$skills = str_replace(array("Š", "š"), array("Š", "š"), $skills);
if ($heroid != "" and strlen($HeroName) >= 2) {
if (isset($_GET["edit"])) {
$update = $db->update(OSDB_HEROES, array("description" => $HeroName, "summary" => $desc, "stats" => $stats, "skills" => $skills, "type" => $type), "heroid = '" . $edit . "' ");
OS_AddLog($_SESSION["username"], "[os_heroes] EDITED HERO ( {$edit}, {$HeroName} )");
} else {
$hid = str_replace(".gif", "", $heroid);
$check = $db->prepare("SELECT * FROM " . OSDB_HEROES . " WHERE heroid = '" . $hid . "' ");
$result = $check->execute();
if ($check->rowCount() >= 1) {
?>
<h2>Hero already exists</h2><?php
} else {
//INSERT
$db->insert(OSDB_HEROES, array("heroid" => $hid, "original" => $hid, "description" => $HeroName, "summary" => $desc, "stats" => $stats, "skills" => $skills, "type" => $type));
OS_AddLog($_SESSION["username"], "[os_heroes] ADD HERO ( {$hid}, {$HeroName} )");
}
}
if ($upd) {
?>
<h2>Hero successfully updated</h2><?php
}
} else {
echo "<h2>Missing HeroID or Hero Name does not have enought characters </h2>";
}
CreateHeroList("../inc/cache/");
}
if (isset($_GET["edit"]) and !isset($_GET["add"])) {
$sth = $db->prepare("SELECT * FROM " . OSDB_HEROES . " WHERE heroid = '" . $edit . "' LIMIT 1");
$result = $sth->execute();
$row = $sth->fetch(PDO::FETCH_ASSOC);
$result = $sth->execute();
OS_AddLog($_SESSION["username"], "[os_adminlog] Deleted admin log ( #" . (int) $_GET["del"] . " ) ");
}
if (isset($_GET["purge_admin_logs"])) {
$sth = $db->prepare("TRUNCATE TABLE " . OSDB_ADMIN_LOG . " ");
$result = $sth->execute();
?>
<div align="center">
<h2>All logs are deleted successfully.</h2>
<a href="<?php
echo OS_HOME;
?>
adm/?admin_logs">Refresh page</a> to continue.
</div>
<?php
OS_AddLog($_SESSION["username"], "[os_adminlog] Deleted all admin logs ");
}
if (isset($_GET["search_logs"])) {
$s = safeEscape($_GET["search_logs"]);
} else {
$s = "";
}
?>
<form action="" method="get">
<input type="hidden" name="admin_logs" />
<input style="width: 180px; height: 24px;" id="sl" type="text" name="search_logs" value="<?php
echo $s;
?>
" />
<input class="menuButtons" type="submit" value="Search logs" />
<!--
$pp = trim((int) $_POST["pp"]);
$date = date("Y-m-d H:i:00", time());
if (strlen($player_name) <= 2) {
$errors .= "<div>Player name does not have enough characters</div>";
}
if ($pp <= 0) {
$errors .= "<div>Penalty points can not be less than 1</div>";
}
if (empty($errors)) {
if (!isset($_GET["edit"])) {
$sqlqr = "INSERT INTO " . OSDB_GO . "(player_name, reason, offence_time, offence_expire, pp, admin) \n\t VALUES('" . $player_name . "', '" . $reason . "', '" . $date . "', '" . $expiredate . "', '" . $pp . "', '" . $admin . "' )";
OS_AddLog($_SESSION["username"], "[os_addpp] Added PP {$player_name} + {$pp}");
} else {
$id = (int) $_GET["edit"];
$sqlqr = "UPDATE " . OSDB_GO . " SET player_name = '{$player_name}', reason = '{$reason}', offence_expire = '{$expiredate}', pp = '{$pp}', admin = '{$admin}'\n\t\t WHERE id = {$id} LIMIT 1";
OS_AddLog($_SESSION["username"], "[os_addpp] EDIT PP {$player_name} ");
