Magictallguy

  Speaks for itself :)

That code is a mess Peter, fix it! xD

Add into your class_db_{whichever driver you use}.php after the last } (before the ?>)   date_default_timezone_set('YOUR TIMEZONE HERE AS DEFINED BY http://www.php.net/manual/en/timezones.php');

It's been a while since I've used v1, but I remember the tricks. I'd be happy to help :)

And where am I? xD

I've not bug checked or tested, this was on-the-fly. Insert your own security measures. Keep in mind that I haven't worked on an MC Craps system for a while - there most likely will be bugs Insert the cases of editdonpack and deldonpack case 'editdonpack': editDonPack(); break; case 'deldonpack': delDonPack(); break;   Overwrite the previous create_dp_form and create_dp_form2() functions and paste this in <?php #Remove this line <?php function create_dp_form() { global $db, $ir, $h; if(!isset($_POST['submit'])) { ?><h2>Create New DP <h2> <form action='staff_special.php?action=createdpform' method='post'> Package: <input type='text' name='package' /><br /> Dsys: <input type='text' name='days' /><br /> Money: <input type='text' name='money' /><br /> Crystals: <input type='text' name='crystals' /><br /> Items: <input type='text' name='items' /><br /> Cost: <input type='text' name='cost' value='0.00' /><br /> <input type='submit' name='submit' value='Create DP' /> </form><? } else { if($ir['user_level'] != 2) { echo "You're not an administrator"; $h->endpage(); exit; } $dontMiss = array( 'package', 'days', 'cost' ); foreach($dontMiss as $name) { $_POST[$name] = isset($_POST[$name]) && ctype_alnum($_POST[$name]) ? $_POST[$name] : null; if(empty($_POST[$name])) { echo "You missed something: " . $name; $h->endpage(); exit; } } $db->query(sprintf("INSERT INTO `donpage` (`dp_ID`, `package`, `days`, `money`, `crystals`, `items`, `cost`) VALUES ('%s', %u, %u, %u, %u, %s)", $db->escape($_POST['package']), $_POST['days'], $_POST['money'], $_POST['crystals'], $db->escape($_POST['items']), $_POST['cost'])); stafflog_add("Created a donator pack"); echo "Donator Pack Complete"; } } function editDonPack() { global $db, $ir, $h; if($ir['user_level'] != 2) { echo "You're not an administrator"; $h->endpage(); exit; } echo "<h3>Editing a donator pack</h3>"; $_GET['step'] = isset($_GET['step']) && ctype_alpha($_GET['step']) ? abs(@intval($_GET['step'])) : null; switch($_GET['step']) { default: $select = $db->query("SELECT `dp_ID`, `package`, `days` FROM `donpage` ORDER BY `dp_ID` ASC"); if(!$db->num_rows($select)) { echo "There are no donator packs to edit"; $h->endpage(); exit; } echo "Select a pack to edit<br /> <form action='staff_special.php?action=editdonpack&step=1' method='post'> <select name='pID' type='dropdown'>"; while($don = $db->fetch_row($select)) { printf("<option value='%u'>%s (%s Days)</option>", $don['dp_ID'], stripslashes($don['package']), number_format($don['days'])); } echo "</select> <input type='submit' value='Submit' /> </form>"; break; case 1: $_POST['pID'] = isset($_POST['pID']) && ctype_digit($_POST['pID']) ? abs(@intval($_POST['pID'])) : null; if(empty($_POST['pID'])) { echo "You didn't select a valid pack to edit"; $h->endpage(); exit; } $select = $db->query(sprintf("SELECT * FROM `donpage` WHERE (`dp_ID` = %u)", $_POST['pID'])); if(!$db->num_rows($select)) { echo "There are no donator packs to edit"; $h->endpage(); exit; } $don = $db->fetch_row($select); echo "<form action='staff_special.php?action=editdonpack&step=2' method='post> <input type='hidden' name='pID' value='" . $_POST['pID'] . "' /> Package: <input type='text' name='package' " . $don['package'] . " /><br /> Dsys: <input type='text' name='days' value='" . $don['days'] . "' /><br /> Money: <input type='text' name='money' value='" . $don['money'] . "' /><br /> Crystals: <input type='text' name='crystals' value='" . $don['crystals'] . "' /><br /> Items: <input type='text' name='items' value='" . $don['items'] . "' /><br /> Cost: <input type='text' name='cost' value='" . $don['cost'] . "' /><br /> <input type='submit' value='Edit Donator Pack' /> </form>"; break; case 2: $_POST['pID'] = isset($_POST['pID']) && ctype_digit($_POST['pID']) ? abs(@intval($_POST['pID'])) : null; if(empty($_POST['pID'])) { echo "You didn't select a valid pack to edit"; $h->endpage(); exit; } $select = $db->query(sprintf("SELECT `package` FROM `donpage` WHERE (`dp_ID` = %u)", $_POST['pID'])); if(!$db->num_rows($select)) { echo "That pack doesn't exist"; $h->endpage(); exit; } $pack = $db->fetch_single($select); $dontMiss = array( 'package', 'days', 'cost' ); foreach($dontMiss as $name) { $_POST[$name] = isset($_POST[$name]) && ctype_alnum($_POST[$name]) ? $_POST[$name] : null; if(empty($_POST[$name])) { echo "You missed something: " . $name; $h->endpage(); exit; } } $db->query(sprintf("UPDATE `donpage` SET `package` = '%s', `days` = %u, `money` = %u, `crystals` = %u, `items` = '%s', `cost` = '%s' WHERE (`dp_ID` = %u)", $_POST['package'], $_POST['days'], $_POST['money'], $_POST['crystals'], $_POST['items'], $_POST['cost'], $_POST['pID'])); stafflog_add("Edited a donator pack"); $what = ($pack == $_POST['package']) ? $pack : $pack . " > " . $_POST['package']; echo $what . " has been edited"; break; } } function deleteDonPack() { global $db, $ir, $h; if($ir['user_level'] != 2) { echo "You're not an administrator"; $h->endpage(); exit; } echo "<h3>Deleting a donator pack</h3>There is no confirmation, make sure you select the right pack<br />"; if(!isset($_POST['submit'])) { $select = $db->query("SELECT `dp_ID`, `package`, `days` FROM `donpage` ORDER BY `dp_ID` ASC"); if(!$db->num_rows($select)) { echo "There are no donator packs to edit"; $h->endpage(); exit; } echo "Select a pack to edit<br /> <form action='staff_special.php?action=deldonpack' method='post'> <select name='pID' type='dropdown'>"; while($don = $db->fetch_row($select)) { printf("<option value='%u'>%s (%s Days)</option>", $don['dp_ID'], stripslashes($don['package']), number_format($don['days'])); } echo "</select> <input type='submit' name='submit' value='Submit' /> </form>"; } else { $_POST['pID'] = isset($_POST['pID']) && ctype_digit($_POST['pID']) ? abs(@intval($_POST['pID'])) : null; if(empty($_POST['pID'])) { echo "You didn't select a valid pack to edit"; $h->endpage(); exit; } $select = $db->query(sprintf("SELECT `package` FROM `donpage` WHERE (`dp_ID` = %u)", $_POST['pID'])); if(!$db->num_rows($select)) { echo "That pack doesn't exist"; $h->endpage(); exit; } $pack = $db->fetch_single($select); $db->query(sprintf("DELETE FROM `donpage` WHERE (`dp_ID` = %u)", $_POST['pID'])); stafflog_add("Deleted donator: " . $pack); echo "You have deleted donator pack: " . $pack; } }   smenu.php edit: Add your links staff_special.php?action=editdonpack staff_special.php?action=deldonpack

