<?php
require '../../includes/config.php';
require '../../structure/database.php';
require '../../structure/forum.php';
require '../../structure/forum.post.php';
require '../../structure/base.php';
require '../../structure/user.php';
$database = new database($db_host, $db_name, $db_user, $db_password);
$post = new post($database);
$base = new base($database);
$user = new user($database);
$user->updateLastActive();
$username = $user->getUsername($_COOKIE['user'], 2);
$rank = $user->getRank($username);
//take action then log it
if ($rank > 2) {
$post->hidePost($_GET['pid'], $rank);
}
$base->appendToFile('../logs.txt', array($username . ' hid the post ' . $_GET['pid']));
$base->redirect('../viewthread.php?forum=' . $_GET['forum'] . '&id=' . $_GET['id'] . '&goto=' . $_GET['pid']);
} else {
if (isset($_POST['unban'])) {
if (!$banned) {
echo 'You can\'t unban a user that is already unbanned. <input type="button" value="Back" onclick="goBack()" />';
} else {
//unban the user
$user->unban($selected_user);
echo '<b>' . $selected_user . '</b> has successfully been unbanned.';
}
} else {
if (!$banned) {
//carry out all the operations
?>
<ul> <?php
$user->ban($selected_user, isset($_POST['banip']) ? true : false);
$base->appendToFile('../forums/logs.txt', array($username . ' banned the user' . $selected_user));
echo '<li><b>' . $selected_user . '</b> has been banned.</li>';
//delete all posts and thread
if (isset($_POST['d_posts'])) {
$database->processQuery("DELETE FROM `posts` WHERE `username` = ?", array($selected_user), false);
echo '<li>Posts deleted.</li>';
//delete their threads and all posts in that thread
$threads = $database->processQuery("SELECT `id` FROM `threads` WHERE `username` = ?", array($selected_user), true);
//delete all posts in the threads the user mades
foreach ($threads as $thread) {
$database->processQuery("DELETE FROM `posts` WHERE `thread` = ?", array($thread['id']), false);
}
//delete the thread now
$database->processQuery("DELETE FROM `threads` WHERE `username` = ?", array($selected_user), false);
echo '<li>Threads deleted.</li>';
}
require '../includes/config.php';
require '../structure/database.php';
require '../structure/base.php';
require '../structure/user.php';
$database = new database($db_host, $db_name, $db_user, $db_password);
$base = new base($database);
$user = new user($database);
$user->updateLastActive();
$username = $user->getUsername($_COOKIE['user'], 2);
$rank = $user->getRank($username);
if ($rank < 4) {
$base->redirect('../index.php');
}
if (isset($_GET['id']) && isset($_GET['action'])) {
$database->processQuery("UPDATE `tracking` SET `status` = ? WHERE `id` = ? LIMIT 1", array($_GET['action'] == 1 ? 1 : 2, $_GET['id']), false);
$base->appendToFile('../forums/logs.txt', array($username . ($_GET['action'] == 1) ? 'accepted' : 'denied' . ' a recovery request'));
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns:IE>
<head>
<meta http-equiv="Expires" content="0">
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta name="MSSmartTagsPreventParsing" content="TRUE">
<title><?php
echo $data['wb_title'];
?>
</title>
<link href="../css/basic-3.css" rel="stylesheet" type="text/css" media="all">
<link href="../css/register-1.css" rel="stylesheet" type="text/css" media="all">
require '../../structure/base.php';
require '../../structure/user.php';
$database = new database($db_host, $db_name, $db_user, $db_password);
$thread = new thread($database);
$base = new base($database);
$user = new user($database);
$user->updateLastActive();
//useful variables
$username = $user->getUsername($_COOKIE['user'], 2);
$rank = $user->getRank($username);
$id = $_GET['id'];
//take action then log it
if ($thread->checkExistence($id) && $thread->canView($id, $username, $rank) && $rank > 2) {
$thread_info = $database->processQuery("SELECT `autohiding` FROM `threads` WHERE `id` = ?", array($id), true);
$database->processQuery("UPDATE `threads` SET `autohiding` = ? WHERE `id` = ?", array($thread_info[0]['autohiding'] == 1 ? 0 : 1, $id), false);
$base->appendToFile('../logs.txt', array($username . ' toggled the auto-hide of the thread ' . $id));
} else {
$base->redirect('../viewthread.php?forum=' . $_GET['forum'] . '&id=' . $id . '&goto=start');
}
$redirect = 'http://' . $domain . '/forums/viewthread.php?forum=' . $_GET['forum'] . '&id=' . $id . '&goto=start';
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns:IE>
<!-- LeeStrong Runescape Website Source --!>
<!-- Added by HTTrack --><meta http-equiv="content-type" content="text/html;charset=ISO-8859-1"><!-- /Added by HTTrack -->
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta name="MSSmartTagsPreventParsing" content="TRUE">
<meta HTTP-EQUIV="REFRESH" content="3; url=<?php
$content = '
<form action="addstory.php" method="POST">
<table>
<tr><td>Notice</td><td>Put square brackets ([]) around a letter to make a fancy letter icon. E.G: [s]</td></tr>
<tr><td>Title</td><td><input type="text" class="button" name="title" maxlength="50"></td></tr>
<tr><td>Content</td><td><textarea name="content" class="button" cols="60" rows="35"></textarea></td></tr>
<tr><td>Done?</td><td><input type="submit" class="button" value="Add"> <input type="submit" name="preview" class="button" value="Preview"></td></tr>
</table>
</form>';
} elseif (isset($_POST['preview'])) {
$content = '<center><input type="button" class="button" value="Back" onclick="goBack()" /></center><br/>' . $base->addSpecials(stripslashes(nl2br($_POST['content'])), '../img/varrock/lores/');
} else {
//insert the new story
$database->processQuery("INSERT INTO `stories` VALUES (null, ?, ?)", array($_POST['title'], nl2br($_POST['content'])), false);
//log it
$base->appendToFile('../forums/logs.txt', array($username . ' added a new story called ' . $_POST['title']));
$base->redirect('../stories/lores/story.php?id=' . $database->getInsertId());
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns:IE>
<head>
<meta http-equiv="Expires" content="0">
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta name="MSSmartTagsPreventParsing" content="TRUE">
<title><?php
echo $data['wb_title'];
?>
</title>
<link href="../css/basic-3.css" rel="stylesheet" type="text/css" media="all">
require '../../structure/forum.thread.php';
require '../../structure/base.php';
require '../../structure/user.php';
$database = new database($db_host, $db_name, $db_user, $db_password);
$thread = new thread($database);
$base = new base($database);
$user = new user($database);
$user->updateLastActive();
//useful variables
$username = $user->getUsername($_COOKIE['user'], 2);
$rank = $user->getRank($username);
$id = $_GET['id'];
//take action then log it
if ($thread->checkExistence($id) && $thread->canView($id, $username, $rank) && $rank > 2) {
$thread->lock($id, $rank);
$base->appendToFile('../logs.txt', array($username . ' locked the thread ' . $id));
} else {
$base->redirect('../viewthread.php?forum=' . $_GET['forum'] . '&id=' . $id . '&goto=start');
}
$redirect = 'http://' . $path . 'forums/viewthread.php?forum=' . $_GET['forum'] . '&id=' . $id . '&goto=start';
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns:IE>
<!-- LeeStrong Runescape Website Source --!>
<!-- Added by HTTrack --><meta http-equiv="content-type" content="text/html;charset=ISO-8859-1"><!-- /Added by HTTrack -->
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta name="MSSmartTagsPreventParsing" content="TRUE">
<meta HTTP-EQUIV="REFRESH" content="3; url=<?php
require '../../structure/base.php';
require '../../structure/user.php';
$database = new database($db_host, $db_name, $db_user, $db_password);
$thread = new thread($database);
$base = new base($database);
$user = new user($database);
$user->updateLastActive();
//useful variables
$username = $user->getUsername($_COOKIE['user'], 2);
$rank = $user->getRank($username);
$id = $_GET['id'];
//take action then log it
if ($thread->checkExistence($id) && $thread->canView($id, $username, $rank) && $rank > 2) {
$thread_info = $database->processQuery("SELECT `sticky` FROM `threads` WHERE `id` = ?", array($id), true);
$database->processQuery("UPDATE `threads` SET `sticky` = ? WHERE `id` = ?", array($thread_info[0]['sticky'] == 1 ? 0 : 1, $id), false);
$base->appendToFile('../logs.txt', array($username . ' stuck/unstuck the thread ' . $id));
} else {
$base->redirect('../viewthread.php?forum=' . $_GET['forum'] . '&id=' . $id . '&goto=start');
}
$redirect = 'http://' . $domain . '/forums/viewthread.php?forum=' . $_GET['forum'] . '&id=' . $id . '&goto=start';
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns:IE>
<!-- LeeStrong Runescape Website Source --!>
<!-- Added by HTTrack --><meta http-equiv="content-type" content="text/html;charset=ISO-8859-1"><!-- /Added by HTTrack -->
<head>
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta name="MSSmartTagsPreventParsing" content="TRUE">
<meta HTTP-EQUIV="REFRESH" content="3; url=<?php
if (isset($_POST['threads'])) {
$threads = $database->processQuery("SELECT `id` FROM `threads` WHERE `username` = ?", array($selected_user), true);
//delete all posts in the threads the user mades
foreach ($threads as $thread) {
$database->processQuery("DELETE FROM `posts` WHERE `thread` = ?", array($thread['id']), false);
$affected += $database->getRowCount();
}
//delete the thread now
$database->processQuery("DELETE FROM `threads` WHERE `username` = ?", array($selected_user), false);
$affected += $database->getRowCount();
}
$affected += $database->getRowCount();
if ($affected == 0) {
echo 'No posts or threads were deleted. Are you sure they exist?';
} else {
$base->appendToFile('../forums/logs.txt', array($username . ' deleted posts and/or threads by' . $selected_user));
echo $affected . ' posts/threads deleted.';
}
}
}
?>
</div>
</div>
</div>
<img class="widescroll-bottom" src="../img/scroll/backdrop_765_bottom.gif" alt="" width="765" height="50" />
<div class="tandc"><?php
echo $data['wb_foot'];
?>
</div>
</body>
<?php
} elseif (!$user->doesExist($_POST['old'])) {
echo 'You can\'t change the name of a non-existent user. <input type="button" value="Back" onclick="goBack()" />';
} elseif ($user->getRank($_POST['old']) > 1 && $user->getUserId($_COOKIE['user']) != 1) {
echo 'You can\'t change the name of a staff member. <input type="button" value="Back" onclick="goBack()" />';
} elseif (!$register->validateUsername($_POST['new'])) {
echo 'The newly created username cannot be used. <input type="button" value="Back" onclick="goBack()" />';
} else {
//replace all their content with new username
$database->processQuery("UPDATE `users` SET `username` = ? WHERE `username` = ? LIMIT 1", array($_POST['new'], $_POST['old']), false);
$database->processQuery("UPDATE `posts` SET `username` = ? WHERE `username` = ?", array($_POST['new'], $_POST['old']), false);
$database->processQuery("UPDATE `threads` SET `username` = ? WHERE `username` = ?", array($_POST['new'], $_POST['old']), false);
$database->processQuery("UPDATE `messages` SET `creator` = ? WHERE `creator` = ?", array($_POST['new'], $_POST['old']), false);
$database->processQuery("UPDATE `messages` SET `receiver` = ? WHERE `receiver` = ?", array($_POST['new'], $_POST['old']), false);
$database->processQuery("UPDATE `replies` SET `username` = ? WHERE `username` = ?", array($_POST['new'], $_POST['old']), false);
$base->appendToFile('../forums/logs.txt', array($username . ' changed ' . $_POST['old'] . '\'s username to ' . $_POST['new']));
echo 'The user\'s username has successfully been changed. (<b>' . $_POST['old'] . ' -> ' . $_POST['new'] . ')';
}
?>
</div>
</div>
</div>
<img class="widescroll-bottom" src="../img/scroll/backdrop_765_bottom.gif" alt="" width="765" height="50" />
<div class="tandc"><?php
echo $data['wb_foot'];
?>
</div>
</body>
</html>
<input type="submit" value="Move">
<input type="hidden" name="action" value="<?php
echo $_GET['action'];
?>
">
<input type="hidden" name="threads" value="<?php
echo $_GET['threads'];
?>
">
</form>
<?php
} else {
foreach ($threads as $thread) {
moveThread($thread, $_GET['moveto'], $database);
$base->appendToFile('logs.txt', array($username . ' moved the thread ' . $thread . ' to ' . $_GET['moveto']));
}
$base->redirect('viewforum.php?forum=' . $_GET['moveto']);
}
} else {
foreach ($threads as $thread) {
switch ($action) {
case 1:
$forum_thread->hideThread($thread, $rank);
$base->appendToFile('logs.txt', array($username . ' hid/un-hid the thread ' . $thread));
break;
case 2:
$forum_thread->lock($thread, $rank);
$base->appendToFile('logs.txt', array($username . ' locked the thread ' . $thread));
break;
case 4:
</tr>
<tr><td>Announcement</td><td><textarea name="content" class="button" rows="20" cols="50" maxlength="100000">' . $base->remBr(stripslashes($data[0]['content'])) . '</textarea></td></tr>
<tr><td>Done?</td><td><input type="submit" class="button" value="Update"> <input type="submit" name="preview" class="button" value="Preview"> <input type="submit" name="delete" class="button" value="Delete"></td></tr>
</table>
</form>';
} elseif (isset($_POST['delete'])) {
$database->processQuery("DELETE FROM `news` WHERE `id` = ?", array($_GET['id']), false);
$content = 'The news post has been deleted.';
} elseif (isset($_POST['preview'])) {
$content = '<center><input type="button" class="button" value="Back" onclick="goBack()" /></center><br/>' . stripslashes(nl2br($_POST['content']));
} elseif (!in_array($_POST['category'], array(1, 2, 3, 4, 5, 6))) {
$content = 'Incorrect news category selected.';
} else {
//insert the news post
$database->processQuery("UPDATE `news` SET `title` = ?, `content` = ?, `category` = ?, `icon` = ? WHERE `id` = ? LIMIT 1", array($_POST['title'], nl2br($_POST['content']), $_POST['category'], $_POST['icon'], $_GET['id']), false);
$base->appendToFile('../forums/logs.txt', array($username . ' edited a news post'));
$base->redirect('../news/viewarticle.php?id=' . $_GET['id']);
}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns:IE>
<head>
<meta http-equiv="Expires" content="0">
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta name="MSSmartTagsPreventParsing" content="TRUE">
<title><?php
echo $data['wb_title'];
?>
</title>
<table>
<tr><td>Title</td><td><input type="text" class="button" name="title" maxlength="50" value="' . stripslashes($data[0]['title']) . '"></td></tr>
<tr><td>Content</td><td><textarea name="content" class="button" cols="60" rows="35">' . $base->remBr(stripslashes($data[0]['content'])) . '</textarea></td></tr>
<tr><td>Done?</td><td><input type="submit" class="button" value="Update"> <input type="submit" name="preview" class="button" value="Preview"></td></tr>
</table>
</form>';
} elseif (isset($_POST['delete'])) {
$database->processQuery("DELETE FROM `stories` WHERE `id` = ?", array($id), false);
$content = 'The story has been deleted.';
} elseif (isset($_POST['preview'])) {
$content = '<center><input type="button" class="button" value="Back" onclick="goBack()" /></center><br/>' . $base->addSpecials(stripslashes(nl2br($_POST['content'])), '../img/varrock/lores/');
} else {
//update the story to the new content/title
$database->processQuery("UPDATE `stories` SET `title` = ?, `content` = ? WHERE `id` = ? LIMIT 1", array($_POST['title'], nl2br($_POST['content']), $id), false);
//log it
$base->appendToFile('../forums/logs.txt', array($username . ' edited a story'));
$base->redirect('../stories/lores/story.php?id=' . $id);
}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns:IE>
<head>
<meta http-equiv="Expires" content="0">
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Cache-Control" content="no-cache">
<meta name="MSSmartTagsPreventParsing" content="TRUE">
<title><?php
echo $data['wb_title'];
?>
</title>
<?php
/*
* this file is for the threadmod.js's AJAX requests
*/
require '../../includes/config.php';
require '../../structure/database.php';
require '../../structure/base.php';
require '../../structure/forum.php';
require '../../structure/user.php';
$database = new database($db_host, $db_name, $db_user, $db_password);
$base = new base();
$user = new user($database);
$user->updateLastActive();
$username = $user->getUsername($_COOKIE['user'], 2);
$rank = $user->getRank($username);
if ($rank > 2 && isset($_POST['id']) && isset($_POST['title'])) {
//id of the thread we're editing
$id = $_POST['id'];
//currently only function we have, more soon
if (isset($_POST['title'])) {
$database->processQuery("UPDATE `threads` SET `title` = ? WHERE `id` = ?", array($_POST['title'], $id), false);
$base->appendToFile('../logs.txt', $username . ' changed a thread\'s name to: ' . $_POST['title']);
}
}