} if (!isset($_POST['PromoteKarma'])) { $_POST['PromoteKarma'] = 0; } if ($_POST['PromoteKarma'] == null || !is_numeric($_POST['PromoteKarma'])) { $_POST['NPromoteKarma'] = 0; } if ($_POST['GroupName'] == null || $_POST['GroupName'] == "ShowMe") { $Error = "Yes"; $errorstr = $errorstr . "You need to enter a forum name.<br />\n"; } if ($name_check > 0) { $Error = "Yes"; $errorstr = $errorstr . "This Group Name is already used.<br />\n"; } if (pre_strlen($_POST['GroupName']) > "150") { $Error = "Yes"; $errorstr = $errorstr . "Your Group Name is too big.<br />\n"; } if ($Error != "Yes") { redirect("refresh", $rbasedir . url_maker($exfile['admin'], $Settings['file_ext'], "act=view&menu=groups", $Settings['qstr'], $Settings['qsep'], $prexqstr['admin'], $exqstr['admin'], FALSE), "4"); $admincptitle = " " . $ThemeSet['TitleDivider'] . " Updating Settings"; if ($_POST['GroupName'] != $OldGroupName) { $query = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "permissions\" SET \"Name\"='%s' WHERE \"Name\"='%s'", array($_POST['GroupName'], $OldGroupName)); sql_query($query, $SQLStat); $query = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "catpermissions\" SET \"Name\"='%s' WHERE \"Name\"='%s'", array($_POST['GroupName'], $OldGroupName)); sql_query($query, $SQLStat); } if ($_POST['id'] != 1) { $query = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "groups\" SET \"Name\"='%s',\"NamePrefix\"='%s',\"NameSuffix\"='%s',\"CanViewBoard\"='%s',\"CanViewOffLine\"='%s',\"CanEditProfile\"='%s',\"CanAddEvents\"='%s',\"CanPM\"='%s',\"CanSearch\"='%s',\"CanDoHTML\"='%s',\"CanUseBBags\"='%s',CanViewIPAddress='%s',CanViewUserAgent='%s',\"FloodControl\"=%i,\"SearchFlood\"=%i,\"PromoteTo\"=%i,\"PromotePosts\"=%i,\"PromoteKarma\"=%i,\"HasModCP\"='%s',\"HasAdminCP\"='%s',\"ViewDBInfo\"='%s' WHERE \"id\"=%i", array($_POST['GroupName'], $_POST['NamePrefix'], $_POST['NameSuffix'], $_POST['CanViewBoard'], $_POST['CanViewOffLine'], $_POST['CanEditProfile'], $_POST['CanAddEvents'], $_POST['CanPM'], $_POST['CanSearch'], $_POST['CanDoHTML'], $_POST['CanUseBBags'], $_POST['CanViewIPAddress'], $_POST['CanViewUserAgent'], $_POST['FloodControl'], $_POST['SearchFlood'], $_POST['PromoteTo'], $_POST['PromotePosts'], $_POST['PromoteKarma'], $_POST['HasModCP'], $_POST['HasAdminCP'], $_POST['ViewDBInfo'], $_POST['id'])); }
$Settings['max_posts'] = 10; } if ($NumRPosts > $Settings['max_posts']) { $NumPages = ceil($NumRPosts / $Settings['max_posts']); } if ($NumRPosts <= $Settings['max_posts']) { $NumPages = 1; } $Users_Name1 = pre_substr($UsersName1, 0, 20); if ($UsersName1 == "Guest") { $UsersName1 = $GuestsName1; if ($UsersName1 == null) { $UsersName1 = "Guest"; } } if (pre_strlen($UsersName1) > 20) { $Users_Name1 = $Users_Name1 . "..."; $oldusername = $UsersName1; $UsersName1 = $Users_Name1; } $lul = null; if ($TimeStamp1 != null) { $lul = null; if ($UsersID1 > 0 && $UsersHidden1 == "no") { $lul = url_maker($exfile['member'], $Settings['file_ext'], "act=view&id=" . $UsersID1, $Settings['qstr'], $Settings['qsep'], $prexqstr['member'], $exqstr['member']); $luln = url_maker($exfile['topic'], $Settings['file_ext'], "act=view&id=" . $TopicID . "&page=" . $NumPages, $Settings['qstr'], $Settings['qsep'], $prexqstr['topic'], $exqstr['topic']) . $qstrhtml . "#reply" . $NumRPosts; $LastReply = "Time: <a href=\"" . $luln . "\">" . $TimeStamp1 . "</a><br />\nUser: <a href=\"" . $lul . "\" title=\"" . $oldusername . "\">" . $UsersName1 . "</a>"; } if ($UsersID1 <= 0 || $UsersHidden1 == "yes") { if ($UsersID1 == -1) { $UserPre = "Guest:";
$EventsID[$EventDay] = $EventID; ++$is; } sql_free_result($result); $bdquery = sql_pre_query("SELECT * FROM \"" . $Settings['sqltable'] . "members\" WHERE \"BirthMonth\"=%i", array($MyMonth)); $bdresult = sql_query($bdquery, $SQLStat); $bdnum = sql_num_rows($bdresult); $bdi = 0; while ($bdi < $bdnum) { $UserNamebd = sql_result($bdresult, $bdi, "Name"); $BirthDay = sql_result($bdresult, $bdi, "BirthDay"); $BirthMonth = sql_result($bdresult, $bdi, "BirthMonth"); $BirthYear = sql_result($bdresult, $bdi, "BirthYear"); $oldusername = $UserNamebd; $UserNamebd1 = pre_substr($UserNamebd, 0, 20); if (pre_strlen($UserNamebd) > 20) { $UserNamebd1 = $UserNamebd1 . "..."; } $UserNamebd = $UserNamebd1; if (!isset($EventsName[$BirthDay])) { $EventsName[$BirthDay] = null; } if ($EventsName[$BirthDay] != null) { $EventsName[$BirthDay] .= ", <span title=\"" . $oldusername . "'s birthday.\">" . $UserNamebd1 . "</span>"; } if ($EventsName[$BirthDay] == null) { $EventsName[$BirthDay] = "<span title=\"" . $oldusername . "'s birthday.\">" . $UserNamebd1 . "</span>"; } ++$bdi; } sql_free_result($bdresult);
if ($OldHashType == "iDBHJOAAT") { $YourPassword = b64e_hmac($_POST['OldPass'], $OldJoined, $OldSalt, "joaat"); } if ($YourPassword != $OldPassword) { $Error = "Yes"; ?> <div class="TableMessage" style="text-align: center;">Your old Password did not match.<br /> </div> <?php } if (pre_strlen($_POST['Password']) > "60") { $Error = "Yes"; ?> <div class="TableMessage" style="text-align: center;">Your password is too big.<br /> </div> <?php } if (pre_strlen($_POST['OldPass']) > "60") { $Error = "Yes"; ?> <div class="TableMessage" style="text-align: center;">Your old password is too big.<br /> </div> <?php } if ($_POST['Password'] != $_POST['RePassword']) { $Error = "Yes"; ?> <div class="TableMessage" style="text-align: center;">Your passwords did not match.<br /> </div> <?php } $NewIP = $_SERVER['REMOTE_ADDR']; if ($Error != "Yes") { if ($_POST['Password'] != "") { $NewSalt = salt_hmac();
$Error = "Yes"; $errorstr = $errorstr . "You need to enter a category ID.<br />\n"; } if ($id_check > 0 && $_POST['CategoryID'] != $OldID) { $Error = "Yes"; $errorstr = $errorstr . "This ID number is already used.<br />\n"; } if ($order_check > 0 && $_POST['OrderID'] != $OldOrder) { $Error = "Yes"; $errorstr = $errorstr . "This order number is already used.<br />\n"; } if (pre_strlen($_POST['CategoryName']) > "150") { $Error = "Yes"; $errorstr = $errorstr . "Your category name is too big.<br />\n"; } if (pre_strlen($_POST['CategoryDesc']) > "300") { $Error = "Yes"; $errorstr = $errorstr . "Your category description is too big.<br />\n"; } if ($Error != "Yes") { redirect("refresh", $rbasedir . url_maker($exfile['admin'], $Settings['file_ext'], "act=view&menu=categories", $Settings['qstr'], $Settings['qsep'], $prexqstr['admin'], $exqstr['admin'], FALSE), "4"); $admincptitle = " " . $ThemeSet['TitleDivider'] . " Updating Settings"; $query = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "categories\" SET \"id\"=%i,\"OrderID\"=%i,\"Name\"='%s',\"ShowCategory\"='%s',\"CategoryType\"='%s',\"InSubCategory\"=%i,\"Description\"='%s',\"PostCountView\"=%i,\"KarmaCountView\"=%i WHERE \"id\"=%i", array($_POST['CategoryID'], $_POST['OrderID'], $_POST['CategoryName'], $_POST['ShowCategory'], $_POST['CategoryType'], $_POST['InSubCategory'], $_POST['CategoryDesc'], $_POST['NumPostView'], $_POST['NumKarmaView'], $_POST['id'])); sql_query($query, $SQLStat); $queryz = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "catpermissions\" SET \"CategoryID\"=%i WHERE \"CategoryID\"=%i", array($_POST['CategoryID'], $_POST['id'])); sql_query($queryz, $SQLStat); $query = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "forums\" SET \"CategoryID\"=%i WHERE \"CategoryID\"=%i", array($_POST['CategoryID'], $_POST['id'])); sql_query($query, $SQLStat); $query = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "topics\" SET \"CategoryID\"=%i,\"OldCategoryID\"=%i WHERE \"CategoryID\"=%i", array($_POST['CategoryID'], $_POST['CategoryID'], $_POST['id'])); sql_query($query, $SQLStat); $query = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "posts\" SET \"CategoryID\"=%i WHERE \"CategoryID\"=%i", array($_POST['CategoryID'], $_POST['id']));
<br />Sorry the event start date is not valid.<br /> </span> </td> </tr> <?php } if (checkdate($TimeOut[0], $TimeOut[1], $TimeOut[2]) === false) { $Error = "Yes"; ?> <tr> <td><span class="TableMessage"> <br />Sorry the event end date is not valid.<br /> </span> </td> </tr> <?php } if ($_SESSION['UserGroup'] == $Settings['GuestGroup'] && pre_strlen($_POST['GuestName']) >= "25") { $Error = "Yes"; ?> <tr> <td><span class="TableMessage"> <br />You Guest Name is too big.<br /> </span> </td> </tr> <?php } if ($Settings['TestReferer'] === true) { if ($URL['HOST'] != $URL['REFERER']) { $Error = "Yes"; ?> <tr> <td><span class="TableMessage">
if (count($BirthExpl) == "3" && checkdate($BirthExpl[0], $BirthExpl[1], $BirthExpl[2]) === true) { if (is_numeric($BirthExpl[0]) && is_numeric($BirthExpl[1]) && is_numeric($BirthExpl[2])) { if (pre_strlen($BirthExpl[0]) == "1") { $BirthExpl[0] = "0" . $BirthExpl[0]; } if (pre_strlen($BirthExpl[1]) == "1") { $BirthExpl[1] = "0" . $BirthExpl[1]; } if (pre_strlen($BirthExpl[0]) == "2" && pre_strlen($BirthExpl[1]) == "2" && pre_strlen($BirthExpl[2]) == "4") { $BirthIn = mktime(12, 12, 12, $BirthExpl[0], $BirthExpl[1], $BirthExpl[2]); $BirthMonth = GMTimeChange("m", $BirthIn, 0, 0, "off"); $BirthDay = GMTimeChange("d", $BirthIn, 0, 0, "off"); $BirthYear = GMTimeChange("Y", $BirthIn, 0, 0, "off"); $_POST['MemBanTime'] = $BirthIn; } if (pre_strlen($BirthExpl[0]) != "2" || pre_strlen($BirthExpl[1]) != "2" || pre_strlen($BirthExpl[2]) != "4") { $_POST['MemBanTime'] = "0"; $BirthMonth = "0"; $BirthDay = "0"; $BirthYear = "0"; } } if (!is_numeric($BirthExpl[0]) || !is_numeric($BirthExpl[1]) || !is_numeric($BirthExpl[2])) { $_POST['MemBanTime'] = "0"; $BirthMonth = "0"; $BirthDay = "0"; $BirthYear = "0"; } } if (count($BirthExpl) == "3" && checkdate($BirthExpl[0], $BirthExpl[1], $BirthExpl[2]) === false) { $_POST['MemBanTime'] = "0";
$Error = "Yes"; echo "<br />You need a URL SubFix Name."; } if (pre_strlen($_POST['AdminUser']) < "3") { $Error = "Yes"; echo "<br />Your user name is too small."; } if (pre_strlen($_POST['AdminEmail']) < "3") { $Error = "Yes"; echo "<br />Your email name is too small."; } if (pre_strlen($_POST['AdminPasswords']) > "60") { $Error = "Yes"; echo "<br />Your password is too big."; } if (pre_strlen($_POST['AdminUser']) > "30") { $Error = "Yes"; echo "<br />Your user name is too big."; } if (file_exists($_POST['tableprefix'] . "_settings.php")) { $Error = "Yes"; echo "<br />Sorry board exists pick a new board url prefix."; } if ($_POST['AdminPasswords'] != $_POST['ReaPassword']) { $Error = "Yes"; echo "<br />Your passwords did not match."; } if ($_POST['HTMLType'] == "xhtml11") { $_POST['HTMLLevel'] = "Strict"; } $_POST['BoardURL'] = htmlentities($_POST['BoardURL'], ENT_QUOTES, $Settings['charset']);
</span> </td> </tr> <?php } } if ($_SESSION['UserGroup'] == $Settings['GuestGroup'] && pre_strlen($_POST['GuestName']) > "30") { $Error = "Yes"; ?> <tr> <td><span class="TableMessage"> <br />You Guest Name is too big.<br /> </span> </td> </tr> <?php } if ($ShowEditTopic === true && pre_strlen($_POST['TopicName']) > "50") { $Error = "Yes"; ?> <tr> <td><span class="TableMessage"> <br />You Topic Name is too big.<br /> </span> </td> </tr> <?php } if ($Settings['TestReferer'] == "on") { if ($URL['HOST'] != $URL['REFERER']) { $Error = "Yes"; ?> <tr> <td><span class="TableMessage">
$Error = "Yes"; $errorstr = $errorstr . "You need to enter a forum ID.<br />\n"; } if ($id_check > 0 && $_POST['ForumID'] != $OldID) { $Error = "Yes"; $errorstr = $errorstr . "This ID number is already used.<br />\n"; } if ($order_check > 0 && $_POST['OrderID'] != $OldOrder) { $Error = "Yes"; $errorstr = $errorstr . "This order number is already used.<br />\n"; } if (pre_strlen($_POST['ForumName']) > "150") { $Error = "Yes"; $errorstr = $errorstr . "Your Forum Name is too big.<br />\n"; } if (pre_strlen($_POST['ForumDesc']) > "300") { $Error = "Yes"; $errorstr = $errorstr . "Your Forum Description is too big.<br />\n"; } if ($Error != "Yes") { redirect("refresh", $rbasedir . url_maker($exfile['admin'], $Settings['file_ext'], "act=view&menu=forums", $Settings['qstr'], $Settings['qsep'], $prexqstr['admin'], $exqstr['admin'], FALSE), "4"); $admincptitle = " " . $ThemeSet['TitleDivider'] . " Updating Settings"; $query = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "forums\" SET \"id\"=%i,\"CategoryID\"=%i,\"OrderID\"=%i,\"Name\"='%s',\"ShowForum\"='%s',\"ForumType\"='%s',\"InSubForum\"=%i,\"RedirectURL\"='%s',\"Description\"='%s',\"PostCountAdd\"='%s',\"PostCountView\"=%i,\"KarmaCountView\"=%i,\"CanHaveTopics\"='%s',\"HotTopicPosts\"=%i WHERE \"id\"=%i", array($_POST['ForumID'], $_POST['ForumCatID'], $_POST['OrderID'], $_POST['ForumName'], $_POST['ShowForum'], $_POST['ForumType'], $_POST['InSubForum'], $_POST['RedirectURL'], $_POST['ForumDesc'], $_POST['PostCountAdd'], $_POST['NumPostView'], $_POST['NumKarmaView'], $_POST['CanHaveTopics'], $_POST['NumPostHotTopic'], $_POST['id'])); sql_query($query, $SQLStat); if ($_POST['ForumID'] != $_POST['id']) { $query = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "forums\" SET \"InSubForum\"=%i WHERE \"InSubForum\"=%i", array($_POST['ForumID'], $_POST['id'])); sql_query($query, $SQLStat); $query = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "topics\" SET \"ForumID\"=%i,\"OldForumID\"=%i WHERE \"ForumID\"=%i", array($_POST['ForumID'], $_POST['ForumID'], $_POST['id'])); sql_query($query, $SQLStat); $query = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "posts\" SET \"ForumID\"=%i WHERE \"ForumID\"=%i", array($_POST['ForumID'], $_POST['id'])); sql_query($query, $SQLStat);
<br />Sorry the referering url dose not match our host name.<br /> </span> </td> </tr> <?php } if ($_POST['ubid'] != $Settings['BoardUUID']) { $Error = "Yes"; ?> <tr> <td><span class="TableMessage"> <br />Sorry the referering url dose not match our host name.<br /> </span> </td> </tr> <?php } if (pre_strlen($_POST['username']) > "30") { $Error = "Yes"; ?> <tr> <td><span class="TableMessage"> <br />Your user name is too big.<br /> </span> </td> </tr> <?php } if ($_POST['Password'] != $_POST['RePassword']) { $Error = "Yes"; ?> <tr> <td><span class="TableMessage"> <br />Your passwords did not match.<br />