Jump to content
MakeWebGames

help

bladewolf2010

By bladewolf2010
in Modification Support

 Share

Recommended Posts

bladewolf2010 Newbie

bladewolf2010

Posted
Posted

Can some one make this ONE function?

 

function race_change()
{
global $ir,$c,$userid,$h;
print "<center><hr width='20%'>Race Change<hr width='20%'>

<form action='preferences.php?action=racechange2' method='post'>
<select class=textbox name='race'>
<option value='Wizard'>Wizard</option>
<option value='Ware Wolf'>Ware Wolf</option>
<option value='Vampire'>Vampire</option>
<option value='Yeti'>Yeti</option>
<option value='Elf'>Elf</option>
<option value='Zombie'>Zombie</option>
<option value='Beast'>Beast</option>
<option value='Dwarf'>Dwarf</option>
<option value='Gangsta'>Gangsta</option>
<option value='Criminal'>Criminal</option>
<option value='Pimp'>Pimp</option>
<option value='Member'>Member</option>
<option value='God'>God</option>
<option value='Pilot'>Pilot</option>
<option value='Boxer'>Boxer</option>
<option value='Chief'>Chief</option>
<option value='Cop'>Cop</option>
<option value='Creature'>Creature</option>
<option value='Seller'>Seller</option>
<option value='Buyer'>Buyer</option>
<option value='Goth'>Goth</option>
<option value='Thief'>Thief</option>
<option value='Hacker'>Hacker</option>
<option value='Skeleton'>Skeleton</option>
<option value='Demon'>Demon</option>
<option value='Goblin'>Goblin</option>
<option value='Unknown' SELECTED>Unknown</option>
</Select>
<input class='textbox' type='submit' value='Change Race' />
</form>";
}
function do_race_change()
{
global $db,$ir,$c,$userid,$h;
$db->query("UPDATE users SET race='{$_POST['race']}' WHERE userid=$userid");
print "You Have Changed your Race Type!

[url='preferences.php']Back[/url]";
}
Link to comment
Share on other sites
bladewolf2010 Newbie

bladewolf2010

Posted
  • Author
Posted

heres my preffs

 

<?php
include_once (DIRNAME(__FILE__). '/globals.php');


// XSS Prevention.
function NoXSS($Var) {
return (get_magic_quotes_gpc()) ? htmlspecialchars($Var) : addslashes(htmlspecialchars($Var));
}

$_GET['act'] = isset($_GET['act']) && ctype_alpha($_GET['act']) ? trim($_GET['act']) : 'Index';
switch ($_GET['act']) {
case 'SexChange': SexChange(); break;
case 'PassChange': PassChange(); break;
case 'namechange':namechange();break;
case 'DPChange': DPChange(); break;
case 'racechange2':do_race_change();break;
case 'racechange':conf_race_change();break;
case 'ForumSig': ForumSig(); break;
default: Index(); break;
}

if (!in_array($_GET['act'], array('Index', 'SexChange', 'PassChange', 'nameChange', 'DPChange', 'ForumSig', 'do_race_change', 'race_change'))) {
print "Ip Logged";
}

// Index Function.
function Index() {
echo '<h3 style="text-decoration: underline;">Your Preferences</h3>
[url="preferences.php?act=SexChange"]Sex Change[/url]

[url="preferences.php?act=PassChange"]Password Change[/url]

[url="preferences.php?act=namechange"]Username Change[/url]

[url="preferences.php?act=DPChange"]Display Picture Change[/url]

[url="preferences.php?act=ForumSig"]Forum Info Change[/url]

[url="preferences.php?act=racechange"]Race Change[/url]
";
}


// Sex Change Function.
function SexChange() {
global $ir, $db;
if($ir['gender'] == "Male") { $g="Female"; } else { $g="Male"; }
if (isset($_POST['NewGender'])) {
 $db->query(sprintf("UPDATE `users` SET `gender`='%s' WHERE `userid`='%d'", $_POST['NewGender'], $ir['userid']));
 echo sprintf("You Are Now A %s", $_POST['NewGender']);
  exit;
} 
else{
 echo '<h3 style="text-decoration: underline;">Sex Change</h3>
 <form action="preferences.php?act=SexChange" method="post">';
  echo sprintf("<input type='hidden' name='NewGender' value='%s' />", $NewGender);
  echo sprintf("You Are Currently A Are %s, Are You Sure You Want To Become A %s?
", $ir['gender'], $NewGender);
  echo '<input type="submit" value="Yes!" />
 </form>';
}
}

