<?   
mysql_selectdb ("$cdb");   
$human = mysql_query ("select count(*) from characters where race = 1");   
$human = mysql_result ($human,0);   
$dwarv = mysql_query ("select count(*) from characters where race = 3");   
$dwarv = mysql_result ($dwarv,0);   
$night = mysql_query ("select count(*) from characters where race = 4");   
$night = mysql_result ($night,0);   
$gnome = mysql_query ("select count(*) from characters where race = 7");   
$gnome = mysql_result ($gnome,0);   
$draenei = mysql_query ("select count(*) from characters where race = 11");   
$draenei = mysql_result ($draenei,0);   
$orc = mysql_query ("select count(*) from characters where race = 2");   
$orc = mysql_result ($orc,0);   
$undead = mysql_query ("select count(*) from characters where race = 5");   
$undead = mysql_result ($undead,0);   
$tauren = mysql_query ("select count(*) from characters where race = 6");   
$tauren = mysql_result ($tauren,0);   
$troll = mysql_query ("select count(*) from characters where race = 8");   
$troll = mysql_result ($troll,0);   
$blood = mysql_query ("select count(*) from characters where race = 10");   
$blood = mysql_result ($blood,0);   
$druid = mysql_query ("select count(*) from characters where class = 11");   
$druid = mysql_result ($druid,0);   
$hunter = mysql_query ("select count(*) from characters where class = 3");   
$hunter = mysql_result ($hunter,0);   
$mage = mysql_query ("select count(*) from characters where class = 8");   
$mage = mysql_result ($mage,0);   
$paladin = mysql_query ("select count(*) from characters where class = 2");   
$paladin = mysql_result ($paladin,0);   
$priest = mysql_query ("select count(*) from characters where class = 5");   
$priest = mysql_result ($priest,0);   
$rogue = mysql_query ("select count(*) from characters where class = 4");   
$rogue = mysql_result ($rogue,0);   
$shaman = mysql_query ("select count(*) from characters where class = 7");   
$shaman = mysql_result ($shaman,0);   
$warlock = mysql_query ("select count(*) from characters where class = 9");   
$warlock = mysql_result ($warlock,0);   
$warrior = mysql_query ("select count(*) from characters where class = 1");   
$warrior = mysql_result ($warrior,0);   
$death = mysql_query ("select count(*) from characters where class = 6");   
$death = mysql_result ($death,0);   
echo "Людей: $human<br>";   
echo "Дворфов: $dwarv<br>";   
echo "Ночных Эльфов: $night<br>";   
echo "Гномов: $gnome<br>";   
echo "Дренейев: $draenei<br>";   
echo "Орков: $orc<br>";   
echo "Нежити: $undead<br>";   
echo "Тауренов: $tauren<br>";   
echo "Троллей: $troll<br>";   
echo "Эльфов Крови: $blood<br><br>";   
echo "Друидов: $druid<br>";   
echo "Охотников: $hunter<br>";   
echo "Магов: $mage<br>";   
echo "Паладинов: $paladin<br>";   
echo "Жрецов: $priest<br>";   
echo "Разбойников: $rogue<br>";   
echo "Шаманов: $shaman<br>";   
echo "Чернокнижников: $warlock<br>";   
echo "Воинов: $warrior<br>";   
echo "Рыцарей Смерти: $death<br>";   
?>

<table border="0">   
<tr>   
<td><strong>Имя:</strong></td>   
<td><strong>Раса:</strong></td>   
<td><strong>Класс:</strong></td>   
<td><strong>Уровень:</strong></td>   
</tr>   
<?   
mysql_selectdb ("$cdb");   
mysql_query ('set names cp1251');   
$result = mysql_query ("select name, race, class, data from characters where online = 1");   
$class = array   
(1=>"Воин",2=>"Паладин",3=>"Охотник",4=>"Разбойник",5=>"Жрец",6=>"Рыцарь Смерти",7=>"Шаман",8=>"Маг",9=>"Чернокнижник",11=>"Друид");   
$race = array   
(1=>"Человек",2=>"Орк",3=>"Дворф",4=>"Ночной Эльф",5=>"Нежить",6=>"Таурен",7=>"Гном",8=>"Тролль",10=>"Эльф Крови",11=>"Дреней");   
while ($row = mysql_fetch_array ($result))   
{   
$ch_name = $row['name'];   
$ch_race = $row['race'];   
$ch_class = $row['class'];   
$char_data = explode(' ',$row['data']);   
$ch_lvl = $char_data[53];   
echo "<tr><td><strong>$ch_name</strong></td>";   
echo "<td><strong>$race[$ch_race]</strong></td>";   
echo "<td><strong>$class[$ch_class]</strong></td>";   
echo "<td><strong>$ch_lvl</strong></td></tr>";   
}   
?>   
</table>

