1129 lines
44 KiB
PHP
1129 lines
44 KiB
PHP
<?php
|
|
require_once('prefs.php');
|
|
require_once __DIR__.'/contactform/vendor/autoload.php';
|
|
require_once __DIR__.'/contactform/config.php';
|
|
|
|
$mail = new \PHPMailer\PHPMailer\PHPMailer(true);
|
|
$mail->setLanguage(CONTACTFORM_LANGUAGE);
|
|
$mail->SMTPDebug = CONTACTFORM_PHPMAILER_DEBUG_LEVEL;
|
|
$mail->isSMTP();
|
|
$mail->Host = CONTACTFORM_SMTP_HOSTNAME;
|
|
$mail->SMTPAuth = true;
|
|
$mail->Username = CONTACTFORM_SMTP_USERNAME;
|
|
$mail->Password = CONTACTFORM_SMTP_PASSWORD;
|
|
$mail->SMTPSecure = CONTACTFORM_SMTP_ENCRYPTION;
|
|
$mail->Port = CONTACTFORM_SMTP_PORT;
|
|
$mail->CharSet = CONTACTFORM_MAIL_CHARSET;
|
|
$mail->Encoding = CONTACTFORM_MAIL_ENCODING;
|
|
|
|
if (isset($_COOKIE['bellabuffs'])) {
|
|
if ($_COOKIE['bellabuffs'] == md5($admin_name.$admin_pass.$secret)) {
|
|
if (isset($_GET['ap'])) { $page = $_GET['ap']; } else { $page = ""; }
|
|
include('header.php');
|
|
switch ($page) {
|
|
case "manage_members":
|
|
if (isset($_GET['s']) && $_GET['s'] == "newbies") {
|
|
$file = file(NEWBIES);
|
|
$wording = "pending";
|
|
$pageurl = "admin.php?ap=manage_members&s=newbies";
|
|
$fileurl = "newbies.txt";
|
|
} else {
|
|
$file = file(MEMBERS);
|
|
$wording = "approved";
|
|
$pageurl = "admin.php?ap=manage_members";
|
|
$fileurl = "members.txt";
|
|
}
|
|
|
|
echo "<p style='color: red;'><strong>Warning:</strong> Do not try to edit multiple members at once, do not try to approve and delete the same member.</p>";
|
|
|
|
$count = count($file);
|
|
if ($count == 0) { echo '<p>No '.$wording.' members at this time.</p> <p><a href="admin.php">Back to admin panel?</a></p>'; exit(include('footer.php')); }
|
|
|
|
echo '<p style="text-align: center;">'.$count.' '.$wording.' members | ';
|
|
$numpages = ceil($count/$perpage);
|
|
|
|
echo "pages: ";
|
|
for ($x=1; $x<=$numpages; $x++) {
|
|
echo '<a href="'.$pageurl.'&page='.$x.'">';
|
|
if (isset($_GET['page']) && $x == $_GET['page']) {
|
|
echo "<strong>$x</strong>";
|
|
} else {
|
|
echo "$x";
|
|
}
|
|
echo "</a> ";
|
|
}
|
|
echo "</p> \n\n ";
|
|
|
|
if (isset($_GET['page']) && is_numeric($_GET['page'])) $i = $perpage * ($_GET['page'] - 1);
|
|
else $i = 0;
|
|
|
|
$end = $i + $perpage;
|
|
|
|
if ($end > $count) $end=$count;
|
|
?>
|
|
<form action="admin.php?ap=do_action" method="post">
|
|
<input type="hidden" name="token" id="token" value="<?php echo md5($secret); ?>" />
|
|
<input type="hidden" name="fileloc" id="fileloc" value="<?php if (isset($_GET['s']) && $_GET['s'] == "newbies") echo 'newbies.txt'; else echo 'members.txt' ?>" />
|
|
|
|
<table>
|
|
<tr> <th>Name</th> <th>E-mail</th> <th>Website</th> <th>Country</th> <?php if (isset($favefield) && $favefield == "yes") { echo "<th>Fave</th>"; } ?> <?php if (isset($_GET['s']) && $_GET['s'] == "newbies") echo '<th>Add</th>'; ?> <th>Edit</th> <th>Delete</th>
|
|
</tr>
|
|
<?php
|
|
while ($i<$end){
|
|
$rowClass = ($i % 2) ? $classA : $classB;
|
|
list($name,$email,$dispemail,$url,$country,$fave) = preg_split("/,(?! )/",$file[$i]);
|
|
$fave = trim($fave, "\"\x00..\x1F");
|
|
|
|
echo '<tr class="'.$rowClass.'">';
|
|
$email = "<script type=\"text/javascript\"> document.write('<a href=\"mailto:" . fixEmail($email) . "\">e-mail<\/a>'); </script>";
|
|
if (empty($url) || $url == "http://") $url = "<del>www</del>"; else $url = "<a href=\"$url\" title=\"$name's website\">www</a>";
|
|
|
|
echo "<td>$name</td> <td>$email</td> <td>$url</td> <td>$country</td> ";
|
|
if (isset($favefield) && $favefield == "yes") echo "<td>" . str_replace('|', ',', $fave) . "</td>";
|
|
|
|
if (isset($_GET['s']) && $_GET['s'] == "newbies")
|
|
echo '<td><input type="checkbox" name="appr['.$i.']" value="'.$i.'" /></td>';
|
|
|
|
echo '<td><a href="admin.php?ap=edit_member&file='.$fileurl.'&mem='.$i.'"><img src="admin-icons/edit.png" title="edit" alt="edit" /></a></td>';
|
|
echo '<td><input type="checkbox" name="del['.$i.']" value="'.$i.'" /></td>';
|
|
echo "</tr>\r\n";
|
|
|
|
$i++;
|
|
}
|
|
?>
|
|
</table>
|
|
<?php
|
|
echo '<p><input type="submit" name="submit" id="submit" value="Update" /></p>'."\r\n</form>";
|
|
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "do_action":
|
|
if (!isset($_POST['token']) || $_POST['token'] != md5($secret)) exit("<p>Invalid token.</p>");
|
|
|
|
if (isset($_POST['appr']) && is_array($_POST['appr'])) {
|
|
$newbies = file(NEWBIES);
|
|
$approved = array();
|
|
|
|
foreach ($_POST['appr'] as $member => $value) {
|
|
if (is_numeric($member) && array_key_exists($member, $newbies)) {
|
|
$approved[] = $newbies[$member];
|
|
unset($newbies[$member]);
|
|
}
|
|
}
|
|
|
|
$newbies = implode("", $newbies);
|
|
$fh = fopen(NEWBIES, "w");
|
|
fwrite($fh, $newbies);
|
|
fclose($fh);
|
|
|
|
if ($emailapproval == "yes") {
|
|
$apprAmount = count($approved);
|
|
$i = 0;
|
|
while ($i < $apprAmount) {
|
|
list($name,$email,$dispemail,$url,$country,$fave) = preg_split("/,(?! )/",$approved[$i]);
|
|
|
|
// Recipients
|
|
$mail->setFrom($admin_email, $title);
|
|
$mail->addAddress(fixEmail($email), $name);
|
|
$mail->addReplyTo($admin_email);
|
|
|
|
