}
}
if ($updated) {
$mm = "";
$mm .= "Your complaint ticket number " . $_GET["ID"] . " has been CLOSED by a CService Admin\n\n";
$mm .= "Thanks for using our Complaint System.\n\n";
mail($daobj->from_email, "[" . NETWORK_NAME . " CService Complaints] " . $_GET["ID"] . " - Closed by Admin", $mm, "From: " . NETWORK_NAME . " Channel Service <" . OBJECT_EMAIL . ">\nReply-to: DO.NOT@REPLY.THANKS\nX-Mailer: " . NETWORK_NAME . " CService Complaint Module\n\n");
echo "<br><br><b>This complaint ticket has been closed. The user is being notified of this fact.</b><br><br>";
echo "<a href=\"admin.php\">Back to Complaint Admin</a><br><br>\n";
} else {
echo "<br><br><b>For some strange reason, we couldn't close this ticket, please contact a Site Administrator.</b><br><br>";
echo "<a href=\"admin.php\">Back to Complaint Admin</a><br><br>\n";
}
break;
case 'replyadm':
if (check_secure_form("do_reply_admin" . $_GET["ID"] . $_GET["RT"])) {
$do_notify_user = 1;
$da_reply = trim(post2db(str_replace(";", ":", $_POST["areply"])));
$da_actions = trim(post2db(str_replace(";", ":", $_POST["aactions"])));
$do_the_reply = 1;
if (strlen($da_reply) + strlen($da_actions) > 30720) {
$do_the_reply = 0;
echo "<big>your 'reply' section added to your 'admin actions' section are too big ( above 30KB total )</big>.";
}
if ($do_the_reply == 1) {
if ($da_reply == "") {
$do_notify_user = 0;
}
$q = "INSERT INTO complaints_threads (complaint_ref,reply_by,reply_ts,reply_text,actions_text,in_reply_to) VALUES ('" . (int) $da_id . "'," . (int) $user_id . ",now()::abstime::int4,'" . $da_reply . "','" . $da_actions . "'," . (int) $_GET["RT"] . ")";
$qx = "";
$qs = "";
<?php
/* $Id: wipeuser.php,v 1.1 2003/03/26 03:05:14 nighty Exp $ */
unset($min_lvl);
$min_lvl = 800;
$debug_me = 0;
require "../../php_includes/cmaster.inc";
std_init();
if ($admin < $min_lvl) {
die("No way !");
}
if (check_secure_form("deleteuser!!!" . CRC_SALT_0008 . $_POST["username"])) {
unset($del_q);
$del_q[] = "DELETE FROM acl WHERE user_id='" . $_POST["id"] . "'";
$del_q[] = "DELETE FROM levels WHERE user_id='" . $_POST["id"] . "'";
$del_q[] = "DELETE FROM notes WHERE user_id='" . $_POST["id"] . "' OR from_user_id='" . $_POST["id"] . "'";
$del_q[] = "DELETE FROM pending WHERE manager_id='" . $_POST["id"] . "' OR reviewed_by_id='" . $_POST["id"] . "'";
$del_q[] = "DELETE FROM pending_emailchanges WHERE user_id='" . $_POST["id"] . "'";
$del_q[] = "DELETE FROM pending_pwreset WHERE user_id='" . $_POST["id"] . "'";
$del_q[] = "DELETE FROM supporters WHERE user_id='" . $_POST["id"] . "'";
$del_q[] = "DELETE FROM userlog WHERE user_id='" . $_POST["id"] . "'";
$del_q[] = "DELETE FROM users_lastseen WHERE user_id='" . $_POST["id"] . "'";
$del_q[] = "DELETE FROM users WHERE id='" . $_POST["id"] . "'";
if (!$debug_me) {
// take the action
pg_safe_exec("BEGIN WORK");
// be safe ;P
$qFail = -1;
for ($z = 0; $z < count($del_q); $z++) {
$lRes = pg_safe_exec($del_q[$z]);
if (!$lRes) {
if (acl(XIPR_MOD_OTHERS) && ($admin > $da_u_adm || $admin >= $min_lvl)) {
$axslock = 0;
}
if ($axslock == 1) {
die("Oi! what are you doing here ?!");
}
$cTheme = get_theme_info();
if (check_secure_form("delfrm" . $_POST["user_id"])) {
pg_safe_exec("DELETE FROM ip_restrict WHERE user_id=" . (int) $_POST["user_id"] . " AND id=" . (int) $_POST["delid"] . "");
header("Location: ip_restrict.php?user_id=" . (int) $_POST["user_id"]);
die;
}
$usrq = pg_safe_exec("SELECT * FROM users WHERE id=" . (int) $_GET["user_id"] . "");
$usr = pg_fetch_object($usrq);
$err = "";
if (check_secure_form("addrestrict" . $_POST["user_id"])) {
$a_mask = "";
$a_r1 = 0;
$a_r2 = 0;
switch ($_POST["rtype"]) {
case 1:
if (long2ip(ip2long($_POST["t1ip"])) != $_POST["t1ip"]) {
$err .= "<li> Invalid IP (" . $_POST["t1ip"] . ")\n";
}
$a_mask = "";
$a_r1 = ip2long($_POST["t1ip"]);
$a_r2 = 0;
break;
case 2:
if (long2ip(ip2long($_POST["t2ip1"])) != $_POST["t2ip1"]) {
$err .= "<li> Invalid IP (from) (" . $_POST["t2ip1"] . ")\n";
}
$q1 = "UPDATE complaints SET " . $q1_more . "current_owner='" . (int) $_POST["newowner"] . "' WHERE id='" . (int) $_POST["compid"] . "'";
$q2 = "INSERT INTO complaints_reference (complaints_ref,referenced_by,referenced_to,reference_ts,is_new) VALUES ('" . (int) $_POST["compid"] . "','" . (int) $user_id . "','" . (int) $_POST["newowner"] . "',now()::abstime::int4,1)";
$nr = pg_safe_exec("SELECT user_name FROM users WHERE id='" . (int) $_POST["newowner"] . "'");
$no = pg_fetch_object($nr);
$q3 = "INSERT INTO complaints_threads (complaint_ref,reply_by,reply_ts,reply_text,actions_text,in_reply_to) VALUES ('" . (int) $_POST["compid"] . "'," . (int) $user_id . ",now()::abstime::int4,'','*** CHANGED TICKET OWNERSHIP TO : " . $no->user_name . " ***'," . (int) $lo->id . ")";
//echo $q0 . "<br>\n";
//echo $q1 . "<br>\n";
//echo $q2 . "<br>\n";
//echo $q3 . "<br>\n";
pg_safe_exec($q0);
pg_safe_exec($q1);
pg_safe_exec($q2);
pg_safe_exec($q3);
} else {
if (check_secure_form("modifycomplaint" . $_GET["view"])) {
echo "<a href=\"admin.php\"><b>< back</b></a><br><br>\n";
} else {
echo "<a href=\"javascript:history.go(-1);\"><b>< back</b></a><br><br>\n";
}
}
}
$idt = explode("-", $_GET["view"]);
$r = pg_safe_exec("SELECT * FROM complaints WHERE id='" . (int) $idt[0] . "' AND ticket_number='" . $_GET["view"] . "'");
if ($o = pg_fetch_object($r)) {
echo "<h3>Details on TICKET #" . $_GET["view"] . " <font size=+0>(<b>" . $cmp_status[$o->status] . "</b>)</font></h3>";
echo "<form name=modify method=post action=admin.php?view=" . $_GET["view"] . ">";
echo "<input type=hidden name=compid value=" . $o->id . ">\n";
make_secure_form("modifycomplaint" . $_GET["view"]);
echo "<table width=100% border=1 cellpadding=5 cellspacing=0>";
echo initial_complaint($_GET["view"], 0);
if (newregs_off()) {
std_theme_styles(1);
std_theme_body("../");
echo "<center>\n";
echo "<h2>";
echo "Sorry, You can't register new channels at the moment.";
echo "</h2>";
echo "</center>\n";
echo "</body></html>\n\n";
die;
}
}
$already_chan = 0;
$already_pend = 0;
$admin_bypass = 0;
if (!check_secure_form(CRC_SALT_0002)) {
echo "<html><head><title>REGISTRATION PROCESS</title>";
std_theme_styles();
echo "</head>\n";
std_theme_body("../");
echo "<b>CHANNEL SERVICE REGISTRATION PROCESS</b><br><hr noshade size=2><br>\n";
echo "<h2>You must use the form on our page.<br></h2>\n";
echo "<br>\n";
echo "Then <a href=\"index.php\">go there</a> and post the form.<br>\n";
echo "</body></html>\n\n";
die;
}
$rsts = pg_safe_exec("SELECT signup_ts FROM users WHERE id=" . (int) $user_id);
$rsto = pg_fetch_object($rsts);
if ((int) $rsto->signup_ts > 0) {
$now = time();
$cTheme = get_theme_info();
std_theme_styles(1);
std_theme_body();
if (complaints_off() && !isoper($user_id) || COMPLAINTS_ADMINCOMMENT_ID <= 0) {
echo "<h2>The complaints system is temporarily disabled, please lodge a complaint if that is not OK with you.</h2>";
echo "</body>\n";
echo "</html>\n\n";
die;
}
?>
<table border=0 cellspacing=0 cellpadding=3>
<tr>
<td valign=top><img src=complaint_dpt.jpg></td>
<td valign=top>
<?php
if (!check_secure_form("complaintreq" . $_POST["from_mail"] . ($user_id + 0))) {
echo "<big>Please use <a href=\"./\" target=_top>this page</a> to enter a complaint.</big>";
die("</td></tr></table></body></html>");
}
echo "<font size=+2><b>" . $cpt_name[$_GET["ct"]] . "</b></font><br>";
unset($back_lnk);
$back_lnk = "<a href=\"javascript:history.go(-1);\"><b><< back</b></a><br>";
if ($user_id == 0) {
if (!preg_match("/^[A-Za-z0-9_+-.]+@[A-Za-z0-9.-]+\\.[A-Za-z][A-Za-z]+\$/", $_POST["from_mail"])) {
echo $back_lnk;
echo "<big>e-mail syntax is invalid</big>.";
die("</td></tr></table></body></html>");
}
}
$da_crc = md5(CRC_SALT_0013 . $user_id . $_POST["from_mail"] . $_POST["ct"] . $_POST["complaint_text"] . cl_ip());
$da_users_id = $user_id;
}
// check if the client is already authenticated (!)
if ($user_id > 0) {
std_theme_styles(1);
std_theme_body();
echo "<p>You are already logged in. You are not allowed to create multiple accounts.</p>";
echo "<p>Go to your <a href=\"./\" target=\"_top\">user page</a>.</p></body></html>";
die;
}
unset($max_step);
unset($curr_step);
$max_step = 6;
if (SHOW_GFXUSRCHK && NEWUSERS_GFXCHECK) {
$max_step++;
}
if ((int) $_POST["showStep"] > 0 && check_secure_form("step" . (int) $_POST["showStep"])) {
$curr_step = (int) $_POST["showStep"];
} else {
$curr_step = 1;
}
if (!(SHOW_GFXUSRCHK && NEWUSERS_GFXCHECK) && $curr_step == 6) {
$curr_step = 7;
}
if ($curr_step == 8) {
if ($_POST["rCRC"] == md5($_POST["username"] . CRC_SALT_0011 . $_SERVER["REMOTE_ADDR"] . $_POST["email"] . $_POST["gfxcode_val"] . CRC_SALT_0007)) {
// sets cookie so user cannot create another username within 4 hours.
if (UNETUB_TIME > 0) {
$expire = time() + UNETUB_TIME;
$cookie = md5($expire . "Undernet User Block");
setcookie("UNETUB", $cookie, $expire, "/");
}