} else {
// If enterprise in table
if ($db->next_record()) {
if ($db->f("user") == $auth->auth["uname"] || $perm->have_perm("admin")) {
// Insert new products
$tables = "products";
$set = "entid_pro='{$id}',category_pro='{$category_pro}',name_pro='{$name_pro}',description_pro='{$description_pro}',homepage_pro='{$homepage_pro}',status_pro='A',modification_pro=NOW(),creation_pro=NOW()";
if (!$db->query("INSERT {$tables} SET {$set}")) {
mysql_die($db);
}
// Select and show new/updated enterprises with products
entbyentid($db, $id);
probyentid($db, $id);
if ($ml_notify) {
$msg = "insert product \"{$name_pro}\" by " . $auth->auth["uname"] . ".";
mailuser("admin", "insert product", $msg);
}
} else {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
}
// If enterprise is not in table
} else {
$be->box_full($t->translate("Error"), $t->translate("Enterprise") . " (ID: {$id}) " . $t->translate("does not exist") . ".");
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Description specified"));
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Name specified"));
}
function prayerlist_mod($perpage)
{
global $list_prefix;
//this is a module so we should already know if the user is logged in.
//start main code here.
//lets search for request that expire prior to right now.
$sql = "SELECT * FROM " . $list_prefix . "prayer_list WHERE `expired` = '0' AND `expiredate` < '" . time() . "';";
$result = db_query($sql);
@($rows = db_num_rows($result));
$j = 0;
while ($j < $rows) {
$row = db_fetch_array($result);
//mail the user here if they are not anonymous
if (0 != strcmp($row['requested_by'], 'anonymous')) {
mailuser($row['requested_by'], $row);
}
//We need to change this to make the request historical rather than deleting it.
$sql = "UPDATE " . $list_prefix . "prayer_list SET `expired` = '1' WHERE `id`='" . $row['id'] . "';";
//end of change.
$result2 = db_query($sql);
$j++;
}
$MOD['title'] = "Prayer Request";
$MOD['content'] = showlist($perpage);
return $MOD;
}
}
if ($action == "erase" && !$perm->have_perm("admin")) {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
} else {
if (!$db->query($query)) {
mysql_die($db);
} else {
if ($action == "erase") {
$be->box_full($t->translate("Erase"), $t->translate("Customer is erased"));
} else {
entbycusid($db, $id);
cusbycusid($db, $id);
}
if ($ml_notify) {
$msg = "{$action} customer (ID: {$id}) by " . $auth->auth["uname"] . ".";
mailuser("admin", "{$action} customer", $msg);
}
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Description specified"));
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Name specified"));
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
}
}
} else {
}
if ($action == "erase" && !$perm->have_perm("admin")) {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
} else {
if (!$db->query($query)) {
mysql_die($db);
} else {
if ($action == "erase") {
$be->box_full($t->translate("Erase"), $t->translate("Product is erased"));
} else {
entbyproid($db, $id);
probyproid($db, $id);
}
if ($ml_notify) {
$msg = "{$action} product (ID: {$id}) by " . $auth->auth["uname"] . ".";
mailuser("admin", "{$action} product", $msg);
}
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Description specified"));
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Name specified"));
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
}
}
} else {
$deb = trim($deb);
$tgz = trim($tgz);
$cvs = trim($cvs);
$screenshots = trim($screenshots);
$mailarch = trim($mailarch);
$developer = trim($developer);
$description = trim($description);
$email = trim($email);
$depend = trim($depend);
$urgency = trim($urgency);
$section = trim(strtok($seccat, "/"));
$category = trim(strtok("."));
