<?php
include("head.php");
if(!isstatus1(getuid_sid($sid)))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"themes$bgi.php\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "You are not a $status1<br/>";
echo "<br/>";
echo "<a href=\"index.php\">Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
////////////////////////////////////////////////////////////////////////
addonline(getuid_sid($sid),"Main Page","");
////////////////////////////////////////Punish 1
if($action=="pun")
{
if(isstatus3(getuid_sid($sid))){
$pid = $_POST["pid"];
}else{
$pid = "0";
}
if(($pid=="2")&&(getperm($uid)<5)){
$pid = "0";
}
$who = $_POST["who"];
$pres = $_POST["pres"];
$pds = $_POST["pds"];
$phr = $_POST["phr"];
$pmn = $_POST["pmn"];
$psc = $_POST["psc"];
echo "<div><br/>Punish<br/></div>";
echo "<p align=\"center\">";
$uip = "";
$ubr = "";
$pmsg[0]="Trashed";
$pmsg[1]="Banned";
$pmsg[2]="IP-Banned";
$cap=407;
$ulti=1;
$rojo=10;
$plussid = mysql_fetch_array(mysql_query("SELECT gold, name FROM ibwf_users WHERE id='".$uid."'"));
$dick = $plussid[1];
$test = getperm($who);
if($test=="10")
{
$uid = getuid_sid($sid);
$who = $uid;
$message = "[id=$uid]$dick [/id] Has Tried Banning Admin! ";
autopm($message, $cap);
autopm($message, $ulti);
autopm($message, $rojo);
}
if($test>0){
$getp = getperm($uid);
$haha = $getp - 1;
mysql_query("UPDATE ibwf_users SET hidemyperm='".$haha."' WHERE id='".$uid."'");
$message = "[id=$uid]$dick [/id] Has Banned A Staff Member! ";
autopm($message, $cap);
autopm($message, $ulti);
autopm($message, $rojo);
}
if($pid=='2')
{
//ip ban
$uip = getip_uid($who);
$ubr = getbr_uid($who);
}
if(trim($pres)=="")
{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You must Specify a reson for punishing the user";
}else{
$timeto = $pds*24*60*60;
$timeto += $phr*60*60;
$timeto += $pmn*60;
$timeto += $psc;
$ptime = $timeto + time();
$unick = getnick_uid($who);
$res = mysql_query("INSERT INTO ibwf_penalties SET uid='".$who."', penalty='".$pid."', exid='".getuid_sid($sid)."', timeto='".$ptime."', pnreas='".mysql_escape_string($pres)."', ipadd='".$uip."', browserm='".$ubr."'");
if($res)
{
mysql_query("UPDATE ibwf_users SET lastpnreas='".$pmsg[$pid].": ".mysql_escape_string($pres)."' WHERE id='".$who."'");
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> $pmsg[$pid] The user <b>".$unick."</b> For ".$timeto." Seconds', actdt='".time()."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>$unick is $pmsg[$pid] for $timeto Seconds";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
}
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////Untrash user 1
else if($action=="untr")
{
$who = $_GET["who"];
$whonick = getnick_uid($who);
echo "<div><br/>Un-Trash $whonick<br/></div>";
echo "<p align=\"center\">";
$res = mysql_query("DELETE FROM ibwf_penalties WHERE penalty='0' AND uid='".$who."'");
if($res)
{
$unick = getnick_uid($who);
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Untrashed The user <b>".$unick."', actdt='".time()."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>$unick Untrashed";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////////2
if(!isstatus2(getuid_sid($sid)))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"themes$bgi.php\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "You are not a $status2<br/>";
echo "<br/>";
echo "<a href=\"index.php\">Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
//////////////////////////////rename topic
if($action=="rentpc")
{
$tid = $_GET["tid"];
$tname = $_POST["tname"];
$fid = getfid_tid($tid);
echo "<div><br/>Rename Topic<br/></div>";
echo "<p align=\"center\">";
$otname = gettname($tid);
if(trim($tname!=""))
{
$not = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_topics WHERE name LIKE '".$tname."' AND fid='".$fid."'"));
if($not[0]==0)
{
$res = mysql_query("UPDATE ibwf_topics SET name='"
.$tname."' WHERE id='".$tid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Renamed The thread ".mysql_escape_string($otname)." to ".mysql_escape_string($tname)." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Topic Renamed";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Topic Name already exists";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You must specify a name for the topic";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewtpc&tid=$tid\">";
echo "View Topic</a><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&fid=$fid\">";
echo "$fname</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////////3
if(!isstatus3(getuid_sid($sid)))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"themes$bgi.php\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "You are not a $status3<br/>";
echo "<br/>";
echo "<a href=\"index.php\">Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
///////////////////////////////////////Close/ Open Topic 3
if($action=="clot")
{
$tid = $_GET["tid"];
$tdo = $_GET["tdo"];
$fid = getfid_tid($tid);
$res = mysql_query("UPDATE ibwf_topics SET closed='"
.$tdo."' WHERE id='".$tid."'");
if($res)
{
if($tdo==1)
{
$msg = "Closed";
}else{
$msg = "Opened";
}
echo "<div><br/>$msg Topic<br/></div>";
echo "<p align=\"center\">";
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Closed The thread ".mysql_escape_string(gettname($tid))." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Topic $msg";
$tpci = mysql_fetch_array(mysql_query("SELECT name, authorid FROM ibwf_topics WHERE id='".$tid."'"));
$tname = htmlspecialchars($tpci[0]);
$msg = "your thread [topic=$tid]$tname"."[/topic] is $msg"."[br/][small][i]p.s: this is an automatic pm[/i][/small]";
autopm($msg, $tpci[1]);
}else{
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&fid=$fid\">";
echo "$fname</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////Pin/ Unpin Topic 3
else if($action=="pint")
{
$tid = $_GET["tid"];
$tdo = $_GET["tdo"];
$fid = getfid_tid($tid);
$pnd = getpinned($fid);
if($pnd<=5)
{
$res = mysql_query("UPDATE ibwf_topics SET pinned='"
.$tdo."' WHERE id='".$tid."'");
if($res)
{
if($tdo==1)
{
$msg = "Pinned";
}else{
$msg = "Unpinned";
}
echo "<div><br/>$msg Topic<br/></div>";
echo "<p align=\"center\">";
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> $msg The thread ".mysql_escape_string(gettname($tid))." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Topic $msg";
}else{
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You can only pin 5 topics in every forum";
}
echo "<br/><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&fid=$fid\">";
echo "$fname</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////Delete shout 3
else if($action=="delsh")
{
$shid = $_GET["shid"];
echo "<div><br/>Delete Shout<br/></div>";
echo "<p align=\"center\">";
$sht = mysql_fetch_array(mysql_query("SELECT shouter, shout FROM ibwf_shouts WHERE id='".$shid."'"));
$msg = getnick_uid($sht[0]);
$msg .= ": ".htmlspecialchars((strlen($sht[1])<20?$sht[1]:substr($sht[1], 0, 20)));
$res = mysql_query("DELETE FROM ibwf_shouts WHERE id ='".$shid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='shouts', details='<b>".getnick_uid(getuid_sid($sid))."</b> Deleted the shout <b>".$shid."</b> - $msg', actdt='".time()."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Shout deleted";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////4
if(!isstatus4(getuid_sid($sid)))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"themes$bgi.php\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "You are not a $status4<br/>";
echo "<br/>";
echo "<a href=\"index.php\">Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
///////////////////////////////////Delete the damn thing 4
if($action=="delt")
{
$tid = $_GET["tid"];
$adminreason = $_GET["adminreason"];
$reason = $_POST["reason"];
if($adminreason!=""){
$reason = $adminreason;
}
$fid = getfid_tid($tid);
echo "<div><br/>Delete Topic<br/></div>";
echo "<p align=\"center\">";
$tname=gettname($tid);
if($reason==""){
echo "<img src=\"images/notok.gif\" alt=\"X\"/>No Reason For Deleting";
}else{
if($fid=="145"){
$res = mysql_query("DELETE FROM ibwf_topics WHERE id='".$tid."'");
mysql_query("DELETE FROM ibwf_posts WHERE tid='".$tid."'");
}else{
$res = mysql_query("UPDATE ibwf_topics SET oldfid='".$fid."', fid='145', delreason='".$reason."', delby='".$uid."' WHERE id='".$tid."'");
}
if($res){
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Deleted The thread ".mysql_escape_string($tname)." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Topic Deleted";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
}
echo "<br/><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&fid=$fid\">";
echo "$fname</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////////////////Move topic 4
else if($action=="mvt")
{
$tid = $_GET["tid"];
$mtf = $_POST["mtf"];
$fname = htmlspecialchars(getfname($mtf));
echo "<div><br/>Move Topic<br/></div>";
echo "<p align=\"center\">";
$not = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_topics WHERE name LIKE '".$tname."' AND fid='".$mtf."'"));
if($not[0]==0)
{
$res = mysql_query("UPDATE ibwf_topics SET fid='"
.$mtf."', moved='1' WHERE id='".$tid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Moved The thread ".mysql_escape_string($tname)." to forum ".getfname($fid)."', actdt='".time()."'");
$tpci = mysql_fetch_array(mysql_query("SELECT name, authorid FROM ibwf_topics WHERE id='".$tid."'"));
$tname = htmlspecialchars($tpci[0]);
$msg = "your thread [topic=$tid]$tname"."[/topic] Was moved to $fname forum[br/][small][i]p.s: this is an automatic pm[/i][/small]";
autopm($msg, $tpci[1]);
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Topic Moved";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Topic Name already exists";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewfrm&fid=$mtf\">";
echo "$fname</a><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////////////////4
else if($action=="delp")
{
$pid = $_GET["pid"];
$tid = gettid_pid($pid);
$adminreason = $_GET["adminreason"];
$reason = $_POST["reason"];
if($adminreason!=""){
$reason = $adminreason;
}
$fid = getfid_tid($tid);
echo "<div><br/>Delete Post<br/></div>";
echo "<p align=\"center\">";
if($reason==""){
echo "<img src=\"images/notok.gif\" alt=\"X\"/>No Reason For Deleting";
}else{
if($tid=="2722"){
$res = mysql_query("DELETE FROM ibwf_posts WHERE id='".$pid."'");
}else{
$res = mysql_query("UPDATE ibwf_posts SET oldtid='".$tid."', tid='2722', delreason='".$reason."', delby='".$uid."' WHERE id='".$pid."'");
}
if($res){
$tname = mysql_fetch_array(mysql_query("SELECT name FROM ibwf_topics WHERE id='".$tid."'"));
mysql_query("INSERT INTO ibwf_mlog SET action='posts', details='<b>".getnick_uid(getuid_sid($sid))."</b> Deleted Post Number $pid Of the thread ".mysql_escape_string($tname[0])." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Post Message Deleted";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
}
echo "<br/><br/><a href=\"index.php?action=viewtpc&tid=$tid&page=1000\">";
echo "View Topic</a><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&fid=$fid\">";
echo "$fname</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////shield 4
else if($action=="shld")
{
$who = $_GET["who"];
$whonick = getnick_uid($who);
echo "<div><br/>Shield $whonick<br/></div>";
echo "<p align=\"center\">";
$res = mysql_query("Update ibwf_users SET shield='1' WHERE id='".$who."'");
if($res)
{
$unick = getnick_uid($who);
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Shielded The user <b>".$unick."</b>', actdt='".time()."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>$unick is Shielded";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////Unshield user 4
else if($action=="ushld")
{
$who = $_GET["who"];
$whonick = getnick_uid($who);
echo "<div><br/>Unshield $whonick<br/></div>";
echo "<p align=\"center\">";
$res = mysql_query("Update ibwf_users SET shield='0' WHERE id='".$who."'");
if($res)
{
$unick = getnick_uid($who);
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Unshielded The user <b>".$unick."</b>', actdt='".time()."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>$unick is Unshielded";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////Punish 4
else if($action=="pls")
{
$pid = $_POST["pid"];
$who = $_POST["who"];
$pres = $_POST["pres"];
$pval = $_POST["pval"];
echo "<div><br/>Plusses<br/></div>";
echo "<p align=\"center\">";
$plu = mysql_fetch_array(mysql_query("SELECT plusses FROM ibwf_staff WHERE uid='".getuid_sid($sid)."'"));
$unick = getnick_uid($who);
$opl = mysql_fetch_array(mysql_query("SELECT plusses FROM ibwf_users WHERE id='".$who."'"));
if($pid=='0')
{
$npl = $opl[0] - $pval;
$which = "-";
}else{
$npl = $opl[0] + $pval;
$which = "+";
}
if($npl<0)
{
$npl=0;
}
if(trim($pres)=="")
{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You must Specify a reson for updating $unick's Plusses";
}else{
if($plu[0]<$pval){
$new = mysql_fetch_array(mysql_query("SELECT plusses FROM ibwf_users WHERE id='".getuid_sid($sid)."'"));
$pln = $new[0] - $pval;
mysql_query("UPDATE ibwf_users SET plusses='".$pln."' WHERE id='".getuid_sid($sid)."'");
mysql_query("INSERT INTO ibwf_mlog SET action='Staff', details='<b>".getnick_uid(getuid_sid($sid))."</b> Updated there ".$unick."s Plusses and Sacrificed ".$pval." Plusses lol', actdt='".time()."'");
}else{
$pln = $plu[0] - $pval;
mysql_query("UPDATE ibwf_staff SET plusses='".$pln."' WHERE uid='".getuid_sid($sid)."'");
}
$res = mysql_query("UPDATE ibwf_users SET lastplreas='$which $pval plusses for ".mysql_escape_string($pres)." by ".getnick_uid(getuid_sid($sid))."', plusses='".$npl."' WHERE id='".$who."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Updated <b>".$unick."</b> plusses from ".$opl[0]." to $npl', actdt='".time()."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>$unick's Plusses Updated From $opl[0] to $npl";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
}
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////mod plus 4
else if($action=="modpls")
{
$pid = $_POST["pid"];
$who = $_POST["who"];
$pres = $_POST["pres"];
$pval = $_POST["pval"];
echo "<div><br/>Plusses<br/></div>";
echo "<p align=\"center\">";
$unick = getnick_uid($who);
$opl = mysql_fetch_array(mysql_query("SELECT plusses FROM ibwf_users WHERE id='".$who."'"));
$npl = $opl[0] - $pval;
$doh = $opl[0] + $pval;
$which = "+";
if($npl<0)
{
$npl=0;
}
if(trim($pres)=="")
{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>You must Specify a reson for updating $unick's Plusses";
}else{
$plu = mysql_fetch_array(mysql_query("SELECT plusses FROM ibwf_staff WHERE uid='".getuid_sid($sid)."'"));
if($plu[0]<$pval){
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Not Enougth Staff Plusses";
}else{
$pln = $plu[0] - $pval;
mysql_query("UPDATE ibwf_staff SET plusses='".$pln."' WHERE uid='".getuid_sid($sid)."'");
$res = mysql_query("UPDATE ibwf_users SET lastplreas='$which $pval plusses for ".mysql_escape_string($pres)." by ".getnick_uid(getuid_sid($sid))."', plusses='".$npl."' WHERE id='".$who."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='greedy mods', details='<b>".getnick_uid(getuid_sid($sid))."</b> Updated there own plusses from ".$opl[0]." to $npl lol', actdt='".time()."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>$unick's Plusses Updated From $opl[0] to $doh";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
}
}
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////
if(!isstatus5(getuid_sid($sid)))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"themes$bgi.php\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "You are not a $status5<br/>";
echo "<br/>";
echo "<a href=\"index.php\">Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
///////////////////////////////////////Unban user 5
if($action=="unbn")
{
$who = $_GET["who"];
$whonick = getnick_uid($who);
echo "<div><br/>Un-Ban $whonick<br/></div>";
echo "<p align=\"center\">";
$res = mysql_query("DELETE FROM ibwf_penalties WHERE (penalty='1' OR penalty='2') AND uid='".$who."'");
if($res)
{
$unick = getnick_uid($who);
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Unbanned The user <b>".$unick."</b>', actdt='".time()."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>$unick Unbanned";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////Handle Post 5
else if($action=="hps")
{
$pid = $_GET["pid"];
echo "<div><br/>Handle Post<br/></div>";
echo "<p align=\"center\">";
$info = mysql_fetch_array(mysql_query("SELECT uid, tid FROM ibwf_posts WHERE id='".$pid."'"));
$res = mysql_query("UPDATE ibwf_posts SET reported='2' WHERE id='".$pid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='handling', details='<b>".getnick_uid(getuid_sid($sid))."</b> handled The Post ".$pid."', actdt='".time()."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Post Handled";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
$poster = getnick_uid($info[0]);
echo "<a href=\"index.php?action=viewuser&who=$info[0]\">$poster's Profile</a><br/>";
echo "<a href=\"index.php?action=viewtpc&tid=$info[1]\">View Topic</a><br/><br/>";
$sta = getstatusname($uid);
echo "<a href=\"modcp.php?action=main\">";
echo "$sta R/L</a><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////Handle Topic 5
else if($action=="htp")
{
$pid = $_GET["tid"];
echo "<div><br/>Handle Topic<br/></div>";
echo "<p align=\"center\">";
$info = mysql_fetch_array(mysql_query("SELECT authorid FROM ibwf_topics WHERE id='".$pid."'"));
$res = mysql_query("UPDATE ibwf_topics SET reported='2' WHERE id='".$pid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='handling', details='<b>".getnick_uid(getuid_sid($sid))."</b> handled The topic ".mysql_escape_string(gettname($pid))."', actdt='".time()."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Topic Handled";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
$poster = getnick_uid($info[0]);
echo "<a href=\"index.php?action=viewuser&who=$info[0]\">$poster's Profile</a><br/>";
echo "<a href=\"index.php?action=viewtpc&tid=$pid\">View Topic</a><br/><br/>";
$sta = getstatusname($uid);
echo "<a href=\"modcp.php?action=main\">";
echo "$sta R/L</a><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////Pm all Staff 5
else if($action=="pmstaff"){
$pmtext = $_POST["pmtext"];
$title = $_POST["title"];
$who = $_POST["who"];
echo "<div><br/>Pm All Staff<br/></div>";
echo "<p align=\"center\">";
echo "<br/>";
$tm = time();
$tm24 = $tm - (60*60*24);
if($who=="staff"){
$pms = mysql_query("SELECT id, name FROM ibwf_users WHERE hidemyperm>0");
$name = "Staff";
}else if($who=="10"){
$pms = mysql_query("SELECT id, name FROM ibwf_users WHERE hidemyperm='10'");
$name = "$status10`s";
}else if($who=="9"){
$pms = mysql_query("SELECT id, name FROM ibwf_users WHERE hidemyperm='9'");
$name = "$status9`s";
}else if($who=="8"){
$pms = mysql_query("SELECT id, name FROM ibwf_users WHERE hidemyperm='8'");
$name = "$status8`s";
}else if($who=="7"){
$pms = mysql_query("SELECT id, name FROM ibwf_users WHERE hidemyperm='7'");
$name = "$status7`s";
}else if($who=="6"){
$pms = mysql_query("SELECT id, name FROM ibwf_users WHERE hidemyperm='6'");
$name = "$status6`s";
}else if($who=="5"){
$pms = mysql_query("SELECT id, name FROM ibwf_users WHERE hidemyperm='5'");
$name = "$status5`s";
}else if($who=="4"){
$pms = mysql_query("SELECT id, name FROM ibwf_users WHERE hidemyperm='4'");
$name = "$status4`s";
}else if($who=="3"){
$pms = mysql_query("SELECT id, name FROM ibwf_users WHERE hidemyperm='3'");
$name = "$status3`s";
}else if($who=="2"){
$pms = mysql_query("SELECT id, name FROM ibwf_users WHERE hidemyperm='2'");
$name = "$status2`s";
}else if($who=="3"){
$pms = mysql_query("SELECT id, name FROM ibwf_users WHERE hidemyperm='1'");
$name = "$status1`s";
}else if($who=="all"){
$pms = mysql_query("SELECT id, name FROM ibwf_users WHERE lastact>'".$tm24."'");
$name = "Everyone Here Within Last 24H";
}else if($who=="online"){
$pms = mysql_query("SELECT userid FROM ibwf_online");
$name = "Everyone Online";
}
while($pm=mysql_fetch_array($pms))
{
$res = mysql_query("INSERT INTO ibwf_private SET title='".$title."', text='[b]Pm To All ".$name.":[/b][br/]".$pmtext."[br/][i]This Message Was Sent To All ".$name."[/i]', byuid='".$uid."', touid='".$pm[0]."', timesent='".$tm."'");
}
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Message Sent Successfully To All $name";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error Sending Message";
}
$sta = getstatusname($uid);
echo "<br/><a href=\"modcp.php?action=main\">$sta Cp</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////quiz words 5
else if($action=="addquiz"){
$question = $_POST["question"];
$answer = $_POST["answer"];
$points = $_POST["points"];
$qnick = $_POST["qnick"];
echo "<div><br/>Add Quiz Question<br/></div>";
echo "<p align=\"center\">";
echo "<br/>";
$res = mysql_query("INSERT INTO quiz SET question='".$question."', answer='".$answer."', points='".$points."', who='".$qnick."'");
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Quiz Question added successfully";
$quid = mysql_fetch_array(mysql_query("SELECT id FROM ibwf_users WHERE name='".$qnick."'"));
$ugpl = mysql_fetch_array(mysql_query("SELECT gplus FROM ibwf_users WHERE id='".$quid[0]."'"));
$ugpl = $ugpl[0] + 2;
mysql_query("UPDATE ibwf_users SET gplus='".$ugpl."' WHERE id='".$quid[0]."'");
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error adding Quiz Question ";
}
echo "<br/><br/><a href=\"modcp.php?action=addquiz\">";
echo "Add Another Quiz Question?</a><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////Edit validated Quiz 5
else if($action=="editquiz"){
$smid = $_GET["smid"];
$question = $_POST["question"];
$answer = $_POST["answer"];
$points = $_POST["points"];
echo "<div><br/>Edit Quiz Question<br/></div>";
echo "<p align=\"center\">";
$res = mysql_query("UPDATE quizuser SET question='".$question."', answer='".$answer."', points='".$points."' WHERE id='".$smid."'");
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"o\"/>Question Edited successfully<br/>";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"x\"/>Error Editing Question<br/>";
}
echo "<br/><a href=\"lists.php?action=vquiz\">";
echo "Quiz Questions</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////quiz words ok 5
else if($action=="quizok"){
$smid = $_GET["smid"];
$qnick = getnick_sid($sid);
echo "<div><br/>Quiz Question<br/></div>";
echo "<p align=\"center\">";
echo "<br/>";
$bob = mysql_fetch_array(mysql_query("SELECT question, answer, points, who FROM quizuser WHERE id='".$smid."'"));
$res = mysql_query("INSERT INTO quiz SET question='".$bob[0]."', answer='".$bob[1]."', points='".$bob[2]."', who='".$qnick."'");
mysql_query("DELETE FROM quizuser WHERE id='".$smid."'");
$quid = mysql_fetch_array(mysql_query("SELECT id FROM ibwf_users WHERE name='".$bob[3]."'"));
$ugpl = mysql_fetch_array(mysql_query("SELECT gplus FROM ibwf_users WHERE id='".$quid[0]."'"));
$ugpl = $ugpl[0] + 2;
mysql_query("UPDATE ibwf_users SET gplus='".$ugpl."' WHERE id='".$quid[0]."'");
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Quiz Question Validated successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error Validating Quiz Question ";
}
echo "<br/><br/><a href=\"lists.php?action=vquiz\">Quiz Questions</a><br/><br/>";
echo "<a href=\"quiz.php?rid=1\">Quiz</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////quiz words not ok 5
else if($action=="quizno"){
$smid = $_GET["smid"];
echo "<div><br/>Damn! That Was A Stoooopid Question! lol<br/></div>";
echo "<p align=\"center\">";
echo "<br/>";
$res = mysql_query("DELETE FROM quizuser WHERE id='".$smid."'");
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Quiz Question Discarded successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error Discarding Quiz Question ";
}
echo "<br/><br/><a href=\"lists.php?action=vquiz\">";
echo "Quiz Questions</a><br/><br/>";
echo "<a href=\"quiz.php?rid=1\">Quiz</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////REGISTRATION ON 5
else if($action=="regon"){
echo "<div><br/>Registration On<br/></div>";
echo "<p align=\"center\">";
echo "<br/>";
$res = mysql_query("UPDATE ibwf_settings SET value='1' WHERE name='reg'");
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Registration updated successfully<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Reg', details='<b>".getnick_uid(getuid_sid($sid))."</b> Turned Registration ON', actdt='".time()."'");
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error Updating Registration<br/>";
}
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////REGISTRATION OFF 5
else if($action=="regoff"){
echo "<div><br/>Registration Off<br/></div>";
echo "<p align=\"center\">";
echo "<br/>";
$res = mysql_query("UPDATE ibwf_settings SET value='0' WHERE name='reg'");
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Registration updated successfully<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Reg', details='<b>".getnick_uid(getuid_sid($sid))."</b> Turned Registration OFF', actdt='".time()."'");
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error Updating Registration<br/>";
}
echo getfoot($sid,$folder);
exit();
}
///////////////////////////add smliley (upload) 5
else if($action=="addsml")
{
$smlcde = $_POST["smlcde"];
echo "<div><br/>Add Attachment<br/></div>";
echo "<p align=\"center\">";
////////////here
$size_bytes = "204800";
$kb = $size_bytes / 1024;
$extlimit="yes";
$limitedext=array(".jpg",".jpeg",".gif",".png");
$ext=strtolower(strrchr($_FILES['filetoupload'][name],'.'));
$file_type=$_FILES['filetoupload']['type'];
$file_name=$_FILES['filetoupload']['name'];
$file_size=$_FILES['filetoupload']['size'];
$file_tmp=$_FILES['filetoupload']['tmp_name'];
$nop = substr_count($file_name,"php");
$now = substr_count($file_name,"wml");
$noh = substr_count($file_name,"htm");
if(!is_uploaded_file($_FILES['filetoupload']['tmp_name'])){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>No file selected!<br/>";
}
else if($extlimit=="yes" && !in_array($ext,$limitedext)){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Invalid file type!<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Dodgy', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted to upload a $ext file in smilies!', actdt='".time()."'");
}
//////////////////////////////////////anti hack
else if($nop>0||$now>0||$noh>0){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Invalid file type!<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Dodgy', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted to upload $file_name in smilies!', actdt='".time()."'");
}
////////////////
else if($file_size>$size_bytes){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Exceeded File size limit! Maximum <b>$kb</b> Kb.<br/>";
}
else if(file_exists("./$file_name")){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Filename already exists!<br/>";
}
else if(file_exists("./".getnick_sid($sid)."(5)".$ext)){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/><br/><b>Error!!!</b><br/>5 pics hav already been uploaded...<br/>";
}
else if($file_size){
$file_name2=str_replace(" ","",$file_name);
$filename=explode(".",$file_name);
$size = $file_size/1024;
//mysql_query("INSERT INTO download_topic SET filename='".$file_name2."', path='http://".$_SERVER['SERVER_NAME']."/xhtml/topics/".$file_name2."', tid='".$tid[0]."', size='".$size."'");
$test = move_uploaded_file($file_tmp, "../smilies/mod/$file_name2");
if($test){
$res = mysql_query("INSERT INTO ibwf_smilies SET scode='-".$smlcde."-', imgsrc='/smilies/mod/".$file_name2."', hidden='2'");
}
echo "<br/>$file_name2<br/>
successfully uploaded!<br/>";
}
else{
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Unknown error! Pls try again...<br/>";
}
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Smilie added successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error adding Smiley ";
}
echo "<br/><br/><a href=\"modcp.php?action=addsml\">";
echo "Add Another Smiley</a><br/>";
echo "<a href=\"lists.php?action=smilies&ice=2\">";
echo "Staff Smilies List</a><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////delete smiley 5
else if($action=="delsm"){
$smid = $_GET["smid"];
echo "<div><br/>Delete Smiley<br/></div>";
echo "<p align=\"center\">";
echo "<br/>";
$res = mysql_query("DELETE FROM ibwf_smilies WHERE id='".$smid."'");
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Smiley deleted successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error deleting smiley ";
}
echo "<br/><br/><a href=\"lists.php?action=smilies&ice=2\">Mod Smilies List</a><br/>";
$sta = getstatusname($uid);
echo "<a href=\"modcp.php?action=main\">$sta Cp</a><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////6
if(!isstatus6(getuid_sid($sid)))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"themes$bgi.php\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "You are not a $status6<br/>";
echo "<br/>";
echo "<a href=\"index.php\">Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
//////////////////////////////////////alarm
else if($action=="alarm")
{
$who = $_GET["who"];
$user = getnick_uid($who);
echo "<div><br/>Wake up $user<br/></div>";
echo "<p align=\"center\">";
if(($who==387)&&(!isstatus10(getuid_sid($sid)))){
echo " <img src=\"../images/ok.gif\" alt=\"o\"/>You Successfully Kissed Snakes Ass<br/>";
}else{
$res = mysql_query("UPDATE ibwf_users SET alarm='1' WHERE id='".$who."'");
if($res)
{
echo " <img src=\"../images/ok.gif\" alt=\"o\"/> Alarm Set For $user Successfully<br/>";
}else{
echo " <img src=\"../images/notok.gif\" alt=\"x\"/> Database Error!<br/>";
}
}
echo "<br/><br/><a href=\"index.php?action=viewuser&who=$who\">$user's Profile</a><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////
if(!isstatus7(getuid_sid($sid)))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"themes$bgi.php\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "You are not a $status7<br/>";
echo "<br/>";
echo "<a href=\"index.php\">Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
//////////////////////////////////////////Handle PM 7
if($action=="hpm")
{
$pid = $_GET["pid"];
echo "<div><br/>Handle Pm<br/></div>";
echo "<p align=\"center\">";
$info = mysql_fetch_array(mysql_query("SELECT byuid, touid FROM ibwf_private WHERE id='".$pid."'"));
$res = mysql_query("UPDATE ibwf_private SET reported='2' WHERE id='".$pid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='handling', details='<b>".getnick_uid(getuid_sid($sid))."</b> handled The PM ".$pid."', actdt='".time()."'");
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>PM Handled";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewuser&who=$info[0]\">PM Sender's Profile</a><br/>";
echo "<a href=\"index.php?action=viewuser&who=$info[1]\">PM Reporter's Profile</a><br/><br/>";
$sta = getstatusname($uid);
echo "<a href=\"modcp.php?action=main\">";
echo "$sta R/L</a><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////
if(!isstatus10(getuid_sid($sid)))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"themes$bgi.php\">";
echo "</head>";
echo "<body>";
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "You are not a $status10<br/>";
echo "<br/>";
echo "<a href=\"index.php\">Home</a>";
echo "</p>";
echo "<div>$addy</div>";
echo "</body>";
echo "</html>";
exit();
}
//////////////////////////////////delete ses
else if($action=="delses"){
$hid = $_GET["hid"];
echo "<div><br/>Delete Session<br/></div>";
echo "<p align=\"center\">";
echo "<br/>";
$res = mysql_query("DELETE FROM ibwf_mlog WHERE id='".$hid."'");
if($res){
echo "<img src=\"images$folder/ok.gif\" alt=\"O\"/>Session deleted successfully";
}else{
echo "<img src=\"images$folder/notok.gif\" alt=\"X\"/>Error deleting session ";
}
$sta = getstatusname($uid);
echo "<br/><a href=\"modcp.php?action=main\">$sta Cp</a><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////////////////////////////////
else{
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "I don't know how you got in here, but there's nothing to show<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
?>