+++ /dev/null
---- PHP-Nuke-7.4/html/admin.php 2004-07-23 14:46:00.000000000 +0000
-+++ PHP-Nuke-7.4.new/html/admin.php 2004-11-01 20:50:15.217447320 +0000
-@@ -1,431 +1,440 @@
--<?php\r
--\r
--/************************************************************************/\r
--/* PHP-NUKE: Advanced Content Management System */\r
--/* ============================================ */\r
--/* */\r
--/* Copyright (c) 2002 by Francisco Burzi */\r
--/* http://phpnuke.org */\r
--/* */\r
--/* This program is free software. You can redistribute it and/or modify */\r
--/* it under the terms of the GNU General Public License as published by */\r
--/* the Free Software Foundation; either version 2 of the License. */\r
--/* */\r
--/************************************************************************/\r
--/* Additional security checking code 2003 by chatserv */\r
--/* http://www.nukefixes.com -- http://www.nukeresources.com */\r
--/************************************************************************/\r
--if(stristr($_SERVER["QUERY_STRING"],'AddAuthor') || stristr($_SERVER["QUERY_STRING"],'UpdateAuthor')) {\r
-- die("Illegal Operation");\r
--}\r
--$checkurl = $_SERVER['REQUEST_URI']; \r
--\r
--if ((preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) { \r
-- echo "die"; \r
-- exit; \r
--}\r
--require_once("mainfile.php");\r
--get_lang(admin);\r
--\r
--function create_first($name, $url, $email, $pwd, $user_new) {\r
-- global $prefix, $db, $user_prefix;\r
-- $first = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_authors"));\r
-- if ($first == 0) {\r
-- $pwd = md5($pwd);\r
-- $the_adm = "God";\r
-- $db->sql_query("INSERT INTO ".$prefix."_authors VALUES ('$name', '$the_adm', '$url', '$email', '$pwd', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '1', '')");\r
-- if ($user_new == 1) {\r
-- $user_regdate = date("M d, Y");\r
-- $user_avatar = "gallery/blank.gif";\r
-- $commentlimit = 4096;\r
-- if ($url == "http://") { $url = ""; }\r
-- $db->sql_query("INSERT INTO ".$user_prefix."_users (user_id, username, user_email, user_website, user_avatar, user_regdate, user_password, theme, commentmax, user_level, user_lang, user_dateformat) VALUES (NULL,'$name','$email','$url','$user_avatar','$user_regdate','$pwd','$Default_Theme','$commentlimit', '2', 'english','D M d, Y g:i a')");\r
-- }\r
-- login();\r
-- }\r
--}\r
--\r
--$the_first = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_authors"));\r
--if ($the_first == 0) {\r
-- if (!$name) {\r
-- include("header.php");\r
-- title("$sitename: "._ADMINISTRATION."");\r
-- OpenTable();\r
-- echo "<center><b>"._NOADMINYET."</b></center><br><br>"\r
-- ."<form action=\"admin.php\" method=\"post\">"\r
-- ."<table border=\"0\">"\r
-- ."<tr><td><b>"._NICKNAME.":</b></td><td><input type=\"text\" name=\"name\" size=\"30\" maxlength=\"25\"></td></tr>"\r
-- ."<tr><td><b>"._HOMEPAGE.":</b></td><td><input type=\"text\" name=\"url\" size=\"30\" maxlength=\"255\" value=\"http://\"></td></tr>"\r
-- ."<tr><td><b>"._EMAIL.":</b></td><td><input type=\"text\" name=\"email\" size=\"30\" maxlength=\"255\"></td></tr>"\r
-- ."<tr><td><b>"._PASSWORD.":</b></td><td><input type=\"password\" name=\"pwd\" size=\"11\" maxlength=\"10\"></td></tr>"\r
-- ."<tr><td colspan=\"2\">"._CREATEUSERDATA." <input type=\"radio\" name=\"user_new\" value=\"1\" checked>"._YES." <input type=\"radio\" name=\"user_new\" value=\"0\">"._NO."</td></tr>"\r
-- ."<tr><td><input type=\"hidden\" name=\"fop\" value=\"create_first\">"\r
-- ."<input type=\"submit\" value=\""._SUBMIT."\">"\r
-- ."</td></tr></table></form>";\r
-- CloseTable();\r
-- include("footer.php");\r
-- }\r
-- switch($fop) {\r
-- case "create_first":\r
-- create_first($name, $url, $email, $pwd, $user_new);\r
-- break;\r
-- }\r
-- die();\r
--}\r
--\r
--require("auth.php");\r
--\r
--if(!isset($op)) { $op = "adminMain"; }\r
--$pagetitle = "- "._ADMINMENU."";\r
--\r
--/*********************************************************/\r
--/* Login Function */\r
--/*********************************************************/\r
--\r
--function login() {\r
-- global $gfx_chk;\r
-- include ("header.php");\r
-- mt_srand ((double)microtime()*1000000);\r
-- $maxran = 1000000;\r
-- $random_num = mt_rand(0, $maxran);\r
-- OpenTable();\r
