foreach ($screens as $screen) { if (!empty($screen)) { if (file_exists($filepath . $screen)) { @unlink($filepath . $screen); } } } } safe_query("DELETE FROM " . PREFIX . "clanwars WHERE cwID='{$cwID}'"); header("Location: index.php?site=clanwars"); } elseif (isset($_POST['quickactiontype']) == "delete") { include "_mysql.php"; include "_settings.php"; include "_functions.php"; $_language->read_module('clanwars'); if (!isanyadmin($userID)) { die('no access!'); } if (isset($_POST['cwID'])) { $cwID = $_POST['cwID']; foreach ($cwID as $id) { $ergebnis = safe_query("SELECT screens FROM " . PREFIX . "clanwars WHERE cwID='{$id}'"); $ds = mysql_fetch_array($ergebnis); $screens = explode("|", $ds['screens']); $filepath = "./images/clanwar-screens/"; if (is_array($screens)) { foreach ($screens as $screen) { if (!empty($screen)) { if (file_exists($filepath . $screen)) { @unlink($filepath . $screen); }
$_language->set_language($_COOKIE['language']); } elseif (isset($_SESSION['language'])) { $_language->set_language($_SESSION['language']); } } if ($login_per_cookie) { $ll = mysql_fetch_array(safe_query("SELECT lastlogin FROM " . PREFIX . "user WHERE userID='{$userID}'")); $_SESSION['ws_lastlogin'] = $ll['lastlogin']; } // -- SITE VARIABLE -- // if (isset($_GET['site'])) { $site = $_GET['site']; } else { $site = ''; } if ($closed and !isanyadmin($userID)) { $dl = mysql_fetch_array(safe_query("SELECT * FROM `" . PREFIX . "lock` LIMIT 0,1")); $reason = $dl['reason']; $time = $dl['time']; showlock($reason, $time); } if (!isset($_SERVER['HTTP_REFERER'])) { $_SERVER['HTTP_REFERER'] = ""; } // -- BANNED USERS -- // if (date("dh", $lastBanCheck) != date("dh")) { $get = safe_query("SELECT userID, banned FROM " . PREFIX . "user WHERE banned IS NOT NULL"); $removeBan = array(); while ($ds = mysql_fetch_assoc($get)) { if ($ds['banned'] != "perm") { if ($ds['banned'] <= time()) {
$url = $_POST['gburl']; $icq = $_POST['icq']; $CAPCLASS = new Captcha(); if ($CAPCLASS->check_captcha($_POST['captcha'], $_POST['captcha_hash'])) { $run = 1; } } if ($run) { safe_query("INSERT INTO " . PREFIX . "user_gbook (userID, date, name, email, hp, icq, ip, comment)\n\t\t\t\t\t\t\t\tvalues('" . $id . "', '" . $date . "', '" . $_POST['gbname'] . "', '" . $_POST['gbemail'] . "', '" . $_POST['gburl'] . "', '" . $_POST['icq'] . "', '" . $ip . "', '" . $_POST['message'] . "')"); if ($id != $userID) { sendmessage($id, $_language->module['new_guestbook_entry'], str_replace('%guestbook_id%', $id, $_language->module['new_guestbook_entry_msg'])); } } redirect('user/' . getnickname($id) . '/', '', 0); } elseif (isset($_GET['delete'])) { if (!isanyadmin($userID) and $id != $userID) { die($_language->module['no_access']); } foreach ($_POST['gbID'] as $gbook_id) { safe_query("DELETE FROM " . PREFIX . "user_gbook WHERE gbID='{$gbook_id}'"); } redirect('user/' . getnickname($id) . '/', '', 0); } else { $bg1 = BG_1; $bg2 = BG_2; $gesamt = mysql_num_rows(safe_query("SELECT gbID FROM " . PREFIX . "user_gbook WHERE userID='" . $id . "'")); if (isset($_GET['page'])) { $page = (int) $_GET['page']; } $type = "DESC"; if (isset($_GET['type'])) {