$mail->Subject = "You have been approved at $title";
|
|
|
|
$mail->Body = $approvalMsg;
|
|
$mail->Body .= "Name: {$name} \r\n";
|
|
$mail->Body .= "Email: " . fixEmail($email) . " \r\n";
|
|
$mail->Body .= "URL: {$url} \r\n";
|
|
$mail->Body .= "Country: {$country} \r\n";
|
|
if (isset($favefield) && $favefield == "yes") $mail->Body .= strip_tags($favetext) . ": {$fave} \r\n";
|
|
|
|
$mail->send();
|
|
|
|
$i++;
|
|
}
|
|
}
|
|
|
|
if (isset($defaultSort)) {
|
|
if ($defaultSort == "newest") {
|
|
$newmembers = implode("", $approved) . "\r\n";
|
|
$olddata = file_get_contents(MEMBERS);
|
|
|
|
$fp = fopen(MEMBERS, "w");
|
|
fwrite($fp, $newmembers);
|
|
fclose($fp);
|
|
|
|
$fp = fopen(MEMBERS, "a") or die ("Couldn't open members.txt");
|
|
fwrite($fp, $olddata);
|
|
fclose($fp);
|
|
} elseif ($defaultSort == "oldest") {
|
|
$newmembers = "\r\n" . implode("", $approved);
|
|
|
|
$fp = fopen(MEMBERS, "a") or die ("Couldn't open members.txt");
|
|
fwrite($fp, $newmembers);
|
|
fclose($fp);
|
|
} else {
|
|
exit("<p>Invalid sort option in prefs.php: please ensure you use 'newest' or 'oldest'.</p>");
|
|
}
|
|
} else {
|
|
exit("<p>No sort option in prefs.php: please ensure you're running the latest version.</p>");
|
|
}
|
|
|
|
if (isset($updateDate) && $updateDate == "yes") {
|
|
$update = "\n" . date($timestamp) . ",New member(s) added";
|
|
|
|
$fp = fopen(UPDATES, "w") or die ("Couldn't open UPDATES - the update could not be stored.");
|
|
fwrite($fp, $update);
|
|
fclose($fp);
|
|
}
|
|
|
|
blanklinefix(NEWBIES);
|
|
blanklinefix(MEMBERS);
|
|
|
|
echo "<p>Member(s) approved.</p>";
|
|
}
|
|
if (isset($_POST['del']) && is_array($_POST['del'])) {
|
|
if (isset($_POST['fileloc']))
|
|
$fileloc = basename($_POST['fileloc']);
|
|
else exit;
|
|
|
|
$members = file(MEMBERS);
|
|
$newbies = file(NEWBIES);
|
|
|
|
foreach ($_POST['del'] as $member => $file) {
|
|
if (is_numeric($member)) {
|
|
if ($fileloc == "newbies.txt" && array_key_exists($member, $newbies)) unset($newbies[$member]);
|
|
elseif ($fileloc == "members.txt" && array_key_exists($member, $members)) unset($members[$member]);
|
|
}
|
|
}
|
|
if ($fileloc == "newbies.txt") $backlink = '<a href="admin.php?ap=manage_members&s=newbies">Delete other pending members?</a>'; else $backlink = '<a href="admin.php?ap=manage_members">Delete other approved members?</a>';
|
|
|
|
$members = implode("", $members);
|
|
$newbies = implode("", $newbies);
|
|
|
|
$fh = fopen(MEMBERS, "w");
|
|
fwrite($fh, $members);
|
|
fclose($fh);
|
|
|
|
$fb = fopen(NEWBIES, "w");
|
|
fwrite($fb, $newbies);
|
|
fclose($fb);
|
|
|
|
echo '<p>Member(s) deleted.</p>';
|
|
}
|
|
echo '<p><b>Jump to:</b> <a href="admin.php?ap=manage_members">members</a> / <a href="admin.php?ap=manage_members&s=newbies">pending members</a></p>';
|
|
echo '<p><a href="admin.php">Back to admin panel?</a></p>';
|
|
break;
|
|
case "edit_member":
|
|
echo "<p>Note: editing a member will not approve them. You must do this separately.</p>";
|
|
|
|
if (!isset($_GET['mem']) || $_GET['mem'] == "" || !ctype_digit($_GET['mem'])) {
|
|
echo "<p>You didn't select a valid member.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
} elseif (!isset($_GET['file']) || $_GET['file'] == "" || !file_exists($_GET['file'])) {
|
|
echo "<p>You didn't select a valid file.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
} else {
|
|
if (is_numeric($_GET['mem'])) $mem = $_GET['mem']; else exit("Oops, not a valid member number.");
|
|
if (file_exists($_GET['file'])) $file = $_GET['file']; else exit("Oops, the important .txt files don't exist!");
|
|
|
|
$fh = fopen($file, "r");
|
|
while(!feof($fh)) {
|
|
$content[] = fgets($fh, 4096);
|
|
}
|
|
fclose($fh);
|
|
|
|
if (empty($content[$mem])) {
|
|
echo "<p>That member does not exist.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
|
|
$memary = preg_split("/,(?! )/", $content[$mem]);
|
|
if (isset($memary['5'])) {
|
|
$memary['5'] = stripslashes(trim($memary['5'], "\"\x00..\x1F"));
|
|
} else {
|
|
$memary['4'] = trim($memary['4'], "\"\x00..\x1F");
|
|
}
|
|
?>
|
|
<form action="?ap=edit_process" method="post"><p>
|
|
<input type="hidden" id="member" name="member" value="<?php echo $mem;?>" />
|
|
<input type="hidden" id="file" name="file" value="<?php echo $file;?>" />
|
|
<label><input type="text" id="name" name="name" value="<?php echo $memary['0'];?>" /> Name</label><br />
|
|
<label><input type="text" id="email" name="email" value="<?php echo fixEmail($memary['1']);?>" /> E-mail</label><br />
|
|
<label><input type="radio" id="dispemailyes" name="dispemail" value="yes" <?php if ($memary['2'] == "yes") { echo "checked=\"checked\""; } ?> /> Yes</label>
|
|
<label><input type="radio" id="dispemailno" name="dispemail" value="no" <?php if ($memary['2'] == "no") { echo "checked=\"checked\""; } ?> /> No</label> Display E-mail?<br />
|
|
<label><input type="url" id="url" name="url" value="<?php echo $memary['3'];?>" /> Website</label><br />
|
|
<label><select name="country" id="country"><?php get_countries($memary['4']); ?></select> Country</label><br />
|
|
<?php
|
|
if (isset($favefield) && $favefield == "yes") {
|
|
?>
|
|
<label><input type="text" id="fave" name="fave" value="<?php echo $memary['5'];?>" /> <?php echo $favetext; ?></label><br />
|
|
<?php
|
|
}
|
|
?>
|
|
<input type="submit" name="submit" id="submit" value="continue" />
|
|
</p></form>
|
|
|
|
<?php
|
|
}
|
|
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "edit_process":
|
|
foreach ($_POST as $key => $val) {
|
|
$clean[$key] = cleanUp($val);
|
|
}
|
|
if (!isset($favefield) || $favefield == "no") {
|
|
$clean['fave'] = "";
|
|
}
|
|
if (empty($clean['dispemail'])) {
|
|
$clean['dispemail'] = "no";
|
|
}
|
|
|
|
$editedMember = $clean['name'] . "," . breakEmail($clean['email']) . "," . $clean['dispemail'] . "," . $clean['url'] . "," . $clean['country'] . "," . $clean['fave'] . "\n";
|
|
|
|
$mem = $clean['member'];
|
|
$file = $clean['file'];
|
|
|
|
$fh = fopen($file, "r");
|
|
while(!feof($fh)) {
|
|
$content[] = fgets($fh, 4096);
|
|
}
|
|
fclose($fh);
|
|
|
|
$content[$mem] = $editedMember;
|
|
$data = implode($content);
|
|
$data = trim($data);
|
|
|
|
$fp = fopen($file, "w") or die ("Couldn't open {$file}.");
|
|
fwrite($fp, $data);
|
|
fclose($fp);
|
|
|
|
if ($file == "newbies.txt") {
|
|
echo "<p>Member edited. <a href='admin.php?ap=pending_members'>Edit more pending members?</a></p>";
|
|
} else {
|
|
echo "<p>Member edited. <a href='admin.php?ap=approved_members'>Edit more approved members?</a></p>";
|
|
}
|
|
|
|
if (isset($updateDate) && $updateDate == "yes") {
|
|
if (empty($clean['url']) || $clean['url'] == "http://") {
|
|
$updatedMember = $clean['name'];
|
|
} else {
|
|
$updatedMember = "<a href=\"{$clean['url']}\">{$clean['name']}</a>";
|
|
}
|
|
$update = "\n" . date($timestamp) . ",Member edited: $updatedMember";
|
|
|
|
$fp = fopen(UPDATES, "w") or die ("<p>Couldn't open UPDATES - the update could not be stored.</p>");
|
|
fwrite($fp, $update);
|
|
fclose($fp);
|
|
}
|
|
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "add_spamword":
|
|
echo "<p>These words will be blocked - if the script finds them in the join form, membership will be rejected. Add each new word separately: do <strong>not</strong> use commas to separate spam words.</p>";
|
|
echo "<form action='admin.php?ap=add_spamword_process' method='post'><p>\n";
|
|
echo "<label for='newspamword'>Spam Word: </label><input type='text' name='spamword' id='spamword' /> <br />\n";
|
|
echo "<br /><input type='submit' name='submit' id='submit' value='Submit' />\n";
|
|
echo "</p></form>\n";
|
|
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "add_spamword_process":
|
|
if(!ctype_alnum($_POST['spamword'])) {
|
|
echo "<p>That is not a valid spam word: they must only contain numbers and letters. No special characters.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
|
|
$_POST['spamword'] = cleanUp(str_replace(',','',$_POST['spamword']));
|
|
|
|
echo "<p>The following word is now blacklisted:</p>\n\n<p>{$_POST['spamword']}</p>\n\n";
|
|
$newlisting = "\n".$_POST['spamword'];
|
|
|
|
$fh = @fopen(SPAMWDS, "a");
|
|
@fwrite($fh, $newlisting);
|
|
fclose($fh);
|
|
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "edit_spamword":
|
|
echo "<p>To remove a spam word, simply delete the contents of the input field.</p>";
|
|
|
|
if (filesize(SPAMWDS) == 0) {
|
|
echo "<p>No spam words in the list.</p>";
|
|
} else {
|
|
echo "\n<form action='admin.php?ap=edit_spamword_process' method='post'><p>\n";
|
|
$fh = fopen(SPAMWDS, "r") or die ("Couldn't open the spam words file.");
|
|
while(!feof($fh)) {
|
|
$spamword = fgetcsv($fh, 4096);
|
|
|
|
for ($i=0; $i<1; $i++) {
|
|
echo "<label for='spamword'>Spam Word: </label><input type='text' name='wordlist[]' value='$spamword[0]' /> <br />\n";
|
|
}
|
|
}
|
|
fclose($fh);
|
|
echo "<br /><input type='submit' name='submit' id='submit' value='Submit' />\n</p></form>\n";
|
|
}
|
|
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "edit_spamword_process":
|
|
$wordlist = $_POST['wordlist'];
|
|
|
|
echo "<p>The following words are now blacklisted:</p>\n\n<p>";
|
|
foreach ($wordlist as $spamword) {
|
|
echo "$spamword <br />\n";
|
|
}
|
|
echo "</p>";
|
|
|
|
$wordlist = cleanUp(implode(",", $wordlist));
|
|
$wordlist = str_replace(',,',',', $wordlist);
|
|
$wordlist = split(',', $wordlist);
|
|
$new_wordlist = implode("\n", $wordlist);
|
|
|
|
$fh = fopen(SPAMWDS, "w");
|
|
fwrite($fh, $new_wordlist);
|
|
fclose($fh);
|
|
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "block_ip":
|
|
echo "<p>Please note: blocking an IP will stop a user from joining your fanlisting, but not from viewing it.</p>";
|
|
echo "<form action='admin.php?ap=block_ip_process' method='post'><p>\n";
|
|
echo "<label for='newip'>IP Address: </label><input type='text' name='newip' id='newip' /> <br />\n";
|
|
echo "<br /><input type='submit' name='submit' id='submit' value='Submit' />\n";
|
|
echo "</p></form>\n";
|
|
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "block_ip_process":
|
|
if (preg_match("^((\d|[1-9]\d|2[0-4]\d|25[0-5]|1\d\d)(?:\.(\d|[1-9]\d|2[0-4]\d|25[0-5]|1\d\d)){3})$^", cleanUp(str_replace(',','',$_POST['newip'])))) {
|
|
echo "<p>The following IP has now been blocked:</p>\n\n<p>{$_POST['newip']}</p>\n\n";