-- echo "<center><font class=\"title\"><b>"._ADMINLOGIN."</b></font></center>";\r
-- CloseTable();\r
-- echo "<br>";\r
-- OpenTable();\r
-- echo "<form action=\"admin.php\" method=\"post\">"\r
-- ."<table border=\"0\">"\r
-- ."<tr><td>"._ADMINID."</td>"\r
-- ."<td><input type=\"text\" NAME=\"aid\" SIZE=\"20\" MAXLENGTH=\"25\"></td></tr>"\r
-- ."<tr><td>"._PASSWORD."</td>"\r
-- ."<td><input type=\"password\" NAME=\"pwd\" SIZE=\"20\" MAXLENGTH=\"18\"></td></tr>";\r
-- if (extension_loaded("gd") AND ($gfx_chk == 1 OR $gfx_chk == 5 OR $gfx_chk == 6 OR $gfx_chk == 7)) {\r
-- echo "<tr><td colspan='2'>"._SECURITYCODE.": <img src='admin.php?op=gfx&random_num=$random_num' border='1' alt='"._SECURITYCODE."' title='"._SECURITYCODE."'></td></tr>"\r
-- ."<tr><td colspan='2'>"._TYPESECCODE.": <input type=\"text\" NAME=\"gfx_check\" SIZE=\"7\" MAXLENGTH=\"6\"></td></tr>";\r
-- }\r
-- echo "<tr><td>"\r
-- ."<input type=\"hidden\" NAME=\"random_num\" value=\"$random_num\">"\r
-- ."<input type=\"hidden\" NAME=\"op\" value=\"login\">"\r
-- ."<input type=\"submit\" VALUE=\""._LOGIN."\">"\r
-- ."</td></tr></table>"\r
-- ."</form>";\r
-- CloseTable();\r
-- include ("footer.php");\r
--}\r
--\r
--function gfx($random_num) {\r
-- global $prefix, $db;\r
-- require("config.php");\r
-- $datekey = date("F j");\r
-- $rcode = hexdec(md5($_SERVER[HTTP_USER_AGENT] . $sitekey . $random_num . $datekey));\r
-- $code = substr($rcode, 2, 6);\r
-- $image = ImageCreateFromJPEG("images/admin/code_bg.jpg");\r
-- $text_color = ImageColorAllocate($image, 80, 80, 80);\r
-- Header("Content-type: image/jpeg");\r
-- ImageString ($image, 5, 12, 2, $code, $text_color);\r
-- ImageJPEG($image, '', 75);\r
-- ImageDestroy($image);\r
-- die();\r
--}\r
--\r
--function deleteNotice($id) { \r
-- global $prefix, $db; \r
-- $id = intval($id); \r
-- $db->sql_query("DELETE FROM ".$prefix."_reviews_add WHERE id = '$id'"); \r
-- Header("Location: admin.php?op=reviews"); \r
--}\r
--\r
--/*********************************************************/\r
--/* Administration Menu Function */\r
--/*********************************************************/\r
--\r
--function adminmenu($url, $title, $image) {\r
-- global $counter, $admingraphic, $Default_Theme;\r
-- $ThemeSel = get_theme();\r
-- if (file_exists("themes/$ThemeSel/images/admin/$image")) {\r
-- $image = "themes/$ThemeSel/images/admin/$image";\r
-- } else {\r
-- $image = "images/admin/$image";\r
-- }\r
-- if ($admingraphic == 1) {\r
-- $img = "<img src=\"$image\" border=\"0\" alt=\"$title\" title=\"$title\"></a><br>";\r
-- $close = "";\r
-- } else {\r
-- $img = "";\r
-- $close = "</a>";\r
-- }\r
-- echo "<td align=\"center\" valign=\"top\" width=\"16%\"><font class=\"content\"><a href=\"$url\">$img<b>$title</b>$close<br><br></font></td>";\r
-- if ($counter == 5) {\r
-- echo "</tr><tr>";\r
-- $counter = 0;\r
-- } else {\r
-- $counter++;\r
-- }\r
--}\r
--\r
--function GraphicAdmin() {\r
-- global $aid, $admingraphic, $language, $admin, $prefix, $db;\r
-- $newsubs = $db->sql_numrows($db->sql_query("SELECT qid FROM ".$prefix."_queue"));\r
-- $row = $db->sql_fetchrow($db->sql_query("SELECT radminarticle,radmintopic,radminuser,radminsurvey,radminlink,radminfaq,radmindownload,radminreviews,radminnewsletter,radminforum,radmincontent,radminency,radminsuper FROM ".$prefix."_authors WHERE aid='$aid'"));\r
-- $radminarticle = intval($row['radminarticle']);\r
-- $radmintopic = intval($row['radmintopic']);\r
-- $radminuser = intval($row['radminuser']);\r
-- $radminsurvey = intval($row['radminsurvey']);\r
-- $radminlink = intval($row['radminlink']);\r
-- $radminfaq = intval($row['radminfaq']);\r
-- $radmindownload = intval($row['radmindownload']);\r
-- $radminreviews = intval($row['radminreviews']);\r
-- $radminnewsletter = intval($row['radminnewsletter']);\r
-- $radminforum = intval($row['radminforum']);\r
-- $radmincontent = intval($row['radmincontent']);\r
-- $radminency = intval($row['radminency']);\r
-- $radminsuper = intval($row['radminsuper']);\r
-- OpenTable();\r
-- echo "<center><a href=\"admin.php\"><font class='title'>"._ADMINMENU."</font></a>";\r
-- echo "<br><br>";\r
-- echo"<table border=\"0\" width=\"100%\" cellspacing=\"1\"><tr>";\r
-- $linksdir = dir("admin/links");\r
-- while($func=$linksdir->read()) {\r
-- if(substr($func, 0, 6) == "links.") {\r
-- $menulist .= "$func ";\r
-- }\r
-- }\r
-- closedir($linksdir->handle);\r
-- $menulist = explode(" ", $menulist);\r
-- sort($menulist);\r
-- for ($i=0; $i < sizeof($menulist); $i++) {\r
-- if($menulist[$i]!="") {\r
-- $counter = 0;\r
-- include($linksdir->path."/$menulist[$i]");\r
-- }\r
-- }\r
-- adminmenu("admin.php?op=logout", ""._ADMINLOGOUT."", "logout.gif");\r
-- echo"</tr></table></center>";\r
-- CloseTable();\r
-- echo "<br>";\r
--}\r
--\r
--/*********************************************************/\r
--/* Administration Main Function */\r
--/*********************************************************/\r
--\r
--function adminMain() {\r
-- global $language, $admin, $aid, $prefix, $file, $db, $sitename, $user_prefix;\r
-- include ("header.php");\r
-- $dummy = 0;\r
-- $Today = getdate();\r
-- $month = $Today['month'];\r
-- $mday = $Today['mday'];\r
-- $year = $Today['year'];\r
-- $pmonth = $Today['month'];\r
-- $pmday = $Today['mday'];\r
-- $pmday = $mday-1;\r
-- $pyear = $Today['year'];\r
-- if ($pmonth=="January") { $pmonth=1; } else\r
-- if ($pmonth=="February") { $pmonth=2; } else\r
-- if ($pmonth=="March") { $pmonth=3; } else\r
-- if ($pmonth=="April") { $pmonth=4; } else\r
-- if ($pmonth=="May") { $pmonth=5; } else\r
-- if ($pmonth=="June") { $pmonth=6; } else\r
-- if ($pmonth=="July") { $pmonth=7; } else\r
-- if ($pmonth=="August") { $pmonth=8; } else\r
-- if ($pmonth=="September") { $pmonth=9; } else\r
-- if ($pmonth=="October") { $pmonth=10; } else\r
-- if ($pmonth=="November") { $pmonth=11; } else\r
-- if ($pmonth=="December") { $pmonth=12; };\r
-- $test = mktime (0,0,0,$pmonth,$pmday,$pyear,1);\r
-- $curDate2 = "%".$month[0].$month[1].$month[2]."%".$mday."%".$year."%";\r
-- $preday = strftime ("%d",$test);\r
-- $premonth = strftime ("%B",$test);\r
-- $preyear = strftime ("%Y",$test);\r
-- $curDateP = "%".$premonth[0].$premonth[1].$premonth[2]."%".$preday."%".$preyear."%";\r
-- GraphicAdmin();\r
-- $aid = substr("$aid", 0,25);\r
-- $row = $db->sql_fetchrow($db->sql_query("SELECT radminarticle, radminsuper, admlanguage FROM ".$prefix."_authors WHERE aid='$aid'"));\r
-- $radminarticle = intval($row['radminarticle']);\r
-- $radminsuper = intval($row['radminsuper']);\r
-- $admlanguage = $row['admlanguage'];\r
-- if ($admlanguage != "" ) {\r
-- $queryalang = "WHERE alanguage='$admlanguage' ";\r
-- } else {\r
-- $queryalang = "";\r
-- }\r
-- $row2 = $db->sql_fetchrow($db->sql_query("SELECT main_module from ".$prefix."_main"));\r
-- $main_module = $row2['main_module'];\r
-- OpenTable();\r
-- echo "<center><b>$sitename: "._DEFHOMEMODULE."</b><br><br>"\r
-- .""._MODULEINHOME." <b>$main_module</b><br>[ <a href=\"admin.php?op=modules\">"._CHANGE."</a> ]</center>";\r
-- CloseTable();\r
-- echo "<br>";\r
-- OpenTable();\r
-- $guest_online_num = $db->sql_numrows($db->sql_query("SELECT uname FROM ".$prefix."_session WHERE guest='1'"));\r
-- $member_online_num = $db->sql_numrows($db->sql_query("SELECT uname FROM ".$prefix."_session WHERE guest='0'"));\r
-- $who_online_num = $guest_online_num + $member_online_num;\r
-- $who_online = "<center><font class=\"option\">"._WHOSONLINE."</font><br><br><font class=\"content\">"._CURRENTLY." $guest_online_num "._GUESTS." $member_online_num "._MEMBERS."<br>";\r
-- $row3 = $db->sql_fetchrow($db->sql_query("SELECT COUNT(user_id) AS userCount from $user_prefix"._users." WHERE user_regdate LIKE '$curDate2'"));\r
-- $userCount = $row3['userCount'];\r
-- $row4 = $db->sql_fetchrow($db->sql_query("SELECT COUNT(user_id) AS userCount FROM $user_prefix"._users." WHERE user_regdate LIKE '$curDateP'"));\r
-- $userCount2 = $row4['userCount'];\r
-- echo "<center>$who_online<br>"\r
-- .""._BTD.": <b>$userCount</b> - "._BYD.": <b>$userCount2</b></center>";\r
-- CloseTable();\r
-- echo "<br>";\r
-- OpenTable();\r
-- echo "<center><b>"._AUTOMATEDARTICLES."</b></center><br>";\r
-- $count = 0;\r
-- $result5 = $db->sql_query("SELECT anid, aid, title, time, alanguage FROM ".$prefix."_autonews $queryalang ORDER BY time ASC");\r
-- while ($row5 = $db->sql_fetchrow($result5)) {\r
-- $anid = intval($row5['anid']);\r
-- $aid = $row5['aid'];\r
-- $said = substr("$aid", 0,25);\r
-- $title = $row5['title'];\r
-- $time = $row5['time'];\r
-- $alanguage = $row5['alanguage'];\r
-- if ($alanguage == "") {\r
-- $alanguage = ""._ALL."";\r
-- }\r
-- if ($anid != "") {\r
-- if ($count == 0) {\r
-- echo "<table border=\"1\" width=\"100%\">";\r
-- $count = 1;\r
-- }\r
-- $time = ereg_replace(" ", "@", $time);\r
-- if (($radminarticle==1) OR ($radminsuper==1)) {\r
-- if (($radminarticle==1) AND ($aid == $said) OR ($radminsuper==1)) {\r
-- echo "<tr><td nowrap> (<a href=\"admin.php?op=autoEdit&anid=$anid\">"._EDIT."</a>-<a href=\"admin.php?op=autoDelete&anid=$anid\">"._DELETE."</a>) </td><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */\r
-- } else {\r
-- echo "<tr><td> ("._NOFUNCTIONS.") </td><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */\r
-- }\r
-- } else {\r
-- echo "<tr><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */\r
-- }\r
-- }\r
-- }\r
-- if (($anid == "") AND ($count == 0)) {\r
-- echo "<center><i>"._NOAUTOARTICLES."</i></center>";\r
-- }\r
-- if ($count == 1) {\r
-- echo "</table>";\r
-- }\r
-- CloseTable();\r
-- echo "<br>";\r
-- OpenTable();\r
-- echo "<center><b>"._LAST." 20 "._ARTICLES."</b></center><br>";\r
-- $result6 = $db->sql_query("SELECT sid, aid, title, time, topic, informant, alanguage FROM ".$prefix."_stories $queryalang ORDER BY time DESC LIMIT 0,20");\r
-- echo "<center><table border=\"1\" width=\"100%\" bgcolor=\"$bgcolor1\">";\r
-- while ($row6 = $db->sql_fetchrow($result6)) {\r
-- $sid = intval($row6['sid']);\r
-- $aid = $row6['aid'];\r
-- $said = substr("$aid", 0,25);\r
-- $title = $row6['title'];\r
-- $time = $row6['time'];\r
-- $topic = $row6['topic'];\r
-- $informant = $row6['informant'];\r
-- $alanguage = $row6['alanguage'];\r
-- $row7 = $db->sql_fetchrow($db->sql_query("SELECT topicname FROM ".$prefix."_topics WHERE topicid='$topic'"));\r
-- $topicname = $row7['topicname'];\r
-- if ($alanguage == "") {\r
-- $alanguage = ""._ALL."";\r
-- }\r
-- formatTimestamp($time);\r
-- echo "<tr><td align=\"right\"><b>$sid</b>"\r
-- ."</td><td align=\"left\" width=\"100%\"><a href=\"modules.php?name=News&file=article&sid=$sid\">$title</a>"\r
-- ."</td><td align=\"center\">$alanguage"\r
-- ."</td><td align=\"right\">$topicname";\r
-- if (($radminarticle==1) OR ($radminsuper==1)) {\r
-- if (($radminarticle==1) AND ($aid == $said) OR ($radminsuper==1)) {\r
-- echo "</td><td align=\"right\" nowrap>(<a href=\"admin.php?op=EditStory&sid=$sid\">"._EDIT."</a>-<a href=\"admin.php?op=RemoveStory&sid=$sid\">"._DELETE."</a>)"\r
-- ."</td></tr>";\r
-- } else {\r
-- echo "</td><td align=\"right\" nowrap><font class=\"content\"><i>("._NOFUNCTIONS.")</i></font>"\r
-- ."</td></tr>";\r
-- }\r
-- } else {\r
-- echo "</td></tr>";\r
-- }\r
-- }\r
-- echo "</table>";\r
-- if (($radminarticle==1) OR ($radminsuper==1)) {\r
-- echo "<center>"\r
-- ."<form action=\"admin.php\" method=\"post\">"\r
-- .""._STORYID.": <input type=\"text\" NAME=\"sid\" SIZE=\"10\">"\r
-- ."<select name=\"op\">"\r
-- ."<option value=\"EditStory\" SELECTED>"._EDIT."</option>"\r
-- ."<option value=\"RemoveStory\">"._DELETE."</option>"\r
-- ."</select>"\r
-- ."<input type=\"submit\" value=\""._GO."\">"\r
-- ."</form></center>";\r
-- }\r
-- CloseTable();\r
-- $row8 = $db->sql_fetchrow($db->sql_query("SELECT pollID, pollTitle FROM ".$prefix."_poll_desc WHERE artid='0' ORDER BY pollID DESC LIMIT 1"));\r
-- $pollID = intval($row8['pollID']);\r
-- $pollTitle = $row8['pollTitle'];\r
-- echo "<br>";\r
-- OpenTable();\r
-- echo "<center><b>"._CURRENTPOLL.":</b> $pollTitle [ <a href=\"admin.php?op=polledit&pollID=$pollID\">"._EDIT."</a> | <a href=\"admin.php?op=create\">"._ADD."</a> ]</center>";\r
-- CloseTable();\r
-- include ("footer.php");\r
--}\r
--\r
--if($admintest) {\r
--\r
-- switch($op) {\r
--\r
-- case "do_gfx":\r
-- do_gfx();\r
-- break;\r
--\r
-- case "deleteNotice":\r
-- deleteNotice($id);\r
-- break;\r
--\r
-- case "GraphicAdmin":\r
-- GraphicAdmin();\r
-- break;\r
--\r
-- case "adminMain":\r
-- adminMain();\r
-- break;\r
--\r
-- case "logout":\r
-- setcookie("admin");\r
-- $admin = "";\r
-- include("header.php");\r
-- OpenTable();\r
-- echo "<center><font class=\"title\"><b>"._YOUARELOGGEDOUT."</b></font></center>";\r
-- CloseTable();\r
-- include("footer.php");\r
-- break;\r
--\r
-- case "login";\r
-- unset($op);\r
--\r
-- default:\r
-- $casedir = dir("admin/case");\r
-- while($func=$casedir->read()) {\r
-- if(substr($func, 0, 5) == "case.") {\r
-- include($casedir->path."/$func");\r
-- }\r
-- }\r
-- closedir($casedir->handle);\r
-- break;\r
--\r
-- }\r
--\r
--} else {\r
--\r
-- switch($op) {\r
--\r
-- case "gfx":\r
-- gfx($random_num);\r
-- break;\r
-- \r
-- default:\r
-- login();\r
-- break;\r
--\r
-- }\r
--\r
--}\r
--\r
--?>
-\ No newline at end of file
-+<?php
-+
-+/************************************************************************/
-+/* PHP-NUKE: Advanced Content Management System */
-+/* ============================================ */
-+/* */
-+/* Copyright (c) 2002 by Francisco Burzi */
-+/* http://phpnuke.org */
-+/* */
-+/* This program is free software. You can redistribute it and/or modify */
-+/* it under the terms of the GNU General Public License as published by */
-+/* the Free Software Foundation; either version 2 of the License. */
-+/* */
-+/************************************************************************/
-+/* Additional security checking code 2003 by chatserv */
-+/* http://www.nukefixes.com -- http://www.nukeresources.com */
-+/************************************************************************/
-+
-+if ( !empty($HTTP_GET_VARS['op']) ) {
-+$op = $HTTP_GET_VARS['op'];
-+}
-+
-+if ( !empty($HTTP_POST_VARS['op']) ) {
-+$op = $HTTP_POST_VARS['op'];
-+}
-+
-+if(stristr($_SERVER["QUERY_STRING"],'AddAuthor') || stristr($_SERVER["QUERY_STRING"],'UpdateAuthor')) {
-+ die("Illegal Operation");
-+}
-+$checkurl = $_SERVER['REQUEST_URI'];
-+
-+if ((preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
-+ echo "die";
-+ exit;
-+}
-+require_once("mainfile.php");
-+get_lang(admin);
-+
-+function create_first($name, $url, $email, $pwd, $user_new) {
-+ global $prefix, $db, $user_prefix;
-+ $first = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_authors"));
-+ if ($first == 0) {
-+ $pwd = md5($pwd);
-+ $the_adm = "God";
-+ $db->sql_query("INSERT INTO ".$prefix."_authors VALUES ('$name', '$the_adm', '$url', '$email', '$pwd', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '1', '')");
-+ if ($user_new == 1) {
-+ $user_regdate = date("M d, Y");
-+ $user_avatar = "gallery/blank.gif";
-+ $commentlimit = 4096;
-+ if ($url == "http://") { $url = ""; }
-+ $db->sql_query("INSERT INTO ".$user_prefix."_users (user_id, username, user_email, user_website, user_avatar, user_regdate, user_password, theme, commentmax, user_level, user_lang, user_dateformat) VALUES (NULL,'$name','$email','$url','$user_avatar','$user_regdate','$pwd','$Default_Theme','$commentlimit', '2', 'english','D M d, Y g:i a')");
-+ }
-+ login();
-+ }
-+}
-+
-+$the_first = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_authors"));
-+if ($the_first == 0) {
-+ if (!$name) {
-+ include("header.php");
-+ title("$sitename: "._ADMINISTRATION."");
-+ OpenTable();
-+ echo "<center><b>"._NOADMINYET."</b></center><br><br>"
-+ ."<form action=\"admin.php\" method=\"post\">"
-+ ."<table border=\"0\">"
-+ ."<tr><td><b>"._NICKNAME.":</b></td><td><input type=\"text\" name=\"name\" size=\"30\" maxlength=\"25\"></td></tr>"
-+ ."<tr><td><b>"._HOMEPAGE.":</b></td><td><input type=\"text\" name=\"url\" size=\"30\" maxlength=\"255\" value=\"http://\"></td></tr>"
-+ ."<tr><td><b>"._EMAIL.":</b></td><td><input type=\"text\" name=\"email\" size=\"30\" maxlength=\"255\"></td></tr>"
-+ ."<tr><td><b>"._PASSWORD.":</b></td><td><input type=\"password\" name=\"pwd\" size=\"11\" maxlength=\"10\"></td></tr>"
-+ ."<tr><td colspan=\"2\">"._CREATEUSERDATA." <input type=\"radio\" name=\"user_new\" value=\"1\" checked>"._YES." <input type=\"radio\" name=\"user_new\" value=\"0\">"._NO."</td></tr>"
-+ ."<tr><td><input type=\"hidden\" name=\"fop\" value=\"create_first\">"
-+ ."<input type=\"submit\" value=\""._SUBMIT."\">"
-+ ."</td></tr></table></form>";
-+ CloseTable();
-+ include("footer.php");
-+ }
-+ switch($fop) {
-+ case "create_first":
-+ create_first($name, $url, $email, $pwd, $user_new);
-+ break;
-+ }
-+ die();
-+}
-+
-+require("auth.php");
-+
-+if(!isset($op)) { $op = "adminMain"; }
-+$pagetitle = "- "._ADMINMENU."";
-+
-+/*********************************************************/
-+/* Login Function */
-+/*********************************************************/
-+
-+function login() {
-+ global $gfx_chk;
-+ include ("header.php");
-+ mt_srand ((double)microtime()*1000000);
-+ $maxran = 1000000;
-+ $random_num = mt_rand(0, $maxran);
-+ OpenTable();
-+ echo "<center><font class=\"title\"><b>"._ADMINLOGIN."</b></font></center>";
-+ CloseTable();
-+ echo "<br>";
-+ OpenTable();
-+ echo "<form action=\"admin.php\" method=\"post\">"
-+ ."<table border=\"0\">"
-+ ."<tr><td>"._ADMINID."</td>"
-+ ."<td><input type=\"text\" NAME=\"aid\" SIZE=\"20\" MAXLENGTH=\"25\"></td></tr>"
-+ ."<tr><td>"._PASSWORD."</td>"
-+ ."<td><input type=\"password\" NAME=\"pwd\" SIZE=\"20\" MAXLENGTH=\"18\"></td></tr>";
-+ if (extension_loaded("gd") AND ($gfx_chk == 1 OR $gfx_chk == 5 OR $gfx_chk == 6 OR $gfx_chk == 7)) {
-+ echo "<tr><td colspan='2'>"._SECURITYCODE.": <img src='admin.php?op=gfx&random_num=$random_num' border='1' alt='"._SECURITYCODE."' title='"._SECURITYCODE."'></td></tr>"
-+ ."<tr><td colspan='2'>"._TYPESECCODE.": <input type=\"text\" NAME=\"gfx_check\" SIZE=\"7\" MAXLENGTH=\"6\"></td></tr>";
-+ }
-+ echo "<tr><td>"
-+ ."<input type=\"hidden\" NAME=\"random_num\" value=\"$random_num\">"
-+ ."<input type=\"hidden\" NAME=\"op\" value=\"login\">"
-+ ."<input type=\"submit\" VALUE=\""._LOGIN."\">"
-+ ."</td></tr></table>"
-+ ."</form>";
-+ CloseTable();
-+ include ("footer.php");
-+}
-+
-+function gfx($random_num) {
-+ global $prefix, $db;
-+ require("config.php");
-+ $datekey = date("F j");
-+ $rcode = hexdec(md5($_SERVER[HTTP_USER_AGENT] . $sitekey . $random_num . $datekey));
-+ $code = substr($rcode, 2, 6);
-+ $image = ImageCreateFromJPEG("images/admin/code_bg.jpg");
-+ $text_color = ImageColorAllocate($image, 80, 80, 80);
-+ Header("Content-type: image/jpeg");
-+ ImageString ($image, 5, 12, 2, $code, $text_color);
-+ ImageJPEG($image, '', 75);
-+ ImageDestroy($image);
-+ die();
-+}
-+
-+function deleteNotice($id) {
-+ global $prefix, $db;
-+ $id = intval($id);
-+ $db->sql_query("DELETE FROM ".$prefix."_reviews_add WHERE id = '$id'");
-+ Header("Location: admin.php?op=reviews");
-+}
-+
-+/*********************************************************/
-+/* Administration Menu Function */
-+/*********************************************************/
-+
-+function adminmenu($url, $title, $image) {
-+ global $counter, $admingraphic, $Default_Theme;
-+ $ThemeSel = get_theme();
-+ if (file_exists("themes/$ThemeSel/images/admin/$image")) {
-+ $image = "themes/$ThemeSel/images/admin/$image";
-+ } else {
-+ $image = "images/admin/$image";
-+ }
-+ if ($admingraphic == 1) {
-+ $img = "<img src=\"$image\" border=\"0\" alt=\"$title\" title=\"$title\"></a><br>";
-+ $close = "";
-+ } else {
-+ $img = "";
-+ $close = "</a>";
-+ }
-+ echo "<td align=\"center\" valign=\"top\" width=\"16%\"><font class=\"content\"><a href=\"$url\">$img<b>$title</b>$close<br><br></font></td>";
-+ if ($counter == 5) {
-+ echo "</tr><tr>";
-+ $counter = 0;
-+ } else {
-+ $counter++;
-+ }
-+}
-+
-+function GraphicAdmin() {
-+ global $aid, $admingraphic, $language, $admin, $prefix, $db;
-+ $newsubs = $db->sql_numrows($db->sql_query("SELECT qid FROM ".$prefix."_queue"));
-+ $row = $db->sql_fetchrow($db->sql_query("SELECT radminarticle,radmintopic,radminuser,radminsurvey,radminlink,radminfaq,radmindownload,radminreviews,radminnewsletter,radminforum,radmincontent,radminency,radminsuper FROM ".$prefix."_authors WHERE aid='$aid'"));
-+ $radminarticle = intval($row['radminarticle']);
-+ $radmintopic = intval($row['radmintopic']);
-+ $radminuser = intval($row['radminuser']);
-+ $radminsurvey = intval($row['radminsurvey']);
-+ $radminlink = intval($row['radminlink']);
-+ $radminfaq = intval($row['radminfaq']);
-+ $radmindownload = intval($row['radmindownload']);
-+ $radminreviews = intval($row['radminreviews']);
-+ $radminnewsletter = intval($row['radminnewsletter']);
-+ $radminforum = intval($row['radminforum']);
-+ $radmincontent = intval($row['radmincontent']);
-+ $radminency = intval($row['radminency']);
-+ $radminsuper = intval($row['radminsuper']);
-+ OpenTable();
-+ echo "<center><a href=\"admin.php\"><font class='title'>"._ADMINMENU."</font></a>";
-+ echo "<br><br>";
-+ echo"<table border=\"0\" width=\"100%\" cellspacing=\"1\"><tr>";
-+ $linksdir = dir("admin/links");
-+ while($func=$linksdir->read()) {
-+ if(substr($func, 0, 6) == "links.") {
-+ $menulist .= "$func ";
-+ }
-+ }
-+ closedir($linksdir->handle);
-+ $menulist = explode(" ", $menulist);
-+ sort($menulist);
-+ for ($i=0; $i < sizeof($menulist); $i++) {
-+ if($menulist[$i]!="") {
-+ $counter = 0;
-+ include($linksdir->path."/$menulist[$i]");
-+ }
-+ }
-+ adminmenu("admin.php?op=logout", ""._ADMINLOGOUT."", "logout.gif");
-+ echo"</tr></table></center>";
-+ CloseTable();
-+ echo "<br>";
-+}
-+
-+/*********************************************************/
-+/* Administration Main Function */
-+/*********************************************************/
-+
-+function adminMain() {
-+ global $language, $admin, $aid, $prefix, $file, $db, $sitename, $user_prefix;
-+ include ("header.php");
-+ $dummy = 0;
-+ $Today = getdate();
-+ $month = $Today['month'];
-+ $mday = $Today['mday'];
-+ $year = $Today['year'];
-+ $pmonth = $Today['month'];
-+ $pmday = $Today['mday'];
-+ $pmday = $mday-1;
-+ $pyear = $Today['year'];
-+ if ($pmonth=="January") { $pmonth=1; } else
-+ if ($pmonth=="February") { $pmonth=2; } else
-+ if ($pmonth=="March") { $pmonth=3; } else
-+ if ($pmonth=="April") { $pmonth=4; } else
-+ if ($pmonth=="May") { $pmonth=5; } else
-+ if ($pmonth=="June") { $pmonth=6; } else
-+ if ($pmonth=="July") { $pmonth=7; } else
-+ if ($pmonth=="August") { $pmonth=8; } else
-+ if ($pmonth=="September") { $pmonth=9; } else
-+ if ($pmonth=="October") { $pmonth=10; } else
-+ if ($pmonth=="November") { $pmonth=11; } else
-+ if ($pmonth=="December") { $pmonth=12; };
-+ $test = mktime (0,0,0,$pmonth,$pmday,$pyear,1);
-+ $curDate2 = "%".$month[0].$month[1].$month[2]."%".$mday."%".$year."%";
-+ $preday = strftime ("%d",$test);
-+ $premonth = strftime ("%B",$test);
-+ $preyear = strftime ("%Y",$test);
-+ $curDateP = "%".$premonth[0].$premonth[1].$premonth[2]."%".$preday."%".$preyear."%";
-+ GraphicAdmin();
-+ $aid = substr("$aid", 0,25);
-+ $row = $db->sql_fetchrow($db->sql_query("SELECT radminarticle, radminsuper, admlanguage FROM ".$prefix."_authors WHERE aid='$aid'"));
-+ $radminarticle = intval($row['radminarticle']);
-+ $radminsuper = intval($row['radminsuper']);
-+ $admlanguage = $row['admlanguage'];
-+ if ($admlanguage != "" ) {
-+ $queryalang = "WHERE alanguage='$admlanguage' ";
-+ } else {
-+ $queryalang = "";
-+ }
-+ $row2 = $db->sql_fetchrow($db->sql_query("SELECT main_module from ".$prefix."_main"));
-+ $main_module = $row2['main_module'];
-+ OpenTable();
-+ echo "<center><b>$sitename: "._DEFHOMEMODULE."</b><br><br>"
-+ .""._MODULEINHOME." <b>$main_module</b><br>[ <a href=\"admin.php?op=modules\">"._CHANGE."</a> ]</center>";
-+ CloseTable();
-+ echo "<br>";
-+ OpenTable();
-+ $guest_online_num = $db->sql_numrows($db->sql_query("SELECT uname FROM ".$prefix."_session WHERE guest='1'"));
-+ $member_online_num = $db->sql_numrows($db->sql_query("SELECT uname FROM ".$prefix."_session WHERE guest='0'"));
-+ $who_online_num = $guest_online_num + $member_online_num;
-+ $who_online = "<center><font class=\"option\">"._WHOSONLINE."</font><br><br><font class=\"content\">"._CURRENTLY." $guest_online_num "._GUESTS." $member_online_num "._MEMBERS."<br>";
-+ $row3 = $db->sql_fetchrow($db->sql_query("SELECT COUNT(user_id) AS userCount from $user_prefix"._users." WHERE user_regdate LIKE '$curDate2'"));
-+ $userCount = $row3['userCount'];
-+ $row4 = $db->sql_fetchrow($db->sql_query("SELECT COUNT(user_id) AS userCount FROM $user_prefix"._users." WHERE user_regdate LIKE '$curDateP'"));
-+ $userCount2 = $row4['userCount'];
-+ echo "<center>$who_online<br>"
-+ .""._BTD.": <b>$userCount</b> - "._BYD.": <b>$userCount2</b></center>";
-+ CloseTable();
-+ echo "<br>";
-+ OpenTable();
-+ echo "<center><b>"._AUTOMATEDARTICLES."</b></center><br>";
-+ $count = 0;
-+ $result5 = $db->sql_query("SELECT anid, aid, title, time, alanguage FROM ".$prefix."_autonews $queryalang ORDER BY time ASC");
-+ while ($row5 = $db->sql_fetchrow($result5)) {
-+ $anid = intval($row5['anid']);
-+ $aid = $row5['aid'];
-+ $said = substr("$aid", 0,25);
-+ $title = $row5['title'];
-+ $time = $row5['time'];
-+ $alanguage = $row5['alanguage'];
-+ if ($alanguage == "") {
-+ $alanguage = ""._ALL."";
-+ }
-+ if ($anid != "") {
-+ if ($count == 0) {
-+ echo "<table border=\"1\" width=\"100%\">";
-+ $count = 1;
-+ }
-+ $time = ereg_replace(" ", "@", $time);
-+ if (($radminarticle==1) OR ($radminsuper==1)) {
-+ if (($radminarticle==1) AND ($aid == $said) OR ($radminsuper==1)) {
-+ echo "<tr><td nowrap> (<a href=\"admin.php?op=autoEdit&anid=$anid\">"._EDIT."</a>-<a href=\"admin.php?op=autoDelete&anid=$anid\">"._DELETE."</a>) </td><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */
-+ } else {
-+ echo "<tr><td> ("._NOFUNCTIONS.") </td><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */
-+ }
-+ } else {
-+ echo "<tr><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */
-+ }
-+ }
-+ }
-+ if (($anid == "") AND ($count == 0)) {
-+ echo "<center><i>"._NOAUTOARTICLES."</i></center>";
-+ }
-+ if ($count == 1) {
-+ echo "</table>";
-+ }
-+ CloseTable();
-+ echo "<br>";
-+ OpenTable();
-+ echo "<center><b>"._LAST." 20 "._ARTICLES."</b></center><br>";
-+ $result6 = $db->sql_query("SELECT sid, aid, title, time, topic, informant, alanguage FROM ".$prefix."_stories $queryalang ORDER BY time DESC LIMIT 0,20");
-+ echo "<center><table border=\"1\" width=\"100%\" bgcolor=\"$bgcolor1\">";
-+ while ($row6 = $db->sql_fetchrow($result6)) {
-+ $sid = intval($row6['sid']);
-+ $aid = $row6['aid'];
-+ $said = substr("$aid", 0,25);
-+ $title = $row6['title'];
-+ $time = $row6['time'];
-+ $topic = $row6['topic'];
-+ $informant = $row6['informant'];
-+ $alanguage = $row6['alanguage'];
-+ $row7 = $db->sql_fetchrow($db->sql_query("SELECT topicname FROM ".$prefix."_topics WHERE topicid='$topic'"));
-+ $topicname = $row7['topicname'];
-+ if ($alanguage == "") {
-+ $alanguage = ""._ALL."";
-+ }
-+ formatTimestamp($time);
-+ echo "<tr><td align=\"right\"><b>$sid</b>"
-+ ."</td><td align=\"left\" width=\"100%\"><a href=\"modules.php?name=News&file=article&sid=$sid\">$title</a>"
-+ ."</td><td align=\"center\">$alanguage"
-+ ."</td><td align=\"right\">$topicname";
-+ if (($radminarticle==1) OR ($radminsuper==1)) {
-+ if (($radminarticle==1) AND ($aid == $said) OR ($radminsuper==1)) {
-+ echo "</td><td align=\"right\" nowrap>(<a href=\"admin.php?op=EditStory&sid=$sid\">"._EDIT."</a>-<a href=\"admin.php?op=RemoveStory&sid=$sid\">"._DELETE."</a>)"
-+ ."</td></tr>";
-+ } else {
-+ echo "</td><td align=\"right\" nowrap><font class=\"content\"><i>("._NOFUNCTIONS.")</i></font>"
-+ ."</td></tr>";
-+ }
-+ } else {
-+ echo "</td></tr>";
-+ }
-+ }
-+ echo "</table>";
-+ if (($radminarticle==1) OR ($radminsuper==1)) {
-+ echo "<center>"
-+ ."<form action=\"admin.php\" method=\"post\">"
-+ .""._STORYID.": <input type=\"text\" NAME=\"sid\" SIZE=\"10\">"
-+ ."<select name=\"op\">"
-+ ."<option value=\"EditStory\" SELECTED>"._EDIT."</option>"
-+ ."<option value=\"RemoveStory\">"._DELETE."</option>"
-+ ."</select>"
-+ ."<input type=\"submit\" value=\""._GO."\">"
-+ ."</form></center>";
-+ }
-+ CloseTable();
-+ $row8 = $db->sql_fetchrow($db->sql_query("SELECT pollID, pollTitle FROM ".$prefix."_poll_desc WHERE artid='0' ORDER BY pollID DESC LIMIT 1"));
-+ $pollID = intval($row8['pollID']);
-+ $pollTitle = $row8['pollTitle'];
-+ echo "<br>";
-+ OpenTable();
-+ echo "<center><b>"._CURRENTPOLL.":</b> $pollTitle [ <a href=\"admin.php?op=polledit&pollID=$pollID\">"._EDIT."</a> | <a href=\"admin.php?op=create\">"._ADD."</a> ]</center>";
-+ CloseTable();
-+ include ("footer.php");
-+}
-+
-+if($admintest) {
-+
-+ switch($op) {
-+
-+ case "do_gfx":
-+ do_gfx();
-+ break;
-+
-+ case "deleteNotice":
-+ deleteNotice($id);
-+ break;
-+
-+ case "GraphicAdmin":
-+ GraphicAdmin();
-+ break;
-+
-+ case "adminMain":
-+ adminMain();
-+ break;
-+
-+ case "logout":
-+ setcookie("admin");
-+ $admin = "";
-+ include("header.php");
-+ OpenTable();
-+ echo "<center><font class=\"title\"><b>"._YOUARELOGGEDOUT."</b></font></center>";
-+ CloseTable();
-+ include("footer.php");
-+ break;
-+
-+ case "login";
-+ unset($op);
-+
-+ default:
-+ $casedir = dir("admin/case");
-+ while($func=$casedir->read()) {
-+ if(substr($func, 0, 5) == "case.") {
-+ include($casedir->path."/$func");
-+ }
-+ }
-+ closedir($casedir->handle);
-+ break;
-+
-+ }
-+
-+} else {
-+
-+ switch($op) {
-+
-+ case "gfx":
-+ gfx($random_num);
-+ break;
-+
-+ default:
-+ login();
-+ break;
-+
-+ }
-+
-+}
-+
-+?>