-
Notifications
You must be signed in to change notification settings - Fork 20
/
Copy pathbooted.php
70 lines (59 loc) · 3 KB
/
booted.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
<?php
if(!function_exists('booted_expiration'))
{
function booted_expiration($timestamp = 0)
{
return gmdate('Y-m-d H:i:s', $timestamp);
}
}
# first check for direct linking
if(!defined("IN_BTIT"))
die('non direct access!');
require_once("include/functions.php");
global $BASEURL, $CURUSER, $language, $btit_settings;
if(!isset($CURUSER) || !is_array($CURUSER))
{
session_name("BluRG");
session_start();
$CURUSER=$_SESSION["CURUSER"];
}
# check if allowed and die if not
if($CURUSER['can_boot'] == 'no')
stderr($language["ERROR"], $language["ERR_500"]);
# inits
(isset($_GET["id"]) && is_numeric($_GET["id"]))?$id = (int)0 + $_GET["id"]:$id = 0;
(isset($_POST["booted"]) && !empty($_POST["booted"]))?$booted = addslashes($_POST["booted"]):$booted = false;
(isset($_POST["whybooted"]) && !empty($_POST["whybooted"]))?$whybooted = addslashes($_POST["whybooted"]):$whybooted = false;
(isset($_POST["days"]) && is_numeric($_POST["days"]))?$addbooted = booted_expiration((time() + (((int)0 + $_POST["days"]) * 86400))):$addbooted = false;
(isset($_POST["returnto"]) && !empty($_POST["returnto"]))?$returnto = $_POST["returnto"]:$returnto = "index.php";
$whobooted = addslashes($CURUSER['username']);
# get the username of booted dude
$res = get_result("SELECT `username`".(($btit_settings["fmhack_user_notes"] == "enabled" && $btit_settings["un_booted"] == "enabled")?", `user_notes`":"")." FROM `{$TABLE_PREFIX}users` WHERE `id`=".$id.
" LIMIT 1", true, $btit_settings["cache_duration"]);
if(count($res) > 0)
{
$bootededuser = $res[0]['username'];
$subj = sqlesc($language['BOOT_GIVE']);
$msg = sqlesc('[b]'.$language['BOOT_GIVE_REA'].' '.$whybooted.' '.$language['BOOT_GIVE_WHO'].' '.$CURUSER['username'].'[/b]. '.$language['BOOT_GIVE_EXP'].': '.$addbooted.'.');
if($btit_settings["fmhack_user_notes"] == "enabled" && $btit_settings["un_booted"] == "enabled")
{
if(isset($res[0]["user_notes"]) && !empty($res[0]["user_notes"]))
$usernotes = unserialize(unesc($res[0]["user_notes"]));
else
$usernotes = array();
$usernotes[] = base64_encode($bootededuser." ".$language["UN_MAN_BOOTED_1"]." [b]".$addbooted."[/b] ".$language["UN_MAN_BOOTED_2"]." [b]".$whybooted."[/b]<+>".$CURUSER["uid"]."<+>".unesc($CURUSER["prefixcolor"].
$CURUSER["username"].$CURUSER["suffixcolor"])."<+>".time());
$new_notes = serialize($usernotes);
}
# process it in one line as to not stress the database server
quickQuery("UPDATE {$TABLE_PREFIX}users SET booted='yes', whybooted='".$whybooted."',whobooted='".$whobooted."',addbooted='".$addbooted."'".(($btit_settings["fmhack_user_notes"] == "enabled" && $btit_settings["un_booted"] ==
"enabled")?", `user_notes`='".sql_esc($new_notes)."'":"")." WHERE id=".$id, true);
# message him
send_pm(0, $id, $subj, $msg);
# log it
write_log('booted User: '.$bootededuser.'. Reason: '.$whybooted, 'booted');
}
# send back to original page
header('Location: '.$returnto);
die();
?>