Jordan Palmer
-
Posts
1,660 -
Joined
-
Last visited
-
Days Won
1
Content Type
Profiles
Forums
Events
Everything posted by Jordan Palmer
-
Okay I got bored and decided to update, I hope you don't mind Status; UNTESTED <?php include(DIRNAME(__FILE__) . '/globals.php'); /* Change this only */ $from ="From: [email][email protected][/email]"; /* Email Setup (Already Setup) */ $email=$em['email']; $subject =$_POST['subject']; $message =$_POST['email']; /* DON'T EDIT ANYTHING BELOW */ $_GET['act'] = isset($_GET['act']) && ctype_alpha($_GET['act']) ? trim($_GET['act']) : ''; switch($_GET['act']) { case 'sendmail': send_mail(); break; default: mail_index(); break; } if(!in_array($_GET['act'], 'sendmail','mail_index')) { echo "Invalid Action"; $h->endpage(); exit; } function mail_index() { global $ir,$h; if($ir['user_level'] < 2) { print "Nice try."; $h->endpage(); exit; } print "<h3>".$set['game_name']." Newletter</h3>"; print "<table class='table' width='75%' cellspacing='0' cellpadding='3'><tr><th colspan='2'>Select a subject</th></tr> <form action='?act=sendmail' method='post'> <tr><td>Subject: </td><td><input type='text' name='subject' value='Subject here' /></td></tr> <tr><td>Email: </td><td><textarea rows=10 cols=50 name='email'></textarea></td></tr> <tr><td colspan='2'><center><input type='submit' value='Send mass mail' /></form></center></td></tr></table>"; $h->endpage(); } function send_mail() { global $db,$h; if($_POST['email'] == '') { print "You didnt enter a message to be sent lol"; $h->endpage(); exit; } if($_POST['subject'] == '') { print "You didnt enter a subject for your email"; $h->endpage(); exit; } $getem=$db->query("SELECT `email` FROM `users`"); while($em=$db->fetch_row($getem)) { mail($email,$subject,$message,$from); print "Message Sent Successfully"; $h->endpage(); } } ?> Should work :) All you have too edit is the $from.. I don't see a reason for it not work but meh..
-
Not too bad. Looks alright =) &It's okay Martin :)
-
So this is like a newsletter? :/ And shoudnt it be sglobals.php you're including as it's a staff file :/
-
Those look good... They'll surely get him some paid gfx work now lol
-
Ahh, I took that the wrong way. Sorry
-
Hmm..LOL good excuse to dump someone I guess "I'm sorry but you're making me understand codes that I dont need too" the girl would be like wtf lol :L
-
Who saying that I c+p -.-
-
*Checks Market* $10 I believe -
LOL...What about if you have a girlfriend and still understand it? :)
-
No rush man.
-
This sounds pretty cool..And I've never seen anything like it anywhere, Good Idea illusions
-
I'm with zeggy.. @zeggy; Good idea with you're site.. I checked it out a few weeks back and I actually liked it. :) I'll be happy to forward some tutorials I've written if the idea goes forward
-
@Zeggy; Very good point lol
-
<?php <a href=\'viewuser.php?u=".number_Format($userid)."\'> ?> WTF!! lmao fail much?
