Jump to content
MakeWebGames

Staff_users.php fix please

Gucci Mane

By Gucci Mane
in Game Support

 Share

Recommended Posts

Gucci Mane Newbie

Gucci Mane

Posted
Posted

I get this error:

Fatal error: Cannot redeclare report_clear() (previously declared in /home/*****/public_html/staff_users.php:437) in /home/*****/public_html/staff_users.php on line 516

 

my staff_users.php

<?php
include "sglobals.php";
//This contains user stuffs
switch($_GET['action'])
{
case 'newuser': new_user_form(); break;
case 'newusersub': new_user_submit(); break;
case 'edituser': edit_user_begin(); break;
case 'edituserform': edit_user_form(); break;
case 'editusersub': edit_user_sub(); break;
case 'invbeg': inv_user_begin(); break;
case 'invuser': inv_user_view(); break;
case 'deleinv': inv_delete(); break;
case 'creditform': credit_user_form(); break;
case 'creditsub': credit_user_submit(); break;
case 'masscredit': mcredit_user_form(); break;
case 'masscreditsub': mcredit_user_submit(); break;
case 'reportsview': reports_view(); break;
case 'repclear': report_clear(); break;
case 'deluser': deluser(); break;
case 'forcelogout': forcelogout(); break;
case 'reportsview': reports_view(); break;
case 'repstat': repstat(); break;
default: print "Error: This script requires an action."; break;
}
function htmlspcl($in)
{
return str_replace("'", "'", htmlspecialchars($in));
}
function new_user_form()
{
global $db,$ir, $c;
if($ir['user_level'] != 2)
{
die("403");
}
print "Adding a new user.

<form action='staff_users.php?action=newusersub' method='post'>
Username: <input type='text' name='username' />

Login Name: <input type='text' name='login_name' />

Email: <input type='text' name='email' />

Password: <input type='text' name='userpass' />

Type: <input type='radio' name='user_level' value='0' />NPC <input type='radio' name='user_level' value='1' checked='checked' />Regular Member

Level: <input type='text' name='level' value='1' />

Money: <input type='text' name='money' value='100' />

Crystals: <input type='text' name='crystals' value='0' />

Donator Days: <input type='text' name='donatordays' value='0' />

Gender: <select name='gender' type='dropdown'><option>Male</option><option>Female</option></select>



[b]Stats[/b]

Strength: <input type='text' name='strength' value='10' />

Agility: <input type='text' name='agility' value='10' />

Guard: <input type='text' name='guard' value='10' />

Labour: <input type='text' name='labour' value='10' />

IQ: <input type='text' name='labour' value='10' />



<input type='submit' value='Create User' /></form>";
}
function new_user_submit()
{
global $db,$ir,$c,$userid;
if($ir['user_level'] != 2)
{
die("403");
}
if(!isset($_POST['username']) || !isset($_POST['login_name']) || !isset($_POST['userpass']))
{
print "You missed one or more of the required fields. Please go back and try again.

[url='admin.php?action=newuser']> Back[/url]";
$h->endpage();
exit;
}
$level=abs((int) $_POST['level']);
$money=abs((int) $_POST['money']);
$crystals=abs((int) $_POST['crystals']);
$donator=abs((int) $_POST['donatordays']);
$ulevel=abs((int) $_POST['user_level']);
$strength=abs((int) $_POST['strength']);
$agility=abs((int) $_POST['agility']);
$guard=abs((int) $_POST['guard']);
$labour=abs((int) $_POST['labour']);

$iq=abs((int) $_POST['iq']);
$energy=10+$level*2;
$brave=3+$level*2;
$hp=50+$level*50;
$db->query("INSERT INTO users (username, login_name, userpass, level, money, crystals, donatordays, user_level, energy, maxenergy, will, maxwill, brave, maxbrave, hp, maxhp, location, gender, signedup, email, bankmoney) VALUES( '{$_POST['username']}', '{$_POST['login_name']}', md5('{$_POST['userpass']}'), $level, $money, $crystals, $donator, $ulevel, $energy, $energy, 100, 100, $brave, $brave, $hp, $hp, 1, '{$_POST['gender']}', unix_timestamp(), '{$_POST['email']}', -1)");
$i=mysql_insert_id($c);
$db->query("INSERT INTO userstats VALUES($i, $strength, $agility, $guard, $labour, $iq)");
print "User created!";
stafflog_add("Created user {$_POST['username']} [$i]");
} 
function edit_user_begin()
{
global $db,$ir,$c,$h,$userid;
if($ir['user_level'] != 2)
{
die("403");
}
print "<h3>Editing User</h3>
You can edit any aspect of this user. 

<form action='staff_users.php?action=edituserform' method='post'>
User: ".user_dropdown($c,'user')."

<input type='submit' value='Edit User' /></form>
OR enter a user ID to edit:
<form action='staff_users.php?action=edituserform' method='post'>
User: <input type='text' name='user' value='0' />

<input type='submit' value='Edit User' /></form>";
}
function edit_user_form()
{
global $db,$ir,$c,$h,$userid;
if($ir['user_level'] != 2)
{
die("403");
}
$d=$db->query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us on u.userid=us.userid WHERE u.userid={$_POST['user']}");
$itemi=$db->fetch_row($d);
$itemi['hospreason']=htmlspcl($itemi['hospreason']);
$itemi['jail_reason']=htmlspcl($itemi['jail_reason']);
print "<h3>Editing User</h3>
<form action='staff_users.php?action=editusersub' method='post'>
<input type='hidden' name='userid' value='{$_POST['user']}' />
Username: <input type='text' name='username' value='{$itemi['username']}' />

Login Name: <input type='text' name='login_name' value='{$itemi['login_name']}' />

Duties: <input type='text' name='duties' value='{$itemi['duties']}' />

Staff Notes: <input type='text' name='staffnotes' value='{$itemi['staffnotes']}' />

