function tabella($action, $dati = array()) { global $idflag, $link, $idlangue, $idstyle, $CURUSER, $USE_IMAGECODE, $TABLE_PREFIX, $language, $tpl_account, $THIS_BASEPATH; if ($action == "signup") { $dati["username"] = ""; $dati["email"] = ""; $dati["language"] = $idlangue; } // avoid error with js $language["DIF_PASSWORDS"] = AddSlashes($language["DIF_PASSWORDS"]); $language["INSERT_PASSWORD"] = AddSlashes($language["INSERT_PASSWORD"]); $language["USER_PWD_AGAIN"] = AddSlashes($language["USER_PWD_AGAIN"]); $language["INSERT_USERNAME"] = AddSlashes($language["INSERT_USERNAME"]); $language["ERR_NO_EMAIL"] = AddSlashes($language["ERR_NO_EMAIL"]); $language["ERR_NO_EMAIL_AGAIN"] = AddSlashes($language["ERR_NO_EMAIL_AGAIN"]); $language["DIF_EMAIL"] = AddSlashes($language["DIF_EMAIL"]); $tpl_account->set("language", $language); $tpl_account->set("account_action", $action); $tpl_account->set("account_form_actionlink", htmlspecialchars("index.php?page=signup&act={$action}&returnto={$link}")); $tpl_account->set("account_uid", $dati["id"]); $tpl_account->set("account_returnto", urlencode($link)); $tpl_account->set("account_IDlanguage", $idlang); $tpl_account->set("account_IDstyle", $idstyle); $tpl_account->set("account_IDcountry", $idflag); $tpl_account->set("account_username", $dati["username"]); $tpl_account->set("dati", $dati); $tpl_account->set("DEL", $action == "delete", true); $tpl_account->set("DISPLAY_FULL", $action == "signup", true); if ($action == "del") { $tpl_account->set("account_from_delete_confirm", "<input type=\"submit\" name=\"elimina\" value=\"" . $language["FRM_DELETE"] . "\" /> <input type=\"submit\" name=\"elimina\" value=\"" . $language["FRM_CANCEL"] . "\" />"); } else { $tpl_account->set("account_from_delete_confirm", "<input type=\"submit\" name=\"conferma\" value=\"" . $language["FRM_CONFIRM"] . "\" /> <input type=\"reset\" name=\"annulla\" value=\"" . $language["FRM_CANCEL"] . "\" />"); } $lres = language_list(); $option = "\n<select name=\"language\" size=\"1\">"; foreach ($lres as $langue) { $option .= "\n<option "; if ($langue["id"] == $dati["language"]) { $option .= "\"selected\" "; } $option .= "value=\"" . $langue["id"] . "\">" . $langue["language"] . "</option>"; } $option .= "\n</select>"; $tpl_account->set("account_combo_language", $option); $sres = style_list(); $option = "\n<select name=\"style\" size=\"1\">"; foreach ($sres as $style) { $option .= "\n<option "; if ($style["id"] == $dati["style"]) { $option .= "\"selected\" "; } $option .= "value=\"" . $style["id"] . "\">" . $style["style"] . "</option>"; } $option .= "\n</select>"; $tpl_account->set("account_combo_style", $option); $fres = flag_list(); $option = "\n<select name=\"flag\" size=\"1\">\n<option value='0'>---</option>"; $thisip = $_SERVER["REMOTE_ADDR"]; $remotedns = gethostbyaddr($thisip); if ($remotedns != $thisip) { $remotedns = strtoupper($remotedns); preg_match('/^(.+)\\.([A-Z]{2,3})$/', $remotedns, $tldm); if (isset($tldm[2])) { $remotedns = mysql_escape_string($tldm[2]); } } foreach ($fres as $flag) { $option .= "\n<option "; if ($flag["id"] == $dati["flag"] || $flag["domain"] == $remotedns && $action == "signup") { $option .= "\"selected\" "; } $option .= "value=\"" . $flag["id"] . "\">" . $flag["name"] . "</option>"; } $option .