[2.0.10] Moderator CP

The cleanup is complete. This forum is now read only.

Rating:

Excellent!
95
65%
Very Good
27
18%
Good
13
9%
Fair
3
2%
Poor
9
6%
 
Total votes: 147

jesj
Registered User
Posts: 5
Joined: Thu Apr 10, 2008 7:47 am

Re: [2.0.10] Moderator CP

Post by jesj » Mon Apr 21, 2008 10:30 pm

here is the admin_shop.php everything was edited right. I'm sure

everthing was edited by the install new mod.txt

Now when a mod enters the ModCP the left side frame is blank. I like checked 10x to make sure everything is correct, the files in the right directory the changing of admin to modcp and now i have this white screen as the left side frame

Code: Select all

<?php

/***************************************************************************

 *                             admin_shop.php

 *                            -------------------

 *   Version              : 3.0.2

 *   website              : http://www.zarath.com

 *

 ***************************************************************************/



/***************************************************************************

 *

 *   copyright (C) 2002-2006  Zarath

 *

 *   This program is free software; you can redistribute it and/or

 *   modify it under the terms of the GNU General Public License

 *   as published by the Free Software Foundation; either version 2

 *   of the License, or (at your option) any later version.

 *

 *   This program is distributed in the hope that it will be useful,

 *   but WITHOUT ANY WARRANTY; without even the implied warranty of

 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 *   GNU General Public License for more details.

 *

 *   http://www.gnu.org/copyleft/gpl.html

 *

 ***************************************************************************/



define('IN_PHPBB', 1);



if(	!empty($setmodules) )

{

	$file = basename(__FILE__);

	if (check_perms('General', 'Shop Settings'))
		$modcp_module['General']['Shop Settings'] = $filename;
	return;

}



//

// Let's set the root dir for phpBB

//

$phpbb_root_path = '../';

require($phpbb_root_path . 'extension.inc');

require($phpbb_root_path . 'modcp/pagestart.' . $phpEx);
// Enable/disable the Module
if (!check_perms('CAT', 'MOD'))
{
	// End of Activation
	$message = $lang['Module_disabled'] . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . $phpEx . '?pane=right') . '">', '</a>');
	message_die(GENERAL_MESSAGE, $message);
}


if (!(@include($phpbb_root_path . 'language/lang_' . $userdata['user_lang'] . '/lang_shop.' . $phpEx))) { include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_shop.' . $phpEx); }


//

//check for userlevel

//

if( !$userdata['session_logged_in'] )

{

	header('Location: ' . append_sid("login.$phpEx?redirect=admin_shop.$phpEx", true));

}



if( $userdata['user_level'] != ADMIN )

{

	message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);

}
if ( isset($HTTP_GET_VARS['action']) || isset($HTTP_POST_VARS['action']) ) { $action = ( isset($HTTP_POST_VARS['action']) ) ? $HTTP_POST_VARS['action'] : $HTTP_GET_VARS['action']; }
else { $action = ''; }

//end check



//shop pages

//main page

if ( empty($action) )

{

	$template->set_filenames(array(

		'body' => 'modcp/shop_config_body.tpl')

	);


	// Generate Shop List!
	$sql = "SELECT *
		FROM " . SHOP_TABLE . "
		ORDER BY `id`";

	if ( !($result = $db->sql_query($sql)) )

	{

		message_die(GENERAL_MESSAGE, 'Fatal Error retrieving shop list!');

	}

	$sql_count = $db->sql_numrows($result);

	for ($i = 0; $i < $sql_count; $i++)

	{

		$row = $db->sql_fetchrow($result);


		$template->assign_block_vars('shop_listrow', array(
			'ID' => $row['id'],
			'NAME' => $row['shopname'])
		);

	}


	// Select Variables
	$districts = ( $board_config['shop_districts'] == 'on' ) ? '' : 'SELECTED';

	$m_buy_off = ( $board_config['multibuys'] == 'on' ) ? '' : 'SELECTED';
	$shop_owners_off = ( $board_config['shop_owners'] == 'on' ) ? '' : 'SELECTED';
	$restock_off = ( $board_config['restocks'] == 'on' ) ? '' : 'SELECTED';
	$viewtopic_type = ( $board_config['viewtopic'] == 'images' ) ? '' : 'SELECTED';
	$profile_type = ( $board_config['viewprofile'] == 'images' ) ? '' : 'SELECTED';
	$inv_arrange = ( $board_config['viewinventory'] == 'grouped' ) ? '' : 'SELECTED';
	$give = ( $board_config['shop_give'] == 'on' ) ? '' : 'SELECTED';
	$trade = ( $board_config['shop_trade'] == 'on' ) ? '' : 'SELECTED';
	$discard = ( $board_config['shop_discard'] == 'on' ) ? '' : 'SELECTED';
	$order_2 = ( $board_config['shop_orderby'] == 'cost' ) ? 'SELECTED' : '';
	$order_3 = ( $board_config['shop_orderby'] == 'id' ) ? 'SELECTED' : '';





	$template->assign_vars(array(
		'SELECT_DISTRICTS' => $districts,
		'SELECT_M_BUY_OFF' => $m_buy_off,
		'SELECT_SHOP_OWNERS_OFF' => $shop_owners_off,
		'SELECT_RESTOCK_OFF' => $restock_off,
		'SELECT_VIEWTOPIC' => $viewtopic_type,
		'SELECT_PROFILE' => $profile_type,
		'SELECT_INVENTORY' => $inv_arrange,
		'SELECT_GIVE' => $give,
		'SELECT_TRADE' => $trade,
		'SELECT_DISCARD' => $discard,
		'SELECT_ORDER_2' => $order_2,
		'SELECT_ORDER_3' => $order_3,

		'SHOP_SELL_RATE' => $board_config['sellrate'],
		'SHOP_INV_LIMIT' => $board_config['shop_invlimit'],
		'SHOP_VIEWTOPIC_LIM' => $board_config['viewtopiclimit'],
		'POINTS_NAME' => $board_config['points_name'],


		'S_CONFIG_ACTION' => append_sid('admin_shop.' . $phpEx),


		'L_SHOPTITLE' => $lang['ashop_index_title'],

		'L_SHOPEXPLAIN' => $lang['ashop_index_explain'],
		'L_TABLE_TITLE' => $lang['ashop_index_table1'],
		'L_TABLE_TITLE2' => $lang['ashop_index_table2'],
		'L_TABLE_TITLE3' => $lang['ashop_index_table3'],
		'L_SHOP_DISTRICTS' => $lang['ashop_shop_districts'],
		'L_ON' => $lang['ashop_on'],
		'L_OFF' => $lang['ashop_off'],
		'L_MULTI_ITEMS' => $lang['ashop_multi_buys'],
		'L_SHOP_ORDER' => $lang['ashop_shop_order'],
		'L_SHOP_RESTOCKING' => $lang['ashop_restocking'],
		'L_SHOP_SELL_RATE' => $lang['ashop_sellrate'],
		'L_USER_INV_LIMIT' => $lang['ashop_inv_limit'],
		'L_VIEWTOPIC_LIMIT' => $lang['ashop_display_limit'],
		'L_VIEWTOPIC_TYPE' => $lang['ashop_vt_type'],
		'L_POINTS_NAME' => $lang['ashop_points_name'],
		'L_PROFILE_DISPLAY' => $lang['ashop_p_display'],
		'L_INV_TYPE' => $lang['ashop_inv_type'],
		'L_SHOP_OWNERS' => $lang['ashop_shop_owners'],
		'L_GIVE' => $lang['ashop_ability_give'],
		'L_TRADE' => $lang['ashop_ability_trade'],
		'L_DISCARD' => $lang['ashop_ability_discard'],
		'L_UPDATE' => $lang['ashop_update'],
		'L_NAME' => $lang['ashop_name'],
		'L_COST' => $lang['ashop_cost'],
		'L_IMAGES' => $lang['ashop_images'],
		'L_LINK' => $lang['ashop_link'],
		'L_GROUPED' => $lang['ashop_grouped'],
		'L_NORMAL' => $lang['ashop_normal'],
		'L_EDIT_INV' => $lang['ashop_edit_inv'],
		'L_FIND_USER' => $lang['ashop_find_user'],
		'L_EDIT' => $lang['ashop_edit'],
		'L_SHOP_NAME' => $lang['ashop_shop_name'],
		'L_SHOP_TYPE' => $lang['ashop_shop_type'],
		'L_RESTOCK_TIME' => $lang['ashop_restock_time'],
		'L_RESTOCK_AMT' => $lang['ashop_restock_amt'],
		'L_CREATE_SHOP' => $lang['ashop_create_shop']
	));

}



elseif ( $action == 'createshop' )

{
	// Register Variables!
	if ( isset($HTTP_GET_VARS['shopname']) || isset($HTTP_POST_VARS['shopname']) ) { $shopname = ( isset($HTTP_POST_VARS['shopname']) ) ? $HTTP_POST_VARS['shopname'] : $HTTP_GET_VARS['shopname']; }
	else { $shopname = ''; }
	if ( isset($HTTP_GET_VARS['shoptype']) || isset($HTTP_POST_VARS['shoptype']) ) { $shoptype = ( isset($HTTP_POST_VARS['shoptype']) ) ? $HTTP_POST_VARS['shoptype'] : $HTTP_GET_VARS['shoptype']; }
	else { $shoptype = ''; }
	if ( isset($HTTP_GET_VARS['restockamount']) || isset($HTTP_POST_VARS['restockamount']) ) { $restockamount = ( isset($HTTP_POST_VARS['restockamount']) ) ? intval($HTTP_POST_VARS['restockamount']) : intval($HTTP_GET_VARS['restockamount']); }
	else { $restockamount = '5'; }
	if ( isset($HTTP_GET_VARS['restocktime']) || isset($HTTP_POST_VARS['restocktime']) ) { $restocktime = ( isset($HTTP_POST_VARS['restocktime']) ) ? intval($HTTP_POST_VARS['restocktime']) : intval($HTTP_GET_VARS['restocktime']); }
	else { $restocktime = '86400'; }



	if ( (strlen($shopname) < 4) || (strlen($shoptype) < 4) || (strlen($shopname) > 32) || (strlen($shoptype) > 32) ) 

	{

		message_die(GENERAL_MESSAGE, $lang['ashop_cs_field_missing']);

	}


	$sql = "SELECT *
		FROM " . SHOP_TABLE . "
		WHERE shopname = '$shopname'";

	if ( !($result = $db->sql_query($sql)) )

	{

		message_die(GENERAL_MESSAGE, 'Fatal Error Checking Shop Name');

	}

	if ( $db->sql_numrows($result) )

	{

		message_die(GENERAL_MESSAGE, 'Shop Already Exists!');

	}


	$sql = "INSERT INTO " . SHOP_TABLE . "
		(shopname, shoptype, restocktime, restockamount)
		VALUES('$shopname', '$shoptype', '$restocktime', '$restockamount')";

	if ( !($result = $db->sql_query($sql)) )

	{

		message_die(GENERAL_MESSAGE, 'Fatal Error Adding Shop');

	}

	// Transaction Code!
	$sql = "INSERT INTO " . TRANS_TABLE . "
		 (user_id, type, action, value, timestamp, ip) 
		values('{$userdata['user_id']}', 'shop_admin', 'create_shop', '" . addslashes($shopname) . "', '".time()."', '{$_SERVER['REMOTE_ADDR']}')";
	if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }


	$message = $lang['ashop_shop_created'] . '<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';

	message_die(GENERAL_MESSAGE, $message);

}

elseif ( $action == 'updateshop' )

{
	// Register Variables!
	if ( isset($HTTP_GET_VARS['name']) || isset($HTTP_POST_VARS['name']) ) { $name = ( isset($HTTP_POST_VARS['name']) ) ? $HTTP_POST_VARS['name'] : $HTTP_GET_VARS['name']; }
	else { $name = ''; }
	if ( isset($HTTP_GET_VARS['shop_owner']) || isset($HTTP_POST_VARS['shop_owner']) ) { $shop_owner = ( isset($HTTP_POST_VARS['shop_owner']) ) ? $HTTP_POST_VARS['shop_owner'] : $HTTP_GET_VARS['shop_owner']; }
	else { $shop_owner = ''; }
	if ( isset($HTTP_GET_VARS['shoptype']) || isset($HTTP_POST_VARS['shoptype']) ) { $shoptype = ( isset($HTTP_POST_VARS['shoptype']) ) ? $HTTP_POST_VARS['shoptype'] : $HTTP_GET_VARS['shoptype']; }
	else { $shoptype = ''; }
	if ( isset($HTTP_GET_VARS['shop_dtype']) || isset($HTTP_POST_VARS['shop_dtype']) ) { $shop_dtype = ( isset($HTTP_POST_VARS['shop_dtype']) ) ? intval($HTTP_POST_VARS['shop_dtype']) : intval($HTTP_GET_VARS['shop_dtype']); }
	else { $shop_dtype = ''; }
	if ( isset($HTTP_GET_VARS['shop_district']) || isset($HTTP_POST_VARS['shop_district']) ) { $shop_district = ( isset($HTTP_POST_VARS['shop_district']) ) ? intval($HTTP_POST_VARS['shop_district']) : intval($HTTP_GET_VARS['shop_district']); }
	else { $shop_district = ''; }
	if ( isset($HTTP_GET_VARS['shopid']) || isset($HTTP_POST_VARS['shopid']) ) { $shopid = ( isset($HTTP_POST_VARS['shopid']) ) ? intval($HTTP_POST_VARS['shopid']) : intval($HTTP_GET_VARS['shopid']); }
	else { $shopid = ''; }
	if ( isset($HTTP_GET_VARS['restockamount']) || isset($HTTP_POST_VARS['restockamount']) ) { $restockamount = ( isset($HTTP_POST_VARS['restockamount']) ) ? intval($HTTP_POST_VARS['restockamount']) : intval($HTTP_GET_VARS['restockamount']); }
	else { $restockamount = '5'; }
	if ( isset($HTTP_GET_VARS['restocktime']) || isset($HTTP_POST_VARS['restocktime']) ) { $restocktime = ( isset($HTTP_POST_VARS['restocktime']) ) ? intval($HTTP_POST_VARS['restocktime']) : intval($HTTP_GET_VARS['restocktime']); }
	else { $restocktime = '86400'; }
	if ( isset($HTTP_GET_VARS['main_template']) || isset($HTTP_POST_VARS['main_template']) ) { $main_template = ( isset($HTTP_POST_VARS['main_template']) ) ? $HTTP_POST_VARS['main_template'] : $HTTP_GET_VARS['main_template']; }
	else { $main_template = ''; }
	if ( isset($HTTP_GET_VARS['item_template']) || isset($HTTP_POST_VARS['item_template']) ) { $item_template = ( isset($HTTP_POST_VARS['item_template']) ) ? $HTTP_POST_VARS['item_template'] : $HTTP_GET_VARS['item_template']; }
	else { $item_template = ''; }


	if ( (strlen($name) < 4) || (strlen($shoptype) < 4) || (strlen($name) > 32) || (strlen($shoptype) > 32) || (!is_numeric($shopid)) ) 

	{

		message_die(GENERAL_MESSAGE, "Error, shop name or shop type not filled in correctly!");

	}



	$sql = "SELECT *
		FROM " . SHOP_TABLE . "
		WHERE id = '$shopid'";

	if ( !($result = $db->sql_query($sql)) )

	{

		message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error());

	}
	if ( !($db->sql_numrows($result)) )

	{

		message_die(GENERAL_MESSAGE, 'No such shop exists!');

	}

	else

	{
		$row = $db->sql_fetchrow($result);

	}


	$sql = "UPDATE " . SHOP_TABLE . "
		SET shopname = '$name',
			shop_owner = '$shop_owner',
			shoptype = '$shoptype',
			d_type = '$shop_dtype',
			district = '$shop_district',
			restocktime = '$restocktime',
			restockamount = '$restockamount',
			template = '$main_template',
			item_template = '$item_template'
		WHERE id = '$shopid'";

	if ( !($db->sql_query($sql)) )

	{

		message_die(GENERAL_MESSAGE, 'Fatal Error Updating Shop: ' . $sql);

	}


	$sql = "UPDATE " . SHOP_ITEMS_TABLE . "
		SET shop = '$name'
		WHERE shop = '" . addslashes($row['shopname']) . "'";

	if ( !($db->sql_query($sql)) )

	{

		message_die(GENERAL_MESSAGE, 'Fatal Error Updating Items');

	}

	// Transaction Code!
	$sql = "INSERT INTO " . TRANS_TABLE . "
		 (user_id, type, action, value, timestamp, ip) 
		values('{$userdata['user_id']}', 'shop_admin', 'shop_update', '" . addslashes($row['shopname']) . "', '".time()."', '{$_SERVER['REMOTE_ADDR']}')";
	if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }



	$message = $row['shopname'].' successfully updated!<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx."?action=editshop&shopid=".$row['id']).'">Here</a> to return to '.$row['shopname'].' Configuration<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';

	message_die(GENERAL_MESSAGE, $message);

}



//item pages
elseif ( $action == 'additem' || $action == 'updateitem' )
{
	// Register Variables!
	if ( isset($HTTP_GET_VARS['item']) || isset($HTTP_POST_VARS['item']) ) { $item = ( isset($HTTP_POST_VARS['item']) ) ? $HTTP_POST_VARS['item'] : $HTTP_GET_VARS['item']; }
	else { $item = ''; }
	if ( isset($HTTP_GET_VARS['shortdesc']) || isset($HTTP_POST_VARS['shortdesc']) ) { $shortdesc = ( isset($HTTP_POST_VARS['shortdesc']) ) ? $HTTP_POST_VARS['shortdesc'] : $HTTP_GET_VARS['shortdesc']; }
	else { $shortdesc = ''; }
	if ( isset($HTTP_GET_VARS['longdesc']) || isset($HTTP_POST_VARS['longdesc']) ) { $longdesc = ( isset($HTTP_POST_VARS['longdesc']) ) ? $HTTP_POST_VARS['longdesc'] : $HTTP_GET_VARS['longdesc']; }
	else { $longdesc = ''; }
	if ( isset($HTTP_GET_VARS['price']) || isset($HTTP_POST_VARS['price']) ) { $price = ( isset($HTTP_POST_VARS['price']) ) ? intval($HTTP_POST_VARS['price']) : intval($HTTP_GET_VARS['price']); }
	else { $price = ''; }
	if ( isset($HTTP_GET_VARS['stock']) || isset($HTTP_POST_VARS['stock']) ) { $stock = ( isset($HTTP_POST_VARS['stock']) ) ? intval($HTTP_POST_VARS['stock']) : intval($HTTP_GET_VARS['stock']); }
	else { $stock = '0'; }
	if ( isset($HTTP_GET_VARS['maxstock']) || isset($HTTP_POST_VARS['maxstock']) ) { $maxstock = ( isset($HTTP_POST_VARS['maxstock']) ) ? intval($HTTP_POST_VARS['maxstock']) : intval($HTTP_GET_VARS['maxstock']); }
	else { $maxstock = '0'; }
	if ( isset($HTTP_GET_VARS['shopid']) || isset($HTTP_POST_VARS['shopid']) ) { $shopid = ( isset($HTTP_POST_VARS['shopid']) ) ? intval($HTTP_POST_VARS['shopid']) : intval($HTTP_GET_VARS['shopid']); }
	else { $shopid = ''; }


	if ( $action == 'additem' )

	{

		if ( (strlen($item) > 32) || (strlen($item) < 2) || (strlen($shortdesc) < 3) || (strlen($shortdesc) > 80) || (strlen($longdesc) < 3) || (!is_numeric($price))  || (strlen($price) > 20) || (empty($shopid)) ) 

		{

			message_die(GENERAL_MESSAGE, 'Error, Item Fields not filled in correctly!');

		}

		$sql = "SELECT `shopname`
			FROM " . SHOP_TABLE . "
			WHERE id = '$shopid'";
		if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, "Fatal Error: ".mysql_error()); }

		$row = $db->sql_fetchrow($result);



		$sql = "SELECT *
			FROM " . SHOP_ITEMS_TABLE . "
			WHERE name = '$item'";

		if ( !($result = $db->sql_query($sql)) )

		if ( $db->sql_numrows($result) )

		{

			message_die(GENERAL_MESSAGE, 'This item already exists!');

		}

		$sql = "INSERT INTO " . SHOP_ITEMS_TABLE . "
			(name, shop, sdesc, ldesc, cost, stock, maxstock, sold)
			VALUES('$item', '" . addslashes($row['shopname']). "', '$shortdesc', '$longdesc', '$price', '$stock', '$maxstock', '0')";

		if ( !($db->sql_query($sql)) )

		{

			message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error());

		}


		// Transaction Code!
		$sql = "INSERT INTO " . TRANS_TABLE . "
			 (user_id, type, action, value, timestamp, ip) 
			values('{$userdata['user_id']}', 'shop_admin', 'add_item', '" . addslashes($item) . "', '".time()."', '{$_SERVER['REMOTE_ADDR']}')";
		if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }

		$message = stripslashes($item).' successfully added!<br /><br /> Click <a href="'.append_sid('admin_shop.'.$phpEx.'?action=editshop&shopid=' . $shopid, true).'">Here</a> to return to '.$row['shopname'].' Configuration<br /><br /> Click <a href="'.append_sid('admin_shop.'.$phpEx, true).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid('index.'.$phpEx.'?pane=right', true).'">Here</a> to return to Admin Index.';

		message_die(GENERAL_MESSAGE, $message);

	}

	elseif ( $action == 'updateitem' )

	{
		if ( isset($HTTP_GET_VARS['itemid']) || isset($HTTP_POST_VARS['itemid']) ) { $itemid = ( isset($HTTP_POST_VARS['itemid']) ) ? intval($HTTP_POST_VARS['itemid']) : intval($HTTP_GET_VARS['itemid']); }
		else { $itemid = ''; }
		if ( isset($HTTP_GET_VARS['sold']) || isset($HTTP_POST_VARS['sold']) ) { $sold = ( isset($HTTP_POST_VARS['sold']) ) ? intval($HTTP_POST_VARS['sold']) : intval($HTTP_GET_VARS['sold']); }
		else { $sold = '0'; }
		if ( isset($HTTP_GET_VARS['shop']) || isset($HTTP_POST_VARS['shop']) ) { $shop = ( isset($HTTP_POST_VARS['shop']) ) ? $HTTP_POST_VARS['shop'] : $HTTP_GET_VARS['shop']; }
		else { $shop = ''; }
		if ( isset($HTTP_GET_VARS['special_link']) || isset($HTTP_POST_VARS['special_link']) ) { $special_link = ( isset($HTTP_POST_VARS['special_link']) ) ? $HTTP_POST_VARS['special_link'] : $HTTP_GET_VARS['special_link']; }
		else { $special_link = ''; }
		if ( isset($HTTP_GET_VARS['synth']) || isset($HTTP_POST_VARS['synth']) ) { $synth = ( isset($HTTP_POST_VARS['synth']) ) ? $HTTP_POST_VARS['synth'] : $HTTP_GET_VARS['synth']; }
		else { $synth = ''; }


		$sql = "SELECT a.*, b.id as shop_id
			FROM " . SHOP_ITEMS_TABLE . " a, " . SHOP_TABLE . " b
			WHERE a.id = '$itemid'
				AND b.shopname = a.shop";

		if ( !($result = $db->sql_query($sql)) )

		{

			message_die(GENERAL_MESSAGE, 'Fatal Error: ' . $sql);

		}


		if ( !($db->sql_numrows($result)) )

		{

			message_die(GENERAL_MESSAGE, 'No Such Item Exists!');

		}
		else
		{
			$row = $db->sql_fetchrow($result);
		}


		$price = ( empty($price) ) ? '0' : $price;

		$stock = ( empty($stock) ) ? '0' : $stock;
		$maxstock = ( empty($maxstock) ) ? '0' : $maxstock;



		if ( ( !empty($shop) ) && ( $shop != $row['shop'] ) )
		{ 

			$sql = "SELECT *
				FROM " . SHOP_TABLE . "
				WHERE shopname = '$shop'";
			if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error: ' . $sql); }

			if ( !($db->sql_numrows($result)) ) { $msg .= 'No such shop exists!<br /><br />'; }

		}

		elseif ( empty($shop) ) { $msg .= 'Invalid shop name!<br /><br />'; }

	

		if ( ( empty($shortdesc) ) || ( strlen($shortdesc) > 80) ) { $msg .= 'Short description is set incorrectly!<br /><br />'; }

		if ( ( empty($longdesc) ) || ( strlen($longdesc) < 2 ) ) { $msg .= 'Description is too short!<br /><br />'; }

		if ( empty($item) ) { $msg .= 'Invalid item name!'; }

		if ( !empty($msg) ) { message_die(GENERAL_MESSAGE, $msg); }




		# Update User Items - 3 part update, name, then sdesc, then ldesc!

  		$sql = "UPDATE " . USER_ITEMS_TABLE . "
			SET item_name = '$item'
			where item_id = '{$row['id']}'
				AND item_name = '" . addslashes($row['name']) . "'";

  		if ( !($db->sql_query($sql)) )

  		{

  			message_die(GENERAL_MESSAGE, 'Fatal Error: ' . $sql);

  		}
  		$sql = "UPDATE " . USER_ITEMS_TABLE . "
			SET item_s_desc = '$shortdesc'
			where item_id = '{$row['id']}'
				AND item_s_desc = '" . addslashes($row['sdesc']) . "'";

  		if ( !($db->sql_query($sql)) )

  		{

  			message_die(GENERAL_MESSAGE, 'Fatal Error: ' . $sql);

  		}
  		$sql = "UPDATE " . USER_ITEMS_TABLE . "
			SET item_l_desc = '$longdesc'
			where item_id = '{$row['id']}'
				AND item_l_desc = '" . addslashes($row['ldesc']) . "'";

  		if ( !($db->sql_query($sql)) )

  		{

  			message_die(GENERAL_MESSAGE, 'Fatal Error: ' . $sql);

  		}





		$sql = "UPDATE " . SHOP_ITEMS_TABLE . " 
			SET name = '$item', 
				shop = '$shop', 
				sdesc = '$shortdesc', 
				ldesc = '$longdesc', 
				synth = '$synth',
				special_link = '$special_link',
				cost = '$price', 
				stock = '$stock', 
				maxstock = '$maxstock', 
				sold = '$sold' 
			WHERE id = '$itemid'";

		if ( !$db->sql_query($sql) )

  		{

  			message_die(GENERAL_MESSAGE, 'Fatal Error: ' . $sql);

  		}


		// Transaction Code!
		$sql = "INSERT INTO " . TRANS_TABLE . "
			 (user_id, type, action, value, timestamp, ip) 
			VALUES('{$userdata['user_id']}', 'shop_admin', 'item_update', '" . addslashes($row['name']) . "', '".time()."', '{$_SERVER['REMOTE_ADDR']}')";
		if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }


		$message = $row['name'].' successfully updated!<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx."?action=editshop&shopid=".$row['shop_id']).'">Here</a> to return to '.stripslashes($shop).' Configuration<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';

		message_die(GENERAL_MESSAGE, $message);

	}

}


//delete pages

elseif ( $action == 'deleteshop' )

{
	if ( isset($HTTP_GET_VARS['shopid']) || isset($HTTP_POST_VARS['shopid']) ) { $shopid = ( isset($HTTP_POST_VARS['shopid']) ) ? intval($HTTP_POST_VARS['shopid']) : intval($HTTP_GET_VARS['shopid']); }
	else { $shopid = ''; }


	$sql = "SELECT *
		FROM " . SHOP_TABLE . "
		WHERE id = '$shopid'";

	if ( !($result = $db->sql_query($sql)) )

	{

		message_die(GENERAL_MESSAGE, 'Fatal Error');

	}

	if ( !($db->sql_numrows($result)) ) { message_die(GENERAL_MESSAGE, 'No such shop exists!'); }

	else
	{
		$row = $db->sql_fetchrow($result);
	}



	$sql = "DELETE FROM " . SHOP_ITEMS_TABLE . "
		WHERE shop = '" . addslashes($row['shopname']) . "'";

	if ( !($db->sql_query($sql)) )

	{

		message_die(GENERAL_MESSAGE, 'Fatal Error Deleting Item Entry!');

	}



	$sql = "DELETE FROM " . SHOP_TABLE . "
		WHERE id = '$shopid'";

	if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error Deleting Shop Entry!'); }


	// Transaction Code!
	$sql = "INSERT INTO " . TRANS_TABLE . "
		 (user_id, type, action, value, timestamp, ip) 
		values('{$userdata['user_id']}', 'shop_admin', 'delete_shop', '" . addslashes($row['shopname']) . "', '".time()."', '{$_SERVER['REMOTE_ADDR']}')";
	if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }

	$message = $row['shopname'].' successfully Deleted!<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';

	message_die(GENERAL_MESSAGE, $message);

}

elseif ( $action == 'deleteitem' )

{
	if ( isset($HTTP_GET_VARS['itemid']) || isset($HTTP_POST_VARS['itemid']) ) { $itemid = ( isset($HTTP_POST_VARS['itemid']) ) ? intval($HTTP_POST_VARS['itemid']) : intval($HTTP_GET_VARS['itemid']); }
	else { $itemid = ''; }


	$sql = "SELECT a.*, b.id as shop_id
		FROM " . SHOP_ITEMS_TABLE . " a, " . SHOP_TABLE . " b
		WHERE a.id = '$itemid'
			AND b.shopname = a.shop";

  	if ( !($result = $db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error()); }
	if ( !($db->sql_numrows($result)) ) { message_die(GENERAL_MESSAGE, 'No such item exists!'); }

	else
	{
		$row = mysql_fetch_array($result);

	}



	$sql = "DELETE FROM " . SHOP_ITEMS_TABLE . "
		WHERE id = '$itemid'";

  	if ( !($db->sql_query($sql)) )

  	{

  		message_die(GENERAL_MESSAGE, 'Fatal Error Deleteing Item from Shop!');

  	}

	// Transaction Code!
	$sql = "INSERT
		INTO " . TRANS_TABLE . "
		 (user_id, type, action, value, timestamp, ip) 
		values('{$userdata['user_id']}', 'shop_admin', 'delete_item', '" . addslashes($row['name']) . "', '".time()."', '{$_SERVER['REMOTE_ADDR']}')";
	if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }




	$message = $row['name'].' successfully Deleted!<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx."?action=editshop&shopid=".$row['shop_id']).'">Here</a> to return to '.$row['shop'].' Configuration<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';

	message_die(GENERAL_MESSAGE, $message);

}





//change global settings

elseif ( $action == 'updateglobals' )

{
	if ( isset($HTTP_GET_VARS['shopdistricts']) || isset($HTTP_POST_VARS['shopdistricts']) ) { $shopdistricts = ( isset($HTTP_POST_VARS['shopdistricts']) ) ? $HTTP_POST_VARS['shopdistricts'] : $HTTP_GET_VARS['shopdistricts']; }
	else { $shopdistricts = ''; }
	if ( isset($HTTP_GET_VARS['multiitems']) || isset($HTTP_POST_VARS['multiitems']) ) { $multiitems = ( isset($HTTP_POST_VARS['multiitems']) ) ? $HTTP_POST_VARS['multiitems'] : $HTTP_GET_VARS['multiitems']; }
	else { $multiitems = ''; }
	if ( isset($HTTP_GET_VARS['shoprestock']) || isset($HTTP_POST_VARS['shoprestock']) ) { $shoprestock = ( isset($HTTP_POST_VARS['shoprestock']) ) ? $HTTP_POST_VARS['shoprestock'] : $HTTP_GET_VARS['shoprestock']; }
	else { $shoprestock = ''; }
	if ( isset($HTTP_GET_VARS['shoptrade']) || isset($HTTP_POST_VARS['shoptrade']) ) { $shoptrade = ( isset($HTTP_POST_VARS['shoptrade']) ) ? $HTTP_POST_VARS['shoptrade'] : $HTTP_GET_VARS['shoptrade']; }
	else { $shoptrade = ''; }
	if ( isset($HTTP_GET_VARS['shopgive']) || isset($HTTP_POST_VARS['shopgive']) ) { $shopgive = ( isset($HTTP_POST_VARS['shopgive']) ) ? $HTTP_POST_VARS['shopgive'] : $HTTP_GET_VARS['shopgive']; }
	else { $shopgive = ''; }
	if ( isset($HTTP_GET_VARS['shopdiscard']) || isset($HTTP_POST_VARS['shopdiscard']) ) { $shopdiscard = ( isset($HTTP_POST_VARS['shopdiscard']) ) ? $HTTP_POST_VARS['shopdiscard'] : $HTTP_GET_VARS['shopdiscard']; }
	else { $shopdiscard = ''; }
	if ( isset($HTTP_GET_VARS['orderby']) || isset($HTTP_POST_VARS['orderby']) ) { $orderby = ( isset($HTTP_POST_VARS['orderby']) ) ? $HTTP_POST_VARS['orderby'] : $HTTP_GET_VARS['orderby']; }
	else { $orderby = ''; }
	if ( isset($HTTP_GET_VARS['viewtopic']) || isset($HTTP_POST_VARS['viewtopic']) ) { $viewtopic = ( isset($HTTP_POST_VARS['viewtopic']) ) ? $HTTP_POST_VARS['viewtopic'] : $HTTP_GET_VARS['viewtopic']; }
	else { $viewtopic = ''; }
	if ( isset($HTTP_GET_VARS['profiledisplay']) || isset($HTTP_POST_VARS['profiledisplay']) ) { $profiledisplay = ( isset($HTTP_POST_VARS['profiledisplay']) ) ? $HTTP_POST_VARS['profiledisplay'] : $HTTP_GET_VARS['profiledisplay']; }
	else { $profiledisplay = ''; }
	if ( isset($HTTP_GET_VARS['inventorytype']) || isset($HTTP_POST_VARS['inventorytype']) ) { $inventorytype = ( isset($HTTP_POST_VARS['inventorytype']) ) ? $HTTP_POST_VARS['inventorytype'] : $HTTP_GET_VARS['inventorytype']; }
	else { $inventorytype = ''; }
	if ( isset($HTTP_GET_VARS['topicdisplaynum']) || isset($HTTP_POST_VARS['topicdisplaynum']) ) { $topicdisplaynum = ( isset($HTTP_POST_VARS['topicdisplaynum']) ) ? intval($HTTP_POST_VARS['topicdisplaynum']) : intval($HTTP_GET_VARS['topicdisplaynum']); }
	else { $topicdisplaynum = ''; }
	if ( isset($HTTP_GET_VARS['invlimit']) || isset($HTTP_POST_VARS['invlimit']) ) { $invlimit = ( isset($HTTP_POST_VARS['invlimit']) ) ? intval($HTTP_POST_VARS['invlimit']) : intval($HTTP_GET_VARS['invlimit']); }
	else { $invlimit = '0'; }
	if ( isset($HTTP_GET_VARS['sellrate']) || isset($HTTP_POST_VARS['sellrate']) ) { $sellrate = ( isset($HTTP_POST_VARS['sellrate']) ) ? intval($HTTP_POST_VARS['sellrate']) : intval($HTTP_GET_VARS['sellrate']); }
	else { $sellrate = ''; }
	if ( isset($HTTP_GET_VARS['shopowners']) || isset($HTTP_POST_VARS['shopowners']) ) { $shopowners = ( isset($HTTP_POST_VARS['shopowners']) ) ? $HTTP_POST_VARS['shopowners'] : $HTTP_GET_VARS['shopowners']; }
	else { $shopowners = ''; }
	if ( isset($HTTP_GET_VARS['pointsname']) || isset($HTTP_POST_VARS['pointsname']) ) { $pointsname = ( isset($HTTP_POST_VARS['pointsname']) ) ? $HTTP_POST_VARS['pointsname'] : $HTTP_GET_VARS['pointsname']; }
	else { $pointsname = ''; }

	$shopdistricts = ( ($shopdistricts != 'on') && ($shopdistricts != 'off')) ? $board_config['shop_districts'] : $shopdistricts;

	$multiitems = ( ($multiitems != 'on') && ($multiitems != 'off') ) ? $board_config['multibuys'] : $multiitems;

	$shoprestock = ( ($shoprestock != 'on') && ($shoprestock != 'off') ) ? $board_config['restocks'] : $shoprestock;

	$shoptrade = ( ($shoptrade != 'on') && ($shoptrade != 'off') ) ? $board_config['shop_trade'] : $shoptrade;

	$shopgive = ( ($shopgive != 'on') && ($shopgive != 'off')) ? $board_config['shop_give'] : $shopgive;
	$shopdiscard = ( ($shopdiscard != 'on') && ($shopdiscard != 'off')) ? $board_config['shop_discard'] : $shopdiscard;

	$orderby = ( ($orderby != 'name') && ($orderby != 'cost') && ($orderby != 'id') ) ? $board_config['shop_orderby'] : $orderby;

	$viewtopic = ( ($viewtopic != 'images') && ($viewtopic != 'link') ) ? $board_config['viewtopic'] : $viewtopic;

	$profiledisplay = ( ($profiledisplay != 'images') && ($profiledisplay != 'link') && ($profiledisplay != 'none') ) ? $board_config['viewprofile'] : $profiledisplay;

	$inventorytype = ( ($inventorytype != 'grouped') && ($inventorytype != 'normal') ) ? $board_config['viewinventory'] : $inventorytype;

	$topicdisplaynum = ( ($topicdisplaynum < 0) || (empty($topicdisplaynum)) ) ? $board_config['viewtopiclimit'] : $topicdisplaynum;

	$invlimit = ( ($invlimit < 0) ) ? $board_config['shop_invlimit'] : $invlimit;

	$sellrate = ( (empty($sellrate)) || ($sellrate < 0) || ($sellrate > 100) ) ? $board_config['sellrate'] : $sellrate;

	$shopowners = ( ($shopowners != 'on') && ($shopowners != 'off')) ? $board_config['shop_owners'] : $shopowners;


	if ( ($shoprestock == "on") && ($board_config['restocks'] == 'off') ) 

	{

		$sql = "UPDATE " . SHOP_TABLE . "
			SET restockedtime = '" . time() . "'";

		if ( !($db->sql_query($sql)) ) { message_die(CRITICAL_ERROR, 'Critical Error: '.mysql_error()); }

	}

	elseif ( ($shoprestock == "off") && ($board_config['restocks'] == 'on') ) 

	{

		$sql = "UPDATE " . SHOP_TABLE . "
			set restockedtime = '0'";

		if ( !($db->sql_query($sql)) ) { message_die(CRITICAL_ERROR, 'Critical Error: '.mysql_error()); }

	}

 

	$getarray = array();
	$getarray[] = "shop_districts";

	$getarray[] = "multibuys";

	$getarray[] = "restocks";

	$getarray[] = "sellrate";

	$getarray[] = "viewtopic";

	$getarray[] = "viewprofile";

	$getarray[] = "viewinventory";

	$getarray[] = "viewtopiclimit";

	$getarray[] = "shop_orderby";

	$getarray[] = "shop_give";

	$getarray[] = "shop_trade";
	$getarray[] = "shop_discard";

	$getarray[] = "shop_invlimit";
	$getarray[] = "points_name";
	$getarray[] = "shop_owners";

	$getarray2 = array();
	$getarray2[] = $shopdistricts;

	$getarray2[] = $multiitems;

	$getarray2[] = $shoprestock;

	$getarray2[] = $sellrate;

	$getarray2[] = $viewtopic;

	$getarray2[] = $profiledisplay;

	$getarray2[] = $inventorytype;

	$getarray2[] = $topicdisplaynum;

	$getarray2[] = $orderby;

	$getarray2[] = $shopgive;

	$getarray2[] = $shoptrade;
	$getarray2[] = $shopdiscard;

	$getarray2[] = $invlimit;
	$getarray2[] = $pointsname;
	$getarray2[] = $shopowners;

	$getarraynum = count($getarray);



	$globals = array();

	for($i = 0; $i < $getarraynum; $i++)

	{
		if ( $board_config[$getarray[$i]] != $getarray2[$i] )
		{

			$gsql = "UPDATE " . CONFIG_TABLE . "
				SET config_value='$getarray2[$i]'
				WHERE config_name='$getarray[$i]'";

			if ( !($result = $db->sql_query($gsql)) ) { message_die(CRITICAL_ERROR, 'ERROR: Getting Global Variables!'); }

		}
	}

	// Transaction Code!
	$sql = "INSERT
		INTO " . TRANS_TABLE . "
		 (user_id, type, action, value, timestamp, ip) 
		values('{$userdata['user_id']}', 'shop_admin', 'global_update', '" . addslashes($userdata['username']) . "', '".time()."', '{$_SERVER['REMOTE_ADDR']}')";
	if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }



	$message = 'Global information successfully updated!<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';

	message_die(GENERAL_MESSAGE, $message);

}





//edit shop

elseif ( $action == 'editshop' )

{
	if ( isset($HTTP_GET_VARS['shopid']) || isset($HTTP_POST_VARS['shopid']) ) { $shopid = ( isset($HTTP_POST_VARS['shopid']) ) ? intval($HTTP_POST_VARS['shopid']) : intval($HTTP_GET_VARS['shopid']); }
	else { $shopid = ''; }

	$template->set_filenames(array(

		'body' => 'modcp/shop_edit_shop.tpl')

	);

	//check shopname



	$sql = "SELECT *
		FROM " . SHOP_TABLE . "
		WHERE id = '$shopid'";

	if ( !($result = $db->sql_query($sql)) )

	{

		message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error());

	}

	if ( !($db->sql_numrows($result)) )

	{

		message_die(GENERAL_MESSAGE, "That shop doesn't exist.");

	}
	else
	{
		$row = $db->sql_fetchrow($result);
	}


	//get shop items

	$sql = "SELECT *
		FROM " . SHOP_ITEMS_TABLE . "
		WHERE shop = '" . addslashes($row['shopname']) . "'";

	if ( !($result = $db->sql_query($sql)) )

	{

		message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error());

	}


	$sql_count = $db->sql_numrows($result);
	for ($i = 0; $i < $sql_count; $i++)

	{

		$irow = $db->sql_fetchrow($result);


		$template->assign_block_vars('list_shop_items', array(
			'ID' => $irow['id'],
			'NAME' => $irow['name'])
		);
	}


	if ( !($sql_count) )
	{
		$template->assign_block_vars('switch_no_items', array());
	}

	else
	{
		$template->assign_block_vars('switch_has_items', array());
	}



	//

	//begin template variable creation

	//



	//finish template varibable



	$template->assign_vars(array(
		'SHOP_ID' => $row['id'],
		'SHOP_NAME' => $row['shopname'],
		'SHOP_OWNER' => $row['shop_owner'],
		'SHOP_TYPE' => $row['shoptype'],
		'SHOP_DTYPE' => $row['d_type'],
		'SHOP_DISTRICT' => $row['district'],
		'RESTOCK_TIME' => $row['restocktime'],
		'RESTOCK_AMOUNT' => $row['restockamount'],
		'SHOP_MAIN_TEMPLATE' => $row['template'],
		'SHOP_ITEM_TEMPLATE' => $row['item_template'],


		'S_CONFIG_ACTION' => append_sid('admin_shop.' . $phpEx),


		'L_TABLE_TITLE' => $lang['ashop_cs_create'],
		'L_TABLE_TITLE2' => $lang['ashop_cs_table'],
		'L_SHOP_NAME' => $lang['ashop_cs_s_name'],
		'L_SHOP_OWNER' => $lang['ashop_cs_s_owner'],
		'L_SHOP_TYPE' => $lang['ashop_cs_s_type'],
		'L_DISTRICT_TYPE' => $lang['ashop_cs_d_type'],
		'L_DISTRICT_NUM' => $lang['ashop_cs_d_num'],
		'L_RESTOCK_TIME' => $lang['ashop_cs_res_time'],
		'L_RESTOCK_AMT' => $lang['ashop_cs_res_amt'],
		'L_MAIN_TEMPLATE' => $lang['ashop_cs_m_tpl'],
		'L_ITEM_TEMPLATE' => $lang['ashop_cs_i_tpl'],
		'L_UPDATE_SHOP' => $lang['ashop_cs_update'],
		'L_DELETE_SHOP' => $lang['ashop_cs_delete'],
		'L_NO_ITEMS' => $lang['ashop_cs_no_items'],
		'L_EDIT_ITEM' => $lang['ashop_cs_edit'],
		'L_ITEM_NAME' => $lang['ashop_cs_name'],
		'L_SHORT_DESC' => $lang['ashop_cs_s_desc'],
		'L_LONG_DESC' => $lang['ashop_cs_l_desc'],
		'L_PRICE' => $lang['ashop_cs_price'],
		'L_STOCK' => $lang['ashop_cs_stock'],
		'L_MAX_STOCK' => $lang['ashop_cs_maxstock'],
		'L_ADD_ITEM' => $lang['ashop_cs_add'],
		'L_SHOPTITLE' => $lang['ashop_cs_table2'],

		'L_SHOPEXPLAIN' => $lang['ashop_cs_explain']
	));

}



//edit item

elseif ( $action == 'edititem' )

{
	if ( isset($HTTP_GET_VARS['itemid']) || isset($HTTP_POST_VARS['itemid']) ) { $itemid = ( isset($HTTP_POST_VARS['itemid']) ) ? intval($HTTP_POST_VARS['itemid']) : intval($HTTP_GET_VARS['itemid']); }
	else { $itemid = ''; }


	$template->set_filenames(array(

		'body' => 'modcp/shop_edit_item.tpl')

	);

	//check itemname

	$sql = "sELECT *
		FROM " . SHOP_ITEMS_TABLE . "
		WHERE id = '$itemid'";

	if ( !($result = $db->sql_query($sql)) )

	{

		message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error());

	}



	if ( !($db->sql_numrows($result)) )

	{

		message_die(GENERAL_MESSAGE, "No such item exists.");

	}
	else
	{
		$row = $db->sql_fetchrow($result);
	}

	if ( $row['shop'] == 'Synthesize Shop' )
	{
		$template->assign_block_vars('synth_shop', array(
			'SYNTH_INFO' => $row['synth'])
		);
	}


	$sql = "SELECT a.*, b.username
		FROM " . USER_ITEMS_TABLE . " as a, " . USERS_TABLE . " as b
		WHERE item_id = '$itemid'
			AND a.user_id = b.user_id";
	if ( !($result = $db->sql_query($sql)) )

	{

		message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error());

	}

	$sql_count = $db->sql_numrows($result);

	for ( $i = 0; $i < $sql_count; $i++)
	{
		$irow = $db->sql_fetchrow($result);

		$template->assign_block_vars('list_users', array(
			'USER_ID' => $irow['user_id'],
			'USERNAME' => $irow['username'])
		);		
	}

	if ( $sql_count )
	{
		$template->assign_block_vars('user_owned', array());
	}


	//finish template varibable

	//

	//parse template variables

	$template->assign_vars(array(

		'ITEM_ID' => $row['id'],
		'ITEM_NAME' => $row['name'],
		'ITEM_SHOP' => $row['shop'],
		'ITEM_SDESC' => $row['sdesc'],
		'ITEM_LDESC' => $row['ldesc'],
		'ITEM_COST' => $row['cost'],
		'ITEM_STOCK' => $row['stock'],
		'ITEM_MAX_STOCK' => $row['maxstock'],
		'ITEM_SOLD' => $row['sold'],
		'ITEM_FORUM' => $row['accessforum'],
		'ITEM_SPECIAL_LINK' => $row['special_link'],

		'S_CONFIG_ACTION' => append_sid('admin_shop.' . $phpEx),


		'L_SHOPTABLETITLE' => $lang['ashop_modify'] . ' ' . $row['name'],

		'L_ITEM_NAME' => $lang['ashop_cs_name'],
		'L_SHOP_NAME' => $lang['ashop_cs_sname'],
		'L_SHORT_DESC' => $lang['ashop_cs_s_desc'],
		'L_LONG_DESC' => $lang['ashop_cs_l_desc'],
		'L_PRICE' => $lang['ashop_cs_price'],
		'L_STOCK' => $lang['ashop_cs_stock'],
		'L_MAX_STOCK' => $lang['ashop_cs_maxstock'],
		'L_SOLD' => $lang['ashop_cs_sold'],
		'L_ACCESS_ID' => $lang['ashop_cs_forumid'],
		'L_SPECIAL_LINK' => $lang['ashop_cs_slink'],
		'L_UPDATE_ITEM' => $lang['ashop_cs_uitem'],
		'L_DELETE_ITEM' => $lang['ashop_cs_ditem'],
		'L_OWNED_BY' => $lang['ashop_cs_ownedby'],
		'L_EDIT_INV' => $lang['ashop_cs_editinv'],
		'L_SHOPTITLE' => $lang['ashop_cs_shopeditor'],

		'L_SHOPEXPLAIN' => $lang['ashop_cs_explain2']

	));

}



//edit users inventories

elseif ( $action == 'editinventory' )

{
	if ( isset($HTTP_GET_VARS['username']) || isset($HTTP_POST_VARS['username']) ) { $username = ( isset($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : $HTTP_GET_VARS['username']; }
	else { $username = ''; }


	$template->set_filenames(array(

		'body' => 'modcp/shop_edit_user.tpl')

	);

	//check username & get useritems

	$user_row = get_userdata(stripslashes($username));

	if ( strlen($user_row['username']) < 3 ) { message_die(GENERAL_MESSAGE, 'No Such User Exists!'); }


	$sql = "SELECT *
		FROM " . USER_ITEMS_TABLE . "
		WHERE user_id = " . $user_row['user_id'];
	if ( !($result = $db->sql_query($sql)) )
	{
		message_die(GENERAL_MESSAGE, 'Error getting user items!');
	}


	$sql_count = $db->sql_numrows($result);

     	for ($i = 0; $i < $sql_count; $i++)

	{
		$row = $db->sql_fetchrow($result);

		$template->assign_block_vars('list_user_items', array(
			'ID' => $row['id'],
			'ITEM_NAME' => $row['item_name'])
		);


	}

	if ( !($sql_count) )
	{
		$template->assign_block_vars('list_user_items', array(
			'ID' => 0,
			'ITEM_NAME' => 'Nothing')
		);
	}



	//get all items
	$sql = "SELECT `id`, `name`
		FROM " . SHOP_ITEMS_TABLE . "
		ORDER BY `name`";
	if ( !($result = $db->sql_query($sql)) )
	{
		message_die(GENERAL_MESSAGE, 'Fatal Error Getting All Items!');
	}

	$sql_count = $db->sql_numrows($result);

  	for ($i = 0; $i < $sql_count; $i++)

  	{

		$row = $db->sql_fetchrow($result);

		$template->assign_block_vars('list_shop_items', array(
			'ID' => $row['id'],
			'ITEM_NAME' => $row['name'])
		);
	}

	

	//parse template variables

	$template->assign_vars(array(
		'USER_ID' => $user_row['user_id'],

		'S_CONFIG_ACTION' => append_sid('admin_shop.' . $phpEx),


		'L_DELETE_ITEM' => $lang['ashop_i_delete'],
		'L_ADD_ITEM' => $lang['ashop_i_add'],
		'L_CLEAR_ITEMS' => $lang['ashop_i_clear'],
		'L_DELETE_INV' => $lang['ashop_i_deleteinv'],
		'L_CUSTOM_ITEM' => $lang['ashop_i_custom'],
		'L_ITEM_NAME' => $lang['ashop_i_name'],
		'L_ITEM_ID' => $lang['ashop_i_id'],
		'L_SHORT_DESC' => $lang['ashop_i_s_desc'],
		'L_LONG_DESC' => $lang['ashop_i_l_desc'],

		'L_SHOPTABLETITLE' => sprintf($lang['ashop_i_modify'], $row['username']),

		'L_SHOPTITLE' => $lang['ashop_i_editor'],

		'L_SHOPEXPLAIN' => $lang['ashop_i_explain']
	));

}



//update users inventories

elseif ( $action == 'updateinv' )

{
	if ( isset($HTTP_GET_VARS['username']) || isset($HTTP_POST_VARS['username']) ) { $username = ( isset($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : $HTTP_GET_VARS['username']; }
	else { $username = ''; }
	if ( isset($HTTP_GET_VARS['subaction']) || isset($HTTP_POST_VARS['subaction']) ) { $subaction = ( isset($HTTP_POST_VARS['subaction']) ) ? $HTTP_POST_VARS['subaction'] : $HTTP_GET_VARS['subaction']; }
	else { $subaction = ''; }
	if ( isset($HTTP_GET_VARS['itemname']) || isset($HTTP_POST_VARS['itemname']) ) { $itemname = ( isset($HTTP_POST_VARS['itemname']) ) ? intval($HTTP_POST_VARS['itemname']) : intval($HTTP_GET_VARS['itemname']); }
	else { $itemname = ''; }


	//check username

	$user_row = get_userdata(stripslashes($username));

	if ( empty($user_row['username']) ) { message_die(GENERAL_MESSAGE, 'No such user exists!'); }



	if ( $subaction == 'delete' )

	{
		#
		# Make sure user has item!
		#
		$sql = "SELECT *
			FROM " . USER_ITEMS_TABLE . "
			WHERE id = '$itemname'";
		if ( !($result = $db->sql_query($sql)) )
		{
			message_die(GENERAL_MESSAGE, 'Invalid SQL Query!');
		}
		if ( !($db->sql_numrows($result)) ) { message_die(GENERAL_MESSAGE, 'User does not have this item!'); }
		else { $row = $db->sql_fetchrow($result); }


		$sql = "DELETE FROM " . USER_ITEMS_TABLE . "
			WHERE id = '$itemname'
				AND user_id = '{$user_row['user_id']}'";
		if ( !($db->sql_query($sql)) )

		{

			message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error());

		}

		$message = stripslashes($row['item_name']).' removed from ' . $user_row['username'] . '\'s inventory successfully!<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx."?username=" . $user_row['user_id'] . "&action=editinventory").'">Here</a> to return to Edit ' . $user_row['username'] . '\'s Inventory<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';


		// Transaction Code!
		$sql = "INSERT
			INTO " . TRANS_TABLE . "
			(user_id, target_id, target_name, type, action, value, timestamp, ip)
			values('{$userdata['user_id']}', '{$user_row['user_id']}', '" . addslashes($username) . "', 'shop_admin', 'del_item', '" . addslashes($row['item_name']) . "', '" . time() . "', '{$_SERVER['REMOTE_ADDR']}')";
		if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }


		message_die(GENERAL_MESSAGE, $message);

	}

	elseif ( $subaction == 'add' )

	{
		$sql = "SELECT *
			FROM " . SHOP_ITEMS_TABLE . "
			WHERE id = '$itemname'";
		if ( !($result = $db->sql_query($sql)) )

		{

			message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error());

		}
		if ( !($db->sql_numrows($result)) ) { message_die(GENERAL_MESSAGE, 'No such item exists!'); }
		else { $row = $db->sql_fetchrow($result); }

		$sql = "INSERT INTO " . USER_ITEMS_TABLE . "
			(user_id, item_id, item_name, item_s_desc, item_l_desc)
			VALUES('{$user_row['user_id']}', '{$row['id']}', '" . addslashes($row['name']) . "', '" . addslashes($row['sdesc']) . "', '" . addslashes($row['ldesc']) . "')";
		if ( !($db->sql_query($sql)) )
		{
			message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error());
		}


		// Transaction Code!
		$sql = "INSERT
			INTO " . TRANS_TABLE . "
			(user_id, target_id, target_name, type, action, value, timestamp, ip)
			values('{$userdata['user_id']}', '{$user_row['user_id']}', '" . addslashes($user_row['username']) . "', 'shop_admin', 'add_item', '" . addslashes($row['itemname']) . "', '" . time() . "', '{$_SERVER['REMOTE_ADDR']}')";
		if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }

		$message = $row['name'] . ' added to ' . $user_row['username'] . '\'s inventory successfully!<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx."?username=" . $user_row['user_id'] . "&action=editinventory").'">Here</a> to return to Edit ' . $user_row['username'] . '\'s Inventory<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';

		message_die(GENERAL_MESSAGE, $message);

	}
	elseif ( $subaction == 'unique_item' )
	{
		if ( isset($HTTP_GET_VARS['item_name']) || isset($HTTP_POST_VARS['item_name']) ) { $item_name = ( isset($HTTP_POST_VARS['item_name']) ) ? $HTTP_POST_VARS['item_name'] : $HTTP_GET_VARS['item_name']; }
		else { $item_name = ''; }
		if ( isset($HTTP_GET_VARS['item_id']) || isset($HTTP_POST_VARS['item_id']) ) { $item_id = ( isset($HTTP_POST_VARS['item_id']) ) ? intval($HTTP_POST_VARS['item_id']) : intval($HTTP_GET_VARS['item_id']); }
		else { $item_id = '-1'; }
		if ( isset($HTTP_GET_VARS['item_sdesc']) || isset($HTTP_POST_VARS['item_sdesc']) ) { $item_sdesc = ( isset($HTTP_POST_VARS['item_sdesc']) ) ? $HTTP_POST_VARS['item_sdesc'] : $HTTP_GET_VARS['item_sdesc']; }
		else { $item_sdesc = ''; }
		if ( isset($HTTP_GET_VARS['item_ldesc']) || isset($HTTP_POST_VARS['item_ldesc']) ) { $item_ldesc = ( isset($HTTP_POST_VARS['item_ldesc']) ) ? $HTTP_POST_VARS['item_ldesc'] : $HTTP_GET_VARS['item_ldesc']; }
		else { $item_ldesc = ''; }

		if ( empty($item_name) ) { $error .= 'You must set an item name!<br /><br />'; }
		if ( empty($item_sdesc) ) { $error .= 'You must set a short description!<br /><br />'; }
		if ( empty($item_ldesc) ) { $error .= 'You must set a long description!<br /><br />'; }

		$sql = "INSERT INTO " . USER_ITEMS_TABLE . " 
			(user_id, item_id, item_name, item_s_desc, item_l_desc)
			VALUES('{$user_row['user_id']}', '$item_id', '$item_name', '$item_sdesc', '$item_ldesc')";

		if ( !($db->sql_query($sql)) )
		{
			message_die(GENERAL_MESSAGE, 'Fatal Error: ' . $sql);
		}


		// Transaction Code!
		$sql = "INSERT
			INTO " . TRANS_TABLE . "
			(user_id, target_id, target_name, type, action, value, timestamp, ip)
			values('{$userdata['user_id']}', '{$user_row['user_id']}', '" . addslashes($user_row['username']) . "', 'shop_admin', 'unique_item', '" . addslashes($item_name) . "', '" . time() . "', '{$_SERVER['REMOTE_ADDR']}')";
		if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }

		$message = $item_name . ' added to ' . $user_row['username'] . '\'s inventory successfully!<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx."?username=" . $user_row['user_id'] . "&action=editinventory").'">Here</a> to return to Edit ' . $user_row['username'] . '\'s Inventory<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';

		message_die(GENERAL_MESSAGE, $message);

	}

	elseif ( $subaction == 'clear' )

	{

		$sql = "DELETE FROM " . USER_ITEMS_TABLE . "
			WHERE user_id = '{$user_row['user_id']}'";

		if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error: '.mysql_error()); }

		$message = $user_row['username'] . '\'s inventory successfully Deleted!<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx."?username=" . $user_row['user_id'] . "&action=editinventory").'">Here</a> to return to Edit ' . $user_row['username'] . '\'s Inventory<br /><br /> Click <a href="'.append_sid("admin_shop.".$phpEx).'">Here</a> to return to Main Shop Configuration<br /><br />Click <a href="'.append_sid("index.".$phpEx."?pane=right").'">Here</a> to return to Admin Index.<br /><br />';



		// Transaction Code!
		$sql = "INSERT
			INTO " . TRANS_TABLE . "
			(user_id, target_id, target_name, type, action, value, timestamp, ip)
			values('{$userdata['user_id']}', '{$row['user_id']}', '" . addslashes($username) . "', 'shop_admin', 'clear_item', 'cleared!', '" . time() . "', '{$_SERVER['REMOTE_ADDR']}')";
		if ( !($db->sql_query($sql)) ) { message_die(GENERAL_MESSAGE, 'Fatal Error with Transaction Code!<br />'.mysql_error()); }

		message_die(GENERAL_MESSAGE, $message);

	}

}



else { message_die(GENERAL_MESSAGE, 'Invalid Action'); }



//

// Generate the page

//

$template->pparse('body');



include($phpbb_root_path . 'modcp/page_footer_mod.' . $phpEx);





?>


User avatar
marian0810
Former Team Member
Posts: 3011
Joined: Mon May 21, 2007 9:17 pm
Location: The Netherlands
Name: Marian
Contact:

Re: [2.0.10] Moderator CP

Post by marian0810 » Tue Apr 22, 2008 12:47 am

Did you remember to upload all the .tpl files to subsilver/modcp/ too?

Also I noticed the little matter of

Code: Select all

if( $userdata['user_level'] != ADMIN )

You might want to change that to something like

Code: Select all

if( $userdata['user_level'] != ADMIN && $userdata['user_level'] != MOD )
I think. But I'm sure someone can tell you exactly what it should be.
You and me, time and space. You watch us run!

jesj
Registered User
Posts: 5
Joined: Thu Apr 10, 2008 7:47 am

Re: [2.0.10] Moderator CP

Post by jesj » Tue Apr 22, 2008 2:23 am

thanks all I needed to change was

Code: Select all

if( $userdata['user_level'] != ADMIN )
to

Code: Select all

if( $userdata['user_level'] != ADMIN && $userdata['user_level'] != MOD )
that was the only line I needed to change, but it works now. So thanks for the help.

User avatar
milkman
Registered User
Posts: 165
Joined: Mon Nov 29, 2004 1:55 am
Location: Loughborough, UK
Contact:

Re: [2.0.10] Moderator CP

Post by milkman » Tue Apr 22, 2008 6:32 am

I'm glad you got it all working okay. You can probably remove the following block since modcp does it's own permission check above. I believe this is where you made your extra edit?

Code: Select all

if( $userdata['user_level'] != ADMIN )
{
   message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);
} 
Milkman [MilkHub]

Post Reply

Return to “[2.0.x] MOD Database Cleanup”

Who is online

Users browsing this forum: No registered users and 3 guests