foreach ($screens as $screen) {
if (!empty($screen)) {
if (file_exists($filepath . $screen)) {
@unlink($filepath . $screen);
}
}
}
}
safe_query("DELETE FROM " . PREFIX . "clanwars WHERE cwID='{$cwID}'");
header("Location: index.php?site=clanwars");
} elseif (isset($_POST['quickactiontype']) == "delete") {
include "_mysql.php";
include "_settings.php";
include "_functions.php";
$_language->read_module('clanwars');
if (!isanyadmin($userID)) {
die('no access!');
}
if (isset($_POST['cwID'])) {
$cwID = $_POST['cwID'];
foreach ($cwID as $id) {
$ergebnis = safe_query("SELECT screens FROM " . PREFIX . "clanwars WHERE cwID='{$id}'");
$ds = mysql_fetch_array($ergebnis);
$screens = explode("|", $ds['screens']);
$filepath = "./images/clanwar-screens/";
if (is_array($screens)) {
foreach ($screens as $screen) {
if (!empty($screen)) {
if (file_exists($filepath . $screen)) {
@unlink($filepath . $screen);
}
$_language->set_language($_COOKIE['language']);
} elseif (isset($_SESSION['language'])) {
$_language->set_language($_SESSION['language']);
}
}
if ($login_per_cookie) {
$ll = mysql_fetch_array(safe_query("SELECT lastlogin FROM " . PREFIX . "user WHERE userID='{$userID}'"));
$_SESSION['ws_lastlogin'] = $ll['lastlogin'];
}
// -- SITE VARIABLE -- //
if (isset($_GET['site'])) {
$site = $_GET['site'];
} else {
$site = '';
}
if ($closed and !isanyadmin($userID)) {
$dl = mysql_fetch_array(safe_query("SELECT * FROM `" . PREFIX . "lock` LIMIT 0,1"));
$reason = $dl['reason'];
$time = $dl['time'];
showlock($reason, $time);
}
if (!isset($_SERVER['HTTP_REFERER'])) {
$_SERVER['HTTP_REFERER'] = "";
}
// -- BANNED USERS -- //
if (date("dh", $lastBanCheck) != date("dh")) {
$get = safe_query("SELECT userID, banned FROM " . PREFIX . "user WHERE banned IS NOT NULL");
$removeBan = array();
while ($ds = mysql_fetch_assoc($get)) {
if ($ds['banned'] != "perm") {
if ($ds['banned'] <= time()) {
$url = $_POST['gburl'];
$icq = $_POST['icq'];
$CAPCLASS = new Captcha();
if ($CAPCLASS->check_captcha($_POST['captcha'], $_POST['captcha_hash'])) {
$run = 1;
}
}
if ($run) {
safe_query("INSERT INTO " . PREFIX . "user_gbook (userID, date, name, email, hp, icq, ip, comment)\n\t\t\t\t\t\t\t\tvalues('" . $id . "', '" . $date . "', '" . $_POST['gbname'] . "', '" . $_POST['gbemail'] . "', '" . $_POST['gburl'] . "', '" . $_POST['icq'] . "', '" . $ip . "', '" . $_POST['message'] . "')");
if ($id != $userID) {
sendmessage($id, $_language->module['new_guestbook_entry'], str_replace('%guestbook_id%', $id, $_language->module['new_guestbook_entry_msg']));
}
}
redirect('user/' . getnickname($id) . '/', '', 0);
} elseif (isset($_GET['delete'])) {
if (!isanyadmin($userID) and $id != $userID) {
die($_language->module['no_access']);
}
foreach ($_POST['gbID'] as $gbook_id) {
safe_query("DELETE FROM " . PREFIX . "user_gbook WHERE gbID='{$gbook_id}'");
}
redirect('user/' . getnickname($id) . '/', '', 0);
} else {
$bg1 = BG_1;
$bg2 = BG_2;
$gesamt = mysql_num_rows(safe_query("SELECT gbID FROM " . PREFIX . "user_gbook WHERE userID='" . $id . "'"));
if (isset($_GET['page'])) {
$page = (int) $_GET['page'];
}
$type = "DESC";
if (isset($_GET['type'])) {
# Copyright 2005-2011 by webspell.org #
# #
# visit webSPELL.org, webspell.info to get webSPELL for free #
# - Script runs under the GNU GENERAL PUBLIC LICENSE #
# - It's NOT allowed to remove this copyright-tag #
# -- http://www.fsf.org/licensing/licenses/gpl.html #
# #
# Code based on WebSPELL Clanpackage (Michael Gruber - webspell.at), #
# Far Development by Development Team - webspell.org #
# #
# visit webspell.org #
# #
##########################################################################
*/
$_language->read_module('page_statistic');
if (!isanyadmin($userID) or mb_substr(basename($_SERVER['REQUEST_URI']), 0, 15) != "admincenter.php") {
die($_language->module['access_denied']);
}
echo '<h1>¤ ' . $_language->module['page_stats'] . '</h1>';
$count_array = array();
$tables_array = array(PREFIX . "articles", PREFIX . "banner", PREFIX . "awards", PREFIX . "bannerrotation", PREFIX . "challenge", PREFIX . "clanwars", PREFIX . "comments", PREFIX . "contact", PREFIX . "countries", PREFIX . "demos", PREFIX . "faq", PREFIX . "faq_categories", PREFIX . "files", PREFIX . "files_categorys", PREFIX . "forum_announcements", PREFIX . "forum_boards", PREFIX . "forum_categories", PREFIX . "forum_groups", PREFIX . "forum_moderators", PREFIX . "forum_posts", PREFIX . "forum_ranks", PREFIX . "forum_topics", PREFIX . "gallery", PREFIX . "gallery_groups", PREFIX . "gallery_pictures", PREFIX . "games", PREFIX . "guestbook", PREFIX . "links", PREFIX . "links_categorys", PREFIX . "linkus", PREFIX . "messenger", PREFIX . "news", PREFIX . "news_languages", PREFIX . "news_rubrics", PREFIX . "partners", PREFIX . "poll", PREFIX . "servers", PREFIX . "shoutbox", PREFIX . "smileys", PREFIX . "sponsors", PREFIX . "squads", PREFIX . "static", PREFIX . "user", PREFIX . "user_gbook");
$db_size = 0;
$db_size_op = 0;
if (!isset($db)) {
$get = safe_query("SELECT DATABASE()");
$ret = mysql_fetch_array($get);
$db = $ret[0];
}
$query = safe_query("SHOW TABLES");
$count_tables = mysql_num_rows($query);
foreach ($tables_array as $table) {
$td = 'td1';
} else {
$td = 'td2';
}
$id = $ds['userID'];
$registered = date("d.m.Y - H:i", $ds['registerdate']);
$nickname_c = getnickname($ds['userID']);
$replaced_search = str_replace("%", "", $search);
$nickname = str_replace($replaced_search, '<b>' . $replaced_search . '</b>', $nickname_c);
if (issuperadmin($ds['userID']) && isclanmember($ds['userID'])) {
$status = $_language->module['superadmin'] . '<br />& ' . $_language->module['clanmember'];
} elseif (issuperadmin($ds['userID'])) {
$status = $_language->module['superadmin'];
} elseif (isanyadmin($ds['userID']) && isclanmember($ds['userID'])) {
$status = $_language->module['admin'] . '<br />& ' . $_language->module['clanmember'];
} elseif (isanyadmin($ds['userID'])) {
$status = $_language->module['admin'];
} elseif (isanymoderator($ds['userID']) && isclanmember($ds['userID'])) {
$status = $_language->module['moderator'] . '<br />& ' . $_language->module['clanmember'];
} elseif (isanymoderator($ds['userID'])) {
$status = $_language->module['moderator'];
} elseif (isclanmember($ds['userID'])) {
$status = $_language->module['clanmember'];
} else {
$status = $_language->module['user'];
}
if (isbanned($ds['userID'])) {
$banned = '<input type="button" onclick="MM_goToURL(\'parent\',\'admincenter.php?site=users&action=ban&id=' . $ds['userID'] . '\');return document.MM_returnValue" value="' . $_language->module['undo_ban'] . '" />';
} else {
$banned = '<input type="button" onclick="MM_goToURL(\'parent\',\'admincenter.php?site=users&action=ban&id=' . $ds['userID'] . '\');return document.MM_returnValue" value="' . $_language->module['banish'] . '" />';
}
* Diese Datei ist Teil von Easy-WI.
*
* Easy-WI ist Freie Software: Sie koennen es unter den Bedingungen
* der GNU General Public License, wie von der Free Software Foundation,
* Version 3 der Lizenz oder (nach Ihrer Wahl) jeder spaeteren
* veroeffentlichten Version, weiterverbreiten und/oder modifizieren.
*
* Easy-WI wird in der Hoffnung, dass es nuetzlich sein wird, aber
* OHNE JEDE GEWAEHELEISTUNG, bereitgestellt; sogar ohne die implizite
* Gewaehrleistung der MARKTFAEHIGKEIT oder EIGNUNG FUER EINEN BESTIMMTEN ZWECK.
* Siehe die GNU General Public License fuer weitere Details.
*
* Sie sollten eine Kopie der GNU General Public License zusammen mit diesem
* Programm erhalten haben. Wenn nicht, siehe <http://www.gnu.org/licenses/>.
*/
if (!isset($admin_id) or $main != 1 or isset($admin_id) and !isanyadmin($admin_id) and !rsellerpermisions($admin_id)) {
header('Location: login.php');
die('No acces');
}
$sprache_bad = getlanguagefile('home', $user_language, $reseller_id);
$statsArray = array('gameMasterInstalled' => 0, 'gameMasterActive' => 0, 'gameMasterSlotsAvailable' => 0, 'gameMasterCrashed' => 0, 'gameserverInstalled' => 0, 'gameserverActive' => 0, 'gameserverSlotsInstalled' => 0, 'gameserverSlotsActive' => 0, 'gameserverSlotsUsed' => 0, 'gameserverNoPassword' => 0, 'gameserverNoTag' => 0, 'gameserverNotRunning' => 0, 'mysqlMasterInstalled' => 0, 'mysqlMasterActive' => 0, 'mysqlMasterDBAvailable' => 0, 'mysqlMasterCrashed' => 0, 'mysqlDBInstalled' => 0, 'mysqlDBActive' => 0, 'mysqlDBSpaceUsed' => 0, 'ticketsCompleted' => 0, 'ticketsInProcess' => 0, 'ticketsNew' => 0, 'userAmount' => 0, 'userAmountActive' => 0, 'virtualMasterInstalled' => 0, 'virtualMasterActive' => 0, 'virtualMasterVserverAvailable' => 0, 'virtualInstalled' => 0, 'virtualActive' => 0, 'voiceMasterInstalled' => 0, 'voiceMasterActive' => 0, 'voiceMasterSlotsAvailable' => 0, 'voiceMasterCrashed' => 0, 'voiceserverInstalled' => 0, 'voiceserverActive' => 0, 'voiceserverSlotsInstalled' => 0, 'voiceserverSlotsActive' => 0, 'voiceserverSlotsUsed' => 0, 'voiceserverTrafficAllowed' => 0, 'voiceserverTrafficUsed' => 0, 'voiceserverCrashed' => 0, 'webMasterInstalled' => 0, 'webMasterActive' => 0, 'webMasterCrashed' => 0, 'webMasterSpaceAvailable' => 0, 'webMasterVhostAvailable' => 0, 'webspaceInstalled' => 0, 'webspaceActive' => 0, 'webspaceSpaceGiven' => 0, 'webspaceSpaceGivenActive' => 0, 'webspaceSpaceUsed' => 0);
$query = $sql->prepare("SELECT * FROM `easywi_statistics_current` WHERE `userID`=? LIMIT 1");
$query->execute(array($resellerLockupID));
while ($row = $query->fetch(PDO::FETCH_ASSOC)) {
$statsArray = $row;
}
$statsArray['ticketsTotal'] = $statsArray['ticketsInProcess'] + $statsArray['ticketsNew'];
$statsArray['warningTotal'] = $statsArray['gameserverNoPassword'] + $statsArray['gameserverNoTag'] + $statsArray['gameserverNotRunning'] + $statsArray['voiceserverCrashed'];
if ($ui->smallletters('w', 2, 'get') == 'da' or !$ui->smallletters('w', 2, 'get') and !$ui->smallletters('d', 2, 'get')) {
