Location: PHPKode > projects > H-tracker > modcp.php
<?
//
//  H-Tracker v0.2
//    http://h-tracker.org
//    Based on TorrentTrader (http://www.torrenttrader.org)
//
//
require_once ("backend/functions.php");
require_once ("backend/bbcode.php");
dbconn(false);

loggedinonly();

if (!$CURUSER || $CURUSER["class"] < 5 ){
show_error_msg(""._ERROR_."",""._ACCESS_DEN_."",1); 
}
function navmenu(){
global $site_config;

//Get Last Cleanup
$res = mysql_query("SELECT last_time FROM tasks WHERE task = 'cleanup'");
$row = mysql_fetch_array($res);
if (!$row){
        $lastclean="".NDONE."";
}else{
    $row[0]=gmtime()-$row[0]; $days=intval($row[0] / 86400);$row[0]-=$days*86400;
    $hours=intval($row[0] / 3600); $row[0]-=$hours*3600; $mins=intval($row[0] / 60);
    $secs=$row[0]-($mins*60);
    $lastclean = "$days days, $hours hrs, $mins minutes, $secs seconds ago.";
}
     begin_frame("".ADMINISTRATION."");
      print "".LAST_CLEAN.": ".$lastclean." [<a href=modcp.php?action=forceclean>".F_CLEAN."</a>]<BR><BR>";  

    $pending = get_row_count("users", "WHERE status='pending'");
    echo "<CENTER><b>".USERS_VALID.":</b> <a href='modcp.php?action=confirmreg'>($pending)</a></CENTER><BR>";
$title = "".ADMINISTRATION."";
$hide = "<a href=\"javascript: klappe_block('b".$title."')\"><img border=\"0\" src=\"".$site_config["SITEURL"]."/images/plus.gif\" id=\"picb".$title."\" alt=\"".SHOW."/".HIDE."\">"; 
?>
<FIELDSET class=tablebg><LEGEND><?=$title?>&nbsp;&nbsp;<?=$hide?></LEGEND>
 <?
echo "<div id=\"kb".$title."\" style=\"display: none;\">\n";
?>
<table width="90%" cellspacing="0" cellpadding="0" align=center>
<TR>
<td class="admin"><a href=modcp.php?action=cheats><img src="images/admin/cheats.png" border=0><br><?="".DET_CHEAT.""?></a><BR></td> 
<td class="admin"><a href=modcp.php?action=peers><img src="images/admin/peers.png" border=0><br><?="".PEERS_LIST.""?></a><BR></td> 
<td class="admin"><a href=modcp.php?action=warned><img src="images/admin/warnedaccounts.png" border=0><br><?="".WARNED." ".USERS.""?></a><BR></td>
<td class="admin"><a href=modcp.php?action=whoswhere><img src="images/admin/ipchecker.png" border=0><br><?="".WHOIS.""?></a><BR></td> 
<td class="admin"><a href=modcp.php?action=torrentmanage><img src="images/admin/torrents.png" border=0><br><?="".TORRENTS.""?></a><BR></td> 
</tr>

<tr><td colspan="5">&nbsp;</td></tr>

<TR>
<td class="admin"><a href=modcp.php?action=adduser><img src="images/admin/adduser.png" border=0><br><?=""._ADD_." ".ACCOUNT_USER.""?></a><BR></td> 
<td class="admin"><a href=modcp.php?action=reports&do=view><img src="images/admin/report.png" border=0><br><?="".REPORTS.""?></a><BR></td> 
<td class="admin"><a href=modcp.php?action=censor><img src="images/admin/censor.png" border=0><BR><?="".WORDS." ".CENSOR.""?></a><BR></td> 
<td class="admin"><a href=uploadapps.php><img src="images/admin/upload.png" border=0><br><?="".UPLOADER." ".APPLICATIONS.""?></a><BR></td>
<td class="admin"><a href=modcp.php?action=confirmreg><img src="images/admin/confirm.png" border=0><br><?="".UN_ACCOUNTS.""?></a><BR></td> 
</tr>

<tr><td colspan="5">&nbsp;</td></tr>

<TR>
<td class="admin"><a href=modcp.php?action=clearshoutbox><img src="images/admin/clear.png" border=0><br><?="".CL_SHOUTBOX.""?><br></a><BR></td>                      
<td class="admin"><a href=staffbox.php><img src="images/admin/masspm.png" border=0><br><?="".STAFF_BOX.""?></a><BR></td>                                                                                                                                                         
</tr>

</table>
<?
    end_frame();
}


if (!$action){
    stdhead("Mod CP");
    navmenu();
    stdfoot();
}

if ($action=="whoswhere"){
    stdhead("Where are members");
    navmenu();

    begin_frame("Last 100 page views");
    print("<CENTER><table class=table_table width=80%><tr><td class=table_head>User</td><td class=table_head>Page</td><td class=table_head>Accessed</td></tr>");
    $res = mysql_query("SELECT id, username, page, last_access FROM users ORDER BY last_access DESC LIMIT 100");
    while ($arr = mysql_fetch_assoc($res))
    print("<tr><td class=table_col1><a href=account-details.php?id=$arr[id]><b>$arr[username]</b></a></td><td class=table_col2>".htmlspecialchars($arr["page"])."</td><td  class=table_col1>$arr[last_access]</td></tr>");
    print("</table></CENTER>");
    end_frame();

    stdfoot();
}

if ($action=="peers"){
    stdhead("Peers List");
    navmenu();

    begin_frame("Peers List");

    $count1 = number_format(get_row_count("peers"));

    print("<center>We have $count1 peers</center><br>");

    $res4 = mysql_query("SELECT COUNT(*) FROM peers $limit") or die(mysql_error());
    $row4 = mysql_fetch_array($res4);

    $count = $row4[0];
    $peersperpage = 50;

    list($pagertop, $pagerbottom, $limit) = pager($peersperpage, $count, "modcp.php?action=peers&");

    print("$pagertop");

    $sql = "SELECT * FROM peers ORDER BY started DESC $limit";
    $result = mysql_query($sql);

    if( mysql_num_rows($result) != 0 ) {
        print'<CENTER><table width=90% border=1 cellspacing=0 cellpadding=3 class=table_table>';
        print'<tr>';
        print'<td class=table_head align=center>User</td>';
        print'<td class=table_head align=center>Torrent</td>';
        print'<td class=table_head align=center>IP</td>';
        print'<td class=table_head align=center>Port</td>';?>
<?
            print("<td class=\"table_head\"><div align=center><img src=\"/images/torrent/uploaded.png\" border=\"0\" onMouseover=\"return overlib('<font color=red><b>UPLOADED</b></font>')\"; onMouseout=\"return nd()\"></div></td>");
            print("<td class=\"table_head\"><div align=center><img src=\"/images/torrent/downloaded.png\" border=\"0\" onMouseover=\"return overlib('<font color=green><b>DOWNLOADED</b></font>')\"; onMouseout=\"return nd()\"></div></td>");?>
<?
        print'<td class=table_head align=center>Client</td>';
        print'<td class=table_head align=center>Conn.</td>';
        print'<td class=table_head align=center>Seeding</td>';
        print'<td class=table_head align=center>Started</td>';
        print'<td class=table_head align=center>Last<br>Action</td>';
        print'</tr>';

        while($row = mysql_fetch_assoc($result)) {
            if ($site_config['MEMBERSONLY']) {
                $sql1 = "SELECT id, username FROM users WHERE id = $row[userid]";
                $result1 = mysql_query($sql1);
                $row1 = mysql_fetch_assoc($result1);
            }

            if ($row1['username'])
                print'<tr><td class=table_col1><a href="account-details.php?id=' . $row['userid'] . '">' . $row1['username'] . '</a></td>';
            else
                print'<tr><td class=table_col1>'.$row[ip].'</td>';

            $sql2 = "SELECT id, name FROM torrents WHERE id = $row[torrent]";
            $result2 = mysql_query($sql2);

            while ($row2 = mysql_fetch_assoc($result2)) {

                $smallname =substr(htmlspecialchars($row2["name"]) , 0, 30);
                    if ($smallname != htmlspecialchars($row2["name"])) {
                        $smallname .= '...';
                    }

                print'<td class=table_col1><a href="torrents-details.php?id=' . $row['torrent'] . '">' . $smallname . '</td>';
                print'<td align=center class=table_col1>' . $row['ip'] . '</td>';
                print'<td align=center class=table_col1>' . $row['port'] . '</td>';

                if ($row['uploaded'] < $row['downloaded'])
                    print'<td align=center class=table_col1><font color=red>' . mksize($row['uploaded']) . '</font></td>';
                else
                    if ($row['uploaded'] == '0')
                        print'<td align=center class=table_col1>' . mksize($row['uploaded']) . '</td>';
                    else
                        print'<td align=center class=table_col1><font color=green>' . mksize($row['uploaded']) . '</font></td>';
                print'<td align=center class=table_col1>' . mksize($row['downloaded']) . '</td>';
                print'<td align=center class=table_col1>' . $row['client'] . '</td>';
                if ($row['connectable'] == 'yes')
                    print'<td align=center class=table_col1><font color=green>' . $row['connectable'] . '</font></td>';
                else
                    print'<td align=center class=table_col1><font color=red>' . $row['connectable'] . '</font></td>';
                if ($row['seeder'] == 'yes')
                    print'<td align=center class=table_col1><font color=green>' . $row['seeder'] . '</font></td>';
                else
                    print'<td align=center class=table_col1><font color=red>' . $row['seeder'] . '</font></td>';
                print'<td align=center class=table_col1>' . $row['started'] . '</td>';
                print'<td align=center class=table_col1>' . $row['last_action'] . '</td>';
                print'</tr>';
            }
        }
        print'</table>';
        print("$pagerbottom</CENTER>");
    }else{
        print'<B><CENTER>No Peers</CENTER></B><BR>';
    }
    end_frame();

    stdfoot();
}

if ($action=="torrentmanage"){
    stdhead("Torrent Management");
    navmenu();

    $search = trim($search);

    if ($search != '' ){
        $where = "WHERE name LIKE " . sqlesc("%$search%") . "";
    }

    
    $res2 = mysql_query("SELECT COUNT(*) FROM torrents $where");
    $row = mysql_fetch_array($res2);
    $count = $row[0];

    $perpage = 50;

    list($pagertop, $pagerbottom, $limit) = pager($perpage, $count, "modcp.php?action=torrentmanage&");

    begin_frame("Torrent Management");

    print("<CENTER><form method=get action=?>\n");
    print("<input type=hidden name=action value=torrentmanage>\n");
    print("" . SEARCH . ": <input type=text size=30 name=search>\n");
    print("<input type=submit value='Search'>\n");
    print("</form></CENTER>\n");

    echo $pagertop;
    ?>
    <CENTER><table align=center cellpadding="0" cellspacing="0" class="table_table" width="100%" border="1">
    <tr>
    <td class=table_head align=center>Name</td>
    <td class=table_head align=center>Visible</td>
    <td class=table_head align=center>Banned</td>
    <td class=table_head align=center>Seeders</td>
    <td class=table_head align=center>Leechers</td>
    <td class=table_head align=center>External?</td>
    <td class=table_head align=center>Edit?</td>
    </tr>
    <?
    $rqq = "SELECT id, name, seeders, leechers, visible, banned, external FROM torrents $where ORDER BY name $limit";
    $resqq = mysql_query($rqq);

    while ($row = mysql_fetch_array($resqq)){
        extract ($row);

        $char1 = 35; //cut name length 
        $smallname = CutName(htmlspecialchars($row["name"]), $char1);

        echo "<tr><td class=table_col1><a href=\"torrents-details.php?id=$row[id]\">" . $smallname . "</a></td><td class=table_col2>$row[visible]</td><td class=table_col1>$row[banned]</td><td class=table_col2>$row[seeders]</td><td class=table_col1>$row[leechers]</td><td class=table_col2>$row[external]</td><td class=table_col1><a href=\"torrents-edit.php?returnto=" . urlencode($_SERVER["REQUEST_URI"]) . "&amp;id=" . $row["id"] . "\"><font size=1 face=Verdana>EDIT</a></td></tr>\n";
    }

    echo "</table></CENTER>\n";

    print($pagerbottom);

    end_frame();
    stdfoot();
}


if ($action == "cheats") {
    stdhead("Possible Cheater Detection");
    navmenu();

    if ($daysago && $megabts){

        $timeago = 84600 * $daysago; //last 7 days
        $bytesover = 1048576 * $megabts; //over 500MB Upped

