"); print("\n".MNU_UCP_HOME.""); print("\n".MNU_UCP_PM.""); print("\n".MNU_UCP_OUT.""); print("\n".MNU_UCP_NEWPM.""); print("\n".MNU_UCP_INFO.""); print("\n".MNU_UCP_CHANGEPWD.""); print("\n".CHANGE_PID.""); print("\n\n"); if ($do=="pm" && $action=="list") { // MODIFIED select for deletion by gAnDo print(" "); if (isset($_GET["what"]) && $_GET["what"]) $what=$_GET["what"]; else $what = ""; if ($what=="outbox") { block_begin(MNU_UCP_OUT); print("\n

"); print("\n"); print("\n"); $res=mysql_query("select messages.*, users.username as receivername FROM messages INNER JOIN users on users.id=messages.receiver WHERE sender=$uid ORDER BY added DESC"); if (!$res || mysql_num_rows($res)==0) { print("\n"); } else { print("\n"); while ($result=mysql_fetch_array($res)) print("\n"); print("\n\n"); } print("\n

".READED."	".RECEIVER."	".DATE."	".SUBJECT."
".NO_MESSAGES."

".unesc($result["readed"])."	".unesc($result["receivername"])."	".get_date_time($result["added"])."	".unesc($result["subject"])."

"); block_end(); print("
"); } else { block_begin(MNU_UCP_IN); print("\n

"); print("\n"); print("\n"); $res=mysql_query("select messages.*, users.username as sendername FROM messages INNER JOIN users on users.id=messages.sender WHERE receiver=$uid ORDER BY added DESC"); if (!$res || mysql_num_rows($res)==0) print("\n"); else { print("\n"); while ($result=mysql_fetch_array($res)) print("\n"); print("\n\n"); } //print("\n"); print("\n

".READED."	".SENDER."	".DATE."	".SUBJECT."
".NO_MESSAGES."

".unesc($result["readed"])."	".unesc($result["sendername"])."	".get_date_time($result["added"])."	".unesc($result["subject"])."

".DELETE_ALL_READED."		".image_or_link("$STYLEPATH/delete.png","",DELETE)."

"); block_end(); print("
"); } } elseif ($do=="pm" && $action=="read") { $id=intval($_GET["id"]); $what=$_GET["what"]; if ($what=="inbox") $res=mysql_query("select messages.*, users.username as sendername FROM messages INNER JOIN users on users.id=messages.sender WHERE receiver=$uid AND messages.id=$id"); elseif ($what=="outbox") $res=mysql_query("select messages.*, users.username as sendername FROM messages INNER JOIN users on users.id=messages.receiver WHERE sender=$uid AND messages.id=$id"); block_begin(PRIVATE_MSG); if (!$res) err_msg(ERROR,BAD_ID); else { print("\n"); $result=mysql_fetch_array($res); print("\n"); print("\n"); print("\n"); print("\n

".unesc($result["sendername"])." ".get_date_time($result["added"])." (".get_elapsed_time($result["added"])." ago)	".SUBJECT.": ".unesc($result["subject"])."
	".format_comment(unesc($result["msg"]))."