Ctrl + U, edit where necessary

The link is in my signature. Excuse the layout, I'm attempting to implement a new one, but I'm not having much luck lol - absolute crap with layouts xD

Ah, 'tis just a saying, sniko. Don't worry :P *grins evilly*

Well, I've tested my security with every method I know, and my beta members have tested it with ways I didn't, and so far, not a hitch ^.^

Ah ha, cheek! :P For its time, my security was one of the best MC Craps had seen xD I've brought myself up to date with PHP 5.4 though, so we're all good :)

I'm absolute sh*te with layouts..

I am soooooo glad to be back :D

It's Notepad++'s Indent Guide - I use it so I can see where I've tabbed a little easier.

I've basically ripped the layout from MC Craps (as I can't design for sh*t), but the code is mine ;) - though, with an idea of mine (yeah, they happen, 'tis rare! :P), I've made it so it'd be compatible (with a few edits) with MC Craps v2 scripts. Snippet can be found here - I will post up more if need be

For those wanting to keep up to date my activity; MTG Codes is now open for beta testing. http://magictallguy.tk/mtgCodes

I meant -->this<--, but still. I may re-create the in game I used to have.

If you would like some help installing, send me a message :)

Thank you. You've given me an idea for my gallery too ;)

For us non-moderators, there's a quote function that'll help ;)

I've just tested the code and it works fine, make sure you copy the entire code (this forum's syntax highlighter appears to be a little .. odd)

Good to see yours too :D

Sounds fair enough. I'll update now. It's not I was only trying to give someone else a script to use on MC Craps with their style or anything :P Thanks for the pointers though, I didn't know filter_input existed! *updates all codes to reflect new knowledge*

