LoGD Standardrelease steht hier zum Download zur Verfügung!

Home-Adresse dieser Version: anpera.net/logd
Anfragen nach dieser Version bitte an: logd@anpera.de

Zeige Source: /badnav1.php

Hier klicken für den Source, ODER
Weitere Dateien, von denen du den Quelltext sehen kannst:
(Das Lesen des Source, um sich spielerische Vorteile zu verschaffen, ist nicht erlaubt. Solltest du Schwachstellen oder Fehler entdecken, bist du als Spieler verpflichtet, diese zu melden.)

Source von: /badnav1.php

<?
require_once "common.php";
isnewday(2);

if ($_GET[op]=="search"){
        $sql "SELECT acctid FROM accounts WHERE ";
        $where="
        login LIKE '%{$_POST['q']}%' OR
        acctid LIKE '%{$_POST['q']}%' OR
        name LIKE '%{$_POST['q']}%' OR
        emailaddress LIKE '%{$_POST['q']}%' OR
        lastip LIKE '%{$_POST['q']}%' OR
        uniqueid LIKE '%{$_POST['q']}%' OR
        gentimecount LIKE '%{$_POST['q']}%' OR
        level LIKE '%{$_POST['q']}%'";
        $result db_query($sql.$where);
        if (db_num_rows($result)<=0){
                output("`\$Keine Ergebnisse gefunden`0");
                $_GET[op]="";
                $where="";
        }elseif (db_num_rows($result)>100){
                output("`\$Zu viele Ergebnisse gefunden. Bitte Suche einengen.`0");
                $_GET[op]="";
                $where="";
        }elseif (db_num_rows($result)==1){
                //$row = db_fetch_assoc($result);
                //redirect("user.php?op=edit&userid=$row[acctid]");
                $_GET[op]="";
                $_GET['page']=0;
        }else{
                $_GET[op]="";
                $_GET['page']=0;
        }
}

page_header("BadNav Rettung");
        output("<form action='badnav1.php?op=search' method='POST'>Suche in allen Feldern: <input name='q' id='q'><input type='submit' class='button'></form>",true);
        output("<script language='JavaScript'>document.getElementById('q').focus();</script>",true);
        addnav("","badnav1.php?op=search");
addnav("G?Zurück zur Grotte","superuser.php");
addnav("W?Zurück zum Weltlichen","village.php");
//addnav("Benutzereditor","user.php");
$sql "SELECT count(acctid) AS count FROM accounts";
$result db_query($sql);
$row db_fetch_assoc($result);
$page=0;
while ($row[count]>0){
        $page++;
        addnav("$page Seite $page","badnav.php?page=".($page-1)."&sort=$_GET[sort]");
        $row[count]-=100;
}

$mounts=",0,Keins";
$sql "SELECT mountid,mountname,mountcategory FROM mounts ORDER BY mountcategory";
$result db_query($sql);
while ($row db_fetch_assoc($result)){
        $mounts.=",{$row['mountid']},{$row['mountcategory']}: {$row['mountname']}";
}
$userinfo = array(
        "Account Info,title",
        "acctid"=>"User ID,viewonly",
        "login"=>"Login",
        "name"=>"Display Name",
        "title"=>"Titel (muss auch in Display Name)",
        "ctitle"=>"Eigener Titel (muss auch in Display Name)",
        "sex"=>"Geschlecht,enum,0,Männlich,1,Weiblich",
);

if ($_GET[op]=="edit"){
        $result db_query("SELECT * FROM accounts WHERE acctid='$_GET[userid]'") or die(db_error(LINK));
        $row db_fetch_assoc($result) or die(db_error(LINK));
        output("<form action='user.php?op=special&userid=$_GET[userid]".($_GET['returnpetition']!=""?"&returnpetition={$_GET['returnpetition']}":"")."' method='POST'>",true);
        addnav("","user.php?op=special&userid=$_GET[userid]".($_GET['returnpetition']!=""?"&returnpetition={$_GET['returnpetition']}":"")."");
      //  output("<input type='submit' class='button' name='newday' value='Neuen Tag gewähren'>",true);
        output("<input type='submit' class='button' name='fixnavs' value='Defekte Navs reparieren'>",true);
      //  output("<input type='submit' class='button' name='clearvalidation' value='E-Mail als gültig markieren'>",true);
        output("</form>",true);

        if ($_GET['returnpetition']!=""){
                addnav("Zurück zur Anfrage","viewpetition.php?op=view&id={$_GET['returnpetition']}");
        }

