<?php
/******************************************************************************
* playersedit.php *
* Edit Players File *
* See readme.txt for additional information *
*******************************************************************************
* eqEpic - The Epic Raid Manager *
* Open-Source Project By Ryan Christenson *
* =========================================================================== *
* Software Version: eqEpic 0.7.8 *
* Software by: The RSWR Network (http://www.rswr.net) *
* Copyright 2006-2007 by: Ryan Christenson (http://www.rswr.net) *
* Support, News, Updates at: http://forum.rswr.net/ *
*******************************************************************************
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation; either version 2 of the License, or *
* (at your option) any later version. *
* *
* This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
* GNU General Public License for more details. *
* *
* You should have received a copy of the GNU General Public License *
* along with DownloadCounter; if not, write to the Free Software *
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
******************************************************************************/
session_start();
ob_start();
?>
<?php
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); // Date in the past
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); // Always modified
header("Cache-Control: private, no-store, no-cache, must-revalidate"); // HTTP/1.1
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache"); // HTTP/1.0
?>
<?php include ("ewconfig.php") ?>
<?php include ("db.php") ?>
<?php include ("playersinfo.php") ?>
<?php include ("advsecu.php") ?>
<?php include ("phpmkrfn.php") ?>
<?php
if (!IsLoggedIn() && (@$_COOKIE[ewCookieAutoLogin] == "autologin" && @$_COOKIE[ewCookiePassword] <> "")) {
ob_end_clean();
header("Location: login.php");
exit();
}
LoadUserLevel();
$ewCurSec = (IsLoggedIn())? CurrentUserLevelPriv("players") : GetAnonymousPriv("players");
if (($ewCurSec & ewAllowEdit) <> ewAllowEdit) {
ob_end_clean();
header("Location: MyProfile.php");
exit();
}
if (IsLoggedIn() && CurrentUserID() == "") {
ob_end_clean();
header("Location: login.php");
exit();
}
?>
<?php
// Initialize common variables
$x_name = NULL;
$ox_name = NULL;
$z_name = NULL;
$ar_x_name = NULL;
$ari_x_name = NULL;
$x_nameList = NULL;
$x_nameChk = NULL;
$cbo_x_name_js = NULL;
$x_class = NULL;
$ox_class = NULL;
$z_class = NULL;
$ar_x_class = NULL;
$ari_x_class = NULL;
$x_classList = NULL;
$x_classChk = NULL;
$cbo_x_class_js = NULL;
$x_steps = NULL;
$ox_steps = NULL;
$z_steps = NULL;
$ar_x_steps = NULL;
$ari_x_steps = NULL;
$x_stepsList = NULL;
$x_stepsChk = NULL;
$cbo_x_steps_js = NULL;
$x_level = NULL;
$ox_level = NULL;
$z_level = NULL;
$ar_x_level = NULL;
$ari_x_level = NULL;
$x_levelList = NULL;
$x_levelChk = NULL;
$cbo_x_level_js = NULL;
$x_orb = NULL;
$ox_orb = NULL;
$z_orb = NULL;
$ar_x_orb = NULL;
$ari_x_orb = NULL;
$x_orbList = NULL;
$x_orbChk = NULL;
$cbo_x_orb_js = NULL;
?>
<?php
// Load key from QueryString
$x_name = @$_GET["name"];
// Get action
$sAction = @$_POST["a_edit"];
if ($sAction == "") {
$sAction = "I"; // Display record
} else {
// Get fields from form
$x_name = @$_POST["x_name"];
$x_class = @$_POST["x_class"];
$x_steps = @$_POST["x_steps"];
$x_level = @$_POST["x_level"];
$x_orb = @$_POST["x_orb"];
}
if (($x_name == "") || (is_null($x_name))) {
ob_end_clean();
header("Location: MyProfile.php");
exit();
}
$conn = phpmkr_db_connect(HOST, USER, PASS, DB, PORT);
switch ($sAction) {
case "I": // Display record
if (!LoadData($conn)) { // Load record
$_SESSION[ewSessionMessage] = "No Characters Found";
phpmkr_db_close($conn);
ob_end_clean();
header("Location: MyProfile.php");
exit();
}
break;
case "U": // Update
if (EditData($conn)) { // Update record
$_SESSION[ewSessionMessage] = "Character Updated Successfully";
phpmkr_db_close($conn);
ob_end_clean();
header("Location: MyProfile.php");
exit();
}
break;
}
?>
<?php include ("sources/header.php") ?>
<script type="text/javascript">
<!--
EW_LookupFn = "ewlookup.php"; // ewlookup file name
EW_AddOptFn = "ewaddopt.php"; // ewaddopt.php file name
//-->
</script>
<script type="text/javascript" src="ewp.js"></script>
<script type="text/javascript">
<!--
EW_dateSep = "-"; // set date separator
//-->
</script>
<script type="text/javascript">
<!--
function EW_checkMyForm(EW_this) {
if (EW_this.x_class && !EW_hasValue(EW_this.x_class, "SELECT")) {
if (!EW_onError(EW_this, EW_this.x_class, "SELECT", "Please Choose Your Character's Class"))
return false;
}
if (EW_this.x_steps && !EW_hasValue(EW_this.x_steps, "SELECT")) {
if (!EW_onError(EW_this, EW_this.x_steps, "SELECT", "Please Choose the Epic Step you're Character is ready for"))
return false;
}
if (EW_this.x_level && !EW_hasValue(EW_this.x_level, "TEXT")) {
if (!EW_onError(EW_this, EW_this.x_level, "TEXT", "Please Enter Your Character's Level"))
return false;
}
if (EW_this.x_level && !EW_checkinteger(EW_this.x_level.value)) {
if (!EW_onError(EW_this, EW_this.x_level, "TEXT", "Your Charter's Level can only be in Number format EG. 51"))
return false;
}
if (EW_this.x_orb && !EW_hasValue(EW_this.x_orb, "SELECT")) {
if (!EW_onError(EW_this, EW_this.x_orb, "SELECT", "Please Select Yes or No to the Question, Has Anguish Orb?"))
return false;
}
return true;
}
//-->
</script>
<script type="text/javascript">
<!--
var EW_DHTMLEditors = [];
//-->
</script>
<form name="fplayersedit" id="fplayersedit" action="playersedit.php" method="post" onsubmit="return EW_checkMyForm(this);">
<input type="hidden" name="a_edit" value="U" />
<?php
if (@$_SESSION[ewSessionMessage] <> "") {
?>
<p><div class="ewmsg"><?php echo $_SESSION[ewSessionMessage]; ?></div></p>
<?php
$_SESSION[ewSessionMessage] = ""; // Clear message
}
?>
<table align="center" class="table_other">
<tr>
<td>Name<span class='ewmsg'> *</span></td>
<td><span id="cb_x_name">
<?php if (CurrentUserID() == -1) { // System admin ?>
<input type="text" name="x_name" id="x_name" size="30" maxlength="30" value="<?php echo htmlspecialchars(@$x_name) ?>" />
<?php } else { // Non system admin ?>
<?php $x_name = stripslashes($_SESSION[ewSessionUserName]); ?>
<?php echo $x_name; ?>
<input type="hidden" id="x_name" name="x_name" value="<?php echo $x_name; ?>" />
<?php } ?>
</span></td>
</tr>
<tr>
<td>Class<span class='ewmsg'> *</span></td>
<td><span id="cb_x_class">
<?php
$x_classList = "<select id='x_class' name='x_class' onChange='EW_updatecombo(this.form.x_steps, ar_x_steps, this.options[this.selectedIndex].value);'>";
$x_classList .= "<option value=''>Please Select</option>";
$sSqlWrk = "SELECT `id`, `class` FROM `class`";
$sSqlWrk .= " ORDER BY `class` Asc";
$rswrk = phpmkr_query($sSqlWrk,$conn) or die("Failed to execute query at line " . __LINE__ . ": " . phpmkr_error($conn) . '<br />SQL:' . $sSqlWrk);
if ($rswrk) {
$rowcntwrk = 0;
while ($datawrk = phpmkr_fetch_array($rswrk)) {
$x_classList .= "<option value=\"" . htmlspecialchars($datawrk[0]) . "\"";
if ($datawrk["id"] == @$x_class) {
$x_classList .= " selected";
}
$x_classList .= ">" . $datawrk["class"] . "</option>";
$rowcntwrk++;
}
}
@phpmkr_free_result($rswrk);
$x_classList .= "</select>";
echo $x_classList;
?>
</span></td>
</tr>
<tr>
<td>Progress<span class='ewmsg'> *</span></td>
<td><span id="cb_x_steps">
<?php
$x_stepsList = "<select id='x_steps' name='x_steps'>";
$x_stepsList .= "<option value=''>Please Select</option>";
$cbo_x_steps_js = ""; // Init
$sSqlWrk = "SELECT `id`, `step`, `class` FROM `steps`";
$sSqlWrk .= " ORDER BY `step` Asc";
$rswrk = phpmkr_query($sSqlWrk,$conn) or die("Failed to execute query at line " . __LINE__ . ": " . phpmkr_error($conn) . '<br />SQL:' . $sSqlWrk);
if ($rswrk) {
$rowcntwrk = 0;
while ($datawrk = phpmkr_fetch_array($rswrk)) {
$x_stepsList .= "<option value=\"" . htmlspecialchars($datawrk[0]) . "\"";
if ($datawrk["id"] == @$x_steps) {
$x_stepsList .= " selected";
}
$x_stepsList .= ">" . $datawrk["step"] . "</option>";
$cbo_x_steps_js .= "ar_x_steps[" . ($rowcntwrk*4) . "] = '" . str_replace("'","\\'",$datawrk["id"]) . "';"; // Value
$cbo_x_steps_js .= "ar_x_steps[" . ($rowcntwrk*4+1) . "] = '" . str_replace("'","\\'",$datawrk["step"]) . "';"; // Display field 1
$cbo_x_steps_js .= "ar_x_steps[" . ($rowcntwrk*4+2) . "] = '';";
$cbo_x_steps_js .= "ar_x_steps[" . ($rowcntwrk*4+3) . "] = '" . str_replace("'","\\'",$datawrk["class"]) . "';"; // Filter field
$rowcntwrk++;
}
}
@phpmkr_free_result($rswrk);
$x_stepsList .= "</select>";
echo $x_stepsList;
?>
<script type="text/javascript">
<!--
var ar_x_steps = new Array();
<?php echo $cbo_x_steps_js; ?>
//-->
</script>
</span></td>
</tr>
<tr>
<td>Level<span class='ewmsg'> *</span></td>
<td><span id="cb_x_level">
<input type="text" name="x_level" id="x_level" size="30" maxlength="2" value="<?php echo htmlspecialchars(@$x_level) ?>" class="text" />
</span></td>
</tr>
<tr>
<td>Has Anguish Orb?<span class='ewmsg'> *</span></td>
<td><span id="cb_x_orb">
<?php
$x_orbList = "<select id='x_orb' name='x_orb'>";
$x_orbList .= "<option value=''>Please Select</option>";
$x_orbList .= "<option value=\"Yes\"";
if (@$x_orb == "Yes") {
$x_orbList .= " selected";
}
$x_orbList .= ">" . "Yes" . "</option>";
$x_orbList .= "<option value=\"No\"";
if (@$x_orb == "No") {
$x_orbList .= " selected";
}
$x_orbList .= ">" . "No" . "</option>";
$x_orbList .= "</select>";
echo $x_orbList;
?>
</span></td>
</tr>
</table>
<p align="center">
<input type="submit" name="btnAction" id="btnAction" value="Edit Player" class="button" />
</form>
<script language="JavaScript">
<!--
var f = document.fplayersedit;
EW_updatecombo(f.x_steps, ar_x_steps, f.x_class.options?f.x_class.options[f.x_class.selectedIndex].value:f.x_class.value);
//-->
</script>
<?php include ("footer.php") ?>
<?php
phpmkr_db_close($conn);
?>
<?php
//-------------------------------------------------------------------------------
// Function LoadData
// - Variables setup: field variables
function LoadData($conn)
{
global $x_name;
$sFilter = ewSqlKeyWhere;
$x_name = (get_magic_quotes_gpc()) ? stripslashes($x_name) : $x_name;
$sFilter = str_replace("@name", AdjustSql($x_name), $sFilter); // Replace key value
if ((CurrentUserID() <> "-1") && (CurrentUserID() <> "")) {
//$sFilter .= " AND " . str_replace("#UserID", AdjustSql(CurrentuserID()), ewSqlUserIDFilter);
$sFilter .= " AND " . ewSqlUserIDFilter;
$sFilter = str_replace("#Key", "`name`", $sFilter);
