Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // do connect to database
- $dbhost = 'localhost';
- $dbname = 'site';
- $dbuser = 'username';
- $dbpass = 'password';
- // user interaction with html form
- if (isset($_POST['bansubmit']))
- {
- switch ($_POST['banform']) {
- case 'ban':
- $playername = $_REQUEST['player']; // "player" is name of html field (input)
- $dbconnect = mysql_connect($dbhost, $dbuser, $dbpass);
- mysql_select_db("$dbname") or die("Can't select a database.");
- $rs = mysql_query("SELECT * FROM phpbb_users WHERE username='$playername'");
- $result = mysql_fetch_array( $rs);
- if ($result[username] !== $playername) {
- header('Refresh: 3; URL: index.html');
- break;
- }
- else {
- $rs = mysql_query("SELECT * FROM bans WHERE player='$playername'");
- $result = mysql_fetch_array( $rs);
- if ($result[player] == $playername) {
- header('Refresh: 3; URL: index.html');
- break;
- }
- else {
- mysql_query("INSERT INTO bans (player, guid, reason) VALUES("some values");");
- mysql_close();
- header('Location: index.html');
- break;
- }
- }
- case 'unban':
- $playername = $_REQUEST['player'];
- $dbconnect = mysql_connect($dbhost, $dbuser, $dbpass);
- mysql_select_db("$dbname") or die("Can't select a database.");
- $rs = mysql_query("SELECT * FROM phpbb_users WHERE username='$playername'");
- $result = mysql_fetch_array( $rs);
- if ($result[username] !== $playername) {
- header('Refresh: 3; URL: index.html');
- break;
- }
- else {
- $rs = mysql_query("SELECT * FROM bans WHERE player='$playername'");
- $result = mysql_fetch_array( $rs);
- if ($result[player] == $playername) {
- mysql_query("DELETE FROM bans WHERE player='$playername';");
- mysql_close();
- header('Location: index.html');
- break;
- }
- }
- }
- }
- if (isset($_POST['warnsubmit']))
- {
- switch ($_POST['warnform']) {
- case 'warn':
- $playername = $_REQUEST['player'];
- $dbconnect = mysql_connect($dbhost, $dbuser, $dbpass);
- mysql_select_db("$dbname") or die("Can't select a database.");
- $rs = mysql_query("SELECT * FROM phpbb_users WHERE username='$playername'");
- $result = mysql_fetch_array( $rs);
- if ($result[username] !== $playername) {
- header('Refresh: 3; URL: index.html');
- break;
- }
- else {
- $rs = mysql_query("SELECT * FROM warnings WHERE player='$playername'");
- $result = mysql_fetch_array( $rs);
- if ($result[player] == $playername) {
- header('Refresh: 3; URL: index.html');
- break;
- }
- else {
- mysql_query("INSERT INTO warnings (player, guid, reason) VALUES("some values");");
- mysql_close();
- header('Location: index.html');
- break;
- }
- }
- case 'unwarn':
- $playername = $_REQUEST['player'];
- $dbconnect = mysql_connect($dbhost, $dbuser, $dbpass);
- mysql_select_db("$dbname") or die("Can't select a database.");
- $rs = mysql_query("SELECT * FROM phpbb_users WHERE username='$playername'");
- $result = mysql_fetch_array( $rs);
- if ($result[username] !== $playername) {
- header('Refresh: 3; URL: index.html');
- break;
- }
- else {
- $rs = mysql_query("SELECT * FROM warnings WHERE player='$playername'");
- $result = mysql_fetch_array( $rs);
- if ($result[player] == $playername) {
- mysql_query("DELETE FROM warnings WHERE player='$playername';");
- mysql_close();
- header('Location: index.html');
- break;
- }
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement