$timezone = $_POST['adminTimeZone']; } $adminOptions['adminTimeZone'] = $timezone; $adminOptions['scriptLogo'] = urlencode($adminOptions['scriptLogo']); $adminOptions['scriptFooter'] = urlencode($adminOptions['scriptFooter']); saveAdminOptions(); setcookie("FBMPGPLang", $adminOptions['lang'], time() + 86400 * 365); header("Location: ./?notify=" . $lang['Settings Saved']); exit; } elseif (isset($_POST['appID']) && isset($_POST['appSecret'])) { if ($db = new PDO('sqlite:' . $dbName . '-settings.db')) { $statement = $db->prepare("UPDATE Settings SET appid = \"" . $_POST['appID'] . "\", secret = \"" . $_POST['appSecret'] . "\" WHERE admin <> 0"); if ($statement) { $statement->execute(); } else { showHTML("Application changing failed while executing database statement."); } if ($db = new PDO('sqlite:' . $dbName . '-users.db')) { $statement = $db->prepare("UPDATE FB SET usertoken = \"\" WHERE username <> 0"); if ($statement) { $statement->execute(); } } $adminOptions["admintoken"] = ""; saveAdminOptions(); header("Location: ./"); exit; } } $app = json_decode(readURL('https://graph.facebook.com/v2.3/' . $config['appId'] . '?access_token=' . $config['appId'] . '|' . $config['secret'])); $output = "<div id='admindiv'><h3>" . $lang['Settings'] . " " . $lang['Information'] . ":</h3>";
if ($hardDemo) { $tempID = $s['userid']; $s['username'] = $s['userid'] = $userOptions['email'] = '[hidden in demo]'; if ($s['fullname']) { $s['fullname'] = substr($s['fullname'], 0, 1) . str_repeat('*', strlen($s['fullname']) - 1); } } $userIdentity = $s['userid'] != '' ? $s['userid'] : $s['username']; if (is_numeric($userIdentity) && $s['userid'] == '') { //fix for all numeric usernames from prev. versions $userIdentity .= "#"; } $message .= "<tr><td data-value='" . $s['fullname'] . "'><img "; if ($hardDemo && $tempID) { $message .= "src='?proxyurl=" . urlencode(encrypt("http://graph.facebook.com/v2.3/" . $tempID . "/picture?redirect=1&height=32&type=normal&width=32")) . "'"; } elseif (!$hardDemo && $s['userid'] != "") { $message .= "src='http://graph.facebook.com/v2.3/" . $s['userid'] . "/picture?redirect=1&height=32&type=normal&width=32'"; } $message .= " width=32 height=32 style='vertical-align:middle;'><td><strong><a href='http://www.facebook.com/" . $s['userid'] . "' target=_new>" . $s['fullname'] . "</a></strong>"; $message .= "<td>" . $s['username'] . "</a>"; $message .= "<td><a href='mailto:" . $userOptions['email'] . "'>" . $userOptions['email']; $message .= "<td data-value=" . $userOptions['signupDate'] . ">" . ($userOptions['signupDate'] ? date('d-M-Y G:i', $userOptions['signupDate']) : '-') . ""; $message .= "<td data-value=" . $userOptions['lastActive'] . ">" . ($userOptions['lastActive'] ? date('d-M-Y G:i', $userOptions['lastActive']) : '-') . ""; $message .= "<td data-value='" . ($userOptions['userDisabled'] ? $userOptions['userDisabled'] == 1 ? 'Disabled' : 'Awaiting Approval' : 'Enabled') . "'><img src='img/" . ($userOptions['userDisabled'] ? $userOptions['userDisabled'] == 1 ? 'disabled' : 'awaiting' : 'enabled') . ".png' title='Click to " . ($userOptions['userDisabled'] ? $userOptions['userDisabled'] == 1 ? 'enable (Disable Reason: ' . $userOptions['disableReason'] . ')' : 'approve' : 'disable') . " User' onclick='Accounts(event,\"{$userIdentity}\"," . ($userOptions['userDisabled'] ? '0' : '-1') . ")'>"; $message .= " <img src='img/delete.png' width='16px' title='Delete User' onclick='Accounts(event,\"{$userIdentity}\",1)'>"; } $message .= "</tbody>\n <tfoot><tr><td colspan=7><br /><div class='pagination pagination-centered hide-if-no-paging'></div></tfoot>\n </table></div>"; $message .= "<script type='text/javascript'>\n \$(function () {\n \n \$('.footable').footable();\n \n \$('.footable').footable().bind('footable_filtering', function (e) {\n var selected = \$('.filter-status').find(':selected').text();\n if (selected && selected.length > 0) {\n e.filter += (e.filter && e.filter.length > 0) ? ' ' + selected : selected;\n e.clear = !e.filter;\n }\n });\n \n \$('.filter-status').change(function (e) {\n e.preventDefault();\n \$('table.footable').trigger('footable_filter', {filter: \$('#filter').val()});\n });\n \n });\n </script>"; showHTML($message, $lang['Users List'] . " ({$numr} " . $lang['users'] . ")"); } }
$option .= "|"; } $option .= $key . ":" . $value; } } $statement = $db2->prepare("UPDATE FB SET useroptions=\"{$option}\" WHERE userid=\"{$userId}\""); if ($statement) { $statement->execute(); } else { showHTML("Error x34353054"); } authRedirect(); } else { showHTML("Error while opening users database."); } } else { if (!$adminOptions['enableARA']) { $message = "<div>" . $lang['Congratulations'] . ". " . $lang['Signup success'] . ".<br /><br />\n " . $lang['Manual approval'] . "<br />\n " . $lang['recieve notification'] . "</div>"; } else { $message = '<div>' . $lang['Congratulations'] . '. ' . $lang['almost complete'] . '. ' . $lang['steps remain'] . '<br /><br /> <strong>' . $lang['Step 1'] . ':</strong> ' . $lang['new notification'] . '<br /> <strong>' . $lang['Step 2'] . ':</strong> ' . $lang['click notification'] . '<br /> <strong>' . $lang['Step 3'] . ':</strong> ' . $lang['return here'] . '<br /> <br /><br /> <strong>' . $lang['Note'] . '</strong>: ' . $lang['Note full'] . '<br /></div>'; } showHTML($message, $lang['Welcome'] . " {$userName}"); } } else { //Validity checking }
function saveUserOptions() { global $dbName, $userId, $userOptions, $failImg; $pv = ""; foreach ($userOptions as $pk => $ps) { if ($pv != "") { $pv .= "|"; } $pv .= $pk . ":" . $ps; } if ($db2 = new PDO('sqlite:' . $dbName . '-users.db')) { if (is_numeric($userId)) { $statement = $db2->prepare("UPDATE FB SET useroptions=\"{$pv}\" WHERE userid = \"{$userId}\""); } else { $statement = $db2->prepare("UPDATE FB SET useroptions=\"{$pv}\" WHERE username = \"{$userId}\""); } if ($statement) { $statement->execute(); } else { showHTML("{$failImg} Saving user options failed"); } } else { die("{$failImg} Database open error while saving User Options."); } }
$statement = $db->prepare("CREATE TABLE Logs (date TEXT, user TEXT, type TEXT, target TEXT, targettype TEXT, action TEXT, status TEXT, permalink TEXT, params TEXT)"); if ($statement) { $statement->execute(); } $db = null; } else { showHTML("Error - Unable to create logs database. Exiting..."); } } if (!file_exists($dbName . '-crons.db')) { if ($db = new PDO('sqlite:' . $dbName . '-crons.db')) { $statement = $db->prepare("CREATE TABLE Crons (date TEXT, user TEXT, feed TEXT, params TEXT, status TEXT)"); if ($statement) { $statement->execute(); } $db = null; } else { showHTML("Error - Unable to create CRONS database. Exiting..."); } } if (!file_exists($dbName . '-users.db')) { if ($db = new PDO('sqlite:' . $dbName . '-users.db')) { $statement = $db->prepare("CREATE TABLE FB (userid TEXT, password TEXT, username TEXT COLLATE NOCASE, tokendate TEXT, usertoken TEXT, pagedata TEXT, groupdata TEXT, fullname TEXT, useroptions TEXT)"); if ($statement) { $statement->execute(); } $db = null; } else { showHTML("Error - Unable to create database. Exiting..."); } }
$message .= "link.png\" title='LINK'"; break; } $message .= " width=16 height=16 /> "; $message .= date('d-M-Y G:i', $s['date']); $message .= "<td><strong>" . $s['user'] . "</strong>"; $message .= "<td><a href='http://www.facebook.com/" . $pageId . "' target=_new>" . $pageId . "</a>"; $message .= "<td>" . $postParams; $message .= "<td><img src='img/delete.png' width='16px' title='Delete CRON' onclick='Accounts(event,\"" . $s['status'] . "|" . $s['user'] . "\",1)'>"; } $message .= "</table></div>"; $message .= "<br><center>(" . $lang['Current Server Time'] . ": " . date('d-M-Y G:i') . ")</center><br>"; //Pagination of Results $message .= "<br><div>"; if ($start > 0) { $message .= " | <a href='./?crons&start=0'>" . $lang['First'] . "</a>"; if ($curPage > 2) { $message .= " | <a href='./?crons&start=" . ($start - $numPerPage) . "'>" . $lang['Previous'] . "</a>"; } } $message .= " | <b>" . $lang['Page'] . " {$curPage} of {$numPages}</b>"; if ($start < $numr - $numPerPage) { if ($curPage <= $numPages - 2) { $message .= " | <a href='./?crons&start=" . ($start + $numPerPage) . "'>" . $lang['Next'] . "</a>"; } $message .= " | <a href='./?crons&start=" . ($numPages * $numPerPage - $numPerPage) . "'>" . $lang['Last'] . "</a>"; } $message .= " |</div>"; showHTML($message, $lang['CRON Jobs List'] . " ({$numr})"); } }
} // Is this a logged in user show help/documentation request? if (isset($_GET['usershowhelp'])) { showHelp(); } elseif (isset($_GET['ucp'])) { //User Control Panel request? require_once 'includes/usercp.php'; } elseif (isset($_GET['crons'])) { require_once 'includes/showcrons.php'; } if ($userOptions['userDisabled']) { showHTML($userOptions['disableReason'] . "<br />" . $lang['Manual approval'], $lang['Welcome'] . " {$userName}"); } // Now we have all the data as user is logged into us $pages = explode("\n", urldecode($pageData)); $groups = explode("\n", urldecode($groupData)); $isGroupPost = false; if (isset($_POST['pageid'])) { // This is a post submission. Time to actually post this submission to selected account. require_once 'includes/post.php'; } else { // No pageid means not a post request, just show the fields and forms to fill-up require_once 'includes/mainform.php'; require_once 'includes/class.JavaScriptPacker.php'; $message = sanitizeOutput($message); $packer = new JavaScriptPacker($script, 10, true, false); $script = $packer->pack(); // We encrypt the javascript output to make copying difficult on public sites $message .= $script . '</script> '; showHTML($message, "<img src='http://graph.facebook.com/v2.3/{$userId}/picture?redirect=1&height=64&type=normal&width=64' width=64 height=65 style='vertical-align:middle;'> " . $lang['Welcome'] . " {$fullname}"); }
} } else { showHTML("Users Database Open Error."); } if ($state === "safX") { $message = "Here are your login details for this page<br />\n Your Username: <b>{$userName}</b><br />\n Your Password: <b>{$pass}</b><br /><br />"; if (isset($userOptions['role']) && $userOptions['role'] == "administrators") { if ($db = new PDO('sqlite:' . $dbName . '-settings.db')) { $statement = $db->prepare("SELECT * FROM Settings"); if ($statement) { $statement->execute(); $tempData = $statement->fetchAll(); $message .= "As you are the administrator of the Facebook application, here are Admin Credentials for logging into script as admin, just in case you forogt them.<br />\n Admin: <b>" . $tempData[0]['admin'] . "</b><br /> \n Admin Password: <b>" . decrypt($tempData[0]['adminpass']) . "</b><br />"; } } } $message .= "<p>Please note and keep your passwords safe. You will need it for future login to this page.</p>\n <form method=post action='.'>Click the button to login and continue: <input type=submit value=Login></form>"; showHTML($message, "Welcome to FB Multi Page/Group Poster"); } else { header("Location: ./"); exit; } } else { showHTML("No response on getting long user token failure 007"); } } else { showHTML("No long user token failure 009"); } } else { showHTML("No user token failure 011"); }
$output .= "{$failImg} " . $e->getMessage(); } $output .= "<br /><form name=refresh id=userToken method=get><input type=hidden name=rg value=1><input type=submit title='" . $lang['Refresh Data message'] . "' value='" . $lang['Refresh Data'] . "'></form>"; $output .= "<script> \n \$('#userToken').easyconfirm({\n eventType: 'submit',\n locale: { title: '" . $lang['Important Note'] . "', text: '" . $lang['User Token Note'] . "', button: ['" . $lang['Cancel'] . "','" . $lang['Proceed'] . "']}\n });\n </script>"; $message = $output . "<hr><h4>" . $lang['Change'] . " " . $lang['password'] . ": </h4>\n <form name=userCP method=post action='?ucp'>\n <table><tr><td>" . $lang['Enter'] . " " . $lang['current'] . " " . $lang['password'] . ":<td> <input type=password name=oldP><br />\n <tr><td>" . $lang['Enter'] . " " . $lang['new'] . " " . $lang['password'] . ":<td> <input type=password name=newP><br />\n <tr><td>" . $lang['Repeat'] . " " . $lang['new'] . " " . $lang['password'] . ":<td> <input type=password name=renewP><br />\n <tr><td colspan=2 class='text-center'><input type=submit value='" . $lang['Submit'] . "'></table></form>"; if (isset($_POST['oldP']) && isset($_POST['newP']) && isset($_POST['renewP'])) { if ($_POST['oldP'] != $password) { $message .= "<span class='notice'>" . $lang['Incorrect'] . " " . $lang['password'] . "</span>"; } elseif ($_POST['newP'] != $_POST['renewP']) { $message .= "<span class='notice'>" . $lang['Passwords'] . " " . $lang['do not match'] . "</span>"; } elseif (strlen($_POST['newP']) < 5) { $message .= "<span class='notice'>" . $lang['Password'] . " " . $lang['length'] . "</span>"; } elseif ($hardDemo && $userName == "Multi") { $message .= "<span class='notice'>Password cannot be changed for this user!</span>"; } else { $newP = encrypt($_POST['newP']); if ($db = new PDO('sqlite:' . $dbName . '-users.db')) { $statement = $db->prepare("UPDATE FB SET password = \"{$newP}\" WHERE username = \"{$userName}\""); if ($statement) { $statement->execute(); $message .= "<span class='notice'>" . $lang['Password'] . " " . $lang['Changed'] . " " . $lang['Successfully'] . "</span>"; } else { $message .= "<span class='notice'>" . $lang['Critical Error'] . " " . $lang['while changeing'] . " " . $lang['Password'] . "</span>"; } } else { $message .= "<span class='notice'>Error opening database!</span>"; } } } showHTML($message, $lang['User Control Panel']); }