Changeset 307 for minimanager/user.php

Timestamp:

Mar 13, 2008, 8:18:42 PM (17 years ago)

Author:

george

Message:

Aktualizace na minimanager 0.1.6g.

File:

• minimanager/user.php (modified) (31 diffs)

minimanager/user.php

@@ -8 +8 @@
  * License: GNU General Public License v2(GPL)
  */
- 
+
 require_once("header.php");
 valid_login(1);
@@ -21 +21 @@
  $sql = new SQL;
  $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
- 
+
  $start = (isset($_GET['start'])) ? $sql->quote_smart($_GET['start']) : 0;
  $order_by = (isset($_GET['order_by'])) ? $sql->quote_smart($_GET['order_by']) : "id";
-        
+
  $dir = (isset($_GET['dir'])) ? $sql->quote_smart($_GET['dir']) : 1;
  $order_dir = ($dir) ? "ASC" : "DESC";
  $dir = ($dir) ? 0 : 1;
-        
+
 //get total number of items
  $query_1 = $sql->query("SELECT count(*) FROM account");
  $all_record = $sql->result($query_1,0);
 
- $query = $sql->query("SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online 
+ $query = $sql->query("SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online
                 FROM account ORDER BY $order_by $order_dir LIMIT $start, $itemperpage");
  $this_page = $sql->num_rows($query);
@@ -40 +40 @@
  $output .="<script type=\"text/javascript\" src=\"js/check.js\"></script>
                         <center><table class=\"top_hidden\">
-                        <tr><td>"; 
+                        <tr><td>";
  makebutton($lang_user['add_acc'], "user.php?action=add_new", 124);
  makebutton($lang_user['cleanup'], "cleanup.php", 122);
@@ -142 +142 @@
  $sql = new SQL;
  $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
- 
+
  $search_value = $sql->quote_smart($_GET['search_value']);
  $search_by = $sql->quote_smart($_GET['search_by']);
@@ -150 +150 @@
  $order_dir = ($dir) ? "ASC" : "DESC";
  $dir = ($dir) ? 0 : 1;
- 
+
  switch ($search_by){
- 
+
  case "greater_gmlevel":
          $sql_query = "SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online
                  FROM account WHERE gmlevel > $search_value ORDER BY $order_by $order_dir LIMIT $sql_search_limit";
  break;
- 
+
  case "banned":
         $sql_query = "SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online
@@ -165 +165 @@
          $sql_query .= " ORDER BY $order_by $order_dir LIMIT $sql_search_limit";
  break;
- 
+
  case "failed_logins":
          $sql_query = "SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online
                  FROM account WHERE failed_logins > $search_value ORDER BY $order_by $order_dir LIMIT $sql_search_limit";
  break;
- 
+
  default:
     $sql_query = "SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online
@@ -213 +213 @@
  <input type=\"hidden\" name=\"backup_op\" value=\"0\"/>
  <table class=\"lined\">
-   <tr> 
+   <tr>
         <th width=\"1%\"><input name=\"allbox\" type=\"checkbox\" value=\"Check All\" onclick=\"CheckAll(document.form1);\" /></th>
         <th width=\"5%\"><a href=\"user.php?action=search&amp;error=3&amp;search_value=$search_value&amp;search_by=$search_by&amp;order_by=id&amp;dir=$dir\">".($order_by=='id' ? "<img src=\"img/arr_".($dir ? "up" : "dw").".gif\" /> " : "")."{$lang_user['id']}</a></th>
@@ -260 +260 @@
  </table>
  </form><br /></center>";
- 
+
  $sql->close();
 }
@@ -289 +289 @@
  $sql = new SQL;
  $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
-                        
+
  for ($i=0; $i<count($check); $i++){
         $username = $sql->result($sql->query("SELECT username FROM `account` WHERE id = {$check[$i]}"),0);
@@ -317 +317 @@
  $sql = new SQL;
  $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
- 
+
  if(isset($_GET['check'])) $check = $sql->quote_smart($_GET['check']);
         else redirect("user.php?error=1");
@@ -324 +324 @@
  $deleted_chars = 0;
  require_once("scripts/del_lib.php");
- 
+
  for ($i=0; $i<count($check); $i++) {
     if ($check[$i] != "" ) {
@@ -336 +336 @@
  $sql->close();
  $output .= "<center>";
- if ($deleted_acc == 0) $output .= "<h1><font class=\"error\">{$lang_user['no_acc_deleted']}</font></h1>"; 
+ if ($deleted_acc == 0) $output .= "<h1><font class=\"error\">{$lang_user['no_acc_deleted']}</font></h1>";
    else {
         $output .= "<h1><font class=\"error\">{$lang_user['total']} <font color=blue>$deleted_acc</font> {$lang_user['acc_deleted']}</font><br /></h1>";
@@ -358 +358 @@
  $sql = new SQL;
  $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
- 
+
  if(isset($_GET['check'])) $check = $sql->quote_smart($_GET['check']);
         else redirect("user.php?error=1");
@@ -383 +383 @@
                         $num_fields = $sql->num_fields($acc_query);
                         $numrow = $sql->num_rows($acc_query);
-        
+
                         $result = "-- Dumping data for $value[0] ".date("m.d.y_H.i.s")."\n";
                         $result .= "LOCK TABLES $value[0] WRITE;\n";
                         $result .= "DELETE FROM $value[0] WHERE $value[1] = $acc[0];\n";
-                        
+
                         if ($numrow){
                                 $result .= "INSERT INTO $value[0] (";
-                                                
+
                                 for($count = 0; $count < $num_fields; $count++) {
                                         $result .= "`".$sql->field_name($acc_query,$count)."`";
                                         if ($count < ($num_fields-1)) $result .= ",";
-                                        } 
+                                        }
                                 $result .= ") VALUES \n";
 
@@ -408 +408 @@
                                                 }else $result .= "''";
                                                 if ($j<($num_fields-1)) $result .= ",";
-                                                }   
+                                                }
                                 if ($i < ($numrow-1)) $result .= "),\n";
-                                } 
+                                }
                                 $result .= ");\n";
                                 }
@@ -418 +418 @@
                         }
         fclose($fp);
-        
+
         foreach ($characters_db as $db){
                 $file_name_new = $acc[0]."_{$db['name']}.sql";
@@ -424 +424 @@
                 fwrite($fp, "CREATE DATABASE /*!32312 IF NOT EXISTS*/ {$db['name']};\n")or die (error($lang_backup['file_write_err']));
                 fwrite($fp, "USE {$db['name']};\n\n")or die (error($lang_backup['file_write_err']));
-                
+
                 $sql->connect($db['addr'], $db['user'], $db['pass'], $db['name']);
-                $all_char_query = $sql->query("SELECT guid,name FROM `character` WHERE account = $acc[0]");
-                
+                $all_char_query = $sql->query("SELECT guid,name FROM `characters` WHERE account = $acc[0]");
+
                 while ($char = $sql->fetch_array($all_char_query)){
                                 fwrite($fp, "-- Dumping data for character $char[1]\n")or die (error($lang_backup['file_write_err']));
@@ -434 +434 @@
                                         $num_fields = $sql->num_fields($char_query);
                                         $numrow = $sql->num_rows($char_query);
-        
+
                                         $result = "LOCK TABLES $value[0] WRITE;\n";
                                         $result .= "DELETE FROM $value[0] WHERE $value[1] = $char[0];\n";
@@ -440 +440 @@
                                         if ($numrow){
                                                 $result .= "INSERT INTO $value[0] (";
-                                                
+
                                                 for($count = 0; $count < $num_fields; $count++) {
                                                         $result .= "`".$sql->field_name($char_query,$count)."`";
                                                         if ($count < ($num_fields-1)) $result .= ",";
-                                                        } 
+                                                        }
                                                 $result .= ") VALUES \n";
 
@@ -458 +458 @@
                                                                 }else $result .= "''";
                                                                 if ($j<($num_fields-1)) $result .= ",";
-                                                                }   
+                                                                }
                                                 if ($i < ($numrow-1)) $result .= "),\n";
-                                                } 
+                                                }
                                                 $result .= ");\n";
 
@@ -474 +474 @@
  }
  $sql->close();
- 
+
 redirect("user.php?error=15");
 }
@@ -499 +499 @@
                 }
         </script>
- 
+
         <fieldset style=\"width: 550px;\">
         <legend>{$lang_user['create_new_acc']}</legend>
@@ -582 +582 @@
         $tbc = (isset($_GET['new_tbc'])) ? $sql->quote_smart($_GET['new_tbc']) : 0;
 
-        $result = $sql->query("INSERT INTO account (username,I,gmlevel,email, joindate,last_ip,failed_logins,locked,last_login,online,tbc)
-                                                                VALUES ('$new_user','$pass',0 ,'$new_mail',current_date() ,'$last_ip',0, $locked ,NULL, 0, $tbc)");
+        $result = $sql->query("INSERT INTO account (username,sha_pass_hash,gmlevel,email, joindate,last_ip,failed_logins,locked,last_login,online,tbc)
+                                                                VALUES ('$new_user','$pass',0 ,'$new_mail',now() ,'$last_ip',0, $locked ,NULL, 0, $tbc)");
         $sql->close();
 
@@ -596 +596 @@
 function edit_user() {
  global $lang_global, $lang_user, $output, $realm_db, $characters_db, $realm_id, $user_lvl, $user_name, $gm_level_arr;
- 
+
  if (empty($_GET['id'])) redirect("user.php?error=10");
 
  $sql = new SQL;
  $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
-        
+
  $id = $sql->quote_smart($_GET['id']);
 
  $result = $sql->query("SELECT id,username,gmlevel,email,joindate,last_ip,failed_logins,locked,last_login,online,tbc FROM account WHERE id = '$id'");
  $data = $sql->fetch_row($result);
- 
+
  if ($sql->num_rows($result)){
         //restricting accsess to lower gmlvl
@@ -717 +717 @@
 
         $sql->connect($characters_db[$realm_id]['addr'], $characters_db[$realm_id]['user'], $characters_db[$realm_id]['pass'], $characters_db[$realm_id]['name']);
-        $query = $sql->query("SELECT count(*) FROM `character` WHERE account = $id");
+        $query = $sql->query("SELECT count(*) FROM `characters` WHERE account = $id");
         $chars_on_realm = $sql->result($query, 0);
 
@@ -731 +731 @@
         //if there is any chars to display
         if ($chars_on_realm){
-                $char_array = $sql->query("SELECT guid,name,race,class,SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) FROM `character` WHERE account = $id");
+                $char_array = $sql->query("SELECT guid,name,race,class,SUBSTRING_INDEX(SUBSTRING_INDEX(`data`, ' ', 35), ' ', -1) FROM `characters` WHERE account = $id");
                 while ($char = $sql->fetch_array($char_array)){
-                        $output .= "<tr> 
+                        $output .= "<tr>
                         <td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;'---></td>
                         <td><a href=\"char.php?id=$char[0]\">$char[1]  - ".get_player_race($char[2])." ".get_player_class($char[3])." | lvl $char[4]</a></td>
@@ -762 +762 @@
  if( (!isset($_POST['id']) || $_POST['id'] === '') || (!isset($_POST['username']) || $_POST['username'] === '') || (!isset($_POST['pass']) || $_POST['pass'] === '') )
    redirect("user.php?action=edit_user&&id={$_POST['id']}&error=1");
- 
+
  $sql = new SQL;
  $sql->connect($realm_db['addr'], $realm_db['user'], $realm_db['pass'], $realm_db['name']);
@@ -770 +770 @@
  $pass = $sql->quote_smart($_POST['pass']);
  $user_pass_change = ($pass != sha1(strtoupper($username).":******")) ? "username='$username',sha_pass_hash='$pass'," : "";
- 
+
  $mail = (isset($_POST['mail']) && $_POST['mail'] != '') ? $sql->quote_smart($_POST['mail']) : "";
  $failed = (isset($_POST['failed'])) ? $sql->quote_smart($_POST['failed']) : 0;
@@ -808 +808 @@
                         if(!$sql->result($result, 0))
                                 $sql->query("INSERT INTO account_banned (id, bandate, unbandate, bannedby, banreason, active)
-                                                           VALUES ($id, ".time().",".(time()+(365*24*3600)).",'$user_name','none', 1)");                                                
+                                                           VALUES ($id, ".time().",".(time()+(365*24*3600)).",'$user_name','none', 1)");
                  }
 
@@ -840 +840 @@
    $output .= "<h1>{$lang_user['acc_created']}</h1>";
    break;
-case 6: 
+case 6:
    $output .= "<h1><font class=\"error\">{$lang_user['nonidentical_passes']}</font></h1>";
    break;
@@ -881 +881 @@
 
 switch ($action) {
-case "browse_users": 
+case "browse_users":
    browse_users();
    break;
-case "search": 
+case "search":
    search();
    break;
-case "add_new": 
+case "add_new":
    add_new();
    break;
-case "doadd_new": 
+case "doadd_new":
    doadd_new();
    break;
-case "edit_user": 
+case "edit_user":
    edit_user();
    break;
-case "doedit_user": 
+case "doedit_user":
    doedit_user();
    break;
-case "del_user": 
+case "del_user":
    del_user();
    break;
-case "dodel_user": 
+case "dodel_user":
    dodel_user();
    break;
-case "backup_user": 
+case "backup_user":
    backup_user();
    break;