lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-14 12:30:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix modtask.php

Browse Source
This commit is contained in:
xiaomlove
2021-02-27 13:27:08 +08:00
parent c0dbb23071
commit b21fbf8aea
2 changed files with 25 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
public/modtask.php
View File

@@ -103,44 +103,44 @@ if ($action == "edituser")
$added = sqlesc(date("Y-m-d H:i:s"));
if ($arr['email'] != $email){
$updateset[] = "email = " . sqlesc($email);
$modcomment = date("Y-m-d") . " - Email changed from $arr[email] to $email by $CURUSER[username].\n". $modcomment;
$modcomment = date("Y-m-d") . " - Email changed from $arr[email] to $email by {$CURUSER['username']}.\n". $modcomment;
$subject = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_email_change']);
$msg = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_your_email_changed_from'].$arr['email'].$lang_modtask_target[get_user_lang($userid)]['msg_to_new'] . $email .$lang_modtask_target[get_user_lang($userid)]['msg_by'].$CURUSER[username]);
$msg = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_your_email_changed_from'].$arr['email'].$lang_modtask_target[get_user_lang($userid)]['msg_to_new'] . $email .$lang_modtask_target[get_user_lang($userid)]['msg_by'].$CURUSER['username']);
sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
}
if ($arr['username'] != $username){
$updateset[] = "username = " . sqlesc($username);
$modcomment = date("Y-m-d") . " - Usernmae changed from $arr[username] to $username by $CURUSER[username].\n". $modcomment;
$modcomment = date("Y-m-d") . " - Usernmae changed from $arr[username] to $username by {$CURUSER['username']}.\n". $modcomment;
$subject = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_username_change']);
$msg = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_your_username_changed_from'].$arr['username'].$lang_modtask_target[get_user_lang($userid)]['msg_to_new'] . $username .$lang_modtask_target[get_user_lang($userid)]['msg_by'].$CURUSER[username]);
$msg = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_your_username_changed_from'].$arr['username'].$lang_modtask_target[get_user_lang($userid)]['msg_to_new'] . $username .$lang_modtask_target[get_user_lang($userid)]['msg_by'].$CURUSER['username']);
sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
}
if ($ori_downloaded != $downloaded){
$updateset[] = "downloaded = " . sqlesc($downloaded);
$modcomment = date("Y-m-d") . " - Downloaded amount changed from $arr[downloaded] to $downloaded by $CURUSER[username].\n". $modcomment;
$modcomment = date("Y-m-d") . " - Downloaded amount changed from $arr[downloaded] to $downloaded by {$CURUSER['username']}.\n". $modcomment;
$subject = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_downloaded_change']);
$msg = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_your_downloaded_changed_from'].mksize($arr['downloaded']).$lang_modtask_target[get_user_lang($userid)]['msg_to_new'] . mksize($downloaded) .$lang_modtask_target[get_user_lang($userid)]['msg_by'].$CURUSER[username]);
$msg = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_your_downloaded_changed_from'].mksize($arr['downloaded']).$lang_modtask_target[get_user_lang($userid)]['msg_to_new'] . mksize($downloaded) .$lang_modtask_target[get_user_lang($userid)]['msg_by'].$CURUSER['username']);
sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
}
if ($ori_uploaded != $uploaded){
$updateset[] = "uploaded = " . sqlesc($uploaded);
$modcomment = date("Y-m-d") . " - Uploaded amount changed from $arr[uploaded] to $uploaded by $CURUSER[username].\n". $modcomment;
$modcomment = date("Y-m-d") . " - Uploaded amount changed from $arr[uploaded] to $uploaded by {$CURUSER['username']}.\n". $modcomment;
$subject = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_uploaded_change']);
$msg = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_your_uploaded_changed_from'].mksize($arr['uploaded']).$lang_modtask_target[get_user_lang($userid)]['msg_to_new'] . mksize($uploaded) .$lang_modtask_target[get_user_lang($userid)]['msg_by'].$CURUSER[username]);
$msg = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_your_uploaded_changed_from'].mksize($arr['uploaded']).$lang_modtask_target[get_user_lang($userid)]['msg_to_new'] . mksize($uploaded) .$lang_modtask_target[get_user_lang($userid)]['msg_by'].$CURUSER['username']);
sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
}
if ($ori_bonus != $bonus){
$updateset[] = "seedbonus = " . sqlesc($bonus);
$modcomment = date("Y-m-d") . " - Bonus amount changed from $arr[seedbonus] to $bonus by $CURUSER[username].\n". $modcomment;
$modcomment = date("Y-m-d") . " - Bonus amount changed from $arr[seedbonus] to $bonus by {$CURUSER['username']}.\n". $modcomment;
$subject = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_bonus_change']);
$msg = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_your_bonus_changed_from'].$arr['seedbonus'].$lang_modtask_target[get_user_lang($userid)]['msg_to_new'] . $bonus .$lang_modtask_target[get_user_lang($userid)]['msg_by'].$CURUSER[username]);
$msg = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_your_bonus_changed_from'].$arr['seedbonus'].$lang_modtask_target[get_user_lang($userid)]['msg_to_new'] . $bonus .$lang_modtask_target[get_user_lang($userid)]['msg_by'].$CURUSER['username']);
sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
}
if ($arr['invites'] != $invites){
$updateset[] = "invites = " . sqlesc($invites);
$modcomment = date("Y-m-d") . " - Invite amount changed from $arr[invites] to $invites by $CURUSER[username].\n". $modcomment;
$modcomment = date("Y-m-d") . " - Invite amount changed from $arr[invites] to $invites by {$CURUSER['username']}.\n". $modcomment;
$subject = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_invite_change']);
$msg = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_your_invite_changed_from'].$arr['invites'].$lang_modtask_target[get_user_lang($userid)]['msg_to_new'] . $invites .$lang_modtask_target[get_user_lang($userid)]['msg_by'].$CURUSER[username]);
$msg = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_your_invite_changed_from'].$arr['invites'].$lang_modtask_target[get_user_lang($userid)]['msg_to_new'] . $invites .$lang_modtask_target[get_user_lang($userid)]['msg_by'].$CURUSER['username']);
sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
}
}
@@ -192,7 +192,7 @@ if ($action == "edituser")
sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES(0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
$updateset[] = "class = $class";
$what = ($class > $curclass ? "Promoted" : "Demoted");
$modcomment = date("Y-m-d") . " - $what to '" . get_user_class_name($class) . "' by $CURUSER[username].\n". $modcomment;
$modcomment = date("Y-m-d") . " - $what to '" . get_user_class_name($class) . "' by {$CURUSER['username']}.\n". $modcomment;
}
if ($class == UC_VIP)
{
@@ -203,7 +203,7 @@ if ($action == "edituser")
$msg = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_vip_status_changed_by'].$CURUSER['username']);
$added = sqlesc(date("Y-m-d H:i:s"));
sql_query("INSERT INTO messages (sender, receiver, subject, msg, added) VALUES (0, $userid, $subject, $msg, $added)") or sqlerr(__FILE__, __LINE__);
$modcomment = date("Y-m-d") . " - VIP status changed by $CURUSER[username]. VIP added: ".$vip_added.($vip_added == 'yes' ? "; VIP until: ".$vip_until : "").".\n". $modcomment;
$modcomment = date("Y-m-d") . " - VIP status changed by {$CURUSER['username']}. VIP added: ".$vip_added.($vip_added == 'yes' ? "; VIP until: ".$vip_until : "").".\n". $modcomment;
}
if ($warned && $curwarned != $warned)
@@ -213,7 +213,7 @@ if ($action == "edituser")
if ($warned == 'no')
{
$modcomment = date("Y-m-d") . " - Warning removed by $CURUSER[username].\n". $modcomment;
$modcomment = date("Y-m-d") . " - Warning removed by {$CURUSER['username']}.\n". $modcomment;
$subject = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_warn_removed']);
$msg = sqlesc($lang_modtask_target[get_user_lang($userid)]['msg_your_warning_removed_by'] . $CURUSER['username'] . ".");
}

19
public/usercp.php
View File

@@ -266,8 +266,8 @@ tr($lang_usercp['row_school'], "<select name=school>$schools</select>", 1);
if (is_valid_id($stylesheet))
$updateset[] = "stylesheet = " . sqlesc($stylesheet);
if (is_valid_id($caticon))
$updateset[] = "caticon = " . sqlesc($caticon);
// if (is_valid_id($caticon))
// $updateset[] = "caticon = " . sqlesc($caticon);
if (is_valid_id($sitelanguage))
{
@@ -553,18 +553,19 @@ if ($showaudiocodec) $audiocodecs = searchbox_item_list("audiocodecs");
if ($ss_id == $CURUSER["stylesheet"]) $ss = " selected"; else $ss = "";
$stylesheets .= "<option value=$ss_id$ss>$ss_name</option>\n";
}
$cires = sql_query("SELECT * FROM caticons ORDER BY name") or die;
while($caticon = mysql_fetch_array($cires)){
if ($caticon['id'] == $CURUSER['caticon']) $sl = " selected"; else $sl = "";
$categoryicons .= "<option value=".$caticon['id'].$sl.">".$caticon['name']."</option>\n";
}
tr_small($lang_usercp['row_stylesheet'], "<select name=stylesheet>\n$stylesheets\n</select>&nbsp;&nbsp;<font class=small>".$lang_usercp['text_stylesheet_note']."<a href=\"aboutnexus.php#stylesheet\" ><b>".$lang_usercp['text_stylesheet_link']."</b></a></font>.",1);
tr_small($lang_usercp['row_stylesheet'], "<select name=stylesheet>\n$stylesheets\n</select>&nbsp;&nbsp;<font class=small>".$lang_usercp['text_stylesheet_note']."<a href=\"aboutnexus.php#stylesheet\" ><b>".$lang_usercp['text_stylesheet_link']."</b></a></font>.",1);
/**
* make no sense, should no exists!
* @since v1.6.0
*/
// $cires = sql_query("SELECT * FROM caticons ORDER BY name") or die;
// while($caticon = mysql_fetch_array($cires)){
// if ($caticon['id'] == $CURUSER['caticon']) $sl = " selected"; else $sl = "";
// $categoryicons .= "<option value=".$caticon['id'].$sl.">".$caticon['name']."</option>\n";
// }
// tr_small($lang_usercp['row_category_icons'], "<select name=caticon>".$categoryicons."</select>",1);
tr_small($lang_usercp['row_font_size'], "<select name=fontsize><option value=small ".($CURUSER['fontsize'] == 'small' ? " selected" : "").">".$lang_usercp['select_small']."</option><option value=medium ".($CURUSER['fontsize'] == 'medium' ? " selected" : "").">".$lang_usercp['select_medium']."</option><option value=large ".($CURUSER['fontsize'] == 'large' ? " selected" : "").">".$lang_usercp['select_large']."</option></select>",1);
tr_small($lang_usercp['row_font_size'], "<select name=fontsize><option value=small ".($CURUSER['fontsize'] == 'small' ? " selected" : "").">".$lang_usercp['select_small']."</option><option value=medium ".($CURUSER['fontsize'] == 'medium' ? " selected" : "").">".$lang_usercp['select_medium']."</option><option value=large ".($CURUSER['fontsize'] == 'large' ? " selected" : "").">".$lang_usercp['select_large']."</option></select>",1);
$s = "<select name=\"sitelanguage\">\n";