include 'core/config.php'; include 'core/core.php'; $db->query('start transaction'); if (isset($_SESSION[$shortTitle . 'User']['level']) && $_SESSION[$shortTitle . 'User']['level'] >= 3) { if (isset($_GET['action'], $_POST['password'])) { foreach ($_POST as $key => $value) { if ($key == 'maxIdleTime') { $_POST[$key] = misc::clean($value, 'numeric'); } else { $_POST[$key] = misc::clean($value); } } switch ($_GET['action']) { case 'vars': if ($_SESSION[$shortTitle . 'User']['password'] == sha1($_POST['password'])) { $message = $ui[flags::set($_POST['name'], $_POST['value'])]; } else { $message = $ui['wrongPassword']; } break; case 'bans': $user = new user(); $status = $user->get('name', $_POST['name']); if ($_SESSION[$shortTitle . 'User']['password'] == sha1($_POST['password'])) { if ($status == 'done') { if ($_POST['level'] > -1) { $user->data['level'] = $_POST['level']; $message = $ui[$user->set()]; } else { $message = $ui[user::remove($user->data['id'])]; }