run_hooks("member_usercp_start"); $lang->load("acccharinfo"); $settings->load("usercp"); $settings->load("member"); //are we logged on? If so, continue, else, skip to the end if (isset($_SESSION['fieme_auth'])) { /* ########################################### ########################################### CHANGE _ POST ########################################### ########################################### */ $edit_stuff = ""; $gender = array(1=>"$lang->usercp_male", 0=>"$lang->usercp_female", 2=>"$lang->usercp_generalerror"); $classes = $lang->usercp_class_names; $plugin->run_hooks("member_usercp_member_start"); if (@$_POST['change'] == 'password') { $plugin->run_hooks("member_usercp_change_pass_start"); if (isset($_POST['current-pass'])) { //make sure the inputed current password is correct $query = sqlsrv_query($fiemecp->dbacc, "SELECT * FROM dbo.tUser WHERE nUserNo = ?", array($_SESSION['fieme_uid']), array( "Scrollable" => SQLSRV_CURSOR_KEYSET)); $row = sqlsrv_fetch_array( $query, SQLSRV_FETCH_ASSOC); if ($_POST['current-pass'] != $row['sUserPW']) { $error = "
$lang->char_info_edit_current_pass_bad
"; } } if ((md5($_POST['new-pass-1']) == md5($_POST['new-pass-2'])) and !isset($error)) { if (strlen($_POST['new-pass-1']) >= $settings->register_min_pass_length) { $query = sqlsrv_query($fiemecp->dbacc, "UPDATE tUser SET [sUserPW] = ? WHERE nUserNo = ?", array($_POST['new-pass-2'], $_SESSION['fieme_uid']), array( "Scrollable" => SQLSRV_CURSOR_KEYSET)); $fiemecp->usercp_log("c_p", $row['sUserPW'], $_POST['new-pass-1']); //update cookie setcookie('fieme_pass_hash', md5($_POST['new-pass-1']), time()+604800); $edit_stuff = "
$lang->char_info_edit_pass_success
"; $plugin->run_hooks("member_usercp_change_pass_success"); } else { $error = "
$lang->char_info_edit_pass_not_long
"; } } elseif (!isset($error)) { $error = "
$lang->char_info_edit_pass_mismatch
"; } if (isset($error)) { eval("\$edit_stuff = \"" . $template->get("usercp_member_edit_password") . "\";"); } $plugin->run_hooks("member_usercp_change_pass_end"); } elseif (@$_POST['change'] == "email") { $plugin->run_hooks("member_usercp_change_email_start"); if ($_POST['new-email-1'] == $_POST['new-email-2']) { if(preg_match("/^([.0-9a-z_-]+)@(([0-9a-z-]+\.)+[0-9a-z]{2,4})$/i", $_POST['new-email-1'])) { $query = sqlsrv_query($fiemecp->dbacc, "SELECT * FROM dbo.tUserOption WHERE nUserNo = ?", array($_SESSION['fieme_uid']), array( "Scrollable" => SQLSRV_CURSOR_KEYSET)); if (sqlsrv_num_rows($query) == 0) { //add it sqlsrv_query($fiemecp->dbacc, "INSERT INTO dbo.tUserOption ([nUserNo], [sEmail]) VALUES (?, ?)", array($_SESSION['fieme_uid'], $_POST['new-email-1']), array( "Scrollable" => SQLSRV_CURSOR_KEYSET)); $fiemecp->usercp_log("a_e", $_POST['new-email-1']); } else { //get old password, if logging is enabled if ($settings->log_usercp == 1) { $curr_e = sqlsrv_fetch_array($query); } //update it sqlsrv_query($fiemecp->dbacc, "UPDATE dbo.tUserOption SET [sEmail] = ? WHERE nUserNo = ?", array($_POST['new-email-1'], $_SESSION['fieme_uid']), array( "Scrollable" => SQLSRV_CURSOR_KEYSET)); $fiemecp->usercp_log("c_e", $curr_e['sEmail'], $_POST['new-email-1']); } $edit_stuff = "
$lang->char_info_edit_email_success
"; $plugin->run_hooks("member_usercp_change_email_success"); } else { $error = "
$lang->char_info_edit_email_invalid
"; } } else { $error = "
$lang->char_info_edit_email_mismatch
