Beispiel #1
0
         admin_msg($_SESSION['user_id']);
         $file_contents = 'Avatar upload error - width or height error - check 5' . "\n" . 'USER_ID ' . $_SESSION['user_id'] . "\n" . $use_date . "\n" . '=================================================================' . "\n";
         write_debug_log($file_contents);
         ////////////////////////////////////////////////////////////////
         // keep image to look at
         //@unlink($new_file_path);
         die_with_msg($message);
     }
 }
 $sql = "SELECT * FROM pictures WHERE user_id = {$user_id}";
 $result = @mysql_query($sql);
 // delete member avatar if they have one already
 if (@mysql_num_rows($result) != 0) {
     $result = @mysql_fetch_array($result);
     $existing_file = $result['file_name'];
     $filepath = installation_paths();
     $filepath = $filepath . '/pictures/' . $existing_file;
     @unlink($filepath);
     $sql = "DELETE FROM pictures WHERE user_id = {$user_id}";
     @mysql_query($sql);
     unset($_SESSION['security_token']);
     $security_token = randomcode();
     $_SESSION['security_token'] = $security_token;
     $color = '#DD0000';
 }
 $sql = "INSERT INTO pictures (file_name, user_id, todays_date, approved) VALUES ('{$new_file_name}', {$user_id}, NOW(), 'yes')";
 @mysql_query($sql);
 if (mysql_error()) {
     $show_notification = 1;
     $color = '#DD0000';
     $message = $config["error_26"];
Beispiel #2
0
include_once "includes/functions.php";
include_once 'includes/login_check.php';
//Menu Loaders
///////////////
$top_menu = '';
$side_menu = 'settings';
$dashboard_header = $lang_site_statistics;
/////////////////////
//defaults settings /
/////////////////////
$show_hide = 1;
$show_notification = 0;
$todays_date = $config["date_format"];
$base_url = $config['site_base_url'];
$result_active = array();
$base_path = installation_paths();
$_SESSION['statsxml'] = '';
//reset this session
////////////////
//check for type
////////////////
if (isset($_POST['type'])) {
    $type = $_POST['type'];
} else {
    $type = $_GET['type'];
}
if ($type == 1 || $type == 2 || $type == 3 || $type == 4 || $type == 5 || $type == 6) {
    $show_t = $type;
} else {
    $show_t = 1;
    $type = 1;
Beispiel #3
0
function managemember($user_id, $manage_type)
{
    //manage type can be delete, suspend etc
    global $config;
    $base_path = installation_paths();
    $user_id = @mysql_real_escape_string($user_id);
    //check if This is the admin account
    $sql = "SELECT * FROM member_profile WHERE user_id = {$user_id} AND user_group = 'admin'";
    $query = @mysql_query($sql);
    if (@mysql_num_rows($query) < 0) {
        $manage_type = '';
    }
    ////
    //decide what to do with member
    /////
    // Option (1) delete user (this also deletes all user content
    ////////
    if ($manage_type == 'delete') {
        $sql = "DELETE FROM member_profile WHERE user_id = {$user_id}";
        @mysql_query($sql);
        //videos
        $sql = "UPDATE videos SET approved ='pendingdelete' WHERE user_id = {$user_id}";
        @mysql_query($sql);
        //images
        $sql = "UPDATE images SET approved ='pendingdelete' WHERE user_id = {$user_id}";
        @mysql_query($sql);
        //blogs
        $sql = "UPDATE blogs SET approved ='pendingdelete' WHERE user_id = {$user_id}";
        @mysql_query($sql);
        //images galleries
        $sql = "UPDATE image_galleries SET approved ='pendingdelete' WHERE user_id = {$user_id}";
        @mysql_query($sql);
        //delete from blog_replys
        $sql = "DELETE FROM blog_replys WHERE by_id = {$user_id}";
        @mysql_query($sql);
        //delete from imagecomments
        $sql = "DELETE FROM imagecomments WHERE by_id = {$user_id}";
        @mysql_query($sql);
        //delete comment replies also
        $sql = "DELETE FROM imagecomments_replys WHERE by_id = {$user_id}";
        @mysql_query($sql);
        //delete group videos by member (deleted)
        $sql = "DELETE FROM group_videos WHERE member_id = {$user_id}";
        @mysql_query($sql);
        //delete group membership
        $sql = "DELETE FROM group_membership WHERE member_id = {$user_id}";
        @mysql_query($sql);
        //delete from group_comments
        $sql = "DELETE FROM group_comments WHERE by_id = {$user_id}";
        @mysql_query($sql);
        //delete from pictures
        $sql = "DELETE FROM pictures WHERE user_id = {$user_id}";
        @mysql_query($sql);
