= $config['site']['access_admin_panel']) { $offertype = $_REQUEST['offer_type']; if((empty($action)) AND (empty($offertype))) { $main_content .= '

ADD SHOP OFFER

VIEW SHOP OFFER (EDIT/DELETE)

ADD POINTS
'; } if($_REQUEST['offer_type']){ $shop_points = $_REQUEST['shop_points']; $shop_offer_type = $_REQUEST['offer_type']; if(empty($shop_points)) { $main_content .= ''; $main_content .= '
Select offer type:
ItemContainerPacc
'; if($_REQUEST['offer_type'] == 'container'){ $main_content .= ''; } if($_REQUEST['offer_type'] == 'item'){ $main_content .= ''; } if($_REQUEST['offer_type'] == 'pacc'){ $main_content .= ''; } $main_content .= '
Points:
Container ID:
Count Container:
Item ID:
Count Item:
Item ID:
Item Count:
Days:
Offer Description:
Offer Name:
'; $main_content .= '
'; } else { $shop_points = $_POST['shop_points']; $shop_offer_type = $_REQUEST['offer_type']; $shop_itemid1 = $_POST['shop_itemid1']; $shop_count1 = $_POST['shop_count1']; $shop_itemid2 = $_POST['shop_itemid2']; $shop_count2 = $_POST['shop_count2']; $shop_offer_description = $_POST['shop_offer_description']; $shop_offer_name = $_POST['shop_offer_name']; $SQL->query('INSERT INTO `z_shop_offer` (id, points, itemid1, count1, itemid2, count2, offer_type, offer_description, offer_name) VALUES (NULL, '.$SQL->quote($shop_points).', '.$SQL->quote($shop_itemid1).', '.$SQL->quote($shop_count1).', '.$SQL->quote($shop_itemid2).', '.$SQL->quote($shop_count2).', '.$SQL->quote($shop_offer_type).', '.$SQL->quote($shop_offer_description).', '.$SQL->quote($shop_offer_name).')'); $main_content .= '

Added to Shop:

Points: '.htmlspecialchars($shop_points).'
'; if($shop_offer_type == 'container'){ $main_content .= 'Container ID: '.htmlspecialchars($shop_itemid1).'
Count Container: '.htmlspecialchars($shop_count1).'
Item ID (in Container): '.htmlspecialchars($shop_itemid2).'
Count Item (in Container): '.htmlspecialchars($shop_count2).'

'; } if ($shop_offer_type == 'item'){ $main_content .= 'Item ID: '.htmlspecialchars($shop_itemid1).'
Count Item: '.htmlspecialchars($shop_count1).'

'; } if ($shop_offer_type == 'pacc'){ $main_content .= 'Days: '.htmlspecialchars($shop_count1).'

'; } $main_content .= 'Offer Type: '.htmlspecialchars($shop_offer_type).'
Offer Description: '.htmlspecialchars($shop_offer_description).'
Offer Name: '.htmlspecialchars($shop_offer_name).'
'; } } if($action == "viewoffer") { $items = simplexml_load_file($config['site']['serverPath'].'data/items/items.xml') or die('Could not load items!'); foreach($items->item as $v) $itemList[(int)$v['id']] = $v['name']; $order = array("id" => "id", "points" => "points", "offer_type" => "offer_type", "itemid1" => "itemid1", "itemid2" => "itemid2"); $main_content .= '
'; $shopoffers = $SQL->query('SELECT id, points, itemid1, count1, itemid2, count2, offer_type, offer_description, offer_name FROM z_shop_offer ' . makeOrder($order, 'order', 'id')); foreach($shopoffers as $shop) { $main_content .= ''; if($shop['itemid1'] == "0") { $main_content .= ''; } else { $main_content .= ''; } $main_content .= ''; if($shop['itemid2'] == "0") { $main_content .= ''; } else { $main_content .= ''; } $main_content .= ''; $main_content .= ''; } $main_content .= '
ID:Points: Item ID:Count:
Container ID:
Count:Offer Type: Offer Description:Offer Name:
'.htmlspecialchars($shop['id']).''.htmlspecialchars($shop['points']).''.htmlspecialchars($shop['itemid1']).'
'.htmlspecialchars($shop['itemid1']).'
(' . htmlspecialchars($itemList[(int)$shop['itemid1']]) . ')		'.htmlspecialchars($shop['count1']).''.htmlspecialchars($shop['itemid2']).''.htmlspecialchars($shop['itemid2']).'
(' . htmlspecialchars($itemList[(int)$shop['itemid2']]) . ')		'.htmlspecialchars($shop['count2']).''.htmlspecialchars($shop['offer_type']).''.htmlspecialchars($shop['offer_description']).''.htmlspecialchars($shop['offer_name']).'


'; } if($action == "deleteoffer") { $id = (int) $_REQUEST['id']; $SQL->query('DELETE FROM z_shop_offer WHERE id = '.$id.' LIMIT 1;'); $main_content .= '
Shop offer has been deleted.

'; } if($action == "editoffer") { $id = (int) $_REQUEST['id']; $shopoffers = $SQL->query('SELECT * FROM z_shop_offer WHERE id = '.$id.' LIMIT 1;'); foreach($shopoffers as $shop) { $main_content .= '
'; if($shop['offer_type'] == 'container'){ $main_content .= ''; } if($shop['offer_type'] == 'item'){ $main_content .= ''; } if($shop['offer_type'] == 'pacc'){ $main_content .= ''; } $main_content .= '
Points:
Container ID:
Count Container:
Item ID:
Count Item:
Item ID:
Item Count:
Days:
Offer Type:
Offer Description:
Offer Name:
'; $main_content .= '
'; } } if($action == "edited") { $id = (int) $_REQUEST['id']; $shop_points = $_POST['shop_points']; $shop_offer_type = $_POST['shop_offer_type']; $shop_itemid1 = $_POST['shop_itemid1']; $shop_count1 = $_POST['shop_count1']; $shop_itemid2 = $_POST['shop_itemid2']; $shop_count2 = $_POST['shop_count2']; $shop_offer_description = $_POST['shop_offer_description']; $shop_offer_name = $_POST['shop_offer_name']; $SQL->query('UPDATE `z_shop_offer` SET `points` = '.$shop_points.', `itemid1` = '.$SQL->quote($shop_itemid1).', `count1` = '.$SQL->quote($shop_count1).', `itemid2` = '.$SQL->quote($shop_itemid2).', `count2` = '.$SQL->quote($shop_count2).', `offer_type` = '.$SQL->quote($shop_offer_type).', `offer_description` = '.$SQL->quote($shop_offer_description).', `offer_name` = '.$SQL->quote($shop_offer_name).' WHERE `id` = '.$id.';'); $main_content .= '
Shop offer successfully edited.

'; } if($action == "points") { $player = $_REQUEST['character']; $points = $_POST['points']; if(empty($player)) { $main_content .= '
Enter Character Name:
Enter Points Amount:
'; } else { $player_data = $SQL->query("SELECT * FROM `players` WHERE `name` = ".$SQL->quote($player))->fetch(); $SQL->query("UPDATE `accounts` SET `premium_points` = `premium_points` + ". (int) $points." WHERE `id` = ". (int) $player_data['account_id']); $main_content .= '
'.htmlspecialchars($points).' Premium Points added to the account of '.htmlspecialchars($player).' !

'; } } } else { $main_content .= 'Sorry, you have not the rights to access this page.'; }