$id = $_SESSION["id"]; $user = $_SESSION['username']; $sql = "INSERT INTO SupportTickets (PostUserID, PostUserName, Title, Description, PostDate, LastUpdatedDate) VALUES ('{$id}','{$user}','{$title}','{$desc}','{$date}','{$date}')"; if (strlen($_POST['title']) && strlen($_POST['desc'])) { if (!mysqli_query($conn, $sql)) { $text = "Ticket creation failed: " . mysqli_error($conn); $headers .= 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; $headers .= 'From: ChrisSiena.com@ChrisSiena.com' . "\r\n"; $headers .= 'Return-Path: return@ChrisSiena.com' . "\r\n"; $headers .= 'X-Mailer: PHP/' . phpversion(); mail('*****@*****.**', 'Ticket Creation ERROR', $text, $headers, '*****@*****.**'); $text .= '<br /><br />'; } else { $newticketid = mysqli_insert_id($conn); c_Log1($_SESSION['id'], 'New Ticket', 'New Ticket ID: ' . $newticketid); $text = "Ticket creation Successfully! <br />"; $text .= "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"2.5;URL=/support/TicketView?a=" . $newticketid . "\">"; $view = false; function emailadmins($idofuser, $ticketid) { include '../page/db.php'; $sql = "SELECT * FROM UserAccounts WHERE RowID='{$idofuser}'"; $emaildata = mysqli_query($conn, $sql); $emaildata = mysqli_fetch_assoc($emaildata); $to = $emaildata['Email']; $subject = 'New Support Ticket'; $message = ' <html> <head> <title>New Support Ticket</title>
<?php include '../page/normalsession.php'; include '../page/db.php'; include '../page/protection.php'; $todo = base64url_decode($_REQUEST['a']); if ($_SESSION['valid']) { include '../page/log.php'; c_Log1($_SESSION['id'], 'Profile Modification', $todo); } else { mysqli_close($conn); header('Location: /account/Login'); } $id = $_SESSION['id']; $redirect = "Location: /account/Profile?a=" . base64url_encode($id); if ($todo == 'age') { $sql = "SELECT ShowAge FROM UserAccounts WHERE RowID='{$id}'"; $age = mysqli_query($conn, $sql); $age = mysqli_fetch_assoc($age); if ($age['ShowAge']) { $age = 0; } else { $age = 1; } $sql = "UPDATE UserAccounts SET ShowAge='{$age}' WHERE RowID='{$id}'"; mysqli_query($conn, $sql); mysqli_close($conn); header($redirect); echo "Error: " . mysqli_error($conn); } else { if ($todo == 'gender') {
$userinformation = mysqli_fetch_assoc($userinformation); if ($userinformation['Gender'] == 'Male') { $gendermale = 'checked'; $genderfemale = ''; } else { if ($userinformation['Gender'] == 'Female') { $gendermale = ''; $genderfemale = 'checked'; } } $bmonth = $userinformation['BirthdayMonth']; $bday = $userinformation['BirthdayDay']; $byear = $userinformation['BirthdayYear']; $view = true; if ($_SERVER["REQUEST_METHOD"] == "POST") { c_Log1($_SESSION['id'], 'Changed Information', base64url_decode($_REQUEST['a'])); $work = true; if ($_SESSION['change'] === 'pass') { $pass = $_POST['pass']; $pass1 = $_POST['pass1']; if (strlen($pass) < 1 && $work) { $text = "The Password cannot be empty.<br />"; $work = false; } if (strlen($pass) > 50 && $work) { $text = "The Password is to long.<br />"; $work = false; } if (strlen($pass) < 8 && $work) { $text = "The password is not long enough.<br />"; $work = false;
<?php include '../page/normalsession.php'; include '../page/protection.php'; if ($_SESSION['valid']) { include '../page/log.php'; c_Log1($_SESSION['id'], 'Page Load', 'Profile: ' . base64url_decode($_REQUEST['a'])); } if (!isset($_REQUEST['a'])) { header('Location: /Files/Pages'); } $id = base64url_decode($_REQUEST['a']); include '../page/db.php'; $sql = "SELECT ProfilePictureMIMEType,ProfilePicture FROM UserAccounts WHERE RowID='{$id}'"; $data = mysqli_query($conn, $sql); $data = mysqli_fetch_assoc($data); $MIMEtype = $data['ProfilePictureMIMEType']; $picture = $data['ProfilePicture']; mysqli_close($conn); header("Content-type: {$MIMEtype}"); echo $picture;
} else { if ($_SESSION['owner']) { } else { header('Location: /account/Account'); } } } include '../page/db.php'; include '../page/protection.php'; if (isset($_REQUEST['a'])) { $id = base64url_decode($_REQUEST['a']); } else { $id = $_SESSION['id']; } include '../page/log.php'; c_Log1($_SESSION['id'], 'Changing Permissions', 'User ID: ' . $id); if ($_SERVER["REQUEST_METHOD"] == "POST") { $user = $_POST['UserName']; $sql = "SELECT * FROM UserAccounts WHERE RowID='{$id}'"; $data = mysqli_query($conn, $sql); $data = mysqli_fetch_assoc($data); $owner = $data['Owner']; function convert($str) { if ($str == "Yes") { $str = 1; } else { $str = 0; } return $str; }
header('Location: /account/Login'); } else { if ($data['ResetPassword']) { } else { if (!$_SESSION['owner']) { header('Location: /Files/Pages'); } } } include '../page/protection.php'; $view = true; if (!isset($_REQUEST['a'])) { c_Log($_SESSION['id'], 'Reseting password'); $text = "You need to reset your password.<br />"; } else { c_Log1($_SESSION['id'], 'Reseting a password', 'ID: ' . base64url_decode($_REQUEST['a'])); } if ($_SERVER["REQUEST_METHOD"] == "POST") { $work = true; if (isset($_REQUEST['a'])) { $id = base64url_decode($_REQUEST['a']); $pass = $_POST['pass']; $pass1 = $_POST['pass1']; if (strlen($pass) < 1 && $work) { $text = "The Password cannot be empty.<br />"; $work = false; } if (strlen($pass) > 50 && $work) { $text = "The Password is to long.<br />"; $work = false; }
$desc = decrypt($data['Description']); $desc = strip_tags($desc); $desc = preg_replace('/\\r\\n?/', "\n<br />", $desc); $PostUserID = $data['PostUserID']; $PostUserName = $data['PostUserName']; $CurrentUserID = $data['CurrentUserID']; $CurrentUserName = $data['CurrentUserName']; $Resolved = $data['Resolved']; $ResolvedUserID = $data['ResolvedUserID']; $ResolvedUserName = $data['ResolvedUserName']; $ResolvedText = decrypt($data['ResolvedText']); $PostDate = date_create($data['PostDate']); $LastUpdatedDate = date_create($data['LastUpdatedDate']); $ResolveDate = date_create($data['ResolveDate']); include '../page/log.php'; c_Log1($_SESSION['id'], 'Page Load', 'Page ID: ' . $str); } else { header('Location: /support/Support'); } if ($_SESSION['owner']) { } else { if ($_SESSION['admin']) { } else { if ($_SESSION['id'] == $userid) { } else { header('Location: /support/Support'); } } } ?> <!doctype html>
<?php include '../page/normalsession.php'; include '../page/protection.php'; include '../page/log.php'; c_Log1($_SESSION['id'], 'Page Load', 'Upload Terms'); ?> <!doctype html> <html> <head> <title>Terms of use</title> <?php include_once "../page/averagehead.php"; ?> <link rel="canonical" href="http://ChrisSiena.com/Files/Terms" /> </head> <body class="body"> <?php include_once "../page/analyticstracking.php"; include_once "../page/top.php"; ?> <div class="page"> <div class="placeHolder"></div> <div class="container"> <div class="leftCol"> <h2>Table of Contents</h2> <div class="links"> <a target="_top" href="/">Home</a> <a target="_top" href="/images/Images">Images</a> <a target="_top" href="/clans/Clans">Clans</a> <a target="_top" href="/minecraft/Minecraft">Minecraft</a>
$new = false; $sql = "SELECT * FROM Pages WHERE ID='{$str}'"; $data = mysqli_query($conn, $sql); $data = mysqli_fetch_assoc($data); $title = decrypt($data['Title']); $desc = decrypt($data['Description']); $userid = $data['FirstUserID']; $id = $_SESSION["id"]; $deleted = $data['Deleted']; } else { header('Location: /Files/Pages'); } if ($_SERVER["REQUEST_METHOD"] == "POST") { if ($_POST['restore'] === 'yes') { include '../page/log.php'; c_Log1($_SESSION['id'], 'Page Restored', 'Page ID: ' . $str); $user = $_SESSION['username']; mysqli_query($conn, "UPDATE Pages SET Deleted='0',DeletedDate='0000-00-00 00:00:00',DeletedUser='******',DeletedUserName='',DeletedReason='',RestoreDate='{$date}',RestoreUser='******',RestoreUserName='******' WHERE ID='{$str}'"); $redirect = "Location: /admin/View?a=" . $_REQUEST['a']; header($redirect); } else { header('Location: /Files/Pages'); } } if (!$deleted) { $redirect = "Location: /admin/View?a=" . $_REQUEST['a']; header($redirect); } if (!($_SESSION['owner'] || $_SESSION['admin'] || $_SESSION['id'] == $userid)) { header('Location: /Files/Pages'); }
} } if ($uploadOk) { if (!mysqli_query($conn, $sql)) { $text = "File upload failed: " . mysqli_error($conn); $headers .= 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; $headers .= 'From: ChrisSiena.com@ChrisSiena.com' . "\r\n"; $headers .= 'Return-Path: return@ChrisSiena.com' . "\r\n"; $headers .= 'X-Mailer: PHP/' . phpversion(); mail('*****@*****.**', 'File Upload ERROR', '<html><body>' . $text . '<br />' . 'Page: ' . $_SERVER['REQUEST_URI'] . '<br />' . 'File ID: ' . $fileid . '</body></html>', $headers, '*****@*****.**'); $text .= '<br />'; } else { $text = "File {$fileName} uploaded!<br />"; $newfileid = mysqli_insert_id($conn); c_Log1($_SESSION['id'], 'New File Uploaded', 'New File ID: ' . $newfileid); } } $text .= "<br />"; $title = strip_tags(stripslashes(trim($_POST['title']))); $desc = $_POST['desc']; $checkowner = ''; $checkadmin = ''; $checkmod = ''; $checkpremium = ''; $checkmarist = ''; $checkbasic = ''; $checkanyone = ''; $checkshare = ''; if ((bool) strlen($_POST['owner'])) { $checkowner = 'checked';
<?php include '../page/normalsession.php'; include '../page/db.php'; include '../page/protection.php'; $pageid = base64url_decode($_REQUEST['a']); $todo = base64url_decode($_REQUEST['b']); if ($_SESSION['owner'] || $_SESSION['admin']) { include '../page/log.php'; c_Log1($_SESSION['id'], 'Page Modification', $todo . ' Page ID: ' . $pageid); } else { mysqli_close($conn); header('Location: /Files/Pages'); } $redirect = "Location: /admin/View?a=" . $_REQUEST['a']; if ($todo === 'edit') { $sql = "SELECT Editable FROM Pages WHERE ID='{$pageid}'"; $edit = mysqli_query($conn, $sql); $edit = mysqli_fetch_assoc($edit); if ($edit['Editable']) { $edit = 0; } else { $edit = 1; } $sql = "UPDATE Pages SET Editable='{$edit}' WHERE ID='{$pageid}'"; mysqli_query($conn, $sql); mysqli_close($conn); header($redirect); } else { if ($todo === 'hide') { $sql = "SELECT Hide FROM Pages WHERE ID='{$pageid}'";
