/**
* Link ID validation
* @param $link_id
* @return bool|string
*/
public static function verify_sitelinks($link_id)
{
if (isnum($link_id)) {
return dbcount("(link_id)", DB_SITE_LINKS, "link_id='" . intval($link_id) . "'");
}
return FALSE;
}
/**
* Cast Question Votes
* @param $info
* @param int $points
* @todo: move and improvise the voting system
*/
function set_forumVotes($info, $points = 0)
{
global $userdata;
// @todo: extend on user's rank threshold before can vote. - Reputation threshold- Roadmap 9.1
// @todo: allow multiple votes / drop $res - Roadmap 9.1
if (checkgroup($info['forum_vote']) && dbcount("('thread_id')", DB_FORUM_THREADS, "thread_locked='0'")) {
$data = array('forum_id' => $_GET['forum_id'], 'thread_id' => $_GET['thread_id'], 'post_id' => $_GET['post_id'], 'vote_points' => $points, 'vote_user' => $userdata['user_id'], 'vote_datestamp' => time());
$hasVoted = dbcount("('vote_user')", DB_FORUM_VOTES, "vote_user='******'user_id']) . "' AND thread_id='" . intval($_GET['thread_id']) . "'");
if (!$hasVoted) {
$isSelfPost = dbcount("('post_id')", DB_FORUM_POSTS, "post_id='" . intval($_GET['post_id']) . "' AND post_user='******'user_id']) . "");
if (!$isSelfPost) {
$result = dbquery_insert(DB_FORUM_VOTES, $data, 'save', array('noredirect' => 1, 'no_unique' => 1));
if ($result && $info['forum_answer_threshold'] > 0) {
$vote_result = dbquery("SELECT SUM('vote_points'), thread_id FROM " . DB_FORUM_VOTES . " WHERE post_id='" . $data['post_id'] . "'");
$v_data = dbarray($vote_result);
if ($info['forum_answer_threshold'] != 0 && $v_data['vote_points'] >= $info['forum_answer_threshold']) {
$result = dbquery("UPDATE " . DB_FORUM_THREADS . " SET 'thread_locked'='1' WHERE thread_id='" . $v_data['thread_id'] . "'");
}
}
redirect(FORUM . "viewthread.php?thread_id=" . $_GET['thread_id'] . "&post_id=" . $_GET['post_id']);
} else {
redirect(FORUM . "viewthread.php?thread_id=" . $_GET['thread_id'] . "&post_id=" . $_GET['post_id'] . '&error=vote_self');
}
} else {
redirect(FORUM . "viewthread.php?thread_id=" . $_GET['thread_id'] . "&post_id=" . $_GET['post_id'] . '&error=vote');
}
}
}
/**
* Verify Post ID
* @param $post_id
* @return bool|string
*/
public static function verify_post($post_id)
{
if (isnum($post_id)) {
return dbcount("('post_id')", DB_FORUM_POSTS, "post_id='" . $post_id . "'");
}
return FALSE;
}
function flood_control($field, $table, $where)
{
global $userdata, $settings, $locale;
$flood = false;
if (!iSUPERADMIN && !iADMIN && (!defined("iMOD") || !iMOD)) {
$result = dbquery("SELECT MAX(" . $field . ") AS last_post FROM " . $table . " WHERE " . $where);
if (dbrows($result)) {
$data = dbarray($result);
if (time() - $data['last_post'] < $settings['flood_interval']) {
$flood = true;
$result = dbquery("INSERT INTO " . DB_FLOOD_CONTROL . " (flood_ip, flood_timestamp) VALUES ('" . USER_IP . "', '" . time() . "')");
if (dbcount("(flood_ip)", DB_FLOOD_CONTROL, "flood_ip='" . USER_IP . "'") > 4) {
if (iMEMBER && $settings['flood_autoban'] == "1") {
require_once INCLUDES . "sendmail_include.php";
require_once INCLUDES . "suspend_include.php";
$result = dbquery("UPDATE " . DB_USERS . " SET user_status='4', user_actiontime='0' WHERE user_id='" . $userdata['user_id'] . "'");
suspend_log($userdata['user_id'], 4, $locale['global_440'], true);
$message = str_replace("[USER_NAME]", $userdata['user_name'], $locale['global_442']);
sendemail($userdata['user_name'], $userdata['user_email'], $settings['siteusername'], $settings['siteemail'], $locale['global_441'], $message);
} elseif (!iMEMBER) {
$result = dbquery("INSERT INTO " . DB_BLACKLIST . " (blacklist_ip, blacklist_email, blacklist_reason) VALUES ('" . USER_IP . "', '', '" . $locale['global_440'] . "')");
}
}
}
}
}
return $flood;
}
public function __construct()
{
if (empty(self::$locale)) {
$locale = fusion_get_locale('', LOCALE . LOCALESET . "admin/errors.php");
$locale += fusion_get_locale('', LOCALE . LOCALESET . "errors.php");
self::$locale += $locale;
}
$this->error_status = filter_input(INPUT_POST, 'error_status', FILTER_VALIDATE_INT, array('min_range' => 0, 'max_range' => 2));
$this->posted_error_id = filter_input(INPUT_POST, 'error_id', FILTER_VALIDATE_INT);
$this->delete_status = filter_input(INPUT_POST, 'delete_status', FILTER_VALIDATE_INT, array('min_range' => 0, 'max_range' => 2));
$this->rowstart = filter_input(INPUT_GET, 'rowstart', FILTER_VALIDATE_INT) ?: 0;
$this->error_id = filter_input(INPUT_GET, 'error_id', FILTER_VALIDATE_INT);
if (isnum($this->error_status) && $this->posted_error_id) {
dbquery("UPDATE " . DB_ERRORS . " SET error_status='" . $this->error_status . "' WHERE error_id='" . $this->posted_error_id . "'");
redirect(FUSION_REQUEST);
}
if (isset($_POST['delete_entries']) && isnum($this->delete_status)) {
dbquery("DELETE FROM " . DB_ERRORS . " WHERE error_status='" . $_POST['delete_status'] . "'");
$source_redirection_path = preg_replace("~" . fusion_get_settings("site_path") . "~", "", FUSION_REQUEST, 1);
redirect(fusion_get_settings("siteurl") . $source_redirection_path);
}
$result = dbquery("SELECT * FROM " . DB_ERRORS . " ORDER BY error_timestamp DESC LIMIT " . $this->rowstart . ",20");
while ($data = dbarray($result)) {
$this->errors[$data['error_id']] = $data;
}
$this->rows = $this->errors ? dbcount('(error_id)', DB_ERRORS) : 0;
}
protected function check_duplicate_ranks()
{
global $aidlink;
$comparing_data = dbarray(dbquery("SELECT rank_apply FROM " . DB_FORUM_RANKS . " WHERE rank_id='" . $this->data['rank_id'] . "'"));
if ($this->data['rank_apply'] < USER_LEVEL_MEMBER && $this->data['rank_apply'] != $comparing_data['rank_apply'] && dbcount("(rank_id)", DB_FORUM_RANKS, (multilang_table("FR") ? "rank_language='" . LANGUAGE . "' AND" : "") . "\n rank_id!='" . $this->data['rank_id'] . "' AND rank_apply='" . $this->data['rank_apply'] . "'")) {
addNotice('info', self::$locale['413']);
redirect(FUSION_SELF . $aidlink . '§ion=fr');
}
return FALSE;
}
function EnterResult($tid, $round, $match, $score1, $score2)
{
$result1 = dbquery("SELECT * FROM " . DB_T_MATCHES . " WHERE match_round='" . $round . "' AND match_match='" . $match . "' AND match_tour='" . $tid . "'");
$data1 = dbarray($result1);
if ($score1 > $score2) {
$winner = $data1['match_pl1'];
$looser = $data1['match_pl2'];
} else {
$winner = $data1['match_pl2'];
$looser = $data1['match_pl1'];
}
