page, instances
$result = $sqlw->query('
SELECT map, levelMin, levelMax
FROM instance_template
ORDER BY ' . $order_by . ' ' . $order_dir . ' LIMIT ' . $start . ', ' . $itemperpage . ';');
//---------------Page Specific Data Starts Here--------------------------
$output .= '
<center>
<table class="top_hidden">
<tr>
<td width="25%" align="right">';
// multi page links
$output .= $lang_instances['total'] . ' : ' . $all_record . '<br /><br />' . generate_pagination('instances.php?order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1), $all_record, $itemperpage, $start);
// column headers, with links for sorting
$output .= '
</td>
</tr>
</table>
<table class="lined">
<tr>
<th width="20%"><a href="instances.php?order_by=map&start=' . $start . '&dir=' . $dir . '"' . ($order_by === 'map' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_instances['map'] . '</a></th>
<th width="5%"><a href="instances.php?order_by=levelMin&start=' . $start . '&dir=' . $dir . '"' . ($order_by === 'levelMin' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_instances['level_min'] . '</a></th>
<th width="5%"><a href="instances.php?order_by=levelMax&start=' . $start . '&dir=' . $dir . '"' . ($order_by === 'levelMax' ? ' class="' . $order_dir . '"' : '') . '>' . $lang_instances['level_max'] . '</a></th>
<th width="20%">' . $lang_instances['area'] . '</th>
<th width="10%">' . $lang_instances['type'] . '</th>
<th width="5%">' . $lang_instances['expansion'] . '</th>
<th width="5%">' . $lang_instances['ppl'] . '</th>
</tr>';
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
while ($instances = $sqlw->fetch_assoc($result)) {
$output .= '
<tr valign="top">
<td>' . get_map_name($instances['map'], $sqlm) . '</td>
<td>' . char_get_level_color($instances['levelMin']) . '</td>
<td>' . char_get_level_color($instances['levelMax']) . '</td>
<td>' . get_map_zone($instances['map'], $sqlm) . '</td>
<td>' . get_map_type($instances['map'], $sqlm) . '</td>
<td>' . get_map_exp($instances['map'], $sqlm) . '</td>
<td>' . get_map_ppl($instances['map'], $sqlm) . '</td>
</tr>';
}
unset($reset);
unset($hours);
unset($days);
unset($instances);
unset($result);
$output .= '
</table>
<table class="top_hidden">
<tr>
<td width="25%" align="right">';
// multi page links
$output .= $lang_instances['total'] . ' : ' . $all_record . '<br /><br />' . generate_pagination('instances.php?order_by=' . $order_by . '&dir=' . ($dir ? 0 : 1), $all_record, $itemperpage, $start);
unset($start);
$output .= '
</td>
</tr>
</table>
</center>';
}
示例11: do_add_entry
function do_add_entry()
{
global $realm_db, $user_name, $output, $action_permission, $user_lvl;
valid_login($action_permission['insert']);
if (empty($_GET['ban_type']) || empty($_GET['entry']) || empty($_GET['bantime'])) {
redirect("banned.php?error=1&action=add_entry");
}
$sqlr = new SQL();
$sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$ban_type = $sqlr->quote_smart($_GET['ban_type']);
$entry = $sqlr->quote_smart($_GET['entry']);
if ($ban_type == "account_banned") {
$result1 = $sqlr->query("SELECT id FROM account WHERE username ='{$entry}'");
if (!$sqlr->num_rows($result1)) {
