<?php
/*
* @copyright (c) 2010 animegame.eu
* @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence
*
*/
include_once('path.inc.php'); // get the path ;)
include_once (ROOT_PATH . '/include/config.inc.php');
include_once(ROOT_PATH.'/include/parse.inc.php');
include_once(ROOT_PATH.'/include/char.inc.php');
// GET-Section
// Kritisch (SQL-Injections)
$kampf_id = validateUnsignedInteger($_GET['kampf_id'], null);
$kampf_name = validateString($_GET['kampf_name']);
//Unkritisch
$search = $_GET['search'];
?>
<body bgcolor="#202020">
<?php
if ($search) {
$kampf_id2 = mysql_fetch_array(mysql_query("SELECT k.id FROM chars c LEFT JOIN wanted_kampf k ON(k.char1=c.id OR k.char2=c.id) WHERE c.name='$kampf_name' LIMIT 1"));
?>
<SCRIPT language="JavaScript">
window.open(<?php echo '"wanted_kampf_anzeige.php?kampf_id=' .$kampf_id2[id]. '"'; ?>,"","status=no,hotkeys=no,Height=600,Width=820,scrollbars=yes");
</SCRIPT>
<?php
}
if ($kampf_id) {
echo "<p align=center>$back<br> <br>";
$kampf1 = mysql_Fetch_array(mysql_query("SELECT * FROM wanted_kampf WHERE id='$kampf_id' LIMIT 1"));
$char_1 = getChar($kampf1['char1']);
$char_2 = getChar($kampf1['char2']);
$spleoic = "wanted";
$starke1 = explode(",", $kampf1[starke1]);
$starke2 = explode(",", $kampf1[starke2]);
$ver1 = explode(",", $kampf1[ver1]);
$ver2 = explode(",", $kampf1[ver2]);
$speed1 = explode(",", $kampf1[speed1]);
$speed2 = explode(",", $kampf1[speed2]);
$ausdauer1 = explode(",", $kampf1[ausdauer1]);
$ausdauer2 = explode(",", $kampf1[ausdauer2]);
$glueck1 = explode(',', $kampf1['glueck1']);
$glueck2 = explode(',', $kampf1['glueck2']);
$schaden1 = explode(",", $kampf1[schaden1]);
$schaden2 = explode(",", $kampf1[schaden2]);
$attacke1 = explode(",", $kampf1[attacke1]);
$attacke2 = explode(",", $kampf1[attacke2]);
$hp1 = explode(",", $kampf1[hp1]);
$hp2 = explode(",", $kampf1[hp2]);
$mp1 = explode(",", $kampf1[mp1]);
$mp2 = explode(",", $kampf1[mp2]);
$a_hp1 = explode(",", $char_1[hp]);
$a_hp2 = explode(",", $char_2[hp]);
$a_mp1 = explode(",", $char_1[mp]);
$a_mp2 = explode(",", $char_2[mp]);
$runde = 1;
// das muss noch umgestellt werden!!
include "include/kampf_anzeige.php";
} else {
$kampf_search = mysql_query('SELECT c1.name AS c1_name, c2.name AS c2_name, k.id FROM wanted_kampf k LEFT JOIN chars c1 ON(c1.id=k.char1) LEFT JOIN chars c2 ON(c2.id=k.char2) LEFT JOIN user u ON(u.id=c1.besitzer OR u.id=c2.besitzer) WHERE u.id=' . $user_ida[id]);
?>
<SCRIPT language="JavaScript">
function wanted_anzeige(id){
var Info = window.open("wanted_kampf_anzeige.php?kampf_id="+id,"","status=no,hotkeys=no,Height=600,Width=820,scrollbars=yes");
}
</SCRIPT>
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width="100%" height="88">
<tr>
<th width="484" height="40" colspan="4" align="center">Meine WantedkÀmpfe</th>
</tr>
<?php
$kampfs = 1;
while ($row = mysql_fetch_array($kampf_search)) {
?>
<tr>
<th width="102" height="23" align="center"><?php echo $row[c1_name]; ?></th>
<th width="19" height="23">vs.</th>
<th width="298" height="23"><?php echo $row[c2_name]; ?></th>
<th width="279" height="22"><a href='javascript:wanted_anzeige(<?php echo $row[id]; ?>)'>Anzeigen</a></td>
</tr>
<?php
$kampfs++;
}
?>
<tr>
<th width="135" height="20" align="center">Wantedkampf suche</th>
<td width="343" height="20" colspan="3">
<form action="index.php" method="GET">
<input type="hidden" name="as" value="wanted_kampf_anzeige" />
<input type="hidden" name="search" value="1" />
<input id="input" name="kampf_name">
<input id="input" type=submit value="nach Namen suchen.">
</td>
</tr>
</table>
<?php
}
?>