Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $value = $_COOKIE['_identity'];
- if ($value === null || strpos($value, '43534t635t63543') === false) {
- header('Location: http://os-v.org/site/login');
- die();
- }
- ?>
- <html>
- <head>
- <meta charset="utf-8" />
- <title>Chat logs</title>
- <link href="https://os-v.org/logs/chat/css/bootstrap.min.css" rel="stylesheet">
- <link href="https://os-v.org/logs/chat/css/bootstrap-datetimepicker.min.css" rel="stylesheet">
- <link href="https://os-v.org/logs/chat/css/main.css" rel="stylesheet" type="text/css"/>
- <script type="text/javascript" src="http://cdnjs.cloudflare.com/ajax/libs/jquery/1.8.3/jquery.min.js"></script>
- <script type="text/javascript" src="https://os-v.org/logs/chat/js/bootstrap.min.js"></script>
- <script type="text/javascript" src="https://os-v.org/logs/chat/js/bootstrap-datetimepicker.js"></script>
- <script type="text/javascript" src="https://os-v.org/logs/chat/js/advancedsearch.js"></script>
- </head>
- <body>
- <div class="loglinks">
- <a href="https://os-v.org/logs/chat/index.php">Chat</a> |
- <a href="https://os-v.org/logs/kills/index.php">PvP Kills</a> |
- <a href="https://os-v.org/logs/pvm/index.php">PvM Kills</a> |
- <a href="https://os-v.org/logs/logins/index.php">Logins</a> |
- <a href="https://os-v.org/logs/punishments/index.php">Punishments</a> |
- <a href="https://os-v.org/logs/stakes/index.php">Stakes</a> |
- <a href="https://os-v.org/logs/trades/index.php">Trades</a> |
- <a href="https://os-v.org/logs/errors/index.php">Errors</a>
- </div>
- <div class="container">
- <div class="table">
- <h2>Chat logs</h2>
- <form method="get" action="index.php" autocomplete="on" class="center">
- <input class="search" type="text" id="search" name="search" placeholder="Search..." size="20" required>
- <input class="button" id="reset" onclick="location.href='index.php'" type="button" value="Reset">
- </form>
- <br>
- <fieldset><legend>Advanced Search <input value="Show" class="button noselect" id="togglesearch" unselectable="on" onmousedown='return false;' onselectstart='return false;'></legend>
- <form id="advancedsearch" action="" hidden>
- <div class="searchleft">
- <div class="searchelement"><p>Between</p></div>
- <div class="searchelement"><p>And</p></div>
- <div class="searchelement"><p>Type</p></div>
- <div class="searchelement"><p>IP</p></div>
- <div class="searchelement"><p>Message Contains</p></div>
- <div class="searchelement">
- <div class="controls input-append date form_datetime" data-date-format="yyyy-mm-dd hh:ii:ss" data-link-field="startdate">
- <input size="16" type="text" value="" readonly>
- <span class="add-on"><i class="icon-remove"></i></span>
- <span class="add-on"><i class="icon-th"></i></span>
- </div>
- <input type="hidden" id="startdate" name="startdate" value="" />
- </div>
- <div class="searchelement">
- <div class="controls input-append date form_datetime" data-date-format="yyyy-mm-dd hh:ii:ss" data-link-field="enddate">
- <input size="16" type="text" value="" readonly>
- <span class="add-on"><i class="icon-remove"></i></span>
- <span class="add-on"><i class="icon-th"></i></span>
- </div>
- <input type="hidden" id="enddate" name="enddate" value="" />
- </div>
- <div class="checkline" class="searchelement">
- <label><input type="checkbox" id="chat" name="type" value="chat" checked>Chat</label>
- <label><input type="checkbox" id="command" name="type" value="command" checked>Command</label>
- <label><input type="checkbox" id="private" name="type" value="private" checked>Private Message</label>
- </div>
- <div class="searchelement">
- <input type="text" id="ip" size="24" value="">
- </div>
- <div class="searchelement">
- <input type="text" id="messages" size="24" value="" placeholder="Separate words by comma">
- </div>
- </div>
- <div class="searchright">
- <div class="searchelement">
- <p>Players</p>
- <input class="button noselect" id="addplayer" unselectable="on" onmousedown='return false;' onselectstart='return false;' value="Add">
- <input class="button noselect" id="delplayer" unselectable="on" onmousedown='return false;' onselectstart='return false;' value="Delete">
- <br>
- <input type="text" id="newplayer" size="20" value="">
- </div>
- <div class="searchelement">
- <select class="playersearch" id="playerlist" size="11" multiple></select>
- </div>
- </div>
- <div class="clear center buttonpanel">
- <input class="button" id="searchbutton" type="button" value="Search">
- <input class="button" onclick="location.href='index.php'" type="button" value="Reset">
- </div>
- </form>
- </fieldset>
- <script type="text/javascript">
- $('.form_datetime').datetimepicker({
- weekStart: 1,
- todayBtn: 1,
- autoclose: 1,
- todayHighlight: 1,
- startView: 2,
- forceParse: 0
- });
- </script>
- <select class="dropdown" id="offset" onchange="location = this.options[this.selectedIndex].value;">
- <?php
- $host = "70.42.74.5";
- $user = "donation_user";
- $pass = "9pf#1BCQwYW<<@V090nu6~27b5)XFq";
- $db = "punish";
- $pagelimit = 20;
- $maxPages = 100;
- $con = mysql_connect($host, $user, $pass);
- if (!$con)
- {
- die('Could not connect: ' . mysql_error());
- }
- mysql_select_db($db, $con);
- if (htmlspecialchars($_GET["search"])) {
- $search = mysql_real_escape_string(htmlspecialchars($_GET["search"]));
- $query = "SELECT * FROM chat WHERE ID LIKE '%" . $search . "%' OR DATE LIKE '%" . $search . "%' OR TYPE LIKE '%" . $search . "%'
- OR PLAYER LIKE '%" . $search . "%' OR IP LIKE '%" . $search . "%' OR MESSAGE LIKE '%" . $search . "%' OR RECIPIENT LIKE '%" . $search . "%'" ;
- } else {
- $query = "SELECT * FROM chat";
- if (htmlspecialchars($_GET["startdate"]) || htmlspecialchars($_GET["enddate"]) || htmlspecialchars($_GET["chat"]) || htmlspecialchars($_GET["command"]) || htmlspecialchars($_GET["private"]) || htmlspecialchars($_GET["message"]) || htmlspecialchars($_GET["ip"]) || htmlspecialchars($_GET["player"])) {
- $query = $query . " WHERE";
- $flag = false;
- if (htmlspecialchars($_GET["startdate"])) {
- if ($flag) {
- $query = $query . " AND DATE > '" . mysql_real_escape_string(htmlspecialchars($_GET["startdate"])) . "'";
- } else {
- $query = $query . " DATE > '" . mysql_real_escape_string(htmlspecialchars($_GET["startdate"])) . "'";
- $flag = true;
- }
- } if (htmlspecialchars($_GET["enddate"])) {
- if ($flag) {
- $query = $query . " AND DATE < '" . mysql_real_escape_string(htmlspecialchars($_GET["enddate"])) . "'";
- } else {
- $query = $query . " DATE < '" . mysql_real_escape_string(htmlspecialchars($_GET["enddate"])) . "'";
- $flag = true;
- }
- } if ((htmlspecialchars($_GET["chat"]) || htmlspecialchars($_GET["command"]) || htmlspecialchars($_GET["private"]))
- && !(htmlspecialchars($_GET["chat"]) && htmlspecialchars($_GET["command"]) && htmlspecialchars($_GET["private"]))) {
- if ($flag) {
- $query = $query . " AND (";
- } else {
- $query = $query . " (";
- $flag = true;
- }
- $typeFlag = false;
- if (htmlspecialchars($_GET["chat"])) {
- if ($typeFlag) {
- $query = $query . " OR TYPE = 'Chat'";
- } else {
- $query = $query . "TYPE = 'Chat'";
- $typeFlag = true;
- }
- } if (htmlspecialchars($_GET["command"])) {
- if ($typeFlag) {
- $query = $query . " OR TYPE = 'Command'";
- } else {
- $query = $query . "TYPE = 'Command'";
- $typeFlag = true;
- }
- } if (htmlspecialchars($_GET["private"])) {
- if ($typeFlag) {
- $query = $query . " OR TYPE = 'Private Message'";
- } else {
- $query = $query . "TYPE = 'Private Message'";
- $typeFlag = true;
- }
- }
- $query = $query . ")";
- } if (htmlspecialchars($_GET["ip"])) {
- if ($flag) {
- $query = $query . " AND IP LIKE '%" . mysql_real_escape_string(htmlspecialchars($_GET["ip"])) . "%'";
- } else {
- $query = $query . " IP LIKE '%" . mysql_real_escape_string(htmlspecialchars($_GET["ip"])) . "%'";
- $flag = true;
- }
- } if (isset($_GET["message"]) AND count($_GET["message"] > 0)) {
- if ($flag) {
- $query = $query . " AND (";
- } else {
- $query = $query . " (";
- $flag = true;
- }
- $messageFlag = false;
- foreach ($_GET["message"] AS $element) {
- if ($messageFlag) {
- $query = $query . " OR MESSAGE LIKE '%" . $element . "%'";
- } else {
- $query = $query . "MESSAGE LIKE '%" . $element . "%'";
- $messageFlag = true;
- }
- }
- $query = $query . ")";
- } if (isset($_GET["player"]) AND count($_GET["player"] > 0)) {
- if ($flag) {
- $query = $query . " AND (";
- } else {
- $query = $query . " (";
- $flag = true;
- }
- $playerFlag = false;
- foreach ($_GET["player"] AS $element) {
- if ($playerFlag) {
- $query = $query . " OR PLAYER = '" . $element . "' OR RECIPIENT = '" . $element . "'";
- } else {
- $query = $query . "PLAYER = '" . $element . "' OR RECIPIENT = '" . $element . "'";
- $playerFlag = true;
- }
- }
- $query = $query . ")";
- }
- }
- }
- $results = mysql_num_rows(mysql_query($query . " LIMIT " . ($pagelimit * $maxPages)));
- $pages = floor($results / $pagelimit);
- $offset = htmlspecialchars($_GET["offset"]);
- $url = preg_replace("{&?offset\\=[0-9]*}", "", http_build_query($_GET));
- if ($url) {
- for ($i = 1; $i <= $pages; $i++) {
- if ($offset && $offset == $i) {
- echo "<option value='index.php?$url&offset=$i' selected>$i</option>";
- } else {
- echo "<option value='index.php?$url&offset=$i'>$i</option>";
- }
- }
- } else {
- for ($i = 1; $i <= $pages; $i++) {
- if ($offset && $offset == $i) {
- echo "<option value='index.php?offset=$i' selected>$i</option>";
- } else {
- echo "<option value='index.php?offset=$i'>$i</option>";
- }
- }
- }
- ?>
- </select>
- <table id="hor-minimalist-b">
- <tr>
- <th>Date</th>
- <th>Type</th>
- <th>Player</th>
- <th>IP</th>
- <th>Message</th>
- <th>Recipient</th>
- </tr>
- <?php
- $query = $query . ' ORDER BY id desc LIMIT ' . $pagelimit;
- if (htmlspecialchars($_GET["offset"]) && is_numeric(htmlspecialchars($_GET["offset"]))) {
- $query = $query . ' OFFSET ' . $pagelimit * (floor(htmlspecialchars($_GET["offset"])) - 1);
- }
- $punishments = mysql_query($query);
- while($row = mysql_fetch_array($punishments, MYSQL_ASSOC)) {
- $date = htmlspecialchars($row['DATE'],ENT_QUOTES);
- $type = htmlspecialchars($row['TYPE'],ENT_QUOTES);
- $player = htmlspecialchars($row['PLAYER'],ENT_QUOTES);
- $ip = htmlspecialchars($row['IP'],ENT_QUOTES);
- $message = htmlspecialchars($row['MESSAGE'],ENT_QUOTES);
- $recipient = htmlspecialchars($row['RECIPIENT'],ENT_QUOTES);
- echo "<tr>";
- echo "<td>$date</td>";
- echo "<td>$type</td>";
- echo "<td>$player</td>";
- echo "<td>$ip</td>";
- echo "<td>$message</td>";
- echo "<td>$recipient</td>";
- echo "</tr>";
- }
- ?>
- </table>
- <br><br>
- <div class="footer">
- <?php
- $time = mysql_fetch_array(mysql_query('SELECT NOW()'));
- echo '<p>Current time: ' . htmlspecialchars($time['NOW()'],ENT_QUOTES) . '</p>';
- //echo "$query";
- mysql_close($con);
- ?>
- </div>
- </div>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement