Reporting System

Results 1 to 12 of 12
  1. #1
    Alpha Member Glee is offline
    Alpha MaleRank
    Jun 2009 Join Date
    Niagara Falls,Location
    2,081Posts

    Reporting System


    RaGEZONE Recommends

    RaGEZONE Recommends

    Hey All,

    I'm trying to create Reporting System like Habboon had at one point

    PHP Code:
    <?php  if(isset($_POST['report_submit']))
                    {
                            
    $report_type $engine->secure($_POST['report_type']);
                            
    $report_info $engine->secure($_POST['report_info']);
                            
    $report_more $engine->secure($_POST['report_more']);
                            
    $report_staff $engine->secure($_POST['report_staff']);
                            
    $report_agree $engine->secure($_POST['report_agree']);

                            if(((
    $report_type == "staff_complaint") ||($report_type == "request_furni") || ($report_type == "suggestion_box") || !empty($_POST['report_agree'])))
                            {
                                
    $engine->query("INSERT INTO `staff_report` (id,complaint,staff,explanation) VALUES ('".$report_type."','".$report_info."', '".$report_more."','".$report_staff."')");
                                echo 
    'We have successfuly reveived your report!';
                            }  
                            else
                            {
                                echo 
    'Oh no! Error Somewhere';
                            }                      
                    }
                   
    ?>            
                 
    <form method="post" class="form" name ="report_submit">
    <div class="form-group">
    <label for="disabledTextInput"><b>Please choose one of the following</b></label>
    <div class="col-sm-10">
    <select name="report_type" class="form-control">
                                            <option value="staff_complaint">Complaint against a member of staff</option>
                                            <option value="request_furni">Request a furni to be added or fixed</option>
                                            <option value="suggestion_box">Comment/Suggestion</option>
                                    </select>
                                </div>
                                </div>
                                <br/>
     <div class="form-group">
    <label for="disabledTextInput"><b>Please choose a member of staff (If you are reporting/complimenting a staff member)</b></label>
    <div class="col-sm-10">
    <div class="col-sm-10">
    <select name="report_staff" class="form-control">
    <?php
    $getStaff 
    mysql_query("SELECT username FROM users WHERE rank >= '3'");
     while(
    $staffUser mysql_fetch_array($getStaff)){
        echo
    '
        <option value="NA">N\A</option>
        <option disabled>-------------------------</option>
        <option value="report_staff">'
    .$staffUser['username'].'</option>';
    }
    ?>
    </select>
    </div>
    </div>
    </div>
    <br/>
    <div class="form-group">
    <label for="exampleInputEmail1"><b>Please explain what you are reporting/suggesting or what is wrong with the furni you are asking to be fixed</b></label>
    <div class="col-sm-10">
    <textarea class="form-control" rows="5" name="report_info" maxlength="255" style="width:350px;height:75px;resize:none"></textarea>
    </div>
    </div>
    <br/>
    <div class="form-group">
    <label for="exampleInputEmail1"><b>Would you like to add anything?</b><br><i>Proof? Pictures of the furni, anything else you think is important?! Leave it here!</i></label>
    <div class="col-sm-10">
    <textarea class="form-control" rows="3" name="report_extra" maxlength="255" class="ss-q-short" style="width:350px;height:75px;resize:none"></textarea>
    </div>
    </div>
    <br/>                          
    <div class="checkbox">
    <label><input name="report_agree" value="1" type="checkbox">I am aware that if my report is spam, my account could be banned.</label>
    </div>
    <br>
    <input type="submit" value="Submit" name="report_submit" class="submit" style="float left">
    </form>
    Still Insert Blank SQL

    Image:





    SQL Table:
    PHP Code:
    CREATE TABLE `staff_report` (
      `
    idint(10UNSIGNED NOT NULL,
      `
    complaintvarchar(64) DEFAULT NULL,
      `
    staffvarchar(25) DEFAULT NULL,
      `
    explanationtext NOT NULL,
      `
    moreinfotext NOT NULL
    ENGINE=InnoDB DEFAULT CHARSET=utf8


  2. #2
    Death from above! The General is offline
    The OmegaRank
    Aug 2011 Join Date
    8,946Posts

    Re: Reporting System

    Haven't done pHp in years but isn't that error the result because you call secure() on $engine which is null?
    If you are using Arcturus, contact me
    Skype: wesley.jabbo
    Discord: TheGeneral#0063


  3. #3
    Member Aamiainen is offline
    MemberRank
    Aug 2016 Join Date
    FinlandLocation
    77Posts

    Re: Reporting System

    Yeah propably you'd need to do something like:
    Code:
    include('url/to/engine.php');
    $engine = new engine();
    Just see which class has secure() function in it and try ^that. Could be it doesn't work like that on revCms but you can always see how the $engine variable is created on the file that you copied it from.

    Alternatively you could secure your variables yourself which would work for sure.
    Code:
    $report_type = mysql_real_escape_string($_POST['report_type']);
    $report_info = mysql_real_escape_string($_POST['report_info']);
    $report_more = mysql_real_escape_string($_POST['report_more']);
    $report_staff = mysql_real_escape_string($_POST['report_staff']);
    $report_agree = mysql_real_escape_string($_POST['report_agree']);

  4. #4
    Alpha Member Glee is offline
    Alpha MaleRank
    Jun 2009 Join Date
    Niagara Falls,Location
    2,081Posts

    Re: Reporting System

    Quote Originally Posted by Aamiainen View Post
    Yeah propably you'd need to do something like:
    Code:
    include('url/to/engine.php');
    $engine = new engine();
    Just see which class has secure() function in it and try ^that. Could be it doesn't work like that on revCms but you can always see how the $engine variable is created on the file that you copied it from.

    Alternatively you could secure your variables yourself which would work for sure.
    Code:
    $report_type = mysql_real_escape_string($_POST['report_type']);
    $report_info = mysql_real_escape_string($_POST['report_info']);
    $report_more = mysql_real_escape_string($_POST['report_more']);
    $report_staff = mysql_real_escape_string($_POST['report_staff']);
    $report_agree = mysql_real_escape_string($_POST['report_agree']);
    Ok. So that worked but it's not posting anything in the database.

  5. #5
    Time is just an Illusion! streamhotel is offline
    True MemberRank
    Apr 2012 Join Date
    EarthLocation
    532Posts

    Re: Reporting System

    A cms based report system is just useless because you don't have powerful tools like Habbo have to restore rooms when they were picked up by staff for example and also trace tradings and have the ability to restore all items to the original user (when a staff account is hacked).

    It's also not really efficient. I would recommend to keep it all in game. Easier to manage, just one tool to manage all reports about users. I have an idea:

    - Why you wouldn't make something like the possibility that an user can report an other staff member in-game and that only administrators can view these reports? It's perfectly possible to filter issues for different ranks so that reported member can't open his own report and the admins that need to view the report have all tools like chatlogs (the reporting user might have selected chatlogs).
    Last edited by streamhotel; 29-09-17 at 08:47 PM.

  6. #6
    Alpha Member Glee is offline
    Alpha MaleRank
    Jun 2009 Join Date
    Niagara Falls,Location
    2,081Posts

    Re: Reporting System

    Quote Originally Posted by streamhotel View Post
    A cms based report system is just useless because you don't have powerful tools like Habbo have to restore rooms when they were picked up by staff for example and also trace tradings and have the ability to restore all items to the original user (when a staff account is hacked).

    It's also not really efficient. I would recommend to keep it all in game. Easier to manage, just one tool to manage all reports about users. I have an idea:

    - Why you wouldn't make something like the possibility that an user can report an other staff member in-game and that only administrators can view these reports? It's perfectly possible to filter issues for different ranks so that reported member can't open his own report and the admins that need to view the report have all tools like chatlogs (the reporting user might have selected chatlogs).
    That what I'm basically coding but for the CMS. My Housekeeping is one of a kind with special permissions to view certain pages. In this case Report System can only be viewed by myself and no other staff member.

  7. #7
    Member Aamiainen is offline
    MemberRank
    Aug 2016 Join Date
    FinlandLocation
    77Posts

    Re: Reporting System

    I noticed that you have name="report_extra" in your form but you're using $_POST['report_more'] which won't work for obvious reasons.

    Also your query is propably wrong because >query("INSERT INTO `staff_report` (id,complaint,staff,explanation) VALUES ('".$report_type."','".$report_info."', '".$report_more."','".$report_staff."')") would insert $report_type into id which is set to Auto Increment, also $report_info is inserted into "complaint" column and so on. Pretty much everything is inserted into wrong places.

    I tried to make it work but propably still missed something but here it is:

    Code:
    <?php  if(isset($_POST['report_submit']))                {                        $report_type = mysql_real_escape_string($_POST['report_type']);                        $report_info = mysql_real_escape_string($_POST['report_info']);                        $report_more = mysql_real_escape_string($_POST['report_more']);                        $report_staff = mysql_real_escape_string($_POST['report_staff']);                                                if((($report_type == "staff_complaint") ||($report_type == "request_furni") || ($report_type == "suggestion_box") || !empty($_POST['report_agree'])))                        {                            $engine->query("INSERT INTO `staff_report` (id,complaint,staff,explanation,moreinfo) VALUES (null, '".$report_type."','".$report_staff."', '".$report_info."','".$report_more."')");                            echo 'We have successfuly reveived your report!';                        }                          else                        {                            echo 'Oh no! Error Somewhere';                        }                                      }               ?>                         <form method="post" class="form" name ="report_submit"><div class="form-group"><label for="disabledTextInput"><b>Please choose one of the following</b></label><div class="col-sm-10"><select name="report_type" class="form-control">                                        <option value="staff_complaint">Complaint against a member of staff</option>                                        <option value="request_furni">Request a furni to be added or fixed</option>                                        <option value="suggestion_box">Comment/Suggestion</option>                                </select>                            </div>                            </div>                            <br/> <div class="form-group"><label for="disabledTextInput"><b>Please choose a member of staff (If you are reporting/complimenting a staff member)</b></label><div class="col-sm-10"><div class="col-sm-10"><select name="report_staff" class="form-control"><?php$getStaff = mysql_query("SELECT username FROM users WHERE rank >= '3'"); while($staffUser = mysql_fetch_array($getStaff)){    echo'    <option value="NA">N\A</option>    <option disabled>-------------------------</option>    <option value="report_staff">'.$staffUser['username'].'</option>';}?></select></div></div></div><br/><div class="form-group"><label for="exampleInputEmail1"><b>Please explain what you are reporting/suggesting or what is wrong with the furni you are asking to be fixed</b></label><div class="col-sm-10"><textarea class="form-control" rows="5" name="report_info" maxlength="255" style="width:350px;height:75px;resize:none"></textarea></div></div><br/><div class="form-group"><label for="exampleInputEmail1"><b>Would you like to add anything?</b><br><i>Proof? Pictures of the furni, anything else you think is important?! Leave it here!</i></label><div class="col-sm-10"><textarea class="form-control" rows="3" name="report_more" maxlength="255" class="ss-q-short" style="width:350px;height:75px;resize:none"></textarea></div></div><br/>                          <div class="checkbox"><label><input name="report_agree" value="1" type="checkbox">I am aware that if my report is spam, my account could be banned.</label></div><br><input type="submit" value="Submit" name="report_submit" class="submit" style="float left"></form>

  8. #8
    Alpha Member Glee is offline
    Alpha MaleRank
    Jun 2009 Join Date
    Niagara Falls,Location
    2,081Posts

    Re: Reporting System

    Quote Originally Posted by Aamiainen View Post
    I noticed that you have name="report_extra" in your form but you're using $_POST['report_more'] which won't work for obvious reasons.

    Also your query is propably wrong because >query("INSERT INTO `staff_report` (id,complaint,staff,explanation) VALUES ('".$report_type."','".$report_info."', '".$report_more."','".$report_staff."')") would insert $report_type into id which is set to Auto Increment, also $report_info is inserted into "complaint" column and so on. Pretty much everything is inserted into wrong places.

    I tried to make it work but propably still missed something but here it is:

    Code:
    <?php  if(isset($_POST['report_submit']))                {                        $report_type = mysql_real_escape_string($_POST['report_type']);                        $report_info = mysql_real_escape_string($_POST['report_info']);                        $report_more = mysql_real_escape_string($_POST['report_more']);                        $report_staff = mysql_real_escape_string($_POST['report_staff']);                                                if((($report_type == "staff_complaint") ||($report_type == "request_furni") || ($report_type == "suggestion_box") || !empty($_POST['report_agree'])))                        {                            $engine->query("INSERT INTO `staff_report` (id,complaint,staff,explanation,moreinfo) VALUES (null, '".$report_type."','".$report_staff."', '".$report_info."','".$report_more."')");                            echo 'We have successfuly reveived your report!';                        }                          else                        {                            echo 'Oh no! Error Somewhere';                        }                                      }               ?>                         <form method="post" class="form" name ="report_submit"><div class="form-group"><label for="disabledTextInput"><b>Please choose one of the following</b></label><div class="col-sm-10"><select name="report_type" class="form-control">                                        <option value="staff_complaint">Complaint against a member of staff</option>                                        <option value="request_furni">Request a furni to be added or fixed</option>                                        <option value="suggestion_box">Comment/Suggestion</option>                                </select>                            </div>                            </div>                            <br/> <div class="form-group"><label for="disabledTextInput"><b>Please choose a member of staff (If you are reporting/complimenting a staff member)</b></label><div class="col-sm-10"><div class="col-sm-10"><select name="report_staff" class="form-control"><?php$getStaff = mysql_query("SELECT username FROM users WHERE rank >= '3'"); while($staffUser = mysql_fetch_array($getStaff)){    echo'    <option value="NA">N\A</option>    <option disabled>-------------------------</option>    <option value="report_staff">'.$staffUser['username'].'</option>';}?></select></div></div></div><br/><div class="form-group"><label for="exampleInputEmail1"><b>Please explain what you are reporting/suggesting or what is wrong with the furni you are asking to be fixed</b></label><div class="col-sm-10"><textarea class="form-control" rows="5" name="report_info" maxlength="255" style="width:350px;height:75px;resize:none"></textarea></div></div><br/><div class="form-group"><label for="exampleInputEmail1"><b>Would you like to add anything?</b><br><i>Proof? Pictures of the furni, anything else you think is important?! Leave it here!</i></label><div class="col-sm-10"><textarea class="form-control" rows="3" name="report_more" maxlength="255" class="ss-q-short" style="width:350px;height:75px;resize:none"></textarea></div></div><br/>                          <div class="checkbox"><label><input name="report_agree" value="1" type="checkbox">I am aware that if my report is spam, my account could be banned.</label></div><br><input type="submit" value="Submit" name="report_submit" class="submit" style="float left"></form>
    I see what you are talking about so I changed it up but now nothing is being inserted into the database. So I'm guessing it has to in the proper order that my SQL columns are? right?

    UPDATE 1:

    So I got it to insert into the database but not in the proper column!

    Video:

    https://youtu.be/5EiK7lvIqjQ

    PHP Code:

    PHP Code:
    <?php  if(isset($_POST['report_submit']))
                    {
                        
    $report_id mysql_real_escape_string($_POST['report_id']);
                        
    $report_type mysql_real_escape_string($_POST['report_type']);
                        
    $report_info mysql_real_escape_string($_POST['report_info']);
                        
    $report_more mysql_real_escape_string($_POST['report_more']);
                        
    $report_staff mysql_real_escape_string($_POST['report_staff']);
                        
    $report_agree mysql_real_escape_string($_POST['report_agree']);

                            if(((
    $report_type == "Staff Complaint") ||($report_type == "Request a furni to be added or fixed") || ($report_type == "Comment/Suggestion") || !empty($_POST['report_agree'])))
                            {
                                
    mysql_query("INSERT INTO `staff_report` (id,complaint,staff,explanation, moreinfo) VALUES ('".$report_id."','".$report_type."','".$report_info."', '".$report_more."','".$report_staff."')");
                                echo 
    'We have successfuly reveived your report!';
                            }   
                            else
                            {
                                echo 
    'Oh no! Error Somewhere';
                            }                       
                    }
                   
    ?>          
                   
    <form method="post" class="form" name ="report_submit">
    <div class="form-group">
    <label for="disabledTextInput"><b>Please choose one of the following</b></label>
    <div class="col-sm-10">
    <select name="report_type" class="form-control">
                                            <option value="Complaint against a member of staff">Complaint against a member of staff</option>
                                            <option value="Request a furni to be added or fixed">Request a furni to be added or fixed</option>
                                            <option value="Comment/Suggestion">Comment/Suggestion</option>
                                    </select>
                                </div>
                                </div>
                                <br/>
    <div class="form-group">
    <label for="disabledTextInput"><b>Please choose a member of staff (If you are reporting/complimenting a staff member)</b></label>
    <div class="col-sm-10">
    <div class="col-sm-10">
    <select name="report_staff" class="form-control">
    <?php
    $getStaff 
    mysql_query("SELECT username FROM users WHERE rank >= '3'");
     while(
    $staffUser mysql_fetch_array($getStaff)){
        echo
    '
        <option value="NA">N\A</option>
        <option disabled>-------------------------</option>
        <option value="'
    $staff['username'] .'">'.$staffUser['username'].'</option>';
    }
    ?>
    </select>
    </div>
    </div>
    </div>
    <br/>
    <div class="form-group">
    <label for="exampleInputEmail1"><b>Please explain what you are reporting/suggesting or what is wrong with the furni you are asking to be fixed</b></label>
    <div class="col-sm-10">
    <textarea class="form-control" rows="5" name="report_info" maxlength="255" style="width:350px;height:75px;resize:none"></textarea>
    </div>
    </div>
    <br/>
    <div class="form-group">
    <label for="exampleInputEmail1"><b>Would you like to add anything?</b><br><i>Proof? Pictures of the furni, anything else you think is important?! Leave it here!</i></label>
    <div class="col-sm-10">
    <textarea class="form-control" rows="3" name="report_more" maxlength="255" class="ss-q-short" style="width:350px;height:75px;resize:none"></textarea>
    </div>
    </div>
    <br/>                           
    <div class="checkbox">
    <label><input name="report_agree" value="1" type="checkbox">I am aware that if my report is spam, my account could be banned.</label>
    </div>
    <br>
    <input type="submit" value="Submit" name="report_submit" class="submit" style="float left">
    </form>
    Last edited by Glee; 30-09-17 at 03:37 AM.

  9. #9
    Member Aamiainen is offline
    MemberRank
    Aug 2016 Join Date
    FinlandLocation
    77Posts

    Re: Reporting System

    Code:
    mysql_query("INSERT INTO `staff_report` (complaint,staff,explanation, moreinfo) VALUES ('".$report_type."','".$report_staff."', '".$report_info."','".$report_more."')");
    Change query to above and make sure your id column is Auto Increment and pretty sure it should work as intented.

  10. #10
    Alpha Member Glee is offline
    Alpha MaleRank
    Jun 2009 Join Date
    Niagara Falls,Location
    2,081Posts

    Re: Reporting System

    Quote Originally Posted by Aamiainen View Post
    Code:
    mysql_query("INSERT INTO `staff_report` (complaint,staff,explanation, moreinfo) VALUES ('".$report_type."','".$report_staff."', '".$report_info."','".$report_more."')");
    Change query to above and make sure your id column is Auto Increment and pretty sure it should work as intented.
    I did and it's semi working... So it will insert N/A but it won't insert the username I selected

    https://youtu.be/XA6wUJiuxg8

  11. #11
    Member Aamiainen is offline
    MemberRank
    Aug 2016 Join Date
    FinlandLocation
    77Posts

    Re: Reporting System

    Quote Originally Posted by Glee View Post
    I did and it's semi working... So it will insert N/A but it won't insert the username I selected

    https://youtu.be/XA6wUJiuxg8
    Code:
     <option value="'. $staff['username'] .'">'.$staffUser['username'].'</option>
    should be:
    Code:
     <option value="'. $staffUser['username'] .'">'.$staffUser['username'].'</option>

  12. #12
    Alpha Member Glee is offline
    Alpha MaleRank
    Jun 2009 Join Date
    Niagara Falls,Location
    2,081Posts

    Re: Reporting System

    Quote Originally Posted by aamiainen View Post
    Code:
     <option value="'. $staff['username'] .'">'.$staffuser['username'].'</option>
    should be:
    Code:
     <option value="'. $staffuser['username'] .'">'.$staffuser['username'].'</option>
    you are the best! :-d




Advertisement