', '>', $HTML_TITLE); $HTML_TITLE = str_replace('<', '<', $HTML_TITLE); $SITE_DESCRIPTION = strip_tags($SITE_DESCRIPTION); //$SITE_DESCRIPTION = htmlspecialchars($SITE_DESCRIPTION); $SITE_DESCRIPTION = str_ireplace('ÙŒ' ,'ی', $SITE_DESCRIPTION); $SITE_DESCRIPTION = str_ireplace('Ù ' ,'ی', $SITE_DESCRIPTION); $SITE_DESCRIPTION = str_ireplace('ï¿œ', 'ی', $SITE_DESCRIPTION); $SITE_DESCRIPTION = str_ireplace('ی', 'ی', $SITE_DESCRIPTION); $SITE_DESCRIPTION = str_replace('&', '', $SITE_DESCRIPTION); $SITE_DESCRIPTION = str_replace('>', '>', $SITE_DESCRIPTION); $SITE_DESCRIPTION = str_replace('<', '<', $SITE_DESCRIPTION); header('Content-Type: text/xml, charset=utf-8'); echo ''."\n".'' .''.$HTML_TITLE.'' .''._URL.'' .''.$SITE_DESCRIPTION.'' .''.strip_tags($language).'' .''.tab__temp('OWNER_MAIL').'' .''.date('D, d M Y H:i:s').' -0500'; if(!$sql=mysql_query(" select * from pub where 1 and active=2 order by st_date desc limit 100 ")){ die('ER01'); } else if(mysql_num_rows($sql)==0){ die('ER02'); } // else for($i=0; $i','>',$row['title']); $row['text']=str_replace('>','>',$row['text']); $row['title']=str_replace('<','<',$row['title']); $row['text']=str_replace('<','<',$row['text']); //$row['title']=htmlentities($row['title'], ENT_QUOTES, "UTF-8"); echo ''."\n" .' '.$row['title'].' '."\n" .' '._URL.'/MGID_'.$row['mgid'].'/SGID_'.$row['sgid'].'/'.$row['id'].'.html'."\n" .' '.$row['text'].''."\n" .''."\n"; } echo ''."\n"; break; case 'sitemapPages' : $tdd=40000; db_connect(); if(!$sql=mysql_query(" select count(*) from pub where 1 and active=2 ")){ } else { $cnt = mysql_result($sql, 0, 0); } $cnt = ceil($cnt/$tdd); for($i=0; $i<$cnt; $i++){ echo '
page '.($i+1).'
 '; } break; case 'sitemap' : echo '' .'' .'' .''._URL.'/' .''.date("Y-m-d").'T'.date("H:i:s").'+00:00' .'always' .'1' .''; db_connect(); if(intval($_REQUEST['p'])==1){ if(!$sql=mysql_query(" select * from static_pages where 1 ")){ die('Invalid MySQL Connection :: 2'.mysql_error()); } else { $time=date("Y-m-d").'T'.date("H:i:s").'+00:00'; for($i=0; $i"; echo ""._URL."/DPT_".$row['depth'].""; echo "$time"; echo "0.5"; echo "daily"; echo ""; } } } $tdd = 40000; $stt = (intval($_REQUEST['p'])-1)*$tdd; if(!$sql=mysql_query(" select mgid,sgid,id,st_date from pub where 1 and st_date>0 and active=2 order by st_date DESC limit $stt , $tdd ")){ die('Invalid MySQL Connection ::'.mysql_error()); } $num = mysql_num_rows($sql); for($i=0; $i<$num; $i++){ $row=mysql_fetch_array($sql); $time=U2Time($row['st_date']-3600*24); $time=str_replace('.','-',substr($time,0,10))."T".substr($time,11,5)."+00:00"; echo "\n"; echo ""._URL."/".$row['id'].".html"; echo "$time"; echo "0.5"; echo "daily"; echo ""; } echo ""; break; case 'keymapPages' : $tdd=40000; db_connect(); if(!$sql=mysql_query(" select count(*) from keyLog where 1 ")){ } else { echo $cnt = mysql_result($sql, 0, 0); } $cnt = ceil($cnt/$tdd); for($i=0; $i<$cnt; $i++){ echo '
page '.($i+1).'
 '; } break; case 'keymap' : $tdd = 40000; $stt = (intval($_REQUEST['p'])-1)*$tdd; echo '' .'' .'' .''._URL.'/' .''.date("Y-m-d").'T'.date("H:i:s").'+00:00' .'always' .'1' .''; db_connect(); if(!$sqlcntnue=mysql_query(" select `id` from `keyLog` where 1 limit $stt,$tdd ")){ die('Invalid MySQL Connection :: 2'.mysql_error()); } else { $time=date("Y-m-d").'T'.date("H:i:s").'+00:00'; for($i=0; $i"; echo ""._URL."/DPT_S1/".$row['id'].""; echo "$time"; echo "0.5"; echo "daily"; echo ""; } } echo ""; break; case 'GroupClnCch' : GroupClnCch(); break; case 'jsForUsersOtherPubs' : db_connect(); if(!$sql=mysql_query(" select count(id) from pub where email='".$_REQUEST['username']."' and `active`='2' ")){ die(); } $lines=3; $tdd=$lines*$_REQUEST['cols']; $stt=$tdd*intval($_REQUEST['p']); $count=mysql_result($sql,0,0); $tr=(($count-$count % $_REQUEST['cols'])/$_REQUEST['cols']) + 1; $limitation=array('stt'=>$stt,'tdd'=>$tdd); $rPUBS=array('id'=>'NuN','title'=>__I__EXPRASSION___01,'depth'=>'4','pos'=>'center','row'=>$_REQUEST['row'],'func'=>'PUB','data'=>'','active'=>'1'); $rFCDT=array('id'=>'NuN','type'=>$_REQUEST['PUBTYPE'],'td'=>$_REQUEST['cols'],'tr'=>$tr,'pay_type'=>'','pub_height'=>$_REQUEST['HEIGHT'],'pub_title_len'=>'200','pub_text_len'=>'300','arrange_state'=>'date'); echo (''); echo ('
'); PUB( $rPUBS , $rFCDT, /*$thisUSER=*/$_REQUEST['username'],$limitation ); $pg=($count-$count%$tdd)/$tdd; if($count%$tdd)$pg++; if($pg>1) for($i=0; $i<$pg; $i++){ if($i==intval($_REQUEST['p'])){ echo " ".($i+1)." "; } else { echo ' '.($i+1).' '; } } echo ('
'); //echo (''); break; case 'U' : echo _FSOCK_HEADER_SEPARATOR; echo gmdate("U"); break; case 'CONNECT2SOCKET' : echo _FSOCK_HEADER_SEPARATOR; if(!CHECK_HASH($_REQUEST['_LICENSE_ID'],$_REQUEST['HASH'])){ die("
Invalid socket connection
"); } switch($_REQUEST['REQ']){ case 'PRINT_HASH_CODE' : if(!$tab__users=tab__users($_REQUEST['aUSER'])){ return false; } else { TEMP('HASH_CODE'); echo '|%!|EF|!|'; echo $tab__users['password']; } break; case 'EPAY' : switch($_REQUEST['FUNCTION']){ case 'PRIVATE___INSTALLATION' : if(!$mtd = $_REQUEST['METHOD']){die("ER");} if(!@ file_exists('epay/'.$mtd.'/private.php')){die("ER");} require_once('epay/'.$mtd.'/private.php'); if(!@ function_exists("PRIVATE___INSTALLATION")){die("ER");} PRIVATE___INSTALLATION(); die( "OK" ); break; case 'PRIVATE___EDITMETHOD_FORM' : if(!$mtd = $_REQUEST['METHOD']){die("ER");} if(!@ file_exists('epay/'.$mtd.'/private.php')){die("ER");} require_once('epay/'.$mtd.'/private.php'); if(!@ function_exists("PRIVATE___EDITMETHOD_FORM")){die("ER");} $MOVEDPARAMS = $_REQUEST['MOVEDPARAMS']; $MOVEDPARAMS = explode(':AND:',$MOVEDPARAMS); for($i=0; $iname; } for($i=0; $i", $text); if(!@mail($to, $subj, $text, $head)){ echo "ER"; } else { echo "OK"; } die(); break; case 'ListThisUsersPubsInUserInfoPanel' : $email = $_REQUEST['USER']; $left="left"; $right="right"; if(_DIR=="rtl"){ $left="right"; $right="left"; } db_connect(); $activeQUERY=" and ( active=2 "; if(GTPT('VIEWINACTIVE'))$activeQUERY .=" or active=0 "; if(GTPT('VIEWEXPIRED'))$activeQUERY .=" or active=-2 "; $activeQUERY .= " ) "; if(!$sql=mysql_query(" SELECT id,email,title,link,price,type,mgid,sgid,st_date,period,phone,address,pos,visit,active,ref_date,star,up_time FROM pub WHERE 1 AND email='$email' $activeQUERY ORDER BY id DESC ")){ echo "
Error in progress
"; return false; } $sum___price=0; $sum___payed=0; $numsx = mysql_num_rows($sql); for($i=0; $i<$numsx; $i++){ $row = mysql_fetch_array($sql); $mgid = tab__groups($row['mgid']); $sgid = tab__groups($row['sgid']); $MGNAME = $mgid['name']; $SGNAME = $sgid['name']; if(!$plans=tab__plans($row['type']))return false; $this___price = PLAN_PRICE($row['type'], $row['period'])+STAR_PRICE($row['star'], $row['period'],$row['type']); if($row['active']) $this___payed = PLAN_PRICE($row['type'], $row['period'])+STAR_PRICE($row['star'], $row['period'],$row['type'])-PROCESS_CACHE_AFTER_DELETE($row['id']); else $this___payed=""; $sum___price += $this___price; $sum___payed += $this___payed; if($row['active']){ $this___payed = round($this___payed)." (".tab__temp('MNY').")"; $this___st_date = substr(U2Vaght($row['st_date']),2,8); $this___expiration = substr(U2Vaght($row['period']+$row['st_date']),2,8); } else { $this___payed="".___A__CP_USERS__44.""; $this___st_date="".___A__CP_USERS__44.""; $this___expiration="".___A__CP_USERS__44.""; } if($this___price>0) $this___price = round($this___price)." (".tab__temp('MNY').")"; else { $this___price="".___A__CP_USERS__45.""; $this___payed="".___A__CP_USERS__45.""; } switch($row['active']){ case -2 : $trBgcolor="#f4e5e5"; $this___payed="".___A__CP_USERS__46.""; break; case 0 : $trBgcolor="#f0f0f0"; break; case 2 : $trBgcolor="white"; break; DEFAULT : $trBgcolor="red"; break; } echo " ".($i+1)."   ".SUB_STRING($row['title'],0,20)." ".$MGNAME." » ".$SGNAME." ".$plans['title']."
".$row['star']." $this___price $this___payed $this___st_date $this___expiration "; } ?> '); document.write(''); document.write(''); document.write(''); document.write(''); document.write(''); document.write(''); document.write(''); document.write(''); document.write(''); document.write(''); document.write(''); document.write(''); document.write(''); document.write(''); document.write(''); document.write(''); document.write(''); "; break; case 'DELETEPUBSPHOTOBYUSER' : if(!$PICPATH=FIND_FILE("data/img/".GTPT('ID')))return false; @ unlink($PICPATH); echo ' '; break; case 'DRAW_MY_EMAIL_ADDRESS_ON_GIF': echo DRAW_MY_EMAIL_ADDRESS_ON_GIF(GTPT('email')); break; case 'SEND_MAIL' ://changed on mc1.3.478 echo ' '; if(!$mobile_number=GTPT('mobile_number')); if(!$emailto=GTPT('MAIL_TO')); if(!$title=GTPT('title')); if(!$text=GTPT('MAIL_TEXT')){echo "";break;} if(GTPT('send2mail')==1) SEND_MAIL($_POST); if(GTPT('send2sms')==1){ if(!$USER=$_SESSION['USER']){echo "";break;} else SEND_SMS_FROM_USER($USER,$mobile_number,$title.',?'.$text); } if(GTPT('send2box')==1){ if(!$USER=$_SESSION['USER']){echo "";break;} else SENDMSG($emailto,$title,$text,/*from*/$USER); } //if(GTPT('send2yah')==1) echo ""; break; case 'JSFILEFORCONVERSATIONCADR' : if($_SESSION['USER']) if($USERPROP=tab__users($_SESSION['USER'])){ echo " document.getElementById('VISITOR_NAME').value='".$USERPROP['name']."'; "; echo " document.getElementById('MAIL_FROM').value='".$USERPROP['username']."'; "; } if(!$users=tab__users(GTPT('username')))break; if($_SESSION['USER'] and (MY_MONEY($_SESSION['USER'])>=tab__temp('SMS_PRICE')) and ($users['mobile_number']) and (tab__temp('SMS_GATEWAY')))echo " document.getElementById('chk1').disabled=0; "; //if($_SESSION['USER']) echo " document.getElementById('chk2').disabled=0; "; if($_SESSION['USER'])echo " document.getElementById('chk3').disabled=0; "; if(0)echo " document.getElementById('chk4').disabled=0; "; break; case 'COUNTME' : $livePUBID = 0; $liveSGID = 0; $liveMGID = 0; if($_REQUEST['PUBID']!=''){ $livePUBID = $_REQUEST['PUBID']; if($pub=tab__pub($livePUBID)){ $liveSGID=$pub['sgid']; $liveMGID=$pub['mgid']; } } else if($_REQUEST['SGID']!=''){ $liveSGID = $_REQUEST['SGID']; if($groups=tab__groups($liveSGID)){ $liveMGID=$groups['refer']; } } else if($_REQUEST['SGID']!=''){ $liveMGID = $_REQUEST['SGID']; } COUNTER_ARCHIVE( $liveMGID/*MainGroupCounter*/, $liveSGID/*SubGroupCounter*/, $livePUBID/*PublicityCounter*/ ); break; # case 'COUNTME' : # $liveMGID=GTPT('MGID'); # if($groups=tab__groups(GTPT('SGID'))){ # $liveSGID=$groups['id']; # $liveMGID=$groups['refer']; # } # if($pub=tab__pub(GTPT('PUBID'))){ # $liveSGID=$pub['sgid']; # $liveMGID=$pub['mgid']; # $livePUBID=$pub['id']; # } # COUNTER_ARCHIVE( $liveMGID/*MainGroupCounter*/, $liveSGID/*SubGroupCounter*/, $livePUBID/*PublicityCounter*/ ); # break; # case 'EDIT_USER_PROPERTIES' : echo ' '; if(EDIT_USER_PROPERTIES())echo ""; else echo ""; break; case 'SENDSMSFROMUSER' : echo ' '; if(!$to_=GTPT('to_')){echo "";break;} if(!$text_=GTPT('text_')){echo "";break;} if(!$USER=$_SESSION['USER']){echo "";break;} SEND_SMS_FROM_USER($USER,$to_,$text_); break; case 'SENDMAILFROMUSER' : echo ' '; if(!$to_=GTPT('to_')){echo "";break;} if(!$subject_=GTPT('subject_')){echo "";break;} if(!$text_=GTPT('text_')){echo "";break;} if(!$USER=$_SESSION['USER']){echo "";break;} if(@ mail($to_, $subject_, $text_, "From: ".$USER."\r\n")){echo "";break;} else {echo "";break;} break; case 'SENDMESSAGEFROMUSER' : echo ' '; if(!$to_=GTPT('to_')){echo "";break;} if(!$subject=GTPT('subject_')){echo "";break;} if(!$text_=GTPT('text_')){echo "";break;} if(!$USER=$_SESSION['USER']){echo "";break;} if(SENDMSG($to_,$subject_,$text_,/*from*/$USER)){echo "";break;} else {echo "";break;} break; case 'UPTIMEPUB' : db_connect(); echo ' '; if(!$sql=mysql_query(" update pub set up_time='".U()."' where id='".strip_tags(GTPT('id'))."' limit 1 ")){echo " "; break;} echo " "; break; case 'SEND2USERPROFILESOMEMESSAGES' : echo ' '; if(!$mobile_number=GTPT('mobile_number')); if(!$emailto=GTPT('emailto')); if(!$title=GTPT('title')); if(!$mailfrom=GTPT('mailfrom')); if(!$text=GTPT('text')){echo "";break;} if(GTPT('send2mail')==1){ if(!$mailfrom){echo "";break;} else { if(@ mail($emailto,$title,$text,"From: ".$mailfrom."\r\n")) {echo "";break;} else {echo "";break;} } } if(!$USER=$_SESSION['USER']){ if(GTPT('send2sms')==1)SEND_SMS_FROM_USER($USER,$mobile_number,$title.',?'.$text); //if(GTPT('send2yah')==1)echo ""; if(GTPT('send2box')==1)SENDMSG($emailto,$title,$text,/*from*/$USER); } elseif(GTPT('send2sms')||GTPT('send2box')/*||GTPT('send2yah')*/){ echo ""; break; } break; case 'SECNUMPHOTO' : $SECNUMPHOTO=rand(1000,9999); db_connect(); if(!$sql=mysql_query(" update temp set f_right='$SECNUMPHOTO' where 1 and f_left='SECNUMPHOTO' "))return false; $IM = imagecreatefrompng('data/face/SECPHOTOBG'.rand(1,4).'.png'); $CL[] = imagecolorallocate($IM, rand(50,200), rand(50,200), rand(50,200)); $CL[] = imagecolorallocate($IM, rand(50,200), rand(50,200), rand(50,200)); $CL[] = imagecolorallocate($IM, rand(50,200), rand(50,200), rand(50,200)); $CL[] = imagecolorallocate($IM, rand(50,200), rand(50,200), rand(50,200)); imagestring($IM,24,10,2,substr($SECNUMPHOTO,0,1),$CL[0]); imagestring($IM,24,25,2,substr($SECNUMPHOTO,1,1),$CL[1]); imagestring($IM,24,40,2,substr($SECNUMPHOTO,2,1),$CL[2]); imagestring($IM,24,55,2,substr($SECNUMPHOTO,3,1),$CL[3]); echo imagepng($IM); imagedestroy($IM); break; }/*######################################################################################################################*/ # CLIENT if(!($_SESSION['aUSER'] && $_SESSION['aPASS'] && LOGIN_ADMIN($_SESSION['aUSER'] , $_SESSION['aPASS']))){return true;} # CLIENT switch(GTPT('cACT')){ case 'coponManagement' : ADMIN_HTML_HEADER(); DRAW_ADMIN_TOP(); switch($_REQUEST['do']){ case 'remove' : dbq(" DELETE FROM `copon` WHERE `id`='".intval($_REQUEST['id'])."' LIMIT 1 "); break; case 'save' : $dateS = $_REQUEST['dateS']; $dateS = vaght2u($dateS); $dateE = $_REQUEST['dateE']; $dateE = vaght2u($dateE); if(!$copon = strtoupper($_REQUEST['copon'])){ $copon = substr(md5(date("U")."slkdfkj"), 0, 6); $copon = strtoupper($copon); } $cost = $_REQUEST['cost']; $credit = str_replace("نامحدود", "N", $_REQUEST['credit']); dbq(" INSERT INTO `copon` (`dateS`, `dateE`, `copon`, `cost`, `credit`) VALUES ('$dateS','$dateE', '$copon', '$cost', '$credit') "); break; } echo "


لیست کوپن ها :
"; if(!$rs = mysql_query(" SELECT * FROM `copon` WHERE 1 ORDER BY `dateS` DESC ")){ echo "error on tools.php, line ".__LINE__; } else if(!mysql_num_rows($rs)){ echo ""; } else while($rw = mysql_fetch_assoc($rs)){ echo ""; } echo "
کد کوپن ارزش(".tab__temp("MNY").") تاریخ شروع تاریخ پایان اعتبار استفاده ---
موردی ثبت نشده است!
