<data> <acct><?php include_once("../../includes/db.php"); include_

1. <data>
2. <acct>
3. <?php
4.  
5. include_once("../../includes/db.php");
6. include_once("settings.php");
7.  
8. $db = new database($db_name, $db_server, $db_user, $db_password, $db_urlroot);
9.  
10. //$mylang = $_POST["lang"];
11. if($_REQUEST["usr"]) {
12. $username = mysql_real_escape_string($_REQUEST["usr"]);
13. $pass = mysql_real_escape_string($_REQUEST["pass"]);
14. } else {
15. //return;
16. }
17.  
18. if ($usr) {
19. $db->setQuery("SELECT cc_user.username, cc_user_parent.password, cc_user.mask_colors, cc_user.mask, cc_user.sex, cc_user.tribe_ID from cc_user_parent LEFT JOIN cc_user ON cc_user_parent.email = cc_user.email WHERE cc_user_parent.username = '".$username."' LIMIT 12");
20. }
21. $res = $db->loadResults();
22. if (count($res) > 0) {
23. if (md5($res[0]->password."switch%") == $pass) {
24. if( ! is_null($res[0]->username) ) {
25. for ($i = 0; $i < count($res); $i++) {
26. ?>
27. <usr>
28. <nm><?php echo $res[$i]->username;?></nm>
29. <cl><?php echo $res[$i]->mask_colors;?></cl>
30. <ms><?php echo $res[$i]->mask;?></ms>
31. <s><?php echo $res[$i]->sex;?></s>
32. <tb><?php echo $res[$i]->tribe_ID;?></tb>
33. </usr>
34. <?php
35. }
36. }
37. } else {
38. // invalid username and password.
39. ?><err></err><?php
40. }
41. } else {
42. // no account registered
43. ?><err></err><?php
44. }
45. ?>
46. </acct>
47. </data>
48.  
49. if($_REQUEST["usr"]) {
50.  
51. if ($usr) {
52.  
53. <?php
54.  
55. $db_server = "localhost";
56. $db_user = "root";
57. $db_password = "pass1234";
58. $db_name = "cocolani_battle";
59. $db_urlroot = 'localhost/cocolani'
60.  
61. ?>
62.  
63. <?php
64.  
65. /*
66. Usage
67. $db = new database($dbname);
68.  
69. for selects:
70. $db->setQuery("SELECT * FROM `table`")
71. $resultArray = $db->loadResults();
72.  
73. $db->setQuery("SELECT * FROM `table` WHERE `primary_id` = '1'");
74. $resultObject = $db->loadResult();
75.  
76. for inserts:
77. $db->setQuery("INSERT INTO `table` (`id`, `example`) VALUES ('1', 'abc')");
78. if (!$db->runQuery()) {
79. echo $db->getError();
80. }
81. */
82.  
83.  
84. class database {
85. var $_debug = 0;
86. var $_sql = '';
87. var $_error = '';
88. var $_prefix = '';
89.  
90. var $_numrows = 0;
91.  
92. var $_DBhost = 'localhost';
93. var $_DBuser = "root";
94. var $_DBpass = "pass1234";
95. var $_DBname = "cocolani_battle";
96. var $url_root = "localhost/cocolani";
97.  
98. public function __construct($dbname = 'cocolani_battle', $dbhost = 'localhost', $dbuser = 'root', $dbpsw = 'pass1234', $urlroot = 'localhost/cocolani') {
99.  
100. $this->_DBname = "cocolani_battle";
101.  
102. if ($_SERVER["SERVER_ADDR"] == "127.0.0.1") {
103. $this->_DBuser = "root";
104. $this->_DBpass = "pass1234";
105. $this->url_root = "http://cocolani.localhost";
106. } else {
107. $this->_DBuser = "root";
108. $this->_DBpass = "pass1234";
109. $this->url_root = "localhost/cocolani";
110. $this->_DBhost = "localhost";
111. }
112. $this->_connection = @mysql_connect($this->_DBhost, $this->_DBuser, $this->_DBpass) or die("Couldn't connect to MySQL");
113. mysql_select_db($this->_DBname) or die("Select DB Error: ".mysql_error());
114.  
115. }
116.  
117. public function __destruct() {
118. mysql_close($this->_connection);
119. }
120.  
121. function debug($debug_level) {
122. $this->_debug = intval($debug_level);
123. }
124.  
125. function setQuery($sql) {
126. /* queries are given in the form of #__table need to replace that with the prefix */
127. $this->_sql = str_replace('#__', $this->_prefix.'_', $sql);
128. }
129.  
130. function getQuery() {
131. return "<pre>" . htmlspecialchars( $this->_sql) . "</pre>";
132. }
133.  
134. function runQuery($num_rows=0) {
135. mysql_select_db($this->_DBname) or die("Select DB Error: ".mysql_error());
136.  
137. $this->_numrows = 0;
138. $result = mysql_query($this->_sql, $this->_connection);
139. if ($this->_debug > 1) echo "<pre>" . htmlspecialchars( $this->_sql) . "</pre>";
140.  
141. if (!$result) {
142. $this->_error = mysql_error($this->_connection);
143. if ($this->_debug) {
144. echo 'Error: ' . $this->getQuery() . $this->_error;
145. }
146. return false;
147. }
148. if ($num_rows) {
149. $this->_numrows = mysql_num_rows($result);
150. }
151. return $result;
152. }
153.  
154. /* Retrieve Mysql insert id */
155. function mysqlInsertID() {
156. $insert_id = mysql_insert_id();
157. return $insert_id;
158. }
159.  
160. /* Escapes special characters while inserting to db */
161. function db_input($string) {
162. if (is_array($string)) {
163. $retArray = array();
164. foreach($string as $key => $value) {
165. $value = (get_magic_quotes_gpc() ? stripslashes($value) : $value);
166. $retArray[$key] = mysql_real_escape_string($value);
167. }
168. return $retArray;
169. } else {
170. $string = (get_magic_quotes_gpc() ? stripslashes($string) : $string);
171. return mysql_real_escape_string($string);
172.  
173. }
174. }
175.  
176.  
177. function getError() {
178. return $this->_error;
179. }
180. /* Load results into csv formatted string */
181. function loadCsv() {
182. if (!($res = $this->runQuery())) {
183. return null;
184. }
185.  
186. $csv_string = '';
187. while ($row = mysql_fetch_row($res)) {
188. $line = '';
189. foreach( $row as $value ) {
190. if ( ( !isset( $value ) ) || ( $value == "" ) ) {
191. $value = ",";
192. } else {
193. $value = $value. ",";
194. $value = str_replace( '"' , '""' , $value );
195. }
196. $line .= $value;
197. }
198. $line = substr($line, 0, -1);
199. $csv_string .= trim( $line ) . "n";
200. }
201. $csv_string = str_replace( "r" , "" , $csv_string );
202. //$csv_string .= implode(",", $row) . "n";
203. mysql_free_result($res);
204. return $csv_string;
205. }
206.  
207. /* Load multiple results */
208. function loadResults($key='' ) {
209. if (!($res = $this->runQuery())) {
210. return null;
211. }
212. $array = array();
213. while ($row = mysql_fetch_object($res)) {
214. if ($key) {
215. $array[strtolower($row->$key)] = $row;
216. } else {
217. $array[] = $row;
218. }
219. }
220. mysql_free_result($res);
221. return $array;
222. }
223.  
224. function loadResult() {
225. if (!($res = $this->runQuery())) {
226. if ($this->_debug) echo 'Error: ' . $this->_error;
227. return null;
228. }
229. $row = mysql_fetch_object($res);
230. mysql_free_result($res);
231. return $row;
232. }
233.  
234. /* Load a result field into an array */
235. function loadArray() {
236. if (!($res = $this->runQuery())) {
237. return null;
238. }
239. $array = array();
240. while ($row = mysql_fetch_row($res)) {
241. $array[] = $row[0];
242. }
243. mysql_free_result($res);
244. return $array;
245. }
246.  
247. /* Load a row into an associative an array */
248. function loadAssoc() {
249. if (!($res = $this->runQuery())) {
250. return null;
251. }
252. $row = mysql_fetch_assoc($res);
253. mysql_free_result($res);
254. return $row;
255. }
256.  
257. /* Return one field */
258. function loadField() {
259. if (!($res = $this->runQuery())) {
260. return null;
261. }
262. while ($row = mysql_fetch_row($res)) {
263. $field = $row[0];
264. }
265. mysql_free_result($res);
266. return $field;
267. }
268.  
269. }
270.  
271. /*if ($_SERVER["SERVER_ADDR"] == '127.0.0.1') {
272. $url_root = "http://cocolani.localhost";
273. } else {
274. $url_root = "http://dev.cocolani.com";
275. }*/
276.  
277.  
278. ?>