$result = dbquery("UPDATE " . DB_T_MATCHES . " SET match_score1='" . $score1 . "', match_score2='" . $score2 . "', match_winner='" . $winner . "', match_played='1' WHERE match_round='" . $round . "' AND match_match='" . $match . "' AND match_tour='" . $tid . "'");
$pl = dbcount("(player_id)", DB_T_PLAYERS, "player_tour='" . $tid . "' AND player_checkin='1'");
$max = getMaxPl($pl);
$rounds = log($max) / log(2);
if ($round == $rounds) {
//fin12
$set_w1 = dbquery("UPDATE " . DB_T_TOURS . " SET tour_w1='" . $winner . "', tour_w2='" . $looser . "' WHERE tour_id='" . $tid . "'");
$check_f = dbarray(dbquery("SELECT tour_w3, tour_w4 FROM " . DB_T_TOURS . " WHERE tour_id='" . $tid . "'"));
if ($check_f['tour_w3'] != "0" && $check_f['tour_w4'] != "0") {
$fin = dbquery("UPDATE " . DB_T_TOURS . " SET tour_finished='1' WHERE tour_id='" . $tid . "'");
}
} elseif ($round == $rounds + 1) {
//fin34
$set_w3 = dbquery("UPDATE " . DB_T_TOURS . " SET tour_w3='" . $winner . "', tour_w4='" . $looser . "' WHERE tour_id='" . $tid . "'");
$check_f = dbarray(dbquery("SELECT tour_w1, tour_w2 FROM " . DB_T_TOURS . " WHERE tour_id='" . $tid . "'"));
if ($check_f['tour_w1'] != "0" && $check_f['tour_w2'] != "0") {
$fin = dbquery("UPDATE " . DB_T_TOURS . " SET tour_finished='1' WHERE tour_id='" . $tid . "'");
}
} else {
//just enter
if ($match % 2 == 1) {
$nextround = $round + 1;
$nextmatch = ($match + 1) / 2;
$result2 = dbquery("UPDATE " . DB_T_MATCHES . " SET match_pl1='" . $winner . "' WHERE match_round='" . $nextround . "' AND match_match='" . $nextmatch . "' AND match_tour='" . $tid . "'");
if ($round == $rounds - 1) {
//looser to fin34
$x = $rounds + 1;
$result3 = dbquery("UPDATE " . DB_T_MATCHES . " SET match_pl1='" . $looser . "' WHERE match_round='" . $x . "' AND match_match='1' AND match_tour='" . $tid . "'");
}
}
if ($match % 2 == 0) {
$nextround = $round + 1;
$nextmatch = $match / 2;
$result2 = dbquery("UPDATE " . DB_T_MATCHES . " SET match_pl2='" . $winner . "' WHERE match_round='" . $nextround . "' AND match_match='" . $nextmatch . "' AND match_tour='" . $tid . "'");
if ($round == $rounds - 1) {
//looser to fin34
$x = $rounds + 1;
$result2 = dbquery("UPDATE " . DB_T_MATCHES . " SET match_pl2='" . $looser . "' WHERE match_round='" . $x . "' AND match_match='1' AND match_tour='" . $tid . "'");
}
}
}
}
function faq_listing()
{
global $locale, $aidlink, $show_faqs;
$total_cat_count = dbcount("(faq_cat_id)", DB_FAQ_CATS, multilang_table("FQ") ? "faq_cat_language='" . LANGUAGE . "'" : "");
$_GET['show_faq'] = isset($_GET['show_faq']) && isnum($_GET['show_faq']) ? $_GET['show_faq'] : 0;
$_GET['rowstart'] = isset($_GET['rowstart']) && isnum($_GET['rowstart']) && $_GET['rowstart'] <= $total_cat_count ? $_GET['rowstart'] : 0;
$result = dbquery("SELECT fc.faq_cat_id, fc.faq_cat_name,\n\tcount(faq_id) 'faq_count'\n\tFROM " . DB_FAQ_CATS . " fc\n\tleft join " . DB_FAQS . " f using (faq_cat_id)\n\t" . (multilang_table("FQ") ? "WHERE fc.faq_cat_language='" . LANGUAGE . "'" : "") . "\n\tgroup by fc.faq_cat_id\n\tORDER BY fc.faq_cat_name\n\tlimit " . intval($_GET['rowstart']) . ", " . intval($show_faqs) . "\n\t");
$cat_rows = dbrows($result);
if ($cat_rows > 0) {
echo "<div class='m-t-10'>\n";
echo "<div class='clearfix'>\n";
if ($total_cat_count > $cat_rows) {
echo "<div class='pull-right'>\n";
echo makepagenav($_GET['rowstart'], $show_faqs, $total_cat_count, 3, FUSION_SELF . $aidlink . "&", "rowstart");
echo "</div>\n";
}
echo sprintf($locale['faq_0115'], $cat_rows, $total_cat_count);
echo "</div>\n";
echo "</div>\n";
echo "<table class='table table-responsive table-striped m-t-20'>\n<thead><tr>\n";
echo "<th class='col-xs-4'>" . $locale['faq_0103'] . "</th>\n";
echo "<th>" . $locale['faq_0104'] . "</th>\n";
echo "<th>" . $locale['faq_0105'] . "</th>\n";
echo "<th class='text-right'>" . $locale['faq_0106'] . "</th>\n";
echo "</tr>\n";
echo "</thead>\n<tbody>\n";
while ($data = dbarray($result)) {
echo "<tr>\n";
// let us use 2 page nav. :)
echo "<td><a href='" . FUSION_SELF . $aidlink . "&show_faq=" . $data['faq_cat_id'] . "'>" . $data['faq_cat_name'] . "</a></td>\n";
echo "<td><span class='badge'>" . $data['faq_count'] . "</span></td>\n";
echo "<td>" . $data['faq_cat_id'] . "</td>\n";
echo "<td class='text-right'>\n\t\t\t<a href='" . FUSION_SELF . $aidlink . "&action=edit&cat_id=" . $data['faq_cat_id'] . "&section=faq-category'>" . $locale['faq_0107'] . "</a> -\n";
echo "<a href='" . FUSION_SELF . $aidlink . "&action=delete&cat_id=" . $data['faq_cat_id'] . "&section=faq-category' onclick=\"return confirm('" . $locale['faq_0109'] . "');\">" . $locale['faq_0108'] . "</a></td>\n";
echo "</tr>\n";
if ($_GET['show_faq'] == $data['faq_cat_id']) {
show_faq($data['faq_cat_id'], $data['faq_count']);
}
}
// simple toggle
add_to_jquery("\n\t\t\$('.faq_toggle').bind('click', function() {\n\t\t\tvar faqs = \$(this).data('target');\n\t\t\tvar faq_length = \$('#' + faqs + ':visible').length;\n\t\t\t\$('.faq_list').hide();\n\t\t\tif (faq_length > 0) {\n\t\t\t\t\$('#'+faqs).hide();\n\t\t\t} else {\n\t\t\t\t\$('#'+faqs).show();\n\t\t\t}\n\t\t});\n\t\t");
echo "</table>\n";
} else {
echo "<div class='well text-center'>" . $locale['faq_0116'] . "<br />\n</div>\n";
}
}
/**
* Display Login form
* @param array $info
*/
function display_loginform(array $info)
{
global $locale, $userdata, $aidlink;
opentable($locale['global_100']);
if (iMEMBER) {
$msg_count = dbcount("(message_id)", DB_MESSAGES, "message_to='" . $userdata['user_id'] . "' AND message_read='0' AND message_folder='0'");
opentable($userdata['user_name']);
echo "<div style='text-align:center'><br />\n";
echo THEME_BULLET . " <a href='" . BASEDIR . "edit_profile.php' class='side'>" . $locale['global_120'] . "</a><br />\n";
echo THEME_BULLET . " <a href='" . BASEDIR . "messages.php' class='side'>" . $locale['global_121'] . "</a><br />\n";
echo THEME_BULLET . " <a href='" . BASEDIR . "members.php' class='side'>" . $locale['global_122'] . "</a><br />\n";
if (iADMIN && (iUSER_RIGHTS != "" || iUSER_RIGHTS != "C")) {
echo THEME_BULLET . " <a href='" . ADMIN . "index.php" . $aidlink . "' class='side'>" . $locale['global_123'] . "</a><br />\n";
}
echo THEME_BULLET . " <a href='" . BASEDIR . "index.php?logout=yes' class='side'>" . $locale['global_124'] . "</a>\n";
if ($msg_count) {
echo "<br /><br />\n";
echo "<strong><a href='" . BASEDIR . "messages.php' class='side'>" . sprintf($locale['global_125'], $msg_count);