= "\n</select>"; $tpl_account->set("account_combo_country", $option); $zone = date('Z', time()); $daylight = date('I', time()) * 3600; $os = $zone - $daylight; if ($os != 0) { $timeoff = $os / 3600; } else { $timeoff = 0; } if (!$CURUSER || $CURUSER["uid"] == 1) { $dati["time_offset"] = $timeoff; } $tres = timezone_list(); $option = "<select name=\"timezone\">"; foreach ($tres as $timezone) { $option .= "\n<option "; if ($timezone["difference"] == $dati["time_offset"]) { $option .= "selected=\"selected\" "; } $option .= "value=\"" . $timezone["difference"] . "\">" . unesc($timezone["timezone"]) . "</option>"; } $option .= "\n</select>"; $tpl_account->set("account_combo_timezone", $option); // ----------------------------- // Captcha hack // ----------------------------- // if set to use secure code: try to display imagecode if ($USE_IMAGECODE && $action != "mod") { if (extension_loaded('gd')) { $arr = gd_info(); if ($arr['FreeType Support'] == 1) { $p = new ocr_captcha(); $tpl_account->set("CAPTCHA", true, true); $tpl_account->set("account_captcha", $p->display_captcha(true)); $private = $p->generate_private(); } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = rand(0, count($security_code) - 1); $scode = "<input type=\"hidden\" name=\"security_index\" value=\"{$scode_index}\" />\n"; $scode .= $security_code[$scode_index]["question"]; $tpl_account->set("scode_question", $scode); $tpl_account->set("CAPTCHA", false, true); } } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = rand(0, count($security_code) - 1); $scode = "<input type=\"hidden\" name=\"security_index\" value=\"{$scode_index}\" />\n"; $scode .= $security_code[$scode_index]["question"]; $tpl_account->set("scode_question", $scode); $tpl_account->set("CAPTCHA", false, true); } } elseif ($action != "mod") { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = rand(0, count($security_code) - 1); $scode = "<input type=\"hidden\" name=\"security_index\" value=\"{$scode_index}\" />\n"; $scode .= $security_code[$scode_index]["question"]; $tpl_account->set("scode_question", $scode); // we will request simple operation to user $tpl_account->set("CAPTCHA", false, true); } // ----------------------------- // Captcha hack // ----------------------------- }
exit; } if (is_null($nume) || is_null($hash) || is_null($pic) || is_null($cds) || is_null($autor) || is_null($link) || is_null($frame)) { stderr("Error", "Please Complete all the fields!"); stdfoot(false, false, true); die; } $cds = sanitize_paranoid_string($cds); $autor = sanitize_paranoid_string($autor); do_sqlquery("UPDATE {$TABLE_PREFIX}subtitles SET name='{$nume}', hash='{$hash}', pic='{$pic}', cds='{$cds}', author='{$autor}', imdb='{$link}', Framerate='{$frame}', flag='{$idflag}' WHERE id=" . $_GET['id']) or sqlerr(); redirect("index.php?page=subtitles"); } } $getname = do_sqlquery("select * from {$TABLE_PREFIX}countries where id=" . $arr["flag"]); $named = mysqli_fetch_assoc($getname); $fres = flag_list(); $option = "\n<select name=\"flag\" size=\"1\">\n<option value='" . $arr["flag"] . "'>" . $named["name"] . "</option>"; $thisip = $_SERVER["REMOTE_ADDR"]; $remotedns = gethostbyaddr($thisip); if ($remotedns != $thisip) { $remotedns = strtoupper($remotedns); preg_match('/^(.+)\\.([A-Z]{2,3})$/', $remotedns, $tldm); if (isset($tldm[2])) { $remotedns = mysqli_real_escape_string($DBDT, $tldm[2]); } } foreach ($fres as $flag) { $option .= "\n<option "; if ($flag["id"] == $dati["flag"] || $flag["domain"] == $remotedns && $action == "signup") { $option .= "\"selected\" "; }
