query(" UPDATE news SET Title = '".db_string($_POST['title'])."', Body = '".db_string($_POST['body'])."' WHERE ID = '".db_string($_POST['newsid'])."'"); $Cache->delete_value('news'); $Cache->delete_value('feed_news'); } header('Location: index.php'); break; case 'deletenews': if (!check_perms('admin_manage_news')) { error(403); } if (is_number($_GET['id'])) { authorize(); $DB->query(" DELETE FROM news WHERE ID = '".db_string($_GET['id'])."'"); $Cache->delete_value('news'); $Cache->delete_value('feed_news'); // Deleting latest news $LatestNews = $Cache->get_value('news_latest_id'); if ($LatestNews !== false && $LatestNews == $_GET['id']) { $Cache->delete_value('news_latest_id'); } } header('Location: index.php'); break; case 'takenewnews': if (!check_perms('admin_manage_news')) { error(403); } $DB->query(" INSERT INTO news (UserID, Title, Body, Time) VALUES ('$LoggedUser[ID]', '".db_string($_POST['title'])."', '".db_string($_POST['body'])."', '".sqltime()."')"); $Cache->cache_value('news_latest_id', $DB->inserted_id(), 0); $Cache->delete_value('news'); header('Location: index.php'); break; case 'tokens': include('managers/tokens.php'); break; case 'ocelot': include('managers/ocelot.php'); break; case 'official_tags': include('managers/official_tags.php'); break; case 'tag_aliases': include('managers/tag_aliases.php'); break; case 'label_aliases': include('managers/label_aliases.php'); break; case 'change_log': include('managers/change_log.php'); break; case 'global_notification': include('managers/global_notification.php'); break; case 'take_global_notification': include('managers/take_global_notification.php'); break; case 'permissions': if (!check_perms('admin_manage_permissions')) { error(403); } if (!empty($_REQUEST['id'])) { $Val->SetFields('name', true, 'string', 'You did not enter a valid name for this permission set.'); $Val->SetFields('level', true, 'number', 'You did not enter a valid level for this permission set.'); $Val->SetFields('maxcollages', true, 'number', 'You did not enter a valid number of personal collages.'); //$Val->SetFields('test', true, 'number', 'You did not enter a valid level for this permission set.'); if (is_numeric($_REQUEST['id'])) { $DB->query(" SELECT p.ID, p.Name, p.Level, p.Secondary, p.PermittedForums, p.Values, p.DisplayStaff, COUNT(u.ID) FROM permissions AS p LEFT JOIN users_main AS u ON u.PermissionID = p.ID WHERE p.ID = '".db_string($_REQUEST['id'])."' GROUP BY p.ID"); list($ID, $Name, $Level, $Secondary, $Forums, $Values, $DisplayStaff, $UserCount) = $DB->next_record(MYSQLI_NUM, array(5)); if ($Level > $LoggedUser['EffectiveClass'] || $_REQUEST['level'] > $LoggedUser['EffectiveClass']) { error(403); } $Values = unserialize($Values); } if (!empty($_POST['submit'])) { $Err = $Val->ValidateForm($_POST); if (!is_numeric($_REQUEST['id'])) { $DB->query(" SELECT ID FROM permissions WHERE Level = '".db_string($_REQUEST['level'])."'"); list($DupeCheck)=$DB->next_record(); if ($DupeCheck) { $Err = 'There is already a permission class with that level.'; } } $Values = array(); foreach ($_REQUEST as $Key => $Perms) { if (substr($Key, 0, 5) == 'perm_') { $Values[substr($Key, 5)] = (int)$Perms; } } $Name = $_REQUEST['name']; $Level = $_REQUEST['level']; $Secondary = empty($_REQUEST['secondary']) ? 0 : 1; $Forums = $_REQUEST['forums']; $DisplayStaff = $_REQUEST['displaystaff']; $Values['MaxCollages'] = $_REQUEST['maxcollages']; if (!$Err) { if (!is_numeric($_REQUEST['id'])) { $DB->query(" INSERT INTO permissions (Level, Name, Secondary, PermittedForums, `Values`, DisplayStaff) VALUES ('".db_string($Level)."', '".db_string($Name)."', $Secondary, '".db_string($Forums)."', '".db_string(serialize($Values))."', '".db_string($DisplayStaff)."')"); } else { $DB->query(" UPDATE permissions SET Level = '".db_string($Level)."', Name = '".db_string($Name)."', Secondary = $Secondary, PermittedForums = '".db_string($Forums)."', `Values` = '".db_string(serialize($Values))."', DisplayStaff = '".db_string($DisplayStaff)."' WHERE ID = '".db_string($_REQUEST['id'])."'"); $Cache->delete_value('perm_'.