I have absolutely no idea whether this has been done before, so here's my version of a Game Rules overhaul. Keep in mind, I did develop this originally for MTG Codes, figured it may be useful to someone, and converted it to MC Craps v2 - any errors, give me a shout. The usage is simple: Upload this gamerules.php, (be sure to make a copy of your current rules), run the SQL, continue as normal. gamerules.php <?php require_once __DIR__ . '/globals.php'; ?> <h1><?php echo stripslashes($set['game_name']); ?>: Rules and Regulations</h1> <?php $_GET['ID'] = array_key_exists('ID', $_GET) && is_numeric($_GET['ID']) && (int)$_GET['ID'] > 0 ? (int)$_GET['ID'] : null; $_GET['action'] = array_key_exists('action', $_GET) ? $_GET['action'] : null; switch ($_GET['action']) { case 'add': rule_add($db, $ir, $set, $h); break; case 'edit': rule_edit($db, $ir, $set, $h); break; case 'delete': rule_delete($db, $ir, $set, $h); break; default: rule_index($db, $ir, $set); break; } /** * @param database $db * @param array $ir * @param array $set * @return void */ function rule_index($db, $ir, $set) { $count = 0; $width = (2 == $ir['user_level']) ? 85 : 95; $colspan = (2 == $ir['user_level']) ? 3 : 2; $select = $db->query('SELECT * FROM game_rules ORDER BY ruleID'); ?> <table class="table" style="width:100%;"> <thead> <tr> <th scope="col" style="width:5%;">#</th> <th scope="col" style="width:<?php echo $width; ?>;%">Rule</th> <?php if (2 == $ir['user_level']) { ?> <th style="width:10%;">Links &middot; <a href="gamerules.php?action=add"><img src="/silk/add.png" title="Add Rule" alt="Add" /></a></th> <?php } ?> </tr> </thead> <tbody> <?php if (!$db->num_rows($select)) { ?> <tr> <td colspan="<?php echo $colspan; ?>" style="text-align:center;">No rules have been set. Tell an admin to get their ass to it!</td> </tr> <?php } else { $playerName = $db->fetch_single($db->query('SELECT username FROM users WHERE (userid = 1)')); // Assuming that main admin is ID 1. Change to reflect your game $findReplace = [ '{name}' => $set['game_name'], '{owner}' => '<a href=\'viewuser.php?u=1\'>' . $playerName . '</a>', ]; while ($row = $db->fetch_row($select)) { ++$count; ?> <tr> <td><?php echo $count; ?></td> <td><?php echo strtr(stripslashes($row['ruleText']), $findReplace); ?></td> <?php if (2 == $ir['user_level']) { ?> <td> <a href="gamerules.php?action=edit&amp;ID=<?php echo $row['ruleID']; ?>">Edit</a> &middot; <a href="gamerules.php?action=delete&amp;ID=<?php echo $row['ruleID']; ?>">Delete</a> </td> <?php } ?> </tr> <?php } } ?> </tbody> </table> <?php } /** * @param database $db * @param array $ir * @param array $set * @param header $h * @return void */ function rule_add($db, $ir, $set, $h) { if (2 != $ir['user_level']) { echo 'You don\'t have access to this'; $h->endpage(); exit; } if (array_key_exists('submit', $_POST)) { $_POST['newRule'] = array_key_exists('newRule', $_POST) && is_string($_POST['newRule']) && strlen($_POST['newRule']) > 0 ? strip_tags(trim($_POST['newRule'])) : null; if (!empty($_POST['newRule'])) { $selectDup = $db->query('SELECT COUNT(ruleID) FROM game_rules WHERE LOWER(ruleText) = \'' . strtolower($db->escape($_POST['newRule'])) . '\''); if (!$db->fetch_single($selectDup)) { $db->query('INSERT INTO game_rules (ruleText) VALUES (\'' . $db->escape($_POST['newRule']) . '\')'); echo 'Your new rule has been added'; } else { echo 'That rule already exists'; } } else { echo 'You didn\'t enter a valid rule'; } } ?> <form action="gamerules.php?action=add" method="post"> <div class="form-group"> <label for="newRule">Rule</label> <textarea name="newRule" id="newRule" class="form-control" rows="7" autofocus required></textarea> </div> <button type="submit" name="submit" class="btn btn-primary"> <span class="fas fa-check"></span> Add Rule </button> </form> <?php rule_index($db, $ir, $set); } /** * @param database $db * @param array $ir * @param array $set * @param header $h * @return void */ function rule_edit($db, $ir, $set, $h) { if (2 != $ir['user_level']) { echo 'You don\'t have access to this'; $h->endpage(); exit; } if (empty($_GET['ID'])) { echo 'You didn\'t select a rule to modify'; $h->endpage(); exit; } $select = $db->query('SELECT ruleText FROM game_rules WHERE ruleID = ' . $_GET['ID']); if (!