Location: PHPKode > projects > VampMan: V:tR Character Manager > vampman-1.0.2/phpnuke/modules/charactersheet/xpspend.php
<?php
if (!eregi("modules.php", $PHP_SELF)){
  die (_accessdirectly);
}

if($submit == _spendxp)
{

	$details = stripquotes(stripslashes($details));
	if(!ctype_digit($xp))
		$xp = 0;

	if(!ctype_digit($charid))
		die(_nocharacter);

	$query = "select userid from ".$prefix."_character_characters where charid = '$charid'";
	$result = sql_query($query,$dbi);
	$line = sql_fetch_array($result);
	if($userid != $line['userid'])
		die(_accessdenied);

	$query1 = "INSERT INTO ".$prefix."_character_xpspend (charid,xpdate,details)"
	."VALUES('$charid',NOW(),'$details')";
	$result = sql_query($query1,$dbi);

}


$query = "select userid,xp from ".$prefix."_character_characters where charid = '$charid'";
$result = sql_query($query, $dbi);
$num = sql_num_rows($result);
if(!$num)
	die (_nocharacter);
$line = sql_fetch_array($result);

if($userid != $line['userid'])
	die(_accessdenied);
$experience = $line['xp'];
if($mode2 == "view" && isset($charid) && ctype_digit($charid) && isset($xpid) && ctype_digit($xpid))

{

	$query = "select id,charid,xpdate,details,status,stcomments from ".$prefix."_character_xpspend where charid = '$charid' and id='$xpid'";
	$result = sql_query($query, $dbi) or die(_notresource);

	if(!sql_num_rows($result))
	{
		echo _xprequestnotfound;
	}
	else
	{

		$line = sql_fetch_array($result);
		echo date("F j, Y, g:i a T",strtotime($line[xpdate])).
		"<br> 
		"._details.": $line[details]<br>
		"._xpspendstatus.": ".constant("_".$line[status]);
		if($line['status'] == _resolved)
		{
			echo "<br>"._stcomments.": $line[stcomments]";
		}
	}


}


else


{

	$query = "select id,charid,xpdate,details,status from ".$prefix."_character_xpspend where charid = '$charid' order by xpdate desc limit 5";
	$result = sql_query($query, $dbi) or die(_notresource);


	if(!sql_num_rows($result))
	{
		echo _nopreviousspend."<br><br>";
	}
	else
	{


		echo "<table width=400><tr>
		<th>"._date."</th><th>"._status."</th></tr>";
		while($line = sql_fetch_array($result))
		{
		echo "<tr><td align =\"left\"><a href=\"modules.php?name=$module_name&mode=spendxp&mode2=view&charid=$charid&xpid=$line[id]\">$line[xpdate]</a></td>";
		if($line['status'] == _pending)
			echo "<td align = \"center\">"._pending;
		else
			echo "<td align = \"center\"><b>"._resolved."</b>";
		echo "</td></tr>";
		}

		echo "</table><br><br>";
	}

	echo "<b>"._unspentxp.": $experience</b><br><br>";
	echo"<div align=left><form action=\"modules.php?name=$module_name&mode=spendxp\" method=\"post\">";





	echo
	"
	<input type=\"hidden\" name = \"charid\" value=\"$charid\">
	
	<b>"._details.":</b><br>
	<textarea cols=\"100\" rows=\"8\" name=\"details\">$details</textarea><br><br>
	";

	echo "
	<p><input type=\"submit\" name=\"submit\" value=\""._spendxp."\"></form></div>";
}
?>
100% Free PHP Newsletter Script! Download now!
Return current item: VampMan: V:tR Character Manager