<?php /* * * @copyright (c) 2010 animegame.eu * @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence * */ include_once('path.inc.php'); // get the path ;) include_once(ROOT_PATH.'/include/config.inc.php'); include_once(ROOT_PATH.'/include/parse.inc.php'); include_once(ROOT_PATH.'/include/fehlerausgabe.inc.php'); include_once(ROOT_PATH.'/include/designfunctions.inc.php'); include_once(ROOT_PATH.'/include/rassen.inc.php'); include_once(ROOT_PATH.'/include/char.inc.php'); // GET-Section // Kritisch (SQL-Injections) $wahl = validateStringCritical($_GET['wahl']); $char_name = validateName($_GET['char_name']); $char_vorhanden = mysqli_num_rows(db_query('SELECT id FROM chars WHERE name like \''.$char_name.'%\' LIMIT 1')); function displayHighscore($wahl, $char_name, $user, $char_vorhanden){ if($wahl === null || $wahl=='powerlevel') { $wahl_x = 'Powerlevel'; $wahl='powerlevel'; } else if($wahl == 'level') { $wahl_x = 'Level'; } else if($wahl == 'siege') { $wahl_x = 'Siege'; } else if($wahl == 'niederlagen') { $wahl_x = 'Niederlagen'; } else if($wahl == 'preis') { $wahl_x = 'Preis'; // } else if($wahl != 'geld'){ // return; } else{ return; } if($wahl == 'geld') { $choice_s = db_query('SELECT geld, id FROM user where id >= 2 ORDER BY geld DESC LIMIT 50'); } else { $npc_race = getRaceTypeName('NPC'); // do not remove npc (there is a separate setting for this) $races = getRacesByType($npc_race); // remove all NPC foreach($races as $race) { $exclude_race_ids[] = '\''.$race['id'].'\''; } $sql = 'SELECT c.name, c.level, c.besitzer, c.starke, c.preis, c.speed, c.glueck, c.bild, c.verteidigung, c.ausdauer, c.siege, c.niederlagen, c.id as charid, starke+verteidigung+speed+ausdauer+glueck as powerlevel FROM chars c ' . 'WHERE rasse NOT IN('.implode(',',$exclude_race_ids).') ORDER BY ('.$wahl.') DESC LIMIT 50'; // Uncomment for hp/mp in PL // $sql = 'SELECT cl.clanzeichen, u.nickname, u.id as userid, c.name, c.level, c.besitzer, c.starke, c.preis, c.speed, c.glueck, c.bild, c.verteidigung, c.ausdauer, c.siege, c.niederlagen, c.id as charid, starke+verteidigung+speed+ausdauer+glueck+substring_index(hp,\',\',-1)/10+substring_index(mp,\',\',-1)/5 as powerlevel' . // ' FROM chars as c INNER JOIN user as u on c.besitzer = u.id' . // ' LEFT JOIN clan as cl on u.clan = cl.id ' . // 'WHERE rasse != \'NPC\' ORDER BY ('.$wahl.') DESC LIMIT 50'; // echo $sql.'<br>'; $choice_s = db_query($sql); } ?> <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" height="1"> <!-- MSTableType="layout" --> <tr> <td valign="middle" colspan="3" align="center"> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="get"> <input type="hidden" name="as" value="ranglist"> <input type="hidden" name="char_name" value="<?php echo $char_name; ?>"></input> <input type="hidden" name="as" value="ranglist"></input> <select id="input" name="wahl"> <?php $choices = array('Powerlevel','Siege','Niederlagen','Preis','Level'); for($i=0;$i<count($choices);$i++){ if(strtolower($choices[$i]) == $wahl){ $selected = ' selected'; } else{ $selected = ''; } echo ' <option value="'.strtolower($choices[$i]).'"'.$selected.'>Nach '.$choices[$i].'</option>'."\n"; } ?> </select> <input id="input" type=submit value="ordnen"> </form> </td> <th valign="middle" colspan="3" height="44" align="center"> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="get"> <input type="hidden" name="as" value="ranglist"> <input type="hidden" name="wahl" value="<?php echo $wahl; ?>"></input> <input type="hidden" name="as" value="ranglist"></input> Charakter Suchen: <input id="input" name="char_name" value="<?php echo $char_name; ?>"> <input id="input" type=submit value="suchen"> </form> </th> </tr> <?php if($wahl == 'geld') { ?> <tr> <th valign="middle" height="25" align="center">Platz</th> <th valign="middle" height="25" align="center">User</th> <th valign="middle" height="25" align="center">Geld</th> </tr> <?php } else { ?> <tr> <th valign="middle" height="25" align="center">Platz</th> <th valign="middle" height="25" align="center">Charakter</th> <th valign="middle" height="25" align="center">Trainer</th> <th valign="middle" height="25" align="center"><?php echo $wahl_x; ?></th> <th valign="middle" height="25" align="center">Siege / Niederlagen</th> <th valign="middle" height="25" align="center">Preis</th> </tr> <?php } $x=1; $found = 0; while($row = mysqli_fetch_assoc($choice_s)) { if($wahl != "geld") { if($row['besitzer'] == $user['id']) { $cols[$x] = 'bgcolor="#666666"'; } if($row['name'] == $char_name) { $cols[$x] = 'bgcolor="#666666"'; $found = 1; } $row['bild'] = getPicture($row); $row['wahl'] = $row[$wahl]; $clan_logo = explode(',',$row['clanzeichen']); } if($wahl == 'geld') { ?> <tr> <th <?php echo $cols[$x];?> align="center"><?php echo $x; ?></th> <th <?php echo $cols[$x];?> align="center"><?php echo generateUserLinkByID($row['id']); ?></th> <th <?php echo $cols[$x];?> align="center">???</th> </tr> <?php } else { ?> <tr> <th <?php echo $cols[$x];?> align="center"><?php echo $x; ?></th> <th <?php echo $cols[$x];?> align="center"><?php echo displayCharLink($row['charid'],$row['name'],$row['bild']); ?></th> <th <?php echo $cols[$x];?> align="center"><?php echo generateUserLinkByID($row['besitzer']); ?></th> <th <?php echo $cols[$x];?> align="center"><?php echo $row['wahl']; ?></th> <th <?php echo $cols[$x];?> align="center"><?php echo $row['siege'].' / '.$row['niederlagen']; ?></th> <th <?php echo $cols[$x];?> align="center"><?php echo $row['preis']; ?></th> </tr> <?php } $x++; } // Wird nach einem Char gesucht oder ist noch kein Char des Users gefunden worden, dann // zeige dessen Position an if($char_name && $found < 1 && $wahl != 'geld' && !empty($char_vorhanden)) { $char_x_name = mysqli_fetch_assoc(db_query('SELECT id, name, besitzer, level, starke, preis, speed, bild, verteidigung, ausdauer, siege, niederlagen, id, starke+verteidigung+speed+ausdauer+glueck as powerlevel FROM chars WHERE name like \''.$char_name.'%\' LIMIT 1')); $nick_name2 = mysqli_fetch_assoc(db_query("SELECT nickname FROM user WHERE id='".$char_x_name['besitzer']."' LIMIT 1")); $cols[$x] = '666666'; $u=0; if($wahl_x == 'Powerlevel') { $z = mysqli_fetch_assoc(db_query('SELECT COUNT(id) as anzahl FROM chars WHERE '.$char_x_name[$wahl].' < starke+verteidigung+speed+ausdauer+glueck')); $z = $z['anzahl']; } else { $z = mysqli_fetch_assoc(db_query('SELECT COUNT(id) as anzahl FROM chars WHERE '.$char_x_name[$wahl].' < '.$wahl)); $z = $z['anzahl']; } ?> <tr> <th bgcolor="<?php echo $cols[$x];?>" align="center"><?php echo $z; ?></th> <th bgcolor="<?php echo $cols[$x];?>" align="center"><?php echo displayCharLink($char_x_name['id'],$char_x_name['name'],$char_x_name['bild']); ?></th> <th bgcolor="<?php echo $cols[$x];?>" align="center"><?php echo generateUserLinkByID($char_x_name['besitzer']); ?></th> <th bgcolor="<?php echo $cols[$x];?>" align="center"><?php echo $char_x_name[$wahl]; ?></th> <th bgcolor="<?php echo $cols[$x];?>" align="center"><?php echo $char_x_name['siege'].' / '.$char_x_name['niederlagen']; ?></th> <th bgcolor="<?php echo $cols[$x];?>" align="center"><?php echo $char_x_name['preis']; ?></th> </tr> <?php } ?> </table> <?php } displayHighscore($wahl, $char_name, $user_ida, $char_vorhanden); ?>