function usercommenttable($rows)
{
global $CURUSER, $pic_base_url, $userid;
begin_main_frame();
begin_frame();
$count = 0;
foreach ($rows as $row) {
echo "<p class=sub>#" . $row["id"] . " by ";
if (isset($row["username"])) {
$title = $row["title"];
if ($title == "") {
$title = get_user_class_name($row["class"]);
} else {
$title = safeChar($title);
}
echo "<a name=comm" . $row["id"] . " href=userdetails.php?id=" . $row["user"] . "><b>" . safeChar($row["username"]) . "</b></a>" . ($row["donor"] == "yes" ? "<img src=\"{$pic_base_url}star.gif\" alt='Donor'>" : "") . ($row["warned"] == "yes" ? "<img src=" . "\"{$pic_base_url}warned.gif\" alt=\"Warned\">" : "") . " ({$title})\n";
} else {
echo "<a name=\"comm" . $row["id"] . "\"><i>(orphaned)</i></a>\n";
}
echo " at " . $row["added"] . " GMT" . ($userid == $CURUSER["id"] || $row["user"] == $CURUSER["id"] || get_user_class() >= UC_MODERATOR ? "- [<a href=usercomment.php?action=edit&cid={$row['id']}>Edit</a>]" : "") . ($userid == $CURUSER["id"] || get_user_class() >= UC_MODERATOR ? "- [<a href=usercomment.php?action=delete&cid={$row['id']}>Delete</a>]" : "") . ($row["editedby"] && get_user_class() >= UC_MODERATOR ? "- [<a href=usercomment.php?action=vieworiginal&cid={$row['id']}>View original</a>]" : "") . "</p>\n";
$avatar = $CURUSER["avatars"] == "yes" ? safeChar($row["avatar"]) : "";
$text = format_comment($row["text"]);
if ($row["editedby"]) {
$text .= "<p><font size=1 class=small>Last edited by <a href=userdetails.php?id={$row['editedby']}><b>{$row['username']}</b></a> at {$row['editedat']} GMT</font></p>\n";
}
begin_table(true);
echo "<tr valign=top>\n";
echo "<td align=center width=150 style='padding: 0px'><img width=150 src=\"{$avatar}\"></td>\n";
echo "<td class=text>{$text}</td>\n";
echo "</tr>\n";
end_table();
}
end_frame();
end_main_frame();
}
function commenttable_new($rows)
{
global $CURUSER, $HTTP_SERVER_VARS;
begin_main_frame();
begin_frame();
$count = 0;
foreach ($rows as $row) {
$subres = mysql_query("SELECT name from torrents where id=" . unsafeChar($row["torrent"])) or sqlerr(__FILE__, __LINE__);
$subrow = mysql_fetch_array($subres);
print "<br /><a href=\"details.php?id=" . safeChar($row["torrent"]) . "\">" . safeChar($subrow["name"]) . "</a><br />\n";
print "<p class=sub>#" . $row["id"] . " by ";
if (isset($row["username"])) {
print "<a name=comm" . $row["id"] . " href=userdetails.php?id=" . safeChar($row["user"]) . "><b>" . safechar($row["username"]) . "</b></a>" . ($row["warned"] == "yes" ? "<img src=" . "pic/warned.gif alt=\"Warned\">" : "");
} else {
print "<a name=\"comm" . safeChar($row["id"]) . "\"><i>(orphaned)</i></a>\n";
}
print " at " . safeChar($row["added"]) . " GMT" . "- [<a href=comment.php?action=edit&cid={$row['id']}>Edit</a>]" . "- [<a href=deletecomment.php?id={$row['id']}>Delete</a>]</p>\n";
$avatar = $CURUSER["avatars"] == "yes" ? safechar($row["avatar"]) : "";
if (!$avatar) {
$avatar = "pic/default_avatar.gif";
}
begin_table(true);
print "<tr valign=top>\n";
print "<td align=center width=150 style='padding: 0px'><img width=150 src={$avatar}></td>\n";
print "<td class=text>" . format_comment($row["text"]) . "</td>\n";
print "</tr>\n";
end_table();
}
end_frame();
end_main_frame();
}
function newmsg($heading = '', $text = '', $div = 'success', $htmlstrip = false)
{
if ($htmlstrip) {
$heading = safeChar(trim($heading));
$text = safeChar(trim($text));
}
print "<table class=\"main\" width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr><td class=\"embedded\">\n";
print "<div class=\"{$div}\">" . ($heading ? "<b>{$heading}</b><br />" : "") . "{$text}</div></td></tr></table>\n";
}
function makeSafeText($arr)
{
foreach ($arr as $k => $v) {
if (is_array($v)) {
$arr[$k] = makeSafeText($v);
} else {
$arr[$k] = safeChar($v);
}
}
return $arr;
}
function stdmsg2($heading, $text, $htmlstrip = false)
{
if ($htmlstrip) {
$heading = safeChar($heading);
$text = safeChar($text);
}
print "<table class=main width=750 border=0 cellpadding=0 cellspacing=0><tr><td class=embedded>\n";
if ($heading) {
print "<h2>{$heading}</h2>\n";
}
print "<table width=100% border=1 cellspacing=0 cellpadding=10><tr><td class=text>\n";
print $text . "</td></tr></table></td></tr></table>\n";
}
}
$apps = array('Burning', 'Encoding', 'Anti-Virus', 'Office', 'Os', 'Misc', 'Image');
for ($x = 0; $x < count($apps); $x++) {
echo "<label><input type=\"checkbox\" value=\"{$apps[$x]}\" name=\"apps[]\" class=\"DEPENDS ON genre BEING apps\">{$apps[$x]}</label>";
}
?>
</td></tr></table>
</td></tr>
<?php
echo "<tr><td colspan=\"2\" align=\"center\"><input type=\"submit\" value='Edit it!' style='height: 25px; width: 100px'> <input type=reset value='Revert changes' style='height: 25px; width: 100px'></td></tr>\n";
echo "</table>\n";
echo "</form>\n";
echo "<p>\n";
echo "<form method=\"post\" action=\"delete.php\">\n";
echo "<table border=\"1\" cellspacing=\"0\" cellpadding=\"5\">\n";
echo "<tr><td class=embedded style='background-color: #000000;padding-bottom: 5px' colspan=\"2\"><b>Delete torrent.</b> Reason:</td></tr>";
echo "<td><input name=\"reasontype\" type=\"radio\" value=\"1\"> Dead </td><td> 0 seeders, 0 leechers = 0 peers total</td></tr>\n";
echo "<tr><td><input name=\"reasontype\" type=\"radio\" value=\"2\"> Dupe</td><td><input type=\"text\" size=\"40\" name=\"reason[]\"></td></tr>\n";
echo "<tr><td><input name=\"reasontype\" type=\"radio\" value=\"3\"> Nuked</td><td><input type=\"text\" size=\"40\" name=\"reason[]\"></td></tr>\n";
echo "<tr><td><input name=\"reasontype\" type=\"radio\" value=\"4\"> {$BASEURL} rules</td><td><input type=\"text\" size=\"40\" name=\"reason[]\">(req)</td></tr>";
echo "<tr><td><input name=\"reasontype\" type=\"radio\" value=\"5\" checked> Other:</td><td><input type=\"text\" size=\"40\" name=\"reason[]\">(req)</td></tr>\n";
echo "<input type=\"hidden\" name=\"id\" value=\"{$id}\">\n";
if (isset($_GET["returnto"])) {
echo "<input type=\"hidden\" name=\"returnto\" value=\"" . safeChar($_GET["returnto"]) . "\" />\n";
}
echo "<td colspan=\"2\" align=\"center\"><input type=submit value='Delete it!' style='height: 25px'></td></tr>\n";
echo "</table>";
echo "</form>\n";
echo "</p>\n";
}
stdfoot();
$downspeed = $arr["downspeed"] > 0 ? prefixed($arr["downspeed"]) : ($arr["leechtime"] > 0 ? prefixed($arr["downloaded"] / $arr["leechtime"]) : prefixed(0));
$ratio = $arr["downloaded"] > 0 ? number_format($arr["uploaded"] / $arr["downloaded"], 3) : ($arr["uploaded"] > 0 ? "Inf." : "---");
$completed = sprintf("%.2f%%", 100 * (1 - $arr["to_go"] / $arr["size"]));
$res9 = mysql_query("SELECT seeder FROM peers WHERE torrent={$_GET['id']} AND userid={$arr['userid']}");
$arr9 = mysql_fetch_assoc($res9);
echo "<tr>\n";
echo "<td align=left><a href=userdetails.php?id={$arr['userid']}>{$arr['username']}</a>" . get_user_icons($arr) . "</td>\n";
echo "<td align=right>" . safeChar($arr["id"]) . "</td>\n";
echo "<td align=center>" . ($arr["connectable"] == "yes" ? "<img src=/pic/online.gif>" : "<img src=/pic/offline.gif>") . "</td>\n";
echo "<td align=right>" . prefixed($arr["uploaded"]) . "</td>\n";
echo "<td align=right>{$upspeed}/s</td>\n";
echo "<td align=right>" . prefixed($arr["downloaded"]) . "</td>\n";
echo "<td align=right>{$downspeed}/s</td>\n";
echo "<td align=right>{$ratio}</td>\n";
echo "<td align=right>{$completed}</td>\n";
echo "<td align=right>" . safeChar($arr["hit_and_run"]) . "</td>\n";
echo "<td align=right>" . safeChar($arr["mark_of_cain"]) . "</td>\n";
echo "<td align=right><center><b>" . get_snatched_color($arr["seedtime"]) . "</b></center></td>\n";
echo "<td align=right>" . mkprettytime($arr["leechtime"]) . "</td>\n";
echo "<td align=center>{$arr['last_action']}</td>\n";
echo "<td align=center>" . safeChar($arr["complete_date"] == "0000-00-00 00:00:00" ? "Not Complete Yet" : $arr["complete_date"]) . "</td>\n";
echo "<td align=center>" . safeChar($arr[port]) . "</td>\n";
echo "<td align=center>" . ($arr9["seeder"] == "yes" ? "<img src=" . $pic_base_url . "online.gif border=0 alt=\"active Seeder\">" : "<img src=" . $pic_base_url . "offline.gif border=0 alt=\"Not seeding!\">") . "</td>\n";
echo "<td align=right>" . safeChar($arr["timesann"]) . "</td>\n";
echo "</tr>\n";
}
echo "</table>\n";
if ($count > $perpage) {
echo "{$pagerbottom}";
}
stdfoot();
function dooptimizedb()
{
global $SITENAME, $CURUSER, $DEFAULTBASEURL, $optimizedb_interval, $queries, $query_stat;
set_time_limit(1200);
$result = mysql_query("show processlist") or sqlerr(__FILE__, __LINE__);
while ($row = mysql_fetch_array($result)) {
if ($row["Time"] > 100 || $row["Command"] == "Sleep") {
$sql = "kill " . $row["Id"] . "";
mysql_query($sql) or sqlerr(__FILE__, __LINE__);
}
}
ignore_user_abort(1);
$alltables = mysql_query("SHOW TABLES") or sqlerr(__FILE__, __LINE__);
while ($table = mysql_fetch_assoc($alltables)) {
foreach ($table as $db => $tablename) {
$sql = "OPTIMIZE TABLE {$tablename}";
/* Preg match the sql incase it was hijacked somewhere!(will use CHECK|ANALYZE|REPAIR|later) */
if (preg_match('@^(CHECK|ANALYZE|REPAIR|OPTIMIZE)[[:space:]]TABLE[[:space:]]' . $tablename . '$@i', $sql)) {
@mysql_query($sql) or die("<b>Something was not right!</b>.\n<br />Query: " . $sql . "<br />\nError: (" . mysql_errno() . ") " . safeChar(mysql_error()));
}
}
}
@mysql_free_result($alltables);
write_log("autooptimizedb", " --------------------Auto Optimization Complete using {$queries} queries --------------------");
}
function insert_compose_frame($id, $newtopic = true, $quote = false, $attachment = false)
{
global $maxsubjectlength, $CURUSER, $max_torrent_size, $maxfilesize, $pic_base_url, $use_attachment_mod, $forum_pics, $DEFAULTBASEURL;
if ($newtopic) {
$res = sql_query("SELECT name FROM forums WHERE id = " . sqlesc($id)) or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res) or die("Bad forum ID!");
?>
<h3>New topic in <a href='<?php
echo $_SERVER['PHP_SELF'];
?>
?action=viewforum&forumid=<?php
echo $id;
?>
'><?php
echo safeChar($arr["name"]);
?>
</a> forum</h3><?php
} else {
$res = sql_query("SELECT subject, locked FROM topics WHERE id = " . sqlesc($id)) or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res) or die("Forum error, Topic not found.");
if ($arr['locked'] == 'yes') {
stdmsg("Sorry", "The topic is locked.");
end_table();
end_main_frame();
stdfoot();
exit;
}
?>
<h3 align="center"><?php
echo $language['replyto'];
?>
<a href='<?php
echo $_SERVER['PHP_SELF'];
?>
action=viewtopic&topicid=<?php
echo $id;
?>
'><?php
echo safeChar($arr["subject"]);
?>
</a></h3><?php
}
begin_frame("Compose", true);
?>
<form method='post' name='compose' action='<?php
echo $_SERVER['PHP_SELF'];
?>
' enctype='multipart/form-data'>
<input type="hidden" name="action" value="post" />
<input type='hidden' name='<?php
echo $newtopic ? 'forumid' : 'topicid';
?>
' value='<?php
echo $id;
?>
' /><?php
begin_table(true);
if ($newtopic) {
?>
<tr>
<td class='rowhead' width="10%">Subject</td>
<td align='left'>
<input type='text' size='100' maxlength='<?php
echo $maxsubjectlength;
?>
' name='subject' style='height: 19px' />
</td>
</tr><?php
}
if ($quote) {
$postid = (int) $_GET["postid"];
if (!is_valid_id($postid)) {
stdmsg("Error", "Invalid ID!");
end_table();
end_main_frame();
stdfoot();
exit;
}
$res = sql_query("SELECT posts.*, users.username FROM posts JOIN users ON posts.userid = users.id WHERE posts.id = {$postid}") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 0) {
stdmsg("Error", "No post with this ID");
end_table();
end_main_frame();
stdfoot();
exit;
}
$arr = mysql_fetch_assoc($res);
}
?>
<tr>
<td class='rowhead' width="10%">Body</td>
<td><?php
$qbody = $quote ? "[quote=" . safeChar($arr["username"]) . "]" . safeChar(unesc($arr["body"])) . "[/quote]" : '';
if (function_exists('textbbcode')) {
textbbcode("compose", "body", $qbody);
} else {
?>
<textarea name="body" style="width:99%" rows="7"><?php
echo $qbody;
?>
</textarea><?php
}
if ($use_attachment_mod && $attachment) {
?>
<tr>
<td colspan='2'><fieldset class="fieldset"><legend>Add attachment</legend>
<input type='checkbox' name='uploadattachment' value='yes' />
<input type="file" name="file" size="60" />
<div class='error'>Allowed files: rar, zip<br />Max file size: <?php
echo prefixed($maxfilesize);
?>
</div></fieldset>
</td>
</tr><?php
}
?>
<tr>
<td align=center colspan=2>
<?php
echo post_icons();
?>
</td>
</tr>
<tr>
<td colspan='2' align='center'>
<input type='submit' value='Submit' />
</td>
</tr>
</td>
</tr><?php
end_table();
?>
</form><?php
end_frame();
// ------ Get 10 last posts if this is a reply
if (!$newtopic) {
$postres = sql_query("SELECT p.id, p.added, p.body, u.id AS uid, u.username, u.avatar " . "FROM posts AS p " . "LEFT JOIN users AS u ON u.id = p.userid " . "WHERE p.topicid = " . sqlesc($id) . " " . "ORDER BY p.id DESC LIMIT 10") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($postres) > 0) {
?>
<br /><?php
begin_frame("Last 10 post's in reverse order");
while ($post = mysql_fetch_assoc($postres)) {
$avatar = $CURUSER["avatars"] == "yes" ? safeChar($post["avatar"]) : '';
if (empty($avatar)) {
$avatar = $pic_base_url . $forum_pics['default_avatar'];
}
?>
<p class=sub>#<?php
echo $post["id"];
?>
by <?php
echo !empty($post["username"]) ? $post["username"] : "******";
?>
at <?php
echo $post["added"];
?>
GMT</p><?php
begin_table(true);
?>
<tr>
<td height='100' width='100' align='center' style='padding: 0px' valign="top"><img height='100' width='100' src="<?php
echo $avatar;
?>
" /></td>
<td class='comment' valign='top'><?php
echo format_comment($post["body"]);
?>
</td>
</tr><?php
end_table();
}
end_frame();
}
}
insert_quick_jump_menu();
}
<?php
// CyBerFuN.Ro
// By CyBerNe7
// //
// http://cyberfun.ro/
// http://xlist.ro/
header("Content-Type: text/html; charset=iso-8859-1");
require_once "include/bittorrent.php";
dbconn();
if (!logged_in()) {
header("HTTP/1.0 404 Not Found");
// moddifed logginorreturn by retro//Remember to change the following line to match your server
print "<html><h1>Not Found</h1><p>The requested URL /{$_SERVER['PHP_SELF']} was not found on this server.</p><hr /><address>Apache/1.1.11 " . $SITENAME . " Server at " . $_SERVER['SERVER_NAME'] . " Port 80</address></body></html>\n";
die;
}
$id = 0 + $_GET["id"];
$s = "<table width=500 class=colorss class=main border=\"1\" cellspacing=0 cellpadding=\"5\">\n";
$subres = sql_query("SELECT * FROM files WHERE torrent = {$id} ORDER BY id");
$s .= "<tr><td width=500 class=colhead>Type</td><td class=colhead>Path</td><td class=colhead align=right>Size</td></tr>\n";
while ($subrow = mysql_fetch_array($subres)) {
preg_match('/\\.([A-Za-z0-9]+)$/', $subrow["filename"], $ext);
$ext = strtolower($ext[1]);
if (!file_exists("pic/icons/" . $ext . ".png")) {
$ext = "Unknown";
}
$s .= "<tr><td align\"center\"><img align=center src=\"pic/icons/" . $ext . ".png\" alt=\"{$ext} file\"></td><td class=tableb2 width=700>" . safeChar($subrow["filename"]) . "</td><td align=\"right\">" . prefixed($subrow["size"]) . "</td></tr>\n";
}
$s .= "</table>\n";
echo $s;
hacker_dork("Secure Ip - Nosey C**t !");
}
// in the case part add staff names exactly as they are on site
//example
//case 'Admin':
//case 'System':
// and so on
switch ($_POST['staffname']) {
case 'Mindless':
case 'System':
$name = safeChar($_POST['staffname']);
$pass = safeChar($_POST['secrettop']);
break;
default:
$naughtyboy = getip();
$name = safeChar($_POST['staffname']);
$msg = "Someone is trying to login through the Staff login page with the name {$name} and ip {$naughtyboy}";
$subject = "ALERT Failed staff login attempt";
// change id to your id to recieve a pm if someone tried to login with failed name or just comment it out
mysql_query("INSERT INTO messages (sender, receiver, added, msg, poster) VALUES (0, 1, '" . get_date_time() . "', " . sqlesc($msg) . ", 0)") or sqlerr(__FILE__, __LINE__);
stderr("Error", "WARNING ! You're not a staff member");
die;
break;
}
//Just keep adding the elseif and validpass until all staff have been added..
if ($_POST['staffname'] == "Mindless") {
$validpass = "******";
} elseif ($_POST['staffname'] == "System") {
$validpass = "******";
} else {
die;
$usernamegift = htmlentities(trim($_POST['username']));
$res = sql_query("SELECT id,uploaded,bonuscomment,username FROM users WHERE username="******"unit"] == '2') {
$nobits = $_POST["amnt"] * $mb_basic * 1024;
}
}
$amt1 = $_POST["amnt"];
if ($ubonus >= $nobits) {
$upgift = safeChar($upgift, 1);
$bonuscomment = gmdate("Y-m-d") . " - " . prefixed($nobits) . " Upload Credit as gift to {$usernamegift} .\n " . $bonuscomment;
$bonuscomment_gift = gmdate("Y-m-d") . " - recieved " . prefixed($nobits) . " Upload Credit as gift from {$CURUSER['username']} .\n " . $bonuscomment_gift;
$upbonus = $ubonus - $nobits;
$upbonus1 = $userupload + $nobits;
if ($userid == $useridgift) {
header("Refresh: 0; url={$BASEURL}/mybonus.php?gift_fail1=1");
die;
}
if (!$useridgift) {
header("Refresh: 0; url={$BASEURL}/mybonus.php?gift_fail_user=1");
die;
}
if ($amt1 <= 0) {
header("Refresh: 0; url={$BASEURL}/mybonus.php?gift_fail2=1");
die;
die;
}
if (get_user_class() < UC_MODERATOR) {
hacker_dork("Admin Bookmarks - Nosey C**t !");
}
stdhead("Staff Bookmarks");
begin_main_frame();
$addbookmark = number_format(get_row_count("users", "WHERE addbookmark='yes'"));
begin_frame("In total ({$addbookmark})", true);
begin_table();
?>
<table cellpadding="4" cellspacing="1" border="0" style="width:800px" class="tableinborder" ><tr><td class="tabletitle">ID</td><td class="tabletitle" align="left">Username</td><td class="tabletitle" align="left">Suspicion</td><td class="tabletitle" align="left">Uploaded</td><td class="tabletitle" align="left">Downloaded</td><td class="tabletitle" align="left">Ratio</td></tr>
<?php
$res = mysql_query("SELECT id,username,bookmcomment,uploaded,downloaded FROM users WHERE addbookmark='yes' ORDER BY id") or print mysql_error();
while ($arr = @mysql_fetch_assoc($res)) {
if ($arr["downloaded"] != 0) {
$ratio = number_format($arr["uploaded"] / $arr["downloaded"], 3);
} else {
$ratio = "---";
}
$ratio = "<font color=" . get_ratio_color($ratio) . ">{$ratio}</font>";
$uploaded = prefixed($arr["uploaded"]);
$downloaded = prefixed($arr["downloaded"]);
$uploaded = str_replace(" ", "<br>", prefixed($arr["uploaded"]));
$downloaded = str_replace(" ", "<br>", prefixed($arr["downloaded"]));
echo "<tr><td class=table >" . safeChar($arr[id]) . "</td><td class=table align=\"left\"><b><a href=userdetails.php?id=" . safeChar($arr[id]) . ">" . safeChar($arr[username]) . "</b></td><td class=table align=\"left\">" . safeChar($arr[bookmcomment]) . "</a></td><td class=table align=\"left\">" . $uploaded . "</td></a></td><td class=table align=\"left\">" . $downloaded . "</td><td class=table align=\"left\">{$ratio}</td></tr>";
}
end_main_frame();
end_frame();
end_table();
stdfoot();
}
begin_table();
echo "<p align=center><a class=altlink href=donations.php>Current Donors</a> || <a class=altlink href=donations.php?total_donors=1>All Donations</a></p>";
echo $pagertop;
echo "<tr><td class=colhead>ID</td><td class=colhead align=left>Username</td><td class=colhead align=left>e-mail</td>" . "<td class=colhead align=left>Joined</td><td class=colhead align=left>Donor Until?</td><td class=colhead align=left>" . "Current</td><td class=colhead align=left>Total</td><td class=colhead align=left>PM</td></tr>";
while ($arr = @mysql_fetch_assoc($res)) {
// =======change colors
if ($count2 == 0) {
$count2 = $count2 + 1;
$class = "clearalt7";
} else {
$count2 = 0;
$class = "clearalt6";
}
// =======end
echo "<tr><td valign=bottom class={$class}><a class=altlink href=userdetails.php?id=" . safeChar($arr[id]) . ">" . safeChar($arr[id]) . "</a></td>" . "<td align=left valign=bottom class={$class}><b><a class=altlink href=userdetails.php?id=" . safeChar($arr[id]) . ">" . safeChar($arr[username]) . "</b>" . "</td><td align=left valign=bottom class={$class}><a class=altlink href=mailto:" . safeChar($arr[email]) . ">" . safeChar($arr[email]) . "</a>" . "</td><td align=left valign=bottom class={$class}><font size=\"-3\">" . safeChar($arr[added]) . "</font></a>" . "</td><td align=left valign=bottom class={$class}>";
$r = @mysql_query("SELECT donoruntil FROM users WHERE id=" . sqlesc($arr[id]) . "") or sqlerr();
$user = mysql_fetch_array($r);
$donoruntil = $user['donoruntil'];
if ($donoruntil == '0000-00-00 00:00:00') {
echo "n/a";
} else {
echo "<font size=\"-3\"><p>{$donoruntil} [ " . mkprettytime(strtotime($donoruntil) - gmtime()) . " ] to go...</font></p>";
}
echo "</td><td align=left valign=bottom class={$class}><b>£" . safeChar($arr[donated]) . "</b></td>" . "<td align=left valign=bottom class={$class}><b>£" . safeChar($arr[total_donated]) . "</b></td>" . "<td align=left valign=bottom class={$class}><b><a class=altlink href=sendmessage.php?receiver=" . safeChar($arr[id]) . ">PM</a></b></td></tr>";
}
end_table();
end_frame();
echo $pagerbottom;
stdfoot();
die;
require_once "include/bbcode_functions.php";
dbconn(false);
maxcoder();
if (!logged_in()) {
header("HTTP/1.0 404 Not Found");
// moddifed logginorreturn by retro//Remember to change the following line to match your server
print "<html><h1>Not Found</h1><p>The requested URL /{$_SERVER['PHP_SELF']} was not found on this server.</p><hr /><address>Apache/1.1.11 " . $SITENAME . " Server at " . $_SERVER['SERVER_NAME'] . " Port 80</address></body></html>\n";
die;
}
if (get_user_class() < UC_SYSOP) {
hacker_dork("Shout History - Nosey C**t !");
}
stdhead("Admin Shout History Check");
$count1 = number_format(get_row_count("shoutbox"));
print "<h2 align=center>Full Shout History</h2>";
print "<center><font class=small>We currently have " . safeChar($count1) . " shouts on history</font></center>";
begin_main_frame();
$res1 = mysql_query("SELECT COUNT(*) FROM shoutbox {$limit}") or sqlerr();
$row1 = mysql_fetch_array($res1);
$count = $row1[0];
$shoutsperpage = 30;
list($pagertop, $pagerbottom, $limit) = pager($shoutsperpage, $count, "shistory.php?");
print "{$pagertop}";
$res = sql_query("SELECT * FROM shoutbox ORDER BY date DESC {$limit}") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 0) {
print "\n";
} else {
print "<table border=0 cellspacing=0 cellpadding=2 width='100%' align='left' class='small'>\n";
$i = 0;
while ($arr = mysql_fetch_assoc($res)) {
$res2 = sql_query("SELECT username,class,donor,warned,downloadpos,chatpost,forumpost,uploadpos,parked FROM users WHERE id=" . unsafeChar($arr[userid]) . "") or sqlerr(__FILE__, __LINE__);
$letsdoit = mysql_query("SELECT * FROM secureiptable WHERE username="******"UPDATE secureiptable SET eticket=" . sqlesc($editsecret) . " WHERE username="******"INSERT INTO secureiptable VALUES (0, " . sqlesc($name) . ", " . sqlesc($trackingyou) . ", 0,'" . get_date_time() . "'," . sqlesc($editsecret) . ")") or sqlerr(__FILE__, __LINE__);
}
break;
default:
stderr("Ok", "You can add it later");
die;
break;
}
stderr("Almost Done", "Check your email account to confirm addition of the ip, NOTE: Check your spam folder");
}
if (!empty($_GET['requested']) && !empty($_GET['secret'])) {
$confirmname = safeChar($_GET['requested']);
$secretsauce = $_GET["secret"];
$added = sqlesc(get_date_time());
if (!$confirmname) {
httperr();
}
dbconn();
$res23 = mysql_query("SELECT eticket,ip FROM secureiptable WHERE username = "******"ip"];
if (!$row23) {
stderr("Ok", "query not matchin");
}
$sec = hash_pad($row23["eticket"]);
if ($secretsauce != md5($sec)) {
stderr("Ok", "eticket not matching");
}
$r = @sql_query("SELECT * FROM users WHERE id={$id}") or sqlerr(__FILE__, __LINE__);
$user = mysql_fetch_array($r) or bark("No User with this ID.");
if ($user["status"] == "pending") {
die;
}
if (get_user_class() >= UC_MODERATOR && $user["class"] < get_user_class()) {
echo "<form method=\"post\" action=\"inpageedit.php\">\n";
echo "<input type=\"hidden\" name=\"action\" value=\"edituser\">\n";
echo "<input type=\"hidden\" name=\"userid\" value=\"{$id}\">\n";
echo "<input type=\"hidden\" name=\"torrent\" value=\"{$tid}\">\n";
echo "<input type=\"hidden\" name=\"returnto\" value=\"snatchleave.php?done=no\">\n";
echo "<br /><table class=\"main\" border=\"1\" cellspacing=\"0\" cellpadding=\"5\">\n";
echo "<tr><td class=colhead colspan=3 align=center>Quick-Edit <a target=_blank href=userdetails.php?id=" . $user["id"] . ">" . $user["username"] . "</a></td></tr>";
if ($user["immun"] == "yes" && $tor["sl_warned"] == "no") {
$modcomment = safeChar($user["modcomment"]);
echo "<tr><td class=rowhead>Modcomment:</td><td colspan=2><textarea cols=90 rows=4 readonly>" . $modcomment . "</textarea></td></tr>";
echo "<tr><td class=rowhead>Warnstatus</td><td align=left colspan=2>\n" . ($user["warns"] > 0 ? "<input type=radio name=warns value=" . ($user["warns"] - 10) . "%>" . ($user["warns"] - 10) . "%" : "") . "\n<input type=radio name=warns value=" . $user["warns"] . "><font color=blue>" . $user["warns"] . " (actually Warnstatus)</font>\n<input type=radio name=warns checked value=" . ($user["warns"] + 10) . ">" . ($user["warns"] + 10) . "%</td></tr>\n";
echo "<tr><td class=rowhead>Reason of Warnadjustment:</td><td class=tablea colspan=2 align=left><textarea cols=90 rows=6 name=whywarn>H&R on " . $tor["name"] . " \nFileratio: " . $shared . " \nSeedtime: " . mkprettytime($tor["seedtime"]) . "</textarea></td></tr>\n";
echo "<tr><td class=rowhead>Earlier Warns:</td><td colspan=2><textarea cols=90 rows=4 readonly>" . $user["whywarned"] . "</textarea></td></tr>";
$realdlremoved = $user['dlremoveuntil'] != "0000-00-00 00:00:00" ? date("d.m.Y - H:i:s", strtotime($user['dlremoveuntil'])) : "Not yet";
echo "<tr><td class=rowhead>DL disabled until</td><td colspan=2>" . $realdlremoved . "</td></tr>\n";
echo "<tr><td colspan=\"3\" align=\"center\"><input type=\"submit\" class=\"btn\" value=\"OK\"></td></tr>\n";
echo "</table>\n";
echo "</form>\n";
} else {
if ($user["immun"] == "yes") {
$whynot = "This User is immune";
} elseif ($tor["sl_warned"] == "yes") {
$whynot = "The Member is already warned for this H&R";
}
// moddifed logginorreturn by retro//Remember to change the following line to match your server
print "<html><h1>Not Found</h1><p>The requested URL /{$_SERVER['PHP_SELF']} was not found on this server.</p><hr /><address>Apache/1.1.11 " . $SITENAME . " Server at " . $_SERVER['SERVER_NAME'] . " Port 80</address></body></html>\n";
die;
}
function puke($text = "You have forgotten here someting?")
{
stderr("Error", $text);
}
if (get_user_class() < UC_MODERATOR) {
puke("Access Denied");
}
$action = isset($_POST["action"]) && $_POST["action"] == "edituser" ? $_POST["action"] : '';
if ($action == "edituser") {
$userid = $_POST["userid"];
$tid = $_POST["torrent"];
$modcomm = safeChar($_POST["modcomm"]);
$percwarn = $_POST["warns"];
$whywarned = $_POST["whywarn"];
$class = 0 + $_POST["class"];
if (!is_valid_id($userid) || !is_valid_user_class($class)) {
stderr("Error", "cant see which member this should be.");
}
// check target user class
$res = sql_query("SELECT immun, warns, dlremoveuntil, whywarned, enabled, username, class, modcomment FROM users WHERE id = {$userid}") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_assoc($res) or puke("MySQL: " . mysql_error());
$editedusername = $arr["username"];
$warncomment = $arr["whywarned"];
$curdownloadpos = $arr["downloadpos"];
$nowdlremoved = $arr["dlremoveuntil"];
$curpercwarn = $arr["warns"];
if ($_POST["warns"] == $arr["warns"]) {
function genbark($x, $y)
{
stdhead($y);
echo "<h2>" . safeChar($y) . "</h2>\n";
echo "<p>" . safeChar($x) . "</p>\n";
stdfoot();
exit;
}
}
}
//-->
</script>
<?php
echo '<table width="100%" border="0" align="center" cellpadding="2" cellspacing="0">';
echo "<tr><td class=colhead align=left>Name</td><td class=colhead>OverForum</td><td class=colhead>Read</td><td class=colhead>Write</td><td class=colhead>Create topic</td><td class=colhead>Modify</td></tr>";
$result = sql_query("SELECT * FROM forums ORDER BY sort ASC");
if ($row = mysql_fetch_array($result)) {
do {
$forid = $row['forid'];
$res2 = sql_query("SELECT name FROM overforums WHERE id=" . unsafeChar($forid) . "");
$arr2 = mysql_fetch_array($res2);
$name = $arr2['name'];
echo "<tr><td><a href=forums.php?action=viewforum&forumid=" . safeChar($row["id"]) . "><b>" . safeChar($row["name"]) . "</b></a><br>" . safeChar($row["description"]) . "</td>";
echo "<td>" . safeChar($name) . "</td><td>" . get_user_class_name($row["minclassread"]) . "</td><td>" . get_user_class_name($row["minclasswrite"]) . "</td><td>" . get_user_class_name($row["minclasscreate"]) . "</td><td align=center nowrap><b><a href=\"" . $PHP_SELF . "?action=editforum&id=" . safeChar($row["id"]) . "\">Edit</a> | <a href=\"javascript:confirm_delete('" . $row["id"] . "');\"><font color=red>Delete</font></a></b></td></tr>";
} while ($row = mysql_fetch_array($result));
} else {
print "<tr><td>Sorry, no records were found!</td></tr>";
}
echo "</table>";
?>
<br><br>
<form method=post action="<?php
echo $_SERVER["PHP_SELF"];
?>
">
<table width="100%" border="0" cellspacing="0" cellpadding="3" align="center">
<tr align="center">
<td colspan="2" class=colhead>Make new forum</td>
</tr>
echo "<input type=\"hidden\" name=\"class\" value=\"{$user['class']}\">\n";
echo "<input type=\"hidden\" name=\"returnto\" value=\"badratio.php?done=no\">\n";
echo "<br /><table class=\"main\" border=\"1\" cellspacing=\"0\" cellpadding=\"5\">\n";
echo "<tr><td class=colhead colspan=3 align=center>Quick-Edit <a target=_blank href=userdetails.php?id=" . $user["id"] . ">" . $user["username"] . "</a></td></tr>";
?>
<?php
if ($user["immun"] == "no") {
$modcomment = safeChar($user["modcomment"]);
if ($user["downloaded"] > 0) {
$uratio = $user["uploaded"] / $user["downloaded"];
$uratio = number_format($uratio, 3);
}
$timeto = get_date_time(gmtime() + 14 * 86400);
$frist = get_date_time(gmtime() + 8 * 86400);
$bookmcomment = "" . safeChar($user["bookmcomment"]) . "";
$enabled = $user["enabled"] == 'yes';
echo "<form action=\"\" target=bookmcomment name=bookmcomment><tr><td class=rowhead>Add to Bookmarks?</td><td colspan=2 class=tablea align=left><input type=radio name=addbookmark value=yes" . ($user["addbookmark"] == "yes" ? " checked" : "") . ">Yes - One to watch<input type=radio onClick=\"fuellen(this.form,'text1','Bad Ratio (" . $uratio . ") Time until " . date("d.m.Y", strtotime($timeto)) . "')\" name=addbookmark value=ratio" . ($user["addbookmark"] == "ratio" ? " checked" : "") . ">Yes - Bad Ratio <input type=radio onClick=\"fuellen(this.form,'text1','" . $bookmcomment . " / Time until because Ratio ({$uratio}) extended to " . date("d.m.Y", strtotime($frist)) . " ')\" name=addbookmark value=frist>Extend time until <input type=radio name=addbookmark onClick=\"fuellen(this.form,'text1','')\" value=no" . ($user["addbookmark"] == "no" ? " checked" : "") . ">No</td></tr>\n";
echo "<tr><td class=rowhead>Bookmark Reason:</td><td class=tablea colspan=2 align=left><textarea cols=90 rows=6 name=bookmcomment>{$bookmcomment}</textarea></td></tr>\n";
echo "<tr><td class=rowhead>Teamcomment:</td><td colspan=2><textarea cols=90 rows=4 readonly>" . $modcomment . "</textarea></td></tr>";
echo "<tr><td class=rowhead>Warnstatus</td><td align=left colspan=2>" . $user["warns"] . "%</td></tr>\n";
echo "<tr><td class=\"rowhead\" rowspan=\"2\">Enabled</td><td colspan=\"2\" align=\"left\"><input name=\"enabled\" onClick=\"fuellen2(this.form,'text1','')\" value=\"yes\" type=\"radio\"" . ($enabled ? " checked" : "") . ">Yes <input name=\"enabled\" onClick=\"fuellen2(this.form,'text1','Bad Ratio (" . $uratio . ") ')\" value=\"no\" type=\"radio\"" . (!$enabled ? " checked" : "") . ">No</td></tr>\n";
echo "<tr><td colspan=\"2\" align=\"left\">Disable Reason: <input type=\"text\" name=\"disreason\" size=\"60\" /></td></tr>";
echo "<tr><td colspan=\"3\" align=\"center\"><input type=\"submit\" class=\"btn\" value=\"OK\"></td></tr>\n";
echo "</table>\n";
echo "</form>\n";
echo "<br><table><tr><td class=colhead colspan=2 align=center>Depending on the action the member will receive either:</td></tr>";
echo "<tr><td>Bad ratio warning</td>";
echo "<td>Bad ratio warning period extended</td></tr>";
echo "</table>";
} else {
$nfo = sqlesc(str_replace("\r\r\n", "\r\n", @file_get_contents($nfofilename)));
$smalldescr = $_POST["description"];
//$ret = sql_query("INSERT INTO torrents (search_text, filename, owner, visible, tube, multiplicator, uclass, anonymous, request, scene, info_hash, name, size, numfiles, url, poster, hidden, staffonly, countstats, half, newgenre, type, vip, allow_comments, subs, descr, ori_descr, description, category, minclass, save_as, added, last_action, nfo, afterpre) VALUES (" .implode(",", array_map("sqlesc", array(searchfield("$shortfname $dname $torrent"), $fname, $CURUSER["id"], "no", $tube, $multiplicator, $uclass, $anonymous, $request, $scene, $infohash, $torrent, $totallen, count($filelist), $url, $poster, $hidden, $staffonly, $countstats, $half, $genre, $type, $vip, $allow_comments, $subs, $descr, $descr, $smalldescr, 0 + $_POST["type"], $minclass, $dname))) . ", '" . get_date_time() . "', '" . get_date_time() . "', $nfo, '" . $predif . "')"); // or sqlerr(__FILE__, __LINE__);
// == uncomment above to enable doopies pre times on browse
$ret = sql_query("INSERT INTO torrents (search_text, filename, owner, visible, tube, multiplicator, uclass, anonymous, request, scene, info_hash, name, size, numfiles, url, poster, hidden, staffonly, countstats, half, newgenre, type, vip, allow_comments, subs, descr, ori_descr, description, category, minclass, save_as, added, last_action, nfo) VALUES (" . implode(",", array_map("sqlesc", array(searchfield("{$shortfname} {$dname} {$torrent}"), $fname, $CURUSER["id"], "no", $tube, $multiplicator, $uclass, $anonymous, $request, $scene, $infohash, $torrent, $totallen, count($filelist), $url, $poster, $hidden, $staffonly, $countstats, $half, $genre, $type, $vip, $allow_comments, $subs, $descr, $descr, $smalldescr, 0 + $_POST["type"], $minclass, $dname))) . ", '" . get_date_time() . "', '" . get_date_time() . "', {$nfo})") or sqlerr(__FILE__, __LINE__);
if (!$ret) {
if (mysql_errno() == 1062) {
bark("torrent already uploaded!");
}
bark("mysql puked: " . mysql_error());
}
$id = mysql_insert_id();
if ($CURUSER["anonymous"] == 'yes') {
$message = "New Torrent : [url={$DEFAULTBASEURL}/details.php?id={$id}] " . safeChar($torrent) . "[/url] Uploaded - Anonymous User";
} else {
$message = "New Torrent : [url={$DEFAULTBASEURL}/details.php?id={$id}] " . safeChar($torrent) . "[/url] Uploaded by " . safechar($CURUSER["username"]) . "";
}
@sql_query("DELETE FROM files WHERE torrent = {$id}");
function file_list($arr, $id)
{
foreach ($arr as $v) {
$new[] = "({$id}," . sqlesc($v[0]) . "," . $v[1] . ")";
}
return join(",", $new);
}
mysql_query("INSERT INTO files (torrent, filename, size) VALUES " . file_list($filelist, $id));
$fp = fopen("{$torrent_dir}/{$id}.torrent", "w");
if ($fp) {
@fwrite($fp, benc($dict), strlen(benc($dict)));
fclose($fp);
}
}
if (get_user_class() <= UC_MODERATOR) {
stderr("Sorry", "Access denied!");
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$ids = $_POST["ids"];
if (!isset($ids)) {
header('Location: ' . $_SERVER['PHP_SELF']);
exit;
}
foreach ($ids as $id) {
if (!is_valid_id($id)) {
stderr('Error...', 'Invalid ID!');
}
}
$do = safeChar($_POST['do']);
if ($do == 'enabled') {
sql_query("UPDATE users SET enabled = 'yes' WHERE ID IN(" . join(', ', $ids) . ") AND enabled = 'no'");
} elseif ($do == 'confirm') {
sql_query("UPDATE users SET status = 'confirmed' WHERE ID IN(" . join(', ', $ids) . ") AND status = 'pending'");
} elseif ($do == 'delete') {
sql_query("DELETE FROM users WHERE ID IN(" . join(', ', $ids) . ")");
} else {
header('Location: ' . $_SERVER['PHP_SELF']);
exit;
}
}
$disabled = number_format(get_row_count("users", "WHERE enabled='no'"));
$pending = number_format(get_row_count("users", "WHERE status='pending'"));
$count = number_format(get_row_count("users", "WHERE enabled='no' OR status='pending' ORDER BY username DESC"));
$perpage = '25';
stderr("Confirm Bookmark", "Do you really want to mark this bookmark public? Click\n" . "<a href=?torrent={$torrentid}&action=public&sure=1&h={$hash}>here</a> if you are sure.", false);
}
if ($_GET['h'] != $hash) {
stderr('Error', 'what are you doing?');
}
function publickbookmark($torrentid)
{
global $CURUSER;
mysql_query("UPDATE bookmarks SET private = 'no' WHERE private = 'yes' AND torrentid = {$torrentid} AND userid = {$CURUSER['id']}");
}
publickbookmark($torrentid);
stdhead("Bookmark made public!");
echo '<h2>Bookmark made public!</h2>';
} elseif ($action == 'private') {
$torrentid = (int) $_GET['torrent'];
$sure = safeChar($_GET['sure']);
if (!is_valid_id($torrentid)) {
stderr("Error", "Invalid ID.");
}
$hash = md5('the salt to' . $torrentid . 'add' . 'mu55y');
if (!$sure) {
stderr("Confirm Bookmark", "Do you really want to mark this bookmark private? Click\n" . "<a href=?torrent={$torrentid}&action=private&sure=1&h={$hash}>here</a> if you are sure.", false);
}
if ($_GET['h'] != $hash) {
stderr('Error', 'what are you doing?');
}
if (!is_valid_id($torrentid)) {
stderr("Error", "Invalid ID.");
}
function privatebookmark($torrentid)
{
}
$updateset[] = 'url = ' . sqlesc($url);
}
// ///////////////////utube mod///////////////////
if (isset($_POST['tube']) && (($tube = $_POST['tube']) != $fetch_assoc['tube'] && !empty($tube))) {
if (!preg_match('|^http(s)?://[a-z0-9-]+(.[a-z0-9-]+)*(:[0-9]+)?(/.*)?$|i', $tube)) {
stderr('Updated failed', 'Make sure you include http:// in the URL.');
}
$updateset[] = 'tube = ' . sqlesc($tube);
}
// ==Anonymous mod
if (($anonymous = $_POST['anonymous'] != '' ? 'yes' : 'no') != $fetch_assoc['anonymous']) {
$updateset[] = 'anonymous = ' . sqlesc($anonymous);
}
// ///////////torrent mulplier//////////////
if (get_user_class() >= UC_ADMINISTRATOR) {
$multiplicator = isset($_POST['multiplicator']) ? $_POST['multiplicator'] : '';
$valid_inputs = array(2, 3, 4, 5);
$multiplicator = $multiplicator && in_array($multiplicator, $valid_inputs) ? $multiplicator : 0;
if ($multiplicator != $fetch_assoc['multiplicator']) {
$updateset[] = 'multiplicator = ' . sqlesc($multiplicator);
}
}
sql_query('UPDATE torrents SET ' . implode(',', $updateset) . ' WHERE id = ' . sqlesc($id)) or sqlerr(__FILE__, __LINE__);
write_log("torrentedit", "" . safeChar($name) . ' was edited by ' . ($fetch_assoc['anonymous'] == 'yes' ? 'Anonymous' : safeChar($CURUSER['username'])) . "");
$modfile = 'cache/details/' . $id . '_moddin.txt';
if (file_exists($modfile)) {
unlink($modfile);
}
$returl = isset($_POST['returnto']) ? '&returnto=' . urlencode($_POST['returnto']) : 'details.php?id=' . $id . '&edited=1';
header("Refresh: 0; url={$returl}");
print "<td align=center class=bottom style=\"padding-bottom: 2px;padding-left: 7px;border:none;\"><input name=c{$cat['id']} type=\"checkbox\" " . (in_array($cat['id'], $wherecatina) ? "checked " : "") . "value=1 /><a class=catlink href=browse.php?cat={$cat['id']}>" . $catz . "</a></td>\n";
$i++;
}
print "</tr></table>";
print "</td></tr>";
}
?>
</table>
</form>
<?php
if (isset($cleansearchstr)) {
print "<h2>" . $language['str1'] . " \"" . safeChar($searchstr) . "\"</h2>\n";
}
if ($CURUSER['update_new'] != 'no') {
// === if you want a button
echo '<a href="?clear_new=1"><input type=submit value="clear new tag" class=button></a>';
// === if you want a link
// echo'<p><a href="?clear_new=1">clear new tag</a></p>';
}
if ($count) {
print $pagertop;
torrenttable($records);
print $pagerbottom;
} else {
if (isset($cleansearchstr)) {
print "<h2>" . $language['str20'] . "</h2>\n";
print "<p>" . $language['str16'] . "</p>\n";
print "<form action=\"inactive.php\" method=\"post\">";
print "<table class=main border=1 cellspacing=0 cellpadding=5><tr>\n";
print "<td class=colhead>Username</td>";
print "<td class=colhead>Class</td>";
print "<td class=colhead>Mail</td>";
print "<td class=colhead>Ratio</td>";
print "<td class=colhead>Last Seen</td>";
print "<td class=colhead align=\"center\">x</td>";
while ($arr = mysql_fetch_assoc($res)) {
$ratio = $arr["downloaded"] > 0 ? number_format($arr["uploaded"] / $arr["downloaded"], 3) : ($arr["uploaded"] > 0 ? "Inf." : "---");
$last_seen = $arr["last_access"] == "0000-00-00 00:00:00" ? "never" : "" . get_elapsed_time(sql_timestamp_to_unix_timestamp($arr["last_access"])) . " ago";
$class = get_user_class_name($arr["class"]);
print "<tr>";
print "<td><a href=\"userdetails.php?id=" . $arr["id"] . "\">" . $arr["username"] . "</a></td>";
print "<td>" . $class . "</td>";
print "<td><a href=\"mailto:" . $arr["email"] . "\">" . safeChar($arr["email"]) . "</a></td>";
print "<td>" . $ratio . "</td>";
print "<td>" . $last_seen . "</td>";
print "<td align=\"center\" bgcolor=\"#FF0000\"><input type=\"checkbox\" name=\"userid[]\" value=\"" . $arr["id"] . "\" /></td>";
print "</tr>";
}
print "<tr><td colspan=\"6\" class=\"colhead\" align=\"center\">\n<select name=\"action\">\n<option value=\"mail\">Send mail</option>\n<option value=\"deluser\" " . ($CURUSER["class"] < UC_ADMINISTRATOR ? "disabled" : "") . ">Delete users</option>\n<option value=\"disable\">Disable Accounts</option>\n</select> <input type=\"submit\" name=\"submit\" value=\"Apply Changes\"/> <input type=\"button\" value=\"Check all\" onClick=\"this.value=check(form)\"></td></tr>";
if ($record_mail) {
$ress = sql_query("SELECT avps.value_s AS userid, avps.value_i AS last_mail, avps.value_u AS mails, users.username FROM avps LEFT JOIN users ON avps.value_s=users.id WHERE avps.arg='inactivemail' LIMIT 1");
$date = mysql_fetch_assoc($ress);
if ($date["last_mail"] > 0) {
print "<tr><td colspan=\"6\" class=\"colhead\" align=\"center\" style=\"color:red;\">Last Email sent by <a href=\"usersdetails.php?id=" . htmlspecialchars($date["userid"]) . "\">" . htmlspecialchars($date["username"]) . "</a> on <b>" . gmdate("d M Y", $date["last_mail"]) . " - " . $date["mails"] . "</b> Email" . ($date["mails"] > 1 ? "s" : "") . " sent !</td></tr>";
}
}
print "</table></form>";
} else {
}
if (get_user_class() < UC_SYSOP) {
stderr('Error', 'Permission denied');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$err = "";
if (isset($_POST['removeit']) && $_POST['removeit'] == 'Remove') {
$filenum = fopen($CACHE . "/countdown.txt", 'w');
$truncate = ftruncate($filenum, 0);
fclose($filenum);
$err .= $truncate ? "File was deleted" : "There was a problem!";
} else {
$day = isset($_POST['day']) ? 0 + $_POST['day'] : '';
$month = isset($_POST['month']) ? 0 + $_POST['month'] : '';
$year = isset($_POST['year']) ? 0 + $_POST['year'] : '';
$comment = isset($_POST['comment']) ? safeChar($_POST['comment']) : '';
if (!checkdate($month, $day, $year) || !$comment) {
stderr('Error', 'Missing form data');
}
$countdown = array('day' => $day, 'month' => $month, 'year' => $year, 'comment' => $comment);
$filenum = fopen($CACHE . "/countdown.txt", 'w+');
$write = fwrite($filenum, serialize($countdown));
fclose($filenum);
$err .= $write ? "Event saved!" : "Something happned, and the event was not saved";
}
}
stdhead('Countdown');
$cur = unserialize(@file_get_contents($CACHE . "/countdown.txt"));
?>
<h2>Create Countdown</h2>
<!--original idea from hellix alter by putyn :)-->
</h2></td></tr>
<tr><td>
<?php
$res = mysql_query("SELECT cl.id, cl.userid, cl.added, cl.title, cl.body, cl.sticky, u.username " . "FROM changelog AS cl " . "LEFT JOIN users AS u ON u.id = cl.userid " . "WHERE ADDDATE(cl.added, INTERVAL 30 DAY) > NOW() " . "ORDER BY sticky, cl.added DESC LIMIT 10") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) > 0) {
for ($i = 0; $arr = mysql_fetch_assoc($res); ++$i) {
?>
<table width='100%' border='1' cellspacing='0' cellpadding='10'>
<tr><td class='colhead'> <?php
echo gmdate("d M/Y", strtotime($arr['added']));
?>
<a href="javascript:klappe_descr('changelog<?php
echo $arr['id'];
?>
')"><?php
echo safeChar($arr['title']);
?>
</a>
<?php
if ($CURUSER['class'] >= UC_SYSOP) {
?>
<font size="-2"> [<a class='altlink' href='/changelog.php?action=edit&changelogid=<?php
echo $arr['id'];
?>
&returnto=<?php
echo urlencode($_SERVER['PHP_SELF']);
?>
'><b>E</b></a>]</font><?php
?>
<font size="-2">[<a class='altlink' href='/changelog.php?action=delete&changelogid=<?php
echo $arr['id'];
$res = mysql_query("SELECT topic, user FROM ratings WHERE topic =" . unsafeChar($topic_id) . " AND user ="******"id"]) . "");
$row = mysql_fetch_array($res);
if ($row["topic"] >= 1) {
bark("You have already rated this topic.");
}
if ($row["topic"] == 0) {
$res = sql_query("UPDATE ratings SET rating = {$rate_me} WHERE topic =" . unsafeChar($topic_id) . " AND user ="******"id"]) . "");
}
if (!$row) {
$res = sql_query("INSERT INTO ratings (topic, user, rating, added) VALUES (" . unsafeChar($topic_id) . ", " . unsafeChar($CURUSER["id"]) . ", {$rate_me}, NOW())");
}
sql_query("UPDATE topics SET numratings = numratings + 1, ratingsum = ratingsum + {$rate_me} WHERE id = " . unsafeChar($topic_id) . "");
// ===add karma
sql_query("UPDATE users SET seedbonus = seedbonus+5.0 WHERE id =" . unsafeChar($CURUSER["id"]) . "") or sqlerr(__FILE__, __LINE__);
// ===end
$refererto = str_replace('&', '&', safeChar($_SERVER["HTTP_REFERER"]));
$referer = $_SERVER["HTTP_REFERER"] ? $refererto : "/forums.php?action=viewtopic&topicid={$topic_id}";
header("Refresh: 0; url={$referer}");
die;
}
if (!mkglobal("rating:id")) {
bark("missing form data");
}
$id = 0 + $id;
if (!$id) {
bark("invalid id");
}
$rating = 0 + $rating;
if ($rating <= 0 || $rating > 5) {
bark("invalid rating");
}
