hi there i dont know what happen the following is the code of mod R/L code and it it always says that i am not a moderator i am the owner of my site and i can access owner cp head admin cp admin cp and also make changes to site the permission level i have set is to permission 4 here is the code of mod cp
the browser says
1: <?xml version="1.0"?><!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml"><wml>
2: <card id="main" title="Agni"><p align="center">You are not a mod<br/><br/><a href="index.php">Home</a></p></card>
can any one help me with this i tried replacing several modcp and also mprocpl.php still couldnt find whats the problem almost confused and about to jump to the well
PHP Code:
<?php
/*
Iris Blaze
*/
header("Content-type: text/vnd.wap.wml");
header("Cache-Control: no-store, no-cache, must-revalidate");
echo("<?xml version=\"1.0\"?>");
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.1//EN\"". " \"http://www.wapforum.org/DTD/wml_1.1.xml\">";
?>
<wml>
<?php
include("config.php");
include("hollow.php");
connectdb();
$action = $_GET["action"];
$sid = $_GET["sid"];
if(!ismod(getuid_sid($sid)))
{
echo "<card id=\"main\" title=\"Agni\">";
echo "<p align=\"center\">";
echo "You are not a mod<br/>";
echo "<br/>";
echo "<a href=\"index.php\">Home</a>";
echo "</p>";
echo "</card>";
exit();
}
if(islogged($sid)==false)
{
echo "<card id=\"main\" title=\"Agni\">";
echo "<p align=\"center\">";
echo "You are not logged in<br/>";
echo "Or Your session has been expired<br/><br/>";
echo "<a href=\"index.php\">Login</a>";
echo "</p>";
echo "</card>";
}
addonline(getuid_sid($sid),"Mod CP","");
if($action=="delp")
{
$pid = $_GET["pid"];
$tid = gettid_pid($pid);
$fid = getfid_tid($tid);
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$res = mysql_query("DELETE FROM ibwf_posts WHERE id='".$pid."'");
if($res)
{
$tname = mysql_fetch_array(mysql_query("SELECT name FROM ibwf_topics WHERE id='".$tid."'"));
mysql_query("INSERT INTO ibwf_mlog SET action='posts', details='<b>".getnick_uid(getuid_sid($sid))."</b> Deleted Post Number $pid Of the thread ".mysql_escape_string($tname[0])." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Post Message Deleted";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/><a href=\"index.php?action=viewtpc&sid=$sid&tid=$tid&page=1000\">";
echo "View Topic</a><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
////////////////////////////////////////////Edit Post
else if($action=="edtpst")
{
$pid = $_GET["pid"];
$ptext = $_POST["ptext"];
$tid = gettid_pid($pid);
$fid = getfid_tid($tid);
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$res = mysql_query("UPDATE ibwf_posts SET text='"
.$ptext."' WHERE id='".$pid."'");
if($res)
{
$tname = mysql_fetch_array(mysql_query("SELECT name FROM ibwf_topics WHERE id='".$tid."'"));
mysql_query("INSERT INTO ibwf_mlog SET action='posts', details='<b>".getnick_uid(getuid_sid($sid))."</b> Edited Post Number $pid Of the thread ".mysql_escape_string($tname[0])." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Post Message Edited";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewtpc&sid=$sid&tid=$tid\">";
echo "View Topic</a><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
///////////////////////////////// validate a user
else if($action=="validate")
{
$uid = getuid_sid($sid);
$who = $_GET["who"];
$user = getnick_uid($who);
echo "<card id=\"main\" title=\"modTools\">";
echo "<p align=\"center\">";
$res = mysql_query("Update ibwf_users SET validated='1' WHERE id='".$who."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='validation', details='<b>".getnick_uid(getuid_sid($sid))."</b> validated $user', actdt='".time()."'");
$ug = mysql_fetch_array(mysql_query("SELECT battlep FROM ibwf_users WHERE id='".$uid."'"));
$ugp = $ug[0] + 2;
mysql_query("UPDATE ibwf_users SET battlep='".$ugp."' WHERE id='".$uid."'");
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>$user validated successfully";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Error validating $user";
}
echo "<br/>Plz Now Send a Pm to $user asking if $user needs any help from u..";
echo "<br/><br/><a href=\"inbox.php?action=sendpm&who=$who&sid=$sid\">Send a Pm to $user</a><br/>";
echo "<br/><br/><a href=\"index.php?action=viewuser&who=$who&sid=$sid\">$user's Profile</a><br/>";
//echo "<a href=\"admincp.php?action=admincp&sid=$sid\"><img src=\"../images/admn.gif\" alt=\"\"/>admin Tools</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p>";
echo "</card>";
}
////////////////////////////////////////////// Invalidate a user
else if($action=="invalidate")
{
$uid = getuid_sid($sid);
$who = $_GET["who"];
$user = getnick_uid($who);
echo "<card id=\"main\" title=\"modTools\">";
echo "<p align=\"center\">";
$res = mysql_query("Update ibwf_users SET validated='0' WHERE id='".$who."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='invalidation', details='<b>".getnick_uid(getuid_sid($sid))."</b> Invalidated $user', actdt='".time()."'");
$ug = mysql_fetch_array(mysql_query("SELECT battlep FROM ibwf_users WHERE id='".$uid."'"));
$ugp = $ug[0] + 2;
mysql_query("UPDATE ibwf_users SET battlep='".$ugp."' WHERE id='".$uid."'");
echo "<img src=\"../images/ok.gif\" alt=\"O\"/>$user invalidated successfully<br/>";
}else{
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>Error invalidating $user";
}
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p>";
echo "</card>";
}
////////////////////////////////////////////Edit Post
else if($action=="edttpc")
{
$tid = $_GET["tid"];
$ttext = $_POST["ttext"];
$fid = getfid_tid($tid);
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$res = mysql_query("UPDATE ibwf_topics SET text='"
.$ttext."' WHERE id='".$tid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Edited the text Of the thread ".mysql_escape_string(gettname($tid))." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Topic Message Edited";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewtpc&sid=$sid&tid=$tid\">";
echo "View Topic</a><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
if($action=="mbrl")
{
addonline(getuid_sid($sid),"Members search by IP","");
echo "<card id=\"main\" title=\"Search\">";
echo "<p>";
echo "Some ppl change their browser and do naughty things in Agni. but their IP is same. just pick up their Ips n paste here n get the result<br/>";
echo "Suspectors IP: <input name=\"stext\" maxlength=\"15\"/><br/>";
echo "Order: <select name=\"sor\">";
echo "<option value=\"1\">name(A-Z)</option>";
echo "<option value=\"2\">Last Active</option>";
echo "<option value=\"3\">Join Date</option>";
echo "</select><br/>";
echo "<anchor>Find It";
echo "<go href=\"mprocpl.php?action=smbr&sid=$sid\" method=\"post\">";
echo "<postfield name=\"stext\" value=\"$(stext)\"/>";
echo "<postfield name=\"sin\" value=\"2\"/>";
echo "<postfield name=\"sor\" value=\"$(sor)\"/>";
echo "</go></anchor>";
echo "</p>";
echo "<p align=\"center\">";
//echo "<a href=\"index.php?action=search&sid=$sid\"><img src=\"images/search.gif\" alt=\"*\"/>";
//echo "Search Menu</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
else if($action=="smbr")
{
$stext = $_POST["stext"];
$sin = $_POST["sin"];
$sor = $_POST["sor"];
addonline(getuid_sid($sid),"Member search","");
echo "<card id=\"main\" title=\"Search\">";
echo "<p>";
if(trim($stext)=="")
{
echo "<br/>Failed to search for Members";
}else{
//begin search
if($page=="" || $page<1)$page=1;
$where_table = "ibwf_users";
if($sin=="1")
$cond = "name";
else if($sin=="2")
$cond = "ipadd";
$select_fields = "id, name";
if($sor=="1")
{
if($sin=="1")
$ord_fields = "name";
else if($sin=="2")
$ord_fields = "ipadd";
}else if($sor=="2"){
$ord_fields = "lastact DESC";
}else if($sor=="3"){
$ord_fields = "regdate";
}
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ".$where_table." WHERE ".$cond." LIKE '%".$stext."%'"));
$num_items = $noi[0];
$items_per_page = 10;
$num_pages = ceil($num_items/$items_per_page);
if(($page>$num_pages)&&$page!=1)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
$sql = "SELECT ".$select_fields." FROM ".$where_table." WHERE ".$cond." LIKE '%".$stext."%' ORDER BY ".$ord_fields." LIMIT $limit_start, $items_per_page";
$items = mysql_query($sql);
while($item=mysql_fetch_array($items))
{
$tlink = "<a href=\"index.php?action=viewuser&sid=$sid&who=$item[0]\">".htmlspecialchars($item[1])."</a><br/>";
echo $tlink;
}
echo "<p align=\"center\">";
if($page>1)
{
$ppage = $page-1;
$rets = "<anchor>«PREV";
$rets .= "<go href=\"mprocpl.php?action=$action&sid=$sid&page=$ppage\" method=\"post\">";
$rets .= "<postfield name=\"stext\" value=\"$stext\"/>";
$rets .= "<postfield name=\"sin\" value=\"$sin\"/>";
$rets .= "<postfield name=\"sor\" value=\"$sor\"/>";
$rets .= "</go></anchor> ";
echo $rets;
}
if($page<$num_pages)
{
$npage = $page+1;
$rets = "<anchor>Next»";
$rets .= "<go href=\"mprocpl.php?action=$action&sid=$sid&page=$npage\" method=\"post\">";
$rets .= "<postfield name=\"stext\" value=\"$stext\"/>";
$rets .= "<postfield name=\"sin\" value=\"$sin\"/>";
$rets .= "<postfield name=\"sor\" value=\"$sor\"/>";
$rets .= "</go></anchor> ";
echo $rets;
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
$rets = "Jump to page: <input name=\"pg\" format=\"*N\" size=\"3\"/>";
$rets .= "<anchor>[GO]";
$rets .= "<go href=\"mprocpl.php?action=$action&sid=$sid&page=$(pg)\" method=\"post\">";
$rets .= "<postfield name=\"stext\" value=\"$stext\"/>";
$rets .= "<postfield name=\"sin\" value=\"$sin\"/>";
$rets .= "<postfield name=\"sor\" value=\"$sor\"/>";
$rets .= "</go></anchor>";
echo $rets;
}
echo "</p>";
}
echo "</p>";
echo "<p align=\"center\">";
echo "<a href=\"index.php?action=search&sid=$sid\"><img src=\"images/search.gif\" alt=\"*\"/>";
echo "Search Menu</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
if($action=="4n")
{
addonline(getuid_sid($sid),"Members search by 4n model","");
echo "<card id=\"main\" title=\"Search\">";
echo "<p>";
echo "Some ppl change their browser and do naughty things in Agni. but u can type the browser name and get all the users who in u typed browser name<br/>";
echo "Suspectors browser: <input name=\"stext\" maxlength=\"15\"/><br/>";
echo "Select Order: <select name=\"sor\">";
echo "<option value=\"1\">name(A-Z)</option>";
echo "<option value=\"2\">Last Active</option>";
echo "<option value=\"3\">Join Date</option>";
echo "</select><br/>";
echo "<anchor>Find It";
echo "<go href=\"mprocpl.php?action=4n2&sid=$sid\" method=\"post\">";
echo "<postfield name=\"stext\" value=\"$(stext)\"/>";
echo "<postfield name=\"sin\" value=\"2\"/>";
echo "<postfield name=\"sor\" value=\"$(sor)\"/>";
echo "</go></anchor>";
echo "</p>";
echo "<p align=\"center\">";
//echo "<a href=\"index.php?action=search&sid=$sid\"><img src=\"images/search.gif\" alt=\"*\"/>";
//echo "Search Menu</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
else if($action=="4n2")
{
$stext = $_POST["stext"];
$sin = $_POST["sin"];
$sor = $_POST["sor"];
addonline(getuid_sid($sid),"Member search by 4n model","");
echo "<card id=\"main\" title=\"Search\">";
echo "<p>";
if(trim($stext)=="")
{
echo "<br/>Failed to search for Members";
}else{
//begin search
if($page=="" || $page<1)$page=1;
$where_table = "ibwf_users";
if($sin=="1")
$cond = "name";
else if($sin=="2")
$cond = "browserm";
$select_fields = "id, name";
if($sor=="1")
{
if($sin=="1")
$ord_fields = "name";
else if($sin=="2")
$ord_fields = "browserm";
}else if($sor=="2"){
$ord_fields = "lastact DESC";
}else if($sor=="3"){
$ord_fields = "regdate";
}
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ".$where_table." WHERE ".$cond." LIKE '%".$stext."%'"));
$num_items = $noi[0];
$items_per_page = 10;
$num_pages = ceil($num_items/$items_per_page);
if(($page>$num_pages)&&$page!=1)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
$sql = "SELECT ".$select_fields." FROM ".$where_table." WHERE ".$cond." LIKE '%".$stext."%' ORDER BY ".$ord_fields." LIMIT $limit_start, $items_per_page";
$items = mysql_query($sql);
while($item=mysql_fetch_array($items))
{
$tlink = "<a href=\"index.php?action=viewuser&sid=$sid&who=$item[0]\">".htmlspecialchars($item[1])."</a><br/>";
echo $tlink;
}
echo "<p align=\"center\">";
if($page>1)
{
$ppage = $page-1;
$rets = "<anchor>«PREV";
$rets .= "<go href=\"mprocpl.php?action=$action&sid=$sid&page=$ppage\" method=\"post\">";
$rets .= "<postfield name=\"stext\" value=\"$stext\"/>";
$rets .= "<postfield name=\"sin\" value=\"$sin\"/>";
$rets .= "<postfield name=\"sor\" value=\"$sor\"/>";
$rets .= "</go></anchor> ";
echo $rets;
}
if($page<$num_pages)
{
$npage = $page+1;
$rets = "<anchor>Next»";
$rets .= "<go href=\"mprocpl.php?action=$action&sid=$sid&page=$npage\" method=\"post\">";
$rets .= "<postfield name=\"stext\" value=\"$stext\"/>";
$rets .= "<postfield name=\"sin\" value=\"$sin\"/>";
$rets .= "<postfield name=\"sor\" value=\"$sor\"/>";
$rets .= "</go></anchor> ";
echo $rets;
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
$rets = "Jump to page: <input name=\"pg\" format=\"*N\" size=\"3\"/>";
$rets .= "<anchor>[GO]";
$rets .= "<go href=\"mprocpl.php?action=$action&sid=$sid&page=$(pg)\" method=\"post\">";
$rets .= "<postfield name=\"stext\" value=\"$stext\"/>";
$rets .= "<postfield name=\"sin\" value=\"$sin\"/>";
$rets .= "<postfield name=\"sor\" value=\"$sor\"/>";
$rets .= "</go></anchor>";
echo $rets;
}
echo "</p>";
}
echo "</p>";
echo "<p align=\"center\">";
echo "<a href=\"index.php?action=search&sid=$sid\"><img src=\"images/search.gif\" alt=\"*\"/>";
echo "Search Menu</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
///////////////////////////////////////Close/ Open Topic
else if($action=="clot")
{
$tid = $_GET["tid"];
$tdo = $_GET["tdo"];
$fid = getfid_tid($tid);
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$res = mysql_query("UPDATE ibwf_topics SET closed='"
.$tdo."' WHERE id='".$tid."'");
if($res)
{
if($tdo==1)
{
$msg = "Closed";
}else{
$msg = "Opened";
}
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Closed The thread ".mysql_escape_string(gettname($tid))." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Topic $msg";
$tpci = mysql_fetch_array(mysql_query("SELECT name, authorid FROM ibwf_topics WHERE id='".$tid."'"));
$tname = htmlspecialchars($tpci[0]);
$msg = "your thread [topic=$tid]$tname"."[/topic] is $msg"."[br/][small][i]p.s: this is an automatic pm[/i][/small]";
autopm($msg, $tpci[1]);
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
///////////////////////////////////////Untrash user
else if($action=="untr")
{
$who = $_GET["who"];
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$res = mysql_query("DELETE FROM ibwf_metpenaltiespl WHERE penalty='0' AND uid='".$who."'");
if($res)
{
$unick = getnick_uid($who);
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Untrashed The user <b>".$unick."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>$unick Untrashed";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
///////////////////////////////////////Unban user
else if($action=="unbanag")
{
$who = $_GET["who"];
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$res = mysql_query("DELETE FROM ibwf_metpenaltiespl WHERE (penalty='1' OR penalty='2') AND uid='".$who."'");
if($res)
{
$unick = getnick_uid($who);
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Unbanned The user <b>".$unick."</b>', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>$unick Unbanned";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
///////////////////////////////////////Delete shout
else if($action=="delsh")
{
$shid = $_GET["shid"];
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$sht = mysql_fetch_array(mysql_query("SELECT shouter, shout FROM ibwf_shouts WHERE id='".$shid."'"));
$msg = getnick_uid($sht[0]);
$msg .= ": ".htmlspecialchars((strlen($sht[1])<20?$sht[1]:substr($sht[1], 0, 20)));
$res = mysql_query("DELETE FROM ibwf_shouts WHERE id ='".$shid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='shouts', details='<b>".getnick_uid(getuid_sid($sid))."</b> Deleted the shout <b>".$shid."</b> - $msg', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Shout deleted";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
///////////////////////////////////////Unban user
else if($action=="shld")
{
$who = $_GET["who"];
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$res = mysql_query("Update ibwf_users SET shield='1' WHERE id='".$who."'");
if($res)
{
$unick = getnick_uid($who);
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Shielded The user <b>".$unick."</b>', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>$unick is Shielded";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
///////////////////////////////////////Unban user
else if($action=="ushld")
{
$who = $_GET["who"];
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$res = mysql_query("Update ibwf_users SET shield='0' WHERE id='".$who."'");
if($res)
{
$unick = getnick_uid($who);
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Unshielded The user <b>".$unick."</b>', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>$unick is Unshielded";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
///////////////////////////////////////Pin/ Unpin Topic
else if($action=="pint")
{
$tid = $_GET["tid"];
$tdo = $_GET["tdo"];
$fid = getfid_tid($tid);
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$pnd = getpinned($fid);
if($pnd<=5)
{
$res = mysql_query("UPDATE ibwf_topics SET pinned='"
.$tdo."' WHERE id='".$tid."'");
if($res)
{
if($tdo==1)
{
$msg = "Pinned";
}else{
$msg = "Unpinned";
}
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> $msg The thread ".mysql_escape_string(gettname($tid))." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Topic $msg";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>You can only pin 5 topics in every forum";
}
echo "<br/><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
///////////////////////////////////Delete the damn thing
else if($action=="delt")
{
$tid = $_GET["tid"];
$fid = getfid_tid($tid);
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$tname=gettname($tid);
$res = mysql_query("DELETE FROM ibwf_topics WHERE id='".$tid."'");
if($res)
{
mysql_query("DELETE FROM ibwf_posts WHERE tid='".$tid."'");
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Deleted The thread ".mysql_escape_string($tname)." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Topic Deleted";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
////////////////////////////////////////////Edit Post
else if($action=="rentpc")
{
$tid = $_GET["tid"];
$tname = $_POST["tname"];
$fid = getfid_tid($tid);
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$otname = gettname($tid);
if(trim($tname!=""))
{
$not = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_topics WHERE name LIKE '".$tname."' AND fid='".$fid."'"));
if($not[0]==0)
{
$res = mysql_query("UPDATE ibwf_topics SET name='"
.$tname."' WHERE id='".$tid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Renamed The thread ".mysql_escape_string($otname)." to ".mysql_escape_string($tname)." at the forum ".getfname($fid)."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Topic Renamed";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Topic Name already exist";
}
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>You must specify a name for the topic";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewtpc&sid=$sid&tid=$tid\">";
echo "View Topic</a><br/>";
$fname = getfname($fid);
echo "<a href=\"index.php?action=viewfrm&sid=$sid&fid=$fid\">";
echo "$fname</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
///////////////////////////////////////////////////Move topic
else if($action=="mvt")
{
$tid = $_GET["tid"];
$mtf = $_POST["mtf"];
$fname = htmlspecialchars(getfname($mtf));
//$fid = getfid_tid($tid);
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$not = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_topics WHERE name LIKE '".$tname."' AND fid='".$mtf."'"));
if($not[0]==0)
{
$res = mysql_query("UPDATE ibwf_topics SET fid='"
.$mtf."', moved='1' WHERE id='".$tid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='topics', details='<b>".getnick_uid(getuid_sid($sid))."</b> Moved The thread ".mysql_escape_string($tname)." to forum ".getfname($fid)."', actdt='".time()."'");
$tpci = mysql_fetch_array(mysql_query("SELECT name, authorid FROM ibwf_topics WHERE id='".$tid."'"));
$tname = htmlspecialchars($tpci[0]);
$msg = "your thread [topic=$tid]$tname"."[/topic] Was moved to $fname forum[br/][small][i]p.s: this is an automatic pm[/i][/small]";
autopm($msg, $tpci[1]);
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Topic Moved";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Topic Name already exist";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewfrm&sid=$sid&fid=$mtf\">";
echo "$fname</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
//////////////////////////////////////////Handle PM
else if($action=="hpm")
{
$pid = $_GET["pid"];
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$info = mysql_fetch_array(mysql_query("SELECT byuid, touid FROM ibwf_private WHERE id='".$pid."'"));
$res = mysql_query("UPDATE ibwf_private SET reported='2' WHERE id='".$pid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='handling', details='<b>".getnick_uid(getuid_sid($sid))."</b> handled The PM ".$pid."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>PM Handled";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
echo "<a href=\"index.php?action=viewuser&sid=$sid&who=$info[0]\">PM Sender's Profile</a><br/>";
echo "<a href=\"index.php?action=viewuser&sid=$sid&who=$info[1]\">PM Reporter's Profile</a><br/><br/>";
echo "<a href=\"modcp.php?action=main&sid=$sid\">";
echo "Mod R/L</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
//////////////////////////////////////////Handle Post
else if($action=="hps")
{
$pid = $_GET["pid"];
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$info = mysql_fetch_array(mysql_query("SELECT uid, tid FROM ibwf_posts WHERE id='".$pid."'"));
$res = mysql_query("UPDATE ibwf_posts SET reported='2' WHERE id='".$pid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='handling', details='<b>".getnick_uid(getuid_sid($sid))."</b> handled The Post ".$pid."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Post Handled";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
$poster = getnick_uid($info[0]);
echo "<a href=\"index.php?action=viewuser&sid=$sid&who=$info[0]\">$poster's Profile</a><br/>";
echo "<a href=\"index.php?action=viewtpc&sid=$sid&tid=$info[1]\">View Topic</a><br/><br/>";
echo "<a href=\"modcp.php?action=main&sid=$sid\">";
echo "Mod R/L</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
//////////////////////////////////////////Handle Topic
else if($action=="htp")
{
$pid = $_GET["tid"];
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$info = mysql_fetch_array(mysql_query("SELECT authorid FROM ibwf_topics WHERE id='".$pid."'"));
$res = mysql_query("UPDATE ibwf_topics SET reported='2' WHERE id='".$pid."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='handling', details='<b>".getnick_uid(getuid_sid($sid))."</b> handled The topic ".mysql_escape_string(gettname($pid))."', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>Topic Handled";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
echo "<br/><br/>";
$poster = getnick_uid($info[0]);
echo "<a href=\"index.php?action=viewuser&sid=$sid&who=$info[0]\">$poster's Profile</a><br/>";
echo "<a href=\"index.php?action=viewtpc&sid=$sid&tid=$pid\">View Topic</a><br/><br/>";
echo "<a href=\"modcp.php?action=main&sid=$sid\">";
echo "Mod R/L</a><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
////////////////////////////////////////Punish
else if($action=="punag")
{
$pid = $_POST["pid"];
$who = $_POST["who"];
$pres = $_POST["pres"];
$pds = $_POST["pds"];
$phr = $_POST["phr"];
$pmn = $_POST["pmn"];
$psc = $_POST["psc"];
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$uip = "";
$ubr = "";
$pmsg[0]="Trashed";
$pmsg[1]="Banned";
$pmsg[2]="IP-Banned";
if($pid=='2')
{
//ip ban
$uip = getip_uid($who);
$ubr = getbr_uid($who);
}
if(trim($pres)=="")
{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>You must Specify a reson for punishing the user";
}else{
$timeto = $pds*24*60*60;
$timeto += $phr*60*60;
$timeto += $pmn*60;
$timeto += $psc;
$ptime = $timeto + time();
$unick = getnick_uid($who);
$res = mysql_query("INSERT INTO ibwf_metpenaltiespl SET uid='".$who."', penalty='".$pid."', exid='".getuid_sid($sid)."', timeto='".$ptime."', pnreas='".mysql_escape_string($pres)."', ipadd='".$uip."', browserm='".$ubr."'");
if($res)
{
mysql_query("UPDATE ibwf_users SET lastpnreas='".$pmsg[$pid].": ".mysql_escape_string($pres)."' WHERE id='".$who."'");
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> $pmsg[$pid] The user <b>".$unick."</b> For ".$timeto." Seconds', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>$unick is $pmsg[$pid] for $timeto Seconds";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
}
echo "<br/><br/><a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
////////////////////////////////////////Punish
else if($action=="pls")
{
$pid = $_POST["pid"];
$who = $_POST["who"];
$pres = $_POST["pres"];
$pval = $_POST["pval"];
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$unick = getnick_uid($who);
$opl = mysql_fetch_array(mysql_query("SELECT plusses FROM ibwf_users WHERE id='".$who."'"));
if($pid=='0')
{
$npl = $opl[0] - $pval;
}else{
$npl = $opl[0] + $pval;
}
if($npl<0)
{
$npl=0;
}
if(trim($pres)=="")
{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>You must Specify a reson for updating $unick's Plusses";
}else{
$res = mysql_query("UPDATE ibwf_users SET lastplreas='".mysql_escape_string($pres)."', plusses='".$npl."' WHERE id='".$who."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Updated <b>".$unick."</b> plusses from ".$opl[0]." to $npl', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>$unick's Plusses Updated From $opl[0] to $npl";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
}
echo "<br/><br/><a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
////////////////////////////////////////Punish
else if($action=="bnk")
{
$pid = $_POST["pid"];
$who = $_POST["who"];
$pres = $_POST["pres"];
$pval = $_POST["pval"];
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
$unick = getnick_uid($who);
$opl = mysql_fetch_array(mysql_query("SELECT arabank FROM ibwf_users WHERE id='".$who."'"));
if($pid=='0')
{
$npl = $opl[0] - $pval;
}else{
$npl = $opl[0] + $pval;
}
if($npl<0)
{
$npl=0;
}
if(trim($pres)=="")
{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>You must Specify a reson for updating $unick's Bank credits";
}else{
$res = mysql_query("UPDATE ibwf_users SET lastplreas='".mysql_escape_string($pres)."', arabank='".$npl."' WHERE id='".$who."'");
if($res)
{
mysql_query("INSERT INTO ibwf_mlog SET action='penalties', details='<b>".getnick_uid(getuid_sid($sid))."</b> Updated <b>".$unick."</b> bank credits from ".$opl[0]." to $npl', actdt='".time()."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/>$unick's bank credits Updated From $opl[0] to $npl";
}else{
echo "<img src=\"images/notok.gif\" alt=\"X\"/>Database Error";
}
}
echo "<br/><br/><a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
else{
echo "<card id=\"main\" title=\"Mod CP\">";
echo "<p align=\"center\">";
echo "I don't know how did you get into here, but there's nothing to show<br/><br/>";
echo "<a href=\"index.php?action=main&sid=$sid\"><img src=\"images/home.gif\" alt=\"*\"/>";
echo "Home</a>";
echo "</p></card>";
}
?></wml>
the browser says
1: <?xml version="1.0"?><!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml"><wml>
2: <card id="main" title="Agni"><p align="center">You are not a mod<br/><br/><a href="index.php">Home</a></p></card>
can any one help me with this i tried replacing several modcp and also mprocpl.php still couldnt find whats the problem almost confused and about to jump to the well
Comment