$set = "name='{$name}',type='{$type}',version='{$version}',section='{$section}',category='{$category}',license='{$license}',homepage='{$homepage}',download='{$download}',changelog='{$changelog}',rpm='{$rpm}',deb='{$deb}',tgz='{$tgz}',cvs='{$cvs}',screenshots='{$screenshots}',mailarch='{$mailarch}',developer='{$developer}',description='{$description}',modification=NOW(),creation=NOW(),email='{$email}',depend='{$depend}',user='******',urgency='{$urgency}',status='{$status}'";
$db->query("INSERT pending SET {$set}");
// Select and show new/updated application with counters
$where = "pending.name='{$name}' AND type='{$type}' AND version='{$version}' AND pending.user=auth_user.username";
$group = "pending.name";
$query = "SELECT * FROM pending,auth_user WHERE {$where} GROUP BY {$group}";
apppend($query);
if ($ml_notify) {
$msg = "insert application {$name} {$version} (" . typestr($type) . ") by " . $auth->auth["uname"] . ".";
mailuser("editor", "insert application", $msg);
}
}
}
?>
<!-- end content -->
<?php
require "./include/footer.inc";
@page_close();
if ($showemail == "on") {
$showemail = "yes";
} else {
$showemail = "no";
}
$query = "insert into extra_perms values('{$username}','{$showname}','{$showemail}','yes','yes')";
$db->query($query);
// send mail
$message = $t->translate("Thank you for registering on the {$sys_name} Site. In order") . "\n" . $t->translate("to complete your registration, visit the following URL") . ": \n\n" . $sys_url . "verify.php?confirm_hash={$u_id}\n\n" . $t->translate("Enjoy the site") . ".\n\n" . $t->translate(" -- the {$sys_name} crew") . "\n";
mail($email_usr, "[{$sys_name}] " . $t->translate("Developer Registration"), $message, "From: {$ml_newsfromaddr}\nReply-To: {$ml_newsreplyaddr}\nX-Mailer: PHP");
$msg = $t->translate("Congratulations") . "! " . $t->translate("You have registered on {$sys_name}") . "." . "<p>" . $t->translate("Your new username is") . ": <b>{$username}</b>" . "<p>" . $t->translate("You are now being sent a confirmation email to verify your email address") . "." . "<br>" . $t->translate("Visiting the link sent to you in this email will activate your account") . ".";
if ($ml_notify) {
$message = "Username: {$username}\n";
$message .= "Realname: {$realname}\n";
$message .= "E-Mail: {$email_usr}\n";
mailuser("admin", "New Developer has registered", $message);
}
$bx->box_full($t->translate("Developer Registration"), $msg);
$reg = 1;
break;
default:
break;
}
}
if (!$reg) {
$bx->box_begin();
$bx->box_title($t->translate("Register as a new Developer"));
$bx->box_body_begin();
?>
<table border=0 cellspacing=0 cellpadding=3>
<tr>
$permlist = "user_pending";
$query = "insert into auth_user values('{$u_id}','{$username}','{$password}','{$realname}','{$email_usr}',{$modification_usr},{$creation_usr},'{$permlist}')";
$db->query($query);
if ($db->affected_rows() == 0) {
$be->box_full($t->translate("Error"), $t->translate("Registration of new User failed") . ":<br> {$query}");
break;
}
// send mail
$message = $t->translate("Thank you for registering on the {$sys_name} Site. In order") . "\n" . $t->translate("to complete your registration, visit the following URL") . ": \n\n" . $sys_url . "verify.php?confirm_hash={$u_id}\n\n" . $t->translate("Enjoy the site") . ".\n\n" . $t->translate(" -- the {$sys_name} crew") . "\n";
mail($email_usr, "[{$sys_name}] " . $t->translate("User Registration"), $message, "From: {$ml_newsfromaddr}\nReply-To: {$ml_newsreplyaddr}\nX-Mailer: PHP");
$msg = $t->translate("Congratulations") . "! " . $t->translate("You have registered on {$sys_name}") . "." . "<p>" . $t->translate("Your new username is") . ": <b>{$username}</b>" . "<p>" . $t->translate("You are now being sent a confirmation email to verify your email address") . "." . "<br>" . $t->translate("Visiting the link sent to you in this email will activate your account") . ".";
if ($ml_notify) {
$message = "Username: {$username}\n";
$message .= "Realname: {$realname}\n";
$message .= "E-Mail: {$email_usr}\n";
mailuser("admin", "New User has registered", $message);
}
$bx->box_full($t->translate("User Registration"), $msg);
$reg = 1;
break;
default:
break;
}
}
if (!$reg) {
$bx->box_begin();
$bx->box_title($t->translate("Register as a new User"));
$bx->box_body_begin();
?>
<table border=0 cellspacing=0 cellpadding=3>
<tr>
mail($email_usr, "[{$sys_name}] " . $t->translate("Developer Registration"), $message, "From: {$ml_newsfromaddr}\nReply-To: " . "{$ml_newsreplyaddr}\nX-Mailer: PHP");
$msg = $t->translate("Congratulations") . "! " . $t->translate("You have registered on {$sys_name}") . "." . "<p>" . $t->translate("Your new username is") . ": <b>{$username}</b>" . "<p>" . $t->translate("You are now being sent a confirmation " . "email to verify your email address") . "." . "<br>" . $t->translate("Visiting the link sent to you in this " . "email will activate your account") . ".";
} else {
mail($email_usr, "[{$sys_name}] " . $t->translate("Registration as Sponsor in BerliOS " . "SourceAgency"), $message, "From: {$ml_newsfromaddr}\nReply-To: {$ml_newsreplyaddr}\n" . "X-Mailer: PHP");
$msg = $t->translate("Congratulations") . "! " . $t->translate("You have registered on {$sys_name}") . "." . "<p>" . $t->translate("Your new username is") . ": <b>{$username}</b>" . "<p>" . $t->translate("You are now being sent further " . "information via email") . ".";
}
if ($ml_notify) {
$message = $t->translate("Username") . ": {$username}\n";
if ($user_type == "devel") {
$message .= $t->translate("User type") . ": " . $t->translate("Developer") . "\n";
} else {
$message .= $t->translate("User type") . ": " . $t->translate("Sponsor") . "\n";
}
$message .= $t->translate("Realname") . ": {$realname}\n";
$message .= $t->translate("E-Mail") . ": {$email_usr}\n";
mailuser("admin", $t->translate("New User has registered"), $message);
}
$bx->box_full($t->translate("User Registration"), $msg);
$reg = 1;
break;
default:
break;
}
}
if (!$reg) {
$bx->box_begin();
$bx->box_title($t->translate("Register as a new User"));
$bx->box_body_begin();
?>
<table border="0" cellspacing="0" cellpadding="3">
<tr>
}
if ($action == "erase" && !$perm->have_perm("admin")) {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
} else {
if (!$db->query($query)) {
mysql_die($db);
} else {
if ($action == "erase") {
$be->box_full($t->translate("Erase"), $t->translate("Solution is erased"));
} else {
entbysolid($db, $id);
solbysolid($db, $id);
}
if ($ml_notify) {
$msg = "{$action} solution (ID: {$id}) by " . $auth->auth["uname"] . ".";
mailuser("admin", "{$action} solution", $msg);
}
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Description specified"));
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Name specified"));
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
}
}
} else {
}
if ($action == "erase" && !$perm->have_perm("admin")) {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
} else {
if (!$db->query($query)) {
mysql_die($db);
} else {
if ($action == "erase") {
$be->box_full($t->translate("Erase"), $t->translate("News is erased"));
} else {
entbynewid($db, $id);
newbynewid($db, $id);
}
if ($ml_notify) {
$msg = "{$action} news (ID: {$id}) by " . $auth->auth["uname"] . ".";
mailuser("admin", "{$action} news", $msg);
}
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No News specified"));
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Subject specified"));
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
}
}
} else {
// password are identical?
$be->box_full($t->translate('Error'), $t->translate('The passwords are not identical') . '. ' . $t->translate('Please try again') . '!');
break;
}
$query = "UPDATE auth_user SET password='******', " . "realname='{$realname}', email_usr='******', " . "modification_usr=NOW() WHERE user_id='{$u_id}'";
$db->query($query);
if ($db->affected_rows() == 0) {
lib_die('Change User Parameters failed' . ":<br>{$query}");
break;
}
$bi->box_full($t->translate('Change User Parameters'), $t->translate('Password and/or E-Mail Address of') . ' <b>' . $auth->auth['uname'] . '</b> ' . $t->translate('is changed') . '.');
if ($ml_notify) {
$message = $t->translate('Username') . ': ' . $auth->auth['uname'] . "\n";
$message .= $t->translate('Realname') . ": {$realname}\n";
$message .= $t->translate('E-Mail') . ": {$email_usr}\n";
mailuser('admin', $t->translate('User parameters has changed'), $message);
}
} else {
$be->box_full($t->translate('Error'), $t->translate('Access denied'));
}
break;
default:
break;
}
}
$bx->box_begin();
$bx->box_title($t->translate('Change User Parameters'));
$bx->box_body_begin();
htmlp_form_action();
$bx->box_columns_begin();
$db->query("SELECT * FROM auth_user WHERE username='******'uname'] . "'");
if (!chmod($to, 0666)) {
$be->box_full($t->translate("Error"), $t->translate("Unable to change logofile mode"));
}
}
// Insert new counters
$dbcnt = new DB_SourceBiz();
$tables = "counter";
$set = "entid=" . $db->f("entid");
if (!$dbcnt->query("INSERT {$tables} SET {$set}")) {
mysql_die($dbcnt);
} else {
// Select and show new enterprise with counters
entbyentid($db, $db->f("entid"));
if ($ml_notify) {
$msg = "insert enterprise {$name} by " . $auth->auth["uname"] . ".";
mailuser("admin", "insert enterprise", $msg);
}
}
}
}
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Short Profile specified"));
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Name specified"));
}
}
?>
<!-- end content -->
} else {
// If enterprise in table
if ($db->next_record()) {
if ($db->f("user") == $auth->auth["uname"] || $perm->have_perm("admin")) {
// Insert new services
$tables = "services";
$set = "entid_svc='{$id}',category_svc='{$category_svc}',name_svc='{$name_svc}',description_svc='{$description_svc}',homepage_svc='{$homepage_svc}',status_svc='A',modification_svc=NOW(),creation_svc=NOW()";
if (!$db->query("INSERT {$tables} SET {$set}")) {
mysql_die($db);
}
// Select and show new/updated enterprises with services
entbyentid($db, $id);
svcbyentid($db, $id);
if ($ml_notify) {
$msg = "insert service \"{$name_svc}\" by " . $auth->auth["uname"] . ".";
mailuser("admin", "insert service", $msg);
}
} else {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
}
// If enterprise is not in table
} else {
$be->box_full($t->translate("Error"), $t->translate("Enterprise") . " (ID: {$id}) " . $t->translate("does not exist") . ".");
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Description specified"));
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Name specified"));
}
if (count($classes) > 0) {
$clalist = addslashes(implode($classes, ","));
} else {
$clalist = "";
}
$tables = "classifications";
$set = "type='{$type}',class='{$clalist}'";
$where = "conid='{$id}'";
$query = "UPDATE {$tables} SET {$set} WHERE {$where}";
if (!$db->query($query)) {
mysql_die($db);
} else {
conbyconid($db, $id);
if ($ml_notify) {
$msg = "update classification \"{$clalist}\" of contact (ID: {$id}) by " . $auth->auth["uname"] . ".";
mailuser("admin", "update classification", $msg);
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Contact ID specified"));
}
?>
<!-- end content -->
<?php
require "./include/footer.inc";
page_close();
}
if ($action == "erase" && !$perm->have_perm("admin")) {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
} else {
if (!$db->query($query)) {
mysql_die($db);
} else {
if ($action == "erase") {
$be->box_full($t->translate("Erase"), $t->translate("Service is erased"));
} else {
entbysvcid($db, $id);
svcbysvcid($db, $id);
}
if ($ml_notify) {
$msg = "{$action} service (ID: {$id}) by " . $auth->auth["uname"] . ".";
mailuser("admin", "{$action} service", $msg);
}
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Description specified"));
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Name specified"));
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
}
}
} else {
} else {
// If enterprise in table
if ($db->next_record()) {
if ($db->f("user") == $auth->auth["uname"] || $perm->have_perm("admin")) {
// Insert new solutions
$tables = "solutions";
$set = "entid_sol='{$id}',name_sol='{$name_sol}',description_sol='{$description_sol}',homepage_sol='{$homepage_sol}',status_sol='A',modification_sol=NOW(),creation_sol=NOW()";
if (!$db->query("INSERT {$tables} SET {$set}")) {
mysql_die($db);
}
// Select and show new/updated enterprises with solutions
entbyentid($db, $id);
solbyentid($db, $id);
if ($ml_notify) {
$msg = "insert solution \"{$name_sol}\" by " . $auth->auth["uname"] . ".";
mailuser("admin", "insert solution", $msg);
}
} else {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
}
// If enterprise is not in table
} else {
$be->box_full($t->translate("Error"), $t->translate("Enterprise") . " (ID: {$id}) " . $t->translate("does not exist") . ".");
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Description specified"));
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Name specified"));
}
$where = "software.appid='{$id}' AND software.appid=counter.appid AND software.user=auth_user.username";
$group = "software.appid";
$query = "SELECT {$columns} FROM {$tables} WHERE {$where} GROUP BY {$group}";
appfull($query);
$query = "SELECT * FROM comments,auth_user WHERE appid='{$id}' AND auth_user.username=comments.user_cmt ORDER BY creation_cmt DESC";
cmtshow($query);
} else {
// $operation = "INSERT"
$tables = "pending,auth_user";
$where = "pending.name='" . addslashes($name) . "' AND type='{$type}' AND version='" . addslashes($version) . "' AND pending.user=auth_user.username";
$group = "pending.name";
$query = "SELECT * FROM {$tables} WHERE {$where} GROUP BY {$group}";
// echo "<p>$query\n";
apppend($query);
}
if ($ml_notify) {
$db->query("SELECT name,version,type FROM software WHERE appid='{$id}'");
$db->next_record();
$message = $action . " application " . $db->f("name") . " " . $db->f("version") . " (" . typestr($db->f("type")) . ") by " . $auth->auth["uname"];
mailuser("editor", $action . " application", $message);
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Application ID specified") . "." . "<br>" . $t->translate("Please select") . " <a href=\"" . $sess->url("appbyuser.php") . "\">" . $t->translate("Change Apps") . "</a>.");
}
}
?>
<!-- end content -->
<?php
require "./include/footer.inc";
@page_close();
} else {
if ($action == "erase") {
$be->box_full($t->translate("Erase"), $t->translate("Contact is erased"));
} else {
if ($logoact == "new" && !empty($logo_con_name)) {
if (!copy($logo_con, $sys_logo_dir . $db->f("conid") . "con_" . basename($logo_con_name))) {
$be->box_full($t->translate("Error"), $t->translate("Unable to copy logofile to logo directory"));
}
@chmod($sys_logo_dir . $db->f("conid") . "con_" . basename($logo_con_name), 0666);
}
entbyconid($db, $id);
conbyconid($db, $id);
}
if ($ml_notify) {
$msg = "{$action} contact (ID: {$id}) by " . $auth->auth["uname"] . ".";
mailuser("admin", "{$action} contact", $msg);
}
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Name specified"));
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Contact ID specified"));
}
?>
// Delete comments
$query = "DELETE FROM tblcomment WHERE solutions_id='{$solu_id}'";
debug($query);
$db->query($query);
// Delete documents in document directory
$query = "SELECT document_filename FROM tbldocument WHERE solutions_id='{$solu_id}'";
debug($query);
$db->query($query);
while ($db->next_record()) {
if (!unlink($sys_docu_dir . $solu_id . "document_" . $db->f("document_filename"))) {
$be->box_full($t->translate("Error"), $t->translate("Unable to remove document"));
}
}
// Delete documents
$query = "DELETE FROM tbldocument WHERE solutions_id='{$solu_id}'";
debug($query);
$db->query($query);
// Sent notification mail to administrators
if ($ml_notify) {
$message = "delete solution {$solu_id} by " . $auth->auth["uname"] . "\n";
mailuser("admin", "delete solution", $message);
}
$bx->box_full($t->translate("Delete Solution"), $t->translate("Solution successful deleted"));
}
}
?>
<!-- end content -->
<?php
require "footer.inc";
@page_close();
// If contact in table
if ($db->next_record()) {
// If contact owner is a logged in user
if ($db->f("user") == $auth->auth["uname"] || $perm->have_perm("admin")) {
// Insert new class
$clalist = addslashes(implode($classes, ","));
$tables = "classifications";
$set = "conid='{$id}',type='{$type}',class='{$clalist}'";
if (!$db->query("INSERT {$tables} SET {$set}")) {
mysql_die($db);
}
// Select and show new/updated contact with classification
conbyconid($db, $id);
if ($ml_notify) {
$msg = "insert classification \"{$clalist}\" of contact (ID: {$id}) by " . $auth->auth["uname"] . ".";
mailuser("admin", "insert classification", $msg);
}
// If contact owner isn't a logged in user
} else {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
}
// If contact not in table
} else {
$be->box_full($t->translate("Error"), $t->translate("Contact") . " (ID: {$id}) " . $t->translate("does not exist"));
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Classifications specified"));
}
// If contact id not specified
} else {
}
if ($action == "erase" && !$perm->have_perm("admin")) {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
} else {
if (!$db->query($query)) {
mysql_die($db);
} else {
if ($action == "erase") {
$be->box_full($t->translate("Erase"), $t->translate("Profile is erased"));
} else {
entbyprfid($db, $id);
prfbyprfid($db, $id);
}
if ($ml_notify) {
$msg = "{$action} profile (ID: {$id}) by " . $auth->auth["uname"] . ".";
mailuser("admin", "{$action} profile", $msg);
}
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Profile specified"));
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Profile ID specified"));
}
?>
if (!$db->query("SELECT {$columns} FROM {$tables} WHERE {$where}")) {
mysql_die($db);
} else {
// If contact already exists
if ($db->num_rows() > 0) {
$be->box_full($t->translate("Error"), $t->translate("Contact") . " {$name} " . $t->translate("already exists"));
// If a new contact
} else {
$set = "name='{$name}',address='{$address}',country='{$country}',state='{$state}',city='{$city}',zip='{$zip}',phone='{$phone}',fax='{$fax}',email='{$email}',homepage='{$homepage}',comment='{$comment}',category='{$category}',status='{$status}',user='******',modification=NOW(),creation=NOW()";
if (!$db->query("INSERT {$tables} SET {$set}")) {
mysql_die($db);
} else {
// Select and show new contact
conbyname($db, $name);
if ($ml_notify) {
$msg = "insert contact \"{$name}\" by " . $auth->auth["uname"] . ".";
mailuser("admin", "insert contact", $msg);
}
}
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Name specified"));
}
}
?>
<!-- end content -->
<?php
require "./include/footer.inc";
@page_close();
// password are identical?
$table_error->table_full(_('Error'), _('The passwords are not identical') . '. ' . _('Please try again') . '!');
break;
}
$query = "UPDATE auth_user SET password='******', " . "realname='{$realname}', email_usr='******', " . "modification_usr=NOW() WHERE user_id='{$u_id}'";
$db->query($query);
if ($db->affected_rows() == 0) {
$table_error->table_full(_('Error'), _('Change User Parameters failed') . ":<br>{$query}");
break;
}
$table->table_full(_('Change User Parameters'), _('Password and/or E-Mail Address of') . ' <b>' . $auth->auth['uname'] . '</b> ' . _('is changed') . '.');
if ($ml_notify) {
$message = _('Username') . ': ' . $auth->auth['uname'] . '\\n';
$message .= _('Realname') . ": {$realname}\n";
$message .= _('E-Mail') . ": {$email_usr}\n";
mailuser('admin', _('User parameters has changed'), $message);
}
} else {
$table_error->table_full(_('Error'), _('Access denied'));
}
break;
default:
break;
}
}
$table->table_begin();
$table->table_title(_('Change User Parameters'));
$table->table_body_begin();
htmlp_form_action();
$table->table_columns_begin();
$db->query("SELECT * FROM auth_user WHERE username='******'");
// If enterprise in table
if ($db->next_record()) {
// If enterprise owner is logged in user
if ($db->f("user") == $auth->auth["uname"] || $perm->have_perm("admin")) {
// Insert new profile
$tables = "profile";
$set = "entid_prf='{$id}',profile_prf='{$profile_prf}',status_prf='A',modification_prf=NOW(),creation_prf=NOW()";
if (!$db->query("INSERT {$tables} SET {$set}")) {
mysql_die($db);
}
// Select and show new/updated enterprises with profile
entbyentid($db, $id);
prfbyentid($db, $id);
if ($ml_notify) {
$msg = "insert profile (ID: {$id}) by " . $auth->auth["uname"] . ".";
mailuser("admin", "insert profile", $msg);
}
// If enterprise owner isn't logged in user
} else {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
}
// If enterprise not in table
} else {
$be->box_full($t->translate("Error"), $t->translate("Enterprise") . " (ID: {$id}) " . $t->translate("does not exist"));
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Profile specified"));
}
// If enterprise id not specified
} else {
if (!empty($_POST['username'])) {
require_once INC_DIR . 'dbconn.php';
if (count($_POST) > 3) {
// user creation
if (preg_match("/^[\\w\\-.']{3,30}\$/", $_POST['username'])) {
if (preg_match("/\\w+@[\\w-]+\\.\\w{2,}/", $_POST['email'])) {
if (strlen($_POST['pass']) > 5 && $_POST['pass'] == $_POST['passconf']) {
$mail = $_POST['email'];
$salt = genRand();
$pass = mkPass($salt, $_POST['pass']);
$token = $db->mkToken();
$res = $db->insert(array('created' => $db->prop('NOW()'), 'name' => $_POST['username'], 'email' => $mail, 'pass' => $pass, 'salt' => $salt, 'token' => $token));
if ($res) {
$subj = "Welcome to the members of {$host}, " . $_POST['username'];
$msg = array('To activate your new account please follow this link:', 'http://' . $host . '/login?token=' . $token, '', 'Best wishes,', $host);
mailuser(array($_POST['email'], $subj, $msg, $host));
showAlert("Account created successfully. An e-mail has been sent to {$mail} with activation code.", $res);
} else {
showAlert(ucfirst(preg_replace("/.+'(.+)'.+'(.+)'/", '$2 $1 is already registered', $mysqli->error)));
}
} else {
showAlert('Passwords must match and be over 5 symbols long');
}
} else {
showAlert('Not a valid e-mail');
}
} else {
showAlert('Username must be 3 to 30 <em>alphanumeric</em> (or ._-\') characters long');
}
} else {
// user authorization
mysql_die($db);
} else {
// If enterprise in table
if ($db->next_record()) {
// Insert new comment
$tables = "comments";
$set = "entid_cmt='{$id}',user_cmt='" . $auth->auth["uname"] . "',subject_cmt='{$subject_cmt}',text_cmt='{$text_cmt}',status_cmt='A',creation_cmt=NOW()";
if (!$db->query("INSERT {$tables} SET {$set}")) {
mysql_die($db);
}
// Select and show new/updated enterprises with comments
entbyentid($db, $id);
cmtbyentid($db, $id);
if ($ml_notify) {
$msg = "insert comment \"{$subject_cmt}\" by " . $auth->auth["uname"] . ".";
mailuser("admin", "insert comment", $msg);
}
// If enterprise is not in table
} else {
$be->box_full($t->translate("Error"), $t->translate("Enterprise") . " (ID: {$id}) " . $t->translate("does not exist") . ".");
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Comment specified"));
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Subject specified"));
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Enterprise ID specified"));
}
// password are identical?
$be->box_full($t->translate("Error"), $t->translate("The passwords are not identical") . ". " . $t->translate("Please try again") . "!");
break;
}
$query = "UPDATE auth_user SET password='******', realname='{$realname}', email_usr='******', modification_usr=NOW() WHERE user_id='{$u_id}'";
$db->query($query);
if ($db->affected_rows() == 0) {
$be->box_full($t->translate("Error"), $t->translate("Change User Parameters failed") . ":<br>{$query}");
break;
}
$bi->box_full($t->translate("Change User Parameters"), $t->translate("Password and/or E-Mail Address of") . " <b>" . $auth->auth["uname"] . "</b> " . $t->translate("is changed") . ".");
if ($ml_notify) {
$message = "Username: "******"uname"] . "\n";
$message .= "Realname: {$realname}\n";
$message .= "E-Mail: {$email_usr}\n";
mailuser("admin", "User parameters has changed", $message);
}
} else {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
}
break;
default:
break;
}
}
$bx->box_begin();
$bx->box_title($t->translate("Change User Parameters"));
$bx->box_body_begin();
echo "<table border=0 align=\"center\" cellspacing=0 cellpadding=3>\n";
$db->query("select * from auth_user where username='******'");
while ($db->next_record()) {
$db->query($query);
if ($db->affected_rows() == 0) {
/* TODO: use lib_die('') so that the message gets logged */
$table_error->table_full(_('Error'), _('Registration of new User failed') . ":<br> {$query}");
break;
}
// send mail
$message = _('Thank you for registering on the') . ' ' . $sys_name . _('Site. In order to complete your registration, visit ' . 'the following URL') . ": \n\n" . $sys_url . "verify.php?confirm_hash={$u_id}\n\n" . _('Enjoy the site') . ".\n\n" . ' -- ' . _('the') . ' ' . $sys_name . ' ' . _('crew') . "\n";
mail($email_usr, '[' . $sys_name . '] ' . _('User Registration'), $message, "From: {$config_ml_fromAddr}\nReply-To: " . "{$config_ml_replyAddr}\nX-Mailer: PHP");
$msg = _('Congratulations') . '! ' . _('You have registered on ') . '$sys_name.<p>' . _('Your new username is') . ": <b>{$username}</b><p>" . _('You are now being sent a confirmation ' . 'email to verify your email address') . '.' . '<br>' . _('Visiting the link sent to you in this ' . 'email will activate your account') . '.';
$table->table_full(_('User Registration'), $msg);
if ($config_ml_notify) {
$message = _('Username') . ": {$username}\n";
$message .= _('Realname') . ": {$realname}\n";
$message .= _('E-Mail') . ": {$email_usr}\n";
mailuser('admin', _('New User has registered'), $message);
}
$reg = 1;
break;
default:
break;
}
}
if (!$reg) {
$table->table_begin();
$table->table_title(_("Register as a new User"));
$table->table_body_begin();
htmlp_form_action();
$table->table_columns_begin();
$table->table_column('<b>' . _('Username') . ':</b>', '50%', '', 'right');
$table->table_column(html_form_textField('username', $username, 20, 32), '50%', '', 'left');
} else {
// If contact in table
if ($db->next_record()) {
if ($db->f("user") == $auth->auth["uname"] || $perm->have_perm("admin")) {
// Insert new contact person
$tables = "persons";
$set = "conid_per='{$id}',salutation_per='{$salutation_per}',firstname_per='{$firstname_per}',lastname_per='{$lastname_per}',grad_per='{$grad_per}',position_per='{$position_per}',phone_per='{$phone_per}',fax_per='{$fax_per}',email_per='{$email_per}',homepage_per='{$homepage_per}',comment_per='{$comment_per}',status_per='A',modification_per=NOW(),creation_per=NOW()";
if (!$db->query("INSERT {$tables} SET {$set}")) {
mysql_die($db);
}
// Select and show new/updated contact with contact persons
conbyconid($db, $id);
perbyconid($db, $id);
if ($ml_notify) {
$msg = "insert contact person \"{$firstname_per} {$lastname_per}\" of contact (ID: {$id}) by " . $auth->auth["uname"] . ".";
mailuser("admin", "insert contact person", $msg);
}
} else {
$be->box_full($t->translate("Error"), $t->translate("Access denied"));
}
// If contact is not in table
} else {
$be->box_full($t->translate("Error"), $t->translate("Contact") . " (ID: {$id}) " . $t->translate("does not exist") . ".");
}
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Lastname specified"));
}
} else {
$be->box_full($t->translate("Error"), $t->translate("No Contact ID specified"));
}
$user = getuserinfo();
if (0 == strcmp($user['email'], "anonymous")) {
$logged_in = 0;
} else {
$logged_in = 1;
}
//start main code here.
//lets search for request that expire prior to right now.
$sql = "SELECT * FROM " . $list_prefix . "prayer_list WHERE `expired` = '0' AND `expiredate` < '" . time() . "';";
$result = db_query($sql);
$rows = db_num_rows($result);
while ($i < $rows) {
$row = db_fetch_array($result);
//mail the user here if they are not anonymous
if (0 != strcmp($row['requested_by'], 'anonymous')) {
mailuser($row['requested_by'], $row);
}
//We need to change this to make the request "historical rather than deleting it.
$sql = "UPDATE " . $list_prefix . "prayer_list SET `expired` = '1' WHERE `id`='" . $row['id'] . "';";
//end of change.
$result2 = db_query($sql);
$i++;
}
//lets handle the user interaction here.
if ($HTTP_GET_VARS['delete'] && is_numeric($HTTP_GET_VARS['delete'])) {
if ($user['admin'] == 1) {
delete_request($HTTP_GET_VARS['delete']);
} else {
$CONTENT = "You must be logged in as the administrator to delete prayer requests.<BR>\r\n";
//now lets output our results.
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
