';
tEnd();
}
tEnd();
tBegin("Pending Reports");
$sql = "SELECT r.*, a.name, a2.name AS adminname FROM (reports AS r, accounts AS a) LEFT JOIN accounts AS a2 ON r.admin = a2.id WHERE r.admin != '{$acc['id']}' AND r.processed = 'no' AND r.reporter = a.id ORDER BY (r.admin = 1) ASC, r.date ASC";
$result = $db->query($sql);
while ($row = $db->fetch_array($result)) {
if ($row["admin"] == 0) {
echo ucfirst($row["type"]), ' by ', $row["name"], ' on ', $row["date"], ': <a href="index.php?page=admin&action=addreport&rid=', $row["id"], '">process this report</a>.<br>';
} else {
echo ucfirst($row["type"]), ' by ', $row["name"], ' on ', $row["date"], ' flagged by ', $row["adminname"], ': <a href="index.php?page=admin&action=viewreport&rid=', $row["id"], '">view this report</a>.<br>';
}
}
tEnd();
tBegin("Processed Reports");
$sql = "SELECT r.*, a.name, a2.name AS adminname FROM reports AS r, accounts AS a, accounts AS a2 WHERE r.processed = 'yes' AND r.reporter = a.id AND r.admin = a2.id ORDER BY r.date DESC";
$result = $db->query($sql);
while ($row = $db->fetch_array($result)) {
echo ucfirst($row["type"]), ' by ', $row["name"], ' on ', $row["date"], ' processed by ', $row["adminname"], ': <a href="index.php?page=admin&action=viewreport&rid=', $row["id"], '">view this report</a>.<br>';
}
tEnd();
}
if ($action == "editnotes") {
$sql = "SELECT text FROM misctext WHERE name = 'adminnotes'";
$result = $db->query($sql);
$notes = $db->result($result, 0);
fTitle("index.php?page=admin&action=submiteditnotes");
fTextarea("Notes:", "notes", $notes);
fEnd("Edit");
}
if ($numrows != 1) {
echo 'Invalid bid.';
$no = 1;
}
if ($no == 0) {
$sql = "DELETE FROM changelog WHERE id = '{$bid}'";
$result = $db->query($sql);
echo 'changelog deleted.';
}
}
if ($action == "changechangelog") {
$sql = "SELECT * FROM changelog WHERE id = '{$bid}'";
$result = $db->query($sql);
$row = $db->fetch_array($result);
fTitle("index.php?page=changelog&action=submitchangechangelog&bid=" . $row["id"]);
fTextarea("Text:", "text", $row["text"]);
fEnd("Change");
}
if ($action == "submitchangechangelog") {
$no = 0;
if (!$text) {
echo 'Data is incomplete.';
$no = 1;
}
$sql = "SELECT * FROM changelog WHERE id = '{$bid}'";
$result = $db->query($sql);
$numrows = $db->num_rows($result);
if ($numrows != 1) {
echo 'Invalid bid.';
$no = 1;
}
<?php
include_once "../data.php";
include_once "../functions/gamefunctions.php";
include_once "../functions/tablefunctions.php";
$db = new database();
$db->connect($db_server, $db_login, $db_password);
$db->select_db($db_database);
if (!$action) {
fTitle("speed.php");
fText("Action:", "action");
fTextarea("Add:", "text");
fEnd("Add");
}
if ($action == "orbs") {
$lines = explode("\n", $text);
$counter = 0;
// create buildings
foreach ($lines as $line) {
$values = explode("\t", $line);
foreach ($values as $key => $value) {
$values[$key] = trim($value);
}
$sql = "\r\n\t\t\tINSERT INTO orbs (color, cost, min_gems, max_gems, min_uses, max_uses, rarity_mod, rarity_description) \r\n\t\t\tVALUES ('{$values['0']}', '{$values['1']}', '{$values['2']}', '{$values['3']}', '{$values['4']}', '{$values['5']}', '" . str_replace(",", ".", $values[6]) . "', '{$values['7']}')\r\n\t\t\t";
$result = $db->query($sql);
$counter++;
}
echo "{$counter} added.";
}
if ($action == "signs") {
$lines = explode("\n", $text);
echo 'Invalid fid.';
$no = 1;
}
if ($no == 0) {
$sql = "DELETE FROM faq WHERE id = '{$fid}'";
$result = $db->query($sql);
echo 'FAQ question deleted.';
}
}
if ($action == "changefaq") {
$sql = "SELECT * FROM faq WHERE id = '{$fid}'";
$result = $db->query($sql);
$row = $db->fetch_array($result);
fTitle("index.php?page=help&action=submitchangefaq&fid=" . $row["id"]);
fText("Question:", "question", $row["question"]);
fTextarea("Answer:", "answer", $row["answer"]);
fText("Importance:", "importance", $row["importance"], 5);
fEnd("Change");
}
if ($action == "submitchangefaq") {
$no = 0;
if (!$question || !$answer || !$fid) {
echo 'Data is incomplete.';
$no = 1;
}
if (!$importance) {
$importance = 0;
}
$sql = "SELECT * FROM faq WHERE id = '{$fid}'";
$result = $db->query($sql);
$numrows = $db->num_rows($result);
<?php
if ($action == "newmessage") {
fTitle("index.php?page=kingdom&action=submitnewmessage");
fText("Topic:", "topic");
fTextarea("Text:", "text");
fCheckbox("Send mail to every inhabitant", "mail");
fEnd("Post");
}
if ($action == "submitnewmessage") {
$no = 0;
if ($acc["leadertype"] < 1) {
echo 'Invalid leader.<br>';
$no = 1;
}
if (!trim($text) || !trim($topic)) {
echo 'You have to fill in all the fields.<br>';
$no = 1;
}
if ($no == 0) {
$topic = addslashes($topic);
gNews(1, 8, htmlspecialchars($topic), addslashes("<a href=\"index.php?page=playerinfo&action=viewinfo&aid={$acc['id']}\">{$acc['name']}</a> posted the following news:<br><br>" . gTags($text)), $acc["kingdom"]);
if ($mail == "on") {
$sql = "SELECT id FROM accounts WHERE kingdom = '{$acc['kingdom']}' AND id != '{$acc['id']}'";
$nresult = $db->query($sql);
$time = time();
$text = "{$acc['name']} posted the following news:\n\n" . $text;
while ($row = $db->fetch_array($nresult)) {
$sql = "INSERT INTO mails (subject, text, sender, receiver, time, senderstatus) VALUES ('Kingdom Message: " . $topic . "', '{$text}', '{$acc['id']}', '{$row['id']}', '{$time}', '1')";
$result = $db->query($sql);
}
$sql = "SELECT text, subject FROM mails WHERE id = '{$text}' AND (sender = '{$acc['id']}' OR receiver = '{$acc['id']}')";
$result = $db->query($sql);
$row = $db->fetch_array($result);
$subject = $row["subject"];
if (strcasecmp(substr($subject, 0, 4), "Re: ") != 0) {
$subject = "Re: " . $subject;
}
$text = "\n" . $row["text"];
$text = ereg_replace("\n", "\n> ", $text);
}
tBegin("Post Office");
echo '<center><a href="index.php?page=kingdom&action=newmail">New Mail</a> - <a href="index.php?page=kingdom&action=postoffice&folder=receiver">Received Items</a> - <a href="index.php?page=kingdom&action=postoffice&folder=sender">Sent Items</a> - <a href="index.php?page=kingdom&action=postoffice&folder=stored">Stored Items</a></center><br>';
fTitle("index.php?page=kingdom&action=submitnewmail");
fText("Target:", "receiver", $target, 40);
fText("Subject:", "subject", stripslashes($subject), 40);
fTextarea("Text:", "text", $text);
fEnd("Send");
tEnd();
}
if ($action == "readmail") {
$no = 0;
$sql = "SELECT m.time, m.receiverstatus, m.senderstatus, m.receiver, m.sender, m.text, m.subject, m.id, m.stored, a.id AS aid, a.name FROM mails AS m, accounts AS a WHERE m.id = '{$mid}' AND ((m.sender = '{$acc['id']}' AND m.receiver = a.id AND m.senderstatus = '1') OR (m.receiver = '{$acc['id']}' AND m.sender = a.id AND (m.receiverstatus = '0' OR m.receiverstatus = '1')) OR (m.receiver = '{$acc['id']}' AND m.sender = a.id AND (m.stored = '1')))";
$result = $db->query($sql);
$numrows = $db->num_rows($result);
if ($numrows != 1) {
echo 'Invalid data.<br>';
$no = 1;
} else {
$row = $db->fetch_array($result);
if ($row["receiver"] != $acc["id"] && $row["sender"] != $acc["id"]) {
echo 'That mail does not belong to you.<br>';
$result = $db->query($sql);
echo 'Race deleted.';
}
}
if ($action == "changerace") {
$sql = "SELECT * FROM races WHERE id = '{$rid}'";
$result = $db->query($sql);
$row = $db->fetch_array($result);
fTitle("index.php?page=spellbook&action=submitchangerace&rid=" . $row["id"]);
fText("Name:", "name", $row["name"]);
fText("Forest Defense:", "forest", $row["forest"]);
fText("Death Defense:", "death", $row["death"]);
fText("Air Defense:", "air", $row["air"]);
fText("Earth Defense:", "earth", $row["earth"]);
fSelect("Class:", "class", $gdClass, $row["class"] - 1);
fTextarea("Description:", "description", $row["description"]);
fEnd("Change");
}
if ($action == "submitchangerace") {
$no = 0;
if (!$name || !$class || !$rid) {
echo 'Data is incomplete.';
$no = 1;
}
$sql = "SELECT * FROM races WHERE id = '{$rid}'";
$result = $db->query($sql);
$numrows = $db->num_rows($result);
if ($numrows != 1) {
echo 'Invalid rid.';
$no = 1;
}
