function SendP3P()
{
$this->P3PSent = true;
$Str = GetParam("P3P", "STRVAL");
$Ref = GetParam("P3P_REF", "STRVAL");
if (!ValidVar($Str)) {
return;
}
if (ValidVar($Ref)) {
$Ref = "policyref=\"{$Ref}\", ";
} else {
$Ref = "";
}
Header("P3P: {$Ref} CP=\"{$Str}\"");
}
function _Pagination($maxpos)
{
$curpos = GetParam("start_rec", 0);
// find current pos (0 if not)
$width = GetParam("limitcount", 100);
// Number of records per page
$PageName = $_SERVER["PHP_SELF"];
// Find the url parameters
$strurl = "action=Find" . ParamUrl();
$strurl .= "&OrderBy=" . GetStrParam("OrderBy");
// echo "width=",$width,"<br>" ;
// echo "curpos=",$curpos,"<br>" ;
// echo "maxpos=",$maxpos,"<br>" ;
echo "\n<center>";
$countlink = 0;
for ($ii = 0; $ii < $maxpos; $ii = $ii + $width) {
$i1 = $ii;
$i2 = min($ii + $width, $maxpos);
$countlink++;
if ($countlink > 20) {
echo "<a href=\"", $PageName, "?" . $strurl . "&start_rec=", $i1, "\"> ....</a> ";
break;
// do not put too much links
}
if ($curpos >= $i1 and $curpos < $i2) {
// mark in bold if it is the current position
echo "<b>";
}
echo "<a href=\"", $PageName, "?" . $strurl . "&start_rec=", $i1, "\">", $i1 + 1, "..", $i2, "</a> ";
if ($curpos >= $i1 and $curpos < $i2) {
// end of mark in bold if it is the current position
echo "</b>";
}
}
echo "</center>\n";
}
echo "For this you need the scope <b>" . $action . "</b> within <b>Panel</b> rights<br>";
exit(0);
}
break;
case "SaveToDB":
if (!HasRight('Pannel', $action)) {
// Check the rights
echo "For this you need the scope <b>" . $action . "</b> within <b>Panel</b> rights<br>";
exit(0);
}
$ii = 0;
$str = "truncate hcvol_config";
sql_query($str);
$str = "insert into hcvol_config(comment) values(concat('generated by " . $_SESSION["Username"] . " using AdminPannel ',now()))";
while (GetParam("SYSHCvol_key_" . $ii) != "" or GetParam("SYSHCvol_value_" . $ii) != "" or GetParam("SYSHCvol_comment_" . $ii) != "") {
$str = "insert into hcvol_config(syskey,value,comment) values('" . GetParam("SYSHCvol_key_" . $ii) . "','" . GetParam("SYSHCvol_value_" . $ii) . "','" . GetParam("SYSHCvol_comment_" . $ii) . "')";
sql_query($str);
$ii++;
}
$Message = "Storing content in Database";
LogStr("Saving file to base", "AdminPannel");
DisplayPannel(LoadingData("FromBase"), $Message);
// call the layout
exit(0);
break;
case "LoadFromDB":
if (!HasRight('Pannel', $action)) {
// Check the rights
echo "For this you need the scope <b>" . $action . "</b> within <b>Panel</b> rights<br>";
exit(0);
}
<?php
define('_ACCES', 1);
if (file_exists('../modules/global/config/database.php') && filesize('../modules/global/config/database.php') > 1) {
header("Location: ../index.php");
exit;
}
require_once 'common.php';
$DBhostname = GetParam($_POST, 'DBhostname', 'localhost');
$DBuserName = GetParam($_POST, 'DBuserName', 'root');
$DBpassword = GetParam($_POST, 'DBpassword', 'root');
$DBname = GetParam($_POST, 'DBname', 'cmj_jeu');
$etape = 3;
require_once 'header.php';
?>
<form action="install2.php" method="post" name="form" id="form" onsubmit="return check();">
<h1>Configuration de la base de données MySQL</h1>
<hr/>
<p>Veuillez entrer le nom du serveur (hostname) sur lequel le jeu va être installé. Par défaut celui-ci est <b>localhost</b></p>
<p>Entrez le <b>nom d'utilisateur</b>, le <b>mot de passe</b> et le <b>nom de la BDD MySQL</b> que vous allez utiliser avec Mon RPG.</p>
<table class="list_table">
<tr>
<td>Nom du serveur <br/>
<input name="DBhostname" type="text" class="inputbox" value="<?php
echo "{$DBhostname}";
?>
" size="50" />
<br />
<em>Habituellement 'localhost'</em></td>
</tr>
<tr>
function DisplayAdminMassMails($TData)
{
global $title;
$title = "Admin Mass Mails";
require_once "header.php";
Menu1("", ww('MainPage'));
// Displays the top menu
Menu2("admin/adminmassmails.php", ww('MainPage'));
// Displays the second menu
$MenuAction = " <li><a href=\"adminmassmails.php\">Admin Massmails</a></li>\n";
$MenuAction .= " <li><a href=\"adminmassmails.php?action=createbroadcast\">Create new broadcast</a></li>\n";
if (HasRight("MassMail", "Send")) {
// if has right to trig
$MenuAction .= " <li><a href=\"adminmassmails.php?action=ShowPendingTrigs\">Trigger mass mails</a></li>\n";
}
DisplayHeaderShortUserContent("Admin Mails - Broadcast Messages", "");
ShowLeftColumn($MenuAction, VolMenu());
$max = count($TData);
$max = 0;
echo " <div id=\"col3\"> \n";
echo " <div id=\"col3_content\" class=\"clearfix\"> \n";
echo " <div class=\"info clearfix\">\n";
echo "<table><tr><td align='right'>Please write here in </td><td bgcolor=yellow align=left>" . LanguageName($_SESSION['IdLanguage']) . "</td></table>";
