"); end_main_frame(); } function searchtable($title, $action, $opts = array()){ global $lang_log; print("\n"); print("\n"); print("
".$title."
\n"); print("\n"); if ($opts) { print($lang_log['text_in'].""); } print("  "); print("
\n"); print("

\n"); } function additem($title, $action){ global $lang_log; print("\n"); print("\n"); print("
".$title."
\n"); print("\n"); print(""); print(""); print("
\n"); print("

\n"); } function edititem($title, $action, $id){ global $lang_log; $result = sql_query ("SELECT * FROM ".$action." where id = ".sqlesc($id)) or sqlerr(__FILE__, __LINE__); if ($row = mysql_fetch_array($result)) { print("\n"); print("\n"); print("
".$title."
\n"); print("\n"); print(""); print(""); print(""); print("
\n"); print("

\n"); } } $action = isset($_POST['action']) ? htmlspecialchars($_POST['action']) : (isset($_GET['action']) ? htmlspecialchars($_GET['action']) : ''); $allowed_actions = array("dailylog","chronicle","funbox","news","poll"); if (!$action) $action='dailylog'; if (!in_array($action, $allowed_actions)) stderr($lang_log['std_error'], $lang_log['std_invalid_action']); else { switch ($action){ case "dailylog": stdhead($lang_log['head_site_log']); $query = mysql_real_escape_string(trim($_GET["query"])); $search = $_GET["search"]; $addparam = ""; $wherea = ""; if (get_user_class() >= $confilog_class){ switch ($search) { case "mod": $wherea=" WHERE security_level = 'mod'"; break; case "normal": $wherea=" WHERE security_level = 'normal'"; break; case "all": break; } $addparam = ($wherea ? "search=".rawurlencode($search)."&" : ""); } else{ $wherea=" WHERE security_level = 'normal'"; } if($query){ $wherea .= ($wherea ? " AND " : " WHERE ")." txt LIKE '%$query%' "; $addparam .= "query=".rawurlencode($query)."&"; } logmenu('dailylog'); $opt = array (all => $lang_log['text_all'], normal => $lang_log['text_normal'], mod => $lang_log['text_mod']); searchtable($lang_log['text_search_log'], 'dailylog',$opt); $res = sql_query("SELECT COUNT(*) FROM sitelog".$wherea); $row = mysql_fetch_array($res); $count = $row[0]; $perpage = 50; list($pagertop, $pagerbottom, $limit) = pager($perpage, $count, "log.php?action=dailylog&".$addparam); $res = sql_query("SELECT added, txt FROM sitelog $wherea ORDER BY added DESC $limit") or sqlerr(__FILE__, __LINE__); if (mysql_num_rows($res) == 0) print($lang_log['text_log_empty']); else { //echo $pagertop; print("\n"); print("\n"); while ($arr = mysql_fetch_assoc($res)) { $color = ""; if (strpos($arr['txt'],'was uploaded by')) $color = "green"; if (strpos($arr['txt'],'was deleted by')) $color = "red"; if (strpos($arr['txt'],'was added to the Request section')) $color = "purple"; if (strpos($arr['txt'],'was edited by')) $color = "blue"; if (strpos($arr['txt'],'settings updated by')) $color = "darkred"; print("\n"); } print("
\"time\"".$lang_log['col_event']."
".gettime($arr['added'],true,false)."".htmlspecialchars($arr['txt'])."
"); echo $pagerbottom; } print($lang_log['time_zone_note']); stdfoot(); die; break; case "chronicle": stdhead($lang_log['head_chronicle']); $query = mysql_real_escape_string(trim($_GET["query"])); if($query){ $wherea=" WHERE txt LIKE '%$query%' "; $addparam = "query=".rawurlencode($query)."&"; } else{ $wherea=""; $addparam = ""; } logmenu("chronicle"); searchtable($lang_log['text_search_chronicle'], 'chronicle'); if (get_user_class() >= $chrmanage_class) additem($lang_log['text_add_chronicle'], 'chronicle'); if ($_GET['do'] == "del" || $_GET['do'] == 'edit' || $_POST['do'] == "add" || $_POST['do'] == "update") { $txt = $_POST['txt']; if (get_user_class() < $chrmanage_class) permissiondeny(); elseif ($_POST['do'] == "add") sql_query ("INSERT INTO chronicle (userid,added, txt) VALUES ('".$CURUSER["id"]."', now(), ".sqlesc($txt).")") or sqlerr(__FILE__, __LINE__); elseif ($_POST['do'] == "update"){ $id = 0 + $_POST['id']; if (!$id) { header("Location: log.php?action=chronicle"); die();} else sql_query ("UPDATE chronicle SET txt=".sqlesc($txt)." WHERE id=".$id) or sqlerr(__FILE__, __LINE__);} else {$id = 0 + $_GET['id']; if (!$id) { header("Location: log.php?action=chronicle"); die();} elseif ($_GET['do'] == "del") sql_query ("DELETE FROM chronicle where id = '".$id."'") or sqlerr(__FILE__, __LINE__); elseif ($_GET['do'] == "edit") edititem($lang_log['text_edit_chronicle'],'chronicle', $id); } } $res = sql_query("SELECT COUNT(*) FROM chronicle".$wherea); $row = mysql_fetch_array($res); $count = $row[0]; $perpage = 50; list($pagertop, $pagerbottom, $limit) = pager($perpage, $count, "log.php?action=chronicle&".$addparam); $res = sql_query("SELECT id, added, txt FROM chronicle $wherea ORDER BY added DESC $limit") or sqlerr(__FILE__, __LINE__); if (mysql_num_rows($res) == 0) print($lang_log['text_chronicle_empty']); else { //echo $pagertop; print("\n"); print("".(get_user_class() >= $chrmanage_class ? "" : "")."\n"); while ($arr = mysql_fetch_assoc($res)) { $date = gettime($arr['added'],true,false); print("".(get_user_class() >= $chrmanage_class ? "" : "")."\n"); } print("
".$lang_log['col_date']."".$lang_log['col_event']."".$lang_log['col_modify']."
$date".format_comment($arr["txt"],true,false,true)."".$lang_log['text_edit']." | ".$lang_log['text_delete']."
"); echo $pagerbottom; } print($lang_log['time_zone_note']); stdfoot(); die; break; case "funbox": stdhead($lang_log['head_funbox']); $query = mysql_real_escape_string(trim($_GET["query"])); $search = $_GET["search"]; if($query){ switch ($search){ case "title": $wherea=" WHERE title LIKE '%$query%' AND status != 'banned'"; break; case "body": $wherea=" WHERE body LIKE '%$query%' AND status != 'banned'"; break; case "both": $wherea=" WHERE (body LIKE '%$query%' or title LIKE '%$query%') AND status != 'banned'" ; break; } $addparam = "search=".rawurlencode($search)."&query=".rawurlencode($query)."&"; } else{ $wherea=" WHERE status != 'banned'"; $addparam = ""; } logmenu("funbox"); $opt = array (title => $lang_log['text_title'], body => $lang_log['text_body'], both => $lang_log['text_both']); searchtable($lang_log['text_search_funbox'], 'funbox', $opt); $res = sql_query("SELECT COUNT(*) FROM fun ".$wherea); $row = mysql_fetch_array($res); $count = $row[0]; $perpage = 10; list($pagertop, $pagerbottom, $limit) = pager($perpage, $count, "log.php?action=funbox&".$addparam); $res = sql_query("SELECT added, body, title, status FROM fun $wherea ORDER BY added DESC $limit") or sqlerr(__FILE__, __LINE__); if (mysql_num_rows($res) == 0) print($lang_log['text_funbox_empty']); else { //echo $pagertop; while ($arr = mysql_fetch_assoc($res)){ $date = gettime($arr['added'],true,false); print("\n"); print("\n"); print("
".$lang_log['col_title']."".$arr["title"]." - ".$arr["status"]."
".$lang_log['col_date']."".$date."
".$lang_log['col_body']."".format_comment($arr["body"],false,false,true)."

"); } echo $pagerbottom; } print($lang_log['time_zone_note']); stdfoot(); die; break; case "news": stdhead($lang_log['head_news']); $query = mysql_real_escape_string(trim($_GET["query"])); $search = $_GET["search"]; if($query){ switch ($search){ case "title": $wherea=" WHERE title LIKE '%$query%' "; break; case "body": $wherea=" WHERE body LIKE '%$query%' "; break; case "both": $wherea=" WHERE body LIKE '%$query%' or title LIKE '%$query%'" ; break; } $addparam = "search=".rawurlencode($search)."&query=".rawurlencode($query)."&"; } else{ $wherea= ""; $addparam = ""; } logmenu("news"); $opt = array (title => $lang_log['text_title'], body => $lang_log['text_body'], both => $lang_log['text_both']); searchtable($lang_log['text_search_news'], 'news', $opt); $res = sql_query("SELECT COUNT(*) FROM news".$wherea); $row = mysql_fetch_array($res); $count = $row[0]; $perpage = 20; list($pagertop, $pagerbottom, $limit) = pager($perpage, $count, "log.php?action=news&".$addparam); $res = sql_query("SELECT id, added, body, title FROM news $wherea ORDER BY added DESC $limit") or sqlerr(__FILE__, __LINE__); if (mysql_num_rows($res) == 0) print($lang_log['text_news_empty']); else { //echo $pagertop; while ($arr = mysql_fetch_assoc($res)){ $date = gettime($arr['added'],true,false); print("\n"); print("\n"); print("
".$lang_log['col_title']."".$arr["title"]."
".$lang_log['col_date']."".$date."
".$lang_log['col_body']."".format_comment($arr["body"],false,false,true)."

"); } echo $pagerbottom; } print($lang_log['time_zone_note']); stdfoot(); die; break; case "poll": $do = $_GET["do"]; $pollid = $_GET["pollid"]; $returnto = htmlspecialchars($_GET["returnto"]); if ($do == "delete") { if (get_user_class() < $chrmanage_class) stderr($lang_log['std_error'], $lang_log['std_permission_denied']); int_check($pollid,true); $sure = $_GET["sure"]; if (!$sure) stderr($lang_log['std_delete_poll'],$lang_log['std_delete_poll_confirmation'] . "".$lang_log['std_here_if_sure'],false); sql_query("DELETE FROM pollanswers WHERE pollid = $pollid") or sqlerr(); sql_query("DELETE FROM polls WHERE id = $pollid") or sqlerr(); $Cache->delete_value('current_poll_content'); $Cache->delete_value('current_poll_result', true); if ($returnto == "main") header("Location: " . get_protocol_prefix() . "$BASEURL"); else header("Location: " . get_protocol_prefix() . "$BASEURL/log.php?action=poll&deleted=1"); die; } $rows = sql_query("SELECT COUNT(*) FROM polls") or sqlerr(); $row = mysql_fetch_row($rows); $pollcount = $row[0]; if ($pollcount == 0) stderr($lang_log['std_sorry'], $lang_log['std_no_polls']); $polls = sql_query("SELECT * FROM polls ORDER BY id DESC LIMIT 1," . ($pollcount - 1 )) or sqlerr(); stdhead($lang_log['head_previous_polls']); logmenu("poll"); print("\n"); //print("\n"); function srt($a,$b) { if ($a[0] > $b[0]) return -1; if ($a[0] < $b[0]) return 1; return 0; } while ($poll = mysql_fetch_assoc($polls)) { $o = array($poll["option0"], $poll["option1"], $poll["option2"], $poll["option3"], $poll["option4"], $poll["option5"], $poll["option6"], $poll["option7"], $poll["option8"], $poll["option9"], $poll["option10"], $poll["option11"], $poll["option12"], $poll["option13"], $poll["option14"], $poll["option15"], $poll["option16"], $poll["option17"], $poll["option18"], $poll["option19"]); print("\n"); } print("
".$lang_log['text_previous_polls']."
\n"); print("

"); $added = gettime($poll['added'], true, false); print($added); if (get_user_class() >= $pollmanage_class) { print(" - [".$lang_log['text_edit']."]\n"); print(" - [".$lang_log['text_delete']."]\n"); } print(""); print("

\n"); print("
\n"); print("

" . $poll["question"] . "

"); $pollanswers = sql_query("SELECT selection FROM pollanswers WHERE pollid=" . $poll["id"] . " AND selection < 20") or sqlerr(); $tvotes = mysql_num_rows($pollanswers); $vs = array(); // count for each option ([0]..[19]) $os = array(); // votes and options: array(array(123, "Option 1"), array(45, "Option 2")) // Count votes while ($pollanswer = mysql_fetch_row($pollanswers)) $vs[$pollanswer[0]] += 1; reset($o); for ($i = 0; $i < count($o); ++$i) if ($o[$i]) $os[$i] = array($vs[$i], $o[$i]); print("\n"); $i = 0; while ($a = $os[$i]) { if ($tvotes > 0) $p = round($a[0] / $tvotes * 100); else $p = 0; print("\n"); ++$i; } print("
" . $a[1] . "  " . "\"\"\"\" $p%
\n"); $tvotes = number_format($tvotes); print("

".$lang_log['text_votes']."$tvotes

\n"); print("


\n"); print("

"); print($lang_log['time_zone_note']); stdfoot(); die; break; } } ?>