2012-05-21 12:42:55 +00:00
< ? php
require_once ( 'prefs.php' );
2024-06-26 10:32:28 +00:00
require_once __DIR__ . '/contactform/vendor/autoload.php' ;
require_once __DIR__ . '/contactform/config.php' ;
$mail = new \PHPMailer\PHPMailer\PHPMailer ( true );
$mail -> setLanguage ( CONTACTFORM_LANGUAGE );
$mail -> SMTPDebug = CONTACTFORM_PHPMAILER_DEBUG_LEVEL ;
$mail -> isSMTP ();
$mail -> Host = CONTACTFORM_SMTP_HOSTNAME ;
$mail -> SMTPAuth = true ;
$mail -> Username = CONTACTFORM_SMTP_USERNAME ;
$mail -> Password = CONTACTFORM_SMTP_PASSWORD ;
$mail -> SMTPSecure = CONTACTFORM_SMTP_ENCRYPTION ;
$mail -> Port = CONTACTFORM_SMTP_PORT ;
$mail -> CharSet = CONTACTFORM_MAIL_CHARSET ;
$mail -> Encoding = CONTACTFORM_MAIL_ENCODING ;
2012-05-21 12:42:55 +00:00
if ( isset ( $_COOKIE [ 'bellabuffs' ])) {
if ( $_COOKIE [ 'bellabuffs' ] == md5 ( $admin_name . $admin_pass . $secret )) {
if ( isset ( $_GET [ 'ap' ])) { $page = $_GET [ 'ap' ]; } else { $page = " " ; }
include ( 'header.php' );
switch ( $page ) {
case " manage_members " :
if ( isset ( $_GET [ 's' ]) && $_GET [ 's' ] == " newbies " ) {
$file = file ( NEWBIES );
$wording = " pending " ;
$pageurl = " admin.php?ap=manage_members&s=newbies " ;
$fileurl = " newbies.txt " ;
} else {
$file = file ( MEMBERS );
$wording = " approved " ;
$pageurl = " admin.php?ap=manage_members " ;
$fileurl = " members.txt " ;
}
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
echo " <p style='color: red;'><strong>Warning:</strong> Do not try to edit multiple members at once, do not try to approve and delete the same member.</p> " ;
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
$count = count ( $file );
if ( $count == 0 ) { echo '<p>No ' . $wording . ' members at this time.</p> <p><a href="admin.php">Back to admin panel?</a></p>' ; exit ( include ( 'footer.php' )); }
echo '<p style="text-align: center;">' . $count . ' ' . $wording . ' members | ' ;
$numpages = ceil ( $count / $perpage );
echo " pages: " ;
for ( $x = 1 ; $x <= $numpages ; $x ++ ) {
echo '<a href="' . $pageurl . '&page=' . $x . '">' ;
if ( isset ( $_GET [ 'page' ]) && $x == $_GET [ 'page' ]) {
echo " <strong> $x </strong> " ;
} else {
echo " $x " ;
}
echo " </a> " ;
}
echo " </p> \n \n " ;
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
if ( isset ( $_GET [ 'page' ]) && is_numeric ( $_GET [ 'page' ])) $i = $perpage * ( $_GET [ 'page' ] - 1 );
else $i = 0 ;
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
$end = $i + $perpage ;
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
if ( $end > $count ) $end = $count ;
?>
< form action = " admin.php?ap=do_action " method = " post " >
< input type = " hidden " name = " token " id = " token " value = " <?php echo md5( $secret ); ?> " />
< input type = " hidden " name = " fileloc " id = " fileloc " value = " <?php if (isset( $_GET['s'] ) && $_GET['s'] == " newbies " ) echo 'newbies.txt'; else echo 'members.txt' ?> " />
< table >
< tr > < th > Name </ th > < th > E - mail </ th > < th > Website </ th > < th > Country </ th > < ? php if ( isset ( $favefield ) && $favefield == " yes " ) { echo " <th>Fave</th> " ; } ?> <?php if (isset($_GET['s']) && $_GET['s'] == "newbies") echo '<th>Add</th>'; ?> <th>Edit</th> <th>Delete</th>
</ tr >
2024-06-26 10:32:28 +00:00
< ? php
2012-05-21 12:42:55 +00:00
while ( $i < $end ){
$rowClass = ( $i % 2 ) ? $classA : $classB ;
list ( $name , $email , $dispemail , $url , $country , $fave ) = preg_split ( " /,(?! )/ " , $file [ $i ]);
$fave = trim ( $fave , " \" \x00 .. \x1F " );
echo '<tr class="' . $rowClass . '">' ;
$email = " <script type= \" text/javascript \" > document.write('<a href= \" mailto: " . fixEmail ( $email ) . " \" >e-mail< \ /a>'); </script> " ;
if ( empty ( $url ) || $url == " http:// " ) $url = " <del>www</del> " ; else $url = " <a href= \" $url\ " title = \ " $name 's website \" >www</a> " ;
echo " <td> $name </td> <td> $email </td> <td> $url </td> <td> $country </td> " ;
if ( isset ( $favefield ) && $favefield == " yes " ) echo " <td> " . str_replace ( '|' , ',' , $fave ) . " </td> " ;
2024-06-26 10:32:28 +00:00
if ( isset ( $_GET [ 's' ]) && $_GET [ 's' ] == " newbies " )
echo '<td><input type="checkbox" name="appr[' . $i . ']" value="' . $i . '" /></td>' ;
2012-05-21 12:42:55 +00:00
echo '<td><a href="admin.php?ap=edit_member&file=' . $fileurl . '&mem=' . $i . '"><img src="admin-icons/edit.png" title="edit" alt="edit" /></a></td>' ;
echo '<td><input type="checkbox" name="del[' . $i . ']" value="' . $i . '" /></td>' ;
echo " </tr> \r \n " ;
$i ++ ;
}
?>
</ table >
< ? php
echo '<p><input type="submit" name="submit" id="submit" value="Update" /></p>' . " \r \n </form> " ;
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " do_action " :
if ( ! isset ( $_POST [ 'token' ]) || $_POST [ 'token' ] != md5 ( $secret )) exit ( " <p>Invalid token.</p> " );
if ( isset ( $_POST [ 'appr' ]) && is_array ( $_POST [ 'appr' ])) {
$newbies = file ( NEWBIES );
$approved = array ();
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
foreach ( $_POST [ 'appr' ] as $member => $value ) {
if ( is_numeric ( $member ) && array_key_exists ( $member , $newbies )) {
$approved [] = $newbies [ $member ];
unset ( $newbies [ $member ]);
}
}
$newbies = implode ( " " , $newbies );
$fh = fopen ( NEWBIES , " w " );
fwrite ( $fh , $newbies );
fclose ( $fh );
if ( $emailapproval == " yes " ) {
$apprAmount = count ( $approved );
$i = 0 ;
while ( $i < $apprAmount ) {
list ( $name , $email , $dispemail , $url , $country , $fave ) = preg_split ( " /,(?! )/ " , $approved [ $i ]);
2024-06-26 10:32:28 +00:00
// Recipients
$mail -> setFrom ( $admin_email , $title );
$mail -> addAddress ( fixEmail ( $email ), $name );
$mail -> addReplyTo ( $admin_email );
2012-05-21 12:42:55 +00:00
2024-06-26 10:32:28 +00:00
$mail -> Subject = " You have been approved at $title " ;
2012-05-21 12:42:55 +00:00
2024-06-26 10:32:28 +00:00
$mail -> Body = $approvalMsg ;
$mail -> Body .= " Name: { $name } \r \n " ;
$mail -> Body .= " Email: " . fixEmail ( $email ) . " \r \n " ;
$mail -> Body .= " URL: { $url } \r \n " ;
$mail -> Body .= " Country: { $country } \r \n " ;
if ( isset ( $favefield ) && $favefield == " yes " ) $mail -> Body .= strip_tags ( $favetext ) . " : { $fave } \r \n " ;
2012-05-21 12:42:55 +00:00
2024-06-26 10:32:28 +00:00
$mail -> send ();
2012-05-21 12:42:55 +00:00
$i ++ ;
}
}
if ( isset ( $defaultSort )) {
if ( $defaultSort == " newest " ) {
$newmembers = implode ( " " , $approved ) . " \r \n " ;
$olddata = file_get_contents ( MEMBERS );
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
$fp = fopen ( MEMBERS , " w " );
fwrite ( $fp , $newmembers );
fclose ( $fp );
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
$fp = fopen ( MEMBERS , " a " ) or die ( " Couldn't open members.txt " );
fwrite ( $fp , $olddata );
fclose ( $fp );
} elseif ( $defaultSort == " oldest " ) {
$newmembers = " \r \n " . implode ( " " , $approved );
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
$fp = fopen ( MEMBERS , " a " ) or die ( " Couldn't open members.txt " );
fwrite ( $fp , $newmembers );
fclose ( $fp );
} else {
exit ( " <p>Invalid sort option in prefs.php: please ensure you use 'newest' or 'oldest'.</p> " );
}
} else {
exit ( " <p>No sort option in prefs.php: please ensure you're running the latest version.</p> " );
}
if ( isset ( $updateDate ) && $updateDate == " yes " ) {
$update = " \n " . date ( $timestamp ) . " ,New member(s) added " ;
$fp = fopen ( UPDATES , " w " ) or die ( " Couldn't open UPDATES - the update could not be stored. " );
fwrite ( $fp , $update );
fclose ( $fp );
}
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
blanklinefix ( NEWBIES );
blanklinefix ( MEMBERS );
echo " <p>Member(s) approved.</p> " ;
}
if ( isset ( $_POST [ 'del' ]) && is_array ( $_POST [ 'del' ])) {
if ( isset ( $_POST [ 'fileloc' ]))
2024-06-26 10:32:28 +00:00
$fileloc = basename ( $_POST [ 'fileloc' ]);
2012-05-21 12:42:55 +00:00
else exit ;
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
$members = file ( MEMBERS );
$newbies = file ( NEWBIES );
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
foreach ( $_POST [ 'del' ] as $member => $file ) {
if ( is_numeric ( $member )) {
if ( $fileloc == " newbies.txt " && array_key_exists ( $member , $newbies )) unset ( $newbies [ $member ]);
elseif ( $fileloc == " members.txt " && array_key_exists ( $member , $members )) unset ( $members [ $member ]);
}
}
if ( $fileloc == " newbies.txt " ) $backlink = '<a href="admin.php?ap=manage_members&s=newbies">Delete other pending members?</a>' ; else $backlink = '<a href="admin.php?ap=manage_members">Delete other approved members?</a>' ;
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
$members = implode ( " " , $members );
$newbies = implode ( " " , $newbies );
$fh = fopen ( MEMBERS , " w " );
fwrite ( $fh , $members );
fclose ( $fh );
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
$fb = fopen ( NEWBIES , " w " );
fwrite ( $fb , $newbies );
fclose ( $fb );
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
echo '<p>Member(s) deleted.</p>' ;
}
echo '<p><b>Jump to:</b> <a href="admin.php?ap=manage_members">members</a> / <a href="admin.php?ap=manage_members&s=newbies">pending members</a></p>' ;
echo '<p><a href="admin.php">Back to admin panel?</a></p>' ;
break ;
case " edit_member " :
echo " <p>Note: editing a member will not approve them. You must do this separately.</p> " ;
if ( ! isset ( $_GET [ 'mem' ]) || $_GET [ 'mem' ] == " " || ! ctype_digit ( $_GET [ 'mem' ])) {
echo " <p>You didn't select a valid member.</p> " ;
include ( 'footer.php' );
exit ;
} elseif ( ! isset ( $_GET [ 'file' ]) || $_GET [ 'file' ] == " " || ! file_exists ( $_GET [ 'file' ])) {
echo " <p>You didn't select a valid file.</p> " ;
include ( 'footer.php' );
2024-06-26 10:32:28 +00:00
exit ;
2012-05-21 12:42:55 +00:00
} else {
if ( is_numeric ( $_GET [ 'mem' ])) $mem = $_GET [ 'mem' ]; else exit ( " Oops, not a valid member number. " );
if ( file_exists ( $_GET [ 'file' ])) $file = $_GET [ 'file' ]; else exit ( " Oops, the important .txt files don't exist! " );
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
$fh = fopen ( $file , " r " );
while ( ! feof ( $fh )) {
$content [] = fgets ( $fh , 4096 );
}
fclose ( $fh );
if ( empty ( $content [ $mem ])) {
echo " <p>That member does not exist.</p> " ;
include ( 'footer.php' );
exit ;
}
$memary = preg_split ( " /,(?! )/ " , $content [ $mem ]);
if ( isset ( $memary [ '5' ])) {
$memary [ '5' ] = stripslashes ( trim ( $memary [ '5' ], " \" \x00 .. \x1F " ));
} else {
$memary [ '4' ] = trim ( $memary [ '4' ], " \" \x00 .. \x1F " );
}
?>
< form action = " ?ap=edit_process " method = " post " >< p >
< input type = " hidden " id = " member " name = " member " value = " <?php echo $mem ;?> " />
< input type = " hidden " id = " file " name = " file " value = " <?php echo $file ;?> " />
< label >< input type = " text " id = " name " name = " name " value = " <?php echo $memary['0'] ;?> " /> Name </ label >< br />
< label >< input type = " text " id = " email " name = " email " value = " <?php echo fixEmail( $memary['1'] );?> " /> E - mail </ label >< br />
< label >< input type = " radio " id = " dispemailyes " name = " dispemail " value = " yes " < ? php if ( $memary [ '2' ] == " yes " ) { echo " checked= \" checked \" " ; } ?> /> Yes</label>
< label >< input type = " radio " id = " dispemailno " name = " dispemail " value = " no " < ? php if ( $memary [ '2' ] == " no " ) { echo " checked= \" checked \" " ; } ?> /> No</label> Display E-mail?<br />
2024-06-29 10:23:26 +00:00
< label >< input type = " url " id = " url " name = " url " value = " <?php echo $memary['3'] ;?> " /> Website </ label >< br />
2012-05-21 12:42:55 +00:00
< label >< select name = " country " id = " country " >< ? php get_countries ( $memary [ '4' ]); ?> </select> Country</label><br />
< ? php
if ( isset ( $favefield ) && $favefield == " yes " ) {
?>
< label >< input type = " text " id = " fave " name = " fave " value = " <?php echo $memary['5'] ;?> " /> < ? php echo $favetext ; ?> </label><br />
< ? php
}
?>
2024-06-26 10:32:28 +00:00
< input type = " submit " name = " submit " id = " submit " value = " continue " />
2012-05-21 12:42:55 +00:00
</ p ></ form >
< ? php
}
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " edit_process " :
foreach ( $_POST as $key => $val ) {
$clean [ $key ] = cleanUp ( $val );
}
if ( ! isset ( $favefield ) || $favefield == " no " ) {
$clean [ 'fave' ] = " " ;
}
if ( empty ( $clean [ 'dispemail' ])) {
$clean [ 'dispemail' ] = " no " ;
}
$editedMember = $clean [ 'name' ] . " , " . breakEmail ( $clean [ 'email' ]) . " , " . $clean [ 'dispemail' ] . " , " . $clean [ 'url' ] . " , " . $clean [ 'country' ] . " , " . $clean [ 'fave' ] . " \n " ;
2024-06-26 10:32:28 +00:00
$mem = $clean [ 'member' ];
2012-05-21 12:42:55 +00:00
$file = $clean [ 'file' ];
$fh = fopen ( $file , " r " );
while ( ! feof ( $fh )) {
$content [] = fgets ( $fh , 4096 );
}
fclose ( $fh );
$content [ $mem ] = $editedMember ;
$data = implode ( $content );
$data = trim ( $data );
$fp = fopen ( $file , " w " ) or die ( " Couldn't open { $file } . " );
fwrite ( $fp , $data );
fclose ( $fp );
if ( $file == " newbies.txt " ) {
echo " <p>Member edited. <a href='admin.php?ap=pending_members'>Edit more pending members?</a></p> " ;
} else {
echo " <p>Member edited. <a href='admin.php?ap=approved_members'>Edit more approved members?</a></p> " ;
}
if ( isset ( $updateDate ) && $updateDate == " yes " ) {
if ( empty ( $clean [ 'url' ]) || $clean [ 'url' ] == " http:// " ) {
$updatedMember = $clean [ 'name' ];
} else {
$updatedMember = " <a href= \" { $clean [ 'url' ] } \" > { $clean [ 'name' ] } </a> " ;
}
$update = " \n " . date ( $timestamp ) . " ,Member edited: $updatedMember " ;
$fp = fopen ( UPDATES , " w " ) or die ( " <p>Couldn't open UPDATES - the update could not be stored.</p> " );
fwrite ( $fp , $update );
fclose ( $fp );
}
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " add_spamword " :
echo " <p>These words will be blocked - if the script finds them in the join form, membership will be rejected. Add each new word separately: do <strong>not</strong> use commas to separate spam words.</p> " ;
echo " <form action='admin.php?ap=add_spamword_process' method='post'><p> \n " ;
echo " <label for='newspamword'>Spam Word: </label><input type='text' name='spamword' id='spamword' /> <br /> \n " ;
echo " <br /><input type='submit' name='submit' id='submit' value='Submit' /> \n " ;
echo " </p></form> \n " ;
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " add_spamword_process " :
if ( ! ctype_alnum ( $_POST [ 'spamword' ])) {
echo " <p>That is not a valid spam word: they must only contain numbers and letters. No special characters.</p> " ;
include ( 'footer.php' );
exit ;
}
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
$_POST [ 'spamword' ] = cleanUp ( str_replace ( ',' , '' , $_POST [ 'spamword' ]));
echo " <p>The following word is now blacklisted:</p> \n \n <p> { $_POST [ 'spamword' ] } </p> \n \n " ;
$newlisting = " \n " . $_POST [ 'spamword' ];
$fh = @ fopen ( SPAMWDS , " a " );
@ fwrite ( $fh , $newlisting );
fclose ( $fh );
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " edit_spamword " :
echo " <p>To remove a spam word, simply delete the contents of the input field.</p> " ;
if ( filesize ( SPAMWDS ) == 0 ) {
echo " <p>No spam words in the list.</p> " ;
} else {
echo " \n <form action='admin.php?ap=edit_spamword_process' method='post'><p> \n " ;
$fh = fopen ( SPAMWDS , " r " ) or die ( " Couldn't open the spam words file. " );
while ( ! feof ( $fh )) {
$spamword = fgetcsv ( $fh , 4096 );
for ( $i = 0 ; $i < 1 ; $i ++ ) {
echo " <label for='spamword'>Spam Word: </label><input type='text' name='wordlist[]' value=' $spamword[0] ' /> <br /> \n " ;
}
}
fclose ( $fh );
echo " <br /><input type='submit' name='submit' id='submit' value='Submit' /> \n </p></form> \n " ;
}
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " edit_spamword_process " :
$wordlist = $_POST [ 'wordlist' ];
echo " <p>The following words are now blacklisted:</p> \n \n <p> " ;
foreach ( $wordlist as $spamword ) {
echo " $spamword <br /> \n " ;
}
echo " </p> " ;
$wordlist = cleanUp ( implode ( " , " , $wordlist ));
$wordlist = str_replace ( ',,' , ',' , $wordlist );
$wordlist = split ( ',' , $wordlist );
$new_wordlist = implode ( " \n " , $wordlist );
$fh = fopen ( SPAMWDS , " w " );
fwrite ( $fh , $new_wordlist );
fclose ( $fh );
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " block_ip " :
echo " <p>Please note: blocking an IP will stop a user from joining your fanlisting, but not from viewing it.</p> " ;
echo " <form action='admin.php?ap=block_ip_process' method='post'><p> \n " ;
echo " <label for='newip'>IP Address: </label><input type='text' name='newip' id='newip' /> <br /> \n " ;
echo " <br /><input type='submit' name='submit' id='submit' value='Submit' /> \n " ;
echo " </p></form> \n " ;
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " block_ip_process " :
if ( preg_match ( " ^(( \ d|[1-9] \ d|2[0-4] \ d|25[0-5]|1 \ d \ d)(?: \ .( \ d|[1-9] \ d|2[0-4] \ d|25[0-5]|1 \ d \ d)) { 3}) $ ^ " , cleanUp ( str_replace ( ',' , '' , $_POST [ 'newip' ])))) {
echo " <p>The following IP has now been blocked:</p> \n \n <p> { $_POST [ 'newip' ] } </p> \n \n " ;
$newlisting = " \n " . $_POST [ 'newip' ];
$fh = @ fopen ( IPBLOCKLST , " a " );
fwrite ( $fh , $newlisting );
fclose ( $fh );
} else {
echo " <p>That's not a valid IP address!</p> " ;
}
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " edit_blocked_ips " :
echo " <p>To remove an IP, simply delete the content of the input field.</p> " ;
if ( filesize ( IPBLOCKLST ) == 0 ) {
echo " <p>No blocked IPs.</p> " ;
} else {
echo " \n <form action='admin.php?ap=edit_blocked_ips_process' method='post'><p> \n " ;
$fh = fopen ( IPBLOCKLST , " r " ) or die ( " Couldn't open IP block list. " );
while ( ! feof ( $fh )) {
$blockedips = @ fgetcsv ( $fh , 4096 );
for ( $i = 0 ; $i < 1 ; $i ++ ) {
echo " <label for='blockedip'>Blocked IP: </label><input type='text' name='iplist[]' value=' $blockedips[0] ' /> <br /> \n " ;
}
}
fclose ( $fh );
echo " <br /><input type='submit' name='submit' id='submit' value='Submit' /> \n </p></form> \n " ;
}
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " edit_blocked_ips_process " :
echo " <p>The following IPs are now blocked:</p> \n \n <p> " ;
foreach ( $_POST [ 'iplist' ] as $blockedip ) {
print " $blockedip <br /> \n " ;
}
echo " </p> " ;
$iplist = cleanUp ( implode ( " , " , $_POST [ 'iplist' ]));
$iplist = str_replace ( ',,' , ',' , $iplist );
$iplist = split ( ',' , $iplist );
$new_iplist = implode ( " \n " , $iplist );
$fh = @ fopen ( IPBLOCKLST , " w " );
@ fwrite ( $fh , $new_iplist );
fclose ( $fh );
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " add_button " :
echo " <p style='color: red;'><strong>Note:</strong> On the majority of hosts, the button folders have to have permissions set to 777 for this upload feature to work. This can constitute a security risk. Please be careful when changing the permissions of files and folders.</p> " ;
?>
< form method = " post " action = " ?ap=add_button_process " enctype = " multipart/form-data " >< p >
< label >< input type = " file " name = " file " id = " file " /> Upload Button </ label >< br />
< label > Donated ? </ label >< br />
2024-06-26 10:32:28 +00:00
< input type = " radio " id = " donatedyes " name = " donated " value = " yes " /> Yes
2012-05-21 12:42:55 +00:00
< input type = " radio " id = " donatedno " name = " donated " value = " no " checked = " checked " /> No < br />
< label >< input type = " text " id = " donatorname " name = " donatorname " /> Donator Name </ label >< br />
< label >< input type = " text " id = " donatorurl " name = " donatorurl " /> Donator URL </ label >< br />
< input type = " submit " name = " submit " id = " submit " value = " Upload " />
</ p ></ form >
< ? php
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " add_button_process " :
if ( ! is_dir ( " buttons/ " )) {
echo " <p>The \" buttons \" directory does not exist and therefore the button could not be uploaded.</p> " ;
include ( 'footer.php' );
exit ;
2024-06-26 10:32:28 +00:00
}
2012-05-21 12:42:55 +00:00
if ( empty ( $_FILES [ 'file' ])) {
echo " <p>You did not choose an image to upload.</p> " ;
include ( 'footer.php' );
exit ;
2024-06-26 10:32:28 +00:00
}
2012-05-21 12:42:55 +00:00
if ( getimagesize ( $_FILES [ 'file' ][ 'tmp_name' ]) === FALSE ) {
echo " <p>That is not a valid image file.</p> " ;
include ( 'footer.php' );
exit ;
}
list ( $width , $height , $type , $attr ) = getimagesize ( $_FILES [ 'file' ][ 'tmp_name' ]);
if ( $type == 1 || $type == 2 || $type == 3 ) {
if ( move_uploaded_file ( $_FILES [ 'file' ][ 'tmp_name' ], " buttons/ { $_FILES [ 'file' ][ 'name' ] } " )) {
echo " <p>The button was successfully uploaded. <a href='admin.php?ap=add_button'>Add another?</a></p> " ;
$string = substr ( md5 ( microtime () * mktime ()), 0 , 6 );
$ext = substr ( strrchr ( $_FILES [ 'file' ][ 'name' ], " . " ), 1 );
// rename the button so that bad characters don't break things.
if ( rename ( " buttons/ " . $_FILES [ 'file' ][ 'name' ], " buttons/ " . $string . " . " . $ext )) {
$filename = $string . " . " . $ext ;
} else {
// if button could not be renamed we check for commas and delete the button if 'bad', or rely on original name if fine
if ( strpos ( $_FILES [ 'file' ][ 'name' ], " , " ) === true ) {
unlink ( " buttons/ " . $_FILES [ 'file' ][ 'name' ]);
echo " <p>File names must not contain commas.</p> " ;
include ( 'footer.php' );
exit ;
} else {
$filename = $_FILES [ 'file' ][ 'name' ];
}
}
foreach ( $_POST as $key => $val ) {
$clean [ $key ] = cleanUp ( $val );
}
$button = " \n " . $filename . " , " . $width . " , " . $height . " , " . $clean [ 'donated' ] . " , " . $clean [ 'donatorname' ] . " , " . $clean [ 'donatorurl' ];
$fp = fopen ( BUTTONS , " a " ) or die ( " Couldn't open BUTTONS - the information about the button could not be stored. " );
fwrite ( $fp , $button );
fclose ( $fp );
} else {
echo " <p>The button was not uploaded this time.</p> " ;
include ( 'footer.php' );
exit ;
}
} else {
echo " <p>That file extension not valid.</p> " ;
include ( 'footer.php' );
exit ;
}
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " manage_buttons " :
if ( isset ( $_GET [ 'size' ])) {
list ( $MANwidth , $MANheight ) = preg_split ( " /x/ " , $_GET [ 'size' ]);
?>
< h4 > Manage Buttons : < ? php echo $MANwidth ; ?> x<?php echo $MANheight;?></h4>
< table >
< tr > < th > Image </ th > < th > Donated ? </ th > < th > Donator Name </ th > < th > Donator URL </ th > < th > Admin </ th ></ tr >
< ? php
$array = file ( BUTTONS );
foreach ( $array as $key => $value ) {
if ( preg_match ( " / $MANwidth , $MANheight /i " , $value )) {
list ( $file , $width , $height , $donated , $donator , $donatorUrl ) = preg_split ( " /,(?! )/ " , $value );
echo " <tr> <td><img src= \" buttons/ $file\ " alt = \ " { $width } x { $height } button \" /></td> <td> $donated </td> <td> $donator </td> <td> $donatorUrl </td> <td><a href='admin.php?ap=manage_buttons&p=edit&button= $key '><img src='admin-icons/edit.png' title='edit' alt='edit' /></a> <a href='admin.php?ap=manage_buttons&p=del&button= $key ' onClick= \" javascript:return confirm('Are you sure you want to delete this button?') \" ><img src='admin-icons/delete.png' title='delete' alt='delete' /></a></td> </tr> " ;
}
}
?>
</ table >
< ? php
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
include ( 'footer.php' );
exit ;
} elseif ( isset ( $_GET [ 'p' ]) && $_GET [ 'p' ] == " del " ) {
if ( ! isset ( $_GET [ 'p' ])) {
echo " <p>You did not select a button to delete.</p> " ;
} else {
$button = $_GET [ 'button' ];
$fh = @ fopen ( BUTTONS , " r " );
while ( ! feof ( $fh )) {
$content [] = fgets ( $fh , 4096 );
}
fclose ( $fh );
list ( $file , $width , $height , $donated , $donator , $donatorUrl ) = preg_split ( " /,(?! )/ " , $content [ $button ]);
unlink ( " buttons/ " . $file );
unset ( $content [ $button ]);
$data = implode ( " " , $content );
$data = trim ( $data );
$fh = @ fopen ( BUTTONS , " w " );
@ fwrite ( $fh , $data );
fclose ( $fh );
echo " <p>Button deleted. <a href= \" admin.php?ap=manage_buttons \" >Manage more buttons?</a></p> " ;
}
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
include ( 'footer.php' );
exit ;
} elseif ( isset ( $_GET [ 'p' ]) && $_GET [ 'p' ] == " edit " ) {
if ( ! isset ( $_GET [ 'button' ])) {
echo " <p>You did not select a button to edit.</p> " ;
} else {
$button = $_GET [ 'button' ];
$fh = fopen ( BUTTONS , " r " );
while ( ! feof ( $fh )) {
$content [] = fgets ( $fh , 4096 );
}
fclose ( $fh );
if ( empty ( $content [ $button ])) {
echo " <p>That button does not exist.</p> " ;
include ( 'footer.php' );
exit ;
}
$buttonArray = preg_split ( " /,(?! )/ " , $content [ $button ]);
if ( isset ( $buttonArray [ '5' ])) {
$buttonArray [ '5' ] = stripslashes ( $buttonArray [ '5' ]);
$buttonArray [ '5' ] = trim ( $buttonArray [ '5' ], " \" \x00 .. \x1F " );
} else {
$buttonArray [ '4' ] = trim ( $buttonArray [ '4' ], " \" \x00 .. \x1F " );
$buttonArray [ '3' ] = trim ( $buttonArray [ '3' ], " \" \x00 .. \x1F " );
}
?>
< form action = " ?ap=edit_button " method = " post " enctype = " multipart/form-data " >< p >
< input type = " hidden " id = " buttonnum " name = " buttonnum " value = " <?php echo $button ; ?> " />
< input type = " hidden " id = " filename " name = " filename " value = " <?php echo $buttonArray['0'] ; ?> " />
< input type = " hidden " id = " width " name = " width " value = " <?php echo $buttonArray['1'] ; ?> " />
< input type = " hidden " id = " height " name = " height " value = " <?php echo $buttonArray['2'] ; ?> " />
< img src = " buttons/<?php echo $buttonArray['0'] ;?> " style = " vertical-align: middle; " alt = " " /> Old Button < br />
< label >< input type = " file " name = " newbutton " id = " newbutton " /> New Button </ label >< br />
< label >< input type = " radio " id = " donatedyes " name = " donated " value = " yes " < ? php if ( isset ( $buttonArray [ '3' ]) && $buttonArray [ '3' ] == " yes " ) { echo " checked= \" checked \" " ; } ?> /> Yes</label>
< label >< input type = " radio " id = " donatedno " name = " donated " value = " no " < ? php if ( isset ( $buttonArray [ '3' ]) && $buttonArray [ '3' ] == " no " ) { echo " checked= \" checked \" " ; } ?> /> No</label> Donated?<br />
< label >< input type = " text " id = " donatorname " name = " donatorname " value = " <?php echo $buttonArray['4'] ;?> " /> Donator Name </ label >< br />
< label >< input type = " text " id = " donatorurl " name = " donatorurl " value = " <?php echo $buttonArray['5'] ;?> " /> Donator URL </ label >< br />
< input type = " submit " name = " submit " id = " submit " value = " Edit " />
</ p ></ form >
< ? php
}
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
include ( 'footer.php' );
exit ;
}
$array = file ( BUTTONS );
$buttons_found = array ();
echo " <ul> " ;
foreach ( $array as $value ) {
list ( $file , $width , $height , $donated , $donator , $donatorUrl ) = preg_split ( " /,(?! )/ " , $value );
if ( ! in_array ( $width . " x " . $height , $buttons_found )) {
$buttons_found [] = $width . " x " . $height ;
echo " <li><a href= \" admin.php?ap=manage_buttons&size= { $width } x { $height } \" > { $width } x { $height } </a></li> " ;
}
}
echo " </ul> " ;
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " edit_button " :
foreach ( $_POST as $key => $val ) {
$clean [ $key ] = cleanUp ( $val );
}
if ( $_FILES [ 'newbutton' ][ 'size' ] > 0 ) {
if ( getimagesize ( $_FILES [ 'newbutton' ][ 'tmp_name' ]) === FALSE ) {
echo " <p>That is not a valid image file.</p> " ;
include ( 'footer.php' );
exit ;
}
list ( $width , $height , $type , $attr ) = getimagesize ( $_FILES [ 'newbutton' ][ 'tmp_name' ]);
if ( $type == 1 || $type == 2 || $type == 3 ) {
if ( move_uploaded_file ( $_FILES [ 'newbutton' ][ 'tmp_name' ], " buttons/ { $_FILES [ 'newbutton' ][ 'name' ] } " )) {
$string = substr ( md5 ( microtime () * mktime ()), 0 , 6 );
$ext = substr ( strrchr ( $_FILES [ 'newbutton' ][ 'name' ], " . " ), 1 );
// rename the button so that bad characters don't break things.
if ( rename ( " buttons/ " . $_FILES [ 'newbutton' ][ 'name' ], " buttons/ " . $string . " . " . $ext )) {
$filename = $string . " . " . $ext ;
} else {
// if button could not be renamed we check for commas and delete the button if 'bad', or rely on original name if fine
if ( strpos ( $_FILES [ 'newbutton' ][ 'name' ], " , " ) === true ) {
unlink ( " buttons/ " . $_FILES [ 'newbutton' ][ 'name' ]);
echo " <p>File names must not contain commas.</p> " ;
include ( 'footer.php' );
exit ;
} else {
$filename = $_FILES [ 'newbutton' ][ 'name' ];
}
}
unlink ( " buttons/ " . $clean [ 'filename' ]);
}
} else {
echo " <p>That is not a valid image file.</p> " ;
include ( 'footer.php' );
exit ;
}
} else {
$filename = $clean [ 'filename' ];
}
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
$editedButton = $filename . " , " . $clean [ 'width' ] . " , " . $clean [ 'height' ] . " , " . $clean [ 'donated' ] . " , " . $clean [ 'donatorname' ] . " , " . $clean [ 'donatorurl' ] . " \n " ;
2024-06-26 10:32:28 +00:00
$button = $clean [ 'buttonnum' ];
2012-05-21 12:42:55 +00:00
$fh = fopen ( BUTTONS , " r " );
while ( ! feof ( $fh )) {
$content [] = fgets ( $fh , 4096 );
}
fclose ( $fh );
$content [ $button ] = $editedButton ;
$data = implode ( $content );
$data = trim ( $data );
$fp = fopen ( BUTTONS , " w " ) or die ( " Couldn't open BUTTONS. " );
fwrite ( $fp , $data );
fclose ( $fp );
echo " <p>Button edited.</p> " ;
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " add_update " :
?>
< h4 > Add New Update </ h4 >
< p > If updates details is left blank , only a date will be shown .</ p >
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
< form action = " admin.php?ap=update_process " method = " post " >< p >
< label >< input type = " text " name = " date " id = " date " value = " <?php echo date( $timestamp ); ?> " readonly = " readonly " /> Date </ label >< br />
< label >< textarea id = " updatedetails " name = " updatedetails " ></ textarea > Details </ label >< br />
< input type = " submit " id = " submit " value = " Update " />
</ p ></ form >
< ? php
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " update_process " :
foreach ( $_POST as $key => $val ) {
$clean [ $key ] = cleanUp ( $val );
}
$update = " \n " . $clean [ 'date' ] . " , " . $clean [ 'updatedetails' ];
$fp = fopen ( UPDATES , " w " ) or die ( " Couldn't open UPDATES - the update could not be stored. " );
fwrite ( $fp , $update );
fclose ( $fp );
echo " <p>Update added.</p> " ;
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " add_affiliate " :
echo " <p style='color: red;'><strong>Note:</strong> On the majority of hosts, the button folders have to have permissions set to 777 for the upload feature to work. This can constitute a security risk. Please be careful when changing the permissions of files and folders.</p> " ;
?>
< form method = " post " action = " ?ap=add_affiliate_process " enctype = " multipart/form-data " >< p >
< label >< input type = " text " name = " affName " id = " affName " /> Affiliate Name </ label >< br />
2024-06-29 10:19:12 +00:00
< label >< input type = " email " name = " affEmail " id = " affEmail " /> Affiliate E - mail </ label >< br />
2012-05-21 12:42:55 +00:00
< label >< input type = " text " name = " affURL " id = " affURL " /> Affiliate URL </ label >< br />
< label >< input type = " text " name = " affSitename " id = " affSitename " /> Affiliate Site Name </ label >< br />
< label >< input type = " file " name = " affButton " id = " affButton " /> Affiliate Button </ label >< br />
< input type = " submit " name = " submit " id = " submit " value = " Upload " />
</ p ></ form >
< ? php
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " add_affiliate_process " :
if ( getimagesize ( $_FILES [ 'affButton' ][ 'tmp_name' ]) === FALSE ) {
echo " <p>That is not a valid image file.</p> " ;
include ( 'footer.php' );
exit ;
}
list ( $width , $height , $type , $attr ) = getimagesize ( $_FILES [ 'affButton' ][ 'tmp_name' ]);
if ( $type == 1 || $type == 2 || $type == 3 ) {
if ( move_uploaded_file ( $_FILES [ 'affButton' ][ 'tmp_name' ], " buttons/ { $_FILES [ 'affButton' ][ 'name' ] } " )) {
foreach ( $_POST as $key => $val ) {
$clean [ $key ] = cleanUp ( $val );
}
$string = substr ( md5 ( microtime () * mktime ()), 0 , 6 );
$ext = substr ( strrchr ( $_FILES [ 'affButton' ][ 'name' ], " . " ), 1 );
// rename the button so that bad characters don't break things.
if ( rename ( " buttons/ " . $_FILES [ 'affButton' ][ 'name' ], " buttons/aff_ " . $string . " . " . $ext )) {
$filename = " aff_ " . $string . " . " . $ext ;
} else {
// if button could not be renamed we check for commas and delete the button if 'bad', or rely on original name if fine
if ( strpos ( $_FILES [ 'affButton' ][ 'name' ], " , " ) === true ) {
unlink ( " buttons/ " . $_FILES [ 'affButton' ][ 'name' ]);
echo " <p>File names must not contain commas.</p> " ;
include ( 'footer.php' );
exit ;
} else {
$filename = $_FILES [ 'affButton' ][ 'name' ];
}
}
$aff = " \n " . $filename . " , " . $clean [ 'affName' ] . " , " . breakEmail ( $clean [ 'affEmail' ]) . " , " . $clean [ 'affURL' ] . " , " . $clean [ 'affSitename' ];
$fp = fopen ( AFFILIATES , " a " ) or die ( " Couldn't open AFFILIATES - the affiliate details were not uploaded this time. " );
fwrite ( $fp , $aff );
fclose ( $fp );
echo " <p>The affiliate details were uploaded successfully. <a href='admin.php?ap=add_affiliate'>Add another?</a></p> " ;
} else {
echo " <p>The affiliate details were not uploaded this time.</p> " ;
include ( 'footer.php' );
exit ;
}
} else {
echo " <p>That file extension not valid.</p> " ;
include ( 'footer.php' );
exit ;
}
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " manage_affiliates " :
if ( isset ( $_GET [ 'p' ]) && $_GET [ 'p' ] == " del " ) {
if ( ! isset ( $_GET [ 'p' ])) {
echo " <p>You did not select an affiliate to delete.</p> " ;
} else {
$aff = $_GET [ 'aff' ];
$fh = @ fopen ( AFFILIATES , " r " );
while ( ! feof ( $fh )) {
$content [] = fgets ( $fh , 4096 );
}
fclose ( $fh );
list ( $affButton , $affName , $affEmail , $affURL , $affSitename ) = preg_split ( " /,(?! )/ " , $content [ $aff ]);
unlink ( " buttons/ " . $affButton );
unset ( $content [ $aff ]);
$data = implode ( " " , $content );
$data = trim ( $data );
$fh = @ fopen ( AFFILIATES , " w " );
@ fwrite ( $fh , $data );
fclose ( $fh );
echo " <p>Affiliate deleted. <a href= \" admin.php?ap=manage_affiliates \" >Manage more affiliates?</a></p> " ;
}
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
include ( 'footer.php' );
exit ;
} elseif ( isset ( $_GET [ 'p' ]) && $_GET [ 'p' ] == " edit " ) {
if ( ! isset ( $_GET [ 'aff' ])) {
echo " <p>You did not select an affiliate to edit.</p> " ;
} else {
$aff = $_GET [ 'aff' ];
$fh = fopen ( AFFILIATES , " r " );
while ( ! feof ( $fh )) {
$content [] = fgets ( $fh , 4096 );
}
fclose ( $fh );
if ( empty ( $content [ $aff ])) {
echo " <p>That affiliate does not exist.</p> " ;
include ( 'footer.php' );
exit ;
}
$affArray = preg_split ( " /,(?! )/ " , $content [ $aff ]);
$affArray [ '4' ] = trim ( $affArray [ '4' ], " \" \x00 .. \x1F " );
?>
< form action = " ?ap=edit_affiliate " method = " post " enctype = " multipart/form-data " >< p >
< input type = " hidden " id = " affnum " name = " affnum " value = " <?php echo $aff ; ?> " />
< input type = " hidden " id = " filename " name = " filename " value = " <?php echo $affArray['0'] ; ?> " />
< img src = " buttons/<?php echo $affArray['0'] ;?> " style = " vertical-align: middle; " alt = " " /> Old Affiliate Button < br />
< label >< input type = " file " name = " newbutton " id = " newbutton " /> New Affiliate Button </ label >< br />
< label >< input type = " text " name = " affName " id = " affName " value = " <?php echo $affArray['1'] ;?> " /> Affiliate Name </ label >< br />
2024-06-29 10:19:12 +00:00
< label >< input type = " email " name = " affEmail " id = " affEmail " value = " <?php echo fixEmail( $affArray['2'] );?> " /> Affiliate E - mail </ label >< br />
2012-05-21 12:42:55 +00:00
< label >< input type = " text " name = " affURL " id = " affURL " value = " <?php echo $affArray['3'] ;?> " /> Affiliate URL </ label >< br />
< label >< input type = " text " name = " affSitename " id = " affSitename " value = " <?php echo $affArray['4'] ;?> " /> Affiliate Site Name </ label >< br />
< input type = " submit " name = " submit " id = " submit " value = " Edit " />
</ p ></ form >
< ? php
}
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
include ( 'footer.php' );
exit ;
}
2024-06-26 10:32:28 +00:00
2012-05-21 12:42:55 +00:00
?>
< table >
< tr > < th > Button </ th > < th > Name </ th > < th > Email </ th > < th > URL </ th > < th > Site Name </ th > < th > Admin </ th ></ tr >
< ? php
$array = file ( AFFILIATES );
foreach ( $array as $key => $value ) {
list ( $affButton , $affName , $affEmail , $affURL , $affSitename ) = preg_split ( " /,(?! )/ " , $value );
echo " <tr> <td><img src='buttons/ $affButton ' alt=''></td> <td> $affName </td> <td><a href='mailto: " . fixEmail ( $affEmail ) . " '>email</a></td> <td><a href=' $affURL '>www</a></td> <td> $affSitename </td> <td><a href='admin.php?ap=manage_affiliates&p=edit&aff= $key '><img src='admin-icons/edit.png' title='edit' alt='edit' /></a> <a href='admin.php?ap=manage_affiliates&p=del&aff= $key ' onClick= \" javascript:return confirm('Are you sure you want to delete this affiliate?') \" ><img src='admin-icons/delete.png' title='delete' alt='delete' /></a></td> </tr> " ;
}
?>
</ table >
< ? php
break ;
case " edit_affiliate " :
foreach ( $_POST as $key => $val ) {
$clean [ $key ] = cleanUp ( $val );
}
if ( $_FILES [ 'newbutton' ][ 'size' ] > 0 ) {
if ( getimagesize ( $_FILES [ 'newbutton' ][ 'tmp_name' ]) === FALSE ) {
echo " <p>That is not a valid image file.</p> " ;
include ( 'footer.php' );
exit ;
}
list ( $width , $height , $type , $attr ) = getimagesize ( $_FILES [ 'newbutton' ][ 'tmp_name' ]);
if ( $type == 1 || $type == 2 || $type == 3 ) {
if ( move_uploaded_file ( $_FILES [ 'newbutton' ][ 'tmp_name' ], " buttons/ { $_FILES [ 'newbutton' ][ 'name' ] } " )) {
$string = substr ( md5 ( microtime () * mktime ()), 0 , 6 );
$ext = substr ( strrchr ( $_FILES [ 'newbutton' ][ 'name' ], " . " ), 1 );
// rename the button so that bad characters don't break things.
if ( rename ( " buttons/ " . $_FILES [ 'newbutton' ][ 'name' ], " buttons/ " . $string . " . " . $ext )) {
$filename = $string . " . " . $ext ;
} else {
// if button could not be renamed we check for commas and delete the button if 'bad', or rely on original name if fine
if ( strpos ( $_FILES [ 'newbutton' ][ 'name' ], " , " ) === true ) {
unlink ( " buttons/ " . $_FILES [ 'newbutton' ][ 'name' ]);
echo " <p>File names must not contain commas.</p> " ;
include ( 'footer.php' );
exit ;
} else {
$filename = $_FILES [ 'newbutton' ][ 'name' ];
}
}
unlink ( " buttons/ " . $clean [ 'filename' ]);
}
} else {
echo " <p>That is not a valid image file.</p> " ;
include ( 'footer.php' );
exit ;
}
} else {
$filename = $clean [ 'filename' ];
}
$editedAff = $filename . " , " . $clean [ 'affName' ] . " , " . breakEmail ( $clean [ 'affEmail' ]) . " , " . $clean [ 'affURL' ] . " , " . $clean [ 'affSitename' ] . " \n " ;
2024-06-26 10:32:28 +00:00
$aff = $clean [ 'affnum' ];
2012-05-21 12:42:55 +00:00
$fh = fopen ( AFFILIATES , " r " );
while ( ! feof ( $fh )) {
$content [] = fgets ( $fh , 4096 );
}
fclose ( $fh );
$content [ $aff ] = $editedAff ;
$data = implode ( $content );
$data = trim ( $data );
$fp = fopen ( AFFILIATES , " w " ) or die ( " Couldn't open AFFILIATES. " );
fwrite ( $fp , $data );
fclose ( $fp );
echo " <p>Affiliate edited.</p> " ;
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " email_affiliates " :
if ( isset ( $_GET [ 'p' ]) && $_GET [ 'p' ] == " process " ) {
foreach ( $_POST as $key => $val ) {
$clean [ $key ] = stripslashes ( trim ( $val ));
2024-06-26 10:32:28 +00:00
}
2012-05-21 12:42:55 +00:00
2024-06-26 10:32:28 +00:00
// Recipients
$mail -> setFrom ( $admin_email , $title );
$mail -> addAddress ( $clean [ 'to' ]);
$mail -> addReplyTo ( $admin_email );
2012-05-21 12:42:55 +00:00
2024-06-26 10:32:28 +00:00
$mail -> Subject = " E-mail from the $FLsubject fanlisting " ;
2012-05-21 12:42:55 +00:00
2024-06-26 10:32:28 +00:00
if ( $mail -> send ()) {
2012-05-21 12:42:55 +00:00
echo " <p>E-mail sent!</p> " ;
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
} else {
echo " <p>The e-mail could not be sent at this time.</p> " ;
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
}
exit ;
}
$array = file ( AFFILIATES );
?>
< form action = " admin.php?ap=email_affiliates&p=process " method = " post " >< p >
< label >< textarea name = " to " id = " to " style = 'width: 350px; height: 80px; vertical-align: middle;' >
< ? php
$emailArray = array ();
foreach ( $array as $value ) {
list ( $affButton , $affName , $affEmail , $affURL , $affSitename ) = preg_split ( " /,(?! )/ " , $value );
$emailArray [ $affName ] = $affEmail ;
}
$emailArray = array_unique ( $emailArray );
foreach ( $emailArray as $key => $value ) {
if ( ! empty ( $value )) {
echo " $key < " . fixEmail ( $value ) . " >, " ;
}
}
?>
</ textarea > To </ label >< br />
< label >< textarea name = " message " id = " message " style = 'width: 350px; height: 220px; vertical-align: middle;' ></ textarea > Message </ label >< br />
< input type = " submit " id = " submit " name = " submit " value = " send " />
</ p ></ form >
< ? php
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
break ;
case " search " :
if ( isset ( $_GET [ 'p' ]) && $_GET [ 'p' ] == " process " ) {
if ( ! ereg ( " ^[_a-z0-9-]+( \ .[_a-z0-9-]+)*@[a-z0-9-]+( \ .[a-z0-9-]+)*( \ .[a-z] { 2,6}) $ " , strtolower ( $_POST [ 'email' ]))) {
echo " <p>That is not a valid e-mail address.</p> " ;
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
include ( 'footer.php' );
exit ;
}
if ( filesize ( MEMBERS ) > 0 && checkTXTfile ( MEMBERS , breakEmail ( $_POST [ 'email' ]), " email " ) === true ) {
$file = MEMBERS ;
} elseif ( filesize ( NEWBIES ) > 0 && checkTXTfile ( NEWBIES , breakEmail ( $_POST [ 'email' ]), " email " ) === true ) {
$file = NEWBIES ;
}
if ( ! isset ( $file )) {
echo " <p>Something went horribly, drastically wrong! Run for your life!</p> " ;
echo " <p>...</p> " ;
echo " <p>Just kidding — that member does <strong>not</strong> exist.</p> " ;
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
include ( 'footer.php' );
exit ;
}
$members = file ( $file );
foreach ( $members as $key => $value ) {
if ( preg_match ( " /( " . breakEmail ( $_POST [ 'email' ]) . " )/i " , $value )) {
list ( $name , $email , $dispemail , $url , $country , $fave ) = preg_split ( " /,(?! )/ " , $value );
if ( empty ( $url ) || $url == " http:// " || $url == " " ) {
$url = " (none) " ;
} else {
$url = " <a href=' $url '>website</a> " ;
}
?>
< p > Search results :</ p >
< table >
< tr > < th > Name </ th > < th > E - mail </ th > < th > Website </ th > < th > Country </ th > < ? php if ( isset ( $favefield ) && $favefield == " yes " ) { echo " <th>Fave</th> " ; } ?> <th>Admin</th></tr>
2024-06-26 10:32:28 +00:00
< tr > < td >< ? php echo $name ; ?> </td>
2012-05-21 12:42:55 +00:00
< td >< ? php echo " <a href='mailto: " . fixEmail ( $email ) . " '>email</a> " ; ?> </td>
< td >< ? php echo $url ; ?> </td>
< td >< ? php echo $country ; ?> </td>
< ? php if ( isset ( $favefield ) && $favefield == " yes " ) { ?>
< td >< ? php echo $fave ; ?> </td>
< ? php }
?>
< td >< a href = 'admin.php?ap=edit_member&file=<?php echo $file; ?>&mem=<?php echo $key; ?>' >< img src = 'admin-icons/edit.png' title = 'edit' alt = 'edit' /></ a > < a href = 'admin.php?ap=delete_member&file=<?php echo $file; ?>&mem=<?php echo $key; ?>' onClick = " javascript:return confirm('Are you sure you want to delete this member?') " >< img src = 'admin-icons/delete.png' title = 'delete' alt = 'delete' /></ a >
</ tr >
</ table >
< ? php
echo " <p><a href='admin.php'>Back to admin panel?</a></p> " ;
}
}
include ( 'footer.php' );
exit ;
}
?>
< p > Search for member by e - mail address :</ p >
< form action = " admin.php?ap=search&p=process " method = " post " >< p >
2024-06-29 10:19:12 +00:00
< label >< input type = " email " name = " email " id = " email " /> E - mail </ label >< br />
2012-05-21 12:42:55 +00:00
< input type = " submit " name = " submit " id = " submit " value = " Search " />
</ form >
< ? php
break ;
default :
echo " <h4>BellaBuffs Admin Panel</h4> " ;
?>
< ul >
< li >< a href = " admin.php?ap=manage_members " > Manage Approved Members </ a > ( < ? php countfile ( MEMBERS ); ?> )</li>
< li >< a href = " admin.php?ap=manage_members&s=newbies " > Manage Pending Members </ a > ( < ? php countfile ( NEWBIES ); ?> )</li>
< li >< a href = " admin.php?ap=search " > Search for Member </ a ></ li >
</ ul >
< ul >
< li >< a href = " admin.php?ap=add_update " > Add Update </ a ></ li >
</ ul >
< ul >
< li >< a href = " admin.php?ap=add_button " > Add Button </ a ></ li >
< li >< a href = " admin.php?ap=manage_buttons " > Manage Buttons </ a > ( < ? php countfile ( BUTTONS ); ?> )</li>
</ ul >
< ul >
< li >< a href = " admin.php?ap=add_affiliate " > Add Affiliate </ a ></ li >
< li >< a href = " admin.php?ap=manage_affiliates " > Manage Affiliates </ a > ( < ? php countfile ( AFFILIATES ); ?> )</li>
< li >< a href = " admin.php?ap=email_affiliates " > E - mail Affiliates </ a ></ li >
</ ul >
< ul >
< li >< a href = " admin.php?ap=add_spamword " > Add Spam Word </ a ></ li >
< li >< a href = " admin.php?ap=edit_spamword " > Edit Spam Words </ a > ( < ? php countfile ( SPAMWDS ); ?> )</li>
< li >< a href = " admin.php?ap=block_ip " > Block IP Address </ a ></ li >
< li >< a href = " admin.php?ap=edit_blocked_ips " > Edit Blocked IPs </ a > ( < ? php countfile ( IPBLOCKLST ); ?> )</li>
</ ul >
< ul >
< li >< a href = " logout.php " > Logout </ a ></ li >
</ ul >
< ? php
break ;
}
include ( 'footer.php' );
exit ;
} else {
echo " <p>Bad cookie. Clear 'em out and start again.</p> " ;
include ( 'footer.php' );
exit ;
}
}
if ( isset ( $_GET [ 'p' ]) && $_GET [ 'p' ] == " login " ) {
if ( $_POST [ 'name' ] != $admin_name || $_POST [ 'pass' ] != $admin_pass ) {
include ( 'header.php' );
echo " <p>Sorry, that username and password combination does not match. Please try again.</p> " ;
?>
< form action = " admin.php?p=login " method = " post " >< fieldset >
< label >< input type = " text " name = " name " id = " name " /> Name </ label >< br />
< label >< input type = " password " name = " pass " id = " pass " /> Password </ label >< br />
< input type = " submit " id = " submit " value = " Login " />
</ fieldset ></ form >
< ? php
include ( 'footer.php' );
exit ;
} elseif ( $_POST [ 'name' ] == $admin_name && $_POST [ 'pass' ] == $admin_pass ) {
setcookie ( 'bellabuffs' , md5 ( $_POST [ 'name' ] . $_POST [ 'pass' ] . $secret ), time () + ( 31 * 86400 ));
header ( " Location: admin.php " );
} else {
include ( 'header.php' );
echo " <p>Sorry, you could not be logged in at this time. Please try again.</p> " ;
?>
< form action = " admin.php?p=login " method = " post " >< fieldset >
< label >< input type = " text " name = " name " id = " name " /> Name </ label >< br />
< label >< input type = " password " name = " pass " id = " pass " /> Password </ label >< br />
< input type = " submit " id = " submit " value = " Login " />
</ fieldset ></ form >
< ? php
include ( 'footer.php' );
exit ;
}
exit ;
}
include ( 'header.php' );
?>
< form action = " admin.php?p=login " method = " post " >< p >
< label >< input type = " text " name = " name " id = " name " /> Name </ label >< br />
< label >< input type = " password " name = " pass " id = " pass " /> Password </ label >< br />
< input type = " submit " id = " submit " value = " Login " />
</ p ></ form >
< ? php
include ( 'footer.php' );
?>