        $result = mysql_query("select * FROM users WHERE UNIX_TIMESTAMP('" . get_date_time() . "') - UNIX_TIMESTAMP(added) < '$timeago' AND status='confirmed' AND uploaded > '$bytesover' ORDER BY uploaded DESC "); 
        $num = mysql_num_rows($result); // how many uploaders

        begin_frame("Possible Cheater Detection");
        echo "<p>" . $num . " Users with found over last ".$daysago." days with more than ".$megabts." MB (".$bytesover.") Bytes Uploaded.</p>";

        $zerofix = $num - 1; // remove one row because mysql starts at zero

        if ($num > 0){
        echo "<table align=center class=table_table>";
        echo "<tr>";
         echo "<td class=table_head>No.</td>";
         echo "<td class=table_head>" . USERNAME . "</td>";
         echo "<td class=table_head>" . UPLOADED . "</td>";
         echo "<td class=table_head>" . DOWNLOADED . "</td>";
         echo "<td class=table_head>" . RATIO . "</td>";
         echo "<td class=table_head>" . TORRENTS_POSTED . "</td>";
         echo "<td class=table_head>AVG Daily Upload</td>";
         echo "<td class=table_head>" . ACCOUNT_SEND_MSG . "</td>";
         echo "<td class=table_head>Joined</td>";
        echo "</tr>";

        for ($i = 0; $i <= $zerofix; $i++) {
             $id = mysql_result($result, $i, "id");
             $username = mysql_result($result, $i, "username");
             $added = mysql_result($result, $i, "added");
             $uploaded = mysql_result($result, $i, "uploaded");
             $downloaded = mysql_result($result, $i, "downloaded");
             $donated = mysql_result($result, $i, "donated");
             $warned = mysql_result($result, $i, "warned");
             $joindate = "" . get_elapsed_time(sql_timestamp_to_unix_timestamp($added)) . " ago";
             $upperquery = "SELECT added FROM torrents WHERE owner = $id";
             $upperresult = mysql_query($upperquery);
             $seconds = mkprettytime(utc_to_tz_time() - utc_to_tz_time($added));
             $days = explode("d ", $seconds);

             if(sizeof($days) > 1) {
                 $dayUpload  = $uploaded / $days[0];
                 $dayDownload = $downloaded / $days[0];
            }
         
          $torrentinfo = mysql_fetch_array($upperresult);
         
          $numtorrents = mysql_num_rows($upperresult);
           
          if ($downloaded > 0){
           $ratio = $uploaded / $downloaded;
           $ratio = number_format($ratio, 3);
           $color = get_ratio_color($ratio);
           if ($color)
           $ratio = "<font color=$color>$ratio</font>";
           }
          else
           if ($uploaded > 0)
            $ratio = "Inf.";
           else
            $ratio = "---";
          
         
         $counter = $i + 1;
         
         echo "<tr>";
          echo "<td align=center class=table_col1>$counter.</td>";
          echo "<td class=table_col2><a href=account-details.php?id=$id>$username</a></td>";
          echo "<td class=table_col1>" . mksize($uploaded). "</td>";
          echo "<td class=table_col2>" . mksize($downloaded) . "</td>";
          echo "<td class=table_col1>$ratio</td>";
          if ($numtorrents == 0) echo "<td class=table_col2><font color=red>$numtorrents torrents</font></td>";
          else echo "<td class=table_col2>$numtorrents torrents</td>";

          echo "<td class=table_col1>" . mksize($dayUpload) . "</td>";

          echo "<td align=center class=table_col2><a href=mailbox.php?compose&id=$id>PM</a></td>";
          echo "<td class=table_col1>" . $joindate . "</td>";
         echo "</tr>";

         
         }
        echo "</table><br><br>";
        end_frame();
        }

        if ($num == 0)
        {
        end_frame();
        }

    }else{
    begin_frame("Possible Cheater Detection");?>
    <form action='modcp.php?action=cheats' method='post'>
       <table align=center class=table_table width='80%'>
        <tr><td width='140' class=table_col1>Number of days joined: </td><td class=table_col2><input type='text' size='4' maxlength='4' name='daysago'> Days</td></tr>
        <tr><td class=table_col1>MB Uploaded: </td><td class=table_col2><input type='text' size='6' maxlength='6' name='megabts'> MB</td></tr>
        <tr><td align=right><input type='submit' value='Submit'></td></tr></table>
        </form><?
    end_frame();
    }
    stdfoot();
}

  if ($action == "warned") {
    stdhead("Warned Users Management");
    navmenu();

