/** * Link ID validation * @param $link_id * @return bool|string */ public static function verify_sitelinks($link_id) { if (isnum($link_id)) { return dbcount("(link_id)", DB_SITE_LINKS, "link_id='" . intval($link_id) . "'"); } return FALSE; }
/** * Cast Question Votes * @param $info * @param int $points * @todo: move and improvise the voting system */ function set_forumVotes($info, $points = 0) { global $userdata; // @todo: extend on user's rank threshold before can vote. - Reputation threshold- Roadmap 9.1 // @todo: allow multiple votes / drop $res - Roadmap 9.1 if (checkgroup($info['forum_vote']) && dbcount("('thread_id')", DB_FORUM_THREADS, "thread_locked='0'")) { $data = array('forum_id' => $_GET['forum_id'], 'thread_id' => $_GET['thread_id'], 'post_id' => $_GET['post_id'], 'vote_points' => $points, 'vote_user' => $userdata['user_id'], 'vote_datestamp' => time()); $hasVoted = dbcount("('vote_user')", DB_FORUM_VOTES, "vote_user='******'user_id']) . "' AND thread_id='" . intval($_GET['thread_id']) . "'"); if (!$hasVoted) { $isSelfPost = dbcount("('post_id')", DB_FORUM_POSTS, "post_id='" . intval($_GET['post_id']) . "' AND post_user='******'user_id']) . ""); if (!$isSelfPost) { $result = dbquery_insert(DB_FORUM_VOTES, $data, 'save', array('noredirect' => 1, 'no_unique' => 1)); if ($result && $info['forum_answer_threshold'] > 0) { $vote_result = dbquery("SELECT SUM('vote_points'), thread_id FROM " . DB_FORUM_VOTES . " WHERE post_id='" . $data['post_id'] . "'"); $v_data = dbarray($vote_result); if ($info['forum_answer_threshold'] != 0 && $v_data['vote_points'] >= $info['forum_answer_threshold']) { $result = dbquery("UPDATE " . DB_FORUM_THREADS . " SET 'thread_locked'='1' WHERE thread_id='" . $v_data['thread_id'] . "'"); } } redirect(FORUM . "viewthread.php?thread_id=" . $_GET['thread_id'] . "&post_id=" . $_GET['post_id']); } else { redirect(FORUM . "viewthread.php?thread_id=" . $_GET['thread_id'] . "&post_id=" . $_GET['post_id'] . '&error=vote_self'); } } else { redirect(FORUM . "viewthread.php?thread_id=" . $_GET['thread_id'] . "&post_id=" . $_GET['post_id'] . '&error=vote'); } } }
/** * Verify Post ID * @param $post_id * @return bool|string */ public static function verify_post($post_id) { if (isnum($post_id)) { return dbcount("('post_id')", DB_FORUM_POSTS, "post_id='" . $post_id . "'"); } return FALSE; }
function flood_control($field, $table, $where) { global $userdata, $settings, $locale; $flood = false; if (!iSUPERADMIN && !iADMIN && (!defined("iMOD") || !iMOD)) { $result = dbquery("SELECT MAX(" . $field . ") AS last_post FROM " . $table . " WHERE " . $where); if (dbrows($result)) { $data = dbarray($result); if (time() - $data['last_post'] < $settings['flood_interval']) { $flood = true; $result = dbquery("INSERT INTO " . DB_FLOOD_CONTROL . " (flood_ip, flood_timestamp) VALUES ('" . USER_IP . "', '" . time() . "')"); if (dbcount("(flood_ip)", DB_FLOOD_CONTROL, "flood_ip='" . USER_IP . "'") > 4) { if (iMEMBER && $settings['flood_autoban'] == "1") { require_once INCLUDES . "sendmail_include.php"; require_once INCLUDES . "suspend_include.php"; $result = dbquery("UPDATE " . DB_USERS . " SET user_status='4', user_actiontime='0' WHERE user_id='" . $userdata['user_id'] . "'"); suspend_log($userdata['user_id'], 4, $locale['global_440'], true); $message = str_replace("[USER_NAME]", $userdata['user_name'], $locale['global_442']); sendemail($userdata['user_name'], $userdata['user_email'], $settings['siteusername'], $settings['siteemail'], $locale['global_441'], $message); } elseif (!iMEMBER) { $result = dbquery("INSERT INTO " . DB_BLACKLIST . " (blacklist_ip, blacklist_email, blacklist_reason) VALUES ('" . USER_IP . "', '', '" . $locale['global_440'] . "')"); } } } } } return $flood; }
public function __construct() { if (empty(self::$locale)) { $locale = fusion_get_locale('', LOCALE . LOCALESET . "admin/errors.php"); $locale += fusion_get_locale('', LOCALE . LOCALESET . "errors.php"); self::$locale += $locale; } $this->error_status = filter_input(INPUT_POST, 'error_status', FILTER_VALIDATE_INT, array('min_range' => 0, 'max_range' => 2)); $this->posted_error_id = filter_input(INPUT_POST, 'error_id', FILTER_VALIDATE_INT); $this->delete_status = filter_input(INPUT_POST, 'delete_status', FILTER_VALIDATE_INT, array('min_range' => 0, 'max_range' => 2)); $this->rowstart = filter_input(INPUT_GET, 'rowstart', FILTER_VALIDATE_INT) ?: 0; $this->error_id = filter_input(INPUT_GET, 'error_id', FILTER_VALIDATE_INT); if (isnum($this->error_status) && $this->posted_error_id) { dbquery("UPDATE " . DB_ERRORS . " SET error_status='" . $this->error_status . "' WHERE error_id='" . $this->posted_error_id . "'"); redirect(FUSION_REQUEST); } if (isset($_POST['delete_entries']) && isnum($this->delete_status)) { dbquery("DELETE FROM " . DB_ERRORS . " WHERE error_status='" . $_POST['delete_status'] . "'"); $source_redirection_path = preg_replace("~" . fusion_get_settings("site_path") . "~", "", FUSION_REQUEST, 1); redirect(fusion_get_settings("siteurl") . $source_redirection_path); } $result = dbquery("SELECT * FROM " . DB_ERRORS . " ORDER BY error_timestamp DESC LIMIT " . $this->rowstart . ",20"); while ($data = dbarray($result)) { $this->errors[$data['error_id']] = $data; } $this->rows = $this->errors ? dbcount('(error_id)', DB_ERRORS) : 0; }
protected function check_duplicate_ranks() { global $aidlink; $comparing_data = dbarray(dbquery("SELECT rank_apply FROM " . DB_FORUM_RANKS . " WHERE rank_id='" . $this->data['rank_id'] . "'")); if ($this->data['rank_apply'] < USER_LEVEL_MEMBER && $this->data['rank_apply'] != $comparing_data['rank_apply'] && dbcount("(rank_id)", DB_FORUM_RANKS, (multilang_table("FR") ? "rank_language='" . LANGUAGE . "' AND" : "") . "\n rank_id!='" . $this->data['rank_id'] . "' AND rank_apply='" . $this->data['rank_apply'] . "'")) { addNotice('info', self::$locale['413']); redirect(FUSION_SELF . $aidlink . '§ion=fr'); } return FALSE; }
