timer_start = $mc_split[0] + $mc_split[1];
unset($mc_split);
}
$this->root_path = $eqdkp_root_path;
$this->config();
}
function config()
{
global $db;
if ( !is_object($db) )
{
trigger_error('Database object not instantiated', E_USER_ERROR);
}
$sql = 'SELECT config_name, config_value
FROM ' . CONFIG_TABLE;
if ( !($result = $db->query($sql)) )
{
trigger_error('Could not obtain configuration information', E_USER_ERROR);
}
while ( $row = $db->fetch_record($result) )
{
if ( !is_numeric($row['config_name']) )
{
$this->config[$row['config_name']] = $row['config_value'];
}
}
return true;
}
function config_set($config_name, $config_value='')
{
global $db;
if ( is_object($db) )
{
if ( is_array($config_name) )
{
foreach ( $config_name as $d_name => $d_value )
{
$this->config_set($d_name, $d_value);
}
}
else
{
$sql = 'UPDATE ' . CONFIG_TABLE . "
SET config_value='".strip_tags(htmlspecialchars($config_value))."'
WHERE config_name='".$config_name."'";
$db->query($sql);
return true;
}
}
return false;
}
function switch_row_class($set_new = true)
{
$row_class = ( $this->row_class == 'row1' ) ? 'row2' : 'row1';
if ( $set_new )
{
$this->row_class = $row_class;
}
return $row_class;
}
/**
* Set object variables
* NOTE: If the last var is 'display' and the val is TRUE, EQdkp::display() is called
* automatically
*
* @var $var Var to set
* @var $val Value for Var
* @return bool
*/
function set_vars($var, $val = '', $append = false)
{
if ( is_array($var) )
{
foreach ( $var as $d_var => $d_val )
{
$this->set_vars($d_var, $d_val);
}
}
else
{
if ( empty($val) )
{
return false;
}
if ( ($var == 'display') && ($val === true) )
{
$this->display();
}
else
{
if ( $append )
{
if ( is_array($this->$var) )
{
$this->{$var}[] = $val;
}
elseif ( is_string($this->$var) )
{
$this->$var .= $val;
}
else
{
$this->$var = $val;
}
}
else
{
$this->$var = $val;
}
}
}
return true;
}
function display()
{
$this->page_header();
$this->page_tail();
}
function page_header()
{
global $db, $user, $tpl, $pm;
global $SID;
// Define a variable so we know the header's been included
define('HEADER_INC', true);
// Use gzip if available
if ( $this->config['enable_gzip'] == '1' )
{
if ( (extension_loaded('zlib')) && (!headers_sent()) )
{
@ob_start('ob_gzhandler');
}
}
$SID = ( isset($SID) ) ? $SID : '?' . URI_SESSION . '=';
// Send the HTTP headers
$now = gmdate('D, d M Y H:i:s', time()) . ' GMT';
if ( defined('NO_CACHE') )
{
@header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
@header('Last-Modified: ' . $now);
@header('Cache-Control: no-store, no-cache, must-revalidate');
@header('Cache-Control: post-check=0, pre-check=0', false);
@header('Pragma: no-cache');
@header('Content-Type: text/html; charset=iso-8859-1');
}
else
{
@header('Last-Modified: ' . $now);
@header('Content-Type: text/html; charset=iso-8859-1');
}
// Assign global template variables
$tpl->assign_vars(array(
'ENCODING' => $user->lang['ENCODING'],
'XML_LANG' => $user->lang['XML_LANG'],
'PAGE_TITLE' => $this->page_title,
'MAIN_TITLE' => $this->config['main_title'],
'SUB_TITLE' => $this->config['sub_title'],
'EQDKP_ROOT_PATH' => $this->root_path,
'TEMPLATE_PATH' => $this->root_path . 'templates/' . $user->style['template_path'])
);
$s_in_admin = ( defined('IN_ADMIN') ) ? IN_ADMIN : false;
$s_in_admin = ( ($s_in_admin) && ($user->check_auth('a_', false)) ) ? true : false;
$tpl->assign_vars(array(
'S_NORMAL_HEADER' => false,
'S_ADMIN' => $user->check_auth('a_', false),
'S_IN_ADMIN' => $s_in_admin,
'URI_ADJUSTMENT' => URI_ADJUSTMENT,
'URI_EVENT' => URI_EVENT,
'URI_ITEM' => URI_ITEM,
'URI_LOG' => URI_LOG,
'URI_NAME' => URI_NAME,
'URI_NEWS' => URI_NEWS,
'URI_ORDER' => URI_ORDER,
'URI_PAGE' => URI_PAGE,
'URI_RAID' => URI_RAID,
'URI_SESSION' => URI_SESSION,
'SID' => $SID,
// Theme Settings
'T_FONTFACE1' => $user->style['fontface1'],
'T_FONTFACE2' => $user->style['fontface2'],
'T_FONTFACE3' => $user->style['fontface3'],
'T_FONTSIZE1' => $user->style['fontsize1'],
'T_FONTSIZE2' => $user->style['fontsize2'],
'T_FONTSIZE3' => $user->style['fontsize3'],
'T_FONTCOLOR1' => $user->style['fontcolor1'],
'T_FONTCOLOR2' => $user->style['fontcolor2'],
'T_FONTCOLOR3' => $user->style['fontcolor3'],
'T_FONTCOLOR_NEG' => $user->style['fontcolor_neg'],
'T_FONTCOLOR_POS' => $user->style['fontcolor_pos'],
'T_BODY_BACKGROUND' => $user->style['body_background'],
'T_TABLE_BORDER_WIDTH' => $user->style['table_border_width'],
'T_TABLE_BORDER_COLOR' => $user->style['table_border_color'],
'T_TABLE_BORDER_STYLE' => $user->style['table_border_style'],
'T_BODY_LINK' => $user->style['body_link'],
'T_BODY_LINK_STYLE' => $user->style['body_link_style'],
'T_BODY_HLINK' => $user->style['body_hlink'],
'T_BODY_HLINK_STYLE' => $user->style['body_hlink_style'],
'T_HEADER_LINK' => $user->style['header_link'],
'T_HEADER_LINK_STYLE' => $user->style['header_link_style'],
'T_HEADER_HLINK' => $user->style['header_hlink'],
'T_HEADER_HLINK_STYLE' => $user->style['header_hlink_style'],
'T_TH_COLOR1' => $user->style['th_color1'],
'T_TR_COLOR1' => $user->style['tr_color1'],
'T_TR_COLOR2' => $user->style['tr_color2'],
'T_INPUT_BACKGROUND' => $user->style['input_color'],
'T_INPUT_BORDER_WIDTH' => $user->style['input_border_width'],
'T_INPUT_BORDER_COLOR' => $user->style['input_border_color'],
'T_INPUT_BORDER_STYLE' => $user->style['input_border_style'],
'EXTRA_CSS' => $this->extra_css)
);
//
// Menus
//
$menus = $this->gen_menus();
$main_menu1 = '';
$main_menu2 = '';
foreach ( $menus as $number => $array )
{
foreach ( $array as $menu )
{
// Don't display the link if they don't have permission to view it
if ( (empty($menu['check'])) || ($user->check_auth($menu['check'], false)) )
{
$var = 'main_' . $number;
${$var} .= '' . $menu['text'] . ' | ';
}
}
}
// Remove the trailing ' | ' from menus
$main_menu1 = preg_replace('# \| $#', '', $main_menu1);
$main_menu2 = preg_replace('# \| $#', '', $main_menu2);
if ( !$this->gen_simple_header )
{
$tpl->assign_vars(array(
'LOGO_PATH' => $user->style['logo_path'],
'S_NORMAL_HEADER' => true,
'S_LOGGED_IN' => ( $user->data['user_id'] != ANONYMOUS ) ? true : false,
// Menu
'MAIN_MENU1' => $main_menu1,
'MAIN_MENU2' => $main_menu2)
);
}
}
function gen_menus()
{
global $user, $pm, $SID;
//
// Menu 1
//
$main_menu1 = array(
array('link' => 'viewnews.php' . $SID, 'text' => $user->lang['menu_news'], 'check' => ''),
