<?php
include("head.php");
///////////////////////////////////////////////////////////////////////////////////////////
//////////////////////////////////MODERATING CLUB MEMBER
if($action=="gcp")
{
$clid = $_GET["clid"];
$who = $_GET["who"];
$giv = $_POST["giv"];
$pnt = $_POST["pnt"];
addonline(getuid_sid($sid),"Moderating Club Member","");
$whnick = getnick_uid($who);
echo "<div><br/>$whnick's Club Points<br/></div>";
echo "<p align=\"center\">";
echo "<b>$whnick</b>";
echo "</p>";
echo "<p>";
$exs = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_clubmembers WHERE uid='".$who."' AND clid=".$clid.""));
$cow = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_clubs WHERE owner||coowner='".$uid."' AND id=".$clid.""));
if($exs[0]>0 && $cow[0]>0)
{
$mpt = mysql_fetch_array(mysql_query("SELECT points FROM ibwf_clubmembers WHERE uid='".$who."' AND clid='".$clid."'"));
if($giv=="1")
{
$pnt = $mpt[0]+$pnt;
}else{
$pnt = $mpt[0]-$pnt;
if($pnt<0)$pnt=0;
}
$res = mysql_query("UPDATE ibwf_clubmembers SET points='".$pnt."' WHERE uid='".$who."' AND clid='".$clid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Club points updated successfully!";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error!";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Missing Info!";
}
echo "</p>";
echo "<p align=\"center\">";
echo "<br/><a href=\"index.php?action=gocl&clid=$clid\">Back To Club</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////
else if($action=="gpl")
{
$clid = $_GET["clid"];
$who = $_GET["who"];
$pnt = $_POST["pnt"];
addonline(getuid_sid($sid),"Moderating Club Member","");
$whnick = getnick_uid($who);
echo "<div><br/>Give $whnick Gold<br/></div>";
echo "<p align=\"center\">";
echo "<b>$whnick</b>";
echo "</p>";
echo "<p>";
$exs = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_clubmembers WHERE uid='".$who."' AND clid=".$clid.""));
$cow = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_clubs WHERE owner||coowner='".$uid."' AND id=".$clid.""));
if($exs[0]>0 && $cow[0]>0)
{
$cpl = mysql_fetch_array(mysql_query("SELECT plusses FROM ibwf_clubs WHERE id='".$clid."'"));
if($cpl[0]>=$pnt)
{
$mpt = mysql_fetch_array(mysql_query("SELECT gold FROM ibwf_users WHERE id='".$who."'"));
$plt = $mpt[0]+$pnt;
$res = mysql_query("UPDATE ibwf_users SET gold='".$plt."' WHERE id='".$who."'");
if($res)
{
$cpl = $cpl[0]-$pnt;
$res = mysql_query("UPDATE ibwf_clubs SET plusses='".$cpl."' WHERE id='".$clid."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Gold updated successfully!";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error!";
}
}
else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Not enough Gold!";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Missing Info!";
}
echo "</p>";
echo "<p align=\"center\">";
echo "<br/><a href=\"index.php?action=gocl&clid=$clid\">Back To Club</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////
else if ($action=="upre")
{
$usds = $_POST["usds"];
$usds = str_replace('"', "", $usds);
$usds = str_replace("'", "", $usds);
$ubon = $_POST["ubon"];
$usxp = $_POST["usxp"];
addonline(getuid_sid($sid),"Preferences","");
echo "<div><br/>Preferences<br/></div>";
echo "<p align=\"center\">";
$uid = getuid_sid($sid);
$exs = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_xinfo WHERE uid='".$uid."'"));
if($exs[0]>0)
{
$res = mysql_query("UPDATE ibwf_xinfo SET sitedscr='".$usds."', budsonly='".$ubon."', sexpre='".$usxp."' WHERE uid='".$uid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Preferences Updated Successfully<br/><br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"O\"/>Database Error!<br/><br/>";
}
}else{
$res = mysql_query("INSERT INTO ibwf_xinfo SET uid='".$uid."', sitedscr='".$usds."', budsonly='".$ubon."', sexpre='".$usxp."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Preferences Updated Successfully<br/><br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"O\"/>Database Error!<br/><br/>";
}
}
echo "<a href=\"index.php?action=uxset\">";
echo "Extended Settings</a><br/>";
echo getfoot($sid,$folder);
exit();}
////////////////////////////
else if ($action=="uper")
{
$uhig = $_POST["uhig"];
$uwgt = $_POST["uwgt"];
$urln = $_POST["urln"];
$ueor = $_POST["ueor"];
$ueys = $_POST["ueys"];
$uher = $_POST["uher"];
$upro = $_POST["upro"];
addonline(getuid_sid($sid),"Personality","");
echo "<div><br/>Personality<br/></div>";
echo "<p align=\"center\">";
$uid = getuid_sid($sid);
$exs = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_xinfo WHERE uid='".$uid."'"));
if($exs[0]>0)
{
$res = mysql_query("UPDATE ibwf_xinfo SET height='".$uhig."', weight='".$uwgt."', realname='".$urln."', eyescolor='".$ueys."', profession='".$upro."', racerel='".$ueor."',hairtype='".$uher."' WHERE uid='".$uid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Personal Info Updated Successfully<br/><br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"O\"/>Database Error!<br/><br/>";
}
}else{
$res = mysql_query("INSERT INTO ibwf_xinfo SET uid='".$uid."', height='".$uhig."', weight='".$uwgt."', realname='".$urln."', eyescolor='".$ueys."', profession='".$upro."', racerel='".$ueor."',hairtype='".$uher."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Personal Info Updated Successfully<br/><br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"O\"/>Database Error!<br/><br/>";
}
}
echo "<a href=\"index.php?action=uxset\">";
echo "Extended Settings</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////////////////
else if ($action=="umin")
{
$ulik = $_POST["ulik"];
$ulik = str_replace('"', "", $ulik);
$ulik = str_replace("'", "", $ulik);
$udlk = $_POST["udlk"];
$udlk = str_replace('"', "", $udlk);
$udlk = str_replace("'", "", $udlk);
$ubht = $_POST["ubht"];
$ubht = str_replace('"', "", $ubht);
$ubht = str_replace("'", "", $ubht);
$ught = $_POST["ught"];
$ught = str_replace('"', "", $ught);
$ught = str_replace("'", "", $ught);
$ufsp = $_POST["ufsp"];
$ufsp = str_replace('"', "", $ufsp);
$ufsp = str_replace("'", "", $ufsp);
$ufmc = $_POST["ufmc"];
$ufmc = str_replace('"', "", $ufmc);
$ufmc = str_replace("'", "", $ufmc);
$umtx = $_POST["umtx"];
$umtx = str_replace('"', "", $umtx);
$umtx = str_replace("'", "", $umtx);
addonline(getuid_sid($sid),"More about me","");
echo "<div><br/>More about me<br/></div>";
echo "<p align=\"center\">";
$uid = getuid_sid($sid);
$exs = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_xinfo WHERE uid='".$uid."'"));
if($exs[0]>0)
{
$res = mysql_query("UPDATE ibwf_xinfo SET likes='".$ulik."', deslikes='".$udlk."', habitsb='".$ubht."', habitsg='".$ught."', favsport='".$ufsp."', favmusic='".$ufmc."',moretext='".$umtx."' WHERE uid='".$uid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Info Updated Successfully<br/><br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"O\"/>Database Error!<br/><br/>";
}
}else{
$res = mysql_query("INSERT INTO ibwf_xinfo SET uid='".$uid."', likes='".$ulik."', deslikes='".$udlk."', habitsb='".$ubht."', habitsg='".$ught."', favsport='".$ufsp."', favmusic='".$ufmc."',moretext='".$umtx."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Info Updated Successfully<br/><br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"O\"/>Database Error!<br/><br/>";
}
}
echo "<a href=\"index.php?action=uxset\">";
echo "Extended Settings</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////
else if($action=="mkroom")
{
$rname = mysql_escape_string($_POST["rname"]);
$rpass = trim($_POST["rpass"]);
addonline(getuid_sid($sid),"Creating Chatroom","");
echo "<div><br/>Make Chat Room<br/></div>";
echo "<p align=\"center\">";
if ($rpass=="")
{
$cns = 1;
}else{
$cns = 0;
}
$prooms = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_rooms WHERE static='0'"));
if($prooms[0]<10)
{
$res = mysql_query("INSERT INTO ibwf_rooms SET name='".$rname."', pass='".$rpass."', censord='".$cns."', static='0', lastmsg='".time()."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Room created successfully<br/><br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error!<br/><br/>";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>There's already 10 users rooms<br/><br/>";
}
echo "<a href=\"index.php?action=uchat\"><img src=\"images$folder/chat.gif\" alt=\"*\"/>Chatrooms</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////
else if($action=="signgb")
{
$who = $_POST["who"];
if(!cansigngb(getuid_sid($sid), $who))
{
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "You cant Sign this user guestbook<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////////////////////////
$msgtxt = $_POST["msgtxt"];
//$qut = $_POST["qut"];
addonline(getuid_sid($sid),"Signing a guestbook","");
echo "<div><br/>Sign Guestbook<br/></div>";
echo "<p align=\"center\">";
$crdate = time();
//$uid = getuid_sid($sid);
$res = false;
if(trim($msgtxt)!="")
{
$res = mysql_query("INSERT INTO ibwf_gbook SET gbowner='".$who."', gbsigner='".$uid."', dtime='".$crdate."', gbmsg='".$msgtxt."'");
}
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Message Posted Successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error Posting Message";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////
else if($action=="votepl")
{
//$uid = getuid_sid($sid);
$plid = $_GET["plid"];
$ans = $_GET["ans"];
addonline(getuid_sid($sid),"Pole Volting lol","");
echo "<div><br/>Pole Volting lol<br/></div>";
echo "<p align=\"center\">";
$voted = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_presults WHERE uid='".$uid."' AND pid='".$plid."'"));
if($voted[0]==0)
{
$res = mysql_query("INSERT INTO ibwf_presults SET uid='".$uid."', pid='".$plid."', ans='".$ans."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Thanks for voting";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>You already voted for this poll";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////
else if($action=="dlpoll")
{
//$uid = getuid_sid($sid);
addonline(getuid_sid($sid),"Deleting Poll","");
echo "<div><br/>Delete Poll<br/></div>";
echo "<p align=\"center\">";
$pid = mysql_fetch_array(mysql_query("SELECT pollid FROM ibwf_users WHERE id='".$uid."'"));
$res = mysql_query("UPDATE ibwf_users SET pollid='0' WHERE id='".$uid."'");
if($res)
{
$res = mysql_query("DELETE FROM ibwf_presults WHERE pid='".$pid[0]."'");
$res = mysql_query("DELETE FROM ibwf_pp_pres WHERE pid='".$pid[0]."'");
$res = mysql_query("DELETE FROM ibwf_polls WHERE id='".$pid[0]."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Poll Deleted";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////DELETE ANOUNCEMENT
else if($action=="delan")
{
//$uid = getuid_sid($sid);
addonline(getuid_sid($sid),"Deleting Announcement","");
$clid = $_GET["clid"];
$anid = $_GET["anid"];
$uid = getuid_sid($sid);
echo "<div><br/>Delete Announcement<br/></div>";
echo "<p align=\"center\">";
$pid = mysql_fetch_array(mysql_query("SELECT owner, coowner FROM ibwf_clubs WHERE id='".$clid."'"));
$exs = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_announcements WHERE id='".$anid."' AND clid='".$clid."'"));
if(($uid==$pid[0]||$pid[1])&&($exs[0]>0))
{
$res = mysql_query("DELETE FROM ibwf_announcements WHERE id='".$anid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Announcement Deleted";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>You can't delete this announcement!";
}
echo "<br/><a href=\"index.php?action=gocl&clid=$clid\">Back To Club</a><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
else if($action=="dlcl")
{
addonline(getuid_sid($sid),"Deleting Club","");
$clid = $_GET["clid"];
$uid = getuid_sid($sid);
echo "<p align=\"center\">";
echo "<div><br/>Delete Club<br/></div>";
$pid = mysql_fetch_array(mysql_query("SELECT owner FROM ibwf_clubs WHERE id='".$clid."'"));
if($uid==$pid[0])
{
$res = deleteClub($clid);
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Club Deleted";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>You can't delete this club!";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////
else if($action=="dltpl")
{
//$uid = getuid_sid($sid);
$tid = $_GET["tid"];
addonline(getuid_sid($sid),"Deleting Poll","");
echo "<div><br/>Delete Poll<br/></div>";
echo "<p align=\"center\">";
$pid = mysql_fetch_array(mysql_query("SELECT pollid FROM ibwf_topics WHERE id='".$tid."'"));
$res = mysql_query("UPDATE ibwf_topics SET pollid='0' WHERE id='".$tid."'");
if($res)
{
$res = mysql_query("DELETE FROM ibwf_presults WHERE pid='".$pid[0]."'");
$res = mysql_query("DELETE FROM ibwf_polls WHERE id='".$pid[0]."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Poll Deleted";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
else if($action=="reqjc")
{
$clid = $_GET["clid"];
addonline(getuid_sid($sid),"Joining A Club","");
echo "<div><br/>Request To Join Club<br/></div>";
echo "<p align=\"center\">";
$uid = getuid_sid($sid);
$isin = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_clubmembers WHERE uid='".$uid."' AND clid='".$clid."'"));
if($isin[0]==0){
$res = mysql_query("INSERT INTO ibwf_clubmembers SET uid='".$uid."', clid='".$clid."', accepted='0', points='0', joined='".time()."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Request sent! The club owner should accept your request";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>You are already in this club or request sent and waiting for acception";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////
else if($action=="unjc")
{
$clid = $_GET["clid"];
addonline(getuid_sid($sid),"Unjoining club","");
echo "<div><br/>Unjoin Club<br/></div>";
echo "<p align=\"center\">";
$uid = getuid_sid($sid);
$isin = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_clubmembers WHERE uid='".$uid."' AND clid='".$clid."'"));
if($isin[0]>0){
$res = mysql_query("DELETE FROM ibwf_clubmembers WHERE uid='".$uid."' AND clid='".$clid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Unjoined club successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>You're not a member of this club!";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////ADD CLUB MEMBER
else if($action=="acm")
{
$clid = $_GET["clid"];
$who = $_GET["who"];
addonline(getuid_sid($sid),"Adding A Member To Club","");
echo "<div><br/>Add Club Member<br/></div>";
echo "<p align=\"center\">";
$uid = getuid_sid($sid);
$cowner = mysql_fetch_array(mysql_query("SELECT owner, coowner FROM ibwf_clubs WHERE id='".$clid."'"));
if($cowner[0]||$cowner[1]==$uid){
$res = mysql_query("UPDATE ibwf_clubmembers SET accepted='1' WHERE clid='".$clid."' AND uid='".$who."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Member added to your club";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>This club ain't yours";
}
echo "<br/><a href=\"index.php?action=gocl&clid=$clid\">Back To Club</a><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////accept all
else if($action=="accall")
{
$clid = $_GET["clid"];
addonline(getuid_sid($sid),"Adding A Member To Club","");
echo "<div><br/>Accept All<br/></div>";
echo "<p align=\"center\">";
$uid = getuid_sid($sid);
$cowner = mysql_fetch_array(mysql_query("SELECT owner, coowner FROM ibwf_clubs WHERE id='".$clid."'"));
if($cowner[0]||$cowner[1]==$uid){
$res = mysql_query("UPDATE ibwf_clubmembers SET accepted='1' WHERE clid='".$clid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>All Members Accepted";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>This club ain't yours";
}
echo "<br/><a href=\"index.php?action=gocl&clid=$clid\">Back To Club</a><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////
else if($action=="denall")
{
$clid = $_GET["clid"];
addonline(getuid_sid($sid),"Adding A Member To Club","");
echo "<div><br/>Dennying Club Member<br/></div>";
echo "<p align=\"center\">";
$uid = getuid_sid($sid);
$cowner = mysql_fetch_array(mysql_query("SELECT owner, coowner FROM ibwf_clubs WHERE id='".$clid."'"));
if($cowner[0]||$cowner[1]==$uid){
$res = mysql_query("DELETE FROM ibwf_clubmembers WHERE accepted='0' AND clid='".$clid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>All Members Denied";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>This club ain't yours";
}
echo "<br/><a href=\"index.php?action=gocl&clid=$clid\">Back To Club</a><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////DELETE CLUB MEMBER
else if($action=="dcm")
{
$clid = $_GET["clid"];
$who = $_GET["who"];
addonline(getuid_sid($sid),"Deleting A Member From Club","");
echo "<div><br/>Delete Club Member<br/></div>";
echo "<p align=\"center\">";
$uid = getuid_sid($sid);
$cowner = mysql_fetch_array(mysql_query("SELECT owner, coowner FROM ibwf_clubs WHERE id='".$clid."'"));
if($who==$cowner[0]){
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>NOT ALLOWED!";
}else if($cowner[0]||$cowner[1]==$uid){
$res = mysql_query("DELETE FROM ibwf_clubmembers WHERE clid='".$clid."' AND uid='".$who."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Member deleted from your club";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>This club ain't yours";
}
echo "<br/><a href=\"index.php?action=gocl&clid=$clid\">Back To Club</a><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////
else if($action=="crpoll")
{
addonline(getuid_sid($sid),"Creating Poll","");
echo "<div><br/>Create Poll<br/></div>";
echo "<p align=\"center\">";
if(getgold(getuid_sid($sid))>=50)
{
$pid = mysql_fetch_array(mysql_query("SELECT pollid FROM ibwf_users WHERE id='".$uid."'"));
if($pid[0] == 0)
{
$pques = $_POST["pques"];
$opt1 = $_POST["opt1"];
$opt2 = $_POST["opt2"];
$opt3 = $_POST["opt3"];
$opt4 = $_POST["opt4"];
$opt5 = $_POST["opt5"];
if((trim($pques)!="")&&(trim($opt1)!="")&&(trim($opt2)!=""))
{
$pex = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_polls WHERE pqst LIKE '".$pques."'"));
if($pex[0]==0)
{
$res = mysql_query("INSERT INTO ibwf_polls SET pqst='".$pques."', opt1='".$opt1."', opt2='".$opt2."', opt3='".$opt3."', opt4='".$opt4."', opt5='".$opt5."', pdt='".time()."'");
if($res)
{
$pollid = mysql_fetch_array(mysql_query("SELECT id FROM ibwf_polls WHERE pqst='".$pques."' "));
mysql_query("UPDATE ibwf_users SET pollid='".$pollid[0]."' WHERE id='".$uid."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Your poll created successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>There's already a poll with the same question";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>The poll must have a question, and at least 2 options";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>You already have a poll";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>You should have at least 50 Gold to create a poll<br/>To get Gold. Exchange Plusses at the <a href=\"bank.php?action=bank\">»Wapirate Bank</a>!";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////////
else if($action=="pltpc")
{
$tid = $_GET["tid"];
addonline(getuid_sid($sid),"Creating Poll","");
echo "<div><br/>Create Poll<br/></div>";
echo "<p align=\"center\">";
if((getgold(getuid_sid($sid))>=500)||isstatus5($uid))
{
$pid = mysql_fetch_array(mysql_query("SELECT pollid FROM ibwf_topics WHERE id='".$tid."'"));
if($pid[0] == 0)
{
$pques = $_POST["pques"];
$opt1 = $_POST["opt1"];
$opt2 = $_POST["opt2"];
$opt3 = $_POST["opt3"];
$opt4 = $_POST["opt4"];
$opt5 = $_POST["opt5"];
if((trim($pques)!="")&&(trim($opt1)!="")&&(trim($opt2)!=""))
{
$pex = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_polls WHERE pqst LIKE '".$pques."'"));
if($pex[0]==0)
{
$res = mysql_query("INSERT INTO ibwf_polls SET pqst='".$pques."', opt1='".$opt1."', opt2='".$opt2."', opt3='".$opt3."', opt4='".$opt4."', opt5='".$opt5."', pdt='".time()."'");
if($res)
{
$pollid = mysql_fetch_array(mysql_query("SELECT id FROM ibwf_polls WHERE pqst='".$pques."' "));
mysql_query("UPDATE ibwf_topics SET pollid='".$pollid[0]."' WHERE id='".$tid."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Your poll created successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>There's already a poll with the same question";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>The poll must have a question, and at least 2 options";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>This Topic Already Has A poll";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>You should have at least 500 Gold to create a poll<br/>To get Gold. Exchange Plusses at the <a href=\"bank.php?action=bank\">»Wapirate Bank</a>!";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////add blog
else if($action=="addblg")
{
if(!getgold(getuid_sid($sid))>50)
{
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "Only 50+ plusses can add blogs<br/><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
$btitle = $_POST["btitle"];
$msgtxt = $_POST["msgtxt"];
//$qut = $_POST["qut"];
addonline(getuid_sid($sid),"Adding a blog","");
echo "<head>";
echo "<title>wapirate</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"themes$bgi.php?sid=$sid\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Add Blog<br/></div>";
echo "<p align=\"center\">";
$crdate = time();
$uid = getuid_sid($sid);
$res = false;
if((trim($msgtxt)!="")&&(trim($btitle)!=""))
{
$res = mysql_query("INSERT INTO ibwf_blogs SET bowner='".$uid."', bname='".$btitle."', bgdate='".$crdate."', btext='".$msgtxt."'");
}
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Blog Posted Successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error Posting Blog";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////
else if($action=="addvlt")
{
if(!getgold(getuid_sid($sid))>19)
{
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "Only 20+ Gold can add a vault item<br/>To get Gold. Exchange Plusses at the <a href=\"bank.php?action=bank\">»Wapirate Bank</a>!<br/><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
$viname = $_POST["viname"];
$vilink = $_POST["vilink"];
addonline(getuid_sid($sid),"Adding a vault Item","");
echo "<div><br/>Add Vault Item<br/></div>";
echo "<p align=\"center\">";
$crdate = time();
$res = false;
if((trim($vilink)!="")&&(trim($viname)!=""))
{
$res = mysql_query("INSERT INTO ibwf_vault SET uid='".$uid."', title='".mysql_escape_string($viname)."', pudt='".$crdate."', itemurl='".$vilink."'");
}
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Item added Successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error adding an item";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////shout
else if($action=="shout")
{
$shtxt = $_POST["shtxt"];
addonline(getuid_sid($sid),"Shouting","");
echo "<div><br/>Shout<br/></div>";
echo "<p align=\"center\">";
if(getgold(getuid_sid($sid))<10)
{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You should have at least 10 Gold to shout!<br/>To get Gold. Exchange Plusses at the <a href=\"bank.php?action=bank\">»Wapirate Bank</a>!";
}else{
$len = strlen($shtxt);
if($len>5){
$shtm = time();
$res = mysql_query("INSERT INTO ibwf_shouts SET shout='".$shtxt."', shouter='".$uid."', shtime='".$shtm."'");
if($res)
{
$shts = mysql_fetch_array(mysql_query("SELECT shouts from ibwf_users WHERE id='".$uid."'"));
$shts = $shts[0]+1;
mysql_query("UPDATE ibwf_users SET shouts='".$shts."' WHERE id='".$uid."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Shout added successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Your Shout Is Too Short!";
}
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////Announce
else if($action=="annc")
{
$antx = $_POST["antx"];
$clid = $_GET["clid"];
addonline(getuid_sid($sid),"Announcing","");
echo "<div><br/>Announce<br/></div>";
$cow = mysql_fetch_array(mysql_query("SELECT owner, coowner FROM ibwf_clubs WHERE id='".$clid."'"));
$uid = getuid_sid($sid);
echo "<p align=\"center\">";
if($cow[0]||$cow=$uid)
{
$shtxt = $shtxt;
//$uid = getuid_sid($sid);
$shtm = time();
$res = mysql_query("INSERT INTO ibwf_announcements SET antext='".$antx."', clid='".$clid."', antime='".$shtm."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Announcement Added!";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>This is not your club!";
}
echo "<br/><a href=\"index.php?action=gocl&clid=$clid\">Back To Club</a><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////
else if($action=="rateb")
{
$brate = $_POST["brate"];
$bid = $_GET["bid"];
addonline(getuid_sid($sid),"Rating a blog","");
echo "<div><br/>Rate blog<br/></div>";
echo "<p align=\"center\">";
$vb = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_brate WHERE uid='".$uid."' AND blogid='".$bid."'"));
if($vb[0]==0)
{
$res = mysql_query("INSERT INTO ibwf_brate SET uid='".$uid."', blogid='".$bid."', brate='".$brate."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Blog rated successfully<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!<br/>";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>You have rated this blog before<br/>";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////
else if($action=="delfgb")
{
$mid = $_GET["mid"];
addonline(getuid_sid($sid),"Deleting GB Message","");
echo "<div><br/>Delete Guestbook Message<br/></div>";
echo "<p align=\"center\">";
if(candelgb(getuid_sid($sid), $mid))
{
$res = mysql_query("DELETE FROM ibwf_gbook WHERE id='".$mid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Message Deleted From Guestbook<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!<br/>";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You can't delete this message";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////
else if($action=="delvlt")
{
$vid = $_GET["vid"];
addonline(getuid_sid($sid),"Deleting Vault Item","");
echo "<div><br/>Delete Vault<br/></div>";
echo "<p align=\"center\">";
$itemowner = mysql_fetch_array(mysql_query("SELECT uid FROM ibwf_vault WHERE id='".$vid."'"));
if(isstatus4(getuid_sid($sid))||getuid_sid($sid)==$itemowner[0])
{
$res = mysql_query("DELETE FROM ibwf_vault WHERE id='".$vid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Item Deleted From Vault<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!<br/>";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You can't delete this item";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////
else if($action=="delbl")
{
$bid = $_GET["bid"];
addonline(getuid_sid($sid),"Deleting A Blog","");
echo "<div><br/>Delete Blog<br/></div>";
echo "<p align=\"center\">";
if(candelbl(getuid_sid($sid), $bid))
{
$res = mysql_query("DELETE FROM ibwf_blogs WHERE id='".$bid."'");
if($res)
{
mysql_query("DELETE FROM ibwf_blogcomment WHERE blogowner='".$bid."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Blog Deleted<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!<br/>";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You can't delete this blog";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////////
else if($action=="rpost")
{
$pid = $_GET["pid"];
addonline(getuid_sid($sid),"Main Page","");
echo "<div><br/>Report Post<br/></div>";
echo "<p align=\"center\">";
$pinfo = mysql_fetch_array(mysql_query("SELECT reported FROM ibwf_posts WHERE id='".$pid."'"));
if($pinfo[0]=="0")
{
$str = mysql_query("UPDATE ibwf_posts SET reported='1' WHERE id='".$pid."' ");
if($str)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Post reported to mods successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Can't report post at the moment";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>This Post is already reported";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////
else if($action=="rtpc")
{
$tid = $_GET["tid"];
addonline(getuid_sid($sid),"Main Page","");
echo "<div><br/>Report Topic<br/></div>";
echo "<p align=\"center\">";
$pinfo = mysql_fetch_array(mysql_query("SELECT reported FROM ibwf_topics WHERE id='".$tid."'"));
if($pinfo[0]=="0")
{
$str = mysql_query("UPDATE ibwf_topics SET reported='1' WHERE id='".$tid."' ");
if($str)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Topic reported to mods successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Can't report topic at the moment";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>This Topic is already reported";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
else if($action=="bud")
{
$todo = $_GET["todo"];
$who = $_GET["who"];
addonline(getuid_sid($sid),"Adding/Removing Buddy","");
echo "<div><br/>Update Buddies<br/></div>";
echo "<p align=\"center\">";
//$uid = getuid_sid($sid);
$unick = getnick_uid($uid);
$tnick = getnick_uid($who);
if($todo=="add")
{
if(budres($uid,$who)!=3){
if(arebuds($uid,$who))
{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>$tnick is already your buddy<br/>";
}else if(budres($uid, $who)==0)
{
$res = mysql_query("INSERT INTO ibwf_buddies SET uid='".$uid."', tid='".$who."', reqdt='".time()."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>A request has been sent to $tnick<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>You can't add $tnick to your buddy list<br/>";
}
}
else if(budres($uid, $who)==1)
{
$res = mysql_query("UPDATE ibwf_buddies SET agreed='1' WHERE uid='".$who."' AND tid='".$uid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>$tnick Added to your buddy list successfully<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>You can't add $tnick to your buddy list<br/>";
}
}
else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>You can't add $tnick to your buddy list<br/>";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>You can't add $tnick to your buddy list<br/>";
}
}else if($todo="del")
{
$res= mysql_query("DELETE FROM ibwf_buddies WHERE (uid='".$uid."' AND tid='".$who."') OR (uid='".$who."' AND tid='".$uid."')");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>$tnick removed from your buddy list<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>can't remove $tnick from your buddy list<br/>";
}
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////Update buddy message
else if($action=="upbmsg")
{
addonline(getuid_sid($sid),"Updating Buddy message","");
$bmsg = $_POST["bmsg"];
echo "<div><br/>Update Buddy Message<br/></div>";
echo "<p align=\"center\">";
//$uid = getuid_sid($sid);
$res = mysql_query("UPDATE ibwf_users SET budmsg='".$bmsg."' WHERE id='".$uid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Buddy message updated successfully<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>can't update your buddy message<br/>";
}
echo "<br/>";
echo "<a href=\"lists.php?action=buds\">";
echo "Buddies List</a><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////Select Avatar
else if($action=="upav")
{
addonline(getuid_sid($sid),"Updating Avatar","");
$avid = $_GET["avid"];
echo "<div><br/>Avatar<br/></div>";
echo "<p align=\"center\">";
//$uid = getuid_sid($sid);
$avlnk = mysql_fetch_array(mysql_query("SELECT avlink FROM ibwf_avatars WHERE id='".$avid."'"));
$res = mysql_query("UPDATE ibwf_users SET avatar='".$avlnk[0]."' WHERE id='".$uid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Avatar Selected<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!<br/>";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////Chatmood
else if($action=="upcm")
{
addonline(getuid_sid($sid),"Updating Chatmood","");
$cmid = $_GET["cmid"];
echo "<div><br/>Mood<br/></div>";
echo "<p align=\"center\">";
//$uid = getuid_sid($sid);
$res = mysql_query("UPDATE ibwf_users SET chmood='".$cmid."' WHERE id='".$uid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Mood Selected<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!<br/>";
}
echo "<br/>";
echo "<a href=\"index.php?action=chat\">";
echo "Chatrooms</a><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////Give GPs
else if($action=="givegp")
{
addonline(getuid_sid($sid),"Giving Game Plusses","");
$who = $_GET["who"];
$tfgp = $_POST["tfgp"];
echo "<div><br/>Give Game Plusses<br/></div>";
echo "<p align=\"center\">";
$gpsf = mysql_fetch_array(mysql_query("SELECT gplus FROM ibwf_users WHERE id='".$uid."'"));
$gpst = mysql_fetch_array(mysql_query("SELECT gplus FROM ibwf_users WHERE id='".$who."'"));
if($gpsf[0]>=$tfgp){
$gpsf = $gpsf[0]-$tfgp;
$gpst = $gpst[0]+$tfgp;
$res = mysql_query("UPDATE ibwf_users SET gplus='".$gpst."' WHERE id='".$who."'");
if($res)
{
$res = mysql_query("UPDATE ibwf_users SET gplus='".$gpsf."' WHERE id='".$uid."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Game Plusses Updated Successfully<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!<br/>";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>You don't have enough GPs to give<br/>";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////// add club
else if($action=="addcl")
{
addonline(getuid_sid($sid),"Adding Club","");
$clnm = trim($_POST["clnm"]);
$clnm = str_replace("$", "", $clnm);
$clds = trim($_POST["clds"]);
$clds = str_replace("$", "", $clds);
$clrl = trim($_POST["clrl"]);
$clrl = str_replace("$", "", $clrl);
$cllg = trim($_POST["cllg"]);
$cllg = str_replace("$", "", $cllg);
echo "<div><br/>Add Club<br/></div>";
echo "<p align=\"center\">";
$uid = getuid_sid($sid);
if(getgold($uid)>=500)
{
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_clubs WHERE owner='".$uid."'"));
if($noi[0]<3)
{
if(($clnm=="")||($clds=="")||($clrl==""))
{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Please be sure to fill, club name, description and rules";
}else{
$nmex = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_clubs WHERE name LIKE '".$clnm."'"));
if($nmex[0]>0)
{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Club Name Already exist";
}else{
$res = mysql_query("INSERT INTO ibwf_clubs SET name='".$clnm."', owner='".$uid."', description='".$clds."', rules='".$clrl."', logo='".$cllg."', plusses='0', created='".time()."'");
if($res)
{
$clid = mysql_fetch_array(mysql_query("SELECT id FROM ibwf_clubs WHERE owner='".$uid."' AND name='".$clnm."'"));
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Congratulations! you have your own club, your own rules, message board, chatroom, announcements board, 50 club points also for you";
mysql_query("UPDATE ibwf_users SET gold=gold-500 WHERE id='".$uid."'");
mysql_query("INSERT INTO ibwf_clubmembers SET uid='".$uid."', clid='".$clid[0]."', accepted='1', points='50', joined='".time()."'");
//$ups = getplusses($uid);
//$ups += 5;
//mysql_query("UPDATE ibwf_users SET plusses='".$ups."' WHERE id='".$uid."'");
$fnm = $clnm;
$cnm = $clnm;
mysql_query("INSERT INTO ibwf_forums SET name='".$fnm."', position='0', cid='0', clubid='".$clid[0]."'");
mysql_query("INSERT INTO ibwf_rooms SET name='".$cnm."', pass='', static='1', mage='0', chposts='0', perms='0', censord='0', freaky='0', lastmsg='".time()."', clubid='".$clid[0]."'");
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error!";
}
}
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You already have 3 clubs";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You cant add clubs";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////Give BPs
else if($action=="batp")
{
addonline(getuid_sid($sid),"Giving Game Plusses","");
$who = $_GET["who"];
$ptg = $_POST["ptbp"];
$giv = $_POST["giv"];
echo "<div><br/>Give Battle Points<br/></div>";
echo "<p align=\"center\">";
$judg = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_judges WHERE uid='".getuid_sid($sid)."'"));
$gpst = mysql_fetch_array(mysql_query("SELECT battlep FROM ibwf_users WHERE id='".$who."'"));
if(isstatus1(getuid_sid($sid))||$judg[0]>0)
{
if ($giv=="1")
{
$bat = mysql_fetch_array(mysql_query("SELECT bp FROM ibwf_staff WHERE uid='".getuid_sid($sid)."'"));
if($bat[0]<$ptg){
$new = mysql_fetch_array(mysql_query("SELECT battlep FROM ibwf_users WHERE id='".getuid_sid($sid)."'"));
$pln = $new[0] - $ptg;
mysql_query("UPDATE ibwf_users SET battlep='".$pln."' WHERE id='".getuid_sid($sid)."'");
mysql_query("INSERT INTO ibwf_mlog SET action='Staff', details='<b>".getnick_uid(getuid_sid($sid))."</b> Updated there ".$unick."s Bp and Sacrificed ".$ptg." Bp lol', actdt='".time()."'");
}else{
$pln = $bat[0] - $ptg;
mysql_query("UPDATE ibwf_staff SET bp='".$pln."' WHERE uid='".getuid_sid($sid)."'");
}
$gpst = $gpst[0]+$ptg;
}else{
$gpst = $gpst[0]-$ptg;
if($gpst<0)$gpst=0;
}
if($who==$uid){
$who = "8131";
}
$res = mysql_query("UPDATE ibwf_users SET battlep='".$gpst."' WHERE id='".$who."'");
if($res)
{
$vnick = getnick_uid($who);
if ($giv=="1")
{
$ms1 = " Added $ptg points to ";
}else{
$ms1 = " removed $ptg points from ";
}
mysql_query("INSERT INTO ibwf_mlog SET action='bpoints', details='<b>".getnick_uid(getuid_sid($sid))."</b> $ms1 $vnick', actdt='".time()."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Battle Points Updated Successfully<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!<br/>";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>You can't do this<br/>";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////Add remove from ignoire list
else if($action=="ign")
{
addonline(getuid_sid($sid),"Updating ignore list","");
$todo = $_GET["todo"];
$who = $_GET["who"];
echo "<div><br/>Update Ignore List<br/></div>";
echo "<p align=\"center\">";
//$uid = getuid_sid($sid);
$tnick = getnick_uid($who);
if($todo=="add")
{
if(ignoreres($uid, $who)==1)
{
$res= mysql_query("INSERT INTO ibwf_ignore SET name='".$uid."', target='".$who."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>$tnick was added successfully to your ignore list<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Error Updating Database<br/>";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>You can't Add $tnick to your ignore list<br/>";
}
}else if($todo="del")
{
if(ignoreres($uid, $who)==2)
{
$res= mysql_query("DELETE FROM ibwf_ignore WHERE name='".$uid."' AND target='".$who."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>$tnick was deleted successfully from your ignore list<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Error Updating Database<br/>";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>$tnick is not ignored by you<br/>";
}
}
echo "<br/><a href=\"lists.php?action=ignl\">";
echo "Ignore List</a><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////Update profile
else if($action=="uprof")
{
addonline(getuid_sid($sid),"Updating Settings","");
//$savat = $_POST["savat"];
$semail = $_POST["semail"];
$usite = $_POST["usite"];
//$ubday = $_POST["ubday"];
$year = $_POST["year"];
$month = $_POST["month"];
$day = $_POST["day"];
$uloc = $_POST["uloc"];
$usig = $_POST["usig"];
$usex = $_POST["usex"];
$flag = $_POST["flag"];
echo "<div><br/>Update Settings<br/></div>";
echo "<p align=\"center\">";
//$uid = getuid_sid($sid);
/*avatar='".$savat."',*/
$res = mysql_query("UPDATE ibwf_users SET email='".$semail."', site='".$usite."', birthday='".$year.$month.$day."', location='".$uloc."', signature='".$usig."', sex='".$usex."', flag='".$flag."' WHERE id='".$uid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Your profile was updated successfully<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Error updating your profile<br/>";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////
else if($action=="siteset")
{
addonline(getuid_sid($sid),"Updating Theme","");
$body_bg = $_POST["body_bg"];
$body_txt = $_POST["body_txt"];
$div_bg = $_POST["div_bg"];
$brdr_col = $_POST["brdr_col"];
$link_col = $_POST["link_col"];
$font = $_POST["font"];
$type = $_POST["type"];
$bgi = $_POST["bgi"];
$big = $_POST["big"];
$box = $_POST["box"];
if($big=="")
{
$big = $bgi;
}
$ppt = $_POST["ppt"];
$tpf = $_POST["tpf"];
$folder = $_POST["folder"];
$uid = getuid_sid($sid);
if($body_bg!=$body_txt&&$body_bg!=$link_col&&$body_txt!=$link_col&&$div_bg!=$body_bg){
$res = mysql_query("UPDATE ibwf_users SET box='".$box."', postspertopic='".$ppt."', topicsperforum='".$tpf."', folder='".$folder."', body_background='".$body_bg."', body_text='".$body_txt."', font_size='".$font."', border_color='".$brdr_col."', div_background='".$div_bg."', link_color='".$link_col."', font_family='".$type."', background_image='".$big."' WHERE id='".$uid."'");
}
$theme = mysql_fetch_array(mysql_query("SELECT theme, folder, background_image FROM ibwf_users WHERE id='".$uid."'"));
$folder = $theme[1];
if($theme[2]!=""){
$bgi = "1";
}
echo "<div><br/>Update Theme<br/></div>";
echo "<p align=\"center\">";
echo mysql_error();
if($body_bg==$body_txt){
echo "<img src=\"../images$folder/notok.gif\" alt=\"x\"/><br/>Error Main Background And Main Text Color Cannot Be Same!";
}else if($body_bg==$link_col){
echo "<img src=\"../images$folder/notok.gif\" alt=\"x\"/><br/>Error Main Background And Link Color Cannot Be Same!";
}else if($body_txt==$link_col){
echo "<img src=\"../images$folder/notok.gif\" alt=\"x\"/><br/>Error Main Text Color And Link Color Cannot Be Same!";
}else if($div_bg==$body_bg){
echo "<img src=\"../images$folder/notok.gif\" alt=\"x\"/><br/>Error Background Color And Top/Bottom Background Color Cannot Be Same!";
}else{
if($res)
{
echo "<img src=\"../images$folder/ok.gif\" alt=\"o\"/>Your theme has been updated successfully<br/><br/><br/>";
}else{
echo "<img src=\"../images$folder/notok.gif\" alt=\"x\"/>Database Error!<br/><br/>";
}
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////Update profile
else if($action=="shsml")
{
addonline(getuid_sid($sid),"Updating Smilies","");
$act = $_GET["act"];
$acts = ($act=="dis" ? 0 : 1);
echo "<div><br/>Update Smilies<br/></div>";
echo "<p align=\"center\">";
//$uid = getuid_sid($sid);
$res = mysql_query("UPDATE ibwf_users SET hvia='".$acts."' WHERE id='".$uid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Smileys Visibility updated successfully<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Error updating your profile<br/>";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////Change Password
else if($action=="upwd")
{
addonline(getuid_sid($sid),"Updating Settings","");
$npwd = $_POST["npwd"];
$cpwd = $_POST["cpwd"];
echo "<div><br/>Change Pass<br/></div>";
echo "<p align=\"center\">";
//$uid = getuid_sid($sid);
if($npwd!=$cpwd)
{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Your Password and Confirmation Password Don't match<br/>";
}else if((strlen($npwd)<4) || (strlen($npwd)>15)){
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Your password should be between 4 and 15 letters only<br/>";
}else{
$pwd = md5($npwd);
$res = mysql_query("UPDATE ibwf_users SET pass='".$pwd."' WHERE id='".$uid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Your password was updated successfully<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Error updating your password<br/>";
}
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////
else if($action=="addphoto")
{
$imglink = $_POST["imglink"];
$sex = $_POST["sex"];
$uid = getuid_sid($sid);
echo "<div><br/>Add Photo<br/></div>";
echo "<p align=\"center\">";
$res = mysql_query("INSERT INTO ibwf_gallery SET uid='".$uid."', imglink='".$imglink."', sex='".$sex."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>User Photo Added<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error<br/>";
}
echo "<a href=\"gallery.php?action=main\">User Gallery</a><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////ADD CO-OWNER
else if($action=="coowner")
{
//$uid = getuid_sid($sid);
$clid = $_GET["clid"];
$who = $_GET["who"];
addonline(getuid_sid($sid),"Adding A Member To Club","");
echo "<div><br/>Add Co-Owner<br/></div>";
echo "<p align=\"center\">";
$uid = getuid_sid($sid);
$cowner = mysql_fetch_array(mysql_query("SELECT owner FROM ibwf_clubs WHERE id='".$clid."'"));
if($cowner[0]==$uid){
$res = mysql_query("UPDATE ibwf_clubs SET coowner='".$who."' WHERE id='".$clid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Co-Owner added to your club";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>This club ain't yours";
}
echo "<br/><a href=\"index.php?action=gocl&clid=$clid\">Back To Club</a><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////DELETE CO-OWNER
else if($action=="delcoowner")
{
//$uid = getuid_sid($sid);
$clid = $_GET["clid"];
$who = $_GET["who"];
addonline(getuid_sid($sid),"Adding A Member To Club","");
echo "<div><br/>Delete Co-Owner<br/></div>";
echo "<p align=\"center\">";
$uid = getuid_sid($sid);
$cowner = mysql_fetch_array(mysql_query("SELECT owner FROM ibwf_clubs WHERE id='".$clid."'"));
if($cowner[0]==$uid){
$res = mysql_query("UPDATE ibwf_clubs SET coowner='0' WHERE id='".$clid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Co-Owner deleted from your club";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>This club ain't yours";
}
echo "<br/><a href=\"index.php?action=gocl&clid=$clid\">Back To Club</a><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////Change Menu Images On
else if($action=="menu")
{
addonline(getuid_sid($sid),"Looking for Treasure","");
echo "<div><br/>Images On<br/></div>";
echo "<p align=\"center\">";
$menu = 1;
$res = mysql_query("UPDATE ibwf_users SET menu='".$menu."' WHERE id='".$uid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Menu Images Turned On Successfully<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Error Updating Menu Images<br/>";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////Change Menu Images Off
else if($action=="nomenu")
{
addonline(getuid_sid($sid),"Looking for Treasure","");
echo "<div><br/>Images Off<br/></div>";
echo "<p align=\"center\">";
$menu = 0;
$res = mysql_query("UPDATE ibwf_users SET menu='".$menu."' WHERE id='".$uid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Menu Images Turned Off Successfully<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Error Updating Menu Images<br/>";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////add quiz words
else if($action=="addquiz"){
$question = $_POST["question"];
$answer = $_POST["answer"];
$points = $_POST["points"];
$qnick = $_POST["qnick"];
echo "<div><br/>Add Quiz Word<br/></div>";
echo "<p align=\"center\">";
echo "<br/>";
$res = mysql_query("INSERT INTO quizuser SET question='".$question."', answer='".$answer."', points='".$points."', who='".$qnick."'");
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Quiz Question added successfully<br/>Your points will be added as soon as your question is validated by a member of staff!";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error adding Quiz Question ";
}
echo "<br/><br/><a href=\"quiz.php?action=addquiz&rid=1\">Add Another Quiz Question?</a><br/><br/>";
echo "<a href=\"quiz.php?rid=1\">Quiz</a><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////blog comment
else if($action=="signblogcomment")
{
$who = $_POST["who"];
$bid = $_GET["bid"];
if(!cansignblogcomment(getuid_sid($sid), $who))
{
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "You cant Sign this user Blog<br/><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
$msgtxt = $_POST["msgtxt"];
addonline(getuid_sid($sid),"Signing a User's Blog","");
echo "<div><br/>Add Comment<br/></div>";
echo "<p align=\"center\">";
$crdate = time();
$res = false;
if(trim($msgtxt)!="")
{
$res = mysql_query("INSERT INTO ibwf_blogcomment SET blogowner='".$bid."', blogsigner='".$uid."', dtime='".$crdate."', blogmsg='".$msgtxt."'");
}
if($res)
{
echo "<img src=\"../images$folder/ok.gif\" alt=\"O\"/>Comment Posted Successfully";
}else{
echo "<img src=\"../images$folder/notok.gif\" alt=\"X\"/>Error Posting Comment";
}
amp;
echo "<br/><br/>";
echo "<a href=\"lists.php?action=allbl\">Back to Blogs</a><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////delete blog comments
else if($action=="delblogcomment")
{
$mid = $_GET["mid"];
addonline(getuid_sid($sid),"Deleting Blog's Comment","");
echo "<div><br/>Add Comment<br/></div>";
echo "<p align=\"center\">";
if(candelblogcomment(getuid_sid($sid), $mid))
{
$res = mysql_query("DELETE FROM ibwf_blogcomment WHERE id='".$mid."'");
if($res)
{
echo "<img src=\"../images$folder/ok.gif\" alt=\"o\"/>Comment Deleted From Blog<br/>";
}else{
echo "<img src=\"../images$folder/notok.gif\" alt=\"x\"/>Database Error!<br/>";
}
}else{
echo "<img src=\"../images$folder/notok.gif\" alt=\"X\"/>You can't delete this Comment";
}
echo "<br/><br/>";
echo "<a href=\"lists.php?action=allbl\">Back to Blogs</a><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////UPDATE PWS
else if($action=="pws")
{
//$uid = getuid_sid($sid);
addonline(getuid_sid($sid),"Updating PWS","");
echo "<div><br/>P.W.S<br/></div>";
$imgt = $_POST["imgt"];
$imgo = $_POST["imgo"];
$smsg = $_POST["smsg"];
$thms = $_POST["thms"];
$uid = getuid_sid($sid);
echo "<p align=\"center\">";
if($imgt=="idc")
{
$imgo = "http://wapirate.net/rwidc.php?id=$uid";
}else if($imgt == "avt")
{
$av = mysql_fetch_array(mysql_query("SELECT avatar FROM ibwf_users WHERE id='".$uid."'"));
if(strpos($av[0], "http://")===false)
{
$av[0] = "../".$av[0];
}
$imgo = $av[0];
}else if($imgt=="sml")
{
$sml = mysql_fetch_array(mysql_query("SELECT imgsrc FROM ibwf_smilies WHERE scode='".strtolower(trim($imgo))."'"));
$imgo = "../".$sml[0];
}else
{
$imgo = strtolower(trim($imgo));
}
$smsg = trim($smsg);
$isu = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_mypage WHERE uid='".$uid."'"));
if ($isu[0]>0)
{
$res = mysql_query("UPDATE ibwf_mypage SET thid='".$thms."', mimg='".$imgo."', msg='".$smsg."' WHERE uid='".$uid."'");
}else{
$res = mysql_query("INSERT INTO ibwf_mypage SET uid='".$uid."', thid='".$thms."', mimg='".$imgo."', msg='".$smsg."'");
}
echo mysql_error();
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Your Site updated successfully<br/><br/>";
echo "<a href=\"/users?".getnick_uid($uid)."\">View Your Site</a>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Database Error!";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////invisable
else if($action=="hide")
{
addonline(getuid_sid($sid),"Main Page","");
echo "<div><br/>Invisability On<br/></div>";
echo "<p align=\"center\">";
if (isvip(getuid_sid($sid))){
$hide = 1;
$res = mysql_query("UPDATE ibwf_users SET hide='".$hide."' WHERE id='".$uid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Your Now Invisable<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Error Updating Invisability<br/>";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>You Cant Do This!<br/>";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////no invisable
else if($action=="nohide")
{
addonline(getuid_sid($sid),"Main Page","");
echo "<div><br/>Invisability Off<br/></div>";
echo "<p align=\"center\">";
if (isvip(getuid_sid($sid))){
$hide = 0;
$res = mysql_query("UPDATE ibwf_users SET hide='".$hide."' WHERE id='".$uid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Invisability Off<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Error Updating Invisability<br/>";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>You Cant Do This!<br/>";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////add profile pic
else if($action=="addppic")
{
addonline(getuid_sid($sid),"Uploading Profile Pic","");
echo "<div><br/>Add Profile Pic!<br/></div>";
echo "<p align=\"center\">";
////////////here
$size_bytes=1204800;
$kb = $size_bytes / 1024;
$extlimit="yes";
$limitedext=array(".jpg",".jpeg",".gif",".png");
$ext=strtolower(strrchr($_FILES['filetoupload'][name],'.'));
$file_type=$_FILES['filetoupload']['type'];
$file_name=$_FILES['filetoupload']['name'];
$file_size=$_FILES['filetoupload']['size'];
$file_tmp=$_FILES['filetoupload']['tmp_name'];
$nop = substr_count($file_name,"php");
$now = substr_count($file_name,"wml");
$noh = substr_count($file_name,"htm");
if(!is_uploaded_file($_FILES['filetoupload']['tmp_name'])){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>No file selected!<br/>";
}
else if($extlimit=="yes" && !in_array($ext,$limitedext)){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Invalid file type!<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Dodgy', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted to upload a $ext file in Profile!', actdt='".time()."'");
}
//////////////////////////////////////anti hack
else if($nop>0||$now>0||$noh>0){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Invalid file type!<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Dodgy', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted to upload $file_name in Profile!', actdt='".time()."'");
}
////////////////
else if($file_size>$size_bytes){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Exceeded File size limit! Maximum <b>$kb</b> Kb.<br/>";
}
else if($file_size){
$file_name2=str_replace(" ","",$file_name);
$filename=explode(".",$file_name);
$size = $file_size/1024;
//mysql_query("INSERT INTO download_topic SET filename='".$file_name2."', path='http://".$_SERVER['SERVER_NAME']."/xhtml/topics/".$file_name2."', tid='".$tid[0]."', size='".$size."'");
$test = move_uploaded_file($file_tmp, "../gallery/".getnick_uid(getuid_sid($sid)).".".$filename[1]."");
if($test){
$res = mysql_query("UPDATE ibwf_users SET avatar='/gallery/".getnick_uid(getuid_sid($sid)).".".$filename[1]."' WHERE id='".$uid."'");
}
}
else{
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Unknown error! Pls try again...<br/>";
}
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Profile Pic Added Successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error adding Pic ";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////add profile pic
else if($action=="addbpic")
{
addonline(getuid_sid($sid),"Uploading Profile Pic","");
echo "<div><br/>Add Profile Pic!<br/></div>";
echo "<p align=\"center\">";
////////////here
$size_bytes=102400;
$kb = $size_bytes / 1024;
$extlimit="yes";
$limitedext=array(".jpg",".jpeg",".gif",".png");
$ext=strtolower(strrchr($_FILES['filetoupload'][name],'.'));
$file_type=$_FILES['filetoupload']['type'];
$file_name=$_FILES['filetoupload']['name'];
$file_size=$_FILES['filetoupload']['size'];
$file_tmp=$_FILES['filetoupload']['tmp_name'];
$nop = substr_count($file_name,"php");
$now = substr_count($file_name,"wml");
$noh = substr_count($file_name,"htm");
if(!is_uploaded_file($_FILES['filetoupload']['tmp_name'])){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>No file selected!<br/>";
}
else if($extlimit=="yes" && !in_array($ext,$limitedext)){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Invalid file type!<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Dodgy', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted to upload a $ext file in Background Profile!', actdt='".time()."'");
}
//////////////////////////////////////anti hack
else if($nop>0||$now>0||$noh>0){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Invalid file type!<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Dodgy', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted to upload $file_name in Profile!', actdt='".time()."'");
}
////////////////
else if($file_size>$size_bytes){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Exceeded File size limit! Maximum <b>$kb</b> Kb.<br/>";
}
else if($file_size){
$file_name2=str_replace(" ","",$file_name);
$filename=explode(".",$file_name);
$size = $file_size/1024;
$test = move_uploaded_file($file_tmp, "../backgroundimage/".getnick_uid(getuid_sid($sid)).".".$filename[1]."");
if($test){
$res = mysql_query("UPDATE ibwf_users SET profile='/backgroundimage/".getnick_uid(getuid_sid($sid)).".".$filename[1]."' WHERE id='".$uid."'");
}
}
else{
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Unknown error! Pls try again...<br/>";
}
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Profile Background Pic Added Successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error adding Pic ";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////Delete background pic
else if($action=="delbpic")
{
addonline(getuid_sid($sid),"Deleting Background Pic","");
echo "<div><br/>Delete Background Pic<br/></div>";
echo "<p align=\"center\">";
$res = mysql_query("UPDATE ibwf_users SET profile='' WHERE id='".$uid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Background Pic Deleted<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Error Deleting Background Pic<br/>";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////Inboxing Posting
else if($action=="inbox")
{
addonline(getuid_sid($sid),"Inboxing Posting","");
echo "<div><br/>Send Post To Inbox<br/></div>";
echo "<p align=\"center\">";
$pid = $_GET["pid"];
$tid = $_GET["tid"];
$who = $_POST["who"];
$who = getuid_nick($who);
if($who==""){
$nme = "1218";
$who = $uid;
}else{
$nme = $uid;
}
if($tid==""){
$pinfo = mysql_fetch_array(mysql_query("SELECT uid, tid, text FROM ibwf_posts WHERE id='".$pid."'"));
$tinfo = mysql_fetch_array(mysql_query("SELECT name FROM ibwf_topics WHERE id='".$pinfo[1]."'"));
$tname = htmlspecialchars($tinfo[0]);
$res = mysql_query("INSERT INTO ibwf_private SET title='".$tname."', text='".$pinfo[2]."[br/][i]This Message Was Sent From Forum Post! [/i]', byuid='".$nme."', touid='".$who."', timesent='".$tm."'");
}else{
$tinfo = mysql_fetch_array(mysql_query("SELECT name, authorid, text FROM ibwf_topics WHERE id='".$tid."'"));
$tname = htmlspecialchars($tinfo[0]);
$res = mysql_query("INSERT INTO ibwf_private SET title='".$tname."', text='".$tinfo[2]."[br/][i]This Message Was Sent From Forum Post! [/i]', byuid='".$nme."', touid='".$who."', timesent='".$tm."'");
}
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Message Sent Successfully<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Error Sending Message<br/>";
}
echo "<a href=\"index.php?action=viewtpc&tid=$tid&page=1\">Back to $tname</a><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////bookmarks
else if($action=="bookmark"){
$tid = $_GET["tid"];
addonline(getuid_sid($sid),"Adding Bookmark","");
echo "<div><br/>Add Bookmark<br/></div>";
echo "<p align=\"center\">";
echo "<br/>";
$res = mysql_query("INSERT INTO ibwf_bookmarks SET tid='".$tid."', uid='".$uid."'");
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Bookmark Added Successfully<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error Adding Bookmark<br/>";
}
echo "<br/><a href=\"index.php?action=viewtpc&tid=$tid&page=1\">Back to Topic</a><br/><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////LOGOUT
else if($action=="logout")
{
$uid =getuid_sid($sid);
$whonick = getnick_uid($uid);
if($uid>0)
{
addonline(getuid_sid($sid),"Logout","");
}
echo "<div>";
echo "<br/>Bye $whonick<br/> Come Back Soon!<br/>";
echo "</div>";
echo "<p align=\"center\">";
$res = mysql_query("DELETE FROM ibwf_ses WHERE uid='".$uid."'");
$res = mysql_query("DELETE FROM ibwf_online WHERE userid='".$uid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>You have logged out successfully!<br/>";
session_destroy();
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Failed to logout!";
}
echo "We Hope you enjoyed Your stay - if so help support wapirate by clicking the link below<br/>";
echo admob_request($admob_params);
echo "<br/><br/><br/>";
$foot .= "<a href=\"index.php\">";
$foot .= "<img src=\"images$folder/home.gif\" alt=\"*\"/>Home</a>";
$foot .= "</p>";
$foot .= "<div>wapirate.net</div>";
$foot .= "</body>";
$foot .= "</html>";
echo $foot;
exit();
}
////////////////////////////////////////////Edit Post 2
else if($action=="edtpst")
{
$pid = $_GET["pid"];
$ptext = $_POST["ptext"];
$reason = $_POST["reason"];
$tid = gettid_pid($pid);
$fid = getfid_tid($tid);
echo "<div><br/>Edit Post<br/></div>";
echo "<p align=\"center\">";
$pinfo= mysql_fetch_array(mysql_query("SELECT uid FROM ibwf_posts WHERE id='".$pid."'"));
if(($pinfo[0]==$uid)||(isstatus2(getuid_sid($sid)))){
if($reason==""){
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>No Edit Reason?";
}else{
$res = mysql_query("UPDATE ibwf_posts SET text='".$ptext."', editreason='".$reason."', editby='".$uid."' WHERE id='".$pid."'");
if($res)
{
$tname = mysql_fetch_array(mysql_query("SELECT name FROM ibwf_topics WHERE id='".$tid."'"));
mysql_query("INSERT INTO ibwf_mlog SET action='posts', details='<b>".getnick_uid(getuid_sid($sid))."</b> Edited Post Number $pid Of the thread ".mysql_escape_string($tname[0])." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Post Message Edited";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You Do Not Have Permition To Do This!";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewtpc&tid=$tid\">";
echo "View Topic</a><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&fid=$fid\">";
echo "$fname</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////Post per view posts 2
else if($action=="paddppv")
{
$pid = $_GET["pid"];
$ppv = $_POST["ppv"];
$tid = gettid_pid($pid);
$fid = getfid_tid($tid);
echo "<div><br/>Posts Per View<br/></div>";
echo "<p align=\"center\">";
$pinfo= mysql_fetch_array(mysql_query("SELECT uid FROM ibwf_posts WHERE id='".$pid."'"));
if(($pinfo[0]==$uid)||(isstatus2(getuid_sid($sid)))){
$res = mysql_query("UPDATE ibwf_posts SET ppv='".$ppv."' WHERE id='".$pid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Number Of Posts Added Succesfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You Do Not Have Permition To Do This!";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewtpc&tid=$tid\">";
echo "View Topic</a><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&fid=$fid\">";
echo "$fname</a><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////////Edit topic 2
else if($action=="taddppv")
{
$tid = $_GET["tid"];
$ppv = $_POST["ppv"];
$fid = getfid_tid($tid);
echo "<div><br/>Posts Per View<br/></div>";
echo "<p align=\"center\">";
$tinfo= mysql_fetch_array(mysql_query("SELECT authorid FROM ibwf_topics WHERE id='".$tid."'"));
if(($tinfo[0]==$uid)||(isstatus2(getuid_sid($sid)))){
$res = mysql_query("UPDATE ibwf_topics SET ppv='".$ppv."' WHERE id='".$tid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Number Of Posts Added Succesfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You Do Not Have Permition To Do This!";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewtpc&tid=$tid\">";
echo "View Topic</a><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&fid=$fid\">";
echo "$fname</a><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////////Edit topic 2
else if($action=="edttpc")
{
$tid = $_GET["tid"];
$ttext = $_POST["ttext"];
$reason = $_POST["reason"];
$fid = getfid_tid($tid);
echo "<div><br/>Edit Topic<br/></div>";
echo "<p align=\"center\">";
$tinfo= mysql_fetch_array(mysql_query("SELECT authorid FROM ibwf_topics WHERE id='".$tid."'"));
if(($tinfo[0]==$uid)||(isstatus2(getuid_sid($sid)))){
if($reason==""){
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>No Edit Reason?";
}else{
$res = mysql_query("UPDATE ibwf_topics SET text='".$ttext."', editreason='".$reason."', editby='".$uid."' WHERE id='".$tid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Edited the text Of the thread ".mysql_escape_string(gettname($tid))." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Topic Message Edited";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You Do Not Have Permition To Do This!";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewtpc&tid=$tid\">";
echo "View Topic</a><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&fid=$fid\">";
echo "$fname</a><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////online list mood
else if($action=="onmood")
{
addonline(getuid_sid($sid),"Having A Mood Swing","");
$mood = $_POST["mood"];
echo "<div><br/>Online List Mood<br/></div>";
echo "<p align=\"center\">";
$res = mysql_query("UPDATE ibwf_users SET onlinemood='".$mood."' WHERE id='".$uid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Mood Updated<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Hmmm somethings wrong lol<br/>";
}
echo "<br/><br/><a href=\"index.php?action=online\">Online List</a>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////inbox alarm
else if($action=="inboxalarm")
{
addonline(getuid_sid($sid),"Inbox Alarm","");
$mood = mysql_fetch_array(mysql_query("SELECT inboxalarm FROM ibwf_users WHERE id='".$uid."'"));
if($mood[0]>0){
$mood = 0;
}else{
$mood = 1;
}
echo "<div><br/>Inbox Alarm<br/></div>";
echo "<p align=\"center\">";
$res = mysql_query("UPDATE ibwf_users SET inboxalarm='".$mood."' WHERE id='".$uid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Alarm Changed =P<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Hmmm somethings wrong lol<br/>";
}
echo "<br/><br/><a href=\"inbox.php?action=main\">Inbox</a>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////////topic updates
else if($action=="tupdate")
{
$tid = $_GET["tid"];
$tupdate = $_POST["update"];
$vvv=getnick_uid($uid);
$tupdate = "[user=$vvv] $tupdate";
$fid = getfid_tid($tid);
echo "<div><br/>Updates Made To Topic<br/></div>";
echo "<p align=\"center\">";
$tinfo= mysql_fetch_array(mysql_query("SELECT authorid FROM ibwf_topics WHERE id='".$tid."'"));
if(($tinfo[0]==$uid)||(isstatus2(getuid_sid($sid)))){
$res = mysql_query("UPDATE ibwf_topics SET tupdate='".$tupdate."' WHERE id='".$tid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Update Added Succesfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You Do Not Have Permition To Do This!";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewtpc&tid=$tid\">";
echo "View Topic</a><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&fid=$fid\">";
echo "$fname</a><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////////Delete edit topic reason
else if($action=="deleditt")
{
$tid = $_GET["tid"];
$fid = getfid_tid($tid);
echo "<div><br/>Delete Edited Reason<br/></div>";
echo "<p align=\"center\">";
if(isstatus8(getuid_sid($sid))){
$res = mysql_query("UPDATE ibwf_topics SET editreason='', editby='' WHERE id='".$tid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Edited Reason Removed Successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You Do Not Have Permition To Do This!";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewtpc&tid=$tid\">";
echo "View Topic</a><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&fid=$fid\">";
echo "$fname</a><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////////Delete edit Post reason
else if($action=="deleditp")
{
$pid = $_GET["pid"];
$tid = gettid_pid($pid);
$fid = getfid_tid($tid);
echo "<div><br/>Delete Edited Reason<br/></div>";
echo "<p align=\"center\">";
if(isstatus8(getuid_sid($sid))){
$res = mysql_query("UPDATE ibwf_posts SET editreason='', editby='' WHERE id='".$pid."'");
if($res)
{
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Edited Reason Removed Successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You Do Not Have Permition To Do This!";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewtpc&tid=$tid\">";
echo "View Topic</a><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&fid=$fid\">";
echo "$fname</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////////////////////////
else{
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "I don't know how you got in here, but there's nothing to show<br/><br/>";
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
?>