API tools faq
paste
Advertisement
Guest User

shopadmin

a guest
Oct 16th, 2014
672
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 16.78 KB | None | 0 0
raw download clone embed print report
  1. <?PHP
  2. if($group_id_of_acc_logged >= $config['site']['access_admin_panel']) {
  3.     $offertype = $_REQUEST['offer_type'];
  4.     if((empty($action)) AND (empty($offertype))) {
  5.          $main_content .= '<br><h2><center><a href="?subtopic=shopadmin&action=addoffer">ADD SHOP OFFER</a><br><a href="?subtopic=shopadmin&action=points">ADD POINTS</a></center>';
  6.     }
  7.     if($action == "addoffer"){
  8.         $shop_points = stripslashes(ucwords(strtolower(trim($_REQUEST['shop_points']))));
  9.         $shop_offer_type = stripslashes(trim($_REQUEST['offer_type']));
  10.         if(empty($shop_points)) {
  11.             $main_content .= '<table border="0"><tr><td  align="center"><b>Select offer type:</b></td><td><table border="0" ><tr bgcolor="#505050">
  12.                 <td><font color="white">Item</td><td><font color="white">Item VIP</td><td><font color="white">Container</td><td><font color="white">Pacc</td><td><font color="white">VIP Days</td><td><font color="white">Redskull</td>
  13.                 <td><font color="white">Unban</td><td><font color="white">Changename</td></tr><tr bgcolor="#D4C0A1"><form action="" method="post">
  14.                 <td align="center"><input type="radio" name="offer_type" value="item" onClick="this.form.submit()"></td></lable>
  15.                 <td align="center"><input type="radio" name="offer_type" value="itemvip" onClick="this.form.submit()"></td></lable>
  16.                 <td align="center"><input type="radio" name="offer_type" value="container" onClick="this.form.submit()"></td>
  17.                 <td align="center"><input type="radio" name="offer_type" value="pacc" onClick="this.form.submit()"></td>
  18.                 <td align="center"><input type="radio" name="offer_type" value="vipdays" onClick="this.form.submit()"></td>
  19.                 <td align="center"><input type="radio" name="offer_type" value="redskull" onClick="this.form.submit()"></td>
  20.                 <td align="center"><input type="radio" name="offer_type" value="unban" onClick="this.form.submit()"></td>
  21.                 <td align="center"><input type="radio" name="offer_type" value="changename" onClick="this.form.submit()"></td>
  22.                 </form></tr></table></td></tr>';
  23.             $main_content .= '<form action="?subtopic=shopadmin&action=addoffer&offer_type='.$shop_offer_type.'" method="post" ><table border="0"><tr>
  24.                 <td align="center" ><b>Points:</b></td><td><input type="textbox" name="shop_points" maxlenght="7" style="width: 70px"></td></tr>';
  25.             if($_REQUEST['offer_type'] == 'container'){
  26.                 $main_content .= '<tr><td align="center" ><b>Container ID:</b></td>
  27.                     <td><input type="text" name="shop_itemid1" maxlenght="7" style="width: 70px" ></td></tr>
  28.                     <tr><td align="center" ><b>Count Container:</b></td>
  29.                     <td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>
  30.                     <tr><td align="center" ><b>Item ID:</b></td>
  31.                     <td><input type="text" name="shop_itemid2" maxlenght="7" style="width: 70px" ></td></tr>
  32.                     <tr><td align="center" ><b>Count Item:</b></td>
  33.                     <td><input type="text" name="shop_count2" maxlenght="7" style="width: 70px" ></td></tr>';
  34.             }
  35.             if($_REQUEST['offer_type'] == 'item'){
  36.                 $main_content .= '<tr><td align="center"><b>Item ID:</b></td>
  37.                     <td><input type="text" name="shop_itemid1" maxlenght="7" style="width: 70px" ></td></tr>
  38.                     <tr><td align="center"><b>Item Count:</b></td>
  39.                     <td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>';