$downloadok = '1'; } else { if ($_SESSION['marist'] && $data['Marist'] && !$deleted) { c_Log1($_SESSION['id'], 'File Downloaded', 'File: ' . $id); $downloadok = '1'; } else { if ($_SESSION['valid'] && $data['ValidAccount'] && !$deleted) { c_Log1($_SESSION['id'], 'File Downloaded', 'File: ' . $id); $downloadok = '1'; } else { if (strpos($data['ShareWith'], $_SESSION['uniqueid']) !== false) { c_Log1($_SESSION['id'], 'File Downloaded', 'File: ' . $id); $downloadok = '1'; } else { if ($data['Anyone'] && !$deleted) { c_Log1(0, 'File Downloaded', 'File: ' . $id); $downloadok = '1'; } } } } } } } } } } if ($downloadok) { $MIMEtype = $data['MIMEType']; $FileName = $data['FileName']; $FileSize = $data['FileSize'];
$id = $_SESSION["id"]; } else { header('Location: /Files/Pages'); } if ($_SERVER["REQUEST_METHOD"] == "POST") { function test_input($string) { $string = trim($string); $string = stripslashes($string); $string = htmlspecialchars($string); return $string; } $reason = test_input($_POST['reason']); if ($_POST['delete'] === 'yes' && strlen($reason) > 0) { include '../page/log.php'; c_Log1($_SESSION['id'], 'Page Deleted', 'Page ID: ' . $str); $user = $_SESSION['username']; mysqli_query($conn, "UPDATE Pages SET Deleted='1',DeletedDate='{$date}',DeletedUser='******',DeletedUserName='******',DeletedReason='{$reason}',RestoreUser='******',RestoreUserName='',RestoreDate='0000-00-00 00:00:00' WHERE ID='{$str}'"); header('Location: /Files/Pages'); } else { if ($_POST['delete'] === 'yes' && !(strlen($reason) > 0)) { $text = 'Please enter a reason.<br /><br />'; $text .= "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"2;URL=/admin/Remove?a=" . $_REQUEST['a'] . "\">"; } else { $redirect = "Location: /admin/View?a=" . $_REQUEST['a']; header($redirect); } } } if (!($_SESSION['owner'] || $_SESSION['admin'] || $_SESSION['id'] == $userid)) { header('Location: /Files/Pages');
header('Location: /Files/FileList'); } $deleteok = '1'; include '../page/log.php'; if ($_SESSION['owner']) { } else { if ($_SESSION['admin']) { } else { if ($_SESSION['id'] == $userid) { } else { $deleteok = '0'; header('Location: /Files/FileList'); } } } if ($deleteok) { $date = date("Y-m-d H:i:s"); $currentid = $_SESSION['id']; $currentuser = $_SESSION['username']; if (!$deleted) { c_Log1($_SESSION['id'], 'File Deleted', 'File: ' . $id . ' User ID: ' . $_SESSION['id']); mysqli_query($conn, "UPDATE Files SET Deleted='1', DeletedDate='{$date}', DeletedID='{$currentid}', DeletedUser='******', DeletedReason='{$reason}', RestoredID='', RestoredUser='', RestoredReason='', RestoredDate='00/00/00 00:00:00' WHERE ID='{$id}'"); } else { c_Log1($_SESSION['id'], 'File Restored', 'File: ' . $id . ' User ID: ' . $_SESSION['id']); mysqli_query($conn, "UPDATE Files SET Deleted='0', DeletedDate='00/00/00 00:00:00', DeletedID='', DeletedUser='', DeletedReason='', RestoredID='{$currentid}', RestoredUser='******', RestoredReason='{$reason}', RestoredDate='{$date}' WHERE ID='{$id}'"); } header('Location: /Files/FileList'); } else { echo 'You lack the correct permissions to modify this file.'; header('Location: /Files/FileList'); }
$data = mysqli_fetch_assoc($data); $deleted = $data['Deleted']; $userid = $data['UserID']; } else { header('Location: /Files/FileList'); } $deleteok = '1'; include '../page/log.php'; if ($_SESSION['owner']) { } else { if ($_SESSION['admin']) { } else { $deleteok = '0'; header('Location: /Files/FileList'); } } if ($deleteok) { if ($deleted) { c_Log1($_SESSION['id'], 'File Purged', 'File: ' . $id . ' User ID: ' . $_SESSION['id']); $sql = "DELETE FROM Files WHERE ID='{$id}'"; mysqli_query($conn, $sql); } else { c_Log1($_SESSION['id'], 'File Attempted to be Deleted', 'File: ' . $id . ' User ID: ' . $_SESSION['id']); } mysql_close($conn); header('Location: /Files/FileList'); } else { echo 'You lack the correct permissions to modify this file.'; mysql_close($conn); header('Location: /Files/FileList'); }
$id = $_SESSION["id"]; $user = $_SESSION['username']; $sql = "INSERT INTO Pages (FirstUserID, FirstUserName, Title, Description, LastUserID, LastUserName, CreateDate, ModifiedDate, Owner, Admin, Moderator, Premium, Marist, Valid, EmailUser) VALUES ('{$id}','{$user}','{$title}','{$desc}','{$id}','{$user}','{$date}','{$date}','{$owner}','{$admin}','{$mod}','{$premium}','{$marist}','{$basic}','{$recieveemail}')"; if (($owner || $admin || $mod || $premium || $marist || $basic) && strlen($_POST['title']) && strlen($_POST['desc'])) { if (!mysqli_query($conn, $sql)) { $text = "Page creation failed: " . mysqli_error($conn); $headers .= 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; $headers .= 'From: ChrisSiena.com@ChrisSiena.com' . "\r\n"; $headers .= 'Return-Path: return@ChrisSiena.com' . "\r\n"; $headers .= 'X-Mailer: PHP/' . phpversion(); mail('*****@*****.**', 'Page Creation ERROR', $text, $headers, '*****@*****.**'); $text .= '<br /><br />'; } else { $newpageid = mysqli_insert_id($conn); c_Log1($_SESSION['id'], 'New Page', 'Page ID: ' . $newpageid); $text = "Page creation Successfully! <br />"; $text .= "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"2.5;URL=/admin/View?a=" . $newpageid . "\">"; $view = false; } } else { $text = "Either no permissons were selected or the title and/or description was empty.<br /><br />"; } $title = strip_tags(stripslashes(trim($_POST['title']))); $desc = $_POST['desc']; $checkowner = ''; $checkadmin = ''; $checkmod = ''; $checkpremium = ''; $checkmarist = ''; $checkbasic = '';
include '../page/db.php'; include '../page/protection.php'; $commentid = base64url_decode($_REQUEST['a']); $sql = "SELECT UserID,PageID FROM Comments WHERE ID='{$commentid}'"; $data = mysqli_query($conn, $sql); $data = mysqli_fetch_assoc($data); $redirect = "Location: /admin/View?a=" . base64url_encode($data['PageID']); if ($_SESSION['owner'] || $_SESSION['admin'] || $_SESSION['id'] === $data['UserID']) { } else { mysqli_close($conn); header('Location: /Files/Pages'); } $sql = "SELECT Deleted FROM Comments WHERE ID='{$commentid}'"; $delete = mysqli_query($conn, $sql); $delete = mysqli_fetch_assoc($delete); if ($delete['Deleted']) { $delete = 0; } else { $delete = 1; } $sql = "UPDATE Comments SET Deleted='{$delete}' WHERE ID='{$commentid}'"; mysqli_query($conn, $sql); mysqli_close($conn); if ($delete) { $mod = 'Deleted'; } else { $mod = 'Restored'; } include '../page/log.php'; c_Log1($_SESSION['id'], 'Comment ' . $mod, ' Comment ID: ' . $commentid); header($redirect);