Home Explore Help
Register Sign In
NSHkD
/
Gazelle
forked from Oppaitime/Gazelle
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Oppaitime's version of Gazelle
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
207 Commits
1 Branch
Tree: 451326c0c9
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '451326c0c9'
${ noResults }
Gazelle/sections/tools/index.php

index.php 15KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508 
  1. <?

  2. /*****************************************************************

  3.   Tools switch center

  4. 

  5.   This page acts as a switch for the tools pages.

  6. 

  7.  *****************************************************************/

  8. 

  9. if (isset($argv[1])) {

  10.   $_REQUEST['action'] = $argv[1];

  11. } else {

  12.   if (empty($_REQUEST['action']) || ($_REQUEST['action'] != 'public_sandbox' && $_REQUEST['action'] != 'ocelot')) {

  13.     // do not enforce in debug mode so we can set the encryption key w/o an account

  14.     if (!DEBUG_MODE) {

  15.       enforce_login();

  16.     }

  17.   }

  18. }

  19. 

  20. if (!isset($_REQUEST['action'])) {

  21.   include(SERVER_ROOT.'/sections/tools/tools.php');

  22.   die();

  23. }

  24. 

  25. if (substr($_REQUEST['action'], 0, 7) == 'sandbox' && !isset($argv[1])) {

  26.   if (!check_perms('site_debug')) {

  27.     error(403);

  28.   }

  29. }

  30. 

  31. if (substr($_REQUEST['action'], 0, 12) == 'update_geoip' && !isset($argv[1])) {

  32.   if (!check_perms('site_debug')) {

  33.     error(403);

  34.   }

  35. }

  36. 

  37. if (substr($_REQUEST['action'],0,16) == 'rerender_gallery' && !isset($argv[1])) {

  38.   if (!check_perms('site_debug')) {

  39.     error(403);

  40.   }

  41. }

  42. 

  43. include(SERVER_ROOT.'/classes/validate.class.php');

  44. $Val = new VALIDATE;

  45. 

  46. include(SERVER_ROOT.'/classes/feed.class.php');

  47. $Feed = new FEED;

  48. 

  49. switch ($_REQUEST['action']) {

  50.   case 'phpinfo':

  51.     if (!check_perms('site_debug')) {

  52.       error(403);

  53.     }

  54.     phpinfo();

  55.     break;

  56.   //Services

  57.   case 'get_host':

  58.     include(SERVER_ROOT.'/sections/tools/services/get_host.php');

  59.     break;

  60.   case 'get_cc':

  61.     include(SERVER_ROOT.'/sections/tools/services/get_cc.php');

  62.     break;

  63.   //Managers

  64.   case 'forum':

  65.     include(SERVER_ROOT.'/sections/tools/managers/forum_list.php');

  66.     break;

  67. 

  68.   case 'forum_alter':

  69.     include(SERVER_ROOT.'/sections/tools/managers/forum_alter.php');

  70.     break;

  71. 

  72.   case 'whitelist':

  73.     include(SERVER_ROOT.'/sections/tools/managers/whitelist_list.php');

  74.     break;

  75. 

  76.   case 'whitelist_alter':

  77.     include(SERVER_ROOT.'/sections/tools/managers/whitelist_alter.php');

  78.     break;

  79. 

  80.   case 'enable_requests':

  81.     include(SERVER_ROOT.'/sections/tools/managers/enable_requests.php');

  82.     break;

  83. 

  84.   case 'delete_email':

  85.     include(SERVER_ROOT.'/sections/tools/managers/email_delete_requests.php');

  86.     break;

  87. 

  88.   case 'ajax_take_enable_request':

  89.     if (FEATURE_EMAIL_REENABLE) {

  90.       include(SERVER_ROOT.'/sections/tools/managers/ajax_take_enable_request.php');

  91.     } else {

  92.       // Prevent post requests to the ajax page

  93.       header("Location: tools.php");

  94.       die();

  95.     }

  96.     break;

  97. 

  98.   case 'login_watch':

  99.     include(SERVER_ROOT.'/sections/tools/managers/login_watch.php');

  100.     break;

  101. 

  102.   case 'email_blacklist':

  103.     include(SERVER_ROOT.'/sections/tools/managers/email_blacklist.php');

  104.     break;

  105. 

  106.   case 'email_blacklist_alter':

  107.     include(SERVER_ROOT.'/sections/tools/managers/email_blacklist_alter.php');

  108.     break;

  109. 

  110.   case 'email_blacklist_search':

  111.     include(SERVER_ROOT.'/sections/tools/managers/email_blacklist_search.php');

  112.     break;

  113. 

  114.   case 'dnu':

  115.     include(SERVER_ROOT.'/sections/tools/managers/dnu_list.php');

  116.     break;

  117. 

  118.   case 'dnu_alter':

  119.     include(SERVER_ROOT.'/sections/tools/managers/dnu_alter.php');

  120.     break;

  121. 

  122.   case 'editnews':

  123.   case 'news':

  124.     include(SERVER_ROOT.'/sections/tools/managers/news.php');

  125.     break;

  126. 

  127.   case 'edit_tags':

  128.     include(SERVER_ROOT.'/sections/tools/misc/tags.php');

  129.     break;

  130. 

  131.   case 'takeeditnews':

  132.     if (!check_perms('admin_manage_news')) {

  133.       error(403);

  134.     }

  135.     if (is_number($_POST['newsid'])) {

  136.       $DB->query("

  137.         UPDATE news

  138.         SET Title = '".db_string($_POST['title'])."',

  139.           Body = '".db_string($_POST['body'])."'

  140.         WHERE ID = '".db_string($_POST['newsid'])."'");

  141.       $Cache->delete_value('news');

  142.       $Cache->delete_value('feed_news');

  143.     }

  144.     header('Location: index.php');

  145.     break;

  146. 

  147.   case 'deletenews':

  148.     if (!check_perms('admin_manage_news')) {

  149.       error(403);

  150.     }

  151.     if (is_number($_GET['id'])) {

  152.       authorize();

  153.       $DB->query("

  154.         DELETE FROM news

  155.         WHERE ID = '".db_string($_GET['id'])."'");

  156.       $Cache->delete_value('news');

  157.       $Cache->delete_value('feed_news');

  158. 

  159.       // Deleting latest news

  160.       $LatestNews = $Cache->get_value('news_latest_id');

  161.       if ($LatestNews !== false && $LatestNews == $_GET['id']) {

  162.         $Cache->delete_value('news_latest_id');

  163.         $Cache->delete_value('news_latest_title');

  164.       }

  165.     }

  166.     header('Location: index.php');

  167.     break;

  168. 

  169.   case 'takenewnews':

  170.     if (!check_perms('admin_manage_news')) {

  171.       error(403);

  172.     }

  173. 

  174.     $DB->query("

  175.       INSERT INTO news (UserID, Title, Body, Time)

  176.       VALUES ('$LoggedUser[ID]', '".db_string($_POST['title'])."', '".db_string($_POST['body'])."', '".sqltime()."')");

  177.     $Cache->delete_value('news_latest_id');

  178.     $Cache->delete_value('news_latest_title');

  179.     $Cache->delete_value('news');

  180. 

  181.     NotificationsManager::send_push(NotificationsManager::get_push_enabled_users(), $_POST['title'], $_POST['body'], site_url() . 'index.php', NotificationsManager::NEWS);

  182. 

  183.     header('Location: index.php');

  184.     break;

  185. 

  186.   case 'tokens':

  187.     include(SERVER_ROOT.'/sections/tools/managers/tokens.php');

  188.     break;

  189.   case 'multiple_freeleech':

  190.     include(SERVER_ROOT.'/sections/tools/managers/multiple_freeleech.php');

  191.     break;

  192.   case 'ocelot':

  193.     include(SERVER_ROOT.'/sections/tools/managers/ocelot.php');

  194.     break;

  195.   case 'ocelot_info':

  196.     include(SERVER_ROOT.'/sections/tools/data/ocelot_info.php');

  197.     break;

  198.   case 'official_tags':

  199.     include(SERVER_ROOT.'/sections/tools/managers/official_tags.php');

  200.     break;

  201.   case 'freeleech':

  202.     include(SERVER_ROOT.'/sections/tools/managers/sitewide_freeleech.php');

  203.     break;

  204. 

  205.   case 'tag_aliases':

  206.     include(SERVER_ROOT.'/sections/tools/managers/tag_aliases.php');

  207.     break;

  208.   case 'label_aliases':

  209.     include(SERVER_ROOT.'/sections/tools/managers/label_aliases.php');

  210.     break;

  211.   case 'change_log':

  212.     include(SERVER_ROOT.'/sections/tools/managers/change_log.php');

  213.     break;

  214.   case 'global_notification':

  215.     include(SERVER_ROOT.'/sections/tools/managers/global_notification.php');

  216.     break;

  217.   case 'take_global_notification':

  218.     include(SERVER_ROOT.'/sections/tools/managers/take_global_notification.php');

  219.     break;

  220.   case 'permissions':

  221.     if (!check_perms('admin_manage_permissions')) {

  222.       error(403);

  223.     }

  224. 

  225.     if (!empty($_REQUEST['id'])) {

  226.       $Val->SetFields('name', true, 'string', 'You did not enter a valid name for this permission set.');

  227.       $Val->SetFields('level', true, 'number', 'You did not enter a valid level for this permission set.');

  228.       $Val->SetFields('maxcollages', true, 'number', 'You did not enter a valid number of personal collages.');

  229.       //$Val->SetFields('test', true, 'number', 'You did not enter a valid level for this permission set.');

  230. 

  231.       if (is_numeric($_REQUEST['id'])) {

  232.         $DB->query("

  233.           SELECT p.ID, p.Name, p.Abbreviation, p.Level, p.Secondary, p.PermittedForums, p.Values, p.DisplayStaff, COUNT(u.ID)

  234.           FROM permissions AS p

  235.             LEFT JOIN users_main AS u ON u.PermissionID = p.ID

  236.           WHERE p.ID = '".db_string($_REQUEST['id'])."'

  237.           GROUP BY p.ID");

  238.         list($ID, $Name, $Abbreviation, $Level, $Secondary, $Forums, $Values, $DisplayStaff, $UserCount) = $DB->next_record(MYSQLI_NUM, array(6));

  239. 

  240.         if ($Level > $LoggedUser['EffectiveClass'] || (isset($_REQUEST['level']) && $_REQUEST['level'] > $LoggedUser['EffectiveClass'])) {

  241.           error(403);

  242.         }

  243. 

  244.         $Values = unserialize($Values);

  245.       }

  246. 

  247.       if (!empty($_POST['submit'])) {

  248.         $Err = $Val->ValidateForm($_POST);

  249. 

  250.         if (!is_numeric($_REQUEST['id'])) {

  251.           $DB->query("

  252.             SELECT ID

  253.             FROM permissions

  254.             WHERE Level = '".db_string($_REQUEST['level'])."'");

  255.           list($DupeCheck)=$DB->next_record();

  256. 

  257.           if ($DupeCheck) {

  258.             $Err = 'There is already a permission class with that level.';

  259.           }

  260.         }

  261. 

  262.         $Values = array();

  263.         foreach ($_REQUEST as $Key => $Perms) {

  264.           if (substr($Key, 0, 5) == 'perm_') {

  265.             $Values[substr($Key, 5)] = (int)$Perms;

  266.           }

  267.         }

  268. 

  269.         $Name = $_REQUEST['name'];

  270.         $Level = $_REQUEST['level'];

  271.         $Abbreviation = $_REQUEST['abbreviation'];

  272.         $Secondary = empty($_REQUEST['secondary']) ? 0 : 1;

  273.         $Forums = $_REQUEST['forums'];

  274.         $DisplayStaff = isset($_REQUEST['displaystaff']) ? $_REQUEST['displaystaff']: 0;

  275.         $Values['MaxCollages'] = $_REQUEST['maxcollages'];

  276. 

  277.         if (!$Err) {

  278.           if (!is_numeric($_REQUEST['id'])) {

  279.             $DB->query("

  280.               INSERT INTO permissions (Level, Name, Abbreviation, Secondary, PermittedForums, `Values`, DisplayStaff)

  281.               VALUES ('".db_string($Level)."',

  282.                   '".db_string($Name)."',

  283.                   '".db_string($Abbreviation)."',

  284.                   $Secondary,

  285.                   '".db_string($Forums)."',

  286.                   '".db_string(serialize($Values))."',

  287.                   '".db_string($DisplayStaff)."')");

  288.           } else {

  289.             $DB->query("

