[GESIOR ACC] Advanced Admin Panel

turs0n

New Member
Joined
Jul 3, 2010
Messages
53
Best answers
0
Reaction score
2
I was bored, so I writed admin panel - bigger than standard in Gesior Acc.

Ok, let's start..

1. Paste to your layout menu to admin access section [example for tibiacom]
PHP:
<a href='?subtopic=admin'>
  <div id='submenu_adminpanel' class='Submenuitem' onMouseOver='MouseOverSubmenuItem(this)' onMouseOut='MouseOutSubmenuItem(this)'>
    <div class='LeftChain' style='background-image:url(".$layout_name."/images/general/chain.gif);'></div>
    <div id='ActiveSubmenuItemIcon_adminpanel' class='ActiveSubmenuItemIcon' style='background-image:url(".$layout_name."/images/menu/icon-activesubmenu.gif);'></div>
    <div class='SubmenuitemLabel'><font color=\"blue\">~<u>Admin PRO</u>~</font></div>
    <div class='RightChain' style='background-image:url(".$layout_name."/images/general/chain.gif);'></div>
  </div>
2. Open index.php and paste
PHP:
 case "admin";
           $subtopic = "admin";
           $topic = "Advanced Admin Panel";
           include("adminpro.php");
      break;
3. Create adminpro.php in main directory.
Paste:
PHP:
<?PHP
//README: if nick contain "'" use "\'". For example: nick = The'Knight so use in the form The\'Knight ,,,-WORKS!
if($group_id_of_acc_logged >= $config['site']['access_admin_panel']) {
$main_content .= 'Welcome to advanced admin panel! Mainly you can edit players.
Coded by <a href="http://otland.net/members/turs0n/">turson</a>';
//admin panel menu (player+account)
$main_content .= '<br /><br /><div style="width:100%;border:1px solid #c6c6c6;padding:3px 0 3px 0">
 <b>EDIT PLAYER -></b>
<a href="?subtopic=admin&action=namelock">Name</a> | 
<a href="?subtopic=admin&action=exp">Experience</a> |
<a href="?subtopic=admin&action=level">Level</a> |
<a href="?subtopic=admin&action=others">Others</a> |
<a href="?subtopic=admin&action=position">Position</a> | 
<a href="?subtopic=admin&action=delete">Delete</a> <br>
<b>EDIT ACCOUNT -></b>
<a href="?subtopic=admin&action=acc">Account Number</a> | 
<a href="?subtopic=admin&action=pass">Password</a> | 
<a href="?subtopic=admin&action=mail">E-mail</a> | 
<a href="?subtopic=admin&action=access">Access</a>  <br><center><font color="red"><b>PLAYER MUST BE  OFFLINE!</b></font></center>
</div><br>';
/////////////////////////////////CHARACTER////////////////////////////////////
//namelock
if (isset($_POST['ok1'])){
$SQL->query("UPDATE `players` SET `name` = ".$SQL->quote(  $_POST['newname'] )." WHERE name = ".$SQL->quote( $_POST['name0']  ).";");
$main_content .= "Player name has been changed.";} 
//exp
if (isset($_POST['ok2'])){
$SQL->query("UPDATE `players` SET experience = experience +  ".$SQL->quote( $_POST['exp'] )." WHERE name = ".$SQL->quote(  $_POST['name1'] ).";");
$main_content .= "Experience has been added.";} 
//level
if (isset($_POST['ok3'])){
$SQL->query("UPDATE `players` SET level = ".$SQL->quote(  $_POST['level'] )." WHERE name = ".$SQL->quote( $_POST['name2']  ).";");
$main_content .= "Level has been set.";} 
//others
if (isset($_POST['ok4'])){
$SQL->query("UPDATE `players` SET health=".$SQL->quote(  $_POST['health'] ).",healthmax=".$SQL->quote( $_POST['health']  ).",mana=".$SQL->quote( $_POST['mana'] ).",manamax=".$SQL->quote(  $_POST['mana'] ).",cap=".$SQL->quote( $_POST['cap']  ).",maglevel=".$SQL->quote( $_POST['maglevel'] )." WHERE name =  ".$SQL->quote( $_POST['name3'] ).";");
$main_content .= "Informations has been changed.";} 
//delete
if (isset($_POST['ok5'])){
$SQL->query("DELETE from `players` WHERE name = ".$SQL->quote( $_POST['name4'] ).";");
$main_content .= "Character has beed deleted.";} 
//pos
if (isset($_POST['ok10'])){
$SQL->query("UPDATE `players` SET group_id = ".$SQL->quote(  $_POST['newpos'] )." WHERE name = ".$SQL->quote( $_POST['name9']  ).";");
$main_content .= "Player position has been changed.";} 
/////////////////////////////////////////ACCOUNT///////////////////////////////////////
//acc
if (isset($_POST['ok6'])){