        //delete from friends part 1
        $sql = "DELETE FROM friends WHERE user_id = {$user_id}";
        @mysql_query($sql);
        //delete from friends part 2
        $sql = "DELETE FROM friends WHERE friends_id = {$user_id}";
        @mysql_query($sql);
        //delete from flagging_comments
        $sql = "DELETE FROM flagging_comments WHERE user_id = {$user_id}";
        @mysql_query($sql);
        //delete from favorites
        $sql = "DELETE FROM favorites WHERE WHERE owner_id = {$user_id}";
        @mysql_query($sql);
        //delete from flagging
        $sql = "DELETE FROM flagging WHERE user_id = {$user_id}";
        @mysql_query($sql);
        //delete from privacy
        $sql = "DELETE FROM privacy WHERE user_id = {$user_id}";
        @mysql_query($sql);
        //delete from videocomments
        $sql = "DELETE FROM videocomments WHERE by_id = {$user_id}";
        @mysql_query($sql);
        //delete from videocomments_replys
        $sql = "DELETE FROM videocomments_replys WHERE by_id = {$user_id}";
        @mysql_query($sql);
        //delete from audiocomments
        $sql = "DELETE FROM audiocomments WHERE by_id = {$user_id}";
        @mysql_query($sql);
        //delete from audiocomments_replys
        $sql = "DELETE FROM audiocomments_replys WHERE by_id = {$user_id}";
        @mysql_query($sql);
        //delete from profile comments
        $sql = "DELETE FROM profilecomments WHERE members_id = {$user_id} OR by_id={$user_id}";
        @mysql_query($sql);
        //delete from profile comments replies
        $sql = "DELETE FROM profilecomments_replys WHERE by_id = {$user_id}";
        @mysql_query($sql);
        //delete entire groups i manage
        $sql = "DELETE FROM group_profile WHERE admin_id = {$user_id}";
        @mysql_query($sql);
        //delete video_playlist
        $sql = "DELETE FROM video_playlist WHERE user_id = {$user_id}";
        @mysql_query($sql);
        //delete video_playlist_lists
        $sql = "DELETE FROM video_playlist_lists WHERE user_id = {$user_id}";
        @mysql_query($sql);
    }
    // Option (2) suspend user (content is preserved)
    ///////////////////////
    if ($manage_type == 'suspend') {
        $sql = "UPDATE member_profile SET account_status ='suspended' WHERE user_id = {$user_id}";
        @mysql_query($sql);
        //email customer that activation has been down
        $send_email = true;
        $sql = "SELECT * FROM member_profile WHERE user_id = {$user_id}";
        $result = mysql_fetch_array(mysql_query($sql));
        $to = $result['email_address'];
        $email_template = $base_path . '/email_templates/accountsuspended.htm';
        $subject = $config["email_subject_suspended"];
    }
    // Option (3) aprove user (content is preserved)
    ///////////////////////
    if ($manage_type == 'activate') {
        $sql = "UPDATE member_profile SET account_status ='active' WHERE user_id = {$user_id}";
        @mysql_query($sql);
        //email customer that activation has been down
        $send_email = true;
        $sql = "SELECT * FROM member_profile WHERE user_id = {$user_id}";
        $result = mysql_fetch_array(mysql_query($sql));
        $to = $result['email_address'];
        $email_template = $base_path . '/email_templates/accountapproved.htm';
        $subject = $config["email_subject_approved"];
    }
    // Option (4) Make moderator
    ///////////////////////
    if ($manage_type == 'moderator') {
        $moderator_group = $_POST['moderator_level'];
        //posted level
        if ($moderator_group == '') {
            //error control
            $moderator_group = 'member';
        }
        $sql = "UPDATE member_profile SET user_group = '{$moderator_group}' WHERE user_id = {$user_id}";
        @mysql_query($sql);
    }
    // Send any email to member
    //
    if ($send_email == true && $config['email_member_admin_actions'] == 'yes') {
        //>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
        $from = $config['notifications_from_email'];
        //send email template to TBS for rendering of variable inside
        $TBS = new clsTinyButStrong();
        $TBS->NoErr = true;
        // no more error message displayed.
        $TBS->LoadTemplate("{$email_template}");
        $TBS->tbs_show(TBS_NOTHING);
        $message = $TBS->Source;
        //load postage.php
        include $base_path . '/postage.php';
        //>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
    }
}