Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*********************************\
- Wsc Cms V1 Main Functions
- \*********************************/
- //Login Function
- function login(){
- include("./core/core_includes/config.php");
- if (isset($_POST['login'])){
- $success="./page.php?page=login&detail=success"; $fail="./page.php?page=login&detail=fail";
- $user = mysql_real_escape_string(stripslashes(htmlentities($_POST['username'])));
- $pass = mysql_real_escape_string(stripslashes(htmlentities($_POST['password'])));
- $pass = sha1(strtoupper($user) . ":" . strtoupper($pass));
- $user = ucfirst($user);
- mysql_select_db("$db_account", $con)or die("cannot select DB");
- $admin_check = mysql_query("SELECT * FROM account WHERE username='$user' AND sha_pass_hash='$pass' AND gm='3'");
- $admin = mysql_num_rows($admin_check); $adminc = mysql_num_rows($a_c);
- $gm_check = mysql_query("SELECT * FROM account WHERE username='$user' AND sha_pass_hash='$pass' AND gm='2'");
- $gm = mysql_num_rows($gm_check);
- $player_check = mysql_query("SELECT * FROM account WHERE username='$user' AND sha_pass_hash='$pass' AND gm='0'");
- $player = mysql_num_rows($player_check);
- if($player == 1){//Player
- header("Location: ". $success );
- //Set session data
- $_SESSION["valid_id"] = $obj->id;
- $_SESSION['wsc_user'] = "$user";
- $_SESSION["valid_time"] = time();
- }
- else if($gm == 1){//Gm
- header("Location: ". $success );
- //Set session data
- $_SESSION["valid_id"] = $obj->id;
- $_SESSION['wsc_user'] = "$user";
- $_SESSION['wsc_gm'] = "$user";
- $_SESSION["valid_time"] = time();
- }
- else if($admin == 1){//Admin
- header("Location: ". $success );
- //Set session data
- $_SESSION["valid_id"] = $obj->id;
- $_SESSION['wsc_user'] = "$user";
- $_SESSION['wsc_admin'] = "$user";
- $_SESSION["valid_time"] = time();
- }
- else
- {
- header("Location: ". $fail );
- }
- }}
- //End Login
- //Logout Function
- function logout(){
- $url ="./";
- $time_out = 5;
- header("refresh: $time_out; url=$url");
- //Destroy Sessions
- //session_start();
- session_unset();
- session_destroy();
- }
- //End Logout
- //Account Side Function
- function sideinfo(){
- include("./core/core_includes/config.php");
- $ip=$_SERVER['REMOTE_ADDR'];
- $side_info = mysql_query("SELECT * FROM $db_account.account WHERE username='$login[0]'");
- while ($gsi = mysql_fetch_array($side_info)){
- $gotten_info[2] = $gsi['id'];
- $gotten_info[3] = $gsi['locked'];
- $gotten_info[4] = $gsi['mutetime'];
- $gotten_info[5] = $gsi['vp'];
- $gotten_info[6] = $gsi['dp'];
- if($gotten_info[3]!="0"){
- $banned="Banned";
- }else if($gotten_info[3]=="0"){
- $banned="Not Banned";
- }else{}
- if($gotten_info[4]!="0"){
- $muted="Muted";
- }else if($gotten_info[4]=="0"){
- $muted="Not Muted";
- }else{}
- }
- print'<div style="margin-left:10px;">
- Welcome, '.$login[0].''; if($login[2]==true){print' - [<a href="./page.php?acp=home">Admin Panel</a>]';}else{} print' - [<a href="./page.php?page=logout">Logout</a>]<br/>
- Your Account Id Is: '.$gotten_info[2].'<br/>
- Your Current Ip Is: '.$ip.'<br/>
- Your Account Is '.$banned.'<br/>
- Your Account Is '.$muted.'<br/>
- V.I.P Points: '.$gotten_info[6].' - [<a href="#">V.I.P Shop</a>]<br/>
- Vote Points: '.$gotten_info[5].' - [<a href="#">Vote Shop</a>]
- </div>';
- }
- //End Account Side
- //Account Panel Function
- function accountpanel(){
- include("./core/core_includes/config.php");
- $ip=$_SERVER['REMOTE_ADDR'];
- $side_info = mysql_query("SELECT * FROM $db_account.account WHERE username='$login[0]'");
- while ($gsi = mysql_fetch_array($side_info)){
- $gotten_info[0] = $gsi['last_login'];
- $gotten_info[1] = $gsi['last_ip'];
- $gotten_info[2] = $gsi['id'];
- $gotten_info[3] = $gsi['locked'];
- $gotten_info[4] = $gsi['mutetime'];
- $gotten_info[5] = $gsi['vp'];
- $gotten_info[6] = $gsi['dp'];
- //$gotten_info[7] = $gsi['gm'];
- $gotten_info[8] = $gsi['vip'];
- if($gotten_info[3]!="0"){
- $banned="Banned";
- }else if($gotten_info[3]=="0"){
- $banned="Not Banned";
- }else{}
- if($gotten_info[4]!="0"){
- $muted="Muted";
- }else if($gotten_info[4]=="0"){
- $muted="Not Muted";
- }else{}
- if($login[2]==true){$account_rank="Admin";}else if($login[1]==true){$account_rank="Gm";}else if($login[0]==true){$account_rank="Player";}else{}
- }
- print'
- Your Account Name Is: '.$login[0].'<br/>
- Your Account Id Is: '.$gotten_info[2].'<br/>
- Your Last Login Was: '.$gotten_info[0].'<br/>
- Your Last Ip Was: '.$gotten_info[1].'<br/>
- Your Current Ip Is: '.$ip.'<br/>
- Your Account Is '.$banned.'<br/>
- Your Account Is '.$muted.'<br/><br/>
- Account Rank: '.$account_rank.'<br/>
- V.I.P Points: '.$gotten_info[6].'<br/>
- Vote Points: '.$gotten_info[5].'<br/>
- ';
- }
- //End Account Panel
- //Register Function
- function register(){
- if(isset($_POST['register'])){
- include("./core/core_includes/config.php");
- if(empty($_POST['username'])){print'<br/><center>You Must Enter A Username.</center>';}
- if(empty($_POST['password'])){print'<br/><center>You Must Enter A Password.</center>';}
- if(empty($_POST['password-confirm'])){print'<br/><center>You Must Confirm Your Password.</center>';}
- if(empty($_POST['email'])){print'<br/><center>You Must Enter A Email Address.</center>';}
- if(empty($_POST['email-confirm'])){print'<br/><center>You Must Confirm Your Email Address.</center>';}
- if(empty($_POST['code-confirm'])){print'<br/><center>You Must Confirm The Code.</center>';}
- mysql_select_db("$db_account", $con);
- $username = mysql_real_escape_string(stripslashes(htmlentities($_POST['username'])));
- $password[1] = mysql_real_escape_string(stripslashes(htmlentities($_POST['password'])));
- $password[2] = mysql_real_escape_string(stripslashes(htmlentities($_POST['password-confirm'])));
- $email[1] = mysql_real_escape_string(stripslashes(htmlentities($_POST['email'])));
- $email[2] = mysql_real_escape_string(stripslashes(htmlentities($_POST['email-confirm'])));
- $code[1] = mysql_real_escape_string(stripslashes(htmlentities($_POST['code'])));
- $code[2] = mysql_real_escape_string(stripslashes(htmlentities($_POST['code-confirm'])));
- $check_pass = sha1(strtoupper($username) . ":" . strtoupper($password[1]));
- $password[3] = strtoupper($check_pass);
- $username = ucfirst($username); $email[1] = ucfirst($email[1]); $email[2] = ucfirst($email[2]);
- $pulldata = mysql_query("SELECT * FROM account where username='$username'");
- while ($pull = mysql_fetch_array($pulldata))
- {
- $user_get=$pull['username'];
- if($user_get==true){echo'<br/><center>'.$user_get.' Is Already Taken, Please Choose Another Username.</center>';}
- }
- if($code[1]!="$code[2]"){echo'<br/><center>Invalid Verification Code.</center>';}
- if($password[1] != "$password[2]"){echo'<br/><center>The Confirmed Password You Entered Does Not Match The Password You Entered.</center>';}
- if($email[1] != "$email[2]"){echo'<br/><center>The Confirmed Email You Entered Does Not Match The Email You Entered.</center>';}
- if($user_get==false && $code[1]=="$code[2]" && $password[1]=="$password[2]" && $email[1]=="$email[2]" && empty($_POST['username'])==false && empty($_POST['password'])==false && empty($_POST['password-confirm'])==false && empty($_POST['email'])==false && empty($_POST['email-confirm'])==false && empty($_POST['code-confirm'])==false)
- {
- define('IN_PHPBB', true);
- global $phpbb_root_path, $phpEx, $user, $db, $config, $cache, $template;
- $phpbb_root_path = './forums/'; // Your path here
- $phpEx = substr(strrchr(__FILE__, '.'), 1);
- //include($phpbb_root_path . 'common.' . $phpEx);
- include("./forums/common.php");
- // Start session management
- $user->session_begin();
- $auth->acl($user->data);
- $user->setup();
- require($phpbb_root_path .'includes/functions_user.php');
- // Do a check if username is allready there, same for email, otherwhise a nasty error will occur
- $user_row = array(
- 'username' => $username,
- 'username_clean' => $username,
- 'user_password' => phpbb_hash($password[1]),
- 'user_pass_convert' => 0,
- 'user_email' => strtolower($email[1]),
- 'user_email_hash' => crc32(strtolower($email[1])) . strlen($email[1]),
- 'group_id' => 2,
- 'user_timezone' => '1.00',
- 'user_dst' => 0,
- 'user_lang' => 'en',
- 'user_type' => '0',
- 'user_actkey' => '',
- 'user_dateformat' => 'd M Y H:i',
- 'user_style' => 1,
- 'user_regdate' => time(),
- );
- $phpbb_user_id = user_add($user_row);
- if($phpbb_user_id == true){
- mysql_query("INSERT INTO account (username, sha_pass_hash, email, expansion)
- VALUES ('$username', '$password[3]', '$email[1]', '2')");
- echo'<br/><center>The Account "<i>'.$username.'</i>" Has Been Created.</center>';}else{print'<br/><center>Account creation failed... contact an Administrator.</center>';}
- }}}
- //End Register
- //Smtp Function
- function smtp(){
- //
- if(isset($_POST['forgot'])){
- include("./core/core_includes/config.php");
- mysql_select_db("$db_account", $con);
- $username = mysql_real_escape_string(stripslashes(htmlentities($_POST['username'])));
- $email = mysql_real_escape_string(stripslashes(htmlentities($_POST['email'])));
- $email = ucfirst($email); $username = ucfirst($username);
- $check_username = mysql_query("SELECT * FROM account WHERE username='$username'");
- $check_email = mysql_query("SELECT * FROM account WHERE username='$username' AND email='$email'");
- $checking[1] = mysql_num_rows($check_username);
- $checking[2] = mysql_num_rows($check_email);
- if($checking[1] != 1){print"<br/><center>{$username} Doesn't Match Any Account In Our Records.</center>";}
- if($checking[2] != 1){print"<br/><center>{$email} Doesn't Match Any Account In Our Records.</center>";}
- if($checking[1]==1 && $checking[2]==1){
- //
- $get_ret = mysql_query("SELECT * FROM account WHERE username='$username' AND email='$email'");
- while ($gr = mysql_fetch_array($get_ret)){
- $c_u = $gr['username'];
- $c_e = $gr['email'];
- $c_p = $gr['sha_pass_hash'];
- $verify="";
- $length = 10;
- $characters = '0123456789abcdefghijklmnopqrstuvwxyz';
- //$string = ”;
- for ($p = 0; $p < $length; $p++) {
- $newg_pass .= $characters[mt_rand(0, strlen($characters))];
- }
- $check_pass = sha1(strtoupper($c_u) . ":" . strtoupper($newg_pass));
- $password = strtoupper($check_pass);
- }
- //
- $subject = "{$title} - Password Retrieval";
- $from = "$c_e";
- $body = "Hi {$c_u}, Your New Password Is: {$password}";
- $to = "$c_e";
- if (mail($to, $subject, $body, $from)) {
- mysql_query("UPDATE $db_account.account SET sha_pass_hash='$password', v='0', s='0' WHERE username='$c_u' AND sha_pass_hash='$c_p'");
- print'<br/><center>Your Password Was Emailed To You.</center>';
- } else {
- print'<br/><center>Were sorry, your password could not be emailed to you, please contact an administrator if this is your account.</center>';
- }
- //
- }}}
- //End Smtp
- //Realms Function
- function realm(){
- include("./core/core_includes/config.php");
- $get_realms = mysql_query("SELECT * FROM $db_site.realms");
- while ($got_realms = mysql_fetch_array($get_realms)){
- $realm = array(
- "id" => $got_realms['id'],
- "host" => $got_realms['host'],
- "name" => $got_realms['name'],
- "port" => $got_realms['port'],
- "db" => $got_realms['db'],
- "type" => $got_realms['type']
- );
- $err = array('no' => NULL, 'str' => NULL);
- $arcemu = @fsockopen($got_realms[host], $realm[port], $err['no'], $err['str'], (float)1.0);
- if(!$arcemu){
- $world = "Offline - ";
- }else{
- $world = "Online - ";
- }
- fclose($arcemu);
- mysql_select_db("$db_char", $con);
- $sql = "SELECT SUM(online) FROM $realm[db].characters";
- $sqlquery = mysql_query($sql) or die(mysql_error());
- $memb = mysql_result($sqlquery,0,0);
- $number = $memb / 1000;
- $total_number = $number * 1000;
- print'<div style="margin-left:10px;">'.$world.'<a href="./page.php?page=realm_status&id='.$realm[id].'">'.$realm[name].'</a> | '.$realm[type].'</div><center>
- <div class="realm-1">
- <div class="realm-2">
- </div>
- <div style="width:'.$total_number.'%; background:#351a0b; height:5px;border-right:1px solid #351a0b;"></div></div>
- </center>';
- }}
- //End Realms
- //Online Characters Function
- function online(){
- include("./core/core_includes/config.php");
- $realm_id = stripslashes(htmlentities($_GET['id']));
- $get_realms = sprintf("SELECT * FROM $db_site.realms WHERE id='%s'", $realm_id, "int");
- $got_realms = mysql_query($get_realms, $con) or die(mysql_error());
- $gr = mysql_fetch_assoc($got_realms); $realmid = $gr['id']; $realmdb = $gr['db']; $the_actual_name = $gr['name'];
- if($realm_id == "$realmid"){
- print'
- <div class="box"><div class="p-title">Online Players For '.$the_actual_name.'</div><br/><div class="box-body">';
- //
- $whosonline = '<br><table width="100%">
- <tr>
- <td align="center"><u>Name</u></td>
- <td align="center"><u>Level</u></td>
- <td align="center"><u>Race</u></td>
- <td align="center"><u>Class</u></td>
- </tr>';
- //
- $get_online_char = mysql_query("SELECT * FROM $realmdb.characters WHERE online='1'");
- while($g_o_c = mysql_fetch_array($get_online_char))
- {
- //
- $whosonline .= "<tr>
- <td align=center>{$g_o_c['name']}</td>
- <td align=center>{$g_o_c['level']}</td>
- <td align=center><img src='./core/images/race/{$g_o_c['race']}-{$g_o_c['gender']}.gif'></td>
- <td align=center><img src='./core/images/class/{$g_o_c['class']}.gif'></td>
- </tr>";}
- //
- echo $whosonline;
- print'</table></div></div></td>';}else{
- print'<div class="box"><div class="p-title">404 Realm Error</div><br/><div class="box-body">
- Invalid Realm Id.
- </div></div></td>';
- }}
- //End Online Characters
- //Shoutbox Function
- function shoutbox(){
- include("./core/core_includes/config.php");
- include("./core/core_includes/bb.php");
- include("./core/core_includes/pagination.php");
- }
- //End Shoutbox
- //News Function
- function news(){
- include("./core/core_includes/config.php");
- $news_[1] = mysql_query("SELECT * FROM $db_site.news ORDER BY id DESC LIMIT 5");
- while($news_[2] = mysql_fetch_array($news_[1])){
- $news = array(
- "id" => $news_[2]['id'],
- "title" => $news_[2]['title'],
- "author" => $news_[2]['author'],
- "date" => $news_[2]['date'],
- "post" => $news_[2]['post']
- );
- print'<div class="box"><div class="p-title">'.$news[title].' <font size="1">- Written By '.$news[author].', '.$news[date].'</font></div><br/><div class="box-body">
- '.nl2br(bbcode($news[post])).'
- </div></div>';
- }}
- //End News
- //Shout Function
- function shout(){
- include("./core/core_includes/config.php");
- if(!$login[0]){print'<br/><center>You Must Login To Use This ShoutBox!</center><br/><br/>';}else{
- if(isset($_POST['shout_it'])){
- if(!empty($_POST['shout'])){
- $shout = mysql_real_escape_string(stripslashes(htmlentities($_POST['shout'])));
- $date=date("[m/d/y]");
- $insert = mysql_query("INSERT INTO $db_site.shouts (author, shout, date)
- VALUES ('$login[0]', '$shout', '$date')");
- if (!$insert)
- {
- die('ShoutBox Error: ' . mysql_error());
- }
- }else{print'<br/><center>Your Empty Shout Was Not Posted!</center><br/><br/>';}}}}
- //End Shout
- //Change Password Function
- function cpass(){
- include("./core/core_includes/config.php");
- if(isset($_POST['change'])){
- if(empty($_POST['opass'])){print'<br/><center>You must enter your old password to continue.</center>';}
- if(empty($_POST['npass'])){print'<br/><center>You must enter a new password for your account.</center>';}
- if(empty($_POST['cpass'])){print'<br/><center>You must confirm the new password for your account.</center>';}
- if(!empty($_POST['opass']) && !empty($_POST['npass']) && !empty($_POST['cpass'])){
- $pass = array(
- "old" => mysql_real_escape_string(stripslashes(htmlentities($_POST['opass']))),
- "new" => mysql_real_escape_string(stripslashes(htmlentities($_POST['npass']))),
- "con" => mysql_real_escape_string(stripslashes(htmlentities($_POST['cpass'])))
- );
- $pass[0] = sha1(strtoupper($login[0]) . ":" . strtoupper($pass[old]));
- $cmp = sha1(strtoupper($login[0]) . ":" . strtoupper($pass['new']));
- $pass[1] = strtoupper($cmp);
- $check_pass1 = mysql_query("SELECT * FROM $db_account.account WHERE username='$login[0]' AND sha_pass_hash='$pass[0]'");
- $check_pass = mysql_num_rows($check_pass1);
- if($check_pass != 1){print'<br/><center>The old password you entered was invalid.</center>';}else{
- if($pass['new'] != $pass[con]){print'<br/><center>The confirmed password you entered does not match the new password you entered.</center>';}else{
- if($check_pass == 1 && $pass['new'] == $pass[con]){
- mysql_query("UPDATE $db_account.account SET sha_pass_hash='$pass[1]', v='0', s='0' WHERE username='$login[0]' AND sha_pass_hash='$pass[0]'");
- print'<br/><center>Your password has been changed.</center>';
- }}}}}}
- //End Change Password
- //Unstuck/Revive Function (Part 1)
- function ur1(){
- include("./core/core_includes/config.php");
- $get_acct = mysql_query("SELECT * FROM $db_account.account WHERE username='$login[0]'");
- while($gact = mysql_fetch_array($get_acct)){$acct = $gact['id'];}
- $get_ri = mysql_query("SELECT * FROM $db_site.realms");
- while($gri = mysql_fetch_array($get_ri)){$realm = $gri['db']; $rn = $gri['id'];
- print"<option>--Realm {$rn}--</option>";
- $get_cur = mysql_query("SELECT * FROM $realm.characters WHERE account='$acct'");
- while($gcur = mysql_fetch_array($get_cur)){
- print'<option value="'.$gcur['guid'].'">'.$gcur['name'].'</option>';}}
- }
- //Unstuck/Revive (Part 2)
- function ur2(){
- include("./core/core_includes/config.php");
- if(isset($_POST['urs'])){
- $guid = mysql_real_escape_string(stripslashes(htmlentities($_POST['ur'])));
- $pulldata = mysql_query("SELECT * FROM $db_char.characters where guid='$guid'");
- while($cchar = mysql_fetch_array($pulldata)){$acct[0] = $cchar['account'];}
- $gotdata = mysql_num_rows($pulldata); if($gotdata != 1){print'<br/><center>The character you selected does not exist.</center>';}
- if($gotdata == 1){
- $get_acct = mysql_query("SELECT * FROM $db_account.account WHERE username='$login[0]'");
- while($gact = mysql_fetch_array($get_acct)){$acct[1] = $gact['id'];}
- if($acct[0] != $acct[1]){print'<br/><center>The character you selected is not yours.</center>';}}
- if($gotdata == 1 && $acct[0] == $acct[1]){
- $px='-14406.599609';
- $py='419.352997';
- $pz='22.390306';
- $o='0.000000';
- $m='0';
- $z='33';
- mysql_query("DELETE FROM $db_char.corpse WHERE player='$guid'");
- //$query_select = "SELECT map, zone, position_x, position_y, position_z FROM $db_char.character_homebind WHERE guid = '".$char_array_acc['guid']."' LIMIT 1";
- //$query_result = mysql_query($query_select) or die(mysql_error());
- //$query_array = mysql_fetch_array($query_result);
- //echo $query_select;
- $final = "UPDATE $db_char.characters SET drunk = 0, playerFlags = playerFlags & ~ 16, position_x = '$px', position_y = '$py', position_z = '$pz', zone = '$z', map = '$m' WHERE guid='$guid' AND account='$acct[0]' AND account='$acct[1]' LIMIT 1";
- $query_final = mysql_query($final) or die(mysql_error());
- $aura_query = "DELETE FROM $db_char.character_aura WHERE guid='$guid'";
- mysql_query($aura_query) or die (mysql_error());
- print'<br/><center>Your character has been teleported to Booty Bay.<br/>If your character was dead, it has been revived.</center>';
- }}}
- //End Unstuck/Revive
- //News Get Function
- function snews(){
- include("./core/core_includes/config.php");
- $query_news = mysql_query("SELECT * FROM $db_site.news");
- while($qn = mysql_fetch_array($query_news)){
- $id = $qn['id']; $post = $qn['title']; $date = $qn['date'];
- $value = "{$post} @ {$date}";
- print'<option value="'.$id.'">'.$value.'</option>';
- }}
- //End News Get
- //Manage News Function
- function mnews(){
- include("./core/core_includes/config.php");
- if(isset($_POST['edit'])){
- $id = stripslashes(htmlentities($_POST['option']));
- header("Location: ./page.php?acp=edit_news&id=$id");
- }
- if(isset($_POST['delete'])){
- $id = stripslashes(htmlentities($_POST['option']));
- $check_id = mysql_query("SELECT * FROM $db_site.news WHERE id='$id'");
- $checked = mysql_num_rows($check_id);
- if($checked == 1){
- mysql_query("DELETE FROM $db_site.news WHERE id='$id'");
- print'Selected Post Was Deleted, please refresh tools.';}else{print'Invalid Id.';}
- }
- if(isset($_POST['post'])){
- $title = mysql_real_escape_string(stripslashes(htmlentities($_POST['title'])));
- $post = mysql_real_escape_string(stripslashes(htmlentities($_POST['body'])));
- $date = date("m/d/y");
- $insert = mysql_query("INSERT INTO $db_site.news (title, author, date, post)
- VALUES ('$title', '$login[0]', '$date', '$post')");
- if (!$insert)
- {
- die('News Error: ' . mysql_error());
- }else{print'News was posted.';}
- }
- if(isset($_POST['edit_news'])){
- $title = mysql_real_escape_string(stripslashes(htmlentities($_POST['title'])));
- $post = mysql_real_escape_string(stripslashes(htmlentities($_POST['body'])));
- $id = stripslashes(htmlentities($_GET['id']));
- mysql_query("UPDATE $db_site.news SET title='$title', post='$post' WHERE id='$id'");
- print'Post was updated, please refresh tools.';
- }
- }
- //End News
- //Edit News
- function enews(){
- include("./core/core_includes/config.php");
- $id = stripslashes(htmlentities($_GET['id']));
- $select = mysql_query("SELECT * FROM $db_site.news WHERE id='$id'");
- while($gst = mysql_fetch_array($select)){
- $title = $gst['title'];
- $post = $gst['post'];
- }
- ?>
- <table align="center"><form action="./page.php?acp=news&id=<?php echo $id; ?>" method="post">
- <tr><td><select id="sdrop-large" name="option"><option>Edit or Delete a selected title</option><?php snews(); ?></select><input type="submit" name="edit" value="Edit"><input type="submit" name="delete" value="Delete"></td></tr>
- <tr><td><input type="text" name="title" id="body-title" value="<?php echo $title; ?>"></td></tr>
- <tr><td><textarea name="body" id="create-body"><?php echo $post; ?></textarea></td></tr>
- <tr><td>
- <input type="button" value="Bold" onclick="formatText(body,'b')">
- <input type="button" value="Italic" onclick="formatText(body,'i')">
- <input type="button" value="Underline" onclick="formatText(body,'u')">
- <input type="button" value="Img" onclick="formatText(body,'img')">
- <input type="button" value="Url" onclick="formatText(body,'url')">
- <input type="button" value="Mail" onclick="formatText(body,'mail')">
- <font size="2">Modified Example: [url=][/url]</font>
- </td></tr><tr><td align="right">
- <img src="./core/images/smilies/big_smile.png" onclick=" insertSmiley(':big_smile:')" />
- <img src="./core/images/smilies/cool.png" onclick="insertSmiley(':cool:')" />
- <img src="./core/images/smilies/hmm.png" onclick="insertSmiley(':hmm:')" />
- <img src="./core/images/smilies/lol.png" onclick="insertSmiley(':lol:')" />
- <img src="./core/images/smilies/mad.png" onclick="insertSmiley(':mad:')" />
- <img src="./core/images/smilies/neutral.png" onclick="insertSmiley(':neutral:')" />
- <img src="./core/images/smilies/roll.png" onclick="insertSmiley(':roll:')" />
- <img src="./core/images/smilies/sad.png" onclick="insertSmiley(':sad:')" />
- <img src="./core/images/smilies/smile.png" onclick="insertSmiley(':smile:')" />
- <img src="./core/images/smilies/tongue.png" onclick="insertSmiley(':tongue:')" />
- <img src="./core/images/smilies/wink.png" onclick="insertSmiley(':wink:')" />
- <img src="./core/images/smilies/yikes.png" onclick="insertSmiley(':yikes:')" />
- <input type="submit" name="edit_news" value="Edit News"></td></tr>
- <form></table>
- <?php }
- //End Edit News
- //Empty Shouts
- function truncate(){
- if(isset($_POST['shout_clean'])){
- mysql_query("TRUNCATE $db_site.shouts");
- print'ShoutBox is now empty.';
- }}
- //End Empty Shouts
- //Search Account Function
- function searcha(){
- include("./core/core_includes/config.php");
- if(isset($_POST['searcha'])){
- $account = mysql_real_escape_string(stripslashes(htmlentities($_POST['account'])));
- if(!empty($_POST['account'])){
- $search = mysql_query("SELECT * FROM $db_account.account WHERE username='$account'");
- $check = mysql_num_rows($search);
- while($acc = mysql_fetch_array($search)){$user = $acc['username'];}
- if($check == 1){print'<center><br/>[<a href="./page.php?acp=users&user='.$user.'">Edit '.$user.'</a>]</center>';}else{print'<center><br/>Account not found in our records.</center>';}
- }else{print'<center><br/>Account not found in our records.</center>';}
- }
- }
- //End Search Account
- //Edit Account function
- function edita(){
- include("./core/core_includes/config.php");
- $user = stripslashes(htmlentities($_GET['user']));
- $account_info = mysql_query("SELECT * FROM $db_account.account WHERE username='$user'");
- while ($acci = mysql_fetch_array($account_info)){
- print'<table align="center"><form action="" method="post">
- <tr><td>Account:</td><td>'.$acci['username'].'</td></tr>
- <tr><td>Email:</td><td>'.$acci['email'].'</td></tr>
- <tr><td>Banned:</td><td><input type="text" name="banned" id="login" value="'.$acci['locked'].'"></td></tr>
- <tr><td>Muted:</td><td><input type="text" name="muted" id="login" value="'.$acci['mutetime'].'"></td></tr>
- <tr><td>Vote Points:</td><td><input type="text" name="vp" id="login" value="'.$acci['vp'].'"></td></tr>
- <tr><td>V.I.P Points:</td><td><input type="text" name="dp" id="login" value="'.$acci['dp'].'"></td></tr>
- <tr><td></td><td align="center"><input type="submit" name="edit" value="Edit User" id="login-button"></td></tr>
- </form></table>';
- }
- if(isset($_POST['edit'])){
- $banned = mysql_real_escape_string(stripslashes(htmlentities($_POST['banned'])));
- $muted = mysql_real_escape_string(stripslashes(htmlentities($_POST['muted'])));
- $vp = mysql_real_escape_string(stripslashes(htmlentities($_POST['vp'])));
- $dp = mysql_real_escape_string(stripslashes(htmlentities($_POST['dp'])));
- mysql_query("UPDATE $db_account.account SET locked='$banned', mutetime='$muted', vp='$vp', dp='$dp' WHERE username='$user'");
- print'<br/><center>Changes made to the account "'.$user.'" were saved, Please refresh the tool.';
- }}
- //End Edit Account
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement