 Admin change userposts |
Helmchen 
ihre Helmhaftigkeit !
Dabei seit: 02.03.04
Beiträge: 440
Herkunft: unterm Pulli °_°
Forenversion: 3.1; 1.2
 |
|
Titel: Admin change userposts
Version: 1.0
Beschreibung: Hack Ersteller: Helmchen (bei AFF Lord Helmchen ...)
Forenversion: WBB lite 1.x.x
Beschreibung:
Mit diesem Hack kann der Admin die Anzahl der Posts eines Users nachträglich ändern....
Copyright ist denke ich klar...
-> ansonsten siehe Readme^^
Have a nice day everyone ^_^
----
Demo: http://www.demobilder.de/b35f5-admin_cha...erposts.gif.GIF
weiter zum Download
__________________
BRATWURST IST LEBEN! HEIL DIR BRATWURST!!!
Nun nehmt das Leben nicht so ernst... Ihr kommt da sowiso nie lebend raus 
|
|
08.08.04 00:40 |
E-Mail
Finden
Als Freund hinzufügen
|
|
Mideel
Mitglied
Dabei seit: 15.02.04
Beiträge: 55
|
|
hmm ich hab versucht mir einen post hinzuzutun, hab aber immer noch die gleiche postanzahl.....
|
|
|
08.08.04 12:14 |
E-Mail
Finden
Als Freund hinzufügen
|
|
Helmchen
ihre Helmhaftigkeit !
Dabei seit: 02.03.04
Beiträge: 440
Herkunft: unterm Pulli °_°
Forenversion: 3.1; 1.2
Themenstarter 
|
|
War kleiner Anleitungsfeheler !
Anhang ist aktualisiert 
__________________
BRATWURST IST LEBEN! HEIL DIR BRATWURST!!!
Nun nehmt das Leben nicht so ernst... Ihr kommt da sowiso nie lebend raus
|
|
|
08.08.04 13:27 |
E-Mail
Finden
Als Freund hinzufügen
|
|
sambanight
Mitglied
Dabei seit: 16.11.04
Beiträge: 16
Herkunft: Rheinland Pfalz/Römerberg
Forenversion: Woltlab Board Lite 1.0.1
|
|
Bei mir funzt es irgendwei nicht. Wen ich eine neue Anzahl eingebe, wird erstens kein Rangimage angezegit und die Posts gehen auf Null von demjenigen?!? 
|
|
|
30.12.04 12:22 |
E-Mail
WWW
Finden
Als Freund hinzufügen
|
|
sparxx
Mitglied
Dabei seit: 27.03.05
Beiträge: 9
|
|
hmm sorry ich glaub ich bin ehct dumm :-) aber ich finds nicht in meiner user.php..... hab wbblite 1.0.2
Bitte um antwort
|
|
|
28.03.05 01:35 |
E-Mail
Finden
Als Freund hinzufügen
|
|
Jeronymos
Mitglied
Dabei seit: 25.04.05
Beiträge: 26
|
|
hab das selbe problem wie mein vorposter
wo müsste ich was in meiner user.php ändern?
danke schonmal für die hilfe
| code: |
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
199:
200:
201:
202:
203:
204:
205:
206:
207:
208:
209:
210:
211:
212:
213:
214:
215:
216:
217:
218:
219:
220:
221:
222:
223:
224:
225:
226:
227:
228:
229:
230:
231:
232:
233:
234:
235:
236:
237:
238:
239:
240:
241:
242:
243:
244:
245:
246:
247:
248:
249:
250:
251:
252:
253:
254:
255:
256:
257:
258:
259:
260:
261:
262:
263:
264:
265:
266:
267:
268:
269:
270:
271:
272:
273:
274:
275:
276:
277:
278:
279:
280:
281:
282:
283:
284:
285:
286:
287:
288:
289:
290:
291:
292:
293:
294:
295:
296:
297:
298:
299:
300:
301:
302:
303:
304:
305:
306:
307:
308:
309:
310:
311:
312:
313:
314:
315:
316:
317:
318:
319:
320:
321:
322:
323:
324:
325:
326:
327:
328:
329:
330:
331:
332:
333:
334:
335:
336:
337:
338:
339:
340:
341:
342:
343:
344:
345:
346:
347:
348:
349:
350:
351:
352:
353:
354:
355:
356:
357:
358:
359:
360:
361:
362:
363:
364:
365:
366:
367:
368:
369:
370:
371:
372:
373:
374:
375:
376:
377:
378:
379:
380:
381:
382:
383:
384:
385:
386:
387:
388:
389:
390:
391:
392:
393:
394:
395:
396:
397:
398:
399:
400:
401:
402:
403:
404:
405:
406:
407:
408:
409:
410:
411:
412:
413:
414:
415:
416:
417:
|
<?php
require("./global.php");
isAdmin();
if(isset($_REQUEST['action'])) $action=$_REQUEST['action'];
else $action="find";
if($action=="add") {
require("./lib/class_tpl_file.php");
$tpl = new tpl(0,0,"../");
if(isset($_POST['send'])) {
reset($_POST);
while(list($key,$val)=each($_POST)) {
if(is_string($val)) $$key=trim($val);
elseif(is_array($val)) $$key=trim_array($val);
}
$username=preg_replace("/\s{2,}/"," ",$username);
$error="";
$fieldvalues="";
$result = $db->query("SELECT profilefieldid, required FROM bb".$n."_profilefields ORDER BY profilefieldid ASC");
while($row=$db->fetch_array($result)) $fieldvalues.=",'".addslashes(htmlspecialchars($field[$row[profilefieldid]]))."'";
if(!$username || !$email || !$password) eval ("\$error .= \"".$tpl->get("register_error1")."\";");
if(!verify_username($username)) eval ("\$error .= \"".$tpl->get("register_error3")."\";");
if(!verify_email($email)) eval ("\$error .= \"".$tpl->get("register_error4")."\";");
if($error) eval ("\$error = acp_error_frame(\"".gettemplate("users_add_error")."\");");
else {
if($homepage && !preg_match("/[a-zA-Z]:\/\//si", $homepage)) $homepage = "http://".$homepage;
if($day && $month && $year) $birthday=ifelse(strlen($year)==4,$year,ifelse(strlen($year)==2,"19$year","0000"))."-".ifelse($month<10,"0$month",$month)."-".ifelse($day<10,"0$day",$day);
else $birthday = "0000-00-00";
$rankid = $db->query_first("SELECT rankid FROM bb".$n."_ranks WHERE groupid = '$groupid' AND needposts = 0 AND gender IN (0,'$gender') ORDER BY gender DESC");
$db->query("INSERT INTO bb".$n."_users (userid,username,password,email,groupid,rankid,title,regdate,lastvisit,lastactivity,usertext,signature,icq,aim,yim,msn,homepage,birthday,gender,showemail,admincanemail,usercanemail,invisible,usecookies,styleid,activation,daysprune,timezoneoffset,dateformat,timeformat,emailnotify,receivepm,emailonpm,pmpopup,umaxposts,showsignatures,showavatars,showimages,nosessionhash,avatarid)
VALUES (NULL,'".addslashes(htmlspecialchars($username))."','".md5($password)."','".addslashes(htmlspecialchars($email))."','$groupid','$rankid[rankid]','".addslashes(htmlspecialchars($title))."','".time()."','".time()."','".time()."','".addslashes(htmlspecialchars($usertext))."','".addslashes($signature)."','".intval($icq)."','".addslashes(htmlspecialchars($aim))."','".addslashes(htmlspecialchars($yim))."','".addslashes(htmlspecialchars($msn))."','".addslashes(htmlspecialchars($homepage))."','".addslashes(htmlspecialchars($birthday))."','".intval($gender)."','".intval($showemail)."','".intval($admincanemail)."','".intval($usercanemail)."','".intval($invisible)."','".intval($usecookies)."','".intval($styleid)."','1','".intval($daysprune)."','".addslashes(htmlspecialchars($default_timezoneoffset))."','".addslashes(htmlspecialchars($dateformat))."','".addslashes(htmlspecialchars($timeformat))."','".intval($emailnotify)."','".intval($receivepm)."','".intval($emailonpm)."','".intval($pmpopup)."','".intval($umaxposts)."','".intval($showsignatures)."','".intval($showavatars)."','".intval($showimages)."','".intval($nosessionhash)."','".intval($avatarid)."')");
$insertid = $db->insert_id();
$db->query("INSERT INTO bb".$n."_userfields VALUES (".$insertid.$fieldvalues.")");
header("Location: users.php?action=find&sid=$session[hash]");
exit();
}
}
else {
$invisible=$default_register_invisible;
$nosessionhash=$default_register_nosessionhash;
$usecookies=$default_register_usecookies;
$admincanemail=$default_register_admincanemail;
$showemail=1-$default_register_showemail;
$usercanemail=$default_register_usercanemail;
$emailnotify=$default_register_emailnotify;
$receivepm=$default_register_receivepm;
$emailonpm=$default_register_emailonpm;
$pmpopup=$default_register_pmpopup;
$showsignatures=$default_register_showsignatures;
$showavatars=$default_register_showavatars;
$showimages=$default_register_showimages;
}
if(isset($_POST)) {
reset($_POST);
while(list($key,$val)=each($_POST)) {
if(is_string($val)) $$key=htmlspecialchars(trim($val));
elseif(is_array($val)) $$key=htmlspecialchars_array(trim_array($val));
}
}
$months = explode("|", gettemplate("months"));
for($i=1;$i<=31;$i++) $day_options.=makeoption($i,$i,$day);
for($i=1;$i<=12;$i++) $month_options.=makeoption($i,getmonth($i),$month);
$timezones = explode("\n", $tpl->get("timezones"));
for($i=0;$i<count($timezones);$i++) {
$parts = explode("|", trim($timezones[$i]));
$timezone_options .= makeoption($parts[0],"(GMT".ifelse($parts[1]," ".$parts[1],"").") $parts[2]",$default_timezoneoffset);
}
$result = $db->query("SELECT styleid, stylename FROM bb".$n."_styles WHERE default_style = 0 ORDER BY stylename ASC");
while($row=$db->fetch_array($result)) $style_options.=makeoption($row['styleid'],$row['stylename'],$styleid);
if(isset($gender)) $sel_gender[$gender]=" selected";
if(isset($invisible)) $sel_invisible[$invisible]=" selected";
if(isset($nosessionhash)) $sel_nosessionhash[$nosessionhash]=" selected";
if(isset($usecookies)) $sel_usecookies[$usecookies]=" selected";
if(isset($admincanemail)) $sel_admincanemail[$admincanemail]=" selected";
if(isset($showemail)) $sel_showemail[$showemail]=" selected";
if(isset($usercanemail)) $sel_usercanemail[$usercanemail]=" selected";
if(isset($emailnotify)) $sel_emailnotify[$emailnotify]=" selected";
if(isset($receivepm)) $sel_receivepm[$receivepm]=" selected";
if(isset($emailonpm)) $sel_emailonpm[$emailonpm]=" selected";
if(isset($pmpopup)) $sel_pmpopup[$pmpopup]=" selected";
if(isset($showsignatures)) $sel_showsignatures[$showsignatures]=" selected";
if(isset($showavatars)) $sel_showavatars[$showavatars]=" selected";
if(isset($showimages)) $sel_showimages[$showimages]=" selected";
if(isset($daysprune)) $sel_daysprune[$daysprune]=" selected";
if(isset($umaxposts)) $sel_umaxposts[$umaxposts]=" selected";
$result = $db->query("SELECT groupid, title, default_group FROM bb".$n."_groups WHERE default_group <> 1 ORDER BY default_group DESC, title ASC");
while($row=$db->fetch_array($result)) $group_options.=makeoption($row['groupid'],$row['title'],$groupid);
$result = $db->query("SELECT * FROM bb".$n."_avatars WHERE userid = 0 AND groupid = 0 AND needposts = 0");
while($row=$db->fetch_array($result)) $avatar_options.=makeoption($row['avatarid'],$row['avatarname'].".".$row['avatarextension'],$avatarid);
eval("print(\"".gettemplate("users_add")."\");");
}
if($action=="find") {
eval("print(\"".gettemplate("users_find")."\");");
}
if($action=="show") {
if(isset($_REQUEST['offset'])) {
$offset=intval($_REQUEST['offset']);
if($offset<1) $offset=1;
}
else $offset=1;
$offset-=1;
if(isset($_REQUEST['limit'])) {
$limit=intval($_REQUEST['limit']);
if($limit<1) $limit=1;
}
else $limit=200;
$where="";
function add2where($add) {
global $where;
if($where) $where.=" AND ".$add;
else $where=$add;
}
if(isset($_REQUEST['activation']) && $_REQUEST['activation']==-1) add2where("activation <> '1'");
if(isset($_REQUEST['groupid']) && $_REQUEST['groupid']) add2where("groupid = '".intval($_REQUEST['groupid'])."'");
if(isset($_REQUEST['username']) && $_REQUEST['username']) add2where("username LIKE '%".addslashes(htmlspecialchars($_REQUEST['username']))."%'");
if(isset($_REQUEST['email']) && $_REQUEST['email']) add2where("email LIKE '%".addslashes(htmlspecialchars($_REQUEST['email']))."%'");
if(isset($_REQUEST['sortby'])) $sortby=$_REQUEST['sortby'];
else $sortby="";
if(isset($_REQUEST['sortorder'])) $sortorder=$_REQUEST['sortorder'];
else $sortorder="";
switch($sortorder) {
case "ASC": break;
case "DESC": break;
default: $sortorder="ASC"; break;
}
switch($sortby) {
case "username": break;
case "email": break;
case "regdate": break;
case "lastactivity": break;
case "userposts": break;
default: $sortby="username"; break;
}
$userbit="";
$count=0;
$result=$db->query("SELECT * FROM bb".$n."_users".ifelse($userfields==1," LEFT JOIN bb".$n."_userfields USING (userid)")." ".ifelse($where,"WHERE $where ")."ORDER BY $sortby $sortorder",$limit,$offset);
if(!$db->num_rows($result)) eval("acp_error(\"".gettemplate("error_noresult")."\");");
while($row=$db->fetch_array($result)) {
$rowclass=getone($count++,"firstrow","secondrow");
$regdate=formatdate($dateformat,$row['regdate']);
$lastactivity=formatdate($dateformat." ".$timeformat,$row['lastactivity']);
$username=str_replace("'","\'",$row['username']);
eval ("\$userbit .= \"".gettemplate("users_showbit")."\";");
}
eval("print(\"".gettemplate("users_show")."\");");
}
if($action=="delete") {
if(isset($_POST['send'])) {
$userids=trim($_POST['userids']);
if($userids) {
$result = $db->query("SELECT avatarid, avatarextension FROM bb".$n."_avatars WHERE userid IN ($userids)");
while($row=$db->fetch_array($result)) @unlink("../images/avatars/avatar-$row[avatarid].$row[avatarextension]");
$db->unbuffered_query("DELETE FROM bb".$n."_avatars WHERE userid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_events WHERE userid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_folders WHERE userid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_moderators WHERE userid IN ($userids)",1);
$db->unbuffered_query("UPDATE bb".$n."_posts SET userid=0 WHERE userid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_privatemessage WHERE senderid IN ($userids) OR recipientid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_searchs WHERE userid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_subscribeboards WHERE userid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_subscribethreads WHERE userid IN ($userids)",1);
$db->unbuffered_query("UPDATE bb".$n."_threads SET starterid=0 WHERE starterid IN ($userids)",1);
$db->unbuffered_query("UPDATE bb".$n."_threads SET lastposterid=0 WHERE lastposterid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_userfields WHERE userid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_users WHERE userid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_votes WHERE userid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_votes WHERE id IN ($userids) AND votemode=3",1);
$db->unbuffered_query("DELETE FROM bb".$n."_sessions WHERE userid IN ($userids)",1);
}
header("Location: users.php?action=find&sid=$session[hash]");
exit();
}
if(isset($_REQUEST['userid']) && is_array($_REQUEST['userid']) && count($_REQUEST['userid'])) $userids=implode(',',$_REQUEST['userid']);
else eval("acp_error(\"".gettemplate("error_selectnouser")."\");");
$users="";
$result=$db->query("SELECT userid, username FROM bb".$n."_users WHERE userid IN ($userids)");
if(!$db->num_rows($result)) eval("acp_error(\"".gettemplate("error_selectnouser")."\");");
while($row=$db->fetch_array($result)) {
if($users) $users.=", ".makehreftag("../profile.php?userid=$row[userid]&sid=$session[hash]",$row['username'],"_blank");
else $users=makehreftag("../profile.php?userid=$row[userid]&sid=$session[hash]",$row['username'],"_blank");
}
eval("print(\"".gettemplate("users_delete")."\");");
}
if($action=="edit") {
$userid=intval($_REQUEST['userid']);
$result=$db->query_first("SELECT u.*, g.ismod + g.issupermod AS moderator
FROM bb".$n."_users u LEFT JOIN bb".$n."_groups g ON (u.groupid=g.groupid) WHERE
u.userid='$userid'");
if(!$result['userid']) eval("acp_error(\"".gettemplate("error_selectnouser")."\");");
require("./lib/class_tpl_file.php");
$tpl = new tpl(0,0,"../");
if(isset($_POST['send'])) {
reset($_POST);
while(list($key,$val)=each($_POST)) {
if(is_string($val)) $$key=trim($val);
elseif(is_array($val)) $$key=trim_array($val);
}
$username=preg_replace("/\s{2,}/"," ",$username);
$error="";
if(!$username || !$email) eval ("\$error .= \"".$tpl->get("register_error1")."\";");
if(strtolower(htmlspecialchars($username))!=strtolower($result['username']) && !verify_username($username)) eval ("\$error .= \"".$tpl->get("register_error3")."\";");
if($email!=$result['email'] && !verify_email($email)) eval ("\$error .= \"".$tpl->get("register_error4")."\";");
if($error) eval ("\$error = acp_error_frame(\"".gettemplate("users_add_error")."\");");
else {
if($homepage && !preg_match("/[a-zA-Z]:\/\//si", $homepage)) $homepage = "http://".$homepage;
if($day && $month && $year) $birthday=ifelse(strlen($year)==4,$year,ifelse(strlen($year)==2,"19$year","0000"))."-".ifelse($month<10,"0$month",$month)."-".ifelse($day<10,"0$day",$day);
else $birthday = "0000-00-00";
$username=htmlspecialchars($username);
if($username!=$result['username']) {
$db->unbuffered_query("UPDATE bb".$n."_boards SET lastposter='".addslashes($username)."' WHERE lastposterid='$userid'",1);
$db->unbuffered_query("UPDATE bb".$n."_posts SET username='".addslashes($username)."' WHERE userid='$userid'",1);
$db->unbuffered_query("UPDATE bb".$n."_posts SET editor='".addslashes($username)."' WHERE editorid='$userid'",1);
$db->unbuffered_query("UPDATE bb".$n."_threads SET starter='".addslashes($username)."' WHERE starterid='$userid'",1);
$db->unbuffered_query("UPDATE bb".$n."_threads SET lastposter='".addslashes($username)."' WHERE lastposterid='$userid'",1);
}
$rankid = $db->query_first("SELECT rankid FROM bb".$n."_ranks WHERE groupid IN (0,'$groupid') AND needposts < '$result[userposts]' AND gender IN (0,'$gender') ORDER BY needposts DESC, gender DESC",1);
if($result['avatarid'] && $result['avatarid']!=$avatarid) {
$avatar=$db->query_first("SELECT * FROM bb".$n."_avatars WHERE avatarid='$result[avatarid]'");
if($avatar['userid']==$userid) {
@unlink("../images/avatars/avatar-$avatar[avatarid].$avatar[avatarextension]");
$db->unbuffered_query("DELETE FROM bb".$n."_avatars WHERE avatarid='$avatar[avatarid]'",1);
}
}
if($groupid!=$result['groupid'] && $result['moderator']>0) {
$newgroup=$db->query_first("SELECT ismod+issupermod AS moderator FROM bb".$n."_groups WHERE groupid='$groupid'");
if($newgroup['moderator']==0) $db->unbuffered_query("DELETE FROM bb".$n."_moderators WHERE userid = '$userid'",1);
}
if($blocked==1 && $result['blocked']==0) {
$admincanemail=0;
$showemail=0;
$usercanemail=0;
$receivepm=0;
$db->unbuffered_query("DELETE FROM bb".$n."_subscribeboards WHERE userid='$userid'",1);
$db->unbuffered_query("DELETE FROM bb".$n."_subscribethreads WHERE userid='$userid'",1);
}
$db->unbuffered_query("UPDATE bb".$n."_users SET username='".addslashes($username)."',email='".addslashes(htmlspecialchars($email))."',groupid='$groupid',rankid='$rankid[rankid]',title='".addslashes(htmlspecialchars($title))."',usertext='".addslashes(htmlspecialchars($usertext))."',signature='".addslashes($signature)."',icq='".intval($icq)."',aim='".addslashes(htmlspecialchars($aim))."',yim='".addslashes(htmlspecialchars($yim))."',msn='".addslashes(htmlspecialchars($msn))."',homepage='".addslashes(htmlspecialchars($homepage))."',birthday='".addslashes(htmlspecialchars($birthday))."',gender='".intval($gender)."',showemail='".intval($showemail)."',admincanemail='".intval($admincanemail)."',usercanemail='".intval($usercanemail)."',invisible='".intval($invisible)."',usecookies='".intval($usecookies)."',styleid='".intval($styleid)."',daysprune='".intval($daysprune)."',timezoneoffset='".addslashes(htmlspecialchars($default_timezoneoffset))."',dateformat='".addslashes(htmlspecialchars($dateformat))."',timeformat='".addslashes(htmlspecialchars($timeformat))."',emailnotify='".intval($emailnotify)."',receivepm='".intval($receivepm)."',emailonpm='".intval($emailonpm)."',pmpopup='".intval($pmpopup)."',umaxposts='".intval($umaxposts)."',showsignatures='".intval($showsignatures)."',showavatars='".intval($showavatars)."',showimages='".intval($showimages)."',nosessionhash='".intval($nosessionhash)."', blocked='".intval($blocked)."', avatarid = '".intval($avatarid)."' WHERE userid='$userid'",1);
header("Location: users.php?action=find&sid=$session[hash]");
exit();
}
}
else {
while(list($key,$val)=each($result)) {
if(substr($key,0,5)=="field") $field[intval(substr($key,5))]=$val;
else $$key=$val;
}
$signature=htmlspecialchars($signature);
$birthday=explode("-",$birthday);
$day=$birthday[2];
$month=$birthday[1];
if($birthday[0]!="0000") $year=$birthday[0];
}
if(isset($_POST)) {
reset($_POST);
while(list($key,$val)=each($_POST)) {
if(is_string($val)) $$key=htmlspecialchars(trim($val));
elseif(is_array($val)) $$key=htmlspecialchars_array(trim_array($val));
}
}
$months = explode("|", gettemplate("months"));
for($i=1;$i<=31;$i++) $day_options.=makeoption($i,$i,$day);
for($i=1;$i<=12;$i++) $month_options.=makeoption($i,getmonth($i),$month);
$timezones = explode("\n", $tpl->get("timezones"));
for($i=0;$i<count($timezones);$i++) {
$parts = explode("|", trim($timezones[$i]));
$timezone_options .= makeoption($parts[0],"(GMT".ifelse($parts[1]," ".$parts[1],"").") $parts[2]",$default_timezoneoffset);
}
$result = $db->query("SELECT styleid, stylename FROM bb".$n."_styles WHERE default_style = 0 ORDER BY stylename ASC");
while($row=$db->fetch_array($result)) $style_options.=makeoption($row['styleid'],$row['stylename'],$styleid);
if(isset($gender)) $sel_gender[$gender]=" selected";
if(isset($invisible)) $sel_invisible[$invisible]=" selected";
if(isset($nosessionhash)) $sel_nosessionhash[$nosessionhash]=" selected";
if(isset($usecookies)) $sel_usecookies[$usecookies]=" selected";
if(isset($admincanemail)) $sel_admincanemail[$admincanemail]=" selected";
if(isset($showemail)) $sel_showemail[$showemail]=" selected";
if(isset($usercanemail)) $sel_usercanemail[$usercanemail]=" selected";
if(isset($emailnotify)) $sel_emailnotify[$emailnotify]=" selected";
if(isset($receivepm)) $sel_receivepm[$receivepm]=" selected";
if(isset($emailonpm)) $sel_emailonpm[$emailonpm]=" selected";
if(isset($pmpopup)) $sel_pmpopup[$pmpopup]=" selected";
if(isset($showsignatures)) $sel_showsignatures[$showsignatures]=" selected";
if(isset($showavatars)) $sel_showavatars[$showavatars]=" selected";
if(isset($showimages)) $sel_showimages[$showimages]=" selected";
if(isset($daysprune)) $sel_daysprune[$daysprune]=" selected";
if(isset($umaxposts)) $sel_umaxposts[$umaxposts]=" selected";
if(isset($blocked)) $sel_blocked[$blocked]=" selected";
$result = $db->query("SELECT groupid, title, default_group FROM bb".$n."_groups WHERE default_group <> 1 ORDER BY default_group DESC, title ASC");
while($row=$db->fetch_array($result)) $group_options.=makeoption($row['groupid'],$row['title'],$groupid);
$color="red";
$result = $db->query("SELECT * FROM bb".$n."_avatars WHERE (userid = 0 AND groupid IN (0,$groupid) AND needposts <= '$userposts') OR userid = '$userid' ORDER BY userid DESC");
while($row=$db->fetch_array($result)) {
if($color=="red" && $row['userid']==0) {
$avatar_options.=makeoption(0,"---------------","",0);
$color="green";
}
$avatar_options.=makeoption($row['avatarid'],$row['avatarname'].".".$row['avatarextension'],$avatarid,1,$color);
}
eval("print(\"".gettemplate("users_edit")."\");");
}
if($action=="email") {
if(isset($_REQUEST['userid']) && is_array($_REQUEST['userid']) && count($_REQUEST['userid'])) $userids=implode(',',$_REQUEST['userid']);
elseif(isset($_REQUEST['userid']) && $_REQUEST['userid']=="all") $userids="all";
else eval("acp_error(\"".gettemplate("error_selectnouser")."\");");
if($userids!="all") {
$users="";
$result=$db->query("SELECT userid, username FROM bb".$n."_users WHERE userid IN ($userids)");
if(!$db->num_rows($result)) eval("acp_error(\"".gettemplate("error_selectnouser")."\");");
while($row=$db->fetch_array($result)) {
if($users) $users.=", ".makehreftag("../profile.php?userid=$row[userid]&sid=$session[hash]",$row['username'],"_blank");
else $users=makehreftag("../profile.php?userid=$row[userid]&sid=$session[hash]",$row['username'],"_blank");
}
}
else eval ("\$users = \"".gettemplate("users_email_all")."\";");
eval("print(\"".gettemplate("users_email")."\");");
}
if($action=="emailsend") eval("print(\"".gettemplate("users_emailsend")."\");");
if($action=="activate") {
if(isset($_REQUEST['userid']) && is_array($_REQUEST['userid']) && count($_REQUEST['userid'])) $userids=implode(',',$_REQUEST['userid']);
else eval("acp_error(\"".gettemplate("error_selectnouser")."\");");
$result=$db->query("SELECT username, email FROM bb".$n."_users WHERE userid IN ($userids) AND activation<>1");
if($db->num_rows($result)) {
require("./lib/class_tpl_file.php");
$tpl = new tpl(0,0,"../");
while($row=$db->fetch_array($result)) {
eval ("\$mail_subject = \"".$tpl->get("ms_activation")."\";");
eval ("\$mail_text = \"".$tpl->get("mt_activation")."\";");
mailer($row['email'],$mail_subject,$mail_text);
}
$db->unbuffered_query("UPDATE bb".$n."_users SET activation=1 WHERE userid IN ($userids) AND activation<>1",1);
}
header("Location: users.php?action=find&sid=$session[hash]");
exit();
}
if($action=="pw") {
$userid=$_REQUEST['userid'];
$user=$db->query_first("SELECT username, email FROM bb".$n."_users WHERE userid = '$userid'");
if(isset($_POST['send'])) {
if($_POST['mode']==1) $newpassword=password_generate();
else $newpassword=$_POST['newpassword'];
$db->unbuffered_query("UPDATE bb".$n."_users SET password='".md5($newpassword)."' WHERE userid='$userid'",1);
if($_POST['sendmail']==1) {
require("./lib/class_tpl_file.php");
$tpl = new tpl(0,0,"../");
eval ("\$mail_subject = \"".$tpl->get("ms_newpw")."\";");
eval ("\$mail_text = \"".$tpl->get("mt_newpw")."\";");
mailer($user['email'],$mail_subject,$mail_text);
}
eval("print(\"".gettemplate("window_close")."\");");
exit();
}
eval("print(\"".gettemplate("users_pw")."\");");
}
?>
|
|
|
|
|
03.07.05 20:00 |
Finden
Als Freund hinzufügen
|
|
Jeronymos
Mitglied
Dabei seit: 25.04.05
Beiträge: 26
|
|
kein support mehr für diesen hack?
wär nett wenn jemand mal schaun könnte was ich ändern muss
|
|
|
05.07.05 13:25 |
Finden
Als Freund hinzufügen
|
|
Helmchen
ihre Helmhaftigkeit !
Dabei seit: 02.03.04
Beiträge: 440
Herkunft: unterm Pulli °_°
Forenversion: 3.1; 1.2
Themenstarter
|
|
so, hier die Änderung >_>
| code: |
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:
129:
130:
131:
132:
133:
134:
135:
136:
137:
138:
139:
140:
141:
142:
143:
144:
145:
146:
147:
148:
149:
150:
151:
152:
153:
154:
155:
156:
157:
158:
159:
160:
161:
162:
163:
164:
165:
166:
167:
168:
169:
170:
171:
172:
173:
174:
175:
176:
177:
178:
179:
180:
181:
182:
183:
184:
185:
186:
187:
188:
189:
190:
191:
192:
193:
194:
195:
196:
197:
198:
199:
200:
201:
202:
203:
204:
205:
206:
207:
208:
209:
210:
211:
212:
213:
214:
215:
216:
217:
218:
219:
220:
221:
222:
223:
224:
225:
226:
227:
228:
229:
230:
231:
232:
233:
234:
235:
236:
237:
238:
239:
240:
241:
242:
243:
244:
245:
246:
247:
248:
249:
250:
251:
252:
253:
254:
255:
256:
257:
258:
259:
260:
261:
262:
263:
264:
265:
266:
267:
268:
269:
270:
271:
272:
273:
274:
275:
276:
277:
278:
279:
280:
281:
282:
283:
284:
285:
286:
287:
288:
289:
290:
291:
292:
293:
294:
295:
296:
297:
298:
299:
300:
301:
302:
303:
304:
305:
306:
307:
308:
309:
310:
311:
312:
313:
314:
315:
316:
317:
318:
319:
320:
321:
322:
323:
324:
325:
326:
327:
328:
329:
330:
331:
332:
333:
334:
335:
336:
337:
338:
339:
340:
341:
342:
343:
344:
345:
346:
347:
348:
349:
350:
351:
352:
353:
354:
355:
356:
357:
358:
359:
360:
361:
362:
363:
364:
365:
366:
367:
368:
369:
370:
371:
372:
373:
374:
375:
376:
377:
378:
379:
380:
381:
382:
383:
384:
385:
386:
387:
388:
389:
390:
391:
392:
393:
394:
395:
396:
397:
398:
399:
400:
401:
402:
403:
404:
405:
406:
407:
408:
409:
410:
411:
412:
413:
414:
415:
416:
|
<?php
require("./global.php");
isAdmin();
if(isset($_REQUEST['action'])) $action=$_REQUEST['action'];
else $action="find";
if($action=="add") {
require("./lib/class_tpl_file.php");
$tpl = new tpl(0,0,"../");
if(isset($_POST['send'])) {
reset($_POST);
while(list($key,$val)=each($_POST)) {
if(is_string($val)) $$key=trim($val);
elseif(is_array($val)) $$key=trim_array($val);
}
$username=preg_replace("/\s{2,}/"," ",$username);
$error="";
$fieldvalues="";
$result = $db->query("SELECT profilefieldid, required FROM bb".$n."_profilefields ORDER BY profilefieldid ASC");
while($row=$db->fetch_array($result)) $fieldvalues.=",'".addslashes(htmlspecialchars($field[$row[profilefieldid]]))."'";
if(!$username || !$email || !$password) eval ("\$error .= \"".$tpl->get("register_error1")."\";");
if(!verify_username($username)) eval ("\$error .= \"".$tpl->get("register_error3")."\";");
if(!verify_email($email)) eval ("\$error .= \"".$tpl->get("register_error4")."\";");
if($error) eval ("\$error = acp_error_frame(\"".gettemplate("users_add_error")."\");");
else {
if($homepage && !preg_match("/[a-zA-Z]:\/\//si", $homepage)) $homepage = "http://".$homepage;
if($day && $month && $year) $birthday=ifelse(strlen($year)==4,$year,ifelse(strlen($year)==2,"19$year","0000"))."-".ifelse($month<10,"0$month",$month)."-".ifelse($day<10,"0$day",$day);
else $birthday = "0000-00-00";
$rankid = $db->query_first("SELECT rankid FROM bb".$n."_ranks WHERE groupid = '$groupid' AND needposts = 0 AND gender IN (0,'$gender') ORDER BY gender DESC");
$db->query("INSERT INTO bb".$n."_users (userid,username,password,email,groupid,rankid,title,regdate,lastvisit,lastactivity,usertext,signature,icq,aim,yim,msn,homepage,birthday,gender,showemail,admincanemail,usercanemail,invisible,usecookies,styleid,activation,daysprune,timezoneoffset,dateformat,timeformat,emailnotify,receivepm,emailonpm,pmpopup,umaxposts,showsignatures,showavatars,showimages,nosessionhash,avatarid)
VALUES (NULL,'".addslashes(htmlspecialchars($username))."','".md5($password)."','".addslashes(htmlspecialchars($email))."','$groupid','$rankid[rankid]','".addslashes(htmlspecialchars($title))."','".time()."','".time()."','".time()."','".addslashes(htmlspecialchars($usertext))."','".addslashes($signature)."','".intval($icq)."','".addslashes(htmlspecialchars($aim))."','".addslashes(htmlspecialchars($yim))."','".addslashes(htmlspecialchars($msn))."','".addslashes(htmlspecialchars($homepage))."','".addslashes(htmlspecialchars($birthday))."','".intval($gender)."','".intval($showemail)."','".intval($admincanemail)."','".intval($usercanemail)."','".intval($invisible)."','".intval($usecookies)."','".intval($styleid)."','1','".intval($daysprune)."','".addslashes(htmlspecialchars($default_timezoneoffset))."','".addslashes(htmlspecialchars($dateformat))."','".addslashes(htmlspecialchars($timeformat))."','".intval($emailnotify)."','".intval($receivepm)."','".intval($emailonpm)."','".intval($pmpopup)."','".intval($umaxposts)."','".intval($showsignatures)."','".intval($showavatars)."','".intval($showimages)."','".intval($nosessionhash)."','".intval($avatarid)."')");
$insertid = $db->insert_id();
$db->query("INSERT INTO bb".$n."_userfields VALUES (".$insertid.$fieldvalues.")");
header("Location: users.php?action=find&sid=$session[hash]");
exit();
}
}
else {
$invisible=$default_register_invisible;
$nosessionhash=$default_register_nosessionhash;
$usecookies=$default_register_usecookies;
$admincanemail=$default_register_admincanemail;
$showemail=1-$default_register_showemail;
$usercanemail=$default_register_usercanemail;
$emailnotify=$default_register_emailnotify;
$receivepm=$default_register_receivepm;
$emailonpm=$default_register_emailonpm;
$pmpopup=$default_register_pmpopup;
$showsignatures=$default_register_showsignatures;
$showavatars=$default_register_showavatars;
$showimages=$default_register_showimages;
}
if(isset($_POST)) {
reset($_POST);
while(list($key,$val)=each($_POST)) {
if(is_string($val)) $$key=htmlspecialchars(trim($val));
elseif(is_array($val)) $$key=htmlspecialchars_array(trim_array($val));
}
}
$months = explode("|", gettemplate("months"));
for($i=1;$i<=31;$i++) $day_options.=makeoption($i,$i,$day);
for($i=1;$i<=12;$i++) $month_options.=makeoption($i,getmonth($i),$month);
$timezones = explode("\n", $tpl->get("timezones"));
for($i=0;$i<count($timezones);$i++) {
$parts = explode("|", trim($timezones[$i]));
$timezone_options .= makeoption($parts[0],"(GMT".ifelse($parts[1]," ".$parts[1],"").") $parts[2]",$default_timezoneoffset);
}
$result = $db->query("SELECT styleid, stylename FROM bb".$n."_styles WHERE default_style = 0 ORDER BY stylename ASC");
while($row=$db->fetch_array($result)) $style_options.=makeoption($row['styleid'],$row['stylename'],$styleid);
if(isset($gender)) $sel_gender[$gender]=" selected";
if(isset($invisible)) $sel_invisible[$invisible]=" selected";
if(isset($nosessionhash)) $sel_nosessionhash[$nosessionhash]=" selected";
if(isset($usecookies)) $sel_usecookies[$usecookies]=" selected";
if(isset($admincanemail)) $sel_admincanemail[$admincanemail]=" selected";
if(isset($showemail)) $sel_showemail[$showemail]=" selected";
if(isset($usercanemail)) $sel_usercanemail[$usercanemail]=" selected";
if(isset($emailnotify)) $sel_emailnotify[$emailnotify]=" selected";
if(isset($receivepm)) $sel_receivepm[$receivepm]=" selected";
if(isset($emailonpm)) $sel_emailonpm[$emailonpm]=" selected";
if(isset($pmpopup)) $sel_pmpopup[$pmpopup]=" selected";
if(isset($showsignatures)) $sel_showsignatures[$showsignatures]=" selected";
if(isset($showavatars)) $sel_showavatars[$showavatars]=" selected";
if(isset($showimages)) $sel_showimages[$showimages]=" selected";
if(isset($daysprune)) $sel_daysprune[$daysprune]=" selected";
if(isset($umaxposts)) $sel_umaxposts[$umaxposts]=" selected";
$result = $db->query("SELECT groupid, title, default_group FROM bb".$n."_groups WHERE default_group <> 1 ORDER BY default_group DESC, title ASC");
while($row=$db->fetch_array($result)) $group_options.=makeoption($row['groupid'],$row['title'],$groupid);
$result = $db->query("SELECT * FROM bb".$n."_avatars WHERE userid = 0 AND groupid = 0 AND needposts = 0");
while($row=$db->fetch_array($result)) $avatar_options.=makeoption($row['avatarid'],$row['avatarname'].".".$row['avatarextension'],$avatarid);
eval("print(\"".gettemplate("users_add")."\");");
}
if($action=="find") {
eval("print(\"".gettemplate("users_find")."\");");
}
if($action=="show") {
if(isset($_REQUEST['offset'])) {
$offset=intval($_REQUEST['offset']);
if($offset<1) $offset=1;
}
else $offset=1;
$offset-=1;
if(isset($_REQUEST['limit'])) {
$limit=intval($_REQUEST['limit']);
if($limit<1) $limit=1;
}
else $limit=200;
$where="";
function add2where($add) {
global $where;
if($where) $where.=" AND ".$add;
else $where=$add;
}
if(isset($_REQUEST['activation']) && $_REQUEST['activation']==-1) add2where("activation <> '1'");
if(isset($_REQUEST['groupid']) && $_REQUEST['groupid']) add2where("groupid = '".intval($_REQUEST['groupid'])."'");
if(isset($_REQUEST['username']) && $_REQUEST['username']) add2where("username LIKE '%".addslashes(htmlspecialchars($_REQUEST['username']))."%'");
if(isset($_REQUEST['email']) && $_REQUEST['email']) add2where("email LIKE '%".addslashes(htmlspecialchars($_REQUEST['email']))."%'");
if(isset($_REQUEST['sortby'])) $sortby=$_REQUEST['sortby'];
else $sortby="";
if(isset($_REQUEST['sortorder'])) $sortorder=$_REQUEST['sortorder'];
else $sortorder="";
switch($sortorder) {
case "ASC": break;
case "DESC": break;
default: $sortorder="ASC"; break;
}
switch($sortby) {
case "username": break;
case "email": break;
case "regdate": break;
case "lastactivity": break;
case "userposts": break;
default: $sortby="username"; break;
}
$userbit="";
$count=0;
$result=$db->query("SELECT * FROM bb".$n."_users".ifelse($userfields==1," LEFT JOIN bb".$n."_userfields USING (userid)")." ".ifelse($where,"WHERE $where ")."ORDER BY $sortby $sortorder",$limit,$offset);
if(!$db->num_rows($result)) eval("acp_error(\"".gettemplate("error_noresult")."\");");
while($row=$db->fetch_array($result)) {
$rowclass=getone($count++,"firstrow","secondrow");
$regdate=formatdate($dateformat,$row['regdate']);
$lastactivity=formatdate($dateformat." ".$timeformat,$row['lastactivity']);
$username=str_replace("'","\'",$row['username']);
eval ("\$userbit .= \"".gettemplate("users_showbit")."\";");
}
eval("print(\"".gettemplate("users_show")."\");");
}
if($action=="delete") {
if(isset($_POST['send'])) {
$userids=trim($_POST['userids']);
if($userids) {
$result = $db->query("SELECT avatarid, avatarextension FROM bb".$n."_avatars WHERE userid IN ($userids)");
while($row=$db->fetch_array($result)) @unlink("../images/avatars/avatar-$row[avatarid].$row[avatarextension]");
$db->unbuffered_query("DELETE FROM bb".$n."_avatars WHERE userid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_events WHERE userid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_folders WHERE userid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_moderators WHERE userid IN ($userids)",1);
$db->unbuffered_query("UPDATE bb".$n."_posts SET userid=0 WHERE userid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_privatemessage WHERE senderid IN ($userids) OR recipientid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_searchs WHERE userid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_subscribeboards WHERE userid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_subscribethreads WHERE userid IN ($userids)",1);
$db->unbuffered_query("UPDATE bb".$n."_threads SET starterid=0 WHERE starterid IN ($userids)",1);
$db->unbuffered_query("UPDATE bb".$n."_threads SET lastposterid=0 WHERE lastposterid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_userfields WHERE userid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_users WHERE userid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_votes WHERE userid IN ($userids)",1);
$db->unbuffered_query("DELETE FROM bb".$n."_votes WHERE id IN ($userids) AND votemode=3",1);
$db->unbuffered_query("DELETE FROM bb".$n."_sessions WHERE userid IN ($userids)",1);
}
header("Location: users.php?action=find&sid=$session[hash]");
exit();
}
if(isset($_REQUEST['userid']) && is_array($_REQUEST['userid']) && count($_REQUEST['userid'])) $userids=implode(',',$_REQUEST['userid']);
else eval("acp_error(\"".gettemplate("error_selectnouser")."\");");
$users="";
$result=$db->query("SELECT userid, username FROM bb".$n."_users WHERE userid IN ($userids)");
if(!$db->num_rows($result)) eval("acp_error(\"".gettemplate("error_selectnouser")."\");");
while($row=$db->fetch_array($result)) {
if($users) $users.=", ".makehreftag("../profile.php?userid=$row[userid]&sid=$session[hash]",$row['username'],"_blank");
else $users=makehreftag("../profile.php?userid=$row[userid]&sid=$session[hash]",$row['username'],"_blank");
}
eval("print(\"".gettemplate("users_delete")."\");");
}
if($action=="edit") {
$userid=intval($_REQUEST['userid']);
$result=$db->query_first("SELECT u.*, g.ismod + g.issupermod AS moderator
FROM bb".$n."_users u LEFT JOIN bb".$n."_groups g ON (u.groupid=g.groupid) WHERE
u.userid='$userid'");
if(!$result['userid']) eval("acp_error(\"".gettemplate("error_selectnouser")."\");");
require("./lib/class_tpl_file.php");
$tpl = new tpl(0,0,"../");
if(isset($_POST['send'])) {
reset($_POST);
while(list($key,$val)=each($_POST)) {
if(is_string($val)) $$key=trim($val);
elseif(is_array($val)) $$key=trim_array($val);
}
$username=preg_replace("/\s{2,}/"," ",$username);
$error="";
if(!$username || !$email) eval ("\$error .= \"".$tpl->get("register_error1")."\";");
if(strtolower(htmlspecialchars($username))!=strtolower($result['username']) && !verify_username($username)) eval ("\$error .= \"".$tpl->get("register_error3")."\";");
if($email!=$result['email'] && !verify_email($email)) eval ("\$error .= \"".$tpl->get("register_error4")."\";");
if($error) eval ("\$error = acp_error_frame(\"".gettemplate("users_add_error")."\");");
else {
if($homepage && !preg_match("/[a-zA-Z]:\/\//si", $homepage)) $homepage = "http://".$homepage;
if($day && $month && $year) $birthday=ifelse(strlen($year)==4,$year,ifelse(strlen($year)==2,"19$year","0000"))."-".ifelse($month<10,"0$month",$month)."-".ifelse($day<10,"0$day",$day);
else $birthday = "0000-00-00";
$username=htmlspecialchars($username);
if($username!=$result['username']) {
$db->unbuffered_query("UPDATE bb".$n."_boards SET lastposter='".addslashes($username)."' WHERE lastposterid='$userid'",1);
$db->unbuffered_query("UPDATE bb".$n."_posts SET username='".addslashes($username)."' WHERE userid='$userid'",1);
$db->unbuffered_query("UPDATE bb".$n."_posts SET editor='".addslashes($username)."' WHERE editorid='$userid'",1);
$db->unbuffered_query("UPDATE bb".$n."_threads SET starter='".addslashes($username)."' WHERE starterid='$userid'",1);
$db->unbuffered_query("UPDATE bb".$n."_threads SET lastposter='".addslashes($username)."' WHERE lastposterid='$userid'",1);
}
$rankid = $db->query_first("SELECT rankid FROM bb".$n."_ranks WHERE groupid IN (0,'$groupid') AND needposts < '$result[userposts]' AND gender IN (0,'$gender') ORDER BY needposts DESC, gender DESC",1);
if($result['avatarid'] && $result['avatarid']!=$avatarid) {
$avatar=$db->query_first("SELECT * FROM bb".$n."_avatars WHERE avatarid='$result[avatarid]'");
if($avatar['userid']==$userid) {
@unlink("../images/avatars/avatar-$avatar[avatarid].$avatar[avatarextension]");
$db->unbuffered_query("DELETE FROM bb".$n."_avatars WHERE avatarid='$avatar[avatarid]'",1);
}
}
if($groupid!=$result['groupid'] && $result['moderator']>0) {
$newgroup=$db->query_first("SELECT ismod+issupermod AS moderator FROM bb".$n."_groups WHERE groupid='$groupid'");
if($newgroup['moderator']==0) $db->unbuffered_query("DELETE FROM bb".$n."_moderators WHERE userid = '$userid'",1);
}
if($blocked==1 && $result['blocked']==0) {
$admincanemail=0;
$showemail=0;
$usercanemail=0;
$receivepm=0;
$db->unbuffered_query("DELETE FROM bb".$n."_subscribeboards WHERE userid='$userid'",1);
$db->unbuffered_query("DELETE FROM bb".$n."_subscribethreads WHERE userid='$userid'",1);
}
$db->unbuffered_query("UPDATE bb".$n."_users SET username='".addslashes($username)."',email='".addslashes(htmlspecialchars($email))."',groupid='$groupid',rankid='$rankid[rankid]',title='".addslashes(htmlspecialchars($title))."',usertext='".addslashes(htmlspecialchars($usertext))."',signature='".addslashes($signature)."',icq='".intval($icq)."',aim='".addslashes(htmlspecialchars($aim))."',yim='".addslashes(htmlspecialchars($yim))."',msn='".addslashes(htmlspecialchars($msn))."',homepage='".addslashes(htmlspecialchars($homepage))."',birthday='".addslashes(htmlspecialchars($birthday))."',gender='".intval($gender)."',showemail='".intval($showemail)."',admincanemail='".intval($admincanemail)."',usercanemail='".intval($usercanemail)."',invisible='".intval($invisible)."',usecookies='".intval($usecookies)."',styleid='".intval($styleid)."',daysprune='".intval($daysprune)."',timezoneoffset='".addslashes(htmlspecialchars($default_timezoneoffset))."',dateformat='".addslashes(htmlspecialchars($dateformat))."',timeformat='".addslashes(htmlspecialchars($timeformat))."',emailnotify='".intval($emailnotify)."',receivepm='".intval($receivepm)."',emailonpm='".intval($emailonpm)."',pmpopup='".intval($pmpopup)."',umaxposts='".intval($umaxposts)."',showsignatures='".intval($showsignatures)."',showavatars='".intval($showavatars)."',showimages='".intval($showimages)."',nosessionhash='".intval($nosessionhash)."', blocked='".intval($blocked)."', avatarid = '".intval($avatarid)."' WHERE userid='$userid'",1);
$db->unbuffered_query("UPDATE bb".$n."_users SET userposts = '".$_POST['userposts']."' WHERE userid LIKE '".$userid."'");
header("Location: users.php?action=find&sid=$session[hash]");
exit();
}
}
else {
while(list($key,$val)=each($result)) {
if(substr($key,0,5)=="field") $field[intval(substr($key,5))]=$val;
else $$key=$val;
}
$signature=htmlspecialchars($signature);
$birthday=explode("-",$birthday);
$day=$birthday[2];
$month=$birthday[1];
if($birthday[0]!="0000") $year=$birthday[0];
}
if(isset($_POST)) {
reset($_POST);
while(list($key,$val)=each($_POST)) {
if(is_string($val)) $$key=htmlspecialchars(trim($val));
elseif(is_array($val)) $$key=htmlspecialchars_array(trim_array($val));
}
}
$months = explode("|", gettemplate("months"));
for($i=1;$i<=31;$i++) $day_options.=makeoption($i,$i,$day);
for($i=1;$i<=12;$i++) $month_options.=makeoption($i,getmonth($i),$month);
$timezones = explode("\n", $tpl->get("timezones"));
for($i=0;$i<count($timezones);$i++) {
$parts = explode("|", trim($timezones[$i]));
$timezone_options .= makeoption($parts[0],"(GMT".ifelse($parts[1]," ".$parts[1],"").") $parts[2]",$default_timezoneoffset);
}
$result = $db->query("SELECT styleid, stylename FROM bb".$n."_styles WHERE default_style = 0 ORDER BY stylename ASC");
while($row=$db->fetch_array($result)) $style_options.=makeoption($row['styleid'],$row['stylename'],$styleid);
if(isset($gender)) $sel_gender[$gender]=" selected";
if(isset($invisible)) $sel_invisible[$invisible]=" selected";
if(isset($nosessionhash)) $sel_nosessionhash[$nosessionhash]=" selected";
if(isset($usecookies)) $sel_usecookies[$usecookies]=" selected";
if(isset($admincanemail)) $sel_admincanemail[$admincanemail]=" selected";
if(isset($showemail)) $sel_showemail[$showemail]=" selected";
if(isset($usercanemail)) $sel_usercanemail[$usercanemail]=" selected";
if(isset($emailnotify)) $sel_emailnotify[$emailnotify]=" selected";
if(isset($receivepm)) $sel_receivepm[$receivepm]=" selected";
if(isset($emailonpm)) $sel_emailonpm[$emailonpm]=" selected";
if(isset($pmpopup)) $sel_pmpopup[$pmpopup]=" selected";
if(isset($showsignatures)) $sel_showsignatures[$showsignatures]=" selected";
if(isset($showavatars)) $sel_showavatars[$showavatars]=" selected";
if(isset($showimages)) $sel_showimages[$showimages]=" selected";
if(isset($daysprune)) $sel_daysprune[$daysprune]=" selected";
if(isset($umaxposts)) $sel_umaxposts[$umaxposts]=" selected";
if(isset($blocked)) $sel_blocked[$blocked]=" selected";
$result = $db->query("SELECT groupid, title, default_group FROM bb".$n."_groups WHERE default_group <> 1 ORDER BY default_group DESC, title ASC");
while($row=$db->fetch_array($result)) $group_options.=makeoption($row['groupid'],$row['title'],$groupid);
$color="red";
$result = $db->query("SELECT * FROM bb".$n."_avatars WHERE (userid = 0 AND groupid IN (0,$groupid) AND needposts <= '$userposts') OR userid = '$userid' ORDER BY userid DESC");
while($row=$db->fetch_array($result)) {
if($color=="red" && $row['userid']==0) {
$avatar_options.=makeoption(0,"---------------","",0);
$color="green";
}
$avatar_options.=makeoption($row['avatarid'],$row['avatarname'].".".$row['avatarextension'],$avatarid,1,$color);
}
$pf = $db->query_first("SELECT userposts FROM bb".$n."_users WHERE userid LIKE '".$userid."'");
$userposts = ($pf['userposts']);
eval("print(\"".gettemplate("users_edit")."\");");
}
if($action=="email") {
if(isset($_REQUEST['userid']) && is_array($_REQUEST['userid']) && count($_REQUEST['userid'])) $userids=implode(',',$_REQUEST['userid']);
elseif(isset($_REQUEST['userid']) && $_REQUEST['userid']=="all") $userids="all";
else eval("acp_error(\"".gettemplate("error_selectnouser")."\");");
if($userids!="all") {
$users="";
$result=$db->query("SELECT userid, username FROM bb".$n."_users WHERE userid IN ($userids)");
if(!$db->num_rows($result)) eval("acp_error(\"".gettemplate("error_selectnouser")."\");");
while($row=$db->fetch_array($result)) {
if($users) $users.=", ".makehreftag("../profile.php?userid=$row[userid]&sid=$session[hash]",$row['username'],"_blank");
else $users=makehreftag("../profile.php?userid=$row[userid]&sid=$session[hash]",$row['username'],"_blank");
}
}
else eval ("\$users = \"".gettemplate("users_email_all")."\";");
eval("print(\"".gettemplate("users_email")."\");");
}
if($action=="emailsend") eval("print(\"".gettemplate("users_emailsend")."\");");
if($action=="activate") {
if(isset($_REQUEST['userid']) && is_array($_REQUEST['userid']) && count($_REQUEST['userid'])) $userids=implode(',',$_REQUEST['userid']);
else eval("acp_error(\"".gettemplate("error_selectnouser")."\");");
$result=$db->query("SELECT username, email FROM bb".$n."_users WHERE userid IN ($userids) AND activation<>1");
if($db->num_rows($result)) {
require("./lib/class_tpl_file.php");
$tpl = new tpl(0,0,"../");
while($row=$db->fetch_array($result)) {
eval ("\$mail_subject = \"".$tpl->get("ms_activation")."\";");
eval ("\$mail_text = \"".$tpl->get("mt_activation")."\";");
mailer($row['email'],$mail_subject,$mail_text);
}
$db->unbuffered_query("UPDATE bb".$n."_users SET activation=1 WHERE userid IN ($userids) AND activation<>1",1);
}
header("Location: users.php?action=find&sid=$session[hash]");
exit();
}
if($action=="pw") {
$userid=$_REQUEST['userid'];
$user=$db->query_first("SELECT username, email FROM bb".$n."_users WHERE userid = '$userid'");
if(isset($_POST['send'])) {
if($_POST['mode']==1) $newpassword=password_generate();
else $newpassword=$_POST['newpassword'];
$db->unbuffered_query("UPDATE bb".$n."_users SET password='".md5($newpassword)."' WHERE userid='$userid'",1);
if($_POST['sendmail']==1) {
require("./lib/class_tpl_file.php");
$tpl = new tpl(0,0,"../");
eval ("\$mail_subject = \"".$tpl->get("ms_newpw")."\";");
eval ("\$mail_text = \"".$tpl->get("mt_newpw")."\";");
mailer($user['email'],$mail_subject,$mail_text);
}
eval("print(\"".gettemplate("window_close")."\");");
exit();
}
eval("print(\"".gettemplate("users_pw")."\");");
}
?> |
|
__________________
BRATWURST IST LEBEN! HEIL DIR BRATWURST!!!
Nun nehmt das Leben nicht so ernst... Ihr kommt da sowiso nie lebend raus
|
|
|
05.07.05 15:00 |
E-Mail
Finden
Als Freund hinzufügen
|
|
Helmchen
ihre Helmhaftigkeit !
Dabei seit: 02.03.04
Beiträge: 440
Herkunft: unterm Pulli °_°
Forenversion: 3.1; 1.2
Themenstarter
|
|
büdde büdde
__________________
BRATWURST IST LEBEN! HEIL DIR BRATWURST!!!
Nun nehmt das Leben nicht so ernst... Ihr kommt da sowiso nie lebend raus
|
|
|
06.07.05 11:50 |
E-Mail
Finden
Als Freund hinzufügen
|
|
Izzmoo
unregistriert
|
|
Versucht es mal damit
| Dateianhang: |
 users.php (22,08 KB, 10 mal heruntergeladen)
|
|
|
|
09.05.06 16:16 |
|
|
echo
Mitglied
Dabei seit: 19.04.06
Beiträge: 19
|
|
Geht nicht. Nach dem Eingeben der gewünschten Postanzahl und dem Speichern, zeigt es DAS an:
(am Beispiel username=samson)
SQL-DATABASE ERROR
Database error in WoltLab Burning Board: Invalid SQL: UPDATE bb1_users SET username='samson',email='sebastian.zimmer.1@web.de',groupid='4',rankid='7',
title='',usertext='',signature='Die Polen waren jetzt auch im Weltall. Der große Wagen ist weg.',icq='236607226',aim='',yim='',msn='',beruf='',hobbys='',herkunft='',a
dmininfo='',homepage='',birthday='1991-12-01',gender='1',showemail='1',admi
ncanemail='1',usercanemail='1',invisible='0',usecookies='1',styleid='4',day
sprune='0',timezoneoffset='1',dateformat='d.m.Y',timeformat='H:i',emailnoti
fy='0',receivepm='1',emailonpm='1',pmpopup='0',umaxposts='0',showsignatures
='1',showavatars='1',showimages='1',nosessionhash='1', blocked='0', avatarid = '2' WHERE userid='4'
mysql error: Unknown column 'beruf' in 'field list'
mysql error number: 1054
Date: 09.05.2006 @ 16:42
Script: /wbblite/acp/users.php
Referer:
__________________
"Wer nicht für uns ist, ist gegen uns!" Bush zu Hussein
|
|
|
09.05.06 16:44 |
E-Mail
Finden
Als Freund hinzufügen
|
|
Izzmoo
unregistriert
|
|
Das war die Users.php von Andi
Häng mal deine an ...(die alte)
|
|
|
09.05.06 17:57 |
|
|
Sandy1969
Mitglied
Dabei seit: 20.07.05
Beiträge: 3
|
|
Ich finds klasse, was hier so gemacht wird, aber vielleicht kann mir jemand erklären, wofür man diesen Hack braucht?
|
|
|
14.07.06 10:27 |
E-Mail
Finden
Als Freund hinzufügen
|
|
|
