/** * Print admin area inforamtion messages * * @param string $msg The message of information * @param bool $navigation [optional] Show the side mneu or not * @param string $title [optional] The title of the message * @param bool $exit [optional] halt after showing the message * @param bool|string $redirect [optional] if link given it will redirected to it after $rs seconds * @param int $rs [optional] if $redirected is given and not false, this will be the time in seconds */ function kleeja_admin_info($msg, $navigation = true, $title = '', $exit = true, $redirect = false, $rs = 2) { global $plugin; ($hook = $plugin->run_hook('kleeja_admin_info_func')) ? eval($hook) : null; //run hook #since info message and error message are the same, we use one function callback return kleeja_admin_err($msg, $navigation, $title, $exit, $redirect, $rs, 'info.php'); }
if (!kleeja_check_form_key('adm_users_search')) { kleeja_admin_err($lang['INVALID_FORM_KEY'], true, $lang['ERROR'], true, ADMIN_PATH . '?cp=h_search&smt=users', 1); } #delete all searches greater than 10 $s_del = array('SELECT' => "filter_id", 'FROM' => "{$dbprefix}filters", 'WHERE' => "filter_type='user_search' AND filter_user="******"filter_id DESC", 'LIMIT' => '5, 18446744073709551615'); $result = $SQL->build($s_del); $ids = ''; while ($row = $SQL->fetch($result)) { $ids .= ($ids != '' ? ', ' : '') . $row['filter_id']; } $SQL->free($result); if ($ids != '') { $query_del = array('DELETE' => "{$dbprefix}filters", 'WHERE' => "filter_id IN('" . implode("', '", $ids) . "')"); $SQL->build($query_del); } #add as a user_search filter $s = $_POST; unset($s['search_user'], $s['k_form_key'], $s['k_form_time']); $d = serialize($s); if ($search_id = insert_filter('user_search', $d)) { $filter = get_filter($search_id); redirect(ADMIN_PATH . "?cp=g_users&smt=show_su&search_id=" . $filter['filter_uid'], false); } else { kleeja_admin_err($lang['ERROR_TRY_AGAIN'], true, $lang['ERROR'], true, ADMIN_PATH . '?cp=h_search&smt=users', 1); } } //secondary menu $go_menu = array('files' => array('name' => $lang['R_SEARCH'], 'link' => ADMIN_PATH . '?cp=search&smt=files', 'goto' => 'files', 'current' => $current_smt == 'files'), 'users' => array('name' => $lang['SEARCH_USERS'], 'link' => ADMIN_PATH . '?cp=search&smt=users', 'goto' => 'users', 'current' => $current_smt == 'users')); if (!$default_user_system) { unset($go_menu['users']); }
$tpl_content = ''; if ($filename = @fopen($tpl_path, 'w')) { @fwrite($filename, $tpl_content); @fclose($filename); } $link = basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&style_choose=' . $style_id . '&method=1'; $text = $lang['TPL_CREATED'] . '<br /> <a href="' . $link . '">' . $lang['GO_BACK_BROWSER'] . '</a><meta HTTP-EQUIV="REFRESH" content="1; url=' . $link . '">' . "\n"; $stylee = "admin_info"; } //return bakup template if (isset($_POST['submit_bk_tpl'])) { // // Check form key // if (!kleeja_check_form_key('adm_style_order_bkup')) { kleeja_admin_err($lang['INVALID_FORM_KEY'], true, $lang['ERROR'], true, $redirect_to, 1); } //style id $style_id = str_replace('..', '', $SQL->escape($_POST['style_id'])); $tpl_name = str_replace('..', '', $SQL->escape($_POST['tpl_choose'])); include_once PATH . 'includes/bk_templates.php'; if (!isset($bkup_templates[$tpl_name])) { redirect(basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&style_choose=' . $style_id . '&method=1'); exit; } $tpl_path = PATH . 'styles/' . $style_id . '/' . $tpl_name; if (is_writable($tpl_path)) { if ($filename = @fopen($tpl_path, 'w')) { @fwrite($filename, kleeja_base64_decode($bkup_templates[$tpl_name])); @fclose($filename); }
