--- /dev/null
+<?php
+$db['host'] = "localhost";
+$db['user'] = "neonserv";
+$db['pass'] = "";
+$db['base'] = "neonserv";
+
+$db['conn'] = @mysql_connect($db['host'], $db['user'], $db['pass']) or die(mysql_error());
+if($db['conn']) {
+ $mysql_connection=TRUE;
+ mysql_select_db($db['base'], $db['conn']) OR $mysql_connection=FALSE;
+}
+
+if(!$mysql_connection)
+ die("no connection to the MySQL Server.");
+
+$id = $_GET['id'];
+$key = $_GET['key'];
+if(!is_numeric($id) || strlen($key) != 32)
+ die("Access denied");
+
+$result = mysql_query("SELECT `nick`, `hand`, `host`, `time`, `status`, `text`, `log`, `supporter`, `users`.`user_user`, MD5(CONCAT(`id`, `host`, `time`, `supporter`)) FROM `helpserv_requests` LEFT JOIN `users` ON `supporter` = `user_id` WHERE `id` = '".mysql_real_escape_string($id)."';");
+if(mysql_num_rows($result) == 0)
+ die("Access denied");
+$row = mysql_fetch_row($result);
+if(strtolower($row[9]) != strtolower($key))
+ die("Access denied");
+
+?>
+<table border="1" width="600">
+ <tr>
+ <td width="150">Nick:</td>
+ <td><?php echo$row[0]; ?></td>
+ </tr>
+ <tr>
+ <td width="150">Hostmask:</td>
+ <td><?php echo$row[2]; ?> (auth: <?php echo$row[1]; ?>)</td>
+ </tr>
+ <tr>
+ <td width="150">Time</td>
+ <td><?php echo date("d.m.Y H:i:s", $row[3]); ?></td>
+ </tr>
+ <tr>
+ <td width="150">State</td>
+ <td>
+ <?php
+ if($row[4] == 0)
+ echo"pending";
+ else if($row[4] == 1)
+ echo "active (".$row[8].")";
+ else if($row[4] == 2)
+ echo "closed (".($row[7] == 0 ? "*" : $row[8]).")";
+ ?>
+ </td>
+ </tr>
+ <tr>
+ <td colspan="2"><span style="font-size:10pt; font-family:Courier New;"><?php echo str_replace("\n", "<br>", $row[5]); ?></span></td>
+ </tr>
+ <tr>
+ <td colspan="2"><span style="font-size:10pt; font-family:Courier New;"><?php echo str_replace("\n", "<br>", $row[6]); ?></span></td>
+ </tr>
+</table>
\ No newline at end of file