"); print("
"); if ($what=="inbox") { print("\n"); print("\n"); print("\n

"); mysql_query("UPDATE messages SET readed='yes' WHERE id=$id"); } } print("
"); block_end(); print("
"); } elseif ($do=="pm" && $action=="edit") { // if new pm will give id=0 and empty array if (isset($_GET['id']) && $_GET['id']) $id=intval(0+$_GET['id']); else $id=intval(0); if (!isset($_GET['what'])) $_GET['what'] = ''; if (!isset($_GET['to'])) $_GET['to'] = ''; $res=mysql_query("select messages.*, users.username as sendername FROM messages INNER JOIN users on users.id=messages.sender WHERE receiver=$uid AND messages.id=$id"); block_begin(PRIVATE_MSG); if (!$res) err_msg(ERROR,BAD_ID); else { print("\n"); } print("
"); block_end(); print("
"); } elseif ($do=="pm" && $action=="delete") { $id=intval($_GET["id"]); mysql_query("DELETE FROM messages WHERE receiver=$uid AND id=$id") or die(mysql_error()); redirect("usercp.php?uid=$uid&do=pm&action=list&what=inbox"); } elseif ($do=="pm" && $action=="deleteall") { // MODIFIED DELETE ALL VERSION BY gAnDo if (isset($_GET["type"])) $what=$_GET["type"]; else { redirect("usercp.php?uid=$uid&do=pm&action=list&what=".($what=="in"?"inbox":"outbox")); exit; } foreach($_POST["msg"] as $selected=>$msg) @mysql_query("DELETE FROM messages WHERE id=\"$msg\""); //mysql_query("DELETE FROM messages WHERE receiver=$uid AND readed='yes'") or die(mysql_error()); redirect("usercp.php?uid=$uid&do=pm&action=list&what=".($what=="in"?"inbox":"outbox")); } elseif ($do=="pm" && $action=="post") { if ($_POST["confirm"]==FRM_CONFIRM) { $res=mysql_query("SELECT id FROM users WHERE username=".sqlesc($_POST["receiver"])); if (!$res || mysql_num_rows($res)==0) err_msg(ERROR,ERR_USER_NOT_FOUND); else { $result=mysql_fetch_array($res); $subject=sqlesc($_POST["subject"]); $msg=sqlesc($_POST["msg"]); $rec=$result["id"]; $send=$CURUSER["uid"]; if ($subject=="''") $subject="'no subject'"; mysql_query("INSERT INTO messages (sender, receiver, added, subject, msg) VALUES ($send,$rec,UNIX_TIMESTAMP(),$subject,$msg)") or die(mysql_error()); redirect("usercp.php?uid=$uid&do=pm&action=list"); } } else redirect("usercp.php?uid=$uid&do=pm&action=list"); } elseif ($do=="pwd" && $action=="change") { block_begin(MNU_UCP_CHANGEPWD); print("\n"); print("
"); block_end(); print("
"); } elseif ($do=="pwd" && $action=="post") { if ($_POST["confirm"]==FRM_CONFIRM) { if ($_POST["old_pwd"]=="") err_msg(ERROR,INS_OLD_PWD); elseif ($_POST["new_pwd"]=="") err_msg(ERROR,INS_NEW_PWD); elseif ($_POST["new_pwd"]!=$_POST["new_pwd1"]) err_msg(ERROR,DIF_PASSWORDS); else { $respwd = mysql_query("SELECT * FROM users WHERE id=$uid AND password='".md5($_POST["old_pwd"])."' AND username=".sqlesc($CURUSER["username"]).""); if (!$respwd || mysql_num_rows($respwd)==0) err_msg(ERROR,ERR_RETR_DATA); else { mysql_query("UPDATE users SET password='".md5($_POST["new_pwd"])."' WHERE id=$uid AND password='".md5($_POST["old_pwd"])."' AND username=".sqlesc($CURUSER["username"])."") or die(mysql_error()); print("

".PWD_CHANGED."

"); print(NOW_LOGIN."

"); print("Go

"); } } } else redirect("usercp.php?uid=$uid"); } elseif ($do=="user" && $action=="change") { block_begin(ACCOUNT_EDIT); ?>

"); ?> \n\t"); print("\n\t\n"); $sres=style_list(); print("\n\t"); print("\n\t\n"); // flag hack $fres=flag_list(); print("\n\t"); print("\n\t\n"); if ($FORUMLINK=="" || $FORUMLINK=="internal") { // topics per page ?> "); ?>

