function cs_pictures_upload($file, $mod, $fid, $ajaxclean = 1)
{
if (!empty($_POST['del_picture'])) {
cs_pictures_delete($_POST['del_picture']);
}
if (empty($file['tmp_name'])) {
return true;
}
settype($fid, 'integer');
$types_allowed = array('image/jpeg', 'image/png', 'image/pjpeg', 'image/x-png');
if (!in_array($file['type'], $types_allowed)) {
return false;
}
$exts = array('image/jpeg' => 'jpg', 'image/png' => 'png', 'image/pjpeg' => 'jpg', 'image/x-png' => 'png');
$ext = $exts[$file['type']];
$where = "pictures_fid = '" . $fid . "' AND pictures_mod = '" . $mod . "'";
$already = cs_sql_select(__FILE__, 'pictures', 'pictures_id', $where);
$pictures_id = $already['pictures_id'];
if (empty($already)) {
$vars = array();
$vars['pictures_mod'] = $mod;
$vars['pictures_fid'] = $fid;
cs_sql_insert(__FILE__, 'pictures', array_keys($vars), array_values($vars));
$pictures_id = cs_sql_insertid(__FILE__);
}
if (!cs_upload('pictures', 'picture-' . $pictures_id . '.' . $ext, $file['tmp_name'], $ajaxclean)) {
cs_sql_delete(__FILE__, 'pictures', $pictures_id);
return false;
}
$cells = array('pictures_file');
$content = array('picture-' . $pictures_id . '.' . $ext);
cs_sql_update(__FILE__, 'pictures', $cells, $content, $pictures_id);
return true;
}
function create_user($access, $nick, $pwd, $lang, $email, $country, $timezone, $dst, $newsletter = 0, $active = 1, $empty = 0, $regkey = '')
{
global $cs_db, $cs_main;
if ($cs_db['hash'] == 'md5') {
$sec_pwd = md5($pwd);
} elseif ($cs_db['hash'] == 'sha1') {
$sec_pwd = sha1($pwd);
}
$op_users = cs_sql_option(__FILE__, 'users');
$picture = empty($op_users['def_picture']) ? '' : 'nopicture.jpg';
$time = cs_time();
$limit = empty($cs_main['data_limit']) ? 20 : $cs_main['data_limit'];
$users_cells = array('access_id', 'users_nick', 'users_pwd', 'users_lang', 'users_email', 'users_emailregister', 'users_country', 'users_register', 'users_laston', 'users_timezone', 'users_dstime', 'users_newsletter', 'users_active', 'users_limit', 'users_regkey', 'users_picture', 'users_hidden');
$users_save = array($access, $nick, $sec_pwd, $lang, $email, $email, $country, $time, $time, $timezone, $dst, $newsletter, $active, $limit, $regkey, $picture, 'users_email');
cs_sql_insert(__FILE__, 'users', $users_cells, $users_save);
return cs_sql_insertid(__FILE__);
}
$thread_save = array_values($board);
cs_sql_insert(__FILE__, 'threads', $thread_cells, $thread_save);
$thread_now = cs_sql_select(__FILE__, 'threads', 'threads_id', 'threads_id = \'' . cs_sql_insertid(__FILE__) . '\'');
#if thread voting -> save vote to boardvotes
if ($votes == 1) {
$bv['users_id'] = $board['users_id'];
$bv['threads_id'] = $thread_now['threads_id'];
$bv['boardvotes_time'] = $board['threads_time'];
$bv_cells = array_keys($bv);
$bv_save = array_values($bv);
cs_sql_insert(__FILE__, 'boardvotes', $bv_cells, $bv_save);
}
for ($run = 0; $run < $run_loop_files; $run++) {
$num = $run + 1;
$files_cells = array('users_id', 'threads_id', 'boardfiles_time', 'boardfiles_name');
$files_save = array($board['users_id'], $thread_now['threads_id'], $board['threads_time'], $file_name[$num]);
cs_sql_insert(__FILE__, 'boardfiles', $files_cells, $files_save);
$files_select_new_id = cs_sql_insertid(__FILE__);
$ext = substr($file_name[$num], strlen($file_name[$num]) + 1 - strlen(strrchr($file_name[$num], '.')));
$path = $cs_main['def_path'] . '/uploads/board/files/';
$target = $path . $file_upload_name[$num];
$target2 = $path . $files_select_new_id . '.' . $ext;
$fileHand = fopen($target, 'r');
fclose($fileHand);
rename($target, $target2);
}
# Update board entry to get correct threads and comments count
include_once 'mods/board/repair.php';
cs_board_threads($board_id);
cs_redirect($cs_lang['create_done'], 'board', 'thread', 'where=' . $thread_now['threads_id']);
}
$run = 0;
$run2 = 0;
foreach ($cs_rounds as $round) {
$run2++;
$data['maps'][$run]['name'] = $round['maps_name'];
$data['maps'][$run]['result'] = $round['rounds_score1'] . ' : ' . $round['rounds_score2'];
$data['maps'][$run]['rounds_id'] = $round['rounds_id'];
$up = $run2 != 1 ? cs_link($img_up, 'wars', 'rounds', 'id=' . $wars_id . '&up=' . $round['rounds_id']) : '-';
$down = $run2 != $count ? cs_link($img_down, 'wars', 'rounds', 'id=' . $wars_id . '&down=' . $round['rounds_id']) : '-';
$data['maps'][$run]['up_down'] = $up . ' ' . $down;
$run++;
}
} else {
$data['if']['rounds'] = false;
}
echo cs_subtemplate(__FILE__, $data, 'wars', 'rounds');
} else {
if (!empty($new_map)) {
$get_game_id = cs_sql_select(__FILE__, 'wars', 'games_id', 'wars_id = \'' . $cs_rounds['wars_id'] . '\'');
$cells1 = array('maps_name', 'games_id');
$values1 = array($_POST['new_map'], $get_game_id['games_id']);
cs_sql_insert(__FILE__, 'maps', $cells1, $values1);
$cs_rounds['maps_id'] = cs_sql_insertid(__FILE__);
} else {
$cs_rounds['maps_id'] = (int) $_POST['maps_id'];
}
$cells2 = array_keys($cs_rounds);
$values2 = array_values($cs_rounds);
cs_sql_insert(__FILE__, 'rounds', $cells2, $values2);
cs_redirect($cs_lang['create_done'], 'wars', 'rounds', 'id=' . $cs_rounds['wars_id']);
}
$clans_pwd = isset($_POST['clans_pwd']) ? $_POST['clans_pwd'] : '';
$data = array();
$data['if']['gamesmod'] = empty($account['access_games']) ? FALSE : TRUE;
$img_filetypes = array('gif', 'jpg', 'png');
if (isset($_POST['submit'])) {
$cs_squads['clans_id'] = $_POST['clans_id'];
$cs_squads['games_id'] = empty($_POST['games_id']) ? 0 : $_POST['games_id'];
$cs_squads['squads_name'] = $_POST['squads_name'];
$cs_squads['squads_order'] = empty($_POST['squads_order']) ? $op_squads['def_order'] : $_POST['squads_order'];
$cs_squads['squads_pwd'] = $_POST['squads_pwd'];
$error = '';
if (!empty($_POST['new_clan']) && !empty($clans_pwd)) {
$cells = array('clans_name', 'clans_short', 'clans_pwd', 'users_id');
$values = array($_POST['new_clan'], $_POST['new_clan'], $clans_pwd, $account['users_id']);
cs_sql_insert(__FILE__, 'clans', $cells, $values);
$cs_squads['clans_id'] = cs_sql_insertid(__FILE__);
}
$img_size = false;
if (!empty($files['picture']['tmp_name'])) {
$img_size = getimagesize($files['picture']['tmp_name']);
}
if (!empty($files['picture']['tmp_name']) and empty($img_size) or $img_size[2] > 3) {
$error .= $cs_lang['ext_error'] . cs_html_br(1);
} elseif (!empty($files['picture']['tmp_name'])) {
switch ($img_size[2]) {
case 1:
$extension = 'gif';
break;
case 2:
$extension = 'jpg';
break;
$extension = 'png';
break;
}
if (empty($extension)) {
$error .= cs_html_br(1) . $cs_lang['wrong_ext'];
} else {
$save['medals_extension'] = $extension;
}
}
}
if (!empty($_POST['submit']) && empty($error)) {
$cells = array_keys($save);
$values = array_values($save);
cs_sql_insert(__FILE__, 'medals', $cells, $values);
if (!empty($files_gl['medals_picture']['tmp_name'])) {
$id = cs_sql_insertid(__FILE__);
$filename = 'medal-' . $id . '.' . $extension;
cs_upload('medals', $filename, $files_gl['medals_picture']['tmp_name']);
}
cs_redirect($cs_lang['create_done'], 'medals');
}
if (empty($_POST['submit'])) {
$data['medals']['medals_name'] = '';
$data['medals']['medals_text'] = '';
} else {
$data['medals']['medals_name'] = $save['medals_name'];
$data['medals']['medals_text'] = $save['medals_text'];
}
$data['medals']['message'] = empty($error) ? $cs_lang['errors_here'] : $cs_lang['error_occured'] . $error;
$data['form']['abcode'] = cs_abcode_features('medals_text');
$data['form']['dirname'] = $cs_main['php_self']['dirname'];
$fetch_me = array();
$fetch_me['count_id'] = $_SESSION['count_id'];
$fetch_me['count_time'] = $_SESSION['count_time'];
}
$time_lock = isset($fetch_me['count_time']) ? $fetch_me['count_time'] + 43200 : 0;
$_SESSION['count_time'] = $time;
if ($time > $_SESSION['count_last'] + 30) {
if ($time < $time_lock) {
$counter_cells = array('count_time', 'count_location');
$counter_content = array($time, $cs_main['mod'] . '/' . $cs_main['action']);
cs_sql_update(__FILE__, 'count', $counter_cells, $counter_content, $fetch_me['count_id'], 0, 0);
} else {
$counter_cells = array('count_ip', 'count_time', 'count_location');
$counter_save = array($ip, $time, $cs_main['mod'] . '/' . $cs_main['action']);
cs_sql_insert(__FILE__, 'count', $counter_cells, $counter_save);
$_SESSION['count_id'] = cs_sql_insertid(__FILE__);
}
$_SESSION['count_last'] = $time;
}
//Backup the files in counter
$op_counter = cs_sql_option(__FILE__, 'counter');
$month = cs_datereal('n');
$yesterday = cs_datereal('d') - 1;
if ($op_counter['last_archiv_day'] < $yesterday) {
$days_max = cs_datereal('t');
$year = cs_datereal('Y');
$timer = mktime(0, 0, 0, $month, $op_counter['last_archiv_day'] - 1, $year);
for ($day = $op_counter['last_archiv_day']; $day < $yesterday; $day++) {
$timer2 = $timer + 86400;
$cond = "count_time > '" . $timer . "' AND count_time < '" . $timer2 . "'";
$count_day = cs_sql_count(__FILE__, 'count', $cond);
$last['users_id'] = $comment['users_id'];
}
$save = array();
$save['users_id'] = (int) $comment['users_id'];
$save['threads_time'] = $comment['comments_time'];
$save['threads_text'] = $_POST['threads_text'];
$save['threads_headline'] = $_POST['threads_headline'];
$save['threads_edit'] = $comment['comments_edit'];
$save['board_id'] = (int) $_POST['board_id'];
$save['threads_last_user'] = (int) $last['users_id'];
$save['threads_last_time'] = $last['comments_time'];
$save['threads_comments'] = $count_comments;
$cells = array_keys($save);
$values = array_values($save);
cs_sql_insert(__FILE__, 'threads', $cells, $values);
$threads_id = cs_sql_insertid(__FILE__);
if (empty($threads_id)) {
cs_redirect($cs_lang['error'] . '.', 'board', 'thread', 'where=' . $comment['comments_fid']);
}
cs_sql_delete(__FILE__, 'comments', $comments_id);
// Move selected comments
if (!empty($_POST['comments'])) {
$cells = array('comments_fid');
$content = array($threads_id);
$cond_files = '';
foreach ($_POST['comments'] as $comment_id) {
settype($comment_id, 'integer');
cs_sql_update(__FILE__, 'comments', $cells, $content, $comment_id);
$cond_files .= ' OR comments_id = ' . (int) $comment_id;
}
// Move attachments of the comments
function make_folders_create($mod, $folders_name, $users_id = 0)
{
$get = "folders_mod = '" . $mod . "' AND folders_name = '" . cs_sql_escape($folders_name) . "' AND users_id = '" . (int) $users_id . "'";
$count = cs_sql_count(__FILE__, 'folders', $get);
if (!empty($count)) {
return false;
} else {
$columns = array('folders_mod', 'folders_name', 'users_id');
$values = array($mod, $folders_name, $users_id);
cs_sql_insert(__FILE__, 'folders', $columns, $values);
return cs_sql_insertid(__FILE__);
}
}
}
} elseif (!empty($data['if']['form'])) {
if (empty($account['users_id'])) {
global $cs_db;
if ($cs_db['hash'] == 'md5') {
$data['join']['users_pwd'] = md5($data['join']['users_pwd']);
} elseif ($cs_db['hash'] == 'sha1') {
$data['join']['users_pwd'] = sha1($data['join']['users_pwd']);
}
}
settype($data['join']['joinus_icq'], 'integer');
$data['join']['joinus_since'] = cs_time();
$joinus_cells = array_keys($data['join']);
$joinus_save = array_values($data['join']);
cs_sql_insert(__FILE__, 'joinus', $joinus_cells, $joinus_save);
$joinus_id = cs_sql_insertid(__FILE__);
cs_cache_delete('count_joinus');
require_once 'mods/notifymods/functions.php';
notifymods_mail('joinus', $account['users_id']);
$tables = "joinus ju INNER JOIN {pre}_members mem ON ju.squads_id = mem.squads_id AND mem.members_admin = '1' ";
$tables .= 'INNER JOIN {pre}_squads sq ON ju.squads_id = sq.squads_id';
$cells = 'ju.squads_id AS squads_id, mem.users_id AS users_id, sq.squads_name AS squads_name';
$select = cs_sql_select(__FILE__, $tables, $cells, "ju.joinus_id = '" . $joinus_id . "'", 0, 0, 0);
$select_count = count($select);
for ($run = 0; $run < $select_count; $run++) {
$user = cs_sql_select(__FILE__, 'users', 'users_id', "users_id = '" . $select[$run]['users_id'] . "'");
$message['users_id'] = '1';
$message['users_id_to'] = $user['users_id'];
$message['messages_time'] = cs_time();
$message['messages_subject'] = $cs_lang['new_joinus'] . $select[$run]['squads_name'];
$message['messages_text'] = $cs_lang['new_joinus_text'] . $select[$run]['squads_name'] . $cs_lang['new_joinus_text2'];
if (empty($data['art']['articles_headline'])) {
$errormsg .= $cs_lang['no_headline'] . cs_html_br(1);
}
if (empty($data['art']['articles_text'])) {
$errormsg .= $cs_lang['no_text'] . cs_html_br(1);
}
if (isset($_POST['preview'])) {
$data['if']['preview'] = true;
$data['if']['catimg'] = empty($categories['categories_picture']) ? false : true;
$data['cat']['url_catimg'] = empty($data['if']['catimg']) ? '' : 'uploads/categories/' . $categories['categories_picture'];
$data['art']['articles_text_preview'] = cs_secure($data['art']['articles_text'], 1, 1, 1, 1);
} elseif (empty($errormsg)) {
$articles_cells = array_keys($data['art']);
$articles_save = array_values($data['art']);
cs_sql_insert(__FILE__, 'articles', $articles_cells, $articles_save);
$articles_id = cs_sql_insertid(__FILE__);
if (!empty($files['picture'])) {
cs_pictures_upload($files['picture'], 'articles', $articles_id);
}
cs_redirect($cs_lang['create_done'], 'articles');
} else {
$data['head']['body'] = $errormsg;
}
} else {
$data['art']['articles_com'] = '';
$data['art']['articles_navlist'] = '';
$data['art']['articles_fornext'] = '';
$data['art']['articles_headline'] = '';
$data['art']['articles_text'] = '';
$data['art']['articles_time'] = cs_time();
$data['art']['users_id'] = $account['users_id'];
