chat error for private room

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    chat error for private room

    i have found another bug on lava/wapdesire..
    if you create a private room when you try to see
    profile of a user inside it ,clicking on the link for goin'back in private room
    you are kicked out the room..
    if a mod or owner,etc. try to wipe out messages inside a private room
    function don't works and you're also kicked out..
    this is the classic chat.php page of most lava/wapdesire:
    Code:
    <?php
    header("Cache-Control: no-cache, must-revalidate");
    header("Pragma: no-cache");
    //header('Content-type: application/vnd.wap.xhtml+xml'); 
    echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>";
    echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\" \"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">";
    ?>
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta forua="true" http-equiv="Cache-Control" content="max-age=0"/>
    <meta forua="true" http-equiv="Cache-Control" content="must-revalidate"/>
    </head>
    <?php
    
    include("config.php"); 
    include("core.php"); 
    connectdb();
    $action=$_GET["action"];
    $id=$_GET["id"];
    $sid = $_GET["sid"];
    $rid=$_GET["rid"];
    $rpw=$_GET["rpw"];
    $uid = getuid_sid($sid);
    $uexist = isuser($uid);
    $theme = mysql_fetch_array(mysql_query("SELECT theme FROM ibwf_users WHERE id='".$uid."'"));
    
    if((islogged($sid)==false)||!$uexist)
        {
        echo "<head>";
          echo "<title>Error!!!</title>";
          echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/white_medium.css\">";
          echo "</head>";
          echo "<body>";
          echo "<center>";
          echo "You are not logged in<br/>";
          echo "Or Your session has been expired<br/><br/>";
          echo "<a href=\"index.php\">Login</a>";
          echo "</center>";
          echo "</html>";
          echo "</body>";
          exit();
        }
        
    if(isbanned($uid))
        {
          echo "<head>";
          echo "<title>Error!!!</title>";
          echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
          echo "</head>";
          echo "<body>";
          echo "<p align=\"center\">";
          echo "<img src=\"../images/notok.gif\" alt=\"x\"/><br/>";
          echo "<b>You are Banned</b><br/><br/>";
          $banto = mysql_fetch_array(mysql_query("SELECT timeto, pnreas, exid FROM ibwf_penalties WHERE uid='".$uid."' AND penalty='1' OR uid='".$uid."' AND penalty='2'"));
        $banres = mysql_fetch_array(mysql_query("SELECT lastpnreas FROM ibwf_users WHERE id='".$uid."'"));
          $remain = $banto[0]- time();
          $rmsg = gettimemsg($remain);
          echo "<b>Time Left: </b>$rmsg<br/>";
          $nick = getnick_uid($banto[2]);
        echo "<b>By: </b>$nick<br/>";
        echo "<b>Reason: </b>$banto[1]";
          //echo "<a href=\"index.php\">Login</a>";
          echo "</p>";
          echo "</body>";
          echo "</html>";
          exit();
        }
        $isroom = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_rooms WHERE id='".$rid."'"));
        if($isroom[0]==0)
        {
        echo "<head>";
          echo "<title>Error!!!</title>";
      echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
          echo "</head>";
          echo "<body>";
          echo "<center>";
          echo "<b>Room Doesn't Exist</b><br/><br/>";
          echo "<a href=\"index.php?action=chat&amp;sid=$sid\">Chatrooms</a>";
          echo "</center>";
          echo "</body>";
          echo "</html>";
          exit();
        }
        $passworded = mysql_fetch_array(mysql_query("SELECT pass FROM ibwf_rooms WHERE id='".$rid."'"));
        if($passworded[0]!="")
        {
          if($rpw!=$passworded[0])
          {
        echo "<head>";
          echo "<title>Error!!!</title>";
      echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
          echo "</head>";
          echo "<body>";
          echo "<center>";
          echo "<b>Wrong Password!</b><br/>";
          echo "You can't enter this room<br/><br/>";
          echo "<a href=\"index.php?action=chat&amp;sid=$sid\">Chatrooms</a>";
          echo "</center>";
          echo "</body>";
          echo "</html>";
          exit();
          }
        }
        if(!canenter($rid,$sid))
        {
        echo "<head>";
          echo "<title>Error!!!</title>";
      echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
          echo "</head>";
          echo "<body>";
          echo "<center>";
          echo "<b>Permission denied!</b><br/><br/>";
          echo "<a href=\"index.php?action=chat&amp;sid=$sid\">Chatrooms</a>";
          echo "</center>";
          echo "</body>";
          echo "</html>";
          exit();
        }
        addtochat($uid, $rid);
            $timeto = 300;
            $timenw = time();
            $timeout = $timenw-$timeto;
            $deleted = mysql_query("DELETE FROM ibwf_chat WHERE timesent<".$timeout."");
            $rooms = mysql_fetch_array(mysql_query("SELECT id, name FROM ibwf_rooms WHERE id='".$rid."'"));
            $rname = $rooms[1];
            $nick = getnick_sid($sid);
                
