[Luis-]

Hi, I am wanting to make a dynamic webpage which is for me only, I want to use it to promote / demote administrators from my SA:MP server. I know I am doing something wrong but I can't quite put my finger on it. Here is my full code which I am wanting to use.

Код:

			echo "<td class='info' width=50% align='center'>";
				echo '<a href="http://foxxrp.com/ucp/admins.php?demoteid=' . $row['Name'] . '">' . 'X' . '</a>';  
			echo "</td>";
		
			echo "<td class='info' width=50% align='center'>";
				echo '<a href="http://foxxrp.com/ucp/admins.php?promoteid=' . $row['Name'] . '">' . 'X' . '</a>';  
			echo "</td>";
		
		echo "</tr>";
	}
}
$result = mysql_query("SELECT * FROM `accounts`"); 
$row = mysql_fetch_array($result, $con);
if($_GET['demoteid'] == $row['Name'])
{
	$user = $_GET['demoteid'];
	$admin = --$row['Admin'];
	
	echo 'You have demoted '.$user.' to level '.$admin.'';
	$query = 'UPDATE `accounts` SET `Admin` = '.--$admin.' WHERE `Name` = '.$user.'';
}

if($_GET['promoteid'] == $row['Name'])
{
	$user = $_GET['promoteid'];
	$admin = ++$row['Admin'];
	
	echo 'You have promoted '.$user.' to level '.$admin.'';
	$query = 'UPDATE `accounts` SET `Admin` = '.++$admin.' WHERE `Name` = '.$user.'';
}
mysql_query($query);
?>

I'm sorry about the indentation of my code but any help is appreciated.

[whitedragon]

I'm looking code and i can't find where you take ++$row['Admin'];? btw you just selecting hole tabel...
Why you select hole table?

[whitedragon]

Solution

PHP код:

if(isset($_GET['demoteid'])) $user = addslashes($_GET['demoteid']); // don't never let user direct control
if(isset($_GET['promoteid'])) $user = addslashes($_GET['demoteid']);
$result = mysql_query("SELECT * FROM `accounts` WHERE Name= '$user'"); 
$row = mysql_fetch_array($result, $con);
if(isset($_GET['demoteid']))
{
    $admin = --$row['Admin'];
    echo 'You have demoted '.$user.' to level '.$admin.'';
    $query = 'UPDATE `accounts` SET `Admin` = '.--$admin.' WHERE `Name` = '.$user.'';
}
if(isset($_GET['promoteid']))
{
    $admin = ++$row['Admin'];
    
    echo 'You have promoted '.$user.' to level '.$admin.'';
    $query = 'UPDATE `accounts` SET `Admin` = '.++$admin.' WHERE `Name` = '.$user.'';
} 


I may like OOP this but yeah your opinion. Thats should be work - not sure tell when it's don't work

[Luis-]

It isn't working properly, I don't know why. It seems to skip some levels, say if I am level 5 admin and I promote myself, it will set my level to 7 instead of 6.

Also the queries aren't working.

[Luis-]

Seriously, someone must know a fix for this.

[ca2k]

Ask from phpfreaks forums.

[whitedragon]

PHP код:

if(isset($_GET['demoteid'])) $user = addslashes($_GET['demoteid']); // don't never let user direct control
if(isset($_GET['promoteid'])) $user = addslashes($_GET['promoteid']);
$result = mysql_query("SELECT * FROM `accounts` WHERE Name= '$user'"); 
$row = mysql_fetch_array($result, $con);
if(isset($_GET['demoteid']))
{
    $admin = --$row['Admin'];
    echo 'You have demoted '.$user.' to level '.$admin.'';
    $query = 'UPDATE `accounts` SET `Admin` = '.$admin.' WHERE `Name` = '.$user.'';
}
if(isset($_GET['promoteid']))
{
    $admin = ++$row['Admin'];
    
    echo 'You have promoted '.$user.' to level '.$admin.'';
    $query = 'UPDATE `accounts` SET `Admin` = '.$admin.' WHERE `Name` = '.$user.'';
}