break; case "": case "LoadFromFile": if (!HasRight('Pannel', $action)) { // Check the rights echo "For this you need the scope <b>" . $action . "</b> within <b>Panel</b> rights<br>"; exit(0); } $Message = "Loading content from file " . $sysvol_filename; LogStr("Loading file from base", "AdminPannel"); DisplayPannel(LoadingData("FromFile"), $Message); // call the layout exit(0); break; case "Generate": if (!HasRight('Pannel', $action)) { // Check the rights echo "For this you need the scope <b>" . $action . "</b> within <b>Pannel</b> rights<br>"; exit(0); } $Message = "Generating file " . $sysvol_filename; LogStr($Message, "AdminPannel"); if (!($ff = fopen($sysvol_filename, "w"))) { echo "failed to open ", $sysvol_filename; exit(0); } $ss = "<?php\n"; fwrite($ff, $ss); $ss = "// Generated using Admin Panel at " . date("F j, Y, g:i a"); // echo $ss,"<br>\n"; fwrite($ff, $ss);
function sql_query($ss_sql) { if (isset($_SESSION['sql_query']) && $_SESSION['sql_query'] == "AlreadyIn") { // die ("<br>recursive sql_query<br>".$ss_sql); } $_SESSION['sql_query'] = "AlreadyIn"; $qry = mysql_query($ss_sql . " /* " . $_SERVER["PHP_SELF"] . " */"); if ($qry) { $_SESSION['sql_query'] = ""; return $qry; } $error = mysql_error(); if (HasRight("Debug") or $_SERVER['SERVER_NAME'] == 'localhost') { $_SESSION['sql_query'] = ""; bw_error(debug("<br>query problem with<br><font color=red> {$ss_sql} mysql_error: " . $error . "</font><br>")); } else { error_log(debug("\nquery problem with\n {$ss_sql} mysql_error: " . $error . "\n")); LogStr("Pb with <b>" . $ss_sql . "</b>", "sql_query"); die("query problem " . $_SERVER['REMOTE_ADDR'] . " " . date("F j, Y, g:i a")); } }
function ShowAvailableQueries($TList) { $bgcolor[0] = "#ffffcc"; $bgcolor[1] = "#ffccff"; echo "<p><table>\n"; $max = count($TList); echo "<tr><th colspan=4>you have ", $max, " possible queries</th></tr>\n"; echo "<tr align=left bgcolor=\"#ff9966\"><th>Query</th><th>param1</th><th>param2</th><th>action</th></tr>\n"; for ($ii = 0; $ii < $max; $ii++) { $rr = $TList[$ii]; echo "<form method=\"post\" action=\"adminquery.php\">"; echo "<input type=\"hidden\" name=\"IdQuery\" value=\"" . $rr->id . "\">"; echo "<tr align=left valign=center bgcolor=\"" . $bgcolor[$ii % 2] . "\">"; echo "<td>", $rr->Name, "</td>"; if (!empty($rr->param1)) { echo "<td>"; echo $rr->param1, ":"; echo "<input type=\"texte\" name=\"param1\">"; echo "</td>"; } else { echo "<td bgcolor=gray>"; echo "-<input type=\"hidden\" name=\"param1\">"; echo "</td>"; } if (!empty($rr->param2)) { echo "<td>"; echo $rr->param2, ":"; echo "-<input type=\"texte\" name=\"param2\">"; echo "</td>"; } else { echo "<td bgcolor=gray>"; echo "-<input type=\"hidden\" name=\"param2\">"; echo "</td>"; } echo "<td>"; echo "<input type=\"submit\" name=\"action\" value=\"execute\">"; if (HasRight("Rights", "SqlForVolunteers")) { echo " <input type=\"submit\" name=\"action\" value=\"See Users\">"; } echo "</td>"; echo "</tr>\n"; echo "</form>"; } echo "</table></p>\n"; }
function DisplayAdminComments($TData, $lastaction = "", $page = 0, $itemsperpage = 0, $count = 0, $urlpiece = "") { global $countmatch; global $title; $title = "Admin Comments"; global $AdminCommentsScope; require_once "header.php"; Menu1("", ww('MainPage')); // Displays the top menu Menu2("admincomments.php", ww('MainPage')); // Displays the second menu $MenuAction = ""; $MenuAction .= " <li><a href=\"" . bwlink("admin/admincomments.php") . "\">Negative comments</a></li>\n"; if (HasRight("Comments", "AdminAbuser")) { $MenuAction .= " <li><a href=\"" . bwlink("admin/admincomments.php?action=AdminAbuser") . "\">Abusive comments</a></li>\n"; } $MenuAction .= " <li><a href=\"" . bwlink("admin/admincomments.php?action=All") . "\">All comments</a></li>\n"; DisplayHeaderShortUserContent($title . ": " . $lastaction); ShowLeftColumn($MenuAction, VolMenu()); echo " <div id=\"col3\"> \n"; echo " <div id=\"col3_content\" class=\"clearfix\"> \n"; echo " <div class=\"info clearfix\">\n"; echo " <h2>Your scope:", $AdminCommentsScope, "</h2>\n"; if ($itemsperpage != 0) { $params = new StdClass(); $params->strategy = new HalfPagePager('right'); if (empty($urlpiece)) { $params->page_url = 'admincomments.php?action=All'; } else { $params->page_url = 'admincomments.php?action=' . $urlpiece; } $params->page_url_marker = 'page'; $params->page_method = 'get'; $params->items = $count; $params->active_page = $page; $params->items_per_page = $itemsperpage; $pager = new PagerWidget($params); $pager->render(); } if (!empty($TData)) { ShowList($TData, $page * $itemsperpage, $count); } if (isset($pager)) { $pager->render(); } require_once "footer.php"; }
function DisplayFormCreateBroadcast($IdBroadCast = 0, $Name = "", $BroadCast_Title_, $BroadCast_Body_, $Description, $Type = "") { global $title; $title = "Create a new broadcast"; require_once "header.php"; Menu1("", ww('MainPage')); // Displays the top menu Menu2("admin/adminmassmails.php", ww('MainPage')); // Displays the second menu $MenuAction = " <li><a href=\"adminmassmails.php\">Admin Massmails</a></li>\n"; $MenuAction .= " <li><a href=\"adminmassmails.php?action=createbroadcast\">Create new broadcast</a></li>\n"; if (HasRight("MassMail", "Send")) { // if has right to trig $MenuAction .= " <li><a href=\"adminmassmails.php?action=ShowPendingTrigs\">Trigger mass mails</a></li>\n"; } DisplayHeaderShortUserContent("Admin Mails - Broadcast Messages", ""); ShowLeftColumn($MenuAction, VolMenu()); echo " <div id=\"col3\"> \n"; echo " <div id=\"col3_content\" class=\"clearfix\"> \n"; echo " <div class=\"info clearfix\">\n"; echo "<form method=\"post\" action=\"adminmassmails.php\" class=\"yform full\">\n"; echo "<input type=\"hidden\" name=\"IdBroadCast\" value=\"{$IdBroadCast}\">"; echo "<p class=\"note center\">Please write here in <strong>" . LanguageName($_SESSION['IdLanguage']) . "</strong></p>"; echo "<div class=\"type-text\">"; echo "<p>Give the code name of the broadcast as a word entry (must not exist in words table previously) like <b>NewsJuly2007</b> or <b>NewsAugust2007</b> without spaces!</p>"; echo "<label for=\"Name\">WordCode for the newsletter</label>"; echo "<input type=\"text\" "; if ($Name != "") { echo "readonly"; } // don't change a group name because it is connected to words echo " id=\"Name\" name=\"Name\" value=\"{$Name}\" />"; echo "</div>"; echo "<div class=\"type-text\">"; echo "<label for=\"BroadCast_Title_\">Subject for the newsletter (%username% will be replaced by the username at sending)</label>"; echo "<input type=\"text\" id=\"BroadCast_Title_\" name=\"BroadCast_Title_\" value=\"{$BroadCast_Title_}\" />"; echo "</div>"; echo "<div class=\"type-text\">"; echo "<label for=\"BroadCast_Body_\">Body of the newsletter (%username% will be replaced by the username at sending)</label>"; echo "<textarea id=\"BroadCast_Body_\" name=\"BroadCast_Body_\" rows=\"30\">", $BroadCast_Body_, "</textarea>"; echo "</div>"; echo "<div class=\"type-text\">"; echo "<label for=\"Description\">Description (as translators will see it in AdminWord) </label>"; echo "<textarea id=\"Description\" name=\"Description\" rows=\"8\">", $Description, "</textarea>"; echo "</div>"; echo "<div class=\"type-button\">"; if ($IdBroadCast != 0) { echo "<input type=\"submit\" name=\"submit\" value=\"update massmail\">"; } else { echo "<input type=\"submit\" name=\"submit\" value=\"create massmail\">"; } echo "<input type=\"hidden\" name=\"action\" value=\"createbroadcast\">"; echo "</div>"; echo "</form>"; require_once "footer.php"; }
/** * MustLogIn force the user to log and then call the link passed in parameter */ function IsAdmin() { return HasRight('Admin'); }
$TResult = array(); $qry = sql_query($ss); while ($rr = mysql_fetch_object($qry)) { array_push($TResult, $rr); } DisplayUsers($rrQuery, $TResult, NULL, $Message); break; case "execute": $IdQuery = (int) GetParam("IdQuery", 0); $rrQuery = LoadRow("select * from sqlforvolunteers where id=" . $IdQuery); if (!isset($rrQuery->id)) { DisplayMyResults(array(), array(), array(), $rrQuery, "Sorry your query has failed #IdQuery=<b>" . $IdQuery . "</b>", $TList); break; } $IsQueryAllowedInGroup = LoadRow("select count(*) as cnt from sqlforgroupsmembers where IdGroup in (" . $membergrouplist . ") and IdQuery=" . $IdQuery); if (!HasRight('SqlForVolunteers', '"' . $IdQuery . '"') and $IsQueryAllowedInGroup->cnt == 0) { DisplayMyResults(array(), array(), array(), $rrQuery, "Sorry you miss right scope for query <b>" . $rrQuery->Name . "</b>", $TList); LogStr("Trying to use a not allowed query (" . $rrQuery->Name . ")", "adminquery"); break; } $_TResult = array(); $_TTitle = array(); $_TTsqry = array(); $_rrQuery = array(); $tQuery = explode(";", $rrQuery->Query); for ($jj = 0; $jj < count($tQuery); $jj++) { $sQry = ltrim($tQuery[$jj]); if (empty($sQry)) { continue; } $Message = "";
but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, see <http://www.gnu.org/licenses/> or write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ chdir(".."); require_once "lib/init.php"; require_once "lib/FunctionsLogin.php"; require_once "layout/error.php"; require_once "layout/admingrep.php"; $action = GetParam("action"); $countmatch = 0; $RightLevel = HasRight('Grep'); // Check the rights if ($RightLevel < 1) { echo "This requires the sufficient <strong>Grep</strong> rights<br />"; exit(0); } $scope = RightScope('Grep'); if ($nbligne == "") { $nbligne = "3"; } if (isset($_POST['repertoire'])) { $repertoire = $_SESSION['repertoire']; } if ($RightLevel >= 5) { // rigcht level 5 allow to overwrite scope if (GetParam("scope") != "") {
function ProfileVolunteerMenu($m) { $VolAction = ""; // This will receive the possible vol action for this member if (HasRight("Logs")) { $VolAction .= " <li><a href=\"admin/adminlogs.php?Username="******"\">See Logs</a> </li>\n"; } if (HasRight("Admin")) { $VolAction .= " <li><a href=\"editmyprofile.php?cid=" . $m->id . "\">Edit This Profile</a> </li>\n"; } if (HasRight("Admin")) { $VolAction .= " <li><a href=\"updatemandatory.php?cid=" . $m->id . "\">Update Mandatory</a> </li>\n"; $VolAction .= " <li><a href=\"myvisitors.php?cid=" . $m->id . "\">View Member's visitors</a> </li>\n"; $VolAction .= " <li><a href=\"admin/adminrights.php?username="******"\">See member rights</a> </li>\n"; } if (HasRight("Flags")) { $VolAction .= "<li><a href=\"admin/adminflags.php?username="******"\">Flags</a> </li>\n"; } return $VolAction; }
function wwinlang($code, $IdLanguage = 0, $p1 = NULL, $p2 = NULL, $p3 = NULL, $p4 = NULL, $p5 = NULL, $p6 = NULL, $p7 = NULL, $p8 = NULL, $p9 = NULL, $pp10 = NULL, $pp11 = NULL, $pp12 = NULL, $pp13 = NULL) { if (isset($_SESSION['switchtrans']) and $_SESSION['switchtrans'] == "on") { // if user as choosen to build a translation list to use in AdminWords if (!isset($_SESSION['TranslationArray'])) { $_SESSION['TranslationArray'] = array(); // initialize $_SESSION['TranslationArray'] if it wasent existing yet } if (!in_array($code, $_SESSION['TranslationArray'])) { array_push($_SESSION['TranslationArray'], $code); } } $res = ""; if (empty($code)) { return "Empty field \$code in ww function"; } if (is_numeric($code)) { // case code is the idword in numeric form $rr = LoadRow("select SQL_CACHE Sentence,donottranslate from words where id={$code}"); $res = nl2br(stripslashes($rr->Sentence)); } else { // In case the code wasnt a numeric id $rr = LoadRow("select SQL_CACHE Sentence,donottranslate from words where code='{$code}' and IdLanguage='" . $IdLanguage . "'"); if (isset($rr->Sentence)) { $res = nl2br(stripslashes($rr->Sentence)); } // echo "ww('",$code,"')=",$res,"<br>"; } if ($res == "") { // If not translation found if (is_numeric($code)) { // id word case (code is numeric) if (HasRight("Words", ShortLangSentence($IdLanguage))) { $res = "<b>function ww() : idword #{$code} missing</b>"; } else { $res = $code; } return $res; } else { // Normal case (code is a string) $rEnglish = LoadRow("select SQL_CACHE Sentence,donottranslate from words where code='{$code}' and IdLanguage=0"); if (!isset($rEnglish->Sentence)) { // If there is no default language correspondance $res = $code; // The code of the word will be return if (HasRight("Words") >= 10) { // IF the user has translation right mark the word has missing $res = "<a target=\"_new\" href=admin/adminwords.php?IdLanguage=" . $IdLanguage . "&code={$code} style=\"background-color:#ff6699;color:#660000;\" title=\"click to translate in " . ShortLangSentence($IdLanguage) . "\">Missing words : {$code}</a>"; } } else { // There is a default language so propose it as a result $res = nl2br(stripslashes($rEnglish->Sentence)); } // If member has translation rights in this language and that the word is translatable propose a link to translate if (HasRight("Words", ShortLangSentence($IdLanguage)) and HasRight("Words") >= 10 and (!isset($rEnglish->donottranslate) or $rEnglish->donottranslate == "no")) { // if members has translation rights $res = "<a target=\"_new\" href=admin/adminwords.php?IdLanguage=" . $IdLanguage . "&code={$code} style=\"background-color:#ff6699;color:#660000;\" title=\"click to translate in " . ShortLangSentence($IdLanguage) . "\">{$res}</a>"; } } } // end If no translation found // Apply the parameters if any $res = sprintf($res, $p1, $p2, $p3, $p4, $p5, $p6, $p7, $p8, $p9, $pp10, $pp11, $pp12, $pp13); // debug("code=<font color='red'>".$code."</font> IdLanguage=".$IdLanguage."<br> res=[<b>".$res."</b>]"); return $res; }
} return $IdTrad; } // end of ReplaceInFTrad MustLogIn(); // Need to be logged require_once "layout/header.php"; // It is always to consider that dbmaintenance works in english $_SESSION['lang'] = CV_def_lang; $_SESSION['IdLanguage'] = 0; // force English for menu Menu1("", "DB_MAINTENANCE"); // Displays the top menu Menu2("main.php", "DB_MAINTENANCE"); // Displays the second menu if (!HasRight("Admin")) { echo "<p> this need Admin rights</p>"; require_once "layout/footer.php"; die(1); } $MenuAction = " <li><a href=\"" . bwlink("admin/dbmaintenance.php") . "\">db maintenance</a></li>\n"; $MenuAction .= " <li><a href=\"" . bwlink("admin/dbmaintenance.php?action=updateid") . "\">update new ids</a></li>\n"; $MenuAction .= " <li><a href=\"" . bwlink("admin/dbmaintenance.php?action=filltrads") . "\">fill the forum_trads</a></li>\n"; $MenuAction .= " <li><a href=\"" . bwlink("admin/dbmaintenance.php?action=filltag_threads") . "\">recreate tags_threads</a></li>\n"; $MenuAction .= " <li><a href=\"" . bwlink("admin/dbmaintenance.php?action=updatetagcounters") . "\">update tags counters</a></li>\n"; DisplayHeaderShortUserContent("Db Maintenance", $MenuAction, ""); // Display the header ShowLeftColumn($MenuAction, ""); $action = GetStrParam("action", ""); switch ($action) { case "updateid":
function DisplayFaq($TFaq) { global $title; $IdFaq = GetParam("IdFaq", 0); $argv = $_SERVER["argv"]; if (isset($argv[1])) { $IdFaq = $argv[1]; } if ($IdFaq == 0) { $title = ww('FaqPage'); } elseif ($TFaq[0]->PageTitle != "") { $title = ww($TFaq[0]->PageTitle); } else { $title = ww("FaqQ_" . $TFaq[0]->QandA); } include "header.php"; Menu1("faq.php", ww('FaqPage')); // Displays the top menu Menu2("faq.php", ww('GetAnswers')); echo "\n"; echo " <div id=\"main\">\n"; echo " <div id=\"teaser_bg\">\n"; echo " <div id=\"teaser\">\n"; echo " <h1>", $title, " </h1>\n"; echo " </div>\n"; //menugetanswers("faq.php", $title); // Display the generic header echo " </div>\n"; // Content with just two columns echo "\n"; echo " <div id=\"col3\" class=\"twocolumns\">\n"; echo " <div id=\"col3_content\" class=\"clearfix\">\n"; $iiMax = count($TFaq); $LastCat = ""; // Display the list of the questions echo "<div class=\"info\">\n"; for ($ii = 0; $ii < $iiMax; $ii++) { if ($LastCat != $TFaq[$ii]->CategoryName) { $LastCat = $TFaq[$ii]->CategoryName; if (HasRight("Faq") > 0) { echo "[<a href=\"faq.php?action=insert&IdCategory=", $TFaq[$ii]->IdCategory, "\">insert new faq in this category</a>]\n"; } if ($IdFaq == 0) { if ($ii > 0) { echo "</ul><br/>\n"; } echo " <h3>", ww($TFaq[$ii]->CategoryName), "</h3>\n<ul>\n"; } } $Q = ww("FaqQ_" . $TFaq[$ii]->QandA); if ($IdFaq == 0) { echo "<li>"; } if ($TFaq[$ii]->QandA == "") { $Q = " new "; } if (HasRight("Faq") > 0) { if ($TFaq[$ii]->QandA == "") { echo " [<a href=\"faq.php?action=edit&IdFaq=", $TFaq[$ii]->id, "\">edit this new faq</a>]\n"; } else { echo " [<a href=\"faq.php?action=edit&IdFaq=", $TFaq[$ii]->id, "\">edit</a>]\n"; } } // echo " <a href=\"" . $_SERVER["PHP_SELF"] . "?IdFaq=", $TFaq[$ii]->id, "\">", $Q, "</a>"; if ($IdFaq == 0) { if (IsLoggedIn()) { echo " <a href=\"faq.php?IdFaq=" . $TFaq[$ii]->id . "\">", $Q, "</a></li>\n"; } else { // If not login provide links to specific files $ss = "select code from words where code=\"FaqA_" . $TFaq[$ii]->QandA . "\" and IdLanguage=" . $_SESSION["IdLanguage"]; // echo $ss ; $rFak = LoadRow($ss); if (empty($rFak->code)) { echo " <a href=\"faq_" . $TFaq[$ii]->QandA . "_en.php\">", $Q, "</a></li>\n"; // Force english if the text is not yet translated to avoid several page with the same english default text } else { echo " <a href=\"faq_" . $TFaq[$ii]->QandA . "_" . $_SESSION["lang"] . ".php\">", $Q, "</a></li>\n"; } } } } // end of for $ii if ($IdFaq == 0) { echo "</ul><br/>\n"; } // Display the list of the answers for ($ii = 0; $ii < $iiMax and (IsLoggedIn() or $IdFaq != 0); $ii++) { // echo " <div class=\"clear\" />\n"; if ($IdFaq == 0) { echo " <h3>", ww($TFaq[$ii]->CategoryName), "</h3>"; } $Q = ww("FaqQ_" . $TFaq[$ii]->QandA); $A = ww("FaqA_" . $TFaq[$ii]->QandA); if ($IdFaq == 0) { echo "<h4><a name=\"", $TFaq[$ii]->id, "\"></a> ", $Q, "</h4>\n"; } echo "<p>", str_replace("\n", "", $A), "</p>\n"; } if (IsAdmin()) { echo "<br/><p><a href=\"faq.php?action=rebuildextraphpfiles\">rebuild extra php files</a></p>"; } include "footer.php"; exit(0); }
exit(0); break; case "AdminAbuserMustCheck": $Message = "Set comment to be checked by Admin Comment"; $str = "Update comments set AdminAction='AdminAbuserMustCheck' where id=" . Getparam("IdComment"); sql_query($str); LogStr(" Setting to <b>tobe check by Admin Abuser</b> for IdComment #" . Getparam("IdComment"), "AdminComment"); break; case "AdminCommentMustCheck": $Message = "Set comment to be checked by Admin Comment"; $str = "Update comments set AdminAction='AdminCommentMustCheck' where id=" . Getparam("IdComment"); sql_query($str); LogStr(" Setting to <b>tobe check by Admin Comment</b> for IdComment #" . Getparam("IdComment"), "AdminComment"); break; case "del": if (!HasRight("Comments", "DeleteComment")) { $Message = "You don't have the right to delete comments"; // call the layout DisplayAdminComments(loaddata("", " and comments.id=" . GetParam("IdComment")), $Message); exit(0); break; } $Message = " Delete comment #" . GetParam("IdComment"); $c = LoadRow("select * from comments where id=" . GetParam("IdComment")); if (!isset($c->id)) { $Message = "No such coment"; // call the layout DisplayAdminComments(loaddata("", " and comments.id=" . GetParam("IdComment")), $Message); exit(0); break; }
function BuildVolMenu() { $res = array(); if (HasRight("Grep")) { array_push($res, new CVolMenu("admin/admingrep.php", "AdminGrep", "Grepping files")); } if (HasRight("Group")) { array_push($res, new CVolMenu("admin/admingroups.php", "AdminGroup", "Group managment")); } if (HasRight("Flags")) { array_push($res, new CVolMenu("admin/adminflags.php", "AdminFlags", "administration of members flags")); } if (HasRight("Rights")) { array_push($res, new CVolMenu("/admin/rights", "AdminRights", "administration of members rights")); } if (HasRight("Logs")) { array_push($res, new CVolMenu("admin/adminlogs.php", "AdminLogs", "logs of activity")); } if (HasRight("Comments")) { array_push($res, new CVolMenu("admin/admincomments.php", "AdminComments", "managing comments")); } if (HasRight("Pannel")) { array_push($res, new CVolMenu("admin/adminpanel.php", "AdminPanel", "managing panel (may be obsolete)")); } if (HasRight("Checker")) { $rr = LoadRow("SELECT COUNT(*) AS cnt FROM messages WHERE Status='ToCheck' AND messages.WhenFirstRead='0000-00-00 00:00:00'"); $rrSpam = LoadRow("SELECT COUNT(*) AS cnt FROM messages,members AS mSender, members AS mReceiver WHERE mSender.id=IdSender AND messages.SpamInfo='SpamSayMember' AND mReceiver.id=IdReceiver AND (mSender.Status='Active' or mSender.Status='Pending')"); $text = "AdminChecker" . "(" . $rr->cnt . "/" . $rrSpam->cnt . ")"; array_push($res, new CVolMenu("admin/adminchecker.php", $text, "Mail Checking")); } if (HasRight("Debug", "ShowErrorLog")) { array_push($res, new CVolMenu("admin/phplog.php?showerror=10", "php error log", "php error log")); } if (HasRight("Debug", "ShowSlowQuery")) { array_push($res, new CVolMenu("admin/phplog.php?ShowSlowQuery=10", "Slow queries", "Mysql Slow queries")); } if (HasRight("MassMail")) { array_push($res, new CVolMenu("admin/adminmassmails.php", "mass mails", "Broadcast messages")); } return $res; }
function DisplayAdminLogs($tData, $username, $type, $ip, $andS1, $andS2, $notAndS1, $notAndS2, $maxpos) { global $title; $rTime = LoadRow("select now() as ss"); $title = "Admin logs Server time: " . $rTime->ss; require_once "header.php"; Menu1("", "Admin Logs page"); // Displays the top menu Menu2("admin/adminlogs.php", ww('MainPage')); // Displays the second menu DisplayHeaderShortUserContent($title); ShowLeftColumn("", VolMenu()); // Show the Actions // middle column echo " <div id=\"col3\"> \n"; echo " <div id=\"col3_content\" class=\"clearfix\"> \n"; echo " <div class=\"info clearfix\">\n"; $max = count($tData); $infoStyles = array(0 => " <tr class=\"blank\" align=\"left\" valign=\"center\">\n", 1 => " <tr class=\"highlight\" align=\"left\" valign=\"center\">\n"); echo " <table cellspacing=\"10\" cellpadding=\"10\" style=\"font-size:11px;\">\n"; echo " <tr>\n"; if (empty($username)) { echo " <th>Username</th>\n"; echo " <th>Type</th>\n"; echo " <th>Str</th>\n"; echo " <th>created</th>\n"; echo " <th>ip</th>\n"; } else { echo " <th colspan=4 align=center> Logs for ", LinkWithUsername(fUsername($username)), "</th>\n"; } echo "</tr>\n"; for ($ii = 0; $ii < $max; $ii++) { $logs = $tData[$ii]; echo $infoStyles[$ii % 2]; // this displays the <tr> if (!empty($logs->Username)) { echo "<td>"; echo "<a href=\"" . $_SERVER['PHP_SELF'] . "?Username="******"\">" . $logs->Username . "</a>"; echo "</td>"; } else { echo "<td>"; // To do according to ip addresses replace with Google, Yahoo .. etc - an external solution is to be find switch (long2ip($logs->IpAddress)) { case "66.249.72.206": echo "Googlebot/2.1"; break; case "74.6.23.107": echo "Yahoo slurp"; break; case "127.0.0.1": echo "<i>localhost</i>"; break; default: echo "<i>not logged</i>"; break; break; } echo "</td>"; } echo "<td>"; echo "<a href=\"" . $_SERVER['PHP_SELF'] . "?Type=" . $logs->Type . "\">" . $logs->Type . "</a>"; // echo $logs->Type; echo "</td>"; echo "<td>"; echo $logs->Str; echo "</td>"; echo "<td>{$logs->created}</td><td> "; echo "<a href=\"" . $_SERVER['PHP_SELF'] . "?ip=" . long2ip($logs->IpAddress) . "\">" . long2ip($logs->IpAddress) . "</a>"; echo " <a href=\"http://ws.arin.net/whois/?queryinput=+" . long2ip($logs->IpAddress) . " \" target=\"new\">arinc</a>"; echo " <a href=\"http://outils-rezo.info/cgi-bin/action.cgi?valeur=" . long2ip($logs->IpAddress) . "&cmd=Whois\" target=\"new\">whois</a>"; echo "</td>"; echo "</tr>\n"; } echo " </table>\n<br>"; if ($max > 0) { echo _Pagination($maxpos); } echo " <hr />\n"; echo " <table>\n"; echo " <form method='post' action='adminlogs.php'>\n"; if (HasRight("Logs") > 1) { echo " <tr>\n"; echo " <td>Username</td><td><input type=\"text\" name=\"Username\" value=\"" . (!empty($username) ? $username : '') . "\"></td>\n"; } else { echo " <tr>\n"; echo " <td>Username</td><td><input type=\"text\" readonly=\"readonly\" name=\"Username\" value=\"" . $username . "\"></td>"; } echo " <td>Type</td><td><input type=text name=Type value=\"" . $type . "\"></td>\n"; echo " <td>Ip</td><td><input type=text name=ip value=\"" . $ip . "\"></td>\n"; echo " </tr>\n"; echo " <tr><td> Having</td><td><input type=text name=andS1 value=\"" . $andS1 . "\"></td></tr>"; echo " <tr><td>and Having</td><td><input type=text name=andS2 value=\"" . $andS2 . "\"></td></tr>"; echo " <tr><td>and not Having</td><td><input type=text name=NotandS1 value=\"" . $notAndS1 . "\"></td></tr>"; echo " <tr><td>and not Having</td><td><input type=text name=NotandS2 value=\"" . $notAndS2 . "\"></td></tr>"; echo " <tr><td colspan=2 align=center>"; echo "<input type=submit id=submit>"; echo "</td>\n"; echo " </tr>\n"; echo " </form>\n"; echo " </table>\n"; echo " </div>\n"; require_once "footer.php"; }
$where .= " AND Str NOT LIKE '%" . $notAndS1 . "%'"; } $notAndS2 = GetStrParam("NotandS2", ""); if ($notAndS2 != "") { $where .= " AND Str NOT LIKE '%" . $notAndS2 . "%'"; } $ip = GetStrParam("ip", ""); if ($ip != "") { $where .= " AND IpAddress=" . ip2long($ip) . ""; } $type = GetStrParam("Type", ""); if ($type != "") { $where .= " AND Type='" . $type . "'"; } // If there is a Scope limit logs to the type in this Scope (unless it his own logs) if (!HasRight('Logs', "\"All\"")) { $scope = RightScope("Logs"); str_replace($scope, "\"", "'"); $where .= " AND (Type IN (" . $scope . ") OR IdMember=" . $_SESSION["IdMember"] . ") "; } switch (GetParam("action")) { case "del": // case a delete is requested break; } $tData = array(); if (empty($where) and $start_rec == 0) { // In this case we will avoid the FOUND_ROW which is a performance killer $str = "SELECT logs.*,Username " . "FROM " . $_SYSHCVOL['ARCH_DB'] . ".logs LEFT JOIN members ON members.id=logs.IdMember " . "ORDER BY " . $_SYSHCVOL['ARCH_DB'] . ".logs.id DESC LIMIT {$start_rec}," . $limitcount; $qry = sql_query($str); $rCount = LoadRow("SELECT count(*) AS cnt from " . $_SYSHCVOL['ARCH_DB'] . ".logs");
} } echo "rebuilt done"; exit(0); case "wikilist": $str = "SELECT faq.*, faqcategories.Description AS CategoryName FROM faq, faqcategories WHERE faqcategories.id=faq.IdCategory " . $FilterCategory . $FilterActive . " ORDER BY faqcategories.SortOrder, faq.SortOrder"; $qry = sql_query($str); $TData = array(); while ($rWhile = mysql_fetch_object($qry)) { array_push($TData, $rWhile); } DisplayFaqWiki($TData, $rCat); // call the layout with the selected parameters exit(0); case "update": if (!HasRight("Faq") > 0) { // only people with suficient right can edit FAQ $errcode = "ErrorNeedRight"; // initialise global variable DisplayError(ww($errcode, "Faq")); } if (GetStrParam("QandA") == "") { echo "You must fill the word code associated with the FAQ"; DisplayError("You must fill the word code associated with the FAQ"); exit(0); } $Faq = LoadRow("SELECT * FROM faq WHERE id=" . $IdFaq); $rwq = LoadRow("SELECT * FROM words WHERE code='" . "FaqQ_" . GetStrParam("QandA") . "' and IdLanguage=0"); $rwa = LoadRow("SELECT * FROM words WHERE code='" . "FaqA_" . GetStrParam("QandA") . "' and IdLanguage=0"); if (!isset($rwq->id)) { $str = "INSERT INTO words\n (code,\n Description,\n IdLanguage,\n ShortCode,\n created)\n VALUES\n ('FaqQ_" . GetStrParam("QandA") . "',\n 'This is the questiontext for a Frequently Asked Question.',\n 0,\n '" . $_SESSION['lang'] . "',\n NOW())";
but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, see <http://www.gnu.org/licenses/> or write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ chdir(".."); require_once "lib/init.php"; require_once "layout/error.php"; require_once "layout/adminchecker.php"; $username = fUsername(GetStrParam("username")); $sResult = ""; // initialisation to avoid a warning $RightLevel = HasRight('Checker'); // Check the rights if ($RightLevel < 1) { echo "This Need the suffcient <b>Checker</b> rights<br>"; exit(0); } // this function call the view of reported spam function viewSpamSayMember($sResult = "") { $TMess = array(); $str = "select messages.*,messages.Status as MessageStatus,mSender.Username as Username_sender,mReceiver.Username as Username_receiver from messages,members as mSender,members as mReceiver where mSender.id=IdSender and messages.SpamInfo='SpamSayMember' and mReceiver.id=IdReceiver and (mSender.Status='Active' or mSender.Status='Pending') order by messages.id desc limit 50"; if (GetStrParam("IdSender", "") != "") { $str = "select messages.*,messages.Status as MessageStatus,mSender.Username as Username_sender,mReceiver.Username as Username_receiver from messages,members as mSender,members as mReceiver where mSender.id=IdSender and mReceiver.id=IdReceiver and (mSender.Status='Active' or mSender.Status='Pending') and messages.SpamInfo='SpamSayMember' and messages.IdSender=" . IdMember(GetStrParam("IdSender", 0)) . " order by messages.id desc limit 20"; } if (GetStrParam("IdReceiver", "") != "") { $str = "select messages.*,messages.Status as MessageStatus,mSender.Username as Username_sender,mReceiver.Username as Username_receiver from messages,members as mSender,members as mReceiver where mSender.id=IdSender and mReceiver.id=IdReceiver and (mSender.Status='Active' or mSender.Status='Pending') and messages.SpamInfo='SpamSayMember' and messages.IdReceiver" . IdMember(GetStrParam("IdReceiver", 0)) . " order by messages.id desc limit 20";