-
No offence, But you didn't -.-
-
Fixed. Thanks...As I said it's not been a good day so today I officially have an excuse to get things wrong lol
-
Well I got bored so I kinda updated it again >.< This time it's the actual code and should be fully secure, but i've been in bed all day so I *might* off missed something. Post if you do receive an error. <?php /* This is friendlist.php, I was asked to too update it, I'm pretty sure Danny696 did the recoding, and added the security though. Anyways..ENJOY! */ include(DIRNAME(__FILE__) . '/globals.php'); $donator = TRUE; if($donator == TRUE && $ir['donatordays'] == 0) { echo'Sorry. This feature is for donators only'; $h->endpage(); exit; } $_GET['action'] = isset($_GET['action']) && ctype_alpha($_GET['action']) ? trim($_GET['action']) : 'index'; switch($_GET['action']) { case 'add': friend_add(); break; case 'remove': friend_remove(); break; case 'comment': friend_comment(); break; default: index(); break; } if (!in_array($_GET['action'], array('add','remove','comment','index'))) { die("<h2>Illegal Operation</h2>"); $h->endpage(); exit; } function index() { global $db,$ir,$c,$userid,$h; $abc=$db->query("SELECT * FROM friendslist WHERE fl_ADDED=$userid",$c); $friendcount = $db->num_rows($abc); echo'<a href=?action=add>> Add a Friend</a> '; echo' <center>[b]'.number_format($friendcount).' players have added you as a friend[/b]</center> <center>Most Liked User: '; $q2r=$db->query("SELECT u.username,count( * ) as cnt,fl.fl_ADDED FROM friendslist fl LEFT JOIN users u on fl.fl_ADDED=u.userid GROUP BY fl.fl_ADDED ORDER BY cnt DESC LIMIT 1",$c) or die(mysql_error()); $r=0; while($r2r=$db->fetch_row($q2r)) { $r++; if($r > 1) { print " | "; } echo '[url="viewuser.php?u='.$r2r['fl_ADDED'].'"]'.stripslashes(htmlspecialchars($r2r['username'])).'['.number_format($r2r['fl_ADDED']).'][/url]'; } echo' </center>'; echo'<table cellspacing="2" cellpadding="2" border="1" style="background:#000000" class="table" width="85%"> <th>Name</th> <th>Mail</th> <th>Send Cash</th> <th>Bank Xfer</th> <th>Send Crystals</th> <th>Remove</th> <th>Comment</th> <th>Change Comment</th> <th>Status</th> <th>Last Online</th></tr>'; $q=$db->query("SELECT fl.*,u.* FROM friendslist fl LEFT JOIN users u ON fl.fl_ADDED=u.userid WHERE fl.fl_ADDER=$userid ORDER BY u.username ASC",$c); while($r=$db->fetch_row($q)) { if($r['laston'] >= time()-15*60) { $on="<font color=green>[b]Online[/b]</font>"; } else { $on="<font color=red>[b]Offline[/b]</font>"; } $d=""; if($r['donatordays']) { $r['username'] = '<font color=red>'.stripslashes($r['username']).'</font>'; $d='[img=donator.gif]'; } if(!$r['fl_COMMENT']) { $r['fl_COMMENT']="None"; } echo' <tr> <td>[url="viewuser.php?u='.$r['userid'].'"]'.stripslashes($r['username']).' ['.$r['userid'].'][/url]'.$d.'</td> <td>[url="mailbox.php?action=compose&ID='.$r['userid'].'"]<center>Send Message</center>[/url]</td> <td>[url="sendcash.php?ID='.$r['userid'].'"]<center>Send Cash</center>[/url]</td> <td>[url="sendbank.php?ID='.$r['userid'].'"]Bank Xfer[/url]</td></br /> <td>[url="sendcrys.php?ID='.$r['userid'].'"]Send Crystals[/url]</td> <td>[url="?action=remove&f='.$r['fl_ID'].'"]<center>Remove</center>[/url]</td> <td><center>'.stripslashes(htmlentities(htmlspecialchars($r['fl_COMMENT']))).'</center></td> <td>[url="?action=comment&f='.$r['fl_ID'].'"]<center>Change Comment</center>[/url]</td> <td><center>'.$on.'</center></td> <td><center>'.date('F j, Y g:i:s a',$r['laston']).'</center></td> </tr> '; } echo'</table>'; } function friend_add() { global $db,$ir,$c,$userid,$h; $_POST['ID'] = abs(@intval($_POST['ID'])); $_POST['comment']=str_replace(array("<",">","\n"),array("<",">"," "), $_POST['comment']); if($_POST['ID']) { $qc=$db->query("SELECT * FROM friendslist WHERE fl_ADDER=$userid AND fl_ADDED='".mysql_real_escape_string($_POST['ID'])."'"); $q=$db->query("SELECT * FROM users WHERE userid='".mysql_real_escape_string($_GET['ID'])."'"); if($db->num_rows($qc)) { echo'Why are you adding the same person twice...'; } elseif($userid==$_POST['ID']) { echo'Why are you adding yourself you your friends list, got no friends...'; } elseif($db->num_rows($q)==0) { echo'That user isnt a real person im afraid... Come back later...'; } else { $db->query("INSERT INTO friendslist VALUES('', $userid, ".mysql_real_escape_string($_POST['ID']).", '".mysql_real_escape_string($_POST['comment'])."')"); $r=$db->fetch_row($q); $db->query("UPDATE users SET friend_count=friend_count+1 WHERE userid='".mysql_real_escape_string($_POST['ID'])."'"); echo'You added '.stripslashes(htmlspecialchars($r['username'])).' to your friends list. [url="friendslist.php"]> Back[/url]'; } } else { echo' <h4>Adding a friend.</h4> <form action="?action=add" method="post"> Friends ID: <input typpe="text" name="ID" value="'.$_GET['ID'].'" /> Comment (optinal): <textarea name="comment" rows="7" cols="40"></textarea> <input type="submit" value="Add!" /></form>'; } } function friend_remove() { global $db,$ir,$c,$userid,$h; $q=$db->query("SELECT * FROM friendslist WHERE fl_ID='".mysql_real_escape_string($_POST['f'])."' AND fl_ADDER=$userid"); if($db->num_rows($q) == 0) { echo'You cannot remove something you havent got.'; } $r=$db->fetch_row($q); $db->query("DELETE FROM friendslist WHERE fl_ID='".mysql_real_escape_string($_POST['f'])."' AND fl_ADDER=$userid"); $db->query("UPDATE users SET friend_count=friend_count-1 WHERE userid=".$r['fl_ADDED'].""); echo'You have successfully removed the friends entry! [url="friendslist.php"]> Back[/url]'; } function friend_comment() { global $db,$ir,$c,$userid,$h; $_POST['f'] = abs(@intval($_POST['f'])); $_POST['comment']=str_replace(array("<",">","\n"),array("<",">"," "), $_POST['comment']); if($_POST['comment']) { $db->query("UPDATE friendslist SET fl_COMMENT='".mysql_real_escape_string($_POST['comment'])."' WHERE fl_ID=".mysql_real_escape_string($_POST['f'])." AND fl_ADDER=$userid"); echo'You have successfully changed the comment! [url="friendslist.php"]> Back[/url]'; } else { $q=$db->query("SELECT * FROM friendslist WHERE fl_ID=".mysql_real_escape_string($_POST['f'])." AND fl_ADDER=$userid"); if($db->num_rows($q)) { $r=$db->fetch_row($q); $comment=str_replace(array("<",">"," "), array("<",">","\n"), $r['fl_COMMENT']); echo 'Changing a comment. <form action="?action=comment" method="post"> <input type="hidden" name="f" value="'.mysql_real_escape_string($_GET['f']).'" /> New Comment: <textarea rows="7" cols="40" name="comment">'.mysql_real_escape_string($comment).'</textarea> <input type="submit" value="Change!" /></form>'; } else { echo'Stop trying to edit posts that arn\'t yours'; } } } $h->endpage(); ?>
-
This is a crap mod anyway, It'd take a second to code a simple one ^_^
-
How about telling us what you're after with a price range and the engine type..