          if ($action=="")
          {
          echo "<head>";
          echo "<title>$nick@$rname</title>";
          echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
          $unreadpopup=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_popups WHERE unread='1' AND touid='".$uid."'"));
          if ($unreadpopup[0]<1)
          {
          echo "<meta http-equiv=\"refresh\" content=\"20; url=chat.php?time=";
          echo "".date("dmHis")."";
          echo "&amp;sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">";
          }
          echo "</head>";
          echo "<body>";
            addonline($uid,"Chating in $rname","chat.php?rid=$rid&amp;rpw=$rpw");
            //echo "<p>";
            echo popup($sid);
            echo "<b>1 </b><a name=\"top\" id=\"top\" accesskey=\"1\" href=\"chat.php?action=say&amp;sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">Write</a><br/>";
            echo "<b>2 </b><a accesskey=\"2\" href=\"#opt\">options</a><br/>";
            echo "<b>* </b><a accesskey=\"*\" href=\"chat.php?time=";
            echo "".date("dmHis")."";
            echo "&amp;sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">Refresh</a><br/>";
    
            $unreadinbox=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_private WHERE unread='1' AND touid='".$uid."'"));
            $unrd="".$unreadinbox[0]."";
            if ($unreadinbox[0]>0)
            {
            echo "<b>5 </b><a href=\"inbox.php?action=main&amp;sid=$sid&amp;lstloc=cht&amp;rid=$rid\">$unrd New Inbox!</a><br/>";
          }
          //echo "</p>";
          //echo "<br/><br/>";
    
            $message=$_POST["message"];
            $who = $_POST["who"];
            $rinfo = mysql_fetch_array(mysql_query("SELECT censord, freaky FROM ibwf_rooms WHERE id='".$rid."'"));
            if (trim($message) != "")
            {
        if(!isblocked($message,$uid))
        {
    
          $chatok = mysql_query("INSERT INTO ibwf_chat SET  chatter='".$uid."', who='".$who."', timesent='".time()."', msgtext='".$message."', rid='".$rid."';");
          $lstmsg = mysql_query("UPDATE ibwf_rooms SET lastmsg='".time()."' WHERE id='".$rid."'");
                
          $hehe=mysql_fetch_array(mysql_query("SELECT chmsgs FROM ibwf_users WHERE id='".$uid."'"));
          $totl = $hehe[0]+1;
          $msgst= mysql_query("UPDATE ibwf_users SET chmsgs='".$totl."' WHERE id='".$uid."'");
        }else{
        $bantime = time() + (30*24*60*60);
        echo "<img src=\"../images/notok.gif\" alt=\"X\"/>";
        echo "Can't Post Msg<br/><br/>";
        echo "You just tried sending a msg with a link to one of the crapiest sites on earth<br/> The members of these sites spam here a lot, so go to that site and stay there if you don't like it here<br/> as a result of your stupid action:<br/>1. you have lost your sheild<br/>2. you have lost all your plusses<br/>3. You are BANNED!";
            $user = getnick_sid($sid);
        mysql_query("INSERT INTO ibwf_mlog SET action='autoban', details='<b>".getnick_uid(1)."</b> auto banned $user for spamming chat', actdt='".time()."'");
        mysql_query("INSERT INTO ibwf_penalties SET uid='".$uid."', penalty='1', exid='1', timeto='".$bantime."', pnreas='Banned: Automatic Ban for spamming for a crap site'");
        mysql_query("UPDATE ibwf_users SET plusses='0', shield='0' WHERE id='".$uid."'");
        echo "</body>";
        echo "</html>";
        exit();
      }
                if($rinfo[1]==2)
                {
                  //oh damn i gotta post this message to ravebabe :(
                  //will it succeed?
                  $botid = "eeb070e74e366473";
                  $hostname = "www.pandorabots.com";
                  $hostpath = "/pandora/talk-xml";
                  $sendData = "botid=".$botid."&input=".urlencode($message)."&custid=".$custid;
                  