function tabella($action, $dati = array()) { global $DBDT, $SITENAME, $INVITATIONSON, $code, $rid, $inviter, $idflag, $link, $idlangue, $idstyle, $CURUSER, $USE_IMAGECODE, $TABLE_PREFIX, $language, $tpl_account, $THIS_BASEPATH, $btit_settings; $password_length = 12; $generate_password = crypt(uniqid(mt_rand(), 1)); $generate_password = strip_tags(stripslashes($generate_password)); $generate_password = str_replace(".", "", $generate_password); $generate_password = strrev(str_replace("/", "", $generate_password)); $generate_password = substr($generate_password, 0, $password_length); $pass_min_req = explode(",", $btit_settings["secsui_pass_min_req"]); $tpl_account->set("pass_min_char", $pass_min_req[0]); $tpl_account->set("pass_min_lct", $pass_min_req[1]); $tpl_account->set("pass_min_uct", $pass_min_req[2]); $tpl_account->set("pass_min_num", $pass_min_req[3]); $tpl_account->set("pass_min_sym", $pass_min_req[4]); $tpl_account->set("pass_char_plural", $pass_min_req[0] == 1 ? false : true, true); $tpl_account->set("pass_lct_plural", $pass_min_req[1] == 1 ? false : true, true); $tpl_account->set("pass_uct_plural", $pass_min_req[2] == 1 ? false : true, true); $tpl_account->set("pass_num_plural", $pass_min_req[3] == 1 ? false : true, true); $tpl_account->set("pass_sym_plural", $pass_min_req[4] == 1 ? false : true, true); $tpl_account->set("pass_lct_set", $pass_min_req[1] > 0 ? true : false, true); $tpl_account->set("pass_uct_set", $pass_min_req[2] > 0 ? true : false, true); $tpl_account->set("pass_num_set", $pass_min_req[3] > 0 ? true : false, true); $tpl_account->set("pass_sym_set", $pass_min_req[4] > 0 ? true : false, true); if ($action == "signup" || $action == "invite") { $tpl_account->set("BY_INVITATION", false, true); $dati["username"] = ""; $dati["email"] = ""; $dati["language"] = $idlangue; $dati["style"] = $idstyle; } $uid = $CURUSER["uid"]; $r = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * from {$TABLE_PREFIX}users WHERE id = {$uid}"); $x = mysqli_result($r, 0, "gender"); $gender = "<input name=\"gen\" type=\"radio\" value=\"0\" checked=\"checked\" />\n\t\t\t " . $language["MALE"] . " </label>\n\t\t\t <input name=\"gen\" type=\"radio\" value=\"1\" />\n\t\t\t" . $language["FEMALE"] . " "; $tpl_account->set("account_gender", $gender); // avoid error with js $language["DIF_PASSWORDS"] = AddSlashes($language["DIF_PASSWORDS"]); $language["INSERT_PASSWORD"] = AddSlashes($language["INSERT_PASSWORD"]); $language["USER_PWD_AGAIN"] = AddSlashes($language["USER_PWD_AGAIN"]); $language["INSERT_USERNAME"] = AddSlashes($language["INSERT_USERNAME"]); $language["ERR_NO_EMAIL"] = AddSlashes($language["ERR_NO_EMAIL"]); $language["ERR_NO_EMAIL_AGAIN"] = AddSlashes($language["ERR_NO_EMAIL_AGAIN"]); $language["DIF_EMAIL"] = AddSlashes($language["DIF_EMAIL"]); $language["PASSWORD_GENERATE"] = AddSlashes($language["PASSWORD_GENERATE"]); $language["PASSWORD_GENERATE_INFO"] = AddSlashes($language["PASSWORD_GENERATE_INFO"]); $tpl_account->set("language", $language); $tpl_account->set("account_action", $action); $tpl_account->set("account_form_actionlink", htmlspecialchars("index.php?page=signup&act={$action}&returnto={$link}")); $tpl_account->set("account_uid", $dati["id"]); $tpl_account->set("account_returnto", urlencode($link)); if ($btit_settings["hide_language-visible"] != "visible") { $tpl_account->set("account_IDlanguage", $idlang); } if ($btit_settings["hide_style_visible"] != "visible") { $tpl_account->set("account_IDstyle", $idstyle); } $tpl_account->set("account_IDcountry", $idflag); $tpl_account->set("account_username", $dati["username"]); $tpl_account->set("password_generate", $generate_password); $tpl_account->set("dati", $dati); $tpl_account->set("DEL", $action == "delete", true); $tpl_account->set("DISPLAY_FULL", $action == "signup" || $action == "invite", true); $tpl_account->set("hide_language_visible_1", $btit_settings["hide_language"] == "hidden" ? false : true, true); $tpl_account->set("hide_language_visible_2", $btit_settings["hide_language"] == "hidden" ? false : true, true); $tpl_account->set("hide_style_visible_1", $btit_settings["hide_style"] == "hidden" ? false : true, true); $tpl_account->set("hide_style_visible_2", $btit_settings["hide_style"] == "hidden" ? false : true, true); // DT referral $tpl_account->set("refer", $btit_settings["ref_on"] == false ? false : true, true); if ($btit_settings["ref_on"] == true) { if (!$rid == "") { $tpl_account->set("refa", $rid); $rdt = do_sqlquery("SELECT username FROM {$TABLE_PREFIX}users WHERE id = '" . $rid . "'", true); @($idt = mysqli_fetch_assoc($rdt)); $tpl_account->set("refb", $idt["username"]); } else { $tpl_account->set("refb", "Nobody"); } } // DT referral end //begin invitation system by dodge if ($INVITATIONSON) { $tpl_account->set("BY_INVITATION", true, true); $tpl_account->set("account_IDcode", $code); $tpl_account->set("account_IDinviter", $inviter); } //end invitation system if ($action == "del") { $tpl_account->set("account_from_delete_confirm", "<input type=\"submit\" name=\"elimina\" value=\"" . $language["FRM_DELETE"] . "\" /> <input type=\"submit\" name=\"elimina\" value=\"" . $language["FRM_CANCEL"] . "\" />"); } else { $tpl_account->set("account_from_delete_confirm", "<input type=\"submit\" name=\"conferma\" value=\"" . $language["FRM_CONFIRM"] . "\" /> <input type=\"reset\" name=\"annulla\" value=\"" . $language["FRM_CANCEL"] . "\" />"); } if ($btit_settings["hide_language_visible"] != "visible") { $lres = language_list(); $option = "\n<select name=\"language\" size=\"1\">"; foreach ($lres as $langue) { $option .= "\n<option "; if ($langue["id"] == $dati["language"]) { $option .= "selected=\"selected\" "; } $option .= "value=\"" . $langue["id"] . "\">" . $langue["language"] . "</option>"; } $option .= "\n</select>"; $tpl_account->set("account_combo_language", $option); } if ($btit_settings["hide_style_visible"] != "visible") { $sres = style_list(); $option = "\n<select name=\"style\" size=\"1\">"; foreach ($sres as $style) { $option .= "\n<option "; if ($style["id"] == $dati["style"]) { $option .= "selected=\"selected\" "; } $option .= "value=\"" . $style["id"] . "\">" . $style["style"] . "</option>"; } $option .= "\n</select>"; $tpl_account->set("account_combo_style", $option); } $fres = flag_list(); $option = "\n<select name=\"flag\" size=\"1\">\n<option value='0'>---</option>"; $thisip = $_SERVER["REMOTE_ADDR"]; $remotedns = gethostbyaddr($thisip); if ($remotedns != $thisip) { $remotedns = strtoupper($remotedns); preg_match('/^(.+)\\.([A-Z]{2,3})$/', $remotedns, $tldm); if (isset($tldm[2])) { $remotedns = mysqli_real_escape_string($DBDT, $tldm[2]); } } foreach ($fres as $flag) { $option .