} else {
$rq = pg_safe_exec("INSERT INTO default_msgs (type, label, content) VALUES (3, '" . post2db($_GET["rlabel"]) . "', '" . post2db($_GET["rcontent"]) . "')");
if (!$rq) {
die(pg_errormessage());
} else {
js_redir("default_msgs.php?type=complaints");
}
}
}
if ($_GET["type"] == "modify" && $_GET["id"] > 0) {
if ($_GET["posted"] != 1 || trim($_GET["rlabel"]) == "" || trim($_GET["rcontent"]) == "") {
$umr = pg_safe_exec("SELECT * FROM default_msgs WHERE id='" . (int) $_GET["id"] . "'");
$umo = pg_fetch_object($umr);
echo "<h3>Edit the reply</h3><a href=\"javascript:history.go(-1);\">Go Back</a><hr width=100% noshade size=1><br>\n";
echo "Label :<br>\n";
echo "<input type=text name=rlabel size=60 maxlength=255 value=\"" . post2input($umo->label) . "\"><br>\n";
echo "Content :<br>\n";
echo "<textarea name=rcontent cols=60 rows=10 wrap>" . post2textarea($umo->content) . "</textarea><br>\n";
echo "<br>\n";
echo "<input type=hidden name=posted value=1>\n";
echo "<input type=hidden name=type value=\"modify\">\n";
echo "<input type=hidden name=type2 value=\"" . $_GET["type2"] . "\">\n";
echo "<input type=hidden name=id value=\"" . $_GET["id"] . "\">\n";
echo "<input type=submit value=\"Save changes\">\n";
} else {
$rq = pg_safe_exec("UPDATE default_msgs SET label='" . post2db($_GET["rlabel"]) . "', content='" . post2db($_GET["rcontent"]) . "' WHERE id='" . (int) $_GET["id"] . "'");
if (!$rq) {
die(pg_errormessage());
} else {
if ($_GET["type2"] == 1) {
js_redir("default_msgs.php?type=review");
if ($_GET['ok'] == 1 && $_GET['userr'] == $idz[$x]) {
echo "selected ";
}
echo "value=\"" . $idz[$x] . "\">" . htmlentities($unamez[$x]) . "</option>\n";
}
echo "</select><br>\n";
echo "<br>\n";
echo "Arguments pattern match (? and * wilds allowed) : <input type=text name=argpattern size=50 ";
if ($_GET['ok'] == 1) {
echo "value=\"" . post2input($_GET['argpattern']) . "\" ";
}
echo "maxlength=255><br>\n";
echo "<br>\n";
echo "Issued by pattern match (? and * wilds allowed) : <input type=text name=issuepattern size=50 ";
if ($_GET['ok'] == 1) {
echo "value=\"" . post2input($_GET['issuepattern']) . "\" ";
}
echo "maxlength=255><br>\n";
echo "<br>\n";
echo "Show max <select name=mrec>";
echo "<option value=100" . ((int) $_GET['mrec'] == 100 ? " selected" : "") . ">100 records</option>\n";
echo "<option value=200" . ((int) $_GET['mrec'] == 200 ? " selected" : "") . ">200 records</option>\n";
echo "<option value=500" . ((int) $_GET['mrec'] == 500 ? " selected" : "") . ">500 records</option>\n";
echo "</select> ";
echo "<input type=submit value=\"Search !\">";
echo "<input type=hidden name=ok value=1>";
echo "</form>\n";
echo "</td></tr>";
if ($date_is_valid) {
if (pg_numrows($adminlogs) == 0) {
echo "<tr><td colspan=5 align=center><font color=#" . $cTheme->table_headcolor . " size=+1><b>No 'AdminLog' entry found.</b></font></td></tr>";
echo "<input type=hidden name=is13 value=1>\n";
echo "<input type=hidden name=username value=\"" . post2input($_POST["username"]) . "\">\n";
echo "<input type=hidden name=username_crc value=\"" . post2input($_POST["username_crc"]) . "\">\n";
echo "<input type=hidden name=email value=\"" . post2input($_POST["email"]) . "\">\n";
echo "<input type=hidden name=email_crc value=\"" . post2input($_POST["email_crc"]) . "\">\n";
echo "<input type=hidden name=language value=\"" . post2input($_POST["language"]) . "\">\n";
echo "<input type=hidden name=question_id value=\"" . post2input($_POST["question_id"]) . "\">\n";
echo "<input type=hidden name=verificationdata value=\"" . post2input($_POST["verificationdata"]) . "\">\n";
if (SHOW_GFXUSRCHK && NEWUSERS_GFXCHECK) {
echo "<input type=hidden name=verificationdata_crc value=\"" . post2input($_POST["verificationdata_crc"]) . "\">\n";
} else {
echo "<input type=hidden name=verificationdata_crc value=\"" . md5(CRC_SALT_0010 . $_POST["verificationdata"] . "VCHECK") . "\">\n";
}
echo "<input type=hidden name=gfxcode_crc value=\"" . post2input($_POST["gfxcode_crc"]) . "\">\n";
echo "<input type=hidden name=gfxcode_ts value=\"" . post2input($_POST["gfxcode_ts"]) . "\">\n";
echo "<input type=hidden name=gfxcode_val value=\"" . post2input($_POST["gfxcode_val"]) . "\">\n";
echo "<input type=hidden name=ipaddr value=\"" . $_SERVER["REMOTE_ADDR"] . "\">\n";
echo "<input type=hidden name=rCRC value=\"" . md5($_POST["username"] . CRC_SALT_0011 . $_SERVER["REMOTE_ADDR"] . $_POST["email"] . $_POST["gfxcode_val"] . CRC_SALT_0007) . "\">\n";
echo "<p>Individuals are granted the use of a Channel Service username specifically to gain access to channel services. ";
echo "While you need not use channel services to have a username, be aware that attempts to register multiple usernames to ";
echo "the same person will result in a suspension of all the offending names. ";
echo "Don't jeopardize your access to channel services by trying to register multiple usernames on our system.<br>\n";
echo "Applying for a username while connected from a compromised computer is not allowed.</p>\n";
echo "<p>Now click 'Submit' to finish your application.</p>\n";
}
break;
case 8:
// final POST
if (md5(CRC_SALT_0008 . $_POST["username"] . "UCHECK") != $_POST["username_crc"]) {
$err .= "<li> <b>Attempt to hack page content !</b> (username)\n";
$hackpc = 1;
