File size: 8Kb
<?php
include("core.php");
include("config.php");
header("Content-type: text/html; charset=ISO-8859-1");
echo "<?xml version=\"1.0\" encoding=\"ISO-8859-1\" ?>";
echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\"\"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">";
echo "<html xmlns=\"http://www.w3.org/1999/xhtml\">";
connectdb();
$addy = "wapirate.net";
$action = $_GET["action"];
$sid = $_GET["sid"];
$uid = getuid_sid($sid);
$addy = "wapirate.net";
$theme = mysql_fetch_array(mysql_query("SELECT theme FROM ibwf_users WHERE id='".$uid."'"));
if(!ismodx(getuid_sid($sid)))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/red_medium.css\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!</<br/></div>";
echo "<p align=\"center\">";
echo "You are not an admin<br/>";
echo "<br/>";
echo "<a href=\"index.php\">Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
if(islogged($sid)==false)
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/red_medium.css\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!</<br/></div>";
echo "<p align=\"center\">";
echo "You are not logged in<br/>";
echo "Or Your session has been expired<br/><br/>";
echo "<a href=\"index.php\">Login</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
addonline(getuid_sid($sid),"Main Page","");
/////////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////spam
if($action=="addspam")
{
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Add Spam Block<br/></div>";
echo "<form action=\"modxproc.php?action=addspam&sid=$sid\" method=\"post\">";
echo "Site:<input name=\"smlcde\" maxlength=\"30\"/><br/>";
echo "Change To:<input name=\"smlsrc\" maxlength=\"200\"/><br/>";
echo "<input type=\"submit\" value=\"Add\"/>";
echo "</form>";
echo "<p align=\"center\">";
echo "<br/><br/><a href=\"index.php?action=modxcp&sid=$sid\"><img src=\"images/admn.gif\" alt=\"*\"/>";
echo "Mod X CP</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
/////////////////////////////////user info
else if($action=="chuinfo")
{
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Find User<br/></div>";
echo "<p align=\"center\">";
echo "Type user nickname<br/><br/>";
echo "</p>";
echo "<form action=\"modxcp.php?action=acui&sid=$sid\" method=\"post\">";
echo "User: <input name=\"unick\" format=\"*x\" maxlength=\"15\"/><br/>";
echo "<input type=\"submit\" value=\"find\"/>";
echo "</form>";
echo "<p align=\"center\">";
echo "<br/><br/><a href=\"index.php?action=modxcp&sid=$sid\"><img src=\"images/admn.gif\" alt=\"*\"/>";
echo "Mod X CP</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
//////////////////////////////////////Change User info
else if($action=="acui")
{
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
$unick = $_POST["unick"];
$tid = getuid_nick($unick);
if($tid==0)
{
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "<img src=\"images/notok.gif\" alt=\"x\"/>User Does Not exist<br/>";
echo "</p>";
}else{
echo "<div><br/>Found $unick<br/></div>";
echo "<p>";
echo "<a href=\"modxcp.php?action=chubi&sid=$sid&who=$tid\">»$unick's Profile</a><br/>";
echo "</p>";
echo "<p align=\"center\">";
}
echo "<a href=\"modxcp.php?action=chuinfo&sid=$sid\">";
echo "Users Info</a><br/>";
echo "<a href=\"index.php?action=modxcp&sid=$sid\"><img src=\"images/admn.gif\" alt=\"*\"/>";
echo "Mod X CP</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
////////////////////////////////////////////
else if($action=="chubi")
{
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
$who = $_GET["who"];
$unick = getnick_uid($who);
echo "<div><br/>Edit $unick's Profile<br/></div>";
$avat = getavatar($who);
$email = mysql_fetch_array(mysql_query("SELECT email FROM ibwf_users WHERE id='".$who."'"));
$bdy = mysql_fetch_array(mysql_query("SELECT birthday FROM ibwf_users WHERE id='".$who."'"));
$uloc = mysql_fetch_array(mysql_query("SELECT location FROM ibwf_users WHERE id='".$who."'"));
$usig = mysql_fetch_array(mysql_query("SELECT signature FROM ibwf_users WHERE id='".$who."'"));
$sx = mysql_fetch_array(mysql_query("SELECT sex FROM ibwf_users WHERE id='".$who."'"));
echo "<p>";
echo "Nickname: $unick<br/>";
echo "</p>";
echo "<form action=\"modxproc.php?action=uprof&sid=$sid&who=$who\" method=\"post\">";
echo "Avatar: <input name=\"savat\" maxlength=\"1000\" value=\"$avat\"/><br/>";
echo "E-Mail: <input name=\"semail\" maxlength=\"1000\" value=\"$email[0]\"/><br/>";
echo "Birthday<small>[YYYY-MM-DD]</small>: <input name=\"ubday\" maxlength=\"50\" value=\"$bdy[0]\"/><br/>";
echo "Location: <input name=\"uloc\" maxlength=\"1000\" value=\"$uloc[0]\"/><br/>";
echo "Signature: <input name=\"usig\" maxlength=\"1000\" value=\"$usig[0]\"/><br/>";
echo "Sex: <select name=\"usex\" value=\"$sx[0]\">";
echo "<option value=\"M\">Male</option>";
echo "<option value=\"F\">Female</option>";
echo "</select><br/>";
echo "<input type=\"submit\" value=\"Update\"/>";
echo "</form>";
echo "<p align=\"center\">";
echo "<br/><br/>";
echo "<a href=\"modxcp.php?action=chuinfo&sid=$sid\">";
echo "Users Info</a><br/>";
echo "<a href=\"index.php?action=modxcp&sid=$sid\"><img src=\"images/admn.gif\" alt=\"*\"/>";
echo "Mod X CP</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
else{
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "I don't know how did you get into here, but there's nothing to show<br/><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
mysql_query("INSERT INTO ibwf_mlog SET action='hacks', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted To Hack modXcp', actdt='".time()."'");
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
exit();
}
echo "</html>";
?>