function safesql($StrFiltKey, $StrFiltValue, $type)
{
$getfilter = "\\<.+javascript:window\\[.{1}\\\\x|<.*=(&#\\d+?;?)+?>|<.*(data|src)=data:text\\/html.*>|\\b(alert\\(|confirm\\(|expression\\(|prompt\\(|benchmark\\s*?\\(\\d+?|sleep\\s*?\\(.*\\)|load_file\\s*?\\()|<[a-z]+?\\b[^>]*?\\bon([a-z]{4,})\\s*?=|^\\+\\/v(8|9)|\\b(and|or)\\b\\s*?([\\(\\)'\"\\d]+?=[\\(\\)'\"\\d]+?|[\\(\\)'\"a-zA-Z]+?=[\\(\\)'\"a-zA-Z]+?|>|<|\\s+?[\\w]+?\\s+?\\bin\\b\\s*?\\(|\\blike\\b\\s+?[\"'])|\\/\\*.+?\\*\\/|\\/\\*\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT(\\(.+\\)|\\s+?.+?)|UPDATE(\\(.+\\)|\\s+?.+?)SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE)(\\(.+\\)|\\s+?.+?\\s+?)FROM(\\(.+\\)|\\s+?.+?)|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
$postfilter = "<.*=(&#\\d+?;?)+?>|<.*data=data:text\\/html.*>|\\b(alert\\(|confirm\\(|expression\\(|prompt\\(|benchmark\\s*?\\(\\d+?|sleep\\s*?\\(.*\\)|load_file\\s*?\\()|<[^>]*?\\b(onerror|onmousemove|onload|onclick|onmouseover)\\b|\\b(and|or)\\b\\s*?([\\(\\)'\"\\d]+?=[\\(\\)'\"\\d]+?|[\\(\\)'\"a-zA-Z]+?=[\\(\\)'\"a-zA-Z]+?|>|<|\\s+?[\\w]+?\\s+?\\bin\\b\\s*?\\(|\\blike\\b\\s+?[\"'])|\\/\\*.+?\\*\\/|\\/\\*\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT(\\(.+\\)|\\s+?.+?)|UPDATE(\\(.+\\)|\\s+?.+?)SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE)(\\(.+\\)|\\s+?.+?\\s+?)FROM(\\(.+\\)|\\s+?.+?)|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
$cookiefilter = "benchmark\\s*?\\(\\d+?|sleep\\s*?\\(.*\\)|load_file\\s*?\\(|\\b(and|or)\\b\\s*?([\\(\\)'\"\\d]+?=[\\(\\)'\"\\d]+?|[\\(\\)'\"a-zA-Z]+?=[\\(\\)'\"a-zA-Z]+?|>|<|\\s+?[\\w]+?\\s+?\\bin\\b\\s*?\\(|\\blike\\b\\s+?[\"'])|\\/\\*.+?\\*\\/|\\/\\*\\*\\/|<\\s*script\\b|\\bEXEC\\b|UNION.+?SELECT(\\(.+\\)|\\s+?.+?)|UPDATE(\\(.+\\)|\\s+?.+?)SET|INSERT\\s+INTO.+?VALUES|(SELECT|DELETE)(\\(.+\\)|\\s+?.+?\\s+?)FROM(\\(.+\\)|\\s+?.+?)|(CREATE|ALTER|DROP|TRUNCATE)\\s+(TABLE|DATABASE)";
if ($type == "GET") {
$ArrFiltReq = $getfilter;
} elseif ($type == "POST") {
$ArrFiltReq = $postfilter;
} elseif ($type == "COOKIE") {
$ArrFiltReq = $cookiefilter;
}
if (is_array($StrFiltValue)) {
foreach ($StrFiltValue as $key => $value) {
safesql($key, $value, $type);
}
} else {
if (preg_match("/" . $ArrFiltReq . "/is", $StrFiltValue) == 1) {
exit(safe_pape());
}
}
if (preg_match("/" . $ArrFiltReq . "/is", $StrFiltKey) == 1) {
exit(safe_pape());
}
}
function get_end_pos($catid, $parent = 0)
{
global $data;
$catid = safesql($catid, "int");
$pos = 1;
do {
if ($parent == 0) {
$temp = $data->select_query("menu_items", "WHERE cat = {$catid} AND pos = '{$pos}'");
} else {
$temp = $data->select_query("menu_items", "WHERE cat = {$catid} AND pos = '{$pos}' AND parent={$parent}");
}
if ($data->num_rows($temp) != 0) {
$pos++;
}
} while ($data->num_rows($temp) != 0);
return $pos;
}
function getSqlList($type, $field, $userid)
{
global $data;
if ($userid == "") {
$owned = $data->select_fetch_all_rows($number, "owners", "WHERE item_type='{$type}'");
$ownedSql = '';
if ($number > 0) {
for ($i = 0; $i < $number; $i++) {
$ownedSql .= "{$field} != " . safesql($owned[$i]['item_id'], "int");
if ($i != $number - 1) {
$ownedSql .= " AND ";
}
}
} else {
$ownedSql = "{$field} >= 0";
}
} else {
$ownedSql = owner_items_sql_list($field, $type, true, $userid);
}
return $ownedSql;
}
} else {
include "admin/admin_main.php";
$tpl->assign('file', $filetouse);
}
$tpl->assign("mainpage", $page);
$tpl->assign("pagename", $pagename);
$tpl->assign("ex", $ex);
$tpl->assign("error", $error);
$tpl->assign('menufile', $menufile);
$tpl->assign('message', $message);
$tpl->assign('show', $show);
$tpl->assign('userlevel', $check['level']);
$tpl->assign('notsecond', $notsecond);
$tpl->assign("timeoffset", getuseroffset($check['uname']));
//Check for user message
$uid = safesql($check['uid'], "text");
$messages = $data->select_fetch_one_row("messages", "WHERE uid={$uid} AND type = 3");
$data->delete_query("messages", "uid={$uid} AND type = 3");
if ($messages) {
$tpl->assign("infomessage", $messages['message'] . ($messages['type'] == 3 ? " (Click on the message to hide)" : ""));
if ($messages['post'] != NULL) {
$post = unserialize($messages['post']);
$tpl->assign("repost", $post);
}
if ($messages['type'] == 1) {
$tpl->assign("nohide", true);
}
}
/********************************************End Content Generation*****************************************/
//Compile page
if ($config['softdebug'] == 1) {
