pa/eqemu-server
2
0
Fork 0
mirror of https://github.com/EQEmu/Server.git synced 2025-12-12 01:11:29 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
eqemu-server/utils/defaults/templates/rules.html
j883376 ffcff4aea1 Remove trailing whitespace
2013-05-09 11:13:16 -04:00

104 lines
5.1 KiB
HTML
Raw Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="stylesheet" title="Default" href="main.css" type="text/css" />
</head>
<body>
<h2 align="center">Rules Management</h2>
<hr/>
<center>Note: changes won't go into effect until you restart the server.</center>
<?
#before we do anything, we need to submit any changes that were passed via POST (or GET since we don't really check in $request)
my $rule_name = $request->get("rule_name");
if ($rule_name =~ m/\w+:\w+/i) { #if we have a value matching the pattern "Type:Name", we can assume we want to make the change
my $rule_value = $request->get("rule_value"); #not safe from injection, should be able to just escape quotes
my $q3 = "UPDATE rule_values SET rule_value = '$rule_value' WHERE rule_name = '$rule_name'";
my $res3 = $EQDB->query($q3);
print "<center>\n\t";
if ($res3) { # && ($EQDB->affected_rows > 0)
print "<font color=\"green\">$rule_name successfully changed to '$rule_value'</font><br>\n";
} else {
my $errno3 = $EQDB->get_errno;
my $err3 = $EQDB->error;
print "<font color=\"red\">Update of $rule_name to '$rule_value' failed! (Error $errno3: $err3)</font><br>\n";
}
print "</center>\n";
}
#for some reason, when we submit a change, we go back to the default view
my $ruleset_id = $request->get("ruleset_id", 1); #if we don't put a value, this gets defaulted to 0 no matter what we put for the default value using getInt, so we'll just do our own check
if ($ruleset_id !~ m/^[0-9]+$/) {$ruleset_id = 1;} #this should default any non-numeric values (particularly blank ones), also making it free from injections
my $rule_type = $request->get("rule_type", "All"); #not safe from injection as-is
if ($rule_type !~ m/^\w+$/i) {$rule_type = "All";} #this should make it safe from injection, but may cause issues if we start using non-alphanumeric characters in the first part of the rule_name
#now, we'll put together a list of the rule categories that we can filter by
print "<center>\n\t";
if ($rule_type eq "All") {print "<b>";}
print "<a href=\"rules.html?ruleset_id=$ruleset_id&rule_type=All\">All</a>";
if ($rule_type eq "All") {print "</b>";}
my $q = "SELECT DISTINCT(SUBSTRING(rule_name, 1, LOCATE(':', rule_name) - 1)) AS rule_type FROM rule_values WHERE ruleset_id = '$ruleset_id' ORDER BY rule_type ASC";
my $res = $EQDB->query($q);
if ($res) {
while (my $row = $res->fetch_row_hash) {
print " | \n\t";
if ($rule_type eq $row->{rule_type}) {print "<b>";}
print "<a href=\"rules.html?ruleset_id=$ruleset_id&rule_type=$row->{rule_type}\">$row->{rule_type}</a>";
if ($rule_type eq $row->{rule_type}) {print "</b>";}
}
}
print "\n</center>\n";
#next, we create the table, including the first line which will let us put in a new rule from scratch (eventually)
print "<table align=\"center\" border=\"1\" cellspacing=\"2\" cellpadding=\"3\" class=\"zonelist\">\n";
print "\t<tr>\n";
print "\t\t<th width=1 nowrap>Type</th>\n";
print "\t\t<th width=1 nowrap>Name</th>\n";
print "\t\t<th width=1 nowrap>Value</th>\n";
print "\t\t<th width=1 nowrap>Notes</th>\n";
print "\t\t<th width=1 nowrap></th>\n";
#print "\t\t<th width=1 nowrap></th>\n";
print "\t</tr>\n";
#print "\t<tr>\n";
#print "\t\t<td></td>\n";
#print "\t\t<td></td>\n";
#print "\t\t<td></td>\n";
#print "\t\t<td></td>\n";
#print "\t\t<td colspan=\"2\"><button>Add</button></td>\n";
#print "\t<tr>\n";
#lastly, output any matching rules
my $w2 = "WHERE ruleset_id = '$ruleset_id'";
if ($rule_type ne "All") {
$w2 .= " AND rule_name LIKE '$rule_type:%'";
}
my $q2 = "SELECT ruleset_id, SUBSTRING(rule_name, 1, LOCATE(':', rule_name) - 1) AS rule_type, SUBSTRING(rule_name, LOCATE(':', rule_name) + 1) AS rule_name_short, rule_name, rule_value, notes FROM rule_values $w2 ORDER BY rule_name ASC";
my $res2 = $EQDB->query($q2);
if ($res) {
while (my $row2 = $res2->fetch_row_hash) {
print "\t<tr>\n";
print "\t\t<form method=\"POST\" action=\"rules.html?ruleset_id=$ruleset_id&rule_type=$rule_type\">\n";
print "\t\t<input type=\"hidden\" name=\"ruleset_id\" value=\"$ruleset_id\">\n"; #if we don't pass this in POST, for some reason we don't pick them up from the GET info from the form action
print "\t\t<input type=\"hidden\" name=\"rule_type\" value=\"$rule_type\">\n"; #ditto
print "\t\t<td align=\"right\"><a href=\"rules.html?ruleset_id=$ruleset_id&rule_type=$row2->{rule_type}\">$row2->{rule_type}</a></td>\n";
print "\t\t<td align=\"left\">$row2->{rule_name_short}</td>\n";
print "\t\t<input type=\"hidden\" name=\"rule_name\" value=\"$row2->{rule_name}\">\n";
print "\t\t<td><input type=\"text\" name=\"rule_value\" size=\"8\" style=\"text-align: right\" value=\"$row2->{rule_value}\" /></td>\n";
print "\t\t<td>$row2->{notes}</td>\n";
print "\t\t<td><input type=\"image\" src=\"update.png\" alt=\"Update\"></td>\n";
#print "\t\t<td><input type=\"image\" src=\"delete.gif\" alt=\"Delete\"></td>\n";
print "\t\t</form>\n";
print "\t<tr>\n";
}
}
?>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink