memberlist.php - orodlin-1-pub in Orodlin v.1

<?php
/**
 *   File functions:
 *   Players list
 *
 *   @name                 : memberlist.php
 *   @copyright            : (C) 2004,2005,2006,2007 Vallheru Team based on Gamers-Fusion ver 2.5
 *   @author               : thindil <thindil@users.sourceforge.net>
 *   @author               : eyescream <tduda@users.sourceforge.net>
 *   @version              : 1.4
 *   @since                : 24.08.2007
 *
 */

// Published under GNU GPL 2 or later. See /install/README file for details.
// $Id$

$title = 'Lista mieszkańców';
require_once('includes/head.php');
require_once('includes/security.php');

/**
* Get the localization for game
*/
require_once('languages/'.$player -> lang.'/memberlist.php');

if (($player -> location != 'Altara' && $player -> location != 'Ardulith') && ($player -> rank != 'Admin' && $player -> rank != 'Staff'))
{
	error (ERROR);
}

$oldFetchMode = $db -> SetFetchMode(ADODB_FETCH_NUM);
define('LIMIT', 30);    // Results per page.

/**
* Possible search methods from form:
* Not set any of three below - display "LIMIT" players.
* Non-zero value in $_GET['id'] - search player with this ID,
* Non-empty string in $_GET['name'] - search matching names,
* Non-empty string in $_GET['ip'] - search by IP (only for Admin and Staff ranks)
*
* Possible search modifiers:
* $_GET['start'] - start position, begins from ID 1 if not set
* $_GET['orderby'] - for "ORDER BY" clause in query. Orders by ID if not set.
* $_GET['order'] - "ASC/DESC". Checked only if $_GET['orderby'] is set and valid.
*/

if (isset($_GET['ip']) && !isset($_GET['id']) && !isset($_GET['name'])) // Admin/Staff member clicked IP link in view.php
{
    $_GET['id'] = 0;
    $_GET['name'] = '';
}

$strQuery = 'SELECT `id`, `user`, `rank`, `rasa`, `level`, `gender`'.($player -> rank == 'Admin' || $player -> rank == 'Staff' ? ',`ip`' : '').' FROM `players` ';
$strCountQuery = 'SELECT count(*) FROM `players` ';
$strOrder = '';
$strLimit =  ' LIMIT '.(isset($_GET['start']) ? strictInt($_GET['start']).', ' : '').LIMIT;

if (isset($_GET['orderby']) && in_array($_GET['orderby'], array('id', 'user', 'rank', 'rasa', 'level', 'ip')))
{
    $strOrder = ' ORDER BY `'.$_GET['orderby'].'`';
    if (isset($_GET['order']) && in_array($_GET['order'], array('ASC', 'DESC')))
        $strOrder .= $_GET['order'];
}
else
    $strOrder = ' ORDER BY `id` ASC';

if (isset($_GET['id']))
{
    strictInt($_GET['id']);
    sqlLikeString($_GET['name']);
    sqlLikeString($_GET['ip']);
    if ($_GET['id'] > 0)
    {
        $strQuery .= 'WHERE `id`='.$_GET['id'];
        $strCountQuery .= 'WHERE `id`='.$_GET['id'];
    }
    elseif ($_GET['name'] != '')
    {
        $strQuery .= 'WHERE `user` LIKE '.$_GET['name'];
        $strCountQuery .= 'WHERE `user` LIKE '.$_GET['name'];
    }
        elseif ($_GET['ip'] != '' && ($player -> rank == 'Admin' || $player -> rank == 'Staff'))
        {
            $strQuery .= 'WHERE `ip` LIKE '.$_GET['ip'];
            $strCountQuery .= 'WHERE `ip` LIKE '.$_GET['ip'];
        }
}

$arrData = $db -> GetAll($strQuery.$strOrder.$strLimit);    // Get current part of searched data.
$arrCount = $db -> GetRow($strCountQuery);                  // Get info about total number of matching players.

if (!empty($arrData))
{
/**
* Prepare links for list paging and ordering.
* We need 2 types of links. Both must contain "search method" and:
* Links in top columns must have 'start', but not 'orderby' and 'order'
* Links below table must have pagination with different 'start' values, but same 'orderby' and 'order'
*/
    $strBaseTopLink = 'memberlist.php?';
    $strBaseBottomLink = 'memberlist.php?';
    foreach ($_GET as $key => $value)
    {
        if ($key != 'start')
            $strBaseBottomLink .= $key.'='.str_replace("'", "", $value).'&amp;';
        if ($key != 'order' && $key != 'orderby')
            $strBaseTopLink .= $key.'='.str_replace("'", "", $value).'&amp;';
    }

    $arrCount[0] = ceil($arrCount[0] / LIMIT);
    for ($i = 0, $arrLinks = array(); $i < $arrCount[0];++$i)
        $arrLinks[] = '<a href="'.$strBaseBottomLink.'start='.($i * LIMIT).'">'.($i + 1).'</a>';

    unset($strBaseBottomLink);
/// Convert database ranks to normal names (based on rank and gender).
    require_once('includes/ranks.php');
    for ($i = 0, $max = count($arrData);$i < $max; ++$i)
        $arrData[$i][2] = selectrank($arrData[$i][2], $arrData[$i][5]);

    $smarty -> assign_by_ref('Data', $arrData);
    $smarty -> assign_by_ref('Pagelinks', $arrLinks);
    $smarty -> assign(array('TopLink' => $strBaseTopLink,
                            'Current' => isset($_GET['start']) && $_GET['start'] % LIMIT == 0 ? $_GET['start'] / LIMIT + 1: 1));
}

$db -> SetFetchMode($oldFetchMode);

/**
* Assign variables to template and display page
*/
$smarty -> assign('Rank', $player -> rank);
$smarty -> display ('memberlist.tpl');
if (isset($arrData))
    unset($arrData, $arrLinks, $strBaseTopLink);
require_once('includes/foot.php');
?>