  290.               UPDATE permissions

  291.               SET Level = '".db_string($Level)."',

  292.                 Name = '".db_string($Name)."',

  293.                 Abbreviation = '".db_string($Abbreviation)."',

  294.                 Secondary = $Secondary,

  295.                 PermittedForums = '".db_string($Forums)."',

  296.                 `Values` = '".db_string(serialize($Values))."',

  297.                 DisplayStaff = '".db_string($DisplayStaff)."'

  298.               WHERE ID = '".db_string($_REQUEST['id'])."'");

  299.             $Cache->delete_value('perm_'.$_REQUEST['id']);

  300.             if ($Secondary) {

  301.               $DB->query("

  302.                 SELECT DISTINCT UserID

  303.                 FROM users_levels

  304.                 WHERE PermissionID = ".db_string($_REQUEST['id']));

  305.               while (list($UserID) = $DB->next_record()) {

  306.                 $Cache->delete_value("user_info_heavy_$UserID");

  307.               }

  308.             }

  309.           }

  310.           $Cache->delete_value('classes');

  311.         } else {

  312.           error($Err);

  313.         }

  314.       }

  315. 

  316.       include(SERVER_ROOT.'/sections/tools/managers/permissions_alter.php');

  317. 

  318.     } else {

  319.       if (!empty($_REQUEST['removeid'])) {

  320.         $DB->query("

  321.           DELETE FROM permissions

  322.           WHERE ID = '".db_string($_REQUEST['removeid'])."'");

  323.         $DB->query("

  324.           SELECT UserID

  325.           FROM users_levels

  326.           WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'");

  327.         while (list($UserID) = $DB->next_record()) {

  328.           $Cache->delete_value("user_info_$UserID");

  329.           $Cache->delete_value("user_info_heavy_$UserID");

  330.         }

  331.         $DB->query("

  332.           DELETE FROM users_levels

  333.           WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'");

  334.         $DB->query("

  335.           SELECT ID

  336.           FROM users_main

  337.           WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'");

  338.         while (list($UserID) = $DB->next_record()) {

  339.           $Cache->delete_value("user_info_$UserID");

  340.           $Cache->delete_value("user_info_heavy_$UserID");

  341.         }

  342.         $DB->query("

  343.           UPDATE users_main

  344.           SET PermissionID = '".USER."'

  345.           WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'");

  346. 

  347.         $Cache->delete_value('classes');

  348.       }

  349. 

  350.       include(SERVER_ROOT.'/sections/tools/managers/permissions_list.php');

  351.     }

  352. 

  353.     break;

  354. 

  355.   case 'ip_ban':

  356.     //TODO: Clean up DB table ip_bans.

  357.     include(SERVER_ROOT.'/sections/tools/managers/bans.php');

  358.     break;

  359.   case 'quick_ban':

  360.     include(SERVER_ROOT.'/sections/tools/misc/quick_ban.php');

  361.     break;

  362.   //Data

  363.   case 'registration_log':

  364.     include(SERVER_ROOT.'/sections/tools/data/registration_log.php');

  365.     break;

  366. 

  367.   case 'donation_log':

  368.     include(SERVER_ROOT.'/sections/tools/finances/donation_log.php');

  369.     break;

  370. 

  371.   case 'bitcoin_unproc':

  372.     include(SERVER_ROOT.'/sections/tools/finances/bitcoin_unproc.php');

  373.     break;

  374. 

  375.   case 'bitcoin_balance':

  376.     include(SERVER_ROOT.'/sections/tools/finances/bitcoin_balance.php');

  377.     break;

  378. 

  379.   case 'donor_rewards':

  380.     include(SERVER_ROOT.'/sections/tools/finances/donor_rewards.php');

  381.     break;

  382.   case 'upscale_pool':

  383.     include(SERVER_ROOT.'/sections/tools/data/upscale_pool.php');

  384.     break;

  385. 

  386.   case 'invite_pool':

  387.     include(SERVER_ROOT.'/sections/tools/data/invite_pool.php');

  388.     break;

  389. 

  390.   case 'torrent_stats':

  391.     include(SERVER_ROOT.'/sections/tools/data/torrent_stats.php');

  392.     break;

  393. 

  394.   case 'user_flow':

  395.     include(SERVER_ROOT.'/sections/tools/data/user_flow.php');

  396.     break;

  397. 

  398.   case 'economic_stats':

  399.     include(SERVER_ROOT.'/sections/tools/data/economic_stats.php');

  400.     break;

  401. 

  402.   case 'service_stats':

  403.     include(SERVER_ROOT.'/sections/tools/development/service_stats.php');

  404.     break;

  405. 

  406.   case 'database_specifics':

  407.     include(SERVER_ROOT.'/sections/tools/data/database_specifics.php');

  408.     break;

  409. 

  410.   case 'special_users':

  411.     include(SERVER_ROOT.'/sections/tools/data/special_users.php');

  412.     break;

  413. 

  414.   case 'browser_support':

  415.     include(SERVER_ROOT.'/sections/tools/data/browser_support.php');

  416.     break;

  417.   //END Data

  418. 

  419.   //Misc

  420.   case 'update_geoip':

  421.     include(SERVER_ROOT.'/sections/tools/development/update_geoip.php');

  422.     break;

  423. 

  424.   case 'dupe_ips':

  425.     include(SERVER_ROOT.'/sections/tools/misc/dupe_ip.php');

  426.     break;

  427. 

  428.   case 'clear_cache':

  429.     include(SERVER_ROOT.'/sections/tools/development/clear_cache.php');

  430.     break;

  431. 

  432.   case 'create_user':

  433.     include(SERVER_ROOT.'/sections/tools/misc/create_user.php');

  434.     break;

  435. 

  436.   case 'manipulate_tree':

  437.     include(SERVER_ROOT.'/sections/tools/misc/manipulate_tree.php');

  438.     break;

  439. 

  440.   case 'misc_values':

  441.     include(SERVER_ROOT.'/sections/tools/development/misc_values.php');

  442.     break;

  443. 

  444.   case 'recommendations':

  445.     include(SERVER_ROOT.'/sections/tools/misc/recommendations.php');

  446.     break;

  447. 

  448.   case 'analysis':

  449.     include(SERVER_ROOT.'/sections/tools/misc/analysis.php');

  450.     break;

  451. 

  452.   case 'database_key':

  453.     include(SERVER_ROOT.'/sections/tools/misc/database_key.php');

  454.     break;

  455. 

  456.   case 'process_info':

  457.     include(SERVER_ROOT.'/sections/tools/development/process_info.php');

  458.     break;

  459. 

  460.   case 'rerender_gallery':

  461.     include(SERVER_ROOT.'/sections/tools/development/rerender_gallery.php');

  462.     break;

  463. 

  464.   case 'sandbox1':

  465.     include(SERVER_ROOT.'/sections/tools/sandboxes/sandbox1.php');

  466.     break;

  467. 

  468.   case 'sandbox2':

  469.     include(SERVER_ROOT.'/sections/tools/sandboxes/sandbox2.php');

  470.     break;

  471. 

  472.   case 'sandbox3':

  473.     include(SERVER_ROOT.'/sections/tools/sandboxes/sandbox3.php');

  474.     break;

  475. 

  476.   case 'public_sandbox':

  477.     include(SERVER_ROOT.'/sections/tools/sandboxes/public_sandbox.php');

  478.     break;

  479. 

  480.   case 'mod_sandbox':

  481.     if (check_perms('users_mod')) {

  482.       include(SERVER_ROOT.'/sections/tools/sandboxes/mod_sandbox.php');

  483.     } else {

  484.       error(403);

  485.     }

  486.     break;

  487.   case 'bbcode_sandbox':

  488.     include(SERVER_ROOT.'/sections/tools/sandboxes/bbcode_sandbox.php');

  489.     break;

  490.   case 'calendar':

  491.     include(SERVER_ROOT.'/sections/tools/managers/calendar.php');

  492.     break;

  493.   case 'get_calendar_event':

  494.     include(SERVER_ROOT.'/sections/tools/managers/ajax_get_calendar_event.php');

  495.     break;

  496.   case 'take_calendar_event':

  497.     include(SERVER_ROOT.'/sections/tools/managers/ajax_take_calendar_event.php');

  498.     break;

  499.   case 'mass_pm':

  500.     include(SERVER_ROOT.'/sections/tools/managers/mass_pm.php');

  501.     break;

  502.   case 'take_mass_pm':

  503.     include(SERVER_ROOT.'/sections/tools/managers/take_mass_pm.php');

  504.     break;

  505.   default:

  506.     include(SERVER_ROOT.'/sections/tools/tools.php');

  507. }

  508. ?>