<?php/******************************************* FreeTSP Version: 2.0 M

1. <?php
2.  
3. /**
4. ***************************************
5. ** FreeTSP Version: 2.0 Multilingual **
6. ***************************************
7. ** http://www.freetsp.com
8. ** Licence Info: GPL
9. ** Copyright (C) 2017 FreeTSP v2.0 Multilingual
10. ** A bittorrent tracker source based on TBDev.net/tbsource/bytemonsoon.
11. ** Full Respects & Credits To Mindless & All The Team @ U232
12. ** Project Leaders. Fireknight & Rushed.
13. ** Project Founder: Krypto.
14. **/
15.  
16. require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'functions' . DIRECTORY_SEPARATOR . 'function_main.php');
17. require_once(FUNC_DIR . 'function_user.php');
18. require_once(FUNC_DIR . 'function_staffconfig.php');
19. require_once(FUNC_DIR . 'function_vfunctions.php');
20. require_once(FUNC_DIR . 'function_page_verify.php');
21.  
22. db_connect(false);
23. logged_in();
24.  
25. $lang = array_merge(load_language('modtask'),
26. load_language('global'));
27.  
28. $newpage = new page_verify();
29. $newpage->check('_modtask_');
30. $staff_code = $staff_code;
31.  
32. if ($CURUSER['class'] < UC_MODERATOR
33. || $CURUSER['staff_access'] == "no"
34. || $CURUSER['mod_access'] == "no"
35. || $CURUSER['staff_code'] != "$staff_code")
36. {
37. die();
38. }
39.  
40. //----- Correct Call To Script -----//
41.  
42. if ((isset($_POST['action'])) && ($_POST['action'] == 'edituser'))
43. {
44. //----- Set User ID -----//
45.  
46. if (isset($_POST['userid']))
47. {
48. $userid = $_POST['userid'];
49. }
50.  
51. else
52. {
53. die();
54. }
55.  
56. //----- And Verify -----//
57.  
58. if (!is_valid_id($userid))
59. {
60. error_message_center("error",
61. "{$lang['gbl_error']}",
62. "{$lang['err_bad_id']}");
63. }
64.  
65. //----- Handle CSRF (Modtask Posts Form Other Domains, Especially To Update Class) -----//
66.  
67. require_once(FUNC_DIR . 'function_user_validator.php');
68.  
69. if (!validate($_POST['validator'], "ModTask_$userid"))
70. {
71. //die ("Invalid");
72. error_message_center("error",
73. "{$lang['gbl_error']}",
74. "{$lang['err_inv_id']}");
75. }
76.  
77. //----- Fetch Current User Data -----//
78.  
79. $res = sql_query("SELECT *
80. FROM users
81. WHERE id = " . sqlesc($userid)) or sqlerr(__FILE__, __LINE__);
82.  
83. $user = mysqli_fetch_assoc($res) or sqlerr(__FILE__, __LINE__);
84.  
85. //-----Used In Writing To Staff Log -----//
86.  
87. $username = $user['username'];
88.  
89. //----- Check To Make Sure Your Not Editing Someone Of The Same Or Higher Class -----//
90.  
91. if ($CURUSER['class'] <= $user['class']
92. && ($CURUSER['id'] != $userid
93. && $CURUSER['class'] < UC_ADMINISTRATOR))
94. {
95. error_message_center("warn",
96. "{$lang['gbl_warning']}",
97. "{$lang['err_same_class']}");
98. }
99.  
100. $updateset = array();
101.  
102. $modcomment = (isset($_POST['modcomment']) && $CURUSER['class'] >= UC_SYSOP) ? $_POST['modcomment'] : $user['modcomment'];
103.  
104. //----- User Class -----//
105.  
106. if ((isset($_POST['class'])) && (($class = $_POST['class']) != $user['class']))
107. {
108. $curclass = $user['class'];
109.  
110. if ($class >= UC_MANAGER
111. || ($class >= $CURUSER['class'])
112. || ($user['class'] >= $CURUSER['class']))
113. {
114. error_message_center("error",
115. "{$lang['err_user_error']}",
116. "{$lang['err_try_again']}");
117. }
118.  
119. if (!is_valid_user_class($class) || $CURUSER['class'] <= $_POST['class'])
120. {
121. error_message_center("error",
122. "{$lang['gbl_error']}",
123. "{$lang['err_bad_class']}");
124. }
125.  
126. //----- Promoted / Demoted PM -----//
127.  
128. $what = ($class > $user['class'] ? "{$lang['text_promoted']}" : "{$lang['text_demoted']}");
129.  
130. $msg = sqlesc("{$lang['msg_you_have']}$what{$lang['msg_to']}'" . get_user_class_name($class) . "'{$lang['msg_by']}{$CURUSER['username']}");
131.  
132. $subject = sqlesc("{$lang['msg_class_subject']}");
133.  
134. $added = sqlesc(get_date_time());
135.  
136. sql_query("INSERT INTO messages (sender, receiver, msg, added, subject)
137. VALUES(0, $userid, $msg, $added, $subject)") or sqlerr(__FILE__, __LINE__);
138.  
139. $updateset[] = "class = " . sqlesc($class);
140.  
141. //----- Lower Than Uploader Class -----//
142.  
143. if ($class <= '39')
144. {
145. $updateset[] = "protected = 'no'";
146. $updateset[] = "staff_code = ''";
147. $updateset[] = "staff_access = 'no'";
148. $updateset[] = "mod_access = 'no'";
149. $updateset[] = "admin_access = 'no'";
150. $updateset[] = "sysop_access = 'no'";
151. $updateset[] = "manager_access = 'no'";
152. }
153.  
154. //----- Uploader Class -----//
155.  
156. elseif ($class == '40')
157. {
158. $updateset[] = "protected = 'yes'";
159. $updateset[] = "staff_code = ''";
160. $updateset[] = "staff_access = 'no'";
161. $updateset[] = "mod_access = 'no'";
162. $updateset[] = "admin_access = 'no'";
163. $updateset[] = "sysop_access = 'no'";
164. $updateset[] = "manager_access = 'no'";
165. }
166.  
167. //----- Moderator Class -----//
168.  
169. elseif ($class == '50')
170. {
171. $updateset[] = "protected = 'yes'";
172. $updateset[] = "staff_code = " . sqlesc($staff_code);
173. $updateset[] = "staff_access = 'yes'";
174. $updateset[] = "mod_access = 'yes'";
175. $updateset[] = "admin_access = 'no'";
176. $updateset[] = "sysop_access = 'no'";
177. $updateset[] = "manager_access = 'no'";
178. }
179.  
180. //----- Administrator Class -----//
181.  
182. elseif ($class == '60')
183. {
184. $updateset[] = "protected = 'yes'";
185. $updateset[] = "staff_code = " . sqlesc($staff_code);
186. $updateset[] = "staff_access = 'yes'";
187. $updateset[] = "mod_access = 'yes'";
188. $updateset[] = "admin_access = 'yes'";
189. $updateset[] = "sysop_access = 'no'";
190. $updateset[] = "manager_access = 'no'";
191. }
192.  
193. //----- Sysop Class -----//
194.  
195. elseif ($class == '70')
196. {
197. $updateset[] = "protected = 'yes'";
198. $updateset[] = "staff_code = " . sqlesc($staff_code);
199. $updateset[] = "staff_access = 'yes'";
200. $updateset[] = "mod_access = 'yes'";
201. $updateset[] = "admin_access = 'yes'";
202. $updateset[] = "sysop_access = 'yes'";
203. $updateset[] = "manager_access = 'no'";
204. }
205.  
206. $modcomment = gmdate("Y-m-d") . " - $what{$lang['text_to']}'" . get_user_class_name($class) . "'{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
207.  
208. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
209. -- {$lang['stafflog_was']}$what{$lang['stafflog_from']}" . get_user_class_name($curclass) . "{$lang['stafflog_to']}" . get_user_class_name($class) . "
210. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
211. }
212.  
213. //----- Invite Rights Enabled -----//
214.  
215. if ((isset($_POST['invite_rights'])) && (($invite_rights = $_POST['invite_rights']) != $user['invite_rights']))
216. {
217. if ($invite_rights == 'yes')
218. {
219. $modcomment = gmdate("Y-m-d") . " - {$lang['text_invite_enabled']}" . htmlspecialchars($CURUSER['username']) . ".\n\n" . $modcomment;
220.  
221. $msg = sqlesc("{$lang['msg_can_invite']}" . htmlspecialchars($CURUSER['username']) . ".{$lang['msg_can_invite1']}");
222.  
223. $subject = sqlesc("{$lang['msg_invite_subject']}");
224.  
225. $added = sqlesc(get_date_time());
226.  
227. sql_query("INSERT INTO messages (sender, receiver, msg, added, subject)
228. VALUES (0, $userid, $msg, $added, $subject)") or sqlerr(__FILE__, __LINE__);
229.  
230. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
231. -- {$lang['stafflog_invite_enabled']} --
232. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
233. }
234.  
235. if ($invite_rights == 'no')
236. {
237. $modcomment = gmdate("Y-m-d") . " - {$lang['text_invite_disabled']}" . htmlspecialchars($CURUSER['username']) . ".\n\n" . $modcomment;
238.  
239. $msg = sqlesc("{$lang['msg_invite_removed']}" . htmlspecialchars($CURUSER['username']) . ",{$lang['msg_bad_user']}");
240.  
241. $subject = sqlesc("{$lang['msg_invite_subject']}");
242.  
243. $added = sqlesc(get_date_time());
244.  
245. sql_query("INSERT INTO messages (sender, receiver, msg, added, subject)
246. VALUES (0, $userid, $msg, $added, $subject)") or sqlerr(__FILE__, __LINE__);
247.  
248. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
249. -- {$lang['stafflog_invite_disabled']} --
250. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
251. }
252.  
253. $updateset[] = "invite_rights = " . sqlesc($invite_rights);
254. }
255.  
256. //----- Change Amount Of Invites -----//
257.  
258. if ((isset($_POST['invites'])) && (($invites = $_POST['invites']) != ($curinvites = $user['invites'])))
259. {
260. $modcomment = gmdate("Y-m-d") . " - {$lang['text_invite_change']}'$curinvites'{$lang['text_to']}'$invites'{$lang['text_by']}" . htmlspecialchars($CURUSER['username']) . ".\n\n" . $modcomment;
261.  
262. $updateset[] = "invites = " . sqlesc($invites);
263.  
264. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
265. -- {$lang['stafflog_invite_change']}'$curinvites'{$lang['stafflog_to']}'$invites'
266. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
267. }
268.  
269. //----- Warning Removed - Code Not Called For Setting Warning -----//
270.  
271. if (isset($_POST['warned']) && (($warned = $_POST['warned']) != $user['warned']))
272. {
273. $updateset[] = "warned = " . sqlesc($warned);
274. $updateset[] = "warneduntil = '0000-00-00 00:00:00'";
275.  
276. if ($warned == 'no')
277. {
278. $modcomment = gmdate("Y-m-d")." - {$lang['text_warn_removed']}{$CURUSER['username']}.\n\n" . $modcomment;
279. $msg = sqlesc("{$lang['msg_warn_removed']}{$CURUSER['username']}.");
280. $subject = sqlesc("{$lang['msg_warn_subject']}");
281. $added = sqlesc(get_date_time());
282.  
283. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
284. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
285.  
286. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
287. -- {$lang['stafflog_warn_removed']} --
288. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
289. }
290. }
291.  
292. //----- Warned Until Further Notice -----//
293.  
294. if (isset($_POST['warnlength']) && ($warnlength = 0 + $_POST['warnlength']))
295. {
296. unset($warnpm);
297.  
298. if (empty($_POST["warnpm"]))
299. {
300. error_message_center("error",
301. "{$lang['err_user_error']}",
302. "{$lang['err_empty_field']}");
303. }
304.  
305. if (isset($_POST['warnpm']))
306. {
307. $warnpm = $_POST['warnpm'];
308. }
309.  
310. if ($warnlength == 255)
311. {
312. $modcomment = gmdate("Y-m-d") . " - {$lang['text_warn_infinate']}.\n{$lang['text_reason']}$warnpm\n\n" . $modcomment;
313.  
314. $msg = sqlesc("{$lang['msg_warn_by']}{$CURUSER['username']}" . ($warnpm ? "\n\n{$lang['msg_reason']}$warnpm" : ""));
315.  
316. $updateset[] = "warneduntil = '0000-00-00 00:00:00'";
317.  
318. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
319. -- {$lang['stafflog_warn_reason']}'<strong>$warnpm</strong>'
320. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
321. }
322.  
323. else
324. {
325. $warneduntil = get_date_time(gmtime() + $warnlength * 604800);
326.  
327. $dur = $warnlength . "{$lang['text_week']}" . ($warnlength > 1 ? "{$lang['text_s']}" : "");
328.  
329. $msg = sqlesc("{$lang['msg_you_have_rcvd']} $dur {$lang['msg_rules_warn']}{$CURUSER['username']}" . ($warnpm ? "\n\n{$lang['msg_reason']}$warnpm" : ''));
330.  
331. $modcomment = gmdate("Y-m-d") . " - {$lang['text_warn_for']}$dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$warnpm\n\n" . $modcomment;
332.  
333. $updateset[] = "warneduntil = " . sqlesc($warneduntil);
334.  
335. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
336. -- {$lang['stafflog_warn_for']}$dur {$lang['stafflog_reason']}'<strong>$warnpm</strong>'
337. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
338. }
339.  
340. $added = sqlesc(get_date_time());
341. $subject = sqlesc("{$lang['msg_warn_subject']}");
342.  
343. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
344. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
345.  
346. $updateset[] = "warned = 'yes'";
347. }
348.  
349. //----- Donor Status Removed - Code Not Called For Setting Donor -----//
350.  
351. if (isset($_POST['donor']) && (($donor = $_POST['donor']) != $user['donor']))
352. {
353. $updateset[] = "donor = " . sqlesc($donor);
354. $updateset[] = "donoruntil = '0000-00-00 00:00:00'";
355. if ($donor == 'no')
356. {
357. $modcomment = gmdate("Y-m-d") . " - {$lang['text_donor_removed']}{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
358.  
359. $msg = sqlesc("{$lang['msg_donor_expired']}");
360.  
361. $added = sqlesc(get_date_time());
362.  
363. sql_query("INSERT INTO messages (sender, receiver, msg, added)
364. VALUES (0, $userid, $msg, $added)") or sqlerr(__FILE__, __LINE__);
365.  
366. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
367. -- {$lang['stafflog_donor_removed']} --
368. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
369. }
370.  
371. elseif ($donor == 'yes')
372. {
373. $modcomment = gmdate("Y-m-d") . " - {$lang['text_donor_added']}{$CURUSER['username']}.\n\n" . $modcomment;
374.  
375. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
376. -- {$lang['stafflog_donor_added_by']} --
377. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
378. }
379. }
380.  
381.  
382. // === add donated amount to user and to funds table
383. if ((isset($_POST['donated'])) && (($donated = $_POST['donated']) != $user['donated'])) {
384. $added = sqlesc(get_date_time());
385. sql_query("INSERT INTO funds (cash, user, added) VALUES ($donated, $userid, $added)") or sqlerr(__file__, __line__);
386. $updateset[] = "donated = " . sqlesc($donated);
387. $updateset[] = "total_donated = $user[total_donated] + " . sqlesc($donated);
388. $modcomment = gmdate("Y-m-d") . " - {$lang['text_donation']} ".$donated." {$lang['text_donation1']}\n" . $modcomment;
389.  
390. }
391. // ====end
392.  
393. // === Set Donor - Time based
394. if ((isset($_POST['donorlength'])) && ($donorlength = 0 + $_POST['donorlength'])) {
395. if ($donorlength == 255) {
396. $modcomment = gmdate("Y-m-d") . " - {$lang['text_donor_set_for']}{$CURUSER['username']}.\n\n" . $modcomment;
397. $msg = sqlesc("{$lang['msg_donor_status']}{$CURUSER['username'].);
398. $subject = sqlesc("{$lang['msg_donor_status']}");
399. $updateset[] = "donoruntil = '0000-00-00 00:00:00'";
400. }
401. else {
402. $donoruntil = get_date_time(gmtime() + $donorlength * 604800);
403. $dur = $donorlength . " week" . ($donorlength > 1 ? "s" : "");
404. $msg = sqlesc("Dear " . $user['username'] . "
405. :wave:
406. Thanks for your support to $site_name !
407. Your donation helps us in the costs of running the site!
408. As a donor,
409. you are given some bonus gigs added to your uploaded amount (if you donated for that option), the status of VIP, Immunity from ratio warnings and download bans, access to your own forum and the warm fuzzy feeling you get inside for helping to support this site that we all know and love :smile:
410.  
411. so, thanks again, and enjoy!
412. cheers,
413. $site_name Staff
414.  
415. PS. Your donator status will last for $dur and can be found on your user details page and can only be seen by you :smile: It was set by " .$CURUSER['username']);
416. $subject = sqlesc("Thank You for Your Donation!");
417. if ($user['class'] < UC_VIP)
418. {
419. $modcomment = gmdate("Y-m-d") . " - Donor status set for $dur and promoted to VIP by " . $CURUSER['username'] . ". \n" . $modcomment;
420. }
421. else
422. $modcomment = gmdate("Y-m-d") . " - Donor status set for $dur by " . $CURUSER['username'] . ". \n" . $modcomment;
423. $updateset[] = "donoruntil = " . sqlesc($donoruntil);
424. write_stafflog("<strong><a href='userdetails.php?id=$userid'>$user[username]</a></strong> - Donor status set for $dur by - $CURUSER[username]. \n");
425.  
426. }
427. $added = sqlesc(get_date_time());
428. sql_query("INSERT INTO messages (sender, subject, receiver, msg, added) VALUES (0, $subject, $userid, $msg, $added)") or sqlerr(__file__, __line__);
429. $updateset[] = "donor = 'yes'";
430. $res = sql_query("SELECT class FROM users WHERE id = $userid") or sqlerr(__file__,__line__);
431. $arr = mysqli_fetch_assoc($res) or sqlerr(__FILE__, __LINE__);
432. if ($user['class'] < UC_VIP)
433. $updateset[] = "class = '30'"; //=== set this to the number for vip on your server
434.  
435. }
436.  
437. // === add to Donor length // thanks to CoLdFuSiOn & ShadowLeader
438. if ((isset($_POST['donorlengthadd'])) && ($donorlengthadd = 0 + $_POST['donorlengthadd'])) {
439. $donoruntil = $user["donoruntil"];
440. $dur = $donorlengthadd . " week" . ($donorlengthadd > 1 ? "s" : "");
441. $msg = sqlesc("Dear " . $user['username'] . "
442. :wave:
443. Thanks for your continued support to $site_name !
444. Your donation helps us in the costs of running the site. Everything above the current running costs will go towards next months costs!
445. As a donor you are given some bonus gigs added to your uploaded amount (if you donated for that option), the status of VIP, Immunity from ratio warnings and download bans, access to your own forum and, you have the the status of VIP, and the warm fuzzy feeling you get inside for helping to support this site that we all know and love :smile:
446.  
447. so, thanks again, and enjoy!
448. cheers,
449. $site_name Staff
450.  
451. PS. Your donator status will last for an extra $dur on top of your current donation status, and can be found on your user details page and can only be seen by you :smile: It was set by " .$CURUSER['username']);
452.  
453. $subject = sqlesc("Thank You for Your Donation... Again!");
454. $modcomment = gmdate("Y-m-d") . " - Donator status set for another $dur by " . $CURUSER['username'] .".\n" . $modcomment;
455. write_stafflog("<strong><a href='userdetails.php?id=$userid'>$user[username]</a></strong> - Donor status set for another $dur by - $CURUSER[username]. \n");
456.  
457. $donorlengthadd = $donorlengthadd * 7;
458. sql_query("UPDATE users SET donoruntil = IF(donoruntil='0000-00-00 00:00:00', ADDDATE(NOW(), INTERVAL $donorlengthadd DAY ), ADDDATE( donoruntil, INTERVAL $donorlengthadd DAY)) WHERE id = $userid") or sqlerr(__file__, __line__);
459. $added = sqlesc(get_date_time());
460. sql_query("INSERT INTO messages (sender, subject, receiver, msg, added) VALUES (0, $subject, $userid, $msg, $added)") or sqlerr(__file__, __line__);
461. $updateset[] = "donated = $user[donated] + " . sqlesc($_POST['donated']);
462. $updateset[] = "total_donated = $user[total_donated] + " . sqlesc($_POST['donated']);
463. }
464. // === end add to Donor length
465.  
466.  
467. //----- Change Users Signature -----//
468.  
469. if ((isset($_POST['signature'])) && (($signature = $_POST['signature']) != ($cursignature = $user['signature'])))
470. {
471. $modcomment = gmdate("Y-m-d") . " - {$lang['text_sig_changed']}'$cursignature'{$lang['text_to']}'$signature'{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
472.  
473. $updateset[] = "signature = " . sqlesc($signature);
474.  
475. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
476. -- {$lang['stafflog_sig_changed']}'$cursignature'{$lang['stafflog_to']}'$signature'
477. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
478. }
479.  
480. //----- Moderator Rights Enabled -----//
481.  
482. if (isset($_POST['mod_access']) && (($mod_access = $_POST['mod_access']) != $user['mod_access']))
483. {
484. if ($mod_access == 'yes')
485. {
486. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_modaccess']}" . $CURUSER['username'] . ".\n\n". $modcomment;
487.  