$newtopic = $data->fetch_array($sql);
$data->update_query("forums", "lasttopic='{$newtopic['id']}', lastpost='{$newtopic['lastpost']}', lastdate={$newtopic['lastdate']}", "id={$topic['forum']}", "", "", false);
echo "<script>window.location='index.php?page=forums&action=topic&t={$tid}&menuid={$menuid}';</script>";
exit;
}
}
$pagenum = 7;
$tpl->assign("tid", $tid);
} else {
echo "<script>alert('You don\\'t have the required permisions to delete a post''); window.location='index.php?page=forums&action=topic&t={$tid}';</script>";
exit;
}
break;
case "stopwatching":
$tid = safesql($_GET['tid'], "int");
$user = safesql($_GET['u'], "int");
$data->update_query("forumstopicwatch", "notify=0", "uid = {$user} AND topic_id={$tid}", "", "", false);
show_message("You are no longer watching the topic");
include "forums/view_forum.php";
break;
case "allread":
$sql = $data->delete_query("forumnew", "uid={$check['id']}");
include "forums/view_forum.php";
break;
case "forumread":
$sql = $data->delete_query("forumnew", "uid={$check['id']} AND forum={$f}");
default:
include "forums/view_forum.php";
}
$tpl->assign("username", $check['uname']);
$tpl->assign("userauths", $userauths);
//display all photos
$photo = array();
while ($temp = $data->fetch_array($photosql)) {
$temp['caption'] = censor($temp['caption']);
$photo[] = $temp;
}
}
if (!$inarticle) {
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
$tpl->assign('editFormAction', $editFormAction);
$id = safesql($albumid, "int");
if (isset($_POST['submit']) && $_POST['submit'] == "Post Comment") {
$comment = safesql(strip_tags($_POST['comment']), "text");
if ($config['confirmcomment'] == 1) {
$allowed = 0;
} else {
$allowed = 1;
}
$timestamp = time();
$data->insert_query("comments", "'', {$id}, '{$check['id']}', 1, {$timestamp}, {$comment}, {$allowed}", "", "", false);
if (confirm('comment')) {
$page = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$page .= "?" . $_SERVER['QUERY_STRING'];
}
$comment = $data->select_fetch_one_row("comments", "WHERE uid='{$check['id']}' AND item_id={$id} AND date={$timestamp}");
confirmMail("comment", $comment);
show_message("The comment first needs to be reviewed before it will be visible", $page);
if ($action == "edit_advancements" && pageauth("troop", "edit") == 1) {
$recordsql = $data->select_query("scoutrecord", "WHERE userid={$safe_memberid} AND scheme = {$safe_scheme}");
if ($data->num_rows($recordsql) > 0) {
$record = safesql(serialize($_POST['requirement']), "text");
$comments = safesql(serialize($_POST['comment']), "text");
$data->update_query("scoutrecord", "requirements={$record}, comment={$comments}", "userid={$safe_memberid} AND scheme= {$safe_scheme}");
} else {
$record = safesql(serialize($_POST['requirement']), "text");
$comments = safesql(serialize($_POST['comment']), "text");
$data->insert_query("scoutrecord", "'', {$safe_memberid}, {$record}, {$comments}, {$safe_scheme}");
}
show_admin_message("Record Updated", "admin.php?page={$page}&subpage=records&id={$id}&action=view_advancements");
} elseif ($action == "addbadge" && pageauth("troop", "edit") == 1) {
$badgeid = safesql($_POST['bid'], "int");
$comment = safesql($_POST['comment'], "text");
$date = safesql(time(), "int");
$data->insert_query("userbadges", "'', {$safe_memberid}, {$badgeid}, {$comment}, {$date}");
show_admin_message("Badge Added", "admin.php?page={$page}&subpage=records&id={$id}&action=view_badges");
}
}
$schemes = $data->select_fetch_all_rows($numschemes, "awardschemes", "ORDER BY name ASC");
$tpl->assign("schemes", $schemes);
$tpl->assign("numschemes", $numschemes);
if ($action == "view_advancements" || $action == "" || $action == "edit_advancements" && pageauth("troop", "edit") == 1) {
$advansql = $data->select_query("advancements", "WHERE scheme = {$safe_scheme} ORDER BY position ASC");
$numadva = $data->num_rows($advansql);
$advancements = array();
$numitems = 0;
$recordsql = $data->select_fetch_one_row("scoutrecord", "WHERE userid={$safe_memberid} AND scheme = {$safe_scheme}");
$scoutRecord['requirement'] = unserialize($recordsql['requirements']);
$scoutRecord['comment'] = unserialize($recordsql['comment']);
/**
* Авторизация пользователя
* Проверка логина и пароля
*
* @param string логин
* @param string пароль (не хеш)
* @param string тип авторизации (по логину или по email)
* @return int|bool возвращает ID пользователя, в случае успеха и false в случае неудачи.
*/
function user_auth($user_login = '', $user_password = '', $type = 'login')
{
if (!$user_login or !$user_password) {
return false;
}
$user_login = safesql($user_login);
switch ($type) {
default:
$query = $this->db->get_where('users', array('login' => $user_login), 1);
break;
case 'email':
$query = $this->db->get_where('users', array('email' => $user_login), 1);
break;
}
if ($query->num_rows > 0) {
$this->user_data = $query->row_array();
$user_data =& $this->user_data;
// Проверка на разрешенные IP
if ($user_data['is_admin'] && isset($this->config->config['admin_ip'])) {
if (!$this->_check_subnet()) {
return false;
}
}
// Используется blowfish
$password_hash = hash_password($user_password, $this->user_data['password']);
} else {
return false;
}
// Проверка пароля
if ($password_hash == $this->user_data['password']) {
$this->auth_id = (int) $user_data['id'];
$this->auth_login = $user_data['login'];
$this->auth_data = $user_data;
$this->auth_data['balance'] = (int) $this->encrypt->decode($user_data['balance']);
return $this->auth_id;
} else {
return false;
}
}
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
**************************************************************************/
if (!defined('SCOUT_NUKE')) {
die("You have accessed this page illegally, please go use the main menu");
}
if (isset($_GET['f'])) {
$fid = safesql($_GET['f'], "int");
}
if (isset($_GET['t'])) {
$tid = safesql($_GET['t'], "int");
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
$sql = $data->select_query("forums");
$numforums = $data->num_rows($sql);
if (empty($_GET['t'])) {
$sql = $data->select_query("forums", "WHERE id={$fid}");
$forum = $data->fetch_array($sql);
$sql = $data->select_query("forumtopics", "WHERE forum={$fid}");
$numtopics = $data->num_rows($sql);
$topics = array();
while ($topics[] = $data->fetch_array($sql)) {
}
} else {
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
$Submit = $_POST['Submit'];
$id = $_GET['id'];
$action = $_GET['action'];
// Edit content
if ($Submit == "Update" && pageauth("emailedit", "edit") == 1) {
$id = safesql($id, "int");
$subject = safesql($_POST['subject'], "text");
$email = safesql($_POST['email'], "text");
if ($data->update_query("emails", "subject={$subject}, email={$email}", "id={$id}")) {
show_admin_message("Email updated", $pagename);
}
}
// Show specific content
if ($id != "" && pageauth("emailedit", "edit") == 1) {
// Show selected content
$id = safesql($id, "int");
$email = $data->select_fetch_one_row("emails", "WHERE id={$id}");
$tpl->assign("email", $email);
}
// Show all news
$emails = $data->select_fetch_all_rows($numemails, "emails", "ORDER BY name ASC");
$tpl->assign('action', $action);
$tpl->assign('numemails', $numemails);
$tpl->assign('emails', $emails);
$filetouse = "admin_emailedit.tpl";
}
}
$tpl->assign("numalbums", $numalbums);
$tpl->assign("album", $album);
$tpl->assign("numarticles", $numart);
$tpl->assign("article", $articles);
$tpl->assign("numevents", $numevents);
$tpl->assign("event", $events);
$tpl->assign("numdownloads", $numdown);
$tpl->assign("download", $downloads);
$tpl->assign("numnews", $numnews);
$tpl->assign("news", $newsitems);
if ($_POST['submit'] == "Submit") {
if (validate($_POST['validation'])) {
$news = safesql($_POST['story'], "text", false);
$title = safesql($_POST['title'], "text");
$attachment = safesql($_POST['attachment'], "text");
if (confirm('news')) {
$Add = $data->insert_query("newscontent", "NULL, {$title}, {$news}, {$timestamp}, {$attachment}, 0, 0");
$addon = "The news item first needs to be reviewed before it will be available on the site.";
} else {
$Add = $data->insert_query("newscontent", "NULL, {$title}, {$news}, {$timestamp}, {$attachment}, 1, 0");
}
$data->update_query("users", "numnews = numnews + 1", "id='{$check['id']}'");
$article = $data->fetch_array($data->select_query("newscontent", "WHERE title={$title} AND event={$timestamp} ORDER BY id DESC", "id, title, news"));
if (confirm('news')) {
confirmMail("news", $article);
} else {
email('newitem', array("news", $article));
}
$data->insert_query("owners", "'', {$article['id']}, 'newsitem', {$check['id']}, 0, 0, 0");
show_message("Your news item has been added. {$addon}", "index.php?page=mythings&menuid={$menuid}");
$temp['etime'] = strftime("%H:%M", $temp['enddate']);
$calendar .= "\n <div class=\"newsitem\">\n <h3>" . censor($temp['summary']) . "</h3>\n <span class=\"smalltext\"><b>Start Date: </b>{$temp['sdate']} | <b>Start Time: </b>{$temp['stime']}</span><br />\n <span class=\"smalltext\"><b>End Date: </b>{$temp['edate']} | <b>End Time: </b>{$temp['etime']}</span>";
if ($temp['detail'] != NULL) {
$calendar .= "<p>" . censor($temp['detail']) . "</p>";
}
$calendar .= "</div>";
}
}
} else {
$calendar .= "There are no events happening during {$month}.";
}
$calendar .= "<div class=\"smalltext\">You can see a year view by clicking on the <img src=\"{$templateinfo['imagedir']}calendar.png\" border=\"0\" title=\"Year View\" alt=\"Year View\"/> icon <br />You can see a month view by clicking on the <img src=\"{$templateinfo['imagedir']}view_month.png\" title=\"View Month\" alt=\"View Month\" border=\"0\"/> icon <br />You can goto the current date by clicking on the <img src=\"{$templateinfo['imagedir']}today.png\" border=\"0\" title=\"Today\" alt=\"Today\"/> icon</div>";
}
$add = get_auth('addevent') == 1 ? true : false;
$addlink = "index.php?page=addevent&menuid={$menuid}";
$rssuname = safesql(md5($check['uname']), "text");
if ($data->num_rows($data->select_query("rssfeeds", "WHERE itemid=1 AND type=3 AND uname={$rssuname}", "id"))) {
$rss = 1;
} else {
$rss = 0;
}
$tpl->assign("calendar", $calendar);
$tpl->assign("rss", $rss);
$show_detail = false;
}
} else {
$calendar = new vcalendar();
$calsql = $data->select_query("calendar_items", "WHERE allowed = 1 AND trash=0");
while ($temp = $data->fetch_array($calsql)) {
$groups = unserialize($temp['groups']);
if (is_array($groups)) {
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
**************************************************************************/
if (!empty($getmodules)) {
$module['Configuration']['Module Manager'] = "modules";
$moduledetails[$modulenumbers]['name'] = "Module Manager";
$moduledetails[$modulenumbers]['details'] = "Manage CMScout modules";
$moduledetails[$modulenumbers]['access'] = "Allowed to access the module manager";
$moduledetails[$modulenumbers]['add'] = "notused";
$moduledetails[$modulenumbers]['edit'] = "notused";
$moduledetails[$modulenumbers]['delete'] = "notused";
$moduledetails[$modulenumbers]['publish'] = "Allowed to deactivate and reactivate modules";
$moduledetails[$modulenumbers]['limit'] = "notused";
$moduledetails[$modulenumbers]['id'] = "modules";
return;
} else {
$id = safesql($_GET['id'], "int");
if ($_GET['action'] == 'activate' && pageauth("modules", "publish")) {
$sqlq = $data->update_query("functions", "active = 1", "id={$id}");
header("Location: {$pagename}");
} elseif ($_GET['action'] == 'deactivate' && pageauth("modules", "publish")) {
$sqlq = $data->update_query("functions", "active = 0", "id={$id}");
header("Location: {$pagename}");
}
$modules = $data->select_fetch_all_rows($nummodule, "functions", "WHERE type != 3 ORDER BY name ASC", "id, name, type, active");
$tpl->assign("modules", $modules);
$tpl->assign("nummodule", $nummodule);
$filetouse = "admin_modules.tpl";
}
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
$tpl->assign('editFormAction', $editFormAction);
if (isset($_POST["submit"])) {
if (validate($_POST['validation'])) {
$album_name = strip_tags($_POST['album_name']);
$patrol = $_POST['patrol'];
$insertSQL = sprintf("NULL, %s, %s", safesql($album_name, "text"), safesql($patrol, "int"));
if (confirm('album')) {
$message = "Your album has been added, but first needs to be reviewed by an administrator.";
$insertSQL .= ", 0";
} else {
$message = "Your album has been added.";
$insertSQL .= ", 1";
}
$album_name = safesql($album_name, "text");
if ($data->insert_query("album_track", $insertSQL . ", 0")) {
$album = $data->select_fetch_one_row("album_track", "WHERE album_name={$album_name} ORDER BY ID DESC");
$data->update_query("users", "numalbums = numalbums + 1", "uname='{$check['uname']}'");
$data->insert_query("owners", "'', {$album['ID']}, 'album', {$check['id']}, 0, 0, 0");
if (confirm('album')) {
confirmMail("album", $album);
} else {
email('newitem', array("album", $album));
}
show_message("Your photo album has been created. {$extra}", "index.php?page=mythings&cat=album&action=edit&id={$album['ID']}&menuid={$menuid}");
} else {
show_message("There was an error adding your photo album. If this error persists please contact the site administrator.", "index.php?page=addphotoalbum", true);
}
} else {
show_message("There where some errors with some fields, please check them again and resubmit.", "index.php?page=addphotoalbum&menuid={$menuid}", true);
$poll['pollq'] = $_POST['question'];
if ($poll['pollq'] != "") {
$poll['pollq'] = safesql($poll['pollq'], "text");
$poll['stopdate'] = $poll['stopdate'] != "" ? safesql(strtotime($poll['stopdate']), "int") : 0;
if (confirm('poll')) {
$message = "Your poll has been added, but first needs to be reviewed by an administrator.";
$allow = 0;
} else {
$message = "Your poll has been added.";
$allow = 1;
}
$results = array();
for ($i = 0; $i < count($_POST['option']); $i++) {
$results[str_replace(' ', '', $_POST['option'][$i])] = 0;
}
$results = safesql(serialize($results), "text");
$sql = $data->insert_query("polls", "NULL, {$poll['pollq']}, {$timestamp}, {$poll['stopdate']}, {$options}, {$results}, {$allow}, 0");
if ($sql) {
$polling = $data->select_fetch_one_row("polls", "WHERE question = {$poll['pollq']} AND date_start={$timestamp} ORDER BY id DESC", "id");
if ($data->insert_query("owners", "'', {$polling['id']}, 'pollitems', {$check['id']}, 0, 0, 0")) {
if (confirm('poll')) {
confirmMail("poll", $polling);
} else {
email('newitem', array("poll", $polling));
}
show_message($message, "index.php?page=mythings&menuid={$menuid}");
} else {
show_message("There was an error adding your poll. If this error persists please contact the site administrator.", "index.php?page=addpoll&menuid={$menuid}", true);
}
}
}
$options = array();
$options[0] = $_POST['numoptions'];
for ($i = 1; $i <= $_POST['numoptions']; $i++) {
$temp = $_POST['option' . $i];
if ($temp != '') {
$options[] = $temp;
} else {
--$options[0];
}
}
break;
case 6:
$options = "''";
}
$pos = get_end_pos();
$options = safesql(serialize($options), "text");
if ($action == "new") {
$data->insert_query("profilefields", "'', {$name}, {$query}, {$options}, {$hint}, {$type}, {$required}, {$register}, {$profileview}, {$pos}, 0, 0");
show_admin_message("Field Added", $pagename);
} elseif ($action == "edit") {
$data->update_query("profilefields", "query={$query}, options={$options}, hint={$hint}, type={$type}, required={$required}, register={$register}, profileview={$profileview}", "id={$id}");
show_admin_message("Field Updated", $pagename);
}
}
if ($action == "") {
$sql = $data->select_query("profilefields", "WHERE place=0 ORDER BY pos ASC");
$numfields = $data->num_rows($sql);
$field = array();
while ($field[] = $data->fetch_array($sql)) {
$tpl->assign("numfields", $numfields);
}
$parentforum = $data->fetch_array($sql);
$tpl->assign("issubforum", 1);
$tpl->assign("parentforum", $parentforum);
}
$tpl->assign("forum", $forum);
$tpl->assign("new", $new);
} elseif (!$new && $edit && $userauths['edit']) {
if ($_POST['submit'] == "Submit") {
$subject = safesql($_POST['subject'], "text");
$post = safesql($_POST['story'], "text", false);
$type = safesql($_POST['type'], "text");
$sql = $data->select_query("forumposts", "WHERE id={$pid}");
$posts = $data->fetch_array($sql);
$sql = $data->select_query("forumposts", "WHERE topic={$posts['topic']} ORDER BY dateposted ASC");
$first = $data->fetch_array($sql);
$attach = safesql($_POST['attach'], "text");
if ($first['dateposted'] == $posts['dateposted']) {
$firstpost = 1;
} else {
$firstpost = 0;
}
if ($firstpost == 1) {
$data->update_query("forumtopics", "type={$type}", "id={$posts['topic']}");
}
$sql = $data->update_query("forumposts", "subject = {$subject}, posttext = {$post}, edittime={$timestamp}, edituser='******'id']}', attachment={$attach}", "id={$pid}", "", "", false);
if ($sql) {
$sql = $data->select_query("forumposts", "WHERE id={$pid}");
$post = $data->fetch_array($sql);
show_message("Thank you for your edit", "index.php?page=forums&action=topic&t={$post['topic']}&menuid={$menuid}");
}
} elseif ($_POST['preview'] == "Preview Post") {
$gid = safesql($_POST['gid'], "int");
$utype = safesql($_POST['utype'], "int");
$sql = $data->select_query("usergroups", "WHERE userid={$uid} AND groupid={$gid}");
if ($data->num_rows($sql) == 0 && $gid != 0) {
$data->insert_query("usergroups", "{$gid}, {$uid}, {$utype}");
}
} elseif ($action == "moveup") {
$uid = safesql($_GET['uid'], "int");
$userGroups = $data->select_fetch_one_row("usergroups", "WHERE userid={$uid} AND groupid={$gid}");
$userGroups['utype'] = $userGroups['utype'] + 1;
if ($userGroups['type'] <= 2) {
$data->update_query("usergroups", "utype={$userGroups['utype']}", "userid = {$uid} AND groupid={$gid}");
}
show_admin_message("User type changed", str_replace('&', '&', $pagename) . "&uid={$uid}");
} elseif ($action == "movedown") {
$uid = safesql($_GET['uid'], "int");
$userGroups = $data->select_fetch_one_row("usergroups", "WHERE userid={$uid} AND groupid={$gid}");
$userGroups['utype'] = $userGroups['utype'] - 1;
if ($userGroups['type'] >= 0) {
$data->update_query("usergroups", "utype={$userGroups['utype']}", "userid = {$uid} AND groupid={$gid}");
}
show_admin_message("User type changed", str_replace('&', '&', $pagename) . "&uid={$uid}");
}
$sql = $data->select_query("users", "WHERE id={$uid}");
$userinfo = $data->fetch_array($sql);
$sql = $data->select_query("usergroups", "WHERE userid={$uid}");
$usergroups = array();
$numusergroups = $data->num_rows($sql);
while ($temp = $data->fetch_array($sql)) {
$sql2 = $data->select_query("groups", "WHERE id={$temp['groupid']}", "id, teamname");
$temp2 = $data->fetch_array($sql2);
if ($status == 1) {
email_user($user['id'], "account_actived");
} else {
email_user($user['id'], "account_deactiv");
}
}
$insertSQL = sprintf("uname=%s, status=%s, timezone=%s, firstname=%s, lastname=%s, email=%s, custom=%s", safesql($username, "text"), safesql($status, "text"), safesql($_POST['zone'], "text"), safesql($firstname, "text"), safesql($lastname, "text"), safesql($email, "text"), safesql($custom, "text"));
if ($password) {
$insertSQL .= ", passwd=" . safesql(md5($password), "text");
}
$Result1 = $data->update_query("users", $insertSQL, "id={$id}");
if ($Result1) {
show_admin_message("User details updated", "admin.php?page=users");
}
} else {
$insertSQL = sprintf("firstname=%s, lastname=%s, email=%s, custom=%", safesql($firstname, "text"), safesql($lastname, "text"), safesql($email, "text"), safesql($custom, "text"));
$Result1 = $data->update_query("users", $insertSQL, "id={$id}");
if ($Result1) {
show_admin_message("User details updated", "admin.php?page=users");
}
}
}
if ($action == "Edit") {
$user_query = $data->select_query("users", "WHERE id={$safe_id}");
$users = $data->fetch_array($user_query);
$action = 'Edit';
}
$sql = $data->select_query("timezones", "ORDER BY offset ASC");
$zone = array();
$numzones = $data->num_rows($sql);
while ($zone[] = $data->fetch_array($sql)) {
}
}
show_admin_message("Photo updated", "{$pagename}&action=view&id={$id}");
}
} elseif ($action == "new") {
if (pageauth("photo", "limit") == 1) {
$groupsqllist = group_sql_list_id("id", "OR", true);
$teams = $data->select_fetch_all_rows($numteams, "groups", "WHERE ({$groupsqllist}) AND ispublic=1");
} else {
$teams = $data->select_fetch_all_rows($numteams, "groups", "WHERE ispublic=1");
}
$tpl->assign('teams', $teams);
$tpl->assign('numteams', $numteams);
if ($_POST['submit'] == "Add Album") {
$group = safesql($_POST['patrol'], "int");
$name = safesql($_POST['album_name'], "text");
$data->insert_query("album_track", "'', {$name}, {$group}, 1, 0");
show_admin_message("Album added", "{$pagename}");
}
} elseif ($action == "") {
if (pageauth("photo", "limit")) {
$patrollist = group_sql_list_id("patrol", "OR");
$result = $data->select_query("album_track", "WHERE ({$patrollist}) AND trash=0 ORDER BY album_name ASC");
} else {
$result = $data->select_query("album_track", "WHERE trash=0 ORDER BY album_name ASC");
}
$albums = array();
while ($temp = $data->fetch_array($result)) {
if ($temp['patrol'] > 0) {
$temp2 = $data->select_fetch_one_row("groups", "WHERE id={$temp['patrol']}", "teamname");
$temp['patrol'] = $temp2['teamname'];
$tpl->assign("numpatrols", $numpatrols);
$tpl->assign("patrols", $patrols);
$tpl->assign("numsubsites", $numsubsites);
$tpl->assign("subsites", $subsites);
if ($Submit == "Move") {
$moveto = $_POST['place'];
if ($moveto == '0') {
$pid = 0;
$type = 0;
} else {
$moveto = explode("_", $moveto);
if ($moveto[0] == "group") {
$pid = safesql($moveto[1], "int");
$type = 1;
} elseif ($moveto[0] == "site") {
$pid = safesql($moveto[1], "int");
$type = 2;
}
}
$data->update_query("static_content", "type={$type}, frontpage=0, pid={$pid}", "id={$safe_id}");
show_admin_message("Content moved", "admin.php?page=patrol&subpage=patrolcontent&pid={$patrolid}");
}
}
$result = $data->select_query("static_content", "WHERE type=1 AND pid={$safe_patrolid} ORDER BY friendly ASC");
$content = array();
$content[] = $data->fetch_array($result);
$numcontent = $data->num_rows($result);
while ($content[] = $data->fetch_array($result)) {
}
$tpl->assign("item", $item);
$tpl->assign("patrolname", $patrolname);
$okusers = array();
$notokusers = array();
for ($i = 0; $i < count($tousers); $i++) {
$message = "";
$to = safesql(trim($tousers[$i]), "text");
$sql = $data->select_query("users", "WHERE uname = {$to}", "id");
$userinfo = $data->fetch_array($sql);
if ($data->num_rows($sql) > 0 && $tousers[$i] != $check['uname']) {
if ($sql) {
$okusers[] = $userinfo['id'];
}
}
}
if (count($okusers) > 0) {
$userlist = implode(', ', $okusers);
$to = safesql($userlist, "text");
$sql = $data->select_query("pms", "WHERE type=4 AND fromuser={$check['id']} ORDER BY date ASC", "id");
if ($data->num_rows($sql) >= $config['numpm']) {
$temp = $data->fetch_array($sql);
$data->delete_query("pms", "id={$temp['id']}");
}
$sql = $data->insert_query("pms", "NULL, {$subject}, {$pm}, {$timestamp}, 4, 1, 0, {$check['id']}, {$to}", "", "", false);
$message .= "Your message has been saved in your drafts folder. ";
}
show_message($message, "index.php?page=pmmain&action=drafts&menuid={$menuid}");
}
$tpl->assign("isedit", "simp");
$location = "User Control Panel >> New Message";
$tpl->assign("pm", $inboxpm);
$tpl->assign("numpm", $numpm);
$tpl->assign("onpage", "New Personal Message");
**************************************************************************/
if (!defined('SCOUT_NUKE')) {
die("You have accessed this page illegally, please go use the main menu");
}
if (isset($_GET['action'])) {
$action = $_GET['action'];
}
$pagenum = 1;
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
$editit = false;
$reply = false;
$sendit = false;
$userid = safesql($check['id'], "int");
if ($_POST['delete'] == "Delete Selected Messages") {
$username = $check['uname'];
$page = $_POST['oldpage'];
switch ($page) {
case "Inbox":
$type = 1;
break;
case "Drafts":
$type = 4;
break;
case "Sentbox":
$type = 2;
break;
case "Savebox":
$type = 3;
$new[$config_name] = $default_config[$config_name];
$errorconfig = '';
if ($allowed_array[$config_name] && isset($_POST[$config_name])) {
if ($config_name == "siteaddress" && $config['siteaddress'] != $newvalue) {
$new = urlencode($_POST[$config_name]);
$old = urlencode($config['siteaddress']);
@file("http://www.cmscout.co.za/newaddress.php?address={$old}&new={$new}");
}
$newvalue = safesql($_POST[$config_name], "text", false);
echo $newvalue . '<br>';
$sql = $data->update_query("config", "value = {$newvalue}", "name = '{$config_name}'", "", "", false);
}
}
$config_name = 'exclusion';
$_POST[$config_name] = serialize(is_array($_POST[$config_name]) ? $_POST[$config_name] : '');
$newvalue = safesql($_POST[$config_name], "text", false);
$sql = $data->update_query("config", "value = {$newvalue}", "name = '{$config_name}'", "", "", false);
show_admin_message("Configuration Updated", "admin.php?page=config");
}
$theme_q = $data->select_query("themes", "ORDER BY name ASC");
$theme = array();
$numthemes = $data->num_rows($theme_q);
while ($theme[] = $data->fetch_array($theme_q)) {
}
$sql = $data->select_query("timezones", "ORDER BY offset ASC");
$zone = array();
$numzones = $data->num_rows($sql);
while ($zone[] = $data->fetch_array($sql)) {
}
$sql = $data->select_query("groups", "ORDER BY teamname ASC", "id, teamname");
$group = array();
if ($detail['id'] == -1 && $detail['status'] == 1) {
if ($redirectpage != "" && $redirectpage != "page=logon" && $_GET['redirect'] != "administration_panel") {
show_message("Incorrect username or password", 'index.php?page=' . $redirectpage, false, $detail['uid']);
} else {
show_message("Incorrect username or password", false, false, $detail['uid']);
}
} elseif ($detail['id'] == -1 && $detail['status'] == 0) {
$uname = safesql($uname, "text");
$temp = $data->select_fetch_one_row("users", "WHERE uname = {$uname}", "id");
if ($redirectpage != "" && $redirectpage != "page=logon" && $_GET['redirect'] != "administration_panel") {
show_message("<a href=\"activate.php?id={$temp['id']}\">Your account has not been activated yet. Click here to resend the activation email.</a>", 'index.php?page=' . $redirectpage, false, $detail['uid'], 1);
} else {
show_message("<a href=\"activate.php?id={$temp['id']}\">Your account has not been activated yet. Click here to resend the activation email.</a>", false, false, $detail['uid'], 1);
}
} elseif ($detail['id'] == -1 && $detail['status'] == -1) {
$uname = safesql($uname, "text");
$temp = $data->select_fetch_one_row("users", "WHERE uname = {$uname}", "id");
if ($redirectpage != "" && $redirectpage != "page=logon" && $_GET['redirect'] != "administration_panel") {
show_message("Your account has been blocked. Please contact the administrator to unblock it.", 'index.php?page=' . $redirectpage, false, $detail['uid']);
} else {
show_message("Your account has been blocked. Please contact the administrator to unblock it.", false, false, $detail['uid']);
}
} else {
if ($redirectpage != "" && $_GET['redirect'] != "register" && $_GET['redirect'] != "forgot" && $redirectpage != "page=logon" && $_GET['redirect'] != "administration_panel") {
header("Location: index.php?page={$redirectpage}");
} elseif ($_GET['redirect'] == "administration_panel") {
header("Location: admin.php");
} else {
header("Location: index.php");
}
}
$moduledetails[$modulenumbers]['limit'] = "notused";
$moduledetails[$modulenumbers]['id'] = "sections";
return;
} else {
$id = safesql($_GET['id'], "int");
$Submit = $_POST['Submit'];
$action = $_GET['action'];
if ($Submit == 'Submit') {
if ($action == "new" && pageauth("sections", "add")) {
$name = safesql($_POST['name'], "text");
$sql = $data->insert_query("sections", "NULL, {$name}");
if ($sql) {
show_admin_message("Section added", $pagename);
}
} elseif ($action == "edit" && pageauth("sections", "edit")) {
$name = safesql($_POST['name'], "text");
$sql = $data->update_query("sections", "name = {$name}", "id = {$id}");
if ($sql) {
show_admin_message("Section updated", $pagename);
}
}
}
if ($action == "edit" && pageauth("sections", "edit")) {
$result = $data->select_query("sections", "WHERE id = '{$id}'");
$section = $data->fetch_array($result);
$tpl->assign("section", $section);
} elseif ($action == "delete" && pageauth("sections", "delete")) {
$sql = $data->delete_query("sections", "id = '{$id}'");
if ($sql) {
show_admin_message("Section deleted", $pagename);
}
$custom[$temp['name']] = $temp2;
} else {
$custom[$temp['name']] = $_POST[$temp['name']];
}
}
$custom = safesql(serialize($custom), "text");
$insertSQL = "'', '', {$username}, {$password}, {$status}, {$timestamp}, 0, 0, 0, 0, {$zone}, 0, {$firstname}, {$lastname}, {$email}, '', '', 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, {$custom}";
if ($data->insert_query("users", $insertSQL)) {
$uinfo = $data->select_fetch_one_row("users", "WHERE uname={$username}");
$data->insert_query("usergroups", "{$config['defaultgroup']}, {$uinfo['id']}, 0");
if ($_POST['member'] == 1) {
$type = safesql($_POST['type'], "int");
$sex = safesql($_POST['sex'], "int");
$address = safesql('None', "text");
$tel = safesql('None', "text");
$cell = safesql('None', "text");
$data->insert_query("members", "'', {$firstname}, NULL, {$lastname}, '0', {$sex}, {$address}, {$cell}, {$tel}, NULL, {$email}, NULL, NULL, NULL, NULL, NULL, 0, 0, {$type}, {$uinfo['id']}, 0, 0, 0, 0, NULL");
}
show_admin_message("User added", "admin.php?page=users");
}
}
$zone = $data->select_fetch_all_rows($numzones, "timezones", "ORDER BY offset ASC");
$sql = $data->select_query("profilefields", "WHERE place=0 ORDER BY pos ASC");
$fields = array();
$numfields = $data->num_rows($sql);
while ($temp = $data->fetch_array($sql)) {
$temp['options'] = unserialize($temp['options']);
$fields[] = $temp;
}
$tpl->assign('fields', $fields);
$tpl->assign('numfields', $numfields);
function addguest($status)
{
global $data;
$botlist = array("Teoma", "alexa", "froogle", "inktomi", "looksmart", "URL_Spider_SQL", "Firefly", "NationalDirectory", "Ask Jeeves", "TECNOSEEK", "InfoSeek", "WebFindBot", "girafabot", "crawler", "www.galaxy.com", "Googlebot", "Scooter", "Slurp", "appie", "FAST", "WebBug", "Spade", "ZyBorg", "rabaz", "msnbot");
$botdetect = 0;
foreach ($botlist as $bot) {
if (ereg($bot, $_SERVER['HTTP_USER_AGENT'])) {
if ($bot == "Googlebot") {
if (substr($REMOTE_HOST, 0, 11) == "216.239.46.") {
$bot = "Googlebot Deep Crawl";
} elseif (substr($REMOTE_HOST, 0, 7) == "64.68.8") {
$bot = "Google Freshbot";
}
} elseif ($bot == "Slurp") {
$bot = "Yahoo! Slurp";
} elseif ($bot == "msnbot") {
$bot = "MSNBot";
}
$botdetect = 1;
break;
}
}
$username = !$botdetect ? "Guest" : $bot;
$nuid = $this->set_cookie($username);
$ntime = time();
$username = safesql($username, "text");
$ip = safesql($_SERVER['REMOTE_ADDR'], "text");
$data->delete_query("onlineusers", "uid='{$nuid}'");
if ($botdetect == 1) {
$data->delete_query("onlineusers", "uname='{$bot}'");
}
if (!$data->num_rows($data->select_query("onlineusers", "WHERE uid='{$nuid}'"))) {
$data->insert_query("onlineusers", "'{$nuid}', {$username}, '{$ntime}', '{$ntime}', 1, 0, '', 0, {$ip}, 1, {$botdetect}");
}
$check['id'] = -1;
$check['bot'] = $botdetect;
$check['uname'] = !$botdetect ? "Guest" : $bot;
$check['team'] = "Guest";
$check['uid'] = $nuid;
$check['status'] = $status == 1 ? 0 : ($status == -1 ? -1 : 1);
return $check;
}
$teams = array();
$team_query = $data->select_query("groups", "ORDER BY teamname ASC", "id, teamname");
$numteams = $data->num_rows($team_query);
while ($teams[] = $data->fetch_array($team_query)) {
}
$tpl->assign('teams', $teams);
$tpl->assign('numteams', $numteams);
$submit = $_POST["Submit"];
if ($submit == "Submit") {
$title = safesql($_POST['title'], "text");
$sort = safesql($_POST['sort'], "text");
$order = safesql($_POST['order'], "text");
$display = safesql($_POST['display'], "int");
$groupallowed = safesql(serialize($_POST['groups']), "text");
$description = safesql($_POST['description'], "text");
$perpage = safesql($_POST['perpage'], "int");
$sql = $data->insert_query("articletopics", "'', {$title}, {$description}, {$sort}, {$order}, {$groupallowed}, {$display}, {$perpage}");
if ($sql) {
show_admin_message("Topic added", "{$pagename}&activetab=topics");
}
}
} else {
$action = "";
}
if ($action == "") {
$row = array();
if (pageauth("patrolart", "limit")) {
$patrol = group_sql_list_id("patrol", "OR", true);
$result = $data->select_query("patrol_articles", "WHERE ({$patrol}) AND trash=0 ORDER BY date_post DESC");
} else {
$result = $data->select_query("patrol_articles", "WHERE trash=0 ORDER BY date_post DESC");
$temp['options'] = unserialize($temp['options']);
if ($temp['type'] == 4) {
$temp2 = array();
$temp2[] = 0;
for ($i = 1; $i <= $temp['options'][0]; $i++) {
$temp2[] = $_POST[$temp['name'] . $i] ? 1 : 0;
}
$custom[$temp['name']] = $temp2;
} else {
$custom[$temp['name']] = $_POST[$temp['name']];
}
}
$custom = safesql(serialize($custom), "text");
$status = $config['accountactivation'] != 0 ? 0 : 1;
$activecode = md5($username . $password . (microtime() + mktime()));
$safe_activecode = $config['accountactivation'] != 0 ? safesql($activecode, "text") : 0;
$insertSQL = "'', '', {$username}, {$password}, {$status}, {$timestamp}, 0, 0, 0, 0, {$zone}, {$safe_activecode}, {$firstname}, {$lastname}, {$email}, '', '', 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, {$custom}";
if ($data->insert_query("users", $insertSQL)) {
$uinfo = $data->select_fetch_one_row("users", "WHERE uname={$username}");
$data->insert_query("usergroups", "{$config['defaultgroup']}, {$uinfo['id']}, 0");
if ($config['accountactivation'] == 0) {
$activateinfo = "You can login right away.";
} elseif ($config['accountactivation'] == 1) {
$activateinfo = "You need to activate your account before you can use it. To activate it goto {$config['siteaddress']}activate.php?id={$uinfo["id"]}&code={$activecode}.";
$link = "{$config['siteaddress']}activate.php?id={$uinfo["id"]}&code={$activecode}";
} elseif ($config['accountactivation'] == 2) {
$activateinfo = "The site administrator needs to activate your account before you can start using it. You will be emailed once the administrator has activated your account.";
}
$uname = $_POST['usernames'];
$password = $_POST['password'];
$emailAddress = $_POST['email'];