API tools faq
paste
Advertisement
johnburn

Untitled

johnburn
Apr 16th, 2011
280
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 11.78 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. include( "../configs/class.curl.php" );
  3. if ( $_POST['cpu'] == "update" )
  4. {
  5.     echo getRS( array( "sub" => "getapicpu_v1" ) );
  6.     exit( );
  7. }
  8. include( "../configs/ez_sql.php" );
  9. include( "func.inc.php" );
  10. $row = $db->get_row( "SELECT id,user,pass,salt FROM admin WHERE id=1" );
  11. if ( $_COOKIE['ffAdmin'] != md5( md5( $row->user ).$row->salt ) )
  12. {
  13.     echo $msg;
  14.     header( "Location: index.php" );
  15. }
  16. else
  17. {
  18.     $action = mysql_real_escape_string( $_POST['action'] );
  19.     $userid = isset( $_POST['userid'] ) ? encrypt( mysql_real_escape_string( $_POST['userid'] ) ) : "";
  20.     $pass = isset( $_POST['pass'] ) ? ( encrypt( $_POST['pass'] ) ) : "";
  21.     $id = isset( $_POST['id'] ) ? mysql_real_escape_string( $_POST['id'] ) : "";
  22.     switch ( $action )
  23.     {
  24.         case updateUser :
  25.             if ( !$db->query2( "UPDATE `filefetch` SET `userid` = '{$userid}', `pass` = '{$pass}' WHERE `filefetch`.`id`= '{$id}'" ) )
  26.             {
  27.                 echo "<div id=\"failure\">Settings Not saved, because nothing was changed.</div>";
  28.             }
  29.             else
  30.             {
  31.                 echo "<div id=\"success\">Username and Password Sucessfully Updated</div>";
  32.             }
  33.             break;
  34.         case addNew :
  35.             $params = array( "sub" => "getaccountdetails_v1", "type" => "prem" );
  36.             $params['login'] = $_POST['userid'];
  37.             $params['password'] = $_POST['pass'];
  38.             $str = getRS( $params );
  39.             if ( $str['accountid'] != NULL )
  40.             {
  41.                 $expired = $str['billeduntil'] < $str['servertime'] ? 1 : 0;
  42.                 $billeduntil = date( "d M y", $str['billeduntil'] );
  43.                 $usageleft = $str['tskb'] / 1000;
  44.                 switch ( $usageleft )
  45.                 {
  46.                     case 5000 < $usageleft :
  47.                         $bg = "#00CC00";
  48.                         break;
  49.                     case $usageleft < 2000 :
  50.                         $bg = "#FE3F44";
  51.                         break;
  52.                 }
  53.                 $bg = "orange";
  54.                 break;
  55.                 $usageleft = $str['tskb'] != null ? number_format( $usageleft, 0 ) : 0;
  56.                 $sql = "INSERT INTO `filefetch` (`id` ,`type` ,`userid` ,`pass` , `tskb`,`billeduntil`,`autoextend`,`autorefill`,`rapids`,`expired`) VALUES (NULL , 'rapidshare', '{$userid}', '{$pass}', '{$str['tskb']}','{$str['billeduntil']}', '{$str['autoextend']}', '{$str['autorefill']}', '{$str['rapids']}', '{$expired}')";
  57.             }
  58.             if ( $sql != null && $db->query2( $sql ) )
  59.             {
  60.                 $lastInsert = mysql_insert_id( );
  61.                 $count = $db->get_var( "SELECT count(*) FROM `filefetch`" );
  62.                 $rowNo = $expired == 0 ? $count : "<acronym style=\"border-bottom:0\" title=\"This account has expired\"><img src=\"http://i29.tinypic.com/2mfwxi1.png\"/></acronym>";
  63.                 echo "<tr align=center id={$lastInsert}><td>{$rowNo}</td><td>";
  64.                 echo $params[login];
  65.                 echo "</td><td>";
  66.                 echo $params[password];
  67.                 echo "</td><td align=center><div style='background-color:{$bg};' class='tsfkb'>{$usageleft} Mb</div></td><td align=center>";
  68.                 echo date( "d-m-y", $str[billeduntil] );
  69.                 echo "</td><td align=center>";
  70.                 echo $str[rapids];
  71.                 echo "</td><td><img src='img/icons/status-{$str['autoextend']}.png'/></td><td><img src='img/icons/status-{$str['autorefill']}.png'/></td><td><button class=deleteThis value={$lastInsert}>x</button></td><td><a href=# class=editRow>Edit</a></td></tr>";
  72.             }
  73.             else
  74.             {
  75.                 echo "<div id=\"failure\">Please try again later.</div>";
  76.             }
  77.             break;
  78.         case updateAll :
  79.             $results = $db->get_results( "SELECT * FROM `filefetch`" );
  80.             foreach ( $results as $result )
  81.             {
