Hoe kan ik er voor zorgen dat iemand onder rank 7 geen rank kan editen bij een user maar wel de rest zoals credits etc.
<?php
define(\'USERNAME_REQUIRED\', TRUE);
define(\'ACCOUNT_REQUIRED\', TRUE);
include(\"../global.php\");
$username = $core->EscapeString($_SESSION[\'username\']);
if(!$users->UserPermission(\'hk_users\', $username))
{
header(\"Location: nopermission.php\");
die;
}
?>
<script language=\"javascript\">
$(\'.tooltip\').tooltip({
track: true,
delay: 0,
showURL: false,
showBody: \" - \",
fade: 250
});
$(\'.modify\').click(function() {
LoadContent(\'page_modify_user\', $(this).attr(\'id\'));
$(\'.overlay\').fadeIn();
$(\'.page\').fadeIn(\"slow\");
});
function MakeVIP(id, vip, rank) {
$(\'button#MakeVIP\'+id).html(\'Updating...\');
$(\'button#MakeVIP\'+id).attr(\'disabled\', \'disabled\');
$.ajax({
type: \"POST\",
url: \"functions/user_makevip.php\",
data: \"id=\" + id + \'&vip=\' + vip + \'&rank=\' + rank,
success: function(){
$(\'button#MakeVIP\'+id).html(\'Updated!\')
.delay(1200)
.queue(function(n) {
Search2(\'id\',id)
n();
})
}
});
};
$(\'.delete\').click(function() {
DeleteStory($(this).attr(\'id\'));
});
$(\'.exitbutton\').click(function() {
$(\'.page\').css(\'display\', \'none\');
$(\'.overlay\').css(\'display\', \'none\');
});
function LoadContent(PageName, ID) {
$.ajax({
type: \"POST\",
url: \"functions/\" + PageName + \".php?id=\" + ID,
success: function(msg){
$(\'.content\').html(msg);
}
});
}
function Search(method) {
$(\'.page\').css(\'display\', \'none\');
$(\'.overlay\').css(\'display\', \'none\');
$.ajax({
type: \"POST\",
url: \"users.php\",
data: \"method=\"+method+\"&value=\" + $(\'#username\').val(),
success: function(msg){
$(\'.conColumn\').html(msg);
}
});
}
function Search2(method,value) {
$(\'.page\').css(\'display\', \'none\');
$(\'.overlay\').css(\'display\', \'none\');
$.ajax({
type: \"POST\",
url: \"users.php\",
data: \"method=\"+method+\"&value=\" + value,
success: function(msg){
$(\'.conColumn\').html(msg);
}
});
}
function SearchRooms(value) {
$(\'.page\').css(\'display\', \'none\');
$(\'.overlay\').css(\'display\', \'none\');
$.ajax({
type: \"POST\",
url: \"rooms.php\",
data: \"roomtype=private&method=userid&value=\" + value,
success: function(msg){
$(\'.conColumn\').html(msg);
$(\'li#\' + OldPage).removeClass(\'selected\');
$(\'li#rooms\').addClass(\'selected\');
OldPage = \'rooms\';
}
});
}
</script>
<div>
<h1>Users</h1>
<div class=\"overlay hidden\">
<div class=\"page hidden\">
<div class=\"exitbutton\"></div>
<div class=\"content\">
</div>
</div>
</div>
<div class=\"formPiece\">
<div>
<h3>Find User</h3>
</div>
<div>
<img src=\"img/info_16.png\" class=\"tooltip\" title=\"Search user\" />
<label for=\"username\">Search Name: </label><input type=\"text\" value=\"\" name=\"username\" id=\"username\" /><br/>
<button id=\"General\" onClick=\"Search(\'username\');\">Search</button>
</div>
</div>
<div class=\"formPiece\">
<h3>Search Result</h3>
<div>
<?php
switch(@$_POST[\'method\'])
{
case \'username\':
$users_s = mysql_query(\"SELECT * FROM users WHERE username LIKE \'\".$_POST[\'value\'].\"\' OR mail LIKE \'\".$_POST[\'value\'].\"\'\");
break;
case \'email\':
$users_s = mysql_query(\"SELECT * FROM users WHERE mail = \'\".$_POST[\'value\'].\"\'\");
break;
case \'ip\':
$users_s = mysql_query(\"SELECT * FROM users WHERE ip_last = \'\".$_POST[\'value\'].\"\'\");
break;
case \'rank\':
$users_s = mysql_query(\"SELECT * FROM users WHERE rank = \'\".$_POST[\'value\'].\"\'\");
break;
case \'id\':
$users_s = mysql_query(\"SELECT * FROM users WHERE id = \'\".$_POST[\'value\'].\"\'\");
break;
default:
echo \'<h3>No Data Available</h3>\';
break;
}
while($user = @mysql_fetch_array($users_s))
{
$rand1 = rand(100000, 999999);
$rand2 = rand(10000, 99999);
$rand3 = rand(10000, 99999);
$rand4 = rand(10000, 99999);
$rand5 = rand(10000, 99999);
$rand6 = rand(1, 9);
$ticket = \"ST-\".$rand1.\"-\".$rand2.$rand3.\"-\".$rand4.$rand5.\"-otaku-\".$rand6;
?>
<div class=\"UserSearchResults\" id=\"<?php echo $user[\'id\']; ?>\">
<img src=\"http://www.habbo.nl/habbo-imaging/avatarimage?figure=<?php echo $user[\'look\']; ?>\" alt=\"<?php echo $user[\'username\']; ?>\" />
<p>Username: <strong><?php echo $user[\'username\']; ?></strong><br />
Email: <strong id=\"<?php echo $user[\'mail\']; ?>\" class=\"tooltip\" title=\"Search by Email\" onClick=\"Search2(\'email\',this.id);\"><?php echo $user[\'mail\']; ?></strong><br />
Last IP: <strong id=\"<?php echo $user[\'ip_last\']; ?>\" class=\"tooltip\" title=\"Search by IP\" onClick=\"Search2(\'ip\',this.id);\"><?php echo $user[\'ip_last\']; ?></strong><br />
Last Login: <strong><?php echo @date(\"d-m-Y H:i\",$user[\'last_online\']); ?></strong><br />
Rank: <strong id=\"<?php echo $user[\'rank\']; ?>\" class=\"tooltip\" title=\"Search by Rank\" onClick=\"Search2(\'rank\',this.id);\"><?php echo $user[\'rank\']; ?></strong><br />
<strong id=\"<?php echo $user[\'username\']; ?>\" class=\"tooltip\" title=\"Search user\'s rooms\" onClick=\"SearchRooms(this.id);\">My Rooms</strong><?php if($users->UserPermission(\'hk_ext_login\', $username)) { ?> ~ <strong id=\"<?php echo $user[\'username\']; ?>\" class=\"tooltip\" title=\"Login with this user\" onClick=\"window.open(\'../client/?username=<?php echo $user[\'username\']; ?>&ticket=<?php echo $ticket; ?>\',\'ClientWndw\',\'width=980,height=597\');return false;\">Login with this user</strong><?php } ?></p>
<?php if($users->UserPermission(\'hk_edit\', $username))
{
?>
<?php if($user[\'vip\'] == 0) { ?><button id=\"MakeVIP<?php echo $user[\'id\']; ?>\" onclick=\"MakeVIP(\'<?php echo $user[\'id\']; ?>\', 1,2);\" style=\"margin:5px;\">Make VIP</button><?php } ?><?php if($user[\'vip\'] == 1) { ?><button id=\"MakeVIP<?php echo $user[\'id\']; ?>\" onclick=\"MakeVIP(\'<?php echo $user[\'id\']; ?>\', 0, 1);\" style=\"margin:5px;\">Remove VIP</button><?php } ?><button id=\"<?php echo $user[\'id\']; ?>\" class=\"modify\" style=\"margin:5px;\">Edit user</button>
<?php
}
?>
</div>
<?php
}
?>
</div>
</div>
</div>