$del_nums[] = $row['id']; } } if (isset($_POST['reply_submit'])) { if ($sen[$row['id']]) { $to = $row['mail']; $subject = $lang['REPLY_REPORT'] . ':' . $config['sitename']; $message = "\n " . $lang['WELCOME'] . " " . $row['name'] . "\r\n " . $lang['U_REPORT_ON'] . " " . $config['sitename'] . "\r\n " . $lang['BY_EMAIL'] . " : " . $row['mail'] . "\r\n" . $lang['ADMIN_REPLIED'] . ": \r\n" . $sen[$row['id']] . "\r\n\r\n kleeja.com"; $send = send_mail($to, $message, $subject, $config['sitemail'], $config['sitename']); if ($send) { // //We will redirect to pages of results and show info msg there ! // kleeja_admin_info($lang['IS_SEND_MAIL'], true, '', true, basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&page=' . (isset($_GET['page']) ? intval($_GET['page']) : 1) . '&sent=' . $row['id']); } else { kleeja_admin_err($lang['ERR_SEND_MAIL'], true, '', true, basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&page=' . (isset($_GET['page']) ? intval($_GET['page']) : 1) . '&sent=' . $row['id']); } } } } $SQL->freeresult($result); } else { $no_results = true; } //if deleted if (sizeof($del_nums)) { $query_del = array('DELETE' => "{$dbprefix}reports", 'WHERE' => "id IN('" . implode("', '", $del_nums) . "')"); $SQL->build($query_del); } $total_pages = $Pager->getTotalPages(); $page_nums = $Pager->print_nums(basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php'), 'onclick="javascript:get_kleeja_link($(this).attr(\'href\'), \'#content\'); return false;"');
*/ // not for directly open if (!defined('IN_ADMIN')) { exit; } //for style .. $stylee = "admin_ban"; $action = basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php'); $affected = false; $H_FORM_KEYS = kleeja_add_form_key('adm_ban'); // // Check form key // if (isset($_POST['submit'])) { if (!kleeja_check_form_key('adm_ban')) { kleeja_admin_err($lang['INVALID_FORM_KEY'], true, $lang['ERROR'], true, $action, 1); } } $query = array('SELECT' => 'ban', 'FROM' => "{$dbprefix}stats"); $result = $SQL->build($query); while ($row = $SQL->fetch_array($result)) { $ban = isset($_POST["ban_text"]) ? htmlspecialchars($_POST['ban_text']) : $row['ban']; //when submit if (isset($_POST['submit'])) { //update $update_query = array('UPDATE' => "{$dbprefix}stats", 'SET' => "ban='" . $SQL->escape($ban) . "'"); $SQL->build($update_query); if ($SQL->affected()) { $affected = true; delete_cache('data_ban'); }
/** * Print inforamtion message on admin panel * * @adm */ function kleeja_admin_info($msg, $navigation = true, $title = '', $exit = true, $redirect = false, $rs = 2) { ($hook = kleeja_run_hook('kleeja_admin_info_func')) ? eval($hook) : null; //run hook return kleeja_admin_err($msg, $navigation, $title, $exit, $redirect, $rs, 'admin_info'); }
$userid = intval($_GET['uid']); if (!$SQL->num($SQL->query("SELECT * FROM {$dbprefix}users WHERE id=" . $userid))) { kleeja_admin_err('ERROR-NO-USER-FOUND', true, '', true, ADMIN_PATH . '?cp=' . basename(__FILE__, '.php')); } } $query = array('SELECT' => 'name, mail, group_id, founder, show_my_filecp', 'FROM' => "{$dbprefix}users", 'WHERE' => 'id=' . $userid); $result = $SQL->build($query); $udata = $SQL->fetch($result); $SQL->free($result); //If founder, just founder can edit him; $u_founder = isset($_POST['l_founder']) ? intval($_POST['l_founder']) : (int) $udata['founder']; $im_founder = (int) $user->data['founder']; $u_group = isset($_POST['l_group']) ? intval($_POST['l_group']) : $udata['group_id']; $u_qg = isset($_POST['l_qg']) ? intval($_POST['u_qg']) : $udata['group_id']; if ($u_founder && !$im_founder) { kleeja_admin_err($lang['HV_NOT_PRVLG_ACCESS'], true, '', true, ADMIN_PATH . '?cp=users&smt=show_group&gq=' . $u_group); } $errs = isset($errs) ? $errs : false; #prepare them for the template $title_name = $udata['name']; $u_name = isset($_POST['l_name']) ? htmlspecialchars($_POST['l_name']) : $udata['name']; $u_mail = isset($_POST['l_mail']) ? htmlspecialchars($_POST['l_mail']) : $udata['mail']; $u_show_filecp = isset($_POST['l_show_filecp']) ? intval($_POST['l_show_filecp']) : (int) $udata['show_my_filecp']; $u_page = isset($_GET['page']) ? intval($_GET['page']) : 0; $k_groups = array_keys($d_groups); $u_groups = array(); foreach ($k_groups as $id) { $u_groups[] = array('id' => $id, 'name' => get_group_name($id), 'default' => $config['default_group'] == $id ? true : false, 'selected' => $id == $u_group); } break; #new user adding form
$text = $lang['EMPTY_EXT_FIELD']; $stylee = 'admin_info'; } else { //remove the first . in ext $new_ext_i = trim($new_ext_i); if ($new_ext_i[0] == '.') { $new_ext_i = substr($new_ext_i, 1, strlen($new_ext_i)); } //check if it's welcomed one //if he trying to be smart, he will add like ext1.ext2.php //so we will just look at last one $check_ext = strtolower(array_pop(explode('.', $new_ext_i))); $not_welcomed_exts = array('php', 'php3', 'php5', 'php4', 'asp', 'aspx', 'shtml', 'html', 'htm', 'xhtml', 'phtml', 'pl', 'cgi', 'ini', 'htaccess', 'sql', 'txt'); if (in_array($check_ext, $not_welcomed_exts)) { redirect($action, false, false, 5); kleeja_admin_err(sprintf($lang['FORBID_EXT'], $check_ext)); } //check if there is any exists of this ext in db $query = array('SELECT' => '*', 'FROM' => "{$dbprefix}exts", 'WHERE' => "ext='" . $new_ext_i . "'"); $result = $SQL->build($query); if ($SQL->num_rows($result) > 0) { $text = sprintf($lang['NEW_EXT_EXISTS_B4'], $new_ext_i); $text .= '<meta HTTP-EQUIV="REFRESH" content="2; url=' . basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '">' . "\n"; $stylee = "admin_err"; } else { //add to db $insert_query = array('INSERT' => '`group_id` ,`ext` ,`gust_size` ,`gust_allow` ,`user_size` ,`user_allow`', 'INTO' => "`{$dbprefix}exts`", 'VALUES' => "'{$ext_gr_i}', '{$new_ext_i}', '{$gust_size}', '1', '{$user_size}', '1'"); $SQL->build($insert_query); $text = $lang['NEW_EXT_ADD'] . '<meta HTTP-EQUIV="REFRESH" content="2; url=' . basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '">' . "\n"; $stylee = "admin_info"; }
$del_nums[] = $row['id']; } } if (isset($_POST['reply_submit'])) { if ($sen[$row['id']]) { $to = $row['mail']; $subject = $lang['REPLY_CALL'] . ':' . $config['sitename']; $message = "\n " . $lang['REPLY_CALL'] . " " . $row['name'] . "\r\n " . $lang['REPLIED_ON_CAL'] . " : " . $config['sitename'] . "\r\n " . $lang['BY_EMAIL'] . ": " . $row['mail'] . "\r\n" . $lang['ADMIN_REPLIED'] . "\r\n" . $sen[$row['id']] . "\r\n\r\n Kleeja.com "; $send = send_mail($to, $message, $subject, $config['sitemail'], $config['sitename']); if ($send) { // //We will redirect to pages of results and show info msg there ! // redirect(basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&page=' . (isset($_GET['page']) ? intval($_GET['page']) : 1) . '&sent=' . $row['id']); } else { kleeja_admin_err($lang['ERR_SEND_MAIL']); } } } } $SQL->freeresult($result); } else { $no_results = true; } //if deleted if (sizeof($del_nums)) { $query_del = array('DELETE' => "{$dbprefix}call", 'WHERE' => "id IN('" . implode("', '", $del_nums) . "')"); $SQL->build($query_del); } $total_pages = $Pager->getTotalPages(); $page_nums = $Pager->print_nums(basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php'));
