<?php
include('../includes/config.inc.php');
if(@$_SESSION['Account2'])
{
$acc = $_SESSION['Account2'];
$checkauth = mssql_query("SELECT * FROM [ACCOUNT_DBF].dbo.[ACCOUNT_TBL_DETAIL] where account='$acc'");
while($fetchauth = mssql_fetch_array($checkauth))
{
if($fetchauth['m_nGMBan'] == 0)
{
echo "You have no access here!";
}
else
{
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head>
<title>GM Panel</title>
<meta http-equiv="Content-type" content="text/html;charset=UTF-8" />
<link rel="stylesheet" type="text/css" media="all" href="../style.css" />
<script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"></script>
</head>
<body>
<div id="topbar">Welcome To The GM Panel
<div id="topbar_content">
<ul>
<li><a href="/">Site Home</a></li>
</ul>
</div>
</div>
<div id="outer">
<div id="logonav">
<div id="top_nav">
<ul>
<?php
include('navigation.php');
?>
</ul>
</div>
</div>
<div id="top"></div>
<div id="wrapper">
<div id="body">
<center>Ban Players<BR><BR>
This tool is used to ban the players of TeaIX. The tool is used to ban by accounts. Please use correctly.<BR>
Options:<BR>
1 - Ban<BR>
2 - Unban<BR>
<BR>
Ban Format: YYMMDD<BR><BR>
<?php
include_once('../includes/functions.php');
if($_POST['submit'])
{
$account2 = escape($_POST['Account']);
$block = escape($_POST['Block']);
$reason = escape($_POST['reason']);
$option = escape($_POST['option']);
mssql_select_db($AccountDB);
$full = mssql_query("SELECT * FROM [ACCOUNT_TBL] WHERE account='$account2'");
$num = mssql_num_rows($full);
if($num == 0) {
echo "Account: ".$account2;
echo " Doesnt Exist!";
}
else
{
$stmt = mssql_init('usp_BAN_UNBAN', $link);
mssql_bind($stmt, '@section', $option, SQLVARCHAR, false, false, 15);
mssql_bind($stmt, '@account', $account2, SQLVARCHAR, false, false, 32);
mssql_bind($stmt, '@reason', $reason, SQLVARCHAR, false, false, 32);
mssql_bind($stmt, '@length', $block, SQLVARCHAR, false, false, 32);
mssql_execute($stmt) or die ("Something is wrong on the execution");
mssql_free_statement($stmt);
$account = @$_SESSION['Account2'];
$ip = $_SERVER['REMOTE_ADDR'];
@mssql_query("INSERT INTO [LOG_GM_PANEL].dbo.[BAN_TBL] (account, ip, who, option, reason, length) values ('{$account}', '{$ip}', '{$account2}','Banned', '{$reason}', '{$block}')");
echo "<font color='blue'>Banned Accounnt: ".$account2;
echo " Successful.</font><br /><br />";
}
}
?>
<center><form method='post'>
Option:<br />
<input type='text' name='option' /><br />
Account:<br />
<input type='text' name='Account' /><br />
Reason:<br />
<input type='text' name='reason' /><br />
Ban Format:<br />
<input type='text' name='Block' /><br />
<input type='submit' name='Login' value='Ban' />
</form></center>
<br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br /><br />
<script type="text/javascript">
var current = "vps";
$(document).ready(function() {
$('.section_controls a').click(function(e) {
if($(this).attr('n') != current) {
var name = $(this).attr('n');
$('#' + current + '_button').removeClass('clicked');
$('#' + current + '_plans').slideUp('fast', function() {
$('#' + name + '_plans').slideDown('fast');
});
$(this).addClass('clicked');
$('#htype').text($(this).attr('title'));
current = $(this).attr('n');
}
});
});
</script>
</div>
</div>
<div id="bottom"></div><br />
<div id="footer"><div id="footer_left">PHP By BGxApixen/Slash</div><div id="footer_right">Design By Blaze-Games</div></div>
</div>
</body>
</html>
<?php
}
}
else
{
include('index.php');
}
?>
This code looks perfectly fine. I'm sorry, but it does.
Any help?
