API tools faq
paste
Guest User

Untitled

a guest
Jun 25th, 2018
93
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 17.65 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /*=========================================================
  3. | HabbluxCMS - Habbo Retro Content Management System
  4. | #########################################################
  5. | Housekeeping developed by Bill Gilson
  6. | Visit habblux.net
  7. | #########################################################
  8. | Developed with stability & security in mind and uses
  9. | Phoenix Emulator 3.0 database
  10. | #########################################################
  11. \=========================================================*/
  12.  
  13. $auth->updateLocation($_SERVER['REQUEST_URI']);
  14. if(!$auth->permission("hk.users_information"))
  15. {
  16. $nopage = 1;
  17. $auth->logAction("NONE","account_information","Access denied");
  18. }
  19. else
  20. {
  21. $username = filter($_GET['username']);
  22. $userid = $users->userData($username,'id');
  23. if(isset($_GET['username']))
  24. {
  25. if($userid == NULL)
  26. {
  27. $error = "User not found";
  28. }
  29. else if($rankVerify['rank'] > $users->userData($_SESSION['hk_user'],'rank'))
  30. {
  31. $error = "User info not permitted";
  32. $auth->logAction($userid,"account_information","User info not permitted");
  33. }
  34. if($error)
  35. {
  36. ?>
  37. <div class="page-header">
  38. <div class="styled_title"><h1>Account Information</h1></div>
  39. </div>
  40. <div class="well">
  41. <div class="textcenter">
  42. <form method="get" class="form-stacked">
  43. <fieldset>
  44. <input type="hidden" name="account_information">
  45. <input class="bigfield" name="username" type="text" value="User not found" onfocus="this.value=(this.value=='<?php echo $error; ?>') ? '' : this.value;" onblur="this.value=(this.value=='') ? '<?php echo $error; ?>' : this.value;"/>
  46. <input type="submit" class="btn large primary" value="Go" />
  47. </fieldset>
  48. </form>
  49. </div>
  50. </div>
  51. <?php
  52. }
  53. if(isset($_POST['update']))
  54. {
  55. $updateemail = filter($_POST['email']);
  56. $updaterank = filter($_POST['rank']);
  57. $updatecredits = filter($_POST['credits']);
  58. $updatemotto = filter($_POST['motto']);
  59. $updatevip = filter($_POST['vip']);
  60. $updatebirthday = filter($_POST['birthday']);
  61. if(!is_numeric($updatecredits))
  62. {
  63. echo("<div class='alert-message failure'><p>Error, credits must be numberic!</p></div>");
  64. }
  65. else
  66. {
  67. mysql_query("UPDATE `users` SET `mail` = '".$updateemail."' , `rank` = '".$updaterank."' , `credits` = '".$updatecredits."' , `motto` = '".$updatemotto."' , `vip` = '".$updatevip."' , `birthday` = '".$updatebirthday."' WHERE `id` = '".$userid."'") or die($core->systemError("Update User","Updating of the user failed, most probable cause would be that the username doesnt exist."));
  68. $auth->logAction($userid,'account_information','User info updated');
  69. $server->serverMUS('updatemotto',$userid);
  70. $server->serverMUS('updatecredits',$userid);
  71. echo("<div class='alert-message success'><p>Changes Saved Successfully!</p></div>");
  72. }
  73. }
  74. if(isset($_POST['updatestats']))
  75. {
  76. $updaterespectpoints = filter($_POST['respectpoints']);
  77. $updatepetpoints = filter($_POST['petpoints']);
  78. if(!is_numeric($updaterespectpoints) || !is_numeric($updatepetpoints))
  79. {
  80. echo("<div class='alert-message failure'><p>Error, values must be numberic!</p></div>");
  81. }
  82. else
  83. {
  84. mysql_query("UPDATE `user_stats` SET `DailyRespectPoints` = '".$updaterespectpoints."' , `DailyPetRespectPoints` = '".$updatepetpoints."' WHERE `id` = '".$userid."'") or die(mysql_error());
  85. $auth->logAction($userid,'account_information','User info [stats] updated');
  86. echo("<div class='alert-message success'><p>Changes Saved Successfully!</p></div>");
  87. }
  88. }
  89. if(isset($_POST['ban']))
  90. {
  91. $ban_reason = filter($_POST['ban_reason']);
  92. $ban_length = filter($_POST['ban_length']);
  93. if($ban_reason == NULL || $ban_length == NULL)