".$rw['copon']." ".$rw['cost']." ".substr(u2vaght($rw['dateS']), 0, 10)." ".substr(u2vaght($rw['dateE']), 0, 10)." ".str_replace("N", "نامحدود", $rw['credit'])." ".$rw['used']." X


بازگشت به مدیریت




"; DRAW_ADMIN_DOWN(); ADMIN_HTML_FOOTER(); break; case 'PROGRESS_EPAY_ACTIVATION' : include('f___admin/frame_payment_activation.php'); break; case 'PROGRESS_PUBLICITY_ACTIVATION' : include('f___admin/frame_publicity_activation.php'); break; case 'LOADSQLFILE' : CP_DATABASE__LOADSQLFILE(); echo " "; break; case 'EXECUTETHISQUERY' : db_connect(); if(mysql_query(stripslashes($_POST['query']))) $prompt=__TOOLS___30; else $prompt=__TOOLS___31; echo " "; break; case 'SAVEUSEREDITPROFILEINADMIN' : echo ''; db_connect(); if(!$users = tab__users(GTPT('USER')))return false; if(!$sql=mysql_query(" UPDATE users SET name='".GTPT('name')."' , password='".GTPT('password')."' /*, pay_archive='".( (MY_MONEY($users['username'])+$users['pay_archive']) - GTPT('money') )."'*/ , birth_year='".GTPT('birth_year')."' , yahoo_id='".GTPT('yahoo_id')."' , phone_number='".GTPT('phone_number')."' , mobile_number='".GTPT('mobile_number')."' , fax_number='".GTPT('fax_number')."' , contact_time='".GTPT('contact_time')."' , website_address='".GTPT('website_address')."' , license='".GTPT('license')."' , business_field='".GTPT('business_field')."' , company_name='".GTPT('company_name')."' , position='".GTPT('position')."' , address='".GTPT('address')."' WHERE username='".GTPT('USER')."' LIMIT 1 ")){echo ""; break;} $add_to_epay = GTPT('money') - MY_MONEY($users['username']); if(!$sql=mysql_query(" SELECT pay_value FROM epay WHERE 1 AND method='NuN' AND pay_from='".$users['username']."' AND active=1 ")) {echo ""; break;} if(mysql_num_rows($sql)==0){ if(!$sql=mysql_query(" INSERT INTO epay (id,method,pay_value,pay_date,pay_from,batch_number,active) VALUES ('','NuN','$add_to_epay','".date("U")."','".$users['username']."','injectedbyadmin','1') ")) {echo ""; break;} } else { $num=mysql_num_rows($sql); for($i=0; $i<$num; $i++){ $row=mysql_fetch_array($sql); $add_to_epay += $row['pay_value']; } if(!$sql=mysql_query(" DELETE FROM epay WHERE method='NuN' AND 1 AND pay_from='".$users['username']."' ")) {echo ""; break;} if(!$sql=mysql_query(" INSERT INTO epay (id,method,pay_value,pay_date,pay_from,batch_number,active) VALUES ('','NuN','$add_to_epay','".date("U")."','".$users['username']."','injectedbyadmin','1') ")) {echo ""; break;} } echo ""; break; case 'SAVEPUBDETAILSBYADMIN' : echo ''; db_connect(); if(!$id=GTPT('PUBID'))break; # remove cache @ unlink("cache/xexp/".$id[7].'/'.$id[6].'/'.$id[5].'/'.$id[4].'/'.$id.".html"); if(!$groups=tab__groups(GTPT('SGID')))break; if(!$pub=tab__pub($id))break;//echo $groups['refer'].' - '.GTPT('SGID'); $text =str_replace('ی','?',GTPT('text')); $title=str_replace('ی','?',GTPT('title')); $active=$pub['active']; if($active!=GTPT('active')){ if(GTPT('active')!=0){//.....FAaAll if(!ACTIVATE_PUB($id,/*MOFT=*/true)){echo " ";break;} $active=GTPT('active'); } if(GTPT('active')==0){//.....Gheire..FAaAll //if(!RETURN_CACHE_AFTER_DELETE($id)){echo "
Error in inactivation";} $active=GTPT('active'); } } if(!$sql=mysql_query(" UPDATE pub SET title='$title' ,text='$text' ,price='".GTPT('price')."' ,link='".GTPT('link')."' ,mgid='".$groups['refer']."' ,sgid='".GTPT('SGID')."' ,type='".GTPT('type')."' ,phone='".GTPT('phone')."' ,pos='".GTPT('pos')."' ,address='".GTPT('address')."' ,visit='".GTPT('visit')."' ,active='$active' ,_keywords='".$_REQUEST['_keywords']."' ,star='".GTPT('star')."' ,`period`='".$_REQUEST['period']."' WHERE 1 AND id='$id' "))//active='".GTPT('active')."' {echo " ";break;} if(!SAVE_MY_PIC_S($id)){echo " ";break;} break; case 'UPDATETHISPUBBYEADMIN' : if(!UPDATE_PUB(GTPT('PUBID'))) {echo " ";break;} echo " "; break; case 'RENAMENEWSBOXGROUP' : db_connect(); if(!$sql=mysql_query(" update news_groups set title='".GTPT('renametitle')."' where 1 and id='".GTPT('id')."' limit 1 ")) {echo " ";break;} echo " "; break; case 'SAVETOPICDATA' : db_connect(); echo ' '; if(!$id=GTPT('id')){echo " ";break;} if(!$news=tab__news($id)){ // new record if(!$sql=mysql_query(" insert into news (id,title,text,date,type,visit) values ('$id','".GTPT('title')."','".GTPT('text')."','".U()."','".GTPT('type')."','0') ")){echo " ";break;} echo " "; } else { // edit record if(!$sql=mysql_query(" update news set title='".GTPT('title')."' ,text='".GTPT('text')."' ,type='".GTPT('type')."' where id='$id' limit 1 ")){echo " ";break;} echo " "; } if($_FILES['userfile']['size']) if(!extra_upload('userfile','data/news',$id)){echo " ";break;} break; case 'INJECTSIPPEDBACKUP' : if(!$zipped=zipdir('data')){ echo ''; echo ""; } elseif (!INJECT_BACKUP_IN_FILE($zipped)){ echo ''; echo ""; } break; case 'SAVESETTINGDETAILS' : echo ''; db_connect(); foreach($_POST as $k => $r){ $r = str_replace("\\", "", $r); if(!$sql=mysql_query(" UPDATE temp SET f_right='$r' WHERE 1 AND f_left='$k' LIMIT 1 ")){ echo " "; break; } } echo " "; break; case 'UPDATEENGINEAREA' : include('f___admin/update_engine_area.php'); break; case 'UPDATEENGINEFRAME' : include('f___admin/update_engine_frame.php'); break; case 'OPENSUBREGIONSFRAME' : ADMIN_HTML_HEADER(); if($_POST){ $method = "POST"; } elseif($_GET){ $method = "GET"; } # bug*20081019 if(!defined('_LICENSE_ID')){ define('_LICENSE_ID', tab__temp('LicenseID')); } $parameters = "cACT=OPENSUBREGIONSFRAME&"; $parameters .= "JOB=".urlencode($_REQUEST['JOB'])."&"; $parameters .= "id=".urlencode($_REQUEST['id'])."&"; $parameters .= "ID=".urlencode($_REQUEST['ID'])."&"; $parameters .= "city=".urlencode($_REQUEST['city'])."&"; $parameters .= "_URL=".urlencode(_URL)."&"; $parameters .= "_LANG=".urlencode(_LANG)."&"; $parameters .= "_LICENSE_ID=".urlencode(_LICENSE_ID)."&"; $parameters .= "HASH=".urlencode(CREATE_HASH(_LICENSE_ID))."&"; $parameters .= "aUSER=".urlencode($_SESSION['aUSER'])."&"; $HTML_CODE = FSUCK_BROWSE("/tools.php",$method,$parameters); echo $HTML_CODE; break; case 'LOGIN_USERPAGE' : ADMIN_HTML_HEADER(); if(!$users=tab__users(GTPT('USER'))){ echo "
".__TOOLS___63."
