i have found another bug on lava/wapdesire..
if you create a private room when you try to see
profile of a user inside it ,clicking on the link for goin'back in private room
you are kicked out the room..
if a mod or owner,etc. try to wipe out messages inside a private room
function don't works and you're also kicked out..
this is the classic chat.php page of most lava/wapdesire:
somebody has fixed this problem?
if you create a private room when you try to see
profile of a user inside it ,clicking on the link for goin'back in private room
you are kicked out the room..
if a mod or owner,etc. try to wipe out messages inside a private room
function don't works and you're also kicked out..
this is the classic chat.php page of most lava/wapdesire:
Code:
<?php
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
//header('Content-type: application/vnd.wap.xhtml+xml');
echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>";
echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\" \"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">";
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta forua="true" http-equiv="Cache-Control" content="max-age=0"/>
<meta forua="true" http-equiv="Cache-Control" content="must-revalidate"/>
</head>
<?php
include("config.php");
include("core.php");
connectdb();
$action=$_GET["action"];
$id=$_GET["id"];
$sid = $_GET["sid"];
$rid=$_GET["rid"];
$rpw=$_GET["rpw"];
$uid = getuid_sid($sid);
$uexist = isuser($uid);
$theme = mysql_fetch_array(mysql_query("SELECT theme FROM ibwf_users WHERE id='".$uid."'"));
if((islogged($sid)==false)||!$uexist)
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/white_medium.css\">";
echo "</head>";
echo "<body>";
echo "<center>";
echo "You are not logged in<br/>";
echo "Or Your session has been expired<br/><br/>";
echo "<a href=\"index.php\">Login</a>";
echo "</center>";
echo "</html>";
echo "</body>";
exit();
}
if(isbanned($uid))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
echo "<img src=\"../images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>You are Banned</b><br/><br/>";
$banto = mysql_fetch_array(mysql_query("SELECT timeto, pnreas, exid FROM ibwf_penalties WHERE uid='".$uid."' AND penalty='1' OR uid='".$uid."' AND penalty='2'"));
$banres = mysql_fetch_array(mysql_query("SELECT lastpnreas FROM ibwf_users WHERE id='".$uid."'"));
$remain = $banto[0]- time();
$rmsg = gettimemsg($remain);
echo "<b>Time Left: </b>$rmsg<br/>";
$nick = getnick_uid($banto[2]);
echo "<b>By: </b>$nick<br/>";
echo "<b>Reason: </b>$banto[1]";
//echo "<a href=\"index.php\">Login</a>";
echo "</p>";
echo "</body>";
echo "</html>";
exit();
}
$isroom = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_rooms WHERE id='".$rid."'"));
if($isroom[0]==0)
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<center>";
echo "<b>Room Doesn't Exist</b><br/><br/>";
echo "<a href=\"index.php?action=chat&sid=$sid\">Chatrooms</a>";
echo "</center>";
echo "</body>";
echo "</html>";
exit();
}
$passworded = mysql_fetch_array(mysql_query("SELECT pass FROM ibwf_rooms WHERE id='".$rid."'"));
if($passworded[0]!="")
{
if($rpw!=$passworded[0])
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<center>";
echo "<b>Wrong Password!</b><br/>";
echo "You can't enter this room<br/><br/>";
echo "<a href=\"index.php?action=chat&sid=$sid\">Chatrooms</a>";
echo "</center>";
echo "</body>";
echo "</html>";
exit();
}
}
if(!canenter($rid,$sid))
{
echo "<head>";
echo "<title>Error!!!</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<center>";
echo "<b>Permission denied!</b><br/><br/>";
echo "<a href=\"index.php?action=chat&sid=$sid\">Chatrooms</a>";
echo "</center>";
echo "</body>";
echo "</html>";
