| [ Index ] |
|
Code source de PHP NUKE 7.9 |
1 <?php 2 3 /************************************************************************/ 4 /* PHP-NUKE: Web Portal System */ 5 /* =========================== */ 6 /* */ 7 /* Copyright (c) 2005 by Francisco Burzi */ 8 /* http://phpnuke.org */ 9 /* */ 10 /* This program is free software. You can redistribute it and/or modify */ 11 /* it under the terms of the GNU General Public License as published by */ 12 /* the Free Software Foundation; either version 2 of the License. */ 13 /************************************************************************/ 14 15 if (!defined('ADMIN_FILE')) { 16 die ("Access Denied"); 17 } 18 19 global $prefix, $db, $admin_file; 20 $aid = substr("$aid", 0,25); 21 $row = $db->sql_fetchrow($db->sql_query("SELECT title, admins FROM ".$prefix."_modules WHERE title='Your_Account'")); 22 $row2 = $db->sql_fetchrow($db->sql_query("SELECT name, radminsuper FROM ".$prefix."_authors WHERE aid='$aid'")); 23 $admins = explode(",", $row['admins']); 24 $auth_user = 0; 25 for ($i=0; $i < sizeof($admins); $i++) { 26 if ($row2['name'] == "$admins[$i]" AND !empty($row['admins'])) { 27 $auth_user = 1; 28 } 29 } 30 31 if ($row2['radminsuper'] == 1 || $auth_user == 1) { 32 33 /*********************************************************/ 34 /* Users Functions */ 35 /*********************************************************/ 36 37 function displayUsers() { 38 global $admin, $admin_file; 39 include ("header.php"); 40 GraphicAdmin(); 41 OpenTable(); 42 echo "<center><font class=\"title\"><b>" . _USERADMIN . "</b></font></center>"; 43 CloseTable(); 44 echo "<br>"; 45 OpenTable(); 46 echo "<center><font class=\"option\"><b>" . _EDITUSER . "</b></font><br><br>" 47 ."<form method=\"post\" action=\"".$admin_file.".php\">" 48 ."<b>" . _NICKNAME . ": </b> <input type=\"text\" name=\"chng_uid\" size=\"20\">\n" 49 ."<select name=\"op\">" 50 ."<option value=\"modifyUser\">" . _MODIFY . "</option>\n" 51 ."<option value=\"delUser\">" . _DELETE . "</option></select>\n" 52 ."<input type=\"submit\" value=\"" . _OK . "\"></form></center>"; 53 CloseTable(); 54 echo "<br>"; 55 OpenTable(); 56 echo "<center><font class=\"option\"><b>" . _ADDUSER . "</b></font><br><br>" 57 ."<form action=\"".$admin_file.".php\" method=\"post\">" 58 ."<table border=\"0\" width=\"100%\">" 59 ."<tr><td width=\"100\">" . _NICKNAME . "</td>" 60 ."<td><input type=\"text\" name=\"add_uname\" size=\"30\" maxlength=\"25\"> <font class=\"tiny\">" . _REQUIRED . "</font></td></tr>" 61 ."<tr><td>" . _NAME . "</td>" 62 ."<td><input type=\"text\" name=\"add_name\" size=\"30\" maxlength=\"50\"></td></tr>" 63 ."<tr><td>" . _EMAIL . "</td>" 64 ."<td><input type=\"text\" name=\"add_email\" size=\"30\" maxlength=\"60\"> <font class=\"tiny\">" . _REQUIRED . "</font></td></tr>" 65 ."<tr><td>" . _FAKEEMAIL . "</td>" 66 ."<td><input type=\"text\" name=\"add_femail\" size=\"30\" maxlength=\"60\"></td></tr>" 67 ."<tr><td>" . _URL . "</td>" 68 ."<td><input type=\"text\" name=\"add_url\" size=\"30\" maxlength=\"60\"></td></tr>" 69 ."<tr><td>" . _ICQ . "</td>" 70 ."<td><input type=\"text\" name=\"add_user_icq\" size=\"20\" maxlength=\"20\"></td></tr>" 71 ."<tr><td>" . _AIM . "</td>" 72 ."<td><input type=\"text\" name=\"add_user_aim\" size=\"20\" maxlength=\"20\"></td></tr>" 73 ."<tr><td>" . _YIM . "</td>" 74 ."<td><input type=\"text\" name=\"add_user_yim\" size=\"20\" maxlength=\"20\"></td></tr>" 75 ."<tr><td>" . _MSNM . "</td>" 76 ."<td><input type=\"text\" name=\"add_user_msnm\" size=\"20\" maxlength=\"20\"></td></tr>" 77 ."<tr><td>" . _LOCATION . "</td>" 78 ."<td><input type=\"text\" name=\"add_user_from\" size=\"25\" maxlength=\"60\"></td></tr>" 79 ."<tr><td>" . _OCCUPATION . "</td>" 80 ."<td><input type=\"text\" name=\"add_user_occ\" size=\"25\" maxlength=\"60\"></td></tr>" 81 ."<tr><td>" . _INTERESTS . "</td>" 82 ."<td><input type=\"text\" name=\"add_user_intrest\" size=\"25\" maxlength=\"255\"></td></tr>" 83 ."<tr><td>" . _OPTION . "</td>" 84 ."<td><input type=\"checkbox\" name=\"add_user_viewemail\" VALUE=\"1\"> " . _ALLOWUSERS . "</td></tr>" 85 ."<tr><td>" . _NEWSLETTER . "</td>" 86 ."<td><input type=\"radio\" name=\"add_newsletter\" value=\"1\">" . _YES . "<br>" 87 ."<input type=\"radio\" name=\"add_newsletter\" value=\"0\" checked>" . _NO . "</td></tr>" 88 ."<tr><td>" . _SIGNATURE . "</td>" 89 ."<td><textarea name=\"add_user_sig\" rows=\"15\" cols=\"70\"></textarea></td></tr>" 90 ."<tr><td>" . _PASSWORD . "</td>" 91 ."<td><input type=\"password\" name=\"add_pass\" size=\"12\" maxlength=\"12\"> <font class=\"tiny\">" . _REQUIRED . "</font></td></tr>" 92 ."<input type=\"hidden\" name=\"add_avatar\" value=\"blank.gif\">" 93 ."<input type=\"hidden\" name=\"op\" value=\"addUser\">" 94 ."<tr><td><input type=\"submit\" value=\"" . _ADDUSERBUT . "\"></form></td></tr>" 95 ."</table>"; 96 CloseTable(); 97 include ("footer.php"); 98 } 99 100 function modifyUser($chng_user) { 101 global $prefix, $user_prefix, $db, $admin_file; 102 include ("header.php"); 103 GraphicAdmin(); 104 OpenTable(); 105 echo "<center><font class=\"title\"><b>" . _USERADMIN . "</b></font></center>"; 106 CloseTable(); 107 echo "<br>"; 108 $chng_user = stripslashes(check_html($chng_user, "nohtml")); 109 $result = $db->sql_query("SELECT user_id, username, name, user_website, user_email, femail, user_icq, user_aim, user_yim, user_msnm, user_from, user_occ, user_interests, user_viewemail, user_avatar, user_sig, user_password, newsletter from " . $user_prefix . "_users where username='$chng_user'"); 110 $numrows = $db->sql_numrows($result); 111 if($numrows > 0) { 112 $row = $db->sql_fetchrow($result); 113 $chng_uid = intval($row['user_id']); 114 $chng_uname = filter($row['username'], "nohtml"); 115 $chng_name = filter($row['name'], "nohtml"); 116 $chng_url = filter($row['user_website'], "nohtml"); 117 $chng_email = filter($row['user_email'], "nohtml"); 118 $chng_femail = filter($row['femail'], "nohtml"); 119 $chng_user_icq = filter($row['user_icq'], "nohtml"); 120 $chng_user_aim = filter($row['user_aim'], "nohtml"); 121 $chng_user_yim = filter($row['user_yim'], "nohtml"); 122 $chng_user_msnm = filter($row['user_msnm'], "nohtml"); 123 $chng_user_from = filter($row['user_from'], "nohtml"); 124 $chng_user_occ = filter($row['user_occ'], "nohtml"); 125 $chng_user_intrest = filter($row['user_interests'], "nohtml"); 126 $chng_user_viewemail = filter($row['user_viewemail'], "nohtml"); 127 $chng_avatar = filter($row['user_avatar'], "nohtml"); 128 $chng_user_sig = filter($row['user_sig']); 129 $chng_pass = filter($row['user_password'], "nohtml"); 130 $chng_newsletter = intval($row['newsletter']); 131 OpenTable(); 132 echo "<center><font class=\"option\"><b>" . _USERUPDATE . ": <i>$chng_user</i></b></font></center>" 133 ."<form action=\"".$admin_file.".php\" method=\"post\">" 134 ."<table border=\"0\">" 135 ."<tr><td>" . _USERID . "</td>" 136 ."<td><b>$chng_uid</b></td></tr>" 137 ."<tr><td>" . _NICKNAME . "</td>" 138 ."<td><input type=\"text\" name=\"chng_uname\" value=\"$chng_uname\"> <font class=\"tiny\">" . _REQUIRED . "</font></td></tr>" 139 ."<tr><td>" . _NAME . "</td>" 140 ."<td><input type=\"text\" name=\"chng_name\" value=\"$chng_name\"></td></tr>" 141 ."<tr><td>" . _URL . "</td>" 142 ."<td><input type=\"text\" name=\"chng_url\" value=\"$chng_url\" size=\"30\" maxlength=\"60\"></td></tr>" 143 ."<tr><td>" . _EMAIL . "</td>" 144 ."<td><input type=\"text\" name=\"chng_email\" value=\"$chng_email\" size=\"30\" maxlength=\"60\"> <font class=\"tiny\">" . _REQUIRED . "</font></td></tr>" 145 ."<tr><td>" . _FAKEEMAIL . "</td>" 146 ."<td><input type=\"text\" name=\"chng_femail\" value=\"$chng_femail\" size=\"30\" maxlength=\"60\"></td></tr>" 147 ."<tr><td>" . _ICQ . "</td>" 148 ."<td><input type=\"text\" name=\"chng_user_icq\" value=\"$chng_user_icq\" size=\"20\" maxlength=\"20\"></td></tr>" 149 ."<tr><td>" . _AIM . "</td>" 150 ."<td><input type=\"text\" name=\"chng_user_aim\" value=\"$chng_user_aim\" size=\"20\" maxlength=\"20\"></td></tr>" 151 ."<tr><td>" . _YIM . "</td>" 152 ."<td><input type=\"text\" name=\"chng_user_yim\" value=\"$chng_user_yim\" size=\"20\" maxlength=\"20\"></td></tr>" 153 ."<tr><td>" . _MSNM . "</td>" 154 ."<td><input type=\"text\" name=\"chng_user_msnm\" value=\"$chng_user_msnm\" size=\"20\" maxlength=\"20\"></td></tr>" 155 ."<tr><td>" . _LOCATION . "</td>" 156 ."<td><input type=\"text\" name=\"chng_user_from\" value=\"$chng_user_from\" size=\"25\" maxlength=\"60\"></td></tr>" 157 ."<tr><td>" . _OCCUPATION . "</td>" 158 ."<td><input type=\"text\" name=\"chng_user_occ\" value=\"$chng_user_occ\" size=\"25\" maxlength=\"60\"></td></tr>" 159 ."<tr><td>" . _INTERESTS . "</td>" 160 ."<td><input type=\"text\" name=\"chng_user_intrest\" value=\"$chng_user_intrest\" size=\"25\" maxlength=\"255\"></td></tr>" 161 ."<tr><td>" . _OPTION . "</td>"; 162 if ($chng_user_viewemail ==1) { 163 echo "<td><input type=\"checkbox\" name=\"chng_user_viewemail\" value=\"1\" checked> " . _ALLOWUSERS . "</td></tr>"; 164 } else { 165 echo "<td><input type=\"checkbox\" name=\"chng_user_viewemail\" value=\"1\"> " . _ALLOWUSERS . "</td></tr>"; 166 } 167 if ($chng_newsletter == 1) { 168 echo "<tr><td>" . _NEWSLETTER . "</td><td><input type=\"radio\" name=\"chng_newsletter\" value=\"1\" checked>" . _YES . " " 169 ."<input type=\"radio\" name=\"chng_newsletter\" value=\"0\">" . _NO . "</td></tr>"; 170 } elseif ($chng_newsletter == 0) { 171 echo "<tr><td>" . _NEWSLETTER . "</td><td><input type=\"radio\" name=\"chng_newsletter\" value=\"1\">" . _YES . " " 172 ."<input type=\"radio\" name=\"chng_newsletter\" value=\"0\" checked>" . _NO . "</td></tr>"; 173 } 174 $subnum = $db->sql_numrows($db->sql_query("SELECT * FROM " . $prefix . "_subscriptions WHERE userid='$chng_uid'")); 175 $content = ""; 176 if ($subnum == 0) { 177 $content .= "<tr><td>" . _SUBUSERASK . "</td><td><input type='radio' name='subscription' value='1'> " . _YES . " <input type='radio' name='subscription' value='0' checked> " . _NO . "</td></tr>"; 178 $content .= "<tr><td>" . _SUBPERIOD . "</td><td><select name='subscription_expire'>"; 179 $content .= "<option value='0' selected>" . _NONE . "</option>"; 180 $content .= "<option value='1'>1 "._YEAR."</option>"; 181 $content .= "<option value='2'>2 "._YEARS."</option>"; 182 $content .= "<option value='3'>3 "._YEARS."</option>"; 183 $content .= "<option value='4'>4 "._YEARS."</option>"; 184 $content .= "<option value='5'>5 "._YEARS."</option>"; 185 $content .= "<option value='6'>6 "._YEARS."</option>"; 186 $content .= "<option value='7'>7 "._YEARS."</option>"; 187 $content .= "<option value='8'>8 "._YEARS."</option>"; 188 $content .= "<option value='9'>9 "._YEARS."</option>"; 189 $content .= "<option value='10'>10 "._YEARS."</option>"; 190 $content .= "</select><input type='hidden' name='reason' value='0'></td></tr>"; 191 } elseif ($subnum == 1) { 192 $content .= "<tr><td>"._UNSUBUSER."</td><td><input type='radio' name='subscription' value='0'> "._YES." <input type='radio' name='subscription' value='1' checked> "._NO."</td></tr>"; 193 $content .= "<tr><td>"._ADDSUBPERIOD."</td><td><select name='subscription_expire'>"; 194 $content .= "<option value='0' selected>"._NONE."</option>"; 195 $content .= "<option value='1'>1 "._YEAR."</option>"; 196 $content .= "<option value='2'>2 "._YEARS."</option>"; 197 $content .= "<option value='3'>3 "._YEARS."</option>"; 198 $content .= "<option value='4'>4 "._YEARS."</option>"; 199 $content .= "<option value='5'>5 "._YEARS."</option>"; 200 $content .= "<option value='6'>6 "._YEARS."</option>"; 201 $content .= "<option value='7'>7 "._YEARS."</option>"; 202 $content .= "<option value='8'>8 "._YEARS."</option>"; 203 $content .= "<option value='9'>9 "._YEARS."</option>"; 204 $content .= "<option value='10'>10 "._YEARS."</option>"; 205 $content .= "</select></td></tr>"; 206 $content .= "<tr><td>"._ADMSUBEXPIREIN."</td><td>"; 207 $rows = $db->sql_fetchrow($db->sql_query("SELECT * FROM ".$prefix."_subscriptions WHERE userid='$chng_uid'")); 208 $diff = $rows['subscription_expire']-time(); 209 $yearDiff = floor($diff/60/60/24/365); 210 $diff -= $yearDiff*60*60*24*365; 211 if ($yearDiff < 1) { 212 $diff = $rows['subscription_expire']-time(); 213 } 214 $daysDiff = floor($diff/60/60/24); 215 $diff -= $daysDiff*60*60*24; 216 $hrsDiff = floor($diff/60/60); 217 $diff -= $hrsDiff*60*60; 218 $minsDiff = floor($diff/60); 219 $diff -= $minsDiff*60; 220 $secsDiff = $diff; 221 if ($yearDiff < 1) { 222 $rest = "$daysDiff "._SBDAYS.", $hrsDiff "._SBHOURS.", $minsDiff "._SBMINUTES.", $secsDiff "._SBSECONDS.""; 223 } elseif ($yearDiff == 1) { 224 $rest = "$yearDiff "._SBYEAR.", $daysDiff "._SBDAYS.", $hrsDiff "._SBHOURS.", $minsDiff "._SBMINUTES.", $secsDiff "._SBSECONDS.""; 225 } elseif ($yearDiff > 1) { 226 $rest = "$yearDiff "._SBYEARS.", $daysDiff "._SBDAYS.", $hrsDiff "._SBHOURS.", $minsDiff "._SBMINUTES.", $secsDiff "._SBSECONDS.""; 227 } 228 $content .= "<font color='#FF0000'>$rest</font></td></tr>"; 229 $content .= "<tr><td>"._SUBREASON."</td><td><textarea name='reason' cols='70' rows='15'></textarea></td></tr>"; 230 } 231 echo "$content"; 232 echo "<tr><td>" . _SIGNATURE . "</td>" 233 ."<td><textarea name=\"chng_user_sig\" rows=\"15\" cols=\"70\">$chng_user_sig</textarea></td></tr>" 234 ."<tr><td>" . _PASSWORD . "</td>" 235 ."<td><input type=\"password\" name=\"chng_pass\" size=\"12\" maxlength=\"12\"></td></tr>" 236 ."<tr><td>" . _RETYPEPASSWD . "</td>" 237 ."<td><input type=\"password\" name=\"chng_pass2\" size=\"12\" maxlength=\"12\"> <font class=\"tiny\">" . _FORCHANGES . "</font></td></tr>" 238 ."<input type=\"hidden\" name=\"chng_avatar\" value=\"$chng_avatar\">" 239 ."<input type=\"hidden\" name=\"chng_uid\" value=\"$chng_uid\">" 240 ."<input type=\"hidden\" name=\"op\" value=\"updateUser\">" 241 ."<tr><td><input type=\"submit\" value=\"" . _SAVECHANGES . "\"></form></td></tr>" 242 ."</table>"; 243 CloseTable(); 244 } else { 245 OpenTable(); 246 echo "<center><b>" . _USERNOEXIST . "</b><br><br>" 247 ."" . _GOBACK . "</center>"; 248 CloseTable(); 249 } 250 include ("footer.php"); 251 } 252 253 function updateUser($chng_uid, $chng_uname, $chng_name, $chng_url, $chng_email, $chng_femail, $chng_user_icq, $chng_user_aim, $chng_user_yim, $chng_user_msnm, $chng_user_from, $chng_user_occ, $chng_user_intrest, $chng_user_viewemail, $chng_avatar, $chng_user_sig, $chng_pass, $chng_pass2, $chng_newsletter, $subscription, $subscription_expire, $reason) { 254 global $user_prefix, $db, $prefix, $nukeurl, $sitename, $adminmail, $subscription_url, $admin_file; 255 $chng_uid = intval($chng_uid); 256 $chng_uname = filter($chng_uname, "nohtml", 1); 257 $chng_name = filter($chng_name, "nohtml", 1); 258 $chng_url = filter($chng_url, "nohtml", 1); 259 $chng_email = filter($chng_email, "nohtml", 1); 260 $chng_femail = filter($chng_femail, "nohtml", 1); 261 $chng_user_icq = filter($chng_user_icq, "nohtml", 1); 262 $chng_user_aim = filter($chng_user_aim, "nohtml", 1); 263 $chng_user_yim = filter($chng_user_yim, "nohtml", 1); 264 $chng_user_msnm = filter($chng_user_msnm, "nohtml", 1); 265 $chng_user_from = filter($chng_user_from, "nohtml", 1); 266 $chng_user_occ = filter($chng_user_occ, "nohtml", 1); 267 $chng_user_intrest = filter($chng_user_intrest, "nohtml", 1); 268 $chng_user_viewemail = intval($chng_user_viewemail); 269 $chng_avatar = filter($chng_user_avatar, "nohtml", 1); 270 $chng_user_sig = filter($chng_user_sig, "", 1); 271 $chng_pass = filter($chng_pass, "nohtml", 1); 272 $chng_pass2 = filter($chng_pass2, "nohtml", 1); 273 $chng_newsletter = intval($chng_newsletter); 274 $tmp = 0; 275 if (!empty($chng_pass2)) { 276 if($chng_pass != $chng_pass2) { 277 include ("header.php"); 278 GraphicAdmin(); 279 OpenTable(); 280 echo "<center><font class=\"title\"><b>" . _USERADMIN . "</b></font></center>"; 281 CloseTable(); 282 echo "<br>"; 283 OpenTable(); 284 echo "<center>" . _PASSWDNOMATCH . "<br><br>" 285 ."" . _GOBACK . "</center>"; 286 CloseTable(); 287 include ("footer.php"); 288 exit; 289 } 290 $tmp = 1; 291 } 292 if ($tmp == 0) { 293 $db->sql_query("update " . $user_prefix . "_users set username='$chng_uname', name='$chng_name', user_email='$chng_email', femail='$chng_femail', user_website='$chng_url', user_icq='$chng_user_icq', user_aim='$chng_user_aim', user_yim='$chng_user_yim', user_msnm='$chng_user_msnm', user_from='$chng_user_from', user_occ='$chng_user_occ', user_interests='$chng_user_intrest', user_viewemail='$chng_user_viewemail', user_avatar='$chng_avatar', user_sig='$chng_user_sig', newsletter='$chng_newsletter' where user_id='$chng_uid'"); 294 } 295 if ($tmp == 1) { 296 $cpass = md5($chng_pass); 297 $db->sql_query("update " . $user_prefix . "_users set username='$chng_uname', name='$chng_name', user_email='$chng_email', femail='$chng_femail', user_website='$chng_url', user_icq='$chng_user_icq', user_aim='$chng_user_aim', user_yim='$chng_user_yim', user_msnm='$chng_user_msnm', user_from='$chng_user_from', user_occ='$chng_user_occ', user_interests='$chng_user_intrest', user_viewemail='$chng_user_viewemail', user_avatar='$chng_avatar', user_sig='$chng_user_sig', user_password='$cpass', newsletter='$chng_newsletter' where user_id='$chng_uid'"); 298 } 299 $subnum = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_subscriptions WHERE userid='$chng_uid'")); 300 $row = $db->sql_fetchrow($db->sql_query("SELECT * FROM ".$prefix."_subscriptions WHERE userid='$chng_uid'")); 301 $row2 = $db->sql_fetchrow($db->sql_query("SELECT username, user_email FROM ".$user_prefix."_users WHERE user_id='$chng_uid'")); 302 if (empty($reason)) { 303 $reason = 0; 304 } 305 if ($subnum == 1) { 306 if ($subscription == 0) { 307 $from = "$sitename <$adminmail>"; 308 $subject = "$sitename "._SUBCANCELLED.""; 309 if ($reason == "0") { 310 if (!empty($subscription_url)) { 311 $body = ""._HELLO." ".$row2['username']."!\n\n"._SUBCANCEL."\n\n"._SUBNEEDTOAPPLY." $subscription_url\n\n"._SUBTHANKSATT."\n\n$sitename "._TEAM."\n$nukeurl"; 312 } else { 313 $body = ""._HELLO." ".$row2['username']."!\n\n"._SUBCANCEL."\n\n"._SUBTHANKSATT."\n\n$sitename "._TEAM."\n$nukeurl"; 314 } 315 } else { 316 if (!empty($subscription_url)) { 317 $body = ""._HELLO." ".$row2['username']."!\n\n"._SUBCANCELREASON."\n\n$reason\n\n"._SUBNEEDTOAPPLY." $subscription_url\n\n"._SUBTHANKSATT."\n\n$sitename "._TEAM."\n$nukeurl"; 318 } else { 319 $body = ""._HELLO." ".$row2['username']."!\n\n"._SUBCANCELREASON."\n\n$reason\n\n"._SUBTHANKSATT."\n\n$sitename "._TEAM."\n$nukeurl"; 320 } 321 } 322 $db->sql_query("DELETE FROM ".$prefix."_subscriptions WHERE userid='$chng_uid'"); 323 mail($row2['user_email'], $subject, $body, "From: $from\nX-Mailer: PHP/" . phpversion()); 324 } elseif ($subscription == 1) { 325 if ($subscription_expire != 0) { 326 $from = "$sitename <$adminmail>"; 327 $subject = "$sitename "._SUBUPDATEDSUB.""; 328 $body = ""._HELLO." ".$row2['username']."!\n\n"._SUBUPDATED." $subscription_expire "._SUBYEARSTOACCOUNT."\n\n"._SUBTHANKSSUPP."\n\n$sitename "._TEAM."\n$nukeurl"; 329 $expire = $subscription_expire*31536000; 330 if ($subnum == 0) { 331 $expire = $expire+time(); 332 } 333 $expire = $expire+$row['subscription_expire']; 334 $db->sql_query("UPDATE ".$prefix."_subscriptions SET subscription_expire='$expire' WHERE userid='$chng_uid'"); 335 mail($row2['user_email'], $subject, $body, "From: $from\nX-Mailer: PHP/" . phpversion()); 336 } 337 } 338 } elseif ($subnum == 0 AND $subscription == 1) { 339 if ($subscription_expire != 0) { 340 $expire = $subscription_expire*31536000; 341 $expire = $expire+time(); 342 $db->sql_query("INSERT INTO ".$prefix."_subscriptions VALUES (NULL, '$chng_uid', '$expire')"); 343 $from = "$sitename <$adminmail>"; 344 $subject = "$sitename "._SUBACTIVATED.""; 345 $body = ""._HELLO." ".$row2['username']."!\n\n"._SUBOPENED." $subscription_expire "._SUBOPENED2."\n\n"._SUBHOPELIKE."\n"._SUBTHANKSSUPP2."\n\n$sitename "._TEAM."\n$nukeurl"; 346 mail($row2['user_email'], $subject, $body, "From: $from\nX-Mailer: PHP/" . phpversion()); 347 } 348 } 349 Header("Location: ".$admin_file.".php?op=adminMain"); 350 } 351 352 switch($op) { 353 354 case "mod_users": 355 displayUsers(); 356 break; 357 358 case "modifyUser": 359 modifyUser($chng_uid); 360 break; 361 362 case "updateUser": 363 updateUser($chng_uid, $chng_uname, $chng_name, $chng_url, $chng_email, $chng_femail, $chng_user_icq, $chng_user_aim, $chng_user_yim, $chng_user_msnm, $chng_user_from, $chng_user_occ, $chng_user_intrest, $chng_user_viewemail, $chng_avatar, $chng_user_sig, $chng_pass, $chng_pass2, $chng_newsletter, $subscription, $subscription_expire, $reason); 364 break; 365 366 case "delUser": 367 include ("header.php"); 368 GraphicAdmin(); 369 OpenTable(); 370 echo "<center><font class=\"title\"><b>" . _USERADMIN . "</b></font></center>"; 371 CloseTable(); 372 echo "<br>"; 373 OpenTable(); 374 echo "<center><font class=\"option\"><b>" . _DELETEUSER . "</b></font><br><br>" 375 ."" . _SURE2DELETE . " $chng_uid?<br><br>" 376 ."[ <a href=\"".$admin_file.".php?op=delUserConf&del_uid=$chng_uid\">" . _YES . "</a> | <a href=\"".$admin_file.".php?op=mod_users\">" . _NO . "</a> ]</center>"; 377 CloseTable(); 378 include ("footer.php"); 379 break; 380 381 case "delUserConf": 382 $result = $db->sql_query("SELECT user_id from " . $user_prefix . "_users where username='$del_uid'"); 383 $row = $db->sql_fetchrow($result); 384 $del_user_id = intval($row['user_id']); 385 $db->sql_query("UPDATE " . $user_prefix . "_bbposts SET poster_id = '1', post_username = '$del_uid' WHERE poster_id = '$del_user_id'"); 386 $db->sql_query("UPDATE " . $user_prefix . "_bbtopics SET topic_poster = '1' WHERE topic_poster = '$del_user_id'"); 387 $db->sql_query("UPDATE " . $user_prefix . "_bbvote_voters SET vote_user_id = '1' WHERE vote_user_id = '$del_user_id'"); 388 $db->sql_query("delete from " . $user_prefix . "_users where username='$del_uid'"); 389 $db->sql_query("delete from " . $user_prefix . "_bbuser_group where user_id='$del_user_id'"); 390 $result2 = $db->sql_query("SELECT group_id FROM " . $user_prefix . "_bbgroups WHERE group_moderator = '$del_user_id'"); 391 $row2 = $db->sql_fetchrow($result2); 392 $del_group_id = intval($row2['group_id']); 393 if (intval($del_group_id) > 0) 394 { 395 $db->sql_query("delete from " . $user_prefix . "_bbgroups where group_id='$del_group_id'"); 396 $db->sql_query("delete from " . $user_prefix . "_bbauth_access where group_id='$del_group_id'"); 397 } 398 $db->sql_query("delete from " . $user_prefix . "_bbtopics_watch where user_id='$del_user_id'"); 399 $db->sql_query("delete from " . $user_prefix . "_bbbanlist where ban_userid='$del_user_id'"); 400 $result3 = $db->sql_query("SELECT privmsgs_id FROM " . $user_prefix . "_bbprivmsgs WHERE privmsgs_from_userid = '$del_user_id' OR privmsgs_to_userid = '$del_user_id'"); 401 while ( $row_privmsgs = $db->sql_fetchrow($result3) ) 402 { 403 $mark_list[] = $row_privmsgs['privmsgs_id']; 404 } 405 $delete_sql_id = implode(', ', $mark_list); 406 $db->sql_query("delete from " . $user_prefix . "_bbprivmsgs_text where privmsgs_text_id IN ($delete_sql_id)"); 407 $db->sql_query("delete from " . $user_prefix . "_bbprivmsgs where privmsgs_id IN ($delete_sql_id)"); 408 Header("Location: ".$admin_file.".php?op=adminMain"); 409 break; 410 411 case "addUser": 412 $add_pass = md5($add_pass); 413 if (!($add_uname && $add_email && $add_pass)) { 414 include ("header.php"); 415 GraphicAdmin(); 416 OpenTable(); 417 echo "<center><font class=\"title\"><b>" . _USERADMIN . "</b></font></center>"; 418 CloseTable(); 419 echo "<br>"; 420 OpenTable(); 421 echo "<center><b>" . _NEEDTOCOMPLETE . "</b><br><br>" 422 ."" . _GOBACK . ""; 423 CloseTable(); 424 include ("footer.php"); 425 return; 426 } 427 $numrow = $db->sql_numrows($db->sql_query("SELECT user_id FROM ".$user_prefix."_users WHERE username='$add_uname'")); 428 if ($numrow > 0) { 429 include ("header.php"); 430 GraphicAdmin(); 431 OpenTable(); 432 echo "<center><font class=\"title\"><b>" . _USERADMIN . "</b></font></center>"; 433 CloseTable(); 434 echo "<br>"; 435 OpenTable(); 436 echo "<center><b>" . _USERALREADYEXISTS . "</b><br><br>" 437 ."" . _GOBACK . ""; 438 CloseTable(); 439 include ("footer.php"); 440 return; 441 } else { 442 $user_regdate = date("M d, Y"); 443 $add_uname = filter($add_uname, "nohtml", 1); 444 $add_name = filter($add_name, "nohtml", 1); 445 $add_url = filter($add_url, "nohtml", 1); 446 $add_email = filter($add_email, "nohtml", 1); 447 $add_femail = filter($add_femail, "nohtml", 1); 448 $add_user_icq = filter($add_user_icq, "nohtml", 1); 449 $add_user_aim = filter($add_user_aim, "nohtml", 1); 450 $add_user_yim = filter($add_user_yim, "nohtml", 1); 451 $add_user_msnm = filter($add_user_msnm, "nohtml", 1); 452 $add_user_from = filter($add_user_from, "nohtml", 1); 453 $add_user_occ = filter($add_user_occ, "nohtml", 1); 454 $add_user_intrest = filter($add_user_intrest, "nohtml", 1); 455 $add_user_viewemail = intval($add_user_viewemail); 456 $add_avatar = filter($add_user_avatar, "nohtml", 1); 457 $add_user_sig = filter($add_user_sig, "", 1); 458 $add_pass = filter($add_pass, "nohtml", 1); 459 $add_newsletter = intval($add_newsletter); 460 $sql = "insert into " . $user_prefix . "_users "; 461 $sql .= "(user_id,name,username,user_email,femail,user_website,user_regdate,user_icq,user_aim,user_yim,user_msnm,user_from,user_occ,user_interests,user_viewemail,user_avatar,user_sig,user_password,newsletter,broadcast,popmeson) "; 462 $sql .= "values (NULL,'$add_name','$add_uname','$add_email','$add_femail','$add_url','$user_regdate','$add_user_icq','$add_user_aim','$add_user_yim','$add_user_msnm','$add_user_from','$add_user_occ','$add_user_intrest','$add_user_viewemail','$add_avatar','$add_user_sig','$add_pass','$add_newsletter','1','0')"; 463 $result = $db->sql_query($sql); 464 if (!$result) { 465 return; 466 } 467 if ($result) { 468 $result2 = $db->sql_query("SELECT user_id FROM ".$user_prefix."_users WHERE username='$add_uname'"); 469 $row2 = $db->sql_fetchrow($result2); 470 $guserid = intval($row2['user_id']); 471 $db->sql_query("INSERT INTO ".$prefix."_bbgroups (group_name, group_description, group_single_user, group_moderator) VALUES ('', 'Personal User', '1', '0')"); 472 $group_id = $db->sql_nextid(); 473 $db->sql_query("INSERT INTO ".$prefix."_bbuser_group (user_id, group_id, user_pending) VALUES ('$guserid', '$group_id', '0')"); 474 } 475 } 476 Header("Location: ".$admin_file.".php?op=adminMain"); 477 break; 478 479 } 480 481 } else { 482 include ("header.php"); 483 GraphicAdmin(); 484 OpenTable(); 485 echo "<center><b>"._ERROR."</b><br><br>You do not have administration permission for module \"$module_name\"</center>"; 486 CloseTable(); 487 include ("footer.php"); 488 } 489 490 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sun Apr 1 11:11:59 2007 | par Balluche grâce à PHPXref 0.7 |