From 4b0db861d57e4e6ae163072b99189a364dc415ce Mon Sep 17 00:00:00 2001 From: Znote Date: Wed, 8 Jul 2020 00:35:45 +0200 Subject: [PATCH] Fix #429 Various warnings Rewrote other characters on this account list in characterprofile Added hash_equal() backport for low PHP versions Fixed some warnings --- characterprofile.php | 258 +++++++++++++++++++----------------- engine/function/general.php | 35 +++-- engine/function/users.php | 41 +++--- topguilds.php | 52 ++++---- 4 files changed, 211 insertions(+), 175 deletions(-) diff --git a/characterprofile.php b/characterprofile.php index 4e39ae4..33e8613 100644 --- a/characterprofile.php +++ b/characterprofile.php @@ -7,7 +7,7 @@ if ($config['log_ip']) { if (isset($_GET['name']) === true && empty($_GET['name']) === false) { $name = getValue($_GET['name']); $user_id = user_character_exist($name); - + if ($user_id !== false) { $loadOutfits = $config['show_outfits']['characterprofile']; @@ -22,7 +22,7 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) { } } $profile_data['online'] = user_is_online_10($user_id); - + if ($config['Ach']) { $user_id = (int) $user_id; $achievementPoints = mysql_select_single("SELECT SUM(`value`) AS `sum` FROM `player_storage` WHERE `key` LIKE '30___' AND `player_id`={$user_id} LIMIT 1"); @@ -42,7 +42,7 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) { } } } - + $profile_znote_data = user_znote_character_data($user_id, 'created', 'hide_char', 'comment'); $guild_exist = false; if (get_character_guild_rank($user_id) > 0) { @@ -61,9 +61,9 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
img
- 0): ?> @@ -131,16 +131,16 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) { 'TFS_03' => 'town' // Default: town_id ); - $column_town_id = (isset($column_town_id[$config['ServerEngine']])) - ? $column_town_id[$config['ServerEngine']] + $column_town_id = (isset($column_town_id[$config['ServerEngine']])) + ? $column_town_id[$config['ServerEngine']] : 'town_id'; $houses = mysql_select_multi(" - SELECT `id`, `owner`, `name`, `{$column_town_id}` AS `town_id` - FROM `houses` + SELECT `id`, `owner`, `name`, `{$column_town_id}` AS `town_id` + FROM `houses` WHERE `owner` = {$user_id}; "); - + if ($houses !== false) { foreach ($houses as $h): ?> @@ -161,7 +161,7 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) { Created - + @@ -170,30 +170,30 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) { $imageServer = $config['shop']['imageServer']; $imageType = $config['shop']['imageType']; $PEQ = mysql_select_multi(" - SELECT - `player_id`, - `pid`, - `itemtype`, - `count` - FROM `player_items` - WHERE `player_id`={$user_id} + SELECT + `player_id`, + `pid`, + `itemtype`, + `count` + FROM `player_items` + WHERE `player_id`={$user_id} AND `pid`<'11' "); - $soulStamina = (in_array($config['ServerEngine'], ['TFS_10'])) - ? " `soul`, `stamina`," + $soulStamina = (in_array($config['ServerEngine'], ['TFS_10'])) + ? " `soul`, `stamina`," : " `p`.`soul`, `p`.`stamina`,"; - + if ($config['client'] < 780) { $soulStamina = " 0 AS `soul`, 0 AS `stamina`,"; } - $player_query = (in_array($config['ServerEngine'], ['TFS_10'])) - ? /* true */ "SELECT + $player_query = (in_array($config['ServerEngine'], ['TFS_10'])) + ? /* true */ "SELECT `health`, `healthmax`, `mana`, `manamax`, `cap`, - `experience`, `level`, + `experience`, `level`, {$soulStamina} `maglevel`, `skill_fist`, @@ -203,14 +203,14 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) { `skill_dist`, `skill_shielding`, `skill_fishing` - FROM `players` - WHERE `id`={$user_id} - LIMIT 1;" - : /* false */ "SELECT + FROM `players` + WHERE `id`={$user_id} + LIMIT 1;" + : /* false */ "SELECT `p`.`health`, `p`.`healthmax`, `p`.`mana`, `p`.`manamax`, `p`.`cap`, - `p`.`experience`, `p`.`level`, + `p`.`experience`, `p`.`level`, {$soulStamina} `p`.`maglevel`, `fist`.`value` AS `skill_fist`, @@ -220,7 +220,7 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) { `dist`.`value` AS `skill_dist`, `shield`.`value` AS `skill_shielding`, `fish`.