XMB PHP Cross Reference Discussion Forums

Source: /cp.php - 2327 lines - 117725 bytes - Summary - Text - Print

Description: eXtreme Message Board XMB 1.9.11

   1  <?php
   2  /**
   3   * eXtreme Message Board
   4   * XMB 1.9.11
   5   *
   6   * Developed And Maintained By The XMB Group
   7   * Copyright (c) 2001-2012, The XMB Group
   8   * http://www.xmbforum2.com/
   9   *
  10   * This program is free software; you can redistribute it and/or
  11   * modify it under the terms of the GNU General Public License
  12   * as published by the Free Software Foundation; either version 2
  13   * of the License, or (at your option) any later version.
  14   *
  15   * This program is distributed in the hope that it will be useful,
  16   * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18   * GNU General Public License for more details.
  19   *
  20   * You should have received a copy of the GNU General Public License
  21   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  22   *
  23   **/
  24  
  25  define('X_SCRIPT', 'cp.php');
  26  
  27  require  'header.php';
  28  require  ROOT.'include/admin.inc.php';
  29  
  30  header('X-Robots-Tag: noindex');
  31  
  32  loadtemplates('error_nologinsession');
  33  
  34  nav($lang['textcp']);
  35  
  36  eval('$css = "'.template('css').'";');
  37  eval('echo "'.template('header').'";');
  38  echo '<script language="JavaScript" type="text/javascript" src="./js/admin.js"></script>';
  39  
  40  if (!X_ADMIN) {
  41      eval('echo "'.template('error_nologinsession').'";');
  42      end_time();
  43      eval('echo "'.template('footer').'";');
  44      exit();
  45  }
  46  
  47  $auditaction = $_SERVER['REQUEST_URI'];
  48  $aapos = strpos($auditaction, "?");
  49  if ($aapos !== false) {
  50      $auditaction = substr($auditaction, $aapos + 1);
  51  }
  52  $auditaction = addslashes("$onlineip|#|$auditaction");
  53  audit($xmbuser, $auditaction, 0, 0);
  54  
  55  displayAdminPanel();
  56  
  57  $action = postedVar('action', '', FALSE, FALSE, FALSE, 'g');
  58  
  59  if ($action == "settings") {
  60      if (noSubmit('settingsubmit1')
  61      And noSubmit('settingsubmit2')
  62      And noSubmit('settingsubmit3')
  63      And noSubmit('settingsubmit4')
  64      And noSubmit('settingsubmit5')
  65      And noSubmit('settingsubmit6')
  66      And noSubmit('settingsubmit7')) {
  67          $langfileselect = createLangFileSelect($SETTINGS['langfile']);
  68  
  69          $themelist = array();
  70          $themelist[] = '<select name="themenew">';
  71          $query = $db->query("SELECT themeid, name FROM ".X_PREFIX."themes ORDER BY name ASC");
  72          while($themeinfo = $db->fetch_array($query)) {
  73              if ($themeinfo['themeid'] == $SETTINGS['theme']) {
  74                  $themelist[] = '<option value="'.intval($themeinfo['themeid']).'" '.$selHTML.'>'.$themeinfo['name'].'</option>';
  75              } else {
  76                  $themelist[] = '<option value="'.intval($themeinfo['themeid']).'">'.$themeinfo['name'].'</option>';
  77              }
  78          }
  79          $themelist[] = '</select>';
  80          $themelist = implode("\n", $themelist);
  81          $db->free_result($query);
  82  
  83          $onselect = $offselect = '';
  84          settingHTML('bbstatus', $onselect, $offselect);
  85  
  86          $whosonlineon = $whosonlineoff = '';
  87          settingHTML('whosonlinestatus', $whosonlineon, $whosonlineoff);
  88  
  89          $regon = $regoff = '';
  90          settingHTML('regstatus', $regon, $regoff);
  91  
  92          $regonlyon = $regonlyoff = '';
  93          settingHTML('regviewonly', $regonlyon, $regonlyoff);
  94  
  95          $catsonlyon = $catsonlyoff = '';
  96          settingHTML('catsonly', $catsonlyon, $catsonlyoff);
  97  
  98          $hideon = $hideoff = '';
  99          settingHTML('hideprivate', $hideon, $hideoff);
 100  
 101          $echeckon = $echeckoff = '';
 102          settingHTML('emailcheck', $echeckon, $echeckoff);
 103  
 104          $ruleson = $rulesoff = '';
 105          settingHTML('bbrules', $ruleson, $rulesoff);
 106  
 107          $searchon = $searchoff = '';
 108          settingHTML('searchstatus', $searchon, $searchoff);
 109  
 110          $faqon = $faqoff = '';
 111          settingHTML('faqstatus', $faqon, $faqoff);
 112  
 113          $memliston = $memlistoff = '';
 114          settingHTML('memliststatus', $memliston, $memlistoff);
 115  
 116          $todayon = $todayoff = '';
 117          settingHTML('todaysposts', $todayon, $todayoff);
 118  
 119          $statson = $statsoff = '';
 120          settingHTML('stats', $statson, $statsoff);
 121  
 122          $gzipcompresson = $gzipcompressoff = '';
 123          settingHTML('gzipcompress', $gzipcompresson, $gzipcompressoff);
 124  
 125          $coppaon = $coppaoff = '';
 126          settingHTML('coppa', $coppaon, $coppaoff);
 127  
 128          $sigbbcodeon = $sigbbcodeoff = '';
 129          settingHTML('sigbbcode', $sigbbcodeon, $sigbbcodeoff);
 130  
 131          $sightmlon = $sightmloff = '';
 132          settingHTML('sightml', $sightmlon, $sightmloff);
 133  
 134          $reportposton = $reportpostoff = '';
 135          settingHTML('reportpost', $reportposton, $reportpostoff);
 136  
 137          $bbinserton = $bbinsertoff = '';
 138          settingHTML('bbinsert', $bbinserton, $bbinsertoff);
 139  
 140          $smileyinserton = $smileyinsertoff = '';
 141          settingHTML('smileyinsert', $smileyinserton, $smileyinsertoff);
 142  
 143          $doubleeon = $doubleeoff = '';
 144          settingHTML('doublee', $doubleeon, $doubleeoff);
 145  
 146          $editedbyon = $editedbyoff = '';
 147          settingHTML('editedby', $editedbyon, $editedbyoff);
 148  
 149          $dotfolderson = $dotfoldersoff = '';
 150          settingHTML('dotfolders', $dotfolderson, $dotfoldersoff);
 151  
 152          $attachimgposton = $attachimgpostoff = '';
 153          settingHTML('attachimgpost', $attachimgposton, $attachimgpostoff);
 154  
 155          $tickerstatuson = $tickerstatusoff = '';
 156          settingHTML('tickerstatus', $tickerstatuson, $tickerstatusoff);
 157  
 158          $spacecatson = $spacecatsoff = '';
 159          settingHTML('space_cats', $spacecatson, $spacecatsoff);
 160  
 161          $subjectInTitleOn = $subjectInTitleOff = '';
 162          settingHTML('subject_in_title', $subjectInTitleOn, $subjectInTitleOff);
 163  
 164          $allowrankediton = $allowrankeditoff = '';
 165          settingHTML('allowrankedit', $allowrankediton, $allowrankeditoff);
 166  
 167          $spellcheckon = $spellcheckoff = '';
 168          settingHTML('spellcheck', $spellcheckon, $spellcheckoff);
 169  
 170          $resetSigOn = $resetSigOff = '';
 171          settingHTML('resetsigs', $resetSigOn, $resetSigOff);
 172  
 173          $captchaOn = $captchaOff = '';
 174          settingHTML('captcha_status', $captchaOn, $captchaOff);
 175  
 176          $captcharegOn = $captcharegOff = '';
 177          settingHTML('captcha_reg_status', $captcharegOn, $captcharegOff);
 178  
 179          $captchapostOn = $captchapostOff = '';
 180          settingHTML('captcha_post_status', $captchapostOn, $captchapostOff);
 181  
 182          $captchasearchOn = $captchasearchOff = '';
 183          settingHTML('captcha_search_status', $captchasearchOn, $captchasearchOff);
 184  
 185          $captchacodecaseOn = $captchacodecaseOff = '';
 186          settingHTML('captcha_code_casesensitive', $captchacodecaseOn, $captchacodecaseOff);
 187  
 188          $captchacodeshadowOn = $captchacodeshadowOff = '';
 189          settingHTML('captcha_code_shadow', $captchacodeshadowOn, $captchacodeshadowOff);
 190  
 191          $captchaimagecolorOn = $captchaimagecolorOff = '';
 192          settingHTML('captcha_image_color', $captchaimagecolorOn, $captchaimagecolorOff);
 193  
 194          $showsubson = $showsubsoff = '';
 195          settingHTML('showsubforums', $showsubson, $showsubsoff);
 196  
 197          $regoptionalon = $regoptionaloff = '';
 198          settingHTML('regoptional', $regoptionalon, $regoptionaloff);
 199  
 200          $quickreply_statuson = $quickreply_statusoff = '';
 201          settingHTML('quickreply_status', $quickreply_statuson, $quickreply_statusoff);
 202  
 203          $quickjump_statuson = $quickjump_statusoff = '';
 204          settingHTML('quickjump_status', $quickjump_statuson, $quickjump_statusoff);
 205  
 206          $index_statson = $index_statsoff = '';
 207          settingHTML('index_stats', $index_statson, $index_statsoff);
 208  
 209          $onlinetoday_statuson = $onlinetoday_statusoff = '';
 210          settingHTML('onlinetoday_status', $onlinetoday_statuson, $onlinetoday_statusoff);
 211  
 212          $remoteimageson = $remoteimagesoff = '';
 213          settingHTML('attach_remote_images', $remoteimageson, $remoteimagesoff);
 214  
 215          $check12 = $check24 = '';
 216          if ($SETTINGS['timeformat'] == 24) {
 217              $check24 = $cheHTML;
 218          } else {
 219              $check12 = $cheHTML;
 220          }
 221  
 222          $indexShowBarCats = $indexShowBarTop = $indexShowBarNone = false;
 223          switch($SETTINGS['indexshowbar']) {
 224              case 1:
 225                  $indexShowBarCats = true;
 226                  break;
 227              case 3:
 228                  $indexShowBarNone = true;
 229                  break;
 230              default:
 231                  $indexShowBarTop = true;
 232                  break;
 233          }
 234  
 235          $spell_off_reason = '';
 236          if (!defined('PSPELL_FAST')) {
 237              $spell_off_reason = $lang['pspell_needed'];
 238              $SETTINGS['spellcheck'] = 'off';
 239          }
 240  
 241          $notifycheck[0] = $notifycheck[1] = $notifycheck[2] = false;
 242          if ($SETTINGS['notifyonreg'] == 'off') {
 243              $notifycheck[0] = true;
 244          } else if ($SETTINGS['notifyonreg'] == 'u2u') {
 245              $notifycheck[1] = true;
 246          } else {
 247              $notifycheck[2] = true;
 248          }
 249  
 250          $allowipreg[0] = $allowipreg[1] = false;
 251          if ($SETTINGS['ipreg'] == 'on') {
 252              $allowipreg[0] = true;
 253          } else {
 254              $allowipreg[1] = true;
 255          }
 256  
 257          $footer_options = explode('-', $SETTINGS['footer_options']);
 258          if (in_array('serverload', $footer_options)) {
 259              $sel_serverload = true;
 260          } else {
 261              $sel_serverload = false;
 262          }
 263  
 264          if (in_array('queries', $footer_options)) {
 265              $sel_queries = true;
 266          } else {
 267              $sel_queries = false;
 268          }
 269  
 270          if (in_array('phpsql', $footer_options)) {
 271              $sel_phpsql = true;
 272          } else {
 273              $sel_phpsql = false;
 274          }
 275  
 276          if (in_array('loadtimes', $footer_options)) {
 277              $sel_loadtimes = true;
 278          } else {
 279              $sel_loadtimes = false;
 280          }
 281  
 282          $avchecked[0] = $avchecked[1] = $avchecked[2] = false;
 283          if ($SETTINGS['avastatus'] == 'list') {
 284              $avchecked[1] = true;
 285          } else if ($SETTINGS['avastatus'] == 'off') {
 286              $avchecked[2] = true;
 287          } else {
 288              $avchecked[0] = true;
 289          }
 290  
 291          $timezone1 = $timezone2 = $timezone3 = $timezone4 = $timezone5 = $timezone6 = false;
 292          $timezone7 = $timezone8 = $timezone9 = $timezone10 = $timezone11 = $timezone12 = false;
 293          $timezone13 = $timezone14 = $timezone15 = $timezone16 = $timezone17 = $timezone18 = false;
 294          $timezone19 = $timezone20 = $timezone21 = $timezone22 = $timezone23 = $timezone24 = false;
 295          $timezone25 = $timezone26 = $timezone27 = $timezone28 = $timezone29 = $timezone30 = false;
 296          $timezone31 = $timezone32 = $timezone33 = false;
 297          switch($SETTINGS['def_tz']) {
 298              case '-12.00':
 299                  $timezone1 = true;
 300                  break;
 301              case '-11.00':
 302                  $timezone2 = true;
 303                  break;
 304              case '-10.00':
 305                  $timezone3 = true;
 306                  break;
 307              case '-9.00':
 308                  $timezone4 = true;
 309                  break;
 310              case '-8.00':
 311                  $timezone5 = true;
 312                  break;
 313              case '-7.00':
 314                  $timezone6 = true;
 315                  break;
 316              case '-6.00':
 317                  $timezone7 = true;
 318                  break;
 319              case '-5.00':
 320                  $timezone8 = true;
 321                  break;
 322              case '-4.00':
 323                  $timezone9 = true;
 324                  break;
 325              case '-3.50':
 326                  $timezone10 = true;
 327                  break;
 328              case '-3.00':
 329                  $timezone11 = true;
 330                  break;
 331              case '-2.00':
 332                  $timezone12 = true;
 333                  break;
 334              case '-1.00':
 335                  $timezone13 = true;
 336                  break;
 337              case '1.00':
 338                  $timezone15 = true;
 339                  break;
 340              case '2.00':
 341                  $timezone16 = true;
 342                  break;
 343              case '3.00':
 344                  $timezone17 = true;
 345                  break;
 346              case '3.50':
 347                  $timezone18 = true;
 348                  break;
 349              case '4.00':
 350                  $timezone19 = true;
 351                  break;
 352              case '4.50':
 353                  $timezone20 = true;
 354                  break;
 355              case '5.00':
 356                  $timezone21 = true;
 357                  break;
 358              case '5.50':
 359                  $timezone22 = true;
 360                  break;
 361              case '5.75':
 362                  $timezone23 = true;
 363                  break;
 364              case '6.00':
 365                  $timezone24 = true;
 366                  break;
 367              case '6.50':
 368                  $timezone25 = true;
 369                  break;
 370              case '7.00':
 371                  $timezone26 = true;
 372                  break;
 373              case '8.00':
 374                  $timezone27 = true;
 375                  break;
 376              case '9.00':
 377                  $timezone28 = true;
 378                  break;
 379              case '9.50':
 380                  $timezone29 = true;
 381                  break;
 382              case '10.00':
 383                  $timezone30 = true;
 384                  break;
 385              case '11.00':
 386                  $timezone31 = true;
 387                  break;
 388              case '12.00':
 389                  $timezone32 = true;
 390                  break;
 391              case '13.00':
 392                  $timezone33 = true;
 393                  break;
 394              case '0.00':
 395              default:
 396                  $timezone14 = true;
 397                  break;
 398          }
 399  
 400          $values = array('serverload', 'queries', 'phpsql', 'loadtimes');
 401          $names = array($lang['Enable_Server_Load'], $lang['Enable_Queries'], $lang['Enable_PHP_SQL'], $lang['Enable_Page_load']);
 402          $checked = array($sel_serverload, $sel_queries, $sel_phpsql, $sel_loadtimes);
 403  
 404          $max_avatar_sizes = explode('x', $SETTINGS['max_avatar_size']);
 405          $lang['spell_checker'] .= $spell_off_reason;
