API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 20th, 2018
267
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 64.83 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. /**
  4. ***************************************
  5. ** FreeTSP Version: 2.0 Multilingual **
  6. ***************************************
  7. ** http://www.freetsp.com
  8. ** Licence Info: GPL
  9. ** Copyright (C) 2017 FreeTSP v2.0 Multilingual
  10. ** A bittorrent tracker source based on TBDev.net/tbsource/bytemonsoon.
  11. ** Full Respects & Credits To Mindless & All The Team @ U232
  12. ** Project Leaders. Fireknight & Rushed.
  13. ** Project Founder: Krypto.
  14. **/
  15.  
  16. require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'functions' . DIRECTORY_SEPARATOR . 'function_main.php');
  17. require_once(FUNC_DIR . 'function_user.php');
  18. require_once(FUNC_DIR . 'function_staffconfig.php');
  19. require_once(FUNC_DIR . 'function_vfunctions.php');
  20. require_once(FUNC_DIR . 'function_page_verify.php');
  21.  
  22. db_connect(false);
  23. logged_in();
  24.  
  25. $lang = array_merge(load_language('modtask'),
  26. load_language('global'));
  27.  
  28. $newpage = new page_verify();
  29. $newpage->check('_modtask_');
  30. $staff_code = $staff_code;
  31.  
  32. if ($CURUSER['class'] < UC_MODERATOR
  33. || $CURUSER['staff_access'] == "no"
  34. || $CURUSER['mod_access'] == "no"
  35. || $CURUSER['staff_code'] != "$staff_code")
  36. {
  37. die();
  38. }
  39.  
  40. //----- Correct Call To Script -----//
  41.  
  42. if ((isset($_POST['action'])) && ($_POST['action'] == 'edituser'))
  43. {
  44. //----- Set User ID -----//
  45.  
  46. if (isset($_POST['userid']))
  47. {
  48. $userid = $_POST['userid'];
  49. }
  50.  
  51. else
  52. {
  53. die();
  54. }
  55.  
  56. //----- And Verify -----//
  57.  
  58. if (!is_valid_id($userid))
  59. {
  60. error_message_center("error",
  61. "{$lang['gbl_error']}",
  62. "{$lang['err_bad_id']}");
  63. }
  64.  
  65. //----- Handle CSRF (Modtask Posts Form Other Domains, Especially To Update Class) -----//
  66.  
  67. require_once(FUNC_DIR . 'function_user_validator.php');
  68.  
  69. if (!validate($_POST['validator'], "ModTask_$userid"))
  70. {
  71. //die ("Invalid");
  72. error_message_center("error",
  73. "{$lang['gbl_error']}",
  74. "{$lang['err_inv_id']}");
  75. }
  76.  
  77. //----- Fetch Current User Data -----//
  78.  
  79. $res = sql_query("SELECT *
  80. FROM users
  81. WHERE id = " . sqlesc($userid)) or sqlerr(__FILE__, __LINE__);
  82.  
  83. $user = mysqli_fetch_assoc($res) or sqlerr(__FILE__, __LINE__);
  84.  
  85. //-----Used In Writing To Staff Log -----//
  86.  
  87. $username = $user['username'];
  88.  
  89. //----- Check To Make Sure Your Not Editing Someone Of The Same Or Higher Class -----//
  90.  
  91. if ($CURUSER['class'] <= $user['class']
  92. && ($CURUSER['id'] != $userid
  93. && $CURUSER['class'] < UC_ADMINISTRATOR))
  94. {
  95. error_message_center("warn",
  96. "{$lang['gbl_warning']}",
  97. "{$lang['err_same_class']}");
  98. }
  99.  
  100. $updateset = array();
  101.  
  102. $modcomment = (isset($_POST['modcomment']) && $CURUSER['class'] >= UC_SYSOP) ? $_POST['modcomment'] : $user['modcomment'];
  103.  
  104. //----- User Class -----//
  105.  
  106. if ((isset($_POST['class'])) && (($class = $_POST['class']) != $user['class']))
  107. {
  108. $curclass = $user['class'];
  109.  
  110. if ($class >= UC_MANAGER
  111. || ($class >= $CURUSER['class'])
  112. || ($user['class'] >= $CURUSER['class']))
  113. {
  114. error_message_center("error",
  115. "{$lang['err_user_error']}",
  116. "{$lang['err_try_again']}");
  117. }
  118.  
  119. if (!is_valid_user_class($class) || $CURUSER['class'] <= $_POST['class'])
  120. {
  121. error_message_center("error",
  122. "{$lang['gbl_error']}",
  123. "{$lang['err_bad_class']}");
  124. }
  125.  
  126. //----- Promoted / Demoted PM -----//
  127.  
  128. $what = ($class > $user['class'] ? "{$lang['text_promoted']}" : "{$lang['text_demoted']}");
  129.  
  130. $msg = sqlesc("{$lang['msg_you_have']}$what{$lang['msg_to']}'" . get_user_class_name($class) . "'{$lang['msg_by']}{$CURUSER['username']}");
  131.  
  132. $subject = sqlesc("{$lang['msg_class_subject']}");
  133.  
  134. $added = sqlesc(get_date_time());
  135.  
  136. sql_query("INSERT INTO messages (sender, receiver, msg, added, subject)
  137. VALUES(0, $userid, $msg, $added, $subject)") or sqlerr(__FILE__, __LINE__);
  138.  
  139. $updateset[] = "class = " . sqlesc($class);
  140.  
  141. //----- Lower Than Uploader Class -----//
  142.  
  143. if ($class <= '39')
  144. {
  145. $updateset[] = "protected = 'no'";
  146. $updateset[] = "staff_code = ''";
  147. $updateset[] = "staff_access = 'no'";
  148. $updateset[] = "mod_access = 'no'";
  149. $updateset[] = "admin_access = 'no'";
  150. $updateset[] = "sysop_access = 'no'";
  151. $updateset[] = "manager_access = 'no'";
  152. }
  153.  
  154. //----- Uploader Class -----//
  155.  
  156. elseif ($class == '40')
  157. {
  158. $updateset[] = "protected = 'yes'";
  159. $updateset[] = "staff_code = ''";
  160. $updateset[] = "staff_access = 'no'";
  161. $updateset[] = "mod_access = 'no'";
  162. $updateset[] = "admin_access = 'no'";
  163. $updateset[] = "sysop_access = 'no'";
  164. $updateset[] = "manager_access = 'no'";
  165. }
  166.  
  167. //----- Moderator Class -----//
  168.  
  169. elseif ($class == '50')
  170. {
  171. $updateset[] = "protected = 'yes'";
  172. $updateset[] = "staff_code = " . sqlesc($staff_code);
  173. $updateset[] = "staff_access = 'yes'";
  174. $updateset[] = "mod_access = 'yes'";
  175. $updateset[] = "admin_access = 'no'";
  176. $updateset[] = "sysop_access = 'no'";
  177. $updateset[] = "manager_access = 'no'";
  178. }
  179.  
  180. //----- Administrator Class -----//
  181.  
  182. elseif ($class == '60')
  183. {
  184. $updateset[] = "protected = 'yes'";
  185. $updateset[] = "staff_code = " . sqlesc($staff_code);
  186. $updateset[] = "staff_access = 'yes'";
  187. $updateset[] = "mod_access = 'yes'";
  188. $updateset[] = "admin_access = 'yes'";
  189. $updateset[] = "sysop_access = 'no'";
  190. $updateset[] = "manager_access = 'no'";
  191. }
  192.  
  193. //----- Sysop Class -----//
  194.  