// Password Change Function.
function PassChange() {
global $ir, $db, $c; 
$Info = $db->fetch_row($db->query(sprintf("SELECT `userid`, `userpass`, `login_name` FROM `users` WHERE `userid`='%d'", $ir['userid'])));
if (isset($_POST['OldPass'], $_POST['NewPass1'])) {
 if ($_POST['NewPass1'] == '') {
  echo 'Error!
You Entered No Password 
';
 } else if (md5($_POST['OldPass']) != $Info['userpass']) {
  echo 'Error!
The Current Password Is Inncorrect! 
';
 } else {
  $db->query(sprintf("UPDATE `users` SET `userpass`='%s' WHERE `userid`='%d'", md5($_POST['NewPass1']), $ir['userid']));
  echo 'Your Password Has Been Updated! 

  Your New Password Is: [i]'.$_POST['NewPass1'].'[/i]

  Keep This Password Safe And Don\'t Tell Anyone It.

  > [url="index.php"]Home[/url]';
 }
} else {
 echo '<h3 style="text-decoration: underline;">Password Change</h3>
 <form action="preferences.php?act=PassChange" method="post">
  Current Password: <input type="password" name="OldPass" />

  New Password: <input type="password" name="NewPass1" />

  <input type="submit" value="Change Password!" />
 </form>';
}
}

// Name Change Function.
function namechange()  {
global $c,$db,$ir;
if (isset($_POST['NewName']))
{
 $CheckLog = mysql_num_rows(mysql_query(sprintf("SELECT `userid`, `username` FROM `users` WHERE `login_name`='%s' AND `userid`!='%d'", $_POST['NewName'], $_SESSION['userid'], $c)));
 $CheckGame = mysql_num_rows(mysql_query(sprintf("SELECT `userid`, `username` FROM `users` WHERE `username`='%s' AND `userid`!='%d'", $_POST['NewName'], $_SESSION['userid'], $c)));
 if (trim($_POST['NewName']) == '') {
  echo 'Error! 
You Did Not Enter A New Name 
';
 } else if ($CheckLog) {
  echo 'Error! 
This Name Is In Use 
';
 } else if ($CheckGame) {
  echo 'Error! 
This Name Is In Use 
';
 } else if (strlen($_POST['NewName']) < '4') {
  echo 'Error! 
This Name Is Too Short';
 } else if (strlen($_POST['NewName']) > '15') {
  echo 'Error!
This Name Is Too Long';
 } else {
  $_POST['NewName'] = str_replace(array("<", ">", "'", ";"), array("", "", "", ""), $_POST['NewName']);

  $db->query("INSERT INTO `namechange` VALUES('','".$ir['username']."','".$_POST['NewName']."',".$ir['userid'].")");
 	echo 'You Have Sent your name change request!';
 }
} else {
 echo '<h3>Name Change</h3>
 Please note that you still use the same name to login, this procedure simply changes the name that is displayed.  Name changes will not be immediate.  You must wait for the staff to Review and accept/Deny.  If denied you will be informed as to why.
 <form act="preferences.php?act=namechange" method="post">
  New Name: <input type="text" name="NewName" />

  <input type="submit" value="Change Name" />
 </form>';
}
}

// Display Picture Change Function.
function DPChange() {
global $ir, $db;
$Pic = $db->query(sprintf("SELECT `display_pic` FROM `users` WHERE `userid`='%d'", $ir['userid']));
if (isset($_POST['NewPic'])) {
 if ($_POST['NewPic'] == '') { 
  echo 'You Did Not Enter An Image';
 } else {
  if(!preg_match('~(.?).(jpg|jpeg|gif|png)~i', $_POST['NewPic'])) {
print "Ip Logged";
  } else {
$_POST['NewPic'] = str_replace(array("<", ">", "'", ";", ".php", ".html", ".js"), array("", "", "", "", "", "", ""), $_POST['NewPic']);
$db->query(sprintf("UPDATE `users` SET `display_pic`='%s' WHERE `userid`='%d'", $_POST['NewPic'], $ir['userid']));
echo 'Picture Changed';
  }
 }
} else {
 echo '<h3>Pic Change</h3>
 Please note that this must be externally hosted, [url="http://imageshack.us"]ImageShack[/url] is our recommendation.

 <form action="preferences.php?act=DPChange" method="post">';
  echo sprintf("New Pic: <input type='text' name='NewPic' value='%s' />
", $Pic['display_pic']);
  echo '
  <input type="submit" value="Change Picture" />
 </form>';
}
}
//Do race change.
function race_change()
{
global $ir,$c,$userid,$h;
if(isset($_POST['race']))
{
$db->query("UPDATE users SET race= '".mysql_real_escape_string($_POST['race'])."' WHERE userid=$userid");
echo ('You Have Changed your Race Type!
[url='preferences.php']Back[/url]');

exit($h->endpage());
}

print "<center><hr width='20%'>Race Change<hr width='20%'>

<form action='preferences.php?action=racechange2' method='post'>
<select class=textbox name='race'>
<option value='Wizard'>Wizard</option>
<option value='Ware Wolf'>Ware Wolf</option>
<option value='Vampire'>Vampire</option>
<option value='Yeti'>Yeti</option>
<option value='Elf'>Elf</option>
<option value='Zombie'>Zombie</option>
<option value='Beast'>Beast</option>
<option value='Dwarf'>Dwarf</option>
<option value='Gangsta'>Gangsta</option>
<option value='Criminal'>Criminal</option>
<option value='Pimp'>Pimp</option>
<option value='Member'>Member</option>
<option value='God'>God</option>
<option value='Pilot'>Pilot</option>
<option value='Boxer'>Boxer</option>
<option value='Chief'>Chief</option>
<option value='Cop'>Cop</option>
<option value='Creature'>Creature</option>
<option value='Seller'>Seller</option>
<option value='Buyer'>Buyer</option>
<option value='Goth'>Goth</option>
<option value='Thief'>Thief</option>
<option value='Hacker'>Hacker</option>
<option value='Skeleton'>Skeleton</option>
<option value='Demon'>Demon</option>
<option value='Goblin'>Goblin</option>
<option value='Unknown' SELECTED>Unknown</option>
</Select>
<input class='textbox' type='submit' value='Change Race' />
</form>";
}

// Forum Info Change Function.
function ForumSig() {
global $ir, $db; 
if (isset($_POST['NewFSig'])) {
 $db->query(sprintf("UPDATE `users` SET `forums_avatar`='%s', `forums_signature`='%s' WHERE `userid`='%d'", NoXSS($_POST['FPic']), NoXSS($_POST['NewFSig']), $ir['userid']));
 echo 'Forum Info Updated';
} else {
 echo '<h3>Forum Info Change</h3>
 Please note that the avatar must be externally hosted, [url="http://imageshack.us"]ImageShack[/url] is our recommendation.

 <form action="preferences.php?act=ForumSig" method="post">';
  echo sprintf("Avatar: <input type='text' name='NewFPic' value='%s' />
", $ir['forums_avatar']);
  echo sprintf("Signature (you may use BBcode): <textarea rows='10' cols='50' name='NewFSig'>%s</textarea>
", $ir['forums_signature']);
  echo '<input type="submit" value="Change Info" />
 </form>';
}
}

$h->endpage();
?>
Link to comment
Share on other sites
Diesl Newbie

Diesl

Posted
Posted

look at where your colours change.

Line 175: 

$_POST['newpic']=str_replace('\\\'',''', $_POST['newpic']);

 

you have 3 single quotes on the 2nd parameter. It should be just 2:

$_POST['newpic']=str_replace('\\\'',' ', $_POST['newpic']);

 

Or you can escape the middle one.

Link to comment
Share on other sites
Diesl Newbie

Diesl

Posted
Posted
Thats not even in the script

You edited your post while I was typing.

But again, you have the same problem.

On line 34, you are ending your echo with a double quote, but starting it with a single quote. Because of that, you are screwing up your next 2 functions. Make sure to look at where the colours change.

change line 34 to this:

Race Change

';

Link to comment
Share on other sites
rulerofzu Newbie

rulerofzu

Posted
Posted

You was just told how you are creating errors

On line 34, you are ending your echo with a double quote, but starting it with a single quote. Because of that, you are screwing up your next 2 functions. Make sure to look at where the colours change.

change line 34 to this:

Race Change

';

 

Now go look at your next error and see your mistake!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...