= "\n<option "; if ($flag["id"] == $dati["flag"] || $flag["domain"] == $remotedns && $action == "signup") { $option .= "selected=\"selected\" "; } $option .= "value=\"" . $flag["id"] . "\">" . $flag["name"] . "</option>"; } $option .= "\n</select>"; $tpl_account->set("account_combo_country", $option); $zone = date('Z', time()); $daylight = date('I', time()) * 3600; $os = $zone - $daylight; if ($os != 0) { $timeoff = $os / 3600; } else { $timeoff = 0; } if (!$CURUSER || $CURUSER["uid"] == 1) { $dati["time_offset"] = $timeoff; } $tres = timezone_list(); $option = "<select name=\"timezone\">"; foreach ($tres as $timezone) { $option .= "\n<option "; if ($timezone["difference"] == $dati["time_offset"]) { $option .= "selected=\"selected\" "; } $option .= "value=\"" . $timezone["difference"] . "\">" . unesc($timezone["timezone"]) . "</option>"; } $option .= "\n</select>"; $tpl_account->set("account_combo_timezone", $option); // ----------------------------- // Captcha hack // ----------------------------- // if set to use secure code: try to display imagecode if ($btit_settings["gcsw"] == false) { $tpl_account->set("GCAPTCHA", false, true); $tpl_account->set("XCAPTCHA", true, true); if ($USE_IMAGECODE && $action != "mod") { if (extension_loaded('gd')) { $arr = gd_info(); if ($arr['FreeType Support'] == 1) { $p = new ocr_captcha(); $tpl_account->set("CAPTCHA", true, true); $tpl_account->set("account_captcha", $p->display_captcha(true)); $private = $p->generate_private(); } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = rand(0, count($security_code) - 1); $scode = "<input type=\"hidden\" name=\"security_index\" value=\"{$scode_index}\" />\n"; $scode .= $security_code[$scode_index]["question"]; $tpl_account->set("scode_question", $scode); $tpl_account->set("CAPTCHA", false, true); } } else { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = rand(0, count($security_code) - 1); $scode = "<input type=\"hidden\" name=\"security_index\" value=\"{$scode_index}\" />\n"; $scode .= $security_code[$scode_index]["question"]; $tpl_account->set("scode_question", $scode); $tpl_account->set("CAPTCHA", false, true); } } elseif ($action != "mod") { include "{$THIS_BASEPATH}/include/security_code.php"; $scode_index = rand(0, count($security_code) - 1); $scode = "<input type=\"hidden\" name=\"security_index\" value=\"{$scode_index}\" />\n"; $scode .= $security_code[$scode_index]["question"]; $tpl_account->set("scode_question", $scode); // we will request simple operation to user $tpl_account->set("CAPTCHA", false, true); } } else { $tpl_account->set("GCAPTCHA", true, true); $tpl_account->set("XCAPTCHA", false, true); $tpl_account->set("sike", $btit_settings["gcsitk"]); } // ----------------------------- // Captcha hack // ----------------------------- }
$opts['default'] = $curu['style']; $styles = style_list(); $admintpl->set('style_combo', get_combo($styles, $opts)); # timezone list $opts['name'] = 'timezone'; $opts['id'] = 'difference'; $opts['value'] = 'timezone'; $opts['default'] = $curu['time_offset']; $tzones = timezone_list(); $admintpl->set('tz_combo', get_combo($tzones, $opts)); # flag list $opts['complete'] = false; $opts['value'] = 'name'; $opts['id'] = 'id'; $opts['default'] = $curu['flag']; $flags = flag_list(); $admintpl->set('flag_combo', get_combo($flags, $opts)); # posts/topics per page if ($FORUMLINK == '' || $FORUMLINK == 'internal') { $admintpl->set('INTERNAL_FORUM', true, true); $profile['topicsperpage'] = $curu['topicsperpage']; $profile['postsperpage'] = $curu['postsperpage']; } else { $admintpl->set('INTERNAL_FORUM', false, true); $profile['topicsperpage'] = ''; $profile['postsperpage'] = ''; } # torrents per page $profile['torrentsperpage'] = $curu['torrentsperpage']; # avatar $profile['avatar'] = $curu['avatar'] != '' ? $curu['avatar'] : $STYLEURL . '/images/default_avatar.gif';
