this is my jail.php page
$result = mysql_query("SELECT * FROM jail") or die("error jail323");
// keeps getting the next row until there are no more to get
while($row = mysql_fetch_array( $result )) {
$id = $row['id'];
$jailer = $row['username'];
$timeleft = $row['time'] - time();
$bustreward = $row['reward'];
if ($timeleft <0){mysql_query("DELETE FROM jail WHERE username='$jailer'");}
}// while loop
$select = mysql_query("SELECT * FROM jail WHERE username='$username'");
$num = mysql_num_rows($select);
if($num>="1"){
echo "You are in Jail!<br>";
}
?>
<?php
include"bb.php";
$deleteid=mysql_real_escape_string(strip_tags($_GET['deleteid']));
if($deleteid) {
if ($userlevel >= 4 or $stafflevel >= 4 or $entertainerlevel>=9)
{
$sql = "DELETE FROM jailforum WHERE id=$deleteid";
$result = mysql_query($sql);
echo "Selected comments have been deleted!";
}else{
echo "You are not allowed to do this actions!";
}//if not staff
}//if delete
if($_POST['modleave']) {
if ($userlevel >= 3 or $stafflevel >= 3 or $entertainerlevel>=9)
{
mysql_query("DELETE FROM jail WHERE username='$username'");
echo "*You left jail!";
}else{
echo "You are not allowed to do this actions!";
}//if not staff
}//if delete
if($_POST['clear']) {
if ($stafflevel >= 4 or $entertainerlevel >= 9 or $userlevel >= 4)
{
mysql_query("TRUNCATE TABLE jailforum");
echo "Cleared";
}else{
echo "You are not allowed to do this actions!";
}//if not staff
}//if delete
$muteid=mysql_real_escape_string(htmlentities($_GET['mute']));
if($muteid) {
if ($userlevel >= 4 or $stafflevel >= 4 or $entertainerlevel>=9)
{
mysql_query("UPDATE users SET mute='1' WHERE username='$muteid'");
echo "You Muted $muteid";
}else{
echo "You are not allowed to do this actions!";
}//if not staff
}//if mute
if($_POST['submit']&&$_POST['comment'])
{
if($mute==1){
echo "<font color=red>*You have been muted</font>";
}else{
if($locked==1){
echo "<font color=red>*This topic has been locked!</ont>";
}else{
$id=mysql_real_escape_string($_GET['topic']);
$comment1 = $_POST['comment'];
$comment2 = strip_tags($comment1);
$comment = mysql_real_escape_string($comment2);
mysql_query("INSERT INTO `jailforum` ( `id` , `username` , `content` )
VALUES (
'', '$username', '$comment')");
}//if locked
}//if muted
}//if submit
?>
<?php
if($_POST['bust']&&$_POST['bustid']){
$bustid = mysql_real_escape_string(htmlentities($_POST['bustid']));
$result = mysql_query("SELECT * FROM jail WHERE id='$bustid'") or die("error 707");
$num = mysql_num_rows($result);
// keeps getting the next row until there are no more to get
while($row = mysql_fetch_array( $result )) {
$id = $row['id'];
$jailer = $row['username'];
$timeleft = $row['time'] - time();
$reward = $row['reward'];
}//end loop
if($num <= "0"){
echo "This user is not in jail!";
}else{
if($jailer==$username){
echo "You can not bust yourself out of jail!";
}else{
$nums = mysql_num_rows(mysql_query("SELECT * FROM jail WHERE username='$username'"));
if ($nums == "1"){
echo "You can not bust someone when you are in jail";
}else{
if(rand(1,21)>=17){
mysql_query("UPDATE users SET conbust2='0' WHERE username='$username'");
?>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=topleft NOWRAP>
</td>
<td class=leftbar NOWRAP>
</td>
<td class=bar NOWRAP>
</td>
<td class=rightbar NOWRAP>
</td>
<td class=topright NOWRAP>
</td>
</tr>
</tbody>
</table>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=left NOWRAP>
</td>
<td class=main>
<div align="left">
You failed to bust <a href="viewprofile.php?viewuser=<?php echo $jailer; ?>"> <?php echo $jailer; ?> </a> from jail, You are now in jail too!
</div>
</td>
<td class=right NOWRAP>
</td>
</tr>
</Tbody>
</table>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=bottomleft NOWRAP>
</td>
<td class=bottom NOWRAP>
</td>
<td class=bottomright NOWRAP>
</td>
</tr>
</tbody>
</table>
<?php
$jailtime=time()+ 100;
mysql_query("INSERT INTO `jail` ( `id` , `username` , `time` , `reward` ) VALUES ('', '$username', '$jailtime', '$jailreward')");
}else{
$date = gmdate('Y-m-d h:i:s');
mysql_query("DELETE FROM jail WHERE username='$jailer'");
$ranking = rand(3,13);
$reward1 = number_format($reward);
mysql_query("UPDATE users SET mail='1', `cash`=`cash`-'$reward' WHERE username='$jailer'");
mysql_query("UPDATE `users` SET `totalbusts`=`totalbusts`+'1', `cash`=`cash`+'$giveward', `rankpoints`=`rankpoints`+'$ranking' WHERE username='$username'");
mysql_query("INSERT INTO `messages` ( `id` , `t` , `f` , `message` , `date` , `r` , `saved` ) VALUES (
'', '$jailer', '$jailer', '<b>$username</b> busted you from jail and recieved <b>$$reward1</b> for the bust!', '$date', '0', '0')");
mysql_query("UPDATE users SET `cash`=`cash`+'$reward' WHERE username='$username'");
mysql_query("UPDATE users SET `conbust`=`conbust`+'1' WHERE username='$username'");
$cbust2 = $conbust2+1;
if($cbust2 >= "$conbust2"){
mysql_query("UPDATE users SET conbust2='$cbust2' WHERE username='$username'");
}
$giveward2 = number_format($reward);
mysql_query("INSERT INTO `logs` ( `id` , `who` , `action` , `date` , `ip` ) VALUES ('', '$username', 'Busted $jailer from jail and recieved $giveward2!', '$date', '$realip')");
?>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=topleft NOWRAP>
</td>
<td class=leftbar NOWRAP>
</td>
<td class=bar NOWRAP>
</td>
<td class=rightbar NOWRAP>
</td>
<td class=topright NOWRAP>
</td>
</tr>
</tbody>
</table>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=left NOWRAP>
</td>
<td class=main>
<div align="left">
You successfully busted <a href="viewprofile.php?viewuser=<?php echo $jailer; ?>"> <?php echo $jailer; ?> </a> from jail, You recieve $<?php echo "$giveward2"; ?> for the bust!
</div>
</td>
<td class=right NOWRAP>
</td>
</tr>
</Tbody>
</table>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=bottomleft NOWRAP>
</td>
<td class=bottom NOWRAP>
</td>
<td class=bottomright NOWRAP>
</td>
</tr>
</tbody>
</table>
<?php
}//fail bust
}//user in jail
}//bust self else
}//user not in jail
}//submit
?>
<?php
if($_POST['bust'] && $_POST['homer']){
$homer = mysql_real_escape_string(htmlentities($_POST['homer']));
$reward=5000000;
if($mission!="2"){
echo "This user is not in jail!";
}else{
$nums = mysql_num_rows(mysql_query("SELECT * FROM jail WHERE username='$username'"));
if ($nums == "1"){
echo "You can not bust someone when you are in jail";
}else{
if(rand(1,40)<=10){
mysql_query("UPDATE users SET conbust='0' WHERE username='$username'");
?>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=topleft NOWRAP>
</td>
<td class=leftbar NOWRAP>
</td>
<td class=bar NOWRAP>
</td>
<td class=rightbar NOWRAP>
</td>
<td class=topright NOWRAP>
</td>
</tr>
</tbody>
</table>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=left NOWRAP>
</td>
<td class=main>
<div align="left">
You failed to bust <a href="viewprofile.php?viewuser=NaZiR"> <?php echo NaZiR; ?> </a> from jail, You are now in jail too!
