function main($action)
{
global $template, $lang, $config, $pafiledb_config, $db, $user, $pafiledb_functions, $pafiledb_user;
$file_id = request_var('file_id', 0);
if (empty($file_id)) {
message_die(GENERAL_MESSAGE, $lang['File_not_exist']);
}
$rating = request_post_var('rating', 0);
$sql = 'SELECT file_name, file_catid
FROM ' . PA_FILES_TABLE . "\n\t\t\tWHERE file_id = {$file_id}";
$result = $db->sql_query($sql);
if (!($file_data = $db->sql_fetchrow($result))) {
message_die(GENERAL_MESSAGE, $lang['File_not_exist']);
}
$db->sql_freeresult($result);
if (!$this->auth[$file_data['file_catid']]['auth_rate']) {
if (!$user->data['session_logged_in']) {
redirect(append_sid(CMS_PAGE_LOGIN . '?redirect=dload.' . PHP_EXT . '&action=rate&file_id=' . $file_id, true));
}
$message = sprintf($lang['Sorry_auth_rate'], $this->auth[$file_data['file_catid']]['auth_rate_type']);
message_die(GENERAL_MESSAGE, $message);
}
$this->generate_category_nav($file_data['file_catid']);
$template->assign_vars(array('L_INDEX' => sprintf($lang['Forum_Index'], $config['sitename']), 'L_RATE' => $lang['Rate'], 'L_HOME' => $lang['Home'], 'CURRENT_TIME' => sprintf($lang['Current_time'], create_date($config['default_dateformat'], time(), $config['board_timezone'])), 'U_INDEX_HOME' => append_sid(CMS_PAGE_HOME), 'U_DOWNLOAD_HOME' => append_sid('dload.' . PHP_EXT), 'U_FILE_NAME' => append_sid('dload.' . PHP_EXT . '?action=file&file_id=' . $file_id), 'FILE_NAME' => $file_data['file_name'], 'DOWNLOAD' => $pafiledb_config['settings_dbname']));
if (isset($_POST['submit'])) {
$result_msg = str_replace("{filename}", $file_data['file_name'], $lang['Rconf']);
$result_msg = str_replace("{rate}", $rating, $result_msg);
if ($rating <= 0 or $rating > 10) {
message_die(GENERAL_ERROR, 'Bad submited value');
}
$pafiledb_user->update_voter_info($file_id, $rating);
$rate_info = $pafiledb_functions->get_rating($file_id);
$result_msg = str_replace("{newrating}", $rate_info, $result_msg);
$message = $result_msg . '<br /><br />' . sprintf($lang['Click_return'], '<a href="' . append_sid('dload.' . PHP_EXT . '?action=file&file_id=' . $file_id) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid('index.' . PHP_EXT) . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
} else {
$rate_info = str_replace("{filename}", $file_data['file_name'], $lang['Rateinfo']);
$template->assign_vars(array('S_RATE_ACTION' => append_sid('dload.' . PHP_EXT . '?action=rate&file_id=' . $file_id), 'L_RATE' => $lang['Rate'], 'L_RERROR' => $lang['Rerror'], 'L_R1' => $lang['R1'], 'L_R2' => $lang['R2'], 'L_R3' => $lang['R3'], 'L_R4' => $lang['R4'], 'L_R5' => $lang['R5'], 'L_R6' => $lang['R6'], 'L_R7' => $lang['R7'], 'L_R8' => $lang['R8'], 'L_R9' => $lang['R9'], 'L_R10' => $lang['R10'], 'RATEINFO' => $rate_info, 'ID' => $file_id));
}
$this->display($lang['Download'], 'pa_rate_body.tpl');
}
function check_code()
{
global $db, $cache, $config, $user, $lang;
$return_array = array('error' => false, 'error_msg' => '');
$confirm_id = request_post_var('confirm_id', '');
$confirm_code = request_post_var('confirm_code', '');
if (empty($confirm_id)) {
$return_array['error'] = true;
$return_array['error_msg'] = $lang['CONFIRM_CODE_WRONG'];
} else {
if (!preg_match('/^[A-Za-z0-9]+$/', $confirm_id)) {
$confirm_id = '';
}
$sql = "SELECT code\n\t\t\t\tFROM " . CONFIRM_TABLE . "\n\t\t\t\tWHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'\n\t\t\t\t\tAND session_id = '" . $db->sql_escape($user->data['session_id']) . "'";
$result = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result)) {
if ($row['code'] != $confirm_code) {
$return_array['error'] = true;
$return_array['error_msg'] = $lang['CONFIRM_CODE_WRONG'];
} else {
// Maybe better reset the whole session_id and not only the confirmation code...
/*
$sql = "DELETE FROM " . CONFIRM_TABLE . "
WHERE confirm_id = '" . $db->sql_escape($confirm_id) . "'
AND session_id = '" . $db->sql_escape($user->data['session_id']) . "'";
*/
$sql = "DELETE FROM " . CONFIRM_TABLE . " WHERE session_id = '" . $db->sql_escape($user->data['session_id']) . "'";
$result = $db->sql_query($sql);
}
} else {
$return_array['error'] = true;
$return_array['error_msg'] = $lang['CONFIRM_CODE_WRONG'];
}
$db->sql_freeresult($result);
}
if ($return_array['error']) {
$this->check_attempts(false);
}
return $return_array;
}
$news_date_posting = gmmktime(gmdate('H'), gmdate('i'), gmdate('s'), $date_month, $date_day, $date_split[2]);
$sql = "SELECT MAX(news_id) AS max_id\n\t\t\t\tFROM " . XS_NEWS_TABLE;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$max_id = $row['max_id'];
$next_id = $max_id + 1;
$sql = "INSERT INTO " . XS_NEWS_TABLE . " (news_id, news_date, news_text, news_display, news_smilies" . ")\n\t\t\t\tVALUES ('" . $next_id . "', '" . $news_date_posting . "', '" . $db->sql_escape($news_item) . "', '" . intval($_POST['news_display']) . "', '" . intval($_POST['news_smilies']) . "')";
$result = $db->sql_query($sql);
$db->clear_cache('xs_');
$message = $lang['n_news_item_added'] . '<br /><br />' . sprintf($lang['n_click_return_newslist'], '<a href="' . append_sid('admin_xs_news.' . PHP_EXT) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . PHP_EXT . '?pane=right') . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
break;
case 'modnews':
// Modify a news item in the DB
$news_item = xsm_prepare_message($news_text);
$news_date = request_post_var('news_date', '');
$news_date = empty($news_date) ? create_date($date_format_ae, time(), $config['board_timezone']) : $news_date;
$date_split = explode('/', $news_date);
$date_month = $config['xs_news_dateformat'] == 1 ? $date_split[0] : $date_split[1];
$date_day = $config['xs_news_dateformat'] == 1 ? $date_split[1] : $date_split[0];
$date_error = $config['xs_news_dateformat'] == 1 ? 'mm/dd' : 'dd/mm';
if (!checkdate($date_month, $date_day, $date_split[2])) {
$message = str_replace('dd/mm', $date_error, $lang['xs_news_invalid_date']) . '<br /><br />' . sprintf($lang['n_click_return_newslist'], '<a href="' . append_sid('admin_xs_news.' . PHP_EXT) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . PHP_EXT . '?pane=right') . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
$news_date_posting = gmmktime(gmdate('H'), gmdate('i'), gmdate('s'), $date_month, $date_day, $date_split[2]);
$sql = "UPDATE " . XS_NEWS_TABLE . "\n\t\t\t\tSET news_date = " . $news_date_posting . ", news_text = '" . $db->sql_escape($news_item) . "', news_display = " . intval($_POST['news_display']) . ", news_smilies = " . intval($_POST['news_smilies']) . "\n\t\t\t\tWHERE news_id = " . intval($_POST['id']);
$result = $db->sql_query($sql);
$db->clear_cache('xs_');
$message = $lang['n_news_updated'] . '<br /><br />' . sprintf($lang['n_click_return_newslist'], '<a href="' . append_sid('admin_xs_news.' . PHP_EXT) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . PHP_EXT . '?pane=right') . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
// Update the Cash Table
$sql[] = "UPDATE " . CASH_TABLE . "\n\t\t\t\t\t\tSET cash_name = '" . $db->sql_escape($newname) . "', cash_default = '" . $newdefault . "', cash_decimals = '" . $newdecimal . "'\n\t\t\t\t\t\tWHERE cash_id = " . $c_cur->id();
for ($i = 0; $i < sizeof($sql); $i++) {
$db->sql_query($sql[$i]);
}
// Log the action
// [admin/mod id][admin/mod name][copied currency name][copied over currency name]
$action = array($user->data['user_id'], $user->data['username'], $c_cur->name(true), $newname);
cash_create_log(CASH_LOG_ADMIN_RENAME_CURRENCY, $action);
$db->clear_cache('cash_');
}
break;
case 'deletecurrency':
// Delete Currency
$cid = request_post_var('cid', 0);
if (!empty($cid) && !isset($_POST['cancel']) && $cash->currency_exists($cid)) {
$c_cur = $cash->currency($cid);
if (!isset($_POST['confirm'])) {
$s_hidden_fields = '<input type="hidden" name="set" value="deletecurrency" />';
$s_hidden_fields .= '<input type="hidden" name="cid" value="' . $c_cur->id() . '" />';
$l_confirm = sprintf($lang['Cash_confirm_delete'], $c_cur->name(true));
$template->set_filenames(array('confirm_body' => ADM_TPL . 'confirm_body.tpl'));
$template->assign_vars(array('MESSAGE_TITLE' => $lang['Information'], 'MESSAGE_TEXT' => $l_confirm, 'L_YES' => $lang['Yes'], 'L_NO' => $lang['No'], 'S_CONFIRM_ACTION' => append_sid('cash_currencies.' . PHP_EXT), 'S_HIDDEN_FIELDS' => $s_hidden_fields));
$template->pparse('confirm_body');
include 'page_footer_admin.' . PHP_EXT;
} else {
// Delete the field
$sql = array();
$sql[] = "ALTER TABLE " . USERS_TABLE . " DROP " . $c_cur->db();
for ($i = 0; $i < sizeof($sql); $i++) {
function check_authorization($die = true)
{
global $db, $cache, $lang, $dbuser, $dbpasswd, $option;
$auth_method = request_post_var('auth_method', '');
$board_user = request_post_var('board_user', '', true);
$board_user = htmlspecialchars_decode($board_user, ENT_COMPAT);
$board_password = request_post_var('board_password', '', true);
$board_password = htmlspecialchars_decode($board_password, ENT_COMPAT);
$db_user = request_post_var('db_user', '', true);
$db_user = htmlspecialchars_decode($db_user, ENT_COMPAT);
$db_password = request_post_var('db_password', '', true);
$db_password = htmlspecialchars_decode($db_password, ENT_COMPAT);
// Change authentication mode if selected option does not allow database authentication
if ($option == 'rld' || $option == 'rtd') {
$auth_method = 'board';
}
switch ($auth_method) {
case 'board':
include_once IP_ROOT_PATH . 'includes/auth_db.' . PHP_EXT;
$login_result = login_db($board_user, $board_password, false, true);
$allow_access = false;
if ($login_result['status'] === LOGIN_SUCCESS && $login_result['user_row']['user_level'] == ADMIN) {
$allow_access = true;
}
break;
case 'db':
if ($db_user == $dbuser && $db_password == $dbpasswd) {
$allow_access = true;
} else {
$allow_access = false;
}
break;
default:
$allow_access = false;
}
if (!$allow_access && $die) {
?>
<p><span style="color: red;"><?php
echo $lang['Auth_failed'];
?>
</span></p>
</body>
</html>
<?php
exit;
}
return $allow_access;
}
$mode = request_var('mode', '');
$mode = check_var_value($mode, array('pack', 'key'), '');
$level = request_var('level', 'normal');
$level = check_var_value($level, array('normal', 'admin'));
// pack file
$pack_file = request_post_var('pack_file', '');
$pack_file = empty($pack_file) ? request_get_var('pack', '') : $pack_file;
$pack_file = urldecode($pack_file);
if (!isset($packs[$pack_file])) {
$pack_file = '';
$mode = '';
}
// keys
$key_main = request_post_var('key_main', '');
$key_main = empty($key_main) ? request_get_var('key', '') : $key_main;
$key_sub = request_post_var('key_sub', '');
$key_sub = empty($key_sub) ? request_get_var('sub', '') : $key_sub;
if (empty($key_main)) {
$key_sub = '';
}
if (!isset($entries['admin'][$key_main][$key_sub])) {
$key_main = '';
$key_sub = '';
}
// buttons
$submit = isset($_POST['submit']);
$delete = isset($_POST['delete']);
$cancel = isset($_POST['cancel']);
$add = isset($_POST['add']);
if ($add || $delete) {
$mode = 'key';
// Check and initialize some variables if needed
if (isset($_POST['submit'])) {
include_once IP_ROOT_PATH . 'includes/bbcode.' . PHP_EXT;
include_once IP_ROOT_PATH . 'includes/functions_validate.' . PHP_EXT;
include_once IP_ROOT_PATH . 'includes/functions_post.' . PHP_EXT;
$username = request_post_var('username', '', true);
$username = htmlspecialchars_decode($username, ENT_COMPAT);
$new_password = request_post_var('new_password', '', true);
$new_password = htmlspecialchars_decode($new_password, ENT_COMPAT);
$password_confirm = request_post_var('password_confirm', '', true);
$password_confirm = htmlspecialchars_decode($password_confirm, ENT_COMPAT);
$email = request_post_var('email', '', true);
$user_style = request_post_var('style', $config['default_style']);
$user_lang = request_post_var('language', $config['default_lang']);
$user_timezone = request_post_var('timezone', $config['board_timezone']);
$user_dateformat = request_post_var('dateformat', $config['default_dateformat']);
}
if (!empty($username) && $username == $user->data['username']) {
message_die(GENERAL_MESSAGE, $lang['Username_taken'], '', __LINE__, __FILE__);
}
// Did the user submit? In this case build a query to update the users profile in the DB
if (isset($_POST['submit'])) {
$passwd_sql = '';
if (empty($username) || empty($new_password) || empty($password_confirm) || empty($email)) {
$error = true;
$error_msg .= (isset($error_msg) ? '<br />' : '') . $lang['Fields_empty'];
} elseif (empty($new_password) && !empty($password_confirm) || !empty($new_password) && empty($password_confirm) || $new_password != $password_confirm) {
$error = true;
$error_msg .= (isset($error_msg) ? '<br />' : '') . $lang['Password_mismatch'];
}
// Do a ban check on this email address
*/
define('IN_ICYPHOENIX', true);
if (!empty($setmodules)) {
$filename = basename(__FILE__);
$module['1200_Forums']['240_Replace_title'] = $filename;
return;
}
if (!defined('IP_ROOT_PATH')) {
define('IP_ROOT_PATH', './../');
}
if (!defined('PHP_EXT')) {
define('PHP_EXT', substr(strrchr(__FILE__, '.'), 1));
}
require 'pagestart.' . PHP_EXT;
$str_old = request_post_var('str_old', '', true);
$str_new = request_post_var('str_new', '', true);
if ($_POST['submit'] && !empty($str_old) && $str_old != $str_new) {
$template->assign_block_vars("switch_forum_sent", array());
$sql = "SELECT f.forum_id, f.forum_name, t.topic_id, t.topic_title, p.post_id, p.post_time, p.post_text, u.user_id, u.username\n\t\tFROM " . FORUMS_TABLE . " f, " . TOPICS_TABLE . " t, " . POSTS_TABLE . " p, " . USERS_TABLE . " u\n\t\tWHERE post_text LIKE '%" . $db->sql_escape($str_old) . "%'\n\t\tAND p.topic_id = t.topic_id\n\t\tAND p.forum_id = f.forum_id\n\t\tAND p.poster_id = u.user_id\n\t\tORDER BY p.post_id DESC;";
$result = $db->sql_query($sql);
if ($db->sql_numrows($result) >= 1) {
for ($i = 1; $row = $db->sql_fetchrow($result); $i++) {
$template->assign_block_vars('switch_forum_sent.replaced', array('ROW_CLASS' => !($i % 2) ? $theme['td_class1'] : $theme['td_class2'], 'NUMBER' => $i, 'FORUM_NAME' => $row['forum_name'], 'TOPIC_TITLE' => $row['topic_title'], 'AUTHOR' => $row['username'], 'POST' => create_date($config['default_dateformat'], $row['post_time'], $config['board_timezone']), 'U_FORUM' => append_sid('../' . CMS_PAGE_VIEWFORUM . '?' . POST_FORUM_URL . '=' . $row['forum_id']), 'U_TOPIC' => append_sid('../' . CMS_PAGE_VIEWTOPIC . '?' . POST_TOPIC_URL . '=' . $row['topic_id']), 'U_AUTHOR' => append_sid('../' . CMS_PAGE_PROFILE . '?mode=viewprofile&' . POST_USERS_URL . '=' . $row['user_id']), 'U_POST' => append_sid('../' . CMS_PAGE_VIEWTOPIC . '?' . POST_POST_URL . '=' . $row['post_id']) . '#p' . $row['post_id']));
$sql = "UPDATE " . POSTS_TABLE . "\n\t\t\t\tSET post_text = '" . $db->sql_escape(str_replace($str_old, $str_new, $row['post_text'])) . "'\n\t\t\t\tWHERE post_id = " . $row['post_id'];
$result = $db->sql_query($sql);
}
} else {
$template->assign_block_vars('switch_forum_sent.switch_no_results', array());
}
}
$template->set_filenames(array('body' => ADM_TPL . 'replace_body.tpl'));
}
// Load default Header
if (!defined('IP_ROOT_PATH')) {
define('IP_ROOT_PATH', './../');
}
if (!defined('PHP_EXT')) {
define('PHP_EXT', substr(strrchr(__FILE__, '.'), 1));
}
require 'pagestart.' . PHP_EXT;
include_once IP_ROOT_PATH . 'includes/functions_selects.' . PHP_EXT;
// Pull all config data
$tmp_config = array();
$tmp_config = get_config(false);
foreach ($tmp_config as $k => $v) {
$default_config[$k] = $v;
$tmp_value = request_post_var($k, '', true);
$new[$k] = isset($_POST[$k]) ? $tmp_value : $default_config[$k];
$new[$k] = fix_config_values($k, $new[$k]);
if (isset($_POST['submit']) && isset($_POST[$k])) {
set_config($k, $new[$k], false);
}
}
if (isset($_POST['submit'])) {
$cache->destroy('config');
$message = $lang['Config_updated'] . '<br /><br />' . sprintf($lang['Click_return_config'], '<a href="' . append_sid('admin_board.' . PHP_EXT) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . PHP_EXT . '?pane=right') . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
$switch_header_table_yes = $new['switch_header_table'] ? 'checked="checked"' : '';
$switch_header_table_no = !$new['switch_header_table'] ? 'checked="checked"' : '';
// Ajax Shoutbox - BEGIN
$shoutguest_yes = $new['shout_allow_guest'] == 1 ? 'checked="checked"' : '';
$upi2db_on_2 = $new['upi2db_on'] == 2 ? 'checked="checked"' : '';
$no_group_upi2db_on_yes = $new['upi2db_no_group_upi2db_on'] ? 'checked="checked"' : '';
$no_group_upi2db_on_no = !$new['upi2db_no_group_upi2db_on'] ? 'checked="checked"' : '';
$edit_as_new_yes = $new['upi2db_edit_as_new'] ? 'checked="checked"' : '';
$edit_as_new_no = !$new['upi2db_edit_as_new'] ? 'checked="checked"' : '';
$last_edit_as_new_yes = $new['upi2db_last_edit_as_new'] ? 'checked="checked"' : '';
$last_edit_as_new_no = !$new['upi2db_last_edit_as_new'] ? 'checked="checked"' : '';
$edit_topic_first_yes = $new['upi2db_edit_topic_first'] ? 'checked="checked"' : '';
$edit_topic_first_no = !$new['upi2db_edit_topic_first'] ? 'checked="checked"' : '';
$template->set_filenames(array('body' => ADM_TPL . 'upi2db_config_body.tpl'));
$sql = "SELECT *\n\tFROM " . GROUPS_TABLE . "\n\tWHERE group_single_user <> " . TRUE;
$result = $db->sql_query($sql);
if (isset($_POST['submit'])) {
$group_upi2db_on = request_post_var('group_upi2db_on', array(0));
$group_min_posts = request_post_var('group_min_posts', array(0));
$group_min_regdays = request_post_var('group_min_regdays', array(0));
while ($row = $db->sql_fetchrow($result)) {
$sql = "UPDATE " . GROUPS_TABLE . "\n\t\t\tSET upi2db_on = " . $group_upi2db_on[$row['group_id']] . " ,\n\t\t\tupi2db_min_posts = " . $group_min_posts[$row['group_id']] . ",\n\t\t\tupi2db_min_regdays = " . $group_min_regdays[$row['group_id']] . "\n\t\t\tWHERE group_id = " . $row['group_id'];
$db->sql_query($sql);
}
}
while ($row = $db->sql_fetchrow($result)) {
$group_upi2db_on_yes = $row['upi2db_on'] ? 'checked="checked"' : '';
$group_upi2db_on_no = !$row['upi2db_on'] ? 'checked="checked"' : '';
$upi2db_min_posts = empty($row['upi2db_min_posts']) ? 0 : $row['upi2db_min_posts'];
$upi2db_min_regdays = empty($row['upi2db_min_regdays']) ? 0 : $row['upi2db_min_regdays'];
$template->assign_block_vars('group_loop', array('GROUP_ID' => $row['group_id'], 'GROUP_NAME' => $row['group_name'], 'GROUP_MIN_POSTS' => $upi2db_min_posts, 'GROUP_MIN_REGDAYS' => $upi2db_min_regdays, 'GROUP_UPI2DB_ON_YES' => $group_upi2db_on_yes, 'GROUP_UPI2DB_ON_NO' => $group_upi2db_on_no));
}
if (isset($_POST['submit'])) {
$message = $lang['Config_updated'] . '<br /><br />' . sprintf($lang['Click_return_config'], '<a href="' . append_sid('admin_upi2db.' . PHP_EXT) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . PHP_EXT . '?pane=right') . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
function update_block_config($blockfile)
{
global $db;
$block_vars_default = array();
$block_count_variables = 0;
if (!empty($blockfile)) {
$block_vars_default = $this->get_block_vars_default($blockfile);
$block_count_variables = sizeof($block_vars_default);
$block_vars_default_names = array();
for ($i = 0; $i < $block_count_variables; $i++) {
$block_vars_default_names[$block_vars_default[$i]['config_name']] = $i;
}
}
if (!empty($block_vars_default)) {
// Let's empty the previously created config vars...
$sql = "SELECT * FROM " . $this->tables['block_config_table'] . " WHERE bid = '" . $this->bs_id . "'";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$delete_var = in_array($row['config_name'], $block_vars_default_names) ? false : true;
if (!empty($delete_var)) {
$this->delete_block_config_single($row['config_name']);
}
}
$db->sql_freeresult($result);
for ($i = 0; $i < $block_count_variables; $i++) {
$config_value_tmp = request_post_var($block_vars_default[$i]['config_name'], '', true);
$config_value_tmp = htmlspecialchars_decode($config_value_tmp, ENT_COMPAT);
if (check_http_var_exists($block_vars_default[$i]['config_name'], true)) {
$block_vars_default[$i]['config_value'] = $config_value_tmp;
}
$block_var_exists = $this->block_var_exists($block_vars_default[$i]['config_name']);
if (empty($block_var_exists)) {
$sql = "INSERT INTO " . $this->tables['block_variable_table'] . " (bid, label, sub_label, config_name, field_options, field_values, type, block)\n\t\t\t\t\t\tVALUES ('" . $this->bs_id . "', '" . $db->sql_escape($block_vars_default[$i]['label']) . "', '" . $db->sql_escape($block_vars_default[$i]['sub_label']) . "', '" . $db->sql_escape($block_vars_default[$i]['config_name']) . "', '" . $db->sql_escape($block_vars_default[$i]['field_options']) . "', '" . $block_vars_default[$i]['field_values'] . "', '" . $block_vars_default[$i]['type'] . "', '" . $db->sql_escape($block_vars_default[$i]['block']) . "')";
$result = $db->sql_query($sql);
$sql = "INSERT INTO " . $this->tables['block_config_table'] . " (bid, config_name, config_value)\n\t\t\t\t\t\tVALUES ('" . $this->bs_id . "', '" . $db->sql_escape($block_vars_default[$i]['config_name']) . "', '" . $db->sql_escape($block_vars_default[$i]['config_value']) . "')";
$result = $db->sql_query($sql);
} else {
$sql = "UPDATE " . $this->tables['block_config_table'] . " SET config_value = '" . $db->sql_escape($block_vars_default[$i]['config_value']) . "'\n\t\t\t\t\t\t\t\t\tWHERE config_name = '" . $db->sql_escape($block_vars_default[$i]['config_name']) . "'\n\t\t\t\t\t\t\t\t\t\tAND bid = " . $this->bs_id;
$result = $db->sql_query($sql);
}
}
} else {
$this->delete_block_config_all();
}
return true;
}
// encoding match for workaround
$multibyte_charset = 'utf-8, big5, shift_jis, euc-kr, gb2312';
// Begin core code
if (($search_mode == 'bookmarks') && !$user->data['session_logged_in'])
{
redirect(append_sid(CMS_PAGE_LOGIN . '?redirect=' . CMS_PAGE_SEARCH . '?search_id=bookmarks&search_mode=bookmarks', true));
}
if (($search_mode == 'bookmarks') && ($mode == 'removebm'))
{
// Delete Bookmarks
$delete = (isset($_POST['delete'])) ? true : false;
if ($delete && isset($_POST['topic_id_list']))
{
$topics = request_post_var('topic_id_list', array(0));
$topic_list = implode(',', $topics);
if ($user->data['session_logged_in'])
{
remove_bookmark($topic_list);
redirect(append_sid(CMS_PAGE_SEARCH . '?search_id=bookmarks&search_mode=bookmarks' . (!empty($start) ? ('&start=' . $start) : ''), true));
}
}
// Reset settings
$mode = '';
}
if ($mode == 'searchuser')
{
// This handles the simple windowed user search functions called from various other scripts
$search_username = request_var('search_username', '', true);
if (!defined('PHP_EXT')) define('PHP_EXT', substr(strrchr(__FILE__, '.'), 1));
include(IP_ROOT_PATH . 'common.' . PHP_EXT);
// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup();
// End session management
setup_extra_lang(array('lang_rate'));
include_once(IP_ROOT_PATH . 'includes/functions_rate.' . PHP_EXT);
$rate_mode = request_var('rate_mode', '');
$forum_top = request_var('forum_top', '');
$topic_id = request_var('topic_id', 0);
$rating = request_post_var('rating', 0);
// Page Titles if Specific!
$meta_content['description'] = '';
$meta_content['keywords'] = '';
switch($rate_mode)
{
case 'rate':
$meta_content['page_title'] = $lang['Rating'];
case 'rerate':
$redirect_url = append_sid(CMS_PAGE_VIEWTOPIC . '?' . POST_TOPIC_URL . '=' . $topic_id);
meta_refresh(3, $redirect_url);
break;
case 'detailed':
if ($topic_id == '')
}
if (!defined('PHP_EXT')) {
define('PHP_EXT', substr(strrchr(__FILE__, '.'), 1));
}
require 'pagestart.' . PHP_EXT;
define('IN_PA_CONFIG_ADMIN', 1);
include IP_ROOT_PATH . 'includes/pafiledb_common.' . PHP_EXT;
$submit = isset($_POST['submit']) ? true : false;
$size = request_var('max_size', '');
$sql = 'SELECT * FROM ' . PA_CONFIG_TABLE;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
$config_name = $row['config_name'];
$config_value = $row['config_value'];
$default_config[$config_name] = $config_value;
$new[$config_name] = isset($_POST[$config_name]) ? request_post_var($config_name, '') : $default_config[$config_name];
if (empty($size) && !$submit && $config_name == 'max_file_size') {
$size = intval($default_config[$config_name]) >= 1048576 ? 'mb' : (intval($default_config[$config_name]) >= 1024 ? 'kb' : 'b');
}
if (!$submit && $config_name == 'max_file_size') {
if ($new[$config_name] >= 1048576) {
$new[$config_name] = round($new[$config_name] / 1048576 * 100) / 100;
} else {
if ($new[$config_name] >= 1024) {
$new[$config_name] = round($new[$config_name] / 1024 * 100) / 100;
}
}
}
if ($submit) {
if ($config_name == 'max_file_size') {
$new[$config_name] = $size == 'kb' ? round($new[$config_name] * 1024) : ($size == 'mb' ? round($new[$config_name] * 1048576) : $new[$config_name]);
*
* @Extra credits for this file
* ycl6 (damian at phpbb dot cc)
*
*/
if (!defined('IN_ICYPHOENIX')) {
die('Hacking attempt');
exit;
}
if (intval($config['require_activation']) == USER_ACTIVATION_ADMIN) {
message_die(GENERAL_ERROR, 'Invalid_activation');
}
if (isset($_POST['submit'])) {
$username = phpbb_clean_username(request_post_var('username', '', true));
$username = htmlspecialchars_decode($username, ENT_COMPAT);
$email = request_post_var('email', '');
$sql = "SELECT user_id, user_email, user_active, user_actkey, user_lang, user_last_login_attempt\n\t\tFROM " . USERS_TABLE . "\n\t\tWHERE username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'";
$result = $db->sql_query($sql);
if (!($row = $db->sql_fetchrow($result))) {
// No such name
message_die(GENERAL_ERROR, 'User_not_exist');
}
if ($row['user_email'] != $email) {
// Wrong Email provided
message_die(GENERAL_ERROR, 'No_email_match');
}
if (!empty($row['user_active'])) {
// Already activated
message_die(GENERAL_ERROR, 'Already_activated');
}
if (empty($row['user_actkey'])) {
$sql = "SELECT *\n\t\t\t\t\tFROM " . WORDS_TABLE . "\n\t\t\t\t\tWHERE word_id = {$word_id}";
$result = $db->sql_query($sql);
$word_info = $db->sql_fetchrow($result);
$s_hidden_fields .= '<input type="hidden" name="id" value="' . $word_id . '" />';
} else {
message_die(GENERAL_MESSAGE, $lang['No_word_selected']);
}
}
$template->assign_vars(array('WORD' => htmlspecialchars($word_info['word']), 'REPLACEMENT' => htmlspecialchars($word_info['replacement']), 'L_WORDS_TITLE' => $lang['Words_title'], 'L_WORDS_TEXT' => $lang['Words_explain'], 'L_WORD_CENSOR' => $lang['Edit_word_censor'], 'L_WORD' => $lang['Word'], 'L_REPLACEMENT' => $lang['Replacement'], 'L_SUBMIT' => $lang['Submit'], 'S_WORDS_ACTION' => append_sid('admin_words.' . PHP_EXT), 'S_HIDDEN_FIELDS' => $s_hidden_fields));
$template->pparse('body');
include IP_ROOT_PATH . ADM . '/page_footer_admin.' . PHP_EXT;
} elseif ($mode == 'save') {
$word_id = request_post_var('id', 0);
$word = request_post_var('word', '', true);
$word = htmlspecialchars_decode($word, ENT_COMPAT);
$replacement = request_post_var('replacement', '', true);
$replacement = htmlspecialchars_decode($replacement, ENT_COMPAT);
if (empty($word) || empty($replacement)) {
message_die(GENERAL_MESSAGE, $lang['Must_enter_word']);
}
if (!empty($word_id)) {
$sql = "UPDATE " . WORDS_TABLE . "\n\t\t\t\tSET word = '" . $db->sql_escape($word) . "', replacement = '" . $db->sql_escape($replacement) . "'\n\t\t\t\tWHERE word_id = {$word_id}";
$message = $lang['Word_updated'];
} else {
$sql = "INSERT INTO " . WORDS_TABLE . " (word, replacement)\n\t\t\t\tVALUES ('" . $db->sql_escape($word) . "', '" . $db->sql_escape($replacement) . "')";
$message = $lang['Word_added'];
}
$result = $db->sql_query($sql);
$cache->destroy('_word_censors');
$message .= '<br /><br />' . sprintf($lang['Click_return_wordadmin'], '<a href="' . append_sid('admin_words.' . PHP_EXT) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . PHP_EXT . '?pane=right') . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
$title_info = $db->sql_fetchrow($result);
$s_hidden_fields .= '<input type="hidden" name="id" value="' . $title_id . '" />';
}
$s_hidden_fields .= '<input type="hidden" name="mode" value="save" />';
$template->set_filenames(array('body' => ADM_TPL . 'title_edit_body.tpl'));
$template->assign_vars(array('TITLE_INFO' => str_replace("\"", "'", $title_info['title_info']), 'TITLE_HTML' => htmlspecialchars(str_replace("\"", "'", $title_info['title_html'])), 'ADMIN_CHECKED' => $title_info['admin_auth'] == 1 ? ' checked="checked"' : '', 'MOD_CHECKED' => $title_info['mod_auth'] == 1 ? ' checked="checked"' : '', 'POSTER_CHECKED' => $title_info['poster_auth'] == 1 ? ' checked="checked"' : '', 'ADMIN_TITLE' => $lang['Title_infos'], 'ADMIN_TITLE_EXPLAIN' => $lang['Quick_title_explain'], 'S_TITLE_ACTION' => append_sid('admin_quick_title.' . PHP_EXT), 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'ADMIN' => $lang['Administrator'], 'MODERATOR' => $lang['Moderator'], 'POSTER' => $lang['Topic_poster'], 'L_SUBMIT' => $lang['Submit'], 'L_RESET' => $lang['Reset'], 'L_TITLE_TITLE' => $lang['Add_new_title_info'], 'L_PERM_INFO' => $lang['Title_perm_info'], 'L_TITLE_INFO' => $lang['Title_info'], 'L_TITLE_HTML' => $lang['Title_html'], 'L_TITLE_HTML_EXPLAIN' => $lang['Title_html_explain'], 'L_PERM_EXPLAIN' => $lang['Title_perm_info_explain'], 'L_DATE_FORMAT' => $lang['Date_format'], 'L_DATE_FORMAT_EXPLAIN' => $lang['Date_format_explain'], 'DATE_FORMAT' => $title_info['date_format']));
} elseif ($mode == 'save') {
// Ok, they sent us our info, let's update it.
$title_id = request_post_var('id', 0);
$admin = !empty($_POST['admin_auth']) ? 1 : 0;
$mod = !empty($_POST['mod_auth']) ? 1 : 0;
$poster = !empty($_POST['poster_auth']) ? 1 : 0;
$name = request_post_var('title_info', '', true);
$html = request_post_var('title_html', '', true);
$html = htmlspecialchars_decode($html, ENT_COMPAT);
$date = request_post_var('date_format', '');
if (empty($name)) {
message_die(GENERAL_MESSAGE, $lang['Must_select_title']);
}
$input_table = TITLE_INFOS_TABLE;
$input_array = array('title_info' => trim($name), 'title_html' => trim($html), 'date_format' => $date, 'admin_auth' => $admin, 'mod_auth' => $mod, 'poster_auth' => $poster);
$where_sql = ' WHERE id = ' . $title_id;
if (!empty($title_id)) {
$sql = "UPDATE " . $input_table . " SET " . $db->sql_build_insert_update($input_array, false) . $where_sql;
$message = $lang['Title_updated'];
} else {
$sql = "INSERT INTO " . $input_table . " " . $db->sql_build_insert_update($input_array, true);
$message = $lang['Title_added'];
}
$result = $db->sql_query($sql);
$db->clear_cache('', TOPICS_CACHE_FOLDER);
$search_savepath = request_var('search_savepath', '', true);
$filename = IP_ROOT_PATH . $search_savepath . '/urllist.txt';
if (!($file_handle = fopen($filename, 'w'))) {
message_die(GENERAL_ERROR, sprintf($lang['Yahoo_search_error_unopenable_file'], $filename));
}
if (fwrite($file_handle, $out) === FALSE) {
message_die(GENERAL_ERROR, sprintf($lang['Yahoo_search_error_unwritable_file'], $filename));
}
if (fclose($file_handle) === false) {
message_die(GENERAL_ERROR, sprintf($lang['Yahoo_search_error_unclosable_file'], $filename));
}
// Update settings
set_config('yahoo_search_savepath', request_post_var('search_savepath', '', true), false);
set_config('yahoo_search_additional_urls', request_post_var('additional_urls', '', true), false);
set_config('yahoo_search_compress', request_post_var('compress_file', '', true), false);
set_config('yahoo_search_compression_level', request_post_var('compression_level', '', true), false);
// It looks like everything worked okay....
if (file_exists($filename) && filesize($filename) > 1) {
message_die(GENERAL_MESSAGE, sprintf($lang['Yahoo_search_file_done'], $protocol . $server_name . $server_port . $script_path . $search_savepath . '/urllist.txt'));
} else {
message_die(GENERAL_ERROR, $lang['Yahoo_search_error_unknown_file_error']);
}
}
} else {
// Display the admin page
$sql = 'SELECT c.forum_id AS cat_id, c.forum_name AS cat_title, c.forum_order AS cat_order
FROM ' . FORUMS_TABLE . ' c
WHERE c.forum_type = ' . FORUM_CAT . '
ORDER BY c.forum_order';
$result = $db->sql_query($sql);
$category_rows = array();
}
} else {
$mi_menu_name_lang = '<option value="">-- ' . $lang['CMS_Menu_No_lang_key'] . ' --</option>';
if (!empty($lang['menu_item'])) {
foreach ($lang['menu_item'] as $lk => $mi_menu_name_lang_key) {
$mi_menu_name_lang .= '<option value="' . $lk . '"';
$mi_menu_name_lang .= '>' . $mi_menu_name_lang_key . '</option>';
}
}
}
$template->assign_vars(array('L_CMS_MENU_TITLE' => $lang['CMS_MENU_PAGE'], 'L_CMS_MENU_EXPLAIN' => $lang['CMS_MENU_PAGE_EXPLAIN'], 'L_EDIT_MENU_ITEM' => $lang['CMS_Menu_Item_Add_Edit'], 'L_YES' => $lang['Yes'], 'L_NO' => $lang['No'], 'L_ENABLED' => $lang['Enabled'], 'L_DISABLED' => $lang['Disabled'], 'L_SUBMIT' => $lang['Submit'], 'L_PREVIEW' => $lang['Preview'], 'S_MENU_ACTION' => append_sid('cms_menu.' . PHP_EXT . '?mode=menu_list&action=' . $action), 'S_HIDDEN_FIELDS' => $s_hidden_fields, 'L_MENU_NAME' => $lang['CMS_Menu_New_menu_name'], 'L_MENU_NAME_KEY' => $lang['CMS_Menu_New_link_name_key'], 'L_MENU_DESC' => $lang['CMS_Menu_New_menu_des'], 'MI_MENU_NAME' => $mi_menu_name, 'MI_MENU_NAME_LANG' => $mi_menu_name_lang, 'MI_MENU_DESC' => $mi_menu_desc));
} elseif ($action == 'save') {
$mi_menu_item_id = $mi_id;
$mi_menu_name = request_post_var('menu_name', '', true);
$mi_menu_name_lang = request_post_var('menu_name_lang', '', true);
$mi_menu_desc = request_post_var('menu_desc', '', true);
if ($mi_id) {
$sql = "UPDATE " . CMS_NAV_MENU_TABLE . "\n\t\t\t\tSET\n\t\t\t\tmenu_name = '" . $db->sql_escape($mi_menu_name) . "',\n\t\t\t\tmenu_name_lang = '" . $db->sql_escape($mi_menu_name_lang) . "',\n\t\t\t\tmenu_desc = '" . $db->sql_escape($mi_menu_desc) . "'\n\t\t\t\tWHERE menu_item_id = '" . $mi_id . "'";
$result = $db->sql_query($sql);
$message = $lang['Menu_updated'];
} else {
$sql = "SELECT max(menu_id) max_menu_id FROM " . CMS_NAV_MENU_TABLE;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$mi_menu_id = $row['max_menu_id'] + 1;
$sql = "INSERT INTO " . CMS_NAV_MENU_TABLE . " (menu_id, menu_name, menu_name_lang, menu_desc) VALUES ('" . $mi_menu_id . "', '" . $db->sql_escape($mi_menu_name) . "', '" . $db->sql_escape($mi_menu_name_lang) . "', '" . $db->sql_escape($mi_menu_desc) . "')";
$message = $lang['Menu_created'];
$result = $db->sql_query($sql);
}
$message .= '<br /><br />' . sprintf($lang['Click_Return_CMS_Menu'], '<a href="' . append_sid('cms_menu.' . PHP_EXT . '?mode=menu_list') . '">', '</a>') . '<br />';
message_die(GENERAL_MESSAGE, $message);
$xml_feed = xsm_prepare_message($xml_feed);
$sql = "SELECT MAX(xml_id) AS max_id\n\t\t\t\tFROM " . XS_NEWS_XML_TABLE;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$max_id = $row['max_id'];
$next_id = $max_id + 1;
$sql = "INSERT INTO " . XS_NEWS_XML_TABLE . " (xml_id, xml_title, xml_show, xml_feed, xml_is_feed, xml_width, xml_height, xml_font, xml_speed, xml_direction" . ")\n\t\t\t\tVALUES ('" . $next_id . "', '" . $db->sql_escape(request_post_var('xml_title', '', true)) . "', '" . intval($_POST['xml_show']) . "', '" . $db->sql_escape($xml_feed) . "', '" . intval($_POST['xml_is_feed']) . "', '" . $db->sql_escape(request_post_var('xml_width', '')) . "', '" . $db->sql_escape(request_post_var('xml_height', '')) . "', '" . $db->sql_escape(request_post_var('xml_font', '')) . "', '" . $db->sql_escape(request_post_var('xml_speed', '')) . "', '" . intval($_POST['xml_direction']) . "')";
$result = $db->sql_query($sql);
$db->clear_cache('xs_');
$message = $lang['n_xml_news_item_added'] . '<br /><br />' . sprintf($lang['n_xml_click_return_newslist'], '<a href="' . append_sid('admin_xs_news_xml.' . PHP_EXT) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . PHP_EXT . '?pane=right') . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
break;
case 'modxml':
// Modify a news ticker in the DB
$xml_feed = xsm_prepare_message($xml_feed);
$sql = "UPDATE " . XS_NEWS_XML_TABLE . "\n\t\t\t\tSET xml_title = '" . $db->sql_escape(request_post_var('xml_title', '', true)) . "', xml_show = " . intval($_POST['xml_show']) . ", xml_feed = '" . $db->sql_escape($xml_feed) . "', xml_is_feed = '" . intval($_POST['xml_is_feed']) . "', xml_width = '" . $db->sql_escape(request_post_var('xml_width', '')) . "', xml_height = '" . $db->sql_escape(request_post_var('xml_height', '')) . "', xml_font = '" . $db->sql_escape(request_post_var('xml_font', '')) . "', xml_speed = '" . $db->sql_escape(request_post_var('xml_speed', '')) . "', xml_direction = " . intval($_POST['xml_direction']) . "\n\t\t\t\tWHERE xml_id = " . intval($_POST['id']);
$result = $db->sql_query($sql);
$db->clear_cache('xs_');
$message = $lang['n_xml_news_updated'] . '<br /><br />' . sprintf($lang['n_xml_click_return_newslist'], '<a href="' . append_sid('admin_xs_news_xml.' . PHP_EXT) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . PHP_EXT . '?pane=right') . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
break;
case 'deletexml':
// Show form to delete a news item
$xml_id = request_var('id', 0);
$buttonvalue = $lang['Delete'];
$newmode = 'deletexml';
$xml_info = xsm_get_info('ticker', $xml_id);
$name = $news_info['n_news_item'];
if ($confirm) {
$sql = "DELETE FROM " . XS_NEWS_XML_TABLE . "\n\t\t\t\t\tWHERE xml_id = {$xml_id}";
$result = $db->sql_query($sql);
remove_all($str);
@rmdir($str);
} else {
@unlink($str);
}
}
}
closedir($res);
}
$template->assign_block_vars('nav_left', array('ITEM' => '» <a href="' . append_sid('xs_uninstall.' . PHP_EXT) . '">' . $lang['xs_uninstall_styles'] . '</a>'));
$lang['xs_uninstall_back'] = str_replace('{URL}', append_sid('xs_uninstall.' . PHP_EXT), $lang['xs_uninstall_back']);
$lang['xs_goto_default'] = str_replace('{URL}', append_sid('xs_styles.' . PHP_EXT), $lang['xs_goto_default']);
// uninstall style
$remove_id = request_var('remove', 0);
$remove_dir = request_get_var('dir', '');
$remove_tpl = request_post_var('remove', '');
$nocfg = request_get_var('nocfg', '');
if (!empty($remove_id) && !defined('DEMO_MODE')) {
if ($config['default_style'] == $remove_id) {
xs_error(str_replace('{URL}', append_sid('xs_styles.' . PHP_EXT), $lang['xs_uninstall_default']) . '<br /><br />' . $lang['xs_uninstall_back']);
}
$sql = "SELECT themes_id, template_name, style_name FROM " . THEMES_TABLE . " WHERE themes_id='{$remove_id}'";
$db->sql_return_on_error(true);
$result = $db->sql_query($sql);
$db->sql_return_on_error(false);
if (!$result) {
xs_error($lang['xs_no_style_info'] . '<br /><br />' . $lang['xs_uninstall_back'], __LINE__, __FILE__);
}
$row = $db->sql_fetchrow($result);
if (empty($row['themes_id'])) {
xs_error($lang['xs_no_style_info'] . '<br /><br />' . $lang['xs_uninstall_back'], __LINE__, __FILE__);
include './admin_cash.' . PHP_EXT;
}
$new = array();
$new_cash = array();
$num_currencies = 0;
$good_order = true;
$reset_navbar = "";
// Pull all config data
$sql = "SELECT * FROM " . CONFIG_TABLE;
$result = $db->sql_query($sql);
$allowed_array = array('cash_disable' => true, 'cash_adminbig' => true, 'cash_adminnavbar' => true, 'cash_display_after_posts' => true, 'cash_post_message' => true, 'cash_disable_spam_num' => true, 'cash_disable_spam_time' => true, 'cash_disable_spam_message' => true);
while ($row = $db->sql_fetchrow($result)) {
$config_name = $row['config_name'];
$config_value = $row['config_value'];
$default_config[$config_name] = $config_value;
$tmp_value = request_post_var($config_name, '', true);
$new[$config_name] = isset($_POST[$config_name]) ? $tmp_value : $default_config[$config_name];
if ($allowed_array[$config_name] && isset($_POST['submit']) && isset($_POST['set']) && $_POST['set'] == 'general' && isset($_POST[$config_name])) {
if ($config_name == 'cash_adminbig' && $new[$config_name] != stripslashes($_POST[$config_name])) {
$reset_navbar = "\n<script language=\"JavaScript\" type=\"text/javascript\">\n<!--\nparent.nav.location.reload();\n//-->\n</script>";
}
set_config($config_name, $new[$config_name]);
}
}
if (isset($_POST['submit'])) {
$message = $lang['Cash_config_updated'] . $reset_navbar . '<br /><br />' . sprintf($lang['Click_return_cash_config'], '<a href="' . append_sid('cash_config.' . PHP_EXT) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . PHP_EXT . '?pane=right') . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
$admin_big = $new['cash_adminbig'] ? 'checked="checked"' : '';
$admin_small = !$new['cash_adminbig'] ? 'checked="checked"' : '';
$adminnavbar_yes = $new['cash_adminnavbar'] ? 'checked="checked"' : '';
while(list($option_id, $option_text) = @each($poll_options))
{
if(isset($_POST['del_poll_option'][$option_id]))
{
unset($poll_options[$option_id]);
}
elseif (!empty($option_text))
{
$poll_options[$option_id] = $option_text;
}
}
}
if (!empty($poll_add) && !empty($_POST['add_poll_option_text']))
{
$poll_options[] = request_post_var('add_poll_option_text', '', true);
}
// Event Registration - BEGIN
$reg_active = (isset($_POST['start_registration']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? 'checked="checked"' : '';
$reg_reset = (isset($_POST['reset_registration']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? 'checked="checked"' : '';
$reg_max_option1 = (!empty($_POST['reg_max_option1']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? max(0, $_POST['reg_max_option1']) : '';
$reg_max_option2 = (!empty($_POST['reg_max_option2']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? max(0, $_POST['reg_max_option2']) : '';
$reg_max_option3 = (!empty($_POST['reg_max_option3']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? max(0, $_POST['reg_max_option3']) : '';
$reg_length = (isset($_POST['reg_length']) && $is_auth['auth_vote'] && $user->data['session_logged_in']) ? max(0, $_POST['reg_length']) : '';
// Event Registration - END
if (($mode == 'newtopic') || ($mode == 'reply'))
{
$user_sig = (($user->data['user_sig'] != '') && $config['allow_sig']) ? $user->data['user_sig'] : '';
}
$this_user_im[$v['form']] = ${$v}['form'];
}
display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $email_confirm, $coppa, $username, $new_password, $cur_password, $password_confirm, $this_user_im, $website, $location, $user_flag, $user_first_name, $user_last_name, $occupation, $interests, $phone, $selfdes, $signature, $viewemail, $notifypm, $popup_pm, $notifyreply, $attachsig, $setbm, $allowhtml, $allowbbcode, $allowsmilies, $showavatars, $showsignatures, $allowswearywords, $allowmassemail, $allowpmin, $allowviewonline, $user_style, $user_lang, $user_timezone, $time_mode, $dst_time_lag, $user_dateformat, $profile_view_popup, $user->data['session_id'], $birthday, $gender, $upi2db_which_system, $upi2db_new_word, $upi2db_edit_word, $upi2db_unread_color);
} elseif (isset($_POST['avatargenerator']) && !$error) {
if (!defined('CTRACKER_DISABLE_OUTPUT')) {
define('CTRACKER_DISABLE_OUTPUT', true);
}
include IP_ROOT_PATH . 'includes/usercp_avatar.' . PHP_EXT;
$avatar_filename = request_post_var('avatar_filename', '');
$avatar_filename = !empty($avatar_filename) ? $avatar_filename : POSTED_IMAGES_THUMBS_PATH . uniqid(rand()) . '.gif';
//$avatar_filename = (!empty($avatar_filename) ? $avatar_filename : $config['avatar_path'] . '/' . uniqid(rand()) . '.gif');
if (file_exists(@phpbb_realpath('./' . $avatar_filename))) {
@unlink('./' . $avatar_filename);
}
$avatar_image = request_post_var('avatarimage', '');
$avatar_text = request_post_var('avatartext', '');
$avatar_image = !empty($avatar_image) ? $avatar_image : 'Random';
$avatar_text = !empty($avatar_text) ? $avatar_text : $username;
$template_to_parse = 'profile_avatar_generator.tpl';
// Replaced: $aim, $facebook, $flickr, $googleplus, $icq, $jabber, $linkedin, $msn, $skype, $twitter, $yim, $youtube,
$user_sn_im_array = get_user_sn_im_array();
foreach ($user_sn_im_array as $k => $v) {
$this_user_im[$v['form']] = ${$v}['form'];
}
display_avatar_generator($mode, $avatar_filename, $avatar_image, $avatar_text, $user_id, $email, $current_email, $email_confirm, $coppa, $username, $new_password, $cur_password, $password_confirm, $this_user_im, $website, $location, $user_flag, $user_first_name, $user_last_name, $occupation, $interests, $phone, $selfdes, $signature, $viewemail, $notifypm, $popup_pm, $notifyreply, $attachsig, $setbm, $allowhtml, $allowbbcode, $allowsmilies, $showavatars, $showsignatures, $allowswearywords, $allowmassemail, $allowpmin, $allowviewonline, $user_style, $user_lang, $user_timezone, $time_mode, $dst_time_lag, $user_dateformat, $profile_view_popup, $user->data['session_id'], $birthday, $gender, $upi2db_which_system, $upi2db_new_word, $upi2db_edit_word, $upi2db_unread_color);
} else {
if (!isset($coppa)) {
$coppa = false;
}
if (!isset($user_style)) {
$user_style = $config['default_style'];
}
}
}
// Check username
$username = $user->data['session_logged_in'] ? htmlspecialchars($user->data['username']) : request_post_var('username', '', true);
if (!$user->data['session_logged_in'] && !empty($username))
{
include(IP_ROOT_PATH . 'includes/functions_validate.' . PHP_EXT);
$result = validate_username($username);
if ($result['error'])
{
$error_msg .= (!empty($error_msg)) ? '<br />' . $result['error_msg'] : $result['error_msg'];
}
}
$message = request_post_var('message', '', true);
$message = htmlspecialchars_decode($message, ENT_COMPAT);
// insert shout !
if (!empty($message) && $is_auth['auth_post'] && !$error)
{
include_once(IP_ROOT_PATH . 'includes/functions_post.' . PHP_EXT);
$message = prepare_message(trim($message), $html_on, $bbcode_on, $smilies_on);
if ($config['img_shoutbox'] == true)
{
$message = preg_replace ("#\[url=(http://)([^ \"\n\r\t<]*)\]\[img\](http://)([^ \"\n\r\t<]*)\[/img\]\[/url\]#i", '[url=\\1\\2]\\4[/url]', $message);
$message = preg_replace ("#\[img\](http://)([^ \"\n\r\t<]*)\[/img\]#i", '[url=\\1\\2]\\2[/url]', $message);
$message = preg_replace ("#\[img align=left\](http://)([^ \"\n\r\t<]*)\[/img\]#i", '[url=\\1\\2]\\2[/url]', $message);
$message = preg_replace ("#\[img align=right\](http://)([^ \"\n\r\t<]*)\[/img\]#i", '[url=\\1\\2]\\2[/url]', $message);
}
$sql = "INSERT INTO " . SHOUTBOX_TABLE . " (shout_text, shout_session_time, shout_user_id, shout_ip, shout_username, enable_bbcode, enable_html, enable_smilies)
VALUES ('" . $db->sql_escape($message) . "', '" . time() . "', '" . $user->data['user_id'] . "', '$user_ip', '" . $db->sql_escape($username) . "', $bbcode_on, $html_on, $smilies_on)";
// Smilies Order END
// Smilies Order in Line ADD
// , smilies_order
// , $order_extreme
$sql = "INSERT INTO " . SMILIES_TABLE . " (code, smile_url, emoticon, smilies_order)\n\t\t\t\tVALUES ('" . $db->sql_escape($smile_code) . "', '" . $db->sql_escape($smile_url) . "', '" . $db->sql_escape($smile_emotion) . "', {$order_extreme})";
$result = $db->sql_query($sql);
$message = $lang['smiley_add_success'] . '<br /><br />' . sprintf($lang['Click_return_smileadmin'], '<a href="' . append_sid("admin_smilies." . PHP_EXT) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . PHP_EXT . '?pane=right') . '">', '</a>');
$cache->destroy('_smileys');
$db->clear_cache('smileys_');
message_die(GENERAL_MESSAGE, $message);
break;
}
} else {
// Smilies Order BEGIN
$option = request_get_var('option', '');
$insert_position = request_post_var('insert_position', '');
if ($option == 'select' && isset($_POST['insert_position'])) {
set_config('smilies_insert', $insert_position);
$cache->destroy('_smileys');
$db->clear_cache('smileys_');
}
if ($config['smilies_insert'] == TOP_LIST) {
$pos_top_checked = ' selected="selected"';
$pos_bot_checked = '';
} else {
$pos_top_checked = '';
$pos_bot_checked = ' selected="selected"';
}
$position_select = '<select name="insert_position"><option value="' . TOP_LIST . '"' . $pos_top_checked . '>' . $lang['before'] . '</option><option value="' . BOTTOM_LIST . '"' . $pos_bot_checked . '>' . $lang['after'] . '</option></select>';
$move = request_get_var('move', '');
$send = request_get_var('send', '');
function main($action)
{
global $db, $config, $template, $images, $user, $lang;
global $pafiledb_config, $debug;
$file_id = request_var('file_id', 0);
if (empty($file_id)) {
message_die(GENERAL_MESSAGE, $lang['File_not_exist']);
}
$sql = 'SELECT file_catid, file_name
FROM ' . PA_FILES_TABLE . "\n\t\t\tWHERE file_id = {$file_id}";
$result = $db->sql_query($sql);
if (!($file_data = $db->sql_fetchrow($result))) {
message_die(GENERAL_MESSAGE, $lang['File_not_exist']);
}
$db->sql_freeresult($result);
if (!$this->auth[$file_data['file_catid']]['auth_email']) {
if (!$user->data['session_logged_in']) {
redirect(append_sid(CMS_PAGE_LOGIN . '?redirect=dload.' . PHP_EXT . '&action=email&file_id=' . $file_id, true));
}
$message = sprintf($lang['Sorry_auth_email'], $this->auth[$file_data['file_catid']]['auth_email_type']);
message_die(GENERAL_MESSAGE, $message);
}
if (isset($_POST['submit'])) {
// session id check
$sid = request_post_var('sid', '');
if (empty($sid) || $sid != $user->data['session_id']) {
message_die(GENERAL_ERROR, 'INVALID_SESSION');
}
$error = false;
$femail = request_var('femail', '');
if (!empty($femail) && preg_match('/^[a-z0-9\\.\\-_\\+]+@[a-z0-9\\-_]+\\.([a-z0-9\\-_]+\\.)*?[a-z]+$/is', $femail)) {
$user_email = $femail;
} else {
$error = true;
$error_msg = !empty($error_msg) ? $error_msg . '<br />' . $lang['Email_invalid'] : $lang['Email_invalid'];
}
$username = request_var('fname', '', true);
$sender_name = request_var('sname', '', true);
//if (!$user->data['session_logged_in'] || ($user->data['session_logged_in'] && ($sender_name != $user->data['username'])))
if (!$user->data['session_logged_in']) {
// Mighty Gorgon: is this really needed?
/*
include(IP_ROOT_PATH . 'includes/functions_validate.' . PHP_EXT);
$result = validate_username($sender_name);
if ($result['error'])
{
$error = true;
$error_msg .= (!empty($error_msg)) ? '<br />' . $result['error_msg'] : $result['error_msg'];
}
*/
} else {
$sender_name = $user->data['username'];
}
if (!$user->data['session_logged_in']) {
$semail = request_var('semail', '');
if (!empty($semail) && preg_match('/^[a-z0-9\\.\\-_\\+]+@[a-z0-9\\-_]+\\.([a-z0-9\\-_]+\\.)*?[a-z]+$/is', $femail)) {
$sender_email = $semail;
} else {
$error = true;
$error_msg = !empty($error_msg) ? $error_msg . '<br />' . $lang['Email_invalid'] : $lang['Email_invalid'];
}
} else {
$sender_email = $user->data['user_email'];
}
$subject = request_var('subject', '', true);
$subject = htmlspecialchars_decode($subject, ENT_COMPAT);
if (empty($subject)) {
$error = true;
$error_msg = !empty($error_msg) ? $error_msg . '<br />' . $lang['Empty_subject_email'] : $lang['Empty_subject_email'];
}
$message = request_var('message', '', true);
// We need to check if HTML emails are enabled so we can correctly escape content and linebreaks
$message = !empty($config['html_email']) ? nl2br($message) : htmlspecialchars_decode($message, ENT_COMPAT);
if (empty($message)) {
$error = true;
$error_msg = !empty($error_msg) ? $error_msg . '<br />' . $lang['Empty_message_email'] : $lang['Empty_message_email'];
}
if (!$error) {
include IP_ROOT_PATH . 'includes/emailer.' . PHP_EXT;
$emailer = new emailer();
$emailer->headers('X-AntiAbuse: Board servername - ' . trim($config['server_name']));
$emailer->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
$emailer->headers('X-AntiAbuse: Username - ' . $user->data['username']);
$emailer->headers('X-AntiAbuse: User IP - ' . $user_ip);
$emailer->use_template('profile_send_email', $user_lang);
$emailer->to($user_email);
$emailer->from($sender_email);
$emailer->replyto($sender_email);
$emailer->set_subject($subject);
$emailer->assign_vars(array('SITENAME' => $config['sitename'], 'BOARD_EMAIL' => $config['board_email'], 'FROM_USERNAME' => $sender_name, 'TO_USERNAME' => $username, 'MESSAGE' => $message));
$emailer->send();
$emailer->reset();
$message = $lang['Econf'] . '<br /><br />' . sprintf($lang['Click_return'], '<a href="' . append_sid('dload.' . PHP_EXT . '?action=file&file_id=' . $file_id) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid(CMS_PAGE_HOME) . '">', '</a>');
message_die(GENERAL_MESSAGE, $message);
}
if ($error) {
message_die(GENERAL_MESSAGE, $error_msg);
}
}
$this->generate_category_nav($file_data['file_catid']);
$template->assign_vars(array('USER_LOGGED' => !$user->data['session_logged_in'] ? true : false, 'L_HOME' => $lang['Home'], 'CURRENT_TIME' => sprintf($lang['Current_time'], create_date($config['default_dateformat'], time(), $config['board_timezone'])), 'S_EMAIL_ACTION' => append_sid('dload.' . PHP_EXT), 'S_HIDDEN_FIELDS' => '<input type="hidden" name="sid" value="' . $user->data['session_id'] . '" />', 'L_INDEX' => sprintf($lang['Forum_Index'], $config['sitename']), 'L_EMAIL' => $lang['Semail'], 'L_EMAIL' => $lang['Emailfile'], 'L_EMAILINFO' => $lang['Emailinfo'], 'L_YNAME' => $lang['Yname'], 'L_YEMAIL' => $lang['Yemail'], 'L_FNAME' => $lang['Fname'], 'L_FEMAIL' => $lang['Femail'], 'L_ETEXT' => $lang['Etext'], 'L_DEFAULTMAIL' => $lang['Defaultmail'], 'L_SEMAIL' => $lang['Semail'], 'L_ESUB' => $lang['Esub'], 'L_EMPTY_SUBJECT_EMAIL' => $lang['Empty_subject_email'], 'L_EMPTY_MESSAGE_EMAIL' => $lang['Empty_message_email'], 'U_INDEX_HOME' => append_sid(CMS_PAGE_HOME), 'U_DOWNLOAD_HOME' => append_sid('dload.' . PHP_EXT), 'U_FILE_NAME' => append_sid('dload.' . PHP_EXT . '?action=file&file_id=' . $file_id), 'FILE_NAME' => $file_data['file_name'], 'SNAME' => $user->data['username'], 'SEMAIL' => $user->data['user_email'], 'DOWNLOAD' => $pafiledb_config['settings_dbname'], 'FILE_URL' => create_server_url() . 'dload.' . PHP_EXT . '?action=file&file_id=' . $file_id, 'ID' => $file_id));
$this->display($lang['Download'], 'pa_email_body.tpl');
}
*/
$mode = request_var('mode', '');
$submit = request_var('submit', '');
$module_id = request_var(POST_FORUM_URL, 0);
$msg = '';
$templated = true;
if (isset($_POST['update'])) {
$modules_upd = array();
$modules_upd = request_post_var('module_status', array(0));
$sql = "SELECT * FROM " . STATS_MODULES_TABLE . " ORDER BY module_id ASC";
$result = $db->sql_query($sql);
$m_rows = array();
$m_rows = $db->sql_fetchrowset($result);
$m_count = sizeof($m_rows);
for ($i = 0; $i < $m_count; $i++) {
$update_time = request_post_var('module_time_' . $m_rows[$i]['module_id'], 0);
$m_active = empty($modules_upd) ? 0 : (in_array($m_rows[$i]['module_id'], $modules_upd) ? 1 : 0);
$sql = "UPDATE " . STATS_MODULES_TABLE . "\n\t\t\t\t\t\tSET active = '" . $m_active . "', update_time = '" . $update_time . "'\n\t\t\t\t\t\tWHERE module_id = '" . $m_rows[$i]['module_id'] . "'";
$result = $db->sql_query($sql);
}
$mode = 'manage';
}
if ($mode == 'order') {
// Change order of modules in the DB
$move = request_var('move', 0);
$sql = "UPDATE " . STATS_MODULES_TABLE . "\n\tSET display_order = display_order + {$move}\n\tWHERE module_id = " . $module_id;
$result = $db->sql_query($sql);
renumbering_order();
$mode = 'manage';
}
if ($submit && $mode == 'config') {
$filename = basename(__FILE__);
$module['1000_Configuration']['145_Captcha_Config'] = $filename;
return;
}
// Load default Header
if (!defined('IP_ROOT_PATH')) {
define('IP_ROOT_PATH', './../');
}
if (!defined('PHP_EXT')) {
define('PHP_EXT', substr(strrchr(__FILE__, '.'), 1));
}
require 'pagestart.' . PHP_EXT;
$captcha_config_array = array('enable_confirm', 'use_captcha', 'captcha_width', 'captcha_height', 'captcha_background_color', 'captcha_jpeg', 'captcha_jpeg_quality', 'captcha_pre_letters', 'captcha_pre_letters_great', 'captcha_font', 'captcha_chess', 'captcha_ellipses', 'captcha_arcs', 'captcha_lines', 'captcha_image', 'captcha_gammacorrect', 'captcha_foreground_lattice_x', 'captcha_foreground_lattice_y', 'captcha_lattice_color');
for ($i = 0; $i < sizeof($captcha_config_array); $i++) {
$config_name = $captcha_config_array[$i];
$config_value = trim($config[$captcha_config_array[$i]]);
$new[$config_name] = request_post_var($config_name, $config_value, true);
if (isset($_POST['submit']) && isset($_POST[$config_name])) {
set_config($config_name, $new[$config_name], false);
}
}
if (isset($_POST['submit'])) {
$cache->destroy('config');
$message = $lang['captcha_config_updated'] . '<br />' . sprintf($lang['Click_return_captcha_config'], '<a href="' . append_sid('admin_captcha_config.' . PHP_EXT) . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid('index.' . PHP_EXT . '?pane=right') . '">', '</a>') . '<br /><br />';
message_die(GENERAL_MESSAGE, $message);
}
$template->set_filenames(array('body' => ADM_TPL . 'admin_captcha_config.tpl'));
$template->assign_vars(array('L_CAPTCHA_CONFIGURATION' => $lang['VC_Captcha_Config'], 'L_CAPTCHA_CONFIGURATION_EXPLAIN' => $lang['captcha_config_explain'], 'L_VC_ACTIVE' => $config['enable_confirm'] ? $lang['VC_active'] : $lang['VC_inactive'], 'L_BACKGROUND_CONFIG' => $lang['background_configs'], 'L_RANDOM' => $lang['Random'], 'L_DISABLED' => $lang['Disabled'], 'L_ENABLED' => $lang['Enabled'], 'L_YES' => $lang['Yes'], 'L_NO' => $lang['No'], 'L_SUBMIT' => $lang['Submit'], 'L_RESET' => $lang['Reset'], 'L_WIDTH' => $lang['CAPTCHA_width'], 'L_HEIGHT' => $lang['CAPTCHA_height'], 'L_BACKGROUND_COLOR' => $lang['background_color'], 'L_BACKGROUND_COLOR_EXPLAIN' => $lang['background_color_explain'], 'L_PRE_LETTERS' => $lang['pre_letters'], 'L_PRE_LETTERS_EXPLAIN' => $lang['pre_letters_explain'], 'L_GREAT_PRE_LETTERS' => $lang['great_pre_letters'], 'L_GREAT_PRE_LETTERS_EXPLAIN' => $lang['great_pre_letters_explain'], 'L_RND_FONT_PER_LETTER' => $lang['random_font_per_letter'], 'L_RND_FONT_PER_LETTER_EXPLAIN' => $lang['random_font_per_letter_explain'], 'L_ALLOW_CHESS' => $lang['back_chess'], 'L_ALLOW_CHESS_EXPLAIN' => $lang['back_chess_explain'], 'L_ALLOW_ELLIPSES' => $lang['back_ellipses'], 'L_ALLOW_ARCS' => $lang['back_arcs'], 'L_ALLOW_LINES' => $lang['back_lines'], 'L_ALLOW_IMAGE' => $lang['back_image'], 'L_ALLOW_IMAGE_EXPLAIN' => $lang['back_image_explain'], 'L_FOREGROUND_LATTICE' => $lang['foreground_lattice'], 'L_FOREGROUND_LATTICE_EXPLAIN' => $lang['foreground_lattice_explain'], 'L_FOREGROUND_LATTICE_COLOR' => $lang['foreground_lattice_color'], 'L_FOREGROUND_LATTICE_COLOR_EXPLAIN' => $lang['foreground_lattice_color_explain'], 'L_GAMMACORRECT' => $lang['gammacorrect'], 'L_GAMMACORRECT_EXPAIN' => $lang['gammacorrect_axplain'], 'L_GENERATE_JPEG' => $lang['generate_jpeg'], 'L_GENERATE_JPEG_EXPAIN' => $lang['generate_jpeg_explain'], 'L_JPEG_QUALITY' => $lang['generate_jpeg_quality'], 'WIDTH' => $new['captcha_width'], 'HEIGHT' => $new['captcha_height'], 'BACKGROUND_COLOR' => $new['captcha_background_color'], 'PRE_LETTERS' => $new['captcha_pre_letters'], 'LATTICE_X_LINES' => $new['captcha_foreground_lattice_x'], 'LATTICE_Y_LINES' => $new['captcha_foreground_lattice_y'], 'LATTICE_COLOR' => $new['captcha_lattice_color'], 'GAMMACORRECT' => $new['captcha_gammacorrect'], 'JPEG_QUALITY' => $new['captcha_jpeg_quality'], 'CAPTCHA_IMG' => '<img src="' . append_sid(IP_ROOT_PATH . CMS_PAGE_PROFILE . '?mode=confirm&confirm_id=Admin') . '" alt="" />', 'L_ENABLE_CONFIRM' => $lang['Visual_confirm'], 'L_ENABLE_CONFIRM_EXPLAIN' => $lang['Visual_confirm_explain'], 'S_ENABLE_CONFIRM_YES' => $new['enable_confirm'] == 1 ? 'checked="checked"' : '', 'S_ENABLE_CONFIRM_NO' => $new['enable_confirm'] == 0 ? 'checked="checked"' : '', 'L_USE_CAPTCHA' => $lang['Use_Captcha'], 'L_USE_CAPTCHA_EXPLAIN' => $lang['Use_Captcha_Explain'], 'S_USE_CAPTCHA_YES' => $new['use_captcha'] == 1 ? 'checked="checked"' : '', 'S_USE_CAPTCHA_NO' => $new['use_captcha'] == 0 ? 'checked="checked"' : '', 'S_GREAT_PRE_LETTERS_YES' => $new['captcha_pre_letters_great'] == 1 ? 'checked="checked"' : '', 'S_GREAT_PRE_LETTERS_NO' => $new['captcha_pre_letters_great'] == 0 ? 'checked="checked"' : '', 'S_RND_FONT_PER_LETTER_YES' => $new['captcha_font'] == 1 ? 'checked="checked"' : '', 'S_RND_FONT_PER_LETTER_NO' => $new['captcha_font'] == 0 ? 'checked="checked"' : '', 'S_ALLOW_CHESS_YES' => $new['captcha_chess'] == 1 ? 'checked="checked"' : '', 'S_ALLOW_CHESS_NO' => $new['captcha_chess'] == 0 ? 'checked="checked"' : '', 'S_ALLOW_CHESS_RND' => $new['captcha_chess'] == 2 ? 'checked="checked"' : '', 'S_ALLOW_ELLIPSES_YES' => $new['captcha_ellipses'] == 1 ? 'checked="checked"' : '', 'S_ALLOW_ELLIPSES_NO' => $new['captcha_ellipses'] == 0 ? 'checked="checked"' : '', 'S_ALLOW_ELLIPSES_RND' => $new['captcha_ellipses'] == 2 ? 'checked="checked"' : '', 'S_ALLOW_ARCS_YES' => $new['captcha_arcs'] == 1 ? 'checked="checked"' : '', 'S_ALLOW_ARCS_NO' => $new['captcha_arcs'] == 0 ? 'checked="checked"' : '', 'S_ALLOW_ARCS_RND' => $new['captcha_arcs'] == 2 ? 'checked="checked"' : '', 'S_ALLOW_LINES_YES' => $new['captcha_lines'] == 1 ? 'checked="checked"' : '', 'S_ALLOW_LINES_NO' => $new['captcha_lines'] == 0 ? 'checked="checked"' : '', 'S_ALLOW_LINES_RND' => $new['captcha_lines'] == 2 ? 'checked="checked"' : '', 'S_ALLOW_IMAGE_YES' => $new['captcha_image'] == 1 ? 'checked="checked"' : '', 'S_ALLOW_IMAGE_NO' => $new['captcha_image'] == 0 ? 'checked="checked"' : '', 'S_JPEG_IMAGE_YES' => $new['captcha_jpeg'] == 1 ? 'checked="checked"' : '', 'S_JPEG_IMAGE_NO' => $new['captcha_jpeg'] == 0 ? 'checked="checked"' : '', 'S_HIDDEN_FIELDS' => '', 'S_CAPTCHA_CONFIG_ACTION' => append_sid('admin_captcha_config.' . PHP_EXT)));
$template->pparse('body');
echo '<div align="center"><span class="copyright">Advanced Visual Confirmation © 2006 <a href="http://www.amigalink.de" target="_blank">AmigaLink</a></span></div>';
include IP_ROOT_PATH . ADM . '/page_footer_admin.' . PHP_EXT;
}
if ($res) {
$db->clear_cache('styles_');
xs_message($lang['Information'], $lang['xs_install_installed'] . '<br /><br />' . $lang['xs_install_back'] . '<br /><br />' . $lang['xs_goto_default']);
}
xs_error($lang['xs_install_error'] . '<br /><br />' . $lang['xs_install_back']);
}
// install styles
$total = request_var('total', 0);
if (!empty($total) && !defined('DEMO_MODE')) {
$tpl = array();
$num = array();
for ($i = 0; $i < $total; $i++) {
if (!empty($_POST['install_' . $i])) {
$tpl[] = request_post_var('install_' . $i . '_style', '', true);
$num[] = request_post_var('install_' . $i . '_num', 0);
}
}
if (sizeof($tpl)) {
for ($i = 0; $i < sizeof($tpl); $i++) {
xs_install_style($tpl[$i], $num[$i]);
}
if (defined('REFRESH_NAVBAR')) {
$template->assign_block_vars('left_refresh', array('ACTION' => append_sid('index.' . PHP_EXT . '?pane=left')));
}
$db->clear_cache('styles_');
xs_message($lang['Information'], $lang['xs_install_installed'] . '<br /><br />' . $lang['xs_install_back'] . '<br /><br />' . $lang['xs_goto_default']);
}
}
// get all installed styles
$sql = 'SELECT themes_id, template_name, style_name FROM ' . THEMES_TABLE . ' ORDER BY template_name';
