Zde komplet funkcni kod:
<form action="" method=POST>
Ucet : <input type="text" name="ucet"><br>
Heslo : <input type="password" name="heslo"><br>
Postava : <input type="text" name="postava"><br>
Cílový účet :<input type="text" name="cil"><br>
<input type="submit" value="odeslat"><input type="reset" value="Reset"><br>
<?php
$dbhost = "localhost"; // DB Host
$dbuser = "root"; // DB User
$dbpass = "passsss"; // DB user Password
$realmd = "realmd"; // REalmd DB
$characters = "characters"; // Char DB
function sha_password($user,$pass){
$user = strtoupper($user);
$pass = strtoupper($pass);
$SHA1P = ($user.':'.$pass);
return hash('sha1', $SHA1P);
}
if(isset($_POST[ucet],$_POST[heslo],$_POST[postava],$_POST[cil]))
{
mysql_connect("$dbhost","$dbuser","$dbpass");
$_POST[ucet] = mysql_real_escape_string($_POST[ucet]);
$_POST[heslo] = mysql_real_escape_string($_POST[heslo]);
$_POST[postava] =mysql_real_escape_string($_POST[postava]);
$_POST[cil] = mysql_real_escape_string($_POST[cil]);
$i = sha_password($_POST[ucet],$_POST[heslo]);
$data = mysql_query("SELECT `id` FROM `$realmd`.`account` WHERE (`username`='$_POST[ucet]') AND (`sha_pass_hash`='$i') LIMIT 1");
if(mysql_num_rows($data)==0)
{
die("Nenalezen Ucet. Spatne zadane udaje.");
}
$id = mysql_fetch_array($data);
$id = $id[id];
$data = mysql_query("SELECT `guid` FROM `$characters`.`characters` WHERE (`name`='$_POST[postava]') AND (`account`='$id')");
if(mysql_num_rows($data)==0)
{
die("Nenalezena postava. Spatne zadane udaje / neexistujici postava.");
}
$guid = mysql_fetch_array($data);
$guid = $guid[guid];
$data = mysql_query("SELECT `id` FROM `$realmd`.`account` WHERE (`username`='$_POST[cil]') LIMIT 1");
if(mysql_num_rows($data)==0)
{
die("Nenalezen cilovy ucet.");
}
$cil = mysql_fetch_array($data);
$cil = $cil[id];
mysql_query("UPDATE `$characters`.`characters` SET `account`='$cil' WHERE `guid`='$guid'");
print("Postava #$guid($_POST[postava]) byla uspesne presunuta na ucet #$cil ($_POST[cil])");
}
?>