Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include_once "sglobals.php";
- if ( $ir['user_level'] != 2 ) {
- echo 'You cannot access this area.<br />> <a href="staff.php">Go Back</a>';
- die($h->endpage());
- }
- switch ( $_GET['action'] ) {
- case 'editnews': newspaper_form(); break;
- case 'subnews': newspaper_submit(); break;
- case 'givedpform': give_dp_form(); break;
- case 'givedpsub': give_dp_submit(); break;
- case 'stafflist': staff_list(); break;
- case 'userlevel': userlevel(); break;
- case 'userlevelform': userlevelform(); break;
- case 'massmailer': massmailer(); break;
- default: echo 'Error: This script requires an action.'; break;
- }
- function newspaper_form() {
- global $db,$ir,$c,$h,$userid;
- $q = $db->query("SELECT `content` FROM `papercontent`");
- $news = $db->fetch_row($q);
- echo "
- <h3>Editing Newspaper</h3>
- <form action='staff_special.php?action=subnews' method='post'>
- <textarea rows='7' cols='35' name='newspaper'>".$news['content']."</textarea>
- <br />
- <input type='submit' value='Change' />
- </form>
- ";
- }
- function newspaper_submit() {
- global $db,$ir,$c,$h,$userid;
- $news = strip_tags($db->escape($_POST['newspaper']));
- $db->query("UPDATE `papercontent` SET `content` = '$news'");
- echo 'Newspaper updated!';
- stafflog_add("Updated game newspaper");
- }
- function give_dp_form() {
- global $db,$ir,$c,$h,$userid;
- echo "
- <h3>Giving User DP</h3>
- The user will receive the benefits of one 30-day donator pack.
- <br />
- <form action='staff_special.php?action=givedpsub' method='post'>
- User: ".user_dropdown($c,'user')."
- <br />
- <input type='radio' name='type' value='1' /> Pack 1 (Standard)
- <br />
- <input type='radio' name='type' value='2' /> Pack 2 (Crystals)
- <br />
- <input type='radio' name='type' value='3' /> Pack 3 (IQ)
- <br />
- <input type='radio' name='type' value='4' /> Pack 4 (5.00)
- <br />
- <input type='radio' name='type' value='5' /> Pack 5 (10.00)
- <br />
- <input type='submit' value='Give User DP' />
- </form>
- ";
- }
- function give_dp_submit() {
- global $db,$ir,$c,$h,$userid;
- $_POST['user'] = ( isset($_POST['user'])&&is_numeric($_POST['user']) )?abs(intval($_POST['user'])):'';
- $_POST['type'] = ( isset($_POST['type'])&&in_array($_POST['type'], array(1,2,3,4,5)) )?$_POST['type']:'';
- if ( empty($_POST['user']) OR empty($_POST['type']) ) {
- echo 'Something went wrong.<br />> <a href="staff_special.php?action=givedpform">Go Back</a>';
- die($h->endpage());
- }
- if ( $_POST['type'] == 1 ) {
- $don = "u.`money` = u.`money` + 5000,u.`crystals` = u.`crystals` + 50,us.`IQ` = us.`IQ` + 50,u.`donatordays` = u.`donatordays` + 30";
- $d = 30;
- } else if ( $_POST['type'] == 2 ) {
- $don = "u.`crystals` = u.`crystals` + 100,u.`donatordays` = u.`donatordays` + 30";
- $d = 30;
- } else if ( $_POST['type'] == 3 ) {
- $don = "us.`IQ` = us.`IQ` + 120,u.`donatordays` = u.`donatordays` + 30";
- $d = 30;
- } else if ( $_POST['type'] == 4 ) {
- $don = "u.`money` = u.`money` + 15000,u.`crystals` = u.`crystals` + 75,us.`IQ` = us.`IQ` + 80,u.`donatordays` = u.`donatordays`+55";
- $d = 55;
- } else if ( $_POST['type'] == 5 ) {
- $don = "u.`money` = u.`money` + 35000,u.`crystals` = u.`crystals` + 160,us.`IQ` = us.`IQ` + 180,u.`donatordays` = u.`donatordays` + 115";
- $d = 115;
- }
- $db->query("UPDATE `users` u LEFT JOIN `userstats` us ON u.`userid` = us.`userid` SET {$don} WHERE u.`userid` = {$_POST['user']}");
- event_add($_POST['user'],"You were given one $d -day donator pack (Pack {$_POST['type']}) from the administration.",$c);
- stafflog_add("Gave ID {$_POST['user']} a $d -day donator pack (Pack {$_POST['type']})");
- echo 'User given a DP.<br />> <a href="staff.php">Go Home</a>';
- die($h->endpage());
- }
- function staff_list() {
- global $db,$ir,$c,$h,$userid;