1	<?php
2	/**
3	* File functions:
4	* Players list
5	*
6	* @name : memberlist.php
7	* @copyright : (C) 2004,2005,2006,2007 Vallheru Team based on Gamers-Fusion ver 2.5
8	* @author : thindil <thindil@users.sourceforge.net>
9	* @author : eyescream <tduda@users.sourceforge.net>
10	* @version : 1.4
11	* @since : 24.08.2007
12	*
13	*/
14
15	// Published under GNU GPL 2 or later. See /install/README file for details.
16	// $Id$
17
18	$title = 'Lista mieszkańców';
19	require_once('includes/head.php');
20	require_once('includes/security.php');
21
22	/**
23	* Get the localization for game
24	*/
25	require_once('languages/'.$player -> lang.'/memberlist.php');
26
27	if (($player -> location != 'Altara' && $player -> location != 'Ardulith') && ($player -> rank != 'Admin' && $player -> rank != 'Staff'))
28	{
29	error (ERROR);
30	}
31
32	$oldFetchMode = $db -> SetFetchMode(ADODB_FETCH_NUM);
33	define('LIMIT', 30); // Results per page.
34
35	/**
36	* Possible search methods from form:
37	* Not set any of three below - display "LIMIT" players.
38	* Non-zero value in $_GET['id'] - search player with this ID,
39	* Non-empty string in $_GET['name'] - search matching names,
40	* Non-empty string in $_GET['ip'] - search by IP (only for Admin and Staff ranks)
41	*
42	* Possible search modifiers:
43	* $_GET['start'] - start position, begins from ID 1 if not set
44	* $_GET['orderby'] - for "ORDER BY" clause in query. Orders by ID if not set.
45	* $_GET['order'] - "ASC/DESC". Checked only if $_GET['orderby'] is set and valid.
46	*/
47
48	if (isset($_GET['ip']) && !isset($_GET['id']) && !isset($_GET['name'])) // Admin/Staff member clicked IP link in view.php
49	{
50	$_GET['id'] = 0;
51	$_GET['name'] = '';
52	}
53
54	$strQuery = 'SELECT `id`, `user`, `rank`, `rasa`, `level`, `gender`'.($player -> rank == 'Admin' \|\| $player -> rank == 'Staff' ? ',`ip`' : '').' FROM `players` ';
55	$strCountQuery = 'SELECT count(*) FROM `players` ';
56	$strOrder = '';
57	$strLimit = ' LIMIT '.(isset($_GET['start']) ? strictInt($_GET['start']).', ' : '').LIMIT;
58
59	if (isset($_GET['orderby']) && in_array($_GET['orderby'], array('id', 'user', 'rank', 'rasa', 'level', 'ip')))
60	{
61	$strOrder = ' ORDER BY `'.$_GET['orderby'].'`';
62	if (isset($_GET['order']) && in_array($_GET['order'], array('ASC', 'DESC')))
63	$strOrder .= $_GET['order'];
64	}
65	else
66	$strOrder = ' ORDER BY `id` ASC';
67
68	if (isset($_GET['id']))
69	{
70	strictInt($_GET['id']);
71	sqlLikeString($_GET['name']);
72	sqlLikeString($_GET['ip']);
73	if ($_GET['id'] > 0)
74	{
75	$strQuery .= 'WHERE `id`='.$_GET['id'];
76	$strCountQuery .= 'WHERE `id`='.$_GET['id'];
77	}
78	elseif ($_GET['name'] != '')
79	{
80	$strQuery .= 'WHERE `user` LIKE '.$_GET['name'];
81	$strCountQuery .= 'WHERE `user` LIKE '.$_GET['name'];
82	}
83	elseif ($_GET['ip'] != '' && ($player -> rank == 'Admin' \|\| $player -> rank == 'Staff'))
84	{
85	$strQuery .= 'WHERE `ip` LIKE '.$_GET['ip'];
86	$strCountQuery .= 'WHERE `ip` LIKE '.$_GET['ip'];
87	}
88	}
89
90	$arrData = $db -> GetAll($strQuery.$strOrder.$strLimit); // Get current part of searched data.
91	$arrCount = $db -> GetRow($strCountQuery); // Get info about total number of matching players.
92
93	if (!empty($arrData))
94	{
95	/**
96	* Prepare links for list paging and ordering.
97	* We need 2 types of links. Both must contain "search method" and:
98	* Links in top columns must have 'start', but not 'orderby' and 'order'
99	* Links below table must have pagination with different 'start' values, but same 'orderby' and 'order'
100	*/
101	$strBaseTopLink = 'memberlist.php?';
102	$strBaseBottomLink = 'memberlist.php?';
103	foreach ($_GET as $key => $value)
104	{
105	if ($key != 'start')
106	$strBaseBottomLink .= $key.'='.str_replace("'", "", $value).'&';
107	if ($key != 'order' && $key != 'orderby')
108	$strBaseTopLink .= $key.'='.str_replace("'", "", $value).'&';
109	}
110
111	$arrCount[0] = ceil($arrCount[0] / LIMIT);
112	for ($i = 0, $arrLinks = array(); $i < $arrCount[0];++$i)
113	$arrLinks[] = '<a href="'.$strBaseBottomLink.'start='.($i * LIMIT).'">'.($i + 1).'</a>';
114
115	unset($strBaseBottomLink);
116	/// Convert database ranks to normal names (based on rank and gender).
117	require_once('includes/ranks.php');
118	for ($i = 0, $max = count($arrData);$i < $max; ++$i)
119	$arrData[$i][2] = selectrank($arrData[$i][2], $arrData[$i][5]);
120
121	$smarty -> assign_by_ref('Data', $arrData);
122	$smarty -> assign_by_ref('Pagelinks', $arrLinks);
123	$smarty -> assign(array('TopLink' => $strBaseTopLink,
124	'Current' => isset($_GET['start']) && $_GET['start'] % LIMIT == 0 ? $_GET['start'] / LIMIT + 1: 1));
125	}
126
127	$db -> SetFetchMode($oldFetchMode);
128
129	/**
130	* Assign variables to template and display page
131	*/
132	$smarty -> assign('Rank', $player -> rank);
133	$smarty -> display ('memberlist.tpl');
134	if (isset($arrData))
135	unset($arrData, $arrLinks, $strBaseTopLink);
136	require_once('includes/foot.php');
137	?>

Gitorious