<?
mysql_selectdb ($rdb);
mysql_selectdb ("$cdb");
?>

<?php   
// Скрипт показа забанненных аккаунтов и IP адресов by WOW Alive   
require_once "config.php";   

//подключение к базе   
$ConnectDB = mysql_connect("$host", "$user", "$password") or die ("Нет соединения с MySQL");   
mysql_select_db("$dbr") or die ("Нет соединения с базой $dbr");   
echo "<h2>Забаненные аккаунты</h2>";   
echo "<table width=\"100%\" border=\"1\" align=\"center\"><tr>   
<td align=\"center\" width=\"20%\">забанен:</td>   
<td align=\"center\" width=\"20%\">Бан установлен:</td>   
<td align=\"center\" width=\"20%\">Забанил:</td>   
<td align=\"center\" width=\"20%\">Причина:</td>   
<td align=\"center\" width=\"20%\">Бан до:</td>   
</tr></table>";   
$i=0;   
$data = mysql_query("SELECT * FROM account_banned WHERE active = 1 ORDER BY bandate DESC LIMIT 100",$ConnectDB);   
$row = mysql_fetch_array($data[$i]); {   
while($row = mysql_fetch_array($data)) {   
$banid = $row['id'];   
$usern = mysql_query("SELECT * FROM account WHERE id= $banid LIMIT 1",$ConnectDB);   
$rowuser = mysql_fetch_array($usern);   
$banuser = $rowuser['username'];   
$bandate = date("H:i:s d.m.Y", $row['bandate']);   
$bannedby = $row['bannedby'];   
$banreason = $row['banreason'];   
$unbandate = date("H:i:s d.m.Y", $row['unbandate']);   
echo "<font color=\"beer\">   
<table width=\"100%\" border=\"1\" align=\"center\"><tr>   
<td align=\"center\" width=\"20%\">$banuser</td>   
<td align=\"center\" width=\"20%\">$bandate г.</td>   
<td align=\"center\" width=\"20%\">$bannedby</td>   
<td align=\"center\" width=\"20%\">$banreason</td>   
<td align=\"center\" width=\"20%\">$unbandate г.</td>   
</tr></table></font>";   
$i++;   
}   
}   
//теперь выборка по IP адресам   
echo "<h2>БАНЫ по IP </h2><br>";   
echo "<table width=\"100%\" border=\"1\" align=\"center\"><tr>   
<td align=\"center\" width=\"20%\">IP:</td>   
<td align=\"center\" width=\"20%\">Бан установлен:</td>   
<td align=\"center\" width=\"20%\">Забанил:</td>   
<td align=\"center\" width=\"20%\">Причина:</td>   
<td align=\"center\" width=\"20%\">Бан до:</td>   
</tr></table>";   
$u=0;   
$bannedip = mysql_query("SELECT * FROM ip_banned ORDER BY bandate DESC LIMIT 100");   
$row = mysql_fetch_array($bannedip[$u]); {   
while($row = mysql_fetch_array($bannedip)) {   

$banip = $row['ip'];   
$bandate = date("H:i:s d.m.Y", $row['bandate']);   
$bannedby = $row['bannedby'];   
$banreason = $row['banreason'];   
$unbandate = date("H:i:s d.m.Y", $row['unbandate']);   
echo "<font color=\"beer\">   
<table width=\"100%\"border=\"1\" align=\"center\"><tr>   
<td align=\"center\" width=\"20%\">$banip</td>   
<td align=\"center\" width=\"20%\">$bandate г.</td>   
<td align=\"center\" width=\"20%\">$bannedby</td>   
<td align=\"center\" width=\"20%\">$banreason</td>   
<td align=\"center\" width=\"20%\">$unbandate г.</td>   
</tr></table></font>";   
$u++;   
}   
}   
?>