"; } if (isset($error)) { eval("\$edit_stuff = \"" . $template->get("usercp_member_edit_email") . "\";"); } $plugin->run_hooks("member_usercp_change_email_end"); } elseif (@$_POST['change'] == "lang") { $plugin->run_hooks("member_usercp_change_lang_start"); //DB it! $query = sqlsrv_query($fiemecp->dbacc, "SELECT * FROM dbo.fUserSettings WHERE user_id = ? AND setting = 'lang'", array($_SESSION['fieme_uid']), array( "Scrollable" => SQLSRV_CURSOR_KEYSET)); if (sqlsrv_num_rows($query) == 0) { //add it sqlsrv_query($fiemecp->dbacc, "INSERT INTO dbo.fUserSettings ([user_id], [setting], [value]) VALUES (?, 'lang', ?)", array($_SESSION['fieme_uid'], $_POST['new_lang']), array( "Scrollable" => SQLSRV_CURSOR_KEYSET)); $fiemecp->usercp_log("a_u_l", $_POST['new_lang']); } else { //update it sqlsrv_query($fiemecp->dbacc, "UPDATE dbo.fUserSettings SET [value] = ? WHERE user_id = ? AND setting = 'lang'", array($_POST['new_lang'], $_SESSION['fieme_uid']), array( "Scrollable" => SQLSRV_CURSOR_KEYSET)); $fiemecp->usercp_log("u_l", @$_SESSION['lang'], $_POST['new_lang']); } //session it, and load it! $_SESSION['lang'] = $_POST['new_lang']; $lang->use_language($_POST['new_lang']); $plugin->run_hooks("member_usercp_change_lang_end"); } elseif (@$_POST['change'] == 'char_name') { $plugin->run_hooks("member_usercp_change_charname_start"); //Are name changes enabled? if ($settings->user_change_name == 0) { $error = $lang->char_info_edit_name_disabled; } //Does the account in question belong to the user logged in? if (($fiemecp->char_belong_acc($fiemecp->id_name_switch('1', $_POST['old_char_1'], '0'), $_SESSION['fieme_uid']) != 1) && !isset($error)) { $error = $lang->char_info_edit_char_error_belongnot; } //validate input if (md5($_POST['old_char_1']) != md5($_POST['old_char_2']) && !isset($error)) { $error = $lang->char_info_edit_char_error_oldnot; } if (md5($_POST['new_char_1']) != md5($_POST['new_char_2']) && !isset($error)) { $error = $lang->char_info_edit_char_error_newnot; } //make sure not such char exists already $results = sqlsrv_query($fiemecp->dbchar, "SELECT * FROM dbo.tCharacter WHERE sID = ?", array($_POST['new_char_1']), array( "Scrollable" => SQLSRV_CURSOR_KEYSET)); if ((sqlsrv_num_rows($results) > 0) && !isset($error)) { $error = $lang->char_info_edit_char_error_exists; } //check char length (MAX 16, MIN 4) if ((strlen($_POST['new_char_1']) > 16) || (strlen($_POST['new_char_1']) < 4)) { $error = $lang->char_info_edit_char_error_length; } //check char format. Only alphanumeric allowed if (!preg_match("/^([0-9a-z_]+)$/i", $_POST['new_char_1'])) { $error = $lang->char_info_edit_char_error_preg; } //deduct the appropriate money, and change the name if the user is allowed to :D! if (!isset($error)) { if ($fiemecp->money_fame_away($fiemecp->id_name_switch('1', $_POST['old_char_1'], '0'), $settings->user_change_name_copper, $settings->user_change_name_fame) != 1) { $error = $lang->char_info_edit_char_error_missing; } else { //FINALLY. Change that fuckin' name now, and log... sqlsrv_query($fiemecp->dbchar, "UPDATE dbo.tCharacter SET sID = ? WHERE sID = ?", array($_POST['new_char_1'], $_POST['old_char_1']), array( "Scrollable" => SQLSRV_CURSOR_KEYSET)); $fiemecp->usercp_log("c_n",$_POST['old_char_1'],$_POST['new_char_1']); $plugin->run_hooks("member_usercp_change_charname_success"); } } if (isset($error)) { $char_name = $_POST['old_char_1']; $error = "
" . $error . "
"; $price = $fiemecp->money_to_readable($settings->user_change_name_copper); eval("\$edit_stuff = \"" . $template->get("usercp_member_edit_char_name") . "\";"); } else { $edit_stuff = $lang->char_info_edit_char_complete; } $plugin->run_hooks("member_usercp_change_charname_end"); } elseif (@$_POST['change'] == 'char_gender') { $plugin->run_hooks("member_usercp_change_chargender_start"); //Are gender changes enabled? if ($settings->user_change_gender == 0) { $error = $lang->char_info_edit_gender_disabled; } //Does the account in question belong to the user logged in? if (($fiemecp->char_belong_acc($fiemecp->id_name_switch('1', $_POST['old_char_1'], '0'), $_SESSION['fieme_uid']) != 1) && !isset($error)) { $error = $lang->char_info_edit_gender_error_belongnot; } //validate input if (md5($_POST['old_char_1']) != md5($_POST['old_char_2']) && !isset($error)) { $error = $lang->char_info_edit_gender_error_oldnot; } //deduct the appropriate money, and change the gender if the user is allowed to :D! if (!isset($error)) { $char_id = $fiemecp->id_name_switch('1', $_POST['old_char_1'], '0'); if ($fiemecp->money_fame_away($char_id, $settings->user_change_gender_copper, $settings->user_change_gender_fame) != 1) { $error = $lang->char_info_edit_gender_error_missing; } else { $plugin->run_hooks("member_usercp_change_chargender_success"); //FINALLY. Change that fuckin' name now, and log... $fiemecp->change_gender($char_id); $fiemecp->usercp_log("c_g",$_POST['old_char_1'], $fiemecp->char_gender($_POST['old_char_1'], 1)); } } if (isset($error)) { $char_name = $_POST['old_char_1']; $error = "
" . $error . "
"; $char_gender = $gender[$fiemecp->char_gender($char_name, 1)]; $price = $fiemecp->money_to_readable($settings->user_change_gender_copper); eval("\$edit_stuff = \"" . $template->get("usercp_member_edit_char_gender") . "\";"); } else { $edit_stuff = $lang->char_info_edit_gender_complete; } $plugin->run_hooks("member_usercp_change_chargender_end"); } /* ########################################### ########################################### CHANGE _ GET ########################################### ########################################### */ if (@$_GET['change'] == 'password') { $error = ""; eval("\$edit_stuff = \"" . $template->get("usercp_member_edit_password") . "\";"); } elseif (@$_GET['change'] == 'email') { $error = ""; eval("\$edit_stuff = \"" . $template->get("usercp_member_edit_email") . "\";"); } elseif (@$_GET['change'] == 'language') { $error = ""; $lang_opts = ""; foreach (glob(FIEME_ROOT . "includes\lang\*.php") as $filename) { //include it to get the data! include $filename; //substr($filename, strlen(FIEME_ROOT . "includes\lang\\"), -4) $lang_opts .= ""; eval("\$edit_stuff = \"" . $template->get("usercp_member_edit_lang") . "\";"); } } elseif (@$_GET['change'] == 'char_name' && (isset($_GET['char'])) && ($fiemecp->char_belong_acc($fiemecp->id_name_switch('1', $_GET['char'], '0'), $_SESSION['fieme_uid']) == 1)) { $error = ""; $char_name = $_GET['char']; $price = $fiemecp->money_to_readable($settings->user_change_name_copper); eval("\$edit_stuff = \"" . $template->get("usercp_member_edit_char_name") . "\";"); } elseif (@$_GET['change'] == 'char_gender' && (isset($_GET['char'])) && ($fiemecp->char_belong_acc($fiemecp->id_name_switch('1', $_GET['char'], '0'), $_SESSION['fieme_uid']) == 1)) { $error = ""; $char_name = $_GET['char']; $char_gender = $gender[$fiemecp->char_gender($char_name, 1)]; $price = $fiemecp->money_to_readable($settings->user_change_gender_copper); eval("\$edit_stuff = \"" . $template->get("usercp_member_edit_char_gender") . "\";"); } ////////////////////////////// //FETCH USER INFO// ///////////////////////////// $query = sqlsrv_query($fiemecp->dbacc, "SELECT * FROM dbo.tUser WHERE nUserNo = ?", array($_SESSION['fieme_uid']), array( "Scrollable" => SQLSRV_CURSOR_KEYSET)); $row = sqlsrv_fetch_array( $query, SQLSRV_FETCH_ASSOC); if ($row['bIsBlock'] === 1) { $account['banned'] = "$lang->char_info_account_banned"; } //Have we allow the user to view his own ID? If yes, let's print it out to him! if ($settings->user_see_account_id == true) { $account['account_id'] = " - #" . $row['nUserNo']; } //Let's get the E-mail shall we? $query = sqlsrv_query($fiemecp->dbacc, "SELECT * FROM dbo.tUserOption WHERE nUserNo = ?", array($_SESSION['fieme_uid']), array( "Scrollable" => SQLSRV_CURSOR_KEYSET)); $row_2 = sqlsrv_fetch_array( $query, SQLSRV_FETCH_ASSOC); if ( (sqlsrv_num_rows($query) != 0) and ($row_2['sEmail'] != '') and (isset($row_2['sEmail'])) ) { $account['email'] = $row_2['sEmail']; } else { $account['email'] = $lang->char_info_email_unset; } //What language are we using? $account['language'] = $lang->opts['name']; $plugin->run_hooks("member_usercp_account_info"); //populate the account information with retrieved data eval("\$usercp_account = \"" . dsprintf($template->get("usercp_member_account"), array('accname'=>"$row[sUserID]", 'banned'=>@$account['banned'], 'authid'=>$row['nAuthID'], 'email'=>$account['email'], 'accid'=>@$account['account_id'], 'lang'=>$account['language'])) . "\";"); //now we do characters! Fun, fun, fun, fun, weekend, week... yeah... $results = sqlsrv_query($fiemecp->dbchar, "SELECT * FROM dbo.tCharacter WHERE nUserNo = ? AND bDeleted = 0", array($_SESSION['fieme_uid']), array( "Scrollable" => SQLSRV_CURSOR_KEYSET)); $account['chars_num'] = sqlsrv_num_rows($results); $i = 1; while ($row = sqlsrv_fetch_array( $results, SQLSRV_FETCH_ASSOC)) { $char_guild_info = $fiemecp->get_guild_of_char($row['nCharNo']); if ($char_guild_info == 0) { $guild_info = "Not part of any guild"; } else { $guild_info = "$char_guild_info[guild] ($char_guild_info[grade])"; if ($char_guild_info['raw_grade'] == 0) { // IF we are are the master, allow for guild editing - not functional yet, so let's hide it #$guild_info .= " (Guild Manager [ALPHA])"; } } $row['nMoney'] = addslashes($fiemecp->money_to_readable("$row[nMoney]")); //How about who we're married to, if at all... $query = sqlsrv_query($fiemecp->dbchar, "SELECT * FROM dbo.tMarriage WHERE nCharNo = ?", array($row['nCharNo']), array( "Scrollable" => SQLSRV_CURSOR_KEYSET)); if (sqlsrv_num_rows($query) != 0) { $marriage = sqlsrv_fetch_array( $query, SQLSRV_FETCH_ASSOC); if ($marriage['nStatus'] == '1') //ENGAGED! { $account['wedding'] = $lang->char_info_char_marriage_1; } else { $account['wedding'] = $lang->char_info_char_marriage_2; } $account['wedding'] .= $fiemecp->id_name_switch(1, $marriage['nPartnerCharNo'], 0); } else { $account['wedding'] = $lang->char_info_char_marriage_0; } //get char look data (gender, hair and class!) $char_data = sqlsrv_query($fiemecp->dbchar, "SELECT * FROM dbo.tCharacterShape WHERE nCharNo = ?", array($row['nCharNo']), array( "Scrollable" => SQLSRV_CURSOR_KEYSET)); $char_data = sqlsrv_fetch_array( $char_data, SQLSRV_FETCH_ASSOC); //Number -> redable $char_data['nGender'] = $gender["$char_data[nGender]"]; $char_data['nClass'] = $classes["$char_data[nClass]"]; //Add what we're allowed to edit: if ($settings->user_change_gender == 1) { $edit_gender_link="[$lang->usercp_gender_change]"; } else{ $edit_gender_link=""; } if ($settings->user_change_name == 1) { $edit_name_link="[$lang->usercp_name_change]"; } else{ $edit_name_link=""; } $plugin->run_hooks("member_usercp_chareach_info"); eval("\$account['char_$i'] = \"" . dsprintf($template->get("usercp_member_chars"), array('name'=>"$row[sID] \$edit_name_link", 'slot'=>"$row[nSlotNo]", 'admin_level'=>"$row[nAdminLevel]", 'level'=>"$row[nLevel]", 'logins'=>"$row[nLoginCount]", 'time'=>"$row[nPlayMin]", 'guild'=>$guild_info, 'fame'=>"$row[nFame]", 'money'=>"$row[nMoney]", 'str'=>"$row[nStrength]", 'end'=>"$row[nConstitute]", 'dex'=>"$row[nDexterity]", 'int'=>"$row[nIntelligence]", 'spr'=>"$row[nMentalPower]", 'pk'=>"$row[nPKCount]", 'gender'=>"$char_data[nGender] \$edit_gender_link", 'class'=>"$char_data[nClass]", 'wedding_info'=> $account['wedding'])) . "\";"); $i++; } $usercp_characters = ""; for ($i = 1; $i <= $account['chars_num'] ; $i++) { if ($i == 1) { $usercp_characters .= $lang->char_info_characters; } $usercp_characters .= "
" . $account["char_$i"] . "
\r\n"; $plugin->run_hooks("member_usercp_char_layout"); } eval("\$usercp = \"" . $template->get("usercp_member") . "\";"); $plugin->run_hooks("member_usercp_member_end"); } else { $plugin->run_hooks("member_usercp_guest_start"); eval("\$usercp = \"" . $template->get("usercp_guest") . "\";"); } $plugin->run_hooks("member_usercp_end"); output_page($usercp);