Date:
06.09.2014 - 01:53:55
Author:
Rewrite:
Type here:
<?php function makeOrder($arr, $order, $default) { // Function by Colandus! $type = 'asc'; if(isset($_GET['order'])) { $v = explode('_', strrev($_GET['order']), 2); if(count($v) == 2) if($orderBy = $arr[strrev($v[1])]) $default = $orderBy; $type = (strrev($v[0]) == 'asc' ? 'desc' : 'asc'); } return 'ORDER BY ' . $default . ' ' . $type; } function getOrder($arr, $order, $this) { // Function by Colandus! $type = 'asc'; if($orderBy = $arr[$this]) if(isset($_GET[$order])) { $v = explode('_', strrev($_GET[$order]), 2); if(strrev($v[1]) == $this) $type = (strrev($v[0]) == 'asc' ? 'desc' : 'asc'); } return $this . '_' . $type; } if($group_id_of_acc_logged >= $config['site']['access_admin_panel']) { $offertype = $_REQUEST['offer_type']; if((empty($action)) AND (empty($offertype))) { $main_content .= '<br><h2><center><a href="?subtopic=shopadmin&offer_type=item">ADD SHOP OFFER</a><br><br> <a href="?subtopic=shopadmin&action=viewoffer">VIEW SHOP OFFER <i>(EDIT/DELETE)</i></a><br><br><a href="?subtopic=shopadmin&action=points">ADD POINTS</a></center>'; } if($_REQUEST['offer_type']){ $shop_points = $_REQUEST['shop_points']; $shop_offer_type = $_REQUEST['offer_type']; if(empty($shop_points)) { $main_content .= '<table border="0"><tr><td align="center"><b>Select offer type:</b></td><td><table border="0" ><tr bgcolor="#505050"> <td><font color="white">Item</td><td><font color="white">Container</td><td><font color="white">Pacc</td></tr> <tr bgcolor="#D4C0A1"> <td align="center"><a href="?subtopic=shopadmin&offer_type=item"><input type="radio" name="offer_type" value="item"></a></td> <td align="center"><a href="?subtopic=shopadmin&offer_type=container"><input type="radio" name="offer_type" value="container" ></a></td> <td align="center"><a href="?subtopic=shopadmin&offer_type=pacc"><input type="radio" name="offer_type" value="pacc" ></a></td> </tr></table></td></tr>'; $main_content .= '<form action="?subtopic=shopadmin&offer_type='.urlencode($shop_offer_type).'&check" method="post" ><table border="0"><tr><td align="center" ><b>Points:</b></td> <td><input type="text" name="shop_points" maxlenght="7" style="width: 70px"></td></tr>'; if($_REQUEST['offer_type'] == 'container'){ $main_content .= '<tr><td align="center" ><b>Container ID:</b></td> <td><input type="text" name="shop_itemid1" maxlenght="7" style="width: 70px" ></td></tr> <tr><td align="center" ><b>Count Container:</b></td> <td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr> <tr><td align="center" ><b>Item ID:</b></td> <td><input type="text" name="shop_itemid2" maxlenght="7" style="width: 70px" ></td></tr> <tr><td align="center" ><b>Count Item:</b></td> <td><input type="text" name="shop_count2" maxlenght="7" style="width: 70px" ></td></tr>'; } if($_REQUEST['offer_type'] == 'item'){ $main_content .= '<tr><td align="center"><b>Item ID:</b></td> <td><input type="text" name="shop_itemid1" maxlenght="7" style="width: 70px" ></td></tr> <tr><td align="center"><b>Item Count:</b></td> <td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>'; } if($_REQUEST['offer_type'] == 'pacc'){ $main_content .= '<tr><td align="center" ><b>Days:</b></td> <td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>'; } $main_content .= '<tr><td align="center" ><b>Offer Description:</b></td> <td ><textarea name="shop_offer_description" rows="2" cols="35"></textarea></td></tr> <tr><td align="center" ><b>Offer Name:</b></td> <td><input type="text" name="shop_offer_name" maxlenght="40" style="width: 200px" ></td></tr> <tr><td><input name="submit" type="submit" value="Submit" /></form></td><td> <form action="?subtopic=shopadmin&offer_type=container" method="post" > <input name="submit" type="submit" value="Reset" /></form></td></tr></table>'; $main_content .