$_REQUEST['id']); if ($Secondary) { $DB->query(" SELECT DISTINCT UserID FROM users_levels WHERE PermissionID = ".db_string($_REQUEST['id'])); while ($UserID = $DB->next_record()) { $Cache->delete_value("user_info_heavy_$UserID"); } } } $Cache->delete_value('classes'); } else { error($Err); } } include('managers/permissions_alter.php'); } else { if (!empty($_REQUEST['removeid'])) { $DB->query(" DELETE FROM permissions WHERE ID = '".db_string($_REQUEST['removeid'])."'"); $DB->query(" SELECT UserID FROM users_levels WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'"); while (list($UserID) = $DB->next_record()) { $Cache->delete_value("user_info_$UserID"); $Cache->delete_value("user_info_heavy_$UserID"); } $DB->query(" DELETE FROM users_levels WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'"); $DB->query(" SELECT ID FROM users_main WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'"); while (list($UserID) = $DB->next_record()) { $Cache->delete_value("user_info_$UserID"); $Cache->delete_value("user_info_heavy_$UserID"); } $DB->query(" UPDATE users_main SET PermissionID = '".USER."' WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'"); $Cache->delete_value('classes'); } include('managers/permissions_list.php'); } break; case 'ip_ban': //TODO: Clean up DB table ip_bans. include("managers/bans.php"); break; case 'quick_ban': include("misc/quick_ban.php"); break; //Data case 'registration_log': include('data/registration_log.php'); break; case 'donation_log': include('data/donation_log.php'); break; case 'bitcoin_unproc': include('data/bitcoin_unproc.php'); break; case 'bitcoin_balance': include('data/bitcoin_balance.php'); break; case 'donor_rewards': include('data/donor_rewards.php'); break; case 'upscale_pool': include('data/upscale_pool.php'); break; case 'invite_pool': include('data/invite_pool.php'); break; case 'torrent_stats': include('data/torrent_stats.php'); break; case 'user_flow': include('data/user_flow.php'); break; case 'economic_stats': include('data/economic_stats.php'); break; case 'opcode_stats': include('data/opcode_stats.php'); break; case 'service_stats': include('data/service_stats.php'); break; case 'database_specifics': include('data/database_specifics.php'); break; case 'special_users': include('data/special_users.php'); break; case 'browser_support': include('data/browser_support.php'); break; //END Data //Misc case 'update_geoip': include('misc/update_geoip.php'); break; case 'dupe_ips': include('misc/dupe_ip.php'); break; case 'clear_cache': include('misc/clear_cache.php'); break; case 'create_user': include('misc/create_user.php'); break; case 'manipulate_tree': include('misc/manipulate_tree.php'); break; case 'recommendations': include('misc/recommendations.php'); break; case 'analysis': include('misc/analysis.php'); break; case 'process_info': include('misc/process_info.php'); break; case 'rerender_gallery': include('misc/rerender_gallery.php'); break; case 'sandbox1': include('misc/sandbox1.php'); break; case 'sandbox2': include('misc/sandbox2.php'); break; case 'sandbox3': include('misc/sandbox3.php'); break; case 'sandbox4': include('misc/sandbox4.php'); break; case 'sandbox5': include('misc/sandbox5.php'); break; case 'sandbox6': include('misc/sandbox6.php'); break; case 'sandbox7': include('misc/sandbox7.php'); break; case 'sandbox8': include('misc/sandbox8.php'); break; case 'public_sandbox': include('misc/public_sandbox.php'); break; case 'mod_sandbox': if (check_perms('users_mod')) { include('misc/mod_sandbox.php'); } else { error(403); } break; case 'bbcode_sandbox': include('misc/bbcode_sandbox.php'); break; case 'calendar': include('managers/calendar.php'); break; case 'get_calendar_event': include('managers/ajax_get_calendar_event.php'); break; case 'take_calendar_event': include('managers/ajax_take_calendar_event.php'); break; case 'mass_pm': include('managers/mass_pm.php'); break; case 'take_mass_pm': include('managers/take_mass_pm.php'); break; default: include(SERVER_ROOT.'/sections/tools/tools.php'); } ?>