Location: PHPKode > projects > VampMan: V:tR Character Manager > vampman-1.0.2/phpnuke/modules/charactersheet/admin/charactersheet/xpspend.php
<?php
if (!eregi("admin.php", $PHP_SELF)){
  die (_accessdirectly);
}

if($mode2 == "submit" && isset($charid) && ctype_digit($charid) && isset($xpid) && ctype_digit($xpid))
{
	$stcomments = addslashes(stripslashes($stcomments));
	
		
	$query = "UPDATE  ".$prefix."_character_xpspend 
	SET ".$prefix."_character_xpspend.stcomments = '$stcomments',
	".$prefix."_character_xpspend.status = 'resolved'
	where ".$prefix."_character_xpspend.id = '$xpid'	and ".$prefix."_character_xpspend.status = 'pending'";

	sql_query($query, $dbi);
	

}

if(isset($mode2) && $mode2 != "all")
{
	echo "<a href=\"admin.php?op=character_xpspend\">"._pendingxpsrequests."</a> | ";
	echo "<a href=\"admin.php?op=character_xpspend&mode2=all\">"._AllXPSRequest."</a><br><br>";
}



if($mode2 == "view" && isset($charid) && ctype_digit($charid) && isset($xpid) && ctype_digit($xpid))
{

	$query = "select id,charid,xpdate,details,status,stcomments from ".$prefix."_character_xpspend where charid = '$charid' and id='$xpid'";
	$result = sql_query($query, $dbi) or die(_notresource);

	if(!sql_num_rows($result))
	{
		echo _xprequestnotfound;
	}
	else
	{

		$line = sql_fetch_array($result);

		$querychar = "select charname,charid from ".$prefix."_character_characters where charid= '$line[charid]'";
		$resultchar = sql_query($querychar,$dbi);
		if(!list($charname,$charid) = sql_fetch_array($resultchar))
			$charname = "";

		echo date("F j, Y, g:i a T",strtotime($line[xpdate]))."<br>
		"._character.": <a href=\"admin.php?op=character_viewcharacter&charid=$charid&firstload=1\">$charname</a>
		 (<a target=\"_new\" href=\"admin.php?op=character_viewcharacter&charid=$charid&firstload=1\">"._newwindow."</a>)<br>
		"._details.": $line[details]<br>
		"._xpspendstatus.": ".constant("_".$line[status]);
		if($line['status'] == "resolved")
		{
			echo "<br>"._stcomments.": $line[stcomments]";
		}
		else
		{
			echo "<br><br>
			<form action=\"admin.php?op=character_xpspend&mode2=submit\" method=\"post\">
			"._stcomments.": <textarea name=\"stcomments\" cols=\"100\" rows=\"4\"></textarea> <br>
			<input type = \"hidden\" name=\"charid\" value = \"$charid\">
			<input type = \"hidden\" name=\"xpid\" value=\"$xpid\">
			<input type=\"submit\" name=\"submit\" value=\""._resolvexps."\"></form>";
		}
	}




}

else if($mode2 == "all")
{
	$query = "select id,charid,xpdate,details,status from ".$prefix."_character_xpspend order by status asc, xpdate asc";
	$result = sql_query($query, $dbi) or die(_notresource);

	echo "<div align = center>"._AllXPSRequest;
	if(!sql_num_rows($result))
	{
		echo _noxps."<br><br>";
	}
	else
	{


		echo "<table width=400><tr>
		<th>"._character."</th><th>"._date."</th><th>"._status."</th></tr>";
		while($line = sql_fetch_array($result))
		{
			$querychar = "select charname,charid from ".$prefix."_character_characters where charid= '$line[charid]'";
			$resultchar = sql_query($querychar,$dbi);
			if(!list($charname,$charid) = sql_fetch_array($resultchar))
				$charname = "";
			echo "<tr><td align=\"center\"><a href=\"admin.php?op=character_viewcharacter&charid=$charid&firstload=1\">$charname</a></td><td align =\"left\">";
			echo "<a href=\"admin.php?op=character_xpspend&mode2=view&charid=$line[charid]&xpid=$line[id]\">$line[xpdate]</a></td><td align = \"center\">";
			if($line['status'] == "pending")
				echo _pending;
			else
				echo "<b>"._resolved."</b>";
			echo "</td></tr>";
		}

		echo "</table><br><br>";
	}




}

else
{
	$query = "select id,charid,xpdate,details,status from ".$prefix."_character_xpspend where status = 'pending' order by xpdate asc";
	$result = sql_query($query, $dbi) or die(_notresource);

	echo "<div align = center>"._pendingxpsrequests.": (<a href=\"admin.php?op=character_xpspend&mode2=all\">"._AllXPSRequest."</a>)";
	if(!sql_num_rows($result))
	{
		echo "<br>"._nopendingxps."<br><br>";
	}
	else
	{


		echo "<table width=400><tr>
		<th>"._character."</th><th>"._date."</th><th>"._status."</th></tr>";
		while($line = sql_fetch_array($result))
		{
			$querychar = "select charname,charid from ".$prefix."_character_characters where charid= '$line[charid]'";
			$resultchar = sql_query($querychar,$dbi);
			if(!list($charname,$charid) = sql_fetch_array($resultchar))
				$charname = "";
			echo "<tr><td align=\"center\"><a href=\"admin.php?op=character_viewcharacter&charid=$charid&firstload=1\">$charname</a></td><td align =\"left\">";
			echo "<a href=\"admin.php?op=character_xpspend&mode2=view&charid=$line[charid]&xpid=$line[id]\">$line[xpdate]</a></td><td align = \"center\">".constant("_".$line[status]);

			echo "</td></tr>";
		}

		echo "</table><br><br>";
	}
}
?>
Return current item: VampMan: V:tR Character Manager