|
|
$newlisting = "\n".$_POST['newip'];
|
|
|
|
$fh = @fopen(IPBLOCKLST, "a");
|
|
fwrite($fh, $newlisting);
|
|
fclose($fh);
|
|
} else {
|
|
echo "<p>That's not a valid IP address!</p>";
|
|
}
|
|
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "edit_blocked_ips":
|
|
echo "<p>To remove an IP, simply delete the content of the input field.</p>";
|
|
|
|
if (filesize(IPBLOCKLST) == 0) {
|
|
echo "<p>No blocked IPs.</p>";
|
|
} else {
|
|
echo "\n<form action='admin.php?ap=edit_blocked_ips_process' method='post'><p>\n";
|
|
$fh = fopen(IPBLOCKLST, "r") or die ("Couldn't open IP block list.");
|
|
while(!feof($fh)) {
|
|
$blockedips = @fgetcsv($fh, 4096);
|
|
|
|
for ($i=0; $i<1; $i++) {
|
|
echo "<label for='blockedip'>Blocked IP: </label><input type='text' name='iplist[]' value='$blockedips[0]' /> <br />\n";
|
|
}
|
|
}
|
|
fclose($fh);
|
|
echo "<br /><input type='submit' name='submit' id='submit' value='Submit' />\n</p></form>\n";
|
|
}
|
|
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "edit_blocked_ips_process":
|
|
echo "<p>The following IPs are now blocked:</p>\n\n<p>";
|
|
foreach ($_POST['iplist'] as $blockedip) {
|
|
print "$blockedip <br />\n";
|
|
}
|
|
echo "</p>";
|
|
|
|
$iplist = cleanUp(implode(",", $_POST['iplist']));
|
|
$iplist = str_replace(',,',',', $iplist);
|
|
$iplist = split(',', $iplist);
|
|
$new_iplist = implode("\n", $iplist);
|
|
|
|
$fh = @fopen(IPBLOCKLST, "w");
|
|
@fwrite($fh, $new_iplist);
|
|
fclose($fh);
|
|
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "add_button":
|
|
echo "<p style='color: red;'><strong>Note:</strong> On the majority of hosts, the button folders have to have permissions set to 777 for this upload feature to work. This can constitute a security risk. Please be careful when changing the permissions of files and folders.</p>";
|
|
?>
|
|
<form method="post" action="?ap=add_button_process" enctype="multipart/form-data"><p>
|
|
<label><input type="file" name="file" id="file" /> Upload Button</label><br />
|
|
<label>Donated?</label><br />
|
|
<input type="radio" id="donatedyes" name="donated" value="yes" /> Yes
|
|
<input type="radio" id="donatedno" name="donated" value="no" checked="checked" /> No<br />
|
|
|
|
<label><input type="text" id="donatorname" name="donatorname" /> Donator Name</label><br />
|
|
<label><input type="text" id="donatorurl" name="donatorurl" /> Donator URL</label><br />
|
|
<input type="submit" name="submit" id="submit" value="Upload" />
|
|
</p></form>
|
|
<?php
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "add_button_process":
|
|
if (!is_dir("buttons/")) {
|
|
echo "<p>The \"buttons\" directory does not exist and therefore the button could not be uploaded.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
if (empty($_FILES['file'])) {
|
|
echo "<p>You did not choose an image to upload.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
if (getimagesize($_FILES['file']['tmp_name']) === FALSE) {
|
|
echo "<p>That is not a valid image file.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
list($width, $height, $type, $attr) = getimagesize($_FILES['file']['tmp_name']);
|
|
if ($type == 1 || $type == 2 || $type == 3) {
|
|
if (move_uploaded_file($_FILES['file']['tmp_name'], "buttons/{$_FILES['file']['name']}")) {
|
|
echo "<p>The button was successfully uploaded. <a href='admin.php?ap=add_button'>Add another?</a></p>";
|
|
|
|
$string = substr(md5(microtime() * mktime()),0,6);
|
|
$ext = substr(strrchr($_FILES['file']['name'], "."), 1);
|
|
|
|
// rename the button so that bad characters don't break things.
|
|
if (rename("buttons/".$_FILES['file']['name'], "buttons/".$string.".".$ext)) {
|
|
$filename = $string.".".$ext;
|
|
} else {
|
|
// if button could not be renamed we check for commas and delete the button if 'bad', or rely on original name if fine
|
|
if (strpos($_FILES['file']['name'], ",") === true) {
|
|
unlink("buttons/".$_FILES['file']['name']);
|
|
echo "<p>File names must not contain commas.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
} else {
|
|
$filename = $_FILES['file']['name'];
|
|
}
|
|
}
|
|
|
|
foreach ($_POST as $key => $val) {
|
|
$clean[$key] = cleanUp($val);
|
|
}
|
|
|
|
$button = "\n" . $filename . "," . $width . "," . $height . "," . $clean['donated'] . "," . $clean['donatorname'] . "," . $clean['donatorurl'];
|
|
|
|
$fp = fopen(BUTTONS, "a") or die ("Couldn't open BUTTONS - the information about the button could not be stored.");
|
|
fwrite($fp, $button);
|
|
fclose($fp);
|
|
} else {
|
|
echo "<p>The button was not uploaded this time.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
} else {
|
|
echo "<p>That file extension not valid.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "manage_buttons":
|
|
if (isset($_GET['size'])) {
|
|
list($MANwidth,$MANheight) = preg_split("/x/",$_GET['size']);
|
|
?>
|
|
<h4>Manage Buttons: <?php echo $MANwidth;?>x<?php echo $MANheight;?></h4>
|
|
<table>
|
|
<tr> <th>Image</th> <th>Donated?</th> <th>Donator Name</th> <th>Donator URL</th> <th>Admin</th></tr>
|
|
<?php
|
|
$array = file(BUTTONS);
|
|
foreach ($array as $key => $value) {
|
|
if (preg_match("/$MANwidth,$MANheight/i", $value)) {
|
|
list($file,$width,$height,$donated,$donator,$donatorUrl) = preg_split("/,(?! )/",$value);
|
|
echo "<tr> <td><img src=\"buttons/$file\" alt=\"{$width}x{$height} button\" /></td> <td>$donated</td> <td>$donator</td> <td>$donatorUrl</td> <td><a href='admin.php?ap=manage_buttons&p=edit&button=$key'><img src='admin-icons/edit.png' title='edit' alt='edit' /></a> <a href='admin.php?ap=manage_buttons&p=del&button=$key' onClick=\"javascript:return confirm('Are you sure you want to delete this button?')\"><img src='admin-icons/delete.png' title='delete' alt='delete' /></a></td> </tr>";
|
|
}
|
|
}
|
|
?>
|
|
</table>
|
|
<?php
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
include('footer.php');
|
|
exit;
|
|
} elseif (isset($_GET['p']) && $_GET['p'] == "del") {
|
|
if (!isset($_GET['p'])) {
|
|
echo "<p>You did not select a button to delete.</p>";
|
|
} else {
|
|
$button = $_GET['button'];
|
|
|
|
$fh = @fopen(BUTTONS, "r");
|
|
while(!feof($fh)) {
|
|
$content[] = fgets($fh, 4096);
|
|
}
|
|
fclose($fh);
|
|
list($file,$width,$height,$donated,$donator,$donatorUrl) = preg_split("/,(?! )/",$content[$button]);
|
|
unlink("buttons/" . $file);
|
|
|
|
unset($content[$button]);
|
|
$data = implode("", $content);
|
|
$data = trim($data);
|
|
|
|
$fh = @fopen(BUTTONS, "w");
|
|
@fwrite($fh, $data);
|
|
fclose($fh);
|
|
|
|
echo "<p>Button deleted. <a href=\"admin.php?ap=manage_buttons\">Manage more buttons?</a></p>";
|
|
}
|
|
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
include('footer.php');
|
|
exit;
|
|
} elseif (isset($_GET['p']) && $_GET['p'] == "edit") {
|
|
if (!isset($_GET['button'])) {
|
|
echo "<p>You did not select a button to edit.</p>";
|
|
} else {
|
|
$button = $_GET['button'];
|
|
|
|
$fh = fopen(BUTTONS, "r");
|
|
while(!feof($fh)) {
|
|
$content[] = fgets($fh, 4096);
|
|
}
|
|
fclose($fh);
|
|
|
|
if (empty($content[$button])) {
|
|
echo "<p>That button does not exist.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
|
|
$buttonArray = preg_split("/,(?! )/", $content[$button]);
|
|
if (isset($buttonArray['5'])) {
|
|
$buttonArray['5'] = stripslashes($buttonArray['5']);
|
|
$buttonArray['5'] = trim($buttonArray['5'], "\"\x00..\x1F");
|
|
} else {
|
|
$buttonArray['4'] = trim($buttonArray['4'], "\"\x00..\x1F");
|
|
$buttonArray['3'] = trim($buttonArray['3'], "\"\x00..\x1F");
|
|
}
|
|
?>
|
|
<form action="?ap=edit_button" method="post" enctype="multipart/form-data"><p>
|
|
<input type="hidden" id="buttonnum" name="buttonnum" value="<?php echo $button; ?>" />
|
|
<input type="hidden" id="filename" name="filename" value="<?php echo $buttonArray['0']; ?>" />
|
|
<input type="hidden" id="width" name="width" value="<?php echo $buttonArray['1']; ?>" />
|
|
<input type="hidden" id="height" name="height" value="<?php echo $buttonArray['2']; ?>" />
|
|
<img src="buttons/<?php echo $buttonArray['0'];?>" style="vertical-align: middle;" alt="" /> Old Button<br />
|
|
<label><input type="file" name="newbutton" id="newbutton" /> New Button</label><br />
|
|
<label><input type="radio" id="donatedyes" name="donated" value="yes" <?php if (isset($buttonArray['3']) && $buttonArray['3'] == "yes") { echo "checked=\"checked\""; } ?> /> Yes</label>
|
|
<label><input type="radio" id="donatedno" name="donated" value="no" <?php if (isset($buttonArray['3']) && $buttonArray['3'] == "no") { echo "checked=\"checked\""; } ?> /> No</label> Donated?<br />
|
|
<label><input type="text" id="donatorname" name="donatorname" value="<?php echo $buttonArray['4'];?>" /> Donator Name</label><br />
|
|
<label><input type="text" id="donatorurl" name="donatorurl" value="<?php echo $buttonArray['5'];?>" /> Donator URL</label><br />
|
|
<input type="submit" name="submit" id="submit" value="Edit" />
|
|
</p></form>
|
|
<?php
|
|
}
|
|
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
$array = file(BUTTONS);
|
|
$buttons_found = array();
|
|
echo "<ul>";
|
|
foreach ($array as $value) {
|
|
list($file,$width,$height,$donated,$donator,$donatorUrl) = preg_split("/,(?! )/",$value);
|
|
if (!in_array($width . "x" . $height, $buttons_found)) {
|
|
$buttons_found[] = $width . "x" . $height;
|
|
echo "<li><a href=\"admin.php?ap=manage_buttons&size={$width}x{$height}\">{$width}x{$height}</a></li>";
|
|
}
|
|
}
|
|
echo "</ul>";
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "edit_button":
|
|
foreach ($_POST as $key => $val) {
|
|
$clean[$key] = cleanUp($val);
|
|
}
|
|
if ($_FILES['newbutton']['size'] > 0) {
|
|
if (getimagesize($_FILES['newbutton']['tmp_name']) === FALSE) {
|
|
echo "<p>That is not a valid image file.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
list($width, $height, $type, $attr) = getimagesize($_FILES['newbutton']['tmp_name']);
|
|
if ($type == 1 || $type == 2 || $type == 3) {
|
|
if (move_uploaded_file($_FILES['newbutton']['tmp_name'], "buttons/{$_FILES['newbutton']['name']}")) {
|
|
$string = substr(md5(microtime() * mktime()),0,6);
|
|
$ext = substr(strrchr($_FILES['newbutton']['name'], "."), 1);
|
|
|
|
// rename the button so that bad characters don't break things.
|
|
if (rename("buttons/".$_FILES['newbutton']['name'], "buttons/".$string.".".$ext)) {
|
|
$filename = $string.".".$ext;
|
|
} else {
|
|
// if button could not be renamed we check for commas and delete the button if 'bad', or rely on original name if fine
|
|
if (strpos($_FILES['newbutton']['name'], ",") === true) {
|
|
unlink("buttons/".$_FILES['newbutton']['name']);
|
|
echo "<p>File names must not contain commas.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
} else {
|
|
$filename = $_FILES['newbutton']['name'];
|
|
}
|
|
}
|
|
unlink("buttons/".$clean['filename']);
|
|
}
|
|
} else {
|
|
echo "<p>That is not a valid image file.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
} else {
|
|
$filename = $clean['filename'];
|
|
}
|
|
|
|
$editedButton = $filename . "," . $clean['width'] . "," . $clean['height'] . "," . $clean['donated'] . "," . $clean['donatorname'] . "," . $clean['donatorurl'] . "\n";
|
|
|
|
$button = $clean['buttonnum'];
|
|
|
|
$fh = fopen(BUTTONS, "r");
|
|
while(!feof($fh)) {
|
|
$content[] = fgets($fh, 4096);
|
|
}
|
|
fclose($fh);
|
|
|
|
$content[$button] = $editedButton;
|
|
$data = implode($content);
|
|
$data = trim($data);
|
|
|
|
$fp = fopen(BUTTONS, "w") or die ("Couldn't open BUTTONS.");
|
|
fwrite($fp, $data);
|
|
fclose($fp);
|
|
|
|
echo "<p>Button edited.</p>";
|
|
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "add_update":
|
|
?>
|
|
<h4>Add New Update</h4>
|
|
<p>If updates details is left blank, only a date will be shown.</p>
|
|
|
|
<form action="admin.php?ap=update_process" method="post"><p>
|
|
<label><input type="text" name="date" id="date" value="<?php echo date($timestamp); ?>" readonly="readonly" /> Date</label><br />
|
|
<label><textarea id="updatedetails" name="updatedetails"></textarea> Details</label><br />
|
|
<input type="submit" id="submit" value="Update" />
|
|
</p></form>
|
|
<?php
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "update_process":
|
|
foreach ($_POST as $key => $val) {
|
|
$clean[$key] = cleanUp($val);
|
|
}
|
|
$update = "\n" . $clean['date'] . "," . $clean['updatedetails'];
|
|
|
|
$fp = fopen(UPDATES, "w") or die ("Couldn't open UPDATES - the update could not be stored.");
|
|
fwrite($fp, $update);
|
|
fclose($fp);
|
|
|
|
echo "<p>Update added.</p>";
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "add_affiliate":
|
|
echo "<p style='color: red;'><strong>Note:</strong> On the majority of hosts, the button folders have to have permissions set to 777 for the upload feature to work. This can constitute a security risk. Please be careful when changing the permissions of files and folders.</p>";
|
|
?>
|
|
<form method="post" action="?ap=add_affiliate_process" enctype="multipart/form-data"><p>
|
|
<label><input type="text" name="affName" id="affName" /> Affiliate Name</label><br />
|
|
<label><input type="email" name="affEmail" id="affEmail" /> Affiliate E-mail</label><br />
|
|
<label><input type="text" name="affURL" id="affURL" /> Affiliate URL</label><br />
|
|
<label><input type="text" name="affSitename" id="affSitename" /> Affiliate Site Name</label><br />
|
|
<label><input type="file" name="affButton" id="affButton" /> Affiliate Button</label><br />
|
|
<input type="submit" name="submit" id="submit" value="Upload" />
|
|
</p></form>
|
|
<?php
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "add_affiliate_process":
|
|
if (getimagesize($_FILES['affButton']['tmp_name']) === FALSE) {
|
|
echo "<p>That is not a valid image file.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
list($width, $height, $type, $attr) = getimagesize($_FILES['affButton']['tmp_name']);
|
|
if ($type == 1 || $type == 2 || $type == 3) {
|
|
if (move_uploaded_file($_FILES['affButton']['tmp_name'], "buttons/{$_FILES['affButton']['name']}")) {
|
|
foreach ($_POST as $key => $val) {
|
|
$clean[$key] = cleanUp($val);
|
|
}
|
|
|
|
$string = substr(md5(microtime() * mktime()),0,6);
|
|
$ext = substr(strrchr($_FILES['affButton']['name'], "."), 1);
|
|
|
|
// rename the button so that bad characters don't break things.
|
|
if (rename("buttons/".$_FILES['affButton']['name'], "buttons/aff_".$string.".".$ext)) {
|
|
$filename = "aff_".$string.".".$ext;
|
|
} else {
|
|
// if button could not be renamed we check for commas and delete the button if 'bad', or rely on original name if fine
|
|
if (strpos($_FILES['affButton']['name'], ",") === true) {
|
|
unlink("buttons/".$_FILES['affButton']['name']);
|
|
echo "<p>File names must not contain commas.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
} else {
|
|
$filename = $_FILES['affButton']['name'];
|
|
}
|
|
}
|
|
|
|
$aff = "\n" . $filename . "," . $clean['affName'] . "," . breakEmail($clean['affEmail']) . "," . $clean['affURL'] . "," . $clean['affSitename'];
|
|
|
|
$fp = fopen(AFFILIATES, "a") or die ("Couldn't open AFFILIATES - the affiliate details were not uploaded this time.");
|
|
fwrite($fp, $aff);
|
|
fclose($fp);
|
|
|
|
echo "<p>The affiliate details were uploaded successfully. <a href='admin.php?ap=add_affiliate'>Add another?</a></p>";
|
|
} else {
|
|
echo "<p>The affiliate details were not uploaded this time.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
} else {
|
|
echo "<p>That file extension not valid.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "manage_affiliates":
|
|
if (isset($_GET['p']) && $_GET['p'] == "del") {
|
|
if (!isset($_GET['p'])) {
|
|
echo "<p>You did not select an affiliate to delete.</p>";
|
|
} else {
|
|
$aff = $_GET['aff'];
|
|
|
|
$fh = @fopen(AFFILIATES, "r");
|
|
while(!feof($fh)) {
|
|
$content[] = fgets($fh, 4096);
|
|
}
|
|
fclose($fh);
|
|
list($affButton,$affName,$affEmail,$affURL,$affSitename) = preg_split("/,(?! )/",$content[$aff]);
|
|
unlink("buttons/" . $affButton);
|
|
|
|
unset($content[$aff]);
|
|
$data = implode("", $content);
|
|
$data = trim($data);
|
|
|
|
$fh = @fopen(AFFILIATES, "w");
|
|
@fwrite($fh, $data);
|
|
fclose($fh);
|
|
|
|
echo "<p>Affiliate deleted. <a href=\"admin.php?ap=manage_affiliates\">Manage more affiliates?</a></p>";
|
|
}
|
|
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
include('footer.php');
|
|
exit;
|
|
} elseif (isset($_GET['p']) && $_GET['p'] == "edit") {
|
|
if (!isset($_GET['aff'])) {
|
|
echo "<p>You did not select an affiliate to edit.</p>";
|
|
} else {
|
|
$aff = $_GET['aff'];
|
|
|
|
$fh = fopen(AFFILIATES, "r");
|
|
while(!feof($fh)) {
|
|
$content[] = fgets($fh, 4096);
|
|
}
|
|
fclose($fh);
|
|
|
|
if (empty($content[$aff])) {
|
|
echo "<p>That affiliate does not exist.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
|
|
$affArray = preg_split("/,(?! )/", $content[$aff]);
|
|
$affArray['4'] = trim($affArray['4'], "\"\x00..\x1F");
|
|
?>
|
|
<form action="?ap=edit_affiliate" method="post" enctype="multipart/form-data"><p>
|
|
<input type="hidden" id="affnum" name="affnum" value="<?php echo $aff; ?>" />
|
|
<input type="hidden" id="filename" name="filename" value="<?php echo $affArray['0']; ?>" />
|
|
<img src="buttons/<?php echo $affArray['0'];?>" style="vertical-align: middle;" alt="" /> Old Affiliate Button<br />
|
|
<label><input type="file" name="newbutton" id="newbutton" /> New Affiliate Button</label><br />
|
|
<label><input type="text" name="affName" id="affName" value="<?php echo $affArray['1'];?>" /> Affiliate Name</label><br />
|
|
<label><input type="email" name="affEmail" id="affEmail" value="<?php echo fixEmail($affArray['2']);?>" /> Affiliate E-mail</label><br />
|
|
<label><input type="text" name="affURL" id="affURL" value="<?php echo $affArray['3'];?>" /> Affiliate URL</label><br />
|
|
<label><input type="text" name="affSitename" id="affSitename" value="<?php echo $affArray['4'];?>" /> Affiliate Site Name</label><br />
|
|
<input type="submit" name="submit" id="submit" value="Edit" />
|
|
</p></form>
|
|
<?php
|
|
}
|
|
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
|
|
?>
|
|
<table>
|
|
<tr> <th>Button</th> <th>Name</th> <th>Email</th> <th>URL</th> <th>Site Name</th> <th>Admin</th></tr>
|
|
<?php
|
|
$array = file(AFFILIATES);
|
|
foreach ($array as $key => $value) {
|
|
list($affButton,$affName,$affEmail,$affURL,$affSitename) = preg_split("/,(?! )/",$value);
|
|
echo "<tr> <td><img src='buttons/$affButton' alt=''></td> <td>$affName</td> <td><a href='mailto:" . fixEmail($affEmail) . "'>email</a></td> <td><a href='$affURL'>www</a></td> <td>$affSitename</td> <td><a href='admin.php?ap=manage_affiliates&p=edit&aff=$key'><img src='admin-icons/edit.png' title='edit' alt='edit' /></a> <a href='admin.php?ap=manage_affiliates&p=del&aff=$key' onClick=\"javascript:return confirm('Are you sure you want to delete this affiliate?')\"><img src='admin-icons/delete.png' title='delete' alt='delete' /></a></td> </tr>";
|
|
}
|
|
?>
|
|
</table>
|
|
<?php
|
|
break;
|
|
case "edit_affiliate":
|
|
foreach ($_POST as $key => $val) {
|
|
$clean[$key] = cleanUp($val);
|
|
}
|
|
if ($_FILES['newbutton']['size'] > 0) {
|
|
if (getimagesize($_FILES['newbutton']['tmp_name']) === FALSE) {
|
|
echo "<p>That is not a valid image file.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
list($width, $height, $type, $attr) = getimagesize($_FILES['newbutton']['tmp_name']);
|
|
if ($type == 1 || $type == 2 || $type == 3) {
|
|
if (move_uploaded_file($_FILES['newbutton']['tmp_name'], "buttons/{$_FILES['newbutton']['name']}")) {
|
|
$string = substr(md5(microtime() * mktime()),0,6);
|
|
$ext = substr(strrchr($_FILES['newbutton']['name'], "."), 1);
|
|
|
|
// rename the button so that bad characters don't break things.
|
|
if (rename("buttons/".$_FILES['newbutton']['name'], "buttons/".$string.".".$ext)) {
|
|
$filename = $string.".".$ext;
|
|
} else {
|
|
// if button could not be renamed we check for commas and delete the button if 'bad', or rely on original name if fine
|
|
if (strpos($_FILES['newbutton']['name'], ",") === true) {
|
|
unlink("buttons/".$_FILES['newbutton']['name']);
|
|
echo "<p>File names must not contain commas.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
} else {
|
|
$filename = $_FILES['newbutton']['name'];
|
|
}
|
|
}
|
|
unlink("buttons/".$clean['filename']);
|
|
}
|
|
} else {
|
|
echo "<p>That is not a valid image file.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
} else {
|
|
$filename = $clean['filename'];
|
|
}
|
|
$editedAff = $filename . "," . $clean['affName'] . "," . breakEmail($clean['affEmail']) . "," . $clean['affURL'] . "," . $clean['affSitename'] . "\n";
|
|
$aff = $clean['affnum'];
|
|
|
|
$fh = fopen(AFFILIATES, "r");
|
|
while(!feof($fh)) {
|
|
$content[] = fgets($fh, 4096);
|
|
}
|
|
fclose($fh);
|
|
|
|
$content[$aff] = $editedAff;
|
|
$data = implode($content);
|
|
$data = trim($data);
|
|
|
|
$fp = fopen(AFFILIATES, "w") or die ("Couldn't open AFFILIATES.");
|
|
fwrite($fp, $data);
|
|
fclose($fp);
|
|
|
|
echo "<p>Affiliate edited.</p>";
|
|
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "email_affiliates":
|
|
if (isset($_GET['p']) && $_GET['p'] == "process") {
|
|
foreach ($_POST as $key => $val) {
|
|
$clean[$key] = stripslashes(trim($val));
|
|
}
|
|
|
|
// Recipients
|
|
$mail->setFrom($admin_email, $title);
|
|
$mail->addAddress($clean['to']);
|
|
$mail->addReplyTo($admin_email);
|
|
|
|
$mail->Subject = "E-mail from the $FLsubject fanlisting";
|
|
|
|
if ($mail->send()) {
|
|
echo "<p>E-mail sent!</p>";
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
} else {
|
|
echo "<p>The e-mail could not be sent at this time.</p>";
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
}
|
|
exit;
|
|
}
|
|
|
|
$array = file(AFFILIATES);
|
|
?>
|
|
<form action="admin.php?ap=email_affiliates&p=process" method="post"><p>
|
|
<label><textarea name="to" id="to" style='width: 350px; height: 80px; vertical-align: middle;'>
|
|
<?php
|
|
$emailArray = array();
|
|
|
|
foreach ($array as $value) {
|
|
list($affButton,$affName,$affEmail,$affURL,$affSitename) = preg_split("/,(?! )/",$value);
|
|
$emailArray[$affName] = $affEmail;
|
|
}
|
|
$emailArray = array_unique($emailArray);
|
|
|
|
foreach($emailArray as $key => $value) {
|
|
if (!empty($value)) {
|
|
echo "$key <".fixEmail($value).">, ";
|
|
}
|
|
}
|
|
?>
|
|
</textarea> To</label><br />
|
|
<label><textarea name="message" id="message" style='width: 350px; height: 220px; vertical-align: middle;'></textarea> Message</label><br />
|
|
<input type="submit" id="submit" name="submit" value="send" />
|
|
</p></form>
|
|
<?php
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
break;
|
|
case "search":
|
|
if (isset($_GET['p']) && $_GET['p'] == "process") {
|
|
if (!ereg("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,6})$", strtolower($_POST['email']))) {
|
|
echo "<p>That is not a valid e-mail address.</p>";
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
if (filesize(MEMBERS) > 0 && checkTXTfile(MEMBERS, breakEmail($_POST['email']), "email") === true) {
|
|
$file = MEMBERS;
|
|
} elseif (filesize(NEWBIES) > 0 && checkTXTfile(NEWBIES, breakEmail($_POST['email']), "email") === true) {
|
|
$file = NEWBIES;
|
|
}
|
|
if (!isset($file)) {
|
|
echo "<p>Something went horribly, drastically wrong! Run for your life!</p>";
|
|
echo "<p>...</p>";
|
|
echo "<p>Just kidding — that member does <strong>not</strong> exist.</p>";
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
|
|
$members = file($file);
|
|
foreach ($members as $key => $value) {
|
|
if (preg_match("/(".breakEmail($_POST['email']).")/i", $value)) {
|
|
list($name,$email,$dispemail,$url,$country,$fave) = preg_split("/,(?! )/",$value);
|
|
if (empty($url) || $url == "http://" || $url == "") {
|
|
$url = "(none)";
|
|
} else {
|
|
$url = "<a href='$url'>website</a>";
|
|
}
|
|
?>
|
|
<p>Search results:</p>
|
|
|
|
<table>
|
|
<tr> <th>Name</th> <th>E-mail</th> <th>Website</th> <th>Country</th> <?php if (isset($favefield) && $favefield == "yes") { echo "<th>Fave</th>"; } ?> <th>Admin</th></tr>
|
|
<tr> <td><?php echo $name; ?></td>
|
|
<td><?php echo "<a href='mailto:".fixEmail($email)."'>email</a>"; ?></td>
|
|
<td><?php echo $url; ?></td>
|
|
<td><?php echo $country; ?></td>
|
|
<?php if (isset($favefield) && $favefield == "yes") { ?>
|
|
<td><?php echo $fave; ?></td>
|
|
<?php }
|
|
?>
|
|
<td><a href='admin.php?ap=edit_member&file=<?php echo $file; ?>&mem=<?php echo $key; ?>'><img src='admin-icons/edit.png' title='edit' alt='edit' /></a> <a href='admin.php?ap=delete_member&file=<?php echo $file; ?>&mem=<?php echo $key; ?>' onClick="javascript:return confirm('Are you sure you want to delete this member?')"><img src='admin-icons/delete.png' title='delete' alt='delete' /></a>
|
|
</tr>
|
|
</table>
|
|
|
|
<?php
|
|
echo "<p><a href='admin.php'>Back to admin panel?</a></p>";
|
|
}
|
|
}
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
?>
|
|
<p>Search for member by e-mail address:</p>
|
|
<form action="admin.php?ap=search&p=process" method="post"><p>
|
|
<label><input type="email" name="email" id="email" /> E-mail</label><br />
|
|
<input type="submit" name="submit" id="submit" value="Search" />
|
|
</form>
|
|
<?php
|
|
break;
|
|
default:
|
|
echo "<h4>BellaBuffs Admin Panel</h4>";
|
|
?>
|
|
<ul>
|
|
<li><a href="admin.php?ap=manage_members">Manage Approved Members</a> (<?php countfile(MEMBERS); ?>)</li>
|
|
<li><a href="admin.php?ap=manage_members&s=newbies">Manage Pending Members</a> (<?php countfile(NEWBIES); ?>)</li>
|
|
<li><a href="admin.php?ap=search">Search for Member</a></li>
|
|
</ul>
|
|
<ul>
|
|
<li><a href="admin.php?ap=add_update">Add Update</a></li>
|
|
</ul>
|
|
<ul>
|
|
<li><a href="admin.php?ap=add_button">Add Button</a></li>
|
|
<li><a href="admin.php?ap=manage_buttons">Manage Buttons</a> (<?php countfile(BUTTONS); ?>)</li>
|
|
</ul>
|
|
<ul>
|
|
<li><a href="admin.php?ap=add_affiliate">Add Affiliate</a></li>
|
|
<li><a href="admin.php?ap=manage_affiliates">Manage Affiliates</a> (<?php countfile(AFFILIATES); ?>)</li>
|
|
<li><a href="admin.php?ap=email_affiliates">E-mail Affiliates</a></li>
|
|
</ul>
|
|
<ul>
|
|
<li><a href="admin.php?ap=add_spamword">Add Spam Word</a></li>
|
|
<li><a href="admin.php?ap=edit_spamword">Edit Spam Words</a> (<?php countfile(SPAMWDS); ?>)</li>
|
|
<li><a href="admin.php?ap=block_ip">Block IP Address</a></li>
|
|
<li><a href="admin.php?ap=edit_blocked_ips">Edit Blocked IPs</a> (<?php countfile(IPBLOCKLST); ?>)</li>
|
|
</ul>
|
|
<ul>
|
|
<li><a href="logout.php">Logout</a></li>
|
|
</ul>
|
|
<?php
|
|
break;
|
|
}
|
|
include('footer.php');
|
|
exit;
|
|
} else {
|
|
echo "<p>Bad cookie. Clear 'em out and start again.</p>";
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
}
|
|
if (isset($_GET['p']) && $_GET['p'] == "login") {
|
|
if ($_POST['name'] != $admin_name || $_POST['pass'] != $admin_pass) {
|
|
include('header.php');
|
|
echo "<p>Sorry, that username and password combination does not match. Please try again.</p>";
|
|
?>
|
|
<form action="admin.php?p=login" method="post"><fieldset>
|
|
<label><input type="text" name="name" id="name" /> Name</label><br />
|
|
<label><input type="password" name="pass" id="pass" /> Password</label><br />
|
|
<input type="submit" id="submit" value="Login" />
|
|
</fieldset></form>
|
|
<?php
|
|
include('footer.php');
|
|
exit;
|
|
} elseif ($_POST['name'] == $admin_name && $_POST['pass'] == $admin_pass) {
|
|
setcookie('bellabuffs', md5($_POST['name'].$_POST['pass'].$secret), time()+(31*86400));
|
|
header("Location: admin.php");
|
|
} else {
|
|
include('header.php');
|
|
echo "<p>Sorry, you could not be logged in at this time. Please try again.</p>";
|
|
?>
|
|
<form action="admin.php?p=login" method="post"><fieldset>
|
|
<label><input type="text" name="name" id="name" /> Name</label><br />
|
|
<label><input type="password" name="pass" id="pass" /> Password</label><br />
|
|
<input type="submit" id="submit" value="Login" />
|
|
</fieldset></form>
|
|
<?php
|
|
include('footer.php');
|
|
exit;
|
|
}
|
|
exit;
|
|
}
|
|
include('header.php');
|
|
?>
|
|
|
|
<form action="admin.php?p=login" method="post"><p>
|
|
<label><input type="text" name="name" id="name" /> Name</label><br />
|
|
<label><input type="password" name="pass" id="pass" /> Password</label><br />
|
|
<input type="submit" id="submit" value="Login" />
|
|
</p></form>
|
|
|
|
<?php
|
|
include('footer.php');
|
|
?>
|