= '<form action="?subtopic=shopadmin" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>'; } else { $shop_points = $_POST['shop_points']; $shop_offer_type = $_REQUEST['offer_type']; $shop_itemid1 = $_POST['shop_itemid1']; $shop_count1 = $_POST['shop_count1']; $shop_itemid2 = $_POST['shop_itemid2']; $shop_count2 = $_POST['shop_count2']; $shop_offer_description = $_POST['shop_offer_description']; $shop_offer_name = $_POST['shop_offer_name']; $SQL->query('INSERT INTO `z_shop_offer` (id, points, itemid1, count1, itemid2, count2, offer_type, offer_description, offer_name) VALUES (NULL, '.$SQL->quote($shop_points).', '.$SQL->quote($shop_itemid1).', '.$SQL->quote($shop_count1).', '.$SQL->quote($shop_itemid2).', '.$SQL->quote($shop_count2).', '.$SQL->quote($shop_offer_type).', '.$SQL->quote($shop_offer_description).', '.$SQL->quote($shop_offer_name).')'); $main_content .= '<center><h2><font color="red">Added to Shop:</font></h2></center><hr/> <tr><td align="center" ><b>Points:</b></td> <td>'.htmlspecialchars($shop_points).'</td></tr><br>'; if($shop_offer_type == 'container'){ $main_content .= '<tr><td align="center" ><b>Container ID:</b></td> <td>'.htmlspecialchars($shop_itemid1).'</td></tr><br> <tr><td align="center" ><b>Count Container:</b></td> <td>'.htmlspecialchars($shop_count1).'</td></tr><br> <tr><td align="center" ><b> Item ID (in Container):</b></td> <td>'.htmlspecialchars($shop_itemid2).'</td></tr><br> <tr><td align="center" ><b>Count Item (in Container):</b></td> <td>'.htmlspecialchars($shop_count2).'</td></tr><br><br>'; } if ($shop_offer_type == 'item'){ $main_content .= '<tr><td align="center" ><b>Item ID:</b></td> <td>'.htmlspecialchars($shop_itemid1).'</td></tr><br> <tr><td align="center" ><b>Count Item:</b></td> <td>'.htmlspecialchars($shop_count1).'</td></tr><br> <br>'; } if ($shop_offer_type == 'pacc'){ $main_content .= '<tr><td align="center" ><b>Days:</b></td> <td>'.htmlspecialchars($shop_count1).'</td></tr><br> <br>'; } $main_content .= '<tr><td align="center" ><b>Offer Type:</b></td> <td>'.htmlspecialchars($shop_offer_type).'</td></tr><br> <tr><td align="center" ><b>Offer Description:</b></td> <td>'.htmlspecialchars($shop_offer_description).'</td></tr><br> <tr><td align="center" ><b>Offer Name:</b></td> <td>'.htmlspecialchars($shop_offer_name).'</td></tr> <br><form action="?subtopic=shopadmin&offer_type=item" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>'; } } if($action == "viewoffer") { $items = simplexml_load_file($config['site']['serverPath'].'data/items/items.xml') or die('<b>Could not load items!</b>'); foreach($items->item as $v) $itemList[(int)$v['id']] = $v['name']; $order = array("id" => "id", "points" => "points", "offer_type" => "offer_type", "itemid1" => "itemid1", "itemid2" => "itemid2"); $main_content .= '<center><table width="550"><tr BGCOLOR="#505050"><td width="5"><font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'id') . '" class=white>ID:</td><td width="5"><font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'points') . '" class=white>Points:</td><td width="7"> <font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'itemid1') . '" class=white>Item ID:</td><td width="5"><font color="white">Count:</td><td width="7"><center><font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'itemid2') . '" class=white>Container ID:</center></td><td width="5"><font color="white">Count:</td><td width="7"><font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'offer_type') . '" class=white>Offer Type:</td> <td width="85"><font color="white">Offer Description:</td><td width="30"><font color="white">Offer Name:</td><td width="30"></td></tr>'; $shopoffers = $SQL->query('SELECT id, points, itemid1, count1, itemid2, count2, offer_type, offer_description, offer_name FROM z_shop_offer ' . makeOrder($order, 'order', 'id')); foreach($shopoffers as $shop) { $main_content .= '</B><tr BGCOLOR="#D4C0A1"><td align="center">'.htmlspecialchars($shop['id']).'<td align="center">'.htmlspecialchars($shop['points']).'</td>'; if($shop['itemid1'] == "0") { $main_content .= '<td align="center">'.htmlspecialchars($shop['itemid1']).'<br></td>'; } else { $main_content .= '<td align="center">'.htmlspecialchars($shop['itemid1']).'<br>(' . htmlspecialchars($itemList[(int)$shop['itemid1']]) . ')</td>'; } $main_content .= '<td align="center">'.htmlspecialchars($shop['count1']).'</td>'; if($shop['itemid2'] == "0") { $main_content .= '<td align="center">'.htmlspecialchars($shop['itemid2']).'</td>'; } else { $main_content .= '<td align="center">'.htmlspecialchars($shop['itemid2']).'<br>(' . htmlspecialchars($itemList[(int)$shop['itemid2']]) . ')</td>'; } $main_content .= '<td align="center">'.htmlspecialchars($shop['count2']).'</td><td align="center">'.htmlspecialchars($shop['offer_type']).'</td><td align="left">'.htmlspecialchars($shop['offer_description']).'</td><td align="left">'.htmlspecialchars($shop['offer_name']).'</td>'; $main_content .= '<td align="center"><a href="?subtopic=shopadmin&action=editoffer&id='.htmlspecialchars($shop['id']).'"><img src="'.$layout_name.'/images/news/edit_news.png" border="0"></a><br><br><a href="?subtopic=shopadmin&action=deleteoffer&id='.htmlspecialchars($shop['id']).'"><img src="'.$layout_name.'/images/news/delete_news.png" border="0"></a></td>'; } $main_content .= '</td></tr></TABLE><br><form action="?subtopic=shopadmin" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>'; } if($action == "deleteoffer") { $id = (int) $_REQUEST['id']; $SQL->query('DELETE FROM z_shop_offer WHERE id = '.$id.' LIMIT 1;'); $main_content .= '<center>Shop offer has been deleted.</center><br><center><form action="?subtopic=shopadmin&action=viewoffer" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form></center>'; } if($action == "editoffer") { $id = (int) $_REQUEST['id']; $shopoffers = $SQL->query('SELECT * FROM z_shop_offer WHERE id = '.$id.' LIMIT 1;'); foreach($shopoffers as $shop) { $main_content .= '<form action="?subtopic=shopadmin&action=edited&id='.urlencode($id).'" method="post" ><table border="0"><tr><td align="center" ><b>Points:</b></td> <td><input type="text" name="shop_points" maxlenght="7" value="'.urlencode($shop['points']).'" style="width: 70px"></td></tr>'; if($shop['offer_type'] == 'container'){ $main_content .= '<tr><td align="center" ><b>Container ID:</b></td> <td><input type="text" name="shop_itemid1" maxlenght="7" value="'.urlencode($shop['itemid1']).'" style="width: 70px" ></td></tr> <tr><td align="center" ><b>Count Container:</b></td> <td><input type="text" name="shop_count1" maxlenght="7" value="'.urlencode($shop['count1']).'" style="width: 70px" ></td></tr> <tr><td align="center" ><b>Item ID:</b></td> <td><input type="text" name="shop_itemid2" maxlenght="7" value="'.urlencode($shop['itemid2']).'" style="width: 70px" ></td></tr> <tr><td align="center" ><b>Count Item:</b></td> <td><input type="text" name="shop_count2" maxlenght="7" value="'.urlencode($shop['count2']).'" style="width: 70px" ></td></tr>'; } if($shop['offer_type'] == 'item'){ $main_content .= '<tr><td align="center"><b>Item ID:</b></td> <td><input type="text" name="shop_itemid1" maxlenght="7" value="'.urlencode($shop['itemid1']).'" style="width: 70px" ></td></tr> <tr><td align="center"><b>Item Count:</b></td> <td><input type="text" name="shop_count1" maxlenght="7" value="'.urlencode($shop['count1']).'" style="width: 70px" ></td></tr>'; } if($shop['offer_type'] == 'pacc'){ $main_content .= '<tr><td align="center" ><b>Days:</b></td> <td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>'; } $main_content .= '<tr><td align="center" ><b>Offer Type:</b></td> <td><input type="text" name="shop_offer_type" value="'.urlencode($shop['offer_type']).'" maxlenght="40" style="width: 200px" ></td></tr> <tr><td align="center" ><b>Offer Description:</b></td> <td ><textarea name="shop_offer_description" rows="2" cols="35">'.urlencode($shop['offer_description']).'</textarea></td></tr> <tr><td align="center" ><b>Offer Name:</b></td> <td><input type="text" name="shop_offer_name" value="'.urlencode($shop['offer_name']).'" maxlenght="40" style="width: 200px" ></td></tr> <tr><td><input name="submit" type="submit" value="Submit" /></form></td><td></td></tr></table>'; $main_content .= '<form action="?subtopic=shopadmin&action=viewoffer" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>'; } } if($action == "edited") { $id = (int) $_REQUEST['id']; $shop_points = $_POST['shop_points']; $shop_offer_type = $_POST['shop_offer_type']; $shop_itemid1 = $_POST['shop_itemid1']; $shop_count1 = $_POST['shop_count1']; $shop_itemid2 = $_POST['shop_itemid2']; $shop_count2 = $_POST['shop_count2']; $shop_offer_description = $_POST['shop_offer_description']; $shop_offer_name = $_POST['shop_offer_name']; $SQL->query('UPDATE `z_shop_offer` SET `points` = '.$shop_points.', `itemid1` = '.$SQL->quote($shop_itemid1).', `count1` = '.$SQL->quote($shop_count1).', `itemid2` = '.$SQL->quote($shop_itemid2).', `count2` = '.$SQL->quote($shop_count2).', `offer_type` = '.$SQL->quote($shop_offer_type).', `offer_description` = '.$SQL->quote($shop_offer_description).', `offer_name` = '.$SQL->quote($shop_offer_name).' WHERE `id` = '.$id.';'); $main_content .= '<b><center>Shop offer successfully edited.</b><br><br><form action="?subtopic=shopadmin&action=viewoffer" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form><meta http-equiv="refresh" content="1;url=/?subtopic=shopadmin&action=viewoffer" />'; } if($action == "points") { $player = $_REQUEST['character']; $points = $_POST['points']; if(empty($player)) { $main_content .= '<form action="" method="post"><B>Enter Character Name:</B><input type="text" name="character"><br> <B>Enter Points Amount:</B><input type="text" name="points"><br><input type="submit" value="Submit"> </form></center><form action="?subtopic=shopadmin" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>'; } else { $player_data = $SQL->query("SELECT * FROM `players` WHERE `name` = ".$SQL->quote($player))->fetch(); $SQL->query("UPDATE `accounts` SET `premium_points` = `premium_points` + ". (int) $points." WHERE `id` = ". (int) $player_data['account_id']); $main_content .= '<b><center>'.htmlspecialchars($points).' Premium Points added to the account of <i>'.htmlspecialchars($player).'</i> !</b></center><br> <form action="?subtopic=shopadmin" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>'; } } } else { $main_content .= 'Sorry, you have not the rights to access this page.'; }