function newroom_creation() { global $txt, $print, $x7c, $db, $prefix, $x7p; $error = ""; $_POST['roomtopic'] = ''; // Make sure all values were filled out and check for errors in it if ($_POST['roomname'] == "" || eregi("\\ |\\.|'|,|;|\\*", $_POST['roomname'])) { $error = $txt[72]; } if ($_POST['roomlong'] == "" || eregi("\\.|'|,|;|\\*", $_POST['roomlong'])) { $error = "Nome lungo errato: il nome può contenere solo lettere e numeri, non simboli."; } $query = $db->DoQuery("SELECT name FROM {$prefix}rooms WHERE name='{$_POST['roomname']}'"); $row = $db->Do_Fetch_Row($query); if ($row[0] != "") { $error = $txt[76]; } if ($_POST['roommax'] == "" || $_POST['roommax'] < 3) { $_POST['roommax'] = "3"; } if ($_POST['roomtype'] != "1" && $_POST['roomtype'] != "2") { $error = $txt[73]; } if ($_POST['roomtype'] == "2" && $x7c->permissions['make_proom'] != 1) { $error = $txt[74]; } if ($x7c->permissions['make_mod'] != 1 || !isset($_POST['roommod'])) { $_POST['roommod'] = 0; } if (!isset($_POST['panic_free'])) { $_POST['panic_free'] = 0; } if (!isset($_POST['hunt'])) { $_POST['hunt'] = 0; } if ($error == "") { $body = $txt[75] . "<Br><Br><a href=\"./index.php\">[{$txt['29']}]</a>"; // Crate the room create_room($x7p->profile['id'], $_POST['roomname'], $_POST['roomtype'], $_POST['roommod'], $_POST['roomtopic'], $_POST['roomgreeting'], $_POST['roompass'], $_POST['roommax'], $_POST['panic_free'], $_POST['roomlong'], $_POST['hunt']); header("location: index.php?act=roomcp&room={$_POST['roomname']}&cp_page=settings"); } else { $body = $error . "<Br><Br><a href=\"index.php?act=newroom1\">[{$txt['77']}]</a>"; } $print->normal_window($txt[59], $body); }
if ($action == "create") { // The user wants to create a new room $roomID = create_room(); $path = get_path() . 'instance.php?id=' . $roomID; // Redirect header("Location: {$path}"); // Make sure that code below does not get executed when we redirect exit; } if ($_POST['username'] || $_POST['createroom']) { $username = htmlspecialchars($_POST['username'], ENT_QUOTES); // Save the username to the session $_SESSION['username'] = $username; if ($_POST['createroom'] == 'yes') { // The user wants to create a new room $roomID = create_room(); // Save the username to the session $_SESSION['roomID'] = $roomID; } } if (isset($_POST['username']) && isset($_POST['roomID']) && !isset($_POST['createroom'])) { $_SESSION['roomID'] = $_POST['roomID']; $path = get_path() . 'instance.php?id=' . $_POST['roomID']; // Redirect header("Location: {$path}"); // Make sure that code below does not get executed when we redirect exit; } ?> <?php