$SQL->query("UPDATE `accounts` INNER JOIN `players` ON  `accounts`.`id` = `players`.`account_id` SET  accounts.name=".$SQL->quote( $_POST['newacc'] )." WHERE players.name =  ".$SQL->quote( $_POST['name5'] ).";");
$main_content .= "Account number has beed changed.";} 
//password
if (isset($_POST['ok7'])){
$SQL->query("UPDATE `accounts` INNER JOIN `players` ON  `accounts`.`id` = `players`.`account_id` SET  accounts.password=".$SQL->quote( $_POST['newpass'] )." WHERE  players.name = ".$SQL->quote( $_POST['name6'] ).";");
$main_content .= "Password has beed changed.";} 
//mail
if (isset($_POST['ok8'])){
$SQL->query("UPDATE `accounts` INNER JOIN `players` ON  `accounts`.`id` = `players`.`account_id` SET  accounts.email=".$SQL->quote( $_POST['newmail'] )." WHERE  players.name = ".$SQL->quote( $_POST['name7'] ).";");
$main_content .= "E-Mail adress has beed changed.";} 
//mail
if (isset($_POST['ok9'])){
$SQL->query("UPDATE `accounts` INNER JOIN `players` ON  `accounts`.`id` = `players`.`account_id` SET  accounts.page_access=".$SQL->quote( $_POST['newaccess'] )." WHERE  players.name = ".$SQL->quote( $_POST['name8'] ).";");
$main_content .= "Page access has beed changed.";} 
////////////CHARACTER FORM///////////
//namelock form
if($_GET["action"]=="namelock"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
New Player Name <input type="text" name="newname"><br>
Old Player Name <input type="text"  name="name0"><br><input type="submit" value="OK"  name="ok1"></form>';}
//exp form
if($_GET["action"]=="exp"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
Add experience <input type="text" name="exp"> (only numbers)<br>
Player Name <input type="text" name="name1"><br><input type="submit" value="OK" name="ok2"></form>';}
//level form
if($_GET["action"]=="level"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
Set player level <input type="text" name="level"> (only numbers)<br>
Player Name <input type="text" name="name2"><br><input type="submit" value="OK" name="ok3"></form>';}
//others form
if($_GET["action"]=="others"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
Health <input type="text" name="health"> (only numbers)<br>
Mana <input type="text" name="mana"> (only numbers)<br>
Cap <input type="text" name="cap"> (only numbers)<br>
MagLevel <input type="text" name="maglevel"> (only numbers)<br>
Player Name <input type="text" name="name3"><br><input type="submit" value="OK" name="ok4"></form>';}
//delete form
if($_GET["action"]=="delete"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
Player Name <input type="text" name="name4"><br><b>ARE  YOU SURE?</b> <input type="submit" value="YES"  name="ok5"></form>';}
//pos form
if($_GET["action"]=="position"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
Position <input type="text"  name="newpos"><i>example(1-player,2-tutor,3-senior  tutor,4-gamemaster,5-community manager,6-god)</i>
<br>
Player Name <input type="text" name="name9"><br><input type="submit" value="OK" name="ok10"></form>';}
/////////////ACCOUNT FORM////////////////
//account number form
if($_GET["action"]=="acc"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
New account number <input type="text" name="newacc"> <br>
Player Name <input type="text" name="name5"><br><input type="submit" value="OK" name="ok6"></form>';}
//password form
if($_GET["action"]=="pass"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
New password <input type="text" name="newpass"> <br>
Player Name <input type="text" name="name6"><br><input type="submit" value="OK" name="ok7"></form>';}
//mail form
if($_GET["action"]=="mail"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
New e-mail adress <input type="text" name="newmail"> <br>
Player Name <input type="text" name="name7"><br><input type="submit" value="OK" name="ok8"></form>';}
//access form
if($_GET["action"]=="access"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
Page access <input type="text" name="newaccess">(3->admin) <br>
Player Name <input type="text" name="name8"><br><input type="submit" value="OK" name="ok9"></form>';}
} else $main_content .= "You don't have required access!";
?>
Screenshot:



Thanks!
 
