Script47

Suggestion Box

Dec 23rd, 2013
435
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <html>
  2.     <head>
  3.         <title>Suggestion Box</title>
  4.     </head>
  5.     <style>
  6.         textarea {
  7.             resize: none;
  8.         }
  9.     </style>
  10. </html>
  11.  
  12. <?php
  13.  
  14. /*
  15.  * Developer: Script47
  16.  * Module Name: Suggestion Box
  17.  * Description: Allows users to post suggestions which you can then implement in to your game.
  18.  * Price: Free
  19.  * Support: Script47@hotmail.com
  20.  * MWG Contact: http://www.makewebgames.com/member.php/69670-Script47
  21.  * Thread: http://www.makewebgames.com/showthread.php/44236-Suggestion-Box?p=298646#post298646
  22. */
  23.  
  24. include 'globals.php';
  25.  
  26. echo '<h3>Suggestion Box</h3>';
  27.  
  28. echo '<br/>';
  29.  
  30. echo '[<a href="suggestionBox.php?newPost">New Suggestion</a>]';
  31.  
  32. if($ir['userid'] == 1) {
  33.     echo ' [<a href="suggestionBox.php?truncate=true">Truncate Suggestion Box</a>]';
  34.     if(isset($_GET['truncate']) && $ir['userid'] == 1) {
  35.         $truncate = $db->query("TRUNCATE TABLE `suggestion_box`");
  36.        
  37.         if($truncate) {
  38.             header("Location: suggestionBox.php");
  39.             exit();
  40.         }
  41.     }
  42. }
  43.  
  44. if(isset($_GET['newPost'])) {
  45.     echo '<br/>';
  46.     echo '<br/>';  
  47.    
  48.     echo '<form method="post">
  49.             <input type="text" name="title" placeholder="Suggestion title" title="Suggestion title" spellcheck="true" autofocus required>
  50.             <br/>
  51.             <textarea rows="10" cols="45" name="description" placeholder="Detailed description of suggestion" title="Detailed description of suggestion" spellcheck="true" required></textarea>
  52.             <br/>
  53.             <input type="submit" name="postSuggestion" value="Post Suggestion">
  54.         </form>';
  55.    
  56.     if(isset($_POST['postSuggestion'])) {
  57.         if(!isset($_POST['title']) || empty($_POST['title'])) {
  58.             exit('Title field empty.');
  59.         } else if(!ctype_alnum($_POST['title'])) {
  60.             exit('Title field can only be letters and or numbers.');
  61.         } else if(!isset($_POST['description']) || empty($_POST['description'])) {
  62.             exit('Description field empty.');
  63.         } else if(!ctype_alnum($_POST['description'])) {
  64.             exit('Description field can only be letters and or numbers.');
  65.         } else {
  66.             $title = htmlspecialchars(trim($_POST['title']));
  67.             $description = htmlspecialchars(trim($_POST['description']));
  68.             $username = $ir['username'];
  69.            
  70.             $insertSuggestion = $db->query("INSERT INTO `suggestion_box` (Title, Description, Suggester) VALUES ('$title', '$description', '$username')", $db->escape($title), $db->escape($description), $db->escape($username));
  71.            
  72.             if($insertSuggestion) {
  73.                 echo 'Suggestion added.';
  74.                 header("Refresh:2; URL=suggestionBox.php");
  75.                 exit();
  76.             } else {
  77.                 echo 'Error executing query.';
  78.                 header("Refresh:2; URL=suggestionBox.php");
  79.                 exit();                
  80.             }
  81.         }
  82.     }
  83. }
  84.  
  85. echo '<br/>';
  86. echo '<br/>';
  87.  
  88. echo '<table align="center" border="1" cellpadding="10">';
  89.  
  90. echo '<th>ID</th>';
  91. echo '<th>Title</th>';
  92. echo '<th>Description</th>';
  93. echo '<th>Suggester</th>';
  94. echo '<th>Date</th>';
  95.  
  96. if($ir['user_level'] == 2) {
  97.     echo '<th>Actions</th>';
  98. }
  99.  
  100. $selectSuggestion = $db->query("SELECT * FROM `suggestion_box");
  101.  
  102. while ($results = $db->fetch_row($selectSuggestion)) {
  103.     echo '<tr><td>';
  104.     echo $results['ID'];
  105.     echo '</td><td>';
  106.     echo $results['Title'];
  107.     echo '</td><td>';
  108.     echo $results['Description'];
  109.     echo '</td><td>';
  110.     echo $results['Suggester'];
  111.     echo '</td><td>';  
  112.     echo date('d/m/Y g:i:s A',  strtotime($results['Date']));  
  113.     if($ir['user_level'] == 2) {
  114.         echo '</td><td>';
  115.         echo "[<a href='suggestionBox.php?delete=true&ID={$results['ID']}'>Delete Suggestion</a>]";
  116.     }  
  117.     echo '</td><tr>';  
  118. }
  119. echo '</table>';
  120.  
  121. if(isset($_GET['delete'])) {
  122.     echo '<br/>';
  123.    
  124.     if($ir['user_level'] != 2) {
  125.         header("Location: suggestionBox.php");
  126.         exit();
  127.     } else if(!ctype_digit($_GET['ID'])) {
  128.         echo 'ID has to be an integer.';
  129.         exit();
  130.     } else {
  131.         $ID = htmlspecialchars($_GET['ID'])+0;
  132.        
  133.         $deleteSuggestion = $db->query("DELETE FROM `suggestion_box` WHERE ID=$ID");
  134.        
  135.         if($deleteSuggestion) {
  136.             header("Location: suggestionBox.php");
  137.             exit();
  138.         }
  139.     }
  140. }
  141. ?>
RAW Paste Data