<?php
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
//header('Content-type: application/vnd.wap.xhtml+xml');
echo "<?xml version=\"1.0\"?>";
echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\" \"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">";
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<?php
include("config.php");
include("core.php");
connectdb();
$action = $_GET["action"];
$sid = $_GET["sid"];
$uid = getuid_sid($sid);
$theme = mysql_fetch_array(mysql_query("SELECT theme FROM ibwf_users WHERE id='".$uid."'"));
$sitename = mysql_fetch_array(mysql_query("SELECT value FROM ibwf_settings WHERE name='sitename'"));
$sitename = $sitename[0];
if (!ismod(getuid_sid($sid))) {
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
$sid = $_GET["sid"];
$uid = getuid_sid($sid);
$who = $_POST["who"];
$pres = $_POST["pres"];
$pds = $_POST["pds"];
$phr = $_POST["phr"];
$pmn = $_POST["pmn"];
$psc = $_POST["psc"];
$user = getnick_uid($who);
$timeto = $pds * 24 * 60 * 60;
$timeto += $phr * 60 * 60;
$timeto += $pmn * 60;
$timeto += $psc;
$ptime = $timeto + time();
$uip = getip_uid($who);
$ubr = getbr_uid($who);
$who = $_GET["who"];
$whonick = getnick_uid($sid);
$byuid = getuid_sid($sid);
$unick = getnick_sid($sid);
$sid = $_GET["sid"];
$page = $_GET["page"];
$who = $_GET["who"];
$uid = getuid_sid($sid);
$nick = getnick_sid($sid);
$brws = explode(" ", $HTTP_USER_AGENT);
$ubr = $brws[0];
$uip = getip();
$time = time() + (17 * 60 * 60);
$newtime = date("H:i", $time);
$date = strtotime('+17 hours');
$newdate = date('D jS M y', $date);
$user = getnick_sid($sid);
$bantime = time() + (30 * 24 * 60 * 60);
mysql_query("INSERT INTO ibwf_mlog SET action='Admincp Hack', details='<br/><u><b>".$user."</b></u><br/><b>Attempted to get in Admin tools:</b> $pwd<br/> <b>Browser:</b> $ubr<br/> <b>IP:</b> $uip<br/>', actdt='".time()."'");
$user = getnick_sid($sid);
mysql_query("INSERT INTO ibwf_penalties SET uid='".$byuid."', penalty='2', exid='2', timeto='".$bantime."', pnreas='Banned: Auto Bann For hack attempt on admincp'");
$pmsg[1] = "Ip-banned for attempting a hack";
mysql_query("UPDATE ibwf_users SET lastpnreas='".$pmsg[1]." WHERE id='".$who."'");
mysql_query("INSERT INTO ibwf_mlog SET action='autoban', details='<b>".getnick_uid(1)."</b> auto banned $user for trying to be a wana be hacker', actdt='".time()."'");
$uip = getip_uid($who);
$ubr = getbr_uid($who);
$pmsg[1] = "Ip-banned";
mysql_query("INSERT INTO ibwf_mlog SET action='autoban', details='<b>".getnick_uid(1)."</b> auto banned $user for trying to be a wana be hacker', actdt='".time()."'");
mysql_query("UPDATE ibwf_users SET plusses='0', shield='0' WHERE id='".$byuid."'");
mysql_query("INSERT INTO ibwf_private SET text='[b](attempted a modcp hack and was banned)[/b][br/]".$pmtext."', byuid='".$byuid."', touid='1', timesent='".$tm."'");
echo "I don't know how did you get into here, but there's nothing to show<br/><br/>";
echo "Bye Bye.. Hack attempts will get you banned here lol<br/>Ohh and also the log has been sent to YOURNAME inbox<br/>";
echo "<b>Permission Denied!</b><br/>";
echo "<br/>Only mod/admin/owner can use this page...<br/>";
echo "<a href=\"index.php\">Home</a>";
echo "</p>";
echo "</body>";
echo "</html>";
exit();
}
if(islogged($sid)==false)
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/white.css\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
echo "You are not logged in<br/>";
echo "Or Your session has been expired<br/><br/>";
echo "<a href=\"index.php\">Login</a>";
echo "</p>";
echo "</body>";
}
addonline(getuid_sid($sid),"Admin Tools","");
if($action=="main")
{
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
echo "<b>Reports</b>";
echo "</p>";
echo "<p>";
$nrpm = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_private WHERE reported='1'"));
echo "<a href=\"modcp.php?action=rpm&sid=$sid\">»Inbox Messages($nrpm[0])</a><br/>";
$nrpm = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_popups WHERE reported='1'"));
echo "<a href=\"modcp.php?action=rpop&sid=$sid\">»Popup Messages($nrpm[0])</a><br/>";
$nrps = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_posts WHERE reported='1'"));
echo "<a href=\"modcp.php?action=rps&sid=$sid\">»Posts($nrps[0])</a><br/>";
$nrtp = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_topics WHERE reported='1'"));
echo "<a href=\"modcp.php?action=rtp&sid=$sid\">»Topics($nrtp[0])</a>";
echo "</p>";
echo "<p align=\"center\">";
echo "<b>Logs</b>";
echo "</p>";
echo "<p>";
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_mlog"));
if($noi[0]>0){
$nola = mysql_query("SELECT DISTINCT (action) FROM ibwf_mlog ORDER BY actdt DESC");
while($act=mysql_fetch_array($nola))
{
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_mlog WHERE action='".$act[0]."'"));
echo "<a href=\"modcp.php?action=log&sid=$sid&view=$act[0]\">$act[0]($noi[0])</a><br/>";
}
}
echo "</p>";
echo "<p align=\"center\">";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
/////////////////////////////////Reported PMs
else if($action=="rpm")
{
$page = $_GET["page"];
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
echo "<b>Reported Inboxes</b>";
echo "</p>";
echo "<p>";
echo "<small>";
if($page=="" || $page<=0)$page=1;
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_private WHERE reported ='1'"));
$num_items = $noi[0]; //changable
$items_per_page= 5;
$num_pages = ceil($num_items/$items_per_page);
if($page>$num_pages)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
$sql = "SELECT id, text, byuid, touid, timesent FROM ibwf_private WHERE reported='1' ORDER BY timesent DESC LIMIT $limit_start, $items_per_page";
$items = mysql_query($sql);
if($items!=""){
while ($item=mysql_fetch_array($items))
{
$fromnk = getnick_uid($item[2]);
$tonick = getnick_uid($item[3]);
$dtop = date("d m y - H:i:s", $item[4]);
$text = parsepm($item[1]);
$flk = "<a href=\"index.php?action=viewuser&sid=$sid&who=$item[2]\">$fromnk</a>";
$tlk = "<a href=\"index.php?action=viewuser&sid=$sid&who=$item[3]\">$tonick</a>";
echo "From: $flk To: $tlk<br/>Time: $dtop<br/>";
echo $text;
echo "<br/>";
if (isowner(getuid_sid($sid)))
{
echo "<a href=\"modproc.php?action=hpm&sid=$sid&pid=$item[0]\">Handle</a><br/><br/>";
}
else
{
echo "<b>Handle</b><br/><br/>";
}
}
}
echo "</small>";
echo "</p>";
echo "<p align=\"center\">";
if($page>1)
{
$ppage = $page-1;
echo "<a href=\"modcp.php?action=$action&page=$ppage&sid=$sid\">«PREV</a> ";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<a href=\"modcp.php?action=$action&page=$npage&sid=$sid\">Next»</a>";
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
$rets = "<form action=\"inbox.php\" method=\"get\">";
$rets .= "<input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"3\"/>";
$rets .= "<input type=\"hidden\" name=\"sid\" value=\"$sid\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\"/>";
$rets .= "<input type=\"Submit\" value=\"Go To Page\" Name=\"Submit\"/></form>";
echo $rets;
}
echo "<br/><br/>";
echo "<a href=\"modcp.php?action=main&sid=$sid\">Reports/Logs</a><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
/////////////////////////////////Reported popups
else if($action=="rpop")
{
$page = $_GET["page"];
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
echo "<b>Reported Popups</b>";
echo "</p>";
echo "<p>";
echo "<small>";
if($page=="" || $page<=0)$page=1;
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_popups WHERE reported ='1'"));
$num_items = $noi[0]; //changable
$items_per_page= 5;
$num_pages = ceil($num_items/$items_per_page);
if($page>$num_pages)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
$sql = "SELECT id, text, byuid, touid, timesent FROM ibwf_popups WHERE reported='1' ORDER BY timesent DESC LIMIT $limit_start, $items_per_page";
$items = mysql_query($sql);
if($items!=""){
while ($item=mysql_fetch_array($items))
{
$fromnk = getnick_uid($item[2]);
$tonick = getnick_uid($item[3]);
$dtop = date("d m y - H:i:s", $item[4]);
$text = parsepm($item[1]);
$flk = "<a href=\"index.php?action=viewuser&sid=$sid&who=$item[2]\">$fromnk</a>";
$tlk = "<a href=\"index.php?action=viewuser&sid=$sid&who=$item[3]\">$tonick</a>";
echo "From: $flk To: $tlk<br/>Time: $dtop<br/>";
echo $text;
echo "<br/>";
if (isowner(getuid_sid($sid)))
{
echo "<a href=\"modproc.php?action=hpop&sid=$sid&pid=$item[0]\">Handle</a><br/><br/>";
}
else
{
echo "<b>Handle</b><br/><br/>";
}
}
}
echo "</small>";
echo "</p>";
echo "<p align=\"center\">";
if($page>1)
{
$ppage = $page-1;
echo "<a href=\"modcp.php?action=$action&page=$ppage&sid=$sid\">«Prev</a> ";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<a href=\"modcp.php?action=$action&page=$npage&sid=$sid\">Next»</a>";
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
$rets = "<form action=\"inbox.php\" method=\"get\">";
$rets .= "<input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"3\"/>";
$rets .= "<input type=\"hidden\" name=\"sid\" value=\"$sid\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\"/>";
$rets .= "<input type=\"Submit\" value=\"Go To Page\" Name=\"Submit\"/></form>";
echo $rets;
}
echo "<br/><br/>";
echo "<a href=\"modcp.php?action=main&sid=$sid\">Reports/Logs</a><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
/////////////////////////////////Reported Posts
else if($action=="rps")
{
$page = $_GET["page"];
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
echo "<b>Reported Posts</b>";
echo "</p>";
echo "<p>";
echo "<small>";
if($page=="" || $page<=0)$page=1;
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_posts WHERE reported ='1'"));
$num_items = $noi[0]; //changable
$items_per_page= 5;
$num_pages = ceil($num_items/$items_per_page);
if($page>$num_pages)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
$sql = "SELECT id, text, tid, uid, dtpost FROM ibwf_posts WHERE reported='1' ORDER BY dtpost DESC LIMIT $limit_start, $items_per_page";
$items = mysql_query($sql);
if($items!=""){
while ($item=mysql_fetch_array($items))
{
$poster = getnick_uid($item[3]);
$tname = mysql_fetch_array(mysql_query("SELECT text, name FROM ibwf_topics WHERE id='".$item[2]."'"));
$tname = htmlspecialchars($tname[1]);
$dtop = date("d m y - H:i:s", $item[4]);
$text = parsemsg($item[1]);
$flk = "<a href=\"index.php?action=viewuser&sid=$sid&who=$item[3]\">$poster</a>";
$tlk = "<a href=\"index.php?action=viewtpc&sid=$sid&tid=$item[2]\">$tname</a>";
echo "Poster: $flk<br/>In: $tlk<br/>Time: $dtop<br/>";
echo $text;
echo "<br/>";
if (isowner(getuid_sid($sid)))
{
echo "<a href=\"modproc.php?action=hps&sid=$sid&pid=$item[0]\">Handle</a><br/><br/>";
}
else
{
echo "<b>Handle</b><br/><br/>";
}
}
}
echo "</small>";
echo "</p>";
echo "<p align=\"center\">";
if($page>1)
{
$ppage = $page-1;
echo "<a href=\"modcp.php?action=$action&page=$ppage&sid=$sid\">«PREV</a> ";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<a href=\"modcp.php?action=$action&page=$npage&sid=$sid\">Next»</a>";
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
$rets = "<form action=\"inbox.php\" method=\"get\">";
$rets .= "<input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"3\"/>";
$rets .= "<input type=\"hidden\" name=\"sid\" value=\"$sid\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\"/>";
$rets .= "<input type=\"Submit\" value=\"Go To Page\" Name=\"Submit\"/></form>";
echo $rets;
}
echo "<br/><br/>";
echo "<a href=\"modcp.php?action=main&sid=$sid\">Reports/Logs</a><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
/////////////////////////////////Reported Posts
else if($action=="log")
{
$page = $_GET["page"];
$view = $_GET["view"];
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
echo "<b>$view</b>";
echo "</p>";
echo "<p>";
echo "<small>";
if($page=="" || $page<=0)$page=1;
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_mlog WHERE action='".$view."'"));
$num_items = $noi[0]; //changable
$items_per_page= 5;
$num_pages = ceil($num_items/$items_per_page);
if($page>$num_pages)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
$sql = "SELECT actdt, details FROM ibwf_mlog WHERE action='".$view."' ORDER BY actdt DESC LIMIT $limit_start, $items_per_page";
$items = mysql_query($sql);
while ($item=mysql_fetch_array($items))
{
echo "Time: ".date("d m y-H:i:s", $item[0])."<br/>";
echo $item[1];
echo "<br/>";
}
echo "</small>";
echo "</p>";
echo "<p align=\"center\">";
if($page>1)
{
$ppage = $page-1;
echo "<a href=\"modcp.php?action=$action&page=$ppage&sid=$sid&view=$view\">«PREV</a> ";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<a href=\"modcp.php?action=$action&page=$npage&sid=$sid&view=$view\">Next»</a>";
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
$rets = "<form action=\"inbox.php\" method=\"get\">";
$rets .= "<input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"3\"/>";
$rets .= "<input type=\"hidden\" name=\"sid\" value=\"$sid\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\"/>";
$rets .= "<input type=\"hidden\" name=\"view\" value=\"$view\"/>";
$rets .= "<input type=\"Submit\" value=\"Go To Page\" Name=\"Submit\"/></form>";
echo $rets;
}
echo "<br/><br/>";
echo "<a href=\"modcp.php?action=main&sid=$sid\">Reports/Logs</a><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
/////////////////////////////////Reported Topics
else if($action=="rtp")
{
$page = $_GET["page"];
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
echo "<b>Reported Topics</b>";
echo "</p>";
echo "<p>";
echo "<small>";
if($page=="" || $page<=0)$page=1;
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_topics WHERE reported ='1'"));
$num_items = $noi[0]; //changable
$items_per_page= 5;
$num_pages = ceil($num_items/$items_per_page);
if($page>$num_pages)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
$sql = "SELECT id, name, text, authorid, crdate FROM ibwf_topics WHERE reported='1' ORDER BY crdate DESC LIMIT $limit_start, $items_per_page";
$items = mysql_query($sql);
if($items!=""){
while ($item=mysql_fetch_array($items))
{
$poster = getnick_uid($item[3]);
$tname = htmlspecialchars($item[1]);
$dtop = date("d m y - H:i:s", $item[4]);
$text = parsemsg($item[2]);
$flk = "<a href=\"index.php?action=viewuser&sid=$sid&who=$item[3]\">$poster</a>";
$tlk = "<a href=\"index.php?action=viewtpc&sid=$sid&tid=$item[0]\">$tname</a>";
echo "Poster: $flk<br/>In: $tlk<br/>Time: $dtop<br/>";
echo $text;
echo "<br/>";
if (isowner(getuid_sid($sid)))
{
echo "<a href=\"modproc.php?action=htp&sid=$sid&tid=$item[0]\">Handle</a><br/><br/>";
}
else
{
echo "<b>Handle</b><br/><br/>";
}
}
}
echo "</small>";
echo "</p>";
echo "<p align=\"center\">";
if($page>1)
{
$ppage = $page-1;
echo "<a href=\"modcp.php?action=$action&page=$ppage&sid=$sid\">«PREV</a> ";
}
if($page<$num_pages)
{
$npage = $page+1;
echo "<a href=\"modcp.php?action=$action&page=$npage&sid=$sid\">Next»</a>";
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
$rets = "<form action=\"inbox.php\" method=\"get\">";
$rets .= "<input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"3\"/>";
$rets .= "<input type=\"hidden\" name=\"sid\" value=\"$sid\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\"/>";
$rets .= "<input type=\"Submit\" value=\"Go To Page\" Name=\"Submit\"/></form>";
echo $rets;
}
echo "<br/><br/>";
echo "<a href=\"modcp.php?action=main&sid=$sid\">Reports/Logs</a><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
else
{
echo "<head>";
echo "<title>$sitename[0](error)</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
echo "I don't know how did you get into here, but there's nothing to show<br/><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
?>
</html>