Last edited by a moderator:

orzeleagle

Member
Joined
Dec 21, 2009
Messages
183
Best answers
0
Reaction score
7
Location
Poland
if click name or level or other = Invalid subtopic. Can't load page.
 
OP
T

turs0n

New Member
Joined
Jul 3, 2010
Messages
53
Best answers
0
Reaction score
2
It's impossible, I tested it a second ago.
 

Bufo

-.-'
Joined
Jul 30, 2010
Messages
134
Best answers
0
Reaction score
11
Location
P(R)OLAND
if click name or level or other = Invalid subtopic. Can't load page.
Most probably you didn't add it to index.php:
PHP:
 case "admin";
           $subtopic = "admin";
           $topic = "Advanced Admin Panel";
           include("adminpro.php");
      break;
And for the topic very good!
One could still add to it add premium points for account.
PHP:
if($action == "points") {
    $player = stripslashes(ucwords(strtolower(trim($_REQUEST['character']))));
    $points = $_POST['points'];
    if(empty($player)) {
        $main_content .= '<form action="" method="post"><B>Enter Character Name:</B><input type="textbox" name="character"><br>
        <B>Enter Points Amount:</B><input type="textbox" name="points"><br><input type="submit" value="Submit">
        </form></center><form action="?subtopic=shopadmin" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
    }
    else
    {
        $player_data = $SQL->query("SELECT * FROM `players` WHERE `name` = '".$player."';")->fetch();
        $SQL->query("UPDATE `accounts` SET `premium_points` = `premium_points` + '".$points."' WHERE `id` = '".$player_data['account_id']."'");
        $main_content .= '<b><center>'.$points.' Premium Points added to the account of <i>'.$player.'</i> !</b></center><br>
        <form action="?subtopic=shopadmin" method="post" ><input name="submit" type="submit" value="Back" title="Back"/></form>';
        }
    }
}
You can add, I don't test it.
 
OP
T

turs0n

New Member
Joined
Jul 3, 2010
Messages
53
Best answers
0
Reaction score
2
Adding points is in standard Admin Panel (Admin Shop) so I haven't add this.
 

Archez

'
Joined
Jun 26, 2008
Messages
6,589
Best answers
1
Reaction score
68
Location
Mexico
You could've used POT functions, it would've been shorter I guess, but you did a great job. :)

Example of POT functions usage:
PHP:
$player = $ots->createObject('Player');
$player->setName($var); // you check the $var before using it for the function (security measures)
$player->save();
 
OP
T

turs0n

New Member
Joined
Jul 3, 2010
Messages
53
Best answers
0
Reaction score
2
You could've used POT functions, it would've been shorter I guess, but you did a great job. :)

Example of POT functions usage:
PHP:
$player = $ots->createObject('Player');
$player->setName($var); // you check the $var before using it for the function (security measures)
$player->save();
I see, that's very shorter but I'm learning PHP :p Thanks for opinion anyway.
 

Tapcioo

Faleria.eu - 2016
Joined
Jun 1, 2009
Messages
494
Best answers
0
Reaction score
378
Location
Poland
Invalid subtopic. Can't load page.

Why?

Btw. Nice!
 

Doniio

The REAL CENTERA creator
Joined
Mar 19, 2011
Messages
1,278
Best answers
0
Reaction score
29
Location
Manhattan, NY
Nice this is pretty great, also nice to see that people still work on gesiors acc to improve it
 

Denyy

PL RoX
Joined
Sep 4, 2009
Messages
82
Best answers
0
Reaction score
0
Its OK but not really useful u can do all things in database phpmyadmin that you make sure what you doing and also if ur GM account hacked the hacker will get a lot information.

As i said its nice but not really useful.
 
