Esempio n. 1
0
</td>
</tr>
</table></div>
<?php 
}
if ($_GET['act'] == "create") {
    if ($GroupInfo['CanAddEvents'] == "no") {
        redirect("location", $rbasedir . url_maker($exfile['index'], $Settings['file_ext'], "act=view", $Settings['qstr'], $Settings['qsep'], $prexqstr['index'], $exqstr['index'], false));
        ob_clean();
        header("Content-Type: text/plain; charset=" . $Settings['charset']);
        $urlstatus = 302;
        gzip_page($Settings['use_gzip'], $GZipEncode['Type']);
        session_write_close();
        die;
    }
    $UFID = rand_uuid("rand");
    $_SESSION['UserFormID'] = $UFID;
    ?>
<div class="NavLinks"><?php 
    echo $ThemeSet['NavLinkIcon'];
    ?>
<a href="<?php 
    echo url_maker($exfile['index'], $Settings['file_ext'], "act=view", $Settings['qstr'], $Settings['qsep'], $prexqstr['index'], $exqstr['index']);
    ?>
"><?php 
    echo $Settings['board_name'];
    ?>
</a><?php 
    echo $ThemeSet['NavLinkDivider'];
    ?>
<a href="<?php 
Esempio n. 2
0
<input type="reset" value="Reset Form" class="Button" name="Reset_Form" />
</td></tr></table>
</form>
</td>
</tr>
<tr class="TableMenuRow4">
<td class="TableMenuColumn4">&nbsp;</td>
</tr>
</table>
</div>
<?php 
}
if ($_POST['act'] == "info" && $_POST['update'] == "now" && $_GET['act'] == "info" && $_SESSION['UserGroup'] != $Settings['GuestGroup'] && $GroupInfo['HasAdminCP'] == "yes") {
    $_POST = array_map("rsq", $_POST);
    if (!isset($Settings['BoardUUID']) || $Settings['BoardUUID'] === null) {
        $Settings['BoardUUID'] = rand_uuid("rand");
    }
    $_POST['board_name'] = htmlspecialchars($_POST['board_name'], ENT_QUOTES, $Settings['charset']);
    $_POST['board_name'] = fixbamps($_POST['board_name']);
    $_POST['board_name'] = remove_spaces($_POST['board_name']);
    $_POST['board_name'] = str_replace("\\&#039;", "&#039;", $_POST['board_name']);
    if ($_POST['board_name'] != $Settings['board_name'] && $Settings['SQLThemes'] == "on") {
        $logoquery = sql_pre_query("UPDATE \"" . $Settings['sqltable'] . "themes\" SET \"Logo\"='%s' WHERE \"Logo\"='%s'", array($_POST['board_name'], $Settings['board_name']));
        sql_query($logo, $SQLStat);
    }
    $_POST['Author'] = htmlspecialchars($_POST['Author'], ENT_QUOTES, $Settings['charset']);
    $_POST['Author'] = fixbamps($_POST['Author']);
    $_POST['Author'] = remove_spaces($_POST['Author']);
    $_POST['Author'] = str_replace("\\&#039;", "&#039;", $_POST['Author']);
    $_POST['Keywords'] = htmlspecialchars($_POST['Keywords'], ENT_QUOTES, $Settings['charset']);
    $_POST['Keywords'] = fixbamps($_POST['Keywords']);
Esempio n. 3
0
        $SQLCharset = "latin1";
    }
    if ($Settings['charset'] == "UTF-8") {
        $SQLCollate = "utf8_unicode_ci";
        $SQLCharset = "utf8";
    }
    $Settings['sql_collate'] = $SQLCollate;
    $Settings['sql_charset'] = $SQLCharset;
}
sql_set_charset($SQLCharset, $SQLStat);
if ($SQLStat === false) {
    $Error = "Yes";
    echo "<br />" . sql_errorno($SQLStat) . "\n";
}
if ($Error != "Yes") {
    $ServerUUID = rand_uuid("rand");
    if (!is_numeric($_POST['YourOffSet'])) {
        $_POST['YourOffSet'] = "0";
    }
    if (!is_numeric($_POST['MinOffSet'])) {
        $_POST['MinOffSet'] = "00";
    }
    if ($_POST['MinOffSet'] < 0) {
        $_POST['MinOffSet'] = "00";
    }
    $YourOffSet = $_POST['YourOffSet'] . ":" . $_POST['MinOffSet'];
    $AdminDST = $_POST['DST'];
    $MyDay = GMTimeGet("d", $YourOffSet, 0, $AdminDST);
    $MyMonth = GMTimeGet("m", $YourOffSet, 0, $AdminDST);
    $MyYear = GMTimeGet("Y", $YourOffSet, 0, $AdminDST);
    $MyYear10 = $MyYear + 10;