Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- ***************************************
- ** FreeTSP Version: 2.0 Multilingual **
- ***************************************
- ** http://www.freetsp.com
- ** Licence Info: GPL
- ** Copyright (C) 2017 FreeTSP v2.0 Multilingual
- ** A bittorrent tracker source based on TBDev.net/tbsource/bytemonsoon.
- ** Full Respects & Credits To Mindless & All The Team @ U232
- ** Project Leaders. Fireknight & Rushed.
- ** Project Founder: Krypto.
- **/
- require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'functions' . DIRECTORY_SEPARATOR . 'function_main.php');
- require_once(FUNC_DIR . 'function_user.php');
- require_once(FUNC_DIR . 'function_staffconfig.php');
- require_once(FUNC_DIR . 'function_vfunctions.php');
- require_once(FUNC_DIR . 'function_page_verify.php');
- db_connect(false);
- logged_in();
- $lang = array_merge(load_language('modtask'),
- load_language('global'));
- $newpage = new page_verify();
- $newpage->check('_modtask_');
- $staff_code = $staff_code;
- if ($CURUSER['class'] < UC_MODERATOR
- || $CURUSER['staff_access'] == "no"
- || $CURUSER['mod_access'] == "no"
- || $CURUSER['staff_code'] != "$staff_code")
- {
- die();
- }
- //----- Correct Call To Script -----//
- if ((isset($_POST['action'])) && ($_POST['action'] == 'edituser'))
- {
- //----- Set User ID -----//
- if (isset($_POST['userid']))
- {
- $userid = $_POST['userid'];
- }
- else
- {
- die();
- }
- //----- And Verify -----//
- if (!is_valid_id($userid))
- {
- error_message_center("error",
- "{$lang['gbl_error']}",
- "{$lang['err_bad_id']}");
- }
- //----- Handle CSRF (Modtask Posts Form Other Domains, Especially To Update Class) -----//
- require_once(FUNC_DIR . 'function_user_validator.php');
- if (!validate($_POST['validator'], "ModTask_$userid"))
- {
- //die ("Invalid");
- error_message_center("error",
- "{$lang['gbl_error']}",
- "{$lang['err_inv_id']}");
- }
- //----- Fetch Current User Data -----//
- $res = sql_query("SELECT *
- FROM users
- WHERE id = " . sqlesc($userid)) or sqlerr(__FILE__, __LINE__);
- $user = mysqli_fetch_assoc($res) or sqlerr(__FILE__, __LINE__);
- //-----Used In Writing To Staff Log -----//
- $username = $user['username'];
- //----- Check To Make Sure Your Not Editing Someone Of The Same Or Higher Class -----//
- if ($CURUSER['class'] <= $user['class']
- && ($CURUSER['id'] != $userid
- && $CURUSER['class'] < UC_ADMINISTRATOR))
- {
- error_message_center("warn",
- "{$lang['gbl_warning']}",
- "{$lang['err_same_class']}");
- }
- $updateset = array();
- $modcomment = (isset($_POST['modcomment']) && $CURUSER['class'] >= UC_SYSOP) ? $_POST['modcomment'] : $user['modcomment'];
- //----- User Class -----//
- if ((isset($_POST['class'])) && (($class = $_POST['class']) != $user['class']))
- {
- $curclass = $user['class'];
- if ($class >= UC_MANAGER
- || ($class >= $CURUSER['class'])
- || ($user['class'] >= $CURUSER['class']))
- {
- error_message_center("error",
- "{$lang['err_user_error']}",
- "{$lang['err_try_again']}");
- }
- if (!is_valid_user_class($class) || $CURUSER['class'] <= $_POST['class'])
- {
- error_message_center("error",
- "{$lang['gbl_error']}",
- "{$lang['err_bad_class']}");
- }
- //----- Promoted / Demoted PM -----//
- $what = ($class > $user['class'] ? "{$lang['text_promoted']}" : "{$lang['text_demoted']}");
- $msg = sqlesc("{$lang['msg_you_have']}$what{$lang['msg_to']}'" . get_user_class_name($class) . "'{$lang['msg_by']}{$CURUSER['username']}");
- $subject = sqlesc("{$lang['msg_class_subject']}");
- $added = sqlesc(get_date_time());
- sql_query("INSERT INTO messages (sender, receiver, msg, added, subject)
- VALUES(0, $userid, $msg, $added, $subject)") or sqlerr(__FILE__, __LINE__);
- $updateset[] = "class = " . sqlesc($class);
- //----- Lower Than Uploader Class -----//
- if ($class <= '39')
- {
- $updateset[] = "protected = 'no'";
- $updateset[] = "staff_code = ''";
- $updateset[] = "staff_access = 'no'";
- $updateset[] = "mod_access = 'no'";
- $updateset[] = "admin_access = 'no'";
- $updateset[] = "sysop_access = 'no'";
- $updateset[] = "manager_access = 'no'";
- }
- //----- Uploader Class -----//
- elseif ($class == '40')
- {
- $updateset[] = "protected = 'yes'";
- $updateset[] = "staff_code = ''";
- $updateset[] = "staff_access = 'no'";
- $updateset[] = "mod_access = 'no'";
- $updateset[] = "admin_access = 'no'";
- $updateset[] = "sysop_access = 'no'";
- $updateset[] = "manager_access = 'no'";
- }
- //----- Moderator Class -----//
- elseif ($class == '50')
- {
- $updateset[] = "protected = 'yes'";
- $updateset[] = "staff_code = " . sqlesc($staff_code);
- $updateset[] = "staff_access = 'yes'";
- $updateset[] = "mod_access = 'yes'";
- $updateset[] = "admin_access = 'no'";
- $updateset[] = "sysop_access = 'no'";
- $updateset[] = "manager_access = 'no'";
- }
- //----- Administrator Class -----//
- elseif ($class == '60')
- {
- $updateset[] = "protected = 'yes'";
- $updateset[] = "staff_code = " . sqlesc($staff_code);
- $updateset[] = "staff_access = 'yes'";
- $updateset[] = "mod_access = 'yes'";
- $updateset[] = "admin_access = 'yes'";
- $updateset[] = "sysop_access = 'no'";
- $updateset[] = "manager_access = 'no'";
- }
- //----- Sysop Class -----//
- elseif ($class == '70')
- {
- $updateset[] = "protected = 'yes'";
- $updateset[] = "staff_code = " . sqlesc($staff_code);
- $updateset[] = "staff_access = 'yes'";
- $updateset[] = "mod_access = 'yes'";
- $updateset[] = "admin_access = 'yes'";
- $updateset[] = "sysop_access = 'yes'";
- $updateset[] = "manager_access = 'no'";
- }
- $modcomment = gmdate("Y-m-d") . " - $what{$lang['text_to']}'" . get_user_class_name($class) . "'{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_was']}$what{$lang['stafflog_from']}" . get_user_class_name($curclass) . "{$lang['stafflog_to']}" . get_user_class_name($class) . "
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- //----- Invite Rights Enabled -----//
- if ((isset($_POST['invite_rights'])) && (($invite_rights = $_POST['invite_rights']) != $user['invite_rights']))
- {
- if ($invite_rights == 'yes')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_invite_enabled']}" . htmlspecialchars($CURUSER['username']) . ".\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_can_invite']}" . htmlspecialchars($CURUSER['username']) . ".{$lang['msg_can_invite1']}");
- $subject = sqlesc("{$lang['msg_invite_subject']}");
- $added = sqlesc(get_date_time());
- sql_query("INSERT INTO messages (sender, receiver, msg, added, subject)
- VALUES (0, $userid, $msg, $added, $subject)") or sqlerr(__FILE__, __LINE__);
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_invite_enabled']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- if ($invite_rights == 'no')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_invite_disabled']}" . htmlspecialchars($CURUSER['username']) . ".\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_invite_removed']}" . htmlspecialchars($CURUSER['username']) . ",{$lang['msg_bad_user']}");
- $subject = sqlesc("{$lang['msg_invite_subject']}");
- $added = sqlesc(get_date_time());
- sql_query("INSERT INTO messages (sender, receiver, msg, added, subject)
- VALUES (0, $userid, $msg, $added, $subject)") or sqlerr(__FILE__, __LINE__);
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_invite_disabled']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- $updateset[] = "invite_rights = " . sqlesc($invite_rights);
- }
- //----- Change Amount Of Invites -----//
- if ((isset($_POST['invites'])) && (($invites = $_POST['invites']) != ($curinvites = $user['invites'])))
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_invite_change']}'$curinvites'{$lang['text_to']}'$invites'{$lang['text_by']}" . htmlspecialchars($CURUSER['username']) . ".\n\n" . $modcomment;
- $updateset[] = "invites = " . sqlesc($invites);
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_invite_change']}'$curinvites'{$lang['stafflog_to']}'$invites'
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- //----- Warning Removed - Code Not Called For Setting Warning -----//
- if (isset($_POST['warned']) && (($warned = $_POST['warned']) != $user['warned']))
- {
- $updateset[] = "warned = " . sqlesc($warned);
- $updateset[] = "warneduntil = '0000-00-00 00:00:00'";
- if ($warned == 'no')
- {
- $modcomment = gmdate("Y-m-d")." - {$lang['text_warn_removed']}{$CURUSER['username']}.\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_warn_removed']}{$CURUSER['username']}.");
- $subject = sqlesc("{$lang['msg_warn_subject']}");
- $added = sqlesc(get_date_time());
- sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
- VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_warn_removed']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- }
- //----- Warned Until Further Notice -----//
- if (isset($_POST['warnlength']) && ($warnlength = 0 + $_POST['warnlength']))
- {
- unset($warnpm);
- if (empty($_POST["warnpm"]))
- {
- error_message_center("error",
- "{$lang['err_user_error']}",
- "{$lang['err_empty_field']}");
- }
- if (isset($_POST['warnpm']))
- {
- $warnpm = $_POST['warnpm'];
- }
- if ($warnlength == 255)
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_warn_infinate']}.\n{$lang['text_reason']}$warnpm\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_warn_by']}{$CURUSER['username']}" . ($warnpm ? "\n\n{$lang['msg_reason']}$warnpm" : ""));
- $updateset[] = "warneduntil = '0000-00-00 00:00:00'";
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_warn_reason']}'<strong>$warnpm</strong>'
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- else
- {
- $warneduntil = get_date_time(gmtime() + $warnlength * 604800);
- $dur = $warnlength . "{$lang['text_week']}" . ($warnlength > 1 ? "{$lang['text_s']}" : "");
- $msg = sqlesc("{$lang['msg_you_have_rcvd']} $dur {$lang['msg_rules_warn']}{$CURUSER['username']}" . ($warnpm ? "\n\n{$lang['msg_reason']}$warnpm" : ''));
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_warn_for']}$dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$warnpm\n\n" . $modcomment;
- $updateset[] = "warneduntil = " . sqlesc($warneduntil);