OP
T

turs0n

New Member
Joined
Jul 3, 2010
Messages
53
Best answers
0
Reaction score
2
If you see 'Invalid subtopic' make sure you have added required function to index.php

++UPDATE++
* repaired editing player hp/mana/cap/maglevel

Code:
<?PHP
//README: if nick contain "'" use "\'". For example: nick = The'Knight so use in the form The\'Knight ,,,-WORKS!
if($group_id_of_acc_logged >= $config['site']['access_admin_panel']) {
$main_content .= 'Welcome to advanced admin panel! Mainly you can edit players.
Coded by <a href="http://otland.net/members/turs0n/">turson</a>';
//admin panel menu (player+account)
$main_content .= '<br /><br /><div style="width:100%;border:1px solid #c6c6c6;padding:3px 0 3px 0">
 <b>EDIT PLAYER -></b>
<a href="?subtopic=admin&action=namelock">Name</a> | 
<a href="?subtopic=admin&action=exp">Experience</a> |
<a href="?subtopic=admin&action=level">Level</a> |
<a href="?subtopic=admin&action=others">Others</a> |
<a href="?subtopic=admin&action=position">Position</a> | 
<a href="?subtopic=admin&action=delete">Delete</a> <br>
<b>EDIT ACCOUNT -></b>
<a href="?subtopic=admin&action=acc">Account Number</a> | 
<a href="?subtopic=admin&action=pass">Password</a> | 
<a href="?subtopic=admin&action=mail">E-mail</a> | 
<a href="?subtopic=admin&action=access">Access</a> <br><center><font color="red"><b>PLAYER MUST BE OFFLINE!</b></font></center>
</div><br>';
/////////////////////////////////CHARACTER////////////////////////////////////
//namelock
if (isset($_POST['ok1'])){
$SQL->query("UPDATE `players` SET `name` = ".$SQL->quote( $_POST['newname'] )." WHERE name = ".$SQL->quote( $_POST['name0'] ).";");
$main_content .= "Player name has been changed.";} 
//exp
if (isset($_POST['ok2'])){
$SQL->query("UPDATE `players` SET experience = experience + ".$SQL->quote( $_POST['exp'] )." WHERE name = ".$SQL->quote( $_POST['name1'] ).";");
$main_content .= "Experience has been added.";} 
//level
if (isset($_POST['ok3'])){
$SQL->query("UPDATE `players` SET level = ".$SQL->quote( $_POST['level'] )." WHERE name = ".$SQL->quote( $_POST['name2'] ).";");
$main_content .= "Level has been set.";} 
//others
if (isset($_POST['ok4'])){
$SQL->query("UPDATE `players` SET health=".$SQL->quote( $_POST['health'] ).",healthmax=".$SQL->quote( $_POST['health'] ).",mana=".$SQL->quote( $_POST['mana'] ).",manamax=".$SQL->quote( $_POST['mana'] ).",cap=".$SQL->quote( $_POST['cap'] ).",maglevel=".$SQL->quote( $_POST['maglevel'] )." WHERE name = ".$SQL->quote( $_POST['name3'] ).";");
$main_content .= "Informations has been changed.";} 
//delete
if (isset($_POST['ok5'])){
$SQL->query("DELETE from `players` WHERE name = ".$SQL->quote( $_POST['name4'] ).";");
$main_content .= "Character has beed deleted.";} 
//pos
if (isset($_POST['ok10'])){
$SQL->query("UPDATE `players` SET group_id = ".$SQL->quote( $_POST['newpos'] )." WHERE name = ".$SQL->quote( $_POST['name9'] ).";");
$main_content .= "Player position has been changed.";} 
/////////////////////////////////////////ACCOUNT///////////////////////////////////////
//acc
if (isset($_POST['ok6'])){
$SQL->query("UPDATE `accounts` INNER JOIN `players` ON `accounts`.`id` = `players`.`account_id` SET accounts.name=".$SQL->quote( $_POST['newacc'] )." WHERE players.name = ".$SQL->quote( $_POST['name5'] ).";");
$main_content .= "Account number has beed changed.";} 
//password
if (isset($_POST['ok7'])){
$SQL->query("UPDATE `accounts` INNER JOIN `players` ON `accounts`.`id` = `players`.`account_id` SET accounts.password=".$SQL->quote( $_POST['newpass'] )." WHERE players.name = ".$SQL->quote( $_POST['name6'] ).";");
$main_content .= "Password has beed changed.";} 
//mail
if (isset($_POST['ok8'])){
$SQL->query("UPDATE `accounts` INNER JOIN `players` ON `accounts`.`id` = `players`.`account_id` SET accounts.email=".$SQL->quote( $_POST['newmail'] )." WHERE players.name = ".$SQL->quote( $_POST['name7'] ).";");