Level: <input type='text' name='level' value='{$itemi['level']}' />

Money: \$<input type='text' name='money' value='{$itemi['money']}' />

Bank: \$<input type='text' name='bankmoney' value='{$itemi['bankmoney']}' />

Cyber Bank: \$<input type='text' name='cybermoney' value='{$itemi['cybermoney']}' />

Crystals: <input type='text' name='crystals' value='{$itemi['crystals']}' />

Mail Ban: <input type='text' name='mailban' value='{$itemi['mailban']}' />

Mail Ban Reason: <input type='text' name='mb_reason' value='{$itemi['mb_reason']}' />

Forum Ban: <input type='text' name='forumban' value='{$itemi['forumban']}' />

Forum Ban Reason: <input type='text' name='fb_reason' value='{$itemi['fb_reason']}' />

Hospital time: <input type='text' name='hospital' value='{$itemi['hospital']}' />

Hospital reason: <input type='text' name='hospreason' value='{$itemi['hospreason']}' />

Jail time: <input type='text' name='jail' value='{$itemi['jail']}' />

Jail reason: <input type='text' name='jail_reason' value='{$itemi['jail_reason']}' />

House: ".house2_dropdown($c, "maxwill", $itemi['maxwill'])."

<h4>Stats</h4>
Strength: <input type='text' name='strength' value='{$itemi['strength']}' />

Agility: <input type='text' name='agility' value='{$itemi['agility']}' />

Guard: <input type='text' name='guard' value='{$itemi['guard']}' />

Labour: <input type='text' name='labour' value='{$itemi['labour']}' />

IQ: <input type='text' name='IQ' value='{$itemi['IQ']}' />

<input type='submit' value='Edit User' /></form>";
}
function edit_user_sub()
{

global $db,$ir,$c,$h,$userid;
if($ir['user_level'] != 2)
{
die("403");
}
$go=0;
if(!isset($_POST['level'])) { $go=1; }
if(!isset($_POST['money'])) { $go=1; }
if(!isset($_POST['bankmoney'])) { $go=1; }
if(!isset($_POST['crystals'])) { $go=1; }
if(!isset($_POST['strength'])) { $go=1; }
if(!isset($_POST['agility'])) { $go=1; }
if(!isset($_POST['guard'])) { $go=1; }
if(!isset($_POST['labour'])) { $go=1; }
if(!isset($_POST['IQ'])) { $go=1; }
if(!isset($_POST['username'])) { $go=1; }
if(!isset($_POST['login_name'])) { $go=1; }
if($go)
{
print "You did not fully fill out the form.";
$_POST['user']=$_POST['userid'];
edit_user_form();
}
else
{
$_POST['level']=(int) $_POST['level'];
$_POST['strength']=abs((int) $_POST['strength']);
$_POST['agility']=abs((int) $_POST['agility']);
$_POST['guard']=abs((int) $_POST['guard']);
$_POST['labour']=abs((int) $_POST['labour']);
$_POST['IQ']=abs((int) $_POST['IQ']);
$_POST['money']=(int) $_POST['money'];
$_POST['bankmoney']=(int) $_POST['bankmoney'];
$_POST['cybermoney']=(int) $_POST['cybermoney'];
$_POST['crystals']=(int) $_POST['crystals'];
$_POST['mailban']=(int) $_POST['mailban'];
$_POST['forumban']=(int) $_POST['forumban'];
$maxwill=abs((int) $_POST['maxwill']);

//check for username usage
$u=$db->query("SELECT * FROM users WHERE username='{$_POST['username']}' and userid != {$_POST['userid']}");
if($db->num_rows($u) != 0)
{
print "That username is in use, choose another.";
print "
[url='admin.php?action=edituser']> Back[/url]";
$h->endpage();
exit;
}
$oq=$db->query("SELECT * FROM users WHERE userid={$_POST['userid']}");
$rm=$db->fetch_row($oq);
$will=($rm['will'] > $maxwill) ? $maxwill: $rm['will'];
$energy=10+$_POST['level']*2;
$nerve=3+$_POST['level']*2;
$hp=50+$_POST['level']*50;
$db->query("UPDATE users SET username='{$_POST['username']}', level={$_POST['level']}, money={$_POST['money']}, crystals={$_POST['crystals']}, energy=$energy, brave=$nerve, maxbrave=$nerve, maxenergy=$energy, hp=$hp, maxhp=$hp, hospital={$_POST['hospital']}, jail={$_POST['jail']}, duties='{$_POST['duties']}', staffnotes='{$_POST['staffnotes']}', mailban={$_POST['mailban']}, mb_reason='{$_POST['mb_reason']}', forumban={$_POST['forumban']}, fb_reason='{$_POST['fb_reason']}', hospreason='{$_POST['hospreason']}', jail_reason='{$_POST['jail_reason']}', login_name='{$_POST['login_name']}', will=$will, maxwill=$maxwill WHERE userid={$_POST['userid']}");
$db->query("UPDATE userstats SET strength={$_POST['strength']}, agility={$_POST['agility']}, guard={$_POST['guard']}, labour={$_POST['labour']}, IQ={$_POST['IQ']} WHERE userid={$_POST['userid']}");
stafflog_add("Edited user {$_POST['username']} [{$_POST['userid']}]");
print "User edited....";

} }
function deluser()
{
global $ir,$c,$h,$userid,$db;
if($ir['user_level'] != 2)
{
die("403");
}
$undeletable = array('1','2'); // add more IDs here, such as NPCs
switch ($_GET['step'])
{
  default:
     echo "<h3>Deleteing User</h3>
     Here you can delete a user. 

     <form action='staff_users.php?action=deluser&step=2' method='post'>
     User: ".user_dropdown($c,'user')."