function tabella($action, $dati = array()) { global $idflag, $link, $idlangue, $idstyle, $db, $USE_IMAGECODE; ?> <center> <p> <form name="utente" method="post" OnSubmit="return FormControl('<?php echo $action; ?> ')" action="<?php echo htmlentities(urldecode($_SERVER['PHP_SELF'])) . "?act=" . $action . "&returnto=" . urlencode($link); ?> "> <input type="hidden" name="act" value="<?php echo $action; ?> " /> <input type="hidden" name="uid" value="<?php echo (int) $dati["id"]; ?> " /> <input type="hidden" name="returnto" value="<?php echo urlencode($link); ?> "/> <input type="hidden" name="language" value="<?php echo $idlangue; ?> "/> <input type="hidden" name="style" value="<?php echo $idstyle; ?> "/> <input type="hidden" name="flag" value="<?php echo $idflag; ?> "/> <input type="hidden" name="username" value="<?php echo security::html_safe($dati["username"]); ?> "/> <table width="60%" border="0" class="lista"> <tr> <td align="left" class="header"><?php echo USER_NAME; ?> : </td> <td align="left" class="lista"> <?php if ($action == "mod" || $action == "del") { print "\n<input type='text' size='40' name='user' value='" . security::html_safe(unesc($dati['username'])) . "' " . ($action == "mod" ? "" : "readonly") . " />"; } else { print "\n<input type='text' size='40' name='user' />"; } ?> </td> </tr> <?php if (user::$current["uid"] == $dati["id"] && $action == "mod" || $action == "signup" || user::$current["edit_users"] == "yes" && $action == "mod") { ?> <tr> <td align="left" class="header"><?php echo USER_PWD; ?> :</td> <td align="left" class="lista"><input type="password" size="40" name="pwd" /></td> </tr> <tr> <td align="left" class="header"><?php echo USER_PWD_AGAIN; ?> :</td> <td align="left" class="lista"><input type="password" size="40" name="pwd1" /></td> </tr> <tr> <td align="left" class="header"><?php echo USER_EMAIL; ?> :</td> <td align="left" class="lista"><input type="text" size="30" name="email" value="<?php if ($action == "mod") { echo security::html_safe($dati['email']); } ?> "/></td> </tr> <?php $lres = language_list(); print "<tr>\n\t<td align='left' class='header'>" . USER_LANGUE . ":</td>"; print "\n\t<td align='left' class='lista'><select name='language'>"; foreach ($lres as $langue) { $option = "\n<option "; if ($langue["id"] == $dati["language"]) { $option .= "selected='selected' "; } $option .= "value='" . (int) $langue["id"] . "'>" . security::html_safe($langue["language"]) . "</option>"; print $option; } print "</select></td>\n</tr>"; $sres = style_list(); print "<tr>\n\t<td align='left' class='header'>" . USER_STYLE . ":</td>"; print "\n\t<td align='left' class='lista'><select name='style'>"; foreach ($sres as $style) { $option = "\n<option "; if ($style["id"] == $dati["style"]) { $option .= "selected='selected' "; } $option .