function punish_comments($hours = 6)
{
global $globals, $db;
$log = new Annotation('punish-comment');
if ($log->read() && $log->time > time() - 3600 * $hours) {
echo "Comments already verified at: " . get_date_time($log->time) . "\n";
return false;
}
if ($globals['min_karma_for_comments'] > 0) {
$min_karma = $globals['min_karma_for_comments'];
} else {
$min_karma = 4.5;
}
$votes_from = time() - $hours * 3600;
// 'date_sub(now(), interval 6 hour)';
$comments_from = time() - 2 * $hours * 3600;
//'date_sub(now(), interval 12 hour)';
echo "Starting karma_comments...\n";
$users = "SELECT SQL_NO_CACHE distinct comment_user_id as user_id from comments, users where comment_date > from_unixtime({$comments_from}) and comment_karma < -50 and comment_user_id = user_id and user_level != 'disabled' and user_karma >= {$min_karma}";
$result = $db->get_results($users);
$log->store();
if (!$result) {
return;
}
foreach ($result as $dbuser) {
$user = new User();
$user->id = $dbuser->user_id;
$user->read();
printf("%07d %s\n", $user->id, $user->username);
$punish = 0;
$comment_votes_count = (int) $db->get_var("SELECT SQL_NO_CACHE count(*) from votes, comments where comment_user_id = {$user->id} and comment_date > from_unixtime({$comments_from}) and vote_type='comments' and vote_link_id = comment_id and vote_date > from_unixtime({$votes_from}) and vote_user_id != {$user->id}");
if ($comment_votes_count > 5) {
$votes_karma = (int) $db->get_var("SELECT SQL_NO_CACHE sum(vote_value) from votes, comments where comment_user_id = {$user->id} and comment_date > from_unixtime({$comments_from}) and vote_type='comments' and vote_link_id = comment_id and vote_date > from_unixtime({$votes_from}) and vote_user_id != {$user->id}");
if ($votes_karma < 50) {
$distinct_votes_count = (int) $db->get_var("SELECT SQL_NO_CACHE count(distinct comment_id) from votes, comments where comment_user_id = {$user->id} and comment_date > from_unixtime({$comments_from}) and vote_type='comments' and vote_link_id = comment_id and vote_date > from_unixtime({$votes_from}) and vote_user_id != {$user->id}");
$comments_count = (int) $db->get_var("SELECT SQL_NO_CACHE count(*) from comments where comment_user_id = {$user->id} and comment_date > from_unixtime({$comments_from})");
$comment_coeff = min($comments_count / 10, 1) * min($distinct_votes_count / ($comments_count * 0.75), 1);
$punish = max(-2, round($votes_karma * $comment_coeff * 1 / 1000, 2));
}
}
if ($punish < -0.1) {
echo "comments: {$comments_count} votes distinct: {$distinct_votes_count} karma: {$votes_karma} coef: {$comment_coeff} -> {$punish}\n";
$user->karma += $punish;
//$user->store();
$annotation = new Annotation("karma-{$user->id}");
//$annotation->append(_('Penalización por comentarios').": $punish, nuevo karma: $user->karma\n");
echo _('Penalización por comentarios') . ": {$punish}, nuevo karma: {$user->karma}\n";
$log->append(_('Penalización') . " {$user->username}: {$punish}, nuevo karma: {$user->karma}\n");
}
$db->barrier();
}
}
function do_load() {
global $db, $current_user;
$annotation = new Annotation('ec2-autoscaler');
if (!$annotation->read()) {
return _('no hay estadísticas disponibles');
}
$group = unserialize($annotation->text);
$str = "web instances: $group->instances, ";
$str .= "cpu average load: ".round($group->load, 2) . "%, ";
$str .= "cpu max average ($group->measures periods): ".round($group->load_max, 2)."%, ";
$str .= "stored at: ". get_date_time($annotation->time);
return $str;
}
function insert_coder()
{
if ($_POST['coderpass'] != $_POST['coderpass2']) {
die('error: The coder passwords do not match!');
}
$username = $_POST['coderuser'];
$usermail = $_POST['codermail'];
$secret = mksecret();
$wantpasshash = md5($secret . $_POST['coderpass'] . $secret);
$editsecret = mksecret();
$ret = mysql_query("INSERT INTO users (username, class, passhash, secret, editsecret, email, status, added) VALUES (" . implode(",", array_map("sqlesc", array($username, 8, $wantpasshash, $secret, $editsecret, $usermail, 'confirmed'))) . ",'" . get_date_time() . "')");
$rndpasshash = createRandomPassword();
$rndsecret = createRandomPassword();
$rndeditsecret = createRandomPassword();
$rex = mysql_query("INSERT INTO users (id, username, class, passhash, secret, editsecret, email, status, added) VALUES (" . implode(",", array_map("sqlesc", array(2, 'System', 1, $rndpasshash, $rndsecret, $rndeditsecret, '*****@*****.**', 'confirmed'))) . ",'" . get_date_time() . "')");
}
function addmp3info($type, $rlsname, $genre, $year, $hertz, $tp, $bitrate, $bittype, $fromnet, $ann = true)
{
$w = mysql_query("SELECT COUNT(id) AS tid FROM mp3info WHERE rlsname = " . sqlesc($rlsname) . "") or die("Err1 " . mysql_error());
$qw = mysql_fetch_assoc($w);
if ($qw['tid'] == 0) {
$fromdata = explode(":", trim($fromnet));
$fromdata[1] = "#" . $fromdata[1];
mysql_query("INSERT INTO mp3info ( `rlsname` , `genre` , `year` , `hertz` , `type` , `bitrate` , `bittype` , `unixtime` , `addedon` , `fromnet` ) VALUES (" . sqlesc($rlsname) . "," . sqlesc($genre) . "," . sqlesc($year) . "," . sqlesc($hertz) . "," . sqlesc($tp) . "," . sqlesc($bitrate) . "," . sqlesc($bittype) . "," . time() . "," . sqlesc(get_date_time()) . "," . sqlesc($fromnet) . ")") or die('Err2 ' . mysql_error());
$id = mysql_insert_id();
mysql_query("INSERT INTO frominfodata ( `infoid` , `type` , `time` , `nick` , `chan` , `network` ) VALUES (" . $id . "," . sqlesc($type) . "," . time() . "," . sqlesc($fromdata[0]) . "," . sqlesc($fromdata[1]) . "," . sqlesc($fromdata[2]) . ")") or die('Err3 ' . mysql_error());
if ($ann == true) {
$sbotdata = array($type, $rlsname, $genre, $year, $hertz, $tp, $bitrate, $bittype);
sendbot(join(" ", $sbotdata));
return "OK";
} else {
return "FAiL";
}
}
}
function print_summary($link = 0, $length = 0, $single_link = true)
{
global $current_user, $globals;
if (!$this->read) {
return;
}
echo '<li id="c-' . $this->order . '">';
$this->hidden = $this->karma < -80 || $this->user_level == 'disabled' && $this->type != 'admin';
if ($this->hidden) {
$comment_meta_class = 'comment-meta-hidden';
$comment_class = 'comment-body-hidden';
} else {
$comment_meta_class = 'comment-meta';
$comment_class = 'comment-body';
if ($this->karma > $globals['comment_highlight_karma']) {
$comment_class .= ' high';
}
}
$this->link_permalink = $link->get_relative_permalink();
echo '<div class="' . $comment_class . '">';
echo '<strong>#' . $this->order . '</strong>';
echo ' <span id="cid-' . $this->id . '">';
if ($this->hidden && ($current_user->user_comment_pref & 1) == 0) {
echo '» <a href="javascript:load_html(\'get_commentmobile.php\',\'comment\',\'cid-' . $this->id . '\',0,' . $this->id . ')" title="' . _('ver comentario') . '">' . _('ver comentario') . '</a>';
} else {
$this->print_text($length);
}
echo '</span></div>';
// The comments info bar
echo '<div class="' . $comment_meta_class . '">';
if ($this->type == 'admin') {
$author = '<strong>' . _('admin') . '</strong> ';
} else {
$author = '<a href="' . get_user_uri($this->username) . '" title="karma: ' . $this->user_karma . '">' . $this->username . '</a> ';
}
printf(_('por %s el %s'), $author, get_date_time($this->date));
// Check that the user can vote
if ($this->type != 'admin' && $this->user_level != 'disabled') {
echo ' ' . _('votos') . ': <span id="vc-' . $this->id . '">' . $this->votes . '</span>, ' . _('karma') . ': <span id="vk-' . $this->id . '">' . $this->karma . '</span>';
}
echo '</div>';
echo "</li>\n";
}
}
SQL_Query_exec("DELETE FROM comments WHERE id = {$id}");
write_log($CURUSER['username'] . " has deleted comment: ID: {$id}");
show_error_msg(T_("COMPLETE"), "Comment deleted OK", 1);
}
stdhead(T_("COMMENTS"));
//take comment add
if ($_GET["takecomment"] == 'yes') {
$body = $_POST['body'];
if (!$body) {
show_error_msg(T_("ERROR"), T_("YOU_DID_NOT_ENTER_ANYTHING"), 1);
}
if ($type == "torrent") {
SQL_Query_exec("UPDATE torrents SET comments = comments + 1 WHERE id = {$id}");
}
SQL_Query_exec("INSERT INTO comments (user, " . $type . ", added, text) VALUES (" . $CURUSER["id"] . ", " . $id . ", '" . get_date_time() . "', " . sqlesc($body) . ")");
if (mysql_affected_rows() == 1) {
show_error_msg(T_("COMPLETED"), "Your Comment was added successfully.", 0);
} else {
show_error_msg(T_("ERROR"), T_("UNABLE_TO_ADD_COMMENT"), 0);
}
}
//end insert comment
//NEWS
if ($type == "news") {
$res = SQL_Query_exec("SELECT * FROM news WHERE id = {$id}");
$row = mysql_fetch_array($res);
if (!$row) {
show_error_msg(T_("ERROR"), "News id invalid", 0);
stdfoot();
}
$btit_url_last="";
$btit_url_rss="";
if(get_remote_file("http://www.btiteam.org"))
{
$btit_url_rss="http://www.btiteam.org/smf/index.php?type=rss;action=.xml;board=83;sa=news";
$btit_url_last="http://www.btiteam.org/last_version.txt";
}
*/
$admin = array();
$res = do_sqlquery("SELECT * FROM {$TABLE_PREFIX}tasks");
if ($res) {
while ($result = mysql_fetch_array($res)) {
if ($result["task"] == "sanity") {
$admin["lastsanity"] = $language["LAST_SANITY"] . "<br />\n" . get_date_time($result["last_time"]) . "<br />\n(" . $language["NEXT"] . ": " . get_date_time($result["last_time"] + intval($GLOBALS["clean_interval"])) . ")<br />\n<a href=\"index.php?page=admin&user="******"uid"] . "&code=" . $CURUSER["random"] . "&do=sanity&action=now\">Do it now!</a><br />";
} elseif ($result["task"] == "update") {
$admin["lastscrape"] = "<br />\n" . $language["LAST_EXTERNAL"] . "<br />\n" . get_date_time($result["last_time"]) . "<br />\n(" . $language["NEXT"] . ": " . get_date_time($result["last_time"] + intval($GLOBALS["update_interval"])) . ")<br />";
}
}
}
// check if XBTT tables are present in current db
$res = do_sqlquery("SHOW TABLES LIKE 'xbt%'");
$xbt_tables = array('xbt_config', 'xbt_deny_from_hosts', 'xbt_files', 'xbt_files_users', 'xbt_users');
$xbt_in_db = array();
if ($res) {
while ($result = mysql_fetch_row($res)) {
$xbt_in_db[] = $result[0];
}
}
$ad = array_diff($xbt_tables, $xbt_in_db);
if (count($ad) == 0) {
$admin["xbtt_ok"] = "<br />\nIT SEEMS THAT ALL XBTT TABLES ARE PRESENT!<br />\n<br />\n";
$postsList .= '<tr><td class="lista"><b><a title="' . $language['FIRST_UNREAD'] . ': ' . $post['title'] . '" href="' . $btit_settings['url'] . '/index.php?page=forum&action=viewtopic&topicid=' . $post['tid'] . '.msg' . $post['pid'] . '#msg' . $post['pid'] . '">' . $post['title'] . '</a></b><br />' . $language['LAST_POST_BY'] . ' <a href="' . $btit_settings['url'] . '/index.php?page=forum&action=profile;u=' . $post['userid'] . '">' . $post['username'] . '</a><br />On ' . date('d/m/Y H:i:s', $post['added']) . '</td></tr>';
}
} else {
# get posts based if can read
$lastPosts = get_result('SELECT p.topicid, p.id as pid, t.subject, p.added, p.body, p.userid FROM ' . $topicsTable . ' as t LEFT JOIN ' . $postsTable . ' as p ON p.topicid=t.id LEFT JOIN ' . $TABLE_PREFIX . 'forums as f ON f.id=t.id WHERE f.minclassread<=' . $CURUSER['id_level'] . ($realLastPosts ? '' : ' AND p.id=t.lastpost') . ' ORDER BY p.added DESC ' . $limit);
# format posts
foreach ($lastPosts as $post) {
# get username
$user = get_result('SELECT ul.prefixcolor, u.username, ul.suffixcolor FROM ' . $TABLE_PREFIX . 'users_level as ul LEFT JOIN ' . $TABLE_PREFIX . 'users as u ON u.id_level=ul.id WHERE u.id=' . $post['userid'] . ' LIMIT 1;', true, $CACHE_DURATION);
