API tools faq
paste
Advertisement
Guest User

staff_special.php

a guest
Feb 21st, 2012
59
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.11 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. include_once "sglobals.php";
  3. if ( $ir['user_level'] != 2 ) {
  4. echo 'You cannot access this area.<br />&gt; <a href="staff.php">Go Back</a>';
  5. die($h->endpage());
  6. }
  7. switch ( $_GET['action'] ) {
  8. case 'editnews': newspaper_form(); break;
  9. case 'subnews': newspaper_submit(); break;
  10. case 'givedpform': give_dp_form(); break;
  11. case 'givedpsub': give_dp_submit(); break;
  12. case 'stafflist': staff_list(); break;
  13. case 'userlevel': userlevel(); break;
  14. case 'userlevelform': userlevelform(); break;
  15. case 'massmailer': massmailer(); break;
  16. default: echo 'Error: This script requires an action.'; break;
  17. }
  18. function newspaper_form() {
  19. global $db,$ir,$c,$h,$userid;
  20. $q = $db->query("SELECT `content` FROM `papercontent`");
  21. $news = $db->fetch_row($q);
  22. echo "
  23. <h3>Editing Newspaper</h3>
  24. <form action='staff_special.php?action=subnews' method='post'>
  25. <textarea rows='7' cols='35' name='newspaper'>".$news['content']."</textarea>
  26. <br />
  27. <input type='submit' value='Change' />
  28. </form>
  29. ";
  30. }
  31. function newspaper_submit() {
  32. global $db,$ir,$c,$h,$userid;
  33. $news = strip_tags($db->escape($_POST['newspaper']));
  34. $db->query("UPDATE `papercontent` SET `content` = '$news'");
  35. echo 'Newspaper updated!';
  36. stafflog_add("Updated game newspaper");
  37. }
  38. function give_dp_form() {
  39. global $db,$ir,$c,$h,$userid;
  40. echo "
  41. <h3>Giving User DP</h3>
  42. The user will receive the benefits of one 30-day donator pack.
  43. <br />
  44. <form action='staff_special.php?action=givedpsub' method='post'>
  45. User: ".user_dropdown($c,'user')."
  46. <br />
  47. <input type='radio' name='type' value='1' /> Pack 1 (Standard)
  48. <br />
  49. <input type='radio' name='type' value='2' /> Pack 2 (Crystals)
  50. <br />
  51. <input type='radio' name='type' value='3' /> Pack 3 (IQ)
  52. <br />
  53. <input type='radio' name='type' value='4' /> Pack 4 (5.00)
  54. <br />
  55. <input type='radio' name='type' value='5' /> Pack 5 (10.00)
  56. <br />
  57. <input type='submit' value='Give User DP' />
  58. </form>
  59. ";
  60. }
  61. function give_dp_submit() {
  62. global $db,$ir,$c,$h,$userid;
  63. $_POST['user'] = ( isset($_POST['user'])&&is_numeric($_POST['user']) )?abs(intval($_POST['user'])):'';
  64. $_POST['type'] = ( isset($_POST['type'])&&in_array($_POST['type'], array(1,2,3,4,5)) )?$_POST['type']:'';
  65. if ( empty($_POST['user']) OR empty($_POST['type']) ) {
  66. echo 'Something went wrong.<br />&gt; <a href="staff_special.php?action=givedpform">Go Back</a>';
  67. die($h->endpage());
  68. }
  69. if ( $_POST['type'] == 1 ) {
  70. $don = "u.`money` = u.`money` + 5000,u.`crystals` = u.`crystals` + 50,us.`IQ` = us.`IQ` + 50,u.`donatordays` = u.`donatordays` + 30";
  71. $d = 30;
  72. } else if ( $_POST['type'] == 2 ) {
  73. $don = "u.`crystals` = u.`crystals` + 100,u.`donatordays` = u.`donatordays` + 30";
  74. $d = 30;
  75. } else if ( $_POST['type'] == 3 ) {
  76. $don = "us.`IQ` = us.`IQ` + 120,u.`donatordays` = u.`donatordays` + 30";
  77. $d = 30;
  78. } else if ( $_POST['type'] == 4 ) {
  79. $don = "u.`money` = u.`money` + 15000,u.`crystals` = u.`crystals` + 75,us.`IQ` = us.`IQ` + 80,u.`donatordays` = u.`donatordays`+55";
  80. $d = 55;
  81. } else if ( $_POST['type'] == 5 ) {
  82. $don = "u.`money` = u.`money` + 35000,u.`crystals` = u.`crystals` + 160,us.`IQ` = us.`IQ` + 180,u.`donatordays` = u.`donatordays` + 115";
  83. $d = 115;
  84. }
  85. $db->query("UPDATE `users` u LEFT JOIN `userstats` us ON u.`userid` = us.`userid` SET {$don} WHERE u.`userid` = {$_POST['user']}");
  86. event_add($_POST['user'],"You were given one $d -day donator pack (Pack {$_POST['type']}) from the administration.",$c);