= "value='" . (int) $style["id"] . "'>" . security::html_safe($style["style"]) . "</option>"; print $option; } print "</select></td>\n</tr>"; $fres = flag_list(); print "<tr>\n\t<td align='left' class='header'>" . PEER_COUNTRY . ":</td>"; print "\n\t<td align='left' class='lista'><select name='flag'>\n<option value='0'>---</option>"; $thisip = vars::$realip; $remotedns = gethostbyaddr($thisip); if ($remotedns != $thisip) { $remotedns = utf8::strtoupper($remotedns); preg_match('/^(.+)\\.([A-Z]{2,3})$/', $remotedns, $tldm); if (isset($tldm[2])) { $remotedns = $db->real_escape_string($tldm[2]); } } foreach ($fres as $flag) { $option = "\n<option "; if ($flag["id"] == $dati["flag"] || $flag["domain"] == $remotedns && $action == "signup") { $option .= "selected='selected' "; } $option .= "value='" . (int) $flag["id"] . "'>" . security::html_safe($flag["name"]) . "</option>"; print $option; } print "</select></td>\n</tr>"; $zone = date('Z', vars::$timestamp); $daylight = date('I', vars::$timestamp) * 3600; $os = $zone - $daylight; if ($os != 0) { $timeoff = $os / 3600; } else { $timeoff = 0; } if (!user::$current || user::$current["uid"] == 1) { $dati["time_offset"] = $timeoff; } $tres = timezone_list(); print "<tr>\n\t<td align='left' class='header'>" . TIMEZONE . ":</td>"; print "\n\t<td align='left' class='lista' colspan='2'>\n<select name='timezone'>"; foreach ($tres as $timezone) { $option = "\n<option "; if ($timezone["difference"] == $dati["time_offset"]) { $option .= "selected='selected' "; } $option .= "value='" . $timezone["difference"] . "'>" . security::html_safe(unesc($timezone["timezone"])) . "</option>"; print $option; } print "</select></td>\n</tr>"; // ----------------------------- // Captcha hack // ----------------------------- // if set to use secure code: try to display imagecode if (user::$current['edit_users'] == 'yes' && $action == "mod" && user::$current["uid"] != $dati["id"]) { print "<tr>\n\t<td align='left' class='header'>" . USER_LEVEL . ":</td><td align='left' class='lista'>"; print "<select name='level'>"; $res = $db->query("SELECT level FROM users_level WHERE id_level <= " . user::$current["id_level"] . " ORDER BY id_level"); while ($row = $res->fetch_array(MYSQLI_BOTH)) { $select = "<option value='" . unesc($row["level"]) . "'"; if (unesc($dati["level"]) == unesc($row["level"])) { $select .= "selected='selected'"; } $select .= ">" . security::html_safe(unesc($row["level"])) . "</option>\n"; print $select; } print "</select></td></tr>"; } elseif ($USE_IMAGECODE && $action != "mod") { if (extension_loaded('gd')) { $arr = gd_info(); if ($arr['FreeType Support'] == 1) { $p = new ocr_captcha(); print "<tr>\n\t<td align='left' class='header'>" . IMAGE_CODE . ":</td>"; print "\n\t<td align='left' class='lista'><input type='text' name='private_key' value='' maxlength='6' size='6'>\n"; print $p->display_captcha(true); $private = $p->generate_private(); print "</td>\n</tr>"; } } } // ----------------------------- // Captcha hack // ----------------------------- } ?> <tr> <td align="center" class="header"></td> <?php if ($action == "del") { print "\n<td align='left' class='lista'><input type='submit' name='elimina' value='" . FRM_DELETE . "' /> <input type='submit' name='elimina' value='" . FRM_CANCEL . "' /></td>"; } else { print "\n<td align='left' class='lista'><input type='submit' name='conferma' value='" . FRM_CONFIRM . "' /> <input type='reset' name='annulla' value='" . FRM_CANCEL . "' /></td>"; } ?> </tr> </table> </form> </center> </p> <?php }