Пример #1
0
function user_remove($user_id)
{
    /*
     * This function returns a boolean value
     * If the user is successfully deleted returns true, in other case return false
     */
    if (!isset($user_id) || user_level(5)) {
        return false;
    }
    return mysql_query("DELETE FROM `amsn_users` WHERE `id` = '" . (int) $user_id . "' LIMIT 1");
}
Пример #2
0
                ?>
" method="post">
    User: <strong><?php 
                echo $row[0];
                ?>
</strong><br />
    <input type="hidden" name="nick" value="<?php 
                echo stripslashes($_POST['user']);
                ?>
" />
    <label for="mail">E-Mail:</label><input type="text" name="mail" id="mail" value="<?php 
                echo $row[1];
                ?>
" /><br />
<?php 
                if (user_level(5)) {
                    echo '    <label for="level">Level:</label><select name="level" id="level">' . "\n";
                    for ($i = 1; $i < 6; $i++) {
                        echo "        <option" . ($i == (int) $row[2] ? ' selected="selected"' : '') . ">{$i}</option>\n";
                    }
                    echo "    </select><br />\n";
                }
                ?>
    <label for="oldpass">Old Password:</label><input type="password" name="oldpass" id="oldpass" /><br />
    <label for="newpass">New Password:</label><input type="password" name="newpass" id="newpass" /><br />
    <input type="submit" />
</form>
<?php 
            } else {
                if (!isset($_POST['user']) && isset($_POST['nick'], $_POST['mail'], $_POST['oldpass'], $_POST['newpass'])) {
                    if (user_edit($_POST['nick'], $_POST['mail'], isset($_POST['level']) ? $_POST['level'] : null, $_POST['oldpass'], $_POST['newpass'])) {
Пример #3
0
        <li><a href="index.php?load=screenshots&amp;action=edit">Edit screenshot</a></li>
        <li><a href="index.php?load=screenshots&amp;action=remove">Remove screenshot</a></li>
<?php 
        }
        ?>
        <li><a href="index.php?load=screenshots&amp;action=sort">Sort screenshots</a></li>
    </ul></li>
<?php 
    }
    if (user_level(3)) {
        ?>
    <li>Files<ul>
        <li><a href="index.php?load=files&amp;action=stats">Files statistics</a></li>
        <li><a href="index.php?load=files&amp;action=clean">Clean files</a></li>
<?php 
        if (user_level(4)) {
            ?>
        <li><a href="index.php?load=files&amp;action=edit">Edit file</a></li>
<?php 
        }
        ?>
    </ul></li>
<?php 
    }
    ?>
    <li><a href="logout.php">Logout</a></li>
</ul>
<?php 
    if (!isset($_GET['load'])) {
        $_GET['load'] = '';
    }
Пример #4
0
<?php

require_once '../../common.php';
session_start();
header("Cache-control: private");
require_once 'lib.user.php';
require_once 'lib.misc.php';
if (!isset($_SESSION['user'], $_SESSION['level']) || !user_level(3)) {
    noperms();
    exit;
}
?>
<html>
<head>
</head>
<?php 
if (isset($_POST['sort_id']) && ereg('^[0-9][0-9]*$', $_POST['sort_id']) && isset($_POST['sort'])) {
    if (mysql_num_rows($all = @mysql_query("SELECT * FROM `amsn_screenshots` ORDER BY `order` DESC, `name` ASC"))) {
        $sorting = array();
        while ($row = mysql_fetch_assoc($all)) {
            array_push($sorting, $row['id']);
        }
        if ($_POST['sort'] == 'up') {
            $new_id = $_POST['sort_id'] - 1;
        } else {
            $new_id = $_POST['sort_id'] + 1;
        }
        if ($new_id >= 0 && $new_id < sizeof($sorting) && $_POST['sort_id'] >= 0 && $_POST['sort_id'] < sizeof($sorting)) {
            $element = $sorting[$_POST['sort_id']];
            $sorting[$_POST['sort_id']] = $sorting[$new_id];
            $sorting[$new_id] = $element;
Пример #5
0
<?php

if (!defined('CPanel') || !isset($_SESSION['user'], $_SESSION['level'], $_GET['load']) || !user_level(3)) {
    require_once 'lib.misc.php';
    noperms();
    exit;
}
function treatUploadForm()
{
    if (isset($_FILES['file'])) {
        $_POST = clean4sql($_POST);
        if (move_uploaded_file($_FILES['file']['tmp_name'], getFilePath($_FILES['file']['name']))) {
            $q = mysql_query("SELECT * FROM `amsn_files` WHERE id = " . (int) $_POST['id'] . ";");
            $row = mysql_fetch_assoc($q);
            if ($row['filename'] != '') {
                unlink(getFilePath($row['filename']));
            }
            if (mysql_query("UPDATE `amsn_files` SET filename = '" . $_FILES['file']['name'] . "', `url` = '', `lastmod` = NOW() WHERE id = '" . (int) $_POST['id'] . "' LIMIT 1")) {
                return array('success' => "File successfully modified");
            } else {
                #echo mysql_error();
                return array('error' => "There was an error when trying to update the database registry");
            }
        } else {
            return array('error' => "There was an error when trying to move the file");
        }
    }
}
function treatURLForm()
{
    if (isset($_POST['url'])) {
Пример #6
0
    ?>
_disp");
        field.value = name;
        window.parent.switchVisibility("<?php 
    echo $_GET['field'];
    ?>
",0);
    }
    //-->
</script>
<?php 
}
?>
<body>
<?php 
if (!user_level()) {
    noperms();
    exit;
}
if (!isset($_GET['field'])) {
    ?>
<b style="text-align: center;display:block">No parent information defined</b>
<?php 
} else {
    if (isset($_GET['file_id']) && $_GET['file_id'] === 'new') {
        if (!isset($_POST['type']) || strcmp($_POST['type'], 'upload') && strcmp($_POST['type'], 'url')) {
            renderUploadForm('');
            renderURLForm('');
        } else {
            if ($_POST['type'] === 'upload') {
                $result = treatUploadForm('');
Пример #7
0
    echo htmlentities($_SERVER['REQUEST_URI']);
    ?>
" method="post" id="form">
    <label for="question">Question:</label><input type="text" name="question" id="question" maxlength="150" /><br />
    <p>Fill only the fields that you need:</p>
<?php 
    for ($i = 1; $i < 11; $i++) {
        echo '     <label for="answer' . $i . '">Answer ' . $i . ':</label><input type="text" name="answers[]" id="answer' . $i . "\" /><br />\n";
    }
    ?>
    <input type="submit" />
</form>
<?php 
} else {
    if ($_GET['action'] == 'remove') {
        if (!user_level(4)) {
            noperms();
            return;
        }
        if (isset($_POST['question']) && ereg('^[1-9][0-9]*$', $_POST['question'] = (int) $_POST['question'])) {
            if (mysql_query("DELETE FROM `amsn_poll` WHERE id = '{$_POST['question']}' LIMIT 1") && mysql_query("DELETE FROM `amsn_poll_answers` WHERE id_father = '{$_POST['question']}'")) {
                echo "<p>The poll was successfully removed</p>";
                return;
            } else {
                echo "<p>An error ocurred while trying to remove the poll or the answers</p>";
                return;
            }
        }
        $query = mysql_query("SELECT id, question FROM `amsn_poll` ORDER BY time ASC");
        if (!mysql_num_rows($query)) {
            echo "There are no polls yet, you can <a href=\"cpanel.php?load=poll&action=add\">create one</a>.\n";
Пример #8
0
echo $guru->nip;
?>
</dd>
                                <dt>Jenis Kelamin</dt>
                                <dd><?php 
echo jk($guru->jk);
?>
</dd>
                                <dt>Username</dt>
                                <dd><?php 
echo $guru->username;
?>
</dd>
                                <dt>User Level</dt>
                                <dd><?php 
echo user_level($guru->user_level);
?>
</dd>
                            </dl>
                        </div>
                    </div><!-- /.distro -->
                </div>
            </section><!-- /.Left col -->
            <!-- right col (We are only adding the ID to make the widgets sortable)-->
            <section class="col-lg-5 connectedSortable">

                <form action="" method="post" id="form_delete_guru">
                    <input type="hidden" name="submit_type" value="delete_guru">
                    <input type="hidden" name="key" value="<?php 
echo sha1(date('ymdhis'));
?>