Context Navigation

source: minimanager/user.php@ 19

Last change on this file since 19 was 19, checked in by george, 18 years ago
Aktualizace MaNGOS Minimanageru na verzi 0.1.4a.
File size: 39.3 KB

Line
1	<?php
2	/*
3	* Project Name: MiniManager for Mangos Server
4	* Date: 17.10.2006 inital version (0.0.1a)
5	* Author: Q.SA
6	* Copyright: Q.SA
7	* Email: *****
8	* License: GNU General Public License v2(GPL)
9	*/
10
11	require_once("header.php");
12	valid_login(1);
13	require_once("scripts/id_tab.php");
14
15	//########################################################################################################################
16	// BROWSE USERS
17	//########################################################################################################################
18	function browse_users() {
19	global $lang_global, $lang_user, $output, $realm_db, $itemperpage, $user_lvl, $user_name, $gm_level_arr;
20
21	$sql = new SQL;
22	$sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
23
24	$start = (isset($_GET['start'])) ? $sql->quote_smart($_GET['start']) : 0;
25	$order_by = (isset($_GET['order_by'])) ? $sql->quote_smart($_GET['order_by']) : "id";
26
27	$dir = (isset($_GET['dir'])) ? $sql->quote_smart($_GET['dir']) : 1;
28	$order_dir = ($dir) ? "ASC" : "DESC";
29	$dir = ($dir) ? 0 : 1;
30
31	//get total number of items
32	$query_1 = $sql->query("SELECT count(*) FROM account");
33	$all_record = $sql->result($query_1,0);
34
35	$query = $sql->query("SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online
36	FROM account ORDER BY $order_by $order_dir LIMIT $start, $itemperpage");
37	$this_page = $sql->num_rows($query);
38
39	//==========================top tage navigaion starts here========================
40	$output .="<script type=\"text/javascript\" src=\"js/check.js\"></script>
41	<center><table class=\"top_hidden\">
42	<tr><td>";
43	makebutton($lang_user['add_acc'], "user.php?action=add_new", 124);
44	makebutton($lang_user['cleanup'], "cleanup.php", 122);
45	makebutton($lang_user['backup'], "backup.php", 122);
46	makebutton($lang_global['back'], "javascript:window.history.back()", 122);
47	$output .= " </td><td align=\"right\" width=\"25%\" rowspan=\"2\">";
48	$output .= generate_pagination("user.php?action=brows_user&order_by=$order_by&dir=".!$dir, $all_record, $itemperpage, $start);
49	$output .= "</td></tr>
50	<tr align=\"left\"><td>
51	<table class=\"hidden\">
52	<tr><td>
53	<form action=\"user.php\" method=\"get\" name=\"form\">
54	<input type=\"hidden\" name=\"action\" value=\"search\" />
55	<input type=\"hidden\" name=\"error\" value=\"3\" />
56	<input type=\"text\" size=\"42\" maxlength=\"50\" name=\"search_value\" />
57	<select name=\"search_by\">
58	<option value=\"username\">{$lang_user['by_name']}</option>
59	<option value=\"id\">{$lang_user['by_id']}</option>
60	<option value=\"gmlevel\">{$lang_user['by_gm_level']}</option>
61	<option value=\"greater_gmlevel\">{$lang_user['greater_gm_level']}</option>
62	<option value=\"email\">{$lang_user['by_email']}</option>
63	<option value=\"joindate\">{$lang_user['by_join_date']}</option>
64	<option value=\"last_ip\">{$lang_user['by_ip']}</option>
65	<option value=\"failed_logins\">{$lang_user['by_failed_loggins']}</option>
66	<option value=\"last_login\">{$lang_user['by_last_login']}</option>
67	<option value=\"online\">{$lang_user['by_online']}</option>
68	<option value=\"banned\">{$lang_user['by_banned']}</option>
69	<option value=\"locked\">{$lang_user['by_locked']}</option>
70	<option value=\"tbc\">{$lang_user['by_tbc']}</option>
71	</select></form></td>
72	<td>";
73	makebutton($lang_global['search'], "javascript:do_submit()",80);
74	$output .= "</td></tr></table>
75	</td></tr></table>";
76	//==========================top tage navigaion ENDS here ========================
77
78	$output .= "<form method=\"get\" action=\"user.php\" name=\"form1\">
79	<input type=\"hidden\" name=\"action\" value=\"del_user\" />
80	<input type=\"hidden\" name=\"start\" value=\"$start\" />
81	<input type=\"hidden\" name=\"backup_op\" value=\"0\"/>
82	<table class=\"lined\">
83	<tr>
84	<th width=\"1%\"><input name=\"allbox\" type=\"checkbox\" value=\"Check All\" onclick=\"CheckAll(document.form1);\" /></th>
85	<th width=\"5%\"><a href=\"user.php?order_by=id&start=$start&dir=$dir\">".($order_by=='id' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['id']}</a></th>
86	<th width=\"23%\"><a href=\"user.php?order_by=username&start=$start&dir=$dir\">".($order_by=='username' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['username']}</a></th>
87	<th width=\"5%\"><a href=\"user.php?order_by=gmlevel&start=$start&dir=$dir\">".($order_by=='gmlevel' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['gm_level']}</a></th>
88	<th width=\"17%\"><a href=\"user.php?order_by=email&start=$start&dir=$dir\">".($order_by=='email' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['email']}</a></th>
89	<th width=\"14%\"><a href=\"user.php?order_by=joindate&start=$start&dir=$dir\">".($order_by=='joindate' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['join_date']}</a></th>
90	<th width=\"10%\"><a href=\"user.php?order_by=last_ip&start=$start&dir=$dir\">".($order_by=='last_ip' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['ip']}</a></th>
91	<th width=\"5%\"><a href=\"user.php?order_by=failed_logins&start=$start&dir=$dir\">".($order_by=='failed_logins' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['failed_logins']}</a></th>
92	<th width=\"3%\"><a href=\"user.php?order_by=locked&start=$start&dir=$dir\">".($order_by=='locked' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['locked']}</a></th>
93	<th width=\"14%\"><a href=\"user.php?order_by=last_login&start=$start&dir=$dir\">".($order_by=='last_login' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['last_login']}</a></th>
94	<th width=\"3%\"><a href=\"user.php?order_by=online&start=$start&dir=$dir\">".($order_by=='online' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['online']}</a></th>
95	</tr>";
96
97	while ($data = $sql->fetch_row($query)){
98
99	if (($user_lvl >= $data[2])\|\|($user_name == $data[1])){
100	$output .= "<tr>";
101	if ($user_lvl > $data[2]) $output .= "<td><input type=\"checkbox\" name=\"check[]\" value=\"$data[0]\" onclick=\"CheckCheckAll(document.form1);\" /></td>";
102	else $output .= "<td></td>";
103	$output .= "<td>$data[0]</td>
104	<td><a href=\"user.php?action=edit_user&error=11&id=$data[0]\">$data[1]</a></td>
105	<td>".$gm_level_arr[$data[2]][2]."</td>
106	<td><a href=\"mailto:$data[3]\">".substr($data[3],0,15)."</a></td>
107	<td class=\"small\">$data[4]</td>";
108	if (($user_lvl > $data[2])\|\|($user_name == $data[1])) $output .= "<td>$data[5]</td>";
109	else $output .= "<td>******</td>";
110	$output .= "<td>".(($data[6]) ? $data[6] : "-")."</td>
111	<td>".(($data[7]) ? $lang_global['yes_low'] : "-")."</td>
112	<td class=\"small\">$data[8]</td>
113	<td>".(($data[9]) ? "<img src=\"img/up.gif\" alt=\"\" />" : "-")."</td>
114	</tr>";
115	} else {
116	$output .= "<tr><td></td><td>**</td><td>You</td><td>Have</td><td>No</td>
117	<td class=\"small\">Permission</td><td>to</td><td>View</td><td>this</td><td>Data</td><td>*</td></tr>";
118	}
119	}
120	$output .= "<tr><td colspan=\"12\" class=\"hidden\"><br /></td></tr>
121	<tr>
122	<td colspan=\"8\" align=\"left\" class=\"hidden\">";
123	makebutton($lang_user['del_selected_users'], "javascript:do_submit('form1',0)",220);
124	makebutton($lang_user['backup_selected_users'], "javascript:do_submit('form1',1)",220);
125	$output .= "</td>
126	<td colspan=\"4\" align=\"right\" class=\"hidden\">{$lang_user['tot_acc']} : $all_record</td>
127	</tr>
128	</table></form><br /></center>";
129
130	$sql->close();
131	}
132
133
134	//#######################################################################################################
135	// SEARCH
136	//#######################################################################################################
137	function search() {
138	global $lang_global, $lang_user, $output, $realm_db, $user_lvl, $user_name, $sql_search_limit, $gm_level_arr;
139
140	if(!isset($_GET['search_value']) \|\| !isset($_GET['search_by'])) redirect("user.php?error=2");
141
142	$sql = new SQL;
143	$sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
144
145	$search_value = $sql->quote_smart($_GET['search_value']);
146	$search_by = $sql->quote_smart($_GET['search_by']);
147
148	$order_by = (isset($_GET['order_by'])) ? $sql->quote_smart($_GET['order_by']) : "id";
149	$dir = (isset($_GET['dir'])) ? $sql->quote_smart($_GET['dir']) : 1;
150	$order_dir = ($dir) ? "ASC" : "DESC";
151	$dir = ($dir) ? 0 : 1;
152
153	switch ($search_by){
154
155	case "greater_gmlevel":
156	$sql_query = "SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online
157	FROM account WHERE gmlevel > $search_value ORDER BY $order_by $order_dir LIMIT $sql_search_limit";
158	break;
159
160	case "banned":
161	$sql_query = "SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online
162	FROM account WHERE id = 0 ";
163	$que = $sql->query("SELECT id FROM account_banned");
164	while ($banned = $sql->fetch_row($que)) $sql_query .= "OR id =$banned[0] ";
165	$sql_query .= " ORDER BY $order_by $order_dir LIMIT $sql_search_limit";
166	break;
167
168	case "failed_logins":
169	$sql_query = "SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online
170	FROM account WHERE failed_logins > $search_value ORDER BY $order_by $order_dir LIMIT $sql_search_limit";
171	break;
172
173	default:
174	$sql_query = "SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online
175	FROM account WHERE $search_by LIKE '%$search_value%' ORDER BY $order_by $order_dir LIMIT $sql_search_limit";
176	}
177
178	$query = $sql->query($sql_query);
179	$total_found = $sql->num_rows($query);
180
181	//==========================top tage navigaion starts here========================
182	$output .= "<script type=\"text/javascript\" src=\"js/check.js\"></script>
183	<center><table class=\"top_hidden\">
184	<td align=\"left\">";
185	makebutton($lang_user['user_list'], "user.php", 120);
186	makebutton($lang_global['back'], "javascript:window.history.back()", 120);
187
188	$output .= "</td><td><form action=\"user.php\" method=\"get\" name=\"form\">
189	<input type=\"hidden\" name=\"action\" value=\"search\" />
190	<input type=\"text\" size=\"32\" maxlength=\"50\" name=\"search_value\" />
191	<select name=\"search_by\">
192	<option value=\"username\">{$lang_user['by_name']}</option>
193	<option value=\"id\">{$lang_user['by_id']}</option>
194	<option value=\"gmlevel\">{$lang_user['by_gm_level']}</option>
195	<option value=\"greater_gmlevel\">{$lang_user['greater_gm_level']}</option>
196	<option value=\"email\">{$lang_user['by_email']}</option>
197	<option value=\"joindate\">{$lang_user['by_join_date']}</option>
198	<option value=\"last_ip\">{$lang_user['by_ip']}</option>
199	<option value=\"failed_logins\">{$lang_user['by_failed_loggins']}</option>
200	<option value=\"last_login\">{$lang_user['by_last_login']}</option>
201	<option value=\"online\">{$lang_user['by_online']}</option>
202	<option value=\"banned\">{$lang_user['by_banned']}</option>
203	<option value=\"locked\">{$lang_user['by_locked']}</option>
204	<option value=\"tbc\">{$lang_user['by_tbc']}</option>
205	</select></form></td><td>";
206	makebutton($lang_global['search'], "javascript:do_submit()",80);
207	$output .= "</td></tr>
208	</table>";
209	//==========================top tage navigaion ENDS here ========================
210
211	$output .= "<form method=\"get\" action=\"user.php\" name=\"form1\">
212	<input type=\"hidden\" name=\"action\" value=\"del_user\" />
213	<input type=\"hidden\" name=\"backup_op\" value=\"0\"/>
214	<table class=\"lined\">
215	<tr>
216	<th width=\"1%\"><input name=\"allbox\" type=\"checkbox\" value=\"Check All\" onclick=\"CheckAll(document.form1);\" /></th>
217	<th width=\"5%\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=id&dir=$dir\">".($order_by=='id' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['id']}</a></th>
218	<th width=\"23%\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=username&dir=$dir\">".($order_by=='username' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['username']}</a></th>
219	<th width=\"5%\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=gmlevel&dir=$dir\">".($order_by=='gmlevel' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['gm_level']}</a></th>
220	<th width=\"17%\><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=email&dir=$dir\">".($order_by=='email' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['email']}</a></th>
221	<th width=\"14%\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=joindate&dir=$dir\">".($order_by=='joindate' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['join_date']}</a></th>
222	<th width=\"10%\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=last_ip&dir=$dir\">".($order_by=='last_ip' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['ip']}</a></th>
223	<th width=\"5%\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=failed_logins&dir=$dir\">".($order_by=='failed_logins' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['failed_logins']}</a></th>
224	<th width=\"3%\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=locked&dir=$dir\">".($order_by=='locked' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['locked']}</a></th>
225	<th width=\"14%\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=last_login&dir=$dir\">".($order_by=='last_login' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['last_login']}</a></th>
226	<th width=\"3%\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=online&dir=$dir\">".($order_by=='online' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['online']}</a></th>
227	</tr>";
228
229	while ($data = $sql->fetch_row($query)){
230
231	if (($user_lvl >= $data[2])\|\|($user_name == $data[1])){
232	$output .= "<tr>";
233	if ($user_lvl > $data[2]) $output .= "<td><input type=\"checkbox\" name=\"check[]\" value=\"$data[0]\" onclick=\"CheckCheckAll(document.form1);\" /></td>";
234	else $output .= "<td></td>";
235	$output .= "<td>$data[0]</td>
236	<td><a href=\"user.php?action=edit_user&error=11&id=$data[0]\">$data[1]</a></td>
237	<td>".$gm_level_arr[$data[2]][2]."</td>
238	<td><a href=\"mailto:$data[3]\">".substr($data[3],0,15)."</a></td>
239	<td class=\"small\">$data[4]</td>";
240	if (($user_lvl > $data[2])\|\|($user_name == $data[1])) $output .= "<td>$data[5]</td>";
241	else $output .= "<td>******</td>";
242	$output .= "<td>".(($data[6]) ? $data[6] : "-")."</td>
243	<td>".(($data[7]) ? $lang_global['yes_low'] : "-")."</td>
244	<td class=\"small\">$data[8]</td>
245	<td>".(($data[9]) ? "<img src=\"img/up.gif\" alt=\"\" />" : "-")."</td>
246	</tr>";
247	}else{
248	$output .= "<tr><td></td><td>**</td><td>You</td><td>Have</td><td>No</td>
249	<td class=\"small\">Permission</td><td>to</td><td>View</td><td>this</td><td>Data</td><td>*</td></tr>";
250	}
251	}
252	$output .= "<tr><td colspan=\"12\" class=\"hidden\"><br /></td></tr>
253	<tr>
254	<td colspan=\"8\" align=\"left\" class=\"hidden\">";
255	makebutton($lang_user['del_selected_users'], "javascript:do_submit('form1',0)",220);
256	makebutton($lang_user['backup_selected_users'], "javascript:do_submit('form1',1)",220);
257	$output .= "</td>
258	<td colspan=\"4\" align=\"right\" class=\"hidden\">{$lang_user['tot_found']} : $total_found : {$lang_global['limit']} $sql_search_limit</td>
259	</tr>
260	</table>
261	</form><br /></center>";
262
263	$sql->close();
264	}
265
266
267	//#######################################################################################################
268	// DELETE USER
269	//#######################################################################################################
270	function del_user() {
271	global $lang_global, $lang_user, $output, $realm_db;
272	if(isset($_GET['check'])) $check = $_GET['check'];
273	else redirect("user.php?error=1");
274
275	$pass_array = "";
276
277	//skip to backup
278	if (isset($_GET['backup_op'])&&($_GET['backup_op'] == 1)){
279	for ($i=0; $i<count($check); $i++){
280	$pass_array .= "&check%5B%5D=$check[$i]";
281	}