- echo "
- <h3>Staff Management</h3>
- <b>Admins</b>
- <br />
- <table width='80%' cellpadding='1' cellspacing='1' class='table'>
- <tr style='background:gray'>
- <th>User</th>
- <th>Status</th>
- <th>Links</th>
- </tr>
- ";
- $q = $db->query("SELECT `laston`,`userid`,`username` FROM `users` WHERE `user_level` = 2 ORDER BY `userid` ASC");
- while ( $r = $db->fetch_row($q) ) {
- $on = ( ($r['laston'] >= $_SERVER['REQUEST_TIME'] - 15) * 60 )?'<span style="color: green;">Online</span>':'<span style="color: red;">Offline</span>';
- echo "
- <tr>
- <td><a href='viewuser.php?u={$r['userid']}'>{$r['username']}</a> [{$r['userid']}]</td>
- <td>$on</td>
- <td><a href='staff_special.php?action=userlevel&level=3&ID={$r['userid']}' >Secretary</a> · <a href='staff_special.php?action=userlevel&level=5&ID={$r['userid']}' >Assistant</a> · <a href='staff_special.php?action=userlevel&level=1&ID={$r['userid']}' >Member</a></td>
- </tr>
- ";
- }
- echo "
- </table>
- <b>Secretaries</b>
- <br />
- <table width='80%' cellpadding='1' cellspacing='1' class='table'>
- <tr style='background:gray'>
- <th>User</th>
- <th>Status</th>
- <th>Links</th>
- </tr>
- ";
- $q = $db->query("SELECT `laston`,`userid`,`username` FROM `users` WHERE `user_level` = 3 ORDER BY `userid` ASC");
- while ( $r = $db->fetch_row($q) ) {
- $on = ( ($r['laston'] >= $_SERVER['REQUEST_TIME'] - 15) * 60 )?'<span style="color: green;">Online</span>':'<span style="color: red;">Offline</span>';
- echo "
- <tr>
- <td><a href='viewuser.php?u={$r['userid']}'>{$r['username']}</a> [{$r['userid']}]</td>
- <td>$on</td>
- <td><a href='staff_special.php?action=userlevel&level=2&ID={$r['userid']}' >Admin</a> · <a href='staff_special.php?action=userlevel&level=5&ID={$r['userid']}' >Assistant</a> · <a href='staff_special.php?action=userlevel&level=1&ID={$r['userid']}' >Member</a></td>
- </tr>
- ";
- }
- echo "
- </table>
- <b>Assistants</b>
- <br />
- <table width='80%' cellpadding='1' cellspacing='1' class='table'>
- <tr style='background:gray'>
- <th>User</th>
- <th>Status</th>
- <th>Links</th>
- </tr>
- ";
- $q = $db->query("SELECT `laston`,`userid`,`username` FROM `users` WHERE `user_level` = 5 ORDER BY `userid` ASC");
- while ( $r = $db->fetch_row($q) ) {
- $on = ( ($r['laston'] >= $_SERVER['REQUEST_TIME'] - 15) * 60 )?'<span style="color: green;">Online</span>':'<span style="color: red;">Offline</span>';
- echo "
- <tr>
- <td><a href='viewuser.php?u={$r['userid']}'>{$r['username']}</a> [{$r['userid']}]</td>
- <td>$on</td>
- <td><a href='staff_special.php?action=userlevel&level=2&ID={$r['userid']}' >Admin</a> · <a href='staff_special.php?action=userlevel&level=3&ID={$r['userid']}' >Secretary</a> · <a href='staff_special.php?action=userlevel&level=1&ID={$r['userid']}' >Member</a></td>
- </tr>
- ";
- }
- echo '</table>';
- }
- function userlevel() {
- global $db,$ir,$c,$h,$userid;
- $_GET['level'] = ( isset($_GET['level'])&&in_array($_POST['level'], array(1,2,3,4,5)) )?abs(intval($_GET['level'])):1;
- $_GET['ID'] = ( isset($_GET['ID'])&&is_numeric($_GET['ID']) )?abs(intval($_GET['ID'])):'';
- $d = $db->query('SELECT `userid` FROM `users` WHERE `userid` = '.$_POST['ID']);
- if ( $db->num_rows($d) == 0 ) {
- echo 'Invalid user.<br />> <a href="staff_special.php?action=userlevelform">Go Home</a>';
- die($h->endpage());
- }
- $db->query("UPDATE `users` SET `user_level` = {$_POST['level']} WHERE `userid` = {$_POST['ID']}");
- stafflog_add('Adjusted user ID '.$_GET['ID'].'\'s staff status.');
- echo 'User\'s level adjusted.<br />> <a href="staff.php">Go Home</a>';
- die($h->endpage());
- }
- function userlevelform() {
- global $db,$ir,$c,$h,$userid;
- echo "
- <h3>User Level Adjust</h3>
- <form action='staff_special.php?action=userlevel' method='post'>
- User: ".user_dropdown($c,'ID')."
