$timezone = $_POST['adminTimeZone'];
}
$adminOptions['adminTimeZone'] = $timezone;
$adminOptions['scriptLogo'] = urlencode($adminOptions['scriptLogo']);
$adminOptions['scriptFooter'] = urlencode($adminOptions['scriptFooter']);
saveAdminOptions();
setcookie("FBMPGPLang", $adminOptions['lang'], time() + 86400 * 365);
header("Location: ./?notify=" . $lang['Settings Saved']);
exit;
} elseif (isset($_POST['appID']) && isset($_POST['appSecret'])) {
if ($db = new PDO('sqlite:' . $dbName . '-settings.db')) {
$statement = $db->prepare("UPDATE Settings SET appid = \"" . $_POST['appID'] . "\", secret = \"" . $_POST['appSecret'] . "\" WHERE admin <> 0");
if ($statement) {
$statement->execute();
} else {
showHTML("Application changing failed while executing database statement.");
}
if ($db = new PDO('sqlite:' . $dbName . '-users.db')) {
$statement = $db->prepare("UPDATE FB SET usertoken = \"\" WHERE username <> 0");
if ($statement) {
$statement->execute();
}
}
$adminOptions["admintoken"] = "";
saveAdminOptions();
header("Location: ./");
exit;
}
}
$app = json_decode(readURL('https://graph.facebook.com/v2.3/' . $config['appId'] . '?access_token=' . $config['appId'] . '|' . $config['secret']));
$output = "<div id='admindiv'><h3>" . $lang['Settings'] . " " . $lang['Information'] . ":</h3>";
if ($hardDemo) {
$tempID = $s['userid'];
$s['username'] = $s['userid'] = $userOptions['email'] = '[hidden in demo]';
if ($s['fullname']) {
$s['fullname'] = substr($s['fullname'], 0, 1) . str_repeat('*', strlen($s['fullname']) - 1);
}
}
$userIdentity = $s['userid'] != '' ? $s['userid'] : $s['username'];
if (is_numeric($userIdentity) && $s['userid'] == '') {
//fix for all numeric usernames from prev. versions
$userIdentity .= "#";
}
$message .= "<tr><td data-value='" . $s['fullname'] . "'><img ";
if ($hardDemo && $tempID) {
$message .= "src='?proxyurl=" . urlencode(encrypt("http://graph.facebook.com/v2.3/" . $tempID . "/picture?redirect=1&height=32&type=normal&width=32")) . "'";
} elseif (!$hardDemo && $s['userid'] != "") {
$message .= "src='http://graph.facebook.com/v2.3/" . $s['userid'] . "/picture?redirect=1&height=32&type=normal&width=32'";
}
$message .= " width=32 height=32 style='vertical-align:middle;'><td><strong><a href='http://www.facebook.com/" . $s['userid'] . "' target=_new>" . $s['fullname'] . "</a></strong>";
$message .= "<td>" . $s['username'] . "</a>";
$message .= "<td><a href='mailto:" . $userOptions['email'] . "'>" . $userOptions['email'];
$message .= "<td data-value=" . $userOptions['signupDate'] . ">" . ($userOptions['signupDate'] ? date('d-M-Y G:i', $userOptions['signupDate']) : '-') . "";
$message .= "<td data-value=" . $userOptions['lastActive'] . ">" . ($userOptions['lastActive'] ? date('d-M-Y G:i', $userOptions['lastActive']) : '-') . "";