# Copyright 2005-2011 by webspell.org # # # # visit webSPELL.org, webspell.info to get webSPELL for free # # - Script runs under the GNU GENERAL PUBLIC LICENSE # # - It's NOT allowed to remove this copyright-tag # # -- http://www.fsf.org/licensing/licenses/gpl.html # # # # Code based on WebSPELL Clanpackage (Michael Gruber - webspell.at), # # Far Development by Development Team - webspell.org # # # # visit webspell.org # # # ########################################################################## */ $_language->read_module('page_statistic'); if (!isanyadmin($userID) or mb_substr(basename($_SERVER['REQUEST_URI']), 0, 15) != "admincenter.php") { die($_language->module['access_denied']); } echo '<h1>¤ ' . $_language->module['page_stats'] . '</h1>'; $count_array = array(); $tables_array = array(PREFIX . "articles", PREFIX . "banner", PREFIX . "awards", PREFIX . "bannerrotation", PREFIX . "challenge", PREFIX . "clanwars", PREFIX . "comments", PREFIX . "contact", PREFIX . "countries", PREFIX . "demos", PREFIX . "faq", PREFIX . "faq_categories", PREFIX . "files", PREFIX . "files_categorys", PREFIX . "forum_announcements", PREFIX . "forum_boards", PREFIX . "forum_categories", PREFIX . "forum_groups", PREFIX . "forum_moderators", PREFIX . "forum_posts", PREFIX . "forum_ranks", PREFIX . "forum_topics", PREFIX . "gallery", PREFIX . "gallery_groups", PREFIX . "gallery_pictures", PREFIX . "games", PREFIX . "guestbook", PREFIX . "links", PREFIX . "links_categorys", PREFIX . "linkus", PREFIX . "messenger", PREFIX . "news", PREFIX . "news_languages", PREFIX . "news_rubrics", PREFIX . "partners", PREFIX . "poll", PREFIX . "servers", PREFIX . "shoutbox", PREFIX . "smileys", PREFIX . "sponsors", PREFIX . "squads", PREFIX . "static", PREFIX . "user", PREFIX . "user_gbook"); $db_size = 0; $db_size_op = 0; if (!isset($db)) { $get = safe_query("SELECT DATABASE()"); $ret = mysql_fetch_array($get); $db = $ret[0]; } $query = safe_query("SHOW TABLES"); $count_tables = mysql_num_rows($query); foreach ($tables_array as $table) {
$td = 'td1'; } else { $td = 'td2'; } $id = $ds['userID']; $registered = date("d.m.Y - H:i", $ds['registerdate']); $nickname_c = getnickname($ds['userID']); $replaced_search = str_replace("%", "", $search); $nickname = str_replace($replaced_search, '<b>' . $replaced_search . '</b>', $nickname_c); if (issuperadmin($ds['userID']) && isclanmember($ds['userID'])) { $status = $_language->module['superadmin'] . '<br />& ' . $_language->module['clanmember']; } elseif (issuperadmin($ds['userID'])) { $status = $_language->module['superadmin']; } elseif (isanyadmin($ds['userID']) && isclanmember($ds['userID'])) { $status = $_language->module['admin'] . '<br />& ' . $_language->module['clanmember']; } elseif (isanyadmin($ds['userID'])) { $status = $_language->module['admin']; } elseif (isanymoderator($ds['userID']) && isclanmember($ds['userID'])) { $status = $_language->module['moderator'] . '<br />& ' . $_language->module['clanmember']; } elseif (isanymoderator($ds['userID'])) { $status = $_language->module['moderator']; } elseif (isclanmember($ds['userID'])) { $status = $_language->module['clanmember']; } else { $status = $_language->module['user']; } if (isbanned($ds['userID'])) { $banned = '<input type="button" onclick="MM_goToURL(\'parent\',\'admincenter.php?site=users&action=ban&id=' . $ds['userID'] . '\');return document.MM_returnValue" value="' . $_language->module['undo_ban'] . '" />'; } else { $banned = '<input type="button" onclick="MM_goToURL(\'parent\',\'admincenter.php?site=users&action=ban&id=' . $ds['userID'] . '\');return document.MM_returnValue" value="' . $_language->module['banish'] . '" />'; }