array('link' => 'listmembers.php' . $SID, 'text' => $user->lang['menu_standings'], 'check' => 'u_member_list'),
array('link' => 'listraids.php' . $SID, 'text' => $user->lang['menu_raids'], 'check' => 'u_raid_list'),
array('link' => 'listevents.php' . $SID, 'text' => $user->lang['menu_events'], 'check' => 'u_event_list'),
array('link' => 'listitems.php' . $SID, 'text' => $user->lang['menu_itemval'], 'check' => 'u_item_list'),
array('link' => 'listitems.php' . $SID . '&' . URI_PAGE . '=history', 'text' => $user->lang['menu_itemhist'], 'check' => 'u_item_list'),
array('link' => 'summary.php' . $SID, 'text' => $user->lang['menu_summary'], 'check' => 'u_raid_list'),
array('link' => 'stats.php' . $SID, 'text' => $user->lang['menu_stats'], 'check' => 'u_member_list')
);
$main_menu1 = (is_array($pm->get_menus('main_menu1'))) ? array_merge($main_menu1, $pm->get_menus('main_menu1')) : $main_menu1;
//
// Menu 2
//
$main_menu2 = array();
if ( $user->data['user_id'] != ANONYMOUS )
{
$main_menu2[] = array('link' => 'settings.php' . $SID, 'text' => $user->lang['menu_settings']);
}
else
{
$main_menu2[] = array('link' => 'register.php' . $SID, 'text' => $user->lang['menu_register']);
}
if ( $user->check_auth('a_', false) )
{
$main_menu2[] = array('link' => 'admin/index.php' . $SID, 'text' => $user->lang['menu_admin_panel']);
}
// Switch login/logout link
if ( $user->data['user_id'] != ANONYMOUS )
{
$main_menu2[] = array('link' => 'login.php' . $SID . '&logout=true', 'text' => $user->lang['logout'] . ' [ ' . $user->data['username'] . ' ]');
}
else
{
$main_menu2[] = array('link' => 'login.php' . $SID, 'text' => $user->lang['login']);
}
$main_menu2 = (is_array($pm->get_menus('main_menu2'))) ? array_merge($main_menu2, $pm->get_menus('main_menu2')) : $main_menu2;
$menus = array(
'menu1' => $main_menu1,
'menu2' => $main_menu2);
return $menus;
}
function page_tail()
{
global $db, $user, $tpl, $pm;
global $SID;
if ( !empty($this->template_path) )
{
$tpl->set_template($user->style['template_path'], $this->template_path);
}
if ( empty($this->template_file) )
{
trigger_error('Template file is empty.', E_USER_ERROR);
return false;
}
$tpl->set_filenames(array(
'body' => $this->template_file)
);
// Hiding the copyright/debug info if gen_simple_header is set
if ( !$this->gen_simple_header )
{
$tpl->assign_vars(array(
'S_NORMAL_FOOTER' => true,
'L_POWERED_BY' => $user->lang['powered_by'],
'EQDKP_VERSION' => EQDKP_VERSION)
);
if ( DEBUG )
{
$mc_split = split(' ', microtime());
$this->timer_end = $mc_split[0] + $mc_split[1];
unset($mc_split);
$s_show_queries = ( DEBUG == 2 ) ? true : false;
$tpl->assign_vars(array(
'S_SHOW_DEBUG' => true,
'S_SHOW_QUERIES' => $s_show_queries,
'EQDKP_RENDERTIME' => substr($this->timer_end - $this->timer_start, 0, 5),
'EQDKP_QUERYCOUNT' => $db->query_count)
);
if ( $s_show_queries )
{
foreach ( $db->queries as $query )
{
$tpl->assign_block_vars('query_row', array(
'ROW_CLASS' => $this->switch_row_class(),
'QUERY' => sql_highlight($query))
);
}
}
}
else
{
$tpl->assign_vars(array(
'S_SHOW_DEBUG' => false,
'S_SHOW_QUERIES' => false)
);
}
}
else
{
$tpl->assign_vars(array(
'S_NORMAL_FOOTER' => false)
);
}
// Close our DB connection.