exit();
}
addtochat($uid, $rid);
$timeto = 300;
$timenw = time();
$timeout = $timenw-$timeto;
$deleted = mysql_query("DELETE FROM ibwf_chat WHERE timesent<".$timeout."");
$rooms = mysql_fetch_array(mysql_query("SELECT id, name FROM ibwf_rooms WHERE id='".$rid."'"));
$rname = $rooms[1];
$nick = getnick_sid($sid);
if ($action=="")
{
echo "<head>";
echo "<title>$nick@$rname</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
$unreadpopup=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_popups WHERE unread='1' AND touid='".$uid."'"));
if ($unreadpopup[0]<1)
{
echo "<meta http-equiv=\"refresh\" content=\"20; url=chat.php?time=";
echo "".date("dmHis")."";
echo "&sid=$sid&rid=$rid&rpw=$rpw\">";
}
echo "</head>";
echo "<body>";
addonline($uid,"Chating in $rname","chat.php?rid=$rid&rpw=$rpw");
//echo "<p>";
echo popup($sid);
echo "<b>1 </b><a name=\"top\" id=\"top\" accesskey=\"1\" href=\"chat.php?action=say&sid=$sid&rid=$rid&rpw=$rpw\">Write</a><br/>";
echo "<b>2 </b><a accesskey=\"2\" href=\"#opt\">options</a><br/>";
echo "<b>* </b><a accesskey=\"*\" href=\"chat.php?time=";
echo "".date("dmHis")."";
echo "&sid=$sid&rid=$rid&rpw=$rpw\">Refresh</a><br/>";
$unreadinbox=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_private WHERE unread='1' AND touid='".$uid."'"));
$unrd="".$unreadinbox[0]."";
if ($unreadinbox[0]>0)
{
echo "<b>5 </b><a href=\"inbox.php?action=main&sid=$sid&lstloc=cht&rid=$rid\">$unrd New Inbox!</a><br/>";
}
//echo "</p>";
//echo "<br/><br/>";
$message=$_POST["message"];
$who = $_POST["who"];
$rinfo = mysql_fetch_array(mysql_query("SELECT censord, freaky FROM ibwf_rooms WHERE id='".$rid."'"));
if (trim($message) != "")
{
if(!isblocked($message,$uid))
{
$chatok = mysql_query("INSERT INTO ibwf_chat SET chatter='".$uid."', who='".$who."', timesent='".time()."', msgtext='".$message."', rid='".$rid."';");
$lstmsg = mysql_query("UPDATE ibwf_rooms SET lastmsg='".time()."' WHERE id='".$rid."'");
$hehe=mysql_fetch_array(mysql_query("SELECT chmsgs FROM ibwf_users WHERE id='".$uid."'"));
$totl = $hehe[0]+1;
$msgst= mysql_query("UPDATE ibwf_users SET chmsgs='".$totl."' WHERE id='".$uid."'");
}else{
$bantime = time() + (30*24*60*60);
echo "<img src=\"../images/notok.gif\" alt=\"X\"/>";
echo "Can't Post Msg<br/><br/>";
echo "You just tried sending a msg with a link to one of the crapiest sites on earth<br/> The members of these sites spam here a lot, so go to that site and stay there if you don't like it here<br/> as a result of your stupid action:<br/>1. you have lost your sheild<br/>2. you have lost all your plusses<br/>3. You are BANNED!";
$user = getnick_sid($sid);
mysql_query("INSERT INTO ibwf_mlog SET action='autoban', details='<b>".getnick_uid(1)."</b> auto banned $user for spamming chat', actdt='".time()."'");
mysql_query("INSERT INTO ibwf_penalties SET uid='".$uid."', penalty='1', exid='1', timeto='".$bantime."', pnreas='Banned: Automatic Ban for spamming for a crap site'");
mysql_query("UPDATE ibwf_users SET plusses='0', shield='0' WHERE id='".$uid."'");
echo "</body>";
echo "</html>";
exit();
}
if($rinfo[1]==2)
{
//oh damn i gotta post this message to ravebabe :(
//will it succeed?
$botid = "eeb070e74e366473";
$hostname = "www.pandorabots.com";
$hostpath = "/pandora/talk-xml";
$sendData = "botid=".$botid."&input=".urlencode($message)."&custid=".$custid;
$result = PostToHost($hostname, $hostpath, $sendData);
$pos = strpos($result, "custid=\"");
$pos = strpos($result, "<that>");
if ($pos === false) {
$reply = "";
} else {
$pos += 6;
$endpos = strpos($result, "</that>", $pos);
$reply = unhtmlspecialchars2(substr($result, $pos, $endpos - $pos));
$reply = mysql_escape_string($reply);
}
$chatok = mysql_query("INSERT INTO ibwf_chat SET chatter='1', who='', timesent='".time()."', msgtext='".$reply." @".getnick_uid($uid)."', rid='".$rid."';");
}
$message = "";
}
echo "<br/>";
$chats = mysql_query("SELECT chatter, who, timesent, msgtext, exposed FROM ibwf_chat WHERE rid='".$rid."' ORDER BY timesent DESC, id DESC");
$counter=0;
while($chat = mysql_fetch_array($chats))
{
$canc = true;
if($counter<40)
{
if(istrashed($chat[0])){
if($uid!=$chat[0])
{
$canc = false;
}
}
//////good
/*if(isignored($chat[0],$uid)){
$canc = false;
}*/
//////////good
if($chat[0]!=$uid)
{
if($chat[1]!=0)
{
if($chat[1]!=$uid)
{
$canc = false;
}
}
}
if($chat[4]=='1' && ismod($uid))
{
$canc = true;
}
if($canc)
{
$cmid = mysql_fetch_array(mysql_query("SELECT chmood FROM ibwf_users WHERE id='".$chat[0]."'"));
$iml = "";
if(($cmid[0]!=0))
{
$mlnk = mysql_fetch_array(mysql_query("SELECT img, text FROM ibwf_moods WHERE id='".$cmid[0]."'"));
$iml = "<img src=\"$mlnk[0]\" alt=\"$mlnk[1]\"/>";
}
$chnick = getnick_uid($chat[0]);
$optlink = $iml.$chnick;
if(($chat[1]!=0)&&($chat[0]==$uid))
{
///out
$iml = "<img src=\"../moods/out.gif\" alt=\"!\"/>";
$chnick = getnick_uid($chat[1]);
$optlink = $iml."Pm To ".$chnick;
}
if($chat[1]==$uid)
{
///out
$iml = "<img src=\"../moods/in.gif\" alt=\"!\"/>";
$chnick = getnick_uid($chat[0]);
$optlink = $iml."Pm By ".$chnick;
}
if($chat[4]=='1')
{
///out
$iml = "<img src=\"../moods/point.gif\" alt=\"!\"/>";
$chnick = getnick_uid($chat[0]);
$tonick = getnick_uid($chat[1]);
$optlink = "$iml By ".$chnick." To ".$tonick;
}
$ds= date("H.i.s", $chat[2]);
$text = parsepm($chat[3], $sid);
$nos = substr_count($text,"<img src=");
if(isspam($text))
{
$chnick = getnick_uid($chat[0]);
echo addchatmsg($chat[0],$text,1,"*Oi! $chnick, No Spamming!*");
}
else if($nos>2){
$chnick = getnick_uid($chat[0]);
echo addchatmsg($chat[0],$text,1,"*Hey! $chnick, U Can Only Use 2 Smilies Per Msg!*");
}else{
$sres = substr($chat[3],0,3);
if($sres == "/me")
{
$chco = strlen($chat[3]);
$goto = $chco - 3;
$rest = substr($chat[3],3,$goto);
$tosay = parsepm($rest, $sid);
echo addchatmsg($chat[0],$tosay,1,"");
}
else{
if($rinfo[0]==0){$tosay = getbbcode($chat[3], $sid, 0);}
else{$tosay = parsepm($chat[3], $sid, 1);}
if($rinfo[1]==1){$tosay = strrev($tosay);}
echo "<a href=\"chat.php?action=say2&sid=$sid&who=$chat[0]&rid=$rid&rpw=$rpw\">$optlink</a> - ";
echo $tosay."<br/>";
}
}
$counter++;
}
}
}
echo "<br/>";
echo "<a name=\"opt\" id=\"opt\"></a>";
echo "<b>* </b><a accesskey=\"*\" href=\"chat.php?time=";
echo "".date("dmHis")."";
echo "&sid=$sid&rid=$rid&rpw=$rpw\">Refresh</a><br/>";
echo "<b>1 </b><a href=\"chat.php?action=say&sid=$sid&rid=$rid&rpw=$rpw\">Write</a><br/>";
echo "<b>3 </b><a accesskey=\"3\" href=\"chat.php?action=options&sid=$sid&rid=$rid&rpw=$rpw\">Settings</a><br/>";
$chatters=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_chonline where rid='".$rid."'"));
echo "<b>4 </b><a accesskey=\"4\" href=\"chat.php?action=inside&sid=$sid&rid=$rid&rpw=$rpw\">Whos Inside $chatters[0]</a><br/>";
echo "<b>5 </b><a accesskey=\"5\" href=\"inbox.php?action=main&sid=$sid&lstloc=cht&rid=$rid\">Inbox</a><br/>";
echo "<b>6 </b><a accesskey=\"6\" href=\"lists.php?action=buds&sid=$sid\">BuddyList</a><br/>";
echo "<b>7 </b><a accesskey=\"7\" href=\"index.php?action=chat&sid=$sid\">Chat</a><br/>";
echo forumlink($sid,8);
echo "<b>9 </b><a accesskey=\"9\" href=\"#top\">top</a> ";
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\">Home</a>";
echo "</body>";
}
/////////////////////////////////////////////////////SAY
else if ($action=="say")
{
echo "<head>";
echo "<title>Write Msg</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
addonline($uid,"Writing Chat Msg","");
echo "<form action=\"chat.php?sid=$sid&rid=$rid&rpw=$rpw\" method=\"post\">";
echo "<p>Message:<input name=\"message\" type=\"text\" maxlength=\"255\"/><br/>";
echo "<input type=\"Submit\" Name=\"sy2\" value=\"Say\"></form><br/>";
$rooms = mysql_fetch_array(mysql_query("SELECT id, name FROM ibwf_rooms WHERE id='".$rid."'"));
$rname = $rooms[1];
echo "<b>4 </b><a accesskey=\"4\" href=\"chat.php?sid=$sid&rid=$rid&rpw=$rpw\">Back To $rname</a><br/>";
echo "<b>6 </b><a accesskey=\"6\" href=\"inbox.php?action=main&sid=$sid\">Inbox</a><br/>";
echo "<b>7 </b><a accesskey=\"7\" href=\"lists.php?action=buds&sid=$sid\">BuddyList</a><br/>";
echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=chat&sid=$sid\">Chat</a><br/>";
echo forumlink($sid,9);
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a></p>";
echo "</body>";
}
////////////////////////////////////////////
/////////////////////////////////////////////////////SAY2
else if ($action=="say2") {
echo "<head>";
echo "<title>Send Pm</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
$unick = getnick_uid($who);
echo "<b>Send Pm To $unick</b>";
echo "</p>";
addonline($uid,"Writing Chat Msg","");
echo "<form action=\"chat.php?sid=$sid&rid=$rid&rpw=$rpw\" method=\"post\">";
echo "<input type=\"Hidden\" name=\"who\" value=\"$who\">";
echo "<p>Message:<input name=\"message\" type=\"text\" maxlength=\"255\"/><br/>";
echo "<input type=\"Submit\" name=\"private\" Value=\"Private\"></form>";
echo "<br/>";
if(ismod($uid))
{
echo "<b>* </b><a accesskey=\"*\" href=\"chat.php?action=clear&sid=$sid&who=$who&lstloc=cht&rid=$rid\">Clear Msgs</a><br/>";
}
echo "<b>1 </b><a accesskey=\"1\" href=\"index.php?action=viewuser&sid=$sid&who=$who&lstloc=cht&rid=$rid\">View $unick's Profile</a><br/>";
echo "<b>2 </b><a accesskey=\"2\" href=\"chat.php?action=expose&sid=$sid&who=$who&rid=$rid&rpw=$rpw\">Expose $unick's Msgs</a><br/>";
$rooms = mysql_fetch_array(mysql_query("SELECT id, name FROM ibwf_rooms WHERE id='".$rid."'"));
$rname = $rooms[1];
echo "<b>4 </b><a accesskey=\"4\" href=\"chat.php?sid=$sid&rid=$rid&rpw=$rpw\">Back To $rname</a><br/>";
echo "<b>6 </b><a accesskey=\"6\" href=\"inbox.php?action=main&sid=$sid\">Inbox</a><br/>";
echo "<b>7 </b><a accesskey=\"7\" href=\"lists.php?action=buds&sid=$sid\">BuddyList</a><br/>";
echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=chat&sid=$sid\">Chat</a><br/>";
echo forumlink($sid,9);
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a></p>";
echo "</body>";
}
/////////////////////////////////////////////////////CHAT OPTIONS
else if ($action=="options")
{
echo "<head>";
echo "<title>Chat Options</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
addonline($uid,"Chat Options","");
echo "<b>1 </b><a accesskey=\"1\" href=\"lists.php?action=chmood&sid=$sid&page=1\">Chat Mood</a><br/>";
echo "<b>2 </b><a accesskey=\"2\" href=\"lists.php?action=smilies&sid=$sid\">Smilies List</a><br/>";
echo "<b>3 </b><a accesskey=\"3\" href=\"chat.php?action=inside&sid=$sid&rid=$rid&rpw=$rpw\">Who's Inside</a><br/>";
$rooms = mysql_fetch_array(mysql_query("SELECT id, name FROM ibwf_rooms WHERE id='".$rid."'"));
$rname = $rooms[1];
echo "<b>4 </b><a accesskey=\"4\" href=\"chat.php?sid=$sid&rid=$rid&rpw=$rpw\">Back To $rname</a><br/>";
echo "<b>6 </b><a accesskey=\"6\" href=\"inbox.php?action=main&sid=$sid\">Inbox</a><br/>";
echo "<b>7 </b><a accesskey=\"7\" href=\"lists.php?action=buds&sid=$sid\">BuddyList</a><br/>";
echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=chat&sid=$sid\">Chat</a><br/>";
echo forumlink($sid,9);
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a></p>";
echo "</body>";
}
////////////////////////////////////////////
//////////////////////////////inside//////////
else if ($action=="inside") {
addonline($uid,"Viewing Chat UserList","");
echo "<head>";
echo "<title>Chat UserList</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p><br/>";
$inside=mysql_query("SELECT DISTINCT * FROM ibwf_chonline WHERE rid='".$rid."' and uid IS NOT NULL");
while($ins=mysql_fetch_array($inside))
{
$unick = getnick_uid($ins[1]);
$userl = "<a href=\"chat.php?action=say2&sid=$sid&who=$ins[1]&rid=$rid&rpw=$rpw\">$unick</a><br/>";
echo "$userl";
}
echo "<br/>";
$rooms = mysql_fetch_array(mysql_query("SELECT id, name FROM ibwf_rooms WHERE id='".$rid."'"));
$rname = $rooms[1];
echo "<b>4 </b><a accesskey=\"4\" href=\"chat.php?sid=$sid&rid=$rid&rpw=$rpw\">Back To $rname</a><br/>";
echo "<b>6 </b><a accesskey=\"6\" href=\"inbox.php?action=main&sid=$sid\">Inbox</a><br/>";
echo "<b>7 </b><a accesskey=\"7\" href=\"lists.php?action=buds&sid=$sid\">BuddyList</a><br/>";
echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=chat&sid=$sid\">Chat</a><br/>";
echo forumlink($sid,9);
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a></p>";
echo "</body>";
}
else if ($action=="expose") {
addonline($uid,"Exposing ChatUser","");
echo "<head>";
echo "<title>Exposing ChatUser</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\"><br/>";
mysql_query("UPDATE ibwf_chat SET exposed='1' WHERE chatter='".$who."' AND who='".$uid."'");
$unick = getnick_uid($who);
echo "$unick messages to you have been exposed to staff";
echo "<br/><br/>";
$rooms = mysql_fetch_array(mysql_query("SELECT id, name FROM ibwf_rooms WHERE id='".$rid."'"));
$rname = $rooms[1];
echo "<b>4 </b><a accesskey=\"4\" href=\"chat.php?sid=$sid&rid=$rid&rpw=$rpw\">Back To $rname</a><br/>";
echo "<b>6 </b><a accesskey=\"6\" href=\"inbox.php?action=main&sid=$sid\">Inbox</a><br/>";
echo "<b>7 </b><a accesskey=\"7\" href=\"lists.php?action=buds&sid=$sid\">BuddyList</a><br/>";
echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=chat&sid=$sid\"><img src=\"../images/chat.gif\" alt=\"\"/>RoomList</a><br/>";
echo forumlink($sid,9);
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a></p>";
echo "</body>";
}
else if(($action=="clear")&&(ismod($uid)))
{
addonline($uid,"Chat Tools","");
echo "<head>";
echo "<title>Clearing Users Msgs</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
echo "<p align=\"center\"><br/>";
$trgtnick=getnick_uid($who);
$perm = mysql_fetch_array(mysql_query("SELECT perm FROM ibwf_users WHERE id='".$uid."'"));
$trgtperm = mysql_fetch_array(mysql_query("SELECT perm FROM ibwf_users WHERE id='".$who."'"));
if($trgtperm>$perm){
echo "<b><img src=\"../images/notok.gif\" alt=\"x\"/><br/>Error!!!<br/>Permission Denied...</b><br/>";
echo "<br/>U Cannot Clear $trgtnick's Msgs<br/>";
}else{
if(($who!="")||($who!=0))
{
$res = mysql_query("DELETE FROM ibwf_chat WHERE chatter='".$who."'");
if($res)
{
echo "$trgtnick msgs have been cleared<br/>";
}else{
echo "Failed clearing $trgtnick msgs<br/>";
}
}else{
echo "Username doesnot exist<br/>";
}
}
echo "<br/>";
$rooms = mysql_fetch_array(mysql_query("SELECT id, name FROM ibwf_rooms WHERE id='".$rid."'"));
$rname = $rooms[1];
echo "<b>4 </b><a accesskey=\"4\" href=\"chat.php?sid=$sid&rid=$rid&rpw=$rpw\">Back To $rname</a><br/>";
echo "<b>6 </b><a accesskey=\"6\" href=\"inbox.php?action=main&sid=$sid\">Inbox</a><br/>";
echo "<b>7 </b><a accesskey=\"7\" href=\"lists.php?action=buds&sid=$sid\">BuddyList</a><br/>";
echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=chat&sid=$sid\"><img src=\"../images/chat.gif\" alt=\"\"/>RoomList</a><br/>";
echo forumlink($sid,9);
echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a></p>";
echo "</body>";
}
?>
</html>
Comment