JamieLee2k
11-13-2006, 10:14 PM
First of all look at this picture
http://www.xleagues.net/remove.jpg
You see where it says Cancel, Postpone, Delete and Add New Game well I am looking to remove them for normal members and not for admins and so I am wondering if there was anything in this file which relates to being able to remove the code. Normal users use useradmin.php once they are logged in which makes me think this is the file I need to edit.
<?php
include("config.php");
if($_COOKIE["language"]) {
$llang = $_COOKIE["language"];
} else {
$l_array = explode("-",$lang_array[0]);
$llang = $l_array[0];
setcookie("language",$llang,time()+1209600,"","","");
}
include("lang/".$_COOKIE["language"].".php");
session_start( );
//SECURITY CHECK #1
if($_COOKIE['PHPSESSID'] == session_id( ) && $_COOKIE['type'] != "") {
$open = mysql_connect($_CONF['hostname'],$_CONF['user'],$_CONF['password']);
mysql_select_db("$_CONF[db]",$open);
$leagueinfo = mysql_query("SELECT * FROM ".$_CONF['tprefix']."leagueinfo");
$_CONF['logtime'] = mysql_result($leagueinfo,0,"timelength");
$_CONF['league_name'] = mysql_result($leagueinfo,0,"name");
$_CONF['interdiv'] = mysql_result($leagueinfo,0,"interdiv");
$_CONF['gdversion'] = mysql_result($leagueinfo,0,"gd");
//SECURITY CHECK #2
$cktime = $_COOKIE['time'] + ($_CONF['logtime'] * 60);
if(date("U") < $cktime) {
setcookie("time",date("U"),time()+1209600,"","","");
$teams = mysql_query("SELECT id,name,contact_email FROM ".$_CONF['tprefix']."teams WHERE contact_email = '$_COOKIE[u]'");
$teamid = mysql_result($teams,0,"id");
$_CONF['teamid'] = $teamid;
$_CONF['teamname'] = mysql_result($teams,0,"name");
$_CONF['teamemail'] = mysql_result($teams,0,"contact_email");
ob_start();
include("includes/header_user.inc");
$header = ob_get_contents();
ob_end_clean();
//GET TASK
if($_POST['opt']) {
$opt = $_POST['opt'];
} else {
$opt = $_GET['opt'];
}
include("userfunctions.php");
switch($opt) {
case "alist": //ANNOUNCEMENT LIST
$header = eregi_replace("<!--%formname%-->","ann",$header);
$output .= announcement_list($message);
break;
case "aform": //NEW ANNOUNCEMENT HTML FORM
$output .= announcement_form();
break;
case "asql": //INSERT NEW ANNOUNCEMENT IN MYSQL
$message = announcement_sql();
$header = eregi_replace("<!--%formname%-->","ann",$header);
$output .= announcement_list($message);
break;
case "eform": //EDIT ANNOUNCEMENT HTML FORM
$output .= announcement_eform();
break;
case "esql": //UPDATE ANNOUNCEMENT IN MYSQL
$message = announcement_esql();
$header = eregi_replace("<!--%formname%-->","ann",$header);
$output .= announcement_list($message);
break;
case "ann_delete": //DELETE ANNOUNCEMENT
$message .= announcement_delete();
$header = eregi_replace("<!--%formname%-->","ann",$header);
$output .= announcement_list($message);
break;
case "info": //TEAM INFORMATION HTML FORM
$output .= teaminfo($message);
break;
case "info_sql": //UPDATE TEAM INFO IN MYSQL
$message = teaminfo_sql();
$output .= teaminfo($message);
break;
case "players": //LIST PLAYERS ON TEAM
$output .= players($_GET['message']);
break;
/***** DEFUNCT *****
case "editteamsch": //???
editteamsch($date,$time,$location,$team1_score,$te am2_score,$team1,$team2,$season);
$output .= scheduleteam($teamid,$thisdiv);
break;
case "delteamsch": //???
$sql = mysql_query("DELETE FROM ".$_CONF['tprefix']."schedule_scores WHERE id ='$id'");
$output .= scheduleteam($selectteam,$thisdiv);
break;
***** DEFUNCT *****/
case "schedule_delete": //DELETE ONE OR MORE GAMES FROM SCHEDULE
$message .= schedule_delete();
$formname = "schedule";
$header = eregi_replace("<!--%formname%-->",$formname,$header);
$output .= scheduleteam($_POST['teamid'],$_POST['thisdiv']);
break;
case "schedule_postpone": //POSTPONE GAME(S)
$message .= schedule_postpone();
$header = eregi_replace("<!--%formname%-->","schedule",$header);
$output .= scheduleteam($_POST['teamid'],$_POST['thisdiv']);
break;
case "schedule_cancel": //CANCEL GAME(S)
$message .= schedule_cancel();
$header = eregi_replace("<!--%formname%-->","schedule",$header);
$output .= scheduleteam($_POST['teamid'],$_POST['thisdiv']);
break;
default: //DISPLAY TEAM'S SCHEDULE
$formname = "schedule";
$header = eregi_replace("<!--%formname%-->",$formname,$header);
$output .= scheduleteam($teamid,$thisdiv);
}
} else {
header("Location: ./?opt=login&message=error\r\n");
}
} else {
header("Location: ./?opt=login&message=error\r\n");
}
$header = eregi_replace("<!--%formname%-->","form",$header);
$output = $header.$output."
</td></tr></table>";
echo $output;
include("includes/footer.inc");
?>
Now when an admin logs in they get a different URL so I am thinking it maybe ok and it isn't effected.
If it means removing a bit of code then so be it I just wanted them 4 buttons removing.
Thanks
JamieLee2k
http://www.xleagues.net/remove.jpg
You see where it says Cancel, Postpone, Delete and Add New Game well I am looking to remove them for normal members and not for admins and so I am wondering if there was anything in this file which relates to being able to remove the code. Normal users use useradmin.php once they are logged in which makes me think this is the file I need to edit.
<?php
include("config.php");
if($_COOKIE["language"]) {
$llang = $_COOKIE["language"];
} else {
$l_array = explode("-",$lang_array[0]);
$llang = $l_array[0];
setcookie("language",$llang,time()+1209600,"","","");
}
include("lang/".$_COOKIE["language"].".php");
session_start( );
//SECURITY CHECK #1
if($_COOKIE['PHPSESSID'] == session_id( ) && $_COOKIE['type'] != "") {
$open = mysql_connect($_CONF['hostname'],$_CONF['user'],$_CONF['password']);
mysql_select_db("$_CONF[db]",$open);
$leagueinfo = mysql_query("SELECT * FROM ".$_CONF['tprefix']."leagueinfo");
$_CONF['logtime'] = mysql_result($leagueinfo,0,"timelength");
$_CONF['league_name'] = mysql_result($leagueinfo,0,"name");
$_CONF['interdiv'] = mysql_result($leagueinfo,0,"interdiv");
$_CONF['gdversion'] = mysql_result($leagueinfo,0,"gd");
//SECURITY CHECK #2
$cktime = $_COOKIE['time'] + ($_CONF['logtime'] * 60);
if(date("U") < $cktime) {
setcookie("time",date("U"),time()+1209600,"","","");
$teams = mysql_query("SELECT id,name,contact_email FROM ".$_CONF['tprefix']."teams WHERE contact_email = '$_COOKIE[u]'");
$teamid = mysql_result($teams,0,"id");
$_CONF['teamid'] = $teamid;
$_CONF['teamname'] = mysql_result($teams,0,"name");
$_CONF['teamemail'] = mysql_result($teams,0,"contact_email");
ob_start();
include("includes/header_user.inc");
$header = ob_get_contents();
ob_end_clean();
//GET TASK
if($_POST['opt']) {
$opt = $_POST['opt'];
} else {
$opt = $_GET['opt'];
}
include("userfunctions.php");
switch($opt) {
case "alist": //ANNOUNCEMENT LIST
$header = eregi_replace("<!--%formname%-->","ann",$header);
$output .= announcement_list($message);
break;
case "aform": //NEW ANNOUNCEMENT HTML FORM
$output .= announcement_form();
break;
case "asql": //INSERT NEW ANNOUNCEMENT IN MYSQL
$message = announcement_sql();
$header = eregi_replace("<!--%formname%-->","ann",$header);
$output .= announcement_list($message);
break;
case "eform": //EDIT ANNOUNCEMENT HTML FORM
$output .= announcement_eform();
break;
case "esql": //UPDATE ANNOUNCEMENT IN MYSQL
$message = announcement_esql();
$header = eregi_replace("<!--%formname%-->","ann",$header);
$output .= announcement_list($message);
break;
case "ann_delete": //DELETE ANNOUNCEMENT
$message .= announcement_delete();
$header = eregi_replace("<!--%formname%-->","ann",$header);
$output .= announcement_list($message);
break;
case "info": //TEAM INFORMATION HTML FORM
$output .= teaminfo($message);
break;
case "info_sql": //UPDATE TEAM INFO IN MYSQL
$message = teaminfo_sql();
$output .= teaminfo($message);
break;
case "players": //LIST PLAYERS ON TEAM
$output .= players($_GET['message']);
break;
/***** DEFUNCT *****
case "editteamsch": //???
editteamsch($date,$time,$location,$team1_score,$te am2_score,$team1,$team2,$season);
$output .= scheduleteam($teamid,$thisdiv);
break;
case "delteamsch": //???
$sql = mysql_query("DELETE FROM ".$_CONF['tprefix']."schedule_scores WHERE id ='$id'");
$output .= scheduleteam($selectteam,$thisdiv);
break;
***** DEFUNCT *****/
case "schedule_delete": //DELETE ONE OR MORE GAMES FROM SCHEDULE
$message .= schedule_delete();
$formname = "schedule";
$header = eregi_replace("<!--%formname%-->",$formname,$header);
$output .= scheduleteam($_POST['teamid'],$_POST['thisdiv']);
break;
case "schedule_postpone": //POSTPONE GAME(S)
$message .= schedule_postpone();
$header = eregi_replace("<!--%formname%-->","schedule",$header);
$output .= scheduleteam($_POST['teamid'],$_POST['thisdiv']);
break;
case "schedule_cancel": //CANCEL GAME(S)
$message .= schedule_cancel();
$header = eregi_replace("<!--%formname%-->","schedule",$header);
$output .= scheduleteam($_POST['teamid'],$_POST['thisdiv']);
break;
default: //DISPLAY TEAM'S SCHEDULE
$formname = "schedule";
$header = eregi_replace("<!--%formname%-->",$formname,$header);
$output .= scheduleteam($teamid,$thisdiv);
}
} else {
header("Location: ./?opt=login&message=error\r\n");
}
} else {
header("Location: ./?opt=login&message=error\r\n");
}
$header = eregi_replace("<!--%formname%-->","form",$header);
$output = $header.$output."
</td></tr></table>";
echo $output;
include("includes/footer.inc");
?>
Now when an admin logs in they get a different URL so I am thinking it maybe ok and it isn't effected.
If it means removing a bit of code then so be it I just wanted them 4 buttons removing.
Thanks
JamieLee2k