if (isset($user[0])) {
$user = $user[0];
$post['username'] = $user['prefixcolor'] . $user['username'] . $user['suffixcolor'];
} else {
$post['username'] = '******';
}
$postsList .= '<tr><td class="lista"><b><a href="' . $btit_settings['url'] . '/index.php?page=forum&action=viewtopic&topicid=' . $post['tid'] . '&msg=' . $post['pid'] . '#' . $post['pid'] . '">' . htmlspecialchars(unesc($post['subject'])) . '</a></b><br />' . $language['LAST_POST_BY'] . ' <a href="' . $btit_settings['url'] . '/index.php?page=userdetails&id=' . $post['userid'] . '">' . $post['username'] . '</a><br />On ' . get_date_time($post['added']) . '</td></tr>';
}
}
} else {
$postsList = '<tr><td class="lista">' . $language['NO_TOPIC'] . '</td></tr>';
}
?>
<table cellpadding="4" cellspacing="1" width="100%">
<tr>
<td class="lista">
<table width="100%" cellspacing="2" cellpadding="2">
<tr>
<td><?php
echo $language['TOPICS'];
?>
:</td>
while ($results = mysqli_fetch_assoc($resource)) {
//background color for checked poll option
$bold = "normal";
if ($CURUSER["uid"] == $results["memberID"]) {
$bold = "bold";
}
//
if (!$results["username"]) {
$user = $language["POLL_ACCOUNT_DEL"];
} else {
$user = "******"index.php?page=userdetails&id=" . $results["memberID"] . "\">" . StripSlashes($results["prefixcolor"] . $results["username"] . $results["suffixcolor"]) . "</a>";
}
//print rows with voters
$polls[$i]["option_text"] = $results["optionText"];
$polls[$i]["ip_address"] = long2ip($results["ipAddress"]);
$polls[$i]["vote_date"] = get_date_time($results["voteDate"]);
$polls[$i]["user"] = $user;
$polls[$i]["bold"] = $bold;
$i++;
}
//Per Page Listing Limitation Start - 7:35 PM 3/22/2007
if ($count > $perpage) {
$admintpl->set("poll_pager_bottom", $pagerbottom);
} else {
$admintpl->set("poll_pager_bottom", "");
}
//Per Page Listing Limitation Stop
$admintpl->set("show_poller", true, true);
$admintpl->set("new_poll", false, true);
$admintpl->set("polls", $polls);
}
} elseif ($chances == 3) {
$banthisip = getip();
$first = ip2long($banthisip);
$last = ip2long($banthisip);
$added = sqlesc(get_date_time());
$msg = sqlesc("disabled after 3 tries");
mysql_query("UPDATE users SET enabled='no' WHERE username="******"DELETE FROM secureiptable WHERE username="******"INSERT INTO bans (added, addedby, first, last, comment) VALUES({$added}, 14, {$first}, {$last}, {$msg})") or sqlerr(__FILE__, __LINE__);
// change id to your id to recieve a pm if someone was banned or just comment it out
mysql_query("INSERT INTO messages (sender, receiver, added, msg, poster, subject) VALUES (0, 1, '" . get_date_time() . "', " . sqlesc($msg) . ", 0, " . sqlesc($subject) . ")");
die;
} else {
$iptrack = getip();
$trackingyou = ip2long($iptrack);
mysql_query("INSERT INTO secureiptable VALUES(0, " . sqlesc($name) . ", " . sqlesc($trackingyou) . ", 1, '" . get_date_time() . "', 0)") or sqlerr(__FILE__, __LINE__);
stderr("Error", "Wrong Pin #, You got 3 tries left before having your account disabled!<br/><br/><input type=\"button\" value=\" Go Back \" onclick=\"history.back()\">", false);
}
}
// end of 3 failed code
$tempip = getip();
$first1 = trim($tempip);
$last1 = trim($tempip);
$first = ip2long($first1);
$last = ip2long($last1);
$doubleip = mysql_query("SELECT * FROM ipsecureip WHERE {$first} >= first AND {$last} <= last") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($doubleip) > 0) {
stderr("Error", "This IP is already in there no need to re-add");
die;
} else {
stdhead("Request to add TempIP Gateway");
$dict[$i]['value']['info'] = $info[$i];
$dict[$i] = benc($dict[$i]);
$dict[$i] = bdec($dict[$i]);
list($ann[$i], $info[$i]) = dict_check($dict[$i], "announce(string):info");
unset($dict['value']['created by']);
$infohash[$i] = pack("H*", sha1($info[$i]["string"]));
/* ...... end of Private Tracker mod */
$torrent[$i] = str_replace("_", " ", $torrent[$i]);
$torrent[$i] = str_replace("'", " ", $torrent[$i]);
$torrent[$i] = str_replace("\"", " ", $torrent[$i]);
$torrent[$i] = str_replace(",", " ", $torrent[$i]);
$nfo[$i] = sqlesc(str_replace("\r\r\n", "\r\n", @file_get_contents($nfofilename[$i])));
$first = $shortfname[$i][1];
$second = $dname[$i];
$third = $torrent[$i][1];
$ret = mysql_query("INSERT INTO torrents (search_text, filename, owner, visible, info_hash, name, size, numfiles, type, descr, ori_descr, category, save_as, added, last_action, nfo) VALUES (" . implode(",", array_map("sqlesc", array(searchfield("{$first} {$second} {$third}"), $fname[$i], $CURUSER["id"], "no", $infohash[$i], $torrent[$i][1], $totallen, count($filelist[$i]), $type, $descr, $descr, $cat[$i], $dname[$i]))) . ", '" . get_date_time() . "', '" . get_date_time() . "', {$nfo[$i]})");
// //////new torrent upload detail sent to shoutbox//////////
if ($CURUSER["anonymous"] == 'yes') {
$message = "[url={$BASEURL}/multidetails.php?id1={$ids['0']}&id2={$ids['1']}&id3={$ids['2']}&id4={$ids['3']}&id5={$ids['4']}]Multiple Torrents were just uploaded! Click here to see them[/url] - Anonymous User";
} else {
$message = "[url={$BASEURL}/multidetails.php?id1={$ids['0']}&id2={$ids['1']}&id3={$ids['2']}&id4={$ids['3']}&id5={$ids['4']}]Multiple Torrents were just uploaded! Click here to see them[/url] Uploaded by " . safechar($CURUSER["username"]) . "";
}
// ///////////////////////////END///////////////////////////////////
if (!$ret) {
if (mysql_errno() == 1062) {
bark("#{$i} torrent was already uploaded!");
}
bark("mysql puked: " . mysql_error());
}
$id = mysql_insert_id();
$ids[] = $id;
function do_load()
{
global $db, $current_user;
$annotation = new Annotation('ec2_watch');
if (!$annotation->read()) {
return _('no hay estadísticas disponibles');
}
$group = json_decode($annotation->text);
$str = "web instances: {$group->instances}, ";
$str .= "cpu average load: " . round($group->avg_load, 2) . "%, ";
$str .= "last action: {$group->action} ";
$str .= "last change: " . get_date_time($group->changed_ts) . " ";
$str .= "stored at: " . get_date_time($annotation->time);
return $str;
}
case 'ignored':
if ($prefered_id != $current_user->user_id) {
return;
}
$friend_value = 'AND friend_value < 0';
$prefered_total = $db->get_var("SELECT count(*) FROM friends WHERE friend_type='manual' AND friend_from={$prefered_id} {$friend_value}");
$dbusers = $db->get_results("SELECT friend_to as who, unix_timestamp(friend_date) as date FROM friends, users WHERE friend_type='manual' AND friend_from={$prefered_id} and user_id = friend_to {$friend_value} order by user_login asc LIMIT {$prefered_offset},{$prefered_page_size}");
break;
}
if ($dbusers) {
$friend = new User();
foreach ($dbusers as $dbuser) {
$friend->id = $dbuser->who;
$friend->read();
$title = $friend->username;
if ($dbuser->date > 0) {
$title .= sprintf(' %s %s', _('desde'), get_date_time($dbuser->date));
}
echo '<div class="friends-item">';
echo '<a href="' . get_user_uri($friend->username) . '" title="' . $title . '">';
echo '<img class="avatar" src="' . get_avatar_url($friend->id, $friend->avatar, 20) . '" width="20" height="20" alt="' . $friend->username . '"/>';
echo $friend->username . '</a> ';
if ($current_user->user_id > 0 && $current_user->user_id != $friend->id) {
echo '<a id="friend-' . $prefered_type . '-' . $current_user->user_id . '-' . $friend->id . '" href="javascript:get_votes(\'get_friend.php\',\'' . $current_user->user_id . '\',\'friend-' . $prefered_type . '-' . $current_user->user_id . '-' . $friend->id . '\',0,\'' . $friend->id . '\')">' . User::friend_teaser($current_user->user_id, $friend->id) . '</a>';
}
echo '</div>';
}
echo "<br clear='left'/>\n";
do_contained_pages($prefered_id, $prefered_total, $prefered_page, $prefered_page_size, 'get_friends_bars.php', $prefered_type, $prefered_type . '-container');
echo "<br clear='all'/>\n";
}
print '<h3><a href=\'userdetails.php?id=' . $userid . '\'>Go to ' . $user['username'] . '\'s Profile</a></h3><br />';
}
print "<table class=main width=737 border=0 cellspacing=0 cellpadding=0><tr><td class=embedded>";
$fcount = number_format(get_row_count("friends", "WHERE userid='" . $userid . "' AND confirmed = 'yes'"));
// print("<h2 align=left><a name=\"friends\">".$user['username']." has ".$fcount." Friends</a></h2>\n");
print "<h2 align=left><a name=\"friends\">" . $user['username'] . " has " . $fcount . " Friend " . ($fcount > 1 ? "s" : "") . "</a></h2>\n";
print "<table width=737 border=1 cellspacing=0 cellpadding=5><tr><td>";
$i = 0;
$res = mysql_query("SELECT f.friendid as id, u.username AS name, u.class, u.avatar, u.title, u.donor, u.warned, u.enabled, u.last_access FROM friends AS f LEFT JOIN users as u ON f.friendid = u.id WHERE userid={$userid} AND f.confirmed='yes' ORDER BY name") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($res) == 0) {
$friends = "<em>" . $user['username'] . " has no friends.</em>";
} else {
while ($friend = mysql_fetch_array($res)) {
$pm_pic = "<img src=" . $pic_base_url . "button_pm.gif alt='Send PM' border=0>";
$dt = gmtime() - 180;
$online = $friend["last_access"] >= '' . get_date_time($dt) . '' ? ' <img src=' . $pic_base_url . 'user_online.gif border=0 alt=Online>' : '<img src=' . $pic_base_url . 'user_offline.gif border=0 alt=Offline>';
$title = htmlspecialchars($friend["title"]);
if (!$title) {
$title = get_user_class_name($friend["class"]);
}
$body1 = "<a href=userdetails.php?id=" . $friend['id'] . "><b>" . $friend['name'] . "</b></a>" . get_user_icons($friend) . " ({$title}) {$online}<br /><br />last seen on " . $friend['last_access'] . "<br />(" . get_elapsed_time(sql_timestamp_to_unix_timestamp($friend['last_access'])) . " ago)";
$body2 = $id == $CURUSER['id'] ? "" : "<br /><a href=friends.php?id={$CURUSER['id']}&action=add&type=friend&targetid=" . $friend['id'] . ">Add Friend</a>" . "<br /><br /><a href=sendmessage.php?receiver=" . $friend['id'] . ">" . $pm_pic . "</a>";
$avatar = $CURUSER["avatars"] == "yes" ? htmlspecialchars($friend["avatar"]) : "";
// if (!$avatar)
// $avatar = "".$pic_base_url."default_avatar.gif";
if ($i % 2 == 0) {
print "<table width=737 style='padding: 0px'><tr><td class=bottom style='padding: 5px' width=50% align=center>";
} else {
print "<td class=bottom style='padding: 5px' width=50% align=center>";
}
print "<table class=main width=737 height=75px>";
if($checkinv['enabled'] === 'no' || $checkinv['deleted'] == '1' || $checkinv['warned'] === 'yes')
bark('Bjóðandi má ekki vera óvirkur, eyddur eða hafa viðvörun.');
if($invite['email'] != $email)
bark('Þessi boðslykill er eingöngu nothæfur til að búa til aðgang fyrir netfangið '.$invite['email']);
if(mysql_num_rows($query) < 1)
bark("Þetta er rangur boðslykill");
mysql_query("UPDATE invites SET used=1 WHERE secret_hash = '$invid' AND email='$email'") or sqlerr();
hit_count();
$md5secret = md5(mksecret());
$secret = mksecret();
$wantpasshash = md5($secret . $wantpassword . $secret);
$editsecret = mksecret();
$ret = mysql_query("INSERT INTO users (username, passhash, secret, editsecret, email, enabled, md5secret, invitari, status, added) VALUES (" .
implode(",", array_map("sqlesc", array($wantusername, $wantpasshash, $secret, $editsecret, $email, 'yes', $md5secret, $invitari, 'pending'))) .
",'" . get_date_time() . "')");
$id = mysql_insert_id();
if (!$ret) {
if (mysql_errno() == 1062) {
bark("Notandanafn er nú þegar til!");
}
bark("borked");
}
//write_log("User account $id ($wantusername) was created");
$psecret = md5($editsecret);
$body = <<<EOD
$tid = isset($_POST["tid"]) ? 0 + $_POST["tid"] : 0;
if ($tid == 0) {
stderr(":w00t:", "wtf are your trying to do!?");
}
if (get_row_count("torrents", "where id=" . $tid) != 1) {
stderr(":w00t:", "That is not a torrent !!!!");
}
$q = mysql_query("SELECT s.downloaded as sd , t.id as tid, t.name,t.size, u.username,u.id as uid,u.downloaded as ud FROM torrents as t LEFT JOIN snatched as s ON s.torrentid = t.id LEFT JOIN users as u ON u.id = s.userid WHERE t.id =" . $tid) or print mysql_error();
while ($a = mysql_fetch_assoc($q)) {
$newd = $a["ud"] > 0 ? $a["ud"] - $a["sd"] : 0;
$new_download[] = "(" . $a["uid"] . "," . $newd . ")";
$tname = $a["name"];
$msg = "Hey , " . $a["username"] . "\n";
$msg .= "Looks like torrent [b]" . $a["name"] . "[/b] is nuked and we want to take back the data you downloaded\n";
$msg .= "So you downloaded " . prefixed($a["sd"]) . " your new download will be " . prefixed($newd) . "\n";
$pms[] = "(0," . $a["uid"] . "," . sqlesc(get_date_time()) . "," . sqlesc($msg) . ")";
}
//send the pm !!
mysql_query("INSERT into messages (sender, receiver, added, msg) VALUES " . join(",", $pms)) or print mysql_error();
//update user download amount
mysql_query("INSERT INTO users (id,downloaded) VALUES " . join(",", $new_download) . " ON DUPLICATE key UPDATE downloaded=values(downloaded)") or print mysql_error();
deletetorrent($tid);
stderr(":w00t:", "it worked! long live tbdev!");
write_log("Torrent {$tname} was deleted by " . $CURUSER["username"] . " and users Re-Paid Download");
} else {
stdhead("Torrent Reset");
begin_frame();
?>
<form action="<?php
echo $_SERVER["PHP_SELF"];
?>
$option12 = $_POST["option12"];
$option13 = $_POST["option13"];
$option14 = $_POST["option14"];
$option15 = $_POST["option15"];
$option16 = $_POST["option16"];
$option17 = $_POST["option17"];
$option18 = $_POST["option18"];
$option19 = $_POST["option19"];
$sort = $_POST["sort"];
if (!$question || !$option0 || !$option1) {
stderr("Error", "Missing form data!");
}
if ($pollid) {
sql_query("UPDATE polls SET " . "question = " . sqlesc($question) . ", " . "option0 = " . sqlesc($option0) . ", " . "option1 = " . sqlesc($option1) . ", " . "option2 = " . sqlesc($option2) . ", " . "option3 = " . sqlesc($option3) . ", " . "option4 = " . sqlesc($option4) . ", " . "option5 = " . sqlesc($option5) . ", " . "option6 = " . sqlesc($option6) . ", " . "option7 = " . sqlesc($option7) . ", " . "option8 = " . sqlesc($option8) . ", " . "option9 = " . sqlesc($option9) . ", " . "option10 = " . sqlesc($option10) . ", " . "option11 = " . sqlesc($option11) . ", " . "option12 = " . sqlesc($option12) . ", " . "option13 = " . sqlesc($option13) . ", " . "option14 = " . sqlesc($option14) . ", " . "option15 = " . sqlesc($option15) . ", " . "option16 = " . sqlesc($option16) . ", " . "option17 = " . sqlesc($option17) . ", " . "option18 = " . sqlesc($option18) . ", " . "option19 = " . sqlesc($option19) . ", " . "sort = " . sqlesc($sort) . " " . "WHERE id = {$pollid}") or sqlerr(__FILE__, __LINE__);
} else {
sql_query("INSERT INTO polls VALUES(0" . ", '" . get_date_time() . "'" . ", " . sqlesc($question) . ", " . sqlesc($option0) . ", " . sqlesc($option1) . ", " . sqlesc($option2) . ", " . sqlesc($option3) . ", " . sqlesc($option4) . ", " . sqlesc($option5) . ", " . sqlesc($option6) . ", " . sqlesc($option7) . ", " . sqlesc($option8) . ", " . sqlesc($option9) . ", " . sqlesc($option10) . ", " . sqlesc($option11) . ", " . sqlesc($option12) . ", " . sqlesc($option13) . ", " . sqlesc($option14) . ", " . sqlesc($option15) . ", " . sqlesc($option16) . ", " . sqlesc($option17) . ", " . sqlesc($option18) . ", " . sqlesc($option19) . ", " . sqlesc($sort) . ", 0 " . ")") or sqlerr(__FILE__, __LINE__);
$pollnum = mysql_insert_id();
sql_query("UPDATE topics SET pollid = {$pollnum} WHERE id = {$topicid}");
}
header("Location: {$returnto}");
die;
}
stdhead();
?>
<table border=1 cellspacing=0 cellpadding=5 width=80%>
<?php
if ($pollid) {
print "<tr><td class=colhead2 colspan=2 align=center><h1>Edit poll</h1></td></tr>";
} else {
print "<tr><td class=colhead2 colspan=2 align=center><h1>Add poll</h1></td></tr>";
$added = sqlesc(time());
do_sqlquery("INSERT INTO {$TABLE_PREFIX}bannedip (added, addedby, first, last, comment) VALUES({$added}, {$CURUSER['uid']}, {$firstip}, {$lastip}, {$comment})", true);
}
}
// don't break, so now we read directly ;)
// don't break, so now we read directly ;)
case '':
case 'read':
default:
$banned = array();
$getbanned = do_sqlquery("SELECT b.*, u.username FROM {$TABLE_PREFIX}bannedip b LEFT JOIN {$TABLE_PREFIX}users u ON u.id=b.addedby ORDER BY b.added DESC", true);
$rowsbanned = @mysql_num_rows($getbanned);
$admintpl->set("frm_action", "index.php?page=admin&user="******"uid"] . "&code=" . $CURUSER["random"] . "&do=banip&action=write");
$i = 0;
if ($rowsbanned > 0) {
$admintpl->set("no_records", false, true);
while ($arr = mysql_fetch_assoc($getbanned)) {
$banned[$i]["first_ip"] = long2ip($arr["first"]);
$banned[$i]["last_ip"] = long2ip($arr["last"]);
$banned[$i]["date"] = get_date_time($arr['added']);
$banned[$i]["comments"] = htmlspecialchars(unesc($arr["comment"]));
$banned[$i]["by"] = "<a href=\"index.php?page=userdetails&id=" . $arr["addedby"] . "\">" . unesc($arr["username"]) . "</a>";
$banned[$i]["remove"] = "<a href=\"index.php?page=admin&user="******"uid"] . "&code=" . $CURUSER["random"] . "&do=banip&action=delete&ip={$arr['id']}\" onclick=\"return confirm('" . str_replace("'", "\\'", $language["DELETE_CONFIRM"]) . "')\">" . image_or_link("{$STYLEPATH}/images/delete.png", "", $language["DELETE"]) . "</a>";
$i++;
}
} else {
$admintpl->set("no_records", true, true);
}
$admintpl->set("bannedip", $banned);
$admintpl->set("language", $language);
}
echo "Period (h): $period<br>\n";
$from_time = "date_sub(now(), interval 4 day)";
#$from_where = "FROM votes, links WHERE
$last_published = $db->get_var("SELECT SQL_NO_CACHE UNIX_TIMESTAMP(max(link_published_date)) from links WHERE link_status='published'");
if (!$last_published) $last_published = $now - 24*3600*30;
$history_from = $last_published - 200*3600;
$diff = $now - $last_published;
$d = min(MAX, MAX - ($diff/3000)*(MAX-MIN) );
$d = max(0.80, $d);
print "Last published at: " . get_date_time($last_published) ."<br>\n";
echo "Decay: $d<br>\n";
$continue = true;
$i=0;
$past_karma = $db->get_var("SELECT SQL_NO_CACHE avg(link_karma) from links WHERE link_published_date > FROM_UNIXTIME($history_from) and link_status='published'");
echo "Past karma: $past_karma<br>\n";
while ($continue) {
$continue = false;
//////////////
$min_karma = round(max($past_karma * $d, 20));
$min_votes = 5;
/////////////
echo "Current MIN karma: <b>$min_karma</b> MIN votes: $min_votes<br>\n";
function &execute()
{
$query = $this->read();
$res = mysql_query($query);
if ($res || mysql_errno() == 1062) {
return $res;
}
$mysql_error = mysql_error();
$mysql_errno = mysql_errno();
// If debug_backtrace() is available, we can find exactly where the query was called from
if (function_exists("debug_backtrace")) {
$bt = debug_backtrace();
$i = 1;
if ($bt[$i]["function"] == "SQL_Query_exec_cached" || $bt[$i]["function"] == "get_row_count_cached" || $bt[$i]["function"] == "get_row_count") {
$i++;
}
$line = $bt[$i]["line"];
$file = str_replace(getcwd() . DIRECTORY_SEPARATOR, "", $bt[$i]["file"]);
$msg = "Database Error in {$file} on line {$line}: {$mysql_error}. Query was: {$query}.";
} else {
$file = str_replace(getcwd() . DIRECTORY_SEPARATOR, "", $_SERVER["SCRIPT_FILENAME"]);
$msg = "Database Error in {$file}: {$mysql_error}. Query was: {$query}";
}
mysql_query("INSERT INTO `sqlerr` (`txt`, `time`) \n VALUES (" . sqlesc($msg) . ", '" . get_date_time() . "')");
if (function_exists('show_error_msg')) {
show_error_msg("Database Error", "Database Error. Please report this to an administrator.", 1);
}
}
$ratiounconn = $row['ratiounconn'];
$unconnectables = $row['unconnectables'];
$ratio = round($row['ratio'] * 100);
$peers = number_format($row['peers']);
$numactive = number_format($row['numactive']);
$donors = number_format($row['donors']);
$forumposts = number_format($row['forumposts']);
$forumtopics = number_format($row['forumtopics']);
$file1 = "{$CACHE}/active.txt";
$expire = 30;
// 30 seconds
if (file_exists($file1) && filemtime($file1) > time() - $expire) {
$active3 = unserialize(file_get_contents($file1));
} else {
$dt = gmtime() - 180;
$dt = sqlesc(get_date_time($dt));
$active1 = sql_query("SELECT id, username, class, warned, donor FROM users WHERE last_access >= " . unsafeChar($dt) . " ORDER BY class DESC") or sqlerr(__FILE__, __LINE__);
while ($active2 = mysql_fetch_array($active1)) {
$active3[] = $active2;
}
$OUTPUT = serialize($active3);
$fp = fopen($file1, "w");
fputs($fp, $OUTPUT);
fclose($fp);
}
// end else
$activeusers = '';
if (is_array($active3)) {
foreach ($active3 as $arr) {
if ($activeusers) {
$activeusers .= ",\n";
stderr("Err", "You can't remove/add 0");
}
$sendpm = isset($_POST["pm"]) && $_POST["pm"] == "yes" ? true : false;
$pms = array();
$users = array();
//select the users
$q = mysql_query("SELECT id,invites FROM users " . ($all ? "" : "WHERE class in (" . join(",", $classes) . ")") . " ORDER BY id desc ") or sqlerr(__FILE__, __LINE__);
if (mysql_num_rows($q) == 0) {
stderr("Sorry", "There are no users in the class(es) you selected");
}
while ($a = mysql_fetch_assoc($q)) {
$users[] = "(" . $a["id"] . ", " . ($do == "remove_all" ? 0 : ($do == "add" ? $a["invites"] + $invites : mkpositive($a["invites"] - $invites))) . ")";
if ($sendpm) {
$subject = sqlesc($do == "remove_all" && $do == "remove" ? "Invites removed" : "Invites added");
$body = sqlesc("Hey,\n we have decided to " . ($do == "remove_all" ? "remove all invites from your group class" : ($do == "add" ? "add {$invites} invite" . ($invites > 1 ? "s" : "") . " to your group class" : "remove {$invites} invite" . ($invites > 1 ? "s" : "") . " from your group class")) . " !\n " . $SITENAME . " staff");
$pms[] = "(0," . $a["id"] . "," . sqlesc(get_date_time()) . ",{$subject},{$body})";
}
}
if (sizeof($users) > 0) {
$r = mysql_query("INSERT INTO users(id,invites) VALUES " . join(",", $users) . " ON DUPLICATE key UPDATE invites=values(invites) ") or sqlerr(__FILE__, __LINE__);
}
if (sizeof($pms) > 0) {
$r1 = mysql_query("INSERT INTO messages (sender, receiver, added, subject, msg) VALUES " . join(",", $pms) . " ") or sqlerr(__FILE__, __LINE__);
}
if ($r && ($sendpm ? $r1 : true)) {
header("Refresh: 2; url=" . $_SERVER["PHP_SELF"]);
stderr("Success", "Operation done!");
} else {
stderr("Error", "Something was wrong");
}
}
}
if ($msg) {
$subject = sqlesc($subject);
if ((isset($_POST['draft']) || isset($_POST['template'])) && isset($_POST['msgid'])) {
SQL_Query_exec("UPDATE messages SET `subject` = {$subject}, `msg` = {$msg} WHERE `id` = {$_POST['msgid']} AND `sender` = {$CURUSER['id']}") or die("arghh");
} else {
$to = @$_POST['draft'] ? 'draft' : (@$_POST['template'] ? 'template' : (@$_POST['save'] ? 'both' : 'in'));
$status = @$_POST['send'] ? 'yes' : 'no';
//===| Start Blocked Users
$blocked = SQL_Query_exec("SELECT id FROM blocked WHERE userid={$sendto} AND blockid={$CURUSER['id']}");
$show = mysql_num_rows($blocked);
if ($show != 0 && $CURUSER["control_panel"] != "yes") {
show_error_msg("Error", "[B]You're blocked by this member and you can not send messages to him![/B]\n", 1);
}
//===| End Blocked Users
SQL_Query_exec("INSERT INTO `messages` (`sender`, `receiver`, `added`, `subject`, `msg`, `unread`, `location`) VALUES ('{$CURUSER['id']}', '{$sendto}', '" . get_date_time() . "', {$subject}, {$msg}, '{$status}', '{$to}')") or die("Aargh!");
// email notif
$res = SQL_Query_exec("SELECT id, acceptpms, notifs, email FROM users WHERE id='{$sendto}'");
$user = mysql_fetch_assoc($res);
if (strpos($user['notifs'], '[pm]') !== false) {
$cusername = $CURUSER["username"];
$body = "You have received a PM from " . $cusername . "\n\nYou can use the URL below to view the message (you may have to login).\n\n " . $site_config['SITEURL'] . "/mailbox.php\n\n" . $site_config['SITENAME'] . "";
sendmail($user["email"], "You have received a PM from {$cusername}", $body, "From: {$site_config['SITEEMAIL']}", "-f{$site_config['SITEEMAIL']}");
}
//end email notif
if (isset($_POST['msgid'])) {
SQL_Query_exec("DELETE FROM messages WHERE `location` = 'draft' AND `sender` = {$CURUSER['id']} AND `id` = {$_POST['msgid']}") or die("arghh");
}
}
if (isset($_POST['send'])) {
$info = "Message sent successfully" . (@$_POST['save'] ? ", a copy has been saved in your Outbox" : "");
if ($record_mail) {
$date = time();
$userid = $CURUSER["id"];
if ($count > 0 && $mail) {
mysql_query("update avps set value_i='{$date}', value_u='{$count}', value_s='{$userid}' WHERE arg='inactivemail' ") or sqlerr(__FILE__, __LINE__);
}
}
if ($mail) {
stderr("Success", "Messages sent.");
} else {
stderr("Error", "Try again.");
}
}
}
stdhead("Inactive Users");
$dt = sqlesc(get_date_time(gmtime() - $days * 86400));
$res = sql_query("SELECT id,username,class,email,uploaded,downloaded,last_access FROM users WHERE last_access<{$dt} AND status='confirmed' AND enabled='yes' ORDER BY last_access DESC ") or sqlerr(__FILE__, __LINE__);
$count = mysql_num_rows($res);
if ($count > 0) {
?>
<script LANGUAGE="JavaScript">
<!-- Begin
var checkflag = "false";
function check(field) {
if (checkflag == "false") {
for (i = 0; i < field.length; i++) {
field[i].checked = true;}
checkflag = "true";
return "Uncheck All"; }
else {
$subject = sqlesc("BlackJack Results.");
sql_query("INSERT INTO messages (sender, receiver, added, msg, poster, subject) VALUES(0, {$a['userid']}, {$dt}, {$msg}, 0, {$subject})") or sqlerr(__FILE__, __LINE__);
} elseif ($a["points"] > $playerarr[points] && $a[points] > 21) {
$winorlose = "you won " . prefixed($mb);
sql_query("update users set uploaded = uploaded + {$mb}, bjwins = bjwins + 1 where id={$CURUSER['id']}") or sqlerr(__FILE__, __LINE__);
sql_query("update users set uploaded = uploaded - {$mb}, bjlosses = bjlosses + 1 where id={$a['userid']}") or sqlerr(__FILE__, __LINE__);
sql_query("delete from blackjack where userid={$CURUSER['id']}");
sql_query("delete from blackjack where userid={$a['userid']}");
$dt = sqlesc(get_date_time());
$msg = sqlesc("You lost to {$CURUSER['username']} (You had {$a['points']} points, {$CURUSER['username']} had {$playerarr['points']} points).\n\n - [b][url=blackjack.php]Play again[/url][/b]");
$subject = sqlesc("BlackJack Results.");
sql_query("INSERT INTO messages (sender, receiver, added, msg, poster, subject) VALUES(0, {$a['userid']}, {$dt}, {$msg}, 0, {$subject})") or sqlerr(__FILE__, __LINE__);
}
echo "<tr><td align=center>Your opponent was " . get_user_name($a["userid"]) . ", they had {$a['points']} points, {$winorlose}.<br /><br /><center><b><a href=blackjack.php>Play again</a></b></center></td></tr>";
} else {
sql_query("update blackjack set status = 'waiting', date='" . get_date_time() . "' where userid = {$CURUSER['id']}") or sqlerr(__FILE__, __LINE__);
echo "<tr><td align=center>There are no other players, so you'll have to wait until someone plays against you.<br />You will receive a PM with the game results.<br /><br /><center><b><a href=blackjack.php>Back</a></b><br /></center></td></tr>";
}
echo "</table>";
echo "</td></tr></table><br>";
stdfoot();
}
} else {
// Start screen - Not currently playing a game
stdhead("Blackjack");
echo "<h1><center>Blackjack</center></h1>\n";
echo "<table cellspacing=0 cellpadding=3 width=400>\n";
echo "<tr><td colspan=2 cellspacing=0 cellpadding=5 align=center>\n";
echo "<table class=message width=100% cellspacing=0 cellpadding=10 bgcolor=black>\n";
echo "<tr><td align=center><img src=pic/cards/tp.bmp width=71 height=96 border=0> <img src=pic/cards/vp.bmp width=71 height=96 border=0> </td></tr>\n";
echo "<tr><td align=left>You must collect 21 points without going over.<br><br>\n";
$updateset[] = "warned = " . sqlesc($warned);
$updateset[] = "warneduntil = 0";
if ($warned == 'no') {
$modcomment = get_date(time(), 'DATE', 1) . "{$lang['modtask_warned']}" . $CURUSER['username'] . ".\n" . $modcomment;
$msg = sqlesc("{$lang['modtask_warned_removed']}" . $CURUSER['username'] . ".");
$added = time();
mysql_query("INSERT INTO messages (sender, receiver, msg, added) VALUES (0, {$userid}, {$msg}, {$added})") or sqlerr(__FILE__, __LINE__);
}
}
// Reset LastUpload
// Auto Demote Uploader by XiaNYdE // start
// support - http://bit.ly/5NtmgT
// http://xList.ro/
// http://tbdev.xlist.ro/
if (isset($_POST['reset']) && $_POST['reset']) {
mysql_query("UPDATE users SET last_upload = '" . get_date_time() . "', upped = 'no' WHERE id={$userid}") or sqlerr(__FILE__, __LINE__);
$modcomment = gmdate("Y-m-d") . " - LastUp Time Reset by " . $CURUSER['username'] . ".\n" . $modcomment;
}
// Set warning - Time based
if (isset($_POST['warnlength']) && ($warnlength = 0 + $_POST['warnlength'])) {
unset($warnpm);
if (isset($_POST['warnpm'])) {
$warnpm = $_POST['warnpm'];
}
if ($warnlength == 255) {
$modcomment = get_date(time(), 'DATE', 1) . "{$lang['modtask_warned_by']}" . $CURUSER['username'] . ".\n{$lang['modtask_reason']} {$warnpm}\n" . $modcomment;
$msg = sqlesc("{$lang['modtask_warning_received']}" . $CURUSER['username'] . ($warnpm ? "\n\n{$lang['modtask_reason']} {$warnpm}" : ""));
$updateset[] = "warneduntil = 0";
} else {
$warneduntil = time() + $warnlength * 604800;
$dur = $warnlength . "{$lang['modtask_week']}" . ($warnlength > 1 ? "s" : "");
$ctype = "image/gif";
break;
case "png":
$ctype = "image/png";
break;
case "jpeg":
case "jpg":
$ctype = "image/jpg";
break;
default:
$ctype = "application/force-download";
}
sql_query("UPDATE attachments SET downloads = downloads + 1 WHERE id = " . sqlesc($id)) or sqlerr(__FILE__, __LINE__);
$res = sql_query("SELECT fileid FROM attachmentdownloads WHERE fileid=" . sqlesc($id) . " AND userid=" . sqlesc($CURUSER['id']));
if (mysql_num_rows($res) == "0") {
sql_query("INSERT INTO attachmentdownloads (filename,fileid,username,userid,date,downloads) VALUES (" . sqlesc($resat['filename']) . ", " . sqlesc($id) . ", " . sqlesc($CURUSER['username']) . ", " . sqlesc($CURUSER['id']) . ", " . sqlesc(get_date_time()) . ", 1)") or sqlerr(__FILE__, __LINE__);
} else {
sql_query("UPDATE attachmentdownloads SET downloads = downloads + 1 WHERE fileid=" . sqlesc($id) . " AND userid=" . sqlesc($CURUSER['id']));
}
header("Pragma: public");
// required
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Cache-Control: private", false);
// required for certain browsers
header("Content-Type: {$ctype}");
// change, added quotes to allow spaces in filenames, by Rajkumar Singh
header("Content-Disposition: attachment; filename=\"" . basename($filename) . "\";");
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . filesize($filename));
readfile("{$filename}");
echo '</fieldset>';
echo '</div>';
break;
case 4:
// Show logs
echo '<div class="voters" id="voters">';
echo '<fieldset><legend>'._('registro de eventos de la noticia').'</legend>';
echo '<div id="voters-container">';
$logs = $db->get_results("select logs.*, UNIX_TIMESTAMP(logs.log_date) as ts, user_id, user_login, user_level, user_avatar from logs, users where log_type in ('link_new', 'link_publish', 'link_discard', 'link_edit', 'link_geo_edit', 'link_depublished') and log_ref_id=$link->id and user_id= log_user_id order by log_date desc");
if ($logs) {
foreach ($logs as $log) {
echo '<div style="width:100%; display: block; clear: both; border-bottom: 1px solid #FFE2C5;">';
echo '<div style="width:30%; float: left;padding: 4px 0 4px 0;">'.get_date_time($log->ts).'</div>';
echo '<div style="width:24%; float: left;padding: 4px 0 4px 0;"><strong>'.$log->log_type.'</strong></div>';
echo '<div style="width:45%; float: left;padding: 4px 0 4px 0;">';
if ($link->author != $log->user_id && ($log->user_level == 'admin' || $log->user_level == 'god')) {
// It was edited by an admin
echo '<img src="'.get_no_avatar_url(20).'" width="20" height="20" alt="'.$log->user_login.'"/> ';
echo ('admin');
if ($current_user->admin) {
echo ' ('.$log->user_login.')';
}
} else {
echo '<a href="'.get_user_uri($log->user_login).'" title="'.$log->date.'">';
echo '<img src="'.get_avatar_url($log->log_user_id, $log->user_avatar, 20).'" width="20" height="20" alt="'.$log->user_login.'"/> ';
echo $log->user_login;
echo '</a>';
}
}
$row = mysql_fetch_row($result);
if ($row && ($CURUSER["edit_users"] == "yes" || $CURUSER['username'] == $row[1])) {
$query = "DELETE FROM shoutbox WHERE msgid=" . $_GET['del'];
write_log("<b><font color='orange'>Shout Deleted: </font> Deleted by " . $CURUSER['username'] . "</b>");
SQL_Query_exec($query);
}
}
//INSERT MESSAGE
if (!empty($_POST['message']) && $CURUSER) {
$_POST['message'] = sqlesc($_POST['message']);
$query = "SELECT COUNT(*) FROM shoutbox WHERE message=" . $_POST['message'] . " AND user='******'username'] . "' AND UNIX_TIMESTAMP('" . get_date_time() . "')-UNIX_TIMESTAMP(date) < 30";
$result = SQL_Query_exec($query);
$row = mysql_fetch_row($result);
if ($row[0] == '0') {
$query = "INSERT INTO shoutbox (msgid, user, message, date, userid) VALUES (NULL, '" . $CURUSER['username'] . "', " . $_POST['message'] . ", '" . get_date_time() . "', '" . $CURUSER['id'] . "')";
SQL_Query_exec($query);
}
}
//GET CURRENT USERS THEME AND LANGUAGE
if ($CURUSER) {
$ss_a = @mysql_fetch_assoc(@SQL_Query_exec("select uri from stylesheets where id=" . $CURUSER["stylesheet"]));
if ($ss_a) {
$THEME = $ss_a["uri"];
}
} else {
//not logged in so get default theme/language
$ss_a = mysql_fetch_assoc(SQL_Query_exec("select uri from stylesheets where id='" . $site_config['default_theme'] . "'"));
if ($ss_a) {
$THEME = $ss_a["uri"];
}
function write_log($text, $color = "transparent", $type = "tracker")
{
$type = sqlesc($type);
$color = sqlesc($color);
$text = sqlesc($text);
$added = sqlesc(get_date_time());
sql_query("INSERT INTO sitelog (added, color, txt, type) VALUES({$added}, {$color}, {$text}, {$type})");
}