echo ($msg_count == 1 ? $locale['global_126'] : $locale['global_127']) . "</a></strong>\n";
}
echo "<br /><br /></div>\n";
} else {
echo "<div id='login_form' class='panel panel-default text-center text-dark'>\n";
if (fusion_get_settings("sitebanner")) {
echo "<a class='display-inline-block' href='" . BASEDIR . fusion_get_settings("opening_page") . "'><img src='" . BASEDIR . fusion_get_settings("sitebanner") . "' alt='" . fusion_get_settings("sitename") . "'/></a>\n";
} else {
echo "<a class='display-inline-block' href='" . BASEDIR . fusion_get_settings("opening_page") . "'>" . fusion_get_settings("sitename") . "</a>\n";
}
echo "<div class='panel-body text-center'>\n";
echo $info['open_form'];
echo $info['user_name'];
echo $info['user_pass'];
echo $info['remember_me'];
echo $info['login_button'];
echo $info['registration_link'] . "<br/><br/>";
echo $info['forgot_password_link'] . "<br/><br/>";
echo $info['close_form'];
echo "</div>\n";
echo "</div>\n";
}
closetable();
}
function flood_control($field, $table, $where, $debug = FALSE)
{
global $userdata, $settings, $locale, $defender;
$flood = FALSE;
if (!iSUPERADMIN && !iADMIN && (!defined("iMOD") || !iMOD) || $debug) {
$result = dbquery("SELECT MAX(" . $field . ") AS last_post FROM " . $table . " WHERE " . $where);
if (dbrows($result)) {
$time = time();
$data = dbarray($result);
if ($time - $data['last_post'] < $settings['flood_interval']) {
$defender->stop();
addNotice('warning', sprintf($locale['flood'], countdown($settings['flood_interval'] - ($time - $data['last_post']))));
$flood = TRUE;
$result = dbquery("INSERT INTO " . DB_FLOOD_CONTROL . " (flood_ip, flood_ip_type, flood_timestamp) VALUES ('" . USER_IP . "', '" . USER_IP_TYPE . "', '" . time() . "')");
// This should be in settings, "After how many flood offences take action" then a setting for what action to take
if (dbcount("(flood_ip)", DB_FLOOD_CONTROL, "flood_ip='" . USER_IP . "'") > 4) {
if (!$debug) {
if (iMEMBER && $settings['flood_autoban'] == "1") {
require_once INCLUDES . "sendmail_include.php";
require_once INCLUDES . "suspend_include.php";
$result = dbquery("UPDATE " . DB_USERS . " SET user_status='4', user_actiontime='0' WHERE user_id='" . $userdata['user_id'] . "'");
suspend_log($userdata['user_id'], 4, $locale['global_440'], TRUE);
$message = str_replace("[USER_NAME]", $userdata['user_name'], $locale['global_442']);
$message = str_replace("[USER_IP]", USER_IP, $message);
$message = str_replace("[USER_IP]", USER_IP, $message);
$message = str_replace("[SITE_EMAIL]", $settings['siteemail'], $message);
$message = str_replace("[SITEUSERNAME]", $settings['siteusername'], $message);
$subject = str_replace("[SITENAME]", $settings['sitename'], $locale['global_441']);
sendemail($userdata['user_name'], $userdata['user_email'], $settings['siteusername'], $settings['siteemail'], $subject, $message);
} elseif (!iMEMBER) {
$result = dbquery("INSERT INTO " . DB_BLACKLIST . " (blacklist_ip, blacklist_ip_type, blacklist_email, blacklist_reason) VALUES ('" . USER_IP . "', '" . USER_IP_TYPE . "', '', '" . $locale['global_440'] . "')");
}
} else {
addNotice('info', "DEBUG MESSAGE: Triggered flood control action due to repeated offences. This could've resulted in a ban or suspenstion");
}
}
}
}
}
return $flood;
}
function pif_cache($cache)
{
global $pif_cache, $pif_global;
switch ($cache) {
case "total_reg_users":
if (!array_key_exists("total_reg_users", $pif_cache) || $pif_cache['total_reg_users'] == '') {
$in = "";
foreach ($pif_global['visible_members'] as $value) {
$in .= $in != '' ? ", " : "";
$in .= $value;
}
$pif_cache['total_reg_users'] = number_format(dbcount("(user_id)", DB_USERS, "user_status IN(" . $in . ")"));
}
break;
case "newest_reg_member":
if (!array_key_exists("newest_reg_member", $pif_cache) || !is_array($pif_cache['newest_reg_member'])) {
$pif_cache['newest_reg_member'] = array();
list($pif_cache['newest_reg_member']['user_id'], $pif_cache['newest_reg_member']['user_name'], $pif_cache['newest_reg_member']['user_status']) = dbarraynum(dbquery("SELECT user_id, user_name, user_status FROM " . DB_USERS . " WHERE user_status='0' ORDER BY user_joined DESC LIMIT 0,1"));
}
break;
case "online_users":
if (!array_key_exists("online_users", $pif_cache) || !is_array($pif_cache['online_users'])) {
$pif_cache['online_users'] = array();
$result = dbquery("SELECT ton.online_user, tu.user_id, tu.user_name, tu.user_status, tu.user_level FROM " . DB_ONLINE . " ton\r\n\t\tLEFT JOIN " . DB_USERS . " tu ON ton.online_user=tu.user_id");
$pif_cache['online_users']['guests'] = 0;
$pif_cache['online_users']['members'] = array();
while ($data = dbarray($result)) {
if ($data['online_user'] == "0") {
$pif_cache['online_users']['guests']++;
} else {
array_push($pif_cache['online_users']['members'], array("user_id" => $data['user_id'], "user_name" => $data['user_name'], "user_status" => $data['user_status'], "user_level" => $data['user_level']));
}
}
}
break;
default:
echo "Cache Error";
}
}
function article_admin_editlist($id)
{
global $data;
$editlist = "";
$sel = "";
$checkparent = dbcount("(article_cat_id)", DB_ARTICLE_CATS, "article_cat_parent='" . (int) $id . "'");
$result2 = dbquery("SELECT article_cat_id, article_cat_name FROM " . DB_ARTICLE_CATS . " WHERE article_cat_parent='0' ORDER BY article_cat_name");
if (dbrows($result2) != 0) {
$editlist .= "<option value='0'" . $sel . "><span class='small'></span></option>\n";
while ($data2 = dbarray($result2)) {
if (isset($_GET['action']) && $_GET['action'] == "edit") {
$sel = $data['article_cat_parent'] == $data2['article_cat_id'] ? " selected='selected'" : "";
}
if (isset($_GET['action']) && $_GET['action'] == "edit" && $_GET['cat_id'] != $data2['article_cat_id'] && $checkparent == 0) {
$editlist .= "<option value='" . $data2['article_cat_id'] . "'{$sel}>" . $data2['article_cat_name'] . "</option>\n";
} elseif (!isset($_GET['action'])) {
$editlist .= "<option value='" . $data2['article_cat_id'] . "'{$sel}>" . $data2['article_cat_name'] . "</option>\n";
}
}
}
return $editlist;
}
function flood_control($field, $table, $where)
{
global $userdata, $settings;
$flood = false;
if (!iSUPERADMIN && !iADMIN && (!defined("iMOD") || !iMOD)) {
$result = dbquery("SELECT MAX(" . $field . ") AS last_post FROM " . $table . " WHERE " . $where);
if (dbrows($result)) {
$data = dbarray($result);
if (time() - $data['last_post'] < $settings['flood_interval']) {
$flood = true;
$result = dbquery("INSERT INTO " . DB_FLOOD_CONTROL . " (flood_ip, flood_timestamp) VALUES ('" . USER_IP . "', '" . time() . "')");
if (dbcount("(flood_ip)", DB_FLOOD_CONTROL, "flood_ip='" . USER_IP . "'") > 4) {
if (iMEMBER) {
$result = dbquery("UPDATE " . DB_USERS . " SET user_status='1' WHERE user_id='" . $userdata['user_id'] . "'");
} else {
$result = dbquery("INSERT INTO " . DB_BLACKLIST . " (blacklist_ip, blacklist_email, blacklist_reason) VALUES ('" . USER_IP . "', '', 'Automatic Ban')");
}
}
}
}
}
return $flood;
}
public function checkPasswordRequest($email, $account)
{
if (!$this->_isValidEMailAddress($email)) {
return FALSE;
}
if (preg_match("/^[0-9a-z]{32}\$/", $account) && dbcount("(user_id)", DB_USERS, "user_email='" . $email . "' AND user_algo='md5'") || preg_match("/^[0-9a-z]{64}\$/", $account)) {
$result = dbquery("SELECT user_name FROM " . DB_USERS . " WHERE user_email='" . $email . "' AND user_password='******'");
if (dbrows($result)) {
$data = dbarray($result);
$this->_userName = $data['user_name'];
$this->_newPassword = $this->getNewPassword();
$this->_setNewHash($this->_newPassword);
$this->_sendNewPassword();
return TRUE;
} else {
$this->_error = 3;
return FALSE;
}
} else {
$this->_error = 3;
return FALSE;
}
}
function count_bew($type = "all")
{
//global $locale;
if ($type == "all") {
$newbew = dbcount("(pr_id)", PR_DB_BEWERBUNG, "pr_status = '1'");
$beabew = dbcount("(pr_id)", PR_DB_BEWERBUNG, "pr_status = '2'");
$einbew = dbcount("(pr_id)", PR_DB_BEWERBUNG, "pr_status = '3'");
$delbew = dbcount("(pr_id)", PR_DB_BEWERBUNG, "pr_status = '4'");
echo THEME_BULLET . " ";
if ($newbew == '0') {
echo "Keine neuen Bewerbungen<br>";
} elseif ($newbew == '1') {
echo "<b><font color='red'>" . $newbew . " neue Bewerbung<br></font></b>";
} else {
echo "<b><font color='red'>" . $newbew . " neue Bewerbungen<br></font></b>";
}
echo "<br />" . THEME_BULLET . " ";
if ($beabew == '1') {
echo "" . $beabew . " Bewerbung ist in Bearbeitung<br>";
} else {
echo "" . $beabew . " Bewerbungen sind in Bearbeitung<br>";
}
echo "<br />";
if (iSUPERADMIN) {
echo THEME_BULLET . " ";
if ($delbew == '1') {
echo "" . $delbew . " Bewerbung wurde gelöscht";
} else {
echo "" . $delbew . " Bewerbungen wurden gelöscht";
}
echo "<br />";
}
} else {
$count = dbcount("(pr_id)", PR_DB_BEWERBUNG, "pr_status = {$type}");
return $count;
}
}
} else {
$poll = "";
$i = 0;
$num_opts = count($poll_option);
$poll_votes = dbcount("(vote_opt)", DB_POLL_VOTES, "poll_id='" . $data['poll_id'] . "'");
while ($i < $num_opts) {
$num_votes = dbcount("(vote_opt)", DB_POLL_VOTES, "vote_opt='{$i}' AND poll_id='" . $data['poll_id'] . "'");
$opt_votes = $poll_votes ? number_format(100 / $poll_votes * $num_votes) : 0;
$poll .= progress_bar($opt_votes, $poll_option[$i]);
$poll .= "<div>" . $opt_votes . "% [" . (empty($num_votes) ? 0 : $num_votes) . ($num_votes == 1 ? $locale['global_133'] : $locale['global_134']) . "]</div><br />\n";
$i++;
}
echo "<strong>" . $poll_title . "</strong><br /><br />\n" . $poll;
echo "<div style='text-align:center'>" . $locale['global_135'] . $poll_votes . "<br />\n";
if (!iMEMBER) {
echo $locale['global_132'] . "<br />";
}
echo $locale['global_136'] . showdate("shortdate", $data['poll_started']);
if ($data['poll_ended'] > 0) {
echo "<br />\n" . $locale['global_137'] . showdate("shortdate", $data['poll_ended']) . "\n";
}
$result = dbcount("(poll_id)", DB_POLLS);
if ($result > 1) {
echo "<br /><br /><a href='" . INFUSIONS . "member_poll_panel/polls_archive.php' class='side'>" . $locale['global_138'] . "</a>\n";
}
echo "</div>\n";
}
} else {
echo "<div style='text-align:center'>" . $locale['global_142'] . "</div>\n";
}
closeside();
/*-------------------------------------------------------+
| PHP-Fusion Content Management System
| Copyright (C) 2002 - 2013 Nick Jones
| http://www.php-fusion.co.uk/
+--------------------------------------------------------+
| Filename: user_comments-stat_include.php
| Author: Digitanium
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
if (!defined("IN_FUSION")) {
die("Access Denied");
}
if ($profile_method == "input") {
//Nothing here
} elseif ($profile_method == "display") {
echo "<tr>\n";
echo "<td class='tbl1'>" . $locale['uf_comments-stat'] . "</td>\n";
echo "<td align='right' class='tbl1'>" . number_format(dbcount("(comment_id)", DB_COMMENTS, "comment_name='" . $user_data['user_id'] . "'")) . "</td>\n";
echo "</tr>\n";
} elseif ($profile_method == "validate_insert") {
//Nothing here
} elseif ($profile_method == "validate_update") {
//Nothing here
}
$result = dbquery("SELECT post_datestamp, post_author FROM " . DB_POSTS . " WHERE forum_id='" . $_GET['forum_id'] . "' ORDER BY post_datestamp DESC LIMIT 1");
if (dbrows($result)) {
$ldata = dbarray($result);
$forum_lastpost = "forum_lastpost='" . $ldata['post_datestamp'] . "', forum_lastuser='******'post_author'] . "'";
} else {
$forum_lastpost = "forum_lastpost='0', forum_lastuser='******'";
}
$result = dbquery("UPDATE " . DB_FORUMS . " SET " . $forum_lastpost . ", forum_postcount=forum_postcount-" . $deleted_posts . ", forum_threadcount=forum_threadcount-" . $deleted_threads . " WHERE forum_id='" . $_GET['forum_id'] . "'");
}
$rows_left = dbcount("(thread_id)", "threads", "forum_id='" . $_GET['forum_id'] . "'") - 3;
if ($rows_left <= $_GET['rowstart'] && $_GET['rowstart'] > 0) {
$_GET['rowstart'] = (ceil($rows_left / $threads_per_page) - 1) * $threads_per_page;
}
redirect(FUSION_SELF . "?forum_id=" . $_GET['forum_id'] . "&rowstart=" . $_GET['rowstart']);
}
$rows = dbcount("(thread_id)", DB_THREADS, "forum_id='" . $_GET['forum_id'] . "' AND thread_sticky='0'");
opentable($locale['450']);
echo "<!--pre_forum--><div class='tbl2'><a href='index.php'>" . $settings['sitename'] . "</a> :: " . $caption . "</div>\n";
if ($rows > $threads_per_page || iMEMBER && $can_post) {
echo "<table cellspacing='0' cellpadding='0' width='100%'>\n<tr>\n";
if ($rows > $threads_per_page) {
echo "<td style='padding:4px 0px 4px 0px'>" . makePageNav($_GET['rowstart'], $threads_per_page, $rows, 3, FUSION_SELF . "?forum_id=" . $_GET['forum_id'] . "&") . "</td>\n";
}
if (iMEMBER && $can_post) {
echo "<td align='right' style='padding:4px 0px 4px 0px'><a href='post.php?action=newthread&forum_id=" . $_GET['forum_id'] . "'><img src='" . get_image("newthread") . "' alt='" . $locale['566'] . "' style='border:0px;' /></a></td>\n";
}
echo "</tr>\n</table>\n";
}
if (iMOD) {
echo "<form name='mod_form' method='post' action='" . FUSION_SELF . "?forum_id=" . $_GET['forum_id'] . "&rowstart=" . $_GET['rowstart'] . "'>\n";
}
| Author: Robert Gaudyn (Wooya)
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
require_once "../../maincore.php";
require_once THEMES . "templates/header.php";
if (!iMEMBER) {
redirect("../../index.php");
}
if (isset($_GET['delete']) && isnum($_GET['delete']) && dbcount("(thread_id)", DB_THREAD_NOTIFY, "thread_id='" . $_GET['delete'] . "' AND notify_user='******'user_id'] . "'")) {
$result = dbquery("DELETE FROM " . DB_THREAD_NOTIFY . " WHERE thread_id=" . $_GET['delete'] . " AND notify_user="******"SELECT tn.thread_id FROM " . DB_THREAD_NOTIFY . " tn\n\tINNER JOIN " . DB_THREADS . " tt ON tn.thread_id = tt.thread_id\n\tINNER JOIN " . DB_FORUMS . " tf ON tt.forum_id = tf.forum_id\n\tWHERE tn.notify_user="******" AND " . groupaccess('forum_access') . " AND tt.thread_hidden='0'");
$rows = dbrows($result);
if ($rows) {
$result = dbquery("\n\t\tSELECT tf.forum_access, tn.thread_id, tn.notify_datestamp, tn.notify_user,\n\t\ttt.thread_subject, tt.forum_id, tt.thread_lastpost, tt.thread_lastuser, tt.thread_postcount,\n\t\ttu.user_id AS user_id1, tu.user_name AS user_name1, tu.user_status AS user_status1, \n\t\ttu2.user_id AS user_id2, tu2.user_name AS user_name2, tu2.user_status AS user_status2\n\t\tFROM " . DB_THREAD_NOTIFY . " tn\n\t\tINNER JOIN " . DB_THREADS . " tt ON tn.thread_id = tt.thread_id\n\t\tINNER JOIN " . DB_FORUMS . " tf ON tt.forum_id = tf.forum_id\n\t\tLEFT JOIN " . DB_USERS . " tu ON tt.thread_author = tu.user_id\n\t\tLEFT JOIN " . DB_USERS . " tu2 ON tt.thread_lastuser = tu2.user_id\n\t\tINNER JOIN " . DB_POSTS . " tp ON tt.thread_id = tp.thread_id\n\t\tWHERE tn.notify_user="******" AND " . groupaccess('forum_access') . " AND tt.thread_hidden='0'\n\t\tGROUP BY tn.thread_id\n\t\tORDER BY tn.notify_datestamp DESC\n\t\tLIMIT " . $_GET['rowstart'] . ",10\n\t");
echo "<table class='tbl-border' cellpadding='0' cellspacing='1' width='100%'>\n<tr>\n";
echo "<td class='tbl2'><strong>" . $locale['global_044'] . "</strong></td>\n";
echo "<td class='tbl2' style='text-align:center;white-space:nowrap'><strong>" . $locale['global_050'] . "</strong></td>\n";
echo "<td class='tbl2' style='text-align:center;white-space:nowrap'><strong>" . $locale['global_047'] . "</strong></td>\n";
require_once THEMES . "templates/admin_header.php";
require_once INCLUDES . "html_buttons_include.php";
include LOCALE . LOCALESET . "admin/weblinks.php";
if (isset($_GET['status']) && !isset($message)) {
if ($_GET['status'] == "sn") {
$message = $locale['510'];
} elseif ($_GET['status'] == "su") {
$message = $locale['511'];
} elseif ($_GET['status'] == "del") {
$message = $locale['512'];
}
if ($message) {
echo "<div id='close-message'><div class='admin-message'>" . $message . "</div></div>\n";
}
}
$result = dbcount("(weblink_cat_id)", DB_WEBLINK_CATS);
if (!empty($result)) {
if (isset($_GET['action']) && $_GET['action'] == "delete" && (isset($_GET['weblink_id']) && isnum($_GET['weblink_id']))) {
$result = dbquery("DELETE FROM " . DB_WEBLINKS . " WHERE weblink_id='" . $_GET['weblink_id'] . "'");
redirect(FUSION_SELF . $aidlink . "&weblink_cat_id=" . $_GET['weblink_cat_id'] . "&status=del");
}
if (isset($_POST['save_link'])) {
$weblink_name = stripinput($_POST['weblink_name']);
$weblink_description = addslash($_POST['weblink_description']);
$weblink_url = stripinput($_POST['weblink_url']);
$weblink_cat = intval($_POST['weblink_cat']);
if ($weblink_name) {
if (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_GET['weblink_id']) && isnum($_GET['weblink_id']))) {
$weblink_datestamp = isset($_POST['update_datestamp']) ? ", weblink_datestamp='" . time() . "'" : "";
$result = dbquery("UPDATE " . DB_WEBLINKS . " SET weblink_name='{$weblink_name}', weblink_description='{$weblink_description}', weblink_url='{$weblink_url}', weblink_cat='{$weblink_cat}'" . $weblink_datestamp . " WHERE weblink_id='" . $_GET['weblink_id'] . "'");
redirect(FUSION_SELF . $aidlink . "&weblink_cat_id={$weblink_cat}&status=su");
function display_suspend_log($user_id, $type = "all", $rowstart = 0, $limit = 0)
{
global $locale;
$db_type = $type != "all" && isnum($type) ? " AND suspend_type='{$type}'" : "";
$rows = dbcount("(suspend_id)", DB_SUSPENDS, "suspended_user='******'{$db_type}");
$result = dbquery("SELECT sp.suspend_id, sp.suspend_ip, sp.suspend_ip_type, sp.suspend_date, sp.suspend_reason,\n\t\tsp.suspend_type, sp.reinstate_date, sp.reinstate_reason, sp.reinstate_ip, sp.reinstate_ip_type,\n\t\ta.user_name AS admin_name, b.user_name AS admin_name_b \n\t\tFROM " . DB_SUSPENDS . " sp \n\t\tLEFT JOIN " . DB_USERS . " a ON sp.suspending_admin=a.user_id \n\t\tLEFT JOIN " . DB_USERS . " b ON sp.reinstating_admin=b.user_id \n\t\tWHERE suspended_user='******'{$db_type}\n\t\tORDER BY suspend_date DESC" . ($limit > 0 ? " LIMIT {$limit}" : ""));
$rows = dbrows($result);
$udata = dbarray(dbquery("SELECT user_name FROM " . DB_USERS . " WHERE user_id='{$user_id}' LIMIT 1"));
if ($type == "all") {
opentable(sprintf($locale['susp100'], $udata['user_name']));
member_nav(member_url("view", $user_id) . "|" . $udata['user_name'], member_url("log", $user_id) . "|" . $locale['susp114']);
} else {
opentable(sprintf($locale['susp100b'], getsuspension($type, true), $udata['user_name']));
}
if ($rows) {
echo "<table width='80%' cellpadding='1' cellspacing='0' class='tbl-border center'>\n<tr>\n";
if ($type == "all") {
$description = sprintf($locale['susp101'], $udata['user_name']);
} else {
$description = sprintf($locale['susp102'], getsuspension($type), $udata['user_name']);
}
echo "<td class='tbl2' width='30'>" . $locale['susp103'] . "</td>\n";
echo "<td class='tbl2' width='120'>" . $locale['susp104'] . "</td>\n";
echo "<td class='tbl2' width='250'>" . $locale['susp105'] . "</td>\n";
echo "<td class='tbl2' width='150'>" . $locale['susp106'] . "</td>\n";
echo "</tr>\n";
$i = 1;
while ($data = dbarray($result)) {
$class = "tbl{$i}";
$suspension = $data['suspend_type'] != 2 ? getsuspension($data['suspend_type']) : $locale['susp111'];
$reason = $data['suspend_reason'] ? ": " . $data['suspend_reason'] : "";
$admin = $data['admin_name'] ? $data['admin_name'] . " (" . $locale['susp108'] . ": " . $data['suspend_ip'] . ")" : $locale['susp109'];
echo "<tr><td class='{$class}' valign='top'>#" . $data['suspend_id'] . "</td>\n";
echo "<td class='{$class}' valign='top'>" . showdate('forumdate', $data['suspend_date']) . "</td>\n";
echo "<td class='{$class}' valign='top'><strong>{$suspension}</strong>{$reason}</td>\n";
echo "<td class='{$class}' valign='top'>{$admin}</td>\n";
echo "</tr>\n<tr>\n";
if ($data['reinstate_date']) {
$r_reason = $data['reinstate_reason'] ? ": " . $data['reinstate_reason'] : "";
$admin = $data['admin_name_b'] ? $data['admin_name_b'] . " (" . $locale['susp112'] . $data['reinstate_ip'] . ")" : $locale['susp109'];
echo "<td class='{$class}' valign='top' align='right'> </td>\n";
echo "<td class='{$class}' valign='top'>" . showdate('forumdate', $data['reinstate_date']) . "</td>\n";
echo "<td class='{$class}' valign='top'>" . $locale['susp113'] . $r_reason . "</td>\n";
echo "<td class='{$class}' valign='top'>{$admin}</td>\n";
echo "</tr>\n<tr>\n";
} elseif ($data['suspend_type'] != 2) {
echo "<td class='{$class}' valign='top' align='right'> </td>\n";
echo "<td class='{$class}' valign='top'> </td>\n";
echo "<td class='{$class}' valign='top'> </td>\n";
echo "<td class='{$class}' valign='top'> </td>\n";
echo "</tr>\n<tr>\n";
}
echo "<td class='tbl1' colspan='4'><hr /></td>\n";
echo "</tr>\n";
if ($i == 2 ? $i = 1 : $i++) {
}
}
echo "</table>\n";
} else {
echo "<div id='close-message'><div class='admin-message'>" . $locale['susp110'] . "</div></div>\n";
}
closetable();
}
$comment = trimlink($data['comment_message'], 23);
$commentStart = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $data['comment_item_id'] . "' AND comment_type='C' AND comment_id<=" . $data['comment_id']);
if ($commentStart > $settings['comments_per_page']) {
$commentStart = "&c_start=" . floor($commentStart / $settings['comments_per_page']) * $settings['comments_per_page'];
} else {
$commentStart = "";
}
$output .= THEME_BULLET . " <a href='" . BASEDIR . "viewpage.php?page_id=" . $data['comment_item_id'] . $commentStart . "#c" . $data['comment_id'] . "' title='" . $comment . "' class='side'>" . $comment . "</a><br />\n";
$i++;
}
continue;
case "D":
$access = dbquery("\tSELECT download_id FROM " . DB_DOWNLOADS . " d, " . DB_DOWNLOAD_CATS . " c WHERE\n\t\t\t\t\t\t\t\t\td.download_id='" . $data['comment_item_id'] . "' AND\n\t\t\t\t\t\t\t\t\td.download_cat=c.download_cat_id AND\n\t\t\t\t\t\t\t\t\t" . groupaccess('c.download_cat_access'));
if (dbrows($access) > 0) {
$comment = trimlink($data['comment_message'], 23);
$commentStart = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $data['comment_item_id'] . "' AND comment_type='D' AND comment_id<=" . $data['comment_id']);
if ($commentStart > $settings['comments_per_page']) {
$commentStart = "&c_start=" . floor($commentStart / $settings['comments_per_page']) * $settings['comments_per_page'];
} else {
$commentStart = "";
}
$output .= THEME_BULLET . " <a href='" . BASEDIR . "downloads.php?download_id=" . $data['comment_item_id'] . $commentStart . "#c" . $data['comment_id'] . "' title='" . $comment . "' class='side'>" . $comment . "</a><br />\n";
$i++;
}
continue;
}
}
echo $output;
} else {
echo "<div style='text-align:center'>" . $locale['global_026'] . "</div>\n";
}
$data = dbarray($result);
if (!isset($_POST['post_comment']) && !isset($_POST['post_rating'])) {
$result2 = dbquery("UPDATE " . DB_NEWS . " SET news_reads=news_reads+1 WHERE news_id='" . $_GET['readmore'] . "'");
$data['news_reads']++;
}
$news_cat_image = "";
$news_subject = $data['news_subject'];
if ($data['news_image_t1'] && $settings['news_image_readmore'] == "0") {
$img_size = @getimagesize(IMAGES_N . $data['news_image']);
$news_cat_image = "<a href=\"javascript:;\" onclick=\"window.open('" . IMAGES_N . $data['news_image'] . "','','scrollbars=yes,toolbar=no,status=no,resizable=yes,width=" . ($img_size[0] + 20) . ",height=" . ($img_size[1] + 20) . "')\"><img src='" . IMAGES_N_T . $data['news_image_t1'] . "' alt='" . $data['news_subject'] . "' class='news-category' /></a>";
} elseif ($data['news_cat_image']) {
$news_cat_image = "<a href='news_cats.php?cat_id=" . $data['news_cat'] . "'><img src='" . get_image("nc_" . $data['news_cat_name']) . "' alt='" . $data['news_cat_name'] . "' class='news-category' /></a>";
}
$news_news = preg_split("/<!?--\\s*pagebreak\\s*-->/i", $data['news_breaks'] == "y" ? nl2br(stripslashes($data['news_extended'] ? $data['news_extended'] : $data['news_news'])) : stripslashes($data['news_extended'] ? $data['news_extended'] : $data['news_news']));
$pagecount = count($news_news);
$news_info = array("news_id" => $data['news_id'], "user_id" => $data['user_id'], "user_name" => $data['user_name'], "user_status" => $data['user_status'], "news_date" => $data['news_datestamp'], "cat_id" => $data['news_cat'], "cat_name" => $data['news_cat_name'], "cat_image" => $news_cat_image, "news_subject" => $data['news_subject'], "news_ext" => "n", "news_reads" => $data['news_reads'], "news_comments" => dbcount("(comment_id)", DB_COMMENTS, "comment_type='N' AND comment_item_id='" . $data['news_id'] . "' AND comment_hidden='0'"), "news_allow_comments" => $data['news_allow_comments'], "news_sticky" => $data['news_sticky']);
add_to_title($locale['global_201'] . $news_subject);
echo "<!--news_pre_readmore-->";
render_news($news_subject, $news_news[$_GET['rowstart']], $news_info);
echo "<!--news_sub_readmore-->";
if ($pagecount > 1) {
echo "<div align='center' style='margin-top:5px;'>\n" . makepagenav($_GET['rowstart'], 1, $pagecount, 3, FUSION_SELF . "?readmore=" . $_GET['readmore'] . "&") . "\n</div>\n";
}
if ($data['news_allow_comments']) {
showcomments("N", DB_NEWS, "news_id", $_GET['readmore'], FUSION_SELF . "?readmore=" . $_GET['readmore']);
}
if ($data['news_allow_ratings']) {
showratings("N", $_GET['readmore'], FUSION_SELF . "?readmore=" . $_GET['readmore']);
}
} else {
redirect(FUSION_SELF);
$i++;
}
echo "</tr>\n</table>\n";
} else {
echo "<div style='text-align:center'><br />\n" . $locale['410'] . "<br /><br />\n</div>\n";
}
closetable();
} else {
if ($data = dbarray(dbquery("SELECT faq_cat_name,faq_cat_language FROM " . DB_FAQ_CATS . " " . (multilang_table("FQ") ? "WHERE faq_cat_language='" . LANGUAGE . "' AND" : "WHERE") . " faq_cat_id='" . $_GET['cat_id'] . "'"))) {
