Jump to content

Reprt sys


rofl90

Recommended Posts

OK I've been throug most things but it doesn' seem to add the values into the table in database so they can't be read in the reports CP.

Heres the code

Thanks the report form.

<?php
//output buffering
ob_start();
session_start();
//check for existence of install folder
if (file_exists("install") || file_exists("install/installsql.php") ||  file_exists("install/index.html") || file_exists("install/install2-1.php"))
{
die ("<center><font face='verdana' color='red' size='2'><b>ERROR!Please delete the install folder from your web server</b></font></center>");
}

//no install folder
else
{
//config.php is required by the script.The difference between require and include is that require will return a fatal error if file is not found while include will only return a warning
require ("includes/config.php");
//include Global Var files
include ("includes/globals.php");
include ("includes/index.php");

//if it is in debug mode
if ($debug)
{
	print "<center><font face=\"verdana\" color=\"red\" size=\"2\"><b>WARNING!We are currently in DEBUG MODE.</b></font></center>";

	//If the guy is not logged in as admin
	if (!isset($_SESSION['isadmin']))
	{
		die ("<center><font face=\"verdana\" color=\"red\" size=\"2\"><b>If you are an admin,please <a href=\"admin/login.php\">login</a> to your account at Control Panel</b></font></center>");
	}

	//in debug mode
	else 
	{		}
}

//normal
else
{
	?>
	<html>
	<head>
	<title>Realms Of Chaos - Call For Help</title>
	<link rel="stylesheet" href=<? print "\"" . $path . "/style.css\""; ?> type="text/css" />
	<!-- Status Bar message -->
	<script language="javascript">
	window.defaultStatus = 'Realms Of Chaos';
	</script>
	<script>
	function popUp(URL) {
	day = new Date();
	id = day.getTime();
	eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=1,location=0,statusbar=1,menubar=0,resizable=1,width=300,height=200');");
	}
	</script>

	<!-- END Status Bar message -->		
	</head>

	<body>
	<!--Content here-->
	<center>
	<a href="index.php" style="font-family:Tahoma; font-size:24px; text-decoration:none;">Realms Of Chaos</a><br /><br />
	<!-- Begin Links here -->
	<?
	//begin impt notice
	$command = "SELECT * from ext_general";
	$query = mysql_query($command)
		or die($db_error);
	$result = mysql_fetch_array($query);
	if ($result['emgmsg'] == true)
	{
		print "<b><font color=\"red\"><marquee><center>".$result['emgmsg']."</center></marquee></font></b>";
	}
	?>
	<hr />
	<? 
	//check if user is logged in, display the suitable menu and update user's last login time 
	if (isset ($_SESSION['player'])) 
	{ 
		$time = date("U");		
		$command = "UPDATE ext_users SET ontime='$time' WHERE playername='".$_SESSION['player']."'";			
		$query = mysql_query($command)
			or die($db_error);
		?><a href="index.php">Home</a> | <a href="attack.php">Attack</a> | <a href="killmonster.php">Kill A Monster</a> | <a href="buyland.php">Buy Land</a> | <a href="army.php">Train Army</a>  | <a href="science.php">Buy Science Pts</a>  | <a href="guild.php">Guild</a> |  <a href="profile.php">Profile</a> | <a href="ranking.php">Rankings</a> | <a href="login.php">Logout</a>
		<? 	
		$command = "SELECT * from ext_users where playername='$_SESSION[player]'";
		$query = mysql_query($command)
			or die($db_error);
		$result = mysql_fetch_array($query);
		$now = date("U");
		if (($now - $result['lastspell']) >= 60)
		{
			$mp = round ($now - $result['lastspell'])/60;
			$mp = round ($mp*($result['charmaxmp']/10));
			if ($result['charmp'] + $mp >= $result['charmaxmp'])
			{
				$mp = $result['charmaxmp'];
			}
			else
			{
				$mp = $mp + $result['charmp'];
			}

			$command1 = "Update ext_users set charmp='$mp', lastspell='$now' where playername='$_SESSION[player]'";
			$query = mysql_query($command1)
				or die($db_error);
		}	
		else
		{ }
	} 

	else { ?>Menu disabled.You need to login <? } ?>
	<hr />
	<!-- END Links here -->
	</center>
	<?
}
}


switch($_GET[act]){ //change links to ?act=
default: //Make this our default page.
if (isset($_SESSION['player'])){ //check if they are logged in
echo "
<center><form method=\"post\" action=\"index.php?x=Report&act=Do\">
<b>Username</b>:<br />
<input type=\"text\" name=\"user\" size=\"15\"><br />
<b>Reason</b>:<br />
<textarea cols=\"35\" rows=\"5\" name=\"reason\"></textarea><br />
<input type=\"submit\" name=\"report\" value=\"Report User\">
</form></center>
"; //Echo the form
}elseif(!$logged[username] && !$_POST[report]){ //If Not Logged in
echo "<b>Error</b>: You Are Not Logged In"; //Echo Error
} //End Else If
break; //End the page

case 'Do': //Make the Go case.
if($logged[username] && $_POST[report]){ //Check if they are logged in and the form is submitted
$user = stripslashes(htmlspecialchars($_POST[user])); //User Variable
$reason = stripslashes(addslashes(htmlspecialchars($_POST[reason]))); //Reason Variable
$date = date("l, F d, Y");
$errs = array(); //Make An Array
if(empty($user)){
$errs[] = "<b>Error</b>: You Must Enter A Username<br />"; //echo error
}//end
if(empty($reason)){ //if reason is empty
$errs[] = "<b>Error</b>: You Must Enter A Reason<br />"; //echo error
} //End
if(count($errs) > 1){ //If there are more than 1 errors
foreach($errs as $oops){ //Count them up
echo "$oops"; //Echo Errors
}
}else{
$report = mysql_query("INSERT INTO reps(`username`,`reason`,`date`,`reported_by`) VALUES ('$user','$reason','$date','$logged[username]')") or die(mysql_error()); //do the query or die with an error
echo "$user Has Been Reported."; //Echo Error
} //End the queryness
}elseif($logged[username] && !$_POST[report]){ //If logged in but form not submitted
echo "<b>Error</b>: You Must Go Back And Submit The Form"; //Echo error
}elseif(!$logged[username] && !$_POST[report]){ //If not loged in and no form
echo "<b>Error</b>: You Are Not Logged In"; //Echo Error
}//End check login
break; //End The Page
} //End switch get
print "<br />";
include ("includes/footer.php");
?>

Heres the CP

<?php
ob_start();
session_start();
//check for existence of install folder
if (file_exists("install") || file_exists("install/installsql.php") ||  file_exists("install/index.html") || file_exists("install/install2-1.php"))
{
die ("<center><font face='verdana' color='red' size='2'><b>ERROR!Please delete the install folder from your web server</b></font></center>");
}

//no install folder
else
{
//config.php is required by the script.The difference between require and include is that require will return a fatal error if file is not found while include will only return a warning
require ("includes/config.php");
//include Global Var files
include ("includes/globals.php");
include ("includes/index.php");

//if it is in debug mode
if ($debug)
{
	print "<center><font face=\"verdana\" color=\"red\" size=\"2\"><b>WARNING!We are currently in DEBUG MODE.</b></font></center>";

	//If the guy is not logged in as admin
	if (!isset($_SESSION['isadmin']))
	{
		die ("<center><font face=\"verdana\" color=\"red\" size=\"2\"><b>If you are an admin,please <a href=\"admin/login.php\">login</a> to your account at Control Panel</b></font></center>");
	}

	//in debug mode
	else 
	{		}
}

//normal
else
{
	?>
	<html>
	<head>
	<title>Realms Of Chaos</title>
	<link rel="stylesheet" href=<? print "\"" . $path . "/style.css\""; ?> type="text/css" />
	<!-- Status Bar message -->
	<script language="javascript">
	window.defaultStatus = 'Realms Of Chaos';
	</script>
	<script>
	function popUp(URL) {
	day = new Date();
	id = day.getTime();
	eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=1,location=0,statusbar=1,menubar=0,resizable=1,width=300,height=200');");
	}
	</script>

	<!-- END Status Bar message -->		
	</head>

	<body>
	<!--Content here-->
	<center>
	<a href="index.php" style="font-family:Tahoma; font-size:24px; text-decoration:none;">Realms Of Chaos</a><br /><br />
	<!-- Begin Links here -->
	<?
	//begin impt notice
	$command = "SELECT * from ext_general";
	$query = mysql_query($command)
		or die($db_error);
	$result = mysql_fetch_array($query);
	if ($result['emgmsg'] == true)
	{
		print "<b><font color=\"red\"><marquee><center>".$result['emgmsg']."</center></marquee></font></b>";
	}
	?>
	<hr />
	<? 
	//check if user is logged in, display the suitable menu and update user's last login time 
	if (isset ($_SESSION['player'])) 
	{ 
		$time = date("U");		
		$command = "UPDATE ext_users SET ontime='$time' WHERE playername='".$_SESSION['player']."'";			
		$query = mysql_query($command)
			or die($db_error);
		?><a href="index.php">Home</a> | <a href="attack.php">Attack</a> | <a href="killmonster.php">Kill A Monster</a> | <a href="buyland.php">Buy Land</a> | <a href="army.php">Train Army</a>  | <a href="science.php">Buy Science Pts</a>  | <a href="guild.php">Guild</a> |  <a href="profile.php">Profile</a> | <a href="ranking.php">Rankings</a> | <a href="login.php">Logout</a>
		<? 	
		$command = "SELECT * from ext_users where playername='$_SESSION[player]'";
		$query = mysql_query($command)
			or die($db_error);
		$result = mysql_fetch_array($query);
		$now = date("U");
		if (($now - $result['lastspell']) >= 60)
		{
			$mp = round ($now - $result['lastspell'])/60;
			$mp = round ($mp*($result['charmaxmp']/10));
			if ($result['charmp'] + $mp >= $result['charmaxmp'])
			{
				$mp = $result['charmaxmp'];
			}
			else
			{
				$mp = $mp + $result['charmp'];
			}

			$command1 = "Update ext_users set charmp='$mp', lastspell='$now' where playername='$_SESSION[player]'";
			$query = mysql_query($command1)
				or die($db_error);
		}	
		else
		{ }
	} 

	else { ?>Menu disabled.You need to login <? } ?>
	<hr />
	<!-- END Links here -->
	</center>
	<?
}
}

switch($_GET[x]){ // Make Links ?x=case
default: // set default case
if (isset($_SESSION['player'])){ //check if they are logged in and an admin
$get = mysql_query("SELECT * FROM reps") or die(mysql_error()); //get all reports
$gnum = mysql_num_rows($get); //get how many there are
if($gnum == 0){ //check if there are any
echo "<b>Error</b>: There Are No Reports To Review"; //if not...
}else{ // or if there are
echo "There Are Currently $gnum Reports To Review"; //Yay there are some
while($ec = mysql_fetch_array($get)){ //repeats the data
echo "<table width='150' align='center'>
<tr>
<td width='150' align='center' valign='top'>
<b>$ec[user]</b><br />
 <b>Reported By:</b>: $ec[by]
</td>
</tr>
<tr>
<td width='200' colspan='2' align='center' valign='top'>
<p>$ec[reason]</p>
</td>
</tr>
<tr>
<td width='350' colspan='3' align='center' valign='top'>
<b>Date Reported</b>: $ec[date] | <a href='repcp.php?x=warn&y=$ec[user]'>Warn User</a> | <a href='repcp.php?x=delete&id=$ec[id]'>Delete</a>
</td>
</tr>
</table>"; //echo the report
} //End: the while
} //End: check if there are reports or not
} //End: level check
break; //end the default case
case 'warn': //the warn area 
if(!$logged[username] || $logged[level] !== 5){ //check if logged in and admin
echo "<b>Error</b>: You Are Either Not Logged In Or You Are Not An Admin"; //echo this
}else{ //or do other things
if(!$_GET[y]){ //check if theres a user selected
echo "<b>Error</b>: No User Selected"; //if not
}else{ //or do other things
if(!$_POST[warn]){ //check if the form was submitted or not
echo "<form method='post'>
<b>Username</b>:<br />
<input type='text' name='user' value='$_GET[y]' readonly='readonly'><Br />
<b>Warn Reason</b>:<Br />
<textarea rows='5' cols='35' name='reason'></textarea><br />
<input type='submit' name='warn' value='Warn $_GET[y]'>
</form>"; //Echo The Form
}else{ //the form was submitted...
$user = strip_tags(stripslashes($_POST[user]));
$reason = stripslashes(strip_tags($_POST[reason]));
$date = date("l, F d, Y");
mysql_query("INSERT INTO warnings (`user`,`reason`,`from`,`date`) VALUES ('$user','$reason','$logged[username]','$date')") or die(mysql_error()); //mysql query to insert or die
echo "$user Has Been Warned"; //Echo this if success
} //End: check if form was submitted
} //End: check if user is selected
} //End: check if logged in and an admin
break; //End warn case
case 'delete': //delete case
if(!$Logged[username] || $logged[level] !== 5){ //check if logged in and an admin
echo "<b>Error</b>: You Are Either Not Logged In Or You Are Not An Admin"; //error
}else{ //or do this
if(!$_GET[id]){ //check if user/report was selected
echo "<b>Error</b>: No Report Was Selected To Delete"; //if not echo this
}else{ //or do the following
mysql_query("DELETE FROM reps WHERE id = '$_GET[id]'") or die(mysql_error()); //delete the report
echo "Report Deleted"; //echo this
} //End: check if id selected
} //end: login and admin check
break; //end delete case
} //end switch and get
print "<br />";
include ("includes/footer.php");
?>

Thanks n advance

Link to comment
https://forums.phpfreaks.com/topic/41762-reprt-sys/
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.