$db->num_rows($select)) { echo 'That rule doesn\'t exist'; $h->endpage(); exit; } $row = $db->fetch_row($select); if (array_key_exists('submit', $_POST)) { $_POST['ruleText'] = array_key_exists('ruleText', $_POST) && is_string($_POST['ruleText']) && $_POST['ruleText'] !== '' ? strip_tags(trim($_POST['ruleText'])) : null; if (!empty($_POST['ruleText'])) { $selectDup = $db->query('SELECT COUNT(ruleID) FROM game_rules WHERE LOWER(ruleText) = \'' . $db->escape($_POST['ruleText']) . '\' AND ruleID <> ' . $_GET['ID']); if (!$db->fetch_single($selectDup)) { $db->query('UPDATE game_rules SET ruleText = \'' . $db->escape($_POST['ruleText']) . '\' WHERE ruleID = ' . $_GET['ID']); echo 'Rule edited'; rule_index($db, $ir, $set); $h->endpage(); exit; } else { echo 'That rule already exists'; } } else { echo 'You didn\'t enter a valid rule'; } } ?> <form action="gamerules.php?action=edit&amp;ID=<?php echo $_GET['ID']; ?>" method="post"> <div class="form-group"> <label for="ruleText">Rule</label> <textarea name="ruleText" id="ruleText" class="form-control" rows="10" autofocus required><?php echo stripslashes(htmlspecialchars($row['ruleText'])); ?></textarea> </div> <button type="submit" name="submit" class="btn btn-primary"> <span class="fas fa-check"></span> Edit Rule </button> </form> <?php rule_index($db, $ir, $set); } /** * @param database $db * @param array $ir * @param array $set * @param header $h * @return void */ function rule_delete($db, $ir, $set, $h) { if (2 != $ir['user_level']) { echo 'You don\'t have access to this'; $h->endpage(); exit; } if (empty($_GET['ID'])) { echo 'You didn\'t select a rule to delete'; $h->endpage(); exit; } $select = $db->query('SELECT ruleID FROM game_rules WHERE ruleID = ' . $_GET['ID']); if (!$db->num_rows($select)) { echo 'That rule doesn\'t exist'; $h->endpage(); exit; } $db->query('DELETE FROM game_rules WHERE ruleID = ' . $_GET['ID']); echo 'Rule deleted'; rule_index($db, $ir, $set); } $h->endpage(); SQL CREATE TABLE IF NOT EXISTS `game_rules` ( `ruleID` int(11) NOT NULL AUTO_INCREMENT, `ruleText` text NOT NULL, PRIMARY KEY (`ruleID`) ); Now, for those of you using the bog standard rules, simply run this SQL *AFTER* running the previous one to create the table to insert the standard rules. INSERT INTO `game_rules` (`ruleID`, `ruleText`) VALUES (1, 'Players are only allowed to have one account, owning two or more accounts will result in all accounts being jailed,'), (2, 'if you are on the same IP as another player, mail staff and let them know.'), (3, 'You are responsible for whatever happens on your account, don\'t give out your password to anyone.'), (4, 'Children play this game, so keep it PG-13. Mild swearing will be permitted, but F-bombing, sexual vulgarities or excessive swearing will result in some time in Fed until you clean up your act.'), (6, 'Profile images with nudity, profanity, or otherwise offensive images will be removed, and may result in jail time.'), (7, 'We understand that you play other games, but do not advertise them here. You get 1 warning, afterwards its Fed time.'), (8, 'Do not spam the staff\'s mailbox, if you have a problem, message one of us once. They will deal with your problem in a timely manner, but do not mail them repeatedly, or mail multiple staff members.'), (9, 'Do not harass other players, use common sense on this one, if you don\'t know when your crossing the line from fantasy into'), (10, 'harassment, assume that you are harassing the other player. This will not be tolerated and will result in a stiff punishment.'), (11, 'Scamming will not be tolerated in any manner. Any attempt to scam anyone will result in being jailed for a long long time.'), (12, 'If a member of staff is bothering you for any unfair or just plain, weird reason, mail {owner}'), (13, 'Common sense rules are not posted here, if you can\'t determine the difference between what is ok, and what is not, you should consider not interacting with other people until you do understand.'), (14, 'These rules are subject to change without notice, check them from time to time, as ignorance will not be accepted as an excuse.');

Just read your topic title again and this happened: