Exemplo n.º 1
0
include $CSS_PREFIX . 'inc/inc_head_html.php';
//Report all errors except E_NOTICE
error_reporting(E_ALL ^ E_NOTICE);
$db_prefix = DB_PREFIX;
$key = CRYPT_KEY;
if ($_POST['btnSubmit'] != '' && $_POST['txtKey'] == CRYPT_KEY && CheckReferrer('initial_config.php')) {
    //Set up update query to change config values
    $updateQuery = "UPDATE `{$db_prefix}config` SET ";
    $updateQuery .= "cnEVENT_CONTACT_NAME = '" . ba_db_real_escape_string($link, $_POST['txtEVENT_CONTACT_NAME']) . "', ";
    $updateQuery .= "cnEVENT_CONTACT_MAIL = '" . ba_db_real_escape_string($link, $_POST['txtEVENT_CONTACT_MAIL']) . "', ";
    $updateQuery .= "cnTECH_CONTACT_NAME = '" . ba_db_real_escape_string($link, $_POST['txtTECH_CONTACT_NAME']) . "', ";
    $updateQuery .= "cnTECH_CONTACT_MAIL = '" . ba_db_real_escape_string($link, $_POST['txtTECH_CONTACT_MAIL']) . "', ";
    $updateQuery .= "cnTITLE = '" . ba_db_real_escape_string($link, $_POST['txtTITLE']) . "', ";
    $updateQuery .= "cnSYSTEM_NAME = '" . ba_db_real_escape_string($link, $_POST['txtSYSTEM_NAME']) . "', ";
    $updateQuery .= "cnMIN_PASS_LEN = " . ba_db_real_escape_string($link, (int) $_POST['txtMIN_PASS_LEN']) . ", ";
    $updateQuery .= "cnSEND_PASSWORD = "******"SELECT plEmail FROM {$db_prefix}players WHERE plPlayerID = " . ROOT_USER_ID;
    $result = ba_db_query($link, $sql);
    $row = ba_db_fetch_assoc($result);
    $root_email = $row['plEmail'];
    if (!ba_db_query($link, $updateQuery)) {
        $sWarn = "There was a problem updating the config details";
        LogError("There was a problem updating the config details. Admin ID: {$PLAYER_ID}");
        //E-mail root
        $subject = SYSTEM_NAME . " - Error updating config details";
        $body = "Someone tried to change the config details, but an error was encountered. See the log for more details";
        mail($root_email, $subject, $body, "From:" . SYSTEM_NAME . " <" . EVENT_CONTACT_MAIL . ">");
    } else {
        $sMessage = "The config settings have been successfully updated.";
        //E-mail root
Exemplo n.º 2
0
     $eventidsql = "select max(evEventID) as newID from {$db_prefix}events";
     $result = ba_db_query($link, $eventidsql);
     $eventidarray = ba_db_fetch_assoc($result);
     $eventid = $eventidarray['newID'];
 }
 //Deal with items
 $deletesql = "delete from {$db_prefix}items where itEventID = {$eventid} and itItemID in(" . ba_db_real_escape_string($link, $_POST['hRemovedItemIDs']) . ")";
 ba_db_query($link, $deletesql);
 foreach ($_POST as $key => $value) {
     if (substr($key, 0, 7) == "hItemID") {
         $iItemID = (int) $value;
         $ticket = setBoolValue($_POST["chkTicket{$value}"]);
         $meal = setBoolValue($_POST["chkMeal{$value}"]);
         $bunk = setBoolValue($_POST["chkBunk{$value}"]);
         $allowmultiple = setBoolValue($_POST["chkAllowMultiple{$value}"]);
         $mandatory = setBoolValue($_POST["chkMandatory{$value}"]);
         $itemdescription = ba_db_real_escape_string($link, $_POST["txtItemDescription{$value}"]);
         $availability = ba_db_real_escape_string($link, $_POST["cboAvailability{$value}"]);
         $availablefrom = ba_db_real_escape_string($link, $_POST["txtAvailableFrom{$value}"]);
         $availableto = ba_db_real_escape_string($link, $_POST["txtAvailableTo{$value}"]);
         $itemcost = sanitiseAmount($_POST["txtItemCost{$value}"], True);
         if ($iItemID > 0) {
             $updatequery = "UPDATE {$db_prefix}items set ";
             $updatequery .= "itTicket = {$ticket}, ";
             $updatequery .= "itMeal = {$meal}, ";
             $updatequery .= "itBunk = {$bunk}, ";
             $updatequery .= "itAllowMultiple = {$allowmultiple}, ";
             $updatequery .= "itMandatory = {$mandatory}, ";
             $updatequery .= "itDescription = '{$itemdescription}', ";
             $updatequery .= "itAvailability = '{$availability}', ";
             $updatequery .= "itAvailableFrom = '{$availablefrom}', ";
Exemplo n.º 3
0
    $updateQuery .= "cnANCESTOR_DROPDOWN = " . setBoolValue($_POST['chkANCESTOR_DROPDOWN']) . ", ";
    $updateQuery .= "cnDEFAULT_FACTION = '" . ba_db_real_escape_string($link, $_POST['selDEFAULT_FACTION']) . "', ";
    $updateQuery .= "cnNON_DEFAULT_FACTION_NOTES = " . setBoolValue($_POST['chkNON_DEFAULT_FACTION_NOTES']) . ", ";
    $updateQuery .= "cnIC_NOTES_TEXT = '" . ba_db_real_escape_string($link, $_POST['txtIC_NOTES_TEXT']) . "', ";
    $updateQuery .= "cnLOGIN_TIMEOUT = " . ba_db_real_escape_string($link, (int) $_POST['txtLOGIN_TIMEOUT']) . ", ";
    $updateQuery .= "cnLOGIN_TRIES = " . ba_db_real_escape_string($link, (int) $_POST['txtLOGIN_TRIES']) . ", ";
    $updateQuery .= "cnMIN_PASS_LEN = " . ba_db_real_escape_string($link, (int) $_POST['txtMIN_PASS_LEN']) . ", ";
    $updateQuery .= "cnSEND_PASSWORD = "******", ";
    $updateQuery .= "cnUSE_PAY_PAL = " . setBoolValue($_POST['chkUSE_PAY_PAL']) . ", ";
    $updateQuery .= "cnPAYPAL_EMAIL = '" . ba_db_real_escape_string($link, $_POST['txtPAYPAL_EMAIL']) . "', ";
    $updateQuery .= "cnNPC_LABEL = '" . ba_db_real_escape_string($link, $_POST['txtNPC_LABEL']) . "', ";
    $updateQuery .= "cnPAYPAL_AUTO_MARK_PAID = " . setBoolValue($_POST['chkPAYPAL_AUTO_MARK_PAID']) . ", ";
    $updateQuery .= "cnUSE_SHORT_OS_NAMES = " . setBoolValue($_POST['chkUSE_SHORT_OS_NAMES']) . ", ";
    $updateQuery .= "cnALLOW_EVENT_PACK_BY_POST = " . setBoolValue($_POST['chkALLOW_EVENT_PACK_BY_POST']) . ", ";
    $updateQuery .= "cnSTAFF_LABEL = '" . ba_db_real_escape_string($link, $_POST['txtSTAFF_LABEL']) . "', ";
    $updateQuery .= "cnQUEUE_OVER_LIMIT = " . setBoolValue($_POST['chkQUEUE_OVER_LIMIT']);
    //Update database
    $bUpdate = ba_db_query($link, $updateQuery);
}
if ($_POST['btnSubmit'] != '' && CheckReferrer('admin_changeconfig.php')) {
    //Get new config information from database
    $sql = "SELECT * FROM {$db_prefix}config WHERE cnName = 'Default' ";
    $result = ba_db_query($link, $sql);
    if (ba_db_num_rows($result) == 1) {
        $row = ba_db_fetch_assoc($result);
    } else {
        $sWarn = "Could not find config information in database";
    }
    //Compare old & new configs
    foreach ($row as $col => $value) {
        if ($row[$col] != $oldconfig[$col]) {