  94. {
  95. echo("<div class='alert-message failure'><p>Error, you missed something!</p></div>");
  96. }
  97. else
  98. {
  99. $users->banUser('user',$username,$ban_reason,$ban_length);
  100. $auth->logAction($userid,'account_information','User banned, reason: ".$ban_reason."');
  101. echo("<div class='alert-message success'><p>User Banned</p></div>");
  102. }
  103. }
  104. // Tab 1 - User info;
  105. $auth->logAction($userid,'account_information','User info accessed');
  106. ?>
  107. <div id="tabs">
  108. <ul class="tabs">
  109. <li class="active">
  110. <a href="#tab1">Details</a>
  111. </li>
  112. <?php
  113. if($auth->permission("hk.users_update"))
  114. {
  115. echo("<li><a href='#tab2'>Edit Details</a></li>");
  116. echo("<li><a href='#tab3'>Edit Stats</a></li>");
  117. echo("<li><a href='#tab4'>Password Reset</a></li>");
  118. }
  119. if($auth->permission("hk.users_ban"))
  120. {
  121. echo("<li><a href='#tab5'>Ban</a></li>");
  122. }
  123. ?>
  124. </li>
  125. </ul>
  126. </div>
  127. <div id="tab1" class="tab_content">
  128. <div class="row">
  129. <div class="col30">
  130. <div class="internalpadding">
  131. <div class="styled_title">
  132. <h2><?php echo $users->userDatabyID($userid,"username"); ?> (# <?php echo $userid; ?>)</h2>
  133. </div>
  134. <p>Rank: <b><font color="red"><?php echo $users->rankName($users->userDatabyID($userid,"rank")); ?></font></b></p>
  135. <p>Real Name: <b><?php echo $users->userDatabyID($userid,"real_name"); ?></b></p>
  136. <p>Credits: <b><?php echo $users->userDatabyID($userid,"credits"); ?></b></p>
  137. <p>Email: <b><?php echo $users->userDatabyID($userid,"mail"); ?></b></p>
  138. <p>Motto: <b><?php echo $users->userDatabyID($userid,"motto"); ?></b></p>
  139. <p>Registration Date:<br /><b><?php echo date("F d, Y, G:i",$users->userDatabyID($userid,"account_created")); ?></b></p>
  140. <p>Registration IP:<br /><b><?php echo $users->userDatabyID($userid,"ip_reg"); ?></b></p>
  141. <p>Last Login:<br /><b><?php echo date("F d, Y, G:i",$users->userDatabyID($userid,"last_online")); ?></b></p>
  142. <p>Last IP:<br /><b><?php echo $users->userDatabyID($userid,"ip_last"); ?></b></p>
  143. </div>
  144. </div>
  145. <div class="col70">
  146. <p><h4>User Reports</h4></p>
  147. <div class="internalpadding">
  148. <table>
  149. <thead>
  150. <tr>
  151. <th>Title</th>
  152. <th>Date</th>
  153. </tr>
  154. </thead>
  155. <tbody>
  156. <?php
  157. $getReports = mysql_query("SELECT * FROM `cms_user_reports` WHERE `user_id` = '".$userid."'") or die(mysql_error());
  158. if(mysql_num_rows($getReports) == 0)
  159. {
  160. echo("<tr><th>There are no reports for this user</th><th></th></tr>");
  161. }
  162. else
  163. {
  164. while($reports = mysql_fetch_array($getReports))
  165. {
  166. $title = $reports['title'];
  167. $date = date("l F d, Y, G:i",$reports['date']);
  168. echo("<tr><th>".$title."</th><th>".$date."</th></tr>");
  169. }
  170. }
  171. ?>
  172. </tbody>
  173. </table>
  174. </div>
  175. </div>
  176. </div>
  177. </div>
  178. <?php
  179. // Tab 2 - Update user info;
  180. if($auth->permission("hk.users_update"))
  181. {
  182. ?>
  183. <div id="tab2" class="tab_content">
  184. <form method="post">
  185. <fieldset>
  186. <div class="clearfix">
  187. <div class="col2half">
  188. <div class="clearfix">
  189. <label for="username">Username</label>
  190. <div class="input">
  191. <input type="text" name="username" id="username" value="<?php echo $users->userDatabyID($userid,"username"); ?>" readonly />
  192. </div>
  193. </div>
  194. <div class="clearfix">
  195. <label for="email">Email</label>
  196. <div class="input">
  197. <input type="text" name="email" id="email" value="<?php echo $users->userDatabyID($userid,"mail"); ?>" />
  198. </div>
  199. </div>
  200. <div class="clearfix">
  201. <label for="rank">Rank</label>
  202. <div class="input">
  203. <select name="rank">
  204. <option value="<?php echo $rank; ?>"><?php echo $users->rankName($users->userDatabyID($userid,"rank")); ?></option>
  205. <?php
  206. $getRanks = mysql_query("SELECT * FROM `ranks` WHERE `id` != '".$rank."'");
  207. while($ranks = mysql_fetch_array($getRanks))
  208. {
  209. $id = $ranks['id'];
  210. $name = $users->rankName($id);
  211. echo("<option value='".$id."'>".$name." (".$id.")</option>");
  212. }
  213. ?>
  214. </select>
  215. </div>
  216. </div>
  217. <div class="clearfix">
  218. <label for="credits">Credits</label>
  219. <div class="input">
  220. <input type="text" name="credits" id="credits" value="<?php echo $users->userDatabyID($userid,"credits"); ?>" />
  221. </div>
  222. </div>
  223. </div>
  224. <div class="col2half">
  225. <div class="clearfix">
  226. <label for="motto">Motto</label>
  227. <div class="input">
  228. <input type="text" name="motto" id="motto" value="<?php echo $users->userDatabyID($userid,"motto"); ?>" />
  229. </div>
  230. </div>
  231. <div class="clearfix">
  232. <label for="vip">VIP</label>
  233. <div class="input">
  234. <select name="vip">
  235. <?php
  236. if($users->userDatabyID($userid,"vip") == 1)
  237. {
  238. echo "<option value='1'>Yes</option>";
  239. }
  240. else
  241. {
  242. echo "<option value='0'>No</option>";
  243. }
  244. if($users->userDatabyID($userid,"vip") == 0)
  245. {
  246. echo "<option value='0'>No</option>";
  247. }
  248. else
  249. {
  250. echo "<option value='1'>Yes</option>";
  251. }
  252. ?>
  253. </select>
  254. </div>
  255. </div>
  256. <div class="clearfix">
  257. <label for="birthday">Birthday</label>
  258. <div class="input">
  259. <input type="text" name="birthday" id="birthday" value="<?php echo $users->userDatabyID($userid,"birthday"); ?>" />
  260. </div>
  261. </div>
  262. </div>
  263. </div>
  264. </fieldset>
  265. <div class="actions">
  266. <input class="btn primary" type="submit" name="update" value="Save Changes" />
  267. <input class="btn" type="reset" value="Reset" />
  268. </div>
  269. </form>
  270. </div>
  271. <?php // Tab 3 - Update Stats; ?>
  272. <div id="tab3" class="tab_content">
  273. <form method="post">
  274. <fieldset>
  275. <div class="clearfix">
  276. <div class="col2half">
  277. <div class="clearfix">
  278. <label for="username">Respect Recieved</label>
  279. <div class="input">
  280. <input type="text" name="respect" id="respect" value="<?php echo $users->userStats($username,'Respect'); ?>" readonly />
  281. </div>
  282. </div>
  283. <div class="clearfix">
  284. <label for="email">Respect Given</label>
  285. <div class="input">
  286. <input type="text" name="respectgiven" id="respectgiven" value="<?php echo $users->userStats($username,'RespectGiven'); ?>" readonly />
  287. </div>
  288. </div>
  289. <div class="clearfix">
  290. <label for="rank">Gifts Recieved</label>
  291. <div class="input">
  292. <input type="text" name="giftsrecieved" id="giftsrecieved" value="<?php echo $users->userStats($username,'GiftsReceived'); ?>" readonly />
  293. </div>
  294. </div>
  295. <div class="clearfix">
  296. <label for="credits">Gifts Given</label>
  297. <div class="input">
  298. <input type="text" name="giftsgiven" id="giftsgiven" value="<?php echo $users->userStats($username,'GiftsGiven'); ?>" readonly />
  299. </div>
  300. </div>
  301. </div>
  302. <div class="col2half">
  303. <div class="clearfix">
  304. <label for="motto">Respect Points</label>
  305. <div class="input">
  306. <input type="text" name="respectpoints" id="respectpoints" value="<?php echo $users->userStats($username,'DailyRespectPoints'); ?>" />
  307. </div>
  308. </div>
  309. <div class="clearfix">
  310. <label for="vip">Pet Points</label>
  311. <div class="input">
  312. <input type="text" name="petpoints" id="petpoints" value="<?php echo $users->userStats($username,'DailyPetRespectPoints'); ?>" />
  313. </div>
  314. </div>
  315. </div>
  316. </div>
  317. </fieldset>
  318. <div class="actions">
  319. <input class="btn primary" type="submit" name="updatestats" value="Save Changes" />
  320. <input class="btn" type="reset" value="Reset" />
  321. </div>
  322. </form>
  323. </div>
  324. <?php // Tab 4 - Password Reset; ?>
  325. <div id="tab4" class="tab_content">
  326. <div class="row">
  327. <div class="col30">
  328. <div class="internalpadding">
  329. <div class="styled_title"><h2>Password Reset</h2></div>
  330. <p>From here you can reset this users password. The password will be displayed to you and it'll also be sent to the user's email address.</p>
  331. </div>
  332. </div>
  333. <div class="col70">
  334. <div class="internalpadding">
  335. <form method="post">
  336. <fieldset class="onecol">
  337. <div class="clearfix">
  338. <label for="password">New Password</label>
  339. <div class="input">
  340. <input type="text" name="new_password" id="new_password" value="Coming Soon" readonly />
  341. </div>
  342. </div>
  343. </fieldset>
  344. <div class="actions">
  345. <input class="btn primary" type="submit" name="change_password" value="Change Password" />
  346. </div>
  347. </form>
  348. </div>
  349. </div>
  350. </div>
  351. </div>
  352. <?php
  353. }
  354. // Tab 5 - Bans;
  355. if($auth->permission("hk.users_ban"))
  356. {
  357. ?>
  358. <div id="tab5" class="tab_content">
  359. <div class="row">
  360. <div class="col30">
  361. <div class="internalpadding">
  362. <div class="styled_title"><h2>Ban</h2></div>
  363. <p>From here you can ban a user. All bans are logged.</p>
  364. </div>
  365. </div>
  366. <div class="col70">
  367. <div class="internalpadding">
  368. <form method="post">
  369. <fieldset class="onecol">
  370. <div class="clearfix">
  371. <label for="ban_reason">Reason</label>
  372. <div class="input">
  373. <select name="ban_reasons" onchange="this.form.ban_reason.value=this.form.common.options[this.form.common.selectedIndex].value;this.form.common.selectedIndex=0" width="171px;">
  374. <option value="">Choose a common message / type own</option>
  375. <option value="Unacceptable Language / Behaviour">Unacceptable Language / Behaviour</option>
  376. <option value="Scamming / Tricking Users">Scamming / Tricking Users</option
  377. <option value="Fraud">Fraud</option>
  378. <option value="Hacking / Malicious Activites">Hacking / Malicious Activites</option>
  379. <option value="Harrasment">Harrasment</option>
  380. <option value="Unwelcome User">Unwelcome User</option>
  381. </select>
  382. </div>
  383. </div>
  384. <div class="clearfix">
  385. <div class="input">
  386. <input type="text" name="ban_reason" id="ban_reason" />
  387. </div>
  388. </div>
  389. <div class="clearfix">
  390. <label for="password">Length</label>
  391. <div class="input">
  392. <select name="ban_length">
  393. <option value="7200">2 hours</option>
  394. <option value="14400">4 hours</option>
  395. <option value="43200">12 hours</option>
  396. <option value="86400">24 hours</option>
  397. <option value="172800">2 days</option>
  398. <option value="259200">3 days</option>
  399. <option value="604800">1 week</option>
  400. <option value="1209600">2 weeks</option>
  401. <option value="1814400">3 weeks</option>
  402. <option value="2629743.83">1 month</option>
  403. <option value="5259487.66">2 months</option>
  404. <option value="31556926">1 year</option>
  405. <option value="63113851.9">2 years</option>
  406. <option value="315569259747">Permanent</option>
  407. </select>
  408. </div>
  409. </div>
  410. </fieldset>
  411. <div class="actions">
  412. <input class="btn primary" type="submit" name="ban" value="Ban" />
  413. </div>
  414. </form>
  415. </div>
  416. </div>
  417. </div>
  418. </div>
  419. <?php
  420. }
  421. }
  422. else
  423. {
  424. ?>
  425. <div class="page-header">
  426. <div class="styled_title"><h1>Account Information</h1></div>
  427. </div>
  428. <div class="well">
  429. <div class="textcenter">
  430. <form method="get" class="form-stacked">
  431. <fieldset>
  432. <input type="hidden" name="account_information">
  433. <input class="bigfield" name="username" type="text" value="Type a username" onfocus="this.value=(this.value=='Type a username') ? '' : this.value;" onblur="this.value=(this.value=='') ? 'Type a username' : this.value;"/>
  434. <input type="submit" class="btn large primary" value="Go" />
  435. </fieldset>
  436. </form>
  437. </div>
  438. </div>
  439. <?php
  440. }
  441. }
  442. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!