Reporting System

[Detox]

Hello,

I need assistance on some of my coding. I'm trying to code a report system tool kinda like Habboon at one point.

Video:

PHP Code:

<?php
{
$submitReport = mysql_query("INSERT INTO `staff_report` (`id`, `complaint`, `staff`, `explanation`, `moreinfo` ) VALUES ('".filter($_GET['id'])."', '".$_POST['complaint']."' ,'".$_POST['staff']."', '".filter($_POST['explanation'])."', '".filter($_POST['moreinfo'])."')") or die(mysql_error());
                                }
                                ?>


<?php
$getStaff = mysql_query("SELECT username FROM users WHERE rank >= '3'");
 while($staffUser = mysql_fetch_array($getStaff)){
    echo'
    <option value="NA">N\A</option>
    <option disabled>-------------------------</option>
    <option value="">'.$staffUser['username'].'</option>';
}
?>

 

[Brad]

I coded one similar, you'll have to convert it but here it is.

<?php  if(isset($_POST['report_submit']))
                {
                           $report_type = $engine->secure($_POST['report_type']);
                        $report_data = $engine->secure($_POST['report_data']);
                        $report_agree = $engine->secure($_POST['report_agree']);

                        if((($report_type == "furniture_fix") || ($report_type == "client_bug") || ($report_type == "website_bug") || !empty($_POST['report_agree'])))
                        {
                            $engine->query("INSERT INTO `reports` (type,data,user_id) VALUES ('".$report_type."','".$report_data."', '".$_SESSION['user']['id']."')");
                            echo 'Success!';
                        }   
                        else
                        {
                            echo 'error!  oooh, the irony?!?!?';
                        }                       
                }
               ?>              
               <form method="post" name ="report_submit">
                            <div class="form-section">
                                <strong>Select Your Report Type:</strong><br />               
                            <p>    <p><select name="report_type">
                                        <option value="furniture_fix">Broken furniture</option>
                                        <option value="client_bug">Issue within the client (eg Disconnection issues)</option>
                                        <option value="website_bug">Issue on our Website (eg A Certain feature not working)</option>
                                </select>
                            </div>
                                <h3>Issue</h3>
                                <p>Please write your issue below, Please provide a good description.</p>
                                <p><label><input type="text" name="report_data" size="32" maxlength="32" value="" id="report_data"></label></p>
                                <div class="form-section">
                                <input type="checkbox" value="1" name="report_agree">
                                <label>I agree not to abuse this feature, otherwise there maybe consequences.</label>
                            </div>
                            
                            <br/>
                            <div class="form-section">
                                <input type="submit" class="submit" name="report_submit" value="Submit Report">
                            </div>
                            </form>

 

[Detox]

I coded one similar, you'll have to convert it but here it is.

<?php  if(isset($_POST['report_submit']))
                {
                           $report_type = $engine->secure($_POST['report_type']);
                        $report_data = $engine->secure($_POST['report_data']);
                        $report_agree = $engine->secure($_POST['report_agree']);

                        if((($report_type == "furniture_fix") || ($report_type == "client_bug") || ($report_type == "website_bug") || !empty($_POST['report_agree'])))
                        {
                            $engine->query("INSERT INTO `reports` (type,data,user_id) VALUES ('".$report_type."','".$report_data."', '".$_SESSION['user']['id']."')");
                            echo 'Success!';
                        }
                        else
                        {
                            echo 'error!  oooh, the irony?!?!?';
                        }                    
                }
               ?>           
               <form method="post" name ="report_submit">
                            <div class="form-section">
                                <strong>Select Your Report Type:</strong><br />            
                            <p>    <p><select name="report_type">
                                        <option value="furniture_fix">Broken furniture</option>
                                        <option value="client_bug">Issue within the client (eg Disconnection issues)</option>
                                        <option value="website_bug">Issue on our Website (eg A Certain feature not working)</option>
                                </select>
                            </div>
                                <h3>Issue</h3>
                                <p>Please write your issue below, Please provide a good description.</p>
                                <p><label><input type="text" name="report_data" size="32" maxlength="32" value="" id="report_data"></label></p>
                                <div class="form-section">
                                <input type="checkbox" value="1" name="report_agree">
                                <label>I agree not to abuse this feature, otherwise there maybe consequences.</label>
                            </div>
                         
                            <br/>
                            <div class="form-section">
                                <input type="submit" class="submit" name="report_submit" value="Submit Report">
                            </div>
                            </form>

Your Script is tripling my entry into the Database
Error: Fatal error: Call to a member function secure() on null in /Applications/XAMPP/xamppfiles/htdocs/app/tpl/skins/Habbo/report.php on line 79

NEW EDIT:

<?php  if(isset($_POST['report_submit']))
                {
                        $report_type = $engine->secure($_POST['report_type']);
                        $report_info = $engine->secure($_POST['report_info']);
                        $report_more = $engine->secure($_POST['report_more']);
                        $report_staff = $engine->secure($_POST['report_staff']);
                        $report_agree = $engine->secure($_POST['report_agree']);

                        if((($report_type == "staff_complaint") ||($report_type == "request_furni") || ($report_type == "suggestion_box") || !empty($_POST['report_agree'])))
                        {
                            $engine->query("INSERT INTO `staff_report` (id,complaint,staff,explanation) VALUES ('".$report_type."','".$report_info."', '".$report_more."','".$report_staff."')");
                            echo 'We have successfuly reveived your report!';
                        }   
                        else
                        {
                            echo 'Oh no! Error Somewhere';
                        }                       
                }
               ?>             
              
<form method="post" class="form" name ="report_submit">
<div class="form-group">
<label for="disabledTextInput"><b>Please choose one of the following</b></label>
<div class="col-sm-10">
<select name="report_type" class="form-control">
                                        <option value="staff_complaint">Complaint against a member of staff</option>
                                        <option value="request_furni">Request a furni to be added or fixed</option>
                                        <option value="suggestion_box">Comment/Suggestion</option>
                                </select>
                            </div>
                            </div>
                            <br/>
 <div class="form-group">
<label for="disabledTextInput"><b>Please choose a member of staff (If you are reporting/complimenting a staff member)</b></label>
<div class="col-sm-10">
<div class="col-sm-10">
<select name="report_staff" class="form-control">
<?php
$getStaff = mysql_query("SELECT username FROM users WHERE rank >= '3'");
 while($staffUser = mysql_fetch_array($getStaff)){
    echo'
    <option value="NA">N\A</option>
    <option disabled>-------------------------</option>
    <option value="report_staff">'.$staffUser['username'].'</option>';
}
?>
</select>
</div>
</div>
</div>
<br/>
<div class="form-group">
<label for="exampleInputEmail1"><b>Please explain what you are reporting/suggesting or what is wrong with the furni you are asking to be fixed</b></label>
<div class="col-sm-10">
<textarea class="form-control" rows="5" name="report_info" maxlength="255" style="width:350px;height:75px;resize:none"></textarea>
</div>
</div>
<br/>
<div class="form-group">
<label for="exampleInputEmail1"><b>Would you like to add anything?</b><br><i>Proof? Pictures of the furni, anything else you think is important?! Leave it here!</i></label>
<div class="col-sm-10">
<textarea class="form-control" rows="3" name="report_extra" maxlength="255" class="ss-q-short" style="width:350px;height:75px;resize:none"></textarea>
</div>
</div>
<br/>                           
<div class="checkbox">
<label><input name="report_agree" value="1" type="checkbox">I am aware that if my report is spam, my account could be banned.</label>
</div>
<br>
<input type="submit" value="Submit" name="report_submit" class="submit" style="float left">
</form>

Still Insert Blank SQL

Image:

SQL Table:

CREATE TABLE `staff_report` (
  `id` int(10) UNSIGNED NOT NULL,
  `complaint` varchar(64) DEFAULT NULL,
  `staff` varchar(25) DEFAULT NULL,
  `explanation` text NOT NULL,
  `moreinfo` text NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;

 
Bump this thread. It inserting Blank Rows in my database.