                  $result = PostToHost($hostname, $hostpath, $sendData);
                  
                  $pos = strpos($result, "custid=\"");
                  $pos = strpos($result, "<that>");
            if ($pos === false) {
                $reply = "";
            } else {
                $pos += 6;
                $endpos = strpos($result, "</that>", $pos);
                $reply = unhtmlspecialchars2(substr($result, $pos, $endpos - $pos));
                $reply = mysql_escape_string($reply);
            }
            
            $chatok = mysql_query("INSERT INTO ibwf_chat SET  chatter='1', who='', timesent='".time()."', msgtext='".$reply." @".getnick_uid($uid)."', rid='".$rid."';");
            
                }
              $message = "";
                }
                
                echo "<br/>";
                $chats = mysql_query("SELECT chatter, who, timesent, msgtext, exposed FROM ibwf_chat WHERE rid='".$rid."' ORDER BY timesent DESC, id DESC");
                $counter=0;
    
                while($chat = mysql_fetch_array($chats))
                {
                    $canc = true;
                   
                    
                    if($counter<40)
                    {
                      if(istrashed($chat[0])){
                            if($uid!=$chat[0])
                            {
                              $canc = false;
                            }
                      }
                    //////good
                    /*if(isignored($chat[0],$uid)){
                      $canc = false;
                    }*/
                    //////////good
                    if($chat[0]!=$uid)
                    {
                      if($chat[1]!=0)
                      {
                        if($chat[1]!=$uid)
                        {
                          $canc = false;
                        }
                      }
                    }
                    if($chat[4]=='1' && ismod($uid))
                    {
                      $canc = true;
                    }
                    if($canc)
                    {
                       $cmid = mysql_fetch_array(mysql_query("SELECT  chmood FROM ibwf_users WHERE id='".$chat[0]."'"));
                       
                       $iml = "";
                    if(($cmid[0]!=0))
                    {
                      $mlnk = mysql_fetch_array(mysql_query("SELECT img, text FROM ibwf_moods WHERE id='".$cmid[0]."'"));
                      $iml = "<img src=\"$mlnk[0]\" alt=\"$mlnk[1]\"/>";
    
                    }
                      $chnick = getnick_uid($chat[0]);
                        $optlink = $iml.$chnick;
                      if(($chat[1]!=0)&&($chat[0]==$uid))
                      {
                        ///out
                        $iml = "<img src=\"../moods/out.gif\" alt=\"!\"/>";
                        $chnick = getnick_uid($chat[1]);
                        $optlink = $iml."Pm To ".$chnick;
                      }
                      if($chat[1]==$uid)
                      {
                        ///out
                        $iml = "<img src=\"../moods/in.gif\" alt=\"!\"/>";
                        $chnick = getnick_uid($chat[0]);
                        $optlink = $iml."Pm By ".$chnick;
                      }
                        if($chat[4]=='1')
                      {
                        ///out
                        $iml = "<img src=\"../moods/point.gif\" alt=\"!\"/>";
                        $chnick = getnick_uid($chat[0]);
                        $tonick = getnick_uid($chat[1]);
                        $optlink = "$iml By ".$chnick." To ".$tonick;
                      }
                      
      $ds= date("H.i.s", $chat[2]);
      $text = parsepm($chat[3], $sid);
      $nos = substr_count($text,"<img src=");
      if(isspam($text))
      {
      $chnick = getnick_uid($chat[0]);
      echo addchatmsg($chat[0],$text,1,"*Oi! $chnick, No Spamming!*");
      }
      else if($nos>2){
      $chnick = getnick_uid($chat[0]);
      echo addchatmsg($chat[0],$text,1,"*Hey! $chnick, U Can Only Use 2 Smilies Per Msg!*");
      }else{
      $sres = substr($chat[3],0,3);
      if($sres == "/me")
      {
      $chco = strlen($chat[3]);
      $goto = $chco - 3;
      $rest = substr($chat[3],3,$goto);
      $tosay = parsepm($rest, $sid);
        
