Location: PHPKode > projects > H-tracker > inviteadd.php
<?
//
//  H-Tracker v0.2
//    http://h-tracker.org
//    Based on TorrentTrader (http://www.torrenttrader.org)
//
//
// invite add/remove from users by Alex2005 for TBDEV.NET \\
include('backend/functions.php');
dbconn();
loggedinonly();

if (get_user_class() != 7)
show_error_msg("Error","Access denied!");

if ($HTTP_SERVER_VARS["REQUEST_METHOD"] == "POST"){
$class = $_POST['class'];
if(empty($class) && $class != '0')
show_error_msg("Error","Please select a class.");
if(!is_numeric($class))
show_error_msg("Error","Invalid class number.");
$res = mysql_query("SELECT id, invites FROM users WHERE class ".($class == '0' ? ">= '0'" : "= '$class'")." AND enabled = 'yes' AND status = 'confirmed'") or sqlerr(__FILE__, __LINE__);
while ($arr = mysql_fetch_assoc($res)){
$userid = 0+$arr["id"];
$curinvites = 0+$arr['invites'];
$added = sqlesc(get_date_time());
if (!empty($_POST['inviteadd'])){
$toadd = $_POST["inviteadd"];
if (!is_numeric($toadd))
show_error_msg("Error","Invalid invite number.");
mysql_query("UPDATE users SET invites = invites + ".sqlesc($toadd)." WHERE id = ".sqlesc($userid)) or sqlerr(__FILE__, __LINE__);
if (!empty($_POST['sendpm'])){
$subject = sqlesc("Invite(s) added.");
$msg = sqlesc("We have [b]added[/b] to your class, [u][b]".number_format($toadd)."[/b][/u] invite(s).");
mysql_query("INSERT INTO messages (sender, receiver, msg, added, subject) VALUES(0, ".sqlesc($userid).", $msg, $added, $subject)") or sqlerr(__FILE__, __LINE__);
}}elseif (!empty($_POST['inviteremove'])){
$toremove = $_POST["inviteremove"];
if (!is_numeric($toremove))
show_error_msg("Error","Invalid invite number.");
mysql_query("UPDATE users SET invites = ".(($curinvites - $toremove) <= 0 ? "0" : "invites - ".sqlesc($toremove))." WHERE id = ".sqlesc($userid)) or sqlerr(__FILE__, __LINE__);
if (!empty($_POST['sendpm'])){
$subject = sqlesc("Invite(s) removed.");
$msg = sqlesc("We have [b]removed[/b] from your class, [b][u]".number_format($toremove)."[/b][/u] invite(s).");
mysql_query("INSERT INTO messages (sender, receiver, msg, added, subject) VALUES(0, ".sqlesc($userid).", $msg, $added, $subject)") or sqlerr(__FILE__, __LINE__);
}}elseif (!empty($_POST['removeallinvites'])){
if (!empty($_POST['sendpmremoveallinvites'])){
$subject = sqlesc("Invites removed from ".($class == '0' ? "all the classes" : "your class").".");
$msg = sqlesc("We have [b]removed[/b] from ".($class == '0' ? "all the classes" : "your class")." the invites.");
mysql_query("INSERT INTO messages (sender, receiver, msg, added, subject) VALUES(0, ".sqlesc($userid).", $msg, $added, $subject)") or sqlerr(__FILE__, __LINE__);
}
mysql_query("UPDATE users SET invites = 0 WHERE class ".($class == '0' ? ">= '0'" : "= '$class'")) or sqlerr(__FILE__, __LINE__);
}else show_error_msg("Error", "Please select something.<br>Go <a href=/inviteadd.php>back</a>.");
}}
stdhead("Add Invites");
begin_frame("Add Invites"); 
?>
<p>
<table align="center" border=0 class=main cellspacing=0 cellpadding=0>
<tr>
<td class=embedded></td>
<td class=embedded style='padding-left: 10px'><font size=3><b>Update User's Invites</b></font></td>
</tr>
</table>
</p>
<form method="POST" action="inviteadd.php">
<table width="95%" class="inviteadd1" cellpadding="5" cellspacing="0" align="center">
<td class="inviteadd2" colspan="2" align="center"><b>Select Class(es):</b></td>
<tr>
<td colspan="2"><table class="inviteadd3" width="100%" cellpadding="0" cellspacing="0">
<tr>
<td style="border: 0" width="20"><input type="checkbox" name="class" value="0"><!-- don't change this value --></td>
<td style="border: 0">All Classes</td>

<td style="border: 0" width="20"><input type="checkbox" name="class" value="<?=1?>"></td>
<td style="border: 0">Users</td>

<td style="border: 0" width="20"><input type="checkbox" name="class" value="<?=2?>"></td>
<td style="border: 0">Power Users</td>

</tr>

<tr>
<td style="border: 0" width="20"><input type="checkbox" name="class" value="<?=3?>"></td>
<td style="border: 0">VIP's</td>

<td style="border: 0" width="20"><input type="checkbox" name="class" value="<?=4?>"></td>
<td style="border: 0">Uploaders</td>

<td style="border: 0" width="20"><input type="checkbox" name="class" value="<?=5?>"></td>
<td style="border: 0">Moderators</td>

<td style="border: 0" width="20"><input type="checkbox" name="class" value="<?=6?>"></td>
<td style="border: 0">SuperModerator</td>

<td style="border: 0" width="20"><input type="checkbox" name="class" value="<?=7?>"></td>
<td style="border: 0">Administrators</td>
</tr>
</table>
</td>
</tr>

<tr>
<td align="left"><b>Number of Invites you want to <u>add</u>:</b><input type=text name='inviteadd' size=3></td>
<td align="right"><b>Number of Invites you want to <u>remove</u>:</b><input type=text name='inviteremove' size=3></td>
</tr>

<tr>
<td align="left"><input type=submit value="Update" class=lbutton><b>Send PMs:</b>&nbsp;<input type="checkbox" name="sendpm"></td>
<td align=right><input type=submit value="Remove all invites" class=lbutton name='removeallinvites'><b>Send PMs:</b>&nbsp;<input type="checkbox" name="sendpmremoveallinvites"></td>
</tr>

</td></tr>
</table>
</form>
	
<?
end_frame();
stdfoot();
?>
Return current item: H-tracker