Changeset 19 for minimanager/user.php
- Timestamp:
- Aug 13, 2007, 9:05:34 PM (17 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
minimanager/user.php
r5 r19 19 19 global $lang_global, $lang_user, $output, $realm_db, $itemperpage, $user_lvl, $user_name, $gm_level_arr; 20 20 21 $ mysql = new MySQL;22 $ mysql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);23 24 $start = (isset($_GET['start'])) ? $ mysql->quote_smart($_GET['start']) : 0;25 $order_by = (isset($_GET['order_by'])) ? $ mysql->quote_smart($_GET['order_by']) : "id";21 $sql = new SQL; 22 $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); 23 24 $start = (isset($_GET['start'])) ? $sql->quote_smart($_GET['start']) : 0; 25 $order_by = (isset($_GET['order_by'])) ? $sql->quote_smart($_GET['order_by']) : "id"; 26 26 27 $dir = (isset($_GET['dir'])) ? $ mysql->quote_smart($_GET['dir']) : 1;27 $dir = (isset($_GET['dir'])) ? $sql->quote_smart($_GET['dir']) : 1; 28 28 $order_dir = ($dir) ? "ASC" : "DESC"; 29 29 $dir = ($dir) ? 0 : 1; 30 30 31 31 //get total number of items 32 $query_1 = $ mysql->query("SELECT count(*) FROM account");33 $all_record = $ mysql->result($query_1,0);34 35 $query = $ mysql->query("SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online32 $query_1 = $sql->query("SELECT count(*) FROM account"); 33 $all_record = $sql->result($query_1,0); 34 35 $query = $sql->query("SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online 36 36 FROM account ORDER BY $order_by $order_dir LIMIT $start, $itemperpage"); 37 $this_page = $ mysql->num_rows($query);37 $this_page = $sql->num_rows($query); 38 38 39 39 //==========================top tage navigaion starts here======================== … … 56 56 <input type=\"text\" size=\"42\" maxlength=\"50\" name=\"search_value\" /> 57 57 <select name=\"search_by\"> 58 <option value=\"username\">{$lang_user['by_name']}</option> 58 59 <option value=\"id\">{$lang_user['by_id']}</option> 59 <option value=\"username\">{$lang_user['by_name']}</option>60 60 <option value=\"gmlevel\">{$lang_user['by_gm_level']}</option> 61 61 <option value=\"greater_gmlevel\">{$lang_user['greater_gm_level']}</option> … … 82 82 <table class=\"lined\"> 83 83 <tr> 84 <t d width=\"1%\" class=\"head\"><input name=\"allbox\" type=\"checkbox\" value=\"Check All\" onclick=\"CheckAll(document.form1);\" /></td>85 <t d width=\"5%\" class=\"head\"><a href=\"user.php?order_by=id&start=$start&dir=$dir\" class=\"head_link\">{$lang_user['id']}</a></td>86 <t d width=\"23%\" class=\"head\"><a href=\"user.php?order_by=username&start=$start&dir=$dir\" class=\"head_link\">{$lang_user['username']}</a></td>87 <t d width=\"5%\" class=\"head\"><a href=\"user.php?order_by=gmlevel&start=$start&dir=$dir\" class=\"head_link\">{$lang_user['gm_level']}</a></td>88 <t d width=\"17%\" class=\"head\"><a href=\"user.php?order_by=email&start=$start&dir=$dir\" class=\"head_link\">{$lang_user['email']}</a></td>89 <t d width=\"14%\" class=\"head\"><a href=\"user.php?order_by=joindate&start=$start&dir=$dir\" class=\"head_link\">{$lang_user['join_date']}</a></td>90 <t d width=\"10%\" class=\"head\"><a href=\"user.php?order_by=last_ip&start=$start&dir=$dir\" class=\"head_link\">{$lang_user['ip']}</a></td>91 <t d width=\"5%\" class=\"head\"><a href=\"user.php?order_by=failed_logins&start=$start&dir=$dir\" class=\"head_link\">{$lang_user['failed_logins']}</a></td>92 <t d width=\"3%\" class=\"head\"><a href=\"user.php?order_by=locked&start=$start&dir=$dir\" class=\"head_link\">{$lang_user['locked']}</a></td>93 <t d width=\"14%\" class=\"head\"><a href=\"user.php?order_by=last_login&start=$start&dir=$dir\" class=\"head_link\">{$lang_user['last_login']}</a></td>94 <t d width=\"3%\" class=\"head\"><a href=\"user.php?order_by=online&start=$start&dir=$dir\" class=\"head_link\">{$lang_user['online']}</a></td>84 <th width=\"1%\"><input name=\"allbox\" type=\"checkbox\" value=\"Check All\" onclick=\"CheckAll(document.form1);\" /></th> 85 <th width=\"5%\"><a href=\"user.php?order_by=id&start=$start&dir=$dir\">".