Shahed3639

Edit User Doesn't Work?

Shahed3639 replied to bloodless2010's topic in Engine Support

Find "UPDATE users SET username='{$username}', level={$_POST['level']}, money={$_POST['money']}, crystals={$_POST['crystals']}, energy=$energy, brave=$nerve, maxbrave=$nerve, maxenergy=$energy, hp=$hp, maxhp=$hp, hospital={$_POST['hospital']}, duties='{$duties}', staffnotes='{$staffnotes}', mailban={$_POST['mailban']}, mb_reason='{$mb_reason}', hospreason='{$hospreason}', login_name='{$loginname}' WHERE userid={$user}", $c); Replace with this "UPDATE users SET username='{$username}', level={$_POST['level']}, money={$_POST['money']},bankmoney={$_POST['bankmoney']},cybermoney={$_POST['cybermoney']}, crystals={$_POST['crystals']}, energy=$energy, brave=$nerve, maxbrave=$nerve, maxenergy=$energy, hp=$hp, maxhp=$hp, hospital={$_POST['hospital']}, jail={$_POST['jail']}, duties='{$duties}', staffnotes='{$staffnotes}', mailban={$_POST['mailban']}, jailreason='{$jailreason}', mb_reason='{$mb_reason}', hospreason='{$hospreason}', login_name='{$loginname}' WHERE userid={$user}", $c); And thank you illusion.

November 19, 2012
12 replies

Edit User Doesn't Work?

Shahed3639 replied to bloodless2010's topic in Engine Support

Yeah Its annoying.

November 18, 2012
12 replies

Edit User Doesn't Work?

