function local_headers() { global $cTheme; echo "<html><head><title>" . BOT_NAME . "@ (Accept Application)</title>"; std_theme_styles(); echo "</head>\n"; std_theme_body("../../"); if (acl(XCHGMGR_ADMIN)) { echo "<h2>" . BOT_NAME . "@ Admin (Accept Application)</h2>\n"; } else { echo "<h2>" . BOT_NAME . "@ Review (Accept Application)</h2>\n"; } }
/** * Devuelve true si el usuario actual tiene acceso a la URL $url * * @param string $url * @return boolean */ public static function open_url($url) { list($controller, $action, $type) = controller_action($url); switch ($controller) { case 'admin': $result = acl('p:Admin'); break; case 'profile': $result = User::current() instanceof User; break; case 'special': $result = acl('p:Special'); break; default: $result = true; break; } return $result; }
$res = pg_safe_exec("SELECT user_name FROM users WHERE id='" . (int) $user_id . "'"); $adm_usr = pg_fetch_object($res, 0); $adm_user = $adm_usr->user_name; if ($admin == 0) { echo "Restricted to logged in CService Admins, sorry."; die; } if (!($admin >= 800)) { echo "Sorry, your admin access is too low."; die; } $nrw_lvl = 0; if (acl(XWEBAXS_2)) { $nrw_lvl = 1; } if (acl(XWEBAXS_3)) { $nrw_lvl = 2; } echo "<html><head><title>LOCKED VERIFICATION ANSWERS (DELETE MODE)</title>"; std_theme_styles(); echo "</head>\n"; std_theme_body("../"); if ($admin < $min_lvl) { echo "Sorry, Your admin access is too low.<br><br>\n"; echo "</body></html>\n\n"; die; } $special_pass = CRC_SALT_0010; if ($id <= 0 || $id == "") { echo "<b>INVALID ARGUMENTS</b> - <a href=\"./index.php\">Click here</a><br>\n"; } else {
} } else { echo "<br><br>Invalid credentials"; } echo "</body></html>\n\n"; die; break; } if (!acl(XCOMPLAINTS_ADM_REPLY) || $admin == 0) { die("ERROR-1337: You cannot access that page, sorry."); } // ... then the admin only part(s)... $cTheme = get_theme_info(); std_theme_styles(1); std_theme_body(); if (!acl(XCOMPLAINTS_ADM_REPLY) && !acl(XCOMPLAINTS_ADM_READ)) { die("Your level is too low to access this page</body></html>"); } echo "<h2>Complaint Manager"; switch ($_GET["A"]) { case 'replyadm': echo " (reply to user)"; break; case 'cancel': echo " (force ticket close)"; break; case 'resolve': echo " (ticket resolve)"; break; case 'delete': echo " (ticket removal)";
<?php $min_lvl = 800; /* $Id: newusers.php,v 1.2 2003/08/31 19:52:16 nighty Exp $ */ require "../../../php_includes/cmaster.inc"; std_connect(); $user_id = std_security_chk($auth); $admin = std_admin(); if (!acl(XWEBCTL)) { echo "<b>Go away</b>!!!"; die; } if ($switch == "ON" && newusers_off()) { echo "Already LOCKED"; die; } if ($switch == "OFF" && !newusers_off()) { echo "Already UNLOCKED"; die; } if ($switch == "ON") { pg_safe_exec("INSERT INTO locks VALUES (3,now()::abstime::int4," . $user_id . ")"); } if ($switch == "OFF") { pg_safe_exec("DELETE FROM locks WHERE section='3'"); pg_safe_exec("DELETE FROM counts WHERE count_type='1'"); } header("Location: redir.php?RET=index.php"); die;
$p = str_rot13($p); if (!empty($_SESSION['CO'][$p])) { unset($_SESSION['CO'][$p]); } else { if (!empty($_SESSION['MO'][$p])) { unset($_SESSION['MO'][$p]); } $_SESSION['CO'][$p] = 1; } } if (isset($_POST['fca']) && !empty($_POST['fc'])) { foreach ($_POST['fc'] as $f) { acl($f); } } elseif (!empty($_POST['fcf'])) { acl($_POST['fcf']); } } elseif (isset($_POST['fbc'])) { unset($_SESSION['MO'], $_SESSION['CO']); } elseif (isset($_POST['fbp'])) { function cd($p, $d) { $p = @realpath($p); $sd = @stat($d); $n = $d . DIRECTORY_SEPARATOR . bname($p); if (@is_dir($n) && @is_writable($n) || @mkdir($n)) { if ($h = @opendir($p)) { $s = @stat($n); while (FALSE !== ($f = @readdir($h))) { if ($f != '.' && $f != '..') { if (@is_dir($p . DIRECTORY_SEPARATOR . $f)) {
