VegasKiller Posted January 31, 2013 Share Posted January 31, 2013 Hello, When I put in a comma ' into my issue content, It kills the script. I was wondering if anyone could help me? <? Class NewspaperCP { var $player; var $newspaper; function NewspaperCP($player, $newspaper) { $this->player = $player; $this->newspaper = $newspaper; } function Menu() { echo "<br>"; if($this->IsOwner()) { echo "<center><b><u>Owner Menu</u></b></center><br><br>"; echo "<a href='driver.php?x=newspaper_admin&action=issue&cid=".$this->newspaper->id."'>Create an issue</a><br>"; echo "<a href='driver.php?x=newspaper_admin&action=set_staff&cid=".$this->newspaper->id."'>Set co-owner and reporters</a><br>"; echo "<a href='driver.php?x=newspaper_admin&action=set_ads_price&cid=".$this->newspaper->id."'>Set the price for advertisement</a><br>"; echo "<a href='driver.php?x=newspaper_admin&action=view_articles&cid=".$this->newspaper->id."'>View the articles submitted by the reporters</a><br>"; } elseif($this->IsCoOwner()) { echo "<center><b><u>Co-Owner Menu</u></b></center><br><br>"; echo "<a href='driver.php?x=newspaper_admin&action=issue&cid=".$this->newspaper->id."'>Create an issue</a><br>"; echo "<a href='driver.php?x=newspaper_admin&action=view_articles&cid=".$this->newspaper->id."'>View the articles submitted by the reporters</a><br>"; } elseif($this->IsReporter()) { echo "<center><b><u>Reporter Menu</u></b></center><br><br>"; echo "<a href='driver.php?x=newspaper_admin&action=submit_article&cid=".$this->newspaper->id."'>Submit an article</a><br>"; } else { echo"<center><table width=90%><tr><td><font color=red><b>Error | You Are Not Allowed In This Area.</b></font><br /></td></tr></table></center>"; } } function WriteIssue() { if(!$this->IsOwner() && !$this->IsCoOwner()) { echo"<center><table width=90%><tr><td><font color=red><b>Error | You Are Not Allowed In This Area.</b></font><br /></td></tr></table></center>"; } else { if(!isset($_POST['submit'])) { echo "<center><b><u>Write an issue</u></b></center><br><br>"; echo "<b><u>Information</u></b><br>"; echo "To write a title artice, write the following: [title]Write your title here[/title]<br><br>"; echo "<form action='driver.php?x=newspaper_admin&action=issue&cid=".$this->newspaper->id."' method='post'>"; echo "Write your issue:<br>"; echo "<textarea name='article' cols=80 rows=40></textarea>"; echo "<br>"; echo "<input type='submit' name='submit' value='Publish!'>"; echo "</form>"; } else { if($_POST['article'] == '') echo"<center><table width=90%><tr><td><font color=red><b>Error | You Did Not Submit The Article.</b></font><br /></td></tr></table></center>"; else { $_POST['article']=stripper($_POST['article']); mysql_query("INSERT INTO newspaper_issues(company_id, timestamp, content) VALUES(".$this->newspaper->id.", ".time().", '".$_POST['article']."')") or die(mysql_error()); echo"<center><table width=90%><tr><td><font color=blue><b>Ciao | You Have Successfully Published Your Issue. You Can View It By Clicking <a href='driver.php?x=newspaper_company&cid=".$this->newspaper->id."'>Here</a>.</b></font><br /></td></tr></table></center>"; } } } } function SetStaff() { if(!$this->IsOwner()) { echo "Haxxxxxxxxorrrrrrrrr!"; } else { if(!isset($_POST['submit'])) { echo "<center><b><u>Set Staff Members</u></b></center><br><br>"; echo "<form action='driver.php?x=newspaper_admin&action=set_staff&cid=".$this->newspaper->id."' method='post'>"; echo "Co-owner: "; echo "<input type='text' name='coowner' value='".$this->newspaper->coowner."'><br>"; echo "Reporter #1: "; echo "<input type='text' name='reporter1' value='".$this->newspaper->reporter1."'<br>"; echo "Reporter #2: "; echo "<input type='text' name='reporter2' value='".$this->newspaper->reporter2."'<br>"; echo "Reporter #3: "; echo "<input type='text' name='reporter3' value='".$this->newspaper->reporter3."'<br>"; echo "<input type='submit' name='submit' value='Update!'>"; echo "</form>"; } else { mysql_query("UPDATE newspaper_company SET coowner='".$_POST['coowner']."', reporter1='".$_POST['reporter1']."', reporter2='".$_POST['reporter2']."', reporter3='".$_POST['reporter3']."' WHERE id='".$this->newspaper->id."'") or die(mysql_error()); echo"<center><table width=90%><tr><td><font color=blue><b>Ciao | Successfully Updated.</b></font><br /></td></tr></table></center>"; } } } function SetAdPrice() { if(!$this->IsOwner()) { echo"<center><table width=90%><tr><td><font color=red><b>Error | You Are Not Allowed In This Area.</b></font><br /></td></tr></table></center>"; } else { if(!isset($_POST['submit'])) { echo "<center><b><u>Set Price For Advertisement</u></b></center><br><br>"; echo "<form action='driver.php?x=newspaper_admin&action=set_ads_price&cid=".$this->newspaper->id."' method='post'>"; echo "Price: "; echo "<input type='text' name='amount' value='".$this->newspaper->ad_price."'><br>"; echo "<input type='submit' name='submit' value='Update!'>"; echo "</form>"; } else { $remove_these = array("<", ">", "+","=" ,"-", "--","*"); $amount = str_replace($remove_these, "", $_POST['amount']); if(!is_numeric($_POST['amount'])) echo"<center><table width=90%><tr><td><font color=red><b>Error | Please Put In A Number.</b></font><br /></td></tr></table></center>"; else { $sql = "UPDATE newspaper_company SET ad_price='".$amount."' WHERE id='".$this->newspaper->id."'"; mysql_query($sql) or die(mysql_error()); } } } } function SubmitArticle() { if(!$this->IsReporter()) echo"<center><table width=90%><tr><td><font color=red><b>Error | You Are Not Allowed In This Area.</b></font><br /></td></tr></table></center>"; else { if(!isset($_POST['submit'])) { echo "<center><b><u>Submit an article to the owner</u></b></center><br><br>"; echo "<b><u>Information</u></b><br>"; echo "To write a title artice, write the following: [title]Write your title here[/title]<br><br>"; echo "<form action='driver.php?x=newspaper_admin&action=submit_article&cid=".$this->newspaper->id."' method='post'>"; echo "Write your issue:<br>"; echo "<textarea name='article' cols=80 rows=40></textarea>"; echo "<br>"; echo "<input type='submit' name='submit' value='Send!'>"; echo "</form>"; } else { if($_POST['article'] == '') echo"<center><table width=90%><tr><td><font color=red><b>Error | You Did Not Write An Article.</b></font><br /></td></tr></table></center>"; else { $_POST['article']=stripper($_POST['article']); mysql_query("INSERT INTO newspaper_articles(author, content, company_id, timestamp) VALUES('".$this->player->nickname."', '".$_POST['article']."', ".$this->newspaper->id.", ".time().")") or die(mysql_error()); echo"<center><table width=90%><tr><td><font color=blue><b>Ciao | You Have Successfully Submitted.</b></font><br /></td></tr></table></center>"; } } } } function ViewArticles() { if(!$this->IsCoOwner() && !$this->IsOwner()) echo"<center><table width=90%><tr><td><font color=red><b>Error | You Are Not Allowed In This Area.</b></font><br /></td></tr></table></center>"; else { if(isset($_GET['delete'])) { $art = mysql_query("SELECT * FROM newspaper_articles WHERE id=".$_GET['delete']); $num = mysql_num_rows($art); if($num != 0) { $art = mysql_fetch_object($art); if($art->company_id == $this->newspaper->id) { mysql_query("DELETE FROM newspaper_articles WHERE id=".$_GET['delete']); } } } echo "<center><b><u>Viewing articles submitted by reporters.</u></b></center><br><br>"; $articles = mysql_query("SELECT * FROM newspaper_articles WHERE company_id=".$this->newspaper->id." ORDER BY timestamp DESC"); $num = mysql_num_rows($articles); if($num == 0) echo"<center><table width=90%><tr><td><font color=red><b>Error | No ARticles Have Been Submitted.</b></font><br /></td></tr></table></center>"; else { for($i=0;$i<$num;$i++) { $article = mysql_fetch_object($articles); echo "Article submitted by: ".$article->author." [<a href='driver.php?x=newspaper_admin&action=view_articles&delete=".$article->id."&cid=".$this->newspaper->id."'>DELETE</a>]<br><br>"; echo nl2br($article->content); echo "<br><br>"; } } } } function ViewIssue($id) { /*****SETTINGS*****/ $titlestart = "<font color=#000000'><b>"; $titleend = "</b></font>"; /******************/ $issue = mysql_query("SELECT * FROM newspaper_issues WHERE id=".$id); if(mysql_num_rows($issue) == 0) { echo"<center><table width=90%><tr><td><font color=red><b>Error | This Issue Does Not Exist.