<?php
/*
HostBuilder
Free Edition
(C) 2007-2008 Data Components Software Development
Administration
*/
include "functions.php";
include "templates.php";
include "admin.functions.php";
$commname = getconfig(0);
if ($_POST['funcbtn'] == "Login") {
// If the password equals the administrative password...
if (trim(getconfig(8)) == md5($_POST['password'])) {
setcookie("th_admin", md5($_POST['password']));
} else {
$t['title'] = $commname." - Administration Login";
$t['page'] = showerror("Incorrect Password");
echo parse_tpl("html", $t);
exit;
}
}
if ($_COOKIE['th_admin'] != getconfig(8)) {
$t['title'] = $commname." - Administration Login";
$t['page'] = showadminlogin($commname);
echo parse_tpl("html", $t);
exit;
}
switch (strtolower($_GET['p'])) {
case "adedit":
if ($_POST['funcbtn'] == "<< Back") {
header("Location: admin.php?p=ads");
} elseif ($_POST['funcbtn'] == "Edit Ad") {
switch ($_POST['file']) {
case "header.inc":
$a['message'] = "Forced Header Ad edited successfully!";
$globalmsg = parse_tpl("message", $a);
break;
case "footer.inc":
$a['message'] = "Forced Footer Ad edited successfully!";
$globalmsg = parse_tpl("message", $a);
break;
case "header.txt":
$a['message'] = "Header Ad in Manager edited successfully!";
$globalmsg = parse_tpl("message", $a);
break;
case "footer.txt":
$a['message'] = "Footer Ad in Manager edited successfully!";
$globalmsg = parse_tpl("message", $a);
break;
default:
die("Invalid file");
}
$hnd = fopen(getcwd()."/".$_POST['file'], "w");
fwrite($hnd, stripslashes($_POST['contents']));
fclose($hnd);
}
switch (strtolower($_GET['id'])) {
case "forcedheader":
$out = showadedit(getcwd()."/header.inc", "Forced Header Ad");
break;
case "forcedfooter":
$out = showadedit(getcwd()."/footer.inc", "Forced Footer Ad");
break;
case "header":
$out = showadedit(getcwd()."/header.txt", "Header Ad in Manager");
break;
case "footer":
$out = showadedit(getcwd()."/footer.txt", "Footer Ad in Manager");
break;
}
$t['title'] = $commname." - Administration";
$t['page'] = $globalmsg.$out;
echo parse_tpl("html", $t);
break;
case "ads":
if ($_POST['funcbtn'] == "<< Back") {
header("Location: admin.php");
}
if ($_POST['funcbtn'] == "Edit Selected Ad") {
if (!isset($_POST['adtype'])) {
starthtml($commname." - Administration");
$a['message'] = "You must select an ad you wish to edit!";
$globalmsg = parse_tpl("message", $a);
} else {
header("Location: admin.php?p=adedit&id=".$_POST['adtype']);
}
}
$t['title'] = $commname." - Administration";
$t['page'] = $globalmsg.showadspanel();
echo parse_tpl("html", $t);
break;
case "config":
if ($_POST['funcbtn'] == "<< Back") {
header("Location: admin.php");
}
if ($_POST['funcbtn'] == "Edit Config") {
$p = getconfig(8);
if ($_POST['config8'] != NULL) {
$p = md5($_POST['config8']);
}
$ct = $_POST['config0'];
for ($i=1;$i<=9;$i++) {
if ($i==8) {
$ct .= "::".$p;
} else {
$ct .= "::".$_POST['config'.$i];
}
}
$h = fopen(getcwd()."/config.inc", "w");
fwrite($h, $ct);
fclose($h);
$a['message'] = "Configuration edited successfully!";
$globalmsg = parse_tpl("message", $a);
}
$t['title'] = $commname." - Administration";
$t['page'] = $globalmsg.showconfigpanel();
echo parse_tpl("html", $t);
break;
case "exts":
if ($_POST['funcbtn'] == "<< Back") {
header("Location: admin.php");
}
if ($_POST['extbtn2'] == "Add") {
$addx = split(",", $_POST['extspace']);
$nx = split(",", getconfig(4));
foreach ($addx as $ax) {
$ax = trim(strtolower($ax));
$exist = 0;
foreach ($nx as $ext) {
$ext = trim(strtolower($ext));
if ($ax == $ext) {
$exist = 1;
}
}
if ($exist == 0) {