$db->close_db();
// Get rid of our template data
$tpl->display('body');
$tpl->destroy();
exit;
}
}
/**
* EQdkp admin page foundation
* Extended by admin page classes only
*/
class EQdkp_Admin
{
// General vars
var $buttons = array(); // Submit buttons and their associated actions @var buttons
var $params = array(); // GET parameters and their associated actions @var params
var $last_process = ''; // Last-called process @var last_process
var $err_process = 'display_form'; // Process to call when errors occur @var err_process
var $url_id = 0; // ID from _GET @var url_id
var $fv = NULL; // Form Validation object (not reference) @var fv
var $time = 0; // Current time @var time
// Delete confirmation vars
var $confirm_text = ''; // Message to display for confirmation @var confirm_text
var $script_name = ''; // e.g., eqdkp.php @var script_name
var $uri_parameter = ''; // URI parameter @var uri_parameter
// Logging vars
var $log_fields = array('log_id', 'log_date', 'log_type', 'log_action', 'log_ipaddress', 'log_sid', 'log_result', 'admin_id');
var $log_values = array(); // Holds default log values @var log_values
var $admin_user = ''; // Username of admin @var admin_user
function eqdkp_admin()
{
global $user;
// Store our Form Validation object
$this->fv = new Form_Validate;
// Determine the script name based on PHP_SELF
$this->script_name = preg_replace('#.+/(.+\.php)$#', '\1', $_SERVER['PHP_SELF']);
// 'log_id' => 'NULL',
// Default our log values
$this->log_values = array(
'log_date' => time(),
'log_type' => NULL,
'log_action' => NULL,
'log_ipaddress' => $user->ip_address,
'log_sid' => $user->sid,
'log_result' => '{L_SUCCESS}',
'admin_id' => $user->data['user_id']);
$this->admin_user = ( $user->data['user_id'] != ANONYMOUS ) ? $user->data['username'] : '';
$this->time = time();
}
/**
* Build the $buttons array
*
* @param $buttons Array of button => name/process/auth_check values
* @return bool
*/
function assoc_buttons($buttons)
{
if ( !is_array($buttons) )
{
return false;
}
foreach ( $buttons as $code => $button )
{
$this->buttons[$code] = $button;
}
return true;
}
function assoc_params($params)
{
if ( !is_array($params) )
{
return false;
}
foreach ( $params as $code => $param )
{
$this->params[$code] = $param;
}
return true;
}
function process()
{
global $user;
$errors_exist = false;
$processed = false;
// Form has been submitted
if ( @sizeof($_POST) > 0 )
{
// Sanitize our POST vars
$_POST = sanitize_tags($_POST);
// Confirm is an automatic button option if confirm_delete is called
if ( isset($_POST['confirm']) )
{
if ( method_exists($this, 'process_confirm') )
{
$processed = true;
if ( isset($this->buttons['delete']['check']) )
{
$user->check_auth($this->buttons['delete']['check']);
}
$this->last_process = 'process_confirm';
$this->process_confirm();
}
}
// Cancel is an automatic button option if confirm_delete is called
elseif ( isset($_POST['cancel']) )
{
$processed = true;
$this->last_process = 'process_cancel';
$this->process_cancel();
}
// Confirm/Delete weren't pressed, we're dealing with custom processes now
else
{
// Check for errors
$this->process_error_check();
foreach ( $this->buttons as $code => $button )
{
if ( isset($_POST[ $button['name'] ]) )
{
$processed = true;
if ( isset($button['check']) )
{
$user->check_auth($button['check']);
}
$this->last_process = $button['process'];
$this->$button['process']();
}
}
}
}
// No POST vars, check for GET vars and process as necessary
foreach ( $this->params as $code => $param )
{
if ( isset($_GET[ $param['name'] ]) )
{
if ( isset($param['value']) )
{
if ( $_GET[ $param['name'] ] == $param['value'] )
{
$this->process_error_check();
$processed = true;
if ( isset($param['check']) )
{
$user->check_auth($param['check']);
}
$this->last_process = $param['process'];
$this->$param['process']();
}
}
else
{
$this->process_error_check();
$processed = true;
if ( isset($param['check']) )
{
$user->check_auth($param['check']);
}
$this->last_process = $param['process'];
$this->$param['process']();
}
}
}
// Nothing was processed
if ( !$processed )
{
if ( (isset($this->buttons['form'])) && (is_array($this->buttons['form'])) )
{
if ( isset($this->buttons['form']['check']) )
{
$user->check_auth($this->buttons['form']['check']);
}
$process = $this->buttons['form']['process'];
$this->last_process = $process;
$this->$process();
}
else
{
return false;
}
}
}
function process_error_check()
{
// Check for errors
if ( method_exists($this, 'error_check') )
{
$errors_exist = $this->error_check();
// Errors exist, redisplay the form
if ( $errors_exist )
{
$process = $this->err_process;
$this->last_process = $process;
$this->$process();
}
}
}
// ---------------------------------------------------------
// Default process methods
// ---------------------------------------------------------
function process_delete()
{
global $SID;
$this->script_name = ( strpos($this->script_name, '?' . URI_SESSION . '=') ) ? $this->script_name : $this->script_name . $SID;
confirm_delete($this->confirm_text, $this->uri_parameter, $this->url_id, $this->script_name);
}
function process_cancel()
{
global $SID;
if ( empty($this->script_name) )
{
message_die('Cannot redirect to an empty script name.');
}
if ( defined('PLUGIN') )
{
$script_path = 'plugins/' . PLUGIN . '/';
}
elseif ( defined('IN_ADMIN') )
{
$script_path = 'admin/';
}
else
{
$script_path = '';
}
if ( $this->url_id )
{
$redirect = $script_path . $this->script_name . $SID . '&' . $this->uri_parameter . '=' . $this->url_id;
}
else
{
$redirect = $script_path . $this->script_name . $SID;
}
redirect($redirect);
}
/**
* Set object variables
*
* @var $var Var to set
* @var $val Value for Var
* @return bool
*/
function set_vars($var, $val = '')
{
if ( is_array($var) )
{
foreach ( $var as $d_var => $d_val )
{
$this->set_vars($d_var, $d_val);
}
}
else
{
if ( empty($val) )
{
return false;
}
$this->$var = $val;
}
//
// Set url_id if it hasn't already been set
if ( !$this->url_id )
{
$this->url_id = ( !empty($_REQUEST[$this->uri_parameter]) ) ? $_REQUEST[$this->uri_parameter] : 0;
}
return true;
}
function make_log_action($action = array())
{
$str_action = "\$log_action = array(";
foreach ( $action as $k => $v )
{
$str_action .= "'" . $k . "' => '" . addslashes($v) . "',";
}
$action = substr($str_action, 0, strlen($str_action)- 1) . ");";
// Take the newlines and tabs (or spaces > 1) out of the action
$action = preg_replace("/[[:space:]]{2,}/", '', $action);
$action = str_replace("\t", '', $action);
$action = str_replace("\n", '', $action);
$action = preg_replace("#(\\\){1,}#", "\\", $action);
return $action;
}
function log_insert($values = array())
{
global $db;
if ( sizeof($values) > 0 )
{
// If they set the value, we use theirs, otherwise we use the default
foreach ( $this->log_fields as $field )
{
$values[$field] = ( isset($values[$field]) ) ? $values[$field] : $this->log_values[$field];
if ( $field == 'log_action' )
{
$values[$field] = $this->make_log_action($values[$field]);
}
}
$query = $db->build_query('INSERT', $values);
$sql = 'INSERT INTO ' . LOGS_TABLE . $query;
$db->query($sql);
return true;
}
return false;
}
/**
* Takes two variables of the same type and compares them, marking in red
* any items that the two don't have in common
*
* @param $value1 The first, or 'old' value
* @param $value2 The second, or 'new' value
* @param $return_var Which of the two to return
*/
function find_difference($value1, $value2, $return_var = 2)
{
if ( ($return_var != 1) && ($return_var != 2) )
{
$return_var = 2;
}
if ( (is_array($value1)) && (is_array($value2)) )
{
foreach ( $value1 as $k => $v )
{
$v = preg_replace("#(\\\){1,}\'#", "'", $v);
if ( !in_array($v, $value2) )
{
$value1[$k] = ''.$v.'';
}
}
foreach ( $value2 as $k => $v )
{
$v = preg_replace("#(\\\){1,}\'#", "'", $v);
if ( !in_array($v, $value1) )
{
$value2[$k] = ''.$v.'';
}
}
}
elseif ( (!is_array($value1)) && (!is_array($value2)) )
{
$value1 = preg_replace("#(\\\){1,}\'#", "'", $value1);
$value2 = preg_replace("#(\\\){1,}\'#", "'", $value2);
if ( $value1 != $value2 )
{
$value2 = ''.$value2.'';
}
$value2 = addslashes($value2);
}
$valueX = 'value'.$return_var;
return ${$valueX};
}
function admin_die(&$message, $link_list = array())
{
global $eqdkp, $user, $tpl, $pm;
global $SID;
$message = stripmultslashes($message);
if ( (is_array($link_list)) && (sizeof($link_list) > 0) )
{
$message .= '
' . $this->generate_link_list($link_list);
}
message_die($message);
}
/**
* Returns a bulleted list of links to display after an admin event
* has been completed
*
* @param $links Array of links
* @return string Link list
*/
function generate_link_list($links)
{
$link_list = '