<?php
header("Cache-Control: no-cache, must-revalidate"); // Prevent caching, HTTP/1.1
header("Pragma: no-cache");
//header('Content-type: application/vnd.wap.xhtml+xml');
echo "<?xml version=\"1.0\"?>";
echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\" \"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">";
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<?php
include("config.php");
include("core.php");
connectdb();
$action = $_GET["action"];
$sid = $_GET["sid"];
$uid = getuid_sid($sid);
$theme = mysql_fetch_array(mysql_query("SELECT theme FROM ibwf_users WHERE id='".$uid."'"));
$sitename = mysql_fetch_array(mysql_query("SELECT value FROM ibwf_settings WHERE name='sitename'"));
$sitename = $sitename[0];
if(!ismod(getuid_sid($sid)))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
echo "<b>Permission Denied!</b><br/>";
echo "<br/>Only mod/admin can use this page...<br/>";
echo "<a href=\"index.php\">Home</a>";
echo "</p>";
echo "</body>";
echo "</html>";
exit();
}
if(islogged($sid)==false)
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/white.css\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
echo "You are not logged in<br/>";
echo "Or Your session has been expired<br/><br/>";
echo "<a href=\"index.php\">Login</a>";
echo "</p>";
echo "</body>";
}
addonline(getuid_sid($sid),"Admin Tools","");
if($action=="delp")
{
$pid = $_GET["pid"];
$tid = gettid_pid($pid);
$fid = getfid_tid($tid);
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
$res = mysql_query("DELETE FROM ibwf_posts WHERE id='".$pid."'");
if($res)
{
$tname = mysql_fetch_array(mysql_query("SELECT name FROM ibwf_topics WHERE id='".$tid."'"));
mysql_query("INSERT INTO ibwf_mlog SET action='posts', details='<b>".getnick_uid(getuid_sid($sid))."</b> Deleted Post Number $pid Of the thread ".mysql_escape_string($tname[0])." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>Post Message Deleted";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/><b>8 </b><a accesskey=\"8\" href=\"index.php?action=viewtpc&sid=$sid&tid=$tid&page=1000\">View Topic</a><br/>";
$fname = getfname($fid);
echo "<b>9 </b><a accesskey=\"9\" href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">$fname</a><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
else if($action=="delcmt")
{
$id = $_GET["id"];
echo "<head>";
echo "<title>Delete Comment</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
$res = mysql_query("DELETE FROM ibwf_galcomments WHERE id ='".$id."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='comment', details='<b>".getnick_uid(getuid_sid($sid))."</b> Deleted a Photo Comment', actdt='".time()."'");
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>Comment deleted";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></body>";
}
////////////////////////////////////////////Edit Post
else if($action=="edtpst")
{
$pid = $_GET["pid"];
$ptext = $_POST["ptext"];
$tid = gettid_pid($pid);
$fid = getfid_tid($tid);
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
$res = mysql_query("UPDATE ibwf_posts SET text='"
.$ptext."' WHERE id='".$pid."'");
if($res)
{
$tname = mysql_fetch_array(mysql_query("SELECT name FROM ibwf_topics WHERE id='".$tid."'"));
mysql_query("INSERT INTO ibwf_mlog SET action='posts', details='<b>".getnick_uid(getuid_sid($sid))."</b> Edited Post Number $pid Of the thread ".mysql_escape_string($tname[0])." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>Post Message Edited";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=viewtpc&sid=$sid&tid=$tid\">View Topic</a><br/>";
$fname = getfname($fid);
echo "<b>9 </b><a accesskey=\"9\" href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">$fname</a><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
////////////////////////////////////////////Edit Post
else if($action=="edttpc")
{
$tid = $_GET["tid"];
$ttext = $_POST["ttext"];
$fid = getfid_tid($tid);
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
$res = mysql_query("UPDATE ibwf_topics SET text='"
.$ttext."' WHERE id='".$tid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Edited the text Of the thread ".mysql_escape_string(gettname($tid))." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>Topic Message Edited";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=viewtpc&sid=$sid&tid=$tid\">View Topic</a><br/>";
$fname = getfname($fid);