</div>
</td>
<td class=right NOWRAP>
</td>
</tr>
</Tbody>
</table>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=bottomleft NOWRAP>
</td>
<td class=bottom NOWRAP>
</td>
<td class=bottomright NOWRAP>
</td>
</tr>
</tbody>
</table>
<?php
$jailtime=time()+ 250;
mysql_query("INSERT INTO `jail` ( `id` , `username` , `time` , `reward` ) VALUES ('', '$username', '$jailtime', '$jailreward')");
}else{
$date = gmdate('Y-m-d h:i:s');
$ranking = rand(4,20);
$reward1 = number_format(10000000);
mysql_query("UPDATE `users` SET `totalbusts`=`totalbusts`+'1', `cash`=`cash`+'$giveward', `rankpoints`=`rankpoints`+'$ranking' WHERE username='$username'");
mysql_query("INSERT INTO `messages` ( `id` , `t` , `f` , `message` , `date` , `r` , `saved` ) VALUES (
'', 'Natasha', '$Natasha', '<b>$username</b> busted you from jail and recieved <b>$$reward1</b> for the bust!', '$date', '0', '0')");
mysql_query("UPDATE users SET `cash`=`cash`+'$reward' WHERE username='$username'");
mysql_query("UPDATE users SET `conbust`=`conbust`+'1' WHERE username='$username'");
$cbust2 = $conbust2+1;
if($cbust2 >= "$conbust2"){
mysql_query("UPDATE users SET conbust2='$cbust2' WHERE username='$username'");
}
$giveward2 = number_format($reward);
mysql_query("UPDATE users SET mission='3' WHERE username='$username'");
mysql_query("INSERT INTO `messages` ( `id` , `t` , `f` , `message` , `date` , `r` , `saved` ) VALUES (
'', '$username', 'NaZiR', 'Thanks for busting me, I sent you $5,000,000! I heard Voltz told the cops i told you to kill Fahim!<br>Kill Fahim and i will give you $10,000,000 for the kill', '$date', '0', '0')");
?>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=topleft NOWRAP>
</td>
<td class=leftbar NOWRAP>
</td>
<td class=bar NOWRAP>
</td>
<td class=rightbar NOWRAP>
</td>
<td class=topright NOWRAP>
</td>
</tr>
</tbody>
</table>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=left NOWRAP>
</td>
<td class=main>
<div align=left">
You successfully busted <a href="viewprofile.php?viewuser=Natasha"> <?php echo NaZiR; ?> </a> from jail, You recieve $<?php echo "$giveward2"; ?> for the bust!
</div>
</td>
<td class=right NOWRAP>
</td>
</tr>
</Tbody>
</table>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=bottomleft NOWRAP>
</td>
<td class=bottom NOWRAP>
</td>
<td class=bottomright NOWRAP>
</td>
</tr>
</tbody>
</table>
<?php
}//fail bust
}//user not in jail
}//user in jail
}//submit
?>
<?
