'; tEnd(); } tEnd(); tBegin("Pending Reports"); $sql = "SELECT r.*, a.name, a2.name AS adminname FROM (reports AS r, accounts AS a) LEFT JOIN accounts AS a2 ON r.admin = a2.id WHERE r.admin != '{$acc['id']}' AND r.processed = 'no' AND r.reporter = a.id ORDER BY (r.admin = 1) ASC, r.date ASC"; $result = $db->query($sql); while ($row = $db->fetch_array($result)) { if ($row["admin"] == 0) { echo ucfirst($row["type"]), ' by ', $row["name"], ' on ', $row["date"], ': <a href="index.php?page=admin&action=addreport&rid=', $row["id"], '">process this report</a>.<br>'; } else { echo ucfirst($row["type"]), ' by ', $row["name"], ' on ', $row["date"], ' flagged by ', $row["adminname"], ': <a href="index.php?page=admin&action=viewreport&rid=', $row["id"], '">view this report</a>.<br>'; } } tEnd(); tBegin("Processed Reports"); $sql = "SELECT r.*, a.name, a2.name AS adminname FROM reports AS r, accounts AS a, accounts AS a2 WHERE r.processed = 'yes' AND r.reporter = a.id AND r.admin = a2.id ORDER BY r.date DESC"; $result = $db->query($sql); while ($row = $db->fetch_array($result)) { echo ucfirst($row["type"]), ' by ', $row["name"], ' on ', $row["date"], ' processed by ', $row["adminname"], ': <a href="index.php?page=admin&action=viewreport&rid=', $row["id"], '">view this report</a>.<br>'; } tEnd(); } if ($action == "editnotes") { $sql = "SELECT text FROM misctext WHERE name = 'adminnotes'"; $result = $db->query($sql); $notes = $db->result($result, 0); fTitle("index.php?page=admin&action=submiteditnotes"); fTextarea("Notes:", "notes", $notes); fEnd("Edit"); }
if ($numrows != 1) { echo 'Invalid bid.'; $no = 1; } if ($no == 0) { $sql = "DELETE FROM changelog WHERE id = '{$bid}'"; $result = $db->query($sql); echo 'changelog deleted.'; } } if ($action == "changechangelog") { $sql = "SELECT * FROM changelog WHERE id = '{$bid}'"; $result = $db->query($sql); $row = $db->fetch_array($result); fTitle("index.php?page=changelog&action=submitchangechangelog&bid=" . $row["id"]); fTextarea("Text:", "text", $row["text"]); fEnd("Change"); } if ($action == "submitchangechangelog") { $no = 0; if (!$text) { echo 'Data is incomplete.'; $no = 1; } $sql = "SELECT * FROM changelog WHERE id = '{$bid}'"; $result = $db->query($sql); $numrows = $db->num_rows($result); if ($numrows != 1) { echo 'Invalid bid.'; $no = 1; }
<?php include_once "../data.php"; include_once "../functions/gamefunctions.php"; include_once "../functions/tablefunctions.php"; $db = new database(); $db->connect($db_server, $db_login, $db_password); $db->select_db($db_database); if (!$action) { fTitle("speed.php"); fText("Action:", "action"); fTextarea("Add:", "text"); fEnd("Add"); } if ($action == "orbs") { $lines = explode("\n", $text); $counter = 0; // create buildings foreach ($lines as $line) { $values = explode("\t", $line); foreach ($values as $key => $value) { $values[$key] = trim($value); } $sql = "\r\n\t\t\tINSERT INTO orbs (color, cost, min_gems, max_gems, min_uses, max_uses, rarity_mod, rarity_description) \r\n\t\t\tVALUES ('{$values['0']}', '{$values['1']}', '{$values['2']}', '{$values['3']}', '{$values['4']}', '{$values['5']}', '" . str_replace(",", ".", $values[6]) . "', '{$values['7']}')\r\n\t\t\t"; $result = $db->query($sql); $counter++; } echo "{$counter} added."; } if ($action == "signs") { $lines = explode("\n", $text);
echo 'Invalid fid.'; $no = 1; } if ($no == 0) { $sql = "DELETE FROM faq WHERE id = '{$fid}'"; $result = $db->query($sql); echo 'FAQ question deleted.'; } } if ($action == "changefaq") { $sql = "SELECT * FROM faq WHERE id = '{$fid}'"; $result = $db->query($sql); $row = $db->fetch_array($result); fTitle("index.php?page=help&action=submitchangefaq&fid=" . $row["id"]); fText("Question:", "question", $row["question"]); fTextarea("Answer:", "answer", $row["answer"]); fText("Importance:", "importance", $row["importance"], 5); fEnd("Change"); } if ($action == "submitchangefaq") { $no = 0; if (!$question || !$answer || !$fid) { echo 'Data is incomplete.'; $no = 1; } if (!$importance) { $importance = 0; } $sql = "SELECT * FROM faq WHERE id = '{$fid}'"; $result = $db->query($sql); $numrows = $db->num_rows($result);
<?php if ($action == "newmessage") { fTitle("index.php?page=kingdom&action=submitnewmessage"); fText("Topic:", "topic"); fTextarea("Text:", "text"); fCheckbox("Send mail to every inhabitant", "mail"); fEnd("Post"); } if ($action == "submitnewmessage") { $no = 0; if ($acc["leadertype"] < 1) { echo 'Invalid leader.<br>'; $no = 1; } if (!trim($text) || !trim($topic)) { echo 'You have to fill in all the fields.<br>'; $no = 1; } if ($no == 0) { $topic = addslashes($topic); gNews(1, 8, htmlspecialchars($topic), addslashes("<a href=\"index.php?page=playerinfo&action=viewinfo&aid={$acc['id']}\">{$acc['name']}</a> posted the following news:<br><br>" . gTags($text)), $acc["kingdom"]); if ($mail == "on") { $sql = "SELECT id FROM accounts WHERE kingdom = '{$acc['kingdom']}' AND id != '{$acc['id']}'"; $nresult = $db->query($sql); $time = time(); $text = "{$acc['name']} posted the following news:\n\n" . $text; while ($row = $db->fetch_array($nresult)) { $sql = "INSERT INTO mails (subject, text, sender, receiver, time, senderstatus) VALUES ('Kingdom Message: " . $topic . "', '{$text}', '{$acc['id']}', '{$row['id']}', '{$time}', '1')"; $result = $db->query($sql); }
$sql = "SELECT text, subject FROM mails WHERE id = '{$text}' AND (sender = '{$acc['id']}' OR receiver = '{$acc['id']}')"; $result = $db->query($sql); $row = $db->fetch_array($result); $subject = $row["subject"]; if (strcasecmp(substr($subject, 0, 4), "Re: ") != 0) { $subject = "Re: " . $subject; } $text = "\n" . $row["text"]; $text = ereg_replace("\n", "\n> ", $text); } tBegin("Post Office"); echo '<center><a href="index.php?page=kingdom&action=newmail">New Mail</a> - <a href="index.php?page=kingdom&action=postoffice&folder=receiver">Received Items</a> - <a href="index.php?page=kingdom&action=postoffice&folder=sender">Sent Items</a> - <a href="index.php?page=kingdom&action=postoffice&folder=stored">Stored Items</a></center><br>'; fTitle("index.php?page=kingdom&action=submitnewmail"); fText("Target:", "receiver", $target, 40); fText("Subject:", "subject", stripslashes($subject), 40); fTextarea("Text:", "text", $text); fEnd("Send"); tEnd(); } if ($action == "readmail") { $no = 0; $sql = "SELECT m.time, m.receiverstatus, m.senderstatus, m.receiver, m.sender, m.text, m.subject, m.id, m.stored, a.id AS aid, a.name FROM mails AS m, accounts AS a WHERE m.id = '{$mid}' AND ((m.sender = '{$acc['id']}' AND m.receiver = a.id AND m.senderstatus = '1') OR (m.receiver = '{$acc['id']}' AND m.sender = a.id AND (m.receiverstatus = '0' OR m.receiverstatus = '1')) OR (m.receiver = '{$acc['id']}' AND m.sender = a.id AND (m.stored = '1')))"; $result = $db->query($sql); $numrows = $db->num_rows($result); if ($numrows != 1) { echo 'Invalid data.<br>'; $no = 1; } else { $row = $db->fetch_array($result); if ($row["receiver"] != $acc["id"] && $row["sender"] != $acc["id"]) { echo 'That mail does not belong to you.<br>';
$result = $db->query($sql); echo 'Race deleted.'; } } if ($action == "changerace") { $sql = "SELECT * FROM races WHERE id = '{$rid}'"; $result = $db->query($sql); $row = $db->fetch_array($result); fTitle("index.php?page=spellbook&action=submitchangerace&rid=" . $row["id"]); fText("Name:", "name", $row["name"]); fText("Forest Defense:", "forest", $row["forest"]); fText("Death Defense:", "death", $row["death"]); fText("Air Defense:", "air", $row["air"]); fText("Earth Defense:", "earth", $row["earth"]); fSelect("Class:", "class", $gdClass, $row["class"] - 1); fTextarea("Description:", "description", $row["description"]); fEnd("Change"); } if ($action == "submitchangerace") { $no = 0; if (!$name || !$class || !$rid) { echo 'Data is incomplete.'; $no = 1; } $sql = "SELECT * FROM races WHERE id = '{$rid}'"; $result = $db->query($sql); $numrows = $db->num_rows($result); if ($numrows != 1) { echo 'Invalid rid.'; $no = 1; }