Digitalstack/ZnoteAAC
2
0
Fork 0
mirror of https://github.com/Znote/ZnoteAAC.git synced 2025-04-29 18:59:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #179 from forgee/master

Browse Source 
Revised forms in myaccount.php
This commit is contained in:
Stefan A. Brannfjell 2014-11-28 17:24:09 +01:00
commit 464e851bb8
1 changed files with 260 additions and 310 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

570
myaccount.php
View File

@ -1,52 +1,6 @@
<?php require_once 'engine/init.php';
protect_page();
include 'layout/overall/header.php';
// Change character comment PAGE2 (Success).
if (!empty($_POST['comment']) &&!empty($_POST['charn'])) {
if (!Token::isValid($_POST['token'])) {
exit();
}
if (user_character_account_id($_POST['charn']) === $session_user_id) {
user_update_comment(user_character_id($_POST['charn']), $_POST['comment']);
echo 'Successfully updated comment.';
}
} else {
// Hide character
if (!empty($_POST['selected_hide'])) {
if (!Token::isValid($_POST['token'])) {
exit();
}
$hide_array = explode("!", $_POST['selected_hide']);
if (user_character_account_id($hide_array[0]) === $session_user_id) {
user_character_set_hide(user_character_id($hide_array[0]), $hide_array[1]);
}
}
// end
// DELETE character
if (!empty($_POST['selected_delete'])) {
if (!Token::isValid($_POST['token'])) {
exit();
}
if (user_character_account_id($_POST['selected_delete']) === $session_user_id) {
$charid = user_character_id($_POST['selected_delete']);
if ($charid !== false) {
if ($config['TFSVersion'] === 'TFS_10') {
if (!user_is_online_10($charid)) {
if (guild_leader_gid($charid) === false) user_delete_character_soft($charid);
else echo 'Character is leader of a guild, you must disband the guild or change leadership before deleting character.';
} else echo 'Character must be offline first.';
} else {
$chr_data = user_character_data($charid, 'online');
if ($chr_data['online'] != 1) {
if (guild_leader_gid($charid) === false) user_delete_character_soft($charid);
else echo 'Character is leader of a guild, you must disband the guild or change leadership before deleting character.';
} else echo 'Character must be offline first.';
}
}
}
}
// end
#region CANCEL CHARACTER DELETE
$undelete_id = @$_GET['cancel_delete_id'];
if($undelete_id) {
@ -59,153 +13,201 @@ if($undelete_id) {
}
#endregion
// CHANGE character name
if (!empty($_POST['change_name'])) {
if (!Token::isValid($_POST['token'])) {
exit();
}
$oldname = getValue($_POST['change_name']);
$newname = getValue($_POST['newName']);
// Variable used to check if main page should be rendered after handling POST (Change comment page)
$render_page = true;
// Check if user is online
$player = false;
if ($config['TFSVersion'] === 'TFS_10') {
$player = mysql_select_single("SELECT `id`, `account_id` FROM `players` WHERE `name` = '$oldname'");
$player['online'] = (user_is_online_10($player['id'])) ? 1 : 0;
} else $player = mysql_select_single("SELECT `id`, `account_id`, `online` FROM `players` WHERE `name` = '$oldname'");
// Check if player has bough ticket
$order = mysql_select_single("SELECT `id`, `account_id` FROM `znote_shop_orders` WHERE `type`='4' AND `account_id`='".$player['account_id']."' LIMIT 1;");
if ($order !== false) {
//data_dump($order, array($player['account_id'], $session_user_id), "data");
// Check if player and account matches
if ($session_user_id == $player['account_id'] && $session_user_id == $order['account_id']) {
// Check if new name is not occupied
$exist = mysql_select_single("SELECT `id` FROM `players` WHERE `name`='$newname';");
if (!$exist) {
// Check if new name follow rules
$newname = validate_name($newname);
if ($newname !== false) {
$error = false;
// name restriction
$resname = explode(" ", $newname);
foreach($resname as $res) {
if(in_array(strtolower($res), $config['invalidNameTags'])) {
$error = true;
}
else if(strlen($res) == 1) {
$error = true;
}
}
// Check name for illegal characters.
function checkNewNameForIllegal($name) {
if (preg_match('#^[\0-9åäö&()+%/*$€é,.\'"-]*$#i', $name)) {
return true;
}
return false;
}
if (checkNewNameForIllegal($newname)) {
$error = true;
echo 'This name contains illegal characters.';
}
if ($error === false) {
// Change the name!
mysql_update("UPDATE `players` SET `name`='$newname' WHERE `id`='".$player['id']."' LIMIT 1;");
mysql_delete("DELETE FROM `znote_shop_orders` WHERE `id`='".$order['id']."' LIMIT 1;");
}
} else echo "Name validation failed, use another name.";
} else echo "The character name you wish to change to already exist.";
} else echo "Failed to sync your account. :|";
} else echo "Did not find any name change tickets, but them in our <a href='shop.php'>shop!</a>";
}
// end
// Change character sex
if (!empty($_POST['change_gender'])) {
if (!Token::isValid($_POST['token'])) {
exit();
}
if (user_character_account_id($_POST['change_gender']) === $session_user_id) {
$char_name = sanitize($_POST['change_gender']);
$char_id = (int)user_character_id($char_name);
$account_id = user_character_account_id($char_name);
if ($config['TFSVersion'] == 'TFS_10') {
$chr_data = user_is_online_10($char_id);
} else $chr_data = user_character_data($char_id, 'online');
if ($chr_data['online'] != 1) {
// Verify that we are not messing around with data
if ($account_id != $user_data['id']) die("wtf? Something went wrong, try relogging.");
// Fetch character tickets
$tickets = shop_account_gender_tickets($account_id);
if ($tickets !== false || $config['free_sex_change'] == true) {
// They are allowed to change gender
$last = false;
$infinite = false;
$tks = 0;
// Do we have any infinite tickets?
foreach ($tickets as $ticket) {
if ($ticket['count'] == 0) $infinite = true;
else if ($ticket > 0 && $infinite === false) $tks += (int)$ticket['count'];
// Handle POST
if (!empty($_POST['selected_character'])) {
if (!empty($_POST['action'])) {
// Validate token
if (!Token::isValid($_POST['token'])) {
exit();
}
// Sanitize values
$action = getValue($_POST['action']);
$char_name = getValue($_POST['selected_character']);
// Handle actions
switch($action) {
// Change character comment PAGE2 (Success).
case 'update_comment':
if (user_character_account_id($char_name) === $session_user_id) {
user_update_comment(user_character_id($char_name), getValue($_POST['comment']));
echo 'Successfully updated comment.';
}
if ($infinite === true) $tks = 0;
$dbid = (int)$tickets[0]['id'];
// If they dont have unlimited tickets, remove a count from their ticket.
if ($tickets[0]['count'] > 1) { // Decrease count
$tks--;
$tkr = ((int)$tickets[0]['count'] - 1);
shop_update_row_count($dbid, $tkr);
} else if ($tickets[0]['count'] == 1) { // Delete record
shop_delete_row_order($dbid);
$tks--;
break;
// end
// Hide character
case 'toggle_hide':
$hide = (user_character_hide($char_name) == 1 ? 0 : 1);
if (user_character_account_id($char_name) === $session_user_id) {
user_character_set_hide(user_character_id($char_name), $hide);
}
// Change character gender:
//
user_character_change_gender($char_name);
echo 'You have successfully changed gender on character '. $char_name .'.';
if ($tks > 0) echo '<br>You have '. $tks .' gender change tickets left.';
else if ($infinite !== true) echo '<br>You are out of tickets.';
} else echo 'You don\'t have any character gender tickets, buy them in the <a href="shop.php">SHOP</a>!';
} else echo 'Your character must be offline.';
break;
// end
// DELETE character
case 'delete_character':
if (user_character_account_id($char_name) === $session_user_id) {
$charid = user_character_id($char_name);
if ($charid !== false) {
if ($config['TFSVersion'] === 'TFS_10') {
if (!user_is_online_10($charid)) {
if (guild_leader_gid($charid) === false) user_delete_character_soft($charid);
else echo 'Character is leader of a guild, you must disband the guild or change leadership before deleting character.';
} else echo 'Character must be offline first.';
} else {
$chr_data = user_character_data($charid, 'online');
if ($chr_data['online'] != 1) {
if (guild_leader_gid($charid) === false) user_delete_character_soft($charid);
else echo 'Character is leader of a guild, you must disband the guild or change leadership before deleting character.';
} else echo 'Character must be offline first.';
}
}
}
break;
// end
// CHANGE character name
case 'change_name':
$oldname = $char_name;
$newname = getValue($_POST['newName']);
// Check if user is online
$player = false;
if ($config['TFSVersion'] === 'TFS_10') {
$player = mysql_select_single("SELECT `id`, `account_id` FROM `players` WHERE `name` = '$oldname'");
$player['online'] = (user_is_online_10($player['id'])) ? 1 : 0;
} else $player = mysql_select_single("SELECT `id`, `account_id`, `online` FROM `players` WHERE `name` = '$oldname'");
// Check if player has bough ticket
$order = mysql_select_single("SELECT `id`, `account_id` FROM `znote_shop_orders` WHERE `type`='4' LIMIT 1;");
if ($order !== false) {
// Check if player and account matches
if ($session_user_id == $player['account_id'] && $session_user_id == $order['account_id']) {
// Check if new name is not occupied
$exist = mysql_select_single("SELECT `id` FROM `players` WHERE `name`='$newname';");
if (!$exist) {
// Check if new name follow rules
$newname = validate_name($newname);
if ($newname !== false) {
$error = false;
// name restriction
$resname = explode(" ", $_POST['name']);
foreach($resname as $res) {
if(in_array(strtolower($res), $config['invalidNameTags'])) {
$error = true;
}
else if(strlen($res) == 1) {
$error = true;
}
}
// Check name for illegal characters.
function checkNewNameForIllegal($name) {
if (preg_match('#^[\0-9åäö&()+%/*$€é,.\'"-]*$#i', $name)) {
return true;
}
return false;
}
if (checkNewNameForIllegal($newname)) {
$error = true;
echo 'This name contains illegal characters.';
}
if ($error === false) {
// Change the name!
mysql_update("UPDATE `players` SET `name`='$newname' WHERE `id`='".$player['id']."' LIMIT 1;");
mysql_delete("DELETE FROM `znote_shop_orders` WHERE `id`='".$order['id']."' LIMIT 1;");
}
} else echo 'Name validation failed, use another name.';
} else echo 'The character name you wish to change to already exist.';
} else echo 'Failed to sync your account. :|';
} else echo 'Did not find any name change tickets, but them in our <a href="shop.php">shop!</a>';
break;
// end
// Change character sex
case 'change_gender':
if (user_character_account_id($char_name) === $session_user_id) {
$char_id = (int)user_character_id($char_name);
$account_id = user_character_account_id($char_name);
if ($config['TFSVersion'] == 'TFS_10') {
$chr_data = user_is_online_10($char_id);
} else $chr_data = user_character_data($char_id, 'online');
if ($chr_data['online'] != 1) {
// Verify that we are not messing around with data
if ($account_id != $user_data['id']) die("wtf? Something went wrong, try relogging.");
// Fetch character tickets
$tickets = shop_account_gender_tickets($account_id);
if ($tickets !== false || $config['free_sex_change'] == true) {
// They are allowed to change gender
$last = false;
$infinite = false;
$tks = 0;
// Do we have any infinite tickets?
foreach ($tickets as $ticket) {
if ($ticket['count'] == 0) $infinite = true;
else if ($ticket > 0 && $infinite === false) $tks += (int)$ticket['count'];
}
if ($infinite === true) $tks = 0;
$dbid = (int)$tickets[0]['id'];
// If they dont have unlimited tickets, remove a count from their ticket.
if ($tickets[0]['count'] > 1) { // Decrease count
$tks--;
$tkr = ((int)$tickets[0]['count'] - 1);
shop_update_row_count($dbid, $tkr);
} else if ($tickets[0]['count'] == 1) { // Delete record
shop_delete_row_order($dbid);
$tks--;
}
// Change character gender:
//
user_character_change_gender($char_name);
echo 'You have successfully changed gender on character '. $char_name .'.';
if ($tks > 0) echo '<br>You have '. $tks .' gender change tickets left.';
else if ($infinite !== true) echo '<br>You are out of tickets.';
} else echo 'You don\'t have any character gender tickets, buy them in the <a href="shop.php">SHOP</a>!';
} else echo 'Your character must be offline.';
}
break;
// end
// Change character comment PAGE1:
case 'change_comment':
$render_page = false; // Regular "myaccount" page should not render
if (user_character_account_id($char_name) === $session_user_id) {
$comment_data = user_znote_character_data(user_character_id($char_name), 'comment');
?>
<!-- Changing comment MARKUP -->
<h1>Change comment on:</h1>
<form action="" method="post">
<ul>
<li>
<input name="action" type="hidden" value="update_comment">
<input name ="selected_character" type="text" value="<?php echo $char_name; ?>" readonly="readonly">
</li>
<li>
<font class="profile_font" name="profile_font_comment">Comment:</font> <br>
<textarea name="comment" cols="70" rows="10"><?php echo $comment_data['comment']; ?></textarea>
</li>
<?php
/* Form file */
Token::create();
?>
<li><input type="submit" value="Update Comment"></li>
</ul>
</form>
<?php
}
break;
//end
}
}
}
// end
// Change character comment PAGE1:
if (!empty($_POST['selected_comment'])) {
if (!Token::isValid($_POST['token'])) {
exit();
}
if (user_character_account_id($_POST['selected_comment']) === $session_user_id) {
$comment_data = user_znote_character_data(user_character_id($_POST['selected_comment']), 'comment');
?>
<!-- Changing comment MARKUP -->
<h1>Change comment on:</h1>
<form action="" method="post">
<ul>
<li>
<input name ="charn" type="text" value="<?php echo $_POST['selected_comment']; ?>" readonly="readonly">
</li>
<li>
<font class="profile_font" name="profile_font_comment">Comment:</font> <br>
<textarea name="comment" cols="70" rows="10"><?php echo $comment_data['comment']; ?></textarea>
</li>
<?php
/* Form file */
Token::create();
?>
<li><input type="submit" value="Update Comment"></li>
</ul>
</form>
<?php
}
} else {
// end
if ($render_page) {
$char_count = user_character_list_count($session_user_id);
$pending_delete = user_pending_deletes($session_user_id);
if($pending_delete)
if ($pending_delete) {
foreach($pending_delete as $delete) {
if(new DateTime($delete['time']) > new DateTime())
echo '<b>CAUTION!</b> Your character with name <b>' . $delete['character_name'] . ' will be deleted on ' . $delete['time'] . '</b>. <a href="myaccount.php?cancel_delete_id=' . $delete['id'] . '">Cancel this operation.</a><br/>';
@ -216,6 +218,8 @@ if (!empty($_POST['selected_comment'])) {
$char_count--;
}
}
}
?>
<div id="myaccount">
<h1>My account</h1>
@ -223,7 +227,6 @@ if (!empty($_POST['selected_comment'])) {
You have <?php echo $user_data['premdays']; ?> days remaining premium account.</p>
<h2>Character List: <?php echo $char_count; ?> characters.</h2>
<?php
//data_dump($user_data, false, "data");
// Echo character list!
$char_array = user_character_list($user_data['id']);
// Design and present the list
@ -244,133 +247,80 @@ if (!empty($_POST['selected_comment'])) {
}
?>
</table>
<!-- FORMS TO HIDE CHARACTER-->
<form action="" method="post">
<ul>
<li>
Character hide:<br>
<select name="selected_hide" multiple="multiple">
<?php
for ($i = 0; $i < $char_count; $i++) {
if (user_character_hide($characters[$i]) == 1) {
echo '<option value="'. $characters[$i] .'!0">'. $characters[$i] .'</option>';
} else {
echo '<option value="'. $characters[$i] .'!1">'. $characters[$i] .'</option>';
<table class="table">
<!-- FORMS TO EDIT CHARACTER-->
<form action="" method="post">
<tr>
<td>
<select id="selected_character" name="selected_character" class="form-control">
<?php
for ($i = 0; $i < $char_count; $i++) {
if (user_character_hide($characters[$i]) == 1) {
echo '<option value="'. $characters[$i] . '">'. $characters[$i] .'</option>';
} else {
echo '<option value="'. $characters[$i] . '">'. $characters[$i] .'</option>';
}
}
}
?>
</select>
<?php
/* Form file */
Token::create();
?>
<input type="submit" value="Toggle hide" class="btn btn-info">
</li>
</ul>
</form>
<!-- FORMS TO CHANGE CHARACTER COMMENT-->
<form action="" method="post">
<ul>
<li>
Character comment:<br>
<select name="selected_comment" multiple="multiple">
<?php
for ($i = 0; $i < $char_count; $i++) {
echo '<option value="'. $characters[$i] .'">'. $characters[$i] .'</option>';
}
?>
</select>
<?php
/* Form file */
Token::create();
?>
<input type="submit" value="Change comment" class="btn btn-info">
</li>
</ul>
</form>
<!-- FORMS TO CHANGE CHARACTER GENDER-->
<form action="" method="post">
<ul>
<li>
Change character gender:<br>
<select name="change_gender" multiple="multiple">
<?php
for ($i = 0; $i < $char_count; $i++) {
echo '<option value="'. $characters[$i] .'">'. $characters[$i] .'</option>';
}
?>
</select>
<?php
/* Form file */
Token::create();
?>
<input type="submit" value="Change gender" class="btn btn-info">
</li>
</ul>
</form>
<!-- FORMS TO CHANGE CHARACTER NAME-->
<form action="" method="post">
<ul>
<li>
Change character name:<br>
<select name="change_name" multiple="multiple">
<?php
for ($i = 0; $i < $char_count; $i++) {
echo '<option value="'. $characters[$i] .'">'. $characters[$i] .'</option>';
}
?>
</select>
<input type="text" name="newName" placeholder="New Name">
<?php
/* Form file */
Token::create();
?>
<input type="submit" value="Change name" class="btn btn-info">
</li>
</ul>
</form>
<!-- FORMS TO DELETE CHARACTER-->
<form action="" method="post">
<ul>
<li>
Delete character:<br>
<select id="selected_delete" name="selected_delete" multiple="multiple">
<?php
for ($i = 0; $i < $char_count; $i++) {
echo '<option value="'. $characters[$i] .'">'. $characters[$i] .'</option>';
}
?>
</select>
<?php
/* Form file */
Token::create();
?>
<input type="submit" value="Delete Character" class="btn btn-danger needconfirmation">
</li>
</ul>
</form>
<script src="engine/js/jquery-1.10.2.min.js" type="text/javascript"></script>
<script>
$(document).ready(function(){
$(".needconfirmation").each(function(e){
$(this).click(function(e){
var itemname = $(this).attr("data-item-name");
var r = confirm("Do you really want to DELETE character: "+$('#selected_delete').find(":selected").text()+"?")
if(r == false){
e.preventDefault();
}
});
});
});
</script>
<?php
} else {
echo 'You don\'t have any characters. Why don\'t you <a href="createcharacter.php">create one</a>?';
}
//Done.
?>
</select>
</td>
<td>
<select id="action" name="action" class="form-control" onChange="changedOption(this)">
<option value="none" selected>Select action</option>
<option value="toggle_hide">Toggle hide</option>
<option value="change_comment">Change comment</option>
<option value="change_gender">Change gender</option>
<option value="change_name">Change name</option>
<option value="delete_character" class="needconfirmation">Delete character</option>
</select>
</td>
<td id="submit_form">
<?php
/* Form file */
Token::create();
?>
<input id="submit_button" type="submit" value="Submit" class="btn btn-primary btn-block"></input>
</td>
</tr>
</form>
</table>
<?php
} else {
echo 'You don\'t have any characters. Why don\'t you <a href="createcharacter.php">create one</a>?';
}
?>
</div>
<script>
function changedOption(e) {
// If selection is 'Change name' add a name field in the form
// Else remove name field if it exists
if (e.value == 'change_name') {
var lastCell = document.getElementById('submit_form');
var x = document.createElement('TD');
x.id = "new_name";
x.innerHTML = '<input type="text" name="newName" placeholder="New Name" class="form-control">';
lastCell.parentNode.insertBefore(x, lastCell);
} else {
var child = document.getElementById('new_name');
if (child) {
child.parentNode.removeChild(child);
}
}
}
</script>
<script src="engine/js/jquery-1.10.2.min.js" type="text/javascript"></script>
<script>
$(document).ready(function(){
$("#submit_button").click(function(e){
if ($("#action").find(":selected").attr('class') == "needconfirmation") {
var r = confirm("Do you really want to DELETE character: "+$('#selected_character').find(":selected").text()+"?")
if (r == false) {
e.preventDefault();
}
}
});
});
</script>
<?php
}
include 'layout/overall/footer.php';