File: /var/www/web37/htdocs/top100-kaviar/admin/validate.php
<?php
############################################
### Top-XL - Validate Users validate.php 
############################################
/// 1. You are NOT entiteld to rent, lease, transfer, reproduce or distribute this Software.
/// 2. You are entiteld to adapt, and modify the Software to your need.
/// 3. You can use this Script on all of YOUR Domains.
/// 4. Any modification or removal to the links in the footer and member area shall terminate this license immediately .
/// 5. The Script has been tested on different Servers and found free of any notable errors by the author. The Author shall not in any case be liable for any special, incidental indirect or other similar damages arising from the use of this Script.
/// 6. Author: Simon Zehender - Contact: https://www.paddelberg.de
////////////////////////////////////////////
////////////////////////////////////////////
if ($scriptpath!=$_SERVER['DOCUMENT_ROOT'])
	{echo "Are you looking for something?";exit;}
$start = !empty ($_GET["start"]) && is_numeric ($_GET["start"]) ? safety ($_GET["start"]) : 0;
$show = !empty ($_GET["show"]) ? safety ($_GET["show"]) : '';
$sorter =!empty ($_GET["sorter"]) ?  safety ($_GET["sorter"]) : '';
$_POST["accountsspersite"] = !empty ($_POST["accountsspersite"]) ? safety ($_POST["accountsspersite"]) : '';
$accountsspersite = check_accountspersite ($_POST["accountsspersite"], $config['linkspersite'], $show);
if (!empty ($_POST['submit']))
	{
	$ids = safety(trim($_POST["ids"]));
	$ids = substr($ids, 0, -1);
	$ids = explode(",",$ids);
	$max = (count($ids));
	for ($i= 0; $i<=$max; $i++) //schleife für jede id
		{
		$status = $_POST[$ids[$i]];
		if ($status == "no") /// freischalten
			{
			$db -> query ("SELECT newentry,lang FROM ".$topxl_user_table." WHERE id=".$ids[$i]);
			$checknewrow = $db -> fetch ();
			if ($checknewrow["newentry"] == "yes")
				{
				$validationdate = time();
				$db -> query ("Update ".$topxl_user_table." SET active='yes',newentry='no',validationdate='".$validationdate."' WHERE id=".$ids[$i]);
				}
			else
				{$db -> query ("Update ".$topxl_user_table." SET active='yes' WHERE id=".$ids[$i]);}
			$validationholder = $ids[$i]."_validationmail";
			$validationmail = safety($_POST[$validationholder]);
			if ($validationmail == "yes")
				{
				$db -> query ("SELECT email,url FROM ".$topxl_user_table." WHERE id=".$ids[$i]);
				$mailgetrows = $db -> fetch ();
				if (file_exists("../lang/members-".$mailgetrows["lang"].".php"))
					{include("../lang/members-".$mailgetrows["lang"].".php");}
				else 
					{include("../lang/members-".$config['stanlang'].".php");}
				$bodytextholder = $ids[$i]."_validationmailbody";
				$bodytext = safety ($_POST[$bodytextholder]);
				/// send mail to user
				$subject = $text_youraccountactivated;
				$body = $text_youraccountactivated."\n".$config['topsiteurl']."\n".$text_accountid.": ".$ids[$i]."\n".$text_url." ".$mailgetrows['url']."\n\n".stripslashes ($bodytext)."\n\n".$config['mailpromo']."\n\n".stripslashes ($commercialmailtext);
				$body  = strip_tags($body);
				mail($mailgetrows['email'],$subject,$body,"From: ".$config['adminmail']."\nReply-To: ".$config['adminmail']);
				include("../lang/members-".get_lang_file($langget,$config['stanlang'],$config['langs'],$config['langdetect']).".php");
				}
			}
		elseif ($status == "yes")
			{
			$validationholder = $ids[$i]."_validationmail";
			$validationmail = safety($_POST["$validationholder"]);
			if ($validationmail == "yes")
				{				
				$db -> query ("SELECT email,url,lang FROM ".$topxl_user_table." WHERE id=".$ids[$i]);
				$mailgetrows = $db -> fetch ();	
			
				if (file_exists("../lang/members-".$mailgetrows["lang"].".php"))
					{include("../lang/members-".$mailgetrows["lang"].".php");}
				else 
					{include("../lang/members-".$config['stanlang'].".php");}
				$bodytextholder = $ids[$i]."_validationmailbody";
				$bodytext = safety ($_POST[$bodytextholder]);
				/// send mail to user
				$subject = $text_youraccountnotactivated;
				$body = $text_youraccountnotactivated."\n".$config['topsiteurl']."\n".$text_accountid.": ".$ids[$i]."\n".$text_url." ".$mailgetrows['url']."\n\n".stripslashes ($bodytext)."\n\n".$config['mailpromo']."\n\n".stripslashes ($commercialmailtext);
				$body  = strip_tags($body);
				mail($mailgetrows['email'],$subject,$body,"From: ".$config['adminmail']."\nReply-To: ".$config['adminmail']);
				include("../lang/members-".get_lang_file($langget,$config['stanlang'],$config['langs'],$config['langdetect']).".php");
				}				
			}
		}
	header ("Location: index.php?do=validate&sorter=".$sorter."&start=".$start."&accountsspersite=".$accountsspersite);
	exit;
	}
/// normaler aufruf
$fromsite = "validate";
$sortid = "idasc";
$sorttitle = "titleasc";
$sortin = "indesc";
$sortout = "outdesc";
if ($sorter == "iddesc")
	{$sqlholder = "ORDER BY id DESC";}
elseif ($sorter == "titledesc")
	{$sqlholder = "ORDER BY title DESC";}
elseif ($sorter == "titleasc")
	{
	$sqlholder = "ORDER BY title ASC";
	$sorttitle = "titledesc";
	}
elseif ($sorter == "indesc")
	{
	$sqlholder = "ORDER BY hitin DESC";
	$sortin = "inasc";
	}		
elseif ($sorter == "inasc")
	{$sqlholder = "ORDER BY hitin ASC";}
elseif ($sorter == "outdesc")
	{
	$sqlholder = "ORDER BY hitout DESC";
	$sortout = "outasc";
	}		
elseif ($sorter == "outasc")
	{$sqlholder = "ORDER BY hitout ASC";}
else
	{
	$sqlholder = "ORDER BY id ASC";
	$sortid = "iddesc";
	}
//// user aus user table arusholen
$db -> query ("SELECT COUNT(id) as cnt FROM ".$topxl_user_table." WHERE active='no'"); 
$row = $db -> fetch ();
$allusers = $row["cnt"];
$db -> query ("SELECT COUNT(id) as cnt FROM ".$topxl_user_table." WHERE active='yes'"); 
$row = $db -> fetch ();
$aktivecount = $row["cnt"];
//// user aus usertable minus aktive user aus stats table
$allusers = $allusers-$aktivecount;
$menu = '';
// the page-forward and backward links, and the pages to click on
if ($allusers > $accountsspersite)
	{
	$max = $allusers/$accountsspersite;
	$max = ceil($max);
	$next = 0;
	for($i = 0; $i < $max; $i++)
		{
		if ($next == $start)
			{$menu .= "";}
		else
			{
			if ($next == "0")
				{$menu .= "<a href=\"index.php?do=validate&sorter=".$sorter."&accountsspersite=".$accountsspersite."\"><b>1</b></a> ";}			
			else
				{
				$nextsite = $i+1;
				$menu .= "<a href=\"index.php?do=validate&start=".$next."&accountsspersite=".$accountsspersite."&sorter=".$sorter."\"><b>".$nextsite."</b></a> ";
				}
			}
		$next = $next+$accountsspersite;
		}
	}
$next = $start;
$main_content = "
<table width=\"874\" border=\"0\" cellpadding=\"0\" cellspacing=\"1\" bgcolor=\"#CCCCCC\">
	<tr>
		<td height=\"35\" colspan=\"7\" bgcolor=\"#FFFFFF\" class=\"top\"><strong class=\"heading\">".$text_validateuserse."</strong></td>
	</tr>
	<form name=\"form1\" method=\"post\" action=\"index.php?do=validate&sorter=".$sorter."&start=".$start."\">
	<tr>
		<td height=\"35\" colspan=\"7\" bgcolor=\"#FFFFFF\" class=\"top\" style=\"padding:0px;\">
			<table width=\"872\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">
				<tr>
					<td height=\"20\" width=\"427\" bgcolor=\"#FFFFFF\" align=\"left\" valign=\"middle\" class=\"top\" style=\"border-right:1px solid #CCCCCC;\">
					<a href=\"index.php?do=search\"><strong>".$text_searchaccount."</strong></a> 
					</td>
					<td width=\"269\" bgcolor=\"#FFFFFF\" align=\"center\" valign=\"middle\">
					<strong>".$text_show."</strong>
					<input type=\"text\" name=\"accountsspersite\" value=\"".$accountsspersite."\" style=\"width:25px;height:16px;\"> <strong>".$text_persite."</strong> 
					<input name=\"submit\" type=\"submit\" class=\"submitbuton\" value=\"".$text_submit."\" style=\"width:80px;height:22px;\"> 
					</td>  
					<td width=\"183\" bgcolor=\"#FFFFFF\" align=\"left\" valign=\"middle\" class=\"top\" style=\"border-left:1px solid #CCCCCC;\">
					<strong>".$text_sitemenu."</strong> ".$menu."
					</td>
				</tr>
			</table>
		</td>
	</tr>
	</form>
	<form name=\"form1\" method=\"post\" action=\"index.php?do=validate&accountsspersite=".$accountsspersite."&sorter=".$sorter."&start=".$start."\">
	<tr>
		<td width=\"40\" bgcolor=\"#E4E4E4\" align=\"right\">
		<a href=\"index.php?do=validate&accountsspersite=".$accountsspersite."&sorter=".$sortid."\">".$text_id."</a></td>
		<td width=\"509\" bgcolor=\"#E4E4E4\" align=\"center\">
		<a href=\"index.php?do=validate&accountsspersite=".$accountsspersite."&sorter=".$sorttitle."\">".$text_titledesc."</a></td>
		<td width=\"35\" bgcolor=\"#E4E4E4\" align=\"right\">
		<a href=\"index.php?do=validate&accountsspersite=".$accountsspersite."&sorter=".$sortin."\">".$text_in."</a></td>
		<td width=\"40\" bgcolor=\"#E4E4E4\" align=\"right\">
		<a href=\"index.php?do=validate&accountsspersite=".$accountsspersite."&sorter=".$sortout."\">".$text_out."</a></td>
		<td width=\"162\" bgcolor=\"#E4E4E4\" align=\"right\">".$text_validationmail."</td>
		<td width=\"55\" bgcolor=\"#E4E4E4\" align=\"center\">".$text_status."</td>
		<td width=\"25\" bgcolor=\"#E4E4E4\" align=\"center\">".$text_edit."</td>
	</tr>";
$rank = $start;
$bannershow = "0";
$rowmarker = 0;
$ids = '';
$db2 = new db ($mysqli_config);
$db2 -> connect ();
$db -> query ("SELECT * FROM ".$topxl_user_table." WHERE active='no' ".$sqlholder." LIMIT ".$start.",".$accountsspersite);
while($usergetrows = $db -> fetch ())
	{
	$rowmarker++;
	if ($rowmarker == 2)
		{$tdbgcolor = "bgcolor=\"#F7F7F7\"";$rowmarker = 0;}
	else
		{$tdbgcolor = "bgcolor=\"#FFFFFF\"";}
	$ids .= $usergetrows['id'].",";
	$rank++;
	$bannershow++;
	$main_content .= "
	<tr>
		<td $tdbgcolor align=\"center\" valign=\"middle\" height=\"45\" rowspan=\"2\">";
		if ($usergetrows['newentry'] == "yes")
			{$main_content .= "<span style=\"font-weight:bolder;\" class=\"error\">".$usergetrows['id']."</span>";}
		else
			{$main_content .= $usergetrows['id'];}
		$main_content .= "
		</td>
		<td $tdbgcolor align=\"center\" valign=\"top\" rowspan=\"2\"><a href=\"".stripslashes ($usergetrows['url'])."\" title=\"".$usergetrows['id']." ".stripslashes ($usergetrows['title'])."\" target=\"_blank\" class=\"titlelink\"><strong>".$usergetrows['title']."</strong></a><br>";
	if ($config['showbanner'] == "yes")
		{
		$main_content .= "<a href=\"".$usergetrows['url']."\" target=\"_blank\"><img width=\"468\" height=\"60\" src=\"".stripslashes ($usergetrows['bannerurl'])."\" alt=\"".$usergetrows['id']." ".stripslashes ($usergetrows['title'])."\" border=\"0\" class=\"banner\" vspace=\"4\" hspace=\"4\"></a>";
		}
	$timelimit = time()-$config['resettime'];
	$db2 -> query ("SELECT id FROM ".$topxl_hits_table." WHERE timestamp>'".$timelimit."' and validin='no-notactive' and siteid='".$usergetrows['id']."'");
	$inacthits = $db2 -> fetch ();
	$main_content .= "
		<div align=\"justify\" class=\"description\">".$usergetrows['description']."<br>".$text_joindate.": ".$usergetrows['joindate']."   <a href=\"".stripslashes ($usergetrows['reciprocal'])."\" target=\"_blank\">".$text_reftype."</a></div></td>
		<td ".$tdbgcolor." align=\"center\" valign=\"middle\" rowspan=\"2\">
		(".$inacthits.")<br><br>".$usergetrows['hitin']."<br>".$usergetrows['hitintotal']."</td>
		<td ".$tdbgcolor." align=\"center\" valign=\"middle\" rowspan=\"2\">
		<br><br>".$usergetrows['hitout']." <br>".$usergetrows['hitouttotal']."</td>
		<td ".$tdbgcolor." align=\"right\">".$text_sendemailtouser."   
		<select name=\"".$usergetrows['id']."_validationmail\">
		<option value=\"no\">".$text_no."</option>
		<option value=\"yes\">".$text_yes."</option>
		</select>
		</td>
		<td ".$tdbgcolor." align=\"right\" rowspan=\"2\">
		<select name=\"".$usergetrows['id']."\">
		<option value=\"yes\">".$text_yes."</option>
		<option value=\"no\">".$text_no."</option>
		</select>
		</td>
		<td ".$tdbgcolor." align=\"center\" rowspan=\"2\"><a href=\"index.php?do=editaccount&id=".$usergetrows['id']."&fromsite=".$fromsite."\">".$text_edit."</a><br><a href=\"".$config['topsiteurl']."/members/index.php?do=main&id=".$usergetrows['id']."\" target=\"_blank\">".$text_show."</a><br><a href=\"index.php?do=delete&id=".$usergetrows['id']."&fromsite=".$fromsite."\">".$text_del."</a></td>
	</tr>
	<tr>
		<td ".$tdbgcolor." align=\"right\" height=\"40\"><textarea name=\"".$usergetrows['id']."_validationmailbody\" class=\"textarea2\"></textarea></td>
	</tr>";
	}
$main_content .= "
		<tr>
			<td height=\"42\" colspan=\"7\" bgcolor=\"#FFFFFF\" align=\"right\"><input type=\"hidden\" name=\"ids\" value=\"".$ids."\"><input name=\"submit\" type=\"submit\" class=\"submitbuton\" value=\"".$text_submit."\"></td>
		</tr>
	</form>
</table>";
/// Template 
if(!file_exists($file))
	{echo "The template ".$file." does not exist."; exit;}
$fp1 = fopen($file,"r");  
$zeile = fread ($fp1, filesize ($file));
include("template.php");
echo $zeile;
exit;
?>