     <input type='submit' value='Delete User' /></form>
     OR enter a user ID to Delete:
     <form action='staff_users.php?action=deluser&step=2' method='post'>
     User: <input type='text' name='user' value='0' />

     <input type='submit' value='Delete User' /></form>";
  break;
  case 2:
     $target = $_POST['user'];
     if (!is_numeric($target)) exit;
     if (in_array($target,$undeletable)) {
        die('You cannot delete this person.');
     }
     $d=$db->query("SELECT username FROM users WHERE userid='$target'");
     $itemi=$db->fetch_row($d);
     print "<h3>Confirm</h3>
     Delete user ".$itemi["username"]."?
     <form action='staff_users.php?action=deluser&step=3' method='post'>
     <input type='hidden' name='userid' value='$target' />
     <input type='submit' name='yesorno' value='Yes' />
     <input type='submit' name='yesorno' value='No' onclick=\"window.location='staff_users.php?action=deluser';\" /></form>";
  break;
  case 3:
     $target = $_POST['userid'];
     if (!is_numeric($target)) exit;
     if (in_array($target,$undeletable)) {
        die('You cannot delete this person.');
     }
     if($_POST['yesorno']=='No')
     {
        die("User not deleted.
[url='staff_users.php?action=deluser']>Back to main Delete Users page.[/url]");
     }
     if ($_POST['yesorno'] != ("No" || "Yes")) die('Eh');
    $d=$db->query("SELECT username FROM users WHERE userid='$target'");
     $itemi=$db->fetch_row($d);
     $db->query("DELETE FROM users WHERE userid='$target'");
     $db->query("DELETE FROM userstats WHERE userid='$target'");
     $db->query("DELETE FROM inventory WHERE inv_userid='$target'");
     $db->query("DELETE FROM fedjail WHERE fed_userid='$target'");
     echo "User {$itemi['username']} Deleted.
[url='staff_users.php?action=deluser']>Back to main Delete Users page.[/url]";
stafflog_add("Deleted User {$itemi['username']} [{$_POST['userid']}]");     
  break;
}
} 
function inv_user_begin()
{
global $db,$ir,$c,$h,$userid;
if($ir['user_level'] > 3)
{
die("403");
}
print "<h3>Viewing User Inventory</h3>
You may browse this user's inventory.

<form action='staff_users.php?action=invuser' method='post'>
User: ".user_dropdown($c,'user')."

<input type='submit' value='View Inventory' /></form>";
}
function inv_user_view()
{
global $db,$ir,$c,$h,$userid;
if($ir['user_level'] > 3)
{
die("403");
}
$d=$db->query("SELECT username FROM users WHERE userid='{$_POST['user']}'");
     $un=$db->fetch_single($d);
$inv=$db->query("SELECT iv.*,i.*,it.* FROM inventory iv LEFT JOIN items i ON iv.inv_itemid=i.itmid LEFT JOIN itemtypes it ON i.itmtype=it.itmtypeid WHERE iv.inv_userid={$_POST['user']}");
if ($db->num_rows($inv) == 0)
{
print "[b]This person has no items![/b]";
}
else
{
print "[b]Their items are listed below.[/b]

<table width=100%><tr style='background-color:gray;'><th>Item</th><th>Sell Value</th><th>Total Sell Value</th><th>Links</th></tr>";
while($i=$db->fetch_row($inv))
{
print "<tr><td>{$i['itmname']}";
if ($i['inv_qty'] > 1)
{
print "x{$i['inv_qty']}";
}
print "</td><td>\${$i['itmsellprice']}</td><td>";
print "$".($i['itmsellprice']*$i['inv_qty']);
print "</td><td>[[url='staff_users.php?action=deleinv&ID={$i[']Delete[/url]]";
print "</td></tr>";
}
print "</table>";
}
stafflog_add("Viewed user {$un} [{$_POST['user']}] inventory");
}
function inv_delete()
{
global $db,$ir,$c,$h,$userid;
if($ir['user_level'] > 3)
{
die("403");
}

$db->query("DELETE FROM inventory WHERE inv_id={$_GET['ID']}");
print "Item deleted from inventory.";
stafflog_add("Deleted inventory ID {$_GET['ID']}");
}
function credit_user_form()
{
global $db,$ir,$c,$h,$userid;
if($ir['user_level'] > 3)
{
die("403");
}
print "<h3>Crediting User</h3>
You can give a user money/crystals.

<form action='staff_users.php?action=creditsub' method='post'>
User: ".user_dropdown($c,'user')."

Money: <input type='text' name='money' /> Crystals: <input type='text' name='crystals' />

<input type='submit' value='Credit User' /></form>";
}
function credit_user_submit()
{
global $db,$ir,$c,$h,$userid;
if($ir['user_level'] > 3)
{
die("403");
}
$_POST['money'] = (int) $_POST['money'];
$_POST['crystals'] = (int) $_POST['crystals'];
$db->query("UPDATE users u SET money=money+{$_POST['money']}, crystals=crystals+{$_POST['crystals']} WHERE u.userid={$_POST['user']}");
print "User credited.";
$d=$db->query("SELECT username FROM users WHERE userid='{$_POST['user']}'");
     $un=$db->fetch_single($d);
stafflog_add("Credited $un [{$_POST['user']}] \${$_POST['money']} and/or {$_POST['crystals']} crystals.");
}
function mcredit_user_form()
{
global $db,$ir,$c,$h,$userid;
if($ir['user_level'] > 2)
{
die("403");
}
print "<h3>Mass Payment</h3>
You can give all users money/crystals.

<form action='staff_users.php?action=masscreditsub' method='post'>
Money: <input type='text' name='money' /> Crystals: <input type='text' name='crystals' />

<input type='submit' value='Credit User' /></form>";
}
function mcredit_user_submit()
{
global $db,$ir,$c,$h,$userid;
if($ir['user_level'] > 2)
{
die("403");
}
$_POST['money'] = (int) $_POST['money'];
$_POST['crystals'] = (int) $_POST['crystals'];
$db->query("UPDATE users u SET money=money+{$_POST['money']}, crystals=crystals+{$_POST['crystals']}");
print "All Users credited. Click [url='staff.php?action=announce']here to add an announcement[/url] or [url='staff_special.php?action=massmailer']here to send a mass mail[/url] explaining why.";
stafflog_add("Credited all users \${$_POST['money']} and/or {$_POST['crystals']} crystals.");
}
function reports_view()
{
global $db,$ir,$c,$h,$userid;
if($ir['user_level'] > 5)
{
die("403");
}
echo "<h3>Player Reports</h3>
<table class='table' width='90%'>
<tr>
<th>Reporter</th> 
<th>Offender</th> 
<th>What they did</th> 
<th>Status</th>
<th>Links</th>
</tr>";
$sql = "SELECT pr.*, u1.username AS reporter, u2.username AS offender " .
"FROM preports pr " .
"LEFT JOIN users u1 ON (u1.userid = pr.prREPORTER) " .
"LEFT JOIN users u2 ON (u2.userid = pr.prREPORTED) " .
"ORDER BY pr.prID DESC";
$q = $db->query($sql);
while($rep = $db->fetch_row($q))
{
if($rep['prSTATUS'] == 0)
{
  $status = "<font color='red'>Needs handling</font>";
}
else if($rep['prSTATUS'] == 1)
{
  $status = "<font color='orange'>Pending</font>";
}
else
{
  $status = "<font color='green'>Handled</font>";
}
echo "<tr>";
echo sprintf("<td class='tdcenter'>[url='viewuser.php?u=%u']%s[/url] [%s]</td>", $rep['prREPORTER'], $rep['reporter'], $rep['prREPORTER']);
echo sprintf("<td class='tdcenter'>[url='viewuser.php?u=%u']%s[/url] [%s]</td>", $rep['prREPORTED'], $rep['offender'], $rep['prREPORTED']);
echo sprintf("<td>%s</td>", stripslashes(nl2br($rep['prTEXT'])));
echo sprintf("<td class='tdcenter'>%s</td>", $status);
echo "<td class='tdcenter'>";
echo sprintf("[url='staff_users.php?action=repclear&ID=%u'][img=/imageicons/decline.png][/url] ", $rep['prID']);
echo sprintf("[url='staff_users.php?action=repstat&ID=%u'][img=/imageicons/coding.png][/url]", $rep['prID']);
echo "</td>";
echo "</tr>";
}
echo "</table>";
}
function report_clear()
{
global $db,$ir,$c,$h,$userid;
if($ir['user_level'] < 2)
{
echo "You don't have access";
$h->endpage();
exit;
}
$_GET['ID'] = abs(@intval($_GET['ID']));

$sql = sprintf("DELETE FROM preports WHERE (prID = %u)", $_GET['ID']);
$log = sprintf("Cleared player report ID %u", $_GET['ID']);
$db->query($sql);
stafflog_add($log);
print "Report cleared and deleted!

[url='staff_users.php?action=reportsview']> Back[/url]";
}
function repstat()
{
global $ir, $db, $h;
echo sprintf("Change the status of player report ID %u

", $_GET['ID']);
if($ir['user_level'] > 5)
{
echo "Access Denied";
$h->endpage();
exit;
}
if(!isset($_POST['change']))
{
echo sprintf("<form action='staff_users.php?action=repstat&ID=%u' method='post'>", $_GET['ID']);
echo "<select name='change'>";
echo "<option value='0'>Not handled</option>";
echo "<option value='1'>Pending</option>";
echo "<option value='2'>Handled</option>";
echo "</select>";
echo "
<input type='submit' value='Submit' />";
echo "</form>";
}
else
{
$sql = sprintf("UPDATE preports SET prSTATUS = %d WHERE (prID = %u)", $_POST['change'], $_GET['ID']);
$db->query($sql);
echo "Status updated - [url='staff_users.php?action=reportsview']Back[/url]";
stafflog_add(sprintf("Updated the status of report ID %u", $_GET['ID']));
}
}
function forcelogout()
{
global $db,$ir,$c,$h,$userid;
if($ir['user_level'] > 2)
{
die("403");
}
$_POST['userid'] = abs((int) $_POST['userid']);
if($_POST['userid'])
{
$db->query("UPDATE users SET force_logout=1 WHERE userid={$_POST['userid']}");
print "User ID {$_POST['userid']} successfully forced to logout.";
stafflog_add("Forced User ID {$_POST['userid']} to logout");
}
else
{
print "<h3>Force User Logout</h3><hr />
The user will be automatically logged out next time he/she makes a hit to the site.<form action='staff_users.php?action=forcelogout' method='post'>
User: ".user_dropdown($c, 'userid')."

<input type='submit' value='Force User to Logout' /></form>";
}
}
function report_clear()
{
global $db,$ir,$c,$h,$userid;
if($ir['user_level'] > 3)
{
die("403");
}
$_GET['ID'] = abs((int) $_GET['ID']);
stafflog_add("Cleared player report ID {$_GET['ID']}");
$db->query("DELETE FROM preports WHERE prID={$_GET['ID']}");
print "Report cleared and deleted!

[url='staff_users.php?action=reportsview']> Back[/url]";
}
}
$h->endpage();
?>
Link to comment
Share on other sites
Nicholas Newbie

Nicholas

Posted
Posted

try this mate.

 

<?php 
include "sglobals.php"; 
//This contains user stuffs 
switch($_GET['action']) 
{ 
case 'newuser': new_user_form(); break; 
case 'newusersub': new_user_submit(); break; 
case 'edituser': edit_user_begin(); break; 
case 'edituserform': edit_user_form(); break; 
case 'editusersub': edit_user_sub(); break; 
case 'invbeg': inv_user_begin(); break; 
case 'invuser': inv_user_view(); break; 
case 'deleinv': inv_delete(); break; 
case 'creditform': credit_user_form(); break; 
case 'creditsub': credit_user_submit(); break; 
case 'masscredit': mcredit_user_form(); break; 
case 'masscreditsub': mcredit_user_submit(); break; 
case 'reportsview': reports_view(); break; 
case 'repclear': report_clear(); break; 
case 'deluser': deluser(); break; 
case 'forcelogout': forcelogout(); break; 
case 'reportsview': reports_view(); break; 
case 'repstat': repstat(); break; 
default: print "Error: This script requires an action."; break; 
} 
function htmlspcl($in) 
{ 
return str_replace("'", "'", htmlspecialchars($in)); 
} 
function new_user_form() 
{ 
global $db,$ir, $c; 
if($ir['user_level'] != 2) 
{ 
die("403"); 
} 
print "Adding a new user.

<form action='staff_users.php?action=newusersub' method='post'> 
Username: <input type='text' name='username' />

Login Name: <input type='text' name='login_name' />

Email: <input type='text' name='email' />

Password: <input type='text' name='userpass' />

Type: <input type='radio' name='user_level' value='0' />NPC <input type='radio' name='user_level' value='1' checked='checked' />Regular Member

Level: <input type='text' name='level' value='1' />

Money: <input type='text' name='money' value='100' />

Crystals: <input type='text' name='crystals' value='0' />

Donator Days: <input type='text' name='donatordays' value='0' />

Gender: <select name='gender' type='dropdown'><option>Male</option><option>Female</option></select>



[b]Stats[/b]

Strength: <input type='text' name='strength' value='10' />

Agility: <input type='text' name='agility' value='10' />

Guard: <input type='text' name='guard' value='10' />

Labour: <input type='text' name='labour' value='10' />

IQ: <input type='text' name='labour' value='10' />



<input type='submit' value='Create User' /></form>"; 
} 
function new_user_submit() 
{ 
global $db,$ir,$c,$userid; 
if($ir['user_level'] != 2) 
{ 
die("403"); 
} 
if(!isset($_POST['username']) || !isset($_POST['login_name']) || !isset($_POST['userpass'])) 
{ 
print "You missed one or more of the required fields. Please go back and try again.

[url='admin.php?action=newuser']> Back[/url]"; 
$h->endpage(); 
exit; 
} 
$level=abs((int) $_POST['level']); 
$money=abs((int) $_POST['money']); 
$crystals=abs((int) $_POST['crystals']); 
$donator=abs((int) $_POST['donatordays']); 
$ulevel=abs((int) $_POST['user_level']); 
$strength=abs((int) $_POST['strength']); 
$agility=abs((int) $_POST['agility']); 
$guard=abs((int) $_POST['guard']); 
$labour=abs((int) $_POST['labour']); 
$iq=abs((int) $_POST['iq']); 
$energy=10+$level*2; 
$brave=3+$level*2; 
$hp=50+$level*50; 
$db->query("INSERT INTO users (username, login_name, userpass, level, money, crystals, donatordays, user_level, energy, maxenergy, will, maxwill, brave, maxbrave, hp, maxhp, location, gender, signedup, email, bankmoney) VALUES( '{$_POST['username']}', '{$_POST['login_name']}', md5('{$_POST['userpass']}'), $level, $money, $crystals, $donator, $ulevel, $energy, $energy, 100, 100, $brave, $brave, $hp, $hp, 1, '{$_POST['gender']}', unix_timestamp(), '{$_POST['email']}', -1)"); 
$i=mysql_insert_id($c); 
$db->query("INSERT INTO userstats VALUES($i, $strength, $agility, $guard, $labour, $iq)"); 
print "User created!"; 
stafflog_add("Created user {$_POST['username']} [$i]"); 
} 
function edit_user_begin() 
{ 
global $db,$ir,$c,$h,$userid; 
if($ir['user_level'] != 2) 
{ 
die("403"); 
} 
print "<h3>Editing User</h3> 
You can edit any aspect of this user. 

<form action='staff_users.php?action=edituserform' method='post'> 
User: ".user_dropdown($c,'user')."

<input type='submit' value='Edit User' /></form> 
OR enter a user ID to edit: 
<form action='staff_users.php?action=edituserform' method='post'> 
User: <input type='text' name='user' value='0' />

<input type='submit' value='Edit User' /></form>"; 
} 
function edit_user_form() 
{ 
global $db,$ir,$c,$h,$userid; 
if($ir['user_level'] != 2) 
{ 
die("403"); 
} 
$d=$db->query("SELECT u.*,us.* FROM users u LEFT JOIN userstats us on u.userid=us.userid WHERE u.userid={$_POST['user']}"); 
$itemi=$db->fetch_row($d); 
$itemi['hospreason']=htmlspcl($itemi['hospreason']); 
$itemi['jail_reason']=htmlspcl($itemi['jail_reason']); 
print "<h3>Editing User</h3> 
<form action='staff_users.php?action=editusersub' method='post'> 
<input type='hidden' name='userid' value='{$_POST['user']}' /> 
Username: <input type='text' name='username' value='{$itemi['username']}' />

Login Name: <input type='text' name='login_name' value='{$itemi['login_name']}' />

Duties: <input type='text' name='duties' value='{$itemi['duties']}' />

Staff Notes: <input type='text' name='staffnotes' value='{$itemi['staffnotes']}' />

Level: <input type='text' name='level' value='{$itemi['level']}' />

Money: \$<input type='text' name='money' value='{$itemi['money']}' />

Bank: \$<input type='text' name='bankmoney' value='{$itemi['bankmoney']}' />

Cyber Bank: \$<input type='text' name='cybermoney' value='{$itemi['cybermoney']}' />

Crystals: <input type='text' name='crystals' value='{$itemi['crystals']}' />

Mail Ban: <input type='text' name='mailban' value='{$itemi['mailban']}' />

Mail Ban Reason: <input type='text' name='mb_reason' value='{$itemi['mb_reason']}' />

Forum Ban: <input type='text' name='forumban' value='{$itemi['forumban']}' />

Forum Ban Reason: <input type='text' name='fb_reason' value='{$itemi['fb_reason']}' />

Hospital time: <input type='text' name='hospital' value='{$itemi['hospital']}' />

Hospital reason: <input type='text' name='hospreason' value='{$itemi['hospreason']}' />

Jail time: <input type='text' name='jail' value='{$itemi['jail']}' />

Jail reason: <input type='text' name='jail_reason' value='{$itemi['jail_reason']}' />

House: ".house2_dropdown($c, "maxwill", $itemi['maxwill'])."

<h4>Stats</h4> 
Strength: <input type='text' name='strength' value='{$itemi['strength']}' />

Agility: <input type='text' name='agility' value='{$itemi['agility']}' />

Guard: <input type='text' name='guard' value='{$itemi['guard']}' />

Labour: <input type='text' name='labour' value='{$itemi['labour']}' />

IQ: <input type='text' name='IQ' value='{$itemi['IQ']}' />

<input type='submit' value='Edit User' /></form>"; 
} 
function edit_user_sub() 
{ 
global $db,$ir,$c,$h,$userid; 
if($ir['user_level'] != 2) 
{ 
die("403"); 
} 
$go=0; 
if(!isset($_POST['level'])) { $go=1; } 
if(!isset($_POST['money'])) { $go=1; } 
if(!isset($_POST['bankmoney'])) { $go=1; } 
if(!isset($_POST['crystals'])) { $go=1; } 
if(!isset($_POST['strength'])) { $go=1; } 
if(!isset($_POST['agility'])) { $go=1; } 
if(!isset($_POST['guard'])) { $go=1; } 
if(!isset($_POST['labour'])) { $go=1; } 
if(!isset($_POST['IQ'])) { $go=1; } 
if(!isset($_POST['username'])) { $go=1; } 
if(!isset($_POST['login_name'])) { $go=1; } 
if($go) 
{ 
print "You did not fully fill out the form."; 
$_POST['user']=$_POST['userid']; 
edit_user_form(); 
} 
else 
{ 
$_POST['level']=(int) $_POST['level']; 
$_POST['strength']=abs((int) $_POST['strength']); 
$_POST['agility']=abs((int) $_POST['agility']); 
$_POST['guard']=abs((int) $_POST['guard']); 
$_POST['labour']=abs((int) $_POST['labour']); 
$_POST['IQ']=abs((int) $_POST['IQ']); 
$_POST['money']=(int) $_POST['money']; 
$_POST['bankmoney']=(int) $_POST['bankmoney']; 
$_POST['cybermoney']=(int) $_POST['cybermoney']; 
$_POST['crystals']=(int) $_POST['crystals']; 
$_POST['mailban']=(int) $_POST['mailban']; 
$_POST['forumban']=(int) $_POST['forumban']; 
$maxwill=abs((int) $_POST['maxwill']); 
//check for username usage 
$u=$db->query("SELECT * FROM users WHERE username='{$_POST['username']}' and userid != {$_POST['userid']}"); 
if($db->num_rows($u) != 0) 
{ 
print "That username is in use, choose another."; 
print "
[url='admin.php?action=edituser']> Back[/url]"; 
$h->endpage(); 
exit; 
} 
$oq=$db->query("SELECT * FROM users WHERE userid={$_POST['userid']}"); 
$rm=$db->fetch_row($oq); 
$will=($rm['will'] > $maxwill) ? $maxwill: $rm['will']; 
$energy=10+$_POST['level']*2; 
$nerve=3+$_POST['level']*2; 
$hp=50+$_POST['level']*50; 
$db->query("UPDATE users SET username='{$_POST['username']}', level={$_POST['level']}, money={$_POST['money']}, crystals={$_POST['crystals']}, energy=$energy, brave=$nerve, maxbrave=$nerve, maxenergy=$energy, hp=$hp, maxhp=$hp, hospital={$_POST['hospital']}, jail={$_POST['jail']}, duties='{$_POST['duties']}', staffnotes='{$_POST['staffnotes']}', mailban={$_POST['mailban']}, mb_reason='{$_POST['mb_reason']}', forumban={$_POST['forumban']}, fb_reason='{$_POST['fb_reason']}', hospreason='{$_POST['hospreason']}', jail_reason='{$_POST['jail_reason']}', login_name='{$_POST['login_name']}', will=$will, maxwill=$maxwill WHERE userid={$_POST['userid']}"); 
$db->query("UPDATE userstats SET strength={$_POST['strength']}, agility={$_POST['agility']}, guard={$_POST['guard']}, labour={$_POST['labour']}, IQ={$_POST['IQ']} WHERE userid={$_POST['userid']}"); 
stafflog_add("Edited user {$_POST['username']} [{$_POST['userid']}]"); 
print "User edited...."; 
} } 
function deluser() 
{ 
global $ir,$c,$h,$userid,$db; 
if($ir['user_level'] != 2) 
{ 
die("403"); 
} 
$undeletable = array('1','2'); // add more IDs here, such as NPCs 
switch ($_GET['step']) 
{ 
default: 
echo "<h3>Deleteing User</h3> 
Here you can delete a user. 

<form action='staff_users.php?action=deluser&step=2' method='post'> 
User: ".user_dropdown($c,'user')."

<input type='submit' value='Delete User' /></form> 
OR enter a user ID to Delete: 
<form action='staff_users.php?action=deluser&step=2' method='post'> 
User: <input type='text' name='user' value='0' />

<input type='submit' value='Delete User' /></form>"; 
break; 
case 2: 
$target = $_POST['user']; 
if (!is_numeric($target)) exit; 
if (in_array($target,$undeletable)) { 
die('You cannot delete this person.'); 
} 
$d=$db->query("SELECT username FROM users WHERE userid='$target'"); 
$itemi=$db->fetch_row($d); 
print "<h3>Confirm</h3> 
Delete user ".$itemi["username"]."? 
<form action='staff_users.php?action=deluser&step=3' method='post'> 
<input type='hidden' name='userid' value='$target' /> 
<input type='submit' name='yesorno' value='Yes' /> 
<input type='submit' name='yesorno' value='No' onclick=\"window.location='staff_users.php?action=deluser';\" /></form>"; 
break; 
case 3: 
$target = $_POST['userid']; 
if (!is_numeric($target)) exit; 
if (in_array($target,$undeletable)) { 
die('You cannot delete this person.'); 
} 
if($_POST['yesorno']=='No') 
{ 
die("User not deleted.
[url='staff_users.php?action=deluser']>Back to main Delete Users page.[/url]"); 
} 
if ($_POST['yesorno'] != ("No" || "Yes")) die('Eh'); 
$d=$db->query("SELECT username FROM users WHERE userid='$target'"); 
$itemi=$db->fetch_row($d); 
$db->query("DELETE FROM users WHERE userid='$target'"); 
$db->query("DELETE FROM userstats WHERE userid='$target'"); 
$db->query("DELETE FROM inventory WHERE inv_userid='$target'"); 
$db->query("DELETE FROM fedjail WHERE fed_userid='$target'"); 
echo "User {$itemi['username']} Deleted.
[url='staff_users.php?action=deluser']>Back to main Delete Users page.[/url]"; 
stafflog_add("Deleted User {$itemi['username']} [{$_POST['userid']}]"); 
break; 
} 
} 
function inv_user_begin() 
{ 
global $db,$ir,$c,$h,$userid; 
if($ir['user_level'] > 3) 
{ 
die("403"); 
} 
print "<h3>Viewing User Inventory</h3> 
You may browse this user's inventory.

<form action='staff_users.php?action=invuser' method='post'> 
User: ".user_dropdown($c,'user')."

<input type='submit' value='View Inventory' /></form>"; 
} 
function inv_user_view() 
{ 
global $db,$ir,$c,$h,$userid; 
if($ir['user_level'] > 3) 
{ 
die("403"); 
} 
$d=$db->query("SELECT username FROM users WHERE userid='{$_POST['user']}'"); 
$un=$db->fetch_single($d); 
$inv=$db->query("SELECT iv.*,i.*,it.* FROM inventory iv LEFT JOIN items i ON iv.inv_itemid=i.itmid LEFT JOIN itemtypes it ON i.itmtype=it.itmtypeid WHERE iv.inv_userid={$_POST['user']}"); 
if ($db->num_rows($inv) == 0) 
{ 
print "[b]This person has no items![/b]"; 
} 
else 
{ 
print "[b]Their items are listed below.[/b]

<table width=100%><tr style='background-color:gray;'><th>Item</th><th>Sell Value</th><th>Total Sell Value</th><th>Links</th></tr>"; 
while($i=$db->fetch_row($inv)) 
{ 
print "<tr><td>{$i['itmname']}"; 
if ($i['inv_qty'] > 1) 
{ 
print "x{$i['inv_qty']}"; 
} 
print "</td><td>\${$i['itmsellprice']}</td><td>"; 
print "$".($i['itmsellprice']*$i['inv_qty']); 
print "</td><td>[[url='staff_users.php?action=deleinv&ID={$i[']Delete[/url]]"; 
print "</td></tr>"; 
} 
print "</table>"; 
} 
stafflog_add("Viewed user {$un} [{$_POST['user']}] inventory"); 
} 
function inv_delete() 
{ 
global $db,$ir,$c,$h,$userid; 
if($ir['user_level'] > 3) 
{ 
die("403"); 
} 
$db->query("DELETE FROM inventory WHERE inv_id={$_GET['ID']}"); 
print "Item deleted from inventory."; 
stafflog_add("Deleted inventory ID {$_GET['ID']}"); 
} 
function credit_user_form() 
{ 
global $db,$ir,$c,$h,$userid; 
if($ir['user_level'] > 3) 
{ 
die("403"); 
} 
print "<h3>Crediting User</h3> 
You can give a user money/crystals.

<form action='staff_users.php?action=creditsub' method='post'> 
User: ".user_dropdown($c,'user')."

Money: <input type='text' name='money' /> Crystals: <input type='text' name='crystals' />

<input type='submit' value='Credit User' /></form>"; 
} 
function credit_user_submit() 
{ 
global $db,$ir,$c,$h,$userid; 
if($ir['user_level'] > 3) 
{ 
die("403"); 
} 
$_POST['money'] = (int) $_POST['money']; 
$_POST['crystals'] = (int) $_POST['crystals']; 
$db->query("UPDATE users u SET money=money+{$_POST['money']}, crystals=crystals+{$_POST['crystals']} WHERE u.userid={$_POST['user']}"); 
print "User credited."; 
$d=$db->query("SELECT username FROM users WHERE userid='{$_POST['user']}'"); 
$un=$db->fetch_single($d); 
stafflog_add("Credited $un [{$_POST['user']}] \${$_POST['money']} and/or {$_POST['crystals']} crystals."); 
} 
function mcredit_user_form() 
{ 
global $db,$ir,$c,$h,$userid; 
if($ir['user_level'] > 2) 
{ 
die("403"); 
} 
print "<h3>Mass Payment</h3> 
You can give all users money/crystals.