</b></font><br /></td></tr></table></center>"; } else { $issue = mysql_fetch_object($issue); $article = nl2br($issue->content); $article = str_replace("[title]", $titlestart, $article); $article = str_replace("[/title]", $titleend, $article); $ad1 = nl2br($issue->ad1); $ad2 = nl2br($issue->ad2); $company = mysql_fetch_object(mysql_query("SELECT * FROM newspaper_company WHERE id=".$issue->company_id)); if($ad1 == "") $ad1 = "<a href='driver.php?x=newspaper_place_ad&iid=".$issue->id."&spot=1'><font color=#000000>Place your ad here!<br> Only for $".number_format($company->ad_price)."!</font></a>"; if($ad2 == "") $ad2 = "<a href='driver.php?x=newspaper_place_ad&iid=".$issue->id."&spot=2'><font color=#000000>Place your ad here!<br> Only for $".number_format($company->ad_price)."!</font></a>"; echo "<center><a href='driver.php?x=newspaper_company&cid=".$company->id."'><b><< Return to Archives</b></a></center><br><br> <table align=center background=images/game/newspaper_body.jpg cellspacing=0 cellpadding=0 width=449> <tr> <td><table width=100% height=72 background=images/game/newspaper_header.jpg><tr><td><center><b><font face=verdana size=5 color=#000000>".$company->name."</font></b></center></td></tr></table></td> </tr> <tr> <td align=center><table width=100% height=21 background=images/game/newspaper_issuediv.jpg><tr><td><center><font color=#000000><b>Released on ".date("D j \of M", $issue->timestamp)."</b></font></center></td></tr></table></td> </tr> <tr> <td> <table width=100% cellpadding=6> <tr> <td> <font color=#000000> <font size=1>".$article."<br> </font> </td> </tr> </table> </tr> <tr> <td> <table width=100% background=images/newspaper_footer.jpg height=63> <tr> <td width=50%><font color=#000000>$ad1</font></td> <td width=50%><font color=#000000>$ad2</font></td> </tr> </table> </td> </tr> </table><Br><br> "; //comments echo "<font size=3 color=#FFFFFF><center><b>Comments</b></font><br><font size=1>(to add a comment scroll down)</font></center><br>"; $comments = mysql_query("SELECT * FROM newspaper_comments WHERE issue_id=".$issue->id." ORDER BY timestamp ASC"); $num = mysql_num_rows($comments); if($num == 0) { echo "<center><b>*No comments have been posted yet*</b></center>"; } else { echo "<center>"; for($i=0;$i<$num;$i++) { $comment = mysql_fetch_object($comments); echo " <table bgcolor=#333333 width=400> <tr bgcolor=#000000> <td align=center colspan=2><font face=tahoma size=1 color=red><b>Posted by ".$comment->author." on ".date("D j \of M \a\t G:i:s", $comment->timestamp)."</b></font></td> </tr> <tr> <td>".nl2br($comment->comment)."</td> </tr> </table><br> "; if($this->player->nickname == $company->owner || $this->player->nickname == $company->coowner) { echo "<font color=red><a href='driver.php?x=newspaper_view_issue&iid=".$issue->id."&delete=".$comment->id."'>Delete</a></font><br>"; } echo "<br>"; } echo "</center>"; } echo "<center>"; echo "<form action='driver.php?x=newspaper_view_issue&iid=".$issue->id."' method='post'>"; echo "<b><u>Post A Comment</u></b><br>"; echo "<textarea name='comment' cols=30 rows=8></textarea><br>"; echo "<input type='submit' name='submit' value='Post it!'>"; echo "</form>"; echo "</center>"; } } function DeleteComment($cid) { $iid = mysql_result(mysql_query("SELECT issue_id FROM newspaper_comments WHERE id=$cid"),0); $coid = mysql_result(mysql_query("SELECT company_id FROM newspaper_issues WHERE id=$iid"),0); $company = mysql_Fetch_object(mysql_query("SELECT * FROM newspaper_company WHERE id=$coid")); if($this->player->nickname != $company->owner && $this->player->nickname != $company->coowner) echo"<center><table width=90%><tr><td><font color=red><b>Error | You Are Not Allowed In This Area.</b></font><br /></td></tr></table></center>"; else { mysql_query("DELETE FROM newspaper_comments WHERE id=$cid"); echo"<center><table width=90%><tr><td><font color=blue><b>Ciao | Comment Deleted.</b></font><br /></td></tr></table></center>"; } } function PostComment($iid) { if($_POST['comment'] == "") { echo"<center><table width=90%><tr><td><font color=red><b>Error | You Did Not Post A Comment.</b></font><br /></td></tr></table></center>"; } else { $_POST['comment']=stripper($_POST['comment']); mysql_query("INSERT INTO newspaper_comments(issue_id, author, comment, timestamp) VALUES ($iid, '".$this->player->nickname."', '".$_POST['comment']."', ".time().")"); echo "Comment posted!"; } } function PlaceAd($issueid, $placeid) { echo "<center><b><u>Place an advertisement</u></b></center><br><br>"; $issue = mysql_fetch_object(mysql_query("SELECT * FROM newspaper_issues WHERE id=$issueid")); if($issue->ad{$placeid} != "") echo"<center><table width=90%><tr><td><font color=red><b>Error | Someone Has Already Has Taken This Ad Spot.</b></font><br /></td></tr></table></center>"; else { $company = mysql_fetch_object(mysql_query("SELECT * FROM newspaper_company WHERE id=".$issue->company_id)); if($this->player->cash < $company->ad_price) echo"<center><table width=90%><tr><td><font color=red><b>Error | You Do Not Have Enough Money To Place An Advertisement Here As It Costs $".number_format($company->ad_price).".</b></font><br /></td></tr></table></center>"; else { if(!isset($_POST['submit'])) { echo "<form action='driver.php?x=newspaper_place_ad&iid=".$issueid."&spot=".$placeid."' method='post'>"; echo "<b>Note that if you place something inappropriate, the admins will take actions. Use your common sense.<br></b>"; echo "Please write your advertisement:<br>"; echo "<textarea name='ad' cols=80 rows=40></textarea>"; echo "<br>"; echo "<input type='submit' name='submit' value='Post it!'>"; echo "</form>"; } else { if(!isset($_POST['ad'])) echo "You didnt write anything!"; else { $ad = "".$_POST['ad']."<br><br>Advertiser: ".$this->player->nickname.""; mysql_query("UPDATE newspaper_issues SET `ad".$placeid."` = '".$ad."' WHERE id=".$issueid) or die(mysql_error()); mysql_query("UPDATE user_characters SET cash=cash-".$company->ad_price." WHERE nickname='".$this->player->nickname."'"); mysql_query("UPDATE user_characters SET cash=cash+".$company->ad_price." WHERE nickname='".$company->owner."'"); echo"<center><table width=90%><tr><td><font color=blue><b>Ciao | You Have Successfully Placed An Advertisement.</b></font><br /></td></tr></table></center>"; } } } } } function ViewCompany($id) { $company = mysql_fetch_object(mysql_query("SELECT * FROM newspaper_company WHERE id=$id")); echo "<center><b><u>Viewing ".$company->name."'s archives</u></b></center><br><br>"; $issues = mysql_query("SELECT * FROM newspaper_issues WHERE company_id=$id ORDER BY `timestamp` DESC"); $num = mysql_num_rows($issues); if($num == 0) echo"<center><table width=90%><tr><td><font color=red><b>Error | This Newspaper Has Not Published An Issue Yet.</b></font><br /></td></tr></table></center>"; else { echo " <table align=center bgcolor=#333333 cellpadding=4 width=300> <tr bgcolor=#000000 valign=top> <td align=center><font face=tahoma size=1 color=red><b>Issue #</b></font></td> <td align=center><font face=tahoma size=1 color=red><b>Published On</b></font></td> <td></td> </tr>"; for($i=0;$i<$num;$i++) { if ($i % 2 == 0) { $rowcolor="#444444"; } else { $rowcolor="#333333"; } $issue = mysql_fetch_object($issues); $issuenum = $i+1; echo " <tr bgcolor=$rowcolor> <td>".$issuenum."</td> <td>".date("D j \of M", $issue->timestamp)."</td> <td><a href='driver.php?x=newspaper_view_issue&iid=".$issue->id."'><b>Read</b></a></td> </tr>"; } echo "</table>"; echo "<br><br>"; echo "<center><b><a href='driver.php?x=newspaper'><< BACK</a></b></center>"; } } function IsOwner() { return $this->newspaper->owner == $this->player->nickname; } function IsCoOwner() { return $this->newspaper->coowner == $this->player->nickname; } function IsReporter() { return ($this->newspaper->reporter1 == $this->player->nickname) || ($this->newspaper->reporter2 == $this->player->nickname) || ($this->newspaper->reporter3 == $this->player->nickname); } function LastIssue() { $info = mysql_fetch_object(mysql_query("SELECT timestamp FROM newspaper_issues WHERE company_id=".$this->newspaper->id." ORDER BY timestamp DESC")); return $info->timestamp; } } ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.