$sizes = false; $num = 0; while ($row = $SQL->fetch_array($result)) { //delete from folder .. @kleeja_unlink(PATH . $row['folder'] . "/" . $row['name']); //delete thumb if (file_exists(PATH . $row['folder'] . "/thumbs/" . $row['name'])) { @kleeja_unlink(PATH . $row['folder'] . "/thumbs/" . $row['name']); } $ids[] = $row['id']; $num++; $sizes += $row['size']; } $SQL->freeresult($result); if ($num == 0) { kleeja_admin_err($lang['ADMIN_DELETE_FILES_NOF']); } else { //update number of stats $update_query = array('UPDATE' => "{$dbprefix}stats", 'SET' => "sizes=sizes-{$sizes}, files=files-{$num}"); $SQL->build($update_query); if ($SQL->affected()) { delete_cache('data_stats'); } //delete all files in just one query $query_del = array('DELETE' => "{$dbprefix}files", 'WHERE' => "id IN (" . implode(',', $ids) . ")"); $SQL->build($query_del); kleeja_admin_info(sprintf($lang['ADMIN_DELETE_FILES_OK'], $num)); } } // //begin default files page
$del_nums[] = $row['id']; } } if (isset($_POST['reply_submit'])) { if ($sen[$row['id']]) { $to = $row['mail']; $subject = $lang['REPLY_MESSAGE'] . ':' . $config['sitename']; $message = "\n " . $lang['REPLY_MESSAGE'] . " " . $row['name'] . "\r\n " . $lang['ABOUT_YOUR_MESSAGE'] . " : " . $config['sitename'] . "\r\n " . $lang['BY_EMAIL'] . ": " . $row['mail'] . "\r\n" . $lang['ADMIN_REPLIED'] . "\r\n" . $sen[$row['id']] . "\r\n\r\n Kleeja.com "; $send = send_mail($to, $message, $subject, $config['sitemail'], $config['sitename']); if ($send) { // //We will redirect to pages of results and show info msg there ! // kleeja_admin_info($lang['IS_SEND_MAIL'], true, '', true, ADMIN_PATH . '?cp=messages&page=' . (isset($_GET['page']) ? intval($_GET['page']) : 1) . '&sent=' . $row['id']); } else { kleeja_admin_err($lang['ERR_SEND_MAIL'], true, '', true, ADMIN_PATH . '?cp=messages&page=' . (isset($_GET['page']) ? intval($_GET['page']) : 1) . '&sent=' . $row['id']); } } } } $SQL->free($result); } else { $no_results = true; } //if deleted if (sizeof($del_nums)) { $query_del = array('DELETE' => "`{$dbprefix}messages`", 'WHERE' => "id IN('" . implode("', '", $del_nums) . "')"); $SQL->build($query_del); } $total_pages = $pagination->get_total_pages(); $page_nums = $pagination->print_nums(ADMIN_PATH . '?cp=messages', 'onclick="javascript:get_kleeja_link($(this).attr(\'href\'), \'#content\'); return false;"');
$last_user_id = $SQL->insert_id(); //update number of stats $update_query = array('UPDATE' => "{$dbprefix}stats", 'SET' => "users=users+1, lastuser='******'"); $SQL->build($update_query); if ($SQL->affected()) { delete_cache('data_stats'); } } //return to users page redirect(basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php')); } else { $errs = ''; foreach ($ERRORS as $r) { $errs .= '- ' . $r . '. <br />'; } kleeja_admin_err($errs); } } } // //begin of default users page // $query = array('SELECT' => 'COUNT(id) AS total_users', 'FROM' => "{$dbprefix}users", 'ORDER BY' => 'id ASC'); //posts search .. if (isset($_POST['search_user'])) { redirect(basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&search=' . kleeja_base64_encode(serialize($_POST))); $SQL->close(); exit; } else { if (isset($_GET['search'])) { $search = kleeja_base64_decode($_GET['search']);
if ($re == 'zipped') { $text = sprintf($lang['PLUGIN_ADDED_ZIPPED'], '<a target="_blank" href="' . basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&m=6&fn=' . $ups->zipped_files . '&' . $GET_FORM_KEY . '">', '</a>'); $text .= '<br /><br /><a onclick="javascript:get_kleeja_link(this.href); return false;" href="' . basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&astep=3&' . $GET_FORM_KEY . '">' . $lang['UPDATE_GOING_TODATABASE'] . '</a>'; kleeja_admin_info($text, true, '', true); } else { kleeja_admin_err($lang['ERROR'], true, '', true, basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '?#!cp=' . basename(__FILE__, '.php')); } } break; case '2': //extract $re = $ups->update_core('2', $v); if ($re != false) { print_r($re); } else { kleeja_admin_err($lang['ERROR'], true, '', true, basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '?#!cp=' . basename(__FILE__, '.php')); } break; case '3': //database update if (file_exists(PATH . 'cache/sqlupdate_' . $v['version_number'] . 'php')) { $re = $ups->update_core('3', $v); $result = $lang['WAIT']; if ($re != false) { foreach ($re as $msg) { $result .= $msg . "\n"; } } //going next kleeja_admin_info($result, true, '', true, basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&astep=4&' . $GET_FORM_KEY, 10); } else {
if (!defined('IN_ADMIN')) { exit; } #turn time-limit off @set_time_limit(0); #get current case $case = false; if (isset($_GET['case'])) { $case = htmlspecialchars($_GET['case']); } #set form ket $GET_FORM_KEY = kleeja_add_form_key_get('REPAIR_FORM_KEY'); //check _GET Csrf token if ($case && in_array($case, array('clearc', 'sync_files', 'sync_images', 'sync_users', 'tables', 'sync_sizes', 'status_file'))) { if (!kleeja_check_form_key_get('REPAIR_FORM_KEY')) { kleeja_admin_err($lang['INVALID_GET_KEY'], true, $lang['ERROR'], true, ADMIN_PATH, 2); } } switch ($case) { default: # Get real number from database right now $all_files = get_actual_stats('files'); $all_images = get_actual_stats('imgs'); $all_users = get_actual_stats('users'); $all_sizes = readable_size(get_actual_stats('sizes')); #links $del_cache_link = ADMIN_PATH . '?cp=maintenance&case=clearc&' . $GET_FORM_KEY; $resync_files_link = $config['siteurl'] . 'go.php?go=resync&case=sync_files'; $resync_images_link = $config['siteurl'] . 'go.php?go=resync&case=sync_images'; $resync_users_link = ADMIN_PATH . '?cp=maintenance&case=sync_users&' . $GET_FORM_KEY; $resync_sizes_link = ADMIN_PATH . '?cp=maintenance&case=sync_sizes&' . $GET_FORM_KEY;
case 'upd': // updated success $text = $lang['PLUGIN_UPDATED_SUCCESS']; break; #--->weiredooo stuff #--->weiredooo stuff case 'inst': $text = $lang['NEW_PLUGIN_ADDED']; $text .= '<script type="text/javascript"> setTimeout("get_kleeja_link(\'' . basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&do_plg=' . $plg->plg_id . '&m=4&' . $GET_FORM_KEY . '\');", 2000);</script>' . "\n"; break; case 'zipped': $text = sprintf($lang['PLUGIN_ADDED_ZIPPED'], '<a target="_blank" href="' . basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&do_plg=' . $plg->plg_id . '&m=6&fn=' . $plg->zipped_files . '&' . $GET_FORM_KEY . '">', '</a>'); $text .= '<br /><br /><a onclick="javascript:get_kleeja_link(this.href); return false;" href="' . basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '">' . $lang['GO_BACK_BROWSER'] . '</a>'; break; case 'zipped/inst': $text = sprintf($lang['PLUGIN_ADDED_ZIPPED_INST'], '<a target="_blank" href="' . basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&do_plg=' . $plg->plg_id . '&m=6&fn=' . $plg->zipped_files . '&' . $GET_FORM_KEY . '">', '</a>', '<a onclick="javascript:get_kleeja_link(this.href); return false;" href="' . basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '&do_plg=' . $plg->plg_id . '&m=4&' . $GET_FORM_KEY . '">', '</a>'); $text .= '<br /><br /><a onclick="javascript:get_kleeja_link(this.href); return false;" href="' . basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php') . '">' . $lang['GO_BACK_BROWSER'] . '</a>'; break; default: kleeja_admin_err($lang['ERR_IN_UPLOAD_XML_FILE'], true, '', true, basename(ADMIN_PATH) . '?#!cp=' . basename(__FILE__, '.php')); } } $cache->clean(array('__changes_files__', '__plugins_icons__')); delete_cache(array('data_plugins', 'data_config')); $stylee = "admin_info"; } //secondary menu //$go_menu = array( // 'general' => array('name'=>$lang['R_PLUGINS'], 'link'=> basename(ADMIN_PATH) . '?cp=j_plugins&smt=general', 'goto'=>'general', 'current'=> $current_smt == 'general'), // 'newplg' => array('name'=>$lang['ADD_NEW_PLUGIN'], 'link'=> basename(ADMIN_PATH) . '?cp=j_plugins&smt=newplg', 'goto'=>'newplg', 'current'=> $current_smt == 'newplg'), // );
if (!defined('IN_ADMIN')) { exit; } #turn time-limit off @set_time_limit(0); #get current case $case = false; if (isset($_GET['case'])) { $case = htmlspecialchars($_GET['case']); } #set form ket $GET_FORM_KEY = kleeja_add_form_key_get('REPAIR_FORM_KEY'); //check _GET Csrf token if ($case && in_array($case, array('clearc', 'sync_files', 'sync_images', 'sync_users', 'tables', 'sync_sizes', 'status_file'))) { if (!kleeja_check_form_key_get('REPAIR_FORM_KEY')) { kleeja_admin_err($lang['INVALID_GET_KEY'], true, $lang['ERROR'], true, basename(ADMIN_PATH), 2); } } switch ($case) { default: # Get real number from database right now $all_files = get_actual_stats('files'); $all_images = get_actual_stats('imgs'); $all_users = get_actual_stats('users'); $all_sizes = Customfile_size(get_actual_stats('sizes')); #links $del_cache_link = basename(ADMIN_PATH) . '?cp=r_repair&case=clearc&' . $GET_FORM_KEY; $resync_files_link = $config['siteurl'] . 'go.php?go=resync&case=sync_files'; $resync_images_link = $config['siteurl'] . 'go.php?go=resync&case=sync_images'; $resync_users_link = basename(ADMIN_PATH) . '?cp=r_repair&case=sync_users&' . $GET_FORM_KEY; $resync_sizes_link = basename(ADMIN_PATH) . '?cp=r_repair&case=sync_sizes&' . $GET_FORM_KEY;
$userid = intval($_GET['uid']); if (!$SQL->num_rows($SQL->query("SELECT * FROM {$dbprefix}users WHERE id=" . $userid))) { kleeja_admin_err('ERROR-NO-USER-FOUND', true, '', true, basename(ADMIN_PATH) . '?cp=' . basename(__FILE__, '.php')); } } $query = array('SELECT' => 'name, mail, group_id, founder, show_my_filecp', 'FROM' => "{$dbprefix}users", 'WHERE' => 'id=' . $userid); $result = $SQL->build($query); $udata = $SQL->fetch_array($result); $SQL->freeresult($result); //If founder, just founder can edit him; $u_founder = isset($_POST['l_founder']) ? intval($_POST['l_founder']) : (int) $udata['founder']; $im_founder = (int) $userinfo['founder']; $u_group = isset($_POST['l_group']) ? intval($_POST['l_group']) : $udata['group_id']; $u_qg = isset($_POST['l_qg']) ? intval($_POST['u_qg']) : $udata['group_id']; if ($u_founder && !$im_founder) { kleeja_admin_err($lang['HV_NOT_PRVLG_ACCESS'], true, '', true, basename(ADMIN_PATH) . '?cp=g_users&smt=show_group&gq=' . $u_group); } $errs = isset($errs) ? $errs : false; #prepare them for the template $title_name = $udata['name']; $u_name = isset($_POST['l_name']) ? htmlspecialchars($_POST['l_name']) : $udata['name']; $u_mail = isset($_POST['l_mail']) ? htmlspecialchars($_POST['l_mail']) : $udata['mail']; $u_show_filecp = isset($_POST['l_show_filecp']) ? intval($_POST['l_show_filecp']) : (int) $udata['show_my_filecp']; $u_page = isset($_GET['page']) ? intval($_GET['page']) : 0; $k_groups = array_keys($d_groups); $u_groups = array(); foreach ($k_groups as $id) { $u_groups[] = array('id' => $id, 'name' => str_replace(array('{lang.ADMINS}', '{lang.USERS}', '{lang.GUESTS}'), array($lang['ADMINS'], $lang['USERS'], $lang['GUESTS']), $d_groups[$id]['data']['group_name']), 'default' => $config['default_group'] == $id ? true : false, 'selected' => $id == $u_group); } break; #new user adding form