API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 27th, 2018
196
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 54.35 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /*
  3. ** Monster Top List 1.4
  4. ** Supplied By: lord
  5. ** Nullification By: Zygote
  6. ** */
  7.  
  8. new UserCP;
  9.  
  10. class UserCP
  11. { var $session;
  12. var $session_return;
  13.  
  14. var $user = array();
  15.  
  16. function usercp()
  17. { global $mtl;
  18.  
  19. $mtl->load_lang_file("usercp");
  20. $mtl->load_skin_file("usercp");
  21.  
  22. $mtl->session = new Session;
  23. $mtl->session_return = $mtl->session->start();
  24.  
  25. //////////////////////////////////////////////////////
  26. // Do not show error message for certain screens //
  27. //////////////////////////////////////////////////////
  28.  
  29. $dont_show = array('00', '13','14','15','16','17'); // When not to show login screen
  30.  
  31. if($mtl->session_return['no'] == '0' AND !in_array($mtl->input['CODE'], $dont_show))
  32. { $this->show_login(); }
  33.  
  34. //////////////////////////////////////////////////////
  35. // Play with our session display and cookies //
  36. //////////////////////////////////////////////////////
  37.  
  38. $temp_session = $mtl->session_return['no'];
  39. $mtl->session = "";
  40. if($mtl->get_cookie("session") != $temp_session) // If the Session Cookie != Session Variable...then show ?s= in the URL path...?!
  41. { $mtl->hidden_session = "<input type='hidden' name='s' value='{$temp_session}' />";
  42. $mtl->session = $temp_session;
  43. $mtl->sessionhtml = "s={$temp_session}&";
  44. }
  45.  
  46. $this->user = $mtl->session_return['user'];
  47.  
  48. ///////////////////////////////////////////////////////
  49. // If we have multi-accounts we need to instruct the //
  50. // user to select a site to edit. //
  51. //////////////////////////////////////////////////////
  52.  
  53. $mustselect = array('02','05','11','12','18','19','28');
  54. if($this->user['id'] == 0 AND in_array($mtl->input['CODE'], $mustselect))
  55. { $output = $this->load_top(array ('title' => ' - '.$mtl->lang['error_title']));
  56. $output .= "<b>{$mtl->lang['error']}</b><br /><br />\n{$mtl->lang['mustselect']}";
  57. $output .= "<br /><br /><center><font size='3'><b><a href='{$mtl->base_url}{$mtl->sessionhtml}act=ucp&CODE=22'>{$mtl->lang['selsite']}</a></b></font></center>";
  58. $output .= $mtl->skin->usercp->usercp_foot();
  59. $nav = array (
  60. 'url' => '?s='.$mtl->session.'&act=ucp',
  61. 'name' => $mtl->lang['usercp'],
  62. 'name2' => $mtl->lang['error_title'],
  63. );
  64. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  65. }
  66.  
  67. ///////////////////////////////////////////////////////
  68. // General Config (Strip sessions and create a title //
  69. //////////////////////////////////////////////////////
  70.  
  71. if(count($this->user) > 1)
  72. { foreach($this->user as $n => $v)
  73. { $this->user[$n] = stripslashes($v); }
  74.  
  75. $this->user['top'] = "<b>".str_replace("<#sitename#>", "<a href='{$mtl->config['filename']}?out={$this->user['id']}' target='_blank'>{$this->user['site_name']}</a>", str_replace("<#siteurl#>", $this->user['site_url'], $mtl->lang['currentlyediting']))."</b>";
  76. }
  77.  
  78. ///////////////////////////////////////////////////////
  79. // Disable Account Functions if we're running plugin //
  80. //////////////////////////////////////////////////////
  81.  
  82. if($mtl->config['userrow']['default'] != 1)
  83. { $disable = array('03','07','08','09','10','13','14','15','16','20','21');
  84. if(in_array($mtl->input['CODE'], $disable))
  85. { $mtl->output->error($mtl->lang['invalid_use']); }
  86. }
  87.  
  88. ///////////////////////////////////////////////////////
  89. // Load the correct action //
  90. //////////////////////////////////////////////////////
  91.  
  92. switch($mtl->input['CODE'])
  93. { case '01':
  94. $this->logout($temp_session);
  95. break;
  96. case '02':
  97. $this->show_site_settings();
  98. break;
  99. case '03':
  100. $this->notepad_pro();
  101. break;
  102. case '04':
  103. $this->overview_pro();
  104. break;
  105. case '05':
  106. $this->show_image();
  107. break;
  108. case '06':
  109. $this->image_pro();
  110. break;
  111. case '07':
  112. $this->change_email();
  113. break;
  114. case '08':
  115. $this->change_email_pro();
  116. break;
  117. case '09':
  118. $this->change_pw();
  119. break;
  120. case '10':
  121. $this->change_pw_pro();
  122. break;
  123. case '11':
  124. $this->show_code();
  125. break;
  126. case '12':
  127. $this->show_rate();
  128. break;
  129. case '13':
  130. $this->forget_pw_show();
  131. break;
  132. case '14':
  133. $this->forget_pw_email();
  134. break;
  135. case '15':
  136. $this->forget_pw_change();
  137. break;
  138. case '16':
  139. $this->forget_pw_change_pro();
  140. break;
  141. case '17':
  142. $this->show_hits();
  143. break;
  144. case '18':
  145. $this->show_posimage();
  146. break;
  147. case '19':
  148. $this->show_ring();
  149. break;
  150. case '20':
  151. $this->show_general();
  152. break;
  153. case '21':
  154. $this->general_pro();
  155. break;
  156. case '22':
  157. $this->select_site();
  158. break;
  159. case '23':
  160. $this->do_select();
  161. break;
  162. case '24':
  163. $this->add_site();
  164. break;
  165. case '25':
  166. $this->do_add_site();
  167. break;
  168. case '26':
  169. $this->del_site();
  170. break;
  171. case '27':
  172. $this->do_del_site();
  173. break;
  174. case '28':
  175. $this->show_overview();
  176. break;
  177. case '29':
  178. $this->show_code_contents();
  179. break;
  180. default:
  181. $this->show_main();
  182. break;
  183. }
  184. }
  185.  
  186. function show_code_contents()
  187. { global $mtl, $DB;
  188.  
  189. $output = $this->load_top(array ('title' => '- '.$mtl->lang['websitecodes']));
  190. $output .= "<br />";
  191. $output .= $mtl->lang['codeintro'];
  192. $output .= "<br /><br />";
  193.  
  194. if($mtl->config['enable_img'] == 1)
  195. { $output .= "<b><a href='{$mtl->base_url}{$mtl->sessionhtml}act=ucp&site={$this->user['id']}&CODE=18'>{$mtl->lang['image_code']}</a></b> - {$mtl->lang['image_code_desc']}<br />";
  196. }
  197. if($mtl->config["enable_votes_record"] == 1)
  198. { $output .= "<b><a href='{$mtl->base_url}{$mtl->sessionhtml}act=ucp&site={$this->user['id']}&CODE=11'>{$mtl->lang['vote_code']}</a></b> - {$mtl->lang['vote_code_desc']}<br />";
  199. }
  200. if($mtl->config["enable_hits_record"] == 1 AND $mtl->config['enable_img'] != 1)
  201. { $output .= "<b><a href='{$mtl->base_url}{$mtl->sessionhtml}act=ucp&site={$this->user['id']}&CODE=17'>{$mtl->lang['hits_code']}</a></b> - {$mtl->lang['hits_code_desc']}<br />";
  202. }
  203. if($mtl->config["enable_webring"] == 1)
  204. { $output .= "<b><a href='{$mtl->base_url}{$mtl->sessionhtml}act=ucp&site={$this->user['id']}&CODE=19'>{$mtl->lang['ring_code']}</a></b> - {$mtl->lang['ring_code_desc']}<br />";
  205. }
  206. if($mtl->config["enable_rating"] == 1)
  207. { $output .= "<b><a href='{$mtl->base_url}{$mtl->sessionhtml}act=ucp&site={$this->user['id']}&CODE=12'>{$mtl->lang['rate_code']}</a></b> - {$mtl->lang['rate_code_desc']}<br />";
  208. }
  209. $output .= $mtl->skin->usercp->usercp_foot();
  210.  
  211. $nav = array (
  212. 'url' => '?'.$mtl->sessionhtml.'act=ucp',
  213. 'name' => $mtl->lang['usercp'],
  214. 'name2' => $mtl->lang['websitecodes'],
  215. );
  216.  
  217. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['websitecodes'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  218.  
  219.  
  220. }
  221.  
  222. function do_del_site()
  223. { global $mtl, $DB;
  224.  
  225. if($mtl->config['enable_multaccts'] != 1)
  226. { $mtl->output->error($mtl->lang['invalid_use']); }
  227.  
  228. if($mtl->config['site_delete'] != 1)
  229. { $mtl->output->error($mtl->lang['cannot_delete']); }
  230.  
  231. if($mtl->input['check'] != 1)
  232. { $output = $this->load_top(array ('title' => '- '.$mtl->lang['delsite']));
  233.  
  234. $DB->query("SELECT id,site_name FROM mtl_sites WHERE owner='{$this->user['uid']}' AND id='{$mtl->input['selectsite']}' AND a_ban!='1'");
  235. if($DB->count() != 1)
  236. { $mtl->output->error($mtl->lang['not_exist']); }
  237.  
  238. $r = $DB->fetch_row();
  239. $output .= str_replace("<##site##>", $r['site_name'], $mtl->lang['areyousure']);
  240. $output .= "\n<br /><br />\n<b><a href='{$mtl->base_url}{$mtl->sessionhtml}act=ucp&CODE=27&site={$r['id']}&check=1'>{$mtl->lang['yes']}</a>\n :: <a href='javascript:history.back(-1)'>{$mtl->lang['no']}</a></b>\n";
  241. $output .= $mtl->skin->usercp->usercp_foot();
  242.  
  243. $nav = array (
  244. 'url' => '?'.$mtl->sessionhtml.'act=ucp',
  245. 'name' => $mtl->lang['usercp'],
  246. 'name2' => $mtl->lang['delsite'],
  247. );
  248.  
  249. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  250.  
  251.  
  252. }
  253. else
  254. { $DB->query("DELETE FROM mtl_sites WHERE owner='{$this->user['uid']}' AND id='{$mtl->input['site']}'");
  255. $DB->query("UPDATE mtl_categories SET sites=sites-1 WHERE id='{$this->user['cat']}'");
  256.  
  257. $mtl->output->screen( array ( 'message' => $mtl->lang['site_del'], 'go' => '?'.$mtl->sessionhtml.'act=ucp' ));
  258. }
  259.  
  260. }
  261.  
  262. function del_site()
  263. { global $mtl, $DB;
  264.  
  265. if($mtl->config['enable_multaccts'] != 1)
  266. { $mtl->output->error($mtl->lang['invalid_use']); }
  267.  
  268. if($mtl->config['site_delete'] != 1)
  269. { $output = $this->load_top(array ('title' => ' - '.$mtl->lang['error_title']));
  270. $output .= "<b>{$mtl->lang['error']}</b><br /><br />\n{$mtl->lang['cannot_delete']}";
  271. $output .= $mtl->skin->usercp->usercp_foot();
  272. $nav = array (
  273. 'url' => '?'.$mtl->sessionhtml.'act=ucp',
  274. 'name' => $mtl->lang['usercp'],
  275. 'name2' => $mtl->lang['error_title'],
  276. );
  277. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  278. }
  279.  
  280. $count = $DB->count($DB->query("SELECT id FROM mtl_sites WHERE owner='{$this->user['uid']}'"));
  281.  
  282. if($count == 1)
  283. { $mtl->output->error($mtl->lang['mustactive']); }
  284.  
  285. $output = $this->load_top(array ('title' => '- '.$mtl->lang['delsite']));
  286.  
  287. $output .= "<b>{$mtl->lang['selectsitetodel']}</b><br /><br />\n";
  288. $output .= "<form action='{$mtl->config['filename']}' method='post'>\n<input type='hidden' name='act' value='ucp' />\n<input type='hidden' name='CODE' value='27' />\n{$mtl->hidden_session}\n";
  289.  
  290. $DB->query("SELECT id,site_name,site_url FROM mtl_sites WHERE owner='{$this->user['uid']}' AND a_ban!='1'");
  291. if($DB->count() == 0)
  292. { $mtl->output->error($mtl->lang['nosites']); }
  293.  
  294. while($r = $DB->fetch_row())
  295. { $output .= $mtl->skin->usercp->select_site($r);;
  296. }
  297.  
  298. $output .= "<br /><input type='submit' value='{$mtl->lang['delsite']}' class='select' />\n</form>";
  299.  
  300. $output .= $mtl->skin->usercp->usercp_foot();
  301.  
  302. $nav = array (
  303. 'url' => '?'.$mtl->sessionhtml.'act=ucp',
  304. 'name' => $mtl->lang['usercp'],
  305. 'name2' => $mtl->lang['delsite'],
  306. );
  307.  
  308. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  309.  
  310.  
  311. }
  312.  
  313. function do_add_site()
  314. { global $mtl, $DB;
  315.  
  316. if($mtl->config['enable_multaccts'] != 1)
  317. { $mtl->output->error($mtl->lang['invalid_use']); }
  318.  
  319. if($DB->count($DB->query("SELECT id FROM mtl_sites")) > $mtl->config['reg_max'] AND $mtl->config['reg_max'] != 0)
  320. { $mtl->output->error($mtl->lang['regmax']); }
  321.  
  322. $count = $DB->count($DB->query("SELECT id FROM mtl_sites WHERE owner='{$this->user['uid']}'"));
  323.  
  324. if(($this->user['max_sites'] != 0 AND $done = 1 AND $this->user['max_sites'] <= $count) OR ($done != 1 AND $mtl->config['max_sites'] != 0 AND $mtl->config['max_sites'] <= $count))
  325. { $mtl->output->error($mtl->lang['maxsites']); }
  326.  
  327. if(strlen($mtl->input['site_name']) < 2)
  328. { $mtl->output->error($mtl->lang['short_site_name']); }
  329. else if(!preg_match("/http:\/\//", $mtl->input['site_url']))
  330. { $mtl->output->error($mtl->lang['invalid_url'] ); }
  331. else if($DB->count($DB->query("SELECT id FROM mtl_sites WHERE id!='{$this->user['id']}' AND lower(site_url) LIKE '".strtolower($mtl->input['site_url'])."%'")) == 1)
  332. { $mtl->output->error($mtl->lang['url_exists']); }
  333. else if($mtl->config['enable_categories'] == 1 AND $DB->count($DB->query("SELECT id FROM mtl_categories WHERE id='{$mtl->input['cat']}'")) != 1)
  334. { $mtl->output->error($mtl->lang['invalid_category']); }
  335.  
  336. $site_accept_admin = 1;
  337. $owner_accept = 1;
  338.  
  339. if($mtl->config['site_admin'] == 1) // The SITE requires Admin Validation
  340. { $site_accept_admin = 0; }
  341.  
  342. $tmp = $DB->query("SELECT * FROM mtl_users WHERE uid='".$this->user['uid']."' AND password='".$this->user['password']."' AND ban!=1");
  343. $data = $DB->fetch_row($tmp);
  344. $a_mail = $data['a_mail'];
  345. $a_admin = $data['a_admin'];
  346.  
  347. if($a_admin != 1 OR $a_admin != 1)
  348. { $owner_accept = 0; }
  349.  
  350. if($mtl->config['userrow']['default'] != 1)
  351. { $owner_accept = 1; }
  352.  
  353.  
  354. $insert = array (
  355. 'owner' => $this->user['uid'],
  356. 'owner_accept' => $owner_accept,
  357. 'date' => time(),
  358. 'a_admin' => $site_accept_admin,
  359. 'site_name' => htmlspecialchars($mtl->input['site_name'], ENT_QUOTES),
  360. 'site_url' => htmlspecialchars($mtl->input['site_url'], ENT_QUOTES),
  361. 'site_desc' => htmlspecialchars($mtl->input['site_desc'], ENT_QUOTES),
  362. 'a_hide' => $mtl->input['hide'],
  363. 'cat' => $mtl->input['cat'],
  364. 'in_webring' => $mtl->input['in_webring'],
  365. );
  366. $insert = $DB->insert($insert);
  367. $DB->query("INSERT INTO mtl_sites ({$insert['columns']}) VALUES ({$insert['values']})");
  368.  
  369.  
  370. if($owner_accept == 1 AND $site_accept_admin == 1)
  371. { $DB->query("UPDATE mtl_categories SET sites=sites+1 WHERE id='{$mtl->input['cat']}'"); }
  372.  
  373. if($mtl->config['site_email_info'] == 1 AND $site_accept_admin ==1)
  374. { $mail = array (
  375. 'to_name' => $this->user['username'],
  376. 'to_mail' => $this->user['email'],
  377. 'subject' => $mtl->lang['site_reg_at'],
  378. 'message' => $mtl->make_message(array("act" => "new_site_email", "username" => $mtl->input['username'], "site_name" => $mtl->input['site_name'], "site_url" => $mtl->input['site_url'])),
  379. );
  380. $mtl->mailer($mail);
  381. }
  382.  
  383. $mtl->output->screen( array ( 'message' => $mtl->lang['site_added'], 'go' => '?'.$mtl->sessionhtml.'act=ucp' ));
  384. }
  385.  
  386. function add_site()
  387. { global $mtl, $DB;
  388.  
  389. if($DB->count($DB->query("SELECT id FROM mtl_sites")) > $mtl->config['reg_max'] AND $mtl->config['reg_max'] != 0)
  390. { $mtl->output->error($mtl->lang['regmax']); }
  391.  
  392. if($mtl->config['enable_multaccts'] != 1)
  393. { $mtl->output->error($mtl->lang['invalid_use']); }
  394.  
  395. $count = $DB->count($DB->query("SELECT id FROM mtl_sites WHERE owner='{$this->user['uid']}'"));
  396.  
  397. if(($this->user['max_sites'] != 0 AND $done = 1 AND $this->user['max_sites'] <= $count) OR ($done != 1 AND $mtl->config['max_sites'] != 0 AND $mtl->config['max_sites'] <= $count))
  398. { $output = $this->load_top(array ('title' => ' - '.$mtl->lang['error_title']));
  399. $output .= "<b>{$mtl->lang['error']}</b><br /><br />\n{$mtl->lang['maxsites']}";
  400. $output .= $mtl->skin->usercp->usercp_foot();
  401. $nav = array (
  402. 'url' => '?'.$mtl->sessionhtml.'act=ucp',
  403. 'name' => $mtl->lang['usercp'],
  404. 'name2' => $mtl->lang['error_title'],
  405. );
  406. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  407. }
  408.  
  409. $data['CODE'] = '25';
  410. $data['top'] = $mtl->lang['addsiteintro'];
  411. $data['submit'] = $mtl->lang['addsite'];
  412.  
  413. $output = $this->load_top(array ('title' => '- '.$mtl->lang['addsite']));
  414.  
  415. $xoutput = $mtl->skin->usercp->site_settings($data);
  416.  
  417. if($mtl->config['enable_userhide'] == 1)
  418. { $xoutput = str_replace("<!-- Allow Hide Start", "", $xoutput);
  419. $xoutput = str_replace("Allow Hide End-->", "", $xoutput);
  420. }
  421.  
  422. if($mtl->config['enable_categories'] == 1) // Are categories enabled?
  423. { $cats = $DB->query("SELECT id,name,parent FROM mtl_categories WHERE status=1 AND catallow='' ORDER BY position asc");
  424. if($DB->count($cats) > 1) // Do we have categories? Rarely should be no
  425. { $select_cat = "<select name='cat' class='select'>\n";
  426. $select_cat .= "<option value='' selected='selected'>{$mtl->lang['select_category']}</option>\n";
  427. while($r = $DB->fetch_row($cats))
  428. { $ourcats[] = $r;
  429. }
  430. $select_cat .= $this->generate_cats($ourcats);
  431. $select_cat .= "</select>\n";
  432. $xoutput = str_replace("<!-- Allow Category Start", "", $xoutput);
  433. $xoutput = str_replace("End Allow Cattegory-->", "", $xoutput);
  434. $xoutput = str_replace("--Cat List--", $select_cat, $xoutput);
  435. }
  436. }
  437.  
  438. if($mtl->config["enable_webring"] == 1)
  439. { $xoutput = str_replace("<!-- Allow Webring Start", "", $xoutput);
  440. $xoutput = str_replace("Allow Webring End-->", "", $xoutput);
  441. }
  442.  
  443. $output .= $xoutput;
  444. $output .= $mtl->skin->usercp->usercp_foot();
  445.  
  446. $nav = array (
  447. 'url' => '?'.$mtl->sessionhtml.'act=ucp',
  448. 'name' => $mtl->lang['usercp'],
  449. 'name2' => $mtl->lang['addsite'],
  450. );
  451.  
  452. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  453. }
  454.  
  455. function select_site()
  456. { global $mtl, $DB;
  457.  
  458. if($mtl->config['enable_multaccts'] != 1)
  459. { $mtl->output->error($mtl->lang['invalid_use']); }
  460.  
  461. $output = $this->load_top(array ('title' => '- '.$mtl->lang['selsite']));
  462.  
  463. $output .= "<b>{$mtl->lang['selectsitetoedit']}</b><br /><br />\n";
  464. $output .= "<form action='{$mtl->config['filename']}' method='post'>\n<input type='hidden' name='act' value='ucp' />\n<input type='hidden' name='CODE' value='23' />\n{$mtl->hidden_session}\n";
  465.  
  466. $DB->query("SELECT id,site_name,site_url FROM mtl_sites WHERE owner='{$this->user['uid']}' AND a_ban!='1'");
  467. if($DB->count() == 0)
  468. { $mtl->output->error($mtl->lang['nosites']); }
  469.  
  470. while($r = $DB->fetch_row())
  471. { $output .= $mtl->skin->usercp->select_site($r);;
  472. }
  473.  
  474. $output .= "<br /><input type='submit' value='{$mtl->lang['selsite']}' class='select' />\n</form>";
  475.  
  476. $output .= $mtl->skin->usercp->usercp_foot();
  477.  
  478. $nav = array (
  479. 'url' => '?'.$mtl->sessionhtml.'act=ucp',
  480. 'name' => $mtl->lang['usercp'],
  481. 'name2' => $mtl->lang['selsite'],
  482. );
  483.  
  484. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  485.  
  486. }
  487.  
  488. function do_select()
  489. { global $mtl, $DB;
  490.  
  491. if($mtl->config['enable_multaccts'] != 1)
  492. { $mtl->output->error($mtl->lang['invalid_use']); }
  493. if(!isset($mtl->input['selectsite']))
  494. { $mtl->output->error($mtl->lang['mustchoosesite']); }
  495.  
  496. $mtl->output->screen( array ( 'message' => $mtl->lang['settings_updated'], 'go' => '?'.$mtl->sessionhtml.'act=ucp&CODE=28' ));
  497.  
  498. }
  499.  
  500. function logout($session) // CODE '01'
  501. { global $mtl, $DB;
  502.  
  503. $DB->query("DELETE FROM mtl_sessions WHERE id='{$session}'");
  504.  
  505. $mtl->set_cookie($mtl->config['userrow']['uidcookie'], '', 1, 1);
  506. $mtl->set_cookie($mtl->config['userrow']['passcookie'], '', 1, 1);
  507. $mtl->set_cookie($mtl->config['userrow']['sessioncookie'], '', 1, 1);
  508.  
  509. $mtl->set_cookie("session", "", 1);
  510.  
  511. $mtl->output->screen( array ( 'message' => $mtl->lang['logout_msg'], ));
  512. }
  513.  
  514. function show_site_settings() // CODE '02'
  515. { global $mtl, $DB;
  516.  
  517. $this->user['hide_select'] = $this->user['a_hide'] ? "checked='checked'" : "";
  518. $this->user['in_webring'] = $this->user['in_webring'] ? "checked='checked'" : "";
  519. $this->user['CODE'] = '04';
  520. $this->user['submit'] = $mtl->lang['update'];
  521.  
  522. $output = $this->load_top(array ('title' => '- '.$mtl->lang['general_options']));
  523.  
  524. $xoutput = $mtl->skin->usercp->site_settings($this->user);
  525.  
  526. if($mtl->config['enable_userhide'] == 1)
  527. { $xoutput = str_replace("<!-- Allow Hide Start", "", $xoutput);
  528. $xoutput = str_replace("Allow Hide End-->", "", $xoutput);
  529. }
  530.  
  531. if($mtl->config["enable_webring"] == 1)
  532. { $xoutput = str_replace("<!-- Allow Webring Start", "", $xoutput);
  533. $xoutput = str_replace("Allow Webring End-->", "", $xoutput);
  534. }
  535.  
  536. if($mtl->config['enable_categories'] == 1) // Are categories enabled?
  537. { $cats = $DB->query("SELECT id,name,parent FROM mtl_categories WHERE status=1 AND catallow='' ORDER BY position asc");
  538. if($DB->count($cats) > 1) // Do we have categories? Rarely should be no
  539. { $select_cat = "<select name='cat' class='select'>\n";
  540. $select_cat .= "<option value=''>{$mtl->lang['select_category']}</option>\n";
  541. while($r = $DB->fetch_row($cats))
  542. { $ourcats[] = $r;
  543. }
  544. $select_cat .= $this->generate_cats($ourcats, 0, '', $this->user['cat']);
  545. $select_cat .= "</select>\n";
  546. $xoutput = str_replace("<!-- Allow Category Start", "", $xoutput);
  547. $xoutput = str_replace("End Allow Cattegory-->", "", $xoutput);
  548. $xoutput = str_replace("--Cat List--", $select_cat, $xoutput);
  549. }
  550. }
  551.  
  552. $output .= $xoutput;
  553. $output .= $mtl->skin->usercp->usercp_foot();
  554.  
  555. $nav = array (
  556. 'url' => '?'.$mtl->sessionhtml.'act=ucp',
  557. 'name' => $mtl->lang['usercp'],
  558. 'name2' => $mtl->lang['site_overview'],
  559. );
  560.  
  561. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  562.  
  563. }
  564.  
  565. function overview_pro() // CODE '04'
  566. { global $mtl, $DB;
  567.  
  568. if(strlen($mtl->input['site_name']) < 2)
  569. { $mtl->output->error($mtl->lang['short_site_name']); }
  570. else if(!preg_match("/http:\/\//", $mtl->input['site_url']))
  571. { $mtl->output->error($mtl->lang['invalid_url'] ); }
  572. else if($DB->count($DB->query("SELECT id FROM mtl_sites WHERE id!='{$this->user['id']}' AND lower(site_url) LIKE '".strtolower($mtl->input['site_url'])."%'")) == 1)
  573. { $mtl->output->error($mtl->lang['url_exists']); }
  574. else if($mtl->config['enable_categories'] == 1 AND $DB->count($DB->query("SELECT id FROM mtl_categories WHERE id='{$mtl->input['cat']}'")) != 1)
  575. { $mtl->output->error($mtl->lang['invalid_category']); }
  576.  
  577. $update = array (
  578. 'site_name' => htmlspecialchars($mtl->input['site_name'], ENT_QUOTES),
  579. 'site_url' => htmlspecialchars($mtl->input['site_url'], ENT_QUOTES),
  580. 'site_desc' => htmlspecialchars($mtl->input['site_desc'], ENT_QUOTES),
  581. );
  582.  
  583. if($mtl->config['enable_userhide'] == 1)
  584. { $update['a_hide'] = $mtl->input['hide']; }
  585.  
  586. if($mtl->config["enable_webring"] == 1)
  587. { $update['in_webring'] = $mtl->input['in_webring']; }
  588.  
  589. if($mtl->config["enable_categories"] == 1)
  590. { $update['cat'] = $mtl->input['cat']; }
  591.  
  592. // Now do the Site IPs:
  593. $ip = $mtl->siteip_gethostbyname($update['site_url']);
  594. if (!$mtl->siteip_check_duplicate($ip))
  595. {
  596. $mtl->output->error($mtl->lang['duplicate_siteip']);
  597. exit;
  598. }
  599. else
  600. { $mtl->siteip_insert($ip); }
  601. // End Site IPs \\
  602.  
  603. $DB->query("UPDATE mtl_sites SET ".$DB->update($update)." WHERE id='{$this->user['id']}'");
  604.  
  605. $mtl->output->screen( array ( 'message' => $mtl->lang['settings_updated'], 'go' => '?'.$mtl->sessionhtml.'act=ucp&CODE=02' ));
  606. }
  607.  
  608.  
  609. function show_general() // CODE '20'
  610. { global $mtl, $DB;
  611.  
  612. $this->user['visitor_email'] = $this->user['allow_guest_email'] ? "checked='checked'" : "";
  613. $this->user['admin_email'] = $this->user['allow_admin_mail'] ? "checked='checked'" : "";
  614.  
  615. $output = $this->load_top(array ('title' => '- '.$mtl->lang['general_options']));
  616. $output .= $mtl->skin->usercp->general_options($this->user);
  617.  
  618. $output .= $mtl->skin->usercp->usercp_foot();
  619.  
  620. $nav = array (
  621. 'url' => '?'.$mtl->sessionhtml.'act=ucp',
  622. 'name' => $mtl->lang['usercp'],
  623. 'name2' => $mtl->lang['general_options'],
  624. );
  625.  
  626. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  627.  
  628. }
  629.  
  630. function general_pro() // CODE '21'
  631. { global $mtl, $DB;
  632.  
  633. $update = array (
  634. 'allow_guest_email' => $mtl->input['visitor_email'],
  635. 'allow_admin_mail ' => $mtl->input['admin_email'],
  636. );
  637.  
  638. $DB->query("UPDATE mtl_users SET ".$DB->update($update)." WHERE uid='{$this->user['uid']}'");
  639.  
  640. $mtl->output->screen( array ( 'message' => $mtl->lang['settings_updated'], 'go' => '?'.$mtl->sessionhtml.'act=ucp&CODE=20' ));
  641. }
  642.  
  643. function notepad_pro() // CODE '03'
  644. { global $mtl, $DB;
  645.  
  646. $DB->query("UPDATE mtl_users SET notepad='".$mtl->input['notes']."',notepad_size='{$mtl->input['size']}' WHERE uid='{$this->user['uid']}'");
  647. $this->user['notepad'] = $mtl->input['notes'];
  648. $this->user['notepad_size'] = $mtl->input['size'];
  649.  
  650. $this->show_main();
  651. }
  652.  
  653.  
  654. function show_image() // CODE '05'
  655. { global $mtl;
  656.  
  657. if($mtl->config['rows_banner'] == 0)
  658. { $mtl->output->error($mtl->lang['banner_not_enabled']); }
  659.  
  660. if(preg_match("/http:\/\//", $this->user['site_banner']))
  661. { $data['select_link'] = "checked='checked'";
  662. $data['link'] = $this->user['site_banner'];
  663. $data['image'] = "<img src='".$this->user['site_banner']."' alt='".$this->user['name']."'><br /><br />";
  664. }
  665. else if($this->user['site_banner'] != '0' AND $this->user['site_banner'] != "")
  666. { $data['select_upload'] = "checked='checked'";
  667. $data['image'] = "<img src='".$mtl->config['banner_http'].$this->user['id'].".".$this->user['site_banner']."' alt='".$this->user['name']."'><br /><br />";
  668. }
  669. else
  670. { $data['select_none'] = "checked='checked'"; }
  671.  
  672. $data['top'] = $this->user['top'];
  673.  
  674. $choose = $mtl->skin->usercp->image_choose($data);
  675.  
  676. if($mtl->config['banner_upload'] == 1)
  677. { $choose = str_replace("<!--Start Upload", "", $choose);
  678. $choose = str_replace("End Upload-->", "", $choose);
  679. }
  680.  
  681. $output = $this->load_top(array ('title' => '- '.$mtl->lang['image_options']));
  682. $output .= $choose;
  683. $output .= $mtl->skin->usercp->usercp_foot();
  684.  
  685. $nav = array (
  686. 'url' => '?'.$mtl->sessionhtml.'act=ucp',
  687. 'name' => $mtl->lang['usercp'],
  688. 'name2' => $mtl->lang['image_options'],
  689. );
  690.  
  691. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['image_options'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  692.  
  693. }
  694.  
  695. function image_pro() // CODE '06'
  696. { global $DB, $mtl;
  697.  
  698. if($mtl->config['rows_banner'] == 0)
  699. { $mtl->output->error($mtl->lang['banner_not_enabled'] ); }
  700.  
  701. if($mtl->input['type'] == 'link')
  702. { if($mtl->config['banner_link'] != 1)
  703. { $mtl->output->error($mtl->lang['banner_link_disable'] ); }
  704. if(!preg_match("/http:\/\//", $mtl->input['image_url']))
  705. { $mtl->output->error($mtl->lang['invalid_url'] ); }
  706.  
  707. if(!$size = @getimagesize($mtl->input['image_url']))
  708. { $mtl->output->error($mtl->lang['invalidimage']); }
  709.  
  710. $ex = explode('.', $mtl->input['image_url']);
  711. $ex = $ex[count($ex) - 1];
  712. $vex = explode(',', $mtl->config['banner_ex']);
  713.  
  714. if(!in_array($ex, $vex))
  715. { $mtl->output->error($mtl->lang['invalidimage']); }
  716.  
  717. list($max_width, $max_height) = explode("x", $mtl->config['banner_max']);
  718.  
  719. if($mtl->config['banner_exact'] == 0 AND ($size[0] > $max_width OR $size[1] > $max_height))
  720. { $mtl->lang['too_big_image'] = str_replace("<##width##>", $max_width, $mtl->lang['too_big_image']);
  721. $mtl->lang['too_big_image'] = str_replace("<##height##>", $max_height, $mtl->lang['too_big_image']);
  722. $mtl->output->error($mtl->lang['too_big_image']);
  723. }
  724.  
  725. if($mtl->config['banner_exact'] == 1 AND ($size[0] != $max_width OR $size[1] != $max_height))
  726. { $mtl->lang['wrong_size'] = str_replace("<##width##>", $max_width, $mtl->lang['wrong_size']);
  727. $mtl->lang['wrong_size'] = str_replace("<##height##>", $max_height, $mtl->lang['wrong_size']);
  728. $mtl->output->error($mtl->lang['wrong_size']);
  729. }
  730.  
  731. if($this->user['site_banner'] != '0' AND $this->user['site_banner'] != "" AND !preg_match("/http:\/\//", $this->user['site_banner']))
  732. { @unlink($mtl->config['banner_path'].$this->user['id'].".".$this->user['site_banner']); }
  733.  
  734. $DB->query("UPDATE mtl_sites SET site_banner='".addslashes($mtl->input['image_url'])."' WHERE id='".$this->user['id']."'");
  735. }
  736. else if($mtl->input['type'] == 'upload')
  737. { if($mtl->config['banner_upload'] != 1)
  738. { $mtl->output->error($mtl->lang['banner_upload_disable'] ); }
  739.  
  740. $file = $mtl->file("image_upload");
  741. $size = round($file['size']/1024, 2);
  742. $extensions = explode(",", $mtl->config['banner_ex']);
  743.  
  744. if(!in_array($file['ex'], $extensions))
  745. { $mtl->output->error($mtl->lang['invalidimage'] ); }
  746. if($file['size'] > ($mtl->config['banner_size'] * 1000))
  747. { $mtl->output->error($mtl->lang['image_too_large'].$size."kb"); }
  748.  
  749. $size = getimagesize($file['file']);
  750. list($max_width, $max_height) = explode("x", $mtl->config['banner_max']);
  751.  
  752. if($mtl->config['banner_exact'] == 0 AND ($size[0] > $max_width OR $size[1] > $max_height))
  753. { $mtl->lang['too_big_image'] = str_replace("<##width##>", $max_width, $mtl->lang['too_big_image']);
  754. $mtl->lang['too_big_image'] = str_replace("<##height##>", $max_height, $mtl->lang['too_big_image']);
  755. $mtl->output->error($mtl->lang['too_big_image']);
  756. }
  757.  
  758. if($mtl->config['banner_exact'] == 1 AND ($size[0] != $max_width OR $size[1] != $max_height))
  759. { $mtl->lang['wrong_size'] = str_replace("<##width##>", $max_width, $mtl->lang['wrong_size']);
  760. $mtl->lang['wrong_size'] = str_replace("<##height##>", $max_height, $mtl->lang['wrong_size']);
  761. $mtl->output->error($mtl->lang['wrong_size']);
  762. }
  763.  
  764. $path = $mtl->config['banner_path'].$this->user['id'].".$file[ex]";
  765.  
  766. if($this->user['site_banner'] != '0' AND $this->user['site_banner'] != "" AND !preg_match("/http:\/\//", $this->user['site_banner']))
  767. { @unlink($mtl->config['banner_path'].$this->user['id'].".".$this->user['site_banner']); }
  768.  
  769. copy($file['file'], $path) or $mtl->output->error("The file could not be copied");
  770. //@chmod($path, 7777);
  771.  
  772. $DB->query("UPDATE mtl_sites SET site_banner='$file[ex]' WHERE id='".$this->user['id']."'");
  773. }
  774. else if($mtl->input['type'] == 'none')
  775. { if($this->user['site_banner'] != '0' AND $this->user['site_banner'] != "" AND !preg_match("/http:\/\//", $this->user['site_banner']))
  776. { @unlink($mtl->config['banner_path'].$this->user['id'].".".$this->user['site_banner']); }
  777.  
  778. $DB->query("UPDATE mtl_sites SET site_banner='0' WHERE id='".$this->user['id']."'"); }
  779. else
  780. { $mtl->output->error($mtl->lang['invalid_use']); }
  781.  
  782. $mtl->output->screen( array ( 'message' => $mtl->lang['image_change_succ'], 'go' => '?'.$mtl->sessionhtml.'act=ucp&CODE=05', ));
  783. }
  784.  
  785. function change_email() // CODE '07'
  786. { global $mtl, $DB;
  787.  
  788. $output = $this->load_top(array ('title' => '- '.$mtl->lang['change_email']));
  789. $output .= $mtl->skin->usercp->change_email();
  790. $output .= $mtl->skin->usercp->usercp_foot();
  791. $nav = array (
  792. 'url' => '?'.$mtl->sessionhtml.'act=ucp',
  793. 'name' => $mtl->lang['usercp'],
  794. 'name2' => $mtl->lang['change_email'],
  795. );
  796.  
  797. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['change_email'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  798.  
  799. }
  800.  
  801. function change_email_pro() // CODE '08'
  802. { global $mtl, $DB;
  803.  
  804. if($mtl->check_email($mtl->input['email']))
  805. { $mtl->output->error($mtl->lang['invalid_email'] ); }
  806. if($mtl->input['email'] != $mtl->input['email_confirm'])
  807. { $mtl->output->error($mtl->lang['match_email'] ); }
  808. if($mtl->input['email'] == $this->user['email'])
  809. { $mtl->output->error($mtl->lang['current_email'] ); }
  810.  
  811. if($mtl->config['reg_email'] == 1)
  812. { $accept_mail = 0;
  813. $val = substr(md5(microtime()), 15);
  814. $mail = array (
  815. 'to_name' => $this->user['username'],
  816. 'to_mail' => $mtl->input['email'],
  817. 'subject' => $mtl->lang['change_email_val'],
  818. 'message' => $mtl->make_message(array("username" => $this->user['username'], "act" => "revalidate", "val" => $val)),
  819. );
  820.  
  821. $mtl->mailer($mail);
  822. $DB->query("UPDATE mtl_users SET a_valkey='$val',email='".$mtl->input['email']."',a_mail='0' WHERE uid='".$this->user['uid']."'");
  823. $mtl->output->screen( array ( 'go' => '?'.$mtl->sessionhtml.'act=ucp', 'message' => $mtl->lang['val_email_send'], ));
  824. }
  825. else
  826. { $DB->query("UPDATE mtl_users SET email='".$mtl->input['email']."' WHERE uid='".$this->user['id']."'");
  827. $mtl->output->screen( array ( 'go' => '?'.$mtl->sessionhtml.'act=ucp', 'message' => $mtl->lang['val_done'], ));
  828. }
  829. }
  830.  
  831. function change_pw() // CODE '09'
  832. { global $DB, $mtl;
  833.  
  834. $output = $this->load_top(array ('title' => '- '.$mtl->lang['change_pw']));
  835. $output .= $mtl->skin->usercp->change_pw();
  836. $output .= $mtl->skin->usercp->usercp_foot();
  837.  
  838. $nav = array (
  839. 'url' => '?'.$mtl->sessionhtml.'act=ucp',
  840. 'name' => $mtl->lang['usercp'],
  841. 'name2' => $mtl->lang['change_pw'],
  842. );
  843.  
  844. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['change_pw'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  845.  
  846. }
  847.  
  848. function change_pw_pro() // CODE '10'
  849. { global $DB, $mtl;
  850.  
  851. if(md5($mtl->input['current_pw']) != $this->user['password'])
  852. { $mtl->output->error($mtl->lang['incorrect_pw'] ); }
  853. if(strlen($mtl->input['password']) < $mtl->config['min_letters'])
  854. { $mtl->output->error($mtl->lang['pw_short'] ); }
  855. if($mtl->input['confirm_pw'] != $mtl->input['password'])
  856. { $mtl->output->error($mtl->lang['pass_match'] ); }
  857.  
  858. $DB->query("UPDATE mtl_users SET password='".md5($mtl->input['password'])."' WHERE uid='".$this->user['uid']."'");
  859.  
  860. $mtl->output->screen( array ( 'message' => $mtl->lang['password_change_succ'], ));
  861. }
  862.  
  863. function show_code() // CODE '11'
  864. { global $mtl;
  865.  
  866. $output = $this->load_top(array ('title' => '- '.$mtl->lang['vote_code']));
  867.  
  868. $code['code'] = str_replace("%url%", $mtl->config['url'] . $mtl->config['filename'] . "?vote=" . $this->user['id'], $mtl->config['vote_code']);
  869. $code['code_orig'] = $code['code']; // Create a Preview Code
  870. $code['code'] = str_replace('<', '<', $code['code']);
  871. $code['code'] = str_replace('>/', '>', $code['code']);
  872. $code['intro'] = str_replace('<##link##>', "{$mtl->base_url}&act=faq&store=1", $mtl->lang['code_intro']);
  873. $code['top'] = $this->user['top'];
  874.  
  875. $output .= $mtl->skin->usercp->vote_code($code);
  876. $output .= $mtl->skin->usercp->usercp_foot();
  877.  
  878. $nav = array (
  879. 'url' => '?'.$mtl->sessionhtml.'act=ucp',
  880. 'name' => $mtl->lang['usercp'],
  881. 'name2' => $mtl->lang['vote_code'],
  882. );
  883.  
  884. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  885.  
  886. }
  887.  
  888. function show_rate() // CODE '12'
  889. { global $mtl;
  890.  
  891. $output = $this->load_top(array ('title' => '- '.$mtl->lang['rate_code']));
  892.  
  893. $code['code'] = str_replace("%url%", $mtl->config['url'] . $mtl->config['filename'], $mtl->config['rate_code']);
  894. $code['code'] = str_replace("%id%", $this->user['id'], $code['code']);
  895. $code['code_orig'] = $code['code'];
  896. $code['code'] = str_replace('<', '<', $code['code']);
  897. $code['code'] = str_replace('>', '>', $code['code']);
  898. $code['code_spaced'] = nl2br($code['code']);
  899. $code['intro'] = str_replace('<##link##>', "{$mtl->base_url}&act=faq&store=1", $mtl->lang['rate_intro']);
  900. $code['top'] = $this->user['top'];
  901.  
  902. $output .= $mtl->skin->usercp->rate_code($code);
  903.  
  904. $output .= $mtl->skin->usercp->usercp_foot();
  905. $nav = array (
  906. 'url' => '?'.$mtl->sessionhtml.'act=ucp',
  907. 'name' => $mtl->lang['usercp'],
  908. 'name2' => $mtl->lang['rate_code'],
  909. );
  910.  
  911. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  912.  
  913. }
  914.  
  915.  
  916. function forget_pw_show() // CODE '13'
  917. { global $mtl;
  918.  
  919. $output = $mtl->skin->usercp->forget_pw_form();
  920. $nav = array (
  921. 'url' => '?act=ucp',
  922. 'name' => $mtl->lang['usercp'],
  923. 'name2' => $mtl->lang['forget_pw'],
  924. );
  925.  
  926. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['forget_pw'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  927. }
  928.  
  929. function forget_pw_email() // CODE '14'
  930. { global $DB, $mtl;
  931.  
  932. if($mtl->check_email($mtl->input['email']))
  933. { $mtl->output->error($mtl->lang['invalid_email'] ); }
  934.  
  935. $query = $DB->query("SELECT uid,username,email FROM mtl_users WHERE email='".$mtl->input['email']."'");
  936.  
  937. if($DB->count() < 1)
  938. { $mtl->output->error($mtl->lang['email_account_missing'] ); }
  939.  
  940. while($r = $DB->fetch_row($query))
  941. {
  942. $sess = substr(md5(microtime()), 25);
  943. $mail = array (
  944. 'to_name' => $r['username'],
  945. 'to_mail' => $r['email'],
  946. 'subject' => $mtl->lang['forgetpw'],
  947. 'message' => $mtl->make_message(array("act" => "forget_pw", "val" => $sess, "username" => $r['username'])),
  948.  
  949. );
  950.  
  951. $mtl->mailer($mail);
  952. $DB->query("UPDATE mtl_users SET a_valkey_pw='$sess' WHERE uid='".$r['uid']."'");
  953. }
  954.  
  955. $mtl->output->screen( array ( 'message' => $mtl->lang['email_sent']));
  956. }
  957.  
  958. function forget_pw_change() // CODE '15'
  959. { global $DB, $mtl;
  960.  
  961. if(!isset($mtl->input['val']))
  962. { $mtl->output->error($mtl->lang['valid_key'] ); }
  963.  
  964. $DB->query("SELECT uid,username,a_valkey_pw FROM mtl_users WHERE a_valkey_pw='".$mtl->input['val']."'");
  965.  
  966. if($DB->count() != 1)
  967. { $mtl->output->error($mtl->lang['valid_key'] ); }
  968.  
  969. $output = $mtl->skin->usercp->forget_pw_change($DB->fetch_row($query));
  970. $nav = array (
  971. 'url' => '?act=ucp',
  972. 'name' => $mtl->lang['usercp'],
  973. 'name2' => $mtl->lang['forget_pw_change'],
  974. );
  975.  
  976. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['forget_pw_change'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  977.  
  978. }
  979.  
  980. function forget_pw_change_pro() // CODE '16'
  981. { global $DB, $mtl;
  982.  
  983. if(strlen($mtl->input['password']) < $mtl->config['min_letters'])
  984. { $mtl->output->error($mtl->lang['pw_short'] ); }
  985. else if($mtl->input['confirm_pw'] != $mtl->input['password'])
  986. { $mtl->output->error($mtl->lang['pass_match'] ); }
  987.  
  988. if(!isset($mtl->input['val']) OR $mtl->input['val'] == "")
  989. { $mtl->output->error($mtl->lang['valid_key'] ); }
  990.  
  991. $DB->query("SELECT uid,username FROM mtl_users WHERE a_valkey_pw='".$mtl->input['val']."'");
  992.  
  993. if($DB->count() < 1)
  994. { $mtl->output->error($mtl->lang['valid_key'] ); }
  995.  
  996. $r = $DB->fetch_row();
  997.  
  998. $DB->query("UPDATE mtl_users SET password='".md5($mtl->input['password'])."',a_valkey_pw='' WHERE uid='".$r['uid']."'");
  999.  
  1000. $mtl->output->screen( array ( 'go' => '?act=ucp', 'message' => $mtl->lang['password_change_succ'], ));
  1001. }
  1002.  
  1003. function show_hits() // CODE '17'
  1004. { global $mtl;
  1005.  
  1006. $output = $this->load_top(array ('title' => '- '.$mtl->lang['hits_code']));
  1007.  
  1008. $code['code'] = "<img src='{$mtl->config['url']}{$mtl->config['filename']}?hit={$this->user['id']}' width='0' height='0'>";
  1009. $code['code_spaced'] = str_replace('<', '<', $code['code']);
  1010. $code['code_spaced'] = str_replace('>', '>', $code['code_spaced']);
  1011. $code['intro'] = str_replace('<##link##>', "{$mtl->base_url}&act=faq&store=1", $mtl->lang['hits_intro']);
  1012. $code['top'] = $this->user['top'];
  1013.  
  1014. $output .= $mtl->skin->usercp->hits_code($code);
  1015.  
  1016. $output .= $mtl->skin->usercp->usercp_foot();
  1017. $nav = array (
  1018. 'url' => '?'.$mtl->sessionhtml.'act=ucp',
  1019. 'name' => $mtl->lang['usercp'],
  1020. 'name2' => $mtl->lang['hits_code'],
  1021. );
  1022.  
  1023. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  1024.  
  1025. }
  1026.  
  1027. function show_posimage() // CODE '18'
  1028. { global $mtl, $root_path, $DB;
  1029.  
  1030. $output = $this->load_top(array ('title' => '- '.$mtl->lang['image_code']));
  1031.  
  1032. $simp_image_sets = '';
  1033. $dh = opendir($root_path."html/nums/");
  1034. while($file = readdir($dh))
  1035. {
  1036. $simp_image_data = array('img_set' => htmlentities($file));
  1037. $code = str_replace("%url%", "{$mtl->config['url']}{$mtl->config['filename']}?vote={$this->user['id']}", $mtl->config['image_code']);
  1038. $code = str_replace("%imgurl%", "{$mtl->config['url']}{$mtl->config['filename']}?img={$this->user['id']}&img_set=" . rawurlencode($file), $code);
  1039. $simp_image_data['code'] = htmlentities($code);
  1040.  
  1041. if($file{0} === '.' || !is_dir($setDir = ($root_path . "html/nums/" . $file)))
  1042. {
  1043. continue;
  1044. }
  1045.  
  1046. $dh2 = opendir($setDir);
  1047. $images = array();
  1048. while($file2 = readdir($dh2))
  1049. {
  1050. if($file2{0} !== '.'
  1051. && is_file($setDir . '/' . $file2)
  1052. && preg_match('/([0-9]+)([-+]([0-9]+)?)?\.(.*)$/', $file2, $m))
  1053. {
  1054. $images[(int)$m[1]] = $file2;
  1055. }
  1056. }
  1057. closedir($dh2);
  1058.  
  1059. if($images)
  1060. {
  1061. ksort($images);
  1062. $simp_image_data['sample_images'] = '';
  1063. foreach($images as $img)
  1064. {
  1065. $simp_image_data['sample_images'] .= "<img src='html/nums/{$file}/{$img}' />";
  1066. }
  1067.  
  1068. $simp_image_sets .= $mtl->skin->usercp->image_set($simp_image_data);
  1069. }
  1070. }
  1071. closedir($dh);
  1072.  
  1073. if($simp_image_sets)
  1074. {
  1075. $simp_image_sets = $mtl->skin->usercp->image_sets
  1076. (array
  1077. ('intro' => $mtl->lang['simp_image_intro'],
  1078. 'sets' => $simp_image_sets,
  1079. )
  1080. );
  1081. }
  1082.  
  1083. $dyn_image_sets = '';
  1084. $DB->query("SELECT img_id, img_name from mtl_images ORDER BY img_name");
  1085. while($r = $DB->fetch_row())
  1086. {
  1087. $dyn_image_data = array('img_set' => htmlentities($r['img_name']));
  1088. $code = str_replace("%url%", "{$mtl->config['url']}{$mtl->config['filename']}?vote={$this->user['id']}", $mtl->config['image_code']);
  1089. $code = str_replace("%imgurl%", "{$mtl->config['url']}{$mtl->config['filename']}?img={$this->user['id']}&img_id=" . rawurlencode($r['img_id']), $code);
  1090. $dyn_image_data['code'] = htmlentities($code);
  1091. $dyn_image_data['sample_images'] =
  1092. "<img src=\"index.php?img={$this->user['id']}&img_id=" . rawurlencode($r['img_id']) . "\" />";
  1093. $dyn_image_sets .= $mtl->skin->usercp->image_set($dyn_image_data);
  1094. }
  1095.  
  1096. if($dyn_image_sets)
  1097. {
  1098. $dyn_image_sets = $mtl->skin->usercp->image_sets
  1099. (array
  1100. ('intro' => $mtl->lang['simp_image_intro'],
  1101. 'sets' => $dyn_image_sets,
  1102. )
  1103. );
  1104. }
  1105.  
  1106. $data = array();
  1107.  
  1108. $data['intro'] = str_replace('<##link##>', "{$mtl->base_url}&act=faq&store=2", $mtl->lang['image_intro']);
  1109.  
  1110.  
  1111. if(! ($simp_image_sets || $dyn_image_sets))
  1112. {
  1113. // No custom image sets available, use the defaults
  1114.  
  1115. $simp_image_data = array('img_set' => 'MTL');
  1116. $code = str_replace("%url%", "{$mtl->config['url']}{$mtl->config['filename']}?vote={$this->user['id']}", $mtl->config['image_code']);
  1117. $code = str_replace("%imgurl%", "{$mtl->config['url']}{$mtl->config['filename']}?img={$this->user['id']}", $code);
  1118. $simp_image_data['code'] = htmlentities($code);
  1119.  
  1120. $dh2 = opendir($setDir = ($root_path."html/nums/"));
  1121. $images = array();
  1122. while($file2 = readdir($dh2))
  1123. {
  1124. if($file2{0} !== '.'
  1125. && is_file($setDir . '/' . $file2)
  1126. && preg_match('/(?:no)?([0-9]+)([-+]([0-9]+)?)?\.(.*)$/', $file2, $m))
  1127. {
  1128. $images[(int)$m[1]] = $file2;
  1129. }
  1130. }
  1131. closedir($dh2);
  1132. if($images)
  1133. {
  1134. ksort($images);
  1135. $simp_image_data['sample_images'] = '';
  1136. foreach($images as $img)
  1137. {
  1138. $simp_image_data['sample_images'] .= "<img src='html/nums/{$file}/{$img}' />";
  1139. }
  1140.  
  1141. $simp_image_sets .= $mtl->skin->usercp->image_set($simp_image_data);
  1142. }
  1143.  
  1144. if($simp_image_sets)
  1145. {
  1146. $simp_image_sets = $mtl->skin->usercp->image_sets
  1147. (array
  1148. ('intro' => $mtl->lang['simp_image_intro'],
  1149. 'sets' => $simp_image_sets,
  1150. )
  1151. );
  1152. }
  1153.  
  1154. }
  1155.  
  1156. $data['simp_image_sets'] = $simp_image_sets;
  1157. $data['dyn_image_sets'] = $dyn_image_sets;
  1158.  
  1159. $output .= $mtl->skin->usercp->image_code($data);
  1160. $output .= $mtl->skin->usercp->usercp_foot();
  1161.  
  1162. $nav = array (
  1163. 'url' => '?'.$mtl->sessionhtml.'act=ucp',
  1164. 'name' => $mtl->lang['usercp'],
  1165. 'name2' => $mtl->lang['image_code'],
  1166. );
  1167.  
  1168. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  1169.  
  1170. }
  1171.  
  1172. function show_ring() // CODE '19'
  1173. { global $mtl;
  1174.  
  1175. $output = $this->load_top(array ('title' => '- '.$mtl->lang['ring_code']));
  1176.  
  1177. $code['code'] = str_replace("%url%", $mtl->config['url'] . $mtl->config['filename'], $mtl->config['ring_code']);
  1178. $code['code'] = str_replace("%id%", $this->user['id'], $code['code']);
  1179. $code['code'] = str_replace("%mtlname%", $mtl->config['name'], $code['code']);
  1180. $code['code_orig'] = $code['code'];
  1181. $code['code'] = str_replace('<', '<', $code['code']);
  1182. $code['code'] = str_replace('>', '>', $code['code']);
  1183. $code['code_spaced'] = nl2br($code['code']);
  1184. $code['intro'] = str_replace('<##link##>', "{$mtl->base_url}&act=faq&store=2", $mtl->lang['ring_intro']);
  1185. $code['top'] = $this->user['top'];
  1186.  
  1187. $output .= $mtl->skin->usercp->ring_code($code);
  1188.  
  1189. $output .= $mtl->skin->usercp->usercp_foot();
  1190. $nav = array (
  1191. 'url' => '?'.$mtl->sessionhtml.'act=ucp',
  1192. 'name' => $mtl->lang['usercp'],
  1193. 'name2' => $mtl->lang['ring_code'],
  1194. );
  1195.  
  1196. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $nav, 'DATA' => $output));
  1197.  
  1198. }
  1199.  
  1200. function show_overview()
  1201. { global $mtl, $DB;
  1202.  
  1203. $this->user['weeks'] = str_replace("<##weeks##>", round((time()-$this->user['date'])/(3600*24)/7, 1), $mtl->lang['weeks_on_list']);
  1204. $this->user['rating'] = "<img src='html/{$mtl->skin_choice['dir']}/images/star_".$mtl->work_rating($this->user['rating'], $this->user['rating_total']).".gif' alt='".str_replace("<##times##>", $this->user['rating_total'], $mtl->lang['rated_times'])."' border='0'>";
  1205. $this->user['past_rating'] = "<img src='html/{$mtl->skin_choice['dir']}/images/star_{$this->user['rating_past']}.gif' alt='{$mtl->lang['rating']}' border='0'>";
  1206. $this->user['date'] = $mtl->date($this->user['date'], 'long');
  1207. $this->user[$size.'_select'] = "selected='selected'";
  1208.  
  1209. $this->user['a_admin'] = ($this->user['a_admin'] == 1) ? $mtl->lang['yes'] : $mtl->lang['no'];
  1210.  
  1211. $output = $this->load_top();
  1212. $output .= $mtl->skin->usercp->show_site_overview($this->user);
  1213. $output .= $mtl->skin->usercp->usercp_foot();
  1214.  
  1215. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $mtl->lang['usercp'], 'DATA' => $output));
  1216.  
  1217. }
  1218.  
  1219. function show_main() // DEFAULT
  1220. { global $mtl, $DB;
  1221.  
  1222. if($this->user['notepad_size'] == 18)
  1223. { $size = "large"; }
  1224. else if($this->user['notepad_size'] == 12)
  1225. { $size = "medium"; }
  1226. else
  1227. { $size = "small"; }
  1228.  
  1229. $this->user['date'] = $mtl->date($this->user['udate'], 'long');
  1230. $this->user[$size.'_select'] = "selected='selected'";
  1231.  
  1232. $tmp = $DB->query("SELECT * FROM mtl_users WHERE uid='".$this->user['uid']."' AND password='".$this->user['password']."' AND ban!=1");
  1233. $data = $DB->fetch_row($tmp);
  1234. $a_mail = $data['a_mail'];
  1235. $a_admin = $data['a_admin'];
  1236.  
  1237. $this->user['a_mail'] = ($a_mail == 1) ? $mtl->lang['yes'] : $mtl->lang['no'];
  1238. $this->user['ua_admin'] = ($a_admin == 1) ? $mtl->lang['yes'] : $mtl->lang['no'];
  1239.  
  1240. if($this->user['notepad'] == "")
  1241. { $this->user['notepad'] = $mtl->lang['notepad_intro']; }
  1242.  
  1243. $this->user['count'] = $DB->count($DB->query("SELECT id FROM mtl_sites WHERE owner='{$this->user['uid']}'"));
  1244.  
  1245. if($mtl->config['enable_multaccts'] == 1)
  1246. { $this->user['select'] = "<br /><br /><b>".str_replace("<##selecturl##>", "<a href='{$mtl->base_url}{$mtl->sessionhtml}act=ucp&CODE=22'>", $mtl->lang['welcomeselect'])."</b>"; }
  1247.  
  1248. if($this->user['max_sites'] == 0)
  1249. { $this->user['max_sites'] = $mtl->config['max_sites']; }
  1250.  
  1251. $output = $this->load_top();
  1252.  
  1253. $output .= $mtl->skin->usercp->main($this->user);
  1254. $output .= $mtl->skin->usercp->usercp_foot();
  1255.  
  1256. $outputarray = explode('<!--Site Listing-->', $output);
  1257.  
  1258. if(count($outputarray) == 1)
  1259. { $output = $outputarray[0]; }
  1260. else
  1261. { $output = $outputarray[0];
  1262.  
  1263. $DB->query("SELECT id,name FROM mtl_categories");
  1264. while($r = $DB->fetch_row())
  1265. { $cat[$r['id']] = $r['name']; }
  1266.  
  1267. $cat['1'] = $mtl->lang['noneselected'];
  1268. $cat[''] = $mtl->lang['noneselected'];
  1269. $cat['0'] = $mtl->lang['noneselected'];
  1270.  
  1271. $DB->query("SELECT id,a_admin,cat,site_name,in_webring,votes,out,hits,rating_total,rating
  1272. FROM mtl_sites
  1273. WHERE owner='{$this->user['uid']}'
  1274. ORDER BY site_name ASC");
  1275. $middle = $outputarray[1];
  1276.  
  1277. if($mtl->config['rows_banner'] != 0)
  1278. { $middle = str_replace("<!--Show Image Options", "", $middle);
  1279. $middle = str_replace("End Image Options-->", "", $middle);
  1280. }
  1281.  
  1282. while($r = $DB->fetch_row())
  1283. { $toutput = $middle;
  1284. $toutput = str_replace("<!--Site Name-->", $r['site_name'], $toutput);
  1285. $toutput = str_replace("<!--Category-->", $cat[$r['cat']], $toutput);
  1286. $toutput = str_replace("<!--ID-->", $r['id'], $toutput);
  1287.  
  1288. $output .= $toutput;
  1289. }
  1290. $output .= $outputarray[2];
  1291. }
  1292. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['usercp'], 'NAV' => 1, 'NAV_DATA' => $mtl->lang['usercp'], 'DATA' => $output));
  1293.  
  1294. }
  1295.  
  1296. function show_login()
  1297. { global $mtl;
  1298.  
  1299. /// To show a form/login
  1300. $output = $mtl->skin->usercp->login_form();
  1301. $mtl->output->do_output(array('TITLE' => $mtl->config['name'] . ' - ' . $mtl->lang['login'], 'NAV' => 1, 'NAV_DATA' => $mtl->lang['login'], 'DATA' => $output));
  1302. }
  1303.  
  1304. function load_top($array=array())
  1305. { global $mtl;
  1306.  
  1307. if($mtl->config['userrow']['pathtoprofile'] != '')
  1308. { $array['general'] = $mtl->config['userrow']['pathtoprofile']; }
  1309. else
  1310. { $array['general'] = "{$mtl->base_url}{$mtl->sessionhtml}act=ucp&CODE=20"; }
  1311.  
  1312. if($mtl->config['userrow']['pathtochangeemail'] != '')
  1313. { $array['email'] = $mtl->config['userrow']['pathtochangeemail']; }
  1314. else
  1315. { $array['email'] = "{$mtl->base_url}{$mtl->sessionhtml}act=ucp&CODE=07"; }
  1316.  
  1317. if($mtl->config['userrow']['pathtochangepass'] != '')
  1318. { $array['pass'] = $mtl->config['userrow']['pathtochangepass']; }
  1319. else
  1320. { $array['pass'] = "{$mtl->base_url}{$mtl->sessionhtml}act=ucp&CODE=09"; }
  1321.  
  1322. $top = $mtl->skin->usercp->usercp_top($array);
  1323.  
  1324. if($mtl->config['rows_banner'] != 0)
  1325. { $top = str_replace("<!--Show Image Options", "", $top);
  1326. $top = str_replace("End Image Options-->", "", $top);
  1327. }
  1328. if($mtl->config["enable_votes_record"] == 1)
  1329. { $top = str_replace("<!--Show Vote Code", "", $top);
  1330. $top = str_replace("End Vote Code-->", "", $top);
  1331. }
  1332. if($mtl->config["enable_hits_record"] == 1 AND $mtl->config['enable_img'] != 1)
  1333. { $top = str_replace("<!--Show Hits Code", "", $top);
  1334. $top = str_replace("End Hits Code-->", "", $top);
  1335. }
  1336. if($mtl->config['enable_img'] == 1)
  1337. { $top = str_replace("<!--Show Image Code", "", $top);
  1338. $top = str_replace("End Image Code-->", "", $top);
  1339. }
  1340. if($mtl->config["enable_rating"] == 1)
  1341. { $top = str_replace("<!--Show Rate Code", "", $top);
  1342. $top = str_replace("End Rate Code-->", "", $top);
  1343. }
  1344. if($mtl->config["enable_webring"] == 1)
  1345. { $top = str_replace("<!--Show Ring Code", "", $top);
  1346. $top = str_replace("End Ring Code-->", "", $top);
  1347. }
  1348. if($mtl->config['enable_multaccts'] == 1)
  1349. { $top = str_replace("<!--Show Multi-Site Options", "", $top);
  1350. $top = str_replace("End Multi-Site Options-->", "", $top);
  1351. }
  1352.  
  1353. $showcode = array('02','04','05','06','11','12','17','18','19','28','29');
  1354.  
  1355. if($this->user['id'] != 0 AND $mtl->input['CODE'] != '' AND in_array($mtl->input['CODE'], $showcode))
  1356. { $top = str_replace("<!--Start Site-Dependent Contents", "", $top);
  1357. $top = str_replace("End Site-Dependent Contents-->", "", $top);
  1358. $top = str_replace("<!--ID-->", $this->user['id'], $top);
  1359. $top = str_replace("<!--TOP-->", $this->user['top'], $top);
  1360. }
  1361. else
  1362. { $top = preg_replace("/<!--Start Site-Dependent Contents(.*?)End Site-Dependent Contents-->/si", "", $top);
  1363.  
  1364. }
  1365.  
  1366. return $top;
  1367. }
  1368. function generate_cats($cats,$parent=0,$space='',$currentcat='')
  1369. { for($i = 0; $i < count($cats); $i++)
  1370. { if($cats[$i]['parent'] == $parent)
  1371. { $ourlist[] = $cats[$i]; }
  1372. }
  1373.  
  1374. if(!isset($ourlist))
  1375. { return; }
  1376.  
  1377. foreach($ourlist as $cat)
  1378. { if($currentcat == $cat['id']) // Show user which category they're viewing
  1379. { $sel = " selected";
  1380. }
  1381. else
  1382. { $sel = ""; }
  1383. $output .= "<option value='{$cat['id']}'{$sel}>".$space." ".$star.$cat['name'].$star."</option>\n". $this->generate_cats($cats, $cat['id'], $space . '--', $currentcat); }
  1384.  
  1385. return $output;
  1386. }
  1387.  
  1388. }
  1389.  
  1390. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!