function WriteMenu($siteid, $siteurl, $sitetarget, $a, $Display, $AdminDisplay)
{
$DbLink2 = new DB();
$DbLink2->query("SELECT id,url,target FROM " . C_PAGE_TBL . " Where parent = '" . cleanQuery($siteid) . "' and active='1' and ((display='{$Display}') or (display='2') " . $AdminDisplay . ") ORDER BY rank ASC ");
if ($siteurl != "") {
if ($sitetarget == '_self') {
if ($_GET[btn] == $siteid) {
echo "<li><a href=\"#\"><span>{$a[$siteid]}</span></a>";
if ($DbLink2->num_rows() > 0) {
echo "<ul>";
while (list($siteid2, $siteurl2, $sitetarget2) = $DbLink2->next_record()) {
WriteMenu($siteid2, $siteurl2, $sitetarget2, $a, $Display, $AdminDisplay);
}
echo "</ul>";
}
echo "</li>";
} else {
echo "<li><a href=\"{$siteurl}&btn={$siteid}\"><span>{$a[$siteid]}</span></a>";
if ($DbLink2->num_rows() > 0) {
echo "<ul>";
while (list($siteid2, $siteurl2, $sitetarget2) = $DbLink2->next_record()) {
WriteMenu($siteid2, $siteurl2, $sitetarget2, $a, $Display, $AdminDisplay);
}
echo "</ul>";
}
echo "</li>";
}
} else {
if ($sitetarget == '_external') {
echo "<li><a href=\"{$siteurl}\"><span>{$a[$siteid]}</span></a>";
if ($DbLink2->num_rows() > 0) {
echo "<ul>";
while (list($siteid2, $siteurl2, $sitetarget2) = $DbLink2->next_record()) {
WriteMenu($siteid2, $siteurl2, $sitetarget2, $a, $Display, $AdminDisplay);
}
echo "</ul>";
}
echo "</li>";
} else {
echo "<li><a href=\"#\" onclick=\"window.open('{$siteurl}','mywindow','')\"><span>{$a[$siteid]}</span></a>";
if ($DbLink2->num_rows() > 0) {
echo "<ul>";
while (list($siteid2, $siteurl2, $sitetarget2) = $DbLink2->next_record()) {
WriteMenu($siteid2, $siteurl2, $sitetarget2, $a, $Display, $AdminDisplay);
}
echo "</ul>";
}
echo "</li>";
}
}
} else {
echo "<li><a href=\\index.php?&page=smodul&id={$siteid}&btn={$siteid}\"><span>{$a[$siteid]}</span></a></li>";
}
}
function displayCountry()
{
$DbLink = new DB();
echo "<div class=\"roundedinput\"><select require=\"true\" label=\"country_label\" id=\"register_input\" wide=\"25\" name=\"country\" value=\"{$_SESSION['COUNTRY']}\">";
$DbLink->query("SELECT name FROM " . C_COUNTRY_TBL . " ORDER BY name ASC ");
echo "<option></option>";
while (list($COUNTRYDB) = $DbLink->next_record()) {
echo "<option>{$COUNTRYDB}</option>";
}
echo "</select></div>";
}
if (file_exists($toppath)) {
$fd = fopen($toppath, "rb");
$UR = fread($fd, filesize($toppath));
fclose($fd);
} elseif (file_exists($topgpath)) {
$fd = fopen($topgpath, "rb");
$UR = fread($fd, filesize($topgpath));
fclose($fd);
}
$DbLink = new DB();
$Room = stripslashes($R);
if ($UR == "") {
$UR = L_DEFAULT_TOPIC_1;
}
$DbLink->query("SELECT room FROM " . C_USR_TBL . " WHERE username='******'");
list($BR) = $DbLink->next_record();
$DbLink->close();
$botcontrol = "botfb/" . $R . ".txt";
if ((file_exists($botcontrol) || $BR == $R) && C_BOT_PUBLIC) {
$Expl .= BOT_TIPS;
$Ex .= '<b>' . C_BOT_NAME . '</b> - ' . $Expl . '';
} elseif ($BR != "" && C_BOT_PUBLIC) {
$Expl .= sprintf(BOT_PRIV_TIPS, $BR);
$Ex .= '<b>' . C_BOT_NAME . '</b> - ' . $Expl . '';
} elseif (file_exists($botcontrol) && !C_BOT_PUBLIC) {
$Expl .= BOT_PRIVONLY_TIPS;
$Ex .= '<b>' . C_BOT_NAME . '</b> - ' . $Expl . '';
} else {
$Ex .= '';
}
$UR = stripslashes($UR);
} else {
// Check for invalid characters in the addressee name
# if (ereg("[\, \']", stripslashes($Cmd[2])))
if (preg_match("/[ |,|'|\\\\]/", $Cmd[2])) {
$Error = L_ERR_USR_16;
} elseif (mb_convert_case($U, MB_CASE_LOWER, $Charset) == mb_convert_case(trim($Cmd[2]), MB_CASE_LOWER, $Charset)) {
$Error = L_ERR_USR_27;
} elseif (mb_convert_case(trim($Cmd[2]), MB_CASE_LOWER, $Charset) == mb_convert_case(C_QUOTE_NAME, MB_CASE_LOWER, $Charset)) {
$Error = L_ERR_USR_1;
} elseif (trim($Cmd[2]) != "" && trim($Cmd[3]) != "") {
$Cmd[3] = "L_PRIV_WISP " . $Cmd[3];
if (C_PRIV_POPUP && !isset($allowpopupu)) {
$DbLink = new DB();
$DbLink->query("SELECT allowpopup FROM " . C_REG_TBL . " WHERE username = '******'2']}'");
if ($DbLink->num_rows() != 0) {
list($allowpopupu) = $DbLink->next_record();
} else {
$allowpopupu = 0;
}
$DbLink->clean_results();
}
if (C_PRIV_POPUP) {
if ($allowpopupu || stristr(mb_convert_case(trim($Cmd[2]), MB_CASE_LOWER, $Charset), mb_convert_case(C_BOT_NAME, MB_CASE_LOWER, $Charset))) {
$Read = "Neww";
} else {
$Read = "Oldw";
}
} else {
$Read = "Oldw";
}
$DbLink->query("SELECT room FROM " . C_USR_TBL . " WHERE username='******'2']}'");
$userName = $_GET['name'];
$found = array();
$found[0] = json_encode(array('Method' => 'GetProfile', 'WebPassword' => md5(WEBUI_PASSWORD), 'Name' => cleanQuery($_GET['name'])));
$do_post_requested = do_post_request($found);
$recieved = json_decode($do_post_requested);
$profileTXT = $recieved->{'profile'}->{'AboutText'};
$profileImage = $recieved->{'profile'}->{'Image'};
$created = $recieved->{'account'}->{'Created'};
$UUID = $recieved->{'account'}->{'PrincipalID'};
$diff = $recieved->{'account'}->{'TimeSinceCreated'};
$type = $recieved->{'account'}->{'AccountInfo'};
$partner = $recieved->{'account'}->{'Partner'};
$date = date("D d M Y - g:i A", $created);
}
$DbLink->query("SELECT id,\n displayTopPanelSlider, \n displayTemplateSelector,\n displayStyleSwitcher,\n displayStyleSizer,\n displayFontSizer,\n displayLanguageSelector,\n displayScrollingText,\n displayWelcomeMessage,\n displayLogo,\n displayLogoEffect,\n displaySlideShow,\n displayMegaMenu,\n displayDate,\n displayTime,\n displayRoundedCorner,\n displayBackgroundColorAnimation,\n displayPageLoadTime,\n displayW3c,\n displayRss FROM " . C_ADMINMODULES_TBL . " ");
list($id, $displayTopPanelSlider, $displayTemplateSelector, $displayStyleSwitcher, $displayStyleSizer, $displayFontSizer, $displayLanguageSelector, $displayScrollingText, $displayWelcomeMessage, $displayLogo, $displayLogoEffect, $displaySlideShow, $displayMegaMenu, $displayDate, $displayTime, $displayRoundedCorner, $displayBackgroundColorAnimation, $displayPageLoadTime, $displayW3c, $displayRss) = $DbLink->next_record();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="<?php
echo SYSURL;
echo $template_css;
?>
" type="text/css" />
<link rel="icon" href="<?php
echo SYSURL;
echo $favicon_image;
?>
$created = $recieved->{'account'}->{'Created'};
$uuid = $recieved->{'account'}->{'PrincipalID'};
$name = $recieved->{'account'}->{'Name'};
$diff = $recieved->{'account'}->{'TimeSinceCreated'};
$type = $recieved->{'account'}->{'AccountInfo'};
$email = $recieved->{'account'}->{'Email'};
$partner = $recieved->{'account'}->{'Partner'};
$rlname = $recieved->{'agent'}->{'RLName'};
$street = $recieved->{'agent'}->{'RLAddress'};
$zip = $recieved->{'agent'}->{'RLZip'};
$city = $recieved->{'agent'}->{'RLCity'};
$country = $recieved->{'agent'}->{'RLCountry'};
$date = date("D d M Y - g:i A", $created);
$DbLink->query("SELECT PrincipalID,Name FROM ".C_USERS_TBL." WHERE PrincipalID='".cleanQuery($_GET[userid])."'");
list($uuid,$accName) = $DbLink->next_record();
$DbLink->query("SELECT UserLevel FROM ".C_USERS_TBL." a where PrincipalID='".cleanQuery($_GET[userid])."'");
list($active) = $DbLink->next_record();
if($active == "-1")
$active = "0";
else
$active = "1";
?>
<div id="content">
<div id="ContentHeaderLeft"><h5><?php
if (C_CHAT_LOGS) {
$ChatM->query("DELETE FROM " . C_MSG_TBL . " WHERE username = '******' AND message LIKE '%\"" . C_BOT_NAME . "\"%' AND m_time != '" . $bot_time . "'");
require "logs.lib.php";
} else {
$ChatM->query("DELETE FROM " . C_MSG_TBL . " WHERE ((m_time<'" . (time() - C_MSG_DEL * 60 * 60) . "' AND pm_read NOT LIKE 'New%') OR (m_time<'" . (time() - (C_MSG_DEL + C_PM_KEEP_DAYS * 24) * 60 * 60) . "')) AND !(username = '******' AND message LIKE '%\"" . C_BOT_NAME . "\"%' AND m_time != '" . $bot_time . "')");
}
// Clean the lurkers table
if (C_CHAT_LURKING) {
$ChatLurk = new DB();
$ChatLurk->query("DELETE FROM " . C_LRK_TBL . " WHERE time<'" . (time() - 15) . "'");
$CleanUsrTbl = $ChatLurk->affected_rows() > 0;
$ChatLurk->close();
}
$Chat = new DB();
$Chat->query("SELECT room,username,u_time,status FROM " . C_USR_TBL . " WHERE username != '" . C_BOT_NAME . "' AND (u_time<'" . (time() - 60) . "' OR (status = 'k' AND u_time<'" . (time() - 20) . "'))");
while (list($userroom, $userclosed, $usertime, $statusclosed) = $Chat->next_record()) {
// $when = date('r', $usertime + C_TMZ_OFFSET*60*60);
$when = $usertime + C_TMZ_OFFSET * 60 * 60;
$when = stristr(PHP_OS, 'win') ? '\\".utf_conv(WIN_DEFAULT,$Charset,strftime(L_LONG_DATETIME,' . $when . ')).\\"' : '\\".strftime(L_LONG_DATETIME,' . $when . ').\\"';
$ChatM->query("SELECT type FROM " . C_MSG_TBL . " WHERE room = '" . $userroom . "' ORDER BY m_time DESC LIMIT 1");
list($usertype) = $ChatM->next_record();
$userclosed = addslashes($userclosed);
// Ghost Control mod by Ciprian
if (C_SPECIAL_GHOSTS != "") {
$sghosts = "";
$sghosts = str_replace("'", "", C_SPECIAL_GHOSTS);
$sghosts = str_replace(" AND username != ", ",", $sghosts);
}
if ($sghosts != "" && ghosts_in($userclosed, $sghosts, $Charset) || C_HIDE_ADMINS && ($statusclosed == "a" || $statusclosed == "t") || C_HIDE_MODERS && $statusclosed == "m") {
} else {
$ChatM->query("INSERT INTO " . C_MSG_TBL . " VALUES ('" . $usertype . "', '" . $userroom . "', 'SYS exit', '', '" . time() . "', '', 'sprintf(L_CLOSED_ROM, \"(" . $when . ") " . $userclosed . "\")', '', '')");
$DbLink->query('SELECT ' . C_USR_TBL . '.room, ' . C_USR_TBL . '.status, ' . C_USR_TBL . '.ip' . ' FROM ' . C_USR_TBL . ', ' . C_REG_TBL . ' WHERE ' . C_USR_TBL . '.username = \'' . $U . '\'' . ' AND ' . C_REG_TBL . '.username = \'' . $U . '\'' . ' AND ' . C_REG_TBL . '.password = \'' . $PWD_Hash . '\'' . ' LIMIT 1');
