*

***************************************************************************/

if($setmodules == 1)

{

$file = basename(__FILE__);

<?php

/***************************************************************************

* -------------------

* begin : Thu May 31, 2001

* $Id$

****************************************************************************/

/***************************************************************************

* We will attempt to create a file based backup of all of the data in the

* users phpBB database. The resulting file should be able to be imported by

* the db_restore.php function, or by using the mysql command_line

//

$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);

init_userprefs($userdata);

// End session management

//

define("VERBOSE", 0);

//

// allowed.

//

//

// The following functions are adapted from phpMyAdmin and upgrade_20.php

{

global $db;

AND relkind = 'S' ORDER BY relname";

$seq = $db->sql_query($get_seq_sql);

if($backup_type == 'structure')

{

$row['last_value'] = 1;

$return_val .= "CREATE SEQUENCE $sequence start " . $row['last_value'] . ' increment ' . $row['increment_by'] . ' maxvalue ' . $row['max_value'] . ' minvalue ' . $row['min_value'] . ' cache ' . $row['cache_value'] . "; $crlf";

} // End function...

//

//

// This function returns, will return the table def's for postgres...

//

//

$sql_get_default = "SELECT d.adsrc AS rowdefault

FROM pg_attrdef d, pg_class c

AND d.adnum = " . $row['attnum'];

$def_res = $db->sql_query($sql_get_default);

{

unset($row['rowdefault']);

}

{

$row['rowdefault'] = @pg_result($def_res, 0, 'rowdefault');

}

//

$sql_pri_keys = "SELECT ic.relname AS index_name, bc.relname AS tab_name, ta.attname AS column_name, i.indisunique AS unique_key, i.indisprimary AS primary_key

AND (ta.attnum = i.indkey[ia.attnum-1])

ORDER BY index_name, tab_name, column_name ";

$result = $db->sql_query($sql_pri_keys);

//

// Generate constraint clauses for CHECK constraints

//

FROM pg_relcheck, pg_class bc

AND bc.relname = '$table'

AND NOT EXISTS (

AND c.rcrelid = i.inhparent

)";

$result = $db->sql_query($sql_checks);

{

message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $sql_checks);

}

//

// Add the constraints to the sql file.

//

//

// This function returns the "CREATE TABLE" syntax for mysql dbms...

//

{

global $drop, $db;

{

$schema_create .= "DROP TABLE IF EXISTS $table;$crlf";

}

$schema_create .= "CREATE TABLE $table($crlf";

//

$schema_create .= ' DEFAULT \'' . $row['Default'] . '\'';

}

{

$schema_create .= ' NOT NULL';

}

$kname = "UNIQUE|$kname";

}

{

$index[$kname] = array();

}

$index[$kname][] = $row['Column_name'];

}

{

$schema_create .= ", $crlf";

if($x == 'PRIMARY')

{

$schema_create .= ' PRIMARY KEY (' . implode($columns, ', ') . ')';

elseif (substr($x,0,6) == 'UNIQUE')

{

$schema_create .= ' UNIQUE ' . substr($x,7) . ' (' . implode($columns, ', ') . ')';

else

{

$schema_create .= " KEY $x (" . implode($columns, ', ') . ')';

$schema_create .= "$crlf);";

{

return(stripslashes($schema_create));

{

return($schema_create);

}

} // End get_table_def_mysql

// statement.

//

//

// series of INSERT statements, for each different DBMS...

// After every row a custom callback function $handler gets called.

// $handler must accept one parameter ($sql_insert);

unset($schema_vals);

unset($schema_fields);

unset($schema_insert);

// Build the SQL statement to recreate the data.

//

for($i = 0; $i < $i_num_fields; $i++)

}

$schema_vals .= " $strQuote$strVal$strQuote,";

}

message_die(GENERAL_ERROR, "Faild in get_table_content (select *)", "", __LINE__, __FILE__, "SELECT * FROM $table");

}

{

$schema_insert = "\n#\n# Table Data for $table\n#\n";

}

//

// If there is no data for the column set it to null.

// There was a problem here with an extra space causing the

// any table. Should be fixed now :) JLH

//

$schema_insert .= ' NULL,';

{

$schema_insert .= ' \'' . addslashes($row[$j]) . '\',';

else

{

$schema_insert .= '\'\',';

}

}

//

//

$schema_insert = ereg_replace(',$', '', $schema_insert);

$schema_insert .= ');';

//

function remove_remarks($sql)

{

while($i < strlen($sql))

{

if( $sql[$i] == "#" && ( $sql[$i-1] == "\n" || $i==0 ) )

{

$j = 1;

while( $sql[$i + $j] != "\n" )

{

$j++;

$last_char = "";

$ret = array();

$in_string = true;

for($i = 0; $i < strlen($sql); $i++)

{

$char = $sql[$i];

//

// if delimiter found, add the parsed part to the returned array

//

{

$ret[] = substr($sql, 0, $i);

$sql = substr($sql, $i + 1);

{

$in_string = false;

}

if($char == $in_string && $last_char != "\\")

$in_string = false;

}

elseif(!$in_string && ($char == "\"" || $char == "'") && ($last_char != "\\"))

return($ret);

}

// End Functions

// -------------

if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) )

{

$perform = (isset($HTTP_POST_VARS['perform'])) ? $HTTP_POST_VARS['perform'] : $HTTP_GET_VARS['perform'];

switch($perform)

{

case 'backup':

);

$template->assign_vars(array(

"MESSAGE_TEXT" => $lang['Backups_not_supported'])

);

$template->pparse("body");

break;

}

$gzipcompress = (!empty($HTTP_POST_VARS['gzipcompress'])) ? $HTTP_POST_VARS['gzipcompress'] : ( (!empty($HTTP_GET_VARS['gzipcompress'])) ? $HTTP_GET_VARS['gzipcompress'] : 0 );

{

if(ereg(",", $additional_tables))

{

$s_hidden_fields = "<input type=\"hidden\" name=\"perform\" value=\"backup\" /><input type=\"hidden\" name=\"drop\" value=\"1\" /><input type=\"hidden\" name=\"perform\" value=\"$perform\" />";

$template->assign_vars(array(

"L_FULL_BACKUP" => $lang['Full_backup'],

"L_STRUCTURE_BACKUP" => $lang['Structure_backup'],

"L_DATA_BACKUP" => $lang['Data_backup'],

"L_ADDITIONAL_TABLES" => $lang['Additional_tables'],

"L_START_BACKUP" => $lang['Start_backup'],

"S_DBUTILS_ACTION" => append_sid("admin_db_utilities.$phpEx"))

);

$template->pparse("body");

break;

}

else if( !isset($HTTP_POST_VARS['startdownload']) && !isset($HTTP_GET_VARS['startdownload']) )

{

$template->set_filenames(array(

"body" => "admin/admin_message_body.tpl")

);

$template->assign_vars(array(

"MESSAGE_TEXT" => $lang['Backup_download'])

);

{

$backup_sql .= "#\n# TABLE: " . $table_prefix . $table_name . "\n#\n";

$backup_sql .= $table_def_function($table_prefix . $table_name, "\n") . "\n";

if($backup_type != 'structure')

{

break;

case 'restore':

// Define Template files...

//

include('page_header_admin.'.$phpEx);

$s_hidden_fields = "<input type=\"hidden\" name=\"perform\" value=\"restore\" /><input type=\"hidden\" name=\"perform\" value=\"$perform\" />";

$template->assign_vars(array(

"S_HIDDEN_FIELDS" => $s_hidden_fields)

);

$template->pparse("body");

break;

}

//

// Handle the file upload ....

// If no file was uploaded report an error...

message_die(GENERAL_MESSAGE, $lang['Restore_Error_no_file']);

}

//

// are actually passed the name of an uploaded file, and not

// a hackers attempt at getting us to process a local system

// file.

$sql_query = trim($sql_query);

{

// Strip out sql comments...

$sql_query = remove_remarks($sql_query);

$sql = trim($pieces[$i]);

if(!empty($sql) and $sql[0] != "#")

{

echo "Executing: $sql\n<br>";

flush();

}

$result = $db->sql_query($sql);

if(!$result && ( !(SQL_LAYER == 'postgres' && eregi("drop table", $sql) ) ) )

{

include('page_header_admin.'.$phpEx);

);

$message = $lang['Restore_success'];

$template->assign_vars(array(

"MESSAGE_TEXT" => $message)

);

}

break;

}

include('page_footer_admin.'.$phpEx);

<?php

/***************************************************************************

* -------------------

* begin : Mon Jul 31, 2001

* $Id$

****************************************************************************/

/***************************************************************************

* immediate forum pruning as well.

***************************************************************************/

//

require('pagestart.inc');

include($phpbb_root_path . 'includes/prune.php');

//

if(isset($HTTP_GET_VARS[POST_FORUM_URL]) || isset($HTTP_POST_VARS[POST_FORUM_URL]))

{

$forum_id = (isset($HTTP_POST_VARS[POST_FORUM_URL])) ? $HTTP_POST_VARS[POST_FORUM_URL] : $HTTP_GET_VARS[POST_FORUM_URL];

{

$forum_sql = "";

}

//

// Get a list of forum's or the data for the forum that we are pruning.

//

ORDER BY c.cat_order ASC, f.forum_order ASC";

$f_result = $db->sql_query($sql);

{

$submit = (isset($HTTP_POST_VARS['submit'])) ? $HTTP_POST_VARS['submit'] : $HTTP_GET_VARS['submit'];

}

{

unset($submit);

}

else

{

//

// display a select box to use for pruning.

//

if(empty($forum_id))

// Assign the template variables.

//

$template->assign_vars(array(

"S_FORUMS_SELECT" => $select_list)

);

}

{

//

// Output the form to retrieve Prune information.

$template->set_filenames(array(

"body" => "admin/forum_prune_body.tpl")

);

$forum_name = ($forum_id == "ALL") ? 'All Forums' : $forum_rows[0]['forum_name'];

$prune_data = "Prune Topics that haven't been posted to in the last ";

<?php

if($setmodules == 1)

{

// Start program - define vars

//

$simple_auth_ary = array(

3 => array(0, 2, 2, 2, 2, 2, 2, 3),

4 => array(2, 2, 2, 2, 2, 2, 2, 3),

5 => array(0, 3, 3, 3, 3, 3, 3, 3),

);

$simple_auth_types = array($lang['Public'], $lang['Registered'], $lang['Registered'] . " [" . $lang['Hidden'] . "]", $lang['Private'], $lang['Private'] . " [" . $lang['Hidden'] . "]", $lang['Moderators'], $lang['Moderators'] . " [" . $lang['Hidden'] . "]");

// was

//

$sql = "SELECT f.*

ORDER BY c.cat_order ASC, f.forum_order ASC";

$f_result = $db->sql_query($sql);

$select_list .= "</select>";

$template->assign_vars(array(

"S_AUTH_SELECT" => $select_list)

);

$simple_auth .= $simple_auth_types[$j];

$simple_auth .= "</option>";

}

{

$simple_auth .= "<option value=\"$j\">" . $simple_auth_types[$j] . "</option>";

}

else

{

//

// fields

//

for($j = 0; $j < count($forum_auth_fields); $j++)

$custom_auth[$j] .= $forum_auth_levels[$k];

$custom_auth[$j] .= "</option>";

}

{

$custom_auth[$j] .= "<option value=\"" . $forum_auth_const[$k] . "\">". $forum_auth_levels[$k] . "</option>";

}

$s_hidden_fields = '<input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '">';

$template->assign_vars(array(

"L_SUBMIT_CHANGES" => $lang['Submit_changes'],

"L_RESET_CHANGES" => $lang['Reset_changes'],

"U_SWITCH_MODE" => $u_switch_mode,

"S_HIDDEN_FIELDS" => $s_hidden_fields)

);

* copyright : (C) 2001 The phpBB Group

* email : support@phpbb.com

*

*

*

***************************************************************************/

if($setmodules==1)

{

$file = basename(__FILE__);

function check_forum_name($forumname)

{

global $db;

$sql = "SELECT * from " . FORUMS_TABLE . "WHERE forum_name = '$forumname'";

$result = $db->sql_query($sql);

if( !$result )

message_die(GENERAL_ERROR, "Couldn't get list of Categories", "", __LINE__, __FILE__, $sql);

}

if ($db->sql_numrows($result) > 0)

FROM $table

WHERE $idfield = $id";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't get Forum/Category information", "", __LINE__, __FILE__, $sql);

}

if( $db->sql_numrows($result) != 1 )

default:

message_die(GENERAL_ERROR, "Wrong mode for generating select list", "", __LINE__, __FILE__);

}

$sql = "SELECT * FROM $table";

if( $select == FALSE)

{

$sql .= " WHERE $idfield != '$id'";

}

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't get list of Categories/Forums", "", __LINE__, __FILE__, $sql);

}

$cat_list = "";

function renumber_order($mode, $cat=FALSE)

{

global $db;

switch($mode)

{

case 'category':

default:

message_die(GENERAL_ERROR, "Wrong mode for generating select list", "", __LINE__, __FILE__);

}

$sql = "SELECT * FROM $table";

if( $cat != FALSE)

{

}

$sql .= " ORDER BY $orderfield ASC";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't get list of Categories", "", __LINE__, __FILE__, $sql);

}

$i = 10;

$inc = 10;

while( $row = $db->sql_fetchrow($result) )

{

$sql = "UPDATE $table SET $orderfield = $i WHERE $idfield = ".$row["$idfield"];

if( !$db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't update order fields", "", __LINE__, __FILE__, $sql);

}

$i += 10;

}

}

//

$show_index = TRUE;

break;

case 'createforum': // Create a forum in the DB

max(forum_order) as max_order

WHERE cat_id = '".$HTTP_POST_VARS['cat_id']."'";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't get order number from forums table", "", __LINE__, __FILE__, $sql);

}

$row = $db->sql_fetchrow($result);

$next_order = $max_order + 1;

// There is no problem having duplicate forum names so we won't check for it.

INTO ".FORUMS_TABLE."(

forum_name,

cat_id,

'".$next_order."',

'".$HTTP_POST_VARS['forumstatus']."')";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't insert row in forums table", "", __LINE__, __FILE__, $sql);

}

$show_index = TRUE;

break;

case 'modforum': // Modify a forum in the DB

forum_name = '".$HTTP_POST_VARS['forumname']."',

cat_id = '".$HTTP_POST_VARS['cat_id']."',

forum_desc = '".$HTTP_POST_VARS['forumdesc']."',

forum_status = '".$HTTP_POST_VARS['forumstatus']."'

WHERE forum_id = '".$HTTP_POST_VARS['forum_id']."'";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't update forum information", "", __LINE__, __FILE__, $sql);

}

$show_index = TRUE;

break;

case 'addcat':

max(cat_order) as max_order

FROM ".CATEGORIES_TABLE;

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't get order number from categories table", "", __LINE__, __FILE__, $sql);

}

$row = $db->sql_fetchrow($result);

'".$HTTP_POST_VARS['catname']."',

'".$next_order."')";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't insert row in categories table", "", __LINE__, __FILE__, $sql);

}

$show_index = TRUE;

// $newmode determines if we are going to INSERT or UPDATE after posting?

$newmode = 'modforum';

$buttonvalue = 'Change';

$forum_id = $HTTP_GET_VARS['forum_id'];

$row = get_info('forum', $forum_id);

$forumstatus = FORUM_UNLOCKED;

$forum_id = '';

}

$catlist = get_list('category', $cat_id, TRUE);

$forumstatus == FORUM_LOCKED ? $forumlocked = "selected" : $forumunlocked = "selected";

$statuslist = "<OPTION VALUE=\"".FORUM_UNLOCKED."\" $forumunlocked>Unlocked</OPTION>\n";

$statuslist .= "<OPTION VALUE=\"".FORUM_LOCKED."\" $forumlocked>Locked</OPTION>\n";

$template->set_filenames(array(

"body" => "admin/forum_edit_body.tpl")

);

'BUTTONVALUE' => $buttonvalue)

);

$template->pparse("body");

break;

case 'editcat':

$newmode = 'modcat';

$buttonvalue = 'Change';

$cat_id = $HTTP_GET_VARS['cat_id'];

$row = get_info('category', $catid);

$cat_title = $row['cat_title'];

$template->set_filenames(array(

"body" => "admin/category_edit_body.tpl")

);

'BUTTONVALUE' => $buttonvalue)

);

$template->pparse("body");

break;

case 'modcat':

cat_title = '".$HTTP_POST_VARS['cat_title']."'

WHERE cat_id = '".$HTTP_POST_VARS['cat_id']."'";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't update forum information", "", __LINE__, __FILE__, $sql);

}

print "Modforum: ". $HTTP_POST_VARS['forumname']." sql= <pre>$sql</pre>";

$from_id = $HTTP_POST_VARS['from_id'];

$to_id = $HTTP_POST_VARS['to_id'];

$delete_old = $HTTP_POST_VARS['delete_old'];

print "move '$from_id' to '$to_id'";

$sql = "SELECT * FROM ".FORUMS_TABLE." WHERE forum_id IN ($from_id, $to_id)";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't verify existence of forums", "", __LINE__, __FILE__, $sql);

}

if($db->sql_numrows($result) != 2)

{

message_die(GENERAL_ERROR, "Ambiguous forum ID's", "", __LINE__, __FILE__);

}

// Either delete or move all posts in a forum

if($delete_old == 1)

{

}

else

{

forum_id = '$to_id'

WHERE forum_id = '$from_id'";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't move topics to other forum", "", __LINE__, __FILE__, $sql);

}

forum_id = '$to_id'

WHERE forum_id = '$from_id'";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't move posts to other forum", "", __LINE__, __FILE__, $sql);

}

sync('forum', $to_id);

}

$sql = "DELETE FROM ".FORUMS_TABLE."

WHERE forum_id = '$from_id'";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't delete forum", "", __LINE__, __FILE__, $sql);

}

$show_index = TRUE;

break;

case 'movedelcat':

$from_id = $HTTP_POST_VARS['from_id'];

$to_id = $HTTP_POST_VARS['to_id'];

print "move '$from_id' to '$to_id'";

$sql = "SELECT * FROM ".CATEGORIES_TABLE." WHERE cat_id IN ($from_id, $to_id)";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't verify existence of categories", "", __LINE__, __FILE__, $sql);

}

if($db->sql_numrows($result) != 2)

{

message_die(GENERAL_ERROR, "Ambiguous category ID's", "", __LINE__, __FILE__);

}

cat_id = '$to_id'

WHERE cat_id = '$from_id'";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't move forums to other category", "", __LINE__, __FILE__, $sql);

}

$sql = "DELETE FROM ".CATEGORIES_TABLE."

WHERE cat_id = '$from_id'";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't delete category", "", __LINE__, __FILE__, $sql);

}

$show_index = TRUE;

break;

case 'deletecat':

$newmode = 'movedelcat';

$catinfo = get_info('category', $cat_id);

$name = $catinfo['cat_title'];

$template->set_filenames(array(

"body" => "admin/forum_delete_body.tpl")

);

$newmode = 'movedelforum';

$foruminfo = get_info('forum', $forum_id);

$name = $foruminfo['forum_name'];

$template->set_filenames(array(

"body" => "admin/forum_delete_body.tpl")

);

$cat_id = $HTTP_GET_VARS['cat_id'];

$sql = "UPDATE ".CATEGORIES_TABLE." SET cat_order = cat_order + $move WHERE cat_id = $cat_id";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't change category order", "", __LINE__, __FILE__, $sql);

}

renumber_order('category');

$forum_id = $HTTP_GET_VARS['forum_id'];

$forum_info = get_info('forum', $forum_id);

$cat_id = $forum_info['cat_id'];

$sql = "UPDATE ".FORUMS_TABLE." SET forum_order = forum_order + $move WHERE forum_id = $forum_id";

if( !$result = $db->sql_query($sql) )

message_die(GENERAL_ERROR, "Couldn't change category order", "", __LINE__, __FILE__, $sql);

}

renumber_order('forum', $forum_info['cat_id']);

<?php

if($setmodules == 1)

{

$forum_auth_fields = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_sticky", "auth_announce");

$auth_field_match = array(

"auth_announce" => AUTH_ANNOUNCE);

$field_names = array(

if(!$single_user)

{

$single_user = $u_ary['group_single_user'];

$result = 0;

switch($type)

{

$auth_user['single_group'] = ($single_user) ? "single" : "group";

}

return $auth_user;

}

//

//

// This is where things become fun ...

//

//

// Get list of user id's for this group_id

//

AND user_id <> " . ANONYMOUS;

if(!$result = $db->sql_query($sql_groupid))

{

//

// for this user

//

AND aa2.group_id = g2.group_id";

/*

AND aa.group_id = g.group_id";*/

$ag_result = $db->sql_query($sql);

$g_access = $db->sql_fetchrowset($ag_result);

}

ORDER BY c.cat_order ASC, f.forum_order ASC";

$fa_result = $db->sql_query($sql);

}

}

}

//

// The data above lists access and moderator permissions

// for this user given by all the groups they belong to.

// These values must be checked against those requested

// informed of problems. For example, if a group the user

// belongs to already grants the user moderator status

// then the user won't have moderator status enabled.

// forum then again, we must warn the admin that giving

// the user access goes against the group permissions

// (although in this case we'll go ahead and add the user)

//

//

//

$warning_mod_userid = array();

$warning_mod_username = array();

{

if($new_mod_status)

{

AND group_id = $group_id";

}

else

{

AND group_id = $group_id";

}

$update_mod = TRUE;

if(!$update_mod && $new_mod_status)

{

VALUES ($this_forum_id, $group_id, $new_mod_status)";

$update_mod = TRUE;

}

}

else

{

AND group_id = $group_id";

}

}

);

$template->assign_vars(array(

"MESSAGE_TEXT" => $warning_list)

);

}

//

// Default user selection box

//

//

WHERE group_single_user <> " . TRUE;

$g_result = $db->sql_query($sql);

$group_list = $db->sql_fetchrowset($g_result);

);

$template->assign_vars(array(

"S_AUTH_SELECT" => $select_list)

);

"body" => "admin/auth_ug_body.tpl")

);

ORDER BY c.cat_order ASC, f.forum_order ASC";

$fa_result = $db->sql_query($sql);

}

}

}

AND ug.group_id = g.group_id

AND u.user_id = ug.user_id";

$g_result = $db->sql_query($sql);

$groupinf = $db->sql_fetchrowset($g_result);

AND g.group_single_user = 0";

$ag_result = $db->sql_query($sql);

$auth_group[$f_forum_id][$key] = 0;

}

break;

case AUTH_MOD:

if($num_forum_access[$f_forum_id])

{

$row_color = "#" . ( ( !($i%2) ) ? $theme['td_color1'] : $theme['td_color2'] );

$template->assign_block_vars("forums", array(

"S_MOD_SELECT" => $optionlist_mod)

);

$s_column_span++;

}

}

$switch_mode = "admin_groupauth.$phpEx?" . POST_GROUPS_URL . "=" . $group_id . "&adv=";

$switch_mode .= ( !$adv ) ? "1" : "0";

$switch_mode_text = ( !$adv ) ? $lang['Advanced_mode'] : $lang['Simple_mode'];

$u_switch_mode = '<a href="' . $switch_mode . '">' . $switch_mode_text . '</a>';

$template->assign_vars(array(

"USER_GROUP_MEMBERSHIPS" => $lang['Group_has_members'] . ": " . $t_usergroup_list,

"L_MODERATOR_STATUS" => $lang['Moderator_status'],

"L_SUBMIT_CHANGES" => $lang['Submit_changes'],

"L_RESET_CHANGES" => $lang['Reset_changes'],

"U_SWITCH_MODE" => $u_switch_mode,

"S_AUTH_ACTION" => append_sid("admin_groupauth.$phpEx"),

"S_HIDDEN_FIELDS" => $s_hidden_fields)

);

<?php

* admin_groups.php

if($setmodules == 1)

{

// They're editing. Grab the vars.

//

$sql = "SELECT *

WHERE group_single_user <> " . TRUE . "

AND group_id = " . $g;

if(!$result = $db->sql_query($sql))

//

// Ok, now we know everything about them, let's show the page.

//

WHERE user_id <> " . ANONYMOUS . "

ORDER BY username";

$u_result = $db->sql_query($sql);

$group_closed = "checked=\"checked\"";

}

$template->assign_vars(array(

"L_GROUP_NAME" => $lang['group_name'],

"L_GROUP_DESCRIPTION" => $lang['group_description'],

"L_GROUP_MODERATOR" => $lang['group_moderator'],

group_moderator = '" . $group_moderator . "'

WHERE group_id = '" . $group_id . "'";

break;

case 'newgroup':

$sql = "INSERT INTO " . GROUPS_TABLE . "

(

'" . $group_moderator . "',

'0'

)";

break;

case 'default':

message_die(GENERAL_ERROR, $lang['Group_mode_not_selected']);

break;

{

include("page_header_admin." . $phpEx);

WHERE group_single_user <> " . TRUE . "

ORDER BY group_name";

$g_result = $db->sql_query($sql);

$template->assign_vars(array(

"L_GROUP_TITLE" => $lang['Group'] . " " . $lang['Admin'],

"L_LOOK_UP" => $lang['Look_up'] . " " . $lang['Group'],

"L_GROUP_NEW" => $lang['New_group'],

"S_GROUP_SELECT" => $select_list)

);

<?php

/***************************************************************************

* -------------------

* begin : Thu May 31, 2001

* $Id$

****************************************************************************/

/**************************************************************************

* This file will be used for modifying the smiley settings for a board.

**************************************************************************/

}

//

//

//

// Check to see what mode we should operate in.

// Get the data that should be passed.

//

$smiley_id = ($HTTP_GET_VARS['id']) ? $HTTP_GET_VARS['id']: $HTTP_POST_VARS['id'];

WHERE smilies_id = ' . $smiley_id;

$result = $db->sql_query($sql);

if( !$result )

// Get the data for the selected smiley.

//

$smiley_id = ($HTTP_GET_VARS['id']) ? $HTTP_GET_VARS['id']: $HTTP_POST_VARS['id'];

WHERE smilies_id = ' . $smiley_id;

$result = $db->sql_query($sql);

if( !$result )

{

$smiley_selected = ($smiley_images[$i] == $smile_data['smile_url']) ? "SELECTED" : "";

$template->assign_block_vars("smile_images", array(

"SELECTED" => $smiley_selected)

);

}

//

// Proceed with updating the smiley table.

//

WHERE smilies_id = $smile_id";

$result = $db->sql_query($sql);

{

message_die(GENERAL_ERROR, $lang['smile_edit_err'], "", __LINE__, __FILE__, $sql);

}

$template->set_filenames(array(

"body" => "admin/smile_action.tpl")

);

$template->assign_vars(array(

"S_SMILEY_URL" => append_sid("admin_smilies.$phpEx"),

"L_SMILEY_TITLE" => $lang['smiley_title'],

//

// Save the data to the smiley table.

//

VALUES ('$smile_code', '$smile_url', '$smile_emotion')";

$result = $db->sql_query($sql);

if( !$result )

//

// Get a listing of smileys.

//

FROM ' . SMILIES_TABLE;

$result = $db->sql_query($sql);

if( !$result )

message_die(GENERAL_ERROR, $lang['smile_load_err'], "", __LINE__, __FILE__, $sql);

}

$smilies = $db->sql_fetchrowset($result);

$my_path = append_sid("admin_smilies.$phpEx");

if(!ereg('\?', $my_path))

{

}

$template->assign_vars(array(

"S_SMILEY_URL" => $my_path,

<?php

if($setmodules == 1)

{

for($i = 0; $i < count($email_list_temp); $i++)

{

//

// contained in the annotated php manual at php.com (ereg

// section)

//

}

}

FROM " . BANLIST_TABLE;

if( !$result = $db->sql_query($sql) )

{

{

$kill_session_sql .= ( ($kill_session_sql != "") ? " OR " : "" ) . "session_user_id = $user_list[$i]";

VALUES ('" . $user_list[$i] . "')";

if( !$result = $db->sql_query($sql) )

{

$kill_session_sql .= ( ($kill_session_sql != "") ? " OR " : "" ) . $kill_ip_sql;

VALUES ('" . $ip_list[$i] . "')";

if( !$result = $db->sql_query($sql) )

{

}

//

// session table with any of the banned

// user or IP info just entered into the

// ban table ... this will force a session

//

if($kill_session_sql != "")

{

WHERE $kill_session_sql";

if( !$result = $db->sql_query($sql) )

{

message_die(GENERAL_ERROR, "Couldn't delete banned sessions from database", "", __LINE__, __FILE__, $sql);

}

}

for($i = 0; $i < count($email_list); $i++)

{

$in_banlist = false;

if(!$in_banlist)

{

VALUES ('" . $email_list[$i] . "')";

if( !$result = $db->sql_query($sql) )

{

if($where_sql != "")

{

WHERE $where_sql";

if( !$result = $db->sql_query($sql) )

{

{

$userban_count = 0;

WHERE user_id <> " . ANONYMOUS . "

ORDER BY user_id ASC";

$u_result = $db->sql_query($sql);

$s_hidden_fields = "<input type=\"hidden\" name=\"bancontrol\" value=\"ban\" />";

$template->assign_vars(array(

"L_BAN_USER" => $lang['Ban_username'],

"L_BAN_USER_EXPLAIN" => $lang['Ban_username_explain'],

"L_BAN_IP" => $lang['Ban_IP'],

"L_EMAIL_ADDRESS" => $lang['Email_address'],

"S_BAN_ACTION" => append_sid("admin_user_ban.$phpEx"))

);

}

$ipban_count = 0;

$emailban_count = 0;

FROM " . BANLIST_TABLE . " b, " . USERS_TABLE . " u

AND u.user_id <> " . ANONYMOUS . "

ORDER BY u.user_id ASC";

$u_result = $db->sql_query($sql);

$select_userlist = "<select name=\"user[]\"" . ( ($userban_count > 1) ? "multiple=\"multiple\" size=\"" . min(5, $userban_count) . "\">" : ">" ) . $select_userlist;

$select_userlist .= "</select>";

FROM " . BANLIST_TABLE;

$b_result = $db->sql_query($sql);

$banlist = $db->sql_fetchrowset($b_result);

$s_hidden_fields = "<input type=\"hidden\" name=\"bancontrol\" value=\"unban\" />";

$template->assign_vars(array(

"L_BAN_USER" => $lang['Unban_username'],

"L_BAN_USER_EXPLAIN" => $lang['Unban_username_explain'],

"L_BAN_IP" => $lang['Unban_IP'],

"L_EMAIL_ADDRESS" => $lang['Email_address'],

"S_BAN_ACTION" => append_sid("admin_user_ban.$phpEx"))

);

<?php

if($setmodules == 1)

{

$forum_auth_fields = array("auth_view", "auth_read", "auth_post", "auth_reply", "auth_edit", "auth_delete", "auth_sticky", "auth_announce");

$auth_field_match = array(

"auth_announce" => AUTH_ANNOUNCE);

$field_names = array(

if(!$single_user)

{

$single_user = $u_ary['group_single_user'];

$result = 0;

switch($type)

{

$auth_user['single_group'] = ($single_user) ? "single" : "group";

}

return $auth_user;

}

//

//

// This is where things become fun ...

//

//

// Get group_id for this user_id

//

AND g.group_single_user = " . TRUE;

if(!$result = $db->sql_query($sql_groupid))

{

//

// Delete any entries granting in auth_access

//

WHERE group_id = " . $ug_info['group_id'];

if(!$result = $db->sql_query($sql))

{

// Error ...

//

// Update users level, reset to USER

//

WHERE user_id = $user_id";

if(!$result = $db->sql_query($sql))

{

// Error ...

}

}

header("Location: admin_userauth.$phpEx?" . POST_USERS_URL . "=$user_id");

}

//

// Make user an admin (if already user)

//

WHERE user_id = $user_id";

if(!$result = $db->sql_query($sql_userlevel))

{

// Error ...

}

// Delete any entries in auth_access, they

// admin

//

WHERE group_id = " . $ug_info['group_id'];

if(!$result = $db->sql_query($sql_unmod))

{

// Error ...

AND auth_mod = 0";

if(!$result = $db->sql_query($sql_unauth))

{

else

{

//

// for this user

//

AND aa.group_id = ug.group_id";

$au_result = $db->sql_query($sql);

$u_access = $db->sql_fetchrowset($au_result);

}

ORDER BY c.cat_order ASC, f.forum_order ASC";

$fa_result = $db->sql_query($sql);

}

}

}

//

// The data above lists access and moderator permissions

// for this user given by all the groups they belong to.

// These values must be checked against those requested

// informed of problems. For example, if a group the user

// belongs to already grants the user moderator status

// then the user won't have moderator status enabled.

// forum then again, we must warn the admin that giving

// the user access goes against the group permissions

// (although in this case we'll go ahead and add the user)

//

//

//

$warning_mod_grpid = array();

$warning_mod_grpname = array();

{

if($new_mod_status)

{

AND group_id = " . $ug_info['group_id'];

}

else

{

AND group_id = " . $ug_info['group_id'];

}

$update_mod = TRUE;

if(!$update_mod && $new_mod_status)

{

VALUES ($this_forum_id, " . $ug_info['group_id'] . ", $new_mod_status)";

$update_mod = TRUE;

}

}

else

{

AND group_id = " . $ug_info['group_id'];

}

}

);

$template->assign_vars(array(

"MESSAGE_TEXT" => $warning_list)

);

}

//

// Default user selection box

//

//

WHERE user_id <> " . ANONYMOUS;

$u_result = $db->sql_query($sql);

$user_list = $db->sql_fetchrowset($u_result);

);

$template->assign_vars(array(

"S_AUTH_SELECT" => $select_list)

);

"body" => "admin/auth_ug_body.tpl")

);

ORDER BY c.cat_order ASC, f.forum_order ASC";

$fa_result = $db->sql_query($sql);

}

}

AND g.group_id = ug.group_id";

$u_result = $db->sql_query($sql);

$userinf = $db->sql_fetchrowset($u_result);

AND g.group_single_user = " . TRUE;

$au_result = $db->sql_query($sql);

$auth_user[$f_forum_id][$key] = 0;

}

break;

case AUTH_MOD:

if($user_id != ANONYMOUS && $num_forum_access[$f_forum_id])

{

$row_color = ( !($i%2) ) ? $theme['td_color1'] : $theme['td_color2'];

$template->assign_block_vars("forums", array(

"S_MOD_SELECT" => $optionlist_mod)

);

$s_column_span++;

}

}

$switch_mode = "admin_userauth.$phpEx?" . POST_USERS_URL . "=" . $user_id . "&adv=";

$switch_mode .= ( empty($adv) ) ? "1" : "0";

$switch_mode_text = ( empty($adv) ) ? $lang['Advanced_mode'] : $lang['Simple_mode'];

$u_switch_mode = '<a href="' . $switch_mode . '">' . $switch_mode_text . '</a>';

$template->assign_vars(array(

"USER_GROUP_MEMBERSHIPS" => $lang['This_user_is'] . " " . $s_user_type . " " . $lang['and_belongs_groups'] . ": " . $t_usergroup_list,

"L_MODERATOR_STATUS" => $lang['Moderator_status'],

"L_SUBMIT_CHANGES" => $lang['Submit_changes'],

"L_RESET_CHANGES" => $lang['Reset_changes'],

"U_SWITCH_MODE" => $u_switch_mode,

"S_AUTH_ACTION" => append_sid("admin_userauth.$phpEx"),

"S_HIDDEN_FIELDS" => $s_hidden_fields)

);

<?php

* admin_users.php

if($setmodules == 1)

{

//

// This looks familiar doesn't it? It's the user profile page! :)

//

//

// Let's find out a little about them...

//

$userdata = get_userdata_from_id($HTTP_GET_VARS[POST_USERS_URL]);

//

// Now parse and display it as a template

//

$email = $userdata['user_email'];

$password = "";

$password_confirm = "";

$icq = $userdata['user_icq'];

$aim = $userdata['user_aim'];

$msn = $userdata['user_msnm'];

$occupation = $userdata['user_occ'];

$interests = $userdata['user_interests'];

$signature = $userdata['user_sig'];

$viewemail = $userdata['user_viewemail'];

$notifypm = $userdata['user_notify_pm'];

$attachsig = $userdata['user_attachsig'];

$user_timezone = $userdata['user_timezone'];

$user_template = $userdata['user_template'];

$user_dateformat = $userdata['user_dateformat'];

if(!isset($coppa))

{

$coppa = FALSE;

$html_status = ($board_config['allow_html']) ? $lang['ON'] : $lang['OFF'];

$bbcode_status = ($board_config['allow_bbcode']) ? $lang['ON'] : $lang['OFF'];

$smilies_status = ($board_config['allow_smilies']) ? $lang['ON'] : $lang['OFF'];

$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';

$s_hidden_fields .= '<input type="hidden" name="user_id" value="' . $userdata['user_id'] . '" />';

// Send the users current email address. If they change it, and account activation is turned on

"L_HTML_IS" => $lang['HTML'] . " " . $lang['is'],

"L_BBCODE_IS" => $lang['BBCode'] . " " . $lang['is'],

"L_SMILIES_ARE" => $lang['Smilies'] . " " . $lang['are'],

"L_DELETE_USER" => $lang['User_delete'],

"L_DELETE_USER_EXPLAIN" => $lang['User_delete_explain'],

"S_ALLOW_AVATAR_UPLOAD" => $board_config['allow_avatar_upload'],

"S_ALLOW_AVATAR_LOCAL" => $board_config['allow_avatar_local'],

"S_ALLOW_AVATAR_REMOTE" => $board_config['allow_avatar_remote'],

$allowviewonline = (isset($HTTP_POST_VARS['hideonline'])) ? ( ($HTTP_POST_VARS['hideonline']) ? 0 : 1 ) : 1;

$notifypm = (isset($HTTP_POST_VARS['notifypm'])) ? $HTTP_POST_VARS['notifypm'] : 1;

$attachsig = (isset($HTTP_POST_VARS['attachsig'])) ? $HTTP_POST_VARS['attachsig'] : 0;

$allowhtml = (isset($HTTP_POST_VARS['allowhtml'])) ? $HTTP_POST_VARS['allowhtml'] : $board_config['allow_html'];

$allowbbcode = (isset($HTTP_POST_VARS['allowbbcode'])) ? $HTTP_POST_VARS['allowbbcode'] : $board_config['allow_bbcode'];

$allowsmilies = (isset($HTTP_POST_VARS['allowsmilies'])) ? $HTTP_POST_VARS['allowsmilies'] : $board_config['allow_smilies'];

if(!$error && $file_size > 0 && $file_size < $board_config['avatar_filesize'])

{

$avatar_data = substr($avatar_data, strlen($avatar_data) - $file_size, $file_size);

$tmp_filename = tempnam ("/tmp", $userdata['user_id'] . "-");

$fptr = fopen($tmp_filename, "wb");

$bytes_written = fwrite($fptr, $avatar_data, $file_size);

} // if ... allow_avatar_upload

}

}

if(!$error)

{

if( $HTTP_POST_VARS['deleteuser'] )

{

WHERE poster_id = $user_id";

if( $result = $db->sql_query($sql) )

{

WHERE user_id = $user_id";

if( $result = $db->sql_query($sql) )

{

include('page_header_admin.'. $phpEx);

$template->set_filenames(array(

"body" => "admin/admin_message_body.tpl")

);

$template->assign_vars(array(

"MESSAGE_TITLE" => $lang['User'] . $lang['User_admin'],

"MESSAGE_TEXT" => $lang['User_deleted'])

$template->set_filenames(array(

"body" => "admin/admin_message_body.tpl")

);

$template->assign_vars(array(

"MESSAGE_TITLE" => $lang['User'] . $lang['User_admin'],

"MESSAGE_TEXT" => $lang['Profile_updated'])

//

// Default user selection box

//

//

WHERE user_id <> " . ANONYMOUS;

$u_result = $db->sql_query($sql);

$user_list = $db->sql_fetchrowset($u_result);

);

$template->assign_vars(array(

"S_USER_SELECT" => $select_list)

);

$template->pparse('body');

<?php

* (admin) index.php

$phpbb_root_path = "./../";

include($phpbb_root_path . 'extension.inc');

//

$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);

init_userprefs($userdata);

// End session management

//

$template->set_filenames(array(

"body" => "admin/index_navigate.tpl")

);

$template->assign_vars(array(

"U_BOARD_INDEX" => append_sid("../index.$phpEx"),

"U_ADMIN_INDEX" => append_sid("index.$phpEx?pane=right"),

"L_ADMIN_INDEX" => "Admin Index")

);

$action = preg_replace("'_'", " ", $action);

$template->assign_block_vars("catrow.actionrow", array(

"ACTIONNAME" => $action,

"FILE" => $file)

);

{

include('page_header_admin.'.$phpEx);

$template->set_filenames(array(

"body" => "admin/index_body.tpl")

);

$template->assign_vars(array(

"L_LAST_UPDATE" => $lang['Last_updated'],

"L_NUMBER_POSTS" => $lang['Number_posts'],

"L_POSTS_PER_DAY" => $lang['Posts_per_day'],

"L_NUMBER_TOPICS" => $lang['Number_topics'],

"L_NUMBER_USERS" => $lang['Number_users'],

"L_USERS_PER_DAY" => $lang['Users_per_day'],

"L_BOARD_STARTED" => $lang['Board_started'],

"L_DB_SIZE" => $lang['Database_size'])

);

$avatar_dir_size = 0;

if ($avatar_dir = @opendir($phpbb_root_path . $board_config['avatar_path']))

while($file = readdir($avatar_dir))

{

if($file != "." && $file != "..")

// Borrowed the code from the PHP.net annoted manual, origanally written by:

// Jesse (jesse@jess.on.ca)

//

if($posts_per_day > $total_posts)

{

"POSTS_PER_DAY" => $posts_per_day,

"TOPICS_PER_DAY" => $topics_per_day,

"USERS_PER_DAY" => $users_per_day,

"DB_SIZE" => $dbsize)

);

//

// Get users online information.

//

$sql = "SELECT u.username, u.user_id, u.user_allow_viewonline, s.session_page, s.session_logged_in, s.session_time, s.session_ip

WHERE u.user_id = s.session_user_id

AND s.session_time >= " . (time()-300) . "

ORDER BY s.session_time DESC";

$row_color = "#" . ( ( !($count % 2) ) ? $theme['td_color1'] : $theme['td_color2']);

$row_class = ( !($count % 2) ) ? $theme['td_class1'] : $theme['td_class2'];

$count++;

$ip_address = decode_ip($onlinerow[$i]['session_ip']);

// This resolves the users IP to a host name, but it REALLY slows the page down

//

//$host_name = gethostbyaddr($ip_address);

//$ip_address = $ip_address . " ($host_name)";

if(empty($username))

{

$username = $lang['Guest'];

}

else

//

// Generate frameset

//

header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");

$template->pparse("body");

exit;

}

*

***************************************************************************/

//

// Show the overall footer.

//

//

// Borrowed from php.net!

//

echo pack("V", $gzip_crc);

echo pack("V", $gzip_size);

}

*

***************************************************************************/

define(HEADER_INC, TRUE);

//

else if($phpver > "4.0")

{

if(strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip'))

$do_gzip_compress = TRUE;

ob_start();

}

}

}

$template->set_filenames(array(

);

//

"T_TR_COLOR1" => "#".$theme['tr_color1'],

"T_TR_COLOR2" => "#".$theme['tr_color2'],

"T_TR_COLOR3" => "#".$theme['tr_color3'],

"T_TH_COLOR1" => "#".$theme['th_color1'],

"T_TH_COLOR2" => "#".$theme['th_color2'],

"T_TH_COLOR3" => "#".$theme['th_color3'],

"T_TD_COLOR1" => "#".$theme['td_color1'],

"T_TD_COLOR2" => "#".$theme['td_color2'],

"T_TD_COLOR3" => "#".$theme['td_color3'],

"T_FONTFACE1" => $theme['fontface1'],

"T_FONTFACE2" => $theme['fontface2'],

"T_FONTFACE3" => $theme['fontface3'],

"T_FONTCOLOR1" => "#".$theme['fontcolor1'],

"T_FONTCOLOR2" => "#".$theme['fontcolor2'],

"T_FONTCOLOR3" => "#".$theme['fontcolor3'],

"T_SPAN_CLASS3" => $theme['span_class3'])

);

*

***************************************************************************/

$phpbb_root_path = "../";

include($phpbb_root_path . 'extension.inc');

include($phpbb_root_path . 'common.'.$phpEx);