From 3082c27bc88657f1eabbaa5dc7ade9816976fa98 Mon Sep 17 00:00:00 2001
From: Stefan Brannfjell <braste10@nith.no>
Date: Sat, 31 Aug 2013 13:31:07 +0200
Subject: [PATCH] Forum search script, multi keyword search supported search:
 titles, posts, authors latest posts authors latest threads view latest
 threads view latest posts ------- working on new ipn for paygol (under dev)

---
 config.php       |  47 ++++++-----
 forum_search.php | 207 +++++++++++++++++++++++++++++++++++++++++++++++
 highscores.php   |   2 +-
 paygol_ipn.php   |  37 +++++++++
 4 files changed, 270 insertions(+), 23 deletions(-)
 create mode 100644 forum_search.php

diff --git a/config.php b/config.php
index 4365a86..0c4026f 100644
--- a/config.php
+++ b/config.php
@@ -4,7 +4,7 @@
 	// TFS 0.3 = TFS_03 (If ur using 0.3.6, set $config['salt'] to false)!
 	// TFS 0.4 = TFS_03
 	// TFS 1.0 = TFS_10 (Under developement)
-	$config['TFSVersion'] = 'TFS_10';
+	$config['TFSVersion'] = 'TFS_03';
 	
 	$config['site_title'] = 'Znote AAC';
 	$config['site_title_context'] = 'Because open communities are good communities. :3';
@@ -14,13 +14,13 @@
 	// ------------------------ \\
 	
 	// phpmyadmin username for OT server: (DONT USE "root" if ur hosting to public.).
-	$config['sqlUser'] = 'new';
+	$config['sqlUser'] = 'username';
 	
 	// phpmyadmin password for OT server:
-	$config['sqlPassword'] = 'new';
+	$config['sqlPassword'] = 'password';
 	
 	// The database name to connect to. (This is usually same as username).
-	$config['sqlDatabase'] = 'new';
+	$config['sqlDatabase'] = 'database';
 	
 	// Hostname is usually localhost or 127.0.0.1.
 	$config['sqlHost'] = 'localhost';
@@ -62,16 +62,7 @@
 	// Town ids and names: (In RME map editor, open map, click CTRL + T to view towns, their names and their IDs. 
 	// townID => 'townName' etc: ['3'=>'Thais']
 	$config['towns'] = array(
-		0 => 'Town 0',
-		1 => 'Town 1',
-		2 => 'Town 2',
-		3 => 'Town 3',
-		4 => 'Town 4',
-		5 => 'Town 5',
-		6 => 'Town 6',
-		7 => 'Town 7',
-		8 => 'Town 8',
-		9 => 'Town 9',
+		2 => 'Thyrfing',
 	);
 	
 	// Leave on black square in map and player should get teleported to their selected town.
@@ -108,13 +99,13 @@
 	$config['available_vocations'] = array(1, 2, 3, 4);
 	
 	// Available towns (specify town ids, etc: (0, 1, 2); to display 3 town options (town id 0, 1 and 2).
-	$config['available_towns'] = array(1);
+	$config['available_towns'] = array(2);
 	
 	$config['level'] = 8;
 	$config['health'] = 185;
-	$config['mana'] = 35;
+	$config['mana'] = 40;
 	$config['cap'] = 435;
-	$config['soul'] = 0;
+	$config['soul'] = 100;
 	
 	$config['maleOutfitId'] = 128;
 	$config['femaleOutfitId'] = 138;
@@ -122,9 +113,9 @@
 	// No vocation info (if user select vocation id 0, we force thees configurations on him
 	$config['nvlevel'] = 1;
 	$config['nvHealth'] = 150;
-	$config['nvMana'] = 0;
+	$config['nvMana'] = 5;
 	$config['nvCap'] = 400;
-	$config['nvSoul'] = 0;
+	$config['nvSoul'] = 100;
 	
 	$config['nvForceTown'] = 0; // Force a town to no vocation even though he selected something else? 0 = no, 1 = yes.
 	$config['nvTown'] = 0; // Town id to force no vocations to get to, if nvForceTown is 1.
@@ -154,7 +145,7 @@
 		);
 
 	$config['validate_IP'] = true; // Only allow legal IP addresses to register and create character.
-	$config['salt'] = false; // Some noob 0.3.6 servers don't support salt.
+	$config['salt'] = true; // Some noob 0.3.6 servers don't support salt.
 	
 	// Restricted names
 	$config['invalidNameTags'] = array("god", "gm", "cm", "gamemaster", "hoster", "admin", "admim", "adm", "owner", "staff");
@@ -186,13 +177,13 @@
 	$config['port'] = 7171; // Port number to connect to your OT.
 	
 	// How often do you want highscores to update?
-	$config['cache_lifespan'] = 60 * 15; // 15 minutes.
+	$config['cache_lifespan'] = 1;//60 * 15; // 15 minutes.
 	
 	// WARNING! Account names written here will have admin access to web page!
 	$config['page_admin_access'] = array(
 		'otland0',
 		'otland1',
-		'znote'
+		//'znote'
 	);
 	
 	// Built-in FORUM
@@ -413,6 +404,18 @@
 		'imageType' => 'gif',
 	);
 
+	//////////
+	/// Let players sell characters.
+	/////////
+	$config['shop_auction'] = array(
+			'characterAuction' => true, // Enable/disable this system
+			'requiredLevel' => 50, // Minimum level of sold character
+			'leastValue' => 10, // Lowest donation points a char can be sold for.
+			'leastTime' => 24, // In hours. False to disable.
+			// leastTime = Lowest duration of time an auctioned player has to be 
+			// sellable before auctioneer can claim character back.
+		);
+	
 	// If useDB is false, this array list will be used for shop offers.
 	$config['shop_offers'] = array(
 		// offer 1
diff --git a/forum_search.php b/forum_search.php
new file mode 100644
index 0000000..bc36582
--- /dev/null
+++ b/forum_search.php
@@ -0,0 +1,207 @@
+<?php require_once 'engine/init.php'; include 'layout/overall/header.php'; protect_page();
+
+// Search CONFIG
+$searchResults = 30; // How many max search results
+
+function stripBBCode($text_to_search) {
+	$pattern = '|[[\/\!]*?[^\[\]]*?]|si';
+	$replace = '';
+	return preg_replace($pattern, $replace, $text_to_search);
+}
+
+//data_dump($_GET, false, "Post data:");
+
+// Fetch and sanitize values:
+$type = getValue($_GET['type']);
+if ($type !== false) $type = (int)$type;
+$text = getvalue($_GET['text']);
+
+$text = explode(' ', $text);
+$textTitleSql = "";
+$textPostSql = "";
+$textAuthorSql = "";
+for ($i = 0; $i < count($text); $i++) {
+	if ($i != count($text) -1) {
+		$textTitleSql .= "`title` LIKE '%". $text[$i] ."%' AND ";
+		$textPostSql .= "`text` LIKE '%". $text[$i] ."%' AND ";
+		$textAuthorSql .= "`player_name` LIKE '%". $text[$i] ."%' AND ";
+	} else {
+		$textTitleSql .= "`title` LIKE '%". $text[$i] ."%'";
+		$textPostSql .= "`text` LIKE '%". $text[$i] ."%'";
+		$textAuthorSql .= "`player_name` LIKE '%". $text[$i] ."%'";
+	}
+}
+
+data_dump($text, array($textTitleSql, $textPostSql, $textAuthorSql), "search");
+
+?>
+<h1>Search forum</h1>
+<form method="" type="get">
+	<select name="type">
+		<option value="1" <?php if ($type == 1) echo "selected"; ?>>Title</option>
+		<option value="2" <?php if ($type == 2) echo "selected"; ?>>Post</option>
+		<option value="3" <?php if ($type == 3) echo "selected"; ?>>Author (threads)</option>
+		<option value="4" <?php if ($type == 4) echo "selected"; ?>>Author (posts)</option>
+		<option value="5" <?php if ($type == 5) echo "selected"; ?>>Latest Posts</option>
+		<option value="6" <?php if ($type == 6) echo "selected"; ?>>Latest Threads</option>
+	</select>
+	<input type="text" name="text" value="<?php if ($text !== false) echo implode(' ', $text); ?>">
+	<input type="submit" value="Search">
+</form>
+<?php
+
+if ($type !== false && $text !== false && $type <= 4 || $type > 4 && $type <= 6) {
+	$forums = mysql_select_multi("SELECT `id` FROM `znote_forum` WHERE `access`='1' AND `guild_id`='0';");
+	$allowedForums = array();
+	foreach($forums as $forum) $allowedForums[] = $forum['id'];
+
+	//data_dump($allowedForums, false, "Allowed forums to search");
+	// in_array(6, $allowedForums)
+
+	$results = false;
+	switch ($type) {
+		case 1: // Search titles
+			$results = mysql_select_multi("SELECT `id` AS `thread_id`, `forum_id`, `title`, `text`, `player_name` FROM `znote_forum_threads` WHERE $textTitleSql ORDER BY `id` DESC LIMIT $searchResults;");
+			// Filter out search results in custom access boards.
+			for ($i = 0; $i < count($results); $i++) 
+				if (!in_array($results[$i]['forum_id'], $allowedForums)) 
+					$results[$i]['forum_id'] = false;
+				else {
+					$results[$i]['title'] = stripBBCode($results[$i]['title']);
+					$results[$i]['text'] = stripBBCode($results[$i]['text']);
+				}
+
+			//if ($results !== false) data_dump($results, false, "Search results");
+			//else echo "<br><b>No results.</b>";
+			break;
+		
+		case 2: // Search posts
+			$results = mysql_select_multi("SELECT `thread_id`, `player_name`, `text` FROM `znote_forum_posts` WHERE $textPostSql ORDER BY `id` DESC LIMIT $searchResults;");
+			// Missing ['forum_id'], ['title'], lets get them
+			for ($i = 0; $i < count($results); $i++) {
+				// $results[$i]['asd']
+				$thread = mysql_select_single("SELECT `forum_id`, `title` FROM `znote_forum_threads` WHERE `id`='".$results[$i]['thread_id']."' LIMIT 1;");
+				if ($thread !== false) {
+					$results[$i]['forum_id'] = $thread['forum_id'];
+					$results[$i]['title'] = $thread['title'];
+					if (!in_array($results[$i]['forum_id'], $allowedForums)) $results[$i]['forum_id'] = false;
+					else {
+						$results[$i]['title'] = stripBBCode($results[$i]['title']);
+						$results[$i]['text'] = stripBBCode($results[$i]['text']);
+					}
+				} else $results[$i]['forum_id'] = false;
+
+			} // DONE. :)
+			//data_dump(false, $results, "DATA");
+			break;
+		
+		case 3: // Search authors last threads
+			$results = mysql_select_multi("SELECT `id` AS `thread_id`, `forum_id`, `title`, `text`, `player_name` FROM `znote_forum_threads` WHERE $textAuthorSql ORDER BY `id` DESC LIMIT $searchResults;");
+			// Filter out search results in custom access boards.
+			for ($i = 0; $i < count($results); $i++) 
+				if (!in_array($results[$i]['forum_id'], $allowedForums)) 
+					$results[$i]['forum_id'] = false;
+				else {
+					$results[$i]['title'] = stripBBCode($results[$i]['title']);
+					$results[$i]['text'] = stripBBCode($results[$i]['text']);
+				}
+
+			//if ($results !== false) data_dump($results, false, "Search results");
+			//else echo "<br><b>No results.</b>";
+			break;
+		
+		case 4: // Search authors last posts
+			$results = mysql_select_multi("SELECT `thread_id`, `player_name`, `text` FROM `znote_forum_posts` WHERE $textAuthorSql ORDER BY `id` DESC LIMIT $searchResults;");
+			// Missing ['forum_id'], ['title'], lets get them
+			for ($i = 0; $i < count($results); $i++) {
+				// $results[$i]['asd']
+				$thread = mysql_select_single("SELECT `forum_id`, `title` FROM `znote_forum_threads` WHERE `id`='".$results[$i]['thread_id']."' LIMIT 1;");
+				if ($thread !== false) {
+					$results[$i]['forum_id'] = $thread['forum_id'];
+					$results[$i]['title'] = $thread['title'];
+					if (!in_array($results[$i]['forum_id'], $allowedForums)) $results[$i]['forum_id'] = false;
+					else {
+						$results[$i]['title'] = stripBBCode($results[$i]['title']);
+						$results[$i]['text'] = stripBBCode($results[$i]['text']);
+					}
+				} else $results[$i]['forum_id'] = false;
+
+			} // DONE. :)
+			break;
+
+		case 5: // Search latest titles
+			$results = mysql_select_multi("SELECT `id` AS `thread_id`, `forum_id`, `title`, `text`, `player_name` FROM `znote_forum_threads` ORDER BY `id` DESC LIMIT $searchResults;");
+			// Filter out search results in custom access boards.
+			for ($i = 0; $i < count($results); $i++) 
+				if (!in_array($results[$i]['forum_id'], $allowedForums)) 
+					$results[$i]['forum_id'] = false;
+				else {
+					$results[$i]['title'] = stripBBCode($results[$i]['title']);
+					$results[$i]['text'] = stripBBCode($results[$i]['text']);
+				}
+
+			//if ($results !== false) data_dump($results, false, "Search results");
+			//else echo "<br><b>No results.</b>";
+			break;
+
+		case 6: // Search posts
+			$results = mysql_select_multi("SELECT `thread_id`, `player_name`, `text` FROM `znote_forum_posts` ORDER BY `id` DESC LIMIT $searchResults;");
+			// Missing ['forum_id'], ['title'], lets get them
+			for ($i = 0; $i < count($results); $i++) {
+				// $results[$i]['asd']
+				$thread = mysql_select_single("SELECT `forum_id`, `title` FROM `znote_forum_threads` WHERE `id`='".$results[$i]['thread_id']."' LIMIT 1;");
+				if ($thread !== false) {
+					$results[$i]['forum_id'] = $thread['forum_id'];
+					$results[$i]['title'] = $thread['title'];
+					if (!in_array($results[$i]['forum_id'], $allowedForums)) $results[$i]['forum_id'] = false;
+					else {
+						$results[$i]['title'] = stripBBCode($results[$i]['title']);
+						$results[$i]['text'] = stripBBCode($results[$i]['text']);
+					}
+				} else $results[$i]['forum_id'] = false;
+
+			} // DONE. :)
+			//data_dump(false, $results, "DATA");
+			break;
+		default:
+			# code...
+			break;
+	}
+
+	// Create table and show stuff!
+	if ($results !== false) {
+		$count = 0;
+		foreach ($results as $r) if ($r['forum_id'] !== false) $count++;
+		if ($count > 0) {
+			?>
+			<table>
+				<tr>
+					<th>Char</th>
+					<th>Thread</th>
+					<th>Post</th>
+				</tr>
+				<?php
+				foreach ($results as $result) {
+					if ($result['forum_id'] !== false) {
+						// $result required fields = ['thread_id'], ['forum_id'], ['title'], ['text'], ['player_name']
+						?>
+						<tr>
+							<td><a href="characterprofile.php?name=<?php echo $result['player_name']; ?>"><?php echo $result['player_name']; ?></a></td>
+							<td>
+		<a href="forum.php?thread=<?php echo $result['thread_id']; ?>&forum=Search&cat=<?php echo $result['forum_id']; ?>">
+			<?php echo $result['title']; ?>
+		</a>
+							</td>
+							<td><?php echo (strlen($result['text']) > 140) ? substr($result['text'],0,137).'...' : $result['text']; ?></td>
+						</tr>
+						<?php
+					}
+				}
+				?>
+			</table>
+			<?php
+		} else echo "No results.";
+	} else echo "No results.";
+} else echo "<br><b>You must fill in all fields!</b>";
+
+include 'layout/overall/footer.php'; ?>
\ No newline at end of file
diff --git a/highscores.php b/highscores.php
index 268ad78..6faea9c 100644
--- a/highscores.php
+++ b/highscores.php
@@ -69,7 +69,7 @@ if (empty($_POST) === false) {
 					<?php
 					foreach ($array as $value) {
 						// start foreach
-						if ($value['group_id'] < 2) {
+						if ($config['TFSVersion'] == 'TFS_10' || $value['group_id'] < 2) {
 							echo '<tr>';
 							echo '<td><a href="characterprofile.php?name='. $value['name'] .'">'. $value['name'] .'</a></td>';
 							if ($skillid == 7) echo '<td>'. $value['level'] .'</td>';
diff --git a/paygol_ipn.php b/paygol_ipn.php
index 686e79d..06c85f2 100644
--- a/paygol_ipn.php
+++ b/paygol_ipn.php
@@ -82,4 +82,41 @@
 		} else echo ' character data false';
 	
 	} else echo 'service id wrong';
+?>
+
+
+
+<?php 
+/* TODO: FIX THIS FOR 1.5
+require_once 'engine/init.php'; 
+include 'layout/overall/header.php';
+
+if(!in_array($_SERVER['REMOTE_ADDR'],
+  array('109.70.3.48', '109.70.3.146', '109.70.3.58'))) {
+  header("HTTP/1.0 403 Forbidden");
+  die("Error: Unknown IP");
+}
+ 
+
+// get the variables from PayGol system
+$message_id	= $_GET['message_id'];
+$service_id	= $_GET['service_id'];
+$shortcode	= $_GET['shortcode'];
+$keyword	= $_GET['keyword'];
+$message	= $_GET['message'];
+$sender	 = $_GET['sender'];
+$operator	= $_GET['operator'];
+$country	= $_GET['country'];
+$custom	 = $_GET['custom'];
+$points	 = $_GET['points'];
+$price	 = $_GET['price'];
+$currency	= $_GET['currency'];
+
+// Here you can do whatever you want with the variables, for instance inserting or updating data into your Database 
+
+
+$query = mysql_query("UPDATE `znote_accounts` SET `points` = `points` + ".$points." WHERE `account_id` = ".$custom);
+
+include 'layout/overall/footer.php';
+*/
 ?>
\ No newline at end of file