| 1 |
<?php |
| 2 |
/** |
| 3 |
* File functions: |
| 4 |
* Admin panel |
| 5 |
* |
| 6 |
* @name : admin.php |
| 7 |
* @copyright : (C) 2004,2005,2006,2007 Vallheru Team based on Gamers-Fusion ver 2.5 |
| 8 |
* @author : thindil <thindil@users.sourceforge.net> |
| 9 |
* @author : eyescream <tduda@users.sourceforge.net> |
| 10 |
* @version : 1.4 |
| 11 |
* @since : 19.04.2007 |
| 12 |
* |
| 13 |
*/ |
| 14 |
|
| 15 |
// |
| 16 |
// |
| 17 |
// This program is free software; you can redistribute it and/or modify |
| 18 |
// it under the terms of the GNU General Public License as published by |
| 19 |
// the Free Software Foundation; either version 2 of the License, or |
| 20 |
// (at your option) any later version. |
| 21 |
// |
| 22 |
// This program is distributed in the hope that it will be useful, |
| 23 |
// but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 24 |
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 25 |
// GNU General Public License for more details. |
| 26 |
// |
| 27 |
// You should have received a copy of the GNU General Public License |
| 28 |
// along with this program; if not, write to the Free Software |
| 29 |
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
| 30 |
// |
| 31 |
// $Id$ |
| 32 |
|
| 33 |
$title = 'Panel Administracyjny'; |
| 34 |
require_once('includes/head.php'); |
| 35 |
|
| 36 |
/** |
| 37 |
* Get the localization for game |
| 38 |
*/ |
| 39 |
require_once('languages/'.$player -> lang.'/admin.php'); |
| 40 |
|
| 41 |
if ($player -> rank != 'Admin') |
| 42 |
{ |
| 43 |
error (NOT_ADMIN); |
| 44 |
} |
| 45 |
|
| 46 |
$smarty -> assign('Message', ''); |
| 47 |
|
| 48 |
/** |
| 49 |
* Functions from includes/admin dir |
| 50 |
*/ |
| 51 |
if (isset($_GET['view'])) |
| 52 |
{ |
| 53 |
$arrView = array('takeaway', 'clearc', 'czat', 'jail', 'innarchive', 'banmail', 'addtext', 'changenick', 'addreps'); |
| 54 |
$intKey = array_search($_GET['view'], $arrView); |
| 55 |
if ($intKey !== false) |
| 56 |
{ |
| 57 |
require_once('includes/admin/'.$arrView[$intKey].'.php'); |
| 58 |
} |
| 59 |
} |
| 60 |
|
| 61 |
|
| 62 |
/** |
| 63 |
* Reported bugs |
| 64 |
*/ |
| 65 |
if (isset($_GET['view']) && $_GET['view'] == 'bugreport') |
| 66 |
{ |
| 67 |
/** |
| 68 |
* Bugs list |
| 69 |
*/ |
| 70 |
if (!isset($_GET['step'])) |
| 71 |
{ |
| 72 |
$oldFetchMode = $db -> SetFetchMode(ADODB_FETCH_NUM); |
| 73 |
$arrBugs = $db -> GetAll('SELECT `id`, `sender`, `title`, `type`, `location`, `programmer_id` FROM `bugreport` WHERE `resolution`=0 ORDER BY `id`'); |
| 74 |
$db -> SetFetchMode($oldFetchMode); |
| 75 |
$smarty -> assign_by_ref('Bugs', $arrBugs); |
| 76 |
} |
| 77 |
/** |
| 78 |
* Edit bug |
| 79 |
*/ |
| 80 |
else |
| 81 |
{ |
| 82 |
if (!preg_match("#^[1-9][0-9]*$#", $_GET['step'])) |
| 83 |
{ |
| 84 |
error(ERROR); |
| 85 |
} |
| 86 |
$oldFetchMode = $db -> SetFetchMode(ADODB_FETCH_NUM); |
| 87 |
$arrBug = $db -> GetRow('SELECT `id`, `sender`, `title`, `type`, `location`, `desc`, `programmer_id` FROM `bugreport` WHERE `id`='.$_GET['step']); |
| 88 |
if (empty($arrBug)) |
| 89 |
{ |
| 90 |
error(ERROR); |
| 91 |
} |
| 92 |
require_once('includes/bbcode.php'); |
| 93 |
$arrBug[5] = htmltobbcode($arrBug[5]); |
| 94 |
$arrActions = array('fixed', 'notbug', 'workforme', 'moreinfo', 'duplicate'); |
| 95 |
$arrProgrammerName = $db -> GetRow('SELECT `user` FROM `players` WHERE `id`='.$arrBug[6]); |
| 96 |
$db -> SetFetchMode($oldFetchMode); |
| 97 |
if (!empty($arrProgrammerName)) |
| 98 |
{ |
| 99 |
$smarty -> assign_by_ref('Programmer', $arrProgrammerName[0]); |
| 100 |
} |
| 101 |
$strType = $arrBug[3] == 'text' ? BUG_TEXT : BUG_CODE; |
| 102 |
$smarty -> assign_by_ref('Options', $arrOptions); |
| 103 |
$smarty -> assign_by_ref('Actions', $arrActions); |
| 104 |
$smarty -> assign_by_ref('Bug', $arrBug); |
| 105 |
$smarty -> assign_by_ref('BugType', $strType); |
| 106 |
$smarty -> assign('BugMessage', ''); |
| 107 |
if (isset($_POST['programmer']) && $_POST['programmer'] == 1) |
| 108 |
{ |
| 109 |
$db -> Execute('UPDATE `bugreport` SET `programmer_id`='.$player -> id.' WHERE `id`='.$_GET['step']); |
| 110 |
$smarty -> assign('BugMessage', BUG_TAKEN.'<br /><br />'); |
| 111 |
} |
| 112 |
if (isset($_POST['programmer']) && $_POST['programmer'] == 0) |
| 113 |
{ |
| 114 |
$db -> Execute('UPDATE `bugreport` SET `programmer_id`=0 WHERE `id`='.$_GET['step']); |
| 115 |
$smarty -> assign('BugMessage', BUG_LEFT.'<br />'); |
| 116 |
} |
| 117 |
/** |
| 118 |
* Set bug status |
| 119 |
*/ |
| 120 |
if (isset($_POST['actions'])) |
| 121 |
{ |
| 122 |
if (!in_array($_POST['actions'], $arrActions)) |
| 123 |
{ |
| 124 |
error(ERROR); |
| 125 |
} |
| 126 |
$strInfo = YOUR_BUG.$arrBug[2].B_ID.$_GET['step']; |
| 127 |
$strDate = $db -> DBDate($newdate); |
| 128 |
$intKey = array_search($_POST['actions'], $arrActions); |
| 129 |
switch ($intKey) { |
| 130 |
case 0 : |
| 131 |
$strInfo = $strInfo.HAS_FIXED; |
| 132 |
$strMessage = HAS_FIXED2; |
| 133 |
$strAuthor = '<b><a href="view.php?view='.$player -> id.'">'.$player -> user."</a></b>, ID <b>".$player -> id.'</b>'; |
| 134 |
$strDesc = T_BUG.$strType."): ".$arrBug[2]. REPORTED_BY.$arrBug[1]; |
| 135 |
$db -> Execute("INSERT INTO `changelog` (`author`, `location`, `text`, `date`, `lang`) VALUES('".$strAuthor."', '".$arrBug[4]."', '".$strDesc."', ".$strDate.", '".$player -> lang."')"); |
| 136 |
break; |
| 137 |
case 1 : |
| 138 |
$strInfo = $strInfo.NOT_BUG3; |
| 139 |
$strMessage = NOT_BUG2; |
| 140 |
break; |
| 141 |
case 2 : |
| 142 |
$strInfo = $strInfo.WORK_FOR_ME2; |
| 143 |
$strMessage = WORK_FOR_ME3; |
| 144 |
break; |
| 145 |
case 3 : |
| 146 |
$strInfo = $strInfo.MORE_INFO2; |
| 147 |
$strMessage = MORE_INFO3; |
| 148 |
break; |
| 149 |
case 4 : |
| 150 |
$strInfo = $strInfo.BUG_DOUBLE2; |
| 151 |
$strMessage = BUG_DOUBLE3; |
| 152 |
} |
| 153 |
$db -> Execute("DELETE FROM `bugreport` WHERE `id`=".$_GET['step']); |
| 154 |
if (isset($_POST['bugcomment']) && !empty($_POST['bugcomment'])) |
| 155 |
{ |
| 156 |
$strInfo = $strInfo." <b>".BUG_COMMENT.":</b> ".$_POST['bugcomment']; |
| 157 |
} |
| 158 |
$db -> Execute("INSERT INTO `log` (`owner`, `log`, `czas`) VALUES(".$arrBug[1].", '".$strInfo."', ".$strDate.")"); |
| 159 |
error($strMessage); |
| 160 |
} |
| 161 |
} |
| 162 |
} |
| 163 |
|
| 164 |
/** |
| 165 |
* Add player to quest |
| 166 |
*/ |
| 167 |
if (isset($_GET['view']) && $_GET['view'] == 'playerquest') |
| 168 |
{ |
| 169 |
$smarty -> assign(array("Addplayer" => ADD_PLAYER, |
| 170 |
"Toquest" => TO_QUEST, |
| 171 |
"Aadd" => A_ADD)); |
| 172 |
if (isset($_GET['step']) && $_GET['step'] == 'add') |
| 173 |
{ |
| 174 |
if (empty($_POST['pid']) || empty($_POST['qid'])) |
| 175 |
{ |
| 176 |
error(EMPTY_FIELDS); |
| 177 |
} |
| 178 |
$db -> Execute("DELETE FROM `questaction` WHERE player=".$_POST['pid']); |
| 179 |
$db -> Execute("INSERT INTO `questaction` (`player`, `quest`, `action`) VALUES(".$_POST['pid'].", ".$_POST['qid'].", 'start')"); |
| 180 |
$db -> Execute("UPDATE `players` SET `miejsce`='Podróż' WHERE id=".$_POST['pid']); |
| 181 |
$smarty -> assign("Message", YOU_ADD); |
| 182 |
} |
| 183 |
} |
| 184 |
|
| 185 |
/** |
| 186 |
* Add info about changes in game |
| 187 |
*/ |
| 188 |
if (isset($_GET['view']) && $_GET['view'] == 'changelog') |
| 189 |
{ |
| 190 |
if ($player -> id != 1) |
| 191 |
{ |
| 192 |
error(ONLY_MAIN); |
| 193 |
} |
| 194 |
$smarty -> assign(array("Changeinfo" => CHANGE_INFO, |
| 195 |
"Changelocation" => CHANGE_LOCATION, |
| 196 |
"Changetext" => CHANGE_TEXT, |
| 197 |
"Aadd" => A_ADD)); |
| 198 |
if (isset($_GET['step']) && $_GET['step'] == 'add') |
| 199 |
{ |
| 200 |
if (empty($_POST['location']) || empty($_POST['changetext'])) |
| 201 |
{ |
| 202 |
error(EMPTY_FIELDS); |
| 203 |
} |
| 204 |
$strDate = $db -> DBDate($newdate); |
| 205 |
$strAuthor = '<b><a href="view.php?view='.$player -> id.'">'.$player -> user."</a></b>, ID <b>".$player -> id.'</b>'; |
| 206 |
require_once('includes/bbcode.php'); |
| 207 |
$strText = bbcodetohtml($_POST['changetext']); |
| 208 |
$db -> Execute("INSERT INTO `changelog` (`author`, `location`, `text`, `date`, `lang`) VALUES('".$strAuthor."', '".$_POST['location']."', '".$strText."', ".$strDate.", '".$player -> lang."')"); |
| 209 |
$smarty -> assign("Message", CHANGE_ADDED); |
| 210 |
} |
| 211 |
} |
| 212 |
|
| 213 |
/** |
| 214 |
* Display players logs |
| 215 |
*/ |
| 216 |
if (isset($_GET['view']) && $_GET['view'] == 'logs') |
| 217 |
{ |
| 218 |
if (!isset($_GET['limit'])) |
| 219 |
{ |
| 220 |
$_GET['limit'] = 0; |
| 221 |
} |
| 222 |
$objAmount = $db -> Execute("SELECT count(*) FROM `logs`"); |
| 223 |
$intAmount = $objAmount -> fields['count(*)']; |
| 224 |
$objAmount -> Close(); |
| 225 |
if (!$intAmount || $_GET['limit'] > $intAmount) |
| 226 |
{ |
| 227 |
error(NO_LOGS); |
| 228 |
} |
| 229 |
$objLogs = $db -> SelectLimit("SELECT `owner`, `log` FROM `logs`", 50, $_GET['limit']); |
| 230 |
$arrOwner = array(); |
| 231 |
$arrLog = array(); |
| 232 |
$i = 0; |
| 233 |
while (!$objLogs -> EOF) |
| 234 |
{ |
| 235 |
$arrOwner[$i] = $objLogs -> fields['owner']; |
| 236 |
$arrLog[$i] = $objLogs -> fields['log']; |
| 237 |
$i++; |
| 238 |
$objLogs -> MoveNext(); |
| 239 |
} |
| 240 |
$objLogs -> Close(); |
| 241 |
if ($_GET['limit'] >= 50) |
| 242 |
{ |
| 243 |
$intLimit = $_GET['limit'] - 50; |
| 244 |
$strPrevious = "<a href=\"admin.php?view=logs&limit=".$intLimit."\">".A_PREVIOUS."</a>"; |
| 245 |
} |
| 246 |
else |
| 247 |
{ |
| 248 |
$strPrevious = ''; |
| 249 |
} |
| 250 |
$intLimit = $_GET['limit'] + 50; |
| 251 |
if ($intLimit < $intAmount && $intAmount > 50) |
| 252 |
{ |
| 253 |
$strNext = "<a href=\"admin.php?view=logs&limit=".$intLimit."\">".A_NEXT."</a>"; |
| 254 |
} |
| 255 |
else |
| 256 |
{ |
| 257 |
$strNext = ''; |
| 258 |
} |
| 259 |
$smarty -> assign(array("Logsinfo" => LOGS_INFO, |
| 260 |
"Lowner" => L_OWNER, |
| 261 |
"Ltext" => L_TEXT, |
| 262 |
"Lclear" => L_CLEAR, |
| 263 |
"Aowner" => $arrOwner, |
| 264 |
"Alog" => $arrLog, |
| 265 |
"Aprevious" => $strPrevious, |
| 266 |
"Anext" => $strNext)); |
| 267 |
/** |
| 268 |
* Clear logs |
| 269 |
*/ |
| 270 |
if (isset($_GET['step']) && $_GET['step'] == 'clear') |
| 271 |
{ |
| 272 |
$db -> Execute("TRUNCATE TABLE `logs`") or die($db -> ErrorMsg()); |
| 273 |
$smarty -> assign("Message", LOGS_CLEARED); |
| 274 |
} |
| 275 |
} |
| 276 |
|
| 277 |
/** |
| 278 |
* Edit meta informations |
| 279 |
*/ |
| 280 |
if (isset($_GET['view']) && $_GET['view'] == 'meta') |
| 281 |
{ |
| 282 |
if ($player -> id != 1) |
| 283 |
{ |
| 284 |
error(ONLY_MAIN); |
| 285 |
} |
| 286 |
$smarty -> assign(array("Metainfo" => META_INFO, |
| 287 |
"Metakey" => META_KEY, |
| 288 |
"Metadesc" => META_DESC, |
| 289 |
"Aadd" => A_ADD)); |
| 290 |
/** |
| 291 |
* Change meta info |
| 292 |
*/ |
| 293 |
if (isset($_GET['step']) && $_GET['step'] == 'modify') |
| 294 |
{ |
| 295 |
$db -> Execute("UPDATE `settings` SET `value`='".$_POST['metakey']."' WHERE `setting`='metakeywords'"); |
| 296 |
$db -> Execute("UPDATE `settings` SET `value`='".$_POST['metadesc']."' WHERE `setting`='metadescr'"); |
| 297 |
$smarty -> assign("Message", META_UPGRADE); |
| 298 |
} |
| 299 |
} |
| 300 |
|
| 301 |
/** |
| 302 |
* Add/Modify forum categories |
| 303 |
*/ |
| 304 |
if (isset($_GET['view']) && $_GET['view'] == 'forums') |
| 305 |
{ |
| 306 |
$path = 'languages/'; |
| 307 |
$dir = opendir($path); |
| 308 |
$arrLanguage = array(); |
| 309 |
$i = 0; |
| 310 |
while ($file = readdir($dir)) |
| 311 |
{ |
| 312 |
if (!ereg(".htm*$", $file)) |
| 313 |
{ |
| 314 |
if (!ereg("\.$", $file)) |
| 315 |
{ |
| 316 |
$arrLanguage[$i] = $file; |
| 317 |
$i = $i + 1; |
| 318 |
} |
| 319 |
} |
| 320 |
} |
| 321 |
closedir($dir); |
| 322 |
$objCatforum = $db -> Execute("SELECT id, name FROM categories"); |
| 323 |
$i = 0; |
| 324 |
$arrId = array(); |
| 325 |
$arrName = array(); |
| 326 |
while (!$objCatforum -> EOF) |
| 327 |
{ |
| 328 |
$arrId[$i] = $objCatforum -> fields['id']; |
| 329 |
$arrName[$i] = $objCatforum -> fields['name']; |
| 330 |
$objCatforum -> MoveNext(); |
| 331 |
$i++; |
| 332 |
} |
| 333 |
$objCatforum -> Close(); |
| 334 |
$arrOptionw = array('All;', 'Staff;', 'Sędzia;', 'Kanclerz_Sądu;', 'Marszałek Rady;', 'Poseł;', 'Prawnik;', 'Ławnik;', 'Prokurator;'); |
| 335 |
$arrOptionv = array('1All;', '1Staff;', '1Sędzia;', '1Kanclerz_Sądu;', '1Marszałek Rady;', '1Poseł;', '1Prawnik;', '1Ławnik;', '1Prokurator;'); |
| 336 |
$arrOptionname = array(T_ALL, T_STAFF, T_JUDGE, T_JUDGE2, T_COUNT, T_COUNT2, T_LAWYER, T_JUDGE3, T_PROCURATOR); |
| 337 |
$arrLangsel = array('', ''); |
| 338 |
$arrOptionwsel = array('', '', '', '', '', '', '', '', ''); |
| 339 |
$arrOptionvsel = array('', '', '', '', '', '', '', '', ''); |
| 340 |
$smarty -> assign(array("Catlist" => CAT_LIST, |
| 341 |
"Aadd" => A_ADD, |
| 342 |
"Tname" => T_NAME, |
| 343 |
"Tdesc" => T_DESC, |
| 344 |
"Tlang" => T_LANG, |
| 345 |
"Twrite" => T_WRITE, |
| 346 |
"Tvisit" => T_VISIT, |
| 347 |
"Tcatdesc" => '', |
| 348 |
"Tcatname" => '', |
| 349 |
"Catid2" => $i + 2, |
| 350 |
"Catid" => $arrId, |
| 351 |
"Catname" => $arrName, |
| 352 |
"Catlang" => $arrLanguage, |
| 353 |
"Toptionw" => $arrOptionw, |
| 354 |
"Toptionv" => $arrOptionv, |
| 355 |
"Toptionname" => $arrOptionname, |
| 356 |
"Tlangsel" => $arrLangsel, |
| 357 |
"Toptionwsel" => $arrOptionwsel, |
| 358 |
"Toptionvsel" => $arrOptionvsel)); |
| 359 |
/** |
| 360 |
* When category is selected |
| 361 |
*/ |
| 362 |
if (isset($_GET['id']) && !isset($_GET['step'])) |
| 363 |
{ |
| 364 |
$objCategory = $db -> Execute("SELECT * FROM categories WHERE id=".$_GET['id']); |
| 365 |
$i = 0; |
| 366 |
foreach ($arrLanguage as $strLanguage) |
| 367 |
{ |
| 368 |
if ($strLanguage == $objCategory -> fields['lang']) |
| 369 |
{ |
| 370 |
$arrLangsel[$i] = 'selected'; |
| 371 |
break; |
| 372 |
} |
| 373 |
$i++; |
| 374 |
} |
| 375 |
$i = 0; |
| 376 |
foreach ($arrOptionw as $strOptionw) |
| 377 |
{ |
| 378 |
$strOptionw = str_replace("_", " ", $strOptionw); |
| 379 |
$intFind = strpos($objCategory -> fields['perm_write'], $strOptionw); |
| 380 |
if ($intFind !== false) |
| 381 |
{ |
| 382 |
$arrOptionwsel[$i] = 'checked'; |
| 383 |
} |
| 384 |
$i++; |
| 385 |
} |
| 386 |
$i = 0; |
| 387 |
foreach ($arrOptionw as $strOptionv) |
| 388 |
{ |
| 389 |
$strOptionv = str_replace("_", " ", $strOptionv); |
| 390 |
$intFind = strpos($objCategory -> fields['perm_visit'], $strOptionv); |
| 391 |
if ($intFind !== false) |
| 392 |
{ |
| 393 |
$arrOptionvsel[$i] = 'checked'; |
| 394 |
} |
| 395 |
$i++; |
| 396 |
} |
| 397 |
$smarty -> assign(array("Catid2" => $_GET['id'], |
| 398 |
"Tcatdesc" => $objCategory -> fields['desc'], |
| 399 |
"Tcatname" => $objCategory -> fields['name'], |
| 400 |
"Tlangsel" => $arrLangsel, |
| 401 |
"Toptionwsel" => $arrOptionwsel, |
| 402 |
"Toptionvsel" => $arrOptionvsel)); |
| 403 |
$objCategory -> Close(); |
| 404 |
} |
| 405 |
/** |
| 406 |
* Edit/add category |
| 407 |
*/ |
| 408 |
if (isset($_GET['step']) && $_GET['step'] == 'add') |
| 409 |
{ |
| 410 |
$strPermwrite = ''; |
| 411 |
foreach ($arrOptionw as $strOptionw) |
| 412 |
{ |
| 413 |
if (isset($_POST[$strOptionw])) |
| 414 |
{ |
| 415 |
$strOptionw = str_replace("_", " ", $strOptionw); |
| 416 |
$strPermwrite = $strPermwrite.$strOptionw; |
| 417 |
} |
| 418 |
} |
| 419 |
$strPermvisit = ''; |
| 420 |
$i = 0; |
| 421 |
foreach ($arrOptionv as $strOptionv) |
| 422 |
{ |
| 423 |
if (isset($_POST[$strOptionv])) |
| 424 |
{ |
| 425 |
$strOption = str_replace("_", " ", $arrOptionw[$i]); |
| 426 |
$strPermvisit = $strPermvisit.$strOption; |
| 427 |
} |
| 428 |
$i++; |
| 429 |
} |
| 430 |
$objTest = $db -> Execute("SELECT id FROM categories WHERE id=".$_GET['id']); |
| 431 |
if ($objTest -> fields['id']) |
| 432 |
{ |
| 433 |
$db -> Execute("UPDATE categories SET `name`='".$_POST['catname']."', `desc`='".$_POST['catdesc']."', `lang`='".$_POST['catlang']."', `perm_write`='".$strPermwrite."', `perm_visit`='".$strPermvisit."' WHERE id=".$_GET['id']) or die($db -> ErrorMsg()); |
| 434 |
$smarty -> assign("Message", CATEGORY_MODIFIED); |
| 435 |
} |
| 436 |
else |
| 437 |
{ |
| 438 |
$db -> Execute("INSERT INTO categories (`name`, `desc`, `lang`, `perm_write`, `perm_visit`) VALUES('".$_POST['catname']."', '".$_POST['catdesc']."', '".$_POST['catlang']."', '".$strPermwrite."', '".$strPermvisit."')") or die($db -> ErrorMsg()); |
| 439 |
$smarty -> assign("Message", CATEGORY_ADDED); |
| 440 |
} |
| 441 |
$objTest -> Close(); |
| 442 |
} |
| 443 |
} |
| 444 |
|
| 445 |
/** |
| 446 |
* Add new plans in mill |
| 447 |
*/ |
| 448 |
if (isset ($_GET['view']) && $_GET['view'] == 'mill') |
| 449 |
{ |
| 450 |
$smarty -> assign(array("Sname" => S_NAME, |
| 451 |
"Scost" => S_COST, |
| 452 |
"Samount" => S_AMOUNT, |
| 453 |
"Slevel" => S_LEVEL, |
| 454 |
"Stype" => S_TYPE, |
| 455 |
"Sbow" => S_BOW, |
| 456 |
"Sarrow" => S_ARROWS, |
| 457 |
"Aadd" => A_ADD)); |
| 458 |
if (isset ($_GET['step']) && $_GET['step'] == 'mill') |
| 459 |
{ |
| 460 |
if (!$_POST['nazwa'] || !$_POST['cena'] || !$_POST['poziom']) |
| 461 |
{ |
| 462 |
error (EMPTY_FIELDS); |
| 463 |
} |
| 464 |
if ($_POST['type'] == 'B') |
| 465 |
{ |
| 466 |
$strTwohand = 'Y'; |
| 467 |
} |
| 468 |
else |
| 469 |
{ |
| 470 |
$strTwohand = 'N'; |
| 471 |
} |
| 472 |
$strName = $db -> qstr($_POST['nazwa'], get_magic_quotes_gpc()); |
| 473 |
$db -> Execute("INSERT INTO mill (name, cost, level, amount, type, twohand) VALUES(".$strName.", ".$_POST['cena'].", ".$_POST['poziom'].", ".$_POST['amount'].", '".$_POST['type']."', '".$strTwohand."')"); |
| 474 |
} |
| 475 |
} |
| 476 |
|
| 477 |
/** |
| 478 |
* Add player to list of donators |
| 479 |
*/ |
| 480 |
if (isset($_GET['view']) && $_GET['view'] == 'donator') |
| 481 |
{ |
| 482 |
if (!isset($_GET['step'])) |
| 483 |
{ |
| 484 |
$smarty -> assign(array("Donatorinfo" => DONATOR_INFO, |
| 485 |
"Pname" => P_NAME, |
| 486 |
"Aadd" => A_ADD)); |
| 487 |
} |
| 488 |
if (isset($_GET['step']) && $_GET['step'] == 'add') |
| 489 |
{ |
| 490 |
if (empty($_POST['plname'])) |
| 491 |
{ |
| 492 |
error(ERROR); |
| 493 |
} |
| 494 |
$strName = $db -> qstr($_POST['plname'], get_magic_quotes_gpc()); |
| 495 |
$db -> Execute("INSERT INTO donators (name) VALUES('".$_POST['plname']."')"); |
| 496 |
$smarty -> assign("Message", YOU_ADD.$_POST['plname'].TO_DONATORS); |
| 497 |
} |
| 498 |
} |
| 499 |
|
| 500 |
/** |
| 501 |
* Edit monsters |
| 502 |
*/ |
| 503 |
if (isset($_GET['view']) && $_GET['view'] == 'monster2') |
| 504 |
{ |
| 505 |
if (!isset($_GET['step'])) |
| 506 |
{ |
| 507 |
$objMonsters = $db -> Execute("SELECT id, name FROM monsters"); |
| 508 |
$arrMonsters = array(); |
| 509 |
$arrMid = array(); |
| 510 |
$i = 0; |
| 511 |
while (!$objMonsters -> EOF) |
| 512 |
{ |
| 513 |
$arrMonsters[$i] = $objMonsters -> fields['name']; |
| 514 |
$arrMid[$i] = $objMonsters -> fields['id']; |
| 515 |
$i++ ; |
| 516 |
$objMonsters -> MoveNext(); |
| 517 |
} |
| 518 |
$objMonsters -> Close(); |
| 519 |
$smarty -> assign(array("Mname" => M_NAME, |
| 520 |
"Names" => $arrMonsters, |
| 521 |
"Mid" => $arrMid, |
| 522 |
"Anext" => A_NEXT)); |
| 523 |
} |
| 524 |
if (isset($_GET['step']) && $_GET['step'] == 'next') |
| 525 |
{ |
| 526 |
if (!ereg("^[1-9][0-9]*$", $_POST['mid'])) |
| 527 |
{ |
| 528 |
error(ERROR); |
| 529 |
} |
| 530 |
$objMonster = $db -> Execute("SELECT * FROM monsters WHERE id=".$_POST['mid']); |
| 531 |
$smarty -> assign(array("Mname" => $objMonster -> fields['name'], |
| 532 |
"Mlvl" => $objMonster -> fields['level'], |
| 533 |
"Mhp" => $objMonster -> fields['hp'], |
| 534 |
"Magility" => $objMonster -> fields['agility'], |
| 535 |
"Mstrength" => $objMonster -> fields['strength'], |
| 536 |
"Mspeed" => $objMonster -> fields['speed'], |
| 537 |
"Mendurance" => $objMonster -> fields['endurance'], |
| 538 |
"Mcredits1" => $objMonster -> fields['credits1'], |
| 539 |
"Mcredits2" => $objMonster -> fields['credits2'], |
| 540 |
"Mexp1" => $objMonster -> fields['exp1'], |
| 541 |
"Mexp2" => $objMonster -> fields['exp2'], |
| 542 |
"Mlocation" => $objMonster -> fields['location'], |
| 543 |
"Tmname" => M_NAME, |
| 544 |
"Tmlevel" => M_LEVEL, |
| 545 |
"Tmhp" => M_HP, |
| 546 |
"Tmagi" => M_AGI, |
| 547 |
"Tmpower" => M_POWER, |
| 548 |
"Tmspeed" => M_SPEED, |
| 549 |
"Tmcond" => M_COND, |
| 550 |
"Tmmingold" => M_MIN_GOLD, |
| 551 |
"Tmmaxgold" => M_MAX_GOLD, |
| 552 |
"Tmminexp" => M_MIN_EXP, |
| 553 |
"Tmmaxexp" => M_MAX_EXP, |
| 554 |
"Tmlocation" => M_LOCATION, |
| 555 |
"Aedit" => A_EDIT, |
| 556 |
"Mid" => $_POST['mid'])); |
| 557 |
$objMonster -> Close(); |
| 558 |
} |
| 559 |
if (isset($_GET['step']) && $_GET['step'] == 'monster') |
| 560 |
{ |
| 561 |
if (!$_POST['name'] || !$_POST['level'] || !$_POST['hp'] || !$_POST['agility'] || !$_POST['strength'] || !$_POST['credits1'] || !$_POST['credits2'] || !$_POST['exp1'] || !$_POST['exp2'] || !$_POST['speed'] || !$_POST['endurance']|| !$_POST['location']) |
| 562 |
{ |
| 563 |
error (EMPTY_FIELDS); |
| 564 |
} |
| 565 |
$strName = $db -> qstr($_POST['name'], get_magic_quotes_gpc()); |
| 566 |
$strLocation = $db -> qstr($_POST['location'], get_magic_quotes_gpc()); |
| 567 |
$db -> Execute("UPDATE monsters SET name=".$strName.", level=".$_POST['level'].", hp=".$_POST['hp'].", agility=".$_POST['agility'].", strength=".$_POST['strength'].", credits1=".$_POST['credits1'].", credits2=".$_POST['credits2'].", exp1=".$_POST['exp1'].", exp2=".$_POST['exp2'].", speed=".$_POST['speed'].", endurance=".$_POST['endurance'].", location=".$strLocation." WHERE id=".$_POST['mid']); |
| 568 |
$smarty -> assign("Message", YOU_EDIT.$_POST['name']); |
| 569 |
} |
| 570 |
} |
| 571 |
|
| 572 |
/** |
| 573 |
* Release player from jail |
| 574 |
*/ |
| 575 |
if (isset($_GET['view']) && $_GET['view'] == 'jailbreak') |
| 576 |
{ |
| 577 |
if (!isset($_GET['step'])) |
| 578 |
{ |
| 579 |
$smarty -> assign(array("Afree" => A_FREE, |
| 580 |
"Jailid" => JAIL_ID)); |
| 581 |
} |
| 582 |
if (isset($_GET['step']) && $_GET['step'] == 'next') |
| 583 |
{ |
| 584 |
if (!ereg("^[1-9][0-9]*$", $_POST['jid'])) |
| 585 |
{ |
| 586 |
error(ERROR); |
| 587 |
} |
| 588 |
$objPrisoner = $db -> Execute("SELECT prisoner FROM jail WHERE prisoner=".$_POST['jid']); |
| 589 |
if (!$objPrisoner -> fields['prisoner']) |
| 590 |
{ |
| 591 |
error(NO_PLAYER2); |
| 592 |
} |
| 593 |
$objPrisoner -> Close(); |
| 594 |
$db -> Execute("DELETE FROM jail WHERE prisoner=".$_POST['jid']); |
| 595 |
$db -> Execute("UPDATE players SET miejsce='Altara' WHERE id=".$_POST['jid']); |
| 596 |
$smarty -> assign("Message", T_MESSAGE.$_POST['jid']); |
| 597 |
} |
| 598 |
} |
| 599 |
|
| 600 |
|
| 601 |
/** |
| 602 |
* Add new poll |
| 603 |
*/ |
| 604 |
if (isset($_GET['view']) && $_GET['view'] == 'poll') |
| 605 |
{ |
| 606 |
if (!isset($_GET['step'])) |
| 607 |
{ |
| 608 |
$smarty -> assign(array("Tamount" => T_AMOUNT, |
| 609 |
"Anext" => A_NEXT, |
| 610 |
"Tdays" => T_DAYS)); |
| 611 |
} |
| 612 |
$smarty -> assign("Tquestion", T_QUESTION); |
| 613 |
/** |
| 614 |
* Add answers to poll |
| 615 |
*/ |
| 616 |
if (isset($_GET['step']) && $_GET['step'] == 'second') |
| 617 |
{ |
| 618 |
if (empty($_POST['question']) || empty($_POST['amount']) || empty($_POST['days'])) |
| 619 |
{ |
| 620 |
error(EMPTY_FIELDS); |
| 621 |
} |
| 622 |
if (!ereg("^[1-9][0-9]*$", $_POST['amount']) || !ereg("^[1-9][0-9]*$", $_POST['days'])) |
| 623 |
{ |
| 624 |
error(ERROR); |
| 625 |
} |
| 626 |
$arrAnswers = array(); |
| 627 |
for ($i = 0; $i < $_POST['amount']; $i++) |
| 628 |
{ |
| 629 |
$arrAnswers[$i] = "answer".$i; |
| 630 |
} |
| 631 |
$objPollid = $db -> Execute("SELECT id FROM polls ORDER BY id DESC"); |
| 632 |
if (!$objPollid -> fields['id']) |
| 633 |
{ |
| 634 |
$intId = 1; |
| 635 |
} |
| 636 |
else |
| 637 |
{ |
| 638 |
$intId = $objPollid -> fields['id'] + 1; |
| 639 |
} |
| 640 |
/** |
| 641 |
* Update amount of players |
| 642 |
*/ |
| 643 |
$objQuery = $db -> Execute("SELECT id FROM players"); |
| 644 |
$intMembers = $objQuery -> RecordCount(); |
| 645 |
$objQuery -> Close(); |
| 646 |
$db -> Execute("UPDATE polls SET members=".$intMembers." WHERE id=".$objPollid -> fields['id']." AND votes=-1"); |
| 647 |
$objPollid -> Close(); |
| 648 |
$strQuestion = $db -> qstr($_POST['question'], get_magic_quotes_gpc()); |
| 649 |
$db -> Execute("INSERT INTO polls (id, poll, votes, days) VALUES(".$intId.", ".$strQuestion.", -1, ".$_POST['days'].")") or $db -> ErrorMsg(); |
| 650 |
$smarty -> assign(array("Answers" => $arrAnswers, |
| 651 |
"Question" => $_POST['question'], |
| 652 |
"Amount" => $_POST['amount'], |
| 653 |
"Aadd" => A_ADD, |
| 654 |
"Tanswer" => T_ANSWER, |
| 655 |
"Llang" => $_POST['lang'], |
| 656 |
"Pollid" => $intId, |
| 657 |
"Adays" => $_POST['days'])); |
| 658 |
} |
| 659 |
/** |
| 660 |
* Add poll |
| 661 |
*/ |
| 662 |
if (isset($_GET['step']) && $_GET['step'] == 'add') |
| 663 |
{ |
| 664 |
for($i = 0; $i < $_POST['amount']; $i++) |
| 665 |
{ |
| 666 |
$strName = "answer".$i; |
| 667 |
if (empty($_POST[$strName])) |
| 668 |
{ |
| 669 |
error(EMPTY_FIELDS); |
| 670 |
} |
| 671 |
$strAnswer = $db -> qstr($_POST[$strName], get_magic_quotes_gpc()); |
| 672 |
$db -> Execute("INSERT INTO polls (id, poll) VALUES(".$_POST['pid'].", ".$strAnswer.")"); |
| 673 |
} |
| 674 |
/** |
| 675 |
* Add log about new poll |
| 676 |
*/ |
| 677 |
$playersList = $db -> Execute("SELECT id FROM players"); |
| 678 |
while (!$playersList -> EOF) |
| 679 |
{ |
| 680 |
$db -> Execute('INSERT INTO `log` (`owner`, `log`, `czas`) VALUES('.$playersList -> fields['id'].',\''.NEW_POLL_MESSANGE.'\','.$db -> DBDate($newdate).')'); |
| 681 |
$playersList -> MoveNext(); |
| 682 |
} |
| 683 |
$playersList -> Close(); |
| 684 |
|
| 685 |
$db -> Execute("UPDATE players SET poll='N'"); |
| 686 |
$db -> Execute("UPDATE settings SET value='Y' WHERE setting='poll'"); |
| 687 |
$smarty -> assign("Message", POLL_ADDED); |
| 688 |
} |
| 689 |
} |
| 690 |
|
| 691 |
/** |
| 692 |
* Add new word to censorship |
| 693 |
*/ |
| 694 |
if (isset($_GET['view']) && $_GET['view'] == 'censorship') |
| 695 |
{ |
| 696 |
/** |
| 697 |
* Bad words list |
| 698 |
*/ |
| 699 |
$objWords = $db -> Execute("SELECT * FROM bad_words"); |
| 700 |
$arrWords = array(); |
| 701 |
$i = 0; |
| 702 |
while (!$objWords -> EOF) |
| 703 |
{ |
| 704 |
$arrWords[$i] = $objWords -> fields['bword']; |
| 705 |
$i = $i + 1; |
| 706 |
$objWords -> MoveNext(); |
| 707 |
} |
| 708 |
$objWords -> Close(); |
| 709 |
$smarty -> assign(array("Amake" => A_MAKE, |
| 710 |
"Words" => $arrWords, |
| 711 |
"Aadd" => A_ADD, |
| 712 |
"Adelete" => A_DELETE, |
| 713 |
"Tword" => T_WORD, |
| 714 |
"Wordslist" => WORDS_LIST)); |
| 715 |
if (isset($_GET['step']) && $_GET['step'] == 'modify') |
| 716 |
{ |
| 717 |
$strWord = $db -> qstr($_POST['bword'], get_magic_quotes_gpc()); |
| 718 |
/** |
| 719 |
* Add word |
| 720 |
*/ |
| 721 |
if ($_POST['action'] == 'add') |
| 722 |
{ |
| 723 |
$db -> Execute("INSERT INTO bad_words (bword) VALUES(".$strWord.")"); |
| 724 |
$smarty -> assign("Message", YOU_ADD." <b>".$_POST['bword']."</b>. (<a href=\"admin.php?view=censorship\">".REFRESH."</a>)"); |
| 725 |
} |
| 726 |
/** |
| 727 |
* Delete word |
| 728 |
*/ |
| 729 |
if ($_POST['action'] == 'delete') |
| 730 |
{ |
| 731 |
$db -> Execute("DELETE FROM bad_words WHERE bword=".$strWord); |
| 732 |
$smarty -> assign("Message", YOU_DELETE." <b>".$_POST['bword']."</b>. (<a href=\"admin.php?view=censorship\">".REFRESH."</a>)"); |
| 733 |
} |
| 734 |
} |
| 735 |
} |
| 736 |
|
| 737 |
/** |
| 738 |
* Close registration new players |
| 739 |
*/ |
| 740 |
if (isset($_GET['view']) && $_GET['view'] == 'register') |
| 741 |
{ |
| 742 |
$smarty -> assign(array("Gopen" => G_OPEN, |
| 743 |
"Gclose" => G_CLOSE, |
| 744 |
"Ifclose" => IF_CLOSE, |
| 745 |
"Amake" => A_MAKE)); |
| 746 |
if (isset ($_GET['step']) && $_GET['step'] == 'close') |
| 747 |
{ |
| 748 |
if ($_POST['close'] == 'close') |
| 749 |
{ |
| 750 |
$db -> Execute("UPDATE settings SET value='N' WHERE setting='register'"); |
| 751 |
$strReason = $db -> qstr($_POST['reason'], get_magic_quotes_gpc()); |
| 752 |
$db -> Execute("UPDATE settings SET value=".$strReason." WHERE setting='close_register'"); |
| 753 |
error (YOU_CLOSE); |
| 754 |
} |
| 755 |
if ($_POST['close'] == 'open') |
| 756 |
{ |
| 757 |
$db -> Execute("UPDATE settings SET value='Y' WHERE setting='register'"); |
| 758 |
$db -> Execute("UPDATE settings SET value='' WHERE setting='close_register'"); |
| 759 |
error (YOU_OPEN); |
| 760 |
} |
| 761 |
} |
| 762 |
} |
| 763 |
|
| 764 |
/** |
| 765 |
* Ban and unban players by IP, emali, nick or ID |
| 766 |
*/ |
| 767 |
if (isset($_GET['view']) && $_GET['view'] == 'ban') |
| 768 |
{ |
| 769 |
$smarty -> assign(array("Banlist" => BAN_LIST, |
| 770 |
"Baninfo" => BAN_INFO, |
| 771 |
"Banvalue" => BAN_VALUE, |
| 772 |
"Banip" => BAN_IP, |
| 773 |
"Banemail" => BAN_EMAIL, |
| 774 |
"Bannick" => BAN_NICK, |
| 775 |
"Banid" => BAN_ID, |
| 776 |
"Abanpl" => A_BAN_PL, |
| 777 |
"Aunban" => A_UNBAN, |
| 778 |
"Anext" => A_NEXT, |
| 779 |
"Bantype" => BAN_TYPE, |
| 780 |
"Banval" => BAN_VAL, |
| 781 |