282	redirect("user.php?action=backup_user$pass_array");
283	}
284
285	$output .= "<center><img src=\"img/warn_red.gif\" width=\"48\" height=\"48\" alt=\"\" />
286	<h1><font class=\"error\">{$lang_global['are_you_sure']}</font></h1><br />
287	<font class=\"bold\">{$lang_user['acc_ids']}: ";
288
289	$sql = new SQL;
290	$sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
291
292	for ($i=0; $i<count($check); $i++){
293	$username = $sql->result($sql->query("SELECT username FROM `account` WHERE id = {$check[$i]}"),0);
294	$output .= "<a href=\"user.php?action=edit_user&id=$check[$i]\" target=\"_blank\">$username, </a>";
295	$pass_array .= "&check%5B%5D=$check[$i]";
296	}
297	$sql->close();
298
299	$output .= "<br />{$lang_global['will_be_erased']}</font><br /><br />
300	<table class=\"hidden\">
301	<tr><td>";
302	makebutton($lang_global['yes'], "user.php?action=dodel_user$pass_array",120);
303	makebutton($lang_global['no'], "user.php",120);
304	$output .= "</td></tr>
305	</table></center><br />";
306
307	}
308
309
310	//#####################################################################################################
311	// DO DELETE USER
312	//#####################################################################################################
313	function dodel_user() {
314	global $lang_global, $lang_user, $output, $realm_db, $mangos_db, $realm_id, $user_lvl,
315	$tab_del_user_mangos, $tab_del_user_realmd;
316
317	$sql = new SQL;
318	$sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
319
320	if(isset($_GET['check'])) $check = $sql->quote_smart($_GET['check']);
321	else redirect("user.php?error=1");
322
323	$deleted_acc = 0;
324	$deleted_chars = 0;
325	require_once("scripts/del_lib.php");
326
327	for ($i=0; $i<count($check); $i++) {
328	if ($check[$i] != "" ) {
329	list($flag,$del_char) = del_acc($check[$i]);
330	if ($flag) {
331	$deleted_acc++;
332	$deleted_chars += $del_char;
333	}
334	}
335	}
336	$sql->close();
337	$output .= "<center>";
338	if ($deleted_acc == 0) $output .= "<h1><font class=\"error\">{$lang_user['no_acc_deleted']}</font></h1>";
339	else {
340	$output .= "<h1><font class=\"error\">{$lang_user['total']} <font color=blue>$deleted_acc</font> {$lang_user['acc_deleted']}</font><br /></h1>";
341	$output .= "<h1><font class=\"error\">{$lang_user['total']} <font color=blue>$deleted_chars</font> {$lang_user['char_deleted']}</font></h1>";
342	}
343	$output .= "<br /><br />";
344	$output .= "<table class=\"hidden\">
345	<tr><td>";
346	makebutton($lang_user['back_browsing'], "user.php", 200);
347	$output .= "</td></tr>
348	</table><br /></center>";
349	}
350
351
352	//#####################################################################################################
353	// DO BACKUP USER
354	//#####################################################################################################
355	function backup_user() {
356	global $lang_global, $lang_user, $output, $realm_db, $mangos_db, $realm_id, $user_lvl,$backup_dir;
357
358	$sql = new SQL;
359	$sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
360
361	if(isset($_GET['check'])) $check = $sql->quote_smart($_GET['check']);
362	else redirect("user.php?error=1");
363
364	require_once("scripts/backup_tab.php");
365	$subdir = "$backup_dir/accounts/".date("m_d_y_H_i_s")."_partial";
366	mkdir($subdir, 0750);
367
368	for ($t=0; $t<count($check); $t++) {
369	if ($check[$t] != "" ) {
370	$sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
371
372	$query = $sql->query("SELECT id FROM account WHERE id = $check[$t]");
373	$acc = $sql->fetch_array($query);
374
375	$file_name_new = $acc[0]."_{$realm_db['name']}.sql";
376	$fp = fopen("$subdir/$file_name_new", 'w') or die (error($lang_backup['file_write_err']));
377
378	fwrite($fp, "CREATE DATABASE /!32312 IF NOT EXISTS/ {$realm_db['name']};\n")or die (error($lang_backup['file_write_err']));
379	fwrite($fp, "USE {$realm_db['name']};\n\n")or die (error($lang_backup['file_write_err']));
380
381	foreach ($tab_backup_user_realmd as $value) {
382	$acc_query = $sql->query("SELECT * FROM $value[0] WHERE $value[1] = $acc[0]");
383	$num_fields = $sql->num_fields($acc_query);
384	$numrow = $sql->num_rows($acc_query);
385
386	$result = "-- Dumping data for $value[0] ".date("m.d.y_H.i.s")."\n";
387	$result .= "LOCK TABLES $value[0] WRITE;\n";
388	$result .= "DELETE FROM $value[0] WHERE $value[1] = $acc[0];\n";
389
390	if ($numrow){
391	$result .= "INSERT INTO $value[0] (";
392
393	for($count = 0; $count < $num_fields; $count++) {
394	$result .= "`".$sql->field_name($acc_query,$count)."`";
395	if ($count < ($num_fields-1)) $result .= ",";
396	}
397	$result .= ") VALUES \n";
398
399	for ($i =0; $i<$numrow; $i++) {
400	$result .= "\t(";
401	$row = $sql->fetch_row($acc_query);
402	for($j=0; $j<$num_fields; $j++) {
403	$row[$j] = addslashes($row[$j]);
404	$row[$j] = ereg_replace("\n","\\n",$row[$j]);
405	if (isset($row[$j])) {
406	if ($sql->field_type($acc_query,$j) == "int") $result .= "$row[$j]";
407	else $result .= "'$row[$j]'" ;
408	}else $result .= "''";
409	if ($j<($num_fields-1)) $result .= ",";
410	}
411	if ($i < ($numrow-1)) $result .= "),\n";
412	}
413	$result .= ");\n";
414	}
415	$result .= "UNLOCK TABLES;\n";
416	$result .= "\n";
417	fwrite($fp, $result)or die (error($lang_backup['file_write_err']));
418	}
419	fclose($fp);
420
421	foreach ($mangos_db as $db){
422	$file_name_new = $acc[0]."_{$db['name']}.sql";