($order_by=='id' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['id']}</a></th> 86 <th width=\"23%\"><a href=\"user.php?order_by=username&start=$start&dir=$dir\">".($order_by=='username' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['username']}</a></th> 87 <th width=\"5%\"><a href=\"user.php?order_by=gmlevel&start=$start&dir=$dir\">".($order_by=='gmlevel' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['gm_level']}</a></th> 88 <th width=\"17%\"><a href=\"user.php?order_by=email&start=$start&dir=$dir\">".($order_by=='email' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['email']}</a></th> 89 <th width=\"14%\"><a href=\"user.php?order_by=joindate&start=$start&dir=$dir\">".($order_by=='joindate' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['join_date']}</a></th> 90 <th width=\"10%\"><a href=\"user.php?order_by=last_ip&start=$start&dir=$dir\">".($order_by=='last_ip' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['ip']}</a></th> 91 <th width=\"5%\"><a href=\"user.php?order_by=failed_logins&start=$start&dir=$dir\">".($order_by=='failed_logins' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['failed_logins']}</a></th> 92 <th width=\"3%\"><a href=\"user.php?order_by=locked&start=$start&dir=$dir\">".($order_by=='locked' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['locked']}</a></th> 93 <th width=\"14%\"><a href=\"user.php?order_by=last_login&start=$start&dir=$dir\">".($order_by=='last_login' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['last_login']}</a></th> 94 <th width=\"3%\"><a href=\"user.php?order_by=online&start=$start&dir=$dir\">".($order_by=='online' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['online']}</a></th> 95 95 </tr>"; 96 96 97 $looping = ($this_page < $itemperpage) ? $this_page : $itemperpage; 98 99 for ($i=1; $i<=$looping; $i++) { 100 $data = $mysql->fetch_row($query); 97 while ($data = $sql->fetch_row($query)){ 98 101 99 if (($user_lvl >= $data[2])||($user_name == $data[1])){ 102 100 $output .= "<tr>"; … … 113 111 <td>".(($data[7]) ? $lang_global['yes_low'] : "-")."</td> 114 112 <td class=\"small\">$data[8]</td> 115 <td>".(($data[9]) ? " ON" : "-")."</td>113 <td>".(($data[9]) ? "<img src=\"img/up.gif\" alt=\"\" />" : "-")."</td> 116 114 </tr>"; 117 115 } else { … … 130 128 </table></form><br /></center>"; 131 129 132 $ mysql->close();130 $sql->close(); 133 131 } 134 132 … … 142 140 if(!isset($_GET['search_value']) || !isset($_GET['search_by'])) redirect("user.php?error=2"); 143 141 144 $ mysql = new MySQL;145 $ mysql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);146 147 $search_value = $ mysql->quote_smart($_GET['search_value']);148 $search_by = $ mysql->quote_smart($_GET['search_by']);149 150 $order_by = (isset($_GET['order_by'])) ? $ mysql->quote_smart($_GET['order_by']) : "id";151 $dir = (isset($_GET['dir'])) ? $ mysql->quote_smart($_GET['dir']) : 1;142 $sql = new SQL; 143 $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); 144 145 $search_value = $sql->quote_smart($_GET['search_value']); 146 $search_by = $sql->quote_smart($_GET['search_by']); 147 148 $order_by = (isset($_GET['order_by'])) ? $sql->quote_smart($_GET['order_by']) : "id"; 149 $dir = (isset($_GET['dir'])) ? $sql->quote_smart($_GET['dir']) : 1; 152 150 $order_dir = ($dir) ? "ASC" : "DESC"; 153 151 $dir = ($dir) ? 0 : 1; … … 156 154 157 155 case "greater_gmlevel": 158 $sql = "SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online156 $sql_query = "SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online 159 157 FROM account WHERE gmlevel > $search_value ORDER BY $order_by $order_dir LIMIT $sql_search_limit"; 160 158 break; 161 159 162 160 case "banned": 163 $sql = "SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online161 $sql_query = "SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online 164 162 FROM account WHERE id = 0 "; 165 $que = $ mysql->query("SELECT id FROM account_banned");166 while ($banned = mysql_fetch_row($que)) $sql.= "OR id =$banned[0] ";167 $sql .= " ORDER BY $order_by $order_dir LIMIT $sql_search_limit";163 $que = $sql->query("SELECT id FROM account_banned"); 164 while ($banned = $sql->fetch_row($que)) $sql_query .= "OR id =$banned[0] "; 165 $sql_query .= " ORDER BY $order_by $order_dir LIMIT $sql_search_limit"; 168 166 break; 169 167 170 168 case "failed_logins": 171 $sql = "SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online169 $sql_query = "SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online 172 170 FROM account WHERE failed_logins > $search_value ORDER BY $order_by $order_dir LIMIT $sql_search_limit"; 173 171 break; 174 172 175 173 default: 176 $sql = "SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online174 $sql_query = "SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online 177 175 FROM account WHERE $search_by LIKE '%$search_value%' ORDER BY $order_by $order_dir LIMIT $sql_search_limit"; 178 176 } 179 177 180 $query = $ mysql->query($sql);181 $total_found = $ mysql->num_rows($query);178 $query = $sql->query($sql_query); 179 $total_found = $sql->num_rows($query); 182 180 183 181 //==========================top tage navigaion starts here======================== … … 192 190 <input type=\"text\" size=\"32\" maxlength=\"50\" name=\"search_value\" /> 193 191 <select name=\"search_by\"> 192 <option value=\"username\">{$lang_user['by_name']}</option> 194 193 <option value=\"id\">{$lang_user['by_id']}</option> 195 <option value=\"username\">{$lang_user['by_name']}</option>196 194 <option value=\"gmlevel\">{$lang_user['by_gm_level']}</option> 197 195 <option value=\"greater_gmlevel\">{$lang_user['greater_gm_level']}</option> … … 216 214 <table class=\"lined\"> 217 215 <tr> 218 <t d width=\"1%\" class=\"head\"><input name=\"allbox\" type=\"checkbox\" value=\"Check All\" onclick=\"CheckAll(document.form1);\" /></td>219 <t d width=\"5%\" class=\"head\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=id&dir=$dir\" class=\"head_link\">{$lang_user['id']}</a></td>220 <t d width=\"23%\" class=\"head\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=username&dir=$dir\" class=\"head_link\">{$lang_user['username']}</a></td>221 <t d width=\"5%\" class=\"head\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=gmlevel&dir=$dir\" class=\"head_link\">{$lang_user['gm_level']}</a></td>222 <t d width=\"17%\" class=\"head\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=email&dir=$dir\" class=\"head_link\">{$lang_user['email']}</a></td>223 <t d width=\"14%\" class=\"head\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=joindate&dir=$dir\" class=\"head_link\">{$lang_user['join_date']}</a></td>224 <t d width=\"10%\" class=\"head\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=last_ip&dir=$dir\" class=\"head_link\">{$lang_user['ip']}</a></td>225 <t d width=\"5%\" class=\"head\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=failed_logins&dir=$dir\" class=\"head_link\">{$lang_user['failed_logins']}</a></td>226 <t d width=\"3%\" class=\"head\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=locked&dir=$dir\" class=\"head_link\">{$lang_user['locked']}</a></td>227 <t d width=\"14%\" class=\"head\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=last_login&dir=$dir\" class=\"head_link\">{$lang_user['last_login']}</a></td>228 <t d width=\"3%\" class=\"head\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=online&dir=$dir\" class=\"head_link\">{$lang_user['online']}</a></td>216 <th width=\"1%\"><input name=\"allbox\" type=\"checkbox\" value=\"Check All\" onclick=\"CheckAll(document.form1);\" /></th> 217 <th width=\"5%\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=id&dir=$dir\">".