$skills = str_replace(array("Š", "š"), array("Š", "š"), $skills); if ($heroid != "" and strlen($HeroName) >= 2) { if (isset($_GET["edit"])) { $update = $db->update(OSDB_HEROES, array("description" => $HeroName, "summary" => $desc, "stats" => $stats, "skills" => $skills, "type" => $type), "heroid = '" . $edit . "' "); OS_AddLog($_SESSION["username"], "[os_heroes] EDITED HERO ( {$edit}, {$HeroName} )"); } else { $hid = str_replace(".gif", "", $heroid); $check = $db->prepare("SELECT * FROM " . OSDB_HEROES . " WHERE heroid = '" . $hid . "' "); $result = $check->execute(); if ($check->rowCount() >= 1) { ?> <h2>Hero already exists</h2><?php } else { //INSERT $db->insert(OSDB_HEROES, array("heroid" => $hid, "original" => $hid, "description" => $HeroName, "summary" => $desc, "stats" => $stats, "skills" => $skills, "type" => $type)); OS_AddLog($_SESSION["username"], "[os_heroes] ADD HERO ( {$hid}, {$HeroName} )"); } } if ($upd) { ?> <h2>Hero successfully updated</h2><?php } } else { echo "<h2>Missing HeroID or Hero Name does not have enought characters </h2>"; } CreateHeroList("../inc/cache/"); } if (isset($_GET["edit"]) and !isset($_GET["add"])) { $sth = $db->prepare("SELECT * FROM " . OSDB_HEROES . " WHERE heroid = '" . $edit . "' LIMIT 1"); $result = $sth->execute(); $row = $sth->fetch(PDO::FETCH_ASSOC);
$result = $sth->execute(); OS_AddLog($_SESSION["username"], "[os_adminlog] Deleted admin log ( #" . (int) $_GET["del"] . " ) "); } if (isset($_GET["purge_admin_logs"])) { $sth = $db->prepare("TRUNCATE TABLE " . OSDB_ADMIN_LOG . " "); $result = $sth->execute(); ?> <div align="center"> <h2>All logs are deleted successfully.</h2> <a href="<?php echo OS_HOME; ?> adm/?admin_logs">Refresh page</a> to continue. </div> <?php OS_AddLog($_SESSION["username"], "[os_adminlog] Deleted all admin logs "); } if (isset($_GET["search_logs"])) { $s = safeEscape($_GET["search_logs"]); } else { $s = ""; } ?> <form action="" method="get"> <input type="hidden" name="admin_logs" /> <input style="width: 180px; height: 24px;" id="sl" type="text" name="search_logs" value="<?php echo $s; ?> " /> <input class="menuButtons" type="submit" value="Search logs" /> <!--
$pp = trim((int) $_POST["pp"]); $date = date("Y-m-d H:i:00", time()); if (strlen($player_name) <= 2) { $errors .= "<div>Player name does not have enough characters</div>"; } if ($pp <= 0) { $errors .= "<div>Penalty points can not be less than 1</div>"; } if (empty($errors)) { if (!isset($_GET["edit"])) { $sqlqr = "INSERT INTO " . OSDB_GO . "(player_name, reason, offence_time, offence_expire, pp, admin) \n\t VALUES('" . $player_name . "', '" . $reason . "', '" . $date . "', '" . $expiredate . "', '" . $pp . "', '" . $admin . "' )"; OS_AddLog($_SESSION["username"], "[os_addpp] Added PP {$player_name} + {$pp}"); } else { $id = (int) $_GET["edit"]; $sqlqr = "UPDATE " . OSDB_GO . " SET player_name = '{$player_name}', reason = '{$reason}', offence_expire = '{$expiredate}', pp = '{$pp}', admin = '{$admin}'\n\t\t WHERE id = {$id} LIMIT 1"; OS_AddLog($_SESSION["username"], "[os_addpp] EDIT PP {$player_name} "); } $sth = $db->prepare($sqlqr); $result = $sth->execute(); } } ?> <div align="center"> <table> <tr><td> <form action="" method="get"> <input type="hidden" name="pp" /> <input type="text" name="search" value = "<?php echo $search; ?>
