function user_remove($user_id)
{
/*
* This function returns a boolean value
* If the user is successfully deleted returns true, in other case return false
*/
if (!isset($user_id) || user_level(5)) {
return false;
}
return mysql_query("DELETE FROM `amsn_users` WHERE `id` = '" . (int) $user_id . "' LIMIT 1");
}
?>
" method="post">
User: <strong><?php
echo $row[0];
?>
</strong><br />
<input type="hidden" name="nick" value="<?php
echo stripslashes($_POST['user']);
?>
" />
<label for="mail">E-Mail:</label><input type="text" name="mail" id="mail" value="<?php
echo $row[1];
?>
" /><br />
<?php
if (user_level(5)) {
echo ' <label for="level">Level:</label><select name="level" id="level">' . "\n";
for ($i = 1; $i < 6; $i++) {
echo " <option" . ($i == (int) $row[2] ? ' selected="selected"' : '') . ">{$i}</option>\n";
}
echo " </select><br />\n";
}
?>
<label for="oldpass">Old Password:</label><input type="password" name="oldpass" id="oldpass" /><br />
<label for="newpass">New Password:</label><input type="password" name="newpass" id="newpass" /><br />
<input type="submit" />
</form>
<?php
} else {
if (!isset($_POST['user']) && isset($_POST['nick'], $_POST['mail'], $_POST['oldpass'], $_POST['newpass'])) {
if (user_edit($_POST['nick'], $_POST['mail'], isset($_POST['level']) ? $_POST['level'] : null, $_POST['oldpass'], $_POST['newpass'])) {
<li><a href="index.php?load=screenshots&action=edit">Edit screenshot</a></li>
<li><a href="index.php?load=screenshots&action=remove">Remove screenshot</a></li>
<?php
}
?>
<li><a href="index.php?load=screenshots&action=sort">Sort screenshots</a></li>
</ul></li>
<?php
}
if (user_level(3)) {
?>
<li>Files<ul>
<li><a href="index.php?load=files&action=stats">Files statistics</a></li>
<li><a href="index.php?load=files&action=clean">Clean files</a></li>
<?php
if (user_level(4)) {
?>
<li><a href="index.php?load=files&action=edit">Edit file</a></li>
<?php
}
?>
</ul></li>
<?php
}
?>
<li><a href="logout.php">Logout</a></li>
</ul>
<?php
if (!isset($_GET['load'])) {
$_GET['load'] = '';
}
<?php
require_once '../../common.php';
session_start();
header("Cache-control: private");
require_once 'lib.user.php';
require_once 'lib.misc.php';
if (!isset($_SESSION['user'], $_SESSION['level']) || !user_level(3)) {
noperms();
exit;
}
?>
<html>
<head>
</head>
<?php
if (isset($_POST['sort_id']) && ereg('^[0-9][0-9]*$', $_POST['sort_id']) && isset($_POST['sort'])) {
if (mysql_num_rows($all = @mysql_query("SELECT * FROM `amsn_screenshots` ORDER BY `order` DESC, `name` ASC"))) {
$sorting = array();
while ($row = mysql_fetch_assoc($all)) {
array_push($sorting, $row['id']);
}
if ($_POST['sort'] == 'up') {
$new_id = $_POST['sort_id'] - 1;
} else {
$new_id = $_POST['sort_id'] + 1;
}
if ($new_id >= 0 && $new_id < sizeof($sorting) && $_POST['sort_id'] >= 0 && $_POST['sort_id'] < sizeof($sorting)) {
$element = $sorting[$_POST['sort_id']];
$sorting[$_POST['sort_id']] = $sorting[$new_id];
$sorting[$new_id] = $element;
<?php
if (!defined('CPanel') || !isset($_SESSION['user'], $_SESSION['level'], $_GET['load']) || !user_level(3)) {
require_once 'lib.misc.php';
noperms();
exit;
}
function treatUploadForm()
{
if (isset($_FILES['file'])) {
$_POST = clean4sql($_POST);
if (move_uploaded_file($_FILES['file']['tmp_name'], getFilePath($_FILES['file']['name']))) {
$q = mysql_query("SELECT * FROM `amsn_files` WHERE id = " . (int) $_POST['id'] . ";");
$row = mysql_fetch_assoc($q);
if ($row['filename'] != '') {
unlink(getFilePath($row['filename']));
}
if (mysql_query("UPDATE `amsn_files` SET filename = '" . $_FILES['file']['name'] . "', `url` = '', `lastmod` = NOW() WHERE id = '" . (int) $_POST['id'] . "' LIMIT 1")) {
return array('success' => "File successfully modified");
} else {
#echo mysql_error();
return array('error' => "There was an error when trying to update the database registry");
}
} else {
return array('error' => "There was an error when trying to move the file");
}
}
}
function treatURLForm()
{
if (isset($_POST['url'])) {
?>
_disp");
field.value = name;
window.parent.switchVisibility("<?php
echo $_GET['field'];
?>
",0);
}
//-->
</script>
<?php
}
?>
<body>
<?php
if (!user_level()) {
noperms();
exit;
}
if (!isset($_GET['field'])) {
?>
<b style="text-align: center;display:block">No parent information defined</b>
<?php
} else {
if (isset($_GET['file_id']) && $_GET['file_id'] === 'new') {
if (!isset($_POST['type']) || strcmp($_POST['type'], 'upload') && strcmp($_POST['type'], 'url')) {
renderUploadForm('');
renderURLForm('');
} else {
if ($_POST['type'] === 'upload') {
$result = treatUploadForm('');
echo htmlentities($_SERVER['REQUEST_URI']);
?>
" method="post" id="form">
<label for="question">Question:</label><input type="text" name="question" id="question" maxlength="150" /><br />
<p>Fill only the fields that you need:</p>
<?php
for ($i = 1; $i < 11; $i++) {
echo ' <label for="answer' . $i . '">Answer ' . $i . ':</label><input type="text" name="answers[]" id="answer' . $i . "\" /><br />\n";
}
?>
<input type="submit" />
</form>
<?php
} else {
if ($_GET['action'] == 'remove') {
if (!user_level(4)) {
noperms();
return;
}
if (isset($_POST['question']) && ereg('^[1-9][0-9]*$', $_POST['question'] = (int) $_POST['question'])) {
if (mysql_query("DELETE FROM `amsn_poll` WHERE id = '{$_POST['question']}' LIMIT 1") && mysql_query("DELETE FROM `amsn_poll_answers` WHERE id_father = '{$_POST['question']}'")) {
echo "<p>The poll was successfully removed</p>";
return;
} else {
echo "<p>An error ocurred while trying to remove the poll or the answers</p>";
return;
}
}
$query = mysql_query("SELECT id, question FROM `amsn_poll` ORDER BY time ASC");
if (!mysql_num_rows($query)) {
echo "There are no polls yet, you can <a href=\"cpanel.php?load=poll&action=add\">create one</a>.\n";
echo $guru->nip;
?>
</dd>
<dt>Jenis Kelamin</dt>
<dd><?php
echo jk($guru->jk);
?>
</dd>
<dt>Username</dt>
<dd><?php
echo $guru->username;
?>
</dd>
<dt>User Level</dt>
<dd><?php
echo user_level($guru->user_level);
?>
</dd>
</dl>
</div>
</div><!-- /.distro -->
</div>
</section><!-- /.Left col -->
<!-- right col (We are only adding the ID to make the widgets sortable)-->
<section class="col-lg-5 connectedSortable">
<form action="" method="post" id="form_delete_guru">
<input type="hidden" name="submit_type" value="delete_guru">
<input type="hidden" name="key" value="<?php
echo sha1(date('ymdhis'));
?>