?><?php session_start(); if(!isset($_POST['ban_submit'])){ ?> <img src="includes/text_image.php?text=SERVER CONFIG"><a href="javascript:void(0);" onclick="ajax_loadContent('content','admin/index.php?show=1');return false" style="border:none;"><img src="includes/text_image.php?text=<- Go back" border="0"></a><br /> <? } if(isset($_SESSION['admin']) && $_SESSION['admin'] == "ok"){ require("../config.php"); include("../includes/security.php"); // Start of showing bans ! if(!isset($_POST['ban_submit'])){ $query=mssql_query("SELECT * from psyweb_bans order by id ASC"); echo "<table width=500>"; echo "<tr bgcolor=#fcece4><td width=10>#</td><td width=150>Name</td><td>Reason</td><td width=50>Delete</td></tr>"; for($i=0;$i<mssql_num_rows($query);$i++){ $row = mssql_fetch_array($query); $id = $row['id']; if(is_int($id/2)){ echo "<tr bgcolor='#f5f5f5'><td>$id</td><td>$row[name]</td><td>$row[reason]</td><td><a href=\"javascript:void(0);\" onclick=\"ajax_loadContent('content','admin/ban_config.php?delete=$id');return false\">Delete</a></td></tr>"; }else{ echo "<tr><td>$id</td><td>$row[name]</td><td>$row[reason]</td><td><a href=\"javascript:void(0);\" onclick=\"ajax_loadContent('content','admin/ban_config.php?delete=$id');return false\">Delete</a></td></tr>"; } } echo "</table>"; } // End of showing bans ! if(isset($_POST['ban_submit'])){ $character = $_POST['ban_char']; $reason = $_POST['ban_reason']; $bantime = $_POST['ban_days']; $bantime = time()+($bantime*24*60*60); $check1 = mssql_query("SELECT * FROM Character where name='$character'"); $check2 = mssql_query("SELECT * FROM psyweb_bans where name='$character'"); if(mssql_num_rows($check1) < 1){ die("No Such Character"); } elseif(mssql_num_rows($check2) >= 1){ die("This character is already banned"); } else { $id = mssql_query("SELECT * FROM psyweb_bans WHERE id=(SELECT MAX(id) FROM psyweb_bans)"); $id = mssql_fetch_array($id); $id = $id['id']+1; $banon = date('d')." ".date('F').", ".date('Y'); $ban = mssql_query("insert into dbo.psyweb_bans(id, name, reason, banon, bantime) values('$id', '$character', '$reason', '$banon', '$bantime')"); $ban_2 = mssql_query("update Character set ctlcode='1' where name='$character'"); echo "Character Banned . Please Reload ."; } } if(isset($_GET['delete'])){ $id = $_GET['delete']; $query = mssql_fetch_array(mssql_query("SELECT * from psyweb_bans where id='$id'")); $name = $query['name']; $delete = mssql_query("update character set ctlcode='0' where name='$name'"); $delete = mssql_query("DELETE FROM psyweb_bans WHERE id='$id'"); echo "<script type=\"text/javascript\">ajax_loadContent('content','admin/index.php?show=1');</script>"; } ?> <script language="Javascript" type="text/javascript"> function numberText(event, sender){ var e = window.event ? window.event : event; var key = document.all ? e.keyCode : e.charCode; if (!key) return true; key = String.fromCharCode(key); if (!key.match(/[0-9]/)) return false; } </script> <form id="ban_char" name="ban_char"> <table width=500 name="ban_char" style="margin-left:-20x;"> <tr bgcolor='#fcece4' align="center"> <td>Ban Character</td> </tr> <tr bgcolor='#f5f5f5' align="center"> <td>Character Name</td> </tr> <tr> <td><input type="text" name="ban_char" class="field" size="80" /></td> </tr> <tr bgcolor='#f5f5f5' align="center"> <td>Ban Reason</td> </tr> <tr> <td><input type="text" name="ban_reason" class="field" size="80" /></td> </tr> <tr bgcolor='#f5f5f5' align="center"> <td>Days</td> </tr> <tr> <td><input type="text" name="ban_days" onkeypress="return numberText(event, this)" maxlength="2" class="field" size="80" /></td> </tr> <tr> <td><input name="ban_submit" type="button" value="Ban Character" style="width:494px;" onclick="new Ajax.Updater('ban_char', 'admin/ban_config.php', {method: 'post', asynchronous:true, parameters:Form.serialize(document.ban_char)}); esperar_login('ban_char');" /></td> </tr> </table> </form> <? } ?><?