mirror of
https://github.com/Shadowss/TravianZ.git
synced 2026-07-02 18:44:21 +00:00
Full Refactor Admin Panel & Logs
Full Refactor Admin Panel & Logs (now you can see detailed logs in admin panel)
This commit is contained in:
@@ -3,39 +3,81 @@
|
||||
## -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =- ##
|
||||
## --------------------------------------------------------------------------- ##
|
||||
## Filename sendMessage.php ##
|
||||
## Type BACKEND ##
|
||||
## Developed by: aggenkeech ##
|
||||
## License: TravianZ Project ##
|
||||
## Copyright: TravianZ (c) 2010-2025. All rights reserved. ##
|
||||
## ##
|
||||
#################################################################################
|
||||
if (!isset($_SESSION)) session_start();
|
||||
if($_SESSION['access'] < 9) die("Access Denied: You are not Admin!");
|
||||
|
||||
if (!isset($_SESSION)) {
|
||||
session_start();
|
||||
}
|
||||
if (empty($_SESSION['access']) || $_SESSION['access'] < 9) {
|
||||
die("Access Denied: You are not Admin!");
|
||||
}
|
||||
|
||||
include_once("../../config.php");
|
||||
|
||||
// go max 5 levels up - we don't have folders that go deeper than that
|
||||
// ---------------------------------------------------------------------------
|
||||
// Autoloader path
|
||||
// ---------------------------------------------------------------------------
|
||||
$autoprefix = '';
|
||||
for ($i = 0; $i < 5; $i++) {
|
||||
$autoprefix = str_repeat('../', $i);
|
||||
if (file_exists($autoprefix.'autoloader.php')) {
|
||||
// we have our path, let's leave
|
||||
if (file_exists($autoprefix . 'autoloader.php')) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
include_once($autoprefix."GameEngine/Database.php");
|
||||
include_once($autoprefix . "GameEngine/Database.php");
|
||||
|
||||
$session = (int) $_POST['admid'];
|
||||
// ---------------------------------------------------------------------------
|
||||
// Input
|
||||
// ---------------------------------------------------------------------------
|
||||
$session = (int)($_POST['admid'] ?? 0);
|
||||
$uid = (int)($_POST['uid'] ?? 0);
|
||||
$topic = trim($_POST['topic'] ?? 'Admin Message');
|
||||
$message = trim($_POST['message'] ?? '');
|
||||
|
||||
if ($uid <= 0 || $message === '') {
|
||||
header("Location: ../../../Admin/admin.php?p=Newmessage&uid=$uid&e=1");
|
||||
exit;
|
||||
}
|
||||
|
||||
$sql = mysqli_query($GLOBALS["link"], "SELECT * FROM ".TB_PREFIX."users WHERE id = ".$session."");
|
||||
$access = mysqli_fetch_array($sql);
|
||||
$sessionaccess = $access['access'];
|
||||
// ---------------------------------------------------------------------------
|
||||
// Verificare admin
|
||||
// ---------------------------------------------------------------------------
|
||||
$admin = $database->getUserArray($session, 1);
|
||||
if (!$admin || (int)$admin['access'] !== 9) {
|
||||
die('<h1><font color="red">Access Denied: You are not Admin!</font></h1>');
|
||||
}
|
||||
|
||||
if($sessionaccess != 9) die("<h1><font color=\"red\">Access Denied: You are not Admin!</font></h1>");
|
||||
// ---------------------------------------------------------------------------
|
||||
// Insert mesaj
|
||||
// ---------------------------------------------------------------------------
|
||||
$time = time();
|
||||
$topicEsc = $database->escape($topic);
|
||||
$msgEsc = $database->escape($message);
|
||||
|
||||
$query = "INSERT INTO ".TB_PREFIX."mdata (target, owner, topic, message, viewed, time) VALUES ('$uid', 1, '$topic', '$message', 0, '$time')";
|
||||
$database->query(
|
||||
"INSERT INTO " . TB_PREFIX . "mdata
|
||||
(target, owner, topic, message, viewed, time, archive)
|
||||
VALUES ($uid, 1, '$topicEsc', '$msgEsc', 0, $time, 0)"
|
||||
);
|
||||
|
||||
mysqli_query($GLOBALS["link"], $query);
|
||||
// ---------------------------------------------------------------------------
|
||||
// Log admin
|
||||
// ---------------------------------------------------------------------------
|
||||
$adminId = (int)$_SESSION['id'];
|
||||
$logText = "Sent message to uid $uid: '$topicEsc'";
|
||||
$logEsc = $database->escape($logText);
|
||||
|
||||
header("Location: ../../../Admin/admin.php?p=Newmessage&uid=".$uid."&msg=ok");
|
||||
$database->query(
|
||||
"INSERT INTO " . TB_PREFIX . "admin_log (`id`, `user`, `log`, `time`) " .
|
||||
"VALUES (0, '$adminId', '$logEsc', $time)"
|
||||
);
|
||||
|
||||
header("Location: ../../../Admin/admin.php?p=Newmessage&uid=" . $uid . "&msg=ok");
|
||||
exit;
|
||||
?>
|
||||
Reference in New Issue
Block a user