SHARE
TWEET

Untitled

a guest May 27th, 2018 169 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2.     /*
  3.       ** Monster Top List 1.4
  4.       ** Supplied By: lord
  5.       ** Nullification By: Zygote
  6.       ** */
  7.  
  8. new UserCP;
  9.  
  10. class UserCP
  11. {   var $session;
  12.   var $session_return;
  13.  
  14.   var $user = array();
  15.  
  16.   function usercp()
  17.   { global $mtl;
  18.  
  19.     $mtl->load_lang_file("usercp");
  20.     $mtl->load_skin_file("usercp");
  21.  
  22.     $mtl->session = new Session;
  23.     $mtl->session_return = $mtl->session->start();
  24.  
  25.     //////////////////////////////////////////////////////
  26.     // Do not show error message for certain screens    //
  27.     //////////////////////////////////////////////////////
  28.  
  29.     $dont_show = array('00', '13','14','15','16','17'); // When not to show login screen
  30.  
  31.     if($mtl->session_return['no'] == '0' AND !in_array($mtl->input['CODE'], $dont_show))
  32.     {   $this->show_login(); }
  33.  
  34.     //////////////////////////////////////////////////////
  35.     // Play with our session display and cookies        //
  36.     //////////////////////////////////////////////////////
  37.  
  38.     $temp_session = $mtl->session_return['no'];
  39.     $mtl->session = "";
  40.     if($mtl->get_cookie("session") != $temp_session)    // If the Session Cookie != Session Variable...then show ?s= in the URL path...?!
  41.     {   $mtl->hidden_session = "<input type='hidden' name='s' value='{$temp_session}' />";
  42.       $mtl->session = $temp_session;
  43.       $mtl->sessionhtml = "s={$temp_session}&";
  44.     }
  45.  
  46.     $this->user = $mtl->session_return['user'];
  47.  
  48.     ///////////////////////////////////////////////////////
  49.     // If we have multi-accounts we need to instruct the //
  50.     // user to select a site to edit.                    //
  51.     //////////////////////////////////////////////////////
  52.  
  53.     $mustselect = array('02','05','11','12','18','19','28');
  54.     if($this->user['id'] == 0 AND in_array($mtl->input['CODE'], $mustselect))
  55.     {   $output = $this->load_top(array ('title' => ' - '.$mtl->lang['error_title']));
  56.       $output .= "<b>{$mtl->lang['error']}</b><br /><br />\n{$mtl->lang['mustselect']}";
  57.       $output .= "<br /><br /><center><font size='3'><b><a href='{$mtl->base_url}{$mtl->sessionhtml}act=ucp&CODE=22'>{$mtl->lang['selsite']}</a></b></font></center>";
  58.       $output .= $mtl->skin->usercp->usercp_foot();
  59.       $nav = array (
  60.             'url' => '?s='.$mtl->session.'&act=ucp',
  61.             'name' => $mtl->lang['usercp'],
  62.             'name2' => $mtl->lang['error_title'],
  63.       );
  64.       $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  65.     }
  66.  
  67.     ///////////////////////////////////////////////////////
  68.     // General Config (Strip sessions and create a title //
  69.     //////////////////////////////////////////////////////
  70.  
  71.     if(count($this->user) > 1)
  72.     {   foreach($this->user as $n => $v)
  73.       { $this->user[$n] = stripslashes($v); }
  74.  
  75.       $this->user['top'] = "<b>".str_replace("<#sitename#>", "<a href='{$mtl->config['filename']}?out={$this->user['id']}' target='_blank'>{$this->user['site_name']}</a>", str_replace("<#siteurl#>", $this->user['site_url'], $mtl->lang['currentlyediting']))."</b>";
  76.     }
  77.  
  78.     ///////////////////////////////////////////////////////
  79.     // Disable Account Functions if we're running plugin //
  80.     //////////////////////////////////////////////////////
  81.  
  82.     if($mtl->config['userrow']['default'] != 1)
  83.     {   $disable = array('03','07','08','09','10','13','14','15','16','20','21');
  84.       if(in_array($mtl->input['CODE'], $disable))
  85.       { $mtl->output->error($mtl->lang['invalid_use']); }
  86.     }
  87.  
  88.     ///////////////////////////////////////////////////////
  89.     // Load the correct action                           //
  90.     //////////////////////////////////////////////////////
  91.  
  92.     switch($mtl->input['CODE'])
  93.     {   case '01':
  94.         $this->logout($temp_session);
  95.         break;
  96.       case '02':
  97.         $this->show_site_settings();
  98.         break;
  99.       case '03':
  100.         $this->notepad_pro();
  101.         break;
  102.       case '04':
  103.         $this->overview_pro();
  104.         break;
  105.       case '05':
  106.         $this->show_image();
  107.         break;
  108.       case '06':
  109.         $this->image_pro();
  110.         break;
  111.       case '07':
  112.         $this->change_email();
  113.         break;
  114.       case '08':
  115.         $this->change_email_pro();
  116.         break;
  117.       case '09':
  118.         $this->change_pw();
  119.         break;
  120.       case '10':
  121.         $this->change_pw_pro();
  122.         break;
  123.       case '11':
  124.         $this->show_code();
  125.         break;
  126.       case '12':
  127.         $this->show_rate();
  128.         break;
  129.       case '13':
  130.         $this->forget_pw_show();
  131.         break;
  132.       case '14':
  133.         $this->forget_pw_email();
  134.         break;
  135.       case '15':
  136.         $this->forget_pw_change();
  137.         break;
  138.       case '16':
  139.         $this->forget_pw_change_pro();
  140.         break;
  141.       case '17':
  142.         $this->show_hits();
  143.         break;
  144.       case '18':
  145.         $this->show_posimage();
  146.         break;
  147.       case '19':
  148.         $this->show_ring();
  149.         break;
  150.       case '20':
  151.         $this->show_general();
  152.         break;
  153.       case '21':
  154.         $this->general_pro();
  155.         break;
  156.       case '22':
  157.         $this->select_site();
  158.         break;
  159.       case '23':
  160.         $this->do_select();
  161.         break;
  162.       case '24':
  163.         $this->add_site();
  164.         break;
  165.       case '25':
  166.         $this->do_add_site();
  167.         break;
  168.       case '26':
  169.         $this->del_site();
  170.         break;
  171.       case '27':
  172.         $this->do_del_site();
  173.         break;
  174.       case '28':
  175.         $this->show_overview();
  176.         break;
  177.       case '29':
  178.         $this->show_code_contents();
  179.         break;
  180.       default:
  181.         $this->show_main();
  182.         break;
  183.     }
  184.   }
  185.  
  186.   function show_code_contents()
  187.   { global $mtl, $DB;
  188.  
  189.     $output = $this->load_top(array ('title' => '- '.$mtl->lang['websitecodes']));
  190.     $output .= "<br />";
  191.     $output .= $mtl->lang['codeintro'];
  192.     $output .= "<br /><br />";
  193.  
  194.     if($mtl->config['enable_img'] == 1)
  195.     {   $output .=  "<b><a href='{$mtl->base_url}{$mtl->sessionhtml}act=ucp&site={$this->user['id']}&CODE=18'>{$mtl->lang['image_code']}</a></b> - {$mtl->lang['image_code_desc']}<br />";
  196.     }
  197.     if($mtl->config["enable_votes_record"] == 1)
  198.     { $output .= "<b><a href='{$mtl->base_url}{$mtl->sessionhtml}act=ucp&site={$this->user['id']}&CODE=11'>{$mtl->lang['vote_code']}</a></b> - {$mtl->lang['vote_code_desc']}<br />";
  199.     }
  200.     if($mtl->config["enable_hits_record"] == 1 AND $mtl->config['enable_img'] != 1)
  201.     {   $output .=  "<b><a href='{$mtl->base_url}{$mtl->sessionhtml}act=ucp&site={$this->user['id']}&CODE=17'>{$mtl->lang['hits_code']}</a></b> - {$mtl->lang['hits_code_desc']}<br />";
  202.     }
  203.     if($mtl->config["enable_webring"] == 1)
  204.     {   $output .=  "<b><a href='{$mtl->base_url}{$mtl->sessionhtml}act=ucp&site={$this->user['id']}&CODE=19'>{$mtl->lang['ring_code']}</a></b> - {$mtl->lang['ring_code_desc']}<br />";
  205.     }
  206.     if($mtl->config["enable_rating"] == 1)
  207.     {   $output .=  "<b><a href='{$mtl->base_url}{$mtl->sessionhtml}act=ucp&site={$this->user['id']}&CODE=12'>{$mtl->lang['rate_code']}</a></b> - {$mtl->lang['rate_code_desc']}<br />";
  208.     }
  209.     $output .= $mtl->skin->usercp->usercp_foot();
  210.  
  211.     $nav = array (
  212.             'url' => '?'.$mtl->sessionhtml.'act=ucp',
  213.             'name' => $mtl->lang['usercp'],
  214.             'name2' => $mtl->lang['websitecodes'],
  215.     );
  216.  
  217.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['websitecodes'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  218.  
  219.  
  220.   }
  221.  
  222.   function do_del_site()
  223.   { global $mtl, $DB;
  224.  
  225.     if($mtl->config['enable_multaccts'] != 1)
  226.     {   $mtl->output->error($mtl->lang['invalid_use']); }
  227.  
  228.     if($mtl->config['site_delete'] != 1)
  229.     {   $mtl->output->error($mtl->lang['cannot_delete']);   }
  230.  
  231.     if($mtl->input['check'] != 1)
  232.     {   $output = $this->load_top(array ('title' => '- '.$mtl->lang['delsite']));
  233.  
  234.       $DB->query("SELECT id,site_name FROM mtl_sites WHERE owner='{$this->user['uid']}' AND id='{$mtl->input['selectsite']}' AND a_ban!='1'");
  235.       if($DB->count() != 1)
  236.       { $mtl->output->error($mtl->lang['not_exist']);   }
  237.  
  238.       $r = $DB->fetch_row();
  239.       $output .= str_replace("<##site##>", $r['site_name'], $mtl->lang['areyousure']);
  240.       $output .= "\n<br /><br />\n<b><a href='{$mtl->base_url}{$mtl->sessionhtml}act=ucp&CODE=27&site={$r['id']}&check=1'>{$mtl->lang['yes']}</a>\n :: <a href='javascript:history.back(-1)'>{$mtl->lang['no']}</a></b>\n";
  241.       $output .= $mtl->skin->usercp->usercp_foot();
  242.  
  243.       $nav = array (
  244.           'url' => '?'.$mtl->sessionhtml.'act=ucp',
  245.           'name' => $mtl->lang['usercp'],
  246.           'name2' => $mtl->lang['delsite'],
  247.       );
  248.  
  249.       $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  250.  
  251.  
  252.     }
  253.     else
  254.     {   $DB->query("DELETE FROM mtl_sites WHERE owner='{$this->user['uid']}' AND id='{$mtl->input['site']}'");
  255.       $DB->query("UPDATE mtl_categories SET sites=sites-1 WHERE id='{$this->user['cat']}'");
  256.  
  257.       $mtl->output->screen( array ( 'message' => $mtl->lang['site_del'], 'go' => '?'.$mtl->sessionhtml.'act=ucp' ));
  258.     }
  259.  
  260.   }
  261.  
  262.   function del_site()
  263.   { global $mtl, $DB;
  264.  
  265.     if($mtl->config['enable_multaccts'] != 1)
  266.     {   $mtl->output->error($mtl->lang['invalid_use']); }
  267.  
  268.     if($mtl->config['site_delete'] != 1)
  269.     {   $output = $this->load_top(array ('title' => ' - '.$mtl->lang['error_title']));
  270.       $output .= "<b>{$mtl->lang['error']}</b><br /><br />\n{$mtl->lang['cannot_delete']}";
  271.       $output .= $mtl->skin->usercp->usercp_foot();
  272.       $nav = array (
  273.             'url' => '?'.$mtl->sessionhtml.'act=ucp',
  274.             'name' => $mtl->lang['usercp'],
  275.             'name2' => $mtl->lang['error_title'],
  276.       );
  277.       $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  278.   }
  279.  
  280.     $count = $DB->count($DB->query("SELECT id FROM mtl_sites WHERE owner='{$this->user['uid']}'"));
  281.  
  282.     if($count == 1)
  283.     {   $mtl->output->error($mtl->lang['mustactive']);  }
  284.  
  285.     $output = $this->load_top(array ('title' => '- '.$mtl->lang['delsite']));
  286.  
  287.     $output .= "<b>{$mtl->lang['selectsitetodel']}</b><br /><br />\n";
  288.     $output .= "<form action='{$mtl->config['filename']}' method='post'>\n<input type='hidden' name='act' value='ucp' />\n<input type='hidden' name='CODE' value='27' />\n{$mtl->hidden_session}\n";
  289.  
  290.     $DB->query("SELECT id,site_name,site_url FROM mtl_sites WHERE owner='{$this->user['uid']}' AND a_ban!='1'");
  291.     if($DB->count() == 0)
  292.     {   $mtl->output->error($mtl->lang['nosites']); }
  293.  
  294.     while($r = $DB->fetch_row())
  295.     {   $output .= $mtl->skin->usercp->select_site($r);;
  296.     }
  297.  
  298.     $output .= "<br /><input type='submit' value='{$mtl->lang['delsite']}' class='select' />\n</form>";
  299.  
  300.     $output .= $mtl->skin->usercp->usercp_foot();
  301.  
  302.     $nav = array (
  303.           'url' => '?'.$mtl->sessionhtml.'act=ucp',
  304.           'name' => $mtl->lang['usercp'],
  305.           'name2' => $mtl->lang['delsite'],
  306.     );
  307.  
  308.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  309.  
  310.  
  311.   }
  312.  
  313.   function do_add_site()
  314.   { global $mtl, $DB;
  315.  
  316.     if($mtl->config['enable_multaccts'] != 1)
  317.     {   $mtl->output->error($mtl->lang['invalid_use']); }
  318.  
  319.     if($DB->count($DB->query("SELECT id FROM mtl_sites")) > $mtl->config['reg_max'] AND $mtl->config['reg_max'] != 0)
  320.     {   $mtl->output->error($mtl->lang['regmax']);  }
  321.  
  322.     $count = $DB->count($DB->query("SELECT id FROM mtl_sites WHERE owner='{$this->user['uid']}'"));
  323.  
  324.     if(($this->user['max_sites'] != 0  AND $done = 1 AND $this->user['max_sites'] <= $count) OR ($done != 1 AND $mtl->config['max_sites'] != 0 AND $mtl->config['max_sites'] <= $count))
  325.     {   $mtl->output->error($mtl->lang['maxsites']);    }
  326.  
  327.     if(strlen($mtl->input['site_name']) < 2)
  328.     {   $mtl->output->error($mtl->lang['short_site_name']); }
  329.     else if(!preg_match("/http:\/\//", $mtl->input['site_url']))
  330.     {   $mtl->output->error($mtl->lang['invalid_url']   );  }
  331.     else if($DB->count($DB->query("SELECT id FROM mtl_sites WHERE id!='{$this->user['id']}' AND lower(site_url) LIKE '".strtolower($mtl->input['site_url'])."%'")) == 1)
  332.     {   $mtl->output->error($mtl->lang['url_exists']);  }
  333.     else if($mtl->config['enable_categories'] == 1 AND $DB->count($DB->query("SELECT id FROM mtl_categories WHERE id='{$mtl->input['cat']}'")) != 1)
  334.     {   $mtl->output->error($mtl->lang['invalid_category']);    }
  335.  
  336.     $site_accept_admin = 1;
  337.     $owner_accept = 1;
  338.  
  339.     if($mtl->config['site_admin'] == 1) // The SITE requires Admin Validation
  340.     {   $site_accept_admin = 0; }
  341.  
  342.     $tmp = $DB->query("SELECT * FROM mtl_users WHERE uid='".$this->user['uid']."' AND password='".$this->user['password']."' AND ban!=1");
  343.     $data = $DB->fetch_row($tmp);
  344.     $a_mail = $data['a_mail'];
  345.     $a_admin = $data['a_admin'];
  346.  
  347.     if($a_admin != 1 OR $a_admin != 1)
  348.     {   $owner_accept = 0;  }
  349.  
  350.     if($mtl->config['userrow']['default'] != 1)
  351.     {   $owner_accept = 1;  }
  352.  
  353.  
  354.     $insert = array (
  355.               'owner' => $this->user['uid'],
  356.               'owner_accept' => $owner_accept,
  357.               'date' => time(),
  358.               'a_admin' => $site_accept_admin,
  359.               'site_name' => htmlspecialchars($mtl->input['site_name'], ENT_QUOTES),
  360.               'site_url' => htmlspecialchars($mtl->input['site_url'], ENT_QUOTES),
  361.               'site_desc' => htmlspecialchars($mtl->input['site_desc'], ENT_QUOTES),
  362.               'a_hide' => $mtl->input['hide'],
  363.               'cat' => $mtl->input['cat'],
  364.               'in_webring' => $mtl->input['in_webring'],
  365.     );
  366.     $insert = $DB->insert($insert);
  367.     $DB->query("INSERT INTO mtl_sites ({$insert['columns']}) VALUES ({$insert['values']})");
  368.  
  369.  
  370.     if($owner_accept == 1 AND $site_accept_admin == 1)
  371.     {   $DB->query("UPDATE mtl_categories SET sites=sites+1 WHERE id='{$mtl->input['cat']}'");  }
  372.  
  373.     if($mtl->config['site_email_info'] == 1 AND $site_accept_admin ==1)
  374.     {   $mail = array (
  375.               'to_name' => $this->user['username'],
  376.               'to_mail' => $this->user['email'],
  377.               'subject' => $mtl->lang['site_reg_at'],
  378.               'message' => $mtl->make_message(array("act" => "new_site_email", "username" => $mtl->input['username'], "site_name" => $mtl->input['site_name'], "site_url" => $mtl->input['site_url'])),
  379.       );
  380.       $mtl->mailer($mail);
  381.     }
  382.  
  383.     $mtl->output->screen( array ( 'message' => $mtl->lang['site_added'], 'go' => '?'.$mtl->sessionhtml.'act=ucp' ));
  384.   }
  385.  
  386.   function add_site()
  387.   { global $mtl, $DB;
  388.  
  389.     if($DB->count($DB->query("SELECT id FROM mtl_sites")) > $mtl->config['reg_max'] AND $mtl->config['reg_max'] != 0)
  390.     {   $mtl->output->error($mtl->lang['regmax']);  }
  391.  
  392.     if($mtl->config['enable_multaccts'] != 1)
  393.     {   $mtl->output->error($mtl->lang['invalid_use']); }
  394.  
  395.     $count = $DB->count($DB->query("SELECT id FROM mtl_sites WHERE owner='{$this->user['uid']}'"));
  396.  
  397.     if(($this->user['max_sites'] != 0  AND $done = 1 AND $this->user['max_sites'] <= $count) OR ($done != 1 AND $mtl->config['max_sites'] != 0 AND $mtl->config['max_sites'] <= $count))
  398.     {   $output = $this->load_top(array ('title' => ' - '.$mtl->lang['error_title']));
  399.       $output .= "<b>{$mtl->lang['error']}</b><br /><br />\n{$mtl->lang['maxsites']}";
  400.       $output .= $mtl->skin->usercp->usercp_foot();
  401.       $nav = array (
  402.             'url' => '?'.$mtl->sessionhtml.'act=ucp',
  403.             'name' => $mtl->lang['usercp'],
  404.             'name2' => $mtl->lang['error_title'],
  405.       );
  406.       $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  407.     }
  408.  
  409.     $data['CODE'] = '25';
  410.     $data['top'] = $mtl->lang['addsiteintro'];
  411.     $data['submit'] = $mtl->lang['addsite'];
  412.  
  413.     $output = $this->load_top(array ('title' => '- '.$mtl->lang['addsite']));
  414.  
  415.     $xoutput = $mtl->skin->usercp->site_settings($data);
  416.  
  417.     if($mtl->config['enable_userhide'] == 1)
  418.     {   $xoutput = str_replace("<!-- Allow Hide Start", "", $xoutput);
  419.       $xoutput = str_replace("Allow Hide End-->", "", $xoutput);
  420.     }
  421.  
  422.     if($mtl->config['enable_categories'] == 1)  // Are categories enabled?
  423.     {   $cats = $DB->query("SELECT id,name,parent FROM mtl_categories WHERE status=1 AND catallow='' ORDER BY position asc");
  424.       if($DB->count($cats) > 1) // Do we have categories? Rarely should be no
  425.       { $select_cat = "<select name='cat' class='select'>\n";
  426.         $select_cat .= "<option value='' selected='selected'>{$mtl->lang['select_category']}</option>\n";
  427.         while($r = $DB->fetch_row($cats))
  428.         {   $ourcats[] = $r;
  429.         }
  430.         $select_cat .= $this->generate_cats($ourcats);
  431.         $select_cat .= "</select>\n";
  432.         $xoutput = str_replace("<!-- Allow Category Start", "", $xoutput);
  433.         $xoutput = str_replace("End Allow Cattegory-->", "", $xoutput);
  434.         $xoutput = str_replace("--Cat List--", $select_cat, $xoutput);
  435.       }
  436.     }
  437.  
  438.     if($mtl->config["enable_webring"] == 1)
  439.     {   $xoutput = str_replace("<!-- Allow Webring Start", "", $xoutput);
  440.       $xoutput = str_replace("Allow Webring End-->", "", $xoutput);
  441.     }
  442.  
  443.     $output .= $xoutput;
  444.     $output .= $mtl->skin->usercp->usercp_foot();
  445.  
  446.     $nav = array (
  447.             'url' => '?'.$mtl->sessionhtml.'act=ucp',
  448.             'name' => $mtl->lang['usercp'],
  449.             'name2' => $mtl->lang['addsite'],
  450.     );
  451.  
  452.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  453.   }
  454.  
  455.   function select_site()
  456.   { global $mtl, $DB;
  457.  
  458.     if($mtl->config['enable_multaccts'] != 1)
  459.     {   $mtl->output->error($mtl->lang['invalid_use']); }
  460.  
  461.     $output = $this->load_top(array ('title' => '- '.$mtl->lang['selsite']));
  462.  
  463.     $output .= "<b>{$mtl->lang['selectsitetoedit']}</b><br /><br />\n";
  464.     $output .= "<form action='{$mtl->config['filename']}' method='post'>\n<input type='hidden' name='act' value='ucp' />\n<input type='hidden' name='CODE' value='23' />\n{$mtl->hidden_session}\n";
  465.  
  466.     $DB->query("SELECT id,site_name,site_url FROM mtl_sites WHERE owner='{$this->user['uid']}' AND a_ban!='1'");
  467.     if($DB->count() == 0)
  468.     {   $mtl->output->error($mtl->lang['nosites']); }
  469.  
  470.     while($r = $DB->fetch_row())
  471.     {   $output .= $mtl->skin->usercp->select_site($r);;
  472.     }
  473.  
  474.     $output .= "<br /><input type='submit' value='{$mtl->lang['selsite']}' class='select' />\n</form>";
  475.  
  476.     $output .= $mtl->skin->usercp->usercp_foot();
  477.  
  478.     $nav = array (
  479.           'url' => '?'.$mtl->sessionhtml.'act=ucp',
  480.           'name' => $mtl->lang['usercp'],
  481.           'name2' => $mtl->lang['selsite'],
  482.     );
  483.  
  484.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  485.  
  486.   }
  487.  
  488.   function do_select()
  489.   { global $mtl, $DB;
  490.  
  491.     if($mtl->config['enable_multaccts'] != 1)
  492.     {   $mtl->output->error($mtl->lang['invalid_use']); }
  493.     if(!isset($mtl->input['selectsite']))
  494.     {   $mtl->output->error($mtl->lang['mustchoosesite']);  }
  495.  
  496.     $mtl->output->screen( array ( 'message' => $mtl->lang['settings_updated'], 'go' => '?'.$mtl->sessionhtml.'act=ucp&CODE=28' ));
  497.  
  498.   }
  499.  
  500.   function logout($session) // CODE '01'
  501.   { global $mtl, $DB;
  502.  
  503.     $DB->query("DELETE FROM mtl_sessions WHERE id='{$session}'");
  504.  
  505.     $mtl->set_cookie($mtl->config['userrow']['uidcookie'], '', 1, 1);
  506.     $mtl->set_cookie($mtl->config['userrow']['passcookie'], '', 1, 1);
  507.     $mtl->set_cookie($mtl->config['userrow']['sessioncookie'], '', 1, 1);
  508.  
  509.     $mtl->set_cookie("session", "", 1);
  510.  
  511.     $mtl->output->screen( array ( 'message' => $mtl->lang['logout_msg'], ));
  512.   }
  513.  
  514.   function show_site_settings() // CODE '02'
  515.   { global $mtl, $DB;
  516.  
  517.     $this->user['hide_select'] = $this->user['a_hide'] ? "checked='checked'" : "";
  518.     $this->user['in_webring'] = $this->user['in_webring'] ? "checked='checked'" : "";
  519.     $this->user['CODE'] = '04';
  520.     $this->user['submit'] = $mtl->lang['update'];
  521.  
  522.     $output = $this->load_top(array ('title' => '- '.$mtl->lang['general_options']));
  523.  
  524.     $xoutput = $mtl->skin->usercp->site_settings($this->user);
  525.  
  526.     if($mtl->config['enable_userhide'] == 1)
  527.     {   $xoutput = str_replace("<!-- Allow Hide Start", "", $xoutput);
  528.       $xoutput = str_replace("Allow Hide End-->", "", $xoutput);
  529.     }
  530.  
  531.     if($mtl->config["enable_webring"] == 1)
  532.     {   $xoutput = str_replace("<!-- Allow Webring Start", "", $xoutput);
  533.       $xoutput = str_replace("Allow Webring End-->", "", $xoutput);
  534.     }
  535.  
  536.     if($mtl->config['enable_categories'] == 1)  // Are categories enabled?
  537.     {   $cats = $DB->query("SELECT id,name,parent FROM mtl_categories WHERE status=1 AND catallow='' ORDER BY position asc");
  538.       if($DB->count($cats) > 1) // Do we have categories? Rarely should be no
  539.       { $select_cat = "<select name='cat' class='select'>\n";
  540.         $select_cat .= "<option value=''>{$mtl->lang['select_category']}</option>\n";
  541.         while($r = $DB->fetch_row($cats))
  542.         {   $ourcats[] = $r;
  543.         }
  544.         $select_cat .= $this->generate_cats($ourcats, 0, '', $this->user['cat']);
  545.         $select_cat .= "</select>\n";
  546.         $xoutput = str_replace("<!-- Allow Category Start", "", $xoutput);
  547.         $xoutput = str_replace("End Allow Cattegory-->", "", $xoutput);
  548.         $xoutput = str_replace("--Cat List--", $select_cat, $xoutput);
  549.       }
  550.     }
  551.  
  552.     $output .= $xoutput;
  553.     $output .= $mtl->skin->usercp->usercp_foot();
  554.  
  555.     $nav = array (
  556.             'url' => '?'.$mtl->sessionhtml.'act=ucp',
  557.             'name' => $mtl->lang['usercp'],
  558.             'name2' => $mtl->lang['site_overview'],
  559.     );
  560.  
  561.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  562.  
  563.   }
  564.  
  565.   function overview_pro()   // CODE '04'
  566.   { global $mtl, $DB;
  567.  
  568.     if(strlen($mtl->input['site_name']) < 2)
  569.     {   $mtl->output->error($mtl->lang['short_site_name']); }
  570.     else if(!preg_match("/http:\/\//", $mtl->input['site_url']))
  571.     {   $mtl->output->error($mtl->lang['invalid_url']   );  }
  572.     else if($DB->count($DB->query("SELECT id FROM mtl_sites WHERE id!='{$this->user['id']}' AND lower(site_url) LIKE '".strtolower($mtl->input['site_url'])."%'")) == 1)
  573.     {   $mtl->output->error($mtl->lang['url_exists']);  }
  574.     else if($mtl->config['enable_categories'] == 1 AND $DB->count($DB->query("SELECT id FROM mtl_categories WHERE id='{$mtl->input['cat']}'")) != 1)
  575.     {   $mtl->output->error($mtl->lang['invalid_category']);    }
  576.  
  577.     $update = array (
  578.               'site_name' => htmlspecialchars($mtl->input['site_name'], ENT_QUOTES),
  579.               'site_url' => htmlspecialchars($mtl->input['site_url'], ENT_QUOTES),
  580.               'site_desc' => htmlspecialchars($mtl->input['site_desc'], ENT_QUOTES),
  581.     );
  582.  
  583.     if($mtl->config['enable_userhide'] == 1)
  584.     {   $update['a_hide'] = $mtl->input['hide'];    }
  585.  
  586.     if($mtl->config["enable_webring"] == 1)
  587.     {   $update['in_webring'] = $mtl->input['in_webring'];  }
  588.  
  589.     if($mtl->config["enable_categories"] == 1)
  590.     {   $update['cat'] = $mtl->input['cat'];    }
  591.  
  592.     // Now do the Site IPs:
  593.     $ip = $mtl->siteip_gethostbyname($update['site_url']);
  594.     if (!$mtl->siteip_check_duplicate($ip))
  595.     {
  596.       $mtl->output->error($mtl->lang['duplicate_siteip']);
  597.     exit;
  598.     }
  599.     else
  600.     { $mtl->siteip_insert($ip); }
  601.     // End Site IPs \\
  602.  
  603.     $DB->query("UPDATE mtl_sites SET ".$DB->update($update)." WHERE id='{$this->user['id']}'");
  604.  
  605.     $mtl->output->screen( array ( 'message' => $mtl->lang['settings_updated'], 'go' => '?'.$mtl->sessionhtml.'act=ucp&CODE=02' ));
  606.   }
  607.  
  608.  
  609.   function show_general()   // CODE '20'
  610.   { global $mtl, $DB;
  611.  
  612.     $this->user['visitor_email'] = $this->user['allow_guest_email'] ? "checked='checked'" : "";
  613.     $this->user['admin_email'] = $this->user['allow_admin_mail'] ? "checked='checked'" : "";
  614.  
  615.     $output = $this->load_top(array ('title' => '- '.$mtl->lang['general_options']));
  616.     $output .= $mtl->skin->usercp->general_options($this->user);
  617.  
  618.     $output .= $mtl->skin->usercp->usercp_foot();
  619.  
  620.     $nav = array (
  621.             'url' => '?'.$mtl->sessionhtml.'act=ucp',
  622.             'name' => $mtl->lang['usercp'],
  623.             'name2' => $mtl->lang['general_options'],
  624.     );
  625.  
  626.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  627.  
  628.   }
  629.  
  630.   function general_pro()    // CODE '21'
  631.   { global $mtl, $DB;
  632.  
  633.     $update = array (
  634.               'allow_guest_email' => $mtl->input['visitor_email'],
  635.               'allow_admin_mail ' => $mtl->input['admin_email'],
  636.     );
  637.  
  638.     $DB->query("UPDATE mtl_users SET ".$DB->update($update)." WHERE uid='{$this->user['uid']}'");
  639.  
  640.     $mtl->output->screen( array ( 'message' => $mtl->lang['settings_updated'], 'go' => '?'.$mtl->sessionhtml.'act=ucp&CODE=20' ));
  641.   }
  642.  
  643.   function notepad_pro() // CODE '03'
  644.   { global $mtl, $DB;
  645.  
  646.     $DB->query("UPDATE mtl_users SET notepad='".$mtl->input['notes']."',notepad_size='{$mtl->input['size']}' WHERE uid='{$this->user['uid']}'");
  647.     $this->user['notepad'] = $mtl->input['notes'];
  648.     $this->user['notepad_size'] = $mtl->input['size'];
  649.  
  650.     $this->show_main();
  651.   }
  652.  
  653.  
  654.   function show_image() // CODE '05'
  655.   { global $mtl;
  656.  
  657.     if($mtl->config['rows_banner'] == 0)
  658.     {   $mtl->output->error($mtl->lang['banner_not_enabled']);  }
  659.  
  660.     if(preg_match("/http:\/\//", $this->user['site_banner']))
  661.     {   $data['select_link'] = "checked='checked'";
  662.       $data['link'] = $this->user['site_banner'];
  663.       $data['image'] = "<img src='".$this->user['site_banner']."' alt='".$this->user['name']."'><br /><br />";
  664.     }
  665.     else if($this->user['site_banner'] != '0' AND $this->user['site_banner'] != "")
  666.     {   $data['select_upload'] = "checked='checked'";
  667.       $data['image'] = "<img src='".$mtl->config['banner_http'].$this->user['id'].".".$this->user['site_banner']."' alt='".$this->user['name']."'><br /><br />";
  668.     }
  669.     else
  670.     {   $data['select_none'] = "checked='checked'"; }
  671.  
  672.     $data['top'] = $this->user['top'];
  673.  
  674.     $choose = $mtl->skin->usercp->image_choose($data);
  675.  
  676.     if($mtl->config['banner_upload'] == 1)
  677.     {   $choose = str_replace("<!--Start Upload", "", $choose);
  678.       $choose = str_replace("End Upload-->", "", $choose);
  679.     }
  680.  
  681.     $output = $this->load_top(array ('title' => '- '.$mtl->lang['image_options']));
  682.     $output .= $choose;
  683.     $output .= $mtl->skin->usercp->usercp_foot();
  684.  
  685.     $nav = array (
  686.             'url' => '?'.$mtl->sessionhtml.'act=ucp',
  687.             'name' => $mtl->lang['usercp'],
  688.             'name2' => $mtl->lang['image_options'],
  689.     );
  690.  
  691.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['image_options'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  692.  
  693.   }
  694.  
  695.   function image_pro()  // CODE '06'
  696.   { global $DB, $mtl;
  697.  
  698.     if($mtl->config['rows_banner'] == 0)
  699.     {   $mtl->output->error($mtl->lang['banner_not_enabled']    );  }
  700.  
  701.     if($mtl->input['type'] == 'link')
  702.     {   if($mtl->config['banner_link'] != 1)
  703.       { $mtl->output->error($mtl->lang['banner_link_disable']   );  }
  704.       if(!preg_match("/http:\/\//", $mtl->input['image_url']))
  705.       { $mtl->output->error($mtl->lang['invalid_url']   );  }
  706.  
  707.       if(!$size = @getimagesize($mtl->input['image_url']))
  708.       { $mtl->output->error($mtl->lang['invalidimage']);    }
  709.  
  710.       $ex = explode('.', $mtl->input['image_url']);
  711.       $ex = $ex[count($ex) - 1];
  712.       $vex = explode(',', $mtl->config['banner_ex']);
  713.  
  714.       if(!in_array($ex, $vex))
  715.       { $mtl->output->error($mtl->lang['invalidimage']);    }
  716.  
  717.       list($max_width, $max_height) = explode("x", $mtl->config['banner_max']);
  718.  
  719.       if($mtl->config['banner_exact'] == 0 AND ($size[0] > $max_width OR $size[1] > $max_height))
  720.       { $mtl->lang['too_big_image'] = str_replace("<##width##>", $max_width, $mtl->lang['too_big_image']);
  721.         $mtl->lang['too_big_image'] = str_replace("<##height##>", $max_height, $mtl->lang['too_big_image']);
  722.         $mtl->output->error($mtl->lang['too_big_image']);
  723.       }
  724.  
  725.       if($mtl->config['banner_exact'] == 1 AND ($size[0] != $max_width OR $size[1] != $max_height))
  726.       { $mtl->lang['wrong_size'] = str_replace("<##width##>", $max_width, $mtl->lang['wrong_size']);
  727.         $mtl->lang['wrong_size'] = str_replace("<##height##>", $max_height, $mtl->lang['wrong_size']);
  728.         $mtl->output->error($mtl->lang['wrong_size']);
  729.       }
  730.  
  731.       if($this->user['site_banner'] != '0' AND $this->user['site_banner'] != "" AND !preg_match("/http:\/\//", $this->user['site_banner']))
  732.       { @unlink($mtl->config['banner_path'].$this->user['id'].".".$this->user['site_banner']);  }
  733.  
  734.       $DB->query("UPDATE mtl_sites SET site_banner='".addslashes($mtl->input['image_url'])."' WHERE id='".$this->user['id']."'");
  735.     }
  736.     else if($mtl->input['type'] == 'upload')
  737.     {   if($mtl->config['banner_upload'] != 1)
  738.       { $mtl->output->error($mtl->lang['banner_upload_disable'] );  }
  739.  
  740.       $file = $mtl->file("image_upload");
  741.       $size = round($file['size']/1024, 2);
  742.       $extensions = explode(",", $mtl->config['banner_ex']);
  743.  
  744.       if(!in_array($file['ex'], $extensions))
  745.       { $mtl->output->error($mtl->lang['invalidimage']  );  }
  746.       if($file['size'] > ($mtl->config['banner_size'] * 1000))
  747.       { $mtl->output->error($mtl->lang['image_too_large'].$size."kb");  }
  748.  
  749.       $size = getimagesize($file['file']);
  750.       list($max_width, $max_height) = explode("x", $mtl->config['banner_max']);
  751.  
  752.       if($mtl->config['banner_exact'] == 0 AND ($size[0] > $max_width OR $size[1] > $max_height))
  753.       { $mtl->lang['too_big_image'] = str_replace("<##width##>", $max_width, $mtl->lang['too_big_image']);
  754.         $mtl->lang['too_big_image'] = str_replace("<##height##>", $max_height, $mtl->lang['too_big_image']);
  755.         $mtl->output->error($mtl->lang['too_big_image']);
  756.       }
  757.  
  758.       if($mtl->config['banner_exact'] == 1 AND ($size[0] != $max_width OR $size[1] != $max_height))
  759.       { $mtl->lang['wrong_size'] = str_replace("<##width##>", $max_width, $mtl->lang['wrong_size']);
  760.         $mtl->lang['wrong_size'] = str_replace("<##height##>", $max_height, $mtl->lang['wrong_size']);
  761.         $mtl->output->error($mtl->lang['wrong_size']);
  762.       }
  763.  
  764.       $path = $mtl->config['banner_path'].$this->user['id'].".$file[ex]";
  765.  
  766.       if($this->user['site_banner'] != '0' AND $this->user['site_banner'] != "" AND !preg_match("/http:\/\//", $this->user['site_banner']))
  767.       { @unlink($mtl->config['banner_path'].$this->user['id'].".".$this->user['site_banner']);  }
  768.  
  769.       copy($file['file'], $path) or $mtl->output->error("The file could not be copied");
  770.       //@chmod($path, 7777);
  771.  
  772.       $DB->query("UPDATE mtl_sites SET site_banner='$file[ex]' WHERE id='".$this->user['id']."'");
  773.     }
  774.     else if($mtl->input['type'] == 'none')
  775.     {   if($this->user['site_banner'] != '0' AND $this->user['site_banner'] != "" AND !preg_match("/http:\/\//", $this->user['site_banner']))
  776.       { @unlink($mtl->config['banner_path'].$this->user['id'].".".$this->user['site_banner']);  }
  777.  
  778.       $DB->query("UPDATE mtl_sites SET site_banner='0' WHERE id='".$this->user['id']."'");  }
  779.     else
  780.     {   $mtl->output->error($mtl->lang['invalid_use']); }
  781.  
  782.     $mtl->output->screen( array ( 'message' => $mtl->lang['image_change_succ'], 'go' => '?'.$mtl->sessionhtml.'act=ucp&CODE=05', ));
  783.   }
  784.  
  785.   function change_email()   // CODE '07'
  786.   { global $mtl, $DB;
  787.  
  788.     $output = $this->load_top(array ('title' => '- '.$mtl->lang['change_email']));
  789.     $output .= $mtl->skin->usercp->change_email();
  790.     $output .= $mtl->skin->usercp->usercp_foot();
  791.     $nav = array (
  792.             'url' => '?'.$mtl->sessionhtml.'act=ucp',
  793.             'name' => $mtl->lang['usercp'],
  794.             'name2' => $mtl->lang['change_email'],
  795.     );
  796.  
  797.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['change_email'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  798.  
  799.   }
  800.  
  801.   function change_email_pro()   // CODE '08'
  802.   { global $mtl, $DB;
  803.  
  804.     if($mtl->check_email($mtl->input['email']))
  805.     {   $mtl->output->error($mtl->lang['invalid_email'] );  }
  806.     if($mtl->input['email'] != $mtl->input['email_confirm'])
  807.     {   $mtl->output->error($mtl->lang['match_email']   );  }
  808.     if($mtl->input['email'] == $this->user['email'])
  809.     {   $mtl->output->error($mtl->lang['current_email'] );  }
  810.  
  811.     if($mtl->config['reg_email'] == 1)
  812.     {   $accept_mail = 0;
  813.       $val = substr(md5(microtime()), 15);
  814.       $mail = array (
  815.               'to_name' => $this->user['username'],
  816.               'to_mail' => $mtl->input['email'],
  817.               'subject' => $mtl->lang['change_email_val'],
  818.               'message' => $mtl->make_message(array("username" => $this->user['username'], "act" => "revalidate", "val" => $val)),
  819.       );
  820.  
  821.       $mtl->mailer($mail);
  822.       $DB->query("UPDATE mtl_users SET a_valkey='$val',email='".$mtl->input['email']."',a_mail='0' WHERE uid='".$this->user['uid']."'");
  823.       $mtl->output->screen( array ( 'go' => '?'.$mtl->sessionhtml.'act=ucp', 'message' => $mtl->lang['val_email_send'], ));
  824.     }
  825.     else
  826.     {   $DB->query("UPDATE mtl_users SET email='".$mtl->input['email']."' WHERE uid='".$this->user['id']."'");
  827.       $mtl->output->screen( array ( 'go' => '?'.$mtl->sessionhtml.'act=ucp', 'message' => $mtl->lang['val_done'], ));
  828.     }
  829.   }
  830.  
  831.   function change_pw()  // CODE '09'
  832.   { global $DB, $mtl;
  833.  
  834.     $output = $this->load_top(array ('title' => '- '.$mtl->lang['change_pw']));
  835.     $output .= $mtl->skin->usercp->change_pw();
  836.     $output .= $mtl->skin->usercp->usercp_foot();
  837.  
  838.     $nav = array (
  839.             'url' => '?'.$mtl->sessionhtml.'act=ucp',
  840.             'name' => $mtl->lang['usercp'],
  841.             'name2' => $mtl->lang['change_pw'],
  842.     );
  843.  
  844.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['change_pw'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  845.  
  846.   }
  847.  
  848.   function change_pw_pro()  // CODE '10'
  849.   { global $DB, $mtl;
  850.  
  851.     if(md5($mtl->input['current_pw']) != $this->user['password'])
  852.     {   $mtl->output->error($mtl->lang['incorrect_pw']  );  }
  853.     if(strlen($mtl->input['password']) < $mtl->config['min_letters'])
  854.     {   $mtl->output->error($mtl->lang['pw_short']  );  }
  855.     if($mtl->input['confirm_pw'] != $mtl->input['password'])
  856.     {   $mtl->output->error($mtl->lang['pass_match']    );  }
  857.  
  858.     $DB->query("UPDATE mtl_users SET password='".md5($mtl->input['password'])."' WHERE uid='".$this->user['uid']."'");
  859.  
  860.     $mtl->output->screen( array ( 'message' => $mtl->lang['password_change_succ'], ));
  861.   }
  862.  
  863.   function show_code()  // CODE '11'
  864.   { global $mtl;
  865.  
  866.     $output = $this->load_top(array ('title' => '- '.$mtl->lang['vote_code']));
  867.  
  868.     $code['code'] = str_replace("%url%", $mtl->config['url'] . $mtl->config['filename'] . "?vote=" . $this->user['id'], $mtl->config['vote_code']);
  869.     $code['code_orig'] = $code['code']; // Create a Preview Code
  870.     $code['code'] = str_replace('<', '<', $code['code']);
  871.     $code['code'] = str_replace('>/', '>', $code['code']);
  872.     $code['intro'] = str_replace('<##link##>', "{$mtl->base_url}&act=faq&store=1", $mtl->lang['code_intro']);
  873.     $code['top'] = $this->user['top'];
  874.  
  875.     $output .= $mtl->skin->usercp->vote_code($code);
  876.     $output .= $mtl->skin->usercp->usercp_foot();
  877.  
  878.     $nav = array (
  879.             'url' => '?'.$mtl->sessionhtml.'act=ucp',
  880.             'name' => $mtl->lang['usercp'],
  881.             'name2' => $mtl->lang['vote_code'],
  882.     );
  883.  
  884.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  885.  
  886.   }
  887.  
  888.   function show_rate()  // CODE '12'
  889.   { global $mtl;
  890.  
  891.     $output = $this->load_top(array ('title' => '- '.$mtl->lang['rate_code']));
  892.  
  893.     $code['code'] = str_replace("%url%", $mtl->config['url'] . $mtl->config['filename'], $mtl->config['rate_code']);
  894.     $code['code'] = str_replace("%id%", $this->user['id'], $code['code']);
  895.     $code['code_orig'] = $code['code'];
  896.     $code['code'] = str_replace('<', '<', $code['code']);
  897.     $code['code'] = str_replace('>', '>', $code['code']);
  898.     $code['code_spaced'] = nl2br($code['code']);
  899.     $code['intro'] = str_replace('<##link##>', "{$mtl->base_url}&act=faq&store=1", $mtl->lang['rate_intro']);
  900.     $code['top'] = $this->user['top'];
  901.  
  902.     $output .= $mtl->skin->usercp->rate_code($code);
  903.  
  904.     $output .= $mtl->skin->usercp->usercp_foot();
  905.     $nav = array (
  906.             'url' => '?'.$mtl->sessionhtml.'act=ucp',
  907.             'name' => $mtl->lang['usercp'],
  908.             'name2' => $mtl->lang['rate_code'],
  909.     );
  910.  
  911.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  912.  
  913.   }
  914.  
  915.  
  916.   function forget_pw_show() // CODE '13'
  917.   { global $mtl;
  918.  
  919.     $output = $mtl->skin->usercp->forget_pw_form();
  920.     $nav = array (
  921.             'url' => '?act=ucp',
  922.             'name' => $mtl->lang['usercp'],
  923.             'name2' => $mtl->lang['forget_pw'],
  924.     );
  925.  
  926.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['forget_pw'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  927.   }
  928.  
  929.   function forget_pw_email()    // CODE '14'
  930.   { global $DB, $mtl;
  931.  
  932.     if($mtl->check_email($mtl->input['email']))
  933.     {   $mtl->output->error($mtl->lang['invalid_email'] );  }
  934.  
  935.     $query = $DB->query("SELECT uid,username,email FROM mtl_users WHERE email='".$mtl->input['email']."'");
  936.  
  937.     if($DB->count() < 1)
  938.     {   $mtl->output->error($mtl->lang['email_account_missing'] );  }
  939.  
  940.     while($r = $DB->fetch_row($query))
  941.     {
  942.       $sess = substr(md5(microtime()), 25);
  943.       $mail = array (
  944.               'to_name' => $r['username'],
  945.               'to_mail' => $r['email'],
  946.               'subject' => $mtl->lang['forgetpw'],
  947.               'message' => $mtl->make_message(array("act" => "forget_pw", "val" => $sess, "username" => $r['username'])),
  948.  
  949.       );
  950.  
  951.       $mtl->mailer($mail);
  952.       $DB->query("UPDATE mtl_users SET a_valkey_pw='$sess' WHERE uid='".$r['uid']."'");
  953.     }
  954.  
  955.     $mtl->output->screen( array ( 'message' => $mtl->lang['email_sent']));
  956.   }
  957.  
  958.   function forget_pw_change()   // CODE '15'
  959.   { global $DB, $mtl;
  960.  
  961.     if(!isset($mtl->input['val']))
  962.     {   $mtl->output->error($mtl->lang['valid_key'] );  }
  963.  
  964.     $DB->query("SELECT uid,username,a_valkey_pw FROM mtl_users WHERE a_valkey_pw='".$mtl->input['val']."'");
  965.  
  966.     if($DB->count() != 1)
  967.     {   $mtl->output->error($mtl->lang['valid_key'] );  }
  968.  
  969.     $output = $mtl->skin->usercp->forget_pw_change($DB->fetch_row($query));
  970.     $nav = array (
  971.             'url' => '?act=ucp',
  972.             'name' => $mtl->lang['usercp'],
  973.             'name2' => $mtl->lang['forget_pw_change'],
  974.     );
  975.  
  976.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['forget_pw_change'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  977.  
  978.   }
  979.  
  980.   function forget_pw_change_pro()   // CODE '16'
  981.   { global $DB, $mtl;
  982.  
  983.     if(strlen($mtl->input['password']) < $mtl->config['min_letters'])
  984.     {   $mtl->output->error($mtl->lang['pw_short']  );  }
  985.     else if($mtl->input['confirm_pw'] != $mtl->input['password'])
  986.     {   $mtl->output->error($mtl->lang['pass_match']    );  }
  987.  
  988.     if(!isset($mtl->input['val']) OR $mtl->input['val'] == "")
  989.     {   $mtl->output->error($mtl->lang['valid_key'] );  }
  990.  
  991.     $DB->query("SELECT uid,username FROM mtl_users WHERE a_valkey_pw='".$mtl->input['val']."'");
  992.  
  993.     if($DB->count() < 1)
  994.     {   $mtl->output->error($mtl->lang['valid_key'] );  }
  995.  
  996.     $r = $DB->fetch_row();
  997.  
  998.     $DB->query("UPDATE mtl_users SET password='".md5($mtl->input['password'])."',a_valkey_pw='' WHERE uid='".$r['uid']."'");
  999.  
  1000.     $mtl->output->screen( array ( 'go' => '?act=ucp', 'message' => $mtl->lang['password_change_succ'], ));
  1001.   }
  1002.  
  1003.   function show_hits()  // CODE '17'
  1004.   { global $mtl;
  1005.  
  1006.     $output = $this->load_top(array ('title' => '- '.$mtl->lang['hits_code']));
  1007.  
  1008.     $code['code'] = "<img src='{$mtl->config['url']}{$mtl->config['filename']}?hit={$this->user['id']}' width='0' height='0'>";
  1009.     $code['code_spaced'] = str_replace('<', '<', $code['code']);
  1010.     $code['code_spaced'] = str_replace('>', '>', $code['code_spaced']);
  1011.     $code['intro'] = str_replace('<##link##>', "{$mtl->base_url}&act=faq&store=1", $mtl->lang['hits_intro']);
  1012.     $code['top'] = $this->user['top'];
  1013.  
  1014.     $output .= $mtl->skin->usercp->hits_code($code);
  1015.  
  1016.     $output .= $mtl->skin->usercp->usercp_foot();
  1017.     $nav = array (
  1018.             'url' => '?'.$mtl->sessionhtml.'act=ucp',
  1019.             'name' => $mtl->lang['usercp'],
  1020.             'name2' => $mtl->lang['hits_code'],
  1021.     );
  1022.  
  1023.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  1024.  
  1025.   }
  1026.  
  1027.   function show_posimage()  // CODE '18'
  1028.   { global $mtl, $root_path, $DB;
  1029.  
  1030.     $output = $this->load_top(array ('title' => '- '.$mtl->lang['image_code']));
  1031.  
  1032.     $simp_image_sets = '';
  1033.     $dh = opendir($root_path."html/nums/");
  1034.     while($file = readdir($dh))
  1035.     {
  1036.       $simp_image_data = array('img_set' => htmlentities($file));
  1037.       $code = str_replace("%url%",  "{$mtl->config['url']}{$mtl->config['filename']}?vote={$this->user['id']}", $mtl->config['image_code']);
  1038.       $code = str_replace("%imgurl%",  "{$mtl->config['url']}{$mtl->config['filename']}?img={$this->user['id']}&img_set=" . rawurlencode($file), $code);
  1039.       $simp_image_data['code'] = htmlentities($code);
  1040.  
  1041.       if($file{0} === '.' || !is_dir($setDir = ($root_path . "html/nums/" . $file)))
  1042.       {
  1043.         continue;
  1044.       }
  1045.  
  1046.       $dh2 = opendir($setDir);
  1047.       $images = array();
  1048.       while($file2 = readdir($dh2))
  1049.       {
  1050.         if($file2{0} !== '.'
  1051.            && is_file($setDir . '/' . $file2)
  1052.            && preg_match('/([0-9]+)([-+]([0-9]+)?)?\.(.*)$/', $file2, $m))
  1053.         {
  1054.           $images[(int)$m[1]] = $file2;
  1055.         }
  1056.       }
  1057.       closedir($dh2);
  1058.  
  1059.       if($images)
  1060.       {
  1061.         ksort($images);
  1062.         $simp_image_data['sample_images'] = '';
  1063.         foreach($images as $img)
  1064.         {
  1065.           $simp_image_data['sample_images'] .= "<img src='html/nums/{$file}/{$img}' />";
  1066.         }
  1067.  
  1068.         $simp_image_sets .= $mtl->skin->usercp->image_set($simp_image_data);
  1069.       }
  1070.     }
  1071.     closedir($dh);
  1072.  
  1073.     if($simp_image_sets)
  1074.     {
  1075.       $simp_image_sets = $mtl->skin->usercp->image_sets
  1076.         (array
  1077.          ('intro' => $mtl->lang['simp_image_intro'],
  1078.           'sets' => $simp_image_sets,
  1079.           )
  1080.         );
  1081.     }
  1082.  
  1083.     $dyn_image_sets = '';
  1084.     $DB->query("SELECT img_id, img_name from mtl_images ORDER BY img_name");
  1085.     while($r = $DB->fetch_row())
  1086.     {
  1087.       $dyn_image_data = array('img_set' => htmlentities($r['img_name']));
  1088.       $code = str_replace("%url%",  "{$mtl->config['url']}{$mtl->config['filename']}?vote={$this->user['id']}", $mtl->config['image_code']);
  1089.       $code = str_replace("%imgurl%",  "{$mtl->config['url']}{$mtl->config['filename']}?img={$this->user['id']}&img_id=" . rawurlencode($r['img_id']), $code);
  1090.       $dyn_image_data['code'] = htmlentities($code);
  1091.       $dyn_image_data['sample_images'] =
  1092.            "<img src=\"index.php?img={$this->user['id']}&img_id=" . rawurlencode($r['img_id']) . "\" />";
  1093.       $dyn_image_sets .= $mtl->skin->usercp->image_set($dyn_image_data);
  1094.     }
  1095.  
  1096.     if($dyn_image_sets)
  1097.     {
  1098.       $dyn_image_sets = $mtl->skin->usercp->image_sets
  1099.         (array
  1100.          ('intro' => $mtl->lang['simp_image_intro'],
  1101.           'sets' => $dyn_image_sets,
  1102.           )
  1103.         );
  1104.     }
  1105.  
  1106.     $data = array();
  1107.  
  1108.     $data['intro'] = str_replace('<##link##>', "{$mtl->base_url}&act=faq&store=2", $mtl->lang['image_intro']);
  1109.  
  1110.  
  1111.     if(! ($simp_image_sets || $dyn_image_sets))
  1112.     {
  1113.       // No custom image sets available, use the defaults
  1114.  
  1115.       $simp_image_data = array('img_set' => 'MTL');
  1116.       $code = str_replace("%url%",  "{$mtl->config['url']}{$mtl->config['filename']}?vote={$this->user['id']}", $mtl->config['image_code']);
  1117.       $code = str_replace("%imgurl%",  "{$mtl->config['url']}{$mtl->config['filename']}?img={$this->user['id']}", $code);
  1118.       $simp_image_data['code'] = htmlentities($code);
  1119.  
  1120.       $dh2 = opendir($setDir = ($root_path."html/nums/"));
  1121.       $images = array();
  1122.       while($file2 = readdir($dh2))
  1123.       {
  1124.         if($file2{0} !== '.'
  1125.            && is_file($setDir . '/' . $file2)
  1126.            && preg_match('/(?:no)?([0-9]+)([-+]([0-9]+)?)?\.(.*)$/', $file2, $m))
  1127.         {
  1128.           $images[(int)$m[1]] = $file2;
  1129.         }
  1130.       }
  1131.       closedir($dh2);
  1132.       if($images)
  1133.       {
  1134.         ksort($images);
  1135.         $simp_image_data['sample_images'] = '';
  1136.         foreach($images as $img)
  1137.         {
  1138.           $simp_image_data['sample_images'] .= "<img src='html/nums/{$file}/{$img}' />";
  1139.         }
  1140.  
  1141.         $simp_image_sets .= $mtl->skin->usercp->image_set($simp_image_data);
  1142.       }
  1143.  
  1144.       if($simp_image_sets)
  1145.       {
  1146.         $simp_image_sets = $mtl->skin->usercp->image_sets
  1147.           (array
  1148.            ('intro' => $mtl->lang['simp_image_intro'],
  1149.             'sets' => $simp_image_sets,
  1150.             )
  1151.           );
  1152.       }
  1153.  
  1154.     }
  1155.  
  1156.     $data['simp_image_sets'] = $simp_image_sets;
  1157.     $data['dyn_image_sets']  = $dyn_image_sets;
  1158.  
  1159.     $output .= $mtl->skin->usercp->image_code($data);
  1160.     $output .= $mtl->skin->usercp->usercp_foot();
  1161.  
  1162.     $nav = array (
  1163.             'url' => '?'.$mtl->sessionhtml.'act=ucp',
  1164.             'name' => $mtl->lang['usercp'],
  1165.             'name2' => $mtl->lang['image_code'],
  1166.     );
  1167.  
  1168.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  1169.  
  1170.   }
  1171.  
  1172.   function show_ring()  // CODE '19'
  1173.   { global $mtl;
  1174.  
  1175.     $output = $this->load_top(array ('title' => '- '.$mtl->lang['ring_code']));
  1176.  
  1177.     $code['code'] = str_replace("%url%", $mtl->config['url'] . $mtl->config['filename'], $mtl->config['ring_code']);
  1178.     $code['code'] = str_replace("%id%", $this->user['id'], $code['code']);
  1179.     $code['code'] = str_replace("%mtlname%", $mtl->config['name'], $code['code']);
  1180.     $code['code_orig'] = $code['code'];
  1181.     $code['code'] = str_replace('<', '<', $code['code']);
  1182.     $code['code'] = str_replace('>', '>', $code['code']);
  1183.     $code['code_spaced'] = nl2br($code['code']);
  1184.     $code['intro'] = str_replace('<##link##>', "{$mtl->base_url}&act=faq&store=2", $mtl->lang['ring_intro']);
  1185.     $code['top'] = $this->user['top'];
  1186.  
  1187.     $output .= $mtl->skin->usercp->ring_code($code);
  1188.  
  1189.     $output .= $mtl->skin->usercp->usercp_foot();
  1190.     $nav = array (
  1191.             'url' => '?'.$mtl->sessionhtml.'act=ucp',
  1192.             'name' => $mtl->lang['usercp'],
  1193.             'name2' => $mtl->lang['ring_code'],
  1194.     );
  1195.  
  1196.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  1197.  
  1198.   }
  1199.  
  1200.   function show_overview()
  1201.   { global $mtl, $DB;
  1202.  
  1203.     $this->user['weeks'] = str_replace("<##weeks##>", round((time()-$this->user['date'])/(3600*24)/7, 1), $mtl->lang['weeks_on_list']);
  1204.     $this->user['rating'] = "<img src='html/{$mtl->skin_choice['dir']}/images/star_".$mtl->work_rating($this->user['rating'], $this->user['rating_total']).".gif' alt='".str_replace("<##times##>", $this->user['rating_total'], $mtl->lang['rated_times'])."' border='0'>";
  1205.     $this->user['past_rating'] = "<img src='html/{$mtl->skin_choice['dir']}/images/star_{$this->user['rating_past']}.gif' alt='{$mtl->lang['rating']}' border='0'>";
  1206.     $this->user['date'] = $mtl->date($this->user['date'], 'long');
  1207.     $this->user[$size.'_select'] = "selected='selected'";
  1208.  
  1209.     $this->user['a_admin'] = ($this->user['a_admin'] == 1) ? $mtl->lang['yes'] : $mtl->lang['no'];
  1210.  
  1211.     $output = $this->load_top();
  1212.     $output .= $mtl->skin->usercp->show_site_overview($this->user);
  1213.     $output .= $mtl->skin->usercp->usercp_foot();
  1214.  
  1215.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $mtl->lang['usercp'], 'DATA' => $output));
  1216.  
  1217.   }
  1218.  
  1219.   function show_main()  // DEFAULT
  1220.   { global $mtl, $DB;
  1221.  
  1222.     if($this->user['notepad_size'] == 18)
  1223.     {   $size = "large";    }
  1224.     else if($this->user['notepad_size'] == 12)
  1225.     {   $size = "medium";   }
  1226.     else
  1227.     {   $size = "small";    }
  1228.  
  1229.     $this->user['date'] = $mtl->date($this->user['udate'], 'long');
  1230.     $this->user[$size.'_select'] = "selected='selected'";
  1231.  
  1232.     $tmp = $DB->query("SELECT * FROM mtl_users WHERE uid='".$this->user['uid']."' AND password='".$this->user['password']."' AND ban!=1");
  1233.     $data = $DB->fetch_row($tmp);
  1234.     $a_mail = $data['a_mail'];
  1235.     $a_admin = $data['a_admin'];
  1236.  
  1237.     $this->user['a_mail'] = ($a_mail == 1) ? $mtl->lang['yes'] : $mtl->lang['no'];
  1238.     $this->user['ua_admin'] = ($a_admin == 1) ? $mtl->lang['yes'] : $mtl->lang['no'];
  1239.  
  1240.     if($this->user['notepad'] == "")
  1241.     {   $this->user['notepad'] = $mtl->lang['notepad_intro'];   }
  1242.  
  1243.     $this->user['count'] = $DB->count($DB->query("SELECT id FROM mtl_sites WHERE owner='{$this->user['uid']}'"));
  1244.  
  1245.     if($mtl->config['enable_multaccts'] == 1)
  1246.     {   $this->user['select'] = "<br /><br /><b>".str_replace("<##selecturl##>", "<a href='{$mtl->base_url}{$mtl->sessionhtml}act=ucp&CODE=22'>", $mtl->lang['welcomeselect'])."</b>";  }
  1247.  
  1248.     if($this->user['max_sites'] == 0)
  1249.     {   $this->user['max_sites'] = $mtl->config['max_sites'];   }
  1250.  
  1251.       $output = $this->load_top();
  1252.  
  1253.       $output .= $mtl->skin->usercp->main($this->user);
  1254.       $output .= $mtl->skin->usercp->usercp_foot();
  1255.  
  1256.       $outputarray = explode('<!--Site Listing-->', $output);
  1257.  
  1258.       if(count($outputarray) == 1)
  1259.       { $output = $outputarray[0];  }
  1260.       else
  1261.       { $output = $outputarray[0];
  1262.  
  1263.         $DB->query("SELECT id,name FROM mtl_categories");
  1264.         while($r = $DB->fetch_row())
  1265.         {   $cat[$r['id']] = $r['name'];    }
  1266.  
  1267.         $cat['1'] = $mtl->lang['noneselected'];
  1268.         $cat[''] = $mtl->lang['noneselected'];
  1269.         $cat['0'] = $mtl->lang['noneselected'];
  1270.  
  1271.         $DB->query("SELECT id,a_admin,cat,site_name,in_webring,votes,out,hits,rating_total,rating
  1272.                     FROM   mtl_sites
  1273.                     WHERE  owner='{$this->user['uid']}'
  1274.                     ORDER BY site_name ASC");
  1275.         $middle = $outputarray[1];
  1276.  
  1277.         if($mtl->config['rows_banner'] != 0)
  1278.         {   $middle = str_replace("<!--Show Image Options", "", $middle);
  1279.           $middle = str_replace("End Image Options-->", "", $middle);
  1280.         }
  1281.  
  1282.         while($r = $DB->fetch_row())
  1283.         {   $toutput = $middle;
  1284.           $toutput = str_replace("<!--Site Name-->", $r['site_name'], $toutput);
  1285.           $toutput = str_replace("<!--Category-->", $cat[$r['cat']], $toutput);
  1286.           $toutput = str_replace("<!--ID-->", $r['id'], $toutput);
  1287.  
  1288.           $output .= $toutput;
  1289.         }
  1290.         $output .= $outputarray[2];
  1291.     }
  1292.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $mtl->lang['usercp'], 'DATA' => $output));
  1293.  
  1294.   }
  1295.  
  1296.   function show_login()
  1297.   { global $mtl;
  1298.  
  1299.     /// To show a form/login
  1300.     $output = $mtl->skin->usercp->login_form();
  1301.     $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['login'], 'NAV' => 1, 'NAV_DATA' => $mtl->lang['login'], 'DATA' => $output));
  1302.   }
  1303.  
  1304.   function load_top($array=array())
  1305.   { global $mtl;
  1306.  
  1307.     if($mtl->config['userrow']['pathtoprofile'] != '')
  1308.     {   $array['general'] = $mtl->config['userrow']['pathtoprofile'];   }
  1309.     else
  1310.     {   $array['general'] = "{$mtl->base_url}{$mtl->sessionhtml}act=ucp&CODE=20";   }
  1311.  
  1312.     if($mtl->config['userrow']['pathtochangeemail'] != '')
  1313.     {   $array['email'] = $mtl->config['userrow']['pathtochangeemail']; }
  1314.     else
  1315.     {   $array['email'] = "{$mtl->base_url}{$mtl->sessionhtml}act=ucp&CODE=07"; }
  1316.  
  1317.     if($mtl->config['userrow']['pathtochangepass'] != '')
  1318.     {   $array['pass'] = $mtl->config['userrow']['pathtochangepass'];   }
  1319.     else
  1320.     {   $array['pass'] = "{$mtl->base_url}{$mtl->sessionhtml}act=ucp&CODE=09";  }
  1321.  
  1322.     $top = $mtl->skin->usercp->usercp_top($array);
  1323.  
  1324.     if($mtl->config['rows_banner'] != 0)
  1325.     {   $top = str_replace("<!--Show Image Options", "", $top);
  1326.       $top = str_replace("End Image Options-->", "", $top);
  1327.     }
  1328.     if($mtl->config["enable_votes_record"] == 1)
  1329.     {   $top = str_replace("<!--Show Vote Code", "", $top);
  1330.       $top = str_replace("End Vote Code-->", "", $top);
  1331.     }
  1332.     if($mtl->config["enable_hits_record"] == 1 AND $mtl->config['enable_img'] != 1)
  1333.     {   $top = str_replace("<!--Show Hits Code", "", $top);
  1334.       $top = str_replace("End Hits Code-->", "", $top);
  1335.     }
  1336.     if($mtl->config['enable_img'] == 1)
  1337.     {   $top = str_replace("<!--Show Image Code", "", $top);
  1338.       $top = str_replace("End Image Code-->", "", $top);
  1339.     }
  1340.     if($mtl->config["enable_rating"] == 1)
  1341.     {   $top = str_replace("<!--Show Rate Code", "", $top);
  1342.       $top = str_replace("End Rate Code-->", "", $top);
  1343.     }
  1344.     if($mtl->config["enable_webring"] == 1)
  1345.     {   $top = str_replace("<!--Show Ring Code", "", $top);
  1346.       $top = str_replace("End Ring Code-->", "", $top);
  1347.     }
  1348.     if($mtl->config['enable_multaccts'] == 1)
  1349.     {   $top = str_replace("<!--Show Multi-Site Options", "", $top);
  1350.       $top = str_replace("End Multi-Site Options-->", "", $top);
  1351.     }
  1352.  
  1353.     $showcode = array('02','04','05','06','11','12','17','18','19','28','29');
  1354.  
  1355.     if($this->user['id'] != 0 AND $mtl->input['CODE'] != '' AND in_array($mtl->input['CODE'], $showcode))
  1356.     {   $top = str_replace("<!--Start Site-Dependent Contents", "", $top);
  1357.       $top = str_replace("End Site-Dependent Contents-->", "", $top);
  1358.       $top = str_replace("<!--ID-->", $this->user['id'], $top);
  1359.       $top = str_replace("<!--TOP-->", $this->user['top'], $top);
  1360.     }
  1361.     else
  1362.     {   $top = preg_replace("/<!--Start Site-Dependent Contents(.*?)End Site-Dependent Contents-->/si", "", $top);
  1363.  
  1364.     }
  1365.  
  1366.     return $top;
  1367.   }
  1368.   function generate_cats($cats,$parent=0,$space='',$currentcat='')
  1369.   {   for($i = 0; $i < count($cats); $i++)
  1370.       {   if($cats[$i]['parent'] == $parent)
  1371.     {   $ourlist[] = $cats[$i];     }
  1372.       }
  1373.  
  1374.       if(!isset($ourlist))
  1375.       {   return; }
  1376.  
  1377.       foreach($ourlist as $cat)
  1378.       {   if($currentcat == $cat['id']) // Show user which category they're viewing
  1379.     {   $sel = " selected";
  1380.     }
  1381.     else
  1382.     {   $sel = "";      }
  1383.     $output .= "<option value='{$cat['id']}'{$sel}>".$space." ".$star.$cat['name'].$star."</option>\n". $this->generate_cats($cats, $cat['id'], $space . '--', $currentcat);   }
  1384.  
  1385.     return $output;
  1386.       }
  1387.  
  1388. }
  1389.  
  1390. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top