      echo addchatmsg($chat[0],$tosay,1,"");
      }
    else{
      if($rinfo[0]==0){$tosay = getbbcode($chat[3], $sid, 0);}
      else{$tosay = parsepm($chat[3], $sid, 1);}
      if($rinfo[1]==1){$tosay = strrev($tosay);}
      echo "<a href=\"chat.php?action=say2&amp;sid=$sid&amp;who=$chat[0]&amp;rid=$rid&amp;rpw=$rpw\">$optlink</a> - ";
      echo $tosay."<br/>";
      }
      }
      $counter++;
      }
      }
      }
            echo "<br/>";
            echo "<a name=\"opt\" id=\"opt\"></a>";
            echo "<b>* </b><a accesskey=\"*\" href=\"chat.php?time=";
            echo "".date("dmHis")."";
            echo "&amp;sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">Refresh</a><br/>";
          echo "<b>1 </b><a href=\"chat.php?action=say&amp;sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">Write</a><br/>";
            echo "<b>3 </b><a accesskey=\"3\" href=\"chat.php?action=options&amp;sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">Settings</a><br/>";
            $chatters=mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_chonline where rid='".$rid."'"));
            echo "<b>4 </b><a accesskey=\"4\" href=\"chat.php?action=inside&amp;sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">Whos Inside $chatters[0]</a><br/>";
            echo "<b>5 </b><a accesskey=\"5\" href=\"inbox.php?action=main&amp;sid=$sid&amp;lstloc=cht&amp;rid=$rid\">Inbox</a><br/>";
            echo "<b>6 </b><a accesskey=\"6\" href=\"lists.php?action=buds&amp;sid=$sid\">BuddyList</a><br/>";
            echo "<b>7 </b><a accesskey=\"7\" href=\"index.php?action=chat&amp;sid=$sid\">Chat</a><br/>";
            echo forumlink($sid,8);
            echo "<b>9 </b><a accesskey=\"9\" href=\"#top\">top</a> ";
            echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&amp;sid=$sid\">Home</a>";
            echo "</body>";
    }
    /////////////////////////////////////////////////////SAY
    
          else if ($action=="say")   
          {
         echo "<head>";
          echo "<title>Write Msg</title>";
      echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
          echo "</head>";
          echo "<body>";
          echo "<p align=\"center\">";
            addonline($uid,"Writing Chat Msg","");
            echo "<form action=\"chat.php?sid=$sid&amp;rid=$rid&amp;rpw=$rpw\" method=\"post\">";
            echo "<p>Message:<input name=\"message\" type=\"text\" maxlength=\"255\"/><br/>";
            echo "<input type=\"Submit\" Name=\"sy2\" value=\"Say\"></form><br/>";
          $rooms = mysql_fetch_array(mysql_query("SELECT id, name FROM ibwf_rooms WHERE id='".$rid."'"));
          $rname = $rooms[1];
            echo "<b>4 </b><a accesskey=\"4\" href=\"chat.php?sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">Back To $rname</a><br/>";
            echo "<b>6 </b><a accesskey=\"6\" href=\"inbox.php?action=main&amp;sid=$sid\">Inbox</a><br/>";
            echo "<b>7 </b><a accesskey=\"7\" href=\"lists.php?action=buds&amp;sid=$sid\">BuddyList</a><br/>";
            echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=chat&amp;sid=$sid\">Chat</a><br/>";
            echo forumlink($sid,9);
            echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&amp;sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a></p>";
            echo "</body>";
    }
            ////////////////////////////////////////////
        /////////////////////////////////////////////////////SAY2
          else if ($action=="say2")                   {
        echo "<head>";
          echo "<title>Send Pm</title>";
      echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
          echo "</head>";
          echo "<body>";
          echo "<p align=\"center\">";
            $unick = getnick_uid($who);
            echo "<b>Send Pm To $unick</b>";
            echo "</p>";
            
            addonline($uid,"Writing Chat Msg","");
            echo "<form action=\"chat.php?sid=$sid&amp;rid=$rid&amp;rpw=$rpw\" method=\"post\">";
            echo "<input type=\"Hidden\" name=\"who\" value=\"$who\">";
            echo "<p>Message:<input name=\"message\" type=\"text\" maxlength=\"255\"/><br/>";
            echo "<input type=\"Submit\" name=\"private\" Value=\"Private\"></form>";
            echo "<br/>";
            if(ismod($uid))
            {
            echo "<b>* </b><a accesskey=\"*\" href=\"chat.php?action=clear&amp;sid=$sid&amp;who=$who&amp;lstloc=cht&amp;rid=$rid\">Clear Msgs</a><br/>";
            }
            echo "<b>1 </b><a accesskey=\"1\" href=\"index.php?action=viewuser&amp;sid=$sid&amp;who=$who&amp;lstloc=cht&amp;rid=$rid\">View $unick's Profile</a><br/>";
            echo "<b>2 </b><a accesskey=\"2\" href=\"chat.php?action=expose&amp;sid=$sid&amp;who=$who&amp;rid=$rid&amp;rpw=$rpw\">Expose $unick's Msgs</a><br/>";
          $rooms = mysql_fetch_array(mysql_query("SELECT id, name FROM ibwf_rooms WHERE id='".$rid."'"));
          $rname = $rooms[1];
            echo "<b>4 </b><a accesskey=\"4\" href=\"chat.php?sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">Back To $rname</a><br/>";
            echo "<b>6 </b><a accesskey=\"6\" href=\"inbox.php?action=main&amp;sid=$sid\">Inbox</a><br/>";
            echo "<b>7 </b><a accesskey=\"7\" href=\"lists.php?action=buds&amp;sid=$sid\">BuddyList</a><br/>";
            echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=chat&amp;sid=$sid\">Chat</a><br/>";
            echo forumlink($sid,9);
            echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&amp;sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a></p>";
            echo "</body>";
    }
    /////////////////////////////////////////////////////CHAT OPTIONS
    
            else if ($action=="options")   
                            {
             echo "<head>";
          echo "<title>Chat Options</title>";
      echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
          echo "</head>";
          echo "<body>";
            
            addonline($uid,"Chat Options","");
            echo "<b>1 </b><a accesskey=\"1\" href=\"lists.php?action=chmood&amp;sid=$sid&amp;page=1\">Chat Mood</a><br/>";
            echo "<b>2 </b><a accesskey=\"2\" href=\"lists.php?action=smilies&amp;sid=$sid\">Smilies List</a><br/>";
            echo "<b>3 </b><a accesskey=\"3\"  href=\"chat.php?action=inside&amp;sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">Who's Inside</a><br/>";
          $rooms = mysql_fetch_array(mysql_query("SELECT id, name FROM ibwf_rooms WHERE id='".$rid."'"));
          $rname = $rooms[1];
            echo "<b>4 </b><a accesskey=\"4\" href=\"chat.php?sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">Back To $rname</a><br/>";    
            echo "<b>6 </b><a accesskey=\"6\" href=\"inbox.php?action=main&amp;sid=$sid\">Inbox</a><br/>";
            echo "<b>7 </b><a accesskey=\"7\" href=\"lists.php?action=buds&amp;sid=$sid\">BuddyList</a><br/>";
            echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=chat&amp;sid=$sid\">Chat</a><br/>";
            echo forumlink($sid,9);
            echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&amp;sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a></p>";
            echo "</body>";
    }
            ////////////////////////////////////////////
            //////////////////////////////inside//////////
          else if ($action=="inside")           {
              
          addonline($uid,"Viewing Chat UserList","");
          echo "<head>";
          echo "<title>Chat UserList</title>";
      echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
          echo "</head>";
          echo "<body>";
            echo "<p><br/>";
            $inside=mysql_query("SELECT DISTINCT * FROM ibwf_chonline WHERE rid='".$rid."' and uid IS NOT NULL");
            
            while($ins=mysql_fetch_array($inside))
            {
              $unick = getnick_uid($ins[1]);
              $userl = "<a href=\"chat.php?action=say2&amp;sid=$sid&amp;who=$ins[1]&amp;rid=$rid&amp;rpw=$rpw\">$unick</a><br/>";
              echo "$userl";
            }
            echo "<br/>";
          $rooms = mysql_fetch_array(mysql_query("SELECT id, name FROM ibwf_rooms WHERE id='".$rid."'"));
          $rname = $rooms[1];
            echo "<b>4 </b><a accesskey=\"4\" href=\"chat.php?sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">Back To $rname</a><br/>";
            echo "<b>6 </b><a accesskey=\"6\" href=\"inbox.php?action=main&amp;sid=$sid\">Inbox</a><br/>";
            echo "<b>7 </b><a accesskey=\"7\" href=\"lists.php?action=buds&amp;sid=$sid\">BuddyList</a><br/>";
            echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=chat&amp;sid=$sid\">Chat</a><br/>";
            echo forumlink($sid,9);
            echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&amp;sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a></p>";
            echo "</body>";
    }
          else if ($action=="expose")           {
    
          addonline($uid,"Exposing ChatUser","");
          echo "<head>";
          echo "<title>Exposing ChatUser</title>";
      echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
          echo "</head>";
          echo "<body>";
          echo "<p align=\"center\"><br/>";
          mysql_query("UPDATE ibwf_chat SET exposed='1' WHERE chatter='".$who."' AND who='".$uid."'");
          $unick = getnick_uid($who);
          echo "$unick messages to you have been exposed to staff";
          echo "<br/><br/>";
          $rooms = mysql_fetch_array(mysql_query("SELECT id, name FROM ibwf_rooms WHERE id='".$rid."'"));
          $rname = $rooms[1];
          echo "<b>4 </b><a accesskey=\"4\" href=\"chat.php?sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">Back To $rname</a><br/>";
          echo "<b>6 </b><a accesskey=\"6\" href=\"inbox.php?action=main&amp;sid=$sid\">Inbox</a><br/>";
          echo "<b>7 </b><a accesskey=\"7\" href=\"lists.php?action=buds&amp;sid=$sid\">BuddyList</a><br/>";
          echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=chat&amp;sid=$sid\"><img src=\"../images/chat.gif\" alt=\"\"/>RoomList</a><br/>";
          echo forumlink($sid,9);
          echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&amp;sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a></p>";
          echo "</body>";
    }
          else if(($action=="clear")&&(ismod($uid)))
          {
          addonline($uid,"Chat Tools","");
          echo "<head>";
          echo "<title>Clearing Users Msgs</title>";
          echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
          echo "</head>";
          echo "<body>";
          echo "<p align=\"center\"><br/>";
          $trgtnick=getnick_uid($who);
          $perm = mysql_fetch_array(mysql_query("SELECT perm FROM ibwf_users WHERE id='".$uid."'"));
          $trgtperm = mysql_fetch_array(mysql_query("SELECT perm FROM ibwf_users WHERE id='".$who."'"));
          if($trgtperm>$perm){ 
          echo "<b><img src=\"../images/notok.gif\" alt=\"x\"/><br/>Error!!!<br/>Permission Denied...</b><br/>";
          echo "<br/>U Cannot Clear $trgtnick's Msgs<br/>";
          }else{
          if(($who!="")||($who!=0))
          {
          $res = mysql_query("DELETE FROM ibwf_chat WHERE chatter='".$who."'");
          if($res)
          {
          echo "$trgtnick msgs have been cleared<br/>";
          }else{
          echo "Failed clearing $trgtnick msgs<br/>";
          }
          }else{
          echo "Username doesnot exist<br/>";
          }
          }
          echo "<br/>";
          $rooms = mysql_fetch_array(mysql_query("SELECT id, name FROM ibwf_rooms WHERE id='".$rid."'"));
          $rname = $rooms[1];
          echo "<b>4 </b><a accesskey=\"4\" href=\"chat.php?sid=$sid&amp;rid=$rid&amp;rpw=$rpw\">Back To $rname</a><br/>";
          echo "<b>6 </b><a accesskey=\"6\" href=\"inbox.php?action=main&amp;sid=$sid\">Inbox</a><br/>";
          echo "<b>7 </b><a accesskey=\"7\" href=\"lists.php?action=buds&amp;sid=$sid\">BuddyList</a><br/>";
          echo "<b>8 </b><a accesskey=\"8\" href=\"index.php?action=chat&amp;sid=$sid\"><img src=\"../images/chat.gif\" alt=\"\"/>RoomList</a><br/>";
          echo forumlink($sid,9);
          echo "<b>0 </b><a accesskey=\"0\" href=\"index.php?action=main&amp;sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a></p>";
          echo "</body>";
    }
    ?>
    </html>
    somebody has fixed this problem?
    sigpicthe italian/international COMMUNITY of friendship
    http://people2000.netne.net
    WAP/WEB
    peoplemailbox@katamail.com

    #2
    fixed by myself..thanx
    sigpicthe italian/international COMMUNITY of friendship
    http://people2000.netne.net
    WAP/WEB
    peoplemailbox@katamail.com

    Comment

    Working...
    X