Home Explore Help
Register Sign In
ambiguousplanca
/
Gazelle
forked from Oppaitime/Gazelle
Watch 1
Star 0
Fork 0
Code Releases 0 Activity
Contributing back some bug fixes
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
421 Commits
1 Branch
Tree: 945e93b729
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '945e93b729'
${ noResults }
Gazelle/sections/tools/index.php

index.php 15KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506 
  1. <?

  2. /*****************************************************************

  3.   Tools switch center

  4. 

  5.   This page acts as a switch for the tools pages.

  6. 

  7.  *****************************************************************/

  8. 

  9. if (isset($argv[1])) {

  10.   $_REQUEST['action'] = $argv[1];

  11. } else {

  12.   if (empty($_REQUEST['action']) || ($_REQUEST['action'] != 'public_sandbox' && $_REQUEST['action'] != 'ocelot')) {

  13.     // if set, do not enforce login so we can set the encryption key w/o an account

  14.     if (!FEATURE_SET_ENC_KEY_PUBLIC) {

  15.       enforce_login();

  16.     }

  17.   }

  18. }

  19. 

  20. if (!isset($_REQUEST['action'])) {

  21.   include(SERVER_ROOT.'/sections/tools/tools.php');

  22.   die();

  23. }

  24. 

  25. if (substr($_REQUEST['action'], 0, 7) == 'sandbox' && !isset($argv[1])) {

  26.   if (!check_perms('site_debug')) {

  27.     error(403);

  28.   }

  29. }

  30. 

  31. if (substr($_REQUEST['action'], 0, 12) == 'update_geoip' && !isset($argv[1])) {

  32.   if (!check_perms('site_debug')) {

  33.     error(403);

  34.   }

  35. }

  36. 

  37. if (substr($_REQUEST['action'],0,16) == 'rerender_gallery' && !isset($argv[1])) {

  38.   if (!check_perms('site_debug')) {

  39.     error(403);

  40.   }

  41. }

  42. 

  43. include(SERVER_ROOT.'/classes/validate.class.php');

  44. $Val = new VALIDATE;

  45. 

  46. include(SERVER_ROOT.'/classes/feed.class.php');

  47. $Feed = new FEED;

  48. 

  49. switch ($_REQUEST['action']) {

  50.   case 'phpinfo':

  51.     if (!check_perms('site_debug')) {

  52.       error(403);

  53.     }

  54.     phpinfo();

  55.     break;

  56.   //Services

  57.   case 'get_host':

  58.     include(SERVER_ROOT.'/sections/tools/services/get_host.php');

  59.     break;

  60.   case 'get_cc':

  61.     include(SERVER_ROOT.'/sections/tools/services/get_cc.php');

  62.     break;

  63.   //Managers

  64.   case 'forum':

  65.     include(SERVER_ROOT.'/sections/tools/managers/forum_list.php');

  66.     break;

  67. 

  68.   case 'forum_alter':

  69.     include(SERVER_ROOT.'/sections/tools/managers/forum_alter.php');

  70.     break;

  71. 

  72.   case 'whitelist':

  73.     include(SERVER_ROOT.'/sections/tools/managers/whitelist_list.php');

  74.     break;

  75. 

  76.   case 'whitelist_alter':

  77.     include(SERVER_ROOT.'/sections/tools/managers/whitelist_alter.php');

  78.     break;

  79. 

  80.   case 'enable_requests':

  81.     include(SERVER_ROOT.'/sections/tools/managers/enable_requests.php');

  82.     break;

  83. 

  84.   case 'expunge_requests':

  85.     include(SERVER_ROOT.'/sections/tools/managers/expunge_requests.php');

  86.     break;

  87. 

  88.   case 'ajax_take_enable_request':

  89.     if (FEATURE_EMAIL_REENABLE) {

  90.       include(SERVER_ROOT.'/sections/tools/managers/ajax_take_enable_request.php');

  91.     } else {

  92.       // Prevent post requests to the ajax page

  93.       header("Location: tools.php");

  94.       die();

  95.     }

  96.     break;

  97. 

  98.   case 'login_watch':

  99.     include(SERVER_ROOT.'/sections/tools/managers/login_watch.php');

  100.     break;

  101. 

  102.   case 'email_blacklist':

  103.     include(SERVER_ROOT.'/sections/tools/managers/email_blacklist.php');

  104.     break;

  105. 

  106.   case 'email_blacklist_alter':

  107.     include(SERVER_ROOT.'/sections/tools/managers/email_blacklist_alter.php');

  108.     break;

  109. 

  110.   case 'email_blacklist_search':

  111.     include(SERVER_ROOT.'/sections/tools/managers/email_blacklist_search.php');

  112.     break;

  113. 

  114.   case 'dnu':

  115.     include(SERVER_ROOT.'/sections/tools/managers/dnu_list.php');

  116.     break;

  117. 

  118.   case 'dnu_alter':

  119.     include(SERVER_ROOT.'/sections/tools/managers/dnu_alter.php');

  120.     break;

  121. 

  122.   case 'editnews':

  123.   case 'news':

  124.     include(SERVER_ROOT.'/sections/tools/managers/news.php');

  125.     break;

  126. 

  127.   case 'edit_tags':

  128.     include(SERVER_ROOT.'/sections/tools/misc/tags.php');

  129.     break;

  130. 

  131.   case 'takeeditnews':

  132.     if (!check_perms('admin_manage_news')) {

  133.       error(403);

  134.     }

  135.     if (is_number($_POST['newsid'])) {

  136.       $DB->query("

  137.         UPDATE news

  138.         SET Title = '".db_string($_POST['title'])."',

  139.           Body = '".db_string($_POST['body'])."'

  140.         WHERE ID = '".db_string($_POST['newsid'])."'");

  141.       $Cache->delete_value('news');

  142.       $Cache->delete_value('feed_news');

  143.     }

  144.     header('Location: index.php');

  145.     break;

  146. 

  147.   case 'deletenews':

  148.     if (!check_perms('admin_manage_news')) {

  149.       error(403);

  150.     }

  151.     if (is_number($_GET['id'])) {

  152.       authorize();

  153.       $DB->query("

  154.         DELETE FROM news

  155.         WHERE ID = '".db_string($_GET['id'])."'");

  156.       $Cache->delete_value('news');

  157.       $Cache->delete_value('feed_news');

  158. 

  159.       // Deleting latest news

  160.       $LatestNews = $Cache->get_value('news_latest_id');

  161.       if ($LatestNews !== false && $LatestNews == $_GET['id']) {

  162.         $Cache->delete_value('news_latest_id');

  163.         $Cache->delete_value('news_latest_title');

  164.       }

  165.     }

  166.     header('Location: index.php');

  167.     break;

  168. 

  169.   case 'takenewnews':

  170.     if (!check_perms('admin_manage_news')) {

  171.       error(403);

  172.     }

  173. 

  174.     $DB->query("

  175.       INSERT INTO news (UserID, Title, Body, Time)

  176.       VALUES ('$LoggedUser[ID]', '".db_string($_POST['title'])."', '".db_string($_POST['body'])."', NOW())");

  177.     $Cache->delete_value('news_latest_id');

  178.     $Cache->delete_value('news_latest_title');

  179.     $Cache->delete_value('news');

  180. 

  181.     header('Location: index.php');

  182.     break;

  183. 

  184.   case 'tokens':

  185.     include(SERVER_ROOT.'/sections/tools/managers/tokens.php');

  186.     break;

  187.   case 'multiple_freeleech':

  188.     include(SERVER_ROOT.'/sections/tools/managers/multiple_freeleech.php');

  189.     break;

  190.   case 'ocelot':

  191.     include(SERVER_ROOT.'/sections/tools/managers/ocelot.php');

  192.     break;

  193.   case 'ocelot_info':

  194.     include(SERVER_ROOT.'/sections/tools/data/ocelot_info.php');

  195.     break;

  196.   case 'official_tags':

  197.     include(SERVER_ROOT.'/sections/tools/managers/official_tags.php');

  198.     break;

  199.   case 'freeleech':

  200.     include(SERVER_ROOT.'/sections/tools/managers/sitewide_freeleech.php');

  201.     break;

  202. 

  203.   case 'tag_aliases':

  204.     include(SERVER_ROOT.'/sections/tools/managers/tag_aliases.php');

  205.     break;

  206.   case 'label_aliases':

  207.     include(SERVER_ROOT.'/sections/tools/managers/label_aliases.php');

  208.     break;

  209.   case 'change_log':

  210.     include(SERVER_ROOT.'/sections/tools/managers/change_log.php');

  211.     break;

  212.   case 'global_notification':

  213.     include(SERVER_ROOT.'/sections/tools/managers/global_notification.php');

  214.     break;

  215.   case 'take_global_notification':

  216.     include(SERVER_ROOT.'/sections/tools/managers/take_global_notification.php');

  217.     break;

  218.   case 'permissions':

  219.     if (!check_perms('admin_manage_permissions')) {

  220.       error(403);

  221.     }

  222. 

  223.     if (!empty($_REQUEST['id'])) {

  224.       $Val->SetFields('name', true, 'string', 'You did not enter a valid name for this permission set.');

  225.       $Val->SetFields('level', true, 'number', 'You did not enter a valid level for this permission set.');

  226.       $Val->SetFields('maxcollages', true, 'number', 'You did not enter a valid number of personal collages.');

  227.       //$Val->SetFields('test', true, 'number', 'You did not enter a valid level for this permission set.');

  228. 

  229.       if (is_numeric($_REQUEST['id'])) {

  230.         $DB->query("

  231.           SELECT p.ID, p.Name, p.Abbreviation, p.Level, p.Secondary, p.PermittedForums, p.Values, p.DisplayStaff, COUNT(u.ID)

  232.           FROM permissions AS p

  233.             LEFT JOIN users_main AS u ON u.PermissionID = p.ID

  234.           WHERE p.ID = '".db_string($_REQUEST['id'])."'

  235.           GROUP BY p.ID");

  236.         list($ID, $Name, $Abbreviation, $Level, $Secondary, $Forums, $Values, $DisplayStaff, $UserCount) = $DB->next_record(MYSQLI_NUM, array(6));

  237. 

  238.         if ($Level > $LoggedUser['EffectiveClass'] || (isset($_REQUEST['level']) && $_REQUEST['level'] > $LoggedUser['EffectiveClass'])) {

  239.           error(403);

  240.         }

  241. 

  242.         $Values = unserialize($Values);

  243.       }

  244. 

  245.       if (!empty($_POST['submit'])) {

  246.         $Err = $Val->ValidateForm($_POST);

  247. 

  248.         if (!is_numeric($_REQUEST['id'])) {

  249.           $DB->query("

  250.             SELECT ID

  251.             FROM permissions

  252.             WHERE Level = '".db_string($_REQUEST['level'])."'");

  253.           list($DupeCheck)=$DB->next_record();

  254. 

  255.           if ($DupeCheck) {

  256.             $Err = 'There is already a permission class with that level.';

  257.           }

  258.         }

  259. 

  260.         $Values = [];

  261.         foreach ($_REQUEST as $Key => $Perms) {

  262.           if (substr($Key, 0, 5) == 'perm_') {

  263.             $Values[substr($Key, 5)] = (int)$Perms;

  264.           }

  265.         }

  266. 

  267.         $Name = $_REQUEST['name'];

  268.         $Level = $_REQUEST['level'];

  269.         $Abbreviation = $_REQUEST['abbreviation'];

  270.         $Secondary = empty($_REQUEST['secondary']) ? 0 : 1;

  271.         $Forums = $_REQUEST['forums'];

  272.         $DisplayStaff = isset($_REQUEST['displaystaff']) ? $_REQUEST['displaystaff']: 0;

  273.         $Values['MaxCollages'] = $_REQUEST['maxcollages'];

  274. 

  275.         if (!$Err) {

  276.           if (!is_numeric($_REQUEST['id'])) {

  277.             $DB->query("

  278.               INSERT INTO permissions (Level, Name, Abbreviation, Secondary, PermittedForums, `Values`, DisplayStaff)

  279.               VALUES ('".db_string($Level)."',

  280.                   '".db_string($Name)."',

  281.                   '".db_string($Abbreviation)."',

  282.                   $Secondary,

  283.                   '".db_string($Forums)."',

  284.                   '".db_string(serialize($Values))."',

  285.                   '".db_string($DisplayStaff)."')");

  286.           } else {

  287.             $DB->query("

  288.               UPDATE permissions

  289.               SET Level = '".db_string($Level)."',

  290.                 Name = '".db_string($Name)."',

  291.                 Abbreviation = '".db_string($Abbreviation)."',

  292.                 Secondary = $Secondary,

  293.                 PermittedForums = '".db_string($Forums)."',

  294.                 `Values` = '".db_string(serialize($Values))."',

  295.                 DisplayStaff = '".db_string($DisplayStaff)."'

  296.               WHERE ID = '".db_string($_REQUEST['id'])."'");

  297.             $Cache->delete_value('perm_'.$_REQUEST['id']);

  298.             if ($Secondary) {

  299.               $DB->query("

  300.                 SELECT DISTINCT UserID

  301.                 FROM users_levels

  302.                 WHERE PermissionID = ".db_string($_REQUEST['id']));

  303.               while (list($UserID) = $DB->next_record()) {

  304.                 $Cache->delete_value("user_info_heavy_$UserID");

  305.               }

  306.             }

  307.           }

  308.           $Cache->delete_value('classes');

  309.         } else {

  310.           error($Err);

  311.         }

  312.       }

  313. 

  314.       include(SERVER_ROOT.'/sections/tools/managers/permissions_alter.php');

  315. 

  316.     } else {

  317.       if (!empty($_REQUEST['removeid'])) {

  318.         $DB->query("

  319.           DELETE FROM permissions

  320.           WHERE ID = '".db_string($_REQUEST['removeid'])."'");

  321.         $DB->query("

  322.           SELECT UserID

  323.           FROM users_levels

  324.           WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'");

  325.         while (list($UserID) = $DB->next_record()) {

  326.           $Cache->delete_value("user_info_$UserID");

  327.           $Cache->delete_value("user_info_heavy_$UserID");

  328.         }

  329.         $DB->query("

  330.           DELETE FROM users_levels

  331.           WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'");

  332.         $DB->query("

  333.           SELECT ID

  334.           FROM users_main

  335.           WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'");

  336.         while (list($UserID) = $DB->next_record()) {

  337.           $Cache->delete_value("user_info_$UserID");

  338.           $Cache->delete_value("user_info_heavy_$UserID");

  339.         }

  340.         $DB->query("

  341.           UPDATE users_main

  342.           SET PermissionID = '".USER."'

  343.           WHERE PermissionID = '".db_string($_REQUEST['removeid'])."'");

  344. 

  345.         $Cache->delete_value('classes');

  346.       }

  347. 

  348.       include(SERVER_ROOT.'/sections/tools/managers/permissions_list.php');

  349.     }

  350. 

  351.     break;

  352. 

  353.   case 'ip_ban':

  354.     //TODO: Clean up DB table ip_bans.

  355.     include(SERVER_ROOT.'/sections/tools/managers/bans.php');

  356.     break;

  357.   case 'quick_ban':

  358.     include(SERVER_ROOT.'/sections/tools/misc/quick_ban.php');

  359.     break;

  360.   //Data

  361.   case 'registration_log':

  362.     include(SERVER_ROOT.'/sections/tools/data/registration_log.php');

  363.     break;

  364. 

  365.   case 'donation_log':

  366.     include(SERVER_ROOT.'/sections/tools/finances/donation_log.php');

  367.     break;

  368. 

  369.   case 'bitcoin_unproc':

  370.     include(SERVER_ROOT.'/sections/tools/finances/bitcoin_unproc.php');

  371.     break;

  372. 

  373.   case 'bitcoin_balance':

  374.     include(SERVER_ROOT.'/sections/tools/finances/bitcoin_balance.php');

  375.     break;

  376. 

  377.   case 'donor_rewards':

  378.     include(SERVER_ROOT.'/sections/tools/finances/donor_rewards.php');

  379.     break;

  380.   case 'upscale_pool':

  381.     include(SERVER_ROOT.'/sections/tools/data/upscale_pool.php');

  382.     break;

  383. 

  384.   case 'invite_pool':

  385.     include(SERVER_ROOT.'/sections/tools/data/invite_pool.php');

  386.     break;

  387. 

  388.   case 'torrent_stats':

  389.     include(SERVER_ROOT.'/sections/tools/data/torrent_stats.php');

  390.     break;

  391. 

  392.   case 'user_flow':

  393.     include(SERVER_ROOT.'/sections/tools/data/user_flow.php');

  394.     break;

  395. 

  396.   case 'economic_stats':

  397.     include(SERVER_ROOT.'/sections/tools/data/economic_stats.php');

  398.     break;

  399. 

  400.   case 'service_stats':

  401.     include(SERVER_ROOT.'/sections/tools/development/service_stats.php');

  402.     break;

  403. 

  404.   case 'database_specifics':

  405.     include(SERVER_ROOT.'/sections/tools/data/database_specifics.php');

  406.     break;

  407. 

  408.   case 'special_users':

  409.     include(SERVER_ROOT.'/sections/tools/data/special_users.php');

  410.     break;

  411. 

  412.   case 'browser_support':

  413.     include(SERVER_ROOT.'/sections/tools/data/browser_support.php');

  414.     break;

  415.   //END Data

  416. 

  417.   //Misc

  418.   case 'update_geoip':

  419.     include(SERVER_ROOT.'/sections/tools/development/update_geoip.php');

  420.     break;

  421. 

  422.   case 'dupe_ips':

  423.     include(SERVER_ROOT.'/sections/tools/misc/dupe_ip.php');

  424.     break;

  425. 

  426.   case 'clear_cache':

  427.     include(SERVER_ROOT.'/sections/tools/development/clear_cache.php');

  428.     break;

  429. 

  430.   case 'create_user':

  431.     include(SERVER_ROOT.'/sections/tools/misc/create_user.php');

  432.     break;

  433. 

  434.   case 'manipulate_tree':

  435.     include(SERVER_ROOT.'/sections/tools/misc/manipulate_tree.php');

  436.     break;

  437. 

  438.   case 'misc_values':

  439.     include(SERVER_ROOT.'/sections/tools/development/misc_values.php');

  440.     break;

  441. 

  442.   case 'recommendations':

  443.     include(SERVER_ROOT.'/sections/tools/misc/recommendations.php');

  444.     break;

  445. 

  446.   case 'analysis':

  447.     include(SERVER_ROOT.'/sections/tools/misc/analysis.php');

  448.     break;

  449. 

  450.   case 'database_key':

  451.     include(SERVER_ROOT.'/sections/tools/misc/database_key.php');

  452.     break;

  453. 

  454.   case 'process_info':

  455.     include(SERVER_ROOT.'/sections/tools/development/process_info.php');

  456.     break;

  457. 

  458.   case 'rerender_gallery':

  459.     include(SERVER_ROOT.'/sections/tools/development/rerender_gallery.php');

  460.     break;

  461. 

  462.   case 'sandbox1':

  463.     include(SERVER_ROOT.'/sections/tools/sandboxes/sandbox1.php');

  464.     break;

  465. 

  466.   case 'sandbox2':

  467.     include(SERVER_ROOT.'/sections/tools/sandboxes/sandbox2.php');

  468.     break;

  469. 

  470.   case 'sandbox3':

  471.     include(SERVER_ROOT.'/sections/tools/sandboxes/sandbox3.php');

  472.     break;

  473. 

  474.   case 'public_sandbox':

  475.     include(SERVER_ROOT.'/sections/tools/sandboxes/public_sandbox.php');

  476.     break;

  477. 

  478.   case 'mod_sandbox':

  479.     if (check_perms('users_mod')) {

  480.       include(SERVER_ROOT.'/sections/tools/sandboxes/mod_sandbox.php');

  481.     } else {

  482.       error(403);

  483.     }

  484.     break;

  485.   case 'bbcode_sandbox':

  486.     include(SERVER_ROOT.'/sections/tools/sandboxes/bbcode_sandbox.php');

  487.     break;

  488.   case 'calendar':

  489.     include(SERVER_ROOT.'/sections/tools/managers/calendar.php');

  490.     break;

  491.   case 'get_calendar_event':

  492.     include(SERVER_ROOT.'/sections/tools/managers/ajax_get_calendar_event.php');

  493.     break;

  494.   case 'take_calendar_event':

  495.     include(SERVER_ROOT.'/sections/tools/managers/ajax_take_calendar_event.php');

  496.     break;

  497.   case 'mass_pm':

  498.     include(SERVER_ROOT.'/sections/tools/managers/mass_pm.php');

  499.     break;

  500.   case 'take_mass_pm':

  501.     include(SERVER_ROOT.'/sections/tools/managers/take_mass_pm.php');

  502.     break;

  503.   default:

  504.     include(SERVER_ROOT.'/sections/tools/tools.php');

  505. }

  506. ?>