Copyright 2004-2009 iDB Support - http://idb.berlios.de/
Copyright 2004-2009 Game Maker 2k - http://gamemaker2k.org/
- $FileInfo: members.php - Last Update: 10/08/2009 SVN 324 - Author: cooldude2k $
+ $FileInfo: members.php - Last Update: 11/14/2009 SVN 346 - Author: cooldude2k $
*/
$File3Name = basename($_SERVER['SCRIPT_NAME']);
if ($File3Name=="members.php"||$File3Name=="/members.php") {
ob_clean(); @header("Content-Type: text/plain; charset=".$Settings['charset']);
gzip_page($Settings['use_gzip'],$GZipEncode['Type']); @session_write_close(); die(); }
if(!isset($_POST['update'])) { $_POST['update'] = null; }
+if(!isset($_POST['gid'])) { $_POST['gid'] = "0"; }
+if(!is_numeric($_POST['gid'])) { $_POST['gid'] = "0"; }
$Error = null; $errorstr = null;
?>
<table class="Table3">
<tr class="TableMenuRow3" id="ProfileUpdate">
<td class="TableMenuColumn3">
<div style="text-align: center;">
- <br /><?php echo $VMemName ?> was validated successfully. <a href="<?php echo url_maker($exfile['admin'],$Settings['file_ext'],"act=".$_GET['act']."&menu=members",$Settings['qstr'],$Settings['qsep'],$prexqstr['admin'],$exqstr['admin']); ?>">Click here</a> to back to admin cp.<br />
+ <br /><?php echo $VMemName; ?> was validated successfully. <a href="<?php echo url_maker($exfile['admin'],$Settings['file_ext'],"act=".$_GET['act']."&menu=members",$Settings['qstr'],$Settings['qsep'],$prexqstr['admin'],$exqstr['admin']); ?>">Click here</a> to back to admin cp.<br />
+ </div>
+</td></tr>
+<tr id="ProfileTitleEnd" class="TableMenuRow4">
+<td class="TableMenuColumn4"> </td>
+</tr></table></div>
+<?php } if($_POST['act']=="deletemember"&&$_POST['update']=="now"&&$_GET['act']=="deletemember"&&
+ ($_POST['id']=="0"||$_POST['id']=="1"||$_POST['id']=="-1")) {
+ $_POST['act'] = null; $_POST['update'] = null; }
+if($_GET['act']=="deletemember"&&$_POST['update']!="now") {
+$admincptitle = " ".$ThemeSet['TitleDivider']." Deleting Members";
+?>
+<div class="TableMenuBorder">
+<?php if($ThemeSet['TableStyle']=="div") { ?>
+<div class="TableMenuRow1">
+<?php echo $ThemeSet['TitleIcon']; ?><a href="<?php echo url_maker($exfile['admin'],$Settings['file_ext'],"act=deletemember",$Settings['qstr'],$Settings['qsep'],$prexqstr['admin'],$exqstr['admin']); ?>">Deleting Members Manager</a></div>
+<?php } ?>
+<table class="TableMenu" style="width: 100%;">
+<?php if($ThemeSet['TableStyle']=="table") { ?>
+<tr class="TableMenuRow1">
+<td class="TableMenuColumn1"><span style="float: left;">
+<?php echo $ThemeSet['TitleIcon']; ?><a href="<?php echo url_maker($exfile['admin'],$Settings['file_ext'],"act=deletemember",$Settings['qstr'],$Settings['qsep'],$prexqstr['admin'],$exqstr['admin']); ?>">Deleting Members Manager</a>
+</span><span style="float: right;"> </span></td>
+</tr><?php } ?>
+<tr class="TableMenuRow2">
+<th class="TableMenuColumn2" style="width: 100%; text-align: left;">
+<span style="float: left;"> Deleting Members Manager: </span>
+<span style="float: right;"> </span>
+</th>
+</tr>
+<tr class="TableMenuRow3">
+<td class="TableMenuColumn3">
+<form style="display: inline;" method="post" id="acptool" action="<?php echo url_maker($exfile['admin'],$Settings['file_ext'],"act=deletemember",$Settings['qstr'],$Settings['qsep'],$prexqstr['admin'],$exqstr['admin']); ?>">
+<table style="text-align: left;">
+<tr style="text-align: left;">
+ <td style="width: 50%;"><label class="TextBoxLabel" for="id">Member to delete:</label></td>
+ <td style="width: 50%;"><select size="1" class="TextBox" name="id" id="id">
+<?php
+$getmemidq = query("SELECT * FROM `".$Settings['sqltable']."members` WHERE (`id`<>-1 AND `id`<>1)", array(null));
+$getmemidr=mysql_query($getmemidq);
+$getmemidnum=mysql_num_rows($getmemidr);
+$getmemidi = 0;
+if($getmemidnum<1) { ?>
+ <option value="0">None</option>
+<?php }
+while ($getmemidi < $getmemidnum) {
+$getmemidID=mysql_result($getmemidr,$getmemidi,"id");
+$getmemidName=mysql_result($getmemidr,$getmemidi,"Name");
+?>
+<option value="<?php echo $getmemidID; ?>"><?php echo $getmemidName; ?></option>
+<?php ++$getmemidi; }
+@mysql_free_result($getmemidr); ?>
+ </select></td>
+</tr></table>
+<table style="text-align: left;">
+<tr style="text-align: left;">
+<td style="width: 100%;">
+<input type="hidden" name="act" value="deletemember" style="display: none;" />
+<input type="hidden" name="update" value="now" style="display: none;" />
+<input type="submit" class="Button" value="Delete Member" name="Apply_Changes" />
+<input type="reset" value="Reset Form" class="Button" name="Reset_Form" />
+</td></tr></table>
+</form>
+</td>
+</tr>
+<tr class="TableMenuRow4">
+<td class="TableMenuColumn4"> </td>
+</tr>
+</table>
+</div>
+<?php } if($_POST['act']=="deletemember"&&$_POST['update']=="now"&&$_GET['act']=="deletemember"&&
+ ($_POST['id']!="0"||$_POST['id']!="1"||$_POST['id']!="-1")) {
+$DMemName = GetUserName($_POST['id'],$Settings['sqltable']);
+if($DMemName!==null&&($_POST['id']!="0"||$_POST['id']!="1"||$_POST['id']!="-1")) {
+$dmquery = query("DELETE FROM `".$Settings['sqltable']."members` WHERE `id`=%i", array($_POST['id']));
+mysql_query($dmquery); }
+?>
+<div class="TableMenuBorder">
+<?php if($ThemeSet['TableStyle']=="div") { ?>
+<div class="TableMenuRow1">
+<?php echo $ThemeSet['TitleIcon']; ?><a href="<?php echo url_maker($exfile['admin'],$Settings['file_ext'],"act=".$_GET['act']."&menu=members",$Settings['qstr'],$Settings['qsep'],$prexqstr['admin'],$exqstr['admin']); ?>">Updating Settings</a></div>
+<?php } ?>
+<table class="TableMenu" style="width: 100%;">
+<?php if($ThemeSet['TableStyle']=="table") { ?>
+<tr class="TableMenuRow1">
+<td class="TableMenuColumn1"><span style="float: left;">
+<?php echo $ThemeSet['TitleIcon']; ?><a href="<?php echo url_maker($exfile['admin'],$Settings['file_ext'],"act=".$_GET['act']."&menu=members",$Settings['qstr'],$Settings['qsep'],$prexqstr['admin'],$exqstr['admin']); ?>">Updating Settings</a>
+</span><span style="float: right;"> </span></td>
+</tr><?php } ?>
+<tr id="ProfileTitle" class="TableMenuRow2">
+<th class="TableMenuColumn2">Updating Settings</th>
+</tr>
+<tr class="TableMenuRow3" id="ProfileUpdate">
+<td class="TableMenuColumn3">
+<div style="text-align: center;">
+ <br /><?php echo $DMemName; ?> was deleted successfully. <a href="<?php echo url_maker($exfile['admin'],$Settings['file_ext'],"act=".$_GET['act']."&menu=members",$Settings['qstr'],$Settings['qsep'],$prexqstr['admin'],$exqstr['admin']); ?>">Click here</a> to back to admin cp.<br />
+ </div>
+</td></tr>
+<tr id="ProfileTitleEnd" class="TableMenuRow4">
+<td class="TableMenuColumn4"> </td>
+</tr></table></div>
+<?php }
+
+if($_POST['act']=="editmember"&&$_POST['update']=="now"&&$_GET['act']=="editmember"&&
+ ($_POST['id']=="0"||$_POST['id']=="1"||$_POST['id']=="-1")) {
+ $_POST['act'] = null; $_POST['update'] = null; }
+if($_GET['act']=="editmember"&&$_POST['update']!="now") {
+$admincptitle = " ".$ThemeSet['TitleDivider']." Editing Members";
+?>
+<div class="TableMenuBorder">
+<?php if($ThemeSet['TableStyle']=="div") { ?>
+<div class="TableMenuRow1">
+<?php echo $ThemeSet['TitleIcon']; ?><a href="<?php echo url_maker($exfile['admin'],$Settings['file_ext'],"act=editmember",$Settings['qstr'],$Settings['qsep'],$prexqstr['admin'],$exqstr['admin']); ?>">Editing Members Manager</a></div>
+<?php } ?>
+<table class="TableMenu" style="width: 100%;">
+<?php if($ThemeSet['TableStyle']=="table") { ?>
+<tr class="TableMenuRow1">
+<td class="TableMenuColumn1"><span style="float: left;">
+<?php echo $ThemeSet['TitleIcon']; ?><a href="<?php echo url_maker($exfile['admin'],$Settings['file_ext'],"act=editmember",$Settings['qstr'],$Settings['qsep'],$prexqstr['admin'],$exqstr['admin']); ?>">Editing Members Manager</a>
+</span><span style="float: right;"> </span></td>
+</tr><?php } ?>
+<tr class="TableMenuRow2">
+<th class="TableMenuColumn2" style="width: 100%; text-align: left;">
+<span style="float: left;"> Editing Members Manager: </span>
+<span style="float: right;"> </span>
+</th>
+</tr>
+<tr class="TableMenuRow3">
+<td class="TableMenuColumn3">
+<form style="display: inline;" method="post" id="acptool" action="<?php echo url_maker($exfile['admin'],$Settings['file_ext'],"act=editmember",$Settings['qstr'],$Settings['qsep'],$prexqstr['admin'],$exqstr['admin']); ?>">
+<table style="text-align: left;">
+<tr style="text-align: left;">
+ <td style="width: 50%;"><label class="TextBoxLabel" for="id">Member to edit:</label></td>
+ <td style="width: 50%;"><select size="1" class="TextBox" name="id" id="id">
+<?php
+$getmemidq = query("SELECT * FROM `".$Settings['sqltable']."members` WHERE (`id`<>-1 AND `id`<>1)", array(null));
+$getmemidr=mysql_query($getmemidq);
+$getmemidnum=mysql_num_rows($getmemidr);
+$getmemidi = 0;
+if($getmemidnum<1) { ?>
+ <option value="0">None</option>
+<?php }
+while ($getmemidi < $getmemidnum) {
+$getmemidID=mysql_result($getmemidr,$getmemidi,"id");
+$getmemidName=mysql_result($getmemidr,$getmemidi,"Name");
+?>
+<option value="<?php echo $getmemidID; ?>"><?php echo $getmemidName; ?></option>
+<?php ++$getmemidi; }
+@mysql_free_result($getmemidr); ?>
+ </select></td>
+</tr><tr style="text-align: left;">
+ <td style="width: 50%;"><label class="TextBoxLabel" for="gid">New Group for Member:</label></td>
+ <td style="width: 50%;"><select size="1" class="TextBox" name="gid" id="gid">
+<?php
+$getgrpidq = query("SELECT * FROM `".$Settings['sqltable']."groups` WHERE (`Name`<>'%s' AND `Name`<>'%s')", array($Settings['GuestGroup'],$Settings['ValidateGroup']));
+$getgrpidr=mysql_query($getgrpidq);
+$getgrpidnum=mysql_num_rows($getgrpidr);
+$getgrpidi = 0;
+if($getgrpidnum<1) { ?>
+ <option value="0">None</option>
+<?php }
+while ($getgrpidi < $getgrpidnum) {
+$getgrpidID=mysql_result($getgrpidr,$getgrpidi,"id");
+$getgrpidName=mysql_result($getgrpidr,$getgrpidi,"Name");
+?>
+<option value="<?php echo $getgrpidID; ?>"><?php echo $getgrpidName; ?></option>
+<?php ++$getgrpidi; }
+@mysql_free_result($getgrpidr); ?>
+ </select></td>
+</tr></table>
+<table style="text-align: left;">
+<tr style="text-align: left;">
+<td style="width: 100%;">
+<input type="hidden" name="act" value="editmember" style="display: none;" />
+<input type="hidden" name="update" value="now" style="display: none;" />
+<input type="submit" class="Button" value="Edit Member" name="Apply_Changes" />
+<input type="reset" value="Reset Form" class="Button" name="Reset_Form" />
+</td></tr></table>
+</form>
+</td>
+</tr>
+<tr class="TableMenuRow4">
+<td class="TableMenuColumn4"> </td>
+</tr>
+</table>
+</div>
+<?php } if($_POST['act']=="editmember"&&$_POST['update']=="now"&&$_GET['act']=="editmember"&&
+ ($_POST['id']!="0"||$_POST['id']!="1"||$_POST['id']!="-1")) {
+$ggidquery = query("SELECT * FROM `".$Settings['sqltable']."groups` WHERE `name`='%s' LIMIT 1", array($Settings['GuestGroup']));
+$ggidresult=mysql_query($ggidquery);
+$GuestGroupID=mysql_result($ggidresult,0,"id");
+@mysql_free_result($ggidresult);
+$vgidquery = query("SELECT * FROM `".$Settings['sqltable']."groups` WHERE `name`='%s' LIMIT 1", array($Settings['ValidateGroup']));
+$vgidresult=mysql_query($vgidquery);
+$ValidateGroupID=mysql_result($vgidresult,0,"id");
+@mysql_free_result($vgidresult);
+$DMemName = GetUserName($_POST['id'],$Settings['sqltable']);
+if($DMemName!==null&&($_POST['id']!="0"||$_POST['id']!="1"||$_POST['id']!="-1")&&
+ ($_POST['gid']!=$GuestGroupID||$_POST['gid']!=$ValidateGroupID)) {
+$dmquery = query("UPDATE `".$Settings['sqltable']."members` SET GroupID=%i WHERE `id`=%i", array($_POST['gid'],$_POST['id']));
+mysql_query($dmquery); }
+?>
+<div class="TableMenuBorder">
+<?php if($ThemeSet['TableStyle']=="div") { ?>
+<div class="TableMenuRow1">
+<?php echo $ThemeSet['TitleIcon']; ?><a href="<?php echo url_maker($exfile['admin'],$Settings['file_ext'],"act=".$_GET['act']."&menu=members",$Settings['qstr'],$Settings['qsep'],$prexqstr['admin'],$exqstr['admin']); ?>">Updating Settings</a></div>
+<?php } ?>
+<table class="TableMenu" style="width: 100%;">
+<?php if($ThemeSet['TableStyle']=="table") { ?>
+<tr class="TableMenuRow1">
+<td class="TableMenuColumn1"><span style="float: left;">
+<?php echo $ThemeSet['TitleIcon']; ?><a href="<?php echo url_maker($exfile['admin'],$Settings['file_ext'],"act=".$_GET['act']."&menu=members",$Settings['qstr'],$Settings['qsep'],$prexqstr['admin'],$exqstr['admin']); ?>">Updating Settings</a>
+</span><span style="float: right;"> </span></td>
+</tr><?php } ?>
+<tr id="ProfileTitle" class="TableMenuRow2">
+<th class="TableMenuColumn2">Updating Settings</th>
+</tr>
+<tr class="TableMenuRow3" id="ProfileUpdate">
+<td class="TableMenuColumn3">
+<div style="text-align: center;">
+ <br /><?php echo $DMemName; ?>'s group id was changed successfully.<br /> <a href="<?php echo url_maker($exfile['admin'],$Settings['file_ext'],"act=".$_GET['act']."&menu=members",$Settings['qstr'],$Settings['qsep'],$prexqstr['admin'],$exqstr['admin']); ?>">Click here</a> to back to admin cp.<br />
</div>
</td></tr>
<tr id="ProfileTitleEnd" class="TableMenuRow4">
if($_POST['MinOffSet']>59) { $_POST['MinOffSet'] = "59"; }
if($_POST['MinOffSet']<0) { $_POST['MinOffSet'] = "00"; }
$_POST['YourOffSet'] = $_POST['YourOffSet'].":".$_POST['MinOffSet'];
-$query = query("INSERT INTO `".$Settings['sqltable']."members` (`id`, `Name`, `Password`, `HashType`, `Email`, `GroupID`, `Validated`, `HiddenMember`, `WarnLevel`, `Interests`, `Title`, `Joined`, `LastActive`, `LastPostTime`, `BanTime`, `BirthDay`, `BirthMonth`, `BirthYear`, `Signature`, `Notes`, `Avatar`, `AvatarSize`, `Website`, `Gender`, `PostCount`, `Karma`, `KarmaUpdate`, `RepliesPerPage`, `TopicsPerPage`, `MessagesPerPage`, `TimeZone`, `DST`, `UseTheme`, `IP`, `Salt`) VALUES\n".
+$query = query("INSERT INTO `".$Settings['sqltable']."members` (`Name`, `Password`, `HashType`, `Email`, `GroupID`, `Validated`, `HiddenMember`, `WarnLevel`, `Interests`, `Title`, `Joined`, `LastActive`, `LastPostTime`, `BanTime`, `BirthDay`, `BirthMonth`, `BirthYear`, `Signature`, `Notes`, `Avatar`, `AvatarSize`, `Website`, `Gender`, `PostCount`, `Karma`, `KarmaUpdate`, `RepliesPerPage`, `TopicsPerPage`, `MessagesPerPage`, `TimeZone`, `DST`, `UseTheme`, `IP`, `Salt`) VALUES\n".
"('%s', '%s', '%s', '%s', '%s', '%s', '%s', %i, '%s', '%s', %i, %i, '0', '0', '0', '0', '0', '%s', '%s', '%s', '%s', '%s', '%s', %i, 0, 0, 10, 10, 10, '%s', '%s', '%s', '%s', '%s')", array($Name,$NewPassword,$iDBHash,$_POST['Email'],$yourgroup,$ValidateStats,$HideMe,"0",$_POST['Interests'],$_POST['Title'],$_POST['Joined'],$_POST['LastActive'],$NewSignature,'Your Notes',$Avatar,"100x100",$Website,$_POST['YourGender'],$_POST['PostCount'],$_POST['YourOffSet'],$_POST['DST'],$Settings['DefaultTheme'],$_POST['UserIP'],$HashSalt));
mysql_query($query);
$querylogr = query("SELECT * FROM `".$Settings['sqltable']."members` WHERE `Name`='%s' AND `Password`='%s' LIMIT 1", array($Name,$NewPassword));