[go: up one dir, main page]
Menu

[d98cee]: / search.php  Maximize  Restore  History

Download this file

137 lines (130 with data), 5.1 kB 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
<?php

/**

 * search.php

 *

 * 1.1st - Security checks & tests by Gorlum for http://supernova.ws

 * @version 1.1

 * @copyright 2009 by angelus_ira for Project. XNova

 * @copyright 2008 by ??????? for XNova

 */



define('INSIDE'  , true);

define('INSTALL' , false);



$ugamela_root_path = (defined('SN_ROOT_PATH')) ? SN_ROOT_PATH : './';

$phpEx = substr(strrchr(__FILE__, '.'), 1);

include("{$ugamela_root_path}common.{$phpEx}");



if ($IsUserChecked == false) {

  includeLang('login');

  header("Location: login.php");

}



check_urlaubmodus ($user);

$searchtext = mysql_real_escape_string($_POST['searchtext']);

$type = SYS_mysqlSmartEscape($_POST['type']);

$dpath = (!$user["dpath"]) ? DEFAULT_SKINPATH : $user["dpath"];



includeLang('search');

$i = 0;



//creamos la query

switch($type){

  case "playername":

    $table = gettemplate('search_user_table');

    $row = gettemplate('search_user_row');

    $sql = "SELECT

        u.id as uid, u.username, u.ally_id, u.id_planet,

        p.*, p.name as planet_name,

        s.total_points, s.total_rank,

        a.ally_tag, a.ally_name

      FROM {{table}}users as u,

        {{table}}planets as p,

        {{table}}alliance as a,

        {{table}}statpoints as s

      WHERE

        username LIKE '%{$searchtext}%'

        AND p.id_owner = u.id AND p.id=u.id_planet

        AND a.id = u.ally_id

        AND s.id_owner = u.id AND stat_type = 1 AND stat_code = 1 LIMIT 30;";

    $search = doquery($sql, '');

  break;

  case "planetname":

    $table = gettemplate('search_user_table');

    $row = gettemplate('search_user_row');

    $sql = "SELECT

        p.*, p.name as planet_name,

        u.id as uid, u.username, u.ally_id, u.id_planet,

        s.total_points, s.total_rank,

        a.ally_tag, a.ally_name

      FROM {{table}}planets as p,

        {{table}}users as u,

        {{table}}alliance as a,

        {{table}}statpoints as s

      WHERE

        name LIKE '%{$searchtext}%'

        AND u.id=p.id_owner

        AND a.id = u.ally_id

        AND s.id_owner = p.id_owner AND stat_type = 1 AND stat_code = 1 LIMIT 30;";

    $search = doquery($sql, '');

  break;

  case "allytag":

    $table = gettemplate('search_ally_table');

    $row = gettemplate('search_ally_row');

    $search = doquery("SELECT * FROM {{table}}alliance inner join {{table}}statpoints on {{table}}alliance.`id`={{table}}statpoints.`id_owner` WHERE ally_tag LIKE '%{$searchtext}%' AND STAT_type=2 LIMIT 30",'');

  break;

  case "allyname":

    $table = gettemplate('search_ally_table');

    $row = gettemplate('search_ally_row');

    $search = doquery("SELECT * FROM {{table}}alliance inner join {{table}}statpoints on {{table}}alliance.`id`={{table}}statpoints.`id_owner` WHERE ally_name LIKE '%{$searchtext}%' AND STAT_type=2 LIMIT 30",'');

  break;

  default:

    $table = gettemplate('search_user_table');

    $row = gettemplate('search_user_row');

    $sql = "SELECT

        u.id as uid, u.username, u.ally_id, u.id_planet,

        p.*, p.name as planet_name,

        s.total_points, s.total_rank,

        a.ally_tag, a.ally_name

      FROM {{table}}users as u,

        {{table}}planets as p,

        {{table}}alliance as a,

        {{table}}statpoints as s

      WHERE

        username LIKE '%{$searchtext}%'

        AND p.id_owner = u.id AND p.id=u.id_planet

        AND a.id = u.ally_id

        AND s.id_owner = u.id AND stat_type = 1 AND stat_code = 1 LIMIT 30;";

    $search = doquery($sql, '');

}



if(isset($searchtext) && isset($type)){

  while($r = mysql_fetch_array($search, MYSQL_BOTH)){

    if($type=='playername'||$type=='planetname'){

      $s=$r;

      //para obtener el nombre del planeta

      $s['ally_name'] = ($s['ally_name']!='')?"<a href=\"alliance.php?mode=ainfo&tag={$s['ally_tag']}\">{$s['ally_name']}</a>":'';

      $s['position'] = "<a href=\"stat.php?start=".$s['total_rank']."\">".$s['total_rank']."</a>";

      $s['dpath'] = $dpath;

      $s['coordinated'] = "{$s['galaxy']}:{$s['system']}:{$s['planet']}";

      $s['buddy_request'] = $lang['buddy_request'];

      $s['write_a_messege'] = $lang['write_a_messege'];

      $s['u_id'] = $s[uid];

      $result_list .= parsetemplate($row, $s);

    }elseif($type=='allytag'||$type=='allyname'){

      $s=$r;

      $s['ally_points'] = pretty_number($s['total_points']);

      $s['ally_tag'] = "<a href=\"alliance.php?mode=ainfo&tag={$s['ally_tag']}\">{$s['ally_tag']}</a>";

      $result_list .= parsetemplate($row, $s);

    }

  }

  if($result_list!=''){

    $lang['result_list'] = $result_list;

    $search_results = parsetemplate($table, $lang);

  }

}

//el resto...

$lang['type_playername'] = ($type == "playername") ? " SELECTED" : "";

$lang['type_planetname'] = ($type == "planetname") ? " SELECTED" : "";

$lang['type_allytag'] = ($type == "allytag") ? " SELECTED" : "";

$lang['type_allyname'] = ($type == "allyname") ? " SELECTED" : "";

$lang['searchtext'] = $searchtext;

$lang['u_id'] = $r[uid];

$lang['search_results'] = $search_results;

//esto es algo repetitivo ... w

$page = parsetemplate(gettemplate('search_body'), $lang);

display($page,$lang['Search']);

?>