$ox[] = $ax;
}
}
foreach ($ox as $ext) {
if ($outx == NULL) {
$outx = $ext;
} else {
$outx .= ",".$ext;
}
}
changeconfig(4, $outx);
$a['message'] = "File extensions added successfully!";
$globalmsg = parse_tpl("message", $a);
}
if (isset($_GET['rem'])) {
$acct = $_POST['account'];
$rx = $_GET['rem'];
$nx = split(",", getconfig(4));
foreach ($nx as $ext) {
if (strtolower(trim($ext)) != strtolower(trim($rx))) {
if ($outx == NULL) {
$outx = $ext;
} else {
$outx .= ",".$ext;
}
}
}
changeconfig(4, $outx);
$a['message'] = "File extension removed successfully!";
$globalmsg = parse_tpl("message", $a);
}
$t['title'] = $commname." - Administration";
$t['page'] = $globalmsg.showfiletypespanel(getconfig(4));
echo parse_tpl("html", $t);
break;
case "groups":
if ($_POST['grpbtn'] == "Add") {
$grps = $_POST['grpspace'];
$h = fopen(getcwd()."/groups.db", "a");
fwrite($h, ",".$grps);
fclose($h);
$a['message'] = "Group added successfully!";
$globalmsg = parse_tpl("message", $a);
}
if (isset($_GET['rem'])) {
$rg = $_GET['rem'];
$f = file(getcwd()."/groups.db");
foreach ($f as $l) {
$fout .= trim($l);
}
$g = split(",", $fout);
foreach ($g as $grp) {
if ($outg == NULL) {
if (trim($grp) != trim($rg)) {
$outg = $grp;
}
} else {
if (trim($grp) != trim($rg)) {
$outg .= ",".$grp;
}
}
}
$h = fopen(getcwd()."/groups.db", "w");
fwrite($h, $outg);
fclose($h);
$a['message'] = "Group removed successfully!";
$globalmsg = parse_tpl("message", $a);
}
$t['title'] = $commname." - Administration";
$t['page'] = $globalmsg.showgroupspanel(null);
echo parse_tpl("html", $t);
break;
case "email":
if ($_POST['funcbtn'] == "<< Back") {
header("Location: admin.php");
}
if ($_POST['funcbtn'] == "E-Mail All") {
$subject = stripslashes($_POST['subject']);
$from = getconfig(9);
$content = stripslashes($_POST['content']);
if ($subject == NULL || $content == NULL) {
$a['message'] = "You must enter a subject and content!";
$globalmsg = parse_tpl("message", $a);
} else {
emailallusers ($subject, $from, $content);
$a['message'] = "All users e-mailed successfully!";
$globalmsg = parse_tpl("message", $a);
}
}
$t['title'] = $commname." - Administration";
$t['page'] = $globalmsg.showemailall(getconfig(9), $subject, $content);
echo parse_tpl("html", $t);
break;
case "accounts":
if ($_POST['funcbtn'] == "<< Back") {
header("Location: admin.php");
}
if ($_GET['msg'] == "1") {
$a['message'] = "Account removed successfully!";
$globalmsg = parse_tpl("message", $a);
}
if ($_POST['funcbtn'] == "Delete All Inactive Accounts") {
deleteallinactive();
$a['message'] = "All inactive accounts removed successfully!";
$globalmsg = parse_tpl("message", $a);
} elseif ($_POST['funcbtn'] == "Delete Accounts") {
deleteaccounts($_POST['accts']);
$a['message'] = "Accounts removed successfully!";
$globalmsg = parse_tpl("message", $a);
}
$t['title'] = $commname." - Administration";
$t['page'] = $globalmsg.showallaccounts();
echo parse_tpl("html", $t);
break;
case "viewacct":
include_once "functions.php";
if ($_POST['accbtn'] == "Add") {
$space = $_POST['accspace'];
$acct = $_POST['account'];
$accquota = getmemberspace($acct)/1024;
changedata($acct, 2, intval($accquota)+intval($space));
$a['message'] = "Account space modified successfully!";
$globalmsg = parse_tpl("message", $a);
} elseif ($_POST['accbtn'] == "Remove") {
$space = $_POST['accspace'];
$acct = $_POST['account'];
$accquota = getmemberspace($acct);
$accspace = getmemberusedspace($acct);
if ((intval($accquota)-(intval($space)*1024)) < intval($accspace)) {
$outmsg = "Your web space removal must be equal to or above the member's used webspace!";
