$sup_list .= "{$uname} (" . $uuid . ")"; if ($x != pg_numrows($tmp) - 1) { $sup_list .= ", "; } else { $sup_list .= "."; } } $nbsupz = pg_numrows($tmp); $tmp = pg_safe_exec("SELECT user_name,flags FROM users WHERE id='{$uid}'"); $obj = pg_fetch_object($tmp, 0); $applicant = $obj->user_name . " (" . $uid . ")"; $appflags = $obj->flags; if ($extaction == "NOREG") { $sup_list .= " Added to NOREG : " . trim($added) . "."; } log_channel($c, 13, "Manual Application Reject ({$decision}) - Applicant was: {$applicant}, Supporters were : " . $sup_list); review_count_add($user_id); if ($extaction == "NOREG") { $u_name = $NR_user_name; $def_email = $NR_email; $c_name = $NR_channel_name; if ($NR_reason != "") { $def_reason = $NR_reason; } else { if ($NR_type == 2) { $def_reason = "registration fraud (" . str_replace("'", "\\'", $c_name) . ")"; } if ($NT_type == 4) { $def_reason = "bogus username (" . str_replace("'", "\\'", $c_name) . ")"; } }
header("Location: right.php\n\n"); die; } $sret = urldecode($retret); $tmp = explode("-", $id); $created_ts = $tmp[0]; $channel_id = $tmp[1]; $res = pg_safe_exec("SELECT * FROM pending WHERE channel_id='{$channel_id}' AND created_ts='{$created_ts}' AND reviewed='Y'"); if (pg_numrows($res) == 0) { // that id is already reviewed or non existing echo "That application is either non existant or not reviewed."; die; } else { $o = pg_fetch_object($res, 0); $status = $o->status; if ($admin >= 800 || $status == 2 || $status == 3 || $status == 8) { $do_it = 1; } else { $do_it = 0; } } if ($do_it == 0) { echo "You can't clear applications' reviews from that 'status' (" . ($status + 0) . ")."; die; } $q = "UPDATE pending SET reviewed='N',reviewed_by_id=1,last_updated=now()::abstime::int4 WHERE channel_id='{$channel_id}' AND created_ts='{$created_ts}'"; pg_safe_exec($q); review_count_rem($user_id); log_channel($channel_id, 18, "Cleared Application Review"); header("Location: view_app.php?id={$id}&special_ret=" . urlencode($sret) . "\n\n"); die;
$decision2 = $decision2 . $decision; // echo "$decision";die; $quer2 = "UPDATE pending SET status=3,last_updated=now()::abstime::int4,decision_ts=now()::abstime::int4,decision='{$decision2}' WHERE channel_id='{$c}'"; pg_safe_exec($quer2); $res = pg_safe_exec("SELECT manager_id FROM pending WHERE channel_id='{$c}'"); $row = pg_fetch_object($res, 0); $m_id = $row->manager_id; pg_safe_exec("UPDATE channels SET registered_ts=now()::abstime::int4,last_updated=now()::abstime::int4,comment='' WHERE id='{$c}'"); pg_safe_exec("INSERT INTO levels (channel_id,user_id,access,added,added_by,last_modif,last_modif_by,last_updated) VALUES ({$c},{$m_id},500,now()::abstime::int4,'*** REGPROC ***',now()::abstime::int4,'*** REGPROC ***',now()::abstime::int4)"); pg_safe_exec("UPDATE users_lastseen SET last_updated=now()::abstime::int4,last_seen=now()::abstime::int4 WHERE user_id='{$m_id}'"); $qqq = "UPDATE pending SET reviewed='Y',reviewed_by_id='{$user_id}' WHERE channel_id='{$c}'"; pg_safe_exec($qqq); $bla = pg_safe_exec("SELECT user_name FROM users WHERE id='{$m_id}'"); $blo = pg_fetch_object($bla, 0); $mgr_name = $blo->user_name; log_channel($c, 7, "to {$mgr_name}"); review_count_add($user_id); /* $quer3 = "INSERT INTO mailq (user_id,channel_id,created_ts,template,var1,var2,var3,var4,var5) VALUES ($m_id,$c,now()::abstime::int4,3,'','','','','')"; pg_safe_exec($quer3); */ echo "<font color=#" . $cTheme->main_warnmsg . "><b>CHANNEL HAS BEEN ACCEPTED/REGISTERED SUCCESSFULLY</b></font>\n"; if ($ret == "") { $ret = "../list_app.php"; } echo "<script language=\"JavaScript1.2\">\n<!--\n\tsetTimeout(location.href='" . urldecode($ret) . "',3000);\n//-->\n</script>\n"; } ?> </body> </html>
unset($edit); unset($force); $edit = 0; $force = 0; switch ($action) { case "edit": //$edit=1; $edit = 0; // disabled for now break; case "force": if ($admin >= 600) { $edit = 1; $force = 1; $access = $admin; log_channel($id, 6, ""); } break; default: //if ($admin>0) { local_seclog("View '" . $channel->name . "' (" . $channel->id . ")"); } else { // if ($admin==0 && $access>0) { local_seclog("View '" . $channel->name . "' (" . $channel->id . ") as chanop level " . (int)$access); } //} break; } function set_flag($allowed, &$num, $bit, $bool) { global $database; if (!$allowed) { return; } switch ($bool) {
$usr3_q = pg_safe_exec("SELECT user_name FROM users WHERE id='{$user_id}'"); if (pg_numrows($usr1_q) == 0 || pg_numrows($usr2_q) == 0 || pg_numrows($usr3_q) == 0) { local_headers(); echo "Doh!:@^#"; die; } $usr1 = pg_fetch_object($usr1_q, 0); $usr2 = pg_fetch_object($usr2_q, 0); $usr3 = pg_fetch_object($usr3_q, 0); $curr_comment = str_replace("'", "\\'", trim($channel->comment)); $new_comment = " - " . "Turned temporary managership to PERMANENT (old manager:" . $usr1->user_name . ", new manager:" . $usr2->user_name . ") on [" . date("M d Y H:i:s", time() - date("Z")) . " GMT/UTC] by: " . $usr3->user_name . "."; $the_email = ""; $the_email .= "Hello,\n\n"; $the_email .= "The *TEMPORARY* manager change request for channel '{$channel->name}' has expired and was turned into a permanent change.\n\n"; $the_email .= "User '" . $usr1->user_name . "' is now unsuspended, and level 499, and\n"; $the_email .= "user '" . $usr2->user_name . "' is now permanently level 500.\n\n"; $the_email .= "\n"; $the_email .= "Regards.\n"; $the_email .= "\n"; $the_email .= "\n"; $the_email .= "The " . NETWORK_NAME . " Channel Service.\n"; //echo $the_email; die; pg_safe_exec("UPDATE levels SET access=499,last_modif=now()::abstime::int4,last_updated=now()::abstime::int4,suspend_expires=0,suspend_level=NULL,suspend_by='',last_modif_by='*** MANAGER CHANGE ***' WHERE access=500 AND user_id='{$pending->manager_id}' AND channel_id='{$pending->channel_id}'"); pg_safe_exec("UPDATE levels SET last_modif=now()::abstime::int4,last_updated=now()::abstime::int4,last_modif_by='*** MANAGER CHANGE ***' WHERE access=500 AND user_id='{$pending->new_manager_id}' AND channel_id='{$pending->channel_id}'"); $chan_update = "UPDATE channels SET last_updated=now()::abstime::int4,comment='" . str_replace("\n", "\\n", $new_comment) . "' WHERE id='{$pending->channel_id}'"; pg_safe_exec($chan_update); mail($usr1->email, "[" . $channel->name . "] Manager Change (Turned Permanent)", $the_email, "From: " . $x_at_email . "\nCc: " . $usr2->email . "\nReply-to: Dont.Reply@Thank.You\nX-Mailer: " . NETWORK_NAME . " Channel Service\n\n"); pg_safe_exec("UPDATE pending_mgrchange SET confirmed='8' WHERE id='{$id}'"); log_channel($pending->channel_id, 12, "Channel Temporary change became permanent (old manager: " . $usr2->user_name . " (" . $usr2->id . "), new manager: " . $usr1->user_name . " (" . $usr1->id . "))."); header("Location: view_tmp.php\n\n"); die;
$usr3_q = pg_safe_exec("SELECT user_name FROM users WHERE id='{$user_id}'"); if (pg_numrows($usr1_q) == 0 || pg_numrows($usr2_q) == 0 || pg_numrows($usr3_q) == 0) { local_headers(); echo "Doh!:@^#"; die; } $usr1 = pg_fetch_object($usr1_q, 0); $usr2 = pg_fetch_object($usr2_q, 0); $usr3 = pg_fetch_object($usr3_q, 0); $curr_comment = str_replace("'", "\\'", trim($channel->comment)); $new_comment = " - " . "Reverted back temp managership from \\'" . $usr2->user_name . "\\' to \\'" . $usr1->user_name . "\\' on [" . date("M d Y H:i:s", time() - date("Z")) . " GMT/UTC] by: " . $usr3->user_name . "."; $the_email = ""; $the_email .= "Hello,\n\n"; $the_email .= "The *TEMPORARY* manager change request for channel '{$channel->name}' has expired and was reverted to original owner.\n\n"; $the_email .= "User '" . $usr1->user_name . "' is now unsuspended, and\n"; $the_email .= "user '" . $usr2->user_name . "' is now level 499.\n\n"; $the_email .= "\n"; $the_email .= "Regards.\n"; $the_email .= "\n"; $the_email .= "\n"; $the_email .= "The " . NETWORK_NAME . " Channel Service.\n"; //echo $the_email; die; pg_safe_exec("UPDATE levels SET last_modif=now()::abstime::int4,last_updated=now()::abstime::int4,suspend_expires=0,suspend_level=NULL,suspend_by='',last_modif_by='*** MANAGER CHANGE ***' WHERE access=500 AND user_id='{$pending->manager_id}' AND channel_id='{$pending->channel_id}'"); pg_safe_exec("UPDATE levels SET access=499,last_modif=now()::abstime::int4,last_updated=now()::abstime::int4,last_modif_by='*** MANAGER CHANGE ***' WHERE access=500 AND user_id='{$pending->new_manager_id}' AND channel_id='{$pending->channel_id}'"); $chan_update = "UPDATE channels SET last_updated=now()::abstime::int4,flags='" . $new_flags . "',comment='" . str_replace("\n", "\\n", $new_comment) . "' WHERE id='{$pending->channel_id}'"; pg_safe_exec($chan_update); mail($usr1->email, "[" . $channel->name . "] Manager Change (Reverted)", $the_email, "From: " . $x_at_email . "\nCc: " . $usr2->email . "\nReply-to: Dont.Reply@Thank.You\nX-Mailer: " . NETWORK_NAME . " Channel Service\n\n"); pg_safe_exec("UPDATE pending_mgrchange SET confirmed='8' WHERE id='{$id}'"); log_channel($pending->channel_id, 12, "Channel reverted back from " . $usr2->user_name . " (" . $usr2->id . ") to " . $usr1->user_name . " (" . $usr1->id . ")."); header("Location: view_tmp.php\n\n"); die;
// that id is already reviewed or non existing echo "That application is either non existant or already reviewed."; die; } else { $o = pg_fetch_object($res, 0); $status = $o->status; if ($status == 2 || $status == 3 || $status == 8) { $do_it = 1; } else { $do_it = 0; } } if ($do_it == 0) { echo "You can't review applications from that 'status' (" . ($status + 0) . ")."; die; } $q = "UPDATE pending SET reviewed='Y',reviewed_by_id='{$user_id}',last_updated=now()::abstime::int4 WHERE channel_id='{$channel_id}' AND created_ts='{$created_ts}'"; pg_safe_exec($q); review_count_add($user_id); log_channel($channel_id, 17, "Reviewed Application"); //header("Location: view_app.php?id=$id&special_ret=" . urlencode($sret) . "\n\n"); if (ereg("/", $sret)) { $fslpos = strpos($sret, "/"); $ssret = substr($sret, $fslpos + 2); $sslpos = strpos($ssret, "/"); $zret = str_replace(" ", "+", str_replace("#", "%23", substr($ssret, $sslpos))); } else { $zret = $sret; } header("Location: " . $zret . "\n\n"); die;