  40.             }
  41.             if($_REQUEST['offer_type'] == 'itemvip'){
  42.                 $main_content .= '<tr><td align="center"><b>Item ID:</b></td>
  43.                     <td><input type="text" name="shop_itemid1" maxlenght="7" style="width: 70px" ></td></tr>
  44.                     <tr><td align="center"><b>Item Count:</b></td>
  45.                     <td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>';
  46.             }
  47.             if($_REQUEST['offer_type'] == 'pacc'){
  48.                 $main_content .= '<tr><td align="center" ><b>Days:</b></td>
  49.                     <td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>';
  50.             }
  51.             if($_REQUEST['offer_type'] == 'vipdays'){
  52.                 $main_content .= '<tr><td align="center" ><b>Days:</b></td>
  53.                     <td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>';
  54.             }
  55.             $main_content .= '<tr><td align="center" ><b>Offer Description:</b></td>
  56.                 <td ><textarea name="shop_offer_description" rows="2" cols="35"></textarea></td></tr>
  57.                 <tr><td align="center" ><b>Offer Name:</b></td>
  58.                 <td><input type="text" name="shop_offer_name" maxlenght="40" style="width: 200px" ></td></tr></table>
  59.                 <input name="submit" type="submit" value="Submit" /></form>
  60.                 <form action="?subtopic=shopadmin&action=addoffer" method="post" >
  61.                 <input name="submit" type="submit" value="Reset" /></form>';
  62.             $main_content .= '<form action="?subtopic=shopadmin" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
  63.         } else {
  64.             $shop_points = stripslashes(trim($_POST['shop_points']));
  65.             $shop_offer_type = stripslashes(trim($_REQUEST['offer_type']));
  66.             $shop_itemid1 = stripslashes(trim($_POST['shop_itemid1']));
  67.             $shop_count1 = stripslashes(trim($_POST['shop_count1']));
  68.             $shop_itemid2 = stripslashes(trim($_POST['shop_itemid2']));
  69.             $shop_count2 = stripslashes(trim($_POST['shop_count2']));
  70.             $shop_offer_description = stripslashes(trim($_POST['shop_offer_description']));
  71.             $shop_offer_name = stripslashes(trim($_POST['shop_offer_name']));
  72.             $SQL->query('INSERT INTO `z_shop_offer` (id, points, itemid1, count1, itemid2, count2, offer_type, offer_description, offer_name, pid) VALUES (NULL, '.$SQL->quote($shop_points).', '.$SQL->quote($shop_itemid1).', '.$SQL->quote($shop_count1).', '.$SQL->quote($shop_itemid2).', '.$SQL->quote($shop_count2).', '.$SQL->quote($shop_offer_type).', '.$SQL->quote($shop_offer_description).', '.$SQL->quote($shop_offer_name).', 0)');
  73.             $main_content .= '<center><h2><font color="red">Added to Shop:</font></h2></center><hr/>
  74.                 <tr><td align="center" ><b>Points:</b></td>
  75.                 <td>'.$shop_points.'</td></tr><br>';
  76.             if($shop_offer_type == 'container'){
  77.                 $main_content .= '<tr><td align="center" ><b>Container ID:</b></td>
  78.                     <td>'.$shop_itemid1.'</td></tr><br>
  79.                     <tr><td align="center" ><b>Count Container:</b></td>
  80.                     <td>'.$shop_count1.'</td></tr><br>
  81.                     <tr><td align="center" ><b> Item ID (in Container):</b></td>
  82.                     <td>'.$shop_itemid2.'</td></tr><br>
  83.                     <tr><td align="center" ><b>Count Item (in Container):</b></td>
  84.                     <td>'.$shop_count2.'</td></tr><br>';
  85.             }
  86.             if ($shop_offer_type == 'item'){
  87.                 $main_content .= '<tr><td align="center" ><b>Item ID:</b></td>
  88.                     <td>'.$shop_itemid1.'</td></tr><br>
  89.                     <tr><td align="center" ><b>Count Item:</b></td>
  90.                     <td>'.$shop_count1.'</td></tr><br>';
  91.             }
  92.             if ($shop_offer_type == 'itemvip'){
  93.                 $main_content .= '<tr><td align="center" ><b>Item ID:</b></td>
  94.                     <td>'.$shop_itemid1.'</td></tr><br>
  95.                     <tr><td align="center" ><b>Count Item:</b></td>
  96.                     <td>'.$shop_count1.'</td></tr><br>';
  97.             }
  98.             if ($shop_offer_type == 'pacc'){
  99.                 $main_content .= '<tr><td align="center" ><b>Days:</b></td>
  100.                     <td>'.$shop_count1.'</td></tr><br>';
  101.             }
  102.             if ($shop_offer_type == 'vipdays'){
  103.                 $main_content .= '<tr><td align="center" ><b>Days:</b></td>
  104.                     <td>'.$shop_count1.'</td></tr><br>';
  105.             }
  106.             $main_content .= '<tr><td align="center" ><b>Offer Type:</b></td>
  107.                 <td>'.$shop_offer_type.'</td></tr><br>
  108.                 <tr><td align="center" ><b>Offer Description:</b></td>
  109.                 <td>'.$shop_offer_description.'</td></tr><br>
  110.                 <tr><td align="center" ><b>Offer Name:</b></td>
  111.                 <td>'.$shop_offer_name.'</td></tr>
  112.                 <br><form action="?subtopic=shopadmin&action=addoffer" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
  113.         }
  114.     }
  115.     if($action == "viewoffer") {
  116.         $items = simplexml_load_file($config['site']['server_path'].'/data/items/items.xml') or die('<b>Could not load items!</b>');
  117.         foreach($items->item as $v)
  118.             $itemList[(int)$v['id']] = $v['name'];
  119.         $order = array("id" => "id", "points" => "points", "offer_type" => "offer_type", "itemid1" => "itemid1", "itemid2" => "itemid2");
  120.         $main_content .= '<center><table width="550"><tr BGCOLOR="#505050"><td width="5"><font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'id') . '" class=white>ID:</td><td width="5"><font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'points') . '" class=white>Points:</td><td width="7">
  121.             <font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'itemid1') . '" class=white>Item ID:</td><td width="5"><font color="white">Count:</td><td width="7"><center><font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'itemid2') . '" class=white>Container ID:</center></td><td width="5"><font color="white">Count:</td><td width="7"><font color="white"><a href="index.php?subtopic=shopadmin&action=viewoffer&order=' . getOrder($order, 'order', 'offer_type') . '" class=white>Offer Type:</td>
  122.             <td width="85"><font color="white">Offer Description:</td><td width="30"><font color="white">Offer Name:</td><td width="30"></td></tr>';
  123.         $shopoffers = $SQL->query('SELECT id, points, itemid1, count1, itemid2, count2, offer_type, offer_description, offer_name, pid FROM z_shop_offer ' . makeOrder($order, 'order', 'id'));
  124.         foreach($shopoffers as $shop) {
  125.             $main_content .= '</B><tr BGCOLOR="#D4C0A1"><td align="center">'.$shop['id'].'<td align="center">'.$shop['points'].'</td>';
  126.             if($shop['itemid1'] == "0") {
  127.                 $main_content .= '<td align="center">'.$shop['itemid1'].'<br></td>';
  128.             } else {
  129.                 $main_content .= '<td align="center">'.$shop['itemid1'].'<br>(' . $itemList[(int)$shop['itemid1']] . ')</td>';
  130.             }
  131.             $main_content .= '<td align="center">'.$shop['count1'].'</td>';
  132.             if($shop['itemid2'] == "0") {
  133.                 $main_content .= '<td align="center">'.$shop['itemid2'].'</td>';
  134.             } else {
  135.                 $main_content .= '<td align="center">'.$shop['itemid2'].'<br>(' . $itemList[(int)$shop['itemid2']] . ')</td>';
  136.             }
  137.             $main_content .= '<td align="center">'.$shop['count2'].'</td><td align="center">'.$shop['offer_type'].'</td><td align="left">'.$shop['offer_description'].'</td><td align="left">'.$shop['offer_name'].'</td>';
  138.             $main_content .= '<td align="center"><a href="?subtopic=shopadmin&action=editoffer&id='.$shop['id'].'"><img src="'.$layout_name.'/images/news/edit_news.png" border="0"></a><br><br><a href="?subtopic=shopadmin&action=deleteoffer&id='.$shop['id'].'"><img src="'.$layout_name.'/images/news/delete_news.png" border="0"></a></td>';
  139.         }
  140.         $main_content .= '</td></tr></TABLE><br><form action="?subtopic=shopadmin" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
  141.     }
  142.     if($action == "deleteoffer") {
  143.         $id = (int) $_REQUEST['id'];
  144.         $SQL->query('DELETE FROM z_shop_offer WHERE id = '.$id.' LIMIT 1;');
  145.         $main_content .= '<center>Shop offer has been deleted.</center><br><center><form action="?subtopic=shopadmin&action=viewoffer" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form></center>';
  146.     }
  147.     if($action == "editoffer") {
  148.         $id = (int) $_REQUEST['id'];
  149.         $shopoffers = $SQL->query('SELECT * FROM z_shop_offer WHERE id = '.$id.' LIMIT 1;');
  150.         foreach($shopoffers as $shop) {
  151.             $main_content .= '<form action="?subtopic=shopadmin&action=edited&id='.$id.'" method="post" ><table border="0"><tr><td align="center" ><b>Points:</b></td>
  152.                 <td><input type="textbox" name="shop_points" maxlenght="7" value="'.$shop['points'].'" style="width: 70px"></td></tr>';
  153.             if($shop['offer_type'] == 'container'){
  154.                 $main_content .= '<tr><td align="center" ><b>Container ID:</b></td>
  155.                     <td><input type="text" name="shop_itemid1" maxlenght="7" value="'.$shop['itemid1'].'" style="width: 70px" ></td></tr>
  156.                     <tr><td align="center" ><b>Count Container:</b></td>
  157.                     <td><input type="text" name="shop_count1" maxlenght="7" value="'.$shop['count1'].'" style="width: 70px" ></td></tr>
  158.                     <tr><td align="center" ><b>Item ID:</b></td>
  159.                     <td><input type="text" name="shop_itemid2" maxlenght="7" value="'.$shop['itemid2'].'" style="width: 70px" ></td></tr>
  160.                     <tr><td align="center" ><b>Count Item:</b></td>
  161.                     <td><input type="text" name="shop_count2" maxlenght="7" value="'.$shop['count2'].'" style="width: 70px" ></td></tr>';
  162.             }
  163.             if($shop['offer_type'] == 'item'){
  164.                 $main_content .= '<tr><td align="center"><b>Item ID:</b></td>
  165.                     <td><input type="text" name="shop_itemid1" maxlenght="7" value="'.$shop['itemid1'].'" style="width: 70px" ></td></tr>
  166.                     <tr><td align="center"><b>Item Count:</b></td>
  167.                     <td><input type="text" name="shop_count1" maxlenght="7" value="'.$shop['count1'].'" style="width: 70px" ></td></tr>';
  168.             }
  169.             if($shop['offer_type'] == 'itemvip'){
  170.                 $main_content .= '<tr><td align="center"><b>Item ID:</b></td>
  171.                     <td><input type="text" name="shop_itemid1" maxlenght="7" value="'.$shop['itemid1'].'" style="width: 70px" ></td></tr>
  172.                     <tr><td align="center"><b>Item Count:</b></td>
  173.                     <td><input type="text" name="shop_count1" maxlenght="7" value="'.$shop['count1'].'" style="width: 70px" ></td></tr>';
  174.             }
  175.             if($shop['offer_type'] == 'pacc'){
  176.                 $main_content .= '<tr><td align="center" ><b>Days:</b></td>
  177.                     <td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>';
  178.             }
  179.             if($shop['offer_type'] == 'vipdays'){
  180.                 $main_content .= '<tr><td align="center" ><b>Days:</b></td>
  181.                     <td><input type="text" name="shop_count1" maxlenght="7" style="width: 70px" ></td></tr>';
  182.             }
  183.             $main_content .= '<tr><td align="center" ><b>Offer Type:</b></td>
  184.                 <td><input type="text" name="shop_offer_type" value="'.$shop['offer_type'].'" maxlenght="40" style="width: 200px" ></td></tr>
  185.                 <tr><td align="center" ><b>Offer Description:</b></td>
  186.                 <td ><textarea name="shop_offer_description" rows="2" cols="35">'.$shop['offer_description'].'</textarea></td></tr>
  187.                 <tr><td align="center" ><b>Offer Name:</b></td>
  188.                 <td><input type="text" name="shop_offer_name" value="'.$shop['offer_name'].'" maxlenght="40" style="width: 200px" ></td></tr>
  189.                 <tr><td><input name="submit" type="submit" value="Submit" /></form></td><td></td></tr></table>';
  190.             $main_content .= '<form action="?subtopic=shopadmin&action=viewoffer" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
  191.         }
  192.     }
  193.     if($action == "edited") {
  194.         $id = (int) $_REQUEST['id'];
  195.         $shop_points = stripslashes(trim($_POST['shop_points']));
  196.         $shop_offer_type = stripslashes(trim($_POST['shop_offer_type']));
  197.         $shop_itemid1 = stripslashes(trim($_POST['shop_itemid1']));
  198.         $shop_count1 = stripslashes(trim($_POST['shop_count1']));
  199.         $shop_itemid2 = stripslashes(trim($_POST['shop_itemid2']));
  200.         $shop_count2 = stripslashes(trim($_POST['shop_count2']));
  201.         $shop_offer_description = stripslashes(trim($_POST['shop_offer_description']));
  202.         $shop_offer_name = stripslashes(trim($_POST['shop_offer_name']));
  203.         $SQL->query('UPDATE `z_shop_offer` SET `points` = '.$shop_points.', `itemid1` = '.$SQL->quote($shop_itemid1).', `count1` = '.$SQL->quote($shop_count1).', `itemid2` = '.$SQL->quote($shop_itemid2).', `count2` = '.$SQL->quote($shop_count2).', `offer_type` = '.$SQL->quote($shop_offer_type).', `offer_description` = '.$SQL->quote($shop_offer_description).', `offer_name` = '.$SQL->quote($shop_offer_name).' WHERE `id` = '.$id.';');
  204.         $main_content .= '<b><center>Shop offer successfully edited.</b><br><br><form action="?subtopic=shopadmin&action=viewoffer" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form><meta http-equiv="refresh" content="1;url=/?subtopic=shopadmin&action=viewoffer" />';
  205.     }
  206.     if($action == "points") {
  207.         $player = stripslashes(ucwords(strtolower(trim($_REQUEST['character']))));
  208.         $points = $_POST['points'];
  209.         if(empty($player)) {
  210.             $main_content .= '<form action="?subtopic=shopadmin&action=points" method="post"><B>Enter Character Name:</B><input type="textbox" name="character"><br>
  211.                 <B>Enter Points Amount:</B><input type="textbox" name="points"><br><br><input type="submit" value="Submit">
  212.                 </form></center><form action="?subtopic=shopadmin" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
  213.         } else {
  214.             $player_data = $SQL->query("SELECT * FROM `players` WHERE `name` = '".$player."';")->fetch();
  215.             $SQL->query("UPDATE `accounts` SET `premium_points` = `premium_points` + '".$points."' WHERE `id` = '".$player_data['account_id']."'");
  216.             $SQL->query("UPDATE `accounts` SET `backup_points` = `backup_points` + '".$points."' WHERE `id` = '".$player_data['account_id']."'");
  217.             $main_content .= '<b><center>'.$points.' Premium Points added to the account of <i>'.$player.'</i> !</b></center><br>
  218.                 <form action="?subtopic=shopadmin" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
  219.         }
  220.     }
  221. } else {
  222.     $main_content .= 'Sorry, you have not the rights to access this page.';
  223. }
  224. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!