Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ Bug Reports
Author Message
chatserv
Member Emeritus


Joined: May 02, 2003
Posts: 1389
Location: Puerto Rico

PostPosted: Sat Feb 19, 2005 9:51 am Reply with quote

Are you using Nuke Patched? If so open db.php and make sure you don't have the following:
Code:
global $forum_admin;

if ($forum_admin == 1) {
    $the_include = "../../../db";
} elseif ($inside_mod == 1) {
    $the_include = "../../db";
} else {
    $the_include = "db";
}

It should be:
Code:
if (defined('FORUM_ADMIN')) {

    $the_include = "../../../db";
} elseif (defined('INSIDE_MOD')) {
    $the_include = "../../db";
} else {
    $the_include = "db";
}
 
View user's profile Send private message Visit poster's website
Robb
Client


Joined: Jan 27, 2003
Posts: 9
Location: Seattle,WA

PostPosted: Sat Feb 19, 2005 12:35 pm Reply with quote

Your the best! I changed the db.php file and this fixed the problem. This forum real is a blessing. Thanks to all for your hard work.


Thanks,
Robb
 
View user's profile Send private message Visit poster's website
2McAbre
New Member
New Member


Joined: Feb 16, 2005
Posts: 20

PostPosted: Sat Feb 19, 2005 3:01 pm Reply with quote

2McAbre wrote:
My drama was that I did the Nuke patched 2.9 for ver7.6, then installed NukeSentinel 2.1.3 (no problems with any of it). But I got blank white screens under admin for…

Forums (fixed it)

And Edit Admins. (didn't fix it, but will keep looking to see what I may have done wrong)


Well the only fix that I found that worked for the Edit Admins was to replace the authors file located in admin-modules with the original from the 7.6 install files.

Perhaps not the correct fix, but it works! Smile
 
View user's profile Send private message
BobMarion
Former Admin in Good Standing


Joined: Oct 30, 2002
Posts: 1037
Location: RedNeck Land (known as Kentucky)

PostPosted: Tue Feb 22, 2005 1:22 am Reply with quote

Robb,

Did you apply the 2.9 Patched for PHP-Nuke? If not then you will have those because the code Chat supplied above is for making NukeSentinel work with Patched 2.8/2.9 .

_________________
Bob Marion
Codito Ergo Sum
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Send e-mail Visit poster's website
Techgfx
New Member
New Member


Joined: Jan 22, 2004
Posts: 7
Location: Australia

PostPosted: Tue Feb 22, 2005 2:38 am Reply with quote

Hiyas all,

After applying nukepatched 2.9, those who still encounter problems is because an addon/mod you have installed is using outdated patching. A few examples:

ForumNews Advance - includes/functions.php

NSN Groups - includes/nsngr_func.php

NSN Sentinel - includes/sentinel.php

Just on another note, those upgrading from an outdated patch [or no patching] - modules/Forums/admin/common.php can be deleted.

_________________
TechGFX Online Community
Image
Expect to be impressed: PHP-Nuke Platinum. 
View user's profile Send private message Visit poster's website
molten2
New Member
New Member


Joined: Jun 27, 2004
Posts: 16

PostPosted: Tue Feb 22, 2005 4:01 pm Reply with quote

I applied all the above patch on the files described in this thread but when I go to edit admins I got a blank page (my site has phpnuke7.4 patched2.9).-

Look at phpnuke7.4/patched2.9/admin/modules/authors.php

Then if you find this
Code:


   if ($chng_radminsuper == 1) {
       $result = $db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminarticle='0', radmintopic='0', radminuser='0', radminsurvey='0', radminlink='0', radminfaq='0', radmindownload='0', radminreviews='0', radminnewsletter='0', radminforum='0', radmincontent='0', radminency='0', radminsuper='$chng_radminsuper', pwd='$chng_pwd', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'"");
       Header("Location: admin.php?op=mod_authors");
   } else {
       $result = $db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminarticle='$chng_radminarticle', radmintopic='$chng_radmintopic', radminuser='$chng_radminuser', radminsurvey='$chng_radminsurvey', radminlink='$chng_radminlink', radminfaq='$chng_radminfaq', radmindownload='$chng_radmindownload', radminreviews='$chng_radminreviews', radminnewsletter='$chng_radminnewsletter', radminforum='$chng_radminforum', radmincontent='$chng_radmincontent', radminency='$chng_radminency', radminsuper='0', pwd='$chng_pwd', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'"");
       Header("Location: admin.php?op=mod_authors");
   }
    } else {
   if ($chng_radminsuper == 1) {
       $result = $db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminarticle='0', radmintopic='0', radminuser='0', radminsurvey='0', radminlink='0', radminfaq='0', radmindownload='0', radminreviews='0', radminnewsletter='0', radminforum='0', radmincontent='0', radminency='0', radminsuper='$chng_radminsuper', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'"");
       Header("Location: admin.php?op=mod_authors");
   } else {
       $result = $db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminarticle='$chng_radminarticle', radmintopic='$chng_radmintopic', radminuser='$chng_radminuser', radminsurvey='$chng_radminsurvey', radminlink='$chng_radminlink', radminfaq='$chng_radminfaq', radmindownload='$chng_radmindownload', radminreviews='$chng_radminreviews', radminnewsletter='$chng_radminnewsletter', radminforum='$chng_radminforum', radmincontent='$chng_radmincontent', radminency='$chng_radminency', radminsuper='0', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'"");
       Header("Location: admin.php?op=mod_authors");
   }
    }


change to

Code:


   if ($chng_radminsuper == 1) {
       $result = $db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminarticle='0', radmintopic='0', radminuser='0', radminsurvey='0', radminlink='0', radminfaq='0', radmindownload='0', radminreviews='0', radminnewsletter='0', radminforum='0', radmincontent='0', radminency='0', radminsuper='$chng_radminsuper', pwd='$chng_pwd', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'");
       Header("Location: admin.php?op=mod_authors");
   } else {
       $result = $db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminarticle='$chng_radminarticle', radmintopic='$chng_radmintopic', radminuser='$chng_radminuser', radminsurvey='$chng_radminsurvey', radminlink='$chng_radminlink', radminfaq='$chng_radminfaq', radmindownload='$chng_radmindownload', radminreviews='$chng_radminreviews', radminnewsletter='$chng_radminnewsletter', radminforum='$chng_radminforum', radmincontent='$chng_radmincontent', radminency='$chng_radminency', radminsuper='0', pwd='$chng_pwd', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'");
       Header("Location: admin.php?op=mod_authors");
   }
    } else {
   if ($chng_radminsuper == 1) {
       $result = $db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminarticle='0', radmintopic='0', radminuser='0', radminsurvey='0', radminlink='0', radminfaq='0', radmindownload='0', radminreviews='0', radminnewsletter='0', radminforum='0', radmincontent='0', radminency='0', radminsuper='$chng_radminsuper', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'");
       Header("Location: admin.php?op=mod_authors");
   } else {
       $result = $db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminarticle='$chng_radminarticle', radmintopic='$chng_radmintopic', radminuser='$chng_radminuser', radminsurvey='$chng_radminsurvey', radminlink='$chng_radminlink', radminfaq='$chng_radminfaq', radmindownload='$chng_radmindownload', radminreviews='$chng_radminreviews', radminnewsletter='$chng_radminnewsletter', radminforum='$chng_radminforum', radmincontent='$chng_radmincontent', radminency='$chng_radminency', radminsuper='0', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'");
       Header("Location: admin.php?op=mod_authors");
   }
    }


and it will work...
Best regards.

_________________
Francesco Tombolini Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Send e-mail Visit poster's website
Techgfx
PostPosted: Fri Feb 25, 2005 2:31 am Reply with quote

Hiyas,

The code molten2 posted is now an official fix for those who have not applied it a simplified version is included below.

OPEN admin/modules/authors.php

FIND
Code:
$db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminsuper='$chng_radminsuper', pwd='$chng_pwd', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'"");


REPLACE, WITH
Code:
$db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminsuper='$chng_radminsuper', pwd='$chng_pwd', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'");


FIND [twice]
Code:
$db->sql_query("UPDATE ".$prefix."_authors SET radminsuper='$chng_radminsuper' WHERE name='$chng_name' AND aid='$adm_aid'"");


REPLACE, WITH [twice]
Code:
$db->sql_query("UPDATE ".$prefix."_authors SET radminsuper='$chng_radminsuper' WHERE name='$chng_name' AND aid='$adm_aid'");


FIND
Code:
$db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminsuper='$chng_radminsuper', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'"");


REPLACE, WITH
Code:
$db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminsuper='$chng_radminsuper', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'");


FIND
Code:
$db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminsuper='0', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'"");


REPLACE, WITH
Code:
$db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminsuper='0', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'");


Additionally, in includes/page_header.php

FIND
Code:
    OpenTable();

define('HEADER_INC', TRUE);


REPLACE, WITH
Code:
    OpenTable();


The above 2 fixes have been applied in nukepatched 2.9 re-release.
 
AndyB
Worker
Worker


Joined: Jun 03, 2004
Posts: 231
Location: Torrevieja, Spain

PostPosted: Fri Feb 25, 2005 6:33 am Reply with quote

does that mean I need to apply this patch to my 6.9 installation, or is it ok as is (with chat's fixes earlier on)

Cheers!
 
View user's profile Send private message
Techgfx
PostPosted: Fri Feb 25, 2005 4:33 pm Reply with quote

If you have applied patched 2.9 you still may have to apply the fixes. It depends when you applied 2.9. The best idea is to try finding some of the above code, if you can't find it then you dont need to apply it.
 
peace
Worker
Worker


Joined: Mar 11, 2004
Posts: 209

PostPosted: Wed Mar 02, 2005 10:08 pm Reply with quote

Hello

I dont know which point im missing coz i have still a blank edit admins page on 7.6-2.9 after techs patch

here is my admin/modules/authors.php

Code:
<?php


/************************************************************************/
/* PHP-NUKE: Web Portal System                                          */
/* ===========================                                          */
/*                                                                      */
/* Copyright (c) 2002 by Francisco Burzi                                */
/* http://phpnuke.org                                                   */
/*                                                                      */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License.       */
/*                                                                      */
/************************************************************************/
/*         Additional security & Abstraction layer conversion           */
/*                           2003 chatserv                              */
/*      http://www.nukefixes.com -- http://www.nukeresources.com        */
/************************************************************************/

if ( !defined('ADMIN_FILE') )
{
   die("Illegal File Access");
}
global $prefix, $db, $admin_file;
$aid = substr("$aid", 0,25);
$row = $db->sql_fetchrow($db->sql_query("SELECT name, radminsuper FROM " . $prefix . "_authors WHERE aid='$aid'"));
if (($row['radminsuper'] == 1) && ($row['name'] == 'God')) {

/*********************************************************/
/* Admin/Authors Functions                               */
/*********************************************************/

function displayadmins() {
    global $admin, $prefix, $db, $language, $multilingual, $admin_file;
    if (is_admin($admin)) {
    @include("header.php");
    GraphicAdmin();
    OpenTable();
    echo "<center><font class=\"title\"><b>" . _AUTHORSADMIN . "</b></font></center>";
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><font class=\"option\"><b>" . _EDITADMINS . "</b></font></center><br>"
   ."<table border=\"1\" align=\"center\">";
    $result = $db->sql_query("SELECT aid, name, admlanguage from " . $prefix . "_authors");
    while ($row = $db->sql_fetchrow($result)) {
   $a_aid = $row['aid'];
   $name = $row['name'];
   $admlanguage = $row['admlanguage'];
        $a_aid = substr("$a_aid", 0,25);
        $name = substr("$name", 0,25);
        echo "<tr><td align=\"center\">$a_aid</td>";
   if ($admlanguage == "") {
       $admlanguage = "" . _ALL . "";
   }
        echo "<td align=\"center\">$admlanguage</td>";
       echo "<td><a href=\"".$admin_file.".php?op=modifyadmin&amp;chng_aid=$a_aid\">" . _MODIFYINFO . "</a></td>";
   if($name=="God") {
       echo "<td>" . _MAINACCOUNT . "</td></tr>";
   } else {
       echo "<td><a href=\"".$admin_file.".php?op=deladmin&amp;del_aid=$a_aid\">" . _DELAUTHOR . "</a></td></tr>";
   }
    }
    echo "</table><br><center><font class=\"tiny\">" . _GODNOTDEL . "</font></center>";
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><font class=\"option\"><b>" . _ADDAUTHOR . "</b></font></center>"
      ."<form action=\"".$admin_file.".php\" method=\"post\">"
      ."<table border=\"0\">"
      ."<tr><td>" . _NAME . ":</td>"
      ."<td colspan=\"3\"><input type=\"text\" name=\"add_name\" size=\"30\" maxlength=\"50\"> <font class=\"tiny\">" . _REQUIREDNOCHANGE . "</font></td></tr>"
      ."<tr><td>" . _NICKNAME . ":</td>"
      ."<td colspan=\"3\"><input type=\"text\" name=\"add_aid\" size=\"30\" maxlength=\"30\"> <font class=\"tiny\">" . _REQUIRED . "</font></td></tr>"
      ."<tr><td>" . _EMAIL . ":</td>"
      ."<td colspan=\"3\"><input type=\"text\" name=\"add_email\" size=\"30\" maxlength=\"60\"> <font class=\"tiny\">" . _REQUIRED . "</font></td></tr>"
      ."<tr><td>" . _URL . ":</td>"
      ."<td colspan=\"3\"><input type=\"text\" name=\"add_url\" size=\"30\" maxlength=\"60\"></td></tr>";
    if ($multilingual == 1) {
   echo "<tr><td>" . _LANGUAGE . ":</td><td colspan=\"3\">"
       ."<select name=\"add_admlanguage\">";
   $handle=opendir('language');
   while ($file = readdir($handle)) {
       if (preg_match("/^lang\-(.+)\.php/", $file, $matches)) {
           $langFound = $matches[1];
           $languageslist .= "$langFound ";
       }
   }
   closedir($handle);
   $languageslist = explode(" ", $languageslist);
   sort($languageslist);
   for ($i=0; $i < sizeof($languageslist); $i++) {
       if($languageslist[$i]!="") {
      echo "<option value=\"$languageslist[$i]\" ";
      if($languageslist[$i]==$language) echo "selected";
      echo ">".ucfirst($languageslist[$i])."</option>\n";
       }
   }
   echo "<option value=\"\">" . _ALL . "</option></select></td></tr>";
    } else {
   echo "<input type=\"hidden\" name=\"add_admlanguage\" value=\"\">";
    }
    echo "<tr><td>" . _PERMISSIONS . ":</td>";
   $result = $db->sql_query("SELECT mid, title FROM ".$prefix."_modules ORDER BY title ASC");
   while ($row = $db->sql_fetchrow($result)) {
      $title = ereg_replace("_", " ", $row[title]);
      if (file_exists("modules/$row[title]/admin/index.php") AND file_exists("modules/$row[title]/admin/links.php") AND file_exists("modules/$row[title]/admin/case.php")) {
          echo "<td><input type=\"checkbox\" name=\"auth_modules[]\" value=\"$row[mid]\"> $title</td>";
          if ($a == 2) {
             echo "</tr><tr><td>&nbsp;</td>";
             $a = 0;
          } else {
             $a++;
          }
      }
   }
   echo "</tr><tr><td>&nbsp;</td>"
      ."<td><input type=\"checkbox\" name=\"add_radminsuper\" value=\"1\"> <b>" . _SUPERUSER . "</b></td>"
      ."</tr>"
      ."<tr><td>&nbsp;</td><td colspan=\"3\"><font class=\"tiny\"><i>" . _SUPERWARNING . "</i></font></td></tr>"
      ."<tr><td>" . _PASSWORD . "</td>"
      ."<td colspan=\"3\"><input type=\"password\" name=\"add_pwd\" size=\"12\" maxlength=\"12\"> <font class=\"tiny\">" . _REQUIRED . "</font></td></tr>"
      ."<input type=\"hidden\" name=\"op\" value=\"AddAuthor\">"
      ."<tr><td><input type=\"submit\" value=\"" . _ADDAUTHOR2 . "\"></td></tr>"
      ."</table></form>";
    CloseTable();
    @include("footer.php");
    } else {
   @include ('header.php');
   GraphicAdmin();
   OpenTable();
   echo "<center><font class=\"title\"><b>Authors Admin</b></font></center>";
   CloseTable();
   echo "<br>";
   OpenTable();
   echo "<center><b>Not Authorized</b><br><br>"
       ."Unauthorized editing of authors detected<br><br>"
       .""._GOBACK."";
   CloseTable();
   @include("footer.php");
    }
}

function modifyadmin($chng_aid) {
    global $admin, $prefix, $db, $multilingual, $admin_file;
    if (is_admin($admin)) {
    @include("header.php");
    GraphicAdmin();
    OpenTable();
    echo "<center><font class=\"title\"><b>" . _AUTHORSADMIN . "</b></font></center>";
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><font class=\"option\"><b>" . _MODIFYINFO . "</b></font></center><br><br>";
    $adm_aid = $chng_aid;
    $adm_aid = trim($adm_aid);
    $row = $db->sql_fetchrow($db->sql_query("SELECT aid, name, url, email, pwd, radminsuper, admlanguage from " . $prefix . "_authors where aid='$chng_aid'"));
    $chng_aid = $row['aid'];
    $chng_name = $row['name'];
    $chng_url = stripslashes($row['url']);
    $chng_email = stripslashes($row['email']);
    $chng_pwd = $row['pwd'];
    $chng_radminsuper = intval($row['radminsuper']);
    $chng_admlanguage = $row['admlanguage'];
    $chng_aid = substr("$chng_aid", 0,25);
    $aid = $chng_aid;
    echo "<form action=\"".$admin_file.".php\" method=\"post\">"
   ."<table border=\"0\">"
   ."<tr><td>" . _NAME . ":</td>"
   ."<td colspan=\"3\"><b>$chng_name</b> <input type=\"hidden\" name=\"chng_name\" value=\"$chng_name\"></td></tr>"
   ."<tr><td>" . _NICKNAME . ":</td>"
        ."<td colspan=\"3\"><input type=\"text\" name=\"chng_aid\" value=\"$chng_aid\"> <font class=\"tiny\">" . _REQUIRED . "</font></td></tr>"
   ."<tr><td>" . _EMAIL . ":</td>"
   ."<td colspan=\"3\"><input type=\"text\" name=\"chng_email\" value=\"$chng_email\" size=\"30\" maxlength=\"60\"> <font class=\"tiny\">" . _REQUIRED . "</font></td></tr>"
   ."<tr><td>" . _URL . ":</td>"
   ."<td colspan=\"3\"><input type=\"text\" name=\"chng_url\" value=\"$chng_url\" size=\"30\" maxlength=\"60\"></td></tr>";
    if ($multilingual == 1) {
   echo "<tr><td>" . _LANGUAGE . ":</td><td colspan=\"3\">"
       ."<select name=\"chng_admlanguage\">";
   $handle=opendir('language');
   while ($file = readdir($handle)) {
       if (preg_match("/^lang\-(.+)\.php/", $file, $matches)) {
      $langFound = $matches[1];
      $languageslist .= "$langFound ";
       }
   }
   closedir($handle);
   $languageslist = explode(" ", $languageslist);
   sort($languageslist);
   for ($i=0; $i < sizeof($languageslist); $i++) {
       if($languageslist[$i]!="") {
      echo "<option value=\"$languageslist[$i]\" ";
      if($languageslist[$i]==$chng_admlanguage) echo "selected";
      echo ">".ucfirst($languageslist[$i])."</option>\n";
       }
   }
   if ($chng_admlanguage == "") {
       $allsel = "selected";
   } else {
           $allsel = "";
   }
   echo "<option value=\"\" $allsel>" . _ALL . "</option></select></td></tr>";
    } else {
   echo "<input type=\"hidden\" name=\"chng_admlanguage\" value=\"\">";
    }
    echo "<tr><td>" . _PERMISSIONS . ":</td>";
    if ($row[name] != God) {
   $result = $db->sql_query("SELECT mid, title, admins FROM ".$prefix."_modules ORDER BY title ASC");
   while ($row = $db->sql_fetchrow($result)) {
      $title = ereg_replace("_", " ", $row[title]);
      if (file_exists("modules/$row[title]/admin/index.php") AND file_exists("modules/$row[title]/admin/links.php") AND file_exists("modules/$row[title]/admin/case.php")) {
         $admins = explode(",", $row[admins]);
         $sel = "";
         for ($i=0; $i < sizeof($admins); $i++) {
            if ($chng_name == "$admins[$i]") {
               $sel = "checked";   
            }
         }
          echo "<td><input type=\"checkbox\" name=\"auth_modules[]\" value=\"$row[mid]\" $sel> $title</td>";
          $sel = "";
          if ($a == 2) {
             echo "</tr><tr><td>&nbsp;</td>";
             $a = 0;
          } else {
             $a++;
          }
      }
   }
   if ($chng_radminsuper == 1) {
      $sel1 = "checked";   
   }
   echo "</tr><tr><td>&nbsp;</td>";
    } else {
        echo "<input type=\"hidden\" name=\"auth_modules[]\" value=\"\">";
        $sel1 = "checked";
    }
   echo "<td><input type=\"checkbox\" name=\"chng_radminsuper\" value=\"1\" $sel1> <b>" . _SUPERUSER . "</b></td>"
      ."</tr><tr><td>&nbsp;</td>"
      ."<td colspan=\"3\"><font class=\"tiny\"><i>" . _SUPERWARNING . "</i></font></td></tr>"
      ."<tr><td>" . _PASSWORD . ":</td>"
          ."<td colspan=\"3\"><input type=\"password\" name=\"chng_pwd\" size=\"12\" maxlength=\"12\"></td></tr>"
      ."<tr><td>" . _RETYPEPASSWD . ":</td>"
      ."<td colspan=\"3\"><input type=\"password\" name=\"chng_pwd2\" size=\"12\" maxlength=\"12\"> <font class=\"tiny\">" . _FORCHANGES . "</font></td></tr>"
      ."<input type=\"hidden\" name=\"adm_aid\" value=\"$adm_aid\">"
      ."<input type=\"hidden\" name=\"op\" value=\"UpdateAuthor\">"
      ."<tr><td><input type=\"submit\" value=\"" . _SAVE . "\"> " . _GOBACK . ""
      ."</td></tr></table></form>";
    CloseTable();
    @include("footer.php");
    } else {
   @include ('header.php');
   GraphicAdmin();
   OpenTable();
   echo "<center><font class=\"title\"><b>Authors Admin</b></font></center>";
   CloseTable();
   echo "<br>";
   OpenTable();
   echo "<center><b>Not Authorized</b><br><br>"
       ."Unauthorized editing of authors detected<br><br>"
       .""._GOBACK."";
   CloseTable();
   @include("footer.php");
    }
}

function updateadmin($chng_aid, $chng_name, $chng_email, $chng_url, $chng_radminsuper, $chng_pwd, $chng_pwd2, $chng_admlanguage, $adm_aid, $auth_modules) {
    global $admin, $prefix, $db, $admin_file;
    if (is_admin($admin)) {
    $chng_aid = trim($chng_aid);
    if (!($chng_aid && $chng_name && $chng_email)) {
      Header("Location: ".$admin_file.".php?op=mod_authors");
    }
    if ($chng_pwd2 != "") {
      if($chng_pwd != $chng_pwd2) {
          @include("header.php");
          GraphicAdmin();
          OpenTable();
          echo "" . _PASSWDNOMATCH . "<br><br>"
         ."<center>" . _GOBACK . "</center>";
          CloseTable();
          @include("footer.php");
          exit;
      }
      $chng_pwd = md5($chng_pwd);
      $chng_aid = substr("$chng_aid", 0,25);
      if ($chng_radminsuper == 1) {
          $result = $db->sql_query("SELECT mid, admins FROM ".$prefix."_modules");
          while ($row = $db->sql_fetchrow($result)) {
             $admins = explode(",", $row[admins]);
             $adm = "";
             for ($a=0; $a < sizeof($admins); $a++) {
                if ($admins[$a] != "$chng_name" AND $admins[$a] != "") {
                  $adm .= "$admins[$a],";
                }
             }
             $db->sql_query("UPDATE ".$prefix."_modules SET admins='$adm' WHERE mid='$row[mid]'");
          }
         $db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminsuper='$chng_radminsuper', pwd='$chng_pwd', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'");
          Header("Location: ".$admin_file.".php?op=mod_authors");
      } else {
         if ($chng_name != "God" AND $chng_radminsuper != 0) {
                $db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminsuper='0', pwd='$chng_pwd', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'"");
         }
          $result = $db->sql_query("SELECT mid, admins FROM ".$prefix."_modules");
          while ($row = $db->sql_fetchrow($result)) {
             $admins = explode(",", $row[admins]);
             $adm = "";
             for ($a=0; $a < sizeof($admins); $a++) {
                if ($admins[$a] != "$chng_name" AND $admins[$a] != "") {
                  $adm .= "$admins[$a],";
                }
             }
             $db->sql_query("UPDATE ".$prefix."_authors SET radminsuper='$chng_radminsuper' WHERE name='$chng_name' AND aid='$adm_aid'");
             $db->sql_query("UPDATE ".$prefix."_modules SET admins='$adm' WHERE mid='$row[mid]'");
          }
          for ($i=0; $i < sizeof($auth_modules); $i++) {
             $row = $db->sql_fetchrow($db->sql_query("SELECT admins FROM ".$prefix."_modules WHERE mid='$auth_modules[$i]'"));
             $admins = explode(",", $row[admins]);
             for ($a=0; $a < sizeof($admins); $a++) {
                if ($admins[$a] == "$chng_name") {
                  $dummy = 1;
                }
             }
             if ($dummy != 1) {
                $adm = "$row[admins]$chng_name";
                $db->sql_query("UPDATE ".$prefix."_modules SET admins='$adm,' WHERE mid='$auth_modules[$i]'");
             }
             $dummy = "";
          }
          Header("Location: ".$admin_file.".php?op=mod_authors");
      }
    } else {
      if ($chng_radminsuper == 1) {
          $result = $db->sql_query("SELECT mid, admins FROM ".$prefix."_modules");
          while ($row = $db->sql_fetchrow($result)) {
             $admins = explode(",", $row[admins]);
             $adm = "";
             for ($a=0; $a < sizeof($admins); $a++) {
                if ($admins[$a] != "$chng_name" AND $admins[$a] != "") {
                  $adm .= "$admins[$a],";
                }
             }
             $db->sql_query("UPDATE ".$prefix."_modules SET admins='$adm' WHERE mid='$row[mid]'");
          }
          $db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminsuper='$chng_radminsuper', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'");
          Header("Location: ".$admin_file.".php?op=mod_authors");
      } else {
         if ($chng_name != "God" AND $chng_radminsuper != 0) {
                $db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminsuper='0', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'");
         }
          $result = $db->sql_query("SELECT mid, admins FROM ".$prefix."_modules");
          while ($row = $db->sql_fetchrow($result)) {
             $admins = explode(",", $row[admins]);
             $adm = "";
             for ($a=0; $a < sizeof($admins); $a++) {
                if ($admins[$a] != "$chng_name" AND $admins[$a] != "") {
                  $adm .= "$admins[$a],";
                }
             }
             $db->sql_query("UPDATE ".$prefix."_authors SET radminsuper='$chng_radminsuper' WHERE name='$chng_name' AND aid='$adm_aid'");
             $db->sql_query("UPDATE ".$prefix."_modules SET admins='$adm' WHERE mid='$row[mid]'");
          }
          for ($i=0; $i < sizeof($auth_modules); $i++) {
             $row = $db->sql_fetchrow($db->sql_query("SELECT admins FROM ".$prefix."_modules WHERE mid='$auth_modules[$i]'"));
             $admins = explode(",", $row[admins]);
             for ($a=0; $a < sizeof($admins); $a++) {
                if ($admins[$a] == "$chng_name") {
                  $dummy = 1;
                }
             }
             if ($dummy != 1) {
                $adm = "$row[admins]$chng_name";
                $db->sql_query("UPDATE ".$prefix."_modules SET admins='$adm,' WHERE mid='$auth_modules[$i]'");
             }
             $dummy = "";
          }
          Header("Location: ".$admin_file.".php?op=mod_authors");
      }
    }
    if ($adm_aid != $chng_aid) {
       $result2 = $db->sql_query("SELECT sid, aid, informant from " . $prefix . "_stories where aid='$adm_aid'");
       while ($row2 = $db->sql_fetchrow($result2)) {
         $sid = intval($row2['sid']);
         $old_aid = $row2['aid'];
         $old_aid = substr("$old_aid", 0,25);
         $informant = $row2['informant'];
         $informant = substr("$informant", 0,25);
         if ($old_aid == $informant) {
            $db->sql_query("update " . $prefix . "_stories set informant='$chng_aid' where sid='$sid'");
         }
         $db->sql_query("update " . $prefix . "_stories set aid='$chng_aid' WHERE sid='$sid'");
      }
    }
    } else {
   @include ('header.php');
   GraphicAdmin();
   OpenTable();
   echo "<center><font class=\"title\"><b>Authors Admin</b></font></center>";
   CloseTable();
   echo "<br>";
   OpenTable();
   echo "<center><b>Not Authorized</b><br><br>"
       ."Unauthorized editing of authors detected<br><br>"
       .""._GOBACK."";
   CloseTable();
   @include("footer.php");
    }
}

function deladmin2($del_aid) {
    global $admin, $prefix, $db, $admin_file;
    if (is_admin($admin)) {
    $del_aid = substr("$del_aid", 0,25);
    $result = $db->sql_query("SELECT admins FROM ".$prefix."_modules WHERE title='News'");
   $row2 = $db->sql_fetchrow($db->sql_query("SELECT name FROM ".$prefix."_authors WHERE aid='$del_aid'"));
   while ($row = $db->sql_fetchrow($result)) {
      $admins = explode(",", $row[admins]);
      $auth_user = 0;
      for ($i=0; $i < sizeof($admins); $i++) {
         if ($row2[name] == "$admins[$i]") {
            $auth_user = 1;   
         }
      }
      if ($auth_user == 1) {
         $radminarticle = 1;
      }
   }
   if ($radminarticle == 1) {
      $row2 = $db->sql_fetchrow($db->sql_query("SELECT sid from " . $prefix . "_stories where aid='$del_aid'"));
      $sid = intval($row2['sid']);
      if ($sid != "") {
          @include("header.php");
          GraphicAdmin();
          OpenTable();
          echo "<center><font class=\"title\"><b>" . _AUTHORSADMIN . "</b></font></center>";
          CloseTable();
          echo "<br>";
          OpenTable();
          echo "<center><font class=\"option\"><b>" . _PUBLISHEDSTORIES . "</b></font><br><br>"
            ."" . _SELECTNEWADMIN . ":<br><br>";
          $result3 = $db->sql_query("SELECT aid from " . $prefix . "_authors where aid!='$del_aid'");
          echo "<form action=\"".$admin_file.".php\" method=\"post\"><select name=\"newaid\">";
          while ($row3 = $db->sql_fetchrow($result3)) {
             $oaid = $row3['aid'];
             $oaid = substr("$oaid", 0,25);
            echo "<option name=\"newaid\" value=\"$oaid\">$oaid</option>";
          }
          echo "</select><input type=\"hidden\" name=\"del_aid\" value=\"$del_aid\">"
            ."<input type=\"hidden\" name=\"op\" value=\"assignstories\">"
            ."<input type=\"submit\" value=\"" . _OK . "\">"
            ."</form>";
          CloseTable();
          @include("footer.php");
          return;
      }
    }
    Header("Location: ".$admin_file.".php?op=deladminconf&del_aid=$del_aid");
    } else {
   @include ('header.php');
   GraphicAdmin();
   OpenTable();
   echo "<center><font class=\"title\"><b>Authors Admin</b></font></center>";
   CloseTable();
   echo "<br>";
   OpenTable();
   echo "<center><b>Not Authorized</b><br><br>"
       ."Unauthorized editing of authors detected<br><br>"
       .""._GOBACK."";
   CloseTable();
   @include("footer.php");
    }
}

switch ($op) {

    case "mod_authors":
    displayadmins();
    break;

    case "modifyadmin":
    modifyadmin($chng_aid);
    break;

    case "UpdateAuthor":
    updateadmin($chng_aid, $chng_name, $chng_email, $chng_url, $chng_radminsuper, $chng_pwd, $chng_pwd2, $chng_admlanguage, $adm_aid, $auth_modules);
    break;

    case "AddAuthor":
       $add_aid = substr("$add_aid", 0,25);
       $add_name = substr("$add_name", 0,25);
       if (!($add_aid && $add_name && $add_email && $add_pwd)) {
           @include("header.php");
           GraphicAdmin();
         OpenTable();
         echo "<center><font class=\"title\"><b>" . _AUTHORSADMIN . "</b></font></center>";
         CloseTable();
         echo "<br>";
              OpenTable();
         echo "<center><font class=\"option\"><b>" . _CREATIONERROR . "</b></font><br><br>"
             ."" . _COMPLETEFIELDS . "<br><br>"
             ."" . _GOBACK . "</center>";
          CloseTable();
         @include("footer.php");
         return;
       }
       $add_pwd = md5($add_pwd);
       for ($i=0; $i < sizeof($auth_modules); $i++) {
          $row = $db->sql_fetchrow($db->sql_query("SELECT admins FROM ".$prefix."_modules WHERE mid='$auth_modules[$i]'"));
          $adm = "$row[admins]$add_name";
          $db->sql_query("UPDATE ".$prefix."_modules SET admins='$adm,' WHERE mid='$auth_modules[$i]'");
       }
       $result = $db->sql_query("insert into " . $prefix . "_authors values ('$add_aid', '$add_name', '$add_url', '$add_email', '$add_pwd', '0', '$add_radminsuper', '$add_admlanguage')");
       if (!$result) {
         return;
       }
       Header("Location: ".$admin_file.".php?op=mod_authors");
    break;

    case "deladmin":
       @include("header.php");
       $del_aid = trim($del_aid);
       GraphicAdmin();
       OpenTable();
       echo "<center><font class=\"title\"><b>" . _AUTHORSADMIN . "</b></font></center>";
       CloseTable();
       echo "<br>";
       OpenTable();
       echo "<center><font class=\"option\"><b>" . _AUTHORDEL . "</b></font><br><br>"
         ."" . _AUTHORDELSURE . " <i>$del_aid</i>?<br><br>";
       echo "[ <a href=\"".$admin_file.".php?op=deladmin2&amp;del_aid=$del_aid\">" . _YES . "</a> | <a href=\"".$admin_file.".php?op=mod_authors\">" . _NO . "</a> ]";
       CloseTable();
       @include("footer.php");
    break;

    case "deladmin2":
    deladmin2($del_aid);
    break;

    case "assignstories":
       $del_aid = trim($del_aid);
       $result = $db->sql_query("SELECT sid from " . $prefix . "_stories where aid='$del_aid'");
       while ($row = $db->sql_fetchrow($result)) {
          $sid = intval($row['sid']);
         $db->sql_query("update " . $prefix . "_stories set aid='$newaid', informant='$newaid' where aid='$del_aid'");
         $db->sql_query("update " . $prefix . "_authors set counter=counter+1 where aid='$newaid'");
       }
       Header("Location: ".$admin_file.".php?op=deladminconf&del_aid=$del_aid");
    break;

    case "deladminconf":
       $del_aid = trim($del_aid);
       $db->sql_query("delete from " . $prefix . "_authors where aid='$del_aid' AND name!='God'");
       $result = $db->sql_query("SELECT mid, admins FROM ".$prefix."_modules");
       while ($row = $db->sql_fetchrow($result)) {
            $admins = explode(",", $row[admins]);
            $adm = "";
            for ($a=0; $a < sizeof($admins); $a++) {
               if ($admins[$a] != "$del_aid" AND $admins[$a] != "") {
               $adm .= "$admins[$a],";
               }
            }
            $db->sql_query("UPDATE ".$prefix."_modules SET admins='$adm' WHERE mid='$row[mid]'");
       }
       Header("Location: ".$admin_file.".php?op=mod_authors");
    break;

}

} else {
    echo "Access Denied";
}

?>


and here is my includes/page_header.php


Code:
<?php

/***************************************************************************
 *                              page_header.php
 *                            -------------------
 *   begin                : Saturday, Feb 13, 2001
 *   copyright            : (C) 2001 The phpBB Group
 *   email                : Only registered users can see links on this board! Get registered or login!
 *
 *   $Id: page_header.php,v 1.106.2.23 2004/07/11 16:46:19 acydburn Exp $
 *
 *
 ***************************************************************************/

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/

if ( !defined('IN_PHPBB') )
{
   die("Hacking attempt");
}
define('HEADER_INC', TRUE);

global $name, $sitename, $is_inline_review, $prefix, $db;

$sql = "SELECT custom_title from ".$prefix."_modules where title='$name'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
if ($row[custom_title] == "") {
    $mod_name = ereg_replace("_", " ", $name);
} else {
    $mod_name = $row[custom_title];
}
if (!$is_inline_review & $mod_name != "Private Messages") {
    title("$sitename: $mod_name");
}
     OpenTable();

//
// gzip_compression
//
$do_gzip_compress = FALSE;
if ( $board_config['gzip_compress'] )
{
        $phpver = phpversion();

        $useragent = (isset($_SERVER["HTTP_USER_AGENT"]) ) ? $_SERVER["HTTP_USER_AGENT"] : $HTTP_USER_AGENT;

        if ( $phpver >= '4.0.4pl1' && ( strstr($useragent,'compatible') || strstr($useragent,'Gecko') ) )
        {
                if ( extension_loaded('zlib') )
                {
                        ob_start('ob_gzhandler');
                }
        }
        else if ( $phpver > '4.0' )
        {
                if ( strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip') )
                {
                        if ( extension_loaded('zlib') )
                        {
                                $do_gzip_compress = TRUE;
                                ob_start();
                                ob_implicit_flush(0);

                                header('Content-Encoding: gzip');
                        }
                }
        }
}

//
// Parse and show the overall header.
//
$template->set_filenames(array(
        'overall_header' => ( empty($gen_simple_header) ) ? 'overall_header.tpl' : 'simple_header.tpl')
);

//
// Generate logged in/logged out status
//
if ( $userdata['session_logged_in'] )
{
        $u_login_logout = 'modules.php?name=Your_Account&op=logout&redirect=Forums';
        $l_login_logout = $lang['Logout'] . ' [ ' . $userdata['username'] . ' ]';
}
else
{
        $u_login_logout = 'modules.php?name=Your_Account&redirect=index';
        $l_login_logout = $lang['Login'];
}

$s_last_visit = ( $userdata['session_logged_in'] ) ? create_date($board_config['default_dateformat'], $userdata['user_lastvisit'], $board_config['board_timezone']) : '';

//
// Get basic (usernames + totals) online
// situation
//
$logged_visible_online = 0;
$logged_hidden_online = 0;
$guests_online = 0;
$online_userlist = '';
$l_online_users = '';
if (defined('SHOW_ONLINE'))
{

        $user_forum_sql = ( !empty($forum_id) ) ? "AND s.session_page = " . intval($forum_id) : '';
        $sql = "SELECT u.username, u.user_id, u.user_allow_viewonline, u.user_level, s.session_logged_in, s.session_ip
                FROM ".USERS_TABLE." u, ".SESSIONS_TABLE." s
                WHERE u.user_id = s.session_user_id
                        AND s.session_time >= ".( time() - 300 ) . "
                        $user_forum_sql
                ORDER BY u.username ASC, s.session_ip ASC";
        if( !($result = $db->sql_query($sql)) )
        {
                message_die(GENERAL_ERROR, 'Could not obtain user/online information', '', __LINE__, __FILE__, $sql);
        }

        $userlist_ary = array();
        $userlist_visible = array();

        $prev_user_id = 0;
        $prev_user_ip = $prev_session_ip = '';

        while( $row = $db->sql_fetchrow($result) )
        {
                // User is logged in and therefor not a guest
                if ( $row['session_logged_in'] )
                {
                        // Skip multiple sessions for one user
                        if ( $row['user_id'] != $prev_user_id )
                        {
                                $style_color = '';
                                if ( $row['user_level'] == ADMIN )
                                {
                                        $row['username'] = '<b>' . $row['username'] . '</b>';
                                        $style_color = 'style="color:#' . $theme['fontcolor3'] . '"';
                                }
                                else if ( $row['user_level'] == MOD )
                                {
                                        $row['username'] = '<b>' . $row['username'] . '</b>';
                                        $style_color = 'style="color:#' . $theme['fontcolor2'] . '"';
                                }

                                if ( $row['user_allow_viewonline'] )
                                {
                                        $user_online_link = '<a href="' . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $row['user_id']) . '"' . $style_color .'>' . $row['username'] . '</a>';
                                        $logged_visible_online++;
                                }
                                else
                                {
                                        $user_online_link = '<a href="' . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $row['user_id']) . '"' . $style_color .'><i>' . $row['username'] . '</i></a>';
                                        $logged_hidden_online++;
                                }

                                if ( $row['user_allow_viewonline'] || $userdata['user_level'] == ADMIN )
                                {
                                        $online_userlist .= ( $online_userlist != '' ) ? ', ' . $user_online_link : $user_online_link;
                                }
                        }

                        $prev_user_id = $row['user_id'];
                }
                else
                {
                        // Skip multiple sessions for one user
                        if ( $row['session_ip'] != $prev_session_ip )
                        {
                                $guests_online++;
                        }
                }

                $prev_session_ip = $row['session_ip'];
        }
        $db->sql_freeresult($result);

        if ( empty($online_userlist) )
        {
                $online_userlist = $lang['None'];
        }
        $online_userlist = ( ( isset($forum_id) ) ? $lang['Browsing_forum'] : $lang['Registered_users'] ) . ' ' . $online_userlist;

        $total_online_users = $logged_visible_online + $logged_hidden_online + $guests_online;

        if ( $total_online_users > $board_config['record_online_users'])
        {
                $board_config['record_online_users'] = $total_online_users;
                $board_config['record_online_date'] = time();

                $sql = "UPDATE " . CONFIG_TABLE . "
                        SET config_value = '$total_online_users'
                        WHERE config_name = 'record_online_users'";
                if ( !$db->sql_query($sql) )
                {
                        message_die(GENERAL_ERROR, 'Could not update online user record (nr of users)', '', __LINE__, __FILE__, $sql);
                }

                $sql = "UPDATE " . CONFIG_TABLE . "
                        SET config_value = '" . $board_config['record_online_date'] . "'
                        WHERE config_name = 'record_online_date'";
                if ( !$db->sql_query($sql) )
                {
                        message_die(GENERAL_ERROR, 'Could not update online user record (date)', '', __LINE__, __FILE__, $sql);
                }
        }

        if ( $total_online_users == 0 )
        {
                $l_t_user_s = $lang['Online_users_zero_total'];
        }
        else if ( $total_online_users == 1 )
        {
                $l_t_user_s = $lang['Online_user_total'];
        }
        else
        {
                $l_t_user_s = $lang['Online_users_total'];
        }

        if ( $logged_visible_online == 0 )
        {
                $l_r_user_s = $lang['Reg_users_zero_total'];
        }
        else if ( $logged_visible_online == 1 )
        {
                $l_r_user_s = $lang['Reg_user_total'];
        }
        else
        {
                $l_r_user_s = $lang['Reg_users_total'];
        }

        if ( $logged_hidden_online == 0 )
        {
                $l_h_user_s = $lang['Hidden_users_zero_total'];
        }
        else if ( $logged_hidden_online == 1 )
        {
                $l_h_user_s = $lang['Hidden_user_total'];
        }
        else
        {
                $l_h_user_s = $lang['Hidden_users_total'];
        }

        if ( $guests_online == 0 )
        {
                $l_g_user_s = $lang['Guest_users_zero_total'];
        }
        else if ( $guests_online == 1 )
        {
                $l_g_user_s = $lang['Guest_user_total'];
        }
        else
        {
                $l_g_user_s = $lang['Guest_users_total'];
        }

        $l_online_users = sprintf($l_t_user_s, $total_online_users);
        $l_online_users .= sprintf($l_r_user_s, $logged_visible_online);
        $l_online_users .= sprintf($l_h_user_s, $logged_hidden_online);
        $l_online_users .= sprintf($l_g_user_s, $guests_online);
}

//
// Obtain number of new private messages
// if user is logged in
//
if ( ($userdata['session_logged_in']) && (empty($gen_simple_header)) )
{
        if ( $userdata['user_new_privmsg'] )
        {
                $l_message_new = ( $userdata['user_new_privmsg'] == 1 ) ? $lang['New_pm'] : $lang['New_pms'];
                $l_privmsgs_text = sprintf($l_message_new, $userdata['user_new_privmsg']);

                if ( $userdata['user_last_privmsg'] > $userdata['user_lastvisit'] )
                {
                        $sql = "UPDATE " . USERS_TABLE . "
                                SET user_last_privmsg = " . $userdata['user_lastvisit'] . "
                                WHERE user_id = " . $userdata['user_id'];
                        if ( !$db->sql_query($sql) )
                        {
                                message_die(GENERAL_ERROR, 'Could not update private message new/read time for user', '', __LINE__, __FILE__, $sql);
                        }

                        $s_privmsg_new = 1;
                        $icon_pm = $images['pm_new_msg'];
                }
                else
                {
                        $s_privmsg_new = 0;
                        $icon_pm = $images['pm_new_msg'];
                }
        }
        else
        {
                $l_privmsgs_text = $lang['No_new_pm'];

                $s_privmsg_new = 0;
                $icon_pm = $images['pm_no_new_msg'];
        }

        if ( $userdata['user_unread_privmsg'] )
        {
                $l_message_unread = ( $userdata['user_unread_privmsg'] == 1 ) ? $lang['Unread_pm'] : $lang['Unread_pms'];
                $l_privmsgs_text_unread = sprintf($l_message_unread, $userdata['user_unread_privmsg']);
        }
        else
        {
                $l_privmsgs_text_unread = $lang['No_unread_pm'];
        }
}
else
{
        $icon_pm = $images['pm_no_new_msg'];
        $l_privmsgs_text = $lang['Login_check_pm'];
        $l_privmsgs_text_unread = '';
        $s_privmsg_new = 0;
}

//
// Generate HTML required for Mozilla Navigation bar
//
if (!isset($nav_links))
{
        $nav_links = array();
}

$nav_links_html = '';
$nav_link_proto = '<link rel="%s" href="%s" title="%s" />' . "\n";
while( list($nav_item, $nav_array) = @each($nav_links) )
{
        if ( !empty($nav_array['url']) )
        {
                $nav_links_html .= sprintf($nav_link_proto, $nav_item, append_sid($nav_array['url']), $nav_array['title']);
        }
        else
        {
                // We have a nested array, used for items like <link rel='chapter'> that can occur more than once.
                while( list(,$nested_array) = each($nav_array) )
                {
                        $nav_links_html .= sprintf($nav_link_proto, $nav_item, $nested_array['url'], $nested_array['title']);
                }
        }
}

// Format Timezone. We are unable to use array_pop here, because of PHP3 compatibility
$l_timezone = explode('.', $board_config['board_timezone']);
$l_timezone = (count($l_timezone) > 1 && $l_timezone[count($l_timezone)-1] != 0) ? $lang[sprintf('%.1f', $board_config['board_timezone'])] : $lang[number_format($board_config['board_timezone'])];
//
// The following assigns all _common_ variables that may be used at any point
// in a template.
//
$template->assign_vars(array(
        'SITENAME' => $board_config['sitename'],
        'SITE_DESCRIPTION' => $board_config['site_desc'],
        'PAGE_TITLE' => $page_title,
        'LAST_VISIT_DATE' => sprintf($lang['You_last_visit'], $s_last_visit),
        'CURRENT_TIME' => sprintf($lang['Current_time'], create_date($board_config['default_dateformat'], time(), $board_config['board_timezone'])),
        'TOTAL_USERS_ONLINE' => $l_online_users,
        'LOGGED_IN_USER_LIST' => $online_userlist,
        'RECORD_USERS' => sprintf($lang['Record_online_users'], $board_config['record_online_users'], create_date($board_config['default_dateformat'], $board_config['record_online_date'], $board_config['board_timezone'])),
        'PRIVATE_MESSAGE_INFO' => $l_privmsgs_text,
        'PRIVATE_MESSAGE_INFO_UNREAD' => $l_privmsgs_text_unread,
        'PRIVATE_MESSAGE_NEW_FLAG' => $s_privmsg_new,

        'PRIVMSG_IMG' => $icon_pm,

        'L_USERNAME' => $lang['Username'],
        'L_PASSWORD' => $lang['Password'],
        'L_LOGIN_LOGOUT' => $l_login_logout,
        'L_LOGIN' => $lang['Login'],
        'L_LOG_ME_IN' => $lang['Log_me_in'],
        'L_AUTO_LOGIN' => $lang['Log_me_in'],
        'L_INDEX' => sprintf($lang['Forum_Index'], $board_config['sitename']),
        'L_REGISTER' => $lang['Register'],
        'L_PROFILE' => $lang['Profile'],
        'L_SEARCH' => $lang['Search'],
        'L_PRIVATEMSGS' => $lang['Private_Messages'],
        'L_WHO_IS_ONLINE' => $lang['Who_is_Online'],
        'L_MEMBERLIST' => $lang['Memberlist'],
        'L_FAQ' => $lang['FAQ'],
        'L_USERGROUPS' => $lang['Usergroups'],
        'L_SEARCH_NEW' => $lang['Search_new'],
        'L_SEARCH_UNANSWERED' => $lang['Search_unanswered'],
        'L_SEARCH_SELF' => $lang['Search_your_posts'],
        'L_WHOSONLINE_ADMIN' => sprintf($lang['Admin_online_color'], '<span style="color:#' . $theme['fontcolor3'] . '">', '</span>'),
        'L_WHOSONLINE_MOD' => sprintf($lang['Mod_online_color'], '<span style="color:#' . $theme['fontcolor2'] . '">', '</span>'),

        'U_SEARCH_UNANSWERED' => append_sid('search.'.$phpEx.'?search_id=unanswered'),
        'U_SEARCH_SELF' => append_sid('search.'.$phpEx.'?search_id=egosearch'),
        'U_SEARCH_NEW' => append_sid('search.'.$phpEx.'?search_id=newposts'),
        'U_INDEX' => append_sid('index.'.$phpEx),
        'U_REGISTER' => append_sid('profile.'.$phpEx.'?mode=register'),
        'U_PROFILE' => append_sid('profile.'.$phpEx.'?mode=editprofile'),
        'U_PRIVATEMSGS' => append_sid('privmsg.'.$phpEx.'?folder=inbox'),
        'U_PRIVATEMSGS_POPUP' => append_sid('privmsg.'.$phpEx.'?mode=newpm&popup=1'),
        'U_SEARCH' => append_sid('search.'.$phpEx),
        'U_MEMBERLIST' => append_sid('memberlist.'.$phpEx),
        'U_MODCP' => append_sid('modcp.'.$phpEx),
        'U_FAQ' => append_sid('faq.'.$phpEx),
        'U_VIEWONLINE' => append_sid('viewonline.'.$phpEx),
        'U_LOGIN_LOGOUT' => append_sid($u_login_logout),
        'U_MEMBERSLIST' => append_sid('memberlist.'.$phpEx),
        'U_GROUP_CP' => append_sid('groupcp.'.$phpEx),

        'S_CONTENT_DIRECTION' => $lang['DIRECTION'],
        'S_CONTENT_ENCODING' => $lang['ENCODING'],
        'S_CONTENT_DIR_LEFT' => $lang['LEFT'],
        'S_CONTENT_DIR_RIGHT' => $lang['RIGHT'],
        'S_TIMEZONE' => sprintf($lang['All_times'], $l_timezone),
        'S_LOGIN_ACTION' => append_sid('login.'.$phpEx),

        'T_HEAD_STYLESHEET' => $theme['head_stylesheet'],
        /*
        'T_BODY_BACKGROUND' => $theme['body_background'],
        'T_BODY_BGCOLOR' => '#'.$theme['body_bgcolor'],
        'T_BODY_TEXT' => '#'.$theme['body_text'],
        'T_BODY_LINK' => '#'.$theme['body_link'],
        'T_BODY_VLINK' => '#'.$theme['body_vlink'],
        'T_BODY_ALINK' => '#'.$theme['body_alink'],
        'T_BODY_HLINK' => '#'.$theme['body_hlink'],
        */
        'T_TR_COLOR1' => '#'.$theme['tr_color1'],
        'T_TR_COLOR2' => '#'.$theme['tr_color2'],
        'T_TR_COLOR3' => '#'.$theme['tr_color3'],
        'T_TR_CLASS1' => $theme['tr_class1'],
        'T_TR_CLASS2' => $theme['tr_class2'],
        'T_TR_CLASS3' => $theme['tr_class3'],
        'T_TH_COLOR1' => '#'.$theme['th_color1'],
        'T_TH_COLOR2' => '#'.$theme['th_color2'],
        'T_TH_COLOR3' => '#'.$theme['th_color3'],
        'T_TH_CLASS1' => $theme['th_class1'],
        'T_TH_CLASS2' => $theme['th_class2'],
        'T_TH_CLASS3' => $theme['th_class3'],
        'T_TD_COLOR1' => '#'.$theme['td_color1'],
        'T_TD_COLOR2' => '#'.$theme['td_color2'],
        'T_TD_COLOR3' => '#'.$theme['td_color3'],
        'T_TD_CLASS1' => $theme['td_class1'],
        'T_TD_CLASS2' => $theme['td_class2'],
        'T_TD_CLASS3' => $theme['td_class3'],
        'T_FONTFACE1' => $theme['fontface1'],
        'T_FONTFACE2' => $theme['fontface2'],
        'T_FONTFACE3' => $theme['fontface3'],
        'T_FONTSIZE1' => $theme['fontsize1'],
        'T_FONTSIZE2' => $theme['fontsize2'],
        'T_FONTSIZE3' => $theme['fontsize3'],
        'T_FONTCOLOR1' => '#'.$theme['fontcolor1'],
        'T_FONTCOLOR2' => '#'.$theme['fontcolor2'],
        'T_FONTCOLOR3' => '#'.$theme['fontcolor3'],
        'T_SPAN_CLASS1' => $theme['span_class1'],
        'T_SPAN_CLASS2' => $theme['span_class2'],
        'T_SPAN_CLASS3' => $theme['span_class3'],

        'NAV_LINKS' => $nav_links_html)
);

//
// Login box?
//
if ( !$userdata['session_logged_in'] )
{
        $template->assign_block_vars('switch_user_logged_out', array());
}
else
{
        $template->assign_block_vars('switch_user_logged_in', array());

        if ( !empty($userdata['user_popup_pm']) )
        {
                $template->assign_block_vars('switch_enable_pm_popup', array());
        }
}

// Add no-cache control for cookies if they are set
//$c_no_cache = (isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_sid']) || isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_data'])) ? 'no-cache="set-cookie", ' : '';

// Work around for "current" Apache 2 + PHP module which seems to not
// cope with private cache control setting
if (!empty($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache/2'))
{
        header ('Cache-Control: no-cache, pre-check=0, post-check=0');
}
else
{
        header ('Cache-Control: private, pre-check=0, post-check=0, max-age=0');
}
header ('Expires: 0');
header ('Pragma: no-cache');

$template->pparse('overall_header');

?>
 
View user's profile Send private message
chatserv
PostPosted: Wed Mar 02, 2005 10:28 pm Reply with quote

Here's the corrected authors.php file:
Code:
<?php 


/************************************************************************/
/* PHP-NUKE: Web Portal System                                          */
/* ===========================                                          */
/*                                                                      */
/* Copyright (c) 2002 by Francisco Burzi                                */
/* http://phpnuke.org                                                   */
/*                                                                      */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License.       */
/*                                                                      */
/************************************************************************/
/*         Additional security & Abstraction layer conversion           */
/*                           2003 chatserv                              */
/*      http://www.nukefixes.com -- http://www.nukeresources.com        */
/************************************************************************/

if ( !defined('ADMIN_FILE') )
{
   die("Illegal File Access");
}
global $prefix, $db, $admin_file;
$aid = substr("$aid", 0,25);
$row = $db->sql_fetchrow($db->sql_query("SELECT name, radminsuper FROM " . $prefix . "_authors WHERE aid='$aid'"));
if (($row['radminsuper'] == 1) && ($row['name'] == 'God')) {

/*********************************************************/
/* Admin/Authors Functions                               */
/*********************************************************/

function displayadmins() {
    global $admin, $prefix, $db, $language, $multilingual, $admin_file;
    if (is_admin($admin)) {
    @include("header.php");
    GraphicAdmin();
    OpenTable();
    echo "<center><font class=\"title\"><b>" . _AUTHORSADMIN . "</b></font></center>";
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><font class=\"option\"><b>" . _EDITADMINS . "</b></font></center><br>"
   ."<table border=\"1\" align=\"center\">";
    $result = $db->sql_query("SELECT aid, name, admlanguage from " . $prefix . "_authors");
    while ($row = $db->sql_fetchrow($result)) {
   $a_aid = $row['aid'];
   $name = $row['name'];
   $admlanguage = $row['admlanguage'];
        $a_aid = substr("$a_aid", 0,25);
        $name = substr("$name", 0,25);
        echo "<tr><td align=\"center\">$a_aid</td>";
   if ($admlanguage == "") {
       $admlanguage = "" . _ALL . "";
   }
        echo "<td align=\"center\">$admlanguage</td>";
       echo "<td><a href=\"".$admin_file.".php?op=modifyadmin&amp;chng_aid=$a_aid\">" . _MODIFYINFO . "</a></td>";
   if($name=="God") {
       echo "<td>" . _MAINACCOUNT . "</td></tr>";
   } else {
       echo "<td><a href=\"".$admin_file.".php?op=deladmin&amp;del_aid=$a_aid\">" . _DELAUTHOR . "</a></td></tr>";
   }
    }
    echo "</table><br><center><font class=\"tiny\">" . _GODNOTDEL . "</font></center>";
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><font class=\"option\"><b>" . _ADDAUTHOR . "</b></font></center>"
      ."<form action=\"".$admin_file.".php\" method=\"post\">"
      ."<table border=\"0\">"
      ."<tr><td>" . _NAME . ":</td>"
      ."<td colspan=\"3\"><input type=\"text\" name=\"add_name\" size=\"30\" maxlength=\"50\"> <font class=\"tiny\">" . _REQUIREDNOCHANGE . "</font></td></tr>"
      ."<tr><td>" . _NICKNAME . ":</td>"
      ."<td colspan=\"3\"><input type=\"text\" name=\"add_aid\" size=\"30\" maxlength=\"30\"> <font class=\"tiny\">" . _REQUIRED . "</font></td></tr>"
      ."<tr><td>" . _EMAIL . ":</td>"
      ."<td colspan=\"3\"><input type=\"text\" name=\"add_email\" size=\"30\" maxlength=\"60\"> <font class=\"tiny\">" . _REQUIRED . "</font></td></tr>"
      ."<tr><td>" . _URL . ":</td>"
      ."<td colspan=\"3\"><input type=\"text\" name=\"add_url\" size=\"30\" maxlength=\"60\"></td></tr>";
    if ($multilingual == 1) {
   echo "<tr><td>" . _LANGUAGE . ":</td><td colspan=\"3\">"
       ."<select name=\"add_admlanguage\">";
   $handle=opendir('language');
   while ($file = readdir($handle)) {
       if (preg_match("/^lang\-(.+)\.php/", $file, $matches)) {
           $langFound = $matches[1];
           $languageslist .= "$langFound ";
       }
   }
   closedir($handle);
   $languageslist = explode(" ", $languageslist);
   sort($languageslist);
   for ($i=0; $i < sizeof($languageslist); $i++) {
       if($languageslist[$i]!="") {
      echo "<option value=\"$languageslist[$i]\" ";
      if($languageslist[$i]==$language) echo "selected";
      echo ">".ucfirst($languageslist[$i])."</option>\n";
       }
   }
   echo "<option value=\"\">" . _ALL . "</option></select></td></tr>";
    } else {
   echo "<input type=\"hidden\" name=\"add_admlanguage\" value=\"\">";
    }
    echo "<tr><td>" . _PERMISSIONS . ":</td>";
   $result = $db->sql_query("SELECT mid, title FROM ".$prefix."_modules ORDER BY title ASC");
   while ($row = $db->sql_fetchrow($result)) {
      $title = ereg_replace("_", " ", $row[title]);
      if (file_exists("modules/$row[title]/admin/index.php") AND file_exists("modules/$row[title]/admin/links.php") AND file_exists("modules/$row[title]/admin/case.php")) {
          echo "<td><input type=\"checkbox\" name=\"auth_modules[]\" value=\"$row[mid]\"> $title</td>";
          if ($a == 2) {
             echo "</tr><tr><td>&nbsp;</td>";
             $a = 0;
          } else {
             $a++;
          }
      }
   }
   echo "</tr><tr><td>&nbsp;</td>"
      ."<td><input type=\"checkbox\" name=\"add_radminsuper\" value=\"1\"> <b>" . _SUPERUSER . "</b></td>"
      ."</tr>"
      ."<tr><td>&nbsp;</td><td colspan=\"3\"><font class=\"tiny\"><i>" . _SUPERWARNING . "</i></font></td></tr>"
      ."<tr><td>" . _PASSWORD . "</td>"
      ."<td colspan=\"3\"><input type=\"password\" name=\"add_pwd\" size=\"12\" maxlength=\"12\"> <font class=\"tiny\">" . _REQUIRED . "</font></td></tr>"
      ."<input type=\"hidden\" name=\"op\" value=\"AddAuthor\">"
      ."<tr><td><input type=\"submit\" value=\"" . _ADDAUTHOR2 . "\"></td></tr>"
      ."</table></form>";
    CloseTable();
    @include("footer.php");
    } else {
   @include ('header.php');
   GraphicAdmin();
   OpenTable();
   echo "<center><font class=\"title\"><b>Authors Admin</b></font></center>";
   CloseTable();
   echo "<br>";
   OpenTable();
   echo "<center><b>Not Authorized</b><br><br>"
       ."Unauthorized editing of authors detected<br><br>"
       .""._GOBACK."";
   CloseTable();
   @include("footer.php");
    }
}

function modifyadmin($chng_aid) {
    global $admin, $prefix, $db, $multilingual, $admin_file;
    if (is_admin($admin)) {
    @include("header.php");
    GraphicAdmin();
    OpenTable();
    echo "<center><font class=\"title\"><b>" . _AUTHORSADMIN . "</b></font></center>";
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><font class=\"option\"><b>" . _MODIFYINFO . "</b></font></center><br><br>";
    $adm_aid = $chng_aid;
    $adm_aid = trim($adm_aid);
    $row = $db->sql_fetchrow($db->sql_query("SELECT aid, name, url, email, pwd, radminsuper, admlanguage from " . $prefix . "_authors where aid='$chng_aid'"));
    $chng_aid = $row['aid'];
    $chng_name = $row['name'];
    $chng_url = stripslashes($row['url']);
    $chng_email = stripslashes($row['email']);
    $chng_pwd = $row['pwd'];
    $chng_radminsuper = intval($row['radminsuper']);
    $chng_admlanguage = $row['admlanguage'];
    $chng_aid = substr("$chng_aid", 0,25);
    $aid = $chng_aid;
    echo "<form action=\"".$admin_file.".php\" method=\"post\">"
   ."<table border=\"0\">"
   ."<tr><td>" . _NAME . ":</td>"
   ."<td colspan=\"3\"><b>$chng_name</b> <input type=\"hidden\" name=\"chng_name\" value=\"$chng_name\"></td></tr>"
   ."<tr><td>" . _NICKNAME . ":</td>"
        ."<td colspan=\"3\"><input type=\"text\" name=\"chng_aid\" value=\"$chng_aid\"> <font class=\"tiny\">" . _REQUIRED . "</font></td></tr>"
   ."<tr><td>" . _EMAIL . ":</td>"
   ."<td colspan=\"3\"><input type=\"text\" name=\"chng_email\" value=\"$chng_email\" size=\"30\" maxlength=\"60\"> <font class=\"tiny\">" . _REQUIRED . "</font></td></tr>"
   ."<tr><td>" . _URL . ":</td>"
   ."<td colspan=\"3\"><input type=\"text\" name=\"chng_url\" value=\"$chng_url\" size=\"30\" maxlength=\"60\"></td></tr>";
    if ($multilingual == 1) {
   echo "<tr><td>" . _LANGUAGE . ":</td><td colspan=\"3\">"
       ."<select name=\"chng_admlanguage\">";
   $handle=opendir('language');
   while ($file = readdir($handle)) {
       if (preg_match("/^lang\-(.+)\.php/", $file, $matches)) {
      $langFound = $matches[1];
      $languageslist .= "$langFound ";
       }
   }
   closedir($handle);
   $languageslist = explode(" ", $languageslist);
   sort($languageslist);
   for ($i=0; $i < sizeof($languageslist); $i++) {
       if($languageslist[$i]!="") {
      echo "<option value=\"$languageslist[$i]\" ";
      if($languageslist[$i]==$chng_admlanguage) echo "selected";
      echo ">".ucfirst($languageslist[$i])."</option>\n";
       }
   }
   if ($chng_admlanguage == "") {
       $allsel = "selected";
   } else {
           $allsel = "";
   }
   echo "<option value=\"\" $allsel>" . _ALL . "</option></select></td></tr>";
    } else {
   echo "<input type=\"hidden\" name=\"chng_admlanguage\" value=\"\">";
    }
    echo "<tr><td>" . _PERMISSIONS . ":</td>";
    if ($row[name] != God) {
   $result = $db->sql_query("SELECT mid, title, admins FROM ".$prefix."_modules ORDER BY title ASC");
   while ($row = $db->sql_fetchrow($result)) {
      $title = ereg_replace("_", " ", $row[title]);
      if (file_exists("modules/$row[title]/admin/index.php") AND file_exists("modules/$row[title]/admin/links.php") AND file_exists("modules/$row[title]/admin/case.php")) {
         $admins = explode(",", $row[admins]);
         $sel = "";
         for ($i=0; $i < sizeof($admins); $i++) {
            if ($chng_name == "$admins[$i]") {
               $sel = "checked";   
            }
         }
          echo "<td><input type=\"checkbox\" name=\"auth_modules[]\" value=\"$row[mid]\" $sel> $title</td>";
          $sel = "";
          if ($a == 2) {
             echo "</tr><tr><td>&nbsp;</td>";
             $a = 0;
          } else {
             $a++;
          }
      }
   }
   if ($chng_radminsuper == 1) {
      $sel1 = "checked";   
   }
   echo "</tr><tr><td>&nbsp;</td>";
    } else {
        echo "<input type=\"hidden\" name=\"auth_modules[]\" value=\"\">";
        $sel1 = "checked";
    }
   echo "<td><input type=\"checkbox\" name=\"chng_radminsuper\" value=\"1\" $sel1> <b>" . _SUPERUSER . "</b></td>"
      ."</tr><tr><td>&nbsp;</td>"
      ."<td colspan=\"3\"><font class=\"tiny\"><i>" . _SUPERWARNING . "</i></font></td></tr>"
      ."<tr><td>" . _PASSWORD . ":</td>"
          ."<td colspan=\"3\"><input type=\"password\" name=\"chng_pwd\" size=\"12\" maxlength=\"12\"></td></tr>"
      ."<tr><td>" . _RETYPEPASSWD . ":</td>"
      ."<td colspan=\"3\"><input type=\"password\" name=\"chng_pwd2\" size=\"12\" maxlength=\"12\"> <font class=\"tiny\">" . _FORCHANGES . "</font></td></tr>"
      ."<input type=\"hidden\" name=\"adm_aid\" value=\"$adm_aid\">"
      ."<input type=\"hidden\" name=\"op\" value=\"UpdateAuthor\">"
      ."<tr><td><input type=\"submit\" value=\"" . _SAVE . "\"> " . _GOBACK . ""
      ."</td></tr></table></form>";
    CloseTable();
    @include("footer.php");
    } else {
   @include ('header.php');
   GraphicAdmin();
   OpenTable();
   echo "<center><font class=\"title\"><b>Authors Admin</b></font></center>";
   CloseTable();
   echo "<br>";
   OpenTable();
   echo "<center><b>Not Authorized</b><br><br>"
       ."Unauthorized editing of authors detected<br><br>"
       .""._GOBACK."";
   CloseTable();
   @include("footer.php");
    }
}

function updateadmin($chng_aid, $chng_name, $chng_email, $chng_url, $chng_radminsuper, $chng_pwd, $chng_pwd2, $chng_admlanguage, $adm_aid, $auth_modules) {
    global $admin, $prefix, $db, $admin_file;
    if (is_admin($admin)) {
    $chng_aid = trim($chng_aid);
    if (!($chng_aid && $chng_name && $chng_email)) {
      Header("Location: ".$admin_file.".php?op=mod_authors");
    }
    if ($chng_pwd2 != "") {
      if($chng_pwd != $chng_pwd2) {
          @include("header.php");
          GraphicAdmin();
          OpenTable();
          echo "" . _PASSWDNOMATCH . "<br><br>"
         ."<center>" . _GOBACK . "</center>";
          CloseTable();
          @include("footer.php");
          exit;
      }
      $chng_pwd = md5($chng_pwd);
      $chng_aid = substr("$chng_aid", 0,25);
      if ($chng_radminsuper == 1) {
          $result = $db->sql_query("SELECT mid, admins FROM ".$prefix."_modules");
          while ($row = $db->sql_fetchrow($result)) {
             $admins = explode(",", $row[admins]);
             $adm = "";
             for ($a=0; $a < sizeof($admins); $a++) {
                if ($admins[$a] != "$chng_name" AND $admins[$a] != "") {
                  $adm .= "$admins[$a],";
                }
             }
             $db->sql_query("UPDATE ".$prefix."_modules SET admins='$adm' WHERE mid='$row[mid]'");
          }
         $db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminsuper='$chng_radminsuper', pwd='$chng_pwd', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'");
          Header("Location: ".$admin_file.".php?op=mod_authors");
      } else {
         if ($chng_name != "God" AND $chng_radminsuper != 0) {
                $db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminsuper='0', pwd='$chng_pwd', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'"");
         }
          $result = $db->sql_query("SELECT mid, admins FROM ".$prefix."_modules");
          while ($row = $db->sql_fetchrow($result)) {
             $admins = explode(",", $row[admins]);
             $adm = "";
             for ($a=0; $a < sizeof($admins); $a++) {
                if ($admins[$a] != "$chng_name" AND $admins[$a] != "") {
                  $adm .= "$admins[$a],";
                }
             }
             $db->sql_query("UPDATE ".$prefix."_authors SET radminsuper='$chng_radminsuper' WHERE name='$chng_name' AND aid='$adm_aid'");
             $db->sql_query("UPDATE ".$prefix."_modules SET admins='$adm' WHERE mid='$row[mid]'");
          }
          for ($i=0; $i < sizeof($auth_modules); $i++) {
             $row = $db->sql_fetchrow($db->sql_query("SELECT admins FROM ".$prefix."_modules WHERE mid='$auth_modules[$i]'"));
             $admins = explode(",", $row[admins]);
             for ($a=0; $a < sizeof($admins); $a++) {
                if ($admins[$a] == "$chng_name") {
                  $dummy = 1;
                }
             }
             if ($dummy != 1) {
                $adm = "$row[admins]$chng_name";
                $db->sql_query("UPDATE ".$prefix."_modules SET admins='$adm,' WHERE mid='$auth_modules[$i]'");
             }
             $dummy = "";
          }
          Header("Location: ".$admin_file.".php?op=mod_authors");
      }
    } else {
      if ($chng_radminsuper == 1) {
          $result = $db->sql_query("SELECT mid, admins FROM ".$prefix."_modules");
          while ($row = $db->sql_fetchrow($result)) {
             $admins = explode(",", $row[admins]);
             $adm = "";
             for ($a=0; $a < sizeof($admins); $a++) {
                if ($admins[$a] != "$chng_name" AND $admins[$a] != "") {
                  $adm .= "$admins[$a],";
                }
             }
             $db->sql_query("UPDATE ".$prefix."_modules SET admins='$adm' WHERE mid='$row[mid]'");
          }
          $db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminsuper='$chng_radminsuper', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'");
          Header("Location: ".$admin_file.".php?op=mod_authors");
      } else {
         if ($chng_name != "God" AND $chng_radminsuper != 0) {
                $db->sql_query("update " . $prefix . "_authors set aid='$chng_aid', email='$chng_email', url='$chng_url', radminsuper='0', admlanguage='$chng_admlanguage' where name='$chng_name' AND aid='$adm_aid'");
         }
          $result = $db->sql_query("SELECT mid, admins FROM ".$prefix."_modules");
          while ($row = $db->sql_fetchrow($result)) {
             $admins = explode(",", $row[admins]);
             $adm = "";
             for ($a=0; $a < sizeof($admins); $a++) {
                if ($admins[$a] != "$chng_name" AND $admins[$a] != "") {
                  $adm .= "$admins[$a],";
                }
             }
             $db->sql_query("UPDATE ".$prefix."_authors SET radminsuper='$chng_radminsuper' WHERE name='$chng_name' AND aid='$adm_aid'");
             $db->sql_query("UPDATE ".$prefix."_modules SET admins='$adm' WHERE mid='$row[mid]'");
          }
          for ($i=0; $i < sizeof($auth_modules); $i++) {
             $row = $db->sql_fetchrow($db->sql_query("SELECT admins FROM ".$prefix."_modules WHERE mid='$auth_modules[$i]'"));
             $admins = explode(",", $row[admins]);
             for ($a=0; $a < sizeof($admins); $a++) {
                if ($admins[$a] == "$chng_name") {
                  $dummy = 1;
                }
             }
             if ($dummy != 1) {
                $adm = "$row[admins]$chng_name";
                $db->sql_query("UPDATE ".$prefix."_modules SET admins='$adm,' WHERE mid='$auth_modules[$i]'");
             }
             $dummy = "";
          }
          Header("Location: ".$admin_file.".php?op=mod_authors");
      }
    }
    if ($adm_aid != $chng_aid) {
       $result2 = $db->sql_query("SELECT sid, aid, informant from " . $prefix . "_stories where aid='$adm_aid'");
       while ($row2 = $db->sql_fetchrow($result2)) {
         $sid = intval($row2['sid']);
         $old_aid = $row2['aid'];
         $old_aid = substr("$old_aid", 0,25);
         $informant = $row2['informant'];
         $informant = substr("$informant", 0,25);
         if ($old_aid == $informant) {
            $db->sql_query("update " . $prefix . "_stories set informant='$chng_aid' where sid='$sid'");
         }
         $db->sql_query("update " . $prefix . "_stories set aid='$chng_aid' WHERE sid='$sid'");
      }
    }
    } else {
   @include ('header.php');
   GraphicAdmin();
   OpenTable();
   echo "<center><font class=\"title\"><b>Authors Admin</b></font></center>";
   CloseTable();
   echo "<br>";
   OpenTable();
   echo "<center><b>Not Authorized</b><br><br>"
       ."Unauthorized editing of authors detected<br><br>"
       .""._GOBACK."";
   CloseTable();
   @include("footer.php");
    }
}

function deladmin2($del_aid) {
    global $admin, $prefix, $db, $admin_file;
    if (is_admin($admin)) {
    $del_aid = substr("$del_aid", 0,25);
    $result = $db->sql_query("SELECT admins FROM ".$prefix."_modules WHERE title='News'");
   $row2 = $db->sql_fetchrow($db->sql_query("SELECT name FROM ".$prefix."_authors WHERE aid='$del_aid'"));
   while ($row = $db->sql_fetchrow($result)) {
      $admins = explode(",", $row[admins]);
      $auth_user = 0;
      for ($i=0; $i < sizeof($admins); $i++) {
         if ($row2[name] == "$admins[$i]") {
            $auth_user = 1;   
         }
      }
      if ($auth_user == 1) {
         $radminarticle = 1;
      }
   }
   if ($radminarticle == 1) {
      $row2 = $db->sql_fetchrow($db->sql_query("SELECT sid from " . $prefix . "_stories where aid='$del_aid'"));
      $sid = intval($row2['sid']);
      if ($sid != "") {
          @include("header.php");
          GraphicAdmin();
          OpenTable();
          echo "<center><font class=\"title\"><b>" . _AUTHORSADMIN . "</b></font></center>";
          CloseTable();
          echo "<br>";
          OpenTable();
          echo "<center><font class=\"option\"><b>" . _PUBLISHEDSTORIES . "</b></font><br><br>"
            ."" . _SELECTNEWADMIN . ":<br><br>";
          $result3 = $db->sql_query("SELECT aid from " . $prefix . "_authors where aid!='$del_aid'");
          echo "<form action=\"".$admin_file.".php\" method=\"post\"><select name=\"newaid\">";
          while ($row3 = $db->sql_fetchrow($result3)) {
             $oaid = $row3['aid'];
             $oaid = substr("$oaid", 0,25);
            echo "<option name=\"newaid\" value=\"$oaid\">$oaid</option>";
          }
          echo "</select><input type=\"hidden\" name=\"del_aid\" value=\"$del_aid\">"
            ."<input type=\"hidden\" name=\"op\" value=\"assignstories\">"
            ."<input type=\"submit\" value=\"" . _OK . "\">"
            ."</form>";
          CloseTable();
          @include("footer.php");
          return;
      }
    }
    Header("Location: ".$admin_file.".php?op=deladminconf&del_aid=$del_aid");
    } else {
   @include ('header.php');
   GraphicAdmin();
   OpenTable();
   echo "<center><font class=\"title\"><b>Authors Admin</b></font></center>";
   CloseTable();
   echo "<br>";
   OpenTable();
   echo "<center><b>Not Authorized</b><br><br>"
       ."Unauthorized editing of authors detected<br><br>"
       .""._GOBACK."";
   CloseTable();
   @include("footer.php");
    }
}

switch ($op) {

    case "mod_authors":
    displayadmins();
    break;

    case "modifyadmin":
    modifyadmin($chng_aid);
    break;

    case "UpdateAuthor":
    updateadmin($chng_aid, $chng_name, $chng_email, $chng_url, $chng_radminsuper, $chng_pwd, $chng_pwd2, $chng_admlanguage, $adm_aid, $auth_modules);
    break;

    case "AddAuthor":
       $add_aid = substr("$add_aid", 0,25);
       $add_name = substr("$add_name", 0,25);
       if (!($add_aid && $add_name && $add_email && $add_pwd)) {
           @include("header.php");
           GraphicAdmin();
         OpenTable();
         echo "<center><font class=\"title\"><b>" . _AUTHORSADMIN . "</b></font></center>";
         CloseTable();
         echo "<br>";
              OpenTable();
         echo "<center><font class=\"option\"><b>" . _CREATIONERROR . "</b></font><br><br>"
             ."" . _COMPLETEFIELDS . "<br><br>"
             ."" . _GOBACK . "</center>";
          CloseTable();
         @include("footer.php");
         return;
       }
       $add_pwd = md5($add_pwd);
       for ($i=0; $i < sizeof($auth_modules); $i++) {
          $row = $db->sql_fetchrow($db->sql_query("SELECT admins FROM ".$prefix."_modules WHERE mid='$auth_modules[$i]'"));
          $adm = "$row[admins]$add_name";
          $db->sql_query("UPDATE ".$prefix."_modules SET admins='$adm,' WHERE mid='$auth_modules[$i]'");
       }
       $result = $db->sql_query("insert into " . $prefix . "_authors values ('$add_aid', '$add_name', '$add_url', '$add_email', '$add_pwd', '0', '$add_radminsuper', '$add_admlanguage')");
       if (!$result) {
         return;
       }
       Header("Location: ".$admin_file.".php?op=mod_authors");
    break;

    case "deladmin":
       @include("header.php");
       $del_aid = trim($del_aid);
       GraphicAdmin();
       OpenTable();
       echo "<center><font class=\"title\"><b>" . _AUTHORSADMIN . "</b></font></center>";
       CloseTable();
       echo "<br>";
       OpenTable();
       echo "<center><font class=\"option\"><b>" . _AUTHORDEL . "</b></font><br><br>"
         ."" . _AUTHORDELSURE . " <i>$del_aid</i>?<br><br>";
       echo "[ <a href=\"".$admin_file.".php?op=deladmin2&amp;del_aid=$del_aid\">" . _YES . "</a> | <a href=\"".$admin_file.".php?op=mod_authors\">" . _NO . "</a> ]";
       CloseTable();
       @include("footer.php");
    break;

    case "deladmin2":
    deladmin2($del_aid);
    break;

    case "assignstories":
       $del_aid = trim($del_aid);
       $result = $db->sql_query("SELECT sid from " . $prefix . "_stories where aid='$del_aid'");
       while ($row = $db->sql_fetchrow($result)) {
          $sid = intval($row['sid']);
         $db->sql_query("update " . $prefix . "_stories set aid='$newaid', informant='$newaid' where aid='$del_aid'");
         $db->sql_query("update " . $prefix . "_authors set counter=counter+1 where aid='$newaid'");
       }
       Header("Location: ".$admin_file.".php?op=deladminconf&del_aid=$del_aid");
    break;

    case "deladminconf":
       $del_aid = trim($del_aid);
       $db->sql_query("delete from " . $prefix . "_authors where aid='$del_aid' AND name!='God'");
       $result = $db->sql_query("SELECT mid, admins FROM ".$prefix."_modules");
       while ($row = $db->sql_fetchrow($result)) {
            $admins = explode(",", $row[admins]);
            $adm = "";
            for ($a=0; $a < sizeof($admins); $a++) {
               if ($admins[$a] != "$del_aid" AND $admins[$a] != "") {
               $adm .= "$admins[$a],";
               }
            }
            $db->sql_query("UPDATE ".$prefix."_modules SET admins='$adm' WHERE mid='$row[mid]'");
       }
       Header("Location: ".$admin_file.".php?op=mod_authors");
    break;

}

} else {
    echo "Access Denied";
}

?>
 
peace
PostPosted: Wed Mar 02, 2005 10:38 pm Reply with quote

thank you chat

but didnt work i still have a blank page when hit edit admins Sad
 
peace
PostPosted: Fri Mar 04, 2005 4:59 pm Reply with quote

is there anything that i can try plz
 
chatserv
PostPosted: Fri Mar 04, 2005 5:17 pm Reply with quote

email me the file

chatserv at ravenphpscripts dot com
 
peace
PostPosted: Fri Mar 04, 2005 5:25 pm Reply with quote

done chat ty
 
chatserv
PostPosted: Fri Mar 04, 2005 5:57 pm Reply with quote

Sent back
 
peace
PostPosted: Fri Mar 04, 2005 6:15 pm Reply with quote

ty chat it works now

mine was 25 kb now its now 23.4 wow i see how much i suck Sad
 
southern
Client


Joined: Jan 29, 2004
Posts: 591
Location: Texas

PostPosted: Wed Apr 06, 2005 12:11 pm Reply with quote

chatserv wrote:
Nuke Patched 2.8 does have Tech's fix as does 2.9 which is now available for Nuke 7.4 through 7.6


Does 7.1 patched 2.9 have this fix? I ask cause I've added the mainfile.php and sentinel.php codes as above and I still get a blank Forums admin. If not I'll do the techgfx fixes.

_________________
Computer Science is no more about computers than astronomy is about telescopes.
- E. W. Dijkstra 
View user's profile Send private message Visit poster's website MSN Messenger ICQ Number
chatserv
PostPosted: Wed Apr 06, 2005 1:19 pm Reply with quote

It's best that you check into them manually, 7'1's patch had not been updated with much back then.
 
southern
PostPosted: Wed Apr 06, 2005 1:27 pm Reply with quote

OK, manually. Thanks. Eventually I'll prob'ly put on a later version but for now it's 7.1 w/2.9.
 
southern
PostPosted: Wed Apr 06, 2005 1:38 pm Reply with quote

AndyB wrote:
I'm told by one of the admin that IPTracking doesn't work again (I'll probably need to ammend eiter my header or footer- can't remember which)


The IP Tracking line goes in includes/counter.php just before the closing tag:
Code:


include_once("modules/IP_Tracking/iptracking.php");

?>

It's MS Analysis that goes in footer.php. Smile
 
Lucifer
New Member
New Member


Joined: Apr 12, 2005
Posts: 10

PostPosted: Tue Apr 12, 2005 4:36 pm Reply with quote

Ok, i've read all of this thread, and tried everything. i am using nuke 7.6 no patches, at the start i was just seeing a blank page when i click on forums in admin, now i see this:

Warning: main(config.php): failed to open stream: No such file or directory in /usr/export/www/hosting/xclan/includes/nukesentinel.php on line 37

Fatal error: main(): Failed opening required 'config.php' (include_path='.:') in /usr/export/www/hosting/xclan/includes/nukesentinel.php on line 37

I have made change to /includes/nukesentinel.php (the changes shown on the last page for /includes/sentinel.php) and mainfile.php (also shown on the last page of this thread)

I am using the newest version of Sentinel, please help.
 
View user's profile Send private message
GeoffM
New Member
New Member


Joined: May 19, 2004
Posts: 21
Location: Bellingham, WA.

PostPosted: Sun May 01, 2005 3:48 pm Reply with quote

Gonna revist this with you CS,

no ADMIN in Forums Blank Page ect

PNP 7.6.0 with several Fixes from TechGFX

installed from nukeplatium.it PHPbb 2.0.11 -> 2.0.13 then 2.0.13 ->2.0.14

No sentinel entries as describe in form

cleared nuke_sessions

deleted local cookies

looked at mainfile.php

forums/session.php

and several others

looking at all solutions

_________________
Webmaster Only registered users can see links on this board! Get registered or login! Only registered users can see links on this board! Get registered or login! Only registered users can see links on this board! Get registered or login! Only registered users can see links on this board! Get registered or login!

All Sites use PHP-Nuke 7.3 and up 
View user's profile Send private message Visit poster's website
chatserv
PostPosted: Sun May 01, 2005 3:57 pm Reply with quote

You say you upgraded from 2.0.11 to 2.0.13, did you skip 2.0.12? because if you did that might cause problems, BBtoNuke is only released as an upgrade pack meaning only changed files are included not all files. The blank admin page in the forums so far is often the result of files having in the $forum_admin instead of the FORUM_ADMIN define
 
GeoffM
PostPosted: Sun May 01, 2005 5:22 pm Reply with quote

Yes the Update Pakages from nukeplat** dot it - "phpBBupgrade2011-2013_ITA.zip" (with english files) and "Upgrade Platinum Forum phpBB 213 to 214.zip" According to this - Only registered users can see links on this board! Get registered or login!

This was the right method
 
Display posts from previous:       
This forum is locked: you cannot post, reply to, or edit topics.   This topic is locked: you cannot edit posts or make replies.    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ Bug Reports

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©