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_warn_for']}$dur {$lang['stafflog_reason']}'<strong>$warnpm</strong>'
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- $added = sqlesc(get_date_time());
- $subject = sqlesc("{$lang['msg_warn_subject']}");
- sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
- VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- $updateset[] = "warned = 'yes'";
- }
- //----- Donor Status Removed - Code Not Called For Setting Donor -----//
- if (isset($_POST['donor']) && (($donor = $_POST['donor']) != $user['donor']))
- {
- $updateset[] = "donor = " . sqlesc($donor);
- $updateset[] = "donoruntil = '0000-00-00 00:00:00'";
- if ($donor == 'no')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_donor_removed']}{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_donor_expired']}");
- $added = sqlesc(get_date_time());
- sql_query("INSERT INTO messages (sender, receiver, msg, added)
- VALUES (0, $userid, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_donor_removed']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- elseif ($donor == 'yes')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_donor_added']}{$CURUSER['username']}.\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_donor_added_by']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- }
- // === add donated amount to user and to funds table
- if ((isset($_POST['donated'])) && (($donated = $_POST['donated']) != $user['donated'])) {
- $added = sqlesc(get_date_time());
- sql_query("INSERT INTO funds (cash, user, added) VALUES ($donated, $userid, $added)") or sqlerr(__file__, __line__);
- $updateset[] = "donated = " . sqlesc($donated);
- $updateset[] = "total_donated = $user[total_donated] + " . sqlesc($donated);
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_donation']} ".$donated." {$lang['text_donation1']}\n" . $modcomment;
- }
- // ====end
- // === Set Donor - Time based
- if ((isset($_POST['donorlength'])) && ($donorlength = 0 + $_POST['donorlength'])) {
- if ($donorlength == 255) {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_donor_set_permanent']}{$CURUSER['username']}.\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_donor_status']}{$CURUSER['username']}.");
- $subject = sqlesc("{$lang['msg_donor_status']}");
- $updateset[] = "donoruntil = '0000-00-00 00:00:00'";
- }
- else {
- $donoruntil = get_date_time(gmtime() + $donorlength * 604800);
- $dur = $donorlength . " $lang['text_donor_time']}" . ($donorlength > 1 ? "s" : "");
- $msg = sqlesc("{$lang['msg_donor_msg']} " . $user['username'] . "
- {$lang['msg_donor_msg1']} {$FTSP['$site_name']}
- As a donor,you are given some bonus gigs added to your uploaded amount (if you donated for that option), the status of VIP, Immunity from ratio warnings and download bans, access to your own forum and the warm fuzzy feeling you get inside for helping to support this site that we all know and love
- {$lang['msg_donor_subject']}
- {$FTSP['$site_name']} {$lang['msg_staff']}
- PS. Your donator status will last for $dur and can be found on your user details page and can only be seen by you :smile: It was set by " .$CURUSER['username']);
- $subject = sqlesc("Thank You for Your Donation!");
- if ($user['class'] < UC_VIP)
- {
- $modcomment = gmdate("Y-m-d") . " - Donor status set for $dur and promoted to VIP by " . $CURUSER['username'] . ". \n" . $modcomment;
- }
- else
- $modcomment = gmdate("Y-m-d") . " - Donor status set for $dur by " . $CURUSER['username'] . ". \n" . $modcomment;
- $updateset[] = "donoruntil = " . sqlesc($donoruntil);
- write_stafflog("<strong><a href='userdetails.php?id=$userid'>$user[username]</a></strong> - Donor status set for $dur by - $CURUSER[username]. \n");
- }
- $added = sqlesc(get_date_time());
- sql_query("INSERT INTO messages (sender, subject, receiver, msg, added) VALUES (0, $subject, $userid, $msg, $added)") or sqlerr(__file__, __line__);
- $updateset[] = "donor = 'yes'";
- $res = sql_query("SELECT class FROM users WHERE id = $userid") or sqlerr(__file__,__line__);
- $arr = mysqli_fetch_assoc($res) or sqlerr(__FILE__, __LINE__);
- if ($user['class'] < UC_VIP)
- $updateset[] = "class = '30'"; //=== set this to the number for vip on your server
- }
- // === add to Donor length // thanks to CoLdFuSiOn & ShadowLeader
- if ((isset($_POST['donorlengthadd'])) && ($donorlengthadd = 0 + $_POST['donorlengthadd'])) {
- $donoruntil = $user["donoruntil"];
- $dur = $donorlengthadd . " week" . ($donorlengthadd > 1 ? "s" : "");
- $msg = sqlesc("Dear " . $user['username'] . "
- :wave:
- Thanks for your continued support to $site_name !
- Your donation helps us in the costs of running the site. Everything above the current running costs will go towards next months costs!
- As a donor you are given some bonus gigs added to your uploaded amount (if you donated for that option), the status of VIP, Immunity from ratio warnings and download bans, access to your own forum and, you have the the status of VIP, and the warm fuzzy feeling you get inside for helping to support this site that we all know and love :smile:
- so, thanks again, and enjoy!
- cheers,
- $site_name Staff
- PS. Your donator status will last for an extra $dur on top of your current donation status, and can be found on your user details page and can only be seen by you :smile: It was set by " .$CURUSER['username']);
- $subject = sqlesc("Thank You for Your Donation... Again!");
- $modcomment = gmdate("Y-m-d") . " - Donator status set for another $dur by " . $CURUSER['username'] .".\n" . $modcomment;
- write_stafflog("<strong><a href='userdetails.php?id=$userid'>$user[username]</a></strong> - Donor status set for another $dur by - $CURUSER[username]. \n");
- $donorlengthadd = $donorlengthadd * 7;
- sql_query("UPDATE users SET donoruntil = IF(donoruntil='0000-00-00 00:00:00', ADDDATE(NOW(), INTERVAL $donorlengthadd DAY ), ADDDATE( donoruntil, INTERVAL $donorlengthadd DAY)) WHERE id = $userid") or sqlerr(__file__, __line__);
- $added = sqlesc(get_date_time());
- sql_query("INSERT INTO messages (sender, subject, receiver, msg, added) VALUES (0, $subject, $userid, $msg, $added)") or sqlerr(__file__, __line__);
- $updateset[] = "donated = $user[donated] + " . sqlesc($_POST['donated']);
- $updateset[] = "total_donated = $user[total_donated] + " . sqlesc($_POST['donated']);
- }
- // === end add to Donor length
- //----- Change Users Signature -----//
- if ((isset($_POST['signature'])) && (($signature = $_POST['signature']) != ($cursignature = $user['signature'])))
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_sig_changed']}'$cursignature'{$lang['text_to']}'$signature'{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
- $updateset[] = "signature = " . sqlesc($signature);
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_sig_changed']}'$cursignature'{$lang['stafflog_to']}'$signature'
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- //----- Moderator Rights Enabled -----//
- if (isset($_POST['mod_access']) && (($mod_access = $_POST['mod_access']) != $user['mod_access']))
- {
- if ($mod_access == 'yes')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_modaccess']}" . $CURUSER['username'] . ".\n\n". $modcomment;
- write_stafflog("<a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid><strong>$username</strong></a> -- {$lang['stafflog_account_modaccess']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}>{$CURUSER['username']}</a></strong>");
- $updateset[] = "mod_access = " . sqlesc($mod_access);
- }
- if ($mod_access == 'no')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_nomodaccess']}" . $CURUSER['username'] . ".\n\n". $modcomment;
- write_stafflog("<a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid><strong>$username</strong></a> -- {$lang['stafflog_account_nomodaccess']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}>
- {$CURUSER['username']}</a></strong>");
- $updateset[] = "mod_access = " . sqlesc($mod_access);
- }
- }
- //----- Administrator Rights Enabled -----//
- if (isset($_POST['admin_access']) && (($admin_access = $_POST['admin_access']) != $user['admin_access']))
- {
- if ($admin_access == 'yes')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_adminaccess']}" . $CURUSER['username'] . ".\n\n". $modcomment;
- write_stafflog("<a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid><strong>$username</strong></a> -- {$lang['stafflog_account_adminaccess']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}>{$CURUSER['username']}</a></strong>");
- $updateset[] = "admin_access = " . sqlesc($admin_access);
- }
- if ($admin_access == 'no')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_noadminaccess']}" . $CURUSER['username'] . ".\n\n". $modcomment;
- write_stafflog("<a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid><strong>$username</strong></a> -- {$lang['stafflog_account_noadminaccess']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}>
- {$CURUSER['username']}</a></strong>");
- $updateset[] = "admin_access = " . sqlesc($admin_access);
- }
- }
- //----- SysOp Rights Enabled -----//
- if (isset($_POST['sysop_access']) && (($sysop_access = $_POST['sysop_access']) != $user['sysop_access']))
- {
- if ($sysop_access == 'yes')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_sysopaccess']}" . $CURUSER['username'] . ".\n\n". $modcomment;
- write_stafflog("<a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid><strong>$username</strong></a> -- {$lang['stafflog_account_sysopaccess']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}>{$CURUSER['username']}</a></strong>");
- $updateset[] = "sysop_access = " . sqlesc($sysop_access);
- }
- if ($sysop_access == 'no')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_nosysopaccess']}" . $CURUSER['username'] . ".\n\n". $modcomment;
- write_stafflog("<a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid><strong>$username</strong></a> -- {$lang['stafflog_account_nosysopaccess']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}>
- {$CURUSER['username']}</a></strong>");
- $updateset[] = "sysop_access = " . sqlesc($sysop_access);
- }
- }
- //----- Enable / Disable User Account -----//
- if ((isset($_POST['enabled'])) && (($enabled = $_POST['enabled']) != $user['enabled']))
- {
- if ($enabled == 'yes')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_account_enabled']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- else
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_disabled']}{$CURUSER['username']}.\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_account_disabled']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- $updateset[] = "enabled = " . sqlesc($enabled);
- }
- //----- Park / Un-Park User Account -----//
- if ((isset($_POST['parked'])) && (($parked = $_POST['parked']) != $user['parked']))
- {
- if ($parked == 'yes')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_parked']}{$CURUSER['username']}.\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_account_parked']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- else
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_unparked']}{$CURUSER['username']}.\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_account_unparked']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- $updateset[] = "parked = " . sqlesc($parked);
- }
- //----- Protect User Account From Low Ratio Download Ban -----//
- if (isset($_POST['protected']) && (($protected = $_POST['protected']) != $user['protected']))
- {
- if ($protected == 'yes')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_protected']}" . $CURUSER['username'] . ".\n". $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_account_protected']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "protected = " . sqlesc($protected);
- }
- if ($protected == 'no')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_unprotected']}" . $CURUSER['username'] . ".\n". $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_account_unprotected']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "protected = " . sqlesc($protected);
- }
- }
- //----- Forum Permissions Enabled -----//
- if ((isset($_POST['forumpos'])) && (($forumpos = $_POST['forumpos']) != $user['forumpos']))
- {
- if ($forumpos == 'yes')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_forum_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_forum_enabled']}\n{$lang['msg_be_careful']}");
- $added = sqlesc(get_date_time());
- $subject = sqlesc("{$lang['msg_forum_status']}");
- sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
- VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_forum_enabled']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- $updateset[] = "forumpos = " . sqlesc($forumpos);
- }
- //----- Forum Permissions Disabled Until Further Notice -----//
- if (isset($_POST['forumposuntillength']) && ($forumposuntillength = 0 + $_POST['forumposuntillength']))
- {
- unset($forumposuntilpm);
- if (empty($_POST["forumposuntilpm"]))
- {
- error_message_center("error",
- "{$lang['err_user_error']}",
- "{$lang['err_empty_field']}");
- }
- if (isset($_POST['forumposuntilpm']))
- {
- $forumposuntilpm = $_POST['forumposuntilpm'];
- }
- if ($forumposuntillength == 255)
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_forum_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$forumposuntilpm\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_forum_disabled']} \n{$lang['msg_contact_staff']}");
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_forum_disabled']}'<strong>$forumposuntilpm</strong>'
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "forumposuntil = '0000-00-00 00:00:00'";
- }
- else
- {
- $forumposuntil = get_date_time(gmtime() + $forumposuntillength * 604800);
- $dur = $forumposuntillength . "{$lang['text_week']}" . ($forumposuntillength > 1 ? "{$lang['text_s']}" : '');
- $msg = sqlesc("{$lang['msg_forum_removed_time']}- $dur{$lang['text_by']}{$CURUSER['username']}" . ($forumposuntilpm ? "\n\n{$lang['msg_reason']}$forumposuntilpm" :''));
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_forum_disabled_time']}$dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['stafflog_reason']}$forumposuntilpm\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_forum_disabled_time']}$dur. {$lang['stafflog_reason']}'<strong>$forumposuntilpm</strong>'
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "forumposuntil = " . sqlesc($forumposuntil);
- }
- $added = sqlesc(get_date_time());
- $subject = sqlesc("{$lang['msg_forum_status']}");
- sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
- VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- $updateset[] = "forumpos = 'no'";
- }
- //----- Change Members Custom Title -----//
- if ((isset($_POST['title'])) && (($title = $_POST['title']) != ($curtitle = $user['title'])))
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_title']}'$curtitle'{$lang['text_to']}'$title'{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_title']}'$curtitle'{$lang['stafflog_to']}'$title'
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "title = " . sqlesc($title);
- }
- //----- Change Members Username -----//
- if ((isset($_POST['username'])) && (($username = $_POST['username']) != ($curusername = $user['username'])))
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_username']}'$curusername'{$lang['text_to']}'$username'{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_username']}'$curusername'{$lang['stafflog_to']}'$username'
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "username = " . sqlesc($username);
- }
- //----- Change Members Email -----//
- if ((isset($_POST['email'])) && (($email = $_POST['email']) != ($curemail = $user['email'])))
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_email']}'$curemail'{$lang['text_to']}'$email'{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_email']}'$curemail'{$lang['stafflog_to']}'$email'
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "email = " . sqlesc($email);
- }
- //----- Change Members Info -----//
- if ((isset($_POST['info'])) && (($info = $_POST['info']) != ($curinfo = $user['info'])))
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_info']}'$curinfo'{$lang['text_to']}'$info'{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_info']}'$curinfo'{$lang['stafflog_to']}'$info'
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "info = " . sqlesc($info);
- }
- //----- The Following Code Will Place The Old Passkey In The Mod Comment And Create A New Passkey. -----//
- //----- This Is Good Practice As It Allows Usersearch To Find Old Passkeys By Searching The Mod Comments Of Members. -----//
- //----- Reset Members Passkey -----//
- if ((isset($_POST['resetpasskey'])) && ($_POST['resetpasskey']))
- {
- $newpasskey = md5($user['username'] . get_date_time() . $user['passhash']);
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_passkey']}" . sqlesc($user['passkey']) . "{$lang['text_passkey_reset']}" . sqlesc($newpasskey) . "{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_passkey']}" . sqlesc($user['passkey']) . "{$lang['stafflog_passkey_reset']}" . sqlesc($newpasskey) . "
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "passkey=" . sqlesc($newpasskey);
- }
- //----- This Code Is For Use With The Safe Mod Comment Modification. -----//
- //----- Add Comment to ModComment -----//
- if ((isset($_POST['addcomment'])) && ($addcomment = trim($_POST['addcomment'])))
- {
- $modcomment = gmdate("Y-m-d") . " - $addcomment -{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
- }
- //----- Upload Permissions Enabled -----//
- if ((isset($_POST['uploadpos'])) && (($uploadpos = $_POST['uploadpos']) != $user['uploadpos']))
- {
- if ($uploadpos == 'yes')
- {
- $modcomment = gmdate("Y-m-d")." - {$lang['text_upload_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
- $msg = sqlesc("\n{$lang['msg_upload_enabled']}\n{$lang['msg_upload_careful']}");
- $added = sqlesc(get_date_time());
- $subject = sqlesc("{$lang['msg_upload_status']}");
- sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
- VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_upload_enabled']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- $updateset[] = "uploadpos = " . sqlesc($uploadpos);
- }
- //----- Upload Disabled Until Further Notice -----//
- if (isset($_POST['uploadposuntillength']) && ($uploadposuntillength = 0 + $_POST['uploadposuntillength']))
- {
- unset($uploadposuntilpm);
- if (empty($_POST["uploadposuntilpm"]))
- {
- error_message_center("error",
- "{$lang['err_user_error']}",
- "{$lang['err_empty_field']}");
- }
- if (isset($_POST['uploadposuntilpm']))
- {
- $uploadposuntilpm = $_POST['uploadposuntilpm'];
- }
- if ($uploadposuntillength == 255)
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_upload_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$uploadposuntilpm\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_upload_disabled']}\n{$lang['msg_contact_staff']}");
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_upload_disabled']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "uploadposuntil = '0000-00-00 00:00:00'";
- }
- else
- {
- $uploadposuntil = get_date_time(gmtime() + $uploadposuntillength * 604800);
- $dur = $uploadposuntillength . "{$lang['text_week']}" . ($uploadposuntillength > 1 ? "{$lang['text_s']}" : '');
- $msg = sqlesc("{$lang['msg_upload_dur']} - $dur{$lang['text_by']}{$CURUSER['username']}".($uploadposuntilpm ? "\n\n{$lang['msg_reason']}$uploadposuntilpm" : ''));
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_upload_disabled_for']} $dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$uploadposuntilpm\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_upload_disabled_for']} $dur
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "uploadposuntil = " . sqlesc($uploadposuntil);
- }
- $added = sqlesc(get_date_time());
- $subject = sqlesc("{$lang['msg_upload_status']}");
- sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
- VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- $updateset[] = "uploadpos = 'no'";
- }
- //----- Download Permissions Enabled -----//
- if ((isset($_POST['downloadpos'])) && (($downloadpos = $_POST['downloadpos']) != $user['downloadpos']))
- {
- if ($downloadpos == 'yes')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_download_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_download_enabled']}\n{$lang['msg_be_careful']}");
- $added = sqlesc(get_date_time());
- $subject = sqlesc("{$lang['msg_download_status']}");
- sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
- VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_download_enabled']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- $updateset[] = "downloadpos = " . sqlesc($downloadpos);
- }
- //----- Download Disabled Until Further Notice -----//
- if (isset($_POST['downloadposuntillength']) && ($downloadposuntillength = 0 + $_POST['downloadposuntillength']))
- {
- unset($downloadposuntilpm);
- if (empty($_POST["downloadposuntilpm"]))
- {
- error_message_center("error",
- "{$lang['err_user_error']}",
- "{$lang['err_empty_field']}");
- }
- if (isset($_POST['downloadposuntilpm']))
- {
- $downloadposuntilpm = $_POST['downloadposuntilpm'];
- }
- if ($downloadposuntillength == 255)
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_download_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$downloadposuntilpm\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_download_disabled']}\n{$lang['msg_contact_staff']}");
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_download_disabled']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "downloadposuntil = '0000-00-00 00:00:00'";
- }
- else
- {
- $downloadposuntil = get_date_time(gmtime() + $downloadposuntillength * 604800);
- $dur = $downloadposuntillength . "{$lang['text_week']}" . ($downloadposuntillength > 1 ? "{$lang['text_s']}" : '');
- $msg = sqlesc("{$lang['msg_download_dur']} - $dur{$lang['text_by']}{$CURUSER['username']}" . ($downloadposuntilpm ? "\n\n{$lang['msg_reason']}$downloadposuntilpm" : ''));
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_download_disabled_for']} $dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$downloadposuntilpm\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_download_disabled_for']} $dur
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "downloadposuntil = " . sqlesc($downloadposuntil);
- }
- $added = sqlesc(get_date_time());
- $subject = sqlesc("{$lang['msg_download_status']}");
- sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
- VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- $updateset[] = "downloadpos = 'no'";
- }
- //----- Shoutbox Permissions Enabled -----//
- if ((isset($_POST['shoutboxpos'])) && (($shoutboxpos = $_POST['shoutboxpos']) != $user['shoutboxpos']))
- {
- if ($shoutboxpos == 'yes')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_shoutbox_enabled']} {$CURUSER['username']}.\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_shoutbox_enabled']}\n{$lang['msg_be_careful']}");
- $added = sqlesc(get_date_time());
- $subject = sqlesc("{$lang['msg_shoutbox_status']}");
- sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
- VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_shoutbox_enabled']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- $updateset[] = "shoutboxpos = " . sqlesc($shoutboxpos);
- }
- //----- Shoutbox Disabled Until Further Notice -----//
- if (isset($_POST['shoutboxposuntillength']) && ($shoutboxposuntillength = 0 + $_POST['shoutboxposuntillength']))
- {
- unset($shoutboxposuntilpm);
- if (empty($_POST["shoutboxposuntilpm"]))
- {
- error_message_center("error",
- "{$lang['err_user_error']}",
- "{$lang['err_empty_field']}");
- }
- if (isset($_POST['shoutboxposuntilpm']))
- {
- $shoutboxposuntilpm = $_POST['shoutboxposuntilpm'];
- }
- if ($shoutboxposuntillength == 255)
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_shoutbox_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$shoutboxposuntilpm\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_shoutbox_disabled']}\n{$lang['msg_contact_staff']}");
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_shoutbox_disabled']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "shoutboxposuntil = '0000-00-00 00:00:00'";
- }
- else
- {
- $shoutboxposuntil = get_date_time(gmtime() + $shoutboxposuntillength * 604800);
- $dur = $shoutboxposuntillength . "{$lang['text_week']}" . ($shoutboxposuntillength > 1 ? "{$lang['text_s']}" : '');
- $msg = sqlesc("{$lang['msg_shoutbox_dur']} - $dur{$lang['text_by']}{$CURUSER['username']}" . ($shoutboxposuntilpm ? "\n\n{$lang['msg_reason']}$shoutboxposuntilpm" : ''));
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_shoutbox_disabled_for']} $dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$shoutboxposuntilpm\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_shoutbox_disabled_for']} $dur
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "shoutboxposuntil = " . sqlesc($shoutboxposuntil);
- }
- $added = sqlesc(get_date_time());
- $subject = sqlesc("{$lang['msg_shoutbox_status']}");
- sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
- VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- $updateset[] = "shoutboxpos = 'no'";
- }
- //----- Torrent Comments Permissions Enabled -----//
- if ((isset($_POST['torrcompos'])) && (($torrcompos = $_POST['torrcompos']) != $user['torrcompos']))
- {
- if ($torrcompos == 'yes')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_comments_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_comments_enabled']}\n{$lang['msg_be_careful']}");
- $added = sqlesc(get_date_time());
- $subject = sqlesc("{$lang['msg_comments_status']}");
- sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
- VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_comments_enabled']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- $updateset[] = "torrcompos = " . sqlesc($torrcompos);
- }
- //----- Torrent Comments Disabled Until Further Notice -----//
- if (isset($_POST['torrcomposuntillength']) && ($torrcomposuntillength = 0 + $_POST['torrcomposuntillength']))
- {
- unset($torrcomposuntilpm);
- if (empty($_POST["torrcomposuntilpm"]))
- {
- error_message_center("error",
- "{$lang['err_user_error']}",
- "{$lang['err_empty_field']}");
- }
- if (isset($_POST['torrcomposuntilpm']))
- {
- $torrcomposuntilpm = $_POST['torrcomposuntilpm'];
- }
- if ($torrcomposuntillength == 255)
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_comments_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$torrcomposuntilpm\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_comments_disabled']}\n{$lang['msg_contact_staff']}");
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_comments_disabled']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "torrcomposuntil = '0000-00-00 00:00:00'";
- }
- else
- {
- $torrcomposuntil = get_date_time(gmtime() + $torrcomposuntillength * 604800);
- $dur = $torrcomposuntillength . "{$lang['text_week']}" . ($torrcomposuntillength > 1 ? "{$lang['text_s']}" : '');
- $msg = sqlesc("{$lang['msg_comments_disabled_for']} - $dur{$lang['text_by']}{$CURUSER['username']}" . ($torrcomposuntilpm ? "\n\n{$lang['msg_reason']}$torrcomposuntilpm" : ''));
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_comments_disabled_for']} $dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$torrcomposuntilpm\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_comments_disabled_for']} $dur
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "torrcomposuntil = " . sqlesc($torrcomposuntil);
- }
- $added = sqlesc(get_date_time());
- $subject = sqlesc("{$lang['msg_comments_status']}");
- sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
- VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- $updateset[] = "torrcompos = 'no'";
- }
- //----- Offer Comments Permissions Enabled -----//
- if ((isset($_POST['offercompos'])) && (($offercompos = $_POST['offercompos']) != $user['offercompos']))
- {
- if ($offercompos == 'yes')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_offer_comment_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_offer_comment_enabled']}\n{$lang['msg_be_careful']}");
- $added = sqlesc(get_date_time());
- $subject = sqlesc("{$lang['msg_offer_comment_status']}");
- sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
- VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_offer_comment_enabled']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- $updateset[] = "offercompos = " . sqlesc($offercompos);
- }
- //----- Offer Comments Disabled Until Further Notice -----//
- if (isset($_POST['offercomposuntillength']) && ($offercomposuntillength = 0 + $_POST['offercomposuntillength']))
- {
- unset($offercomposuntilpm);
- if (empty($_POST["offercomposuntilpm"]))
- {
- error_message_center("error",
- "{$lang['err_user_error']}",
- "{$lang['err_empty_field']}");
- }
- if (isset($_POST['offercomposuntilpm']))
- {
- $offercomposuntilpm = $_POST['offercomposuntilpm'];
- }
- if ($offercomposuntillength == 255)
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_offer_comment_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$offercomposuntilpm\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_offer_comment_disabled']}\n{$lang['msg_contact_staff']}");
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_offer_comment_disabled']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "offercomposuntil = '0000-00-00 00:00:00'";
- }
- else
- {
- $offercomposuntil = get_date_time(gmtime() + $offercomposuntillength * 604800);
- $dur = $offercomposuntillength . "{$lang['text_week']}" . ($offercomposuntillength > 1 ? "{$lang['text_s']}" : '');
- $msg = sqlesc("{$lang['msg_offer_comment_disabled_for']} - $dur{$lang['text_by']}{$CURUSER['username']}" . ($offercomposuntilpm ? "\n\n{$lang['msg_reason']}$offercomposuntilpm" : ''));
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_offer_comment_disabled_for']} $dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$offercomposuntilpm\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_offer_comment_disabled_for']} $dur
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "offercomposuntil = " . sqlesc($offercomposuntil);
- }
- $added = sqlesc(get_date_time());
- $subject = sqlesc("{$lang['msg_offer_comment_status']}");
- sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
- VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- $updateset[] = "offercompos = 'no'";
- }
- //----- Request Comments Permissions Enabled -----//
- if ((isset($_POST['requestcompos'])) && (($requestcompos = $_POST['requestcompos']) != $user['requestcompos']))
- {
- if ($requestcompos == 'yes')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_request_comment_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_request_comment_enabled']}\n{$lang['msg_be_careful']}");
- $added = sqlesc(get_date_time());
- $subject = sqlesc("{$lang['msg_request_comment_status']}");
- sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
- VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_request_comment_enabled']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- }
- $updateset[] = "requestcompos = " . sqlesc($requestcompos);
- }
- //----- Request Comments Disabled Until Further Notice -----//
- if (isset($_POST['requestcomposuntillength']) && ($requestcomposuntillength = 0 + $_POST['requestcomposuntillength']))
- {
- unset($requestcomposuntilpm);
- if (empty($_POST["requestcomposuntilpm"]))
- {
- error_message_center("error",
- "{$lang['err_user_error']}",
- "{$lang['err_empty_field']}");
- }
- if (isset($_POST['requestcomposuntilpm']))
- {
- $requestcomposuntilpm = $_POST['requestcomposuntilpm'];
- }
- if ($requestcomposuntillength == 255)
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_request_comment_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$requestcomposuntilpm\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_request_comment_disabled']} \n{$lang['msg_contact_staff']}");
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_request_comment_disabled']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "requestcomposuntil = '0000-00-00 00:00:00'";
- }
- else
- {
- $requestcomposuntil = get_date_time(gmtime() + $requestcomposuntillength * 604800);
- $dur = $requestcomposuntillength . "{$lang['text_week']}" . ($requestcomposuntillength > 1 ? "{$lang['text_s']}" : '');
- $msg = sqlesc("{$lang['msg_request_comment_disabled_for']} - $dur{$lang['text_by']}{$CURUSER['username']}" . ($requestcomposuntilpm ? "\n\n{$lang['msg_reason']}$requestcomposuntilpm" : ''));
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_request_comment_disabled_for']} $dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$requestcomposuntilpm\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_request_comment_disabled_for']} $dur
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.\n");
- $updateset[] = "requestcomposuntil = " . sqlesc($requestcomposuntil);
- }
- $added = sqlesc(get_date_time());
- $subject = sqlesc("{$lang['msg_request_comment_status']}");
- sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
- VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- $updateset[] = "requestcompos = 'no'";
- }
- //----- Avatar Changed -----//
- if ((isset($_POST['avatar'])) && (($avatar = $_POST['avatar']) != ($curavatar = $user['avatar'])))
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_avatar_changed']} " . htmlspecialchars($curavatar) . "{$lang['text_to']}" . htmlspecialchars($avatar) . "{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_avatar_changed']} " . htmlspecialchars($curavatar) . "{$lang['text_to']}" . htmlspecialchars($avatar) . "
- {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- $updateset[] = "avatar = " . sqlesc($avatar);
- }
- //----- First Line Support Yes / No -----//
- if ((isset($_POST['support'])) && (($support = $_POST['support']) != $user['support']))
- {
- if ($support == 'yes')
- {
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_promoted_fls']}{$CURUSER['username']}.\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_promoted_fls']}" . htmlspecialchars($CURUSER['username']) . ".");
- $added = sqlesc(get_date_time());
- $subject = sqlesc("{$lang['msg_fls_status']}");
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_promote_fls']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
- VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- }
- if ($support == 'no')
- {
- $updateset[] = "support_lang =''";
- $updateset[] = "supportfor =''";
- $modcomment = gmdate("Y-m-d") . " - {$lang['text_demote_fls']}{$CURUSER['username']}.\n\n" . $modcomment;
- $msg = sqlesc("{$lang['msg_demoted_fls']}" . htmlspecialchars($CURUSER['username']) . ", {$lang['msg_demote_fls']}");
- $added = sqlesc(get_date_time());
- $subject = sqlesc("{$lang['msg_fls_status']}");
- write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>
- -- {$lang['stafflog_demote_fls']} --
- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
- sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
- VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
- }
- $updateset[] = "support = " . sqlesc($support);
- }
- //----- First Line Support For ? -----//
- if (isset($_POST['supportfor']) && ($supportfor = $_POST['supportfor']) != $user['supportfor'])
- {
- $updateset[] = "supportfor = " . sqlesc($supportfor);
- }
- //----- First Line Support Language -----//
- if (isset($_POST['support_lang']) && ($support_lang = $_POST['support_lang']) != $user['support_lang'])
- {
- $updateset[] = "support_lang = " . sqlesc($support_lang);
- }
- //----- Add ModComment (If We Changed Something We Update Otherwise We Dont Include This.) -----//
- if (($CURUSER['class'] >= UC_SYSOP
- && ($user['modcomment'] != $_POST['modcomment']
- || $modcomment != $_POST['modcomment']))
- || ($CURUSER['class'] < UC_SYSOP
- && $modcomment != $user['modcomment']))
- {
- $updateset[] = "modcomment = " . sqlesc($modcomment);
- }
- if (sizeof($updateset) > 0)
- {
- sql_query("UPDATE users
- SET " . implode(", ", $updateset) . "
- WHERE id = " . sqlesc($userid)) or sqlerr(__FILE__, __LINE__);
- status_change($userid);
- }
- $returnto = $_POST['returnto'];
- //header("Location: {$FTSP_V2['$site_url']}/$returnto");
- //header("Location: {$FTSP_V2['$site_url']}/userdetails.php?id=2#fragment-6");
- header("Location: $returnto");
- die();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement