$LOGIN_FAIL = true; if ($checkMember) { if ($member->authorizeLogin($_SESSION['btPassword'])) { $LOGIN_FAIL = false; $memberInfo = $member->get_info(); $_SESSION['lastConsoleCategory'] = array("catID" => $consoleInfo['consolecategory_id'], "exptime" => time() + 300); // Check for IA if ($memberInfo['onia'] == 1 && $cID != $consoleObj->findConsoleIDByName("Cancel IA")) { $cancelIACID = $consoleObj->findConsoleIDByName("Cancel IA"); echo "\n\t\t\t\n\t\t\t\t<div id='iaMessage' style='display: none'>\n\t\t\t\t\t<p class='main' align='center'>You are currently Inactive!<br><br>While inactive, you do not have access to console options.<br><br><a href='" . $MAIN_ROOT . "members/console.php?cID=" . $cancelIACID . "'><b>Click Here</b></a> to become active again!</p>\n\t\t\t\t</div>\n\t\t\t\t\n\t\t\t\t<script type='text/javascript'>\n\t\t\t\t\tpopupDialog('Inactive Member', '" . $MAIN_ROOT . "members', 'iaMessage');\n\t\t\t\t</script>\n\t\t\t"; exit; } $memberRankID = $memberInfo['rank_id']; define("MEMBERRANK_ID", $memberRankID); $memberRank = new Rank($mysqli); $memberRank->select($memberRankID); $rankPrivileges = $memberRank->get_privileges(); if ($member->hasAccess($consoleObj) || $consoleInfo['pagetitle'] == "Manage Forum Posts" && !isset($_GET['noaccess'])) { //$getClanInfo = $mysqli->query("SELECT * FROM ".$dbprefix."websiteinfo WHERE websiteinfo_id = '1'"); $arrClanInfo = $websiteInfo; //$getClanInfo->fetch_assoc(); // Console Security define("PREVENT_HACK", $arrClanInfo['preventhack']); include $prevFolder . "include/breadcrumb.php"; if (isset($_GET['action']) && $_GET['action'] == "edit") { echo "\n\t\t\t\t<p align='right' style='margin-bottom: 10px; margin-right: 20px;'>« <a href='" . $MAIN_ROOT . "members/console.php?cID=" . $cID . "'>Go Back</a></p>\n\t\t\t\t"; } elseif (!isset($_GET['action'])) { echo "\n\t\t\t\t<p align='right' style='margin-bottom: 20px; margin-right: 20px;'>« <a href='" . $MAIN_ROOT . "members/index.php?select=" . $consoleInfo['consolecategory_id'] . "' id='consoleTopBackButton'>Go Back</a></p>\n\t\t\t\t"; } if (substr($consoleInfo['filename'], 0, strlen("../")) != "../") { $include_file = "include/" . $consoleInfo['filename'];
if (!is_numeric($_POST['rankimagewidth']) and trim($_POST['rankimagewidth']) != "") { $countErrors++; $dispError .= " <b>·</b> The Image Width must be a numeric value.<br>"; } elseif ($_POST['rankimagewidth'] <= 0 and is_numeric($_POST['rankimagewidth'])) { $countErrors++; $dispError .= " <b>·</b> The Image Width must be a value greater than 0.<br>"; } if ($_FILES['rankimagefile']['name'] == "" and (trim($_POST['rankimagewidth']) == "" or $_POST['rankimagewidth'] <= 0)) { $countErrors++; $dispError .= " <b>·</b> You must supply an image width for images that aren't uploaded.<br>"; } // Check Before/After and Rank $beforeAfterRankOK = false; $rankObj = new Rank($mysqli); if ($_POST['rankorder'] != "first") { if (!$rankObj->select($_POST['rankorder'])) { $countErrors++; $dispError .= " <b>·</b> You selected an invalid rank order. (rank)<br>"; } else { $beforeAfterRankInfo = $rankObj->get_info(); $beforeAfterRankOK = true; // Check to see if we can get a new rank order number $intNewRankOrderNum = $rankObj->makeRoom($_POST['beforeafter']); if (!is_numeric($intNewRankOrderNum)) { $countErrors++; $dispError .= " <b>·</b> You selected an invalid rank order. (rank)<br>"; } } } else { $result = $mysqli->query("SELECT * FROM " . $dbprefix . "ranks WHERE rank_id != '1'"); $num_rows = $result->num_rows;
} if ($_POST['autodisable'] != "") { if (!is_numeric($_POST['autodisable']) or is_numeric($_POST['autodisable']) and $_POST['autodisable'] < 0) { $countErrors++; $dispError .= " <b>·</b> Auto disable must either be blank or a positive numeric value.<br>"; } } // Check Rank Order and Promote Power $checkRankObj = new Rank($mysqli); if ($_POST['rankorder'] == $rankInfo['rank_id']) { // Hack attempt $countErrors++; $dispError .= " <b>·</b> You selected an invalid rank order. (possible hack attempt?)<br>"; } //Check if rank selected for rank order is an actual rank if ($checkRankObj->select($_POST['rankorder'])) { $checkRankInfo = $checkRankObj->get_info(); if ($_POST['beforeafter'] == "before") { $intTempRankOrder = $checkRankInfo['ordernum'] + 1; } else { $intTempRankOrder = $checkRankInfo['ordernum'] - 1; } // If the rank order is the same do nothing keep it the same // If its not the same make room for the new order and then resort ordernum if ($intTempRankOrder == $rankInfo['ordernum']) { $intNewRankOrderNum = $rankInfo['ordernum']; $resortRanks = false; } else { $intNewRankOrderNum = $checkRankObj->makeRoom($_POST['beforeafter']); $resortRanks = true; }
function get_privileges() { $returnArr = array(); $filterArray = array(); $rankObj = new Rank($this->MySQL); if ($this->intTableKeyValue != "") { $rankObj->select($this->arrObjInfo['rank_id']); $arrPrivileges = $rankObj->get_privileges(); $result = $this->MySQL->query("SELECT * FROM " . $this->MySQL->get_tablePrefix() . "console_members WHERE member_id = '" . $this->intTableKeyValue . "'"); while ($row = $result->fetch_assoc()) { if ($row['allowdeny'] == 1 && !in_array($row['console_id'], $arrPrivileges)) { $arrPrivileges[] = $row['console_id']; } elseif ($row['allowdeny'] == 0 && in_array($row['console_id'], $arrPrivileges)) { $key = array_search($row['console_id'], $arrPrivileges); $arrPrivileges[$key] = 0; } } } return $arrPrivileges; }
?> '>Home</a> > Inactive Members </div> <table class='formTable'> <tr> <td class='formTitle'>Rank:</td> <td class='formTitle'>Username:</td> <td class='formTitle'>Main Game:</td> <td class='formTitle'>Inactive Since:</td> </tr> <?php $result = $mysqli->query("SELECT " . $dbprefix . "members.member_id, " . $dbprefix . "ranks.ordernum FROM " . $dbprefix . "members, " . $dbprefix . "ranks WHERE " . $dbprefix . "members.rank_id = " . $dbprefix . "ranks.rank_id AND " . $dbprefix . "members.onia = '1' AND " . $dbprefix . "members.disabled = '0' AND " . $dbprefix . "members.rank_id != '1' ORDER BY " . $dbprefix . "ranks.ordernum DESC"); while ($row = $result->fetch_assoc()) { $member->select($row['member_id']); $rankObj->select($member->get_info("rank_id")); $memberListInfo = $member->get_info_filtered(); $rankListInfo = $rankObj->get_info_filtered(); $dispMainGame = "Not Set"; if ($gameObj->select($memberListInfo['maingame_id'])) { $gameObj->refreshImageSize(); $gameInfo = $gameObj->get_info_filtered(); $dispMainGame = "<img src='" . $gameInfo['imageurl'] . "' width='" . $gameInfo['imagewidth'] . "' height='" . $gameInfo['imageheight'] . "' onmouseover=\"showToolTip('" . $gameInfo['name'] . "')\" onmouseout='hideToolTip()'>"; } echo "\n\t\t\t<tr>\n\t\t\t\t<td class='main' align='center'>\n\t\t\t\t\t<img src='" . $rankListInfo['imageurl'] . "' width='" . $rankListInfo['imagewidth'] . "' height='" . $rankListInfo['imageheight'] . "' onmouseover=\"showToolTip('" . $rankListInfo['name'] . "')\" onmouseout='hideToolTip()'>\n\t\t\t\t</td>\n\t\t\t\t<td class='main'>" . $member->getMemberLink() . "</td>\n\t\t\t\t<td class='main' align='center'>" . $dispMainGame . "</td>\n\t\t\t\t<td class='main' align='center'>" . getPreciseTime($memberListInfo['inactivedate']) . "</td>\n\t\t\t</tr>\n\t\t\n\t\t"; } ?> </table> <?php if ($result->num_rows > 0) {
} $cID = $_GET['cID']; $dispError = ""; $countErrors = 0; if ($memberInfo['rank_id'] == 1) { $maxOrderNum = $mysqli->query("SELECT MAX(ordernum) FROM " . $dbprefix . "ranks WHERE rank_id != '1'"); $arrMaxOrderNum = $maxOrderNum->fetch_array(MYSQLI_NUM); if ($maxOrderNum->num_rows > 0) { $result = $mysqli->query("SELECT rank_id FROM " . $dbprefix . "ranks WHERE ordernum = '" . $arrMaxOrderNum[0] . "'"); $row = $result->fetch_assoc(); $rankInfo['promotepower'] = $row['rank_id']; } } $rankObj = new Rank($mysqli); if ($_POST['submit']) { $rankObj->select($rankInfo['promotepower']); $maxRankInfo = $rankObj->get_info_filtered(); if ($rankInfo['rank_id'] == 1) { $maxRankInfo['ordernum'] += 1; } $arrRanks = array(); $result = $mysqli->query("SELECT * FROM " . $dbprefix . "ranks WHERE ordernum <= '" . $maxRankInfo['ordernum'] . "' AND rank_id != '1' ORDER BY ordernum DESC"); while ($row = $result->fetch_assoc()) { $arrRanks[] = $row['rank_id']; } // Check Member $newRank = 0; if (!$member->select($_POST['member']) || $_POST['member'] == $memberInfo['member_id']) { $countErrors++; $dispError = " <b>·</b> You selected an invalid member.<br>"; } elseif (!in_array($member->get_info("rank_id"), $arrRanks)) {
$consoleObj->select($cID); $checkAccess1 = $member->hasAccess($consoleObj); $cID = $consoleObj->findConsoleIDByName("Manage Boards"); $consoleObj->select($cID); $checkAccess2 = $member->hasAccess($consoleObj); $boardObj = new ForumBoard($mysqli); $rankCatObj = new RankCategory($mysqli); $rankObj = new Rank($mysqli); if ($member->authorizeLogin($_SESSION['btPassword']) && ($checkAccess1 || $checkAccess2)) { // Set Access if (isset($_POST['accessInfo'])) { $arrAccessOptions = array(1, 2); $accessInfo = json_decode($_POST['accessInfo'], true); foreach ($accessInfo as $checkBoxName => $accessType) { $rankID = str_replace("rankaccess_", "", $checkBoxName); if (in_array($accessType, $arrAccessOptions) && $rankObj->select($rankID)) { $_SESSION['btRankAccessCache'][$checkBoxName] = $accessType; } elseif ($accessType == 0 && $rankObj->select($rankID)) { $_SESSION['btRankAccessCache'][$checkBoxName] = 0; unset($_SESSION['btRankAccessCache'][$checkBoxName]); } } } // Display List $rankoptions = ""; $result1 = $mysqli->query("SELECT rankcategory_id FROM " . $dbprefix . "rankcategory ORDER BY ordernum DESC"); while ($row = $result1->fetch_assoc()) { $rankCatObj->select($row['rankcategory_id']); $arrRanks = $rankCatObj->getRanks(); $rankCatName = $rankCatObj->get_info_filtered("name"); if (count($arrRanks) > 0) {
if ($rankCatInfo['imageheight'] == 0) { $imageURL = $rankCatObj->getLocalImageURL(); $imageSize = getimagesize($imageURL); $rankCatInfo['imageheight'] = $imageSize[1]; } echo "\n\t\t\t<tr>\n\t\t\t\t<td class='main' align='center' colspan='2'><img src='" . $rankCatInfo['imageurl'] . "' width='" . $rankCatInfo['imagewidth'] . "' height='" . $rankCatInfo['imageheight'] . "' onmouseover=\"showToolTip('<b>" . $rankCatInfo['name'] . "</b><br>" . $rankCatInfo['description'] . "')\" onmouseout='hideToolTip()'></td>\n\t\t\t</tr>\n\t\t"; } else { $dispCatDesc = ""; if ($rankCatInfo['description'] != "") { $dispCatDesc = " style='cursor: pointer' onmouseover=\"showToolTip('<b>" . $rankCatInfo['name'] . "</b><br>" . $rankCatInfo['description'] . "')\" onmouseout='hideToolTip()'"; } echo "\n\t\t\t<tr>\n\t\t\t\t<td class='formTitle' align='center' colspan='2'><span" . $dispCatDesc . ">" . $rankCatInfo['name'] . "</span></td>\n\t\t\t</tr>\n\t\t"; } $arrRanks = $rankCatObj->getAssociateIDs("ORDER BY ordernum DESC"); foreach ($arrRanks as $rankID) { $rankObj->select($rankID); $rankInfo = $rankObj->get_info_filtered(); if ($rankInfo['hiderank'] == 0) { if ($rankInfo['imagewidth'] == 0) { $imageURL = $rankObj->getLocalImageURL(); $imageSize = getimagesize($imageURL); $rankInfo['imagewidth'] = $imageSize[0]; } if ($rankInfo['imageheight'] == 0) { $imageURL = $rankObj->getLocalImageURL(); $imageSize = getimagesize($imageURL); $rankInfo['imageheight'] = $imageSize[1]; } echo "\n\t\t\t\t<tr>\n\t\t\t\t\t<td align='center' valign='top' style='width: 50%'>\n\t\t\t\t\t\t<img src='" . $rankInfo['imageurl'] . "' width='" . $rankInfo['imagewidth'] . "' height='" . $rankInfo['imageheight'] . "'>\n\t\t\t\t\t</td>\n\t\t\t\t\t<td valign='top' style='width: 50%' class='main'>\n\t\t\t\t\t\t<b>" . $rankInfo['name'] . "</b><br>\n\t\t\t\t\t\t" . nl2br($rankInfo['description']) . "\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t\t<tr><td colspan='2'><br></td></tr>\n\t\t\t"; } }
// Classes needed for console.php include_once $prevFolder . "classes/member.php"; include_once $prevFolder . "classes/rank.php"; include_once $prevFolder . "classes/consoleoption.php"; $cOptObj = new ConsoleOption($mysqli); $cID = $cOptObj->findConsoleIDByName("Manage Ranks"); $cOptObj->select($cID); $member = new Member($mysqli); $checkMember = $member->select($_SESSION['btUsername']); if ($checkMember) { if ($member->authorizeLogin($_SESSION['btPassword'])) { //$cID = $cOptObj->findConsoleIDByName("Add New Rank"); $memberInfo = $member->get_info(); if ($member->hasAccess($cOptObj)) { $rank = new Rank($mysqli); if ($rank->select($_POST['rID'])) { $rankInfo = $rank->get_info_filtered(); if (!isset($_POST['confirm']) || $_POST['confirm'] == "") { echo "\n\t\t\t\t\t\tAre you sure you want to delete the rank <b>" . $rankInfo['name'] . "?</b>\n\t\t\t\t\t"; } else { if ($rank->countMembers() > 0) { echo "\n\t\t\t\t\t\t<script type='text/javascript'>\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\$(document).ready(function() {\n\t\t\t\t\t\t\t\t\$('#deleteMessage').html('There are currently members with the rank of <b>" . $rankInfo['name'] . "</b>. Please change all members with this rank before deleting it.');\n\t\t\t\t\t\t\t\t\$('#deleteDiv').dialog({\n\t\t\t\t\t\t\t\t\ttitle: 'Manage Ranks - Delete Rank',\n\t\t\t\t\t\t\t\t\tmodal: true,\n\t\t\t\t\t\t\t\t\tresizable: false,\n\t\t\t\t\t\t\t\t\twidth: 400,\n\t\t\t\t\t\t\t\t\tshow: 'scale',\n\t\t\t\t\t\t\t\t\tzIndex: 99999,\n\t\t\t\t\t\t\t\t\tbuttons: {\n\t\t\t\t\t\t\t\t\t\t'OK': function() { \$(this).dialog('close'); }\n\t\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t\t});\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t</script>\n\t\t\t\t\t\t"; } else { if ($rank->delete()) { echo ""; echo "\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t<script type='text/javascript'>\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tfunction refreshRanks() {\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\$(document).ready(function() {\n\t\t\t\t\t\t\t\t\$('#deleteMessage').html('<b>" . $rankInfo['name'] . "</b> successfully deleted!');\n\t\t\t\t\t\t\t\t\$('#loadingSpiral').show();\n\t\t\t\t\t\t\t\t\$('#contentDiv').fadeOut(400);\n\t\t\t\t\t\t\t\t\$('#deleteDiv').dialog({\n\t\t\t\t\t\t\t\t\ttitle: 'Manage Ranks - Delete Rank',\n\t\t\t\t\t\t\t\t\tmodal: true,\n\t\t\t\t\t\t\t\t\tresizable: false,\n\t\t\t\t\t\t\t\t\twidth: 400,\n\t\t\t\t\t\t\t\t\tshow: 'scale',\n\t\t\t\t\t\t\t\t\tzIndex: 99999,\n\t\t\t\t\t\t\t\t\tbuttons: {\n\t\t\t\t\t\t\t\t\t\t'OK': function() {\n\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\$.post('" . $MAIN_ROOT . "members/include/admin/manageranks/main.php', { }, function(data) {\n\t\t\t\t\t\t\t\t\t\t\t\t\$('#contentDiv').html(data).fadeIn(400);\n\t\t\t\t\t\t\t\t\t\t\t\t\$('#loadingSpiral').hide();\n\t\t\t\t\t\t\t\t\t\t\t});\t\n\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t\t\$(this).dialog('close'); \n\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t\t});\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t</script>\n\t\t\t\t\t\t\t"; } else { echo ""; echo "\n\t\t\t\t\t\t\t<script type='text/javascript'>\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\$(document).ready(function() {\n\t\t\t\t\t\t\t\t\$('#deleteMessage').html('Unable to delete rank from the database. Please contact the website administrator.');\n\t\t\t\t\t\t\t\t\$('#deleteDiv').dialog({\n\t\t\t\t\t\t\t\t\ttitle: 'Manage Ranks - Delete Rank',\n\t\t\t\t\t\t\t\t\tmodal: true,\n\t\t\t\t\t\t\t\t\tresizeable: false,\n\t\t\t\t\t\t\t\t\twidth: 400,\n\t\t\t\t\t\t\t\t\tshow: 'scale',\n\t\t\t\t\t\t\t\t\tzIndex: 99999,\n\t\t\t\t\t\t\t\t\tbuttons: {\n\t\t\t\t\t\t\t\t\t\t'OK': function() { \$(this).dialog('close'); }\n\t\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t\t});\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t</script>\n\t\t\t\t\t\t\t"; } }
$rankInfo['promotepower'] = 0; } $cID = $_GET['cID']; if ($memberInfo['rank_id'] == 1) { $maxOrderNum = $mysqli->query("SELECT MAX(ordernum) FROM " . $dbprefix . "ranks WHERE rank_id != '1'"); $arrMaxOrderNum = $maxOrderNum->fetch_array(MYSQLI_NUM); if ($maxOrderNum->num_rows > 0) { $result = $mysqli->query("SELECT rank_id FROM " . $dbprefix . "ranks WHERE ordernum = '" . $arrMaxOrderNum[0] . "'"); $row = $result->fetch_assoc(); $rankInfo['promotepower'] = $row['rank_id']; } } $rankObj = new Rank($mysqli); $medalObj = new Medal($mysqli); $awardMedalObj = new Basic($mysqli, "medals_members", "medalmember_id"); $rankObj->select($rankInfo['promotepower']); $maxRankInfo = $rankObj->get_info_filtered(); if ($rankInfo['rank_id'] == 1) { $maxRankInfo['ordernum'] += 1; } $arrRanks = array(); $result = $mysqli->query("SELECT * FROM " . $dbprefix . "ranks WHERE ordernum <= '" . $maxRankInfo['ordernum'] . "' AND rank_id != '1' ORDER BY ordernum DESC"); while ($row = $result->fetch_assoc()) { $arrRanks[] = $row['rank_id']; } $sqlRanks = "('" . implode("','", $arrRanks) . "')"; $result = $mysqli->query("SELECT * FROM " . $dbprefix . "members INNER JOIN " . $dbprefix . "ranks ON " . $dbprefix . "members.rank_id = " . $dbprefix . "ranks.rank_id WHERE " . $dbprefix . "members.rank_id IN " . $sqlRanks . " AND " . $dbprefix . "members.disabled = '0' AND " . $dbprefix . "members.member_id != '" . $memberInfo['member_id'] . "' ORDER BY " . $dbprefix . "ranks.ordernum DESC"); while ($row = $result->fetch_assoc()) { $rankObj->select($row['rank_id']); $memberOptions[$row['member_id']] = $rankObj->get_info_filtered("name") . " " . filterText($row['username']); }
public function prepareAdditionalMemberInfo() { if ($this->blnLoggedIn) { // Private Message Info $consoleOptionObj = new ConsoleOption($this->MySQL); $pmCID = $consoleOptionObj->findConsoleIDByName("Private Messages"); $totalPMs = $this->memberObj->countPMs(); $totalNewPMs = $this->memberObj->countPMs(true); $alertPM = 0; if ($totalNewPMs > 0) { $dispPMCount = "<b>(" . $totalNewPMs . ")</b> <img src='" . MAIN_ROOT . "themes/" . THEME . "/images/pmalert.gif'>"; $intPMCount = $totalNewPMs; $alertPM = 1; } else { $dispPMCount = "(" . $totalPMs . ")"; $intPMCount = $totalPMs; } $this->data['pmCID'] = $pmCID; $this->data['pmCount'] = $intPMCount; $this->data['pmCountDisp'] = $dispPMCount; $this->data['pmAlert'] = $alertPM; $this->data['pmLink'] = "<a href='" . MAIN_ROOT . "members/console.php?cID=" . $pmCID . "' id='pmLoggedInLink'>PM Inbox " . $dispPMCount . "</a>"; // Member Info $rank = new Rank($this->MySQL); $rank->select($this->memberObj->get_info("rank_id")); $this->data['memberRank'] = $rank->get_info_filtered("name"); $this->data['memberInfo'] = $this->memberObj->get_info_filtered(); } }
* License: http://www.bluethrust.com/license.php * */ if (!isset($member) || substr($_SERVER['PHP_SELF'], -11) != "console.php") { exit; } else { $memberInfo = $member->get_info(); $consoleObj->select($_GET['cID']); if (!$member->hasAccess($consoleObj)) { exit; } } $cID = $_GET['cID']; $memberObj = new Member($mysqli); $rankObj = new Rank($mysqli); $rankObj->select($memberInfo['rank_id']); $rankInfo = $rankObj->get_info(); if ($memberInfo['promotepower'] != 0) { $rankInfo['promotepower'] = $memberInfo['promotepower']; } elseif ($memberInfo['promotepower'] == -1) { $rankInfo['promotepower'] = 0; } if ($memberInfo['rank_id'] == 1) { $highestOrderNum = $rankObj->getHighestOrderNum(); $rankObj->selectByOrder($highestOrderNum); $powerRankInfo = $rankObj->get_info(); } else { $rankObj->select($rankInfo['promotepower']); $powerRankInfo = $rankObj->get_info(); } if ($_POST['submit']) {
$countErrors = 0; $rankObj = new Rank($mysqli); // Determine affected members and disallow posting to the page if no member is in the list $arrCIDs[] = $consoleObj->findConsoleIDByName("Promote Member"); $arrCIDs[] = $consoleObj->findConsoleIDByName("Demote Member"); $arrCIDs[] = $consoleObj->findConsoleIDByName("Disable a Member"); $arrCIDs[] = $consoleObj->findConsoleIDByName("Undisable Member"); $arrCIDs[] = $consoleObj->findConsoleIDByName("Set Member's Rank"); $arrCIDs[] = $consoleObj->findConsoleIDByName("Award Medal"); $arrCIDs[] = $consoleObj->findConsoleIDByName("Revoke Medal"); $sqlCID = "('" . implode("','", $arrCIDs) . "')"; $memberoptions = ""; $result = $mysqli->query("SELECT " . $dbprefix . "members.member_id, " . $dbprefix . "members.username, " . $dbprefix . "ranks.name FROM " . $dbprefix . "console_members, " . $dbprefix . "members, " . $dbprefix . "ranks WHERE " . $dbprefix . "console_members.member_id = " . $dbprefix . "members.member_id AND " . $dbprefix . "members.rank_id = " . $dbprefix . "ranks.rank_id AND " . $dbprefix . "console_members.console_id IN " . $sqlCID . " AND " . $dbprefix . "console_members.allowdeny = '1' AND " . $dbprefix . "members.disabled = '0' ORDER BY " . $dbprefix . "ranks.ordernum DESC"); while ($row = $result->fetch_assoc()) { $member->select($row['member_id']); $rankObj->select($row['rank_id']); $rankObj->select($member->get_info("rank_id")); $rankInfo = $rankObj->get_info(); $dispDefaultPower = "Can't Promote"; if ($rankInfo['promotepower'] != 0 && $rankObj->select($rankInfo['promotepower'])) { $dispDefaultPower = $rankObj->get_info_filtered("name"); } $memberoptions .= "<option value='" . $row['member_id'] . "' data-maxrank='" . $member->get_info("promotepower") . "' data-defaultpower=\"" . $dispDefaultPower . "\">" . $row['name'] . " " . $row['username'] . "</option>"; } if ($memberoptions == "") { $_POST['submit'] = false; } if ($_POST['submit']) { // Check Member if (!$member->select($_POST['member'])) { $countErrors++;
} $cID = $_GET['cID']; $dispError = ""; $countErrors = 0; if ($memberInfo['rank_id'] == 1) { $maxOrderNum = $mysqli->query("SELECT MAX(ordernum) FROM " . $dbprefix . "ranks WHERE rank_id != '1'"); $arrMaxOrderNum = $maxOrderNum->fetch_array(MYSQLI_NUM); if ($maxOrderNum->num_rows > 0) { $result = $mysqli->query("SELECT rank_id FROM " . $dbprefix . "ranks WHERE ordernum = '" . $arrMaxOrderNum[0] . "'"); $row = $result->fetch_assoc(); $rankInfo['promotepower'] = $row['rank_id']; } } $rankObj = new Rank($mysqli); if ($_POST['submit']) { $rankObj->select($rankInfo['promotepower']); $maxRankInfo = $rankObj->get_info_filtered(); if ($rankInfo['rank_id'] == 1) { $maxRankInfo['ordernum'] += 1; } $arrRanks = array(); $result = $mysqli->query("SELECT * FROM " . $dbprefix . "ranks WHERE ordernum <= '" . $maxRankInfo['ordernum'] . "' AND rank_id != '1' ORDER BY ordernum DESC"); while ($row = $result->fetch_assoc()) { $arrRanks[] = $row['rank_id']; if ($maxRankInfo['ordernum'] > $row['ordernum']) { $arrMemRanks[] = $row['rank_id']; } } // Check Member if (!$member->select($_POST['member']) || $_POST['member'] == $memberInfo['member_id']) { $countErrors++;
$rankInfo['promotepower'] = 0; } $cID = $_GET['cID']; $dispError = ""; $countErrors = 0; if ($memberInfo['rank_id'] == 1) { $maxOrderNum = $mysqli->query("SELECT MAX(ordernum) FROM " . $dbprefix . "ranks WHERE rank_id != '1'"); $arrMaxOrderNum = $maxOrderNum->fetch_array(MYSQLI_NUM); if ($maxOrderNum->num_rows > 0) { $result = $mysqli->query("SELECT rank_id FROM " . $dbprefix . "ranks WHERE ordernum = '" . $arrMaxOrderNum[0] . "'"); $row = $result->fetch_assoc(); $rankInfo['promotepower'] = $row['rank_id']; } } $rankObj = new Rank($mysqli); $rankObj->select($rankInfo['promotepower']); $maxRankInfo = $rankObj->get_info_filtered(); $arrRanks = array(); $result = $mysqli->query("SELECT * FROM " . $dbprefix . "ranks WHERE ordernum <= '" . $maxRankInfo['ordernum'] . "' AND rank_id != '1' ORDER BY ordernum DESC"); while ($row = $result->fetch_assoc()) { $arrRanks[] = $row['rank_id']; } if ($_POST['submit']) { // Check Member if (!$member->select($_POST['member'])) { $countErrors++; $dispError .= " <b>·</b> You selected an invalid member.<br>"; } elseif ($member->select($_POST['member']) && !in_array($member->get_info("rank_id"), $arrRanks)) { $countErrors++; $dispError .= " <b>·</b> You may not change that member's password.<br>"; }
} $actualPageNameLoc = strrpos($PAGE_NAME, " - "); $actualPageName = substr($PAGE_NAME, 0, $actualPageNameLoc); if ($PAGE_NAME == "") { $actualPageName = "Home Page"; } $lastSeenLink = "<a href='" . $dispHTTP . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] . "'>" . $actualPageName . "</a>"; $arrUpdateColLastSeen = array("lastseen", "lastseenlink"); $arrUpdateValLastSeen = array(time(), $lastSeenLink); if (time() - $memberInfo['lastlogin'] > 3600) { $arrUpdateColLastSeen[] = "lastlogin"; $arrUpdateValLastSeen[] = time(); } $memberObj->update($arrUpdateColLastSeen, $arrUpdateValLastSeen); $rankObj = new Rank($mysqli); $rankObj->select($memberInfo['rank_id']); $rankInfo = $rankObj->get_info(); $memberRank = $rankInfo['name']; $consoleOptionObj = new ConsoleOption($mysqli); // Members Only Tagger $dispMembersOnlyTagger = ""; if (isset($_SESSION['btMembersOnlyTagger']) && $_SESSION['btMembersOnlyTagger'] == 1 && substr($_SERVER['PHP_SELF'], -11) != "console.php") { $pageTaggerURL = $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; $taggerCID = $consoleOptionObj->findConsoleIDByName("Member's Only Pages"); if ($taggerObj->select($pageTaggerURL, false)) { $pageTagStatus = "<span class='pendingFont'>Member's Only</span>"; $dispTagOrUntag = "Untag"; } else { $pageTagStatus = "<span class='publicNewsColor'>Public</span>"; $dispTagOrUntag = "Tag"; }
* 2 - Read Only */ if (isset($_POST['action']) && $accessMemberObj->select($_POST['mID'])) { if ($_POST['action'] == "add" && ($_POST['accessRule'] == "1" || $_POST['accessRule'] == "0" || $_POST['accessRule'] == "2")) { $_SESSION['btMemberAccessCache'][$_POST['mID']] = $_POST['accessRule']; } elseif ($_POST['action'] == "delete") { $_SESSION['btMemberAccessCache'][$_POST['mID']] = ""; } } // Display Cache List echo "\n\t\n\t\t<table align='left' border='0' cellspacing='2' cellpadding='2' width=\"90%\">\n\t\t\t<tr>\n\t\t\t\t<td class='formTitle' width=\"60%\">Member:</td>\n\t\t\t\t<td class='formTitle' width=\"20%\">Access:</td>\n\t\t\t\t<td class='formTitle' width=\"20%\">Actions:</td>\n\t\t\t</tr>\n\t\t\t\n\t\t\t"; $countRules = 0; foreach ($_SESSION['btMemberAccessCache'] as $memID => $accessRule) { if ($accessRule != "" && $accessMemberObj->select($memID)) { $tempMemInfo = $accessMemberObj->get_info_filtered(); $rankObj->select($tempMemInfo['rank_id']); $dispRankName = $rankObj->get_info_filtered("name"); $dispAccess = "<span class='denyText'>Deny</span>"; if ($accessRule == 1) { $dispAccess = "<span class='pendingFont'>Full</span>"; } elseif ($accessRule == 2) { $dispAccess = "<span class='allowText'>Read-Only</span>"; } echo "\n\t\t\t\t<tr>\n\t\t\t\t\t<td class='main'><a href='" . $MAIN_ROOT . "profile.php?mID=" . $tempMemInfo['username'] . "'>" . $dispRankName . " " . $tempMemInfo['username'] . "</a></td>\n\t\t\t\t\t<td class='main' align='center'>" . $dispAccess . "</td>\n\t\t\t\t\t<td class='main' align='center'><a href='javascript:void(0)' onclick=\"deleteAccessRule('" . $memID . "')\"><img src='" . $MAIN_ROOT . "themes/" . $THEME . "/images/buttons/delete.png' title='Delete'></a></td>\n\t\t\t\t</tr>\t\t\t\n\t\t\t"; $countRules++; } } if ($countRules == 0) { echo "\n\t\t\t<tr>\n\t\t\t\t<td class='main' colspan='3'>\n\t\t\t\t\t<p align='center' style='padding-top: 10px'><i>No special member access rules set!</i></p>\n\t\t\t\t</td>\n\t\t\t</tr>\t\t\n\t\t"; } echo "\n\t\t\t\n\t\t</table>\n\t\n\t\n\t";
$member->select($_SESSION['btUsername']); $cID = $consoleObj->findConsoleIDByName("Private Messages"); $consoleObj->select($cID); if ($member->authorizeLogin($_SESSION['btPassword']) && $member->hasAccess($consoleObj)) { $memberInfo = $member->get_info_filtered(); $searchTerm = $mysqli->real_escape_string($_GET['term']); $pmSessionID = $_GET['pmsessionid']; $filterMembers = "('')"; $checkFilterList = implode("", $_SESSION['btComposeList'][$pmSessionID]['member']); if (is_numeric($checkFilterList)) { $filterMembers = "('" . implode("','", $_SESSION['btComposeList'][$pmSessionID]['member']) . "')"; } $rankObj = new Rank($mysqli); $result = $mysqli->query("SELECT " . $dbprefix . "members.*, " . $dbprefix . "ranks.name FROM " . $dbprefix . "members, " . $dbprefix . "ranks WHERE " . $dbprefix . "members.disabled = '0' AND " . $dbprefix . "members.rank_id = " . $dbprefix . "ranks.rank_id AND " . $dbprefix . "members.username LIKE '" . $searchTerm . "%' AND " . $dbprefix . "members.member_id NOT IN " . $filterMembers . " ORDER BY " . $dbprefix . "members.username"); while ($row = $result->fetch_assoc()) { $rankObj->select($row['rank_id']); $displayName = $rankObj->get_info_filtered("name") . " " . filterText($row['username']); $arrComposeList[] = array("id" => "member_" . $row['member_id'], "value" => $displayName); } $arrQuery['rankcategory']['query'] = "SELECT * FROM " . $dbprefix . "rankcategory WHERE name LIKE '" . $searchTerm . "%' AND rankcategory_id NOT IN "; $arrQuery['rankcategory']['orderby'] = " ORDER BY ordernum DESC"; $arrQuery['rankcategory']['id'] = "rankcategory_id"; $arrQuery['rankcategory']['append'] = " - Category"; $arrQuery['rank']['query'] = "SELECT * FROM " . $dbprefix . "ranks WHERE name LIKE '" . $searchTerm . "%' AND rank_id != '1' AND rank_id NOT IN "; $arrQuery['rank']['orderby'] = " ORDER BY ordernum DESC"; $arrQuery['rank']['id'] = "rank_id"; $arrQuery['rank']['append'] = " - Rank"; $arrQuery['squad']['query'] = "SELECT " . $dbprefix . "squads.* FROM " . $dbprefix . "squads, " . $dbprefix . "squads_members WHERE " . $dbprefix . "squads.squad_id = " . $dbprefix . "squads_members.squad_id AND " . $dbprefix . "squads_members.member_id = '" . $memberInfo['member_id'] . "' AND " . $dbprefix . "squads.name LIKE '" . $searchTerm . "%' AND " . $dbprefix . "squads.squad_id NOT IN "; $arrQuery['squad']['orderby'] = " ORDER BY " . $dbprefix . "squads.name DESC"; $arrQuery['squad']['id'] = "squad_id"; $arrQuery['squad']['append'] = " Members";
$arrLogValues = array($row['member_id'], $time, "Disabled due to inactivity."); $logObj->addNew($arrLogColumns, $arrLogValues); } } // Disable members who fail to be promoted for auto-disable ranks $arrRanks = array(); $result = $mysqli->query("SELECT rank_id FROM " . $dbprefix . "ranks WHERE autodisable != '0'"); while ($row = $result->fetch_assoc()) { $arrRanks[] = $row['rank_id']; } $sqlRanks = "('" . implode("','", $arrRanks) . "')"; $result = $mysqli->query("SELECT * FROM " . $dbprefix . "members WHERE rank_id IN " . $sqlRanks . " AND onia = '0'"); while ($row = $result->fetch_assoc()) { $member->select($row['member_id']); $memberListInfo = $member->get_info(); $rankObj->select($row['rank_id']); $memRankListInfo = $rankObj->get_info(); if (floor(time() / 86400) - floor($memberListInfo['datejoined'] / 86400) >= $memRankListInfo['autodisable']) { $member->update(array("disabled", "disableddate"), array(1, $time)); $member->logAction("Disabled for failure to be promoted before " . $memRankListInfo['autodisable'] . " days."); } } $rankCatObj = new RankCategory($mysqli); $gameObj = new Game($mysqli); $breadcrumbObj->setTitle("Members"); $breadcrumbObj->addCrumb("Home", $MAIN_ROOT); $breadcrumbObj->addCrumb("Members"); include $prevFolder . "include/breadcrumb.php"; ?> <div id='tiltPhoneImg' style='display: none'><img src='<?php echo $MAIN_ROOT;
if ($counter == 0) { $addCSS = " alternateBGColor"; $counter = 1; } else { $counter = 0; } $arrSpecialMenuItems['newmembers'] .= "<div class='dottedLine " . $addCSS . "' style='padding: 5px 5px'>"; $menuMemberObj->select($row['member_id']); $newestMemberInfo = $menuMemberObj->get_info_filtered(); $checkURL = parse_url($newestMemberInfo['profilepic']); if ((!isset($checkURL['scheme']) || $checkURL['scheme'] == "") && $newestMemberInfo['profilepic'] != "") { $newestMemberInfo['profilepic'] = $MAIN_ROOT . $newestMemberInfo['profilepic']; } elseif ($newestMemberInfo['profilepic'] == "") { $newestMemberInfo['profilepic'] = $MAIN_ROOT . "themes/orangegrunge/images/defaultprofile.png"; } $menuMemberRankObj->select($newestMemberInfo['rank_id']); $arrSpecialMenuItems['newmembers'] .= "<div style='float: left; width: 43px'><img src='" . $newestMemberInfo['profilepic'] . "' style='width: 40px; height: 53px; border: solid black 1px'></div>"; $arrSpecialMenuItems['newmembers'] .= "<div style='float: left; padding-left: 8px; width: 80px'><div style='font-size: 12px; overflow: hidden; text-overflow: ellipsis; width: 80px'>" . $menuMemberObj->getMemberLink() . "</div><div class='main' style='width: 89px; overflow: hidden; text-overflow: ellipsis'>" . $menuMemberRankObj->get_info_filtered("name") . "</div></div>"; $arrSpecialMenuItems['newmembers'] .= "<div style='clear: both'></div>"; $arrSpecialMenuItems['newmembers'] .= "</div>"; } $arrSpecialMenuItems['newmembers'] .= "<div style='clear: both'></div></div>"; // LATEST FORUM ACTIVITY $forumActivityObj = new ForumBoard($mysqli); $arrSpecialMenuItems['forumactivity'] = "<div style='margin-left: 3px; margin-right: 3px; margin-top: 5px; margin-bottom: 20px'>"; $counter = 0; $postCount = 0; $result = $mysqli->query("SELECT * FROM " . $dbprefix . "forum_post ORDER BY dateposted DESC"); while ($row = $result->fetch_assoc()) { $blnShowPost = false; $forumActivityObj->objTopic->select($row['forumtopic_id']);
$postInfo = $this->get_info_filtered(); $topicInfo = $this->getTopicInfo(); $topicObj->select($postInfo['forumtopic_id']); $topicInfo['forumboard_id'] = $topicObj->get_info("forumboard_id"); $posterMemberObj->select($postInfo['member_id']); $postMemberInfo = $posterMemberObj->get_info_filtered(); $postMessage = $this->arrObjInfo['message']; $postMessage = str_replace("<?", "<?", $postMessage); $postMessage = str_replace("?>", "?>", $postMessage); $postMessage = str_replace("<script", "<script", $postMessage); $postMessage = str_replace("</script>", "</script>", $postMessage); $dispPostedOn = ""; if (time() - $postInfo['dateposted'] > 60 * 60 * 24) { $dispPostedOn = " on"; } $posterRankObj->select($postMemberInfo['rank_id']); $posterRankInfo = $posterRankObj->get_info_filtered(); $dispLastEdit = ""; if ($postInfo['lastedit_date'] != 0) { $posterMemberObj->select($postInfo['lastedit_member_id']); $dispLastEdit = "<br><br><span class='tinyFont' style='font-style: italic'>Last edited by " . $posterMemberObj->getMemberLink() . " - " . getPreciseTime($postInfo['lastedit_date']) . "</span>"; $posterMemberObj->select($postInfo['member_id']); } $dispRankWidth = $websiteInfo['forum_rankwidth'] <= 0 ? "" : "width: " . $websiteInfo['forum_rankwidth'] . $websiteInfo['forum_rankwidthunit'] . ";"; $dispRankHeight = $websiteInfo['forum_rankheight'] <= 0 ? "" : "height: " . $websiteInfo['forum_rankheight'] . $websiteInfo['forum_rankheightunit'] . ";"; $dispRankDimensions = $dispRankWidth != "" || $dispRankHeight != "" ? " style='" . $dispRankWidth . $dispRankHeight . "'" : ""; $dispRankIMG = $websiteInfo['forum_showrank'] == 1 && $posterRankInfo['rank_id'] != 1 ? "<div id='forumShowRank' style='text-align: center'><img src='" . $posterRankInfo['imageurl'] . "'" . $dispRankDimensions . "></div>" : ""; $dispMedals = ""; if ($websiteInfo['forum_showmedal'] == 1) { $medalObj = new Medal($mysqli); $medalCount = $websiteInfo['forum_medalcount'] == 0 ? 5 : $websiteInfo['forum_medalcount'];