function check_forum_perm($forum_id, $g_id, $perm) { global $CONFIG_sql_cpdbname; $sql = new MySQL(); $query = "SELECT forum_perm FROM {$CONFIG_sql_cpdbname}.forum WHERE forum_id=\"" . mysql_res($forum_id) . "\""; $sql->result = $sql->execute_query($query, 'function.php'); if ($sql->count_rows()) { $row = $sql->fetch_row(); if (preg_match("#\\[g" . $g_id . "\\](.+?)\\[/g" . $g_id . "\\]#is", $row[0])) { preg_replace_callback("#\\[g" . $g_id . "\\](.+?)\\[/g" . $g_id . "\\]#is", 'get_forum_perm', $row[0]); global $forum_permission; switch ($perm) { case "read_perm": if (!strstr($forum_permission, ":show_perm:")) { return false; } break; case "reply_perm": case "start_perm": if (!strstr($forum_permission, ":show_perm:")) { return false; } if (!strstr($forum_permission, ":read_perm:")) { return false; } break; } if (strstr($forum_permission, ":" . $perm . ":")) { return true; } else { return false; } } else { return false; } } else { return false; } }
// Copyright (c) Stargames Control Panel - Licensed under GNU GPL. // See LICENSE File // ========================================================================= // Project Lead by: Mysterious // ========================================================================= --> <?php require_once "memory.php"; $sql = new MySQL(); $sql->Connect($CONFIG_sql_host, $CONFIG_sql_username, $CONFIG_sql_password); $CP['start_time'] = getmicrotime(); $query = "SELECT memory_value1 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object =\"sgcp_install\" AND memory_value1=\"1\""; $sql->result = mysql_query($query); if ($sql->count_rows()) { $query = "SELECT memory_value2,memory_value3 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object =\"ip_blacklist\" AND memory_value1=\"" . mysql_res($CP['ip_address']) . "\""; $sql->result = $sql->execute_query($query, 'index.php'); $check_iplist = $sql->count_rows(); $iplist = $sql->fetch_row(); if ($_COOKIE['IP_Blacklist'] || $check_iplist) { $query = "SELECT memory_value3 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object =\"ip_blacklist\" AND memory_value3=\"" . mysql_res($_COOKIE['IP_Blacklist']) . "\""; $sql->result = $sql->execute_query($query, 'index.php'); if ($_COOKIE['IP_Blacklist'] && !$sql->count_rows()) { do_blacklist(4); } else { $ip_state = $iplist[memory_value2]; if ($_COOKIE[IP_Blacklist] && $_COOKIE[IP_Blacklist] == $iplist[memory_value3] && $ip_state != "block") { do_blacklist(2, $iplist[memory_value3]); } else { if ($check_iplist && empty($_COOKIE[IP_Blacklist])) { switch ($ip_state) { case block:
// / /__/ _ \/ _ \/ __/ __/ _ \/ / / ___/ _ `/ _ \/ -_) / // \___/\___/_//_/\__/_/ \___/_/ /_/ \_,_/_//_/\__/_/ // ========================================================================= // Copyright (c) Stargames Control Panel - Licensed under GNU GPL. // See LICENSE File // ========================================================================= // Project Lead by: Mysterious // ========================================================================= --> <?php if ($_GET['sc']) { require_once "memory.php"; $sql = new MySQL(); $sql->Connect($CONFIG_sql_host, $CONFIG_sql_username, $CONFIG_sql_password); $query = "SELECT sc_code FROM {$CONFIG_sql_cpdbname}.security_code WHERE sc_id = \"" . mysql_res($_GET['sc']) . "\""; $sql->result = $sql->execute_query($query, 'reg_code.php'); $row = $sql->fetch_row(); $sc_code = $row['sc_code']; $reg_str = ""; for ($i = 0; $i < 6; $i++) { $ret_str .= $sc_code[$i]; $ret_str .= " "; } $sc_code = $ret_str; $im = imagecreate(85, 20); $bgcolor = imagecolorallocate($im, 255, 255, 255); // Background Color $fontcolor = imagecolorallocate($im, 00, 00, 00); // Font Color imagestring($im, 3, 5, 5, $sc_code, $fontcolor); header("Content-type: image/png");
getglobalvar(1); // draw $STORED Variables... $sql = new MySQL(); $sql->Connect($CONFIG_sql_host, $CONFIG_sql_username, $CONFIG_sql_password); // save the SQL Link in SG CP's global var... so the Querys should work $GLOBALS['link'] = $sql->link; $site = $_GET['site']; $link = unserialize(VOTE_LINK); if (!isset($site) || !isset($link[$site])) { header('Location: index.php'); } else { if (!isset($STORED_loginname)) { votes(); } else { $STORED_loginname = mysql_res($STORED_loginname); $sql->result = $sql->execute_query("SELECT `last_vote" . $site . "` FROM {$CONFIG_sql_dbname}.`vote_point` WHERE `loginname` = '" . $STORED_loginname . "' LIMIT 0,1", "vote.php"); if ($sql->count_rows() > 0) { $row = $sql->fetch_row(); if (time() - $row[0] > 60 * 60 * VOTE_TIME) { $sql->execute_query("UPDATE {$CONFIG_sql_dbname}.`vote_point` SET `point` = `point` + 1 , `last_vote" . $site . "` = '" . time() . "', `date` = '" . date("d-M-Y H:i") . "' WHERE `loginname` = '" . $STORED_loginname . "'", "vote.php"); } votes(); } else { $sql->execute_query("INSERT INTO {$CONFIG_sql_dbname}.`vote_point` ( `loginname` , `point` , `last_vote" . $site . "` , `date` ) VALUES ( '" . $STORED_loginname . "' , 1 , '" . time() . "' , '" . date("d-M-Y H:i") . "')", "vote.php"); votes(); } } } function votes() { global $site, $link;
// ========================================================================= // Copyright (c) Stargames Control Panel - Licensed under GNU GPL. // See LICENSE File // ========================================================================= // Project Lead by: Mysterious // ========================================================================= --> <?php require "memory.php"; include_once "gzip_header.php"; echo "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\">\n<head>\n\t<title>View Security Code</title>\n\t<meta name=\"Author\" content=\"" . $CP[author] . "\">\n\t<meta name=\"Keywords\" content=\"" . $CP[name] . "\">\n\t<meta name=\"Description\" content=\"" . $CP[credit] . "\">\n\t<meta name=\"Copyright\" content=\"" . $CP[name] . " (c) " . $CP[corp] . "\">\n\t<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-874\">\n\t<link rel=\"stylesheet\" type=\"text/css\" href=\"theme/{$STORED['THEME']}/style.css\">\n\t<style type=\"text/css\">\n\t\t.title_bar {\n\t\t\tBACKGROUND-IMAGE: url(theme/{$STORED['THEME']}/{$THEME['title_bar_img_url']})\n\t\t}\n\t\t.title_bar2 {\n\t\t\tBACKGROUND-IMAGE: url(theme/{$STORED['THEME']}/{$THEME['title_bar2_img_url']})\n\t\t}\n\t</style>\n</head>\n<body " . $THEME[background] . ">\n"; if ($_GET[sc] && isAlphaNumeric($_GET[sc])) { $sql = new MySQL(); $sql->Connect($CONFIG_sql_host, $CONFIG_sql_username, $CONFIG_sql_password); $query = "SELECT sc_code FROM {$CONFIG_sql_cpdbname}.security_code WHERE sc_id = \"" . mysql_res($_GET[sc]) . "\""; $sql->result = $sql->execute_query($query, 'viewcode.php'); if ($sql->count_rows()) { $row = $sql->fetch_row(); $sc_code = $row[sc_code]; $num = strlen($sc_code); $reg_str = ""; for ($i = 0; $i < 6; $i++) { $ret_str .= $sc_code[$i]; $ret_str .= " "; } $sc_code = $ret_str; $display = "{$lang['Reg_view_sc_code_success']}: <B>{$sc_code}</B>"; } else { $display = $lang[Reg_view_sc_code_fail]; } opmain_body("View Security Code", "20", "270");
function get_save_quick_edit($val, $reply_id) { header("Content-type: text/xml;charset=windows-874"); global $CONFIG_sql_cpdbname, $STORED, $SERVER, $CONFIG_max_post_length, $CP; $reply_id = (int) $reply_id; $val = iconv("UTF-8", "windows-874", $val); $val = str_replace("symbol_and", "&", $val); $val = str_replace("symbol_plus", "+", $val); $form_id = "quick_edit_form_" . $reply_id . ""; $sql = new MySQL(); $query = "SELECT reply_id,reply_message,reply_edit_date,reply_edit_name FROM {$CONFIG_sql_cpdbname}.board_reply WHERE reply_id =\"" . mysql_res($reply_id) . "\""; $sql->result = $sql->execute_query($query, 'lib_ajax.php'); $row = $sql->fetch_row(); $IS_EDIT_POST = checkprivilege_action($CP[login_id], g_edit_posts) ? 1 : 0; if (!empty($CP[login_id]) && ($CP[login_id] == $row[reply_user_id] || $IS_EDIT_POST) && length($val, 3, $CONFIG_max_post_length)) { $val = checkstring($val, 1); $sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.board_reply SET reply_message = \"" . $val . "\", reply_ip=\"" . $CP['ip_address'] . "\",reply_edit_name=\"" . $CP['login_name'] . "\",reply_edit_date=\"" . $CP['time'] . "\" WHERE reply_id = \"" . mysql_res($row['reply_id']) . "\"", 'lib_ajax.php'); $query = "SELECT reply_message,reply_edit_date,reply_edit_name FROM {$CONFIG_sql_cpdbname}.board_reply WHERE reply_id =\"" . mysql_res($row['reply_id']) . "\""; $sql->result = $sql->execute_query($query, 'lib_ajax.php'); $row = $sql->fetch_row(); $reply_message = replace_text($row[reply_message], $img_num); $reply_edit_date = get_date("M j y, H:i:s A", $row[reply_edit_date]); echo "<div class=\"poststyle\">{$reply_message}</div>\n<br /><br /><span class=\"edit\">This post has been edited by <B>{$row['reply_edit_name']}</B> on {$reply_edit_date}</span>\n"; } else { $reply_message = replace_text($row[reply_message]); echo "<div class=\"poststyle\">{$reply_message}</div>"; if (!empty($row[reply_edit_name])) { $reply_edit_date = get_date("M j y, H:i:s A", $row[reply_edit_date]); echo "<br /><br /><span class=\"edit\">This post has been edited by <B>{$row['reply_edit_name']}</B> on {$reply_edit_date}</span>"; } } }