[HELP] Admin Panel (PHP Edit)

[Linear88]

I'm editing Emisand's Admin Panel v3 and I'm trying to edit the function of editing the UGradeID.

if( $type != 2 && num_rows($query02) != 1 )
{
setmessage("Rank Change", $_STR[Acc16]);
redirect("index.php?do=accounts");
die();
}
else
{
odbc_exec($connection, "UPDATE {$_CONFIG[AccountTable]} SET UGradeID = '$rank' WHERE $part = '$id'");
writetolog( sprintf($_STR[Log2], $part, $id, $rank) );
setmessage("Rank Change", $_STR[Acc19]);
redirect("index.php?do=accounts");
die();
}

How do I create a conditional check?

Example: I want to block GMs from banning/changing ranks of other GMs.

How do I check if the player ($id) is a GM?

[MentaL]

[bounty-hunter]

why would u wana do that, what if u need to ban a hacker O_O

[Linear88]

I don't want GM's to ban each other.

[bounty-hunter]

make me gm :P

[Solaire]

make me gm :P

Get ontopic.

I'm editing Emisand's Admin Panel v3 and I'm trying to edit the function of editing the UGradeID.



How do I create a conditional check?

Example: I want to block GMs from banning/changing ranks of other GMs.

How do I check if the player ($id) is a GM?

Should go this way:

PHP Code:

<?php
if( $type != 2 && num_rows($query02) != 1 )
{
    setmessage("Rank Change", $_STR[Acc16]);
    redirect("index.php?do=accounts");
    die();
}
else
{
    //Let's check it the user is staff or not.
    $query = odbc_exec($connection, "SELECT UGradeID FROM " . $_CONFIG['AccountTable'] . " WHERE " . $part . " = " . $id . "");
    odbc_fetch_row($query);
    $ugradeid = odbc_result($query, 1);
    
    //If the ugrade is 252 OR 254 OR 255. (OR = ||)
    if ($ugradeid == 252 || $ugradeid == 254 || $ugradeid == 255)
    {
        die("GTFO and die. You're not worth it, ass.");
    }
    
    //Extra protection to prevent your staff from updating someone to staff. (Except if the staffmember has 255)
    if ($rank == 252 || $rank == 254 || $rank == 255 && $_SESSION['UGradeID'] != 255)
    {
        die("Euhhhh no. An admin should promote staff. You should suicide.");
    }
    
    odbc_exec($connection, "UPDATE {$_CONFIG[AccountTable]} SET UGradeID = '$rank' WHERE $part = '$id'");
    writetolog( sprintf($_STR[Log2], $part, $id, $rank) );
    setmessage("Rank Change", $_STR[Acc19]);
    redirect("index.php?do=accounts");
    die();
}
?>

It's possible that I made a typing mistake, it's still morning...

[wesman2232]

rofl I always love your 'die()' messages wizkid

[Linear88]

Thanks again Wiz!

Btw the die("") messages are funny.

[Linear88]

Sorry for double posting but I really need to find out how to fix the code I have right now.

The problem right now is: Users with UGrade 255 cannot demote users which are below its rank.

Tried to edit it, unsure on how to...

PHP Code:

if( $type != 2 && num_rows($query02) != 1 )
{
    setmessage("Rank Change", $_STR[Acc16]);
    redirect("index.php?do=accounts");
    die();
}
else
{
    //Let's check if the user is staff or not.
    $query = odbc_exec($connection, "SELECT UGradeID FROM {$_CONFIG[AccountTable]}(nolock) WHERE $part =  '$id'");
    odbc_fetch_row($query);
    $ugradeid = odbc_result($query, 1);
    
    //If the ugrade is 252 OR 254 OR 255. (OR = ||)
    if ($ugradeid == 252 || $ugradeid == 254 || $ugradeid == 255)
    {
    setmessage("Rank Change", "You do not have permission to demote admins.");
            redirect("index.php?do=accounts");
    die();
    }
    
    //Extra protection to prevent your staff from updating someone to staff. (Except if the staff member's UGrade 255)
    if ($rank == 252 || $rank == 254 || $rank == 255 && $_SESSION['UGradeID'] != 255)
    {
    setmessage("Rank Change", "You do not have permission to promote users.");
            redirect("index.php?do=accounts");
    die();
    }
    
    odbc_exec($connection, "UPDATE {$_CONFIG[AccountTable]} SET UGradeID = '$rank' WHERE $part = '$id'");
    writetolog( sprintf($_STR[Log2], $part, $id, $rank) );
    setmessage("Rank Change", $_STR[Acc19]);
    redirect("index.php?do=accounts");
    die();
   }
} //Prevent unexpected end of die(); 


[Solaire]

Sorry for double posting but I really need to find out how to fix the code I have right now.

The problem right now is: Users with UGrade 255 cannot demote users which are below its rank.

Tried to edit it, unsure on how to...

PHP Code:

if( $type != 2 && num_rows($query02) != 1 )
{
    setmessage("Rank Change", $_STR[Acc16]);
    redirect("index.php?do=accounts");
    die();
}
else
{
    //Let's check if the user is staff or not.
    $query = odbc_exec($connection, "SELECT UGradeID FROM {$_CONFIG[AccountTable]}(nolock) WHERE $part =  '$id'");
    odbc_fetch_row($query);
    $ugradeid = odbc_result($query, 1);
    
    //If the ugrade is 252 OR 254 OR 255. (OR = ||)
    if ($ugradeid == 252 || $ugradeid == 254 || $ugradeid == 255)
    {
    setmessage("Rank Change", "You do not have permission to demote admins.");
            redirect("index.php?do=accounts");
    die();
    }
    
    //Extra protection to prevent your staff from updating someone to staff. (Except if the staff member's UGrade 255)
    if ($rank == 252 || $rank == 254 || $rank == 255 && $_SESSION['UGradeID'] != 255)
    {
    setmessage("Rank Change", "You do not have permission to promote users.");
            redirect("index.php?do=accounts");
    die();
    }
    
    odbc_exec($connection, "UPDATE {$_CONFIG[AccountTable]} SET UGradeID = '$rank' WHERE $part = '$id'");
    writetolog( sprintf($_STR[Log2], $part, $id, $rank) );
    setmessage("Rank Change", $_STR[Acc19]);
    redirect("index.php?do=accounts");
    die();
   }
} //Prevent unexpected end of die(); 


If you mean they can't demote users which are 252, 254 or 255, replace

PHP Code:

    //If the ugrade is 252 OR 254 OR 255. (OR = ||)
    if ($ugradeid == 252 || $ugradeid == 254 || $ugradeid == 255)
    {
    setmessage("Rank Change", "You do not have permission to demote admins.");
            redirect("index.php?do=accounts");
    die();
    } 


With

PHP Code:

    //If the ugrade is 252 OR 254 OR 255. (OR = ||)
    if ($ugradeid == 252 || $ugradeid == 254 || $ugradeid == 255 && $_SESSION['UGradeID'] != 255)
    {
    setmessage("Rank Change", "You do not have permission to demote admins.");
            redirect("index.php?do=accounts");
    die();
    } 


[ThePhailure772]

Peter: an easier and more professional way on your if statement:

if ( $ugradeid > 251 && $ugradeid != 253 )

That's much more clean and can go a lot better.

[bounty-hunter]

agreed with the failure :)

[Linear88]

Didn't work... Weird.

I still get the message even though my UGrade is 255:

You do not have permission to demote admins.

[Solaire]

Peter: an easier and more professional way on your if statement:

if ( $ugradeid > 251 && $ugradeid != 253 )

That's much more clean and can go a lot better.

But not much securer. If you want to do it as it should go, it'd go this way:

PHP Code:

if ($ugradeid >= 252 && $ugradeid != 253 && $ugradeid < 255) 


Well, in that case I say: do it clear with an if statement, including OR's.

PHP Code:

if ($ugradeid == 252 || $ugradeid == 254 || $ugradeid == 255) 


Just details, but still.

Didn't work... Weird.

I still get the message even though my UGrade is 255:

You do not have permission to demote admins.

You get the setmessage("Rank Change", "You do not have permission to demote admins.");

?

[ThePhailure772]

But not much securer. If you want to do it as it should go, it'd go this way:

PHP Code:

if ($ugradeid >= 252 && $ugradeid != 253 && $ugradeid < 255) 


Well, in that case I say: do it clear with an if statement, including OR's.

PHP Code:

if ($ugradeid == 252 || $ugradeid == 254 || $ugradeid == 255) 


Just details, but still.



You get the setmessage("Rank Change", "You do not have permission to demote admins.");

?

UGradeID is a byte and therefor can not be greater then 255, so in turn what you did was redundant.

[Linear88]

Is there a workaround for this?

[Solaire]

UGradeID is a byte and therefor can not be greater then 255, so in turn what you did was redundant.

The database field can hold 256. GunZ can't, the database can. And since the PHP has nothing to do with the game.

@Linear, reply to my question.

[Linear88]

Yes, I still get the error...

[Linear88]

/bump.

Needing help...