`value` AS `skill_fishing` - FROM `players` AS `p` + FROM `players` AS `p` LEFT JOIN `player_skills` AS `fist` ON `p`.`id` = `fist`.`player_id` AND `fist`.`skillid` = 0 LEFT JOIN `player_skills` AS `club` ON `p`.`id` = `club`.`player_id` AND `club`.`skillid` = 1 LEFT JOIN `player_skills` AS `sword` ON `p`.`id` = `sword`.`player_id` AND `sword`.`skillid` = 2 @@ -243,7 +243,7 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) { else { $bar_mana = 100; } - + $outfit_server = $config['show_outfits']['imageServer']; $outfit_storage = $config['EQ_shower']['storage_value']; @@ -282,15 +282,15 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) { } $highest_outfit_id = MAX($outfit_list); - $outfit_storage_max = $outfit_storage + $highest_outfit_id + 1; + $outfit_storage_max = $outfit_storage + $highest_outfit_id + 1; $player_outfits = array(); $storage_sql = mysql_select_multi(" - SELECT `key`, `value` - FROM `player_storage` - WHERE `player_id`={$user_id} - AND `key` > {$outfit_storage} - AND `key` < {$outfit_storage_max} + SELECT `key`, `value` + FROM `player_storage` + WHERE `player_id`={$user_id} + AND `key` > {$outfit_storage} + AND `key` < {$outfit_storage_max} "); if ($storage_sql !== false && !empty($storage_sql)) { foreach ($storage_sql as $row) { @@ -315,7 +315,7 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) {
- "> Cap:
 @@ -387,7 +387,7 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) { /*align-items: center;*/ justify-content: space-between; width: 100%; - font-family: Verdana,Geneva,sans-serif; + font-family: Verdana,Geneva,sans-serif; font-size: 7.0pt; line-height: 1; color: rgb(201,201,201); @@ -633,11 +633,11 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) { - - + @@ -707,50 +707,50 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) { ".$d['killed_by']."" + $lasthit = ($d['is_player']) + ? "".$d['killed_by']."" : $d['killed_by']; ?> @@ -767,7 +767,7 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) { } elseif ($config['ServerEngine'] == 'TFS_02') { $array = user_fetch_deathlist($user_id); if ($array) { - foreach ($array as $value): + foreach ($array as $value): if ($value['is_player'] == 1) { $value['killed_by'] = 'player: '. $value['killed_by'] .''; } else { @@ -803,8 +803,8 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) { } } else { $value[3] = user_get_killer_m_name(user_get_kid($value['id'])); - if ($value[3] === false) { - $value[3] = 'deleted player.'; + if ($value[3] === false) { + $value[3] = 'deleted player.'; } } ?> @@ -813,7 +813,7 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) { @@ -833,18 +833,20 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) { if ($config['EnableQuests'] == true) { $sqlquests = mysql_select_multi(" - SELECT `player_id`, `key`, `value` - FROM player_storage + SELECT `player_id`, `key`, `value` + FROM player_storage WHERE `player_id` = {$user_id} "); if (isset($config['quests']) && !empty($config['quests'])) { foreach ($config['quests'] as $cquest) { $totalquests = $totalquests + 1; - foreach ($sqlquests as $dbquest) { - if ($cquest[0] == $dbquest['key'] && $cquest[1] == $dbquest['value']) { - $completedquests = $completedquests + 1; - } - } + if ($sqlquests !== false) { + foreach ($sqlquests as $dbquest) { + if ($cquest[0] == $dbquest['key'] && $cquest[1] == $dbquest['value']) { + $completedquests = $completedquests + 1; + } + } + } if ($cquest[3] == 1) { if ($completedquests != 0) { if ($firstrun == 1): ?> @@ -877,7 +879,7 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) { } } } - + if ($firstrun == 0): ?>
- (unjustified)"; } $mostdmg = ($d['mostdamage_by'] !== $d['killed_by']) ? true : false; if ($mostdmg) { - $mostdmg = ($d['mostdamage_is_player']) - ? "".$d['mostdamage_by']."" + $mostdmg = ($d['mostdamage_is_player']) + ? "".$d['mostdamage_by']."" : $d['mostdamage_by']; echo "
and by $mostdmg."; - if ($d['mostdamage_unjustified']) { - echo " (unjustified)"; + if ($d['mostdamage_unjustified']) { + echo " (unjustified)"; } - } else { - echo " (soloed)"; + } else { + echo " (soloed)"; } ?>
This player has never died.
@@ -885,55 +887,71 @@ if (isset($_GET['name']) === true && empty($_GET['name']) === false) { 1) - { - ?> + // Backward compatibility + $select_online = "CASE WHEN `l`.`player_id` IS NULL THEN 0 else 1 END as `online`"; + $join_online = "LEFT JOIN `players_online` as `l` ON `p`.`id` = `l`.`player_id`"; + if ($config['ServerEngine'] != 'TFS_10') { + $select_online = "`p`.`online`"; + $join_online = ""; + } + + // Load other visible characters + $otherChars = mysql_select_multi(" + SELECT + `p`.`id`, + `p`.`name`, + `p`.`level`, + `p`.`vocation`, + `p`.`lastlogin`, + {$select_online} + FROM `players` as `o` + JOIN `players` as `p` + ON `o`.`account_id` = `p`.`account_id` + LEFT JOIN `znote_players` as `z` + ON `p`.`id` = `z`.`player_id` + {$join_online} + WHERE `o`.`id` = {$user_id} + AND `p`.`id` != `o`.`id` + AND `z`.`hide_char` = 0 + ORDER BY `p`.`experience` DESC; + "); + + // Render table if there are any characters to show + if ($otherChars !== false) { + ?>
  • Other visible characters on this account:
    - 0) { - ?> - - - - - - - - - - - - - - - - - - -
    Name:Level:Vocation:Last login:Status:
    + + + + + + + + This player has never died.'; - }*/ - ?> + // Add character rows + foreach ($otherChars as $char): + ?> + + + + + + + + +
    Name:Level:Vocation:Last login:Status:
    • - - +

    Address:

    - + = $orig) { if ($new != $orig) { @@ -122,14 +122,14 @@ function znote_visitors_get_data() { function znote_visitor_set_data($visitor_data) { $exist = false; $ip = getIPLong(); - + foreach ((array)$visitor_data as $row) { if ($ip == $row['ip']) { $exist = true; $value = $row['value']; } } - + if ($exist && isset($value)) { // Update the value $value++; @@ -178,7 +178,7 @@ function create_token() { var_dump($token, $token2); $_SESSION['token'] = $token2; #} - + echo ""; } function reset_token() { @@ -393,10 +393,10 @@ function protect_page() { } // When function is called, you will be redirected to protect_page and deny access to rest of page, as long as you are not admin. -function admin_only($user_data) { +function admin_only($user_data) { // Chris way $gotAccess = is_admin($user_data); - + if ($gotAccess == false) { logged_in_redirect(); exit(); @@ -407,7 +407,7 @@ function is_admin($user_data) { if (config('ServerEngine') === 'OTHIRE') return in_array($user_data['id'], config('page_admin_access')) ? true : false; else - return in_array($user_data['name'], config('page_admin_access')) ? true : false; + return in_array($user_data['name'], config('page_admin_access')) ? true : false; } function array_sanitize(&$item) { @@ -472,7 +472,7 @@ function check_image($image) { // Last one if ($path_info['extension'] === 'gif') { - + // Resize image $img = resize_imagex($image_data, 100, 100); @@ -595,4 +595,19 @@ function random_bytes_compat($length, &$crypto_strong = null) { } return $ret; } + +// hash_equals legacy support < 5.6 +if(!function_exists('hash_equals')) { + function hash_equals($str1, $str2) { + if(strlen($str1) != strlen($str2)) { + return false; + } + $res = $str1 ^ $str2; + $ret = 0; + for($i = strlen($res) - 1; $i >= 0; $i--) { + $ret |= ord($res[$i]); + } + return !$ret; + } +} ?> diff --git a/engine/function/users.php b/engine/function/users.php index cc4d606..7885b15 100644 --- a/engine/function/users.php +++ b/engine/function/users.php @@ -105,28 +105,27 @@ function fetchLatestDeaths_03($rowz = 30, $killers = false) { // Support list function support_list() { - $TFS = Config('ServerEngine'); - - if ($TFS == 'TFS_10') $staffs = mysql_select_multi("SELECT `p`.`id`, `a`.`type` as `group_id`, `p`.`name`, `p`.`account_id` FROM `players` AS `p` INNER JOIN `accounts` AS `a` ON `p`.`account_id` = `a`.`id` WHERE `a`.`type` > 1 ORDER BY `p`.`account_id` DESC, `p`.`group_id` ASC, `p`.`level` ASC;"); - else $staffs = mysql_select_multi("SELECT `a`.`type` as `group_id`, `p`.`name`, `p`.`online`, `p`.`account_id` FROM `players` AS `p` INNER JOIN `accounts` AS `a` ON `a`.`id` = `p`.`account_id` WHERE `a`.`type` > 1 ORDER BY `p`.`account_id` DESC, `p`.`group_id` ASC, `p`.`level` ASC;"); - - foreach($staffs as $k => $v) { - foreach($staffs as $key => $value) { - if($k != $key && $v['account_id'] == $value['account_id']) { - unset($staffs[$k]); - } - } + $TFS = Config('ServerEngine'); + if ($TFS == 'TFS_10') $staffs = mysql_select_multi("SELECT `p`.`id`, `a`.`type` as `group_id`, `p`.`name`, `p`.`account_id` FROM `players` AS `p` INNER JOIN `accounts` AS `a` ON `p`.`account_id` = `a`.`id` WHERE `a`.`type` > 1 ORDER BY `p`.`account_id` DESC, `p`.`group_id` ASC, `p`.`level` ASC;"); + else $staffs = mysql_select_multi("SELECT `a`.`type` as `group_id`, `p`.`name`, `p`.`online`, `p`.`account_id` FROM `players` AS `p` INNER JOIN `accounts` AS `a` ON `a`.`id` = `p`.`account_id` WHERE `a`.`type` > 1 ORDER BY `p`.`account_id` DESC, `p`.`group_id` ASC, `p`.`level` ASC;"); + if ($staffs !== false) { + foreach($staffs as $k => $v) { + foreach($staffs as $key => $value) { + if($k != $key && $v['account_id'] == $value['account_id']) { + unset($staffs[$k]); + } + } + } + $staffs = array_values($staffs); + if ($TFS == 'TFS_10') { + for ($i = 0; $i < count($staffs); $i++) { + // Fix online status on TFS 1.0 + $staffs[$i]['online'] = (isset($staffs[$i]['id']) && user_is_online_10($staffs[$i]['id'])) ? 1 : 0; + unset($staffs[$i]['id']); + } + } } - $staffs = array_values($staffs); - - if ($staffs !== false && $TFS == 'TFS_10') { - for ($i = 0; $i < count($staffs); $i++) { - // Fix online status on TFS 1.0 - $staffs[$i]['online'] = (isset($staffs[$i]['id']) && user_is_online_10($staffs[$i]['id'])) ? 1 : 0; - unset($staffs[$i]['id']); - } - } - return $staffs; + return $staffs; } function support_list03() { diff --git a/topguilds.php b/topguilds.php index d059afc..fc4d18b 100644 --- a/topguilds.php +++ b/topguilds.php @@ -124,28 +124,32 @@ return $string; } -if (!empty($guilds) || $guilds !== false) { -?> - - - -

    Top 10 guilds with most frags

    - - - - - '; ?> - - - - - -
    #Name:Frags:
    - -No frags yet.'; +if (!empty($guilds) && $guilds !== false) { + ?> +

    Top 10 guilds with most frags

    + + + + + + + + + + + + + +
    #Name:Frags:
    + No frags yet.'; +} include 'layout/overall/footer.php'; ?>