hi milkmanmilkman wrote:Hi forumatic,
Can you confirm which version of ModCP you have installed? When I look in the current version of the file the error you refer to should be happening around line 160 not 79. Perhaps you could download another copy and try that?
Code: Select all
<?php
/***************************************************************************
* admin_modcp.php
* ---------------
* begin : Sunday, Dec 26, 2004
* copyright : (C) 2005 web-milk.co.uk
* email : [email protected]
*
* $Id: admin_modcp.php, v1.1.00.01 2005/08/15 17:01:20 kooky Exp $
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
$file = basename(__FILE__);
$module['Modcp']['Configuration'] = $file;
return;
}
// Dummy function, always returns true;
function check_perms( $category = '', $module = '', $level = '' )
{
return true;
}
//
// Let's set the root dir for phpBB
//
$phpbb_root_path = './../';
require($phpbb_root_path . 'extension.inc');
require('./pagestart.' . $phpEx);
//
// Let's get the config data that we want
//
$sql = "SELECT *
FROM " . CONFIG_TABLE . "
WHERE config_name LIKE 'modcp_module_%'";
if (!$result = $db->sql_query($sql))
{
message_die(CRITICAL_ERROR, 'Could not query config information in admin_board', '', __LINE__, __FILE__, $sql);
}
else
{
while ($row = $db->sql_fetchrow($result))
{
// The config_name is in the form modcp_module_<Cat-name>_<Mod-name>, let's split it up.
list($category, $module_name) = split('_', substr($row['config_name'], strlen('modcp_module_')));
$category = str_replace('-', '_', $category);
$module_name = str_replace('-', '_', $module_name);
$installed_module[$category][$module_name] = explode(',', $row['config_value']);
}
}
//
// Let's do the update baby, yeah!
//
if (isset($HTTP_POST_VARS['submit']))
{
$level_used = array(
MAIN_MOD => 1, // Forced on
MOD => 0,
SUPPORT => 0,
VIP => 0,
BOT => 0
);
foreach($HTTP_POST_VARS as $config_name => $config_value)
{
if ($config_name != 'submit')
{
// Split the config_name up and check if it is installed.
list($category, $module_name) = split('_', substr($config_name, strlen('modcp_module_')));
$category = str_replace('-', '_', $category);
$module_name = str_replace('-', '_', $module_name);
// Main mod has access to all when a module is enabled!
$n_perms = count($config_value); if (in_array(0, $config_value)) $n_perms--;
if ( $n_perms && !in_array(MAIN_MOD, $config_value) )
{
$config_value[] = MAIN_MOD;
}
// Make a note of the user levels that have permissions.
foreach ($config_value as $l) if ($l != 0)
{
$level_used[$l] = 1;
}
$config_value = implode(',', $config_value);
if (isset($installed_module[$category][$module_name]))
{
// Update
$sql = "UPDATE " . CONFIG_TABLE . " SET
config_value = '" . str_replace("\'", "''", $config_value) . "'
WHERE config_name = '$config_name'";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Failed to update general configuration for $category/$module_name", "", __LINE__, __FILE__, $sql);
}
}
else
{
// Insert
$sql = "INSERT INTO " . CONFIG_TABLE . " (config_name, config_value)
VALUES ('$config_name', '". str_replace("\'", "''", $config_value) . "')";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Failed to update general configuration for $category/$module_name", "", __LINE__, __FILE__, $sql);
}
}
}
}
// Update the used flags
$comma = '';
foreach ($level_used as $l => $used) if ($used == 1)
{
$level_used_list .= "$comma$l";
$comma = ',';
}
$sql = "UPDATE " . CONFIG_TABLE . " SET
config_value = '" . str_replace("\'", "''", $level_used_list) . "'
WHERE config_name = 'modcp_levels_used'";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Failed to update general configuration for $category/$module_name", "", __LINE__, __FILE__, $sql);
}
$message = $lang['Config_updated'] . '<br /><br />' . sprintf($lang['Click_return_config'], '<a href="' . append_sid('admin_modcp.' . $phpEx) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . $phpEx . '?pane=right') . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
elseif (isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']))
{
if (isset($HTTP_POST_VARS['mode']))
{
$mode = $HTTP_POST_VARS['mode'];
}
else
{
$mode = urldecode($HTTP_GET_VARS['mode']);
}
if (isset($HTTP_POST_VARS['name']))
{
$name = $HTTP_POST_VARS['name'];
}
else
{
$name = urldecode($HTTP_GET_VARS['name']);
}
// Check that the name is a modcp_module
list($category, $module_name) = split('_', substr($name, strlen('modcp_module_')));
$category = str_replace('-', '_', $category);
$module_name = str_replace('-', '_', $module_name);
if (!isset($installed_module[$category][$module_name]))
{
message_die(GENERAL_ERROR, "The requested module ($category/$module_name) is not installed.");
}
switch($mode)
{
case 'disable':
if (!empty($name))
{
// Update
$sql = "UPDATE " . CONFIG_TABLE . " SET
config_value = '0'
WHERE config_name = '$name'";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Failed to update general configuration for $category/$module_name", "", __LINE__, __FILE__, $sql);
}
$message = $lang['Config_updated'] . '<br /><br />' . sprintf($lang['Click_return_config'], '<a href="' . append_sid('admin_modcp.' . $phpEx) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . $phpEx . '?pane=right') . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
break;
case 'remove':
if (!empty($name))
{
// Delete
$sql = "DELETE FROM " . CONFIG_TABLE . "
WHERE config_name = '$name'";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Failed to update general configuration for $category/$module_name", "", __LINE__, __FILE__, $sql);
}
$message = $lang['Config_updated'] . '<br /><br />' . sprintf($lang['Click_return_config'], '<a href="' . append_sid('admin_modcp.' . $phpEx) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . $phpEx . '?pane=right') . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
break;
}
}
//
// Get a list of the modules present
//
$dir = @opendir($phpbb_root_path .'modcp');
$module = array();
$modcp_module = array();
$setmodules = 1;
while( $file = @readdir($dir) )
{
if ( preg_match("/^admin_.*?\." . $phpEx . "$/", $file) )
{
include($phpbb_root_path . 'modcp/' . $file);
}
}
@closedir($dir);
unset($setmodules);
ksort($module);
ksort($modcp_module);
//
// Compare the two lists to make a list of new, installable modules.
//
if (!empty($modcp_module))
{
foreach($modcp_module as $category => $module_list)
{
foreach($module_list as $mod => $v)
{
if (!isset($installed_module[$category][$mod]))
{
$new_module[$category][$mod] = array();
}
}
}
unset($module_list);
}
//
// Let's do some outputting..
//
// Global stuff...
$template->set_filenames(array(
'body' => 'admin/modcp_config_body.tpl'
)
);
$s_hidden_fields = '';
$template->assign_vars(array(
'S_MODCP_ACTION' => append_sid('admin_modcp.' . $phpEx),
'L_MODCP_TITLE' => $lang['Modcp_title'],
'L_MODCP_EXPLAIN' => $lang['Modcp_explain'],
'L_WHO_ACCESS' => $lang['Who_access'],
'L_MODULE_PERMISSIONS' => $lang['Modcp_permissions'],
'L_NEW_MODULES' => $lang['New_modules'],
'L_NEW_MODULES_EXPLAIN' => $lang['New_modules_explain'],
'L_MODULE_NO_INSTALL' => $lang['Module_no_install'],
'L_MODULE_NO_INSTALL_EXPLAIN' => $lang['Module_no_install_explain'],
'L_SUBMIT' => $lang['Submit'],
'L_RESET' => $lang['Reset'],
'L_DISABLE' => $lang['Disable'],
'L_REMOVE' => $lang['Remove'],
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);
$checkbox_mask = '<input type="checkbox" id="%FIELD_NAME%[%N%]" name="%FIELD_NAME%[%N%]" value="%LEVEL%"%CHECKED% /> <label for="%FIELD_NAME%[%N%]">%LANG%</label> ';
// First the installed modules, if there are any..
if (!empty($installed_module))
{
foreach($installed_module as $category => $module_list)
{
ksort($module_list);
// Prepare the category name
$cat_name = (isset($lang[$category])) ? $lang[$category] : ucwords(str_replace('_', ' ', $category));
$template->assign_block_vars('category', array(
'L_CAT_NAME' => $cat_name)
);
$i = 0; // Reset for each category
foreach($module_list as $mod => $v)
{
// Prepare the module name
$mod_name = (isset($lang[$mod])) ? $lang[$mod] : ucwords(str_replace('_', ' ', $mod));
// Prepare the field name
$field_name = 'modcp_module_' . str_replace('_', '-', $category) . '_' . str_replace('_', '-', $mod);
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
// Does the module file still exist?
if (isset($modcp_module[$category][$mod]))
{
$s_checkboxes = '<input type="hidden" name='. $field_name .'[0]" value="0" />';
// Is user class present? Test for MAIN_MOD
if (defined('MAIN_MOD'))
{
$n = 1;
// Main Moderators (needed for the User Class Mod only)
$checked = (in_array(MAIN_MOD, $v)) ? ' checked="checked"' : '';
$this_checkbox = $checkbox_mask;
$this_checkbox = str_replace('%FIELD_NAME%', $field_name, $this_checkbox);
$this_checkbox = str_replace('%N%', $n++, $this_checkbox);
$this_checkbox = str_replace('%LEVEL%', MAIN_MOD, $this_checkbox);
$this_checkbox = str_replace('%CHECKED%', $checked, $this_checkbox);
$this_checkbox = str_replace('%LANG%', $lang['Main_Moderators'], $this_checkbox);
$s_checkboxes .= $this_checkbox;
// Moderators
$checked = (in_array(MOD, $v)) ? ' checked="checked"' : '';
$this_checkbox = $checkbox_mask;
$this_checkbox = str_replace('%FIELD_NAME%', $field_name, $this_checkbox);
$this_checkbox = str_replace('%N%', $n++, $this_checkbox);
$this_checkbox = str_replace('%LEVEL%', MOD, $this_checkbox);
$this_checkbox = str_replace('%CHECKED%', $checked, $this_checkbox);
$this_checkbox = str_replace('%LANG%', $lang['Moderators'], $this_checkbox);
$s_checkboxes .= $this_checkbox;
// Support Team (needed for the User Class Mod only)
$checked = (in_array(SUPPORT, $v)) ? ' checked="checked"' : '';
$this_checkbox = $checkbox_mask;
$this_checkbox = str_replace('%FIELD_NAME%', $field_name, $this_checkbox);
$this_checkbox = str_replace('%N%', $n++, $this_checkbox);
$this_checkbox = str_replace('%LEVEL%', SUPPORT, $this_checkbox);
$this_checkbox = str_replace('%CHECKED%', $checked, $this_checkbox);
$this_checkbox = str_replace('%LANG%', $lang['Support'], $this_checkbox);
$s_checkboxes .= $this_checkbox;
// V.I.P.s (needed for the User Class Mod only)
$checked = (in_array(VIP, $v)) ? ' checked="checked"' : '';
$this_checkbox = $checkbox_mask;
$this_checkbox = str_replace('%FIELD_NAME%', $field_name, $this_checkbox);
$this_checkbox = str_replace('%N%', $n++, $this_checkbox);
$this_checkbox = str_replace('%LEVEL%', VIP, $this_checkbox);
$this_checkbox = str_replace('%CHECKED%', $checked, $this_checkbox);
$this_checkbox = str_replace('%LANG%', $lang['VIP'], $this_checkbox);
$s_checkboxes .= $this_checkbox;
// Bots (needed for the User Class Mod only)
$checked = (in_array(BOT, $v)) ? ' checked="checked"' : '';
$this_checkbox = $checkbox_mask;
$this_checkbox = str_replace('%FIELD_NAME%', $field_name, $this_checkbox);
$this_checkbox = str_replace('%N%', $n++, $this_checkbox);
$this_checkbox = str_replace('%LEVEL%', BOT, $this_checkbox);
$this_checkbox = str_replace('%CHECKED%', $checked, $this_checkbox);
$this_checkbox = str_replace('%LANG%', $lang['Bots'], $this_checkbox);
$s_checkboxes .= $this_checkbox;
}
else
{
// There's only one person who can use this, a moderator!
$checked = (in_array(MOD, $v)) ? ' checked="checked"' : '';
$this_checkbox = $checkbox_mask;
$this_checkbox = str_replace('%FIELD_NAME%', $field_name, $this_checkbox);
$this_checkbox = str_replace('%N%', $n++, $this_checkbox);
$this_checkbox = str_replace('%LEVEL%', MOD, $this_checkbox);
$this_checkbox = str_replace('%CHECKED%', $checked, $this_checkbox);
$this_checkbox = str_replace('%LANG%', $lang['Moderators'], $this_checkbox);
$s_checkboxes .= $this_checkbox;
}
$template->assign_block_vars('category.module', array(
'ROW_CLASS' => $row_class,
'ROW_COLOR' => '#' . $row_color,
'L_MODULE_NAME' => $mod_name,
'S_CHECKBOXES' => $s_checkboxes,
'U_DISABLE' => append_sid("admin_modcp.$phpEx?mode=disable&name=" . urlencode($field_name)),
'U_REMOVE' => append_sid("admin_modcp.$phpEx?mode=remove&name=" . urlencode($field_name))
)
);
}
else if (!isset($module[$category][$mod]))
{
$template->assign_block_vars('category.remove_module', array(
'ROW_CLASS' => $row_class,
'ROW_COLOR' => '#' . $row_color,
'L_MODULE_NAME' => $mod_name,
'L_MESSAGE' => $lang['Module_not_present'],
'U_REMOVE' => append_sid("admin_modcp.$phpEx?mode=remove&name=" . urlencode($field_name))
)
);
}
else
{
$template->assign_block_vars('category.remove_module', array(
'ROW_CLASS' => $row_class,
'ROW_COLOR' => '#' . $row_color,
'L_MODULE_NAME' => $mod_name,
'L_MESSAGE' => $lang['Module_not_configure'],
'U_REMOVE' => append_sid("admin_modcp.$phpEx?mode=remove&name=" . urlencode($field_name))
)
);
}
// Increase the module counter
$i++;
}
}
}
else
{
$template->assign_block_vars('nothing_installed', array(
'L_MESSAGE' => $lang['New_modules_no_install'])
);
}
// Now the modules that are not installed yet...
if (!empty($new_module))
{
// A switch for new stuff.
$template->assign_block_vars('new', array());
foreach($new_module as $category => $module_list)
{
ksort($module_list);
// Prepare the category name
$cat_name = (isset($lang[$category])) ? $lang[$category] : ucwords(str_replace('_', ' ', $category));
$template->assign_block_vars('new.category', array(
'L_CAT_NAME' => $cat_name)
);
$i = 0; // Reset for each category
foreach($module_list as $mod => $v)
{
// Prepare the module name
$mod_name = (isset($lang[$mod])) ? $lang[$mod] : ucwords(str_replace('_', ' ', $mod));
// Prepare the field name
$field_name = 'modcp_module_' . str_replace('_', '-', $category) . '_' . str_replace('_', '-', $mod);
$s_checkboxes = '';
// Is user class present? Test for MAIN_MOD
if (defined('MAIN_MOD'))
{
$n = 1;
// Main Moderators (needed for the User Class Mod only)
$this_checkbox = $checkbox_mask;
$this_checkbox = str_replace('%FIELD_NAME%', $field_name, $this_checkbox);
$this_checkbox = str_replace('%N%', $n++, $this_checkbox);
$this_checkbox = str_replace('%LEVEL%', MAIN_MOD, $this_checkbox);
$this_checkbox = str_replace('%CHECKED%', '', $this_checkbox);
$this_checkbox = str_replace('%LANG%', $lang['Main_Moderators'], $this_checkbox);
$s_checkboxes .= $this_checkbox;
// Moderators
$this_checkbox = $checkbox_mask;
$this_checkbox = str_replace('%FIELD_NAME%', $field_name, $this_checkbox);
$this_checkbox = str_replace('%N%', $n++, $this_checkbox);
$this_checkbox = str_replace('%LEVEL%', MOD, $this_checkbox);
$this_checkbox = str_replace('%CHECKED%', '', $this_checkbox);
$this_checkbox = str_replace('%LANG%', $lang['Moderators'], $this_checkbox);
$s_checkboxes .= $this_checkbox;
// Support Team (needed for the User Class Mod only)
$this_checkbox = $checkbox_mask;
$this_checkbox = str_replace('%FIELD_NAME%', $field_name, $this_checkbox);
$this_checkbox = str_replace('%N%', $n++, $this_checkbox);
$this_checkbox = str_replace('%LEVEL%', SUPPORT, $this_checkbox);
$this_checkbox = str_replace('%CHECKED%', '', $this_checkbox);
$this_checkbox = str_replace('%LANG%', $lang['Support'], $this_checkbox);
$s_checkboxes .= $this_checkbox;
// V.I.P.s (needed for the User Class Mod only)
$this_checkbox = $checkbox_mask;
$this_checkbox = str_replace('%FIELD_NAME%', $field_name, $this_checkbox);
$this_checkbox = str_replace('%N%', $n++, $this_checkbox);
$this_checkbox = str_replace('%LEVEL%', VIP, $this_checkbox);
$this_checkbox = str_replace('%CHECKED%', '', $this_checkbox);
$this_checkbox = str_replace('%LANG%', $lang['VIP'], $this_checkbox);
$s_checkboxes .= $this_checkbox;
// Bots (needed for the User Class Mod only)
$this_checkbox = $checkbox_mask;
$this_checkbox = str_replace('%FIELD_NAME%', $field_name, $this_checkbox);
$this_checkbox = str_replace('%N%', $n++, $this_checkbox);
$this_checkbox = str_replace('%LEVEL%', BOT, $this_checkbox);
$this_checkbox = str_replace('%CHECKED%', '', $this_checkbox);
$this_checkbox = str_replace('%LANG%', $lang['Bots'], $this_checkbox);
$s_checkboxes .= $this_checkbox;
}
else
{
// There's only one person who can use this, a moderator!
$this_checkbox = $checkbox_mask;
$this_checkbox = str_replace('%FIELD_NAME%', $field_name, $this_checkbox);
$this_checkbox = str_replace('%N%', $n++, $this_checkbox);
$this_checkbox = str_replace('%LEVEL%', MOD, $this_checkbox);
$this_checkbox = str_replace('%CHECKED%', '', $this_checkbox);
$this_checkbox = str_replace('%LANG%', $lang['Moderators'], $this_checkbox);
$s_checkboxes .= $this_checkbox;
}
//
// An extra checkbox saying "No Permissions"
//
$this_checkbox = $checkbox_mask;
$this_checkbox = str_replace('%FIELD_NAME%', $field_name, $this_checkbox);
$this_checkbox = str_replace('%N%', $n++, $this_checkbox);
$this_checkbox = str_replace('%LEVEL%', 0, $this_checkbox);
$this_checkbox = str_replace('%CHECKED%', '', $this_checkbox);
$this_checkbox = str_replace('%LANG%', $lang['No_one'], $this_checkbox);
$s_checkboxes .= $this_checkbox;
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$template->assign_block_vars('new.category.module', array(
'ROW_CLASS' => $row_class,
'ROW_COLOR' => '#' . $row_color,
'L_MODULE_NAME' => $mod_name,
'S_CHECKBOXES' => $s_checkboxes
)
);
// Increase the module counter
$i++;
}
}
}
// And lastly the files that cannot be installed...
if (!empty($module))
{
// A switch for new stuff.
$template->assign_block_vars('old', array());
foreach($module as $category => $module_list)
{
ksort($module_list);
// Prepare the category name
$cat_name = (isset($lang[$category])) ? $lang[$category] : ucwords(str_replace('_', ' ', $category));
$template->assign_block_vars('old.category', array(
'L_CAT_NAME' => $cat_name
)
);
$i = 0; // Reset for each category
foreach($module_list as $mod => $v)
{
// Prepare the module name
if (isset($lang[$mod]))
{
$mod_name = $lang[$mod];
}
else
{
$mod_name = ucwords(str_replace('_', ' ', $mod));
}
if ( !($i % 2) )
{
$row_color = $theme['td_color1'];
}
else
{
$row_color = $theme['td_color2'];
}
if ( !($i % 2) )
{
$row_class = $theme['td_class1'];
}
else
{
$row_class = $theme['td_class2'];
}
$template->assign_block_vars('old.category.module', array(
'ROW_CLASS' => $row_class,
'ROW_COLOR' => '#' . $row_color,
'L_MODULE_NAME' => $mod_name
)
);
// Increase the module counter
$i++;
}
}
}
$template->pparse('body');
include('./page_footer_admin.' . $phpEx);
?>
Code: Select all
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, [email protected] and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
milkman wrote:Hi Keith,
I've seen this error before but I cannot remember what we did to fix it. Perhaps you can have a read back through this topic a bit and try some of what other people have tried. Unfortunately the dreaded Internal Server Error is very hard to diagnose/fix.
Milkman
Code: Select all
'body' => 'admin/reports_body.tpl'
Code: Select all
'body' => 'modcp/reports_body.tpl'
Code: Select all
include('./page_footer_admin.' . $phpEx);
Code: Select all
include('./page_footer_mod.' . $phpEx);
Code: Select all
<?php
/***************************************************************************
* admin_shop.php
* -------------------
* Version : 3.0.2
* website : http://www.zarath.com
*
***************************************************************************/
/***************************************************************************
*
* copyright (C) 2002-2006 Zarath
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* http://www.gnu.org/copyleft/gpl.html
*
***************************************************************************/
define('IN_PHPBB', 1);
if( !empty($setmodules) )
{
$file = basename(__FILE__);
if (check_perms('General', 'Shop Settings'))
$modcp_module['General']['Shop Settings'] = $filename;
return;
}
//
// Let's set the root dir for phpBB
//
$phpbb_root_path = '../';
require($phpbb_root_path . 'extension.inc');
require($phpbb_root_path . 'modcp/pagestart.' . $phpEx);
// Enable/disable the Module
if (!check_perms('CAT', 'MOD'))
{
// End of Activation
$message = $lang['Module_disabled'] . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . $phpEx . '?pane=right') . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
if (!(@include($phpbb_root_path . 'language/lang_' . $userdata['user_lang'] . '/lang_shop.' . $phpEx))) { include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_shop.' . $phpEx); }
//
//check for userlevel
//
if( !$userdata['session_logged_in'] )
{
header('Location: ' . append_sid("login.$phpEx?redirect=admin_shop.$phpEx", true));
}
if( $userdata['user_level'] != ADMIN )
{
message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);
}
if ( isset($HTTP_GET_VARS['action']) || isset($HTTP_POST_VARS['action']) ) { $action = ( isset($HTTP_POST_VARS['action']) ) ? $HTTP_POST_VARS['action'] : $HTTP_GET_VARS['action']; }
else { $action = ''; }
//end check
//shop pages
//main page
if ( empty($action) )
{
$template->set_filenames(array(
'body' => 'modcp/shop_config_body.tpl')
);
// Generate Shop List!
$sql = "SELECT *
FROM " . SHOP_TABLE . "
ORDER BY `id`";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error retrieving shop list!');
}
$sql_count = $db->sql_numrows($result);
for ($i = 0; $i < $sql_count; $i++)
{
$row = $db->sql_fetchrow($result);
$template->assign_block_vars('shop_listrow', array(
'ID' => $row['id'],
'NAME' => $row['shopname'])
);
}
// Select Variables
$districts = ( $board_config['shop_districts'] == 'on' ) ? '' : 'SELECTED';
$m_buy_off = ( $board_config['multibuys'] == 'on' ) ? '' : 'SELECTED';
$shop_owners_off = ( $board_config['shop_owners'] == 'on' ) ? '' : 'SELECTED';
$restock_off = ( $board_config['restocks'] == 'on' ) ? '' : 'SELECTED';
$viewtopic_type = ( $board_config['viewtopic'] == 'images' ) ? '' : 'SELECTED';
$profile_type = ( $board_config['viewprofile'] == 'images' ) ? '' : 'SELECTED';
$inv_arrange = ( $board_config['viewinventory'] == 'grouped' ) ? '' : 'SELECTED';
$give = ( $board_config['shop_give'] == 'on' ) ? '' : 'SELECTED';
$trade = ( $board_config['shop_trade'] == 'on' ) ? '' : 'SELECTED';
$discard = ( $board_config['shop_discard'] == 'on' ) ? '' : 'SELECTED';
$order_2 = ( $board_config['shop_orderby'] == 'cost' ) ? 'SELECTED' : '';
$order_3 = ( $board_config['shop_orderby'] == 'id' ) ? 'SELECTED' : '';
$template->assign_vars(array(
'SELECT_DISTRICTS' => $districts,
'SELECT_M_BUY_OFF' => $m_buy_off,
'SELECT_SHOP_OWNERS_OFF' => $shop_owners_off,
'SELECT_RESTOCK_OFF' => $restock_off,
'SELECT_VIEWTOPIC' => $viewtopic_type,
'SELECT_PROFILE' => $profile_type,
'SELECT_INVENTORY' => $inv_arrange,
'SELECT_GIVE' => $give,
'SELECT_TRADE' => $trade,
'SELECT_DISCARD' => $discard,
'SELECT_ORDER_2' => $order_2,
'SELECT_ORDER_3' => $order_3,
'SHOP_SELL_RATE' => $board_config['sellrate'],
'SHOP_INV_LIMIT' => $board_config['shop_invlimit'],
'SHOP_VIEWTOPIC_LIM' => $board_config['viewtopiclimit'],
'POINTS_NAME' => $board_config['points_name'],
'S_CONFIG_ACTION' => append_sid('admin_shop.' . $phpEx),
'L_SHOPTITLE' => $lang['ashop_index_title'],
'L_SHOPEXPLAIN' => $lang['ashop_index_explain'],
'L_TABLE_TITLE' => $lang['ashop_index_table1'],
'L_TABLE_TITLE2' => $lang['ashop_index_table2'],
'L_TABLE_TITLE3' => $lang['ashop_index_table3'],
'L_SHOP_DISTRICTS' => $lang['ashop_shop_districts'],
'L_ON' => $lang['ashop_on'],
'L_OFF' => $lang['ashop_off'],
'L_MULTI_ITEMS' => $lang['ashop_multi_buys'],
'L_SHOP_ORDER' => $lang['ashop_shop_order'],
'L_SHOP_RESTOCKING' => $lang['ashop_restocking'],
'L_SHOP_SELL_RATE' => $lang['ashop_sellrate'],
'L_USER_INV_LIMIT' => $lang['ashop_inv_limit'],
'L_VIEWTOPIC_LIMIT' => $lang['ashop_display_limit'],
'L_VIEWTOPIC_TYPE' => $lang['ashop_vt_type'],
'L_POINTS_NAME' => $lang['ashop_points_name'],
'L_PROFILE_DISPLAY' => $lang['ashop_p_display'],
'L_INV_TYPE' => $lang['ashop_inv_type'],
'L_SHOP_OWNERS' => $lang['ashop_shop_owners'],
'L_GIVE' => $lang['ashop_ability_give'],
'L_TRADE' => $lang['ashop_ability_trade'],
'L_DISCARD' => $lang['ashop_ability_discard'],
'L_UPDATE' => $lang['ashop_update'],
'L_NAME' => $lang['ashop_name'],
'L_COST' => $lang['ashop_cost'],
'L_IMAGES' => $lang['ashop_images'],
'L_LINK' => $lang['ashop_link'],
'L_GROUPED' => $lang['ashop_grouped'],
'L_NORMAL' => $lang['ashop_normal'],
'L_EDIT_INV' => $lang['ashop_edit_inv'],
'L_FIND_USER' => $lang['ashop_find_user'],
'L_EDIT' => $lang['ashop_edit'],
'L_SHOP_NAME' => $lang['ashop_shop_name'],
'L_SHOP_TYPE' => $lang['ashop_shop_type'],
'L_RESTOCK_TIME' => $lang['ashop_restock_time'],
'L_RESTOCK_AMT' => $lang['ashop_restock_amt'],
'L_CREATE_SHOP' => $lang['ashop_create_shop']
));
}
elseif ( $action == 'createshop' )
{
// Register Variables!
if ( isset($HTTP_GET_VARS['shopname']) || isset($HTTP_POST_VARS['shopname']) ) { $shopname = ( isset($HTTP_POST_VARS['shopname']) ) ? $HTTP_POST_VARS['shopname'] : $HTTP_GET_VARS['shopname']; }
else { $shopname = ''; }
if ( isset($HTTP_GET_VARS['shoptype']) || isset($HTTP_POST_VARS['shoptype']) ) { $shoptype = ( isset($HTTP_POST_VARS['shoptype']) ) ? $HTTP_POST_VARS['shoptype'] : $HTTP_GET_VARS['shoptype']; }
else { $shoptype = ''; }
if ( isset($HTTP_GET_VARS['restockamount']) || isset($HTTP_POST_VARS['restockamount']) ) { $restockamount = ( isset($HTTP_POST_VARS['restockamount']) ) ? intval($HTTP_POST_VARS['restockamount']) : intval($HTTP_GET_VARS['restockamount']); }
else { $restockamount = '5'; }
if ( isset($HTTP_GET_VARS['restocktime']) || isset($HTTP_POST_VARS['restocktime']) ) { $restocktime = ( isset($HTTP_POST_VARS['restocktime']) ) ? intval($HTTP_POST_VARS['restocktime']) : intval($HTTP_GET_VARS['restocktime']); }
else { $restocktime = '86400'; }
if ( (strlen($shopname) < 4) || (strlen($shoptype) < 4) || (strlen($shopname) > 32) || (strlen($shoptype) > 32) )
{
message_die(GENERAL_MESSAGE, $lang['ashop_cs_field_missing']);
}
$sql = "SELECT *
FROM " . SHOP_TABLE . "
WHERE shopname = '$shopname'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error Checking Shop Name');
}
if ( $db->sql_numrows($result) )
{
message_die(GENERAL_MESSAGE, 'Shop Already Exists!');
}
$sql = "INSERT INTO " . SHOP_TABLE . "
(shopname, shoptype, restocktime, restockamount)
VALUES('$shopname', '$shoptype', '$restocktime', '$restockamount')";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error Adding Shop');
}
// Transaction Code!
$sql = "INSERT INTO " . TRANS_TABLE . "
(user_id, type, action, value, timestamp, ip)
values('{$userdata['user_id']}', 'shop_admin', 'create_shop', '" . addslashes($shopname) . "', '".time()."', '{$_SERVER['REMOTE_ADDR']}')";
if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }
$message = $lang['ashop_shop_created'] . '<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';
message_die(GENERAL_MESSAGE, $message);
}
elseif ( $action == 'updateshop' )
{
// Register Variables!
if ( isset($HTTP_GET_VARS['name']) || isset($HTTP_POST_VARS['name']) ) { $name = ( isset($HTTP_POST_VARS['name']) ) ? $HTTP_POST_VARS['name'] : $HTTP_GET_VARS['name']; }
else { $name = ''; }
if ( isset($HTTP_GET_VARS['shop_owner']) || isset($HTTP_POST_VARS['shop_owner']) ) { $shop_owner = ( isset($HTTP_POST_VARS['shop_owner']) ) ? $HTTP_POST_VARS['shop_owner'] : $HTTP_GET_VARS['shop_owner']; }
else { $shop_owner = ''; }
if ( isset($HTTP_GET_VARS['shoptype']) || isset($HTTP_POST_VARS['shoptype']) ) { $shoptype = ( isset($HTTP_POST_VARS['shoptype']) ) ? $HTTP_POST_VARS['shoptype'] : $HTTP_GET_VARS['shoptype']; }
else { $shoptype = ''; }
if ( isset($HTTP_GET_VARS['shop_dtype']) || isset($HTTP_POST_VARS['shop_dtype']) ) { $shop_dtype = ( isset($HTTP_POST_VARS['shop_dtype']) ) ? intval($HTTP_POST_VARS['shop_dtype']) : intval($HTTP_GET_VARS['shop_dtype']); }
else { $shop_dtype = ''; }
if ( isset($HTTP_GET_VARS['shop_district']) || isset($HTTP_POST_VARS['shop_district']) ) { $shop_district = ( isset($HTTP_POST_VARS['shop_district']) ) ? intval($HTTP_POST_VARS['shop_district']) : intval($HTTP_GET_VARS['shop_district']); }
else { $shop_district = ''; }
if ( isset($HTTP_GET_VARS['shopid']) || isset($HTTP_POST_VARS['shopid']) ) { $shopid = ( isset($HTTP_POST_VARS['shopid']) ) ? intval($HTTP_POST_VARS['shopid']) : intval($HTTP_GET_VARS['shopid']); }
else { $shopid = ''; }
if ( isset($HTTP_GET_VARS['restockamount']) || isset($HTTP_POST_VARS['restockamount']) ) { $restockamount = ( isset($HTTP_POST_VARS['restockamount']) ) ? intval($HTTP_POST_VARS['restockamount']) : intval($HTTP_GET_VARS['restockamount']); }
else { $restockamount = '5'; }
if ( isset($HTTP_GET_VARS['restocktime']) || isset($HTTP_POST_VARS['restocktime']) ) { $restocktime = ( isset($HTTP_POST_VARS['restocktime']) ) ? intval($HTTP_POST_VARS['restocktime']) : intval($HTTP_GET_VARS['restocktime']); }
else { $restocktime = '86400'; }
if ( isset($HTTP_GET_VARS['main_template']) || isset($HTTP_POST_VARS['main_template']) ) { $main_template = ( isset($HTTP_POST_VARS['main_template']) ) ? $HTTP_POST_VARS['main_template'] : $HTTP_GET_VARS['main_template']; }
else { $main_template = ''; }
if ( isset($HTTP_GET_VARS['item_template']) || isset($HTTP_POST_VARS['item_template']) ) { $item_template = ( isset($HTTP_POST_VARS['item_template']) ) ? $HTTP_POST_VARS['item_template'] : $HTTP_GET_VARS['item_template']; }
else { $item_template = ''; }
if ( (strlen($name) < 4) || (strlen($shoptype) < 4) || (strlen($name) > 32) || (strlen($shoptype) > 32) || (!is_numeric($shopid)) )
{
message_die(GENERAL_MESSAGE, "Error, shop name or shop type not filled in correctly!");
}
$sql = "SELECT *
FROM " . SHOP_TABLE . "
WHERE id = '$shopid'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error());
}
if ( !($db->sql_numrows($result)) )
{
message_die(GENERAL_MESSAGE, 'No such shop exists!');
}
else
{
$row = $db->sql_fetchrow($result);
}
$sql = "UPDATE " . SHOP_TABLE . "
SET shopname = '$name',
shop_owner = '$shop_owner',
shoptype = '$shoptype',
d_type = '$shop_dtype',
district = '$shop_district',
restocktime = '$restocktime',
restockamount = '$restockamount',
template = '$main_template',
item_template = '$item_template'
WHERE id = '$shopid'";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error Updating Shop: ' . $sql);
}
$sql = "UPDATE " . SHOP_ITEMS_TABLE . "
SET shop = '$name'
WHERE shop = '" . addslashes($row['shopname']) . "'";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error Updating Items');
}
// Transaction Code!
$sql = "INSERT INTO " . TRANS_TABLE . "
(user_id, type, action, value, timestamp, ip)
values('{$userdata['user_id']}', 'shop_admin', 'shop_update', '" . addslashes($row['shopname']) . "', '".time()."', '{$_SERVER['REMOTE_ADDR']}')";
if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }
$message = $row['shopname'].' successfully updated!<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx."?action=editshop&shopid=".$row['id']).'">Here</a> to return to '.$row['shopname'].' Configuration<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';
message_die(GENERAL_MESSAGE, $message);
}
//item pages
elseif ( $action == 'additem' || $action == 'updateitem' )
{
// Register Variables!
if ( isset($HTTP_GET_VARS['item']) || isset($HTTP_POST_VARS['item']) ) { $item = ( isset($HTTP_POST_VARS['item']) ) ? $HTTP_POST_VARS['item'] : $HTTP_GET_VARS['item']; }
else { $item = ''; }
if ( isset($HTTP_GET_VARS['shortdesc']) || isset($HTTP_POST_VARS['shortdesc']) ) { $shortdesc = ( isset($HTTP_POST_VARS['shortdesc']) ) ? $HTTP_POST_VARS['shortdesc'] : $HTTP_GET_VARS['shortdesc']; }
else { $shortdesc = ''; }
if ( isset($HTTP_GET_VARS['longdesc']) || isset($HTTP_POST_VARS['longdesc']) ) { $longdesc = ( isset($HTTP_POST_VARS['longdesc']) ) ? $HTTP_POST_VARS['longdesc'] : $HTTP_GET_VARS['longdesc']; }
else { $longdesc = ''; }
if ( isset($HTTP_GET_VARS['price']) || isset($HTTP_POST_VARS['price']) ) { $price = ( isset($HTTP_POST_VARS['price']) ) ? intval($HTTP_POST_VARS['price']) : intval($HTTP_GET_VARS['price']); }
else { $price = ''; }
if ( isset($HTTP_GET_VARS['stock']) || isset($HTTP_POST_VARS['stock']) ) { $stock = ( isset($HTTP_POST_VARS['stock']) ) ? intval($HTTP_POST_VARS['stock']) : intval($HTTP_GET_VARS['stock']); }
else { $stock = '0'; }
if ( isset($HTTP_GET_VARS['maxstock']) || isset($HTTP_POST_VARS['maxstock']) ) { $maxstock = ( isset($HTTP_POST_VARS['maxstock']) ) ? intval($HTTP_POST_VARS['maxstock']) : intval($HTTP_GET_VARS['maxstock']); }
else { $maxstock = '0'; }
if ( isset($HTTP_GET_VARS['shopid']) || isset($HTTP_POST_VARS['shopid']) ) { $shopid = ( isset($HTTP_POST_VARS['shopid']) ) ? intval($HTTP_POST_VARS['shopid']) : intval($HTTP_GET_VARS['shopid']); }
else { $shopid = ''; }
if ( $action == 'additem' )
{
if ( (strlen($item) > 32) || (strlen($item) < 2) || (strlen($shortdesc) < 3) || (strlen($shortdesc) > 80) || (strlen($longdesc) < 3) || (!is_numeric($price)) || (strlen($price) > 20) || (empty($shopid)) )
{
message_die(GENERAL_MESSAGE, 'Error, Item Fields not filled in correctly!');
}
$sql = "SELECT `shopname`
FROM " . SHOP_TABLE . "
WHERE id = '$shopid'";
if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, "Fatal Error: ".mysql_error()); }
$row = $db->sql_fetchrow($result);
$sql = "SELECT *
FROM " . SHOP_ITEMS_TABLE . "
WHERE name = '$item'";
if ( !($result = $db->sql_query($sql)) )
if ( $db->sql_numrows($result) )
{
message_die(GENERAL_MESSAGE, 'This item already exists!');
}
$sql = "INSERT INTO " . SHOP_ITEMS_TABLE . "
(name, shop, sdesc, ldesc, cost, stock, maxstock, sold)
VALUES('$item', '" . addslashes($row['shopname']). "', '$shortdesc', '$longdesc', '$price', '$stock', '$maxstock', '0')";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error());
}
// Transaction Code!
$sql = "INSERT INTO " . TRANS_TABLE . "
(user_id, type, action, value, timestamp, ip)
values('{$userdata['user_id']}', 'shop_admin', 'add_item', '" . addslashes($item) . "', '".time()."', '{$_SERVER['REMOTE_ADDR']}')";
if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }
$message = stripslashes($item).' successfully added!<br /><br /> Click <a href="'.append_sid('admin_shop.'.$phpEx.'?action=editshop&shopid=' . $shopid, true).'">Here</a> to return to '.$row['shopname'].' Configuration<br /><br /> Click <a href="'.append_sid('admin_shop.'.$phpEx, true).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid('index.'.$phpEx.'?pane=right', true).'">Here</a> to return to Admin Index.';
message_die(GENERAL_MESSAGE, $message);
}
elseif ( $action == 'updateitem' )
{
if ( isset($HTTP_GET_VARS['itemid']) || isset($HTTP_POST_VARS['itemid']) ) { $itemid = ( isset($HTTP_POST_VARS['itemid']) ) ? intval($HTTP_POST_VARS['itemid']) : intval($HTTP_GET_VARS['itemid']); }
else { $itemid = ''; }
if ( isset($HTTP_GET_VARS['sold']) || isset($HTTP_POST_VARS['sold']) ) { $sold = ( isset($HTTP_POST_VARS['sold']) ) ? intval($HTTP_POST_VARS['sold']) : intval($HTTP_GET_VARS['sold']); }
else { $sold = '0'; }
if ( isset($HTTP_GET_VARS['shop']) || isset($HTTP_POST_VARS['shop']) ) { $shop = ( isset($HTTP_POST_VARS['shop']) ) ? $HTTP_POST_VARS['shop'] : $HTTP_GET_VARS['shop']; }
else { $shop = ''; }
if ( isset($HTTP_GET_VARS['special_link']) || isset($HTTP_POST_VARS['special_link']) ) { $special_link = ( isset($HTTP_POST_VARS['special_link']) ) ? $HTTP_POST_VARS['special_link'] : $HTTP_GET_VARS['special_link']; }
else { $special_link = ''; }
if ( isset($HTTP_GET_VARS['synth']) || isset($HTTP_POST_VARS['synth']) ) { $synth = ( isset($HTTP_POST_VARS['synth']) ) ? $HTTP_POST_VARS['synth'] : $HTTP_GET_VARS['synth']; }
else { $synth = ''; }
$sql = "SELECT a.*, b.id as shop_id
FROM " . SHOP_ITEMS_TABLE . " a, " . SHOP_TABLE . " b
WHERE a.id = '$itemid'
AND b.shopname = a.shop";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error: ' . $sql);
}
if ( !($db->sql_numrows($result)) )
{
message_die(GENERAL_MESSAGE, 'No Such Item Exists!');
}
else
{
$row = $db->sql_fetchrow($result);
}
$price = ( empty($price) ) ? '0' : $price;
$stock = ( empty($stock) ) ? '0' : $stock;
$maxstock = ( empty($maxstock) ) ? '0' : $maxstock;
if ( ( !empty($shop) ) && ( $shop != $row['shop'] ) )
{
$sql = "SELECT *
FROM " . SHOP_TABLE . "
WHERE shopname = '$shop'";
if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error: ' . $sql); }
if ( !($db->sql_numrows($result)) ) { $msg .= 'No such shop exists!<br /><br />'; }
}
elseif ( empty($shop) ) { $msg .= 'Invalid shop name!<br /><br />'; }
if ( ( empty($shortdesc) ) || ( strlen($shortdesc) > 80) ) { $msg .= 'Short description is set incorrectly!<br /><br />'; }
if ( ( empty($longdesc) ) || ( strlen($longdesc) < 2 ) ) { $msg .= 'Description is too short!<br /><br />'; }
if ( empty($item) ) { $msg .= 'Invalid item name!'; }
if ( !empty($msg) ) { message_die(GENERAL_MESSAGE, $msg); }
# Update User Items - 3 part update, name, then sdesc, then ldesc!
$sql = "UPDATE " . USER_ITEMS_TABLE . "
SET item_name = '$item'
where item_id = '{$row['id']}'
AND item_name = '" . addslashes($row['name']) . "'";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error: ' . $sql);
}
$sql = "UPDATE " . USER_ITEMS_TABLE . "
SET item_s_desc = '$shortdesc'
where item_id = '{$row['id']}'
AND item_s_desc = '" . addslashes($row['sdesc']) . "'";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error: ' . $sql);
}
$sql = "UPDATE " . USER_ITEMS_TABLE . "
SET item_l_desc = '$longdesc'
where item_id = '{$row['id']}'
AND item_l_desc = '" . addslashes($row['ldesc']) . "'";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error: ' . $sql);
}
$sql = "UPDATE " . SHOP_ITEMS_TABLE . "
SET name = '$item',
shop = '$shop',
sdesc = '$shortdesc',
ldesc = '$longdesc',
synth = '$synth',
special_link = '$special_link',
cost = '$price',
stock = '$stock',
maxstock = '$maxstock',
sold = '$sold'
WHERE id = '$itemid'";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error: ' . $sql);
}
// Transaction Code!
$sql = "INSERT INTO " . TRANS_TABLE . "
(user_id, type, action, value, timestamp, ip)
VALUES('{$userdata['user_id']}', 'shop_admin', 'item_update', '" . addslashes($row['name']) . "', '".time()."', '{$_SERVER['REMOTE_ADDR']}')";
if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }
$message = $row['name'].' successfully updated!<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx."?action=editshop&shopid=".$row['shop_id']).'">Here</a> to return to '.stripslashes($shop).' Configuration<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';
message_die(GENERAL_MESSAGE, $message);
}
}
//delete pages
elseif ( $action == 'deleteshop' )
{
if ( isset($HTTP_GET_VARS['shopid']) || isset($HTTP_POST_VARS['shopid']) ) { $shopid = ( isset($HTTP_POST_VARS['shopid']) ) ? intval($HTTP_POST_VARS['shopid']) : intval($HTTP_GET_VARS['shopid']); }
else { $shopid = ''; }
$sql = "SELECT *
FROM " . SHOP_TABLE . "
WHERE id = '$shopid'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error');
}
if ( !($db->sql_numrows($result)) ) { message_die(GENERAL_MESSAGE, 'No such shop exists!'); }
else
{
$row = $db->sql_fetchrow($result);
}
$sql = "DELETE FROM " . SHOP_ITEMS_TABLE . "
WHERE shop = '" . addslashes($row['shopname']) . "'";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error Deleting Item Entry!');
}
$sql = "DELETE FROM " . SHOP_TABLE . "
WHERE id = '$shopid'";
if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error Deleting Shop Entry!'); }
// Transaction Code!
$sql = "INSERT INTO " . TRANS_TABLE . "
(user_id, type, action, value, timestamp, ip)
values('{$userdata['user_id']}', 'shop_admin', 'delete_shop', '" . addslashes($row['shopname']) . "', '".time()."', '{$_SERVER['REMOTE_ADDR']}')";
if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }
$message = $row['shopname'].' successfully Deleted!<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';
message_die(GENERAL_MESSAGE, $message);
}
elseif ( $action == 'deleteitem' )
{
if ( isset($HTTP_GET_VARS['itemid']) || isset($HTTP_POST_VARS['itemid']) ) { $itemid = ( isset($HTTP_POST_VARS['itemid']) ) ? intval($HTTP_POST_VARS['itemid']) : intval($HTTP_GET_VARS['itemid']); }
else { $itemid = ''; }
$sql = "SELECT a.*, b.id as shop_id
FROM " . SHOP_ITEMS_TABLE . " a, " . SHOP_TABLE . " b
WHERE a.id = '$itemid'
AND b.shopname = a.shop";
if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error()); }
if ( !($db->sql_numrows($result)) ) { message_die(GENERAL_MESSAGE, 'No such item exists!'); }
else
{
$row = mysql_fetch_array($result);
}
$sql = "DELETE FROM " . SHOP_ITEMS_TABLE . "
WHERE id = '$itemid'";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error Deleteing Item from Shop!');
}
// Transaction Code!
$sql = "INSERT
INTO " . TRANS_TABLE . "
(user_id, type, action, value, timestamp, ip)
values('{$userdata['user_id']}', 'shop_admin', 'delete_item', '" . addslashes($row['name']) . "', '".time()."', '{$_SERVER['REMOTE_ADDR']}')";
if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }
$message = $row['name'].' successfully Deleted!<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx."?action=editshop&shopid=".$row['shop_id']).'">Here</a> to return to '.$row['shop'].' Configuration<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';
message_die(GENERAL_MESSAGE, $message);
}
//change global settings
elseif ( $action == 'updateglobals' )
{
if ( isset($HTTP_GET_VARS['shopdistricts']) || isset($HTTP_POST_VARS['shopdistricts']) ) { $shopdistricts = ( isset($HTTP_POST_VARS['shopdistricts']) ) ? $HTTP_POST_VARS['shopdistricts'] : $HTTP_GET_VARS['shopdistricts']; }
else { $shopdistricts = ''; }
if ( isset($HTTP_GET_VARS['multiitems']) || isset($HTTP_POST_VARS['multiitems']) ) { $multiitems = ( isset($HTTP_POST_VARS['multiitems']) ) ? $HTTP_POST_VARS['multiitems'] : $HTTP_GET_VARS['multiitems']; }
else { $multiitems = ''; }
if ( isset($HTTP_GET_VARS['shoprestock']) || isset($HTTP_POST_VARS['shoprestock']) ) { $shoprestock = ( isset($HTTP_POST_VARS['shoprestock']) ) ? $HTTP_POST_VARS['shoprestock'] : $HTTP_GET_VARS['shoprestock']; }
else { $shoprestock = ''; }
if ( isset($HTTP_GET_VARS['shoptrade']) || isset($HTTP_POST_VARS['shoptrade']) ) { $shoptrade = ( isset($HTTP_POST_VARS['shoptrade']) ) ? $HTTP_POST_VARS['shoptrade'] : $HTTP_GET_VARS['shoptrade']; }
else { $shoptrade = ''; }
if ( isset($HTTP_GET_VARS['shopgive']) || isset($HTTP_POST_VARS['shopgive']) ) { $shopgive = ( isset($HTTP_POST_VARS['shopgive']) ) ? $HTTP_POST_VARS['shopgive'] : $HTTP_GET_VARS['shopgive']; }
else { $shopgive = ''; }
if ( isset($HTTP_GET_VARS['shopdiscard']) || isset($HTTP_POST_VARS['shopdiscard']) ) { $shopdiscard = ( isset($HTTP_POST_VARS['shopdiscard']) ) ? $HTTP_POST_VARS['shopdiscard'] : $HTTP_GET_VARS['shopdiscard']; }
else { $shopdiscard = ''; }
if ( isset($HTTP_GET_VARS['orderby']) || isset($HTTP_POST_VARS['orderby']) ) { $orderby = ( isset($HTTP_POST_VARS['orderby']) ) ? $HTTP_POST_VARS['orderby'] : $HTTP_GET_VARS['orderby']; }
else { $orderby = ''; }
if ( isset($HTTP_GET_VARS['viewtopic']) || isset($HTTP_POST_VARS['viewtopic']) ) { $viewtopic = ( isset($HTTP_POST_VARS['viewtopic']) ) ? $HTTP_POST_VARS['viewtopic'] : $HTTP_GET_VARS['viewtopic']; }
else { $viewtopic = ''; }
if ( isset($HTTP_GET_VARS['profiledisplay']) || isset($HTTP_POST_VARS['profiledisplay']) ) { $profiledisplay = ( isset($HTTP_POST_VARS['profiledisplay']) ) ? $HTTP_POST_VARS['profiledisplay'] : $HTTP_GET_VARS['profiledisplay']; }
else { $profiledisplay = ''; }
if ( isset($HTTP_GET_VARS['inventorytype']) || isset($HTTP_POST_VARS['inventorytype']) ) { $inventorytype = ( isset($HTTP_POST_VARS['inventorytype']) ) ? $HTTP_POST_VARS['inventorytype'] : $HTTP_GET_VARS['inventorytype']; }
else { $inventorytype = ''; }
if ( isset($HTTP_GET_VARS['topicdisplaynum']) || isset($HTTP_POST_VARS['topicdisplaynum']) ) { $topicdisplaynum = ( isset($HTTP_POST_VARS['topicdisplaynum']) ) ? intval($HTTP_POST_VARS['topicdisplaynum']) : intval($HTTP_GET_VARS['topicdisplaynum']); }
else { $topicdisplaynum = ''; }
if ( isset($HTTP_GET_VARS['invlimit']) || isset($HTTP_POST_VARS['invlimit']) ) { $invlimit = ( isset($HTTP_POST_VARS['invlimit']) ) ? intval($HTTP_POST_VARS['invlimit']) : intval($HTTP_GET_VARS['invlimit']); }
else { $invlimit = '0'; }
if ( isset($HTTP_GET_VARS['sellrate']) || isset($HTTP_POST_VARS['sellrate']) ) { $sellrate = ( isset($HTTP_POST_VARS['sellrate']) ) ? intval($HTTP_POST_VARS['sellrate']) : intval($HTTP_GET_VARS['sellrate']); }
else { $sellrate = ''; }
if ( isset($HTTP_GET_VARS['shopowners']) || isset($HTTP_POST_VARS['shopowners']) ) { $shopowners = ( isset($HTTP_POST_VARS['shopowners']) ) ? $HTTP_POST_VARS['shopowners'] : $HTTP_GET_VARS['shopowners']; }
else { $shopowners = ''; }
if ( isset($HTTP_GET_VARS['pointsname']) || isset($HTTP_POST_VARS['pointsname']) ) { $pointsname = ( isset($HTTP_POST_VARS['pointsname']) ) ? $HTTP_POST_VARS['pointsname'] : $HTTP_GET_VARS['pointsname']; }
else { $pointsname = ''; }
$shopdistricts = ( ($shopdistricts != 'on') && ($shopdistricts != 'off')) ? $board_config['shop_districts'] : $shopdistricts;
$multiitems = ( ($multiitems != 'on') && ($multiitems != 'off') ) ? $board_config['multibuys'] : $multiitems;
$shoprestock = ( ($shoprestock != 'on') && ($shoprestock != 'off') ) ? $board_config['restocks'] : $shoprestock;
$shoptrade = ( ($shoptrade != 'on') && ($shoptrade != 'off') ) ? $board_config['shop_trade'] : $shoptrade;
$shopgive = ( ($shopgive != 'on') && ($shopgive != 'off')) ? $board_config['shop_give'] : $shopgive;
$shopdiscard = ( ($shopdiscard != 'on') && ($shopdiscard != 'off')) ? $board_config['shop_discard'] : $shopdiscard;
$orderby = ( ($orderby != 'name') && ($orderby != 'cost') && ($orderby != 'id') ) ? $board_config['shop_orderby'] : $orderby;
$viewtopic = ( ($viewtopic != 'images') && ($viewtopic != 'link') ) ? $board_config['viewtopic'] : $viewtopic;
$profiledisplay = ( ($profiledisplay != 'images') && ($profiledisplay != 'link') && ($profiledisplay != 'none') ) ? $board_config['viewprofile'] : $profiledisplay;
$inventorytype = ( ($inventorytype != 'grouped') && ($inventorytype != 'normal') ) ? $board_config['viewinventory'] : $inventorytype;
$topicdisplaynum = ( ($topicdisplaynum < 0) || (empty($topicdisplaynum)) ) ? $board_config['viewtopiclimit'] : $topicdisplaynum;
$invlimit = ( ($invlimit < 0) ) ? $board_config['shop_invlimit'] : $invlimit;
$sellrate = ( (empty($sellrate)) || ($sellrate < 0) || ($sellrate > 100) ) ? $board_config['sellrate'] : $sellrate;
$shopowners = ( ($shopowners != 'on') && ($shopowners != 'off')) ? $board_config['shop_owners'] : $shopowners;
if ( ($shoprestock == "on") && ($board_config['restocks'] == 'off') )
{
$sql = "UPDATE " . SHOP_TABLE . "
SET restockedtime = '" . time() . "'";
if ( !($db->sql_query($sql)) ) { message_die(CRITICAL_ERROR, 'Critical Error: '.mysql_error()); }
}
elseif ( ($shoprestock == "off") && ($board_config['restocks'] == 'on') )
{
$sql = "UPDATE " . SHOP_TABLE . "
set restockedtime = '0'";
if ( !($db->sql_query($sql)) ) { message_die(CRITICAL_ERROR, 'Critical Error: '.mysql_error()); }
}
$getarray = array();
$getarray[] = "shop_districts";
$getarray[] = "multibuys";
$getarray[] = "restocks";
$getarray[] = "sellrate";
$getarray[] = "viewtopic";
$getarray[] = "viewprofile";
$getarray[] = "viewinventory";
$getarray[] = "viewtopiclimit";
$getarray[] = "shop_orderby";
$getarray[] = "shop_give";
$getarray[] = "shop_trade";
$getarray[] = "shop_discard";
$getarray[] = "shop_invlimit";
$getarray[] = "points_name";
$getarray[] = "shop_owners";
$getarray2 = array();
$getarray2[] = $shopdistricts;
$getarray2[] = $multiitems;
$getarray2[] = $shoprestock;
$getarray2[] = $sellrate;
$getarray2[] = $viewtopic;
$getarray2[] = $profiledisplay;
$getarray2[] = $inventorytype;
$getarray2[] = $topicdisplaynum;
$getarray2[] = $orderby;
$getarray2[] = $shopgive;
$getarray2[] = $shoptrade;
$getarray2[] = $shopdiscard;
$getarray2[] = $invlimit;
$getarray2[] = $pointsname;
$getarray2[] = $shopowners;
$getarraynum = count($getarray);
$globals = array();
for($i = 0; $i < $getarraynum; $i++)
{
if ( $board_config[$getarray[$i]] != $getarray2[$i] )
{
$gsql = "UPDATE " . CONFIG_TABLE . "
SET config_value='$getarray2[$i]'
WHERE config_name='$getarray[$i]'";
if ( !($result = $db->sql_query($gsql)) ) { message_die(CRITICAL_ERROR, 'ERROR: Getting Global Variables!'); }
}
}
// Transaction Code!
$sql = "INSERT
INTO " . TRANS_TABLE . "
(user_id, type, action, value, timestamp, ip)
values('{$userdata['user_id']}', 'shop_admin', 'global_update', '" . addslashes($userdata['username']) . "', '".time()."', '{$_SERVER['REMOTE_ADDR']}')";
if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }
$message = 'Global information successfully updated!<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';
message_die(GENERAL_MESSAGE, $message);
}
//edit shop
elseif ( $action == 'editshop' )
{
if ( isset($HTTP_GET_VARS['shopid']) || isset($HTTP_POST_VARS['shopid']) ) { $shopid = ( isset($HTTP_POST_VARS['shopid']) ) ? intval($HTTP_POST_VARS['shopid']) : intval($HTTP_GET_VARS['shopid']); }
else { $shopid = ''; }
$template->set_filenames(array(
'body' => 'modcp/shop_edit_shop.tpl')
);
//check shopname
$sql = "SELECT *
FROM " . SHOP_TABLE . "
WHERE id = '$shopid'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error());
}
if ( !($db->sql_numrows($result)) )
{
message_die(GENERAL_MESSAGE, "That shop doesn't exist.");
}
else
{
$row = $db->sql_fetchrow($result);
}
//get shop items
$sql = "SELECT *
FROM " . SHOP_ITEMS_TABLE . "
WHERE shop = '" . addslashes($row['shopname']) . "'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error());
}
$sql_count = $db->sql_numrows($result);
for ($i = 0; $i < $sql_count; $i++)
{
$irow = $db->sql_fetchrow($result);
$template->assign_block_vars('list_shop_items', array(
'ID' => $irow['id'],
'NAME' => $irow['name'])
);
}
if ( !($sql_count) )
{
$template->assign_block_vars('switch_no_items', array());
}
else
{
$template->assign_block_vars('switch_has_items', array());
}
//
//begin template variable creation
//
//finish template varibable
$template->assign_vars(array(
'SHOP_ID' => $row['id'],
'SHOP_NAME' => $row['shopname'],
'SHOP_OWNER' => $row['shop_owner'],
'SHOP_TYPE' => $row['shoptype'],
'SHOP_DTYPE' => $row['d_type'],
'SHOP_DISTRICT' => $row['district'],
'RESTOCK_TIME' => $row['restocktime'],
'RESTOCK_AMOUNT' => $row['restockamount'],
'SHOP_MAIN_TEMPLATE' => $row['template'],
'SHOP_ITEM_TEMPLATE' => $row['item_template'],
'S_CONFIG_ACTION' => append_sid('admin_shop.' . $phpEx),
'L_TABLE_TITLE' => $lang['ashop_cs_create'],
'L_TABLE_TITLE2' => $lang['ashop_cs_table'],
'L_SHOP_NAME' => $lang['ashop_cs_s_name'],
'L_SHOP_OWNER' => $lang['ashop_cs_s_owner'],
'L_SHOP_TYPE' => $lang['ashop_cs_s_type'],
'L_DISTRICT_TYPE' => $lang['ashop_cs_d_type'],
'L_DISTRICT_NUM' => $lang['ashop_cs_d_num'],
'L_RESTOCK_TIME' => $lang['ashop_cs_res_time'],
'L_RESTOCK_AMT' => $lang['ashop_cs_res_amt'],
'L_MAIN_TEMPLATE' => $lang['ashop_cs_m_tpl'],
'L_ITEM_TEMPLATE' => $lang['ashop_cs_i_tpl'],
'L_UPDATE_SHOP' => $lang['ashop_cs_update'],
'L_DELETE_SHOP' => $lang['ashop_cs_delete'],
'L_NO_ITEMS' => $lang['ashop_cs_no_items'],
'L_EDIT_ITEM' => $lang['ashop_cs_edit'],
'L_ITEM_NAME' => $lang['ashop_cs_name'],
'L_SHORT_DESC' => $lang['ashop_cs_s_desc'],
'L_LONG_DESC' => $lang['ashop_cs_l_desc'],
'L_PRICE' => $lang['ashop_cs_price'],
'L_STOCK' => $lang['ashop_cs_stock'],
'L_MAX_STOCK' => $lang['ashop_cs_maxstock'],
'L_ADD_ITEM' => $lang['ashop_cs_add'],
'L_SHOPTITLE' => $lang['ashop_cs_table2'],
'L_SHOPEXPLAIN' => $lang['ashop_cs_explain']
));
}
//edit item
elseif ( $action == 'edititem' )
{
if ( isset($HTTP_GET_VARS['itemid']) || isset($HTTP_POST_VARS['itemid']) ) { $itemid = ( isset($HTTP_POST_VARS['itemid']) ) ? intval($HTTP_POST_VARS['itemid']) : intval($HTTP_GET_VARS['itemid']); }
else { $itemid = ''; }
$template->set_filenames(array(
'body' => 'modcp/shop_edit_item.tpl')
);
//check itemname
$sql = "sELECT *
FROM " . SHOP_ITEMS_TABLE . "
WHERE id = '$itemid'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error());
}
if ( !($db->sql_numrows($result)) )
{
message_die(GENERAL_MESSAGE, "No such item exists.");
}
else
{
$row = $db->sql_fetchrow($result);
}
if ( $row['shop'] == 'Synthesize Shop' )
{
$template->assign_block_vars('synth_shop', array(
'SYNTH_INFO' => $row['synth'])
);
}
$sql = "SELECT a.*, b.username
FROM " . USER_ITEMS_TABLE . " as a, " . USERS_TABLE . " as b
WHERE item_id = '$itemid'
AND a.user_id = b.user_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error());
}
$sql_count = $db->sql_numrows($result);
for ( $i = 0; $i < $sql_count; $i++)
{
$irow = $db->sql_fetchrow($result);
$template->assign_block_vars('list_users', array(
'USER_ID' => $irow['user_id'],
'USERNAME' => $irow['username'])
);
}
if ( $sql_count )
{
$template->assign_block_vars('user_owned', array());
}
//finish template varibable
//
//parse template variables
$template->assign_vars(array(
'ITEM_ID' => $row['id'],
'ITEM_NAME' => $row['name'],
'ITEM_SHOP' => $row['shop'],
'ITEM_SDESC' => $row['sdesc'],
'ITEM_LDESC' => $row['ldesc'],
'ITEM_COST' => $row['cost'],
'ITEM_STOCK' => $row['stock'],
'ITEM_MAX_STOCK' => $row['maxstock'],
'ITEM_SOLD' => $row['sold'],
'ITEM_FORUM' => $row['accessforum'],
'ITEM_SPECIAL_LINK' => $row['special_link'],
'S_CONFIG_ACTION' => append_sid('admin_shop.' . $phpEx),
'L_SHOPTABLETITLE' => $lang['ashop_modify'] . ' ' . $row['name'],
'L_ITEM_NAME' => $lang['ashop_cs_name'],
'L_SHOP_NAME' => $lang['ashop_cs_sname'],
'L_SHORT_DESC' => $lang['ashop_cs_s_desc'],
'L_LONG_DESC' => $lang['ashop_cs_l_desc'],
'L_PRICE' => $lang['ashop_cs_price'],
'L_STOCK' => $lang['ashop_cs_stock'],
'L_MAX_STOCK' => $lang['ashop_cs_maxstock'],
'L_SOLD' => $lang['ashop_cs_sold'],
'L_ACCESS_ID' => $lang['ashop_cs_forumid'],
'L_SPECIAL_LINK' => $lang['ashop_cs_slink'],
'L_UPDATE_ITEM' => $lang['ashop_cs_uitem'],
'L_DELETE_ITEM' => $lang['ashop_cs_ditem'],
'L_OWNED_BY' => $lang['ashop_cs_ownedby'],
'L_EDIT_INV' => $lang['ashop_cs_editinv'],
'L_SHOPTITLE' => $lang['ashop_cs_shopeditor'],
'L_SHOPEXPLAIN' => $lang['ashop_cs_explain2']
));
}
//edit users inventories
elseif ( $action == 'editinventory' )
{
if ( isset($HTTP_GET_VARS['username']) || isset($HTTP_POST_VARS['username']) ) { $username = ( isset($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : $HTTP_GET_VARS['username']; }
else { $username = ''; }
$template->set_filenames(array(
'body' => 'modcp/shop_edit_user.tpl')
);
//check username & get useritems
$user_row = get_userdata(stripslashes($username));
if ( strlen($user_row['username']) < 3 ) { message_die(GENERAL_MESSAGE, 'No Such User Exists!'); }
$sql = "SELECT *
FROM " . USER_ITEMS_TABLE . "
WHERE user_id = " . $user_row['user_id'];
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Error getting user items!');
}
$sql_count = $db->sql_numrows($result);
for ($i = 0; $i < $sql_count; $i++)
{
$row = $db->sql_fetchrow($result);
$template->assign_block_vars('list_user_items', array(
'ID' => $row['id'],
'ITEM_NAME' => $row['item_name'])
);
}
if ( !($sql_count) )
{
$template->assign_block_vars('list_user_items', array(
'ID' => 0,
'ITEM_NAME' => 'Nothing')
);
}
//get all items
$sql = "SELECT `id`, `name`
FROM " . SHOP_ITEMS_TABLE . "
ORDER BY `name`";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error Getting All Items!');
}
$sql_count = $db->sql_numrows($result);
for ($i = 0; $i < $sql_count; $i++)
{
$row = $db->sql_fetchrow($result);
$template->assign_block_vars('list_shop_items', array(
'ID' => $row['id'],
'ITEM_NAME' => $row['name'])
);
}
//parse template variables
$template->assign_vars(array(
'USER_ID' => $user_row['user_id'],
'S_CONFIG_ACTION' => append_sid('admin_shop.' . $phpEx),
'L_DELETE_ITEM' => $lang['ashop_i_delete'],
'L_ADD_ITEM' => $lang['ashop_i_add'],
'L_CLEAR_ITEMS' => $lang['ashop_i_clear'],
'L_DELETE_INV' => $lang['ashop_i_deleteinv'],
'L_CUSTOM_ITEM' => $lang['ashop_i_custom'],
'L_ITEM_NAME' => $lang['ashop_i_name'],
'L_ITEM_ID' => $lang['ashop_i_id'],
'L_SHORT_DESC' => $lang['ashop_i_s_desc'],
'L_LONG_DESC' => $lang['ashop_i_l_desc'],
'L_SHOPTABLETITLE' => sprintf($lang['ashop_i_modify'], $row['username']),
'L_SHOPTITLE' => $lang['ashop_i_editor'],
'L_SHOPEXPLAIN' => $lang['ashop_i_explain']
));
}
//update users inventories
elseif ( $action == 'updateinv' )
{
if ( isset($HTTP_GET_VARS['username']) || isset($HTTP_POST_VARS['username']) ) { $username = ( isset($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : $HTTP_GET_VARS['username']; }
else { $username = ''; }
if ( isset($HTTP_GET_VARS['subaction']) || isset($HTTP_POST_VARS['subaction']) ) { $subaction = ( isset($HTTP_POST_VARS['subaction']) ) ? $HTTP_POST_VARS['subaction'] : $HTTP_GET_VARS['subaction']; }
else { $subaction = ''; }
if ( isset($HTTP_GET_VARS['itemname']) || isset($HTTP_POST_VARS['itemname']) ) { $itemname = ( isset($HTTP_POST_VARS['itemname']) ) ? intval($HTTP_POST_VARS['itemname']) : intval($HTTP_GET_VARS['itemname']); }
else { $itemname = ''; }
//check username
$user_row = get_userdata(stripslashes($username));
if ( empty($user_row['username']) ) { message_die(GENERAL_MESSAGE, 'No such user exists!'); }
if ( $subaction == 'delete' )
{
#
# Make sure user has item!
#
$sql = "SELECT *
FROM " . USER_ITEMS_TABLE . "
WHERE id = '$itemname'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Invalid SQL Query!');
}
if ( !($db->sql_numrows($result)) ) { message_die(GENERAL_MESSAGE, 'User does not have this item!'); }
else { $row = $db->sql_fetchrow($result); }
$sql = "DELETE FROM " . USER_ITEMS_TABLE . "
WHERE id = '$itemname'
AND user_id = '{$user_row['user_id']}'";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error());
}
$message = stripslashes($row['item_name']).' removed from ' . $user_row['username'] . '\'s inventory successfully!<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx."?username=" . $user_row['user_id'] . "&action=editinventory").'">Here</a> to return to Edit ' . $user_row['username'] . '\'s Inventory<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';
// Transaction Code!
$sql = "INSERT
INTO " . TRANS_TABLE . "
(user_id, target_id, target_name, type, action, value, timestamp, ip)
values('{$userdata['user_id']}', '{$user_row['user_id']}', '" . addslashes($username) . "', 'shop_admin', 'del_item', '" . addslashes($row['item_name']) . "', '" . time() . "', '{$_SERVER['REMOTE_ADDR']}')";
if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }
message_die(GENERAL_MESSAGE, $message);
}
elseif ( $subaction == 'add' )
{
$sql = "SELECT *
FROM " . SHOP_ITEMS_TABLE . "
WHERE id = '$itemname'";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error());
}
if ( !($db->sql_numrows($result)) ) { message_die(GENERAL_MESSAGE, 'No such item exists!'); }
else { $row = $db->sql_fetchrow($result); }
$sql = "INSERT INTO " . USER_ITEMS_TABLE . "
(user_id, item_id, item_name, item_s_desc, item_l_desc)
VALUES('{$user_row['user_id']}', '{$row['id']}', '" . addslashes($row['name']) . "', '" . addslashes($row['sdesc']) . "', '" . addslashes($row['ldesc']) . "')";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error());
}
// Transaction Code!
$sql = "INSERT
INTO " . TRANS_TABLE . "
(user_id, target_id, target_name, type, action, value, timestamp, ip)
values('{$userdata['user_id']}', '{$user_row['user_id']}', '" . addslashes($user_row['username']) . "', 'shop_admin', 'add_item', '" . addslashes($row['itemname']) . "', '" . time() . "', '{$_SERVER['REMOTE_ADDR']}')";
if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }
$message = $row['name'] . ' added to ' . $user_row['username'] . '\'s inventory successfully!<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx."?username=" . $user_row['user_id'] . "&action=editinventory").'">Here</a> to return to Edit ' . $user_row['username'] . '\'s Inventory<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';
message_die(GENERAL_MESSAGE, $message);
}
elseif ( $subaction == 'unique_item' )
{
if ( isset($HTTP_GET_VARS['item_name']) || isset($HTTP_POST_VARS['item_name']) ) { $item_name = ( isset($HTTP_POST_VARS['item_name']) ) ? $HTTP_POST_VARS['item_name'] : $HTTP_GET_VARS['item_name']; }
else { $item_name = ''; }
if ( isset($HTTP_GET_VARS['item_id']) || isset($HTTP_POST_VARS['item_id']) ) { $item_id = ( isset($HTTP_POST_VARS['item_id']) ) ? intval($HTTP_POST_VARS['item_id']) : intval($HTTP_GET_VARS['item_id']); }
else { $item_id = '-1'; }
if ( isset($HTTP_GET_VARS['item_sdesc']) || isset($HTTP_POST_VARS['item_sdesc']) ) { $item_sdesc = ( isset($HTTP_POST_VARS['item_sdesc']) ) ? $HTTP_POST_VARS['item_sdesc'] : $HTTP_GET_VARS['item_sdesc']; }
else { $item_sdesc = ''; }
if ( isset($HTTP_GET_VARS['item_ldesc']) || isset($HTTP_POST_VARS['item_ldesc']) ) { $item_ldesc = ( isset($HTTP_POST_VARS['item_ldesc']) ) ? $HTTP_POST_VARS['item_ldesc'] : $HTTP_GET_VARS['item_ldesc']; }
else { $item_ldesc = ''; }
if ( empty($item_name) ) { $error .= 'You must set an item name!<br /><br />'; }
if ( empty($item_sdesc) ) { $error .= 'You must set a short description!<br /><br />'; }
if ( empty($item_ldesc) ) { $error .= 'You must set a long description!<br /><br />'; }
$sql = "INSERT INTO " . USER_ITEMS_TABLE . "
(user_id, item_id, item_name, item_s_desc, item_l_desc)
VALUES('{$user_row['user_id']}', '$item_id', '$item_name', '$item_sdesc', '$item_ldesc')";
if ( !($db->sql_query($sql)) )
{
message_die(GENERAL_MESSAGE, 'Fatal Error: ' . $sql);
}
// Transaction Code!
$sql = "INSERT
INTO " . TRANS_TABLE . "
(user_id, target_id, target_name, type, action, value, timestamp, ip)
values('{$userdata['user_id']}', '{$user_row['user_id']}', '" . addslashes($user_row['username']) . "', 'shop_admin', 'unique_item', '" . addslashes($item_name) . "', '" . time() . "', '{$_SERVER['REMOTE_ADDR']}')";
if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }
$message = $item_name . ' added to ' . $user_row['username'] . '\'s inventory successfully!<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx."?username=" . $user_row['user_id'] . "&action=editinventory").'">Here</a> to return to Edit ' . $user_row['username'] . '\'s Inventory<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';
message_die(GENERAL_MESSAGE, $message);
}
elseif ( $subaction == 'clear' )
{
$sql = "DELETE FROM " . USER_ITEMS_TABLE . "
WHERE user_id = '{$user_row['user_id']}'";
if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error()); }
$message = $user_row['username'] . '\'s inventory successfully Deleted!<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx."?username=" . $user_row['user_id'] . "&action=editinventory").'">Here</a> to return to Edit ' . $user_row['username'] . '\'s Inventory<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';
// Transaction Code!
$sql = "INSERT
INTO " . TRANS_TABLE . "
(user_id, target_id, target_name, type, action, value, timestamp, ip)
values('{$userdata['user_id']}', '{$row['user_id']}', '" . addslashes($username) . "', 'shop_admin', 'clear_item', 'cleared!', '" . time() . "', '{$_SERVER['REMOTE_ADDR']}')";
if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }
message_die(GENERAL_MESSAGE, $message);
}
}
else { message_die(GENERAL_MESSAGE, 'Invalid Action'); }
//
// Generate the page
//
$template->pparse('body');
include($phpbb_root_path . 'modcp/page_footer_mod.' . $phpEx);
?>
Code: Select all
if( $userdata['user_level'] != ADMIN )
Code: Select all
if( $userdata['user_level'] != ADMIN && $userdata['user_level'] != MOD )