 406          ?>
 407          <tr bgcolor="<?php echo $altbg2?>">
 408          <td align="center">
 409          <span class="smalltxt">
 410          <a href="#1"><?php echo $lang['admin_main_settings1']; ?></a><br />
 411          <a href="#2"><?php echo $lang['admin_main_settings2']; ?></a><br />
 412          <a href="#3"><?php echo $lang['admin_main_settings3']; ?></a><br />
 413          <a href="#4"><?php echo $lang['admin_main_settings4']; ?></a><br />
 414          <a href="#5"><?php echo $lang['admin_main_settings5']; ?></a><br />
 415          <a href="#8"><?php echo $lang['admin_main_settings8']; ?></a><br />
 416          <a href="#6"><?php echo $lang['admin_main_settings6']; ?></a><br />
 417          <a href="#7"><?php echo $lang['admin_main_settings7']; ?></a><br />
 418          </span>
 419          <form method="post" action="cp.php?action=settings">
 420          <input type="hidden" name="token" value="<?php echo nonce_create('mainsettings'); ?>" />
 421          <table cellspacing="0" cellpadding="0" border="0" width="<?php echo $tablewidth?>" align="center">
 422          <tr>
 423          <td bgcolor="<?php echo $bordercolor?>">
 424          <table border="0" cellspacing="<?php echo $THEME['borderwidth']?>" cellpadding="<?php echo $tablespace?>" width="100%">
 425          <tr class="category">
 426          <td colspan="2"><strong><font color="<?php echo $cattext?>"><a name="1" />&raquo;&nbsp;<?php echo $lang['admin_main_settings1']?></font></strong></td>
 427          </tr>
 428          <?php
 429          printsetting2($lang['textsitename'], 'sitenamenew', $SETTINGS['sitename'], 50);
 430          printsetting2($lang['bbname'], 'bbnamenew', $SETTINGS['bbname'], 50);
 431          printsetting2($lang['textsiteurl'], 'siteurlnew', $SETTINGS['siteurl'], 50);
 432          printsetting2($lang['adminemail'], 'adminemailnew', $SETTINGS['adminemail'], 50);
 433          printsetting1($lang['textbbrules'], 'bbrulesnew', $ruleson, $rulesoff);
 434          ?>
 435          <?php
 436          printsetting4($lang['textbbrulestxt'], 'bbrulestxtnew', cdataOut($SETTINGS['bbrulestxt']), 5, 50);
 437          printsetting1($lang['textbstatus'], 'bbstatusnew', $onselect, $offselect);
 438          printsetting4($lang['textbboffreason'], 'bboffreasonnew', $SETTINGS['bboffreason'], 5, 50);
 439          printsetting1($lang['gzipcompression'], 'gzipcompressnew', $gzipcompresson, $gzipcompressoff);
 440          ?>
 441          <tr class="ctrtablerow">
 442          <td bgcolor="<?php echo $altbg2?>" colspan="2"><input class="submit" type="submit" name="settingsubmit1" value="<?php echo $lang['textsubmitchanges']?>" /></td>
 443          </tr>
 444          <tr class="category">
 445          <td colspan="2"><strong><font color="<?php echo $cattext?>"><a name="2" />&raquo;&nbsp;<?php echo $lang['admin_main_settings2']?></font></strong></td>
 446          </tr>
 447          <tr class="tablerow">
 448          <td bgcolor="<?php echo $altbg1?>"><?php echo $lang['textlanguage']?></td>
 449          <td bgcolor="<?php echo $altbg2?>"><?php echo $langfileselect?></td>
 450          </tr>
 451          <tr class="tablerow">
 452          <td bgcolor="<?php echo $altbg1?>"><?php echo $lang['texttheme']?></td>
 453          <td bgcolor="<?php echo $altbg2?>"><?php echo $themelist?></td>
 454          </tr>
 455          <?php
 456          printsetting2($lang['textppp'], 'postperpagenew', ((int)$SETTINGS['postperpage']), 3);
 457          printsetting2($lang['texttpp'], 'topicperpagenew', ((int)$SETTINGS['topicperpage']), 3);
 458          printsetting2($lang['textmpp'], 'memberperpagenew', ((int)$SETTINGS['memberperpage']), 3);
 459          ?>
 460          <tr class="tablerow">
 461          <td bgcolor="<?php echo $altbg1?>"><?php echo $lang['texttimeformat']?></td>
 462          <td bgcolor="<?php echo $altbg2?>"><input type="radio" value="24" name="timeformatnew" <?php echo $check24?> />&nbsp;<?php echo $lang['text24hour']?>&nbsp;<input type="radio" value="12" name="timeformatnew" <?php echo $check12?> />&nbsp;<?php echo $lang['text12hour']?></td>
 463          </tr>
 464          <?php
 465          printsetting2($lang['dateformat'], 'dateformatnew', $SETTINGS['dateformat'], 20);
 466          ?>
 467          <tr class="ctrtablerow">
 468          <td bgcolor="<?php echo $altbg2?>" colspan="2"><input class="submit" type="submit" name="settingsubmit2" value="<?php echo $lang['textsubmitchanges']?>" /></td>
 469          </tr>
 470          <tr class="category">
 471          <td colspan="2"><strong><font color="<?php echo $cattext?>"><a name="3" />&raquo;&nbsp;<?php echo $lang['admin_main_settings3']?></font></strong></td>
 472          </tr>
 473          <?php
 474          printsetting1($lang['textsearchstatus'], 'searchstatusnew', $searchon, $searchoff);
 475          printsetting1($lang['textfaqstatus'], 'faqstatusnew', $faqon, $faqoff);
 476          printsetting1($lang['texttodaystatus'], 'todaystatusnew', $todayon, $todayoff);
 477          printsetting1($lang['textstatsstatus'], 'statsstatusnew', $statson,  $statsoff);
 478          printsetting1($lang['textmemliststatus'], 'memliststatusnew', $memliston, $memlistoff);
 479          printsetting1($lang['spell_checker'], 'spellchecknew', $spellcheckon, $spellcheckoff);
 480          printsetting1($lang['coppastatus'], 'coppanew', $coppaon, $coppaoff);
 481          printsetting1($lang['reportpoststatus'], 'reportpostnew', $reportposton, $reportpostoff);
 482          ?>
 483          <tr class="ctrtablerow">
 484          <td bgcolor="<?php echo $altbg2?>" colspan="2"><input class="submit" type="submit" name="settingsubmit3" value="<?php echo $lang['textsubmitchanges']?>" /></td>
 485          </tr>
 486          <tr class="category">
 487          <td colspan="2"><strong><font color="<?php echo $cattext?>"><a name="4" />&raquo;&nbsp;<?php echo $lang['admin_main_settings4']?></font></strong></td>
 488          </tr>
 489          <?php
 490          printsetting1($lang['showsubforums'], 'showsubforumsnew', $showsubson, $showsubsoff);
 491          printsetting1($lang['space_cats'], 'space_catsnew', $spacecatson, $spacecatsoff);
 492          printsetting3($lang['indexShowBarDesc'], 'indexShowBarNew', array($lang['indexShowBarCats'], $lang['indexShowBarTop'], $lang['indexShowBarNone']), array(1, 2, 3), array($indexShowBarCats, $indexShowBarTop, $indexShowBarNone), false);
 493          printsetting1($lang['index_stats'], 'index_statsnew', $index_statson, $index_statsoff);
 494          printsetting1($lang['quickreply_status'], 'quickreply_statusnew', $quickreply_statuson, $quickreply_statusoff);
 495          printsetting1($lang['quickjump_status'], 'quickjump_statusnew', $quickjump_statuson, $quickjump_statusoff);
 496          printsetting1($lang['allowrankedit'], 'allowrankeditnew', $allowrankediton, $allowrankeditoff);
 497          printsetting1($lang['subjectInTitle'], 'subjectInTitleNew', $subjectInTitleOn, $subjectInTitleOff);
 498          printsetting1($lang['textcatsonly'], 'catsonlynew', $catsonlyon, $catsonlyoff);
 499          printsetting1($lang['whosonline_on'], 'whos_on', $whosonlineon, $whosonlineoff);
 500          printsetting1($lang['onlinetoday_status'], 'onlinetoday_statusnew', $onlinetoday_statuson, $onlinetoday_statusoff);
 501          printsetting2($lang['max_onlinetodaycount'], 'onlinetodaycountnew', ((int)$SETTINGS['onlinetodaycount']), 5);
 502          printsetting2($lang['smtotal'], 'smtotalnew', ((int)$SETTINGS['smtotal']), 5);
 503          printsetting2($lang['smcols'], 'smcolsnew', ((int)$SETTINGS['smcols']), 5);
 504          printsetting1($lang['dotfolders'], 'dotfoldersnew', $dotfolderson, $dotfoldersoff);
 505          printsetting1($lang['editedby'], 'editedbynew', $editedbyon, $editedbyoff);
 506          ?>
 507          <tr class="ctrtablerow">
 508          <td bgcolor="<?php echo $altbg2?>" colspan="2"><input class="submit" type="submit" name="settingsubmit3" value="<?php echo $lang['textsubmitchanges']?>" /></td>
 509          </tr>
 510          <tr class="category">
 511          <td colspan="2"><strong><font color="<?php echo $cattext?>"><a name="5" />&raquo;&nbsp;<?php echo $lang['admin_main_settings5']?></font></strong></td>
 512          </tr>
 513          <?php
 514          printsetting1($lang['reg_on'], 'reg_on', $regon, $regoff);
 515          printsetting3($lang['ipreg'], 'ipReg', array($lang['texton'], $lang['textoff']), array('on', 'off'), $allowipreg, false);
 516          printsetting2($lang['max_daily_regs'], 'maxDayReg', ((int)$SETTINGS['maxdayreg']), 3);
 517          printsetting3($lang['notifyonreg'], 'notifyonregnew', array($lang['textoff'], $lang['viau2u'], $lang['viaemail']), array('off', 'u2u', 'email'), $notifycheck, false);
 518          printsetting1($lang['textreggedonly'], 'regviewnew', $regonlyon, $regonlyoff);
 519          printsetting1($lang['texthidepriv'], 'hidepriv', $hideon, $hideoff);
 520          printsetting1($lang['emailverify'], 'emailchecknew',$echeckon, $echeckoff);
 521          printsetting1($lang['regoptional'], 'regoptionalnew',$regoptionalon, $regoptionaloff);
 522          printsetting2($lang['textflood'], 'floodctrlnew', ((int)$SETTINGS['floodctrl']), 3);
 523          printsetting2($lang['u2uquota'], 'u2uquotanew', ((int)$SETTINGS['u2uquota']), 3);
 524          printsetting3($lang['textavastatus'], 'avastatusnew', array($lang['texton'], $lang['textlist'], $lang['textoff']), array('on', 'list', 'off'), $avchecked, false);
 525          printsetting1($lang['resetSigDesc'], 'resetSigNew', $resetSigOn, $resetSigOff);
 526          printsetting1($lang['doublee'], 'doubleenew', $doubleeon, $doubleeoff);
 527          printsetting2($lang['pruneusers'], 'pruneusersnew', ((int)$SETTINGS['pruneusers']), 3);
 528          ?>
 529          <tr class="ctrtablerow">
 530          <td bgcolor="<?php echo $altbg2?>" colspan="2"><input class="submit" type="submit" name="settingsubmit4" value="<?php echo $lang['textsubmitchanges']?>" /></td>
 531          </tr>
 532          <tr class="category">
 533          <td colspan="2"><strong><font color="<?php echo $cattext?>"><a name="8" />&raquo;&nbsp;<?php echo $lang['admin_main_settings8']?></font></strong></td>
 534          </tr>
 535          <?php
 536          $max_image_sizes = explode('x', $SETTINGS['max_image_size']);
 537          $max_thumb_sizes = explode('x', $SETTINGS['max_thumb_size']);
 538          for($i=0; $i<=4; $i++) {
 539              $urlformatchecked[$i] = ($SETTINGS['file_url_format'] == $i + 1);
 540          }
 541          for($i=0; $i<=1; $i++) {
 542              $subdirchecked[$i] = ($SETTINGS['files_subdir_format'] == $i + 1);
 543          }
 544          printsetting2($lang['textfilesperpost'], 'filesperpostnew', ((int)$SETTINGS['filesperpost']), 3);
 545          printsetting2($lang['max_attachment_size'], 'maxAttachSize', ((int)$SETTINGS['maxattachsize']), 12);
 546          printsetting2($lang['textfilessizew'], 'max_image_size_w_new', $max_image_sizes[0], 5);
 547          printsetting2($lang['textfilessizeh'], 'max_image_size_h_new', $max_image_sizes[1], 5);
 548          printsetting2($lang['textfilesthumbw'], 'max_thumb_size_w_new', $max_thumb_sizes[0], 5);
 549          printsetting2($lang['textfilesthumbh'], 'max_thumb_size_h_new', $max_thumb_sizes[1], 5);
 550          if (!ini_get('allow_url_fopen')) {
 551              printsetting5($lang['attachimginpost'], $lang['no_url_fopen']);
 552          } else {
 553              printsetting1($lang['attachimginpost'], 'attachimgpostnew', $attachimgposton, $attachimgpostoff);
 554          }
 555          printsetting1($lang['textremoteimages'], 'remoteimages', $remoteimageson, $remoteimagesoff);
 556          printsetting2($lang['textfilespath'], 'filespathnew', $SETTINGS['files_storage_path'], 50);
 557          printsetting2($lang['textfilesminsize'], 'filesminsizenew', ((int)$SETTINGS['files_min_disk_size']), 7);
 558          printsetting3($lang['textfilessubdir'], 'filessubdirnew', array($lang['textfilessubdir1'], $lang['textfilessubdir2']), array('1', '2'), $subdirchecked, false);
 559          printsetting3($lang['textfilesurlpath'], 'filesurlpathnew', array($lang['textfilesurlpath1'], $lang['textfilesurlpath2'], $lang['textfilesurlpath3'], $lang['textfilesurlpath4'], $lang['textfilesurlpath5']), array('1', '2', '3', '4', '5'), $urlformatchecked, false);
 560          printsetting2($lang['textfilesbase'], 'filesbasenew', $SETTINGS['files_virtual_url'], 50);
 561          ?>
 562          <tr class="ctrtablerow">
 563          <td bgcolor="<?php echo $altbg2?>" colspan="2"><input class="submit" type="submit" name="settingsubmit5" value="<?php echo $lang['textsubmitchanges']?>" /></td>
 564          </tr>
 565          <tr class="category">
 566          <td colspan="2"><strong><font color="<?php echo $cattext?>"><a name="6" />&raquo;&nbsp;<?php echo $lang['admin_main_settings6']?></font></strong></td>
 567          </tr>
 568          <?php
 569          printsetting2($lang['texthottopic'], 'hottopicnew', ((int)$SETTINGS['hottopic']), 3);
 570          printsetting1($lang['bbinsert'], 'bbinsertnew', $bbinserton, $bbinsertoff);
 571          printsetting1($lang['smileyinsert'], 'smileyinsertnew', $smileyinserton, $smileyinsertoff);
 572          printsetting3($lang['footer_options'], 'new_footer_options', $names, $values, $checked);
 573          printsetting3($lang['defaultTimezoneDesc'], 'def_tz_new', array($lang['timezone1'], $lang['timezone2'], $lang['timezone3'], $lang['timezone4'], $lang['timezone5'], $lang['timezone6'], $lang['timezone7'], $lang['timezone8'], $lang['timezone9'], $lang['timezone10'], $lang['timezone11'], $lang['timezone12'], $lang['timezone13'], $lang['timezone14'], $lang['timezone15'], $lang['timezone16'], $lang['timezone17'], $lang['timezone18'], $lang['timezone19'], $lang['timezone20'], $lang['timezone21'], $lang['timezone22'], $lang['timezone23'], $lang['timezone24'], $lang['timezone25'], $lang['timezone26'], $lang['timezone27'], $lang['timezone28'], $lang['timezone29'], $lang['timezone30'], $lang['timezone31'], $lang['timezone32'], $lang['timezone33']), array('-12', '-11', '-10', '-9', '-8', '-7', '-6', '-5', '-4', '-3.5', '-3', '-2', '-1', '0', '1', '2', '3', '3.5', '4', '4.5', '5', '5.5', '5.75', '6', '6.5', '7', '8', '9', '9.5', '10', '11', '12', '13'), array($timezone1, $timezone2, $timezone3, $timezone4, $timezone5, $timezone6, $timezone7, $timezone8, $timezone9, $timezone10, $timezone11, $timezone12, $timezone13, $timezone14, $timezone15, $timezone16, $timezone17, $timezone18, $timezone19, $timezone20, $timezone21, $timezone22, $timezone23, $timezone24, $timezone25, $timezone26, $timezone27, $timezone28, $timezone29, $timezone30, $timezone31, $timezone32, $timezone33), false);
 574          printsetting2($lang['addtime'], 'addtimenew', $SETTINGS['addtime'], 3);
 575          printsetting1($lang['sigbbcode'], 'sigbbcodenew', $sigbbcodeon, $sigbbcodeoff);
 576          printsetting1($lang['sightml'], 'sightmlnew', $sightmlon, $sightmloff);
 577          if (!ini_get('allow_url_fopen')) {
 578              printsetting5($lang['max_avatar_size_w'], $lang['no_url_fopen']);
 579          } else {
 580              printsetting2($lang['max_avatar_size_w'], 'max_avatar_size_w_new', $max_avatar_sizes[0], 4);
 581              printsetting2($lang['max_avatar_size_h'], 'max_avatar_size_h_new', $max_avatar_sizes[1], 4);
 582          }
 583          printsetting1($lang['what_tickerstatus'], 'tickerstatusnew', $tickerstatuson, $tickerstatusoff);
 584          printsetting2($lang['what_tickerdelay'], 'tickerdelaynew', ((int)$SETTINGS['tickerdelay']), 5);
 585          printsetting4($lang['tickercontents'], 'tickercontentsnew', $SETTINGS['tickercontents'], 5, 50);
 586          ?>
 587          <tr class="ctrtablerow">
 588          <td bgcolor="<?php echo $altbg2?>" colspan="2"><input class="submit" type="submit" name="settingsubmit6" value="<?php echo $lang['textsubmitchanges']?>" /></td>
 589          </tr>
 590          <tr class="category">
 591          <td colspan="2"><strong><font color="<?php echo $cattext?>"><a name="7" />&raquo;&nbsp;<?php echo $lang['admin_main_settings7']?></font></strong></td>
 592          </tr>
 593          <?php
 594          require  ROOT.'include/captcha.inc.php';
 595          $Captcha = new Captcha();
 596          if ($Captcha->bCompatible === FALSE) {
 597              printsetting5($lang['captchastatus'], 'CAPTCHA is not working. Usually, this means the GD or FreeType software is missing from your PHP server.');
 598          } else {
 599              printsetting1($lang['captchastatus'], 'captchanew', $captchaOn, $captchaOff);
 600              printsetting1($lang['captcharegstatus'], 'captcharegnew', $captcharegOn, $captcharegOff);
 601              printsetting1($lang['captchapoststatus'], 'captchapostnew', $captchapostOn, $captchapostOff);
 602              printsetting1($lang['captchasearchstatus'], 'captchasearchnew', $captchasearchOn, $captchasearchOff);
 603              printsetting2($lang['captchacharset'], 'captchacharsetnew', $SETTINGS['captcha_code_charset'], 50);
 604              printsetting2($lang['captchacodelength'], 'captchacodenew', ((int)$SETTINGS['captcha_code_length']), 3);
 605              printsetting1($lang['captchacodecase'], 'captchacodecasenew', $captchacodecaseOn, $captchacodecaseOff);
 606              printsetting1($lang['captchacodeshadow'], 'captchacodeshadownew', $captchacodeshadowOn, $captchacodeshadowOff);
 607              printsetting2($lang['captchaimagetype'], 'captchaimagetypenew', $SETTINGS['captcha_image_type'], 5);
 608              printsetting2($lang['captchaimagewidth'], 'captchaimagewidthnew', ((int)$SETTINGS['captcha_image_width']), 5);
 609              printsetting2($lang['captchaimageheight'], 'captchaimageheightnew', ((int)$SETTINGS['captcha_image_height']), 5);
 610              printsetting2($lang['captchaimagebg'], 'captchaimagebgnew', $SETTINGS['captcha_image_bg'], 50);
 611              printsetting2($lang['captchaimagedots'], 'captchaimagedotsnew', ((int)$SETTINGS['captcha_image_dots']), 3);
 612              printsetting2($lang['captchaimagelines'], 'captchaimagelinesnew', ((int)$SETTINGS['captcha_image_lines']), 3);
 613              printsetting2($lang['captchaimagefonts'], 'captchaimagefontsnew', $SETTINGS['captcha_image_fonts'], 50);
 614              printsetting2($lang['captchaimageminfont'], 'captchaimageminfontnew', ((int)$SETTINGS['captcha_image_minfont']), 3);
 615              printsetting2($lang['captchaimagemaxfont'], 'captchaimagemaxfontnew', ((int)$SETTINGS['captcha_image_maxfont']), 3);
 616              printsetting1($lang['captchaimagecolor'], 'captchaimagecolornew', $captchaimagecolorOn, $captchaimagecolorOff);
 617          }
 618          unset($Captcha);
 619          ?>
 620          <tr class="ctrtablerow">
 621          <td bgcolor="<?php echo $altbg2?>" colspan="2"><input class="submit" type="submit" name="settingsubmit7" value="<?php echo $lang['textsubmitchanges']?>" /></td>
 622          </tr>
 623          </table>
 624          </td>
 625          </tr>
 626          </table>
 627          </form>
 628          </td>
 629          </tr>
 630          <?php
 631      } else {
 632          request_secure('mainsettings', '', X_NONCE_FORM_EXP, FALSE);
 633  
 634          $sitenamenew = postedVar('sitenamenew');
 635          $bbnamenew = postedVar('bbnamenew');
 636          $siteurlnew = postedVar('siteurlnew');
 637          $adminemailnew = postedVar('adminemailnew');
 638          $bbrulesnew = formOnOff('bbrulesnew');
 639          $bbrulestxtnew = postedVar('bbrulestxtnew', '', FALSE);
 640          $bbstatusnew = formOnOff('bbstatusnew');
 641          $bboffreasonnew = postedVar('bboffreasonnew');
 642          $gzipcompressnew = formOnOff('gzipcompressnew');
 643  
 644          $langfilenew = postedVar('langfilenew');
 645          $result = $db->query("SELECT devname FROM ".X_PREFIX."lang_base WHERE devname='$langfilenew'");
 646          if ($db->num_rows($result) == 0) {
 647              $langfilenew = $SETTINGS['langfile'];
 648          }
 649  
 650          $themenew = formInt('themenew');
 651          $postperpagenew = formInt('postperpagenew');
 652          $topicperpagenew = formInt('topicperpagenew');
 653          $memberperpagenew = formInt('memberperpagenew');
 654          $timeformatnew = formInt('timeformatnew');
 655          $dateformatnew = postedVar('dateformatnew');
 656          $searchstatusnew = formOnOff('searchstatusnew');
 657          $faqstatusnew = formOnOff('faqstatusnew');
 658          $todaystatusnew = formOnOff('todaystatusnew');
 659          $statsstatusnew = formOnOff('statsstatusnew');
 660          $memliststatusnew = formOnOff('memliststatusnew');
 661          $spellchecknew = ($_POST['spellchecknew'] == 'on' && defined('PSPELL_FAST')) ? 'on' : 'off';
 662          $coppanew = formOnOff('coppanew');
 663          $reportpostnew = formOnOff('reportpostnew');
 664          $space_catsnew = formOnOff('space_catsnew');
 665          $indexShowBarNew = formInt('indexShowBarNew');
 666          $allowrankeditnew = formOnOff('allowrankeditnew');
 667          $subjectInTitleNew = formOnOff('subjectInTitleNew');
 668          $catsonlynew = formOnOff('catsonlynew');
 669          $whos_on = formOnOff('whos_on');
 670          $smtotalnew = formInt('smtotalnew');
 671          $smcolsnew = formInt('smcolsnew');
 672          $dotfoldersnew = formOnOff('dotfoldersnew');
 673          $editedbynew = formOnOff('editedbynew');
 674          $attachimgpostnew = formOnOff('attachimgpostnew');
 675          $reg_on = formOnOff('reg_on');
 676          $ipReg = formOnOff('ipReg');
 677          $maxDayReg = formInt('maxDayReg');
 678          $notifyonregnew = ($_POST['notifyonregnew'] == 'off') ? 'off' : ($_POST['notifyonregnew'] == 'u2u' ? 'u2u' : 'email');
 679          $regviewnew = formOnOff('regviewnew');
 680          $hidepriv = formOnOff('hidepriv');
 681          $emailchecknew = formOnOff('emailchecknew');
 682          $floodctrlnew = formInt('floodctrlnew');
 683          $u2uquotanew = formInt('u2uquotanew');
 684          $avastatusnew = postedVar('avastatusnew');
 685          if ($avastatusnew != 'on' And $avastatusnew != 'list') {
 686              $avastatusnew = 'off';
 687          }
 688          $resetSigNew = formOnOff('resetSigNew');
 689          $doubleenew = formOnOff('doubleenew');
 690          $pruneusersnew = formInt('pruneusersnew');
 691          $hottopicnew = formInt('hottopicnew');
 692          $bbinsertnew = formOnOff('bbinsertnew');
 693          $smileyinsertnew = formOnOff('smileyinsertnew');
 694  
 695          $new_footer_options = postedArray('new_footer_options');
 696          if (!empty($new_footer_options)) {
 697              $footer_options = implode('-', $new_footer_options);
 698          } else {
 699              $footer_options = '';
 700          }
 701  
 702          $maxAttachSize = formInt('maxAttachSize');
 703          $def_tz_new = isset($_POST['def_tz_new']) && is_numeric($_POST['def_tz_new']) ? $_POST['def_tz_new'] : 0;
 704          $addtimenew = isset($_POST['addtimenew']) && is_numeric($_POST['addtimenew']) ? $_POST['addtimenew'] : 0;
 705          $sigbbcodenew = formOnOff('sigbbcodenew');
 706          $sightmlnew = formOnOff('sightmlnew');
 707          $max_avatar_size_w_new = formInt('max_avatar_size_w_new');
 708          $max_avatar_size_h_new = formInt('max_avatar_size_h_new');
 709          $tickerstatusnew = formOnOff('tickerstatusnew');
 710          $tickerdelaynew = formInt('tickerdelaynew');
 711          $tickercontentsnew = postedVar('tickercontentsnew');
 712          $maxDayReg = formInt('maxDayReg');
 713          $showsubforumsnew = formOnOff('showsubforumsnew');
 714          $max_avatar_size = $max_avatar_size_w_new.'x'.$max_avatar_size_h_new;
 715          $regoptionalnew = formOnOff('regoptionalnew');
 716          $quickreply_statusnew = formOnOff('quickreply_statusnew');
 717          $quickjump_statusnew = formOnOff('quickjump_statusnew');
 718          $index_statsnew = formOnOff('index_statsnew');
 719          $onlinetodaycountnew = formInt('onlinetodaycountnew');
 720          $onlinetoday_statusnew = formOnOff('onlinetoday_statusnew');
 721  
 722          $filespathnew = postedVar('filespathnew');
 723          $filesbasenew = postedVar('filesbasenew');
 724          $filesminsizenew = formInt('filesminsizenew');
 725          $filesperpostnew = formInt('filesperpostnew');
 726          $filesurlpathnew = formInt('filesurlpathnew');
 727          $filessubdirnew = formInt('filessubdirnew');
 728          $max_image_size_w_new = formInt('max_image_size_w_new');
 729          $max_image_size_h_new = formInt('max_image_size_h_new');
 730          $max_thumb_size_w_new = formInt('max_thumb_size_w_new');
 731          $max_thumb_size_h_new = formInt('max_thumb_size_h_new');
 732          $max_image_size = $max_image_size_w_new.'x'.$max_image_size_h_new;
 733          $max_thumb_size = $max_thumb_size_w_new.'x'.$max_thumb_size_h_new;
 734          $remoteimages = formOnOff('remoteimages');
 735  
 736          $sql = "UPDATE ".X_PREFIX."settings SET
 737              langfile='$langfilenew',
 738              bbname='$bbnamenew',
 739              postperpage='$postperpagenew',
 740              topicperpage='$topicperpagenew',
 741              hottopic='$hottopicnew',
 742              theme='$themenew',
 743              bbstatus='$bbstatusnew',
 744              whosonlinestatus='$whos_on',
 745              regstatus='$reg_on',
 746              bboffreason='$bboffreasonnew',
 747              regviewonly='$regviewnew',
 748              floodctrl='$floodctrlnew',
 749              memberperpage='$memberperpagenew',
 750              catsonly='$catsonlynew',
 751              hideprivate='$hidepriv',
 752              emailcheck='$emailchecknew',
 753              bbrules='$bbrulesnew',
 754              bbrulestxt='$bbrulestxtnew',
 755              searchstatus='$searchstatusnew',
 756              faqstatus='$faqstatusnew',
 757              memliststatus='$memliststatusnew',
 758              sitename='$sitenamenew',
 759              siteurl='$siteurlnew',
 760              avastatus='$avastatusnew',
 761              u2uquota='$u2uquotanew',
 762              gzipcompress='$gzipcompressnew',
 763              coppa='$coppanew',
 764              timeformat='$timeformatnew',
 765              adminemail='$adminemailnew',
 766              dateformat='$dateformatnew',
 767              sigbbcode='$sigbbcodenew',
 768              sightml='$sightmlnew',
 769              reportpost='$reportpostnew',
 770              bbinsert='$bbinsertnew',
 771              smileyinsert='$smileyinsertnew',
 772              doublee='$doubleenew',
 773              smtotal='$smtotalnew',
 774              smcols='$smcolsnew',
 775              editedby='$editedbynew',
 776              dotfolders='$dotfoldersnew',
 777              attachimgpost='$attachimgpostnew',
 778              tickerstatus='$tickerstatusnew',
 779              tickercontents='$tickercontentsnew',
 780              tickerdelay='$tickerdelaynew',
 781              addtime='$addtimenew',
 782              todaysposts='$todaystatusnew',
 783              stats='$statsstatusnew',
 784              max_avatar_size='$max_avatar_size',
 785              footer_options='$footer_options',
 786              space_cats='$space_catsnew',
 787              spellcheck='$spellchecknew',
 788              allowrankedit='$allowrankeditnew',
 789              notifyonreg='$notifyonregnew',
 790              indexshowbar='$indexShowBarNew',
 791              subject_in_title='$subjectInTitleNew',
 792              def_tz='$def_tz_new',
 793              resetsigs='$resetSigNew',
 794              pruneusers='$pruneusersnew',
 795              ipreg='$ipReg',
 796              maxdayreg='$maxDayReg',
 797              maxattachsize='$maxAttachSize',
 798              showsubforums='$showsubforumsnew',
 799              regoptional='$regoptionalnew',
 800              quickreply_status='$quickreply_statusnew',
 801              quickjump_status='$quickjump_statusnew',
 802              index_stats='$index_statsnew',
 803              onlinetodaycount='$onlinetodaycountnew',
 804              onlinetoday_status='$onlinetoday_statusnew',
 805              attach_remote_images='$remoteimages',
 806              files_min_disk_size='$filesminsizenew',
 807              files_storage_path='$filespathnew',
 808              files_subdir_format='$filessubdirnew',
 809              file_url_format='$filesurlpathnew',
 810              files_virtual_url='$filesbasenew',
 811              filesperpost='$filesperpostnew',
 812              max_image_size='$max_image_size',
 813              max_thumb_size='$max_thumb_size'
 814          ";
 815  
 816          $captchanew = formOnOff('captchanew');
 817          $captcharegnew = formOnOff('captcharegnew');
 818          $captchapostnew = formOnOff('captchapostnew');
 819          $captchasearchnew = formOnOff('captchasearchnew');
 820          $captchacharsetnew = postedVar('captchacharsetnew');
 821          $captchacodenew = formInt('captchacodenew');
 822          $captchacodecasenew = formOnOff('captchacodecasenew');
 823          $captchacodeshadownew = formOnOff('captchacodeshadownew');
 824          $captchaimagetypenew = postedVar('captchaimagetypenew');
 825          $captchaimagewidthnew = formInt('captchaimagewidthnew');
 826          $captchaimageheightnew = formInt('captchaimageheightnew');
 827          $captchaimagebgnew = postedVar('captchaimagebgnew');
 828          $captchaimagedotsnew = formInt('captchaimagedotsnew');
 829          $captchaimagelinesnew = formInt('captchaimagelinesnew');
 830          $captchaimagefontsnew = postedVar('captchaimagefontsnew');
 831          $captchaimageminfontnew = formInt('captchaimageminfontnew');
 832          $captchaimagemaxfontnew = formInt('captchaimagemaxfontnew');
 833          $captchaimagecolornew = formOnOff('captchaimagecolornew');
 834  
 835          $sql .= ",
 836          captcha_status='$captchanew',
 837          captcha_reg_status='$captcharegnew',
 838          captcha_post_status='$captchapostnew',
 839          captcha_search_status='$captchasearchnew',
 840          captcha_code_charset='$captchacharsetnew',
 841          captcha_code_length='$captchacodenew',
 842          captcha_code_casesensitive='$captchacodecasenew',
 843          captcha_code_shadow='$captchacodeshadownew',
 844          captcha_image_type='$captchaimagetypenew',
 845          captcha_image_width='$captchaimagewidthnew',
 846          captcha_image_height='$captchaimageheightnew',
 847          captcha_image_bg='$captchaimagebgnew',
 848          captcha_image_dots='$captchaimagedotsnew',
 849          captcha_image_lines='$captchaimagelinesnew',
 850          captcha_image_fonts='$captchaimagefontsnew',
 851          captcha_image_minfont='$captchaimageminfontnew',
 852          captcha_image_maxfont='$captchaimagemaxfontnew',
 853          captcha_image_color='$captchaimagecolornew'
 854          ";
 855  
 856          $db->query($sql);
 857  
 858          echo '<tr bgcolor="'.$altbg2.'" class="ctrtablerow"><td>'.$lang['textsettingsupdate'].'</td></tr>';
 859      }
 860  }
 861  
 862  if ($action == 'rename') {
 863      if (!X_SADMIN) {
 864          error($lang['superadminonly'], false, '</td></tr></table></td></tr></table><br />');
 865      }
 866  
 867      if (onSubmit('renamesubmit')) {
 868          request_secure('renamemember', '', X_NONCE_AYS_EXP, FALSE);
 869          $vUserFrom = postedVar('frmUserFrom', '', TRUE, FALSE);
 870          $vUserTo = postedVar('frmUserTo', '', TRUE, FALSE);
 871          $adm = new admin();
 872          $myErr = $adm->rename_user($vUserFrom, $vUserTo);
 873          echo '<tr bgcolor="'.$altbg2.'" class="ctrtablerow"><td>'.$myErr.'</td></tr>';
 874      } else {
 875          ?>
 876          <tr bgcolor="<?php echo $altbg2?>">
 877          <td>
 878          <form action="cp.php?action=rename" method="post">