Shahed3639 replied to bloodless2010's topic in Engine Support

<?php if (!defined('IN_STAFF')) { header('HTTP/1.1 400 Bad Request'); exit; } // Admin/Secretary/Assistant function fed_user_form() { global $ir, $c, $h, $userid; print "<h3>Jailing User</h3> The user will be put in fed jail and will be unable to do anything in the game.<br /> <form action='new_staff.php?action=fedsub' method='post'> User: " . user_dropdown($c, 'user', $_GET['XID']) . "<br /> Days: <input type='text' name='days' /><br /> Reason: <input type='text' name='reason' /><br /> <input type='submit' value='Jail User' /></form>"; } function fed_user_submit() { global $ir, $c, $h, $userid; $ins_user = abs((int) $_POST['user']); $ins_days = abs((int) $_POST['days']); $ins_reason = mysql_real_escape_string( htmlentities(stripslashes($_POST['reason']), ENT_QUOTES, 'ISO-8859-1'), $c); $q = mysql_query("SELECT * FROM users WHERE userid={$ins_user}", $c); if (mysql_num_rows($q) == 0) { return; } $r = mysql_fetch_array($q); if (($ir['user_level'] != 2) && ($r['user_level'] == 2 || $r['user_level'] == 3)) { print "You cannot jail other staff."; } else { $re = mysql_query( "UPDATE users SET fedjail=1 WHERE userid={$ins_user}", $c); if (mysql_affected_rows($c)) { mysql_query( "INSERT INTO fedjail VALUES(NULL,{$ins_user},{$ins_days},$userid,'{$ins_reason}')", $c); } mysql_query( "INSERT INTO jaillogs VALUES(NULL,$userid, {$ins_user}, {$ins_days}, '{$ins_reason}'," . time() . ")", $c); print "User jailed."; } } function unfed_user_form() { global $ir, $c, $h, $userid; print "<h3>Unjailing User</h3> The user will be taken out of fed jail.<br /> <form action='new_staff.php?action=unfedsub' method='post'> User: " . fed_user_dropdown($c, 'user') . "<br /> <input type='submit' value='Unjail User' /></form>"; } function unfed_user_submit() { global $ir, $c, $h, $userid; $ins_user = abs((int) $_POST['user']); mysql_query("UPDATE users SET fedjail=0 WHERE userid={$ins_user}", $c); mysql_query("DELETE FROM fedjail WHERE fed_userid={$ins_user}", $c); mysql_query( "INSERT INTO unjaillogs VALUES(NULL,$userid, {$ins_user}, " . time() . ")", $c); print "User unjailed."; } function view_attack_logs() { global $ir, $c, $h, $userid; print "<h3>Attack Logs</h3> <table width=75%><tr style='background:gray'><th>Time</th><th>Detail</th></tr>"; $q = mysql_query("SELECT * FROM attacklogs ORDER BY time DESC", $c); while ($r = mysql_fetch_array($q)) { print "<tr><td>" . date('F j, Y, g:i:s a', $r['time']) . "</td><td>{$r['attacker']} attacked {$r['attacked']} and {$r['result']} and stole \${$r['stole']}</td></tr>"; } print "</table>"; } function ip_search_form() { global $ir, $c, $h, $userid; print "<h3>IP Search</h3> <form action='new_staff.php?action=ipsub' method='post'> IP: <input type='text' name='ip' value='...' /><br /> <input type='submit' value='Search' /></form>"; } function ip_search_submit() { global $ir, $c, $h, $userid; $disp_ip = htmlentities(stripslashes($_POST['ip']), ENT_QUOTES, 'ISO-8859-1'); $mysql_ip = mysql_real_escape_string(stripslashes($_POST['ip']), $c); print "Searching for users with the IP: <b>{$disp_ip}</b><br /> <table width=75%><tr style='background:gray'> <th>User</th> <th>Level</th> <th>Money</th> </tr>"; $q = mysql_query("SELECT * FROM users WHERE lastip='{$mysql_ip}'", $c); $ids = array(); while ($r = mysql_fetch_array($q)) { $ids[] = $r['userid']; print "\n<tr> <td> <a href='viewuser.php?u={$r['userid']}'>{$r['username']}</a></td> <td> {$r['level']}</td> <td>{$r['money']}</td> </tr>"; } print "</table><br /> <b>Mass Jail</b><br /> <form action='new_staff.php?action=massjailip' method='post'> <input type='hidden' name='ids' value='" . implode(",", $ids) . "' /> Days: <input type='text' name='days' value='300' /> <br /> Reason: <input type='text' name='reason' value='Same IP users, Mail [email protected] with your case.' /><br /> <input type='submit' value='Mass Jail' /></form>"; } function mass_jail() { global $ir, $c, $h, $userid; $ids = explode(",", $_POST['ids']); $ins_days = abs((int) $_POST['days']); $ins_reason = mysql_real_escape_string( htmlentities(stripslashes($_POST['reason']), ENT_QUOTES, 'ISO-8859-1'), $c); foreach ($ids as $id) { if (ctype_digit($id)) { $q = mysql_query("SELECT * FROM users WHERE userid=$id", $c); if (mysql_num_rows($q) == 0) { continue; } $r = mysql_fetch_array($q); if (($ir['user_level'] != 2) && ($r['user_level'] == 2 || $r['user_level'] == 3)) { print "You cannot jail other staff."; } else { $re = mysql_query( "UPDATE users SET fedjail=1 WHERE userid={$id}", $c); if (mysql_affected_rows($c)) { mysql_query( "INSERT INTO fedjail VALUES(NULL,{$id},{$ins_days},$userid,'{$ins_reason}')", $c); } mysql_query( "INSERT INTO jaillogs VALUES(NULL,$userid, {$id}, {$ins_days}, '{$ins_reason}'," . time() . ")", $c); print "User jailed : $id."; } } } } function view_itm_logs() { global $ir, $c, $h, $userid; print "<h3>Item Xfer Logs</h3> <table width=75%><tr style='background:gray'><th>Time</th><th>Detail</th></tr>"; $q = mysql_query( "SELECT ix.*,u1.username as sender, u2.username as sent,i.itmname as item FROM itemxferlogs ix LEFT JOIN users u1 ON ix.ixFROM=u1.userid LEFT JOIN users u2 ON ix.ixTO=u2.userid LEFT JOIN items i ON i.itmid=ix.ixITEM ORDER BY ix.ixTIME DESC", $c); while ($r = mysql_fetch_array($q)) { print "<tr><td>" . date("F j, Y, g:i:s a", $r['ixTIME']) . "</td><td>{$r['sender']} sent {$r['ixQTY']} {$r['item']}(s) to {$r['sent']} </td></tr>"; } print "</table>"; } function view_cash_logs() { global $ir, $c, $h, $userid; print "<h3>Cash Xfer Logs</h3> <table width=75% border=1> <tr style='background:gray'> <th>ID</th> <th>Time</th> <th>User From</th> <th>User To</th> <th>Multi?</th> <th>Amount</th> <th> </th> </tr>"; $q = mysql_query( "SELECT cx.*,u1.username as sender, u2.username as sent FROM cashxferlogs cx LEFT JOIN users u1 ON cx.cxFROM=u1.userid LEFT JOIN users u2 ON cx.cxTO=u2.userid ORDER BY cx.cxTIME DESC", $c) or die( mysql_error() . "<br />" . "SELECT cx.*,u1.username as sender, u2.username as sent FROM cashxferlogs cx LEFT JOIN users u1 ON cx.cxFROM=u1.userid LEFT JOIN users u2 ON cx.cxTO=u2.userid ORDER BY cx.cxTIME DESC"); while ($r = mysql_fetch_array($q)) { if ($r['cxFROMIP'] == $r['cxTOIP']) { $m = "<span style='color:red;font-weight:800'>MULTI</span>"; } else { $m = ""; } print "<tr><td>{$r['cxID']}</td> <td>" . date("F j, Y, g:i:s a", $r['cxTIME']) . "</td><td><a href='viewuser.php?u={$r['cxFROM']}'>{$r['sender']}</a> [{$r['cxFROM']}] (IP: {$r['cxFROMIP']}) </td><td><a href='viewuser.php?u={$r['cxTO']}'>{$r['sent']}</a> [{$r['cxTO']}] (IP: {$r['cxTOIP']}) </td> <td>$m</td> <td> \${$r['cxAMOUNT']}</td> <td> [<a href='new_staff.php?action=fedform&XID={$r['cxFROM']}'>Jail Sender</a>] [<a href='new_staff.php?action=fedform&XID={$r['cxTO']}'>Jail Receiver</a>]</td> </tr>"; } print "</table>"; } // Admin or Secretary function give_item_form() { global $ir, $c; print "<h3>Giving Item To User</h3> <form action='new_staff.php?action=giveitemsub' method='post'> User: " . user_dropdown($c, 'user') . "<br /> Item: " . item_dropdown($c, 'item') . "<br /> Quantity: <input type='text' name='qty' value='1' /><br /> <input type='submit' value='Give Item' /></form>"; } function give_item_submit() { global $ir, $c; $_POST['item'] = abs(@intval($_POST['item'])); $_POST['user'] = abs(@intval($_POST['user'])); $_POST['qty'] = abs(@intval($_POST['qty'])); $d = mysql_query( "SELECT COUNT(itmid) FROM items WHERE itmid={$_POST['item']}", $c); if (mysql_result($d, 0, 0) == 0) { print "There is no such item."; return; } mysql_query( "INSERT INTO inventory VALUES(NULL,{$_POST['item']},{$_POST['user']},{$_POST['qty']})", $c) or die(mysql_error()); print "You gave {$_POST['qty']} of item ID {$_POST['item']} to user ID {$_POST['user']}"; } function mail_user_form() { global $ir, $c, $h, $userid; print "<h3>Mail Banning User</h3> The user will be banned from the mail system.<br /> <form action='new_staff.php?action=mailsub' method='post'> User: " . user_dropdown($c, 'user', $_GET['XID']) . "<br /> Days: <input type='text' name='days' /><br /> Reason: <input type='text' name='reason' /><br /> <input type='submit' value='Mailban User' /></form>"; } function mail_user_submit() { global $ir, $c, $h, $userid; $ins_user = abs((int) $_POST['user']); $ins_days = abs((int) $_POST['days']); $ins_reason = mysql_real_escape_string( htmlentities(stripslashes($_POST['reason']), ENT_QUOTES, 'ISO-8859-1'), $c); $log_reason = stripslashes($_POST['reason']); $re = mysql_query( "UPDATE users SET mailban={$ins_days},mb_reason='{$ins_reason}' WHERE userid={$ins_user}", $c); event_add($ins_user, "You were banned from mail for {$ins_days} day(s) for the following reason: {$log_reason}", $c); print "User mail banned."; } function inv_user_begin() { global $ir, $c, $h, $userid; print "<h3>Viewing User Inventory</h3> You may browse this user's inventory.<br /> <form action='new_staff.php?action=invuser' method='post'> User: " . user_dropdown($c, 'user') . "<br /> <input type='submit' value='View Inventory' /></form>"; } function inv_user_view() { global $ir, $c, $h, $userid; $test_user = abs((int) $_POST['user']); $inv = mysql_query( "SELECT iv.*,i.*,it.* FROM inventory iv LEFT JOIN items i ON iv.inv_itemid=i.itmid LEFT JOIN itemtypes it ON i.itmtype=it.itmtypeid WHERE iv.inv_userid={$test_user}", $c); if (mysql_num_rows($inv) == 0) { print "<b>This person has no items!</b>"; } else { print "<b>Their items are listed below.</b><br /> <table width=100%><tr style='background-color:gray;'><th>Item</th><th>Sell Value</th><th>Total Sell Value</th><th>Links</th></tr>"; while ($i = mysql_fetch_array($inv)) { print "<tr><td>{$i['itmname']}"; if ($i['inv_qty'] > 1) { print " x{$i['inv_qty']}"; } print "</td><td>\${$i['itmsellprice']}</td><td>"; print "$" . ($i['itmsellprice'] * $i['inv_qty']); print "</td><td>[<a href='new_staff.php?action=deleinv&ID={$i['inv_id']}'>Delete</a>]"; print "</td></tr>"; } print "</table>"; } } function inv_delete() { global $ir, $c, $h, $userid; $del_id = abs((int) $_GET['ID']); mysql_query("DELETE FROM inventory WHERE inv_id={$del_id}", $c); print "Item deleted from inventory."; } function credit_user_form() { global $ir, $c, $h, $userid; print "<h3>Crediting User</h3> You can give a user money/crystals.<br /> <form action='new_staff.php?action=creditsub' method='post'> User: " . user_dropdown($c, 'user') . "<br /> Money: <input type='text' name='money' /> Crystals: <input type='text' name='crystals' /><br /> <input type='submit' value='Credit User' /></form>"; } function credit_user_submit() { global $ir, $c, $h, $userid; $_POST['money'] = (int) $_POST['money']; $_POST['crystals'] = (int) $_POST['crystals']; $cred_user = abs((int) $_POST['user']); mysql_query( "UPDATE users u SET money=money+{$_POST['money']}, crystals=crystals+{$_POST['crystals']} WHERE u.userid={$cred_user}", $c); print "User credited."; } function view_mail_logs() { global $ir, $c, $h, $userid; $_GET['st'] = abs((int) $_GET['st']); $rpp = 100; print "<h3>Mail Logs</h3> <table width=75% border=2> \n<tr style='background:gray'> <th>ID</th> <th>Time</th> <th>User From</th> <th>User To</th> <th width>Subj</th> <th width=30%>Msg</th> <th> </th> </tr>"; $q = mysql_query( "SELECT m.