  82.                 $userid = decrypt( $result->userid );
  83.                 $pass = decrypt( $result->pass );
  84.                 $id = $result->id;
  85.                 $params = array( "sub" => "getaccountdetails_v1", "type" => "prem" );
  86.                 $params['login'] = $userid;
  87.                 $params['password'] = $pass;
  88.                 $str = getRS( $params );
  89.                 if ( $str['accountid'] != NULL )
  90.                 {
  91.                     $expired = $str['billeduntil'] < $str['servertime'] ? 1 : 0;
  92.                     if ( $db->query2( "UPDATE `filefetch` SET `tskb` = '{$str['tskb']}', `billeduntil` = '{$str['billeduntil']}', `autoextend` = '{$str['autoextend']}', `autorefill` = '{$str['autorefill']}', `rapids` = '{$str['rapids']}', `expired` = '{$expired}' WHERE `id` ='' LIMIT 1" ) )
  93.                     {
  94.                         $done = 1;
  95.                     }
  96.                 }
  97.             }
  98.             if ( $done == 1 )
  99.             {
  100.                 echo "<div id=\"success\">Accounts Updated Sucessfully.</div>";
  101.             }
  102.             else
  103.             {
  104.                 echo "<div id=\"success\">All accounts Updated, nothing was changed.</div>";
  105.             }
  106.             break;
  107.         case delete :
  108.             if ( $db->query2( "DELETE FROM `filefetch` WHERE `filefetch`.`id` = {$id} LIMIT 1" ) )
  109.             {
  110.                 echo "<div id=\"success\">Account Deleted Sucessfully.</div>";
  111.             }
  112.             else
  113.             {
  114.                 echo "<div id=\"failure\">Account Could Not be deleted, because nothing was changed.</div>";
  115.             }
  116.             break;
  117.         case DeleteExpired :
  118.             if ( $db->query2( "DELETE FROM `filefetch` WHERE `filefetch`.`expired` = 1" ) )
  119.             {
  120.                 echo "<div id=\"success\">Accounts Deleted Sucessfully.</div>";
  121.             }
  122.             else
  123.             {
  124.                 echo "<div id=\"failure\">Accounts Could Not be deleted, because nothing was changed.</div>";
  125.             }
  126.             break;
  127.         case settings :
  128.             foreach ( $_POST as $k => $v )
  129.             {
  130.                 $$k = mysql_real_escape_string( $v );
  131.             }
  132.             $set = $db->get_row( "SELECT * FROM settings WHERE `id`=1" );
  133.             foreach ( $set as $k => $v )
  134.             {
  135.                 $field[] = " `".$k."`= '".$$k."'";
  136.             }
  137.             unset( $field[0] );
  138.             $fields = join( ",", $field );
  139.             if ( $db->query2( "UPDATE `settings` SET {$fields} WHERE (`id`='1') LIMIT 1" ) )
  140.             {
  141.                 echo "<div id=\"success\">Settings Saved Successfully.</div>";
  142.             }
  143.             else
  144.             {
  145.                 echo "<div id=\"failure\">Settings Could Not be saved, because nothing was changed.</div>";
  146.             }
  147.             break;
  148.     }
  149.     if ( FALSE )
  150.     {
  151.         $field = mysql_real_escape_string( $_POST['field'] );
  152.         $val = mysql_real_escape_string( $_POST['val'] );
  153.         if ( 1 < $id && $field == "file_size_limit" || 1 < $id && $field == "maxdl" )
  154.         {
  155.             $default = $db->get_var( "SELECT {$field} FROM `groups` WHERE `gid` = {$id}" );
  156.             if ( $default != $val )
  157.             {
  158.                 $db->query( " ALTER TABLE `users` CHANGE `{$field}` `{$field}` INT(11) NOT NULL DEFAULT '{$val}'" );
  159.                 $db->query( "UPDATE `users` SET `{$field}` = {$val} WHERE `{$field}` = {$default}" );
  160.             }
  161.         }
  162.         if ( $db->query2( "UPDATE `groups` SET `{$field}`='{$val}' WHERE (`gid`='{$id}') LIMIT 1" ) )
  163.         {
  164.             echo "<div id=\"success\">Settings Saved Successfully.".$msg."</div>";
  165.         }
  166.         else
  167.         {
  168.             echo "<div id=\"failure\">Settings Not saved, because nothing was changed.</div>";
  169.         }
  170.         break;
  171.     }
  172.     switch ( $action )
  173.     {
  174.         case email :
  175.             foreach ( $_POST as $k => $v )
  176.             {
  177.                 $$k = $v;
  178.             }
  179.             if ( $db->query2( "UPDATE `email` SET `from` = '{$from}', `name` = '{$name}', `head` = '{$head}', `foot` = '{$foot}', `siteurl` = '{$siteurl}' WHERE `id` =1" ) )
  180.             {
  181.                 echo "<div id=\"success\">Settings Saved Successfully.</div>";
  182.             }
  183.             else
  184.             {
  185.                 echo "<div id=\"failure\">Settings Not saved, because nothing was changed.</div>";
  186.             }
  187.             break;
  188.         case users :
  189.             $result = 0;
  190.             foreach ( $_POST as $k => $v )
  191.             {
  192.                 if ( is_int( $k ) )
  193.                 {
  194.                     $size = $v[2];
  195.                     if ( $db->query2( "UPDATE `users` SET `nodl` = '{$v['0']}', `maxdl` = '{$v['1']}', `file_size_limit` = '{$size}', `activate` = '{$v['3']}' WHERE `id` ={$k} LIMIT 1" ) )
  196.                     {
  197.                         ++$result;
  198.                     }
  199.                 }
  200.             }
  201.             if ( 0 < $result )
  202.             {
  203.                 echo "<div id=\"success\">Changes Saved Successfully.</div>";
  204.             }
  205.             else
  206.             {
  207.                 echo "<div id=\"failure\">Changes Not saved, because nothing was changed.</div>";
  208.             }
  209.             break;
  210.         case deleteUsers :
  211.             foreach ( $_POST['checkbox_id'] as $id )
  212.             {
  213.                 $db->query2( "DELETE FROM `users` WHERE `id` = {$id} LIMIT 1" );
  214.             }
  215.             break;
  216.         case addNewUser :
  217.             if ( $_POST['user'] == null || $_POST['pass'] == null || $_POST['email'] == null )
  218.             {
  219.                 echo "<div id=\"failure\">All fields are compulsory.</div>";
  220.                 exit( );
  221.             }
  222.             $user_email = mysql_real_escape_string( $_POST['user'] );
  223.             $md5user = md5( $_POST['user'] );
  224.             $pass = md5( $_POST['pass'] );
  225.             $salt = rand( 100, 999 );
  226.             $email = $_POST['email'];
  227.             $result = $db->get_row( "SELECT * FROM `users` WHERE `md5user` = '{$md5user}'" );
  228.             $emailcheck = $db->get_row( "SELECT * FROM `users` WHERE `email` = '{$email}'" );
  229.             if ( $emailcheck->email != null )
  230.             {
  231.                 echo "<div id=\"failure\">"."An account  has already been registered with this ({$emailcheck->email}) email id."."</div>";
  232.                 exit( );
  233.             }
  234.             if ( $result->user != null )
  235.             {
  236.                 echo "<div id=\"failure\">"."Username ({$result->user}) has already been taken, Please choose another name."."</div>";
  237.                 exit( );
  238.             }
  239.             else
  240.             {
  241.                 $time = time( );
  242.                 $d = date( "d", $time );
  243.                 $m = date( "m", $time );
  244.                 $y = date( "y", $time );
  245.                 $defaults = $db->get_row( "SELECT * FROM `groups` WHERE `gid` = 2" );
  246.                 $nodl = is_numeric( $_POST['nodl'] ) ? $_POST['nodl'] : 0;
  247.                 $activate = is_numeric( $_POST['activate'] ) ? $_POST['activate'] : 0;
  248.                 $maxdl = is_numeric( $_POST['maxdl'] ) ? $_POST['maxdl'] : $defaults->maxdl;
  249.                 $file_size_limit = is_numeric( $_POST['file_size_limit'] ) ? $_POST['file_size_limit'] : $defaults->file_size_limit;
  250.                 if ( $db->query2( "INSERT INTO `users` (`user`, `pass`, `salt`, `email`, `gid`, `nodl`, `activate`, `md5user`, `d`, `m`, `y`, `time`, `md5ip`, `maxdl`, `file_size_limit`) VALUES ('{$user_email}', '{$pass}', '{$salt}', '{$email}', '2', , {$activate}, '{$md5user}', '{$d}', '{$m}', '{$y}', '{$time}', 'null', {$maxdl}, {$file_size_limit})" ) )
  251.                 {
  252.                     echo "<div id=\"success\">New User added successfully.</div>";
  253.                     echo "<script type=\"text/javascript\">window.location = \"users.php\";</script>";
  254.                 }
  255.             }
  256.             break;
  257.         case logout :
  258.             setcookie( "ffAdmin", "NULL", mktime( ) - 150000 );
  259.     }
  260. }
  261. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!