PHP - else error

1. <!-- Modal edit user -->
2. <div class="modal fade" id="editmodal" tabindex="-1" role="dialog" aria-labelledby="editmodal">
3.   <div class="modal-dialog" role="document">
4.     <div class="modal-content">
5.       <div class="modal-header">
6.         <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
7.         <h4 class="modal-title" id="myModalLabel">Edit user</h4>
8.       </div>
9.       <div class="modal-body">
10.         <?php
11.         echo "<table class='table table-hover'>
12.        <tr><td>
13.        Unable to retrieve user.
14.        </td></tr>
15.        <tr><td>
16.        <img src='$_POST[whoavatar]'> <b>$_POST[whouser]</b>
17.        </td></tr>
18.        <tr><td>
19.        Status:
20.        ";
21.             if ($_POST[whopermission] == 0) {
22.               echo "User";
23.             }
24.             if ($_POST[whopermission] == 1) {
25.               echo "<b>Streamer</b>";
26.             }
27.             if ($_POST[whopermission] == 2) {
28.               echo "<b>VIP</b>";
29.             }
30.             if ($_POST[whopermission] == 3) {
31.               echo "<b>Designer</b>";
32.             }
33.             if ($_POST[whopermission] == 4) {
34.               echo "<b>Operator</b>";
35.             }
36.             if ($_POST[whopermission] == 5) {
37.               echo "<b>Moderator</b>";
38.             }
39.             if ($_POST[whopermission] == 6) {
40.               echo "<b>Administrator</b>";
41.             }
42.             if ($_POST[whopermission] == 7) {
43.               echo "<b>Owner</b>";
44.             }
45.             echo "</td></tr>";
46.         echo "
47.        <tr><td>
48.        Coins: $_POST[whocoins]
49.        </td></tr>
50.        <tr><td>
51.        Bets: $_POST[whobets]
52.        </td></tr>
53.  
54.        <tr><td>
55.        SteamID64: $_POST[who]
56.        </td></tr>
57.  
58.            <br>
59.            <br>
60.            </table>
61.         ";
62.          ?>
63.       </div>
64.       <div class="modal-footer">
65.         <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
66.         <button type="button" class="btn btn-primary">Save changes</button>
67.       </div>
68.     </div>
69.   </div>
70. </div>
71.  
72. <style>
73. <?php
74. // For later use. This will make the forms (ban, unban, edit buttons) in the table to stay at one line.
75.  
76. /* form, table {
77.  
78.      display:inline;
79.  
80. }
81. .table-hover td{
82.   background:#eee;
83.   vertical-align:top;
84.   border-bottom:1px solid #444;
85. }
86. .table-hover p{
87.   vertical-align:top;
88.   position:relative;
89.   overflow:hidden;
90.   max-height:1.3em;
91.   transition: max-height 0.4s;
92. }
93. .table-hover tr:hover p{
94.   max-height:100px; /* don't exagerate :)
95. }
96.  
97. */
98. ?>
99. form, table {
100.  
101.  
102.  
103.      display:inline;
104.  
105.  
106.  
107. }
108.  
109. </style>
110.  
111.  
112.         <?php
113.  
114.  
115.         //The commented lines are already in "login.php" - it's easier that way
116.  
117.  
118. //if(!isset($_SESSION['steamid'])) {
119.  
120.  
121. //    echo "<div style='margin: 30px auto; text-align: center;'>Please login to play!<br>";
122.  
123.  
124. //    loginbutton();
125.  
126.  
127. //  echo "</div>";
128.  
129.  
130. //  }  else {
131.  
132.  
133.     //include "sql.php";
134.  
135.  
136.  
137.  
138.  
139.     //Make sure the user cannot access this page without being an administrator
140.  
141.  
142.     //Connect to database with these credentials
143.  
144.  
145. include "sql.php";
146.  
147.  
148. // Store steamid in easier variable
149.  
150.  
151. $steamid = $_SESSION['steamid'];
152.  
153.  
154. //Connect, or return error if failed
155.  
156.  
157. $conn = new mysqli($servername, $username, $password, $dbname);
158.  
159.  
160. if ($conn->connect_error) {
161.  
162.  
163.     die("Connection failed: " . $conn->connect_error);
164.  
165.  
166. }
167.  
168.  
169. //If ban button is pressed, run the bansqlquery.
170.  
171.  
172. if (isset($_POST['banuser'])) {
173.  
174.  
175.     //Ban SQL query.
176.  
177.  
178. $banuser = mysqli_query($conn, "UPDATE users
179.  
180.  
181. SET ban = '1'
182.  
183.  
184. WHERE steamid = '$_POST[who]';");
185.  
186. echo "
187. <div class='alert alert-success' role='alert'>
188.         <span class='glyphicon glyphicon-ok-sign' aria-hidden='true'></span>
189.        You have used the banhammer on <strong>" . strip_tags($_POST[whouser]) . " ($_POST[who]) </strong>
190. <button type='button' class='close' data-dismiss='alert' aria-label='Close'>
191.  <span aria-hidden='true'>&times;</span>
192. </button>
193.  
194.  
195.      </div>";
196.  
197.  
198. }
199.  
200.  
201. //If unban button is pressed, run the unansqlquery.
202.  
203.  
204. if (isset($_POST['unbanuser'])) {
205.  
206.  
207.     //Ban SQL query.
208.  
209.  
210. $banuser = mysqli_query($conn, "UPDATE users
211.  
212.  
213. SET ban = '0'
214.  
215.  
216. WHERE steamid = '$_POST[who]';");
217.  
218. echo "
219. <div class='alert alert-success' role='alert'>
220.         <span class='glyphicon glyphicon-ok-sign' aria-hidden='true'></span>
221.        You have used the unbanhammer on <strong>" . strip_tags($_POST[whouser]) . " ($_POST[who]) </strong>
222. <button type='button' class='close' data-dismiss='alert' aria-label='Close'>
223.  <span aria-hidden='true'>&times;</span>
224. </button>
225.  
226.  
227.      </div>";
228.  
229.  
230. }
231.  
232.  
233.  
234.  
235.  
236. $selectusr = mysqli_query($conn, "SELECT * FROM `users` WHERE steamid='$steamid'");
237.  
238.  
239. $num_rows_usr = mysqli_num_rows($selectusr);
240.  
241.  
242. $result = $selectusr;
243.  
244.  
245. if ($num_rows_usr > 0) {
246.  
247.  
248.         while($row = mysqli_fetch_assoc($result)) {
249.  
250.  
251.         $_SESSION['permissionset'] = $row['permissionset'];
252.  
253.  
254.     }
255.  
256.  
257. }
258.  
259.  
260.     if ($_SESSION['permissionset'] == 0) {
261.  
262.  
263.         echo "<div class='alert alert-danger' role='alert' style='margin: 30px auto; text-align: center;'><span class='glyphicon glyphicon-ban-circle' aria-hidden='true'></span> You do not have access to the control panel!</div><br>";
264.  
265.  
266.     }
267.  
268.  
269.     else {
270.  
271.  
272.     echo "<br><span style='float:left; margin-right: 100px;'>";
273.  
274.  
275.     echo "<br><img src='$steamprofile[avatar]'> Welcome to the control panel. <b> $steamprofile[personaname]</b>!<br>";
276.  
277.  
278.     if ($_SESSION['permissionset'] == 1) {
279.  
280.  
281.         echo "You are a streamer, and can only view the player list. You are not allowed to edit or ban users.";
282.  
283.  
284.     }
285.  
286.  
287.     if ($_SESSION['permissionset'] == 2) {
288.  
289.  
290.         echo "You have VIP permissions. You are not allowed to edit or ban users.";
291.  
292.  
293.     }
294.  
295.  
296.     if ($_SESSION['permissionset'] == 3) {
297.  
298.  
299.         echo "You have designer permissions. You are not allowed to edit or ban users.";
300.  
301.  
302.     }
303.  
304.  
305.     if ($_SESSION['permissionset'] == 4) {
306.  
307.  
308.         echo "You have operator permissions. You can edit/ban everyone with a lower rank than yourself (designers, VIPs, streamers, users)";
309.  
310.  
311.     }
312.  
313.   if ($_SESSION['permissionset'] == 5) {
314.  
315.         echo "You have moderator permissions. You can edit/ban everyone with a lower rank than yourself (operators, designers, VIPs, streamers, users)";
316.  
317.   }
318.  
319.   if ($_SESSION['permissionset'] == 6) {
320.  
321.     echo "You are an administrator! You can edit/ban everyone with a lower rank than yourself (moderators, operators, designers, VIPs, streamers, users)";
322.  
323.   }
324.  
325.   if ($_SESSION['permissionset'] == 7) {
326.  
327.     echo "You are the owner, sir. You can do whatever you want except banning yourself, this must be done from the SQL database.";
328.  
329.   }
330.  
331.  
332.     echo "<br><br>";
333.  
334.  
335.     echo "<h3>Player list:</h3><br>";
336.  
337.  
338.     echo "<table><tr>";
339.  
340.  
341. // Create connection
342.  
343.  
344. $sql = "SELECT * FROM users ORDER BY permissionset DESC";
345.  
346.  
347. $result = $conn->query($sql);
348.  
349.  
350.  
351.  
352.  
353. if ($result->num_rows > 0) {
354.  
355.  
356.     // output data of each row
357.  
358.  
359.     $totalplayers = $result->num_rows;
360.  
361.  
362.     echo "<h4>$totalplayers total.</h4>";
363.     echo "<table class='table table-hover'>
364.  
365.  
366.     <thead>
367.  
368.  
369.     <tr>
370.  
371.  
372.     <th>User</th>
373.  
374.  
375.     <th>Coins</th>
376.  
377.  
378.     <th>Bets</th>
379.  
380.  
381.     <th>SteamID64</th>
382.  
383.  
384.     <th>Status</th>
385.  
386.     <th>Registered</th>
387.  
388.     <th>Last IP</th>
389.  
390.  
391.     <th>Banned</th>
392.  
393.  
394.     <th>Actions</th>
395.  
396.  
397.     </tr>
398.  
399.  
400.     </thead>
401.  
402.  
403.     ";
404.  
405.  
406.     while($row = $result->fetch_assoc()) {
407.  
408.  
409.         if ($row['ban'] == 1) {
410.  
411.  
412.         echo "<tr class='danger'>";
413.  
414.  
415.         }
416.  
417.  
418.         else {
419.  
420.  
421.             echo "<tr class='active'>";
422.  
423.  
424.         }
425.  
426.  
427.     echo "
428.  
429.  
430.             <td>
431.  
432.  
433.                 <img src='" . $row['avatarsmall'] . "'>
434.  
435.  
436.             <b>" . $row["username"]. "</b>
437.  
438.  
439.             </td>
440.  
441.  
442.             <td>
443.  
444.  
445.             " . $row["coins"] . "
446.  
447.  
448.             </td>
449.  
450.  
451.             <td>
452.  
453.  
454.             " . $row['bets'] . "
455.  
456.  
457.             </td>
458.  
459.  
460.             <td>
461.  
462.  
463.             " . $row["steamid"]. "
464.  
465.  
466.             </td>";
467.       if ($row['permissionset'] == 7) {
468.  
469.       echo "<td><b>Owner <span class='glyphicon glyphicon-sunglasses'></span></b></td>";
470.  
471.       }
472.  
473.       if ($row['permissionset'] == 6) {
474.  
475.         echo "<td><b>Administrator</b></td>";
476.  
477.         }
478.  
479.       if ($row['permissionset'] == 5) {
480.  
481.         echo "<td><b>Moderator</b></td>";
482.  
483.         }
484.  
485.  
486.         if ($row['permissionset'] == 4) {
487.  
488.  
489.         echo "<td><b>Operator</b></td>";
490.  
491.  
492.         }
493.  
494.  
495.         if ($row['permissionset'] == 3) {
496.  
497.  
498.         echo "<td><b>Designer</b></td>";
499.  
500.  
501.         }
502.  
503.  
504.         if ($row['permissionset'] == 2) {
505.  
506.  
507.         echo "<td><b>VIP</b></td>";
508.  
509.  
510.         }
511.  
512.  
513.         if ($row['permissionset'] == 1) {
514.  
515.  
516.         echo "<td><b>Streamer</b></td>";
517.  
518.  
519.         }
520.  
521.  
522.         if ($row['permissionset'] == 0) {
523.  
524.  
525.         echo "<td>User</td>";
526.  
527.  
528.         }
529.  
530.  
531.         echo "<td>" . $row['registered'] . "</td>";
532.  
533.         echo "<td>" . $row['lastip'] . "</td>";
534.  
535.  
536.  
537.         if ($row['ban'] == 0) {
538.  
539.  
540.         echo "<td>No</td>";
541.  
542.  
543.     //Steamers, VIP or Designers are not allowed to ban or edit, at all.
544.     if ($_SESSION['permissionset'] < 4)
545.  
546.     {
547.  
548.       echo "<td>Not allowed</td>";
549.  
550.     }
551.  
552.     else {
553.  
554.             //Do not show the edit/ban buttons if the permissionset of selected user is higher than or equal to yours
555.  
556.     if ($row['permissionset'] >= $_SESSION['permissionset']) {
557.  
558.             echo "<td>Not allowed</td>";
559.  
560.         }
561.  
562.     //If it's not, show the buttons
563.  
564.         else {
565.  
566.         echo "<td>
567.  
568.  
569.         <form action='#editmodal' method='POST'>
570.  
571.  
572.    <input type='hidden' name='who' value='$row[steamid]'>
573.  
574.    <input type='hidden' name='whouser' value='$row[username]'>
575.  
576.    <input type='hidden' name='whoavatar' value='$row[avatarsmall]'>
577.  
578.    <input type='hidden' name='whopermission' value='$row[permissionset]'>
579.  
580.    <input type='hidden' name='whobets' value='$row[bets]'>
581.  
582.    <input type='hidden' name='whocoins' value='$row[coins]'>
583.  
584.  
585.  
586.         <button type='button' name='edit' class='btn btn-primary' data-toggle='modal' data-target='#editmodal'>Edit</button>
587.  
588.  
589.         </form>
590.    <form action='' method='POST'>
591.  
592.    <input type='hidden' name='who' value='$row[steamid]'>
593.    <input type='hidden' name='whouser' value='$row[username]'>
594.    <input type='hidden' name='whoavatar' value='$row[avatarsmall]'>
595.    <input type='hidden' name='whopermission' value='$row[permissionset]'>
596.    <input type='hidden' name='whobets' value='$row[bets]'>
597.    <input type='hidden' name='whocoins' value='$row[coins]'>
598.  
599.    <button type='submit' name='banuser' class='btn btn-danger'>Ban</button>
600.  
601.    </form>
602. </td>
603.  
604.  
605. ";
606.     }
607.  
608.         }
609.   }
610.  
611.  
612.         if ($row['ban'] == 1) {
613.       echo "<td>Yes</td>";
614.  
615.       //Steamers, VIP or Designers are not allowed to ban or edit, at all.
616.     if ($_SESSION['permissionset'] < 4)
617.       {
618.         echo "<td>Not allowed</td>";
619.       }
620.       else {
621.                 //Do not show the edit/ban buttons if the permissionset of selected user is higher than or equal to yours
622.       if ($row['permissionset'] >= $_SESSION['permissionset']) {
623.             echo "<td>Not allowed</td>";
624.         }
625.     //Streamers, designers or VIP shouldn't be allowed to unban either
626.     if ($_SESSION['permissionset'] < 4)
627.  
628.     {
629.  
630.       echo "<td>Not allowed</td>";
631.  
632.     }
633.  
634.     else {
635.  
636.         echo "<td>
637.  
638.  
639.    <form action='#editmodal' method='POST'>
640.  
641.    <input type='hidden' name='who' value='$row[steamid]'>
642.    <input type='hidden' name='whouser' value='$row[username]'>
643.    <input type='hidden' name='whoavatar' value='$row[avatarsmall]'>
644.    <input type='hidden' name='whopermission' value='$row[permissionset]'>
645.    <input type='hidden' name='whobets' value='$row[bets]'>
646.    <input type='hidden' name='whocoins' value='$row[coins]'>
647.  
648.         <button type='button' name='edit' class='btn btn-primary' data-toggle='modal' data-target='#editmodal'>Edit</button>
649.  
650.         </form>
651.  
652.  
653.         <form action='' method='POST'>
654.  
655.  
656.         <input type='hidden' name='who' value='$row[steamid]'>
657.         <input type='hidden' name='whouser' value='$row[username]'>
658.    <input type='hidden' name='whoavatar' value='$row[avatarsmall]'>
659.    <input type='hidden' name='whopermission' value='$row[permissionset]'>
660.    <input type='hidden' name='whobets' value='$row[bets]'>
661.    <input type='hidden' name='whocoins' value='$row[coins]'>
662.  
663.  
664.         <button type='submit' name='unbanuser' class='btn btn-success'>Unban</button></td>
665.  
666.  
667.         </form>";
668. }
669.  
670.         }
671.   }
672.  
673.  
674.         echo "</tr>";
675.  
676.  
677.     }
678. } else {
679.  
680.  
681.     echo "0 results";
682.  
683.  
684. }
685.  
686.  
687. $conn->close();
688.  
689.  
690.     echo "</tr></table>";
691.  
692.  
693.     }
694.  
695.  
696.     ?>