You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

189 lines
7.5 KiB

<?php
/*
*
* @copyright (c) 2010 animegame.eu
* @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence
*
*/
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/config.inc.php');
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/parse.inc.php');
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/fehlerausgabe.inc.php');
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/designfunctions.inc.php');
include_once($_SERVER['DOCUMENT_ROOT'].'ag/include/char.inc.php');
// GET-Section
// Kritisch (SQL-Injections)
$wahl = validateString($_GET['wahl']);
$char_name = validateName($_GET['char_name']);
$char_vorhanden = mysql_num_rows(mysql_query('SELECT id FROM chars WHERE name like \''.$char_name.'%\' LIMIT 1'));
function displayHighscore($wahl, $char_name, $user, $char_vorhanden){
if($wahl === null || $wahl=='powerlevel') {
$wahl_x = 'Powerlevel';
$wahl='powerlevel';
} else if($wahl == 'level') {
$wahl_x = 'Level';
} else if($wahl == 'siege') {
$wahl_x = 'Siege'; }
else if($wahl == 'niederlagen') {
$wahl_x = 'Niederlagen'; }
else if($wahl == 'preis') {
$wahl_x = 'Preis';
// } else if($wahl != 'geld'){
// return;
} else{
return;
}
if($wahl == 'geld') {
$choice_s = mysql_query('SELECT geld, id FROM user where id >= 2 ORDER BY geld DESC LIMIT 50');
} else {
$sql = 'SELECT c.name, c.level, c.besitzer, c.starke, c.preis, c.speed, c.glueck, c.bild, c.verteidigung, c.ausdauer, c.siege, c.niederlagen, c.id as charid, starke+verteidigung+speed+ausdauer+glueck as powerlevel' .
'WHERE rasse != \'NPC\' ORDER BY ('.$wahl.') DESC LIMIT 50';
// Uncomment for hp/mp in PL
// $sql = 'SELECT cl.clanzeichen, u.nickname, u.id as userid, c.name, c.level, c.besitzer, c.starke, c.preis, c.speed, c.glueck, c.bild, c.verteidigung, c.ausdauer, c.siege, c.niederlagen, c.id as charid, starke+verteidigung+speed+ausdauer+glueck+substring_index(hp,\',\',-1)/10+substring_index(mp,\',\',-1)/5 as powerlevel' .
// ' FROM chars as c INNER JOIN user as u on c.besitzer = u.id' .
// ' LEFT JOIN clan as cl on u.clan = cl.id ' .
// 'WHERE rasse != \'NPC\' ORDER BY ('.$wahl.') DESC LIMIT 50';
// echo $sql.'<br>';
$choice_s = mysql_query($sql);
}
?>
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" height="1">
<!-- MSTableType="layout" -->
<tr>
<td valign="middle" colspan="3" align="center">
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="get">
<input type="hidden" name="as" value="ranglist">
<input type="hidden" name="char_name" value="<?php echo $char_name; ?>"></input>
<input type="hidden" name="as" value="ranglist"></input>
<select id="input" name="wahl">
<?php
$choices = array('Powerlevel','Siege','Niederlagen','Preis','Level');
for($i=0;$i<count($choices);$i++){
if(strtolower($choices[$i]) == $wahl){
$selected = ' selected';
} else{
$selected = '';
}
echo ' <option value="'.strtolower($choices[$i]).'"'.$selected.'>Nach '.$choices[$i].'</option>'."\n";
}
?>
</select>
<input id="input" type=submit value="ordnen">
</form>
</td>
<th valign="middle" colspan="3" height="44" align="center">
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="get">
<input type="hidden" name="as" value="ranglist">
<input type="hidden" name="wahl" value="<?php echo $wahl; ?>"></input>
<input type="hidden" name="as" value="ranglist"></input>
Charakter Suchen:
<input id="input" name="char_name" value="<?php echo $char_name; ?>">
<input id="input" type=submit value="suchen">
</form>
</th>
</tr>
<?php
if($wahl == 'geld') {
?>
<tr>
<th valign="middle" height="25" align="center">Platz</th>
<th valign="middle" height="25" align="center">User</th>
<th valign="middle" height="25" align="center">Geld</th>
</tr>
<?php
} else {
?>
<tr>
<th valign="middle" height="25" align="center">Platz</th>
<th valign="middle" height="25" align="center">Charakter</th>
<th valign="middle" height="25" align="center">Trainer</th>
<th valign="middle" height="25" align="center"><?php echo $wahl_x; ?></th>
<th valign="middle" height="25" align="center">Siege / Niederlagen</th>
<th valign="middle" height="25" align="center">Preis</th>
</tr>
<?php
}
$x=1;
$found = 0;
while($row = mysql_fetch_assoc($choice_s)) {
if($wahl != "geld") {
if($row['besitzer'] == $user['id']) {
$cols[$x] = 'bgcolor="#666666"';
}
if($row['name'] == $char_name) {
$cols[$x] = 'bgcolor="#666666"';
$found = 1;
}
$row['bild'] = getPicture($row);
$row['wahl'] = $row[$wahl];
$clan_logo = explode(',',$row['clanzeichen']);
}
if($wahl == 'geld') {
?>
<tr>
<th <?php echo $cols[$x];?> align="center"><?php echo $x; ?></th>
<th <?php echo $cols[$x];?> align="center"><?php echo generateUserLinkByID($row['id']); ?></th>
<th <?php echo $cols[$x];?> align="center">???</th>
</tr>
<?php
} else {
?>
<tr>
<th <?php echo $cols[$x];?> align="center"><?php echo $x; ?></th>
<th <?php echo $cols[$x];?> align="center"><?php echo displayCharLink($row['charid'],$row['name'],$row['bild']); ?></th>
<th <?php echo $cols[$x];?> align="center"><?php echo generateUserLinkByID($row['besitzer']); ?></th>
<th <?php echo $cols[$x];?> align="center"><?php echo $row['wahl']; ?></th>
<th <?php echo $cols[$x];?> align="center"><?php echo $row['siege'].' / '.$row['niederlagen']; ?></th>
<th <?php echo $cols[$x];?> align="center"><?php echo $row['preis']; ?></th>
</tr>
<?php
}
$x++;
}
// Wird nach einem Char gesucht oder ist noch kein Char des Users gefunden worden, dann
// zeige dessen Position an
if($char_name && $found < 1 && $wahl != 'geld' && !empty($char_vorhanden)) {
$char_x_name = mysql_fetch_assoc(mysql_query('SELECT id, name, besitzer, level, starke, preis, speed, bild, verteidigung, ausdauer, siege, niederlagen, id, starke+verteidigung+speed+ausdauer+glueck as powerlevel FROM chars WHERE name like \''.$char_name.'%\' LIMIT 1'));
$nick_name2 = mysql_fetch_assoc(mysql_query("SELECT nickname FROM user WHERE id='".$char_x_name['besitzer']."' LIMIT 1"));
$cols[$x] = '666666';
$u=0;
if($wahl_x == 'Powerlevel') {
$z = mysql_fetch_assoc(mysql_query('SELECT COUNT(id) as anzahl FROM chars WHERE '.$char_x_name[$wahl].' < starke+verteidigung+speed+ausdauer+glueck'));
$z = $z['anzahl'];
} else {
$z = mysql_fetch_assoc(mysql_query('SELECT COUNT(id) as anzahl FROM chars WHERE '.$char_x_name[$wahl].' < '.$wahl));
$z = $z['anzahl'];
}
?>
<tr>
<th bgcolor="<?php echo $cols[$x];?>" align="center"><?php echo $z; ?></th>
<th bgcolor="<?php echo $cols[$x];?>" align="center"><?php echo displayCharLink($char_x_name['id'],$char_x_name['name'],$char_x_name['bild']); ?></th>
<th bgcolor="<?php echo $cols[$x];?>" align="center"><?php echo generateUserLinkByID($char_x_name['besitzer']); ?></th>
<th bgcolor="<?php echo $cols[$x];?>" align="center"><?php echo $char_x_name[$wahl]; ?></th>
<th bgcolor="<?php echo $cols[$x];?>" align="center"><?php echo $char_x_name['siege'].' / '.$char_x_name['niederlagen']; ?></th>
<th bgcolor="<?php echo $cols[$x];?>" align="center"><?php echo $char_x_name['preis']; ?></th>
</tr>
<?php
}
?>
</table>
<?php
}
displayHighscore($wahl, $char_name, $user_ida, $char_vorhanden);
?>