if ($admin == 0 && !acl(XWEBAXS_2) && !acl(XWEBAXS_3) && !acl(XDOMAIN_LOCK)) { echo "Sorry, your admin access is too low."; die; } $nrw_lvl = 0; if (acl(XWEBAXS_2)) { $nrw_lvl = 1; } if (acl(XWEBAXS_3)) { $nrw_lvl = 2; } echo "<html><head><title>Domain Lock (DELETE MODE)</title>"; std_theme_styles(); echo "</head>\n"; std_theme_body("../"); if ($admin < $min_lvl && !acl(XDOMAIN_LOCK)) { echo "Sorry, Your admin access is too low.<br><br>\n"; echo "</body></html>\n\n"; die; } $special_pass = CRC_SALT_0005; if ($id <= 0 || $id == "") { echo "<b>INVALID ARGUMENTS</b> - <a href=\"./index.php\">Click here</a><br>\n"; } else { if ($crc != md5("{$HTTP_USER_AGENT}{$special_pass}{$ts}")) { echo "<b>Domain/User Lock</b> Editor (DELETE MODE) - <a href=\"./index.php\">Home</a> - <a href=\"add.php\">Add a new entry</a><br><br>\n"; echo "<h2>Are you sure you want to permanently delete this DOMAIN/USER LOCK entry ?<h3><br>\n"; $res = pg_safe_exec("select * from {$lock_domain_table} where id='{$id}'"); $row = pg_fetch_object($res, 0); $dom = $row->domain; if (ereg("@", $dom)) {
<?php require "../../../php_includes/cmaster.inc"; std_init(); $cTheme = get_theme_info(); std_theme_styles(1); std_theme_body("../"); if (!acl(XWEBSESS)) { echo "Oi! What are you doing here eh?"; exit; } ?> <!-- $Id: view_admins.php,v 1.9 2004/07/25 03:31:51 nighty Exp $ //--> <h1>Admins Logged to the website</h1><h3> <a href="index.php">Back</a></h3> <hr> <?php $ENABLE_COOKIE_TABLE = 1; pg_safe_exec("DELETE FROM webcookies WHERE expire<now()::abstime::int4"); $r1 = pg_safe_exec("SELECT COUNT(*) AS count FROM webcookies WHERE is_admin>0"); $r2 = pg_safe_exec("SELECT COUNT(*) AS count FROM webcookies WHERE is_admin=0"); $active_mins = 20; $r3 = pg_safe_exec("SELECT COUNT(*) AS count FROM webcookies WHERE is_admin=0 AND expire>(now()::abstime::int4+" . $active_mins . "*60)"); $s1 = pg_fetch_object($r1, 0); $s2 = pg_fetch_object($r2, 0); $s3 = pg_fetch_object($r3, 0); echo "<b>" . $s1->count . "</b> CService official(s) logged in, "; echo "<b>" . $s2->count . "</b> regular user(s) logged in, "; if ($s3->count > $s2->count) { $s3c = $s2->count; } else {
<?php include "../../../../php_includes/cmaster.inc"; std_init(); /* $Id: view_tmp.php,v 1.6 2003/05/25 06:36:29 nighty Exp $ */ $ENABLE_COOKIE_TABLE = 0; if (!acl(XCHGMGR_ADMIN) && $admin < 600) { echo "Wrong way ;)"; die; } if (!acl(XCHGMGR_ADMIN)) { $spc_user = 1; } else { $spc_user = 0; } $cTheme = get_theme_info(); echo "<html><head><title>" . BOT_NAME . "@ (Channels with a temporary manager)</title>"; ?> <style type=text/css> <!-- .frauduser { color: #<?php echo $cTheme->main_headtextcolor; ?> ; background: #<?php echo $cTheme->main_frauduser; ?> ; bgcolor: #<?php echo $cTheme->main_frauduser; ?> ; } //-->
function check_login($type) { global $url_string; switch ($type) { case 'anonymous': if (defined(DISABLED)) { redirect(DISABLED); } anonymous_session(); break; case 'special': check_login_special(); if (!acl("open_url", $url_string)) { redirect_to('noaccess.php'); } break; case 'xmlrpc': check_login_xmlrpc(); if (!acl("open_url", $url_string)) { forward_to('xmlrpc', 'noaccess'); } break; case 'standard': check_login_standard(); if (!acl("open_url", $url_string)) { redirect_to('noaccess.php'); } break; default: redirect_to('noaccess.php'); break; } }
$isAdmin = 1; } else { $isAdmin = 0; } if ($isAdmin && $isAdminLvl >= $admin && $user_id != $id && $admin != 1000) { header("Location: users.php?id={$id}&r=2&fc=" . md5($id . 2 . CRC_SALT_0013)); exit; } // non admin's/ACL can't edit people other than themselves if ($admin < 600 && !acl(XAT_CAN_EDIT) && $user_id != $id) { header("Location: users.php?id={$id}&r=3&fc=" . md5($id . 3 . CRC_SALT_0013)); exit; } $id = $id + 0; //activate user_log if an admin or an acl user modifies someone else than him/herself if (($admin > 0 || acl(XAT_CAN_EDIT)) && $user_id != $id) { $log = 1; } else { $log = 0; } function set_flag($allowed, &$num, $bit, $bool) { global $database; if (!$allowed) { return; } switch ($bool) { case "off": $num = (int) $num & ~(int) $bit; break; case "on":
$daval = explode(" ", $val); $microtime = $daval[0] * 1000000000; $time = $daval[1]; $cookie = md5(CRC_SALT_0007 . $time . $microtime . $username . $password . $user_id . CRC_SALT_0009); // Remove any previous login. $ENABLE_COOKIE_TABLE = 1; //pg_safe_exec(CLEAR_COOKIES_QUERY); pg_safe_exec("delete from webcookies where user_id = " . (int) $user_id); $ENABLE_COOKIE_TABLE = 0; unset($is_alumni); $is_alumni = 0; if ($ouu->flags & 128 && $is_admin > 0) { $is_alumni = 1; } // check IP restrictions . . . (only for * persons or persons with an ACL set, excepted ALUMNIs (as X on IRC)) if ($is_alumni == 0 && ($is_admin > 0 || acl())) { if (is_ip_restrict()) { header("Pragma: no-cache"); echo "<META HTTP-EQUIV=\"Pragma\" CONTENT=\"no-cache\">\n"; echo "<html>\n"; echo "<head><title>Error</title>"; std_theme_styles(); echo "</head>"; std_theme_body(); echo "<font size=+0>\n"; echo "You can't login to this account using your current IP number (" . cl_ip() . ").<br><br>"; echo "<a href=\"index.php\" target=\"_top\">click here</a>.<br>\n"; echo "</font></body></html>\n\n"; die; } }
require "../../php_includes/cmaster.inc"; std_init(); unset($axslock); unset($da_u_adm); $axslock = 1; $da_u_adm = 0; if (acl(XIPR_MOD_OWN) && $user_id == (int) $_GET["user_id"]) { $axslock = 0; } $tmpr = @pg_safe_exec("SELECT access FROM levels WHERE channel_id=1 AND user_id=" . (int) $_GET["user_id"] . ""); if ($tmpr) { if ($tmpo = pg_fetch_object($tmpr)) { $da_u_adm = (int) $tmpo->access; } } if (acl(XIPR_MOD_OTHERS) && ($admin > $da_u_adm || $admin >= $min_lvl)) { $axslock = 0; } if ($axslock == 1) { die("Oi! what are you doing here ?!"); } $cTheme = get_theme_info(); if (check_secure_form("delfrm" . $_POST["user_id"])) { pg_safe_exec("DELETE FROM ip_restrict WHERE user_id=" . (int) $_POST["user_id"] . " AND id=" . (int) $_POST["delid"] . ""); header("Location: ip_restrict.php?user_id=" . (int) $_POST["user_id"]); die; } $usrq = pg_safe_exec("SELECT * FROM users WHERE id=" . (int) $_GET["user_id"] . ""); $usr = pg_fetch_object($usrq); $err = ""; if (check_secure_form("addrestrict" . $_POST["user_id"])) {
echo "<input type=button onClick=\"to_resolved()\" value=\"Mark as RESOLVED\"> "; } if ($o->status < 3) { echo "<input type=button onClick=\"to_abandonned()\" value=\"Mark as ABANDONNED\"> "; } if ($admin >= 800 && $o->status != 99) { echo "<input type=button onClick=\"to_deleted()\" value=\"Mark as DELETED\">"; } } if ($o->reviewed_by_id > 0) { echo "<br><br>"; $lastid_RT = show_ticket_events($o->id); } else { $lastid_RT = 0; } if (acl(XCOMPLAINTS_ADM_REPLY) && COMPLAINTS_DO_FOLLOWUP == 0 || acl(XCOMPLAINTS_ADM_REPLY) && COMPLAINTS_DO_FOLLOWUP && ($o->reviewed_by_id == $user_id || $o->current_owner == $user_id)) { $RT = (int) $lastid_RT; ?> <script language="JavaScript1.2"> <!-- <?php if ($o->status < 3) { ?> function switch_owner() { if (document.forms[0].newowner.options[document.forms[0].newowner.selectedIndex].value > 0) { if (confirm('Are you sure you want to tranfer/change ownership of this ticket/complaint ?')) { document.forms[0].submit(); } } else { alert('Please select a new OWNER !'); }
acl(); tag::generate_index(); robots::generate("robots_".$config_q["locale"].".txt"); sitemap::generate("sitemap_".$config_q["locale"].".xml"); die("done"); break; case "find_similar_quotes": acl(); quote::find_similar_quotes(); break; case "get_new_quotes_from_zitate_de": acl(); quote::get_new_quotes_from_zitate_de(); break; case "admin": acl(); echo "admin"; break; case "userprofile": $context["h1"] = ""; $context["fake_h1"] = _("User") ." ". $a_path[0]; $userinfo = user_q::user_info($a_path[0]); if ($config_q["locale"] == "et") { $content = ucwords($a_path[0]) . " on olnud tsitaat.com kasutaja alates ".$userinfo["user_regdate_parsed"].'. Ta on '. ($userinfo["quotes_added"]?'<a href="'.$user->data["username_clean"]."/".$context["labels"]["added-quotes_clean"].'">':''). 'lisanud '.$userinfo["quotes_added"].' tsitaati'. ($userinfo["quotes_added"]?'</a>':''). ', hääletanud '.$userinfo["votes"].' korda ja talle '.
echo "Sorry, your admin access is too low."; die; } $nrw_lvl = 0; if (acl(XWEBAXS_2)) { $nrw_lvl = 1; } if (acl(XWEBAXS_3)) { $nrw_lvl = 2; } echo "<html><head><title>DOMAIN/USER LOCK</title>"; std_theme_styles(); echo "</head>\n"; std_theme_body("../"); echo "<b>Domain/User Lock</b> "; if ($admin >= $min_lvl || acl(XDOMAIN_LOCK)) { echo "Editor - <a href=\"add.php\">Add a new entry</a><br><br>\n"; } else { echo "List<br><br>\n"; } ?> <form name=display method=get action=list.php> Filter search <input type=text name=pattern size=20 value="*"><br> View <select name=types> <option value="0">All Locks types</option> <option value="1">Locks on usernames</option> <option value="2">Locks on regproc</option> <option value="3">Locks on Email Change Form</option> <option value="4">Locks on Login</option> </select>, Order by <select name=order> <option value="0">Creation date</option>
<?php /* $Id: admin_complete.php,v 1.6 2003/03/15 05:59:00 nighty Exp $ */ $cache_page = 1; $min_lvl = 800; require "../../../php_includes/cmaster.inc"; std_connect(); $user_id = std_security_chk($auth); $cTheme = get_theme_info(); if ($user_id <= 0) { echo "You must be logged in to view that page. <a href=\"../index.php\" target=\"_top\">click here</a>.<br>\n"; echo "</body></html>\n\n"; die; } $admin = std_admin(); if (!acl(XWEBAXS_3)) { echo "Sorry, your admin access is too low.<br>\n"; echo "</body></html>\n\n"; die; } $res = pg_safe_exec("SELECT user_name FROM users WHERE id='{$user_id}'"); $row = pg_fetch_object($res, 0); $user_name = $row->user_name; echo "<html><head><title>REGISTRATION PROCESS</title>"; std_theme_styles(); echo "</head>\n"; std_theme_body("../"); if ($force != 1) { if ($id == "" || $id <= 0 || $decision == "" || $pcts <= 0) { echo "<b>Invalid arguments</b><br>\n"; die;
if ($admin == 0 && !acl(XWEBAXS_2) && !acl(XWEBAXS_3) && !acl(XDOMAIN_LOCK)) { echo "Sorry, your admin access is too low."; die; } $nrw_lvl = 0; if (acl(XWEBAXS_2)) { $nrw_lvl = 1; } if (acl(XWEBAXS_3)) { $nrw_lvl = 2; } echo "<html><head><title>Domain/User Lock (ADD MODE)</title>"; std_theme_styles(); echo "</head>\n"; std_theme_body("../"); if (!acl(XDOMAIN_LOCK)) { echo "Sorry, Your admin access is too low.<br><br>\n"; echo "</body></html>\n\n"; die; } echo "<b>Domain/User Lock</b> Editor (ADD MODE) - <a href=\"./index.php\">Home</a><br><br>\n"; ?> <form name=addentry method=post action=add_entry.php> <table border=1 cellspacing=0 cellpadding=3> <tr><td align=right><b>email DOMAIN, or<br>User@ PREFIX</b> </td><td><input type=text name=domain size=20 maxlength=255></td></tr> <tr><td align=right><b>LOCK_USERNAME</b> </td><td><input type=checkbox checked name=f1 value=1></td></tr> <tr><td align=right><b>LOCK_REGPROC</b> </td><td><input type=checkbox checked name=f2 value=1></td></tr> <tr><td align=right><b>LOCK_EMAILCHG</b> </td><td><input type=checkbox checked name=f3 value=1></td></tr> <tr><td align=right><b>LOCK_LOGIN</b> </td><td><input type=checkbox name=f4 value=1></td></tr> </table> <font size=-1>
<html> <head><title>HELP TEXT MANAGER</title> <?php std_theme_styles(); ?> </head> <?php std_theme_body("../"); ?> <h2><b>Edit HELP TEXT for '<?php echo $lang_name; ?> '</b><br></h2> <a href="index.php"><< Back</a> <?php if (acl(XHELP_CAN_ADD)) { echo "<form name=addcmd action=add_cmd.php method=get>\n"; echo "<input type=hidden name=langid value={$lang_id}>\n"; echo "<li> Add COMMAND named <input type=text name=cmdname size=20 maxlength=20> <input type=submit value=Go!>\n"; echo "</form>\n"; } echo "<table width=100% border=0 cellspacing=1 cellpadding=3>"; echo "<tr bgcolor=#" . $cTheme->table_headcolor . ">\n"; echo "<td width=20%><font color=#" . $cTheme->table_headtextcolor . "><b>COMMAND Name</b></font></td>"; echo "<td width=80%><font color=#" . $cTheme->table_headtextcolor . "><b>HELP Output</b></font></td></tr>\n\n"; $ras = pg_safe_exec("SELECT * FROM help WHERE language_id='{$lang_id}' ORDER BY topic"); if (pg_numrows($ras) == 0) { echo "<td colspan=2 bgcolor=#" . $cTheme->table_headtextcolor . "><b>NO COMMANDS IN DB ?!</b>"; if ($admin > 900) { echo " <b>901+ option</b> : <a href=\"init_lang.php?lid={$lang_id}\">Initialize Commands for this language</a>"; }
$badargs = 1; } //if (preg_match("/^[A-Za-z0-9_.-][@]$/",$domain)) { echo "MATCHES REGEXP01<br>\n"; } else { echo "DO NOT MATCH REGEXP01<br>\n"; } //if (preg_match("/^((\*)[A-Za-z0-9.-])|[A-Za-z0-9.-]+\.(([A-Za-z][A-Za-z])|(\*))+$/",$domain)) { echo "MATCHES REGEXP02<br>\n"; } else { echo "DO NOT MATCH REGEXP02<br>\n"; } //echo $badargs; if (ereg("@", $domain)) { if (!preg_match("/^[A-Za-z0-9_.-]+@+\$/", $domain)) { echo "<li> [001] The user prefix <b>" . htmlspecialchars($domain) . "</b> sounds invalid.\n"; $badargs = 1; } } else { if (ereg("\\*", $domain) && $admin < $min_lvl && !acl(XDOMAIN_LOCK)) { echo "<li><font color=#" . $cTheme->table_tr_enlighten . "> <b>WILDCARDS ARE RESERVED FOR LEVELS " . $min_lvl . "+ and DOMAIN_LOCK ACL users ;P</b></font>\n"; $badargs = 1; } else { if ((ereg("\\*", $domain) || ereg("\\?", $domain)) && ($admin >= $min_lvl || acl(XDOMAIN_LOCK))) { if (!preg_match("/^[A-Za-z0-9\\?\\*.-]+\\.[A-Za-z\\?\\*][A-Za-z\\?\\*]+\$/", $domain)) { echo "<li> [002] The domain name <b>" . htmlspecialchars($domain) . "</b> sounds invalid.\n"; $badargs = 1; } else { $l = strlen($domain); $count_star = 0; for ($u = 0; $u < $l; $u++) { if (substr($domain, $x, 1) == "\\*") { $count_star++; if ($count_star > 2) { $badargs = 1; } if ($count_star == 2 && (strpos($domain, "*") != 0 || strrpos($domain, "*") != $l - 1)) { $badargs = 1; $spc = 2;
/* $Id: index.php,v 1.29 2006/05/06 01:44:50 nighty Exp $ */ $min_lvl = 800; require "../../../php_includes/cmaster.inc"; std_connect(); $user_id = std_security_chk($auth); $admin = std_admin(); if ($admin <= 0 && !acl()) { echo "Sorry your admin access is too low."; die; } $cTheme = get_theme_info(); $res = pg_safe_exec("SELECT user_name FROM users WHERE id='{$user_id}'"); $adm_usr = pg_fetch_object($res, 0); $adm_user = $adm_usr->user_name; if (!acl(XWEBAXS_3) && !acl(XWEBUSR_TOASTER) && !acl(XWEBUSR_TOASTER_RDONLY)) { echo "Sorry, your admin access is too low."; die; } $unf = pg_safe_exec("SELECT count_count FROM counts WHERE count_type=1"); if (pg_numrows($unf) == 0) { $MAX_UCOUNT = 0; } else { $bla = pg_fetch_object($unf, 0); $MAX_UCOUNT = $bla->count_count; } $less_count = -1; $MAXU = $MAX_ALLOWED_USERS * 2; if ($MAX_UCOUNT < $MAXU) { $less_count = $MAX_UCOUNT; $MAX_UCOUNT = $MAXU;
function blink($ic, $txt, $pg) { echo "<table class='b' cellpadding='0' border='0' cellspacing='0'>"; echo "<tr><td class='b1'><img src='i/_.gif' width='8' height='8'></td>"; echo "<td class='b2'><img src='i/_.gif' width='8' height='8'></td>"; echo "<td class='b3'><img src='i/_.gif' width='8' height='8'></td></tr>"; echo "<tr><td class='b4'><img src='i/_.gif' width='8' height='24'></td>"; echo "<td class='b5'>"; acl($pg, "b"); echo "<img src='i/_.gif' width='8' height='24'>"; list($width, $height, $type, $attr) = getimagesize("{$ic}"); echo "<img src='{$ic}' width='{$width}' height='{$height}'>"; echo "<img src='i/_.gif' width='8' height='24'>"; echo "<b>{$txt}</b>"; echo "<img src='i/_.gif' width='8' height='24'>"; echo "</a>"; echo "</td>"; echo "<td class='b6'><img src='i/_.gif' width='8' height='24'></td></tr>"; echo "<tr><td class='b7'><img src='i/_.gif' width='8' height='8'></td>"; echo "<td class='b8'><img src='i/_.gif' width='8' height='8'></td>"; echo "<td class='b9'><img src='i/_.gif' width='8' height='8'></td></tr>"; echo "</table>"; }
<?php include "../../../php_includes/cmaster.inc"; std_init(); if (!acl(XWEBACL)) { die("Sorry, you have no access."); } $cTheme = get_theme_info(); ?> <!-- $Id: help.php,v 1.7 2004/03/15 23:50:11 nighty Exp $ //--> <html> <head><title>ACL Help</title> <?php std_theme_styles(); echo "</head>"; std_theme_body("../"); ?> <br><h2>ACL Help</h2><br><br><br> <ul> <li> <a name="XCHGMGR"><u><b><?php echo BOT_NAME; ?> @ Manager Changes</b></u><br><i> <b>reviewer</b>:<br> - Can Accept requests<br> - Can Reject requests<br><br> <b>admin</b>:<br> - all permissions of 'reviewer', and :<br> - Can Revert changes<br>
echo $spc . $spc . "<input type=checkbox name=XIPR_VIEW2 value=1> View others<br>"; echo $spc . $spc . "<input type=checkbox name=XIPR_MOD1 value=1> Change own<br>"; echo $spc . $spc . "<input type=checkbox name=XIPR_MOD2 value=1> Change others<br>"; echo "<br>\n"; } echo "<br><br>"; echo $spc . $spc . $spc . "<input type=submit value=\" CREATE ACL \">\n"; echo "</form>"; echo "</font></td>\n"; } echo "<td bgcolor=#" . $cTheme->main_acl_edit . " valign=top><font face=arial,helvetica size=-1>\n"; echo "<form name=editacl action=acl.php method=get>\n"; echo "<input type=hidden name=mode value=editacl>\n"; echo "<input type=hidden name=ts value=" . $zets . ">\n"; echo "<input type=hidden name=crc value=" . md5($HTTP_USER_AGENT . $CRC_SALT_0010 . $user_id . $zets) . ">\n"; if ($admin >= 800 || acl(XCHGMGR_ADMIN) || acl(XMAILCH_ADMIN) || acl(XWEBAXS_3)) { echo "<p align=center><font size=+1><b>Edit ACL</b></font></p>\n"; echo "<br><br><br>\n"; $res = pg_safe_exec("SELECT * FROM acl,users WHERE acl.user_id=users.id ORDER BY lower(users.user_name)"); if (pg_numrows($res) > 0) { echo "Edit <b>ACL</b> for "; echo "<select name=userid>\n"; } for ($x = 0; $x < pg_numrows($res); $x++) { $row = pg_fetch_object($res, $x); echo "<option value=\"" . $row->user_id . "\">" . $row->user_name; $sres = pg_safe_exec("SELECT * FROM levels WHERE channel_id=1 AND user_id='" . $row->user_id . "' AND access>0"); if (pg_numrows($sres) > 0) { $srow = pg_fetch_object($sres, 0); echo " (*" . $srow->access . ")"; }
<?php /* $Id: app_tracker.php,v 1.13 2004/07/25 03:31:50 nighty Exp $ */ $min_lvl = 800; require "../../php_includes/cmaster.inc"; std_connect(); $user_id = std_security_chk($auth); $admin = std_admin(); $cTheme = get_theme_info(); if (!acl(XWEBAXS_2) && !acl(XWEBAXS_3)) { die("Wrong way ;)"); } if ($APPID == "" || $RETURL == "") { echo "<html><head><title>Application Tracker</title>"; std_theme_styles(); echo "</head>\n"; std_theme_body(); echo "<h2>Please access this page from the Channel Application Review page</h2>"; echo "</body></html>\n\n"; die; } $tmp = explode("-", $APPID); $channel_id = $tmp[1]; $created_ts = $tmp[0]; $RETOUR = urldecode($RETURL); echo "<html><head><title>Application Tracker</title>"; std_theme_styles(); echo "</head>\n"; std_theme_body(); echo "<center>"; echo "<font size=+1><b>APPLICATION TRACKER</b><br>Supporters Distribution<br></font></center><hr size=2 noshade><br>\n";
<?php $CAN_EDIT = 1; $CAN_ADD = 2; $ENABLE_COOKIE_TABLE = 0; $lang_id = $langid; include "../../../php_includes/cmaster.inc"; std_init(); $cTheme = get_theme_info(); $FORCE_GET = 1; if (!acl(XHELP)) { echo "You are not allowed to use that page."; die; } $a_lid = $ACL_XTRA; if ($lang_id != $a_lid && $a_lid > 0 || !acl(XHELP_CAN_ADD)) { echo "You are not allowed to use that page."; die; } $res2 = pg_safe_exec("SELECT * FROM languages WHERE id='{$lang_id}'"); if (pg_numrows($res2) == 0) { echo "Invalid Language ID, sorry."; die; } $row2 = pg_fetch_object($res2, 0); $lang_name = $row2->name; $tst = pg_safe_exec("SELECT * FROM help WHERE topic='" . strtoupper($cmdname) . "' AND language_id='{$lang_id}'"); if (pg_numrows($tst) > 0) { echo "<html>\n"; echo "<head><title>HELP TEXT MANAGER</title>"; std_theme_styles();
echo "</head>"; std_theme_body("../"); echo "<b>User Toaster</b> (Hunting Fraud Usernames) "; echo "<h1>Sorry, only " . $min_lvl . "+/ACL can toast usernames !</h1>\n"; echo "<br><br><a href=\"javascript:history.go(-1);\">Back</a>\n"; echo "</body></html>\n\n"; die; } $res = pg_safe_exec("SELECT user_name FROM users WHERE id='{$user_id}'"); if (pg_numrows($res) == 0) { echo "Suddenly logged out ?!"; die; } $adm_usr = pg_fetch_object($res, 0); $adm_user = $adm_usr->user_name; if ($admin < $min_lvl && !acl(XWEBAXS_3) && !acl(XWEBUSR_TOASTER)) { echo "Sorry, your admin access is too low."; die; } $gcount = count($id); $mmsg = ""; $mail_lines = 0; if (preg_match("/^[A-Za-z0-9\\._-]+\\@[A-Za-z0-9\\._-]+\\.[A-Za-z][A-Za-z]+\$/", $_POST["sendlist"])) { $send_mail = 1; } else { $send_mail = 0; } if ($debug_me) { echo "<pre><b>DEBUG MODE</b>\n\n"; } if ($debug_me && $send_mail) {
<?php include "../../../php_includes/cmaster.inc"; std_init(); $cTheme = get_theme_info(); $ENABLE_COOKIE_TABLE = 0; $FORCE_GET = 1; if (!acl(XHELP)) { echo "You are not allowed to use that page."; die; } $lang_id = $ACL_XTRA; if (!acl(XHELP_CAN_EDIT)) { echo "You are not allowed to use that page."; die; } $blo = pg_safe_exec("SELECT * FROM help"); if (pg_numrows($blo) == 0) { header("Location: init_help.php"); die; } ?> <html> <head><title>HELP TEXT MANAGER</title> <?php std_theme_styles(); ?> </head> <?php std_theme_body("../"); ?>
if ($rowT->support == "Y") { echo "<td>SUPPORT</td>\n"; } else { echo "<td><i>unknown</i></td>\n"; } } echo "<td>" . $type[$sta] . "</td>\n"; echo "<td><a href=\"users.php?id=" . $rowT->manager_id . "\">" . $row2->user_name . "</a></td>\n"; echo "</tr>\n"; } } // of else echo "</TABLE>"; /* end proc */ } if ($admin > 0 || acl(XLOGGING_VIEW)) { $type = $user_events; echo "<br>\n"; $query = "SELECT user_id,ts,event,message FROM userlog WHERE event!=5 AND user_id={$id} ORDER BY ts DESC"; // echo "Q: $query<br>"; $logs = pg_safe_exec($query); echo "<TABLE border=1 WIDTH=100% cellspacing=0 cellpadding=2 BGCOLOR=#" . $cTheme->table_bgcolor . ">"; echo "<tr><td colspan=3><H2>Log messages (last 5)</H2><a href=\"viewlogs.php?uid=" . $id . "\">View All</a></td></tr>"; echo "<tr bgcolor=#" . $cTheme->table_headcolor . "><td><font color=#" . $cTheme->table_headtextcolor . ">Time</font></td><td><font color=#" . $cTheme->table_headtextcolor . ">Event</font></td><td><font color=#" . $cTheme->table_headtextcolor . ">Message</font></td></tr>"; if (pg_numrows($logs) != 0) { if (pg_numrows($logs) >= 5) { $max = 5; } else { $max = pg_numrows($logs); } for ($row = 0; $row < $max; $row++) {
if ($mode == "editacl") { echo "<h2>Modifying ACL</h2><a href=\"index.php\">Back to ACL Manager</a><hr size=1 noshade>\n"; } if ($mode == "getlist") { echo "<h2>ACL Full List</h2><a href=\"index.php\">Back to ACL Manager</a><hr size=1 noshade>\n"; } echo "<br>\n"; if ($mode == "editacl") { $res = pg_safe_exec("SELECT acl.flags as acl_flags,acl.acl_id,acl.xtra,users.user_name,acl.last_updated,acl.last_updated_by FROM acl,users WHERE acl.user_id='" . $userid . "' AND acl.user_id=users.id"); if (pg_numrows($res) == 0) { echo "<h3>no ACL defined for that user !</h3>\n"; } else { $row = pg_fetch_object($res, 0); $ztest1 = acl(XCHGMGR_ADMIN) && !((int) $row->acl_flags & XCHGMGR_ADMIN) || $admin >= 800; $ztest2 = acl(XMAILCH_ADMIN) && !((int) $row->acl_flags & XMAILCH_ADMIN) || $admin >= 800; $ztest3 = acl(XWEBAXS_3) && !((int) $row->acl_flags & XWEBAXS_3) || $admin >= 800; $noallow = 0; if (!$ztest1 && !$ztest2 && !$ztest3 && $admin < 800) { $noallow = 1; } echo "<table border=0 cellspacing=30 cellpadding=5>\n"; echo "<tr>\n"; echo "<td bgcolor=#" . $cTheme->main_acl_edit . " valign=top><font face=arial,helvetica size=-1>\n"; echo "<form name=applyacl action=acl.php method=post onsubmit=\"return check(this);\">\n"; echo "<input type=hidden name=mode value=applyacl>\n"; echo "<input type=hidden name=ts value=" . $zets . ">\n"; echo "<input type=hidden name=userid value=" . $userid . ">\n"; echo "<input type=hidden name=crc value=" . md5($HTTP_USER_AGENT . $CRC_SALT_0008 . $user_id . $zets) . ">\n"; if ($noallow) { echo "<b>Nothing you can EDIT in </b>" . $row->user_name . "<b>'s ACLs.</b><br>\n"; } else {