* Diese Datei ist Teil von Easy-WI. * * Easy-WI ist Freie Software: Sie koennen es unter den Bedingungen * der GNU General Public License, wie von der Free Software Foundation, * Version 3 der Lizenz oder (nach Ihrer Wahl) jeder spaeteren * veroeffentlichten Version, weiterverbreiten und/oder modifizieren. * * Easy-WI wird in der Hoffnung, dass es nuetzlich sein wird, aber * OHNE JEDE GEWAEHELEISTUNG, bereitgestellt; sogar ohne die implizite * Gewaehrleistung der MARKTFAEHIGKEIT oder EIGNUNG FUER EINEN BESTIMMTEN ZWECK. * Siehe die GNU General Public License fuer weitere Details. * * Sie sollten eine Kopie der GNU General Public License zusammen mit diesem * Programm erhalten haben. Wenn nicht, siehe <http://www.gnu.org/licenses/>. */ if (!isset($admin_id) or $main != 1 or isset($admin_id) and !isanyadmin($admin_id) and !rsellerpermisions($admin_id)) { header('Location: login.php'); die('No acces'); } $sprache_bad = getlanguagefile('home', $user_language, $reseller_id); $statsArray = array('gameMasterInstalled' => 0, 'gameMasterActive' => 0, 'gameMasterSlotsAvailable' => 0, 'gameMasterCrashed' => 0, 'gameserverInstalled' => 0, 'gameserverActive' => 0, 'gameserverSlotsInstalled' => 0, 'gameserverSlotsActive' => 0, 'gameserverSlotsUsed' => 0, 'gameserverNoPassword' => 0, 'gameserverNoTag' => 0, 'gameserverNotRunning' => 0, 'mysqlMasterInstalled' => 0, 'mysqlMasterActive' => 0, 'mysqlMasterDBAvailable' => 0, 'mysqlMasterCrashed' => 0, 'mysqlDBInstalled' => 0, 'mysqlDBActive' => 0, 'mysqlDBSpaceUsed' => 0, 'ticketsCompleted' => 0, 'ticketsInProcess' => 0, 'ticketsNew' => 0, 'userAmount' => 0, 'userAmountActive' => 0, 'virtualMasterInstalled' => 0, 'virtualMasterActive' => 0, 'virtualMasterVserverAvailable' => 0, 'virtualInstalled' => 0, 'virtualActive' => 0, 'voiceMasterInstalled' => 0, 'voiceMasterActive' => 0, 'voiceMasterSlotsAvailable' => 0, 'voiceMasterCrashed' => 0, 'voiceserverInstalled' => 0, 'voiceserverActive' => 0, 'voiceserverSlotsInstalled' => 0, 'voiceserverSlotsActive' => 0, 'voiceserverSlotsUsed' => 0, 'voiceserverTrafficAllowed' => 0, 'voiceserverTrafficUsed' => 0, 'voiceserverCrashed' => 0, 'webMasterInstalled' => 0, 'webMasterActive' => 0, 'webMasterCrashed' => 0, 'webMasterSpaceAvailable' => 0, 'webMasterVhostAvailable' => 0, 'webspaceInstalled' => 0, 'webspaceActive' => 0, 'webspaceSpaceGiven' => 0, 'webspaceSpaceGivenActive' => 0, 'webspaceSpaceUsed' => 0); $query = $sql->prepare("SELECT * FROM `easywi_statistics_current` WHERE `userID`=? LIMIT 1"); $query->execute(array($resellerLockupID)); while ($row = $query->fetch(PDO::FETCH_ASSOC)) { $statsArray = $row; } $statsArray['ticketsTotal'] = $statsArray['ticketsInProcess'] + $statsArray['ticketsNew']; $statsArray['warningTotal'] = $statsArray['gameserverNoPassword'] + $statsArray['gameserverNoTag'] + $statsArray['gameserverNotRunning'] + $statsArray['voiceserverCrashed']; if ($ui->smallletters('w', 2, 'get') == 'da' or !$ui->smallletters('w', 2, 'get') and !$ui->smallletters('d', 2, 'get')) { $statsArray['ticketsPercent'] = $statsArray['ticketsCompleted'] + $statsArray['ticketsInProcess'] + $statsArray['ticketsNew'] > 0 ? round(($statsArray['ticketsInProcess'] + $statsArray['ticketsNew']) / (($statsArray['ticketsCompleted'] + $statsArray['ticketsInProcess'] + $statsArray['ticketsNew']) / 100), 2) : 0; $statsArray['ticketsNewPercent'] = $statsArray['ticketsInProcess'] + $statsArray['ticketsNew'] > 0 ? round($statsArray['ticketsNew'] / (($statsArray['ticketsInProcess'] + $statsArray['ticketsNew']) / 100), 2) : 0;
* * Easy-WI wird in der Hoffnung, dass es nuetzlich sein wird, aber * OHNE JEDE GEWAEHELEISTUNG, bereitgestellt; sogar ohne die implizite * Gewaehrleistung der MARKTFAEHIGKEIT oder EIGNUNG FUER EINEN BESTIMMTEN ZWECK. * Siehe die GNU General Public License fuer weitere Details. * * Sie sollten eine Kopie der GNU General Public License zusammen mit diesem * Programm erhalten haben. Wenn nicht, siehe <http://www.gnu.org/licenses/>. */ if (!isset($admin_id) or !isset($reseller_id)) { header('Location: login.php'); die; } $adminInclude = true; $pa = User_Permissions($admin_id); if (!isanyadmin($admin_id) and count($pa) == 0) { redirect('login.php'); } $ewVersions['files'] = '5.10'; $vcsprache = getlanguagefile('versioncheck', $user_language, $reseller_id); $query = $sql->prepare("SELECT `version` FROM `easywi_version` ORDER BY `id` DESC LIMIT 1"); $query->execute(); $ewVersions['cVersion'] = $query->fetchColumn(); $query = $sql->prepare("SELECT `version`,`releasenotesDE`,`releasenotesEN` FROM `settings` WHERE `resellerid`=0 LIMIT 1"); $query->execute(); while ($row = $query->fetch(PDO::FETCH_ASSOC)) { $ewVersions['version'] = $row['version']; $ewVersions['releasenotesDE'] = $row['releasenotesDE']; $ewVersions['releasenotesEN'] = $row['releasenotesEN']; } if ($reseller_id == 0 and $ui->st('w', 'get') != 'vc' and ($ewVersions['cVersion'] < $ewVersions['version'] or $ewVersions['files'] < $ewVersions['version'])) {
function print_termine($tag, $month, $year) { global $wincolor; global $loosecolor; global $drawcolor; global $userID; global $_language; $_language->read_module('calendar'); $pagebg = PAGEBG; $border = BORDER; $bghead = BGHEAD; $bgcat = BGCAT; $start_date = mktime(0, 0, 0, $month, $tag, $year); $end_date = mktime(23, 59, 59, $month, $tag, $year); unset($termin); $ergebnis = safe_query("SELECT * FROM " . PREFIX . "upcoming"); $anz = mysql_num_rows($ergebnis); if ($anz) { while ($ds = mysql_fetch_array($ergebnis)) { if ($ds['type'] == "c") { if ($ds['date'] >= $start_date && $ds['date'] <= $end_date) { $date = date("d.m.Y", $ds['date']); $time = date("H:i", $ds['date']); $squad = getsquadname($ds['squad']); $oppcountry = "[flag]" . $ds['oppcountry'] . "[/flag]"; $oppcountry = flags($oppcountry); $opponent = $oppcountry . ' <a href="' . $ds['opphp'] . '" target="_blank">' . clearfromtags($ds['opptag']) . ' / ' . clearfromtags($ds['opponent']) . '</a>'; $maps = clearfromtags($ds['maps']); $server = clearfromtags($ds['server']); $league = '<a href="' . $ds['leaguehp'] . '" target="_blank">' . clearfromtags($ds['league']) . '</a>'; if (isclanmember($userID)) { $warinfo = cleartext($ds['warinfo']); } else { $warinfo = $_language->module['you_have_to_be_clanmember']; } $players = ""; $announce = ""; $adminaction = ''; if (isclanmember($userID) or isanyadmin($userID)) { $anmeldung = safe_query("SELECT * FROM " . PREFIX . "upcoming_announce WHERE upID='" . $ds['upID'] . "'"); if (mysql_num_rows($anmeldung)) { $i = 1; while ($da = mysql_fetch_array($anmeldung)) { if ($da['status'] == "y") { $fontcolor = $wincolor; } elseif ($da['status'] == "n") { $fontcolor = $loosecolor; } else { $fontcolor = $drawcolor; } if ($i > 1) { $players .= ', <a href="index.php?site=profile&id=' . $da['userID'] . '"><font color="' . $fontcolor . '">' . getnickname($da['userID']) . '</font></a>'; } else { $players .= '<a href="index.php?site=profile&id=' . $da['userID'] . '"><font color="' . $fontcolor . '">' . getnickname($da['userID']) . '</font></a>'; } $i++; } } else { $players = $_language->module['no_announced']; } if (issquadmember($userID, $ds['squad']) and $ds['date'] > time()) { $announce = '• <a href="index.php?site=calendar&action=announce&upID=' . $ds['upID'] . '">' . $_language->module['announce_here'] . '</a>'; } else { $announce = ""; } if (isclanwaradmin($userID)) { $adminaction = '<div align="right"> <input type="button" onclick="MM_openBrWindow(\'clanwars.php?action=new&upID=' . $ds['upID'] . '\',\'Clanwars\',\'toolbar=no,status=no,scrollbars=yes,width=800,height=490\')" value="' . $_language->module['add_clanwars'] . '" /> <input type="button" onclick="MM_goToURL(\'parent\',\'index.php?site=calendar&action=editwar&upID=' . $ds['upID'] . '\');return document.MM_returnValue" value="' . $_language->module['edit'] . '" /> <input type="button" onclick="MM_confirm(\'' . $_language->module['really_delete'] . '\', \'calendar.php?action=delete&upID=' . $ds['upID'] . '\')" value="' . $_language->module['delete'] . '" /></div>'; } else { $adminaction = ''; } } else { $players = $_language->module['access_member']; } $bg1 = BG_1; $bg2 = BG_2; $bg3 = BG_3; $bg4 = BG_4; eval("\$upcoming_war_details = \"" . gettemplate("upcoming_war_details") . "\";"); echo $upcoming_war_details; } } else { if ($start_date <= $ds['date'] && $end_date >= $ds['date'] || $start_date >= $ds['date'] && $end_date <= $ds['enddate'] || $start_date <= $ds['enddate'] && $end_date >= $ds['enddate']) { $date = date("d.m.Y", $ds['date']); $time = date("H:i", $ds['date']); $enddate = date("d.m.Y", $ds['enddate']); $endtime = date("H:i", $ds['enddate']); $title = clearfromtags($ds['title']); $location = '<a href="' . $ds['locationhp'] . '" target="_blank">' . clearfromtags($ds['location']) . '</a>'; $dateinfo = cleartext($ds['dateinfo']); $dateinfo = toggle($dateinfo, $ds['upID']); $country = "[flag]" . $ds['country'] . "[/flag]"; $country = flags($country); $players = ""; if (isclanmember($userID)) { $anmeldung = safe_query("SELECT * FROM " . PREFIX . "upcoming_announce WHERE upID='" . $ds['upID'] . "'"); if (mysql_num_rows($anmeldung)) { $i = 1; while ($da = mysql_fetch_array($anmeldung)) { if ($da['status'] == "y") { $fontcolor = $wincolor; } elseif ($da['status'] == "n") { $fontcolor = $loosecolor; } else { $fontcolor = $drawcolor; } if ($i > 1) { $players .= ', <a href="index.php?site=profile&id=' . $da['userID'] . '"><font color="' . $fontcolor . '">' . getnickname($da['userID']) . '</font></a>'; } else { $players .= '<a href="index.php?site=profile&id=' . $da['userID'] . '"><font color="' . $fontcolor . '">' . getnickname($da['userID']) . '</font></a>'; } $i++; } } else { $players = $_language->module['no_announced']; } if (isclanmember($userID) and $ds['date'] > time()) { $announce = '• <a href="index.php?site=calendar&action=announce&upID=' . $ds['upID'] . '">' . $_language->module['announce_here'] . '</a>'; } else { $announce = ''; } if (isclanwaradmin($userID)) { $adminaction = '<div align="right"><input type="button" onclick="MM_goToURL(\'parent\',\'index.php?site=calendar&action=editdate&upID=' . $ds['upID'] . '\');return document.MM_returnValue" value="' . $_language->module['edit'] . '" /><input type="button" onclick="MM_confirm(\'' . $_language->module['really_delete'] . '\', \'calendar.php?action=delete&upID=' . $ds['upID'] . '\')" value="' . $_language->module['delete'] . '" /></div>'; } else { $adminaction = ''; } } else { $players = $_language->module['access_member']; $announce = ''; $adminaction = ''; } $bg1 = BG_1; $bg2 = BG_2; $bg3 = BG_3; $bg4 = BG_4; eval("\$upcoming_date_details = \"" . gettemplate("upcoming_date_details") . "\";"); echo $upcoming_date_details; } } } } else { echo $_language->module['no_entries']; } }
if (isset($ws_auth)) { $authent = explode(":", $ws_auth); $ws_user = $authent[0]; $ws_pwd = $authent[1]; $cookie=true; } $loggedin=false; if ($cookie) { $check = safe_query("SELECT * FROM ".PREFIX."user WHERE username='******' AND password='******'"); $anz = mysql_num_rows($check); if($anz) { $ds=mysql_fetch_array($check); $loggedin=true; $userID=$ds[userID]; $admin=isanyadmin($ds[userID]); } } if(!$loggedin) die('Sie sind nicht eingelogtg'); if(!$admin) die('Sie haben keine Zugangsberechtigung zum acentre'); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>eXalted pRogress | Alliance [Nera'Thor - EU]</title> <link rel="stylesheet" type="text/css" media="all" href="system/css/reset.css" /> <link rel="stylesheet" type="text/css" media="all" href="system/css/styles.css" /> <link rel="stylesheet" type="text/css" media="all" href="system/css/960.css" /> <script type="text/javascript" src="system/js/core.js"></script> <script type="text/javascript" src="system/js/fx.js"></script>
# - Script runs under the GNU GENERAL PUBLIC LICENSE # # - It's NOT allowed to remove this copyright-tag # # -- http://www.fsf.org/licensing/licenses/gpl.html # # # # Code based on WebSPELL Clanpackage (Michael Gruber - webspell.at), # # Far Development by Development Team - webspell.org # # # # visit webspell.org # # # ########################################################################## */ include "../_mysql.php"; include "../_settings.php"; include "../_functions.php"; $_language->read_module('visitor_statistic_image'); $admin = isanyadmin($userID); if (!