Exemplo n.º 1
0
File:                       admin/site_bans.php
$Revision$
Software by:                DateMill (http://www.datemill.com)
Copyright by:               DateMill (http://www.datemill.com)
Support at:                 http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license.                         *
******************************************************************************/
require_once '../includes/common.inc.php';
require_once '../includes/admin_functions.inc.php';
require_once '../includes/logs.inc.php';
allow_dept(DEPT_MODERATOR | DEPT_ADMIN);
$tpl = new phemplate('skin/', 'remove_nonjs');
$o = isset($_GET['o']) ? (int) $_GET['o'] : 0;
$r = isset($_GET['r']) ? (int) $_GET['r'] : current($accepted_results_per_page);
$where = "a.`fk_lk_id_reason`=b.`fk_lk_id` AND b.`skin`='" . get_default_skin_code() . "'";
$from = "`{$dbtable_prefix}site_bans` a,`{$dbtable_prefix}lang_strings` b";
$query = "SELECT count(*) FROM {$from} WHERE {$where}";
if (!($res = @mysql_query($query))) {
    trigger_error(mysql_error(), E_USER_ERROR);
}
$totalrows = mysql_result($res, 0, 0);
$loop = array();
if (!empty($totalrows)) {
    if ($o >= $totalrows) {
        $o = $totalrows - $r;
        $o = $o >= 0 ? $o : 0;
    }
    $config = get_site_option(array('datetime_format'), 'def_user_prefs');
    $query = "SELECT a.`ban_id`,a.`ban_type`,a.`what`,b.`lang_value` as `reason`,UNIX_TIMESTAMP(a.`since`) as `since` FROM {$from} WHERE {$where} LIMIT {$o},{$r}";
    if (!($res = @mysql_query($query))) {
Exemplo n.º 2
0
 }
 $input['access_level'] = !empty($input['access_level']) ? array_sum(array_keys($input['access_level'])) : 0;
 $input['pcat_name'] = sanitize_and_format_gpc($_POST, 'pcat_name', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], '');
 if (!empty($_POST['return'])) {
     $input['return'] = sanitize_and_format_gpc($_POST, 'return', TYPE_STRING, $__field2format[FIELD_TEXTFIELD] | FORMAT_RUDECODE, '');
     $nextpage = $input['return'];
 }
 // check for input errors
 if (empty($input['pcat_name'])) {
     $error = true;
     $topass['message']['type'] = MESSAGE_ERROR;
     $topass['message']['text'] = 'Please enter the category!';
     $input['error_pcat_name'] = 'red_border';
 }
 if (!$error) {
     $default_skin_code = get_default_skin_code();
     if (!empty($input['pcat_id'])) {
         $query = "UPDATE `{$dbtable_prefix}profile_categories` SET ";
         foreach ($profile_categories_default['defaults'] as $k => $v) {
             if (isset($input[$k])) {
                 $query .= "`{$k}`='" . $input[$k] . "',";
             }
         }
         $query = substr($query, 0, -1);
         $query .= " WHERE `pcat_id`=" . $input['pcat_id'];
         if (!($res = @mysql_query($query))) {
             trigger_error(mysql_error(), E_USER_ERROR);
         }
         $query = "SELECT `ls_id` FROM `{$dbtable_prefix}lang_strings` WHERE `fk_lk_id`=" . $input['fk_lk_id_pcat'] . " AND `skin`='{$default_skin_code}'";
         if (!($res = @mysql_query($query))) {
             trigger_error(mysql_error(), E_USER_ERROR);
Exemplo n.º 3
0
     if (!($res = @mysql_query($query))) {
         trigger_error(mysql_error(), E_USER_ERROR);
     }
     $output = $lk_id;
     break;
 case 'edit':
     $query = "UPDATE `{$dbtable_prefix}lang_strings` SET `lang_value`='{$val}' WHERE `fk_lk_id`={$lk_id} AND `skin`='" . get_default_skin_code() . "'";
     if (!($res = @mysql_query($query))) {
         trigger_error(mysql_error(), E_USER_ERROR);
     }
     if (!mysql_affected_rows()) {
         $query = "INSERT IGNORE INTO `{$dbtable_prefix}lang_keys` SET `lk_id`={$lk_id},`lk_type`=" . FIELD_TEXTFIELD . ",`lk_diz`='Field value',`lk_use`=" . LK_FIELD;
         if (!($res = @mysql_query($query))) {
             trigger_error(mysql_error(), E_USER_ERROR);
         }
         $query = "INSERT IGNORE INTO `{$dbtable_prefix}lang_strings` SET `fk_lk_id`={$lk_id},`lang_value`='{$val}',`skin`='" . get_default_skin_code() . "'";
         if (!($res = @mysql_query($query))) {
             trigger_error(mysql_error(), E_USER_ERROR);
         }
     }
     $output = $lk_id;
     break;
 case 'del':
     $query = "DELETE FROM `{$dbtable_prefix}lang_strings` WHERE `fk_lk_id`={$lk_id}";
     if (!($res = @mysql_query($query))) {
         trigger_error(mysql_error(), E_USER_ERROR);
     }
     $query = "DELETE FROM `{$dbtable_prefix}lang_keys` WHERE `lk_id`={$lk_id}";
     if (!($res = @mysql_query($query))) {
         trigger_error(mysql_error(), E_USER_ERROR);
     }
Exemplo n.º 4
0
if (isset($_SESSION['topass']['input'])) {
    $output = $_SESSION['topass']['input'];
    // our 'return' here was decoded in the processor
    $output['return2'] = $output['return'];
    $output['return'] = rawurlencode($output['return']);
} elseif (!empty($_GET['pcat_id'])) {
    $pcat_id = (int) $_GET['pcat_id'];
    $query = "SELECT * FROM `{$dbtable_prefix}profile_categories` WHERE `pcat_id`={$pcat_id}";
    if (!($res = @mysql_query($query))) {
        trigger_error(mysql_error(), E_USER_ERROR);
    }
    if (mysql_num_rows($res)) {
        $output = mysql_fetch_assoc($res);
    }
    $output['pcat_name'] = '';
    $query = "SELECT `lang_value` FROM `{$dbtable_prefix}lang_strings` WHERE `skin`='" . get_default_skin_code() . "' AND `fk_lk_id`=" . $output['fk_lk_id_pcat'];
    if (!($res = @mysql_query($query))) {
        trigger_error(mysql_error(), E_USER_ERROR);
    }
    if (mysql_num_rows($res)) {
        $output['pcat_name'] = mysql_result($res, 0, 0);
    }
    $output = sanitize_and_format($output, TYPE_STRING, $__field2format[TEXT_DB2EDIT]);
}
$query = "SELECT `m_value`,`m_name` FROM `{$dbtable_prefix}memberships`";
if (!($res = @mysql_query($query))) {
    trigger_error(mysql_error(), E_USER_ERROR);
}
$memberships = array();
while ($rsrow = mysql_fetch_row($res)) {
    $memberships[$rsrow[0]] = $rsrow[1];
Exemplo n.º 5
0
******************************************************************************/
require_once '../includes/common.inc.php';
require_once '../includes/admin_functions.inc.php';
require_once '../includes/tables/site_bans.inc.php';
require_once '../includes/logs.inc.php';
allow_dept(DEPT_MODERATOR | DEPT_ADMIN);
$tpl = new phemplate('skin/', 'remove_nonjs');
$output = $site_bans_default['defaults'];
if (isset($_SESSION['topass']['input'])) {
    $output = $_SESSION['topass']['input'];
    // our 'return' here was decoded in the processor
    $output['return2'] = $output['return'];
    $output['return'] = rawurlencode($output['return']);
} elseif (!empty($_GET['ban_id'])) {
    $ban_id = (int) $_GET['ban_id'];
    $query = "SELECT a.`ban_id`,a.`ban_type`,a.`what`,a.`fk_lk_id_reason`,b.`lang_value` as `reason` FROM `{$dbtable_prefix}site_bans` a,`{$dbtable_prefix}lang_strings` b WHERE a.`ban_id`={$ban_id} AND a.`fk_lk_id_reason`=b.`fk_lk_id` AND b.`skin`='" . get_default_skin_code() . "'";
    if (!($res = @mysql_query($query))) {
        trigger_error(mysql_error(), E_USER_ERROR);
    }
    if (mysql_num_rows($res)) {
        $output = mysql_fetch_assoc($res);
        $output['reason'] = sanitize_and_format($output['reason'], TYPE_STRING, $__field2format[TEXT_DB2EDIT]);
        if ($output['ban_type'] == _PUNISH_BANIP_) {
            $output['what'] = long2ip($output['what']);
        }
    }
}
$output['ban_type'] = vector2radios($accepted_punishments, 'ban_type', $output['ban_type'], array(_PUNISH_ERROR_));
$output['default_skin'] = get_default_skin_name();
if (empty($output['return'])) {
    $output['return2'] = sanitize_and_format_gpc($_GET, 'return', TYPE_STRING, $__field2format[FIELD_TEXTFIELD], '');
Exemplo n.º 6
0
$Revision$
Software by:                DateMill (http://www.datemill.com)
Copyright by:               DateMill (http://www.datemill.com)
Support at:                 http://www.datemill.com/forum
*******************************************************************************
* See the "docs/licenses/etano.txt" file for license.                         *
******************************************************************************/
require_once '../includes/common.inc.php';
require_once '../includes/admin_functions.inc.php';
allow_dept(DEPT_ADMIN);
$tpl = new phemplate('skin/', 'remove_nonjs');
$content = '';
if (isset($_GET['s'])) {
    $skin = sanitize_and_format($_GET['s'], TYPE_STRING, $__field2format[FIELD_TEXTFIELD]);
} else {
    $skin = get_default_skin_code();
}
$output['skin'] = $skin;
$query = "SELECT * FROM `{$dbtable_prefix}lang_keys` ORDER BY `lk_id` ASC";
if (!($res = @mysql_query($query))) {
    trigger_error(mysql_error(), E_USER_ERROR);
}
$i = 0;
$loop = array();
$temp = array();
while ($rsrow = mysql_fetch_assoc($res)) {
    $rsrow['lk'] = empty($rsrow['alt_id_text']) ? $rsrow['lk_id'] : sanitize_and_format($rsrow['alt_id_text'], TYPE_STRING, $__field2format[TEXT_DB2DISPLAY]);
    $rsrow['save_file'] = empty($rsrow['save_file']) ? 'global.inc.php' : $rsrow['save_file'];
    $loop[$i] = $rsrow;
    $loop[$i]['lang_value'] = '';
    if ($rsrow['lk_type'] == FIELD_TEXTFIELD) {