$worktime_login = 900;
break;
}
$worktime_login_final = time() + $worktime_login;
// WAM ID generálása és beállítása
$login_wam_id_length = 32;
$login_wam_id_characters = "0123456789abcdefghijklmnopqrstuvwxyz";
for ($login_wam_id_num = 0; $login_wam_id_num < $login_wam_id_length; $login_wam_id_num++) {
$login_wam_id .= $login_wam_id_characters[mt_rand(0, strlen($login_wam_id_characters))];
}
db_query("UPDATE account SET wam_id = '" . $login_wam_id . "' WHERE username = '******'");
// Sütik beállítása
setcookie("wam_id", $login_wam_id, $worktime_login_final);
setcookie("wam_worktime", $worktime_login, $worktime_login_final);
// Átirányítás
header_location("index");
}
?>
<table class="body3" cellspacing="0" cellpadding="0">
<tr>
<td class="body3-title">
Iniciar Sesión<img class="nav-icon" src="<?php
echo theme_file("images/icons/key.png");
?>
" alt="Bejelentkezés" />
</td>
</tr>
<tr>
$site_date_day = "Sonntag";
break;
}
$site_date = "" . date("Y.m.d. H:i") . ", " . $site_date_day . "";
// Erstellen Sicherheitsüberwachung (Besucher)
site_log("visitors", "IP: " . $site_ip . " | Dátum: " . $site_date . "");
// Cookies überprüfen
if (!empty($cookie_wam_id)) {
// Prüfung der korrekte Cookie-Daten
$query_login = db_query("SELECT COUNT(*) FROM account WHERE wam_id = '" . $cookie_wam_id . "'");
$results_login = mysqli_fetch_array($query_login);
if ($results_login[0] == 0) {
// Log aktiviert (schlechter (Cookie)) wird halt überprüft ob der Cookie gültig ist omg
site_log("bad-login-cookie", "IP: " . $site_ip . " | Dátum: " . $site_date . "");
// Beenden
header_location("logout");
} else {
// Account informations Anfrage
$query_user_check = db_query("SELECT id, username, sha_pass_hash, email, expansion FROM account WHERE wam_id = '" . $cookie_wam_id . "'");
$results_user_check = mysqli_fetch_array($query_user_check);
// Account information speichern
$user_check_accountid = $results_user_check["id"];
$user_check_accountname = $results_user_check["username"];
$user_check_password = $results_user_check["sha_pass_hash"];
$user_check_email = $results_user_check["email"];
$user_check_expansion = $results_user_check["expansion"];
// Account Rang überprüfen (nix anderes als das gerüft wird ob das ein GM account ist oder nicht
$query_user_check_gmlevel = db_query("SELECT gmlevel FROM account_access WHERE id = '" . $user_check_accountid . "'");
$results_user_check_gmlevel = mysqli_fetch_array($query_user_check_gmlevel);
// Account Rang abfrage
$user_check_gmlevel = $results_user_check_gmlevel["gmlevel"];
$forum_name = get_forumname($POST_f);
$topic_name = get_topicname($POST_t);
opmain_body("Move Topic " . $forum_name . " > " . $topic_name . "");
echo "<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\">\n\t<form action=\"index.php?act=mod\" method=\"post\" enctype=\"multipart/form-data\" name=\"Move_Topic_Form\">\n\t<input type=\"hidden\" name=\"code\" value=\"08\">\n\t<input type=\"hidden\" name=\"f\" value=\"{$POST_f}\">\n\t<input type=\"hidden\" name=\"t\" value=\"{$POST_t}\">\n\t<TR class=\"topic_title5\">\n\t\t<TD colspan=\"2\" height=\"27\">\n\t\t\t<div class=\"title_face\">Please select the destination forum and method of moving</div>\n\t\t</TD>\n\t</TR>\n\t<TR class=\"topic_title6\">\n\t\t<TD width=\"30%\">\n\t\t\t<div class=\"title_face4\"><b>Move this topic from New Forum to</b></div>\n\t\t</TD>\n\t\t<TD width=\"70%\">\n\t\t\t<select name=\"select_forum\" class=\"selectmenu\">\n";
$query = "SELECT memory_value1,memory_value3 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object =\"forum_category\" ORDER by memory_value2 ASC";
$sql->result = $sql->execute_query($query, 'forum_manage.php');
$sql->total_query++;
if ($sql->count_rows()) {
while ($row = $sql->fetch_row()) {
$query = "SELECT forum_id,forum_title FROM {$CONFIG_sql_cpdbname}.forum WHERE category_id=\"" . $row[memory_value1] . "\" ORDER by forum_id ASC";
$sql->result2 = $sql->execute_query($query, 'forum_manage.php');
echo "\t\t\t\t<optgroup label=\"{$row['memory_value3']}\"></optgroup>\n";
if ($sql->count_rows($sql->result2)) {
while ($row2 = $sql->fetch_row($sql->result2)) {
echo "\t\t\t\t<option value=\"{$row2['forum_id']}\"> |-- {$row2['forum_title']}</option>\n";
}
}
}
}
echo "\t\t\t</select>\n\t\t</TD>\n\t</TR>\n\t<TR class=\"topic_title5\" align=\"center\">\n\t\t<TD colspan=\"2\">\n\t\t\t<input type=\"submit\" name=\"Submit\" value=\"Move�this�topic\" class=\"textinput\">\n\t\t</TD>\n\t</TR>\n\t</form>\n</TABLE>\n";
clmain_body();
}
if ($POST_code == '08' && checkprivilege_action($CP[login_id], g_move_topics) && check_category($POST_f) && check_category($POST_select_forum) && $POST_t) {
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.board_reply SET forum_id=\"" . mysql_res($POST_select_forum) . "\" WHERE topic_id =\"" . mysql_res($POST_t) . "\" AND forum_id = \"" . mysql_res($POST_f) . "\" ", 'moderate.php');
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.board_topic SET forum_id=\"" . mysql_res($POST_select_forum) . "\" WHERE topic_id =\"" . mysql_res($POST_t) . "\" AND forum_id = \"" . mysql_res($POST_f) . "\" ", 'moderate.php');
header_location("index.php?showtopic={$POST_t}");
}
}
} else {
redir("index.php?act=idx", "{$lang['No_privilege']}", 3);
}
$sql->Connect($CONFIG_sql_host, $CONFIG_sql_username, $CONFIG_sql_password);
$query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object =\"sgcp_install\" AND memory_value1=\"1\"";
$sql->result = mysql_query($query);
if (!$sql->result()) {
if (mysql_select_db($CONFIG_sql_cpdbname)) {
$dropdb = "DROP DATABASE `{$CONFIG_sql_cpdbname}`;";
mysql_query($dropdb);
}
$createdb = "CREATE DATABASE `{$CONFIG_sql_cpdbname}`;";
if (mysql_query($createdb)) {
if ($contents = file_get_contents("install/sql-files/sgcp_database.sql")) {
$cpi = new CP_Install();
$execute_query = $cpi->promt_query($contents);
for ($i = 0; $i < count($execute_query); $i++) {
mysql_db_query($CONFIG_sql_cpdbname, $execute_query[$i]);
}
redir("index.php?act=idx", "Automatic System : has created a {$CONFIG_sql_cpdbname} database", 3);
} else {
redir("index.php?act=idx", "Automatic System : Could not read sgcp_database.sql file", 3);
}
} else {
redir("index.php?act=idx", "Automatic System : creating {$CONFIG_sql_cpdbname} database was failed", 3);
}
} else {
header_location("index.php?act=idx");
}
echo "\n</body>\n</html>";
mysql_close();
include_once "gzip_footer.php";
}
}
case ordercategory:
$query = "SELECT memory_value1 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object = \"forum_category\" AND memory_value2 =\"" . mysql_res($POST_select_order) . "\" LIMIT 0,1";
$sql->result = $sql->execute_query($query, 'forum_manage.php');
$query = "SELECT memory_value2 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object = \"forum_category\" AND memory_value1 =\"" . mysql_res($POST_c) . "\" LIMIT 0,1";
$sql->result2 = $sql->execute_query($query, 'forum_manage.php');
if ($sql->count_rows() && $sql->count_rows($sql->result2)) {
$row = $sql->fetch_row();
$category_id_old = $row["memory_value1"];
$row2 = $sql->fetch_row($sql->result2);
$category_order_new = $row2["memory_value2"];
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.memory SET memory_value2=\"" . $category_order_new . "\" WHERE memory_object=\"forum_category\" AND memory_value1=\"" . $category_id_old . "\"", 'forum_manage.php');
}
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.memory SET memory_value2=\"" . mysql_res($POST_select_order) . "\" WHERE memory_object=\"forum_category\" AND memory_value1=\"" . mysql_res($POST_c) . "\"", 'forum_manage.php');
break;
}
header_location("index.php?act=forum_manage");
} else {
$count_category = $sql->execute_query("SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object =\"forum_category\"", 'forum_manage.php');
$count_category = $sql->result($count_category);
$query = "SELECT memory_value1,memory_value2,memory_value3 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object =\"forum_category\" ORDER by memory_value2 ASC";
$sql->result = $sql->execute_query($query, 'forum_manage.php');
$sql->total_query++;
opmain_body("Forum Management");
if ($sql->count_rows()) {
$IMG['EDIT'] = "<img src =\"theme/{$STORED['THEME']}/images/edit.gif\" border=\"0\" alt=\"Edit\">";
$IMG['DELETE'] = "<img src =\"theme/{$STORED['THEME']}/images/drop.gif\" border=\"0\" alt=\"Delete\">";
while ($row = $sql->fetch_row()) {
$query = "SELECT forum_id,forum_title,forum_description FROM {$CONFIG_sql_cpdbname}.forum WHERE category_id=\"" . $row['memory_value1'] . "\" ORDER by forum_id ASC";
$sql->result2 = $sql->execute_query($query, 'forum_manage.php');
$form_name = "Category_" . $row[memory_value1] . "";
echo "<TABLE width=\"100%\" cellspacing=\"1\" cellpadding=\"5\" align=\"center\" class=\"emptytable3\">\n\t<TBODY>\n\t\t<TR height=\"27\" class=\"title_bar2\">\n\t\t\t<form action=\"index.php?act=forum_manage&manage=ordercategory\" name=\"{$form_name}\" method=\"post\" enctype=\"multipart/form-data\">\n\t\t\t<input type=\"hidden\" name=\"c\" value=\"{$row['memory_value1']}\">\n\t\t\t<TD width=\"90%\">\n\t\t\t\t<select name=\"select_order\" onChange=\"document.{$form_name}.submit();\" class=\"selectmenu\">\n";
if ($GET_code == 02) {
$query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object=\"ro_message\"";
$sql->result = $sql->execute_query($query, 'mescontrol.php');
$sql->total_query++;
$POST_t_mes = checkstring($POST_t_mes, 1);
if ($sql->result()) {
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.memory SET memory_value1=\"" . $CP['login_name'] . "\", memory_value2=\"" . $CP['time'] . "\", memory_value3=\"" . $POST_t_mes . "\" WHERE memory_object=\"ro_message\"", 'mescontrol.php', 0);
} else {
$sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.memory (memory_object,memory_value1,memory_value2,memory_value3) VALUES (\"ro_message\",\"" . $CP['login_name'] . "\",\"" . $CP['time'] . "\",\"" . $POST_t_mes . "\")", 'mescontrol.php', 0);
}
header_location("index.php?act=mesctrl&code=00");
} else {
if ($GET_code == 03) {
$query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object=\"server_info\"";
$sql->result = $sql->execute_query($query, 'mescontrol.php');
$sql->total_query++;
$POST_t_mes = checkstring($POST_t_mes, 1);
if ($sql->result()) {
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.memory SET memory_value3=\"" . $POST_t_mes . "\" WHERE memory_object=\"server_info\"", 'mescontrol.php', 0);
} else {
$sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.memory (memory_object,memory_value3) VALUES (\"server_info\",\"" . $POST_t_mes . "\")", 'mescontrol.php', 0);
}
header_location("index.php?act=mesctrl&code=01");
} else {
redir("index.php?act=idx", "{$lang['Error']}", 3);
}
}
}
} else {
redir("index.php?act=idx", "{$lang['No_privilege']}", 3);
}
$last_ip = $row[last_ip];
$query = "SELECT memory_value2 FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object =\"ip_blacklist\" AND memory_value1=\"" . mysql_res($last_ip) . "\"";
$sql->result = $sql->execute_query($query, 'searching_id.php');
$blacklist_row = $sql->fetch_row();
if ($sql->count_rows()) {
if ($blacklist_row[memory_value2] == 'block') {
$state = 'unblock';
} else {
$state = 'block';
}
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.memory SET memory_value2=\"" . mysql_res($state) . "\" WHERE memory_object=\"ip_blacklist\" AND memory_value1=\"" . mysql_res($last_ip) . "\"", 'searching_id.php');
} else {
$blacklist_code = md5(uniqid(microtime()));
$sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.memory (memory_object,memory_value1,memory_value2,memory_value3) values (\"ip_blacklist\",\"" . mysql_res($last_ip) . "\",\"block\",\"" . mysql_res($blacklist_code) . "\")", 'searching_id.php');
}
header_location("index.php?act=searching_id&account_id={$GET_account_id}");
} else {
redir("index.php?act=idx", "{$lang['Error']}", 3);
}
}
}
}
}
}
}
} else {
redir("index.php?act=idx", "{$lang['Error']}", 3);
}
} else {
redir("index.php?act=idx", "{$lang['No_privilege']}", 3);
}
function file_check($terms)
{
global $user_check_gmlevel;
global $user_check_accountid;
global $wam_gmlevel_vip;
global $wam_gmlevel_admin;
global $wam_vip_enable;
global $wam_vip_enable_addmoney;
global $wam_vip_enable_additem;
global $wam_vip_enable_addlevel;
global $wam_vip_enable_charrename;
$terms_explode = explode(",", $terms);
foreach ($terms_explode as $terms_final) {
switch ($terms_final) {
case "logged":
if (empty($_COOKIE["wam_id"])) {
header_location("404");
}
break;
case "notlogged":
if (!empty($_COOKIE["wam_id"])) {
header_location("404");
}
break;
case "error":
header_location("404");
break;
case "player":
if ($user_check_gmlevel != $wam_gmlevel_player) {
header_location("404");
}
break;
case "moderator":
if ($user_check_gmlevel != $wam_gmlevel_mod) {
header_location("404");
}
break;
case "gm":
if ($user_check_gmlevel != $wam_gmlevel_gm) {
header_location("404");
}
break;
case "vip":
if ($user_check_gmlevel != $wam_gmlevel_vip) {
header_location("404");
}
break;
case "admin":
if ($user_check_gmlevel != $wam_gmlevel_admin) {
header_location("404");
}
break;
case "vipmodule":
if ($wam_vip_enable != "1") {
header_location("404");
}
break;
case "additem":
if ($wam_vip_enable_additem != "1") {
header_location("404");
}
break;
case "addlevel":
if ($wam_vip_enable_addlevel != "1") {
header_location("404");
}
break;
case "addmoney":
if ($wam_vip_enable_addmoney != "1") {
header_location("404");
}
break;
case "charrename":
if ($wam_vip_enable_charrename != "1") {
header_location("404");
}
break;
case "notbanned":
$query = db_query("SELECT active FROM account_banned WHERE id = '" . $user_check_accountid . "'");
$results = mysqli_fetch_array($query);
if ($results["active"] == 1) {
system_message("Account ist gebannt!");
}
break;
}
}
}
}
if ($_SESSION["uid"] == -100) {
$_SESSION["AsWebStatisticsAdministrator"] = true;
}
include_once dirname(__FILE__) . "/ressources/class.templates.inc";
include_once dirname(__FILE__) . "/ressources/class.users.menus.inc";
include_once dirname(__FILE__) . "/ressources/class.miniadm.inc";
include_once dirname(__FILE__) . "/ressources/class.mysql.squid.builder.php";
include_once dirname(__FILE__) . "/ressources/class.user.inc";
include_once dirname(__FILE__) . "/ressources/class.squid.inc";
include_once dirname(__FILE__) . "/ressources/class.calendar.inc";
if (!$_SESSION["AsWebStatisticsAdministrator"]) {
if ($GLOBALS["VERBOSE"]) {
echo "header_location(miniadm.index.php)\n";
}
header_location("miniadm.index.php");
}
if (isset($_GET["db-status"])) {
database_status();
exit;
}
if (isset($_GET["content"])) {
content();
exit;
}
if (isset($_GET["messaging-right"])) {
messaging_right();
exit;
}
if (isset($_GET["webstats-left"])) {
webstats_left();
header_location("{$HTTP_REFERER}");
break;
case activeaccount:
$POST_account_id = mysql_res($POST_account_id);
$sql->execute_query("UPDATE {$CONFIG_sql_dbname}.login SET state=\"0\" WHERE account_id=\"{$POST_account_id}\"", 'account_manage.php');
$sql->execute_query("DELETE FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object =\"activate_id\" AND memory_value2=\"{$POST_account_id}\"", 'account_manage.php');
header_location("index.php?act=account_manage&code=view_inactiveid");
break;
case deleteinactiveid:
$sql->execute_query("DELETE FROM {$CONFIG_sql_dbname}.login WHERE account_id =\"" . mysql_res($GET_account_id) . "\"", 'account_manage.php');
$sql->execute_query("DELETE FROM {$CONFIG_sql_cpdbname}.memory WHERE memory_object =\"activate_id\" AND memory_value2=\"" . mysql_res($GET_account_id) . "\"", 'account_manage.php');
$sql->execute_query("DELETE FROM {$CONFIG_sql_cpdbname}.user_profile WHERE user_id =\"" . mysql_res($GET_account_id) . "\"", 'account_manage.php');
header_location("index.php?act=account_manage&code=view_inactiveid");
break;
default:
header_location("index.php?act=account_manage");
break;
}
} else {
?>
<script language="JavaScript">
function CheckSearch(code) {
var A1 = document.Searching_Option.search_value.value;
var A2 = document.Searching_Option.ctype.value;
var A3 = document.Searching_Option.searchby.value;
hyperlink('index.php?act=account_manage&code='+code+'&searchby='+A3+'&search_value='+A1+'&ctype='+A2+'');
return false;
}
</script>
<?php
echo "- <a href=\"index.php?act=account_manage&code=view_account\">Account Management</a><BR>\n- <a href=\"index.php?act=account_manage&code=view_inactiveid\">View inactive account</a><BR>\n<BR>\n";
<?php
require_once 'functions.php';
require_once 'includes.php';
$id_rec = $_GET['id_rec'];
$q = "\tUPDATE `recipe_products_quantities` \n\t\tSET `date_deleted` = '{$date}' \n\t\tWHERE `id` = {$id_rec}";
$file_name = 'enter_recipe_details';
header_location($connect, $q, $file_name);
header_location("index.php?act=rank_title");
} else {
redir("index.php?act=idx", "{$lang['Error']}", 3);
}
}
} else {
if ($GET_code == 04) {
$GET_id = (int) $GET_id;
if (empty($GET_id)) {
redir("index.php?act=idx", "{$lang['Error']}", 3);
} else {
$query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.rank_title WHERE title_id = \"" . mysql_res($GET_id) . "\"";
$sql->result = $sql->execute_query($query, 'rank_title.php');
$sql->total_query++;
if ($sql->result()) {
$sql->execute_query("DELETE FROM {$CONFIG_sql_cpdbname}.rank_title WHERE title_id=\"" . mysql_res($GET_id) . "\"", 'rank_title.php', 0);
header_location("index.php?act=rank_title");
} else {
redir("index.php?act=idx", "{$lang['Error']}", 3);
}
}
} else {
redir("index.php?act=idx", "{$lang['Error']}", 3);
}
}
}
}
}
} else {
redir("index.php?act=idx", "{$lang['No_privilege']}", 3);
}
if ($count1 && ($checkuserid == $CP[login_id] || checkprivilege_action($CP[login_id], g_edit_posts)) && !empty($CP[login_id])) {
$query = "SELECT reply_id FROM {$CONFIG_sql_cpdbname}.board_reply WHERE topic_id = \"" . mysql_res($POST_t) . "\" ORDER by reply_id LIMIT 1";
$sql->result = $sql->execute_query($query, 'action_post.php');
$sql->total_query++;
$row_result2 = $sql->fetch_row();
$reply_id_start = $row_result2[0];
if ($POST_t_title && $reply_id_start == $POST_p && $POST_edit_topic) {
$POST_t_title = checkstring($POST_t_title, 1);
$POST_t_desc = checkstring($POST_t_desc, 1);
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.board_topic SET topic_name=\"" . $POST_t_title . "\",topic_description=\"" . $POST_t_desc . "\" WHERE topic_id=\"" . mysql_res($POST_t) . "\" ", 'insert_topic.php');
}
$reply_edit_name = $POST_add_edit ? $CP['login_name'] : "";
$POST_t_mes = checkstring($POST_t_mes, 1);
$POST_t_emo = (int) $POST_t_emo;
$sql->execute_query("UPDATE {$CONFIG_sql_cpdbname}.board_reply SET reply_emo=\"" . mysql_res($POST_t_emo) . "\",reply_message=\"" . $POST_t_mes . "\",reply_ip=\"" . $CP['ip_address'] . "\",reply_edit_name=\"" . mysql_res($reply_edit_name) . "\",reply_edit_date=\"" . $CP['time'] . "\" WHERE topic_id=\"" . mysql_res($POST_t) . "\" AND reply_id=\"" . mysql_res($POST_p) . "\" ", 'insert_topic.php');
header_location("index.php?showtopic={$POST_t}&#entry{$POST_p}");
}
}
} else {
redir("index.php?act=forum", "{$lang['No_privilege']}", 3);
}
}
if ($GET_code == 03 && $POST_t && $POST_clickvote && checkprivilege_action($CP[login_id], g_vote_polls)) {
$query = "SELECT COUNT(*) FROM {$CONFIG_sql_cpdbname}.voters WHERE member_id = \"" . $CP['login_id'] . "\" AND topic_id = \"" . mysql_res($POST_t) . "\"";
$sql->result = $sql->execute_query($query, 'insert_topic.php');
$sql->total_query++;
if ($sql->result()) {
$display = $lang[No_vote];
} else {
$voteid = "vote" . (int) $POST_poll_vote . "";
if ($nullvote != 'View Results (Null Vote)') {