function EnterResult($tid, $round, $match, $score1, $score2) { $result1 = dbquery("SELECT * FROM " . DB_T_MATCHES . " WHERE match_round='" . $round . "' AND match_match='" . $match . "' AND match_tour='" . $tid . "'"); $data1 = dbarray($result1); if ($score1 > $score2) { $winner = $data1['match_pl1']; $looser = $data1['match_pl2']; } else { $winner = $data1['match_pl2']; $looser = $data1['match_pl1']; } $result = dbquery("UPDATE " . DB_T_MATCHES . " SET match_score1='" . $score1 . "', match_score2='" . $score2 . "', match_winner='" . $winner . "', match_played='1' WHERE match_round='" . $round . "' AND match_match='" . $match . "' AND match_tour='" . $tid . "'"); $pl = dbcount("(player_id)", DB_T_PLAYERS, "player_tour='" . $tid . "' AND player_checkin='1'"); $max = getMaxPl($pl); $rounds = log($max) / log(2); if ($round == $rounds) { //fin12 $set_w1 = dbquery("UPDATE " . DB_T_TOURS . " SET tour_w1='" . $winner . "', tour_w2='" . $looser . "' WHERE tour_id='" . $tid . "'"); $check_f = dbarray(dbquery("SELECT tour_w3, tour_w4 FROM " . DB_T_TOURS . " WHERE tour_id='" . $tid . "'")); if ($check_f['tour_w3'] != "0" && $check_f['tour_w4'] != "0") { $fin = dbquery("UPDATE " . DB_T_TOURS . " SET tour_finished='1' WHERE tour_id='" . $tid . "'"); } } elseif ($round == $rounds + 1) { //fin34 $set_w3 = dbquery("UPDATE " . DB_T_TOURS . " SET tour_w3='" . $winner . "', tour_w4='" . $looser . "' WHERE tour_id='" . $tid . "'"); $check_f = dbarray(dbquery("SELECT tour_w1, tour_w2 FROM " . DB_T_TOURS . " WHERE tour_id='" . $tid . "'")); if ($check_f['tour_w1'] != "0" && $check_f['tour_w2'] != "0") { $fin = dbquery("UPDATE " . DB_T_TOURS . " SET tour_finished='1' WHERE tour_id='" . $tid . "'"); } } else { //just enter if ($match % 2 == 1) { $nextround = $round + 1; $nextmatch = ($match + 1) / 2; $result2 = dbquery("UPDATE " . DB_T_MATCHES . " SET match_pl1='" . $winner . "' WHERE match_round='" . $nextround . "' AND match_match='" . $nextmatch . "' AND match_tour='" . $tid . "'"); if ($round == $rounds - 1) { //looser to fin34 $x = $rounds + 1; $result3 = dbquery("UPDATE " . DB_T_MATCHES . " SET match_pl1='" . $looser . "' WHERE match_round='" . $x . "' AND match_match='1' AND match_tour='" . $tid . "'"); } } if ($match % 2 == 0) { $nextround = $round + 1; $nextmatch = $match / 2; $result2 = dbquery("UPDATE " . DB_T_MATCHES . " SET match_pl2='" . $winner . "' WHERE match_round='" . $nextround . "' AND match_match='" . $nextmatch . "' AND match_tour='" . $tid . "'"); if ($round == $rounds - 1) { //looser to fin34 $x = $rounds + 1; $result2 = dbquery("UPDATE " . DB_T_MATCHES . " SET match_pl2='" . $looser . "' WHERE match_round='" . $x . "' AND match_match='1' AND match_tour='" . $tid . "'"); } } } }
function faq_listing() { global $locale, $aidlink, $show_faqs; $total_cat_count = dbcount("(faq_cat_id)", DB_FAQ_CATS, multilang_table("FQ") ? "faq_cat_language='" . LANGUAGE . "'" : ""); $_GET['show_faq'] = isset($_GET['show_faq']) && isnum($_GET['show_faq']) ? $_GET['show_faq'] : 0; $_GET['rowstart'] = isset($_GET['rowstart']) && isnum($_GET['rowstart']) && $_GET['rowstart'] <= $total_cat_count ? $_GET['rowstart'] : 0; $result = dbquery("SELECT fc.faq_cat_id, fc.faq_cat_name,\n\tcount(faq_id) 'faq_count'\n\tFROM " . DB_FAQ_CATS . " fc\n\tleft join " . DB_FAQS . " f using (faq_cat_id)\n\t" . (multilang_table("FQ") ? "WHERE fc.faq_cat_language='" . LANGUAGE . "'" : "") . "\n\tgroup by fc.faq_cat_id\n\tORDER BY fc.faq_cat_name\n\tlimit " . intval($_GET['rowstart']) . ", " . intval($show_faqs) . "\n\t"); $cat_rows = dbrows($result); if ($cat_rows > 0) { echo "<div class='m-t-10'>\n"; echo "<div class='clearfix'>\n"; if ($total_cat_count > $cat_rows) { echo "<div class='pull-right'>\n"; echo makepagenav($_GET['rowstart'], $show_faqs, $total_cat_count, 3, FUSION_SELF . $aidlink . "&", "rowstart"); echo "</div>\n"; } echo sprintf($locale['faq_0115'], $cat_rows, $total_cat_count); echo "</div>\n"; echo "</div>\n"; echo "<table class='table table-responsive table-striped m-t-20'>\n<thead><tr>\n"; echo "<th class='col-xs-4'>" . $locale['faq_0103'] . "</th>\n"; echo "<th>" . $locale['faq_0104'] . "</th>\n"; echo "<th>" . $locale['faq_0105'] . "</th>\n"; echo "<th class='text-right'>" . $locale['faq_0106'] . "</th>\n"; echo "</tr>\n"; echo "</thead>\n<tbody>\n"; while ($data = dbarray($result)) { echo "<tr>\n"; // let us use 2 page nav. :) echo "<td><a href='" . FUSION_SELF . $aidlink . "&show_faq=" . $data['faq_cat_id'] . "'>" . $data['faq_cat_name'] . "</a></td>\n"; echo "<td><span class='badge'>" . $data['faq_count'] . "</span></td>\n"; echo "<td>" . $data['faq_cat_id'] . "</td>\n"; echo "<td class='text-right'>\n\t\t\t<a href='" . FUSION_SELF . $aidlink . "&action=edit&cat_id=" . $data['faq_cat_id'] . "&section=faq-category'>" . $locale['faq_0107'] . "</a> -\n"; echo "<a href='" . FUSION_SELF . $aidlink . "&action=delete&cat_id=" . $data['faq_cat_id'] . "&section=faq-category' onclick=\"return confirm('" . $locale['faq_0109'] . "');\">" . $locale['faq_0108'] . "</a></td>\n"; echo "</tr>\n"; if ($_GET['show_faq'] == $data['faq_cat_id']) { show_faq($data['faq_cat_id'], $data['faq_count']); } } // simple toggle add_to_jquery("\n\t\t\$('.faq_toggle').bind('click', function() {\n\t\t\tvar faqs = \$(this).data('target');\n\t\t\tvar faq_length = \$('#' + faqs + ':visible').length;\n\t\t\t\$('.faq_list').hide();\n\t\t\tif (faq_length > 0) {\n\t\t\t\t\$('#'+faqs).hide();\n\t\t\t} else {\n\t\t\t\t\$('#'+faqs).show();\n\t\t\t}\n\t\t});\n\t\t"); echo "</table>\n"; } else { echo "<div class='well text-center'>" . $locale['faq_0116'] . "<br />\n</div>\n"; } }
/** * Display Login form * @param array $info */ function display_loginform(array $info) { global $locale, $userdata, $aidlink; opentable($locale['global_100']); if (iMEMBER) { $msg_count = dbcount("(message_id)", DB_MESSAGES, "message_to='" . $userdata['user_id'] . "' AND message_read='0' AND message_folder='0'"); opentable($userdata['user_name']); echo "<div style='text-align:center'><br />\n"; echo THEME_BULLET . " <a href='" . BASEDIR . "edit_profile.php' class='side'>" . $locale['global_120'] . "</a><br />\n"; echo THEME_BULLET . " <a href='" . BASEDIR . "messages.php' class='side'>" . $locale['global_121'] . "</a><br />\n"; echo THEME_BULLET . " <a href='" . BASEDIR . "members.php' class='side'>" . $locale['global_122'] . "</a><br />\n"; if (iADMIN && (iUSER_RIGHTS != "" || iUSER_RIGHTS != "C")) { echo THEME_BULLET . " <a href='" . ADMIN . "index.php" . $aidlink . "' class='side'>" . $locale['global_123'] . "</a><br />\n"; } echo THEME_BULLET . " <a href='" . BASEDIR . "index.php?logout=yes' class='side'>" . $locale['global_124'] . "</a>\n"; if ($msg_count) { echo "<br /><br />\n"; echo "<strong><a href='" . BASEDIR . "messages.php' class='side'>" . sprintf($locale['global_125'], $msg_count); echo ($msg_count == 1 ? $locale['global_126'] : $locale['global_127']) . "</a></strong>\n"; } echo "<br /><br /></div>\n"; } else { echo "<div id='login_form' class='panel panel-default text-center text-dark'>\n"; if (fusion_get_settings("sitebanner")) { echo "<a class='display-inline-block' href='" . BASEDIR . fusion_get_settings("opening_page") . "'><img src='" . BASEDIR . fusion_get_settings("sitebanner") . "' alt='" . fusion_get_settings("sitename") . "'/></a>\n"; } else { echo "<a class='display-inline-block' href='" . BASEDIR . fusion_get_settings("opening_page") . "'>" . fusion_get_settings("sitename") . "</a>\n"; } echo "<div class='panel-body text-center'>\n"; echo $info['open_form']; echo $info['user_name']; echo $info['user_pass']; echo $info['remember_me']; echo $info['login_button']; echo $info['registration_link'] . "<br/><br/>"; echo $info['forgot_password_link'] . "<br/><br/>"; echo $info['close_form']; echo "</div>\n"; echo "</div>\n"; } closetable(); }
function flood_control($field, $table, $where, $debug = FALSE) { global $userdata, $settings, $locale, $defender; $flood = FALSE; if (!iSUPERADMIN && !iADMIN && (!defined("iMOD") || !iMOD) || $debug) { $result = dbquery("SELECT MAX(" . $field . ") AS last_post FROM " . $table . " WHERE " . $where); if (dbrows($result)) { $time = time(); $data = dbarray($result); if ($time - $data['last_post'] < $settings['flood_interval']) { $defender->stop(); addNotice('warning', sprintf($locale['flood'], countdown($settings['flood_interval'] - ($time - $data['last_post'])))); $flood = TRUE; $result = dbquery("INSERT INTO " . DB_FLOOD_CONTROL . " (flood_ip, flood_ip_type, flood_timestamp) VALUES ('" . USER_IP . "', '" . USER_IP_TYPE . "', '" . time() . "')"); // This should be in settings, "After how many flood offences take action" then a setting for what action to take if (dbcount("(flood_ip)", DB_FLOOD_CONTROL, "flood_ip='" . USER_IP . "'") > 4) { if (!$debug) { if (iMEMBER && $settings['flood_autoban'] == "1") { require_once INCLUDES . "sendmail_include.php"; require_once INCLUDES . "suspend_include.php"; $result = dbquery("UPDATE " . DB_USERS . " SET user_status='4', user_actiontime='0' WHERE user_id='" . $userdata['user_id'] . "'"); suspend_log($userdata['user_id'], 4, $locale['global_440'], TRUE); $message = str_replace("[USER_NAME]", $userdata['user_name'], $locale['global_442']); $message = str_replace("[USER_IP]", USER_IP, $message); $message = str_replace("[USER_IP]", USER_IP, $message); $message = str_replace("[SITE_EMAIL]", $settings['siteemail'], $message); $message = str_replace("[SITEUSERNAME]", $settings['siteusername'], $message); $subject = str_replace("[SITENAME]", $settings['sitename'], $locale['global_441']); sendemail($userdata['user_name'], $userdata['user_email'], $settings['siteusername'], $settings['siteemail'], $subject, $message); } elseif (!iMEMBER) { $result = dbquery("INSERT INTO " . DB_BLACKLIST . " (blacklist_ip, blacklist_ip_type, blacklist_email, blacklist_reason) VALUES ('" . USER_IP . "', '" . USER_IP_TYPE . "', '', '" . $locale['global_440'] . "')"); } } else { addNotice('info', "DEBUG MESSAGE: Triggered flood control action due to repeated offences. This could've resulted in a ban or suspenstion"); } } } } } return $flood; }
function pif_cache($cache) { global $pif_cache, $pif_global; switch ($cache) { case "total_reg_users": if (!array_key_exists("total_reg_users", $pif_cache) || $pif_cache['total_reg_users'] == '') { $in = ""; foreach ($pif_global['visible_members'] as $value) { $in .= $in != '' ? ", " : ""; $in .= $value; } $pif_cache['total_reg_users'] = number_format(dbcount("(user_id)", DB_USERS, "user_status IN(" . $in . ")")); } break; case "newest_reg_member": if (!array_key_exists("newest_reg_member", $pif_cache) || !is_array($pif_cache['newest_reg_member'])) { $pif_cache['newest_reg_member'] = array(); list($pif_cache['newest_reg_member']['user_id'], $pif_cache['newest_reg_member']['user_name'], $pif_cache['newest_reg_member']['user_status']) = dbarraynum(dbquery("SELECT user_id, user_name, user_status FROM " . DB_USERS . " WHERE user_status='0' ORDER BY user_joined DESC LIMIT 0,1")); } break; case "online_users": if (!array_key_exists("online_users", $pif_cache) || !is_array($pif_cache['online_users'])) { $pif_cache['online_users'] = array(); $result = dbquery("SELECT ton.online_user, tu.user_id, tu.user_name, tu.user_status, tu.user_level FROM " . DB_ONLINE . " ton\r\n\t\tLEFT JOIN " . DB_USERS . " tu ON ton.online_user=tu.user_id"); $pif_cache['online_users']['guests'] = 0; $pif_cache['online_users']['members'] = array(); while ($data = dbarray($result)) { if ($data['online_user'] == "0") { $pif_cache['online_users']['guests']++; } else { array_push($pif_cache['online_users']['members'], array("user_id" => $data['user_id'], "user_name" => $data['user_name'], "user_status" => $data['user_status'], "user_level" => $data['user_level'])); } } } break; default: echo "Cache Error"; } }
function article_admin_editlist($id) { global $data; $editlist = ""; $sel = ""; $checkparent = dbcount("(article_cat_id)", DB_ARTICLE_CATS, "article_cat_parent='" . (int) $id . "'"); $result2 = dbquery("SELECT article_cat_id, article_cat_name FROM " . DB_ARTICLE_CATS . " WHERE article_cat_parent='0' ORDER BY article_cat_name"); if (dbrows($result2) != 0) { $editlist .= "<option value='0'" . $sel . "><span class='small'></span></option>\n"; while ($data2 = dbarray($result2)) { if (isset($_GET['action']) && $_GET['action'] == "edit") { $sel = $data['article_cat_parent'] == $data2['article_cat_id'] ? " selected='selected'" : ""; } if (isset($_GET['action']) && $_GET['action'] == "edit" && $_GET['cat_id'] != $data2['article_cat_id'] && $checkparent == 0) { $editlist .= "<option value='" . $data2['article_cat_id'] . "'{$sel}>" . $data2['article_cat_name'] . "</option>\n"; } elseif (!isset($_GET['action'])) { $editlist .= "<option value='" . $data2['article_cat_id'] . "'{$sel}>" . $data2['article_cat_name'] . "</option>\n"; } } } return $editlist; }
function flood_control($field, $table, $where) { global $userdata, $settings; $flood = false; if (!iSUPERADMIN && !iADMIN && (!defined("iMOD") || !iMOD)) { $result = dbquery("SELECT MAX(" . $field . ") AS last_post FROM " . $table . " WHERE " . $where); if (dbrows($result)) { $data = dbarray($result); if (time() - $data['last_post'] < $settings['flood_interval']) { $flood = true; $result = dbquery("INSERT INTO " . DB_FLOOD_CONTROL . " (flood_ip, flood_timestamp) VALUES ('" . USER_IP . "', '" . time() . "')"); if (dbcount("(flood_ip)", DB_FLOOD_CONTROL, "flood_ip='" . USER_IP . "'") > 4) { if (iMEMBER) { $result = dbquery("UPDATE " . DB_USERS . " SET user_status='1' WHERE user_id='" . $userdata['user_id'] . "'"); } else { $result = dbquery("INSERT INTO " . DB_BLACKLIST . " (blacklist_ip, blacklist_email, blacklist_reason) VALUES ('" . USER_IP . "', '', 'Automatic Ban')"); } } } } } return $flood; }
public function checkPasswordRequest($email, $account) { if (!$this->_isValidEMailAddress($email)) { return FALSE; } if (preg_match("/^[0-9a-z]{32}\$/", $account) && dbcount("(user_id)", DB_USERS, "user_email='" . $email . "' AND user_algo='md5'") || preg_match("/^[0-9a-z]{64}\$/", $account)) { $result = dbquery("SELECT user_name FROM " . DB_USERS . " WHERE user_email='" . $email . "' AND user_password='******'"); if (dbrows($result)) { $data = dbarray($result); $this->_userName = $data['user_name']; $this->_newPassword = $this->getNewPassword(); $this->_setNewHash($this->_newPassword); $this->_sendNewPassword(); return TRUE; } else { $this->_error = 3; return FALSE; } } else { $this->_error = 3; return FALSE; } }
function count_bew($type = "all") { //global $locale; if ($type == "all") { $newbew = dbcount("(pr_id)", PR_DB_BEWERBUNG, "pr_status = '1'"); $beabew = dbcount("(pr_id)", PR_DB_BEWERBUNG, "pr_status = '2'"); $einbew = dbcount("(pr_id)", PR_DB_BEWERBUNG, "pr_status = '3'"); $delbew = dbcount("(pr_id)", PR_DB_BEWERBUNG, "pr_status = '4'"); echo THEME_BULLET . " "; if ($newbew == '0') { echo "Keine neuen Bewerbungen<br>"; } elseif ($newbew == '1') { echo "<b><font color='red'>" . $newbew . " neue Bewerbung<br></font></b>"; } else { echo "<b><font color='red'>" . $newbew . " neue Bewerbungen<br></font></b>"; } echo "<br />" . THEME_BULLET . " "; if ($beabew == '1') { echo "" . $beabew . " Bewerbung ist in Bearbeitung<br>"; } else { echo "" . $beabew . " Bewerbungen sind in Bearbeitung<br>"; } echo "<br />"; if (iSUPERADMIN) { echo THEME_BULLET . " "; if ($delbew == '1') { echo "" . $delbew . " Bewerbung wurde gelöscht"; } else { echo "" . $delbew . " Bewerbungen wurden gelöscht"; } echo "<br />"; } } else { $count = dbcount("(pr_id)", PR_DB_BEWERBUNG, "pr_status = {$type}"); return $count; } }
} else { $poll = ""; $i = 0; $num_opts = count($poll_option); $poll_votes = dbcount("(vote_opt)", DB_POLL_VOTES, "poll_id='" . $data['poll_id'] . "'"); while ($i < $num_opts) { $num_votes = dbcount("(vote_opt)", DB_POLL_VOTES, "vote_opt='{$i}' AND poll_id='" . $data['poll_id'] . "'"); $opt_votes = $poll_votes ? number_format(100 / $poll_votes * $num_votes) : 0; $poll .= progress_bar($opt_votes, $poll_option[$i]); $poll .= "<div>" . $opt_votes . "% [" . (empty($num_votes) ? 0 : $num_votes) . ($num_votes == 1 ? $locale['global_133'] : $locale['global_134']) . "]</div><br />\n"; $i++; } echo "<strong>" . $poll_title . "</strong><br /><br />\n" . $poll; echo "<div style='text-align:center'>" . $locale['global_135'] . $poll_votes . "<br />\n"; if (!iMEMBER) { echo $locale['global_132'] . "<br />"; } echo $locale['global_136'] . showdate("shortdate", $data['poll_started']); if ($data['poll_ended'] > 0) { echo "<br />\n" . $locale['global_137'] . showdate("shortdate", $data['poll_ended']) . "\n"; } $result = dbcount("(poll_id)", DB_POLLS); if ($result > 1) { echo "<br /><br /><a href='" . INFUSIONS . "member_poll_panel/polls_archive.php' class='side'>" . $locale['global_138'] . "</a>\n"; } echo "</div>\n"; } } else { echo "<div style='text-align:center'>" . $locale['global_142'] . "</div>\n"; } closeside();
/*-------------------------------------------------------+ | PHP-Fusion Content Management System | Copyright (C) 2002 - 2013 Nick Jones | http://www.php-fusion.co.uk/ +--------------------------------------------------------+ | Filename: user_comments-stat_include.php | Author: Digitanium +--------------------------------------------------------+ | This program is released as free software under the | Affero GPL license. You can redistribute it and/or | modify it under the terms of this license which you | can read by viewing the included agpl.txt or online | at www.gnu.org/licenses/agpl.html. Removal of this | copyright header is strictly prohibited without | written permission from the original author(s). +--------------------------------------------------------*/ if (!defined("IN_FUSION")) { die("Access Denied"); } if ($profile_method == "input") { //Nothing here } elseif ($profile_method == "display") { echo "<tr>\n"; echo "<td class='tbl1'>" . $locale['uf_comments-stat'] . "</td>\n"; echo "<td align='right' class='tbl1'>" . number_format(dbcount("(comment_id)", DB_COMMENTS, "comment_name='" . $user_data['user_id'] . "'")) . "</td>\n"; echo "</tr>\n"; } elseif ($profile_method == "validate_insert") { //Nothing here } elseif ($profile_method == "validate_update") { //Nothing here }
$result = dbquery("SELECT post_datestamp, post_author FROM " . DB_POSTS . " WHERE forum_id='" . $_GET['forum_id'] . "' ORDER BY post_datestamp DESC LIMIT 1"); if (dbrows($result)) { $ldata = dbarray($result); $forum_lastpost = "forum_lastpost='" . $ldata['post_datestamp'] . "', forum_lastuser='******'post_author'] . "'"; } else { $forum_lastpost = "forum_lastpost='0', forum_lastuser='******'"; } $result = dbquery("UPDATE " . DB_FORUMS . " SET " . $forum_lastpost . ", forum_postcount=forum_postcount-" . $deleted_posts . ", forum_threadcount=forum_threadcount-" . $deleted_threads . " WHERE forum_id='" . $_GET['forum_id'] . "'"); } $rows_left = dbcount("(thread_id)", "threads", "forum_id='" . $_GET['forum_id'] . "'") - 3; if ($rows_left <= $_GET['rowstart'] && $_GET['rowstart'] > 0) { $_GET['rowstart'] = (ceil($rows_left / $threads_per_page) - 1) * $threads_per_page; } redirect(FUSION_SELF . "?forum_id=" . $_GET['forum_id'] . "&rowstart=" . $_GET['rowstart']); } $rows = dbcount("(thread_id)", DB_THREADS, "forum_id='" . $_GET['forum_id'] . "' AND thread_sticky='0'"); opentable($locale['450']); echo "<!--pre_forum--><div class='tbl2'><a href='index.php'>" . $settings['sitename'] . "</a> :: " . $caption . "</div>\n"; if ($rows > $threads_per_page || iMEMBER && $can_post) { echo "<table cellspacing='0' cellpadding='0' width='100%'>\n<tr>\n"; if ($rows > $threads_per_page) { echo "<td style='padding:4px 0px 4px 0px'>" . makePageNav($_GET['rowstart'], $threads_per_page, $rows, 3, FUSION_SELF . "?forum_id=" . $_GET['forum_id'] . "&") . "</td>\n"; } if (iMEMBER && $can_post) { echo "<td align='right' style='padding:4px 0px 4px 0px'><a href='post.php?action=newthread&forum_id=" . $_GET['forum_id'] . "'><img src='" . get_image("newthread") . "' alt='" . $locale['566'] . "' style='border:0px;' /></a></td>\n"; } echo "</tr>\n</table>\n"; } if (iMOD) { echo "<form name='mod_form' method='post' action='" . FUSION_SELF . "?forum_id=" . $_GET['forum_id'] . "&rowstart=" . $_GET['rowstart'] . "'>\n"; }
| Author: Robert Gaudyn (Wooya) +--------------------------------------------------------+ | This program is released as free software under the | Affero GPL license. You can redistribute it and/or | modify it under the terms of this license which you | can read by viewing the included agpl.txt or online | at www.gnu.org/licenses/agpl.html. Removal of this | copyright header is strictly prohibited without | written permission from the original author(s). +--------------------------------------------------------*/ require_once "../../maincore.php"; require_once THEMES . "templates/header.php"; if (!iMEMBER) { redirect("../../index.php"); } if (isset($_GET['delete']) && isnum($_GET['delete']) && dbcount("(thread_id)", DB_THREAD_NOTIFY, "thread_id='" . $_GET['delete'] . "' AND notify_user='******'user_id'] . "'")) { $result = dbquery("DELETE FROM " . DB_THREAD_NOTIFY . " WHERE thread_id=" . $_GET['delete'] . " AND notify_user="******"SELECT tn.thread_id FROM " . DB_THREAD_NOTIFY . " tn\n\tINNER JOIN " . DB_THREADS . " tt ON tn.thread_id = tt.thread_id\n\tINNER JOIN " . DB_FORUMS . " tf ON tt.forum_id = tf.forum_id\n\tWHERE tn.notify_user="******" AND " . groupaccess('forum_access') . " AND tt.thread_hidden='0'"); $rows = dbrows($result); if ($rows) { $result = dbquery("\n\t\tSELECT tf.forum_access, tn.thread_id, tn.notify_datestamp, tn.notify_user,\n\t\ttt.thread_subject, tt.forum_id, tt.thread_lastpost, tt.thread_lastuser, tt.thread_postcount,\n\t\ttu.user_id AS user_id1, tu.user_name AS user_name1, tu.user_status AS user_status1, \n\t\ttu2.user_id AS user_id2, tu2.user_name AS user_name2, tu2.user_status AS user_status2\n\t\tFROM " . DB_THREAD_NOTIFY . " tn\n\t\tINNER JOIN " . DB_THREADS . " tt ON tn.thread_id = tt.thread_id\n\t\tINNER JOIN " . DB_FORUMS . " tf ON tt.forum_id = tf.forum_id\n\t\tLEFT JOIN " . DB_USERS . " tu ON tt.thread_author = tu.user_id\n\t\tLEFT JOIN " . DB_USERS . " tu2 ON tt.thread_lastuser = tu2.user_id\n\t\tINNER JOIN " . DB_POSTS . " tp ON tt.thread_id = tp.thread_id\n\t\tWHERE tn.notify_user="******" AND " . groupaccess('forum_access') . " AND tt.thread_hidden='0'\n\t\tGROUP BY tn.thread_id\n\t\tORDER BY tn.notify_datestamp DESC\n\t\tLIMIT " . $_GET['rowstart'] . ",10\n\t"); echo "<table class='tbl-border' cellpadding='0' cellspacing='1' width='100%'>\n<tr>\n"; echo "<td class='tbl2'><strong>" . $locale['global_044'] . "</strong></td>\n"; echo "<td class='tbl2' style='text-align:center;white-space:nowrap'><strong>" . $locale['global_050'] . "</strong></td>\n"; echo "<td class='tbl2' style='text-align:center;white-space:nowrap'><strong>" . $locale['global_047'] . "</strong></td>\n";
require_once THEMES . "templates/admin_header.php"; require_once INCLUDES . "html_buttons_include.php"; include LOCALE . LOCALESET . "admin/weblinks.php"; if (isset($_GET['status']) && !isset($message)) { if ($_GET['status'] == "sn") { $message = $locale['510']; } elseif ($_GET['status'] == "su") { $message = $locale['511']; } elseif ($_GET['status'] == "del") { $message = $locale['512']; } if ($message) { echo "<div id='close-message'><div class='admin-message'>" . $message . "</div></div>\n"; } } $result = dbcount("(weblink_cat_id)", DB_WEBLINK_CATS); if (!empty($result)) { if (isset($_GET['action']) && $_GET['action'] == "delete" && (isset($_GET['weblink_id']) && isnum($_GET['weblink_id']))) { $result = dbquery("DELETE FROM " . DB_WEBLINKS . " WHERE weblink_id='" . $_GET['weblink_id'] . "'"); redirect(FUSION_SELF . $aidlink . "&weblink_cat_id=" . $_GET['weblink_cat_id'] . "&status=del"); } if (isset($_POST['save_link'])) { $weblink_name = stripinput($_POST['weblink_name']); $weblink_description = addslash($_POST['weblink_description']); $weblink_url = stripinput($_POST['weblink_url']); $weblink_cat = intval($_POST['weblink_cat']); if ($weblink_name) { if (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_GET['weblink_id']) && isnum($_GET['weblink_id']))) { $weblink_datestamp = isset($_POST['update_datestamp']) ? ", weblink_datestamp='" . time() . "'" : ""; $result = dbquery("UPDATE " . DB_WEBLINKS . " SET weblink_name='{$weblink_name}', weblink_description='{$weblink_description}', weblink_url='{$weblink_url}', weblink_cat='{$weblink_cat}'" . $weblink_datestamp . " WHERE weblink_id='" . $_GET['weblink_id'] . "'"); redirect(FUSION_SELF . $aidlink . "&weblink_cat_id={$weblink_cat}&status=su");
function display_suspend_log($user_id, $type = "all", $rowstart = 0, $limit = 0) { global $locale; $db_type = $type != "all" && isnum($type) ? " AND suspend_type='{$type}'" : ""; $rows = dbcount("(suspend_id)", DB_SUSPENDS, "suspended_user='******'{$db_type}"); $result = dbquery("SELECT sp.suspend_id, sp.suspend_ip, sp.suspend_ip_type, sp.suspend_date, sp.suspend_reason,\n\t\tsp.suspend_type, sp.reinstate_date, sp.reinstate_reason, sp.reinstate_ip, sp.reinstate_ip_type,\n\t\ta.user_name AS admin_name, b.user_name AS admin_name_b \n\t\tFROM " . DB_SUSPENDS . " sp \n\t\tLEFT JOIN " . DB_USERS . " a ON sp.suspending_admin=a.user_id \n\t\tLEFT JOIN " . DB_USERS . " b ON sp.reinstating_admin=b.user_id \n\t\tWHERE suspended_user='******'{$db_type}\n\t\tORDER BY suspend_date DESC" . ($limit > 0 ? " LIMIT {$limit}" : "")); $rows = dbrows($result); $udata = dbarray(dbquery("SELECT user_name FROM " . DB_USERS . " WHERE user_id='{$user_id}' LIMIT 1")); if ($type == "all") { opentable(sprintf($locale['susp100'], $udata['user_name'])); member_nav(member_url("view", $user_id) . "|" . $udata['user_name'], member_url("log", $user_id) . "|" . $locale['susp114']); } else { opentable(sprintf($locale['susp100b'], getsuspension($type, true), $udata['user_name'])); } if ($rows) { echo "<table width='80%' cellpadding='1' cellspacing='0' class='tbl-border center'>\n<tr>\n"; if ($type == "all") { $description = sprintf($locale['susp101'], $udata['user_name']); } else { $description = sprintf($locale['susp102'], getsuspension($type), $udata['user_name']); } echo "<td class='tbl2' width='30'>" . $locale['susp103'] . "</td>\n"; echo "<td class='tbl2' width='120'>" . $locale['susp104'] . "</td>\n"; echo "<td class='tbl2' width='250'>" . $locale['susp105'] . "</td>\n"; echo "<td class='tbl2' width='150'>" . $locale['susp106'] . "</td>\n"; echo "</tr>\n"; $i = 1; while ($data = dbarray($result)) { $class = "tbl{$i}"; $suspension = $data['suspend_type'] != 2 ? getsuspension($data['suspend_type']) : $locale['susp111']; $reason = $data['suspend_reason'] ? ": " . $data['suspend_reason'] : ""; $admin = $data['admin_name'] ? $data['admin_name'] . " (" . $locale['susp108'] . ": " . $data['suspend_ip'] . ")" : $locale['susp109']; echo "<tr><td class='{$class}' valign='top'>#" . $data['suspend_id'] . "</td>\n"; echo "<td class='{$class}' valign='top'>" . showdate('forumdate', $data['suspend_date']) . "</td>\n"; echo "<td class='{$class}' valign='top'><strong>{$suspension}</strong>{$reason}</td>\n"; echo "<td class='{$class}' valign='top'>{$admin}</td>\n"; echo "</tr>\n<tr>\n"; if ($data['reinstate_date']) { $r_reason = $data['reinstate_reason'] ? ": " . $data['reinstate_reason'] : ""; $admin = $data['admin_name_b'] ? $data['admin_name_b'] . " (" . $locale['susp112'] . $data['reinstate_ip'] . ")" : $locale['susp109']; echo "<td class='{$class}' valign='top' align='right'> </td>\n"; echo "<td class='{$class}' valign='top'>" . showdate('forumdate', $data['reinstate_date']) . "</td>\n"; echo "<td class='{$class}' valign='top'>" . $locale['susp113'] . $r_reason . "</td>\n"; echo "<td class='{$class}' valign='top'>{$admin}</td>\n"; echo "</tr>\n<tr>\n"; } elseif ($data['suspend_type'] != 2) { echo "<td class='{$class}' valign='top' align='right'> </td>\n"; echo "<td class='{$class}' valign='top'> </td>\n"; echo "<td class='{$class}' valign='top'> </td>\n"; echo "<td class='{$class}' valign='top'> </td>\n"; echo "</tr>\n<tr>\n"; } echo "<td class='tbl1' colspan='4'><hr /></td>\n"; echo "</tr>\n"; if ($i == 2 ? $i = 1 : $i++) { } } echo "</table>\n"; } else { echo "<div id='close-message'><div class='admin-message'>" . $locale['susp110'] . "</div></div>\n"; } closetable(); }
$comment = trimlink($data['comment_message'], 23); $commentStart = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $data['comment_item_id'] . "' AND comment_type='C' AND comment_id<=" . $data['comment_id']); if ($commentStart > $settings['comments_per_page']) { $commentStart = "&c_start=" . floor($commentStart / $settings['comments_per_page']) * $settings['comments_per_page']; } else { $commentStart = ""; } $output .= THEME_BULLET . " <a href='" . BASEDIR . "viewpage.php?page_id=" . $data['comment_item_id'] . $commentStart . "#c" . $data['comment_id'] . "' title='" . $comment . "' class='side'>" . $comment . "</a><br />\n"; $i++; } continue; case "D": $access = dbquery("\tSELECT download_id FROM " . DB_DOWNLOADS . " d, " . DB_DOWNLOAD_CATS . " c WHERE\n\t\t\t\t\t\t\t\t\td.download_id='" . $data['comment_item_id'] . "' AND\n\t\t\t\t\t\t\t\t\td.download_cat=c.download_cat_id AND\n\t\t\t\t\t\t\t\t\t" . groupaccess('c.download_cat_access')); if (dbrows($access) > 0) { $comment = trimlink($data['comment_message'], 23); $commentStart = dbcount("(comment_id)", DB_COMMENTS, "comment_item_id='" . $data['comment_item_id'] . "' AND comment_type='D' AND comment_id<=" . $data['comment_id']); if ($commentStart > $settings['comments_per_page']) { $commentStart = "&c_start=" . floor($commentStart / $settings['comments_per_page']) * $settings['comments_per_page']; } else { $commentStart = ""; } $output .= THEME_BULLET . " <a href='" . BASEDIR . "downloads.php?download_id=" . $data['comment_item_id'] . $commentStart . "#c" . $data['comment_id'] . "' title='" . $comment . "' class='side'>" . $comment . "</a><br />\n"; $i++; } continue; } } echo $output; } else { echo "<div style='text-align:center'>" . $locale['global_026'] . "</div>\n"; }
$data = dbarray($result); if (!isset($_POST['post_comment']) && !isset($_POST['post_rating'])) { $result2 = dbquery("UPDATE " . DB_NEWS . " SET news_reads=news_reads+1 WHERE news_id='" . $_GET['readmore'] . "'"); $data['news_reads']++; } $news_cat_image = ""; $news_subject = $data['news_subject']; if ($data['news_image_t1'] && $settings['news_image_readmore'] == "0") { $img_size = @getimagesize(IMAGES_N . $data['news_image']); $news_cat_image = "<a href=\"javascript:;\" onclick=\"window.open('" . IMAGES_N . $data['news_image'] . "','','scrollbars=yes,toolbar=no,status=no,resizable=yes,width=" . ($img_size[0] + 20) . ",height=" . ($img_size[1] + 20) . "')\"><img src='" . IMAGES_N_T . $data['news_image_t1'] . "' alt='" . $data['news_subject'] . "' class='news-category' /></a>"; } elseif ($data['news_cat_image']) { $news_cat_image = "<a href='news_cats.php?cat_id=" . $data['news_cat'] . "'><img src='" . get_image("nc_" . $data['news_cat_name']) . "' alt='" . $data['news_cat_name'] . "' class='news-category' /></a>"; } $news_news = preg_split("/<!?--\\s*pagebreak\\s*-->/i", $data['news_breaks'] == "y" ? nl2br(stripslashes($data['news_extended'] ? $data['news_extended'] : $data['news_news'])) : stripslashes($data['news_extended'] ? $data['news_extended'] : $data['news_news'])); $pagecount = count($news_news); $news_info = array("news_id" => $data['news_id'], "user_id" => $data['user_id'], "user_name" => $data['user_name'], "user_status" => $data['user_status'], "news_date" => $data['news_datestamp'], "cat_id" => $data['news_cat'], "cat_name" => $data['news_cat_name'], "cat_image" => $news_cat_image, "news_subject" => $data['news_subject'], "news_ext" => "n", "news_reads" => $data['news_reads'], "news_comments" => dbcount("(comment_id)", DB_COMMENTS, "comment_type='N' AND comment_item_id='" . $data['news_id'] . "' AND comment_hidden='0'"), "news_allow_comments" => $data['news_allow_comments'], "news_sticky" => $data['news_sticky']); add_to_title($locale['global_201'] . $news_subject); echo "<!--news_pre_readmore-->"; render_news($news_subject, $news_news[$_GET['rowstart']], $news_info); echo "<!--news_sub_readmore-->"; if ($pagecount > 1) { echo "<div align='center' style='margin-top:5px;'>\n" . makepagenav($_GET['rowstart'], 1, $pagecount, 3, FUSION_SELF . "?readmore=" . $_GET['readmore'] . "&") . "\n</div>\n"; } if ($data['news_allow_comments']) { showcomments("N", DB_NEWS, "news_id", $_GET['readmore'], FUSION_SELF . "?readmore=" . $_GET['readmore']); } if ($data['news_allow_ratings']) { showratings("N", $_GET['readmore'], FUSION_SELF . "?readmore=" . $_GET['readmore']); } } else { redirect(FUSION_SELF);
$i++; } echo "</tr>\n</table>\n"; } else { echo "<div style='text-align:center'><br />\n" . $locale['410'] . "<br /><br />\n</div>\n"; } closetable(); } else { if ($data = dbarray(dbquery("SELECT faq_cat_name,faq_cat_language FROM " . DB_FAQ_CATS . " " . (multilang_table("FQ") ? "WHERE faq_cat_language='" . LANGUAGE . "' AND" : "WHERE") . " faq_cat_id='" . $_GET['cat_id'] . "'"))) { add_to_title($locale['global_201'] . $data['faq_cat_name']); opentable($locale['401'] . ": " . $data['faq_cat_name']); echo "<table cellpadding='0' cellspacing='1' width='100%'>\n<tr>\n"; echo "<td class='tbl2'>\n<a href='" . FUSION_SELF . "'>" . $locale['400'] . "</a> >"; echo "<a href='" . FUSION_SELF . "?cat_id=" . $_GET['cat_id'] . "'>" . $data['faq_cat_name'] . "</a></td>\n"; echo "</tr>\n</table>\n"; $rows = dbcount("(faq_id)", DB_FAQS, "faq_cat_id='" . $_GET['cat_id'] . "'"); if ($rows) { $i = 0; $ii = 1; $columns = 4; $faq_content = ""; echo "<table cellpadding='0' cellspacing='0' width='100%'>\n<tr>\n"; $result = dbquery("SELECT faq_id, faq_question, faq_answer from " . DB_FAQS . " WHERE faq_cat_id='" . $_GET['cat_id'] . "' ORDER BY faq_question"); $numrows = dbrows($result); while ($data = dbarray($result)) { if ($i != 0 && $i % $columns == 0) { echo "</tr>\n<tr>\n"; } echo "<td class='tbl1' width='25%'><a href='#faq_" . $data['faq_id'] . "'>" . $data['faq_question'] . "</a></td>"; $faq_content .= "<div class='" . ($ii % 2 == 0 ? "tbl1" : "tbl2") . "' style='display:block; padding:10px 5px'>\n"; $faq_content .= "<a id='faq_" . $data['faq_id'] . "'></a><strong>" . $data['faq_question'] . "</strong><br />\n" . nl2br(stripslashes($data['faq_answer']));
if (dbrows($result)) { $data = dbarray($result); if ($inf_version > $data['inf_version']) { if (isset($inf_altertable) && is_array($inf_altertable) && count($inf_altertable)) { for ($i = 1; $i < count($inf_altertable) + 1; $i++) { $result = dbquery("ALTER TABLE " . $inf_altertable[$i]); } } $result2 = dbquery("UPDATE " . DB_INFUSIONS . " SET inf_version='" . $inf_version . "' WHERE inf_id='" . $data['inf_id'] . "'"); } } else { if (isset($inf_adminpanel) && is_array($inf_adminpanel) && count($inf_adminpanel)) { for ($i = 1; $i < count($inf_adminpanel) + 1; $i++) { $error = 0; $inf_admin_image = $inf_adminpanel[$i]['image'] ? $inf_adminpanel[$i]['image'] : "infusion_panel.gif"; if (!dbcount("(admin_id)", DB_ADMIN, "admin_rights='" . $inf_adminpanel[$i]['rights'] . "'")) { $result = dbquery("INSERT INTO " . DB_ADMIN . " (admin_rights, admin_image, admin_title, admin_link, admin_page) VALUES ('" . $inf_adminpanel[$i]['rights'] . "', '" . $inf_admin_image . "', '" . $inf_adminpanel[$i]['title'] . "', '" . INFUSIONS . $inf_folder . "/" . $inf_adminpanel[$i]['panel'] . "', '4')"); $result = dbquery("SELECT user_id, user_rights FROM " . DB_USERS . " WHERE user_level='103'"); while ($data = dbarray($result)) { $result2 = dbquery("UPDATE " . DB_USERS . " SET user_rights='" . $data['user_rights'] . "." . $inf_adminpanel[$i]['rights'] . "' WHERE user_id='" . $data['user_id'] . "'"); } } else { $error = 1; } } } if (!$error) { if (isset($inf_sitelink) && is_array($inf_sitelink) && count($inf_sitelink)) { for ($i = 1; $i < count($inf_sitelink) + 1; $i++) { $link_order = dbresult(dbquery("SELECT MAX(link_order) FROM " . DB_SITE_LINKS), 0) + 1; $result = dbquery("INSERT INTO " . DB_SITE_LINKS . " (link_name, link_url, link_visibility, link_position, link_window, link_order) VALUES ('" . $inf_sitelink[$i]['title'] . "', '" . str_replace("../", "", INFUSIONS) . $inf_folder . "/" . $inf_sitelink[$i]['url'] . "', '" . $inf_sitelink[$i]['visibility'] . "', '1', '0', '" . $link_order . "')");
echo "</td>\n</tr>\n"; } else { echo "<tr>\n<td align='center' colspan='2' class='tbl'>" . $locale['451'] . "<br /><br />\n"; echo "<a href='" . FUSION_SELF . $aidlink . "&group_id=" . $_GET['group_id'] . "'>" . $locale['452'] . "</a>\n</td>\n</tr>\n"; } echo "</table>\n</form>\n"; } else { echo "<div style='text-align:center'><br />\n" . $locale['451'] . "<br />\n"; echo "<a href='" . FUSION_SELF . $aidlink . "&group_id=" . $_GET['group_id'] . "'>" . $locale['452'] . "</a><br />\n</div>\n"; } } closetable(); opentable($locale['460']); echo "<form name='rem_users_form' method='post' action='" . FUSION_SELF . $aidlink . "&group_id=" . $_GET['group_id'] . "'>\n"; echo "<table cellpadding='0' cellspacing='1' class='table table-responsive tbl-border center'>\n"; $rows = dbcount("(user_id)", DB_USERS, "user_groups REGEXP('^\\\\.{$_GET['group_id']}\$|\\\\.{$_GET['group_id']}\\\\.|\\\\.{$_GET['group_id']}\$')"); if (!isset($_GET['rowstart']) || !isnum($_GET['rowstart'])) { $_GET['rowstart'] = 0; } if ($rows) { $i = 0; $result = dbquery("SELECT user_id,user_name,user_level FROM " . DB_USERS . " WHERE user_groups REGEXP('^\\\\.{$_GET['group_id']}\$|\\\\.{$_GET['group_id']}\\\\.|\\\\.{$_GET['group_id']}\$') ORDER BY user_level DESC, user_name LIMIT {$_GET['rowstart']},20"); echo "<tr>\n<td class='tbl2'><strong>" . $locale['446'] . "</strong></td>\n"; echo "<td align='right' width='1%' class='tbl2' style='white-space:nowrap'><strong>" . $locale['447'] . "</strong></td>\n</tr>\n"; while ($data = dbarray($result)) { $row_color = $i % 2 == 0 ? "tbl1" : "tbl2"; $i++; echo "<tr>\n<td class='{$row_color}'><label><input type='checkbox' name='rem_check_mark[]' value='" . $data['user_id'] . "' /> " . $data['user_name'] . "</td>\n<td align='right' width='1%' class='{$row_color}' style='white-space:nowrap'>" . getuserlevel($data['user_level']) . "</label></td>\n</tr>"; } echo "<tr>\n<td colspan='2' class='tbl1'>\n"; echo "<div class='btn-group'>\n";
unset($sec_data); } else { $error .= "· " . $locale['414'] . "<br />\n"; } unset($sec_result); } } // <- $email_domain = substr(strrchr($email, "@"), 1); if (dbcount("(blacklist_id)", DB_BLACKLIST, "blacklist_email='{$email}' OR blacklist_email='{$email_domain}'") != 0) { $error = "· " . $locale['411'] . "<br />\n"; } if (dbcount("(user_id)", DB_USERS, "user_name='{$username}'") != 0) { $error = "· " . $locale['407'] . "<br />\n"; } if (dbcount("(user_id)", DB_USERS, "user_email='{$email}'") != 0) { $error = "· " . $locale['408'] . "<br />\n"; } if ($settings['email_verification'] == "1") { $result = dbquery("SELECT user_email, user_info FROM " . DB_NEW_USERS); while ($new_users = dbarray($result)) { $user_info = unserialize($new_users['user_info']); if ($new_users['user_email'] == $email) { $error = "· " . $locale['409'] . "<br />\n"; } if ($user_info['user_name'] == $username) { $error = "· " . $locale['407'] . "<br />\n"; break; } } }
} echo "<textarea name='archive_shout_message' rows='4' cols='50' class='textbox'>" . $archive_shout_message . "</textarea><br />\n"; echo "<div style='text-align:center'>" . display_bbcodes("100%", "archive_shout_message", "archive_form", "smiley|b|i|u|url|color") . "</div>\n"; if (iGUEST) { echo $locale['SB_validation_code'] . "<br />\n"; echo "<img id='captcha' src='" . INCLUDES . "captchas/securimage/securimage_show.php' alt='' /><br />\n"; echo "<a href='" . INCLUDES . "captchas/securimage/securimage_play.php'><img src='" . INCLUDES . "captchas/securimage/images/audio_icon.gif' alt='' class='tbl-border' style='margin-bottom:1px' /></a>\n"; echo "<a href='#' onclick=\"document.getElementById('captcha').src = '" . INCLUDES . "captchas/securimage/securimage_show.php?sid=' + Math.random(); return false\"><img src='" . INCLUDES . "captchas/securimage/images/refresh.gif' alt='' class='tbl-border' /></a><br />\n"; echo $locale['SB_enter_validation_code'] . "<br />\n<input type='text' name='captcha_code' class='textbox' style='width:100px' /><br />\n"; } echo "<br /><input type='submit' name='post_archive_shout' value='" . $locale['SB_shout'] . "' class='button' />\n"; echo "</div>\n</form>\n<br />\n"; } else { echo "<div style='text-align:center'>" . $locale['SB_login_req'] . "</div>\n"; } $rows = dbcount("(shout_id)", DB_SHOUTBOX, "shout_hidden='0'"); if (!isset($_GET['rowstart']) || !isnum($_GET['rowstart'])) { $_GET['rowstart'] = 0; } if ($rows != 0) { $result = dbquery("SELECT s.shout_id, s.shout_name, s.shout_message, s.shout_datestamp, u.user_id, u.user_name, u.user_status\r\n\t\tFROM " . DB_SHOUTBOX . " s\r\n\t\tLEFT JOIN " . DB_USERS . " u ON s.shout_name=u.user_id\r\n\t\t" . (multilang_table("SB") ? "WHERE shout_language='" . LANGUAGE . "' AND" : "WHERE") . " s.shout_hidden='0'\r\n\t\tORDER BY s.shout_datestamp DESC LIMIT " . $_GET['rowstart'] . ",20"); while ($data = dbarray($result)) { echo "<div class='tbl2'>\n"; if (iADMIN && checkrights("S") || iMEMBER && $data['shout_name'] == $userdata['user_id'] && isset($data['user_name'])) { echo "<div style='float:right'>\n<a href='" . FUSION_SELF . "?action=edit&shout_id=" . $data['shout_id'] . "'>" . $locale['SB_edit'] . "</a> |\n"; echo "<a href='" . FUSION_SELF . "?action=delete&shout_id=" . $data['shout_id'] . "'>" . $locale['SB_delete'] . "</a>\n</div>\n"; } if ($data['user_name']) { echo "<span class='comment-name'><span class='slink'>" . profile_link($data['user_id'], $data['user_name'], $data['user_status']) . "</span>\n</span>\n"; } else { echo "<span class='comment-name'>" . $data['shout_name'] . "</span>\n";
} else { require_once INCLUDES . "html_buttons_include.php"; } if (isset($_GET['status']) && !isset($message)) { if ($_GET['status'] == "sn") { $message = $locale['410']; } elseif ($_GET['status'] == "su") { $message = $locale['411']; } elseif ($_GET['status'] == "del") { $message = $locale['412']; } if ($message) { echo "<div id='close-message'><div class='alert alert-info m-t-10 admin-message'>" . $message . "</div></div>\n"; } } $result = dbcount("(article_cat_id)", DB_ARTICLE_CATS); if (!empty($result)) { if (isset($_POST['save'])) { $subject = stripinput($_POST['subject']); $body = addslash($_POST['body']); $body2 = addslash($_POST['body2']); $draft = isset($_POST['article_draft']) ? "1" : "0"; if ($settings['tinymce_enabled'] != 1) { $breaks = isset($_POST['line_breaks']) ? "y" : "n"; } else { $breaks = "n"; } $comments = isset($_POST['article_comments']) ? "1" : "0"; $ratings = isset($_POST['article_ratings']) ? "1" : "0"; if (isset($_POST['article_id']) && isnum($_POST['article_id']) && !defined("FUSION_NULL")) { $result = dbquery("UPDATE " . DB_ARTICLES . " SET article_cat='" . intval($_POST['article_cat']) . "', article_subject='{$subject}', article_snippet='{$body}', article_article='{$body2}', article_draft='{$draft}', article_breaks='{$breaks}', article_allow_comments='{$comments}', article_allow_ratings='{$ratings}' WHERE article_id='" . $_POST['article_id'] . "'");
$result = dbquery("SELECT p.*, fa.attach_id, fa.attach_name, fa.attach_ext, fa.attach_size, u.*, u2.user_name AS edit_name\n\t\tFROM " . DB_POSTS . " p\n\t\tLEFT JOIN " . DB_FORUM_ATTACHMENTS . " fa USING(post_id)\n\t\tLEFT JOIN " . DB_USERS . " u ON p.post_author = u.user_id\n\t\tLEFT JOIN " . DB_USERS . " u2 ON p.post_edituser = u2.user_id AND post_edituser > '0'\n\t\tWHERE p.thread_id='" . $_GET['thread_id'] . "' ORDER BY post_datestamp LIMIT " . $_GET['rowstart'] . ",{$posts_per_page}"); if (iMOD) { echo "<form name='mod_form' method='post' action='" . FUSION_SELF . "?thread_id=" . $_GET['thread_id'] . "&rowstart=" . $_GET['rowstart'] . "'>\n"; } echo "<table cellpadding='0' cellspacing='1' width='100%' class='tbl-border forum_thread_table'>\n"; $numrows = dbrows($result); $current_row = 1; while ($data = dbarray($result)) { $message = $data['post_message']; if ($data['post_smileys']) { $message = parsesmileys($message); } if ($current_row == 1) { echo "<tr>\n<td colspan='2' class='tbl2'>\n<div style='float:right' class='small'>"; if (iMEMBER && $settings['thread_notify']) { if (dbcount("(thread_id)", DB_THREAD_NOTIFY, "thread_id='" . $_GET['thread_id'] . "' AND notify_user='******'user_id'] . "'")) { $result2 = dbquery("UPDATE " . DB_THREAD_NOTIFY . " SET notify_datestamp='" . time() . "', notify_status='1' WHERE thread_id='" . $_GET['thread_id'] . "' AND notify_user='******'user_id'] . "'"); echo "<a href='postify.php?post=off&forum_id=" . $fdata['forum_id'] . "&thread_id=" . $_GET['thread_id'] . "'>" . $locale['515'] . "</a>"; } else { echo "<a href='postify.php?post=on&forum_id=" . $fdata['forum_id'] . "&thread_id=" . $_GET['thread_id'] . "'>" . $locale['516'] . "</a>"; } } echo " <a href='" . BASEDIR . "print.php?type=F&thread=" . $_GET['thread_id'] . "'><img src='" . get_image("printer") . "' alt='" . $locale['519'] . "' title='" . $locale['519'] . "' style='border:0;vertical-align:middle' /></a></div>\n"; add_to_title($locale['global_201'] . $fdata['thread_subject']); echo "<div style='float:left' class='forum_thread_title'><!--forum_thread_title--><strong>" . $fdata['thread_subject'] . "</strong></div>\n</td>\n</tr>\n"; } echo "<!--forum_thread_prepost_" . $current_row . "-->\n"; if ($current_row > 1) { echo "<tr>\n<td colspan='2' class='tbl1' style='height:10px'></td>\n</tr>\n"; } echo "<tr>\n<td class='tbl2 forum_thread_user_name' style='width:140px'><!--forum_thread_user_name--><a href='" . BASEDIR . "profile.php?lookup=" . $data['user_id'] . "'>" . $data['user_name'] . "</a></td>\n";