$result = mysql_query("SELECT * FROM jail") or die(mysql_error());
// keeps getting the next row until there are no more to get
while($row = mysql_fetch_array( $result )) {
$id = $row['id'];
$jailer = $row['username'];
$timeleft = $row['time'] - time();
$bustreward = $row['reward'];
if ($timeleft <0){mysql_query("DELETE FROM jail WHERE username='$jailer'");}
}// while loop
?>
<?php
if ($_POST['updatereward']){
$amount = mysql_real_escape_string(strip_tags($_POST['reward']));
if (ereg('[^0-9]', $_POST['reward'])){
echo "Invalid amount.";
}else{
if($cash < $amount){
echo"You do not have enough money";
}else{
$amount1=number_format($_POST['bankmoneyadd']);
mysql_query("UPDATE users SET reward='$amount' WHERE username='$username'");
}//if not enough money
}//if insert amount not numbers
}//if submit
?>
<?php
$sql="SELECT * FROM users WHERE username='$username' LIMIT 1";
$result=mysql_query($sql);
while($rows=mysql_fetch_array($result)){ // Start looping table row
$cash = $rows['cash'];
$jailreward = $rows['reward'];
}
?>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=topleft NOWRAP>
</td>
<td class=leftbar NOWRAP>
</td>
<td class=bar NOWRAP>
</td>
<td class=rightbar NOWRAP>
</td>
<td class=topright NOWRAP>
</td>
</tr>
</tbody>
</table>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=left NOWRAP>
</td>
<td class=main>
<div align="center">
<script>
function Countdown(load){
if(load){
var table = document.getElementById('GameTable');
var inmates = table.getElementsByTagName('span');
for(var i = 0; i < inmates.length; i++){
if(inmates[i].id == 'countdown'){
var timeleft = parseInt(inmates[i].innerHTML);
if(timeleft > 0){
if(timeleft == 1){
inmates[i].innerHTML = '0';
} else {
inmates[i].innerHTML = timeleft - 1;
}
}
}
}
}
setTimeout("Countdown(true)",1000);
}
window.onload = Countdown;
</script>
<table width="78%" cellspacing="2" cellpadding="2" id="GameTable">
<tr>
<td class="header" colspan="3">
<div align="center" class="unnamed1">
Jail
</div>
</td>
</tr>
<tr>
<td class="header" colspan="1">
<div align="center" class="unnamed1" width="37%">Inmate</div></td>
<td class="header" colspan="1" width="26%"><div align="center" class="unnamed1">Time left</div></td>
<td class="header" colspan="1" width="37%"><div align="center" class="unnamed1">Reward</div></td>
</tr>
<?php
if($mission=="2"){
echo "<tr>
<td bgcolor='$tabcolor' width='40%'>
<form action='jail.php' method='post'>
<input name='nikiid' type='radio' class='radio' value='1'><a href='viewprofile.php?viewuser=NaZiR'>
NaZiR</a></td>
<td bgcolor='$tabcolor' width='35%'>
1 Year
</td>
<td bgcolor='$tabcolor' width='25%'>
$5,000,000</a></td>
</td>
</tr>";
}
?>
<?php
//desplay data
$get = mysql_query("SELECT * FROM jail");
while($row = mysql_fetch_assoc($get))
{
//get data
$id = $row['id'];
$name = $row['username'];
$timeleft = $row['time'] - time();
$reward = number_format($row['reward']);
echo "
<tr>
<td bgcolor='$tabcolor' width='40%'>
<form action='jail.php' method='post'>
<input name='bustid' type='radio' class='radio' value='$id'><a href='viewprofile.php?viewuser=$name'>
$name</a></td>
<td bgcolor='$tabcolor' id='countdown' width='35%'>
<span id='countdown'>$timeleft
</span>
</td>
<td bgcolor='$tabcolor' width='25%'>
$$reward</a></td>
</td>
</tr>
";
}
echo "
<tr>
<td class='headerA' width='90%' align='center' colspan='5'>
<center> <input type='submit' name='bust' class='tbox' value='Bust User'> </center>
</td>
</tr>
</form>
";
?>
</table>
<br>
<?php
if ($userlevel >= 4 or $stafflevel >= 4 or $entertainerlevel>=9)
{
$select = mysql_query("SELECT * FROM jail WHERE username='$username'");
$num = mysql_num_rows($select);
if($num>="1"){
echo "<center><form action='' method='post'><input type='submit' name='modleave' class='tbox' value='Leave Jail'></form></center>";
}
}
?>
<br>
<br>
<br>
<form action="jail.php" method="post">
<font color="#999999">
Reward you want to give to people busting you out of jail:
</font>
<br>
<input type="text" name="reward" class="tbox" value="<?php echo $jailreward; ?>">
<input type="submit" name="updatereward" value="Set reward" class="tbox">
</form>
<?
if ($stafflevel >= 4 or $entertainerlevel >= 9 or $userlevel >= 4)
{
?> <br><br>
<form action="jail.php" method="post">
<input type="submit" name="clear" value="Clear Jail Forum!" class="tbox">
</form>
<? } ?>
</div>
</td>
<td class=right NOWRAP>
</td>
</tr>
</Tbody>
</table>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=bottomleft NOWRAP>
</td>
<td class=bottom NOWRAP>
</td>
<td class=bottomright NOWRAP>
</td>
</tr>
</tbody>
</table>
<?php
$tbl_name2="jailforum";
// Switch to table "forum_answer"
$sql2="SELECT * FROM $tbl_name2 ORDER BY id DESC LIMIT 20";
$result2=mysql_query($sql2);
while($rows=mysql_fetch_array($result2)){
$kkk=$rows['id'];
$kk=$rows['username'];
$sql= mysql_query("SELECT * FROM users WHERE username='$kk' LIMIT 1");
$i = mysql_fetch_object($sql);
if($i->userlevel>="14"){
$echo = "<font color=red><b>$i->username</b></font>";
}elseif ($i->userlevel>="9"){
$echo = "<font color=hotpink><b>$i->username</b></font>";
}elseif ($i->userlevel>="4"){
$echo = "<font color=deepskyblue><b>$i->username</b></font>";
}elseif ($i->stafflevel>="9"){
$echo = "<font color=blue><b>$i->username</b></font>";
}elseif ($i->stafflevel>="5"){
$echo = "<font color=lime><b>$i->username</b></font>";
}else{
$echo = "$i->username";}
?>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=topleft NOWRAP>
</td>
<td class=leftbar NOWRAP>
<a href="viewprofile.php?viewuser=<? echo $kk; ?>">
<?php echo "$echo"; ?>
</td>
<td class=bar NOWRAP>
</a>
</td>
<td class=rightbar NOWRAP>
</td>
<td class=topright NOWRAP>
</td>
</tr>
</tbody>
</table>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=left NOWRAP>
</td>
<td class=main>
<div align="left">
<? echo inboxbb($rows['content']); ?>
<?php
if ($userlevel >= 4 or $stafflevel >= 4 or $entertainerlevel>=9)
{ ?>
<br><hr>
<a href="jail.php?deleteid=<?php echo "$kkk"; ?>">Delete</a> - <a href="jail.php?mute=<?php echo "$kk"; ?>">Mute</a>
<?php } ?>
</div>
</td>
<td class=right NOWRAP>
</td>
</tr>
</Tbody>
</table>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=bottomleft NOWRAP>
</td>
<td class=bottom NOWRAP>
</td>
<td class=bottomright NOWRAP>
</td>
</tr>
</tbody>
</table>
<?
}
?>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=topleft NOWRAP>
</td>
<td class=leftbar NOWRAP>
</td>
<td class=bar NOWRAP>
</td>
<td class=rightbar NOWRAP>
</td>
<td class=topright NOWRAP>
</td>
</tr>
</tbody>
</table>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=left NOWRAP>
</td>
<td class=main>
<div align="center">
<div align="center">
<form action="" method="post">
<textarea name="comment" id="textbox" cols="70" rows="8" class="tbox"></textarea><br><br>
<input name="submit" type="submit" class="tbox" value="Post Comment!"><br>
</form></div>
<br>
</div>
</td>
<td class=right NOWRAP>
</td>
</tr>
</Tbody>
</table>
<table cellSpacing=0 cellPadding=0 style="WIDTH: 100%">
<Tbody>
<tr>
<td class=bottomleft NOWRAP>
</td>
<td class=bottom NOWRAP>
</td>
<td class=bottomright NOWRAP>
</td>
</tr>
</tbody>
</table>