function _errorlog_logErrorRecord($logType, $logData) { // limit errors logged per session (to prevent infinite loops from logging infinite errors) $maxErrorsPerPage = 25; $maxErrorsReached = false; static $totalErrorsLogged = 0; $totalErrorsLogged++; if ($totalErrorsLogged > $maxErrorsPerPage + 1) { return; } // ignore any errors after max error limit if ($totalErrorsLogged > $maxErrorsPerPage) { $maxErrorsReached = true; } // get summary of CMS user data $CMS_USER = getCurrentUserFromCMS(); $subsetFields = array(); foreach (array('num', 'username') as $field) { if (isset($CMS_USER[$field])) { $subsetFields[$field] = $CMS_USER[$field]; } } $subsetFields['_tableName'] = 'accounts'; $cms_user_summary = print_r($subsetFields, true); // get summary of WEB user data $WEB_USER = getCurrentUser(); $subsetFields = array(); foreach (array('num', 'username') as $field) { if (isset($WEB_USER[$field])) { $subsetFields[$field] = $WEB_USER[$field]; } } $subsetFields['_tableName'] = accountsTable(); $web_user_summary = print_r($subsetFields, true); // create error message if ($maxErrorsReached) { $errorMessage = t(sprintf("Max error limit reached! Only the first %s errors per page will be logged.", $maxErrorsPerPage)); } else { if (isset($logData['errno'])) { $errorName = _errorLog_erronoToConstantName($logData['errno']); } else { $errorName = 'UNKNOWN_ERROR'; } $errorMessage = "{$errorName}: " . (isset($logData['errstr']) ? $logData['errstr'] : ''); } // create $logDataSummary without $logDataSummary = $logData; if (array_key_exists('errcontext', $logData)) { $logDataSummary['errcontext'] = "*** in symbol table field above ***"; } // create log record data $colsToValues = array('dateLogged=' => 'NOW()', 'updatedDate=' => 'NOW()', 'updatedByuserNum' => '0', 'error' => $errorMessage, 'url' => thisPageUrl(), 'filepath' => isset($logData['errfile']) ? $logData['errfile'] : '', 'line_num' => isset($logData['errline']) ? $logData['errline'] : '', 'user_cms' => isset($CMS_USER['num']) ? $cms_user_summary : '', 'user_web' => isset($WEB_USER['num']) ? $web_user_summary : '', 'http_user_agent' => isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '', 'remote_addr' => isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '', 'request_vars' => print_r($_REQUEST, true), 'get_vars' => print_r($_GET, true), 'post_vars' => print_r($_POST, true), 'cookie_vars' => print_r($_COOKIE, true), 'session_vars' => isset($_SESSION) ? print_r($_SESSION, true) : '', 'server_vars' => print_r($_SERVER, true), 'symbol_table' => isset($logData['errcontext']) ? print_r($logData['errcontext'], true) : '', 'raw_log_data' => print_r($logDataSummary, true), 'email_sent' => 0); // insert record $newRecordNum = mysql_insert('_error_log', utf8_force($colsToValues, true)); // remove old log records $maxRecords = 900; $buffer = 100; // only erase records when we're this many over (to avoid erasing records every time) if (mysql_count('_error_log') > $maxRecords + $buffer) { $oldestRecordToSave_query = "SELECT * FROM `{$GLOBALS['TABLE_PREFIX']}_error_log` ORDER BY `num` DESC LIMIT 1 OFFSET " . ($maxRecords - 1); $oldestRecordToSave = mysql_get_query($oldestRecordToSave_query); if (!empty($oldestRecordToSave['num'])) { mysql_delete('_error_log', null, "num < {$oldestRecordToSave['num']}"); } } // send email update if ($GLOBALS['SETTINGS']['advanced']['phpEmailErrors']) { register_shutdown_function('_errorlog_sendEmailAlert'); } }
} if (isset($_POST['changelogText'])) { $changelogText = getValue($_POST['changelogText']); } else { $status = false; } if (isset($_POST['action'])) { $action = (int) $_POST['action']; } else { $action = 0; } // POST delete if (isset($_POST['delete'])) { $delete = isset($_POST['delete']) ? (int) $_POST['delete'] : 0; if ($delete && $action == 1) { mysql_delete("DELETE FROM `znote_changelog` WHERE `id`='{$delete}' LIMIT 1;"); echo "<h2>Changelog message deleted!</h2>"; $updateCache = true; } } else { if ($status) { // POST update if ($changelogId > 0) { mysql_update("UPDATE `znote_changelog` SET `text`='{$changelogText}' WHERE `id`='{$changelogId}' LIMIT 1;"); echo "<h2>Changelog message updated!</h2>"; $updateCache = true; } else { // POST create $time = time(); mysql_insert("INSERT INTO `znote_changelog` (`text`, `time`, `report_id`, `status`) VALUES ('{$changelogText}', '{$time}', '0', '35');"); echo "<h2>Changelog message created!</h2>";
$fields = '`' . implode('`, `', array_keys($query)) . '`'; $data = '\'' . implode('\', \'', $query) . '\''; mysql_insert("INSERT INTO `znote_tickets_replies` ({$fields}) VALUES ({$data})"); mysql_update("UPDATE `znote_tickets` SET `status`='Staff-Reply' WHERE `id`='{$view}' LIMIT 1;"); } else { if (!empty($_POST['admin_ticket_close'])) { $ticketId = (int) $_POST['admin_ticket_id']; mysql_update("UPDATE `znote_tickets` SET `status` = 'CLOSED' WHERE `id` ='{$ticketId}' LIMIT 1;"); } else { if (!empty($_POST['admin_ticket_open'])) { $ticketId = (int) $_POST['admin_ticket_id']; mysql_update("UPDATE `znote_tickets` SET `status` = 'Open' WHERE `id` ='{$ticketId}' LIMIT 1;"); } else { if (!empty($_POST['admin_ticket_delete'])) { $ticketId = (int) $_POST['admin_ticket_id']; mysql_delete("DELETE FROM `znote_tickets` WHERE `id`='{$ticketId}' LIMIT 1;"); header("Location: admin_helpdesk.php"); } } } } $ticketData = mysql_select_single("SELECT * FROM znote_tickets WHERE id='{$view}' LIMIT 1;"); ?> <h1>View Ticket #<?php echo $ticketData['id']; ?> </h1> <table class="znoteTable ThreadTable table table-striped"> <tr class="yellow"> <th> <?php
Token::generate(); if (user_logged_in() === true) { $session_user_id = getSession('user_id'); $user_data = user_data($session_user_id, 'id', 'name', 'password', 'email', 'premdays'); $user_znote_data = user_znote_account_data($session_user_id, 'ip', 'created', 'points', 'cooldown'); } $errors = array(); // Log IP if ($config['log_ip']) { $visitor_config = $config['ip_security']; $flush = $config['flush_ip_logs']; if ($flush != false) { $timef = $time - $flush; if (getCache() < $timef) { $timef = $time - $visitor_config['time_period']; mysql_delete("DELETE FROM znote_visitors_details WHERE time <= '{$timef}'"); setCache($time); } } $visitor_data = znote_visitors_get_data(); znote_visitor_set_data($visitor_data); // update or insert data znote_visitor_insert_detailed_data(0); // detailed data $visitor_detailed = znote_visitors_get_detailed_data($visitor_config['time_period']); // max activity $v_activity = 0; $v_register = 0; $v_highscore = 0; $v_c_char = 0; $v_s_char = 0;
function user_delete_character($char_id) { $char_id = (int) $char_id; mysql_delete("DELETE FROM `players` WHERE `id`='{$char_id}';"); mysql_delete("DELETE FROM `znote_players` WHERE `player_id`='{$char_id}';"); }
// name restriction $resname = explode(" ", $_POST['newName']); foreach ($resname as $res) { if (in_array(strtolower($res), $config['invalidNameTags'])) { $errors[] = 'Your username contains a restricted word.'; } else { if (strlen($res) == 1) { $errors[] = 'Too short words in your name.'; } } } } if (!empty($newname) && empty($errors)) { echo 'You have successfully changed your character name to ' . $newname . '.'; mysql_update("UPDATE `players` SET `name`='{$newname}' WHERE `id`='" . $player['id'] . "' LIMIT 1;"); mysql_delete("DELETE FROM `znote_shop_orders` WHERE `id`='" . $order['id'] . "' LIMIT 1;"); } else { if (!empty($errors)) { echo '<font color="red"><b>'; echo output_errors($errors); echo '</b></font>'; } } break; // end // Change character sex // end // Change character sex case 'change_gender': if (user_character_account_id($char_name) === $session_user_id) { $char_id = (int) user_character_id($char_name);
$threads = mysql_select_multi("SELECT `id` FROM `znote_forum_threads` WHERE `forum_id`='{$admin_category_id}';"); // Then loop through all threads, and delete all associated posts: foreach ($threads as $thread) { mysql_delete("DELETE FROM `znote_forum_posts` WHERE `thread_id`='" . $thread['id'] . "';"); } // Then delete all threads mysql_delete("DELETE FROM `znote_forum_threads` WHERE `forum_id`='{$admin_category_id}';"); // Then delete the category mysql_delete("DELETE FROM `znote_forum` WHERE `id`='{$admin_category_id}' LIMIT 1;"); echo '<h1>Board, associated threads and all their associated posts deleted.</h1>'; } // delete post if ($admin_post_delete !== false) { $admin_post_id = (int) $admin_post_id; // Delete the post mysql_delete("DELETE FROM `znote_forum_posts` WHERE `id`='{$admin_post_id}' LIMIT 1;"); echo '<h1>Post has been deleted.</h1>'; } } // End admin function // Fetching get values if (!empty($_GET)) { $getCat = getValue($_GET['cat']); $getForum = getValue($_GET['forum']); $getThread = getValue($_GET['thread']); $new_thread_category = getValue($_POST['new_thread_category']); $new_thread_cid = getValue($_POST['new_thread_cid']); $create_thread_cid = getValue($_POST['create_thread_cid']); $create_thread_title = getValue($_POST['create_thread_title']); $create_thread_text = getValue($_POST['create_thread_text']); $create_thread_category = getValue($_POST['create_thread_category']);
<?php include "../../includes/sessionAdmin.php"; include "../../includes/conexion.php"; include "../../includes/mysql_util.php"; $matricula = $_POST["matricula"]; $result = mysql_delete("curso", $conexion, $matricula); if (mysqli_affected_rows($conexion) > 0) { $alertMsg = "Curso dado de baja satisfactoriamente"; } elseif (!$result) { $alertMsg = "Algo salio mal: " . mysqli_error($conexion); } else { $alertMsg = "No encontramos ningun curso con la matricula c{$matricula}"; } echo "<script language=\"javascript\">\n\t\t\t\talert(\"{$alertMsg}\");\n\t\t\t\twindow.history.go(-2);\n\t\t\t</script>";
// show admin menu as selected // check access level - admin only! if (!$GLOBALS['CURRENT_USER']['isAdmin']) { alert(t("You don't have permissions to access this menu.")); showInterface(''); } // menu plugin hooks addAction('section_preDispatch', '_pel_showModeNotice', null, 2); addFilter('listHeader_displayLabel', '_pel_cmsList_messageColumn', null, 3); addFilter('listRow_displayValue', '_pel_cmsList_messageColumn', null, 4); // Prefix Menu with "Admin" $GLOBALS['schema']['menuName'] = "Admin > " . $GLOBALS['schema']['menuName']; // Dispatch Actions if ($GLOBALS['action'] == 'clearLog') { // clear error log mysql_delete($GLOBALS['schema']['_tableName'], null, 'true'); redirectBrowserToURL("?menu=" . $GLOBALS['schema']['_tableName']); } // Let regular actionHandler run $REDIRECT_FOR_CUSTOM_MENUS_DONT_EXIT = true; return; // function _pel_showModeNotice($tableName, $action) { if ($action != 'list') { return; } #$notice = sprintf(t("Send & Log - Send mail and save copies under <a href='%s'>Outgoing Mail</a>"), "?menu=_outgoing_mail"); $notice = t("Any PHP errors or warnings from the website or CMS will be logged here."); $notice = t("Error Log") . ": " . $notice . " (<a href='?menu={$tableName}&action=clearLog'>" . t("Clear Log") . "</a>)"; notice($notice);
<?php include "../../includes/sessionAdmin.php"; include "../../includes/conexion.php"; include "../../includes/mysql_util.php"; $matricula = $_POST["matricula"]; $result = mysql_delete("grupo", $conexion, $matricula); if (!$result) { $alertMsg = "Algo salio mal: " . mysqli_error($conexion); } else { $alertMsg = "Grupo eliminado con exito!"; } echo "<script language=\"javascript\">\n\t\t\t\talert(\"{$alertMsg}\");\n\t\t\t\twindow.history.go(-2);\n\t\t\t</script>";
<?php require_once 'engine/init.php'; include 'layout/overall/header.php'; protect_page(); admin_only($user_data); // Recieving POST if (empty($_POST) === false) { list($action, $id) = explode('!', sanitize($_POST['option'])); // Delete if ($action === 'd') { echo '<font color="green"><b>News deleted!</b></font>'; mysql_delete("DELETE FROM `znote_news` WHERE `id`='{$id}';"); $cache = new Cache('engine/cache/news'); $news = fetchAllNews(); $cache->setContent($news); $cache->save(); } // Add news if ($action === 'a') { // fetch data $char_array = user_character_list($user_data['id']); ?> <script src="engine/js/nicedit.js" type="text/javascript"></script> <script type="text/javascript">bkLib.onDomLoaded(nicEditors.allTextAreas);</script> <form action="" method="post"> <input type="hidden" name="option" value="i!0"> Select character:<select name="selected_char"> <?php $count = 0;
function admin_dispatchAction($action) { if ($action == 'general') { showInterface('admin/general.php'); } elseif ($action == 'adminSave') { admin_saveSettings('admin/general.php'); } elseif ($action == 'vendor') { showInterface('admin/vendor.php'); } elseif ($action == 'vendorSave') { admin_saveSettings('admin/vendor.php'); } elseif ($action == 'phpinfo') { disableInDemoMode('', 'admin/general.php'); phpinfo(); print "<h2>get_loaded_extensions()</h2>\n" . implode("<br/>\n", get_loaded_extensions()) . "\n"; if (function_exists('apache_get_modules')) { print "<h2>apache_get_modules()</h2>\n" . implode("<br/>\n", apache_get_modules()) . "\n"; } print "<h2>get_defined_constants()</h2>\n<xmp>" . print_r(get_defined_constants(), true) . "</xmp>\n"; // $mbInfo = mb_get_info(); ksort($mbInfo); print "<h2>mb_get_info()</h2>\n<xmp>" . print_r($mbInfo, true) . "</xmp>\n"; exit; } elseif ($action == 'ulimit') { disableInDemoMode('', 'admin/general.php'); print "<h2>Soft Resource Limits (ulimit -a -S)</h2>\n"; list($maxCpuSeconds, $memoryLimitKbytes, $maxProcessLimit, $ulimitOutput) = getUlimitValues('soft'); showme($ulimitOutput); print "<h2>Hard Resource Limits (ulimit -a -H)</h2>\n"; list($maxCpuSeconds, $memoryLimitKbytes, $maxProcessLimit, $ulimitOutput) = getUlimitValues('soft'); showme($ulimitOutput); exit; } elseif ($action == 'updateDate') { getAjaxDate(); } elseif ($action == 'getUploadPathPreview') { getUploadPathPreview(@$_REQUEST['dirOrUrl'], @$_REQUEST['inputValue'], @$_REQUEST['isCustomField'], true); } elseif ($action == 'plugins') { // allow disabling plugins if (file_exists("{$GLOBALS['PROGRAM_DIR']}/plugins/_disable_all_plugins.txt")) { alert('Development Mode: Plugins are disabled. Remove or rename /plugins/_disable_all_plugins.txt to enable.<br/>'); } else { } showInterface('admin/plugins.php'); } elseif ($action == 'pluginHooks') { showInterface('admin/pluginHooks.php'); } elseif ($action == 'deactivatePlugin') { security_dieUnlessPostForm(); security_dieUnlessInternalReferer(); security_dieOnInvalidCsrfToken(); disableInDemoMode('plugins', 'admin/plugins.php'); deactivatePlugin(@$_REQUEST['file']); redirectBrowserToURL('?menu=admin&action=plugins', true); exit; } elseif ($action == 'activatePlugin') { security_dieUnlessPostForm(); security_dieUnlessInternalReferer(); security_dieOnInvalidCsrfToken(); disableInDemoMode('plugins', 'admin/plugins.php'); activatePlugin(@$_REQUEST['file']); redirectBrowserToURL('?menu=admin&action=plugins', true); exit; } elseif ($action == 'backup') { security_dieUnlessPostForm(); security_dieUnlessInternalReferer(); security_dieOnInvalidCsrfToken(); disableInDemoMode('', 'admin/general.php'); $filename = backupDatabase(null, @$_REQUEST['backupTable']); notice(sprintf(t('Created backup file %1$s (%2$s seconds)'), $filename, showExecuteSeconds(true))); showInterface('admin/general.php'); exit; } elseif ($action == 'restore') { security_dieUnlessPostForm(); security_dieUnlessInternalReferer(); security_dieOnInvalidCsrfToken(); disableInDemoMode('', 'admin/general.php'); $filename = @$_REQUEST['file']; restoreDatabase(DATA_DIR . '/backups/' . $filename); notice("Restored backup file /data/backups/{$filename}"); makeAllUploadRecordsRelative(); showInterface('admin/general.php'); exit; } elseif ($action == 'bgtasksLogsClear') { security_dieUnlessPostForm(); security_dieUnlessInternalReferer(); security_dieOnInvalidCsrfToken(); disableInDemoMode('', 'admin/general.php'); mysql_delete('_cron_log', null, 'true'); notice(t("Background Task logs have been cleared.")); showInterface('admin/general.php'); exit; } else { showInterface('admin/general.php'); } }
<?php include "../../includes/sessionAdmin.php"; include "../../includes/conexion.php"; include "../../includes/mysql_util.php"; $matricula = $_POST["matricula"]; $result = mysql_delete("nivel_escolar", $conexion, $matricula); if (!$result) { $alertMsg = "Algo salio mal: " . mysqli_error($conexion); } else { $alertMsg = "Eliminado con exito!"; } echo "<script language=\"javascript\">\n\t\t\t\talert(\"{$alertMsg}\");\n\t\t\t\twindow.history.go(-2);\n\t\t\t</script>";