"; } else { $_SESSION['USER'] = GTPT('USER'); $_SESSION['PASS'] = $users['password']; GO('user.php?DPT=U1&l='.__LINE__); } ADMIN_HTML_FOOTER(); break; case 'CP_USERS__ENTERUSER' : echo ''; echo "
"; CP_USERS__ENTERUSER(); echo "
"; break; case 'CP_PUBLICITIES__VIEWBYID' : echo "
"; CP_PUBLICITIES__VIEWBYID(); echo "
"; break; case 'savePostUserChanges' : $data = GTPT('width').'[#EF#]'.GTPT('CODE').':'.GTPT('DATA')."[#%%|EFV2|%%#]".intval(GTPT('nonframed')); if((int)ini_get("magic_quotes_gpc")!=1){ $data = addslashes($data); } db_connect(); if(!$sql=mysql_query(" UPDATE draw_index SET title='".GTPT('title')."', data='$data' WHERE id='".GTPT('ID')."' LIMIT 1 ")){ echo ___A__CP_LAYOUT_EDITOBJECT__94; return false; } else { echo ''; echo ""; } break; case 'SEND_NEWSLETTER' : if(SEND_NEWSLETTER($_POST)){ die("OK"); } else { die("ER"); } break; case 'AdminListAllUsers' : $TDD=20; $verUper13821 = ( (intval(str_replace('.', '', $GLOBALS['CURRENT.RELEASE']))>=13838) ? true : false ); $KEYRECORDLINE=""; $i='A'; $KEYRECORDLINE.=""; while($i++!='Z'){ $KEYRECORDLINE.=""; } $KEYRECORDLINE.="
".___A__CP_USERS__60."".$i."".$i."
"; db_connect(); if($verUper13821){ $addQueryUper821=" oldUser ASC , "; } if($KEYWORD = $_REQUEST['KEYWORD']){ $KEYSQL=" AND username LIKE '".strtolower($KEYWORD)."%' OR username LIKE '".strtoupper($KEYWORD)."%' "; } $STT=$_REQUEST['uPaG']*$TDD; if(!$sql=mysql_query(" SELECT * FROM `users` WHERE 1 $KEYSQL ORDER BY $addQueryUper821 type,username LIMIT $STT,$TDD ")){ echo "
".___A__CP_USERS__04.",".__LINE__."
"; return false; } echo " "; $trColor['admin']="#fffad7"; $trColor['user']="#f7fdff"; $numsx = mysql_num_rows($sql); for($i=0; $i<$numsx; $i++){ $row=mysql_fetch_array($sql); echo " "; $newUserArr[]="'".$row['username']."'"; } if($newUserArr and $verUper13821){ mysql_query(" update `users` set `oldUser`='1' where `username` in (".implode(",",$newUserArr).") "); } echo " "; if(!$sqlNUM=mysql_query(" SELECT `username` FROM `users` WHERE 1 $KEYSQL ")){ echo "
".___A__CP_USERS__04."
"; return false; } $NuM = mysql_num_rows($sqlNUM); $PG = ceil($NuM/$TDD); if($PG>1){ echo ""; } echo "
".$KEYRECORDLINE."
# Username Password Name Credit
".($i+$TDD*GTPT('uPaG')+1)." ".$row['username']." ".$row['password']." ".$row['name']." ".MY_MONEY($row['username'])."
"; for($i=0; $i<$PG;$i++) if($i==GTPT('uPaG')){ echo "  ".($i+1)." "; } else { echo " ".($i+1)." "; } echo "
"; break; // case 'AdminPub__VIEWBYGROUP' : CP_PUBLICITIES__VIEWBYGROUP(); break; case 'AdminPub__VIEWBYEMAIL' : CP_PUBLICITIES__VIEWBYEMAIL(); break; case 'AdminPub__VIEWBYID' : CP_PUBLICITIES__VIEWBYID(); break; case 'AdminPub__DELETEPUB' ://echo "DELETEPUB"; ADMIN_DELETE_PUB(GTPT('PUBID')); break; case 'AdminPub__DEFAULT' : CP_PUBLICITIES__DEFAULT(); break; } # CLIENT # mod 1.3.838 ?>