- <br />
- User Level:
- <br />
- <input type='radio' name='level' value='1' /> Member
- <br />
- <input type='radio' name='level' value='2' /> Admin
- <br />
- <input type='radio' name='level' value='3' /> Secretary
- <br />
- <input type='radio' name='level' value='4' /> IRC Op
- <br />
- <input type='radio' name='level' value='5' /> Assistant
- <br />
- <input type='submit' value='Adjust' />
- </form>
- ";
- }
- function massmailer() {
- global $db,$ir,$c,$userid;
- $_POST['text'] = ( isset($_POST['text']) )?strip_tags($db->escape($_POST['text'])):'';
- $_POST['cat'] = ( isset($_POST['cat'])&&in_array($_POST['cat'], array(1,2,3)) )?$_POST['cat']:'';
- $_POST['level'] = ( isset($_POST['level'])&&in_array($_POST['level'],array(1,2,3,5)) )?$_POST['level']:'';
- if ( !empty($_POST['text']) && (!empty($_POST['cat'])&&empty($_POST['level'])) OR (empty($_POST['cat'])&&!empty($_POST['level'])) ) {
- $subj = 'Mass mail from Administrator';
- if ( $_POST['cat'] == 1 ) {
- $q = $db->query("SELECT `userid` FROM `users` WHERE `user_level` != 0");
- } else if ( $_POST['cat'] == 2 ) {
- $q = $db->query("SELECT `userid` FROM `users` WHERE `user_level` > 1");
- } else if ( $_POST['cat'] == 3 ) {
- $q = $db->query("SELECT `userid` FROM users WHERE `user_level` = 2");
- } else {
- $q = $db->query("SELECT `userid` FROM `users` WHERE `user_level` = {$_POST['level']}");
- }
- $uc = array();
- while ( $r = $db->fetch_row($q) ) {
- $db->query("INSERT INTO `mail` VALUES('', 0, 0, {$r['userid']}, unix_timestamp(),'$subj','{$_POST['text']}')");
- $uc[] = $r['userid'];
- }
- $us_im = implode(',',$uc);
- $db->query('UPDATE `users` SET `new_mail` = `new_mail` + 1 WHERE `userid` IN('.$us_im.')');
- echo '
- Sent '.count($uc).' Mails.
- <br />
- > <a href="staff.php">Go Home</a>
- ';
- } else {
- echo "
- <b>Mass Mailer</b>
- <br />
- <form action='staff_special.php?action=massmailer' method='post'> Text:
- <br />
- <textarea name='text' rows='7' cols='40'></textarea>
- <br />
- <input type='radio' name='cat' value='1' /> Send to all members <input type='radio' name='cat' value='2' /> Send to staff only <input type='radio' name='cat' value='3' /> Send to admins only
- <br />
- OR Send to user level:
- <br />
- <input type='radio' name='level' value='1' /> Member
- <br />
- <input type='radio' name='level' value='2' /> Admin
- <br />
- <input type='radio' name='level' value='3' /> Secretary
- <br />
- <input type='radio' name='level' value='5' /> Assistant
- <br />
- <input type='submit' value='Send' />
- </form>
- ";
- }
- }
- $h->endpage();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement