function show_admin($dir)
{
// Execute Admin Action
$pwd = ($GLOBALS["permissions"] & 2) == 2;
$admin = ($GLOBALS["permissions"] & 4) == 4;
if (!$GLOBALS["require_login"]) {
show_error($GLOBALS["error_msg"]["miscnofunc"]);
}
if (!$pwd && !$admin) {
show_error($GLOBALS["error_msg"]["accessfunc"]);
}
if (isset($GLOBALS['__GET']["action2"])) {
$action2 = $GLOBALS['__GET']["action2"];
} elseif (isset($GLOBALS['__POST']["action2"])) {
$action2 = $GLOBALS['__POST']["action2"];
} else {
$action2 = "";
}
switch ($action2) {
case "chpwd":
changepwd($dir);
break;
case "adduser":
if (!$admin) {
show_error($GLOBALS["error_msg"]["accessfunc"]);
}
adduser($dir);
break;
case "edituser":
if (!$admin) {
show_error($GLOBALS["error_msg"]["accessfunc"]);
}
edituser($dir);
break;
case "rmuser":
if (!$admin) {
show_error($GLOBALS["error_msg"]["accessfunc"]);
}
removeuser($dir);
break;
default:
admin($admin, $dir);
}
}
gethot();
} else {
if ($ask == "userinfo") {
getuserinfo();
} else {
if ($ask == "sendmsg") {
sendmsg();
} else {
if ($ask == "msg") {
msg();
} else {
if ($ask == "register") {
register();
} else {
if ($ask == "edituser") {
edituser();
} else {
if ($ask == "changepsd") {
changepsd();
} else {
if ($ask == "delete") {
del();
} else {
if ($ask == "image") {
uploadimage();
} else {
if ($ask == "file") {
uploadfile();
} else {
if ($ask == "lzl") {
lzl();
if ($_CONF['allow_account_delete'] == 1 && $_USER['uid'] > 1) {
$accountId = COM_applyFilter($_POST['account_id']);
if (!empty($accountId)) {
$display .= deleteUserAccount($accountId);
} else {
$display = COM_refresh($_CONF['site_url'] . '/index.php');
}
} else {
$display = COM_refresh($_CONF['site_url'] . '/index.php');
}
break;
case 'plugin':
PLG_profileExtrasSave($_POST['plugin']);
$display = COM_refresh($_CONF['site_url'] . '/usersettings.php?msg=5');
break;
default:
// also if $mode == 'edit', 'preferences', or 'comments'
$display .= COM_siteHeader('menu', $LANG04[16]);
$display .= COM_showMessageFromParameter();
$display .= edituser();
$display .= COM_siteFooter();
break;
}
} else {
$display .= COM_siteHeader('menu');
$display .= COM_startBlock($LANG04[70] . '!');
$display .= '<br' . XHTML . '>' . $LANG04[71] . '<br' . XHTML . '><br' . XHTML . '>';
$display .= COM_endBlock();
$display .= COM_siteFooter();
}
COM_output($display);
} elseif ($do[0] == "monsters") {
monsters();
} elseif ($do[0] == "editmonster") {
editmonster($do[1]);
} elseif ($do[0] == "levels") {
levels();
} elseif ($do[0] == "editlevel") {
editlevel();
} elseif ($do[0] == "spells") {
spells();
} elseif ($do[0] == "editspell") {
editspell($do[1]);
} elseif ($do[0] == "users") {
users();
} elseif ($do[0] == "edituser") {
edituser($do[1]);
} elseif ($do[0] == "news") {
addnews();
}
} else {
donothing();
}
function donothing()
{
$page = "Welcome to the Dragon Knight Administration section. Use the links on the left bar to control and edit various elements of the game.<br /><br />Please note that the control panel has been created mostly as a shortcut for certain individual settings. It is meant for use primarily with editing one thing at a time. If you need to completely replace an entire table (say, to replace all stock monsters with your own new ones), it is suggested that you use a more in-depth database tool such as <a href=\"http://www.phpmyadmin.net\" target=\"_new\">phpMyAdmin</a>. Also, you may want to have a copy of the Dragon Knight development kit, available from the <a href=\"http://dragon.se7enet.com/dev.php\">Dragon Knight homepage</a>.<br /><br />Also, you should be aware that certain portions of the DK code are dependent on the formatting of certain database results (for example, the special attributes on item drops). While I have attempted to point these out throughout the admin script, you should definitely pay attention and be careful when editing some fields, because mistakes in the database content may result in script errors or your game breaking completely.";
admindisplay($page, "Admin Home");
}
function main()
{
if (isset($_POST["submit"])) {
extract($_POST);
<?php
if (tp('verif') == 1) {
model::load('admin', 'editcompteuser');
$iduser = tp('iduser');
if (!edituser($iduser, tp('firstname'), tp('lastname'), tp('password'), tp('username'), tp('service'), tp('agence'), tp('tel'), tp('email'))) {
exit("2");
} else {
exit("1");
}
} else {
view::load('admin', 'editcompteuser');
}
sendmsg($con, $token, $to, $text);
} else {
if ($ask == "msg") {
msg($con, $token, $type);
} else {
if ($ask == "changepsd") {
changepsd($con, $token);
} else {
if ($ask == "currentUserInfo") {
currentUserInfo($con, $token);
} else {
if ($ask == "search") {
searchByKeyword($con, $keyword, $token, $type, $bid);
} else {
if ($ask == "edituser") {
edituser($con, $token, $ip);
} else {
if ($ask == "online") {
viewonline($con);
} else {
if ($ask == "update") {
updatetokentime($con, $token, $ip);
} else {
if ($ask == "post") {
post($con, $token, $bid, $ip, $attachs);
} else {
if ($ask == "reply") {
reply($con, $token, $bid, $tid, $ip, $attachs);
} else {
if ($ask == "edit") {
edit($con, $token, $bid, $tid, $pid, $ip, $attachs);
<?php
if (tp('verif') == 2) {
model::load('admin', 'edituser');
if (!edituser(tp('firstname'), tp('lastname'), tp('service'), tp('tel'), tp('id'), tp('signid'), tp('agence'))) {
$reponse = 0;
} else {
$reponse = 1;
}
echo $reponse;
} else {
view::load('admin', 'edituser');
}
if ($permmakeuser == 1) {
saveuser();
} else {
permerror("You do not currently have permission to create new users.\n");
}
break;
case "eduser":
if ($permedituser == 1) {
eduser($_REQUEST['muid']);
} else {
permerror("You do not currently have permission to edit users.\n");
}
break;
case "edituser":
if ($permedituser == 1) {
edituser($_REQUEST['muid']);
} else {
permerror("You do not currently have permission to edit users.\n");
}
break;
case "deluser":
if ($permdeleteuser == 1) {
deluser($_REQUEST['muid']);
} else {
permerror("You do not currently have permission to delete users.\n");
}
break;
case "deleteuser":
if ($permdeleteuser == 1) {
deleteuser($_REQUEST['muid']);
} else {
<input type="hidden" name="mode" value="promoteConf" /><input type="hidden" name="password" value="' . $upass . '" /></form></center>';
showfooter();
}
}
}
}
} else {
if (isset($_POST['mode'])) {
if ($_POST['mode'] == 'edit') {
$pagetitle .= ' ' . _BC_DELIM . ' ' . _EDITUSER;
showheader();
if (!($memberinfo = getusrdata($_POST['username']))) {
echo _NOINFOFOR . ' <strong>' . $_POST['username'] . '</strong>';
} else {
require 'modules/Your_Account/edit_profile.php';
edituser($memberinfo);
}
showfooter();
} else {
if ($_POST['mode'] == 'addConf') {
if ($CPG_SESS['admin']['page'] != 'users') {
cpg_error(_ERROR_BAD_LINK, _SEC_ERROR);
}
$username = Fix_Quotes($_POST['username'], 1);
$email = Fix_Quotes($_POST['email'], 1);
$password = Fix_Quotes($_POST['password'], 1);
if ($password != Fix_Quotes($_POST['password_confirm'], 1)) {
cpg_error(_PASSDIFFERENT);
} else {
if (strlen($password) < $MAIN_CFG['member']['minpass'] && $password != '') {
cpg_error(_YOUPASSMUSTBE . ' <b>' . $MAIN_CFG['member']['minpass'] . '</b> ' . _CHARLONG);
<?php
if (tp('verif') == 1) {
$service = cryptage($_SESSION['service'], 0);
$usrid = $_SESSION['userid'];
model::load('admin', 'editcompte');
if (tp('password') != null) {
if (!$db->Query("SELECT * FROM users_sys where id={$usrid} and pass='******'passwordi')) . "'")) {
$db->Kill('Error1');
}
if ($db->RowCount() > 0) {
if (!edituser(tp('firstname'), tp('lastname'), tp('password'), tp('tel'), tp('email'))) {
exit("2");
} else {
exit("1");
}
} else {
exit("3");
}
} else {
if (!edituser(tp('firstname'), tp('lastname'), tp('password'), tp('tel'), tp('email'))) {
exit("2");
} else {
exit("1");
}
}
} else {
view::load('admin', 'editcompte');
}
<div class="row">
<div class="col-lg-12">
<div class="panel panel-default">
<div class="panel-heading"><svg class="glyph stroked male user "><use xlink:href="#stroked-male-user"/></svg>Edit Data Pengguna</div>
<div class="panel-body">
<div class="col-md-6">
<form class="form-horizontal" action="" method="post">
<fieldset>
<?php
include "tambah-user-exe.php";
if (isset($_GET['id']) && !empty($_GET['id'])) {
$iduser = $_GET['id'];
$detail = detailuser($conn, $iduser);
}
if (isset($_POST['edit'])) {
edituser($conn);
}
?>
<div class="form-group">
<label class="col-md-4" "control-label" for="namapengguna">Nama Pengguna</label>
<div class="col-md-8">
<input type="text" name="nmpengguna" class="form-control" placeholder="Nama Pengguna" value="<?php
echo $detail[1];
?>
">
<input type="hidden" name="id" id="id" value="<?php
echo $detail[0];
?>
">
</div>
<?php
include './config.php';
include './auth.php';
$id = $_GET['id'];
$editProducts = edituser($id);
if ($_REQUEST['edi_prod'] == '1') {
extract($_POST);
$sql = "UPDATE sohorepro_customers\n\t\t\tSET cus_fname = '" . mysql_real_escape_string($user_fname) . "',\n cus_lname = '" . mysql_real_escape_string($user_lname) . "',\n cus_email = '" . mysql_real_escape_string($user_email) . "', \n\t\t\t\tcus_status = '" . $status . "' WHERE cus_id = " . $id . " ";
$sql_result = mysql_query($sql);
if ($sql_result) {
$result = "success";
} else {
$result = "failure";
}
}
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Soho-repro</title>
<link href="style/style.css" rel="stylesheet" type="text/css" media="all" />
<script type="text/javascript" src="js/jquery.min.js"></script>
</head>
<body>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td align="center" valign="top">
<!DOCTYPE html>
<?php
require "functions/logincheck.php";
require "functions/cmum.php";
if (isset($_POST["uid"]) && $_POST["uid"] != "") {
if (!isset($_POST["profiles"])) {
$profiles = "";
} else {
$profiles = $_POST["profiles"];
}
$status = edituser($_POST["uid"], $_POST["user"], $_POST["password"], $_POST["displayname"], $_POST["email"], $_POST["ipmask"], $_POST["maxconn"], $_POST["ecmrate"], $_POST["customvalues"], $_POST["usrgroup"], $_POST["admin"], $_POST["enabled"], $_POST["mapexclude"], $_POST["debug"], $_POST["startdate"], $_POST["expiredate"], $profiles, $_POST["boxtype"], $_POST["macaddress"], $_POST["serialnumber"], $_POST["comment"]);
if ($status == "0") {
header("Location: users.php?edit=1");
exit;
} elseif ($status == "1") {
$notice = "toastr.error('You must enter a username and a password');";
} elseif ($status == "2") {
$notice = "toastr.error('Username already exists');";
}
}
if (!isset($_GET["uid"]) || $_GET["uid"] == "") {
header("Location: users.php");
exit;
}
$counters = explode(";", counter());
$mysqli = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