  87. stafflog_add("Gave ID {$_POST['user']} a $d -day donator pack (Pack {$_POST['type']})");
  88. echo 'User given a DP.<br />&gt; <a href="staff.php">Go Home</a>';
  89. die($h->endpage());
  90. }
  91. function staff_list() {
  92. global $db,$ir,$c,$h,$userid;
  93. echo "
  94. <h3>Staff Management</h3>
  95. <b>Admins</b>
  96. <br />
  97. <table width='80%' cellpadding='1' cellspacing='1' class='table'>
  98. <tr style='background:gray'>
  99. <th>User</th>
  100. <th>Status</th>
  101. <th>Links</th>
  102. </tr>
  103. ";
  104. $q = $db->query("SELECT `laston`,`userid`,`username` FROM `users` WHERE `user_level` = 2 ORDER BY `userid` ASC");
  105. while ( $r = $db->fetch_row($q) ) {
  106. $on = ( ($r['laston'] >= $_SERVER['REQUEST_TIME'] - 15) * 60 )?'<span style="color: green;">Online</span>':'<span style="color: red;">Offline</span>';
  107. echo "
  108. <tr>
  109. <td><a href='viewuser.php?u={$r['userid']}'>{$r['username']}</a> [{$r['userid']}]</td>
  110. <td>$on</td>
  111. <td><a href='staff_special.php?action=userlevel&amp;level=3&amp;ID={$r['userid']}' >Secretary</a> &middot; <a href='staff_special.php?action=userlevel&amp;level=5&amp;ID={$r['userid']}' >Assistant</a> &middot; <a href='staff_special.php?action=userlevel&amp;level=1&amp;ID={$r['userid']}' >Member</a></td>
  112. </tr>
  113. ";
  114. }
  115. echo "
  116. </table>
  117. <b>Secretaries</b>
  118. <br />
  119. <table width='80%' cellpadding='1' cellspacing='1' class='table'>
  120. <tr style='background:gray'>
  121. <th>User</th>
  122. <th>Status</th>
  123. <th>Links</th>
  124. </tr>
  125. ";
  126. $q = $db->query("SELECT `laston`,`userid`,`username` FROM `users` WHERE `user_level` = 3 ORDER BY `userid` ASC");
  127. while ( $r = $db->fetch_row($q) ) {
  128. $on = ( ($r['laston'] >= $_SERVER['REQUEST_TIME'] - 15) * 60 )?'<span style="color: green;">Online</span>':'<span style="color: red;">Offline</span>';
  129. echo "
  130. <tr>
  131. <td><a href='viewuser.php?u={$r['userid']}'>{$r['username']}</a> [{$r['userid']}]</td>
  132. <td>$on</td>
  133. <td><a href='staff_special.php?action=userlevel&amp;level=2&amp;ID={$r['userid']}' >Admin</a> &middot; <a href='staff_special.php?action=userlevel&amp;level=5&amp;ID={$r['userid']}' >Assistant</a> &middot; <a href='staff_special.php?action=userlevel&amp;level=1&amp;ID={$r['userid']}' >Member</a></td>
  134. </tr>
  135. ";
  136. }
  137. echo "
  138. </table>
  139. <b>Assistants</b>
  140. <br />
  141. <table width='80%' cellpadding='1' cellspacing='1' class='table'>
  142. <tr style='background:gray'>
  143. <th>User</th>
  144. <th>Status</th>
  145. <th>Links</th>
  146. </tr>
  147. ";
  148. $q = $db->query("SELECT `laston`,`userid`,`username` FROM `users` WHERE `user_level` = 5 ORDER BY `userid` ASC");
  149. while ( $r = $db->fetch_row($q) ) {
  150. $on = ( ($r['laston'] >= $_SERVER['REQUEST_TIME'] - 15) * 60 )?'<span style="color: green;">Online</span>':'<span style="color: red;">Offline</span>';
  151. echo "
  152. <tr>
  153. <td><a href='viewuser.php?u={$r['userid']}'>{$r['username']}</a> [{$r['userid']}]</td>
  154. <td>$on</td>
  155. <td><a href='staff_special.php?action=userlevel&amp;level=2&amp;ID={$r['userid']}' >Admin</a> &middot; <a href='staff_special.php?action=userlevel&amp;level=3&amp;ID={$r['userid']}' >Secretary</a> &middot; <a href='staff_special.php?action=userlevel&amp;level=1&amp;ID={$r['userid']}' >Member</a></td>
  156. </tr>
  157. ";
  158. }
  159. echo '</table>';
  160. }
  161. function userlevel() {
  162. global $db,$ir,$c,$h,$userid;
  163. $_GET['level'] = ( isset($_GET['level'])&&in_array($_POST['level'], array(1,2,3,4,5)) )?abs(intval($_GET['level'])):1;
  164. $_GET['ID'] = ( isset($_GET['ID'])&&is_numeric($_GET['ID']) )?abs(intval($_GET['ID'])):'';
  165. $d = $db->query('SELECT `userid` FROM `users` WHERE `userid` = '.$_POST['ID']);
  166. if ( $db->num_rows($d) == 0 ) {
  167. echo 'Invalid user.<br />&gt; <a href="staff_special.php?action=userlevelform">Go Home</a>';
  168. die($h->endpage());
  169. }
  170.  
  171. $db->query("UPDATE `users` SET `user_level` = {$_POST['level']} WHERE `userid` = {$_POST['ID']}");
  172. stafflog_add('Adjusted user ID '.$_GET['ID'].'\'s staff status.');
  173. echo 'User\'s level adjusted.<br />&gt; <a href="staff.php">Go Home</a>';
  174. die($h->endpage());
  175. }
  176. function userlevelform() {
  177. global $db,$ir,$c,$h,$userid;
  178. echo "
  179. <h3>User Level Adjust</h3>
  180. <form action='staff_special.php?action=userlevel' method='post'>
  181. User: ".user_dropdown($c,'ID')."
  182. <br />
  183. User Level:
  184. <br />
  185. <input type='radio' name='level' value='1' /> Member
  186. <br />
  187. <input type='radio' name='level' value='2' /> Admin
  188. <br />
  189. <input type='radio' name='level' value='3' /> Secretary
  190. <br />
  191. <input type='radio' name='level' value='4' /> IRC Op
  192. <br />
  193. <input type='radio' name='level' value='5' /> Assistant
  194. <br />
  195. <input type='submit' value='Adjust' />
  196. </form>
  197. ";
  198. }
  199. function massmailer() {
  200. global $db,$ir,$c,$userid;
  201. $_POST['text'] = ( isset($_POST['text']) )?strip_tags($db->escape($_POST['text'])):'';
  202. $_POST['cat'] = ( isset($_POST['cat'])&&in_array($_POST['cat'], array(1,2,3)) )?$_POST['cat']:'';
  203. $_POST['level'] = ( isset($_POST['level'])&&in_array($_POST['level'],array(1,2,3,5)) )?$_POST['level']:'';
  204. if ( !empty($_POST['text']) && (!empty($_POST['cat'])&&empty($_POST['level'])) OR (empty($_POST['cat'])&&!empty($_POST['level'])) ) {
  205. $subj = 'Mass mail from Administrator';
  206. if ( $_POST['cat'] == 1 ) {
  207. $q = $db->query("SELECT `userid` FROM `users` WHERE `user_level` != 0");
  208. } else if ( $_POST['cat'] == 2 ) {
  209. $q = $db->query("SELECT `userid` FROM `users` WHERE `user_level` > 1");
  210. } else if ( $_POST['cat'] == 3 ) {
  211. $q = $db->query("SELECT `userid` FROM users WHERE `user_level` = 2");
  212. } else {
  213. $q = $db->query("SELECT `userid` FROM `users` WHERE `user_level` = {$_POST['level']}");
  214. }
  215. $uc = array();
  216. while ( $r = $db->fetch_row($q) ) {
  217. $db->query("INSERT INTO `mail` VALUES('', 0, 0, {$r['userid']}, unix_timestamp(),'$subj','{$_POST['text']}')");
  218. $uc[] = $r['userid'];
  219. }
  220.  
  221. $us_im = implode(',',$uc);
  222. $db->query('UPDATE `users` SET `new_mail` = `new_mail` + 1 WHERE `userid` IN('.$us_im.')');
  223. echo '
  224. Sent '.count($uc).' Mails.
  225. <br />
  226. &gt; <a href="staff.php">Go Home</a>
  227. ';
  228. } else {
  229. echo "
  230. <b>Mass Mailer</b>
  231. <br />
  232. <form action='staff_special.php?action=massmailer' method='post'> Text:
  233. <br />
  234. <textarea name='text' rows='7' cols='40'></textarea>
  235. <br />
  236. <input type='radio' name='cat' value='1' /> Send to all members <input type='radio' name='cat' value='2' /> Send to staff only <input type='radio' name='cat' value='3' /> Send to admins only
  237. <br />
  238. OR Send to user level:
  239. <br />
  240. <input type='radio' name='level' value='1' /> Member
  241. <br />
  242. <input type='radio' name='level' value='2' /> Admin
  243. <br />
  244. <input type='radio' name='level' value='3' /> Secretary
  245. <br />
  246. <input type='radio' name='level' value='5' /> Assistant
  247. <br />
  248. <input type='submit' value='Send' />
  249. </form>
  250. ";
  251. }
  252. }
  253. $h->endpage();
  254. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!