add_to_title($locale['global_201'] . $data['faq_cat_name']);
opentable($locale['401'] . ": " . $data['faq_cat_name']);
echo "<table cellpadding='0' cellspacing='1' width='100%'>\n<tr>\n";
echo "<td class='tbl2'>\n<a href='" . FUSION_SELF . "'>" . $locale['400'] . "</a> >";
echo "<a href='" . FUSION_SELF . "?cat_id=" . $_GET['cat_id'] . "'>" . $data['faq_cat_name'] . "</a></td>\n";
echo "</tr>\n</table>\n";
$rows = dbcount("(faq_id)", DB_FAQS, "faq_cat_id='" . $_GET['cat_id'] . "'");
if ($rows) {
$i = 0;
$ii = 1;
$columns = 4;
$faq_content = "";
echo "<table cellpadding='0' cellspacing='0' width='100%'>\n<tr>\n";
$result = dbquery("SELECT faq_id, faq_question, faq_answer from " . DB_FAQS . " WHERE faq_cat_id='" . $_GET['cat_id'] . "' ORDER BY faq_question");
$numrows = dbrows($result);
while ($data = dbarray($result)) {
if ($i != 0 && $i % $columns == 0) {
echo "</tr>\n<tr>\n";
}
echo "<td class='tbl1' width='25%'><a href='#faq_" . $data['faq_id'] . "'>" . $data['faq_question'] . "</a></td>";
$faq_content .= "<div class='" . ($ii % 2 == 0 ? "tbl1" : "tbl2") . "' style='display:block; padding:10px 5px'>\n";
$faq_content .= "<a id='faq_" . $data['faq_id'] . "'></a><strong>" . $data['faq_question'] . "</strong><br />\n" . nl2br(stripslashes($data['faq_answer']));
if (dbrows($result)) {
$data = dbarray($result);
if ($inf_version > $data['inf_version']) {
if (isset($inf_altertable) && is_array($inf_altertable) && count($inf_altertable)) {
for ($i = 1; $i < count($inf_altertable) + 1; $i++) {
$result = dbquery("ALTER TABLE " . $inf_altertable[$i]);
}
}
$result2 = dbquery("UPDATE " . DB_INFUSIONS . " SET inf_version='" . $inf_version . "' WHERE inf_id='" . $data['inf_id'] . "'");
}
} else {
if (isset($inf_adminpanel) && is_array($inf_adminpanel) && count($inf_adminpanel)) {
for ($i = 1; $i < count($inf_adminpanel) + 1; $i++) {
$error = 0;
$inf_admin_image = $inf_adminpanel[$i]['image'] ? $inf_adminpanel[$i]['image'] : "infusion_panel.gif";
if (!dbcount("(admin_id)", DB_ADMIN, "admin_rights='" . $inf_adminpanel[$i]['rights'] . "'")) {
$result = dbquery("INSERT INTO " . DB_ADMIN . " (admin_rights, admin_image, admin_title, admin_link, admin_page) VALUES ('" . $inf_adminpanel[$i]['rights'] . "', '" . $inf_admin_image . "', '" . $inf_adminpanel[$i]['title'] . "', '" . INFUSIONS . $inf_folder . "/" . $inf_adminpanel[$i]['panel'] . "', '4')");
$result = dbquery("SELECT user_id, user_rights FROM " . DB_USERS . " WHERE user_level='103'");
while ($data = dbarray($result)) {
$result2 = dbquery("UPDATE " . DB_USERS . " SET user_rights='" . $data['user_rights'] . "." . $inf_adminpanel[$i]['rights'] . "' WHERE user_id='" . $data['user_id'] . "'");
}
} else {
$error = 1;
}
}
}
if (!$error) {
if (isset($inf_sitelink) && is_array($inf_sitelink) && count($inf_sitelink)) {
for ($i = 1; $i < count($inf_sitelink) + 1; $i++) {
$link_order = dbresult(dbquery("SELECT MAX(link_order) FROM " . DB_SITE_LINKS), 0) + 1;
$result = dbquery("INSERT INTO " . DB_SITE_LINKS . " (link_name, link_url, link_visibility, link_position, link_window, link_order) VALUES ('" . $inf_sitelink[$i]['title'] . "', '" . str_replace("../", "", INFUSIONS) . $inf_folder . "/" . $inf_sitelink[$i]['url'] . "', '" . $inf_sitelink[$i]['visibility'] . "', '1', '0', '" . $link_order . "')");
echo "</td>\n</tr>\n";
} else {
echo "<tr>\n<td align='center' colspan='2' class='tbl'>" . $locale['451'] . "<br /><br />\n";
echo "<a href='" . FUSION_SELF . $aidlink . "&group_id=" . $_GET['group_id'] . "'>" . $locale['452'] . "</a>\n</td>\n</tr>\n";
}
echo "</table>\n</form>\n";
} else {
echo "<div style='text-align:center'><br />\n" . $locale['451'] . "<br />\n";
echo "<a href='" . FUSION_SELF . $aidlink . "&group_id=" . $_GET['group_id'] . "'>" . $locale['452'] . "</a><br />\n</div>\n";
}
}
closetable();
opentable($locale['460']);
echo "<form name='rem_users_form' method='post' action='" . FUSION_SELF . $aidlink . "&group_id=" . $_GET['group_id'] . "'>\n";
echo "<table cellpadding='0' cellspacing='1' class='table table-responsive tbl-border center'>\n";
$rows = dbcount("(user_id)", DB_USERS, "user_groups REGEXP('^\\\\.{$_GET['group_id']}\$|\\\\.{$_GET['group_id']}\\\\.|\\\\.{$_GET['group_id']}\$')");
if (!isset($_GET['rowstart']) || !isnum($_GET['rowstart'])) {
$_GET['rowstart'] = 0;
}
if ($rows) {
$i = 0;
$result = dbquery("SELECT user_id,user_name,user_level FROM " . DB_USERS . " WHERE user_groups REGEXP('^\\\\.{$_GET['group_id']}\$|\\\\.{$_GET['group_id']}\\\\.|\\\\.{$_GET['group_id']}\$') ORDER BY user_level DESC, user_name LIMIT {$_GET['rowstart']},20");
echo "<tr>\n<td class='tbl2'><strong>" . $locale['446'] . "</strong></td>\n";
echo "<td align='right' width='1%' class='tbl2' style='white-space:nowrap'><strong>" . $locale['447'] . "</strong></td>\n</tr>\n";
while ($data = dbarray($result)) {
$row_color = $i % 2 == 0 ? "tbl1" : "tbl2";
$i++;
echo "<tr>\n<td class='{$row_color}'><label><input type='checkbox' name='rem_check_mark[]' value='" . $data['user_id'] . "' /> " . $data['user_name'] . "</td>\n<td align='right' width='1%' class='{$row_color}' style='white-space:nowrap'>" . getuserlevel($data['user_level']) . "</label></td>\n</tr>";
}
echo "<tr>\n<td colspan='2' class='tbl1'>\n";
echo "<div class='btn-group'>\n";
unset($sec_data);
} else {
$error .= "· " . $locale['414'] . "<br />\n";
}
unset($sec_result);
}
}
// <-
$email_domain = substr(strrchr($email, "@"), 1);
if (dbcount("(blacklist_id)", DB_BLACKLIST, "blacklist_email='{$email}' OR blacklist_email='{$email_domain}'") != 0) {
$error = "· " . $locale['411'] . "<br />\n";
}
if (dbcount("(user_id)", DB_USERS, "user_name='{$username}'") != 0) {
$error = "· " . $locale['407'] . "<br />\n";
}
if (dbcount("(user_id)", DB_USERS, "user_email='{$email}'") != 0) {
$error = "· " . $locale['408'] . "<br />\n";
}
if ($settings['email_verification'] == "1") {
$result = dbquery("SELECT user_email, user_info FROM " . DB_NEW_USERS);
while ($new_users = dbarray($result)) {
$user_info = unserialize($new_users['user_info']);
if ($new_users['user_email'] == $email) {
$error = "· " . $locale['409'] . "<br />\n";
}
if ($user_info['user_name'] == $username) {
$error = "· " . $locale['407'] . "<br />\n";
break;
}
}
}
}
echo "<textarea name='archive_shout_message' rows='4' cols='50' class='textbox'>" . $archive_shout_message . "</textarea><br />\n";
echo "<div style='text-align:center'>" . display_bbcodes("100%", "archive_shout_message", "archive_form", "smiley|b|i|u|url|color") . "</div>\n";
if (iGUEST) {
echo $locale['SB_validation_code'] . "<br />\n";
echo "<img id='captcha' src='" . INCLUDES . "captchas/securimage/securimage_show.php' alt='' /><br />\n";
echo "<a href='" . INCLUDES . "captchas/securimage/securimage_play.php'><img src='" . INCLUDES . "captchas/securimage/images/audio_icon.gif' alt='' class='tbl-border' style='margin-bottom:1px' /></a>\n";
echo "<a href='#' onclick=\"document.getElementById('captcha').src = '" . INCLUDES . "captchas/securimage/securimage_show.php?sid=' + Math.random(); return false\"><img src='" . INCLUDES . "captchas/securimage/images/refresh.gif' alt='' class='tbl-border' /></a><br />\n";
echo $locale['SB_enter_validation_code'] . "<br />\n<input type='text' name='captcha_code' class='textbox' style='width:100px' /><br />\n";
}
echo "<br /><input type='submit' name='post_archive_shout' value='" . $locale['SB_shout'] . "' class='button' />\n";
echo "</div>\n</form>\n<br />\n";
} else {
echo "<div style='text-align:center'>" . $locale['SB_login_req'] . "</div>\n";
}
$rows = dbcount("(shout_id)", DB_SHOUTBOX, "shout_hidden='0'");
if (!isset($_GET['rowstart']) || !isnum($_GET['rowstart'])) {
$_GET['rowstart'] = 0;
}
if ($rows != 0) {
$result = dbquery("SELECT s.shout_id, s.shout_name, s.shout_message, s.shout_datestamp, u.user_id, u.user_name, u.user_status\r\n\t\tFROM " . DB_SHOUTBOX . " s\r\n\t\tLEFT JOIN " . DB_USERS . " u ON s.shout_name=u.user_id\r\n\t\t" . (multilang_table("SB") ? "WHERE shout_language='" . LANGUAGE . "' AND" : "WHERE") . " s.shout_hidden='0'\r\n\t\tORDER BY s.shout_datestamp DESC LIMIT " . $_GET['rowstart'] . ",20");
while ($data = dbarray($result)) {
echo "<div class='tbl2'>\n";
if (iADMIN && checkrights("S") || iMEMBER && $data['shout_name'] == $userdata['user_id'] && isset($data['user_name'])) {
echo "<div style='float:right'>\n<a href='" . FUSION_SELF . "?action=edit&shout_id=" . $data['shout_id'] . "'>" . $locale['SB_edit'] . "</a> |\n";
echo "<a href='" . FUSION_SELF . "?action=delete&shout_id=" . $data['shout_id'] . "'>" . $locale['SB_delete'] . "</a>\n</div>\n";
}
if ($data['user_name']) {
echo "<span class='comment-name'><span class='slink'>" . profile_link($data['user_id'], $data['user_name'], $data['user_status']) . "</span>\n</span>\n";
} else {
echo "<span class='comment-name'>" . $data['shout_name'] . "</span>\n";
} else {
require_once INCLUDES . "html_buttons_include.php";
}
if (isset($_GET['status']) && !isset($message)) {
if ($_GET['status'] == "sn") {
$message = $locale['410'];
} elseif ($_GET['status'] == "su") {
$message = $locale['411'];
} elseif ($_GET['status'] == "del") {
$message = $locale['412'];
}
if ($message) {
echo "<div id='close-message'><div class='alert alert-info m-t-10 admin-message'>" . $message . "</div></div>\n";
}
}
$result = dbcount("(article_cat_id)", DB_ARTICLE_CATS);
if (!empty($result)) {
if (isset($_POST['save'])) {
$subject = stripinput($_POST['subject']);
$body = addslash($_POST['body']);
$body2 = addslash($_POST['body2']);
$draft = isset($_POST['article_draft']) ? "1" : "0";
if ($settings['tinymce_enabled'] != 1) {
$breaks = isset($_POST['line_breaks']) ? "y" : "n";
} else {
$breaks = "n";
}
$comments = isset($_POST['article_comments']) ? "1" : "0";
$ratings = isset($_POST['article_ratings']) ? "1" : "0";
if (isset($_POST['article_id']) && isnum($_POST['article_id']) && !defined("FUSION_NULL")) {
$result = dbquery("UPDATE " . DB_ARTICLES . " SET article_cat='" . intval($_POST['article_cat']) . "', article_subject='{$subject}', article_snippet='{$body}', article_article='{$body2}', article_draft='{$draft}', article_breaks='{$breaks}', article_allow_comments='{$comments}', article_allow_ratings='{$ratings}' WHERE article_id='" . $_POST['article_id'] . "'");
$result = dbquery("SELECT p.*, fa.attach_id, fa.attach_name, fa.attach_ext, fa.attach_size, u.*, u2.user_name AS edit_name\n\t\tFROM " . DB_POSTS . " p\n\t\tLEFT JOIN " . DB_FORUM_ATTACHMENTS . " fa USING(post_id)\n\t\tLEFT JOIN " . DB_USERS . " u ON p.post_author = u.user_id\n\t\tLEFT JOIN " . DB_USERS . " u2 ON p.post_edituser = u2.user_id AND post_edituser > '0'\n\t\tWHERE p.thread_id='" . $_GET['thread_id'] . "' ORDER BY post_datestamp LIMIT " . $_GET['rowstart'] . ",{$posts_per_page}");
if (iMOD) {
echo "<form name='mod_form' method='post' action='" . FUSION_SELF . "?thread_id=" . $_GET['thread_id'] . "&rowstart=" . $_GET['rowstart'] . "'>\n";
}
echo "<table cellpadding='0' cellspacing='1' width='100%' class='tbl-border forum_thread_table'>\n";
$numrows = dbrows($result);
$current_row = 1;
while ($data = dbarray($result)) {
$message = $data['post_message'];
if ($data['post_smileys']) {
$message = parsesmileys($message);
}
if ($current_row == 1) {
echo "<tr>\n<td colspan='2' class='tbl2'>\n<div style='float:right' class='small'>";
if (iMEMBER && $settings['thread_notify']) {
if (dbcount("(thread_id)", DB_THREAD_NOTIFY, "thread_id='" . $_GET['thread_id'] . "' AND notify_user='******'user_id'] . "'")) {
$result2 = dbquery("UPDATE " . DB_THREAD_NOTIFY . " SET notify_datestamp='" . time() . "', notify_status='1' WHERE thread_id='" . $_GET['thread_id'] . "' AND notify_user='******'user_id'] . "'");
echo "<a href='postify.php?post=off&forum_id=" . $fdata['forum_id'] . "&thread_id=" . $_GET['thread_id'] . "'>" . $locale['515'] . "</a>";
} else {
echo "<a href='postify.php?post=on&forum_id=" . $fdata['forum_id'] . "&thread_id=" . $_GET['thread_id'] . "'>" . $locale['516'] . "</a>";
}
}
echo " <a href='" . BASEDIR . "print.php?type=F&thread=" . $_GET['thread_id'] . "'><img src='" . get_image("printer") . "' alt='" . $locale['519'] . "' title='" . $locale['519'] . "' style='border:0;vertical-align:middle' /></a></div>\n";
add_to_title($locale['global_201'] . $fdata['thread_subject']);
echo "<div style='float:left' class='forum_thread_title'><!--forum_thread_title--><strong>" . $fdata['thread_subject'] . "</strong></div>\n</td>\n</tr>\n";
}
echo "<!--forum_thread_prepost_" . $current_row . "-->\n";
if ($current_row > 1) {
echo "<tr>\n<td colspan='2' class='tbl1' style='height:10px'></td>\n</tr>\n";
}
echo "<tr>\n<td class='tbl2 forum_thread_user_name' style='width:140px'><!--forum_thread_user_name--><a href='" . BASEDIR . "profile.php?lookup=" . $data['user_id'] . "'>" . $data['user_name'] . "</a></td>\n";