($order_by=='id' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['id']}</a></th> 218 <th width=\"23%\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=username&dir=$dir\">".($order_by=='username' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['username']}</a></th> 219 <th width=\"5%\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=gmlevel&dir=$dir\">".($order_by=='gmlevel' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['gm_level']}</a></th> 220 <th width=\"17%\><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=email&dir=$dir\">".($order_by=='email' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['email']}</a></th> 221 <th width=\"14%\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=joindate&dir=$dir\">".($order_by=='joindate' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['join_date']}</a></th> 222 <th width=\"10%\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=last_ip&dir=$dir\">".($order_by=='last_ip' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['ip']}</a></th> 223 <th width=\"5%\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=failed_logins&dir=$dir\">".($order_by=='failed_logins' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['failed_logins']}</a></th> 224 <th width=\"3%\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=locked&dir=$dir\">".($order_by=='locked' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['locked']}</a></th> 225 <th width=\"14%\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=last_login&dir=$dir\">".($order_by=='last_login' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['last_login']}</a></th> 226 <th width=\"3%\"><a href=\"user.php?action=search&error=3&search_value=$search_value&search_by=$search_by&order_by=online&dir=$dir\">".($order_by=='online' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['online']}</a></th> 229 227 </tr>"; 230 228 231 for ($i=1; $i<=$total_found; $i++){ 232 $data = $mysql->fetch_row($query); 233 234 //to disalow lower lvl gm to view accounts of other gms same or bigger lvl 229 while ($data = $sql->fetch_row($query)){ 230 235 231 if (($user_lvl >= $data[2])||($user_name == $data[1])){ 236 232 $output .= "<tr>"; … … 247 243 <td>".(($data[7]) ? $lang_global['yes_low'] : "-")."</td> 248 244 <td class=\"small\">$data[8]</td> 249 <td>".(($data[9]) ? " ON" : "-")."</td>245 <td>".(($data[9]) ? "<img src=\"img/up.gif\" alt=\"\" />" : "-")."</td> 250 246 </tr>"; 251 247 }else{ … … 265 261 </form><br /></center>"; 266 262 267 $ mysql->close();263 $sql->close(); 268 264 } 269 265 … … 273 269 //####################################################################################################### 274 270 function del_user() { 275 global $lang_global, $lang_user, $output ;271 global $lang_global, $lang_user, $output, $realm_db; 276 272 if(isset($_GET['check'])) $check = $_GET['check']; 277 273 else redirect("user.php?error=1"); … … 287 283 } 288 284 289 $output .= "<center><h1><font class=\"error\">{$lang_global['are_you_sure']}</font></h1><br />"; 290 $output .= "<font class=\"bold\">{$lang_user['acc_ids']}: "; 291 285 $output .= "<center><img src=\"img/warn_red.gif\" width=\"48\" height=\"48\" alt=\"\" /> 286 <h1><font class=\"error\">{$lang_global['are_you_sure']}</font></h1><br /> 287 <font class=\"bold\">{$lang_user['acc_ids']}: "; 288 289 $sql = new SQL; 290 $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); 291 292 292 for ($i=0; $i<count($check); $i++){ 293 $output .= "<a href=\"user.php?action=edit_user&id=$check[$i]\" target=\"_blank\">$check[$i], </a>"; 293 $username = $sql->result($sql->query("SELECT username FROM `account` WHERE id = {$check[$i]}"),0); 294 $output .= "<a href=\"user.php?action=edit_user&id=$check[$i]\" target=\"_blank\">$username, </a>"; 294 295 $pass_array .= "&check%5B%5D=$check[$i]"; 295 296 } 296 297 $output .= "{$lang_global['will_be_erased']}</font><br /><br />"; 298 $output .= "<table class=\"hidden\"> 297 $sql->close(); 298 299 $output .= "<br />{$lang_global['will_be_erased']}</font><br /><br /> 300 <table class=\"hidden\"> 299 301 <tr><td>"; 300 302 makebutton($lang_global['yes'], "user.php?action=dodel_user$pass_array",120); … … 302 304 $output .= "</td></tr> 303 305 </table></center><br />"; 306 304 307 } 305 308 … … 312 315 $tab_del_user_mangos, $tab_del_user_realmd; 313 316 314 $ mysql = new MySQL;315 $ mysql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);316 317 if(isset($_GET['check'])) $check = $ mysql->quote_smart($_GET['check']);317 $sql = new SQL; 318 $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); 319 320 if(isset($_GET['check'])) $check = $sql->quote_smart($_GET['check']); 318 321 else redirect("user.php?error=1"); 319 322 … … 331 334 } 332 335 } 333 $ mysql->close();336 $sql->close(); 334 337 $output .= "<center>"; 335 338 if ($deleted_acc == 0) $output .= "<h1><font class=\"error\">{$lang_user['no_acc_deleted']}</font></h1>"; … … 353 356 global $lang_global, $lang_user, $output, $realm_db, $mangos_db, $realm_id, $user_lvl,$backup_dir; 354 357 355 $ mysql = new MySQL;356 $ mysql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);357 358 if(isset($_GET['check'])) $check = $ mysql->quote_smart($_GET['check']);358 $sql = new SQL; 359 $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); 360 361 if(isset($_GET['check'])) $check = $sql->quote_smart($_GET['check']); 359 362 else redirect("user.php?error=1"); 360 363 … … 365 368 for ($t=0; $t<count($check); $t++) { 366 369 if ($check[$t] != "" ) { 367 $ mysql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);368 369 $query = $ mysql->query("SELECT id FROM account WHERE id = $check[$t]");370 $acc = $ mysql->fetch_array($query);370 $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); 371 372 $query = $sql->query("SELECT id FROM account WHERE id = $check[$t]"); 373 $acc = $sql->fetch_array($query); 371 374 372 375 $file_name_new = $acc[0]."_{$realm_db['name']}.sql"; … … 377 380 378 381 foreach ($tab_backup_user_realmd as $value) { 379 $acc_query = $ mysql->query("SELECT * FROM $value[0] WHERE $value[1] = $acc[0]");380 $num_fields = $mysql->num_fields($acc_query);381 $numrow = $ mysql->num_rows($acc_query);382 $acc_query = $sql->query("SELECT * FROM $value[0] WHERE $value[1] = $acc[0]"); 383 $num_fields = $sql->num_fields($acc_query); 384 $numrow = $sql->num_rows($acc_query); 382 385 383 386 $result = "-- Dumping data for $value[0] ".date("m.d.y_H.i.s")."\n"; … … 389 392 390 393 for($count = 0; $count < $num_fields; $count++) { 391 $result .= "`". mysql_field_name($acc_query,$count)."`";394 $result .= "`".$sql->field_name($acc_query,$count)."`"; 392 395 if ($count < ($num_fields-1)) $result .= ","; 393 396 } … … 396 399 for ($i =0; $i<$numrow; $i++) { 397 400 $result .= "\t("; 398 $row = $ mysql->fetch_row($acc_query);401 $row = $sql->fetch_row($acc_query); 399 402 for($j=0; $j<$num_fields; $j++) { 400 403 $row[$j] = addslashes($row[$j]); 401 404 $row[$j] = ereg_replace("\n","\\n",$row[$j]); 402 405 if (isset($row[$j])) { 403 if ( mysql_field_type($acc_query,$j) == "int") $result .= "$row[$j]";406 if ($sql->field_type($acc_query,$j) == "int") $result .= "$row[$j]"; 404 407 else $result .= "'$row[$j]'" ; 405 408 }else $result .= "''"; … … 422 425 fwrite($fp, "USE {$db['name']};\n\n")or die (error($lang_backup['file_write_err'])); 423 426 424 $ mysql->connect($db['addr'], $db['user'], $db['pass'], $db['name']);425 $all_char_query = $ mysql->query("SELECT guid,name FROM `character` WHERE account = $acc[0]");427 $sql->connect($db['addr'], $db['user'], $db['pass'], $db['name']); 428 $all_char_query = $sql->query("SELECT guid,name FROM `character` WHERE account = $acc[0]"); 426 429 427 while ($char = $ mysql->fetch_array($all_char_query)){430 while ($char = $sql->fetch_array($all_char_query)){ 428 431 fwrite($fp, "-- Dumping data for character $char[1]\n")or die (error($lang_backup['file_write_err'])); 429 432 foreach ($tab_backup_user_mangos as $value) { 430 $char_query = $ mysql->query("SELECT * FROM $value[0] WHERE $value[1] = $char[0]");431 $num_fields = $ mysql->num_fields($char_query);432 $numrow = $ mysql->num_rows($char_query);433 $char_query = $sql->query("SELECT * FROM $value[0] WHERE $value[1] = $char[0]"); 434 $num_fields = $sql->num_fields($char_query); 435 $numrow = $sql->num_rows($char_query); 433 436 434 437 $result = "LOCK TABLES $value[0] WRITE;\n"; … … 439 442 440 443 for($count = 0; $count < $num_fields; $count++) { 441 $result .= "`". mysql_field_name($char_query,$count)."`";444 $result .= "`".$sql->field_name($char_query,$count)."`"; 442 445 if ($count < ($num_fields-1)) $result .= ","; 443 446 } … … 446 449 for ($i =0; $i<$numrow; $i++) { 447 450 $result .= "\t("; 448 $row = $ mysql->fetch_row($char_query);451 $row = $sql->fetch_row($char_query); 449 452 for($j=0; $j<$num_fields; $j++) { 450 453 $row[$j] = addslashes($row[$j]); 451 454 $row[$j] = ereg_replace("\n","\\n",$row[$j]); 452 455 if (isset($row[$j])) { 453 if ( mysql_field_type($char_query,$j) == "int") $result .= "$row[$j]";456 if ($sql->field_type($char_query,$j) == "int") $result .= "$row[$j]"; 454 457 else $result .= "'$row[$j]'" ; 455 458 }else $result .= "''"; … … 470 473 } 471 474 } 472 $ mysql->close();475 $sql->close(); 473 476 474 477 redirect("user.php?error=15"); … … 547 550 redirect("user.php?action=add_new&error=4"); 548 551 549 $ mysql = new MySQL;550 $ mysql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);551 552 $new_user = $ mysql->quote_smart(trim($_GET['new_user']));553 $pass = $ mysql->quote_smart($_GET['pass']);552 $sql = new SQL; 553 $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); 554 555 $new_user = $sql->quote_smart(trim($_GET['new_user'])); 556 $pass = $sql->quote_smart($_GET['pass']); 554 557 555 558 //make sure username/pass at least 4 chars long and less than max 556 559 if ((strlen($new_user) < 4) || (strlen($new_user) > 15)){ 557 $ mysql->close();560 $sql->close(); 558 561 redirect("user.php?action=add_new&error=8"); 559 562 } … … 562 565 //make sure it doesnt contain non english chars. 563 566 if (!alphabetic($new_user)) { 564 $ mysql->close();567 $sql->close(); 565 568 redirect("user.php?action=add_new&error=9"); 566 569 } 567 570 568 $result = $ mysql->query("SELECT username FROM account WHERE username = '$new_user'");571 $result = $sql->query("SELECT username FROM account WHERE username = '$new_user'"); 569 572 570 573 //there is already someone with same username 571 if ($ mysql->num_rows($result)){572 $ mysql->close();574 if ($sql->num_rows($result)){ 575 $sql->close(); 573 576 redirect("user.php?action=add_new&error=7"); 574 577 } else { 575 578 $last_ip = "0.0.0.0"; 576 $new_mail = (isset($_GET['new_mail'])) ? $ mysql->quote_smart(trim($_GET['new_mail'])) : NULL;577 578 $locked = (isset($_GET['new_locked'])) ? $ mysql->quote_smart($_GET['new_locked']) : 0;579 $tbc = (isset($_GET['new_tbc'])) ? $ mysql->quote_smart($_GET['new_tbc']) : 0;580 581 $result = $ mysql->query("INSERT INTO account (username,I,gmlevel,email, joindate,last_ip,failed_logins,locked,last_login,online,tbc)579 $new_mail = (isset($_GET['new_mail'])) ? $sql->quote_smart(trim($_GET['new_mail'])) : NULL; 580 581 $locked = (isset($_GET['new_locked'])) ? $sql->quote_smart($_GET['new_locked']) : 0; 582 $tbc = (isset($_GET['new_tbc'])) ? $sql->quote_smart($_GET['new_tbc']) : 0; 583 584 $result = $sql->query("INSERT INTO account (username,I,gmlevel,email, joindate,last_ip,failed_logins,locked,last_login,online,tbc) 582 585 VALUES ('$new_user','$pass',0 ,'$new_mail',current_date() ,'$last_ip',0, $locked ,NULL, 0, $tbc)"); 583 $ mysql->close();586 $sql->close(); 584 587 585 588 if ($result) redirect("user.php?error=5"); … … 596 599 if (empty($_GET['id'])) redirect("user.php?error=10"); 597 600 598 $ mysql = new MySQL;599 $ mysql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);601 $sql = new SQL; 602 $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); 600 603 601 $id = $ mysql->quote_smart($_GET['id']);602 603 $result = $ mysql->query("SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online,tbc FROM account WHERE id = '$id'");604 $data = $ mysql->fetch_row($result);605 606 if ($ mysql->num_rows($result)){604 $id = $sql->quote_smart($_GET['id']); 605 606 $result = $sql->query("SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online,tbc FROM account WHERE id = '$id'"); 607 $data = $sql->fetch_row($result); 608 609 if ($sql->num_rows($result)){ 607 610 //restricting accsess to lower gmlvl 608 611 if (($user_lvl <= $data[2])&&($user_name != $data[1])){ 609 $ mysql->close();612 $sql->close(); 610 613 redirect("user.php?error=14"); 611 614 } … … 668 671 <td>{$lang_user['banned']}</td>"; 669 672 670 $que = $ mysql->query("SELECT bandate, unbandate, bannedby FROM account_banned WHERE id = $id");671 if ($ mysql->num_rows($que)){672 $banned = mysql_fetch_row($que);673 $que = $sql->query("SELECT bandate, unbandate, bannedby FROM account_banned WHERE id = $id"); 674 if ($sql->num_rows($que)){ 675 $banned = $sql->fetch_row($que); 673 676 $ban_info = " - from:".date('d-m-Y G:i', $banned[0])." till:".date('d-m-Y G:i', $banned[1])."<br />by $banned[2]"; 674 677 $ban_checked = " checked=\"checked\""; … … 710 713 </tr>"; 711 714 712 $query = $ mysql->query("SELECT SUM(numchars) FROM realmcharacters WHERE acctid = '$id'");713 $tot_chars = $ mysql->result($query, 0);714 715 $ mysql->connect($mangos_db[$realm_id]['addr'], $mangos_db[$realm_id]['user'], $mangos_db[$realm_id]['pass'], $mangos_db[$realm_id]['name']);716 $query = $ mysql->query("SELECT count(*) FROM `character` WHERE account = $id");717 $chars_on_realm = $ mysql->result($query, 0);715 $query = $sql->query("SELECT SUM(numchars) FROM realmcharacters WHERE acctid = '$id'"); 716 $tot_chars = $sql->result($query, 0); 717 718 $sql->connect($mangos_db[$realm_id]['addr'], $mangos_db[$realm_id]['user'], $mangos_db[$realm_id]['pass'], $mangos_db[$realm_id]['name']); 719 $query = $sql->query("SELECT count(*) FROM `character` WHERE account = $id"); 720 $chars_on_realm = $sql->result($query, 0); 718 721 719 722 $output .= "<tr> … … 728 731 //if there is any chars to display 729 732 if ($chars_on_realm){ 730 $char_array = $ mysql->query("SELECT guid,name,race,class,SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) FROM `character` WHERE account = $id");731 while ($char = $ mysql->fetch_array($char_array)){733 $char_array = $sql->query("SELECT guid,name,race,class,SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) FROM `character` WHERE account = $id"); 734 while ($char = $sql->fetch_array($char_array)){ 732 735 $output .= "<tr> 733 736 <td> '---></td> … … 747 750 748 751 } else error($lang_global['err_no_user']); 749 $ mysql->close();752 $sql->close(); 750 753 } 751 754 … … 760 763 redirect("user.php?action=edit_user&&id={$_POST['id']}&error=1"); 761 764 762 $ mysql = new MySQL;763 $ mysql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);764 765 $id = $ mysql->quote_smart($_POST['id']);766 $username = $ mysql->quote_smart($_POST['username']);767 $pass = $ mysql->quote_smart($_POST['pass']);765 $sql = new SQL; 766 $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']); 767 768 $id = $sql->quote_smart($_POST['id']); 769 $username = $sql->quote_smart($_POST['username']); 770 $pass = $sql->quote_smart($_POST['pass']); 768 771 $user_pass_change = ($pass != sha1(strtoupper($username).":******")) ? "username='$username',I='$pass'," : ""; 769 772 770 $mail = (isset($_POST['mail']) && $_POST['mail'] != '') ? $ mysql->quote_smart($_POST['mail']) : "";771 $failed = (isset($_POST['failed'])) ? $ mysql->quote_smart($_POST['failed']) : 0;772 $gmlevel = (isset($_POST['gmlevel'])) ? $ mysql->quote_smart($_POST['gmlevel']) : 0;773 $tbc = (isset($_POST['tbc'])) ? $ mysql->quote_smart($_POST['tbc']) : 1;774 $banned = (isset($_POST['banned'])) ? $ mysql->quote_smart($_POST['banned']) : 0;775 $locked = (isset($_POST['locked'])) ? $ mysql->quote_smart($_POST['locked']) : 0;773 $mail = (isset($_POST['mail']) && $_POST['mail'] != '') ? $sql->quote_smart($_POST['mail']) : ""; 774 $failed = (isset($_POST['failed'])) ? $sql->quote_smart($_POST['failed']) : 0; 775 $gmlevel = (isset($_POST['gmlevel'])) ? $sql->quote_smart($_POST['gmlevel']) : 0; 776 $tbc = (isset($_POST['tbc'])) ? $sql->quote_smart($_POST['tbc']) : 1; 777 $banned = (isset($_POST['banned'])) ? $sql->quote_smart($_POST['banned']) : 0; 778 $locked = (isset($_POST['locked'])) ? $sql->quote_smart($_POST['locked']) : 0; 776 779 777 780 //make sure username/pass at least 4 chars long and less than max 778 781 if ((strlen($username) < 4) || (strlen($username) > 15)){ 779 $ mysql->close();782 $sql->close(); 780 783 redirect("user.php?action=edit_user&id=$id&error=8"); 781 784 } 782 785 783 786 if ($gmlevel >= $user_lvl) { 784 $ mysql->close();787 $sql->close(); 785 788 redirect("user.php?action=edit_user&&id={$_POST['id']}&error=16"); 786 789 } … … 789 792 //make sure it doesnt contain non english chars. 790 793 if (!alphabetic($username)) { 791 $ mysql->close();794 $sql->close(); 792 795 redirect("user.php?action=edit_user&error=9&id=$id"); 793 796 } 794 797 795 798 //restricting accsess to lower gmlvl 796 $result = $ mysql->query("SELECT gmlevel,username FROM account WHERE id = '$id'");797 if (($user_lvl <= $ mysql->result($result, 0, 'gmlevel'))&&($user_name != $mysql->result($result, 0, 'username'))){798 $ mysql->close();799 $result = $sql->query("SELECT gmlevel,username FROM account WHERE id = '$id'"); 800 if (($user_lvl <= $sql->result($result, 0, 'gmlevel'))&&($user_name != $sql->result($result, 0, 'username'))){ 801 $sql->close(); 799 802 redirect("user.php?error=14"); 800 803 } 801 804 802 if (!$banned) $ mysql->query("DELETE FROM account_banned WHERE id='$id'");805 if (!$banned) $sql->query("DELETE FROM account_banned WHERE id='$id'"); 803 806 else { 804 $result = $ mysql->query("SELECT count(*) FROM account_banned WHERE id = '$id'");805 if(!$ mysql->result($result, 0))806 $ mysql->query("INSERT INTO account_banned (id, bandate, unbandate, bannedby, banreason, active)807 $result = $sql->query("SELECT count(*) FROM account_banned WHERE id = '$id'"); 808 if(!$sql->result($result, 0)) 809 $sql->query("INSERT INTO account_banned (id, bandate, unbandate, bannedby, banreason, active) 807 810 VALUES ($id, ".time().",".(time()+(365*24*3600)).",'$user_name','none', 1)"); 808 811 } 809 812 810 $ mysql->query("UPDATE account SET email='$mail', $user_pass_change failed_logins='$failed',locked='$locked',gmlevel='$gmlevel',tbc='$tbc' WHERE id=$id");811 812 $ mysql->close();813 $sql->query("UPDATE account SET email='$mail', $user_pass_change failed_logins='$failed',locked='$locked',gmlevel='$gmlevel',tbc='$tbc' WHERE id=$id"); 814 815 $sql->close(); 813 816 redirect("user.php?action=edit_user&error=13&id=$id"); 814 817 }
Note:
See TracChangeset
for help on using the changeset viewer.