VegasKiller Posted January 31, 2013 Posted January 31, 2013 Hello, When I put in a comma ' into my issue content, It kills the script. I was wondering if anyone could help me? <? Class NewspaperCP { var $player; var $newspaper; function NewspaperCP($player, $newspaper) { $this->player = $player; $this->newspaper = $newspaper; } function Menu() { echo "<br>"; if($this->IsOwner()) { echo "<center><b><u>Owner Menu</u></b></center><br><br>"; echo "<a href='driver.php?x=newspaper_admin&action=issue&cid=".$this->newspaper->id."'>Create an issue</a><br>"; echo "<a href='driver.php?x=newspaper_admin&action=set_staff&cid=".$this->newspaper->id."'>Set co-owner and reporters</a><br>"; echo "<a href='driver.php?x=newspaper_admin&action=set_ads_price&cid=".$this->newspaper->id."'>Set the price for advertisement</a><br>"; echo "<a href='driver.php?x=newspaper_admin&action=view_articles&cid=".$this->newspaper->id."'>View the articles submitted by the reporters</a><br>"; } elseif($this->IsCoOwner()) { echo "<center><b><u>Co-Owner Menu</u></b></center><br><br>"; echo "<a href='driver.php?x=newspaper_admin&action=issue&cid=".$this->newspaper->id."'>Create an issue</a><br>"; echo "<a href='driver.php?x=newspaper_admin&action=view_articles&cid=".$this->newspaper->id."'>View the articles submitted by the reporters</a><br>"; } elseif($this->IsReporter()) { echo "<center><b><u>Reporter Menu</u></b></center><br><br>"; echo "<a href='driver.php?x=newspaper_admin&action=submit_article&cid=".$this->newspaper->id."'>Submit an article</a><br>"; } else { echo"<center><table width=90%><tr><td><font color=red><b>Error | You Are Not Allowed In This Area.</b></font><br /></td></tr></table></center>"; } } function WriteIssue() { if(!$this->IsOwner() && !$this->IsCoOwner()) { echo"<center><table width=90%><tr><td><font color=red><b>Error | You Are Not Allowed In This Area.</b></font><br /></td></tr></table></center>"; } else { if(!isset($_POST['submit'])) { echo "<center><b><u>Write an issue</u></b></center><br><br>"; echo "<b><u>Information</u></b><br>"; echo "To write a title artice, write the following: [title]Write your title here[/title]<br><br>"; echo "<form action='driver.php?x=newspaper_admin&action=issue&cid=".$this->newspaper->id."' method='post'>"; echo "Write your issue:<br>"; echo "<textarea name='article' cols=80 rows=40></textarea>"; echo "<br>"; echo "<input type='submit' name='submit' value='Publish!'>"; echo "</form>"; } else { if($_POST['article'] == '') echo"<center><table width=90%><tr><td><font color=red><b>Error | You Did Not Submit The Article.</b></font><br /></td></tr></table></center>"; else { $_POST['article']=stripper($_POST['article']); mysql_query("INSERT INTO newspaper_issues(company_id, timestamp, content) VALUES(".$this->newspaper->id.", ".time().", '".$_POST['article']."')") or die(mysql_error()); echo"<center><table width=90%><tr><td><font color=blue><b>Ciao | You Have Successfully Published Your Issue. You Can View It By Clicking <a href='driver.php?x=newspaper_company&cid=".$this->newspaper->id."'>Here</a>.</b></font><br /></td></tr></table></center>"; } } } } function SetStaff() { if(!$this->IsOwner()) { echo "Haxxxxxxxxorrrrrrrrr!"; } else { if(!isset($_POST['submit'])) { echo "<center><b><u>Set Staff Members</u></b></center><br><br>"; echo "<form action='driver.php?x=newspaper_admin&action=set_staff&cid=".$this->newspaper->id."' method='post'>"; echo "Co-owner: "; echo "<input type='text' name='coowner' value='".$this->newspaper->coowner."'><br>"; echo "Reporter #1: "; echo "<input type='text' name='reporter1' value='".$this->newspaper->reporter1."'<br>"; echo "Reporter #2: "; echo "<input type='text' name='reporter2' value='".$this->newspaper->reporter2."'<br>"; echo "Reporter #3: "; echo "<input type='text' name='reporter3' value='".$this->newspaper->reporter3."'<br>"; echo "<input type='submit' name='submit' value='Update!'>"; echo "</form>"; } else { mysql_query("UPDATE newspaper_company SET coowner='".$_POST['coowner']."', reporter1='".$_POST['reporter1']."', reporter2='".$_POST['reporter2']."', reporter3='".$_POST['reporter3']."' WHERE id='".