-
I think as long as the output is secure you're fine...In some eye's I'll be wrong in my own I'm correct
-
I'm hoping you don't mind me editing and posting.. @Jd; Magic didn't post one? :/ @Zero; I'm fully aware off this, However I was asked to edit it, All I did was edit, post...:)
-
I hadn't edited the $_POST[]; or $_GET[]; as danny had already. But thanks :)
-
Hello.. I was asked on MSN to update a friend list for someone, I'll think Danny696 was the original author, I've simply changed the look, and added too it Nothing major, Got asked and thought I'd share.. <?php /* This is friendlist.php, I was asked to too update it, I'm pretty sure Danny696 did the recoding, and added the security though. Anyways..ENJOY! */ include(DIRNAME(__FILE__) . '/globals.php'); $donator = TRUE; if($donator == TRUE && $ir['donatordays'] == 0) { echo'Sorry. This feature is for donators only'; $h->endpage(); exit; } $_GET['action'] = isset($_GET['action']) && ctype_alpha($_GET['action']) ? trim($_GET['action']) : 'index'; switch($_GET['action']) { case 'add': friend_add(); break; case 'remove': friend_remove(); break; case 'comment': friend_comment(); break; default: index(); break; } if (!in_array($_GET['action'], array('add','remove','comment','index'))) { die("<h2>Illegal Operation</h2>"); $h->endpage(); exit; } function index() { global $db,$ir,$c,$userid,$h; $abc=$db->query("SELECT * FROM friendslist WHERE fl_ADDED=$userid",$c); $friendcount = $db->num_rows($abc); echo'<a href=?action=add>> Add a Friend</a> '; echo' <center>[b]'.number_format($friendcount).' players have added you as a friend[/b]</center> <center>Most Liked User: '; $q2r=$db->query("SELECT u.username,count( * ) as cnt,fl.fl_ADDED FROM friendslist fl LEFT JOIN users u on fl.fl_ADDED=u.userid GROUP BY fl.fl_ADDED ORDER BY cnt DESC LIMIT 1",$c) or die(mysql_error()); $r=0; while($r2r=$db->fetch_row($q2r)) { $r++; if($r > 1) { print " | "; } echo '[url="viewuser.php?u='.$r2r['fl_ADDED'].'"]'.$r2r['username'].'['.$r2r['fl_ADDED'].'][/url]'; } echo' </center>'; echo'<table cellspacing="2" cellpadding="2" border="1" style="background:#000000" class="table" width="85%"> <th>Name</th> <th>Mail</th> <th>Send Cash</th> <th>Bank Xfer</th> <th>Send Crystals</th> <th>Remove</th> <th>Comment</th> <th>Change Comment</th> <th>Status</th> <th>Last Online</th></tr>'; $q=$db->query("SELECT fl.*,u.* FROM friendslist fl LEFT JOIN users u ON fl.fl_ADDED=u.userid WHERE fl.fl_ADDER=$userid ORDER BY u.username ASC",$c); while($r=$db->fetch_row($q)) { if($r['laston'] >= time()-15*60) { $on="<font color=green>[b]Online[/b]</font>"; } else { $on="<font color=red>[b]Offline[/b]</font>"; } $d=""; if($r['donatordays']) { $r['username'] = '<font color=red>'.$r['username'].'</font>'; $d='[img=donator.gif]'; } if(!$r['fl_COMMENT']) { $r['fl_COMMENT']="None"; } echo' <tr> <td>[url="viewuser.php?u='.$r['userid'].'"]'.$r['username'].' ['.$r['userid'].'][/url]'.$d.'</td> <td>[url="mailbox.php?action=compose&ID='.$r['userid'].'"]<center>Send Message</center>[/url]</td> <td>[url="sendcash.php?ID='.$r['userid'].'"]<center>Send Cash</center>[/url]</td> <td>[url="sendbank.php?ID='.$r['userid'].'"]Bank Xfer[/url]</td></br /> <td>[url="sendcrys.php?ID='.$r['userid'].'"]Send Crystals[/url]</td> <td>[url="?action=remove&f='.$r['fl_ID'].'"]<center>Remove</center>[/url]</td> <td><center>'.$r['fl_COMMENT'].'</center></td> <td>[url="?action=comment&f='.$r['fl_ID'].'"]<center>Change Comment</center>[/url]</td> <td><center>'.$on.'</center></td> <td><center>'.date('F j, Y g:i:s a',$r['laston']).'</center></td> </tr> '; } echo'</table>'; } function friend_add() { global $db,$ir,$c,$userid,$h; $_POST['ID'] = abs(@intval($_POST['ID'])); $_POST['comment']=str_replace(array("<",">","\n"),array("<",">"," "), $_POST['comment']); if($_POST['ID']) { $qc=$db->query("SELECT * FROM friendslist WHERE fl_ADDER=$userid AND fl_ADDED=".$_POST['ID'].""); $q=$db->query("SELECT * FROM users WHERE userid=".$_POST['ID'].""); if($db->num_rows($qc)) { echo'Why are you adding the same person twice...'; } elseif($userid==$_POST['ID']) { echo'Why are you adding yourself you your friends list, got no friends...'; } elseif($db->num_rows($q)==0) { echo'That user isnt a real person im afraid... Come back later...'; } else { $db->query("INSERT INTO friendslist VALUES('', $userid, ".$_POST['ID'].", '".$_POST['comment']."')"); $r=$db->fetch_row($q); $db->query("UPDATE users SET friend_count=friend_count+1 WHERE userid=".$_POST['ID'].""); echo'You added '.$r['username'].' to your friends list. [url="friendslist.php"]> Back[/url]'; } } else { echo' <h4>Adding a friend.</h4> <form action="?action=add" method="post"> Friends ID: <input typpe="text" name="ID" value="'.$_GET['ID'].'" /> Comment (optinal): <textarea name="comment" rows="7" cols="40"></textarea> <input type="submit" value="Add!" /></form>'; } } function friend_remove() { global $db,$ir,$c,$userid,$h; $q=$db->query("SELECT * FROM friendslist WHERE fl_ID=".$_GET['f']." AND fl_ADDER=$userid"); if($db->num_rows($q) == 0) { echo'You cannot remove something you havent got.'; } $r=$db->fetch_row($q); $db->query("DELETE FROM friendslist WHERE fl_ID=".$_GET['f']." AND fl_ADDER=$userid"); $db->query("UPDATE users SET friend_count=friend_count-1 WHERE userid=".$r['fl_ADDED'].""); echo'You have successfully removed the friends entry! [url="friendslist.php"]> Back[/url]'; } function friend_comment() { global $db,$ir,$c,$userid,$h; $_POST['f'] = abs(@intval($_POST['f'])); $_POST['comment']=str_replace(array("<",">","\n"),array("<",">"," "), $_POST['comment']); if($_POST['comment']) { $db->query("UPDATE friendslist SET fl_COMMENT='".$_POST['comment']."' WHERE fl_ID=".$_POST['f']." AND fl_ADDER=$userid"); echo'You have successfully changed the comment! [url="friendslist.php"]> Back[/url]'; } else { $q=$db->query("SELECT * FROM friendslist WHERE fl_ID=".$_GET['f']." AND fl_ADDER=$userid"); if($db->num_rows($q)) { $r=$db->fetch_row($q); $comment=str_replace(array("<",">"," "), array("<",">","\n"), $r['fl_COMMENT']); echo 'Changing a comment. <form action="?action=comment" method="post"> <input type="hidden" name="f" value="'.$_GET['f'].'" /> New Comment: <textarea rows="7" cols="40" name="comment">'.$comment.'</textarea> <input type="submit" value="Change!" /></form>'; } else { echo'Stop trying to edit posts that arn\'t yours'; } } } $h->endpage(); ?> I doubt we need screen shots so I'll give them a miss.. Enjoy =)
-
Hire a coder..$5 most will do it for -.-
-
Notepad++ is loads easier to start..