*,u1.username as sender, u2.username as sent FROM mail m LEFT JOIN users u1 ON m.mail_from=u1.userid LEFT JOIN users u2 ON m.mail_to=u2.userid WHERE m.mail_from != 0 ORDER BY m.mail_time DESC LIMIT {$_GET['st']},$rpp", $c) or die( mysql_error() . "<br />" . "SELECT cx.*,u1.username as sender, u2.username as sent FROM cashxferlogs cx LEFT JOIN users u1 ON cx.cxFROM=u1.userid LEFT JOIN users u2 ON cx.cxTO=u2.userid ORDER BY cx.cxTIME DESC LIMIT {$_GET['st']},$rpp"); while ($r = mysql_fetch_array($q)) { print "\n<tr><td>{$r['mail_id']}</td> <td>" . date("F j, Y, g:i:s a", $r['mail_time']) . "</td><td>{$r['sender']} [{$r['mail_from']}] </td> <td>{$r['sent']} [{$r['mail_to']}] </td> \n<td> {$r['mail_subject']}</td> \n<td>{$r['mail_text']}</td> <td> [<a href='new_staff.php?action=mailform&XID={$r['mail_from']}'>MailBan Sender</a>] [<a href='new_staff.php?action=mailform&XID={$r['mail_to']}'>MailBan Receiver</a>]</td> </tr>"; } print "</table><br /> "; $q2 = mysql_query("SELECT mail_id FROM mail WHERE mail_from != 0", $c); $rs = mysql_num_rows($q2); $pages = ceil($rs / 20); print "Pages: "; for ($i = 1; $i <= $pages; $i++) { $st = ($i - 1) * 20; print "<a href='new_staff.php?action=maillogs&st=$st'>$i</a> "; if ($i % 7 == 0) { print "<br />\n"; } } } function reports_view() { global $ir, $c, $h, $userid; print "<h3>Player Reports</h3> <table width=80%><tr style='background:gray'><th>Reporter</th> <th>Offender</th> <th>What they did</th> <th> </th> </tr>"; $q = mysql_query( "SELECT pr.*,u1.username as reporter, u2.username as offender FROM preports pr LEFT JOIN users u1 ON u1.userid=pr.prREPORTER LEFT JOIN users u2 ON u2.userid=pr.prREPORTED ORDER BY pr.prID DESC", $c) or die(mysql_error()); while ($r = mysql_fetch_array($q)) { $report = nl2br(htmlentities($r['prTEXT'], ENT_QUOTES, 'ISO-8859-1')); print "\n<tr> <td><a href='viewuser.php?u={$r['prREPORTER']}'>{$r['reporter']}</a> [{$r['prREPORTER']}]</td> <td><a href='viewuser.php?u={$r['prREPORTED']}'>{$r['offender']}</a> [{$r['prREPORTED']}]</td> <td>{$report}</td> <td><a href='new_staff.php?action=repclear&ID={$r['prID']}'>Clear</a></td> </tr>"; } print "</table>"; } function report_clear() { global $ir, $c, $h, $userid; $_GET['ID'] = abs((int) $_GET['ID']); mysql_query("DELETE FROM preports WHERE prID={$_GET['ID']}", $c); print "Report cleared and deleted!<br /> <a href='new_staff.php?action=reportsview'>> Back</a>"; } // Admins Only function new_user_form() { global $ir, $c; print "Adding a new user.<br /> <form action='new_staff.php?action=newusersub' method='post'> Username: <input type='text' name='username' /><br /> Login Name: <input type='text' name='login_name' /><br /> Email: <input type='text' name='email' /><br /> Password: <input type='text' name='userpass' /><br /> Type: <input type='radio' name='user_level' value='0' />NPC <input type='radio' name='user_level' value='1' checked='checked' />Regular Member<br /> Level: <input type='text' name='level' value='1' /><br /> Money: <input type='text' name='money' value='100' /><br /> Crystals: <input type='text' name='crystals' value='0' /><br /> Donator Days: <input type='text' name='donatordays' value='0' /><br /> Gender: <select name='gender' type='dropdown'><option>Male</option><option>Female</option></select><br /> <br /> <b>Stats</b><br /> Strength: <input type='text' name='strength' value='10' /><br /> Agility: <input type='text' name='agility' value='10' /><br /> Guard: <input type='text' name='guard' value='10' /><br /> Labour: <input type='text' name='labour' value='10' /><br /> IQ: <input type='text' name='labour' value='10' /><br /> <br /> <input type='submit' value='Create User' /></form>"; } function new_user_submit() { global $ir, $c, $userid; if (!isset($_POST['username']) || !isset($_POST['login_name']) || !isset($_POST['userpass'])) { print "You missed one or more of the required fields. Please go back and try again.<br /> <a href='new_staff.php?action=newuser'>> Back</a>"; $h->endpage(); exit; } $level = abs((int) $_POST['level']); $money = abs((int) $_POST['money']); $crystals = abs((int) $_POST['crystals']); $donator = abs((int) $_POST['donatordays']); $ulevel = abs((int) $_POST['user_level']); $strength = abs((int) $_POST['strength']); $agility = abs((int) $_POST['agility']); $guard = abs((int) $_POST['guard']); $labour = abs((int) $_POST['labour']); $iq = abs((int) $_POST['iq']); $energy = 10 + $level * 2; $brave = 3 + $level * 2; $hp = 50 + $level * 50; $username = mysql_real_escape_string( strip_tags(stripslashes($_POST['username'])), $c); $loginname = mysql_real_escape_string( strip_tags(stripslashes($_POST['login_name'])), $c); $password = stripslashes($_POST['userpass']); $salt = generate_pass_salt(); $enc_psw = encode_password($password, $salt, false); $i_salt = mysql_real_escape_string($salt, $c); $i_encpsw = mysql_real_escape_string($enc_psw, $c); $email = mysql_real_escape_string( strip_tags(stripslashes($_POST['email'])), $c); $gender = (isset($_POST['gender']) && in_array($_POST['gender'], array('Male', 'Female'))) ? $_POST['gender'] : 'Male'; mysql_query( "INSERT INTO users (username, login_name, userpass, level, money, crystals, donatordays, user_level, energy, maxenergy, will, maxwill, brave, maxbrave, hp, maxhp, location, gender, signedup, email, bankmoney, pass_salt) VALUES( '{$username}', '{$loginname}', '{$i_encpsw}', $level, $money, $crystals, $donator, $ulevel, $energy, $energy, 100, 100, $brave, $brave, $hp, $hp, 1, '{$gender}', " . time() . ", '{$email}', -1, '{$i_salt}')", $c); $i = mysql_insert_id($c); mysql_query( "INSERT INTO userstats VALUES($i, $strength, $agility, $guard, $labour, $iq)", $c); print "User created!"; } function new_item_form() { global $ir, $c; print "<h3>Adding an item to the game</h3><form action='new_staff.php?action=newitemsub' method='post'> Item Name: <input type='text' name='itmname' value='' /><br /> Item Desc.: <input type='text' name='itmdesc' value='' /><br /> Item Type: " . itemtype_dropdown($c, 'itmtype') . "<br /> Item Buyable: <input type='checkbox' name='itmbuyable' checked='checked' /><br /> Item Price: <input type='text' name='itmbuyprice' /><br /> Item Sell Value: <input type='text' name='itmsellprice' /><br /><br /> <b>Specialized</b><br /> Item Energy Regen (food only): <input type='text' name='energy' value='1' /><br /> Item Health Regen (medical only): <input type='text' name='health' value='10' /><br /> Power (weapons only): <input type='text' name='damage' value='10' /><br /> Damage Off (armor only): <input type='text' name='Defence' value='10' /><br /> <input type='submit' value='Add Item To Game' /></form>"; } function new_item_submit() { global $ir, $c, $h; if (!isset($_POST['itmname']) || !isset($_POST['itmdesc']) || !isset($_POST['itmtype']) || !isset($_POST['itmbuyprice']) || !isset($_POST['itmsellprice'])) { print "You missed one or more of the fields. Please go back and try again.<br /> <a href='new_staff.php?action=newitem'>> Back</a>"; $h->endpage(); exit; } $itmname = mysql_real_escape_string( strip_tags(stripslashes($_POST['itmname'])), $c); $itmdesc = mysql_real_escape_string( strip_tags(stripslashes($_POST['itmdesc'])), $c); if ($_POST['itmbuyable'] == 'on') { $itmbuy = 1; } else { $itmbuy = 0; } // verify item type $itmtype = abs(@intval($_POST['itmtype'])); $itq = mysql_query( "SELECT COUNT(`itmtypeid`) FROM itemtypes WHERE `itmtypeid` = {$itmtype}"); if (mysql_result($itq, 0, 0) == 0) { print "That item type doesn't exist.<br /> <a href='new_staff.php?action=newitem'>> Back</a>"; $h->endpage(); exit; } $itmbuyp = abs(@intval($_POST['itmbuyprice'])); $itmsellp = abs(@intval($_POST['itmsellprice'])); $m = mysql_query( "INSERT INTO items VALUES(NULL,{$itmtype},'$itmname','$itmdesc', {$itmbuyp},{$itmsellp},$itmbuy)", $c) or die(mysql_error()); if ($_POST['itmtype'] == 1) { $stat = abs(@intval($_POST['energy'])); $i = mysql_insert_id(); mysql_query("INSERT INTO food VALUES($i,{$stat})", $c) or die(mysql_error()); } if ($_POST['itmtype'] == 3 || $_POST['itmtype'] == 4) { $stat = abs(@intval($_POST['damage'])); $i = mysql_insert_id(); mysql_query("INSERT INTO weapons VALUES($i,{$stat})", $c) or die(mysql_error()); } if ($_POST['itmtype'] == 5) { $stat = abs(@intval($_POST['health'])); $i = mysql_insert_id(); mysql_query("INSERT INTO medical VALUES($i,{$stat})", $c) or die(mysql_error()); } if ($_POST['itmtype'] == 7) { $stat = abs(@intval($_POST['Defence'])); $i = mysql_insert_id(); mysql_query("INSERT INTO armour VALUES($i,{$stat})", $c) or die(mysql_error()); } print "The {$_POST['itmname']} Item was added to the game."; } function kill_item_form() { global $ir, $c, $h, $userid; print "<h3>Deleting Item</h3> The item will be permanently removed from the game.<br /> <form action='new_staff.php?action=killitemsub' method='post'> Item: " . item_dropdown($c, 'item') . "<br /> <input type='submit' value='Kill Item' /></form>"; } function kill_item_submit() { global $ir, $c, $h, $userid; $_POST['item'] = abs(@intval($_POST['item'])); $d = mysql_query("SELECT * FROM items WHERE itmid={$_POST['item']}", $c); if (mysql_num_rows($d) == 0) { print "There is no such item."; return; } $itemi = mysql_fetch_array($d); mysql_query("DELETE FROM items WHERE itmid={$_POST['item']}", $c); mysql_query("DELETE FROM shopitems WHERE sitemITEMID={$_POST['item']}", $c); mysql_query("DELETE FROM inventory WHERE inv_itemid={$_POST['item']}", $c); mysql_query("DELETE FROM food WHERE item_id={$_POST['item']}", $c); mysql_query("DELETE FROM weapons WHERE item_id={$_POST['item']}", $c); mysql_query("DELETE FROM medical WHERE item_id={$_POST['item']}", $c); mysql_query("DELETE FROM armour WHERE item_ID={$_POST['item']}", $c); mysql_query("DELETE FROM itemmarket WHERE imITEM={$_POST['item']}", $c); print "The {$itemi['itmname']} Item was removed from the game."; } function edit_item_begin() { global $ir, $c, $h, $userid; print "<h3>Editing Item</h3> You can edit any aspect of this item.