Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <head>
- <title>Suggestion Box</title>
- </head>
- <style>
- textarea {
- resize: none;
- }
- </style>
- </html>
- <?php
- /*
- * Developer: Script47
- * Module Name: Suggestion Box
- * Description: Allows users to post suggestions which you can then implement in to your game.
- * Price: Free
- * Support: Script47@hotmail.com
- * MWG Contact: http://www.makewebgames.com/member.php/69670-Script47
- * Thread: http://www.makewebgames.com/showthread.php/44236-Suggestion-Box?p=298646#post298646
- */
- include 'globals.php';
- echo '<h3>Suggestion Box</h3>';
- echo '<br/>';
- echo '[<a href="suggestionBox.php?newPost">New Suggestion</a>]';
- if($ir['userid'] == 1) {
- echo ' [<a href="suggestionBox.php?truncate=true">Truncate Suggestion Box</a>]';
- if(isset($_GET['truncate']) && $ir['userid'] == 1) {
- $truncate = $db->query("TRUNCATE TABLE `suggestion_box`");
- if($truncate) {
- header("Location: suggestionBox.php");
- exit();
- }
- }
- }
- if(isset($_GET['newPost'])) {
- echo '<br/>';
- echo '<br/>';
- echo '<form method="post">
- <input type="text" name="title" placeholder="Suggestion title" title="Suggestion title" spellcheck="true" autofocus required>
- <br/>
- <textarea rows="10" cols="45" name="description" placeholder="Detailed description of suggestion" title="Detailed description of suggestion" spellcheck="true" required></textarea>
- <br/>
- <input type="submit" name="postSuggestion" value="Post Suggestion">
- </form>';
- if(isset($_POST['postSuggestion'])) {
- if(!isset($_POST['title']) || empty($_POST['title'])) {
- exit('Title field empty.');
- } else if(!ctype_alnum($_POST['title'])) {
- exit('Title field can only be letters and or numbers.');
- } else if(!isset($_POST['description']) || empty($_POST['description'])) {
- exit('Description field empty.');
- } else if(!ctype_alnum($_POST['description'])) {
- exit('Description field can only be letters and or numbers.');
- } else {
- $title = htmlspecialchars(trim($_POST['title']));
- $description = htmlspecialchars(trim($_POST['description']));
- $username = $ir['username'];
- $insertSuggestion = $db->query("INSERT INTO `suggestion_box` (Title, Description, Suggester) VALUES ('$title', '$description', '$username')", $db->escape($title), $db->escape($description), $db->escape($username));
- if($insertSuggestion) {
- echo 'Suggestion added.';
- header("Refresh:2; URL=suggestionBox.php");
- exit();
- } else {
- echo 'Error executing query.';
- header("Refresh:2; URL=suggestionBox.php");
- exit();
- }
- }
- }
- }
- echo '<br/>';
- echo '<br/>';
- echo '<table align="center" border="1" cellpadding="10">';
- echo '<th>ID</th>';
- echo '<th>Title</th>';
- echo '<th>Description</th>';
- echo '<th>Suggester</th>';
- echo '<th>Date</th>';
- if($ir['user_level'] == 2) {
- echo '<th>Actions</th>';
- }
- $selectSuggestion = $db->query("SELECT * FROM `suggestion_box");
- while ($results = $db->fetch_row($selectSuggestion)) {
- echo '<tr><td>';
- echo $results['ID'];
- echo '</td><td>';
- echo $results['Title'];
- echo '</td><td>';
- echo $results['Description'];
- echo '</td><td>';
- echo $results['Suggester'];
- echo '</td><td>';
- echo date('d/m/Y g:i:s A', strtotime($results['Date']));
- if($ir['user_level'] == 2) {
- echo '</td><td>';
- echo "[<a href='suggestionBox.php?delete=true&ID={$results['ID']}'>Delete Suggestion</a>]";
- }
- echo '</td><tr>';
- }
- echo '</table>';
- if(isset($_GET['delete'])) {
- echo '<br/>';
- if($ir['user_level'] != 2) {
- header("Location: suggestionBox.php");
- exit();
- } else if(!ctype_digit($_GET['ID'])) {
- echo 'ID has to be an integer.';
- exit();
- } else {
- $ID = htmlspecialchars($_GET['ID'])+0;
- $deleteSuggestion = $db->query("DELETE FROM `suggestion_box` WHERE ID=$ID");
- if($deleteSuggestion) {
- header("Location: suggestionBox.php");
- exit();
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement