'; } } #endregion // Variable used to check if main page should be rendered after handling POST (Change comment page) $render_page = true; // Handle POST if (!empty($_POST['selected_character'])) { if (!empty($_POST['action'])) { // Validate token if (!Token::isValid($_POST['token'])) { exit(); } // Sanitize values $action = getValue($_POST['action']); $char_name = getValue($_POST['selected_character']); // Handle actions switch($action) { // Change character comment PAGE2 (Success). case 'update_comment': if (user_character_account_id($char_name) === $session_user_id) { user_update_comment(user_character_id($char_name), getValue($_POST['comment'])); echo 'Successfully updated comment.'; } break; // end // Hide character case 'toggle_hide': $hide = (user_character_hide($char_name) == 1 ? 0 : 1); if (user_character_account_id($char_name) === $session_user_id) { user_character_set_hide(user_character_id($char_name), $hide); } break; // end // DELETE character case 'delete_character': if (user_character_account_id($char_name) === $session_user_id) { $charid = user_character_id($char_name); if ($charid !== false) { if ($config['TFSVersion'] === 'TFS_10') { if (!user_is_online_10($charid)) { if (guild_leader_gid($charid) === false) user_delete_character_soft($charid); else echo 'Character is leader of a guild, you must disband the guild or change leadership before deleting character.'; } else echo 'Character must be offline first.'; } else { $chr_data = user_character_data($charid, 'online'); if ($chr_data['online'] != 1) { if (guild_leader_gid($charid) === false) user_delete_character_soft($charid); else echo 'Character is leader of a guild, you must disband the guild or change leadership before deleting character.'; } else echo 'Character must be offline first.'; } } } break; // end // CHANGE character name case 'change_name': $oldname = $char_name; $newname = isset($_POST['newName']) ? getValue($_POST['newName']) : ''; $player = false; if ($config['TFSVersion'] === 'TFS_10') { $player = mysql_select_single("SELECT `id`, `account_id` FROM `players` WHERE `name` = '$oldname'"); $player['online'] = (user_is_online_10($player['id'])) ? 1 : 0; } else $player = mysql_select_single("SELECT `id`, `account_id`, `online` FROM `players` WHERE `name` = '$oldname'"); // Check if user is online if ($player['online'] == 1) { $errors[] = 'Character must be offline first.'; } // Check if player has bough ticket $accountId = $player['account_id']; $order = mysql_select_single("SELECT `id`, `account_id` FROM `znote_shop_orders` WHERE `type`='4' AND `account_id` = '$accountId' LIMIT 1;"); if ($order === false) { $errors[] = 'Did not find any name change tickets, buy them in our shop!'; } // Check if player and account matches if ($session_user_id != $accountId || $session_user_id != $order['account_id']) { $errors[] = 'Failed to sync your account. :|'; } $newname = validate_name($newname); if ($newname === false) { $errors[] = 'Your name can not contain more than 2 words.'; } else { if (empty($newname)) { $errors[] = 'Please enter a name!'; } else if (user_character_exist($newname) !== false) { $errors[] = 'Sorry, that character name already exist.'; } else if (!preg_match("/^[a-zA-Z_ ]+$/", $newname)) { $errors[] = 'Your name may only contain a-z, A-Z and spaces.'; } else if (strlen($newname) < $config['minL'] || strlen($newname) > $config['maxL']) { $errors[] = 'Your character name must be between ' . $config['minL'] . ' - ' . $config['maxL'] . ' characters long.'; } else if (!ctype_upper($newname{0})) { $errors[] = 'The first letter of a name has to be a capital letter!'; } // name restriction $resname = explode(" ", $_POST['newName']); foreach($resname as $res) { if(in_array(strtolower($res), $config['invalidNameTags'])) { $errors[] = 'Your username contains a restricted word.'; } else if(strlen($res) == 1) { $errors[] = 'Too short words in your name.'; } } } if (!empty($newname) && empty($errors)) { echo 'You have successfully changed your character name to ' . $newname . '.'; mysql_update("UPDATE `players` SET `name`='$newname' WHERE `id`='".$player['id']."' LIMIT 1;"); mysql_delete("DELETE FROM `znote_shop_orders` WHERE `id`='".$order['id']."' LIMIT 1;"); } else if (!empty($errors)) { echo ''; echo output_errors($errors); echo ''; } break; // end // Change character sex case 'change_gender': if (user_character_account_id($char_name) === $session_user_id) { $char_id = (int)user_character_id($char_name); $account_id = user_character_account_id($char_name); if ($config['TFSVersion'] == 'TFS_10') { $chr_data['online'] = user_is_online_10($char_id) ? 1 : 0; } else $chr_data = user_character_data($char_id, 'online'); if ($chr_data['online'] != 1) { // Verify that we are not messing around with data if ($account_id != $user_data['id']) die("wtf? Something went wrong, try relogging."); // Fetch character tickets $tickets = shop_account_gender_tickets($account_id); if ($tickets !== false || $config['free_sex_change'] == true) { // They are allowed to change gender $last = false; $infinite = false; $tks = 0; // Do we have any infinite tickets? foreach ($tickets as $ticket) { if ($ticket['count'] == 0) $infinite = true; else if ($ticket > 0 && $infinite === false) $tks += (int)$ticket['count']; } if ($infinite === true) $tks = 0; $dbid = (int)$tickets[0]['id']; // If they dont have unlimited tickets, remove a count from their ticket. if ($tickets[0]['count'] > 1) { // Decrease count $tks--; $tkr = ((int)$tickets[0]['count'] - 1); shop_update_row_count($dbid, $tkr); } else if ($tickets[0]['count'] == 1) { // Delete record shop_delete_row_order($dbid); $tks--; } // Change character gender: // user_character_change_gender($char_name); echo 'You have successfully changed gender on character '. $char_name .'.'; if ($tks > 0) echo '
You have '. $tks .' gender change tickets left.'; else if ($infinite !== true) echo '
You are out of tickets.'; } else echo 'You don\'t have any character gender tickets, buy them in the SHOP!'; } else echo 'Your character must be offline.'; } break; // end // Change character comment PAGE1: case 'change_comment': $render_page = false; // Regular "myaccount" page should not render if (user_character_account_id($char_name) === $session_user_id) { $comment_data = user_znote_character_data(user_character_id($char_name), 'comment'); ?>

Change comment on:

new DateTime()) echo 'CAUTION! Your character with name ' . $delete['character_name'] . ' will be deleted on ' . $delete['time'] . '. Cancel this operation.
'; else { user_delete_character(user_character_id($delete['character_name'])); mysql_update('UPDATE `znote_deleted_characters` SET `done` = 1 WHERE `id` = '. $delete['id']. ''); echo 'Character ' . $delete['character_name'] . ' has been deleted. This operation was requested by owner of this account.'; $char_count--; } } } ?>

My account

Welcome to your account page,
You have days remaining premium account.

Account security with Two-factor Authentication:

Character List: characters.

'; echo ''; echo ''; $characters[] = $value['name']; } ?>

NAME	LEVEL	VOCATION	TOWN	LAST LOGIN	STATUS	HIDE
'. $value['name'] .'	'. $value['level'] .'	'. $value['vocation'] .'	'. $value['town_id'] .'	'. $value['lastlogin'] .'	'. $value['online'] .'	'. hide_char_to_name(user_character_hide($value['name'])) .'

create one?'; } ?>