<br /> <form action='new_staff.php?action=edititemform' method='post'> Item: " . item_dropdown($c, 'item') . "<br /> <input type='submit' value='Edit Item' /></form>"; } function edit_item_form() { global $ir, $c, $h; $_POST['item'] = abs(@intval($_POST['item'])); $d = mysql_query("SELECT * FROM items WHERE itmid={$_POST['item']}", $c); if (mysql_num_rows($d) == 0) { print "There is no such item."; return; } $itemi = mysql_fetch_array($d); $f = mysql_query("SELECT * FROM food WHERE item_id={$_POST['item']}", $c); if (mysql_num_rows($f) > 0) { $a = mysql_fetch_array($f); $energy = $a['energy']; } else { $energy = 1; } $f = mysql_query( "SELECT * FROM medical WHERE item_id={$_POST['item']}", $c); if (mysql_num_rows($f) > 0) { $a = mysql_fetch_array($f); $health = $a['health']; } else { $health = 10; } $f = mysql_query( "SELECT * FROM weapons WHERE item_id={$_POST['item']}", $c); if (mysql_num_rows($f) > 0) { $a = mysql_fetch_array($f); $damage = $a['damage']; } else { $damage = 1; } $f = mysql_query( "SELECT * FROM armour WHERE item_ID={$_POST['item']}", $c); if (mysql_num_rows($f) > 0) { $a = mysql_fetch_array($f); $def = $a['Defence']; } else { $def = 10; } print "<h3>Editing Item</h3> <form action='new_staff.php?action=edititemsub' method='post'> <input type='hidden' name='itmid' value='{$_POST['item']}' /> Item Name: <input type='text' name='itmname' value='{$itemi['itmname']}' /><br /> Item Desc.: <input type='text' name='itmdesc' value='{$itemi['itmdesc']}' /><br /> Item Type: " . itemtype_dropdown($c, 'itmtype', $itemi['itmtype']) . "<br /> Item Buyable: <input type='checkbox' name='itmbuyable'"; if ($itemi['itmbuyable']) { print " checked='checked'"; } print " /><br /> Item Price: <input type='text' name='itmbuyprice' value='{$itemi['itmbuyprice']}' /><br /> Item Sell Value: <input type='text' name='itmsellprice' value='{$itemi['itmsellprice']}'/><br /><br /> <b>Specialized</b><br /> Item Energy Regen (food only): <input type='text' name='energy' value='$energy' /><br /> Item Health Regen (medical only): <input type='text' name='health' value='$health' /><br /> Power (weapons only): <input type='text' name='damage' value='$damage' /><br /> Damage Off (armor only): <input type='text' name='Defence' value='$def' /><br /> <input type='submit' value='Edit Item' /></form>"; } function edit_item_sub() { global $ir, $c, $h, $userid; if (!isset($_POST['itmname']) || !isset($_POST['itmdesc']) || !isset($_POST['itmtype']) || !isset($_POST['itmbuyprice']) || !isset($_POST['itmsellprice'])) { print "You missed one or more of the fields. Please go back and try again.<br /> <a href='new_staff.php?action=edititem'>> Back</a>"; $h->endpage(); exit; } $itmid = abs(@intval($_POST['itmid'])); $iq = mysql_query( "SELECT COUNT(`itmid`) FROM items WHERE `itmid` = {$itmid}"); if (mysql_result($iq, 0, 0) == 0) { print "That item doesn't exist.<br /> <a href='new_staff.php?action=edititem'>> Back</a>"; $h->endpage(); exit; } $itmname = mysql_real_escape_string( strip_tags(stripslashes($_POST['itmname'])), $c); $itmdesc = mysql_real_escape_string( strip_tags(stripslashes($_POST['itmdesc'])), $c); if ($_POST['itmbuyable'] == 'on') { $itmbuy = 1; } else { $itmbuy = 0; } // verify item type $itmtype = abs(@intval($_POST['itmtype'])); $itq = mysql_query( "SELECT COUNT(`itmtypeid`) FROM itemtypes WHERE `itmtypeid` = {$itmtype}"); if (mysql_result($itq, 0, 0) == 0) { print "That item type doesn't exist.<br /> <a href='new_staff.php?action=edititem'>> Back</a>"; $h->endpage(); exit; } $itmbuyp = abs(@intval($_POST['itmbuyprice'])); $itmsellp = abs(@intval($_POST['itmsellprice'])); mysql_query("DELETE FROM items WHERE itmid={$itmid}", $c); mysql_query("DELETE FROM food WHERE item_id={$itmid}", $c); mysql_query("DELETE FROM weapons WHERE item_id={$itmid}", $c); mysql_query("DELETE FROM medical WHERE item_id={$itmid}", $c); mysql_query("DELETE FROM armour WHERE item_ID={$itmid}", $c); $m = mysql_query( "INSERT INTO items VALUES('{$itmid}',{$itmtype},'$itmname', '$itmdesc',{$itmbuyp},{$itmsellp},$itmbuy)", $c) or die(mysql_error()); if ($_POST['itmtype'] == 1) { $stat = abs(@intval($_POST['energy'])); mysql_query("INSERT INTO food VALUES({$itmid},{$stat})", $c) or die(mysql_error()); } if ($_POST['itmtype'] == 5) { $stat = abs(@intval($_POST['health'])); mysql_query("INSERT INTO medical VALUES({$itmid},{$stat})", $c) or die(mysql_error()); } if ($_POST['itmtype'] == 3 || $_POST['itmtype'] == 4) { $stat = abs(@intval($_POST['damage'])); mysql_query("INSERT INTO weapons VALUES({$itmid},{$stat})", $c) or die(mysql_error()); } if ($_POST['itmtype'] == 7) { $stat = abs(@intval($_POST['Defence'])); $i = mysql_insert_id(); mysql_query("INSERT INTO armour VALUES({$itmid},{$stat})", $c) or die(mysql_error()); } print "The {$_POST['itmname']} Item was edited successfully."; } function new_shop_form() { global $ir, $c, $h; print "<h3>Adding a New Shop</h3> <form action='new_staff.php?action=newshopsub' method='post'> Shop Name: <input type='text' name='sn' value='' /><br /> Shop Desc: <input type='text' name='sd' value='' /><br /> Shop Location: " . location_dropdown($c, "sl") . "<br /> <input type='submit' value='Create Shop' /></form>"; } function new_shop_submit() { global $ir, $c, $h; if (!isset($_POST['sn']) || !isset($_POST['sd'])) { print "You missed a field, go back and try again.<br /> <a href='new_staff.php?action=newitem'>> Back</a>"; } else { $sn = mysql_real_escape_string( strip_tags(stripslashes($_POST['sn'])), $c); $sd = mysql_real_escape_string( strip_tags(stripslashes($_POST['sd'])), $c); $location = abs(@intval($_POST['sl'])); // Verify location $locq = mysql_query( "SELECT COUNT(`cityid`) FROM cities WHERE `cityid` = {$location}"); if (mysql_result($locq, 0, 0) == 0) { print "That location doesn't exist.<br /> <a href='new_staff.php?action=newshop'>> Back</a>"; $h->endpage(); exit; } mysql_query("INSERT INTO shops VALUES(NULL,{$location},'$sn','$sd')", $c); print "The $sn Shop was successfully added to the game."; } } function new_stock_form() { global $ir, $c, $h; print "<h3>Adding an item to a shop</h3> <form action='new_staff.php?action=newstocksub' method='post'> Shop: " . shop_dropdown($c, "shop") . "<br /> Item: " . item_dropdown($c, "item") . "<br /> <input type='submit' value='Add Item To Shop' /></form>"; } function new_stock_submit() { global $ir, $c, $h; $shop = abs(@intval($_POST['shop'])); $item = abs(@intval($_POST['item'])); // Verify details $shopq = mysql_query( "SELECT COUNT(`shopID`) FROM shops WHERE `shopID` = {$shop}", $c); if (mysql_result($shopq, 0, 0) == 0) { print "That shop doesn't exist.<br /> <a href='new_staff.php?action=newstock'>> Back</a>"; $h->endpage(); exit; } $itemq = mysql_query( "SELECT COUNT(`itmid`) FROM items WHERE `itmid` = {$item}", $c); if (mysql_result($itemq, 0, 0) == 0) { print "That item doesn't exist.<br /> <a href='new_staff.php?action=newstock'>> Back</a>"; $h->endpage(); exit; } mysql_query("INSERT INTO shopitems VALUES(NULL,{$shop},{$item})", $c); print "Item ID {$item} was successfully added to shop ID {$shop}"; } function edit_user_begin() { global $ir, $c, $h, $userid; print "<h3>Editing User</h3> You can edit any aspect of this user. <br /> <form action='new_staff.php?action=edituserform' method='post'> User: " . user_dropdown($c, 'user') . "<br /> <input type='submit' value='Edit User' /></form> OR enter a user ID to edit: <form action='new_staff.php?action=edituserform' method='post'> User: <input type='text' name='user' value='0' /><br /> <input type='submit' value='Edit User' /></form>"; } function edit_user_form() { global $ir, $c, $h, $userid; $user = abs(@intval($_POST['user'])); $d = mysql_query( "SELECT u.*,us.* FROM users u LEFT JOIN userstats us on u.userid=us.userid WHERE u.userid={$user}", $c); if (mysql_num_rows($d) == 0) { print "That user doesn't exist.<br /> > <a href='new_staff.php?action=edituser'>Try again</a>"; return; } $itemi = mysql_fetch_array($d); $snbit = htmlentities($itemi['staffnotes'], ENT_QUOTES, 'ISO-8859-1'); print "<h3>Editing User</h3> <form action='new_staff.php?action=editusersub' method='post'> <input type='hidden' name='userid' value='{$_POST['user']}' /> Username: <input type='text' name='username' value='{$itemi['username']}' /><br /> Login Name: <input type='text' name='login_name' value='{$itemi['login_name']}' /><br /> Duties: <input type='text' name='duties' value='{$itemi['duties']}' /><br /> Staff Notes: <br /> <textarea rows='7' cols='60' name='staffnotes'>{$snbit}</textarea><br /> Level: <input type='text' name='level' value='{$itemi['level']}' /><br /> Money: \$<input type='text' name='money' value='{$itemi['money']}' /><br /> Bank: \$<input type='text' name='bankmoney' value='{$itemi['bankmoney']}' /><br /> Cyber Bank: \$<input type='text' name='cybermoney' value='{$itemi['cybermoney']}' /><br /> Crystals: <input type='text' name='crystals' value='{$itemi['crystals']}' /><br /> Mail Ban: <input type='text' name='mailban' value='{$itemi['mailban']}' /><br /> Mail Ban Reason: <input type='text' name='mb_reason' value='{$itemi['mb_reason']}' /><br /> Hospital time: <input type='text' name='hospital' value='{$itemi['hospital']}' /><br /> Hospital reason: <input type='text' name='hospreason' value='{$itemi['hospreason']}' /><br /> <h4>Stats</h4> Strength: <input type='text' name='strength' value='{$itemi['strength']}' /><br /> Agility: <input type='text' name='agility' value='{$itemi['agility']}' /><br /> Guard: <input type='text' name='guard' value='{$itemi['guard']}' /><br /> Labour: <input type='text' name='labour' value='{$itemi['labour']}' /><br /> IQ: <input type='text' name='IQ' value='{$itemi['IQ']}' /><br /> <input type='submit' value='Edit User' /></form>"; } function edit_user_sub() { global $ir, $c, $h, $userid; $go = 0; $user = abs(@intval($_POST['userid'])); if (!isset($_POST['level'])) { $go = 1; } if (!isset($_POST['money'])) { $go = 1; } if (!isset($_POST['bankmoney'])) { $go = 1; } if (!isset($_POST['crystals'])) { $go = 1; } if (!isset($_POST['strength'])) { $go = 1; } if (!isset($_POST['agility'])) { $go = 1; } if (!isset($_POST['guard'])) { $go = 1; } if (!isset($_POST['labour'])) { $go = 1; } if (!isset($_POST['IQ'])) { $go = 1; } if (!isset($_POST['username'])) { $go = 1; } if (!isset($_POST['login_name'])) { $go = 1; } if ($go) { $_POST['user'] = $_POST['userid']; print "You did not fully fill out the form."; edit_user_form(); } else { $_POST['level'] = (int) $_POST['level']; $_POST['strength'] = abs((int) $_POST['strength']); $_POST['agility'] = abs((int) $_POST['agility']); $_POST['guard'] = abs((int) $_POST['guard']); $_POST['labour'] = abs((int) $_POST['labour']); $_POST['IQ'] = abs((int) $_POST['IQ']); $_POST['money'] = (int) $_POST['money']; $_POST['bankmoney'] = (int) $_POST['bankmoney']; $_POST['cybermoney'] = (int) $_POST['cybermoney']; $_POST['crystals'] = (int) $_POST['crystals']; $_POST['mailban'] = (int) $_POST['mailban']; $_POST['hospital'] = abs((int) $_POST['hospital']); $username = mysql_real_escape_string( strip_tags(stripslashes($_POST['username'])), $c); $loginname = mysql_real_escape_string( strip_tags(stripslashes($_POST['login_name'])), $c); $duties = mysql_real_escape_string( strip_tags(stripslashes($_POST['duties'])), $c); $staffnotes = mysql_real_escape_string( strip_tags(stripslashes($_POST['staffnotes'])), $c); $mb_reason = mysql_real_escape_string( strip_tags(stripslashes($_POST['mb_reason'])), $c); $hospreason = mysql_real_escape_string( strip_tags(stripslashes($_POST['hospreason'])), $c); //check for username usage $u = mysql_query( "SELECT * FROM users WHERE username='{$username}' and userid != {$userid}", $c); if (mysql_num_rows($u) != 0) { print "That username is in use, choose another."; print "<br /><a href='new_staff.php?action=edituser'>> Back</a>"; $h->endpage(); exit; } $oq = mysql_query("SELECT * FROM users WHERE userid={$userid}", $c); if (mysql_num_rows($oq) == 0) { print 'That user doesn\'t exist.'; print "<br /><a href='new_staff.php?action=edituser'>> Back</a>"; $h->endpage(); exit; } $rm = mysql_fetch_array($oq); $energy = 10 + $_POST['level'] * 2; $nerve = 3 + $_POST['level'] * 2; $hp = 50 + $_POST['level'] * 50; mysql_query( "UPDATE users SET username='{$username}', level={$_POST['level']}, money={$_POST['money']}, crystals={$_POST['crystals']}, energy=$energy, brave=$nerve, maxbrave=$nerve, maxenergy=$energy, hp=$hp, maxhp=$hp, hospital={$_POST['hospital']}, duties='{$duties}', staffnotes='{$staffnotes}', mailban={$_POST['mailban']}, mb_reason='{$mb_reason}', hospreason='{$hospreason}', login_name='{$loginname}' WHERE userid={$userid}", $c); mysql_query( "UPDATE userstats SET strength={$_POST['strength']}, agility={$_POST['agility']}, guard={$_POST['guard']}, labour={$_POST['labour']}, IQ={$_POST['IQ']} WHERE userid={$userid}", $c); print "User edited...."; } } function fed_edit_form() { global $ir, $c, $h, $userid; print "<h3>Editing Fedjail Reason</h3> You are editing a player's sentence in fed jail.<br /> <form action='new_staff.php?action=fedesub' method='post'> User: " . fed_user_dropdown($c, 'user') . "<br /> Days: <input type='text' name='days' /><br /> Reason: <input type='text' name='reason' /><br /> <input type='submit' value='Jail User' /></form>"; } function fed_edit_submit() { global $ir, $c, $h, $userid; $ins_user = abs((int) $_POST['user']); $ins_days = abs((int) $_POST['days']); $ins_reason = mysql_real_escape_string( htmlentities(stripslashes($_POST['reason']), ENT_QUOTES, 'ISO-8859-1'), $c); mysql_query("DELETE FROM fedjail WHERE fed_userid={$ins_user}", $c); mysql_query( "INSERT INTO fedjail VALUES(NULL,{$ins_user},{$ins_days},$userid,'{$ins_reason}')", $c); mysql_query( "INSERT INTO jaillogs VALUES(NULL,$userid, {$ins_user}, {$ins_days}, '{$ins_reason}'," . time() . ")", $c); print "User's sentence edited."; } function newspaper_form() { global $ir, $c, $h, $userid; $q = mysql_query("SELECT * FROM papercontent LIMIT 1", $c); $news = htmlentities(mysql_result($q, 0, 0), ENT_QUOTES, 'ISO-8859-1'); print "<h3>Editing Newspaper</h3><form action='new_staff.php?action=subnews' method='post'> <textarea rows='7' cols='35' name='newspaper'>$news</textarea><br /><input type='submit' value='Change' /></form>"; } function newspaper_submit() { global $ir, $c, $h, $userid; $news = mysql_real_escape_string(stripslashes($_POST['newspaper']), $c); mysql_query("UPDATE papercontent SET content='$news'", $c); print "Newspaper updated!"; } function donators_list() { global $ir, $c, $h, $userid; print "<h3>Donations</h3> This lists the donations that need to be checked with our records and processed.<br /> <table width=75%><tr style='background:gray'><th>ID</th><th>Donator</th><th>Time</th><th> </th></tr>"; $q = mysql_query( "SELECT u.*,d.* FROM dps_process d LEFT JOIN users u ON u.userid=d.dp_userid", $c); while ($r = mysql_fetch_array($q)) { print "<tr><td>{$r['dp_id']}</td><td><a href='viewuser.php?u={$r['userid']}'>{$r['username']}</td><td>" . date('F j, Y, g:i:s a', $r['dp_time']) . "</td><td><a href='new_staff.php?action=acceptdp&ID={$r['dp_id']}'>Accept</a> | <a href='new_staff.php?action=declinedp&ID={$r['dp_id']}'>Decline</a></td></tr>"; } } function accept_dp() { global $ir, $c, $h, $userid; $acc_id = abs((int) $_GET['ID']); $q = mysql_query("SELECT * FROM dps_process WHERE dp_id={$acc_id}", $c); $r = mysql_fetch_array($q); if ($r['dp_type'] == 'standard') { mysql_query( "UPDATE users u LEFT JOIN userstats us ON u.userid=us.userid SET u.money=u.money+5000,u.crystals=u.crystals+50, us.IQ=us.IQ+50,u.donatordays=u.donatordays+30 WHERE u.userid={$r['dp_userid']}", $c); } else if ($r['dp_type'] == 'crystals') { mysql_query( "UPDATE users u LEFT JOIN userstats us ON u.userid=us.userid SET u.crystals=u.crystals+100,u.donatordays=u.donatordays+30 WHERE u.userid={$r['dp_userid']}", $c); } else if ($r['dp_type'] == 'iq') { mysql_query( "UPDATE users u LEFT JOIN userstats us ON u.userid=us.userid SET us.IQ=us.IQ+120,u.donatordays=u.donatordays+30 WHERE u.userid={$r['dp_userid']}", $c); } else if ($r['dp_type'] == 'fivedollars') { mysql_query( "UPDATE users u LEFT JOIN userstats us ON u.userid=us.userid SET u.money=u.money+15000,u.crystals=u.crystals+75, us.IQ=us.IQ+80,u.donatordays=u.donatordays+55 WHERE u.userid={$r['dp_userid']}", $c); } else if ($r['dp_type'] == 'tendollars') { mysql_query( "UPDATE users u LEFT JOIN userstats us ON u.userid=us.userid SET u.money=u.money+35000,u.crystals=u.crystals+160, us.IQ=us.IQ+180,u.donatordays=u.donatordays+115 WHERE u.userid={$r['dp_userid']}", $c); mysql_query( "INSERT INTO inventory VALUES(NULL,12,{$r['dp_userid']},1)", $c); } mysql_query("DELETE FROM dps_process WHERE dp_id={$_GET['ID']}", $c); event_add($r['dp_userid'], "Your Donation has been accepted and credited.", $c); print "Donation accepted and credited to user."; } function decline_dp() { global $ir, $c, $h, $userid; $del_id = abs((int) $_GET['ID']); $q = mysql_query("SELECT * FROM dps_process WHERE dp_id={$del_id}", $c); $r = mysql_fetch_array($q); mysql_query("DELETE FROM dps_process WHERE dp_id={$del_id}", $c); event_add($r['dp_userid'], "Your Donation has been rejected.", $c); print "Donation rejected."; } function give_dp_form() { global $ir, $c, $h, $userid; print "<h3>Giving User DP</h3> The user will receive the benefits of one 30-day donator pack.<br /> <form action='new_staff.php?action=givedpsub' method='post'> User: " . user_dropdown($c, 'user') . "<br /> <input type='radio' name='type' value='1' /> Pack 1 (Standard)<br /> <input type='radio' name='type' value='2' /> Pack 2 (Crystals)<br /> <input type='radio' name='type' value='3' /> Pack 3 (IQ)<br /> <input type='radio' name='type' value='4' /> Pack 4 (5.00)<br /> <input type='radio' name='type' value='5' /> Pack 5 (10.00)<br /> <input type='submit' value='Give User DP' /></form>"; } function give_dp_submit() { global $ir, $c, $h, $userid; $dp_user = abs((int) $_POST['user']); if ($_POST['type'] == 1) { mysql_query( "UPDATE users u LEFT JOIN userstats us ON u.userid=us.userid SET u.money=u.money+5000,u.crystals=u.crystals+50, us.IQ=us.IQ+50,u.donatordays=u.donatordays+30 WHERE u.userid={$dp_user}", $c); $d = 30; } else if ($_POST['type'] == 2) { mysql_query( "UPDATE users u LEFT JOIN userstats us ON u.userid=us.userid SET u.crystals=u.crystals+100, u.donatordays=u.donatordays+30 WHERE u.userid={$dp_user}", $c); $d = 30; } else if ($_POST['type'] == 3) { mysql_query( "UPDATE users u LEFT JOIN userstats us ON u.userid=us.userid SET us.IQ=us.IQ+120,u.donatordays=u.donatordays+30 WHERE u.userid={$dp_user}", $c); $d = 30; } else if ($_POST['type'] == 4) { mysql_query( "UPDATE users u LEFT JOIN userstats us ON u.userid=us.userid SET u.money=u.money+15000,u.crystals=u.crystals+75, us.IQ=us.IQ+80,u.donatordays=u.donatordays+55 WHERE u.userid={$dp_user}", $c); $d = 55; } else if ($_POST['type'] == 5) { mysql_query( "UPDATE users u LEFT JOIN userstats us ON u.userid=us.userid SET u.money=u.money+35000,u.crystals=u.crystals+160, us.IQ=us.IQ+180,u.donatordays=u.donatordays+115 WHERE u.userid={$dp_user}", $c); mysql_query("INSERT INTO inventory VALUES(NULL,12,{$dp_user},1)", $c); $d = 115; } $esc_type = htmlentities(stripslashes($_POST['type']), ENT_QUOTES, 'ISO-8859-1'); event_add($dp_user, "You were given one $d -day donator pack (Pack {$esc_type}) from the administration.", $c); print "User given a DP."; } function staff_list() { global $ir, $c, $h, $userid; print "<h3>Staff Management</h3>"; print "<b>Admins</b><br /> <table width=80%><tr style='background:gray'> <th>User</th> <th>Online?</th> <th>Links</th> </tr>"; $q = mysql_query( "SELECT * FROM users WHERE user_level=2 ORDER BY userid ASC", $c); while ($r = mysql_fetch_array($q)) { if ($r['laston'] >= time() - 15 * 60) { $on = "<font color=green><b>Online</b></font>"; } else { $on = "<font color=red><b>Offline</b></font>"; } print "\n<tr> <td><a href='viewuser.php?u={$r['userid']}'>{$r['username']}</a> [{$r['userid']}]</td> <td>$on</td> <td><a href='new_staff.php?action=userlevel&level=3&ID={$r['userid']}' >Secretary</a> · <a href='new_staff.php?action=userlevel&level=4&ID={$r['userid']}' >IRC Op</a> · <a href='new_staff.php?action=userlevel&level=5&ID={$r['userid']}' >Assistant</a> · <a href='new_staff.php?action=userlevel&level=1&ID={$r['userid']}' >Member</a></td></tr>"; } print "</table>"; print "<b>Secretaries</b><br /> <table width=80%><tr style='background:gray'> <th>User</th> <th>Online?</th> <th>Links</th> </tr>"; $q = mysql_query( "SELECT * FROM users WHERE user_level=3 ORDER BY userid ASC", $c); while ($r = mysql_fetch_array($q)) { if ($r['laston'] >= time() - 15 * 60) { $on = "<font color=green><b>Online</b></font>"; } else { $on = "<font color=red><b>Offline</b></font>"; } print "\n<tr> <td><a href='viewuser.php?u={$r['userid']}'>{$r['username']}</a> [{$r['userid']}]</td> <td>$on</td> <td><a href='new_staff.php?action=userlevel&level=2&ID={$r['userid']}' >Admin</a> · <a href='new_staff.php?action=userlevel&level=4&ID={$r['userid']}' >IRC Op</a> · <a href='new_staff.php?action=userlevel&level=5&ID={$r['userid']}' >Assistant</a> · <a href='new_staff.php?action=userlevel&level=1&ID={$r['userid']}' >Member</a></td></tr>"; } print "</table>"; print "<b>IRC Ops</b><br /> <table width=80%><tr style='background:gray'> <th>User</th> <th>Online?</th> <th>Links</th> </tr>"; $q = mysql_query( "SELECT * FROM users WHERE user_level=4 ORDER BY userid ASC", $c); while ($r = mysql_fetch_array($q)) { if ($r['laston'] >= time() - 15 * 60) { $on = "<font color=green><b>Online</b></font>"; } else { $on = "<font color=red><b>Offline</b></font>"; } print "\n<tr> <td><a href='viewuser.php?u={$r['userid']}'>{$r['username']}</a> [{$r['userid']}]</td> <td>$on</td> <td><a href='new_staff.php?action=userlevel&level=2&ID={$r['userid']}' >Admin</a> · <a href='new_staff.php?action=userlevel&level=3&ID={$r['userid']}' >Secretary</a> · <a href='new_staff.php?action=userlevel&level=5&ID={$r['userid']}' >Assistant</a> · <a href='new_staff.php?action=userlevel&level=1&ID={$r['userid']}' >Member</a></td></tr>"; } print "</table>"; print "<b>Assistants</b><br /> <table width=80%><tr style='background:gray'> <th>User</th> <th>Online?</th> <th>Links</th> </tr>"; $q = mysql_query( "SELECT * FROM users WHERE user_level=5 ORDER BY userid ASC", $c); while ($r = mysql_fetch_array($q)) { if ($r['laston'] >= time() - 15 * 60) { $on = "<font color=green><b>Online</b></font>"; } else { $on = "<font color=red><b>Offline</b></font>"; } print "\n<tr> <td><a href='viewuser.php?u={$r['userid']}'>{$r['username']}</a> [{$r['userid']}]</td> <td>$on</td> <td><a href='new_staff.php?action=userlevel&level=2&ID={$r['userid']}' >Admin</a> · <a href='new_staff.php?action=userlevel&level=3&ID={$r['userid']}' >Secretary</a> · <a href='new_staff.php?action=userlevel&level=4&ID={$r['userid']}' >IRC Op</a> · <a href='new_staff.php?action=userlevel&level=1&ID={$r['userid']}' >Member</a></td></tr>"; } print "</table>"; } function userlevel() { global $ir, $c, $h, $userid; $_GET['level'] = abs((int) $_GET['level']); $_GET['ID'] = abs((int) $_GET['ID']); mysql_query( "UPDATE users SET user_level={$_GET['level']} WHERE userid={$_GET['ID']}", $c); print "User's level adjusted."; } function userlevelform() { global $ir, $c, $h, $userid; print "<h3>User Level Adjust</h3> <form action='new_staff.php' method='get'> <input type='hidden' name='action' value='userlevel'> User: " . user_dropdown($c, 'ID') . "<br /> User Level:<br /> <input type='radio' name='level' value='1' /> Member<br /> <input type='radio' name='level' value='2' /> Admin<br /> <input type='radio' name='level' value='3' /> Secretary<br /> <input type='radio' name='level' value='4' /> IRC Op<br /> <input type='radio' name='level' value='5' /> Assistant<br /> <input type='submit' value='Adjust' /></form>"; } function massmailer() { global $ir, $c, $userid; if ($_POST['text']) { $_POST['text'] = mysql_real_escape_string( nl2br(strip_tags(stripslashes($_POST['text']))), $c); $subj = "This is a mass mail from the administration"; if ($_POST['cat'] == 1) $q = mysql_query("SELECT * FROM users ", $c); else if ($_POST['cat'] == 2) $q = mysql_query("SELECT * FROM users WHERE user_level > 1", $c); else if ($_POST['cat'] == 3) $q = mysql_query("SELECT * FROM users WHERE user_level=2", $c); else $q = mysql_query( "SELECT * FROM users WHERE user_level={$_POST['level']}", $c); while ($r = mysql_fetch_array($q)) { mysql_query( "INSERT INTO mail VALUES(NULL, 0, 0, {$r['userid']}, " . time() . ",'$subj','{$_POST['text']}')", $c); print "Mass mail sent to {$r['username']}.<br />"; } print "Mass mail sending complete!<br /> <a href='new_staff.php'>> Back</a>"; } else { print "<b>Mass Mailer</b><br /> <form action='new_staff.php?action=massmailer' method='post'> Text: <br /> <textarea name='text' rows='7' cols='40'></textarea><br /> <input type='radio' name='cat' value='1' /> Send to all members <input type='radio' name='cat' value='2' /> Send to staff only <input type='radio' name='cat' value='3' /> Send to admins only<br /> OR Send to user level:<br /> <input type='radio' name='level' value='1' /> Member<br /> <input type='radio' name='level' value='2' /> Admin<br /> <input type='radio' name='level' value='3' /> Secretary<br /> <input type='radio' name='level' value='4' /> IRC Op<br /> <input type='radio' name='level' value='5' /> Assistant<br /> <input type='submit' value='Send' /></form>"; } } function adnewspaper_form() { global $ir, $c, $h, $userid; print "<h3>Editing Admin News</h3><form action='new_staff.php?action=subadnews' method='post'> <textarea rows='7' cols='35' name='newspaper'>"; include "admin.news"; print "</textarea><br /><input type='submit' value='Change' /></form>"; } function adnewspaper_submit() { global $ir, $c, $h, $userid; $l = fopen("admin.news", "w"); fwrite($l, stripslashes($_POST['newspaper'])); fclose($l); print "Admin News updated!"; } // Experimental Stuff function admin_user_record() { global $ir, $userid, $admin, $c; $user = abs((int) $_GET['user']); if ($user) { $q = mysql_query( "SELECT u.*, us.*, h.*, c.*, f.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid LEFT JOIN houses h ON u.maxwill=h.hWILL LEFT JOIN courses c ON u.course=c.crID LEFT JOIN fedjail f ON u.userid = f.fed_userid WHERE u.userid=$user", $c) or die(mysql_error()); if (!mysql_num_rows($q)) { $_GET['user'] = 0; admin_user_record(); } else { $r = mysql_fetch_array($q); print "<table width='100%' border='2'><tr style='background: gray'> <th>User</th> <th>Stats</th> <th>Restrictions</th> </tr> <tr> <td> Username: {$r['username']}<br /> Login: {$r['login_name']}<br /> User ID: {$r['userid']}<br /> Level: {$r['level']}<br /> Exp: {$r['exp']}<br /> Money: {$r['money']}<br /> Crystals: {$r['crystals']}<br /> Last Active: {$r['laston']}<br /> Last IP: {$r['lastip']}<br /> Energy: {$r['energy']}<br /> Max Energy: {$r['maxenergy']}<br /> Health: {$r['hp']}<br /> Max Health: {$r['maxhp']}<br /> Will: {$r['will']}<br /> Max Will: {$r['maxwill']}<br /> Property: {$r['hNAME']}<br /> Brave: {$r['brave']}<br /> Max Brave: {$r['maxbrave']}<br /> Location: {$r['location']}<br /> Hospital: {$r['hospital']}<br /> Hosp Reason: {$r['hospreason']}<br /> User Level: {$r['user_level']}<br /> Duties: {$r['duties']}<br /> Gender: {$r['gender']}<br /> Course: {$r['cNAME']}<br /> Days Left: {$r['cdays']}<br /> Days Old: {$r['daysold']}<br /> Signed Up: {$r['signedup']}<br /> Donator: {$r['donatordays']}<br /> Email: {$r['email']}<br /> Pic: {$r['displaypic']}<br /> Bank: {$r['bankmoney']}<br /> Cyber Bank: {$r['cybermoney']}<br /> Notes: {$r['staffnotes']} </td> <td> Strength: {$r['strength']}<br /> Agility: {$r['agility']}<br /> Guard: {$r['guard']}<br /> Labour: {$r['labour']}<br /> IQ: {$r['IQ']} </td> <td> Fed Jail: {$r['fed_days']}<br /> Reason: {$r['fed_reason']}<br /> Who: {$r['fed_jailedby']}<br /> Mail Banned: {$r['mailban']}<br /> Mail Ban Reason: {$r['mb_reason']} </td> </tr> </table>"; } } else { print <<<EOF <form action='new_staff.php' method='get'> <input type='hidden' name='action' value='record' /> <h4>User Record</h4> Enter a user ID to view the record of: <input type='text' name='user' value='1' /><br /> <input type='submit' value='Go' /> </form> EOF; } } function admin_user_changeid() { global $ir, $userid, $admin, $c; $user = abs((int) $_POST['user']); $submit = abs((int) $_POST['submit']); $new_id = abs((int) $_POST['newid']); if ($submit && $user && $new_id) { mysql_query("UPDATE users SET userid=$new_id WHERE userid = $user", $c); mysql_query( "UPDATE userstats SET userid=$new_id WHERE userid = $user", $c); mysql_query( "UPDATE adminlogs SET adUSER=$new_id WHERE adUSER = $user", $c); mysql_query( "UPDATE applications SET appUSER=$new_id WHERE appUSER = $user", $c); mysql_query( "UPDATE attacklogs SET attacker=$new_id WHERE attacker = $user", $c); mysql_query( "UPDATE attacklogs SET attacked=$new_id WHERE attacked = $user", $c); mysql_query( "UPDATE blacklist SET bl_ADDED=$new_id WHERE bl_ADDED = $user", $c); mysql_query( "UPDATE blacklist SET bl_ADDER=$new_id WHERE bl_ADDER = $user", $c); mysql_query( "UPDATE cashxferlogs SET cxFROM=$new_id WHERE cxFROM = $user", $c); mysql_query( "UPDATE cashxferlogs SET cxTO=$new_id WHERE cxTO = $user", $c); mysql_query( "UPDATE challengesbeaten SET userid=$new_id WHERE userid = $user", $c); mysql_query( "UPDATE challengesbeaten SET npcid=$new_id WHERE npcid = $user", $c); mysql_query( "UPDATE coursesdone SET userid=$new_id WHERE userid = $user", $c); mysql_query( "UPDATE crystalmarket SET cmADDER=$new_id WHERE cmADDER = $user", $c); mysql_query( "UPDATE dps_process SET dp_userid=$new_id WHERE dp_userid = $user", $c); mysql_query("UPDATE events SET evUSER=$new_id WHERE evUSER = $user", $c); mysql_query( "UPDATE fedjail SET fed_userid=$new_id WHERE fed_userid = $user", $c); mysql_query( "UPDATE fedjail SET fed_jailedby=$new_id WHERE fed_jailedby = $user", $c); mysql_query( "UPDATE friendslist SET fl_ADDER=$new_id WHERE fl_ADDER = $user", $c); mysql_query( "UPDATE friendslist SET fl_ADDED=$new_id WHERE fl_ADDED = $user", $c); mysql_query( "UPDATE imarketaddlogs SET imaADDER=$new_id WHERE imaADDER = $user", $c); mysql_query( "UPDATE imbuylogs SET imbADDER=$new_id WHERE imbADDER = $user", $c); mysql_query( "UPDATE imbuylogs SET imbBUYER=$new_id WHERE imbBUYER = $user", $c); mysql_query( "UPDATE imremovelogs SET imrADDER=$new_id WHERE imrADDER = $user", $c); mysql_query( "UPDATE imremovelogs SET imrREMOVER=$new_id WHERE imrREMOVER = $user", $c); mysql_query( "UPDATE inventory SET inv_userid=$new_id WHERE inv_userid = $user", $c); mysql_query( "UPDATE itembuylogs SET ibUSER=$new_id WHERE ibUSER = $user", $c); mysql_query( "UPDATE itemmarket SET imADDER=$new_id WHERE imADDER = $user", $c); mysql_query( "UPDATE itemselllogs SET isUSER=$new_id WHERE isUSER = $user", $c); mysql_query( "UPDATE itemxferlogs SET ixFROM=$new_id WHERE ixFROM = $user", $c); mysql_query( "UPDATE itemxferlogs SET ixTO=$new_id WHERE ixTO = $user", $c); mysql_query( "UPDATE jaillogs SET jaJAILER=$new_id WHERE jaJAILER = $user", $c); mysql_query( "UPDATE jaillogs SET jaJAILED=$new_id WHERE jaJAILED = $user", $c); mysql_query( "UPDATE mail SET mail_from=$new_id WHERE mail_from = $user", $c); mysql_query("UPDATE mail SET mail_to=$new_id WHERE mail_to = $user", $c); mysql_query( "UPDATE mail SET mail_from=$new_id WHERE mail_from = $user", $c); mysql_query( "UPDATE preports SET prREPORTED=$new_id WHERE prREPORTED = $user", $c); mysql_query( "UPDATE preports SET prREPORTER=$new_id WHERE prREPORTER = $user", $c); mysql_query( "UPDATE referals SET refREFER=$new_id WHERE refREFER = $user", $c); mysql_query( "UPDATE referals SET refREFED=$new_id WHERE refREFED = $user", $c); mysql_query( "UPDATE seclogs SET secUSER=$new_id WHERE secUSER = $user", $c); mysql_query( "UPDATE staffnotelogs SET snCHANGER=$new_id WHERE snCHANGER = $user", $c); mysql_query( "UPDATE staffnotelogs SET snCHANGED=$new_id WHERE snCHANGED = $user", $c); mysql_query( "UPDATE unjaillogs SET ujaJAILER=$new_id WHERE ujaJAILER = $user", $c); mysql_query( "UPDATE unjaillogs SET ujaJAILED=$new_id WHERE ujaJAILED = $user", $c); mysql_query("UPDATE votes SET userid=$new_id WHERE userid = $user", $c); mysql_query( "UPDATE willplogs SET wp_userid=$new_id WHERE wp_userid = $user", $c); print "User's ID changed! They will have to re-login."; } else if ($user && $new_id) { $q = mysql_query( "SELECT username FROM users WHERE userid = $user", $c); $q2 = mysql_query( "SELECT userid FROM users WHERE userid = $new_id", $c); if (mysql_num_rows($q2)) { print "<font color='red'><b>That User ID is already in Use.</b></font><br />\n"; $_POST['newid'] = 0; admin_user_changeid(); } else { print "You are changing " . mysql_result($q, 0, 0) . "'s user ID to $new_id<br /> <form action='new_staff.php?action=change_id' method='post'> <input type='hidden' name='user' value='$user' /> <input type='hidden' name='newid' value='$new_id' /> <input type='hidden' name='submit' value='1' /> <input type='submit' value='Change ID' /> </form>"; } } else { print "<h3>Change User ID</h3> <form action='new_staff.php?action=change_id' method='post'> <table border='1' width='50%'> <tr> <td align='right'>User's ID:</td> <td align='left'><input type='text' name='user' value='1' /></td> </tr> <tr> <td align='right'>New ID:</td> <td align='left'><input type='text' name='newid' value='1000' /></td> </tr> <tr> <td align='center' colspan='2'> <input type='submit' value='Change ID' /> </td> </tr> </table>"; } } Line 977 you will find edit user.

November 18, 2012
12 replies

Edit User Doesn't Work?

Shahed3639 replied to bloodless2010's topic in Engine Support

Yeah I get that to theres a bug with the edit user.

November 18, 2012
12 replies

Hellpp!!!!

Shahed3639 posted a topic in Engine Support

Everythink works with player shop apart from when you want to make a shop When I press create shop nothink happens. Pleassee can someone help me out. <?php session_start(); require "global_func.php"; if($_SESSION['loggedin']==0) { header("Location: login.php");exit; } $userid=$_SESSION['userid']; require "header.php"; $h = new headers; $h->startheaders(); include "mysql.php"; global $c; $is=mysql_query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid",$c) or die(mysql_error()); $ir=mysql_fetch_array($is); check_level(); $fm=money_formatter($ir['money']); $cm=money_formatter($ir['crystals'],''); $lv=date('F j, Y, g:i a',$ir['laston']); $h->userdata($ir,$lv,$fm,$cm); $h->menuarea(); if($ir[hospital]>0) { die("You are in the hospital for {$ir[hospital]} minutes."); } if($ir[jail]>0) { die("You are in jail for {$ir[jail]} minutes."); } $getshops=mysql_query("select * from usershops where userid=$userid"); if(mysql_num_rows($getshops)!=0) { echo ("Sorry, but you already own a shop!"); exit($h->endpage()); } if($_POST['submit']) { //shop cost based on how many shops are already made (default) $f=mysql_query("SELECT id FROM usershops"); $shops=mysql_num_rows($f); $shopcost=(($shops*1000)+1000); //fixed shop cost (not default - uncomment the line below, and delete/comment the 3 lines above to use fixed) //$shopcost=100; if($ir['money'] < $shopcost) { echo("<center>You don't have enough money to open a shop! You need at least $$shopcost.</center>"); exit($h->endpage()); } $name=mysql_real_escape_string($_POST['name']); $description=mysql_real_escape_string($_POST['description']); $image=mysql_real_escape_string($_POST['image']); mysql_query("INSERT INTO usershops VALUES('','$userid','$name','$description','$image','5','0','0')") or die(mysql_error()); $i=mysql_insert_id($c); mysql_query("update users set money=money-$shopcost where userid=$userid"); print "You have successfully created your own shop!<br><a href='myshop.php'>Click here to manage your shop</a>"; } else { print " <div class='generalinfo_txt'> <div><img src='images/info_left.jpg' alt='' /></div> <div class='info_mid'><h2 style='padding-top:10px;'> Create Shop</h2></div> <div><img src='images/info_right.jpg' alt='' /></div> </div> <div class='generalinfo_simple'><br> <br><br> <table align=center class=table><tr><th colspan=2>Creating your Own Shop</th></tr> <tr><td width=60%>Shop Name:</td><td><form action=createshop.php?method=post><input type=hidden name=submit value=1><input type=text STYLE='color: black; background-color: white;' name=name></td></tr> <tr><td width=60%>Shop Description:</td><td><textarea STYLE='color: black; background-color: white;' name=description rows=5 cols=20></textarea></td></tr> <tr><td width=60%>Shop Sign:<br><font size=1>direct url to image</font></td><td><input type=text STYLE='color: black; background-color: white;' name=image></td> <tr><td colspan=2><input type=submit STYLE='color: black; background-color: white;' value='Create your Shop!'></form></td></tr> </table> </div><div><img src='images/generalinfo_btm.jpg' alt='' /></div><br></div></div></div></div></div> "; } $h->endpage(); ?>

November 17, 2012

mccode-v2 [User Comments]

Shahed3639 replied to iSOS's topic in Free Modifications

Fixed it................

November 17, 2012
34 replies

mccode-v2 [User Comments]

Shahed3639 replied to iSOS's topic in Free Modifications

<?php session_start(); require "global_func.php"; if($_SESSION['loggedin']==0) { header("Location: login.php");exit; } $userid=$_SESSION['userid']; require "header.php"; $h = new headers; $h->startheaders(); include "mysql.php"; global $c; $is=mysql_query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid",$c) or die(mysql_error()); $ir=mysql_fetch_array($is); check_level(); $fm=money_formatter($ir['money']); $cm=money_formatter($ir['crystals'],''); $lv=date('F j, Y, g:i a',$ir['laston']); $h->userdata($ir,$lv,$fm,$cm); $h->menuarea(); if(isset($_GET['Delete'])) { $Data = mysql_query("SELECT `RecieverID` FROM `gComments` WHERE (`ID` = ".abs(intval($_GET['ID'])).") AND (`RecieverID` = ".$_SESSION['userid'].")",$c); if(mysql_num_rows($Data)) { mysql_query("DELETE FROM `gComments` WHERE (`ID` = ".abs(intval($_GET['ID'])).")"); echo ('The comment chose has been deleted. <br /><a href = "index.php"><span style = "color:#8B0000">Go Home</span></a><br />'); exit($h->endpage()); } else{ echo ('This comment doesn\'t belong to you.<br /><a href = "index.php"><span style = "color:#8B0000">Go Home</span></a><br />'); exit($h->endpage()); } } if((isset($_POST['comment']))) { if(empty($_POST['comment'])) { echo ('You\'ve failed to fill the form in correctly.'); exit($h->endpage()); } mysql_query("INSERT INTO `gComments` VALUES ('', ".$_SESSION['userid'].", ".abs(intval($_GET['ID'])).", '".mysql_real_escape_string(strip_tags($_POST['comment']))."')",$c); event_add(abs(intval($_GET['ID'])), ''.mysql_real_escape_string($ir['username']).' has just left a comment on your profile!'); echo ('Your comment has successfully been posted.<br /><a href ="index.php"<span style = "color:#8B0000">Go Home</span></a>'); exit($h->endpage()); } else{ echo (' <div class="generalinfo_txt"> <div><img src="images/info_left.jpg" alt="" /></div> <div class="info_mid"><h2 style="padding-top:10px;"> Posting Comments</h2></div> <div><img src="images/info_right.jpg" alt="" /></div> </div> <div class="generalinfo_simple"><br> <br><br> <form action = "Comments.php?ID='.$_GET['ID'].'" method = "post"> <input type = "text" size="50" STYLE="color: black; background-color: white;" name = "comment" value = "" /><br /> <input type = "submit" STYLE="color: black; background-color: white;" value = "Post Comment" /> </form><br /> <a href = "index.php"><span style = "color:#8B0000">Go Back</span></a><br /></div><div><img src="images/generalinfo_btm.jpg" alt="" /></div><br></div></div></div></div></div>'); } ?> <?php /* MCCodes FREE viewuser.php Rev 1.1.0 Copyright (C) 2005-2012 Dabomstew This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ session_start(); require "global_func.php"; if ($_SESSION['loggedin'] == 0) { header("Location: login.php"); exit; } $userid = $_SESSION['userid']; require "header.php"; $h = new headers; $h->startheaders(); include "mysql.php"; global $c; $is = mysql_query( "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", $c) or die(mysql_error()); $ir = mysql_fetch_array($is); check_level(); $fm = money_formatter($ir['money']); $cm = money_formatter($ir['crystals'], ''); $lv = date('F j, Y, g:i a', $ir['laston']); $h->userdata($ir, $lv, $fm, $cm); $h->menuarea(); $_GET['u'] = abs((int) $_GET['u']); if (!$_GET['u']) { print "Invalid use of file"; } else { $q = mysql_query( "SELECT u.*,us.*,c.*,h.*,f.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid LEFT JOIN cities c ON u.location=c.cityid LEFT JOIN houses h ON u.maxwill=h.hWILL LEFT JOIN fedjail f ON f.fed_userid=u.userid WHERE u.userid={$_GET['u']}", $c); if (mysql_num_rows($q) == 0) { print "Sorry, we could not find a user with that ID, check your source."; } else { $r = mysql_fetch_array($q); if ($r['user_level'] == 1) { $userl = "Member"; } else if ($r['user_level'] == 2) { $userl = "Admin"; } else if ($r['user_level'] == 3) { $userl = "Secretary"; } else if ($r['user_level'] == 0) { $userl = "NPC"; } else if ($r['user_level'] == 4) { $userl = "IRC Mod"; } else { $userl = "Assistant"; } $lon = date('F j, Y g:i:s a', $r['laston']); $sup = date('F j, Y g:i:s a', $r['signedup']); $ts = $r['strength'] + $r['agility'] + $r['guard'] + $r['labour'] + $r['IQ']; $d = ""; $la = time() - $r['laston']; $unit = "seconds"; if ($la >= 60) { $la = (int) ($la / 60); $unit = "minutes"; } if ($la >= 60) { $la = (int) ($la / 60); $unit = "hours"; if ($la >= 24) { $la = (int) ($la / 24); $unit = "days"; } } if ($r['donatordays']) { $r['username'] = "<font color=red>{$r['username']}</font>"; $d = "<img src='donator.gif' alt='Donator: {$r['donatordays']} Days Left' title='Donator: {$r['donatordays']} Days Left' />"; } if ($r['laston'] >= time() - 15 * 60) { $on = "<font color=green><b>Online</b></font>"; } else { $on = "<font color=red><b>Offline</b></font>"; } print "<h3>Profile for {$r['username']}</h3> <table width=75%><tr style='background:gray'><th>General Info</th><th>Financial Info</th> <th>Display Pic</th></tr> <tr><td>Name: {$r['username']} [{$r['userid']}] $d<br /> User Level: $userl<br /> Duties: {$r['duties']}<br /> Gender: {$r['gender']}<br /> Signed Up: $sup<br /> Last Active: $lon<br /> Last Action: $la $unit ago<br /> Online: $on<br /> Days Old: {$r['daysold']}<br /> Location: {$r['cityname']}</td><td> Money: \${$r['money']}<br /> Crystals: {$r['crystals']}<br /> Property: {$r['hNAME']}<br /> Referals: "; $rr = mysql_query( "SELECT * FROM referals WHERE refREFER={$r['userid']}", $c); print mysql_num_rows($rr); $q_y = mysql_query( "SELECT * FROM friendslist WHERE fl_ADDED={$r['userid']}", $c); $q_z = mysql_query( "SELECT * FROM blacklist WHERE bl_ADDED={$r['userid']}", $c); print "<br /> Friends: " . mysql_num_rows($q_y) . "<br /> Enemies: " . mysql_num_rows($q_z) . " </td> <td rowspan='2'>"; if ($r['display_pic']) { print "<img src='{$r['display_pic']}' width='150' height='150' alt='User Display Pic' title='User Display Pic' />"; } else { print "This user has no display pic!"; } print "</td></tr> <tr style='background:gray'><th>Physical Info</th><th>Links</th></tr> <tr><td>Level: {$r['level']}<br /> Health: {$r['hp']}/{$r['maxhp']}<br />"; if ($r['fedjail']) { print "<br /><b><font color=red>In federal jail for {$r['fed_days']} day(s).<br /> {$r['fed_reason']}</font>"; } if ($r['hospital']) { print "<br /><b><font color=red>In hospital for {$r['hospital']} minutes.<br />{$r['hospreason']}</font></b>"; } if ($r['jail']) { print "<br /><b><font color=red>In jail for {$r['jail']} minutes.<br />{$r['jailreason']}</font></b>"; } if ($ir['user_level'] == 2 || $ir['user_level'] == 3 || $ir['user_level'] == 5) { print "<br />IP Address: {$r['lastip']}"; $e_staffnotes = htmlentities($r['staffnotes'], ENT_QUOTES, 'ISO-8859-1'); print "<form action='staffnotes.php' method='post'> Staff Notes: <br /> <textarea rows=7 cols=40 name='staffnotes'>{$e_staffnotes}</textarea> <br /><input type='hidden' name='ID' value='{$_GET['u']}' /> <input type='submit' value='Change' /></form>"; } print "</td><td>[<a href='mailbox.php?action=compose&ID={$r['userid']}'>Send Mail</a>]<br /><br /> [<a href='sendcash.php?ID={$r['userid']}'>Send Cash</a>]<br /><br /> [<a href='attack.php?ID={$r['userid']}'>Attack</a>]<br /><br /> <a href='assassination.php?ID={$r['userid']}'>[Assassinate]</a>"; if ($ir['user_level'] == 2 || $ir['user_level'] == 3 || $ir['user_level'] == 5) { print "<br /><br /> [<a href='jailuser.php?userid={$r['userid']}'>Jail</a>]<br /><br /> [<a href='mailban.php?userid={$r['userid']}'>MailBan]"; } if ($ir['donatordays'] > 0) { print "<br /><br /> [<a href='friendslist.php?action=add&ID={$r['userid']}'>Add Friends</a>]<br /><br /> [<a href='blacklist.php?action=add&ID={$r['userid']}'>Add Enemies</a>]<br /><br /></a><br /><br /></a><br /><br />"; } echo ('<tr> <td align = "center" colspan = "3"><a href = "/Comments.php?ID='.$_GET['u'].'"><span style = "color:#8B0000">Add Comment</span></a></td> </tr> </table>'); echo (' <table width = "85%" cellspacing = "1" class = "table"> <tr> <th colspan = "3">User Comments</th> </tr>'); $Data = mysql_query("SELECT g.`ID`,g.`SenderID`,g.`RecieverID`,g.`Comment`,u.` userid`,u.`username` FROM `gComments` g LEFT JOIN `users` u "."ON g.`SenderID` = u.`userid` WHERE (`RecieverID` = ".abs(intval($_GET['u'])).") LIMIT 20"); if(!mysql_num_rows($Data)) { echo ('<tr> <td colspan = "1"><center>This user has no comments.</center></td> </tr> </table>'); exit(); }else{ while($cData = mysql_fetch_array($Data)) { echo (' <tr> <td width = "15%" align="center">'.htmlentities($cData['username']).'</td> <td align="center">'.stripslashes(htmlentities($cData['Comment'], ENT_QUOTES)).'</td>'); if(($_SESSION['userid'] === $cData['RecieverID']) || $ir['user_level'] == 2) { echo (' <td width = "10%" align = "center"><a href = "/Comments.php?Delete&ID='.$cData['ID'].'"><span style = "color:#8B0000">Delete</span></a></td>'); } } echo ('</tr>'); } } echo ('</tr></table>'); } $h->endpage(); Can some one help me pleasee Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in /home/gangst43/public_html/viewuser.phpon line 247

November 17, 2012
34 replies

Converting

Shahed3639 replied to ? Sparks ?'s topic in Free Modifications

Thanks this helped alot

October 31, 2012
3 replies

Crystal Gym Conversion

Shahed3639 posted a topic in Free Modifications

Okay here is a converted gym into a Crystal Gym I converted. (is this alowed?) I need someone to help me out by Adding Only Donators can use. and 100 Crystals per click and 50% of the will used from the house but no will taken away from the bar. Can someone do this for me pleasee. <?php /* MCCodes FREE gym.php Rev 1.1.0 Copyright (C) 2005-2012 Dabomstew This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ session_start(); require "global_func.php"; if ($_SESSION['loggedin'] == 0) { header("Location: login.php"); exit; } $userid = $_SESSION['userid']; require "header.php"; $h = new headers; $h->startheaders(); include "mysql.php"; global $c; $is = mysql_query( "SELECT u.*,us.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid WHERE u.userid=$userid", $c) or die(mysql_error()); $ir = mysql_fetch_array($is); check_level(); $fm = money_formatter($ir['money']); $cm = money_formatter($ir['crystals'], ''); $lv = date('F j, Y, g:i a', $ir['laston']); $out = ""; $_GET['times'] = abs((int) $_GET['times']); if (isset($_GET['train'])) { if ($_GET['train'] != "strength" && $_GET['train'] != "agility" && $_GET['train'] != "guard" && $_GET['train'] != "labour") { $h->userdata($ir, $lv, $fm, $cm); $h->menuarea(); die("Abusers aren't allowed."); } $tgain = 0; for ($i = 1; $i <= $_GET['times'] && $ir['crystals'] > 0; $i++) { if ($ir['crystals'] > 0) { $gain = rand(1, 3) / rand(800, 1000) * rand(800, 1000) * (($ir['will'] + 20) / 150); $tgain += $gain; if ($_GET['train'] == "IQ") { $gain /= 100; } $ir[$_GET['train']] += $gain; $egain = $gain / 10; $ts = $ir[$_GET['train']]; $st = $_GET['train']; mysql_query( "UPDATE userstats SET $st=$st+" . $gain . " WHERE userid=$userid", $c) or die( "UPDATE userstats SET $st=$st+$gain,crystals=crystals-1,exp=exp+$egain WHERE userid=$userid<br />" . mysql_error()); $wu = (int) (rand(1, 3)); if ($ir['will'] >= $wu) { $ir['will'] -= $wu; mysql_query( "UPDATE users SET crystals=crystals-1,exp=exp+$egain,will=will-$wu WHERE userid=$userid", $c); } else { $ir['will'] = 0; mysql_query( "UPDATE users SET crystals=crystals-1,exp=exp+$egain,will=0 WHERE userid=$userid", $c); } $ir['crystals'] -= 1; $ir['exp'] += $egain; } else { $out = "You do not have enough crystals to train."; } } $stat = $ir[$st]; $i--; $out = "You begin training your $st.<br /> You have gained $tgain $st by training it $i times.<br /> You now have $stat $st and {$ir['crystals']} crystals left.<br /><br />"; } else { $out = "<h3>Crystal Gym: Main Lobby<h3>"; } $h->userdata($ir, $lv, $fm, $cm); $h->menuarea(); print $out; print "Enter the amount of times you wish to train and choose the stat to train.<br /> You can train up to {$ir['crystals']} times.<br /><form action='cgym.php' method='get'> <input type='text' name='times' value='1' /><select type='dropdown' name='train'> <option value='strength'>Strength</option> <option value='agility'>Agility</option> <option value='labour'>Labour</option> <option value='guard'>Guard</option></select><br /> <input type='submit' value='Train!' /></form>"; $h->endpage();

October 29, 2012
2 replies

Help!?

Shahed3639 replied to Shahed3639's topic in Engine Support

Bump!!!!!!!!!!!!!!!!!!!!!!!

October 28, 2012
6 replies

Help!?

Shahed3639 replied to Shahed3639's topic in Engine Support

and my hospital it says Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /home/infamo19/public_html/hospital.phpon line 53 and It doesnt update when someones In hospital.

October 28, 2012
6 replies

Game Graphics [FREE]

Shahed3639 replied to The Coder's topic in Art and Content

Tanvirul is that you? Who play CW

October 28, 2012
1 reply

Help!?

Shahed3639 replied to Shahed3639's topic in Engine Support

In Item management the funtions dont work for some reason? When i add the funtions to global func It kills the whole game. So I have to take it off for the game to work Here is the function

October 28, 2012
6 replies

Help!?

Shahed3639 replied to Shahed3639's topic in Engine Support

Its Mccode v1 well the Jail and hospital doesnt update for the members and it doesnt show people in jail or hospital And I get errors.

October 28, 2012
6 replies

Help!?

Shahed3639 posted a topic in Engine Support

(Idk if this is in the right forum but yeah) I need help atm with my game infamouswars.x10.mx I badly need help With hospital and jail I need a person to help me out for free Its quite hard for me. Im doing media for gcse so i choose to make a game. So can some one help me out pleasee Pleasse Inbox me.

October 28, 2012
6 replies

Sign In

Posts

Joined

Last visited

Recent Profile Visitors

Shahed3639's Achievements

Newbie (1/14)

Reputation

Edit User Doesn't Work?

Edit User Doesn't Work?

Edit User Doesn't Work?

Edit User Doesn't Work?

Hellpp!!!!

mccode-v2 [User Comments]

mccode-v2 [User Comments]

Converting

Crystal Gym Conversion

Help!?

Help!?

Game Graphics [FREE]

Help!?

Help!?

Help!?

Browse

Activity

Hosting