423	$fp = fopen("$subdir/$file_name_new", 'w') or die (error($lang_backup['file_write_err']));
424	fwrite($fp, "CREATE DATABASE /!32312 IF NOT EXISTS/ {$db['name']};\n")or die (error($lang_backup['file_write_err']));
425	fwrite($fp, "USE {$db['name']};\n\n")or die (error($lang_backup['file_write_err']));
426
427	$sql->connect($db['addr'], $db['user'], $db['pass'], $db['name']);
428	$all_char_query = $sql->query("SELECT guid,name FROM `character` WHERE account = $acc[0]");
429
430	while ($char = $sql->fetch_array($all_char_query)){
431	fwrite($fp, "-- Dumping data for character $char[1]\n")or die (error($lang_backup['file_write_err']));
432	foreach ($tab_backup_user_mangos as $value) {
433	$char_query = $sql->query("SELECT * FROM $value[0] WHERE $value[1] = $char[0]");
434	$num_fields = $sql->num_fields($char_query);
435	$numrow = $sql->num_rows($char_query);
436
437	$result = "LOCK TABLES $value[0] WRITE;\n";
438	$result .= "DELETE FROM $value[0] WHERE $value[1] = $char[0];\n";
439
440	if ($numrow){
441	$result .= "INSERT INTO $value[0] (";
442
443	for($count = 0; $count < $num_fields; $count++) {
444	$result .= "`".$sql->field_name($char_query,$count)."`";
445	if ($count < ($num_fields-1)) $result .= ",";
446	}
447	$result .= ") VALUES \n";
448
449	for ($i =0; $i<$numrow; $i++) {
450	$result .= "\t(";
451	$row = $sql->fetch_row($char_query);
452	for($j=0; $j<$num_fields; $j++) {
453	$row[$j] = addslashes($row[$j]);
454	$row[$j] = ereg_replace("\n","\\n",$row[$j]);
455	if (isset($row[$j])) {
456	if ($sql->field_type($char_query,$j) == "int") $result .= "$row[$j]";
457	else $result .= "'$row[$j]'" ;
458	}else $result .= "''";
459	if ($j<($num_fields-1)) $result .= ",";
460	}
461	if ($i < ($numrow-1)) $result .= "),\n";
462	}
463	$result .= ");\n";
464
465	}
466	$result .= "UNLOCK TABLES;\n";
467	$result .= "\n";
468	fwrite($fp, $result)or die (error($lang_backup['file_write_err']));
469	}
470	}
471	fclose($fp);
472	}
473	}
474	}
475	$sql->close();
476
477	redirect("user.php?error=15");
478	}
479
480
481	//#######################################################################################################
482	// ADD NEW USER
483	//#######################################################################################################
484	function add_new() {
485	global $lang_global, $lang_user, $output;
486	$output .= "<center>
487	<script type=\"text/javascript\" src=\"js/sha1.js\"></script>
488	<script type=\"text/javascript\">
489	function do_submit_data () {
490	if (document.form.new_pass1.value != document.form.new_pass2.value){
491	alert('{$lang_user['nonidentical_passes']}');
492	return;
493	} else {
494	document.form.pass.value = hex_sha1(document.form.new_user.value.toUpperCase()+':'+document.form.new_pass1.value.toUpperCase());
495	document.form.new_pass1.value = '0';
496	document.form.new_pass2.value = '0';
497	do_submit();
498	}
499	}
500	</script>
501
502	<fieldset style=\"width: 550px;\">
503	<legend>{$lang_user['create_new_acc']}</legend>
504	<form method=\"get\" action=\"user.php\" name=\"form\">
505	<input type=\"hidden\" name=\"pass\" value=\"\" maxlength=\"256\" />
506	<input type=\"hidden\" name=\"action\" value=\"doadd_new\" />
507	<table class=\"flat\">
508	<tr>
509	<td>{$lang_user['username']}</td>
510	<td><input type=\"text\" name=\"new_user\" size=\"42\" maxlength=\"15\" value=\"New_Account\" /></td>
511	</tr>
512	<tr>
513	<td>{$lang_user['password']}</td>
514	<td><input type=\"text\" name=\"new_pass1\" size=\"42\" maxlength=\"25\" value=\"123456\" /></td>
515	</tr>
516	<tr>
517	<td>{$lang_user['confirm']}</td>
518	<td><input type=\"text\" name=\"new_pass2\" size=\"42\" maxlength=\"25\" value=\"123456\" /></td>
519	</tr>
520	<tr>
521	<td>{$lang_user['email']}</td>
522	<td><input type=\"text\" name=\"new_mail\" size=\"42\" maxlength=\"225\" value=\"none@mail.com\" /></td>
523	</tr>
524	<tr>
525	<td>{$lang_user['locked']}</td>
526	<td><input type=\"checkbox\" name=\"new_locked\" value=\"1\" /></td>
527	</tr>
528	<tr>
529	<td>{$lang_user['tbc_account']}</td>
530	<td><input type=\"checkbox\" name=\"new_tbc\" value=\"1\" checked=\"checked\" /></td>
531	</tr>
532	<tr><td>";
533	makebutton($lang_user['create_acc'], "javascript:do_submit_data()",120);
534	$output .= "</td><td>";
535	makebutton($lang_global['back'], "javascript:window.history.back()",306);
536	$output .= "</td></tr>
537	</table>
538	</form>
539	</fieldset><br /><br /></center>";
540	}
541
542
543	//#########################################################################################################
544	// DO ADD NEW USER
545	//#########################################################################################################
546	function doadd_new() {
547	global $lang_global, $realm_db;
548
549	if ( empty($_GET['new_user']) \|\| empty($_GET['pass']) )
550	redirect("user.php?action=add_new&error=4");
551
552	$sql = new SQL;
553	$sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
554
555	$new_user = $sql->quote_smart(trim($_GET['new_user']));
556	$pass = $sql->quote_smart($_GET['pass']);
557
558	//make sure username/pass at least 4 chars long and less than max
559	if ((strlen($new_user) < 4) \|\| (strlen($new_user) > 15)){
560	$sql->close();
561	redirect("user.php?action=add_new&error=8");
562	}
563
564	require_once("scripts/valid_lib.php");
565	//make sure it doesnt contain non english chars.
566	if (!alphabetic($new_user)) {
567	$sql->close();
568	redirect("user.php?action=add_new&error=9");
569	}
570
571	$result = $sql->query("SELECT username FROM account WHERE username = '$new_user'");
572
573	//there is already someone with same username
574	if ($sql->num_rows($result)){
575	$sql->close();
576	redirect("user.php?action=add_new&error=7");
577	} else {
578	$last_ip = "0.0.0.0";
579	$new_mail = (isset($_GET['new_mail'])) ? $sql->quote_smart(trim($_GET['new_mail'])) : NULL;
580
581	$locked = (isset($_GET['new_locked'])) ? $sql->quote_smart($_GET['new_locked']) : 0;
582	$tbc = (isset($_GET['new_tbc'])) ? $sql->quote_smart($_GET['new_tbc']) : 0;
583
584	$result = $sql->query("INSERT INTO account (username,I,gmlevel,email, joindate,last_ip,failed_logins,locked,last_login,online,tbc)
585	VALUES ('$new_user','$pass',0 ,'$new_mail',current_date() ,'$last_ip',0, $locked ,NULL, 0, $tbc)");
586	$sql->close();
587
588	if ($result) redirect("user.php?error=5");
589	}
590	}
591
592
593	//###########################################################################################################
594	// EDIT USER
595	//###########################################################################################################
596	function edit_user() {
597	global $lang_global, $lang_user, $output, $realm_db, $mangos_db, $realm_id, $user_lvl, $user_name, $gm_level_arr;
598
599	if (empty($_GET['id'])) redirect("user.php?error=10");
600
601	$sql = new SQL;
602	$sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
603
604	$id = $sql->quote_smart($_GET['id']);
605
606	$result = $sql->query("SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online,tbc FROM account WHERE id = '$id'");
607	$data = $sql->fetch_row($result);
608
609	if ($sql->num_rows($result)){
610	//restricting accsess to lower gmlvl
611	if (($user_lvl <= $data[2])&&($user_name != $data[1])){
612	$sql->close();
613	redirect("user.php?error=14");
614	}
615
616	$output .= "<center>
617	<script type=\"text/javascript\" src=\"js/sha1.js\"></script>
618	<script type=\"text/javascript\">
619	function do_submit_data () {
620	if ((document.form.username.value != '$data[1]')&&(document.form.new_pass.value == '******')){
621	alert('If you are changing Username, The password must be changed too.');
622	return;
623	} else {
624	document.form.pass.value = hex_sha1(document.form.username.value.toUpperCase()+':'+document.form.new_pass.value.toUpperCase());
625	document.form.new_pass.value = '0';
626	do_submit();
627	}
628	}
629	</script>
630
631	<fieldset style=\"width: 550px;\">
632	<legend>{$lang_user['edit_acc']}</legend>
633	<form method=\"post\" action=\"user.php?action=doedit_user\" name=\"form\">
634	<input type=\"hidden\" name=\"pass\" value=\"\" maxlength=\"256\" />
635	<input type=\"hidden\" name=\"id\" value=\"$id\" />
636	<table class=\"flat\">
637	<tr>
638	<td>{$lang_user['id']}</td>
639	<td>$data[0]</td>
640	</tr>
641	<tr>
642	<td>{$lang_user['username']}</td>
643	<td><input type=\"text\" name=\"username\" size=\"43\" maxlength=\"15\" value=\"$data[1]\" /></td>
644	</tr>
645	<tr>
646	<td>{$lang_user['password']}</td>
647	<td><input type=\"text\" name=\"new_pass\" size=\"43\" maxlength=\"40\" value=\"******\" /></td>
648	</tr>
649	<tr>
650	<td>{$lang_user['email']}</td>
651	<td><input type=\"text\" name=\"mail\" size=\"43\" maxlength=\"225\"value=\"$data[3]\" /></td>
652	</tr>
653	<tr>
654	<td>{$lang_user['gm_level_long']}</td>
655	<td><select name=\"gmlevel\">";
656	foreach ($gm_level_arr as $level){
657	if (($level[0] < $user_lvl)\|\|($data[1] == $user_name)){
658	$output .= "<option value=\"{$level[0]}\" ";
659	if ($data[2] == $level[0]) $output .= "selected=\"selected\" ";
660	$output .= ">{$level[1]}</option>";
661	}
662	}
663	$output .= "</select>
664	</td>
665	</tr>
666	<tr>
667	<td>{$lang_user['join_date']}</td>
668	<td>$data[4]</td>
669	</tr>
670	<tr>
671	<td>{$lang_user['banned']}</td>";
672
673	$que = $sql->query("SELECT bandate, unbandate, bannedby FROM account_banned WHERE id = $id");
674	if ($sql->num_rows($que)){
675	$banned = $sql->fetch_row($que);
676	$ban_info = " - from:".date('d-m-Y G:i', $banned[0])." till:".date('d-m-Y G:i', $banned[1])."<br />by $banned[2]";
677	$ban_checked = " checked=\"checked\"";
678	} else {
679	$ban_checked = "";
680	$ban_info = "";
681	}
682	$output .= "<td><input type=\"checkbox\" name=\"banned\" value=\"1\" $ban_checked/>$ban_info</td>
683	</tr>
684	<tr>
685	<td>{$lang_user['last_ip']}</td>
686	<td>$data[5]<a href=\"banned.php?action=do_add_entry&entry=$data[5]&bantime=3600&ban_type=ip_banned\"> <- {$lang_user['ban_this_ip']}</a></td>
687	</tr>
688	<td>{$lang_user['client_type']}</td>
689	<td><select name=\"tbc\">";
690	$output .= "<option value=\"0\">{$lang_user['classic']}</option>
691	<option value=\"1\" ";
692	if ($data[10]) $output .= "selected=\"selected\" ";
693	$output .= ">{$lang_user['expansion']}</option>
694	</select>
695	</td>
696	<tr>
697	<td>{$lang_user['failed_logins_long']}</td>
698	<td><input type=\"text\" name=\"failed\" size=\"43\" maxlength=\"3\" value=\"$data[6]\" /></td>
699	</tr>
700	<tr>
701	<td>{$lang_user['locked']}</td>";
702	$lock_checked = ($data[7]) ? " checked=\"checked\"" : "";
703	$output .= "<td><input type=\"checkbox\" name=\"locked\" value=\"1\" $lock_checked/></td>
704	</tr>
705	<tr>
706	<td>{$lang_user['last_login']}</td>
707	<td>$data[8]</td>
708	</tr>
709	<tr>
710	<td>{$lang_user['online']}</td>";
711	$ol = ( $data[9] ) ? $lang_global['yes'] : $lang_global['no'];
712	$output .= "<td>$ol</td>
713	</tr>";
714
715	$query = $sql->query("SELECT SUM(numchars) FROM realmcharacters WHERE acctid = '$id'");
716	$tot_chars = $sql->result($query, 0);
717
718	$sql->connect($mangos_db[$realm_id]['addr'], $mangos_db[$realm_id]['user'], $mangos_db[$realm_id]['pass'], $mangos_db[$realm_id]['name']);
719	$query = $sql->query("SELECT count(*) FROM `character` WHERE account = $id");
720	$chars_on_realm = $sql->result($query, 0);
721
722	$output .= "<tr>
723	<td>{$lang_user['tot_chars']}</td>
724	<td>$tot_chars</td>
725	</tr>
726	<tr>
727	<td>{$lang_user['chars_on_realm']}</td>
728	<td>$chars_on_realm</td>
729	</tr>";
730
731	//if there is any chars to display
732	if ($chars_on_realm){
733	$char_array = $sql->query("SELECT guid,name,race,class,SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) FROM `character` WHERE account = $id");
734	while ($char = $sql->fetch_array($char_array)){
735	$output .= "<tr>
736	<td>      '---></td>
737	<td><a href=\"char.php?id=$char[0]\">$char[1] - ".get_player_race($char[2])." ".get_player_class($char[3])." \| lvl $char[4]</a></td>
738	</tr>";
739	}
740	}
741
742	$output .= "<tr><td>";
743	makebutton($lang_user['update_data'], "javascript:do_submit_data()",140);
744	$output .= "</td><td>";
745	makebutton($lang_user['del_acc'], "user.php?action=del_user&check%5B%5D=$id",150);
746	makebutton($lang_global['back'], "javascript:window.history.back()",150);
747	$output .= "</td></tr>
748	</table>
749	</form></fieldset><br /><br /></center>";
750
751	} else error($lang_global['err_no_user']);
752	$sql->close();
753	}
754
755
756	//############################################################################################################
757	// DO EDIT USER
758	//############################################################################################################
759	function doedit_user() {
760	global $lang_global, $realm_db, $user_lvl, $user_name;
761
762	if( (!isset($_POST['id']) \|\| $_POST['id'] === '') \|\| (!isset($_POST['username']) \|\| $_POST['username'] === '') \|\| (!isset($_POST['pass']) \|\| $_POST['pass'] === '') )
763	redirect("user.php?action=edit_user&&id={$_POST['id']}&error=1");
764
765	$sql = new SQL;
766	$sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
767
768	$id = $sql->quote_smart($_POST['id']);
769	$username = $sql->quote_smart($_POST['username']);
770	$pass = $sql->quote_smart($_POST['pass']);
771	$user_pass_change = ($pass != sha1(strtoupper($username).":******")) ? "username='$username',I='$pass'," : "";
772
773	$mail = (isset($_POST['mail']) && $_POST['mail'] != '') ? $sql->quote_smart($_POST['mail']) : "";
774	$failed = (isset($_POST['failed'])) ? $sql->quote_smart($_POST['failed']) : 0;
775	$gmlevel = (isset($_POST['gmlevel'])) ? $sql->quote_smart($_POST['gmlevel']) : 0;
776	$tbc = (isset($_POST['tbc'])) ? $sql->quote_smart($_POST['tbc']) : 1;
777	$banned = (isset($_POST['banned'])) ? $sql->quote_smart($_POST['banned']) : 0;
778	$locked = (isset($_POST['locked'])) ? $sql->quote_smart($_POST['locked']) : 0;
779
780	//make sure username/pass at least 4 chars long and less than max
781	if ((strlen($username) < 4) \|\| (strlen($username) > 15)){
782	$sql->close();
783	redirect("user.php?action=edit_user&id=$id&error=8");
784	}
785
786	if ($gmlevel >= $user_lvl) {
787	$sql->close();
788	redirect("user.php?action=edit_user&&id={$_POST['id']}&error=16");
789	}
790
791	require_once("scripts/valid_lib.php");
792	//make sure it doesnt contain non english chars.
793	if (!alphabetic($username)) {
794	$sql->close();
795	redirect("user.php?action=edit_user&error=9&id=$id");
796	}
797
798	//restricting accsess to lower gmlvl
799	$result = $sql->query("SELECT gmlevel,username FROM account WHERE id = '$id'");
800	if (($user_lvl <= $sql->result($result, 0, 'gmlevel'))&&($user_name != $sql->result($result, 0, 'username'))){
801	$sql->close();
802	redirect("user.php?error=14");
803	}
804
805	if (!$banned) $sql->query("DELETE FROM account_banned WHERE id='$id'");
806	else {
807	$result = $sql->query("SELECT count(*) FROM account_banned WHERE id = '$id'");
808	if(!$sql->result($result, 0))
809	$sql->query("INSERT INTO account_banned (id, bandate, unbandate, bannedby, banreason, active)
810	VALUES ($id, ".time().",".(time()+(365243600)).",'$user_name','none', 1)");
811	}
812
813	$sql->query("UPDATE account SET email='$mail', $user_pass_change failed_logins='$failed',locked='$locked',gmlevel='$gmlevel',tbc='$tbc' WHERE id=$id");
814
815	$sql->close();
816	redirect("user.php?action=edit_user&error=13&id=$id");
817	}
818
819
820	//########################################################################################################################
821	// MAIN
822	//########################################################################################################################
823	$err = (isset($_GET['error'])) ? $_GET['error'] : NULL;
824
825	$output .= "<div class=\"top\">";
826	switch ($err) {
827	case 1:
828	$output .= "<h1><font class=\"error\">{$lang_global['empty_fields']}</font></h1>";
829	break;
830	case 2:
831	$output .= "<h1><font class=\"error\">{$lang_global['err_no_search_passed']}</font></h1>";
832	break;
833	case 3:
834	$output .= "<h1>{$lang_user['search_results']}</h1>";
835	break;
836	case 4:
837	$output .= "<h1><font class=\"error\">{$lang_user['acc_creation_failed']}</font></h1>";
838	break;
839	case 5:
840	$output .= "<h1>{$lang_user['acc_created']}</h1>";
841	break;
842	case 6:
843	$output .= "<h1><font class=\"error\">{$lang_user['nonidentical_passes']}</font></h1>";
844	break;
845	case 7:
846	$output .= "<h1><font class=\"error\">{$lang_user['user_already_exist']}</font></h1>";
847	break;
848	case 8:
849	$output .= "<h1><font class=\"error\">{$lang_user['username_pass_too_long']}</font></h1>";
850	break;
851	case 9:
852	$output .= "<h1><font class=\"error\">{$lang_user['use_only_eng_charset']}</font></h1>";
853	break;
854	case 10:
855	$output .= "<h1><font class=\"error\">{$lang_user['no_value_passed']}</font></h1>";
856	break;
857	case 11:
858	$output .= "<h1>{$lang_user['edit_acc']}</h1>";
859	break;
860	case 12:
861	$output .= "<h1><font class=\"error\">{$lang_user['update_failed']}</font></h1>";
862	break;
863	case 13:
864	$output .= "<h1>{$lang_user['data_updated']}</h1>";
865	break;
866	case 14:
867	$output .= "<h1><font class=\"error\">{$lang_user['you_have_no_permission']}</font></h1>";
868	break;
869	case 15:
870	$output .= "<h1><font class=\"error\">{$lang_user['acc_backedup']}</font></h1>";
871	break;
872	case 16:
873	$output .= "<h1><font class=\"error\">{$lang_user['you_have_no_permission_to_set_gmlvl']}</font></h1>";
874	break;
875	default: //no error
876	$output .= "<h1>{$lang_user['browse_acc']}</h1>";
877	}
878	$output .= "</div>";
879
880	$action = (isset($_GET['action'])) ? $_GET['action'] : NULL;
881
882	switch ($action) {
883	case "browse_users":
884	browse_users();
885	break;
886	case "search":
887	search();
888	break;
889	case "add_new":
890	add_new();
891	break;
892	case "doadd_new":
893	doadd_new();
894	break;
895	case "edit_user":
896	edit_user();
897	break;
898	case "doedit_user":
899	doedit_user();
900	break;
901	case "del_user":
902	del_user();
903	break;
904	case "dodel_user":
905	dodel_user();
906	break;
907	case "backup_user":
908	backup_user();
909	break;
910	default:
911	browse_users();
912	}
913
914	require_once("footer.php");
915	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: