this class doesn't update my db yet if i execute it a different way just normally it does.
the actual characters cant access this admin area because it is protected by a code in vars.php 
<?php
include 'inc/vars.php';
$cxn = mysqli_connect("localhost", "NO_CHANCE", "NO_CHANCE", "logon");
class playerAlter
{
public function changeLevel($name, $level){
global $cxn;
$sql = "UPDATE `characters` SET `level`='".mysqli_escape_string($level)."' WHERE `name`=".mysqli_escape_string($name)."";
@$result = mysqli_query($cxn, $sql);
}
public function changeHonor($name, $honor){
global $cxn;
$sql = "UPDATE `characters` SET `honorPoints`='".mysqli_escape_string($honor)."' WHERE `name`=".mysqli_escape_string($name)."";
@$result = mysqli_query($cxn, $sql);
}
public function changeName($name, $new){
global $cxn;
$sql = "UPDATE `characters` SET `name`='".mysqli_escape_string($new)."' WHERE `name`=".mysqli_escape_string($name)."";
@$result = mysqli_query($cxn, $sql);
}
public function changeGender($name, $gender){
global $cxn;
$sql = "UPDATE `characters` SET `gender`='".mysqli_escape_string($gender)."' WHERE `name`=".mysqli_escape_string($name)."";
@$result = mysqli_query($cxn, $sql);
}
}
include 'inc/head.php';
if($_REQUEST['cmd'] == "nlvl"){
$playerAlter->changeLevel($_REQUEST['name'], $_REQUEST['lvl']);
}
if($_REQUEST['cmd'] == "ban"){
banChar($_REQUEST['name']);
}
if($_REQUEST['cmd'] == "unban"){
unbanChar($_REQUEST['name']);
}
if($_REQUEST['cmd'] == "rename"){
$playerAlter->changeName($_REQUEST['name'], $_REQUEST['new']);
}
?>
<script language="javascript">
function newlvl(){
ne = document.getElementById("new");
ne.innerHTML = "<form method='POST' action='editChar.php?cmd=nlvl&name=<?php echo $_REQUEST['name']; ?>' id='newlvl'>New Level:<input name='lvl' type='text' value='70' /><input name='update' type='submit' value='update' /></form>";
return true;
}
function newname(){
ne = document.getElementById("new");
ne.innerHTML = "<form method='POST' action='editChar.php?cmd=rename&name=<?php echo $_REQUEST['name']; ?>' id='newName'>New Name:<input name='new' type='text' value='ABC' /><input name='update' type='submit' value='update' /></form>";
return true;
}
</script>
<div id="content">
<div class="post">
<h1 class="title">Edit Chars</h1>
<div class="entry">
<p><strong>You can edit chars.</strong></p>
</div>
</div>
<div class="post">
<h2 class="title">Char: <?php echo $_REQUEST['name']; ?></h2>
<div class="entry">
<blockquote>
<p>
<?php
$sql = "SELECT * FROM `characters` WHERE `name`='".addslashes($_REQUEST['name'])."'";
$result = mysqli_query($cxn, $sql);
@$row = mysqli_fetch_assoc($result);
?>
<img src="/images/img/race/<?php echo $row['race']; ?>-<?php echo $row['gender']; ?>.gif" width="18" height="18" /> <img src="/images/img/class/<?php echo $row['class']; ?>.gif" width="18" height="18" /> <?php echo $row['name']." lvl:".$row['level']." Banned:".$row['banned']; ?></p>
<p><span id="new">Need</span></p>
<p><?php if($row['online'] == 1){ echo "If offline you can do more"; }else{ ?>
<a href="#cLvl" onclick="newlvl();">Convert Level</a> | <a href="#reName" onclick="newname();">Rename</a>
<?php } ?>| <a href="?cmd=ban&name=<?php echo $row['name']; ?>">Ban</a> | <a href="?cmd=unban&name=<?php echo $row['name']; ?>">Unban</a></p>
</blockquote>
</div>
</div>
</div>
<?php
include 'inc/menu_footer.php';
?>
