Zuweisung Chars zu Clanraeume verbessert!

main
hecht 10 years ago
parent 0a08e350b8
commit 2a787b1f36

@ -10,6 +10,7 @@
include_once(ROOT_PATH.'/include/config.inc.php');
include_once(ROOT_PATH.'/include/char.inc.php');
include_once (ROOT_PATH . '/include/parse.inc.php');
include_once (ROOT_PATH . '/include/sqlwrapper.inc.php');
// GET-Section
// Kritisch (SQL-Injections)
$char_id = validateUnsignedInteger($_GET['char_id'], null);
@ -18,13 +19,13 @@ $c_ware = validateUnsignedInteger($_GET['c_ware'], null);
//Unkritisch
$charm = $_GET['charm'];
if(!$char_id) {
include(ROOT_PATH.'/char_index.php');
exit;
}
if($charm == 1) {
$chars = getCharsOfUser($user_ida['id']);
if($charm) {
mysql_query("UPDATE chars SET clan_train='$c_ware' WHERE id='$char_id' AND besitzer='$user_ida[id]' LIMIT 1");
foreach($chars as $char) {
$c_ware = validateUnsignedInteger($_GET['c_ware_'.$char['id']], null);
db_query('UPDATE chars SET clan_train='.$c_ware.' WHERE id='.$char['id'].' AND besitzer='.$user_ida[id]);
}
}
$char = getChar($char_id, false);
@ -43,7 +44,6 @@ if(!isUserOwnerOf($user_ida['id'], $char_id)){
<form action="index.php" method="GET">
<input type="hidden" name="as" value="clan/c_ware" />
<input type="hidden" name="charm" value="1" />
<input type="hidden" name="char_id" value="<?php echo $char_id; ?>" />
<table cellpadding="0" cellspacing="0" width="100%" height="127">
<!-- MSTableType="layout" -->
@ -51,25 +51,36 @@ if(!isUserOwnerOf($user_ida['id'], $char_id)){
<td valign="top" height="31" colspan="2">
<p align="center"><b>Clan Items</b></td>
</tr>
<?php
$chars = getCharsOfUser($user_ida['id'], false);
foreach($chars as $char) {
$clan_items = mysql_query("SELECT ci.name, ci.type, cw.id, 1/(1+exp(3-$char[level]/12)) * nutzung as nutzkosten FROM clan_ware cw LEFT JOIN clan_item ci ON(cw.item_id=ci.id) WHERE cw.clan='$user_ida[clan]'");
?>
<tr>
<td height="25" width="260" valign="middle" align="center">
Raum f&uuml;r <?php echo $char[name] ; ?></td>
Raum f&uuml;r <?php echo $char[name] ; ?>
</td>
<td height="25" width="273" valign="middle">
<select id="input" name="c_ware">
<option value="0">W&auml;hle Kampf Raum
<?php
while($row = mysql_Fetch_array($clan_items)) {
$save="";
if($row['id'] == $char['clan_train']) { $save = "Selected"; }
if($row['type'] == "Raum") {
echo "<option value='$row[id]' $save>$row[name] (".displayMoney($row['nutzkosten']).") </option>";
}
}
<select id="input" name="c_ware_<?php echo $char_id; ?>">
<option value="0">W&auml;hle Kampf Raum</option>
<?php
while($row = mysql_Fetch_array($clan_items)) {
$save="";
if($row['id'] == $char['clan_train']) {
$save = 'Selected';
}
if($row['type'] == 'Raum') {
echo "<option value='$row[id]' $save>$row[name] (".displayMoney($row['nutzkosten']).") </option>";
}
}
?>
</select>
</td>
</tr>
<?php
}
?>
</select>
</td>
</tr>
<tr>
<td height="19" width="260" valign="top">&nbsp;</td>
<td height="19" width="273">&nbsp;<input id="input" type=submit value="Speichern"></form></td>

@ -203,7 +203,7 @@ function getCharsOfUser($userid, $buffer_enabled = true) {
$GLOBALS['chars_read_out_user'][$userid] = array();
$qry = mysql_query('Select id from chars where besitzer = '.$userid.' order by id');
while($char = mysql_fetch_assoc($qry)){
$GLOBALS['chars_read_out_user'][$userid][] = &getChar($char['id']);
$GLOBALS['chars_read_out_user'][$userid][] = &getChar($char['id'], $buffer_enabled);
}
}
return $GLOBALS['chars_read_out_user'][$userid]; // Gebe das globale Userfeld zurück.

Loading…
Cancel
Save