redirect("banned.php?error=4&action=add_entry");
} else {
$entry = $sqlr->result($result1, 0, 'id');
}
}
$bantime = time() + 3600 * $sqlr->quote_smart($_GET['bantime']);
$banreason = isset($_GET['banreason']) && $_GET['banreason'] != '' ? $sqlr->quote_smart($_GET['banreason']) : "none";
if ($ban_type === "account_banned") {
$result = $sqlr->query("SELECT count(*) FROM account_banned WHERE id = '{$entry}'");
if (!$sqlr->result($result, 0)) {
$sqlr->query("INSERT INTO account_banned (id, bandate, unbandate, bannedby, banreason, active)\r\n VALUES ('{$entry}'," . time() . ",{$bantime},'{$user_name}','{$banreason}', 1)");
}
} else {
$sqlr->query("INSERT INTO ip_banned (ip, bandate, unbandate, bannedby, banreason)\r\n VALUES ('{$entry}'," . time() . ",{$bantime},'{$user_name}','{$banreason}')");
}
if ($sqlr->affected_rows()) {
redirect("banned.php?error=3&ban_type={$ban_type}");
} else {
redirect("banned.php?error=2&ban_type={$ban_type}");
}
}
示例12: doupdate_referral
function doupdate_referral($referredby, $user_id)
{
global $realm_db, $mmfpm_db;
$sqlr = new SQL();
$sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
if (NULL == $sqlm->result($sqlm->query('
SELECT InviterAccount
FROM mm_point_system_invites
WHERE PlayersAccount = \'' . $user_id . '\''), 'InviterAccount')) {
$referred_by = $sqlr->result($sqlr->query('
SELECT id
FROM account
WHERE username = \'' . $referredby . '\''), 'id');
if ($referred_by == NULL) {
} else {
if ($referred_by == $user_id) {
} else {
$sqlm->query('
INSERT INTO mm_point_system_invites
(PlayersAccount, InviterAccount)
VALUES
(\'' . $user_id . '\', \'' . $referred_by . '\')');
return true;
}
}
}
return false;
}
示例13: spell_get_icon
function spell_get_icon($auraid, &$sqlm = 0)
{
global $mmfpm_db, $proxy_cfg, $get_icons_from_web, $item_icons;
// not all functions that call this function will pass reference to existing SQL links
// so we need to check and overload when needed
if (empty($sqlm)) {
$sqlm = new SQL();
$sqlm->connect($mmfpm_db['addr'], $mmfpm_db['user'], $mmfpm_db['pass'], $mmfpm_db['name']);
}
$result = $sqlm->query('
SELECT field_133
FROM dbc_spell WHERE id = ' . $auraid . '
LIMIT 1');
if ($result) {
$displayid = $sqlm->result($result, 0);
} else {
$displayid = 0;
}
if ($displayid) {
$result = $sqlm->query('
SELECT name
FROM dbc_spellicon
WHERE id = ' . $displayid . ' LIMIT 1');
if ($result) {
$aura_uppercase = $sqlm->result($result, 0);
$aura = strtolower($aura_uppercase);
if ($aura) {
if (file_exists('' . $item_icons . '/' . $aura . '.jpg')) {
if (filesize('' . $item_icons . '/' . $aura . '.jpg') > 349) {
return '' . $item_icons . '/' . $aura . '.jpg';
} else {
$sqlm->query('
DELETE FROM dbc_spellicon
WHERE id = ' . $displayid . '');
if (file_exists('' . $item_icons . '/' . $aura . '.jpg')) {
unlink('' . $item_icons . '/' . $aura . '.jpg');
}
$aura = '';
}
} else {
$aura = '';
}
} else {
$aura = '';
}
} else {
$aura = '';
}
} else {
$aura = '';
}
if ($get_icons_from_web) {
$xmlfilepath = 'http://www.wowhead.com/spell=';
$proxy = $proxy_cfg['addr'];
$port = $proxy_cfg['port'];
if (empty($proxy_cfg['addr'])) {
$proxy = 'www.wowhead.com';
$xmlfilepath = 'spell=';
$port = 80;
}
if ($aura == '') {
//get the icon name
$fp = @fsockopen($proxy, $port, $errno, $errstr, 0.5);
if (!$fp) {
return 'img/INV/INV_blank_32.gif';
}
$out = "GET /{$xmlfilepath}{$auraid} HTTP/1.0\r\nHost: www.wowhead.com\r\n";
if (!empty($proxy_cfg['user'])) {
$out .= "Proxy-Authorization: Basic " . base64_encode("{$proxy_cfg['user']}:{$proxy_cfg['pass']}") . "\r\n";
}
$out .= "Connection: Close\r\n\r\n";
$temp = '';
fwrite($fp, $out);
while ($fp && !feof($fp)) {
$temp .= fgets($fp, 4096);
}
fclose($fp);
$wowhead_string = $temp;
$temp_string1 = strstr($wowhead_string, 'Icon.create(');
$temp_string2 = substr($temp_string1, 12, 50);
$temp_string3 = strtok($temp_string2, ',');
$temp_string4 = substr($temp_string3, 1, strlen($temp_string3) - 2);
$aura_icon_name = $temp_string4;
$aura_uppercase = $aura_icon_name;
$aura = strtolower($aura_uppercase);
}
if (file_exists('' . $item_icons . '/' . $aura . '.jpg')) {
if (filesize('' . $item_icons . '/' . $aura . '.jpg') > 349) {
$sqlm->query('
REPLACE INTO dbc_spellicon
(id, name)
VALUES
(\'' . $displayid . '\', \'' . $aura . '\')');
return '' . $item_icons . '/' . $aura . '.jpg';
} else {
$sqlm->query('
DELETE FROM dbc_spellicon
WHERE id = ' . $displayid . '');
if (file_exists('' . $item_icons . '/' . $aura . '.jpg')) {
unlink('' . $item_icons . '/' . $aura . '.jpg');
//.........这里部分代码省略.........
示例14: doedit_user
function doedit_user()
{
global $lang_global, $realm_db, $mmfpm_db, $user_lvl, $user_name, $action_permission;
valid_login($action_permission['update']);
if ((!isset($_POST['pass']) || $_POST['pass'] === '') && (!isset($_POST['mail']) || $_POST['mail'] === '') && (!isset($_POST['expansion']) || $_POST['expansion'] === '') && (!isset($_POST['referredby']) || $_POST['referredby'] === '')) {
redirect("user.php?action=edit_user&&id={$_POST['id']}&error=1");
}
$sqlr = new SQL();
$sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
$id = $sqlr->quote_smart($_POST['id']);
$username = $sqlr->quote_smart($_POST['username']);
$banreason = $sqlr->quote_smart($_POST['banreason']);
$pass = $sqlr->quote_smart($_POST['pass']);
$user_pass_change = $pass != sha1(strtoupper($username) . ":******") ? "username='{$username}',sha_pass_hash='{$pass}'," : "";
$mail = isset($_POST['mail']) && $_POST['mail'] != '' ? $sqlr->quote_smart($_POST['mail']) : "";
$failed = isset($_POST['failed']) ? $sqlr->quote_smart($_POST['failed']) : 0;
$gmlevel = isset($_POST['gmlevel']) ? $sqlr->quote_smart($_POST['gmlevel']) : 0;
$expansion = isset($_POST['expansion']) ? $sqlr->quote_smart($_POST['expansion']) : 1;
$banned = isset($_POST['banned']) ? $sqlr->quote_smart($_POST['banned']) : 0;
$locked = isset($_POST['locked']) ? $sqlr->quote_smart($_POST['locked']) : 0;
$referredby = $sqlr->quote_smart(trim($_POST['referredby']));
//make sure username/pass at least 4 chars long and less than max
if (strlen($username) < 4 || strlen($username) > 15) {
redirect("user.php?action=edit_user&id={$id}&error=8");
}
if ($gmlevel >= $user_lvl) {
redirect("user.php?action=edit_user&&id={$_POST['id']}&error=16");
}
require_once "libs/valid_lib.php";
if (!valid_alphabetic($username)) {
redirect("user.php?action=edit_user&error=9&id={$id}");
}
//restricting accsess to lower gmlvl
$result = $sqlr->query("SELECT gmlevel,username FROM account WHERE id = '{$id}'");
if ($user_lvl <= $sqlr->result($result, 0, 'gmlevel') && $user_name != $sqlr->result($result, 0, 'username')) {
redirect("user.php?error=14");
}
if (!$banned) {
$sqlr->query("DELETE FROM account_banned WHERE id='{$id}'");
} else {
$result = $sqlr->query("SELECT count(*) FROM account_banned WHERE id = '{$id}'");
if (!$sqlr->result($result, 0)) {
$sqlr->query("INSERT INTO account_banned (id, bandate, unbandate, bannedby, banreason, active)\r\n VALUES ({$id}, " . time() . "," . (time() + 365 * 24 * 3600) . ",'{$user_name}','{$banreason}', 1)");
}
}
$sqlr->query("UPDATE account SET email='{$mail}', {$user_pass_change} v=0,s=0,failed_logins='{$failed}',locked='{$locked}',expansion='{$expansion}' WHERE id='{$id}'");
$sqlr->query("UPDATE account SET gmlevel='{$gmlevel}' WHERE id='{$id}'");
if (doupdate_referral($referredby, $id) || $sqlr->affected_rows()) {
redirect("user.php?action=edit_user&error=13&id={$id}");
} else {
redirect("user.php?action=edit_user&error=12&id={$id}");
}
}
示例15: del_guild
function del_guild()
{
global $lang_guild, $lang_global, $output, $characters_db, $realm_id, $realm_db, $action_permission, $user_lvl, $user_id;
$sqlr = new SQL();
$sqlr->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
if (empty($_GET['realm'])) {
$realmid = $realm_id;
} else {
$realmid = $sqlr->quote_smart($_GET['realm']);
if (!is_numeric($realmid)) {
$realmid = $realm_id;
}
}
if (isset($_GET['id'])) {
$id = $_GET['id'];
} else {
redirect("guild.php?error=1&realm={$realmid}");
}
if (is_numeric($id)) {
} else {
redirect("guild.php?error=5&realm={$realmid}");
}
$sqlc = new SQL();
$sqlc->connect($characters_db[$realmid]['addr'], $characters_db[$realmid]['user'], $characters_db[$realmid]['pass'], $characters_db[$realmid]['name']);
$q_amIguildleader = $sqlc->query("select 1 from guild where guildid = '{$id}' and leaderguid in (select guid from characters where account = '{$user_id}')");
$amIguildleader = $sqlc->result($q_amIguildleader, 0, '1');
if ($user_lvl < $action_permission['delete'] && !$amIguildleader) {
redirect("guild.php?error=6&realm={$realmid}");
}
$output .= "\r\n <center>\r\n <h1><font class=\"error\">{$lang_global['are_you_sure']}</font></h1>\r\n <br />\r\n <font class=\"bold\">{$lang_guild['guild_id']}: {$id} {$lang_global['will_be_erased']}</font>\r\n <br /><br />\r\n <form action=\"cleanup.php?action=docleanup\" method=\"post\" name=\"form\">\r\n <input type=\"hidden\" name=\"type\" value=\"guild\" />\r\n <input type=\"hidden\" name=\"check\" value=\"-{$id}\" />\r\n <input type=\"hidden\" name=\"override\" value=\"1\" />\r\n <table class=\"hidden\">\r\n <tr>\r\n <td>";
makebutton($lang_global['yes'], "javascript:do_submit()\" type=\"wrn", 130);
$output .= "\r\n </td>\r\n <td>";
makebutton($lang_global['no'], "guild.php?action=view_guild&realm={$realmid}&id={$id}\" type=\"def", 130);
$output .= '
</td>
</tr>
</table>
</form>
</center>
<br />';
}