$quer3 = "INSERT INTO noreg (user_name,email,channel_name,type,expire_time,created_ts,set_by,reason) VALUES ('','','{$c_name}',1,(now()::abstime::int4+86400*3),now()::abstime::int4,'{$set_by}','{$def_reason}')"; pg_safe_exec($quer3); $quer4 = "INSERT INTO noreg (user_name,email,channel_name,type,expire_time,created_ts,set_by,reason) VALUES ('{$u_name}','{$def_email}','',1,(now()::abstime::int4+86400*3),now()::abstime::int4,'{$set_by}','{$def_reason}')"; pg_safe_exec($quer4); $tmp = pg_safe_exec("SELECT supporters.user_id,users.user_name FROM supporters,pending,users WHERE supporters.user_id=users.id AND pending.channel_id=supporters.channel_id AND pending.channel_id='{$id}'"); $sup_list = ""; for ($x = 0; $x < pg_numrows($tmp); $x++) { $row = pg_fetch_object($tmp, $x); $uname = $row->user_name; $uuid = $row->user_id; $sup_list .= "{$uname} (" . $uuid . ")"; if ($x != pg_numrows($tmp) - 1) { $sup_list .= ", "; } } log_channel($id, 16, "NON-SUPPORT from {$user_name} (" . str_replace("\\"", """, str_replace("\n", "<br>", htmlspecialchars($comments))) . ") - Applicant was: {$applicant}, Supporters were: " . $sup_list); //echo htmlspecialchars($query); die; echo "<script language=\"JavaScript1.2\">\n<!--\n\tlocation.href='../right.php';\n//-->\n</script>\n"; } } echo "</body></html>\n\n"; die; } // read decision. echo "<form>\n"; // ADD INFORMATION (applicant username, description) $q = "SELECT * FROM pending WHERE channel_id='{$id}' AND status='0'"; $r = pg_safe_exec($q); $o = pg_fetch_object($r, 0); $m_id = $o->manager_id; $c_desc = $o->description;
echo "</table>\n"; echo "<br><br>\n"; echo "<input type=button value=\"NO, CANCEL !!\" onClick=\"history.go(-1);\">"; echo " "; echo "<input type=submit value=\"YES, REMOVE THIS ENTRY FROM THE LIST IT HAS BEEN TREATED MANUALLY\">\n"; echo "</form></body></html>\n\n"; die; } pg_safe_exec("DELETE FROM pending_mgrchange WHERE id='" . ($_GET["id"] + 0) . "'"); if ($chanok) { $chanstr = "OK"; } else { $chanstr = "NO"; } if ($mgrok) { $mgrstr = "OK"; } else { $mgrstr = "NO"; } if ($newmgrok) { $newmgrstr = "OK"; } else { $newmgrstr = "NO"; } log_channel($pending->channel_id, 12, "Manually treated / Removed from the list [CHAN=" . $chanstr . ",MGR=" . $mgrstr . ",NEWMGR=" . $newmgrstr . "]"); if ($_GET["r"] == 2) { header("Location: ./view_tmp.php\n\n"); } else { header("Location: ./\n\n"); } die;
if (pg_numrows($usr1_q) == 0 || pg_numrows($usr2_q) == 0 || pg_numrows($usr3_q) == 0) { local_headers(); echo "Doh!:@^#"; die; } $usr1 = pg_fetch_object($usr1_q, 0); $usr2 = pg_fetch_object($usr2_q, 0); $usr3 = pg_fetch_object($usr3_q, 0); $curr_comment = str_replace("'", "\\'", trim($channel->comment)); $new_comment = " - " . "Changed managership from \\'" . $usr1->user_name . "\\' to \\'" . $usr2->user_name . "\\' on [" . date("M d Y H:i:s", time() - date("Z")) . " GMT/UTC] by: " . $usr3->user_name . "."; $the_email = ""; $the_email .= "Hello,\n\n"; $the_email .= "The *PERMANENT* manager change request for channel '" . $channel->name . "' was completed successfully.\n\n"; $the_email .= "User '" . $usr1->user_name . "' is now level 499, and\n"; $the_email .= "user '" . $usr2->user_name . "' is now the new Channel Manager (500).\n\n"; $the_email .= "\n"; $the_email .= "Congratulations.\n"; $the_email .= "\n"; $the_email .= "\n"; $the_email .= "The " . NETWORK_NAME . " Channel Service.\n"; //echo $the_email; die; pg_safe_exec("UPDATE levels SET access=499,last_modif=now()::abstime::int4,last_updated=now()::abstime::int4,last_modif_by='*** MANAGER CHANGE ***' WHERE access=500 AND user_id='{$pending->manager_id}' AND channel_id='{$pending->channel_id}'"); pg_safe_exec("UPDATE levels SET access=500,last_modif=now()::abstime::int4,last_updated=now()::abstime::int4,last_modif_by='*** MANAGER CHANGE ***' WHERE access=499 AND user_id='{$pending->new_manager_id}' AND channel_id='{$pending->channel_id}'"); $chan_update = "UPDATE channels SET description='Manager Change has been successfully completed.',url='',last_updated=now()::abstime::int4,flags='{$new_flags}',comment='" . str_replace("\n", "\\n", $new_comment) . "' WHERE id='{$pending->channel_id}'"; pg_safe_exec($chan_update); mail($usr1->email, "[" . $channel->name . "] Manager Change (Accepted)", $the_email, "From: " . $x_at_email . "\nCc: " . $usr2->email . "\nReply-to: Dont.Reply@Thank.You\nX-Mailer: " . NETWORK_NAME . " Channel Service\n\n"); pg_safe_exec("UPDATE pending_mgrchange SET confirmed='2' WHERE id='{$id}'"); log_channel($pending->channel_id, 12, "Permanent Change Accepted. From " . $usr1->user_name . " (" . $usr1->id . ") to " . $usr2->user_name . " (" . $usr2->id . ")."); } header("Location: ./\n\n"); die;
$query = "UPDATE pending SET status=4,last_updated=now()::abstime::int4,decision='Cancelled by applicant',decision_ts=now()::abstime::int4 WHERE channel_id='{$c}' AND created_ts='{$id}'"; pg_safe_exec($query); //echo htmlspecialchars($query); die; $applicant = $user_name . " (" . $user_id . ")"; $tmp = pg_safe_exec("SELECT supporters.user_id,users.user_name FROM supporters,pending,users WHERE supporters.user_id=users.id AND pending.channel_id=supporters.channel_id AND pending.channel_id='{$c}'"); $sup_list = ""; for ($x = 0; $x < pg_numrows($tmp); $x++) { $row = pg_fetch_object($tmp, $x); $uname = $row->user_name; $uuid = $row->user_id; $sup_list .= "{$uname} (" . $uuid . ")"; if ($x != pg_numrows($tmp) - 1) { $sup_list .= ", "; } } log_channel($c, 14, "Application Cancelled by applicant - Applicant was: {$applicant}, Supporters were: " . $sup_list); echo "<script language=\"JavaScript1.2\">\n<!--\n\tlocation.href='../right.php';\n//-->\n</script>\n"; echo "</body></html>\n\n"; die; } // read decision. echo "<form name=confirm action=cancel_application.php method=post>\n"; echo "<h3>Are you sure you want to CANCEL your application for channel {$c_name} ?</h3>\n"; echo "<i>if you cancel your application, your pending channel will not be registered,<br>\n"; echo "and you will be able to apply for another channel.</i><br><br>\n"; echo "<input type=submit value=\" YES, CANCEL IT! \"> <input type=button value=\" NO, DON'T DO THAT \" onClick=\"location.href='../right.php';\"><br>\n"; echo "<input type=hidden name=id value={$id}>\n"; $zets = time(); $zecrc = md5("{$HTTP_USER_AGENT}" . $zets . CRC_SALT_0013); echo "<input type=hidden name=ts value={$zets}>\n"; echo "<input type=hidden name=c value={$c}>\n";
$channels_q = "UPDATE channels SET name='{$channel_nameF}',mass_deop_pro=0,flood_pro=0,flags=0,limit_offset=3,limit_period=20,limit_grace=1,limit_max=0,userflags=0,url='',description='',keywords='',registered_ts=now()::abstime::int4,channel_ts=0,channel_mode='',comment='',last_updated=now()::abstime::int4 WHERE id='{$channel_id}'"; } $lastreq = pg_safe_exec($channels_q); } else { if (REQUIRED_SUPPORTERS > 0) { $channels_q = "INSERT INTO channels (name,url,description,keywords,registered_ts,channel_ts,channel_mode,comment,last_updated,mass_deop_pro,flood_pro,flags,limit_offset,limit_period,limit_grace,limit_max,userflags) VALUES ('{$channel_nameF}','','','',0,0,'','',now()::abstime::int4,0,0,0,3,20,1,0,0)"; } else { $channels_q = "INSERT INTO channels (name,url,description,keywords,registered_ts,channel_ts,channel_mode,comment,last_updated,mass_deop_pro,flood_pro,flags,limit_offset,limit_period,limit_grace,limit_max,userflags) VALUES ('{$channel_nameF}','','','',now()::abstime::int4,0,'','',now()::abstime::int4,0,0,0,3,20,1,0,0)"; } $lastreq = pg_safe_exec($channels_q); $res = pg_safe_exec("SELECT id FROM channels WHERE name='{$channel_nameF}'"); $row = pg_fetch_object($res, 0); if ($row->id > 0) { $channel_id = $row->id; } log_channel($channel_id, 15, "New Incoming Application"); } if (!$lastreq) { pg_safe_exec("ROLLBACK WORK"); die("Fatal Error while processing application (upd/ins_chan): <a href=\"javascript:history.go(-1);\">click here</a>.\n"); } if (REQUIRED_SUPPORTERS > 0) { $pending_q = "INSERT INTO pending (channel_id,manager_id,created_ts,decision_ts,decision,comments,description,managername,last_updated,reg_acknowledged,check_start_ts) VALUES ({$channel_id},{$manager_id},now()::abstime::int4,0,'','','{$description}','{$managername}',now()::abstime::int4,'N',0)"; } else { $pending_q = "INSERT INTO pending (channel_id,manager_id,created_ts,decision_ts,decision,comments,description,managername,last_updated,reg_acknowledged,check_start_ts,status) VALUES ({$channel_id},{$manager_id},now()::abstime::int4,now()::abstime::int4,'** INSTANT REGISTRATION **','','{$description}','{$managername}',now()::abstime::int4,'Y',0,3)"; } $lastreq = pg_safe_exec($pending_q); if (!$lastreq) { pg_safe_exec("ROLLBACK WORK"); die("Fatal Error while processing application (ins_pend): <a href=\"javascript:history.go(-1);\">click here</a>.\n"); }
<?php echo "</form></body></html>\n\n"; die; } $temp = pg_safe_exec("SELECT flags,comment,name FROM channels WHERE id='{$pending->channel_id}'"); $channel = pg_fetch_object($temp, 0); $usr1_q = pg_safe_exec("SELECT user_name,email,id FROM users WHERE id='{$pending->manager_id}'"); $usr2_q = pg_safe_exec("SELECT user_name,email,id FROM users WHERE id='{$pending->new_manager_id}'"); $usr3_q = pg_safe_exec("SELECT user_name FROM users WHERE id='{$user_id}'"); if (pg_numrows($usr1_q) == 0 || pg_numrows($usr2_q) == 0 || pg_numrows($usr3_q) == 0) { local_headers(); echo "Doh!:@^#"; die; } $usr1 = pg_fetch_object($usr1_q, 0); $usr2 = pg_fetch_object($usr2_q, 0); $usr3 = pg_fetch_object($usr3_q, 0); $the_email = ""; $the_email .= "Hello,\n\n"; $the_email .= "The manager change request for channel '" . $channel->name . "' was REJECTED for the following reason(s) :\n\n"; $the_email .= str_replace("\\'", "'", $rreason); $the_email .= "\n\n"; $the_email .= "Sorry.\n"; $the_email .= "\n"; $the_email .= "\n"; $the_email .= "The " . NETWORK_NAME . " Channel Service.\n"; mail($usr1->email, "[" . $channel->name . "] Manager Change (Rejected)", $the_email, "From: " . $x_at_email . "\nReply-to: Dont.Reply@Thank.You\nX-Mailer: " . NETWORK_NAME . " Channel Service\n\n"); pg_safe_exec("UPDATE pending_mgrchange SET confirmed='9' WHERE id='{$id}'"); log_channel($pending->channel_id, 12, "Rejected! (from " . $usr1->user_name . " (" . $usr1->id . ") to " . $usr2->user_name . " (" . $usr2->id . ")) - Reason: " . $rreason . "."); header("Location: ./\n\n"); die;