lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-24 03:57:22 +08:00
Code Issues Packages Projects Releases Wiki Activity

support modify personal attendance card

Browse Source
This commit is contained in:
xiaomlove
2022-05-29 15:19:16 +08:00
parent cf7f2af06e
commit 36a1f83d7d
40 changed files with 289 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files
public/increment-bulk.php
+148
View File
@@ -0,0 +1,148 @@
<?php
require "../include/bittorrent.php";
dbconn();
loggedinorreturn();
if (get_user_class() < UC_SYSOP)
stderr("Sorry", "Access denied.");
$validTypeMap = [
'seedbonus' => 'Bonus',
'attendance_card' => 'Attend card',
'invites' => 'Invite',
'uploaded' => 'Upload',
];
$type = $_REQUEST['type'] ?? '';
stdhead("Add Bonus/Attend card/Invite/upload", false);
?>
<table class=main width=737 border=0 cellspacing=0 cellpadding=0><tr><td class=embedded>
<div align=center>
<h1>Add Bonus/Attend card/Invite/upload to all staff members and users:</a></h1>
<form method=post action=take-increment-bulk.php>
<?php
if (isset($_GET["returnto"]) || $_SERVER["HTTP_REFERER"])
{
?>
<input type=hidden name=returnto value="<?php echo htmlspecialchars($_GET["returnto"]) ? htmlspecialchars($_GET["returnto"]) : htmlspecialchars($_SERVER["HTTP_REFERER"])?>">
<?php
}
?>
<table cellspacing=0 cellpadding=5>
<?php
if (isset($_GET["sent"]) && $_GET["sent"] == 1) {
echo '<tr><td colspan=2 class="text" align="center"><font color=red><b> '. ($validTypeMap[$type] ?? '') .' has been added and inform message has been sent.</font></b></tr></td>';
}
?>
<tr>
<td class="rowhead" valign="top">Type </td>
<td class="rowfollow">
<?php
foreach ($validTypeMap as $name => $text) {
$desc = '';
if ($name == 'uploaded') {
$desc = '&nbsp;(in GB)';
}
printf('<label><input type="radio" name="type" value="%s">%s%s</label>', $name, $text, $desc);
}
?>
</td>
</tr>
<tr><td class="rowhead" valign="top">Amount </td><td class="rowfollow"><input type=text name=amount size=10></td></tr>
<tr>
<td class="rowhead" valign="top">Add to</td><td class="rowfollow">
<table style="border: 0" width="100%" cellpadding="0" cellspacing="0">
<tr>
<td style="border: 0" width="20"><input type="checkbox" name="clases[]" value="0">
</td>
<td style="border: 0">Peasant</td>
<td style="border: 0" width="20"><input type="checkbox" name="clases[]" value="1">
</td>
<td style="border: 0">User</td>
<td style="border: 0" width="20"><input type="checkbox" name="clases[]" value="2">
</td>
<td style="border: 0">Power User</td>
<td style="border: 0" width="20"><input type="checkbox" name="clases[]" value="3">
</td>
<td style="border: 0">Elite User</td>
</tr>
<tr>
<td style="border: 0" width="20"><input type="checkbox" name="clases[]" value="4">
</td>
<td style="border: 0">Crazy User</td>
<td style="border: 0" width="20"><input type="checkbox" name="clases[]" value="5">
</td>
<td style="border: 0">Insane User</td>
<td style="border: 0" width="20"><input type="checkbox" name="clases[]" value="6">
</td>
<td style="border: 0">Veteran User</td>
<td style="border: 0" width="20"><input type="checkbox" name="clases[]" value="7">
</td>
<td style="border: 0">Extreme User</td>
</tr>
<tr>
<td style="border: 0" width="20"><input type="checkbox" name="clases[]" value="8">
</td>
<td style="border: 0">Ultimate User</td>
<td style="border: 0" width="20"><input type="checkbox" name="clases[]" value="9">
</td>
<td style="border: 0">Nexus Master</td>
<td style="border: 0" width="20"><input type="checkbox" name="clases[]" value="10">
</td>
<td style="border: 0">VIP</td>
<td style="border: 0" width="20"><input type="checkbox" name="clases[]" value="11">
</td>
<td style="border: 0">Uploader</td>
</tr>
<tr>
<td style="border: 0" width="20"><input type="checkbox" name="clases[]" value="12">
</td>
<td style="border: 0">Moderator</td>
<td style="border: 0" width="20"><input type="checkbox" name="clases[]" value="13">
</td>
<td style="border: 0">Administrator</td>
<td style="border: 0" width="20"><input type="checkbox" name="clases[]" value="14">
</td>
<td style="border: 0">SysOp</td>
<td style="border: 0" width="20"><input type="checkbox" name="clases[]" value="15">
</td>
<td style="border: 0">Staff Leader</td>
<td style="border: 0">&nbsp;</td>
<td style="border: 0">&nbsp;</td>
</tr>
</table>
</td>
</tr>
<tr><td class="rowhead" valign="top">Subject </td><td class="rowfollow"><input type=text name=subject size=82></td></tr>
<tr><td class="rowhead" valign="top">Reason </td><td class="rowfollow"><textarea name=msg cols=80 rows=5><?php echo $body ?? ''?></textarea></td></tr>
<tr>
<td class="rowfollow" colspan=2><div align="center"><b>Operator:&nbsp;&nbsp;</b>
<?php echo $CURUSER['username']?>
<input name="sender" type="radio" value="self" checked>
&nbsp; System
<input name="sender" type="radio" value="system">
</div></td></tr>
<tr><td class="rowfollow" colspan=2 align=center><input type=submit value="Do It!" class=btn></td></tr>
</table>
<input type=hidden name=receiver value=<?php echo $receiver ?? ''?>>
</form>
</div></td></tr></table>
<br />
NOTE: Do not user BB codes. (NO HTML)
<?php
stdfoot();
public/ipsearch.php
+1 -1
View File
@@ -12,7 +12,7 @@ else
if ($ip)
{
$regex = "/^(((1?\d{1,2})|(2[0-4]\d)|(25[0-5]))(\.\b|$)){4}$/";
if (!preg_match($regex, $ip))
if (!filter_var($ip, FILTER_VALIDATE_IP))
{
stderr($lang_ipsearch['std_error'], $lang_ipsearch['std_invalid_ip']);
}
public/take-increment-bulk.php
+67
View File
@@ -0,0 +1,67 @@
<?php
require "../include/bittorrent.php";
if ($_SERVER["REQUEST_METHOD"] != "POST")
stderr("Error", "Permission denied!");
dbconn();
loggedinorreturn();
if (get_user_class() < UC_SYSOP)
stderr("Sorry", "Permission denied.");
$validTypeMap = [
'seedbonus' => 'Bonus',
'attendance_card' => 'Attend card',
'invites' => 'Invite',
'uploaded' => 'Upload',
];
$sender_id = ($_POST['sender'] == 'system' ? 0 : (int)$CURUSER['id']);
$dt = sqlesc(date("Y-m-d H:i:s"));
$msg = trim($_POST['msg']);
$amount = $_POST['amount'];
$type = $_POST['type'] ?? '';
if (!$msg || !$amount || !$type)
stderr("Error","Don't leave any fields blank.");
if(!is_numeric($amount))
stderr("Error","amount must be numeric");
if (!isset($validTypeMap[$type])) {
stderr("Error","Invalid type");
}
if ($type == 'uploaded') {
$amount = sqlesc(getsize_int($amount,"G"));
}
$updateset = $_POST['clases'];
if (is_array($updateset)) {
foreach ($updateset as $class) {
if (!is_valid_id($class) && $class != 0)
stderr("Error","Invalid Class");
}
}else{
if (!is_valid_id($updateset) && $updateset != 0)
stderr("Error","Invalid Class");
}
$subject = trim($_POST['subject']);
$size = 10000;
$page = 1;
set_time_limit(300);
$classStr = implode(",", $updateset);
while (true) {
$msgValues = $idArr = [];
$offset = ($page - 1) * $size;
$query = sql_query("SELECT id FROM users WHERE class IN ($classStr) limit $offset, $size");
while($dat=mysql_fetch_assoc($query))
{
$idArr[] = $dat['id'];
$msgValues[] = sprintf('(%s, %s, %s, %s, %s)', $sender_id, $dat['id'], $dt, sqlesc($subject), sqlesc($msg));
}
if (empty($idArr)) {
break;
}
$idStr = implode(', ', $idArr);
$sql = "INSERT INTO messages (sender, receiver, added, subject, msg) VALUES " . implode(', ', $msgValues);
sql_query($sql);
sql_query("UPDATE users SET $type = $type + $amount WHERE id in ($idStr)");
$page++;
}
header("Refresh: 0; url=increment-bulk.php?sent=1&type=$type");
?>
public/upload.php
+2 -1
View File
@@ -165,7 +165,8 @@ jQuery('select[name="offer"]').on("change", function () {
jQuery("#name").val(response.data.name)
clearContent()
doInsert(response.data.descr, '', false)
jQuery("#browsecat").val(response.data.category)
jQuery("#specialcat").prop('disabled', false).val(0)
jQuery("#browsecat").prop('disabled', false).val(response.data.category)
}, 'json')
})
JS;
public/usersearch.php
+17 -17
View File
@@ -12,7 +12,7 @@ if (get_user_class() < UC_MODERATOR)
stdhead("Administrative User Search");
echo "<h1>Administrative User Search</h1>\n";
if ($_GET['h'])
if (!empty($_GET['h']))
{
echo "<table width=65% border=0 align=center><tr><td class=embedded bgcolor='#F5F4EA'><div align=left>\n
Fields left blank will be ignored;\n
@@ -76,7 +76,7 @@ $highlight = " bgcolor=#BBAF9B";
<tr><td valign="middle" class=rowhead>Email:</td>
<td<?php echo $_GET['em']?$highlight:""?>><input name="em" type="text" value="<?php echo htmlspecialchars($_GET['em'])?>" size="35"></td>
<td valign="middle" class=rowhead>IP:</td>
<td<?php echo $_GET['ip']?$highlight:""?>><input name="ip" type="text" value="<?php echo htmlspecialchars($_GET['ip'])?>" maxlength="17"></td>
<td<?php echo $_GET['ip']?$highlight:""?>><input name="ip" type="text" value="<?php echo htmlspecialchars($_GET['ip'])?>" maxlength="64"></td>
<td valign="middle" class=rowhead>Account status:</td>
<td<?php echo $_GET['as']?$highlight:""?>><select name="as">
@@ -248,7 +248,7 @@ function haswildcard($text){
}
///////////////////////////////////////////////////////////////////////////////
$q = '';
if (count($_GET) > 0 && !$_GET['h'])
{
// name
@@ -343,7 +343,7 @@ if (count($_GET) > 0 && !$_GET['h'])
if ($ip)
{
$regex = "/^(((1?\d{1,2})|(2[0-4]\d)|(25[0-5]))(\.\b|$)){4}$/";
if (!preg_match($regex, $ip))
if (!filter_var($ip, FILTER_VALIDATE_IP))
{
stdmsg("Error", "Bad IP.");
stdfoot();
@@ -782,19 +782,19 @@ if (count($_GET) > 0 && !$_GET['h'])
if ($user['last_access'] == '0000-00-00 00:00:00' || $user['last_access'] == null)
$user['last_access'] = '---';
if ($user['ip'])
{
$nip = ip2long($user['ip']);
$auxres = sql_query("SELECT COUNT(*) FROM bans WHERE $nip >= first AND $nip <= last") or sqlerr(__FILE__, __LINE__);
$array = mysql_fetch_row($auxres);
if ($array[0] == 0)
$ipstr = $user['ip'];
else
$ipstr = "<a href='testip.php?ip=" . $user['ip'] . "'><font color='#FF0000'><b>" . $user['ip'] . "</b></font></a>";
}
else
$ipstr = "---";
if ($user['ip']) {
$ipstr = $user['ip'];
if (filter_var($user['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
$nip = ip2long($user['ip']);
$auxres = sql_query("SELECT COUNT(*) FROM bans WHERE $nip >= first AND $nip <= last") or sqlerr(__FILE__, __LINE__);
$array = mysql_fetch_row($auxres);
if ($array[0] > 0) {
$ipstr = "<a href='testip.php?ip=" . $user['ip'] . "'><font color='#FF0000'><b>" . $user['ip'] . "</b></font></a>";
}
}
} else {
$ipstr = "---";
}
$auxres = sql_query("SELECT SUM(uploaded) AS pul, SUM(downloaded) AS pdl FROM peers WHERE userid = " . $user['id']) or sqlerr(__FILE__, __LINE__);
$array = mysql_fetch_array($auxres);