$loggedin) { die($_language->module['not_logged_in']); } if (!$admin) { die($_language->module['access_denied']); } header("Content-type: image/png"); $offset_left = 25; $offset_right = 80; $offset_top = 25; $offset_bottom = 35; if (isset($_GET['size_x'])) { $size_x = (int) $_GET['size_x']; if ($size_x <= 0) { $size_x = 1;
<?php if($loggedin) { $username='******'.getnickname($userID).'</b>';; if(isanyadmin($userID)) $admin=' <img height=7 src="system/images/arrow.gif" width=9> <a href="acentre.php" target="_blank">Admincenter</a>'; else $admin=''; eval ("\$logged = \"".gettemplate("logged")."\";"); echo $logged; } else { eval ("\$loginform = \"".gettemplate("login")."\";"); echo $loginform; } ?>
safe_query("INSERT INTO " . PREFIX . "forum_topics (boardID, icon, userID, date, topic, lastdate, lastposter, replys, views, closed, moveID) values ('" . $ds['boardID'] . "', '', '" . $ds['userID'] . "', '" . $ds['date'] . "', '" . addslashes($ds['topic']) . "', '" . $ds['lastdate'] . "', '', '', '', '', '{$topicID}') "); } safe_query("UPDATE " . PREFIX . "forum_topics SET boardID='{$toboard}', readgrps='" . $di['readgrps'] . "', writegrps='" . $di['writegrps'] . "' WHERE topicID='{$topicID}'"); safe_query("UPDATE " . PREFIX . "forum_posts SET boardID='{$toboard}' WHERE topicID='{$topicID}'"); $post_num = mysql_affected_rows() - 1; safe_query("UPDATE " . PREFIX . "forum_boards SET topics=topics+1 WHERE boardID='{$toboard}'"); safe_query("UPDATE " . PREFIX . "forum_boards SET topics=topics-1 WHERE boardID='" . $ds['boardID'] . "'"); safe_query("UPDATE " . PREFIX . "forum_boards SET posts=posts+" . $post_num . " WHERE boardID='" . $toboard . "'"); safe_query("UPDATE " . PREFIX . "forum_boards SET posts=posts-" . $post_num . " WHERE boardID='" . $ds['boardID'] . "'"); header("Location: index.php?site=forum&board={$toboard}"); } elseif ($_POST['admaction'] == "movetopic") { include "_mysql.php"; include "_settings.php"; include '_functions.php'; $_language->read_module('forum'); if (!isanyadmin($userID) and !ismoderator($userID, getboardid($_POST['topicID']))) { die($_language->module['no_access']); } $boards = ''; $kath = safe_query("SELECT * FROM " . PREFIX . "forum_categories ORDER BY sort"); while ($dk = mysql_fetch_array($kath)) { $ergebnis = safe_query("SELECT * FROM " . PREFIX . "forum_boards WHERE category='{$dk['catID']}' ORDER BY sort"); while ($db = mysql_fetch_array($ergebnis)) { $boards .= '<option value="' . $db['boardID'] . '">' . $dk['name'] . ' - ' . $db['name'] . '</option>'; } } $ergebnis = safe_query("SELECT * FROM " . PREFIX . "forum_boards WHERE category='0' ORDER BY sort"); while ($ds = mysql_fetch_array($ergebnis)) { $boards .= '<option value="' . $ds['boardID'] . '">' . $ds['name'] . '</option>'; } $pagetitle = PAGETITLE;
} else { $orderBy = '`logdate` DESC'; } } if ($sSearch) { if ($adminLookup) { $query = $sql->prepare("SELECT `subuser`,`username`,`useraction`,`ip`,`logdate`,`cname` FROM `userlog` AS l LEFT JOIN `userdata` AS s ON s.`id`=l.`subuser` AND l.`subuser`!=0 WHERE l.`resellerid`=:resellerid AND (`username` LIKE :search OR `cname` LIKE :search OR `ip` LIKE :search OR `logdate` LIKE :search OR `useraction` LIKE :search) ORDER BY {$orderBy} LIMIT {$iDisplayStart},{$iDisplayLength}"); $query->execute(array(':search' => '%' . $sSearch . '%', ':resellerid' => $resellerLockupID)); } else { $query = $sql->prepare("SELECT `subuser`,`username`,`useraction`,`ip`,`logdate`,`cname` FROM `userlog` AS l LEFT JOIN `userdata` AS s ON s.`id`=l.`subuser` AND l.`subuser`!=0 WHERE l.`usertype` IN ('user','cron') AND l.`userid`=:userid AND l.`resellerid`=:resellerid AND (`username` LIKE :search OR `cname` LIKE :search OR `ip` LIKE :search OR `logdate` LIKE :search OR `useraction` LIKE :search) ORDER BY {$orderBy} LIMIT {$iDisplayStart},{$iDisplayLength}"); $query->execute(array(':search' => '%' . $sSearch . '%', ':userid' => $user_id, ':resellerid' => $reseller_id)); } } else { if ($adminLookup) { $query = $sql->prepare("SELECT `subuser`,`username`,`useraction`,`ip`,`logdate`,`cname` FROM `userlog` AS l LEFT JOIN `userdata` AS s ON s.`id`=l.`subuser` AND l.`subuser`!=0 WHERE l.`resellerid`=? ORDER BY {$orderBy} LIMIT {$iDisplayStart},{$iDisplayLength}"); $query->execute(array($resellerLockupID)); } else { $query = $sql->prepare("SELECT `subuser`,`username`,`useraction`,`ip`,`logdate`,`cname` FROM `userlog` AS l LEFT JOIN `userdata` AS s ON s.`id`=l.`subuser` AND l.`subuser`!=0 WHERE l.`usertype` IN ('user','cron') AND l.`userid`=? AND l.`resellerid`=? ORDER BY {$orderBy} LIMIT {$iDisplayStart},{$iDisplayLength}"); $query->execute(array($user_id, $reseller_id)); } } while ($row = $query->fetch(PDO::FETCH_ASSOC)) { if ($row['subuser'] == 0 or $adminLookup) { $username = $row['username']; $ip = $row['ip']; } else { $username = $row['cname']; $ip = isanyadmin($row['subuser']) ? 'admin' : $row['ip']; } $array['aaData'][] = array($row['logdate'], $username, str_replace($placeholders2, $replace2, str_replace($placeholders, $replace, $row['useraction'])), $ip); }
redirect('userpanel.php'); } else { if (isset($admin_id)) { $folders = explode('/', $ui->server['SCRIPT_NAME']); $amount = count($folders) - 1; $i = 0; $path = ''; while ($i < $amount) { $path .= $folders[$i] . '/'; $i++; } $webhostdomain = isset($ui->server['HTTPS']) ? 'https://' . $ui->server['HTTP_HOST'] . $path : 'http://' . $ui->server['HTTP_HOST'] . $path; $query = $sql->prepare("UPDATE `settings` SET `paneldomain`=? WHERE `resellerid`=0 LIMIT 1"); $query->execute(array($webhostdomain)); $params = @json_decode(licenceRequest(true)); if (isanyadmin($admin_id) or rsellerpermisions($admin_id)) { redirect('admin.php'); } else { redirect('login.php&r=lo'); } } } } } else { if (!isset($passwordCorrect) or $passwordCorrect === false) { $halfhour = date('Y-m-d H:i:s', strtotime('+30 minutes')); $query = $sql->prepare("SELECT `id` FROM `badips` WHERE `badip`=? LIMIT 1"); $query->execute(array($loguserip)); $rowcount = $query->rowCount(); $query = $rowcount == 0 ? $sql->prepare("INSERT INTO `badips` (bantime,failcount,reason,badip) VALUES (?,'1','password',?)") : $sql->prepare("UPDATE `badips` SET `bantime`=?,`failcount`=`failcount`+1, `reason`='password' WHERE `badip`=? LIMIT 1"); $query->execute(array($halfhour, $loguserip));