    
    $res2 = mysql_query("SELECT COUNT(*) FROM users WHERE warned='yes'");
    $row = mysql_fetch_array($res2);
    $count = $row[0];

    $perpage = 50;

    list($pagertop, $pagerbottom, $limit) = pager($perpage, $count, "modcp.php?action=warned&");

    begin_frame("Warned Users Management");

    echo $pagertop;
    ?>
    <CENTER><table align=center cellpadding="0" cellspacing="0" class="table_table" width="100%" border="1">
    <tr>
    <td class=table_head align=center>Username</td>
    <td class=table_head align=center>Added</td>
    <td class=table_head align=center>Last Visit</td>
    <td class=table_head align=center>Uploaded</td>
    <td class=table_head align=center>Downloaded</td>
    <td class=table_head align=center>Edit?</td>
    </tr>
    <?
    
    $rqq = "SELECT id, username, last_access, added, uploaded, downloaded FROM users WHERE warned='yes' ORDER BY username $limit";
    $resqq = mysql_query($rqq);

    while ($row = mysql_fetch_array($resqq)){
        extract ($row);

        echo "<tr><td class=table_col1><a href=account-details.php?id=$row[id]>$row[username]</a></td><td class=table_col2>".utc_to_tz($row['added'])."</td><td class=table_col1>$row[last_access]</td><td class=table_col2>".mksize($row["uploaded"])."</td><td class=table_col1>".mksize($row["downloaded"])."</td><td class=table_col2><a href=account-details.php?id=$row[id]>EDIT</a></td></tr>\n";
    }

    echo "</table></CENTER>\n";

    print($pagerbottom);

    end_frame();
    stdfoot();
}

               #======================================================================#
# Add Users
#======================================================================#
if ($action == "adduser") {
function validusername($username)
{
if ($username == "")
return false;

// The following characters are allowed in user names
$allowedchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";

for ($i = 0; $i < strlen($username); ++$i)
if (strpos($allowedchars, $username[$i]) === false)
return false;

return true;
}
      
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
if ($_POST["username"] == "" || $_POST["password"] == "" || $_POST["email"] == "" || $_POST["class"] == "" || $_POST["seedbonus"] == "" || $_POST["modcomment"] == "")
show_error_msg("Error", "Missing form data.");
if (!validusername($_POST["username"]))
show_error_msg("Error", "Invalid username.");
if ($_POST["password"] != $_POST["password2"])
show_error_msg("Error", "Passwords mismatch.");
if (!validemail($_POST['email']))
show_error_msg("Error", "Not valid email");
$username = sqlesc($_POST["username"]);
$password = $_POST["password"];
$email = $_POST["email"];
$res = mysql_query("SELECT COUNT(*) FROM users WHERE email='$email'") or die(mysql_error());
$arr = mysql_fetch_row($res);
if ($arr[0] != 0)
show_error_msg("Error", "The e-mail address is already in use.");
$secret = mksecret();
$passhash = sqlesc(md5($password));
$secret = sqlesc($secret);
$added = sqlesc(get_date_time()); 
$class = 0+$_POST["class"];
$seedbonus = 0+$_POST["seedbonus"];
$modcomment = $_POST["modcomment"]; 
mysql_query("INSERT INTO users (added, last_access, secret, username, password, status, email, class, seedbonus, modcomment) VALUES($added, $added, $secret, $username, $passhash, 'confirmed', ".sqlesc($email).", $class, $seedbonus, ".sqlesc($modcomment).")") or die(mysql_error());
$res = mysql_query("SELECT id FROM users WHERE username=$username");
$arr = mysql_fetch_row($res);
if (!$arr)
show_error_msg("Error", "Unable to create the account. The user name is possibly already taken.");
header("Location: /account-details.php?id=$arr[0]");
die;
}
        
stdhead("Add user");
navmenu();
begin_frame("Add user");
?>
<form method=post action=modcp.php?action=adduser>
<table width='90%' class=table_table align=center cellspacing=0 cellpadding=5>
<tr><td class=ttable_col1>Username</td><td class=ttable_col2><input type=text name=username size=40></td></tr>
<tr><td class=ttable_col1>Password</td><td class=ttable_col2><input type=password name=password size=40></td></tr>
<tr><td class=ttable_col1>Re-type password</td><td class=ttable_col2><input type=password name=password2 size=40></td></tr>
<tr><td class=ttable_col1>E-mail</td><td class=ttable_col2><input type=text name=email size=40></td></tr>
<tr><td class=ttable_col1>Bonus</td><td class=ttable_col2><input type=text size=5 name=seedbonus value="0.0"></td></tr>
<?php
print("<tr><td class=ttable_col1>Class</td><td align=left class=ttable_col2>\n");
    $ct_r = mysql_query("SELECT group_id,level from groups ORDER BY group_id") or die;
    while ($ct_a = mysql_fetch_array($ct_r)) 
      $class .= "<option value=$ct_a[group_id]" . ($CURUSER["level"] == $ct_a['group_id'] ? " selected" : "") . ">$ct_a[level]</option>\n";  
      
        print("<select name=class>$class</select></td></tr>\n");
$modcomment = gmdate("Y-m-d")." - User added by ".$CURUSER['username'].".\n".$modcomment;                                                                                     
?>
<tr><td class=ttable_col1>Comment</td><td class=ttable_col2><input type=text size=40 name=modcomment value="<?php echo $modcomment?>" READONLY></td></tr>
<tr><td colspan=2 align=center><input type=submit value="Okay" class=lbutton></td></tr>
</table>
</form>
<?
end_frame();
stdfoot();
}
#======================================================================#
# END Add Users
#======================================================================#

#======================================================================#
#    Manual Conf Reg
#======================================================================#
if($action == "confirmreg")
{
stdhead("Manual Registration Confirm");
navmenu();
begin_frame("Info On This List", justify);
?>
<p align="justify">This page shows all users that have not clicked the ACTIVATION link in the signup email, they cannot access the site until they have clicked this link.  You should only manually confirm a user if they request it (via email, irc or other method), where they have lost or not received the email.  All PENDING users will be cleaned from the system every so often.</p>
<?
end_frame();
begin_frame("Manual Registration Confirm", center);
begin_table();
$perpage = 100;
print("<tr><td align=\"center\"  class=alt3 align=left><font size=1 face=Verdana>Username</td><td align=\"center\"  class=alt3><font size=1 face=Verdana>Email Address</td><td align=\"center\"  class=alt3><font size=1 face=Verdana>Date Registered</td><td align=\"center\"  class=alt3 align=left><font size=1 face=Verdana>IP</td><td align=\"center\"  class=alt3><font size=1 face=Verdana>Status</td></tr>\n");

$resww = "SELECT * FROM users WHERE status='pending' ORDER BY username";
$reqww = mysql_query($resww);
while ($row = mysql_fetch_array($reqww))
    {
     extract ($row);
  echo "<tr><td align='center'>$row[username]</td><td align='center'>$row[email]</td><td align='center'>$row[added]</td><td align='center'>$row[ip]</td><td align='center'><a href='modcp.php?action=editreg&id=$row[id]'>$row[status]</a></td></tr>\n";

    }
end_table();
end_frame();
stdfoot();
}

if($action == "save_editreg")
// SAVE THEME EDIT FUNCTION
    {
        mysql_query("UPDATE users SET status='$ed_status' WHERE id=$id");
show_success_msg("Updated", "<br><br><center><b>Updated Completed</b><BR><BR><a href='modcp.php?action=confirmreg'>Click here</a> to go back.</center>");
}

if($action == "editreg" && $id != "")
// EDIT USER REG FORM
{
    $qq = mysql_query("SELECT * FROM users WHERE id = $id");
    $ee = mysql_fetch_array($qq);
    stdhead();
    navmenu();
    begin_frame();
    ?>

    <form action='modcp.php' method='post'>
    <input type='hidden' name='id' value='<?=$id?>'>
    <input type='hidden' name='action' value='save_editreg'>
    Name: <?=$ee[username]?><br />
    Current Status: <?=$ee[status]?><br>
    <select name='ed_status'>
        <option value='pending' <? if($status == "pending") echo "selected"; ?>>pending
        <option value='confirmed' <? if($status == "confirmed") echo "selected"; ?>>confirmed
        </select>
    <!--<input type='text' value='<?=$ee[status]?>' size='30' maxlength='30' name='ed_status'><br />-->
    <input type='submit' value='   Save   ' style='background:#eeeeee'>&nbsp;&nbsp;&nbsp;<input type='reset' value='  Reset  ' style='background:#eeeeee'>
    </form>
    <?
        end_frame();
stdfoot();
}

//FIX by hack346
if ($action=="reports" && $do=="view"){
    stdhead("Reported Items");
    navmenu();

    begin_frame("Reported Items");

    $res = mysql_query("SELECT count(id) FROM reports WHERE complete='0'") or die(mysql_error());
    $row = mysql_fetch_array($res);

    $count = $row[0];
    $perpage = 25;
    list($pagertop, $pagerbottom, $limit) = pager($perpage, $count, $_SERVER["PHP_SELF"] . "?type=" . $_GET["type"] . "&" );

    echo "<BR><CENTER><B><a href=#>View Archived Reports</a></B></CENTER><BR>";

    echo $pagertop;

    print("<table border=1 cellspacing=0 cellpadding=1 align=center width=95% class=table_table>\n");
    print("<tr><td class=table_head align=center>By</td><td class=table_head align=center>Reported</td><td class=table_head align=center>Type</td><td class=table_head align=center>Reason</td><td class=table_head align=center>Dealt With</td>");
    print("</tr>");
    $res = mysql_query("SELECT reports.id, reports.dealtwith,reports.dealtby, reports.addedby, reports.votedfor,reports.votedfor_xtra, reports.reason, reports.type, users.username, reports.complete FROM reports INNER JOIN users on reports.addedby = users.id WHERE complete = '0' ORDER BY id desc $limit");

    while ($arr = mysql_fetch_assoc($res))
    {
    if ($arr[dealtwith])
    {
    $res3 = mysql_query("SELECT username FROM users WHERE id=$arr[dealtby]");
    $arr3 = mysql_fetch_assoc($res3);
    $dealtwith = "<font color=green><b>Yes - <a href=account-details.php?id=$arr[dealtby]><b>$arr3[username]</b></a></b></font>";
    }
    else
    $dealtwith = "<font color=red><b>No</b></font>";
    if ($arr[type] == "user")
    {
    $type = "account-details.php?id=$arr[votedfor]";
    $res2 = mysql_query("SELECT username FROM users WHERE id=$arr[votedfor]");
    $arr2 = mysql_fetch_assoc($res2);
    $name = $arr2[username];
    }
    else if  ($arr[type] == "comment")
    {
    $res2 = mysql_query("SELECT text, news, torrent FROM comments WHERE id=$arr[votedfor]");
    $arr2 = mysql_fetch_assoc($res2);
    if($arr2[torrent]){
    $type = "comments.php?id=$arr[votedfor]&type=torrent&id=$arr2[torrent]";
    $name = format_comment($arr2[text]);
    }elseif($arr2[news]){
    $type = "comments.php?type=news&id=$arr2[news]";
    $name = format_comment($arr2[text]);
    }
    }
    else if ($arr[type] == "torrent")
    {
    $type = "torrents-details.php?id=$arr[votedfor]";
    $res2 = mysql_query("SELECT name FROM torrents WHERE id=$arr[votedfor]");
    $arr2 = mysql_fetch_assoc($res2);
    $name = $arr2[name];
    if ($name == "")
     $name = "<b>[Deleted]</b>";
    }
    print("<tr><td class=table_col1><a href=account-details.php?id=$arr[addedby]><b>$arr[username]</b></a></td><td align=left class=table_col2><a href=$type><b>$name</b></a></td><td align=left class=table_col1>$arr[type]</td><td align=left class=table_col2>$arr[reason]</td><td align=left class=table_col1>$dealtwith</td>\n");
    print("</tr>");
    }

    print("</table>\n");



    echo $pagerbottom;

    end_frame();
    stdfoot();
}


if ($action == "clearshoutbox") {
    stdhead("Clear Shoutbox");
    navmenu();
        begin_frame("Clear Shoutbox", center);
            if ($yes == "yes") {
                $res = mysql_query("TRUNCATE `shoutbox`");
                if ($res) echo "Shoutbox cleared";
            } else {
                echo "<div align=center>Are you sure you want to clear the shoutbox?<br>";
                echo "<a href='modcp.php?action=clearshoutbox&yes=yes'><b>Yes</b></a></div>";
            }
    end_frame();
    stdfoot();
}

?>
Return current item: H-tracker