function local_headers()
{
global $cTheme;
echo "<html><head><title>" . BOT_NAME . "@ (Accept Application)</title>";
std_theme_styles();
echo "</head>\n";
std_theme_body("../../");
if (acl(XCHGMGR_ADMIN)) {
echo "<h2>" . BOT_NAME . "@ Admin (Accept Application)</h2>\n";
} else {
echo "<h2>" . BOT_NAME . "@ Review (Accept Application)</h2>\n";
}
}
/**
* Devuelve true si el usuario actual tiene acceso a la URL $url
*
* @param string $url
* @return boolean
*/
public static function open_url($url)
{
list($controller, $action, $type) = controller_action($url);
switch ($controller) {
case 'admin':
$result = acl('p:Admin');
break;
case 'profile':
$result = User::current() instanceof User;
break;
case 'special':
$result = acl('p:Special');
break;
default:
$result = true;
break;
}
return $result;
}
$res = pg_safe_exec("SELECT user_name FROM users WHERE id='" . (int) $user_id . "'");
$adm_usr = pg_fetch_object($res, 0);
$adm_user = $adm_usr->user_name;
if ($admin == 0) {
echo "Restricted to logged in CService Admins, sorry.";
die;
}
if (!($admin >= 800)) {
echo "Sorry, your admin access is too low.";
die;
}
$nrw_lvl = 0;
if (acl(XWEBAXS_2)) {
$nrw_lvl = 1;
}
if (acl(XWEBAXS_3)) {
$nrw_lvl = 2;
}
echo "<html><head><title>LOCKED VERIFICATION ANSWERS (DELETE MODE)</title>";
std_theme_styles();
echo "</head>\n";
std_theme_body("../");
if ($admin < $min_lvl) {
echo "Sorry, Your admin access is too low.<br><br>\n";
echo "</body></html>\n\n";
die;
}
$special_pass = CRC_SALT_0010;
if ($id <= 0 || $id == "") {
echo "<b>INVALID ARGUMENTS</b> - <a href=\"./index.php\">Click here</a><br>\n";
} else {
}
} else {
echo "<br><br>Invalid credentials";
}
echo "</body></html>\n\n";
die;
break;
}
if (!acl(XCOMPLAINTS_ADM_REPLY) || $admin == 0) {
die("ERROR-1337: You cannot access that page, sorry.");
}
// ... then the admin only part(s)...
$cTheme = get_theme_info();
std_theme_styles(1);
std_theme_body();
if (!acl(XCOMPLAINTS_ADM_REPLY) && !acl(XCOMPLAINTS_ADM_READ)) {
die("Your level is too low to access this page</body></html>");
}
echo "<h2>Complaint Manager";
switch ($_GET["A"]) {
case 'replyadm':
echo " (reply to user)";
break;
case 'cancel':
echo " (force ticket close)";
break;
case 'resolve':
echo " (ticket resolve)";
break;
case 'delete':
echo " (ticket removal)";
<?php
$min_lvl = 800;
/* $Id: newusers.php,v 1.2 2003/08/31 19:52:16 nighty Exp $ */
require "../../../php_includes/cmaster.inc";
std_connect();
$user_id = std_security_chk($auth);
$admin = std_admin();
if (!acl(XWEBCTL)) {
echo "<b>Go away</b>!!!";
die;
}
if ($switch == "ON" && newusers_off()) {
echo "Already LOCKED";
die;
}
if ($switch == "OFF" && !newusers_off()) {
echo "Already UNLOCKED";
die;
}
if ($switch == "ON") {
pg_safe_exec("INSERT INTO locks VALUES (3,now()::abstime::int4," . $user_id . ")");
}
if ($switch == "OFF") {
pg_safe_exec("DELETE FROM locks WHERE section='3'");
pg_safe_exec("DELETE FROM counts WHERE count_type='1'");
}
header("Location: redir.php?RET=index.php");
die;
$p = str_rot13($p);
if (!empty($_SESSION['CO'][$p])) {
unset($_SESSION['CO'][$p]);
} else {
if (!empty($_SESSION['MO'][$p])) {
unset($_SESSION['MO'][$p]);
}
$_SESSION['CO'][$p] = 1;
}
}
if (isset($_POST['fca']) && !empty($_POST['fc'])) {
foreach ($_POST['fc'] as $f) {
acl($f);
}
} elseif (!empty($_POST['fcf'])) {
acl($_POST['fcf']);
}
} elseif (isset($_POST['fbc'])) {
unset($_SESSION['MO'], $_SESSION['CO']);
} elseif (isset($_POST['fbp'])) {
function cd($p, $d)
{
$p = @realpath($p);
$sd = @stat($d);
$n = $d . DIRECTORY_SEPARATOR . bname($p);
if (@is_dir($n) && @is_writable($n) || @mkdir($n)) {
if ($h = @opendir($p)) {
$s = @stat($n);
while (FALSE !== ($f = @readdir($h))) {
if ($f != '.' && $f != '..') {
if (@is_dir($p . DIRECTORY_SEPARATOR . $f)) {
if ($admin == 0 && !acl(XWEBAXS_2) && !acl(XWEBAXS_3) && !acl(XDOMAIN_LOCK)) {
echo "Sorry, your admin access is too low.";
die;
}
$nrw_lvl = 0;
if (acl(XWEBAXS_2)) {
$nrw_lvl = 1;
}
if (acl(XWEBAXS_3)) {
$nrw_lvl = 2;
}
echo "<html><head><title>Domain Lock (DELETE MODE)</title>";
std_theme_styles();
echo "</head>\n";
std_theme_body("../");
if ($admin < $min_lvl && !acl(XDOMAIN_LOCK)) {
echo "Sorry, Your admin access is too low.<br><br>\n";
echo "</body></html>\n\n";
die;
}
$special_pass = CRC_SALT_0005;
if ($id <= 0 || $id == "") {
echo "<b>INVALID ARGUMENTS</b> - <a href=\"./index.php\">Click here</a><br>\n";
} else {
if ($crc != md5("{$HTTP_USER_AGENT}{$special_pass}{$ts}")) {
echo "<b>Domain/User Lock</b> Editor (DELETE MODE) - <a href=\"./index.php\">Home</a> - <a href=\"add.php\">Add a new entry</a><br><br>\n";
echo "<h2>Are you sure you want to permanently delete this DOMAIN/USER LOCK entry ?<h3><br>\n";
$res = pg_safe_exec("select * from {$lock_domain_table} where id='{$id}'");
$row = pg_fetch_object($res, 0);
$dom = $row->domain;
if (ereg("@", $dom)) {
<?php
require "../../../php_includes/cmaster.inc";
std_init();
$cTheme = get_theme_info();
std_theme_styles(1);
std_theme_body("../");
if (!acl(XWEBSESS)) {
echo "Oi! What are you doing here eh?";
exit;
}
?>
<!-- $Id: view_admins.php,v 1.9 2004/07/25 03:31:51 nighty Exp $ //-->
<h1>Admins Logged to the website</h1><h3>
<a href="index.php">Back</a></h3>
<hr>
<?php
$ENABLE_COOKIE_TABLE = 1;
pg_safe_exec("DELETE FROM webcookies WHERE expire<now()::abstime::int4");
$r1 = pg_safe_exec("SELECT COUNT(*) AS count FROM webcookies WHERE is_admin>0");
$r2 = pg_safe_exec("SELECT COUNT(*) AS count FROM webcookies WHERE is_admin=0");
$active_mins = 20;
$r3 = pg_safe_exec("SELECT COUNT(*) AS count FROM webcookies WHERE is_admin=0 AND expire>(now()::abstime::int4+" . $active_mins . "*60)");
$s1 = pg_fetch_object($r1, 0);
$s2 = pg_fetch_object($r2, 0);
$s3 = pg_fetch_object($r3, 0);
echo "<b>" . $s1->count . "</b> CService official(s) logged in, ";
echo "<b>" . $s2->count . "</b> regular user(s) logged in, ";
if ($s3->count > $s2->count) {
$s3c = $s2->count;
} else {
<?php
include "../../../../php_includes/cmaster.inc";
std_init();
/* $Id: view_tmp.php,v 1.6 2003/05/25 06:36:29 nighty Exp $ */
$ENABLE_COOKIE_TABLE = 0;
if (!acl(XCHGMGR_ADMIN) && $admin < 600) {
echo "Wrong way ;)";
die;
}
if (!acl(XCHGMGR_ADMIN)) {
$spc_user = 1;
} else {
$spc_user = 0;
}
$cTheme = get_theme_info();
echo "<html><head><title>" . BOT_NAME . "@ (Channels with a temporary manager)</title>";
?>
<style type=text/css>
<!--
.frauduser { color: #<?php
echo $cTheme->main_headtextcolor;
?>
; background: #<?php
echo $cTheme->main_frauduser;
?>
; bgcolor: #<?php
echo $cTheme->main_frauduser;
?>
; }
//-->
function check_login($type)
{
global $url_string;
switch ($type) {
case 'anonymous':
if (defined(DISABLED)) {
redirect(DISABLED);
}
anonymous_session();
break;
case 'special':
check_login_special();
if (!acl("open_url", $url_string)) {
redirect_to('noaccess.php');
}
break;
case 'xmlrpc':
check_login_xmlrpc();
if (!acl("open_url", $url_string)) {
forward_to('xmlrpc', 'noaccess');
}
break;
case 'standard':
check_login_standard();
if (!acl("open_url", $url_string)) {
redirect_to('noaccess.php');
}
break;
default:
redirect_to('noaccess.php');
break;
}
}
$isAdmin = 1;
} else {
$isAdmin = 0;
}
if ($isAdmin && $isAdminLvl >= $admin && $user_id != $id && $admin != 1000) {
header("Location: users.php?id={$id}&r=2&fc=" . md5($id . 2 . CRC_SALT_0013));
exit;
}
// non admin's/ACL can't edit people other than themselves
if ($admin < 600 && !acl(XAT_CAN_EDIT) && $user_id != $id) {
header("Location: users.php?id={$id}&r=3&fc=" . md5($id . 3 . CRC_SALT_0013));
exit;
}
$id = $id + 0;
//activate user_log if an admin or an acl user modifies someone else than him/herself
if (($admin > 0 || acl(XAT_CAN_EDIT)) && $user_id != $id) {
$log = 1;
} else {
$log = 0;
}
function set_flag($allowed, &$num, $bit, $bool)
{
global $database;
if (!$allowed) {
return;
}
switch ($bool) {
case "off":
$num = (int) $num & ~(int) $bit;
break;
case "on":
$daval = explode(" ", $val);
$microtime = $daval[0] * 1000000000;
$time = $daval[1];
$cookie = md5(CRC_SALT_0007 . $time . $microtime . $username . $password . $user_id . CRC_SALT_0009);
// Remove any previous login.
$ENABLE_COOKIE_TABLE = 1;
//pg_safe_exec(CLEAR_COOKIES_QUERY);
pg_safe_exec("delete from webcookies where user_id = " . (int) $user_id);
$ENABLE_COOKIE_TABLE = 0;
unset($is_alumni);
$is_alumni = 0;
if ($ouu->flags & 128 && $is_admin > 0) {
$is_alumni = 1;
}
// check IP restrictions . . . (only for * persons or persons with an ACL set, excepted ALUMNIs (as X on IRC))
if ($is_alumni == 0 && ($is_admin > 0 || acl())) {
if (is_ip_restrict()) {
header("Pragma: no-cache");
echo "<META HTTP-EQUIV=\"Pragma\" CONTENT=\"no-cache\">\n";
echo "<html>\n";
echo "<head><title>Error</title>";
std_theme_styles();
echo "</head>";
std_theme_body();
echo "<font size=+0>\n";
echo "You can't login to this account using your current IP number (" . cl_ip() . ").<br><br>";
echo "<a href=\"index.php\" target=\"_top\">click here</a>.<br>\n";
echo "</font></body></html>\n\n";
die;
}
}
require "../../php_includes/cmaster.inc";
std_init();
unset($axslock);
unset($da_u_adm);
$axslock = 1;
$da_u_adm = 0;
if (acl(XIPR_MOD_OWN) && $user_id == (int) $_GET["user_id"]) {
$axslock = 0;
}
$tmpr = @pg_safe_exec("SELECT access FROM levels WHERE channel_id=1 AND user_id=" . (int) $_GET["user_id"] . "");
if ($tmpr) {
if ($tmpo = pg_fetch_object($tmpr)) {
$da_u_adm = (int) $tmpo->access;
}
}
if (acl(XIPR_MOD_OTHERS) && ($admin > $da_u_adm || $admin >= $min_lvl)) {
$axslock = 0;
}
if ($axslock == 1) {
die("Oi! what are you doing here ?!");
}
$cTheme = get_theme_info();
if (check_secure_form("delfrm" . $_POST["user_id"])) {
pg_safe_exec("DELETE FROM ip_restrict WHERE user_id=" . (int) $_POST["user_id"] . " AND id=" . (int) $_POST["delid"] . "");
header("Location: ip_restrict.php?user_id=" . (int) $_POST["user_id"]);
die;
}
$usrq = pg_safe_exec("SELECT * FROM users WHERE id=" . (int) $_GET["user_id"] . "");
$usr = pg_fetch_object($usrq);
$err = "";
if (check_secure_form("addrestrict" . $_POST["user_id"])) {
echo "<input type=button onClick=\"to_resolved()\" value=\"Mark as RESOLVED\"> ";
}
if ($o->status < 3) {
echo "<input type=button onClick=\"to_abandonned()\" value=\"Mark as ABANDONNED\"> ";
}
if ($admin >= 800 && $o->status != 99) {
echo "<input type=button onClick=\"to_deleted()\" value=\"Mark as DELETED\">";
}
}
if ($o->reviewed_by_id > 0) {
echo "<br><br>";
$lastid_RT = show_ticket_events($o->id);
} else {
$lastid_RT = 0;
}
if (acl(XCOMPLAINTS_ADM_REPLY) && COMPLAINTS_DO_FOLLOWUP == 0 || acl(XCOMPLAINTS_ADM_REPLY) && COMPLAINTS_DO_FOLLOWUP && ($o->reviewed_by_id == $user_id || $o->current_owner == $user_id)) {
$RT = (int) $lastid_RT;
?>
<script language="JavaScript1.2">
<!--
<?php
if ($o->status < 3) {
?>
function switch_owner() {
if (document.forms[0].newowner.options[document.forms[0].newowner.selectedIndex].value > 0) {
if (confirm('Are you sure you want to tranfer/change ownership of this ticket/complaint ?')) {
document.forms[0].submit();
}
} else {
alert('Please select a new OWNER !');
}
acl();
tag::generate_index();
robots::generate("robots_".$config_q["locale"].".txt");
sitemap::generate("sitemap_".$config_q["locale"].".xml");
die("done");
break;
case "find_similar_quotes":
acl();
quote::find_similar_quotes();
break;
case "get_new_quotes_from_zitate_de":
acl();
quote::get_new_quotes_from_zitate_de();
break;
case "admin":
acl();
echo "admin";
break;
case "userprofile":
$context["h1"] = "";
$context["fake_h1"] = _("User") ." ". $a_path[0];
$userinfo = user_q::user_info($a_path[0]);
if ($config_q["locale"] == "et")
{
$content = ucwords($a_path[0]) . " on olnud tsitaat.com kasutaja alates ".$userinfo["user_regdate_parsed"].'. Ta on '.
($userinfo["quotes_added"]?'<a href="'.$user->data["username_clean"]."/".$context["labels"]["added-quotes_clean"].'">':'').
'lisanud '.$userinfo["quotes_added"].' tsitaati'.
($userinfo["quotes_added"]?'</a>':'').
', hääletanud '.$userinfo["votes"].' korda ja talle '.
echo "Sorry, your admin access is too low.";
die;
}
$nrw_lvl = 0;
if (acl(XWEBAXS_2)) {
$nrw_lvl = 1;
}
if (acl(XWEBAXS_3)) {
$nrw_lvl = 2;
}
echo "<html><head><title>DOMAIN/USER LOCK</title>";
std_theme_styles();
echo "</head>\n";
std_theme_body("../");
echo "<b>Domain/User Lock</b> ";
if ($admin >= $min_lvl || acl(XDOMAIN_LOCK)) {
echo "Editor - <a href=\"add.php\">Add a new entry</a><br><br>\n";
} else {
echo "List<br><br>\n";
}
?>
<form name=display method=get action=list.php>
Filter search <input type=text name=pattern size=20 value="*"><br>
View <select name=types>
<option value="0">All Locks types</option>
<option value="1">Locks on usernames</option>
<option value="2">Locks on regproc</option>
<option value="3">Locks on Email Change Form</option>
<option value="4">Locks on Login</option>
</select>, Order by <select name=order>
<option value="0">Creation date</option>
<?php
/* $Id: admin_complete.php,v 1.6 2003/03/15 05:59:00 nighty Exp $ */
$cache_page = 1;
$min_lvl = 800;
require "../../../php_includes/cmaster.inc";
std_connect();
$user_id = std_security_chk($auth);
$cTheme = get_theme_info();
if ($user_id <= 0) {
echo "You must be logged in to view that page. <a href=\"../index.php\" target=\"_top\">click here</a>.<br>\n";
echo "</body></html>\n\n";
die;
}
$admin = std_admin();
if (!acl(XWEBAXS_3)) {
echo "Sorry, your admin access is too low.<br>\n";
echo "</body></html>\n\n";
die;
}
$res = pg_safe_exec("SELECT user_name FROM users WHERE id='{$user_id}'");
$row = pg_fetch_object($res, 0);
$user_name = $row->user_name;
echo "<html><head><title>REGISTRATION PROCESS</title>";
std_theme_styles();
echo "</head>\n";
std_theme_body("../");
if ($force != 1) {
if ($id == "" || $id <= 0 || $decision == "" || $pcts <= 0) {
echo "<b>Invalid arguments</b><br>\n";
die;
if ($admin == 0 && !acl(XWEBAXS_2) && !acl(XWEBAXS_3) && !acl(XDOMAIN_LOCK)) {
echo "Sorry, your admin access is too low.";
die;
}
$nrw_lvl = 0;
if (acl(XWEBAXS_2)) {
$nrw_lvl = 1;
}
if (acl(XWEBAXS_3)) {
$nrw_lvl = 2;
}
echo "<html><head><title>Domain/User Lock (ADD MODE)</title>";
std_theme_styles();
echo "</head>\n";
std_theme_body("../");
if (!acl(XDOMAIN_LOCK)) {
echo "Sorry, Your admin access is too low.<br><br>\n";
echo "</body></html>\n\n";
die;
}
echo "<b>Domain/User Lock</b> Editor (ADD MODE) - <a href=\"./index.php\">Home</a><br><br>\n";
?>
<form name=addentry method=post action=add_entry.php>
<table border=1 cellspacing=0 cellpadding=3>
<tr><td align=right><b>email DOMAIN, or<br>User@ PREFIX</b> </td><td><input type=text name=domain size=20 maxlength=255></td></tr>
<tr><td align=right><b>LOCK_USERNAME</b> </td><td><input type=checkbox checked name=f1 value=1></td></tr>
<tr><td align=right><b>LOCK_REGPROC</b> </td><td><input type=checkbox checked name=f2 value=1></td></tr>
<tr><td align=right><b>LOCK_EMAILCHG</b> </td><td><input type=checkbox checked name=f3 value=1></td></tr>
<tr><td align=right><b>LOCK_LOGIN</b> </td><td><input type=checkbox name=f4 value=1></td></tr>
</table>
<font size=-1>
<html>
<head><title>HELP TEXT MANAGER</title>
<?php
std_theme_styles();
?>
</head>
<?php
std_theme_body("../");
?>
<h2><b>Edit HELP TEXT for '<?php
echo $lang_name;
?>
'</b><br></h2>
<a href="index.php"><< Back</a>
<?php
if (acl(XHELP_CAN_ADD)) {
echo "<form name=addcmd action=add_cmd.php method=get>\n";
echo "<input type=hidden name=langid value={$lang_id}>\n";
echo "<li> Add COMMAND named <input type=text name=cmdname size=20 maxlength=20> <input type=submit value=Go!>\n";
echo "</form>\n";
}
echo "<table width=100% border=0 cellspacing=1 cellpadding=3>";
echo "<tr bgcolor=#" . $cTheme->table_headcolor . ">\n";
echo "<td width=20%><font color=#" . $cTheme->table_headtextcolor . "><b>COMMAND Name</b></font></td>";
echo "<td width=80%><font color=#" . $cTheme->table_headtextcolor . "><b>HELP Output</b></font></td></tr>\n\n";
$ras = pg_safe_exec("SELECT * FROM help WHERE language_id='{$lang_id}' ORDER BY topic");
if (pg_numrows($ras) == 0) {
echo "<td colspan=2 bgcolor=#" . $cTheme->table_headtextcolor . "><b>NO COMMANDS IN DB ?!</b>";
if ($admin > 900) {
echo " <b>901+ option</b> : <a href=\"init_lang.php?lid={$lang_id}\">Initialize Commands for this language</a>";
}
$badargs = 1;
}
//if (preg_match("/^[A-Za-z0-9_.-][@]$/",$domain)) { echo "MATCHES REGEXP01<br>\n"; } else { echo "DO NOT MATCH REGEXP01<br>\n"; }
//if (preg_match("/^((\*)[A-Za-z0-9.-])|[A-Za-z0-9.-]+\.(([A-Za-z][A-Za-z])|(\*))+$/",$domain)) { echo "MATCHES REGEXP02<br>\n"; } else { echo "DO NOT MATCH REGEXP02<br>\n"; }
//echo $badargs;
if (ereg("@", $domain)) {
if (!preg_match("/^[A-Za-z0-9_.-]+@+\$/", $domain)) {
echo "<li> [001] The user prefix <b>" . htmlspecialchars($domain) . "</b> sounds invalid.\n";
$badargs = 1;
}
} else {
if (ereg("\\*", $domain) && $admin < $min_lvl && !acl(XDOMAIN_LOCK)) {
echo "<li><font color=#" . $cTheme->table_tr_enlighten . "> <b>WILDCARDS ARE RESERVED FOR LEVELS " . $min_lvl . "+ and DOMAIN_LOCK ACL users ;P</b></font>\n";
$badargs = 1;
} else {
if ((ereg("\\*", $domain) || ereg("\\?", $domain)) && ($admin >= $min_lvl || acl(XDOMAIN_LOCK))) {
if (!preg_match("/^[A-Za-z0-9\\?\\*.-]+\\.[A-Za-z\\?\\*][A-Za-z\\?\\*]+\$/", $domain)) {
echo "<li> [002] The domain name <b>" . htmlspecialchars($domain) . "</b> sounds invalid.\n";
$badargs = 1;
} else {
$l = strlen($domain);
$count_star = 0;
for ($u = 0; $u < $l; $u++) {
if (substr($domain, $x, 1) == "\\*") {
$count_star++;
if ($count_star > 2) {
$badargs = 1;
}
if ($count_star == 2 && (strpos($domain, "*") != 0 || strrpos($domain, "*") != $l - 1)) {
$badargs = 1;
$spc = 2;
/* $Id: index.php,v 1.29 2006/05/06 01:44:50 nighty Exp $ */
$min_lvl = 800;
require "../../../php_includes/cmaster.inc";
std_connect();
$user_id = std_security_chk($auth);
$admin = std_admin();
if ($admin <= 0 && !acl()) {
echo "Sorry your admin access is too low.";
die;
}
$cTheme = get_theme_info();
$res = pg_safe_exec("SELECT user_name FROM users WHERE id='{$user_id}'");
$adm_usr = pg_fetch_object($res, 0);
$adm_user = $adm_usr->user_name;
if (!acl(XWEBAXS_3) && !acl(XWEBUSR_TOASTER) && !acl(XWEBUSR_TOASTER_RDONLY)) {
echo "Sorry, your admin access is too low.";
die;
}
$unf = pg_safe_exec("SELECT count_count FROM counts WHERE count_type=1");
if (pg_numrows($unf) == 0) {
$MAX_UCOUNT = 0;
} else {
$bla = pg_fetch_object($unf, 0);
$MAX_UCOUNT = $bla->count_count;
}
$less_count = -1;
$MAXU = $MAX_ALLOWED_USERS * 2;
if ($MAX_UCOUNT < $MAXU) {
$less_count = $MAX_UCOUNT;
$MAX_UCOUNT = $MAXU;
function blink($ic, $txt, $pg)
{
echo "<table class='b' cellpadding='0' border='0' cellspacing='0'>";
echo "<tr><td class='b1'><img src='i/_.gif' width='8' height='8'></td>";
echo "<td class='b2'><img src='i/_.gif' width='8' height='8'></td>";
echo "<td class='b3'><img src='i/_.gif' width='8' height='8'></td></tr>";
echo "<tr><td class='b4'><img src='i/_.gif' width='8' height='24'></td>";
echo "<td class='b5'>";
acl($pg, "b");
echo "<img src='i/_.gif' width='8' height='24'>";
list($width, $height, $type, $attr) = getimagesize("{$ic}");
echo "<img src='{$ic}' width='{$width}' height='{$height}'>";
echo "<img src='i/_.gif' width='8' height='24'>";
echo "<b>{$txt}</b>";
echo "<img src='i/_.gif' width='8' height='24'>";
echo "</a>";
echo "</td>";
echo "<td class='b6'><img src='i/_.gif' width='8' height='24'></td></tr>";
echo "<tr><td class='b7'><img src='i/_.gif' width='8' height='8'></td>";
echo "<td class='b8'><img src='i/_.gif' width='8' height='8'></td>";
echo "<td class='b9'><img src='i/_.gif' width='8' height='8'></td></tr>";
echo "</table>";
}
<?php
include "../../../php_includes/cmaster.inc";
std_init();
if (!acl(XWEBACL)) {
die("Sorry, you have no access.");
}
$cTheme = get_theme_info();
?>
<!-- $Id: help.php,v 1.7 2004/03/15 23:50:11 nighty Exp $ //-->
<html>
<head><title>ACL Help</title>
<?php
std_theme_styles();
echo "</head>";
std_theme_body("../");
?>
<br><h2>ACL Help</h2><br><br><br>
<ul>
<li> <a name="XCHGMGR"><u><b><?php
echo BOT_NAME;
?>
@ Manager Changes</b></u><br><i>
<b>reviewer</b>:<br>
- Can Accept requests<br>
- Can Reject requests<br><br>
<b>admin</b>:<br>
- all permissions of 'reviewer', and :<br>
- Can Revert changes<br>
echo $spc . $spc . "<input type=checkbox name=XIPR_VIEW2 value=1> View others<br>";
echo $spc . $spc . "<input type=checkbox name=XIPR_MOD1 value=1> Change own<br>";
echo $spc . $spc . "<input type=checkbox name=XIPR_MOD2 value=1> Change others<br>";
echo "<br>\n";
}
echo "<br><br>";
echo $spc . $spc . $spc . "<input type=submit value=\" CREATE ACL \">\n";
echo "</form>";
echo "</font></td>\n";
}
echo "<td bgcolor=#" . $cTheme->main_acl_edit . " valign=top><font face=arial,helvetica size=-1>\n";
echo "<form name=editacl action=acl.php method=get>\n";
echo "<input type=hidden name=mode value=editacl>\n";
echo "<input type=hidden name=ts value=" . $zets . ">\n";
echo "<input type=hidden name=crc value=" . md5($HTTP_USER_AGENT . $CRC_SALT_0010 . $user_id . $zets) . ">\n";
if ($admin >= 800 || acl(XCHGMGR_ADMIN) || acl(XMAILCH_ADMIN) || acl(XWEBAXS_3)) {
echo "<p align=center><font size=+1><b>Edit ACL</b></font></p>\n";
echo "<br><br><br>\n";
$res = pg_safe_exec("SELECT * FROM acl,users WHERE acl.user_id=users.id ORDER BY lower(users.user_name)");
if (pg_numrows($res) > 0) {
echo "Edit <b>ACL</b> for ";
echo "<select name=userid>\n";
}
for ($x = 0; $x < pg_numrows($res); $x++) {
$row = pg_fetch_object($res, $x);
echo "<option value=\"" . $row->user_id . "\">" . $row->user_name;
$sres = pg_safe_exec("SELECT * FROM levels WHERE channel_id=1 AND user_id='" . $row->user_id . "' AND access>0");
if (pg_numrows($sres) > 0) {
$srow = pg_fetch_object($sres, 0);
echo " (*" . $srow->access . ")";
}
<?php
/* $Id: app_tracker.php,v 1.13 2004/07/25 03:31:50 nighty Exp $ */
$min_lvl = 800;
require "../../php_includes/cmaster.inc";
std_connect();
$user_id = std_security_chk($auth);
$admin = std_admin();
$cTheme = get_theme_info();
if (!acl(XWEBAXS_2) && !acl(XWEBAXS_3)) {
die("Wrong way ;)");
}
if ($APPID == "" || $RETURL == "") {
echo "<html><head><title>Application Tracker</title>";
std_theme_styles();
echo "</head>\n";
std_theme_body();
echo "<h2>Please access this page from the Channel Application Review page</h2>";
echo "</body></html>\n\n";
die;
}
$tmp = explode("-", $APPID);
$channel_id = $tmp[1];
$created_ts = $tmp[0];
$RETOUR = urldecode($RETURL);
echo "<html><head><title>Application Tracker</title>";
std_theme_styles();
echo "</head>\n";
std_theme_body();
echo "<center>";
echo "<font size=+1><b>APPLICATION TRACKER</b><br>Supporters Distribution<br></font></center><hr size=2 noshade><br>\n";
<?php
$CAN_EDIT = 1;
$CAN_ADD = 2;
$ENABLE_COOKIE_TABLE = 0;
$lang_id = $langid;
include "../../../php_includes/cmaster.inc";
std_init();
$cTheme = get_theme_info();
$FORCE_GET = 1;
if (!acl(XHELP)) {
echo "You are not allowed to use that page.";
die;
}
$a_lid = $ACL_XTRA;
if ($lang_id != $a_lid && $a_lid > 0 || !acl(XHELP_CAN_ADD)) {
echo "You are not allowed to use that page.";
die;
}
$res2 = pg_safe_exec("SELECT * FROM languages WHERE id='{$lang_id}'");
if (pg_numrows($res2) == 0) {
echo "Invalid Language ID, sorry.";
die;
}
$row2 = pg_fetch_object($res2, 0);
$lang_name = $row2->name;
$tst = pg_safe_exec("SELECT * FROM help WHERE topic='" . strtoupper($cmdname) . "' AND language_id='{$lang_id}'");
if (pg_numrows($tst) > 0) {
echo "<html>\n";
echo "<head><title>HELP TEXT MANAGER</title>";
std_theme_styles();
echo "</head>";
std_theme_body("../");
echo "<b>User Toaster</b> (Hunting Fraud Usernames) ";
echo "<h1>Sorry, only " . $min_lvl . "+/ACL can toast usernames !</h1>\n";
echo "<br><br><a href=\"javascript:history.go(-1);\">Back</a>\n";
echo "</body></html>\n\n";
die;
}
$res = pg_safe_exec("SELECT user_name FROM users WHERE id='{$user_id}'");
if (pg_numrows($res) == 0) {
echo "Suddenly logged out ?!";
die;
}
$adm_usr = pg_fetch_object($res, 0);
$adm_user = $adm_usr->user_name;
if ($admin < $min_lvl && !acl(XWEBAXS_3) && !acl(XWEBUSR_TOASTER)) {
echo "Sorry, your admin access is too low.";
die;
}
$gcount = count($id);
$mmsg = "";
$mail_lines = 0;
if (preg_match("/^[A-Za-z0-9\\._-]+\\@[A-Za-z0-9\\._-]+\\.[A-Za-z][A-Za-z]+\$/", $_POST["sendlist"])) {
$send_mail = 1;
} else {
$send_mail = 0;
}
if ($debug_me) {
echo "<pre><b>DEBUG MODE</b>\n\n";
}
if ($debug_me && $send_mail) {
<?php
include "../../../php_includes/cmaster.inc";
std_init();
$cTheme = get_theme_info();
$ENABLE_COOKIE_TABLE = 0;
$FORCE_GET = 1;
if (!acl(XHELP)) {
echo "You are not allowed to use that page.";
die;
}
$lang_id = $ACL_XTRA;
if (!acl(XHELP_CAN_EDIT)) {
echo "You are not allowed to use that page.";
die;
}
$blo = pg_safe_exec("SELECT * FROM help");
if (pg_numrows($blo) == 0) {
header("Location: init_help.php");
die;
}
?>
<html>
<head><title>HELP TEXT MANAGER</title>
<?php
std_theme_styles();
?>
</head>
<?php
std_theme_body("../");
?>
if ($rowT->support == "Y") {
echo "<td>SUPPORT</td>\n";
} else {
echo "<td><i>unknown</i></td>\n";
}
}
echo "<td>" . $type[$sta] . "</td>\n";
echo "<td><a href=\"users.php?id=" . $rowT->manager_id . "\">" . $row2->user_name . "</a></td>\n";
echo "</tr>\n";
}
}
// of else
echo "</TABLE>";
/* end proc */
}
if ($admin > 0 || acl(XLOGGING_VIEW)) {
$type = $user_events;
echo "<br>\n";
$query = "SELECT user_id,ts,event,message FROM userlog WHERE event!=5 AND user_id={$id} ORDER BY ts DESC";
// echo "Q: $query<br>";
$logs = pg_safe_exec($query);
echo "<TABLE border=1 WIDTH=100% cellspacing=0 cellpadding=2 BGCOLOR=#" . $cTheme->table_bgcolor . ">";
echo "<tr><td colspan=3><H2>Log messages (last 5)</H2><a href=\"viewlogs.php?uid=" . $id . "\">View All</a></td></tr>";
echo "<tr bgcolor=#" . $cTheme->table_headcolor . "><td><font color=#" . $cTheme->table_headtextcolor . ">Time</font></td><td><font color=#" . $cTheme->table_headtextcolor . ">Event</font></td><td><font color=#" . $cTheme->table_headtextcolor . ">Message</font></td></tr>";
if (pg_numrows($logs) != 0) {
if (pg_numrows($logs) >= 5) {
$max = 5;
} else {
$max = pg_numrows($logs);
}
for ($row = 0; $row < $max; $row++) {
if ($mode == "editacl") {
echo "<h2>Modifying ACL</h2><a href=\"index.php\">Back to ACL Manager</a><hr size=1 noshade>\n";
}
if ($mode == "getlist") {
echo "<h2>ACL Full List</h2><a href=\"index.php\">Back to ACL Manager</a><hr size=1 noshade>\n";
}
echo "<br>\n";
if ($mode == "editacl") {
$res = pg_safe_exec("SELECT acl.flags as acl_flags,acl.acl_id,acl.xtra,users.user_name,acl.last_updated,acl.last_updated_by FROM acl,users WHERE acl.user_id='" . $userid . "' AND acl.user_id=users.id");
if (pg_numrows($res) == 0) {
echo "<h3>no ACL defined for that user !</h3>\n";
} else {
$row = pg_fetch_object($res, 0);
$ztest1 = acl(XCHGMGR_ADMIN) && !((int) $row->acl_flags & XCHGMGR_ADMIN) || $admin >= 800;
$ztest2 = acl(XMAILCH_ADMIN) && !((int) $row->acl_flags & XMAILCH_ADMIN) || $admin >= 800;
$ztest3 = acl(XWEBAXS_3) && !((int) $row->acl_flags & XWEBAXS_3) || $admin >= 800;
$noallow = 0;
if (!$ztest1 && !$ztest2 && !$ztest3 && $admin < 800) {
$noallow = 1;
}
echo "<table border=0 cellspacing=30 cellpadding=5>\n";
echo "<tr>\n";
echo "<td bgcolor=#" . $cTheme->main_acl_edit . " valign=top><font face=arial,helvetica size=-1>\n";
echo "<form name=applyacl action=acl.php method=post onsubmit=\"return check(this);\">\n";
echo "<input type=hidden name=mode value=applyacl>\n";
echo "<input type=hidden name=ts value=" . $zets . ">\n";
echo "<input type=hidden name=userid value=" . $userid . ">\n";
echo "<input type=hidden name=crc value=" . md5($HTTP_USER_AGENT . $CRC_SALT_0008 . $user_id . $zets) . ">\n";
if ($noallow) {
echo "<b>Nothing you can EDIT in </b>" . $row->user_name . "<b>'s ACLs.</b><br>\n";
} else {