if ($action == 'solve') { $pid = $_GET["pid"]; if ($solve = 'ignored') { mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}helpdesk SET solved='ignored', solved_by={$CURUSER['uid']}, solved_date = UNIX_TIMESTAMP() WHERE id={$pid}"); } } if ($msg_answer != "" && $id != 0) { $zap_usr = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT username FROM {$TABLE_PREFIX}users WHERE id = {$addedbyid}"); $wyn_usr = mysqli_fetch_array($zap_usr); $addedby_name = $wyn_usr["username"]; $ans_usr = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT username FROM {$TABLE_PREFIX}users WHERE id = {$CURUSER['uid']}"); $wan_usr = mysqli_fetch_array($ans_usr); $sendby_name = $wan_usr["username"]; $msg = sqlesc("[color=red][b]From the {$SITENAME} HELPDESK [/b][/color]\n\n[quote=" . $addedby_name . "]" . $msg_problem . "[/quote]\n" . $msg_answer . "\n\nregards {$SITENAME} staff member {$sendby_name}"); mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}helpdesk SET solved='yes', solved_by={$CURUSER['uid']}, solved_date = UNIX_TIMESTAMP(), msg_answer = " . sqlesc($msg_answer) . " WHERE id={$id}"); send_pm($CURUSER[uid], $addedbyid, sqlesc('Helpdesk'), $msg); } if ($msg_problem != "" && $title != "") { do_sqlquery("INSERT INTO {$TABLE_PREFIX}helpdesk (title, msg_problem, added, added_by) VALUES (" . sqlesc($title) . ", " . sqlesc($msg_problem) . ", UNIX_TIMESTAMP(), {$CURUSER['uid']})", true); err_msg("Help desk", "Message sent! Await for reply."); block_end(); stdfoot(); die; } if (!$CURUSER || $CURUSER["id_level"] >= 6) { $st_usr = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT username FROM {$TABLE_PREFIX}users WHERE id = {$CURUSER['uid']}"); $sta_usr = mysqli_fetch_array($st_usr); $staff_name = $sta_usr["username"]; $countt = get_result("SELECT * FROM {$TABLE_PREFIX}helpdesk WHERE solved='no'"); $count = count($countt); print "<center><a href=index.php?page=modules&module=helpdesk&action=problems><h1><br><font color=steelblue>welcome staff member " . $staff_name . " there are </font><font color=red>" . $count . " </font><font color=steelblue>unanswered questions waiting</font></h1></a></center>";
$genre = trim($_POST['genre']); if (is_array($activedays) and count($activedays) and 5 < strlen($activetime) and 2 < strlen($genre)) { $selectedadays = array(); foreach ($activedays as $ad) { if ($availabledays[$ad]) { $selectedadays[] = $availabledays[$ad]; continue; } } if (count($selectedadays)) { $activedays = implode(',', $selectedadays); do_sqlquery('INSERT INTO ' . $TABLE_PREFIX . 'shoutcastdj VALUES (NULL, \'' . $CURUSER['uid'] . '\', \'0\', ' . sqlesc($activedays) . ', ' . sqlesc($activetime) . ', ' . sqlesc($genre) . ')', true); $id = is_null($___mysqli_res = mysqli_insert_id($GLOBALS["___mysqli_ston"])) ? false : $___mysqli_res; $query = do_sqlquery('SELECT u.id FROM ' . $TABLE_PREFIX . 'users u LEFT JOIN ' . $TABLE_PREFIX . 'users_level g ON u.id_level=g.id WHERE delete_users=\'yes\'', true); while ($si = mysqli_fetch_assoc($query)) { send_pm(0, $si[id], sqlesc($language['subject']), sqlesc('' . $language['msg'] . ' ' . $CURUSER['username'] . ' ' . $language['msgg'] . ' [url]' . $BASEURL . '/index.php?page=dj&do=list&id=' . $id . '[/url]')); } success_msg($language['SUCCESS'], $language['thanks']); stdfoot(true, false); die; } else { stderr($language['ERROR'], $language['blank']); } } else { stderr($language['ERROR'], $language['blank']); } } $availabledays = explode(',', $language['days']); $days = ''; $i = 0; while ($i < 7) {
} if ($CURUSER["can_upload"] == "no") { // do nothing } else { $reqfilledtpl = new bTemplate(); $reqfilledtpl->set("language", $language); $reqfilledtpl->set("rf0", "<table align='center' width=550 class=lista><tr><td class=lista align=center width=100%>"); $filledurl = $_GET["filledurl"]; $requestid = $_GET["requestid"]; $filldate = date('Y-m-d H:i:s'); $res = mysql_query("SELECT users.username, requests.userid, requests.request FROM {$TABLE_PREFIX}requests requests inner join {$TABLE_PREFIX}users users on requests.userid = users.id where requests.id = {$requestid}") or sqlerr(); $arr = mysql_fetch_assoc($res); $res2 = mysql_query("SELECT username FROM {$TABLE_PREFIX}users where id =" . $CURUSER[uid]) or sqlerr(); $arr2 = mysql_fetch_assoc($res2); $msg = "" . REQUEST . ": [url={$BASEURL}/index.php?page=reqdetails&id=" . $requestid . "][b]" . $arr[request] . "[/b][/url], is filled by [url={$BASEURL}/index.php?page=userdetails&id=" . $CURUSER[uid] . "][b]" . $arr2[username] . "[/b][/url].\r\n\r\nThe torrent can be downloaded from the following link:\r\n[url=" . $filledurl . "][b]" . $filledurl . "[/b][/url]\r\n\r\nDo not forget to thank the uploader.\r\nIf for some reason this is not what you want, please reset this by clicking [url={$BASEURL}/index.php?page=reqreset&requestid=" . $requestid . "][b]HERE![/b][/url].\r\n\r\n[b]DO NOT[/b] click the link unless you are absolutly sure you want to reset the request."; $subject = "Your torrent request is filled !"; mysql_query("UPDATE {$TABLE_PREFIX}requests SET filled = '{$filledurl}', fulfilled= '{$filldate}', filledby = {$CURUSER['uid']} WHERE id = {$requestid}") or sqlerr(); if ($btit_settings["req_rwon"] == true) { if ($btit_settings["req_sbmb"] == true) { mysql_query("UPDATE {$TABLE_PREFIX}users SET uploaded = uploaded + {$btit_settings['req_mb']} WHERE id={$CURUSER['uid']}"); } if ($btit_settings["req_sbmb"] == false) { mysql_query("UPDATE {$TABLE_PREFIX}users SET seedbonus = seedbonus + {$btit_settings['req_sb']} WHERE id={$CURUSER['uid']}"); } } send_pm($CURUSER[uid], $arr[userid], sqlesc($subject), sqlesc($msg)); $reqfilledtpl->set("rf1", "<table class=lista align=center width=550 cellspacing=2 cellpadding=0>\n"); $reqfilledtpl->set("rf2", "<br><BR><div align=left>Request " . $arr[request] . " has now been successfuly filled here: <a href={$filledurl}>{$filledurl}</a>. User <a href=index.php?page=account-details&id={$arr['userid']}><b>{$arr['username']}</b></a> has recieved a PM about this upload. <br>\r\n<br><b>Is this is an accident?</b><br><br>No worries, only <a href=index.php?page=reqreset&requestid={$requestid}><b>CLICK HERE</b></a> to reset this request.<br><b>WARNING</b> do not click this unless you realy want to reset the request !<br><BR></div>"); $reqfilledtpl->set("rf3", "<BR><BR>Thanks for filling out this request :)<br><br>Go back to<a href=index.php?page=viewrequests><b> View Requests</b></a>"); $reqfilledtpl->set("rf4", "</td></tr></table></table>"); }
function check_upload($tmp_name = "", $name = "") { global $btit_settings, $language, $CURUSER; /* Return values 1 = $tmp_name empty 2 = $name empty 3 = $tmp_name doesn't exist 4 = At least one of the banned triggers were matched 5 = All good */ if ($tmp_name == "") { return 1; } if ($name == "") { return 2; } if (file_exists($tmp_name)) { $handle = fopen($tmp_name, "r"); $haystack = " " . fread($handle, filesize($tmp_name)); fclose($handle); $needles = isset($btit_settings["secsui_quarantine_search_terms"]) && !empty($btit_settings["secsui_quarantine_search_terms"]) ? explode(",", $btit_settings["secsui_quarantine_search_terms"]) : array(); $found = "no"; if (is_array($needles) && !empty($needles)) { foreach ($needles as $needle) { if ($found == "no" && strpos($haystack, $needle)) { $found = "yes"; } } } if ($found == "yes") { $quarantined_name = ""; if (is_dir($btit_settings["secsui_quarantine_dir"])) { if (is_writable($btit_settings["secsui_quarantine_dir"])) { $quarantined_name = $btit_settings["secsui_quarantine_dir"] . "/hack_attempt_" . $CURUSER["uid"] . "-" . time() . "-" . $name; move_uploaded_file($tmp_name, $quarantined_name); } else { send_pm(0, $btit_settings["secsui_quarantine_pm"], sqlesc($language["QUAR_ERR"]), sqlesc($language["QUAR_DIR_PROBLEM_1"] . " " . (!empty($btit_settings["secsui_quarantine_dir"]) ? "([b]" . $btit_settings["secsui_quarantine_dir"] . "[/b]) " : "") . $language["QUAR_DIR_PROBLEM_3"])); @unlink($tmp_name); } } else { send_pm(0, $btit_settings["secsui_quarantine_pm"], sqlesc($language["QUAR_ERR"]), sqlesc($language["QUAR_DIR_PROBLEM_1"] . " " . (!empty($btit_settings["secsui_quarantine_dir"]) ? "([b]" . $btit_settings["secsui_quarantine_dir"] . "[/b]) " : "") . $language["QUAR_DIR_PROBLEM_2"])); @unlink($tmp_name); } send_pm(0, $btit_settings["secsui_quarantine_pm"], sqlesc($language["QUAR_PM_SUBJ"]), sqlesc("[url=" . $BASEURL . "/index.php?page=userdetails&id=" . $CURUSER["uid"] . "]" . $CURUSER["username"] . "[/url] " . $language["QUAR_PM_MSG_1"] . ":" . "\n\n[b]" . (isset($quarantined_name) && !empty($quarantined_name) ? $quarantined_name : "[color=red]" . $language["QUAR_UNABLE"] . "[/color]") . "[/b]\n\n" . $language["QUAR_PM_MSG_2"] . " [b]" . getip() . "[/b]\n\n" . ":yikes:")); return 4; } else { return 5; } } else { return 3; } }
$admintpl->set("search_value", $diff); // it's final step, users get new group and pm are send if ($changeug == "Work" && isset($_POST["uyedegis"])) { $dis = ""; if ($grupdegis == "evet") { $dis .= "<div align=\"center\">"; foreach ($_POST["uyedegis"] as $uyedegis => $degeri) { do_sqlquery("UPDATE {$TABLE_PREFIX}users SET id_level='" . $kullan1 . "' WHERE id='" . $degeri . "'"); $dis .= "User <b>" . $degeri . "</b> ID LEVEL has changed to <b>" . $kullan1 . "</b><br />"; } $dis .= "</div>"; } if ($mesajat == "evet") { $dis .= "<div align=\"center\">"; foreach ($_POST["uyedegis"] as $uyedegis => $degeri) { send_pm($gonderen, $degeri, $baslik, $mesajmetni); $dis .= "PM send to User <b>" . $degeri . "</b><br />"; } $dis .= "</div>"; } $admintpl->set("show_tasks", $dis); $admintpl->set("language", $language); $admintpl->set("final_result", true, true); $admintpl->set("display_result", false, true); } if ($readyto == "Go") { $mdiff = $_POST["diff"] * $s[$_POST["type"]]; $admintpl->set("search_diff_title", "Search for difference >" . makesize($mdiff) . " and User Group = " . ($kullan == 0 ? "ALL" : $kullan)); $admintpl->set("final_result", false, true); $admintpl->set("display_result", true, true); $admintpl->set("pm_bbcode", textbbcode("act", "mesajmetni", ""));
$torrenturl = mysqli_real_escape_string($DBDT, $_POST["torrenturl"]); $type = mysqli_real_escape_string($DBDT, $_POST["type"]); if ($expecttitle == "" || $cat == 0 || $descr == "") { stderr($language["ERROR"], $language["ERR_MISSING_DATA"]); stdfoot(); die; } $expect = sqlesc($expecttitle); $descr = sqlesc($descr); $date = sqlesc($date); $cat = sqlesc($cat); $upl = sqlesc($uploaded); $torurl = sqlesc($torrenturl); $tpe = sqlesc($type); mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}expected SET expect_offer={$tpe}, cat={$cat}, expect={$expect}, descr={$descr}, date={$date}, uploaded={$upl}, torrenturl={$torurl} WHERE id={$id}"); //pm if ($type == 'yes' and $uploaded == 'yes') { $ms = sqlesc("Some time ago, you voted for the torrent: " . $expecttitle . "\n\n\nWe like to lett you know it is uploaded and you can get it here :\n\n\n[url]" . $torrenturl . "[/url]\n\n\n[color=red][b]THIS IS AN AUTOMATIC SYSTEM MESSAGE PLEASE DON,T REPLY[/b][/color]"); $res = mysqli_query($GLOBALS["___mysqli_ston"], "select userid from {$TABLE_PREFIX}addedexpected where expectid = " . $id) or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)); while ($row = mysqli_fetch_array($res)) { $kk = $row["userid"]; send_pm(0, $kk, sqlesc('Voted offer is uploaded'), $ms); } } //pm end header("Refresh: 0; url=index.php?page=viewexpected"); } else { stderr($language["ERROR"], $language["ERR_NOT_AUTH"]); stdfoot(); die; }
if($FORUMLINK=="smf") { do_sqlquery("INSERT INTO {$db_prefix}personal_messages (ID_MEMBER_FROM, fromName, msgtime, subject, body) VALUES (".$CURUSER["smf_fid"].", '".$CURUSER["username"]."', UNIX_TIMESTAMP(), $subject, $msg)",true); $pm_id=mysql_insert_id(); do_sqlquery("INSERT INTO {$db_prefix}pm_recipients (ID_PM, ID_MEMBER) VALUES ($pm_id, $rec)"); do_sqlquery("UPDATE {$db_prefix}members SET instantMessages=instantMessages+1, unreadMessages=unreadMessages+1 WHERE ID_MEMBER=$rec"); } else do_sqlquery("INSERT INTO {$TABLE_PREFIX}messages (sender, receiver, added, subject, msg) VALUES ($send,$rec,UNIX_TIMESTAMP(),$subject,$msg)") or die(mysql_error()); */ $hmm = mysql_query("SELECT * FROM {$TABLE_PREFIX}ignore WHERE ignore_id = '{$uid}' AND user_id = '{$rec}' "); if (mysql_num_rows($hmm)) { redirect("index.php?page=usercp&uid=" . $uid . "&do=ign"); } else { // replaced by send_pm function send_pm($CURUSER['uid'], $rec, $subject, $msg); } // beta send_mail($CURUSER['email'], $subject, $msg); // beta redirect("index.php?page=usercp&uid=" . $uid . "&do=pm&action=list"); exit; } } break; case 'deleteall': if ($FORUMLINK == "smf") { redirect("index.php?page=forum&action=pm" . ($_GET["type"] == "out" ? ";f=outbox" : "")); } // MODIFIED DELETE ALL VERSION BY gAnDo if (isset($_GET["type"])) {
echo $SITENAME; ?> Online Quiz , Welcome <?php echo $CURUSER["username"]; ?> </div> <br /> <form name="quiz" method="post" action="index.php?page=modules&module=quiz"> <?php if ($_POST["do"] == "finish") { $rans = $_POST["rans"]; $tq = $_POST["tq"]; $seedbon = $btit_settings["quizbon"]; if ($tq == $rans and $btit_settings["quizp"] == true) { do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `seedbonus`=seedbonus+'" . $seedbon . "' WHERE `id`=" . $CURUSER["uid"] . "", true); send_pm(0, $user, sqlesc('You have a 100% score for the Quiz!'), sqlesc("You have a 100% score for our Quiz!\n\n Congratulations , you did recieve " . $seedbon . " seedbonus points !!\n\n [color=red]This is a automatic system message , so DO NOT reply ![/color]")); } $end = $_POST["end"]; $startposition = $_POST["startposition"]; echo "<table cellpadding='5px' align='center' style='border:1px solid silver' width='80%'\nbgcolor='green'>"; echo "<tr><td>Total Question Attempt</td><td>", $tq, "</td><tr>"; echo "<tr><td>Correct Answer</td><td>", $rans, "</td></tr>"; echo "<tr><td>Wrong Answer</td><td>", $tq - $rans, "</td></tr>"; echo "<tr><td>Correct Answer Percentage</td><td>", $rans / $tq * 100, "%</td></tr>"; echo "<tr><td>Wrong Answer Percenntage</td><td>", ($tq - $rans) / $tq * 100, "%</td></tr>"; echo "</table><br><br>"; $query = "select * from {$TABLE_PREFIX}quiz where qid<='{$end}' and qid>='{$startposition}'"; echo "<table cellpadding='5px' align='center' style='border:1px\nsolid silver'>"; echo "<tr><th colspan='4' id='heading'>Online Quiz Test\nQuestion</td></tr>"; $result = mysqli_query($GLOBALS["___mysqli_ston"], $query); while ($row = mysqli_fetch_array($result)) {
$new_logs = dbcount("(log_id)", DB_FAILED_LOGINS, "datestamp > '" . (int) $settings['cronjob_hour'] . "'"); if ($new_logs) { $result = dbquery("SELECT COUNT(fl.log_id) AS tries, fl.user_id, fl.datestamp, MIN(fl.datestamp) AS mindate, MAX(fl.datestamp) AS maxdate,\r\n\t\t\ttu.user_language\r\n\t\t\tFROM " . DB_FAILED_LOGINS . " fl\r\n\t\t\tLEFT JOIN " . DB_USERS . " tu ON fl.user_id=tu.user_id\r\n\t\t\tWHERE datestamp > '" . (int) $settings['cronjob_hour'] . "'\r\n\t\t\tGROUP BY user_id"); $reinc = false; while ($data = dbarray($result)) { if ($data['user_language'] != "" && $data['user_language'] != $settings['locale'] && file_exists(LOCALE . $data['user_language'] . "/global.php")) { include LOCALE . $data['user_language'] . "/global.php"; $reinc = true; } $message = sprintf($locale['flogins_101'], $data['tries']); if ($data['tries'] == 1) { $message .= sprintf($locale['flogins_102'], showdate($settings['longdate'], $data['datestamp'])); } else { $message .= sprintf($locale['flogins_103'], showdate($settings['longdate'], $data['mindate']), showdate($settings['longdate'], $data['maxdate'])); } send_pm($data['user_id'], "0", $locale['flogins_100'], $message, "0"); } if ($reinc) { include LOCALE . LOCALESET . "global.php"; } } $result = dbquery("UPDATE " . DB_SETTINGS . " SET settings_value='" . (int) $time_now . "' WHERE settings_name='cronjob_hour'"); } // Cron Job (24 HOUR) if ($settings['cronjob_day'] < time() - 86400) { $new_time = time(); $result = dbquery("DELETE FROM " . DB_THREAD_NOTIFY . " WHERE notify_datestamp < '" . (time() - 1209600) . "'"); $result = dbquery("DELETE FROM " . DB_NEW_USERS . " WHERE user_datestamp < '" . (time() - 86400) . "'"); // Check if there are any suspended users, and un-suspend them if the suspend-time is over $usr_inactive = dbcount("(user_id)", DB_USERS, "user_status='3' AND user_actiontime!='0' AND user_actiontime < '" . time() . "'"); if ($usr_inactive) {
/** * Execute Normal and Inline Thread Moderation * * @param array $thread_options Moderation information * @param array Thread IDs. Only the first one will be used, but it needs to be an array * @return boolean true */ function execute_thread_moderation($thread_options, $tids) { global $db, $mybb; $tid = (int) $tids[0]; // Take the first thread to get thread data from $query = $db->simple_select("threads", 'fid', "tid='{$tid}'"); $thread = $db->fetch_array($query); // If deleting threads, only do that if ($thread_options['deletethread'] == 1) { foreach ($tids as $tid) { $this->delete_thread($tid); } } else { if ($thread_options['mergethreads'] == 1 && count($tids) > 1) { $tid_list = implode(',', $tids); $options = array('order_by' => 'dateline', 'order_dir' => 'DESC'); $query = $db->simple_select("threads", 'tid, subject', "tid IN ({$tid_list})", $options); // Select threads from newest to oldest $last_tid = 0; while ($tid = $db->fetch_array($query)) { if ($last_tid != 0) { $this->merge_threads($last_tid, $tid['tid'], $tid['subject']); // And keep merging them until we get down to one thread. } $last_tid = $tid['tid']; } } if ($thread_options['deletepoll'] == 1) { foreach ($tids as $tid) { $this->delete_poll($tid); } } if ($thread_options['removeredirects'] == 1) { foreach ($tids as $tid) { $this->remove_redirects($tid); } } if ($thread_options['removesubscriptions'] == 1) { $this->remove_thread_subscriptions($tids, true); } if ($thread_options['approvethread'] == 'approve') { $this->approve_threads($tids, $thread['fid']); } elseif ($thread_options['approvethread'] == 'unapprove') { $this->unapprove_threads($tids, $thread['fid']); } elseif ($thread_options['approvethread'] == 'toggle') { $this->toggle_thread_visibility($tids, $thread['fid']); } if ($thread_options['softdeletethread'] == 'softdelete') { $this->soft_delete_threads($tids); } elseif ($thread_options['softdeletethread'] == 'restore') { $this->restore_threads($tids); } elseif ($thread_options['softdeletethread'] == 'toggle') { $this->toggle_thread_softdelete($tids); } if ($thread_options['openthread'] == 'open') { $this->open_threads($tids); } elseif ($thread_options['openthread'] == 'close') { $this->close_threads($tids); } elseif ($thread_options['openthread'] == 'toggle') { $this->toggle_thread_status($tids); } if ($thread_options['stickthread'] == 'stick') { $this->stick_threads($tids); } elseif ($thread_options['stickthread'] == 'unstick') { $this->unstick_threads($tids); } elseif ($thread_options['stickthread'] == 'toggle') { $this->toggle_thread_importance($tids); } if ($thread_options['threadprefix'] != '-1') { $this->apply_thread_prefix($tids, $thread_options['threadprefix']); // Update thread prefix } if (my_strtolower(trim($thread_options['newsubject'])) != '{subject}') { $this->change_thread_subject($tids, $thread_options['newsubject']); } if (!empty($thread_options['addreply'])) { $tid_list = implode(',', $tids); $query = $db->simple_select("threads", 'uid, fid, subject, tid, firstpost, closed', "tid IN ({$tid_list}) AND closed NOT LIKE 'moved|%'"); require_once MYBB_ROOT . "inc/datahandlers/post.php"; // Loop threads adding a reply to each one while ($thread = $db->fetch_array($query)) { $posthandler = new PostDataHandler("insert"); if (empty($thread_options['replysubject'])) { $new_subject = 'RE: ' . $thread['subject']; } else { $new_subject = str_ireplace('{username}', $mybb->user['username'], $thread_options['replysubject']); $new_subject = str_ireplace('{subject}', $thread['subject'], $new_subject); } // Set the post data that came from the input to the $post array. $post = array("tid" => $thread['tid'], "replyto" => $thread['firstpost'], "fid" => $thread['fid'], "subject" => $new_subject, "uid" => $mybb->user['uid'], "username" => $mybb->user['username'], "message" => $thread_options['addreply'], "ipaddress" => $db->escape_binary(my_inet_pton(get_ip()))); // Set up the post options from the input. $post['options'] = array("signature" => 1, "emailnotify" => 0, "disablesmilies" => 0); if ($thread['closed'] == 1) { // Keep this thread closed $post['modoptions']['closethread'] = 1; } $posthandler->set_data($post); if ($posthandler->validate_post($post)) { $posthandler->insert_post($post); } } } if ($thread_options['movethread'] > 0 && $thread_options['movethread'] != $thread['fid']) { if ($thread_options['movethreadredirect'] == 1) { $time = TIME_NOW + $thread_options['movethreadredirectexpire'] * 86400; foreach ($tids as $tid) { $this->move_thread($tid, $thread_options['movethread'], 'redirect', $time); } } else { $this->move_threads($tids, $thread_options['movethread']); } } if ($thread_options['copythread'] > 0 || $thread_options['copythread'] == -2) { if ($thread_options['copythread'] == -2) { $thread_options['copythread'] = $thread['fid']; } foreach ($tids as $tid) { $new_tid = $this->move_thread($tid, $thread_options['copythread'], 'copy'); } } if (!empty($thread_options['recountrebuild'])) { require_once MYBB_ROOT . '/inc/functions_rebuild.php'; foreach ($tids as $tid) { rebuild_thread_counters($tid); } } } // Do we have a PM subject and PM message? if (isset($thread_options['pm_subject']) && $thread_options['pm_subject'] != '' && isset($thread_options['pm_message']) && $thread_options['pm_message'] != '') { $tid_list = implode(',', $tids); // For each thread, we send a PM to the author $query = $db->simple_select("threads", 'uid', "tid IN ({$tid_list})"); while ($uid = $db->fetch_field($query, 'uid')) { // Let's send our PM $pm = array('subject' => $thread_options['pm_subject'], 'message' => $thread_options['pm_message'], 'touid' => $uid); send_pm($pm, $mybb->user['uid'], 1); } } return true; }
$tables = $TABLE_PREFIX . 'users u'; if ($ratio) { $where .= ' AND ((u.uploaded)/(u.downloaded=0))' . $pick; } } # get data $pm_users = get_result('SELECT u.id, u.username FROM ' . $tables . ' ' . $where, true); $i = 0; # revamp data foreach ($pm_users as $cur) { if (!$pm_sender && $cur['id'] == $CURUSER['uid']) { continue; } $i++; if ($pm) { send_pm($sender, $cur['id'], $subject, $msg); } if ($list_users) { $l_users[] = '<a href="' . $BASEURL . '/index.php?page=userdetails&id=' . $cur['id'] . '">' . $cur['username'] . '</a>'; } } # set output vars $block_title = $language['MASS_SENT']; $masspm_post = true; $masspm['subject'] = $original_subject; $masspm['body'] = format_comment($original_msg); $masspm['info'] = '<b>' . $i . '</b> ' . $language['USERS_FOUND'] . ' ' . $rank_details . ' ' . $ratio_d . ' !! ' . (!$pm ? ' [ DEBUG MODE ] ' : '') . '<br /><br />' . $language['USERS_PMED'] . '<br />' . implode(' - ', $l_users); break; } } case 'write':
function warn_user($UserID, $Duration, $Reason) { global $LoggedUser, $DB, $Cache, $Time; $DB->query("SELECT Warned FROM users_info WHERE UserID=".$UserID." AND Warned <> '0000-00-00 00:00:00'"); if($DB->record_count() > 0) { //User was already warned, appending new warning to old. list($OldDate) = $DB->next_record(); $NewExpDate = date('Y-m-d H:i:s', strtotime($OldDate) + $Duration); send_pm($UserID, 0, db_string("You have received multiple warnings."), db_string("When you received your latest warning (Set to expire on ".date("Y-m-d", (time() + $Duration))."), you already had a different warning (Set to expire on ".date("Y-m-d", strtotime($OldDate)).").\n\n Due to this collision, your warning status will now expire at ".$NewExpDate.".")); $AdminComment = date("Y-m-d").' - Warning (Clash) extended to expire at '.$NewExpDate.' by '.$LoggedUser['Username']."\nReason: $Reason\n"; $DB->query('UPDATE users_info SET Warned=\''.db_string($NewExpDate).'\', WarnedTimes=WarnedTimes+1, AdminComment=CONCAT(\''.db_string($AdminComment).'\',AdminComment) WHERE UserID=\''.db_string($UserID).'\''); } else { //Not changing, user was not already warned $WarnTime = time_plus($Duration); $Cache->begin_transaction('user_info_'.$UserID); $Cache->update_row(false, array('Warned' => $WarnTime)); $Cache->commit_transaction(0); $AdminComment = "\n".date("Y-m-d").' - Warned until '.$WarnTime.' by '.$LoggedUser['Username']."\nReason: $Reason\n"; $DB->query('UPDATE users_info SET Warned=\''.db_string($WarnTime).'\', WarnedTimes=WarnedTimes+1, AdminComment=CONCAT(\''.db_string($AdminComment).'\',AdminComment) WHERE UserID=\''.db_string($UserID).'\''); } }
function do_sanity($ts = 0) { // Lets try upping the max_execution_time and memory_limit if we can (Code from Pet/FM) if (@ini_get("max_execution_time") < 300) { @ini_set("max_execution_time", 300); } if (trim(@ini_get("memory_limit"), "M") < 128) { @ini_set("memory_limit", "128M"); } global $clean_interval, $BASEURL, $btit_settings, $XBTT_USE, $db_prefix, $autopruneusers, $email_on_prune, $days_members, $days_not_comfirm, $days_to_email, $PRIVATE_ANNOUNCE, $TORRENTSDIR, $CURRENTPATH, $LIVESTATS, $LOG_HISTORY, $TABLE_PREFIX, $DOXPATH, $DBDT; $THIS_BASEPATH = dirname(__FILE__); $days = 14; $time = time() - $days * 86400; mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM {$TABLE_PREFIX}bugs WHERE status != 'na' AND added < {$time}") or sqlerr(__FILE__, __LINE__); //delete bots after 48 hours mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM {$TABLE_PREFIX}bots WHERE visit < (NOW() - INTERVAL 2880 MINUTE)"); //end bots //delete last up/downloads after 48 hours mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM {$TABLE_PREFIX}downloads WHERE date < (NOW() - INTERVAL 2880 MINUTE)"); //end last up/downloads //show images in shoutbox if ($btit_settings["endtch"] == TRUE) { $shout = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}chat ORDER BY id DESC LIMIT 1"); $shoutrow = mysqli_fetch_assoc($shout); $fp = $btit_settings["fix_chat"]; if ($shoutrow["count"] >= $btit_settings["don_chat"]) { if ($btit_settings["ran_chat"] == TRUE) { do_sqlquery("INSERT INTO {$TABLE_PREFIX}chat (uid, time, name, text) VALUES (0," . time() . ", 'System','[img]{$BASEURL}/images/shouts/shout.php[/img]')"); } else { do_sqlquery("INSERT INTO {$TABLE_PREFIX}chat (uid, time, name, text) VALUES (0," . time() . ", 'System','[img]{$BASEURL}/images/shouts/" . $fp . "[/img]')"); } } } //show images in shoutbox end //happy hour $happy_r = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT UNIX_TIMESTAMP(value_s) AS happy , value_i AS happys from {$TABLE_PREFIX}avps where arg='happyhour'") or sqlerr(__FILE__, __LINE__); $happy_a = mysqli_fetch_array($happy_r); $curDate = time(); $happyTime = $happy_a["happy"] + 3600; if ($happy_a["happys"] == 0) { $happyHour = happyHour(); mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}avps set value_s=" . sqlesc($happyHour) . ", value_i='1' WHERE arg='happyhour' LIMIT 1 ") or sqlerr(__FILE__, __LINE__); } elseif ($happy_a["happys"] == 1 && $curDate > $happyTime) { mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}avps set value_i='0' WHERE arg='happyhour' LIMIT 1 "); } $switch = do_sqlquery("SELECT * FROM `{$TABLE_PREFIX}files` WHERE `external`='no'", true); $switch_happy = mysqli_fetch_array($switch); if ($switch_happy["happy_hour"] == "yes") { if (ishappyHour("check") && $happyTime > "0:00") { do_sqlquery("ALTER TABLE `{$TABLE_PREFIX}files` CHANGE `happy` `happy` ENUM( 'yes', 'no' ) NULL DEFAULT 'yes'") or sqlerr(); do_sqlquery("UPDATE `{$TABLE_PREFIX}files` SET `happy`='yes' WHERE `external`='no'", true); } else { do_sqlquery("ALTER TABLE `{$TABLE_PREFIX}files` CHANGE `happy` `happy` ENUM( 'yes', 'no' ) NULL DEFAULT 'no'") or sqlerr(); do_sqlquery("UPDATE `{$TABLE_PREFIX}files` SET `happy`='no' WHERE `external`='no'", true); } } // happy hour // featured if ($btit_settings["auto_feat"] == TRUE) { $feat = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT info_hash , leechers , image from {$TABLE_PREFIX}files where image!='' ORDER BY leechers DESC limit 1"); $resfeat = mysqli_fetch_array($feat); do_sqlquery("INSERT INTO {$TABLE_PREFIX}featured (fid,torrent_id) VALUES ('','{$resfeat['info_hash']}')"); } //featured //sb if ($XBTT_USE) { $ressb = do_sqlquery("SELECT uid FROM xbt_files_users as u INNER JOIN xbt_files as x ON u.fid=x.fid WHERE u.left = '0' AND x.flags='0' AND u.active='1'"); if (mysqli_num_rows($ressb) > 0) { while ($arrsb = mysqli_fetch_assoc($ressb)) { $x = $arrsb["uid"]; quickQuery("UPDATE `{$TABLE_PREFIX}users` SET `seedbonus`=`seedbonus`+'" . number_format(($ts > 0 ? time() - $ts : $clean_interval) / 3600 * $GLOBALS["bonus"], 6, ".", "") . "' WHERE `id` = '{$x}'"); } } } else { $ressb = do_sqlquery("SELECT pid FROM {$TABLE_PREFIX}peers WHERE status = 'seeder'"); if (mysqli_num_rows($ressb) > 0) { while ($arrsb = mysqli_fetch_assoc($ressb)) { $x = $arrsb['pid']; quickQuery("UPDATE `{$TABLE_PREFIX}users` SET `seedbonus`=`seedbonus`+'" . number_format(($ts > 0 ? time() - $ts : $clean_interval) / 3600 * $GLOBALS["bonus"], 6, ".", "") . "' WHERE `pid`= '{$x}'"); } } } //sb //warn $query = do_sqlquery("SELECT * FROM `{$TABLE_PREFIX}users` WHERE warn='yes'"); while ($conf = mysqli_fetch_assoc($query)) { if (mysqli_num_rows($query) > 0) { $expire_dat = $conf['warnadded']; $expire2 = strtotime($expire_dat); $nown = strtotime("now"); if ($nown >= $expire2) { $subj = sqlesc("Your Warning time is expired !!"); $msg = sqlesc("You are not longer Warned , please be carefull to not make the same mistake again !!"); send_pm(0, $conf[id], $subj, $msg); mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET warn='no' WHERE id='{$conf['id']}'") or sqlerr(); } } } //warn //remove boot after expiration require_once load_language("lang_userdetails.php"); $datetime = gmdate("Y-m-d H:i:s"); $bootedstats = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}users WHERE addbooted < '{$datetime}' AND booted='yes'"); while ($arr = mysqli_fetch_assoc($bootedstats)) { if (mysqli_num_rows($bootedstats) > 0) { $sub = sqlesc($language["BOOT_SUB"]); $mess = sqlesc($language["BOOT_MSG"]); send_pm(0, $arr[id], $sub, $mess); mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET booted='no' WHERE id='{$arr['id']}'") or sqlerr(); } } //remove boot after expiration // DT request hack start $reqprune = $btit_settings["req_prune"]; $request = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT id FROM {$TABLE_PREFIX}requests WHERE filledby > '0' AND fulfilled < DATE_SUB(NOW(), INTERVAL {$reqprune} DAY)"); $reqrow = mysqli_fetch_assoc($request); $reqid = $reqrow["id"]; if (mysqli_num_rows($request) > 0) { mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM {$TABLE_PREFIX}requests WHERE filledby > 0 AND id = {$reqid}"); mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM {$TABLE_PREFIX}addedrequests WHERE requestid = {$reqid}"); } // DT request hack end if ($autopruneusers) { $timeout = $days_members * 60 * 60 * 24; $timeout2 = $days_not_comfirm * 60 * 60 * 24; if ($GLOBALS["FORUMLINK"] == "smf") { do_sqlquery("DELETE u,smfm FROM {$TABLE_PREFIX}users u INNER JOIN {$db_prefix}members smfm ON smfm.ID_MEMBER=u.smf_fid INNER JOIN {$TABLE_PREFIX}users_level ul ON ul.id=u.id_level WHERE (u.id_level = '2' AND UNIX_TIMESTAMP(u.lastconnect)<(UNIX_TIMESTAMP()-{$timeout2}) AND ul.auto_prune='yes') OR (UNIX_TIMESTAMP(lastconnect)<(UNIX_TIMESTAMP()-{$timeout}) AND ul.auto_prune='yes')"); } else { do_sqlquery("DELETE u FROM {$TABLE_PREFIX}users u INNER JOIN {$TABLE_PREFIX}users_level ul ON ul.id=u.id_level WHERE (u.id_level = '2' AND UNIX_TIMESTAMP(u.lastconnect)<(UNIX_TIMESTAMP()-{$timeout2}) AND ul.auto_prune='yes') OR (UNIX_TIMESTAMP(lastconnect)<(UNIX_TIMESTAMP()-{$timeout}) AND ul.auto_prune='yes')"); } if ($email_on_prune) { $timeout = $days_to_email * 60 * 60 * 24; $res = get_result("SELECT email, lastconnect FROM {$TABLE_PREFIX}users u INNER JOIN {$TABLE_PREFIX}users_level ul ON ul.id=u.id_level WHERE UNIX_TIMESTAMP()>=(UNIX_TIMESTAMP(lastconnect)+{$timeout}-{$clean_interval}/2) AND UNIX_TIMESTAMP()<(UNIX_TIMESTAMP(lastconnect)+{$timeout}+{$clean_interval}/2) AND UNIX_TIMESTAMP(lastconnect)<(UNIX_TIMESTAMP()-{$timeout}) AND ul.auto_prune='yes'", true); foreach ($res as $id => $rusers) { send_mail($rusers["email"], $language["EMAIL_INACTIVE_SUBJ"], $language["EMAIL_INACTIVE_MSG"] . "\n\n" . $BASEURL . "/index.php"); } } } // Autoprune torrents if ($btit_settings["autotprune"] == TRUE) { quickQuery("UPDATE `{$TABLE_PREFIX}files` `f` " . ($XBTT_USE ? "LEFT JOIN `xbt_files` `xf` ON `f`.`bin_hash`=`xf`.`info_hash`" : "") . " SET `f`.`dead_time`=UNIX_TIMESTAMP() WHERE ((" . ($XBTT_USE ? "`xf`.`seeders`>0 OR `xf`.`leechers`>0" : "`f`.`seeds`>0 OR `f`.`leechers`>0") . ") OR `f`.`dead_time`=0) AND `f`.`external`='no'"); $res = get_result("SELECT `info_hash`, `bin_hash` FROM `{$TABLE_PREFIX}files` WHERE `dead_time`<=" . (time() - $btit_settings["autotprundedays"] * 86400) . " AND `dead_time`!=0 AND `external`='no'"); if (count($res) > 0) { foreach ($res as $row) { quickQuery("DELETE FROM `{$TABLE_PREFIX}files` WHERE `info_hash`='" . mysqli_real_escape_string($DBDT, $row["info_hash"]) . "'"); quickQuery("DELETE FROM `{$TABLE_PREFIX}timestamps` WHERE `info_hash`='" . mysqli_real_escape_string($DBDT, $row["info_hash"]) . "'"); quickQuery("DELETE FROM `{$TABLE_PREFIX}comments` WHERE `info_hash`='" . mysqli_real_escape_string($DBDT, $row["info_hash"]) . "'"); quickQuery("DELETE FROM `{$TABLE_PREFIX}ratings` WHERE `infohash`='" . mysqli_real_escape_string($DBDT, $row["info_hash"]) . "'"); quickQuery("DELETE FROM `{$TABLE_PREFIX}peers` WHERE `infohash`='" . mysqli_real_escape_string($DBDT, $row["info_hash"]) . "'"); quickQuery("DELETE FROM `{$TABLE_PREFIX}history` WHERE `infohash`='" . mysqli_real_escape_string($DBDT, $row["info_hash"]) . "'"); if ($XBTT_USE) { quickQuery("UPDATE `xbt_files` SET `flags`=1 WHERE `info_hash`='" . mysqli_real_escape_string($DBDT, $row["bin_hash"]) . "'"); } } } } // Autoprune torrents // timed registration $expire_datetr = $btit_settings["regi_d"]; $expire_timetr = $btit_settings["regi_t"]; $expire_datetrs = $expire_datetr . " " . $expire_timetr . ":00:00"; $expiretr = strtotime($expire_datetrs); $nowtr = strtotime("now"); if ($nowtr >= $expiretr) { do_sqlquery("UPDATE `{$TABLE_PREFIX}settings` SET `value`='true' WHERE `key`='regi'", true); } // end timed registration // Anti Hit and Run V2 based on CobraCRK's Anti Hit&Run Mod v1 Enhanced By IntelPentium4 & fatepower // converted ( and improved ) to XBTIT 2 by DiemThuy Nov 2008 if (!$XBTT_USE) { // Get current time $timenow = time(); // Get last time that dosanity() was run $timeres = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT last_time FROM {$TABLE_PREFIX}anti_hit_run_tasks WHERE task='sanity'"); if (mysqli_num_rows($timeres) > 0) { $timearr = mysqli_fetch_array($timeres); $lastrecordedtime = intval($timearr['last_time']); } else { $lastrecordedtime = $timenow - $clean_interval; } // Update Active Seeders' Seeding Clock $res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT pid, infohash FROM {$TABLE_PREFIX}peers WHERE status = 'seeder'"); if (mysqli_num_rows($res) > 0) { while ($arr = mysqli_fetch_assoc($res)) { $x = $arr['pid']; $t = $arr['infohash']; $pl = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT id FROM {$TABLE_PREFIX}users WHERE pid='" . $x . "'"); if (mysqli_num_rows($pl) > 0) { $ccc = mysqli_result($pl, 0, "id"); } else { $ccc = "Unknown"; } mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}history SET seed = seed+" . $timenow . "-" . $lastrecordedtime . " WHERE uid = {$ccc} AND infohash='{$t}'"); } } //Update table anti_hit_run_tasks with new time info. $hunden = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT last_time FROM {$TABLE_PREFIX}anti_hit_run_tasks WHERE task='sanity'"); $manneplutt = mysqli_fetch_row($hunden); if (!$manneplutt) { mysqli_query($GLOBALS["___mysqli_ston"], "INSERT INTO {$TABLE_PREFIX}anti_hit_run_tasks (task, last_time) VALUES ('sanity',{$timenow})"); } else { $ts = $manneplutt[0]; mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}anti_hit_run_tasks SET last_time={$timenow} WHERE task='sanity' AND last_time = {$ts}"); } // Rank who has no anti-hit punishment rule should be excluded $levels = mysqli_query($GLOBALS["___mysqli_ston"], "select id from {$TABLE_PREFIX}users_level order by id"); while ($SingleLevel = mysqli_fetch_array($levels)) { $hasAntiHitRecord = mysqli_query($GLOBALS["___mysqli_ston"], "select id_level from {$TABLE_PREFIX}anti_hit_run where id_level=" . $SingleLevel["id"]); if (mysqli_num_rows($hasAntiHitRecord) == 0) { @mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE `{$TABLE_PREFIX}history`,`users` set hitchecked= 2 where history.uid=users.id and users.id_level=" . $SingleLevel["id"] . " and completed='yes' and hitchecked='0'"); } } $hit_parameters = mysqli_query($GLOBALS["___mysqli_ston"], "select * from {$TABLE_PREFIX}anti_hit_run order by id_level"); while ($hit = mysqli_fetch_array($hit_parameters)) { // Punishment $r = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT DISTINCT uid,infohash FROM {$TABLE_PREFIX}history history inner join {$TABLE_PREFIX}users users on history.uid=users.id WHERE users.id_level=" . $hit["id_level"] . " AND active='no' AND completed='yes' AND hit='no' AND hitchecked= 0 AND date < ( UNIX_TIMESTAMP( ) - (86400 * " . $hit["tolerance_days_before_punishment"] . ")) AND history.downloaded>(1048576 * " . $hit["min_download_size"] . ") AND seed<( 3600 * " . $hit["min_seed_hours"] . ") AND (history.uploaded/history.downloaded)<" . $hit["min_ratio"]); while ($x = mysqli_fetch_array($r)) { @mysqli_query($GLOBALS["___mysqli_ston"], "Update {$TABLE_PREFIX}history SET hit='yes' WHERE uid=" . $x[uid] . " AND infohash='" . $x[infohash] . "' AND hitchecked=0"); if (mysqli_affected_rows($GLOBALS["___mysqli_ston"]) > 0) { if ($hit["reward"] == 'yes') { $reward = "\n\n[color=red]If you want to get the lost amount back , you must seed for at least " . $hit["min_seed_hours"] . " hour(s) or until the file\\'s ratio becomes greater than " . $hit["min_ratio"] . " then your total upload will incremented by " . $hit["upload_punishment"] . " MB !! \n\n\\ [/color][color=purple]This is a automatic system message , so DO NOT reply ![/color]"; } else { $reward = " "; } @mysqli_query($GLOBALS["___mysqli_ston"], "Update {$TABLE_PREFIX}history SET hitchecked= 1 ,punishment_amount=" . $hit["upload_punishment"] . " WHERE uid=" . $x[uid] . " AND infohash='" . $x[infohash] . "' AND hitchecked=0"); @mysqli_query($GLOBALS["___mysqli_ston"], "Update {$TABLE_PREFIX}users SET uploaded=(case when uploaded-(1048576 * " . $hit["upload_punishment"] . ")<0 then 0 else uploaded-(1048576 * " . $hit["upload_punishment"] . ") end) WHERE id={$x['uid']}"); send_pm(0, $x[uid], sqlesc("Auto Hit an Run warning"), sqlesc("You did Hit and Run on the following torrent :\n\n [url]" . $BASEURL . "/index.php?page=details&id={$x['infohash']}[/url] !\n\n\\We did take away " . $hit["upload_punishment"] . " MB as punishment\n\nBe carefull to not make the mistake once more ! " . $reward . "")); // DT reputation system start $reput = do_sqlquery("SELECT * FROM {$TABLE_PREFIX}reputation_settings WHERE id =1"); $setrep = mysqli_fetch_array($reput); $plus = $setrep["rep_hit"]; if ($setrep["rep_is_online"] == FALSE) { //do nothing } else { @mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET reputation = reputation - '{$plus}' WHERE id='{$x['uid']}'"); } // DT reputation system end // warn at hit and run if ($hit["warn"] == 'yes') { $id = (int) $x[uid]; $warnreason = "Auto Hit & Run Warning"; $warnaddedby = "System"; $added = warn_expiration(mktime(date('H') + 2, date('i'), date('s'), date('m'), date('d') + addslashes($hit["days1"]), date('Y'))); quickQuery('UPDATE ' . $TABLE_PREFIX . 'users SET warn="yes",warns=warns+1,warnreason="' . $warnreason . '",warnaddedby="' . $warnaddedby . '",warnadded="' . $added . '" WHERE id=' . $id); } // end warn at hit and run // boot at hit and run if ($hit["boot"] == 'yes') { $id = (int) $x[uid]; $whybooted = "Auto Hit & Run Ban"; $whobooted = "System"; $addbooted = booted_expiration(mktime(date('H') + 2, date('i'), date('s'), date('m'), date('d') + addslashes($hit["days2"]), date('Y'))); quickQuery('UPDATE ' . $TABLE_PREFIX . 'users SET booted="yes", whybooted="' . $whybooted . '",whobooted="' . $whobooted . '",addbooted="' . $addbooted . '" WHERE id=' . $id); } // end boot at hit and run //Dox Hack Start $r = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT id, filename, added FROM {$TABLE_PREFIX}dox WHERE added < '" . date('Y-m-d', strtotime('-' . $btit_settings["dox_del"] . ' weeks')) . "'"); while ($del = mysqli_fetch_array($r)) { $MANNE = "{$BASEURL}/{$DOXPATH}"; @unlink("{$MANNE}/{$del['filename']}"); quickQuery("DELETE FROM {$TABLE_PREFIX}dox WHERE id={$del['id']}"); } //Dox Hack End // boot after warn at hit and run if ($hit["warnboot"] == 'yes') { $diem = do_sqlquery("SELECT warns FROM {$TABLE_PREFIX}users WHERE id={$x['uid']}"); $thuy = mysqli_fetch_array($diem); if ($thuy["warns"] >= $hit["days3"]) { } $id = (int) $x[uid]; $whybooted = "Auto Hit & Run Ban after beeing warned"; $whobooted = "System"; $addbooted = booted_expiration(mktime(date('H') + 2, date('i'), date('s'), date('m'), date('d') + addslashes($hit["days2"]), date('Y'))); quickQuery('UPDATE ' . $TABLE_PREFIX . 'users SET booted="yes", whybooted="' . $whybooted . '",whobooted="' . $whobooted . '",addbooted="' . $addbooted . '" WHERE id=' . $id); } // end boot after warn at hit and run } } mysqli_free_result($r) || is_object($r) && get_class($r) == "mysqli_result" ? true : false; // Reward if ($hit["reward"] == 'yes') { $rr = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT DISTINCT uid,infohash,punishment_amount FROM {$TABLE_PREFIX}history history inner join {$TABLE_PREFIX}users users on history.uid=users.id WHERE users.id_level=" . $hit["id_level"] . " AND hit='yes' AND completed='yes' AND hitchecked= 1 AND (seed>=( 3600 * " . $hit["min_seed_hours"] . ") or (history.uploaded/history.downloaded)>=" . $hit["min_ratio"] . ")"); while ($xr = mysqli_fetch_array($rr)) { @mysqli_query($GLOBALS["___mysqli_ston"], "Update {$TABLE_PREFIX}history SET hitchecked= 3 WHERE uid=" . $xr[uid] . " AND infohash='" . $xr[infohash] . "' AND hitchecked=1"); if (mysqli_affected_rows($GLOBALS["___mysqli_ston"]) > 0) { @mysqli_query($GLOBALS["___mysqli_ston"], "Update {$TABLE_PREFIX}users SET uploaded=uploaded+(1048576 * " . $xr["punishment_amount"] . ") WHERE id={$xr['uid']}"); send_pm(0, $xr[uid], sqlesc("Thanks (Punishement Removed)"), sqlesc("Thank you very much for seeding back the following torrent:\n\n [url]" . $BASEURL . "/index.php?page=details&id={$xr['infohash']}[/url] !\n\n [color=green]The punishment is now removed and you total upload amount increased by " . $xr["punishment_amount"] . " MB! [/color]\n\n [color=purple]This is a automatic system message , so DO NOT reply ![/color]")); // DT reputation system start if ($setrep["rep_is_online"] == FALSE) { //do nothing } else { @mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET reputation = reputation + '{$plus}' WHERE id='{$x['uid']}'"); } // DT reputation system end // warn at hit and run if ($hit["warn"] == 'yes') { quickQuery('UPDATE ' . $TABLE_PREFIX . 'users SET warn="no", warns=warns-1 WHERE id=' . $xr[uid]); } // end warn at hit and run // boot at hit and run if ($hit["boot"] == 'yes') { quickQuery('UPDATE ' . $TABLE_PREFIX . 'users SET booted="no" WHERE id=' . $xr[uid]); } // end boot at hit and run } } mysqli_free_result($rr) || is_object($rr) && get_class($rr) == "mysqli_result" ? true : false; } // Who are fine should not be punished @mysqli_query($GLOBALS["___mysqli_ston"], "Update {$TABLE_PREFIX}history,users SET hitchecked= 1 WHERE history.uid=users.id AND users.id_level = users.id_level=" . $hit["id_level"] . " AND completed='yes' AND date < ( UNIX_TIMESTAMP( ) - (86400 * " . $hit["tolerance_days_before_punishment"] . ")) AND hitchecked= 0"); } mysqli_free_result($levels) || is_object($levels) && get_class($levels) == "mysqli_result" ? true : false; mysqli_free_result($hasAntiHitRecord) || is_object($hasAntiHitRecord) && get_class($hasAntiHitRecord) == "mysqli_result" ? true : false; mysqli_free_result($hit_parameters) || is_object($hit_parameters) && get_class($hit_parameters) == "mysqli_result" ? true : false; } // End of Anti Hit and Run //Invalid Login System Hack Start mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM {$TABLE_PREFIX}bannedip WHERE comment='max_number_of_invalid_logins_reached'"); //invalid Login System Hack Stop //start freeleech $queryd = do_sqlquery("SELECT free_expire_date, free FROM `{$TABLE_PREFIX}files` WHERE `external`='no'", true); $configd = mysqli_fetch_array($queryd); $expire_dated = $configd['free_expire_date']; $expired = strtotime($expire_dated); $nowd = strtotime("now"); if ($nowd >= $expired && $configd['free'] == 'yes') { do_sqlquery("UPDATE `{$TABLE_PREFIX}files` SET `free`='no',free_expire_date='0000-00-00 00:00:00' WHERE `external`='no'", true); do_sqlquery("ALTER TABLE `{$TABLE_PREFIX}files` CHANGE `free` `free` ENUM( 'yes', 'no' ) NULL DEFAULT 'no'", true); // xbtt if ($XBTT_USE) { do_sqlquery("UPDATE xbt_files SET down_multi=0, flags=2"); do_sqlquery("ALTER TABLE xbt_files CHANGE `down_multi` `down_multi` INT NULL DEFAULT '0'", true); } } // end freeleech $query = do_sqlquery("SELECT * FROM `{$TABLE_PREFIX}lottery_config` WHERE `id`=1", true); $config = mysqli_fetch_array($query); $expire_date = $config['lot_expire_date']; $expire = strtotime($expire_date); $now = strtotime("now"); if ($now >= $expire) { $number_winners = $config['lot_number_winners']; $number_to_win = $config['lot_number_to_win']; $minupload = $config['lot_amount']; $res = do_sqlquery("SELECT `id`, `user` FROM `{$TABLE_PREFIX}lottery_tickets` ORDER BY RAND(NOW()) LIMIT " . $number_winners . "", true); //select number of winners $total = mysqli_num_rows(do_sqlquery("SELECT * FROM `{$TABLE_PREFIX}lottery_tickets`", true)); //select total selled tickets $pot = $total * $minupload; //selled tickets * ticket price $pot += $number_to_win; // ticket prize + minimum win $win = $pot / $number_winners; // prize for each winner $subject = sqlesc("You have won a prize with the lottery"); //subject in pm $msg = sqlesc("Congratulations you have won a prize with our Lottery. Your prize has been added to your account. You won " . makesize($win) . ""); //next 3 rows are the msg for PM $sender = $config['sender_id']; // Sender id, in my case 0 //print the winners and send them PM en give them price while ($row = mysqli_fetch_array($res)) { $ras = do_sqlquery("SELECT `smf_fid`, `id`, `username` FROM `{$TABLE_PREFIX}users` WHERE `id`=" . $row['user'] . "", true); $raw = mysqli_fetch_array($ras); $rec = sqlesc("{$raw['id']}"); $lotid = $raw["id"]; $lotname = $raw["username"]; do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `uploaded`=uploaded+" . $win . " WHERE `id`=" . $row['user'] . "", true); $smf = mysqli_fetch_assoc(do_sqlquery("SELECT smf_fid, username FROM `{$TABLE_PREFIX}users` WHERE `id`=" . $row["user"] . "", true)); send_pm($sender, $rec, $subject, $msg); // begin - announce winner in shoutbox do_sqlquery("INSERT INTO {$TABLE_PREFIX}chat (uid, time, name, text) VALUES (0," . time() . ", 'System','[color=red]Lottery winner : [/color][url={$BASEURL}/index.php?page=userdetails&id={$lotid}]" . $lotname . " did win " . makesize($win) . "[/url]')"); // end - announce winner in shoutbox do_sqlquery("INSERT INTO `{$TABLE_PREFIX}lottery_winners` (`id`, `win_user`, `windate`, `price`) VALUES ('', '" . $raw['username'] . "', '" . $expire_date . "', '" . $win . "')"); } do_sqlquery("TRUNCATE TABLE `{$TABLE_PREFIX}lottery_tickets`", true); do_sqlquery("UPDATE `{$TABLE_PREFIX}lottery_config` SET `lot_status`='closed' WHERE `id`=1", true); } // lottery auto start if ($btit_settings["autolot"] == TRUE) { $date_end = lastOfMonth(); $klaar = $config["lot_status"]; if ($klaar == 'closed') { $expire_date = $date_end; $expire_time = 23; $val1 = $expire_date . " " . $expire_time . ":59:59"; $val2 = 1; $val3 = 15 * 1024 * 1024 * 1024; // Gb $val4 = 500 * 1024 * 1024; // Mb $val5 = 'yes'; $val6 = 1; $val7 = 2; do_sqlquery("UPDATE `{$TABLE_PREFIX}lottery_config` SET `lot_expire_date`='" . $val1 . "', `lot_number_winners`='" . $val2 . "', `lot_number_to_win`='" . $val3 . "', `lot_amount`='" . $val4 . "', `lot_status`='" . $val5 . "', `limit_buy`='" . $val6 . "', `sender_id`=" . $val7 . " WHERE `id`=1", true); } // lottery end } // SANITY FOR TORRENTS $results = do_sqlquery("SELECT info_hash, seeds, leechers, dlbytes, filename FROM {$TABLE_PREFIX}files WHERE external='no'"); $i = 0; while ($row = mysqli_fetch_row($results)) { list($hash, $seeders, $leechers, $bytes, $filename) = $row; $timeout = time() - intval($GLOBALS["report_interval"] * 2); // for testing purpose -- begin $resupd = do_sqlquery("SELECT * FROM {$TABLE_PREFIX}peers where lastupdate < " . $timeout . " AND infohash='{$hash}'"); if (mysqli_num_rows($resupd) > 0) { while ($resupdate = mysqli_fetch_array($resupd)) { $uploaded = max(0, $resupdate["uploaded"]); $downloaded = max(0, $resupdate["downloaded"]); $pid = $resupdate["pid"]; $ip = $resupdate["ip"]; // update user->peer stats only if not livestat if (!$LIVESTATS) { if ($PRIVATE_ANNOUNCE) { quickQuery("UPDATE {$TABLE_PREFIX}users SET uploaded=uploaded+{$uploaded}, downloaded=downloaded+{$downloaded} WHERE pid='{$pid}' AND id>1 LIMIT 1"); } else { // ip quickQuery("UPDATE {$TABLE_PREFIX}users SET uploaded=uploaded+{$uploaded}, downloaded=downloaded+{$downloaded} WHERE cip='{$ip}' AND id>1 LIMIT 1"); } } // update dead peer to non active in history table if ($LOG_HISTORY) { $resuser = do_sqlquery("SELECT id FROM {$TABLE_PREFIX}users WHERE " . ($PRIVATE_ANNOUNCE ? "pid='{$pid}'" : "cip='{$ip}'") . " ORDER BY lastconnect DESC LIMIT 1"); $curu = @mysqli_fetch_row($resuser); quickquery("UPDATE {$TABLE_PREFIX}history SET active='no' WHERE uid={$curu['0']} AND infohash='{$hash}'"); } } } // for testing purpose -- end quickQuery("DELETE FROM {$TABLE_PREFIX}peers where lastupdate < " . $timeout . " AND infohash='{$hash}'"); quickQuery("UPDATE {$TABLE_PREFIX}files SET lastcycle='" . time() . "' WHERE info_hash='{$hash}'"); $results2 = do_sqlquery("SELECT status, COUNT(status) from {$TABLE_PREFIX}peers WHERE infohash='{$hash}' GROUP BY status"); $counts = array(); while ($row = mysqli_fetch_row($results2)) { $counts[$row[0]] = 0 + $row[1]; } quickQuery("UPDATE {$TABLE_PREFIX}files SET leechers=" . (isset($counts["leecher"]) ? $counts["leecher"] : 0) . ",seeds=" . (isset($counts["seeder"]) ? $counts["seeder"] : 0) . " WHERE info_hash=\"{$hash}\""); if ($bytes < 0) { quickQuery("UPDATE {$TABLE_PREFIX}files SET dlbytes=0 WHERE info_hash=\"{$hash}\""); } } //Auto Seedbox Start do_sqlquery("UPDATE {$TABLE_PREFIX}files SET `seedbox`='0' "); $sid = do_sqlquery("select * FROM {$TABLE_PREFIX}peers WHERE `ip` =" . $btit_settings["seedip"]); while ($sow = mysqli_fetch_array($sid)) { do_sqlquery("UPDATE {$TABLE_PREFIX}files SET `seedbox`='1' WHERE `info_hash`='{$sow['infohash']}'"); } //Auto Seedbox End // END TORRENT'S SANITY //DT Uploader Medals global $btit_settings; do_sqlquery("UPDATE {$TABLE_PREFIX}users SET `up_med`='0' "); $time_B = 86400 * $btit_settings['UPD']; $time_E = strtotime(now); $time_D = $time_E - $time_B; $res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT uploader,count( * ) AS Count FROM {$TABLE_PREFIX}files WHERE UNIX_TIMESTAMP(data) > " . $time_D . " GROUP by uploader"); while ($fetch_U = mysqli_fetch_array($res)) { if ($fetch_U['Count'] >= $btit_settings['UPB'] and $fetch_U['Count'] < $btit_settings['UPS']) { do_sqlquery("UPDATE {$TABLE_PREFIX}users SET `up_med`='1' WHERE `id`='{$fetch_U['uploader']}'"); } if ($fetch_U['Count'] >= $btit_settings['UPS'] and $fetch_U['Count'] < $btit_settings['UPG']) { do_sqlquery("UPDATE {$TABLE_PREFIX}users SET `up_med`='2' WHERE `id`='{$fetch_U['uploader']}'"); } if ($fetch_U['Count'] >= $btit_settings['UPG']) { do_sqlquery("UPDATE {$TABLE_PREFIX}users SET `up_med`='3' WHERE `id`='{$fetch_U['uploader']}'"); } } //DT end Uploader Medals // high speed report if ($btit_settings["highswitch"] == TRUE) { if ($GLOBALS["XBTT_USE"]) { $resch = do_sqlquery("SELECT `uid` `id`, `up_rate` FROM `xbt_files_users` WHERE `up_rate` >= (" . $btit_settings["highspeed"] . "*1024) AND `active`=1"); } else { $resch = do_sqlquery("SELECT `p`.`upload_difference`, `p`.`announce_interval`, `u`.`id` FROM `{$TABLE_PREFIX}peers` `p` LEFT JOIN `{$TABLE_PREFIX}users` `u` ON " . ($PRIVATE_ANNOUNCE ? "`p`.`pid`=`u`.`pid`" : "`p`.`ip`=`u`.`cip`") . " WHERE (`p`.`upload_difference`/`p`.`announce_interval`) >= (" . $btit_settings["highspeed"] . "*1024)"); } if (@mysqli_num_rows($resch) > 0) { while ($rowch = mysqli_fetch_assoc($resch)) { if (!is_null($rowch["id"])) { if ($GLOBALS["XBTT_USE"]) { $transferrate = "Upload speed " . round($rowch["up_rate"] / 1024, 2) . " KB/sec ?!"; } else { $transferrate = "Upload speed " . round(round($rowch['upload_difference'] / $rowch['announce_interval']) / 1024, 2) . " KB/sec ?!"; } $high = $rowch["id"]; if ($btit_settings["highonce"] == TRUE) { $once = do_sqlquery("SELECT `id` FROM `{$TABLE_PREFIX}reports` WHERE `addedby` = 0 AND `votedfor` = {$high} AND `type` = 'user' AND reason LIKE 'Upload speed%'"); if (@mysqli_num_rows($once) === FALSE) { do_sqlquery("INSERT INTO `{$TABLE_PREFIX}reports` (`addedby`,`votedfor`,`type`,`reason`) VALUES ('0','{$high}','user', '{$transferrate}')"); } } if ($btit_settings["highonce"] == FALSE) { do_sqlquery("INSERT INTO `{$TABLE_PREFIX}reports` (`addedby`,`votedfor`,`type`,`reason`) VALUES ('0','{$high}','user', '{$transferrate}')"); } } } } } // end high speed report // DT reputation system start $reput = do_sqlquery("SELECT * FROM {$TABLE_PREFIX}reputation_settings WHERE id =1"); $setrep = mysqli_fetch_array($reput); if ($setrep["rep_is_online"] == FALSE or $setrep["rep_en_sys"] == FALSE) { //do nothing } else { // demote $rep_sub = sqlesc("You are Demoted!"); $rep_msg = sqlesc($setrep["rep_dm_text"]); $rep_demotelist = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT id FROM {$TABLE_PREFIX}users WHERE reputation < " . $setrep["rep_dm"] . " AND id_level = " . $setrep["rep_pr_id"]); while ($rep_demote = mysqli_fetch_assoc($rep_demotelist)) { mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET id_level=" . $setrep["rep_dm_id"] . " WHERE id=" . $rep_demote["id"]); send_pm(0, $rep_demote[id], $rep_sub, $rep_msg); } // promote $rep_subj = sqlesc("You are Promoted!"); $rep_mesg = sqlesc($setrep["rep_pm_text"]); $rep_promotelist = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT id FROM {$TABLE_PREFIX}users WHERE reputation > " . $setrep["rep_pr"] . " AND id_level = " . $setrep["rep_dm_id"]); while ($rep_promote = mysqli_fetch_assoc($rep_promotelist)) { mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET id_level=" . $setrep["rep_pr_id"] . " WHERE id=" . $rep_promote["id"]); send_pm(0, $rep_promote[id], $rep_subj, $rep_mesg); } } // DT reputation system start // Client Log for XBT if ($GLOBALS["XBTT_USE"]) { $timeout = time() - intval($GLOBALS["report_interval"] * 2); quickQuery("DELETE FROM `xbt_announce_log` WHERE `mtime`<={$timeout}"); $res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT `u`.`id`, INET_NTOA(`al`.`ipa`) `ip`, `al`.`port`, LOWER(HEX(`al`.`peer_id`)) `peer_id`, `u`.`clientinfo` FROM `xbt_announce_log` `al` LEFT JOIN `{$TABLE_PREFIX}users` `u` ON `al`.`uid`=`u`.`id` WHERE `al`.`event`=2 GROUP BY `al`.`peer_id` ORDER BY `u`.`id` ASC"); if (@mysqli_num_rows($res) > 0) { $old_clients = array(); $current_clients = array(); while ($row = mysqli_fetch_assoc($res)) { $client = getagent("", $row["peer_id"]); if (!empty($row["clientinfo"])) { if (!array_key_exists($row["id"], $old_clients)) { $old_clients[$row["id"]] = unserialize($row["clientinfo"]); } if (!array_key_exists($row["id"], $current_clients)) { $current_clients[$row["id"]] = unserialize($row["clientinfo"]); } } else { if (!array_key_exists($row["id"], $old_clients)) { $old_clients[$row["id"]] = array(); } if (!array_key_exists($row["id"], $current_clients)) { $current_clients[$row["id"]] = array(); } } if (!in_array($client . "[X]" . $row["port"], $current_clients[$row["id"]])) { if (count($current_clients[$row["id"]]) == 20) { unset($current_clients[$row["id"]][0]); unset($current_clients[$row["id"]][1]); $newlist = array(); foreach ($current_clients[$row["id"]] as $v) { $newlist[] = $v; } $current_clients[$row["id"]] = $newlist; } $current_clients[$row["id"]][] = $client . "[X]" . $row["port"]; $current_clients[$row["id"]][] = time() . "[X]" . $row["ip"]; } } foreach ($current_clients as $k => $v) { $s_old_clients = serialize($old_clients[$k]); $s_current_clients = serialize($current_clients[$k]); if ($s_old_clients != $s_current_clients) { mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE `{$TABLE_PREFIX}users` SET `clientinfo`='" . mysqli_real_escape_string($DBDT, $s_current_clients) . "' WHERE `id`={$k}"); } } } } // Client Log for XBT // banbutton $timeout = $btit_settings["bandays"] * 86400; @mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM `{$TABLE_PREFIX}signup_ip_block` WHERE (UNIX_TIMESTAMP() - `added`) > {$timeout}"); // end banbutton # global language, $clean_interval, $reload_cfg_interval; global $language, $clean_interval, $reload_cfg_interval; require dirname(__FILE__) . '/khez.php'; quickQuery('OPTIMIZE TABLE `' . $TABLE_PREFIX . 'khez_configs`;'); # hacks can start here ==Khez== // warn-ban system with acp by DT global $XBTT_USE; $resset = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}low_ratio_ban_settings WHERE id ='1'"); $art = mysqli_fetch_assoc($resset); $resban = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}low_ratio_ban "); while ($ban = mysqli_fetch_assoc($resban)) { if ($art["wb_sys"] == TRUE) { if ($XBTT_USE) { $udownloaded = "u.downloaded+IFNULL(x.downloaded,0)"; $uuploaded = "u.uploaded+IFNULL(x.uploaded,0)"; $utables = "{$TABLE_PREFIX}users u LEFT JOIN xbt_users x ON x.uid=u.id"; } else { $udownloaded = "u.downloaded"; $uuploaded = "u.uploaded"; $utables = "{$TABLE_PREFIX}users u"; } $min_dl = $ban["wb_down"] * 1024 * 1024 * 1024; // find bad users 1 $demotelist = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT id FROM {$utables} WHERE {$udownloaded} > " . $min_dl . " AND {$uuploaded}/{$udownloaded} <= " . $ban["wb_one"] . " AND id_level=" . $ban["wb_rank"] . " AND rat_warn_level = 0 "); while ($demote = mysqli_fetch_assoc($demotelist)) { // warn bad users 1 do_sqlquery("UPDATE {$TABLE_PREFIX}users SET rat_warn_level = 1 , rat_warn_time = NOW() WHERE id=" . $demote["id"]); // DT reputation system start $reput = do_sqlquery("SELECT * FROM {$TABLE_PREFIX}reputation_settings WHERE id =1"); $setrep = mysqli_fetch_array($reput); $plus = $setrep["rep_minrep"]; if ($setrep["rep_is_online"] == FALSE) { //do nothing } else { @mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET reputation = reputation - '{$plus}' WHERE id='{$demote['id']}'"); } // DT reputation system end // send pm bad users 1 $sub = sqlesc("Low Ratio Warning!"); $msg = sqlesc($art["wb_text_one"]); send_pm(0, $demote[id], $sub, $msg); // add warn symbol 1 if ($ban["wb_warn"] == TRUE) { $id = $demote["id"]; $warnreason = "Low Ratio Warning"; $warnaddedby = "System"; $added = warn_expiration(mktime(date('H') + 2, date('i'), date('s'), date('m'), date('d') + addslashes($ban['wb_days_one']), date('Y'))); quickQuery('UPDATE ' . $TABLE_PREFIX . 'users SET warn="yes",warns=warns+1,warnreason="' . $warnreason . '",warnaddedby="' . $warnaddedby . '",warnadded="' . $added . '" WHERE id=' . $id); } } // time date stuff $time_AA = 86400 * $ban['wb_days_one']; $time_BB = strtotime(now); $time_CC = $time_BB - $time_AA; // find bad users 2 $demotelistt = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT id,rat_warn_time FROM {$utables} WHERE {$udownloaded} > " . $min_dl . " AND {$uuploaded}/{$udownloaded} <= " . $ban["wb_two"] . " AND id_level=" . $ban["wb_rank"] . " AND rat_warn_level = 1 "); while ($demotee = mysqli_fetch_assoc($demotelistt)) { $time_DD = strtotime($demotee["rat_warn_time"]); if ($time_DD <= $time_CC) { // warn bad users 2 do_sqlquery("UPDATE {$TABLE_PREFIX}users SET rat_warn_level = 2 , rat_warn_time = NOW() WHERE id=" . $demotee["id"]); // DT reputation system start $reput = do_sqlquery("SELECT * FROM {$TABLE_PREFIX}reputation_settings WHERE id =1"); $setrep = mysqli_fetch_array($reput); $plus = $setrep["rep_minrep"]; if ($setrep["rep_is_online"] == FALSE) { //do nothing } else { @mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET reputation = reputation - '{$plus}' WHERE id='{$demotee['id']}'"); } // DT reputation system end // send pm bad users 2 $sub = sqlesc("Low Ratio Warning Two!"); $msg = sqlesc($art["wb_text_two"]); send_pm(0, $demotee[id], $sub, $msg); // add warn symbol 2 if ($ban["wb_warn"] == TRUE) { $warnreason = "Low Ratio Warning"; $warnaddedby = "System"; $added = warn_expiration(mktime(date('H') + 2, date('i'), date('s'), date('m'), date('d') + addslashes($ban['wb_days_two']), date('Y'))); quickQuery('UPDATE ' . $TABLE_PREFIX . 'users SET warn="yes",warns=warns+1,warnreason="' . $warnreason . '",warnaddedby="' . $warnaddedby . '",warnadded="' . $added . '" WHERE id=' . $id); } } } // unwarn user who did improve $unwarnone = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT id,rat_warn_time FROM {$utables} WHERE {$udownloaded} > " . $min_dl . " AND {$uuploaded}/{$udownloaded} > " . $ban["wb_one"] . " AND id_level=" . $ban["wb_rank"] . " AND rat_warn_level = 1 "); while ($unwarna = mysqli_fetch_assoc($unwarnone)) { $iid = $unwarna["id"]; quickQuery('UPDATE ' . $TABLE_PREFIX . 'users SET rat_warn_level=rat_warn_level-1 WHERE id=' . $iid); } // time date stuff $time_EE = 86400 * $ban['wb_days_two']; $time_FF = $time_BB - $time_EE; // find bad users 3 $demotelisttt = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT id,rat_warn_time FROM {$utables} WHERE {$udownloaded} > " . $min_dl . " AND {$uuploaded}/{$udownloaded} <= " . $ban["wb_three"] . " AND id_level=" . $ban["wb_rank"] . " AND rat_warn_level = 2 "); while ($demoteee = mysqli_fetch_assoc($demotelisttt)) { $time_GG = strtotime($demoteee["rat_warn_time"]); if ($time_GG <= $time_FF) { // warn bad users 3 do_sqlquery("UPDATE {$TABLE_PREFIX}users SET rat_warn_level = 3 , rat_warn_time = NOW() WHERE id=" . $demoteee["id"]); // DT reputation system start $reput = do_sqlquery("SELECT * FROM {$TABLE_PREFIX}reputation_settings WHERE id =1"); $setrep = mysqli_fetch_array($reput); $plus = $setrep["rep_minrep"]; if ($setrep["rep_is_online"] == FALSE) { //do nothing } else { @mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET reputation = reputation - '{$plus}' WHERE id='{$demoteee['id']}'"); } // DT reputation system end // send pm bad users 3 $sub = sqlesc("Final Low Ratio Warning!"); $msg = sqlesc($art["wb_text_fin"]); send_pm(0, $demoteee[id], $sub, $msg); // add warn symbol 3 if ($ban["wb_warn"] == TRUE) { $id = $demoteee["id"]; $warnreason = "Low Ratio Warning"; $warnaddedby = "System"; $added = warn_expiration(mktime(date('H') + 2, date('i'), date('s'), date('m'), date('d') + addslashes($ban['wb_days_fin']), date('Y'))); quickQuery('UPDATE ' . $TABLE_PREFIX . 'users SET warn="yes",warns=warns+1,warnreason="' . $warnreason . '",warnaddedby="' . $warnaddedby . '",warnadded="' . $added . '" WHERE id=' . $id); } } } // unwarn user who did improve 2 $unwarntwo = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT id,rat_warn_time FROM {$utables} WHERE {$udownloaded} > " . $min_dl . " AND {$uuploaded}/{$udownloaded} > " . $ban["wb_two"] . " AND id_level=" . $ban["wb_rank"] . " AND rat_warn_level = 2 "); while ($unwarnb = mysqli_fetch_assoc($unwarntwo)) { $oid = $unwarnb["id"]; quickQuery('UPDATE ' . $TABLE_PREFIX . 'users SET rat_warn_level=rat_warn_level-2 WHERE id=' . $oid); } // time date stuff $time_HH = 86400 * $ban['wb_days_fin']; $time_II = $time_BB - $time_HH; // find bad users 4 $demotelistttt = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT id,rat_warn_time FROM {$utables} WHERE {$udownloaded} > " . $min_dl . " AND {$uuploaded}/{$udownloaded} <= " . $ban["wb_fin"] . " AND id_level=" . $ban["wb_rank"] . " AND rat_warn_level = 3 "); while ($demoteeee = mysqli_fetch_assoc($demotelistttt)) { $time_JJ = strtotime($demoteeee["rat_warn_time"]); if ($time_JJ <= $time_II) { // ban bad users 4 if ($btit_settings["en_sys"] == TRUE) { do_sqlquery("UPDATE {$TABLE_PREFIX}users SET rat_warn_level = 4 ,rat_warn_time = NOW(), id_level=" . $btit_settings["dm_id"] . " WHERE id=" . $demoteeee["id"]); } else { do_sqlquery("UPDATE {$TABLE_PREFIX}users SET rat_warn_level = 4 ,rat_warn_time = NOW(), bandt='yes' WHERE id=" . $demoteeee["id"]); } } } // unwarn user who did improve last $unwarnthree = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT id,rat_warn_time FROM {$utables} WHERE {$udownloaded} > " . $min_dl . " AND {$uuploaded}/{$udownloaded} > " . $ban["wb_three"] . " AND id_level=" . $ban["wb_rank"] . " AND rat_warn_level = 3 "); while ($unwarnc = mysqli_fetch_assoc($unwarnthree)) { $lid = $unwarnc["id"]; quickQuery('UPDATE ' . $TABLE_PREFIX . 'users SET rat_warn_level=rat_warn_level-3 WHERE id=' . $lid); } } } // warn-ban system with acp end // optimize peers table quickQuery("OPTIMIZE TABLE {$TABLE_PREFIX}peers"); // delete readposts when topic don't exist or deleted *** should be done by delete, just in case quickQuery("DELETE readposts FROM {$TABLE_PREFIX}readposts LEFT JOIN topics ON readposts.topicid = topics.id WHERE topics.id IS NULL"); // delete readposts when users was deleted *** should be done by delete, just in case quickQuery("DELETE readposts FROM {$TABLE_PREFIX}readposts LEFT JOIN users ON readposts.userid = users.id WHERE users.id IS NULL"); // deleting orphan image in captcha folder (if image code is enabled) $CAPTCHA_FOLDER = realpath("{$CURRENTPATH}/../{$CAPTCHA_FOLDER}"); if ($dir = @opendir($CAPTCHA_FOLDER . "/")) { while (false !== ($file = @readdir($dir))) { if ($ext = substr(strrchr($file, "."), 1) == "png") { unlink("{$CAPTCHA_FOLDER}/{$file}"); } } @closedir($dir); } quickQuery("UPDATE `{$TABLE_PREFIX}users` SET `birthday_bonus`=0 WHERE DAYOFMONTH(`dob`)!=" . date('j')); $res = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT `u`.`id`, `u`.`dob`,`l`.`language_url` FROM `{$TABLE_PREFIX}users` `u` LEFT JOIN `language` `l` ON `u`.`language`=`l`.`id` WHERE DAYOFMONTH(`u`.`dob`)=" . date('j') . " AND MONTH(`u`.`dob`)=" . date('n') . " AND `u`.`dob`!=CURDATE() AND `u`.`birthday_bonus`=0 ORDER BY `l`.`language_url` ASC"); if (@mysqli_num_rows($res) > 0) { global $THIS_BASEPATH; $firstrun = 1; $englang = "language/english"; $templang = $englang; require_once $THIS_BASEPATH . "/" . $englang . "/lang_main.php"; while ($row = mysqli_fetch_assoc($res)) { if ($row["language_url"] != $templang) { if ($firstrun != 1) { // Reset the language to English before loading the new language require_once $THIS_BASEPATH . "/" . $englang . "/lang_main.php"; } // Load the new language etc. require_once $THIS_BASEPATH . "/" . $row["language_url"] . "/lang_main.php"; $templang = $row["language_url"]; $firstrun = 0; } $dob = explode("-", $row["dob"]); $age = userage($dob[0], $dob[1], $dob[2]); $bonus = round($age * $btit_settings["birthday_bonus"] * 1073741824); $query1 = "UPDATE `{$TABLE_PREFIX}users` SET `uploaded`=`uploaded`+{$bonus}, `birthday_bonus`=1 WHERE `id`=" . $row["id"]; quickQuery($query1); send_pm(0, $row["id"], addslashes($language["HB_SUBJECT"]), addslashes($language["HB_MESSAGE_1"] . makesize($bonus) . $language["HB_MESSAGE_2"] . $btit_settings["birthday_bonus"] . $language["HB_MESSAGE_3"])); } } //timed rank $datetimedt = date("Y-m-d H:i:s"); $rankstats = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}users WHERE timed_rank < '{$datetimedt}' AND rank_switch='yes'"); while ($arrdt = mysqli_fetch_assoc($rankstats)) { if (mysqli_num_rows($rankstats) > 0) { $res6 = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT level FROM {$TABLE_PREFIX}users_level WHERE id ='{$arrdt['old_rank']}'"); $arr6 = mysqli_fetch_assoc($res6); $oldrank = $arr6[level]; $subj = sqlesc("Your timed rank is expired !"); $msg = sqlesc("Your timed rank is expired !\n\n Your rank did changed back to " . $oldrank . "\n\n [color=red]This is a automatic system message , so DO NOT reply ![/color]"); send_pm(0, $arrdt["id"], $subj, $msg); mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET rank_switch='no', id_level = old_rank WHERE id='{$arrdt['id']}'") or sqlerr(); } } //timed rank end //begin invitation system by dodge global $INV_EXPIRES; $deadtime = $INV_EXPIRES * 86400; $user = do_sqlquery("SELECT inviter FROM {$TABLE_PREFIX}invitations WHERE time_invited < DATE_SUB(NOW(), INTERVAL {$deadtime} SECOND)"); @($arr = mysqli_fetch_assoc($user)); if (mysqli_num_rows($user) > 0) { mysqli_query($GLOBALS["___mysqli_ston"], "UPDATE {$TABLE_PREFIX}users SET invitations=invitations+1 WHERE id = '" . $arr["inviter"] . "'"); mysqli_query($GLOBALS["___mysqli_ston"], "DELETE FROM {$TABLE_PREFIX}invitations WHERE inviter = '" . $arr["inviter"] . "' AND time_invited < DATE_SUB(NOW(), INTERVAL {$deadtime} SECOND)"); } //end invitation system do_updateranks(); // auto ext update $num_torrents_to_update = 5; $torrents = get_result("SELECT `announces`, `info_hash` FROM `{$TABLE_PREFIX}files` WHERE `external`='yes' ORDER BY `lastupdate` DESC LIMIT " . $num_torrents_to_update); if (count($torrents) > 0) { require_once "getscrape.php"; for ($i = 0; $i < count($torrents); $i++) { $announces = @unserialize($torrents[$i]['announces']) ? unserialize($torrents[$i]['announces']) : array(); if (count($announces) > 0) { $keys = array_keys($announces); $random = mt_rand(0, count($keys) - 1); $url = $keys[$random]; scrape($url, $torrents[$i]['info_hash']); } } } // auto ext update // OK We're finished, let's reset max_execution_time and memory_limit back to the php.ini defaults @ini_restore("max_execution_time"); @ini_restore("memory_limit"); }
} } if ($DisableIRC != $Cur['DisableIRC'] && check_perms('users_disable_any')) { $UpdateSet[] = "DisableIRC='{$DisableIRC}'"; $EditSummary[] = "IRC status changed"; $HeavyUpdates['DisableIRC'] = $DisableIRC; if (!empty($UserReason)) { send_pm($UserID, 0, db_string('Your IRC privileges have been disabled'), db_string("Your IRC privileges have been disabled. The reason given was: {$UserReason}. If you would like to discuss this please join " . BOT_DISABLED_CHAN . " on our IRC network. Instructions can be found [url=http://" . NONSSL_SITE_URL . "/wiki.php?action=article&name=IRC+-+How+to+join]here[/url]. This loss of privileges does not affect the ability to join and talk to staff in #what.cd-disabled.")); } } if ($DisableRequests != $Cur['DisableRequests'] && check_perms('users_disable_any')) { $UpdateSet[] = "DisableRequests='{$DisableRequests}'"; $EditSummary[] = "request status changed"; $HeavyUpdates['DisableRequests'] = $DisableRequests; if (!empty($UserReason)) { send_pm($UserID, 0, db_string('Your request privileges have been disabled'), db_string("Your request privileges have been disabled. The reason given was: {$UserReason}. If you would like to discuss this please join " . BOT_DISABLED_CHAN . " on our IRC network. Instructions can be found [url=http://" . NONSSL_SITE_URL . "/wiki.php?action=article&name=IRC+-+How+to+join]here[/url]. This loss of privileges does not affect the ability to join and talk to staff in #what.cd-disabled.")); } } if ($EnableUser != $Cur['Enabled'] && check_perms('users_disable_users')) { $EnableStr = 'account ' . translateUserStatus($Cur['Enabled']) . '->' . translateUserStatus($EnableUser); if ($EnableUser == '2') { disable_users($UserID, '', 1); } elseif ($EnableUser == '1') { $Cache->increment('stats_user_count'); update_tracker('add_user', array('id' => $UserID, 'passkey' => $Cur['torrent_pass'])); if ($Cur['Downloaded'] == 0 || $Cur['Uploaded'] / $Cur['Downloaded'] >= $Cur['RequiredRatio']) { $UpdateSet[] = "i.RatioWatchEnds='0000-00-00 00:00:00'"; $CanLeech = 1; $UpdateSet[] = "m.can_leech='1'"; $UpdateSet[] = "i.RatioWatchDownload='0'"; } else {
} if($Recipient == 'Uploader') { $ToID = $_POST['uploaderid']; if($Report) { $Message = "You uploaded the above torrent, it has been reported for the reason: ".$ReportType['title'].":\n\"".$_POST['report_reason']."\"\n\n".$Message; } else { $Message = "I am PMing you as you are the uploader of the above torrent.\n\n".$Message; } } else if($Recipient == 'Reporter') { $ToID = $_POST['reporterid']; $Message = "You reported the above torrent for the reason ".$ReportType['title'].":\n\"".$_POST['report_reason']."\"\n\n".$Message; } else { $Err = "Something went horribly wrong"; } $Subject = $_POST['raw_name']; if(!is_number($ToID)) { $Err = "Haxx occuring, non number present"; } if($ToID == $LoggedUser['ID']) { $Err = "That's you!"; } if(isset($Err)) { echo $Err; } else { send_pm($ToID, $LoggedUser['ID'], db_string($Subject), db_string($Message)); }
foreach ($sql as $row) { $ban_user_id[] = ',' . $row['ban_userid']; } $ban_user_id = join('', $ban_user_id); $user_list = DB()->fetch_rowset("\n\tSELECT DISTINCT dl.user_id, u.user_opt, tr.user_id as active_dl\n\tFROM " . BB_BT_DLSTATUS . " dl\n\tLEFT JOIN " . BB_USERS . " u ON(u.user_id = dl.user_id)\n\tLEFT JOIN " . BB_BT_TRACKER . " tr ON(tr.user_id = dl.user_id)\n\tWHERE dl.topic_id = {$topic_id}\n\t\tAND dl.user_status IN (" . DL_STATUS_COMPLETE . ", " . DL_STATUS_DOWN . ")\n\t\tAND dl.user_id NOT IN ({$userdata['user_id']}, " . EXCLUDED_USERS_CSV . $ban_user_id . ")\n\t\tAND u.user_active = 1\n\tGROUP BY dl.user_id\n"); $subject = sprintf($lang['CALLSEED_SUBJECT'], $t_data['topic_title']); $message = sprintf($lang['CALLSEED_TEXT'], make_url(TOPIC_URL . $topic_id), $t_data['topic_title'], make_url(DOWNLOAD_URL . $t_data['attach_id'])); if ($user_list) { foreach ($user_list as $row) { if (!empty($row['active_dl'])) { continue; } if (bf($row['user_opt'], 'user_opt', 'user_callseed')) { send_pm($row['user_id'], $subject, $message, BOT_UID); } } } else { send_pm($t_data['poster_id'], $subject, $message, BOT_UID); } DB()->query("UPDATE " . BB_BT_TORRENTS . " SET call_seed_time = " . TIMENOW . " WHERE topic_id = {$topic_id} LIMIT 1"); meta_refresh(TOPIC_URL . $topic_id); bb_die($lang['CALLSEED_MSG_OK']); function topic_info($topic_id) { global $lang; $sql = "\n\t\tSELECT\n\t\t\ttor.poster_id, tor.forum_id, tor.attach_id, tor.call_seed_time,\n\t\t\tt.topic_title, sn.seeders\n\t\tFROM " . BB_BT_TORRENTS . " tor\n\t\tLEFT JOIN " . BB_TOPICS . " t USING(topic_id)\n\t\tLEFT JOIN " . BB_BT_TRACKER_SNAP . " sn USING(topic_id)\n\t\tWHERE tor.topic_id = {$topic_id}\n\t"; if (!($torrent = DB()->fetch_row($sql))) { bb_die($lang['TOPIC_POST_NOT_EXIST']); } return $torrent; }
/** * Insert a post into the database. * * @return array Array of new post details, pid and visibility. */ function insert_post() { global $db, $mybb, $plugins, $cache, $lang; $post =& $this->data; // Yes, validating is required. if (!$this->get_validated()) { die("The post needs to be validated before inserting it into the DB."); } if (count($this->get_errors()) > 0) { die("The post is not valid."); } // Fetch the thread $thread = get_thread($post['tid']); $closed = $thread['closed']; // This post is being saved as a draft. if ($post['savedraft']) { $visible = -2; } else { // Automatic subscription to the thread if ($post['options']['subscriptionmethod'] != "" && $post['uid'] > 0) { switch ($post['options']['subscriptionmethod']) { case "pm": $notification = 2; break; case "email": $notification = 1; break; default: $notification = 0; } require_once MYBB_ROOT . "inc/functions_user.php"; add_subscribed_thread($post['tid'], $notification, $post['uid']); } // Perform any selected moderation tools. $ismod = is_moderator($post['fid'], "", $post['uid']); if ($ismod) { $lang->load($this->language_file, true); $modoptions = $post['modoptions']; $modlogdata['fid'] = $thread['fid']; $modlogdata['tid'] = $thread['tid']; if (!isset($modoptions['closethread'])) { $modoptions['closethread'] = $closed; } $modoptions_update = array(); // Close the thread. if ($modoptions['closethread'] == 1 && $thread['closed'] != 1) { $modoptions_update['closed'] = $closed = 0; log_moderator_action($modlogdata, $lang->thread_closed); } // Open the thread. if ($modoptions['closethread'] != 1 && $thread['closed'] == 1) { $modoptions_update['closed'] = $closed = 1; log_moderator_action($modlogdata, $lang->thread_opened); } if (!isset($modoptions['stickthread'])) { $modoptions['stickthread'] = $thread['sticky']; } // Stick the thread. if ($modoptions['stickthread'] == 1 && $thread['sticky'] != 1) { $modoptions_update['sticky'] = 1; log_moderator_action($modlogdata, $lang->thread_stuck); } // Unstick the thread. if ($modoptions['stickthread'] != 1 && $thread['sticky']) { $modoptions_update['sticky'] = 0; log_moderator_action($modlogdata, $lang->thread_unstuck); } // Execute moderation options. if ($modoptions_update) { $db->update_query('threads', $modoptions_update, "tid='{$thread['tid']}'"); } } // Fetch the forum this post is being made in $forum = get_forum($post['fid']); // Decide on the visibility of this post. $forumpermissions = forum_permissions($post['fid'], $post['uid']); if ($forumpermissions['modposts'] == 1 && !$ismod) { $visible = 0; } else { $visible = 1; } // Are posts from this user being moderated? Change visibility if ($mybb->user['uid'] == $post['uid'] && $mybb->user['moderateposts'] == 1) { $visible = 0; } } if (!isset($post['pid'])) { $post['pid'] = 0; } $post['pid'] = (int) $post['pid']; $post['uid'] = (int) $post['uid']; if ($post['pid'] > 0) { $query = $db->simple_select("posts", "tid", "pid='{$post['pid']}' AND uid='{$post['uid']}' AND visible='-2'"); $draft_check = $db->fetch_field($query, "tid"); } else { $draft_check = false; } if ($this->method != "update" && $visible == 1) { $double_post = $this->verify_post_merge(); // Only combine if they are both invisible (mod queue'd forum) or both visible if ($double_post !== true && $double_post['visible'] == $visible) { $this->pid = $double_post['pid']; $post['message'] = $double_post['message'] .= "\n" . $mybb->settings['postmergesep'] . "\n" . $post['message']; $update_query = array("message" => $db->escape_string($double_post['message'])); $update_query['edituid'] = (int) $post['uid']; $update_query['edittime'] = TIME_NOW; $query = $db->update_query("posts", $update_query, "pid='" . $double_post['pid'] . "'"); if ($draft_check) { $db->delete_query("posts", "pid='" . $post['pid'] . "'"); } if ($post['posthash']) { // Assign any uploaded attachments with the specific posthash to the merged post. $post['posthash'] = $db->escape_string($post['posthash']); $query = $db->simple_select("attachments", "COUNT(aid) AS attachmentcount", "pid='0' AND visible='1' AND posthash='{$post['posthash']}'"); $attachmentcount = $db->fetch_field($query, "attachmentcount"); if ($attachmentcount > 0) { // Update forum count update_thread_counters($post['tid'], array('attachmentcount' => "+{$attachmentcount}")); } $attachmentassign = array("pid" => $double_post['pid'], "posthash" => ''); $db->update_query("attachments", $attachmentassign, "posthash='{$post['posthash']}' AND pid='0'"); } // Return the post's pid and whether or not it is visible. $this->return_values = array("pid" => $double_post['pid'], "visible" => $visible, "merge" => true); $plugins->run_hooks("datahandler_post_insert_merge", $this); return $this->return_values; } } if ($visible == 1 && $thread['visible'] == 1) { $now = TIME_NOW; // Yes, the value to the lastpost key in this array has single quotes within double quotes. It's not a bug. $update_array = array('lastpost' => "'{$now}'"); if ($forum['usepostcounts'] != 0) { $update_array['postnum'] = 'postnum+1'; } $db->update_query("users", $update_array, "uid='{$post['uid']}'", 1, true); } // Are we updating a post which is already a draft? Perhaps changing it into a visible post? if ($draft_check) { // Update a post that is a draft $this->post_update_data = array("subject" => $db->escape_string($post['subject']), "icon" => (int) $post['icon'], "uid" => $post['uid'], "username" => $db->escape_string($post['username']), "dateline" => (int) $post['dateline'], "message" => $db->escape_string($post['message']), "ipaddress" => $db->escape_binary($post['ipaddress']), "includesig" => $post['options']['signature'], "smilieoff" => $post['options']['disablesmilies'], "visible" => $visible); $plugins->run_hooks("datahandler_post_insert_post", $this); $db->update_query("posts", $this->post_update_data, "pid='{$post['pid']}'"); $this->pid = $post['pid']; } else { // Insert the post. $this->post_insert_data = array("tid" => (int) $post['tid'], "replyto" => (int) $post['replyto'], "fid" => (int) $post['fid'], "subject" => $db->escape_string($post['subject']), "icon" => (int) $post['icon'], "uid" => $post['uid'], "username" => $db->escape_string($post['username']), "dateline" => $post['dateline'], "message" => $db->escape_string($post['message']), "ipaddress" => $db->escape_binary($post['ipaddress']), "includesig" => $post['options']['signature'], "smilieoff" => $post['options']['disablesmilies'], "visible" => $visible); $plugins->run_hooks("datahandler_post_insert_post", $this); $this->pid = $db->insert_query("posts", $this->post_insert_data); } // Assign any uploaded attachments with the specific posthash to the newly created post. if ($post['posthash']) { $post['posthash'] = $db->escape_string($post['posthash']); $attachmentassign = array("pid" => $this->pid, "posthash" => ''); $db->update_query("attachments", $attachmentassign, "posthash='{$post['posthash']}' AND pid='0'"); } $thread_update = array(); if ($visible == 1 && $thread['visible'] == 1) { $thread = get_thread($post['tid']); require_once MYBB_ROOT . 'inc/class_parser.php'; $parser = new Postparser(); $done_users = array(); $subject = $parser->parse_badwords($thread['subject']); $parser_options = array('me_username' => $post['username'], 'filter_badwords' => 1); $excerpt = $parser->text_parse_message($post['message'], $parser_options); $excerpt = my_substr($excerpt, 0, $mybb->settings['subscribeexcerpt']) . $lang->emailbit_viewthread; // Fetch any users subscribed to this thread receiving instant notification and queue up their subscription notices $query = $db->query("\n\t\t\t\tSELECT u.username, u.email, u.uid, u.language, u.loginkey, u.salt, u.regdate, s.subscriptionkey, s.notification\n\t\t\t\tFROM " . TABLE_PREFIX . "threadsubscriptions s\n\t\t\t\tLEFT JOIN " . TABLE_PREFIX . "users u ON (u.uid=s.uid)\n\t\t\t\tWHERE (s.notification='1' OR s.notification='2') AND s.tid='{$post['tid']}'\n\t\t\t\tAND s.uid != '{$post['uid']}'\n\t\t\t\tAND u.lastactive>'{$thread['lastpost']}'\n\t\t\t"); $args = array('this' => &$this, 'done_users' => &$done_users, 'users' => array()); while ($subscribedmember = $db->fetch_array($query)) { if ($done_users[$subscribedmember['uid']]) { continue; } $args['users'][$subscribedmember['uid']] = (int) $subscribedmember['uid']; $done_users[$subscribedmember['uid']] = 1; $forumpermissions = forum_permissions($thread['fid'], $subscribedmember['uid']); if ($forumpermissions['canview'] == 0 || $forumpermissions['canviewthreads'] == 0) { continue; } if ($thread['uid'] != $subscribedmember['uid'] && $forumpermissions['canonlyviewownthread'] == 1 && !is_moderator($thread['fid'], "", $subscribedmember['uid'])) { // User isn't a moderator or the author of the thread... continue; } if ($subscribedmember['language'] != '' && $lang->language_exists($subscribedmember['language'])) { $uselang = $subscribedmember['language']; } elseif ($mybb->settings['orig_bblanguage']) { $uselang = $mybb->settings['orig_bblanguage']; } else { $uselang = "english"; } if ($uselang == $mybb->settings['bblanguage']) { if ($subscribedmember['notification'] == 1) { $emailsubject = $lang->emailsubject_subscription; $emailmessage = $lang->email_subscription; } } else { if ($subscribedmember['notification'] == 1) { if (!isset($langcache[$uselang]['emailsubject_subscription'])) { $userlang = new MyLanguage(); $userlang->set_path(MYBB_ROOT . "inc/languages"); $userlang->set_language($uselang); $userlang->load("messages"); $langcache[$uselang]['emailsubject_subscription'] = $userlang->emailsubject_subscription; $langcache[$uselang]['email_subscription'] = $userlang->email_subscription; unset($userlang); } $emailsubject = $langcache[$uselang]['emailsubject_subscription']; $emailmessage = $langcache[$uselang]['email_subscription']; } } if ($subscribedmember['notification'] == 1) { $emailsubject = $lang->sprintf($emailsubject, $subject); $post_code = md5($subscribedmember['loginkey'] . $subscribedmember['salt'] . $subscribedmember['regdate']); $emailmessage = $lang->sprintf($emailmessage, $subscribedmember['username'], $post['username'], $mybb->settings['bbname'], $subject, $excerpt, $mybb->settings['bburl'], str_replace("&", "&", get_thread_link($thread['tid'], 0, "newpost")), $thread['tid'], $subscribedmember['subscriptionkey'], $post_code); $new_email = array("mailto" => $db->escape_string($subscribedmember['email']), "mailfrom" => '', "subject" => $db->escape_string($emailsubject), "message" => $db->escape_string($emailmessage), "headers" => ''); $db->insert_query("mailqueue", $new_email); unset($userlang); $queued_email = 1; } elseif ($subscribedmember['notification'] == 2) { $post_code = md5($subscribedmember['loginkey'] . $subscribedmember['salt'] . $subscribedmember['regdate']); $pm = array('subject' => array('pmsubject_subscription', $subject), 'message' => array('pm_subscription', $subscribedmember['username'], $post['username'], $subject, $excerpt, $mybb->settings['bburl'], str_replace("&", "&", get_thread_link($thread['tid'], 0, "newpost")), $thread['tid'], $subscribedmember['subscriptionkey'], $post_code), 'touid' => $subscribedmember['uid'], 'language' => $subscribedmember['language'], 'language_file' => 'messages'); send_pm($pm, -1, true); } } $plugins->run_hooks('datahandler_post_insert_subscribed', $args); // Have one or more emails been queued? Update the queue count if (isset($queued_email) && $queued_email == 1) { $cache->update_mailqueue(); } $thread_update = array('replies' => '+1'); // Update forum count update_last_post($post['tid']); update_forum_counters($post['fid'], array("posts" => "+1")); update_forum_lastpost($thread['fid']); } else { if ($visible == 0) { // Update the unapproved posts count for the current thread and current forum $thread_update = array('unapprovedposts' => '+1'); update_thread_counters($post['tid'], array("unapprovedposts" => "+1")); update_forum_counters($post['fid'], array("unapprovedposts" => "+1")); } else { if ($thread['visible'] == 0) { // Update the unapproved posts count for the current forum $thread_update = array('replies' => '+1'); update_forum_counters($post['fid'], array("unapprovedposts" => "+1")); } else { if ($thread['visible'] == -1) { // Update the unapproved posts count for the current forum $thread_update = array('replies' => '+1'); update_forum_counters($post['fid'], array("deletedposts" => "+1")); } } } } $query = $db->simple_select("attachments", "COUNT(aid) AS attachmentcount", "pid='{$this->pid}' AND visible='1'"); $attachmentcount = $db->fetch_field($query, "attachmentcount"); if ($attachmentcount > 0) { $thread_update['attachmentcount'] = "+{$attachmentcount}"; } update_thread_counters($post['tid'], $thread_update); // Return the post's pid and whether or not it is visible. $this->return_values = array("pid" => $this->pid, "visible" => $visible, "closed" => $closed); $plugins->run_hooks("datahandler_post_insert_post_end", $this); return $this->return_values; }
while ($row = $modx->db->getRow($rs)) { if ($row['internalKey'] != $sender) { $recipient = $row['internalKey']; $fields = compact('recipient', 'sender', 'subject', 'message', 'postdate', 'type', 'private'); send_pm($fields, $from); } } } if ($sendto == 'a') { $rs = $modx->db->select('id', '[+prefix+]manager_users'); $private = 0; while ($row = $modx->db->getRow($rs)) { if ($row['id'] != $sender) { $recipient = $row['id']; $fields = compact('recipient', 'sender', 'subject', 'message', 'postdate', 'type', 'private'); send_pm($fields, $from); } } } header("Location: index.php?a=10"); function pm2email($from, $fields) { global $modx; if ($modx->config['pm2email'] == '0') { return; } extract($fields); $msg = $message . "\n\n----------------\nFrom [(site_name)]\n[(site_url)]manager/\n\n"; $msg = $modx->mergeSettingsContent($msg); $params['from'] = $from['email']; $params['fromname'] = $from['fullname'];
} else { if ($is_in_hotel) { $pm_comment .= $lang['Rabbitoshi_pm_news_hotel']; } else { $pm_comment .= '<b>' . $lang['Rabbitoshi_general_message'] . '</b>' . '<br />' . $thought . '<br /><br />'; $pm_comment .= '<b>' . $lang['Rabbitoshi_message'] . '</b>' . '<br />' . $message . '<br /><br />'; } } if ($rrow[$i]['owner_notification']) { $user_id = $rrow[$i]['owner_id']; $new_comment_subject = $lang['Rabbitoshi_pm_news']; $new_comment = $pm_comment; $comment_date = date("U"); if (defined('PRIVMSGA_TABLE')) { $new_comment = $lang['Rabbitoshi_APM_pm']; send_pm(0, '', $user_id, $new_comment_subject, $new_comment, ''); } else { $sql = "UPDATE " . USERS_TABLE . " \r\n\t\t\t\t\tSET user_new_privmsg = user_new_privmsg + 1 , user_last_privmsg = '9999999999' \r\n\t\t\t\t\tWHERE user_id = " . $rrow[$i]['owner_id']; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql); } $sql = "INSERT INTO " . PRIVMSGS_TABLE . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_enable_html, privmsgs_enable_bbcode, privmsgs_enable_smilies, privmsgs_attach_sig) VALUES ('" . PRIVMSGS_NEW_MAIL . "', '" . str_replace("\\'", "''", addslashes(sprintf($new_comment_subject))) . "', '2', '" . $user_id . "', '" . $comment_date . "', '0', '1', '1', '0')"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not insert private message sent info', '', __LINE__, __FILE__, $sql); } $privmsg_sent_id = $db->sql_nextid(); $privmsgs_text = $new_comment; $sql = "INSERT INTO " . PRIVMSGS_TEXT_TABLE . " (privmsgs_text_id, privmsgs_text) VALUES ({$privmsg_sent_id}, '" . str_replace("\\'", "''", addslashes(sprintf($privmsgs_text))) . "')"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not insert private message sent text', '', __LINE__, __FILE__, $sql); }
$rewards_string .= ' ' . $reward_faction_points . ' FP'; $message = '[HERALD] Gave you ' . $reward_faction_points . ' Faction Points'; send_pm($data['name'], $message); $claimed = true; } if (count($reward_blocks) > 0) { give_blocks($data['name'], $reward_blocks); $rewards_string .= ' ' . $reward_block_count . ' blocks'; $message = '[HERALD] Gave you ' . $reward_block_count . ' Blocks'; send_pm($data['name'], $message); $claimed = true; } // Were they able to claim a reward of some value? if ($claimed == true) { $message = 'Vote again tomorrow for even better rewards!'; send_pm($data['name'], $message); echo " * Gave player c:{$reward_credits} fp:{$reward_faction_points} b:{$reward_block_count}"; echo " rewards ok: claiming.\n"; echo " * Broadcasting the transaction.\n"; $message = '[HERALD] Gave ' . $data['name'] . ' ' . $rewards_string; $message .= ' for voting for us ' . $user_new_data[$data['name']]['consecutive_votes']; $message .= ' days in a row on starmade-servers.com'; send_chat($message); } else { echo " * Player had no rewards: vote NOT claimed.\n"; unset($user_new_data[$data['name']]); } } else { echo " * Error claiming vote: vote NOT claimed.\n"; unset($user_new_data[$data['name']]); }
$error_message = $lang->users_already_rec_request_alt; } array_pop($users); // To maintain a proper count when we call count($users) continue; } // Do we have auto approval set to On? if ($user['buddyrequestsauto'] == 1 && $mybb->get_input('manage') != "ignored") { $existing_users[] = $user['uid']; $pm = array('subject' => 'buddyrequest_new_buddy', 'message' => 'buddyrequest_new_buddy_message', 'touid' => $user['uid'], 'receivepms' => (int) $user['buddyrequestspm'], 'language' => $user['language'], 'language_file' => 'usercp'); send_pm($pm); } elseif ($user['buddyrequestsauto'] != 1 && $mybb->get_input('manage') != "ignored") { // Send request $id = $db->insert_query('buddyrequests', array('uid' => (int) $mybb->user['uid'], 'touid' => (int) $user['uid'], 'date' => TIME_NOW)); $pm = array('subject' => 'buddyrequest_received', 'message' => 'buddyrequest_received_message', 'touid' => $user['uid'], 'receivepms' => (int) $user['buddyrequestspm'], 'language' => $user['language'], 'language_file' => 'usercp'); send_pm($pm); $sent = true; } elseif ($mybb->get_input('manage') == "ignored") { $existing_users[] = $user['uid']; } } } if ($found_users < count($users)) { if ($error_message) { $error_message .= "<br />"; } $error_message .= $lang->invalid_user_selected; } if (($adding_self != true || $adding_self == true && count($users) > 0) && ($error_message == "" || count($users) > 1)) { if ($mybb->get_input('manage') == "ignored") { $message = $lang->users_added_to_ignore_list;
} } updatemoderbyhash($moder, $torhash); if ($moder == 'ok' && $CURUSER['trusted'] == 'no') { $get_user = "******" . $torhash . "'"; $row = do_sqlquery($get_user, true); if (mysqli_num_rows($row) == 1) { $username = ''; while ($data = mysqli_fetch_array($row)) { $username = $data['upname']; $file = $data['filename']; $uploader = $data['uploader']; } $msg = '[b]' . $uploader . ' your torrent ' . $file . ' is approved![/b] Do not reply, this is an automatic message.'; send_pm($CURUSER["uid"], $username, sqlesc($file), sqlesc($msg)); } if ($btit_settings["sbone"] == true || $CURUSER['trusted'] == 'no') { $al = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}chat ORDER BY id DESC LIMIT 1"); $rw = mysqli_fetch_assoc($al); $ct = $rw["count"] + 1; do_sqlquery("INSERT INTO {$TABLE_PREFIX}chat (uid, time, name, text, count) VALUES (0," . time() . ", 'System','[color=red]NEW TORRENT[/color]: [url={$BASEURL}/index.php?page=torrent-details&id={$torhash}]" . $file . "[/url]'," . $ct . ")"); } } if ($_POST["ex_moder"] != $moder && $moder == "bad" && $CURUSER["moderate_trusted"] == "yes") { redirect("index.php?page=moder&hash=" . $torhash . ""); } $youtube_video = $_FILES["youtube_video"]; if ($btit_settings["imgsw"] == false) { //image url $userfile = $_FILES["userfile"];
if ($_POST['gname'] == "trappedinawell") { $game = 24; $level = 1; $score = $_POST['gscore']; $ardresult = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}flashscores WHERE game ='24' ORDER BY score DESC LIMIT 1"); $arcad = mysqli_fetch_array($ardresult); $loser = $arcad["user"]; if ($score > $arcad["score"]) { if ($btit_settings["arc_aw"] == true) { do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `uploaded`=uploaded+'" . $upbon . "' WHERE `id`=" . $user . "", true); } else { do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `seedbonus`=seedbonus+'" . $seedbon . "' WHERE `id`=" . $user . "", true); } send_pm(0, $user, sqlesc('You Beat The Highscore!'), sqlesc("You did beat the highscore for Trapped In A Well\n\n Congratulations , you did recieve a " . $arte . " bonus !!\n\n [color=red]This is a automatic system message , so DO NOT reply ![/color]")); if ($user != $loser) { send_pm(0, $loser, sqlesc('Your Highscore Is Broken!'), sqlesc("Your highscore for Trapped In A Well is broken\n\n Time to visit the arcade and get it back ;)\n\n [color=red]This is a automatic system message , so DO NOT reply ![/color]")); } do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `trophy`='0' WHERE `id`=" . $loser . "", true); do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `trophy`='1' WHERE `id`=" . $user . "", true); $al = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}chat ORDER BY id DESC LIMIT 1"); $rw = mysqli_fetch_assoc($al); $ct = $rw["count"] + 1; do_sqlquery("INSERT INTO {$TABLE_PREFIX}chat (uid, time, name, text,count) VALUES (0," . time() . ", 'System','[color=red]NEW HIGHSCORE FOR[/color]: [img]{$BASEURL}/flash/trappedinawell1.gif[/img] Score: " . $score . " By " . $arcadeuser . " Award: " . $arte . "'," . $ct . ")"); } } mysqli_query($GLOBALS["___mysqli_ston"], "INSERT INTO `{$TABLE_PREFIX}flashscores` ( `ID` , `game` , `user` , `level` , `score` ,`date` ) VALUES ( '', '" . $game . "', '" . $user . "', '" . $level . "', '" . $score . "',NOW());") or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)); redirect("index.php?page=arcadex"); } } } ///////////////////////END ARCADE//////////////////////
if ($forum_permissions['canview'] != 1) { error_no_permission(); } } $warningshandler->set_data($warning); if ($warningshandler->validate_warning()) { $warninginfo = $warningshandler->insert_warning(); // Are we notifying the user? if ($mybb->get_input('send_pm', MyBB::INPUT_INT) == 1 && $group_permissions['canusepms'] != 0 && $mybb->settings['enablepms'] != 0) { $pm = array('subject' => $mybb->get_input('pm_subject'), 'message' => $mybb->get_input('pm_message'), 'touid' => $user['uid']); $sender_uid = $mybb->user['uid']; if ($mybb->settings['allowanonwarningpms'] == 1 && $mybb->get_input('pm_anonymous', MyBB::INPUT_INT)) { $sender_uid = -1; } // Some kind of friendly error notification if (!send_pm($pm, $sender_uid, true)) { $warningshandler->friendly_action .= $lang->redirect_warned_pmerror; } } $plugins->run_hooks("warnings_do_warn_end"); $lang->redirect_warned = $lang->sprintf($lang->redirect_warned, htmlspecialchars_uni($user['username']), $warningshandler->new_warning_level, $warningshandler->friendly_action); if (!empty($post['pid'])) { redirect(get_post_link($post['pid']), $lang->redirect_warned); } else { redirect(get_profile_link($user['uid']), $lang->redirect_warned); } } else { $warn_errors = $warningshandler->get_friendly_errors(); $warn_errors = inline_error($warn_errors); $mybb->input['action'] = 'warn'; }
if ($CURUSER['id_level'] <= $att['id_level']) { stderr("Forget It", "you can not demote/promote a member with the same or a higher rank than you !!"); stdfoot(); die; } // protection $dt3 = (int) $_POST['level']; $dt2 = 'yes'; $dt1 = rank_expiration(mktime(date('H') + 2, date('i'), date('s'), date('m'), date('d') + addslashes($_POST['t_days']), date('Y'))); $returnto = $_POST['returnto']; // staff control do_sqlquery("INSERT INTO {$TABLE_PREFIX}t_rank (userid, old_rank, new_rank, date, byt , enddate) VALUES ({$id},{$idd},{$dt3}, NOW(), {$CURUSER['uid']}, '{$dt1}' )", true); // staff control $res4 = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT level FROM {$TABLE_PREFIX}users_level WHERE id ='{$dt3}'"); $arr4 = mysqli_fetch_assoc($res4); $newrank = $arr4[level]; $res5 = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT old_rank FROM {$TABLE_PREFIX}users WHERE id ='{$id}'"); $arr5 = mysqli_fetch_assoc($res5); $res6 = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT level FROM {$TABLE_PREFIX}users_level WHERE id ='{$arr5['old_rank']}'"); $arr6 = mysqli_fetch_assoc($res6); $oldrank = $arr6[level]; function rank_expiration($timestamp = 0) { return gmdate('Y-m-d H:i:s', $timestamp); } $subj = sqlesc("Your rank is changed !"); $msg = sqlesc("Your rank is changed to " . $newrank . "\n\n this is a timed rank and it will expire " . $dt1 . "\n\n after that you will get your old rank " . $oldrank . " back\n\n [color=red]This is a automatic system message , so DO NOT reply ![/color]"); do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `old_rank` = '" . $idd . "',`timed_rank`='" . $dt1 . "', `rank_switch`='" . $dt2 . "', `id_level`='" . $dt3 . "' WHERE `id`=" . $id); send_pm(0, $id, $subj, $msg); header('Location: ' . $returnto); die;
$this->prompt_for_confirm($msg); } } change_tor_status($attach_id, $new_status); $this->response['status'] = $bb_cfg['tor_icons'][$new_status] . ' <b> ' . $lang['TOR_STATUS_NAME'][$new_status] . '</b> · ' . profile_url($userdata) . ' · <i>' . delta_time(TIMENOW) . $lang['TOR_BACK'] . '</i>'; if ($bb_cfg['tor_comment'] && ($comment && $comment != $lang['COMMENT'] || in_array($new_status, $bb_cfg['tor_reply']))) { if ($tor['poster_id'] > 0) { $subject = sprintf($lang['TOR_MOD_TITLE'], $tor['topic_title']); $message = sprintf($lang['TOR_MOD_MSG'], get_username($tor['poster_id']), make_url(TOPIC_URL . $tor['topic_id']), $bb_cfg['tor_icons'][$new_status] . ' ' . $lang['TOR_STATUS_NAME'][$new_status]); if ($comment && $comment != $lang['COMMENT']) { $message .= "\n\n[b]" . $lang['COMMENT'] . '[/b]: ' . $comment; } send_pm($tor['poster_id'], $subject, $message, $userdata['user_id']); cache_rm_user_sessions($tor['poster_id']); } } break; case 'status_reply': if (!$bb_cfg['tor_comment']) { $this->ajax_die($lang['MODULE_OFF']); } $subject = sprintf($lang['TOR_AUTH_TITLE'], $tor['topic_title']); $message = sprintf($lang['TOR_AUTH_MSG'], get_username($tor['checked_user_id']), make_url(TOPIC_URL . $tor['topic_id']), $tor['topic_title']); if ($comment && $comment != $lang['COMMENT']) { $message .= "\n\n[b]" . $lang['COMMENT'] . '[/b]: ' . $comment; } send_pm($tor['checked_user_id'], $subject, $message, $userdata['user_id']); cache_rm_user_sessions($tor['checked_user_id']); break; } $this->response['attach_id'] = $attach_id;
if ($user['usergroup'] != $gid && !in_array($gid, $additionalgroups)) { $query = $db->simple_select("joinrequests", "rid", "uid = '" . (int) $user['uid'] . "' AND gid = '" . (int) $gid . "'", array("limit" => 1)); $pendinginvite = $db->fetch_array($query); if ($pendinginvite['rid']) { error($lang->error_alreadyinvited); } else { $usergroups_cache = $cache->read('usergroups'); $usergroup = $usergroups_cache[$gid]; $joinrequest = array("uid" => $user['uid'], "gid" => $usergroup['gid'], "dateline" => TIME_NOW, "invite" => 1); $db->insert_query("joinrequests", $joinrequest); $lang_var = 'invite_pm_message'; if ($mybb->settings['deleteinvites'] != 0) { $lang_var .= '_expires'; } $pm = array('subject' => array('invite_pm_subject', $usergroup['title']), 'message' => array($lang_var, $usergroup['title'], $mybb->settings['bburl'], $mybb->settings['deleteinvites']), 'touid' => $user['uid'], 'language' => $user['language'], 'language_file' => 'managegroup'); send_pm($pm, $mybb->user['uid'], true); $plugins->run_hooks("managegroup_do_invite_end"); redirect("managegroup.php?gid=" . $gid, $lang->user_invited); } } else { error($lang->error_alreadyingroup); } } else { error($lang->error_invalidusername); } } elseif ($mybb->input['action'] == "do_joinrequests" && $mybb->request_method == "post") { // Verify incoming POST request verify_post_check($mybb->get_input('my_post_key')); if ($groupleader['canmanagerequests'] == 0) { error_no_permission(); }
$message = "<strong>" . $locale['pla_605'] . "</strong>"; } opentable($title); echo "<div style='text-align:center'>" . $message . "</div>\n"; closetable(); } if (isset($_POST['edit_app'])) { $app_user = stripinput($_POST['app_user']); $app_status = stripinput($_POST['app_status']); $app_approver = stripinput($_POST['app_approver']); $app_approver_pm = stripinput($_POST['app_approver_pm']); $app_approver_comment = stripinput($_POST['app_approver_comment']); $result = dbquery("UPDATE " . DB_LICENSE_APPLY . " SET app_status = '{$app_status}', app_approver='" . $userdata['user_id'] . "', app_approver_pm='{$app_approver_pm}', app_approver_comment='{$app_approver_comment}' WHERE app_id='" . $_GET['app_id'] . "'"); $send_pm = $_POST['send_pm']; if ($send_pm) { $sendpm = send_pm($app_user, $userdata['user_id'], $locale['pla_004'], $app_approver_pm); } redirect(FUSION_SELF . $aidlink . "&status=apr"); } elseif (isset($_GET['action']) && $_GET['action'] == "delete" && (isset($_GET['app_id']) && isnum($_GET['app_id']))) { $result = dbquery("DELETE FROM " . DB_LICENSE_APPLY . " WHERE app_id='" . $_GET['app_id'] . "'"); redirect(FUSION_SELF . $aidlink . "&status=del"); } else { if (isset($_GET['action']) && $_GET['action'] == "edit" && (isset($_GET['app_id']) && isnum($_GET['app_id']))) { $result = dbquery("SELECT * FROM " . DB_LICENSE_APPLY . " WHERE app_id='" . $_GET['app_id'] . "'"); if (dbrows($result)) { $data = dbarray($result); $app_user = $data['app_user']; $app_realname = $data['app_realname']; $app_address = $data['app_address']; $app_country = $data['app_country']; $app_phone = $data['app_phone'];
log_registration($username, $email, $log); opentable($locale['400']); echo "<div style='text-align:center'><br />\n" . $locale['454'] . "<br /><br />\n</div>\n"; closetable(); } else { opentable($locale['456']); echo "<div style='text-align:center'><br />\n" . $locale['457'] . "<br /><br />\n</div>\n"; closetable(); } } else { $user_status = $settings['admin_activation'] == "1" ? "2" : "0"; $result = dbquery("INSERT INTO " . DB_USERS . " (user_name, user_password, user_admin_password, user_email, user_hide_email, user_avatar, user_posts, user_threads, user_joined, user_lastvisit, user_ip, user_rights, user_groups, user_level, user_status" . $db_fields . ") VALUES('{$username}', '" . encrypt_pw($password1) . "', '', '" . $email . "', '{$user_hide_email}', '', '0', '0', '" . time() . "', '0', '" . USER_IP . "', '', '', '" . nMEMBER . "', '{$user_status}'" . $db_values . ")"); $user_id = mysql_insert_id(); if ($settings['welcome_pm']) { // Pimped: Welcome PM send_pm($user_id, $settings['welcome_pm_from'], $settings['welcome_pm_subject'], $settings['welcome_pm_message'], $settings['welcome_pm_smiley']); } // Log Registration + Security Question log_registration($username, $email, $log, $user_id); unset($user_id); opentable($locale['400']); if ($settings['admin_activation'] == "1") { echo "<div style='text-align:center'><br />\n" . $locale['451'] . "<br /><br />\n" . $locale['453'] . "<br /><br />\n</div>\n"; } else { echo "<div style='text-align:center'><br />\n" . $locale['451'] . "<br /><br />\n" . $locale['452'] . "<br /><br />\n</div>\n"; } closetable(); } } else { opentable($locale['456']); echo "<div style='text-align:center'>\r\n\t\t<br />\n" . $locale['458'] . "<br /><br />\n" . $error . "<br />\n<a href='" . FUSION_SELF . "'>" . $locale['459'] . "</a>\r\n\t\t</div><br />\n";
if (!defined("IN_BTIT")) { die("non direct access!"); } if (!defined("IN_ACP")) { die("non direct access!"); } $admintpl->set("language", $language); if (isset($_GET["action"])) { $action = $_GET["action"]; } else { $action = ""; } if ($action == "pm") { $id = $_GET["id"]; $mesg = "After a system check , we found out you are [color=red]NOT connectable ( NAT )[/color]\n\n that is nor good for our community and it is not good for yourself , speeds will be low ! \n\n for more info read this [url]http://www.portforward.com[/url] and fix this problem ! \n\n [color=red]This is a automatic system message , so DO NOT reply ![/color]"; send_pm(0, $id, sqlesc('Warning , you are NOT connectable !!'), sqlesc($mesg)); } $r2 = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT * FROM {$TABLE_PREFIX}users WHERE connectable='no'") or die(is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)); $connect = array(); $i = 0; if ($r2) { while ($arr = mysqli_fetch_assoc($r2)) { $res4 = mysqli_query($GLOBALS["___mysqli_ston"], "SELECT prefixcolor , suffixcolor FROM {$TABLE_PREFIX}users_level WHERE id ='{$arr['id_level']}'"); $arr4 = mysqli_fetch_assoc($res4); $name = $arr4[prefixcolor] . $arr[username] . $arr4[sufixcolor]; $connect[$i]["Username"] = "******" . $arr["id"] . ">" . $name . "</a>"; $connect[$i]["IP"] = $arr['joined']; $connect[$i]["Failed"] = $arr['lastconnect']; $connect[$i]["pm"] = "<a href=\"index.php?page=admin&user="******"uid"] . "&code=" . $CURUSER["random"] . "&do=connect&action=pm&id=" . $arr["id"] . "\" onclick=\"return confirm('Are you shure you want to pm this user ?')\">" . image_or_link("{$STYLEPATH}/images/pm.png", "", $language["USERS_PM"]) . "</a>"; $i++; }