<?php if (!isset($website)) { header('HTTP/1.1 404 Not Found'); die; } $field_name = "oh_bannednamepartials"; if (isset($_POST["submit_bn"]) and isset($_POST["BannedNames"])) { $words = strip_tags(trim($_POST["BannedNames"])); OS_add_custom_field(1, $field_name, $words); $saved = 1; OS_AddLog($_SESSION["username"], "[oh_bannednamepartials] Edited Banned names"); } $BannedNames = OS_get_custom_field(1, $field_name); ?> <div align="center"> <h2>Banned names</h2> <form action="" method="post"> <textarea rows="10" cols="60" name="BannedNames"><?php echo $BannedNames; ?> </textarea> <div> <input type="submit" value="Save word filter" name="submit_bn" class="menuButtons" /> </div> </form> <?php if (isset($saved)) { ?>
if (isset($_GET["search_users"])) { echo $_GET["search_users"]; } ?> (#<?php echo (int) $_GET["reset_stats"]; ?> )</h2> <?php } //EDIT PLAYER if (isset($_GET["edit"])) { if (isset($_POST["save_player"])) { $sth = $db->prepare("UPDATE " . OSDB_STATS_P . " SET \n\t user_level = '" . (int) $_POST["user_level"] . "',\n\t banned = '" . (int) $_POST["banned"] . "',\n\t hide = '" . (int) $_POST["hide"] . "',\n\t realm = '" . trim(strip_tags($_POST["realm"])) . "',\n\t points = '" . trim(strip_tags($_POST["points"])) . "',\n\t points_bet = '" . trim(strip_tags($_POST["points_bet"])) . "',\n\t blacklisted = '" . trim(strip_tags($_POST["blacklisted"])) . "',\n\t exp = '" . trim(strip_tags($_POST["exp"])) . "'\n\t WHERE player = '" . trim($_GET["edit"]) . "' LIMIT 1 "); $result = $sth->execute(); OS_AddLog($_SESSION["username"], "[os_players_edit] " . $_GET["edit"] . ": Lev: " . $_POST["user_level"] . ", EXP: " . $_POST["exp"] . " "); } $Player = trim($_GET["edit"]); $sth = $db->prepare("SELECT * FROM " . OSDB_STATS_P . " WHERE player = '" . $Player . "' "); $result = $sth->execute(); $row = $sth->fetch(PDO::FETCH_ASSOC); $exp = calculateXP($row["exp"]); $percent = $exp["percent"]; $level = $exp["level"]; $expts = $row["exp"]; $end = $exp["end"]; $progress = round($exp["end"] / ($exp["end"] + $row["exp"]), 3) * 100; $level = $row["user_level"]; if ($_SESSION["level"] > 9) { $dis = ""; } else {
?> adm/?remote">Refresh page</a> to continue. </div> <?php OS_AddLog($_SESSION["username"], "[os_rcon] Removed all remote commands "); } if (isset($_POST["rc"]) and isset($_POST["botid"]) and is_numeric($_POST["botid"]) and isset($_POST["command"])) { $botid = safeEscape((int) $_POST["botid"]); $command = strip_tags(trim($_POST["command"])); $db->insert(OSDB_COMMANDS, array("botid" => $botid, "command" => $command)); $InsertID = $db->lastInsertId(); ?> <div align="center"> <?php if ($InsertID >= 1) { OS_AddLog($_SESSION["username"], "[os_rcon] Sent Remote command ( #{$InsertID} )"); ?> Message #<?php echo $InsertID; ?> has been successfully sent. <div style="font-size:11px;"><?php echo $command; ?> </div> <?php } else { ?> Error. Something is wrong. Make sure you <a href="http://www.codelain.com/forum/index.php?topic=17803.0;" target="_blank">install the patch</a>. <?php }
<?php $field_name = "oh_announcements_config"; if (isset($_POST["a_saved"]) and isset($_POST["a_time"])) { $time = (int) strip_tags(trim($_POST["a_time"])); if (!is_numeric($time)) { $time = 30; } if ($time < 0 or $time > 60 * 24) { $time = 30; } $lobby = strip_tags(trim($_POST["a_lobby"])); $data = "repeat\t{$time}\tlobby\t{$lobby}"; OS_add_custom_field(1, $field_name, $data); $saved = 1; OS_AddLog($_SESSION["username"], "[os_announcements] Edited Announcements Config"); } $config = OS_get_custom_field(1, $field_name); $cfg = explode("\t", $config); if (isset($cfg[1])) { $time = $cfg[1]; } else { $time = 30; } if (isset($cfg[3])) { $lby = $cfg[3]; } else { $lby = 0; } ?> <form action="" method="post">
$update = $db->query("UPDATE ".OSDB_STATS." SET user_level = '".$level."' WHERE (player) = ('".$name."') LIMIT 1"); } */ if (empty($errors)) { $sth = $db->prepare($sql); $result = $sth->execute(); if ($result) { ?> <div align="center"> <h2>Admin successfully updated. <a href="<?php echo $website; ?> adm/?admins">« Back</a></h2> </div> <?php OS_AddLog($_SESSION["username"], "[os_editadmin] Edited Admin ( {$name}, Level: {$level} )"); } } else { ?> <div align="center"><?php echo $errors; ?> </div> <?php } } if (isset($_GET["edit"]) and is_numeric($_GET["edit"])) { $sth = $db->prepare("SELECT * FROM " . OSDB_USERS . " WHERE user_id = :id "); $sth->bindValue(':id', (int) $id, PDO::PARAM_INT); $result = $sth->execute(); $row = $sth->fetch(PDO::FETCH_ASSOC);
<?php if (!isset($website)) { header('HTTP/1.1 404 Not Found'); die; } $field_name = "oh_badwords"; if (isset($_POST["submit_wf"]) and isset($_POST["bad_words"])) { $words = strip_tags(trim($_POST["bad_words"])); OS_add_custom_field(1, $field_name, $words); $saved = 1; OS_AddLog($_SESSION["username"], "[os_badwords] Edited Bad words"); } $badwords = OS_get_custom_field(1, $field_name); ?> <div align="center"> <h2>Word Filter</h2> <form action="" method="post"> <textarea rows="10" cols="60" name="bad_words"><?php echo $badwords; ?> </textarea> <div> <input type="submit" value="Save word filter" name="submit_wf" class="menuButtons" /> </div> </form> <?php if (isset($saved)) { ?>
} } } } } } } } } } } } } } //Version check if (!isset($_SESSION["v_check"])) { $_SESSION["v_check"] = OS_VERSION; $v = OS_Curl('http://ohsystem.net/stats/version_check.php?check=' . OS_VERSION); $os_check = OS_Curl('http://ohsystem.net/stats/version.php'); if ($os_check != OS_VERSION and !empty($os_check)) { $IntroMessage = '<b>An updated version of Dota OpenStats is available.</b><br />'; $IntroMessage .= 'You can update to OpenStats <b>' . $os_check . "</b><br />"; $IntroMessage .= 'Download the package and install it: <br />'; $IntroMessage .= '<a target="_blank" class="menuButtons" href="https://github.com/OHSystem/ohsystem/">Download ' . $os_check . '</a> <br />'; $_SESSION["intro_message"] = $IntroMessage; } if (isset($_SESSION["username"]) and !isset($_SESSION["adm_logged"])) { OS_AddLog($_SESSION["username"], "[os_login] in admin panel"); $_SESSION["adm_logged"] = time(); } }
$expire = strip_tags($_POST["expire"]); $reason = strip_tags($_POST["reason"]); $game = strip_tags($_POST["game"]); $country = $UserData[0]["letter"]; $realm = $UserData[0]["realm"]; $ip = $UserData[0]["ip"]; $ip_part = OS_GetIpRange($ip); $admin = $_SESSION["username"]; $time = date("Y-m-d H:i:s", time()); $db->insert(OSDB_BANS, array("name" => strtolower($PlayerName), "server" => $realm, "reason" => $reason, "ip" => $ip, "ip_part" => $ip_part, "admin" => $admin, "gamename" => $game, "date" => $time, "expiredate" => $expire, "country" => $country)); $db->insert(OSDB_GO, array("player_name" => strtolower($PlayerName), "reason" => $reason, "offence_time" => $time, "offence_expire" => '0000-00-00 00:00:00', "pp" => '1', "admin" => $admin)); $upd2 = $db->prepare("UPDATE " . OSDB_STATS . " SET banned = '1' WHERE player = '" . $PlayerName . "' "); $result = $upd2->execute(); $upd3 = $db->prepare("UPDATE " . OSDB_STATS_P . " SET banned = '1' WHERE player = '" . $PlayerName . "' "); $result = $upd3->execute(); OS_AddLog($_SESSION["username"], "[os_moderator] Banned: {$PlayerName} "); header("location: " . OS_HOME . "?u=" . $uid . "&mcp"); die; } //Other players on same IP range if (!empty($PlayerName)) { $ip = $UserData[0]["ip"]; $ip_part = OS_GetIpRange($ip); //Show all user IPs $sth = $db->prepare("SELECT gp.id, gp.ip, gp.name, g.gamename, g.datetime, gp.gameid \n\t\t\t FROM " . OSDB_GP . " as gp\n\t\t\t LEFT JOIN " . OSDB_GAMES . " as g on g.id = gp.gameid\n\t\t\t WHERE name = '" . $PlayerName . "' GROUP BY ip ORDER BY id DESC LIMIT 50"); $result = $sth->execute(); $UserIPAddr = array(); $AllUserIPS = array(); $c = 0; while ($row = $sth->fetch(PDO::FETCH_ASSOC)) { $UserIPAddr[$c]["id"] = $row["id"];
if (isset($_GET["edit"])) { $sql = "UPDATE " . OSDB_COMMENTS . " SET \n\t text= '" . $text . "' {$sqlPostDate} WHERE id ='" . $id . "' LIMIT 1 "; } if (empty($errors)) { $sth = $db->prepare($sql); $result = $sth->execute(); if ($result) { ?> <div align="center"> <h2>Comment successfully updated. <a href="<?php echo $website; ?> adm/?comments">« Back</a></h2> </div> <?php OS_AddLog($_SESSION["username"], "[os_delcomment] Updated comment ( #{$id} )"); } } else { ?> <div align="center"><?php echo $errors; ?> </div> <?php } } if (isset($_GET["edit"]) and is_numeric($_GET["edit"])) { $sth = $db->prepare("SELECT * FROM " . OSDB_COMMENTS . " WHERE id = '" . $id . "' "); $result = $sth->execute(); $row = $sth->fetch(PDO::FETCH_ASSOC); $text = convEnt($row["text"]);
$sth = $db->prepare($sql); $result = $sth->execute(); if ($result) { ?> <div align="center"> <h2>Note successfully updated. <a href="<?php echo OS_HOME; ?> adm/?notes">« Back</a></h2> </div> <?php if (isset($_GET["edit"])) { OS_AddLog($_SESSION["username"], "[os_notes] Edited Note: ( {$name} ) "); } if (isset($_GET["add"])) { OS_AddLog($_SESSION["username"], "[os_notes] Added Note: ( {$name} ) "); } } } else { ?> <div align="center"><?php echo $errors; ?> </div> <?php } } if (isset($_GET["edit"]) and is_numeric($_GET["edit"])) { $sth = $db->prepare("SELECT * FROM " . OSDB_NOTES . " WHERE id = '" . $id . "' "); $result = $sth->execute(); $row = $sth->fetch(PDO::FETCH_ASSOC);
<?php if (!isset($website)) { header('HTTP/1.1 404 Not Found'); die; } $field_name = "oh_banemail"; if (isset($_POST["submit_be"]) and isset($_POST["bad_email"])) { $words = strip_tags(trim($_POST["bad_email"])); OS_add_custom_field(1, $field_name, $words); $saved = 1; OS_AddLog($_SESSION["username"], "[oh_banemail] Edited Bad words"); } $banemails = OS_get_custom_field(1, $field_name); ?> <div align="center"> <h2>Ban Email Address</h2> <?php if (!empty($banemails)) { $total = count(explode(",", $banemails)); ?> <div><b>Banned:</b> <?php echo $total; ?> email addresses</div> <?php } ?> <form action="" method="post">
} if (isset($_GET["purge_logs"])) { $sth = $db->prepare("TRUNCATE TABLE " . OSDB_GAMELOG . " "); $result = $sth->execute(); $del = $db->prepare("DELETE FROM " . OSDB_GAMESTATUS . " WHERE gamestatus>=3"); $result = $del->execute(); ?> <div align="center"> <h2>All logs are deleted successfully.</h2> <a href="<?php echo OS_HOME; ?> adm/?live_games">Refresh page</a> to continue. </div> <?php OS_AddLog($_SESSION["username"], "[os_live] REMOVED ALL LOGS (PURGE) "); } $tot = $db->prepare("SELECT COUNT(*) FROM " . OSDB_GAMESTATUS . " \n\tWHERE gamestatus>=3"); $result = $tot->execute(); $r = $tot->fetch(PDO::FETCH_NUM); $TotalFinishedGames = $r[0]; $sth = $db->prepare("SELECT * FROM " . OSDB_GAMESTATUS . " WHERE gamestatus<=2 \n ORDER BY gamestatus ASC, gametime DESC LIMIT 50"); $result = $sth->execute(); $IDS = array(); $c = 0; $GameName = ""; $TotalGames = $sth->rowCount(); ?> <h4><a href="javascript:;" onclick="showhide('cg')">Show/Hide current games</a> <?php if (isset($_GET["remove"])) { ?>
if (isset($_POST["add_record"])) { $player = strip_tags(strtolower(trim($_POST["player"]))); $ip = strip_tags(trim($_POST["ip"])); if (strlen($player) <= 2 and strlen($ip) <= 2) { $error .= "<div>At least one field must be filled</div>"; } if (empty($error)) { if (isset($_GET["edit"])) { $id = safeEscape((int) $_GET["edit"]); $upd = $db->prepare("UPDATE " . OSDB_GPROXY . " SET player = '" . $player . "', ip='" . $ip . "' \n\t\t WHERE id = '" . $id . "' "); $result = $upd->execute(); OS_AddLog($_SESSION["username"], "[os_gproxy] Edited Gproxy record: " . $player . " (#" . $id . ")"); } else { $upd = $db->prepare("INSERT INTO " . OSDB_GPROXY . " (player, ip, added, added_by) VALUES('" . $player . "', '" . $ip . "', '" . date("Y-m-d H:i:s") . "', '" . $_SESSION["username"] . "')"); $result = $upd->execute(); OS_AddLog($_SESSION["username"], "[os_gproxy] Added Gproxy record (" . $player . ")"); } } } if (isset($_GET["edit"])) { $button = "Edit Record"; } if (!empty($error)) { echo $error; } ?> <?php if (!isset($_GET["edit"])) { ?> <div><b>Add a new record</b></div><?php } else {
$sql2 = substr($sql2, 0, -3); $sql3 = substr($sql3, 0, -1); if (isset($CanBan) and $CanBan >= 1) { $sth = $db->prepare($sql); $result = $sth->execute(); //Add penalty points if ($pp >= 1) { $sth2 = $db->prepare($sql2); $result = $sth2->execute(); $sth3 = $db->prepare($sql3); $result = $sth3->execute(); $inf = ", PP: {$pp}"; } else { $inf = ""; } OS_AddLog($_SESSION["username"], "[os_editban] AutoBan ( {$BannedTotal} banned" . $inf . ")"); } ?> <h3><?php echo $BannedTotal; ?> players added to banlist</h3> <?php } else { ?> <table> <tr> <td>Left time: <b><?php echo $lt; ?> </b> min. after game start</td>
write_value_of('$LiveShowRoshanKill', "{$LiveShowRoshanKill}", trim((int) $_POST["LiveShowRoshanKill"]), "../config.php"); write_value_of('$BotName', "{$BotName}", trim(strip_tags($_POST["BotName"])), "../config.php"); //Online offline players write_value_of('$OnlineOfflineOnTopPage', "{$OnlineOfflineOnTopPage}", trim((int) $_POST["OnlineOfflineOnTopPage"]), "../config.php"); write_value_of('$DailyPoints', "{$DailyPoints}", trim(strip_tags((int) $_POST["DailyPoints"])), "../config.php"); ?> <div align="center"> <h2>Configuration successfully updated. <a href="<?php echo $website; ?> adm/?cfg">« Back</a></h2> <div style="height: 800px;"> </div> </div> <?php OS_AddLog($_SESSION["username"], "[os_config] Changed configuration"); } else { if (!OS_IsRoot()) { ?> <div align="center" style="margin-bottom: 220px;"> <h2>You don't have permission to access this page</h2> </div> <?php } else { if ($PHPbb3Integration == 1) { if (!file_exists("../" . $phpbb_forum . "common.php")) { $error .= "<div><span class='sentinel'><b>Error: file not exists:</b></span> " . $phpbb_forum . "common.php" . " </div>"; } } if ($SMFIntegration == 1) { if (!file_exists("../" . $smf_forum . "SSI.php")) {
//Cron entry example - LOG if ($CronReportDetails >= 1 and $c >= 1) { $cron_data = 'DAEMON: Deleted total of <b>' . $c . ' replays</b>'; $sth = $db->prepare("INSERT INTO cron_logs (cron_data, cron_date) VALUES('{$cron_data}', '" . time() . "' ) "); $result = $sth->execute(); } } //Check user_level expire $debug = ""; $sth = $db->prepare("SELECT * FROM " . OSDB_USERS . " WHERE user_level_expire!= '0000-00-00 00:00:00' AND user_level_expire<=NOW() LIMIT {$MaxQueries}"); $result = $sth->execute(); while ($row = $sth->fetch(PDO::FETCH_ASSOC)) { $debug .= $row["user_name"] . " (level: " . $row["user_level"] . "), "; $upd = $db->prepare("UPDATE " . OSDB_USERS . " SET user_level = 0, user_level_expire= '0000-00-00 00:00:00' WHERE user_id = '" . $row["user_id"] . "'"); $result2 = $upd->execute(); OS_AddLog("CRONJOB", "[os_cron] Expired privileges: {$debug} )"); if (!empty($row["bnet_username"])) { $upd2 = $db->prepare("UPDATE " . OSDB_STATS . " SET user_level = '0' WHERE player = '" . $row["bnet_username"] . "' "); $result2 = $upd2->execute(); $upd3 = $db->prepare("UPDATE " . OSDB_STATS_P . " SET user_level = '0' WHERE player = '" . $row["bnet_username"] . "' "); $result3 = $upd3->execute(); } } //Cron entry example - LOG if ($CronReportDetails >= 1 and !empty($debug)) { $cron_data = 'DAEMON: Expired privileges <b>' . htmlentities($debug) . '</b>'; $sth3 = $db->prepare("INSERT INTO cron_logs (cron_data, cron_date) VALUES('{$cron_data}', '" . time() . "' ) "); $result3 = $sth3->execute(); } //REMOVE EXPIRED PP if ($PPExpireDays >= 1) {
if (isset($_GET["add"])) { $id = safeEscape(strtoupper($_POST["itemid"])); $sth = $db->prepare("SELECT * FROM " . OSDB_ITEMS . " WHERE (itemid) = ('" . $id . "') LIMIT 1 "); $result = $sth->execute(); if ($sth->rowCount() >= 1) { echo "<h2>Item ID already exists. <a href='" . OS_HOME . "adm/?items&edit=" . $id . "'>View</a></h2>"; } else { if (strlen($id) <= 2) { echo "<h2>Item ID does not have enought characters</h2>"; } else { $ins = 1; $db->insert(OSDB_ITEMS, array("itemid" => $id, "code" => 0, "name" => $name, "shortname" => $shortname, "item_info" => $item_info, "price" => $price, "type" => $type, "icon" => $icon)); if ($ins) { ?> <h2>Item successfully added</h2><?php OS_AddLog($_SESSION["username"], "[os_items] ADDED ITEM ( {$name}, {$id} )"); } } } } } } else { echo "<h2>Name does not have enought characters</h2>"; } } if (isset($_GET["edit"])) { $sth = $db->prepare("SELECT * FROM " . OSDB_ITEMS . " WHERE itemid = '" . $edit . "' LIMIT 1"); $result = $sth->execute(); $row = $sth->fetch(PDO::FETCH_ASSOC); $name = $row["name"]; $shortname = $row["shortname"];
if (empty($errors)) { $sth = $db->prepare($sql); $result = $sth->execute(); if (!empty($sql2)) { $sth = $db->prepare($sql2); $result = $sth->execute(); } if (isset($sql3)) { $sth = $db->prepare($sql3); $result = $sth->execute(); } if (isset($_GET["add"])) { OS_AddLog($_SESSION["username"], "[os_addban] Added ban: {$name}"); } if (isset($_GET["edit"])) { OS_AddLog($_SESSION["username"], "[os_editban] Edited ban: {$name}"); } if ($result) { ?> <div align="center"> <h2>Ban successfully updated. <a href="<?php echo OS_HOME; ?> adm/?bans">« Back</a></h2> </div> <?php } } else { ?> <div align="center"><?php echo $errors;
$result = $sth->execute(); if ($sth->rowCount() >= 1 and !isset($_GET["edit"])) { $errors .= "<div>E-mail already taken</div>"; } $sth = $db->prepare("SELECT * FROM " . OSDB_USERS . " \n\t WHERE (bnet_username) = ('" . $bnet . "') "); $result = $sth->execute(); if ($sth->rowCount() >= 1 and !isset($_GET["edit"])) { $errors .= "<div>Battle.net account already exists</div>"; } if (empty($errors)) { $sth = $db->prepare($sql); $result = $sth->execute(); if (isset($_GET["edit"])) { OS_AddLog($_SESSION["username"], "[os_edituser] Edit member ( {$name} )"); } else { OS_AddLog($_SESSION["username"], "[os_edituser] ADD member ( {$name} )"); } if (!empty($bnet)) { $sth = $db->prepare("UPDATE " . OSDB_STATS . " SET user_level = '" . $level . "' WHERE player = '" . $bnet . "' "); $result = $sth->execute(); } $r = 1; if ($r) { ?> <div align="center"> <h2>User successfully updated. <a href="<?php echo OS_HOME; ?> adm/?users&edit=<?php echo $_GET["edit"];