  195. elseif ($class == '70')
  196. {
  197. $updateset[] = "protected = 'yes'";
  198. $updateset[] = "staff_code = " . sqlesc($staff_code);
  199. $updateset[] = "staff_access = 'yes'";
  200. $updateset[] = "mod_access = 'yes'";
  201. $updateset[] = "admin_access = 'yes'";
  202. $updateset[] = "sysop_access = 'yes'";
  203. $updateset[] = "manager_access = 'no'";
  204. }
  205.  
  206. $modcomment = gmdate("Y-m-d") . " - $what{$lang['text_to']}'" . get_user_class_name($class) . "'{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
  207.  
  208. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  209. -- {$lang['stafflog_was']}$what{$lang['stafflog_from']}" . get_user_class_name($curclass) . "{$lang['stafflog_to']}" . get_user_class_name($class) . "
  210. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  211. }
  212.  
  213. //----- Invite Rights Enabled -----//
  214.  
  215. if ((isset($_POST['invite_rights'])) && (($invite_rights = $_POST['invite_rights']) != $user['invite_rights']))
  216. {
  217. if ($invite_rights == 'yes')
  218. {
  219. $modcomment = gmdate("Y-m-d") . " - {$lang['text_invite_enabled']}" . htmlspecialchars($CURUSER['username']) . ".\n\n" . $modcomment;
  220.  
  221. $msg = sqlesc("{$lang['msg_can_invite']}" . htmlspecialchars($CURUSER['username']) . ".{$lang['msg_can_invite1']}");
  222.  
  223. $subject = sqlesc("{$lang['msg_invite_subject']}");
  224.  
  225. $added = sqlesc(get_date_time());
  226.  
  227. sql_query("INSERT INTO messages (sender, receiver, msg, added, subject)
  228. VALUES (0, $userid, $msg, $added, $subject)") or sqlerr(__FILE__, __LINE__);
  229.  
  230. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  231. -- {$lang['stafflog_invite_enabled']} --
  232. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  233. }
  234.  
  235. if ($invite_rights == 'no')
  236. {
  237. $modcomment = gmdate("Y-m-d") . " - {$lang['text_invite_disabled']}" . htmlspecialchars($CURUSER['username']) . ".\n\n" . $modcomment;
  238.  
  239. $msg = sqlesc("{$lang['msg_invite_removed']}" . htmlspecialchars($CURUSER['username']) . ",{$lang['msg_bad_user']}");
  240.  
  241. $subject = sqlesc("{$lang['msg_invite_subject']}");
  242.  
  243. $added = sqlesc(get_date_time());
  244.  
  245. sql_query("INSERT INTO messages (sender, receiver, msg, added, subject)
  246. VALUES (0, $userid, $msg, $added, $subject)") or sqlerr(__FILE__, __LINE__);
  247.  
  248. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  249. -- {$lang['stafflog_invite_disabled']} --
  250. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  251. }
  252.  
  253. $updateset[] = "invite_rights = " . sqlesc($invite_rights);
  254. }
  255.  
  256. //----- Change Amount Of Invites -----//
  257.  
  258. if ((isset($_POST['invites'])) && (($invites = $_POST['invites']) != ($curinvites = $user['invites'])))
  259. {
  260. $modcomment = gmdate("Y-m-d") . " - {$lang['text_invite_change']}'$curinvites'{$lang['text_to']}'$invites'{$lang['text_by']}" . htmlspecialchars($CURUSER['username']) . ".\n\n" . $modcomment;
  261.  
  262. $updateset[] = "invites = " . sqlesc($invites);
  263.  
  264. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  265. -- {$lang['stafflog_invite_change']}'$curinvites'{$lang['stafflog_to']}'$invites'
  266. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  267. }
  268.  
  269. //----- Warning Removed - Code Not Called For Setting Warning -----//
  270.  
  271. if (isset($_POST['warned']) && (($warned = $_POST['warned']) != $user['warned']))
  272. {
  273. $updateset[] = "warned = " . sqlesc($warned);
  274. $updateset[] = "warneduntil = '0000-00-00 00:00:00'";
  275.  
  276. if ($warned == 'no')
  277. {
  278. $modcomment = gmdate("Y-m-d")." - {$lang['text_warn_removed']}{$CURUSER['username']}.\n\n" . $modcomment;
  279. $msg = sqlesc("{$lang['msg_warn_removed']}{$CURUSER['username']}.");
  280. $subject = sqlesc("{$lang['msg_warn_subject']}");
  281. $added = sqlesc(get_date_time());
  282.  
  283. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
  284. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  285.  
  286. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  287. -- {$lang['stafflog_warn_removed']} --
  288. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  289. }
  290. }
  291.  
  292. //----- Warned Until Further Notice -----//
  293.  
  294. if (isset($_POST['warnlength']) && ($warnlength = 0 + $_POST['warnlength']))
  295. {
  296. unset($warnpm);
  297.  
  298. if (empty($_POST["warnpm"]))
  299. {
  300. error_message_center("error",
  301. "{$lang['err_user_error']}",
  302. "{$lang['err_empty_field']}");
  303. }
  304.  
  305. if (isset($_POST['warnpm']))
  306. {
  307. $warnpm = $_POST['warnpm'];
  308. }
  309.  
  310. if ($warnlength == 255)
  311. {
  312. $modcomment = gmdate("Y-m-d") . " - {$lang['text_warn_infinate']}.\n{$lang['text_reason']}$warnpm\n\n" . $modcomment;
  313.  
  314. $msg = sqlesc("{$lang['msg_warn_by']}{$CURUSER['username']}" . ($warnpm ? "\n\n{$lang['msg_reason']}$warnpm" : ""));
  315.  
  316. $updateset[] = "warneduntil = '0000-00-00 00:00:00'";
  317.  
  318. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  319. -- {$lang['stafflog_warn_reason']}'<strong>$warnpm</strong>'
  320. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  321. }
  322.  
  323. else
  324. {
  325. $warneduntil = get_date_time(gmtime() + $warnlength * 604800);
  326.  
  327. $dur = $warnlength . "{$lang['text_week']}" . ($warnlength > 1 ? "{$lang['text_s']}" : "");
  328.  
  329. $msg = sqlesc("{$lang['msg_you_have_rcvd']} $dur {$lang['msg_rules_warn']}{$CURUSER['username']}" . ($warnpm ? "\n\n{$lang['msg_reason']}$warnpm" : ''));
  330.  
  331. $modcomment = gmdate("Y-m-d") . " - {$lang['text_warn_for']}$dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$warnpm\n\n" . $modcomment;
  332.  
  333. $updateset[] = "warneduntil = " . sqlesc($warneduntil);
  334.  
  335. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  336. -- {$lang['stafflog_warn_for']}$dur {$lang['stafflog_reason']}'<strong>$warnpm</strong>'
  337. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  338. }
  339.  
  340. $added = sqlesc(get_date_time());
  341. $subject = sqlesc("{$lang['msg_warn_subject']}");
  342.  
  343. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
  344. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  345.  
  346. $updateset[] = "warned = 'yes'";
  347. }
  348.  
  349. //----- Donor Status Removed - Code Not Called For Setting Donor -----//
  350.  
  351. if (isset($_POST['donor']) && (($donor = $_POST['donor']) != $user['donor']))
  352. {
  353. $updateset[] = "donor = " . sqlesc($donor);
  354. $updateset[] = "donoruntil = '0000-00-00 00:00:00'";
  355. if ($donor == 'no')
  356. {
  357. $modcomment = gmdate("Y-m-d") . " - {$lang['text_donor_removed']}{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
  358.  
  359. $msg = sqlesc("{$lang['msg_donor_expired']}");
  360.  
  361. $added = sqlesc(get_date_time());
  362.  
  363. sql_query("INSERT INTO messages (sender, receiver, msg, added)
  364. VALUES (0, $userid, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  365.  
  366. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  367. -- {$lang['stafflog_donor_removed']} --
  368. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  369. }
  370.  
  371. elseif ($donor == 'yes')
  372. {
  373. $modcomment = gmdate("Y-m-d") . " - {$lang['text_donor_added']}{$CURUSER['username']}.\n\n" . $modcomment;
  374.  
  375. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  376. -- {$lang['stafflog_donor_added_by']} --
  377. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  378. }
  379. }
  380.  
  381.  
  382. // === add donated amount to user and to funds table
  383. if ((isset($_POST['donated'])) && (($donated = $_POST['donated']) != $user['donated'])) {
  384. $added = sqlesc(get_date_time());
  385. sql_query("INSERT INTO funds (cash, user, added) VALUES ($donated, $userid, $added)") or sqlerr(__file__, __line__);
  386. $updateset[] = "donated = " . sqlesc($donated);
  387. $updateset[] = "total_donated = $user[total_donated] + " . sqlesc($donated);
  388. $modcomment = gmdate("Y-m-d") . " - {$lang['text_donation']} ".$donated." {$lang['text_donation1']}\n" . $modcomment;
  389.  
  390. }
  391. // ====end
  392.  
  393. // === Set Donor - Time based
  394. if ((isset($_POST['donorlength'])) && ($donorlength = 0 + $_POST['donorlength'])) {
  395. if ($donorlength == 255) {
  396. $modcomment = gmdate("Y-m-d") . " - {$lang['text_donor_set_permanent']}{$CURUSER['username']}.\n\n" . $modcomment;
  397. $msg = sqlesc("{$lang['msg_donor_status']}{$CURUSER['username']}.");
  398. $subject = sqlesc("{$lang['msg_donor_status']}");
  399. $updateset[] = "donoruntil = '0000-00-00 00:00:00'";
  400. }
  401. else {
  402. $donoruntil = get_date_time(gmtime() + $donorlength * 604800);
  403. $dur = $donorlength . " $lang['text_donor_time']}" . ($donorlength > 1 ? "s" : "");
  404. $msg = sqlesc("{$lang['msg_donor_msg']} " . $user['username'] . "
  405.  
  406. {$lang['msg_donor_msg1']} {$FTSP['$site_name']}
  407.  
  408. As a donor,you are given some bonus gigs added to your uploaded amount (if you donated for that option), the status of VIP, Immunity from ratio warnings and download bans, access to your own forum and the warm fuzzy feeling you get inside for helping to support this site that we all know and love
  409.  
  410. {$lang['msg_donor_subject']}
  411. {$FTSP['$site_name']} {$lang['msg_staff']}
  412.  
  413. PS. Your donator status will last for $dur and can be found on your user details page and can only be seen by you :smile: It was set by " .$CURUSER['username']);
  414. $subject = sqlesc("Thank You for Your Donation!");
  415. if ($user['class'] < UC_VIP)
  416. {
  417. $modcomment = gmdate("Y-m-d") . " - Donor status set for $dur and promoted to VIP by " . $CURUSER['username'] . ". \n" . $modcomment;
  418. }
  419. else
  420. $modcomment = gmdate("Y-m-d") . " - Donor status set for $dur by " . $CURUSER['username'] . ". \n" . $modcomment;
  421. $updateset[] = "donoruntil = " . sqlesc($donoruntil);
  422. write_stafflog("<strong><a href='userdetails.php?id=$userid'>$user[username]</a></strong> - Donor status set for $dur by - $CURUSER[username]. \n");
  423.  
  424. }
  425. $added = sqlesc(get_date_time());
  426. sql_query("INSERT INTO messages (sender, subject, receiver, msg, added) VALUES (0, $subject, $userid, $msg, $added)") or sqlerr(__file__, __line__);
  427. $updateset[] = "donor = 'yes'";
  428. $res = sql_query("SELECT class FROM users WHERE id = $userid") or sqlerr(__file__,__line__);
  429. $arr = mysqli_fetch_assoc($res) or sqlerr(__FILE__, __LINE__);
  430. if ($user['class'] < UC_VIP)
  431. $updateset[] = "class = '30'"; //=== set this to the number for vip on your server
  432.  
  433. }
  434.  
  435. // === add to Donor length // thanks to CoLdFuSiOn & ShadowLeader
  436. if ((isset($_POST['donorlengthadd'])) && ($donorlengthadd = 0 + $_POST['donorlengthadd'])) {
  437. $donoruntil = $user["donoruntil"];
  438. $dur = $donorlengthadd . " week" . ($donorlengthadd > 1 ? "s" : "");
  439. $msg = sqlesc("Dear " . $user['username'] . "
  440. :wave:
  441. Thanks for your continued support to $site_name !
  442. Your donation helps us in the costs of running the site. Everything above the current running costs will go towards next months costs!
  443. As a donor you are given some bonus gigs added to your uploaded amount (if you donated for that option), the status of VIP, Immunity from ratio warnings and download bans, access to your own forum and, you have the the status of VIP, and the warm fuzzy feeling you get inside for helping to support this site that we all know and love :smile:
  444.  
  445. so, thanks again, and enjoy!
  446. cheers,
  447. $site_name Staff
  448.  
  449. PS. Your donator status will last for an extra $dur on top of your current donation status, and can be found on your user details page and can only be seen by you :smile: It was set by " .$CURUSER['username']);
  450.  
  451. $subject = sqlesc("Thank You for Your Donation... Again!");
  452. $modcomment = gmdate("Y-m-d") . " - Donator status set for another $dur by " . $CURUSER['username'] .".\n" . $modcomment;
  453. write_stafflog("<strong><a href='userdetails.php?id=$userid'>$user[username]</a></strong> - Donor status set for another $dur by - $CURUSER[username]. \n");
  454.  
  455. $donorlengthadd = $donorlengthadd * 7;
  456. sql_query("UPDATE users SET donoruntil = IF(donoruntil='0000-00-00 00:00:00', ADDDATE(NOW(), INTERVAL $donorlengthadd DAY ), ADDDATE( donoruntil, INTERVAL $donorlengthadd DAY)) WHERE id = $userid") or sqlerr(__file__, __line__);
  457. $added = sqlesc(get_date_time());
  458. sql_query("INSERT INTO messages (sender, subject, receiver, msg, added) VALUES (0, $subject, $userid, $msg, $added)") or sqlerr(__file__, __line__);
  459. $updateset[] = "donated = $user[donated] + " . sqlesc($_POST['donated']);
  460. $updateset[] = "total_donated = $user[total_donated] + " . sqlesc($_POST['donated']);
  461. }
  462. // === end add to Donor length
  463.  
  464.  
  465. //----- Change Users Signature -----//
  466.  
  467. if ((isset($_POST['signature'])) && (($signature = $_POST['signature']) != ($cursignature = $user['signature'])))
  468. {
  469. $modcomment = gmdate("Y-m-d") . " - {$lang['text_sig_changed']}'$cursignature'{$lang['text_to']}'$signature'{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
  470.  
  471. $updateset[] = "signature = " . sqlesc($signature);
  472.  
  473. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  474. -- {$lang['stafflog_sig_changed']}'$cursignature'{$lang['stafflog_to']}'$signature'
  475. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  476. }
  477.  
  478. //----- Moderator Rights Enabled -----//
  479.  
  480. if (isset($_POST['mod_access']) && (($mod_access = $_POST['mod_access']) != $user['mod_access']))
  481. {
  482. if ($mod_access == 'yes')
  483. {
  484. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_modaccess']}" . $CURUSER['username'] . ".\n\n". $modcomment;
  485.  
  486. write_stafflog("<a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid><strong>$username</strong></a> -- {$lang['stafflog_account_modaccess']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}>{$CURUSER['username']}</a></strong>");
  487.  
  488. $updateset[] = "mod_access = " . sqlesc($mod_access);
  489. }
  490.  
  491. if ($mod_access == 'no')
  492. {
  493. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_nomodaccess']}" . $CURUSER['username'] . ".\n\n". $modcomment;
  494.  
  495. write_stafflog("<a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid><strong>$username</strong></a> -- {$lang['stafflog_account_nomodaccess']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}>
  496. {$CURUSER['username']}</a></strong>");
  497.  
  498. $updateset[] = "mod_access = " . sqlesc($mod_access);
  499. }
  500. }
  501.  
  502. //----- Administrator Rights Enabled -----//
  503.  
  504. if (isset($_POST['admin_access']) && (($admin_access = $_POST['admin_access']) != $user['admin_access']))
  505. {
  506. if ($admin_access == 'yes')
  507. {
  508. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_adminaccess']}" . $CURUSER['username'] . ".\n\n". $modcomment;
  509.  
  510. write_stafflog("<a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid><strong>$username</strong></a> -- {$lang['stafflog_account_adminaccess']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}>{$CURUSER['username']}</a></strong>");
  511.  
  512. $updateset[] = "admin_access = " . sqlesc($admin_access);
  513. }
  514.  
  515. if ($admin_access == 'no')
  516. {
  517. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_noadminaccess']}" . $CURUSER['username'] . ".\n\n". $modcomment;
  518. write_stafflog("<a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid><strong>$username</strong></a> -- {$lang['stafflog_account_noadminaccess']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}>
  519. {$CURUSER['username']}</a></strong>");
  520.  
  521. $updateset[] = "admin_access = " . sqlesc($admin_access);
  522. }
  523. }
  524.  
  525. //----- SysOp Rights Enabled -----//
  526.  
  527. if (isset($_POST['sysop_access']) && (($sysop_access = $_POST['sysop_access']) != $user['sysop_access']))
  528. {
  529. if ($sysop_access == 'yes')
  530. {
  531. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_sysopaccess']}" . $CURUSER['username'] . ".\n\n". $modcomment;
  532.  
  533. write_stafflog("<a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid><strong>$username</strong></a> -- {$lang['stafflog_account_sysopaccess']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}>{$CURUSER['username']}</a></strong>");
  534.  
  535. $updateset[] = "sysop_access = " . sqlesc($sysop_access);
  536. }
  537.  
  538. if ($sysop_access == 'no')
  539. {
  540. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_nosysopaccess']}" . $CURUSER['username'] . ".\n\n". $modcomment;
  541. write_stafflog("<a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid><strong>$username</strong></a> -- {$lang['stafflog_account_nosysopaccess']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}>
  542. {$CURUSER['username']}</a></strong>");
  543.  
  544. $updateset[] = "sysop_access = " . sqlesc($sysop_access);
  545. }
  546. }
  547.  
  548. //----- Enable / Disable User Account -----//
  549.  
  550. if ((isset($_POST['enabled'])) && (($enabled = $_POST['enabled']) != $user['enabled']))
  551. {
  552. if ($enabled == 'yes')
  553. {
  554. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
  555.  
  556. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  557. -- {$lang['stafflog_account_enabled']} --
  558. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  559. }
  560.  
  561. else
  562. {
  563. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_disabled']}{$CURUSER['username']}.\n\n" . $modcomment;
  564.  
  565. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  566. -- {$lang['stafflog_account_disabled']} --
  567. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  568. }
  569.  
  570. $updateset[] = "enabled = " . sqlesc($enabled);
  571. }
  572.  
  573. //----- Park / Un-Park User Account -----//
  574.  
  575. if ((isset($_POST['parked'])) && (($parked = $_POST['parked']) != $user['parked']))
  576. {
  577. if ($parked == 'yes')
  578. {
  579. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_parked']}{$CURUSER['username']}.\n\n" . $modcomment;
  580.  
  581. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  582. -- {$lang['stafflog_account_parked']} --
  583. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  584. }
  585.  
  586. else
  587. {
  588. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_unparked']}{$CURUSER['username']}.\n\n" . $modcomment;
  589.  
  590. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  591. -- {$lang['stafflog_account_unparked']} --
  592. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  593. }
  594.  
  595. $updateset[] = "parked = " . sqlesc($parked);
  596. }
  597.  
  598. //----- Protect User Account From Low Ratio Download Ban -----//
  599.  
  600. if (isset($_POST['protected']) && (($protected = $_POST['protected']) != $user['protected']))
  601. {
  602. if ($protected == 'yes')
  603. {
  604. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_protected']}" . $CURUSER['username'] . ".\n". $modcomment;
  605.  
  606. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  607. -- {$lang['stafflog_account_protected']} --
  608. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  609.  
  610. $updateset[] = "protected = " . sqlesc($protected);
  611. }
  612.  
  613. if ($protected == 'no')
  614. {
  615. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_unprotected']}" . $CURUSER['username'] . ".\n". $modcomment;
  616.  
  617. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  618. -- {$lang['stafflog_account_unprotected']} --
  619. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  620.  
  621. $updateset[] = "protected = " . sqlesc($protected);
  622. }
  623. }
  624.  
  625. //----- Forum Permissions Enabled -----//
  626.  
  627. if ((isset($_POST['forumpos'])) && (($forumpos = $_POST['forumpos']) != $user['forumpos']))
  628. {
  629. if ($forumpos == 'yes')
  630. {
  631. $modcomment = gmdate("Y-m-d") . " - {$lang['text_forum_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
  632. $msg = sqlesc("{$lang['msg_forum_enabled']}\n{$lang['msg_be_careful']}");
  633. $added = sqlesc(get_date_time());
  634. $subject = sqlesc("{$lang['msg_forum_status']}");
  635.  
  636. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
  637. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  638.  
  639. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  640. -- {$lang['stafflog_forum_enabled']} --
  641. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  642. }
  643. $updateset[] = "forumpos = " . sqlesc($forumpos);
  644. }
  645.  
  646. //----- Forum Permissions Disabled Until Further Notice -----//
  647.  
  648. if (isset($_POST['forumposuntillength']) && ($forumposuntillength = 0 + $_POST['forumposuntillength']))
  649. {
  650. unset($forumposuntilpm);
  651.  
  652. if (empty($_POST["forumposuntilpm"]))
  653. {
  654. error_message_center("error",
  655. "{$lang['err_user_error']}",
  656. "{$lang['err_empty_field']}");
  657. }
  658.  
  659. if (isset($_POST['forumposuntilpm']))
  660. {
  661. $forumposuntilpm = $_POST['forumposuntilpm'];
  662. }
  663.  
  664. if ($forumposuntillength == 255)
  665. {
  666. $modcomment = gmdate("Y-m-d") . " - {$lang['text_forum_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$forumposuntilpm\n\n" . $modcomment;
  667.  
  668. $msg = sqlesc("{$lang['msg_forum_disabled']} \n{$lang['msg_contact_staff']}");
  669.  
  670. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  671. -- {$lang['stafflog_forum_disabled']}'<strong>$forumposuntilpm</strong>'
  672. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  673.  
  674. $updateset[] = "forumposuntil = '0000-00-00 00:00:00'";
  675. }
  676.  
  677. else
  678. {
  679. $forumposuntil = get_date_time(gmtime() + $forumposuntillength * 604800);
  680.  
  681. $dur = $forumposuntillength . "{$lang['text_week']}" . ($forumposuntillength > 1 ? "{$lang['text_s']}" : '');
  682.  
  683. $msg = sqlesc("{$lang['msg_forum_removed_time']}- $dur{$lang['text_by']}{$CURUSER['username']}" . ($forumposuntilpm ? "\n\n{$lang['msg_reason']}$forumposuntilpm" :''));
  684.  
  685. $modcomment = gmdate("Y-m-d") . " - {$lang['text_forum_disabled_time']}$dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['stafflog_reason']}$forumposuntilpm\n\n" . $modcomment;
  686.  
  687. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  688. -- {$lang['stafflog_forum_disabled_time']}$dur. {$lang['stafflog_reason']}'<strong>$forumposuntilpm</strong>'
  689. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  690.  
  691. $updateset[] = "forumposuntil = " . sqlesc($forumposuntil);
  692. }
  693.  
  694. $added = sqlesc(get_date_time());
  695. $subject = sqlesc("{$lang['msg_forum_status']}");
  696.  
  697. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
  698. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  699.  
  700. $updateset[] = "forumpos = 'no'";
  701. }
  702.  
  703. //----- Change Members Custom Title -----//
  704.  
  705. if ((isset($_POST['title'])) && (($title = $_POST['title']) != ($curtitle = $user['title'])))
  706. {
  707. $modcomment = gmdate("Y-m-d") . " - {$lang['text_title']}'$curtitle'{$lang['text_to']}'$title'{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
  708.  
  709. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  710. -- {$lang['stafflog_title']}'$curtitle'{$lang['stafflog_to']}'$title'
  711. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  712.  
  713. $updateset[] = "title = " . sqlesc($title);
  714. }
  715.  
  716. //----- Change Members Username -----//
  717.  
  718. if ((isset($_POST['username'])) && (($username = $_POST['username']) != ($curusername = $user['username'])))
  719. {
  720. $modcomment = gmdate("Y-m-d") . " - {$lang['text_username']}'$curusername'{$lang['text_to']}'$username'{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
  721.  
  722. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  723. -- {$lang['stafflog_username']}'$curusername'{$lang['stafflog_to']}'$username'
  724. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  725.  
  726. $updateset[] = "username = " . sqlesc($username);
  727. }
  728.  
  729. //----- Change Members Email -----//
  730.  
  731. if ((isset($_POST['email'])) && (($email = $_POST['email']) != ($curemail = $user['email'])))
  732. {
  733. $modcomment = gmdate("Y-m-d") . " - {$lang['text_email']}'$curemail'{$lang['text_to']}'$email'{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
  734.  
  735. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  736. -- {$lang['stafflog_email']}'$curemail'{$lang['stafflog_to']}'$email'
  737. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  738.  
  739. $updateset[] = "email = " . sqlesc($email);
  740. }
  741.  
  742. //----- Change Members Info -----//
  743.  
  744. if ((isset($_POST['info'])) && (($info = $_POST['info']) != ($curinfo = $user['info'])))
  745. {
  746. $modcomment = gmdate("Y-m-d") . " - {$lang['text_info']}'$curinfo'{$lang['text_to']}'$info'{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
  747.  
  748. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  749. -- {$lang['stafflog_info']}'$curinfo'{$lang['stafflog_to']}'$info'
  750. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  751.  
  752. $updateset[] = "info = " . sqlesc($info);
  753. }
  754.  
  755.  
  756. //----- The Following Code Will Place The Old Passkey In The Mod Comment And Create A New Passkey. -----//
  757. //----- This Is Good Practice As It Allows Usersearch To Find Old Passkeys By Searching The Mod Comments Of Members. -----//
  758.  
  759. //----- Reset Members Passkey -----//
  760.  
  761. if ((isset($_POST['resetpasskey'])) && ($_POST['resetpasskey']))
  762. {
  763. $newpasskey = md5($user['username'] . get_date_time() . $user['passhash']);
  764.  
  765. $modcomment = gmdate("Y-m-d") . " - {$lang['text_passkey']}" . sqlesc($user['passkey']) . "{$lang['text_passkey_reset']}" . sqlesc($newpasskey) . "{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
  766.  
  767. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  768. -- {$lang['stafflog_passkey']}" . sqlesc($user['passkey']) . "{$lang['stafflog_passkey_reset']}" . sqlesc($newpasskey) . "
  769. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  770.  
  771. $updateset[] = "passkey=" . sqlesc($newpasskey);
  772. }
  773.  
  774. //----- This Code Is For Use With The Safe Mod Comment Modification. -----//
  775.  
  776. //----- Add Comment to ModComment -----//
  777.  
  778. if ((isset($_POST['addcomment'])) && ($addcomment = trim($_POST['addcomment'])))
  779. {
  780. $modcomment = gmdate("Y-m-d") . " - $addcomment -{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
  781. }
  782.  
  783. //----- Upload Permissions Enabled -----//
  784.  
  785. if ((isset($_POST['uploadpos'])) && (($uploadpos = $_POST['uploadpos']) != $user['uploadpos']))
  786. {
  787. if ($uploadpos == 'yes')
  788. {
  789. $modcomment = gmdate("Y-m-d")." - {$lang['text_upload_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
  790. $msg = sqlesc("\n{$lang['msg_upload_enabled']}\n{$lang['msg_upload_careful']}");
  791. $added = sqlesc(get_date_time());
  792. $subject = sqlesc("{$lang['msg_upload_status']}");
  793.  
  794. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
  795. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  796.  
  797. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  798. -- {$lang['stafflog_upload_enabled']} --
  799. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  800. }
  801.  
  802. $updateset[] = "uploadpos = " . sqlesc($uploadpos);
  803. }
  804.  
  805. //----- Upload Disabled Until Further Notice -----//
  806.  
  807. if (isset($_POST['uploadposuntillength']) && ($uploadposuntillength = 0 + $_POST['uploadposuntillength']))
  808. {
  809. unset($uploadposuntilpm);
  810.  
  811. if (empty($_POST["uploadposuntilpm"]))
  812. {
  813. error_message_center("error",
  814. "{$lang['err_user_error']}",
  815. "{$lang['err_empty_field']}");
  816. }
  817.  
  818. if (isset($_POST['uploadposuntilpm']))
  819. {
  820. $uploadposuntilpm = $_POST['uploadposuntilpm'];
  821. }
  822.  
  823. if ($uploadposuntillength == 255)
  824. {
  825. $modcomment = gmdate("Y-m-d") . " - {$lang['text_upload_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$uploadposuntilpm\n\n" . $modcomment;
  826.  
  827. $msg = sqlesc("{$lang['msg_upload_disabled']}\n{$lang['msg_contact_staff']}");
  828.  
  829. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  830. -- {$lang['stafflog_upload_disabled']} --
  831. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  832.  
  833. $updateset[] = "uploadposuntil = '0000-00-00 00:00:00'";
  834. }
  835.  
  836. else
  837. {
  838. $uploadposuntil = get_date_time(gmtime() + $uploadposuntillength * 604800);
  839.  
  840. $dur = $uploadposuntillength . "{$lang['text_week']}" . ($uploadposuntillength > 1 ? "{$lang['text_s']}" : '');
  841.  
  842. $msg = sqlesc("{$lang['msg_upload_dur']} - $dur{$lang['text_by']}{$CURUSER['username']}".($uploadposuntilpm ? "\n\n{$lang['msg_reason']}$uploadposuntilpm" : ''));
  843.  
  844. $modcomment = gmdate("Y-m-d") . " - {$lang['text_upload_disabled_for']} $dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$uploadposuntilpm\n\n" . $modcomment;
  845.  
  846. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  847. -- {$lang['stafflog_upload_disabled_for']} $dur
  848. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  849.  
  850. $updateset[] = "uploadposuntil = " . sqlesc($uploadposuntil);
  851. }
  852.  
  853. $added = sqlesc(get_date_time());
  854. $subject = sqlesc("{$lang['msg_upload_status']}");
  855.  
  856. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
  857. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  858.  
  859. $updateset[] = "uploadpos = 'no'";
  860. }
  861.  
  862. //----- Download Permissions Enabled -----//
  863.  
  864. if ((isset($_POST['downloadpos'])) && (($downloadpos = $_POST['downloadpos']) != $user['downloadpos']))
  865. {
  866. if ($downloadpos == 'yes')
  867. {
  868. $modcomment = gmdate("Y-m-d") . " - {$lang['text_download_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
  869. $msg = sqlesc("{$lang['msg_download_enabled']}\n{$lang['msg_be_careful']}");
  870. $added = sqlesc(get_date_time());
  871. $subject = sqlesc("{$lang['msg_download_status']}");
  872.  
  873. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
  874. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  875.  
  876. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  877. -- {$lang['stafflog_download_enabled']} --
  878. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  879. }
  880.  
  881. $updateset[] = "downloadpos = " . sqlesc($downloadpos);
  882. }
  883.  
  884. //----- Download Disabled Until Further Notice -----//
  885.  
  886. if (isset($_POST['downloadposuntillength']) && ($downloadposuntillength = 0 + $_POST['downloadposuntillength']))
  887. {
  888. unset($downloadposuntilpm);
  889.  
  890. if (empty($_POST["downloadposuntilpm"]))
  891. {
  892. error_message_center("error",
  893. "{$lang['err_user_error']}",
  894. "{$lang['err_empty_field']}");
  895. }
  896.  
  897. if (isset($_POST['downloadposuntilpm']))
  898. {
  899. $downloadposuntilpm = $_POST['downloadposuntilpm'];
  900. }
  901.  
  902. if ($downloadposuntillength == 255)
  903. {
  904. $modcomment = gmdate("Y-m-d") . " - {$lang['text_download_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$downloadposuntilpm\n\n" . $modcomment;
  905.  
  906. $msg = sqlesc("{$lang['msg_download_disabled']}\n{$lang['msg_contact_staff']}");
  907.  
  908. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  909. -- {$lang['stafflog_download_disabled']} --
  910. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  911.  
  912. $updateset[] = "downloadposuntil = '0000-00-00 00:00:00'";
  913. }
  914.  
  915. else
  916. {
  917. $downloadposuntil = get_date_time(gmtime() + $downloadposuntillength * 604800);
  918.  
  919. $dur = $downloadposuntillength . "{$lang['text_week']}" . ($downloadposuntillength > 1 ? "{$lang['text_s']}" : '');
  920.  
  921. $msg = sqlesc("{$lang['msg_download_dur']} - $dur{$lang['text_by']}{$CURUSER['username']}" . ($downloadposuntilpm ? "\n\n{$lang['msg_reason']}$downloadposuntilpm" : ''));
  922.  
  923. $modcomment = gmdate("Y-m-d") . " - {$lang['text_download_disabled_for']} $dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$downloadposuntilpm\n\n" . $modcomment;
  924.  
  925. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  926. -- {$lang['stafflog_download_disabled_for']} $dur
  927. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  928.  
  929. $updateset[] = "downloadposuntil = " . sqlesc($downloadposuntil);
  930. }
  931.  
  932. $added = sqlesc(get_date_time());
  933. $subject = sqlesc("{$lang['msg_download_status']}");
  934.  
  935. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
  936. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  937.  
  938. $updateset[] = "downloadpos = 'no'";
  939. }
  940.  
  941. //----- Shoutbox Permissions Enabled -----//
  942.  
  943. if ((isset($_POST['shoutboxpos'])) && (($shoutboxpos = $_POST['shoutboxpos']) != $user['shoutboxpos']))
  944. {
  945. if ($shoutboxpos == 'yes')
  946. {
  947. $modcomment = gmdate("Y-m-d") . " - {$lang['text_shoutbox_enabled']} {$CURUSER['username']}.\n\n" . $modcomment;
  948. $msg = sqlesc("{$lang['msg_shoutbox_enabled']}\n{$lang['msg_be_careful']}");
  949. $added = sqlesc(get_date_time());
  950. $subject = sqlesc("{$lang['msg_shoutbox_status']}");
  951.  
  952. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
  953. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  954.  
  955. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  956. -- {$lang['stafflog_shoutbox_enabled']} --
  957. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  958. }
  959.  
  960. $updateset[] = "shoutboxpos = " . sqlesc($shoutboxpos);
  961. }
  962.  
  963. //----- Shoutbox Disabled Until Further Notice -----//
  964.  
  965. if (isset($_POST['shoutboxposuntillength']) && ($shoutboxposuntillength = 0 + $_POST['shoutboxposuntillength']))
  966. {
  967. unset($shoutboxposuntilpm);
  968. if (empty($_POST["shoutboxposuntilpm"]))
  969. {
  970. error_message_center("error",
  971. "{$lang['err_user_error']}",
  972. "{$lang['err_empty_field']}");
  973. }
  974.  
  975. if (isset($_POST['shoutboxposuntilpm']))
  976. {
  977. $shoutboxposuntilpm = $_POST['shoutboxposuntilpm'];
  978. }
  979.  
  980. if ($shoutboxposuntillength == 255)
  981. {
  982. $modcomment = gmdate("Y-m-d") . " - {$lang['text_shoutbox_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$shoutboxposuntilpm\n\n" . $modcomment;
  983.  
  984. $msg = sqlesc("{$lang['msg_shoutbox_disabled']}\n{$lang['msg_contact_staff']}");
  985.  
  986. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  987. -- {$lang['stafflog_shoutbox_disabled']} --
  988. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  989.  
  990. $updateset[] = "shoutboxposuntil = '0000-00-00 00:00:00'";
  991. }
  992.  
  993. else
  994. {
  995. $shoutboxposuntil = get_date_time(gmtime() + $shoutboxposuntillength * 604800);
  996.  
  997. $dur = $shoutboxposuntillength . "{$lang['text_week']}" . ($shoutboxposuntillength > 1 ? "{$lang['text_s']}" : '');
  998.  
  999. $msg = sqlesc("{$lang['msg_shoutbox_dur']} - $dur{$lang['text_by']}{$CURUSER['username']}" . ($shoutboxposuntilpm ? "\n\n{$lang['msg_reason']}$shoutboxposuntilpm" : ''));
  1000.  
  1001. $modcomment = gmdate("Y-m-d") . " - {$lang['text_shoutbox_disabled_for']} $dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$shoutboxposuntilpm\n\n" . $modcomment;
  1002.  
  1003. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  1004. -- {$lang['stafflog_shoutbox_disabled_for']} $dur
  1005. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  1006.  
  1007. $updateset[] = "shoutboxposuntil = " . sqlesc($shoutboxposuntil);
  1008. }
  1009.  
  1010. $added = sqlesc(get_date_time());
  1011. $subject = sqlesc("{$lang['msg_shoutbox_status']}");
  1012.  
  1013. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
  1014. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  1015.  
  1016. $updateset[] = "shoutboxpos = 'no'";
  1017. }
  1018.  
  1019. //----- Torrent Comments Permissions Enabled -----//
  1020.  
  1021. if ((isset($_POST['torrcompos'])) && (($torrcompos = $_POST['torrcompos']) != $user['torrcompos']))
  1022. {
  1023. if ($torrcompos == 'yes')
  1024. {
  1025. $modcomment = gmdate("Y-m-d") . " - {$lang['text_comments_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
  1026. $msg = sqlesc("{$lang['msg_comments_enabled']}\n{$lang['msg_be_careful']}");
  1027. $added = sqlesc(get_date_time());
  1028. $subject = sqlesc("{$lang['msg_comments_status']}");
  1029.  
  1030. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
  1031. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  1032.  
  1033. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  1034. -- {$lang['stafflog_comments_enabled']} --
  1035. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  1036. }
  1037. $updateset[] = "torrcompos = " . sqlesc($torrcompos);
  1038. }
  1039.  
  1040. //----- Torrent Comments Disabled Until Further Notice -----//
  1041.  
  1042. if (isset($_POST['torrcomposuntillength']) && ($torrcomposuntillength = 0 + $_POST['torrcomposuntillength']))
  1043. {
  1044. unset($torrcomposuntilpm);
  1045.  
  1046. if (empty($_POST["torrcomposuntilpm"]))
  1047. {
  1048. error_message_center("error",
  1049. "{$lang['err_user_error']}",
  1050. "{$lang['err_empty_field']}");
  1051. }
  1052.  
  1053. if (isset($_POST['torrcomposuntilpm']))
  1054. {
  1055. $torrcomposuntilpm = $_POST['torrcomposuntilpm'];
  1056. }
  1057.  
  1058. if ($torrcomposuntillength == 255)
  1059. {
  1060. $modcomment = gmdate("Y-m-d") . " - {$lang['text_comments_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$torrcomposuntilpm\n\n" . $modcomment;
  1061.  
  1062. $msg = sqlesc("{$lang['msg_comments_disabled']}\n{$lang['msg_contact_staff']}");
  1063.  
  1064. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  1065. -- {$lang['stafflog_comments_disabled']} --
  1066. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  1067.  
  1068. $updateset[] = "torrcomposuntil = '0000-00-00 00:00:00'";
  1069. }
  1070.  
  1071. else
  1072. {
  1073. $torrcomposuntil = get_date_time(gmtime() + $torrcomposuntillength * 604800);
  1074.  
  1075. $dur = $torrcomposuntillength . "{$lang['text_week']}" . ($torrcomposuntillength > 1 ? "{$lang['text_s']}" : '');
  1076.  
  1077. $msg = sqlesc("{$lang['msg_comments_disabled_for']} - $dur{$lang['text_by']}{$CURUSER['username']}" . ($torrcomposuntilpm ? "\n\n{$lang['msg_reason']}$torrcomposuntilpm" : ''));
  1078.  
  1079. $modcomment = gmdate("Y-m-d") . " - {$lang['text_comments_disabled_for']} $dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$torrcomposuntilpm\n\n" . $modcomment;
  1080.  
  1081. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  1082. -- {$lang['stafflog_comments_disabled_for']} $dur
  1083. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  1084.  
  1085. $updateset[] = "torrcomposuntil = " . sqlesc($torrcomposuntil);
  1086. }
  1087.  
  1088. $added = sqlesc(get_date_time());
  1089. $subject = sqlesc("{$lang['msg_comments_status']}");
  1090.  
  1091. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
  1092. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  1093.  
  1094. $updateset[] = "torrcompos = 'no'";
  1095. }
  1096.  
  1097. //----- Offer Comments Permissions Enabled -----//
  1098.  
  1099. if ((isset($_POST['offercompos'])) && (($offercompos = $_POST['offercompos']) != $user['offercompos']))
  1100. {
  1101. if ($offercompos == 'yes')
  1102. {
  1103. $modcomment = gmdate("Y-m-d") . " - {$lang['text_offer_comment_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
  1104. $msg = sqlesc("{$lang['msg_offer_comment_enabled']}\n{$lang['msg_be_careful']}");
  1105. $added = sqlesc(get_date_time());
  1106. $subject = sqlesc("{$lang['msg_offer_comment_status']}");
  1107.  
  1108. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
  1109. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  1110.  
  1111. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  1112. -- {$lang['stafflog_offer_comment_enabled']} --
  1113. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  1114. }
  1115. $updateset[] = "offercompos = " . sqlesc($offercompos);
  1116. }
  1117.  
  1118. //----- Offer Comments Disabled Until Further Notice -----//
  1119.  
  1120. if (isset($_POST['offercomposuntillength']) && ($offercomposuntillength = 0 + $_POST['offercomposuntillength']))
  1121. {
  1122. unset($offercomposuntilpm);
  1123.  
  1124. if (empty($_POST["offercomposuntilpm"]))
  1125. {
  1126. error_message_center("error",
  1127. "{$lang['err_user_error']}",
  1128. "{$lang['err_empty_field']}");
  1129. }
  1130.  
  1131. if (isset($_POST['offercomposuntilpm']))
  1132. {
  1133. $offercomposuntilpm = $_POST['offercomposuntilpm'];
  1134. }
  1135.  
  1136. if ($offercomposuntillength == 255)
  1137. {
  1138. $modcomment = gmdate("Y-m-d") . " - {$lang['text_offer_comment_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$offercomposuntilpm\n\n" . $modcomment;
  1139.  
  1140. $msg = sqlesc("{$lang['msg_offer_comment_disabled']}\n{$lang['msg_contact_staff']}");
  1141.  
  1142. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  1143. -- {$lang['stafflog_offer_comment_disabled']} --
  1144. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  1145.  
  1146. $updateset[] = "offercomposuntil = '0000-00-00 00:00:00'";
  1147. }
  1148.  
  1149. else
  1150. {
  1151. $offercomposuntil = get_date_time(gmtime() + $offercomposuntillength * 604800);
  1152.  
  1153. $dur = $offercomposuntillength . "{$lang['text_week']}" . ($offercomposuntillength > 1 ? "{$lang['text_s']}" : '');
  1154.  
  1155. $msg = sqlesc("{$lang['msg_offer_comment_disabled_for']} - $dur{$lang['text_by']}{$CURUSER['username']}" . ($offercomposuntilpm ? "\n\n{$lang['msg_reason']}$offercomposuntilpm" : ''));
  1156.  
  1157. $modcomment = gmdate("Y-m-d") . " - {$lang['text_offer_comment_disabled_for']} $dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$offercomposuntilpm\n\n" . $modcomment;
  1158.  
  1159. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  1160. -- {$lang['stafflog_offer_comment_disabled_for']} $dur
  1161. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  1162.  
  1163. $updateset[] = "offercomposuntil = " . sqlesc($offercomposuntil);
  1164. }
  1165.  
  1166. $added = sqlesc(get_date_time());
  1167. $subject = sqlesc("{$lang['msg_offer_comment_status']}");
  1168.  
  1169. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
  1170. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  1171.  
  1172. $updateset[] = "offercompos = 'no'";
  1173. }
  1174.  
  1175. //----- Request Comments Permissions Enabled -----//
  1176.  
  1177. if ((isset($_POST['requestcompos'])) && (($requestcompos = $_POST['requestcompos']) != $user['requestcompos']))
  1178. {
  1179. if ($requestcompos == 'yes')
  1180. {
  1181. $modcomment = gmdate("Y-m-d") . " - {$lang['text_request_comment_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
  1182. $msg = sqlesc("{$lang['msg_request_comment_enabled']}\n{$lang['msg_be_careful']}");
  1183. $added = sqlesc(get_date_time());
  1184. $subject = sqlesc("{$lang['msg_request_comment_status']}");
  1185.  
  1186. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
  1187. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  1188.  
  1189. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  1190. -- {$lang['stafflog_request_comment_enabled']} --
  1191. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  1192. }
  1193.  
  1194. $updateset[] = "requestcompos = " . sqlesc($requestcompos);
  1195. }
  1196.  
  1197. //----- Request Comments Disabled Until Further Notice -----//
  1198.  
  1199. if (isset($_POST['requestcomposuntillength']) && ($requestcomposuntillength = 0 + $_POST['requestcomposuntillength']))
  1200. {
  1201. unset($requestcomposuntilpm);
  1202.  
  1203. if (empty($_POST["requestcomposuntilpm"]))
  1204. {
  1205. error_message_center("error",
  1206. "{$lang['err_user_error']}",
  1207. "{$lang['err_empty_field']}");
  1208. }
  1209.  
  1210. if (isset($_POST['requestcomposuntilpm']))
  1211. {
  1212. $requestcomposuntilpm = $_POST['requestcomposuntilpm'];
  1213. }
  1214.  
  1215. if ($requestcomposuntillength == 255)
  1216. {
  1217. $modcomment = gmdate("Y-m-d") . " - {$lang['text_request_comment_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$requestcomposuntilpm\n\n" . $modcomment;
  1218.  
  1219. $msg = sqlesc("{$lang['msg_request_comment_disabled']} \n{$lang['msg_contact_staff']}");
  1220.  
  1221. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  1222. -- {$lang['stafflog_request_comment_disabled']} --
  1223. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  1224.  
  1225. $updateset[] = "requestcomposuntil = '0000-00-00 00:00:00'";
  1226. }
  1227.  
  1228. else
  1229. {
  1230. $requestcomposuntil = get_date_time(gmtime() + $requestcomposuntillength * 604800);
  1231.  
  1232. $dur = $requestcomposuntillength . "{$lang['text_week']}" . ($requestcomposuntillength > 1 ? "{$lang['text_s']}" : '');
  1233.  
  1234. $msg = sqlesc("{$lang['msg_request_comment_disabled_for']} - $dur{$lang['text_by']}{$CURUSER['username']}" . ($requestcomposuntilpm ? "\n\n{$lang['msg_reason']}$requestcomposuntilpm" : ''));
  1235.  
  1236. $modcomment = gmdate("Y-m-d") . " - {$lang['text_request_comment_disabled_for']} $dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$requestcomposuntilpm\n\n" . $modcomment;
  1237.  
  1238. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  1239. -- {$lang['stafflog_request_comment_disabled_for']} $dur
  1240. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.\n");
  1241.  
  1242. $updateset[] = "requestcomposuntil = " . sqlesc($requestcomposuntil);
  1243. }
  1244.  
  1245. $added = sqlesc(get_date_time());
  1246. $subject = sqlesc("{$lang['msg_request_comment_status']}");
  1247.  
  1248. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
  1249. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  1250.  
  1251. $updateset[] = "requestcompos = 'no'";
  1252. }
  1253.  
  1254. //----- Avatar Changed -----//
  1255.  
  1256. if ((isset($_POST['avatar'])) && (($avatar = $_POST['avatar']) != ($curavatar = $user['avatar'])))
  1257. {
  1258. $modcomment = gmdate("Y-m-d") . " - {$lang['text_avatar_changed']} " . htmlspecialchars($curavatar) . "{$lang['text_to']}" . htmlspecialchars($avatar) . "{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
  1259.  
  1260. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  1261. -- {$lang['stafflog_avatar_changed']} " . htmlspecialchars($curavatar) . "{$lang['text_to']}" . htmlspecialchars($avatar) . "
  1262. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  1263.  
  1264. $updateset[] = "avatar = " . sqlesc($avatar);
  1265. }
  1266.  
  1267. //----- First Line Support Yes / No -----//
  1268.  
  1269. if ((isset($_POST['support'])) && (($support = $_POST['support']) != $user['support']))
  1270. {
  1271. if ($support == 'yes')
  1272. {
  1273. $modcomment = gmdate("Y-m-d") . " - {$lang['text_promoted_fls']}{$CURUSER['username']}.\n\n" . $modcomment;
  1274. $msg = sqlesc("{$lang['msg_promoted_fls']}" . htmlspecialchars($CURUSER['username']) . ".");
  1275. $added = sqlesc(get_date_time());
  1276. $subject = sqlesc("{$lang['msg_fls_status']}");
  1277.  
  1278. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  1279. -- {$lang['stafflog_promote_fls']} --
  1280. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  1281.  
  1282. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
  1283. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  1284. }
  1285.  
  1286. if ($support == 'no')
  1287. {
  1288. $updateset[] = "support_lang =''";
  1289. $updateset[] = "supportfor =''";
  1290. $modcomment = gmdate("Y-m-d") . " - {$lang['text_demote_fls']}{$CURUSER['username']}.\n\n" . $modcomment;
  1291.  
  1292. $msg = sqlesc("{$lang['msg_demoted_fls']}" . htmlspecialchars($CURUSER['username']) . ", {$lang['msg_demote_fls']}");
  1293.  
  1294. $added = sqlesc(get_date_time());
  1295. $subject = sqlesc("{$lang['msg_fls_status']}");
  1296.  
  1297. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
  1298. -- {$lang['stafflog_demote_fls']} --
  1299. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
  1300.  
  1301. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
  1302. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
  1303. }
  1304.  
  1305. $updateset[] = "support = " . sqlesc($support);
  1306. }
  1307.  
  1308. //----- First Line Support For ? -----//
  1309.  
  1310. if (isset($_POST['supportfor']) && ($supportfor = $_POST['supportfor']) != $user['supportfor'])
  1311. {
  1312. $updateset[] = "supportfor = " . sqlesc($supportfor);
  1313. }
  1314.  
  1315. //----- First Line Support Language -----//
  1316.  
  1317. if (isset($_POST['support_lang']) && ($support_lang = $_POST['support_lang']) != $user['support_lang'])
  1318. {
  1319. $updateset[] = "support_lang = " . sqlesc($support_lang);
  1320. }
  1321.  
  1322. //----- Add ModComment (If We Changed Something We Update Otherwise We Dont Include This.) -----//
  1323.  
  1324. if (($CURUSER['class'] >= UC_SYSOP
  1325. && ($user['modcomment'] != $_POST['modcomment']
  1326. || $modcomment != $_POST['modcomment']))
  1327. || ($CURUSER['class'] < UC_SYSOP
  1328. && $modcomment != $user['modcomment']))
  1329. {
  1330. $updateset[] = "modcomment = " . sqlesc($modcomment);
  1331. }
  1332.  
  1333. if (sizeof($updateset) > 0)
  1334. {
  1335. sql_query("UPDATE users
  1336. SET " . implode(", ", $updateset) . "
  1337. WHERE id = " . sqlesc($userid)) or sqlerr(__FILE__, __LINE__);
  1338.  
  1339. status_change($userid);
  1340. }
  1341.  
  1342. $returnto = $_POST['returnto'];
  1343.  
  1344. //header("Location: {$FTSP_V2['$site_url']}/$returnto");
  1345. //header("Location: {$FTSP_V2['$site_url']}/userdetails.php?id=2#fragment-6");
  1346. header("Location: $returnto");
  1347.  
  1348. die();
  1349. }
  1350.  
  1351. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!