}
$sth = $db->prepare($sqlqr);
$result = $sth->execute();
}
}
?>
<div align="center">
<table>
<tr><td>
<form action="" method="get">
<input type="hidden" name="pp" />
<input type="text" name="search" value = "<?php
echo $search;
?>
<?php
if (!isset($website)) {
header('HTTP/1.1 404 Not Found');
die;
}
$field_name = "oh_bannednamepartials";
if (isset($_POST["submit_bn"]) and isset($_POST["BannedNames"])) {
$words = strip_tags(trim($_POST["BannedNames"]));
OS_add_custom_field(1, $field_name, $words);
$saved = 1;
OS_AddLog($_SESSION["username"], "[oh_bannednamepartials] Edited Banned names");
}
$BannedNames = OS_get_custom_field(1, $field_name);
?>
<div align="center">
<h2>Banned names</h2>
<form action="" method="post">
<textarea rows="10" cols="60" name="BannedNames"><?php
echo $BannedNames;
?>
</textarea>
<div>
<input type="submit" value="Save word filter" name="submit_bn" class="menuButtons" />
</div>
</form>
<?php
if (isset($saved)) {
?>
if (isset($_GET["search_users"])) {
echo $_GET["search_users"];
}
?>
(#<?php
echo (int) $_GET["reset_stats"];
?>
)</h2>
<?php
}
//EDIT PLAYER
if (isset($_GET["edit"])) {
if (isset($_POST["save_player"])) {
$sth = $db->prepare("UPDATE " . OSDB_STATS_P . " SET \n\t user_level = '" . (int) $_POST["user_level"] . "',\n\t banned = '" . (int) $_POST["banned"] . "',\n\t hide = '" . (int) $_POST["hide"] . "',\n\t realm = '" . trim(strip_tags($_POST["realm"])) . "',\n\t points = '" . trim(strip_tags($_POST["points"])) . "',\n\t points_bet = '" . trim(strip_tags($_POST["points_bet"])) . "',\n\t blacklisted = '" . trim(strip_tags($_POST["blacklisted"])) . "',\n\t exp = '" . trim(strip_tags($_POST["exp"])) . "'\n\t WHERE player = '" . trim($_GET["edit"]) . "' LIMIT 1 ");
$result = $sth->execute();
OS_AddLog($_SESSION["username"], "[os_players_edit] " . $_GET["edit"] . ": Lev: " . $_POST["user_level"] . ", EXP: " . $_POST["exp"] . " ");
}
$Player = trim($_GET["edit"]);
$sth = $db->prepare("SELECT * FROM " . OSDB_STATS_P . " WHERE player = '" . $Player . "' ");
$result = $sth->execute();
$row = $sth->fetch(PDO::FETCH_ASSOC);
$exp = calculateXP($row["exp"]);
$percent = $exp["percent"];
$level = $exp["level"];
$expts = $row["exp"];
$end = $exp["end"];
$progress = round($exp["end"] / ($exp["end"] + $row["exp"]), 3) * 100;
$level = $row["user_level"];
if ($_SESSION["level"] > 9) {
$dis = "";
} else {
?>
adm/?remote">Refresh page</a> to continue.
</div>
<?php
OS_AddLog($_SESSION["username"], "[os_rcon] Removed all remote commands ");
}
if (isset($_POST["rc"]) and isset($_POST["botid"]) and is_numeric($_POST["botid"]) and isset($_POST["command"])) {
$botid = safeEscape((int) $_POST["botid"]);
$command = strip_tags(trim($_POST["command"]));
$db->insert(OSDB_COMMANDS, array("botid" => $botid, "command" => $command));
$InsertID = $db->lastInsertId();
?>
<div align="center">
<?php
if ($InsertID >= 1) {
OS_AddLog($_SESSION["username"], "[os_rcon] Sent Remote command ( #{$InsertID} )");
?>
Message #<?php
echo $InsertID;
?>
has been successfully sent.