$main_content .= "E-Mail adress has beed changed.";} 
//mail
if (isset($_POST['ok9'])){
$SQL->query("UPDATE `accounts` INNER JOIN `players` ON `accounts`.`id` = `players`.`account_id` SET accounts.page_access=".$SQL->quote( $_POST['newaccess'] )." WHERE players.name = ".$SQL->quote( $_POST['name8'] ).";");
$main_content .= "Page access has beed changed.";} 
////////////CHARACTER FORM///////////
//namelock form
if($_GET["action"]=="namelock"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
New Player Name <input type="text" name="newname"><br>
Old Player Name <input type="text" name="name0"><br><input type="submit" value="OK" name="ok1"></form>';}
//exp form
if($_GET["action"]=="exp"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
Add experience <input type="text" name="exp"> (only numbers)<br>
Player Name <input type="text" name="name1"><br><input type="submit" value="OK" name="ok2"></form>';}
//level form
if($_GET["action"]=="level"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
Set player level <input type="text" name="level"> (only numbers)<br>
Player Name <input type="text" name="name2"><br><input type="submit" value="OK" name="ok3"></form>';}
//others form
if($_GET["action"]=="others"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
Health <input type="text" name="health"> (only numbers)<br>
Mana <input type="text" name="mana"> (only numbers)<br>
Cap <input type="text" name="cap"> (only numbers)<br>
MagLevel <input type="text" name="maglevel"> (only numbers)<br>
Player Name <input type="text" name="name3"><br><input type="submit" value="OK" name="ok4"></form>';}
//delete form
if($_GET["action"]=="delete"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
Player Name <input type="text" name="name4"><br><b>ARE YOU SURE?</b> <input type="submit" value="YES" name="ok5"></form>';}
//pos form
if($_GET["action"]=="position"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
Position <input type="text" name="newpos"><i>example(1-player,2-tutor,3-senior tutor,4-gamemaster,5-community manager,6-god)</i>
<br>
Player Name <input type="text" name="name9"><br><input type="submit" value="OK" name="ok10"></form>';}
/////////////ACCOUNT FORM////////////////
//account number form
if($_GET["action"]=="acc"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
New account number <input type="text" name="newacc"> <br>
Player Name <input type="text" name="name5"><br><input type="submit" value="OK" name="ok6"></form>';}
//password form
if($_GET["action"]=="pass"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
New password <input type="text" name="newpass"> <br>
Player Name <input type="text" name="name6"><br><input type="submit" value="OK" name="ok7"></form>';}
//mail form
if($_GET["action"]=="mail"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
New e-mail adress <input type="text" name="newmail"> <br>
Player Name <input type="text" name="name7"><br><input type="submit" value="OK" name="ok8"></form>';}
//access form
if($_GET["action"]=="access"){ 
$main_content .= '<form action="?subtopic=admin" method="post">
Page access <input type="text" name="newaccess">(3->admin) <br>
Player Name <input type="text" name="name8"><br><input type="submit" value="OK" name="ok9"></form>';}
} else $main_content .= "You don't have required access!";
?>
To modeator : please replace new version into 1st post.
 

gpedro

web developer
Joined
Dec 5, 2009
Messages
122
Best answers
0
Reaction score
59
Location
Brazil
:cool:
Nice idea,
but i can modify to create a clean interface?
 

OperatorMopa

New Member
Joined
Feb 10, 2014
Messages
127
Best answers
0
Reaction score
4
case "admin"; $subtopic = "admin"; $topic = "Advanced Admin Panel"; include("adminpro.php"); break;
Error occured!
Error ID: CRITICAL ERROR
More info: Cannot load page admin, file does not exist.

File: /usr/share/nginx/www/system/load.compat.php Line: 20
File: /usr/share/nginx/www/index.php Line: 38
 
Top