xinyin025/TravianZ
1
0
Fork 0
mirror of https://github.com/Shadowss/TravianZ.git synced 2026-06-28 08:34:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
d636065b804f89fda5e86716c12f87e34dfedceb
TravianZ/GameEngine/Admin/Mods/editUser.php
T
novgorodschi catalin d636065b80 Full Refactor Admin Panel & Logs 
Full Refactor Admin Panel & Logs (now you can see detailed logs in admin panel)
2026-05-22 11:26:50 +03:00

93 lines
3.5 KiB
PHP
Executable File
Raw Blame History

<?php
#################################################################################
## -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =- ##
## --------------------------------------------------------------------------- ##
## Filename editUser.php ##
## Type BACKEND ##
## Developed by: aggenkeech ##
## License: TravianZ Project ##
## Copyright: TravianZ (c) 2010-2025. All rights reserved. ##
## ##
#################################################################################
if (!isset($_SESSION)) {
session_start();
}
if (empty($_SESSION['access']) || $_SESSION['access'] < 9) {
die("Access Denied: You are not Admin!");
}
include_once("../../config.php");
// ---------------------------------------------------------------------------
// Autoloader path
// ---------------------------------------------------------------------------
$autoprefix = '';
for ($i = 0; $i < 5; $i++) {
$autoprefix = str_repeat('../', $i);
if (file_exists($autoprefix . 'autoloader.php')) {
break;
}
}
include_once($autoprefix . "GameEngine/Database.php");
// ---------------------------------------------------------------------------
// Input
// ---------------------------------------------------------------------------
$session = (int)($_POST['admid'] ?? 0);
$id = (int)($_POST['id'] ?? 0);
if ($id <= 0 || $session <= 0) {
header("Location: ../../../Admin/admin.php?p=player&uid=$id&e=bad");
exit;
}
// ---------------------------------------------------------------------------
// Verificare admin
// ---------------------------------------------------------------------------
$admin = $database->getUserArray($session, 1);
if (!$admin || (int)$admin['access'] !== 9) {
die('<h1><font color="red">Access Denied: You are not Admin!</font></h1>');
}
// ---------------------------------------------------------------------------
// Câmpuri
// ---------------------------------------------------------------------------
$email = $database->escape(trim($_POST['email'] ?? ''));
$tribe = max(1, min(5, (int)($_POST['tribe'] ?? 1)));
$location = $database->escape(trim($_POST['location'] ?? ''));
$desc1 = $database->escape($_POST['desc1'] ?? '');
$desc2 = $database->escape($_POST['desc2'] ?? '');
$quest = $database->escape($_POST['quest'] ?? '');
// ---------------------------------------------------------------------------
// Update
// ---------------------------------------------------------------------------
$database->query(
"UPDATE " . TB_PREFIX . "users SET
email = '$email',
tribe = $tribe,
location = '$location',
desc1 = '$desc1',
desc2 = '$desc2',
quest = '$quest'
WHERE id = $id"
);
// ---------------------------------------------------------------------------
// Log admin
// ---------------------------------------------------------------------------
$adminId = (int)$_SESSION['id'];
$time = time();
$logText = "Edited profile for user <a href='admin.php?p=player&uid=$id'>$id</a>";
$logEsc = $database->escape($logText);
$database->query(
"INSERT INTO " . TB_PREFIX . "admin_log (`id`, `user`, `log`, `time`) " .
"VALUES (0, '$adminId', '$logEsc', $time)"
);
header("Location: ../../../Admin/admin.php?p=player&uid=" . $id);
exit;
?>
Reference in New Issue View Git Blame Copy Permalink