$sFilter = str_replace("#UserID", AdjustSql(CurrentUserID()), $sFilter);
}
$sSql = ewBuildSql(ewSqlSelect, ewSqlWhere, ewSqlGroupBy, ewSqlHaving, ewSqlOrderBy, $sFilter, "");
$rs = phpmkr_query($sSql,$conn) or die("Failed to execute query at line " . __LINE__ . ": " . phpmkr_error($conn) . '<br>SQL: ' . $sSql);
if (phpmkr_num_rows($rs) == 0) {
$bLoadData = false;
} else {
$bLoadData = true;
$row = phpmkr_fetch_array($rs);
// Get the field contents
$GLOBALS["x_name"] = $row["name"];
$GLOBALS["x_class"] = $row["class"];
$GLOBALS["x_steps"] = $row["steps"];
$GLOBALS["x_level"] = $row["level"];
$GLOBALS["x_orb"] = $row["orb"];
}
phpmkr_free_result($rs);
return $bLoadData;
}
?>
<?php
//-------------------------------------------------------------------------------
// Function EditData
// - Variables used: field variables
function EditData($conn)
{
global $x_name;
$sFilter = ewSqlKeyWhere;
$sTmp = (get_magic_quotes_gpc()) ? stripslashes($x_name) : $x_name;
$sFilter = str_replace("@name", AdjustSql($sTmp), $sFilter); // Replace key value
if ((CurrentUserID() <> "-1") && (CurrentUserID() <> "")) { // Non system admin
//$sFilter .= " AND " . str_replace("#UserID", AdjustSql(CurrentUserID()), ewSqlUserIDFilter);
$sFilter .= " AND " . ewSqlUserIDFilter;
$sFilter = str_replace("#Key", "`name`", $sFilter);
$sFilter = str_replace("#UserID", AdjustSql(CurrentUserID()), $sFilter);
}
$sSql = ewBuildSql(ewSqlSelect, ewSqlWhere, ewSqlGroupBy, ewSqlHaving, ewSqlOrderBy, $sFilter, "");
$rs = phpmkr_query($sSql,$conn) or die("Failed to execute query at line " . __LINE__ . ": " . phpmkr_error($conn) . '<br>SQL: ' . $sSql);
// Get old recordset
$oldrs = phpmkr_fetch_array($rs);
if (phpmkr_num_rows($rs) == 0) {
return false; // Update Failed
} else {
$x_name = @$_POST["x_name"];
$x_class = @$_POST["x_class"];
$x_steps = @$_POST["x_steps"];
$x_level = @$_POST["x_level"];
$x_orb = @$_POST["x_orb"];
$x_scheduled = @$_POST["x_scheduled"];
$theValue = (!get_magic_quotes_gpc()) ? addslashes($GLOBALS["x_name"]) : $GLOBALS["x_name"];
$theValue = ($theValue != "") ? " '" . $theValue . "'" : "NULL";
$fieldList["`name`"] = $theValue;
$theValue = ($GLOBALS["x_class"] != "") ? intval($GLOBALS["x_class"]) : "NULL";
$fieldList["`class`"] = $theValue;
$theValue = ($GLOBALS["x_steps"] != "") ? intval($GLOBALS["x_steps"]) : "NULL";
$fieldList["`steps`"] = $theValue;
$theValue = ($GLOBALS["x_level"] != "") ? intval($GLOBALS["x_level"]) : "NULL";
$fieldList["`level`"] = $theValue;
$theValue = (!get_magic_quotes_gpc()) ? addslashes($GLOBALS["x_orb"]) : $GLOBALS["x_orb"];
$theValue = ($theValue != "") ? " '" . $theValue . "'" : "NULL";
$fieldList["`orb`"] = $theValue;
// Updating event
if (Recordset_Updating($fieldList, $oldrs)) {
// Update
$sSql = "UPDATE `players` SET ";
foreach ($fieldList as $key=>$temp) {
$sSql .= "$key = $temp, ";
}
if (substr($sSql, -2) == ", ") {
$sSql = substr($sSql, 0, strlen($sSql)-2);
}
$sSql .= " WHERE " . $sFilter;
phpmkr_query($sSql,$conn) or die("Failed to execute query at line " . __LINE__ . ": " . phpmkr_error($conn) . '<br>SQL: ' . $sSql);
$result = (phpmkr_affected_rows($conn) >= 0);
// Updated event
if ($result) Recordset_Updated($fieldList, $oldrs);
} else {
$result = false; // Update Failed
}
}
return $result;
}
// Updating Event
function Recordset_Updating(&$newrs, $oldrs)
{
// Enter your customized codes here
return true;
}
// Updated event
function Recordset_Updated($newrs, $oldrs)
{
$table = "players";
}
?>