}elseif ($_GET[op]=="special"){
        if ($_POST[newday]!=""){
                $sql "UPDATE accounts SET lasthit='".date("Y-m-d H:i:s",strtotime("-".(86500/getsetting("daysperday",4))." seconds"))."' WHERE acctid='$_GET[userid]'";
        }elseif($_POST[fixnavs]!=""){
                $sql "UPDATE accounts SET allowednavs='',output=\"\" WHERE acctid='$_GET[userid]'";
        }elseif($_POST[clearvalidation]!=""){
                $sql "UPDATE accounts SET emailvalidation='' WHERE acctid='$_GET[userid]'";
        }

        db_query($sql);
        if ($_GET['returnpetition']==""){
                redirect("badnav.php?".db_affected_rows());
        }else{
                redirect("viewpetition.php?op=view&id={$_GET['returnpetition']}");
        }
}elseif ($_GET[op]=="save"){
        $sql "UPDATE accounts SET ";
        reset($_POST);
        while (list($key,$val)=each($_POST)){
                if (isset($userinfo[$key])){
                        if ($key=="newpassword" ){
                                if ($val>""$sql.="password = \"$val\",";
                        }else{
                                $sql.="$key = \"$val\",";
                        }
                }
        }
        $sql=substr($sql,0,strlen($sql)-1);
        $sql.=" WHERE acctid=\"$_GET[userid]\"";
        //output("<pre>$sql</pre>");
        //echo "<pre>$sql</pre>";
        //redirect("user.php");
        //output( db_affected_rows()." rows affected");

        //we must manually redirect so that our changes go in to effect *after* our user save.
        addnav("","viewpetition.php?op=view&id={$_GET['returnpetition']}");
        addnav("","badnav1.php");
        saveuser();
        db_query($sql) or die(db_error(LINK));
        if ($_GET['returnpetition']!=""){
                header("Location: viewpetition.php?op=view&id={$_GET['returnpetition']}");
        }else{
                header("Location: badnav1.php");
        }

        exit();
}elseif ($_GET[op]==""){
        if (isset($_GET['page'])){
                $order "acctid";
                if ($_GET[sort]!=""$order "$_GET[sort]";
                $offset=(int)$_GET['page']*100;
                $sql "SELECT acctid,login,name,level,laston,gentimecount,lastip,uniqueid,emailaddress FROM accounts ".($where>""?"WHERE $where ":"")."ORDER BY \"$order\" LIMIT $offset,100";
                $result db_query($sql) or die(db_error(LINK));
                output("<table>",true);
                output("<tr>
                <td>Ops</td>
                <td><a href='badnav1.php?sort=login'>Login</a></td>
                <td><a href='badnav1.php?sort=name'>Name</a></td>
                <td><a href='badnav1.php?sort=level'>Lev</a></td>
                </tr>",true);
                addnav("","badnav1.php?sort=login");
                addnav("","badnav1.php?sort=name");
                addnav("","badnav1.php?sort=level");
                $rn=0;
                for ($i=0;$i<db_num_rows($result);$i++){
                        $row=db_fetch_assoc($result);
                        $laston=round((strtotime("0 days")-strtotime($row[laston])) / 86400,0)." Tage";
                        if (substr($laston,0,2)=="1 "$laston="1 Tag";
                        if (date("Y-m-d",strtotime($row[laston])) == date("Y-m-d")) $laston="Heute";
                        if (date("Y-m-d",strtotime($row[laston])) == date("Y-m-d",strtotime("-1 day"))) $laston="Gestern";
                        if ($loggedin$laston="Jetzt";
                        $row[laston]=$laston;
                        if ($row[$order]!=$oorder$rn++;
                        $oorder $row[$order];
                        output("<tr class='".($rn%2?"trlight":"trdark")."'>",true);

                        output("<td>",true);
                        output("[<a href='badnav1.php?op=edit&userid=$row[acctid]'>Edit</a>|",true);
                        addnav("","badnav1.php?op=edit&userid=$row[acctid]");

                        output("</td><td>",true);
                        output($row[login]);
                        output("</td><td>",true);
                        output($row[name]);
                        output("</td><td>",true);
                        output($row[level]);

                        output("</tr>",true);
                }
                output("</table>",true);
                output("Treffer gesamt: $gentimecount`n");
                output("CPU-Zeit gesamt: ".round($gentime,3)."s`n");
                output("Durchschnittszeit für Seitenerzeugung: ".round($gentime/max($gentimecount,1),4)."s`n");
        }
}
page_footer();
?>