$statsArray['ticketsPercent'] = $statsArray['ticketsCompleted'] + $statsArray['ticketsInProcess'] + $statsArray['ticketsNew'] > 0 ? round(($statsArray['ticketsInProcess'] + $statsArray['ticketsNew']) / (($statsArray['ticketsCompleted'] + $statsArray['ticketsInProcess'] + $statsArray['ticketsNew']) / 100), 2) : 0;
$statsArray['ticketsNewPercent'] = $statsArray['ticketsInProcess'] + $statsArray['ticketsNew'] > 0 ? round($statsArray['ticketsNew'] / (($statsArray['ticketsInProcess'] + $statsArray['ticketsNew']) / 100), 2) : 0;
*
* Easy-WI wird in der Hoffnung, dass es nuetzlich sein wird, aber
* OHNE JEDE GEWAEHELEISTUNG, bereitgestellt; sogar ohne die implizite
* Gewaehrleistung der MARKTFAEHIGKEIT oder EIGNUNG FUER EINEN BESTIMMTEN ZWECK.
* Siehe die GNU General Public License fuer weitere Details.
*
* Sie sollten eine Kopie der GNU General Public License zusammen mit diesem
* Programm erhalten haben. Wenn nicht, siehe <http://www.gnu.org/licenses/>.
*/
if (!isset($admin_id) or !isset($reseller_id)) {
header('Location: login.php');
die;
}
$adminInclude = true;
$pa = User_Permissions($admin_id);
if (!isanyadmin($admin_id) and count($pa) == 0) {
redirect('login.php');
}
$ewVersions['files'] = '5.10';
$vcsprache = getlanguagefile('versioncheck', $user_language, $reseller_id);
$query = $sql->prepare("SELECT `version` FROM `easywi_version` ORDER BY `id` DESC LIMIT 1");
$query->execute();
$ewVersions['cVersion'] = $query->fetchColumn();
$query = $sql->prepare("SELECT `version`,`releasenotesDE`,`releasenotesEN` FROM `settings` WHERE `resellerid`=0 LIMIT 1");
$query->execute();
while ($row = $query->fetch(PDO::FETCH_ASSOC)) {
$ewVersions['version'] = $row['version'];
$ewVersions['releasenotesDE'] = $row['releasenotesDE'];
$ewVersions['releasenotesEN'] = $row['releasenotesEN'];
}
if ($reseller_id == 0 and $ui->st('w', 'get') != 'vc' and ($ewVersions['cVersion'] < $ewVersions['version'] or $ewVersions['files'] < $ewVersions['version'])) {
function print_termine($tag, $month, $year)
{
global $wincolor;
global $loosecolor;
global $drawcolor;
global $userID;
global $_language;
$_language->read_module('calendar');
$pagebg = PAGEBG;
$border = BORDER;
$bghead = BGHEAD;
$bgcat = BGCAT;
$start_date = mktime(0, 0, 0, $month, $tag, $year);
$end_date = mktime(23, 59, 59, $month, $tag, $year);
unset($termin);
$ergebnis = safe_query("SELECT * FROM " . PREFIX . "upcoming");
$anz = mysql_num_rows($ergebnis);
if ($anz) {
while ($ds = mysql_fetch_array($ergebnis)) {
if ($ds['type'] == "c") {
if ($ds['date'] >= $start_date && $ds['date'] <= $end_date) {
$date = date("d.m.Y", $ds['date']);
$time = date("H:i", $ds['date']);
$squad = getsquadname($ds['squad']);
$oppcountry = "[flag]" . $ds['oppcountry'] . "[/flag]";
$oppcountry = flags($oppcountry);
$opponent = $oppcountry . ' <a href="' . $ds['opphp'] . '" target="_blank">' . clearfromtags($ds['opptag']) . ' / ' . clearfromtags($ds['opponent']) . '</a>';
$maps = clearfromtags($ds['maps']);
$server = clearfromtags($ds['server']);
$league = '<a href="' . $ds['leaguehp'] . '" target="_blank">' . clearfromtags($ds['league']) . '</a>';
if (isclanmember($userID)) {
$warinfo = cleartext($ds['warinfo']);
} else {
$warinfo = $_language->module['you_have_to_be_clanmember'];
}
$players = "";
$announce = "";
$adminaction = '';
if (isclanmember($userID) or isanyadmin($userID)) {
$anmeldung = safe_query("SELECT * FROM " . PREFIX . "upcoming_announce WHERE upID='" . $ds['upID'] . "'");
if (mysql_num_rows($anmeldung)) {
$i = 1;
while ($da = mysql_fetch_array($anmeldung)) {
if ($da['status'] == "y") {
$fontcolor = $wincolor;
} elseif ($da['status'] == "n") {
$fontcolor = $loosecolor;
} else {
$fontcolor = $drawcolor;
}
if ($i > 1) {
$players .= ', <a href="index.php?site=profile&id=' . $da['userID'] . '"><font color="' . $fontcolor . '">' . getnickname($da['userID']) . '</font></a>';
} else {
$players .= '<a href="index.php?site=profile&id=' . $da['userID'] . '"><font color="' . $fontcolor . '">' . getnickname($da['userID']) . '</font></a>';
}
$i++;
}
} else {
$players = $_language->module['no_announced'];
}
if (issquadmember($userID, $ds['squad']) and $ds['date'] > time()) {
$announce = '• <a href="index.php?site=calendar&action=announce&upID=' . $ds['upID'] . '">' . $_language->module['announce_here'] . '</a>';
} else {
$announce = "";
}
if (isclanwaradmin($userID)) {
$adminaction = '<div align="right">
<input type="button" onclick="MM_openBrWindow(\'clanwars.php?action=new&upID=' . $ds['upID'] . '\',\'Clanwars\',\'toolbar=no,status=no,scrollbars=yes,width=800,height=490\')" value="' . $_language->module['add_clanwars'] . '" />
<input type="button" onclick="MM_goToURL(\'parent\',\'index.php?site=calendar&action=editwar&upID=' . $ds['upID'] . '\');return document.MM_returnValue" value="' . $_language->module['edit'] . '" />
<input type="button" onclick="MM_confirm(\'' . $_language->module['really_delete'] . '\', \'calendar.php?action=delete&upID=' . $ds['upID'] . '\')" value="' . $_language->module['delete'] . '" /></div>';
} else {
$adminaction = '';
}
} else {
$players = $_language->module['access_member'];
}
$bg1 = BG_1;
$bg2 = BG_2;
$bg3 = BG_3;
$bg4 = BG_4;
eval("\$upcoming_war_details = \"" . gettemplate("upcoming_war_details") . "\";");
echo $upcoming_war_details;
}
} else {
if ($start_date <= $ds['date'] && $end_date >= $ds['date'] || $start_date >= $ds['date'] && $end_date <= $ds['enddate'] || $start_date <= $ds['enddate'] && $end_date >= $ds['enddate']) {
$date = date("d.m.Y", $ds['date']);
$time = date("H:i", $ds['date']);
$enddate = date("d.m.Y", $ds['enddate']);
$endtime = date("H:i", $ds['enddate']);
$title = clearfromtags($ds['title']);
$location = '<a href="' . $ds['locationhp'] . '" target="_blank">' . clearfromtags($ds['location']) . '</a>';
$dateinfo = cleartext($ds['dateinfo']);
$dateinfo = toggle($dateinfo, $ds['upID']);
$country = "[flag]" . $ds['country'] . "[/flag]";
$country = flags($country);
$players = "";
if (isclanmember($userID)) {
$anmeldung = safe_query("SELECT * FROM " . PREFIX . "upcoming_announce WHERE upID='" . $ds['upID'] . "'");
if (mysql_num_rows($anmeldung)) {
$i = 1;
while ($da = mysql_fetch_array($anmeldung)) {
if ($da['status'] == "y") {
$fontcolor = $wincolor;
} elseif ($da['status'] == "n") {
$fontcolor = $loosecolor;
} else {
$fontcolor = $drawcolor;
}
if ($i > 1) {
$players .= ', <a href="index.php?site=profile&id=' . $da['userID'] . '"><font color="' . $fontcolor . '">' . getnickname($da['userID']) . '</font></a>';
} else {
$players .= '<a href="index.php?site=profile&id=' . $da['userID'] . '"><font color="' . $fontcolor . '">' . getnickname($da['userID']) . '</font></a>';
}
$i++;
}
} else {
$players = $_language->module['no_announced'];
}
if (isclanmember($userID) and $ds['date'] > time()) {
$announce = '• <a href="index.php?site=calendar&action=announce&upID=' . $ds['upID'] . '">' . $_language->module['announce_here'] . '</a>';
} else {
$announce = '';
}
if (isclanwaradmin($userID)) {
$adminaction = '<div align="right"><input type="button" onclick="MM_goToURL(\'parent\',\'index.php?site=calendar&action=editdate&upID=' . $ds['upID'] . '\');return document.MM_returnValue" value="' . $_language->module['edit'] . '" /><input type="button" onclick="MM_confirm(\'' . $_language->module['really_delete'] . '\', \'calendar.php?action=delete&upID=' . $ds['upID'] . '\')" value="' . $_language->module['delete'] . '" /></div>';
} else {
$adminaction = '';
}
} else {
$players = $_language->module['access_member'];
$announce = '';
$adminaction = '';
}
$bg1 = BG_1;
$bg2 = BG_2;
$bg3 = BG_3;
$bg4 = BG_4;
eval("\$upcoming_date_details = \"" . gettemplate("upcoming_date_details") . "\";");
echo $upcoming_date_details;
}
}
}
} else {
echo $_language->module['no_entries'];
}
}
if (isset($ws_auth)) {
$authent = explode(":", $ws_auth);
$ws_user = $authent[0];
$ws_pwd = $authent[1];
$cookie=true;
}
$loggedin=false;
if ($cookie) {
$check = safe_query("SELECT * FROM ".PREFIX."user WHERE username='******' AND password='******'");
$anz = mysql_num_rows($check);
if($anz) {
$ds=mysql_fetch_array($check);
$loggedin=true;
$userID=$ds[userID];
$admin=isanyadmin($ds[userID]);
}
}
if(!$loggedin) die('Sie sind nicht eingelogtg');
if(!$admin) die('Sie haben keine Zugangsberechtigung zum acentre');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>eXalted pRogress | Alliance [Nera'Thor - EU]</title>
<link rel="stylesheet" type="text/css" media="all" href="system/css/reset.css" />
<link rel="stylesheet" type="text/css" media="all" href="system/css/styles.css" />
<link rel="stylesheet" type="text/css" media="all" href="system/css/960.css" />
<script type="text/javascript" src="system/js/core.js"></script>
<script type="text/javascript" src="system/js/fx.js"></script>
# - Script runs under the GNU GENERAL PUBLIC LICENSE #
# - It's NOT allowed to remove this copyright-tag #
# -- http://www.fsf.org/licensing/licenses/gpl.html #
# #
# Code based on WebSPELL Clanpackage (Michael Gruber - webspell.at), #
# Far Development by Development Team - webspell.org #
# #
# visit webspell.org #
# #
##########################################################################
*/
include "../_mysql.php";
include "../_settings.php";
include "../_functions.php";
$_language->read_module('visitor_statistic_image');
$admin = isanyadmin($userID);
if (!$loggedin) {
die($_language->module['not_logged_in']);
}
if (!$admin) {
die($_language->module['access_denied']);
}
header("Content-type: image/png");
$offset_left = 25;
$offset_right = 80;
$offset_top = 25;
$offset_bottom = 35;
if (isset($_GET['size_x'])) {
$size_x = (int) $_GET['size_x'];
if ($size_x <= 0) {
$size_x = 1;
<?php
if($loggedin) {
$username='******'.getnickname($userID).'</b>';;
if(isanyadmin($userID)) $admin=' <img height=7 src="system/images/arrow.gif" width=9> <a href="acentre.php" target="_blank">Admincenter</a>';
else $admin='';
eval ("\$logged = \"".gettemplate("logged")."\";");
echo $logged;
}
else {
eval ("\$loginform = \"".gettemplate("login")."\";");
echo $loginform;
}
?>
safe_query("INSERT INTO " . PREFIX . "forum_topics (boardID, icon, userID, date, topic, lastdate, lastposter, replys, views, closed, moveID) values ('" . $ds['boardID'] . "', '', '" . $ds['userID'] . "', '" . $ds['date'] . "', '" . addslashes($ds['topic']) . "', '" . $ds['lastdate'] . "', '', '', '', '', '{$topicID}') ");
}
safe_query("UPDATE " . PREFIX . "forum_topics SET boardID='{$toboard}', readgrps='" . $di['readgrps'] . "', writegrps='" . $di['writegrps'] . "' WHERE topicID='{$topicID}'");
safe_query("UPDATE " . PREFIX . "forum_posts SET boardID='{$toboard}' WHERE topicID='{$topicID}'");
$post_num = mysql_affected_rows() - 1;
safe_query("UPDATE " . PREFIX . "forum_boards SET topics=topics+1 WHERE boardID='{$toboard}'");
safe_query("UPDATE " . PREFIX . "forum_boards SET topics=topics-1 WHERE boardID='" . $ds['boardID'] . "'");
safe_query("UPDATE " . PREFIX . "forum_boards SET posts=posts+" . $post_num . " WHERE boardID='" . $toboard . "'");
safe_query("UPDATE " . PREFIX . "forum_boards SET posts=posts-" . $post_num . " WHERE boardID='" . $ds['boardID'] . "'");
header("Location: index.php?site=forum&board={$toboard}");
} elseif ($_POST['admaction'] == "movetopic") {
include "_mysql.php";
include "_settings.php";
include '_functions.php';
$_language->read_module('forum');
if (!isanyadmin($userID) and !ismoderator($userID, getboardid($_POST['topicID']))) {
die($_language->module['no_access']);
}
$boards = '';
$kath = safe_query("SELECT * FROM " . PREFIX . "forum_categories ORDER BY sort");
while ($dk = mysql_fetch_array($kath)) {
$ergebnis = safe_query("SELECT * FROM " . PREFIX . "forum_boards WHERE category='{$dk['catID']}' ORDER BY sort");
while ($db = mysql_fetch_array($ergebnis)) {
$boards .= '<option value="' . $db['boardID'] . '">' . $dk['name'] . ' - ' . $db['name'] . '</option>';
}
}
$ergebnis = safe_query("SELECT * FROM " . PREFIX . "forum_boards WHERE category='0' ORDER BY sort");
while ($ds = mysql_fetch_array($ergebnis)) {
$boards .= '<option value="' . $ds['boardID'] . '">' . $ds['name'] . '</option>';
}
$pagetitle = PAGETITLE;
} else {
$orderBy = '`logdate` DESC';
}
}
if ($sSearch) {
if ($adminLookup) {
$query = $sql->prepare("SELECT `subuser`,`username`,`useraction`,`ip`,`logdate`,`cname` FROM `userlog` AS l LEFT JOIN `userdata` AS s ON s.`id`=l.`subuser` AND l.`subuser`!=0 WHERE l.`resellerid`=:resellerid AND (`username` LIKE :search OR `cname` LIKE :search OR `ip` LIKE :search OR `logdate` LIKE :search OR `useraction` LIKE :search) ORDER BY {$orderBy} LIMIT {$iDisplayStart},{$iDisplayLength}");
$query->execute(array(':search' => '%' . $sSearch . '%', ':resellerid' => $resellerLockupID));
} else {
$query = $sql->prepare("SELECT `subuser`,`username`,`useraction`,`ip`,`logdate`,`cname` FROM `userlog` AS l LEFT JOIN `userdata` AS s ON s.`id`=l.`subuser` AND l.`subuser`!=0 WHERE l.`usertype` IN ('user','cron') AND l.`userid`=:userid AND l.`resellerid`=:resellerid AND (`username` LIKE :search OR `cname` LIKE :search OR `ip` LIKE :search OR `logdate` LIKE :search OR `useraction` LIKE :search) ORDER BY {$orderBy} LIMIT {$iDisplayStart},{$iDisplayLength}");
$query->execute(array(':search' => '%' . $sSearch . '%', ':userid' => $user_id, ':resellerid' => $reseller_id));
}
} else {
if ($adminLookup) {
$query = $sql->prepare("SELECT `subuser`,`username`,`useraction`,`ip`,`logdate`,`cname` FROM `userlog` AS l LEFT JOIN `userdata` AS s ON s.`id`=l.`subuser` AND l.`subuser`!=0 WHERE l.`resellerid`=? ORDER BY {$orderBy} LIMIT {$iDisplayStart},{$iDisplayLength}");
$query->execute(array($resellerLockupID));
} else {
$query = $sql->prepare("SELECT `subuser`,`username`,`useraction`,`ip`,`logdate`,`cname` FROM `userlog` AS l LEFT JOIN `userdata` AS s ON s.`id`=l.`subuser` AND l.`subuser`!=0 WHERE l.`usertype` IN ('user','cron') AND l.`userid`=? AND l.`resellerid`=? ORDER BY {$orderBy} LIMIT {$iDisplayStart},{$iDisplayLength}");
$query->execute(array($user_id, $reseller_id));
}
}
while ($row = $query->fetch(PDO::FETCH_ASSOC)) {
if ($row['subuser'] == 0 or $adminLookup) {
$username = $row['username'];
$ip = $row['ip'];
} else {
$username = $row['cname'];
$ip = isanyadmin($row['subuser']) ? 'admin' : $row['ip'];
}
$array['aaData'][] = array($row['logdate'], $username, str_replace($placeholders2, $replace2, str_replace($placeholders, $replace, $row['useraction'])), $ip);
}
redirect('userpanel.php');
} else {
if (isset($admin_id)) {
$folders = explode('/', $ui->server['SCRIPT_NAME']);
$amount = count($folders) - 1;
$i = 0;
$path = '';
while ($i < $amount) {
$path .= $folders[$i] . '/';
$i++;
}
$webhostdomain = isset($ui->server['HTTPS']) ? 'https://' . $ui->server['HTTP_HOST'] . $path : 'http://' . $ui->server['HTTP_HOST'] . $path;
$query = $sql->prepare("UPDATE `settings` SET `paneldomain`=? WHERE `resellerid`=0 LIMIT 1");
$query->execute(array($webhostdomain));
$params = @json_decode(licenceRequest(true));
if (isanyadmin($admin_id) or rsellerpermisions($admin_id)) {
redirect('admin.php');
} else {
redirect('login.php&r=lo');
}
}
}
}
} else {
if (!isset($passwordCorrect) or $passwordCorrect === false) {
$halfhour = date('Y-m-d H:i:s', strtotime('+30 minutes'));
$query = $sql->prepare("SELECT `id` FROM `badips` WHERE `badip`=? LIMIT 1");
$query->execute(array($loguserip));
$rowcount = $query->rowCount();
$query = $rowcount == 0 ? $sql->prepare("INSERT INTO `badips` (bantime,failcount,reason,badip) VALUES (?,'1','password',?)") : $sql->prepare("UPDATE `badips` SET `bantime`=?,`failcount`=`failcount`+1, `reason`='password' WHERE `badip`=? LIMIT 1");
$query->execute(array($halfhour, $loguserip));