 879          <input type="hidden" name="token" value="<?php echo nonce_create('renamemember'); ?>" />
 880          <table cellspacing="0" cellpadding="0" border="0" width="550" align="center">
 881          <tr>
 882          <td bgcolor="<?php echo $bordercolor?>">
 883          <table border="0" cellspacing="<?php echo $THEME['borderwidth']?>" cellpadding="<?php echo $tablespace?>" width="100%">
 884          <tr>
 885          <td class="category" colspan="2"><strong><font color="<?php echo $cattext?>"><?php echo $lang['admin_rename_txt']?></font></strong></td>
 886          </tr>
 887          <tr class="tablerow">
 888          <td bgcolor="<?php echo $altbg1?>" width="22%"><?php echo $lang['admin_rename_userfrom']?></td>
 889          <td bgcolor="<?php echo $altbg2?>"><input type="text" name="frmUserFrom" size="25" /></td>
 890          </tr>
 891          <tr class="tablerow">
 892          <td bgcolor="<?php echo $altbg1?>" width="22%"><?php echo $lang['admin_rename_userto']?></td>
 893          <td bgcolor="<?php echo $altbg2?>"><input type="text" name="frmUserTo" size="25" /></td>
 894          </tr>
 895          <tr>
 896          <td bgcolor="<?php echo $altbg2?>" class="ctrtablerow" colspan="2"><input type="submit" class="submit" name="renamesubmit" value="<?php echo $lang['admin_rename_txt']?>" /></td>
 897          </tr>
 898          </table>
 899          </td>
 900          </tr>
 901          </table>
 902          </form>
 903          </td>
 904          </tr>
 905          <?php
 906      }
 907  }
 908  
 909  if ($action == 'forum') {
 910      $fdetails = getInt('fdetails');
 911      if (noSubmit('forumsubmit') && !$fdetails) {
 912          $groups = array();
 913          $forums = array();
 914          $forums[0] = array();
 915          $forumlist = array();
 916          $subs = array();
 917          $i = 0;
 918          $query = $db->query("SELECT fid, type, name, displayorder, status, fup FROM ".X_PREFIX."forums ORDER BY fup ASC, displayorder ASC");
 919          while($selForums = $db->fetch_array($query)) {
 920              if ($selForums['type'] == 'group') {
 921                  $groups[$i]['fid'] = $selForums['fid'];
 922                  $groups[$i]['name'] = $selForums['name'];
 923                  $groups[$i]['displayorder'] = $selForums['displayorder'];
 924                  $groups[$i]['status'] = $selForums['status'];
 925                  $groups[$i]['fup'] = $selForums['fup'];
 926              } else if ($selForums['type'] == 'forum') {
 927                  $id = (empty($selForums['fup'])) ? 0 : $selForums['fup'];
 928                  $forums[$id][$i]['fid'] = $selForums['fid'];
 929                  $forums[$id][$i]['name'] = $selForums['name'];
 930                  $forums[$id][$i]['displayorder'] = $selForums['displayorder'];
 931                  $forums[$id][$i]['status'] = $selForums['status'];
 932                  $forums[$id][$i]['fup'] = $selForums['fup'];
 933                  $forumlist[$i]['fid'] = $selForums['fid'];
 934                  $forumlist[$i]['name'] = $selForums['name'];
 935              } else if ($selForums['type'] == 'sub') {
 936                  $subs[$selForums['fup']][$i]['fid'] = $selForums['fid'];
 937                  $subs[$selForums['fup']][$i]['name'] = $selForums['name'];
 938                  $subs[$selForums['fup']][$i]['displayorder'] = $selForums['displayorder'];
 939                  $subs[$selForums['fup']][$i]['status'] = $selForums['status'];
 940                  $subs[$selForums['fup']][$i]['fup'] = $selForums['fup'];
 941              }
 942              $i++;
 943          }
 944          ?>
 945          <tr bgcolor="<?php echo $altbg2?>">
 946          <td>
 947          <form method="post" action="cp.php?action=forum">
 948          <input type="hidden" name="token" value="<?php echo nonce_create('massedforums'); ?>" />
 949          <table cellspacing="0" cellpadding="0" border="0" width="90%" align="center">
 950          <tr>
 951          <td bgcolor="<?php echo $bordercolor?>">
 952          <table border="0" cellspacing="<?php echo $THEME['borderwidth']?>" cellpadding="<?php echo $tablespace?>" width="100%">
 953          <tr>
 954          <td class="category"><font color="<?php echo $cattext?>"><strong><?php echo $lang['textforumopts']?></strong></font></td>
 955          </tr>
 956          <?php
 957          foreach($forums[0] as $forum) {
 958              $on = $off = '';
 959              if ($forum['status'] == 'on') {
 960                  $on = $selHTML;
 961              } else {
 962                  $off = $selHTML;
 963              }
 964              ?>
 965              <tr bgcolor="<?php echo $altbg2?>" class="tablerow">
 966              <td class="smalltxt"><input type="checkbox" name="delete<?php echo $forum['fid']?>" value="<?php echo $forum['fid']?>" />
 967              &nbsp;<input type="text" name="name<?php echo $forum['fid']?>" value="<?php echo stripslashes($forum['name'])?>" />
 968              &nbsp; <?php echo $lang['textorder']?> <input type="text" name="displayorder<?php echo $forum['fid']?>" size="2" value="<?php echo $forum['displayorder']?>" />
 969              &nbsp; <select name="status<?php echo $forum['fid']?>">
 970              <option value="on" <?php echo $on?>><?php echo $lang['texton']?></option><option value="off" <?php echo $off?>><?php echo $lang['textoff']?></option></select>
 971              &nbsp; <select name="moveto<?php echo $forum['fid']?>"><option value="" selected="selected">-<?php echo $lang['textnone']?>-</option>
 972              <?php
 973              if (!isset($subs[$forum['fid']])) { //Ungrouped forum options.
 974                  foreach($forums[0] as $moveforum) {
 975                      if ($moveforum['fid'] != $forum['fid']) {
 976                          echo "<option value=\"$moveforum[fid]\"> &nbsp; &raquo; ".stripslashes($moveforum['name'])."</option>";
 977                      }
 978                  }
 979              }
 980              foreach($groups as $moveforum) { //Groups and grouped forum options.
 981                  echo "<option value=\"$moveforum[fid]\">".stripslashes($moveforum['name'])."</option>";
 982                  if (isset($forums[$moveforum['fid']]) And !isset($subs[$forum['fid']])) {
 983                      foreach($forums[$moveforum['fid']] as $moveforum) {
 984                          echo "<option value=\"$moveforum[fid]\"> &nbsp; &raquo; ".stripslashes($moveforum['name'])."</option>";
 985                      }
 986                  }
 987              }
 988              ?>
 989              </select>
 990              <a href="cp.php?action=forum&amp;fdetails=<?php echo $forum['fid']?>"><?php echo $lang['textmoreopts']?></a></td>
 991              </tr>
 992              <?php
 993              if (array_key_exists($forum['fid'], $subs)) {
 994                  foreach($subs[$forum['fid']] as $subforum) {
 995                      $on = $off = '';
 996                      if ($subforum['status'] == 'on') {
 997                          $on = $selHTML;
 998                      } else {
 999                          $off = $selHTML;
1000                      }
1001                      ?>
1002                      <tr bgcolor="<?php echo $altbg2?>" class="tablerow">
1003                      <td class="smalltxt"> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; <input type="checkbox" name="delete<?php echo $subforum['fid']?>" value="<?php echo $subforum['fid']?>" />
1004                      &nbsp;<input type="text" name="name<?php echo $subforum['fid']?>" value="<?php echo stripslashes($subforum['name'])?>" />
1005                      &nbsp; <?php echo $lang['textorder']?> <input type="text" name="displayorder<?php echo $subforum['fid']?>" size="2" value="<?php echo $subforum['displayorder']?>" />
1006                      &nbsp; <select name="status<?php echo $subforum['fid']?>">
1007                      <option value="on" <?php echo $on?>><?php echo $lang['texton']?></option><option value="off" <?php echo $off?>><?php echo $lang['textoff']?></option></select>
1008                      &nbsp; <select name="moveto<?php echo $subforum['fid']?>"><option value="" selected="selected">-<?php echo $lang['textnone']?>-</option>
1009                      <?php
1010                      foreach($forums[0] as $moveforum) { //Ungrouped forum options.
1011                          if ($moveforum['fid'] == $subforum['fup']) {
1012                              $curgroup = $selHTML;
1013                          } else {
1014                              $curgroup = '';
1015                          }
1016                          echo "<option value=\"$moveforum[fid]\" $curgroup> &nbsp; &raquo; ".stripslashes($moveforum['name'])."</option>";
1017                      }
1018                      foreach($groups as $moveforum) { //Groups and grouped forum options.
1019                          echo '<option value="'.$moveforum['fid'].'">'.stripslashes($moveforum['name']).'</option>';
1020                          if (isset($forums[$moveforum['fid']])) {
1021                              foreach($forums[$moveforum['fid']] as $moveforum) {
1022                                  echo "<option value=\"$moveforum[fid]\"> &nbsp; &raquo; ".stripslashes($moveforum['name'])."</option>";
1023                              }
1024                          }
1025                      }
1026                      ?>
1027                      </select>
1028                      <a href="cp.php?action=forum&amp;fdetails=<?php echo $subforum['fid']?>"><?php echo $lang['textmoreopts']?></a></td>
1029                      </tr>
1030                      <?php
1031                  }
1032              }
1033          }
1034  
1035          foreach($groups as $group) {
1036              $on = $off = '';
1037              if ($group['status'] == 'on') {
1038                  $on = $selHTML;
1039              } else {
1040                  $off = $selHTML;
1041              }
1042              ?>
1043              <tr bgcolor="<?php echo $altbg2?>" class="tablerow">
1044              <td>&nbsp;</td>
1045              </tr>
1046              <tr bgcolor="<?php echo $altbg1?>" class="tablerow">
1047              <td class="smalltxt"><input type="checkbox" name="delete<?php echo $group['fid']?>" value="<?php echo $group['fid']?>" />
1048              <input type="text" name="name<?php echo $group['fid']?>" value="<?php echo stripslashes($group['name'])?>" />
1049              &nbsp; <?php echo $lang['textorder']?> <input type="text" name="displayorder<?php echo $group['fid']?>" size="2" value="<?php echo $group['displayorder']?>" />
1050              &nbsp; <select name="status<?php echo $group['fid']?>">
1051              <option value="on" <?php echo $on?>><?php echo $lang['texton']?></option><option value="off" <?php echo $off?>><?php echo $lang['textoff']?></option></select>
1052              </td>
1053              </tr>
1054              <?php
1055              if (array_key_exists($group['fid'], $forums)) {
1056                  foreach($forums[$group['fid']] as $forum) {
1057                      $on = $off = '';
1058                      if ($forum['status'] == 'on') {
1059                          $on = $selHTML;
1060                      } else {
1061                          $off = $selHTML;
1062                      }
1063                      ?>
1064                      <tr bgcolor="<?php echo $altbg2?>" class="tablerow">
1065                      <td class="smalltxt"> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; <input type="checkbox" name="delete<?php echo $forum['fid']?>" value="<?php echo $forum['fid']?>" />
1066                      &nbsp;<input type="text" name="name<?php echo $forum['fid']?>" value="<?php echo stripslashes($forum['name'])?>" />
1067                      &nbsp; <?php echo $lang['textorder']?> <input type="text" name="displayorder<?php echo $forum['fid']?>" size="2" value="<?php echo $forum['displayorder']?>" />
1068                      &nbsp; <select name="status<?php echo $forum['fid']?>">
1069                      <option value="on" <?php echo $on?>><?php echo $lang['texton']?></option><option value="off" <?php echo $off?>><?php echo $lang['textoff']?></option></select>
1070                      &nbsp; <select name="moveto<?php echo $forum['fid']?>"><option value="">-<?php echo $lang['textnone']?>-</option>
1071                      <?php
1072                      if (!isset($subs[$forum['fid']])) { //Ungrouped forum options.
1073                          foreach($forums[0] as $moveforum) {
1074                              echo "<option value=\"$moveforum[fid]\"> &nbsp; &raquo; ".stripslashes($moveforum['name'])."</option>";
1075                          }
1076                      }
1077                      foreach($groups as $moveforum) { //Groups and grouped forum options.
1078                          if ($moveforum['fid'] == $forum['fup']) {
1079                              $curgroup = $selHTML;
1080                          } else {
1081                              $curgroup = '';
1082                          }
1083                          echo '<option value="'.$moveforum['fid'].'" '.$curgroup.'>'.stripslashes($moveforum['name']).'</option>';
1084                          if (!isset($subs[$forum['fid']]) And isset($forums[$moveforum['fid']])) {
1085                              foreach($forums[$moveforum['fid']] as $moveforum) {
1086                                  if ($moveforum['fid'] != $forum['fid']) {
1087                                      echo "<option value=\"$moveforum[fid]\"> &nbsp; &raquo; ".stripslashes($moveforum['name'])."</option>";
1088                                  }
1089                              }
1090                          }
1091                      }
1092                      ?>
1093                      </select>
1094                      <a href="cp.php?action=forum&amp;fdetails=<?php echo $forum['fid']?>"><?php echo $lang['textmoreopts']?></a></td>
1095                      </tr>
1096                      <?php
1097                      if (array_key_exists($forum['fid'], $subs)) {
1098                          foreach($subs[$forum['fid']] as $forum) {
1099                              $on = $off = '';
1100                              if ($forum['status'] == 'on') {
1101                                  $on = $selHTML;
1102                              } else {
1103                                  $off = $selHTML;
1104                              }
1105                              ?>
1106                              <tr bgcolor="<?php echo $altbg2?>" class="tablerow">
1107                              <td class="smalltxt"> &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;<input type="checkbox" name="delete<?php echo $forum['fid']?>" value="<?php echo $forum['fid']?>" />
1108                              &nbsp;<input type="text" name="name<?php echo $forum['fid']?>" value="<?php echo stripslashes($forum['name'])?>" />
1109                              &nbsp; <?php echo $lang['textorder']?> <input type="text" name="displayorder<?php echo $forum['fid']?>" size="2" value="<?php echo $forum['displayorder']?>" />
1110                              &nbsp; <select name="status<?php echo $forum['fid']?>">
1111                              <option value="on" <?php echo $on?>><?php echo $lang['texton']?></option><option value="off" <?php echo $off?>><?php echo $lang['textoff']?></option></select>
1112                              &nbsp; <select name="moveto<?php echo $forum['fid']?>"><option value="" selected="selected">-<?php echo $lang['textnone']?>-</option>
1113                              <?php
1114                              foreach($forums[0] as $moveforum) { //Ungrouped forum options.
1115                                  echo "<option value=\"$moveforum[fid]\" $curgroup> &nbsp; &raquo; ".stripslashes($moveforum['name'])."</option>";
1116                              }
1117                              foreach($groups as $moveforum) { //Groups and grouped forum options.
1118                                  echo '<option value="'.$moveforum['fid'].'">'.stripslashes($moveforum['name']).'</option>';
1119                                  if (isset($forums[$moveforum['fid']])) {
1120                                      foreach($forums[$moveforum['fid']] as $moveforum) {
1121                                          if ($moveforum['fid'] == $forum['fup']) {
1122                                              $curgroup = $selHTML;
1123                                          } else {
1124                                              $curgroup = '';
1125                                          }
1126                                          echo "<option value=\"$moveforum[fid]\" $curgroup> &nbsp; &raquo; ".stripslashes($moveforum['name'])."</option>";
1127                                      }
1128                                  }
1129                              }
1130                              ?>
1131                              </select>
1132                              <a href="cp.php?action=forum&amp;fdetails=<?php echo $forum['fid']?>"><?php echo $lang['textmoreopts']?></a></td>
1133                              </tr>
1134                              <?php
1135                          }
1136                      }
1137                  }
1138              }
1139          }
1140          ?>
1141          <tr bgcolor="<?php echo $altbg1?>" class="tablerow">
1142          <td>&nbsp;</td>
1143          </tr>
1144          <tr bgcolor="<?php echo $altbg2?>" class="tablerow">
1145          <td class="smalltxt"><input type="text" name="newgname" value="<?php echo $lang['textnewgroup']?>" />
1146          &nbsp; <?php echo $lang['textorder']?> <input type="text" name="newgorder" size="2" />
1147          &nbsp; <select name="newgstatus">
1148          <option value="on"><?php echo $lang['texton']?></option><option value="off"><?php echo $lang['textoff']?></option></select></td>
1149          </tr>
1150          <tr class="tablerow">
1151          <td bgcolor="<?php echo $altbg2?>" class="smalltxt"><input type="text" name="newfname" value="<?php echo $lang['textnewforum']?>" />
1152          &nbsp; <?php echo $lang['textorder']?> <input type="text" name="newforder" size="2" />
1153          &nbsp; <select name="newfstatus">
1154          <option value="on"><?php echo $lang['texton']?></option><option value="off"><?php echo $lang['textoff']?></option></select>
1155          &nbsp; <select name="newffup"><option value="" selected="selected">-<?php echo $lang['textnone']?>-</option>
1156          <?php
1157          foreach($groups as $group) {
1158              echo '<option value="'.$group['fid'].'">'.fnameOut($group['name']).'</option>';
1159          }
1160          ?>
1161          </select>
1162          </td>
1163          </tr>
1164          <tr bgcolor="<?php echo $altbg2?>" class="tablerow">
1165          <td class="smalltxt"><input type="text" name="newsubname" value="<?php echo $lang['textnewsubf']?>" />
1166          &nbsp; <?php echo $lang['textorder']?> <input type="text" name="newsuborder" size="2" />
1167          &nbsp; <select name="newsubstatus"><option value="on"><?php echo $lang['texton']?></option><option value="off"><?php echo $lang['textoff']?></option></select>
1168          &nbsp; <select name="newsubfup">
1169          <?php
1170          foreach($forumlist as $group) {
1171              echo '<option value="'.$group['fid'].'">'.fnameOut($group['name']).'</option>';
1172          }
1173          ?>
1174          </select>
1175          </td>
1176          </tr>
1177          <tr>
1178          <td bgcolor="<?php echo $altbg2?>" class="ctrtablerow"><input type="submit" name="forumsubmit" value="<?php echo $lang['textsubmitchanges']?>" class="submit" /></td>
1179          </tr>
1180          </table>
1181          </td>
1182          </tr>
1183          </table>
1184          </form>
1185          </td>
1186          </tr>
1187          <?php
1188      } else if ($fdetails && noSubmit('forumsubmit')) {
1189          $key = template_key('editfid', $fdetails);
1190          ?>
1191          <tr bgcolor="<?php echo $altbg2?>">
1192          <td align="center">
1193          <form method="post" action="cp.php?action=forum&amp;fdetails=<?php echo $fdetails?>">
1194          <input type="hidden" name="token" value="<?php echo nonce_create($key); ?>" />
1195          <table cellspacing="0" cellpadding="0" border="0" width="100%" align="center">
1196          <tr>
1197          <td bgcolor="<?php echo $bordercolor?>">
1198          <table border="0" cellspacing="<?php echo $THEME['borderwidth']?>" cellpadding="<?php echo $tablespace?>" width="100%">
1199          <tr>
1200          <td class="category" colspan="2"><font color="<?php echo $cattext?>"><strong><?php echo $lang['textforumopts']?></strong></font></td>
1201          </tr>
1202          <?php
1203          $queryg = $db->query("SELECT * FROM ".X_PREFIX."forums WHERE fid='$fdetails'");
1204          $forum = $db->fetch_array($queryg);
1205  
1206          $themelist = array();
1207          $themelist[] = '<select name="themeforumnew">';
1208          $themelist[] = '<option value="0">'.$lang['textusedefault'].'</option>';
1209          $query = $db->query("SELECT themeid, name FROM ".X_PREFIX."themes ORDER BY name ASC");
1210          while($themeinfo = $db->fetch_array($query)) {
1211              if ($themeinfo['themeid'] == $forum['theme']) {
1212                  $themelist[] = '<option value="'.intval($themeinfo['themeid']).'" '.$selHTML.'>'.$themeinfo['name'].'</option>';
1213              } else {
1214                  $themelist[] = '<option value="'.intval($themeinfo['themeid']).'">'.$themeinfo['name'].'</option>';
1215              }
1216          }
1217          $themelist[] = '</select>';
1218          $themelist = implode("\n", $themelist);
1219          $db->free_result($query);
1220  
1221          if ($forum['allowhtml'] == "yes") {
1222              $checked2 = $cheHTML;
1223          } else {
1224              $checked2 = '';
1225          }
1226  
1227          if ($forum['allowsmilies'] == "yes") {
1228              $checked3 = $cheHTML;
1229          } else {
1230              $checked3 = '';
1231          }
1232  
1233          if ($forum['allowbbcode'] == "yes") {
1234              $checked4 = $cheHTML;
1235          } else {
1236              $checked4 = '';
1237          }
1238  
1239          if ($forum['allowimgcode'] == "yes") {
1240              $checked5 = $cheHTML;
1241          } else {
1242              $checked5 = '';
1243          }
1244  
1245          if ($forum['attachstatus'] == "on") {
1246              $checked6 = $cheHTML;
1247          } else {
1248              $checked6 = '';
1249          }
1250  
1251          $forum['name'] = stripslashes($forum['name']);
1252          ?>
1253          <tr class="tablerow">
1254          <td bgcolor="<?php echo $altbg1?>"><?php echo $lang['textforumname']?></td>
1255          <td bgcolor="<?php echo $altbg2?>"><input type="text" name="namenew" value="<?php echo $forum['name']; ?>" /></td>
1256          </tr>
1257          <tr class="tablerow">
1258          <td bgcolor="<?php echo $altbg1?>"><?php echo $lang['textdesc']?></td>
1259          <td bgcolor="<?php echo $altbg2?>"><textarea rows="4" cols="30" name="descnew">
1260  <?php // Linefeed required here - Do not edit!
1261          echo $forum['description'];
1262          ?></textarea></td>
1263          </tr>
1264          <tr class="tablerow">
1265          <td bgcolor="<?php echo $altbg1?>" valign="top"><?php echo $lang['textallow']?></td>
1266          <td bgcolor="<?php echo $altbg2?>" class="smalltxt">
1267          <input type="checkbox" name="allowhtmlnew" value="yes" <?php echo $checked2?> /><?php echo $lang['texthtml']?><br />
1268          <input type="checkbox" name="allowsmiliesnew" value="yes" <?php echo $checked3?> /><?php echo $lang['textsmilies']?><br />
1269          <input type="checkbox" name="allowbbcodenew" value="yes" <?php echo $checked4?> /><?php echo $lang['textbbcode']?><br />
1270          <input type="checkbox" name="allowimgcodenew" value="yes" <?php echo $checked5?> /><?php echo $lang['textimgcode']?><br />
1271          <input type="checkbox" name="attachstatusnew" value="on" <?php echo $checked6?> /><?php echo $lang['attachments']?><br />
1272          </td>
1273          </tr>
1274          <tr class="tablerow">
1275          <td bgcolor="<?php echo $altbg1?>"><?php echo $lang['texttheme']?></td>
1276          <td bgcolor="<?php echo $altbg2?>"><?php echo $themelist?></td>
1277          </tr>
1278  
1279          <tr class="tablerow">
1280          <td style="background-color: <?php echo $THEME['altbg1']?>"><?php echo $lang['forumpermissions']?></td>
1281          <td style="background-color: <?php echo $THEME['altbg2']?>"><table style="width: 100%; text-align: center;">
1282          <tr>
1283              <td class="tablerow" style="width: 25ex;">&nbsp;</td>
1284              <td class="category" style="color: <?php echo $THEME['cattext']?>; font-weight: bold; text-align: center;"><?php echo $lang['polls'];   ?></td>
1285              <td class="category" style="color: <?php echo $THEME['cattext']?>; font-weight: bold; text-align: center;"><?php echo $lang['threads']; ?></td>
1286              <td class="category" style="color: <?php echo $THEME['cattext']?>; font-weight: bold; text-align: center;"><?php echo $lang['replies']; ?></td>
1287              <td class="category" style="color: <?php echo $THEME['cattext']?>; font-weight: bold; text-align: center;"><?php echo $lang['view'];    ?></td>
1288          </tr>
1289          <?php
1290          $perms = explode(',', $forum['postperm']);
1291          foreach($status_enum as $key=>$val) {
1292              if ($key != '' And $val <= $status_enum['Guest']) {
1293                  if (!X_SADMIN and $key == 'Super Administrator') {
1294                      $disabled = 'disabled="disabled"';
1295                  } else {
1296                      $disabled = '';
1297                  }
1298                  ?>
1299                  <tr class="tablerow">
1300                      <td class="category" style="color: <?php echo $THEME['cattext']; ?>; font-weight: bold; text-align: right;"><?php echo $lang[$status_translate[$val]]; ?></td>
1301                      <td class="altbg1 ctrtablerow"><input type="checkbox" name="permsNew[<?php echo X_PERMS_RAWPOLL; ?>][]" value="<?php echo $val;?>" <?php echo ((($perms[X_PERMS_RAWPOLL]&$val) == $val) ? 'checked="checked"' : ''); ?> <?php echo $disabled;?> /></td>
1302                      <td class="altbg1 ctrtablerow"><input type="checkbox" name="permsNew[<?php echo X_PERMS_RAWTHREAD; ?>][]" value="<?php echo $val;?>" <?php echo ((($perms[X_PERMS_RAWTHREAD]&$val) == $val) ? 'checked="checked"' : ''); ?> <?php echo $disabled;?> /></td>
1303                      <td class="altbg1 ctrtablerow"><input type="checkbox" name="permsNew[<?php echo X_PERMS_RAWREPLY; ?>][]" value="<?php echo $val;?>" <?php echo ((($perms[X_PERMS_RAWREPLY]&$val) == $val) ? 'checked="checked"' : ''); ?> <?php echo $disabled;?> /></td>
1304                      <td class="altbg1 ctrtablerow"><input type="checkbox" name="permsNew[<?php echo X_PERMS_RAWVIEW; ?>][]" value="<?php echo $val;?>" <?php echo ((($perms[X_PERMS_RAWVIEW]&$val) == $val) ? 'checked="checked"' : ''); ?> <?php echo $disabled;?> /></td>
1305                  </tr>
1306                  <?php
1307              }
1308          }
1309          ?>
1310          </table></td>
1311          </tr>
1312  
1313          <tr class="tablerow">
1314          <td bgcolor="<?php echo $altbg1?>"><?php echo $lang['textuserlist']?></td>
1315          <td bgcolor="<?php echo $altbg2?>"><textarea rows="4" cols="30" name="userlistnew">
1316  <?php // Linefeed required here - Do not edit!
1317          echo $forum['userlist'];
1318          ?></textarea></td>
1319          </tr>
1320          <tr class="tablerow">
1321          <td bgcolor="<?php echo $altbg1?>"><?php echo $lang['forumpw']?></td>
1322          <td bgcolor="<?php echo $altbg2?>"><input type="text" name="passwordnew" value="<?php echo attrOut($forum['password'], 'javascript')?>" /></td>
1323          </tr>
1324          <tr class="tablerow">
1325          <td bgcolor="<?php echo $altbg1?>"><?php echo $lang['textdeleteques']?></td>
1326          <td bgcolor="<?php echo $altbg2?>"><input type="checkbox" name="delete" value="<?php echo $forum['fid']?>" /></td>
1327          </tr>
1328          <tr>
1329          <td bgcolor="<?php echo $altbg2?>" class="ctrtablerow" colspan="2"><input type="submit" name="forumsubmit" value="<?php echo $lang['textsubmitchanges']?>" class="submit" /></td>
1330          </tr>
1331          </table>
1332          </td>
1333          </tr>
1334          </table>
1335          </form>
1336          </td>
1337          </tr>
1338          <?php
1339      } else if (onSubmit('forumsubmit') && !$fdetails) {
1340          request_secure('massedforums', '', X_NONCE_FORM_EXP, FALSE);
1341          $queryforum = $db->query("SELECT fid, type, fup FROM ".X_PREFIX."forums WHERE type='forum' OR type='sub'");
1342          while($forum = $db->fetch_array($queryforum)) {
1343              $displayorder = formInt('displayorder'.$forum['fid']);
1344              $forum['status'] = formOnOff('status'.$forum['fid']);
1345              $name = addslashes(htmlspecialchars(postedVar('name'.$forum['fid'], 'javascript', FALSE), ENT_COMPAT)); //Forum names are historically double-slashed.  We also have an unusual situation where ENT_COMPAT is the XMB standard.
1346              $delete = formInt('delete'.$forum['fid']);
1347              $moveto = formInt('moveto'.$forum['fid']);
1348  
1349              $dsuccess = FALSE;
1350              if ($delete == $forum['fid']) {
1351                  if ($db->num_rows($db->query('SELECT tid FROM '.X_PREFIX.'threads WHERE fid='.$forum['fid'])) > 0) {
1352                      $dsuccess = FALSE;
1353                  } elseif ($db->num_rows($db->query('SELECT fid FROM '.X_PREFIX.'forums WHERE fup='.$forum['fid'])) > 0) {
1354                      $dsuccess = FALSE;
1355                  } elseif ($db->num_rows($db->query('SELECT pid FROM '.X_PREFIX.'posts WHERE fid='.$forum['fid'])) > 0) {
1356                      $dsuccess = FALSE;
1357                  } else {
1358                      $db->query("DELETE FROM ".X_PREFIX."forums WHERE (type='forum' OR type='sub') AND fid=".$forum['fid']);
1359                      $dsuccess = TRUE;
1360                  }
1361                  if (!$dsuccess) {
1362                      message($lang['deleteaborted'].'<br />'.$lang['forumnotempty'], FALSE, '', '', FALSE, FALSE, FALSE, FALSE);
1363                  }
1364              }
1365  
1366              if (!$dsuccess) {
1367                  $settype = '';
1368                  if ($forum['fup'] != $moveto And $moveto != $forum['fid'] And $forum['type'] != 'group') { //Forum is being moved
1369                      if ($moveto == 0) {
1370                          $settype = ", type='forum', fup=0";
1371                      } else {
1372                          $query = $db->query("SELECT type FROM ".X_PREFIX."forums WHERE fid=$moveto");
1373                          if ($frow = $db->fetch_array($query)) {
1374                              if ($frow['type'] == 'group') {
1375                                  $settype = ", type='forum', fup=$moveto";
1376                              } else if ($frow['type'] == 'forum') {
1377                                  if ($forum['type'] == 'sub') {
1378                                      $settype = ", fup=$moveto";
1379                                  } else if ($forum['type'] == 'forum') { //Make sure the admin didn't try to demote a parent
1380                                      $query2 = $db->query("SELECT COUNT(*) AS subcount FROM ".X_PREFIX."forums WHERE fup={$forum['fid']}");
1381                                      $frow = $db->fetch_array($query2);
1382                                      $db->free_result($query2);
1383                                      if ($frow['subcount'] == 0) {
1384                                          $settype = ", type='sub', fup=$moveto";
1385                                      }
1386                                  }
1387                              }
1388                          }
1389                          $db->free_result($query);
1390                      }
1391                  }
1392                  $db->query("UPDATE ".X_PREFIX."forums SET name='$name', displayorder=".$displayorder.", status='{$forum['status']}'$settype WHERE fid='".$forum['fid']."'");
1393              }
1394          }
1395  
1396          $querygroup = $db->query("SELECT fid FROM ".X_PREFIX."forums WHERE type='group'");
1397          while($group = $db->fetch_array($querygroup)) {
1398              $name = addslashes(htmlspecialchars(postedVar('name'.$group['fid'], 'javascript', FALSE), ENT_COMPAT));  //Forum names are historically double-slashed.  We also have an unusual situation where ENT_COMPAT is the XMB standard.
1399              $displayorder = formInt('displayorder'.$group['fid']);
1400              $group['status'] = formOnOff('status'.$group['fid']);
1401              $delete = formInt('delete'.$group['fid']);
1402  
1403              if ($delete == $group['fid']) {
1404                  $query = $db->query("SELECT fid FROM ".X_PREFIX."forums WHERE type='forum' AND fup=$delete");
1405                  if ($db->num_rows($query) > 0) {
1406                      message($lang['deleteaborted'].'<br />'.$lang['forumnotempty'], FALSE, '', '', FALSE, FALSE, FALSE, FALSE);
1407                  } else {
1408                      $db->query("DELETE FROM ".X_PREFIX."forums WHERE type='group' AND fid=$delete");
1409                  }
1410              } else {
1411                  $db->query("UPDATE ".X_PREFIX."forums SET name='$name', displayorder=$displayorder, status='{$group['status']}' WHERE fid={$group['fid']}");
1412              }
1413          }
1414  
1415          $newgname = addslashes(htmlspecialchars(postedVar('newgname', 'javascript', FALSE), ENT_COMPAT));  //Forum names are historically double-slashed.  We also have an unusual situation where ENT_COMPAT is the XMB standard.
1416          $newfname = addslashes(htmlspecialchars(postedVar('newfname', 'javascript', FALSE), ENT_COMPAT));
1417          $newsubname = addslashes(htmlspecialchars(postedVar('newsubname', 'javascript', FALSE), ENT_COMPAT));
1418          $newgorder = formInt('newgorder');
1419          $newforder = formInt('newforder');
1420          $newsuborder = formInt('newsuborder');
1421          $newgstatus = formOnOff('newgstatus');
1422          $newfstatus = formOnOff('newfstatus');
1423          $newsubstatus = formOnOff('newsubstatus');
1424          $newffup = formInt('newffup');
1425          $newsubfup = formInt('newsubfup');
1426  
1427          if ($newfname != $lang['textnewforum'] And $newfname != '') {
1428              $db->query("INSERT INTO ".X_PREFIX."forums (type, name, status, lastpost, moderator, displayorder, description, allowhtml, allowsmilies, allowbbcode, userlist, theme, posts, threads, fup, postperm, allowimgcode, attachstatus, password) VALUES ('forum', '$newfname', '$newfstatus', '', '', $newforder, '', 'no', 'yes', 'yes', '', 0, 0, 0, $newffup, '31,31,31,63', 'yes', 'on', '')");
1429          }
1430  
1431          if ($newgname != $lang['textnewgroup'] And $newgname != '') {
1432              $db->query("INSERT INTO ".X_PREFIX."forums (type, name, status, lastpost, moderator, displayorder, description, allowhtml, allowsmilies, allowbbcode, userlist, theme, posts, threads, fup, postperm, allowimgcode, attachstatus, password) VALUES ('group', '$newgname', '$newgstatus', '', '', $newgorder, '', '', '', '', '', 0, 0, 0, 0, '', '', '', '')");
1433          }
1434  
1435          if ($newsubname != $lang['textnewsubf'] And $newsubname != '') {
1436              $db->query("INSERT INTO ".X_PREFIX."forums (type, name, status, lastpost, moderator, displayorder, description, allowhtml, allowsmilies, allowbbcode, userlist, theme, posts, threads, fup, postperm, allowimgcode, attachstatus, password) VALUES ('sub', '$newsubname', '$newsubstatus', '', '', $newsuborder, '', 'no', 'yes', 'yes', '', 0, 0, 0, $newsubfup, '31,31,31,63', 'yes', 'on', '')");
1437          }
1438          echo '<tr bgcolor="'.$altbg2.'" class="ctrtablerow"><td>'.$lang['textforumupdate'].'</td></tr>';
1439      } else {
1440          request_secure('editfid', $fdetails, X_NONCE_FORM_EXP, FALSE);
1441          $namenew = addslashes(htmlspecialchars(postedVar('namenew', 'javascript', FALSE), ENT_COMPAT));  //Forum names are historically double-slashed.  We also have an unusual situation where ENT_COMPAT is the XMB standard.
1442          $descnew = postedVar('descnew');
1443          $allowhtmlnew = formYesNo('allowhtmlnew');
1444          $allowsmiliesnew = formYesNo('allowsmiliesnew');
1445          $allowbbcodenew = formYesNo('allowbbcodenew');
1446          $allowimgcodenew = formYesNo('allowimgcodenew');
1447          $attachstatusnew = formOnOff('attachstatusnew');
1448          $themeforumnew = formInt('themeforumnew');
1449          $userlistnew = postedVar('userlistnew', 'javascript');
1450          $passwordnew = postedVar('passwordnew', '', FALSE, TRUE);
1451          $delete = formInt('delete');
1452  
1453          $overrule = array(0,0,0,0);
1454          if (!X_SADMIN) {
1455              $forum = $db->fetch_array($db->query("SELECT postperm FROM ".X_PREFIX."forums WHERE fid=$fdetails"));
1456              $parts = explode(',', $forum['postperm']);
1457              foreach($parts as $p=>$v) {
1458                  if ($v & 1 == 1) {
1459                      // super admin status set
1460                      $overrule[$p] = 1;
1461                  }
1462              }
1463          }
1464  
1465          $perms = array(0,0,0,0);
1466          foreach($_POST['permsNew'] as $key=>$val) {
1467              $perms[$key] = array_sum($_POST['permsNew'][$key]);
1468              $perms[$key] |= $overrule[$key];
1469          }
1470          $perms = implode(',', $perms);
1471  
1472          $db->query("UPDATE ".X_PREFIX."forums SET
1473              name='$namenew',
1474              description='$descnew',
1475              allowhtml='$allowhtmlnew',
1476              allowsmilies='$allowsmiliesnew',
1477              allowbbcode='$allowbbcodenew',
1478              theme='$themeforumnew',
1479              userlist='$userlistnew',
1480              postperm='$perms',
1481              allowimgcode='$allowimgcodenew',
1482              attachstatus='$attachstatusnew',
1483              password='$passwordnew'
1484              WHERE fid='$fdetails'"
1485          );
1486  
1487          $dsuccess = TRUE;
1488          if ($delete) {
1489              if ($delete == $fdetails) {
1490                  if ($db->num_rows($db->query('SELECT tid FROM '.X_PREFIX.'threads WHERE fid='.$fdetails)) > 0) {
1491                      $dsuccess = FALSE;
1492                  } elseif ($db->num_rows($db->query('SELECT fid FROM '.X_PREFIX.'forums WHERE fup='.$fdetails)) > 0) {
1493                      $dsuccess = FALSE;
1494                  } elseif ($db->num_rows($db->query('SELECT pid FROM '.X_PREFIX.'posts WHERE fid='.$fdetails)) > 0) {
1495                      $dsuccess = FALSE;
1496                  } else {
1497                      $db->query("DELETE FROM ".X_PREFIX."forums WHERE (type='forum' OR type='sub') AND fid=".$fdetails);
1498                      $dsuccess = TRUE;
1499                  }
1500                  if (!$dsuccess) {
1501                      message($lang['deleteaborted'].'<br />'.$lang['forumnotempty'], FALSE, '', '', FALSE, FALSE, FALSE, FALSE);
1502                  }
1503              }
1504          }
1505          if ($dsuccess) {
1506              echo '<tr bgcolor="'.$altbg2.'" class="ctrtablerow"><td>'.$lang['textforumupdate'].'</td></tr>';
1507          }
1508      }
1509  }
1510  
1511  if ($action == "mods") {
1512      if (noSubmit('modsubmit')) {
1513          ?>
1514          <tr bgcolor="<?php echo $altbg2?>">
1515          <td>
1516          <form method="post" action="cp.php?action=mods">
1517          <table cellspacing="0" cellpadding="0" border="0" width="90%" align="center">
1518          <tr>
1519          <td bgcolor="<?php echo $bordercolor?>">
1520          <table border="0" cellspacing="<?php echo $THEME['borderwidth']?>" cellpadding="<?php echo $tablespace?>" width="100%">
1521          <tr class="category">
1522          <td><strong><font color="<?php echo $cattext?>"><?php echo $lang['textforum']?></font></strong></td>
1523          <td><strong><font color="<?php echo $cattext?>"><?php echo $lang['textmoderator']?></font></strong></td>
1524          </tr>
1525          <?php
1526          $oldfid = 0;
1527          $query = $db->query("SELECT f.moderator, f.name, f.fid, c.name as cat_name, c.fid as cat_fid FROM ".X_PREFIX."forums f LEFT JOIN ".X_PREFIX."forums c ON (f.fup = c.fid) WHERE (c.type='group' AND f.type='forum') OR (f.type='forum' AND f.fup='') ORDER BY c.displayorder, f.displayorder");
1528          while($forum = $db->fetch_array($query)) {
1529              if ($oldfid != $forum['cat_fid']) {
1530                  $oldfid = $forum['cat_fid']
1531                  ?>
1532                  <tr bgcolor="<?php echo $altbg1?>" class="tablerow">
1533                  <td colspan="2"><strong><?php echo fnameOut($forum['cat_name'])?></strong></td>
1534                  </tr>
1535                  <?php
1536              }
1537              ?>
1538              <tr bgcolor="<?php echo $altbg2?>" class="tablerow">
1539              <td><?php echo fnameOut($forum['name'])?></td>
1540              <td><input type="text" name="mod[<?php echo $forum['fid']?>]"" value="<?php echo $forum['moderator']?>" /></td>
1541              </tr>
1542              <?php
1543              $querys = $db->query("SELECT name, fid, moderator FROM ".X_PREFIX."forums WHERE fup='".$forum['fid']."' AND type='sub'");
1544              while($sub = $db->fetch_array($querys)) {
1545                  ?>
1546                  <tr bgcolor="<?php echo $altbg2?>" class="tablerow">
1547                  <td><?php echo $lang['4spaces']?><?php echo $lang['4spaces']?><em><?php echo fnameOut($sub['name'])?></em></td>
1548                  <td><input type="text" name="mod[<?php echo $sub['fid']?>]"" value="<?php echo $sub['moderator']?>" /></td>
1549                  </tr>
1550                  <?php
1551              }
1552          }
1553          ?>
1554          <tr>
1555          <td colspan="2" class="tablerow" bgcolor="<?php echo $altbg1?>"><span class="smalltxt"><?php echo $lang['multmodnote']?></span></td>
1556          </tr>
1557          <tr>
1558          <td colspan="2" class="ctrtablerow" bgcolor="<?php echo $altbg2?>"><input type="submit" class="submit" name="modsubmit" value="<?php echo $lang['textsubmitchanges']?>" /></td>
1559          </tr>
1560          </table>
1561          </td>
1562          </tr>
1563          </table>
1564          </form>
1565          </td>
1566          </tr>
1567          <?php
1568      } else {
1569          $mod = postedArray('mod');
1570          if (is_array($mod)) {
1571              foreach($mod as $fid=>$mods) {
1572                  $db->query("UPDATE ".X_PREFIX."forums SET moderator='$mods' WHERE fid='$fid'");
1573              }
1574          }
1575          echo '<tr bgcolor="'.$altbg2.'" class="ctrtablerow"><td>'.$lang['textmodupdate'].'</td></tr>';
1576      }
1577  }
1578  
1579  if ($action == "members") {
1580      $members = postedVar('members', '', FALSE, FALSE, FALSE, 'g');
1581  
1582      $srchmem = postedVar('srchmem', 'javascript', TRUE, FALSE, TRUE);
1583      $srchemail = postedVar('srchemail', 'javascript', TRUE, FALSE, TRUE);
1584      $srchip = postedVar('srchip', 'javascript', TRUE, FALSE, TRUE);
1585      $srchstatus = postedVar('srchstatus', 'javascript', TRUE, TRUE, TRUE);
1586      $dblikemem = $db->like_escape($srchmem);
1587      $dblikeemail = $db->like_escape($srchemail);
1588      $dblikeip = $db->like_escape($srchip);
1589  
1590      $where = array();
1591  
1592      if ($srchmem != '') {
1593          $where[] = "username LIKE '%$dblikemem%' ";
1594      }
1595      if ($srchemail != '') {
1596          $where[] = "email LIKE '%$dblikeemail%' ";
1597      }
1598      if ($srchip != '') {
1599          $where[] = "regip LIKE '%$dblikeip%' ";
1600      }
1601      if ($srchstatus != '') {
1602          if ($srchstatus == 'Pending') {
1603              $where[] = "lastvisit = 0 ";
1604          } else {
1605              $where[] = "status = '$srchstatus' ";
1606          }
1607      }
1608  
1609      if (count($where) == 0) {
1610          $where = '';
1611      } else {
1612          $where = 'WHERE '.implode('AND ', $where);
1613      }
1614  
1615  
1616      if (noSubmit('membersubmit')) {
1617          if (!$members) {
1618              ?>
1619              <tr bgcolor="<?php echo $altbg2?>">
1620              <td>
1621              <form method="post" action="cp.php?action=members&amp;members=search">
1622              <table cellspacing="0" cellpadding="0" border="0" width="90%" align="center">
1623              <tr>
1624              <td bgcolor="<?php echo $bordercolor?>">
1625              <table border="0" cellspacing="<?php echo $THEME['borderwidth']?>" cellpadding="<?php echo $tablespace?>" width="100%">
1626              <tr>
1627              <td class="category" colspan="2"><font color="<?php echo $cattext?>"><strong><?php echo $lang['textmembers']?></strong></font></td>
1628              </tr>
1629              <tr class="tablerow">
1630              <td bgcolor="<?php echo $altbg1?>" width="22%"><?php echo $lang['textsrchusr']?></td>
1631              <td bgcolor="<?php echo $altbg2?>"><input type="text" name="srchmem" /></td>
1632              </tr>
1633              <tr class="tablerow">
1634              <td bgcolor="<?php echo $altbg1?>" width="22%"><?php echo $lang['textsrchemail']?></td>
1635              <td bgcolor="<?php echo $altbg2?>"><input type="text" name="srchemail" /></td>
1636              </tr>
1637              <tr class="tablerow">
1638              <td bgcolor="<?php echo $altbg1?>" width="22%"><?php echo $lang['textsrchip']?></td>
1639              <td bgcolor="<?php echo $altbg2?>"><input type="text" name="srchip" /></td>
1640              </tr>
1641              <tr class="tablerow">
1642              <td bgcolor="<?php echo $altbg1?>" width="22%"><?php echo $lang['textwithstatus']?></td>
1643              <td bgcolor="<?php echo $altbg2?>">
1644              <select name="srchstatus">
1645              <option value=""><?php echo $lang['anystatus']?></option>
1646              <option value="Super Administrator"><?php echo $lang['superadmin']?></option>
1647              <option value="Administrator"><?php echo $lang['textadmin']?></option>
1648              <option value="Super Moderator"><?php echo $lang['textsupermod']?></option>
1649              <option value="Moderator"><?php echo $lang['textmod']?></option>
1650              <option value="Member"><?php echo $lang['textmem']?></option>
1651              <option value="Banned"><?php echo $lang['textbanned']?></option>
1652              <option value="Pending"><?php echo $lang['textpendinglogin']?></option>
1653              </select>
1654              </td>
1655              </tr>
1656              <tr>
1657              <td bgcolor="<?php echo $altbg2?>" class="ctrtablerow" colspan="2"><input type="submit" class="submit" value="<?php echo $lang['textgo']?>" /></td>
1658              </tr>
1659              </table>
1660              </td>
1661              </tr>
1662              </table>
1663              </form>
1664              </td>
1665              </tr>
1666              <?php
1667          } else if ($members == "search") {
1668              ?>
1669              <script language="javascript" type="text/javascript">var delmem = Array();</script>
1670              <tr bgcolor="<?php echo $altbg2?>">
1671              <td align="center">
1672              <form method="post" action="cp.php?action=members">
1673              <input type="hidden" name="token" value="<?php echo nonce_create('masseditmems'); ?>" />
1674              <table cellspacing="0" cellpadding="0" border="0" width="91%" align="center">
1675              <tr>
1676              <td bgcolor="<?php echo $bordercolor?>">
1677              <table border="0" cellspacing="<?php echo $THEME['borderwidth']?>" cellpadding="<?php echo $tablespace?>" width="100%">
1678              <tr class="category">
1679              <td align="center" width="3%"><strong><font color="<?php echo $cattext?>"><?php echo $lang['textdeleteques']?></font></strong></td>
1680              <td><strong><font color="<?php echo $cattext?>"><?php echo $lang['textusername']?></font></strong></td>
1681              <td><strong><font color="<?php echo $cattext?>"><?php echo $lang['textnewpassword']?></font></strong></td>
1682              <td><strong><font color="<?php echo $cattext?>"><?php echo $lang['textposts']?></font></strong></td>
1683              <td><strong><font color="<?php echo $cattext?>"><?php echo $lang['textstatus']?></font></strong></td>
1684              <td><strong><font color="<?php echo $cattext?>"><?php echo $lang['textcusstatus']?></font></strong></td>
1685              <td><strong><font color="<?php echo $cattext?>"><?php echo $lang['textbanfrom']?></font></strong></td>
1686              </tr>
1687              <?php
1688  
1689              $query = $db->query("SELECT * FROM ".X_PREFIX."members $where ORDER BY username");
1690  
1691              while($member = $db->fetch_array($query)) {
1692                  $sadminselect = $adminselect = $smodselect = '';
1693                  $modselect = $memselect = $banselect = '';
1694                  $noban = $u2uban = $postban = $bothban = '';
1695  
1696                  switch($member['status']) {
1697                  case 'Super Administrator':
1698                      $sadminselect = $selHTML;
1699                      break;
1700                  case 'Administrator':
1701                      $adminselect = $selHTML;
1702                      break;
1703                  case 'Super Moderator':
1704                      $smodselect = $selHTML;
1705                      break;
1706                  case 'Moderator':
1707                      $modselect = $selHTML;
1708                      break;
1709                  case 'Member':
1710                      $memselect = $selHTML;
1711                      break;
1712                  case 'Banned':
1713                      $banselect = $selHTML;
1714                      break;
1715                  default:
1716                      $memselect = $selHTML;
1717                      break;
1718                  }
1719  
1720                  switch($member['ban']) {
1721                  case 'u2u':
1722                      $u2uban = $selHTML;
1723                      break;
1724                  case 'posts':
1725                      $postban = $selHTML;
1726                      break;
1727                  case 'both':
1728                      $bothban = $selHTML;
1729                      break;
1730                  default:
1731                      $noban = $selHTML;
1732                      break;
1733                  }
1734  
1735                  if ($member['lastvisit'] == 0) {
1736                      $pending = '<br />'.$lang['textpendinglogin'];
1737                  } else {
1738                      $pending = '';
1739                  }
1740  
1741                  if ($member['status'] == 'Super Administrator') {
1742                      $disabledelete = ' disabled="disabled"';
1743                  } else {
1744                      $disabledelete = '';
1745                  }
1746                  ?>
1747                  <tr bgcolor="<?php echo $altbg2?>" class="tablerow">
1748                  <td align="center"><input type="checkbox" name="delete<?php echo $member['uid']?>" onclick="addUserDel(<?php echo $member['uid']?>, '<?php echo $member['username']?>', this)" value="<?php echo $member['uid']?>"<?php echo $disabledelete; ?> /></td>
1749                  <td><a href="member.php?action=viewpro&amp;member=<?php echo recodeOut($member['username']); ?>"><?php echo $member['username']?></a>
1750                  <?php if (X_SADMIN) { ?>
1751                  <br /><a href="editprofile.php?user=<?php echo recodeOut($member['username']); ?>"><strong><?php echo $lang['admin_edituseraccount']; ?></strong></a>
1752                  <?php } ?>
1753                  <br /><a href="cp.php?action=deleteposts&amp;member=<?php echo recodeOut($member['username'])?>"><strong><?php echo $lang['cp_deleteposts']?></strong></a><?php echo $pending ?>
1754                  </td>
1755                  <td><input type="text" size="12" name="pw<?php echo $member['uid']?>"></td>
1756                  <td><input type="text" size="3" name="postnum<?php echo $member['uid']?>" value="<?php echo $member['postnum']?>"></td>
1757                  <td><select name="status<?php echo $member['uid']?>">
1758                  <option value="Super Administrator" <?php echo $sadminselect?>><?php echo $lang['superadmin']?></option>
1759                  <option value="Administrator" <?php echo $adminselect?>><?php echo $lang['textadmin']?></option>
1760                  <option value="Super Moderator" <?php echo $smodselect?>><?php echo $lang['textsupermod']?></option>
1761                  <option value="Moderator" <?php echo $modselect?>><?php echo $lang['textmod']?></option>
1762                  <option value="Member" <?php echo $memselect?>><?php echo $lang['textmem']?></option>
1763                  <option value="Banned" <?php echo $banselect?>><?php echo $lang['textbanned']?></option>
1764                  </select></td>
1765                  <td><input type="text" size="16" name="cusstatus<?php echo $member['uid']?>" value="<?php echo attrOut($member['customstatus']); ?>" /></td>
1766                  <td><select name="banstatus<?php echo $member['uid']?>">
1767                  <option value="" <?php echo $noban?>><?php echo $lang['noban']?></option>
1768                  <option value="u2u" <?php echo $u2uban?>><?php echo $lang['banu2u']?></option>
1769                  <option value="posts" <?php echo $postban?>><?php echo $lang['banpost']?></option>
1770                  <option value="both" <?php echo $bothban?>><?php echo $lang['banboth']?></option>
1771                  </select></td>
1772                  </tr>
1773                  <?php
1774              }
1775              ?>
1776              <tr>
1777              <td bgcolor="<?php echo $altbg2?>" class="ctrtablerow" colspan="7">
1778               <input type="submit" class="submit" name="membersubmit" value="<?php echo $lang['textsubmitchanges']; ?>" onclick="return confirmUserDel('<?php echo $lang['confirmDeleteUser']; ?>');" />
1779               <input type="hidden" name="srchmem" value="<?php echo $srchmem; ?>" />
1780               <input type="hidden" name="srchemail" value="<?php echo $srchemail; ?>" />
1781               <input type="hidden" name="srchip" value="<?php echo $srchip; ?>" />
1782               <input type="hidden" name="srchstatus" value="<?php echo $srchstatus; ?>" />
1783              </td>
1784              </tr>
1785              </table>
1786              </td>
1787              </tr>
1788              </table>
1789              </form>
1790              </td>
1791              </tr>
1792              <?php
1793          }
1794      } else if (onSubmit('membersubmit')) {
1795          request_secure('masseditmems', '', X_NONCE_FORM_EXP, FALSE);
1796          $query = $db->query("SELECT uid, username, password, status FROM ".X_PREFIX."members $where");
1797  
1798          // Guarantee this request will not remove all Super Administrators.
1799          if (X_SADMIN And $db->num_rows($query) > 0) {
1800              $saquery = $db->query("SELECT COUNT(uid) FROM ".X_PREFIX."members WHERE status='Super Administrator'");
1801              $sa_count = $db->result($saquery, 0);
1802              $db->free_result($saquery);
1803  
1804              while($mem = $db->fetch_array($query)) {
1805                  if ($mem['status'] == 'Super Administrator' And postedVar('status'.$mem['uid']) != 'Super Administrator') {
1806                      $sa_count--;
1807                  }
1808              }
1809              if ($sa_count < 1) {
1810                  error($lang['lastsadmin'], false, '</td></tr></table></td></tr></table><br />');
1811              }
1812              $db->data_seek($query, 0);
1813          }
1814  
1815          // Now execute this request
1816          while($mem = $db->fetch_array($query)) {
1817              $origstatus = $mem['status'];
1818              $status = postedVar('status'.$mem['uid']);
1819              if ($status == '') {
1820                  $status = 'Member';
1821              }
1822  
1823              if (!X_SADMIN && ($origstatus == "Super Administrator" || $status == "Super Administrator")) {
1824                  continue;
1825              }
1826  
1827              $banstatus = postedVar('banstatus'.$mem['uid']);
1828              $cusstatus = postedVar('cusstatus'.$mem['uid'], '', FALSE);
1829              $postnum = getInt('postnum'.$mem['uid'], 'p');
1830              $delete = getInt('delete'.$mem['uid'], 'p');
1831  
1832              $queryadd = '';
1833              if (isset($_POST['pw'.$mem['uid']])) {
1834                  if ($_POST['pw'.$mem['uid']] != '') {
1835                      $newpw = md5($_POST['pw'.$mem['uid']]);
1836                      $queryadd = ", password='$newpw' ";
1837                  }
1838              }
1839  
1840              if ($delete == $mem['uid'] && $delete != $self['uid'] && $origstatus != "Super Administrator") {
1841                  $db->escape_fast($mem['username']);
1842                  $db->query("DELETE FROM ".X_PREFIX."members WHERE uid=$delete");
1843                  $db->query("DELETE FROM ".X_PREFIX."buddys WHERE username='{$mem['username']}'");
1844                  $db->query("DELETE FROM ".X_PREFIX."favorites WHERE username='{$mem['username']}'");
1845                  $db->query("DELETE FROM ".X_PREFIX."u2u WHERE owner='{$mem['username']}'");
1846                  $db->query("UPDATE ".X_PREFIX."whosonline SET username='xguest123' WHERE username='{$mem['username']}'");
1847              } else {
1848                  $db->query("UPDATE ".X_PREFIX."members SET ban='$banstatus', status='$status', postnum='$postnum', customstatus='$cusstatus'$queryadd WHERE uid={$mem['uid']}");
1849              }
1850          }
1851          echo '<tr bgcolor="'.$altbg2.'" class="ctrtablerow"><td>'.$lang['textmembersupdate'].'</td></tr>';
1852      }
1853  }
1854  
1855  if ($action == "ipban") {
1856      if ($SETTINGS['ip_banning'] == 'on') {
1857          if (noSubmit('ipbansubmit') And noSubmit('ipbandisable')) {
1858              ?>
1859              <tr bgcolor="<?php echo $altbg2?>">
1860              <td align="center">
1861              <form method="post" action="cp.php?action=ipban">
1862              <table cellspacing="0" cellpadding="0" border="0" width="550" align="center">
1863              <tr><td bgcolor="<?php echo $bordercolor?>">
1864              <table border="0" cellspacing="<?php echo $THEME['borderwidth']?>" cellpadding="<?php echo $tablespace?>" width="100%">
1865              <tr class="category">
1866              <td><strong><font color="<?php echo $cattext?>"><?php echo $lang['textdeleteques']?></font></strong></td>
1867              <td><strong><font color="<?php echo $cattext?>"><?php echo $lang['textip']?>:</font></strong></td>
1868              <td><strong><font color="<?php echo $cattext?>"><?php echo $lang['textadded']?></font></strong></td>
1869              </tr>
1870              <?php
1871              $query = $db->query("SELECT * FROM ".X_PREFIX."banned ORDER BY dateline");
1872              while($ipaddress = $db->fetch_array($query)) {
1873                  for($i=1; $i<=4; ++$i) {
1874                      $j = "ip" . $i;
1875                      if ($ipaddress[$j] == -1) {
1876                          $ipaddress[$j] = "*";
1877                      }
1878                  }
1879                  $ipdate = gmdate($dateformat, $ipaddress['dateline'] + ($timeoffset * 3600) + ($addtime * 3600)) . " $lang[textat] " . gmdate("$timecode", $ipaddress['dateline'] + ($timeoffset * 3600) + ($addtime * 3600));
1880                  $theip = "$ipaddress[ip1].$ipaddress[ip2].$ipaddress[ip3].$ipaddress[ip4]";
1881                  ?>
1882                  <tr class="tablerow" bgcolor="<?php echo $altbg1?>">
1883                  <td><input type="checkbox" name="delete[<?php echo $ipaddress['id']?>]" value="1" /></td>
1884                  <td><?php echo $theip?></td>
1885                  <td><?php echo $ipdate?></td>
1886                  </tr>
1887                  <?php
1888              }
1889  
1890              $ips = explode(".", $onlineip);
1891              $query = $db->query("SELECT id FROM ".X_PREFIX."banned WHERE (ip1='$ips[0]' OR ip1='-1') AND (ip2='$ips[1]' OR ip2='-1') AND (ip3='$ips[2]' OR ip3='-1') AND (ip4='$ips[3]' OR ip4='-1')");
1892              $result = $db->fetch_array($query);
1893              if ($result) {
1894                  $warning = $lang['ipwarning'];
1895              } else {
1896                  $warning = '';
1897              }
1898              ?>
1899              <tr bgcolor="<?php echo $altbg2?>">
1900              <td colspan="4" class="tablerow" bgcolor="<?php echo $altbg2?>"><?php echo $lang['textnewip']?>
1901              <input type="text" name="newip1" size="3" maxlength="3" bgcolor="<?php echo $altbg2?>" />.<input type="text" name="newip2" size="3" maxlength="3" bgcolor="<?php echo $altbg2?>" />.<input type="text" name="newip3" size="3" maxlength="3" bgcolor="<?php echo $altbg2?>" />.<input type="text" name="newip4" size="3" maxlength="3" bgcolor="<?php echo $altbg2?>" /></td>
1902              </tr>
1903              </table>
1904              </td>
1905              </tr>
1906              </table>
1907              <br />
1908              <span class="smalltxt"><?php echo $lang['currentip']?> <strong><?php echo $onlineip?></strong><?php echo $warning?><br /><?php echo $lang['multipnote']?></span><br />
1909              <br /><div align="center">
1910              <input type="submit" class="submit" name="ipbansubmit" value="<?php echo $lang['textsubmitchanges']; ?>" />
1911              <input type="submit" class="submit" name="ipbandisable" value="<?php echo $lang['ipbandisable']; ?>" />
1912              </div>
1913              </form>
1914              </td>
1915              </tr>
1916              <?php
1917          } elseif (onSubmit('ipbandisable')) {
1918              $db->query('UPDATE '.X_PREFIX.'settings SET ip_banning="off"');
1919              echo '<tr bgcolor="'.$altbg2.'"><td class="ctrtablerow">'.$lang['textipupdate'].'</td></tr>';
1920          } else {
1921              $newip = array();
1922              $newip[] = (is_numeric(postedVar('newip1')) Or postedVar('newip1') == '*') ? trim(postedVar('newip1')) : '0' ;
1923              $newip[] = (is_numeric(postedVar('newip2')) Or postedVar('newip2') == '*') ? trim(postedVar('newip2')) : '0' ;
1924              $newip[] = (is_numeric(postedVar('newip3')) Or postedVar('newip3') == '*') ? trim(postedVar('newip3')) : '0' ;
1925              $newip[] = (is_numeric(postedVar('newip4')) Or postedVar('newip4') == '*') ? trim(postedVar('newip4')) : '0' ;
1926              $delete = postedArray('delete', 'int');
1927  
1928              if ($delete) {
1929                  $dels = array();
1930                  foreach($delete as $id => $del) {
1931                      if ($del == 1) {
1932                          $dels[] = $id;
1933                      }
1934                  }
1935  
1936                  if (count($dels) > 0) {
1937                      $dels = implode(',', $dels);
1938                      $db->query("DELETE FROM ".X_PREFIX."banned WHERE id IN ($dels)");
1939                  }
1940              }
1941              $self['status'] = $lang['textipupdate'];
1942  
1943              if ($newip[0] != '0' || $newip[1] != '0' || $newip[2] != '0' || $newip[3] != '0') {
1944                  $invalid = 0;
1945                  for($i=0; $i<=3 && !$invalid; ++$i) {
1946                      if ($newip[$i] == "*") {
1947                          $ip[$i+1] = -1;
1948                      } else if (intval($newip[$i]) >=0 And intval($newip[$i]) <= 255) {
1949                          $ip[$i+1] = intval($newip[$i]);
1950                      } else {
1951                          $invalid = 1;
1952                      }
1953                  }
1954  
1955                  if ($invalid) {
1956                      $self['status'] = $lang['invalidip'];
1957                  } else {
1958                      if ($ip[1] == '-1' && $ip[2] == '-1' && $ip[3] == '-1' && $ip[4] == '-1') {
1959                          $self['status'] = $lang['impossiblebanall'];
1960                      } else {
1961                          $query = $db->query("SELECT id FROM ".X_PREFIX."banned WHERE (ip1='$ip[1]' OR ip1='-1') AND (ip2='$ip[2]' OR ip2='-1') AND (ip3='$ip[3]' OR ip3='-1') AND (ip4='$ip[4]' OR ip4='-1')");
1962                          $result = $db->fetch_array($query);
1963                          if ($result) {
1964                              $self['status'] = $lang['existingip'];
1965                          } else {
1966                              $query = $db->query("INSERT INTO ".X_PREFIX."banned (ip1, ip2, ip3, ip4, dateline) VALUES ('$ip[1]', '$ip[2]', '$ip[3]', '$ip[4]', $onlinetime)");
1967                          }
1968                      }
1969                  }
1970              }
1971              echo '<tr bgcolor="'.$altbg2.'"><td class="ctrtablerow">'.$self['status'].'</td></tr>';
1972          }
1973      } else {
1974          if (noSubmit('ipbanenable')) {
1975              ?>
1976              <tr bgcolor="<?php echo $altbg2?>">
1977              <td align="center">
1978              <form method="post" action="cp.php?action=ipban">
1979              <div align="center">
1980              <input type="submit" class="submit" name="ipbanenable" value="<?php echo $lang['ipbanenable']; ?>" />
1981              </div>
1982              </form>
1983              </td>
1984              </tr>
1985              <?php
1986          } else {
1987              $db->query('UPDATE '.X_PREFIX.'settings SET ip_banning="on"');
1988              echo '<tr bgcolor="'.$altbg2.'"><td class="ctrtablerow">'.$lang['textipupdate'].'</td></tr>';
1989          }
1990      }
1991  }
1992  
1993  if ($action == "deleteposts") {
1994      $member = postedVar('member', '', TRUE, TRUE, FALSE, 'g');
1995      if (noSubmit('yessubmit')) {
1996          $key = template_key('delps', $member);
1997          ?>
1998          <tr bgcolor="<?php echo $altbg2; ?>" class="ctrtablerow"><td><?php echo $lang['confirmDeletePosts']; ?><br />
1999          <form action="cp.php?action=deleteposts&amp;member=<?php echo recodeOut($member); ?>" method="post">
2000            <input type="hidden" name="token" value="<?php echo nonce_create($key); ?>" />
2001            <input type="submit" name="yessubmit" value="<?php echo $lang['textyes']; ?>" /> -
2002            <input type="submit" name="yessubmit" value="<?php echo $lang['textno']; ?>" />
2003          </form></td></tr>
2004          <?php
2005      } elseif ($lang['textyes'] == $yessubmit) {
2006          request_secure('delps', $member, X_NONCE_AYS_EXP, FALSE);
2007          require ('include/attach-admin.inc.php');
2008  
2009          // Get TIDs
2010          $dirty = array();
2011          $countquery = $db->query("SELECT tid FROM ".X_PREFIX."posts WHERE author='$member' GROUP BY tid");
2012          while($post = $db->fetch_array($countquery)) {
2013              $dirty[] = $post['tid'];
2014          }
2015          $db->free_result($countquery);
2016  
2017          // Get FIDs
2018          $fids = array();
2019          if (count($dirty) > 0) {
2020              $csv = implode(',', $dirty);
2021              $countquery = $db->query("SELECT fid FROM ".X_PREFIX."threads WHERE tid IN ($csv) GROUP BY fid");
2022              while($thread = $db->fetch_array($countquery)) {
2023                  $fids[] = $thread['fid'];
2024              }
2025              $db->free_result($countquery);
2026          }
2027  
2028          // Delete Member's Posts
2029          deleteAttachmentsByUser($member);
2030          $db->query("DELETE FROM ".X_PREFIX."posts WHERE author='$member'");
2031          $db->query("UPDATE ".X_PREFIX."members SET postnum = 0 WHERE username='$member'");
2032  
2033          // Delete Empty Threads
2034          // This will also delete thread redirectors where the redirect's author is $member
2035          $tids = array();
2036          $movedids = array();
2037          $countquery = $db->query("SELECT t.tid FROM ".X_PREFIX."threads AS t LEFT JOIN ".X_PREFIX."posts AS p USING (tid) WHERE t.closed NOT LIKE 'moved%' GROUP BY t.tid HAVING COUNT(p.pid) = 0");
2038          while($threads = $db->fetch_array($countquery)) {
2039              $tids[] = $threads['tid'];
2040              $movedids[] = 'moved|'.$threads['tid'];
2041          }
2042          $db->free_result($countquery);
2043          if (count($tids) > 0) {
2044              $csv = implode(',', $tids);
2045              $movedids = implode("', '", $movedids);
2046              $db->query("DELETE FROM ".X_PREFIX."threads WHERE tid IN ($csv) OR closed IN ('$movedids')");
2047              $db->query("DELETE FROM ".X_PREFIX."favorites WHERE tid IN ($csv)");
2048              $db->query("DELETE FROM d, r, v "
2049                       . "USING ".X_PREFIX."vote_desc AS d "
2050                       . "LEFT JOIN ".X_PREFIX."vote_results AS r ON r.vote_id = d.vote_id "
2051                       . "LEFT JOIN ".X_PREFIX."vote_voters AS v  ON v.vote_id = d.vote_id "
2052                       . "WHERE d.topic_id IN ($csv)");
2053          }
2054  
2055          // Update Thread Stats
2056          $dirty = array_diff($dirty, $tids);
2057          foreach($dirty as $tid) {
2058              updatethreadcount($tid);
2059          }
2060  
2061          // Update Forum Stats
2062          $fids = array_unique($fids);
2063          $fups = array();
2064          foreach ($fids as $fid) {
2065              $forum = getForum($fid);
2066              if ('sub' == $forum['type']) {
2067                  $fups[] = $forum['fup'];
2068              }
2069          }
2070          $fids = array_unique(array_merge($fids, $fups));
2071          foreach ($fids as $fid) {
2072              updateforumcount($fid);
2073          }
2074  
2075          echo "<p align=\"center\">Deleted ...</br>";
2076      }
2077  }
2078  
2079  if ($action == "upgrade") {
2080      if (!X_SADMIN) {
2081          error($lang['superadminonly'], false, '</td></tr></table></td></tr></table><br />');
2082      }
2083  
2084      if (onSubmit('upgradesubmit')) {
2085          request_secure('insertrawsql', '', X_NONCE_FORM_EXP, FALSE);
2086          $upgrade = postedVar('upgrade', '', FALSE, FALSE);
2087          if (isset($_FILES['sql_file'])) {
2088              require ('include/attach.inc.php');
2089              $filename = '';
2090              $filetype = '';
2091              $filesize = 0;
2092              $add = get_attached_file('sql_file', $filename, $filetype, $filesize, FALSE);
2093              if ($add !== FALSE) {
2094                  $upgrade .= $add;
2095                  unlink($_FILES['sql_file']['tmp_name']);
2096              }
2097          }
2098  
2099          $upgrade = str_replace('$table_', $tablepre, $upgrade);
2100          $explode = explode(";", $upgrade);
2101          $count = count($explode);
2102  
2103          if (strlen(trim($explode[$count-1])) == 0) {
2104              unset($explode[$count-1]);
2105              $count--;
2106          }
2107  
2108          echo '</table></td></tr></table>';
2109  
2110          for($num=0;$num<$count;$num++) {
2111              if ($allow_spec_q !== true) {
2112                  if (strtoupper(substr(trim($explode[$num]), 0, 3)) == 'USE' || strtoupper(substr(trim($explode[$num]), 0, 14)) == 'SHOW DATABASES') {
2113                      error($lang['textillegalquery'], false, '</td></tr></table></td></tr></table><br />');
2114                  }
2115              }
2116  
2117              if ($explode[$num] != '') {
2118                  $query = $db->query($explode[$num]." -- Injected by $xmbuser using cp.php");
2119  
2120                  if (is_bool($query)) {
2121                      $numfields = 1;
2122                  } else {
2123                      $numfields = $db->num_fields($query);
2124                  }
2125  
2126                  echo '<br />';
2127                  ?>
2128                  <table cellspacing="0" cellpadding="0" border="0" width="<?php echo $tablewidth?>" align="center">
2129                  <tr>
2130                  <td bgcolor="<?php echo $bordercolor?>">
2131                  <table border="0" cellspacing="<?php echo $THEME['borderwidth']?>" cellpadding="<?php echo $tablespace?>" width="100%">
2132                  <tr bgcolor="<?php echo $altbg2?>" class="tablerow">
2133                  <td colspan="<?php echo $numfields; ?>"><strong><?php echo $lang['upgraderesults']?></strong>&nbsp;<?php echo cdataOut($explode[$num]); ?>
2134                  <?php
2135                  $xn = strtoupper($explode[$num]);
2136                  if (!is_bool($query)) {
2137                      dump_query($query, true);
2138                  } else {
2139                      $selq=false;
2140                  }
2141                  ?>
2142                  </td>
2143                  </tr>
2144                  </td>
2145                  </tr>
2146                  </table>
2147                  </td>
2148                  </tr>
2149                  </table>
2150                  <?php
2151              }
2152          }
2153          ?>
2154          <br />
2155          <table cellspacing="0" cellpadding="0" border="0" width="<?php echo $tablewidth?>" align="center">
2156          <tr>
2157          <td bgcolor="<?php echo $bordercolor?>">
2158          <table border="0" cellspacing="<?php echo $THEME['borderwidth']?>" cellpadding="<?php echo $tablespace?>" width="100%">
2159          <tr bgcolor="<?php echo $altbg2?>" class="tablerow">
2160          <td><?php echo $lang['upgradesuccess']?></td>
2161          </tr>
2162          </table>
2163          </td>
2164          </tr>
2165          </table>
2166          <?php
2167          end_time();
2168          eval('echo "'.template('footer').'";');
2169          exit();
2170      } else {
2171          ?>
2172          <tr bgcolor="<?php echo $altbg2?>">
2173          <td align="center">
2174          <form method="post" action="cp.php?action=upgrade" enctype="multipart/form-data">
2175          <input type="hidden" name="token" value="<?php echo nonce_create('insertrawsql'); ?>" />
2176          <table cellspacing="0" cellpadding="0" border="0" width="550" align="center">
2177          <tr>
2178          <td bgcolor="<?php echo $bordercolor?>">
2179          <table border="0" cellspacing="<?php echo $THEME['borderwidth']?>" cellpadding="<?php echo $tablespace?>" width="100%">
2180          <tr>
2181          <td class="tablerow" bgcolor="<?php echo $altbg1?>" colspan="2"><strong><?php echo $lang['textupgrade']?></strong></td>
2182          </tr>
2183          <tr>
2184          <td bgcolor="<?php echo $altbg2?>" class="tablerow" colspan="2"><?php echo $lang['upgrade']?></td>
2185          </tr>
2186          <tr>
2187          <td bgcolor="<?php echo $altbg1?>" class="tablerow" valign="top"><textarea cols="85" rows="10" name="upgrade"></textarea></td>
2188          </tr>
2189          <tr>
2190          <td bgcolor="<?php echo $altbg2?>" class="tablerow" colspan="2"><input type="file" name="sql_file" /></td>
2191          </tr>
2192          <tr>
2193          <td bgcolor="<?php echo $altbg1?>" class="tablerow" colspan="2"><?php echo $lang['upgradenote']?></td>
2194          </tr>
2195          <tr>
2196          <td class="ctrtablerow" bgcolor=<?php echo $altbg2?> colspan="2"><input type="submit" class="submit" name="upgradesubmit" value="<?php echo $lang['textsubmitchanges']?>" /></td>
2197          </tr>
2198          </table>
2199          </td>
2200          </tr>
2201          </table>
2202          </form>
2203          </td>
2204          </tr>
2205          <?php
2206      }
2207  }
2208  
2209  if ($action == "search") {
2210      if (onSubmit('searchsubmit')) {
2211          smcwcache();
2212          $userip = postedVar('userip');
2213          $postip = postedVar('postip');
2214          $dblikeprofile = $db->like_escape(postedVar('profileword', '', TRUE, FALSE));
2215          $dblikepost = $db->like_escape(postedVar('postword', '', TRUE, FALSE));
2216  
2217          $found = 0;
2218          $list = array();
2219          if ($userip) {
2220              $query = $db->query("SELECT * FROM ".X_PREFIX."members WHERE regip = '$userip'");
2221              while($users = $db->fetch_array($query)) {
2222                  $link = "./member.php?action=viewpro&amp;member=".recodeOut($users['username']);
2223                  $list[] = "<a href = \"$link\">{$users['username']}<br />";
2224                  $found++;
2225              }
2226          }
2227  
2228          if ($postip) {
2229              $query = $db->query("SELECT * FROM ".X_PREFIX."posts WHERE useip = '$postip'");
2230              while($users = $db->fetch_array($query)) {
2231                  $link = "./viewthread.php?tid=$users[tid]#pid$users[pid]";
2232                  if (!empty($users['subject'])) {
2233                      $list[] = '<a href="'.$link.'">'.rawHTMLsubject(stripslashes($users['subject'])).'<br />';
2234                  } else {
2235                      $list[] = "<a href = \"$link\">- - No subject - -<br />";
2236                  }
2237                  $found++;
2238              }
2239          }
2240  
2241          if ($dblikeprofile != '') {
2242              $query = $db->query("SELECT * FROM ".X_PREFIX."members WHERE bio LIKE '%$dblikeprofile%'");
2243              while($users = $db->fetch_array($query)) {
2244                  $link = "./member.php?action=viewpro&amp;member=".recodeOut($users['username']);
2245                  $list[] = "<a href = \"$link\">{$users['username']}<br />";
2246                  $found++;
2247              }
2248          }
2249  
2250          if ($dblikepost != '') {
2251              $query = $db->query("SELECT * FROM ".X_PREFIX."posts WHERE subject LIKE '%$dblikepost%' OR message LIKE '%$dblikepost%'");
2252              while($users = $db->fetch_array($query)) {
2253                  $link = "./viewthread.php?tid=$users[tid]#pid$users[pid]";
2254                  if (!empty($users['subject'])) {
2255                      $list[] = '<a href="'.$link.'">'.rawHTMLsubject(stripslashes($users['subject'])).'<br />';
2256                  } else {
2257                      $list[] = '<a href="'.$link.'">- - No subject - -<br />';
2258                  }
2259                  $found++;
2260              }
2261          }
2262          ?>
2263          <tr bgcolor="<?php echo $altbg2?>" class="tablerow">
2264          <td align="left" colspan="2">
2265          <strong><?php echo $found?></strong> <?php echo $lang['beenfound']?>
2266          <br />
2267          </td>
2268          </tr>
2269          <?php
2270          foreach($list as $num=>$val) {
2271              ?>
2272              <tr class="tablerow" width="5%">
2273              <td align="left" bgcolor="<?php echo $altbg2?>">
2274              <strong><?php echo ($num+1)?>.</strong>
2275              </td>
2276              <td align="left" width="95%" bgcolor="<?php echo $altbg1?>">
2277              <?php echo $val; ?>
2278              </td>
2279              </tr>
2280              <?php
2281           }
2282      } else {
2283          ?>
2284          <tr bgcolor="<?php echo $altbg2?>">
2285          <td align="center">
2286          <form method="post" action="cp.php?action=search">
2287          <table cellspacing="0" cellpadding="0" border="0" width="550" align="center">
2288          <tr>
2289          <td bgcolor="<?php echo $bordercolor?>">
2290          <table border="0" cellspacing="<?php echo $THEME['borderwidth']?>" cellpadding="<?php echo $tablespace?>" width="100%">
2291          <tr class="category">
2292          <td colspan=2><strong><font color="<?php echo $cattext?>"><?php echo $lang['insertdata']?>:</font></strong></td>
2293          </tr>
2294          <tr bgcolor="<?php echo $altbg2?>" class="tablerow">
2295          <td valign="top"><div align="center"><br />
2296          <?php echo $lang['userip']?><br /><input type="text" name="userip" /></input><br /><br />
2297          <?php echo $lang['postip']?><br /><input type="text" name="postip" /></input><br /><br />
2298          <?php echo $lang['profileword']?><br /><input type="text" name="profileword" /></input><br /><br />
2299          <?php echo $lang['postword']?><br />
2300          <?php
2301          $query = $db->query("SELECT find FROM ".X_PREFIX."words");
2302          $select = "<select name=\"postword\"><option value=\"\"></option>";
2303          while($temp = $db->fetch_array($query)) {
2304              $select .= "<option value=\"$temp[find]\">$temp[find]</option>";
2305          }
2306          $select .= "</select>";
2307          echo $select;
2308          ?>
2309          <br />
2310          <br />
2311          <div align="center"><br /><input type="submit" class="submit" name="searchsubmit" value="<?php echo $lang['cpsearch']; ?>" /><br /><br /></div>
2312          </td>
2313          </tr>
2314          </table>
2315          </td></tr></table>
2316          </form>
2317          </td>
2318          </tr>
2319          <?php
2320  
2321      }
2322  }
2323  
2324  echo '</table></td></tr></table>';
2325  end_time();
2326  eval('echo "'.template('footer').'";');
2327  ?>

title

Description

title

Description

title

Description

title

title

Body