<?php           

$db1 = "realmd";                       
$db2 = "mangos";                  
$db3 = "characters";              

$host = "localhost";             
$user = "root";                     
$pass = "mangos";                        
$port = "3306";                      

$tbc = 2;                          
$database_encoding = 'CP1251';            

$realmd = mysql_connect("$host:$port", "$user", "$pass", True);          
mysql_selectdb("$db1", $realmd);          

$world = mysql_connect("$host:$port", "$user", "$pass", True);          
mysql_selectdb("$db2", $world);          

$characters = mysql_connect("$host:$port", "$user", "$pass", True);          
mysql_selectdb("$db3", $characters);          

echo "          
<script type=\"text/javascript\">          
function isAlphaNumeric(value)          
{          
           if (value.match(/^[a-zA-Z0-9_]+$/))          
             return true;          
           return false;          
}          
function checkform(f)          
{          
           if (f.account.value == \"\")          
           {          
             alert(\"Введите логин\");          
             return false;          
           }          
           if (!isAlphaNumeric(f.account.value))          
           {          
             alert(\"Запрещенные символы в логине\");          
             return false;          
           }          
           if (f.password.value==\"\")          
           {          
             alert(\"Введите пароль\");          
             return false;          
           }          
           if (!isAlphaNumeric(f.password.value))          
           {          
             alert(\"Запрещенные символы в пароле\");          
             return false;          
           }          
           if (f.password2.value==\"\")          
           {          
             alert(\"Вы не ввели повтор пароля\");          
             return false;          
           }          
           if (f.password.value != f.password2.value)          
           {          
             alert(\"Пароли не совпадают\");          
             return false;          
           }          
           if (f.email.value==\"\")          
           {          
             alert(\"Вы не ввели e-mail\");          
             return false;          

           }          
}          
</script>";          

echo "          

<font color=#00CC00>          
</font><br><br>          
<center>          
<form method=post action=reg.php onsubmit=\"return checkform(this)\">           
<table>          

<tr>          
           <td><font color=#CCCCCC size=4px> Логин: </font><Br>          
           <input type=text name=account maxlength=20></td>          
</tr>          

<tr>          
           <td><font color=#CCCCCC size=4px> Пароль:</font><Br>          
           <input type=password name=password maxlength=20></td>          
</tr>          
<tr>          
           <td><font color=#CCCCCC size=4px> Повторить пароль:</font> <Br>          
           <input type=password name=password2 maxlength=20></td>          
</tr>          
<tr>          
           <td><font color=#CCCCCC size=4px> e-mail: </font><Br>           
           <input type=text name=email  maxlength=20></td>         
</tr>          
          <tr>          
           <td colspan=2 style=\"text-align: center;\"><br><input type=submit value=Зарегистрироваться></td>          
          </tr>          
</table>          
</form></center>";          

if (isset($_POST['account'])) {          
if ($_POST['account'] && strlen($_POST['account'])<=20 && strlen($_POST['account'])>=3 && strlen($_POST['password'])>=3 && $_POST['password'] && $_POST['password2'] && $_POST['password']==$_POST['password2']) {          
           if (!eregi("^[a-zA-Z0-9_]+$", $_POST['account']))          
             die ("  

Error: SQL-Injection</p>");          
           if (!eregi("^[a-zA-Z0-9_]+$", $_POST['password']))          
             die ("  

Error: SQL-Injection</p>");          
             $pass = ($_POST['password']);          
             $username = ($_POST['account']);          
             $result = mysql_query("SELECT * FROM account WHERE username='".$_POST['account']."' AND sha_pass_hash='$pass'", $realmd);          
             if (mysql_num_rows($result) != 0) {          
                 echo "<center>  

<font color=#CCCCCC><b>Такой аккаунт уже есть!</b></font></p></center>";          
             } else {          
                 if (!mysql_query("INSERT INTO account (username, sha_pass_hash, gmlevel, email, expansion) VALUES ('$username', SHA1(CONCAT(UPPER('$username'),':',UPPER('$pass'))), 0, '".$_POST['email']."', $tbc)", $realmd)) {echo "<center>  

<font color=#CC0000><b>Ошибка</b></font></p></center>";} else {echo "<center>  

<font color=#CCCCCC><b>Аккаунт успешно зарегестрирован! </b></font></p></center>";}          
             }          
} else {          
             echo "<center>  

<font color=#CC0000><b>Проверьте правильность ввода!</b></font></p></center>";          
}          
}          
#by wow alive
?>

<?php   
/*   
Very important! You need to run SQL update!   
ALTER TABLE `account` ADD `reset_password` VARCHAR( 50 ) NOT NULL;   
*/   
/*Config*/   
$realmd = array(   
'db_host'=> 'localhost', //ip of db realm   
'db_username' => 'root',//realm user   
'db_password' => 'mangos',//realm password   
'db_name'=> 'realmd',//realm db name   
);   
$config = array(   
'path_to_thisfile' => 'http://mysite.com/lol/ownage/wow/pass_recovery.php', // Example: http://mysite.com/lol/ownage/wow/   
'email_from' => 'mysite@wow.com', // Who should the email be sent from ?   
'email_subject' => 'Password recovery for our site!', // Subject of the mail ??   
);   

function sha_password($user,$pass){   
$user = strtoupper($user);   
$pass = strtoupper($pass);   

return SHA1($user.':'.$pass);   
}   
function random_string($counts){   
$str = "abcdefghijklmnopqrstuvwxyz";//Count 0-25   
for($i=0;$i<$counts;$i++){   
if ($o == 1){   
$output .= rand(0,9);   
$o = 0;   
}else{   
$o++;   
$output .= $str[rand(0,25)];   
}   

}   
return $output;   
}   

$realmd_bc_new_connect = mysql_connect($realmd[db_host],$realmd[db_username],$realmd[db_password]);   
$selectdb = mysql_select_db($realmd[db_name],$realmd_bc_new_connect);   

if ($_GET[h] && $_GET[h] != '' && $_GET[h] != '0'){   
$output_random_pass = random_string(10);   
$query = mysql_query("SELECT username FROM `account` WHERE reset_password='$_GET[h]'");   
$res = mysql_fetch_array($query);   
if (mysql_num_rows($query) == 1){   
echo "Hi $res[username], Your password is: $output_random_pass. Please change your password fast as possible.";   
$pass_hash = sha_password($res[username],$output_random_pass);   
mysql_query("UPDATE `account` SET sha_pass_hash='$pass_hash' WHERE reset_password='$_GET[h]'");   
mysql_query("UPDATE `account` SET reset_password='' WHERE username='$res[username]'");   
}else{   
echo "Error.";   
}   

}else{   
?>   

<?php   
//this is where user fill in and send by email   
if ($_POST[password_takeback]){   
$check_security = mysql_query("SELECT id FROM `account` WHERE username='$_POST[username]' AND email='$_POST[email]'");   
if (isset($_POST['username']) && isset($_POST['email']) && mysql_num_rows($check_security) == 1){   
$rand = random_string(40);   
mysql_query("UPDATE `account` SET reset_password='$rand' WHERE username='$_POST[username]'");   
$to = $_POST["email"];   
$from = "From: $config[email_from]";   
$subject = $config[email_subject];   
$message= "Hi $_POST[username], you have submitted a password recovery on our site. IF YOU DIDNT SUBMIT A PASSWORD REQUEST JUST DELETE THIS MAIL!. Please follow this link to complete the operation: $config[path_to_thisfile]?h=$rand";   
mail($to, $subject, $message, $from); // This work if you have configured your php.ini file to send email, !on linux its default.   
echo "An Email has been sent to you, please follow the email to complete the process.";   
}else{   
echo "Incorrect details, Please be sure that you submitted right Email and Username to your account";   
}   
}else{   
?>   
<form action="<?php echo $_SERVER[PHP_SELF]; ?>" method="POST">   
Your Email: <input type="text" name="email">   

