Esempio n. 1
0
  {
  	if ($enabled == 'yes')
  		$modcomment = gmdate("Y-m-d") . " - Virktur af " . $CURUSER['username']. ".\n". $modcomment;
  	else
  		$modcomment = gmdate("Y-m-d") . " - Óvirktur af " . $CURUSER['username']. ".\n". $modcomment;
  }

  $updateset[] = "enabled = " . sqlesc($enabled);
  $updateset[] = "donor = " . sqlesc($donor);
  $updateset[] = "supportfor = " . sqlesc($supportfor);
  $updateset[] = "support = " . sqlesc($support);
  $updateset[] = "avatar = " . sqlesc($avatar);
  $updateset[] = "avadult = " . sqlesc($avadult);
  $updateset[] = "title = " . sqlesc($title);
  $updateset[] = "modcomment = " . sqlesc($modcomment);
  if ($_POST['resetpasskey']) $updateset[] = "passkey=''"; 
  if ($_POST['24rule'])
	$updateset[] = '24rule=\'1\'';
  else
	$updateset[] = '24rule=\'0\'';
  mysql_query("UPDATE users SET  " . implode(", ", $updateset) . " WHERE id=$userid") or sqlerr(__FILE__, __LINE__);
  $returnto = $_POST["returnto"];

  header("Location: $BASEURL/$returnto");
  die;
}

puke();

?>
    $bookmcom = $_POST["bookmcomment"];
    if ($_POST["addbookmark"] == "frist") {
        $addbookm = "ratio";
    } else {
        $addbookm = $_POST["addbookmark"];
    }
    $subject = sqlesc("Bad Ratio!");
    if ($_POST["addbookmark"] == "frist") {
        $msg = sqlesc("Message with extended time");
    } else {
        $msg = $addbookm == "ratio" ? sqlesc("Staff bookmark added") : sqlesc("Staff bookmark removed");
    }
    $added = sqlesc(get_date_time());
    if ($enabled == "no") {
        $updateset[] = "enabled = " . sqlesc($enabled);
        $updateset[] = "addbookmark = 'no'";
        //write_log("Mitglied $editedusername wurde wg Bad Ratio deaktiviert von $CURUSER[username]\n","99B200","admin");
    } else {
        sql_query("INSERT INTO messages (sender, receiver, msg, added, subject) VALUES (0, {$userid}, {$msg}, {$added}, {$subject})") or sqlerr(__FILE__, __LINE__);
        $updateset[] = "addbookmark = " . sqlesc($addbookm);
        $updateset[] = "bookmcomment = " . sqlesc($bookmcom);
        //write_log("Mitglied $editedusername wurde wg Bad Ratio gebookmarkt von $CURUSER[username]\n","99B200","user");
    }
    sql_query("UPDATE users SET " . implode(", ", $updateset) . " WHERE id = {$userid}") or sqlerr(__FILE__, __LINE__);
    // write_log("Das Profil von <a target=_blank href=userdetails.php?id=$userid>$editusername</a> wurde editiert von $CURUSER[username]","","admin");
    $returnto = htmlentities($_POST["returnto"]);
    header("Refresh: 0; {$BASEURL}/{$returnto}");
    die;
}
puke("Error,redirect dont worked,please use <a href=" . $BASEURL . "/" . $returnto . ">this Link</a>");
Esempio n. 3
0
function writeBonusComment($id,$newLog,$added)
{
	if (!isset($added)) $added = date("Y-m-d H:i:s");
	$id = sqlesc($id);
	$res = sql_query("SELECT bonuscomment FROM users WHERE id=$id ") or sqlerr(__FILE__, __LINE__);
	$arr = mysql_fetch_assoc($res) or puke();
	$log = $added."---".$newLog."\n".$arr['bonuscomment'];
	$log = sqlesc($log);
	sql_query("UPDATE users SET bonuscomment=$log WHERE id=$id ") or sqlerr(__FILE__,__LINE__);
}