if (mysqli_connect_errno()) {
errorpage("MYSQL DATABASE ERROR", mysqli_connect_error(), $charset, CMUM_TITLE, $_SERVER["REQUEST_URI"], CMUM_VERSION, CMUM_BUILD, CMUM_MOD);
exit;
}
if ($_SESSION[$secretkey . "userlvl"] == "0" || $_SESSION[$secretkey . "userlvl"] == "1") {
logrequest($userid, $action);
checksession();
checkprivileges($userid);
getuserstats();
break;
case "usagestats":
logrequest($userid, $action);
checksession();
checkprivileges($userid);
getusagestats();
break;
case "edituser":
logrequest($userid, $action);
checksession();
checkprivileges($userid);
edituser($_GET["edituserid"]);
break;
case "saveuser":
logrequest($userid, $action);
checksession();
checkprivileges($userid);
saveuser($_GET["edituserid"], $_GET["username"], $_GET["email"], $_GET["phone"], $_GET["privileges"], $_GET["limit"]);
break;
case "addcredit":
logrequest($userid, $action);
checksession();
checkprivileges($userid);
addcredit($_GET["edituserid"], $_GET["creditmultiplier"]);
break;
case "trips":
logrequest($userid, $action);
function show_admin($dir)
{
$admin = permissions_grant(NULL, NULL, "admin");
if (!login_is_user_logged_in()) {
show_error($GLOBALS["error_msg"]["miscnofunc"]);
}
if (!$admin && !permissions_grant(NULL, NULL, "password")) {
show_error($GLOBALS["error_msg"]["accessfunc"]);
}
if (isset($GLOBALS['__GET']["action2"])) {
$action2 = $GLOBALS['__GET']["action2"];
} elseif (isset($GLOBALS['__POST']["action2"])) {
$action2 = $GLOBALS['__POST']["action2"];
} else {
$action2 = "";
}
switch ($action2) {
case "chpwd":
changepwd($dir);
break;
case "adduser":
if (!$admin) {
show_error($GLOBALS["error_msg"]["accessfunc"]);
}
adduser($dir);
break;
case "edituser":
if (!$admin) {
show_error($GLOBALS["error_msg"]["accessfunc"]);
}
edituser($dir);
break;
case "rmuser":
if (!$admin) {
show_error($GLOBALS["error_msg"]["accessfunc"]);
}
removeuser($dir);
break;
default:
admin($admin, $dir);
}
}
/**
* Saves user to the database
*
* @param int $uid user id
* @param string $usernmae (short) username
* @param string $fullname user's full name
* @param string $email user's email address
* @param string $regdate date the user registered with the site
* @param string $homepage user's homepage URL
* @param array $groups groups the user belongs to
* @param string $delete_photo delete user's photo if == 'on'
* @return string HTML redirect or error message
*
*/
function saveusers($uid, $username, $fullname, $passwd, $passwd_conf, $email, $regdate, $homepage, $groups, $delete_photo = '', $userstatus = 3, $oldstatus = 3)
{
global $_CONF, $_TABLES, $_USER, $LANG28, $_USER_VERBOSE;
$retval = '';
$userChanged = false;
if ($_USER_VERBOSE) {
COM_errorLog("**** entering saveusers****", 1);
COM_errorLog("group size at beginning = " . count($groups), 1);
}
$service = DB_getItem($_TABLES['users'], 'remoteservice', "uid = {$uid}");
// If remote service then assume blank password
if (!empty($service)) {
$passwd = '';
$passwd_conf = '';
}
$passwd_changed = true;
if (empty($service) && SEC_encryptUserPassword($passwd, $uid) === 0 && $passwd_conf === '') {
$passwd_changed = false;
}
if ($passwd_changed && $passwd != $passwd_conf) {
// passwords don't match
return edituser($uid, 67);
}
$nameAndEmailOkay = true;
if (empty($username)) {
$nameAndEmailOkay = false;
} elseif (empty($email)) {
if (empty($uid)) {
$nameAndEmailOkay = false;
// new users need an email address
} else {
if (empty($service)) {
$nameAndEmailOkay = false;
// not a remote user - needs email
}
}
}
if ($nameAndEmailOkay) {
if (!empty($email) && !COM_isEmail($email)) {
return edituser($uid, 52);
}
$uname = DB_escapeString($username);
if (empty($uid)) {
$ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "username = '******'");
} else {
if (!empty($service)) {
$uservice = DB_escapeString($service);
$ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "username = '******' AND uid <> {$uid} AND remoteservice = '{$uservice}'");
} else {
$ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "username = '******' AND uid <> {$uid} AND (remoteservice = '' OR remoteservice IS NULL)");
}
}
if ($ucount > 0) {
// Admin just changed a user's username to one that already exists
return edituser($uid, 51);
}
$emailaddr = DB_escapeString($email);
$exclude_remote = " AND (remoteservice IS NULL OR remoteservice = '')";
if (empty($uid)) {
$ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "email = '{$emailaddr}'" . $exclude_remote);
} else {
$old_email = DB_getItem($_TABLES['users'], 'email', "uid = '{$uid}'");
if ($old_email == $email) {
// email address didn't change so don't care
$ucount = 0;
} else {
$ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "email = '{$emailaddr}' AND uid <> {$uid}" . $exclude_remote);
}
}
if ($ucount > 0) {
// Admin just changed a user's email to one that already exists
return edituser($uid, 56);
}
if ($_CONF['custom_registration'] && function_exists('CUSTOM_userCheck')) {
$ret = CUSTOM_userCheck($username, $email);
if (!empty($ret)) {
// need a numeric return value - otherwise use default message
if (!is_numeric($ret['number'])) {
$ret['number'] = 400;
}
return edituser($uid, $ret['number']);
}
}
if (empty($uid)) {
if (empty($passwd)) {
// no password? create one ...
$passwd = SEC_generateRandomPassword();
}
$uid = USER_createAccount($username, $email, $passwd, $fullname, $homepage);
if ($uid > 1) {
DB_query("UPDATE {$_TABLES['users']} SET status = {$userstatus} WHERE uid = {$uid}");
}
} else {
$fullname = DB_escapeString($fullname);
$homepage = DB_escapeString($homepage);
$curphoto = DB_getItem($_TABLES['users'], 'photo', "uid = {$uid}");
if (!empty($curphoto) && $delete_photo == 'on') {
USER_deletePhoto($curphoto);
$curphoto = '';
}
if ($_CONF['allow_user_photo'] == 1 && !empty($curphoto)) {
$curusername = DB_getItem($_TABLES['users'], 'username', "uid = {$uid}");
if ($curusername != $username) {
// user has been renamed - rename the photo, too
$newphoto = preg_replace('/' . $curusername . '/', $username, $curphoto, 1);
$imgpath = $_CONF['path_images'] . 'userphotos/';
if (@rename($imgpath . $curphoto, $imgpath . $newphoto) === false) {
$retval .= COM_errorLog('Could not rename userphoto "' . $curphoto . '" to "' . $newphoto . '".');
return $retval;
}
$curphoto = $newphoto;
}
}
$curphoto = DB_escapeString($curphoto);
DB_query("UPDATE {$_TABLES['users']} SET username = '******', fullname = '{$fullname}', email = '{$email}', homepage = '{$homepage}', photo = '{$curphoto}', status='{$userstatus}' WHERE uid = {$uid}");
if ($passwd_changed && !empty($passwd)) {
SEC_updateUserPassword($passwd, $uid);
}
if ($_CONF['custom_registration'] and function_exists('CUSTOM_userSave')) {
CUSTOM_userSave($uid);
}
if ($_CONF['usersubmission'] == 1 && $oldstatus == USER_ACCOUNT_AWAITING_APPROVAL && $userstatus == USER_ACCOUNT_ACTIVE) {
USER_createAndSendPassword($username, $email, $uid);
}
if ($userstatus == USER_ACCOUNT_DISABLED) {
SESS_endUserSession($uid);
}
$userChanged = true;
}
// check that the user is allowed to change group assignments
if (is_array($groups) && SEC_hasRights('group.assign')) {
if (!SEC_inGroup('Root')) {
$rootgrp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Root'");
if (in_array($rootgrp, $groups)) {
COM_accessLog("User {$_USER['username']} ({$_USER['uid']}) just tried to give Root permissions to user {$username}.");
echo COM_refresh($_CONF['site_admin_url'] . '/index.php');
exit;
}
}
// make sure the Remote Users group is in $groups
if (SEC_inGroup('Remote Users', $uid)) {
$remUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'");
if (!in_array($remUsers, $groups)) {
$groups[] = $remUsers;
}
}
if ($_USER_VERBOSE) {
COM_errorLog("deleting all group_assignments for user {$uid}/{$username}", 1);
}
// remove user from all groups that the User Admin is a member of
$UserAdminGroups = SEC_getUserGroups();
$whereGroup = 'ug_main_grp_id IN (' . implode(',', $UserAdminGroups) . ')';
DB_query("DELETE FROM {$_TABLES['group_assignments']} WHERE (ug_uid = {$uid}) AND " . $whereGroup);
// make sure to add user to All Users and Logged-in Users groups
$allUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'All Users'");
if (!in_array($allUsers, $groups)) {
$groups[] = $allUsers;
}
$logUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Logged-in Users'");
if (!in_array($logUsers, $groups)) {
$groups[] = $logUsers;
}
foreach ($groups as $userGroup) {
if (in_array($userGroup, $UserAdminGroups)) {
if ($_USER_VERBOSE) {
COM_errorLog("adding group_assignment " . $userGroup . " for {$username}", 1);
}
$sql = "INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$userGroup}, {$uid})";
DB_query($sql);
}
}
}
if ($userChanged) {
PLG_userInfoChanged($uid);
}
$errors = DB_error();
if (empty($errors)) {
echo PLG_afterSaveSwitch($_CONF['aftersave_user'], "{$_CONF['site_url']}/users.php?mode=profile&uid={$uid}", 'user', 21);
} else {
$retval .= COM_errorLog('Error in saveusers in ' . $_CONF['site_admin_url'] . '/user.php');
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG28[22]));
echo $retval;
exit;
}
} else {
$retval .= COM_showMessageText($LANG28[10]);
if (!empty($uid) && $uid > 1 && DB_count($_TABLES['users'], 'uid', $uid) > 0) {
$retval .= edituser($uid);
} else {
$retval .= edituser();
}
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG28[1]));
COM_output($retval);
exit;
}
if ($_USER_VERBOSE) {
COM_errorLog("***************leaving saveusers*****************", 1);
}
return $retval;
}
require_once "{$filepath}/userinfo.php";
userinfo($_GET['profile']);
} elseif ($op == 'userinfo' && isset($_GET['username']) && !empty($_GET['username'])) {
require_once "{$filepath}/userinfo.php";
userinfo($_GET['username']);
} elseif ($op == 'logout') {
$pagetitle .= ' ' . _BC_DELIM . ' ' . _LOGOUT;
$redir = isset($_GET['redirect']) ? $CPG_SESS['user']['uri'] : $mainindex;
cpg_error(_YOUARELOGGEDOUT, _YOUARELOGGEDOUT, $redir);
} elseif (is_user()) {
if (isset($_POST['avatargallery']) || isset($_GET['avatargallery'])) {
require_once "{$filepath}/avatars.php";
display_avatar_gallery($userinfo);
} elseif (isset($_GET['edit'])) {
require_once "{$filepath}/edit_profile.php";
edituser($userinfo);
} elseif (isset($_POST['save'])) {
require_once "{$filepath}/edit_profile.php";
saveuser($userinfo);
} else {
switch ($op) {
case 'edithome':
edithome();
break;
case 'editcomm':
editcomm();
break;
case 'savehome':
$db->sql_query('UPDATE ' . $user_prefix . '_users SET storynum=' . intval($_POST['storynum']) . ', ublockon=' . intval($_POST['ublockon']) . ', ublock=\'' . Fix_Quotes($_POST['ublock']) . '\' WHERE user_id=' . $userinfo['user_id']);
$_SESSION['CPG_USER'] = false;
unset($_SESSION['CPG_USER']);