<div style="font-size:11px;"><?php
echo $command;
?>
</div>
<?php
} else {
?>
Error. Something is wrong. Make sure you <a href="http://www.codelain.com/forum/index.php?topic=17803.0;" target="_blank">install the patch</a>.
<?php
}
<?php
$field_name = "oh_announcements_config";
if (isset($_POST["a_saved"]) and isset($_POST["a_time"])) {
$time = (int) strip_tags(trim($_POST["a_time"]));
if (!is_numeric($time)) {
$time = 30;
}
if ($time < 0 or $time > 60 * 24) {
$time = 30;
}
$lobby = strip_tags(trim($_POST["a_lobby"]));
$data = "repeat\t{$time}\tlobby\t{$lobby}";
OS_add_custom_field(1, $field_name, $data);
$saved = 1;
OS_AddLog($_SESSION["username"], "[os_announcements] Edited Announcements Config");
}
$config = OS_get_custom_field(1, $field_name);
$cfg = explode("\t", $config);
if (isset($cfg[1])) {
$time = $cfg[1];
} else {
$time = 30;
}
if (isset($cfg[3])) {
$lby = $cfg[3];
} else {
$lby = 0;
}
?>
<form action="" method="post">
$update = $db->query("UPDATE ".OSDB_STATS." SET user_level = '".$level."' WHERE (player) = ('".$name."') LIMIT 1");
}
*/
if (empty($errors)) {
$sth = $db->prepare($sql);
$result = $sth->execute();
if ($result) {
?>
<div align="center">
<h2>Admin successfully updated. <a href="<?php
echo $website;
?>
adm/?admins">« Back</a></h2>
</div>
<?php
OS_AddLog($_SESSION["username"], "[os_editadmin] Edited Admin ( {$name}, Level: {$level} )");
}
} else {
?>
<div align="center"><?php
echo $errors;
?>
</div>
<?php
}
}
if (isset($_GET["edit"]) and is_numeric($_GET["edit"])) {
$sth = $db->prepare("SELECT * FROM " . OSDB_USERS . " WHERE user_id = :id ");
$sth->bindValue(':id', (int) $id, PDO::PARAM_INT);
$result = $sth->execute();
$row = $sth->fetch(PDO::FETCH_ASSOC);
<?php
if (!isset($website)) {
header('HTTP/1.1 404 Not Found');
die;
}
$field_name = "oh_badwords";
if (isset($_POST["submit_wf"]) and isset($_POST["bad_words"])) {
$words = strip_tags(trim($_POST["bad_words"]));
OS_add_custom_field(1, $field_name, $words);
$saved = 1;
OS_AddLog($_SESSION["username"], "[os_badwords] Edited Bad words");
}
$badwords = OS_get_custom_field(1, $field_name);
?>
<div align="center">
<h2>Word Filter</h2>
<form action="" method="post">
<textarea rows="10" cols="60" name="bad_words"><?php
echo $badwords;
?>
</textarea>
<div>
<input type="submit" value="Save word filter" name="submit_wf" class="menuButtons" />
</div>
</form>
<?php
if (isset($saved)) {
?>
}
}
}
}
}
}
}
}
}
}
}
}
}
}
//Version check
if (!isset($_SESSION["v_check"])) {
$_SESSION["v_check"] = OS_VERSION;
$v = OS_Curl('http://ohsystem.net/stats/version_check.php?check=' . OS_VERSION);
$os_check = OS_Curl('http://ohsystem.net/stats/version.php');
if ($os_check != OS_VERSION and !empty($os_check)) {
$IntroMessage = '<b>An updated version of Dota OpenStats is available.</b><br />';
$IntroMessage .= 'You can update to OpenStats <b>' . $os_check . "</b><br />";
$IntroMessage .= 'Download the package and install it: <br />';
$IntroMessage .= '<a target="_blank" class="menuButtons" href="https://github.com/OHSystem/ohsystem/">Download ' . $os_check . '</a> <br />';
$_SESSION["intro_message"] = $IntroMessage;
}
if (isset($_SESSION["username"]) and !isset($_SESSION["adm_logged"])) {
OS_AddLog($_SESSION["username"], "[os_login] in admin panel");
$_SESSION["adm_logged"] = time();
}
}
$expire = strip_tags($_POST["expire"]);
$reason = strip_tags($_POST["reason"]);
$game = strip_tags($_POST["game"]);
$country = $UserData[0]["letter"];
$realm = $UserData[0]["realm"];
$ip = $UserData[0]["ip"];
$ip_part = OS_GetIpRange($ip);
$admin = $_SESSION["username"];
$time = date("Y-m-d H:i:s", time());
$db->insert(OSDB_BANS, array("name" => strtolower($PlayerName), "server" => $realm, "reason" => $reason, "ip" => $ip, "ip_part" => $ip_part, "admin" => $admin, "gamename" => $game, "date" => $time, "expiredate" => $expire, "country" => $country));
$db->insert(OSDB_GO, array("player_name" => strtolower($PlayerName), "reason" => $reason, "offence_time" => $time, "offence_expire" => '0000-00-00 00:00:00', "pp" => '1', "admin" => $admin));
$upd2 = $db->prepare("UPDATE " . OSDB_STATS . " SET banned = '1' WHERE player = '" . $PlayerName . "' ");
$result = $upd2->execute();
$upd3 = $db->prepare("UPDATE " . OSDB_STATS_P . " SET banned = '1' WHERE player = '" . $PlayerName . "' ");
$result = $upd3->execute();
OS_AddLog($_SESSION["username"], "[os_moderator] Banned: {$PlayerName} ");
header("location: " . OS_HOME . "?u=" . $uid . "&mcp");
die;
}
//Other players on same IP range
if (!empty($PlayerName)) {
$ip = $UserData[0]["ip"];
$ip_part = OS_GetIpRange($ip);
//Show all user IPs
$sth = $db->prepare("SELECT gp.id, gp.ip, gp.name, g.gamename, g.datetime, gp.gameid \n\t\t\t FROM " . OSDB_GP . " as gp\n\t\t\t LEFT JOIN " . OSDB_GAMES . " as g on g.id = gp.gameid\n\t\t\t WHERE name = '" . $PlayerName . "' GROUP BY ip ORDER BY id DESC LIMIT 50");
$result = $sth->execute();
$UserIPAddr = array();
$AllUserIPS = array();
$c = 0;
while ($row = $sth->fetch(PDO::FETCH_ASSOC)) {
$UserIPAddr[$c]["id"] = $row["id"];
if (isset($_GET["edit"])) {
$sql = "UPDATE " . OSDB_COMMENTS . " SET \n\t text= '" . $text . "' {$sqlPostDate} WHERE id ='" . $id . "' LIMIT 1 ";
}
if (empty($errors)) {
$sth = $db->prepare($sql);
$result = $sth->execute();
if ($result) {
?>
<div align="center">
<h2>Comment successfully updated. <a href="<?php
echo $website;
?>
adm/?comments">« Back</a></h2>
</div>
<?php
OS_AddLog($_SESSION["username"], "[os_delcomment] Updated comment ( #{$id} )");
}
} else {
?>
<div align="center"><?php
echo $errors;
?>
</div>
<?php
}
}
if (isset($_GET["edit"]) and is_numeric($_GET["edit"])) {
$sth = $db->prepare("SELECT * FROM " . OSDB_COMMENTS . " WHERE id = '" . $id . "' ");
$result = $sth->execute();
$row = $sth->fetch(PDO::FETCH_ASSOC);
$text = convEnt($row["text"]);
$sth = $db->prepare($sql);
$result = $sth->execute();
if ($result) {
?>
<div align="center">
<h2>Note successfully updated. <a href="<?php
echo OS_HOME;
?>
adm/?notes">« Back</a></h2>
</div>
<?php
if (isset($_GET["edit"])) {
OS_AddLog($_SESSION["username"], "[os_notes] Edited Note: ( {$name} ) ");
}
if (isset($_GET["add"])) {
OS_AddLog($_SESSION["username"], "[os_notes] Added Note: ( {$name} ) ");
}
}
} else {
?>
<div align="center"><?php
echo $errors;
?>
</div>
<?php
}
}
if (isset($_GET["edit"]) and is_numeric($_GET["edit"])) {
$sth = $db->prepare("SELECT * FROM " . OSDB_NOTES . " WHERE id = '" . $id . "' ");
$result = $sth->execute();
$row = $sth->fetch(PDO::FETCH_ASSOC);
<?php
if (!isset($website)) {
header('HTTP/1.1 404 Not Found');
die;
}
$field_name = "oh_banemail";
if (isset($_POST["submit_be"]) and isset($_POST["bad_email"])) {
$words = strip_tags(trim($_POST["bad_email"]));
OS_add_custom_field(1, $field_name, $words);
$saved = 1;
OS_AddLog($_SESSION["username"], "[oh_banemail] Edited Bad words");
}
$banemails = OS_get_custom_field(1, $field_name);
?>
<div align="center">
<h2>Ban Email Address</h2>
<?php
if (!empty($banemails)) {
$total = count(explode(",", $banemails));
?>
<div><b>Banned:</b> <?php
echo $total;
?>
email addresses</div>
<?php
}
?>
<form action="" method="post">
}
if (isset($_GET["purge_logs"])) {
$sth = $db->prepare("TRUNCATE TABLE " . OSDB_GAMELOG . " ");
$result = $sth->execute();
$del = $db->prepare("DELETE FROM " . OSDB_GAMESTATUS . " WHERE gamestatus>=3");
$result = $del->execute();
?>
<div align="center">
<h2>All logs are deleted successfully.</h2>
<a href="<?php
echo OS_HOME;
?>
adm/?live_games">Refresh page</a> to continue.
</div>
<?php
OS_AddLog($_SESSION["username"], "[os_live] REMOVED ALL LOGS (PURGE) ");
}
$tot = $db->prepare("SELECT COUNT(*) FROM " . OSDB_GAMESTATUS . " \n\tWHERE gamestatus>=3");
$result = $tot->execute();
$r = $tot->fetch(PDO::FETCH_NUM);
$TotalFinishedGames = $r[0];
$sth = $db->prepare("SELECT * FROM " . OSDB_GAMESTATUS . " WHERE gamestatus<=2 \n ORDER BY gamestatus ASC, gametime DESC LIMIT 50");
$result = $sth->execute();
$IDS = array();
$c = 0;
$GameName = "";
$TotalGames = $sth->rowCount();
?>
<h4><a href="javascript:;" onclick="showhide('cg')">Show/Hide current games</a> <?php
if (isset($_GET["remove"])) {
?>
if (isset($_POST["add_record"])) {
$player = strip_tags(strtolower(trim($_POST["player"])));
$ip = strip_tags(trim($_POST["ip"]));
if (strlen($player) <= 2 and strlen($ip) <= 2) {
$error .= "<div>At least one field must be filled</div>";
}
if (empty($error)) {
if (isset($_GET["edit"])) {
$id = safeEscape((int) $_GET["edit"]);
$upd = $db->prepare("UPDATE " . OSDB_GPROXY . " SET player = '" . $player . "', ip='" . $ip . "' \n\t\t WHERE id = '" . $id . "' ");
$result = $upd->execute();
OS_AddLog($_SESSION["username"], "[os_gproxy] Edited Gproxy record: " . $player . " (#" . $id . ")");
} else {
$upd = $db->prepare("INSERT INTO " . OSDB_GPROXY . " (player, ip, added, added_by) VALUES('" . $player . "', '" . $ip . "', '" . date("Y-m-d H:i:s") . "', '" . $_SESSION["username"] . "')");
$result = $upd->execute();
OS_AddLog($_SESSION["username"], "[os_gproxy] Added Gproxy record (" . $player . ")");
}
}
}
if (isset($_GET["edit"])) {
$button = "Edit Record";
}
if (!empty($error)) {
echo $error;
}
?>
<?php
if (!isset($_GET["edit"])) {
?>
<div><b>Add a new record</b></div><?php
} else {
$sql2 = substr($sql2, 0, -3);
$sql3 = substr($sql3, 0, -1);
if (isset($CanBan) and $CanBan >= 1) {
$sth = $db->prepare($sql);
$result = $sth->execute();
//Add penalty points
if ($pp >= 1) {
$sth2 = $db->prepare($sql2);
$result = $sth2->execute();
$sth3 = $db->prepare($sql3);
$result = $sth3->execute();
$inf = ", PP: {$pp}";
} else {
$inf = "";
}
OS_AddLog($_SESSION["username"], "[os_editban] AutoBan ( {$BannedTotal} banned" . $inf . ")");
}
?>
<h3><?php
echo $BannedTotal;
?>
players added to banlist</h3>
<?php
} else {
?>
<table>
<tr>
<td>Left time: <b><?php
echo $lt;
?>
</b> min. after game start</td>
write_value_of('$LiveShowRoshanKill', "{$LiveShowRoshanKill}", trim((int) $_POST["LiveShowRoshanKill"]), "../config.php");
write_value_of('$BotName', "{$BotName}", trim(strip_tags($_POST["BotName"])), "../config.php");
//Online offline players
write_value_of('$OnlineOfflineOnTopPage', "{$OnlineOfflineOnTopPage}", trim((int) $_POST["OnlineOfflineOnTopPage"]), "../config.php");
write_value_of('$DailyPoints', "{$DailyPoints}", trim(strip_tags((int) $_POST["DailyPoints"])), "../config.php");
?>
<div align="center">
<h2>Configuration successfully updated. <a href="<?php
echo $website;
?>
adm/?cfg">« Back</a></h2>
<div style="height: 800px;"> </div>
</div>
<?php
OS_AddLog($_SESSION["username"], "[os_config] Changed configuration");
} else {
if (!OS_IsRoot()) {
?>
<div align="center" style="margin-bottom: 220px;">
<h2>You don't have permission to access this page</h2>
</div>
<?php
} else {
if ($PHPbb3Integration == 1) {
if (!file_exists("../" . $phpbb_forum . "common.php")) {
$error .= "<div><span class='sentinel'><b>Error: file not exists:</b></span> " . $phpbb_forum . "common.php" . " </div>";
}
}
if ($SMFIntegration == 1) {
if (!file_exists("../" . $smf_forum . "SSI.php")) {
//Cron entry example - LOG
if ($CronReportDetails >= 1 and $c >= 1) {
$cron_data = 'DAEMON: Deleted total of <b>' . $c . ' replays</b>';
$sth = $db->prepare("INSERT INTO cron_logs (cron_data, cron_date) VALUES('{$cron_data}', '" . time() . "' ) ");
$result = $sth->execute();
}
}
//Check user_level expire
$debug = "";
$sth = $db->prepare("SELECT * FROM " . OSDB_USERS . " WHERE user_level_expire!= '0000-00-00 00:00:00' AND user_level_expire<=NOW() LIMIT {$MaxQueries}");
$result = $sth->execute();
while ($row = $sth->fetch(PDO::FETCH_ASSOC)) {
$debug .= $row["user_name"] . " (level: " . $row["user_level"] . "), ";
$upd = $db->prepare("UPDATE " . OSDB_USERS . " SET user_level = 0, user_level_expire= '0000-00-00 00:00:00' WHERE user_id = '" . $row["user_id"] . "'");
$result2 = $upd->execute();
OS_AddLog("CRONJOB", "[os_cron] Expired privileges: {$debug} )");
if (!empty($row["bnet_username"])) {
$upd2 = $db->prepare("UPDATE " . OSDB_STATS . " SET user_level = '0' WHERE player = '" . $row["bnet_username"] . "' ");
$result2 = $upd2->execute();
$upd3 = $db->prepare("UPDATE " . OSDB_STATS_P . " SET user_level = '0' WHERE player = '" . $row["bnet_username"] . "' ");
$result3 = $upd3->execute();
}
}
//Cron entry example - LOG
if ($CronReportDetails >= 1 and !empty($debug)) {
$cron_data = 'DAEMON: Expired privileges <b>' . htmlentities($debug) . '</b>';
$sth3 = $db->prepare("INSERT INTO cron_logs (cron_data, cron_date) VALUES('{$cron_data}', '" . time() . "' ) ");
$result3 = $sth3->execute();
}
//REMOVE EXPIRED PP
if ($PPExpireDays >= 1) {
if (isset($_GET["add"])) {
$id = safeEscape(strtoupper($_POST["itemid"]));
$sth = $db->prepare("SELECT * FROM " . OSDB_ITEMS . " WHERE (itemid) = ('" . $id . "') LIMIT 1 ");
$result = $sth->execute();
if ($sth->rowCount() >= 1) {
echo "<h2>Item ID already exists. <a href='" . OS_HOME . "adm/?items&edit=" . $id . "'>View</a></h2>";
} else {
if (strlen($id) <= 2) {
echo "<h2>Item ID does not have enought characters</h2>";
} else {
$ins = 1;
$db->insert(OSDB_ITEMS, array("itemid" => $id, "code" => 0, "name" => $name, "shortname" => $shortname, "item_info" => $item_info, "price" => $price, "type" => $type, "icon" => $icon));
if ($ins) {
?>
<h2>Item successfully added</h2><?php
OS_AddLog($_SESSION["username"], "[os_items] ADDED ITEM ( {$name}, {$id} )");
}
}
}
}
}
} else {
echo "<h2>Name does not have enought characters</h2>";
}
}
if (isset($_GET["edit"])) {
$sth = $db->prepare("SELECT * FROM " . OSDB_ITEMS . " WHERE itemid = '" . $edit . "' LIMIT 1");
$result = $sth->execute();
$row = $sth->fetch(PDO::FETCH_ASSOC);
$name = $row["name"];
$shortname = $row["shortname"];
if (empty($errors)) {
$sth = $db->prepare($sql);
$result = $sth->execute();
if (!empty($sql2)) {
$sth = $db->prepare($sql2);
$result = $sth->execute();
}
if (isset($sql3)) {
$sth = $db->prepare($sql3);
$result = $sth->execute();
}
if (isset($_GET["add"])) {
OS_AddLog($_SESSION["username"], "[os_addban] Added ban: {$name}");
}
if (isset($_GET["edit"])) {
OS_AddLog($_SESSION["username"], "[os_editban] Edited ban: {$name}");
}
if ($result) {
?>
<div align="center">
<h2>Ban successfully updated. <a href="<?php
echo OS_HOME;
?>
adm/?bans">« Back</a></h2>
</div>
<?php
}
} else {
?>
<div align="center"><?php
echo $errors;
$result = $sth->execute();
if ($sth->rowCount() >= 1 and !isset($_GET["edit"])) {
$errors .= "<div>E-mail already taken</div>";
}
$sth = $db->prepare("SELECT * FROM " . OSDB_USERS . " \n\t WHERE (bnet_username) = ('" . $bnet . "') ");
$result = $sth->execute();
if ($sth->rowCount() >= 1 and !isset($_GET["edit"])) {
$errors .= "<div>Battle.net account already exists</div>";
}
if (empty($errors)) {
$sth = $db->prepare($sql);
$result = $sth->execute();
if (isset($_GET["edit"])) {
OS_AddLog($_SESSION["username"], "[os_edituser] Edit member ( {$name} )");
} else {
OS_AddLog($_SESSION["username"], "[os_edituser] ADD member ( {$name} )");
}
if (!empty($bnet)) {
$sth = $db->prepare("UPDATE " . OSDB_STATS . " SET user_level = '" . $level . "' WHERE player = '" . $bnet . "' ");
$result = $sth->execute();
}
$r = 1;
if ($r) {
?>
<div align="center">
<h2>User successfully updated.
<a href="<?php
echo OS_HOME;
?>
adm/?users&edit=<?php
echo $_GET["edit"];