"Banned" => BANNED)); |
| 782 |
/** |
| 783 |
* Banlist |
| 784 |
*/ |
| 785 |
$arrtype = array(); |
| 786 |
$arramount = array(); |
| 787 |
$i = 0; |
| 788 |
$ban = $db -> Execute("SELECT type, amount FROM ban"); |
| 789 |
while (!$ban -> EOF) |
| 790 |
{ |
| 791 |
$arrtype[$i] = $ban -> fields['type']; |
| 792 |
$arramount[$i] = $ban -> fields['amount']; |
| 793 |
$i = $i + 1; |
| 794 |
$ban -> MoveNext(); |
| 795 |
} |
| 796 |
$ban -> Close(); |
| 797 |
$smarty -> assign(array("Type" => $arrtype, |
| 798 |
"Amount" => $arramount)); |
| 799 |
if (isset($_GET['step']) && $_GET['step'] == 'modify') |
| 800 |
{ |
| 801 |
$strAmount = $db -> qstr($_POST['amount'], get_magic_quotes_gpc()); |
| 802 |
/** |
| 803 |
* Ban player |
| 804 |
*/ |
| 805 |
if ($_POST['action'] == 'ban') |
| 806 |
{ |
| 807 |
$db -> Execute("INSERT INTO ban (type, amount) VALUES('".$_POST['type']."', ".$strAmount.")"); |
| 808 |
$smarty -> assign("Message", YOU_BAN." <b>".$_POST['type']."</b> ".$_POST['amount'].". (<a href=\"admin.php?view=ban\">".REFRESH."</a>)"); |
| 809 |
} |
| 810 |
/** |
| 811 |
* Unban player |
| 812 |
*/ |
| 813 |
if ($_POST['action'] == 'unban') |
| 814 |
{ |
| 815 |
$db -> Execute("DELETE FROM ban WHERE type='".$_POST['type']."' AND amount=".$strAmount); |
| 816 |
$smarty -> assign("Message", YOU_UNBAN." <b>".$_POST['type']."</b> ".$_POST['amount'].". (<a href=\"admin.php?view=ban\">".REFRESH."</a>)"); |
| 817 |
} |
| 818 |
} |
| 819 |
} |
| 820 |
|
| 821 |
/** |
| 822 |
* Delete players which not login long than 21 days |
| 823 |
*/ |
| 824 |
if (isset($_GET['view']) && $_GET['view'] == 'delplayers') |
| 825 |
{ |
| 826 |
if ($player -> id != 1) { |
| 827 |
error(ONLY_MAIN); |
| 828 |
} |
| 829 |
$curenttime = time(); |
| 830 |
$lpv = $curenttime - 1900800; |
| 831 |
$oldFetchMode = $db -> SetFetchMode(ADODB_FETCH_NUM); |
| 832 |
$arrDelete = $db -> GetAll('SELECT `id`, `avatar` FROM `players` WHERE `age`>21 AND `lpv`<'.$lpv); |
| 833 |
$number = count($arrDelete); |
| 834 |
for ($i = 0; $i < $number; $i++) |
| 835 |
{ |
| 836 |
$db -> Execute("DELETE FROM `players` WHERE `id`=".$arrDelete[$i][0]); |
| 837 |
$db -> Execute("DELETE FROM `core` WHERE `owner`=".$arrDelete[$i][0]); |
| 838 |
$db -> Execute("DELETE FROM `core_market` WHERE `seller`=".$arrDelete[$i][0]); |
| 839 |
$db -> Execute("DELETE FROM `equipment` WHERE `owner`=".$arrDelete[$i][0]); |
| 840 |
$db -> Execute("DELETE FROM `smith` WHERE `owner`=".$arrDelete[$i][0]); |
| 841 |
$db -> Execute("DELETE FROM `log` WHERE `owner`=".$arrDelete[$i][0]); |
| 842 |
$db -> Execute("DELETE FROM `mail` WHERE `owner`=".$arrDelete[$i][0]); |
| 843 |
$arrOutId = $db -> GetRow("SELECT `id` FROM `outposts` WHERE `owner`=".$arrDelete[$i][0]); |
| 844 |
if (!empty($arrOutId)) |
| 845 |
{ |
| 846 |
$db -> Execute("DELETE FROM `outpost_mosters` WHERE `outpost`=".$arrOutId[0]); |
| 847 |
$db -> Execute("DELETE FROM `outpost_veterans` WHERE `outpost`=".$arrOutId[0]); |
| 848 |
} |
| 849 |
$db -> Execute("DELETE FROM `outposts` WHERE `owner`=".$arrDelete[$i][0]); |
| 850 |
$db -> Execute("DELETE FROM `pmarket` WHERE `seller`=".$arrDelete[$i][0]); |
| 851 |
$db -> Execute("DELETE FROM `hmarket` WHERE `seller`=".$arrDelete[$i][0]); |
| 852 |
$db -> Execute("DELETE FROM `potions` WHERE `owner`=".$arrDelete[$i][0]); |
| 853 |
$db -> Execute("DELETE FROM `herbs` WHERE `gracz`=".$arrDelete[$i][0]); |
| 854 |
$db -> Execute("DELETE FROM `minerals` WHERE `owner`=".$arrDelete[$i][0]); |
| 855 |
$db -> Execute("DELETE FROM `alchemy_mill` WHERE `owner`=".$arrDelete[$i][0]); |
| 856 |
$db -> Execute("DELETE FROM `czary` WHERE `gracz`=".$arrDelete[$i][0]); |
| 857 |
$db -> Execute("DELETE FROM `smith_work` WHERE `owner`=".$arrDelete[$i][0]); |
| 858 |
$db -> Execute("DELETE FROM `notatnik` WHERE `gracz`=".$arrDelete[$i][0]); |
| 859 |
$db -> Execute("DELETE FROM `tribe_oczek` WHERE `gracz`=".$arrDelete[$i][0]); |
| 860 |
$arrHouse = $db -> GetRow('SELECT `locator` FROM `houses` WHERE `owner`='.$arrDelete[$i][0]); |
| 861 |
if (!empty($arrHouse)) |
| 862 |
{ |
| 863 |
$db -> Execute('UPDATE `houses` SET `owner`='.$arrHouse[0].', `locator`=0 WHERE `owner`='.$arrDelete[$i][0]) or $db -> ErrorMsg(); |
| 864 |
} |
| 865 |
else |
| 866 |
{ |
| 867 |
$db -> Execute("DELETE FROM `houses` WHERE `owner`=".$arrDelete[$i][0]); |
| 868 |
} |
| 869 |
$db -> Execute("DELETE FROM `farms` WHERE `owner`=".$arrDelete[$i][0]); |
| 870 |
$db -> Execute("DELETE FROM `farm` WHERE `owner`=".$arrDelete[$i][0]); |
| 871 |
$db -> Execute("DELETE FROM `jail` WHERE `prisoner`=".$arrDelete[$i][0]); |
| 872 |
$db -> Execute("DELETE FROM `mill_work` WHERE `owner`=".$arrDelete[$i][0]); |
| 873 |
$db -> Execute("DELETE FROM `mill` WHERE `owner`=".$arrDelete[$i][0]); |
| 874 |
$db -> Execute("DELETE FROM `questaction` WHERE `player`=".$arrDelete[$i][0]); |
| 875 |
$db -> Execute("DELETE FROM `amarket` WHERE `seller`=".$arrDelete[$i][0]); |
| 876 |
$db -> Execute("DELETE FROM `astral` WHERE `owner`=".$arrDelete[$i][0]." AND `location`='V'"); |
| 877 |
$db -> Execute("DELETE FROM `astral_bank` WHERE `owner`=".$arrDelete[$i][0]." AND `location`='V'"); |
| 878 |
$db -> Execute("DELETE FROM `astral_plans` WHERE `owner`=".$arrDelete[$i][0]." AND `location`='V'"); |
| 879 |
$db -> Execute("DELETE FROM `lost_pass` WHERE `id`=".$arrDelete[$i][0]); |
| 880 |
$db -> Execute("DELETE FROM `ban` WHERE `type`='ID' AND `amount`='".$arrDelete[$i][0]."'"); |
| 881 |
$db -> Execute("DELETE FROM `jeweller` WHERE `owner`=".$arrDelete[$i][0]); |
| 882 |
$db -> Execute("DELETE FROM `jeweller_work` WHERE `owner`=".$arrDelete[$i][0]); |
| 883 |
$db -> Execute("DELETE FROM `ban_mail` WHERE `id`=".$arrDelete[$i][0]); |
| 884 |
$db -> Execute("DELETE FROM `links` WHERE `owner`=".$arrDelete[$i][0]); |
| 885 |
$strFile = 'avatars/'.$arrDelete[$i][1]; |
| 886 |
if (is_file($strFile)) |
| 887 |
{ |
| 888 |
unlink($strFile); |
| 889 |
} |
| 890 |
$arrLibrary = $db -> GetRow('SELECT `author_id` FROM `library` WHERE `author_id`='.$arrDelete[$i][0]); |
| 891 |
if (!empty($arrLibrary)) |
| 892 |
{ |
| 893 |
$arrOldId = $db -> GetRow('SELECT max(author_id) FROM `library`'); |
| 894 |
if ($arrOldId[0] < 1000000) |
| 895 |
{ |
| 896 |
$db -> Execute('UPDATE `library` SET `author_id`=1000000 WHERE `author_id`='.$arrDelete[$i][0]) or $db -> ErrorMsg(); |
| 897 |
} |
| 898 |
else |
| 899 |
{ |
| 900 |
$db -> Execute('UPDATE `library` SET `author_id`='.++$arrOldId[0].' WHERE `author_id`='.$arrDelete[$i][0]) or $db -> ErrorMsg(); |
| 901 |
} |
| 902 |
} |
| 903 |
} |
| 904 |
$arrDelete = $db -> GetAll('SELECT `id` FROM `players` WHERE `age`>3 AND `lpv`=0'); |
| 905 |
$number2 = count($arrDelete); |
| 906 |
for ($i = 0; $i < $number2; $i++) |
| 907 |
{ |
| 908 |
$db -> Execute('DELETE FROM `players` WHERE `id`='.$arrDelete[$i][0]); |
| 909 |
} |
| 910 |
$db -> SetFetchMode($oldFetchMode); |
| 911 |
$smarty -> assign ('Message', YOU_DELETE.' '.$number.' '.INACTIVE.', '.$number2.' '.NEVER_LOGGED.'.'); |
| 912 |
} |
| 913 |
|
| 914 |
/** |
| 915 |
* Send email to all players |
| 916 |
*/ |
| 917 |
if (isset ($_GET['view']) && $_GET['view'] == 'mail') |
| 918 |
{ |
| 919 |
$smarty -> assign(array("Mailinfo" => MAIL_INFO, |
| 920 |
"Asend" => A_SEND)); |
| 921 |
if (isset ($_GET['step']) && $_GET['step'] == 'send') |
| 922 |
{ |
| 923 |
$mail1 = $db -> Execute("SELECT email FROM players"); |
| 924 |
$adress = ''; |
| 925 |
$message = $_POST['message']; |
| 926 |
require_once('mailer/mailerconfig.php'); |
| 927 |
while (!$mail1 -> EOF) |
| 928 |
{ |
| 929 |
$mail -> AddAddress($mail1 -> fields['email']); |
| 930 |
require_once("languages/".$player -> lang."/admin1.php"); |
| 931 |
$subject = M_SUBJECT." ".$gamename; |
| 932 |
if (!$mail -> Send()) |
| 933 |
{ |
| 934 |
error(M_ERROR."<br /> ".$mail -> ErrorInfo); |
| 935 |
} |
| 936 |
$mail1 -> MoveNext(); |
| 937 |
$mail->ClearAddresses(); |
| 938 |
} |
| 939 |
$mail1 -> Close(); |
| 940 |
error (M_SEND); |
| 941 |
} |
| 942 |
} |
| 943 |
|
| 944 |
/** |
| 945 |
* Add question on bridge of death |
| 946 |
*/ |
| 947 |
if (isset ($_GET['view']) && $_GET['view'] == 'bridge') |
| 948 |
{ |
| 949 |
$smarty -> assign(array("Bquestion" => B_QUESTION, |
| 950 |
"Banswer" => B_ANSWER, |
| 951 |
"Aadd" => A_ADD)); |
| 952 |
if (isset ($_GET['step']) && $_GET['step'] == 'add') |
| 953 |
{ |
| 954 |
$strQuestion = $db -> qstr($_POST['question'], get_magic_quotes_gpc()); |
| 955 |
$strAnswer = $db -> qstr($_POST['answer'], get_magic_quotes_gpc()); |
| 956 |
$db -> Execute("INSERT INTO bridge (question, answer) VALUES(".$strQuestion.", ".$strAnswer.")") or error (E_DB); |
| 957 |
error (YOU_ADD_Q." <b>".$_POST['question']."</b> ".WITH_A." <b>".$_POST['answer']); |
| 958 |
} |
| 959 |
} |
| 960 |
|
| 961 |
/** |
| 962 |
* Delete player |
| 963 |
*/ |
| 964 |
if (isset ($_GET['view']) && $_GET['view'] == 'del') |
| 965 |
{ |
| 966 |
$smarty -> assign(array("Deleteid" => DELETE_ID, |
| 967 |
"Adeletepl" => A_DELETE_PL)); |
| 968 |
if (isset ($_GET['step']) && $_GET['step'] == 'del') |
| 969 |
{ |
| 970 |
if ($_POST['did'] != 1) |
| 971 |
{ |
| 972 |
$oldFetchMode = $db -> SetFetchMode(ADODB_FETCH_NUM); |
| 973 |
$arrAvatar = $db -> GetRow("SELECT `avatar` FROM `players` WHERE `id`=".$_POST['did']); |
| 974 |
if (!empty($arrAvatar)) |
| 975 |
{ |
| 976 |
$strFile = 'avatars/'.$arrAvatar[0]; |
| 977 |
if (is_file($strFile)) |
| 978 |
{ |
| 979 |
unlink($strFile); |
| 980 |
} |
| 981 |
} |
| 982 |
$db -> Execute("DELETE FROM `players` WHERE `id`=".$_POST['did']); |
| 983 |
$db -> Execute("DELETE FROM `core` WHERE `owner`=".$_POST['did']); |
| 984 |
$db -> Execute("DELETE FROM `core_market` WHERE `seller`=".$_POST['did']); |
| 985 |
$db -> Execute("DELETE FROM `equipment` WHERE `owner`=".$_POST['did']); |
| 986 |
$db -> Execute("DELETE FROM `smith` WHERE `owner`=".$_POST['did']); |
| 987 |
$db -> Execute("DELETE FROM `log` WHERE `owner`=".$_POST['did']); |
| 988 |
$db -> Execute("DELETE FROM `mail` WHERE `owner`=".$_POST['did']); |
| 989 |
$arrOutId = $db -> GetRow("SELECT `id` FROM `outposts` WHERE `owner`=".$_POST['did']); |
| 990 |
if (!empty($arrOutId)) |
| 991 |
{ |
| 992 |
$db -> Execute("DELETE FROM `outpost_mosters` WHERE `outpost`=".$arrOutId[0]); |
| 993 |
$db -> Execute("DELETE FROM `outpost_veterans` WHERE `outpost`=".$arrOutId[0]); |
| 994 |
} |
| 995 |
$db -> Execute("DELETE FROM `outposts` WHERE `owner`=".$_POST['did']); |
| 996 |
$db -> Execute("DELETE FROM `pmarket` WHERE `seller`=".$_POST['did']); |
| 997 |
$db -> Execute("DELETE FROM `hmarket` WHERE `seller`=".$_POST['did']); |
| 998 |
$db -> Execute("DELETE FROM `potions` WHERE `owner`=".$_POST['did']); |
| 999 |
$db -> Execute("DELETE FROM `herbs` WHERE `gracz`=".$_POST['did']); |
| 1000 |
$db -> Execute("DELETE FROM `minerals` WHERE `owner`=".$_POST['did']); |
| 1001 |
$db -> Execute("DELETE FROM `alchemy_mill` WHERE `owner`=".$_POST['did']); |
| 1002 |
$db -> Execute("DELETE FROM `czary` WHERE `gracz`=".$_POST['did']); |
| 1003 |
$db -> Execute("DELETE FROM `smith_work` WHERE `owner`=".$_POST['did']); |
| 1004 |
$db -> Execute("DELETE FROM `notatnik` WHERE `gracz`=".$_POST['did']); |
| 1005 |
$db -> Execute("DELETE FROM `tribe_oczek` WHERE `gracz`=".$_POST['did']); |
| 1006 |
$arrHouse = $db -> GetRow("SELECT `locator` FROM `houses` WHERE `owner`=".$_POST['did']); |
| 1007 |
if (!empty($arrHouse)) |
| 1008 |
{ |
| 1009 |
$db -> Execute("UPDATE `houses` SET `owner`=".$arrHouse[0].", `locator`=0 WHERE `owner`=".$_POST['did']) or $db -> ErrorMsg(); |
| 1010 |
} |
| 1011 |
else |
| 1012 |
{ |
| 1013 |
$db -> Execute("DELETE FROM `houses` WHERE `owner`=".$_POST['did']); |
| 1014 |
} |
| 1015 |
$db -> Execute("DELETE FROM `farms` WHERE `owner`=".$_POST['did']); |
| 1016 |
$db -> Execute("DELETE FROM `farm` WHERE `owner`=".$_POST['did']); |
| 1017 |
$db -> Execute("DELETE FROM `jail` WHERE `prisoner`=".$_POST['did']); |
| 1018 |
$db -> Execute("DELETE FROM `mill_work` WHERE `owner`=".$_POST['did']); |
| 1019 |
$db -> Execute("DELETE FROM `mill` WHERE `owner`=".$_POST['did']); |
| 1020 |
$db -> Execute("DELETE FROM `questaction` WHERE `player`=".$_POST['did']); |
| 1021 |
$db -> Execute("DELETE FROM `amarket` WHERE `seller`=".$_POST['did']); |
| 1022 |
$db -> Execute("DELETE FROM `astral` WHERE `owner`=".$_POST['did']." AND `location`='V'"); |
| 1023 |
$db -> Execute("DELETE FROM `astral_bank` WHERE `owner`=".$_POST['did']." AND `location`='V'"); |
| 1024 |
$db -> Execute("DELETE FROM `astral_plans` WHERE `owner`=".$_POST['did']." AND `location`='V'"); |
| 1025 |
$db -> Execute("DELETE FROM `lost_pass` WHERE `id`=".$_POST['did']); |
| 1026 |
$db -> Execute("DELETE FROM `ban` WHERE `type`='ID' AND `amount`='".$_POST['did']."'"); |
| 1027 |
$db -> Execute("DELETE FROM `jeweller` WHERE `owner`=".$_POST['did']); |
| 1028 |
$db -> Execute("DELETE FROM `jeweller_work` WHERE `owner`=".$_POST['did']); |
| 1029 |
$db -> Execute("DELETE FROM `ban_mail` WHERE `id`=".$_POST['did']); |
| 1030 |
$db -> Execute("DELETE FROM `links` WHERE `owner`=".$_POST['did']); |
| 1031 |
$arrLibrary = $db -> GetRow('SELECT `author_id` FROM `library` WHERE `author_id`='.$_POST['did']); |
| 1032 |
if (!empty($arrLibrary)) |
| 1033 |
{ |
| 1034 |
$arrOldId = $db -> GetRow('SELECT max(author_id) FROM `library`'); |
| 1035 |
if ($arrOldId[0] < 1000000) |
| 1036 |
{ |
| 1037 |
$db -> Execute('UPDATE `library` SET `author_id`=1000000 WHERE `author_id`='.$_POST['did']) or $db -> ErrorMsg(); |
| 1038 |
} |
| 1039 |
else |
| 1040 |
{ |
| 1041 |
$db -> Execute('UPDATE `library` SET `author_id`='.++$arrOldId[0].' WHERE `author_id`='.$_POST['did']) or $db -> ErrorMsg(); |
| 1042 |
} |
| 1043 |
} |
| 1044 |
$db -> SetFetchMode($oldFetchMode); |
| 1045 |
$smarty -> assign ("Message", YOU_DELETE2." ".$_POST['did']); |
| 1046 |
} |
| 1047 |
else |
| 1048 |
{ |
| 1049 |
$smarty -> assign ("Message", YOU_NOT_D); |
| 1050 |
} |
| 1051 |
} |
| 1052 |
} |
| 1053 |
|
| 1054 |
/** |
| 1055 |
* Change player rank |
| 1056 |
*/ |
| 1057 |
if (isset ($_GET['view']) && $_GET['view'] == 'add') |
| 1058 |
{ |
| 1059 |
$smarty -> assign(array("Addid" => ADD_ID, |
| 1060 |
"Newrank" => NEW_RANK, |
| 1061 |
"Rmember" => R_MEMBER, |
| 1062 |
"Rking" => R_KING, |
| 1063 |
"Rstaff" => R_STAFF, |
| 1064 |
"Rjudge" => R_JUDGE, |
| 1065 |
"Rjudge2" => R_JUDGE2, |
| 1066 |
"Rjudge3" => R_JUDGE3, |
| 1067 |
"Rlawyer" => R_LAWYER, |
| 1068 |
"Rbeggar" => R_BEGGAR, |
| 1069 |
"Rbarbarian" => R_BARBARIAN, |
| 1070 |
"Rscribe" => R_SCRIBE, |
| 1071 |
"Rknight" => R_KNIGHT, |
| 1072 |
"Rlady" => R_LADY, |
| 1073 |
"Rcount" => R_COUNT, |
| 1074 |
"Rcount2" => R_COUNT2, |
| 1075 |
"Rredactor" => R_REDACTOR, |
| 1076 |
"Rinnkeeper" => R_INNKEEPER, |
| 1077 |
"Rprocurator" => R_PROCURATOR, |
| 1078 |
"Aadd" => A_ADD)); |
| 1079 |
if (isset ($_GET['step']) && $_GET['step'] == 'add') |
| 1080 |
{ |
| 1081 |
if ($_POST['aid'] != 1) |
| 1082 |
{ |
| 1083 |
$strRank = $db -> qstr($_POST['rank'], get_magic_quotes_gpc()); |
| 1084 |
$db -> Execute("UPDATE `players` SET `rank`=".$strRank." WHERE `id`=".$_POST['aid']); |
| 1085 |
error (YOU_ADD_R." ".$_POST['aid']." ".NEW_RANK." ".$_POST['rank']."."); |
| 1086 |
} |
| 1087 |
} |
| 1088 |
} |
| 1089 |
|
| 1090 |
/** |
| 1091 |
* Prune forums |
| 1092 |
*/ |
| 1093 |
if (isset ($_GET['view']) && $_GET['view'] == 'clearf') |
| 1094 |
{ |
| 1095 |
if (!isset($_GET['step'])) |
| 1096 |
{ |
| 1097 |
$smarty -> assign(array("Fquestion" => F_QUESTION, |
| 1098 |
"Ayes" => YES)); |
| 1099 |
} |
| 1100 |
if (isset($_GET['step']) && $_GET['step'] == 'Y') |
| 1101 |
{ |
| 1102 |
$db -> Execute("DELETE FROM topics"); |
| 1103 |
$db -> Execute("DELETE FROM replies"); |
| 1104 |
error (FORUM_PRUNE); |
| 1105 |
} |
| 1106 |
} |
| 1107 |
|
| 1108 |
/** |
| 1109 |
* Add new items |
| 1110 |
*/ |
| 1111 |
if (isset ($_GET['view']) && $_GET['view'] == 'equipment') |
| 1112 |
{ |
| 1113 |
$smarty -> assign(array("Itemname" => ITEM_NAME, |
| 1114 |
"Hasa" => HAS_A, |
| 1115 |
"Iweapon" => I_WEAPON, |
| 1116 |
"Iarmor" => I_ARMOR, |
| 1117 |
"Ihelmet" => I_HELMET, |
| 1118 |
"Ilegs" => I_LEGS, |
| 1119 |
"Ibow" => I_BOW, |
| 1120 |
"Ishield" => I_SHIELD, |
| 1121 |
"Iarrows" => I_ARROWS, |
| 1122 |
"Istaff" => I_STAFF, |
| 1123 |
"Icape" => I_CAPE, |
| 1124 |
"Aadd" => A_ADD, |
| 1125 |
"Iwith" => I_WITH, |
| 1126 |
"Ipower" => I_POWER, |
| 1127 |
"Icost" => I_COST, |
| 1128 |
"Iminlev" => I_MIN_LEV, |
| 1129 |
"Iagi" => I_AGI, |
| 1130 |
"Ispeed" => I_SPEED, |
| 1131 |
"Irepair" => I_REPAIR, |
| 1132 |
"Idur" => I_DUR)); |
| 1133 |
if (isset ($_GET['step']) && $_GET['step'] == 'add') |
| 1134 |
{ |
| 1135 |
if (empty ($_POST['name']) || empty ($_POST['cost'])) |
| 1136 |
{ |
| 1137 |
error (EMPTY_FIELDS); |
| 1138 |
} |
| 1139 |
if (empty($_POST['zr'])) |
| 1140 |
{ |
| 1141 |
$_POST['zr'] = 0; |
| 1142 |
} |
| 1143 |
if (empty($_POST['szyb'])) |
| 1144 |
{ |
| 1145 |
$_POST['szyb'] = 0; |
| 1146 |
} |
| 1147 |
$strName = $db -> qstr($_POST['name'], get_magic_quotes_gpc()); |
| 1148 |
if ($_POST['type'] != 'B' && $_POST['type'] != 'R' && $_POST['type'] != 'T' && $_POST['type'] != 'C') |
| 1149 |
{ |
| 1150 |
$sql = "INSERT INTO equipment ( id , owner , name , power , status , type , cost , minlev, zr, szyb, wt, maxwt, repair ) VALUES ( '', '0', ".$strName.", '".$_POST['power']."', 'S', '".$_POST['type']."', '".$_POST['cost']."', '".$_POST['minlev']."', '".$_POST['zr']."', '".$_POST['szyb']."', '".$_POST['maxwt']."', '".$_POST['maxwt']."', ".$_POST['repair']." )"; |
| 1151 |
} |
| 1152 |
if ($_POST['type'] == 'B' || $_POST['type'] == 'R') |
| 1153 |
{ |
| 1154 |
$sql = "INSERT INTO bows (name, power, type, cost, minlev, zr, szyb, maxwt, repair) VALUES(".$strName.", '".$_POST['power']."', '".$_POST['type']."', '".$_POST['cost']."', '".$_POST['minlev']."', '".$_POST['zr']."', '".$_POST['szyb']."', '".$_POST['maxwt']."', ".$_POST['repair'].")"; |
| 1155 |
} |
| 1156 |
if ($_POST['type'] == 'T' || $_POST['type'] == 'C') |
| 1157 |
{ |
| 1158 |
$sql = "INSERT INTO mage_items (id, name, power, type, cost, minlev) VALUES('',".$strName.", '".$_POST['power']."', '".$_POST['type']."', '".$_POST['cost']."', '".$_POST['minlev']."')"; |
| 1159 |
} |
| 1160 |
$db -> Execute($sql) or die($db -> ErrorMsg()); |
| 1161 |
error (YOU_ADD_ITEM." ".$_POST['name']." ".HAS_A." ".$_POST['type']." ".POWER." ".$_POST['power']." ".COST." ".$_POST['cost']." ".MIN_LEVEL." ".$_POST['minlev']." ".ITEM_LEVEL." ".$_POST['zr']." % ".ITEM_SPEED." ".$_POST['zr']." % ".ITEM_DUR." ".$_POST['maxwt']." ."); |
| 1162 |
} |
| 1163 |
} |
| 1164 |
|
| 1165 |
/** |
| 1166 |
* Player donation |
| 1167 |
*/ |
| 1168 |
if (isset ($_GET['view']) && $_GET['view'] == 'donate') |
| 1169 |
{ |
| 1170 |
$resources = array ('credits', 'platinum', 'copperore', 'zincore', 'tinore', 'ironore', 'coal', |
| 1171 |
|
| 1172 |
'copper', 'bronze', 'brass', 'iron', 'steel', 'pine', 'hazel', 'yew', 'elm', 'crystal', 'adamantium', 'meteor'); |
| 1173 |
|
| 1174 |
$resources_names = array (CREDITS, strtolower (PLATINUM), COPPERORE, ZINCORE, TINORE, IRONORE, COAL, |
| 1175 |
COPPER, BRONZE, BRASS, IRON, STEEL, PINE, HAZEL, YEW, ELM, CRYSTAL, ADAMANTIUM, METEOR); |
| 1176 |
|
| 1177 |
$smarty -> assign(array("Donateid" => DONATE_ID, |
| 1178 |
"Donateamount" => AMOUNT, |
| 1179 |
"Adonate" => A_DONATE, |
| 1180 |
'Resources' => $resources, |
| 1181 |
'ResourcesNames' => $resources_names, |
| 1182 |
)); |
| 1183 |
|
| 1184 |
if (isset ($_GET['step']) && $_GET['step'] == 'donated') |
| 1185 |
{ |
| 1186 |
is_numeric ($_POST['amount']) or error (ERROR); |
| 1187 |
preg_match ('/^[a-z]*$/', $_POST['what']) or error (ERROR); |
| 1188 |
|
| 1189 |
if ($_POST['what'] == 'credits' or $_POST['what'] == 'platinum') { |
| 1190 |
$table = 'players'; |
| 1191 |
$id = 'id'; |
| 1192 |
} |
| 1193 |
else { |
| 1194 |
$table = 'minerals'; |
| 1195 |
$id = 'owner'; |
| 1196 |
} |
| 1197 |
|
| 1198 |
$_POST['id'] = (int)$_POST['id']; |
| 1199 |
$sql = 'SELECT '.$id.' FROM '.$table.' WHERE '.$id.'='.$_POST['id']; |
| 1200 |
$check = $db -> getOne($sql); |
| 1201 |
if(!empty($check)) |
| 1202 |
{ |
| 1203 |
$db -> Execute('UPDATE '.$table.' SET '.$_POST['what'].'='.$_POST['what'].'+'.$_POST['amount'].' WHERE '.$id.'='.$_POST['id']); |
| 1204 |
} |
| 1205 |
else |
| 1206 |
{ |
| 1207 |
$db -> Execute('INSERT INTO '.$table.'('.$id.', '.$_POST['what'].') VALUES('.$_POST['id'].', '.$_POST['amount'].')') or die($db -> ErrorMsg()); |
| 1208 |
} |
| 1209 |
error (YOU_SEND_M); |
| 1210 |
} |
| 1211 |
} |
| 1212 |
|
| 1213 |
/** |
| 1214 |
* Add new monsters |
| 1215 |
*/ |
| 1216 |
if (isset ($_GET['view']) && $_GET['view'] == 'monster') |
| 1217 |
{ |
| 1218 |
$smarty -> assign(array("Mname" => M_NAME, |
| 1219 |
"Mlevel" => M_LEVEL, |
| 1220 |
"Mhp" => M_HP, |
| 1221 |
"Magi" => M_AGI, |
| 1222 |
"Mpower" => M_POWER, |
| 1223 |
"Mspeed" => M_SPEED, |
| 1224 |
"Mcond" => M_COND, |
| 1225 |
"Mmingold" => M_MIN_GOLD, |
| 1226 |
"Mmaxgold" => M_MAX_GOLD, |
| 1227 |
"Mminexp" => M_MIN_EXP, |
| 1228 |
"Mmaxexp" => M_MAX_EXP, |
| 1229 |
"Aadd" => A_ADD, |
| 1230 |
"Mlocation" => M_LOCATION, |
| 1231 |
"Mcity1" => M_CITY1, |
| 1232 |
"Mcity2" => M_CITY2, |
| 1233 |
"Mcity3" => M_CITY3)); |
| 1234 |
if (isset ($_GET['step']) && $_GET['step'] == 'monster') |
| 1235 |
{ |
| 1236 |
if (!$_POST['nazwa'] || !$_POST['poziom'] || !$_POST['pz'] || !$_POST['zr'] || !$_POST['sila'] || !$_POST['minzl'] || !$_POST['maxzl'] || !$_POST['minpd'] || !$_POST['maxpd'] || !$_POST['speed'] || !$_POST['endurance']) |
| 1237 |
{ |
| 1238 |
error (EMPTY_FIELDS); |
| 1239 |
} |
| 1240 |
$strName = $db -> qstr($_POST['nazwa'], get_magic_quotes_gpc()); |
| 1241 |
$db -> Execute("INSERT INTO monsters (name, level, hp, agility, strength, credits1, credits2, exp1, exp2, speed, endurance, location) VALUES(".$strName.", ".$_POST['poziom'].", ".$_POST['pz'].", ".$_POST['zr'].", ".$_POST['sila'].", ".$_POST['minzl'].", ".$_POST['maxzl'].", ".$_POST['minpd'].", ".$_POST['maxpd'].", ".$_POST['speed'].", ".$_POST['endurance'].", '".$_POST['location']."')"); |
| 1242 |
} |
| 1243 |
} |
| 1244 |
|
| 1245 |
/** |
| 1246 |
* Add new plans in smith |
| 1247 |
*/ |
| 1248 |
if (isset ($_GET['view']) && $_GET['view'] == 'kowal') |
| 1249 |
{ |
| 1250 |
$smarty -> assign(array("Sname" => S_NAME, |
| 1251 |
"Scost" => S_COST, |
| 1252 |
"Samount" => S_AMOUNT, |
| 1253 |
"Stwohand" => S_TWOHAND, |
| 1254 |
"Ayes" => YES, |
| 1255 |
"Ano" => NO, |
| 1256 |
"Slevel" => S_LEVEL, |
| 1257 |
"Stype" => S_TYPE, |
| 1258 |
"Sweapon" => S_WEAPON, |
| 1259 |
"Sarmor" => S_ARMOR, |
| 1260 |
"Shelmet" => S_HELMET, |
| 1261 |
"Sshield" => S_SHIELD, |
| 1262 |
"Slegs" => S_LEGS, |
| 1263 |
"Stwohand" => S_TWOHAND, |
| 1264 |
"Aadd" => A_ADD)); |
| 1265 |
if (isset ($_GET['step']) && $_GET['step'] == 'kowal') |
| 1266 |
{ |
| 1267 |
if (!$_POST['nazwa'] || !$_POST['cena'] || !$_POST['poziom']) |
| 1268 |
{ |
| 1269 |
error (EMPTY_FIELDS); |
| 1270 |
} |
| 1271 |
$strName = $db -> qstr($_POST['nazwa'], get_magic_quotes_gpc()); |
| 1272 |
$db -> Execute("INSERT INTO smith (name, cost, level, amount, type, twohand) VALUES(".$strName.", ".$_POST['cena'].", ".$_POST['poziom'].", ".$_POST['amount'].", '".$_POST['type']."', '".$_POST['twohand']."')"); |
| 1273 |
} |
| 1274 |
} |
| 1275 |
|
| 1276 |
/** |
| 1277 |
* Send message to all players |
| 1278 |
*/ |
| 1279 |
if (isset ($_GET['view']) && $_GET['view'] == 'poczta') |
| 1280 |
{ |
| 1281 |
$smarty -> assign(array("Pmsubject" => PM_SUBJECT, |
| 1282 |
"Pmbody" => PM_BODY, |
| 1283 |
"Asend" => A_SEND)); |
| 1284 |
if (isset ($_GET['step']) && $_GET['step'] == 'send') |
| 1285 |
{ |
| 1286 |
if (empty ($_POST['body']) || empty($_POST['subject'])) |
| 1287 |
{ |
| 1288 |
error (EMPTY_FIELDS); |
| 1289 |
} |
| 1290 |
$_POST['subject'] = strip_tags($_POST['subject']); |
| 1291 |
$_POST['body'] = strip_tags($_POST['body']); |
| 1292 |
$strSubject = $db -> qstr($_POST['subject'], get_magic_quotes_gpc()); |
| 1293 |
$strBody = $db -> qstr($_POST['body'], get_magic_quotes_gpc()); |
| 1294 |
$strDate = $db -> DBDate($newdate); |
| 1295 |
$odbio = $db -> Execute("SELECT id FROM players"); |
| 1296 |
$gracze = 0; |
| 1297 |
while (!$odbio -> EOF) |
| 1298 |
{ |
| 1299 |
$db -> Execute("INSERT INTO mail (sender, senderid, owner, subject, body, date) VALUES('".$player -> user."','".$player -> id."',".$odbio -> fields['id'].", ".$strSubject.", ".$strBody.", ".$strDate.")") or error(E_DB); |
| 1300 |
$gracze = $gracze + 1; |
| 1301 |
$odbio -> MoveNext(); |
| 1302 |
} |
| 1303 |
$odbio -> Close(); |
| 1304 |
error (YOU_SEND_PM." ".$gracze." ".PLAYERS_A); |
| 1305 |
} |
| 1306 |
} |
| 1307 |
|
| 1308 |
/** |
| 1309 |
* Add new spells |
| 1310 |
*/ |
| 1311 |
if (isset ($_GET['view']) && $_GET['view'] == 'czary') |
| 1312 |
{ |
| 1313 |
$smarty -> assign(array("Spellname" => SPELL_NAME, |
| 1314 |
"Swith" => S_WITH, |
| 1315 |
"Sbattle" => S_BATTLE, |
| 1316 |
"Sdefense" => S_DEFENSE, |
| 1317 |
"Scost" => S_COST, |
| 1318 |
"Spower" => S_POWER, |
| 1319 |
"Sminlev" => S_MIN_LEV, |
| 1320 |
"Hasas" => HAS_A_S, |
| 1321 |
"Aadd" => A_ADD)); |
| 1322 |
if (isset ($_GET['step']) && $_GET['step'] == 'add') |
| 1323 |
{ |
| 1324 |
if (empty($_POST['name']) || empty($_POST['power']) || empty($_POST['cost']) || empty($_POST['minlev'])) |
| 1325 |
{ |
| 1326 |
error (EMPTY_FIELDS); |
| 1327 |
} |
| 1328 |
$strName = $db -> qstr($_POST['name'], get_magic_quotes_gpc()); |
| 1329 |
$db -> Execute("INSERT INTO czary (nazwa, cena, poziom, typ, obr) VALUES(".$strName.", ".$_POST['cost'].", ".$_POST['minlev'].", '".$_POST['type']."', ".$_POST['power'].")"); |
| 1330 |
error (YOU_ADD_SPELL." ".$_POST['name']." ".HAS_A_S." ".$_POST['type']." ".POWER_S." ".$_POST['power']." ".COST." ".$_POST['cost']." ".MIN_LEV_S." ".$_POST['minlev']); |
| 1331 |
} |
| 1332 |
} |
| 1333 |
|
| 1334 |
/** |
| 1335 |
* Close/open game |
| 1336 |
*/ |
| 1337 |
if (isset ($_GET['view']) && $_GET['view'] == 'close') |
| 1338 |
{ |
| 1339 |
$smarty -> assign(array("Gopen" => G_OPEN, |
| 1340 |
"Gclose" => G_CLOSE, |
| 1341 |
"Ifclose" => IF_CLOSE, |
| 1342 |
"Amake" => A_MAKE)); |
| 1343 |
if (isset ($_GET['step']) && $_GET['step'] == 'close') |
| 1344 |
{ |
| 1345 |
if ($_POST['close'] == 'close') |
| 1346 |
{ |
| 1347 |
$strReason = $db -> qstr($_POST['reason'], get_magic_quotes_gpc()); |
| 1348 |
$db -> Execute("UPDATE settings SET value='N' WHERE setting='open'"); |
| 1349 |
$db -> Execute("UPDATE settings SET value=".$strReason." WHERE setting='close_reason'"); |
| 1350 |
error (YOU_CLOSE); |
| 1351 |
} |
| 1352 |
if ($_POST['close'] == 'open') |
| 1353 |
{ |
| 1354 |
$db -> Execute("UPDATE settings SET value='Y' WHERE setting='open'"); |
| 1355 |
$db -> Execute("UPDATE settings SET value='' WHERE setting='close_reason'"); |
| 1356 |
error (YOU_OPEN); |
| 1357 |
} |
| 1358 |
} |
| 1359 |
} |
| 1360 |
|
| 1361 |
/** |
| 1362 |
* Initialization of variables |
| 1363 |
*/ |
| 1364 |
if (!isset($_GET['view'])) |
| 1365 |
{ |
| 1366 |
$_GET['view'] = ''; |
| 1367 |
$arrTitles = array(ACCEPT, BAN, MODERATOR, PLAYERS, GAME, ADMINISTRATION); |
| 1368 |
$arrOptions = array(array('addupdate.php', 'admin.php?view=addtext', 'addnews.php', 'admin.php?view=poll'), |
| 1369 |
array('logs', 'ban', 'del', 'delplayers'), |
| 1370 |
array('czat', 'banmail', 'clearf', 'forums', 'innarchive', 'clearc', 'censorship'), |
| 1371 |
array('addreps','donate', 'takeaway', 'jail', 'jailbreak', 'playerquest', 'changenick', 'add', 'donator', 'poczta', 'mail'), |
| 1372 |
array('equipment', 'monster', 'monster2', 'kowal', 'czary', 'mill'), |
| 1373 |
array('admin.php?view=censorship', 'bugtrack.php', 'admin.php?view=bugreport', 'admin.php?view=changelog', 'admin.php?view=register', 'admin.php?view=close')); |
| 1374 |
$arrDescriptions = array(array (A_ADDUPDATE, A_ADD_NEWS, A_ADDNEWS, A_POLL), |
| 1375 |
array(A_LOGS, A_BAN, A_DELETE, A_DEL_PLAYERS), |
| 1376 |
array(A_CHAT_BAN, A_BAN_MAIL, A_FORUM_P, A_FORUMS, A_INNARCHIVE, A_CHAT_P, A_CENSORSHIP), |
| 1377 |
array (A_REPUTATION,A_DONATION, A_TAKE, A_JAIL, A_JAILBREAK, A_PLAYERQUEST, A_CHANGE_NICK, A_RANK, A_DONATOR, A_PM, A_MAIL), |
| 1378 |
array(A_EQUIP, A_MONSTERS, A_MONSTER2, A_SMITH, A_SPELLS, A_MILL), |
| 1379 |
array(A_META, A_BUGTRACK, A_BUG_REPORT, A_CHANGELOG, A_REGISTER, A_CLOSE)); |
| 1380 |
$smarty -> assign(array('Awelcome' => A_WELCOME, |
| 1381 |
'Titles' => $arrTitles, |
| 1382 |
'Options' => $arrOptions, |
| 1383 |
'Descriptions' => $arrDescriptions)); |
| 1384 |
} |
| 1385 |
else |
| 1386 |
{ |
| 1387 |
$smarty -> assign('Aback', A_BACK); |
| 1388 |
} |
| 1389 |
|
| 1390 |
if (!isset($_GET['step'])) |
| 1391 |
{ |
| 1392 |
$_GET['step'] = ''; |
| 1393 |
} |
| 1394 |
|
| 1395 |
if (!isset($_GET['action'])) |
| 1396 |
{ |
| 1397 |
$_GET['action'] = ''; |
| 1398 |
} |
| 1399 |
|
| 1400 |
/** |
| 1401 |
* Assign variables and display page |
| 1402 |
*/ |
| 1403 |
$smarty -> assign(array('View' => $_GET['view'], |
| 1404 |
'Step' => $_GET['step'], |
| 1405 |
'Action' => $_GET['action'])); |
| 1406 |
$smarty -> display('admin.tpl'); |
| 1407 |
|
| 1408 |
require_once('includes/foot.php'); |
| 1409 |
|
| 1410 |
?> |