Your Username: <input type="text" name="username">   

<input type="submit" name="password_takeback">   
</form>   
<?php   
}   
}// End GET   
?>

<?php   

/**   
* @author [Desperado]   
* @copyright 2010   
*/   

require_once ('config.php'); //подключаем файл конфигурации   

mysql_connect("$dbip:$dbport","$dblogin","$dbpass"); //соединяемся с базой MySQl   
mysql_query("SET character_set_database = '$charset'"); //устанавливаем кодировку   
mysql_query("SET NAMES '$charset'"); //устанавливаем кодировку   

$content = mysql_query ("select c.name, c.class, c.race, a.gmlevel from characters.characters c inner join realmd.account   
a on a.id=c.account where a.gmlevel != 0 and c.online = 1"); //достаём нужные данные   
$online = mysql_num_rows($content);   

/**   
* мутим обработку данных из массива   
*/   

$class = array(1=>"Воин",2=>"Паладин",3=>"Охотник",4=>"Разбойник",5=>"Жрец",   
6=>"Рыцарь Смерти",7=>"Шаман",8=>"Маг",9=>"Чернокнижник",11=>"Друид");   
$race = array(1=>"Человек",2=>"Орк",3=>"Дворф",4=>"Ночной Эльф",5=>"Нежить",6=>"Таурен",7=>"Гном",8=>"Тролль",   
10=>"Эльф Крови",11=>"Дреней");   
$gmlevel = array(1=>'Модератор',2=>'Хелпер',3=>'Гейм Мастер',4=>'Администратор');   

/**   
* если гм нет, выводим неприличное сообщение   
*/   

if($online < 1) {   
echo "<tr><td colspan='4' align='center'>Нет гм, вошедших в игру</td></tr>";   
}   

/**   
* если гм есть, выводим другое неприличное сообщение   
*/   

while ($row = mysql_fetch_array($content))   
{   
$name = $row['name'];   
echo "<tr><td><b>{$name}</b></td>"; //выводим ник Гм   
echo "<td><b>{$race[$row['race']]}</b></td>"; //Выводим рассу   
echo "<td><b>{$class[$row['class']]}</b></td>"; //Выводим класс   
echo "<td><b>{$gmlevel[$row['gmlevel']]}</b></td></tr>"; //Выводим уровень доступа   
}   

?>

<?   
include ("config.php");   

$j=1;   
$teamType = array(   
'2' => '2x2',   
'3' => '3x3',   
'5' => '5x5'   
);   

$connect = mysql_connect("$dbip:$dbport","$dblogin","$dbpass") OR DIE("'Can't connect with $host"); // Эти переменные должны присутствовать в конфиге!   
mysql_select_db("$rdb") or die(mysql_error());   
mysql_query("SET NAMES '$cod'");   

if(!isset($_GET['guid'])){   

$sql = mysql_query("SELECT * FROM `arena_team` ORDER by `name`");   

echo "<center><table border=1 width=70%>   
<tr>   
<td>Team Name</td>   
<td align=center>Command Type</td>   
<td align=center><center>Team Leader</center></td>   
<td>Faction</td>   
<td align=center>Rating</td>   

</tr>";   
while ($row = mysql_fetch_array($sql)){   
$query_num = mysql_query("SELECT COUNT(*) FROM `arena_team_member` WHERE `arenateamid`='$row[arenateamid]'");   
$gleader = "SELECT name,race FROM `characters` WHERE `guid`='$row[captainguid]'";   
$myrow = mysql_fetch_array(mysql_query($gleader));   
$top = mysql_query("SELECT * FROM `arena_team_stats` WHERE `arenateamid`='$row[arenateamid]'");   
$toprow = mysql_fetch_array($top);   

if($myrow['race']=="1" or $myrow['race']=="3" or $myrow['race']=="4" or $myrow['race']=="7" or $myrow['race']=="11"){   

$faction = "alliance";   
}else{   
$faction = "horde";}   

echo "   
<tr>   
<td >   
<p style='padding-left: 5px'><a href='?guid=".$row[arenateamid]."' >".$row['name']."</a></p>   
</td>   
<td align=center><center>".$teamType[$row['type']]."</center></td>   

<td><a href=".$wowd."/index.php?player=".$row[captainguid].">".$myrow['name']."</a></td>   
<td align=center><center><img src=images/".$faction.".gif title=".$faction."></center></td>   
<td align=right><p style='padding-right: 8px'>".$toprow['rating']."</p></td></tr>";   

}   
echo "</table></center><br><br>";   
}   

if (@$_GET['guid'] ) {   

$name = "SELECT * FROM `arena_team` WHERE `arenateamid`='$_GET[guid]'";   
$nrow = mysql_fetch_array(mysql_query($name));   
$top = "SELECT * FROM `arena_team_stats` WHERE `arenateamid`='$_GET[guid]'";   
$trow = mysql_fetch_array(mysql_query($top));   
$member = "SELECT * FROM `arena_team_member` WHERE `arenateamid`='$_GET[guid]'";   
$mrow = mysql_fetch_array(mysql_query($member));   

$sql = mysql_query("SELECT * FROM `characters`, `arena_team_member` WHERE `characters`.`guid`=`arena_team_member`.`guid` and `arenateamid` = '".$_GET["guid"]."' ");   
$row = mysql_fetch_array($sql);   
$data = explode(' ',$row['data']);   
$lvl = $data[$ver];   
$gender = dechex($data[36]);   
$gender = str_pad($gender,8, 0, STR_PAD_LEFT);   
$gender = $gender{3};   
$guid = $row['guid'];   
$race = $row['race'];   
$class = $row['class'];   
$online = $row['online'];   
$j=1;   

echo "<center>   
<table border=0 width=60%>   
<tr>   
<td>   
<table border=1 width=100%>   
<tr><td>Team Name</td><td >".$nrow['name']."</td></tr>   
<tr><td>Rating</td><td >".$trow['rating']."</td></tr>   
<tr><td>Command Type</td><td >".$teamType[$nrow['type']]."</td></tr>   
<tr><td colspan=2 >Statistics of the Week</td></tr>   
<tr><td>Played: ".$trow['games']."</td><td >Won: ".$trow['wins']."</td></tr>   
<tr><td colspan=2 >Stats</td></tr>   
<tr><td>Played: ".$trow['played']."</td><td >Won: ".$trow['wins2']."</td></tr>   

</table>   
";   

echo "<table border=1 width=100%>   
<tr>   
<td align=center>#</td>   
<td align=center>Player Name</td>   
<td align=center>lvl</td>   
<td align=center>Race</td>   
<td align=center>Class</td>   
<td align=center>Game of the Week</td>   
<td align=center>Won week</td>   
<td align=center>Games for the season</td>   
<td align=center>Won season</td>   
<td align=center>Personal rating</td>   
<td align=center>Online</td>   
</tr>   
";   

echo "<tr>   
<td valign=center width=3%>$j</td>   
<td align=center valign=center width=20%><a href='/wow/wowd/?player=".$guid."' style='color: #ff9900; font-family : Geneva; text-decoration : none;'>".$row[name]."</a></td>   
<td width=20 align=center valign=center>$lvl</td>   
<td align=center valign=center width=7%><img src=images/race/".$race."-".$gender.".gif></td>   
<td align=center valign=center width=7%><img src=images/class/$class.gif></td>   
<td align=center width=20%>".$mrow['played_week']."</td>   
<td valign=center width=20%>".$mrow['wons_week']."</td>   
<td valign=center width=10%>".$mrow['played_season']."</td>   
<td valign=center width=10%>".$mrow['wons_season']."</td>   
<td valign=center width=10%>".$mrow['personal_rating']."</td>   
<td valign=center width=10%><center><img src='images/status/".$online.".gif' height='18' width='18'></center></td>   
</tr>   
";   

echo "</table></td></tr></table></center><br><br><br>";   

echo "<table border=1><tr><td><a href='index.php'>Index</a></td></tr></table>";   
}   

?>