} else {
$DbLink->query('SELECT username FROM ' . C_REG_TBL . ' WHERE username = \'' . $U . '\' LIMIT 1');
if ($DbLink->num_rows() == 0) {
$DbLink->query('SELECT room, status, ip FROM ' . C_USR_TBL . ' WHERE username = \'' . $U . '\' LIMIT 1');
} else {
$DbLink->clean_results();
$DbLink->close();
exit;
// hack attack
}
}
}
// End of SeazoN Fix
if ($DbLink->num_rows() != 0) {
list($room, $status, $knownIp) = $DbLink->next_record();
$DbLink->clean_results();
$kicked = 0;
// Security issue
include "./lib/get_IP.lib.php";
if ($knownIp != $IP) {
$kicked = 5;
}
// Update users info
if ($room != stripslashes($R)) {
$DbLink->query("INSERT INTO " . C_MSG_TBL . " VALUES ({$T}, '{$R}', 'SYS exit', '', " . time() . ", '', 'sprintf(L_EXIT_ROM, \"" . special_char($U, $Latin1) . "\")', '', '')");
$kicked = 3;
} elseif ($status == "k") {
$kicked = 1;
} elseif ($status == "d") {
$kicked = 2;
* Check Internet Connection.
*
* @param string $sCheckHost Default: www.google.com
* @return boolean
*/
function check_internet_connection($sCheckHost = 'www.google.com')
{
return (bool) @fsockopen($sCheckHost, 80, $iErrno, $sErrStr, 2);
}
/*********** PART I ***********/
// Define the message to display if user comes here because he has been kicked
$Reason = "";
$Reason_all = "";
$DbLink = new DB();
$DbLink->query("SELECT message FROM " . C_MSG_TBL . " WHERE message LIKE 'sprintf(L_KICKED_REASON, \"" . $U . "\", %' AND m_time>" . (time() - 30) . " LIMIT 1");
$kickeduser = list($message) = $DbLink->next_record();
$DbLink->clean_results();
// The user has been kicked for a reason
if ($kickeduser) {
$Reason = trim($message, "sprintf(L_KICKED_REASON, \".{$U}.\", ");
$Reason = trim($Reason, "\")");
}
$DbLink->query("SELECT message FROM " . C_MSG_TBL . " WHERE message LIKE 'sprintf(L_KICKED_ALL_REASON, \"%' AND m_time>" . (time() - 30) . " LIMIT 1");
$kickeduser_all = list($message) = $DbLink->next_record();
$DbLink->clean_results();
// The user has been kicked for a reason
if ($kickeduser_all) {
$Reason_all = trim(str_replace("sprintf(L_KICKED_ALL_REASON, \"", "", $message));
$Reason_all = trim($Reason_all, "\")");
}
$DbLink->query("SELECT message FROM " . C_MSG_TBL . " WHERE message LIKE 'sprintf(L_BANISHED_REASON, \"" . $U . "\", %' AND m_time>" . (time() - 30) . " LIMIT 1");
<?
if($_GET[code]){
$DbLink = new DB;
$DbLink->query("SELECT UUID, email FROM ".C_CODES_TBL." WHERE code='".cleanQuery($_GET[code])."' and info='emailconfirm'");
list($UUID, $EMAIL) = $DbLink->next_record();
}
if($UUID)
{
$found = array();
$found[0] = json_encode(array('Method' => 'SaveEmail', 'WebPassword' => md5(WEBUI_PASSWORD)
, 'UUID' => cleanQuery($UUID)
, 'Email' => cleanQuery($EMAIL)));
$do_post_requested = do_post_request($found);
$recieved = json_decode($do_post_requested);
if ($recieved->{'Verified'} == 1)
{
$WERROR="Thank you, your email address was changed";
$DbLink->query("DELETE FROM ".C_CODES_TBL." WHERE code='".cleanQuery($_GET[code])."' and info='emailconfirm'");
}
}
else
{
$WERROR="This isnt a valid code or maybe the code was older than 24h";
}
?>
<style type="text/css">
<!--
}
}
$OthersUsers->query($otherRoomsQuery);
if ($OthersUsers->num_rows() > 0) {
$notEmptyRooms[$Other] = 1;
// Restricted rooms mod by Ciprian
$tmpDispOther = $Other;
$tmpDispOtherRes = "";
if (is_array($DefaultDispChatRooms) && in_array($Other . " [R]", $DefaultDispChatRooms)) {
$tmpDispOther .= " [" . $res_init . "]";
$tmpDispOtherRes = " (" . L_RESTRICTED . ")";
}
echo "<DIV style=\"margin-top: 1px;\">";
echo "<a href=\"{$From}?Ver=L&L={$L}&U=" . stripslashes($U) . "{$AddPwd2Link}&R1=" . urlencode(stripslashes($Other)) . "&T=1&D={$D}&N={$N}&E=" . urlencode(stripslashes($R)) . "&EN={$T}" . (isset($RemMe) ? "&RM=1" : "") . "\" TARGET=\"_parent\" onMouseOver=\"window.status='" . L_JOIN_ROOM . $tmpDispOtherRes . "'; return true;\" title='" . L_JOIN_ROOM . $tmpDispOtherRes . "'>" . htmlspecialchars($tmpDispOther) . "</a><SPAN CLASS=\"small\"><BDO dir=\"{$textDirection}\"></BDO> (" . $OthersUsers->num_rows() . ")</SPAN><br />\n";
echo "</DIV>\n";
while (list($OtherUser, $Latin1, $status, $awaystat, $room_time, $gender, $allowpopup, $colorname, $avatar, $email, $use_gravatar) = $OthersUsers->next_record()) {
echo "<DIV style=\"margin-top: 1px; margin-left: 12px\">\n";
if (C_USE_AVATARS && !C_DISP_GENDER) {
// Avatar System Start: Inserted:
if (empty($avatar)) {
$avatar = C_AVA_RELPATH . C_DEF_AVATAR;
}
// Gravatar mod added by Ciprian
if (ALLOW_GRAVATARS == 2 || ALLOW_GRAVATARS == 1 && (!isset($use_gravatar) || $use_gravatar)) {
# if (eregi(C_AVA_RELPATH, $avatar)) $local_avatar = 1;
if (stripos($avatar, C_AVA_RELPATH) !== false) {
$local_avatar = 1;
} else {
$local_avatar = 0;
}
require "plugins/gravatars/get_gravatar.php";
echo "<script language='javascript'>
<!--
window.location.href='index.php?page=smodul&id=1&btn=1&ERROR=$ERROER';
// -->
</script>";
}else{
echo "<script language='javascript'>
<!--
window.location.href='index.php?page=smodul&id=1&btn=1';
// -->
</script>";
}
}
list($content) = $DbLink->next_record();
?>
<table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0">
<tr>
<td valign="top">
<div style="height:100%;">
<?php
echo $content;
?>
</div>
</td>
</tr>
</table>
<?
$DbLink = new DB;
$DbLink->query("SELECT adress,region FROM ".C_ADM_TBL."");
list($ADRESSCHECK,$REGIOCHECK) = $DbLink->next_record();
//GET IP ADRESS
if ($_SERVER["HTTP_X_FORWARDED_FOR"])
{
$userIP = $_SERVER["HTTP_X_FORWARDED_FOR"];
}
elseif ($_SERVER["REMOTE_ADDR"])
{
$userIP = $_SERVER["REMOTE_ADDR"];
}
else
{
$userIP="This user has no ip";
}
//GET IP ADRESS END
if($_GET[aktion]=="")
{
if($_POST[action]=="")
{
?>
<style type="text/css">
<!--
.box {
font-size: 12px;
height: 20;
}
<?php
$SessionUserID = isset($_SESSION['Athlete_id']) ? $_SESSION['Athlete_id'] : 0;
$rating_func = new COMMONFUNC();
$rating_db = new DB();
if ($SessionUserID > 0) {
$query = "Select * from tbl_athelete_register where fldId = '{$SessionUserID}' ";
$rating_db->query($query);
$rating_db->next_record();
$totalPages = $rating_db->num_rows();
if ($totalPages > 0) {
$UserID = $rating_db->f('fldId');
$uploadImage = $rating_db->f('fldImage');
$coachApprove = $rating_db->f('fldApproveCoachId');
$uploadVideo = $rating_func->GetValue("tbl_athlete_video", "fldId", "fldAthleteId", $rating_db->f('fldId'));
$uploadGameSchedule = $rating_func->GetValue("tbl_event", "fldEventId", "fld_UserType='athlete' AND fldUserName", $rating_db->f('fldUsername'));
$fldGPA = $rating_func->output_fun($rating_db->f('fldGPA'));
$fldSATScore = $rating_func->output_fun($rating_db->f('fldSATScore'));
$fldACTScore = $rating_func->output_fun($rating_db->f('fldACTScore'));
$fldClassRank = $rating_func->output_fun($rating_db->f('fldClassRank'));
$fldClearinghouseEligible = $rating_func->output_fun($rating_db->f('fldClearinghouseEligible'));
$fldIntendedMajor = $rating_func->output_fun($rating_db->f('fldIntendedMajor'));
$fldClass = $rating_func->output_fun($rating_db->f('fldClass'));
$fldHeight = $rating_func->output_fun($rating_db->f('fldHeight'));
$fldWeight = $rating_func->output_fun($rating_db->f('fldWeight'));
$fldSport = $rating_func->output_fun($rating_db->f('fldSport'));
//$fldJerseyNumber = $rating_func -> output_fun($rating_db -> f('fldJerseyNumber'));
$fldPrimaryPosition = $rating_func->output_fun($rating_db->f('fldPrimaryPosition'));
$fldSecondaryPosition = $rating_func->output_fun($rating_db->f('fldSecondaryPosition'));
$fldVertical = $rating_func->output_fun($rating_db->f('fldVertical'));
$fld40_yardDash = $rating_func->output_fun($rating_db->f('fld40_yardDash'));
$fldSecondaryPosition = $rating_func->output_fun($profile_db->f('fldSecondaryPosition'));
$fldVertical = $rating_func->output_fun($profile_db->f('fldVertical'));
$fld40_yardDash = $rating_func->output_fun($profile_db->f('fld40_yardDash'));
$fldShuttleRun = $rating_func->output_fun($profile_db->f('fldShuttleRun'));
$fldBenchPressMax = $rating_func->output_fun($profile_db->f('fldBenchPressMax'));
$fldSquatMax = $rating_func->output_fun($profile_db->f('fldSquatMax'));
####### APPROVED_BY_COACH ################
if ($coachApprove == 0 || $coachApprove == "") {
// mail to Coach for pending approval request
//User Selected School
$schoolid = $fldSchool;
$sportid = $fldSport;
$emailarr = array();
$selquery = 'select first.fldId,first.fldEmail as fldEmail,first.fldName as name,first.fldLastName as lname,first.fldUsername as HSCoachUsername,first.fldPassword as HSCoachPassword from ' . TBL_HS_AAU_COACH . ' first,' . TBL_HS_AAU_COACH_SPORT_POSITION . ' second where second.fldCoachNameId = first.fldId and second.fldSportId =' . $sportid . ' and first.fldSchool =' . $schoolid;
$coach_db->query($selquery);
$coach_db->next_record();
if ($coach_db->num_rows() > 0) {
for ($i = 0; $i < $coach_db->num_rows(); $i++) {
$emailarr[] = $rating_func->output_fun($coach_db->f('fldEmail'));
$name = $rating_func->output_fun($coach_db->f('name'));
$lname = $rating_func->output_fun($coach_db->f('lname'));
#Login Info
$HSCoachUsername = $rating_func->output_fun($coach_db->f('HSCoachUsername'));
$HSCoachPassword = $rating_func->output_fun($coach_db->f('HSCoachPassword'));
$db->next_record();
}
foreach ($emailarr as $key => $emailvalue) {
######################## EMAIL to HS COACH - Athlete Approval Notification ########################
#Subject
$subjectStre = "College Prospect Network - Athlete Pending Approval";
#Intro
}
if (isset($_COOKIE["CookieHash"])) {
$RemMe = $_COOKIE["CookieHash"];
}
require "./config/config.lib.php";
$DbLink4Login = new DB();
if (isset($_COOKIE["CookieUsername"])) {
// $pmc_username = urldecode($_COOKIE["CookieUsername"]);
$FOCUS = 1;
}
if (isset($pmc_username) && $pmc_username != "" && (isset($pmc_password) && $pmc_password != "")) {
// Ensure the password is a correct one
$do_not_login = false;
$DbLink4Login->query("SELECT password,perms FROM " . C_REG_TBL . " WHERE username='******' LIMIT 1");
if ($DbLink4Login->num_rows() != 0) {
list($PWD_Hash, $perms) = $DbLink4Login->next_record();
if ($PWD_Hash == md5(stripslashes($pmc_password)) || $PWD_Hash == $pmc_password) {
// Ensure the one who lauch the admin.php script is really admin
if (isset($MUST_BE_ADMIN) && $perms != "admin") {
$Error = L_ERR_USR_11;
} else {
$do_not_login = true;
$_SESSION["adminlogged"] = true;
}
}
} else {
if (isset($perms)) {
unset($perms);
}
}
$DbLink4Login->clean_results();
while(list($UUID) = $DbLink->next_record())
{
// Let's get the user info
$DbLink3 = new DB;
$DbLink3->query("SELECT CurrentRegionID from ".C_USERINFO_TBL." where UserID = '".cleanQuery($UUID)."'");
list($RegionUUID) = $DbLink3->next_record();
$DbLink2 = new DB;
$DbLink2->query("SELECT FirstName, LastName from ".C_USERS_TBL." where PrincipalID = '".cleanQuery($UUID)."'");
list($firstname, $lastname) = $DbLink2->next_record();
$username = $firstname." ".$lastname;
// Let's get the region information
$DbLink3 = new DB;
$DbLink3->query("SELECT RegionName from ".C_REGIONS_TBL." where RegionUUID = '".cleanQuery($RegionUUID)."'");
list($region) = $DbLink3->next_record();
if ($region != "")
{
$NOWONLINE = $NOWONLINE + 1;
}
}
$DbLink->query("SELECT count(*) FROM ".C_USERINFO_TBL." where LastLogin > UNIX_TIMESTAMP(FROM_UNIXTIME(UNIX_TIMESTAMP(now()) - 2419200))");
list($LASTMONTHONLINE) = $DbLink->next_record();
$DbLink->query("SELECT count(*) FROM ".C_USERS_TBL."");
list($USERCOUNT) = $DbLink->next_record();
$DbLink->query("SELECT count(*) FROM ".C_REGIONS_TBL."");
list($REGIONSCOUNT) = $DbLink->next_record();
?>
if (document.forms['MsgForm'] && document.forms['MsgForm'].elements['M'])
document.forms['MsgForm'].elements['M'].focus();
};
};
// -->
</SCRIPT>
</HEAD>
<BODY CLASS="frame" onUnload="if (window.opener && !window.opener.closed) put_focus();">
<CENTER>
<?php
$DbLink = new DB();
$DbLink->query("SELECT perms,rooms FROM " . C_REG_TBL . " WHERE username='******' LIMIT 1");
if ($DbLink->num_rows() > 0) {
list($pow_perms, $pow_rooms) = $DbLink->next_record();
$DbLink->clean_results();
}
// Define what can see the current user:
// - the whole profile including e-mail and IP address if he is admin or moderator of the current room
// if this room is one of the default rooms;
// - e-mail only if the registered user accepted this to be displayed and no IP
// Define what can see the current user:
// - the whole profile including e-mail and IP address if he is admin or moderator of the current room
// if this room is one of the default rooms;
if ($status == "a" || $status == "t") {
$power = "all";
} elseif ($status == "m" && (room_in(stripslashes($R), $DefaultChatRooms, $Charset) || room_in("*", $pow_rooms, $Charset) || room_in(stripslashes($R), $pow_rooms, $Charset))) {
$power = "medium";
} else {
$power = "weak";
return false;
}
if (C_EN_STATS) {
$curtime = time();
}
if (C_USE_AVATARS) {
$DbAvatar = new DB();
}
if (COLOR_NAMES || C_ITALICIZE_POWERS) {
$DbColor = new DB();
}
$DbLink = new DB();
$DbLink->query("SELECT perms,rooms,allowpopup,join_room,use_sounds FROM " . C_REG_TBL . " WHERE username='******' LIMIT 1");
$reguser = $DbLink->num_rows() != 0;
if ($reguser) {
list($perms, $rooms, $allowpopupu, $join_room, $USE_SOUNDS) = $DbLink->next_record();
$DbLink->clean_results();
} elseif (!isset($USE_SOUNDS) || !$USE_SOUNDS) {
$USE_SOUNDS = isset($CookieBeep) ? $CookieBeep : 1;
}
// Get IP address
require "./lib/get_IP.lib.php";
// Set the $IP var
// ** Updates user info in connected users tables **
// Fixed a security issue thanks to SeazoN
if (C_REQUIRE_REGISTER && (!isset($PWD_Hash) || $PWD_Hash == '')) {
exit;
// hack attack
} else {
if (isset($PWD_Hash) && $PWD_Hash != '') {
$DbLink->query('SELECT ' . C_USR_TBL . '.room, ' . C_USR_TBL . '.status, ' . C_USR_TBL . '.ip, ' . C_USR_TBL . '.country_code, ' . C_USR_TBL . '.country_name' . ' FROM ' . C_USR_TBL . ', ' . C_REG_TBL . ' WHERE ' . C_USR_TBL . '.username = \'' . $U . '\'' . ' AND ' . C_REG_TBL . '.username = \'' . $U . '\'' . ' AND ' . C_REG_TBL . '.password = \'' . $PWD_Hash . '\'' . ' LIMIT 1');
.styleText {font-family: Arial, Helvetica, sans-serif; font-size: 13px; color: #666666;}
.styleTopTitle {
font-size: 20px;
font-weight: bold;
font-family: Arial, Helvetica, sans-serif;
}
-->
</style>
<?
include("../../settings/config.php");
include("../../settings/mysql.php");
$DbLink = new DB;
$query = "SELECT uuid,regionName,serverIP,serverHttpPort,locX,locY,owner_uuid FROM ".C_REGIONS_TBL." where locX='".$_GET[x]."' and locY='".$_GET[y]."'";
$DbLink->query($query);
list($UUID,$regionName,$serverIP,$serverHttpPort,$locX,$locY,$owner) = $DbLink->next_record();
$DbLink->query("SELECT FirstName,LastName FROM ".C_USERS_TBL." where PrincipalID='$owner'");
list($firstN,$lastN) = $DbLink->next_record();
?>
<title><?php
echo SYSNAME;
?>
Region Information</title>
<table width="90%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td colspan="2" valign="top"><span class="styleTopTitle">
<?php
echo SYSNAME;
?>
return false;
}
if (C_EN_STATS) {
$curtime = time();
}
if (C_USE_AVATARS) {
$DbAvatar = new DB();
}
if (COLOR_NAMES) {
$DbColor = new DB();
}
$DbLink = new DB();
$DbLink->query("SELECT perms,rooms,allowpopup,join_room FROM " . C_REG_TBL . " WHERE username='******' LIMIT 1");
$reguser = $DbLink->num_rows() != 0;
if ($reguser) {
list($perms, $rooms, $allowpopupu, $join_room) = $DbLink->next_record();
$DbLink->clean_results();
}
// Get IP address
require "./lib/get_IP.lib.php";
// Set the $IP var
// ** Updates user info in connected users tables **
// Fixed a security issue thanks to SeazoN
if (C_REQUIRE_REGISTER && (!isset($PWD_Hash) || $PWD_Hash == '')) {
exit;
// hack attack
} else {
if (isset($PWD_Hash) && $PWD_Hash != '') {
$DbLink->query('SELECT ' . C_USR_TBL . '.room, ' . C_USR_TBL . '.status, ' . C_USR_TBL . '.ip' . ' FROM ' . C_USR_TBL . ', ' . C_REG_TBL . ' WHERE ' . C_USR_TBL . '.username = \'' . $U . '\'' . ' AND ' . C_REG_TBL . '.username = \'' . $U . '\'' . ' AND ' . C_REG_TBL . '.password = \'' . $PWD_Hash . '\'' . ' LIMIT 1');
} else {
$DbLink->query('SELECT username FROM ' . C_REG_TBL . ' WHERE username = \'' . $U . '\' LIMIT 1');
<div id="info3"><h3><? echo $webui_help_title_comment03; ?></h3>
<p><? echo $webui_help_comment03; ?></p>
</div>
<p>
<?
$DbLink2 = new DB;
$DbLink = new DB;
if ($_SESSION[USERID])
$Display = 1;
else
$Display = 0;
if($_SESSION[ADMINID])
$AdminDisplay = " or (display='3')";
else
$AdminDisplay = "";
$DbLink2->query("SELECT id,url,target FROM " . C_PAGE_TBL . " Where parent = '".cleanQuery($_GET[btn])."' and active='1' and ((display='$Display') or (display='2') " . $AdminDisplay . ") ORDER BY rank ASC ");
$a = get_defined_vars();
while (list($siteid, $siteurl, $sitetarget) = $DbLink2->next_record())
{
echo "<a href=\"$siteurl&btn=$siteid\"><span>$a[$siteid]</span></a><br/>";
}
?>
</p></div></div>
$COUNTRY_CODE = "LAN";
$COUNTRY_NAME = "Other/LAN";
}
if ($COUNTRY_CODE != "LAN") {
$COUNTRY_NAME = $gi->GEOIP_COUNTRY_NAMES[$gi->GEOIP_COUNTRY_CODE_TO_NUMBER[$COUNTRY_CODE]];
}
if ($PROXY || substr($IP, 0, 1) == "p") {
$COUNTRY_NAME .= " (Proxy Server)";
}
$DbLinkban->query("UPDATE " . C_BAN_TBL . " SET country_code='{$COUNTRY_CODE}', country_name='{$COUNTRY_NAME}' WHERE username='******'");
$DbLinkban->query("UPDATE " . C_REG_TBL . " SET country_code='{$COUNTRY_CODE}', country_name='{$COUNTRY_NAME}' WHERE username='******'");
}
$c_flag = " <img src=\"./plugins/countryflags/flags/" . strtolower($COUNTRY_CODE) . ".gif\" alt=\"" . $COUNTRY_NAME . "\" title=\"" . $COUNTRY_NAME . "\" border=\"0\"> (" . $COUNTRY_CODE . ")";
}
$DbLinkban->query("SELECT username,reason FROM " . C_BAN_TBL . " WHERE username='******' LIMIT 1");
list($Nb, $reason) = $DbLinkban->next_record();
$DbLinkban->clean_results();
if ($reason != "") {
$reason = " (" . L_HELP_REASON . ": " . $reason . ")";
}
if ($Nb) {
$bannished_user = "******" . A_MENU_21 . $reason . "' title='" . A_MENU_21 . $reason . "'>";
}
$DbLinkban->query("SELECT ip,reason FROM " . C_BAN_TBL . " WHERE ip='{$IP}' LIMIT 1");
list($NbIP, $reasonIP) = $DbLinkban->next_record();
$DbLinkban->clean_results();
if ($reasonIP != "") {
$reasonIP = " (" . L_HELP_REASON . ": " . $reasonIP . ")";
}
if ($NbIP) {
$bannished_ip = " <img src=images/bannished.gif alt='" . A_MENU_21 . $reasonIP . "' title='" . A_MENU_21 . $reasonIP . "'>";
<TBODY>
<TR bgColor=#eeeeee>
<TD width="6%"><span style="font-size: 12px"><B style="COLOR: #000000">#</B></span></TD>
<TD width="17%"><span style="font-size: 12px"><B style="COLOR: #000000">Transaction Number</B></span></TD>
<TD width="35%"><span style="font-size: 12px"><B style="COLOR: #000000">Detail</B></span></TD>
<TD align=right width="14%"><span style="font-size: 12px"><B style="COLOR: #000000">Debit</B></span></TD>
<TD align=right width="14%"><span style="font-size: 12px"><B style="COLOR: #000000">Credit</B></span></TD>
<TD align=right width="14%"><span style="font-size: 12px"><B style="COLOR: #000000">Balance</B></span></TD></TR>
<?
$w=0;
$DbLink = new DB;
$DbLink->query("SELECT SUM(amount) FROM ".C_TRANSACTION_TBL." where amount > 0 ".$TIMESELECT." ".$FREETRANSFERS." and destId='$_SESSION[USERID]' ");
list($incoming) = $DbLink->next_record();
$DbLink->query("SELECT SUM(amount) FROM ".C_TRANSACTION_TBL." where amount < 0 ".$TIMESELECT." ".$FREETRANSFERS." and destId='$_SESSION[USERID]'");
list($outgoing) = $DbLink->next_record();
$DbLink->query("SELECT a.id,(SELECT regionName FROM ".C_REGIONS_TBL." g WHERE g.uuid = a.RegionGenerated LIMIT 1) AS region,(SELECT username FROM ".C_USERS_TBL." f WHERE f.UUID = a.sourceId LIMIT 1) AS source1,(SELECT lastname FROM ".C_USERS_TBL." e WHERE e.UUID = a.sourceId LIMIT 1) AS source2,(SELECT username FROM ".C_USERS_TBL." d WHERE d.UUID = a.destId LIMIT 1) AS dest1,(SELECT lastname FROM ".C_USERS_TBL." c WHERE c.UUID = a.destId LIMIT 1) AS dest2,a.amount,a.flags,a.description,a.transactionType,a.timeOccurred, (SELECT SUM(amount) FROM ".C_TRANSACTION_TBL." b WHERE b.destId = a.destId AND b.id <= a.id) AS balance FROM ".C_TRANSACTION_TBL." a WHERE destId='$_SESSION[USERID]' ".$TIMESELECT." ".$FREETRANSFERS." ORDER BY timeOccurred DESC LIMIT 500");
while(list($id,$region,$source1,$source2,$from1,$from2,$amount,$flags,$description,$type,$time,$balance) = $DbLink->next_record()){
$date= date("d-m-Y H:i:s ",$time);
$w++;
?>
<TR bgColor=#ffffff>
<TD style="COLOR: #000000" vAlign=top><span class="style7">
<?php
echo $w;
?>
<table width="90%" border="0" align="center" cellpadding="5" cellspacing="5">
<tbody>
<tr>
<td width="319"><div align="center" class="style2">
<div align="right">News</div>
</div></td>
<td width="296"><div align="center" class="style2">
<div align="right" class="Stil1"><a style="cursor:pointer" onclick="self.document.location.href='index.php?page=gridstatushistory'">History</a></div>
</div></td>
</tr>
</tbody>
</table>
<?
$DbLink = new DB;
$DbLink->query("SELECT id,title,message,time from ".C_NEWS_TBL." ORDER BY time DESC LIMIT 6");
while(list($id, $title, $message, $TIME) = $DbLink->next_record())
{
if (strlen($title) > 92) {
$title = substr($title, 0, 62);
$title .= "...";
}
?>
<A name=<?php
echo $id;
?>
></A>
<table width="90%" border="0" align="center" cellpadding="0" cellspacing="5" bgcolor="#CCCCCC">
# if (C_POPUP_LINKS || eregi('target="_blank"></a>',$Message))
if (C_POPUP_LINKS || stripos($Message, 'target="_blank"></a>') !== false) {
$Message = str_replace('target="_blank"></a>', 'title="' . sprintf(L_CLICKS, L_LINKS_15, L_LINKS_1) . '" onMouseOver="window.status=\'' . sprintf(L_CLICKS, L_LINKS_15, L_LINKS_1) . '.\'; return true" target="_blank">' . sprintf(L_CLICKS, L_LINKS_15, L_LINKS_1) . '</a>', $Message);
} else {
$Message = str_replace('target="_blank">', 'title="' . sprintf(L_CLICK, L_LINKS_3) . '" onMouseOver="window.status=\'' . sprintf(L_CLICK, L_LINKS_3) . '.\'; return true" target="_blank">', $Message);
}
$Message = str_replace('alt="Send email">', 'title="' . sprintf(L_CLICK, L_EMAIL_1) . '" onMouseOver="window.status=\'' . sprintf(L_CLICK, L_EMAIL_1) . '.\'; return true">', $Message);
if (COLOR_NAMES) {
$colorname_tag = "";
$colorname_endtag = "";
$colornamedest_tag = "";
$colornamedest_endtag = "";
$DbColor = new DB();
if (isset($User)) {
$DbColor->query("SELECT perms,colorname FROM " . C_REG_TBL . " WHERE username = '******'");
list($perms_user, $colorname) = $DbColor->next_record();
$DbColor->clean_results();
}
if (isset($Dest)) {
$DbColor->query("SELECT perms,colorname FROM " . C_REG_TBL . " WHERE username = '******'");
list($perms_dest, $colornamedest) = $DbColor->next_record();
$DbColor->clean_results();
}
if (isset($colorname) && $colorname != "") {
$colorname_tag = "<FONT color=" . $colorname . ">";
unset($colorname);
} elseif (C_ITALICIZE_POWERS) {
if ($perms_user == "admin" && $User != C_BOT_NAME || $perms_user == "topmod") {
$colorname_tag = "<FONT color=" . COLOR_CA . ">";
} elseif ($perms_user == "moderator") {
$colorname_tag = "<FONT color=" . COLOR_CM . ">";
$func = new COMMONFUNC();
$db = new DB();
$flag = 0;
/*
* checks all active subscriptions in the database
* to see if they need to be billed again
*/
require_once 'anet_php_sdk/AuthorizeNet.php';
require_once 'AuthorizeNetMerchantAccount.php';
// gets today's date
$today = date('Y-m-d');
// gets all active records with a next bill date equal to today
$query = "SELECT * FROM " . TBL_COLLEGE_SUBSCRIPTION . " WHERE fldActive=1 AND fldNextBillDate='{$today}'";
$db->query($query);
// loops through all matching records, gets the customer's customer profile ID, the payment profile ID, and bills them for the subscription renewal. If the transaction faisl, the subscription is canceled
while ($db->next_record()) {
$fldId = $db->f('fldId');
$fldType = $db->f('fldType');
$fldCoach = $db->f('fldCoach');
$fldAmount = $db->f('fldAmount');
$fldPaymentProfileId = $db->f('fldPaymentProfileId');
// gets the customer profile Id
$query = "SELECT fldFirstName,fldLastName," . "fldANetCustomerProfileId,fldEmail FROM " . TBL_COLLEGE_COACH_REGISTER . " WHERE fldId={$fldCoach}";
$db1->query($query);
$db1->next_record();
$fldFirstName = $db1->f('fldFirstName');
$fldLastName = $db1->f('fldLastName');
$fldCustomerProfileId = $db1->f('fldANetCustomerProfileId');
$fldEmail = $db1->f('fldEmail');
// attempts to charge the user for the subscription
$transaction = new AuthorizeNetTransaction();
////////////////////////////////// ADMIN END /////////////////////////////////// ?><body>
<TABLE CELLPADDING="2" CELLSPACING="0" WIDTH=95%>
<TR><TD ALIGN="right" bgcolor="#0066FF">
<div align="center"><B>Create News </B> </div></TD>
</TR></TABLE><BR>
<?
$DbLink = new DB;
$DbLink->query("SELECT id,title,message from ".C_NEWS_TBL." WHERE id = '$_GET[editid]'");
if ($DbLink->num_rows() != 0)
{
list($id,$title,$message) = $DbLink->next_record();
}
$DbLink->clean_results();
$DbLink->close();
?>
<FORM name="update" method="post" action="index.php?page=news_add">
<INPUT type='hidden' name='insert' value='1'>
<INPUT type='hidden' name='id' value='<?php
echo $id;
?>
'>
<BR>
include_once "../inc/page.inc.php";
include_once "../inc/config.inc.php";
//for paging
$func = new COMMONFUNC();
$db = new DB();
$q = $_GET["q"];
if ($q != 'select') {
?>
<tr height="20">
<td valign="top" align="right" class="normalblack_12" width="30%">Location<font color="red"> *</font> </td>
<td valign="top" align="center" class="normalblack_12" > : </td>
<?php
$query = "Select * from " . TBL_HS_AAU_TEAM . " where fldId =" . $q;
$db->query($query);
$db->next_record();
$location = $db->f('fldAddress');
?>
<td valign="top" align="left" class="normalblack_12" colspan=2><textarea name="fldEventLocation" id="fldEventLocation" rows="4" cols="24" ><?php
if ($location) {
echo $location;
}
?>
</textarea></td>
</tr>
$rooms = explode(",", $in);
for (reset($rooms); $room_name = current($rooms); next($rooms)) {
if (strcasecmp(mb_convert_case($what, MB_CASE_LOWER, $Charset), mb_convert_case($room_name, MB_CASE_LOWER, $Charset)) == 0) {
return true;
}
}
return false;
}
$DbLink = new DB();
// Ensure the current user is moderator for the current room or admin.
$DbLink->query("SELECT password,perms,rooms FROM " . C_REG_TBL . " WHERE username='******' LIMIT 1");
if ($DbLink->num_rows() == 0) {
$Error = L_NO_MODERATOR;
$DbLink->clean_results();
}
list($password, $perms, $rooms) = $DbLink->next_record();
$DbLink->clean_results();
if ($password != $PWD_Hash || $perms != "moderator" && $perms != "admin" && $perms != "topmod" || $perms == "moderator" && (!room_in(stripslashes($R), $rooms, $Charset) && !room_in("*", $rooms, $Charset))) {
$Error = L_NO_MODERATOR;
} else {
// Define an additional condition for moderators so they can only kick an user from their current room
$Query4Moder = $perms != "admin" && $perms != "topmod" ? "room='{$R}' AND " : "";
// Ensure the user to be kicked is logged in (into the current room for moderators)
$DbLink->query("SELECT status FROM " . C_USR_TBL . " WHERE " . $Query4Moder . "username='******' LIMIT 1");
if ($DbLink->num_rows() == 0) {
$DbLink->clean_results();
$Error = sprintf(L_NONEXIST_USER, stripslashes($U));
} else {
list($status) = $DbLink->next_record();
$DbLink->clean_results();
// Ensure the user to be kicked is not a more powerfull user (admin>moderator)
