<?
/*
bb_admin.php : administration file for miniBB.
Copyright (C) 2001-2002 miniBB.net.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
include ("./setup_options.php");
if ($langCook=${$cookiename.'Language'}) { if (file_exists("./lang/{$langCook}.php")) $lang=$langCook; }
include ("./setup_$DB.php");
include ("./skins/$skin.php");
include ("./bb_functions.php");
include ("./lang/$lang.php");
$mode = $HTTP_POST_VARS["mode"];
if ($mode == "") $mode = $HTTP_GET_VARS["mode"];
$action = $HTTP_POST_VARS["action"];
if ($action == "") $action = $HTTP_GET_VARS["action"];
$l_adminpanel_link='';
$warning='';
$starttime = get_microtime();
$adminPanel = 1;
switch ($mode) {
case "logout":
setcookie ($cookiename);
header("Location: ./$bb_admin");
case "login":
if ($mode == "login") {
if ($adminusr == $admin_usr and $adminpwd == $admin_pwd) {
$cook = $admin_usr."|".md5($admin_pwd)."|".$cookieexptime;
setcookie ($cookiename);
setcookie ($cookiename, $cook, $cookieexptime, $cookiepath, $cookiedomain, $cookiesecure);
header("Location: ./$bb_admin");
}
else {
$warning = $l_incorrect_login;
}
} // if mode = login, for preventing login checkout
default:
if (user_logged_in("admin"))
{
$l_adminpanel_link = "<p><a href=\"$bb_admin\">".$l_adminpanel."</a><br><br>";
switch ($action) {
case "addforum1":
if (!isset($forumicon)) $forumicon='default.gif';
if (!isset($forumname)) $forumname='';
if (!isset($forumdesc)) $forumdesc='';
$iconList = getForumIcons();
$text2 = makeUp('admin_addforum1'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
break;
case "addforum2":
$iconList = getForumIcons();
if ($forumname) {
if ($forumicon == "") $forumicon="default.gif";
if (file_exists("./img/forum_icons/{$forumicon}")) {
$forumname = addslashes($forumname);
$forumdesc = addslashes($forumdesc);
$forumicon = addslashes($forumicon);
$used_id = DB_query(30,0);
if ($used_id >0) $warning = $l_forum_added; else $warning = $l_itseemserror;
$text2 = makeUp('admin_panel'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
}
else {
$warning = $l_error_addforumicon."'".$forumicon."'";
$text2 = makeUp('admin_addforum1'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
}
}
else {
$warning = $l_error_addforum;
$text2 = makeUp('admin_addforum1'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
}
break;
case "editforum1":
$forums_to_edit='';
if ($row = DB_query(16,0)) {
do {
$forums_to_edit.="<option value=\"".$row[0]."\">".$row[1]."</option>";
}
while ($row = DB_query(16,1));
$text2 = makeUp('admin_editforum1'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
}
else {
$warning = $l_noforums;
$text2 = makeUp('admin_panel'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
}
break;
case "editforum2":
if ($forumID) {
if ($row = DB_query(32,0)) {
$a = 0;
do {
$resultVal["forum_name"][$a] = $row["forum_name"];
$resultVal["forum_desc"][$a] = $row["forum_desc"];
$resultVal["forum_order"][$a] = $row["forum_order"];
$resultVal["forum_id"][$a] = $row["forum_id"];
$resultVal["forum_icon"][$a] = $row["forum_icon"];
$a++;
}
while($row = DB_query(32,1));
$forumorder = get_template_forum_orders($resultVal, $a-1, $forumID, $l_mysql_error);
$forumsPreview = get_forums_fast_preview($resultVal, $a-1, $l_mysql_error);
unset($resultVal);
}
if ($row = DB_query(33,0)) {
$forumname = stripslashes($row["forum_name"]);
$forumdesc = stripslashes($row["forum_desc"]);
$forumicon = stripslashes($row["forum_icon"]);
$iconList = getForumIcons();
$text2 = makeUp('admin_editforum2'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
}
else {
$warning = $l_noforums;
$text2 = makeUp('admin_panel'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
}
}
else {
$warning = $l_noforums;
$text2 = makeUp('admin_panel'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
}
break;
case "editforum3":
if (!$deleteforum) {
if ($forumname != "") {
if ($forumicon == "") $forumicon="default.gif";
if (!file_exists("./img/forum_icons/{$forumicon}")) {
$warning = $l_error_addforumicon."'".$forumicon."'";
}
else {
$forumname=addslashes($forumname);
$forumdesc=addslashes($forumdesc);
$forumdesc=addslashes($forumdesc);
$forumicon=addslashes($forumicon);
$row = DB_query(34,0);
if ($row >0) $warning = $l_forumUpdated; else $warning = $l_prefsNotUpdated;
}
} // if forum name is set
else {
$warning = $l_error_addforum;
}
if ($row = DB_query(32,0)) {
$a = 0;
do {
$resultVal["forum_name"][$a] = $row["forum_name"];
$resultVal["forum_desc"][$a] = $row["forum_desc"];
$resultVal["forum_order"][$a] = $row["forum_order"];
$resultVal["forum_id"][$a] = $row["forum_id"];
$resultVal["forum_icon"][$a] = $row["forum_icon"];
if ($row["forum_id"] == $forumID) { $forumname = $row["forum_name"]; $forumdesc = $row["forum_desc"]; }
$a++;
}
while($row = DB_query(32,1));
$forumorder = get_template_forum_orders($resultVal, $a-1, $forumID, $l_mysql_error);
$forumsPreview = get_forums_fast_preview($resultVal, $a-1, $l_mysql_error);
unset($resultVal);
$forumname=stripslashes($forumname);
$forumdesc=stripslashes($forumdesc);
$forumdesc=stripslashes($forumdesc);
$forumicon=stripslashes($forumicon);
$iconList = getForumIcons();
}
$text2 = makeUp('admin_editforum2'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
}
else {
$row = DB_query (35,0);
if ($row>0) $warning = $l_forumdeleted." (\"$forumname\") - $l_del $row $l_rows"; else $warning = $l_itseemserror;
$text2 = makeUp('admin_panel'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
}
break;
case ("removeuser1"):
$text2 = makeUp('admin_removeuser1'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
break;
case ("removeuser2"):
if (!$userID or !DB_query(63,$userID) or $userID==1 or $userID==0) $warning = $l_cantDeleteUser;
else {
if (DB_query(64,$userID)) $warning = $l_userDeleted." (".$userID.")"; else $warning = $l_userNotDeleted." (".$userID.")";
if ($removemessages) {
if (DB_query(65,$userID)) $warning.="<br>".$l_userMsgsDeleted; else $warning.="<br>".$l_userMsgsNotDeleted;
}
else {
if (DB_query(66,$userID)) $warning.="<br>".$l_userUpdated0; else $warning.="<br>".$l_userNotUpdated0;
}
}
$text2 = makeUp('admin_panel'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
break;
case 'delsendmails1':
if (!isset($warning)) $warning = '';
if (!isset($delemail)) $delemail = '';
$text2 = makeUp('admin_sendmails1'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
break;
case 'delsendmails2':
$row = DB_query(82,0);
if ($row<0) $row=0;
if ($delemail=='') $row='ALL';
$warning = $l_completed." ($row)";
$text2 = makeUp('admin_panel'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
break;
case 'restoreData':
$row = DB_query(84,0);
if ($row>0) $warning = $l_prefsUpdated;
else $warning = $l_prefsNotUpdated;
$text2 = makeUp('admin_panel'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
break;
case 'banUsr1':
if (!isset($warning)) $warning = '';
if (!isset($banip)) $banip = '';
$text2 = makeUp('admin_banusr1'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
break;
case 'banUsr2':
if (!isset($warning)) $warning = '';
if (!isset($banip)) $banip = '';
if (preg_match("/^[1-9][0-9]?[0-9]?\.[1-9]?[0-9][0-9]?\.[1-9]?[0-9][0-9]?\.([1-9]?[0-9][0-9]?|\*)$/", $banip)) {
$row = DB_query(85,0);
if ($row) $warning = $l_IpExists; else {
$row = DB_query(86,0);
if ($row>0) $warning = $l_IpBanned; else $warning=$l_mysql_error;
}
$text2 = makeUp('admin_panel');
}
else {
$warning = $l_incorrectIp;
$text2 = makeUp('admin_banusr1');
}
eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
break;
case 'deleteban1':
if (!isset($warning)) $warning = '';
if (!isset($banipID)) $banipID = '';
$banned = DB_query(87,0);
$bannedIPs='';
if ($banned) {
do {
$bannedIPs.='<input type=checkbox name=banip['.$banned[0].']> '.$banned[1]."<br>\n";
}
while ($banned=DB_query(87,1));
$text2 = makeUp('admin_deleteban1');
}
else {
$warning = $l_noBans;
$text2 = makeUp('admin_panel');
}
eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
break;
case 'deleteban2':
$bannedIPs='';
$i=0;
if (sizeof($banip)>0) {
while (list ($key) = each ($banip)) {
$delban[$i]=$key;
$i++;
}
$row = DB_query(88, $delban);
}
else {
$row=0;
}
$warning = $l_completed.' ('.$row.')';
$text2 = makeUp('admin_panel'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
break;
case 'exportemails':
if (DB_query(92,0)) { $text2 = makeUp('admin_export_emails'); }
else { $warning = $l_accessDenied; $text2 = makeUp('admin_panel'); }
eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
break;
case 'exportemails2':
if ($row=DB_query(92,0)) {
if (isset($expEmail) and $expEmail!='') { $wh[0]='user_email'; }
if (isset($expLogin) and $expLogin!='') { $wh[1]='username'; }
$cont='';
do {
if (isset($expEmail) and $expEmail!='') {
$cont.=$row[4];
if (isset($expLogin) and $expLogin!='') {
if ($separate == 'comma') $sep=','; else $sep=chr(9);
$cont.=$sep.$row[1];
}
if ($screen==1) $cont.='<br>'; else $cont.="\n";
}
}
while ($row=DB_query(92,1));
if ($screen==1) { echo $cont; exit; }
else {
header("Content-Type: DUMP/uknown");
header("Content-Disposition: attachment; filename=".str_replace(' ', '_', $sitename)."_emails.txt");
echo $cont;
exit;
}
}
break;
default:
$warning = '';
$text2 = makeUp('admin_panel'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
} // end of switch
}
else {
if (!$warning) $warning = $l_enter_admin_login;
$text2 = makeUp('admin_login'); eval("\$text2 = \"$text2\";"); $text2=stripslashes($text2);
}
} // end of switch
echo load_header();
echo $text2;
$endtime = get_microtime();
$totaltime = sprintf ("%01.3f", ($endtime - $starttime));
$tpl = makeUp('main_footer'); eval("\$tpl = \"$tpl\";"); echo stripslashes($tpl);
?>