488. write_stafflog("<a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid><strong>$username</strong></a> -- {$lang['stafflog_account_modaccess']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}>{$CURUSER['username']}</a></strong>");
489.  
490. $updateset[] = "mod_access = " . sqlesc($mod_access);
491. }
492.  
493. if ($mod_access == 'no')
494. {
495. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_nomodaccess']}" . $CURUSER['username'] . ".\n\n". $modcomment;
496.  
497. write_stafflog("<a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid><strong>$username</strong></a> -- {$lang['stafflog_account_nomodaccess']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}>
498. {$CURUSER['username']}</a></strong>");
499.  
500. $updateset[] = "mod_access = " . sqlesc($mod_access);
501. }
502. }
503.  
504. //----- Administrator Rights Enabled -----//
505.  
506. if (isset($_POST['admin_access']) && (($admin_access = $_POST['admin_access']) != $user['admin_access']))
507. {
508. if ($admin_access == 'yes')
509. {
510. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_adminaccess']}" . $CURUSER['username'] . ".\n\n". $modcomment;
511.  
512. write_stafflog("<a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid><strong>$username</strong></a> -- {$lang['stafflog_account_adminaccess']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}>{$CURUSER['username']}</a></strong>");
513.  
514. $updateset[] = "admin_access = " . sqlesc($admin_access);
515. }
516.  
517. if ($admin_access == 'no')
518. {
519. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_noadminaccess']}" . $CURUSER['username'] . ".\n\n". $modcomment;
520. write_stafflog("<a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid><strong>$username</strong></a> -- {$lang['stafflog_account_noadminaccess']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}>
521. {$CURUSER['username']}</a></strong>");
522.  
523. $updateset[] = "admin_access = " . sqlesc($admin_access);
524. }
525. }
526.  
527. //----- SysOp Rights Enabled -----//
528.  
529. if (isset($_POST['sysop_access']) && (($sysop_access = $_POST['sysop_access']) != $user['sysop_access']))
530. {
531. if ($sysop_access == 'yes')
532. {
533. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_sysopaccess']}" . $CURUSER['username'] . ".\n\n". $modcomment;
534.  
535. write_stafflog("<a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid><strong>$username</strong></a> -- {$lang['stafflog_account_sysopaccess']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}>{$CURUSER['username']}</a></strong>");
536.  
537. $updateset[] = "sysop_access = " . sqlesc($sysop_access);
538. }
539.  
540. if ($sysop_access == 'no')
541. {
542. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_nosysopaccess']}" . $CURUSER['username'] . ".\n\n". $modcomment;
543. write_stafflog("<a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid><strong>$username</strong></a> -- {$lang['stafflog_account_nosysopaccess']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}>
544. {$CURUSER['username']}</a></strong>");
545.  
546. $updateset[] = "sysop_access = " . sqlesc($sysop_access);
547. }
548. }
549.  
550. //----- Enable / Disable User Account -----//
551.  
552. if ((isset($_POST['enabled'])) && (($enabled = $_POST['enabled']) != $user['enabled']))
553. {
554. if ($enabled == 'yes')
555. {
556. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
557.  
558. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
559. -- {$lang['stafflog_account_enabled']} --
560. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
561. }
562.  
563. else
564. {
565. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_disabled']}{$CURUSER['username']}.\n\n" . $modcomment;
566.  
567. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
568. -- {$lang['stafflog_account_disabled']} --
569. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
570. }
571.  
572. $updateset[] = "enabled = " . sqlesc($enabled);
573. }
574.  
575. //----- Park / Un-Park User Account -----//
576.  
577. if ((isset($_POST['parked'])) && (($parked = $_POST['parked']) != $user['parked']))
578. {
579. if ($parked == 'yes')
580. {
581. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_parked']}{$CURUSER['username']}.\n\n" . $modcomment;
582.  
583. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
584. -- {$lang['stafflog_account_parked']} --
585. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
586. }
587.  
588. else
589. {
590. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_unparked']}{$CURUSER['username']}.\n\n" . $modcomment;
591.  
592. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
593. -- {$lang['stafflog_account_unparked']} --
594. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
595. }
596.  
597. $updateset[] = "parked = " . sqlesc($parked);
598. }
599.  
600. //----- Protect User Account From Low Ratio Download Ban -----//
601.  
602. if (isset($_POST['protected']) && (($protected = $_POST['protected']) != $user['protected']))
603. {
604. if ($protected == 'yes')
605. {
606. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_protected']}" . $CURUSER['username'] . ".\n". $modcomment;
607.  
608. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
609. -- {$lang['stafflog_account_protected']} --
610. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
611.  
612. $updateset[] = "protected = " . sqlesc($protected);
613. }
614.  
615. if ($protected == 'no')
616. {
617. $modcomment = gmdate("Y-m-d") . " - {$lang['text_account_unprotected']}" . $CURUSER['username'] . ".\n". $modcomment;
618.  
619. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
620. -- {$lang['stafflog_account_unprotected']} --
621. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
622.  
623. $updateset[] = "protected = " . sqlesc($protected);
624. }
625. }
626.  
627. //----- Forum Permissions Enabled -----//
628.  
629. if ((isset($_POST['forumpos'])) && (($forumpos = $_POST['forumpos']) != $user['forumpos']))
630. {
631. if ($forumpos == 'yes')
632. {
633. $modcomment = gmdate("Y-m-d") . " - {$lang['text_forum_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
634. $msg = sqlesc("{$lang['msg_forum_enabled']}\n{$lang['msg_be_careful']}");
635. $added = sqlesc(get_date_time());
636. $subject = sqlesc("{$lang['msg_forum_status']}");
637.  
638. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
639. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
640.  
641. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
642. -- {$lang['stafflog_forum_enabled']} --
643. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
644. }
645. $updateset[] = "forumpos = " . sqlesc($forumpos);
646. }
647.  
648. //----- Forum Permissions Disabled Until Further Notice -----//
649.  
650. if (isset($_POST['forumposuntillength']) && ($forumposuntillength = 0 + $_POST['forumposuntillength']))
651. {
652. unset($forumposuntilpm);
653.  
654. if (empty($_POST["forumposuntilpm"]))
655. {
656. error_message_center("error",
657. "{$lang['err_user_error']}",
658. "{$lang['err_empty_field']}");
659. }
660.  
661. if (isset($_POST['forumposuntilpm']))
662. {
663. $forumposuntilpm = $_POST['forumposuntilpm'];
664. }
665.  
666. if ($forumposuntillength == 255)
667. {
668. $modcomment = gmdate("Y-m-d") . " - {$lang['text_forum_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$forumposuntilpm\n\n" . $modcomment;
669.  
670. $msg = sqlesc("{$lang['msg_forum_disabled']} \n{$lang['msg_contact_staff']}");
671.  
672. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
673. -- {$lang['stafflog_forum_disabled']}'<strong>$forumposuntilpm</strong>'
674. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
675.  
676. $updateset[] = "forumposuntil = '0000-00-00 00:00:00'";
677. }
678.  
679. else
680. {
681. $forumposuntil = get_date_time(gmtime() + $forumposuntillength * 604800);
682.  
683. $dur = $forumposuntillength . "{$lang['text_week']}" . ($forumposuntillength > 1 ? "{$lang['text_s']}" : '');
684.  
685. $msg = sqlesc("{$lang['msg_forum_removed_time']}- $dur{$lang['text_by']}{$CURUSER['username']}" . ($forumposuntilpm ? "\n\n{$lang['msg_reason']}$forumposuntilpm" :''));
686.  
687. $modcomment = gmdate("Y-m-d") . " - {$lang['text_forum_disabled_time']}$dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['stafflog_reason']}$forumposuntilpm\n\n" . $modcomment;
688.  
689. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
690. -- {$lang['stafflog_forum_disabled_time']}$dur. {$lang['stafflog_reason']}'<strong>$forumposuntilpm</strong>'
691. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
692.  
693. $updateset[] = "forumposuntil = " . sqlesc($forumposuntil);
694. }
695.  
696. $added = sqlesc(get_date_time());
697. $subject = sqlesc("{$lang['msg_forum_status']}");
698.  
699. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
700. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
701.  
702. $updateset[] = "forumpos = 'no'";
703. }
704.  
705. //----- Change Members Custom Title -----//
706.  
707. if ((isset($_POST['title'])) && (($title = $_POST['title']) != ($curtitle = $user['title'])))
708. {
709. $modcomment = gmdate("Y-m-d") . " - {$lang['text_title']}'$curtitle'{$lang['text_to']}'$title'{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
710.  
711. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
712. -- {$lang['stafflog_title']}'$curtitle'{$lang['stafflog_to']}'$title'
713. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
714.  
715. $updateset[] = "title = " . sqlesc($title);
716. }
717.  
718. //----- Change Members Username -----//
719.  
720. if ((isset($_POST['username'])) && (($username = $_POST['username']) != ($curusername = $user['username'])))
721. {
722. $modcomment = gmdate("Y-m-d") . " - {$lang['text_username']}'$curusername'{$lang['text_to']}'$username'{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
723.  
724. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
725. -- {$lang['stafflog_username']}'$curusername'{$lang['stafflog_to']}'$username'
726. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
727.  
728. $updateset[] = "username = " . sqlesc($username);
729. }
730.  
731. //----- Change Members Email -----//
732.  
733. if ((isset($_POST['email'])) && (($email = $_POST['email']) != ($curemail = $user['email'])))
734. {
735. $modcomment = gmdate("Y-m-d") . " - {$lang['text_email']}'$curemail'{$lang['text_to']}'$email'{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
736.  
737. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
738. -- {$lang['stafflog_email']}'$curemail'{$lang['stafflog_to']}'$email'
739. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
740.  
741. $updateset[] = "email = " . sqlesc($email);
742. }
743.  
744. //----- Change Members Info -----//
745.  
746. if ((isset($_POST['info'])) && (($info = $_POST['info']) != ($curinfo = $user['info'])))
747. {
748. $modcomment = gmdate("Y-m-d") . " - {$lang['text_info']}'$curinfo'{$lang['text_to']}'$info'{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
749.  
750. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
751. -- {$lang['stafflog_info']}'$curinfo'{$lang['stafflog_to']}'$info'
752. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
753.  
754. $updateset[] = "info = " . sqlesc($info);
755. }
756.  
757.  
758. //----- The Following Code Will Place The Old Passkey In The Mod Comment And Create A New Passkey. -----//
759. //----- This Is Good Practice As It Allows Usersearch To Find Old Passkeys By Searching The Mod Comments Of Members. -----//
760.  
761. //----- Reset Members Passkey -----//
762.  
763. if ((isset($_POST['resetpasskey'])) && ($_POST['resetpasskey']))
764. {
765. $newpasskey = md5($user['username'] . get_date_time() . $user['passhash']);
766.  
767. $modcomment = gmdate("Y-m-d") . " - {$lang['text_passkey']}" . sqlesc($user['passkey']) . "{$lang['text_passkey_reset']}" . sqlesc($newpasskey) . "{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
768.  
769. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
770. -- {$lang['stafflog_passkey']}" . sqlesc($user['passkey']) . "{$lang['stafflog_passkey_reset']}" . sqlesc($newpasskey) . "
771. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
772.  
773. $updateset[] = "passkey=" . sqlesc($newpasskey);
774. }
775.  
776. //----- This Code Is For Use With The Safe Mod Comment Modification. -----//
777.  
778. //----- Add Comment to ModComment -----//
779.  
780. if ((isset($_POST['addcomment'])) && ($addcomment = trim($_POST['addcomment'])))
781. {
782. $modcomment = gmdate("Y-m-d") . " - $addcomment -{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
783. }
784.  
785. //----- Upload Permissions Enabled -----//
786.  
787. if ((isset($_POST['uploadpos'])) && (($uploadpos = $_POST['uploadpos']) != $user['uploadpos']))
788. {
789. if ($uploadpos == 'yes')
790. {
791. $modcomment = gmdate("Y-m-d")." - {$lang['text_upload_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
792. $msg = sqlesc("\n{$lang['msg_upload_enabled']}\n{$lang['msg_upload_careful']}");
793. $added = sqlesc(get_date_time());
794. $subject = sqlesc("{$lang['msg_upload_status']}");
795.  
796. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
797. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
798.  
799. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
800. -- {$lang['stafflog_upload_enabled']} --
801. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
802. }
803.  
804. $updateset[] = "uploadpos = " . sqlesc($uploadpos);
805. }
806.  
807. //----- Upload Disabled Until Further Notice -----//
808.  
809. if (isset($_POST['uploadposuntillength']) && ($uploadposuntillength = 0 + $_POST['uploadposuntillength']))
810. {
811. unset($uploadposuntilpm);
812.  
813. if (empty($_POST["uploadposuntilpm"]))
814. {
815. error_message_center("error",
816. "{$lang['err_user_error']}",
817. "{$lang['err_empty_field']}");
818. }
819.  
820. if (isset($_POST['uploadposuntilpm']))
821. {
822. $uploadposuntilpm = $_POST['uploadposuntilpm'];
823. }
824.  
825. if ($uploadposuntillength == 255)
826. {
827. $modcomment = gmdate("Y-m-d") . " - {$lang['text_upload_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$uploadposuntilpm\n\n" . $modcomment;
828.  
829. $msg = sqlesc("{$lang['msg_upload_disabled']}\n{$lang['msg_contact_staff']}");
830.  
831. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
832. -- {$lang['stafflog_upload_disabled']} --
833. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
834.  
835. $updateset[] = "uploadposuntil = '0000-00-00 00:00:00'";
836. }
837.  
838. else
839. {
840. $uploadposuntil = get_date_time(gmtime() + $uploadposuntillength * 604800);
841.  
842. $dur = $uploadposuntillength . "{$lang['text_week']}" . ($uploadposuntillength > 1 ? "{$lang['text_s']}" : '');
843.  
844. $msg = sqlesc("{$lang['msg_upload_dur']} - $dur{$lang['text_by']}{$CURUSER['username']}".($uploadposuntilpm ? "\n\n{$lang['msg_reason']}$uploadposuntilpm" : ''));
845.  
846. $modcomment = gmdate("Y-m-d") . " - {$lang['text_upload_disabled_for']} $dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$uploadposuntilpm\n\n" . $modcomment;
847.  
848. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
849. -- {$lang['stafflog_upload_disabled_for']} $dur
850. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
851.  
852. $updateset[] = "uploadposuntil = " . sqlesc($uploadposuntil);
853. }
854.  
855. $added = sqlesc(get_date_time());
856. $subject = sqlesc("{$lang['msg_upload_status']}");
857.  
858. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
859. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
860.  
861. $updateset[] = "uploadpos = 'no'";
862. }
863.  
864. //----- Download Permissions Enabled -----//
865.  
866. if ((isset($_POST['downloadpos'])) && (($downloadpos = $_POST['downloadpos']) != $user['downloadpos']))
867. {
868. if ($downloadpos == 'yes')
869. {
870. $modcomment = gmdate("Y-m-d") . " - {$lang['text_download_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
871. $msg = sqlesc("{$lang['msg_download_enabled']}\n{$lang['msg_be_careful']}");
872. $added = sqlesc(get_date_time());
873. $subject = sqlesc("{$lang['msg_download_status']}");
874.  
875. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
876. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
877.  
878. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
879. -- {$lang['stafflog_download_enabled']} --
880. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
881. }
882.  
883. $updateset[] = "downloadpos = " . sqlesc($downloadpos);
884. }
885.  
886. //----- Download Disabled Until Further Notice -----//
887.  
888. if (isset($_POST['downloadposuntillength']) && ($downloadposuntillength = 0 + $_POST['downloadposuntillength']))
889. {
890. unset($downloadposuntilpm);
891.  
892. if (empty($_POST["downloadposuntilpm"]))
893. {
894. error_message_center("error",
895. "{$lang['err_user_error']}",
896. "{$lang['err_empty_field']}");
897. }
898.  
899. if (isset($_POST['downloadposuntilpm']))
900. {
901. $downloadposuntilpm = $_POST['downloadposuntilpm'];
902. }
903.  
904. if ($downloadposuntillength == 255)
905. {
906. $modcomment = gmdate("Y-m-d") . " - {$lang['text_download_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$downloadposuntilpm\n\n" . $modcomment;
907.  
908. $msg = sqlesc("{$lang['msg_download_disabled']}\n{$lang['msg_contact_staff']}");
909.  
910. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
911. -- {$lang['stafflog_download_disabled']} --
912. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
913.  
914. $updateset[] = "downloadposuntil = '0000-00-00 00:00:00'";
915. }
916.  
917. else
918. {
919. $downloadposuntil = get_date_time(gmtime() + $downloadposuntillength * 604800);
920.  
921. $dur = $downloadposuntillength . "{$lang['text_week']}" . ($downloadposuntillength > 1 ? "{$lang['text_s']}" : '');
922.  
923. $msg = sqlesc("{$lang['msg_download_dur']} - $dur{$lang['text_by']}{$CURUSER['username']}" . ($downloadposuntilpm ? "\n\n{$lang['msg_reason']}$downloadposuntilpm" : ''));
924.  
925. $modcomment = gmdate("Y-m-d") . " - {$lang['text_download_disabled_for']} $dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$downloadposuntilpm\n\n" . $modcomment;
926.  
927. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
928. -- {$lang['stafflog_download_disabled_for']} $dur
929. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
930.  
931. $updateset[] = "downloadposuntil = " . sqlesc($downloadposuntil);
932. }
933.  
934. $added = sqlesc(get_date_time());
935. $subject = sqlesc("{$lang['msg_download_status']}");
936.  
937. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
938. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
939.  
940. $updateset[] = "downloadpos = 'no'";
941. }
942.  
943. //----- Shoutbox Permissions Enabled -----//
944.  
945. if ((isset($_POST['shoutboxpos'])) && (($shoutboxpos = $_POST['shoutboxpos']) != $user['shoutboxpos']))
946. {
947. if ($shoutboxpos == 'yes')
948. {
949. $modcomment = gmdate("Y-m-d") . " - {$lang['text_shoutbox_enabled']} {$CURUSER['username']}.\n\n" . $modcomment;
950. $msg = sqlesc("{$lang['msg_shoutbox_enabled']}\n{$lang['msg_be_careful']}");
951. $added = sqlesc(get_date_time());
952. $subject = sqlesc("{$lang['msg_shoutbox_status']}");
953.  
954. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
955. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
956.  
957. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
958. -- {$lang['stafflog_shoutbox_enabled']} --
959. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
960. }
961.  
962. $updateset[] = "shoutboxpos = " . sqlesc($shoutboxpos);
963. }
964.  
965. //----- Shoutbox Disabled Until Further Notice -----//
966.  
967. if (isset($_POST['shoutboxposuntillength']) && ($shoutboxposuntillength = 0 + $_POST['shoutboxposuntillength']))
968. {
969. unset($shoutboxposuntilpm);
970. if (empty($_POST["shoutboxposuntilpm"]))
971. {
972. error_message_center("error",
973. "{$lang['err_user_error']}",
974. "{$lang['err_empty_field']}");
975. }
976.  
977. if (isset($_POST['shoutboxposuntilpm']))
978. {
979. $shoutboxposuntilpm = $_POST['shoutboxposuntilpm'];
980. }
981.  
982. if ($shoutboxposuntillength == 255)
983. {
984. $modcomment = gmdate("Y-m-d") . " - {$lang['text_shoutbox_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$shoutboxposuntilpm\n\n" . $modcomment;
985.  
986. $msg = sqlesc("{$lang['msg_shoutbox_disabled']}\n{$lang['msg_contact_staff']}");
987.  
988. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
989. -- {$lang['stafflog_shoutbox_disabled']} --
990. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
991.  
992. $updateset[] = "shoutboxposuntil = '0000-00-00 00:00:00'";
993. }
994.  
995. else
996. {
997. $shoutboxposuntil = get_date_time(gmtime() + $shoutboxposuntillength * 604800);
998.  
999. $dur = $shoutboxposuntillength . "{$lang['text_week']}" . ($shoutboxposuntillength > 1 ? "{$lang['text_s']}" : '');
1000.  
1001. $msg = sqlesc("{$lang['msg_shoutbox_dur']} - $dur{$lang['text_by']}{$CURUSER['username']}" . ($shoutboxposuntilpm ? "\n\n{$lang['msg_reason']}$shoutboxposuntilpm" : ''));
1002.  
1003. $modcomment = gmdate("Y-m-d") . " - {$lang['text_shoutbox_disabled_for']} $dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$shoutboxposuntilpm\n\n" . $modcomment;
1004.  
1005. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
1006. -- {$lang['stafflog_shoutbox_disabled_for']} $dur
1007. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
1008.  
1009. $updateset[] = "shoutboxposuntil = " . sqlesc($shoutboxposuntil);
1010. }
1011.  
1012. $added = sqlesc(get_date_time());
1013. $subject = sqlesc("{$lang['msg_shoutbox_status']}");
1014.  
1015. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
1016. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
1017.  
1018. $updateset[] = "shoutboxpos = 'no'";
1019. }
1020.  
1021. //----- Torrent Comments Permissions Enabled -----//
1022.  
1023. if ((isset($_POST['torrcompos'])) && (($torrcompos = $_POST['torrcompos']) != $user['torrcompos']))
1024. {
1025. if ($torrcompos == 'yes')
1026. {
1027. $modcomment = gmdate("Y-m-d") . " - {$lang['text_comments_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
1028. $msg = sqlesc("{$lang['msg_comments_enabled']}\n{$lang['msg_be_careful']}");
1029. $added = sqlesc(get_date_time());
1030. $subject = sqlesc("{$lang['msg_comments_status']}");
1031.  
1032. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
1033. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
1034.  
1035. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
1036. -- {$lang['stafflog_comments_enabled']} --
1037. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
1038. }
1039. $updateset[] = "torrcompos = " . sqlesc($torrcompos);
1040. }
1041.  
1042. //----- Torrent Comments Disabled Until Further Notice -----//
1043.  
1044. if (isset($_POST['torrcomposuntillength']) && ($torrcomposuntillength = 0 + $_POST['torrcomposuntillength']))
1045. {
1046. unset($torrcomposuntilpm);
1047.  
1048. if (empty($_POST["torrcomposuntilpm"]))
1049. {
1050. error_message_center("error",
1051. "{$lang['err_user_error']}",
1052. "{$lang['err_empty_field']}");
1053. }
1054.  
1055. if (isset($_POST['torrcomposuntilpm']))
1056. {
1057. $torrcomposuntilpm = $_POST['torrcomposuntilpm'];
1058. }
1059.  
1060. if ($torrcomposuntillength == 255)
1061. {
1062. $modcomment = gmdate("Y-m-d") . " - {$lang['text_comments_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$torrcomposuntilpm\n\n" . $modcomment;
1063.  
1064. $msg = sqlesc("{$lang['msg_comments_disabled']}\n{$lang['msg_contact_staff']}");
1065.  
1066. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
1067. -- {$lang['stafflog_comments_disabled']} --
1068. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
1069.  
1070. $updateset[] = "torrcomposuntil = '0000-00-00 00:00:00'";
1071. }
1072.  
1073. else
1074. {
1075. $torrcomposuntil = get_date_time(gmtime() + $torrcomposuntillength * 604800);
1076.  
1077. $dur = $torrcomposuntillength . "{$lang['text_week']}" . ($torrcomposuntillength > 1 ? "{$lang['text_s']}" : '');
1078.  
1079. $msg = sqlesc("{$lang['msg_comments_disabled_for']} - $dur{$lang['text_by']}{$CURUSER['username']}" . ($torrcomposuntilpm ? "\n\n{$lang['msg_reason']}$torrcomposuntilpm" : ''));
1080.  
1081. $modcomment = gmdate("Y-m-d") . " - {$lang['text_comments_disabled_for']} $dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$torrcomposuntilpm\n\n" . $modcomment;
1082.  
1083. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
1084. -- {$lang['stafflog_comments_disabled_for']} $dur
1085. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
1086.  
1087. $updateset[] = "torrcomposuntil = " . sqlesc($torrcomposuntil);
1088. }
1089.  
1090. $added = sqlesc(get_date_time());
1091. $subject = sqlesc("{$lang['msg_comments_status']}");
1092.  
1093. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
1094. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
1095.  
1096. $updateset[] = "torrcompos = 'no'";
1097. }
1098.  
1099. //----- Offer Comments Permissions Enabled -----//
1100.  
1101. if ((isset($_POST['offercompos'])) && (($offercompos = $_POST['offercompos']) != $user['offercompos']))
1102. {
1103. if ($offercompos == 'yes')
1104. {
1105. $modcomment = gmdate("Y-m-d") . " - {$lang['text_offer_comment_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
1106. $msg = sqlesc("{$lang['msg_offer_comment_enabled']}\n{$lang['msg_be_careful']}");
1107. $added = sqlesc(get_date_time());
1108. $subject = sqlesc("{$lang['msg_offer_comment_status']}");
1109.  
1110. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
1111. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
1112.  
1113. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
1114. -- {$lang['stafflog_offer_comment_enabled']} --
1115. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
1116. }
1117. $updateset[] = "offercompos = " . sqlesc($offercompos);
1118. }
1119.  
1120. //----- Offer Comments Disabled Until Further Notice -----//
1121.  
1122. if (isset($_POST['offercomposuntillength']) && ($offercomposuntillength = 0 + $_POST['offercomposuntillength']))
1123. {
1124. unset($offercomposuntilpm);
1125.  
1126. if (empty($_POST["offercomposuntilpm"]))
1127. {
1128. error_message_center("error",
1129. "{$lang['err_user_error']}",
1130. "{$lang['err_empty_field']}");
1131. }
1132.  
1133. if (isset($_POST['offercomposuntilpm']))
1134. {
1135. $offercomposuntilpm = $_POST['offercomposuntilpm'];
1136. }
1137.  
1138. if ($offercomposuntillength == 255)
1139. {
1140. $modcomment = gmdate("Y-m-d") . " - {$lang['text_offer_comment_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$offercomposuntilpm\n\n" . $modcomment;
1141.  
1142. $msg = sqlesc("{$lang['msg_offer_comment_disabled']}\n{$lang['msg_contact_staff']}");
1143.  
1144. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
1145. -- {$lang['stafflog_offer_comment_disabled']} --
1146. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
1147.  
1148. $updateset[] = "offercomposuntil = '0000-00-00 00:00:00'";
1149. }
1150.  
1151. else
1152. {
1153. $offercomposuntil = get_date_time(gmtime() + $offercomposuntillength * 604800);
1154.  
1155. $dur = $offercomposuntillength . "{$lang['text_week']}" . ($offercomposuntillength > 1 ? "{$lang['text_s']}" : '');
1156.  
1157. $msg = sqlesc("{$lang['msg_offer_comment_disabled_for']} - $dur{$lang['text_by']}{$CURUSER['username']}" . ($offercomposuntilpm ? "\n\n{$lang['msg_reason']}$offercomposuntilpm" : ''));
1158.  
1159. $modcomment = gmdate("Y-m-d") . " - {$lang['text_offer_comment_disabled_for']} $dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$offercomposuntilpm\n\n" . $modcomment;
1160.  
1161. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
1162. -- {$lang['stafflog_offer_comment_disabled_for']} $dur
1163. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
1164.  
1165. $updateset[] = "offercomposuntil = " . sqlesc($offercomposuntil);
1166. }
1167.  
1168. $added = sqlesc(get_date_time());
1169. $subject = sqlesc("{$lang['msg_offer_comment_status']}");
1170.  
1171. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
1172. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
1173.  
1174. $updateset[] = "offercompos = 'no'";
1175. }
1176.  
1177. //----- Request Comments Permissions Enabled -----//
1178.  
1179. if ((isset($_POST['requestcompos'])) && (($requestcompos = $_POST['requestcompos']) != $user['requestcompos']))
1180. {
1181. if ($requestcompos == 'yes')
1182. {
1183. $modcomment = gmdate("Y-m-d") . " - {$lang['text_request_comment_enabled']}{$CURUSER['username']}.\n\n" . $modcomment;
1184. $msg = sqlesc("{$lang['msg_request_comment_enabled']}\n{$lang['msg_be_careful']}");
1185. $added = sqlesc(get_date_time());
1186. $subject = sqlesc("{$lang['msg_request_comment_status']}");
1187.  
1188. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
1189. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
1190.  
1191. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
1192. -- {$lang['stafflog_request_comment_enabled']} --
1193. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
1194. }
1195.  
1196. $updateset[] = "requestcompos = " . sqlesc($requestcompos);
1197. }
1198.  
1199. //----- Request Comments Disabled Until Further Notice -----//
1200.  
1201. if (isset($_POST['requestcomposuntillength']) && ($requestcomposuntillength = 0 + $_POST['requestcomposuntillength']))
1202. {
1203. unset($requestcomposuntilpm);
1204.  
1205. if (empty($_POST["requestcomposuntilpm"]))
1206. {
1207. error_message_center("error",
1208. "{$lang['err_user_error']}",
1209. "{$lang['err_empty_field']}");
1210. }
1211.  
1212. if (isset($_POST['requestcomposuntilpm']))
1213. {
1214. $requestcomposuntilpm = $_POST['requestcomposuntilpm'];
1215. }
1216.  
1217. if ($requestcomposuntillength == 255)
1218. {
1219. $modcomment = gmdate("Y-m-d") . " - {$lang['text_request_comment_disabled']} - {$CURUSER['username']}.\n{$lang['text_reason']}$requestcomposuntilpm\n\n" . $modcomment;
1220.  
1221. $msg = sqlesc("{$lang['msg_request_comment_disabled']} \n{$lang['msg_contact_staff']}");
1222.  
1223. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
1224. -- {$lang['stafflog_request_comment_disabled']} --
1225. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
1226.  
1227. $updateset[] = "requestcomposuntil = '0000-00-00 00:00:00'";
1228. }
1229.  
1230. else
1231. {
1232. $requestcomposuntil = get_date_time(gmtime() + $requestcomposuntillength * 604800);
1233.  
1234. $dur = $requestcomposuntillength . "{$lang['text_week']}" . ($requestcomposuntillength > 1 ? "{$lang['text_s']}" : '');
1235.  
1236. $msg = sqlesc("{$lang['msg_request_comment_disabled_for']} - $dur{$lang['text_by']}{$CURUSER['username']}" . ($requestcomposuntilpm ? "\n\n{$lang['msg_reason']}$requestcomposuntilpm" : ''));
1237.  
1238. $modcomment = gmdate("Y-m-d") . " - {$lang['text_request_comment_disabled_for']} $dur{$lang['text_by']}{$CURUSER['username']}.\n{$lang['text_reason']}$requestcomposuntilpm\n\n" . $modcomment;
1239.  
1240. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
1241. -- {$lang['stafflog_request_comment_disabled_for']} $dur
1242. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.\n");
1243.  
1244. $updateset[] = "requestcomposuntil = " . sqlesc($requestcomposuntil);
1245. }
1246.  
1247. $added = sqlesc(get_date_time());
1248. $subject = sqlesc("{$lang['msg_request_comment_status']}");
1249.  
1250. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
1251. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
1252.  
1253. $updateset[] = "requestcompos = 'no'";
1254. }
1255.  
1256. //----- Avatar Changed -----//
1257.  
1258. if ((isset($_POST['avatar'])) && (($avatar = $_POST['avatar']) != ($curavatar = $user['avatar'])))
1259. {
1260. $modcomment = gmdate("Y-m-d") . " - {$lang['text_avatar_changed']} " . htmlspecialchars($curavatar) . "{$lang['text_to']}" . htmlspecialchars($avatar) . "{$lang['text_by']}{$CURUSER['username']}.\n\n" . $modcomment;
1261.  
1262. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
1263. -- {$lang['stafflog_avatar_changed']} " . htmlspecialchars($curavatar) . "{$lang['text_to']}" . htmlspecialchars($avatar) . "
1264. {$lang['stafflog_by']} -- <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
1265.  
1266. $updateset[] = "avatar = " . sqlesc($avatar);
1267. }
1268.  
1269. //----- First Line Support Yes / No -----//
1270.  
1271. if ((isset($_POST['support'])) && (($support = $_POST['support']) != $user['support']))
1272. {
1273. if ($support == 'yes')
1274. {
1275. $modcomment = gmdate("Y-m-d") . " - {$lang['text_promoted_fls']}{$CURUSER['username']}.\n\n" . $modcomment;
1276. $msg = sqlesc("{$lang['msg_promoted_fls']}" . htmlspecialchars($CURUSER['username']) . ".");
1277. $added = sqlesc(get_date_time());
1278. $subject = sqlesc("{$lang['msg_fls_status']}");
1279.  
1280. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
1281. -- {$lang['stafflog_promote_fls']} --
1282. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
1283.  
1284. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
1285. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
1286. }
1287.  
1288. if ($support == 'no')
1289. {
1290. $updateset[] = "support_lang =''";
1291. $updateset[] = "supportfor =''";
1292. $modcomment = gmdate("Y-m-d") . " - {$lang['text_demote_fls']}{$CURUSER['username']}.\n\n" . $modcomment;
1293.  
1294. $msg = sqlesc("{$lang['msg_demoted_fls']}" . htmlspecialchars($CURUSER['username']) . ", {$lang['msg_demote_fls']}");
1295.  
1296. $added = sqlesc(get_date_time());
1297. $subject = sqlesc("{$lang['msg_fls_status']}");
1298.  
1299. write_stafflog("<strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id=$userid'>{$user['username']}</a></strong>&nbsp;
1300. -- {$lang['stafflog_demote_fls']} --
1301. <strong><a href='{$FTSP_V2['$site_url']}/userdetails.php?id={$CURUSER['id']}'>{$CURUSER['username']}</a></strong>.");
1302.  
1303. sql_query("INSERT INTO messages (sender, receiver, subject, msg, added)
1304. VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
1305. }
1306.  
1307. $updateset[] = "support = " . sqlesc($support);
1308. }
1309.  
1310. //----- First Line Support For ? -----//
1311.  
1312. if (isset($_POST['supportfor']) && ($supportfor = $_POST['supportfor']) != $user['supportfor'])
1313. {
1314. $updateset[] = "supportfor = " . sqlesc($supportfor);
1315. }
1316.  
1317. //----- First Line Support Language -----//
1318.  
1319. if (isset($_POST['support_lang']) && ($support_lang = $_POST['support_lang']) != $user['support_lang'])
1320. {
1321. $updateset[] = "support_lang = " . sqlesc($support_lang);
1322. }
1323.  
1324. //----- Add ModComment (If We Changed Something We Update Otherwise We Dont Include This.) -----//
1325.  
1326. if (($CURUSER['class'] >= UC_SYSOP
1327. && ($user['modcomment'] != $_POST['modcomment']
1328. || $modcomment != $_POST['modcomment']))
1329. || ($CURUSER['class'] < UC_SYSOP
1330. && $modcomment != $user['modcomment']))
1331. {
1332. $updateset[] = "modcomment = " . sqlesc($modcomment);
1333. }
1334.  
1335. if (sizeof($updateset) > 0)
1336. {
1337. sql_query("UPDATE users
1338. SET " . implode(", ", $updateset) . "
1339. WHERE id = " . sqlesc($userid)) or sqlerr(__FILE__, __LINE__);
1340.  
1341. status_change($userid);
1342. }
1343.  
1344. $returnto = $_POST['returnto'];
1345.  
1346. //header("Location: {$FTSP_V2['$site_url']}/$returnto");
1347. //header("Location: {$FTSP_V2['$site_url']}/userdetails.php?id=2#fragment-6");
1348. header("Location: $returnto");
1349.  
1350. die();
1351. }
1352.  
1353. ?>