<?php
include("config.php");
include("core.php");
echo("<?xml version=\"1.0\" encoding=\"UTF-8\"?>");
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD XHTML Mobile 1.0//EN\"". " \"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">";
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Mod CP</title>
<meta forua="true" http-equiv="Cache-Control" content="no-cache"/>
<meta forua="true" http-equiv="Cache-Control" content="must-revalidate"/>
<?php
connectdb();
$sid = $_GET["sid"];
$uid = getuid_sid($sid);
echo gettheme($sid);
?>
</head>
<body>
<?php
echo "<font size=\"".getfontsize($sid)."\">";
gettimebar();
boxstart("$sitename");
$action = $_GET["action"];
if(!ismod(getuid_sid($sid))){
echo "<p align=\"center\">";
echo "You are not a mod!<br/>";
echo "<br/>";
echo "<a href=\"index.php\">Home</a>";
echo "</p>";
echo "</div></div></font></body></html>";
exit();
}
if(islogged($sid)==false){
echo "<p align=\"center\">";
echo "You are not logged in<br/>";
echo "Or Your session has been expired<br/><br/>";
echo "<a href=\"index.php\">Login</a>";
echo "</p>";
echo "</div></div></font></body></html>";
exit();
}
if(isbanned($uid)){
echo "<p align=\"center\">";
echo "<br/>";
echo "You are <b>Banned</b><br/>";
$banto = mysql_fetch_array(mysql_query("SELECT timeto FROM ibwf_penalties WHERE uid='".$uid."' AND penalty='1'"));
$remain = $banto[0]- time();
$rmsg = gettimemsg($remain);
echo "Time to finish your penalty: $rmsg<br/><br/>";
echo "</p>";
echo "</div></div></font></body></html>";
exit();
}
addonline(getuid_sid($sid),"Mod CP","");
if($action=="paani"){
$pid = $_GET["pid"];
$tid = gettid_pid($pid);
$fid = getfid_tid($tid);
echo "<p align=\"center\">";
$res = mysql_query("DELETE FROM ibwf_posts WHERE id='".$pid."'");
if($res){
$tname = mysql_fetch_array(mysql_query("SELECT name FROM ibwf_topics WHERE id='".$tid."'"));
mysql_query("INSERT INTO ibwf_mlog SET action='posts', details='<b>".getnick_uid(getuid_sid($sid))."</b> Deleted Post Number $pid Of the thread ".mysql_escape_string($tname[0])." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Post Message Deleted";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/><a href=\"index.php?action=viewtpc&sid=$sid&tid=$tid&page=1000\">";
echo "View Topic</a><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a></p>";
getfooter($sid);
}
////////////////////////////////////////////Edit Post
else if($action=="jal"){
$pid = $_GET["pid"];
$ptext = $_POST["ptext"];
$tid = gettid_pid($pid);
$fid = getfid_tid($tid);
echo "<p align=\"center\">";
$res = mysql_query("UPDATE ibwf_posts SET text='"
.$ptext."' WHERE id='".$pid."'");
if($res){
$tname = mysql_fetch_array(mysql_query("SELECT name FROM ibwf_topics WHERE id='".$tid."'"));
mysql_query("INSERT INTO ibwf_mlog SET action='posts', details='<b>".getnick_uid(getuid_sid($sid))."</b> Edited Post Number $pid Of the thread ".mysql_escape_string($tname[0])." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Post Message Edited";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewtpc&sid=$sid&tid=$tid\">";
echo "View Topic</a><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a></p>";
getfooter($sid);
}
////////////////////////////////////////////Edit main page
else if($action=="edtmp"){
$fmsg = $_POST["fmsg"];
echo "<p align=\"center\">";
$res = mysql_query("UPDATE ibwf_settings SET value='".$fmsg."' WHERE name='4ummsg'");
if($res){
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> edited the main page message to <b>$fmsg</b>', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Main page message edited succesfully!";
}
else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/></p>";
getfooter($sid);
}
////////////////////////////////////////////Edit topic
else if($action=="jaal"){
$tid = $_GET["tid"];
$ttext = $_POST["ttext"];
$fid = getfid_tid($tid);
echo "<p align=\"center\">";
$res = mysql_query("UPDATE ibwf_topics SET text='"
.$ttext."' WHERE id='".$tid."'");
if($res){
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Edited the text Of the thread ".mysql_escape_string(gettname($tid))." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Topic Message Edited";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewtpc&sid=$sid&tid=$tid\">";
echo "View Topic</a><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a></p>";
getfooter($sid);
}
///////////////////////////////////////Close/ Open Topic
else if($action=="thakka"){
$tid = $_GET["tid"];
$tdo = $_GET["tdo"];
$fid = getfid_tid($tid);
echo "<p align=\"center\">";
$res = mysql_query("UPDATE ibwf_topics SET closed='"
.$tdo."' WHERE id='".$tid."'");
if($res){
if($tdo==1){
$msg = "Closed";
}else{
$msg = "Opened";
}
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Closed The thread ".mysql_escape_string(gettname($tid))." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Topic $msg";
$tpci = mysql_fetch_array(mysql_query("SELECT name, authorid FROM ibwf_topics WHERE id='".$tid."'"));
$tname = htmlspecialchars($tpci[0]);
$msg = "your thread [topic=$tid]$tname"."[/topic] is $msg"."[br/][small][i]p.s: this is an automatic pm[/i][/small]";
autopm($msg, $tpci[1]);
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a></p>";
getfooter($sid);
}
///////////////////////////////////////Untrash user
else if($action=="kachrakadabba"){
$who = $_GET["who"];
echo "<p align=\"center\">";
$res = mysql_query("DELETE FROM ibwf_penalties WHERE penalty='0' AND uid='".$who."'");
if($res){
$unick = getnick_uid($who);
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Untrashed The user <b>".$unick."'</b>, actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>$unick Untrashed";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/></p>";
getfooter($sid);
}
///////////////////////////////////////Unban user
else if($action=="albalaao"){
$who = $_GET["who"];
echo "<p align=\"center\">";
$res = mysql_query("DELETE FROM ibwf_penalties WHERE (penalty='1' OR penalty='2') AND uid='".$who."'");
if($res){
$unick = getnick_uid($who);
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Unbanned The user <b>".$unick."</b>', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>$unick Unbanned";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/></p>";
getfooter($sid);
}
///////////////////////////////////////Unblock inbox
else if($action=="openinbox"){
$who = $_GET["who"];
echo "<p align=\"center\">";
$res = mysql_query("UPDATE ibwf_users SET inboxb='0' WHERE id='".$who."'");
$res1 = mysql_query("DELETE FROM ibwf_penalties WHERE penalty='2' AND uid='".$who."'");
if($res){
$unick = getnick_uid($who);
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> unblocked the user <b>".$unick."</b> inbox', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>$unick inbox unblocked";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/></p>";
getfooter($sid);
}
///////////////////////////////////////Unblock forum
else if($action=="openforum"){
$who = $_GET["who"];
echo "<p align=\"center\">";
$res = mysql_query("UPDATE ibwf_users SET forumb='0' WHERE id='".$who."'");
if($res){
$unick = getnick_uid($who);
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> unblocked the user <b>".$unick."</b> forum access', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>$unick forum unblocked";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><p/>";
getfooter($sid);
}
///////////////////////////////////////Unblock Shoutbox
else if($action=="openshout"){
$who = $_GET["who"];
echo "<p align=\"center\">";
$res = mysql_query("UPDATE ibwf_users SET shoutb='0' WHERE id='".$who."'");
if($res){
$unick = getnick_uid($who);
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> unblocked the user <b>".$unick."</b> shoutbox', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>$unick Shoutbox unblocked";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/></p>";
getfooter($sid);
}
///////////////////////////////////////Delete shout
else if($action=="chilmit"){
$shid = $_GET["shid"];
echo "<p align=\"center\">";
$res = mysql_query("DELETE FROM ibwf_shouts WHERE id ='".$shid."'");
if($res){
$sql = mysql_fetch_array(mysql_query("SELECT shout, shouter FROM ibwf_shouts WHERE id='".$shid."'"));
$modname = getnick_uid(getuid_sid($sid));
$shouter = getnick_uid($sql[1]);
$shout = substr("$sql[0]", 0, 30);
mysql_query("INSERT INTO ibwf_mlog SET action='shouts', details='<b>".$modname."</b> Deleted Shout Number <b>".$shid."</b>', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Shout deleted";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo "</p>";
getfooter($sid);
}
//////////////////////////Edit Shout/////////////////////////////
else if($action=="chileditfin"){
$shid = $_GET["id"];
$shtxt = $_POST["shtxt"];
echo "<p align=\"center\">";
$res = mysql_query("UPDATE ibwf_shouts SET shout='".$shtxt."' WHERE id='".$shid."'");
if($res){
$sql = mysql_fetch_array(mysql_query("SELECT shout, shouter FROM ibwf_shouts WHERE id='".$shid."'"));
$modname = getnick_uid(getuid_sid($sid));
$shouter = getnick_uid($sql[1]);
$shout = substr("$sql[0]", 0, 30);
mysql_query("INSERT INTO ibwf_mlog SET action='shouts', details='<b>".$modname."</b> Edited <b>".$shouter."</b>\'s Shout <b><i>".$shout."...</i></b>', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Shout Edited!<br/><br/><a href=\"lists.php?action=shouts&sid=$sid\">Shouts</a>";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error!<br/><br/><a href=\"lists.php?action=shouts&sid=$sid\">Shouts</a>";
}
echo "<br/><br/>";
echo "</p>";
getfooter($sid);
}
///////////////////////////////////////shield
else if($action=="dhaal"){
$who = $_GET["who"];
echo "<p align=\"center\">";
$res = mysql_query("Update ibwf_users SET shield='1' WHERE id='".$who."'");
if($res){
$unick = getnick_uid($who);
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Shielded The user <b>".$unick."'</b>, actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>$unick is Shielded";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/></p>";
getfooter($sid);
}
///////////////////////////////////////Unshield
else if($action=="chalbhag"){
$who = $_GET["who"];
echo "<p align=\"center\">";
$res = mysql_query("Update ibwf_users SET shield='0' WHERE id='".$who."'");
if($res){
$unick = getnick_uid($who);
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Unshielded The user <b>".$unick."'</b>, actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>$unick is Unshielded";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/></p>";
getfooter($sid);
}
///////////////////////////////////////Pin/ Unpin Topic
else if($action=="mantu"){
$tid = $_GET["tid"];
$tdo = $_GET["tdo"];
$fid = getfid_tid($tid);
echo "<p align=\"center\">";
$pnd = getpinned($fid);
if($pnd<=5){
$res = mysql_query("UPDATE ibwf_topics SET pinned='"
.$tdo."' WHERE id='".$tid."'");
if($res){
if($tdo==1){
$msg = "Pinned";
}else{
$msg = "Unpinned";
}
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> $msg The thread ".mysql_escape_string(gettname($tid))." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Topic $msg";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>You can only pin 5 topics in every forum";
}
echo "<br/><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a></p>";
getfooter($sid);
}
///////////////////////////////////Delete topic
else if($action=="star"){
$tid = $_GET["tid"];
$fid = getfid_tid($tid);
echo "<p align=\"center\">";
$tname=gettname($tid);
$res = mysql_query("DELETE FROM ibwf_topics WHERE id='".$tid."'");
if($res){
mysql_query("DELETE FROM ibwf_posts WHERE tid='".$tid."'");
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Deleted The thread ".mysql_escape_string($tname)." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Topic Deleted";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a></p>";
}
////////////////////////////////////////////rename topic
else if($action=="bhaada"){
$tid = $_GET["tid"];
$tname = $_POST["tname"];
$fid = getfid_tid($tid);
echo "<p align=\"center\">";
$otname = gettname($tid);
if(trim($tname!="")){
$not = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_topics WHERE name LIKE '".$tname."' AND fid='".$fid."'"));
if($not[0]==0){
$res = mysql_query("UPDATE ibwf_topics SET name='"
.$tname."' WHERE id='".$tid."'");
if($res){
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Renamed The thread ".mysql_escape_string($otname)." to ".mysql_escape_string($tname)." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Topic Renamed";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Topic Name already exist";
}
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>You must specify a name for the topic";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewtpc&sid=$sid&tid=$tid\">";
echo "View Topic</a><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a></p>";
getfooter($sid);
}
///////////////////////////////////////////////////Move topic
else if($action=="mtvbakra"){
$tid = $_GET["tid"];
$mtf = $_POST["mtf"];
$fname = htmlspecialchars(getfname($mtf));
echo "<p align=\"center\">";
$not = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_topics WHERE name LIKE '".$tname."' AND fid='".$mtf."'"));
if($not[0]==0){
$res = mysql_query("UPDATE ibwf_topics SET fid='"
.$mtf."', moved='1' WHERE id='".$tid."'");
if($res){
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Moved The thread ".mysql_escape_string($tname)." to forum ".getfname($fid)."', actdt='".time()."'");
$tpci = mysql_fetch_array(mysql_query("SELECT name, authorid FROM ibwf_topics WHERE id='".$tid."'"));
$tname = htmlspecialchars($tpci[0]);
$msg = "your thread [topic=$tid]$tname"."[/topic] Was moved to $fname forum[br/][small][i]p.s: this is an automatic pm[/i][/small]";
autopm($msg, $tpci[1]);
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Topic Moved";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Topic Name already exist";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewfrm&sid=$sid&fid=$mtf\">";
echo "$fname</a></p>";
getfooter($sid);
}
//////////////////////////////////////////Handle PM
else if($action=="phm97"){
$pid = $_GET["pid"];
echo "<p align=\"center\">";
$info = mysql_fetch_array(mysql_query("SELECT byuid, touid FROM ibwf_private WHERE id='".$pid."'"));
$res = mysql_query("UPDATE ibwf_private SET reported='2' WHERE id='".$pid."'");
if($res){
mysql_query("INSERT INTO ibwf_mlog SET action='handling', details='<b>".getnick_uid(getuid_sid($sid))."</b> handled The PM ".$pid."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>PM Handled";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewuser&sid=$sid&who=$info[0]\">PM Sender's Profile</a><br/>";
echo "<a href=\"index.php?action=viewuser&sid=$sid&who=$info[1]\">PM Reporter's Profile</a><br/><br/>";
echo "<a href=\"adctrl.php?action=he3nomain&sid=$sid\">";
echo "Mod R/L</a></p>";
getfooter($sid);
}
//////////////////////////////////////////Handle Post
else if($action=="phs19"){
$pid = $_GET["pid"];
echo "<p align=\"center\">";
$info = mysql_fetch_array(mysql_query("SELECT uid, tid FROM ibwf_posts WHERE id='".$pid."'"));
$res = mysql_query("UPDATE ibwf_posts SET reported='2' WHERE id='".$pid."'");
if($res){
mysql_query("INSERT INTO ibwf_mlog SET action='handling', details='<b>".getnick_uid(getuid_sid($sid))."</b> handled The Post ".$pid."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Post Handled";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
$poster = getnick_uid($info[0]);
echo "<a href=\"index.php?action=viewuser&sid=$sid&who=$info[0]\">$poster's Profile</a><br/>";
echo "<a href=\"index.php?action=viewtpc&sid=$sid&tid=$info[1]\">View Topic</a><br/><br/>";
echo "<a href=\"adctrl.php?action=he3nomain&sid=$sid\">";
echo "Mod R/L</a></p>";
getfooter($sid);
}
//////////////////////////////////////////Handle Topic
else if($action=="psu6")
{
$pid = $_GET["tid"];
echo "<p align=\"center\">";
$info = mysql_fetch_array(mysql_query("SELECT authorid FROM ibwf_topics WHERE id='".$pid."'"));
$res = mysql_query("UPDATE ibwf_topics SET reported='2' WHERE id='".$pid."'");
if($res){
mysql_query("INSERT INTO ibwf_mlog SET action='handling', details='<b>".getnick_uid(getuid_sid($sid))."</b> handled The topic ".mysql_escape_string(gettname($pid))."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Topic Handled";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
$poster = getnick_uid($info[0]);
echo "<a href=\"index.php?action=viewuser&sid=$sid&who=$info[0]\">$poster's Profile</a><br/>";
echo "<a href=\"index.php?action=viewtpc&sid=$sid&tid=$pid\">View Topic</a><br/><br/>";
echo "<a href=\"adctrl.php?action=he3nomain&sid=$sid\">";
echo "Mod R/L</a></p>";
getfooter($sid);
}
////////////////////////////////////////Punish
else if($action=="sazadore"){
$pid = $_POST["pid"];
$who = $_POST["who"];
$pres = $_POST["pres"];
$pds = $_POST["pds"];
$phr = $_POST["phr"];
$pmn = $_POST["pmn"];
$psc = $_POST["psc"];
echo "<p align=\"center\">";
$uip = "";
$ubr = "";
$pmsg[0]="Outgoing Blocked";
$pmsg[1]="Banned";
$pmsg[2]="Inbox Blocked";
$pmsg[3]="Forum Blocked";
$pmsg[4]="Shoutbox Blocked";
if($pid=='2'){
$res = mysql_query("UPDATE ibwf_users SET inboxb='1' WHERE id='".$who."'");
}
else if($pid=='3'){
$res = mysql_query("UPDATE ibwf_users SET forumb='1' WHERE id='".$who."'");
}
else if($pid=='4'){
$res = mysql_query("UPDATE ibwf_users SET shoutb='1' WHERE id='".$who."'");
}
if(trim($pres)==""){
echo "<img src=\"images/notok.gif\" alt=\"X\"/>You must Specify a reson for punishing the user";
}else{
$timeto = $pds*24*60*60;
$timeto += $phr*60*60;
$timeto += $pmn*60;
$timeto += $psc;
$ptime = $timeto + time();
$unick = getnick_uid($who);
if(($who==1) || ($who==2) || ($who==3))
{
$res1 = mysql_query("INSERT INTO ibwf_penalties SET uid='".getuid_sid($sid)."', penalty='".$pid."', exid='".$who."', timeto='".$ptime."', pnreas='".mysql_escape_string($pres)."', ipadd='".$uip."', browserm='".$ubr."'");
mysql_query("UPDATE ibwf_users SET lastpnreas='Banning an administrator' WHERE id='".getuid_sid($sid)."'");
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>The user ".getnick_uid(getuid_sid($sid))." got autopunished for ".$timeto." seconds</b>', actdt='".time()."'");
echo "You tried to ban an important member of Team India so you are reverse punished!!";
}
else{
$res = mysql_query("INSERT INTO ibwf_penalties SET uid='".$who."', penalty='".$pid."', exid='".getuid_sid($sid)."', timeto='".$ptime."', pnreas='".mysql_escape_string($pres)."', ipadd='".$uip."', browserm='".$ubr."'");
}
if($res){
mysql_query("UPDATE ibwf_users SET lastpnreas='".$pmsg[$pid].": ".mysql_escape_string($pres)."' WHERE id='".$who."'");
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> $pmsg[$pid] The user <b>".$unick."</b> For ".$timeto." Seconds', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>$unick is $pmsg[$pid] for $timeto Seconds";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
}
echo "</p>";
getfooter($sid);
}
////////////////////////////////////////Add Remove Plusses
else if($action=="pls"){
$pid = $_POST["pid"];
$who = $_POST["who"];
$pres = $_POST["pres"];
$pval = $_POST["pval"];
echo "<p align=\"center\">";
$unick = getnick_uid($who);
$opl = mysql_fetch_array(mysql_query("SELECT plusses FROM ibwf_users WHERE id='".$who."'"));
if($pid=='0'){
$npl = $opl[0] - $pval;
}else{
$npl = $opl[0] + $pval;
}
if($npl<0){
$npl=0;
}
if(trim($pres)==""){
echo "<img src=\"images/notok.gif\" alt=\"X\"/>You must Specify a reson for updating $unick's Points!";
}else{
$res = mysql_query("UPDATE ibwf_users SET lastplreas='".mysql_escape_string($pres)."', plusses='".$npl."' WHERE id='".$who."'");
if($res){
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Updated <b>".$unick."</b> points from ".$opl[0]." to $npl', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>$unick's Points Updated From $opl[0] to $npl";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error!";
}
}
echo "</p>";
getfooter($sid);
}
else{
echo "<p align=\"center\">";
$idiot = getnick_sid($sid);
$idiot1 = $REMOTE_ADDR;
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='$idiot $idiot1 was trying to hack the site!!', actdt='".time()."'");
echo "If you are a normal user then I don't know how did you get into here, but there's nothing to show! Else if you are an idiot hacker then you will be thrown out very soon! Your IP and phone number will be blocked from accessing INDIANWAP!<br/><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p>";
}
boxend();
?>
</font></body></html>