$this->newspaper->id."'") or die(mysql_error()); echo"<center><table width=90%><tr><td><font color=blue><b>Ciao | Successfully Updated.</b></font><br /></td></tr></table></center>"; } } } function SetAdPrice() { if(!$this->IsOwner()) { echo"<center><table width=90%><tr><td><font color=red><b>Error | You Are Not Allowed In This Area.</b></font><br /></td></tr></table></center>"; } else { if(!isset($_POST['submit'])) { echo "<center><b><u>Set Price For Advertisement</u></b></center><br><br>"; echo "<form action='driver.php?x=newspaper_admin&action=set_ads_price&cid=".$this->newspaper->id."' method='post'>"; echo "Price: "; echo "<input type='text' name='amount' value='".$this->newspaper->ad_price."'><br>"; echo "<input type='submit' name='submit' value='Update!'>"; echo "</form>"; } else { $remove_these = array("<", ">", "+","=" ,"-", "--","*"); $amount = str_replace($remove_these, "", $_POST['amount']); if(!is_numeric($_POST['amount'])) echo"<center><table width=90%><tr><td><font color=red><b>Error | Please Put In A Number.</b></font><br /></td></tr></table></center>"; else { $sql = "UPDATE newspaper_company SET ad_price='".$amount."' WHERE id='".$this->newspaper->id."'"; mysql_query($sql) or die(mysql_error()); } } } } function SubmitArticle() { if(!$this->IsReporter()) echo"<center><table width=90%><tr><td><font color=red><b>Error | You Are Not Allowed In This Area.</b></font><br /></td></tr></table></center>"; else { if(!isset($_POST['submit'])) { echo "<center><b><u>Submit an article to the owner</u></b></center><br><br>"; echo "<b><u>Information</u></b><br>"; echo "To write a title artice, write the following: [title]Write your title here[/title]<br><br>"; echo "<form action='driver.php?x=newspaper_admin&action=submit_article&cid=".$this->newspaper->id."' method='post'>"; echo "Write your issue:<br>"; echo "<textarea name='article' cols=80 rows=40></textarea>"; echo "<br>"; echo "<input type='submit' name='submit' value='Send!'>"; echo "</form>"; } else { if($_POST['article'] == '') echo"<center><table width=90%><tr><td><font color=red><b>Error | You Did Not Write An Article.</b></font><br /></td></tr></table></center>"; else { $_POST['article']=stripper($_POST['article']); mysql_query("INSERT INTO newspaper_articles(author, content, company_id, timestamp) VALUES('".$this->player->nickname."', '".$_POST['article']."', ".$this->newspaper->id.", ".time().")") or die(mysql_error()); echo"<center><table width=90%><tr><td><font color=blue><b>Ciao | You Have Successfully Submitted.</b></font><br /></td></tr></table></center>"; } } } } function ViewArticles() { if(!$this->IsCoOwner() && !$this->IsOwner()) echo"<center><table width=90%><tr><td><font color=red><b>Error | You Are Not Allowed In This Area.</b></font><br /></td></tr></table></center>"; else { if(isset($_GET['delete'])) { $art = mysql_query("SELECT * FROM newspaper_articles WHERE id=".$_GET['delete']); $num = mysql_num_rows($art); if($num != 0) { $art = mysql_fetch_object($art); if($art->company_id == $this->newspaper->id) { mysql_query("DELETE FROM newspaper_articles WHERE id=".$_GET['delete']); } } } echo "<center><b><u>Viewing articles submitted by reporters.</u></b></center><br><br>"; $articles = mysql_query("SELECT * FROM newspaper_articles WHERE company_id=".$this->newspaper->id." ORDER BY timestamp DESC"); $num = mysql_num_rows($articles); if($num == 0) echo"<center><table width=90%><tr><td><font color=red><b>Error | No ARticles Have Been Submitted.</b></font><br /></td></tr></table></center>"; else { for($i=0;$i<$num;$i++) { $article = mysql_fetch_object($articles); echo "Article submitted by: ".$article->author." [<a href='driver.php?x=newspaper_admin&action=view_articles&delete=".$article->id."&cid=".$this->newspaper->id."'>DELETE</a>]<br><br>"; echo nl2br($article->content); echo "<br><br>"; } } } } function ViewIssue($id) { /*****SETTINGS*****/ $titlestart = "<font color=#000000'><b>"; $titleend = "</b></font>"; /******************/ $issue = mysql_query("SELECT * FROM newspaper_issues WHERE id=".$id); if(mysql_num_rows($issue) == 0) { echo"<center><table width=90%><tr><td><font color=red><b>Error | This Issue Does Not Exist.</b></font><br /></td></tr></table></center>"; } else { $issue = mysql_fetch_object($issue); $article = nl2br($issue->content); $article = str_replace("[title]", $titlestart, $article); $article = str_replace("[/title]", $titleend, $article); $ad1 = nl2br($issue->ad1); $ad2 = nl2br($issue->ad2); $company = mysql_fetch_object(mysql_query("SELECT * FROM newspaper_company WHERE id=".$issue->company_id)); if($ad1 == "") $ad1 = "<a href='driver.php?x=newspaper_place_ad&iid=".$issue->id."&spot=1'><font color=#000000>Place your ad here!<br> Only for $".number_format($company->ad_price)."!</font></a>"; if($ad2 == "") $ad2 = "<a href='driver.php?x=newspaper_place_ad&iid=".$issue->id."&spot=2'><font color=#000000>Place your ad here!<br> Only for $".number_format($company->ad_price)."!</font></a>"; echo "<center><a href='driver.php?x=newspaper_company&cid=".$company->id."'><b><< Return to Archives</b></a></center><br><br> <table align=center background=images/game/newspaper_body.jpg cellspacing=0 cellpadding=0 width=449> <tr> <td><table width=100% height=72 background=images/game/newspaper_header.jpg><tr><td><center><b><font face=verdana size=5 color=#000000>".$company->name."</font></b></center></td></tr></table></td> </tr> <tr> <td align=center><table width=100% height=21 background=images/game/newspaper_issuediv.jpg><tr><td><center><font color=#000000><b>Released on ".date("D j \of M", $issue->timestamp)."</b></font></center></td></tr></table></td> </tr> <tr> <td> <table width=100% cellpadding=6> <tr> <td> <font color=#000000> <font size=1>".$article."<br> </font> </td> </tr> </table> </tr> <tr> <td> <table width=100% background=images/newspaper_footer.jpg height=63> <tr> <td width=50%><font color=#000000>$ad1</font></td> <td width=50%><font color=#000000>$ad2</font></td> </tr> </table> </td> </tr> </table><Br><br> "; //comments echo "<font size=3 color=#FFFFFF><center><b>Comments</b></font><br><font size=1>(to add a comment scroll down)</font></center><br>"; $comments = mysql_query("SELECT * FROM newspaper_comments WHERE issue_id=".$issue->id." ORDER BY timestamp ASC"); $num = mysql_num_rows($comments); if($num == 0) { echo "<center><b>*No comments have been posted yet*</b></center>"; } else { echo "<center>"; for($i=0;$i<$num;$i++) { $comment = mysql_fetch_object($comments); echo " <table bgcolor=#333333 width=400> <tr bgcolor=#000000> <td align=center colspan=2><font face=tahoma size=1 color=red><b>Posted by ".$comment->author." on ".date("D j \of M \a\t G:i:s", $comment->timestamp)."</b></font></td> </tr> <tr> <td>".nl2br($comment->comment)."</td> </tr> </table><br> "; if($this->player->nickname == $company->owner || $this->player->nickname == $company->coowner) { echo "<font color=red><a href='driver.php?x=newspaper_view_issue&iid=".$issue->id."&delete=".$comment->id."'>Delete</a></font><br>"; } echo "<br>"; } echo "</center>"; } echo "<center>"; echo "<form action='driver.php?x=newspaper_view_issue&iid=".$issue->id."' method='post'>"; echo "<b><u>Post A Comment</u></b><br>"; echo "<textarea name='comment' cols=30 rows=8></textarea><br>"; echo "<input type='submit' name='submit' value='Post it!'>"; echo "</form>"; echo "</center>"; } } function DeleteComment($cid) { $iid = mysql_result(mysql_query("SELECT issue_id FROM newspaper_comments WHERE id=$cid"),0); $coid = mysql_result(mysql_query("SELECT company_id FROM newspaper_issues WHERE id=$iid"),0); $company = mysql_Fetch_object(mysql_query("SELECT * FROM newspaper_company WHERE id=$coid")); if($this->player->nickname != $company->owner && $this->player->nickname != $company->coowner) echo"<center><table width=90%><tr><td><font color=red><b>Error | You Are Not Allowed In This Area.</b></font><br /></td></tr></table></center>"; else { mysql_query("DELETE FROM newspaper_comments WHERE id=$cid"); echo"<center><table width=90%><tr><td><font color=blue><b>Ciao | Comment Deleted.</b></font><br /></td></tr></table></center>"; } } function PostComment($iid) { if($_POST['comment'] == "") { echo"<center><table width=90%><tr><td><font color=red><b>Error | You Did Not Post A Comment.</b></font><br /></td></tr></table></center>"; } else { $_POST['comment']=stripper($_POST['comment']); mysql_query("INSERT INTO newspaper_comments(issue_id, author, comment, timestamp) VALUES ($iid, '".$this->player->nickname."', '".$_POST['comment']."', ".time().")"); echo "Comment posted!"; } } function PlaceAd($issueid, $placeid) { echo "<center><b><u>Place an advertisement</u></b></center><br><br>"; $issue = mysql_fetch_object(mysql_query("SELECT * FROM newspaper_issues WHERE id=$issueid")); if($issue->ad{$placeid} != "") echo"<center><table width=90%><tr><td><font color=red><b>Error | Someone Has Already Has Taken This Ad Spot.</b></font><br /></td></tr></table></center>"; else { $company = mysql_fetch_object(mysql_query("SELECT * FROM newspaper_company WHERE id=".$issue->company_id)); if($this->player->cash < $company->ad_price) echo"<center><table width=90%><tr><td><font color=red><b>Error | You Do Not Have Enough Money To Place An Advertisement Here As It Costs $".number_format($company->ad_price).".</b></font><br /></td></tr></table></center>"; else { if(!isset($_POST['submit'])) { echo "<form action='driver.php?x=newspaper_place_ad&iid=".$issueid."&spot=".$placeid."' method='post'>"; echo "<b>Note that if you place something inappropriate, the admins will take actions. Use your common sense.<br></b>"; echo "Please write your advertisement:<br>"; echo "<textarea name='ad' cols=80 rows=40></textarea>"; echo "<br>"; echo "<input type='submit' name='submit' value='Post it!'>"; echo "</form>"; } else { if(!isset($_POST['ad'])) echo "You didnt write anything!"; else { $ad = "".$_POST['ad']."<br><br>Advertiser: ".$this->player->nickname.""; mysql_query("UPDATE newspaper_issues SET `ad".$placeid."` = '".$ad."' WHERE id=".$issueid) or die(mysql_error()); mysql_query("UPDATE user_characters SET cash=cash-".$company->ad_price." WHERE nickname='".$this->player->nickname."'"); mysql_query("UPDATE user_characters SET cash=cash+".$company->ad_price." WHERE nickname='".$company->owner."'"); echo"<center><table width=90%><tr><td><font color=blue><b>Ciao | You Have Successfully Placed An Advertisement.</b></font><br /></td></tr></table></center>"; } } } } } function ViewCompany($id) { $company = mysql_fetch_object(mysql_query("SELECT * FROM newspaper_company WHERE id=$id")); echo "<center><b><u>Viewing ".$company->name."'s archives</u></b></center><br><br>"; $issues = mysql_query("SELECT * FROM newspaper_issues WHERE company_id=$id ORDER BY `timestamp` DESC"); $num = mysql_num_rows($issues); if($num == 0) echo"<center><table width=90%><tr><td><font color=red><b>Error | This Newspaper Has Not Published An Issue Yet.</b></font><br /></td></tr></table></center>"; else { echo " <table align=center bgcolor=#333333 cellpadding=4 width=300> <tr bgcolor=#000000 valign=top> <td align=center><font face=tahoma size=1 color=red><b>Issue #</b></font></td> <td align=center><font face=tahoma size=1 color=red><b>Published On</b></font></td> <td></td> </tr>"; for($i=0;$i<$num;$i++) { if ($i % 2 == 0) { $rowcolor="#444444"; } else { $rowcolor="#333333"; } $issue = mysql_fetch_object($issues); $issuenum = $i+1; echo " <tr bgcolor=$rowcolor> <td>".$issuenum."</td> <td>".date("D j \of M", $issue->timestamp)."</td> <td><a href='driver.php?x=newspaper_view_issue&iid=".$issue->id."'><b>Read</b></a></td> </tr>"; } echo "</table>"; echo "<br><br>"; echo "<center><b><a href='driver.php?x=newspaper'><< BACK</a></b></center>"; } } function IsOwner() { return $this->newspaper->owner == $this->player->nickname; } function IsCoOwner() { return $this->newspaper->coowner == $this->player->nickname; } function IsReporter() { return ($this->newspaper->reporter1 == $this->player->nickname) || ($this->newspaper->reporter2 == $this->player->nickname) || ($this->newspaper->reporter3 == $this->player->nickname); } function LastIssue() { $info = mysql_fetch_object(mysql_query("SELECT timestamp FROM newspaper_issues WHERE company_id=".$this->newspaper->id." ORDER BY timestamp DESC")); return $info->timestamp; } } ?> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.