:
:	"/>
:	"/>
".USER_LANGUE.":
".USER_STYLE.":
".PEER_COUNTRY.":
:	"/>
:	"/>
:	"/>

"); block_end(); print("
"); } elseif ($do=="user" && $action=="post") { if ($_POST["confirm"]==FRM_CONFIRM) { $idlangue=0+$_POST["language"]; $idstyle=0+$_POST["style"]; $email=AddSlashes($_POST["email"]); $avatar=AddSlashes($_POST["avatar"]); $idflag=0+$_POST["flag"]; if ($email=="") err_msg(ERROR,ERR_NO_EMAIL); else { $set=array(); if ($email!="") $set[]="email='$email'"; if ($idlangue>0) $set[]="language=$idlangue"; if ($idstyle>0) $set[]="style=$idstyle"; if ($idflag>0) $set[]="flag=$idflag"; $set[]="avatar='$avatar'"; $set[]="topicsperpage=".intval(0+$_POST["topicsperpage"]); $set[]="postsperpage=".intval(0+$_POST["postsperpage"]); $set[]="torrentsperpage=".intval(0+$_POST["torrentsperpage"]); $updateset=implode(",",$set); if ($updateset!="") { mysql_query("UPDATE users SET $updateset WHERE id=$uid") or die(mysql_error()); print("

".INF_CHANGED."

"); print("".BCK_USERCP."

"); } } } else redirect("usercp.php?uid=$uid"); } elseif ($do=="pid_c" && $action=="change") { block_begin(CHANGE_PID); $result=mysql_query("SELECT pid FROM users WHERE id=".$CURUSER['uid']); $row = mysql_fetch_Assoc($result); $pid=$row["pid"]; if (!$pid) {$pid=md5($CURUSER['uid']+$CURUSER['username']+$CURUSER['password']+$CURUSER['lastconnect']); $res=mysql_query("UPDATE users SET pid='".$pid."' WHERE id='".$CURUSER['uid']."'"); } print("\n"); print("
"); block_end(); print("
"); } elseif ($do=="pid_c" && $action=="post") { if ($_POST["confirm"]=="Reset PID"){ $pid=md5($CURUSER['uid']+$CURUSER['username']+$CURUSER['password']+$CURUSER['lastconnect']); $res=mysql_query("UPDATE users SET pid='".$pid."' WHERE id='".$CURUSER['uid']."'"); if ($res) redirect("usercp.php?uid=$uid"); else err_msg(ERROR,NOT_POSS_RESET_PID."
".HOME."
"); } else { redirect("usercp.php?uid=$uid"); } } else { block_begin(WELCOME_UCP); print("
".UCP_NOTE_1."
".UCP_NOTE_2."

\n"); print(""); block_end(); block_begin(CURRENT_DETAILS); // ------------------------ $id = $CURUSER["uid"]; $res=mysql_query("SELECT users.lip,users.username,users.downloaded,users.uploaded, users.joined, users.flag, countries.name, countries.flagpic FROM users LEFT JOIN countries ON users.flag=countries.id WHERE users.id=$id") or die(mysql_error()); $row = mysql_fetch_array($res); print("\n"); print("\n\n\n"); if ($CURUSER["avatar"] && $CURUSER["avatar"]!="") print(""); print(""); if ($CURUSER["edit_users"]=="yes" || $CURUSER["admin_access"]=="yes") { print("\n\n\n"); print("\n\n\n"); print("\n\n\n"); $colspan=" colspan=2"; } else { print("\n\n\n"); $colspan=""; } print("\n\n\n"); print("\n\n\n"); print("\n\n\n"); print("\n\n\n"); print("\n\n\n"); if (max(0,$row["downloaded"])>0) { $sr = $row["uploaded"]/$row["downloaded"]; if ($sr >= 4) $s = "images/smilies/thumbsup.gif"; else if ($sr >= 2) $s = "images/smilies/grin.gif"; else if ($sr >= 1) $s = "images/smilies/smile1.gif"; else if ($sr >= 0.5) $s = "images/smilies/noexpression.gif"; else if ($sr >= 0.25) $s = "images/smilies/sad.gif"; else $s = "images/smilies/thumbsdown.gif"; $ratio=number_format($sr,2)."

"; } else $ratio="oo"; print("\n\n\n"); // Only show if forum is internal if ( $GLOBALS["FORUMLINK"] == '' || $GLOBALS["FORUMLINK"] == 'internal' ) { $sql = mysql_query("SELECT * FROM posts INNER JOIN users ON posts.userid = users.id WHERE users.id = " . $CURUSER["id"]); $posts = mysql_num_rows($sql); $memberdays = max(1, round( ( time() - $row['joined'] ) / 86400 )); $posts_per_day = number_format(round($posts / $memberdays,2),2); print("\n\n\n"); } print("

".USER_NAME."	".unesc($CURUSER["username"])."
".EMAIL."	".unesc($CURUSER["email"])."
".LAST_IP."	".long2ip($row["lip"])."
".USER_LEVEL."	".unesc($CURUSER["level"])."
".USER_LEVEL."	".unesc($CURUSER["level"])."
".USER_JOINED."	".($CURUSER["joined"]==0 ? "N/A" : get_date_time($CURUSER["joined"]))."
".USER_LASTACCESS."	".($CURUSER["lastconnect"]==0 ? "N/A" : get_date_time($CURUSER["lastconnect"]))."
".PEER_COUNTRY."	".($row["flag"]==0 ? "":unesc($row['name']))."
".DOWNLOADED."	".makesize($row["downloaded"])."
".UPLOADED."	".makesize($row["uploaded"])."
".RATIO."	$ratio
".FORUM." ".POSTS.":	" . $posts . " [" . sprintf(POSTS_PER_DAY, $posts_per_day) . "]

"); block_end(); // ------------------------ block_begin(UPLOADED." ".MNU_TORRENT); $resuploaded = mysql_query("SELECT namemap.filename, UNIX_TIMESTAMP(namemap.data) as added, namemap.size, summary.seeds, summary.leechers, summary.finished FROM namemap INNER JOIN summary ON namemap.info_hash=summary.info_hash WHERE uploader=$uid ORDER BY data DESC"); $numtorrent=mysql_num_rows($resuploaded); if ($numtorrent>0) { list($pagertop, $pagerbottom, $limit) = pager(($utorrents==0?15:$utorrents), $numtorrent, $_SERVER["PHP_SELF"]."?id=$uid&"); print("$pagertop"); $resuploaded = mysql_query("SELECT namemap.filename, UNIX_TIMESTAMP(namemap.data) as added, namemap.size, summary.seeds, summary.leechers, summary.finished, summary.info_hash as hash FROM namemap INNER JOIN summary ON namemap.info_hash=summary.info_hash WHERE uploader=$uid ORDER BY data DESC $limit"); } ?> 0) { while ($rest=mysql_fetch_array($resuploaded)) { print("\n\n"); print("\n"); print("\n"); print("\n"); print("\n"); print("\n"); print(""); print("\n"); } print("\n


".unesc($rest["filename"])."	".date("d/m/Y",$rest["added"])."	".makesize($rest["size"])."	$rest[seeds]	$rest[leechers]	".($rest["finished"]>0?$rest["finished"]:"---")."	".image_or_link("$STYLEPATH/edit.png","",EDIT)."	".image_or_link("$STYLEPATH/delete.png","",DELETE)."

"); } else { print("\n".NO_TORR_UP_USER."\n\n"); } block_end(); // ------------------------ print("
"); } block_end(); } stdfoot(); exit(); ?>

".RECEIVER.":	".($_GET["what"]=="new" ? "".FIND_USER."" : "")."
".SUBJECT.":
"); print(textbbcode("edit","msg",($_GET["what"]=="quote" ? "[quote=".htmlspecialchars($result["sendername"])."]".unesc($result["msg"])."[/quote]" : ""))); print("\n

".OLD_PWD."
".USER_PWD."
".USER_PWD_AGAIN."

".PID.":	".$pid."