$message .= "<td data-value='" . ($userOptions['userDisabled'] ? $userOptions['userDisabled'] == 1 ? 'Disabled' : 'Awaiting Approval' : 'Enabled') . "'><img src='img/" . ($userOptions['userDisabled'] ? $userOptions['userDisabled'] == 1 ? 'disabled' : 'awaiting' : 'enabled') . ".png' title='Click to " . ($userOptions['userDisabled'] ? $userOptions['userDisabled'] == 1 ? 'enable (Disable Reason: ' . $userOptions['disableReason'] . ')' : 'approve' : 'disable') . " User' onclick='Accounts(event,\"{$userIdentity}\"," . ($userOptions['userDisabled'] ? '0' : '-1') . ")'>";
$message .= " <img src='img/delete.png' width='16px' title='Delete User' onclick='Accounts(event,\"{$userIdentity}\",1)'>";
}
$message .= "</tbody>\n <tfoot><tr><td colspan=7><br /><div class='pagination pagination-centered hide-if-no-paging'></div></tfoot>\n </table></div>";
$message .= "<script type='text/javascript'>\n \$(function () {\n \n \$('.footable').footable();\n \n \$('.footable').footable().bind('footable_filtering', function (e) {\n var selected = \$('.filter-status').find(':selected').text();\n if (selected && selected.length > 0) {\n e.filter += (e.filter && e.filter.length > 0) ? ' ' + selected : selected;\n e.clear = !e.filter;\n }\n });\n \n \$('.filter-status').change(function (e) {\n e.preventDefault();\n \$('table.footable').trigger('footable_filter', {filter: \$('#filter').val()});\n });\n \n });\n </script>";
showHTML($message, $lang['Users List'] . " ({$numr} " . $lang['users'] . ")");
}
}
$option .= "|";
}
$option .= $key . ":" . $value;
}
}
$statement = $db2->prepare("UPDATE FB SET useroptions=\"{$option}\" WHERE userid=\"{$userId}\"");
if ($statement) {
$statement->execute();
} else {
showHTML("Error x34353054");
}
authRedirect();
} else {
showHTML("Error while opening users database.");
}
} else {
if (!$adminOptions['enableARA']) {
$message = "<div>" . $lang['Congratulations'] . ". " . $lang['Signup success'] . ".<br /><br />\n " . $lang['Manual approval'] . "<br />\n " . $lang['recieve notification'] . "</div>";
} else {
$message = '<div>' . $lang['Congratulations'] . '. ' . $lang['almost complete'] . '. ' . $lang['steps remain'] . '<br /><br />
<strong>' . $lang['Step 1'] . ':</strong> ' . $lang['new notification'] . '<br />
<strong>' . $lang['Step 2'] . ':</strong> ' . $lang['click notification'] . '<br />
<strong>' . $lang['Step 3'] . ':</strong> ' . $lang['return here'] . '<br />
<br /><br />
<strong>' . $lang['Note'] . '</strong>: ' . $lang['Note full'] . '<br /></div>';
}
showHTML($message, $lang['Welcome'] . " {$userName}");
}
} else {
//Validity checking
}
function saveUserOptions()
{
global $dbName, $userId, $userOptions, $failImg;
$pv = "";
foreach ($userOptions as $pk => $ps) {
if ($pv != "") {
$pv .= "|";
}
$pv .= $pk . ":" . $ps;
}
if ($db2 = new PDO('sqlite:' . $dbName . '-users.db')) {
if (is_numeric($userId)) {
$statement = $db2->prepare("UPDATE FB SET useroptions=\"{$pv}\" WHERE userid = \"{$userId}\"");
} else {
$statement = $db2->prepare("UPDATE FB SET useroptions=\"{$pv}\" WHERE username = \"{$userId}\"");
}
if ($statement) {
$statement->execute();
} else {
showHTML("{$failImg} Saving user options failed");
}
} else {
die("{$failImg} Database open error while saving User Options.");
}
}
$statement = $db->prepare("CREATE TABLE Logs (date TEXT, user TEXT, type TEXT, target TEXT, targettype TEXT, action TEXT, status TEXT, permalink TEXT, params TEXT)");
if ($statement) {
$statement->execute();
}
$db = null;
} else {
showHTML("Error - Unable to create logs database. Exiting...");
}
}
if (!file_exists($dbName . '-crons.db')) {
if ($db = new PDO('sqlite:' . $dbName . '-crons.db')) {
$statement = $db->prepare("CREATE TABLE Crons (date TEXT, user TEXT, feed TEXT, params TEXT, status TEXT)");
if ($statement) {
$statement->execute();
}
$db = null;
} else {
showHTML("Error - Unable to create CRONS database. Exiting...");
}
}
if (!file_exists($dbName . '-users.db')) {
if ($db = new PDO('sqlite:' . $dbName . '-users.db')) {
$statement = $db->prepare("CREATE TABLE FB (userid TEXT, password TEXT, username TEXT COLLATE NOCASE, tokendate TEXT, usertoken TEXT, pagedata TEXT, groupdata TEXT, fullname TEXT, useroptions TEXT)");
if ($statement) {
$statement->execute();
}
$db = null;
} else {
showHTML("Error - Unable to create database. Exiting...");
}
}
$message .= "link.png\" title='LINK'";
break;
}
$message .= " width=16 height=16 /> ";
$message .= date('d-M-Y G:i', $s['date']);
$message .= "<td><strong>" . $s['user'] . "</strong>";
$message .= "<td><a href='http://www.facebook.com/" . $pageId . "' target=_new>" . $pageId . "</a>";
$message .= "<td>" . $postParams;
$message .= "<td><img src='img/delete.png' width='16px' title='Delete CRON' onclick='Accounts(event,\"" . $s['status'] . "|" . $s['user'] . "\",1)'>";
}
$message .= "</table></div>";
$message .= "<br><center>(" . $lang['Current Server Time'] . ": " . date('d-M-Y G:i') . ")</center><br>";
//Pagination of Results
$message .= "<br><div>";
if ($start > 0) {
$message .= " | <a href='./?crons&start=0'>" . $lang['First'] . "</a>";
if ($curPage > 2) {
$message .= " | <a href='./?crons&start=" . ($start - $numPerPage) . "'>" . $lang['Previous'] . "</a>";
}
}
$message .= " | <b>" . $lang['Page'] . " {$curPage} of {$numPages}</b>";
if ($start < $numr - $numPerPage) {
if ($curPage <= $numPages - 2) {
$message .= " | <a href='./?crons&start=" . ($start + $numPerPage) . "'>" . $lang['Next'] . "</a>";
}
$message .= " | <a href='./?crons&start=" . ($numPages * $numPerPage - $numPerPage) . "'>" . $lang['Last'] . "</a>";
}
$message .= " |</div>";
showHTML($message, $lang['CRON Jobs List'] . " ({$numr})");
}
}
}
// Is this a logged in user show help/documentation request?
if (isset($_GET['usershowhelp'])) {
showHelp();
} elseif (isset($_GET['ucp'])) {
//User Control Panel request?
require_once 'includes/usercp.php';
} elseif (isset($_GET['crons'])) {
require_once 'includes/showcrons.php';
}
if ($userOptions['userDisabled']) {
showHTML($userOptions['disableReason'] . "<br />" . $lang['Manual approval'], $lang['Welcome'] . " {$userName}");
}
// Now we have all the data as user is logged into us
$pages = explode("\n", urldecode($pageData));
$groups = explode("\n", urldecode($groupData));
$isGroupPost = false;
if (isset($_POST['pageid'])) {
// This is a post submission. Time to actually post this submission to selected account.
require_once 'includes/post.php';
} else {
// No pageid means not a post request, just show the fields and forms to fill-up
require_once 'includes/mainform.php';
require_once 'includes/class.JavaScriptPacker.php';
$message = sanitizeOutput($message);
$packer = new JavaScriptPacker($script, 10, true, false);
$script = $packer->pack();
// We encrypt the javascript output to make copying difficult on public sites
$message .= $script . '</script> ';
showHTML($message, "<img src='http://graph.facebook.com/v2.3/{$userId}/picture?redirect=1&height=64&type=normal&width=64' width=64 height=65 style='vertical-align:middle;'> " . $lang['Welcome'] . " {$fullname}");
}
}
} else {
showHTML("Users Database Open Error.");
}
if ($state === "safX") {
$message = "Here are your login details for this page<br />\n Your Username: <b>{$userName}</b><br />\n Your Password: <b>{$pass}</b><br /><br />";
if (isset($userOptions['role']) && $userOptions['role'] == "administrators") {
if ($db = new PDO('sqlite:' . $dbName . '-settings.db')) {
$statement = $db->prepare("SELECT * FROM Settings");
if ($statement) {
$statement->execute();
$tempData = $statement->fetchAll();
$message .= "As you are the administrator of the Facebook application, here are Admin Credentials for logging into script as admin, just in case you forogt them.<br />\n Admin: <b>" . $tempData[0]['admin'] . "</b><br /> \n Admin Password: <b>" . decrypt($tempData[0]['adminpass']) . "</b><br />";
}
}
}
$message .= "<p>Please note and keep your passwords safe. You will need it for future login to this page.</p>\n <form method=post action='.'>Click the button to login and continue: <input type=submit value=Login></form>";
showHTML($message, "Welcome to FB Multi Page/Group Poster");
} else {
header("Location: ./");
exit;
}
} else {
showHTML("No response on getting long user token failure 007");
}
} else {
showHTML("No long user token failure 009");
}
} else {
showHTML("No user token failure 011");
}
$output .= "{$failImg} " . $e->getMessage();
}
$output .= "<br /><form name=refresh id=userToken method=get><input type=hidden name=rg value=1><input type=submit title='" . $lang['Refresh Data message'] . "' value='" . $lang['Refresh Data'] . "'></form>";
$output .= "<script> \n \$('#userToken').easyconfirm({\n eventType: 'submit',\n locale: { title: '" . $lang['Important Note'] . "', text: '" . $lang['User Token Note'] . "', button: ['" . $lang['Cancel'] . "','" . $lang['Proceed'] . "']}\n });\n </script>";
$message = $output . "<hr><h4>" . $lang['Change'] . " " . $lang['password'] . ": </h4>\n <form name=userCP method=post action='?ucp'>\n <table><tr><td>" . $lang['Enter'] . " " . $lang['current'] . " " . $lang['password'] . ":<td> <input type=password name=oldP><br />\n <tr><td>" . $lang['Enter'] . " " . $lang['new'] . " " . $lang['password'] . ":<td> <input type=password name=newP><br />\n <tr><td>" . $lang['Repeat'] . " " . $lang['new'] . " " . $lang['password'] . ":<td> <input type=password name=renewP><br />\n <tr><td colspan=2 class='text-center'><input type=submit value='" . $lang['Submit'] . "'></table></form>";
if (isset($_POST['oldP']) && isset($_POST['newP']) && isset($_POST['renewP'])) {
if ($_POST['oldP'] != $password) {
$message .= "<span class='notice'>" . $lang['Incorrect'] . " " . $lang['password'] . "</span>";
} elseif ($_POST['newP'] != $_POST['renewP']) {
$message .= "<span class='notice'>" . $lang['Passwords'] . " " . $lang['do not match'] . "</span>";
} elseif (strlen($_POST['newP']) < 5) {
$message .= "<span class='notice'>" . $lang['Password'] . " " . $lang['length'] . "</span>";
} elseif ($hardDemo && $userName == "Multi") {
$message .= "<span class='notice'>Password cannot be changed for this user!</span>";
} else {
$newP = encrypt($_POST['newP']);
if ($db = new PDO('sqlite:' . $dbName . '-users.db')) {
$statement = $db->prepare("UPDATE FB SET password = \"{$newP}\" WHERE username = \"{$userName}\"");
if ($statement) {
$statement->execute();
$message .= "<span class='notice'>" . $lang['Password'] . " " . $lang['Changed'] . " " . $lang['Successfully'] . "</span>";
} else {
$message .= "<span class='notice'>" . $lang['Critical Error'] . " " . $lang['while changeing'] . " " . $lang['Password'] . "</span>";
}
} else {
$message .= "<span class='notice'>Error opening database!</span>";
}
}
}
showHTML($message, $lang['User Control Panel']);
}