echo "<br />";
// echo "<hr />\n";
echo "<table>\n";
echo "<form method=post action=adminmassmails.php>\n";
echo "<input type=hidden name=IdBroadCast value=", $TData->IdBroadcast, ">\n";
echo "<tr><td>subject</td><td> <textarea name=subject rows=1 cols=80>", GetParam(subject), "</textarea></td>";
echo "<tr><td>body</td><td> <textarea name=body rows=10 cols=80>", GetParam(body), "</textarea></td>";
echo "<tr><td>greetings</td><td> <textarea name=greetings rows=2 cols=80>", GetParam(greetings), "</textarea></td>";
echo "\n<tr><td colspan=2 align=center>";
echo "<input type='submit' name='action' value='find'>";
if (empty($TData->IdBroadcast)) {
echo " <input type=submit name=action value=update>";
} else {
echo " <input type=submit name=action value=update>";
}
echo "</td><td align=center>";
if (HasRight('MassMail', 'Send')) {
echo "Send <input type=checkbox name=send> ";
echo " <input type=submit name=action value=send>";
}
echo "</td> ";
echo "</form>\n";
echo "</table>\n";
echo "</div> <!-- info -->\n";
require_once "footer.php";
}
require_once SELF . "/lib/store.func.php";
require_once SYS . "/system/lib/validate.func.php";
/////////////////////////////////////////////
///////// prepare any variables
$EditArr = ValidArr($_GP['EditArr']) ? $_GP['EditArr'] : false;
$PageTitle = $Lang['Title'];
$nsLang->TplInc("inc/user_welcome");
$ProgPath[0]['Name'] = $Lang['Administr'];
$ProgPath[0]['Url'] = getURL("admin", "", "admin");
$ProgPath[1]['Name'] = $Lang['Title'];
$ProgPath[1]['Url'] = getURL("misc_config", "", "admin");
$MenuSection = "admin";
$Query = "SELECT * FROM " . PFX . "_tracker_config WHERE COMPANY_ID=0 AND SITE_ID=0";
$Settings = $Db->Select($Query);
$P3P = GetParam("P3P", "STRVAL");
$P3P_REF = GetParam("P3P_REF", "STRVAL");
/////////////////////////////////////////////
///////// call any process functions
if (!$nsUser->DEMO) {
if (ValidArr($EditArr)) {
SaveSettings($EditArr);
}
}
/////////////////////////////////////////////
///////// display section here
$SkinsArr = array();
$Path = SELF . "/skins";
clearstatcache();
$Dir = @opendir($Path);
while ($Row = @readdir($Dir)) {
if ($Row == "." || $Row == ".." || $Row == "CVS") {
// echo "ss=",$ss ;
// sql_query($ss) ;
$Message = " Query #" . $IdQuery . " removed for " . $Username;
}
// Reload the data
$rrQuery = LoadRow("select * from sqlforvolunteers where id=" . $IdQuery);
$ss = "select rightsvolunteers.*,rights.Name as RightName,members.Username,members.STatus as MemberStatus from rightsvolunteers,rights,members where rights.id=rightsvolunteers.IdRight and rightsvolunteers.Level>=1 and rights.Name='SqlForVolunteers' and (Scope like '%\"" . $IdQuery . "\"%' or Scope like '%\"All\"%') and members.id=rightsvolunteers.IdMember";
$TResult = array();
$qry = sql_query($ss);
while ($rr = mysql_fetch_object($qry)) {
array_push($TResult, $rr);
}
DisplayUsers($rrQuery, $TResult, NULL, $Message);
break;
case "execute":
$IdQuery = (int) GetParam("IdQuery", 0);
$rrQuery = LoadRow("select * from sqlforvolunteers where id=" . $IdQuery);
if (!isset($rrQuery->id)) {
DisplayMyResults(array(), array(), array(), $rrQuery, "Sorry your query has failed #IdQuery=<b>" . $IdQuery . "</b>", $TList);
break;
}
$IsQueryAllowedInGroup = LoadRow("select count(*) as cnt from sqlforgroupsmembers where IdGroup in (" . $membergrouplist . ") and IdQuery=" . $IdQuery);
if (!HasRight('SqlForVolunteers', '"' . $IdQuery . '"') and $IsQueryAllowedInGroup->cnt == 0) {
DisplayMyResults(array(), array(), array(), $rrQuery, "Sorry you miss right scope for query <b>" . $rrQuery->Name . "</b>", $TList);
LogStr("Trying to use a not allowed query (" . $rrQuery->Name . ")", "adminquery");
break;
}
$_TResult = array();
$_TTitle = array();
$_TTsqry = array();
$_rrQuery = array();
<?php
define('_ACCES', 1);
if (file_exists('../modules/global/config/database.php') && filesize('../modules/global/config/database.php') > 1) {
header("Location: ../index.php");
exit;
}
require_once 'common.php';
require_once 'db.class.php';
$DBhostname = GetParam($_POST, 'DBhostname', '');
$DBuserName = GetParam($_POST, 'DBuserName', '');
$DBpassword = GetParam($_POST, 'DBpassword', '');
$DBname = GetParam($_POST, 'DBname', '');
$DBPrefix = '';
$database = null;
$errors = array();
if (!$DBhostname || !$DBuserName || !$DBname) {
db_err("stepBack3", "Les paramètres de connexion à la base de données sont incorrects ou manquants.");
}
$database = new database($DBhostname, $DBuserName, $DBpassword, '', '', false);
$test = $database->getErrorMsg();
if (!$database->_resource) {
db_err('stepBack2', 'Le mot de passe et le nom d\'utilisateur sont incorrects.');
}
$configArray['DBhostname'] = $DBhostname;
$configArray['DBuserName'] = $DBuserName;
$configArray['DBpassword'] = $DBpassword;
$configArray['DBname'] = $DBname;
$sql = "CREATE DATABASE `{$DBname}`";
$database->setQuery($sql);
$database->query();
$majorupdate = ',majorupdate = NOW() ';
} else {
$majorupdate = '';
}
$str = "UPDATE words SET Description='" . addslashes($rwq->Description) . "',Sentence='" . GetStrParam("Question") . "' {$majorupdate} WHERE id=" . $rwq->id;
sql_query($str);
$str = "UPDATE words SET Description='" . addslashes($rwa->Description) . "',Sentence='" . GetStrParam("Answer") . "' {$majorupdate} WHERE id=" . $rwa->id;
sql_query($str);
$str = "UPDATE faq SET IdCategory=" . GetParam("IdCategory") . ",QandA='" . GetParam("QandA") . "',Active='" . GetStrParam("Status") . "',SortOrder=" . GetParam("SortOrder") . " WHERE id=" . $Faq->id;
sql_query($str);
LogStr("updating Faq #" . $Faq->id, "Update Faq");
break;
}
// prepare the list
if (GetParam("IdCategory")) {
$FilterCategory = " AND IdCategory=" . GetParam("IdCategory");
} else {
$FilterCategory = "";
}
if ($IdFaq != 0) {
// if one specific Faq is chosen
$str = "SELECT faq.*,faqcategories.Description AS CategoryName,PageTitle FROM faq,faqcategories WHERE faq.id=" . $IdFaq . " and faqcategories.id=faq.IdCategory " . $FilterCategory . $FilterActive . " ORDER BY faqcategories.SortOrder,faq.SortOrder";
} else {
$str = "SELECT faq.*,faqcategories.Description AS CategoryName,PageTitle FROM faq,faqcategories WHERE faqcategories.id=faq.IdCategory " . $FilterCategory . $FilterActive . " ORDER BY faqcategories.SortOrder,faq.SortOrder";
}
$qry = sql_query($str);
$TData = array();
while ($rWhile = mysql_fetch_object($qry)) {
array_push($TData, $rWhile);
}
DisplayFaq($TData, $rCat);
$repertoire = $_SESSION['repertoire'];
}
if ($RightLevel >= 5) {
// rigcht level 5 allow to overwrite scope
if (GetParam("scope") != "") {
$scope = GetParam("scope");
}
}
if (GetParam("s1") != "") {
$s1 = GetParam("s1");
}
if (GetParam("s2") != "") {
$s2 = GetParam("s2");
}
if (GetParam("stringnot") != "") {
$stringnot = GetParam("stringnot");
}
$previousres = "";
// will receive the result if any
switch ($action) {
case "logout":
Logout();
exit(0);
case "grep":
$ext = $scope;
$arrext = explode(";", $scope);
foreach ($arrext as $ext) {
$previousres .= "<tr><td><br /><br /><hr />scoping in <b>{$ext}</b></td>";
foreach (glob($repertoire . $ext) as $filename) {
$previousres .= analyse($filename, stripslashes($s1), $nbligne, stripslashes($s2), stripslashes($stringnot));
}
switch (GetParam("action")) {
case "del":
$str = "delete from intermembertranslations where IdTranslator=" . GetParam("IdTranslator") . " and IdMember=" . $IdMember;
sql_query($str);
LogStr("Removing translator <b>" . fUserName(GetParam("IdTranslator")) . "</b>", "mytranslators");
break;
case "add":
// todo
$IdTranslator = IdMember(GetParam("Username"), 0);
$IdLanguage = Getparam("IdLanguage");
$rr = LoadRow("select id from intermembertranslations where IdTranslator=" . $IdTranslator . " and IdMember=" . $IdMember . " and IdLanguage=" . $IdLanguage);
if (!isset($rr->id) and $IdTranslator != 0) {
// if not allready exists
$str = "insert into intermembertranslations(IdTranslator,IdMember,IdLanguage) values(" . $IdTranslator . "," . $IdMember . "," . $IdLanguage . ")";
sql_query($str);
LogStr("Adding translator <b>" . fUserName(GetParam("IdTranslator")) . "</b> for language", "mytranslators");
}
break;
}
$TData = array();
$str = "select intermembertranslations.*,members.Username,members.ProfileSummary,cities.Name as cityname,regions.Name as regionname,countries.Name as countryname,membersphotos.FilePath as photo,membersphotos.Comment";
$str .= " from intermembertranslations,cities,countries,regions,recentvisits,members left join membersphotos on membersphotos.IdMember=members.id and membersphotos.SortOrder=0 where cities.IdRegion=regions.id and countries.id=cities.IdCountry and cities.id=members.IdCity and status='Active' and members.id=intermembertranslations.IdTranslator and intermembertranslations.IdMember=" . $IdMember . " and members.status='Active' GROUP BY members.id order by intermembertranslations.updated desc";
$qry = sql_query($str);
while ($rr = mysql_fetch_object($qry)) {
if ($rr->ProfileSummary > 0) {
$rr->ProfileSummary = FindTrad($rr->ProfileSummary);
} else {
$rr->ProfileSummary = "";
}
array_push($TData, $rr);
}
function DisplayFaq($TFaq)
{
global $title;
$IdFaq = GetParam("IdFaq", 0);
$argv = $_SERVER["argv"];
if (isset($argv[1])) {
$IdFaq = $argv[1];
}
if ($IdFaq == 0) {
$title = ww('FaqPage');
} elseif ($TFaq[0]->PageTitle != "") {
$title = ww($TFaq[0]->PageTitle);
} else {
$title = ww("FaqQ_" . $TFaq[0]->QandA);
}
include "header.php";
Menu1("faq.php", ww('FaqPage'));
// Displays the top menu
Menu2("faq.php", ww('GetAnswers'));
echo "\n";
echo " <div id=\"main\">\n";
echo " <div id=\"teaser_bg\">\n";
echo " <div id=\"teaser\">\n";
echo " <h1>", $title, " </h1>\n";
echo " </div>\n";
//menugetanswers("faq.php", $title); // Display the generic header
echo " </div>\n";
// Content with just two columns
echo "\n";
echo " <div id=\"col3\" class=\"twocolumns\">\n";
echo " <div id=\"col3_content\" class=\"clearfix\">\n";
$iiMax = count($TFaq);
$LastCat = "";
// Display the list of the questions
echo "<div class=\"info\">\n";
for ($ii = 0; $ii < $iiMax; $ii++) {
if ($LastCat != $TFaq[$ii]->CategoryName) {
$LastCat = $TFaq[$ii]->CategoryName;
if (HasRight("Faq") > 0) {
echo "[<a href=\"faq.php?action=insert&IdCategory=", $TFaq[$ii]->IdCategory, "\">insert new faq in this category</a>]\n";
}
if ($IdFaq == 0) {
if ($ii > 0) {
echo "</ul><br/>\n";
}
echo " <h3>", ww($TFaq[$ii]->CategoryName), "</h3>\n<ul>\n";
}
}
$Q = ww("FaqQ_" . $TFaq[$ii]->QandA);
if ($IdFaq == 0) {
echo "<li>";
}
if ($TFaq[$ii]->QandA == "") {
$Q = " new ";
}
if (HasRight("Faq") > 0) {
if ($TFaq[$ii]->QandA == "") {
echo " [<a href=\"faq.php?action=edit&IdFaq=", $TFaq[$ii]->id, "\">edit this new faq</a>]\n";
} else {
echo " [<a href=\"faq.php?action=edit&IdFaq=", $TFaq[$ii]->id, "\">edit</a>]\n";
}
}
// echo " <a href=\"" . $_SERVER["PHP_SELF"] . "?IdFaq=", $TFaq[$ii]->id, "\">", $Q, "</a>";
if ($IdFaq == 0) {
if (IsLoggedIn()) {
echo " <a href=\"faq.php?IdFaq=" . $TFaq[$ii]->id . "\">", $Q, "</a></li>\n";
} else {
// If not login provide links to specific files
$ss = "select code from words where code=\"FaqA_" . $TFaq[$ii]->QandA . "\" and IdLanguage=" . $_SESSION["IdLanguage"];
// echo $ss ;
$rFak = LoadRow($ss);
if (empty($rFak->code)) {
echo " <a href=\"faq_" . $TFaq[$ii]->QandA . "_en.php\">", $Q, "</a></li>\n";
// Force english if the text is not yet translated to avoid several page with the same english default text
} else {
echo " <a href=\"faq_" . $TFaq[$ii]->QandA . "_" . $_SESSION["lang"] . ".php\">", $Q, "</a></li>\n";
}
}
}
}
// end of for $ii
if ($IdFaq == 0) {
echo "</ul><br/>\n";
}
// Display the list of the answers
for ($ii = 0; $ii < $iiMax and (IsLoggedIn() or $IdFaq != 0); $ii++) {
// echo " <div class=\"clear\" />\n";
if ($IdFaq == 0) {
echo " <h3>", ww($TFaq[$ii]->CategoryName), "</h3>";
}
$Q = ww("FaqQ_" . $TFaq[$ii]->QandA);
$A = ww("FaqA_" . $TFaq[$ii]->QandA);
if ($IdFaq == 0) {
echo "<h4><a name=\"", $TFaq[$ii]->id, "\"></a> ", $Q, "</h4>\n";
}
echo "<p>", str_replace("\n", "", $A), "</p>\n";
}
if (IsAdmin()) {
echo "<br/><p><a href=\"faq.php?action=rebuildextraphpfiles\">rebuild extra php files</a></p>";
}
include "footer.php";
exit(0);
}
case "AdminAbuser":
$Message = "Abusive Comments";
$count = getcount("AdminAbuserMustCheck", $RestrictToIdMember);
// call the layout
DisplayAdminComments(loaddata("AdminAbuserMustCheck", $RestrictToIdMember, $page, $comments_per_page), $Message, $page, $comments_per_page, $count, "AdminAbuserMustCheck");
exit(0);
break;
case "All":
$Message = "All Comments ";
$count = getcount("", $RestrictToIdMember);
// call the layout
DisplayAdminComments(loaddata("", $RestrictToIdMember, $page, $comments_per_page), $Message, $page, $comments_per_page, $count);
exit(0);
break;
case "ShowOneMember":
$RestrictToIdMember = IdMember(GetParam("cid", 0));
break;
case "HideAction":
$Message = "Toggle hide for general public";
toggleAction('DisplayInPublic', 0);
break;
case "UnhideAction":
$Message = "Toggle hide for general public";
toggleAction('DisplayInPublic', 1);
break;
case "DefaultEditAction":
$Message = "Toggle whether creator may edit post";
toggleAction('AllowEdit', 0);
break;
case "AllowEditAction":
$Message = "Toggle whether creator may edit post";
function send($to, $headers, $body)
{
global $global_smtp_configs, $global_mail_method;
include_once SYS . '/system/class/email/mail.php';
$mmethod = $global_mail_method;
if ($mmethod == 'smtp' && isset($global_smtp_configs)) {
$sender = Mail::factory('smtp', $global_smtp_configs);
} else {
if ($mmethod == 'sendmail') {
$sender = Mail::factory('sendmail', array('sendmail_path' => GetParam('sendmail_path', 'STRVAL'), 'sendmail_args' => ''));
} else {
$sender = Mail::factory('mail', '');
}
}
$sender->send($to, $headers, $body);
}
$content = $content . 'Passport number: ' . $passport . "\n\n";
$content = $content . 'Phone: ' . $telephone . "\n\n";
$content = $content . 'Major: ' . $major . "\n\n";
$content = $content . 'How many housemates are you willing to share with: ' . $housemates . "\n\n";
$content = $content . 'Districts that you like the most: ' . $districts . "\n\n";
$content = $content . 'Apartments that you like the Most (ID): ' . $apartments . "\n\n";
$mail_text = $content . 'Message:' . "\n\n" . $mail_text;
$content = $content . 'How did you hear about us?: ' . $howfind . "\n\n";
$content = $content . 'I agree with the Terms & Conditions: ' . $agree . "\n\n";
$send = 0;
if (@mail($mail_to, $mail_subject, $mail_text, $header)) {
echo "<div class=\"mailsendtext\"><p>Su formulario ha sido enviado.</p><p>Nos contactaremos con usted en 48 hs. para atender su consulta.</p>";
echo "<p><a href=\"" . GetParam('PHP_SELF', 'S') . "?from_name={$from_name}&from_mail={$from_mail}\">Volver al formulario de contacto.</a></p></div>";
} else {
echo "<p><b>Cuando se envía el mensaje ha producido un error!</b></p>";
echo "<p><a href=\"" . GetParam('PHP_SELF', 'S') . "?from_name={$from_name}&from_mail={$from_mail}&mail_subject={$mail_subject}&mail_text=";
echo urlencode($mail_text) . "\">Volver al formulario de contacto.</a></p>";
}
}
function GetParam($ParamName, $Method = 'P', $DefaultValue = '')
{
if ($Method == 'P') {
if (isset($_POST[$ParamName])) {
return $_POST[$ParamName];
} else {
return $DefaultValue;
}
} else {
if ($Method == 'G') {
if (isset($_GET[$ParamName])) {
return $_GET[$ParamName];
}
array_push($TData, $struct);
}
// end of while not feof
}
// end of loading data from file
return $TData;
}
// end of loading data
$RightLevel = HasRight('Pannel');
// Check the rights
if ($RightLevel < 1) {
echo "For this you need the <b>Pannel</b> rights<br>";
exit(0);
}
$action = GetParam("action");
$PannelScope = RightScope('Pannel');
$Message = "";
switch ($action) {
case "DiffDB":
if (!HasRight('Pannel', $action)) {
// Check the rights
echo "For this you need the scope <b>" . $action . "</b> within <b>Pannel</b> rights<br>";
exit(0);
}
break;
case "SaveToDB":
if (!HasRight('Pannel', $action)) {
// Check the rights
echo "For this you need the scope <b>" . $action . "</b> within <b>Pannel</b> rights<br>";
exit(0);
}
$ip = GetStrParam("ip", "");
if ($ip != "") {
$where .= " AND IpAddress=" . ip2long($ip) . "";
}
$type = GetStrParam("Type", "");
if ($type != "") {
$where .= " AND Type='" . $type . "'";
}
// If there is a Scope limit logs to the type in this Scope (unless it his own logs)
if (!HasRight('Logs', "\"All\"")) {
$scope = RightScope("Logs");
str_replace($scope, "\"", "'");
$where .= " AND (Type IN (" . $scope . ") OR IdMember=" . $_SESSION["IdMember"] . ") ";
}
switch (GetParam("action")) {
case "del":
// case a delete is requested
break;
}
$tData = array();
if (empty($where) and $start_rec == 0) {
// In this case we will avoid the FOUND_ROW which is a performance killer
$str = "SELECT logs.*,Username " . "FROM " . $_SYSHCVOL['ARCH_DB'] . ".logs LEFT JOIN members ON members.id=logs.IdMember " . "ORDER BY " . $_SYSHCVOL['ARCH_DB'] . ".logs.id DESC LIMIT {$start_rec}," . $limitcount;
$qry = sql_query($str);
$rCount = LoadRow("SELECT count(*) AS cnt from " . $_SYSHCVOL['ARCH_DB'] . ".logs");
} else {
$str = "SELECT SQL_CALC_FOUND_ROWS logs.*,Username " . "FROM " . $_SYSHCVOL['ARCH_DB'] . ".logs LEFT JOIN members ON members.id=logs.IdMember " . "WHERE 1=1 " . $where . " " . "ORDER BY " . $_SYSHCVOL['ARCH_DB'] . ".logs.id DESC LIMIT {$start_rec}," . $limitcount;
$qry = sql_query($str);
$rCount = LoadRow("SELECT FOUND_ROWS() AS cnt");
}
}
/*
* Game
*/
$config_game = "<?php\n\ndefined( 'SYSPATH' ) OR die( 'No direct access allowed.' );\n\n\$config['version'] = '3.0.0'; //Version de votre jeu\n\n\$config['name'] = '" . GetParam($_POST, 'name', 'Créer mon jeu') . "'; //Nom de votre jeu\n\n\$config['loginUser'] = TRUE; //Afficher la partie login\n\n\$config['registerUser'] = TRUE; //Afficher la partie register\n\n\$config['debug'] = FALSE; //Afficher la partie debug\n\n\$config['cache'] = FALSE; //Activer ou non le cache\n\n\$config['money'] = 'pts'; // money du jeu\n\n\$config['id_article_preambule'] = 67; //Article par defaut qui presente le jeu tout au début - Si FALSE, il n'y aura pas de préambule\n\n\$config['initialPosition'] = array( 'x' => 1, 'y' => 1, 'z' => 1, 'region' => 1 ); //position initial lors de la création d'un joueur\n\n\$config['initialSpeed'] = 4; //Vitesse que le joueur possède lors de son initialisation\n\n\$config['initialGravity'] = 0.7; //Gravité que le joueur possède lors de son initialisation\n\n\$config['initialHandRight'] = 12; //Arme par defaut\n\n\$config['initialArgent'] = 1000; //Argent que le joueur possède lors de son initialisation\n\n\$config['initialAvatar'] = 'default.png'; //Avatar que le joueur possède lors de son initialisation\n\n\$config['initialHP'] = 100; //HP que le joueur possède lors de son initialisation (ATTENTION la valeur vaut pour le max hp et la valeur de celui du joueur (100% au final))\n\n\$config['initialMP'] = 10; //MP que le joueur possède lors de son initialisation (ATTENTION la valeur vaut pour le max hp et la valeur de celui du joueur (100% au final))\n\n\$config['description'] = '<h2>Un éditeur de MMORPG en ligne</h2><p>Bienvenue sur l\\'éditeur de jeux <strong>Mon RPG</strong>, vous avez toujours rêvé de faire votre jeu multijoueurs sans aucune connaissance en programmation ?</p><p><strong>Mon RPG</strong> possède des outils intuitifs et très simples à prendre en mains. De nombreuses ressources vous sont également proposés afin que vous puissiez créer le jeu de vos rêves. De nombreux modules en constantes évolutions vous sont accèssible dans la partie administration pour vous permettre de proposé à vos joueurs une expérience de jeu riche et unique.<p>'; //Description du jeu\n?>";
$canWrite_game = false;
if ($fp = fopen("../system/config/game.php", "w")) {
fputs($fp, $config_game, strlen($config_game));
fclose($fp);
$canWrite_game = true;
}
/*
* Systeme public
*/
$config_config = "<?php\n\n/*\n\t* Options:\n\t* site_domain - domain and installation directory\n\t* site_protocol - protocol used to access the site, usually HTTP\n\t* index_page - name of the front controller, can be removed with URL rewriting\n\t* url_suffix - an extension that will be added to all generated URLs\n\t* internal_cache - whether to store file paths and config entries across requests\n\t* output_compression - enable or disable GZIP output compression\n\t* global_xss_filtering - enable or disable XSS attack filtering on all user input\n\t* enable_hooks - enable or disable hooks.\n\t* log_threshold - sets the logging threshold\n\t* log_directory - directory to save logs to\n\t* display_errors - whether to show Kohana error pages or not\n\t* render_stats - render the statistics information in the final page output\n\t* extension_prefix - filename prefix for library extensions\n\t* modules - extra Kohana resource paths,\n\t*/\n\ndefined(\t'SYSPATH'\t)\tOR\tdie(\t'No direct access allowed.'\t);\n/**\n\t* Base path of the web site. If this includes a domain, eg: localhost/kohana/\n\t* then a full URL will be used, eg: http://localhost/kohana/. If it only includes\n\t* the path, and a site_protocol is specified, the domain will be auto-detected.\n\t*/\n\$config['site_domain']\t=\t'" . GetParam($_POST, 'site_domain', $_SERVER['HTTP_HOST']) . "/';\n\n/**\n\t* Force a default protocol to be used by the site. If no site_protocol is\n\t* specified, then the current protocol is used, or when possible, only an\n\t* absolute path (with no protocol/domain) is used.\n\t*/\n\$config['site_protocol']\t=\t'';\n\n/**\n\t* Name of the front controller for this application. Default: index.php\n\t*\n\t* This can be removed by using URL rewriting.\n\t*/\n\$config['index_page']\t=\t'index.php';\n\n/**\n\t* Fake file extension that will be added to all generated URLs. Example: .html\n\t*/\n\$config['url_suffix']\t=\t'';\n\n/**\n\t* Length of time of the internal cache in seconds. 0 or FALSE means no caching.\n\t* The internal cache stores file paths and config entries across requests and\n\t* can give significant speed improvements at the expense of delayed updating.\n\t*/\n\$config['internal_cache']\t=\tTRUE;\n\n/**\n\t* Internal cache directory.\n\t*/\n\$config['internal_cache_path']\t=\tDOCROOT.'cache/';\n\n/**\n\t* Enable internal cache encryption - speed/processing loss\n\t* is neglible when this is turned on. Can be turned off\n\t* if application directory is not in the webroot.\n\t*/\n\$config['internal_cache_encrypt']\t=\tFALSE;\n\n/**\n\t* Encryption key for the internal cache, only used\n\t* if internal_cache_encrypt is TRUE.\n\t*\n\t* Make sure you specify your own key here!\n\t*\n\t* The cache is deleted when/if the key changes.\n\t*/\n\$config['internal_cache_key']\t=\t'foobar-changeme';\n\n/**\n\t* Enable or disable gzip output compression. This can dramatically decrease\n\t* server bandwidth usage, at the cost of slightly higher CPU usage. Set to\n\t* the compression level (1-9) that you want to use, or FALSE to disable.\n\t*\n\t* Do not enable this option if you are using output compression in php.ini!\n\t*/\n\$config['output_compression']\t=\t5;\n\n/**\n\t* Enable or disable global XSS filtering of GET, POST, and SERVER data. This\n\t* option also accepts a string to specify a specific XSS filtering tool.\n\t*/\n\$config['global_xss_filtering']\t=\tTRUE;\n\n/**\n\t* Enable or disable hooks.\n\t*/\n\$config['enable_hooks']\t=\tFALSE;\n\n/**\n\t* Log thresholds:\n\t* 0 - Disable logging\n\t* 1 - Errors and exceptions\n\t* 2 - Warnings\n\t* 3 - Notices\n\t* 4 - Debugging\n\t*/\n\$config['log_threshold']\t=\t1;\n\n/**\n\t* Message logging directory.\n\t*/\n\$config['log_directory']\t=\tDOCROOT.'logs/';\n\n/**\n\t* Enable or disable displaying of Kohana error pages. This will not affect\n\t* logging. Turning this off will disable ALL error pages.\n\t*/\n\$config['display_errors']\t=\tTRUE;\n\n/**\n\t* Enable or disable statistics in the final output. Stats are replaced via\n\t* specific strings, such as {execution_time}.\n\t*\n\t* @see http://docs.kohanaphp.com/general/configuration\n\t*/\n\$config['render_stats']\t=\tTRUE;\n\n/**\n\t* Filename prefixed used to determine extensions. For example, an\n\t* extension to the Controller class would be named MY_Controller.php.\n\t*/\n\$config['extension_prefix']\t=\t'my_';\n\n/**\n\t* Additional resource paths. Each path can either be absolute\n\t* or relative to the docroot. Modules can include any resource that can exist\n\t* in your application directory, configuration files, controllers, views, etc.\n\t*/\n\$config['modules']\t=\tarray\n\t\t(\n\t\tMODPATH.'global',\n\t\tMODPATH.'auth',\n\t\tMODPATH.'game',\n\t\tMODPATH.'plugins',\n);\n?>";
$canWrite_config = false;
if ($fp = fopen("../application/config/config.php", "w")) {
fputs($fp, $config_config, strlen($config_config));
fclose($fp);
$canWrite_config = true;
}
/*
* Systeme public
*/
$config_config_admin = "<?php\n\n/*\n\t* Options:\n\t* site_domain - domain and installation directory\n\t* site_protocol - protocol used to access the site, usually HTTP\n\t* index_page - name of the front controller, can be removed with URL rewriting\n\t* url_suffix - an extension that will be added to all generated URLs\n\t* internal_cache - whether to store file paths and config entries across requests\n\t* output_compression - enable or disable GZIP output compression\n\t* global_xss_filtering - enable or disable XSS attack filtering on all user input\n\t* enable_hooks - enable or disable hooks.\n\t* log_threshold - sets the logging threshold\n\t* log_directory - directory to save logs to\n\t* display_errors - whether to show Kohana error pages or not\n\t* render_stats - render the statistics information in the final page output\n\t* extension_prefix - filename prefix for library extensions\n\t* modules - extra Kohana resource paths,\n\t*/\n\ndefined(\t'SYSPATH'\t)\tOR\tdie(\t'No direct access allowed.'\t);\n/**\n\t* Base path of the web site. If this includes a domain, eg: localhost/kohana/\n\t* then a full URL will be used, eg: http://localhost/kohana/. If it only includes\n\t* the path, and a site_protocol is specified, the domain will be auto-detected.\n\t*/\n\$config['site_domain']\t=\t'" . GetParam($_POST, 'site_domain', $_SERVER['HTTP_HOST']) . "/admin/';\n\n/**\n\t* Force a default protocol to be used by the site. If no site_protocol is\n\t* specified, then the current protocol is used, or when possible, only an\n\t* absolute path (with no protocol/domain) is used.\n\t*/\n\$config['site_protocol']\t=\t'';\n\n/**\n\t* Name of the front controller for this application. Default: index.php\n\t*\n\t* This can be removed by using URL rewriting.\n\t*/\n\$config['index_page']\t=\t'index.php';\n\n/**\n\t* Fake file extension that will be added to all generated URLs. Example: .html\n\t*/\n\$config['url_suffix']\t=\t'';\n\n/**\n\t* Length of time of the internal cache in seconds. 0 or FALSE means no caching.\n\t* The internal cache stores file paths and config entries across requests and\n\t* can give significant speed improvements at the expense of delayed updating.\n\t*/\n\$config['internal_cache']\t=\tTRUE;\n\n/**\n\t* Internal cache directory.\n\t*/\n\$config['internal_cache_path']\t=\tDOCROOT.'../cache/';\n\n/**\n\t* Enable internal cache encryption - speed/processing loss\n\t* is neglible when this is turned on. Can be turned off\n\t* if application directory is not in the webroot.\n\t*/\n\$config['internal_cache_encrypt']\t=\tFALSE;\n\n/**\n\t* Encryption key for the internal cache, only used\n\t* if internal_cache_encrypt is TRUE.\n\t*\n\t* Make sure you specify your own key here!\n\t*\n\t* The cache is deleted when/if the key changes.\n\t*/\n\$config['internal_cache_key']\t=\t'foobar-changeme';\n\n/**\n\t* Enable or disable gzip output compression. This can dramatically decrease\n\t* server bandwidth usage, at the cost of slightly higher CPU usage. Set to\n\t* the compression level (1-9) that you want to use, or FALSE to disable.\n\t*\n\t* Do not enable this option if you are using output compression in php.ini!\n\t*/\n\$config['output_compression']\t=\t5;\n\n/**\n\t* Enable or disable global XSS filtering of GET, POST, and SERVER data. This\n\t* option also accepts a string to specify a specific XSS filtering tool.\n\t*/\n\$config['global_xss_filtering']\t=\tTRUE;\n\n/**\n\t* Enable or disable hooks.\n\t*/\n\$config['enable_hooks']\t=\tFALSE;\n\n/**\n\t* Log thresholds:\n\t* 0 - Disable logging\n\t* 1 - Errors and exceptions\n\t* 2 - Warnings\n\t* 3 - Notices\n\t* 4 - Debugging\n\t*/\n\$config['log_threshold']\t=\t1;\n\n/**\n\t* Message logging directory.\n\t*/\n\$config['log_directory']\t=\tDOCROOT.'../logs/';\n\n/**\n\t* Enable or disable displaying of Kohana error pages. This will not affect\n\t* logging. Turning this off will disable ALL error pages.\n\t*/\n\$config['display_errors']\t=\tTRUE;\n\n/**\n\t* Enable or disable statistics in the final output. Stats are replaced via\n\t* specific strings, such as {execution_time}.\n\t*\n\t* @see http://docs.kohanaphp.com/general/configuration\n\t*/\n\$config['render_stats']\t=\tTRUE;\n\n/**\n\t* Filename prefixed used to determine extensions. For example, an\n\t* extension to the Controller class would be named MY_Controller.php.\n\t*/\n\$config['extension_prefix']\t=\t'my_';\n\n/**\n\t* Additional resource paths. Each path can either be absolute\n\t* or relative to the docroot. Modules can include any resource that can exist\n\t* in your application directory, configuration files, controllers, views, etc.\n\t*/\n\$config['modules']\t=\tarray\n\t\t(\n\t\tMODPATH.'global',\n\t\tMODPATH.'auth',\n\t\tMODPATH.'admin',\n\t\tMODPATH.'plugins',\n);\n?>";
$canWrite_config_admin = false;
if ($fp = fopen("../admin/application/config/config.php", "w")) {
fputs($fp, $config_config_admin, strlen($config_config_admin));
fclose($fp);
$canWrite_config_admin = true;
}
case "check":
// Load the Message list
$ii = 0;
if (GetStrParam("IdSender", "") != "") {
$strlist = "select messages.*,messages.Status as MessageStatus,mSender.Username as Username_sender,mReceiver.Username as Username_receiver from messages,members as mSender,members as mReceiver where messages.Status='ToCheck' and mSender.id=IdSender and mReceiver.id=IdReceiver and messages.IdSender=" . IdMember(GetStrParam("IdSender")) . " order by messages.id desc";
// echo $strlist,"<br>\n" ;
} else {
$strlist = "select messages.*,messages.Status as MessageStatus,mSender.Username as Username_sender,mReceiver.Username as Username_receiver from messages,members as mSender,members as mReceiver where messages.Status='ToCheck' and mSender.id=IdSender and mReceiver.id=IdReceiver order by messages.id desc";
}
$qry = sql_query($strlist);
$count = 0;
while (GetParam("IdMess_" . $ii, 0) != 0) {
$ss = "select messages.*,messages.Status as MessageStatus,mSender.Username as Username_sender,mReceiver.Username as Username_receiver from messages,members as mSender,members as mReceiver where mSender.id=IdSender and mReceiver.id=IdReceiver and messages.id=" . GetParam("IdMess_" . $ii);
$rr = LoadRow($ss);
// echo "checking :",$rr->id," [",GetStrParam("Approve_" . $ii)."] IdMess_".$ii,"=",GetParam("IdMess_" . $ii),"<br> " ;
if (GetParam("IdMess_" . $ii) == $rr->id) {
// If this message is in the list of checked message
// echo "Approve_",$ii,"=",GetStrParam("Approve_".$ii),"<br>";
$SpamChange = "";
if ($rr->SpamInfo == "NotSpam" and GetStrParam("Mark_Spam_" . $ii) == "on") {
// If it was not considered as spam, but checker say it is a spam
$SpamChange = ",SpamInfo='SpamSayChecker'";
}
if ($rr->SpamInfo == "SpamBlkWord" and GetStrParam("Mark_Spam_" . $ii) == "") {
// If it was considered as spam, but checker say it is not
$SpamChange = ",SpamInfo='NotSpam'";
}
if (GetStrParam("Approve_" . $ii) == "on") {
$count++;
$str = "update messages set IdChecker=" . $_SESSION['IdMember'] . ",Status='ToSend'" . $SpamChange . " where id=" . $rr->id;
// echo "str=$str","<br>";