} else {
changedata($acct, 2, (intval($accquota)/1024)-intval($space));
$outmsg = "Account space modified successfully!";
}
$a['message'] = $outmsg;
$globalmsg = parse_tpl("message", $a);
} elseif ($_POST['accbtn'] == "Toggle Forced Ads") {
$acct = $_POST['account'];
if (trim(getaccountinfo($acct, 11)) == "1") {
$val = "0\n";
} else {
$val = "1\n";
}
changedata($acct, 11, $val);
$a['message'] = "Ads have been toggled successfully!";
$globalmsg = parse_tpl("message", $a);
}
if ($_POST['extbtn'] == "Add") {
$acct = $_POST['account'];
$exts = $_POST['extspace'];
$nx = getaccountinfo($acct, 4);
$x1 = split(",", $nx);
$x2 = split(",", $exts);
foreach ($x2 as $ext) {
$bad = 0;
foreach ($x1 as $ax) { // Check for exts which exist
if (strtolower(trim($ax)) == strtolower(trim($ext))) {
$bad = 1;
}
}
if ($bad == 0) {
$ox[] = $ext;
}
}
foreach ($ox as $ext) {
if ($outx == NULL) {
$outx = $ext;
} else {
$outx .= ",".$ext;
}
}
changedata($acct, 4, $outx);
$a['message'] = "File extensions added successfully!";
$globalmsg = parse_tpl("message", $a);
} elseif ($_POST['extbtn'] == "Remove") {
$acct = $_POST['account'];
$exts = $_POST['extspace'];
$nx = getaccountinfo($acct, 4);
$x1 = split(",", $nx);
$x2 = split(",", $exts);
foreach ($x2 as $ext) {
$exist = 0;
foreach ($x1 as $ex2) {
if (strtolower(trim($ex2)) == strtolower(trim($ext))) {
$exist = 1;
}
}
if ($exist == 0) {
$ox[] = $ext;
}
}
foreach ($ox as $ext) {
if ($outx == NULL) {
$outx = $ext;
} else {
$outx .= ",".$ext;
}
}
changedata($acct, 4, $outx);
$a['message'] = "File extensions removed successfully!";
$globalmsg = parse_tpl("message", $a);
}
if ($_POST['fsbtn'] == "Add") {
$space = $_POST['fsspace'];
$acct = $_POST['account'];
$accquota = getaccountinfo($acct, 3);
if (intval($space) < 0) {
$a['message'] = "Your file size limit must be 0 or above!";
} else {
changedata($acct, 3, intval($accquota)+intval($space));
$a['message'] = "File size limit modified successfully!";
}
$globalmsg = parse_tpl("message", $a);
} elseif ($_POST['fsbtn'] == "Remove") {
$space = $_POST['fsspace'];
$acct = $_POST['account'];
$accquota = getaccountinfo($acct, 3);
if ((intval($accquota)-intval($space)) < 0) {
$a['message'] = "Your file size limit must be 0 or above!";
} else {
changedata($acct, 3, intval($accquota)-intval($space));
$a['message'] = "File size limit modified successfully!";
}
$globalmsg = parse_tpl("message", $a);
}
if (isset($_POST['funcbtn'])) {
switch ($_POST['funcbtn']) {
case "Back to All Accounts":
header("Location: admin.php?p=accounts");
break;
case "Remove Account":
deleteaccounts($_POST['account']);
header("Location: admin.php?p=accounts&msg=1");
break;
}
}
$t['title'] = $commname." - Administration";
$t['page'] = $globalmsg.showaccount($_GET['id']);
echo parse_tpl("html", $t);
break;
default:
if (isset($_POST['funcbtn'])) {
switch ($_POST['funcbtn']) {
case "E-Mail All Users":
header("Location: admin.php?p=email");
break;
case "View All Accounts":
header("Location: admin.php?p=accounts");
break;
case "Add/Remove Illegal File Types":
header("Location: admin.php?p=exts");
break;
case "Add/Remove Groups":
header("Location: admin.php?p=groups");
break;
case "Edit Configuration":
header("Location: admin.php?p=config");
break;
case "Edit Forced Ads":
header("Location: admin.php?p=ads");
break;
default:
header("Location: admin.php");
break;
}
}
$t['title'] = $commname." - Administration";
if ($globalmsg != NULL) {
$t['page'] = $globalmsg;
}
$t['page'] .= showadminmain();
echo parse_tpl("html", $t);
break;
}
?>