<form action='staff_users.php?action=masscreditsub' method='post'> 
Money: <input type='text' name='money' /> Crystals: <input type='text' name='crystals' />

<input type='submit' value='Credit User' /></form>"; 
} 
function mcredit_user_submit() 
{ 
global $db,$ir,$c,$h,$userid; 
if($ir['user_level'] > 2) 
{ 
die("403"); 
} 
$_POST['money'] = (int) $_POST['money']; 
$_POST['crystals'] = (int) $_POST['crystals']; 
$db->query("UPDATE users u SET money=money+{$_POST['money']}, crystals=crystals+{$_POST['crystals']}"); 
print "All Users credited. Click [url='staff.php?action=announce']here to add an announcement[/url] or [url='staff_special.php?action=massmailer']here to send a mass mail[/url] explaining why."; 
stafflog_add("Credited all users \${$_POST['money']} and/or {$_POST['crystals']} crystals."); 
} 
function reports_view() 
{ 
global $db,$ir,$c,$h,$userid; 
if($ir['user_level'] > 5) 
{ 
die("403"); 
} 
echo "<h3>Player Reports</h3> 
<table class='table' width='90%'> 
<tr> 
<th>Reporter</th> 
<th>Offender</th> 
<th>What they did</th> 
<th>Status</th> 
<th>Links</th> 
</tr>"; 
$sql = "SELECT pr.*, u1.username AS reporter, u2.username AS offender " . 
"FROM preports pr " . 
"LEFT JOIN users u1 ON (u1.userid = pr.prREPORTER) " . 
"LEFT JOIN users u2 ON (u2.userid = pr.prREPORTED) " . 
"ORDER BY pr.prID DESC"; 
$q = $db->query($sql); 
while($rep = $db->fetch_row($q)) 
{ 
if($rep['prSTATUS'] == 0) 
{ 
$status = "<font color='red'>Needs handling</font>"; 
} 
else if($rep['prSTATUS'] == 1) 
{ 
$status = "<font color='orange'>Pending</font>"; 
} 
else 
{ 
$status = "<font color='green'>Handled</font>"; 
} 
echo "<tr>"; 
echo sprintf("<td class='tdcenter'>[url='viewuser.php?u=%u']%s[/url] [%s]</td>", $rep['prREPORTER'], $rep['reporter'], $rep['prREPORTER']); 
echo sprintf("<td class='tdcenter'>[url='viewuser.php?u=%u']%s[/url] [%s]</td>", $rep['prREPORTED'], $rep['offender'], $rep['prREPORTED']); 
echo sprintf("<td>%s</td>", stripslashes(nl2br($rep['prTEXT']))); 
echo sprintf("<td class='tdcenter'>%s</td>", $status); 
echo "<td class='tdcenter'>"; 
echo sprintf("[url='staff_users.php?action=repclear&ID=%u'][img=/imageicons/decline.png][/url] ", $rep['prID']); 
echo sprintf("[url='staff_users.php?action=repstat&ID=%u'][img=/imageicons/coding.png][/url]", $rep['prID']); 
echo "</td>"; 
echo "</tr>"; 
} 
echo "</table>"; 
} 
function repstat() 
{ 
global $ir, $db, $h; 
echo sprintf("Change the status of player report ID %u

", $_GET['ID']); 
if($ir['user_level'] > 5) 
{ 
echo "Access Denied"; 
$h->endpage(); 
exit; 
} 
if(!isset($_POST['change'])) 
{ 
echo sprintf("<form action='staff_users.php?action=repstat&ID=%u' method='post'>", $_GET['ID']); 
echo "<select name='change'>"; 
echo "<option value='0'>Not handled</option>"; 
echo "<option value='1'>Pending</option>"; 
echo "<option value='2'>Handled</option>"; 
echo "</select>"; 
echo "
<input type='submit' value='Submit' />"; 
echo "</form>"; 
} 
else 
{ 
$sql = sprintf("UPDATE preports SET prSTATUS = %d WHERE (prID = %u)", $_POST['change'], $_GET['ID']); 
$db->query($sql); 
echo "Status updated - [url='staff_users.php?action=reportsview']Back[/url]"; 
stafflog_add(sprintf("Updated the status of report ID %u", $_GET['ID'])); 
} 
} 
function forcelogout() 
{ 
global $db,$ir,$c,$h,$userid; 
if($ir['user_level'] > 2) 
{ 
die("403"); 
} 
$_POST['userid'] = abs((int) $_POST['userid']); 
if($_POST['userid']) 
{ 
$db->query("UPDATE users SET force_logout=1 WHERE userid={$_POST['userid']}"); 
print "User ID {$_POST['userid']} successfully forced to logout."; 
stafflog_add("Forced User ID {$_POST['userid']} to logout"); 
} 
else 
{ 
print "<h3>Force User Logout</h3><hr /> 
The user will be automatically logged out next time he/she makes a hit to the site.<form action='staff_users.php?action=forcelogout' method='post'> 
User: ".user_dropdown($c, 'userid')."

<input type='submit' value='Force User to Logout' /></form>"; 
} 
} 
function report_clear() 
{ 
global $db,$ir,$c,$h,$userid; 
if($ir['user_level'] > 3) 
{ 
die("403"); 
} 
$_GET['ID'] = abs((int) $_GET['ID']); 
stafflog_add("Cleared player report ID {$_GET['ID']}"); 
$db->query("DELETE FROM preports WHERE prID={$_GET['ID']}"); 
print "Report cleared and deleted!

[url='staff_users.php?action=reportsview']> Back[/url]"; 
} 
$h->endpage(); 
?>
Link to comment
Share on other sites
a_bertrand Newbie

a_bertrand

Posted
Posted

I agree with danny here, instead of posting a thread as soon as there is a little problem, you should first try HARD to find it yourself. Those kind of errors are really basic and PHP is giving away enough information to let you find what's wrong. In the worse case, you can always try to comment out piece by piece the code until it works again, and therefore spot which part is guilty.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...