echo "<b>9 </b><a accesskey=\"9\" href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">$fname</a><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
///////////////////////////////////////Close/ Open Topic
else if($action=="clot")
{
$tid = $_GET["tid"];
$tdo = $_GET["tdo"];
$fid = getfid_tid($tid);
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
$res = mysql_query("UPDATE ibwf_topics SET closed='"
.$tdo."' WHERE id='".$tid."'");
if($res)
{
if($tdo==1)
{
$msg = "Closed";
}else{
$msg = "Opened";
}
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Closed The thread ".mysql_escape_string(gettname($tid))." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>Topic $msg";
$tpci = mysql_fetch_array(mysql_query("SELECT name, authorid FROM ibwf_topics WHERE id='".$tid."'"));
$tname = htmlspecialchars($tpci[0]);
$msg = "your thread [topic=$tid]$tname"."[/topic] is $msg"."[br/][small][i]p.s: this is an automatic pm[/i][/small]";
autopm($msg, $tpci[1]);
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
$fname = getfname($fid);
echo "<b>9 </b><a accesskey=\"9\" href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">$fname</a><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
///////////////////////////////////////Untrash user
else if($action=="untr")
{
$who = $_GET["who"];
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
$res = mysql_query("DELETE FROM ibwf_penalties WHERE penalty='0' AND uid='".$who."'");
if($res)
{
$unick = getnick_uid($who);
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Untrashed The user <b>".$unick."', actdt='".time()."'");
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>$unick Untrashed";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
///////////////////////////////////////Unban user
else if($action=="unbn")
{
$who = $_GET["who"];
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
if(!isadmin(getuid_sid($sid)))
{
echo "Permission Denied!";
}else{
$res = mysql_query("DELETE FROM ibwf_penalties WHERE (penalty='1' OR penalty='2') AND uid='".$who."'");
if($res)
{
$unick = getnick_uid($who);
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Unbanned The user <b>".$unick."</b>', actdt='".time()."'");
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>$unick Unbanned";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Database Error";
}
}
echo "<br/><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
///////////////////////////////////////Delete shout
else if($action=="delsh")
{
$shid = $_GET["shid"];
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
if(!ismod(getuid_sid($sid)))
{
echo "Permission Denied!";
}else{
$sht = mysql_fetch_array(mysql_query("SELECT shouter, shout FROM ibwf_shouts WHERE id='".$shid."'"));
$msg = getnick_uid($sht[0]);
$msg .= ": ".htmlspecialchars((strlen($sht[1])<20?$sht[1]:substr($sht[1], 0, 20)));
$res = mysql_query("DELETE FROM ibwf_shouts WHERE id ='".$shid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='shouts', details='<b>".getnick_uid(getuid_sid($sid))."</b> Deleted the shout <b>".$shid."</b> - $msg', actdt='".time()."'");
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>Shout deleted";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Database Error";
}
}
echo "<br/><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
///////////////////////////////////////Pin/ Unpin Topic
else if($action=="pint")
{
$tid = $_GET["tid"];
$tdo = $_GET["tdo"];
$fid = getfid_tid($tid);
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
$pnd = getpinned($fid);
if($pnd<=5)
{
$res = mysql_query("UPDATE ibwf_topics SET pinned='"
.$tdo."' WHERE id='".$tid."'");
if($res)
{
if($tdo==1)
{
$msg = "Pinned";
}else{
$msg = "Unpinned";
}
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> $msg The thread ".mysql_escape_string(gettname($tid))." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>Topic $msg";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>You can only pin 5 topics in every forum";
}
echo "<br/><br/>";
$fname = getfname($fid);
echo "<b>9 </b><a accesskey=\"9\" href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">$fname</a><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
///////////////////////////////////Delete the damn thing
else if($action=="delt")
{
$tid = $_GET["tid"];
$fid = getfid_tid($tid);
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
$tname=gettname($tid);
$res = mysql_query("DELETE FROM ibwf_topics WHERE id='".$tid."'");
if($res)
{
mysql_query("DELETE FROM ibwf_posts WHERE tid='".$tid."'");
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Deleted The thread ".mysql_escape_string($tname)." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>Topic Deleted";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
$fname = getfname($fid);
echo "<b>9 </b><a accesskey=\"9\" href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">$fname</a><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
////////////////////////////////////////////Edit Post
else if($action=="rentpc")
{
$tid = $_GET["tid"];
$tname = $_POST["tname"];
$fid = getfid_tid($tid);
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
$otname = gettname($tid);
if(trim($tname!=""))
{
$not = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_topics WHERE name LIKE '".$tname."' AND fid='".$fid."'"));
if($not[0]==0)
{
$res = mysql_query("UPDATE ibwf_topics SET name='"
.$tname."' WHERE id='".$tid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Renamed The thread ".mysql_escape_string($otname)." to ".mysql_escape_string($tname)." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>Topic Renamed";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Topic Name already exist";
}
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>You must specify a name for the topic";
}
echo "<br/><br/>";
echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=viewtpc&sid=$sid&tid=$tid\">View Topic</a><br/>";
$fname = getfname($fid);
echo "<b>9 </b><a accesskey=\"9\" href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">$fname</a><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
///////////////////////////////////////////////////Move topic
else if($action=="mvt")
{
$tid = $_GET["tid"];
$mtf = $_POST["mtf"];
$fname = htmlspecialchars(getfname($mtf));
//$fid = getfid_tid($tid);
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
$not = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_topics WHERE name LIKE '".$tname."' AND fid='".$mtf."'"));
if($not[0]==0)
{
$res = mysql_query("UPDATE ibwf_topics SET fid='"
.$mtf."', moved='1' WHERE id='".$tid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Moved The thread ".mysql_escape_string($tname)." to forum ".getfname($fid)."', actdt='".time()."'");
$tpci = mysql_fetch_array(mysql_query("SELECT name, authorid FROM ibwf_topics WHERE id='".$tid."'"));
$tname = htmlspecialchars($tpci[0]);
$msg = "your thread [topic=$tid]$tname"."[/topic] Was moved to $fname forum[br/][small][i]p.s: this is an automatic pm[/i][/small]";
autopm($msg, $tpci[1]);
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>Topic Moved";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Topic Name already exist";
}
echo "<br/><br/>";
echo "<b>9 </b><a accesskey=\"9\" href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">$fname</a><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
//////////////////////////////////////////Handle PM
else if($action=="hpm")
{
$pid = $_GET["pid"];
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
if(!isowner(getuid_sid($sid)))
{
echo "Permission Denied!";
}else{
$info = mysql_fetch_array(mysql_query("SELECT byuid, touid FROM ibwf_private WHERE id='".$pid."'"));
$res = mysql_query("UPDATE ibwf_private SET reported='2' WHERE id='".$pid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='handling', details='<b>".getnick_uid(getuid_sid($sid))."</b> handled The PM ".$pid."', actdt='".time()."'");
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>PM Handled";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Database Error";
}
}
echo "<br/><br/>";
echo "<b>7 </b><a accesskey=\"7\" href=\"index.php?action=viewuser&sid=$sid&who=$info[0]\">PM Sender's Profile</a><br/>";
echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=viewuser&sid=$sid&who=$info[1]\">PM Reporter's Profile</a><br/><br/>";
echo "<b>9 </b><a accesskey=\"9\" href=\"modcp.php?action=main&sid=$sid\">Reports/Logs</a><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
//////////////////////////////////////////Handle Popup
else if($action=="hpop")
{
$pid = $_GET["pid"];
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
if(!isowner(getuid_sid($sid)))
{
echo "Permission Denied!";
}else{
$info = mysql_fetch_array(mysql_query("SELECT byuid, touid FROM ibwf_popups WHERE id='".$pid."'"));
$res = mysql_query("UPDATE ibwf_popups SET reported='2' WHERE id='".$pid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='handling', details='<b>".getnick_uid(getuid_sid($sid))."</b> handled The Popup ".$pid."', actdt='".time()."'");
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>Popup Handled";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Database Error";
}
}
echo "<br/><br/>";
echo "<b>7 </b><a accesskey=\"7\" href=\"index.php?action=viewuser&sid=$sid&who=$info[0]\">PM Sender's Profile</a><br/>";
echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=viewuser&sid=$sid&who=$info[1]\">PM Reporter's Profile</a><br/><br/>";
echo "<b>9 </b><a accesskey=\"9\" href=\"modcp.php?action=main&sid=$sid\">Reports/Logs</a><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
//////////////////////////////////////////Handle Post
else if($action=="hps")
{
$pid = $_GET["pid"];
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
if(!isowner(getuid_sid($sid)))
{
echo "Permission Denied!";
}else{
$info = mysql_fetch_array(mysql_query("SELECT uid, tid FROM ibwf_posts WHERE id='".$pid."'"));
$res = mysql_query("UPDATE ibwf_posts SET reported='2' WHERE id='".$pid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='handling', details='<b>".getnick_uid(getuid_sid($sid))."</b> handled The Post ".$pid."', actdt='".time()."'");
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>Post Handled";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Database Error";
}
}
echo "<br/><br/>";
$poster = getnick_uid($info[0]);
echo "<b>7 </b><a accesskey=\"7\" href=\"index.php?action=viewuser&sid=$sid&who=$info[0]\">$poster's Profile</a><br/>";
echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=viewtpc&sid=$sid&tid=$info[1]\">View Topic</a><br/><br/>";
echo "<b>9 </b><a accesskey=\"9\" href=\"modcp.php?action=main&sid=$sid\">Reports/Logs</a><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
//////////////////////////////////////////Handle Topic
else if($action=="htp")
{
$pid = $_GET["tid"];
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
if(!isowner(getuid_sid($sid)))
{
echo "Permission Denied!";
}else{
$info = mysql_fetch_array(mysql_query("SELECT authorid FROM ibwf_topics WHERE id='".$pid."'"));
$res = mysql_query("UPDATE ibwf_topics SET reported='2' WHERE id='".$pid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='handling', details='<b>".getnick_uid(getuid_sid($sid))."</b> handled The topic ".mysql_escape_string(gettname($pid))."', actdt='".time()."'");
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>Topic Handled";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Database Error";
}
}
echo "<br/><br/>";
$poster = getnick_uid($info[0]);
echo "<b>7 </b><a accesskey=\"7\" href=\"index.php?action=viewuser&sid=$sid&who=$info[0]\">$poster's Profile</a><br/>";
echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=viewtpc&sid=$sid&tid=$pid\">View Topic</a><br/><br/>";
echo "<b>9 </b><a accesskey=\"9\" href=\"modcp.php?action=main&sid=$sid\">Reports/Logs</a><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
////////////////////////////////////////plusses
else if($action=="pls")
{
$pid = $_POST["pid"];
$who = $_POST["who"];
$pres = $_POST["pres"];
$pval = $_POST["pval"];
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
if(!isadmin(getuid_sid($sid)))
{
echo "Permission Denied!";
}else{
$unick = getnick_uid($who);
$opl = mysql_fetch_array(mysql_query("SELECT plusses FROM ibwf_users WHERE id='".$who."'"));
if($pid=='0')
{
$npl = $opl[0] - $pval;
}else{
$npl = $opl[0] + $pval;
}
if($npl<0)
{
$npl=0;
}
if(trim($pres)=="")
{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>You must Specify a reson for updating $unick's Plusses";
}else{
$res = mysql_query("UPDATE ibwf_users SET lastplreas='".mysql_escape_string($pres)."', plusses='".$npl."' WHERE id='".$who."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Updated <b>".$unick."</b> plusses from ".$opl[0]." to $npl', actdt='".time()."'");
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>$unick's Plusses Updated From $opl[0] to $npl";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Database Error";
}
}
}
echo "<br/><br/><b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
else{
echo "<head>";
echo "<title>Admin Tools</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
echo "I don't know how did you get into here, but there's nothing to show<br/><br/>";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p></body>";
}
?>
</html>